On Tue, Sep 17, 2024 at 12:12:05AM +0900, Andrea Bolognani wrote:
On Mon, Sep 16, 2024 at 04:04:40PM GMT, Daniel P. Berrangé wrote:
On Mon, Sep 16, 2024 at 04:55:55PM +0200, Andrea Bolognani wrote:
static virSecurityDriverStatus AppArmorSecurityManagerProbe(const char *virtDriver G_GNUC_UNUSED)
We're passing the virt driver name ("QEMU" or "LXC") in here and not using it.....
...rather than delete these, pick the right check to perform based on 'virtDriver' value.
eg approximately like this
g_autofree char *template_name = g_strdup(virtDriver); for (i = 0; template_name[i]; i++) template_name[i] = tolower(template_name[i]) template = g_strdup_printf("%s/TEMPLATE.%s", APPARMOR_DIR "/libvirt", template_name)
I can give it a shot, but it still seems pointless to check whether the files are available ahead of time when virt-aa-helper will do that at the time when they're actually going to be used. What do we gain by doing that?
Do we still get a clear error message back to the user if virt-aa-helper fails due to the missing files ? With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|