On Fri, Sep 06, 2013 at 06:29:55PM +0200, Giuseppe Scrivano wrote:
virSecurityManagerGetBaseLabel queries the default settings used by a security model.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> --- src/libvirt_private.syms | 1 + src/security/security_apparmor.c | 8 ++++++++ src/security/security_dac.c | 34 ++++++++++++++++++++++++---------- src/security/security_dac.h | 7 +++---- src/security/security_driver.h | 4 ++++ src/security/security_manager.c | 22 ++++++++++++++++++++-- src/security/security_manager.h | 2 ++ src/security/security_nop.c | 10 ++++++++++ src/security/security_selinux.c | 12 ++++++++++++ src/security/security_stack.c | 9 +++++++++ 10 files changed, 93 insertions(+), 16 deletions(-) diff --git a/src/security/security_manager.c b/src/security/security_manager.c index 92fb504..c4b8f10 100644 --- a/src/security/security_manager.c +++ b/src/security/security_manager.c @@ -273,6 +275,22 @@ virSecurityManagerGetModel(virSecurityManagerPtr mgr) return NULL; }
+/* return NULL if a base label is not present */ +const char * +virSecurityManagerGetBaseLabel(virSecurityManagerPtr mgr, int virtType) +{ + if (mgr->drv->getBaseLabel) { + const char *ret; + virObjectLock(mgr); + ret = mgr->drv->getBaseLabel(mgr, virtType); + virObjectUnlock(mgr); + return ret; + } + + virReportError(VIR_ERR_NO_SUPPORT, __FUNCTION__); + return NULL;
Per my reply to the 2nd patch, we need to remove thie virReportError method call. It is valid to not implement this method if no baselabel is required. Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|