From a09fc2658ababa17c26d7e4fc585662cac493d9c Mon Sep 17 00:00:00 2001
From: Daniel P. Berrange <berrange@fedoraproject.org>
Date: Mar 17 2009 16:00:54 +0000
Subject: Disable sound cards when running sVirt


---

diff --git a/libvirt-0.6.1-svirt-sound.patch b/libvirt-0.6.1-svirt-sound.patch
new file mode 100644
index 0000000..c9b62c0
--- /dev/null
+++ b/libvirt-0.6.1-svirt-sound.patch
@@ -0,0 +1,35 @@
+diff -rup libvirt-0.6.1.orig/src/qemu_conf.c libvirt-0.6.1.new/src/qemu_conf.c
+--- libvirt-0.6.1.orig/src/qemu_conf.c	2009-03-17 11:57:04.000000000 +0000
++++ libvirt-0.6.1.new/src/qemu_conf.c	2009-03-17 15:50:08.000000000 +0000
+@@ -757,6 +757,20 @@ int qemudBuildCommandLine(virConnectPtr 
+     char uuid[VIR_UUID_STRING_BUFLEN];
+     char domid[50];
+     char *pidfile;
++    int skipSound = 0;
++
++    if (driver->securityDriver &&
++        driver->securityDriver->name &&
++        STREQ(driver->securityDriver->name, "selinux") &&
++        getuid == 0) {
++        static int soundWarned = 0; 
++        skipSound = 1;
++        if (vm->def->nsounds &&
++            !soundWarned) {
++            soundWarned = 1;
++            VIR_WARN0("Sound cards for VMs are disabled while SELinux security model is active");
++        }
++    }
+ 
+     uname_normalize(&ut);
+ 
+@@ -1364,7 +1378,8 @@ int qemudBuildCommandLine(virConnectPtr 
+     }
+ 
+     /* Add sound hardware */
+-    if (vm->def->nsounds) {
++    if (vm->def->nsounds &&
++        !skipSound) {
+         int size = 100;
+         char *modstr;
+         if (VIR_ALLOC_N(modstr, size+1) < 0)
+Only in libvirt-0.6.1.new/src: qemu_conf.c~
diff --git a/libvirt.spec b/libvirt.spec
index f705e3e..4dea193 100644
--- a/libvirt.spec
+++ b/libvirt.spec
@@ -66,6 +66,10 @@ Patch11: libvirt-0.6.1-svirt-shared-readonly.patch
 # Not upstream yet - pending QEMU merge
 Patch100: libvirt-0.6.1-vnc-sasl-auth.patch
 
+# Not for upstream. Temporary hack till PulseAudio autostart
+# problems are sorted out when SELinux enforcing
+Patch200: libvirt-0.6.1-svirt-sound.patch
+
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
 URL: http://libvirt.org/
 BuildRequires: python python-devel
@@ -209,6 +213,7 @@ of recent versions of Linux (and other OSes).
 %patch11 -p1
 
 %patch100 -p1
+%patch200 -p1
 
 mv NEWS NEWS.old
 iconv -f ISO-8859-1 -t UTF-8 < NEWS.old > NEWS
@@ -503,6 +508,7 @@ fi
 %changelog
 * Tue Mar 17 2009 Daniel P. Berrange <berrange@redhat.com> - 0.6.1-5.fc11
 - Don't relabel shared/readonly disks
+- Disable sound cards when running sVirt
 
 * Tue Mar 17 2009 Daniel P. Berrange <berrange@redhat.com> - 0.6.1-4.fc11
 - Fix memory allocation for xend lookup