Re: [libvirt] [PATCH v2 11/19] util: Introduce libvirt_udevhelper
On Thu, Nov 03, 2016 at 08:19:01PM +0800, Michal Privoznik wrote:
This is a small helper intended to be run by udev. On its input
(either as the only command line argument or in DEVNODE
environment vairable) it is given a device and on the output it
will either put nothing (meaning the device is not used by any of
the libvirt domains), or it will print out security labels in the
following form:
UID GID SELABEL
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
libvirt.spec.in | 1 +
mingw-libvirt.spec.in | 2 +
po/POTFILES.in | 1 +
src/Makefile.am | 20 ++++++++
src/util/udevhelper.c | 137 ++++++++++++++++++++++++++++++++++++++++++++++++++
5 files changed, 161 insertions(+)
create mode 100644 src/util/udevhelper.c
+static int
+printLabels(const char *device)
+{
+ char *filename = NULL;
+ virUdevMgrPtr mgr = NULL;
+ int ret = -1;
+ virSecurityDeviceLabelDefPtr *labels = NULL;
+ size_t i, nlabels = 0;
+ const char *dacLabel = NULL;
+ const char *seLabel = NULL;
+
+ if (virAsprintf(&filename,
+ "%s/run/libvirt/qemu/devices.udev", LOCALSTATEDIR) <
0)
+ goto cleanup;
+
+ if (!(mgr = virUdevMgrNewFromFile(filename)))
+ goto cleanup;
+
+ if (virUdevMgrLookupLabels(mgr, device, &labels, &nlabels) < 0)
+ goto cleanup;
IIUC the 'device' here is a canonical device path, like "/dev/sda" ?
If so, then this is not going to work, because the code is recording
labels against the path seen in the XML which is not canonicalized.
eg XML could contain /dev/disk/by-path/<BLAH>, and so the lookup will
not match /dev/sda even though they point to the same device.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|