[PATCH 2/4] libvirt_recover_xattrs: Use only the correct xattr prefix
Linux and FreeBSD have different prefix. In the current state we've
tried to reset the labels for both systems which resulted in errors like
this:
Fixing /tmp/bitmaps2.qcow2
setfattr: /tmp/bitmaps2.qcow2: Operation not supported
setfattr: /tmp/bitmaps2.qcow2: Operation not supported
setfattr: /tmp/bitmaps2.qcow2: Operation not supported
setfattr: /tmp/bitmaps2.qcow2: Operation not supported
setfattr: /tmp/bitmaps2.qcow2: Operation not supported
setfattr: /tmp/bitmaps2.qcow2: Operation not supported
The 6 failed 'setfattrs' correspond to the wrong prefix.
Select the correct prefix based on the kernel name and modify the code
appropriately.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
tools/libvirt_recover_xattrs.sh | 48 ++++++++++++++++++---------------
1 file changed, 27 insertions(+), 21 deletions(-)
diff --git a/tools/libvirt_recover_xattrs.sh b/tools/libvirt_recover_xattrs.sh
index cb98497732..b7a8c05cf4 100755
--- a/tools/libvirt_recover_xattrs.sh
+++ b/tools/libvirt_recover_xattrs.sh
@@ -29,11 +29,6 @@ DIR="/"
URI=("qemu:///system"
"lxc:///system")
-# On Linux we use 'trusted' namespace, on FreeBSD we use 'system'
-# as there is no 'trusted'.
-LIBVIRT_XATTR_PREFIXES=("trusted.libvirt.security"
- "system.libvirt.security")
-
if [ $(whoami) != "root" ]; then
die "Must be run as root"
fi
@@ -62,6 +57,21 @@ if [ $# -gt 0 ]; then
DIR=$1
fi
+case $(uname -s) in
+ Linux)
+ XATTR_PREFIX="trusted.libvirt.security"
+ ;;
+
+ FreeBSD)
+ XATTR_PREFIX="system.libvirt.security"
+ ;;
+
+ *)
+ die "$0 is not supported on this platform"
+ ;;
+esac
+
+
if [ ${DRY_RUN} -eq 0 ]; then
for u in ${URI[*]} ; do
if [ -n "`virsh -q -c $u list 2>/dev/null`" ]; then
@@ -73,24 +83,20 @@ fi
declare -a XATTRS
for i in "dac" "selinux"; do
- for p in ${LIBVIRT_XATTR_PREFIXES[@]}; do
- XATTRS+=("$p.$i" "$p.ref_$i" "$p.timestamp_$i")
- done
+ XATTRS+=("$XATTR_PREFIX.$i" "$XATTR_PREFIX.ref_$i"
"$XATTR_PREFIX.timestamp_$i")
done
-for p in ${LIBVIRT_XATTR_PREFIXES[*]}; do
- for i in $(getfattr -R -d -m ${p} --absolute-names ${DIR} 2>/dev/null | grep
"^# file:" | cut -d':' -f 2); do
- echo $i;
- if [ ${DRY_RUN} -ne 0 ]; then
- getfattr -d -m $p --absolute-names $i | grep -v "^# file:"
- continue
- fi
- if [ ${QUIET} -eq 0 ]; then
- echo "Fixing $i";
- fi
- for x in ${XATTRS[*]}; do
- setfattr -x $x $i
- done
+for i in $(getfattr -R -d -m ${XATTR_PREFIX} --absolute-names ${DIR} 2>/dev/null |
grep "^# file:" | cut -d':' -f 2); do
+ if [ ${DRY_RUN} -ne 0 ]; then
+ getfattr -d -m $p --absolute-names $i | grep -v "^# file:"
+ continue
+ fi
+
+ if [ ${QUIET} -eq 0 ]; then
+ echo "Fixing $i";
+ fi
+ for x in ${XATTRS[*]}; do
+ setfattr -x $x $i
done
done
--
2.28.0