qemu: Clean up security driver initialisation and config file

Commit d0c0e79ac6 left behind some dead
code (hasDAC can't be efectively set to true, because
virSecurityManagerNew fails to load the "dac" driver).

This patch also enhances the condition for adding the default
auto-detected security manager if the manager array is allocated but
empty.

Also the configuration file for qemu driver still contains reference to
the DAC driver that can't be enabled manualy.

src/qemu/qemu.conf

@@ -162,7 +162,9 @@
 # driver at the same time, for this use a list of names separated by
 # comma and delimited by square brackets. For example:
 #
-#       security_driver = [ "selinux", "dac" ]
+#       security_driver = [ "selinux", "apparmor" ]
+#
+# Note: The DAC security driver is always enabled.
 #
 #security_driver = "selinux"
 

src/qemu/qemu_driver.c

@@ -251,14 +251,11 @@ qemuSecurityInit(struct qemud_driver *driver)
     char **names;
     virSecurityManagerPtr mgr = NULL;
     virSecurityManagerPtr stack = NULL;
-    bool hasDAC = false;
 
-    if (driver->securityDriverNames) {
+    if (driver->securityDriverNames &&
+        driver->securityDriverNames[0]) {
         names = driver->securityDriverNames;
         while (names && *names) {
-            if (STREQ("dac", *names))
-                hasDAC = true;
-
             if (!(mgr = virSecurityManagerNew(*names,
                                               QEMU_DRIVER_NAME,
                                               driver->allowDiskFormatProbing,
@@ -287,7 +284,7 @@ qemuSecurityInit(struct qemud_driver *driver)
         mgr = NULL;
     }
 
-    if (!hasDAC && driver->privileged) {
+    if (driver->privileged) {
         if (!(mgr = virSecurityManagerNewDAC(QEMU_DRIVER_NAME,
                                              driver->user,
                                              driver->group,