Currently, when security driver is not available users are informed that
it wasn't found which can be confusing.
1. Update error message
2. Add comment to domain doc
Signed-off-by Sebastian Mitterle <smitterl@xxxxxxxxxx>
---
docs/formatdomain.html.in | 3 ++-
src/security/security_manager.c | 2 +-
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index dd04a05f09..3040448df1 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -9011,7 +9011,8 @@ qemu-kvm -net nic,model=? /dev/null
</dd>
<dt><code>model</code></dt>
<dd>A valid security model name, matching the currently
- activated security model
+ activated security model. Model <code>dac</code> is not available
+ when guest is run by unprivileged user.
</dd>
<dt><code>relabel</code></dt>
<dd>Either <code>yes</code> or <code>no</code>. This must always
diff --git a/src/security/security_manager.c b/src/security/security_manager.c
index 952675381d..f229d94570 100644
--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
@@ -769,7 +769,7 @@ static int virSecurityManagerCheckModel(virSecurityManagerPtr mgr,
}
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
- _("Unable to find security driver for model %s"),
+ _("Security driver model '%s' is not available"),
secmodel);
cleanup:
VIR_FREE(sec_managers);
--
2.21.0
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
