[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] [PATCH] security: Re-apply commit ce53382ba28179d3a504b29b4f888b6e130d53f0



Recent changes in the security driver discarded changes that fixed
labeling un-confined guests.
---
 src/security/security_manager.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/security/security_manager.c b/src/security/security_manager.c
index 367f7ad..07f5a9b 100644
--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
@@ -340,10 +340,12 @@ int virSecurityManagerGenLabel(virSecurityManagerPtr mgr,
         }

         if (seclabel->type == VIR_DOMAIN_SECLABEL_DEFAULT) {
-            if (sec_managers[i]->defaultConfined)
+            if (sec_managers[i]->defaultConfined) {
                 seclabel->type = VIR_DOMAIN_SECLABEL_DYNAMIC;
-            else
+            } else {
                 seclabel->type = VIR_DOMAIN_SECLABEL_NONE;
+                seclabel->norelabel = true;
+            }
         }

         if ((seclabel->type == VIR_DOMAIN_SECLABEL_NONE) &&
-- 
1.7.12


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]