Signed-off-by: Alex Jia <[email protected]> --- bin/virt-sandbox.c | 14 ++++++++++---- 1 files changed, 10 insertions(+), 4 deletions(-)
diff --git a/bin/virt-sandbox.c b/bin/virt-sandbox.c index 69d1e62..66676c3 100644 --- a/bin/virt-sandbox.c +++ b/bin/virt-sandbox.c @@ -372,13 +372,19 @@ separated by commas. The following options are valid for SELinux =over 4 -=item type=TYPE +=item dynamic -The SELinux security type, defaults to sandbox_t +The SELinux security dynamic for the sandbox, defaults to svirt_sandbox_t -=item level=LEVEL +=item dynamic,label=USER:ROLE:TYPE:LEVEL -The SELinux MCS level, defaults to a randomly allocated level +To use dynamic and override the base label, defaults to +system_u:system_r:svirt_t:s0 + +=item static,label=USER:ROLE:TYPE:LEVEL + +To set a completely static label. For example, +static,label=system_u:system_r:svirt_t:s0:c412,c355 =back -- 1.7.1 -- libvir-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/libvir-list
