case $$dir in \
util/) safe="util";; \
access/ | conf/) safe="($$dir|conf|util)";; \
- cpu/| network/| node_device/| rpc/| security/| storage/) \
+ cpu/| network/| node_device/| rpc/| storage/) \
safe="($$dir|util|conf|storage)";; \
+ security/) \
+ safe="($$dir|util|conf|storage|locking)";; \
xenapi/ | xenconfig/ ) safe="($$dir|util|conf|xen|cpu)";; \
*) safe="($$dir|$(mid_dirs)|util)";; \
esac; \
ctrl->handshakeFd = handshakeFd;
if (!(ctrl->securityManager = virSecurityManagerNew(securityDriver,
- LXC_DRIVER_NAME, 0)))
+ LXC_DRIVER_NAME,
+ NULL, 0)))
goto cleanup;
if (ctrl->def->seclabels) {
flags |= VIR_SECURITY_MANAGER_REQUIRE_CONFINED;
virSecurityManagerPtr mgr = virSecurityManagerNew(cfg->securityDriverName,
- LXC_DRIVER_NAME, flags);
+ LXC_DRIVER_NAME, NULL, flags);
if (!mgr)
goto error;
while (names && *names) {
if (!(mgr = qemuSecurityNew(*names,
QEMU_DRIVER_NAME,
+ cfg->metadataLockManagerName,
flags)))
goto error;
if (!stack) {
} else {
if (!(mgr = qemuSecurityNew(NULL,
QEMU_DRIVER_NAME,
+ cfg->metadataLockManagerName,
flags)))
goto error;
if (!(stack = qemuSecurityNewStack(mgr)))
cfg->user,
cfg->group,
flags,
+ cfg->metadataLockManagerName,
qemuSecurityChownCallback)))
goto error;
if (!stack) {
#include "viralloc.h"
#include "virobject.h"
#include "virlog.h"
+#include "locking/lock_manager.h"
#define VIR_FROM_THIS VIR_FROM_SECURITY
unsigned int flags;
const char *virtDriver;
void *privateData;
+
+ virLockManagerPluginPtr lockPlugin;
};
static virClassPtr virSecurityManagerClass;
{
virSecurityManagerPtr mgr = obj;
- if (mgr->drv->close)
+ if (mgr->drv &&
+ mgr->drv->close)
mgr->drv->close(mgr);
+
+ virObjectUnref(mgr->lockPlugin);
+
VIR_FREE(mgr->privateData);
}
static virSecurityManagerPtr
virSecurityManagerNewDriver(virSecurityDriverPtr drv,
const char *virtDriver,
+ const char *lockManagerPluginName,
unsigned int flags)
{
virSecurityManagerPtr mgr = NULL;
if (!(mgr = virObjectLockableNew(virSecurityManagerClass)))
goto error;
+ if (!lockManagerPluginName)
+ lockManagerPluginName = "nop";
+
+ if (!(mgr->lockPlugin = virLockManagerPluginNew(lockManagerPluginName,
+ NULL, NULL, 0))) {
+ goto error;
+ }
+
mgr->drv = drv;
mgr->flags = flags;
mgr->virtDriver = virtDriver;
virSecurityManagerPtr mgr =
virSecurityManagerNewDriver(&virSecurityDriverStack,
virSecurityManagerGetDriver(primary),
+ NULL,
primary->flags);
if (!mgr)
if (virSecurityStackAddNested(mgr, primary) < 0)
goto error;
+ mgr->lockPlugin = virObjectRef(mgr->lockPlugin);
+
return mgr;
error:
virObjectUnref(mgr);
uid_t user,
gid_t group,
unsigned int flags,
+ const char *lockManagerPluginName,
virSecurityManagerDACChownCallback chownCallback)
{
virSecurityManagerPtr mgr;
mgr = virSecurityManagerNewDriver(&virSecurityDriverDAC,
virtDriver,
+ lockManagerPluginName,
flags & VIR_SECURITY_MANAGER_NEW_MASK);
if (!mgr)
virSecurityManagerPtr
virSecurityManagerNew(const char *name,
const char *virtDriver,
+ const char *lockManagerPluginName,
unsigned int flags)
{
virSecurityDriverPtr drv = virSecurityDriverLookup(name, virtDriver);
return virSecurityManagerNewDriver(drv,
virtDriver,
+ lockManagerPluginName,
flags);
}
virSecurityManagerPtr virSecurityManagerNew(const char *name,
const char *virtDriver,
+ const char *lockManagerPluginName,
unsigned int flags);
virSecurityManagerPtr virSecurityManagerNewStack(virSecurityManagerPtr primary);
uid_t user,
gid_t group,
unsigned int flags,
+ const char *lockManagerPluginName,
virSecurityManagerDACChownCallback chownCallback);
int virSecurityManagerPreFork(virSecurityManagerPtr mgr);
if (virThreadInitialize() < 0)
return EXIT_FAILURE;
- mgr = virSecurityManagerNew(NULL, "QEMU", VIR_SECURITY_MANAGER_DEFAULT_CONFINED);
+ mgr = virSecurityManagerNew(NULL, "QEMU", NULL, VIR_SECURITY_MANAGER_DEFAULT_CONFINED);
if (mgr == NULL) {
fprintf(stderr, "Failed to start security driver");
return EXIT_FAILURE;
if (!rc)
return EXIT_AM_SKIP;
- if (!(mgr = virSecurityManagerNew("selinux", "QEMU",
+ if (!(mgr = virSecurityManagerNew("selinux", "QEMU", NULL,
VIR_SECURITY_MANAGER_DEFAULT_CONFINED |
VIR_SECURITY_MANAGER_PRIVILEGED))) {
VIR_TEST_VERBOSE("Unable to initialize security driver: %s\n",
int ret = 0;
virSecurityManagerPtr mgr;
- if (!(mgr = virSecurityManagerNew("selinux", "QEMU",
+ if (!(mgr = virSecurityManagerNew("selinux", "QEMU", NULL,
VIR_SECURITY_MANAGER_DEFAULT_CONFINED |
VIR_SECURITY_MANAGER_PRIVILEGED))) {
fprintf(stderr, "Unable to initialize security driver: %s\n",
if (qemuTestCapsCacheInsert(driver->qemuCapsCache, NULL) < 0)
goto error;
- if (!(mgr = virSecurityManagerNew("none", "qemu",
+ if (!(mgr = virSecurityManagerNew("none", "qemu", NULL,
VIR_SECURITY_MANAGER_PRIVILEGED)))
goto error;
if (!(driver->securityManager = virSecurityManagerNewStack(mgr)))
projects / libvirt.git / commitdiff