[libvirt] We need this patch to mount all tmpfs file systems with the correct context.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Basically within a Secure Linux Container (virt-sandbox) we want all content that the process within the container can write to be labeled the same. We are labeling the physical disk correctly but when we create "RAM" based file systems libvirt is not labeling them, and they are defaulting to tmpfs_t, which will will not allow the processes to write. This patch labels the RAM based file systems correctly. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAlAFiTwACgkQrlYvE4MpobPA1ACghFq3nxmNmHP/WEq1vSwjtoin VFoAnAlxgPISuIPiAPSFUL0CjiiSXDzw =xFCU -----END PGP SIGNATURE-----
On Tue, Jul 17, 2012 at 11:48:12AM -0400, Daniel J Walsh wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Basically within a Secure Linux Container (virt-sandbox) we want all content that the process within the container can write to be labeled the same. We are labeling the physical disk correctly but when we create "RAM" based file systems libvirt is not labeling them, and they are defaulting to tmpfs_t, which will will not allow the processes to write. This patch labels the RAM based file systems correctly.
ACK, I have applied this patch with a few fixes to remove trailing whitespace (don't forget to run 'make syntax-check' before sending patches to catch this kind of thing). Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 We are mounting a tmpfs before mounting the cgroup file systems, we need to make sure this tmpfs is labeled correctly. This patch fixes the problem, Hopefully formatted correctly, it did pass the syntax check. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAlAHERUACgkQrlYvE4MpobMkEwCfRjadP1RmB5YtvkQnwX11KTDN d5kAnjdI6VHNh3v4TopAsEWe73gcT9Ii =V8DO -----END PGP SIGNATURE-----
On Wed, Jul 18, 2012 at 03:40:05PM -0400, Daniel J Walsh wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
We are mounting a tmpfs before mounting the cgroup file systems, we need to make sure this tmpfs is labeled correctly.
This patch fixes the problem, Hopefully formatted correctly, it did pass the syntax check.
ACK, I have applied this one too. Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
On 07/18/2012 01:54 PM, Daniel P. Berrange wrote:
On Wed, Jul 18, 2012 at 03:40:05PM -0400, Daniel J Walsh wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
We are mounting a tmpfs before mounting the cgroup file systems, we need to make sure this tmpfs is labeled correctly.
This patch fixes the problem, Hopefully formatted correctly, it did pass the syntax check.
ACK, I have applied this one too.
But now we have a situation where 'git shortlog' claims two different authors, so we ought to update .mailmap, and possibly AUTHORS. Dan, do you prefer to be listed as "Daniel J Walsh" (commit e001842), "Dan Walsh" (commit 9f5ef4d), or some other spelling? -- Eric Blake eblake@redhat.com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
On Wed, Jul 18, 2012 at 02:05:11PM -0600, Eric Blake wrote:
On 07/18/2012 01:54 PM, Daniel P. Berrange wrote:
On Wed, Jul 18, 2012 at 03:40:05PM -0400, Daniel J Walsh wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
We are mounting a tmpfs before mounting the cgroup file systems, we need to make sure this tmpfs is labeled correctly.
This patch fixes the problem, Hopefully formatted correctly, it did pass the syntax check.
ACK, I have applied this one too.
But now we have a situation where 'git shortlog' claims two different authors, so we ought to update .mailmap, and possibly AUTHORS. Dan, do you prefer to be listed as "Daniel J Walsh" (commit e001842), "Dan Walsh" (commit 9f5ef4d), or some other spelling?
Urgh, sorry for not noticing that. Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
On Wed, Jul 18, 2012 at 02:05:11PM -0600, Eric Blake wrote:
On 07/18/2012 01:54 PM, Daniel P. Berrange wrote:
On Wed, Jul 18, 2012 at 03:40:05PM -0400, Daniel J Walsh wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
We are mounting a tmpfs before mounting the cgroup file systems, we need to make sure this tmpfs is labeled correctly.
This patch fixes the problem, Hopefully formatted correctly, it did pass the syntax check.
ACK, I have applied this one too.
But now we have a situation where 'git shortlog' claims two different authors, so we ought to update .mailmap, and possibly AUTHORS. Dan, do you prefer to be listed as "Daniel J Walsh" (commit e001842), "Dan Walsh" (commit 9f5ef4d), or some other spelling?
Hmm, isn't 'make syntax-check' supposed to catch this, or does it only catch missing email addresses, not missing/different realnames ? Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
On 07/18/2012 02:13 PM, Daniel P. Berrange wrote:
But now we have a situation where 'git shortlog' claims two different authors, so we ought to update .mailmap, and possibly AUTHORS. Dan, do you prefer to be listed as "Daniel J Walsh" (commit e001842), "Dan Walsh" (commit 9f5ef4d), or some other spelling?
Hmm, isn't 'make syntax-check' supposed to catch this, or does it only catch missing email addresses, not missing/different realnames ?
Right now, it only catches missing email addresses. Two name spellings from the same email don't get flagged. It would be nice to fix our syntax-checker to flag it. Or even better, it would be nice to automate the generation of 'AUTHORS' by using an AUTHORS.in template to list just names of current commit rights, then generate a (sorted!) list of all other contributors based on 'git shortlog' results. -- Eric Blake eblake@redhat.com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
participants (3)
-
Daniel J Walsh -
Daniel P. Berrange -
Eric Blake