[libvirt] [PATCH] Fix a compilation problem with LXC drop capabilities

Daniel Veillard veillard at redhat.com
Fri May 29 12:20:04 UTC 2009


  The lxcContainerDropCapabilities() function requires PR_CAPBSET_DROP
to be defined in order to compile, but it may not be defined in older
kernels. So I made the compilation of the core of the function
conditional, raise an error but still return 0 to not make the
container initialization fail. But I'm unsure, should we just fail and
return -1 if we can't drop capabilities instead ?

Daniel

-- 
Daniel Veillard      | libxml Gnome XML XSLT toolkit  http://xmlsoft.org/
daniel at veillard.com  | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library  http://libvirt.org/
-------------- next part --------------
Index: src/lxc_container.c
===================================================================
RCS file: /data/cvs/libxen/src/lxc_container.c,v
retrieving revision 1.30
diff -u -u -p -r1.30 lxc_container.c
--- src/lxc_container.c	13 May 2009 11:37:17 -0000	1.30
+++ src/lxc_container.c	29 May 2009 12:15:16 -0000
@@ -644,6 +644,7 @@ static int lxcContainerSetupMounts(virDo
 
 static int lxcContainerDropCapabilities(virDomainDefPtr vmDef ATTRIBUTE_UNUSED)
 {
+#ifdef PR_CAPBSET_DROP
     int i;
     const struct {
         int id;
@@ -660,7 +661,10 @@ static int lxcContainerDropCapabilities(
             return -1;
         }
     }
-
+#else /* ! PR_CAPBSET_DROP */
+    lxcError(NULL, NULL, VIR_ERR_INTERNAL_ERROR,
+	     _("failed to drop capabilities PR_CAPBSET_DROP undefined"));
+#endif
     return 0;
 }
 


More information about the libvir-list mailing list