On Mon, Apr 05, 2010 at 04:15:06PM -0500, Jamie Strandboge wrote:
This patch series addresses bug fixes in the AppArmor driver as well as updating it to changes made in 0.7.6 and 0.7.7. All of these are self-contained within the driver except 4_qemu_driver_stdin_path.patch. This is required by 5_apparmor-fix-save-restore.patch (see below). These all pass 'make syntax-check' and 'make check' (except 'daemon-conf', which has never passed here and I didn't patch it). [...]
4_qemu_driver_stdin_path.patch: adjust args to qemudStartVMDaemon() to also specify path to stdin_fd, so this can be passed to the AppArmor driver via *SetSecurityAllLabel(). This updates all calls to qemudStartVMDaemon() as well as setting up the non-AppArmor security driver *SetSecurityAllLabel() declarations for the above. This is required for 5_apparmor-fix-save-restore.patch since AppArmor resolves the passed file descriptor to the pathname given to open().
5_apparmor-fix-save-restore.patch: refactoring to update AppArmor security driver to adjust profile for save/restore[3]
Okay, I have now pushed all the patches except 4/ and 5/ which were changing some of the internal secutity layers of the qemud and it sounds a bit late in the cycle for this, plus I would prefer some review from Dan before pushing like this, but 1-3, 7-10 are in :-) thanks ! Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ daniel@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/