[libvirt] Problem with the current svirt patch

Daniel J Walsh dwalsh at redhat.com
Mon Mar 16 18:30:24 UTC 2009


On 03/13/2009 11:45 AM, Daniel P. Berrange wrote:
> On Fri, Mar 13, 2009 at 11:03:26AM -0400, Daniel J Walsh wrote:
>> The current svirt patch relabels all disk to the image_t:MCS, which is
>> incorrect.  Read Only Disks and Sharable Disks should not be labeled.
>>
>> Also when libvirt is completed running the image it needs to relabel the
>> image back to something sane.  Right now it is labeling everything
>> imagelabel:s0, including phisical disk partitions.  I considered two
>> ways of labeling the "disk" back.  We can either grab the label when
>> libvirt starts and change it back to this label when ever an image
>> completes or we can ask the system what the label should be.
>> (matcpathcon).  I originally coded up the first, but quickly realized if
>> anything went wrong with libvirt labeling like a crash, the labels on
>> disk could be wrong.  And libvirt would continuously set them to this
>> wrong label.  With matchpathcon, libvirt will at least set them to
>> something sane.
>>
>> So this patch Removes labeling of readonly and shared disks and restores
>> the images label to the system default when the image completes.
>>
>> I would really like to get this in ASAP.  Since currently libvirt is
>> relabeing the cdrom to virt_image_t when it is complete as well as
>> physical disks.
>
> ACK this all looks sane to me.
>
> Daniel
Is this going to be merged in?




More information about the libvir-list mailing list