On Fri, Mar 13, 2009 at 05:08:08PM -0400, Cole Robinson wrote:
Seems to me that a read only connection shouldn't be able to dump domain xml with the SECURE flag. Attached patch blocks the attempt with an explicit error message.
ACK, seems like a reasonable idea. Daniel
diff --git a/src/libvirt.c b/src/libvirt.c index bf3453a..6e73cff 100644 --- a/src/libvirt.c +++ b/src/libvirt.c @@ -2619,6 +2619,12 @@ virDomainGetXMLDesc(virDomainPtr domain, int flags)
conn = domain->conn;
+ if ((conn->flags & VIR_CONNECT_RO) && (flags & VIR_DOMAIN_XML_SECURE)) { + virLibConnError(conn, VIR_ERR_OPERATION_DENIED, + _("%s with secure flag"), __FUNCTION__); + goto error; + } + if (conn->driver->domainDumpXML) { char *ret; ret = conn->driver->domainDumpXML (domain, flags);
-- Libvir-list mailing list Libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
-- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|