[libvirt] [PATCH v3 03/13] security: Always spawn process for transactions
Michal Privoznik
mprivozn at redhat.com
Wed Oct 17 09:06:45 UTC 2018
In the next commit the virSecurityManagerMetadataLock() is going
to be turned thread unsafe. Therefore, we have to spawn a
separate process for it. Always.
Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
---
src/security/security_dac.c | 2 +-
src/security/security_selinux.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index da4a6c72fe..580d800bb1 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -563,7 +563,7 @@ virSecurityDACTransactionCommit(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
}
if ((pid == -1 &&
- virSecurityDACTransactionRun(pid, list) < 0) ||
+ virProcessRunInFork(virSecurityDACTransactionRun, list) < 0) ||
(pid != -1 &&
virProcessRunInMountNamespace(pid,
virSecurityDACTransactionRun,
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index 467d1e6bfe..0e24b9b3ca 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1104,7 +1104,7 @@ virSecuritySELinuxTransactionCommit(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
}
if ((pid == -1 &&
- virSecuritySELinuxTransactionRun(pid, list) < 0) ||
+ virProcessRunInFork(virSecuritySELinuxTransactionRun, list) < 0) ||
(pid != -1 &&
virProcessRunInMountNamespace(pid,
virSecuritySELinuxTransactionRun,
--
2.18.1
More information about the libvir-list
mailing list