On 12/28/2013 11:11 AM, Eric Blake wrote:
> Some of our operation denied messages are outright stupid; for
> example, if virIdentitySetAttr fails:
>
> error: operation Identity attribute is already set forbidden for read only access
>
> This patch fixes things to a saner:
>
> error: operation forbidden: Identity attribute is already set
>
> It also consolidates the most common usage pattern for operation
> denied errors: read-only connections preventing a public API. In
> this case, 'virsh -r -c test:///default destroy test' changes from:
>
> error: operation virDomainDestroy forbidden for read only access
>
> to:
>
> error: operation forbidden: read only access prevents virDomainDestroy
>
> * src/util/virerror.c (virErrorMsg): Rework OPERATION_DENIED error
> message.
> * src/internal.h (virCheckReadOnlyGoto): New macro.
> * src/util/virerror.h (virReportRestrictedError): New macro.
> * src/libvirt-lxc.c: Use new macros.
> * src/libvirt-qemu.c: Likewise.
> * src/libvirt.c: Likewise.
> * src/locking/lock_daemon.c (virLockDaemonClientNew): Likewise.
>
> Signed-off-by: Eric Blake <eblake@xxxxxxxxxx>
> ---
> src/internal.h | 9 +
> src/libvirt-lxc.c | 6 +-
> src/libvirt-qemu.c | 16 +-
> src/libvirt.c | 748 +++++++++-------------------------------------
> src/locking/lock_daemon.c | 16 +-
> src/util/virerror.c | 2 +-
> src/util/virerror.h | 3 +
> 7 files changed, 172 insertions(+), 628 deletions(-)
>
Yet another case where in libvirt.c the error changes from VIR_FROM_xxxx
to VIR_FROM_NONE (_THIS technically). Where xxxx is DOM, INTERFACE,
STORAGE, etc.
Not that it should matter, but it I figured it should be pointed out.
Perhaps more so in this case, the failure is related directly to the
connection rather than function...
ACK - for what's there.
John
> diff --git a/src/internal.h b/src/internal.h
> index c90c83f..9b9bcc3 100644
> --- a/src/internal.h
> +++ b/src/internal.h
> @@ -350,6 +350,15 @@
> goto label; \
> } \
> } while (0)
> +# define virCheckReadOnlyGoto(flags, label) \
> + do { \
> + if ((flags) & VIR_CONNECT_RO) { \
> + virReportRestrictedError(_("read only access prevents %s"), \
> + __FUNCTION__); \
> + goto label; \
> + } \
> + } while (0)
> +
>
>
> /* divide value by size, rounding up */
> diff --git a/src/libvirt-lxc.c b/src/libvirt-lxc.c
> index 5bf5f56..fc56a58 100644
> --- a/src/libvirt-lxc.c
> +++ b/src/libvirt-lxc.c
> @@ -83,11 +83,7 @@ virDomainLxcOpenNamespace(virDomainPtr domain,
> conn = domain->conn;
>
> virCheckNonNullArgGoto(fdlist, error);
> -
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(domain, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->driver->domainLxcOpenNamespace) {
> int ret;
> diff --git a/src/libvirt-qemu.c b/src/libvirt-qemu.c
> index 79486fd..4aaff39 100644
> --- a/src/libvirt-qemu.c
> +++ b/src/libvirt-qemu.c
> @@ -90,11 +90,7 @@ virDomainQemuMonitorCommand(virDomainPtr domain, const char *cmd,
> conn = domain->conn;
>
> virCheckNonNullArgGoto(result, error);
> -
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(domain, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->driver->domainQemuMonitorCommand) {
> int ret;
> @@ -167,10 +163,7 @@ virDomainQemuAttach(virConnectPtr conn,
> goto error;
> }
>
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(domain, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->driver->domainQemuAttach) {
> virDomainPtr ret;
> @@ -229,10 +222,7 @@ virDomainQemuAgentCommand(virDomainPtr domain,
>
> conn = domain->conn;
>
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(NULL, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->driver->domainQemuAgentCommand) {
> ret = conn->driver->domainQemuAgentCommand(domain, cmd,
> diff --git a/src/libvirt.c b/src/libvirt.c
> index 693adbf..6d1601f 100644
> --- a/src/libvirt.c
> +++ b/src/libvirt.c
> @@ -2012,10 +2012,7 @@ virDomainCreateXML(virConnectPtr conn, const char *xmlDesc,
> return NULL;
> }
> virCheckNonNullArgGoto(xmlDesc, error);
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->driver->domainCreateXML) {
> virDomainPtr ret;
> @@ -2084,10 +2081,7 @@ virDomainCreateXMLWithFiles(virConnectPtr conn, const char *xmlDesc,
> return NULL;
> }
> virCheckNonNullArgGoto(xmlDesc, error);
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->driver->domainCreateXMLWithFiles) {
> virDomainPtr ret;
> @@ -2328,10 +2322,7 @@ virDomainDestroy(virDomainPtr domain)
> }
>
> conn = domain->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->driver->domainDestroy) {
> int ret;
> @@ -2395,10 +2386,7 @@ virDomainDestroyFlags(virDomainPtr domain,
> }
>
> conn = domain->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->driver->domainDestroyFlags) {
> int ret;
> @@ -2505,10 +2493,7 @@ virDomainSuspend(virDomainPtr domain)
> virDispatchError(NULL);
> return -1;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> conn = domain->conn;
>
> @@ -2554,10 +2539,7 @@ virDomainResume(virDomainPtr domain)
> virDispatchError(NULL);
> return -1;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> conn = domain->conn;
>
> @@ -2624,10 +2606,7 @@ virDomainPMSuspendForDuration(virDomainPtr dom,
>
> conn = dom->conn;
>
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->driver->domainPMSuspendForDuration) {
> int ret;
> @@ -2676,10 +2655,7 @@ virDomainPMWakeup(virDomainPtr dom,
>
> conn = dom->conn;
>
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->driver->domainPMWakeup) {
> int ret;
> @@ -2727,10 +2703,7 @@ virDomainSave(virDomainPtr domain, const char *to)
> virDispatchError(NULL);
> return -1;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
> conn = domain->conn;
> virCheckNonNullArgGoto(to, error);
>
> @@ -2817,10 +2790,7 @@ virDomainSaveFlags(virDomainPtr domain, const char *to,
> virDispatchError(NULL);
> return -1;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
> conn = domain->conn;
> virCheckNonNullArgGoto(to, error);
>
> @@ -2881,10 +2851,7 @@ virDomainRestore(virConnectPtr conn, const char *from)
> virDispatchError(NULL);
> return -1;
> }
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
> virCheckNonNullArgGoto(from, error);
>
> if (conn->driver->domainRestore) {
> @@ -2958,10 +2925,7 @@ virDomainRestoreFlags(virConnectPtr conn, const char *from, const char *dxml,
> virDispatchError(NULL);
> return -1;
> }
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
> virCheckNonNullArgGoto(from, error);
>
> if ((flags & VIR_DOMAIN_SAVE_RUNNING) && (flags & VIR_DOMAIN_SAVE_PAUSED)) {
> @@ -3108,10 +3072,7 @@ virDomainSaveImageDefineXML(virConnectPtr conn, const char *file,
> virDispatchError(NULL);
> return -1;
> }
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
> virCheckNonNullArgGoto(file, error);
> virCheckNonNullArgGoto(dxml, error);
>
> @@ -3189,10 +3150,7 @@ virDomainCoreDump(virDomainPtr domain, const char *to, unsigned int flags)
> virDispatchError(NULL);
> return -1;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
> conn = domain->conn;
> virCheckNonNullArgGoto(to, error);
>
> @@ -3284,11 +3242,7 @@ virDomainScreenshot(virDomainPtr domain,
> virLibConnError(VIR_ERR_INVALID_STREAM, __FUNCTION__);
> return NULL;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO ||
> - stream->conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags | stream->conn->flags, error);
>
> if (domain->conn->driver->domainScreenshot) {
> char * ret;
> @@ -3342,10 +3296,7 @@ virDomainShutdown(virDomainPtr domain)
> virDispatchError(NULL);
> return -1;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> conn = domain->conn;
>
> @@ -3406,10 +3357,7 @@ virDomainShutdownFlags(virDomainPtr domain, unsigned int flags)
> virDispatchError(NULL);
> return -1;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> conn = domain->conn;
>
> @@ -3471,10 +3419,7 @@ virDomainReboot(virDomainPtr domain, unsigned int flags)
> virDispatchError(NULL);
> return -1;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> conn = domain->conn;
>
> @@ -3522,10 +3467,7 @@ virDomainReset(virDomainPtr domain, unsigned int flags)
> virDispatchError(NULL);
> return -1;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> conn = domain->conn;
>
> @@ -3781,10 +3723,7 @@ virDomainSetMaxMemory(virDomainPtr domain, unsigned long memory)
> virDispatchError(NULL);
> return -1;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
> virCheckNonZeroArgGoto(memory, error);
>
> conn = domain->conn;
> @@ -3834,10 +3773,7 @@ virDomainSetMemory(virDomainPtr domain, unsigned long memory)
> virDispatchError(NULL);
> return -1;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
> virCheckNonZeroArgGoto(memory, error);
>
> conn = domain->conn;
> @@ -3899,10 +3835,7 @@ virDomainSetMemoryFlags(virDomainPtr domain, unsigned long memory,
> return -1;
> }
>
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
> virCheckNonZeroArgGoto(memory, error);
>
> conn = domain->conn;
> @@ -3961,10 +3894,7 @@ virDomainSetMemoryStatsPeriod(virDomainPtr domain, int period,
> return -1;
> }
>
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> /* This must be positive to set the balloon collection period */
> virCheckNonNegativeArgGoto(period, error);
> @@ -4060,10 +3990,7 @@ virDomainSetMemoryParameters(virDomainPtr domain,
> virDispatchError(NULL);
> return -1;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
> virCheckNonNullArgGoto(params, error);
> virCheckPositiveArgGoto(nparams, error);
>
> @@ -4205,10 +4132,7 @@ virDomainSetNumaParameters(virDomainPtr domain,
> virDispatchError(NULL);
> return -1;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
> virCheckNonNullArgGoto(params, error);
> virCheckPositiveArgGoto(nparams, error);
> if (virTypedParameterValidateSet(domain->conn, params, nparams) < 0)
> @@ -4334,10 +4258,7 @@ virDomainSetBlkioParameters(virDomainPtr domain,
> virDispatchError(NULL);
> return -1;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
> virCheckNonNullArgGoto(params, error);
> virCheckNonNegativeArgGoto(nparams, error);
>
> @@ -4671,10 +4592,7 @@ char *virConnectDomainXMLFromNative(virConnectPtr conn,
> virDispatchError(NULL);
> return NULL;
> }
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> virCheckNonNullArgGoto(nativeFormat, error);
> virCheckNonNullArgGoto(nativeConfig, error);
> @@ -4727,10 +4645,7 @@ char *virConnectDomainXMLToNative(virConnectPtr conn,
> virDispatchError(NULL);
> return NULL;
> }
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> virCheckNonNullArgGoto(nativeFormat, error);
> virCheckNonNullArgGoto(domainXml, error);
> @@ -5582,21 +5497,14 @@ virDomainMigrate(virDomainPtr domain,
> virDispatchError(NULL);
> return NULL;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> /* Now checkout the destination */
> if (!VIR_IS_CONNECT(dconn)) {
> virLibConnError(VIR_ERR_INVALID_CONN, __FUNCTION__);
> goto error;
> }
> - if (dconn->flags & VIR_CONNECT_RO) {
> - /* NB, deliberately report error against source object, not dest */
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dconn->flags, error);
>
> if (flags & VIR_MIGRATE_NON_SHARED_DISK &&
> flags & VIR_MIGRATE_NON_SHARED_INC) {
> @@ -5822,21 +5730,14 @@ virDomainMigrate2(virDomainPtr domain,
> virDispatchError(NULL);
> return NULL;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> /* Now checkout the destination */
> if (!VIR_IS_CONNECT(dconn)) {
> virLibConnError(VIR_ERR_INVALID_CONN, __FUNCTION__);
> goto error;
> }
> - if (dconn->flags & VIR_CONNECT_RO) {
> - /* NB, deliberately report error against source object, not dest */
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dconn->flags, error);
>
> if (flags & VIR_MIGRATE_NON_SHARED_DISK &&
> flags & VIR_MIGRATE_NON_SHARED_INC) {
> @@ -6013,21 +5914,14 @@ virDomainMigrate3(virDomainPtr domain,
> virDispatchError(NULL);
> return NULL;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> /* Now checkout the destination */
> if (!VIR_IS_CONNECT(dconn)) {
> virLibConnError(VIR_ERR_INVALID_CONN, __FUNCTION__);
> goto error;
> }
> - if (dconn->flags & VIR_CONNECT_RO) {
> - /* NB, deliberately report error against source object, not dest */
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dconn->flags, error);
>
> if (flags & VIR_MIGRATE_NON_SHARED_DISK &&
> flags & VIR_MIGRATE_NON_SHARED_INC) {
> @@ -6246,10 +6140,7 @@ virDomainMigrateToURI(virDomainPtr domain,
> virDispatchError(NULL);
> return -1;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> virCheckNonNullArgGoto(duri, error);
>
> @@ -6412,10 +6303,7 @@ virDomainMigrateToURI2(virDomainPtr domain,
> virDispatchError(NULL);
> return -1;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> if (flags & VIR_MIGRATE_NON_SHARED_DISK &&
> flags & VIR_MIGRATE_NON_SHARED_INC) {
> @@ -6528,10 +6416,7 @@ virDomainMigrateToURI3(virDomainPtr domain,
> virDispatchError(NULL);
> return -1;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> if (flags & VIR_MIGRATE_NON_SHARED_DISK &&
> flags & VIR_MIGRATE_NON_SHARED_INC) {
> @@ -6640,10 +6525,7 @@ virDomainMigratePrepare(virConnectPtr dconn,
> return -1;
> }
>
> - if (dconn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dconn->flags, error);
>
> if (dconn->driver->domainMigratePrepare) {
> int ret;
> @@ -6691,10 +6573,7 @@ virDomainMigratePerform(virDomainPtr domain,
> }
> conn = domain->conn;
>
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> if (conn->driver->domainMigratePerform) {
> int ret;
> @@ -6738,10 +6617,7 @@ virDomainMigrateFinish(virConnectPtr dconn,
> return NULL;
> }
>
> - if (dconn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dconn->flags, error);
>
> if (dconn->driver->domainMigrateFinish) {
> virDomainPtr ret;
> @@ -6789,10 +6665,7 @@ virDomainMigratePrepare2(virConnectPtr dconn,
> return -1;
> }
>
> - if (dconn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dconn->flags, error);
>
> if (dconn->driver->domainMigratePrepare2) {
> int ret;
> @@ -6838,10 +6711,7 @@ virDomainMigrateFinish2(virConnectPtr dconn,
> return NULL;
> }
>
> - if (dconn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dconn->flags, error);
>
> if (dconn->driver->domainMigrateFinish2) {
> virDomainPtr ret;
> @@ -6886,10 +6756,7 @@ virDomainMigratePrepareTunnel(virConnectPtr conn,
> return -1;
> }
>
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn != st->conn) {
> virReportInvalidArg(conn,
> @@ -6944,10 +6811,7 @@ virDomainMigrateBegin3(virDomainPtr domain,
> }
> conn = domain->conn;
>
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> if (conn->driver->domainMigrateBegin3) {
> char *xml;
> @@ -6999,10 +6863,7 @@ virDomainMigratePrepare3(virConnectPtr dconn,
> return -1;
> }
>
> - if (dconn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dconn->flags, error);
>
> if (dconn->driver->domainMigratePrepare3) {
> int ret;
> @@ -7055,10 +6916,7 @@ virDomainMigratePrepareTunnel3(virConnectPtr conn,
> return -1;
> }
>
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn != st->conn) {
> virReportInvalidArg(conn,
> @@ -7121,10 +6979,7 @@ virDomainMigratePerform3(virDomainPtr domain,
> }
> conn = domain->conn;
>
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> if (conn->driver->domainMigratePerform3) {
> int ret;
> @@ -7175,10 +7030,7 @@ virDomainMigrateFinish3(virConnectPtr dconn,
> return NULL;
> }
>
> - if (dconn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dconn->flags, error);
>
> if (dconn->driver->domainMigrateFinish3) {
> virDomainPtr ret;
> @@ -7226,10 +7078,7 @@ virDomainMigrateConfirm3(virDomainPtr domain,
> }
> conn = domain->conn;
>
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> if (conn->driver->domainMigrateConfirm3) {
> int ret;
> @@ -7277,10 +7126,7 @@ virDomainMigrateBegin3Params(virDomainPtr domain,
> }
> conn = domain->conn;
>
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> if (conn->driver->domainMigrateBegin3Params) {
> char *xml;
> @@ -7330,10 +7176,7 @@ virDomainMigratePrepare3Params(virConnectPtr dconn,
> return -1;
> }
>
> - if (dconn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dconn->flags, error);
>
> if (dconn->driver->domainMigratePrepare3Params) {
> int ret;
> @@ -7383,10 +7226,7 @@ virDomainMigratePrepareTunnel3Params(virConnectPtr conn,
> return -1;
> }
>
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn != st->conn) {
> virReportInvalidArg(conn,
> @@ -7445,10 +7285,7 @@ virDomainMigratePerform3Params(virDomainPtr domain,
> }
> conn = domain->conn;
>
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> if (conn->driver->domainMigratePerform3Params) {
> int ret;
> @@ -7497,10 +7334,7 @@ virDomainMigrateFinish3Params(virConnectPtr dconn,
> return NULL;
> }
>
> - if (dconn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dconn->flags, error);
>
> if (dconn->driver->domainMigrateFinish3Params) {
> virDomainPtr ret;
> @@ -7549,10 +7383,7 @@ virDomainMigrateConfirm3Params(virDomainPtr domain,
> }
> conn = domain->conn;
>
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> if (conn->driver->domainMigrateConfirm3Params) {
> int ret;
> @@ -7914,10 +7745,7 @@ virNodeSuspendForDuration(virConnectPtr conn,
> return -1;
> }
>
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->driver->nodeSuspendForDuration) {
> int ret;
> @@ -8040,10 +7868,7 @@ virNodeSetMemoryParameters(virConnectPtr conn,
> return -1;
> }
>
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> virCheckNonNullArgGoto(params, error);
> virCheckNonNegativeArgGoto(nparams, error);
> @@ -8284,10 +8109,7 @@ virDomainSetSchedulerParameters(virDomainPtr domain,
> return -1;
> }
>
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
> virCheckNonNullArgGoto(params, error);
> virCheckNonNegativeArgGoto(nparams, error);
>
> @@ -8349,10 +8171,7 @@ virDomainSetSchedulerParametersFlags(virDomainPtr domain,
> return -1;
> }
>
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
> virCheckNonNullArgGoto(params, error);
> virCheckNonNegativeArgGoto(nparams, error);
>
> @@ -8634,10 +8453,7 @@ virDomainSetInterfaceParameters(virDomainPtr domain,
> virDispatchError(NULL);
> return -1;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
> virCheckNonNullArgGoto(params, error);
> virCheckPositiveArgGoto(nparams, error);
>
> @@ -8875,10 +8691,7 @@ virDomainBlockPeek(virDomainPtr dom,
> }
> conn = dom->conn;
>
> - if (dom->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dom->conn->flags, error);
>
> virCheckNonNullArgGoto(disk, error);
>
> @@ -8949,10 +8762,7 @@ virDomainBlockResize(virDomainPtr dom,
> }
> conn = dom->conn;
>
> - if (dom->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dom->conn->flags, error);
>
> virCheckNonNullArgGoto(disk, error);
>
> @@ -9027,10 +8837,7 @@ virDomainMemoryPeek(virDomainPtr dom,
> }
> conn = dom->conn;
>
> - if (dom->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dom->conn->flags, error);
>
> /* Note on access to physical memory: A VIR_MEMORY_PHYSICAL flag is
> * a possibility. However it isn't really useful unless the caller
> @@ -9175,10 +8982,7 @@ virDomainDefineXML(virConnectPtr conn, const char *xml)
> virDispatchError(NULL);
> return NULL;
> }
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
> virCheckNonNullArgGoto(xml, error);
>
> if (conn->driver->domainDefineXML) {
> @@ -9227,10 +9031,7 @@ virDomainUndefine(virDomainPtr domain)
> return -1;
> }
> conn = domain->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->driver->domainUndefine) {
> int ret;
> @@ -9288,10 +9089,7 @@ virDomainUndefineFlags(virDomainPtr domain,
> return -1;
> }
> conn = domain->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->driver->domainUndefineFlags) {
> int ret;
> @@ -9529,10 +9327,7 @@ virDomainCreate(virDomainPtr domain)
> return -1;
> }
> conn = domain->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->driver->domainCreate) {
> int ret;
> @@ -9598,10 +9393,7 @@ virDomainCreateWithFlags(virDomainPtr domain, unsigned int flags)
> return -1;
> }
> conn = domain->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->driver->domainCreateWithFlags) {
> int ret;
> @@ -9678,10 +9470,7 @@ virDomainCreateWithFiles(virDomainPtr domain, unsigned int nfiles,
> return -1;
> }
> conn = domain->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->driver->domainCreateWithFiles) {
> int ret;
> @@ -9775,10 +9564,7 @@ virDomainSetAutostart(virDomainPtr domain,
>
> conn = domain->conn;
>
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> if (conn->driver->domainSetAutostart) {
> int ret;
> @@ -9818,10 +9604,7 @@ virDomainInjectNMI(virDomainPtr domain, unsigned int flags)
> virDispatchError(NULL);
> return -1;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> conn = domain->conn;
>
> @@ -9883,10 +9666,7 @@ virDomainSendKey(virDomainPtr domain,
> virDispatchError(NULL);
> return -1;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> conn = domain->conn;
>
> @@ -9960,10 +9740,7 @@ virDomainSendProcessSignal(virDomainPtr domain,
>
> virCheckNonZeroArgGoto(pid_value, error);
>
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> conn = domain->conn;
>
> @@ -10017,10 +9794,7 @@ virDomainSetVcpus(virDomainPtr domain, unsigned int nvcpus)
> virDispatchError(NULL);
> return -1;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> virCheckNonZeroArgGoto(nvcpus, error);
>
> @@ -10093,10 +9867,7 @@ virDomainSetVcpusFlags(virDomainPtr domain, unsigned int nvcpus,
> virDispatchError(NULL);
> return -1;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> if (flags & VIR_DOMAIN_VCPU_GUEST &&
> flags & VIR_DOMAIN_VCPU_MAXIMUM) {
> @@ -10238,10 +10009,7 @@ virDomainPinVcpu(virDomainPtr domain, unsigned int vcpu,
> virDispatchError(NULL);
> return -1;
> }
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> virCheckNonNullArgGoto(cpumap, error);
> virCheckPositiveArgGoto(maplen, error);
> @@ -10319,10 +10087,7 @@ virDomainPinVcpuFlags(virDomainPtr domain, unsigned int vcpu,
> return -1;
> }
>
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> virCheckNonNullArgGoto(cpumap, error);
> virCheckPositiveArgGoto(maplen, error);
> @@ -10477,10 +10242,7 @@ virDomainPinEmulator(virDomainPtr domain, unsigned char *cpumap,
> return -1;
> }
>
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
>
> virCheckNonNullArgGoto(cpumap, error);
> virCheckPositiveArgGoto(maplen, error);
> @@ -10838,10 +10600,7 @@ virDomainSetMetadata(virDomainPtr domain,
>
> conn = domain->conn;
>
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> switch (type) {
> case VIR_DOMAIN_METADATA_TITLE:
> @@ -11035,10 +10794,7 @@ virDomainAttachDevice(virDomainPtr domain, const char *xml)
>
> virCheckNonNullArgGoto(xml, error);
>
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
> conn = domain->conn;
>
> if (conn->driver->domainAttachDevice) {
> @@ -11099,10 +10855,7 @@ virDomainAttachDeviceFlags(virDomainPtr domain,
>
> virCheckNonNullArgGoto(xml, error);
>
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
> conn = domain->conn;
>
> if (conn->driver->domainAttachDeviceFlags) {
> @@ -11148,10 +10901,7 @@ virDomainDetachDevice(virDomainPtr domain, const char *xml)
>
> virCheckNonNullArgGoto(xml, error);
>
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
> conn = domain->conn;
>
> if (conn->driver->domainDetachDevice) {
> @@ -11228,10 +10978,7 @@ virDomainDetachDeviceFlags(virDomainPtr domain,
>
> virCheckNonNullArgGoto(xml, error);
>
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
> conn = domain->conn;
>
> if (conn->driver->domainDetachDeviceFlags) {
> @@ -11292,10 +11039,7 @@ virDomainUpdateDeviceFlags(virDomainPtr domain,
>
> virCheckNonNullArgGoto(xml, error);
>
> - if (domain->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(domain->conn->flags, error);
> conn = domain->conn;
>
> if (conn->driver->domainUpdateDeviceFlags) {
> @@ -11783,10 +11527,7 @@ virNetworkCreateXML(virConnectPtr conn, const char *xmlDesc)
> }
> virCheckNonNullArgGoto(xmlDesc, error);
>
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->networkDriver && conn->networkDriver->networkCreateXML) {
> virNetworkPtr ret;
> @@ -11825,10 +11566,7 @@ virNetworkDefineXML(virConnectPtr conn, const char *xml)
> virDispatchError(NULL);
> return NULL;
> }
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
> virCheckNonNullArgGoto(xml, error);
>
> if (conn->networkDriver && conn->networkDriver->networkDefineXML) {
> @@ -11869,10 +11607,7 @@ virNetworkUndefine(virNetworkPtr network)
> return -1;
> }
> conn = network->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibNetworkError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->networkDriver && conn->networkDriver->networkUndefine) {
> int ret;
> @@ -11929,10 +11664,7 @@ virNetworkUpdate(virNetworkPtr network,
> return -1;
> }
> conn = network->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibNetworkError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> virCheckNonNullArgGoto(xml, error);
>
> @@ -11976,10 +11708,7 @@ virNetworkCreate(virNetworkPtr network)
> return -1;
> }
> conn = network->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibNetworkError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->networkDriver && conn->networkDriver->networkCreate) {
> int ret;
> @@ -12023,10 +11752,7 @@ virNetworkDestroy(virNetworkPtr network)
> }
>
> conn = network->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibNetworkError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->networkDriver && conn->networkDriver->networkDestroy) {
> int ret;
> @@ -12356,10 +12082,7 @@ virNetworkSetAutostart(virNetworkPtr network,
> return -1;
> }
>
> - if (network->conn->flags & VIR_CONNECT_RO) {
> - virLibNetworkError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(network->conn->flags, error);
>
> conn = network->conn;
>
> @@ -12859,10 +12582,7 @@ virInterfaceDefineXML(virConnectPtr conn, const char *xml, unsigned int flags)
> virDispatchError(NULL);
> return NULL;
> }
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
> virCheckNonNullArgGoto(xml, error);
>
> if (conn->interfaceDriver && conn->interfaceDriver->interfaceDefineXML) {
> @@ -12914,10 +12634,7 @@ virInterfaceUndefine(virInterfacePtr iface)
> return -1;
> }
> conn = iface->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibInterfaceError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->interfaceDriver && conn->interfaceDriver->interfaceUndefine) {
> int ret;
> @@ -12963,10 +12680,7 @@ virInterfaceCreate(virInterfacePtr iface, unsigned int flags)
> return -1;
> }
> conn = iface->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibInterfaceError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->interfaceDriver && conn->interfaceDriver->interfaceCreate) {
> int ret;
> @@ -13017,10 +12731,7 @@ virInterfaceDestroy(virInterfacePtr iface, unsigned int flags)
> }
>
> conn = iface->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibInterfaceError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->interfaceDriver && conn->interfaceDriver->interfaceDestroy) {
> int ret;
> @@ -13128,10 +12839,7 @@ virInterfaceChangeBegin(virConnectPtr conn, unsigned int flags)
> return -1;
> }
>
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibInterfaceError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->interfaceDriver && conn->interfaceDriver->interfaceChangeBegin) {
> int ret;
> @@ -13176,10 +12884,7 @@ virInterfaceChangeCommit(virConnectPtr conn, unsigned int flags)
> return -1;
> }
>
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibInterfaceError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->interfaceDriver && conn->interfaceDriver->interfaceChangeCommit) {
> int ret;
> @@ -13224,10 +12929,7 @@ virInterfaceChangeRollback(virConnectPtr conn, unsigned int flags)
> return -1;
> }
>
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibInterfaceError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->interfaceDriver &&
> conn->interfaceDriver->interfaceChangeRollback) {
> @@ -13578,10 +13280,7 @@ virConnectFindStoragePoolSources(virConnectPtr conn,
> }
> virCheckNonNullArgGoto(type, error);
>
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->storageDriver && conn->storageDriver->connectFindStoragePoolSources) {
> char *ret;
> @@ -13784,10 +13483,7 @@ virStoragePoolCreateXML(virConnectPtr conn,
> }
> virCheckNonNullArgGoto(xmlDesc, error);
>
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->storageDriver && conn->storageDriver->storagePoolCreateXML) {
> virStoragePoolPtr ret;
> @@ -13830,10 +13526,7 @@ virStoragePoolDefineXML(virConnectPtr conn,
> virDispatchError(NULL);
> return NULL;
> }
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
> virCheckNonNullArgGoto(xml, error);
>
> if (conn->storageDriver && conn->storageDriver->storagePoolDefineXML) {
> @@ -13879,10 +13572,7 @@ virStoragePoolBuild(virStoragePoolPtr pool,
> return -1;
> }
> conn = pool->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibStoragePoolError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->storageDriver && conn->storageDriver->storagePoolBuild) {
> int ret;
> @@ -13922,10 +13612,7 @@ virStoragePoolUndefine(virStoragePoolPtr pool)
> return -1;
> }
> conn = pool->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibStoragePoolError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->storageDriver && conn->storageDriver->storagePoolUndefine) {
> int ret;
> @@ -13967,10 +13654,7 @@ virStoragePoolCreate(virStoragePoolPtr pool,
> return -1;
> }
> conn = pool->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibStoragePoolError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->storageDriver && conn->storageDriver->storagePoolCreate) {
> int ret;
> @@ -14015,10 +13699,7 @@ virStoragePoolDestroy(virStoragePoolPtr pool)
> }
>
> conn = pool->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibStoragePoolError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->storageDriver && conn->storageDriver->storagePoolDestroy) {
> int ret;
> @@ -14063,10 +13744,7 @@ virStoragePoolDelete(virStoragePoolPtr pool,
> }
>
> conn = pool->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibStoragePoolError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->storageDriver && conn->storageDriver->storagePoolDelete) {
> int ret;
> @@ -14172,10 +13850,7 @@ virStoragePoolRefresh(virStoragePoolPtr pool,
> }
>
> conn = pool->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibStoragePoolError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->storageDriver && conn->storageDriver->storagePoolRefresh) {
> int ret;
> @@ -14442,10 +14117,7 @@ virStoragePoolSetAutostart(virStoragePoolPtr pool,
> return -1;
> }
>
> - if (pool->conn->flags & VIR_CONNECT_RO) {
> - virLibStoragePoolError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(pool->conn->flags, error);
>
> conn = pool->conn;
>
> @@ -14839,10 +14511,7 @@ virStorageVolCreateXML(virStoragePoolPtr pool,
>
> virCheckNonNullArgGoto(xmlDesc, error);
>
> - if (pool->conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(pool->conn->flags, error);
>
> if (pool->conn->storageDriver && pool->conn->storageDriver->storageVolCreateXML) {
> virStorageVolPtr ret;
> @@ -14902,12 +14571,7 @@ virStorageVolCreateXMLFrom(virStoragePoolPtr pool,
> }
>
> virCheckNonNullArgGoto(xmlDesc, error);
> -
> - if (pool->conn->flags & VIR_CONNECT_RO ||
> - clonevol->conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(pool->conn->flags | clonevol->conn->flags, error);
>
> if (pool->conn->storageDriver &&
> pool->conn->storageDriver->storageVolCreateXMLFrom) {
> @@ -14969,11 +14633,7 @@ virStorageVolDownload(virStorageVolPtr vol,
> return -1;
> }
>
> - if (vol->conn->flags & VIR_CONNECT_RO ||
> - stream->conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(vol->conn->flags | stream->conn->flags, error);
>
> if (vol->conn->storageDriver &&
> vol->conn->storageDriver->storageVolDownload) {
> @@ -15040,11 +14700,7 @@ virStorageVolUpload(virStorageVolPtr vol,
> return -1;
> }
>
> - if (vol->conn->flags & VIR_CONNECT_RO ||
> - stream->conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(vol->conn->flags | stream->conn->flags, error);
>
> if (vol->conn->storageDriver &&
> vol->conn->storageDriver->storageVolUpload) {
> @@ -15092,10 +14748,7 @@ virStorageVolDelete(virStorageVolPtr vol,
> }
>
> conn = vol->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibStorageVolError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->storageDriver && conn->storageDriver->storageVolDelete) {
> int ret;
> @@ -15138,10 +14791,7 @@ virStorageVolWipe(virStorageVolPtr vol,
> }
>
> conn = vol->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibStorageVolError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->storageDriver && conn->storageDriver->storageVolWipe) {
> int ret;
> @@ -15188,10 +14838,7 @@ virStorageVolWipePattern(virStorageVolPtr vol,
> }
>
> conn = vol->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibStorageVolError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->storageDriver && conn->storageDriver->storageVolWipePattern) {
> int ret;
> @@ -15456,10 +15103,7 @@ virStorageVolResize(virStorageVolPtr vol,
>
> conn = vol->conn;
>
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> /* Zero capacity is only valid with either delta or shrink. */
> if (capacity == 0 && !((flags & VIR_STORAGE_VOL_RESIZE_DELTA) ||
> @@ -16017,10 +15661,7 @@ virNodeDeviceDettach(virNodeDevicePtr dev)
> return -1;
> }
>
> - if (dev->conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dev->conn->flags, error);
>
> if (dev->conn->driver->nodeDeviceDettach) {
> int ret;
> @@ -16082,10 +15723,7 @@ virNodeDeviceDetachFlags(virNodeDevicePtr dev,
> return -1;
> }
>
> - if (dev->conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dev->conn->flags, error);
>
> if (dev->conn->driver->nodeDeviceDetachFlags) {
> int ret;
> @@ -16131,10 +15769,7 @@ virNodeDeviceReAttach(virNodeDevicePtr dev)
> return -1;
> }
>
> - if (dev->conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dev->conn->flags, error);
>
> if (dev->conn->driver->nodeDeviceReAttach) {
> int ret;
> @@ -16182,10 +15817,7 @@ virNodeDeviceReset(virNodeDevicePtr dev)
> return -1;
> }
>
> - if (dev->conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dev->conn->flags, error);
>
> if (dev->conn->driver->nodeDeviceReset) {
> int ret;
> @@ -16229,10 +15861,7 @@ virNodeDeviceCreateXML(virConnectPtr conn,
> return NULL;
> }
>
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> virCheckNonNullArgGoto(xmlDesc, error);
>
> @@ -16275,10 +15904,7 @@ virNodeDeviceDestroy(virNodeDevicePtr dev)
> return -1;
> }
>
> - if (dev->conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dev->conn->flags, error);
>
> if (dev->conn->nodeDeviceDriver &&
> dev->conn->nodeDeviceDriver->nodeDeviceDestroy) {
> @@ -16733,10 +16359,7 @@ virSecretDefineXML(virConnectPtr conn, const char *xml, unsigned int flags)
> virDispatchError(NULL);
> return NULL;
> }
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
> virCheckNonNullArgGoto(xml, error);
>
> if (conn->secretDriver != NULL && conn->secretDriver->secretDefineXML != NULL) {
> @@ -16955,10 +16578,7 @@ virSecretSetValue(virSecretPtr secret, const unsigned char *value,
> return -1;
> }
> conn = secret->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibSecretError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
> virCheckNonNullArgGoto(value, error);
>
> if (conn->secretDriver != NULL && conn->secretDriver->secretSetValue != NULL) {
> @@ -17004,10 +16624,7 @@ virSecretGetValue(virSecretPtr secret, size_t *value_size, unsigned int flags)
> return NULL;
> }
> conn = secret->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibSecretError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
> virCheckNonNullArgGoto(value_size, error);
>
> if (conn->secretDriver != NULL && conn->secretDriver->secretGetValue != NULL) {
> @@ -17051,10 +16668,7 @@ virSecretUndefine(virSecretPtr secret)
> return -1;
> }
> conn = secret->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibSecretError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->secretDriver != NULL && conn->secretDriver->secretUndefine != NULL) {
> int ret;
> @@ -18499,10 +18113,7 @@ virNWFilterDefineXML(virConnectPtr conn, const char *xmlDesc)
> }
> virCheckNonNullArgGoto(xmlDesc, error);
>
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->nwfilterDriver && conn->nwfilterDriver->nwfilterDefineXML) {
> virNWFilterPtr ret;
> @@ -18545,10 +18156,7 @@ virNWFilterUndefine(virNWFilterPtr nwfilter)
> }
>
> conn = nwfilter->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibNWFilterError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->nwfilterDriver && conn->nwfilterDriver->nwfilterUndefine) {
> int ret;
> @@ -19040,10 +18648,7 @@ virDomainAbortJob(virDomainPtr domain)
> }
>
> conn = domain->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->driver->domainAbortJob) {
> int ret;
> @@ -19091,10 +18696,7 @@ virDomainMigrateSetMaxDowntime(virDomainPtr domain,
> }
>
> conn = domain->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->driver->domainMigrateSetMaxDowntime) {
> if (conn->driver->domainMigrateSetMaxDowntime(domain, downtime, flags) < 0)
> @@ -19187,10 +18789,7 @@ virDomainMigrateSetCompressionCache(virDomainPtr domain,
> }
>
> conn = domain->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->driver->domainMigrateSetCompressionCache) {
> if (conn->driver->domainMigrateSetCompressionCache(domain, cacheSize,
> @@ -19236,10 +18835,7 @@ virDomainMigrateSetMaxSpeed(virDomainPtr domain,
> }
>
> conn = domain->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->driver->domainMigrateSetMaxSpeed) {
> if (conn->driver->domainMigrateSetMaxSpeed(domain, bandwidth, flags) < 0)
> @@ -19286,10 +18882,7 @@ virDomainMigrateGetMaxSpeed(virDomainPtr domain,
>
> virCheckNonNullArgGoto(bandwidth, error);
>
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->driver->domainMigrateGetMaxSpeed) {
> if (conn->driver->domainMigrateGetMaxSpeed(domain, bandwidth, flags) < 0)
> @@ -19597,10 +19190,7 @@ virDomainManagedSave(virDomainPtr dom, unsigned int flags)
> }
>
> conn = dom->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if ((flags & VIR_DOMAIN_SAVE_RUNNING) && (flags & VIR_DOMAIN_SAVE_PAUSED)) {
> virReportInvalidArg(flags,
> @@ -19697,10 +19287,7 @@ virDomainManagedSaveRemove(virDomainPtr dom, unsigned int flags)
> }
>
> conn = dom->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->driver->domainManagedSaveRemove) {
> int ret;
> @@ -19923,10 +19510,7 @@ virDomainSnapshotCreateXML(virDomainPtr domain,
>
> virCheckNonNullArgGoto(xmlDesc, error);
>
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if ((flags & VIR_DOMAIN_SNAPSHOT_CREATE_CURRENT) &&
> !(flags & VIR_DOMAIN_SNAPSHOT_CREATE_REDEFINE)) {
> @@ -20854,10 +20438,7 @@ virDomainRevertToSnapshot(virDomainSnapshotPtr snapshot,
> }
>
> conn = snapshot->domain->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if ((flags & VIR_DOMAIN_SNAPSHOT_REVERT_RUNNING) &&
> (flags & VIR_DOMAIN_SNAPSHOT_REVERT_PAUSED)) {
> @@ -20923,10 +20504,7 @@ virDomainSnapshotDelete(virDomainSnapshotPtr snapshot,
> }
>
> conn = snapshot->domain->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if ((flags & VIR_DOMAIN_SNAPSHOT_DELETE_CHILDREN) &&
> (flags & VIR_DOMAIN_SNAPSHOT_DELETE_CHILDREN_ONLY)) {
> @@ -21064,10 +20642,7 @@ virDomainOpenConsole(virDomainPtr dom,
> }
>
> conn = dom->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->driver->domainOpenConsole) {
> int ret;
> @@ -21127,10 +20702,7 @@ virDomainOpenChannel(virDomainPtr dom,
> }
>
> conn = dom->conn;
> - if (conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(conn->flags, error);
>
> if (conn->driver->domainOpenChannel) {
> int ret;
> @@ -21205,10 +20777,7 @@ virDomainBlockJobAbort(virDomainPtr dom, const char *disk,
> }
> conn = dom->conn;
>
> - if (dom->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dom->conn->flags, error);
>
> virCheckNonNullArgGoto(disk, error);
>
> @@ -21322,10 +20891,7 @@ virDomainBlockJobSetSpeed(virDomainPtr dom, const char *disk,
> }
> conn = dom->conn;
>
> - if (dom->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dom->conn->flags, error);
>
> virCheckNonNullArgGoto(disk, error);
>
> @@ -21396,10 +20962,7 @@ virDomainBlockPull(virDomainPtr dom, const char *disk,
> }
> conn = dom->conn;
>
> - if (dom->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dom->conn->flags, error);
>
> virCheckNonNullArgGoto(disk, error);
>
> @@ -21516,10 +21079,7 @@ virDomainBlockRebase(virDomainPtr dom, const char *disk,
> }
> conn = dom->conn;
>
> - if (dom->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dom->conn->flags, error);
>
> virCheckNonNullArgGoto(disk, error);
>
> @@ -21635,10 +21195,7 @@ virDomainBlockCommit(virDomainPtr dom, const char *disk,
> }
> conn = dom->conn;
>
> - if (dom->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dom->conn->flags, error);
>
> virCheckNonNullArgGoto(disk, error);
>
> @@ -21716,10 +21273,7 @@ virDomainOpenGraphics(virDomainPtr dom,
> goto error;
> }
>
> - if (dom->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dom->conn->flags, error);
>
> if (!VIR_DRV_SUPPORTS_FEATURE(dom->conn->driver, dom->conn,
> VIR_DRV_FEATURE_FD_PASSING)) {
> @@ -22007,10 +21561,7 @@ virDomainSetBlockIoTune(virDomainPtr dom,
> return -1;
> }
>
> - if (dom->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dom->conn->flags, error);
>
> virCheckNonNullArgGoto(disk, error);
> virCheckPositiveArgGoto(nparams, error);
> @@ -22474,10 +22025,7 @@ virDomainFSTrim(virDomainPtr dom,
> return -1;
> }
>
> - if (dom->conn->flags & VIR_CONNECT_RO) {
> - virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
> - goto error;
> - }
> + virCheckReadOnlyGoto(dom->conn->flags, error);
>
> if (dom->conn->driver->domainFSTrim) {
> int ret = dom->conn->driver->domainFSTrim(dom, mountPoint,
> diff --git a/src/locking/lock_daemon.c b/src/locking/lock_daemon.c
> index a6be43c..b4ed14b 100644
> --- a/src/locking/lock_daemon.c
> +++ b/src/locking/lock_daemon.c
> @@ -1,7 +1,7 @@
> /*
> * lock_daemon.c: lock management daemon
> *
> - * Copyright (C) 2006-2012 Red Hat, Inc.
> + * Copyright (C) 2006-2013 Red Hat, Inc.
> *
> * This library is free software; you can redistribute it and/or
> * modify it under the terms of the GNU Lesser General Public
> @@ -800,18 +800,16 @@ virLockDaemonClientNew(virNetServerClientPtr client,
>
> if (!privileged) {
> if (geteuid() != clientuid) {
> - virReportError(VIR_ERR_OPERATION_DENIED,
> - _("Disallowing client %llu with uid %llu"),
> - (unsigned long long)priv->clientPid,
> - (unsigned long long)clientuid);
> + virReportRestrictedError(_("Disallowing client %llu with uid %llu"),
> + (unsigned long long)priv->clientPid,
> + (unsigned long long)clientuid);
> goto error;
> }
> } else {
> if (clientuid != 0) {
> - virReportError(VIR_ERR_OPERATION_DENIED,
> - _("Disallowing client %llu with uid %llu"),
> - (unsigned long long)priv->clientPid,
> - (unsigned long long)clientuid);
> + virReportRestrictedError(_("Disallowing client %llu with uid %llu"),
> + (unsigned long long)priv->clientPid,
> + (unsigned long long)clientuid);
> goto error;
> }
> }
> diff --git a/src/util/virerror.c b/src/util/virerror.c
> index d9a9fc4..877c15e 100644
> --- a/src/util/virerror.c
> +++ b/src/util/virerror.c
> @@ -888,7 +888,7 @@ virErrorMsg(virErrorNumber error, const char *info)
> if (info == NULL)
> errmsg = _("operation forbidden for read only access");
> else
> - errmsg = _("operation %s forbidden for read only access");
> + errmsg = _("operation forbidden: %s");
> break;
> case VIR_ERR_OPEN_FAILED:
> if (info == NULL)
> diff --git a/src/util/virerror.h b/src/util/virerror.h
> index ec7ef95..65c134c 100644
> --- a/src/util/virerror.h
> +++ b/src/util/virerror.h
> @@ -159,6 +159,9 @@ void virReportSystemErrorFull(int domcode,
> # define virReportUnsupportedError() \
> virReportErrorHelper(VIR_FROM_THIS, VIR_ERR_NO_SUPPORT, \
> __FILE__, __FUNCTION__, __LINE__, __FUNCTION__)
> +# define virReportRestrictedError(...) \
> + virReportErrorHelper(VIR_FROM_THIS, VIR_ERR_OPERATION_DENIED, \
> + __FILE__, __FUNCTION__, __LINE__, __VA_ARGS__)
>
>
> void virReportOOMErrorFull(int domcode,
>
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list