Re: [libvirt] [PATCH 09/10] storage: open secret driver connection at time of use

Instead of passing around a virConnectPtr object, just open a connection to the secret driver at time of use. Opening connections on demand will be beneficial when the secret driver is in a separate daemon. It also solves the problem that a number of callers just pass in a NULL connection today which prevents secret lookup working at all. Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- src/storage/storage_backend_iscsi.c | 14 +++--- src/storage/storage_backend_logical.c | 2 +- src/storage/storage_backend_rbd.c | 41 +++++++-------- src/storage/storage_util.c | 95 ++++++++++++++++------------------- src/storage/storage_util.h | 6 +-- 5 files changed, 71 insertions(+), 87 deletions(-) diff --git a/src/storage/storage_backend_iscsi.c b/src/storage/storage_backend_iscsi.c index b0c5096adb..921215c9e9 100644 --- a/src/storage/storage_backend_iscsi.c +++ b/src/storage/storage_backend_iscsi.c @@ -273,13 +273,13 @@ virStorageBackendISCSICheckPool(virStoragePoolObjPtr pool, static int virStorageBackendISCSISetAuth(const char *portal, - virConnectPtr conn, virStoragePoolSourcePtr source) { unsigned char *secret_value = NULL; size_t secret_size; virStorageAuthDefPtr authdef = source->auth; int ret = -1; + virConnectPtr conn = NULL; if (!authdef || authdef->authType == VIR_STORAGE_AUTH_TYPE_NONE) return 0; @@ -292,12 +292,9 @@ virStorageBackendISCSISetAuth(const char *portal, return -1; } - if (!conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("iscsi 'chap' authentication not supported " - "for autostarted pools")); + conn = virConnectOpen(geteuid() == 0 ? "secret:///system" : "secret:///session");