Treat failure to relabel stdin_path as non-fatal on NFS

NFS does not support file labelling, so ignore this error for stdin_path when on NFS. * src/security/security_selinux.c: Ignore failures on labelling stdin_path on NFS * src/util/storage_file.c, src/util/storage_file.h: Refine virStorageFileIsSharedFS() to allow it to check for a specific FS type.

Treat failure to relabel stdin_path as non-fatal on NFS
NFS does not support file labelling, so ignore this error for stdin_path when on NFS. * src/security/security_selinux.c: Ignore failures on labelling stdin_path on NFS * src/util/storage_file.c, src/util/storage_file.h: Refine virStorageFileIsSharedFS() to allow it to check for a specific FS type.
93a18bba · Daniel P. Berrange · a51ccaf8 · 93a18bba · 93a18bba · 93a18bba
4 changed file
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -689,6 +689,7 @@ virStorageFileFormatTypeToString;
 virStorageFileGetMetadata;
 virStorageFileGetMetadataFromFD;
 virStorageFileIsSharedFS;
+virStorageFileIsSharedFSType;
 virStorageFileProbeFormat;
 virStorageFileProbeFormatFromFD;

--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1023,9 +1023,12 @@ SELinuxSetSecurityAllLabel(virSecurityDriverPtr drv,
        SELinuxSetFilecon(vm->def->os.initrd, default_content_context) < 0)
        return -1;
-    if (stdin_path &&
+    if (stdin_path) {
-        SELinuxSetFilecon(stdin_path, default_content_context) < 0)
+        if (SELinuxSetFilecon(stdin_path, default_content_context) < 0 &&
+            virStorageFileIsSharedFSType(stdin_path,
+                                         VIR_STORAGE_FILE_SHFS_NFS) != 1)
            return -1;
+    }
    return 0;
 }

--- a/src/util/storage_file.c
+++ b/src/util/storage_file.c
@@ -804,7 +804,8 @@ virStorageFileGetMetadata(const char *path,
 # endif
-int virStorageFileIsSharedFS(const char *path)
+int virStorageFileIsSharedFSType(const char *path,
+                                 int fstypes)
 {
    char *dirpath, *p;
    struct statfs sb;
@@ -853,19 +854,36 @@ int virStorageFileIsSharedFS(const char *path)
    VIR_DEBUG("Check if path %s with FS magic %lld is shared",
              path, (long long int)sb.f_type);
-    if (sb.f_type == NFS_SUPER_MAGIC ||
+    if ((fstypes & VIR_STORAGE_FILE_SHFS_NFS) &&
-        sb.f_type == GFS2_MAGIC ||
+        (sb.f_type == NFS_SUPER_MAGIC))
-        sb.f_type == OCFS2_SUPER_MAGIC ||
+        return 1;
-        sb.f_type == AFS_FS_MAGIC) {
+    if ((fstypes & VIR_STORAGE_FILE_SHFS_GFS2) &&
+        (sb.f_type == GFS2_MAGIC))
+        return 1;
+    if ((fstypes & VIR_STORAGE_FILE_SHFS_OCFS) &&
+        (sb.f_type == OCFS2_SUPER_MAGIC))
+        return 1;
+    if ((fstypes & VIR_STORAGE_FILE_SHFS_AFS) &&
+        (sb.f_type == AFS_FS_MAGIC))
        return 1;
-    }
    return 0;
 }
 #else
-int virStorageFileIsSharedFS(const char *path ATTRIBUTE_UNUSED)
+int virStorageFileIsSharedFSType(const char *path ATTRIBUTE_UNUSED,
+                                 int fstypes ATTRIBUTE_UNUSED)
 {
    /* XXX implement me :-) */
    return 0;
 }
 #endif
+int virStorageFileIsSharedFS(const char *path)
+{
+    return virStorageFileIsSharedFSType(path,
+                                        VIR_STORAGE_FILE_SHFS_NFS |
+                                        VIR_STORAGE_FILE_SHFS_GFS2 |
+                                        VIR_STORAGE_FILE_SHFS_OCFS |
+                                        VIR_STORAGE_FILE_SHFS_AFS);
+}
--- a/src/util/storage_file.h
+++ b/src/util/storage_file.h
@@ -68,6 +68,15 @@ int virStorageFileGetMetadataFromFD(const char *path,
                                    int format,
                                    virStorageFileMetadata *meta);
+enum {
+    VIR_STORAGE_FILE_SHFS_NFS = (1 << 0),
+    VIR_STORAGE_FILE_SHFS_GFS2 = (1 << 1),
+    VIR_STORAGE_FILE_SHFS_OCFS = (1 << 2),
+    VIR_STORAGE_FILE_SHFS_AFS = (1 << 3),
+};
 int virStorageFileIsSharedFS(const char *path);
+int virStorageFileIsSharedFSType(const char *path,
+                                 int fstypes);
 #endif /* __VIR_STORAGE_FILE_H__ */