[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH] sec_manager: Refuse to start domain with unsupported seclabel



On 02.04.2013 18:38, Eric Blake wrote:
> On 04/02/2013 10:07 AM, Michal Privoznik wrote:
>> https://bugzilla.redhat.com/show_bug.cgi?id=947387
>>
>> If a user configures a domain to use a seclabel of a specific type,
>> but the appropriate driver is not accessible, we should refuse to
>> start the domain. For instance, if user requires selinux, but it is
>> either non present in the system, or is just disabled, we should not
>> start the domain. Moreover, since we are touching only those labels we
>> have a security driver for, the other labels may confuse libvirt when
>> reconnecting to a domain on libvirtd restart. In our selinux example,
>> when starting up a domain, missing security label is okay, as we
>> auto-generate one. But later, when libvirt is re-connecting to a live
>> qemu instance, we parse a state XML, where security label is required
>> and it is an error if missing:
>>
>>   error : virSecurityLabelDefParseXML:3228 : XML error: security label
>>   is missing
>>
>> This results in a qemu process left behind without any libvirt control.
>> ---
>>  src/security/security_manager.c | 15 ++++++++++++++-
>>  1 file changed, 14 insertions(+), 1 deletion(-)
> 
> ACK.
> 

Thanks, pushed.

Michal


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]