virtual_domain_context man page
virtual_domain_context ā The SELinux virtual machine domain context configuration file
Description
The virtual_domain_context file contains a list of domain contexts that are available for use by the SELinux-aware virtulization API libvirt (see libvirtd(8)).
selinux_virtual_domain_context_path(3) will return the active policy path to this file. The default virtual domain context file is:
/etc/selinux/{SELINUXTYPE}/contexts/virtual_domain_context
Where {SELINUXTYPE} is the entry from the selinux configuration file config (see selinux_config(5)).
File Format
Each line in the file consists of an entry as follows:
user:role:type[:range]
- Where:
-
user role type range
A user, role, type and optional range (for MCS/MLS) separated by colons (:) that can be used as a virtual domain context.
Example
# ./contexts/virtual_domain_context
system_u:object_r:svirt_t:s0
See Also
selinux(8), libvirtd(8), selinux_virtual_domain_context_path(3), selinux_config(5)