]> xenbits.xensource.com Git - libvirt.git/commit
projects / libvirt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1596199) | patch
security: Don't skip label restore on file systems lacking XATTRs
authorMichal Privoznik <mprivozn@redhat.com>
Tue, 15 Jan 2019 10:15:19 +0000 (11:15 +0100)
committerMichal Privoznik <mprivozn@redhat.com>
Wed, 3 Jul 2019 06:36:03 +0000 (08:36 +0200)
commit5214b2f1a3f06ac329424134979edde2bf988146
tree990fa2c70a01d11fa17b17792f9f93518289be21tree
parent1596199067013f4a57fdd2e40c80c6c3eaa778c8commit | diff
security: Don't skip label restore on file systems lacking XATTRs

The way that virSecurityDACRecallLabel is currently written is
that if XATTRs are not supported for given path to the caller
this is not different than if the path is still in use. The value
of 1 is returned which makes secdrivers skip label restore.
This is clearly a bug as we are not restoring labels on say NFS
even though previously we were.

Strictly speaking, changes to virSecurityDACRememberLabel are not
needed, but they are done anyway so that getter and setter behave
in the same fashion.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
src/security/security_dac.c diff | blob | blame | history
src/security/security_selinux.c diff | blob | blame | history
src/security/security_util.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.