[libvirt] [PATCH] qemu: Don't enable seclabel remembering for session mode
Michal Privoznik
mprivozn at redhat.com
Thu Jan 10 13:02:33 UTC 2019
The session daemon is unable to set XATTRs in 'trusted'
namespace because it doesn't run as privileged process.
Therefore, when creating the default qemu config enable
rememberOwner only when running as privileged process.
Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
---
src/qemu/qemu_conf.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
index 3718ca6c22..20952e9607 100644
--- a/src/qemu/qemu_conf.c
+++ b/src/qemu/qemu_conf.c
@@ -145,7 +145,7 @@ virQEMUDriverConfigPtr virQEMUDriverConfigNew(bool privileged)
cfg->group = (gid_t)-1;
}
cfg->dynamicOwnership = privileged;
- cfg->rememberOwner = true;
+ cfg->rememberOwner = privileged;
cfg->cgroupControllers = -1; /* -1 == auto-detect */
--
2.19.2
More information about the libvir-list
mailing list