On Thu, Sep 08, 2022 at 16:25:39 +0100, Daniel P. Berrangé wrote: > On Thu, Sep 08, 2022 at 05:16:00PM +0200, Peter Krempa wrote: [...] > > +#ifdef LIBVIRTD > > + /* When libvirtd is in use we need to avoid any further delegation of the > > + * connection, which can be attempted in cases when the appropriate > > + * connection driver was not compiled in. In such case a wrong error message > > + * would be reported. */ > > + connectFlags |= VIR_CONNECT_NO_REMOTE; > > +#endif /* LIBVIRTD */ > > This flag shouldn't be required in the public API. THis code and > the remote driver are both in the same process, so it ought to be > possible to block this using the 'inside_daemon' flag that we > already use for similar reasons in the remote driver. This just > feels like an edge case that we missed in our use of 'inside_daemon' Hmm, yeah, it should be possible to achieve the same behaviour by adding a conditionally compiled block to the 'inside_daemon' block in remoteConnectOpen which refuses to open the connection if the daemon is 'libvirtd'. IIUC other daemons do need to allow delegation, right?
