From nobody Sun Feb 8 21:33:22 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1662990419; cv=none; d=zohomail.com; s=zohoarc; b=V4+UC7ALFiWqHQM5E5+bZqGGkdXSxkU/jYcnjKmhyAxqDwtUYlIsELrpCB3KCAWi4vnnnwX5nXj3vTAPaR0G4HF+GXiolvkMExJr6o6n8D/4UShvghlo1Fa8UZzEVhjCqFOhdqE6BTcjVoGKIVyX8fDJNQLd9MPlwS88YJJ/CvE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1662990419; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=KOURfiY7r9rZPrcpp7UooBpVIAW0V+65Bs0vdB1VhzE=; b=kQL36OeP5Z+TZXvCOZmyhS+wxLHFodn/ehx9oXS0RtlXN/iqObw+HNtKm8117X3sMG4oTi/j6w8F8ey2V1xBsbgSO4cbh1WabrLr0LhpjBNLKcXxcHcoLV1zYmjpo91+3wHxmeJGR0CDn4hNcwJ/5F+PglF9B1grDm/upvIjko0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1662990419988832.3268614899719; Mon, 12 Sep 2022 06:46:59 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-215-wdnBS03kN1KNnJoYb5H8AA-1; Mon, 12 Sep 2022 09:46:55 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id B9AB53C0CD41; Mon, 12 Sep 2022 13:46:52 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id A885140C6EC2; Mon, 12 Sep 2022 13:46:52 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 6A9DC1946A44; Mon, 12 Sep 2022 13:46:47 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id CEE451946A43 for ; Mon, 12 Sep 2022 13:46:45 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id BCE3540C6EC4; Mon, 12 Sep 2022 13:46:45 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.193.131]) by smtp.corp.redhat.com (Postfix) with ESMTP id 3CC4A40C6EC2 for ; Mon, 12 Sep 2022 13:46:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1662990419; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=KOURfiY7r9rZPrcpp7UooBpVIAW0V+65Bs0vdB1VhzE=; b=eR7csO6o2mTpHJ2VmwkGqXchS0xmZ3NVLooCDxSasQ8NrBVZIqP4fn7WVKYJFlzZlLSxnk X5lvXSZICby4+PiZbTO3hQwSEUIVJKErZfaJTISCZeKZdFK8TdFQJD2B3Sf/4fcomLI5Ep SErNHv1DMM//sYxdmLYPY48R/AKoEvw= X-MC-Unique: wdnBS03kN1KNnJoYb5H8AA-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH 1/4] qemu_namespace: Tolerate missing ACLs when creating a path in namespace Date: Mon, 12 Sep 2022 15:46:38 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1662990422104100001 Content-Type: text/plain; charset="utf-8"; x-default="true" When creating a path in a domain's mount namespace we try to set ACLs on it, so that it's a verbatim copy of the path in parent's namespace. The ACLs are queried upfront (by qemuNamespaceMknodItemInit()) but this is fault tolerant so the pointer to ACLs might be NULL (meaning no ACLs were queried, for instance because the underlying filesystem does not support them). But then we take this NULL and pass it to virFileSetACLs() which immediately returns an error because NULL is invalid value. Mimic what we do with SELinux label - just set it if we queried it successfully before. Signed-off-by: Michal Privoznik Reviewed-by: Martin Kletzander --- src/qemu/qemu_namespace.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c index 98cd794666..71e3366ca5 100644 --- a/src/qemu/qemu_namespace.c +++ b/src/qemu/qemu_namespace.c @@ -1040,8 +1040,7 @@ qemuNamespaceMknodOne(qemuNamespaceMknodItem *data) goto cleanup; } =20 - /* Symlinks don't have ACLs. */ - if (!isLink && + if (data->acl && virFileSetACLs(data->file, data->acl) < 0 && errno !=3D ENOTSUP) { virReportSystemError(errno, --=20 2.35.1