Re: [libvirt] [PATCH] selinux: Correctly report warning if virt_use_nfs not set
On 22.09.2011 18:56, Laine Stump wrote:
On 09/22/2011 05:48 AM, Michal Privoznik wrote:
> Previous patch c9b37fee tried to deal with virt_use_nfs. But
> setfilecon() returns EOPNOTSUPP on NFS so we need to move the
> warning to else branch.
I have a vague memory of the error code of something like this changing
from some other error on an older version of RHEL to EOPNOTSUPP on newer
version. It may have been for something else, but may be worth checking
out to make sure this patch gives the desired results with, e.g. RHEL5
and RHEL6.0 as well as 6.2 and Fedora.
Thanks. Pushed with this squashed in:
diff --git a/src/security/security_selinux.c
b/src/security/security_selinux.c
index 9a9a305..19ca801 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -419,7 +419,7 @@ SELinuxSetFilecon(const char *path, char *tcon)
* The user hopefully set one of the necessary SELinux
* virt_use_{nfs,usb,pci} boolean tunables to allow it...
*/
- if (setfilecon_errno != EOPNOTSUPP) {
+ if (setfilecon_errno != EOPNOTSUPP && setfilecon_errno !=
ENOTSUP) {
virReportSystemError(setfilecon_errno,
_("unable to set security context '%s'
on '%s'"),
tcon, path);