From: Martin Kletzander <mkletzan@redhat.com>
Date: Mon, 17 Aug 2015 18:07:07 +0000 (-0700)
Subject: security_selinux: Add SetDirLabel support
X-Git-Tag: v1.2.19-rc1~24
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3f48345f7ec0c44b8ce2371cab454d2118f830b4;p=thirdparty%2Flibvirt.git

security_selinux: Add SetDirLabel support

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
---

diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index a37f8c140b..d4bfee76c5 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -2505,6 +2505,21 @@ virSecuritySELinuxGetSecurityMountOptions(virSecurityManagerPtr mgr,
     return opts;
 }
 
+static char *
+virSecuritySELinuxDomainSetDirLabel(virSecurityManagerPtr mgr,
+                                    virDomainDefPtr def,
+                                    const char *path)
+{
+    virSecurityLabelDefPtr seclabel;
+    int ret = -1;
+
+    seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
+    if (!seclabel || !seclabel->relabel)
+        return 0;
+
+    return virSecuritySELinuxSetFilecon(path, seclabel->imagelabel);
+}
+
 virSecurityDriver virSecurityDriverSELinux = {
     .privateDataLen                     = sizeof(virSecuritySELinuxData),
     .name                               = SECURITY_SELINUX_NAME,
@@ -2549,4 +2564,6 @@ virSecurityDriver virSecurityDriverSELinux = {
 
     .domainGetSecurityMountOptions      = virSecuritySELinuxGetSecurityMountOptions,
     .getBaseLabel                       = virSecuritySELinuxGetBaseLabel,
+
+    .domainSetDirLabel                  = virSecuritySELinuxDomainSetDirLabel,
 };