External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-03-20 07:59:00 +00:00
Code

selinux: Avoid label reservations for type = none

Browse Source 
For security type='none' libvirt according to the docs should not
generate seclabel be it for selinux or any model. So, skip the
reservation of labels when type is none.

Signed-off-by: Shivaprasad G Bhat <sbhat@linux.vnet.ibm.com>
This commit is contained in:
Shivaprasad G Bhat 2014-09-04 14:42:32 +05:30 committed by Martin Kletzander
parent 1069e3b90c
commit a48362cdfe
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/security/security_selinux.c
View File

@ -731,7 +731,9 @@ virSecuritySELinuxReserveSecurityLabel(virSecurityManagerPtr mgr,
virSecurityLabelDefPtr seclabel; virSecurityLabelDefPtr seclabel;
seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME); seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
if (!seclabel || seclabel->type == VIR_DOMAIN_SECLABEL_STATIC) if (!seclabel ||
seclabel->type == VIR_DOMAIN_SECLABEL_NONE ||
seclabel->type == VIR_DOMAIN_SECLABEL_STATIC)
return 0; return 0;
if (getpidcon_raw(pid, &pctx) == -1) { if (getpidcon_raw(pid, &pctx) == -1) {