Fix nwfilter driver reload/shutdown handling when unprivileged

Although the nwfilter driver skips startup when running in a
session libvirtd, it did not skip reload or shutdown. This
caused errors to be reported when sending SIGHUP to libvirtd,
and caused an abort() in libdbus on shutdown due to trying
to remove a dbus filter that was never added

diff --git a/src/conf/nwfilter_conf.h b/src/conf/nwfilter_conf.h
index ca2c070218e1908b3e4d5f9db885ad4385aa1592..35f8ddec7820a48b6ed6b203ba6e34d0e112aff4 100644 (file)
--- a/src/conf/nwfilter_conf.h
+++ b/src/conf/nwfilter_conf.h
@@ -556,6 +556,7 @@ typedef struct _virNWFilterDriverState virNWFilterDriverState;
 typedef virNWFilterDriverState *virNWFilterDriverStatePtr;
 struct _virNWFilterDriverState {
     virMutex lock;
+    bool privileged;
 
     virNWFilterObjList nwfilters;
 

diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c
index b67b70424dad99a3a8da5d21e17527265c91b1d9..19ebb03b218e7fe12840d8bd5ee34bc14a12cb00 100644 (file)
--- a/src/nwfilter/nwfilter_driver.c
+++ b/src/nwfilter/nwfilter_driver.c
@@ -165,7 +165,7 @@ nwfilterDriverInstallDBusMatches(DBusConnection *sysbus ATTRIBUTE_UNUSED)
  * Initialization function for the QEmu daemon
  */
 static int
-nwfilterDriverStartup(bool privileged ATTRIBUTE_UNUSED,
+nwfilterDriverStartup(bool privileged,
                       virStateInhibitCallback callback ATTRIBUTE_UNUSED,
                       void *opaque ATTRIBUTE_UNUSED)
 {
@@ -185,6 +185,7 @@ nwfilterDriverStartup(bool privileged ATTRIBUTE_UNUSED,
         goto err_free_driverstate;
 
     driverState->watchingFirewallD = (sysbus != NULL);
+    driverState->privileged = privileged;
 
     if (!privileged)
         return 0;
@@ -275,6 +276,9 @@ nwfilterDriverReload(void) {
         return -1;
     }
 
+    if (!driverState->privileged)
+        return 0;
+
     conn = virConnectOpen("qemu:///system");
 
     if (conn) {
@@ -333,21 +337,24 @@ nwfilterDriverShutdown(void) {
     if (!driverState)
         return -1;
 
-    virNWFilterConfLayerShutdown();
-    virNWFilterTechDriversShutdown();
-    virNWFilterDHCPSnoopShutdown();
-    virNWFilterLearnShutdown();
-    virNWFilterIPAddrMapShutdown();
+    if (driverState->privileged) {
+        virNWFilterConfLayerShutdown();
+        virNWFilterTechDriversShutdown();
+        virNWFilterDHCPSnoopShutdown();
+        virNWFilterLearnShutdown();
+        virNWFilterIPAddrMapShutdown();
 
-    nwfilterDriverLock(driverState);
+        nwfilterDriverLock(driverState);
 
-    nwfilterDriverRemoveDBusMatches();
+        nwfilterDriverRemoveDBusMatches();
 
-    /* free inactive nwfilters */
-    virNWFilterObjListFree(&driverState->nwfilters);
+        /* free inactive nwfilters */
+        virNWFilterObjListFree(&driverState->nwfilters);
+
+        VIR_FREE(driverState->configDir);
+        nwfilterDriverUnlock(driverState);
+    }
 
-    VIR_FREE(driverState->configDir);
-    nwfilterDriverUnlock(driverState);
     virMutexDestroy(&driverState->lock);
     VIR_FREE(driverState);