[libvirt] [PATCH] selinux: Don't fail RestoreAll if file doesn't have a default label
Eric Blake
eblake at redhat.com
Tue Oct 23 15:42:44 UTC 2012
On 10/23/2012 08:57 AM, Cole Robinson wrote:
>>> if (getContext(newpath, buf.st_mode, &fcon) < 0) {
>>> + /* Any user created path likely does not have a default label,
>>> + * which makes this an expected non error
>>> + */
>>> VIR_WARN("cannot lookup default selinux label for %s", newpath);
>>> + rc = 0;
>>
>> In the case where there is no default label to restore, shouldn't we
>> still be removing our sVirt label rather than just ignoring the failure
>> but leaving our label intact?
>>
>
> I sent other mails about that. But since that topic is kind of a side point,
> is this patch okay to commit in the interim? It should only improve our
> behavior WRT restoring default labels, since we will now continue on even if
> something in the chain doesn't have a default.
Yes, that's a good argument for applying now.
ACK.
--
Eric Blake eblake at redhat.com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 617 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20121023/ada582d0/attachment-0001.sig>
More information about the libvir-list
mailing list