[libvirt] [PATCH v2 06/13] Prevent nwfilter driver running on SIGHUP in session libvirtd

[Daniel P. Berrange]

From: "Daniel P. Berrange" <berrange at redhat.com>

Although the nwfilter driver skips startup when running in a
session libvirtd, it did not skip reload or shutdown. This
caused errors to be reported when sending SIGHUP to libvirtd
---
 src/conf/nwfilter_conf.h       |  1 +
 src/nwfilter/nwfilter_driver.c | 31 +++++++++++++++++++------------
 2 files changed, 20 insertions(+), 12 deletions(-)

diff --git a/src/conf/nwfilter_conf.h b/src/conf/nwfilter_conf.h
index 8c5a6ac..b4573f5 100644
--- a/src/conf/nwfilter_conf.h
+++ b/src/conf/nwfilter_conf.h
@@ -557,6 +557,7 @@ typedef struct _virNWFilterDriverState virNWFilterDriverState;
 typedef virNWFilterDriverState *virNWFilterDriverStatePtr;
 struct _virNWFilterDriverState {
     virMutex lock;
+    bool privileged;
 
     virNWFilterObjList nwfilters;
 
diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c
index b67b704..19ebb03 100644
--- a/src/nwfilter/nwfilter_driver.c
+++ b/src/nwfilter/nwfilter_driver.c
@@ -165,7 +165,7 @@ nwfilterDriverInstallDBusMatches(DBusConnection *sysbus ATTRIBUTE_UNUSED)
  * Initialization function for the QEmu daemon
  */
 static int
-nwfilterDriverStartup(bool privileged ATTRIBUTE_UNUSED,
+nwfilterDriverStartup(bool privileged,
                       virStateInhibitCallback callback ATTRIBUTE_UNUSED,
                       void *opaque ATTRIBUTE_UNUSED)
 {
@@ -185,6 +185,7 @@ nwfilterDriverStartup(bool privileged ATTRIBUTE_UNUSED,
         goto err_free_driverstate;
 
     driverState->watchingFirewallD = (sysbus != NULL);
+    driverState->privileged = privileged;
 
     if (!privileged)
         return 0;
@@ -275,6 +276,9 @@ nwfilterDriverReload(void) {
         return -1;
     }
 
+    if (!driverState->privileged)
+        return 0;
+
     conn = virConnectOpen("qemu:///system");
 
     if (conn) {
@@ -333,21 +337,24 @@ nwfilterDriverShutdown(void) {
     if (!driverState)
         return -1;
 
-    virNWFilterConfLayerShutdown();
-    virNWFilterTechDriversShutdown();
-    virNWFilterDHCPSnoopShutdown();
-    virNWFilterLearnShutdown();
-    virNWFilterIPAddrMapShutdown();
+    if (driverState->privileged) {
+        virNWFilterConfLayerShutdown();
+        virNWFilterTechDriversShutdown();
+        virNWFilterDHCPSnoopShutdown();
+        virNWFilterLearnShutdown();
+        virNWFilterIPAddrMapShutdown();
 
-    nwfilterDriverLock(driverState);
+        nwfilterDriverLock(driverState);
 
-    nwfilterDriverRemoveDBusMatches();
+        nwfilterDriverRemoveDBusMatches();
 
-    /* free inactive nwfilters */
-    virNWFilterObjListFree(&driverState->nwfilters);
+        /* free inactive nwfilters */
+        virNWFilterObjListFree(&driverState->nwfilters);
+
+        VIR_FREE(driverState->configDir);
+        nwfilterDriverUnlock(driverState);
+    }
 
-    VIR_FREE(driverState->configDir);
-    nwfilterDriverUnlock(driverState);
     virMutexDestroy(&driverState->lock);
     VIR_FREE(driverState);
 
-- 
1.8.0.2