[libvirt] [PATCH 1/3] Ensure LXC security driver is set unconditonally
Stefan Berger
stefanb at linux.vnet.ibm.com
Tue May 1 14:36:03 UTC 2012
On 05/01/2012 06:10 AM, Daniel P. Berrange wrote:
> From: "Daniel P. Berrange"<berrange at redhat.com>
>
> The driver->securityDriverName field may be NULL, if automatic
> probing is used to determine security driver. This meant that
> unless selinux was explicitly requested in lxc.conf, it was
> not being sent to the libvirt_lxc process.
>
> The driver->securityManager field is guaranteed non-NULL, since
> there will always be the 'none' security driver present if
> nothing else exists. So use that to set the driver name for
> libvirt_lxc
>
> Signed-off-by: Daniel P. Berrange<berrange at redhat.com>
> ---
> src/lxc/lxc_driver.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
> index ffdd4ac..03783ff 100644
> --- a/src/lxc/lxc_driver.c
> +++ b/src/lxc/lxc_driver.c
> @@ -1616,8 +1616,8 @@ lxcBuildControllerCmd(lxc_driver_t *driver,
> virCommandPreserveFD(cmd, ttyFDs[i]);
> }
>
> - if (driver->securityDriverName)
> - virCommandAddArgPair(cmd, "--security", driver->securityDriverName);
> + virCommandAddArgPair(cmd, "--security",
> + virSecurityManagerGetModel(driver->securityManager));
>
> virCommandAddArg(cmd, "--handshake");
> virCommandAddArgFormat(cmd, "%d", handshakefd);
ACK
More information about the libvir-list
mailing list