External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-07-11 12:25:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

security: Set permissions for kernel/initrd

Browse Source 
Fixes URL installs when running virt-install as root on Fedora.
This commit is contained in:
Cole Robinson 2010-03-12 13:38:39 -05:00
parent 6d5c8a8f51
commit 3f1aa08af6
2 changed files with 37 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/qemu/qemu_security_dac.c
View File

@ -332,6 +332,15 @@ qemuSecurityDACRestoreSecurityAllLabel(virDomainObjPtr vm)
vm->def->disks[i]) < 0)
rc = -1;
}
if (vm->def->os.kernel &&
qemuSecurityDACRestoreSecurityFileLabel(vm->def->os.kernel) < 0)
rc = -1;
if (vm->def->os.initrd &&
qemuSecurityDACRestoreSecurityFileLabel(vm->def->os.initrd) < 0)
rc = -1;
return rc;
}
@ -356,6 +365,18 @@ qemuSecurityDACSetSecurityAllLabel(virDomainObjPtr vm)
return -1;
}
if (vm->def->os.kernel &&
qemuSecurityDACSetOwnership(vm->def->os.kernel,
driver->user,
driver->group) < 0)
return -1;
if (vm->def->os.initrd &&
qemuSecurityDACSetOwnership(vm->def->os.initrd,
driver->user,
driver->group) < 0)
return -1;
return 0;
}

16
src/security/security_selinux.c
View File

@ -616,6 +616,14 @@ SELinuxRestoreSecurityAllLabel(virDomainObjPtr vm)
rc = -1;
}
if (vm->def->os.kernel &&
SELinuxRestoreSecurityFileLabel(vm->def->os.kernel) < 0)
rc = -1;
if (vm->def->os.initrd &&
SELinuxRestoreSecurityFileLabel(vm->def->os.initrd) < 0)
rc = -1;
return rc;
}
@ -736,6 +744,14 @@ SELinuxSetSecurityAllLabel(virDomainObjPtr vm)
return -1;
}
if (vm->def->os.kernel &&
SELinuxSetFilecon(vm->def->os.kernel, default_content_context) < 0)
return -1;
if (vm->def->os.initrd &&
SELinuxSetFilecon(vm->def->os.initrd, default_content_context) < 0)
return -1;
return 0;
}