|
 |
a30de4 |
From bf7dba21337b2671f877f4e37e5eb031b26fc6e2 Mon Sep 17 00:00:00 2001
|
|
|
a30de4 |
From: "Richard W.M. Jones" <rjones@redhat.com>
|
|
|
a30de4 |
Date: Tue, 17 Oct 2017 10:43:30 +0100
|
|
|
a30de4 |
Subject: [PATCH] v2v: vddk: Check if nbdkit supports --selinux-label before
|
|
|
a30de4 |
using.
|
|
|
a30de4 |
|
|
|
a30de4 |
Give a better error message if not.
|
|
|
a30de4 |
|
|
|
a30de4 |
Thanks: Ming Xie.
|
|
|
a30de4 |
(cherry picked from commit 59b4c4779f7dac645c794393d91c46467afab91c)
|
|
|
a30de4 |
---
|
|
|
a30de4 |
v2v/input_libvirt_vddk.ml | 16 ++++++++++++++++
|
|
|
a30de4 |
1 file changed, 16 insertions(+)
|
|
|
a30de4 |
|
|
|
a30de4 |
diff --git a/v2v/input_libvirt_vddk.ml b/v2v/input_libvirt_vddk.ml
|
|
|
a30de4 |
index b322a9c49..f0b150efa 100644
|
|
|
a30de4 |
--- a/v2v/input_libvirt_vddk.ml
|
|
|
a30de4 |
+++ b/v2v/input_libvirt_vddk.ml
|
|
|
a30de4 |
@@ -101,6 +101,20 @@ See also \"INPUT FROM VDDK\" in the virt-v2v(1) manual.") library_path
|
|
|
a30de4 |
error (f_"You must pass the ‘--vddk-thumbprint’ option with the SSL thumbprint of the VMware server. To find the thumbprint, see the nbdkit-vddk-plugin(1) manual. See also \"INPUT FROM VDDK\" in the virt-v2v(1) manual.")
|
|
|
a30de4 |
in
|
|
|
a30de4 |
|
|
|
a30de4 |
+ (* Check that nbdkit was compiled with SELinux support (for the
|
|
|
a30de4 |
+ * --selinux-label option).
|
|
|
a30de4 |
+ *)
|
|
|
a30de4 |
+ let error_unless_nbdkit_compiled_with_selinux () =
|
|
|
a30de4 |
+ let lines = external_command "nbdkit --dump-config" in
|
|
|
a30de4 |
+ (* In nbdkit <= 1.1.15 the selinux attribute was not present
|
|
|
a30de4 |
+ * at all in --dump-config output so there was no way to tell.
|
|
|
a30de4 |
+ * Ignore this case because there will be an error later when
|
|
|
a30de4 |
+ * we try to use the --selinux-label parameter.
|
|
|
a30de4 |
+ *)
|
|
|
a30de4 |
+ if List.mem "selinux=no" (List.map String.trim lines) then
|
|
|
a30de4 |
+ error (f_"nbdkit was compiled without SELinux support. You will have to recompile nbdkit with libselinux-devel installed, or else set SELinux to Permissive mode while doing the conversion.")
|
|
|
a30de4 |
+ in
|
|
|
a30de4 |
+
|
|
|
a30de4 |
(* List of passthrough parameters. *)
|
|
|
a30de4 |
let vddk_passthrus =
|
|
|
a30de4 |
[ "config", (fun { vddk_config } -> vddk_config);
|
|
|
a30de4 |
@@ -135,6 +149,8 @@ object
|
|
|
a30de4 |
error_unless_nbdkit_working ();
|
|
|
a30de4 |
error_unless_nbdkit_vddk_working ();
|
|
|
a30de4 |
error_unless_thumbprint ();
|
|
|
a30de4 |
+ if have_selinux then
|
|
|
a30de4 |
+ error_unless_nbdkit_compiled_with_selinux ();
|
|
|
a30de4 |
|
|
|
a30de4 |
(* Get the libvirt XML. This also checks (as a side-effect)
|
|
|
a30de4 |
* that the domain is not running. (RHBZ#1138586)
|
|
|
a30de4 |
--
|
|
|
a30de4 |
2.14.3
|
|
|
a30de4 |
|