mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-01-09 14:35:25 +00:00
6cb4acce8b
When doing security relabeling, there are cases where a per-file override might be appropriate. For example, with a static label and relabeling, it might be appropriate to skip relabeling on a particular disk, where the backing file lives on NFS that lacks the ability to track labeling. Or with dynamic labeling, it might be appropriate to use a custom (non-dynamic) label for a disk specifically intended to be shared across domains. The new XML resembles the top-level <seclabel>, but with fewer options (basically relabel='no', or <label>text</label>): <domain ...> ... <devices> <disk type='file' device='disk'> <source file='/path/to/image1'> <seclabel relabel='no'/> <!-- override for just this disk --> </source> ... </disk> <disk type='file' device='disk'> <source file='/path/to/image1'> <seclabel relabel='yes'> <!-- override for just this disk --> <label>system_u:object_r:shared_content_t:s0</label> </seclabel> </source> ... </disk> ... </devices> <seclabel type='dynamic' model='selinux'> <baselabel>text</baselabel> <!-- used for all devices without override --> </seclabel> </domain> This patch only introduces the XML and documentation; future patches will actually parse and make use of it. The intent is that we can further extend things as needed, adding a per-device <seclabel> in more places (such as the source of a console device), and possibly allowing a <baselabel> instead of <label> for labeling where we want to reuse the cNNN,cNNN pair of a dynamically labeled domain but a different base label. First suggested by Daniel P. Berrange here: https://www.redhat.com/archives/libvir-list/2011-December/msg00258.html * docs/schemas/domaincommon.rng (devSeclabel): New define. (disk): Use it. * docs/formatdomain.html.in (elementsDisks, seclabel): Document the new XML. * tests/qemuxml2argvdata/qemuxml2argv-seclabel-dynamic-override.xml: New test, to validate RNG.
41 lines
1.2 KiB
XML
41 lines
1.2 KiB
XML
<domain type='qemu'>
|
|
<name>QEMUGuest1</name>
|
|
<uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
|
|
<memory>219100</memory>
|
|
<currentMemory>219100</currentMemory>
|
|
<vcpu cpuset='1-4,8-20,525'>1</vcpu>
|
|
<os>
|
|
<type arch='i686' machine='pc'>hvm</type>
|
|
<boot dev='hd'/>
|
|
</os>
|
|
<clock offset='utc'/>
|
|
<on_poweroff>destroy</on_poweroff>
|
|
<on_reboot>restart</on_reboot>
|
|
<on_crash>destroy</on_crash>
|
|
<devices>
|
|
<emulator>/usr/bin/qemu</emulator>
|
|
<disk type='block' device='disk'>
|
|
<source dev='/dev/HostVG/QEMUGuest1'>
|
|
<seclabel relabel='no'/>
|
|
</source>
|
|
<target dev='hda' bus='ide'/>
|
|
<address type='drive' controller='0' bus='0' unit='0'/>
|
|
</disk>
|
|
<disk type='block' device='disk'>
|
|
<source dev='/dev/HostVG/QEMUGuest2'>
|
|
<seclabel relabel='yes'>
|
|
<label>system_u:system_r:public_content_t:s0</label>
|
|
</seclabel>
|
|
</source>
|
|
<target dev='hdb' bus='ide'/>
|
|
<readonly/>
|
|
<address type='drive' controller='0' bus='0' unit='0'/>
|
|
</disk>
|
|
<controller type='ide' index='0'/>
|
|
<memballoon model='virtio'/>
|
|
</devices>
|
|
<seclabel type='dynamic' model='selinux' relabel='yes'>
|
|
<baselabel>system_u:system_r:svirt_custom_t:s0</baselabel>
|
|
</seclabel>
|
|
</domain>
|