Re: [PATCH 2/6] Don't enable the AppArmour security driver with LXC

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 05/11/2012 06:10 AM, Daniel P. Berrange wrote:

From: Daniel Walsh<dwalsh@xxxxxxxxxx>

The AppArmour driver does not currently have support for LXC
so ensure that when probing, it claims to be disabled

Signed-off-by: Daniel P. Berrange<berrange@xxxxxxxxxx>
---
  src/security/security_apparmor.c |    5 ++++-
  1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/security/security_apparmor.c b/src/security/security_apparmor.c
index d638d1f..2d05fd0 100644
--- a/src/security/security_apparmor.c
+++ b/src/security/security_apparmor.c
@@ -328,7 +328,7 @@ AppArmorSetSecurityPCILabel(pciDevice *dev ATTRIBUTE_UNUSED,

  /* Called on libvirtd startup to see if AppArmor is available */
  static int
-AppArmorSecurityManagerProbe(const char *virtDriver ATTRIBUTE_UNUSED)
+AppArmorSecurityManagerProbe(const char *virtDriver)
  {
      char *template = NULL;
      int rc = SECURITY_DRIVER_DISABLE;
@@ -336,6 +336,9 @@ AppArmorSecurityManagerProbe(const char *virtDriver ATTRIBUTE_UNUSED)
      if (use_apparmor()<  0)
          return rc;

+    if (virtDriver&&  STREQ(virtDriver, "LXC"))
+        return rc;
+
      /* see if template file exists */
      if (virAsprintf(&template, "%s/TEMPLATE",
                                 APPARMOR_DIR "/libvirt") == -1) {

ACK

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]