From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:53824) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YxEN5-0005Ra-8v for qemu-devel@nongnu.org; Tue, 26 May 2015 08:54:16 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1YxEN1-00051z-Qn for qemu-devel@nongnu.org; Tue, 26 May 2015 08:54:15 -0400 Received: from mga09.intel.com ([134.134.136.24]:35791) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YxEN1-00051k-D8 for qemu-devel@nongnu.org; Tue, 26 May 2015 08:54:11 -0400 From: Ikey Doherty Date: Tue, 26 May 2015 13:54:07 +0100 Message-Id: <1432644847-7566-2-git-send-email-michael.i.doherty@intel.com> In-Reply-To: <1432644847-7566-1-git-send-email-michael.i.doherty@intel.com> References: <55645794.3020202@redhat.com> <1432644847-7566-1-git-send-email-michael.i.doherty@intel.com> Subject: [Qemu-devel] [PATCH v3 2/2] qemu-bridge-helper: Use stateless configuration for bridge.conf List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org The goal of stateless, and thus this change, is to separate OS configuration from system administrator configuration. With this change we will read the default configuration data from /usr/share/defaults/qemu, in the absence of an overriding site administrator configuration in /etc/qemu. A key advantage of this change is enabling a sane and immutable default OS configuration, that is resiliant to upgrades. Ultimate power is still left to the system administrator, with the ability to override the defaults if required. Lastly, given that the sane defaults are always available, the administrator may simply remove their site-config files to reset the configuration to the "factory defaults" (i.e. OS configuration). Signed-off-by: Ikey Doherty --- configure | 2 ++ qemu-bridge-helper.c | 15 +++++++++------ 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/configure b/configure index f758f32..a0b6477 100755 --- a/configure +++ b/configure @@ -4303,6 +4303,7 @@ fi qemu_confdir=$sysconfdir$confsuffix qemu_moddir=$libdir$confsuffix qemu_datadir=$datadir$confsuffix +qemu_defaultdir="$datadir/defaults$confsuffix" qemu_localedir="$datadir/locale" tools="" @@ -4543,6 +4544,7 @@ echo "mandir=$mandir" >> $config_host_mak echo "sysconfdir=$sysconfdir" >> $config_host_mak echo "qemu_confdir=$qemu_confdir" >> $config_host_mak echo "qemu_datadir=$qemu_datadir" >> $config_host_mak +echo "qemu_defaultdir=$qemu_defaultdir" >> $config_host_mak echo "qemu_docdir=$qemu_docdir" >> $config_host_mak echo "qemu_moddir=$qemu_moddir" >> $config_host_mak if test "$mingw32" = "no" ; then diff --git a/qemu-bridge-helper.c b/qemu-bridge-helper.c index 36eb3bc..0f795f4 100644 --- a/qemu-bridge-helper.c +++ b/qemu-bridge-helper.c @@ -47,7 +47,8 @@ #include #endif -#define DEFAULT_ACL_FILE CONFIG_QEMU_CONFDIR "/bridge.conf" +#define DEFAULT_ACL_FILE CONFIG_QEMU_DEFAULTDIR "/bridge.conf" +#define SITE_ACL_FILE CONFIG_QEMU_CONFDIR "/bridge.conf" enum { ACL_ALLOW = 0, @@ -272,11 +273,13 @@ int main(int argc, char **argv) /* parse default acl file */ QSIMPLEQ_INIT(&acl_list); - if (parse_acl_file(DEFAULT_ACL_FILE, &acl_list) == -1) { - fprintf(stderr, "failed to parse default acl file `%s'\n", - DEFAULT_ACL_FILE); - ret = EXIT_FAILURE; - goto cleanup; + if (parse_acl_file(SITE_ACL_FILE, &acl_list) == -1) { + if (parse_acl_file(DEFAULT_ACL_FILE, &acl_list) == -1) { + fprintf(stderr, "failed to parse default acl file `%s'\n", + DEFAULT_ACL_FILE); + ret = EXIT_FAILURE; + goto cleanup; + } } /* validate bridge against acl -- default policy is to deny -- 1.9.1