CCing maintainer.
Paolo
On 26/05/2015 14:54, Ikey Doherty wrote:
> The goal of stateless, and thus this change, is to separate OS configuration
> from system administrator configuration. With this change we will read the
> default configuration data from /usr/share/defaults/qemu, in the absence of
> an overriding site administrator configuration in /etc/qemu.
>
> A key advantage of this change is enabling a sane and immutable default OS
> configuration, that is resiliant to upgrades. Ultimate power is still left
> to the system administrator, with the ability to override the defaults if
> required. Lastly, given that the sane defaults are always available, the
> administrator may simply remove their site-config files to reset the
> configuration to the "factory defaults" (i.e. OS configuration).
>
> Signed-off-by: Ikey Doherty <michael.i.dohe...@intel.com>
> ---
> configure | 2 ++
> qemu-bridge-helper.c | 15 +++++++++------
> 2 files changed, 11 insertions(+), 6 deletions(-)
>
> diff --git a/configure b/configure
> index f758f32..a0b6477 100755
> --- a/configure
> +++ b/configure
> @@ -4303,6 +4303,7 @@ fi
> qemu_confdir=$sysconfdir$confsuffix
> qemu_moddir=$libdir$confsuffix
> qemu_datadir=$datadir$confsuffix
> +qemu_defaultdir="$datadir/defaults$confsuffix"
> qemu_localedir="$datadir/locale"
>
> tools=""
> @@ -4543,6 +4544,7 @@ echo "mandir=$mandir" >> $config_host_mak
> echo "sysconfdir=$sysconfdir" >> $config_host_mak
> echo "qemu_confdir=$qemu_confdir" >> $config_host_mak
> echo "qemu_datadir=$qemu_datadir" >> $config_host_mak
> +echo "qemu_defaultdir=$qemu_defaultdir" >> $config_host_mak
> echo "qemu_docdir=$qemu_docdir" >> $config_host_mak
> echo "qemu_moddir=$qemu_moddir" >> $config_host_mak
> if test "$mingw32" = "no" ; then
> diff --git a/qemu-bridge-helper.c b/qemu-bridge-helper.c
> index 36eb3bc..0f795f4 100644
> --- a/qemu-bridge-helper.c
> +++ b/qemu-bridge-helper.c
> @@ -47,7 +47,8 @@
> #include <cap-ng.h>
> #endif
>
> -#define DEFAULT_ACL_FILE CONFIG_QEMU_CONFDIR "/bridge.conf"
> +#define DEFAULT_ACL_FILE CONFIG_QEMU_DEFAULTDIR "/bridge.conf"
> +#define SITE_ACL_FILE CONFIG_QEMU_CONFDIR "/bridge.conf"
>
> enum {
> ACL_ALLOW = 0,
> @@ -272,11 +273,13 @@ int main(int argc, char **argv)
>
> /* parse default acl file */
> QSIMPLEQ_INIT(&acl_list);
> - if (parse_acl_file(DEFAULT_ACL_FILE, &acl_list) == -1) {
> - fprintf(stderr, "failed to parse default acl file `%s'\n",
> - DEFAULT_ACL_FILE);
> - ret = EXIT_FAILURE;
> - goto cleanup;
> + if (parse_acl_file(SITE_ACL_FILE, &acl_list) == -1) {
> + if (parse_acl_file(DEFAULT_ACL_FILE, &acl_list) == -1) {
> + fprintf(stderr, "failed to parse default acl file `%s'\n",
> + DEFAULT_ACL_FILE);
> + ret = EXIT_FAILURE;
> + goto cleanup;
> + }
> }
>
> /* validate bridge against acl -- default policy is to deny
>
