From 1a253b38e25f8ce1398f7f80b4b9593910a11709 Mon Sep 17 00:00:00 2001 From: Jamie Strandboge Date: Tue, 6 Apr 2010 22:53:43 +0200 Subject: [PATCH] Improve virt-aa-helper to handle SDL graphics and cleanups * src/security/virt-aa-helper.c: add support for SDL devices and 3 code cleanups --- src/security/virt-aa-helper.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c index dd00ed3b00..ae923e8981 100644 --- a/src/security/virt-aa-helper.c +++ b/src/security/virt-aa-helper.c @@ -775,7 +775,7 @@ vah_add_file(virBufferPtr buf, const char *path, const char *perms) virBufferVSprintf(buf, " \"%s\" %s,\n", tmp, perms); if (readonly) { - virBufferVSprintf(buf, " # don't audit writes to readonly media\n"); + virBufferVSprintf(buf, " # don't audit writes to readonly files\n"); virBufferVSprintf(buf, " deny \"%s\" w,\n", tmp); } @@ -872,11 +872,11 @@ get_files(vahControl * ctl) if (vah_add_file(&buf, ctl->def->console->data.file.path, "w") != 0) goto clean; - if (ctl->def->os.kernel && ctl->def->os.kernel) + if (ctl->def->os.kernel) if (vah_add_file(&buf, ctl->def->os.kernel, "r") != 0) goto clean; - if (ctl->def->os.initrd && ctl->def->os.initrd) + if (ctl->def->os.initrd) if (vah_add_file(&buf, ctl->def->os.initrd, "r") != 0) goto clean; @@ -884,6 +884,12 @@ get_files(vahControl * ctl) if (vah_add_file(&buf, ctl->def->os.loader, "r") != 0) goto clean; + if (ctl->def->ngraphics == 1 && + ctl->def->graphics[0]->type == VIR_DOMAIN_GRAPHICS_TYPE_SDL) + if (vah_add_file(&buf, ctl->def->graphics[0]->data.sdl.xauth, + "r") != 0) + goto clean; + for (i = 0; i < ctl->def->nhostdevs; i++) if (ctl->def->hostdevs[i]) { virDomainHostdevDefPtr dev = ctl->def->hostdevs[i]; -- GitLab