Re: [libvirt] /var/lib/libvirt/qemu permissions are wrong
On Fri, Jan 10, 2014 at 08:11:32AM -0200, Marcelo Cerri wrote:
Thanks Richard,
I agree with you. Do you have any suggestion how this should be
implemented? My first impression is that the virSecurityManager*
internal API should be extended to support that.
The current code in qemu_process.c already uses
virSecurityManagerSetDaemonSocketLabel() and
virSecurityManagerClearSocketLabel() to set the correct SELinux context.
However they can't be used to add similar functionality to DAC driver.
I've not looked at this code for ages, so you're in a better
position to judge this.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
libguestfs lets you edit virtual machines. Supports shell scripting,
bindings from many languages. http://libguestfs.org