Re: [libvirt] [PATCHv2 3/4] qemu: add -sandbox to command line if requested

Ján Tomko Mon, 17 Sep 2012 00:34:15 -0700

On 09/14/12 17:14, Corey Bryant wrote:
> On 09/12/2012 04:03 AM, Ján Tomko wrote:
>> +    if (qemuCapsGet(qemuCaps, QEMU_CAPS_SECCOMP_SANDBOX)) {
>> +        if (driver->seccompSandbox == 0)
>> +            virCommandAddArgList(cmd, "-sandbox", "off", NULL);
>> +        else if (driver->seccompSandbox > 0)
>> +            virCommandAddArgList(cmd, "-sandbox", "on", NULL);
>> +    } else if (driver->seccompSandbox > 0) {
> 
> Should this be (driver->seccompSandbox >= 0) ?
> 
>> +        virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
>> +                       _("QEMU does not support seccomp sandboxes"));
>> +        goto error;
>> +    }
>> +


I don't think so. If QEMU doesn't support -sandbox, it's like it was
off, which is what the user requested by setting it to 0.

Jan

--
libvir-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCHv2 3/4] qemu: add -sandbox to command line if requested

Reply via email to