qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed
From: Ikey Doherty <michael.i.doherty@intel.com>
To: qemu-devel@nongnu.org
Subject: [Qemu-devel] [PATCH v3 2/2] qemu-bridge-helper: Use stateless configuration for bridge.conf
Date: Tue, 26 May 2015 13:54:07 +0100	[thread overview]
Message-ID: <1432644847-7566-2-git-send-email-michael.i.doherty@intel.com> (raw)
In-Reply-To: <1432644847-7566-1-git-send-email-michael.i.doherty@intel.com>

The goal of stateless, and thus this change, is to separate OS configuration
from system administrator configuration. With this change we will read the
default configuration data from /usr/share/defaults/qemu, in the absence of
an overriding site administrator configuration in /etc/qemu.

A key advantage of this change is enabling a sane and immutable default OS
configuration, that is resiliant to upgrades. Ultimate power is still left
to the system administrator, with the ability to override the defaults if
required. Lastly, given that the sane defaults are always available, the
administrator may simply remove their site-config files to reset the
configuration to the "factory defaults" (i.e. OS configuration).

Signed-off-by: Ikey Doherty <michael.i.doherty@intel.com>
---
 configure            |  2 ++
 qemu-bridge-helper.c | 15 +++++++++------
 2 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/configure b/configure
index f758f32..a0b6477 100755
--- a/configure
+++ b/configure
@@ -4303,6 +4303,7 @@ fi
 qemu_confdir=$sysconfdir$confsuffix
 qemu_moddir=$libdir$confsuffix
 qemu_datadir=$datadir$confsuffix
+qemu_defaultdir="$datadir/defaults$confsuffix"
 qemu_localedir="$datadir/locale"
 
 tools=""
@@ -4543,6 +4544,7 @@ echo "mandir=$mandir" >> $config_host_mak
 echo "sysconfdir=$sysconfdir" >> $config_host_mak
 echo "qemu_confdir=$qemu_confdir" >> $config_host_mak
 echo "qemu_datadir=$qemu_datadir" >> $config_host_mak
+echo "qemu_defaultdir=$qemu_defaultdir" >> $config_host_mak
 echo "qemu_docdir=$qemu_docdir" >> $config_host_mak
 echo "qemu_moddir=$qemu_moddir" >> $config_host_mak
 if test "$mingw32" = "no" ; then
diff --git a/qemu-bridge-helper.c b/qemu-bridge-helper.c
index 36eb3bc..0f795f4 100644
--- a/qemu-bridge-helper.c
+++ b/qemu-bridge-helper.c
@@ -47,7 +47,8 @@
 #include <cap-ng.h>
 #endif
 
-#define DEFAULT_ACL_FILE CONFIG_QEMU_CONFDIR "/bridge.conf"
+#define DEFAULT_ACL_FILE CONFIG_QEMU_DEFAULTDIR "/bridge.conf"
+#define SITE_ACL_FILE    CONFIG_QEMU_CONFDIR    "/bridge.conf"
 
 enum {
     ACL_ALLOW = 0,
@@ -272,11 +273,13 @@ int main(int argc, char **argv)
 
     /* parse default acl file */
     QSIMPLEQ_INIT(&acl_list);
-    if (parse_acl_file(DEFAULT_ACL_FILE, &acl_list) == -1) {
-        fprintf(stderr, "failed to parse default acl file `%s'\n",
-                DEFAULT_ACL_FILE);
-        ret = EXIT_FAILURE;
-        goto cleanup;
+    if (parse_acl_file(SITE_ACL_FILE, &acl_list) == -1) {
+        if (parse_acl_file(DEFAULT_ACL_FILE, &acl_list) == -1) {
+            fprintf(stderr, "failed to parse default acl file `%s'\n",
+                    DEFAULT_ACL_FILE);
+            ret = EXIT_FAILURE;
+            goto cleanup;
+        }
     }
 
     /* validate bridge against acl -- default policy is to deny
-- 
1.9.1

  reply	other threads:[~2015-05-26 12:54 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-05-22 15:42 [Qemu-devel] [PATCH] arch_init: Use stateless configuration for default target_${target}.conf Ikey Doherty
2015-05-22 21:58 ` Eric Blake
2015-05-26 11:11   ` [Qemu-devel] [PATCH v2] " Ikey Doherty
2015-05-26 11:23     ` Paolo Bonzini
2015-05-26 12:54       ` [Qemu-devel] [PATCH v3 1/2] arch_init: Drop target-x86_64.conf Ikey Doherty
2015-05-26 12:54         ` Ikey Doherty [this message]
2015-05-26 14:00           ` [Qemu-devel] [PATCH v3 2/2] qemu-bridge-helper: Use stateless configuration for bridge.conf Paolo Bonzini
2015-05-26 16:38           ` Eduardo Habkost
2015-05-26 16:41             ` Ikey Doherty
2015-05-26 16:57               ` Eduardo Habkost
2015-05-27 14:02                 ` Stefan Hajnoczi
2015-05-27 14:00           ` Stefan Hajnoczi
2015-05-26 14:00         ` [Qemu-devel] [PATCH v3 1/2] arch_init: Drop target-x86_64.conf Paolo Bonzini
2015-05-26 16:25           ` Eduardo Habkost
2015-05-26 16:29             ` Paolo Bonzini
2015-05-26 16:40               ` Eduardo Habkost
2015-05-26 16:51                 ` Paolo Bonzini
2015-05-26 16:59                   ` Eduardo Habkost
2015-05-26 16:30             ` Ikey Doherty
2015-05-26 15:37         ` Eric Blake
2015-05-26 17:01         ` Eduardo Habkost
2015-05-26 11:13   ` [Qemu-devel] [PATCH] arch_init: Use stateless configuration for default target_${target}.conf Ikey Doherty

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1432644847-7566-2-git-send-email-michael.i.doherty@intel.com \
    --to=michael.i.doherty@intel.com \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).