Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
libvirt.29527
cf4e7e62-lxc-def-secmodel.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File cf4e7e62-lxc-def-secmodel.patch of Package libvirt.29527
commit cf4e7e620a3ecd109f23c8cdb577893d0e088201 Author: Jim Fehlig <jfehlig@suse.com> Date: Thu Dec 3 11:55:24 2020 -0700 lxc: Set default security model in XML parser config Attempting to create a lxc domain with <seclabel type='none'/> fails virsh --connect lxc:/// create distro_nosec.xml error: Failed to create domain from distro_nosec.xml error: unsupported configuration: Security driver model '(null)' is not available Commit 638ffa2228 adjusted the logic for setting a driver's default security model. The lxc driver does not set a default security driver model in the XML parser config, causing seclabels of type='none' to have a null model. The lxc driver's security manager is initialized in lxcStateInitialize() by calling lxcSecurityInit(). Use the model of this manager as the default in the XML parser config. For the record, this is a regression caused by commit 638ffa2228, which changed the logic for setting a driver's default security model. The qemu driver was adjusted accordingly, but a similar change was missed in the lxc driver. Signed-off-by: Jim Fehlig <jfehlig@suse.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Index: libvirt-6.0.0/src/lxc/lxc_conf.c =================================================================== --- libvirt-6.0.0.orig/src/lxc/lxc_conf.c +++ libvirt-6.0.0/src/lxc/lxc_conf.c @@ -212,9 +212,10 @@ virCapsPtr virLXCDriverGetCapabilities(v virDomainXMLOptionPtr -lxcDomainXMLConfInit(virLXCDriverPtr driver) +lxcDomainXMLConfInit(virLXCDriverPtr driver, const char *defsecmodel) { virLXCDriverDomainDefParserConfig.priv = driver; + virLXCDriverDomainDefParserConfig.defSecModel = defsecmodel; return virDomainXMLOptionNew(&virLXCDriverDomainDefParserConfig, &virLXCDriverPrivateDataCallbacks, &virLXCDriverDomainXMLNamespace, Index: libvirt-6.0.0/src/lxc/lxc_conf.h =================================================================== --- libvirt-6.0.0.orig/src/lxc/lxc_conf.h +++ libvirt-6.0.0/src/lxc/lxc_conf.h @@ -112,7 +112,8 @@ int virLXCLoadDriverConfig(virLXCDriverC virCapsPtr virLXCDriverCapsInit(virLXCDriverPtr driver); virCapsPtr virLXCDriverGetCapabilities(virLXCDriverPtr driver, bool refresh); -virDomainXMLOptionPtr lxcDomainXMLConfInit(virLXCDriverPtr driver); +virDomainXMLOptionPtr lxcDomainXMLConfInit(virLXCDriverPtr driver, + const char *defsecmodel); static inline void lxcDriverLock(virLXCDriverPtr driver) { Index: libvirt-6.0.0/src/lxc/lxc_controller.c =================================================================== --- libvirt-6.0.0.orig/src/lxc/lxc_controller.c +++ libvirt-6.0.0/src/lxc/lxc_controller.c @@ -172,7 +172,7 @@ virLXCControllerDriverNew(void) } driver->caps = virLXCDriverCapsInit(NULL); - driver->xmlopt = lxcDomainXMLConfInit(driver); + driver->xmlopt = lxcDomainXMLConfInit(driver, NULL); return driver; } Index: libvirt-6.0.0/src/lxc/lxc_driver.c =================================================================== --- libvirt-6.0.0.orig/src/lxc/lxc_driver.c +++ libvirt-6.0.0/src/lxc/lxc_driver.c @@ -1531,6 +1531,7 @@ static int lxcStateInitialize(bool privi { virLXCDriverConfigPtr cfg = NULL; bool autostart = true; + const char *defsecmodel; /* Check that the user is root, silently disable if not */ if (!privileged) { @@ -1580,7 +1581,9 @@ static int lxcStateInitialize(bool privi if (!(lxc_driver->hostdevMgr = virHostdevManagerGetDefault())) goto cleanup; - if (!(lxc_driver->xmlopt = lxcDomainXMLConfInit(lxc_driver))) + defsecmodel = virSecurityManagerGetModel(lxc_driver->securityManager); + + if (!(lxc_driver->xmlopt = lxcDomainXMLConfInit(lxc_driver, defsecmodel))) goto cleanup; if (!(lxc_driver->closeCallbacks = virCloseCallbacksNew())) Index: libvirt-6.0.0/tests/testutilslxc.c =================================================================== --- libvirt-6.0.0.orig/tests/testutilslxc.c +++ libvirt-6.0.0/tests/testutilslxc.c @@ -71,7 +71,7 @@ testLXCDriverInit(void) } driver->caps = testLXCCapsInit(); - driver->xmlopt = lxcDomainXMLConfInit(driver); + driver->xmlopt = lxcDomainXMLConfInit(driver, NULL); return driver; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor