[libvirt] [PATCH v2] qemu: Properly label FDs when restoring domain with static label
Shivaprasad G Bhat
shivaprasadbhat at gmail.com
Thu May 29 14:42:37 UTC 2014
The restore of a saved image file fails when the selinux context is static.
The libvirt has to set the conext of save image file handle to that of
the guest before handing off the FD to qemu.
Signed-off-by: Shivaprasad G Bhat <shivaprasadbhat at gmail.com>
---
src/qemu/qemu_process.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index 124fe28..47d1f7d 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -4052,14 +4052,14 @@ int qemuProcessStart(virConnectPtr conn,
*/
struct stat stdin_sb;
- VIR_DEBUG("setting security label on pipe used for migration");
+ VIR_DEBUG("setting security label on fd used for migration or restore");
if (fstat(stdin_fd, &stdin_sb) < 0) {
virReportSystemError(errno,
_("cannot stat fd %d"), stdin_fd);
goto cleanup;
}
- if (S_ISFIFO(stdin_sb.st_mode) &&
+ if ((S_ISFIFO(stdin_sb.st_mode) || S_ISREG(stdin_sb.st_mode)) &&
virSecurityManagerSetImageFDLabel(driver->securityManager, vm->def, stdin_fd) < 0)
goto cleanup;
}
More information about the libvir-list
mailing list