security: Rename SetSocketLabel APIs to SetDaemonSocketLabel

The APIs are designed to label a socket in a way that the libvirt daemon
itself is able to access it (i.e., in SELinux the label is virtd_t based
as opposed to svirt_* we use for labeling resources that need to be
accessed by a vm). The new name reflects this.
This commit is contained in:
Jiri Denemark 2011-08-26 09:05:57 +02:00
parent b136266d57
commit 4c85d96f27
10 changed files with 29 additions and 28 deletions

View File

@ -904,13 +904,13 @@ virSecurityManagerRestoreAllLabel;
virSecurityManagerRestoreHostdevLabel;
virSecurityManagerRestoreSavedStateLabel;
virSecurityManagerSetAllLabel;
virSecurityManagerSetDaemonSocketLabel;
virSecurityManagerSetImageFDLabel;
virSecurityManagerSetImageLabel;
virSecurityManagerSetHostdevLabel;
virSecurityManagerSetProcessFDLabel;
virSecurityManagerSetProcessLabel;
virSecurityManagerSetSavedStateLabel;
virSecurityManagerSetSocketLabel;
virSecurityManagerVerify;
# sexpr.h

View File

@ -821,7 +821,8 @@ qemuConnectMonitor(struct qemud_driver *driver, virDomainObjPtr vm)
qemuDomainObjPrivatePtr priv = vm->privateData;
int ret = -1;
if (virSecurityManagerSetSocketLabel(driver->securityManager, vm) < 0) {
if (virSecurityManagerSetDaemonSocketLabel(driver->securityManager,
vm) < 0) {
VIR_ERROR(_("Failed to set security context for monitor for %s"),
vm->def->name);
goto error;

View File

@ -578,8 +578,8 @@ AppArmorSetSecurityProcessLabel(virSecurityManagerPtr mgr, virDomainObjPtr vm)
}
static int
AppArmorSetSecuritySocketLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
virDomainObjPtr vm ATTRIBUTE_UNUSED)
AppArmorSetSecurityDaemonSocketLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
virDomainObjPtr vm ATTRIBUTE_UNUSED)
{
return 0;
}
@ -835,7 +835,7 @@ virSecurityDriver virAppArmorSecurityDriver = {
AppArmorSetSecurityImageLabel,
AppArmorRestoreSecurityImageLabel,
AppArmorSetSecuritySocketLabel,
AppArmorSetSecurityDaemonSocketLabel,
AppArmorClearSecuritySocketLabel,
AppArmorGenSecurityLabel,

View File

@ -667,8 +667,8 @@ virSecurityDACGetProcessLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
}
static int
virSecurityDACSetSocketLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
virDomainObjPtr vm ATTRIBUTE_UNUSED)
virSecurityDACSetDaemonSocketLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
virDomainObjPtr vm ATTRIBUTE_UNUSED)
{
return 0;
}
@ -714,7 +714,7 @@ virSecurityDriver virSecurityDriverDAC = {
virSecurityDACSetSecurityImageLabel,
virSecurityDACRestoreSecurityImageLabel,
virSecurityDACSetSocketLabel,
virSecurityDACSetDaemonSocketLabel,
virSecurityDACClearSocketLabel,
virSecurityDACGenLabel,

View File

@ -41,8 +41,8 @@ typedef const char *(*virSecurityDriverGetDOI) (virSecurityManagerPtr mgr);
typedef int (*virSecurityDomainRestoreImageLabel) (virSecurityManagerPtr mgr,
virDomainObjPtr vm,
virDomainDiskDefPtr disk);
typedef int (*virSecurityDomainSetSocketLabel) (virSecurityManagerPtr mgr,
virDomainObjPtr vm);
typedef int (*virSecurityDomainSetDaemonSocketLabel)(virSecurityManagerPtr mgr,
virDomainObjPtr vm);
typedef int (*virSecurityDomainClearSocketLabel)(virSecurityManagerPtr mgr,
virDomainObjPtr vm);
typedef int (*virSecurityDomainSetImageLabel) (virSecurityManagerPtr mgr,
@ -101,7 +101,7 @@ struct _virSecurityDriver {
virSecurityDomainSetImageLabel domainSetSecurityImageLabel;
virSecurityDomainRestoreImageLabel domainRestoreSecurityImageLabel;
virSecurityDomainSetSocketLabel domainSetSecuritySocketLabel;
virSecurityDomainSetDaemonSocketLabel domainSetSecurityDaemonSocketLabel;
virSecurityDomainClearSocketLabel domainClearSecuritySocketLabel;
virSecurityDomainGenLabel domainGenSecurityLabel;

View File

@ -160,11 +160,11 @@ int virSecurityManagerRestoreImageLabel(virSecurityManagerPtr mgr,
return -1;
}
int virSecurityManagerSetSocketLabel(virSecurityManagerPtr mgr,
virDomainObjPtr vm)
int virSecurityManagerSetDaemonSocketLabel(virSecurityManagerPtr mgr,
virDomainObjPtr vm)
{
if (mgr->drv->domainSetSecuritySocketLabel)
return mgr->drv->domainSetSecuritySocketLabel(mgr, vm);
if (mgr->drv->domainSetSecurityDaemonSocketLabel)
return mgr->drv->domainSetSecurityDaemonSocketLabel(mgr, vm);
virSecurityReportError(VIR_ERR_NO_SUPPORT, __FUNCTION__);
return -1;

View File

@ -53,8 +53,8 @@ bool virSecurityManagerGetAllowDiskFormatProbing(virSecurityManagerPtr mgr);
int virSecurityManagerRestoreImageLabel(virSecurityManagerPtr mgr,
virDomainObjPtr vm,
virDomainDiskDefPtr disk);
int virSecurityManagerSetSocketLabel(virSecurityManagerPtr mgr,
virDomainObjPtr vm);
int virSecurityManagerSetDaemonSocketLabel(virSecurityManagerPtr mgr,
virDomainObjPtr vm);
int virSecurityManagerClearSocketLabel(virSecurityManagerPtr mgr,
virDomainObjPtr vm);
int virSecurityManagerSetImageLabel(virSecurityManagerPtr mgr,

View File

@ -53,8 +53,8 @@ static int virSecurityDomainRestoreImageLabelNop(virSecurityManagerPtr mgr ATTRI
return 0;
}
static int virSecurityDomainSetSocketLabelNop(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
virDomainObjPtr vm ATTRIBUTE_UNUSED)
static int virSecurityDomainSetDaemonSocketLabelNop(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
virDomainObjPtr vm ATTRIBUTE_UNUSED)
{
return 0;
}
@ -171,7 +171,7 @@ virSecurityDriver virSecurityDriverNop = {
virSecurityDomainSetImageLabelNop,
virSecurityDomainRestoreImageLabelNop,
virSecurityDomainSetSocketLabelNop,
virSecurityDomainSetDaemonSocketLabelNop,
virSecurityDomainClearSocketLabelNop,
virSecurityDomainGenLabelNop,

View File

@ -1066,8 +1066,8 @@ SELinuxSetSecurityProcessLabel(virSecurityManagerPtr mgr,
}
static int
SELinuxSetSecuritySocketLabel(virSecurityManagerPtr mgr,
virDomainObjPtr vm)
SELinuxSetSecurityDaemonSocketLabel(virSecurityManagerPtr mgr,
virDomainObjPtr vm)
{
/* TODO: verify DOI */
const virSecurityLabelDefPtr secdef = &vm->def->seclabel;
@ -1312,7 +1312,7 @@ virSecurityDriver virSecurityDriverSELinux = {
SELinuxSetSecurityImageLabel,
SELinuxRestoreSecurityImageLabel,
SELinuxSetSecuritySocketLabel,
SELinuxSetSecurityDaemonSocketLabel,
SELinuxClearSecuritySocketLabel,
SELinuxGenSecurityLabel,

View File

@ -339,15 +339,15 @@ virSecurityStackGetProcessLabel(virSecurityManagerPtr mgr,
static int
virSecurityStackSetSocketLabel(virSecurityManagerPtr mgr,
virDomainObjPtr vm)
virSecurityStackSetDaemonSocketLabel(virSecurityManagerPtr mgr,
virDomainObjPtr vm)
{
virSecurityStackDataPtr priv = virSecurityManagerGetPrivateData(mgr);
int rc = 0;
if (virSecurityManagerSetSocketLabel(priv->secondary, vm) < 0)
if (virSecurityManagerSetDaemonSocketLabel(priv->secondary, vm) < 0)
rc = -1;
if (virSecurityManagerSetSocketLabel(priv->primary, vm) < 0)
if (virSecurityManagerSetDaemonSocketLabel(priv->primary, vm) < 0)
rc = -1;
return rc;
@ -418,7 +418,7 @@ virSecurityDriver virSecurityDriverStack = {
virSecurityStackSetSecurityImageLabel,
virSecurityStackRestoreSecurityImageLabel,
virSecurityStackSetSocketLabel,
virSecurityStackSetDaemonSocketLabel,
virSecurityStackClearSocketLabel,
virSecurityStackGenLabel,