virtual_domain_context man page

virtual_domain_context — The SELinux virtual machine domain context configuration file

Description

The virtual_domain_context file contains a list of domain contexts that are available for use by the SELinux-aware virtulization API libvirt (see libvirtd(8)).

selinux_virtual_domain_context_path(3) will return the active policy path to this file. The default virtual domain context file is:

/etc/selinux/{SELINUXTYPE}/contexts/virtual_domain_context

Where {SELINUXTYPE} is the entry from the selinux configuration file config (see selinux_config(5)).

File Format

Each line in the file consists of an entry as follows:

user:role:type[:range]

Where:

user role type range

A user, role, type and optional range (for MCS/MLS) separated by colons (:) that can be used as a virtual domain context.

Example

# ./contexts/virtual_domain_context
system_u:object_r:svirt_t:s0

See Also

selinux(8), libvirtd(8), selinux_virtual_domain_context_path(3), selinux_config(5)

Info

28-Nov-2011 Security Enhanced Linux SELinux configuration