[libvirt] [PATCH] Don't error when attaching security label of model "none"
Martin Kletzander
mkletzan at redhat.com
Wed Jul 13 11:47:52 UTC 2016
On Wed, Jul 13, 2016 at 11:18:28AM +0100, Daniel P. Berrange wrote:
>If you invoke virDomainLxcEnterSecurityLabel() on security
>model of "none" it will report an error. Logically a "none"
>security model should be treated as a no-op, so we should
>just return success immediately, instead of an error.
>
>Signed-off-by: Daniel P. Berrange <berrange at redhat.com>
>---
> src/libvirt-lxc.c | 2 ++
> 1 file changed, 2 insertions(+)
>
ACK for this, just one question though. Shouldn't there be support for
DAC as well or is that done by default somewhere else?
>diff --git a/src/libvirt-lxc.c b/src/libvirt-lxc.c
>index 16e08e9..c487ece 100644
>--- a/src/libvirt-lxc.c
>+++ b/src/libvirt-lxc.c
>@@ -257,6 +257,8 @@ virDomainLxcEnterSecurityLabel(virSecurityModelPtr model,
> _("Support for AppArmor is not enabled"));
> goto error;
> #endif
>+ } else if (STREQ(model->model, "none")) {
>+ /* nothing todo */
> } else {
> virReportError(VIR_ERR_ARGUMENT_UNSUPPORTED,
> _("Security model %s cannot be entered"),
>--
>2.7.4
>
>--
>libvir-list mailing list
>libvir-list at redhat.com
>https://www.redhat.com/mailman/listinfo/libvir-list
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20160713/e5873504/attachment-0001.sig>
More information about the libvir-list
mailing list