Running any of the firewall tools is unsupported when non-root. Rather
than attempt to initialize the driver, which will then be unusable,
just skip initialization entirely and decline startup.
This allows libvirtd to carry on operating with the network driver
disabled, while ensuring virtnetworkd will shutdown.
Signed-off-by: Daniel P. Berrangé <berrange@xxxxxxxxxx>
---
src/network/bridge_driver.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
index 371bc2bae6..ce69c56464 100644
--- a/src/network/bridge_driver.c
+++ b/src/network/bridge_driver.c
@@ -596,6 +596,12 @@ networkStateInitialize(bool privileged,
return -1;
}
+ /* Can't manipulate the firewall when non-root */
+ if (!privileged) {
+ ret = VIR_DRV_STATE_INIT_SKIPPED;
+ goto error;
+ }
+
network_driver = g_new0(virNetworkDriverState, 1);
network_driver->lockFD = -1;
--
2.45.1
