aboutsummaryrefslogtreecommitdiff
path: root/libpod
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2019-04-14 02:02:40 -0700
committerGitHub <noreply@github.com>2019-04-14 02:02:40 -0700
commit9acc9cd58c552c0fb20d817d3d3124610ebea01d (patch)
treede68dcb6cf2b28f5aa1cecd2752335e61eb9ba83 /libpod
parentb9260053e94f2b4a00dbe7eba67fd195018bf94a (diff)
parent86987b8038ddeb883048424884c908fb55a3e397 (diff)
downloadpodman-9acc9cd58c552c0fb20d817d3d3124610ebea01d.tar.gz
podman-9acc9cd58c552c0fb20d817d3d3124610ebea01d.tar.bz2
podman-9acc9cd58c552c0fb20d817d3d3124610ebea01d.zip
Merge pull request #2912 from adrianreber/label
Use the same SELinux label for CRIU log files
Diffstat (limited to 'libpod')
-rw-r--r--libpod/container_internal_linux.go31
1 files changed, 21 insertions, 10 deletions
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index eeffa4705..f352b188e 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -504,17 +504,9 @@ func (c *Container) checkpointRestoreSupported() (err error) {
return nil
}
-func (c *Container) checkpoint(ctx context.Context, options ContainerCheckpointOptions) (err error) {
- if err := c.checkpointRestoreSupported(); err != nil {
- return err
- }
-
- if c.state.State != ContainerStateRunning {
- return errors.Wrapf(ErrCtrStateInvalid, "%q is not running, cannot checkpoint", c.state.State)
- }
-
+func (c *Container) checkpointRestoreLabelLog(fileName string) (err error) {
// Create the CRIU log file and label it
- dumpLog := filepath.Join(c.bundlePath(), "dump.log")
+ dumpLog := filepath.Join(c.bundlePath(), fileName)
logFile, err := os.OpenFile(dumpLog, os.O_CREATE, 0600)
if err != nil {
@@ -524,6 +516,21 @@ func (c *Container) checkpoint(ctx context.Context, options ContainerCheckpointO
if err = label.SetFileLabel(dumpLog, c.MountLabel()); err != nil {
return errors.Wrapf(err, "failed to label CRIU log file %q", dumpLog)
}
+ return nil
+}
+
+func (c *Container) checkpoint(ctx context.Context, options ContainerCheckpointOptions) (err error) {
+ if err := c.checkpointRestoreSupported(); err != nil {
+ return err
+ }
+
+ if c.state.State != ContainerStateRunning {
+ return errors.Wrapf(ErrCtrStateInvalid, "%q is not running, cannot checkpoint", c.state.State)
+ }
+
+ if err := c.checkpointRestoreLabelLog("dump.log"); err != nil {
+ return err
+ }
if err := c.runtime.ociRuntime.checkpointContainer(c, options); err != nil {
return err
@@ -577,6 +584,10 @@ func (c *Container) restore(ctx context.Context, options ContainerCheckpointOpti
return errors.Wrapf(err, "A complete checkpoint for this container cannot be found, cannot restore")
}
+ if err := c.checkpointRestoreLabelLog("restore.log"); err != nil {
+ return err
+ }
+
// Read network configuration from checkpoint
// Currently only one interface with one IP is supported.
networkStatusFile, err := os.Open(filepath.Join(c.bundlePath(), "network.status"))