From a8ad93965f8e96338f4e9ca7557b30ac417fe82b Mon Sep 17 00:00:00 2001 From: "Daniel P. Berrange" Date: Fri, 21 Sep 2012 10:37:53 +0100 Subject: [PATCH] Don't use O_TRUNC when opening QEMU logfiles SELinux wants all log files opened with O_APPEND. When running non-root though, libvirtd likes to use O_TRUNC to avoid log files growing in size indefinitely. Instead of using O_TRUNC though, we can use O_APPEND and then call ftruncate() which keeps SELinux happier. Signed-off-by: Daniel P. Berrange (cherry picked from commit 639d5c4966478d28a96bf06f2ccc9ef6418f4736) --- src/qemu/qemu_domain.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 2990fffd75..17ae3b9297 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1446,12 +1446,22 @@ qemuDomainOpenLogHelper(struct qemud_driver *driver, { char *logfile; int fd = -1; + bool trunc = false; if (virAsprintf(&logfile, "%s/%s.log", driver->logDir, vm->def->name) < 0) { virReportOOMError(); return -1; } + /* To make SELinux happy we always need to open in append mode. + * So we fake O_TRUNC by calling ftruncate after open instead + */ + if (oflags & O_TRUNC) { + oflags &= ~O_TRUNC; + oflags |= O_APPEND; + trunc = true; + } + if ((fd = open(logfile, oflags, mode)) < 0) { virReportSystemError(errno, _("failed to create logfile %s"), logfile); @@ -1463,6 +1473,13 @@ qemuDomainOpenLogHelper(struct qemud_driver *driver, VIR_FORCE_CLOSE(fd); goto cleanup; } + if (trunc && + ftruncate(fd, 0) < 0) { + virReportSystemError(errno, _("failed to truncate %s"), + logfile); + VIR_FORCE_CLOSE(fd); + goto cleanup; + } cleanup: VIR_FREE(logfile);