why qemu can access mnt_t type
bigclouds
bigclouds at 163.com
Fri May 3 12:11:41 UTC 2013
hi,all
why qemu can access mnt_t type dirs. following is my ls command, qemu use a file which has MCS, but its parent dirs is not virt_image_t type.
under what condition this will happen? i do nothing about selinux policy.
thanks
[root at www data-center]# ls -lZ /rhev/data-center/25c47fdd-47a3-4eac-933a-70ea6d44f615/5dad0fa9-a924-48e5-b248-9b58bd9ac986/images/149ec5e4-45e0-4353-bfa6-58ba9ed9c888/486a26e1-79f7-4df2-9469-c48613741c7e
-rw-rw----. qemu kvm system_u:object_r:svirt_image_t:s0:c517,c988 /rhev/data-center/25c47fdd-47a3-4eac-933a-70ea6d44f615/5dad0fa9-a924-48e5-b248-9b58bd9ac986/images/149ec5e4-45e0-4353-bfa6-58ba9ed9c888/486a26e1-79f7-4df2-9469-c48613741c7e
[root at www data-center]# ls -lZ /rhev/data-center
drwxr-xr-x.qemu kvm unconfined_u:object_r:mnt_t:s0 25c47fdd-47a3-4eac-933a-70ea6d44f615
drwxr-xr-x. qemu kvm system_u:object_r:mnt_t:s0 mnt
[root at www data-center]# ls -lZ /rhev/data-center/25c47fdd-47a3-4eac-933a-70ea6d44f615/
lrwxrwxrwx. qemu kvm unconfined_u:object_r:mnt_t:s0 5dad0fa9-a924-48e5-b248-9b58bd9ac986 -> /rhev/data-center/mnt/_home_kvm_vms/5dad0fa9-a924-48e5-b248-9b58bd9ac986
[root at www data-center]# ls -lZ /rhev/data-center/25c47fdd-47a3-4eac-933a-70ea6d44f615/5dad0fa9-a924-48e5-b248-9b58bd9ac986/
drwxr-xr-x. qemu kvm system_u:object_r:user_home_t:s0 images
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/selinux/attachments/20130503/084bd20e/attachment.html>
More information about the selinux
mailing list