On 09/04/2012 08:23 AM, Martin Kletzander wrote: > As a request was raised for this, I added few lines in the "Notes" > part of the "security_driver" comments about allowed values. > --- > The related bug for this patch is here: > https://bugzilla.redhat.com/show_bug.cgi?id=853925 > > src/qemu/qemu.conf | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf > index d3175fa..f0ba163 100644 > --- a/src/qemu/qemu.conf > +++ b/src/qemu/qemu.conf > @@ -164,7 +164,10 @@ > # > # security_driver = [ "selinux", "apparmor" ] > # > -# Note: The DAC security driver is always enabled. > +# Notes: The DAC security driver is always enabled, setting the > +# security_driver to that value is not allowed as well as adding "dac" > +# into the list of security drivers. Value "none" is special value and > +# cannot be used in the list of security drivers. Grammar; might I suggest: The DAC security driver is always enabled; as a result, the value of security_driver cannot contain "dac". The value "none" is a special value; security_driver can be set to that value in isolation, but it cannot appear in a list of drivers.