[Qemu-devel] [PATCH v3 2/2] qemu-bridge-helper: Use stateless configuration for bridge.conf

Tue, 26 May 2015 05:57:47 -0700 

The goal of stateless, and thus this change, is to separate OS configuration
from system administrator configuration. With this change we will read the
default configuration data from /usr/share/defaults/qemu, in the absence of
an overriding site administrator configuration in /etc/qemu.

A key advantage of this change is enabling a sane and immutable default OS
configuration, that is resiliant to upgrades. Ultimate power is still left
to the system administrator, with the ability to override the defaults if
required. Lastly, given that the sane defaults are always available, the
administrator may simply remove their site-config files to reset the
configuration to the "factory defaults" (i.e. OS configuration).

Signed-off-by: Ikey Doherty <michael.i.dohe...@intel.com>
---
 configure            |  2 ++
 qemu-bridge-helper.c | 15 +++++++++------
 2 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/configure b/configure
index f758f32..a0b6477 100755
--- a/configure
+++ b/configure
@@ -4303,6 +4303,7 @@ fi
 qemu_confdir=$sysconfdir$confsuffix
 qemu_moddir=$libdir$confsuffix
 qemu_datadir=$datadir$confsuffix
+qemu_defaultdir="$datadir/defaults$confsuffix"
 qemu_localedir="$datadir/locale"
 
 tools=""
@@ -4543,6 +4544,7 @@ echo "mandir=$mandir" >> $config_host_mak
 echo "sysconfdir=$sysconfdir" >> $config_host_mak
 echo "qemu_confdir=$qemu_confdir" >> $config_host_mak
 echo "qemu_datadir=$qemu_datadir" >> $config_host_mak
+echo "qemu_defaultdir=$qemu_defaultdir" >> $config_host_mak
 echo "qemu_docdir=$qemu_docdir" >> $config_host_mak
 echo "qemu_moddir=$qemu_moddir" >> $config_host_mak
 if test "$mingw32" = "no" ; then
diff --git a/qemu-bridge-helper.c b/qemu-bridge-helper.c
index 36eb3bc..0f795f4 100644
--- a/qemu-bridge-helper.c
+++ b/qemu-bridge-helper.c
@@ -47,7 +47,8 @@
 #include <cap-ng.h>
 #endif
 
-#define DEFAULT_ACL_FILE CONFIG_QEMU_CONFDIR "/bridge.conf"
+#define DEFAULT_ACL_FILE CONFIG_QEMU_DEFAULTDIR "/bridge.conf"
+#define SITE_ACL_FILE    CONFIG_QEMU_CONFDIR    "/bridge.conf"
 
 enum {
     ACL_ALLOW = 0,
@@ -272,11 +273,13 @@ int main(int argc, char **argv)
 
     /* parse default acl file */
     QSIMPLEQ_INIT(&acl_list);
-    if (parse_acl_file(DEFAULT_ACL_FILE, &acl_list) == -1) {
-        fprintf(stderr, "failed to parse default acl file `%s'\n",
-                DEFAULT_ACL_FILE);
-        ret = EXIT_FAILURE;
-        goto cleanup;
+    if (parse_acl_file(SITE_ACL_FILE, &acl_list) == -1) {
+        if (parse_acl_file(DEFAULT_ACL_FILE, &acl_list) == -1) {
+            fprintf(stderr, "failed to parse default acl file `%s'\n",
+                    DEFAULT_ACL_FILE);
+            ret = EXIT_FAILURE;
+            goto cleanup;
+        }
     }
 
     /* validate bridge against acl -- default policy is to deny
-- 
1.9.1

Reply via email to