security: apparmor: Properly link with storage driver in helper program

The refactor to split up storage driver into modules broke the apparmor
helper program, since that did not initialize the storage driver
properly and thus detection of the backing chain could not work.

Register the storage driver backends explicitly. Unfortunately it's now
necessary to link with the full storage driver to satisfy dependencies
of the loadable modules.

Reviewed-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Reported-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Tested-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>

diff --git a/src/Makefile.am b/src/Makefile.am
index 399d031dd8bf7f28255358d8af1dffb26400ed2e..e637dfd910ff47ade8ce18416ce58b22022a8786 100644 (file)
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -3281,7 +3281,7 @@ virt_aa_helper_LDADD =                                            \
                libvirt.la                                      \
                libvirt_conf.la                                 \
                libvirt_util.la                                 \
-               libvirt_driver_storage_impl.la                  \
+               libvirt_driver_storage.la                       \
                ../gnulib/lib/libgnu.la
 if WITH_DTRACE_PROBES
 virt_aa_helper_LDADD += libvirt_probes.lo

diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index 6952720764c35f14b58306dc1c77ee39371fcf89..a751d6debe12bd104cfee9a5106fdfe5a955e467 100644 (file)
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -56,6 +56,7 @@
 #include "virgettext.h"
 
 #include "storage/storage_source.h"
+#include "storage/storage_backend.h"
 
 #define VIR_FROM_THIS VIR_FROM_SECURITY
 
@@ -926,6 +927,11 @@ get_files(vahControl * ctl)
         goto cleanup;
     }
 
+    if (virStorageBackendDriversRegister(false) < 0) {
+        vah_error(ctl, 0, _("failed to register storage driver backend"));
+        goto cleanup;
+    }
+
     for (i = 0; i < ctl->def->ndisks; i++) {
         virDomainDiskDefPtr disk = ctl->def->disks[i];
 
@@ -1283,6 +1289,8 @@ main(int argc, char **argv)
         exit(EXIT_FAILURE);
     }
 
+    virFileActivateDirOverride(argv[0]);
+
     /* Initialize the log system */
     virLogSetFromEnv();