On Mon, Mar 17, 2008 at 04:02:06PM +0000, Daniel P. Berrange wrote:
On Tue, Mar 11, 2008 at 06:47:47AM -0400, Daniel Veillard wrote:
On Mon, Mar 10, 2008 at 07:09:36PM +0000, Daniel P. Berrange wrote:
When adding PolicyKit support we disabled the proxy driver, but did not correctly fix up the Xen unified driver. The result is that it is still trying to run the proxy setuid helper which doesn't exist and thus it fails the open operation before the remote driver gets the opportunity to process the URI. I attempted to fix this by just disabling the proxy driver in the unified driver, but came to the conclusion the logic of the current code is just not flexible enough for what we need to be able todo these days.
THe core problem is the 'for(;;)' loop iterating over the drivers - it already has several special cases in the loop body to skip drivers, or ignore errors and adding more special cases is making my mind hurt trying to trace the logic.
So I have removed the loop, and encode the desired logic explicitly. The diff a little unpleasant to read, so to summarize the logic is thus:
- If root only, try open the hypervisor driver -> Failure to open is fatal, do not try other drivers
hum, I'm not 100% sure of that, an old libvirt version might still be able to work though xend in face of an hypervisor change it can't handle, we had the problem for example with 0.4.0 on xen-3.2, there was side effects but it was basically working without hypervisor access...
This attached patch adds that use case too. Failure of the HV driver is now non-fatal. The other rules below are unchagned
Okidoc, +1 :-) thanks ! Daniel -- Red Hat Virtualization group http://redhat.com/virtualization/ Daniel Veillard | virtualization library http://libvirt.org/ veillard@redhat.com | libxml GNOME XML XSLT toolkit http://xmlsoft.org/ http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/