External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-02-22 11:22:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

libvirt_recover_xattrs: Allow fixing multiple PATHs

Browse Source 
Loop for multiple PATH arguments to support shell pattern expansion.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
This commit is contained in:
Peter Krempa 2020-12-02 10:55:01 +01:00
parent ea6bc0557d
commit a6e4c87299
1 changed files with 29 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
tools/libvirt_recover_xattrs.sh
View File

@ -7,7 +7,7 @@ function die {
function show_help { function show_help {
cat << EOF cat << EOF
Usage: ${0##*/} -[hqnu] [PATH] Usage: ${0##*/} -[hqnu] [PATH ...]
Clear out any XATTRs set by libvirt on all files that have them. Clear out any XATTRs set by libvirt on all files that have them.
The idea is to reset refcounting, should it break. The idea is to reset refcounting, should it break.
@ -25,7 +25,6 @@ EOF
QUIET=0 QUIET=0
DRY_RUN=0 DRY_RUN=0
UNSAFE=0 UNSAFE=0
DIR="/"
# So far only qemu and lxc drivers use security driver. # So far only qemu and lxc drivers use security driver.
URI=("qemu:///system" URI=("qemu:///system"
@ -57,15 +56,6 @@ while getopts hqnu opt; do
esac esac
done done
shift $((OPTIND - 1))
if [ $# -gt 0 ]; then
DIR=$1
else
if [ ${UNSAFE} -eq 1 ]; then
die "Unsafe mode (-u) requires explicit 'PATH' argument"
fi
fi
case $(uname -s) in case $(uname -s) in
Linux) Linux)
XATTR_PREFIX="trusted.libvirt.security" XATTR_PREFIX="trusted.libvirt.security"
@ -95,17 +85,34 @@ for i in "dac" "selinux"; do
XATTRS+=("$XATTR_PREFIX.$i" "$XATTR_PREFIX.ref_$i" "$XATTR_PREFIX.timestamp_$i") XATTRS+=("$XATTR_PREFIX.$i" "$XATTR_PREFIX.ref_$i" "$XATTR_PREFIX.timestamp_$i")
done done
fix_xattrs() {
local DIR="$1"
for i in $(getfattr -R -d -m ${XATTR_PREFIX} --absolute-names ${DIR} 2>/dev/null | grep "^# file:" | cut -d':' -f 2); do for i in $(getfattr -R -d -m ${XATTR_PREFIX} --absolute-names ${DIR} 2>/dev/null | grep "^# file:" | cut -d':' -f 2); do
if [ ${DRY_RUN} -ne 0 ]; then if [ ${DRY_RUN} -ne 0 ]; then
getfattr -d -m $p --absolute-names $i | grep -v "^# file:" getfattr -d -m $p --absolute-names $i | grep -v "^# file:"
continue continue
fi fi
if [ ${QUIET} -eq 0 ]; then if [ ${QUIET} -eq 0 ]; then
echo "Fixing $i"; echo "Fixing $i";
fi fi
for x in ${XATTRS[*]}; do for x in ${XATTRS[*]}; do
setfattr -x $x $i setfattr -x $x $i
done
done done
done }
shift $((OPTIND - 1))
if [ $# -gt 0 ]; then
while [ $# -gt 0 ]; do
fix_xattrs "$1"
shift $((OPTIND - 1))
done
else
if [ ${UNSAFE} -eq 1 ]; then
die "Unsafe mode (-u) requires explicit 'PATH' argument"
fi
fix_xattrs "/"
fi