[libvirt] [PATCH 7/7] Set a security context on /dev and /dev/pts mounts

Eric Blake eblake at redhat.com
Tue Jan 24 20:26:38 UTC 2012


On 01/24/2012 01:21 PM, Eric Blake wrote:
>> +            if (virAsprintf(&opts, "mode=755,size=65536%%%s%s%s",
>> +                            con ? ",context=\"" : "",
>> +                            con ? (const char *)con : "",
>> +                            con ? "\"" : "") < 0) {
> 
> I would have split this:
> 
> if (virAsprintf(&opts, "mode=755,size=65536") < 0 ||
>     (con && virAsprintf(&opts, ",context=\"%s\"",
>                         (const char *)con) < 0)) {

Never mind - that doesn't work; likewise, I don't think we have any
guarantees about self-modifying strings such as:

if (virAsprintf(&opts, "mode=755,size=65536") < 0 ||
    (con && virAsprintf(&opts, "%s,context=\"%s\"",
                        opts, (const char *)con) < 0)) {

I guess I was thinking virBufferAsprintf, where appending is indeed
easier than doing it in one shot.

-- 
Eric Blake   eblake at redhat.com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 620 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20120124/4792f2ef/attachment-0001.sig>


More information about the libvir-list mailing list