Bug 1049721 - [RFE][nova]: Libvirt Driver - Enable sVirt for LXC
Summary: [RFE][nova]: Libvirt Driver - Enable sVirt for LXC
Keywords:
Status: CLOSED UPSTREAM
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: RFEs
Version: unspecified
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: ---
Assignee: RHOS Maint
QA Contact:
URL: https://blueprints.launchpad.net/nova...
Whiteboard: upstream_milestone_none upstream_stat...
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-01-08 05:02 UTC by RHOS Integration
Modified: 2015-03-19 17:07 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-03-19 17:07:58 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description RHOS Integration 2014-01-08 05:02:55 UTC 
Cloned from launchpad blueprint https://blueprints.launchpad.net/nova/+spec/libvirt-enable-lxc-svirt.

Description:

The purpose of this blueprint is to enhance the security for LXC instances.

Enabling the dynamic sVirt configuration for LXC instances.
Also allowing the users to set a baselabel for their hosts.

This is according to http://libvirt.org/formatdomain.html#seclabel

 <seclabel type='dynamic' model='selinux'/>

or 

  <seclabel type='dynamic' model='selinux'>
    <baselabel>system_u:system_r:my_svirt_t:s0</baselabel>
  </seclabel>

Specification URL (additional information):

None
Note You need to log in before you can comment on or make changes to this bug.