Disable sound cards when running sVirt

2009-03-17 16:00:54 +00:00 · 2009-03-17 16:00:54 +00:00 · a09fc2658a
commit a09fc2658a
parent a008fcf27e
2 changed files with 41 additions and 0 deletions
--- a/libvirt-0.6.1-svirt-sound.patch
+++ b/libvirt-0.6.1-svirt-sound.patch
@ -0,0 +1,35 @@
+diff -rup libvirt-0.6.1.orig/src/qemu_conf.c libvirt-0.6.1.new/src/qemu_conf.c
+--- libvirt-0.6.1.orig/src/qemu_conf.c	2009-03-17 11:57:04.000000000 +0000
+++ libvirt-0.6.1.new/src/qemu_conf.c	2009-03-17 15:50:08.000000000 +0000
+@@ -757,6 +757,20 @@ int qemudBuildCommandLine(virConnectPtr 
+     char uuid[VIR_UUID_STRING_BUFLEN];
+     char domid[50];
+     char *pidfile;
+    int skipSound = 0;
+
+    if (driver->securityDriver &&
+        driver->securityDriver->name &&
+        STREQ(driver->securityDriver->name, "selinux") &&
+        getuid == 0) {
+        static int soundWarned = 0; 
+        skipSound = 1;
+        if (vm->def->nsounds &&
+            !soundWarned) {
+            soundWarned = 1;
+            VIR_WARN0("Sound cards for VMs are disabled while SELinux security model is active");
+        }
+    }
+ 
+     uname_normalize(&ut);
+ 
+@@ -1364,7 +1378,8 @@ int qemudBuildCommandLine(virConnectPtr 
+     }
+ 
+     /* Add sound hardware */
+-    if (vm->def->nsounds) {
+    if (vm->def->nsounds &&
+        !skipSound) {
+         int size = 100;
+         char *modstr;
+         if (VIR_ALLOC_N(modstr, size+1) < 0)
+Only in libvirt-0.6.1.new/src: qemu_conf.c~
--- a/libvirt.spec
+++ b/libvirt.spec
@ -66,6 +66,10 @@ Patch11: libvirt-0.6.1-svirt-shared-readonly.patch
 # Not upstream yet - pending QEMU merge
 Patch100: libvirt-0.6.1-vnc-sasl-auth.patch

+# Not for upstream. Temporary hack till PulseAudio autostart
+# problems are sorted out when SELinux enforcing
+Patch200: libvirt-0.6.1-svirt-sound.patch
+
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
 URL: http://libvirt.org/
 BuildRequires: python python-devel
@ -209,6 +213,7 @@ of recent versions of Linux (and other OSes).
 %patch11 -p1

 %patch100 -p1
+%patch200 -p1

 mv NEWS NEWS.old
 iconv -f ISO-8859-1 -t UTF-8 < NEWS.old > NEWS
@ -503,6 +508,7 @@ fi
 %changelog
 * Tue Mar 17 2009 Daniel P. Berrange <berrange@redhat.com> - 0.6.1-5.fc11
 - Don't relabel shared/readonly disks
+- Disable sound cards when running sVirt

 * Tue Mar 17 2009 Daniel P. Berrange <berrange@redhat.com> - 0.6.1-4.fc11
 - Fix memory allocation for xend lookup