Not sure if related, but after syncing libvirt to latest master branch I see following errors:
2012-02-04 10:38:00.119+0000: 18828: error : > virSecurityLabelDefParseXML:2646 : XML error: security label is missing > 2012-02-04 10:38:00.129+0000: 18828: error : > virSecurityLabelDefParseXML:2646 : XML error: security label is missing And virt-manager does not want to start anymore. Is this backward-compatibility related issue? Thanks, Ansis On Wed, Feb 1, 2012 at 8:27 PM, Eric Blake <[email protected]> wrote: > On 01/25/2012 07:12 AM, Daniel P. Berrange wrote: > > From: "Daniel P. Berrange" <[email protected]> > > > > Curently security labels can be of type 'dynamic' or 'static'. > > s/Curently/Currently/ > > > If no security label is given, then 'dynamic' is assumed. The > > current code takes advantage of this default, and avoids even > > saving <seclabel> elements with type='dynamic' to disk. This > > means if you temporarily change security driver, the guests > > can all still start. > > > > With the introduction of sVirt to LXC though, there needs to be > > a new default of 'none' to allow unconfined LXC containers. > > > > This patch introduces two new security label types > > > > - default: the host configuration decides whether to run the > > guest with type 'none' or 'dynamic' at guest start > > - none: the guest will run unconfined by security policy > > > > The 'none' label type will obviously be undesirable for some > > deployments, so a new qemu.conf option allows a host admin to > > mandate confined guests. It is also possible to turn off default > > confinement > > > > security_default_confined = 1|0 (default == 1) > > security_require_confined = 1|0 (default == 0) > > > > * src/conf/domain_conf.c, src/conf/domain_conf.h: Add new > > seclabel types > > * src/security/security_manager.c, src/security/security_manager.h: > > Set default sec label types > > * src/security/security_selinux.c: Handle 'none' seclabel type > > * src/qemu/qemu.conf, src/qemu/qemu_conf.c, src/qemu/qemu_conf.h, > > src/qemu/libvirtd_qemu.aug: New security config options > > * src/qemu/qemu_driver.c: Tell security driver about default > > config > > --- > > docs/formatdomain.html.in | 24 +++++++++---- > > docs/schemas/domaincommon.rng | 5 +++ > > po/POTFILES.in | 1 + > > src/conf/domain_conf.c | 70 > ++++++++++++++++++++++++-------------- > > src/conf/domain_conf.h | 2 + > > src/qemu/libvirtd_qemu.aug | 2 + > > src/qemu/qemu.conf | 8 ++++ > > src/qemu/qemu_conf.c | 11 ++++++ > > src/qemu/qemu_conf.h | 2 + > > src/qemu/qemu_driver.c | 7 +++- > > src/security/security_manager.c | 51 +++++++++++++++++++++++++--- > > src/security/security_manager.h | 8 ++++- > > src/security/security_selinux.c | 32 ++++++++++++++---- > > tests/seclabeltest.c | 2 +- > > 14 files changed, 177 insertions(+), 48 deletions(-) > > Just glancing at this diffstat, it looks like you hit my major concerns > from v1 > (https://www.redhat.com/archives/libvir-list/2012-January/msg00940.html) > > > @@ -3484,10 +3484,11 @@ qemu-kvm -net nic,model=? /dev/null > > > > <p> > > The <code>seclabel</code> element allows control over the > > - operation of the security drivers. There are two basic > > - modes of operation, dynamic where libvirt automatically > > - generates a unique security label, or static where the > > - application/administrator chooses the labels. With dynamic > > + operation of the security drivers. There are three basic > > + modes of operation, 'dynamic' where libvirt automatically > > + generates a unique security label, 'static' where the > > + application/administrator chooses the labels, or 'none' > > + where confinement is disabled. With dynamic > > label generation, libvirt will always automatically > > relabel any resources associated with the virtual machine. > > With static label assignment, by default, the administrator > > Probably want to also document with a <span class="since"> that 'none' > was introduced in 0.9.10. > > > @@ -3515,9 +3516,18 @@ qemu-kvm -net nic,model=? /dev/null > > <seclabel type='static' model='selinux' relabel='yes'> > > <label>system_u:system_r:svirt_t:s0:c392,c662</label> > > </seclabel> > > + > > + <seclabel type='none'/> > > </pre> > > > > <p> > > + If no 'type' attribute is provided in the input XML, then > > + the security driver default setting will be used, which > > + may be either 'none' or 'static'. > > Actually, it is either 'none' or 'dynamic'; the only way to get 'static' > is with explicit type attribute. > > > @@ -2591,12 +2602,15 @@ > virSecurityLabelDefParseXML(virSecurityLabelDefPtr def, > > def->imagelabel = p; > > } > > > > - /* Only parse baselabel, for dynamic label */ > > - if (def->type == VIR_DOMAIN_SECLABEL_DYNAMIC) { > > + /* Only parse baselabel, for dynamic or none label types */ > > + if (def->type == VIR_DOMAIN_SECLABEL_DYNAMIC || > > + def->type == VIR_DOMAIN_SECLABEL_NONE) { > > p = virXPathStringLimit("string(./seclabel/baselabel[1])", > > VIR_SECURITY_LABEL_BUFLEN-1, ctxt); > > if (p != NULL) > > def->baselabel = p; > > + /* Forces none type to dynamic for back compat */ > > + def->type = VIR_DOMAIN_SECLABEL_DYNAMIC; > > Missing braces. This should be: > > if (p != NULL) { > def->baselabel = p; > /* Force none to dynamic for back compat */ > def->type = VIR_DOMAIN_SECLABEL_DYNAMIC; > } > > ACK with those items fixed. > > -- > Eric Blake [email protected] +1-919-301-3266 > Libvirt virtualization library http://libvirt.org > > > -- > libvir-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/libvir-list >
-- libvir-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/libvir-list
