On a Monday in 2020, Daniel P. Berrangé wrote:
On Fri, Jun 19, 2020 at 01:43:46PM +0200, Ján Tomko wrote:
> On a Friday in 2020, Daniel P. Berrangé wrote:
> > The terms can be avoided with simple tweaks.
> >
> > Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
> > ---
> > src/libvirt.c | 2 +-
> > src/qemu/qemu_command.c | 2 +-
> > src/qemu/qemu_conf.c | 4 ++--
> > src/rpc/gendispatch.pl | 2 +-
> > 4 files changed, 5 insertions(+), 5 deletions(-)
> >
> > diff --git a/src/libvirt.c b/src/libvirt.c
> > index b2d0ba3d23..a0a21fd5d2 100644
> > --- a/src/libvirt.c
> > +++ b/src/libvirt.c
> > @@ -1025,7 +1025,7 @@ virConnectOpenInternal(const char *name,
> > bool matchScheme = false;
> > size_t s;
> > if (!ret->uri) {
> > - VIR_DEBUG("No URI, skipping driver with URI
whitelist");
> > + VIR_DEBUG("No URI, skipping driver with URI scheme
filtering");
> > continue;
> > }
> > if (embed && !virConnectDriverTab[i]->embeddable) {
> > diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
> > index 37113a433a..ff539b1556 100644
> > --- a/src/qemu/qemu_command.c
> > +++ b/src/qemu/qemu_command.c
> > @@ -9526,7 +9526,7 @@ qemuBuildSeccompSandboxCommandLine(virCommandPtr cmd,
> > return 0;
> > }
> >
> > - /* Seccomp whitelist is opt-in */
> > + /* Seccomp sandbox is opt-in */
>
> This is incorrect, we use the seccomp sandbox by default on newer QEMUs.
This comment is against the code that deals with the old style QEMU
seccomp code, which rquires an explicit opt-in. The new style seccom
is further up above the diff hunk context seen here.
I am specifically talking about the context. I wrote the comment to
contrast against the new-style sandbox.
If you don't want to preserve the contrast in here, just delete the
comment.
Jano