External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-12-22 13:45:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

lxc domain from xml: convert lxc.cap.drop

Browse Source
This commit is contained in:
Cédric Bosdonnat 2014-07-18 10:02:30 +02:00 committed by Gao feng
parent 47e5b5ae32
commit 26d67015b8
12 changed files with 61 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
src/lxc/lxc_native.c
View File

@ -853,6 +853,28 @@ lxcSetBlkioTune(virDomainDefPtr def, virConfPtr properties)
return 0; return 0;
} }
static void
lxcSetCapDrop(virDomainDefPtr def, virConfPtr properties)
{
virConfValuePtr value;
char **toDrop = NULL;
const char *capString;
size_t i;
if ((value = virConfGetValue(properties, "lxc.cap.drop")) && value->str)
toDrop = virStringSplit(value->str, " ", 0);
for (i = 0; i < VIR_DOMAIN_CAPS_FEATURE_LAST; i++) {
capString = virDomainCapsFeatureTypeToString(i);
if (toDrop != NULL && virStringArrayHasString(toDrop, capString))
def->caps_features[i] = VIR_DOMAIN_FEATURE_STATE_OFF;
}
def->features[VIR_DOMAIN_FEATURE_CAPABILITIES] = VIR_DOMAIN_CAPABILITIES_POLICY_ALLOW;
virStringFreeList(toDrop);
}
virDomainDefPtr virDomainDefPtr
lxcParseConfigString(const char *config) lxcParseConfigString(const char *config)
{ {
@ -950,6 +972,9 @@ lxcParseConfigString(const char *config)
if (lxcSetBlkioTune(vmdef, properties) < 0) if (lxcSetBlkioTune(vmdef, properties) < 0)
goto error; goto error;
/* lxc.cap.drop */
lxcSetCapDrop(vmdef, properties);
goto cleanup; goto cleanup;
error: error:

2
tests/lxcconf2xmldata/lxcconf2xml-blkiotune.xml
View File

@ -25,6 +25,8 @@
</os> </os>
<features> <features>
<privnet/> <privnet/>
<capabilities policy='allow'>
</capabilities>
</features> </features>
<clock offset='utc'/> <clock offset='utc'/>
<on_poweroff>destroy</on_poweroff> <on_poweroff>destroy</on_poweroff>

2
tests/lxcconf2xmldata/lxcconf2xml-cpusettune.xml
View File

@ -13,6 +13,8 @@
</os> </os>
<features> <features>
<privnet/> <privnet/>
<capabilities policy='allow'>
</capabilities>
</features> </features>
<clock offset='utc'/> <clock offset='utc'/>
<on_poweroff>destroy</on_poweroff> <on_poweroff>destroy</on_poweroff>

2
tests/lxcconf2xmldata/lxcconf2xml-cputune.xml
View File

@ -15,6 +15,8 @@
</os> </os>
<features> <features>
<privnet/> <privnet/>
<capabilities policy='allow'>
</capabilities>
</features> </features>
<clock offset='utc'/> <clock offset='utc'/>
<on_poweroff>destroy</on_poweroff> <on_poweroff>destroy</on_poweroff>

2
tests/lxcconf2xmldata/lxcconf2xml-idmap.xml
View File

@ -14,6 +14,8 @@
</idmap> </idmap>
<features> <features>
<privnet/> <privnet/>
<capabilities policy='allow'>
</capabilities>
</features> </features>
<clock offset='utc'/> <clock offset='utc'/>
<on_poweroff>destroy</on_poweroff> <on_poweroff>destroy</on_poweroff>

4
tests/lxcconf2xmldata/lxcconf2xml-macvlannetwork.xml
View File

@ -8,6 +8,10 @@
<type>exe</type> <type>exe</type>
<init>/sbin/init</init> <init>/sbin/init</init>
</os> </os>
<features>
<capabilities policy='allow'>
</capabilities>
</features>
<clock offset='utc'/> <clock offset='utc'/>
<on_poweroff>destroy</on_poweroff> <on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot> <on_reboot>restart</on_reboot>

2
tests/lxcconf2xmldata/lxcconf2xml-memtune.xml
View File

@ -15,6 +15,8 @@
</os> </os>
<features> <features>
<privnet/> <privnet/>
<capabilities policy='allow'>
</capabilities>
</features> </features>
<clock offset='utc'/> <clock offset='utc'/>
<on_poweroff>destroy</on_poweroff> <on_poweroff>destroy</on_poweroff>

4
tests/lxcconf2xmldata/lxcconf2xml-nonenetwork.xml
View File

@ -8,6 +8,10 @@
<type>exe</type> <type>exe</type>
<init>/sbin/init</init> <init>/sbin/init</init>
</os> </os>
<features>
<capabilities policy='allow'>
</capabilities>
</features>
<clock offset='utc'/> <clock offset='utc'/>
<on_poweroff>destroy</on_poweroff> <on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot> <on_reboot>restart</on_reboot>

2
tests/lxcconf2xmldata/lxcconf2xml-nonetwork.xml
View File

@ -10,6 +10,8 @@
</os> </os>
<features> <features>
<privnet/> <privnet/>
<capabilities policy='allow'>
</capabilities>
</features> </features>
<clock offset='utc'/> <clock offset='utc'/>
<on_poweroff>destroy</on_poweroff> <on_poweroff>destroy</on_poweroff>

4
tests/lxcconf2xmldata/lxcconf2xml-physnetwork.xml
View File

@ -8,6 +8,10 @@
<type>exe</type> <type>exe</type>
<init>/sbin/init</init> <init>/sbin/init</init>
</os> </os>
<features>
<capabilities policy='allow'>
</capabilities>
</features>
<clock offset='utc'/> <clock offset='utc'/>
<on_poweroff>destroy</on_poweroff> <on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot> <on_reboot>restart</on_reboot>

8
tests/lxcconf2xmldata/lxcconf2xml-simple.xml
View File

@ -8,6 +8,14 @@
<type arch='i686'>exe</type> <type arch='i686'>exe</type>
<init>/sbin/init</init> <init>/sbin/init</init>
</os> </os>
<features>
<capabilities policy='allow'>
<mac_admin state='off'/>
<mac_override state='off'/>
<mknod state='off'/>
<sys_module state='off'/>
</capabilities>
</features>
<clock offset='utc'/> <clock offset='utc'/>
<on_poweroff>destroy</on_poweroff> <on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot> <on_reboot>restart</on_reboot>

4
tests/lxcconf2xmldata/lxcconf2xml-vlannetwork.xml
View File

@ -8,6 +8,10 @@
<type>exe</type> <type>exe</type>
<init>/sbin/init</init> <init>/sbin/init</init>
</os> </os>
<features>
<capabilities policy='allow'>
</capabilities>
</features>
<clock offset='utc'/> <clock offset='utc'/>
<on_poweroff>destroy</on_poweroff> <on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot> <on_reboot>restart</on_reboot>