From: Daniel P. Berrange <berrange@redhat.com>
Date: Fri, 23 Nov 2012 10:44:39 +0000 (+0000)
Subject: Treat missing driver cgroup as fatal in LXC driver
X-Git-Tag: CVE-2012-3411~61
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7c5ba648f7bab628b2965f699ad1fed524f6141a;p=thirdparty%2Flibvirt.git

Treat missing driver cgroup as fatal in LXC driver

The LXC driver relies on use of cgroups to kill off LXC processes
in shutdown. If cgroups aren't available, we're unable to kill
off processes, so we must treat lack of cgroups as a fatal startup
error.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---

diff --git a/src/lxc/lxc_cgroup.c b/src/lxc/lxc_cgroup.c
index ed86b4368e..912233fa34 100644
--- a/src/lxc/lxc_cgroup.c
+++ b/src/lxc/lxc_cgroup.c
@@ -229,10 +229,6 @@ int virLXCCgroupSetup(virDomainDefPtr def)
 
     rc = virCgroupForDriver("lxc", &driver, 1, 0);
     if (rc != 0) {
-        /* Skip all if no driver cgroup is configured */
-        if (rc == -ENXIO || rc == -ENOENT)
-            return 0;
-
         virReportSystemError(-rc, "%s",
                              _("Unable to get cgroup for driver"));
         goto cleanup;