mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-24 21:34:08 +03:00
mount-setup: don't complain if we try to fix the label of a dir beneath a mount but can't due to EROFS
This commit is contained in:
parent
61b1477c81
commit
c9bc076461
@ -314,7 +314,7 @@ static int open_dev_autofs(Manager *m) {
|
||||
if (m->dev_autofs_fd >= 0)
|
||||
return m->dev_autofs_fd;
|
||||
|
||||
label_fix("/dev/autofs", false);
|
||||
label_fix("/dev/autofs", false, false);
|
||||
|
||||
if ((m->dev_autofs_fd = open("/dev/autofs", O_CLOEXEC|O_RDONLY)) < 0) {
|
||||
log_error("Failed to open /dev/autofs: %s", strerror(errno));
|
||||
|
@ -121,7 +121,7 @@ static int mount_one(const MountPoint *p, bool relabel) {
|
||||
|
||||
/* Relabel first, just in case */
|
||||
if (relabel)
|
||||
label_fix(p->where, true);
|
||||
label_fix(p->where, true, true);
|
||||
|
||||
if ((r = path_is_mount_point(p->where, true)) < 0)
|
||||
return r;
|
||||
@ -150,7 +150,7 @@ static int mount_one(const MountPoint *p, bool relabel) {
|
||||
|
||||
/* Relabel again, since we now mounted something fresh here */
|
||||
if (relabel)
|
||||
label_fix(p->where, false);
|
||||
label_fix(p->where, false, false);
|
||||
|
||||
return 1;
|
||||
}
|
||||
@ -347,7 +347,7 @@ static int nftw_cb(
|
||||
if (_unlikely_(ftwbuf->level == 0))
|
||||
return FTW_CONTINUE;
|
||||
|
||||
label_fix(fpath, true);
|
||||
label_fix(fpath, false, false);
|
||||
|
||||
/* /run/initramfs is static data and big, no need to
|
||||
* dynamically relabel its contents at boot... */
|
||||
@ -391,7 +391,7 @@ int mount_setup(bool loaded_policy) {
|
||||
|
||||
/* Explicitly relabel these */
|
||||
NULSTR_FOREACH(j, relabel)
|
||||
label_fix(j, true);
|
||||
label_fix(j, true, false);
|
||||
|
||||
after_relabel = now(CLOCK_MONOTONIC);
|
||||
|
||||
|
@ -99,7 +99,7 @@ int label_init(const char *prefix) {
|
||||
return r;
|
||||
}
|
||||
|
||||
int label_fix(const char *path, bool ignore_enoent) {
|
||||
int label_fix(const char *path, bool ignore_enoent, bool ignore_erofs) {
|
||||
int r = 0;
|
||||
|
||||
#ifdef HAVE_SELINUX
|
||||
@ -132,6 +132,9 @@ int label_fix(const char *path, bool ignore_enoent) {
|
||||
if (ignore_enoent && errno == ENOENT)
|
||||
return 0;
|
||||
|
||||
if (ignore_erofs && errno == EROFS)
|
||||
return 0;
|
||||
|
||||
log_full(security_getenforce() == 1 ? LOG_ERR : LOG_DEBUG,
|
||||
"Unable to fix label of %s: %m", path);
|
||||
r = security_getenforce() == 1 ? -errno : 0;
|
||||
|
@ -29,7 +29,7 @@
|
||||
int label_init(const char *prefix);
|
||||
void label_finish(void);
|
||||
|
||||
int label_fix(const char *path, bool ignore_enoent);
|
||||
int label_fix(const char *path, bool ignore_enoent, bool ignore_erofs);
|
||||
|
||||
int label_socket_set(const char *label);
|
||||
void label_socket_clear(void);
|
||||
|
@ -469,7 +469,7 @@ static int item_set_perms(Item *i, const char *path) {
|
||||
return -errno;
|
||||
}
|
||||
|
||||
return label_fix(path, false);
|
||||
return label_fix(path, false, false);
|
||||
}
|
||||
|
||||
static int recursive_relabel_children(Item *i, const char *path) {
|
||||
|
@ -91,7 +91,7 @@ static int node_symlink(struct udev *udev, const char *node, const char *slink)
|
||||
buf[len] = '\0';
|
||||
if (strcmp(target, buf) == 0) {
|
||||
log_debug("preserve already existing symlink '%s' to '%s'\n", slink, target);
|
||||
label_fix(slink, true);
|
||||
label_fix(slink, true, false);
|
||||
utimensat(AT_FDCWD, slink, NULL, AT_SYMLINK_NOFOLLOW);
|
||||
goto exit;
|
||||
}
|
||||
@ -307,7 +307,7 @@ static int node_fixup(struct udev_device *dev, mode_t mode, uid_t uid, gid_t gid
|
||||
* something else has set a custom context in the meantime.
|
||||
*/
|
||||
if (strcmp(udev_device_get_action(dev), "add") == 0)
|
||||
label_fix(devnode, true);
|
||||
label_fix(devnode, true, false);
|
||||
|
||||
/* always update timestamp when we re-use the node, like on media change events */
|
||||
utimensat(AT_FDCWD, devnode, NULL, 0);
|
||||
|
Loading…
Reference in New Issue
Block a user