mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-03-07 17:28:15 +00:00
selinux: Avoid label reservations for type = none
For security type='none' libvirt according to the docs should not generate seclabel be it for selinux or any model. So, skip the reservation of labels when type is none. Signed-off-by: Shivaprasad G Bhat <sbhat@linux.vnet.ibm.com>
This commit is contained in:
parent
1069e3b90c
commit
a48362cdfe
@ -731,7 +731,9 @@ virSecuritySELinuxReserveSecurityLabel(virSecurityManagerPtr mgr,
|
||||
virSecurityLabelDefPtr seclabel;
|
||||
|
||||
seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
|
||||
if (!seclabel || seclabel->type == VIR_DOMAIN_SECLABEL_STATIC)
|
||||
if (!seclabel ||
|
||||
seclabel->type == VIR_DOMAIN_SECLABEL_NONE ||
|
||||
seclabel->type == VIR_DOMAIN_SECLABEL_STATIC)
|
||||
return 0;
|
||||
|
||||
if (getpidcon_raw(pid, &pctx) == -1) {
|
||||
|
Loading…
x
Reference in New Issue
Block a user