It came up that libvirt-sandbox is a failed (and removed) experiment.
Let us clean up and remove it from the virt-aa-helper source as well.
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
---
src/security/virt-aa-helper.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index ad9a7dda94..fea4da80dc 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -511,8 +511,7 @@ valid_path(const char *path, const bool readonly)
/* override the above with these */
const char * const override[] = {
"/sys/devices/pci", /* for hostdev pci devices */
- "/sys/kernel/config/target/vhost", /* for hostdev vhost_scsi devices */
- "/etc/libvirt-sandbox/services/" /* for virt-sandbox service config */
+ "/sys/kernel/config/target/vhost" /* for hostdev vhost_scsi devices */
};
const int nropaths = ARRAY_CARDINALITY(restricted);
--
2.21.0
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
On Thu, May 16, 2019 at 09:38:55AM +0200, Christian Ehrhardt wrote: > It came up that libvirt-sandbox is a failed (and removed) experiment. > Let us clean up and remove it from the virt-aa-helper source as well. > > Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com> > --- > src/security/virt-aa-helper.c | 3 +-- > 1 file changed, 1 insertion(+), 2 deletions(-) > > diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c > index ad9a7dda94..fea4da80dc 100644 > --- a/src/security/virt-aa-helper.c > +++ b/src/security/virt-aa-helper.c > @@ -511,8 +511,7 @@ valid_path(const char *path, const bool readonly) > /* override the above with these */ > const char * const override[] = { > "/sys/devices/pci", /* for hostdev pci devices */ > - "/sys/kernel/config/target/vhost", /* for hostdev vhost_scsi devices */ > - "/etc/libvirt-sandbox/services/" /* for virt-sandbox service config */ > + "/sys/kernel/config/target/vhost" /* for hostdev vhost_scsi devices */ > }; If I'm nitpicking, my preference is to always have a redundant trailing "," so that changes only have a 1 line diff, as it is harmless in C. Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
On Thu, May 16, 2019 at 9:42 AM Daniel P. Berrangé <berrange@redhat.com> wrote: > > On Thu, May 16, 2019 at 09:38:55AM +0200, Christian Ehrhardt wrote: > > It came up that libvirt-sandbox is a failed (and removed) experiment. > > Let us clean up and remove it from the virt-aa-helper source as well. > > > > Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com> > > --- > > src/security/virt-aa-helper.c | 3 +-- > > 1 file changed, 1 insertion(+), 2 deletions(-) > > > > diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c > > index ad9a7dda94..fea4da80dc 100644 > > --- a/src/security/virt-aa-helper.c > > +++ b/src/security/virt-aa-helper.c > > @@ -511,8 +511,7 @@ valid_path(const char *path, const bool readonly) > > /* override the above with these */ > > const char * const override[] = { > > "/sys/devices/pci", /* for hostdev pci devices */ > > - "/sys/kernel/config/target/vhost", /* for hostdev vhost_scsi devices */ > > - "/etc/libvirt-sandbox/services/" /* for virt-sandbox service config */ > > + "/sys/kernel/config/target/vhost" /* for hostdev vhost_scsi devices */ > > }; > > If I'm nitpicking, my preference is to always have a redundant trailing "," > so that changes only have a 1 line diff, as it is harmless in C. Me as well actually, if only preferences would not differ between projects :-) If nothing else comes up I'll push with a "," after a safety build (as usual) > Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> > > > Regards, > Daniel > -- > |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| > |: https://libvirt.org -o- https://fstop138.berrange.com :| > |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| -- Christian Ehrhardt Software Engineer, Ubuntu Server Canonical Ltd -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
© 2016 - 2024 Red Hat, Inc.