[libvirt] [PATCH] selinux: Don't fail RestoreAll if file doesn't have a default label
Cole Robinson
crobinso at redhat.com
Tue Oct 23 16:04:44 UTC 2012
On 10/23/2012 11:42 AM, Eric Blake wrote:
> On 10/23/2012 08:57 AM, Cole Robinson wrote:
>>>> if (getContext(newpath, buf.st_mode, &fcon) < 0) {
>>>> + /* Any user created path likely does not have a default label,
>>>> + * which makes this an expected non error
>>>> + */
>>>> VIR_WARN("cannot lookup default selinux label for %s", newpath);
>>>> + rc = 0;
>>>
>>> In the case where there is no default label to restore, shouldn't we
>>> still be removing our sVirt label rather than just ignoring the failure
>>> but leaving our label intact?
>>>
>>
>> I sent other mails about that. But since that topic is kind of a side point,
>> is this patch okay to commit in the interim? It should only improve our
>> behavior WRT restoring default labels, since we will now continue on even if
>> something in the chain doesn't have a default.
>
> Yes, that's a good argument for applying now.
>
> ACK.
>
Thanks, pushed now.
- Cole
More information about the libvir-list
mailing list