[libvirt] [PATCH v3] Refactor the security drivers to simplify usage
Daniel P. Berrange
berrange at redhat.com
Mon Jan 10 10:28:04 UTC 2011
On Fri, Jan 07, 2011 at 12:29:40PM -0700, Eric Blake wrote:
> On 01/07/2011 12:15 PM, Eric Blake wrote:
> > On 01/07/2011 08:39 AM, Daniel P. Berrange wrote:
> >> This pair of checks for NULL clutters up the code, making the driver
> >> calls 2 lines longer than they really need to be. The goal of the
> >> patchset is to change the calling convention to simply
> >>
> >> if (virSecurityManagerSetHostdevLabel(driver->securityDriver,
> >> vm, hostdev) < 0)
> >>
> >
> > Can you show the changes between v2 and v3? (although if you wait long
> > enough, I can probably generate that myself, given a few minutes of git
> > usage, and start replying based on that...)
> >
>
> Just did it.
>
> > diff --git a/po/POTFILES.in b/po/POTFILES.in
> > index 3d7bc8b..3521ba6 100644
> > --- a/po/POTFILES.in
> > +++ b/po/POTFILES.in
> > @@ -61,10 +61,10 @@ src/qemu/qemu_hotplug.c
> > src/qemu/qemu_monitor.c
> > src/qemu/qemu_monitor_json.c
> > src/qemu/qemu_monitor_text.c
> > -src/qemu/qemu_security_dac.c
> > src/remote/remote_driver.c
> > src/secret/secret_driver.c
> > src/security/security_apparmor.c
> > +src/security/security_dac.c
> > src/security/security_driver.c
> > src/security/security_selinux.c
> > src/security/virt-aa-helper.c
>
> Yep, 'make syntax-check' would have complained about that. You still
> had one 'make syntax-check' failure in v3, though:
>
> libvirt_unmarked_diagnostics
> src/qemu/qemu_driver.c:1012: VIR_ERROR0("Failed to initialize
> security drivers");
> maint.mk: found unmarked diagnostic(s)
>
>
> > diff --git a/src/libvirt.c b/src/libvirt.c
> > index 89b37c5..a4789bc 100644
> > --- a/src/libvirt.c
> > +++ b/src/libvirt.c
> > @@ -5642,6 +5642,8 @@ virDomainGetSecurityLabel(virDomainPtr domain, virSecurityLabelPtr seclabel)
> > {
> > virConnectPtr conn;
> >
> > + VIR_DOMAIN_DEBUG(domain, "seclabel=%p", seclabel);
> > +
> > if (!VIR_IS_CONNECTED_DOMAIN(domain)) {
> > virLibDomainError(NULL, VIR_ERR_INVALID_DOMAIN, __FUNCTION__);
> > virDispatchError(NULL);
> > @@ -5684,6 +5686,8 @@ error:
> > int
> > virNodeGetSecurityModel(virConnectPtr conn, virSecurityModelPtr secmodel)
> > {
> > + DEBUG("conn=%p secmodel=%p", conn, secmodel);
> > +
>
> Useful changes.
>
> > if (!VIR_IS_CONNECT(conn)) {
> > virLibConnError(NULL, VIR_ERR_INVALID_CONN, __FUNCTION__);
> > virDispatchError(NULL);
> > diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
> > index 279559b..e9b8cb7 100644
> > --- a/src/libvirt_private.syms
> > +++ b/src/libvirt_private.syms
> > @@ -707,6 +707,7 @@ virSecurityDriverLookup;
> >
> > # security_manager.h
> > virSecurityManagerClearSocketLabel;
> > +virSecurityManagerFree;
> > virSecurityManagerGenLabel;
> > virSecurityManagerGetDOI;
> > virSecurityManagerGetModel;
> > diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
> > index 0f84bb2..24e9162 100644
> > --- a/src/qemu/qemu_driver.c
> > +++ b/src/qemu/qemu_driver.c
> > @@ -984,12 +984,12 @@ qemuReconnectDomains(virConnectPtr conn, struct qemud_driver *driver)
> >
> >
> > static int
> > -qemudSecurityInit(struct qemud_driver *driver)
> > +qemuSecurityInit(struct qemud_driver *driver)
>
> Why not, it fits with our other renames.
>
> > {
> > virSecurityManagerPtr mgr = virSecurityManagerNew(driver->securityDriverName,
> > driver->allowDiskFormatProbing);
> > if (!mgr)
> > - return -1;
> > + goto error;
> >
> > if (driver->privileged) {
> > virSecurityManagerPtr dac = virSecurityManagerNewDAC(driver->user,
> > @@ -997,16 +997,21 @@ qemudSecurityInit(struct qemud_driver *driver)
> > driver->allowDiskFormatProbing,
> > driver->dynamicOwnership);
> > if (!dac)
> > - return -1;
> > + goto error;
> >
> > if (!(driver->securityManager = virSecurityManagerNewStack(mgr,
> > dac)))
> > - return -1;
> > + goto error;
> > } else {
> > driver->securityManager = mgr;
> > }
> >
> > return 0;
> > +
> > +error:
> > + VIR_ERROR0("Failed to initialize security drivers");
> > + virSecurityManagerFree(mgr);
> > + return -1;
>
> Good, fixed that concern of mine.
>
> > }
> >
> >
> > @@ -1044,16 +1049,13 @@ qemuCreateCapabilities(virCapsPtr oldcaps,
> >
> > doi = virSecurityManagerGetDOI(driver->securityManager);
> > model = virSecurityManagerGetModel(driver->securityManager);
> > - if (STREQ(model, "none")) {
> > - model = "";
> > - doi = "";
> > + if (STRNEQ(model, "none")) {
> > + if (!(caps->host.secModel.model = strdup(model)))
> > + goto no_memory;
> > + if (!(caps->host.secModel.doi = strdup(doi)))
> > + goto no_memory;
> > }
> >
> > - if (!(caps->host.secModel.model = strdup(model)))
> > - goto no_memory;
> > - if (!(caps->host.secModel.doi = strdup(doi)))
> > - goto no_memory;
> > -
>
> Almost; that cleaned up the chance of calling VIR_FREE on "", but...
>
> > VIR_DEBUG("Initialized caps for security driver \"%s\" with "
> > "DOI \"%s\"", model, doi);
>
> ...if model == "none", then doi was not adjusted; do you need
> NULLSTR(doi) here?
>
> >
> > @@ -1321,7 +1323,7 @@ qemudStartup(int privileged) {
> > }
> > VIR_FREE(driverConf);
> >
> > - if (qemudSecurityInit(qemu_driver) < 0)
> > + if (qemuSecurityInit(qemu_driver) < 0)
> > goto error;
> >
> > if ((qemu_driver->caps = qemuCreateCapabilities(NULL,
> > @@ -1543,6 +1545,8 @@ qemudShutdown(void) {
> > VIR_FREE(qemu_driver->saveImageFormat);
> > VIR_FREE(qemu_driver->dumpImageFormat);
> >
> > + virSecurityManagerFree(qemu_driver->securityManager);
> > +
> > ebtablesContextFree(qemu_driver->ebtables);
> >
> > if (qemu_driver->cgroupDeviceACL) {
> > @@ -5420,6 +5424,12 @@ static int qemudNodeGetSecurityModel(virConnectPtr conn,
> > int ret = 0;
> >
> > qemuDriverLock(driver);
> > + memset(secmodel, 0, sizeof(*secmodel));
> > +
> > + /* NULL indicates no driver, which we treat as
> > + * success, but simply return no data in *secmodel */
> > + if (driver->caps->host.secModel.model == NULL)
> > + goto cleanup;
> >
> > p = driver->caps->host.secModel.model;
> > if (strlen(p) >= VIR_SECURITY_MODEL_BUFLEN-1) {
> > diff --git a/src/security/security_apparmor.h b/src/security/security_apparmor.h
> > index 90d9ddb..ffd8288 100644
> > --- a/src/security/security_apparmor.h
> > +++ b/src/security/security_apparmor.h
> > @@ -14,7 +14,7 @@
> > #ifndef __VIR_SECURITY_APPARMOR_H__
> > # define __VIR_SECURITY_APPARMOR_H__
> >
> > -#include "security_driver.h"
> > +# include "security_driver.h"
>
> You must have cppi installed :) (another make syntax-check fix).
>
> >
> > extern virSecurityDriver virAppArmorSecurityDriver;
> >
> > diff --git a/src/security/security_dac.c b/src/security/security_dac.c
> > index edecaf9..de5d011 100644
> > --- a/src/security/security_dac.c
> > +++ b/src/security/security_dac.c
> > @@ -1,13 +1,23 @@
> > /*
> > - * Copyright (C) 2010 Red Hat, Inc.
> > + * Copyright (C) 2010-2011 Red Hat, Inc.
> > *
> > * This library is free software; you can redistribute it and/or
> > * modify it under the terms of the GNU Lesser General Public
> > * License as published by the Free Software Foundation; either
> > * version 2.1 of the License, or (at your option) any later version.
> > *
> > - * QEMU POSIX DAC security driver
> > + * This library is distributed in the hope that it will be useful,
> > + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> > + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> > + * Lesser General Public License for more details.
> > + *
> > + * You should have received a copy of the GNU Lesser General Public
> > + * License along with this library; if not, write to the Free Software
> > + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
> > + *
> > + * POSIX DAC security driver
> > */
> > +
> > #include <config.h>
> > #include <sys/types.h>
> > #include <sys/stat.h>
> > @@ -537,7 +547,7 @@ virSecurityDACSetSecurityAllLabel(virSecurityManagerPtr mgr,
> > return 0;
> >
> > for (i = 0 ; i < vm->def->ndisks ; i++) {
> > - /* XXX fixme - we need to recursively label the entriy tree :-( */
> > + /* XXX fixme - we need to recursively label the entire tree :-( */
> > if (vm->def->disks[i]->type == VIR_DOMAIN_DISK_TYPE_DIR)
> > continue;
> > if (virSecurityDACSetSecurityImageLabel(mgr,
> > diff --git a/src/security/security_dac.h b/src/security/security_dac.h
> > index b690236..ccd9d1c 100644
> > --- a/src/security/security_dac.h
> > +++ b/src/security/security_dac.h
> > @@ -1,11 +1,20 @@
> > /*
> > - * Copyright (C) 2010 Red Hat, Inc.
> > + * Copyright (C) 2010-2011 Red Hat, Inc.
> > *
> > * This library is free software; you can redistribute it and/or
> > * modify it under the terms of the GNU Lesser General Public
> > * License as published by the Free Software Foundation; either
> > * version 2.1 of the License, or (at your option) any later version.
> > *
> > + * This library is distributed in the hope that it will be useful,
> > + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> > + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> > + * Lesser General Public License for more details.
> > + *
> > + * You should have received a copy of the GNU Lesser General Public
> > + * License along with this library; if not, write to the Free Software
> > + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
> > + *
> > * POSIX DAC security driver
> > */
> >
> > diff --git a/src/security/security_driver.c b/src/security/security_driver.c
> > index 6d75dcc..4df73d7 100644
> > --- a/src/security/security_driver.c
> > +++ b/src/security/security_driver.c
> > @@ -14,6 +14,7 @@
> > #include <string.h>
> >
> > #include "virterror_internal.h"
> > +#include "logging.h"
> >
> > #include "security_driver.h"
> > #ifdef WITH_SECDRIVER_SELINUX
> > @@ -41,7 +42,9 @@ virSecurityDriverPtr virSecurityDriverLookup(const char *name)
> > virSecurityDriverPtr drv = NULL;
> > int i;
> >
> > - for (i = 0; i < ARRAY_CARDINALITY(security_drivers) ; i++) {
> > + VIR_DEBUG("name=%s", NULLSTR(name));
> > +
> > + for (i = 0; i < ARRAY_CARDINALITY(security_drivers) && !drv ; i++) {
> > virSecurityDriverPtr tmp = security_drivers[i];
> >
> > if (name) {
> > @@ -52,10 +55,12 @@ virSecurityDriverPtr virSecurityDriverLookup(const char *name)
> > } else {
> > switch (tmp->probe()) {
> > case SECURITY_DRIVER_ENABLE:
> > + VIR_DEBUG("Probed name=%s", tmp->name);
> > drv = tmp;
> > break;
> >
> > case SECURITY_DRIVER_DISABLE:
> > + VIR_DEBUG("Not enabled name=%s", tmp->name);
> > break;
> >
> > default:
> > @@ -66,10 +71,10 @@ virSecurityDriverPtr virSecurityDriverLookup(const char *name)
> >
> > if (!drv) {
> > virSecurityReportError(VIR_ERR_INTERNAL_ERROR,
> > - "Security driver %s not found", NULLSTR(name));
> > + _("Security driver %s not found"),
> > + NULLSTR(name));
> > return NULL;
> > }
> >
> > return drv;
> > }
> > -
> > diff --git a/src/security/security_manager.c b/src/security/security_manager.c
> > index 7ab6e37..66cffb5 100644
> > --- a/src/security/security_manager.c
> > +++ b/src/security/security_manager.c
> > @@ -1,3 +1,24 @@
> > +/*
> > + * security_manager.c: Internal security manager API
> > + *
> > + * Copyright (C) 2010-2011 Red Hat, Inc.
> > + *
> > + * This library is free software; you can redistribute it and/or
> > + * modify it under the terms of the GNU Lesser General Public
> > + * License as published by the Free Software Foundation; either
> > + * version 2.1 of the License, or (at your option) any later version.
> > + *
> > + * This library is distributed in the hope that it will be useful,
> > + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> > + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> > + * Lesser General Public License for more details.
> > + *
> > + * You should have received a copy of the GNU Lesser General Public
> > + * License along with this library; if not, write to the Free Software
> > + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
> > + *
> > + * Author: Daniel P. Berrange <berrange at redhat.com>
> > + */
> >
> > #include <config.h>
> >
> > @@ -45,6 +66,9 @@ virSecurityManagerPtr virSecurityManagerNewStack(virSecurityManagerPtr primary,
> > virSecurityManagerNewDriver(&virSecurityDriverStack,
> > virSecurityManagerGetAllowDiskFormatProbing(primary));
> >
> > + if (!mgr)
> > + return NULL;
> > +
> > virSecurityStackSetPrimary(mgr, primary);
> > virSecurityStackSetSecondary(mgr, secondary);
> >
> > @@ -60,6 +84,9 @@ virSecurityManagerPtr virSecurityManagerNewDAC(uid_t user,
> > virSecurityManagerNewDriver(&virSecurityDriverDAC,
> > allowDiskFormatProbing);
> >
> > + if (!mgr)
> > + return NULL;
> > +
> > virSecurityDACSetUser(mgr, user);
> > virSecurityDACSetGroup(mgr, group);
> > virSecurityDACSetDynamicOwnership(mgr, dynamicOwnership);
> > @@ -80,7 +107,7 @@ virSecurityManagerPtr virSecurityManagerNew(const char *name,
> >
> > void *virSecurityManagerGetPrivateData(virSecurityManagerPtr mgr)
> > {
> > - return mgr + sizeof(mgr);
> > + return ((char*)mgr) + sizeof(mgr);
>
> Definitely a good fix :)
>
> > }
> >
> >
> > @@ -288,4 +315,3 @@ int virSecurityManagerVerify(virSecurityManagerPtr mgr,
> > virSecurityReportError(VIR_ERR_NO_SUPPORT, __FUNCTION__);
> > return -1;
> > }
> > -
> > diff --git a/src/security/security_manager.h b/src/security/security_manager.h
> > index c0ef84f..189b6b4 100644
> > --- a/src/security/security_manager.h
> > +++ b/src/security/security_manager.h
> > @@ -1,8 +1,29 @@
> > +/*
> > + * security_manager.h: Internal security manager API
> > + *
> > + * Copyright (C) 2010-2011 Red Hat, Inc.
> > + *
> > + * This library is free software; you can redistribute it and/or
> > + * modify it under the terms of the GNU Lesser General Public
> > + * License as published by the Free Software Foundation; either
> > + * version 2.1 of the License, or (at your option) any later version.
> > + *
> > + * This library is distributed in the hope that it will be useful,
> > + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> > + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> > + * Lesser General Public License for more details.
> > + *
> > + * You should have received a copy of the GNU Lesser General Public
> > + * License along with this library; if not, write to the Free Software
> > + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
> > + *
> > + * Author: Daniel P. Berrange <berrange at redhat.com>
> > + */
> >
> > #ifndef VIR_SECURITY_MANAGER_H__
> > -#define VIR_SECURITY_MANAGER_H__
> > +# define VIR_SECURITY_MANAGER_H__
> >
> > -# define virSecurityReportError(code, ...) \
> > +# define virSecurityReportError(code, ...) \
> > virReportErrorHelper(NULL, VIR_FROM_SECURITY, code, __FILE__, \
> > __FUNCTION__, __LINE__, __VA_ARGS__)
> >
> > diff --git a/src/security/security_nop.c b/src/security/security_nop.c
> > index 947cf55..6d7cb47 100644
> > --- a/src/security/security_nop.c
> > +++ b/src/security/security_nop.c
> > @@ -1,4 +1,21 @@
> > -
> > +/*
> > + * Copyright (C) 2010-2011 Red Hat, Inc.
> > + *
> > + * This library is free software; you can redistribute it and/or
> > + * modify it under the terms of the GNU Lesser General Public
> > + * License as published by the Free Software Foundation; either
> > + * version 2.1 of the License, or (at your option) any later version.
> > + *
> > + * This library is distributed in the hope that it will be useful,
> > + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> > + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> > + * Lesser General Public License for more details.
> > + *
> > + * You should have received a copy of the GNU Lesser General Public
> > + * License along with this library; if not, write to the Free Software
> > + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
> > + *
> > + */
> >
> > #include <config.h>
> >
> > @@ -134,7 +151,7 @@ static int virSecurityDomainVerifyNop(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED
> >
> > virSecurityDriver virSecurityDriverNop = {
> > 0,
> > - "nop",
> > + "none",
>
> Reasonable name change.
>
> > virSecurityDriverProbeNop,
> > virSecurityDriverOpenNop,
> > virSecurityDriverCloseNop,
> > diff --git a/src/security/security_nop.h b/src/security/security_nop.h
> > index 714e646..589a75d 100644
> > --- a/src/security/security_nop.h
> > +++ b/src/security/security_nop.h
> > @@ -1,16 +1,26 @@
> > /*
> > - * Copyright (C) 2010 Red Hat, Inc.
> > + * Copyright (C) 2010-2011 Red Hat, Inc.
> > *
> > * This library is free software; you can redistribute it and/or
> > * modify it under the terms of the GNU Lesser General Public
> > * License as published by the Free Software Foundation; either
> > * version 2.1 of the License, or (at your option) any later version.
> > *
> > + * This library is distributed in the hope that it will be useful,
> > + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> > + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> > + * Lesser General Public License for more details.
> > + *
> > + * You should have received a copy of the GNU Lesser General Public
> > + * License along with this library; if not, write to the Free Software
> > + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
> > + *
> > */
> > +
> > #ifndef __VIR_SECURITY_NOP_H__
> > # define __VIR_SECURITY_NOP_H__
> >
> > -#include "security_driver.h"
> > +# include "security_driver.h"
> >
> > extern virSecurityDriver virSecurityDriverNop;
> >
> > diff --git a/src/security/security_stack.c b/src/security/security_stack.c
> > index 9b3753a..e8bb058 100644
> > --- a/src/security/security_stack.c
> > +++ b/src/security/security_stack.c
> > @@ -1,12 +1,21 @@
> > /*
> > - * Copyright (C) 2010 Red Hat, Inc.
> > + * Copyright (C) 2010-2011 Red Hat, Inc.
> > *
> > * This library is free software; you can redistribute it and/or
> > * modify it under the terms of the GNU Lesser General Public
> > * License as published by the Free Software Foundation; either
> > * version 2.1 of the License, or (at your option) any later version.
> > *
> > - * QEMU stacked security driver
> > + * This library is distributed in the hope that it will be useful,
> > + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> > + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> > + * Lesser General Public License for more details.
> > + *
> > + * You should have received a copy of the GNU Lesser General Public
> > + * License along with this library; if not, write to the Free Software
> > + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
> > + *
> > + * Stacked security driver
> > */
> >
> > #include <config.h>
> > @@ -57,14 +66,16 @@ virSecurityStackClose(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED)
> > return 0;
> > }
> >
> > -static const char * virSecurityStackGetModel(virSecurityManagerPtr mgr)
> > +static const char *
> > +virSecurityStackGetModel(virSecurityManagerPtr mgr)
> > {
> > virSecurityStackDataPtr priv = virSecurityManagerGetPrivateData(mgr);
> >
> > return virSecurityManagerGetModel(priv->primary);
> > }
> >
> > -static const char * virSecurityStackGetDOI(virSecurityManagerPtr mgr)
> > +static const char *
> > +virSecurityStackGetDOI(virSecurityManagerPtr mgr)
> > {
> > virSecurityStackDataPtr priv = virSecurityManagerGetPrivateData(mgr);
> >
> > @@ -81,10 +92,8 @@ virSecurityStackVerify(virSecurityManagerPtr mgr,
> > if (virSecurityManagerVerify(priv->primary, def) < 0)
> > rc = -1;
> >
> > -#if 0
> > if (virSecurityManagerVerify(priv->secondary, def) < 0)
> > rc = -1;
> > -#endif
> >
> > return rc;
> > }
> > @@ -99,7 +108,14 @@ virSecurityStackGenLabel(virSecurityManagerPtr mgr,
> >
> > if (virSecurityManagerGenLabel(priv->primary, vm) < 0)
> > rc = -1;
> > +
> > #if 0
> > + /* We don't allow secondary drivers to generate labels.
> > + * This may have to change in the future, but requires
> > + * changes elsewhere in domain_conf.c and capabilities.c
> > + * XML formats first, to allow recording of multiple
> > + * labels
> > + */
> > if (virSecurityManagerGenLabel(priv->secondary, vm) < 0)
> > rc = -1;
> > #endif
> > @@ -118,6 +134,7 @@ virSecurityStackReleaseLabel(virSecurityManagerPtr mgr,
> > if (virSecurityManagerReleaseLabel(priv->primary, vm) < 0)
> > rc = -1;
> > #if 0
> > + /* XXX See note in GenLabel */
> > if (virSecurityManagerReleaseLabel(priv->secondary, vm) < 0)
> > rc = -1;
> > #endif
> > @@ -136,6 +153,7 @@ virSecurityStackReserveLabel(virSecurityManagerPtr mgr,
> > if (virSecurityManagerReserveLabel(priv->primary, vm) < 0)
> > rc = -1;
> > #if 0
> > + /* XXX See note in GenLabel */
> > if (virSecurityManagerReserveLabel(priv->secondary, vm) < 0)
> > rc = -1;
>
> Thanks - those extra comments help justify the #if 0.
>
> > #endif
> > diff --git a/src/security/security_stack.h b/src/security/security_stack.h
> > index c924842..bc83ff3 100644
> > --- a/src/security/security_stack.h
> > +++ b/src/security/security_stack.h
> > @@ -1,12 +1,21 @@
> > /*
> > - * Copyright (C) 2010 Red Hat, Inc.
> > + * Copyright (C) 2010-2011 Red Hat, Inc.
> > *
> > * This library is free software; you can redistribute it and/or
> > * modify it under the terms of the GNU Lesser General Public
> > * License as published by the Free Software Foundation; either
> > * version 2.1 of the License, or (at your option) any later version.
> > *
> > - * QEMU stacked security driver
> > + * This library is distributed in the hope that it will be useful,
> > + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> > + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> > + * Lesser General Public License for more details.
> > + *
> > + * You should have received a copy of the GNU Lesser General Public
> > + * License along with this library; if not, write to the Free Software
> > + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
> > + *
> > + * Stacked security driver
> > */
> >
> > #include "security_driver.h"
> >
>
> And 'make check' is still failing:
Urgh, I really hate that a simple 'make' no longer builds
the test suite :-(
Daniel
More information about the libvir-list
mailing list