Daniel P. Berrangé 5d010c3df6 network: avoid trying to create global firewall rules if unprivileged ... The unprivileged libvirtd does not have permission to create firewall rules, or bridge devices, or do anything to the host network in general. Historically we still activate the network driver though and let the network start API call fail. The startup code path which reloads firewall rules on active networks would thus effectively be a no-op when unprivileged as it is impossible for there to be any active networks With the change to use a global set of firewall chains, however, we now have code that is run unconditionally. Ideally we would not register the network driver at all when unprivileged, but the entanglement with the virt drivers currently makes that impractical. As a temporary hack, we just make the firewall reload into a no-op. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>		2019-03-19 10:03:02 +00:00
..
bridge_driver_linux.c	network: split setup of ipv4 and ipv6 top level chains	2019-03-19 10:01:53 +00:00
bridge_driver_nop.c	network: improve error report when firewall chain creation fails	2019-03-19 09:54:52 +00:00
bridge_driver_platform.c	Remove all Author(s): lines from source file headers	2018-12-13 16:08:38 +00:00
bridge_driver_platform.h	network: improve error report when firewall chain creation fails	2019-03-19 09:54:52 +00:00
bridge_driver.c	network: avoid trying to create global firewall rules if unprivileged	2019-03-19 10:03:02 +00:00
bridge_driver.h	Enforce a standard header file guard symbol name	2018-12-14 10:47:13 +00:00
default.xml
leaseshelper.c	Require a semicolon for VIR_ENUM_IMPL calls	2019-02-03 17:46:29 -05:00
libvirt.zone	network: explicitly allow icmp/icmpv6 in libvirt zonefile	2019-02-14 15:06:42 -05:00
Makefile.inc.am	configure: selectively install a firewalld 'libvirt' zone	2019-02-01 12:08:37 -05:00