From: Daniel P. Berrange <berrange@redhat.com>
Date: Tue, 1 May 2012 09:46:08 +0000 (+0100)
Subject: Ensure LXC security driver is set unconditonally
X-Git-Tag: v0.9.12-rc1~9
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3746b070e79e5fe573f8b0bf32095a34f91b1eba;p=thirdparty%2Flibvirt.git

Ensure LXC security driver is set unconditonally

The driver->securityDriverName field may be NULL, if automatic
probing is used to determine security driver. This meant that
unless selinux was explicitly requested in lxc.conf, it was
not being sent to the libvirt_lxc process.

The driver->securityManager field is guaranteed non-NULL, since
there will always be the 'none' security driver present if
nothing else exists. So use that to set the driver name for
libvirt_lxc

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---

diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
index ffdd4ac5ac..03783ffbf8 100644
--- a/src/lxc/lxc_driver.c
+++ b/src/lxc/lxc_driver.c
@@ -1616,8 +1616,8 @@ lxcBuildControllerCmd(lxc_driver_t *driver,
         virCommandPreserveFD(cmd, ttyFDs[i]);
     }
 
-    if (driver->securityDriverName)
-        virCommandAddArgPair(cmd, "--security", driver->securityDriverName);
+    virCommandAddArgPair(cmd, "--security",
+                         virSecurityManagerGetModel(driver->securityManager));
 
     virCommandAddArg(cmd, "--handshake");
     virCommandAddArgFormat(cmd, "%d", handshakefd);