maint: improve VIR_ERR_OPERATION_DENIED usage
Some of our operation denied messages are outright stupid; for example, if virIdentitySetAttr fails: error: operation Identity attribute is already set forbidden for read only access This patch fixes things to a saner: error: operation forbidden: Identity attribute is already set It also consolidates the most common usage pattern for operation denied errors: read-only connections preventing a public API. In this case, 'virsh -r -c test:///default destroy test' changes from: error: operation virDomainDestroy forbidden for read only access to: error: operation forbidden: read only access prevents virDomainDestroy Note that we were previously inconsistent on which APIs used VIR_FROM_DOM (such as virDomainDestroy) vs. VIR_FROM_NONE (such as virDomainPMSuspendForDuration). After this patch, all uses consistently use VIR_FROM_NONE, on the grounds that it is unlikely that a caller learning that a call is denied can do anything in particular with extra knowledge which error domain the call belongs to (similar to what we did in commit baa72449). * src/util/virerror.c (virErrorMsg): Rework OPERATION_DENIED error message. * src/internal.h (virCheckReadOnlyGoto): New macro. * src/util/virerror.h (virReportRestrictedError): New macro. * src/libvirt-lxc.c: Use new macros. * src/libvirt-qemu.c: Likewise. * src/libvirt.c: Likewise. * src/locking/lock_daemon.c (virLockDaemonClientNew): Likewise. Signed-off-by: NEric Blake <eblake@redhat.com>
Showing
想要评论请 注册 或 登录