[libvirt] [PATCHv4 01/21] security: Don't skip labelling for network disks
Peter Krempa
pkrempa at redhat.com
Wed Jun 11 11:45:11 UTC 2014
A network disk might actually be backed by local storage. Also the path
iterator actually handles networked disks well now so remove the code
that skips the labelling in dac and selinux security driver.
---
src/security/security_dac.c | 3 ---
src/security/security_selinux.c | 3 ---
2 files changed, 6 deletions(-)
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index 015b699..9d5c25b 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -333,9 +333,6 @@ virSecurityDACSetSecurityImageLabel(virSecurityManagerPtr mgr,
if (!priv->dynamicOwnership)
return 0;
- if (virDomainDiskGetType(disk) == VIR_STORAGE_TYPE_NETWORK)
- return 0;
-
secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
if (secdef && secdef->norelabel)
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index 008c58c..228e5cb 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1255,9 +1255,6 @@ virSecuritySELinuxSetSecurityImageLabel(virSecurityManagerPtr mgr,
if (!cbdata.secdef || cbdata.secdef->norelabel)
return 0;
- if (virDomainDiskGetType(disk) == VIR_STORAGE_TYPE_NETWORK)
- return 0;
-
return virDomainDiskDefForeachPath(disk,
true,
virSecuritySELinuxSetSecurityFileLabel,
--
1.9.3
More information about the libvir-list
mailing list