Re: [libvirt] [PATCH v2 3/3] network: Taint networks that are using hook script

On 02/05/2014 12:11 PM, Michal Privoznik wrote: > Basically, the idea is copied from domain code, where tainting > exists for a while. Currently, only one taint reason exists - > VIR_NETWORK_TAINT_HOOK to mark those networks which caused invoking > of hook script. What's missing here is that the network status XML doesn't include a <taint> element. Also, I think if a network is tainted, and domain that connects to that network should be tainted as well. Of course what would make this more useful would be if would could determine when a hook script actually *did* something for a particular network/interface (since presumably people are usually going to write their network hook scripts to only take action for particular networks and/or domains, not for *all* networks). I don't know that there's a way to do that without either 1) having a different hook script for each network, or 2) trusting the hook script to return some sort of status indicating whether or not it did anything. Obviously (2) is not a good idea, but we may want to think about (1) in the future (for qemu and lxc hook scripts as well) - instead of just looking for /etc/libvirt/hook/network, we could first look for /etc/libvirt/hook/network.${netname} and exec that instead if found (or in addition). But I think that can be deferred until later.

ACK if you add the <taint> element to the network status XML, and taint the domain any time it uses a tainted network.