[libvirt] [PATCH] Allow domain disk images on root-squash NFS to coexist with security driver.
(suggested by Daniel Berrange, tested by Dan Kenigsberg) virStorageFileGetMetadata will fail for disk images that are stored on a root-squash NFS share that isn't world-readable. SELinuxSetSecurityImageLabel is called during the startup of every domain (as long as security_driver != "none"), and it will propogate the error from virStorageFileGetMetadata, causing the domain startup to fail. This is, however, a common scenario when qemu is run as a non-root user and the disk image is stored on NFS. Ignoring this failure (which doesn't matter in this case, since the next thing done by SELinuxSetSecurityImageLabel - setting the file context - will also fail (and that function already ignores failures due to root-squash NFS) will allow us to continue bringing up the domain. The result is that we don't need to disable the entire security driver just because a domain's disk image is stored on root-squashed NFS. --- src/security/security_selinux.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c index 6680e2d..3e20475 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -430,7 +430,7 @@ SELinuxSetSecurityImageLabel(virDomainObjPtr vm, path = NULL; if (ret < 0) - return -1; + break; if (meta.backingStore != NULL && SELinuxSetFilecon(meta.backingStore, -- 1.6.6.1
On Thu, Apr 01, 2010 at 12:10:38PM -0400, Laine Stump wrote:
(suggested by Daniel Berrange, tested by Dan Kenigsberg)
virStorageFileGetMetadata will fail for disk images that are stored on a root-squash NFS share that isn't world-readable. SELinuxSetSecurityImageLabel is called during the startup of every domain (as long as security_driver != "none"), and it will propogate the error from virStorageFileGetMetadata, causing the domain startup to fail. This is, however, a common scenario when qemu is run as a non-root user and the disk image is stored on NFS.
Ignoring this failure (which doesn't matter in this case, since the next thing done by SELinuxSetSecurityImageLabel - setting the file context - will also fail (and that function already ignores failures due to root-squash NFS) will allow us to continue bringing up the domain. The result is that we don't need to disable the entire security driver just because a domain's disk image is stored on root-squashed NFS. --- src/security/security_selinux.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c index 6680e2d..3e20475 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -430,7 +430,7 @@ SELinuxSetSecurityImageLabel(virDomainObjPtr vm, path = NULL;
if (ret < 0) - return -1; + break;
if (meta.backingStore != NULL && SELinuxSetFilecon(meta.backingStore,
ACK, Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ daniel@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/
participants (2)
-
Daniel Veillard -
Laine Stump