[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Libguestfs] [PATCH 0/7] Fix SELinux security contexts so we can access shared disks (RHBZ#912499).



https://bugzilla.redhat.com/show_bug.cgi?id=912499
(especially comments 7 & 10)

This patch set is the final fix so that we can access disks in use by
other guests when SELinux and sVirt are enabled.

Previously such disks were inaccessible because sVirt labels the disks
with a random SELinux label to prevent other instances of qemu from
being able to read them.  So naturally the libguestfs appliance
(ie. qemu) cannot read these disks, not even if it is running as root.

The fix is to read that SELinux label from libvirt, then label the
libguestfs appliance the same way, so it can access the disks.

This is done by modifying the guestfs_add_domain call so that it reads
the label from libvirt, and passes the label through to the libvirt
back end which uses it when creating the appliance.  It's actually a
bit more complex than this because we have to label the overlay disks
and the appliance disk correctly.

These patches are only the final part of the whole fix.  I have
already pushed fixes to virt-df and virt-alignment-scan (34e77af1bf +
6e3aab2f0c + several dependent commits) so that these tools now use
just one appliance per guest, allowing us to label that appliance
correctly, because if an appliance is attached to multiple guests then
there is no single label that could be used.

As a result of the total complexity of this fix, I very much doubt
that it can be backported to 1.20.

Rich.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]