libvirt_recover_xattrs: Use only the correct xattr prefix

Linux and FreeBSD have different prefix. In the current state we've
tried to reset the labels for both systems which resulted in errors like
this:

Fixing /tmp/bitmaps2.qcow2
setfattr: /tmp/bitmaps2.qcow2: Operation not supported
setfattr: /tmp/bitmaps2.qcow2: Operation not supported
setfattr: /tmp/bitmaps2.qcow2: Operation not supported
setfattr: /tmp/bitmaps2.qcow2: Operation not supported
setfattr: /tmp/bitmaps2.qcow2: Operation not supported
setfattr: /tmp/bitmaps2.qcow2: Operation not supported

The 6 failed 'setfattrs' correspond to the wrong prefix.

Select the correct prefix based on the kernel name and modify the code
appropriately.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>

diff --git a/tools/libvirt_recover_xattrs.sh b/tools/libvirt_recover_xattrs.sh
index cb984977320b02fb260fffbde3adca6f1cc020d1..b7a8c05cf49c4a5c29bc5534df92e3eb917a6321 100755 (executable)
--- a/tools/libvirt_recover_xattrs.sh
+++ b/tools/libvirt_recover_xattrs.sh
@@ -29,11 +29,6 @@ DIR="/"
 URI=("qemu:///system"
      "lxc:///system")
 
-# On Linux we use 'trusted' namespace, on FreeBSD we use 'system'
-# as there is no 'trusted'.
-LIBVIRT_XATTR_PREFIXES=("trusted.libvirt.security"
-                        "system.libvirt.security")
-
 if [ $(whoami) != "root" ]; then
     die "Must be run as root"
 fi
@@ -62,6 +57,21 @@ if [ $# -gt 0 ]; then
     DIR=$1
 fi
 
+case $(uname -s) in
+    Linux)
+        XATTR_PREFIX="trusted.libvirt.security"
+        ;;
+
+    FreeBSD)
+        XATTR_PREFIX="system.libvirt.security"
+        ;;
+
+    *)
+        die "$0 is not supported on this platform"
+        ;;
+esac
+
+
 if [ ${DRY_RUN} -eq 0 ]; then
     for u in ${URI[*]} ; do
         if [ -n "`virsh -q -c $u list 2>/dev/null`" ]; then
@@ -73,24 +83,20 @@ fi
 
 declare -a XATTRS
 for i in "dac" "selinux"; do
-    for p in ${LIBVIRT_XATTR_PREFIXES[@]}; do
-        XATTRS+=("$p.$i" "$p.ref_$i" "$p.timestamp_$i")
-    done
+    XATTRS+=("$XATTR_PREFIX.$i" "$XATTR_PREFIX.ref_$i" "$XATTR_PREFIX.timestamp_$i")
 done
 
-for p in ${LIBVIRT_XATTR_PREFIXES[*]}; do
-    for i in $(getfattr -R -d -m ${p} --absolute-names ${DIR} 2>/dev/null | grep "^# file:" | cut -d':' -f 2); do
-        echo $i;
-        if [ ${DRY_RUN} -ne 0 ]; then
-            getfattr -d -m $p --absolute-names $i | grep -v "^# file:"
-            continue
-        fi
 
-        if [ ${QUIET} -eq 0 ]; then
-            echo "Fixing $i";
-        fi
-        for x in ${XATTRS[*]}; do
-            setfattr -x $x $i
-        done
+for i in $(getfattr -R -d -m ${XATTR_PREFIX} --absolute-names ${DIR} 2>/dev/null | grep "^# file:" | cut -d':' -f 2); do
+    if [ ${DRY_RUN} -ne 0 ]; then
+        getfattr -d -m $p --absolute-names $i | grep -v "^# file:"
+        continue
+    fi
+
+    if [ ${QUIET} -eq 0 ]; then
+        echo "Fixing $i";
+    fi
+    for x in ${XATTRS[*]}; do
+        setfattr -x $x $i
     done
 done