* Mon Oct 19 2009 Mark McLoughlin <markmc@redhat.com> - 0.6.2-19
- Ignore re-labelling errors on NFS (#517157)
This commit is contained in:
parent
e8eadea9cd
commit
7b23a93c36
@ -1,4 +1,4 @@
|
||||
From 6096cb19d6b05707ca32f52b905c53818ecfc84b Mon Sep 17 00:00:00 2001
|
||||
From 2fcd18b6a39f495d84eb3ef56a49994621c8f7d3 Mon Sep 17 00:00:00 2001
|
||||
From: Daniel P. Berrange <berrange@redhat.com>
|
||||
Date: Mon, 17 Aug 2009 08:52:30 +0100
|
||||
Subject: [PATCH] Disable sound cards when running sVirt
|
||||
|
61
libvirt-fix-selinux-problem-with-images-on-nfs.patch
Normal file
61
libvirt-fix-selinux-problem-with-images-on-nfs.patch
Normal file
@ -0,0 +1,61 @@
|
||||
From ea544e7b038776c7db555ab0428b63ebb1604163 Mon Sep 17 00:00:00 2001
|
||||
From: Darryl L. Pierce <dpierce@redhat.com>
|
||||
Date: Fri, 21 Aug 2009 16:57:29 +0200
|
||||
Subject: [PATCH] 517157 fix selinux problem with images on NFS
|
||||
|
||||
* src/security_selinux.c: ignores EOPNOTSUPP when attempting to access an
|
||||
NFS share
|
||||
|
||||
(cherry picked from commit 777fc2e9d60844a7387355d9cef06bd25190d146)
|
||||
|
||||
Fedora-patch: libvirt-fix-selinux-problem-with-images-on-nfs.patch
|
||||
---
|
||||
src/security_selinux.c | 25 +++++++++++++++++--------
|
||||
1 files changed, 17 insertions(+), 8 deletions(-)
|
||||
|
||||
diff --git a/src/security_selinux.c b/src/security_selinux.c
|
||||
index 8ebe1fe..97f16b3 100644
|
||||
--- a/src/security_selinux.c
|
||||
+++ b/src/security_selinux.c
|
||||
@@ -285,6 +285,8 @@ SELinuxSetFilecon(virConnectPtr conn, const char *path, char *tcon)
|
||||
VIR_INFO("Setting SELinux context on '%s' to '%s'", path, tcon);
|
||||
|
||||
if (setfilecon(path, tcon) < 0) {
|
||||
+ int setfilecon_errno = errno;
|
||||
+
|
||||
if (getfilecon(path, &econ) >= 0) {
|
||||
if (STREQ(tcon, econ)) {
|
||||
freecon(econ);
|
||||
@@ -293,14 +295,21 @@ SELinuxSetFilecon(virConnectPtr conn, const char *path, char *tcon)
|
||||
}
|
||||
freecon(econ);
|
||||
}
|
||||
- virSecurityReportError(conn, VIR_ERR_ERROR,
|
||||
- _("%s: unable to set security context "
|
||||
- "'\%s\' on %s: %s."), __func__,
|
||||
- tcon,
|
||||
- path,
|
||||
- virStrerror(errno, ebuf, sizeof ebuf));
|
||||
- if (security_getenforce() == 1)
|
||||
- return -1;
|
||||
+
|
||||
+ /* if the error complaint is related to an image hosted on
|
||||
+ * an nfs mount, then ignore it.
|
||||
+ * rhbz 517157
|
||||
+ */
|
||||
+ if (setfilecon_errno != EOPNOTSUPP) {
|
||||
+ virSecurityReportError(conn, VIR_ERR_ERROR,
|
||||
+ _("%s: unable to set security context "
|
||||
+ "'\%s\' on %s: %s."), __func__,
|
||||
+ tcon,
|
||||
+ path,
|
||||
+ virStrerror(errno, ebuf, sizeof ebuf));
|
||||
+ if (security_getenforce() == 1)
|
||||
+ return -1;
|
||||
+ }
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
--
|
||||
1.6.2.5
|
||||
|
@ -66,7 +66,7 @@
|
||||
Summary: Library providing a simple API virtualization
|
||||
Name: libvirt
|
||||
Version: 0.6.2
|
||||
Release: 18%{?dist}%{?extra_release}
|
||||
Release: 19%{?dist}%{?extra_release}
|
||||
License: LGPLv2+
|
||||
Group: Development/Libraries
|
||||
Source: http://libvirt.org/sources/libvirt-%{version}.tar.gz
|
||||
@ -137,6 +137,8 @@ Patch31: libvirt-fix-xen-driver-segfault-with-newer-xen.patch
|
||||
# Fix qemu-kvm version detection so GSO is enabled
|
||||
Patch32: libvirt-0.6.2-refactor-qemu-version-parsing.patch
|
||||
Patch33: libvirt-0.6.2-detect-newer-qemu-kvm-versions.patch
|
||||
# Ignore re-labelling errors on NFS (#517157)
|
||||
Patch34: libvirt-fix-selinux-problem-with-images-on-nfs.patch
|
||||
|
||||
# Not for upstream. Temporary hack till PulseAudio autostart
|
||||
# problems are sorted out when SELinux enforcing
|
||||
@ -322,6 +324,7 @@ of recent versions of Linux (and other OSes).
|
||||
%patch31 -p1
|
||||
%patch32 -p1
|
||||
%patch33 -p1
|
||||
%patch34 -p1
|
||||
|
||||
%patch200 -p1
|
||||
|
||||
@ -645,6 +648,9 @@ fi
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Mon Oct 19 2009 Mark McLoughlin <markmc@redhat.com> - 0.6.2-19
|
||||
- Ignore re-labelling errors on NFS (#517157)
|
||||
|
||||
* Wed Sep 30 2009 Mark McLoughlin <markmc@redhat.com> - 0.6.2-18
|
||||
- Fix qemu-kvm version detection so GSO is enabled for virtio_net (#526472)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user