From bd180de57b54e3808010c6967913ca001b6fecaf Mon Sep 17 00:00:00 2001 From: "Daniel P. Berrange" Date: Thu, 23 Jun 2011 11:40:24 +0100 Subject: [PATCH] Avoid high privileges taint warning for QEMU session driver The code emitting taint warnings was mistakenly thinking that guests run from the QEMU session driver were tainted for having high privileges. This is of course nonsense since the session driver is always unprivileged * src/qemu/qemu_domain.c: Don't warn for high privileges in non-privileged QEMU --- src/qemu/qemu_domain.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index fab316f0bd..3af1c86934 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -788,9 +788,10 @@ void qemuDomainObjCheckTaint(struct qemud_driver *driver, { int i; - if (!driver->clearEmulatorCapabilities || - driver->user == 0 || - driver->group == 0) + if (driver->privileged && + (!driver->clearEmulatorCapabilities || + driver->user == 0 || + driver->group == 0)) qemuDomainObjTaint(driver, obj, VIR_DOMAIN_TAINT_HIGH_PRIVILEGES, logFD); if (obj->def->namespaceData) {