From: Milan Broz <mbroz@redhat.com>
Date: Fri, 24 Jul 2015 11:30:11 +0000 (+0200)
Subject: ceph-disk: set selinux context
X-Git-Tag: v9.1.0~432^2~5
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=c014f2b61e0de3c0d357288348a0fc77c6371d43;p=ceph.git

ceph-disk: set selinux context

Ensure that SELinux context is properly set according to policy.We
need this as SELinux context is not preserved across mount points.

Signed-off-by: Milan Broz <mbroz@redhat.com>
---

diff --git a/src/ceph-disk b/src/ceph-disk
index fc7949f71b72..cb19cafc28e3 100755
--- a/src/ceph-disk
+++ b/src/ceph-disk
@@ -629,6 +629,7 @@ def write_one_line(parent, name, text):
     with file(tmp, 'wb') as tmp_file:
         tmp_file.write(text + '\n')
         os.fsync(tmp_file.fileno())
+    path_set_context(tmp)
     os.rename(tmp, path)
 
 
@@ -709,6 +710,15 @@ def get_osd_id(path):
         check_osd_id(osd_id)
     return osd_id
 
+def path_set_context(path):
+    # restore selinux context to default policy values
+    if which('restorecon'):
+        command(
+           [
+                'restorecon', '-R',
+                path,
+                ],
+           )
 
 def _check_output(args=None, **kwargs):
     out, ret = command(args, **kwargs)
@@ -1497,6 +1507,7 @@ def prepare_dev(
                 journal_dmcrypt=journal_dmcrypt,
                 )
         finally:
+            path_set_context(path)
             unmount(path)
     finally:
         if rawdev != dev: