static int testUserXattrEnabled(void) { int ret = -1; ssize_t len; const char *con_value = "system_u:object_r:svirt_image_t:s0:c41,c264"; char *path = NULL; if (virAsprintf(&path, "%s/securityselinuxlabeldata/testxattr", abs_builddir) < 0) goto cleanup; if (virFileMakePath(abs_builddir "/securityselinuxlabeldata") < 0 || virFileTouch(path, 0600) < 0) goto cleanup; len = setxattr(path, "user.libvirt.selinux", con_value, strlen(con_value), 0); if (len < 0) { if (errno == EOPNOTSUPP) ret = 0; goto cleanup; } ret = 1; cleanup: unlink(path); rmdir(abs_builddir "/securityselinuxlabeldata"); VIR_FREE(path); return ret; }
static int testSELinuxCreateDisks(testSELinuxFile *files, size_t nfiles) { size_t i; if (virFileMakePath(abs_builddir "/securityselinuxlabeldata/nfs") < 0) return -1; for (i = 0; i < nfiles; i++) { if (virFileTouch(files[i].file, 0600) < 0) return -1; } return 0; }
static int lxcContainerPopulateDevices(char **ttyPaths, size_t nttyPaths) { size_t i; const struct { int maj; int min; mode_t mode; const char *path; } devs[] = { { LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_NULL, 0666, "/dev/null" }, { LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_ZERO, 0666, "/dev/zero" }, { LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_FULL, 0666, "/dev/full" }, { LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_RANDOM, 0666, "/dev/random" }, { LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_URANDOM, 0666, "/dev/urandom" }, }; const struct { const char *src; const char *dst; } links[] = { { "/proc/self/fd/0", "/dev/stdin" }, { "/proc/self/fd/1", "/dev/stdout" }, { "/proc/self/fd/2", "/dev/stderr" }, { "/proc/self/fd", "/dev/fd" }, }; /* Populate /dev/ with a few important bits */ for (i = 0 ; i < ARRAY_CARDINALITY(devs) ; i++) { dev_t dev = makedev(devs[i].maj, devs[i].min); if (mknod(devs[i].path, S_IFCHR, dev) < 0 || chmod(devs[i].path, devs[i].mode)) { virReportSystemError(errno, _("Failed to make device %s"), devs[i].path); return -1; } } for (i = 0 ; i < ARRAY_CARDINALITY(links) ; i++) { if (symlink(links[i].src, links[i].dst) < 0) { virReportSystemError(errno, _("Failed to symlink device %s to %s"), links[i].dst, links[i].src); return -1; } } if (access("/dev/pts/ptmx", W_OK) == 0) { /* We have private devpts capability, so bind that */ if (virFileTouch("/dev/ptmx", 0666) < 0) return -1; if (mount("/dev/pts/ptmx", "/dev/ptmx", "ptmx", MS_BIND, NULL) < 0) { virReportSystemError(errno, "%s", _("Failed to bind /dev/pts/ptmx on to /dev/ptmx")); return -1; } } else { /* Legacy devpts, so we need to just use shared one */ dev_t dev = makedev(LXC_DEV_MAJ_TTY, LXC_DEV_MIN_PTMX); if (mknod("/dev/ptmx", S_IFCHR, dev) < 0 || chmod("/dev/ptmx", 0666)) { virReportSystemError(errno, "%s", _("Failed to make device /dev/ptmx")); return -1; } } for (i = 0 ; i < nttyPaths ; i++) { char *tty; if (virAsprintf(&tty, "/dev/tty%zu", i+1) < 0) { virReportOOMError(); return -1; } if (symlink(ttyPaths[i], tty) < 0) { VIR_FREE(tty); virReportSystemError(errno, _("Failed to symlink %s to %s"), ttyPaths[i], tty); return -1; } VIR_FREE(tty); if (i == 0 && symlink(ttyPaths[i], "/dev/console") < 0) { virReportSystemError(errno, _("Failed to symlink %s to /dev/console"), ttyPaths[i]); return -1; } } return 0; }