Re: [libvirt] [PATCH] correct security_require_confined default value
On Tue, Feb 14, 2012 at 18:38:24 +0800, ajia(a)redhat.com wrote:
From: Alex Jia <ajia(a)redhat.com>
* src/qemu/qemu.conf: set security_require_confined default value to 0.
Signed-off-by: Alex Jia <ajia(a)redhat.com>
---
src/qemu/qemu.conf | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf
index 95428c1..6cb3707 100644
--- a/src/qemu/qemu.conf
+++ b/src/qemu/qemu.conf
@@ -145,7 +145,7 @@
# If set to non-zero, then attempts to create unconfined
# guests will be blocked. Defaults to 0.
-# security_require_confined = 1
+# security_require_confined = 0
This is just a comment explaining how to set the value, I don't think we have
any rule saying the values in comment are the default ones. The comment about
is explicit about what the default value is.
# The user ID for QEMU processes run by the system instance.
#user = "root"
^^^^^^^^^^^^^
For example, the value above is usually not the default one either.
That said, this patch is not doing anything wrong but I think that if we want
to do this, we should document the rule and fix all values at once to be
consistent with it. And I don't think it's worth it.
Jirka