diff options
| author | Peter Krempa <pkrempa@redhat.com> | 2023-01-12 13:26:37 +0100 |
|---|---|---|
| committer | Peter Krempa <pkrempa@redhat.com> | 2023-01-12 13:52:25 +0100 |
| commit | c59d3232b736507ccf7162acfb723b075d6d57c6 (patch) | |
| tree | 5a07994995dd5539d84d4d588be35036ed7a9259 /libvirt-override-virDomain.py | |
| parent | d75be368770315c04db70dda330dd9b57a871840 (diff) | |
| download | libvirt-python-c59d3232b736507ccf7162acfb723b075d6d57c6.tar.gz | |
override: domain: Implement override for virDomainFDAssociatev9.0.0
The bindings generator can't generate proper bindings for FD passing so
the bindings need to be implemented manually both the python wrapper and
the C backend.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Diffstat (limited to 'libvirt-override-virDomain.py')
| -rw-r--r-- | libvirt-override-virDomain.py | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/libvirt-override-virDomain.py b/libvirt-override-virDomain.py index a29773a..0bf876b 100644 --- a/libvirt-override-virDomain.py +++ b/libvirt-override-virDomain.py @@ -80,3 +80,31 @@ if ret == -1: raise libvirtError('virDomainSetTime() failed') return ret + + def FDAssociate(self, name: str, files: List[int], flags: int = 0) -> int: + """Associate the array of FDs passed as @fds with the domain object + under @name. The FDs are associated as long as the connection used to + associated exists and are disposed of afterwards. FD may still be kept + open by the hypervisor for as long as it's needed. + + Security labelling (e.g. via the selinux) may be applied on the passed + FDs when requiredg for usage by the VM. By default libvirt does not + restore the seclabels on the FDs afterwards to avoid keeping it open + unnecessarily. + + Restoring of the security label can be requested by passing either + VIR_DOMAIN_FD_ASSOCIATE_SECLABEL_RESTORE for a best-effort attempt to + restore the security label after use. Requesting the restore of + security label will require that the file descriptors are kept open for + the whole time they are used by the hypervisor, or other additional + overhead. + + In certain cases usage of the fd group would imply read-only access. + Passing VIR_DOMAIN_FD_ASSOCIATE_SECLABEL_WRITABLE in @flags ensures + that a writable security label is picked in case when the file + represented by the fds may be used in write mode. """ + ret = libvirtmod.virDomainFDAssociate(self._o, name, files, flags) + if ret == -1: + raise libvirtError('virDomainFDAssociate() failed') + return ret + |