Re: [libvirt-users] How to enable SELinux driver for libvirt?

On 08/21/2014 01:38 AM, Qiang Guan wrote: > Hi guys, > > It seems libvirt disable SELinux driver by default. You need to provide more details to substantiate your claim. What platform are you running on, and what version of libvirt? Did you build it yourself or are you using the pre-built distro version? Fedora-based distributions (and that includes RHEL and CentOS) ship the distro version with SELinux support ON by default. However, actually using SELinux when the support is present depends on your /etc/libvirt/*.conf settings: qemu.conf uses SELinux by default, while lxc.conf has to be manually tweaked to turn on the use of SELinux (that's because proper labeling for an LXC container is a lot more involved). That said, the conf files only give defaults, and it is still possible to do per-domain use of SELinux (the virt-sandbox app is one that always tries to use SELinux labeling when creating LXC guests, regardless of the *.conf defaults). > How to enable SELinux driver for libvirt? If you self-compiled, make sure you had the right devel libraries present to ensure the SELinux support is compiled in. If you are using a distro, you may want to file a support ticket with your distro provider.