From: Paolo Bonzini <pbonzini@redhat.com>
To: Ikey Doherty <michael.i.doherty@intel.com>,
qemu-devel@nongnu.org, Stefan Hajnoczi <stefanha@redhat.com>
Subject: Re: [Qemu-devel] [PATCH v3 2/2] qemu-bridge-helper: Use stateless configuration for bridge.conf
Date: Tue, 26 May 2015 16:00:55 +0200 [thread overview]
Message-ID: <55647C97.9040302@redhat.com> (raw)
In-Reply-To: <1432644847-7566-2-git-send-email-michael.i.doherty@intel.com>
CCing maintainer.
Paolo
On 26/05/2015 14:54, Ikey Doherty wrote:
> The goal of stateless, and thus this change, is to separate OS configuration
> from system administrator configuration. With this change we will read the
> default configuration data from /usr/share/defaults/qemu, in the absence of
> an overriding site administrator configuration in /etc/qemu.
>
> A key advantage of this change is enabling a sane and immutable default OS
> configuration, that is resiliant to upgrades. Ultimate power is still left
> to the system administrator, with the ability to override the defaults if
> required. Lastly, given that the sane defaults are always available, the
> administrator may simply remove their site-config files to reset the
> configuration to the "factory defaults" (i.e. OS configuration).
>
> Signed-off-by: Ikey Doherty <michael.i.doherty@intel.com>
> ---
> configure | 2 ++
> qemu-bridge-helper.c | 15 +++++++++------
> 2 files changed, 11 insertions(+), 6 deletions(-)
>
> diff --git a/configure b/configure
> index f758f32..a0b6477 100755
> --- a/configure
> +++ b/configure
> @@ -4303,6 +4303,7 @@ fi
> qemu_confdir=$sysconfdir$confsuffix
> qemu_moddir=$libdir$confsuffix
> qemu_datadir=$datadir$confsuffix
> +qemu_defaultdir="$datadir/defaults$confsuffix"
> qemu_localedir="$datadir/locale"
>
> tools=""
> @@ -4543,6 +4544,7 @@ echo "mandir=$mandir" >> $config_host_mak
> echo "sysconfdir=$sysconfdir" >> $config_host_mak
> echo "qemu_confdir=$qemu_confdir" >> $config_host_mak
> echo "qemu_datadir=$qemu_datadir" >> $config_host_mak
> +echo "qemu_defaultdir=$qemu_defaultdir" >> $config_host_mak
> echo "qemu_docdir=$qemu_docdir" >> $config_host_mak
> echo "qemu_moddir=$qemu_moddir" >> $config_host_mak
> if test "$mingw32" = "no" ; then
> diff --git a/qemu-bridge-helper.c b/qemu-bridge-helper.c
> index 36eb3bc..0f795f4 100644
> --- a/qemu-bridge-helper.c
> +++ b/qemu-bridge-helper.c
> @@ -47,7 +47,8 @@
> #include <cap-ng.h>
> #endif
>
> -#define DEFAULT_ACL_FILE CONFIG_QEMU_CONFDIR "/bridge.conf"
> +#define DEFAULT_ACL_FILE CONFIG_QEMU_DEFAULTDIR "/bridge.conf"
> +#define SITE_ACL_FILE CONFIG_QEMU_CONFDIR "/bridge.conf"
>
> enum {
> ACL_ALLOW = 0,
> @@ -272,11 +273,13 @@ int main(int argc, char **argv)
>
> /* parse default acl file */
> QSIMPLEQ_INIT(&acl_list);
> - if (parse_acl_file(DEFAULT_ACL_FILE, &acl_list) == -1) {
> - fprintf(stderr, "failed to parse default acl file `%s'\n",
> - DEFAULT_ACL_FILE);
> - ret = EXIT_FAILURE;
> - goto cleanup;
> + if (parse_acl_file(SITE_ACL_FILE, &acl_list) == -1) {
> + if (parse_acl_file(DEFAULT_ACL_FILE, &acl_list) == -1) {
> + fprintf(stderr, "failed to parse default acl file `%s'\n",
> + DEFAULT_ACL_FILE);
> + ret = EXIT_FAILURE;
> + goto cleanup;
> + }
> }
>
> /* validate bridge against acl -- default policy is to deny
>
next prev parent reply other threads:[~2015-05-26 14:01 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-05-22 15:42 [Qemu-devel] [PATCH] arch_init: Use stateless configuration for default target_${target}.conf Ikey Doherty
2015-05-22 21:58 ` Eric Blake
2015-05-26 11:11 ` [Qemu-devel] [PATCH v2] " Ikey Doherty
2015-05-26 11:23 ` Paolo Bonzini
2015-05-26 12:54 ` [Qemu-devel] [PATCH v3 1/2] arch_init: Drop target-x86_64.conf Ikey Doherty
2015-05-26 12:54 ` [Qemu-devel] [PATCH v3 2/2] qemu-bridge-helper: Use stateless configuration for bridge.conf Ikey Doherty
2015-05-26 14:00 ` Paolo Bonzini [this message]
2015-05-26 16:38 ` Eduardo Habkost
2015-05-26 16:41 ` Ikey Doherty
2015-05-26 16:57 ` Eduardo Habkost
2015-05-27 14:02 ` Stefan Hajnoczi
2015-05-27 14:00 ` Stefan Hajnoczi
2015-05-26 14:00 ` [Qemu-devel] [PATCH v3 1/2] arch_init: Drop target-x86_64.conf Paolo Bonzini
2015-05-26 16:25 ` Eduardo Habkost
2015-05-26 16:29 ` Paolo Bonzini
2015-05-26 16:40 ` Eduardo Habkost
2015-05-26 16:51 ` Paolo Bonzini
2015-05-26 16:59 ` Eduardo Habkost
2015-05-26 16:30 ` Ikey Doherty
2015-05-26 15:37 ` Eric Blake
2015-05-26 17:01 ` Eduardo Habkost
2015-05-26 11:13 ` [Qemu-devel] [PATCH] arch_init: Use stateless configuration for default target_${target}.conf Ikey Doherty
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55647C97.9040302@redhat.com \
--to=pbonzini@redhat.com \
--cc=michael.i.doherty@intel.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.