[libvirt] [PATCH] selinux: Don't mask errors of virSecuritySELinuxGenNewContext
Osier Yang
jyang at redhat.com
Wed Apr 24 12:50:41 UTC 2013
On 24/04/13 20:43, Peter Krempa wrote:
> virSecuritySELinuxGenNewContext() reports sensible errors but at
> virSecuritySELinuxGenSecurityLabel() the error is masked with a
> non-specific one.
> ---
> src/security/security_selinux.c | 9 +++------
> 1 file changed, 3 insertions(+), 6 deletions(-)
>
> diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
> index c620a2e..89d63ab 100644
> --- a/src/security/security_selinux.c
> +++ b/src/security/security_selinux.c
> @@ -685,13 +685,10 @@ (virSecurityManagerPtr mgr,
> }
> }
>
> - seclabel->label =
> - virSecuritySELinuxGenNewContext(baselabel, mcs, false);
> - if (!seclabel->label) {
> - virReportError(VIR_ERR_INTERNAL_ERROR,
> - _("cannot generate selinux context for %s"), mcs);
> + seclabel->label = virSecuritySELinuxGenNewContext(baselabel, mcs, false);
> + if (!seclabel->label)
> goto cleanup;
> - }
> +
> break;
>
> case VIR_DOMAIN_SECLABEL_NONE:
Makes sense, there are good errors from virSecuritySELinuxGenNewContext,
but I see another use of virSecuritySELinuxGenNewContext in
virSecuritySELinuxGenNewContext, which overrides the error too, worth to
fix together.
More information about the libvir-list
mailing list