On Wed, Jan 12, 2011 at 12:23:02PM -0500, Cole Robinson wrote:
This will help facilitate disabling seclabel for an individual VM.
One
functional change is that the user can now hardcode type='dynamic', but
there was no good reason to deny it anyways.
Signed-off-by: Cole Robinson <crobinso(a)redhat.com>
---
src/conf/domain_conf.c | 34 ++++++++++----------
src/security/security_apparmor.c | 6 ++--
src/security/security_selinux.c | 6 ++--
.../qemuxml2xml-seclabel-dynamic-out.xml | 1 +
4 files changed, 24 insertions(+), 23 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 077a396..e5b89a2 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -4238,28 +4238,28 @@ virSecurityLabelDefParseXML(const virDomainDefPtr def,
goto error;
}
+ p = virXPathStringLimit("string(./seclabel/@model)",
+ VIR_SECURITY_MODEL_BUFLEN-1, ctxt);
+ if (p == NULL) {
+ virDomainReportError(VIR_ERR_XML_ERROR,
+ "%s", _("missing security model"));
+ goto error;
+ }
+
+ def->seclabel.model = virDomainSeclabelModelTypeFromString(p);
+ if (def->seclabel.model < 0) {
+ virDomainReportError(VIR_ERR_XML_ERROR,
+ _("unknown security model '%s'"), p);
+ VIR_FREE(p);
+ goto error;
+ }
+ VIR_FREE(p);
+
/* Only parse details, if using static labels, or
* if the 'live' VM XML is requested
*/
if (def->seclabel.type == VIR_DOMAIN_SECLABEL_STATIC ||
!(flags & VIR_DOMAIN_XML_INACTIVE)) {
- p = virXPathStringLimit("string(./seclabel/@model)",
- VIR_SECURITY_MODEL_BUFLEN-1, ctxt);
- if (p == NULL) {
- virDomainReportError(VIR_ERR_XML_ERROR,
- "%s", _("missing security
model"));
- goto error;
- }
-
- def->seclabel.model = virDomainSeclabelModelTypeFromString(p);
- if (def->seclabel.model < 0) {
- virDomainReportError(VIR_ERR_XML_ERROR,
- _("unknown security model '%s'"),
p);
- VIR_FREE(p);
- goto error;
- }
- VIR_FREE(p);
-
p = virXPathStringLimit("string(./seclabel/label[1])",
VIR_SECURITY_LABEL_BUFLEN-1, ctxt);
if (p == NULL) {
This changes semantics. If the seclabel type is dynamic, then we
want to ignore any kind of 'model' at all, because the model should
automatically become whatever is current active driver. This ensures
that if you change security drivers, then all dynamic VMs will
automatically use the new driver and not be stuck with the model
of the old driver.
Since, we're not supporting per-VM disabled models, I don't think
we need this patch anyway.
Regards,
Daniel