subject:"\[PATCH 2\/2\] selinux\: Don't ignore ENOENT in Permissive mode"

Re: [PATCH 2/2] selinux: Don't ignore ENOENT in Permissive mode

2021-09-21 Thread Michal Prívozník

On 9/20/21 5:57 PM, Ján Tomko wrote: > On a Monday in 2021, Michal Privoznik wrote: >> In selinux driver there's virSecuritySELinuxSetFileconImpl() >> which is responsible for actual setting of SELinux label on given >> file and handling possible failures. In fhe failure handling code >> we decide

Re: [PATCH 2/2] selinux: Don't ignore ENOENT in Permissive mode

2021-09-20 Thread Ján Tomko

On a Monday in 2021, Michal Privoznik wrote: In selinux driver there's virSecuritySELinuxSetFileconImpl() which is responsible for actual setting of SELinux label on given file and handling possible failures. In fhe failure handling code we decide whether failure is fatal or not. But there is a b

[PATCH 2/2] selinux: Don't ignore ENOENT in Permissive mode

2021-09-20 Thread Michal Privoznik

In selinux driver there's virSecuritySELinuxSetFileconImpl() which is responsible for actual setting of SELinux label on given file and handling possible failures. In fhe failure handling code we decide whether failure is fatal or not. But there is a bug: depending on SELinux mode (Permissive vs. E