mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-01-11 15:27:47 +00:00
37d8c75fad
I've noticed two problem with the automatically created NVRAM varstore file. The first, even though I run qemu as root:root for some reason I get Permission denied when trying to open the _VARS.fd file. The problem is, the upper directory misses execute permissions, which in combination with us dropping some capabilities result in EPERM. The next thing is, that if I switch SELinux to enforcing mode, I get another EPERM because the vars file is not labeled correctly. It is passed to qemu as disk and hence should be labelled as disk. QEMU may write to it eventually, so this is different to kernel or initrd. Signed-off-by: Michal Privoznik <mprivozn@redhat.com> |
||
|---|---|---|
| .. | ||
| security_apparmor.c | ||
| security_apparmor.h | ||
| security_dac.c | ||
| security_dac.h | ||
| security_driver.c | ||
| security_driver.h | ||
| security_manager.c | ||
| security_manager.h | ||
| security_nop.c | ||
| security_nop.h | ||
| security_selinux.c | ||
| security_selinux.h | ||
| security_stack.c | ||
| security_stack.h | ||
| virt-aa-helper.c | ||