Bug 706341 - The svirt label is lost for the domain saved file
Summary: The svirt label is lost for the domain saved file
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: libvirt
Version: 5.7
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: rc
: ---
Assignee: Libvirt Maintainers
QA Contact: Virtualization Bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-05-20 07:34 UTC by Cui Chun
Modified: 2011-08-15 19:45 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-08-15 19:45:26 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Cui Chun 2011-05-20 07:34:51 UTC 
Description of problem:
The svirt label is lost for the domain saved file.

Version-Release number of selected component (if applicable):

libvirt-0.8.2-20.el5
kvm-83-232.el5

How reproducible:
Always

Steps to Reproduce:

1. Make sure the selinux is enforcing

# getenforce 
Enforcing

2. Start a VM

# virsh list --all
 Id Name                 State
----------------------------------
 24 w2k3                 running
  - vm                   shut off

3. Save the running vm, and check the context of the save file.

# virsh save w2k3 w2k3.save
Domain w2k3 saved to w2k3.save

# ll -Z w2k3.save 
-rw-------  root root system_u:object_r:default_t      w2k3.save

  
Actual results:

Step 3.

Expected results:

svirt label should be added. like:

-rw-------  root root system_u:object_r:svirt_image_t:s0:c451,c925   w2k3.save


Additional info:
Comment 1 Cui Chun 2011-05-20 09:06:05 UTC 
The svirt label can be added for some path, but failed for other path.

For example:
# ll -Z /tmp/w2k3.save 
-rw-------  root root system_u:object_r:svirt_image_t:s0:c335,c977 /tmp/w2k3.save

# ll -Z /home/w2k3.save 
-rw-------  root root system_u:object_r:default_t      /home/w2k3.save
Comment 2 Huming Jiang 2011-06-02 03:36:39 UTC 
Could reproduce this bug on the following components of rh5.6:
libvirt-0.8.2-15.el5
kvm-83-224.el5

Steps:
# getenforce 
Enforcing

2. # virsh list --all
 Id Name                 State
----------------------------------
  5 rh5.6                running
  - a                    shut off

3. Save the running vm, and check the context of the save file.

#cd /var/lib/libvirt/images
#virsh save rh5.6 rh5.6.save
Domain rh5.6 saved to rh5.6.save

# ll -Z rh5.6.save 
-rw-------  root root system_u:object_r:virt_image_t   rh5.6.save

# virsh restore rh5.6.save 
Domain restored from rh5.6.save
#virsh save rh5.6 /tmp/rh5.6.save
Domain rh5.6 saved to /tmp/rh5.6.save
# ll -Z /tmp/rh5.6.save
-rw-------  root root system_u:object_r:svirt_image_t:s0:c600,c619 /tmp/rh5.6.save

# virsh restore /tmp/rh5.6.save 
Domain restored from /tmp/rh5.6.save

# virsh save rh5.6 /home/rh5.6.save
Domain rh5.6 saved to /home/rh5.6.save

# ll -Z /home/rh5.6.save 
-rw-------  root root system_u:object_r:default_t      /home/rh5.6.save
Comment 3 RHEL Program Management 2011-06-21 05:29:50 UTC 
This request was evaluated by Red Hat Product Management for inclusion in Red Hat Enterprise Linux 5.7 and Red Hat does not plan to fix this issue the currently developed update.

Contact your manager or support representative in case you need to escalate this bug.
Comment 5 RHEL Program Management 2011-08-15 19:45:26 UTC 
Development Management has reviewed and declined this request.  You may appeal
this decision by reopening this request.
Note You need to log in before you can comment on or make changes to this bug.