The security model has been set already when allocating and adding
virSecurityLabelDefPtr struct into virDomainDefPtr, so the value of
secdef->model is always non-null.
So error: security label already defined for VM is reported.
The patch is to remove the checking of its value in If condition clause
---
src/security/security_apparmor.c | 7 +++----
1 files changed, 3 insertions(+), 4 deletions(-)
diff --git a/src/security/security_apparmor.c b/src/security/security_apparmor.c
index 1315fe1..1972ab0 100644
--- a/src/security/security_apparmor.c
+++ b/src/security/security_apparmor.c
@@ -435,8 +435,7 @@ AppArmorGenSecurityLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
return rc;
}
- if ((secdef->label) ||
- (secdef->model) || (secdef->imagelabel)) {
+ if ((secdef->label) || (secdef->imagelabel)) {
virReportError(VIR_ERR_INTERNAL_ERROR,
"%s",
_("security label already defined for VM"));
@@ -460,8 +459,8 @@ AppArmorGenSecurityLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
goto err;
}
- secdef->model = strdup(SECURITY_APPARMOR_NAME);
- if (!secdef->model) {
+ if (!secdef->model &&
+ !(secdef->model = strdup(SECURITY_APPARMOR_NAME))) {
virReportOOMError();
goto err;
}
--
1.7.3.4
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list