“e4e28220b572cf4c71d07740c24150411f0704a6”上不存在“README.rst”
提交 438a3850 编写于 作者: J Jim Fehlig

Fix starting qemu instances when apparmor driver is enabled

With the apparmor security driver enabled, qemu instances fail
to start

# grep ^security_driver /etc/libvirt/qemu.conf
security_driver = "apparmor"
# virsh start test-kvm
error: Failed to start domain test-kvm
error: internal error security label already defined for VM

The model field of virSecurityLabelDef object is always populated
by virDomainDefGetSecurityLabelDef(), so remove the check for a
NULL model when verifying if a label is already defined for the
instance.

Checking for a NULL model and populating it later in
AppArmorGenSecurityLabel() has been left in the code to be
consistent with virSecuritySELinuxGenSecurityLabel().
上级 4f773a8c
......@@ -436,8 +436,7 @@ AppArmorGenSecurityLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
return rc;
}
if ((secdef->label) ||
(secdef->model) || (secdef->imagelabel)) {
if (secdef->label || secdef->imagelabel) {
virReportError(VIR_ERR_INTERNAL_ERROR,
"%s",
_("security label already defined for VM"));
......@@ -461,8 +460,7 @@ AppArmorGenSecurityLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
goto err;
}
secdef->model = strdup(SECURITY_APPARMOR_NAME);
if (!secdef->model) {
if (!secdef->model && !(secdef->model = strdup(SECURITY_APPARMOR_NAME))) {
virReportOOMError();
goto err;
}
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册
新手
引导
客服 返回
顶部