
17 Sep
2012
17 Sep
'12
9:22 a.m.
On 09/14/12 17:14, Corey Bryant wrote:
On 09/12/2012 04:03 AM, Ján Tomko wrote:
+ if (qemuCapsGet(qemuCaps, QEMU_CAPS_SECCOMP_SANDBOX)) { + if (driver->seccompSandbox == 0) + virCommandAddArgList(cmd, "-sandbox", "off", NULL); + else if (driver->seccompSandbox > 0) + virCommandAddArgList(cmd, "-sandbox", "on", NULL); + } else if (driver->seccompSandbox > 0) {
Should this be (driver->seccompSandbox >= 0) ?
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("QEMU does not support seccomp sandboxes")); + goto error; + } +
I don't think so. If QEMU doesn't support -sandbox, it's like it was off, which is what the user requested by setting it to 0. Jan