From 7967e3e5cfd330190c2bcc45d3a111a1d563a7a0 Mon Sep 17 00:00:00 2001
From: Vijay Bellur <vbellur@redhat.com>
Date: Tue, 30 Apr 2013 00:20:33 +0530
Subject: cluster/afr: Avoid self-healing extended attribute used by SELinux.

Since removexattr() fails to remove "security.selinux" in a system
where SELinux is enforcing, xattr self-healing fails.
As a consequence of this, user extended attributes are not being healed.
Added a check in afr to prune SELinux xattr from the dictionary
used for removing xattrs from the sink.

Minor changes in tests and md-cache as well.

Signed-off-by: Vijay Bellur <vbellur@redhat.com>
Change-Id: I854bfc0098dde812ce2afe64b125ee40c04bdeb1
BUG: 957877
Reviewed-on: http://review.gluster.org/4905
Reviewed-by: Venky Shankar <vshankar@redhat.com>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
---
 xlators/cluster/afr/src/afr-self-heal-metadata.c | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'xlators/cluster/afr/src/afr-self-heal-metadata.c')

diff --git a/xlators/cluster/afr/src/afr-self-heal-metadata.c b/xlators/cluster/afr/src/afr-self-heal-metadata.c
index c6a183b1a..cc85d9b9f 100644
--- a/xlators/cluster/afr/src/afr-self-heal-metadata.c
+++ b/xlators/cluster/afr/src/afr-self-heal-metadata.c
@@ -242,6 +242,12 @@ afr_sh_removexattr_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
         return 0;
 }
 
+inline void
+afr_prune_special_keys (dict_t *xattr_dict)
+{
+        dict_del (xattr_dict, GF_SELINUX_XATTR_KEY);
+}
+
 inline void
 afr_prune_pending_keys (dict_t *xattr_dict, afr_private_t *priv)
 {
@@ -272,6 +278,8 @@ afr_sh_getxattr_cbk (call_frame_t *frame, void *cookie, xlator_t *this,
 
         afr_prune_pending_keys (xattr, priv);
 
+        afr_prune_special_keys (xattr);
+
         i = (long) cookie;
 
         /* send removexattr in bulk via xdata */
-- 
cgit