Re: [Libguestfs] virt-copy-in - how do I get the selinux relabeling done for the file?

On Sun, Dec 24, 2017 at 03:59:33PM +0200, Yaniv Kaul wrote: > On Sun, Dec 24, 2017 at 3:49 PM, Richard W.M. Jones <rjones(a)redhat.com&gt; > wrote: > > > On Sun, Dec 24, 2017 at 02:15:44PM +0200, Yaniv Kaul wrote: > > > I'm copying a file into a VM using virt-copy-in - which is great, but the > > > file is wrongly labeled. > > > How can I fix that? > > > > Hi Yaniv, > > > > The easiest thing is to run this after doing the virt-copy-in: > > > > virt-customize -a disk.img --selinux-relabel > > > > which will run this code: > > > > https://github.com/libguestfs/libguestfs/blob/master/ > > customize/SELinux_relabel.ml#L27 > > > > That requires an extra launch of the appliance, so if you were very > > concerned about doing this most efficiently then you could do > > something like this instead: > > > > guestfish -a disk.img -i <<EOF > > copy-in files [...] /target/dir > > selinux-relabel /etc/selinux/targeted/contexts/files/file_contexts / force:true In case it's not clear, this parameter ^^^ controls the scope of the relabelling, so you can relabel parts of the filesystem if you want to. It's basically a wrapper around ‘setfiles’: https://github.com/libguestfs/libguestfs/blob/ dab065a8eed6c6d8d9c53956393566812cfe6a2e/daemon/selinux-relabel.c#L87 Rich.

-- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~ rjones Read my programming and virtualization blog: http://rwmj.wordpress.com Fedora Windows cross-compiler. Compile Windows programs, test, and build Windows installers. Over 100 libraries supported. http://fedoraproject.org/wiki/MinGW