When running unprivileged, nwfilter state already skips most of the initialization. Also forbid opening connections to the nwfilter driver when unprivileged. This changes the nwfilter-define error from: error: cannot create config directory (null): Bad address To: this function is not supported by the connection driver: virNWFilterDefineXML https://bugzilla.redhat.com/show_bug.cgi?id=1029266 --- v1: https://www.redhat.com/archives/libvir-list/2013-November/msg00368.html v2: forbid everything instead of just virNWFilterDefineXML src/nwfilter/nwfilter_driver.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c index 6602d73..d6e492f 100644 --- a/src/nwfilter/nwfilter_driver.c +++ b/src/nwfilter/nwfilter_driver.c @@ -415,7 +415,7 @@ nwfilterOpen(virConnectPtr conn, { virCheckFlags(VIR_CONNECT_RO, VIR_DRV_OPEN_ERROR); - if (!driverState) + if (!driverState || !driverState->privileged) return VIR_DRV_OPEN_DECLINED; conn->nwfilterPrivateData = driverState; -- 1.8.3.2 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list