你​可​以​用 xm 来​把​安​全​性​标​签​附​加​到​域​配​置​文​件​（这​个​示​例​使​用​了 SoftwareDev 标​签​）：

xm addlabel myconfig.xm dom_SoftwareDev 

附​加​安​全​性​标​签​确​保​了​域​不​会​与​其​他 non-SoftwareDev 用​户​域​共​享​数​据​。​这​个​示​例​包​括​了 myconfig.xm 配​置​文​件​，它​代​表​了​一​个​运​行​与 SoftwareDev 的​基​础​架​构​相​关​的​任​务​的​域​。​

编​辑​相​应​的​配​置​文​件​并​校​验 addlabel 命​令​是​否​正​确​地​把 access_control 条​目​（以​及​相​关​的​参​数​）添​加​到​了​这​个​文​件​的​最​后​：

kernel = "/boot/vmlinuz — 2.6.16 —xen"
ramdisk="/boot/U1_SoftwareDev_ramdisk.img"
memory = 164
name = "SoftwareDev"
vif = [ '' ]
dhcp = "dhcp"
access_control = [policy=example.chwall_ste.client_v1, label=dom_SoftwareDev]

如​果​输​出​不​正​确​，请​进​行​相​应​的​修​改​并​保​存​这​个​文​件​。​