[libvirt] [PATCH 3/3] ask for no deny rule for readonly disk elements
Serge Hallyn
serge.hallyn at ubuntu.com
Fri Mar 11 20:07:44 UTC 2016
[ This depends on patch 2/3, so don't cherrypick just this one :) ]
Just because a disk element only requests read access doesn't mean
there may not be another readwrite request.
This fixes 'virsh blockcommit' which otherwise fails due to inability
to write to the basefile.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
---
src/security/virt-aa-helper.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index 34d08c8..2d05522 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -939,11 +939,11 @@ add_file_path(virDomainDiskDefPtr disk,
if (depth == 0) {
if (disk->src->readonly)
- ret = vah_add_file(buf, path, "r");
+ ret = vah_add_file(buf, path, "R");
else
ret = vah_add_file(buf, path, "rw");
} else {
- ret = vah_add_file(buf, path, "r");
+ ret = vah_add_file(buf, path, "R");
}
if (ret != 0)
--
2.7.0
More information about the libvir-list
mailing list