From aa829d7bcd5faf685dd86c9e4095332d941262a1 Mon Sep 17 00:00:00 2001 From: "Daniel P. Berrange" Date: Tue, 1 May 2012 10:46:08 +0100 Subject: [PATCH] Ensure LXC security driver is set unconditonally The driver->securityDriverName field may be NULL, if automatic probing is used to determine security driver. This meant that unless selinux was explicitly requested in lxc.conf, it was not being sent to the libvirt_lxc process. The driver->securityManager field is guaranteed non-NULL, since there will always be the 'none' security driver present if nothing else exists. So use that to set the driver name for libvirt_lxc Signed-off-by: Daniel P. Berrange (cherry picked from commit 3746b070e79e5fe573f8b0bf32095a34f91b1eba) --- src/lxc/lxc_driver.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c index ffdd4ac5ac..03783ffbf8 100644 --- a/src/lxc/lxc_driver.c +++ b/src/lxc/lxc_driver.c @@ -1616,8 +1616,8 @@ lxcBuildControllerCmd(lxc_driver_t *driver, virCommandPreserveFD(cmd, ttyFDs[i]); } - if (driver->securityDriverName) - virCommandAddArgPair(cmd, "--security", driver->securityDriverName); + virCommandAddArgPair(cmd, "--security", + virSecurityManagerGetModel(driver->securityManager)); virCommandAddArg(cmd, "--handshake"); virCommandAddArgFormat(cmd, "%d", handshakefd); -- GitLab