External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-11-01 10:51:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
f603b99ad9
libvirt/src/security
History
Christian Ehrhardt 55029d9315
security: don't fail if built without attr support 
If built without attr support removing any image will trigger
 qemuBlockRemoveImageMetadata (the one that emits the warning)
   -> qemuSecurityMoveImageMetadata
     -> virSecurityManagerMoveImageMetadata
       -> virSecurityDACMoveImageMetadata
         -> virSecurityDACMoveImageMetadataHelper
           -> virProcessRunInFork (spawns subprocess)
             -> virSecurityMoveRememberedLabel

In there due to !HAVE_LIBATTR virFileGetXAttrQuiet will return
ENOSYS and from there the chain will error out.

That is wrong and looks like:
  libvirtd[6320]: internal error: child reported (status=125):
  libvirtd[6320]: Unable to remove disk metadata on vm testguest from
  /var/lib/uvtool/libvirt/images/testguest.qcow (disk target vda)

This change makes virSecurityDACMoveImageMetadataHelper and
virSecuritySELinuxMoveImageMetadataHelper accept that
error code gracefully and in that sense it is an extension of:
5214b2f1a3 "security: Don't skip label restore on file systems lacking XATTRs"
which does the same for other call chains into the virFile*XAttr functions.

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-27 11:22:50 +02:00
..
apparmor apparmor: avoid denials on libpmem initialization 2020-04-15 10:33:23 +02:00
Makefile.inc.am virhostdev: move to src/hypervisor 2020-02-24 16:47:21 +01:00
security_apparmor.c Drop needless variable 2020-05-05 11:19:34 +02:00
security_apparmor.h src/security: use #pragma once in headers 2019-06-19 17:12:31 +02:00
security_dac.c security: don't fail if built without attr support 2020-05-27 11:22:50 +02:00
security_dac.h src/security: use #pragma once in headers 2019-06-19 17:12:31 +02:00
security_driver.c Use G_N_ELEMENTS instead of ARRAY_CARDINALITY 2019-10-15 16:14:19 +02:00
security_driver.h security: Introduce virSecurityManagerDomainSetPathLabelRO 2020-04-17 16:24:30 +02:00
security_manager.c Don't require secdrivers to implement .domainMoveImageMetadata 2020-05-18 10:08:10 +02:00
security_manager.h security: Introduce virSecurityManagerDomainSetPathLabelRO 2020-04-17 16:24:30 +02:00
security_nop.c Use g_strdup instead of ignoring VIR_STRDUP's value 2019-10-21 12:51:55 +02:00
security_nop.h src/security: use #pragma once in headers 2019-06-19 17:12:31 +02:00
security_selinux.c security: don't fail if built without attr support 2020-05-27 11:22:50 +02:00
security_selinux.h src/security: use #pragma once in headers 2019-06-19 17:12:31 +02:00
security_stack.c security: Introduce virSecurityManagerDomainSetPathLabelRO 2020-04-17 16:24:30 +02:00
security_stack.h src/security: use #pragma once in headers 2019-06-19 17:12:31 +02:00
security_util.c Drop needless variable 2020-05-05 11:19:34 +02:00
security_util.h security_util: Introduce virSecurityMoveRememberedLabel 2019-07-03 08:36:04 +02:00
virt-aa-helper.c security: Remove labelling of 'externalDataStore' 2020-04-27 10:31:40 +02:00