Jim Fehlig 0f1993aa15 Don't autogenerate seclabels of type 'none' ... When security drivers are active but confinement is not enabled, there is no need to autogenerate <seclabel> elements when starting a domain def that contains no <seclabel> elements. In fact, autogenerating the elements can result in needless save/restore and migration failures when the security driver is not active on the restore/migration target. This patch changes the virSecurityManagerGenLabel function in src/security_manager.c to only autogenerate a <seclabel> element if none is already defined for the domain *and* default confinement is enabled. Otherwise the needless <seclabel> autogeneration is skipped. Resolves: https://bugzilla.opensuse.org/show_bug.cgi?id=1051017		2017-08-21 09:22:26 -06:00
..
security_apparmor.c	security: don't relabel chardev source if virtlogd is used as stdio handler	2017-06-16 16:00:10 +02:00
security_apparmor.h
security_dac.c	security: Don't skip relabel for all chardevs	2017-06-22 14:28:15 +02:00
security_dac.h
security_driver.c	Add virLogSource variables to all source files	2014-03-18 14:29:22 +00:00
security_driver.h	security: don't relabel chardev source if virtlogd is used as stdio handler	2017-06-16 16:00:10 +02:00
security_manager.c	Don't autogenerate seclabels of type 'none'	2017-08-21 09:22:26 -06:00
security_manager.h	security: don't relabel chardev source if virtlogd is used as stdio handler	2017-06-16 16:00:10 +02:00
security_nop.c	security: don't relabel chardev source if virtlogd is used as stdio handler	2017-06-16 16:00:10 +02:00
security_nop.h
security_selinux.c	security: Don't skip relabel for all chardevs	2017-06-22 14:28:15 +02:00
security_selinux.h
security_stack.c	security: don't relabel chardev source if virtlogd is used as stdio handler	2017-06-16 16:00:10 +02:00
security_stack.h
virt-aa-helper.c	virt-aa-helper: locking loader/nvram for qemu 2.10	2017-08-17 16:11:59 +02:00