Don't restore labels on shared/readonly disks

* src/security_selinux.c: Skip relabelling of shared/readonly
  disks upon shutdown, since this breaks other VMs still active
  using those disks

diff --git a/src/security_selinux.c b/src/security_selinux.c
index 80c1c855b954d8c22dae2f2c85b08e287b07340e..0db9f49dd8bb283cb1961010195267d99542e8a4 100644 (file)
--- a/src/security_selinux.c
+++ b/src/security_selinux.c
@@ -354,6 +354,17 @@ SELinuxRestoreSecurityImageLabel(virConnectPtr conn,
     char *newpath = NULL;
     const char *path = disk->src;
 
+    /* Don't restore labels on readoly/shared disks, because
+     * other VMs may still be accessing these
+     * Alternatively we could iterate over all running
+     * domains and try to figure out if it is in use, but
+     * this would not work for clustered filesystems, since
+     * we can't see running VMs using the file on other nodes
+     * Safest bet is thus to skip the restore step.
+     */
+    if (disk->readonly || disk->shared)
+        return 0;
+
     if ((err = virFileResolveLink(path, &newpath)) < 0) {
         virReportSystemError(conn, err,
                              _("cannot resolve symlink %s"), path);