Xen project Mailing List

[Xen-changelog] [xen master] tools/hotplug: remove SELinux options from var-lib-xenstored.mount

Date: Sun, 18 Jan 2015 20:57:33 +0000

Delivery-date: Sun, 18 Jan 2015 20:57:36 +0000

List-id: "Change log for Mercurial $receive only$" <xen-changelog.lists.xen.org>

commit a6b04352b72e38744ddf3395bf15232e5e7e7393 Author: Olaf Hering <olaf@xxxxxxxxx> AuthorDate: Fri Dec 19 12:25:27 2014 +0100 Commit: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> CommitDate: Tue Jan 6 10:29:17 2015 -0500 tools/hotplug: remove SELinux options from var-lib-xenstored.mount Using SELinux mount options per default breaks several systems. Either the context= mount option is not known at all to the kernel, as reported for ArchLinux. Or the default value "none" is unknown to SELinux, as reported for Fedora. In both cases the unit will fail. The proper place to specify mount options is /etc/fstab. Apparently systemd is kind enough to use values from there even if Options= or What= is specified in a .mount file. Remove XENSTORED_MOUNT_CTX, the reference to a non-existent EnvironmentFile and trim default Options= for the mount point. The removed code was first mentioned in the patch referenced below, with the following description: ... * Some systems define the selinux context in the systemd Option for the /var/lib/xenstored tmpfs: Options=mode=755,context="system_u:object_r:xenstored_var_lib_t:s0" For the upstream version we remove that and let systems specify the context on their system /etc/default/xenstored or /etc/sysconfig/xenstored $XENSTORED_MOUNT_CTX variable ... It is nowhere stated (on xen-devel) what "Some systems" means, which is unfortunately common practice in nearly all opensource projects. http://lists.xenproject.org/archives/html/xen-devel/2014-03/msg02462.html Signed-off-by: Olaf Hering <olaf@xxxxxxxxx> Acked-by: Ian Jackson <ian.jackson@xxxxxxxxxxxxx> Cc: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Acked-by: Ian Campbell <ian.campbell@xxxxxxxxxx> Cc: Wei Liu <wei.liu2@xxxxxxxxxx> Cc: Anthony PERARD <anthony.perard@xxxxxxxxxx> Cc: M A Young <m.a.young@xxxxxxxxxxxx> Cc: Luis R. Rodriguez <mcgrof@xxxxxxxxxxxxxxxx> Release-Acked-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> --- .../Linux/systemd/var-lib-xenstored.mount.in | 4 +--- 1 files changed, 1 insertions(+), 3 deletions(-) diff --git a/tools/hotplug/Linux/systemd/var-lib-xenstored.mount.in b/tools/hotplug/Linux/systemd/var-lib-xenstored.mount.in index d5e04db..11a7d50 100644 --- a/tools/hotplug/Linux/systemd/var-lib-xenstored.mount.in +++ b/tools/hotplug/Linux/systemd/var-lib-xenstored.mount.in @@ -6,9 +6,7 @@ ConditionPathExists=/proc/xen/capabilities RefuseManualStop=true [Mount] -Environment=XENSTORED_MOUNT_CTX=none -EnvironmentFile=-@CONFIG_DIR@/@CONFIG_LEAF_DIR@/xenstored What=xenstore Where=@XEN_LIB_STORED@ Type=tmpfs -Options=mode=755,context="$XENSTORED_MOUNT_CTX" +Options=mode=755 -- generated by git-patchbot for /home/xen/git/xen.git#master _______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxx http://lists.xensource.com/xen-changelog

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.