[libvirt] [PATCH v1 23/23] qemuProcessStop: Restore seclabels on dirs too
This is a counterpart for f1f68ca33. While we set the security
labels on various directories that domain is going to use (e.g.
channel target directory) we don't restore the permissions back.
Leaving a hanging entry in virtlockd.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/qemu/qemu_process.c | 22 ++++++++++++++--------
1 file changed, 14 insertions(+), 8 deletions(-)
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index 8aa9efc..e2968ea 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -5243,15 +5243,21 @@ void qemuProcessStop(virQEMUDriverPtr driver,
priv->monConfig = NULL;
}
- ignore_value(virAsprintf(&tmppath, "%s/domain-%s",
- cfg->libDir, vm->def->name));
- virFileDeleteTree(tmppath);
- VIR_FREE(tmppath);
+ if (virAsprintf(&tmppath, "%s/domain-%s",
+ cfg->libDir, vm->def->name) > 0) {
+ virSecurityManagerDomainRestoreDirLabel(driver->securityManager,
+ vm->def, tmppath);
+ virFileDeleteTree(tmppath);
+ VIR_FREE(tmppath);
+ }
- ignore_value(virAsprintf(&tmppath, "%s/domain-%s",
- cfg->channelTargetDir, vm->def->name));
- virFileDeleteTree(tmppath);
- VIR_FREE(tmppath);
+ if (virAsprintf(&tmppath, "%s/domain-%s",
+ cfg->channelTargetDir, vm->def->name) > 0) {
+ virSecurityManagerDomainRestoreDirLabel(driver->securityManager,
+ vm->def, tmppath);
+ virFileDeleteTree(tmppath);
+ VIR_FREE(tmppath);
+ }
ignore_value(virDomainChrDefForeach(vm->def,
false,
--
2.4.9