[node-patches] Change in ovirt-node[master]: installer: Fix relabeling of /var/log

fabiand at redhat.com fabiand at redhat.com
Thu Oct 9 10:12:35 UTC 2014 

Fabian Deutsch has uploaded a new change for review.

Change subject: installer: Fix relabeling of /var/log
......................................................................

installer: Fix relabeling of /var/log

Previously incorrect labels were set on all files in /var/log, this has
been fixed.

Change-Id: I521220c21add1d8a76a1e1486a53337514c44a47
Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=1128065
Signed-off-by: Fabian Deutsch <fabiand at fedoraproject.org>
---
M src/ovirtnode/ovirtfunctions.py
1 file changed, 8 insertions(+), 6 deletions(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-node refs/changes/57/33957/1

diff --git a/src/ovirtnode/ovirtfunctions.py b/src/ovirtnode/ovirtfunctions.py
index a56047a..8761605 100644
--- a/src/ovirtnode/ovirtfunctions.py
+++ b/src/ovirtnode/ovirtfunctions.py
@@ -1180,15 +1180,17 @@
 
     # fix SELinux
     logging_dev = findfs("LOGGING")
-    logging_mount_cmd = ("grep %s /proc/mounts | awk '{print $2}'") % \
-                         logging_dev
+    assert logging_dev, "Failed to find logging device"
+    logging_mount_cmd = "mkdir -p /var/log ; mount %s /var/log" % logging_dev
     logging_mount = subprocess_closefds(logging_mount_cmd, shell=True,
                                         stdout=PIPE, stderr=STDOUT)
-    (logging_mount_output, dummy) = logging_mount.communicate()
+    logging_mount.communicate()
+    # First restore all
+    system("restorecon -rv /var/log")
+    # Now handle exceptions
     system("chcon -R system_u:object_r:virt_cache_t:s0 /var/log/core/")
-    system("chcon system_u:object_r:var_log_t:s0 %s" % logging_mount_output)
-    system("chcon -R system_u:object_r:auditd_log_t:s0 %s/audit/" %
-           logging_mount_output.rstrip())
+    # Either removes the layering mount, or fails
+    system("umount /var/log")
 
     # run post-install hooks
     # e.g. to avoid reboot loops using Cobbler PXE only once


-- 
To view, visit http://gerrit.ovirt.org/33957
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I521220c21add1d8a76a1e1486a53337514c44a47
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-node
Gerrit-Branch: master
Gerrit-Owner: Fabian Deutsch <fabiand at redhat.com>

More information about the node-patches mailing list