[PATCH 5/5] src: Detect close_range syscall during virGlobalInit()
Michal Privoznik
mprivozn at redhat.com
Tue Aug 22 13:34:41 UTC 2023
The whole purpose of virCloseRangeInit() is to be called
somewhere during initialization (ideally before first virExec()
or virCommandRun()), so that the rest of the code already knows
kernel capabilities. While I can put the call somewhere into
remote_daemon.c (when a daemon initializes), we might call
virCommand*() even from client library (i.e. no daemon).
Therefore, put it into virGlobalInit() with the rest of
initialization code.
Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
---
src/libvirt.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/libvirt.c b/src/libvirt.c
index 69d5b13bff..26c3fe454f 100644
--- a/src/libvirt.c
+++ b/src/libvirt.c
@@ -231,6 +231,10 @@ virGlobalInit(void)
goto error;
}
+ /* Do this upfront rather than every time a child is spawned. */
+ if (virCloseRangeInit() < 0)
+ goto error;
+
if (virLogSetFromEnv() < 0)
goto error;
--
2.41.0
More information about the libvir-list
mailing list