[virt-tools-list] [virt-install PATCH v2] Support multiple seclabels
Daniel P. Berrange
berrange at redhat.com
Tue Dec 4 15:35:48 UTC 2012
On Mon, Dec 03, 2012 at 03:06:33PM +0100, Martin Kletzander wrote:
> Until now, virt-install supported only one seclabel and it was the
> first one libvirt reported in capabilities. This patch adds support
> for more of them and also adds a functionality to try to match the
> right one from the label given. This is done by checking how many
> colons the label has (precisely said, to how many parts it is split
> by the colons).
> ---
>
> I checked this without label as well as with selinux and DAC labels
> and all worked as expected for me. However DAC labels in libvirt
> 0.10.2 are supported only as uid:gid (e.g. 107:36), but that should be
> handled in upper layers as we cannot know that the user/group exist on
> remote machine. Newer versions of libvirt (>1.0.0) support user:group
> (e.g. qemu:kvm) completely.
>
> v2:
> - Changed according to Cole's suggestions
>
> virtinst/CapabilitiesParser.py | 10 +++++++---
> virtinst/Seclabel.py | 36 ++++++++++++++++++++++++++++++++----
> virtinst/VirtualDisk.py | 8 ++------
> 3 files changed, 41 insertions(+), 13 deletions(-)
ACK, looks like you did the right thing to avoid breaking virt-manager
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the virt-tools-list
mailing list