Re: [libvirt] [PATCH 6/6] security_selinux: Play nicely with network FS that only emulates SELinux

On Thu, Aug 22, 2019 at 05:19:09PM +0200, Michal Privoznik wrote: There are some network file systems that do support XATTRs (e.g. gluster via FUSE). And they appear to support SELinux too. However, not really. Problem is, that it is impossible to change SELinux label of a file stored there, and

[libvirt] [PATCH 6/6] security_selinux: Play nicely with network FS that only emulates SELinux

There are some network file systems that do support XATTRs (e.g. gluster via FUSE). And they appear to support SELinux too. However, not really. Problem is, that it is impossible to change SELinux label of a file stored there, and yet we claim success (rightfully - hypervisor succeeds in opening th