Ramesh N has uploaded a new change for review. Change subject: gluster: set selinux labels while creating bricks ......................................................................
gluster: set selinux labels while creating bricks brick should have correct selinux labels on the brick mount points. But it missing in the createBrick vdsm verb. This patch sets the correct selinux lables on brick mount point using 'restorecon' and 'semanage' commands Change-Id: I1ca5fec80831073643635875095b88c1c4c2132e Bug-Url: https://bugzilla.redhat.com/1368474 Signed-off-by: Ramesh Nachimuthu <rnach...@redhat.com> --- M lib/vdsm/gluster/exception.py M vdsm/gluster/storagedev.py 2 files changed, 40 insertions(+), 0 deletions(-) git pull ssh://gerrit.ovirt.org:29418/vdsm refs/changes/73/62773/1 diff --git a/lib/vdsm/gluster/exception.py b/lib/vdsm/gluster/exception.py index 43ad1da..2fad69e 100644 --- a/lib/vdsm/gluster/exception.py +++ b/lib/vdsm/gluster/exception.py @@ -479,6 +479,28 @@ message = "vgscan failed" +class GlusterHostFailedToSetSelinuxContext(GlusterHostException): + code = 4420 + + def __init__(self, brickMountPoint=None, rc=0, out=(), err=()): + self.rc = rc + self.out = out + self.err = err + self.message = "Failed to set selinux context on the brick : %s" \ + % (brickMountPoint) + + +class GlusterHostFailedToRunRestorecon(GlusterHostException): + code = 4421 + + def __init__(self, brickMountPoint=None, rc=0, out=(), err=()): + self.rc = rc + self.out = out + self.err = err + self.message = "Failed to run restorecon on the brick : %s" \ + % (brickMountPoint) + + # Hook class GlusterHookException(GlusterException): code = 4500 diff --git a/vdsm/gluster/storagedev.py b/vdsm/gluster/storagedev.py index 4b56b3c..5ddbb6b 100644 --- a/vdsm/gluster/storagedev.py +++ b/vdsm/gluster/storagedev.py @@ -54,6 +54,12 @@ _vgscanCommandPath = utils.CommandPath("vgscan", "/sbin/vgscan", "/usr/sbin/vgscan",) +_semanageCommandPath = utils.CommandPath("semanage", + "/sbin/semanage", + "/usr/sbin/semanage",) +_restoreconCommandPath = utils.CommandPath("restorecon", + "/sbin/restorecon", + "/usr/sbin/restorecon",) # All size are in MiB unless otherwise specified DEFAULT_CHUNK_SIZE_KB = 256 @@ -306,6 +312,18 @@ thinlv.format.setup(mountpoint=mountPoint) blivetEnv.doIt() + #Set correct selinux labels on the brick + rc, out, err = commands.execCmd([_semanageCommandPath.cmd, + 'fcontext', '-a', '-t', + 'glusterd_brick_t', mountPoint]) + if rc: + raise ge.GlusterHostFailedToSetSelinuxContext(mountPoint, rc, out, err) + + rc, out, err = commands.execCmd([_restoreconCommandPath.cmd, + '-Rv', mountPoint]) + if rc: + raise ge.GlusterHostFailedToRunRestorecon(mountPoint, rc, out, err) + # bz#1230495: lvm devices are invisible and appears only after vgscan # Workaround: Till the bz gets fixed, We use vgscan to refresh LVM devices rc, out, err = commands.execCmd([_vgscanCommandPath.cmd]) -- To view, visit https://gerrit.ovirt.org/62773 To unsubscribe, visit https://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I1ca5fec80831073643635875095b88c1c4c2132e Gerrit-PatchSet: 1 Gerrit-Project: vdsm Gerrit-Branch: master Gerrit-Owner: Ramesh N <rnach...@redhat.com> _______________________________________________ vdsm-patches mailing list vdsm-patches@lists.fedorahosted.org https://lists.fedorahosted.org/admin/lists/vdsm-patches@lists.fedorahosted.org
