Re: [PATCH 6/6] remote: Don't attempt remote connection from libvirtd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Sep 08, 2022 at 16:25:39 +0100, Daniel P. Berrangé wrote:
> On Thu, Sep 08, 2022 at 05:16:00PM +0200, Peter Krempa wrote:

[...]

> > +#ifdef LIBVIRTD
> > +    /* When libvirtd is in use we need to avoid any further delegation of the
> > +     * connection, which can be attempted in cases when the appropriate
> > +     * connection driver was not compiled in. In such case a wrong error message
> > +     * would be reported. */
> > +    connectFlags |= VIR_CONNECT_NO_REMOTE;
> > +#endif /* LIBVIRTD */
> 
> This flag shouldn't be required in the public API. THis code and
> the remote driver are both in the same process, so it ought to be
> possible to block this using the 'inside_daemon' flag that we
> already use for similar reasons in the remote driver. This just
> feels like an edge case that we missed in our use of 'inside_daemon'

Hmm, yeah, it should be possible to achieve the same behaviour by adding
a conditionally compiled block to the 'inside_daemon' block in remoteConnectOpen
which refuses to open the connection if the daemon is 'libvirtd'.

IIUC other daemons do need to allow delegation, right?




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux