From bde453e30bf69a2a523903eb048b30f33df88b4c Mon Sep 17 00:00:00 2001 From: Robert Sturla Date: Fri, 9 Aug 2024 20:53:06 +0100 Subject: [PATCH 1/5] fix(dx): adds a systemd unit workaround service to relabel libvirt files Almost all users need to run a restorecon on one or two of these directories. I'm hoping this will solve these issues automatically on boot. --- .../lib/systemd/system/libvirt-workaround.service | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 system_files/dx/usr/lib/systemd/system/libvirt-workaround.service diff --git a/system_files/dx/usr/lib/systemd/system/libvirt-workaround.service b/system_files/dx/usr/lib/systemd/system/libvirt-workaround.service new file mode 100644 index 00000000000..9dec469301c --- /dev/null +++ b/system_files/dx/usr/lib/systemd/system/libvirt-workaround.service @@ -0,0 +1,13 @@ +[Unit] +Description=Workaround to relabel libvirt files and directories +ConditionPathIsDirectory=/var/lib/libvirt/ +After=local-fs.target + +[Service] +Type=oneshot +Exec=/usr/sbin/restorecon -R /var/log/libvirt/ +Exec=/usr/sbin/restorecon -R /var/lib/libvirt/ +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target default.target From babe6b49042a5e33d998aa516ad875523792ab17 Mon Sep 17 00:00:00 2001 From: Robert Sturla Date: Fri, 9 Aug 2024 20:57:11 +0100 Subject: [PATCH 2/5] Allow the user to disable the service --- build_files/systemd-dx.sh | 1 + .../dx/usr/lib/systemd/system/libvirt-workaround.service | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/build_files/systemd-dx.sh b/build_files/systemd-dx.sh index 7e234733da8..53595bb0c44 100755 --- a/build_files/systemd-dx.sh +++ b/build_files/systemd-dx.sh @@ -5,6 +5,7 @@ set -ouex pipefail systemctl enable docker.socket systemctl enable podman.socket systemctl enable swtpm-workaround.service +systemctl enable libvirt-workaround.service systemctl enable bluefin-dx-groups.service systemctl enable --global bluefin-dx-user-vscode.service systemctl disable pmie.service diff --git a/system_files/dx/usr/lib/systemd/system/libvirt-workaround.service b/system_files/dx/usr/lib/systemd/system/libvirt-workaround.service index 9dec469301c..0905422233a 100644 --- a/system_files/dx/usr/lib/systemd/system/libvirt-workaround.service +++ b/system_files/dx/usr/lib/systemd/system/libvirt-workaround.service @@ -10,4 +10,4 @@ Exec=/usr/sbin/restorecon -R /var/lib/libvirt/ RemainAfterExit=yes [Install] -WantedBy=multi-user.target default.target +WantedBy=multi-user.target From d0e7c8ec41af7524a2c637b02f6b3f065e88303b Mon Sep 17 00:00:00 2001 From: Robert Sturla Date: Fri, 9 Aug 2024 20:58:37 +0100 Subject: [PATCH 3/5] Use ExecStart rather than Exec in systemd unit --- .../dx/usr/lib/systemd/system/libvirt-workaround.service | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/system_files/dx/usr/lib/systemd/system/libvirt-workaround.service b/system_files/dx/usr/lib/systemd/system/libvirt-workaround.service index 0905422233a..dca36cb8dee 100644 --- a/system_files/dx/usr/lib/systemd/system/libvirt-workaround.service +++ b/system_files/dx/usr/lib/systemd/system/libvirt-workaround.service @@ -5,8 +5,8 @@ After=local-fs.target [Service] Type=oneshot -Exec=/usr/sbin/restorecon -R /var/log/libvirt/ -Exec=/usr/sbin/restorecon -R /var/lib/libvirt/ +ExecStart=/usr/sbin/restorecon -R /var/log/libvirt/ +ExecStart=/usr/sbin/restorecon -R /var/lib/libvirt/ RemainAfterExit=yes [Install] From f6202c2f3349d1dfc97f206db6bc0ff1f4025d0a Mon Sep 17 00:00:00 2001 From: Robert Sturla Date: Fri, 9 Aug 2024 21:00:36 +0100 Subject: [PATCH 4/5] Continue service on error --- .../dx/usr/lib/systemd/system/libvirt-workaround.service | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/system_files/dx/usr/lib/systemd/system/libvirt-workaround.service b/system_files/dx/usr/lib/systemd/system/libvirt-workaround.service index dca36cb8dee..91498c76909 100644 --- a/system_files/dx/usr/lib/systemd/system/libvirt-workaround.service +++ b/system_files/dx/usr/lib/systemd/system/libvirt-workaround.service @@ -5,8 +5,8 @@ After=local-fs.target [Service] Type=oneshot -ExecStart=/usr/sbin/restorecon -R /var/log/libvirt/ -ExecStart=/usr/sbin/restorecon -R /var/lib/libvirt/ +ExecStart=-/usr/sbin/restorecon -R /var/log/libvirt/ +ExecStart=-/usr/sbin/restorecon -R /var/lib/libvirt/ RemainAfterExit=yes [Install] From 7b870489e06a98cb04507f2845001248f8131971 Mon Sep 17 00:00:00 2001 From: Robert Sturla Date: Fri, 9 Aug 2024 21:30:21 +0100 Subject: [PATCH 5/5] Create libvirt log directory so restorecon can target it --- system_files/dx/usr/lib/tmpfiles.d/libvirt-workaround.conf | 1 + 1 file changed, 1 insertion(+) create mode 100644 system_files/dx/usr/lib/tmpfiles.d/libvirt-workaround.conf diff --git a/system_files/dx/usr/lib/tmpfiles.d/libvirt-workaround.conf b/system_files/dx/usr/lib/tmpfiles.d/libvirt-workaround.conf new file mode 100644 index 00000000000..4af298b7b5a --- /dev/null +++ b/system_files/dx/usr/lib/tmpfiles.d/libvirt-workaround.conf @@ -0,0 +1 @@ +d /var/log/libvirt 0750 - - - -