[libvirt] Fix svirt handling of shared/readonly disks

Wednesday, 15 July 2009

The patch committed here

commit 547147084d03ebf30d09d242a5a721a4df664ffe
Author: Mark McLoughlin <markmc(a)redhat.com&gt;
Date:   Fri Jul 3 10:26:37 2009 +0000

was not actually the latest version currently used in Fedora. It causes
shared disks to be re-labelled upon VM shutdown, breaking any other
guests still runing with this disk. The only safe option is to skip
relabel for all readonly & shared disks

Daniel

diff --git a/src/security_selinux.c b/src/security_selinux.c
index 80c1c85..0db9f49 100644
--- a/src/security_selinux.c
+++ b/src/security_selinux.c
@@ -354,6 +354,17 @@ SELinuxRestoreSecurityImageLabel(virConnectPtr conn,
     char *newpath = NULL;
     const char *path = disk->src;
 
+    /* Don't restore labels on readoly/shared disks, because
+     * other VMs may still be accessing these
+     * Alternatively we could iterate over all running
+     * domains and try to figure out if it is in use, but
+     * this would not work for clustered filesystems, since
+     * we can't see running VMs using the file on other nodes
+     * Safest bet is thus to skip the restore step.
+     */
+    if (disk->readonly || disk->shared)
+        return 0;
+
     if ((err = virFileResolveLink(path, &newpath)) < 0) {
         virReportSystemError(conn, err,
                              _("cannot resolve symlink %s"), path);


-- 
|: Red Hat, Engineering, London   -o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org  -o-  http://virt-manager.org  -o-  http://ovirt.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-  F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

[libvirt] Fix svirt handling of shared/readonly disks