Re: [PATCH] apparmor: Don't check for existence of templates upfront
On Mon, Sep 16, 2024 at 04:13:03PM +0100, Daniel P. Berrangé wrote:
On Tue, Sep 17, 2024 at 12:12:05AM +0900, Andrea Bolognani wrote:
> On Mon, Sep 16, 2024 at 04:04:40PM GMT, Daniel P. Berrangé wrote:
> > On Mon, Sep 16, 2024 at 04:55:55PM +0200, Andrea Bolognani wrote:
> > > static virSecurityDriverStatus
> > > AppArmorSecurityManagerProbe(const char *virtDriver G_GNUC_UNUSED)
> >
> > We're passing the virt driver name ("QEMU" or "LXC") in
here and not using
> > it.....
> >
> > ...rather than delete these, pick the right check to perform based
> > on 'virtDriver' value.
> >
> > eg approximately like this
> >
> > g_autofree char *template_name = g_strdup(virtDriver);
> > for (i = 0; template_name[i]; i++)
> > template_name[i] = tolower(template_name[i])
> > template = g_strdup_printf("%s/TEMPLATE.%s", APPARMOR_DIR
"/libvirt", template_name)
>
> I can give it a shot, but it still seems pointless to check whether
> the files are available ahead of time when virt-aa-helper will do
> that at the time when they're actually going to be used. What do we
> gain by doing that?
Do we still get a clear error message back to the user if virt-aa-helper
fails due to the missing files ?
A difference is that this Probe check will presumably report the error
during daemon startup, while the virt-aa-helper check will delay the
report until a VM is started. A failure to start the daemon is arguably
more likely to be noticed & fixed at time of host deployment.
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|