From e06772f00695e016fea39ac3e569206f0b480894 Mon Sep 17 00:00:00 2001 From: "Daniel P. Berrange" Date: Wed, 27 Oct 2010 11:01:27 +0100 Subject: [PATCH] Remove audit hooks from the selinux security driver code This reverts commit b8e2de8899594edcd78b3a7cb1b39b89bbed2891 The hooks will be re-added in the QEMU driver itself. * src/security/security_selinux.c: Remove audit hooks --- src/security/security_selinux.c | 22 ++++------------------ 1 file changed, 4 insertions(+), 18 deletions(-) diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c index 0995d67007..a9dd836e6f 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -28,8 +28,6 @@ #include "pci.h" #include "hostusb.h" #include "storage_file.h" -#include "uuid.h" -#include "virtaudit.h" #define VIR_FROM_THIS VIR_FROM_SECURITY @@ -162,22 +160,20 @@ SELinuxGenSecurityLabel(virSecurityDriverPtr drv ATTRIBUTE_UNUSED, virDomainObjPtr vm) { int rc = -1; - char mcs[1024], uuidstr[VIR_UUID_STRING_BUFLEN]; + char mcs[1024]; char *scontext = NULL; int c1 = 0; int c2 = 0; - if (vm->def->seclabel.type == VIR_DOMAIN_SECLABEL_STATIC) { - rc = 0; - goto done; - } + if (vm->def->seclabel.type == VIR_DOMAIN_SECLABEL_STATIC) + return 0; if (vm->def->seclabel.label || vm->def->seclabel.model || vm->def->seclabel.imagelabel) { virSecurityReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("security label already defined for VM")); - goto done; + return rc; } do { @@ -221,16 +217,6 @@ err: VIR_FREE(vm->def->seclabel.model); done: VIR_FREE(scontext); - - virUUIDFormat(vm->def->uuid, uuidstr); - /* The derived socket context is not audited. */ -#define STR(X) ((X) != NULL ? (X) : "?") - VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_ID, rc == 0, - "name=%s uuid=%s process-context=%s image-context=%s", - vm->def->name, uuidstr, STR(vm->def->seclabel.label), - STR(vm->def->seclabel.imagelabel)); -#undef STR - return rc; }