selinux: Don't fail RestoreAll if file doesn't have a default label

When restoring selinux labels after a VM is stopped, any non-standard
path that doesn't have a default selinux label causes the process
to stop and exit early. This isn't really an error condition IMO.

Of course the selinux API could be erroring for some other reason
but hopefully that's rare enough to not need explicit handling.

Common example here is storing disk images in a non-standard location
like under /mnt.
(cherry picked from commit 767be8be7226abe9a242c812ba5ff28108d2955c)

diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index 58ad8fb96bed643586743c085248a567e8f4f6af..3157e83b1a63305b47a5b410994c7c0605a768d3 100644 (file)
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -936,7 +936,11 @@ virSecuritySELinuxRestoreSecurityFileLabel(const char *path)
     }
 
     if (getContext(newpath, buf.st_mode, &fcon) < 0) {
+        /* Any user created path likely does not have a default label,
+         * which makes this an expected non error
+         */
         VIR_WARN("cannot lookup default selinux label for %s", newpath);
+        rc = 0;
     } else {
         rc = virSecuritySELinuxSetFilecon(newpath, fcon);
     }