shaba/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-01-12 13:17:58 +03:00
Code Releases Activity
350d6ccb91
libvirt/docs
History
Daniel P. Berrange b170eb99f5 Add two new security label types 
Curently security labels can be of type 'dynamic' or 'static'.
If no security label is given, then 'dynamic' is assumed. The
current code takes advantage of this default, and avoids even
saving <seclabel> elements with type='dynamic' to disk. This
means if you temporarily change security driver, the guests
can all still start.

With the introduction of sVirt to LXC though, there needs to be
a new default of 'none' to allow unconfined LXC containers.

This patch introduces two new security label types

 - default:  the host configuration decides whether to run the
             guest with type 'none' or 'dynamic' at guest start
 - none:     the guest will run unconfined by security policy

The 'none' label type will obviously be undesirable for some
deployments, so a new qemu.conf option allows a host admin to
mandate confined guests. It is also possible to turn off default
confinement

  security_default_confined = 1|0  (default == 1)
  security_require_confined = 1|0  (default == 0)

* src/conf/domain_conf.c, src/conf/domain_conf.h: Add new
  seclabel types
* src/security/security_manager.c, src/security/security_manager.h:
  Set default sec label types
* src/security/security_selinux.c: Handle 'none' seclabel type
* src/qemu/qemu.conf, src/qemu/qemu_conf.c, src/qemu/qemu_conf.h,
  src/qemu/libvirtd_qemu.aug: New security config options
* src/qemu/qemu_driver.c: Tell security driver about default
  config
2012-02-02 17:44:37 -07:00
..
api_extension xen_xs: name xendConfigVersion magic numbers 2012-02-01 16:28:17 -07:00
devhelp build: Fix API docs generation in VPATH build 2011-02-21 14:46:23 +01:00
html Remove all generated docs from source control 2009-09-21 14:41:47 +01:00
internals Extend RPC protocol to allow FD passing 2011-10-28 10:27:15 +01:00
schemas Add two new security label types 2012-02-02 17:44:37 -07:00
.gitignore Add automatic generation of a todo item page 2010-10-12 11:26:52 +01:00
32favicon.png * docs/site.xsl docs/*.png docs/*.html: update the images from Diana, 2006-01-23 22:55:41 +00:00
api_extension.html.in build: use shorter file names for 'make dist' 2010-10-27 16:29:25 -06:00
api.html.in docs: correct invalid xml 2011-04-01 16:03:11 -06:00
apibuild.py block rebase: add new API virDomainBlockRebase 2012-02-01 15:21:56 -07:00
apps.html.in Docs: Document Android application using libvirt 2012-01-10 09:47:47 +01:00
archdomain.html.in Split website out into one file per page. APply new layout and styling 2008-04-23 17:08:31 +00:00
architecture.fig Remove trailing whitespace from all xfig files 2011-10-28 10:11:16 +01:00
architecture.gif * docs/architecture.* docs/*: added a section on the architecture 2005-12-21 16:59:34 +00:00
architecture.html.in docs: added a table of contents to the first 11 docs files 2010-10-27 15:01:45 +11:00
archnetwork.html.in docs: correct invalid xml 2011-04-01 16:03:11 -06:00
archnode.html.in Split website out into one file per page. APply new layout and styling 2008-04-23 17:08:31 +00:00
archstorage.html.in Cleanup whitespace in docs 2009-11-06 16:05:18 +01:00
auth.html.in docs: added a table of contents to the first 11 docs files 2010-10-27 15:01:45 +11:00
bindings.html.in docs: Add information about libvirt-php new location 2011-02-09 12:29:29 -07:00
bugs.html.in Augment bug reporting documentation 2010-11-10 13:16:37 +01:00
compiling.html.in docs: added compiling page and significantly expanded windows page 2010-12-21 20:55:10 +11:00
contact.html.in docs: added libvirt-announce to contact page 2011-01-05 18:07:30 +11:00
csharp.html.in docs: updated c# bindings with arnauds latest changes 2010-11-30 02:22:38 +11:00
deployment.html.in docs: added a table of contents to the first 11 docs files 2010-10-27 15:01:45 +11:00
devguide.html.in docs: added a table of contents to the first 11 docs files 2010-10-27 15:01:45 +11:00
docs.html.in Split website out into one file per page. APply new layout and styling 2008-04-23 17:08:31 +00:00
downloads.html.in docs: added compiling page and significantly expanded windows page 2010-12-21 20:55:10 +11:00
drivers.html.in hyperv: Add basic documentation 2011-08-26 17:52:55 +02:00
drvesx.html.in esx: Support folders in the path of vpx:// connection URIs 2011-11-01 18:45:42 +01:00
drvhyperv.html.in hyperv: Add basic documentation 2011-08-26 17:52:55 +02:00
drvlxc.html.in Allow passing of command line args to LXC container 2011-10-04 14:15:09 +01:00
drvopenvz.html.in website: Point main page links to libvirt driver pages 2011-07-15 13:19:41 -06:00
drvqemu.html.in docs: document <qemu:commandline> xml 2011-12-19 14:19:12 -07:00
drvremote.html.in Split website out into one file per page. APply new layout and styling 2008-04-23 17:08:31 +00:00
drvtest.html.in Whitespace cleanup for pre-tags on the website 2009-11-16 22:42:13 +01:00
drvuml.html.in website: Point main page links to libvirt driver pages 2011-07-15 13:19:41 -06:00
drvvbox.html.in vbox: Support shared folders 2011-10-29 19:50:48 +02:00
drvvmware.html.in website: Point main page links to libvirt driver pages 2011-07-15 13:19:41 -06:00
drvxen.html.in website: Point main page links to libvirt driver pages 2011-07-15 13:19:41 -06:00
errors.html.in Fix a number of small typos 2009-09-22 12:55:39 +02:00
et.png * docs/Makefile.am docs/et.png docs/libvirt.css docs/page.xsl 2008-04-28 08:29:35 +00:00
firewall.html.in html docs: added firewall explanation page by daniel berrange 2010-07-10 22:47:00 +10:00
footer_corner.png Split website out into one file per page. APply new layout and styling 2008-04-23 17:08:31 +00:00
footer_pattern.png Split website out into one file per page. APply new layout and styling 2008-04-23 17:08:31 +00:00
format.html.in Split website out into one file per page. APply new layout and styling 2008-04-23 17:08:31 +00:00
formatcaps.html.in Remove powerMgmt_valid field from capabilities struct 2011-11-30 10:12:30 +00:00
formatdomain.html.in Add two new security label types 2012-02-02 17:44:37 -07:00
formatnetwork.html.in Adding the element pf to network xml. 2012-01-11 13:10:21 -07:00
formatnode.html.in npiv: Expose fabric_name outside 2011-12-07 18:42:08 +08:00
formatnwfilter.html.in Add documentation new ways to access members of variables 2012-01-11 06:42:37 -05:00
formatsecret.html.in secret: add Ceph secret type 2011-10-28 11:34:17 -06:00
formatsnapshot.html.in snapshot: also support disks by path 2011-09-05 07:03:04 -06:00
formatstorage.html.in Fix typo in storage pool documentation 2011-12-19 16:33:42 +01:00
formatstorageencryption.html.in docs: correct invalid xml 2011-04-01 16:03:11 -06:00
generic.css Fix missing background color 2009-12-03 15:27:24 +01:00
goals.html.in Update on the goal page 2011-03-28 10:40:24 +08:00
hacking1.xsl Generate HACKING from docs/hacking.html.in 2010-11-12 19:47:20 +01:00
hacking2.xsl Generate HACKING from docs/hacking.html.in 2010-11-12 19:47:20 +01:00
hacking.html.in Document STREQ_NULLABLE and STRNEQ_NULLABLE 2011-10-06 16:50:38 +02:00
hooks.html.in Fix several formatting mistakes in doc 2011-03-31 14:36:19 -06:00
hvsupport.pl docs: Make hvsupport.pl pick up the host device drivers 2011-06-06 10:45:59 +02:00
index.html.in hyperv: Add basic documentation 2011-08-26 17:52:55 +02:00
index.py maint: Expand tabs in python code 2011-02-18 08:59:51 +01:00
internals.html.in docs: correct invalid xml 2011-04-01 16:03:11 -06:00
intro.html.in * docs/*: start cleanup/revamp of architecture docs 2009-04-02 12:01:11 +00:00
java.html.in Fix a number of small typos 2009-09-22 12:55:39 +02:00
library.xen remove all trailing blank lines 2009-07-16 15:06:42 +02:00
libvirt-daemon-arch.fig Remove trailing whitespace from all xfig files 2011-10-28 10:11:16 +01:00
libvirt-daemon-arch.png Api documentation 2009-04-15 20:42:50 +00:00
libvirt-driver-arch.fig Remove trailing whitespace from all xfig files 2011-10-28 10:11:16 +01:00
libvirt-driver-arch.png Api documentation 2009-04-15 20:42:50 +00:00
libvirt-header-bg.png Split website out into one file per page. APply new layout and styling 2008-04-23 17:08:31 +00:00
libvirt-header-logo.png Split website out into one file per page. APply new layout and styling 2008-04-23 17:08:31 +00:00
libvirt-net-logical.fig Remove trailing whitespace from all xfig files 2011-10-28 10:11:16 +01:00
libvirt-net-logical.png Split website out into one file per page. APply new layout and styling 2008-04-23 17:08:31 +00:00
libvirt-net-physical.fig Remove trailing whitespace from all xfig files 2011-10-28 10:11:16 +01:00
libvirt-net-physical.png Split website out into one file per page. APply new layout and styling 2008-04-23 17:08:31 +00:00
libvirt-object-model.fig Remove trailing whitespace from all xfig files 2011-10-28 10:11:16 +01:00
libvirt-object-model.png Api documentation 2009-04-15 20:42:50 +00:00
libvirt.css Add documentation about migration. 2011-10-28 10:07:45 +01:00
libvirtLogo.png * //* : renamed the project libvirt , this affects all makefiles, 2006-02-09 17:45:11 +00:00
locking.html.in Add documentation for configuration lock managers 2011-06-28 18:19:00 +01:00
logging.html.in docs: correct invalid xml 2011-04-01 16:03:11 -06:00
madeWith.png * //* : renamed the project libvirt , this affects all makefiles, 2006-02-09 17:45:11 +00:00
main.css Split website out into one file per page. APply new layout and styling 2008-04-23 17:08:31 +00:00
Makefile.am Add documentation about migration. 2011-10-28 10:07:45 +01:00
migration-managed-direct.fig Remove trailing whitespace from all xfig files 2011-10-28 10:11:16 +01:00
migration-managed-direct.png Add documentation about migration. 2011-10-28 10:07:45 +01:00
migration-managed-p2p.fig Remove trailing whitespace from all xfig files 2011-10-28 10:11:16 +01:00
migration-managed-p2p.png Add documentation about migration. 2011-10-28 10:07:45 +01:00
migration-native.fig Remove trailing whitespace from all xfig files 2011-10-28 10:11:16 +01:00
migration-native.png Add documentation about migration. 2011-10-28 10:07:45 +01:00
migration-tunnel.fig Remove trailing whitespace from all xfig files 2011-10-28 10:11:16 +01:00
migration-tunnel.png Add documentation about migration. 2011-10-28 10:07:45 +01:00
migration-unmanaged-direct.fig Remove trailing whitespace from all xfig files 2011-10-28 10:11:16 +01:00
migration-unmanaged-direct.png Add documentation about migration. 2011-10-28 10:07:45 +01:00
migration.html.in Add documentation about migration. 2011-10-28 10:07:45 +01:00
newapi.xsl Improve tokenizing of linkable terms 2011-08-12 07:35:19 -06:00
news.html.in Release of libvirt-0.9.9 2012-01-07 12:18:06 +08:00
news.xsl Convert NEWS to UTF-8 2009-07-29 09:04:21 +01:00
node.fig Remove trailing whitespace from all xfig files 2011-10-28 10:11:16 +01:00
node.gif * doc/*: augment and try to complete the doc in its current state 2006-01-23 13:24:07 +00:00
page.xsl docs: replace CRLF with LF 2011-01-28 08:44:05 -07:00
php.html.in docs: Add information about libvirt-php new location 2011-02-09 12:29:29 -07:00
python.html.in Split website out into one file per page. APply new layout and styling 2008-04-23 17:08:31 +00:00
relatedlinks.html.in Cleanup whitespace in docs 2009-11-06 16:05:18 +01:00
remote.html.in Add some docs about the RPC protocol and APIs 2011-08-12 13:54:10 +01:00
search.php A couple of fixes for the search PHP code 2011-01-17 16:55:41 +08:00
site.xsl Change generated HTML to UTF-8 encoding 2009-12-08 16:09:33 +01:00
sitemap.html.in Add documentation about migration. 2011-10-28 10:07:45 +01:00
storage.html.in Add detail to documentation on storage pools and volumes. 2012-02-02 15:51:25 -07:00
structures.fig Remove trailing whitespace from all xfig files 2011-10-28 10:11:16 +01:00
subsite.xsl virCommand: docs for usage of new command APIs 2010-12-02 16:00:47 -07:00
testapi.html.in Add documentation about test suites 2011-05-11 19:18:38 +08:00
testsuites.html.in docs: avoid double 'the' 2011-05-11 08:18:04 -06:00
testtck.html.in Add documentation about test suites 2011-05-11 19:18:38 +08:00
todo.cfg-example Add automatic generation of a todo item page 2010-10-12 11:26:52 +01:00
todo.pl Skip bugs which are CLOSED in todo list 2011-07-12 17:10:33 +01:00
uri.html.in Allow for URI aliases when connecting to libvirt 2011-10-19 09:14:34 +01:00
virshcmdref.html.in docs: updated memtune info again in virsh command reference 2011-01-11 07:33:15 +11:00
windows.html.in docs: correct invalid xml 2011-04-01 16:03:11 -06:00
wrapstring.xsl Generate HACKING from docs/hacking.html.in 2010-11-12 19:47:20 +01:00