Avoid high privileges taint warning for QEMU session driver

The code emitting taint warnings was mistakenly thinking that guests run from the QEMU session driver were tainted for having high privileges. This is of course nonsense since the session driver is always unprivileged * src/qemu/qemu_domain.c: Don't warn for high privileges in non-privileged QEMU

Avoid high privileges taint warning for QEMU session driver
The code emitting taint warnings was mistakenly thinking that guests run from the QEMU session driver were tainted for having high privileges. This is of course nonsense since the session driver is always unprivileged * src/qemu/qemu_domain.c: Don't warn for high privileges in non-privileged QEMU
bd180de5 · Daniel P. Berrange · 3ba937da · bd180de5
隐藏空白更改
内联并排

Showing with 4 addition and 3 deletion

src/qemu/qemu_domain.c src/qemu/qemu_domain.c +4 -3

未找到文件。
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -788,9 +788,10 @@ void qemuDomainObjCheckTaint(struct qemud_driver *driver,
 {
    int i;

-    if (!driver->clearEmulatorCapabilities ||
-        driver->user == 0 ||
-        driver->group == 0)
+    if (driver->privileged &&
+        (!driver->clearEmulatorCapabilities ||
+         driver->user == 0 ||
+         driver->group == 0))
        qemuDomainObjTaint(driver, obj, VIR_DOMAIN_TAINT_HIGH_PRIVILEGES, logFD);

    if (obj->def->namespaceData) {