diff --git a/ChangeLog b/ChangeLog index 0453790cc43311154698e54ee3f4a479b5a9fb52..bb665f505b19ac3af6694d867ca8ec500eee4197 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,12 @@ +Tue Mar 3 09:55:13 GMT 2009 Daniel P. Berrange + + virsh additions for sVirt support (James Morris & Dan Walsh) + * src/virsh.c: Include security model / label information + in the 'dominfo' output + Tue Mar 3 09:40:13 GMT 2009 Daniel P. Berrange - Core internal driver stub for sVirt support (Jams Morris & Dan Walsh) + Core internal driver stub for sVirt support (James Morris & Dan Walsh) * Makefile.maint: Add virSecurityReportError as a msggen function * docs/schemas/capability.rng: Add element diff --git a/src/virsh.c b/src/virsh.c index c23fdda8c5736f27bc54d108982d2f24c5db4b6b..6a257ca2e4cd6c94f3692cd4f63cd8af146f09c2 100644 --- a/src/virsh.c +++ b/src/virsh.c @@ -1539,6 +1539,8 @@ cmdDominfo(vshControl *ctl, const vshCmd *cmd) { virDomainInfo info; virDomainPtr dom; + virSecurityModel secmodel; + virSecurityLabel seclabel; int ret = TRUE, autostart; unsigned int id; char *str, uuid[VIR_UUID_STRING_BUFLEN]; @@ -1597,6 +1599,29 @@ cmdDominfo(vshControl *ctl, const vshCmd *cmd) autostart ? _("enable") : _("disable") ); } + /* Security model and label information */ + memset(&secmodel, 0, sizeof secmodel); + if (virNodeGetSecurityModel(ctl->conn, &secmodel) == -1) { + virDomainFree(dom); + return FALSE; + } else { + /* Only print something if a security model is active */ + if (secmodel.model[0] != '\0') { + vshPrint(ctl, "%-15s %s\n", _("Security model:"), secmodel.model); + vshPrint(ctl, "%-15s %s\n", _("Security DOI:"), secmodel.doi); + + /* Security labels are only valid for active domains */ + memset(&seclabel, 0, sizeof seclabel); + if (virDomainGetSecurityLabel(dom, &seclabel) == -1) { + virDomainFree(dom); + return FALSE; + } else { + if (seclabel.label[0] != '\0') + vshPrint(ctl, "%-15s %s (%s)\n", _("Security label:"), + seclabel.label, seclabel.enforcing ? "enforcing" : "permissive"); + } + } + } virDomainFree(dom); return ret; }