selinux: Don't fail RestoreAll if file doesn't have a default label

When restoring selinux labels after a VM is stopped, any non-standard
path that doesn't have a default selinux label causes the process
to stop and exit early. This isn't really an error condition IMO.

Of course the selinux API could be erroring for some other reason
but hopefully that's rare enough to not need explicit handling.

Common example here is storing disk images in a non-standard location
like under /mnt.
(cherry picked from commit 767be8be72)
This commit is contained in:
Cole Robinson 2012-10-20 15:57:28 -04:00
parent 71d4ccb253
commit c1e7b1fbd1

View File

@ -568,7 +568,11 @@ SELinuxRestoreSecurityFileLabel(const char *path)
} }
if (getContext(newpath, buf.st_mode, &fcon) < 0) { if (getContext(newpath, buf.st_mode, &fcon) < 0) {
/* Any user created path likely does not have a default label,
* which makes this an expected non error
*/
VIR_WARN("cannot lookup default selinux label for %s", newpath); VIR_WARN("cannot lookup default selinux label for %s", newpath);
rc = 0;
} else { } else {
rc = SELinuxSetFilecon(newpath, fcon); rc = SELinuxSetFilecon(newpath, fcon);
} }