mirrors/libguestfs
1
0
Fork 0
mirror of https://github.com/libguestfs/libguestfs.git synced 2026-03-22 07:03:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove internal libvirt_setlinux* APIs and use backend settings instead.

Browse Source 
This removes the internal APIs internal_set_libvirt_selinux_label and
internal_set_libvirt_selinux_norelabel_disks.  The communication
between the libvirt domain and the backend now uses the backend
settings.
This commit is contained in:
Richard W.M. Jones
2014-03-31 12:56:28 +01:00
parent 5d4e4e7eca
commit 7e39cd4600
5 changed files with 14 additions and 82 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
generator/actions.ml
View File

@@ -2970,29 +2970,6 @@ the default. Else C</var/tmp> is the default." };
longdesc = "\
Get the directory used by the handle to store the appliance cache." };
{ defaults with
name = "internal_set_libvirt_selinux_label";
style = RErr, [String "label"; String "imagelabel"], [];
blocking = false;
visibility = VInternal;
shortdesc = "set SELinux label used by the libvirt backend";
longdesc = "\
This internal function sets the SELinux security label (in
reality, two labels: the process label and the image label)
used by the appliance when the libvirt backend is selected
(it is ignored by other backends)." };
{ defaults with
name = "internal_set_libvirt_selinux_norelabel_disks";
style = RErr, [Bool "norelabeldisks"], [];
blocking = false;
visibility = VInternal;
shortdesc = "tell libvirt backend not to relabel disks";
longdesc = "\
This internal function adds E<lt>seclabel model=selinux relabel=noE<gt>
to all application disks. It is only used by the libvirt backend
and is ignored by other backends." };
{ defaults with
name = "user_cancel";
style = RErr, [], [];

8
src/guestfs-internal.h
View File

@@ -300,14 +300,6 @@ struct backend_ops {
/* Hotplugging drives. */
int (*hot_add_drive) (guestfs_h *g, void *data, struct drive *drv, size_t drv_index);
int (*hot_remove_drive) (guestfs_h *g, void *data, struct drive *drv, size_t drv_index);
/* These are a hack used to communicate between guestfs_add_domain and
* the libvirt backend. We will probably remove these in a future
* version once we can find a better way to pass this information
* around.
*/
int (*set_libvirt_selinux_label) (guestfs_h *g, void *data, const char *label, const char *imagelabel);
int (*set_libvirt_selinux_norelabel_disks) (guestfs_h *g, void *data, int flag);
};
/* Connection module. A 'connection' represents the appliance console

34
src/launch-libvirt.c
View File

@@ -317,6 +317,16 @@ launch_libvirt (guestfs_h *g, void *datav, const char *libvirt_uri)
if (parse_capabilities (g, capabilities_xml, data) == -1)
goto cleanup;
/* Misc backend settings. */
guestfs_push_error_handler (g, NULL, NULL);
data->selinux_label =
guestfs_get_backend_setting (g, "internal_libvirt_label");
data->selinux_imagelabel =
guestfs_get_backend_setting (g, "internal_libvirt_imagelabel");
data->selinux_norelabel_disks =
guestfs___get_backend_setting_bool (g, "internal_libvirt_norelabel_disks");
guestfs_pop_error_handler (g);
/* Locate and/or build the appliance. */
TRACE0 (launch_build_libvirt_appliance_start);
@@ -1883,28 +1893,6 @@ construct_libvirt_xml_hot_add_disk (guestfs_h *g,
return ret;
}
static int
set_libvirt_selinux_label (guestfs_h *g, void *datav,
const char *label, const char *imagelabel)
{
struct backend_libvirt_data *data = datav;
free (data->selinux_label);
data->selinux_label = safe_strdup (g, label);
free (data->selinux_imagelabel);
data->selinux_imagelabel = safe_strdup (g, imagelabel);
return 0;
}
static int
set_libvirt_selinux_norelabel_disks (guestfs_h *g, void *datav, int flag)
{
struct backend_libvirt_data *data = datav;
data->selinux_norelabel_disks = flag;
return 0;
}
static struct backend_ops backend_libvirt_ops = {
.data_size = sizeof (struct backend_libvirt_data),
.create_cow_overlay = create_cow_overlay_libvirt,
@@ -1913,8 +1901,6 @@ static struct backend_ops backend_libvirt_ops = {
.max_disks = max_disks_libvirt,
.hot_add_drive = hot_add_drive_libvirt,
.hot_remove_drive = hot_remove_drive_libvirt,
.set_libvirt_selinux_label = set_libvirt_selinux_label,
.set_libvirt_selinux_norelabel_disks = set_libvirt_selinux_norelabel_disks,
};
static void init_backend (void) __attribute__((constructor));

24
src/launch.c
View File

@@ -191,30 +191,6 @@ guestfs__max_disks (guestfs_h *g)
return g->backend_ops->max_disks (g, g->backend_data);
}
int
guestfs__internal_set_libvirt_selinux_label (guestfs_h *g, const char *label,
const char *imagelabel)
{
if (g->backend_ops->set_libvirt_selinux_label == NULL)
/* Not an error, just ignore it. */
return 0;
return g->backend_ops->set_libvirt_selinux_label (g, g->backend_data,
label, imagelabel);
}
int
guestfs__internal_set_libvirt_selinux_norelabel_disks (guestfs_h *g, int flag)
{
if (g->backend_ops->set_libvirt_selinux_norelabel_disks == NULL)
/* Not an error, just ignore it. */
return 0;
return g->backend_ops->set_libvirt_selinux_norelabel_disks (g,
g->backend_data,
flag);
}
/* You had to call this function after launch in versions <= 1.0.70,
* but it is now a no-op.
*/

7
src/libvirt-domain.c
View File

@@ -266,11 +266,12 @@ guestfs___add_libvirt_dom (guestfs_h *g, virDomainPtr dom,
if (libvirt_selinux_label (g, doc, &label, &imagelabel) == -1)
return -1;
if (label && imagelabel) {
guestfs_internal_set_libvirt_selinux_label (g, label, imagelabel);
guestfs_internal_set_libvirt_selinux_norelabel_disks (g, 1);
guestfs_set_backend_setting (g, "internal_libvirt_label", label);
guestfs_set_backend_setting (g, "internal_libvirt_imagelabel", imagelabel);
guestfs_set_backend_setting (g, "internal_libvirt_norelabel_disks", "1");
}
else
guestfs_internal_set_libvirt_selinux_norelabel_disks (g, 0);
guestfs_clear_backend_setting (g, "internal_libvirt_norelabel_disks");
/* Add the disks. */
data.optargs.bitmask = 0;