[libvirt] [PATCH] conf: describe security_driver behavior
As a request was raised for this, I added few lines in the "Notes" part of the "security_driver" comments about allowed values. --- The related bug for this patch is here: https://bugzilla.redhat.com/show_bug.cgi?id=853925 src/qemu/qemu.conf | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf index d3175fa..f0ba163 100644 --- a/src/qemu/qemu.conf +++ b/src/qemu/qemu.conf @@ -164,7 +164,10 @@ # # security_driver = [ "selinux", "apparmor" ] # -# Note: The DAC security driver is always enabled. +# Notes: The DAC security driver is always enabled, setting the +# security_driver to that value is not allowed as well as adding "dac" +# into the list of security drivers. Value "none" is special value and +# cannot be used in the list of security drivers. # #security_driver = "selinux" -- 1.7.12
On 09/04/2012 08:23 AM, Martin Kletzander wrote:
As a request was raised for this, I added few lines in the "Notes" part of the "security_driver" comments about allowed values. --- The related bug for this patch is here: https://bugzilla.redhat.com/show_bug.cgi?id=853925
src/qemu/qemu.conf | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf index d3175fa..f0ba163 100644 --- a/src/qemu/qemu.conf +++ b/src/qemu/qemu.conf @@ -164,7 +164,10 @@ # # security_driver = [ "selinux", "apparmor" ] # -# Note: The DAC security driver is always enabled. +# Notes: The DAC security driver is always enabled, setting the +# security_driver to that value is not allowed as well as adding "dac" +# into the list of security drivers. Value "none" is special value and +# cannot be used in the list of security drivers.
Grammar; might I suggest: The DAC security driver is always enabled; as a result, the value of security_driver cannot contain "dac". The value "none" is a special value; security_driver can be set to that value in isolation, but it cannot appear in a list of drivers. -- Eric Blake eblake@redhat.com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
On 09/04/2012 04:51 PM, Eric Blake wrote:
On 09/04/2012 08:23 AM, Martin Kletzander wrote:
As a request was raised for this, I added few lines in the "Notes" part of the "security_driver" comments about allowed values. --- The related bug for this patch is here: https://bugzilla.redhat.com/show_bug.cgi?id=853925
src/qemu/qemu.conf | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf index d3175fa..f0ba163 100644 --- a/src/qemu/qemu.conf +++ b/src/qemu/qemu.conf @@ -164,7 +164,10 @@ # # security_driver = [ "selinux", "apparmor" ] # -# Note: The DAC security driver is always enabled. +# Notes: The DAC security driver is always enabled, setting the +# security_driver to that value is not allowed as well as adding "dac" +# into the list of security drivers. Value "none" is special value and +# cannot be used in the list of security drivers.
Grammar; might I suggest:
The DAC security driver is always enabled; as a result, the value of security_driver cannot contain "dac". The value "none" is a special value; security_driver can be set to that value in isolation, but it cannot appear in a list of drivers.
Of course, that's definitely better. I'm pushing your version then. Thanks. Martin
participants (2)
-
Eric Blake -
Martin Kletzander