diff options
author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2019-04-14 02:02:40 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-04-14 02:02:40 -0700 |
commit | 9acc9cd58c552c0fb20d817d3d3124610ebea01d (patch) | |
tree | de68dcb6cf2b28f5aa1cecd2752335e61eb9ba83 /libpod/container_internal_linux.go | |
parent | b9260053e94f2b4a00dbe7eba67fd195018bf94a (diff) | |
parent | 86987b8038ddeb883048424884c908fb55a3e397 (diff) | |
download | podman-9acc9cd58c552c0fb20d817d3d3124610ebea01d.tar.gz podman-9acc9cd58c552c0fb20d817d3d3124610ebea01d.tar.bz2 podman-9acc9cd58c552c0fb20d817d3d3124610ebea01d.zip |
Merge pull request #2912 from adrianreber/label
Use the same SELinux label for CRIU log files
Diffstat (limited to 'libpod/container_internal_linux.go')
-rw-r--r-- | libpod/container_internal_linux.go | 31 |
1 files changed, 21 insertions, 10 deletions
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index eeffa4705..f352b188e 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -504,17 +504,9 @@ func (c *Container) checkpointRestoreSupported() (err error) { return nil } -func (c *Container) checkpoint(ctx context.Context, options ContainerCheckpointOptions) (err error) { - if err := c.checkpointRestoreSupported(); err != nil { - return err - } - - if c.state.State != ContainerStateRunning { - return errors.Wrapf(ErrCtrStateInvalid, "%q is not running, cannot checkpoint", c.state.State) - } - +func (c *Container) checkpointRestoreLabelLog(fileName string) (err error) { // Create the CRIU log file and label it - dumpLog := filepath.Join(c.bundlePath(), "dump.log") + dumpLog := filepath.Join(c.bundlePath(), fileName) logFile, err := os.OpenFile(dumpLog, os.O_CREATE, 0600) if err != nil { @@ -524,6 +516,21 @@ func (c *Container) checkpoint(ctx context.Context, options ContainerCheckpointO if err = label.SetFileLabel(dumpLog, c.MountLabel()); err != nil { return errors.Wrapf(err, "failed to label CRIU log file %q", dumpLog) } + return nil +} + +func (c *Container) checkpoint(ctx context.Context, options ContainerCheckpointOptions) (err error) { + if err := c.checkpointRestoreSupported(); err != nil { + return err + } + + if c.state.State != ContainerStateRunning { + return errors.Wrapf(ErrCtrStateInvalid, "%q is not running, cannot checkpoint", c.state.State) + } + + if err := c.checkpointRestoreLabelLog("dump.log"); err != nil { + return err + } if err := c.runtime.ociRuntime.checkpointContainer(c, options); err != nil { return err @@ -577,6 +584,10 @@ func (c *Container) restore(ctx context.Context, options ContainerCheckpointOpti return errors.Wrapf(err, "A complete checkpoint for this container cannot be found, cannot restore") } + if err := c.checkpointRestoreLabelLog("restore.log"); err != nil { + return err + } + // Read network configuration from checkpoint // Currently only one interface with one IP is supported. networkStatusFile, err := os.Open(filepath.Join(c.bundlePath(), "network.status")) |