shaba/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-11-06 20:25:00 +03:00
Code Releases Activity

Ensure QEMU DAC security driver is activated at all times

Browse Source 
If the primary security driver (SELinux/AppArmour) was disabled
then the secondary QEMU DAC security driver was also disabled.
This is mistaken, because the latter must be active at all times

* src/qemu/qemu_driver.c: Ensure DAC driver is always active
This commit is contained in:
Daniel P. Berrange
2010-02-02 16:19:20 +00:00
parent 7efec25964
commit 9120f00446
1 changed files with 12 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
src/qemu/qemu_driver.c
View File

@@ -906,26 +906,28 @@ qemudSecurityInit(struct qemud_driver *qemud_drv)
int ret; int ret;
virSecurityDriverPtr security_drv; virSecurityDriverPtr security_drv;
qemuSecurityStackedSetDriver(qemud_drv);
qemuSecurityDACSetDriver(qemud_drv);
ret = virSecurityDriverStartup(&security_drv, ret = virSecurityDriverStartup(&security_drv,
qemud_drv->securityDriverName); qemud_drv->securityDriverName);
if (ret == -1) { if (ret == -1) {
VIR_ERROR0(_("Failed to start security driver")); VIR_ERROR0(_("Failed to start security driver"));
return -1; return -1;
} }
/* No security driver wanted to be enabled: just return */
/* No primary security driver wanted to be enabled: just setup
* the DAC driver on its own */
if (ret == -2) { if (ret == -2) {
qemud_drv->securityDriver = &qemuDACSecurityDriver;
VIR_INFO0(_("No security driver available")); VIR_INFO0(_("No security driver available"));
return 0; } else {
qemud_drv->securityPrimaryDriver = security_drv;
qemud_drv->securitySecondaryDriver = &qemuDACSecurityDriver;
qemud_drv->securityDriver = &qemuStackedSecurityDriver;
VIR_INFO("Initialized security driver %s", security_drv->name);
} }
qemuSecurityStackedSetDriver(qemud_drv);
qemuSecurityDACSetDriver(qemud_drv);
qemud_drv->securityPrimaryDriver = security_drv;
qemud_drv->securitySecondaryDriver = &qemuDACSecurityDriver;
qemud_drv->securityDriver = &qemuStackedSecurityDriver;
VIR_INFO("Initialized security driver %s", security_drv->name);
return 0; return 0;
} }