[Libguestfs] Cannot login after modification shadow file with guestmount

[Richard W.M. Jones]

I actually tried this to see what would happen.  First I created an
overlay so as not to modify the original guest:

  $ rm -f overlay.qcow2
  $ qemu-img create -f qcow2 -o backing_file=F16x64.img overlay.qcow2

Here is the original file permissions and SELinux context:

  $ guestfish --ro -a overlay.qcow2 -i llz /etc/shadow
  ----------. root root system_u:object_r:shadow_t:s0    /sysroot/etc/shadow

After editing with guestmount + vi there was no change so it appears
to work correctly:

  $ guestfish --ro -a overlay.qcow2 -i llz /etc/shadow
  ----------. root root system_u:object_r:shadow_t:s0    /sysroot/etc/shadow

I also tried guestmount + emacs.  emacs refused to save the file,
complaining:

  Doing lsetfilecon: operation not supported, /tmp/mnt/etc/shadow

This even failed when I used 'guestmount --selinux' option, so I have
filed a bug:

  https://bugzilla.redhat.com/show_bug.cgi?id=814933

For completeness I tried virt-edit:

  $ virt-edit -a overlay.qcow2 /etc/shadow
  $ guestfish --ro -a overlay.qcow2 -i llz /etc/shadow
  ----------. root root system_u:object_r:shadow_t:s0    /sysroot/etc/shadow

and guestfish 'edit':

  $ guestfish -a overlay.qcow2 -i emacs /etc/shadow
  $ guestfish --ro -a overlay.qcow2 -i llz /etc/shadow
  ----------. root root system_u:object_r:shadow_t:s0    /sysroot/etc/shadow

and as you can see both work correctly.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
New in Fedora 11: Fedora Windows cross-compiler. Compile Windows
programs, test, and build Windows installers. Over 70 libraries supprt'd
http://fedoraproject.org/wiki/MinGW http://www.annexia.org/fedora_mingw