v3 of:

https://www.redhat.com/archives/libvir-list/2018-November/msg01070.html

diff to v2:
- dropped 01/18 from v2
- Introduced a test
- Couple of minor adjustments as suggested in review of v2

Michal Prívozník (18):
  util: Introduce xattr getter/setter/remover
  security: Include security_util
  security_dac: Restore label on failed chown() attempt
  virSecurityDACTransactionRun: Implement rollback
  virSecurityDACRestoreAllLabel: Reorder device relabeling
  virSecurityDACRestoreAllLabel: Restore more labels
  security_dac: Allow callers to enable/disable label remembering/recall
  security_dac: Remember old labels
  virSecurityDACRestoreImageLabelInt: Restore even shared/RO disks
  security_selinux: Track if transaction is restore
  security_selinux: Remember old labels
  security_selinux: Restore label on failed setfilecon() attempt
  virSecuritySELinuxTransactionRun: Implement rollback
  virSecuritySELinuxRestoreAllLabel: Reorder device relabeling
  virSecuritySELinuxRestoreAllLabel: Restore more labels
  tests: Introduce qemusecuritytest
  tools: Provide a script to recover fubar'ed XATTRs setup
  qemu.conf: Allow users to enable/disable label remembering

 cfg.mk                             |   4 +-
 src/libvirt_private.syms           |   3 +
 src/qemu/libvirtd_qemu.aug         |   1 +
 src/qemu/qemu.conf                 |   4 +
 src/qemu/qemu_conf.c               |   4 +
 src/qemu/test_libvirtd_qemu.aug.in |   1 +
 src/security/Makefile.inc.am       |   2 +
 src/security/security_dac.c        | 227 ++++++++++----
 src/security/security_selinux.c    | 272 ++++++++++++----
 src/security/security_util.c       | 256 +++++++++++++++
 src/security/security_util.h       |  32 ++
 src/util/virfile.c                 | 121 ++++++++
 src/util/virfile.h                 |  20 +-
 tests/Makefile.am                  |  10 +
 tests/qemusecuritymock.c           | 480 +++++++++++++++++++++++++++++
 tests/qemusecuritytest.c           | 173 +++++++++++
 tests/qemusecuritytest.h           |  28 ++
 tools/Makefile.am                  |   1 +
 tools/libvirt_recover_xattrs.sh    |  96 ++++++
 19 files changed, 1600 insertions(+), 135 deletions(-)
 create mode 100644 src/security/security_util.c
 create mode 100644 src/security/security_util.h
 create mode 100644 tests/qemusecuritymock.c
 create mode 100644 tests/qemusecuritytest.c
 create mode 100644 tests/qemusecuritytest.h
 create mode 100755 tools/libvirt_recover_xattrs.sh

-- 
2.19.2

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

On Wed, Dec 12, 2018 at 01:40:44PM +0100, Michal Privoznik wrote:
>v3 of:
>
>https://www.redhat.com/archives/libvir-list/2018-November/msg01070.html
>
>diff to v2:
>- dropped 01/18 from v2
>- Introduced a test
>- Couple of minor adjustments as suggested in review of v2
>
>Michal Prívozník (18):
>  util: Introduce xattr getter/setter/remover
>  security: Include security_util
>  security_dac: Restore label on failed chown() attempt
>  virSecurityDACTransactionRun: Implement rollback
>  virSecurityDACRestoreAllLabel: Reorder device relabeling
>  virSecurityDACRestoreAllLabel: Restore more labels
>  security_dac: Allow callers to enable/disable label remembering/recall
>  security_dac: Remember old labels
>  virSecurityDACRestoreImageLabelInt: Restore even shared/RO disks
>  security_selinux: Track if transaction is restore
>  security_selinux: Remember old labels
>  security_selinux: Restore label on failed setfilecon() attempt
>  virSecuritySELinuxTransactionRun: Implement rollback
>  virSecuritySELinuxRestoreAllLabel: Reorder device relabeling
>  virSecuritySELinuxRestoreAllLabel: Restore more labels
>  tests: Introduce qemusecuritytest
>  tools: Provide a script to recover fubar'ed XATTRs setup
>  qemu.conf: Allow users to enable/disable label remembering
>
> cfg.mk                             |   4 +-
> src/libvirt_private.syms           |   3 +
> src/qemu/libvirtd_qemu.aug         |   1 +
> src/qemu/qemu.conf                 |   4 +
> src/qemu/qemu_conf.c               |   4 +
> src/qemu/test_libvirtd_qemu.aug.in |   1 +
> src/security/Makefile.inc.am       |   2 +
> src/security/security_dac.c        | 227 ++++++++++----
> src/security/security_selinux.c    | 272 ++++++++++++----
> src/security/security_util.c       | 256 +++++++++++++++
> src/security/security_util.h       |  32 ++
> src/util/virfile.c                 | 121 ++++++++
> src/util/virfile.h                 |  20 +-
> tests/Makefile.am                  |  10 +
> tests/qemusecuritymock.c           | 480 +++++++++++++++++++++++++++++
> tests/qemusecuritytest.c           | 173 +++++++++++
> tests/qemusecuritytest.h           |  28 ++
> tools/Makefile.am                  |   1 +
> tools/libvirt_recover_xattrs.sh    |  96 ++++++
> 19 files changed, 1600 insertions(+), 135 deletions(-)
> create mode 100644 src/security/security_util.c
> create mode 100644 src/security/security_util.h
> create mode 100644 tests/qemusecuritymock.c
> create mode 100644 tests/qemusecuritytest.c
> create mode 100644 tests/qemusecuritytest.h
> create mode 100755 tools/libvirt_recover_xattrs.sh
>

Reviewed-by: Ján Tomko <jtomko@redhat.com>

Jano
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

On 12/19/18 2:54 PM, Ján Tomko wrote:
> 
> Reviewed-by: Ján Tomko <jtomko@redhat.com>

Thanks to you and Dan. I've pushed these.

Michal

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

On Wed, Dec 19, 2018 at 03:37 PM +0100, Michal Privoznik <mprivozn@redhat.com> wrote:
> On 12/19/18 2:54 PM, Ján Tomko wrote:
>>
>> Reviewed-by: Ján Tomko <jtomko@redhat.com>
>
> Thanks to you and Dan. I've pushed these.

I tried out the current master (e05d8e570b) and I got the following
error message regularly:

2018-12-20 11:37:37.056+0000: 30026: error : virProcessWait:274 : internal error: Child process (31926) unexpected fatal signal 11
2018-12-20 11:37:37.060+0000: 30026: warning : qemuSecurityRestoreAllLabel:89 : Unable to run security manager transaction

Did you try it with SELinux?

>
> Michal
>
> --
> libvir-list mailing list
> libvir-list@redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list
>
--
Kind regards / Beste Grüße
   Marc Hartmayer

IBM Deutschland Research & Development GmbH
Vorsitzende des Aufsichtsrats: Matthias Hartmann
Geschäftsführung: Dirk Wittkopp
Sitz der Gesellschaft: Böblingen
Registergericht: Amtsgericht Stuttgart, HRB 243294


--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

On 12/20/18 12:48 PM, Marc Hartmayer wrote:
> On Wed, Dec 19, 2018 at 03:37 PM +0100, Michal Privoznik <mprivozn@redhat.com> wrote:
>> On 12/19/18 2:54 PM, Ján Tomko wrote:
>>>
>>> Reviewed-by: Ján Tomko <jtomko@redhat.com>
>>
>> Thanks to you and Dan. I've pushed these.
> 
> I tried out the current master (e05d8e570b) and I got the following
> error message regularly:
> 
> 2018-12-20 11:37:37.056+0000: 30026: error : virProcessWait:274 : internal error: Child process (31926) unexpected fatal signal 11
> 2018-12-20 11:37:37.060+0000: 30026: warning : qemuSecurityRestoreAllLabel:89 : Unable to run security manager transaction

Looks like there is some crash. Can you try to get stack trace please?

Michal

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

On Thu, Dec 20, 2018 at 09:15 PM +0100, Michal Prívozník <mprivozn@redhat.com> wrote:
> On 12/20/18 12:48 PM, Marc Hartmayer wrote:
>> On Wed, Dec 19, 2018 at 03:37 PM +0100, Michal Privoznik <mprivozn@redhat.com> wrote:
>>> On 12/19/18 2:54 PM, Ján Tomko wrote:
>>>>
>>>> Reviewed-by: Ján Tomko <jtomko@redhat.com>
>>>
>>> Thanks to you and Dan. I've pushed these.
>>
>> I tried out the current master (e05d8e570b) and I got the following
>> error message regularly:
>>
>> 2018-12-20 11:37:37.056+0000: 30026: error : virProcessWait:274 : internal error: Child process (31926) unexpected fatal signal 11
>> 2018-12-20 11:37:37.060+0000: 30026: warning : qemuSecurityRestoreAllLabel:89 : Unable to run security manager transaction
>
> Looks like there is some crash. Can you try to get stack trace please?

Hmm with the newest master (9d42d51eef793d7c) I get no error
message. I’ll try to revalidate the behavior/error messages with the
previous version.

>
> Michal
>
--
Kind regards / Beste Grüße
   Marc Hartmayer

IBM Deutschland Research & Development GmbH
Vorsitzende des Aufsichtsrats: Matthias Hartmann
Geschäftsführung: Dirk Wittkopp
Sitz der Gesellschaft: Böblingen
Registergericht: Amtsgericht Stuttgart, HRB 243294


--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

On 12/21/18 10:32 AM, Marc Hartmayer wrote:
> On Thu, Dec 20, 2018 at 09:15 PM +0100, Michal Prívozník <mprivozn@redhat.com> wrote:
>> On 12/20/18 12:48 PM, Marc Hartmayer wrote:
>>> On Wed, Dec 19, 2018 at 03:37 PM +0100, Michal Privoznik <mprivozn@redhat.com> wrote:
>>>> On 12/19/18 2:54 PM, Ján Tomko wrote:
>>>>>
>>>>> Reviewed-by: Ján Tomko <jtomko@redhat.com>
>>>>
>>>> Thanks to you and Dan. I've pushed these.
>>>
>>> I tried out the current master (e05d8e570b) and I got the following
>>> error message regularly:
>>>
>>> 2018-12-20 11:37:37.056+0000: 30026: error : virProcessWait:274 : internal error: Child process (31926) unexpected fatal signal 11
>>> 2018-12-20 11:37:37.060+0000: 30026: warning : qemuSecurityRestoreAllLabel:89 : Unable to run security manager transaction
>>
>> Looks like there is some crash. Can you try to get stack trace please?
> 
> Hmm with the newest master (9d42d51eef793d7c) I get no error
> message. I’ll try to revalidate the behavior/error messages with the
> previous version.
> 

I pushed a patch that probably is a fix for what you saw... See commit
9d42d51eef - essentially avoids passing contents of a empty @con into
virSecuritySELinuxSetFileconImpl which I assume is where you had a
fairly spectacular failure.

John

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list