Don't use O_TRUNC when opening QEMU logfiles

SELinux wants all log files opened with O_APPEND. When
running non-root though, libvirtd likes to use O_TRUNC
to avoid log files growing in size indefinitely. Instead
of using O_TRUNC though, we can use O_APPEND and then
call ftruncate() which keeps SELinux happier.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 2990fffd75c5529dd70fa60bcb593a0c3c5e8d44..17ae3b9297bd03e7532ff575d43d681bd84521c6 100644 (file)
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -1446,12 +1446,22 @@ qemuDomainOpenLogHelper(struct qemud_driver *driver,
 {
     char *logfile;
     int fd = -1;
+    bool trunc = false;
 
     if (virAsprintf(&logfile, "%s/%s.log", driver->logDir, vm->def->name) < 0) {
         virReportOOMError();
         return -1;
     }
 
+    /* To make SELinux happy we always need to open in append mode.
+     * So we fake O_TRUNC by calling ftruncate after open instead
+     */
+    if (oflags & O_TRUNC) {
+        oflags &= ~O_TRUNC;
+        oflags |= O_APPEND;
+        trunc = true;
+    }
+
     if ((fd = open(logfile, oflags, mode)) < 0) {
         virReportSystemError(errno, _("failed to create logfile %s"),
                              logfile);
@@ -1463,6 +1473,13 @@ qemuDomainOpenLogHelper(struct qemud_driver *driver,
         VIR_FORCE_CLOSE(fd);
         goto cleanup;
     }
+    if (trunc &&
+        ftruncate(fd, 0) < 0) {
+        virReportSystemError(errno, _("failed to truncate %s"),
+                             logfile);
+        VIR_FORCE_CLOSE(fd);
+        goto cleanup;
+    }
 
 cleanup:
     VIR_FREE(logfile);