[libvirt] [PATCH] correct security_require_confined default value
From: Alex Jia <ajia@redhat.com> * src/qemu/qemu.conf: set security_require_confined default value to 0. Signed-off-by: Alex Jia <ajia@redhat.com> --- src/qemu/qemu.conf | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf index 95428c1..6cb3707 100644 --- a/src/qemu/qemu.conf +++ b/src/qemu/qemu.conf @@ -145,7 +145,7 @@ # If set to non-zero, then attempts to create unconfined # guests will be blocked. Defaults to 0. -# security_require_confined = 1 +# security_require_confined = 0 # The user ID for QEMU processes run by the system instance. #user = "root" -- 1.7.1
On Tue, Feb 14, 2012 at 18:38:24 +0800, ajia@redhat.com wrote:
From: Alex Jia <ajia@redhat.com>
* src/qemu/qemu.conf: set security_require_confined default value to 0.
Signed-off-by: Alex Jia <ajia@redhat.com> --- src/qemu/qemu.conf | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf index 95428c1..6cb3707 100644 --- a/src/qemu/qemu.conf +++ b/src/qemu/qemu.conf @@ -145,7 +145,7 @@
# If set to non-zero, then attempts to create unconfined # guests will be blocked. Defaults to 0. -# security_require_confined = 1 +# security_require_confined = 0
This is just a comment explaining how to set the value, I don't think we have any rule saying the values in comment are the default ones. The comment about is explicit about what the default value is.
# The user ID for QEMU processes run by the system instance. #user = "root" ^^^^^^^^^^^^^
For example, the value above is usually not the default one either. That said, this patch is not doing anything wrong but I think that if we want to do this, we should document the rule and fix all values at once to be consistent with it. And I don't think it's worth it. Jirka
On 02/14/2012 06:10 AM, Jiri Denemark wrote:
On Tue, Feb 14, 2012 at 18:38:24 +0800, ajia@redhat.com wrote:
From: Alex Jia <ajia@redhat.com>
* src/qemu/qemu.conf: set security_require_confined default value to 0.
Signed-off-by: Alex Jia <ajia@redhat.com> --- src/qemu/qemu.conf | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf index 95428c1..6cb3707 100644 --- a/src/qemu/qemu.conf +++ b/src/qemu/qemu.conf @@ -145,7 +145,7 @@
# If set to non-zero, then attempts to create unconfined # guests will be blocked. Defaults to 0. -# security_require_confined = 1 +# security_require_confined = 0
This is just a comment explaining how to set the value, I don't think we have any rule saying the values in comment are the default ones. The comment about is explicit about what the default value is.
In fact, I prefer leaving it as-is. The idea is that the default is 0, but the example has 1, so that you merely need uncomment the example to change the default.
That said, this patch is not doing anything wrong but I think that if we want to do this, we should document the rule and fix all values at once to be consistent with it. And I don't think it's worth it.
Concur. Let's just drop this one. -- Eric Blake eblake@redhat.com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
participants (3)
-
ajia@redhat.com -
Eric Blake -
Jiri Denemark