rpms / libvirt

Clone
Source Code
GIT

Blame SOURCES/libvirt-Generate-a-valid-imagelabel-even-for-type-none.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-rhel c8-sig-altarch-stream-rhel c8-stream-rhel c8s-sig-hyperscale c8s-stream-rhel c9 c9-beta c9s-sig-hyperscale
  1.   4fec1bf2c43bdacf4ea13e04f4a222de53798958
  2.   SOURCES
  3.   libvirt-Generate-a-valid-imagelabel-even-for-type-none.patch
Blob History Raw
c401cc 
From 3d6cdba1b10216981cb7c48ddbe8f045cdd5110b Mon Sep 17 00:00:00 2001
c401cc 
Message-Id: <3d6cdba1b10216981cb7c48ddbe8f045cdd5110b@dist-git>
c401cc 
From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
c401cc 
Date: Wed, 5 Feb 2014 20:17:42 +0100
c401cc 
Subject: [PATCH] Generate a valid imagelabel even for type 'none'
c401cc
c401cc 
https://bugzilla.redhat.com/show_bug.cgi?id=1061657
c401cc
c401cc 
Commit 2ce63c1 added imagelabel generation when relabeling is turned
c401cc 
off. But we weren't filling out the sensitivity for type 'none' labels,
c401cc 
resulting in an invalid label:
c401cc
c401cc 
$ virsh managedsave domain
c401cc 
error: unable to set security context 'system_u:object_r:svirt_image_t'
c401cc 
on fd 28: Invalid argument
c401cc
c401cc 
(cherry picked from commit 0db9b0883c23d6c60ebca3f91f1f5ba4f8bd0587)
c401cc
c401cc 
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
c401cc 
---
c401cc 
 src/security/security_selinux.c | 9 ++++++++-
c401cc 
 1 file changed, 8 insertions(+), 1 deletion(-)
c401cc
c401cc 
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
c401cc 
index 29520ad..ba008ca 100644
c401cc 
--- a/src/security/security_selinux.c
c401cc 
+++ b/src/security/security_selinux.c
c401cc 
@@ -673,7 +673,14 @@ virSecuritySELinuxGenSecurityLabel(virSecurityManagerPtr mgr,
c401cc 
         break;
c401cc
c401cc 
     case VIR_DOMAIN_SECLABEL_NONE:
c401cc 
-        /* no op */
c401cc 
+        if (virSecuritySELinuxMCSGetProcessRange(&sens,
c401cc 
+                                                 &catMin,
c401cc 
+                                                 &catMax) < 0)
c401cc 
+            goto cleanup;
c401cc 
+
c401cc 
+        if (VIR_STRDUP(mcs, sens) < 0)
c401cc 
+            goto cleanup;
c401cc 
+
c401cc 
         break;
c401cc
c401cc 
     default:
c401cc 
--
c401cc 
1.8.5.4
c401cc

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation