From nobody Mon Feb  9 17:07:17 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1556180426; cv=none;
	d=zoho.com; s=zohoarc;
	b=Uehr0oL87s/nEFzgU8Mtdc2GjgRLC+C32l5ChWQPf9gGuChBI0jHJTELzSSzkekozboLyrwlJCFKpuV1D2KTAKkpnGjzDsouAO5RPITqIFpJFMTwl/0gXjjN698+WsS0yw1MyMeVqVlSWrzpYKDzucs+6mQxdRcCwQsu/nz6Eik=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556180426;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=+XjlqDJn7D5kGjkXUdgx8jRtWtYaacUCufYSqnciy0Q=;
	b=SEGkeWCA5Ya2OBnluQuoqUoTWivxhiwaPpV8IHwgyAhgZ/2tQfvInbEg5Oci19zpnPAbvJEI3+YL6b/vkAddH89WmvfXvUaw9XnJ7Ay/5Dxv1X20HcIRQNmFhtP8sZhYScOBlx4MYb+3uSatAEuQ+V3XAHqVGG5aRxIs3oNYq0I=
ARC-Authentication-Results: i=1; mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<mprivozn@redhat.com> (p=none dis=none)
 header.from=<mprivozn@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1556180426940663.1284633209667;
 Thu, 25 Apr 2019 01:20:26 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com
 [10.5.11.16])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 9273CC058CA4;
	Thu, 25 Apr 2019 08:20:25 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 6A1E2508E9;
	Thu, 25 Apr 2019 08:20:25 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 2C53E181B9F1;
	Thu, 25 Apr 2019 08:20:25 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
	[10.5.11.12])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x3P8KE1V013875 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 25 Apr 2019 04:20:14 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 0096A60C70; Thu, 25 Apr 2019 08:20:14 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 7E07A60C8E
	for <libvir-list@redhat.com>; Thu, 25 Apr 2019 08:20:13 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 25 Apr 2019 10:19:44 +0200
Message-Id: 
 <e03af4a75f1c0e63028fafb4fd52a81616ae9eb1.1556179410.git.mprivozn@redhat.com>
In-Reply-To: <cover.1556179410.git.mprivozn@redhat.com>
References: <cover.1556179410.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v4 08/25] tools: Slightly rework
	libvirt_recover_xattrs.sh
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]);
 Thu, 25 Apr 2019 08:20:26 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

Firstly, there's no reason to enumerate all XATTRs since they
differ only in the prefix and we can construct them in a loop.

Secondly, and more importantly, the script was still looking for
just one prefix "trusted.libvirt.security" even on FreeBSD.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 tools/libvirt_recover_xattrs.sh | 50 ++++++++++++++++-----------------
 1 file changed, 25 insertions(+), 25 deletions(-)

diff --git a/tools/libvirt_recover_xattrs.sh b/tools/libvirt_recover_xattrs=
.sh
index 69dfca0160..58f02f8dfb 100755
--- a/tools/libvirt_recover_xattrs.sh
+++ b/tools/libvirt_recover_xattrs.sh
@@ -23,14 +23,16 @@ EOF
=20
 QUIET=3D0
 DRY_RUN=3D0
-P=3D"/"
+DIR=3D"/"
=20
 # So far only qemu and lxc drivers use security driver.
 URI=3D("qemu:///system"
-     "qemu:///session"
      "lxc:///system")
=20
-LIBVIRT_XATTR_PREFIX=3D"trusted.libvirt.security"
+# On Linux we use 'trusted' namespace, on FreeBSD we use 'system'
+# as there is no 'trusted'.
+LIBVIRT_XATTR_PREFIXES=3D("trusted.libvirt.security"
+                        "system.libvirt.security")
=20
 if [ `whoami` !=3D "root" ]; then
     die "Must be run as root"
@@ -57,7 +59,7 @@ done
=20
 shift $((OPTIND - 1))
 if [ $# -gt 0 ]; then
-    P=3D$1
+    DIR=3D$1
 fi
=20
 if [ ${DRY_RUN} -eq 0 ]; then
@@ -69,28 +71,26 @@ if [ ${DRY_RUN} -eq 0 ]; then
 fi
=20
=20
-# On Linux we use 'trusted' namespace, on FreeBSD we use 'system'
-# as there is no 'trusted'.
-XATTRS=3D("trusted.libvirt.security.dac"
-        "trusted.libvirt.security.ref_dac"
-        "trusted.libvirt.security.selinux"
-        "trusted.libvirt.security.ref_selinux",
-        "system.libvirt.security.dac"
-        "system.libvirt.security.ref_dac"
-        "system.libvirt.security.selinux"
-        "system.libvirt.security.ref_selinux")
+declare -a XATTRS
+for i in "dac" "selinux"; do
+    for p in ${LIBVIRT_XATTR_PREFIXES[@]}; do
+        XATTRS+=3D("$p.$i" "$p.ref_$i")
+    done
+done
=20
-for i in $(getfattr -R -d -m ${LIBVIRT_XATTR_PREFIX} --absolute-names ${P}=
 2>/dev/null | grep "^# file:" | cut -d':' -f 2); do
-    if [ ${DRY_RUN} -ne 0 ]; then
-        echo $i
-        getfattr -d -m ${LIBVIRT_XATTR_PREFIX} $i
-        continue
-    fi
+for p in ${LIBVIRT_XATTR_PREFIXES[*]}; do
+    for i in $(getfattr -R -d -m ${p} --absolute-names ${DIR} 2>/dev/null =
| grep "^# file:" | cut -d':' -f 2); do
+        echo $i;
+        if [ ${DRY_RUN} -ne 0 ]; then
+            getfattr -d -m $p --absolute-names $i | grep -v "^# file:"
+            continue
+        fi
=20
-    if [ ${QUIET} -eq 0 ]; then
-        echo "Fixing $i";
-    fi
-    for x in ${XATTRS[*]}; do
-        setfattr -x $x $i
+        if [ ${QUIET} -eq 0 ]; then
+            echo "Fixing $i";
+        fi
+        for x in ${XATTRS[*]}; do
+            setfattr -x $x $i
+        done
     done
 done
--=20
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list