forked from rpms/libvirt
46 lines
1.8 KiB
Diff
46 lines
1.8 KiB
Diff
|
From 4f9e2b4b36fda208d25acf4126abbf4fee37f0b5 Mon Sep 17 00:00:00 2001
|
||
|
Message-Id: <4f9e2b4b36fda208d25acf4126abbf4fee37f0b5@dist-git>
|
||
|
From: Michal Privoznik <mprivozn@redhat.com>
|
||
|
Date: Tue, 25 Feb 2020 11:24:52 +0100
|
||
|
Subject: [PATCH] security: Don't fail if locking a file on NFS mount fails
|
||
|
|
||
|
The way that our file locking works is that we open() the file we
|
||
|
want to lock and then use fcntl(fd, F_SETLKW, ...) to lock it.
|
||
|
The problem is, we are doing all of these as root which doesn't
|
||
|
work if the file lives on root squashed NFS, because if it does
|
||
|
then the open() fails. The way to resolve this is to make this a
|
||
|
non fatal error and leave callers deal with this (i.e. disable
|
||
|
remembering) - implemented in the previous commit.
|
||
|
|
||
|
https://bugzilla.redhat.com/show_bug.cgi?id=1804672
|
||
|
|
||
|
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||
|
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
|
||
|
(cherry picked from commit f16663d58f7aab6bf800fcffd34f83f522927897)
|
||
|
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||
|
Message-Id: <d3cb3d3214cf3e67bd357fa9781ce55f8dc8c751.1582626185.git.mprivozn@redhat.com>
|
||
|
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
|
||
|
---
|
||
|
src/security/security_manager.c | 5 +++++
|
||
|
1 file changed, 5 insertions(+)
|
||
|
|
||
|
diff --git a/src/security/security_manager.c b/src/security/security_manager.c
|
||
|
index 9d06316a99..23ed6a127c 100644
|
||
|
--- a/src/security/security_manager.c
|
||
|
+++ b/src/security/security_manager.c
|
||
|
@@ -1343,6 +1343,11 @@ virSecurityManagerMetadataLock(virSecurityManagerPtr mgr G_GNUC_UNUSED,
|
||
|
continue;
|
||
|
}
|
||
|
|
||
|
+ if (virFileIsSharedFS(p)) {
|
||
|
+ /* Probably a root squashed NFS. */
|
||
|
+ continue;
|
||
|
+ }
|
||
|
+
|
||
|
virReportSystemError(errno,
|
||
|
_("unable to open %s"),
|
||
|
p);
|
||
|
--
|
||
|
2.25.1
|
||
|
|