Libvirt provides a portable, long term stable C API for managing the virtualization technologies provided by many operating systems. It includes support for QEMU, KVM, Xen, LXC, bhyve, Virtuozzo, VMware vCenter and ESX, VMware Desktop, Hyper-V, VirtualBox and the POWER Hypervisor.
Go to file
Jamie Strandboge 0b501bd4e1 Move load of AppArmor profile to GenLabel()
Commit 12317957ec introduced an incompatible
architectural change for the AppArmor security driver. Specifically,
virSecurityManagerSetAllLabel() is now called much later in
src/qemu/qemu_process.c:qemuProcessStart(). Previously, SetAllLabel() was
called immediately after GenLabel() such that after the dynamic label (profile
name) was generated, SetAllLabel() would be called to create and load the
AppArmor profile into the kernel before qemuProcessHook() was executed. With
12317957ec, qemuProcessHook() is now called
before SetAllLabel(), such that aa_change_profile() ends up being called
before the AppArmor profile is loaded into the kernel (via ProcessLabel() in
qemuProcessHook()).

This patch addresses the change by making GenLabel() load the AppArmor
profile into the kernel after the label (profile name) is generated.
SetAllLabel() is then adjusted to only reload_profile() and append stdin_fn to
the profile when it is specified. This also makes the AppArmor driver work
like its SELinux counterpart with regard to SetAllLabel() and stdin_fn.
Bug-Ubuntu: https://launchpad.net/bugs/801569
2011-06-24 10:09:44 -06:00
.gnulib@478c2dcc83 build: update to latest gnulib 2011-06-23 10:52:08 -06:00
daemon Revert "Add virDomainBlockPull support to the remote driver" 2011-06-24 08:41:25 -06:00
docs documenting the 802.1Qbh parameters of a 'direct' interface 2011-06-23 11:05:24 -06:00
examples python: events: Fix C->Python handle callback prototype 2011-06-21 10:08:48 -04:00
include Revert "Add new API virDomainBlockPull* to headers" 2011-06-24 08:41:25 -06:00
m4 tests: Lower stack usage below 4096 bytes 2011-04-30 19:59:52 +02:00
po Introduce generic RPC client objects 2011-06-24 11:48:45 +01:00
python Revert "Add new API virDomainBlockPull* to headers" 2011-06-24 08:41:25 -06:00
src Move load of AppArmor profile to GenLabel() 2011-06-24 10:09:44 -06:00
tests maint: typo fixes 2011-06-24 08:01:10 -06:00
tools Revert "Enable the virDomainBlockPull API in virsh" 2011-06-24 08:41:24 -06:00
.dir-locals.el maint: make spacing in .sh files easier 2011-03-14 21:57:42 -06:00
.gitignore Defines the basics of a generic RPC protocol in XDR 2011-06-24 11:48:10 +01:00
.gitmodules make .gnulib a submodule 2009-07-08 16:17:51 +02:00
.mailmap spice: add <clipboard copypaste='yes|no'> option 2011-06-14 17:03:26 -06:00
AUTHORS documenting the 802.1Qbh parameters of a 'direct' interface 2011-06-23 11:05:24 -06:00
autobuild.sh Remove the Open Nebula driver 2011-03-28 14:09:11 +01:00
autogen.sh build: avoid problems with autogen.sh runs from tarball 2011-02-12 06:28:28 -07:00
bootstrap build: update to latest gnulib 2011-06-23 10:52:08 -06:00
bootstrap.conf build: require newer gettext 2011-05-19 17:54:47 -06:00
cfg.mk Move the RPC generator scripts into src/rpc 2011-06-24 11:48:49 +01:00
ChangeLog-old generate ChangeLog from git logs into distribution tarball 2009-07-08 16:17:51 +02:00
configure.ac Introduce a generic object for using network sockets 2011-06-24 11:48:18 +01:00
COPYING.LIB remove all trailing blank lines 2009-07-16 15:06:42 +02:00
HACKING maint: rename virBufferVSprintf to virBufferAsprintf 2011-05-05 13:47:40 -06:00
libvirt.pc.in * libvirt.pc.in: applied patch from Daniel Berrange to fix --cflags 2006-03-24 13:18:12 +00:00
libvirt.spec.in build: require newer netcf when it is available 2011-06-21 14:27:32 -06:00
Makefile.am Re-add libvirt.spec to tarball to allwo "make rpm" 2011-05-09 14:23:19 +08:00
Makefile.nonreentrant Ban use of all inet_* functions 2010-10-22 11:59:23 +01:00
mingw32-libvirt.spec.in Remove iohelper on Win32 since it is not required 2011-03-31 17:41:51 +01:00
README Correct typos in the documentation (Atsushi SAKAI) 2008-01-24 10:15:13 +00:00
README-hacking maint: relax git minimum version 2010-02-24 14:29:27 -05:00
TODO Update todo list file to point at bugzilla/website 2010-10-13 16:45:26 +01:00

         LibVirt : simple API for virtualization

  Libvirt is a C toolkit to interact with the virtualization capabilities
of recent versions of Linux (and other OSes). It is free software
available under the GNU Lesser General Public License. Virtualization of
the Linux Operating System means the ability to run multiple instances of
Operating Systems concurrently on a single hardware system where the basic
resources are driven by a Linux instance. The library aim at providing
long term stable C API initially for the Xen paravirtualization but
should be able to integrate other virtualization mechanisms if needed.

Daniel Veillard <veillard@redhat.com>