From ed5a25841ff0838b1b7afa881b5d369ace1aad9c Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Wed, 15 Jul 2009 12:45:13 +0100
Subject: [PATCH] Don't restore labels on shared/readonly disks

* src/security_selinux.c: Skip relabelling of shared/readonly
  disks upon shutdown, since this breaks other VMs still active
  using those disks
---
 src/security_selinux.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/src/security_selinux.c b/src/security_selinux.c
index 80c1c855b9..0db9f49dd8 100644
--- a/src/security_selinux.c
+++ b/src/security_selinux.c
@@ -354,6 +354,17 @@ SELinuxRestoreSecurityImageLabel(virConnectPtr conn,
     char *newpath = NULL;
     const char *path = disk->src;
 
+    /* Don't restore labels on readoly/shared disks, because
+     * other VMs may still be accessing these
+     * Alternatively we could iterate over all running
+     * domains and try to figure out if it is in use, but
+     * this would not work for clustered filesystems, since
+     * we can't see running VMs using the file on other nodes
+     * Safest bet is thus to skip the restore step.
+     */
+    if (disk->readonly || disk->shared)
+        return 0;
+
     if ((err = virFileResolveLink(path, &newpath)) < 0) {
         virReportSystemError(conn, err,
                              _("cannot resolve symlink %s"), path);