On Mon, Sep 16, 2024 at 04:04:40PM GMT, Daniel P. Berrangé wrote:
> On Mon, Sep 16, 2024 at 04:55:55PM +0200, Andrea Bolognani wrote:
> > static virSecurityDriverStatus
> > AppArmorSecurityManagerProbe(const char *virtDriver G_GNUC_UNUSED)
>
> We're passing the virt driver name ("QEMU" or "LXC") in here and not using
> it.....
>
> ...rather than delete these, pick the right check to perform based
> on 'virtDriver' value.
>
> eg approximately like this
>
> g_autofree char *template_name = g_strdup(virtDriver);
> for (i = 0; template_name[i]; i++)
> template_name[i] = tolower(template_name[i])
> template = g_strdup_printf("%s/TEMPLATE.%s", APPARMOR_DIR "/libvirt", template_name)
I can give it a shot, but it still seems pointless to check whether
the files are available ahead of time when virt-aa-helper will do
that at the time when they're actually going to be used. What do we
gain by doing that?
--
Andrea Bolognani / Red Hat / Virtualization
