Douglas Schilling Landgraf has uploaded a new change for review. Change subject: persist: use restorecon after persist ......................................................................
persist: use restorecon after persist shutil module doesn't provide method to copy objects keeping selinux context. This patch adds restorecon call after the persist. Change-Id: I50965ea67cfc6aa2c9c108a14e7c0c1607b287ad Signed-off-by: Douglas Schilling Landgraf <[email protected]> --- M src/ovirt/node/utils/fs/__init__.py M src/ovirt/node/utils/security.py 2 files changed, 13 insertions(+), 0 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-node refs/changes/27/32727/1 diff --git a/src/ovirt/node/utils/fs/__init__.py b/src/ovirt/node/utils/fs/__init__.py index fe2c2c6..376dd97 100644 --- a/src/ovirt/node/utils/fs/__init__.py +++ b/src/ovirt/node/utils/fs/__init__.py @@ -30,6 +30,8 @@ import StringIO import re +from ovirt.node import utils + from . import mount from .. import process, parse_varfile from ... import base, log @@ -415,6 +417,8 @@ self._logger.error('Failed to persist "%s"', path) return -1 + utils.security.Selinux().restorecon(abspath) + def _persist_dir(self, abspath): """Persist directory and bind mount it back to its current location """ diff --git a/src/ovirt/node/utils/security.py b/src/ovirt/node/utils/security.py index 6fceda0..946913b 100644 --- a/src/ovirt/node/utils/security.py +++ b/src/ovirt/node/utils/security.py @@ -26,6 +26,7 @@ import hashlib import os.path import process +import selinux """ Some convenience functions related to security @@ -98,6 +99,14 @@ opasswd.set_password(password, username) +class Selinux(base.Base): + def restorecon(self, abspath): + try: + selinux.restorecon(abspath) + except OSError: + self._logger.debug('No default label: "%s"', abspath) + + class Ssh(base.Base): def __init__(self): super(Ssh, self).__init__() -- To view, visit http://gerrit.ovirt.org/32727 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I50965ea67cfc6aa2c9c108a14e7c0c1607b287ad Gerrit-PatchSet: 1 Gerrit-Project: ovirt-node Gerrit-Branch: master Gerrit-Owner: Douglas Schilling Landgraf <[email protected]> _______________________________________________ node-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/node-patches
