[libvirt] [PATCH] Fix a compilation problem with LXC drop capabilities
Daniel Veillard
veillard at redhat.com
Fri May 29 12:20:04 UTC 2009
The lxcContainerDropCapabilities() function requires PR_CAPBSET_DROP
to be defined in order to compile, but it may not be defined in older
kernels. So I made the compilation of the core of the function
conditional, raise an error but still return 0 to not make the
container initialization fail. But I'm unsure, should we just fail and
return -1 if we can't drop capabilities instead ?
Daniel
--
Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
daniel at veillard.com | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library http://libvirt.org/
-------------- next part --------------
Index: src/lxc_container.c
===================================================================
RCS file: /data/cvs/libxen/src/lxc_container.c,v
retrieving revision 1.30
diff -u -u -p -r1.30 lxc_container.c
--- src/lxc_container.c 13 May 2009 11:37:17 -0000 1.30
+++ src/lxc_container.c 29 May 2009 12:15:16 -0000
@@ -644,6 +644,7 @@ static int lxcContainerSetupMounts(virDo
static int lxcContainerDropCapabilities(virDomainDefPtr vmDef ATTRIBUTE_UNUSED)
{
+#ifdef PR_CAPBSET_DROP
int i;
const struct {
int id;
@@ -660,7 +661,10 @@ static int lxcContainerDropCapabilities(
return -1;
}
}
-
+#else /* ! PR_CAPBSET_DROP */
+ lxcError(NULL, NULL, VIR_ERR_INTERNAL_ERROR,
+ _("failed to drop capabilities PR_CAPBSET_DROP undefined"));
+#endif
return 0;
}
More information about the libvir-list
mailing list