From: Ján Tomko <jtomko@redhat.com>
Date: Tue, 12 Nov 2013 12:18:54 +0000 (+0100)
Subject: Disable nwfilter driver when running unprivileged
X-Git-Tag: v1.2.0-rc1~84
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b7829f959b33c6e32422222a9ed745c0da7dc696;p=thirdparty%2Flibvirt.git

Disable nwfilter driver when running unprivileged

When opening a new connection to the driver, nwfilterOpen
only succeeds if the driverState has been allocated.

Move the privilege check in driver initialization before
the state allocation to disable the driver.

This changes the nwfilter-define error from:
error: cannot create config directory (null): Bad address
To:
this function is not supported by the connection driver:
virNWFilterDefineXML

https://bugzilla.redhat.com/show_bug.cgi?id=1029266
---

diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c
index 6602d730b9..d521adffed 100644
--- a/src/nwfilter/nwfilter_driver.c
+++ b/src/nwfilter/nwfilter_driver.c
@@ -174,6 +174,9 @@ nwfilterStateInitialize(bool privileged,
     char *base = NULL;
     DBusConnection *sysbus = NULL;
 
+    if (!privileged)
+        return 0;
+
 #if WITH_DBUS
     if (virDBusHasSystemBus() &&
         !(sysbus = virDBusGetSystemBus()))
@@ -190,9 +193,6 @@ nwfilterStateInitialize(bool privileged,
     driverState->watchingFirewallD = (sysbus != NULL);
     driverState->privileged = privileged;
 
-    if (!privileged)
-        return 0;
-
     nwfilterDriverLock(driverState);
 
     if (virNWFilterIPAddrMapInit() < 0)