From: Spencer Shimko <sshimko@tresys.com>
Date: Wed, 21 Apr 2010 17:44:43 +0000 (-0400)
Subject: qemu: fix security context references in DAC code
X-Git-Tag: v0.8.1~72
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c85c9b3a2654e11e91b7f7c0464aadc6ce52db3b;p=thirdparty%2Flibvirt.git

qemu: fix security context references in DAC code

* The error messages coming from qemu's DAC support contain strings
  from the original SELinux security driver code.  This just removes
  references to "security context" and other SELinux-isms from the DAC
  code.

Signed-off-by: Spencer Shimko <sshimko@tresys.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
---

diff --git a/src/qemu/qemu_security_dac.c b/src/qemu/qemu_security_dac.c
index 1883fbecd8..e408dbff52 100644
--- a/src/qemu/qemu_security_dac.c
+++ b/src/qemu/qemu_security_dac.c
@@ -37,7 +37,7 @@ void qemuSecurityDACSetDriver(struct qemud_driver *newdriver)
 static int
 qemuSecurityDACSetOwnership(const char *path, int uid, int gid)
 {
-    VIR_INFO("Setting DAC context on '%s' to '%d:%d'", path, uid, gid);
+    VIR_INFO("Setting DAC user and group on '%s' to '%d:%d'", path, uid, gid);
 
     if (chown(path, uid, gid) < 0) {
         struct stat sb;
@@ -51,24 +51,18 @@ qemuSecurityDACSetOwnership(const char *path, int uid, int gid)
             }
         }
 
-        /* if the error complaint is related to an image hosted on
-         * an nfs mount, or a usbfs/sysfs filesystem not supporting
-         * labelling, then just ignore it & hope for the best.
-         * The user hopefully set one of the necessary qemuSecurityDAC
-         * virt_use_{nfs,usb,pci}  boolean tunables to allow it...
-         */
         if (chown_errno == EOPNOTSUPP) {
-            VIR_INFO("Setting security context '%d:%d' on '%s' not supported by filesystem",
+            VIR_INFO("Setting user and group to '%d:%d' on '%s' not supported by filesystem",
                      uid, gid, path);
         } else if (chown_errno == EPERM) {
-            VIR_INFO("Setting security context '%d:%d' on '%s' not permitted",
+            VIR_INFO("Setting user and group to '%d:%d' on '%s' not permitted",
                      uid, gid, path);
         } else if (chown_errno == EROFS) {
-            VIR_INFO("Setting security context '%d:%d' on '%s' not possible on readonly filesystem",
+            VIR_INFO("Setting user and group to '%d:%d' on '%s' not possible on readonly filesystem",
                      uid, gid, path);
         } else {
             virReportSystemError(chown_errno,
-                                 _("unable to set security context '%d:%d' on '%s'"),
+                                 _("unable to set user and group to '%d:%d' on '%s'"),
                                  uid, gid, path);
             return -1;
         }
@@ -84,7 +78,7 @@ qemuSecurityDACRestoreSecurityFileLabel(const char *path)
     int err;
     char *newpath = NULL;
 
-    VIR_INFO("Restoring DAC context on '%s'", path);
+    VIR_INFO("Restoring DAC user and group on '%s'", path);
 
     if ((err = virFileResolveLink(path, &newpath)) < 0) {
         virReportSystemError(err,