On 05.01.2012 00:01, Eric Blake wrote: > Commit b434329 has a logic bug: seclabel overrides don't set > def->type, but the default value is 0 (aka static). Restarting > libvirtd would thus reject the XML for any domain with an > override of <seclabel relabel='no'/> (which happens quite > easily if a disk image lives on NFS), with a message: > > 2012-01-04 22:29:40.949+0000: 6769: error : virSecurityLabelDefParseXMLHelper:2593 : XML error: security label is missing > > Fix the logic to never read from an override's def->type, and > to allow a missing <label> subelement when relabel is no. There's > a lot of stupid double-negatives in the code (!norelabel) because > of the way that we want the zero-initialized defaults to behave. > > * src/conf/domain_conf.c (virSecurityLabelDefParseXMLHelper): Use > type field from correct location. > --- > src/conf/domain_conf.c | 16 +++++++++------- > 1 files changed, 9 insertions(+), 7 deletions(-) > ACK. Although, I'd split the long log line. But that's just cosmetic Michal -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list