mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-01-06 21:15:22 +00:00
afb96301f3
In case the caller specifies that confined guests are required but the security driver turns out to be 'none', we should return an error since this driver clearly cannot meet that requirement. As a result of this error, libvirtd fails to start when the host admin explicitly sets confined guests are required but there is no security driver available. Since security driver 'none' cannot create confined guests, we override default confined setting so that hypervisor drivers do not thing they should create confined guests.
42 lines
881 B
C
42 lines
881 B
C
#include <config.h>
|
|
|
|
#include <unistd.h>
|
|
#include <stdlib.h>
|
|
#include <stdio.h>
|
|
#include <string.h>
|
|
#include <errno.h>
|
|
#include "security/security_driver.h"
|
|
|
|
int
|
|
main (int argc ATTRIBUTE_UNUSED, char **argv ATTRIBUTE_UNUSED)
|
|
{
|
|
virSecurityManagerPtr mgr;
|
|
const char *doi, *model;
|
|
|
|
mgr = virSecurityManagerNew(NULL, false, true, false);
|
|
if (mgr == NULL) {
|
|
fprintf (stderr, "Failed to start security driver");
|
|
exit (-1);
|
|
}
|
|
|
|
model = virSecurityManagerGetModel(mgr);
|
|
if (!model)
|
|
{
|
|
fprintf (stderr, "Failed to copy secModel model: %s",
|
|
strerror (errno));
|
|
exit (-1);
|
|
}
|
|
|
|
doi = virSecurityManagerGetDOI(mgr);
|
|
if (!doi)
|
|
{
|
|
fprintf (stderr, "Failed to copy secModel DOI: %s",
|
|
strerror (errno));
|
|
exit (-1);
|
|
}
|
|
|
|
virSecurityManagerFree(mgr);
|
|
|
|
return 0;
|
|
}
|