mirror of
https://github.com/libvirt/libvirt.git
synced 2025-02-25 18:55:26 -06:00
d869a6ea03
https://bugzilla.redhat.com/show_bug.cgi?id=1027096#c8 There are two ways in which security model can make it way into <seclabel/>. One is as the @model attribute, the second one is via security_driver knob in qemu.conf. Then, while parsing <seclabel/> several checks and fix ups of old, stale combinations are performed. However, iff @model is specified. They are not done in the latter case. So it's still possible to feed libvirt with senseless combinations (if qemu.conf is adjusted correctly). One example of a seclabel that needs some adjustment (in case security_driver=none in qemu.conf) is: <seclabel type='dynamic' relabel='yes'/> The fixup code is copied from virSecurityLabelDefParseXML (covering the former case) into virSecurityLabelDefsParseXML (which handles the latter case). Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
LibVirt : simple API for virtualization
Libvirt is a C toolkit to interact with the virtualization capabilities
of recent versions of Linux (and other OSes). It is free software
available under the GNU Lesser General Public License. Virtualization of
the Linux Operating System means the ability to run multiple instances of
Operating Systems concurrently on a single hardware system where the basic
resources are driven by a Linux instance. The library aim at providing
long term stable C API initially for the Xen paravirtualization but
should be able to integrate other virtualization mechanisms if needed.
Daniel Veillard <veillard@redhat.com>