Re: [libvirt] [PATCHv4 01/21] security: Don't skip labelling for network disks
On 06/11/14 19:26, Eric Blake wrote: On 06/11/2014 05:45 AM, Peter Krempa wrote: A network disk might actually be backed by local storage. Also the path iterator actually handles networked disks well now so remove the code that skips the labelling in dac and selinux security driver. --- src/security/security_dac.c | 3 --- src/security/security_selinux.c | 3 --- 2 files changed, 6 deletions(-) ACK. Pushed; Thanks. Peter signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCHv4 01/21] security: Don't skip labelling for network disks
A network disk might actually be backed by local storage. Also the path iterator actually handles networked disks well now so remove the code that skips the labelling in dac and selinux security driver. --- src/security/security_dac.c | 3 --- src/security/security_selinux.c | 3 --- 2 files changed, 6 deletions(-) diff --git a/src/security/security_dac.c b/src/security/security_dac.c index 015b699..9d5c25b 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -333,9 +333,6 @@ virSecurityDACSetSecurityImageLabel(virSecurityManagerPtr mgr, if (!priv-dynamicOwnership) return 0; -if (virDomainDiskGetType(disk) == VIR_STORAGE_TYPE_NETWORK) -return 0; - secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME); if (secdef secdef-norelabel) diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c index 008c58c..228e5cb 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -1255,9 +1255,6 @@ virSecuritySELinuxSetSecurityImageLabel(virSecurityManagerPtr mgr, if (!cbdata.secdef || cbdata.secdef-norelabel) return 0; -if (virDomainDiskGetType(disk) == VIR_STORAGE_TYPE_NETWORK) -return 0; - return virDomainDiskDefForeachPath(disk, true, virSecuritySELinuxSetSecurityFileLabel, -- 1.9.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCHv4 01/21] security: Don't skip labelling for network disks
On 06/11/2014 05:45 AM, Peter Krempa wrote: A network disk might actually be backed by local storage. Also the path iterator actually handles networked disks well now so remove the code that skips the labelling in dac and selinux security driver. --- src/security/security_dac.c | 3 --- src/security/security_selinux.c | 3 --- 2 files changed, 6 deletions(-) ACK. -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list