From: "Daniel P. Berrange" <berrange@xxxxxxxxxx>
The setfilecon method can return ENOTSUP when trying to set
the context of the /proc/meminfo FUSE filesystem. We must
ignore this error and carry on, to prevent container startup
failing entirely
Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx>
---
src/lxc/lxc_container.c | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index 48ccc09..9295d80 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -782,10 +782,15 @@ static int lxcContainerMountProcFuse(virDomainDefPtr def,
ret = setfilecon(meminfo_path, scon);
freecon(scon);
if (ret < 0) {
- virReportSystemError(errno,
- _("Failed to set security context of %s for /proc/meminfo mount point"),
- meminfo_path);
- return ret;
+ if (errno == ENOTSUP) {
+ VIR_WARN("Setting security context of %s for /proc/meminfo not supported",
+ meminfo_path);
+ } else {
+ virReportSystemError(errno,
+ _("Failed to set security context of %s for /proc/meminfo mount point"),
+ meminfo_path);
+ return ret;
+ }
}
}
# endif
--
1.8.2.1
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list