Bug 814933
Summary: | emacs cannot edit files with selinux contexts mounted using guestmount | ||
---|---|---|---|
Product: | [Community] Virtualization Tools | Reporter: | Richard W.M. Jones <rjones> |
Component: | libguestfs | Assignee: | Richard W.M. Jones <rjones> |
Status: | CLOSED DUPLICATE | QA Contact: | |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | unspecified | CC: | dyasny, mbooth, virt-maint |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2012-04-21 14:54:28 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Richard W.M. Jones
2012-04-21 11:39:51 UTC
lsetfilecon is a library function in selinux: int lsetfilecon_raw(const char *path, const security_context_t context) { return lsetxattr(path, XATTR_NAME_SELINUX, context, strlen(context) + 1, 0); } int lsetfilecon(const char *path, const security_context_t context) { int ret; security_context_t rcontext; if (selinux_trans_to_raw_context(context, &rcontext)) return -1; ret = lsetfilecon_raw(path, rcontext); freecon(rcontext); return ret; } strace confirms this: chmod("/tmp/mnt/etc/shadow", 0200) = 0 lgetxattr("/tmp/mnt/etc/shadow", "security.selinux", "system_u:object_r:fusefs_t:s0", 255) = 30 lsetxattr("/tmp/mnt/etc/shadow", "security.selinux", "system_u:object_r:fusefs_t:s0", 30, 0) = -1 EOPNOTSUPP (Operation not supported) So it's more accurate to say that 'lsetxattr' doesn't work in guestmount. We do implement this in guestmount, so it's not entirely clear why it doesn't work / isn't being called. *** This bug has been marked as a duplicate of bug 691389 *** |