From 3746b070e79e5fe573f8b0bf32095a34f91b1eba Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Tue, 1 May 2012 10:46:08 +0100
Subject: [PATCH] Ensure LXC security driver is set unconditonally

The driver->securityDriverName field may be NULL, if automatic
probing is used to determine security driver. This meant that
unless selinux was explicitly requested in lxc.conf, it was
not being sent to the libvirt_lxc process.

The driver->securityManager field is guaranteed non-NULL, since
there will always be the 'none' security driver present if
nothing else exists. So use that to set the driver name for
libvirt_lxc

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
 src/lxc/lxc_driver.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
index ffdd4ac5ac..03783ffbf8 100644
--- a/src/lxc/lxc_driver.c
+++ b/src/lxc/lxc_driver.c
@@ -1616,8 +1616,8 @@ lxcBuildControllerCmd(lxc_driver_t *driver,
         virCommandPreserveFD(cmd, ttyFDs[i]);
     }
 
-    if (driver->securityDriverName)
-        virCommandAddArgPair(cmd, "--security", driver->securityDriverName);
+    virCommandAddArgPair(cmd, "--security",
+                         virSecurityManagerGetModel(driver->securityManager));
 
     virCommandAddArg(cmd, "--handshake");
     virCommandAddArgFormat(cmd, "%d", handshakefd);