Re: [libvirt-users] Stop the relabeling of CD images

----- Original Message ----- > From: Eric Blake <eblake(a)redhat.com&gt; > To: Cristian Ciupitu <cristian.ciupitu(a)yahoo.com&gt; > Cc: libvirt-users <libvirt-users(a)redhat.com&gt; > Sent: Monday, August 19, 2013 11:24 PM > Subject: Re: [libvirt-users] Stop the relabeling of CD images > So maybe this would do it: > > <source file=...> > <seclabel model='selinux' relabel='no'/> > <seclabel model='dac' relabel='no'/> > </source> I've just tried it and the SELinux label is not changed anymore, but the ownership is still changed to qemu:qemu. > I'm also not sure why you think to resort to chattr +i, but if using > that causes libvirt heartburn, maybe we have a bug to fix to be more > tolerant of failed label attempts due to chattr. I resorted to `chattr +i` because I got tired of libvirtd messing with my files even if it wasn't required. The official versions of libvirtd from Fedora 18 or 19 used to complain about not being able to change the files, but the current bleeding edge version hasn't complained (with the XML config from above). To sum it up, SELinux - solved, DAC - not (yet).