November 2007 - Devel - Libvirt List Archives

[Libvir] Building libvirt-0.3.3 on CentOS4

by Carl Jones

Hi, I'm trying to build libvirt-0.3.3 on a CentOS4 machine. But I'm hitting this error while running 'make': ./configure --with-init-script=redhat --without-qemu --without-remote --without-test --with-xen --without-openvz --without-avahi [...] make[2]: Entering directory `/usr/src/redhat/SOURCES/libvirt-0.3.3/src' gcc -DHAVE_CONFIG_H -I. -I.. -I../include -I../include -I../qemud -I/usr/include/libxml2 -DBINDIR=\""/usr/local/libexec"\" -DSBINDIR=\""/usr/local/sbin"\" -DSYSCONF_DIR="\"/usr/local/etc\"" -DLOCALEBASEDIR=\""/usr/local/share/locale"\" -DLOCAL_STATE_DIR=\""/usr/local/var"\" -DGETTEXT_PACKAGE=\"libvirt\" -Wall -Wmissing-prototypes -Wnested-externs -Wpointer-arith -Wextra -Wshadow -Wcast-align -Wwrite-strings -Waggregate-return -Wstrict-prototypes -Winline -Wredundant-decls -Wno-sign-compare -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fasynchronous-unwind-tables -DWITH_XEN -g -O2 -MT virsh-virsh.o -MD -MP -MF .deps/virsh-virsh.Tpo -c -o virsh-virsh.o `test -f 'virsh.c' || echo './'`virsh.c virsh.c: In function `vshOutputLogFile': virsh.c:4577: warning: implicit declaration of function `localtime' virsh.c:4577: warning: nested extern declaration of `localtime' virsh.c:4577: warning: assignment makes pointer from integer without a cast virsh.c:4578: error: dereferencing pointer to incomplete type virsh.c:4578: error: dereferencing pointer to incomplete type virsh.c:4578: error: dereferencing pointer to incomplete type virsh.c:4578: error: dereferencing pointer to incomplete type virsh.c:4578: error: dereferencing pointer to incomplete type virsh.c:4578: error: dereferencing pointer to incomplete type make[2]: *** [virsh-virsh.o] Error 1 make[2]: Leaving directory `/usr/src/redhat/SOURCES/libvirt-0.3.3/src' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/usr/src/redhat/SOURCES/libvirt-0.3.3' make: *** [all] Error 2 I've tried building from CVS, but that fails also (different issue). Any ideas? I've grabbed the newer gnutls from CentOS5, and other dependencies are already installed. Regards, Carl

16 years, 12 months

3
2
0 / 0

[Libvir] libvirt: serving to web interface (swarm idea!)

by Grabber

Yeah, I'm focused to develop a decente web interface to manage Xen using libvirt. I have some ideas for the interface, can anyone help me saying: this is cool, this doesn't work?! The main idea for migrate virtual machines is use the swarm concept (you can look it at: http://www.jasoncoleman.net/images/Azureus_Swarm.png), can this be usable? For more informations about the project see: http://code.google.com/p/xenonrails/ (I'm starting this today ;) ) -- Regards, Luiz Vitor Martinez Cardoso [Grabber]. (11) 8187-8662 Student of Eletrical Engineer at maua.br

16 years, 12 months

2
2
0 / 0

[Libvir] [PATCH] BZ#251641: Allow to change the cpu pinning for inactive domain

by Saori Fukuta

Hi, I want to change the cpu pinning for inactive domain on RHEL-5.1. So, I just add the xenXMDomainPinVcpu to xm_internal.c. We will be allowed to change "cpus" parameter in configuration file with "vcpupin" command by this patch, like "setmem" or "setvcpus". There is 2 things to note: - This is an effective feature for inactive domain with Xen3.0.3 (less than 3 of xendConfigVersion). - On the above environment, the number which specified as <vcpu> is ignored, because the virtual CPUs is not present when domain is shut off. So, when executing "vcpupin" command with this option # virsh vcpupin Guest 0 1 "0"(vcpu) is ignored and "1"(cpulist) is set to configuration file as "cpus". # cat /etc/xen/Guest | grep cpus cpus = "1" Regards, Saori Fukuta

16 years, 12 months

3
7
0 / 0

[Libvir] [PATCH] (vshCloseLogFile): Diagnose close/write failure.

by Jim Meyering

I noticed a minor problem in vshCloseLogFile. Although callers do check for log-file write failure, this function doesn't check for close failure (which can happen, and indicates a write failure). I considered changing the function to return an int and propagating that success/failure "up" to callers, but that change is more invasive, and I'm not sure it's desirable. If any of you prefer it, let me know and I'll rewrite accordingly: Also slightly ugly: ctl->logfile may be null, so if/when it is (however unlikely), the diagnostic prints "?" as the file name rather than trying to dereference a NULL pointer. * src/virsh.c (vshCloseLogFile): Diagnose close/write failure. --- src/virsh.c | 4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) diff --git a/src/virsh.c b/src/virsh.c index 5b50524..86f5b8b 100644 --- a/src/virsh.c +++ b/src/virsh.c @@ -4643,7 +4643,9 @@ vshCloseLogFile(vshControl *ctl) { /* log file close */ if (ctl->log_fd >= 0) { - close(ctl->log_fd); + if (close(ctl->log_fd) < 0) + vshError(ctl, FALSE, _("%s: failed to write log file: %s") + ctl->logfile ? ctl->logfile : "?", strerror (errno)); ctl->log_fd = -1; } -- 1.5.3.6.961.gecf4

16 years, 12 months

2
1
0 / 0

[Libvir] Web page for libvirt on Windows

by Richard W.M. Jones

Just a note to say that there is a web page tracking the status of libvirt, virt-manager, etc. on Windows. http://libvirt.org/windows.html Not a lot there at the moment! Rich. -- Emerging Technologies, Red Hat - http://et.redhat.com/~rjones/ Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SL4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 03798903

16 years, 12 months

1
0
0 / 0

[Libvir] [PATCH] When reporting errors, use "conn" whenever possible.

by Jim Meyering

Here's a first cut at cleaning up. There are more ab/uses in other files, but nowhere near as many as in this one, so I'm starting here: When reporting errors, use "conn" whenever possible. * src/remote_internal.c: change all error (NULL, ... to error (conn, ... (check_cert_file): Add+use parameter, conn. Adjust callers. (initialise_gnutls): The "conn" parameter *is* used, so remove ATTRIBUTE_UNUSED. Suggested by Richard Jones. --- src/remote_internal.c | 90 ++++++++++++++++++++++++------------------------ 1 files changed, 45 insertions(+), 45 deletions(-) diff --git a/src/remote_internal.c b/src/remote_internal.c index c365ff8..40c12c7 100644 --- a/src/remote_internal.c +++ b/src/remote_internal.c @@ -280,7 +280,7 @@ doRemoteOpen (virConnectPtr conn, struct private_data *priv, else if (strcasecmp (transport_str, "tcp") == 0) transport = trans_tcp; else { - error (NULL, VIR_ERR_INVALID_ARG, + error (conn, VIR_ERR_INVALID_ARG, "remote_open: transport in URL not recognised " "(should be tls|unix|ssh|ext|tcp)"); return VIR_DRV_OPEN_ERROR; @@ -308,7 +308,7 @@ doRemoteOpen (virConnectPtr conn, struct private_data *priv, server = strdup (uri->server ? uri->server : "localhost"); if (!server) { out_of_memory: - error (NULL, VIR_ERR_NO_MEMORY, "duplicating server name"); + error (conn, VIR_ERR_NO_MEMORY, "duplicating server name"); goto failed; } if (uri->port != 0) { @@ -394,7 +394,7 @@ doRemoteOpen (virConnectPtr conn, struct private_data *priv, /* For ext transport, command is required. */ if (transport == trans_ext && !command) { - error (NULL, VIR_ERR_INVALID_ARG, "remote_open: for 'ext' transport, command is required"); + error (conn, VIR_ERR_INVALID_ARG, "remote_open: for 'ext' transport, command is required"); goto failed; } @@ -438,7 +438,7 @@ doRemoteOpen (virConnectPtr conn, struct private_data *priv, hints.ai_flags = AI_ADDRCONFIG; int e = getaddrinfo (server, port, &hints, &res); if (e != 0) { - error (NULL, VIR_ERR_INVALID_ARG, gai_strerror (e)); + error (conn, VIR_ERR_INVALID_ARG, gai_strerror (e)); goto failed; } @@ -458,7 +458,7 @@ doRemoteOpen (virConnectPtr conn, struct private_data *priv, priv->sock = socket (r->ai_family, SOCK_STREAM, 0); if (priv->sock == -1) { - error (NULL, VIR_ERR_SYSTEM_ERROR, strerror (errno)); + error (conn, VIR_ERR_SYSTEM_ERROR, strerror (errno)); continue; } @@ -468,7 +468,7 @@ doRemoteOpen (virConnectPtr conn, struct private_data *priv, sizeof no_slow_start); if (connect (priv->sock, r->ai_addr, r->ai_addrlen) == -1) { - error (NULL, VIR_ERR_SYSTEM_ERROR, strerror (errno)); + error (conn, VIR_ERR_SYSTEM_ERROR, strerror (errno)); close (priv->sock); continue; } @@ -504,12 +504,12 @@ doRemoteOpen (virConnectPtr conn, struct private_data *priv, uid_t uid = getuid(); if (!(pw = getpwuid(uid))) { - error (NULL, VIR_ERR_SYSTEM_ERROR, strerror (errno)); + error (conn, VIR_ERR_SYSTEM_ERROR, strerror (errno)); goto failed; } if (asprintf (&sockname, "@%s" LIBVIRTD_USER_UNIX_SOCKET, pw->pw_dir) < 0) { - error (NULL, VIR_ERR_SYSTEM_ERROR, strerror (errno)); + error (conn, VIR_ERR_SYSTEM_ERROR, strerror (errno)); goto failed; } } else { @@ -518,7 +518,7 @@ doRemoteOpen (virConnectPtr conn, struct private_data *priv, else sockname = strdup (LIBVIRTD_PRIV_UNIX_SOCKET); if (sockname == NULL) { - error (NULL, VIR_ERR_SYSTEM_ERROR, strerror (errno)); + error (conn, VIR_ERR_SYSTEM_ERROR, strerror (errno)); goto failed; } } @@ -539,7 +539,7 @@ doRemoteOpen (virConnectPtr conn, struct private_data *priv, autostart_retry: priv->sock = socket (AF_UNIX, SOCK_STREAM, 0); if (priv->sock == -1) { - error (NULL, VIR_ERR_SYSTEM_ERROR, strerror (errno)); + error (conn, VIR_ERR_SYSTEM_ERROR, strerror (errno)); goto failed; } if (connect (priv->sock, (struct sockaddr *) &addr, sizeof addr) == -1) { @@ -561,7 +561,7 @@ doRemoteOpen (virConnectPtr conn, struct private_data *priv, goto autostart_retry; } } - error (NULL, VIR_ERR_SYSTEM_ERROR, strerror (errno)); + error (conn, VIR_ERR_SYSTEM_ERROR, strerror (errno)); goto failed; } @@ -576,7 +576,7 @@ doRemoteOpen (virConnectPtr conn, struct private_data *priv, command = command ? : strdup ("ssh"); if (command == NULL) { - error (NULL, VIR_ERR_SYSTEM_ERROR, strerror (errno)); + error (conn, VIR_ERR_SYSTEM_ERROR, strerror (errno)); goto failed; } @@ -584,7 +584,7 @@ doRemoteOpen (virConnectPtr conn, struct private_data *priv, // ssh -p $port [-l $username] $hostname $netcat -U $sockname [NULL] cmd_argv = malloc (nr_args * sizeof (char *)); if (cmd_argv == NULL) { - error (NULL, VIR_ERR_SYSTEM_ERROR, strerror (errno)); + error (conn, VIR_ERR_SYSTEM_ERROR, strerror (errno)); goto failed; } @@ -611,7 +611,7 @@ doRemoteOpen (virConnectPtr conn, struct private_data *priv, assert (j == nr_args); for (j = 0; j < nr_args; j++) if (cmd_argv[j] == NULL) { - error (NULL, VIR_ERR_SYSTEM_ERROR, strerror (ENOMEM)); + error (conn, VIR_ERR_SYSTEM_ERROR, strerror (ENOMEM)); goto failed; } } @@ -626,13 +626,13 @@ doRemoteOpen (virConnectPtr conn, struct private_data *priv, * to faff around with two file descriptors (a la 'pipe(2)'). */ if (socketpair (PF_UNIX, SOCK_STREAM, 0, sv) == -1) { - error (NULL, VIR_ERR_SYSTEM_ERROR, strerror (errno)); + error (conn, VIR_ERR_SYSTEM_ERROR, strerror (errno)); goto failed; } pid = fork (); if (pid == -1) { - error (NULL, VIR_ERR_SYSTEM_ERROR, strerror (errno)); + error (conn, VIR_ERR_SYSTEM_ERROR, strerror (errno)); goto failed; } else if (pid == 0) { /* Child. */ close (sv[0]); @@ -647,7 +647,7 @@ doRemoteOpen (virConnectPtr conn, struct private_data *priv, if (!cmd_argv) { cmd_argv = malloc (2 * sizeof (char *)); if (cmd_argv == NULL) { - error (NULL, VIR_ERR_SYSTEM_ERROR, strerror (errno)); + error (conn, VIR_ERR_SYSTEM_ERROR, strerror (errno)); goto failed; } cmd_argv[0] = command; @@ -724,7 +724,7 @@ remoteOpen (virConnectPtr conn, xmlURIPtr uri, int flags) priv = malloc (sizeof(struct private_data)); if (!priv) { - error (NULL, VIR_ERR_NO_MEMORY, "struct private_data"); + error (conn, VIR_ERR_NO_MEMORY, "struct private_data"); return VIR_DRV_OPEN_ERROR; } @@ -947,11 +947,11 @@ static gnutls_certificate_credentials_t x509_cred; static int -check_cert_file (const char *type, const char *file) +check_cert_file (virConnectPtr conn, const char *type, const char *file) { struct stat sb; if (stat(file, &sb) < 0) { - __virRaiseError (NULL, NULL, NULL, VIR_FROM_REMOTE, VIR_ERR_RPC, + __virRaiseError (conn, NULL, NULL, VIR_FROM_REMOTE, VIR_ERR_RPC, VIR_ERR_ERROR, LIBVIRT_CACERT, NULL, NULL, 0, 0, "Cannot access %s '%s': %s (%d)", type, file, strerror(errno), errno); @@ -962,7 +962,7 @@ check_cert_file (const char *type, const char *file) static int -initialise_gnutls (virConnectPtr conn ATTRIBUTE_UNUSED) +initialise_gnutls (virConnectPtr conn) { static int initialised = 0; int err; @@ -974,16 +974,16 @@ initialise_gnutls (virConnectPtr conn ATTRIBUTE_UNUSED) /* X509 stuff */ err = gnutls_certificate_allocate_credentials (&x509_cred); if (err) { - error (NULL, VIR_ERR_GNUTLS_ERROR, gnutls_strerror (err)); + error (conn, VIR_ERR_GNUTLS_ERROR, gnutls_strerror (err)); return -1; } - if (check_cert_file("CA certificate", LIBVIRT_CACERT) < 0) + if (check_cert_file(conn, "CA certificate", LIBVIRT_CACERT) < 0) return -1; - if (check_cert_file("client key", LIBVIRT_CLIENTKEY) < 0) + if (check_cert_file(conn, "client key", LIBVIRT_CLIENTKEY) < 0) return -1; - if (check_cert_file("client certificate", LIBVIRT_CLIENTCERT) < 0) + if (check_cert_file(conn, "client certificate", LIBVIRT_CLIENTCERT) < 0) return -1; /* Set the trusted CA cert. */ @@ -994,7 +994,7 @@ initialise_gnutls (virConnectPtr conn ATTRIBUTE_UNUSED) gnutls_certificate_set_x509_trust_file (x509_cred, LIBVIRT_CACERT, GNUTLS_X509_FMT_PEM); if (err < 0) { - error (NULL, VIR_ERR_GNUTLS_ERROR, gnutls_strerror (err)); + error (conn, VIR_ERR_GNUTLS_ERROR, gnutls_strerror (err)); return -1; } @@ -1009,7 +1009,7 @@ initialise_gnutls (virConnectPtr conn ATTRIBUTE_UNUSED) LIBVIRT_CLIENTKEY, GNUTLS_X509_FMT_PEM); if (err < 0) { - error (NULL, VIR_ERR_GNUTLS_ERROR, gnutls_strerror (err)); + error (conn, VIR_ERR_GNUTLS_ERROR, gnutls_strerror (err)); return -1; } @@ -1035,21 +1035,21 @@ negotiate_gnutls_on_connection (virConnectPtr conn, */ err = gnutls_init (&session, GNUTLS_CLIENT); if (err) { - error (NULL, VIR_ERR_GNUTLS_ERROR, gnutls_strerror (err)); + error (conn, VIR_ERR_GNUTLS_ERROR, gnutls_strerror (err)); return NULL; } /* Use default priorities */ err = gnutls_set_default_priority (session); if (err) { - error (NULL, VIR_ERR_GNUTLS_ERROR, gnutls_strerror (err)); + error (conn, VIR_ERR_GNUTLS_ERROR, gnutls_strerror (err)); return NULL; } err = gnutls_certificate_type_set_priority (session, cert_type_priority); if (err) { - error (NULL, VIR_ERR_GNUTLS_ERROR, gnutls_strerror (err)); + error (conn, VIR_ERR_GNUTLS_ERROR, gnutls_strerror (err)); return NULL; } @@ -1057,7 +1057,7 @@ negotiate_gnutls_on_connection (virConnectPtr conn, */ err = gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, x509_cred); if (err) { - error (NULL, VIR_ERR_GNUTLS_ERROR, gnutls_strerror (err)); + error (conn, VIR_ERR_GNUTLS_ERROR, gnutls_strerror (err)); return NULL; } @@ -1070,7 +1070,7 @@ negotiate_gnutls_on_connection (virConnectPtr conn, if (err < 0) { if (err == GNUTLS_E_AGAIN || err == GNUTLS_E_INTERRUPTED) goto again; - error (NULL, VIR_ERR_GNUTLS_ERROR, gnutls_strerror (err)); + error (conn, VIR_ERR_GNUTLS_ERROR, gnutls_strerror (err)); return NULL; } @@ -1091,11 +1091,11 @@ negotiate_gnutls_on_connection (virConnectPtr conn, if (len < 0 && len != GNUTLS_E_UNEXPECTED_PACKET_LENGTH) { if (len == GNUTLS_E_AGAIN || len == GNUTLS_E_INTERRUPTED) goto again_2; - error (NULL, VIR_ERR_GNUTLS_ERROR, gnutls_strerror (len)); + error (conn, VIR_ERR_GNUTLS_ERROR, gnutls_strerror (len)); return NULL; } if (len != 1 || buf[0] != '\1') { - error (NULL, VIR_ERR_RPC, + error (conn, VIR_ERR_RPC, "server verification (of our certificate or IP address) failed\n"); return NULL; } @@ -1120,12 +1120,12 @@ verify_certificate (virConnectPtr conn ATTRIBUTE_UNUSED, time_t now; if ((ret = gnutls_certificate_verify_peers2 (session, &status)) < 0) { - error (NULL, VIR_ERR_GNUTLS_ERROR, gnutls_strerror (ret)); + error (conn, VIR_ERR_GNUTLS_ERROR, gnutls_strerror (ret)); return -1; } if ((now = time(NULL)) == ((time_t)-1)) { - error (NULL, VIR_ERR_SYSTEM_ERROR, strerror (errno)); + error (conn, VIR_ERR_SYSTEM_ERROR, strerror (errno)); return -1; } @@ -1146,17 +1146,17 @@ verify_certificate (virConnectPtr conn ATTRIBUTE_UNUSED, reason = "The certificate uses an insecure algorithm"; #endif - error (NULL, VIR_ERR_RPC, reason); + error (conn, VIR_ERR_RPC, reason); return -1; } if (gnutls_certificate_type_get(session) != GNUTLS_CRT_X509) { - error (NULL, VIR_ERR_RPC, "Certificate type is not X.509"); + error (conn, VIR_ERR_RPC, "Certificate type is not X.509"); return -1; } if (!(certs = gnutls_certificate_get_peers(session, &nCerts))) { - error (NULL, VIR_ERR_RPC, "gnutls_certificate_get_peers failed"); + error (conn, VIR_ERR_RPC, "gnutls_certificate_get_peers failed"); return -1; } @@ -1165,25 +1165,25 @@ verify_certificate (virConnectPtr conn ATTRIBUTE_UNUSED, ret = gnutls_x509_crt_init (&cert); if (ret < 0) { - error (NULL, VIR_ERR_GNUTLS_ERROR, gnutls_strerror (ret)); + error (conn, VIR_ERR_GNUTLS_ERROR, gnutls_strerror (ret)); return -1; } ret = gnutls_x509_crt_import (cert, &certs[i], GNUTLS_X509_FMT_DER); if (ret < 0) { - error (NULL, VIR_ERR_GNUTLS_ERROR, gnutls_strerror (ret)); + error (conn, VIR_ERR_GNUTLS_ERROR, gnutls_strerror (ret)); gnutls_x509_crt_deinit (cert); return -1; } if (gnutls_x509_crt_get_expiration_time (cert) < now) { - error (NULL, VIR_ERR_RPC, "The certificate has expired"); + error (conn, VIR_ERR_RPC, "The certificate has expired"); gnutls_x509_crt_deinit (cert); return -1; } if (gnutls_x509_crt_get_activation_time (cert) > now) { - error (NULL, VIR_ERR_RPC, "The certificate is not yet activated"); + error (conn, VIR_ERR_RPC, "The certificate is not yet activated"); gnutls_x509_crt_deinit (cert); return -1; } @@ -1191,7 +1191,7 @@ verify_certificate (virConnectPtr conn ATTRIBUTE_UNUSED, if (i == 0) { if (!gnutls_x509_crt_check_hostname (cert, hostname)) { __virRaiseError - (NULL, NULL, NULL, + (conn, NULL, NULL, VIR_FROM_REMOTE, VIR_ERR_RPC, VIR_ERR_ERROR, hostname, NULL, NULL, 0, 0, @@ -2390,7 +2390,7 @@ remoteNetworkOpen (virConnectPtr conn, struct private_data *priv = malloc (sizeof(struct private_data)); int ret, rflags = 0; if (!priv) { - error (NULL, VIR_ERR_NO_MEMORY, "struct private_data"); + error (conn, VIR_ERR_NO_MEMORY, "struct private_data"); return VIR_DRV_OPEN_ERROR; } if (flags & VIR_DRV_OPEN_RO) -- 1.5.3.6.950.g92b7b

16 years, 12 months

3
3
0 / 0

[Libvir] [PATCH] add a gcc-printf attribute to remoteDispatchError

by Jim Meyering

Spotted this a week ago: add a gcc-printf attribute to remoteDispatchError diff --git a/qemud/remote.c b/qemud/remote.c index f4d76a1..047cae7 100644 --- a/qemud/remote.c +++ b/qemud/remote.c @@ -54,7 +54,8 @@ static void remoteDispatchError (struct qemud_client *client, remote_message_header *req, - const char *fmt, ...); + const char *fmt, ...) + ATTRIBUTE_FORMAT(printf, 3, 4); static virDomainPtr get_nonnull_domain (virConnectPtr conn, remote_nonnull_domain domain); static virNetworkPtr get_nonnull_network (virConnectPtr conn, remote_nonnull_network network); static void make_nonnull_domain (remote_nonnull_domain *dom_dst, virDomainPtr dom_src); -- 1.5.3.6.950.g92b7b

17 years

2
1
0 / 0

[Libvir] [PATCH] Compile libvirt under Windows (Cygwin)

by Richard W.M. Jones

The following patchset allows an incomplete compilation of libvirt under Windows using Cygwin. Current limitations are: (1) Xen driver does not work. This is not an important limitation because Windows cannot act as dom0 in a Xen hypervisor anyway (or if it can, it's not a very common configuration). (2) QEMU driver / libvirtd cannot be compiled. It's probably not too hard to fix this. The major area of concern is networking, in particular the very Linux-specific code in src/bridge.c. (2b) I have assumed for the purposes of (2) above that ./configure --without-qemu also disables libvirtd (server) support. QEMU and libvirtd are too entangled at the moment. (3) Cygwin is required. In other words, there is no true native compilation using VC++ or anything like that. However you still get *.exe files, so maybe this isn't an important limitation. Attached is a screenshot showing virsh being used to list QEMU instances over a TLS-encrypted remote connection. To compile this yourself: (a) Set up a Windows machine with plenty of free disk space (10GB+). (b) Install Cygwin (http://www.cygwin.com/). Cygwin has an obscure, unusable packaging system. The trick is to click the "recycling symbol" next to "All". This will download and install everything. You may if you prefer install just the packages you need, but the list of dependencies is long and currently undocumented. (c) Check out libvirt from CVS, apply these patches. (d) rm qemud/remote_protocol.[ch] qemud/remote_dispatch_*.h (e) ./configure --without-xen --without-qemu (f) make -C qemud remote_protocol.c (g) make (h) make install Rich. -- Emerging Technologies, Red Hat - http://et.redhat.com/~rjones/ Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SL4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 03798903

17 years

5
33
0 / 0

[Libvir] Bindings for ruby

by Grabber

Yeah! I'm new to list! I search in archive and google for infomartions about bindings for ruby scripting language. I found some peoples saying ideas to organize class and structs, others using SWIG to simple generate the .so file compatible with ruby. But.... today how are the work? I'm confusing, SWIG can generate really good codes or the better way is develop by hand? -- Regards, Luiz Vitor Martinez Cardoso [Grabber].

17 years

5
6
0 / 0

[Libvir] PATCH: 0/4: Remote authentication support

by Daniel P. Berrange

This is the 2nd iteration of my remote authentication / SASL patches previously provided here: http://www.redhat.com/archives/libvir-list/2007-October/msg00131.html In this iteration I've changed the wire protocol to give better compatability with older libvirt clients. My previous version clients would get a cryptic "unknown status 3" if the server was mandating authentication. This is because I extended the reply codes for RPC to include a specific 'auth required' code which old clients are not expecting. The idea was that the new client would run the REMOTE_PROC_OPEN rpc call & it would return a special NEED_AUTH code, the client would then authenticate & redo the REMOTE_PROC_OPEN. In the new way of doing things, instead of calling REMOTE_PROC_OPEN as the first RPC, a new client will do REMOTE_PROC_AUTH_LIST to query auth types required by the server. It will choose an auth method (there may be several to choose from), then complete the auth sequence. Only then will it try to do the REMOTE_PROC_OPEN. For compatability with older servers which do not implement the REMOTE_PROC_AUTH_LIST rpc, it will catch & ignore the error this may generate. Old clients which don't know to call REMOTE_PROC_AUTH_LIST will get a proper virErrorPtr object returned from REMOTE_PROC_OPEN with a clear 'authentication required' message. The end result is that new client <-> new server has same level of functionality as my previous patches, and old client <-> new server gets friendly errors reported (if server mandates auth - if no auth is enabled old client works just fine). The main outstanding item to be finalized before these patches can be added to CVS is the question of callbacks. For some auth methods we need to be able to gather credentials from the user. There is no way for the caller to know ahead of time what credentials are needed, because this is deterined by the config of the server. Thus we need callbacks in some form. I've come up with a couple of ideas... 1. A global method to supply a list of callbacks per credential type: enum { VIR_CONN_AUTH_PASSWORD, VIR_CONN_AUTH_USERNAME, VIR_CONN_AUTH_LANG, VIR_CONN_AUTH_CHALLENGE, VIR_CONN_AUTH_REALM, } virConnectAuthToken; typedef int (virConnectAuthCBSimple)(const char **result, unsigned *len); typedef int (virConnectAuthCBPrompt)(const char *challenge, const char *prompt, const char *defresult, const char *result, unsigned *len); typedef int (virConnetAuthCBRealm)(const char **availrealms, const char *result); typedef struct { int token; union { virConnectAuthCBSimple simple; virConnectAuthCBPrompt prompt; virConnectAuthCBRealm realm; } cb; } virConnectAuthCallback; virConnectSetAuthCallbacks(virConnectAuthCallback *cbs, int ncbs) This is described a little more here: http://www.redhat.com/archives/libvir-list/2007-January/msg00024.html 2. A new variant of virConnectOpen which takes a callback. The callback gives invoked with a list of required credentials struct _virConnectInteract { int type; /* One of virConnectInteractType constants */ const char *prompt; const char *challenge; const char *defresult; char *result; unsigned int resultlen; }; typedef struct _virConnectInteract virConnectInteract; typedef virConnectInteract *virConnectInteractPtr; /** * When authentication requires one or more interactions, this callback * is invoked. For each interaction supplied, data must be gathered * from the user and filled in to the 'result' and 'resultlen' fields. * If an interaction can not be filled, fill in NULL and 0. * * Return 0 if all interactions were filled, or -1 upon error */ typedef int (*virConnectAuthCallbackPtr)(const char *uri, virConnectInteractPtr interact, unsigned int ninteract); virConnectPtr virConnectOpenAuth (const char *name, virConnectAuthCallbackPtr cb, int flags); Iternally the virConnectOpen & virConnectOpenReadOnly can both just be delegating to this new virConnectOpenAuth call. Existing users of libvirt won't know about this new call, but that doesn't matter because they're not loosing any functionality - merely not able to put up UI to prompt for auth credentials/ The compelling thing about the 2nd way of doing things is that the callback gets a complete list of all required data items at once. This makes it very easy to present a UI with form entry fields for all items. The first way where there is a separate callback per item makes UI very hard. There is one issue not addressed by those two options though - there may be a choice of authentication methods to use. eg SASL vs PolicyKit. The callback only provides a way to supply credentials, no way to choose between auth types if a server offers more than one. Again there's a couple of ways to address this. 1. A global method to set preferred auth type. Simply a sorted list of auth types. Internally, we pick the first auth type in this list that the server supports virConnectSetAuthPriority(int types[], int ntypes); 2. A 2nd callback providing the int types[] and letting the client app choose which one they want to use per connection. 3. Separate out the operation of creating a virConnectPtr object, from the act of connecting, eg /* Allocate a handle */ virConnectPtr virConnectNew(const char *uri); /* List available auth methods */ int virConnectListAuth(virConnectPtr conn, int **types, int *ntypes); /* Connect to HV, with a speciifc auth method */ int virConnectInit(virConnectPtr conn, int auth); Any of these three, can be combined with either of the 2 options for supplying auth credentials. So we've got a choice of 6 :-) My preference, is to go for option 2, of the credentials choice, and option 1 of the auth type priority choice. eg a static priority list for auth types, and a single callback passed into a new virConnectOpenAuth() call. The final tedious bit, is the question of how we deal with underlying HV which may need further authentication. eg, if connecting to XenAPI we may need to provide a username & password. If the XenAPI connection is being made through a local libvirt driver hooking up the callbacks as described is fairly easy. If the XenAPI connection is made indirectly via the remote driver, then we have two drivers requiring auth - the initial remote driver, and then the remotely run XenAPi driver. This would need us to figure out a way to hook up the callbacks to the REMOTE_PROC_OPEN api call. Not pleasant ! Dan. -- |=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=| |=- Perl modules: http://search.cpan.org/~danberr/ -=| |=- Projects: http://freshmeat.net/~danielpb/ -=| |=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|

17 years

3
12
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Devel November 2007