External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-03-07 17:28:15 +00:00
Code

Re-label image file backing stores

Browse Source 
Use virStorageFileGetMetadata() to find any backing stores for images
and re-label them

Without this, qemu cannot access qcow2 backing files, see:

  https://bugzilla.redhat.com/497131

* src/security/security_selinux.c: re-label backing store files in
  SELinuxSetSecurityImageLabel()
This commit is contained in:
Mark McLoughlin 2009-09-25 14:20:13 +01:00
parent 295fd6e833
commit fe627697a3
1 changed files with 28 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
src/security/security_selinux.c
View File

@ -27,6 +27,7 @@
#include "logging.h" #include "logging.h"
#include "pci.h" #include "pci.h"
#include "hostusb.h" #include "hostusb.h"
#include "storage_file.h"
#define VIR_FROM_THIS VIR_FROM_SECURITY #define VIR_FROM_THIS VIR_FROM_SECURITY
@ -403,10 +404,37 @@ SELinuxSetSecurityImageLabel(virConnectPtr conn,
{ {
const virSecurityLabelDefPtr secdef = &vm->def->seclabel; const virSecurityLabelDefPtr secdef = &vm->def->seclabel;
const char *path;
if (!disk->src) if (!disk->src)
return 0; return 0;
path = disk->src;
do {
virStorageFileMetadata meta;
int ret;
memset(&meta, 0, sizeof(meta));
ret = virStorageFileGetMetadata(conn, path, &meta);
if (path != disk->src)
VIR_FREE(path);
path = NULL;
if (ret < 0)
return -1;
if (meta.backingStore != NULL &&
SELinuxSetFilecon(conn, meta.backingStore,
default_content_context) < 0) {
VIR_FREE(meta.backingStore);
return -1;
}
path = meta.backingStore;
} while (path != NULL);
if (disk->shared) { if (disk->shared) {
return SELinuxSetFilecon(conn, disk->src, default_image_context); return SELinuxSetFilecon(conn, disk->src, default_image_context);
} else if (disk->readonly) { } else if (disk->readonly) {