Disable nwfilter driver when running unprivileged

When opening a new connection to the driver, nwfilterOpen
only succeeds if the driverState has been allocated.

Move the privilege check in driver initialization before
the state allocation to disable the driver.

This changes the nwfilter-define error from:
error: cannot create config directory (null): Bad address
To:
this function is not supported by the connection driver:
virNWFilterDefineXML

https://bugzilla.redhat.com/show_bug.cgi?id=1029266

diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c
index 6602d730b9a69e5d58b258e73fe035cc807f3645..d521adffed8fed086059e6b19c057879681b32bf 100644 (file)
--- a/src/nwfilter/nwfilter_driver.c
+++ b/src/nwfilter/nwfilter_driver.c
@@ -174,6 +174,9 @@ nwfilterStateInitialize(bool privileged,
     char *base = NULL;
     DBusConnection *sysbus = NULL;
 
+    if (!privileged)
+        return 0;
+
 #if WITH_DBUS
     if (virDBusHasSystemBus() &&
         !(sysbus = virDBusGetSystemBus()))
@@ -190,9 +193,6 @@ nwfilterStateInitialize(bool privileged,
     driverState->watchingFirewallD = (sysbus != NULL);
     driverState->privileged = privileged;
 
-    if (!privileged)
-        return 0;
-
     nwfilterDriverLock(driverState);
 
     if (virNWFilterIPAddrMapInit() < 0)