Re: [Libguestfs] [PATCH V3] NEW API: add a new api restorecon
On Mon, Oct 29, 2012 at 09:29:16AM -0400, Daniel J Walsh wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 10/28/2012 04:45 AM, Richard W.M. Jones wrote:
> On Fri, Oct 26, 2012 at 09:47:40AM +0800, Wanlong Gao wrote:
>> So, Rich, we have some problems here?
>
> Yeah, I don't see a way to use the restorecon API safely.
>
> Rich.
>
Why is that? selabel_file, with setfilecon() or setfscreatecon() should be
able to do what you want?
I mean the API as proposed in the patch, where it just runs
"restorecon" from the host on the guest. There may be other ways to
do it, but none of them seem simpler than the way we currently do it
(touching /.autorelabel in the guest).
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-top is 'top' for virtual machines. Tiny program with many
powerful monitoring features, net stats, disk stats, logging, etc.
http://et.redhat.com/~rjones/virt-top