[PATCH 2/2] virSecurityManagerMetadataLock: Ignore RO filesystem

Friday, 10 July 2020

When locking files for metadata change, we open() them for R/W
access. The write access is needed because we want to acquire
exclusive (write) lock (to mutually exclude with other daemons
trying to modify XATTRs on the same file). Anyway, the open()
might fail if the file lives on a RO filesystem. Well, if that's
the case, ignore the error and continue with the next file on the
list. We won't change any seclabel on the file anyway - there is
nothing to remember then.

Reported-by: Olaf Hering <olaf(a)aepfle.de&gt;
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com&gt;
---
 src/security/security_manager.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/security/security_manager.c b/src/security/security_manager.c
index d26d3a0527..252cfefcff 100644
--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
@@ -1359,6 +1359,11 @@ virSecurityManagerMetadataLock(virSecurityManagerPtr mgr
G_GNUC_UNUSED,
         }
 
         if ((fd = open(p, O_RDWR)) < 0) {
+            if (errno == EROFS) {
+                /* There is nothing we can do for RO filesystem. */
+                continue;
+            }
+
 #ifndef WIN32
             if (S_ISSOCK(sb.st_mode)) {
                 /* Sockets can be opened only if there exists the
-- 
2.26.2


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

[PATCH 2/2] virSecurityManagerMetadataLock: Ignore RO filesystem