NFS does not support file labelling, so ignore this error for stdin_path when on NFS. * src/security/security_selinux.c: Ignore failures on labelling stdin_path on NFS * src/util/storage_file.c, src/util/storage_file.h: Refine virStorageFileIsSharedFS() to allow it to check for a specific FS type. --- src/libvirt_private.syms | 1 + src/security/security_selinux.c | 9 ++++++--- src/util/storage_file.c | 32 +++++++++++++++++++++++++------- src/util/storage_file.h | 9 +++++++++ 4 files changed, 41 insertions(+), 10 deletions(-) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index cf64bd3..003d1a0 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -689,6 +689,7 @@ virStorageFileFormatTypeToString; virStorageFileGetMetadata; virStorageFileGetMetadataFromFD; virStorageFileIsSharedFS; +virStorageFileIsSharedFSType; virStorageFileProbeFormat; virStorageFileProbeFormatFromFD; diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c index a9dd836..0612ce3 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -1023,9 +1023,12 @@ SELinuxSetSecurityAllLabel(virSecurityDriverPtr drv, SELinuxSetFilecon(vm->def->os.initrd, default_content_context) < 0) return -1; - if (stdin_path && - SELinuxSetFilecon(stdin_path, default_content_context) < 0) - return -1; + if (stdin_path) { + if (SELinuxSetFilecon(stdin_path, default_content_context) < 0 && + virStorageFileIsSharedFSType(stdin_path, + VIR_STORAGE_FILE_SHFS_NFS) != 1) + return -1; + } return 0; } diff --git a/src/util/storage_file.c b/src/util/storage_file.c index 3cd5dbc..0dc9f99 100644 --- a/src/util/storage_file.c +++ b/src/util/storage_file.c @@ -804,7 +804,8 @@ virStorageFileGetMetadata(const char *path, # endif -int virStorageFileIsSharedFS(const char *path) +int virStorageFileIsSharedFSType(const char *path, + int fstypes) { char *dirpath, *p; struct statfs sb; @@ -853,19 +854,36 @@ int virStorageFileIsSharedFS(const char *path) VIR_DEBUG("Check if path %s with FS magic %lld is shared", path, (long long int)sb.f_type); - if (sb.f_type == NFS_SUPER_MAGIC || - sb.f_type == GFS2_MAGIC || - sb.f_type == OCFS2_SUPER_MAGIC || - sb.f_type == AFS_FS_MAGIC) { + if ((fstypes & VIR_STORAGE_FILE_SHFS_NFS) && + (sb.f_type == NFS_SUPER_MAGIC)) + return 1; + + if ((fstypes & VIR_STORAGE_FILE_SHFS_GFS2) && + (sb.f_type == GFS2_MAGIC)) + return 1; + if ((fstypes & VIR_STORAGE_FILE_SHFS_OCFS) && + (sb.f_type == OCFS2_SUPER_MAGIC)) + return 1; + if ((fstypes & VIR_STORAGE_FILE_SHFS_AFS) && + (sb.f_type == AFS_FS_MAGIC)) return 1; - } return 0; } #else -int virStorageFileIsSharedFS(const char *path ATTRIBUTE_UNUSED) +int virStorageFileIsSharedFSType(const char *path ATTRIBUTE_UNUSED, + int fstypes ATTRIBUTE_UNUSED) { /* XXX implement me :-) */ return 0; } #endif + +int virStorageFileIsSharedFS(const char *path) +{ + return virStorageFileIsSharedFSType(path, + VIR_STORAGE_FILE_SHFS_NFS | + VIR_STORAGE_FILE_SHFS_GFS2 | + VIR_STORAGE_FILE_SHFS_OCFS | + VIR_STORAGE_FILE_SHFS_AFS); +} diff --git a/src/util/storage_file.h b/src/util/storage_file.h index 6853182..ba44111 100644 --- a/src/util/storage_file.h +++ b/src/util/storage_file.h @@ -68,6 +68,15 @@ int virStorageFileGetMetadataFromFD(const char *path, int format, virStorageFileMetadata *meta); +enum { + VIR_STORAGE_FILE_SHFS_NFS = (1 << 0), + VIR_STORAGE_FILE_SHFS_GFS2 = (1 << 1), + VIR_STORAGE_FILE_SHFS_OCFS = (1 << 2), + VIR_STORAGE_FILE_SHFS_AFS = (1 << 3), +}; + int virStorageFileIsSharedFS(const char *path); +int virStorageFileIsSharedFSType(const char *path, + int fstypes); #endif /* __VIR_STORAGE_FILE_H__ */ -- 1.7.2.3 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list