xenbits.xensource.com Git - libvirt.git/commit

author	Daniel P. Berrange <berrange@redhat.com>
	Fri, 24 Jun 2011 09:21:33 +0000 (10:21 +0100)
committer	Daniel P. Berrange <berrange@redhat.com>
	Mon, 4 Jul 2011 10:18:57 +0000 (11:18 +0100)
commit	6321fd979851a29da974823dddd6b2a4a7e43f83
tree	3e24e581fc19af92c84291113923de559cca7a4d	tree
parent	4ebfc42716bfe7f78b996c13183f4d01e5824ebd	commit \| diff

Allow for resource relabelling with static labels

Add a new attribute to the <seclabel> XML to allow resource
relabelling to be enabled with static label usage.

  <seclabel model='selinux' type='static' relabel='yes'>
    <label>system_u:system_r:svirt_t:s0:c392,c662</label>
  </seclabel>

* docs/schemas/domain.rng: Add relabel attribute
* src/conf/domain_conf.c, src/conf/domain_conf.h: Parse
  the 'relabel' attribute
* src/qemu/qemu_process.c: Unconditionally clear out the
  'imagelabel' attribute
* src/security/security_apparmor.c: Skip based on 'relabel'
  attribute instead of label type
* src/security/security_selinux.c: Skip based on 'relabel'
  attribute instead of label type and fill in <imagelabel>
  attribute if relabel is enabled.

docs/schemas/domain.rng		diff \| blob \| blame \| history
src/conf/domain_conf.c		diff \| blob \| blame \| history
src/conf/domain_conf.h		diff \| blob \| blame \| history
src/qemu/qemu_process.c		diff \| blob \| blame \| history
src/security/security_apparmor.c		diff \| blob \| blame \| history
src/security/security_selinux.c		diff \| blob \| blame \| history