]> xenbits.xensource.com Git - libvirt.git/commitdiff
projects / libvirt.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a457fc6)
Set mknod permission in device ACL for LXC USB devices
authorDaniel P. Berrange <berrange@redhat.com>
Wed, 30 Apr 2014 13:57:51 +0000 (14:57 +0100)
committerDaniel P. Berrange <berrange@redhat.com>
Wed, 30 Apr 2014 15:54:13 +0000 (16:54 +0100)
The LXC controller itself needs to mknod the USB device
node in /dev/bus/usb, so we can't block mknod permission
from the cgroup.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
src/lxc/lxc_cgroup.c patch | blob | blame | history

diff --git a/src/lxc/lxc_cgroup.c b/src/lxc/lxc_cgroup.c
index 1ae39061706c788bb4292b23fe2df73d59b9ea20..c641132a78e0c53f610ddad1244bf367327a1d74 100644 (file)
--- a/src/lxc/lxc_cgroup.c
+++ b/src/lxc/lxc_cgroup.c
@@ -325,7 +325,7 @@ virLXCSetupHostUSBDeviceCgroup(virUSBDevicePtr dev ATTRIBUTE_UNUSED,
 
     VIR_DEBUG("Process path '%s' for USB device", path);
     if (virCgroupAllowDevicePath(cgroup, path,
-                                 VIR_CGROUP_DEVICE_RW) < 0)
+                                 VIR_CGROUP_DEVICE_RWM) < 0)
         return -1;
 
     return 0;
@@ -341,7 +341,7 @@ virLXCTeardownHostUSBDeviceCgroup(virUSBDevicePtr dev ATTRIBUTE_UNUSED,
 
     VIR_DEBUG("Process path '%s' for USB device", path);
     if (virCgroupDenyDevicePath(cgroup, path,
-                                VIR_CGROUP_DEVICE_RW) < 0)
+                                VIR_CGROUP_DEVICE_RWM) < 0)
         return -1;
 
     return 0;
Unnamed repository; edit this file 'description' to name the repository.