[libvirt] [PATCH] selinux: Correctly report warning if virt_use_nfs not set

Fri Sep 23 10:16:23 UTC 2011

On 22.09.2011 18:56, Laine Stump wrote:
> On 09/22/2011 05:48 AM, Michal Privoznik wrote:
>> Previous patch c9b37fee tried to deal with virt_use_nfs. But
>> setfilecon() returns EOPNOTSUPP on NFS so we need to move the
>> warning to else branch.
> 
> I have a vague memory of the error code of something like this changing
> from some other error on an older version of RHEL to EOPNOTSUPP on newer
> version. It may have been for something else, but may be worth checking
> out to make sure this patch gives the desired results with, e.g. RHEL5
> and RHEL6.0 as well as 6.2 and Fedora.
> 

Thanks. Pushed with this squashed in:

diff --git a/src/security/security_selinux.c
b/src/security/security_selinux.c
index 9a9a305..19ca801 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -419,7 +419,7 @@ SELinuxSetFilecon(const char *path, char *tcon)
          * The user hopefully set one of the necessary SELinux
          * virt_use_{nfs,usb,pci}  boolean tunables to allow it...
          */
-        if (setfilecon_errno != EOPNOTSUPP) {
+        if (setfilecon_errno != EOPNOTSUPP && setfilecon_errno !=
ENOTSUP) {
             virReportSystemError(setfilecon_errno,
                                  _("unable to set security context '%s'
on '%s'"),
                                  tcon, path);


