[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] None seclabel question



On Tue, Sep 04, 2012 at 11:14:35 +0100, Daniel P. Berrange wrote:
> On Tue, Sep 04, 2012 at 12:00:33PM +0200, Jiri Denemark wrote:
> 
> I don't think that description of existing behaviour is accurate. With old
> libvirt you have one <seclabel> (for SELinux/AppArmour), but secretly there
> are 2 security drivers (SELinux/AppArmour + DAC). Setting type=none for
> the seclabel only meant that the SELinux/AppArmour drivers ran the guest
> unconfined. The second (DAC) driver would still be applied to the guest
> making it run unprivileged/confined.

Isn't DAC still applied in the same way?

> What actual problem have you seen with upgrades ?

I don't see any actual problem, I'm just trying to think about them :-) Let's
say there's a domain running with <seclabel type='none'/> while libvirtd is
upgraded and reconfigured to enable more seclabels by default (a very
theoretical example could be [ "selinux", "apparmor" ]. I think neither
selinux nor apparmor labeling should be applied for that domain. Or am I
wrong?

Jirka


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]