On Sun, Dec 24, 2017 at 3:49 PM, Richard W.M. Jones <rjones@redhat.com> wrote:
On Sun, Dec 24, 2017 at 02:15:44PM +0200, Yaniv Kaul wrote:
> I'm copying a file into a VM using virt-copy-in - which is great, but the
> file is wrongly labeled.
> How can I fix that?

Hi Yaniv,

The easiest thing is to run this after doing the virt-copy-in:

  virt-customize -a disk.img --selinux-relabel

which will run this code:

  https://github.com/libguestfs/libguestfs/blob/master/customize/SELinux_relabel.ml#L27

That requires an extra launch of the appliance, so if you were very
concerned about doing this most efficiently then you could do
something like this instead:

  guestfish -a disk.img -i <<EOF
    copy-in files [...] /target/dir
    selinux-relabel /etc/selinux/targeted/contexts/files/file_contexts / force:true
  EOF

Thanks - this is exactly what I've decided to use first.
I'll run virt-customize if I need to do more work (specifically, I believe it'll relabel everything, etc. - not sure I need it right now).
Y.
 

That isn't quite the same as the virt-customize code above, and in
particular it assumes that you're using the "targeted" policy and you
don't have the buggy version of RHEL 6, but it's near enough for most
purposes.  If you want to do any better you'd need to write a custom
script in Python or whatever.

Rich.

--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-top is 'top' for virtual machines.  Tiny program with many
powerful monitoring features, net stats, disk stats, logging, etc.
http://people.redhat.com/~rjones/virt-top