Currently, even if we are connected RO to the libvirtd, we try to dump domain XML with secure information (VIR_DOMAIN_XML_SECURE flag). This is, however, forbidden in libvirt. With RO connection, we should not use the SECURE flag at all. --- libxkutil/device_parsing.c | 9 +++++++-- libxkutil/misc_util.c | 2 +- libxkutil/misc_util.h | 1 + 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/libxkutil/device_parsing.c b/libxkutil/device_parsing.c index 7900e06..ffdf682 100644 --- a/libxkutil/device_parsing.c +++ b/libxkutil/device_parsing.c @@ -31,6 +31,7 @@ #include <libcmpiutil/libcmpiutil.h> #include "device_parsing.h" +#include "misc_util.h" #include "xmlgen.h" #include "../src/svpc_types.h" @@ -1283,8 +1284,12 @@ int get_dominfo(virDomainPtr dom, struct domain **dominfo) char *xml; int ret = 0; int start; - xml = virDomainGetXMLDesc(dom, - VIR_DOMAIN_XML_INACTIVE | VIR_DOMAIN_XML_SECURE); + int flags = VIR_DOMAIN_XML_INACTIVE; + + if (!is_read_only()) + flags |= VIR_DOMAIN_XML_SECURE; + + xml = virDomainGetXMLDesc(dom, flags); if (xml == NULL) { CU_DEBUG("Failed to get dom xml with libvirt API."); diff --git a/libxkutil/misc_util.c b/libxkutil/misc_util.c index 9e7e0d5..2164dd0 100644 --- a/libxkutil/misc_util.c +++ b/libxkutil/misc_util.c @@ -219,7 +219,7 @@ static int libvirt_cim_config_get(LibvirtcimConfigProperty *prop) } #endif -static int is_read_only(void) +int is_read_only(void) { static LibvirtcimConfigProperty prop = { "readonly", CONFIG_BOOL, {0}, 0}; diff --git a/libxkutil/misc_util.h b/libxkutil/misc_util.h index fd4f191..056c327 100644 --- a/libxkutil/misc_util.h +++ b/libxkutil/misc_util.h @@ -153,6 +153,7 @@ int virt_set_status(const CMPIBroker *broker, #define REF2STR(r) CMGetCharPtr(CMObjectPathToString(r, NULL)) /* get libvirt-cim config */ +int is_read_only(void); const char *get_mig_ssh_tmp_key(void); bool get_disable_kvm(void); const char *get_lldptool_query_options(void); -- 1.8.1.5