On Tue, Nov 12, 2013 at 01:52:10PM +0100, Ján Tomko wrote: > When opening a new connection to the driver, nwfilterOpen > only succeeds if the driverState has been allocated. > > Move the privilege check in driver initialization before > the state allocation to disable the driver. > > This changes the nwfilter-define error from: > error: cannot create config directory (null): Bad address > To: > this function is not supported by the connection driver: > virNWFilterDefineXML > > https://bugzilla.redhat.com/show_bug.cgi?id=1029266 > --- > v1: https://www.redhat.com/archives/libvir-list/2013-November/msg00368.html > v2: https://www.redhat.com/archives/libvir-list/2013-November/msg00374.html > forbid everything instead of just virNWFilterDefineXML > v3: cut a pair of holes into my brown paper bag > > src/nwfilter/nwfilter_driver.c | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > > diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c > index 6602d73..d521adf 100644 > --- a/src/nwfilter/nwfilter_driver.c > +++ b/src/nwfilter/nwfilter_driver.c > @@ -174,6 +174,9 @@ nwfilterStateInitialize(bool privileged, > char *base = NULL; > DBusConnection *sysbus = NULL; > > + if (!privileged) > + return 0; > + > #if WITH_DBUS > if (virDBusHasSystemBus() && > !(sysbus = virDBusGetSystemBus())) > @@ -190,9 +193,6 @@ nwfilterStateInitialize(bool privileged, > driverState->watchingFirewallD = (sysbus != NULL); > driverState->privileged = privileged; > > - if (!privileged) > - return 0; > - > nwfilterDriverLock(driverState); > > if (virNWFilterIPAddrMapInit() < 0) ACK Suitable for -maint branches too. Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list