On Thu, Feb 09, 2012 at 01:52:10PM -0700, Eric Blake wrote:
On 02/09/2012 08:00 AM, Martin Kletzander wrote:
I tried lots of different solutions and this seems like the most clean and readable one. --- src/lxc/lxc_container.c | 6 ++++-- 1 files changed, 4 insertions(+), 2 deletions(-)
@@ -511,10 +509,14 @@ static int lxcContainerMountBasicFS(const char *srcprefix, bool pivotRoot) * tmpfs is limited to 64kb, since we only have device nodes in there * and don't want to DOS the entire OS RAM usage */ +#if HAVE_SELINUX if (virAsprintf(&opts, "mode=755,size=65536%s%s%s", con ? ",context=\"" : "", con ? (const char *)con : "", con ? "\"" : "") < 0) { +#else + if (virAsprintf(&opts, "mode=755,size=65536") < 0) { +#endif
I'm not a big fan of unbalanced '{' (two open and one close, because only the open was protected by ifdef), if only because editors that are aware of indentation but not of #ifdef will mis-indent code that follows. I'm thinking this might read better, and avoid the unbalanced {}:
#if HAVE_SELINUX security_context_t con; #endif
VIR_DEBUG("Mounting basic filesystems %s pivotRoot=%d", NULLSTR(srcprefix), pivotRoot); ...
#if HAVE_SELINUX if (con) ignore_value(virAsprintf(&opts, "mode=755,size=65536,context=\"%s\"", (const char *)con)); else #endif opts = strdup("mode=755,size=65536);
^^^ " ^^^
if (!opts) { virReportOOMError(); goto cleanup; }
ACK to this variant, with the missing quote fixed Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|