Bug 1049721

Summary: [RFE][nova]: Libvirt Driver - Enable sVirt for LXC
Product: Red Hat OpenStack Reporter: RHOS Integration <rhos-integ>
Component: RFEsAssignee: RHOS Maint <rhos-maint>
Status: CLOSED UPSTREAM QA Contact:
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: markmc, yeylon
Target Milestone: ---Keywords: FutureFeature
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
URL: https://blueprints.launchpad.net/nova/+spec/libvirt-enable-lxc-svirt
Whiteboard: upstream_milestone_none upstream_status_unknown upstream_definition_drafting
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-03-19 17:07:58 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description RHOS Integration 2014-01-08 05:02:55 UTC 
Cloned from launchpad blueprint https://blueprints.launchpad.net/nova/+spec/libvirt-enable-lxc-svirt.

Description:

The purpose of this blueprint is to enhance the security for LXC instances.

Enabling the dynamic sVirt configuration for LXC instances.
Also allowing the users to set a baselabel for their hosts.

This is according to http://libvirt.org/formatdomain.html#seclabel

 <seclabel type='dynamic' model='selinux'/>

or 

  <seclabel type='dynamic' model='selinux'>
    <baselabel>system_u:system_r:my_svirt_t:s0</baselabel>
  </seclabel>

Specification URL (additional information):

None