[PATCH 10/15] Move security manager into virLXCControllerPtr object

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: "Daniel P. Berrange" <berrange@xxxxxxxxxx>

Move the security manager object into the virLXCControllerPtr
object. Also simplify the code creating it in the first place

Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx>
---
 src/lxc/lxc_controller.c |   37 +++++++++++++++----------------------
 1 file changed, 15 insertions(+), 22 deletions(-)

diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
index d6002c4..af8a936 100644
--- a/src/lxc/lxc_controller.c
+++ b/src/lxc/lxc_controller.c
@@ -122,6 +122,8 @@ struct _virLXCController {
 
     size_t nloopDevs;
     int *loopDevFds;
+
+    virSecurityManagerPtr securityManager;
 };
 
 static void virLXCControllerFree(virLXCControllerPtr ctrl);
@@ -222,6 +224,8 @@ static void virLXCControllerFree(virLXCControllerPtr ctrl)
 
     virLXCControllerStopInit(ctrl);
 
+    virSecurityManagerFree(ctrl->securityManager);
+
     for (i = 0 ; i < ctrl->nveths ; i++)
         VIR_FREE(ctrl->veths[i]);
     VIR_FREE(ctrl->veths);
@@ -1542,7 +1546,6 @@ cleanup:
 
 static int
 virLXCControllerRun(virLXCControllerPtr ctrl,
-                    virSecurityManagerPtr securityDriver,
                     int monitor,
                     int client)
 {
@@ -1602,7 +1605,8 @@ virLXCControllerRun(virLXCControllerPtr ctrl,
      * marked as shared
      */
     if (root) {
-        mount_options = virSecurityManagerGetMountOptions(securityDriver, ctrl->def);
+        mount_options = virSecurityManagerGetMountOptions(ctrl->securityManager,
+                                                          ctrl->def);
         char *opts;
         VIR_DEBUG("Setting up private /dev/pts");
 
@@ -1696,7 +1700,7 @@ virLXCControllerRun(virLXCControllerPtr ctrl,
         goto cleanup;
 
     if ((ctrl->initpid = lxcContainerStart(ctrl->def,
-                                           securityDriver,
+                                           ctrl->securityManager,
                                            ctrl->nveths,
                                            ctrl->veths,
                                            control[1],
@@ -1793,9 +1797,9 @@ int main(int argc, char *argv[])
     };
     int *ttyFDs = NULL;
     size_t nttyFDs = 0;
-    virSecurityManagerPtr securityDriver = NULL;
     virLXCControllerPtr ctrl = NULL;
     size_t i;
+    const char *securityDriver = "none";
 
     if (setlocale(LC_ALL, "") == NULL ||
         bindtextdomain(PACKAGE, LOCALEDIR) == NULL ||
@@ -1860,13 +1864,7 @@ int main(int argc, char *argv[])
             break;
 
         case 'S':
-            if (!(securityDriver = virSecurityManagerNew(optarg,
-                                                         LXC_DRIVER_NAME,
-                                                         false, false, false))) {
-                fprintf(stderr, "Cannot create security manager '%s'",
-                        optarg);
-                goto cleanup;
-            }
+            securityDriver = optarg;
             break;
 
         case 'h':
@@ -1888,16 +1886,6 @@ int main(int argc, char *argv[])
         }
     }
 
-    if (securityDriver == NULL) {
-        if (!(securityDriver = virSecurityManagerNew("none",
-                                                     LXC_DRIVER_NAME,
-                                                     false, false, false))) {
-            fprintf(stderr, "%s: cannot initialize nop security manager", argv[0]);
-            goto cleanup;
-        }
-    }
-
-
     if (name == NULL) {
         fprintf(stderr, "%s: missing --name argument for configuration\n", argv[0]);
         goto cleanup;
@@ -1921,6 +1909,11 @@ int main(int argc, char *argv[])
 
     ctrl->handshakeFd = handshakeFd;
 
+    if (!(ctrl->securityManager = virSecurityManagerNew(securityDriver,
+                                                        LXC_DRIVER_NAME,
+                                                        false, false, false)))
+        goto cleanup;
+
     VIR_DEBUG("Security model %s type %s label %s imagelabel %s",
               NULLSTR(ctrl->def->seclabel.model),
               virDomainSeclabelTypeToString(ctrl->def->seclabel.type),
@@ -1987,7 +1980,7 @@ int main(int argc, char *argv[])
         goto cleanup;
     }
 
-    rc = virLXCControllerRun(ctrl, securityDriver,
+    rc = virLXCControllerRun(ctrl,
                              monitor, client);
 
 cleanup:
-- 
1.7.10.4

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list


[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]