On 06/25/2010 07:57 AM, Daniel P. Berrange wrote:
On Fri, Jun 25, 2010 at 07:42:13AM -0400, Laine Stump wrote:
- if (vm->def->os.kernel&&
- SELinuxSetFilecon(vm->def->os.kernel, default_content_context)< 0)
- return -1;
+ if (vm->def->os.kernel) {
+ if (SELinuxSetFilecon(vm->def->os.kernel, default_content_context)< 0)
+ return -1;
+ } else if (stdin_path) {
+ if (SELinuxSetFilecon(stdin_path, default_content_context)< 0)
+ return -1;
+ }
This doesn't make sense to me. Labelling of the kernel and labeling of
stdin_path are completely separate tasks, so shouldn't be in an if/elseif
arrangement.
Heh. The name didn't really make sense to me either, but my slight
misunderstanding of the scope of the problem made me think that in some
cases the filename would be in vm->def, and in others not, and that
seemed the only place already being used.
Now that I've looked back over the code, I see that this function is
only called in one place, and the filename is *never* available in
vm->def; it all makes much more sense now.
I'm preparing a v2. The proper thing is to just add:
if (stdin_path &&
SELinuxSetFilecon(stdin_path, default_content_context) < 0))
return -1;
correct? Or is there a different context that would be better suited?
(default content_context certainly works).
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list