From: Daniel P. Berrange <berrange@redhat.com>
Date: Thu, 23 Jun 2011 10:40:24 +0000 (+0100)
Subject: Avoid high privileges taint warning for QEMU session driver
X-Git-Tag: v0.9.3-rc1~40
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bd180de57b54e3808010c6967913ca001b6fecaf;p=thirdparty%2Flibvirt.git

Avoid high privileges taint warning for QEMU session driver

The code emitting taint warnings was mistakenly thinking
that guests run from the QEMU session driver were tainted
for having high privileges. This is of course nonsense
since the session driver is always unprivileged

* src/qemu/qemu_domain.c: Don't warn for high privileges in
  non-privileged QEMU
---

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index fab316f0bd..3af1c86934 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -788,9 +788,10 @@ void qemuDomainObjCheckTaint(struct qemud_driver *driver,
 {
     int i;
 
-    if (!driver->clearEmulatorCapabilities ||
-        driver->user == 0 ||
-        driver->group == 0)
+    if (driver->privileged &&
+        (!driver->clearEmulatorCapabilities ||
+         driver->user == 0 ||
+         driver->group == 0))
         qemuDomainObjTaint(driver, obj, VIR_DOMAIN_TAINT_HIGH_PRIVILEGES, logFD);
 
     if (obj->def->namespaceData) {