On Sun, Dec 24, 2017 at 4:20 PM, Richard W.M. Jones <[email protected]> wrote:
> On Sun, Dec 24, 2017 at 03:59:33PM +0200, Yaniv Kaul wrote: > > On Sun, Dec 24, 2017 at 3:49 PM, Richard W.M. Jones <[email protected]> > > wrote: > > > > > On Sun, Dec 24, 2017 at 02:15:44PM +0200, Yaniv Kaul wrote: > > > > I'm copying a file into a VM using virt-copy-in - which is great, > but the > > > > file is wrongly labeled. > > > > How can I fix that? > > > > > > Hi Yaniv, > > > > > > The easiest thing is to run this after doing the virt-copy-in: > > > > > > virt-customize -a disk.img --selinux-relabel > > > > > > which will run this code: > > > > > > https://github.com/libguestfs/libguestfs/blob/master/ > > > customize/SELinux_relabel.ml#L27 > > > > > > That requires an extra launch of the appliance, so if you were very > > > concerned about doing this most efficiently then you could do > > > something like this instead: > > > > > > guestfish -a disk.img -i <<EOF > > > copy-in files [...] /target/dir > > > selinux-relabel /etc/selinux/targeted/contexts/files/file_contexts > / force:true > > In case it's not clear, this parameter > ^^^ > controls the scope of the relabelling, so you can relabel parts of the > filesystem if you want to. It's basically a wrapper around > ‘setfiles’: > > https://github.com/libguestfs/libguestfs/blob/ > dab065a8eed6c6d8d9c53956393566812cfe6a2e/daemon/selinux-relabel.c#L87 > > Rich. > Thanks, I think I'm all good - seems to be working nice[1]. I think a great future feature of guestfish would be to run Ansible-based modules/roles against the VM. All is needed is an IP, inject SSH credentials. Anything else? Y. [1] https://gerrit.ovirt.org/#/c/85715/1/src/ansible/create_target_vm.yml > > -- > Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~ > rjones > Read my programming and virtualization blog: http://rwmj.wordpress.com > Fedora Windows cross-compiler. Compile Windows programs, test, and > build Windows installers. Over 100 libraries supported. > http://fedoraproject.org/wiki/MinGW >
_______________________________________________ Libguestfs mailing list [email protected] https://www.redhat.com/mailman/listinfo/libguestfs
