Displaying 5 results from an estimated 5 matches for "tun_socket".
Did you mean:
tun_sock
2020 Jul 14
2
SELinux labels change in libvirt
...er wise, I know I need the super-privileged container to open the tap
device with the user of the unprivileged one - that I already did and it's
not the issue.
But I have a problem when I open the tap device in the
non-privileged container: the tap device currently has the spc_t label
since the tun_socket inherited the selinux context from the
super-privileged container who creates it. then libvirt is trying to change
the SELinux labels, and since it's not privileged then it fails.
But I didn't find where and how libvirt is trying to change the tap
device's label.
Can you point me to th...
2020 Jul 14
2
Re: SELinux labels change in libvirt
...o open the tap
> > device with the user of the unprivileged one - that I already did and
> it's
> > not the issue.
> > But I have a problem when I open the tap device in the
> > non-privileged container: the tap device currently has the spc_t label
> > since the tun_socket inherited the selinux context from the
> > super-privileged container who creates it. then libvirt is trying to
> change
> > the SELinux labels, and since it's not privileged then it fails.
> > But I didn't find where and how libvirt is trying to change the tap
> >...
2020 Jul 16
1
Re: SELinux labels change in libvirt
...privileged one - that I already did and
> > > it's
> > > > not the issue.
> > > > But I have a problem when I open the tap device in the
> > > > non-privileged container: the tap device currently has the spc_t
> label
> > > > since the tun_socket inherited the selinux context from the
> > > > super-privileged container who creates it. then libvirt is trying to
> > > change
> > > > the SELinux labels, and since it's not privileged then it fails.
> > > > But I didn't find where and how libv...
2020 Jul 14
0
Re: SELinux labels change in libvirt
...e super-privileged container to open the tap
> device with the user of the unprivileged one - that I already did and it's
> not the issue.
> But I have a problem when I open the tap device in the
> non-privileged container: the tap device currently has the spc_t label
> since the tun_socket inherited the selinux context from the
> super-privileged container who creates it. then libvirt is trying to change
> the SELinux labels, and since it's not privileged then it fails.
> But I didn't find where and how libvirt is trying to change the tap
> device's label.
>...
2020 Jul 14
0
Re: SELinux labels change in libvirt
...device with the user of the unprivileged one - that I already did and
> > it's
> > > not the issue.
> > > But I have a problem when I open the tap device in the
> > > non-privileged container: the tap device currently has the spc_t label
> > > since the tun_socket inherited the selinux context from the
> > > super-privileged container who creates it. then libvirt is trying to
> > change
> > > the SELinux labels, and since it's not privileged then it fails.
> > > But I didn't find where and how libvirt is trying to cha...