mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-10-31 10:23:09 +00:00
995394c5a3
For seclabel remembering we need to have XATTRs and a special namespace that is accessibly to CAP_SYS_ADMIN only (we don't want regular users to trick us into restoring to a different label). And what qemusecuritytest does is it checks whether we have not left any path behind with XATTRs or not restored to original seclabel after setAll + restoreAll round trip. But it can hardly do so if ran on a platform where there's no XATTR namespace we can use. Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Roman Bolshakov <r.bolshakov@yadro.com> Reviewed-by: Andrea Bolognani <abologna@redhat.com>
38 lines
1.2 KiB
C
38 lines
1.2 KiB
C
/*
|
|
* Copyright (C) 2018 Red Hat, Inc.
|
|
*
|
|
* This library is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
* License as published by the Free Software Foundation; either
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
*
|
|
* This library is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
* Lesser General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
* License along with this library. If not, see
|
|
* <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
#pragma once
|
|
|
|
int
|
|
virSecurityGetRememberedLabel(const char *name,
|
|
const char *path,
|
|
char **label);
|
|
|
|
int
|
|
virSecuritySetRememberedLabel(const char *name,
|
|
const char *path,
|
|
const char *label);
|
|
|
|
int
|
|
virSecurityMoveRememberedLabel(const char *name,
|
|
const char *src,
|
|
const char *dst);
|
|
|
|
bool
|
|
virSecurityXATTRNamespaceDefined(void);
|