From dc0cb0e91a6551f465708b5e8b4d381c5f2e15de Mon Sep 17 00:00:00 2001 From: Mark McLoughlin Date: Jul 03 2009 09:57:08 +0000 Subject: * Fri Jul 3 2009 Mark McLoughlin - 0.6.4-3.fc12 - Handle shared/readonly image labelling (bug #493692) - Don't unnecessarily try to change a file context (bug #507555) - Don't try to label a disk with no path (e.g. empty cdrom) (bug #499569) --- diff --git a/libvirt-0.6.4-do-not-unnecessarily-try-to-change-a-file-context.patch b/libvirt-0.6.4-do-not-unnecessarily-try-to-change-a-file-context.patch new file mode 100644 index 0000000..4669460 --- /dev/null +++ b/libvirt-0.6.4-do-not-unnecessarily-try-to-change-a-file-context.patch @@ -0,0 +1,47 @@ +From ae4523336ac06e3ff7cc7b416fad9e57998c6b54 Mon Sep 17 00:00:00 2001 +From: Tim Waugh +Date: Fri, 3 Jul 2009 10:29:01 +0100 +Subject: [PATCH 2/3] Don't unnecessarily try to change a file context + +As pointed out by Tim Waugh here: + + https://bugzilla.redhat.com/507555 + +We shouldn't bother trying to set the context of a file if it already +matches what we want. + +(Fixed to use STREQ() and not use tabs, as pointed out by danpb) + +Signed-off-by: Mark McLoughlin +--- + src/security_selinux.c | 11 ++++++++++- + 1 files changed, 10 insertions(+), 1 deletions(-) + +diff --git a/src/security_selinux.c b/src/security_selinux.c +index db1c27d..c2015a1 100644 +--- a/src/security_selinux.c ++++ b/src/security_selinux.c +@@ -280,10 +280,19 @@ static int + SELinuxSetFilecon(virConnectPtr conn, const char *path, char *tcon) + { + char ebuf[1024]; ++ security_context_t econ; + + VIR_INFO("Setting SELinux context on '%s' to '%s'", path, tcon); + +- if(setfilecon(path, tcon) < 0) { ++ if (setfilecon(path, tcon) < 0) { ++ if (getfilecon(path, &econ) >= 0) { ++ if (STREQ(tcon, econ)) { ++ freecon(econ); ++ /* It's alright, there's nothing to change anyway. */ ++ return 0; ++ } ++ freecon(econ); ++ } + virSecurityReportError(conn, VIR_ERR_ERROR, + _("%s: unable to set security context " + "'\%s\' on %s: %s."), __func__, +-- +1.6.2.5 + diff --git a/libvirt-0.6.4-fix-nosource-label.patch b/libvirt-0.6.4-fix-nosource-label.patch new file mode 100644 index 0000000..997559b --- /dev/null +++ b/libvirt-0.6.4-fix-nosource-label.patch @@ -0,0 +1,35 @@ +From 06f607a9c5cfd50433ae27cc7729c31f81d87f19 Mon Sep 17 00:00:00 2001 +From: Cole Robinson +Date: Fri, 3 Jul 2009 10:40:55 +0100 +Subject: [PATCH 3/3] Skip labelling if no src path present + +Fixes startup of guest's with sourceless cdrom devices. + +Patch originall posted here: + + https://bugzilla.redhat.com/499569 + +but never sent upstream. + +Signed-off-by: Mark McLoughlin +--- + src/security_selinux.c | 3 +++ + 1 files changed, 3 insertions(+), 0 deletions(-) + +diff --git a/src/security_selinux.c b/src/security_selinux.c +index c2015a1..eb8d308 100644 +--- a/src/security_selinux.c ++++ b/src/security_selinux.c +@@ -342,6 +342,9 @@ SELinuxSetSecurityImageLabel(virConnectPtr conn, + { + const virSecurityLabelDefPtr secdef = &vm->def->seclabel; + ++ if (!disk->src) ++ return 0; ++ + if (disk->shared) { + return SELinuxSetFilecon(conn, disk->src, default_image_context); + } else if (disk->readonly) { +-- +1.6.2.5 + diff --git a/libvirt-0.6.4-shared-readonly-label.patch b/libvirt-0.6.4-shared-readonly-label.patch new file mode 100644 index 0000000..688c549 --- /dev/null +++ b/libvirt-0.6.4-shared-readonly-label.patch @@ -0,0 +1,97 @@ +From e700e17c3989d32e04ef98c63ac9b9414fefb366 Mon Sep 17 00:00:00 2001 +From: Daniel P. Berrange +Date: Fri, 3 Jul 2009 10:24:50 +0100 +Subject: [PATCH 1/3] Re-label shared and readonly images + +This patch was posted ages ago here: + + https://bugzilla.redhat.com/493692 + +But was never posted upstream AFAICT. + +Signed-off-by: Mark McLoughlin +--- + src/security_selinux.c | 27 +++++++++++++++++---------- + 1 files changed, 17 insertions(+), 10 deletions(-) + +diff --git a/src/security_selinux.c b/src/security_selinux.c +index ac317d7..db1c27d 100644 +--- a/src/security_selinux.c ++++ b/src/security_selinux.c +@@ -24,11 +24,12 @@ + #include "virterror_internal.h" + #include "util.h" + #include "memory.h" +- ++#include "logging.h" + + #define VIR_FROM_THIS VIR_FROM_SECURITY + + static char default_domain_context[1024]; ++static char default_content_context[1024]; + static char default_image_context[1024]; + #define SECURITY_SELINUX_VOID_DOI "0" + #define SECURITY_SELINUX_NAME "selinux" +@@ -148,8 +149,13 @@ SELinuxInitialize(virConnectPtr conn) + close(fd); + + ptr = strchrnul(default_image_context, '\n'); +- *ptr = '\0'; +- ++ if (*ptr == '\n') { ++ *ptr = '\0'; ++ strcpy(default_content_context, ptr+1); ++ ptr = strchrnul(default_content_context, '\n'); ++ if (*ptr == '\n') ++ *ptr = '\0'; ++ } + return 0; + } + +@@ -275,6 +281,8 @@ SELinuxSetFilecon(virConnectPtr conn, const char *path, char *tcon) + { + char ebuf[1024]; + ++ VIR_INFO("Setting SELinux context on '%s' to '%s'", path, tcon); ++ + if(setfilecon(path, tcon) < 0) { + virSecurityReportError(conn, VIR_ERR_ERROR, + _("%s: unable to set security context " +@@ -299,9 +307,6 @@ SELinuxRestoreSecurityImageLabel(virConnectPtr conn, + char *newpath = NULL; + const char *path = disk->src; + +- if (disk->readonly || disk->shared) +- return 0; +- + if ((err = virFileResolveLink(path, &newpath)) < 0) { + virReportSystemError(conn, err, + _("cannot resolve symlink %s"), path); +@@ -328,8 +333,13 @@ SELinuxSetSecurityImageLabel(virConnectPtr conn, + { + const virSecurityLabelDefPtr secdef = &vm->def->seclabel; + +- if (secdef->imagelabel) ++ if (disk->shared) { ++ return SELinuxSetFilecon(conn, disk->src, default_image_context); ++ } else if (disk->readonly) { ++ return SELinuxSetFilecon(conn, disk->src, default_content_context); ++ } else if (secdef->imagelabel) { + return SELinuxSetFilecon(conn, disk->src, secdef->imagelabel); ++ } + + return 0; + } +@@ -403,9 +413,6 @@ SELinuxSetSecurityLabel(virConnectPtr conn, + + if (secdef->imagelabel) { + for (i = 0 ; i < vm->def->ndisks ; i++) { +- if (vm->def->disks[i]->readonly || +- vm->def->disks[i]->shared) continue; +- + if (SELinuxSetSecurityImageLabel(conn, vm, vm->def->disks[i]) < 0) + return -1; + } +-- +1.6.2.5 + diff --git a/libvirt.spec b/libvirt.spec index b027634..4b8eea4 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -55,14 +55,17 @@ Summary: Library providing a simple API virtualization Name: libvirt Version: 0.6.4 -Release: 2%{?dist}%{?extra_release} +Release: 3%{?dist}%{?extra_release} License: LGPLv2+ Group: Development/Libraries Source: libvirt-%{version}.tar.gz -# Patches cherry-picked from upstream - -# Patches not for upstream. +# Handle shared/readonly image labelling (bug #493692) +Patch1: libvirt-0.6.4-shared-readonly-label.patch +# Don't unnecessarily try to change a file context (bug #507555) +Patch2: libvirt-0.6.4-do-not-unnecessarily-try-to-change-a-file-context.patch +# Don't try to label a disk with no path (e.g. empty cdrom) (bug #499569) +Patch3: libvirt-0.6.4-fix-nosource-label.patch # Temporary hack till PulseAudio autostart problems are sorted # out when SELinux enforcing (bz 486112) @@ -214,6 +217,10 @@ of recent versions of Linux (and other OSes). %prep %setup -q +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 + %patch200 -p0 mv NEWS NEWS.old @@ -543,6 +550,11 @@ fi %endif %changelog +* Fri Jul 3 2009 Mark McLoughlin - 0.6.4-3.fc12 +- Handle shared/readonly image labelling (bug #493692) +- Don't unnecessarily try to change a file context (bug #507555) +- Don't try to label a disk with no path (e.g. empty cdrom) (bug #499569) + * Fri Jun 5 2009 Mark McLoughlin - 0.6.4-2.fc12 - Remove the qemu BuildRequires