security: Add virSecurityDomainSetDirLabel

That function can be used for setting security labels on arbitrary
directories.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
(cherry picked from commit f65a2a12f4)
This commit is contained in:
Martin Kletzander 2015-08-17 10:43:43 -07:00 committed by Cole Robinson
parent 6fb8fbad9f
commit 5290876dbc
4 changed files with 27 additions and 0 deletions

View File

@ -1021,6 +1021,7 @@ virSecurityDriverLookup;
# security/security_manager.h
virSecurityManagerCheckAllLabel;
virSecurityManagerClearSocketLabel;
virSecurityManagerDomainSetDirLabel;
virSecurityManagerGenLabel;
virSecurityManagerGetBaseLabel;
virSecurityManagerGetDOI;

View File

@ -118,6 +118,9 @@ typedef int (*virSecurityDomainSetImageLabel) (virSecurityManagerPtr mgr,
typedef int (*virSecurityDomainRestoreImageLabel) (virSecurityManagerPtr mgr,
virDomainDefPtr def,
virStorageSourcePtr src);
typedef int (*virSecurityDomainSetDirLabel) (virSecurityManagerPtr mgr,
virDomainDefPtr def,
const char *path);
struct _virSecurityDriver {
@ -168,6 +171,8 @@ struct _virSecurityDriver {
virSecurityDomainSetHugepages domainSetSecurityHugepages;
virSecurityDriverGetBaseLabel getBaseLabel;
virSecurityDomainSetDirLabel domainSetDirLabel;
};
virSecurityDriverPtr virSecurityDriverLookup(const char *name,

View File

@ -1006,3 +1006,20 @@ virSecurityManagerSetHugepages(virSecurityManagerPtr mgr,
return 0;
}
int
virSecurityManagerDomainSetDirLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm,
const char *path)
{
if (mgr->drv->domainSetDirLabel) {
int ret;
virObjectLock(mgr);
ret = mgr->drv->domainSetDirLabel(mgr, vm, path);
virObjectUnlock(mgr);
return ret;
}
return 0;
}

View File

@ -153,4 +153,8 @@ int virSecurityManagerRestoreImageLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm,
virStorageSourcePtr src);
int virSecurityManagerDomainSetDirLabel(virSecurityManagerPtr mgr,
virDomainDefPtr vm,
const char *path);
#endif /* VIR_SECURITY_MANAGER_H__ */