July 2008 - Devel - libvirt List Archives

Re: [libvirt] libvirt-java
by Daniel Veillard 09 Jul '08

09 Jul '08

On Mon, Jul 07, 2008 at 01:14:40PM +0200, Tóth István wrote: > Daniel Veillard wrote: > > Ah, okay.... Well my perspective is that libvirt-java should include > > only parts which are directly releated to using libvirt on Java. I would > > really not try to reinvent or push any XML related APIs there, at least > > as part of libvirt bindings (I still have the scars from libxml2, believe > > me you don't want to push new XML APIs to programmers even specialized ones). > > > My thoughts exactly. Okay seems we agree on the fundamentals :-) > > But things like the XSD descriptiond might be useful generally, and > > IMHO are very tied to libvirt, so i think they are a good fit. > > > Absolutely. I've had major problems when I tried to use some Java XML > mapping libraries, because they can only process xsd, > and not the language you use. So having high-quality xsd definitions is > high on my personal wish-list. Okay > > Also fitting into this model are build makefiles for other environment, > > I understand that for most Java developpers, configure and make are really > > foreign tools, so adding ant/Eclipse/... build recipes for the package also > > makes a lot of sense. > > > Well, they certainly wouldn't hurt, but I don't see that as a priority. > Java-only programmers (end users) won't touch the JNI core parts. > They will just install the package, and get on with using it, by adding > the jar > to their devel enviroment, and perhaps the JNI lib file to the command line. > > These kind of users don't really care about the java-libvirt build > environment. okay, so just the Jar availability is sufficient for them, okidoc. > If you want to do something more interesting than renaming the java > classes and methods, > the you have to hit the JNI bindings, and that code is so ugly, that > no-one without some C experience will want to touch it. > > Having said that, I think that an ant build file would be the most > useful, as it can be used directly in all major > development enviroments. There is also this maven thing, that seems to > be widely used, but I still haven't figured out > exactly what that is :-) me either, though there are examples in the Fedora-java packaging pages. [...] > My current plans for java-libvirt are: > > 1. Add the storage API: It's really mostly just copy-paste-search > replace but it still takes some work okay > 2. There are some consistency problems with the naming of classes and > methods. I'd like to revisit the java api, and make some changes in > names, and maybe class structure Hum, better done early than late. Basically i would prefer to avoid pushing incompatible changes. what kind of inconsistencies problems ? > 3. There are many places where the C part leaks memory, this should also > be audited/ fixed. Ah, okay I will have to reread the bindings code then. Not sure how to track leaks, I doubt valgrind can work with java ... > Number 2 is what worries me, I don't know if it's a good idea to push > toFedora, when I know I want to make incompatible API changes soon. yes, which is why I would like to know a bit better :-) > (Or you can just say that you won't accept them, but I'm a big fan of > clean and consistent APIs, and the current one can be improved) > I believe that I will get around to doing 1. and 2. at least in late > july/early august, It's about a three day job, I just don't have that > three days right now :-( Maybe if you can expose what you think is wrong i can try to clean things up. Daniel -- Red Hat Virtualization group http://redhat.com/virtualization/ Daniel Veillard | virtualization library http://libvirt.org/ veillard(a)redhat.com | libxml GNOME XML XSLT toolkit http://xmlsoft.org/ http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/

3 3

[libvirt] PATCH: Fix ue of VIR_TEST_DEBUG var
by Daniel P. Berrange 09 Jul '08

09 Jul '08

The previous patch I did to add OOM testing accidentally disabled use of the VIR_TEST_DEBUG env variable when OOM testing is #ifdef'd out. This patch I just comitted makes sure its always used. Daniel diff -r d37150dc5895 tests/testutils.c --- a/tests/testutils.c Tue Jul 08 16:17:52 2008 +0100 +++ b/tests/testutils.c Wed Jul 09 11:23:27 2008 +0100 @@ -321,20 +321,24 @@ char **argv, int (*func)(int, char **)) { + char *debugStr; #if TEST_OOM int ret; int approxAlloc = 0; int n; - char *oomStr = NULL, *debugStr; + char *oomStr = NULL; int oomCount; int mp = 0; pid_t *workers; int worker = 0; +#endif + if ((debugStr = getenv("VIR_TEST_DEBUG")) != NULL) { if (virStrToLong_ui(debugStr, NULL, 10, &testDebug) < 0) testDebug = 0; } +#if TEST_OOM if ((oomStr = getenv("VIR_TEST_OOM")) != NULL) { if (virStrToLong_i(oomStr, NULL, 10, &oomCount) < 0) oomCount = 0; -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|

1 0

[libvirt] PATCH: Misc changes to policykit policy file
by Daniel P. Berrange 09 Jul '08

09 Jul '08

After discussions with policykit maintainers I've come to the conclusion that it is better for security if we default to 'auth_admin_keep_sesion' instead of 'auth_self_keep_session'. ie prompt for the root password (ala 'su') instead of the user's password (ala 'sudo'). This is because having access to libvirtd gives you very significant power over the host machine. Secondly, newer versions of policykit have imposed a naming constraint on policy files, so when we install our policy it needs to be in a file called org.libvirt.unix.policy, instead of just libvirt.policy. So there's a change to the Makefile to support this. Daniel diff -r e17c1bd119fc libvirt.spec.in --- a/libvirt.spec.in Wed Jul 09 09:26:26 2008 +0100 +++ b/libvirt.spec.in Wed Jul 09 10:32:24 2008 +0100 @@ -240,7 +240,7 @@ %dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/images/ %dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/boot/ %if %{with_polkit} -%{_datadir}/PolicyKit/policy/libvirtd.policy +%{_datadir}/PolicyKit/policy/org.libvirt.unix.policy %endif %dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/qemu/ %if %{with_xen_proxy} diff -r e17c1bd119fc qemud/Makefile.am --- a/qemud/Makefile.am Wed Jul 09 09:26:26 2008 +0100 +++ b/qemud/Makefile.am Wed Jul 09 10:32:24 2008 +0100 @@ -13,7 +13,8 @@ remote_dispatch_proc_switch.h \ mdns.c mdns.h \ libvirtd.sasl \ - libvirtd.conf + libvirtd.conf \ + libvirtd.policy if RPCGEN SUFFIXES = .x @@ -75,9 +76,7 @@ if HAVE_POLKIT policydir = $(datadir)/PolicyKit/policy -policy_DATA = libvirtd.policy endif -EXTRA_DIST += libvirtd.policy if HAVE_AVAHI libvirtd_SOURCES += mdns.c mdns.h @@ -86,7 +85,7 @@ endif default_xml_dest = libvirt/qemu/networks/default.xml -install-data-local: install-init install-data-sasl +install-data-local: install-init install-data-sasl install-data-polkit mkdir -p $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/autostart $(INSTALL_DATA) $(srcdir)/default-network.xml \ $(DESTDIR)$(sysconfdir)/$(default_xml_dest) @@ -99,7 +98,7 @@ mkdir -p $(DESTDIR)$(localstatedir)/run/libvirt mkdir -p $(DESTDIR)$(localstatedir)/lib/libvirt -uninstall-local:: uninstall-init uninstall-data-sasl +uninstall-local:: uninstall-init uninstall-data-sasl install-data-polkit rm -f $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/autostart/default.xml rm -f $(DESTDIR)$(sysconfdir)/$(default_xml_dest) rmdir $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/autostart || : @@ -119,6 +118,18 @@ install-data-sasl: uninstall-data-sasl: endif + +if HAVE_POLKIT +install-data-polkit:: install-init + mkdir -p $(DESTDIR)$(policydir) + $(INSTALL_DATA) libvirtd.policy $(DESTDIR)$(policydir)/org.libvirt.unix.policy +uninstall-data-polkit:: install-init + rm -f $(DESTDIR)$(policydir)/org.libvirt.unix.policy +else +install-data-polkit:: +uninstall-data-polkit:: +endif + remote.c: remote_dispatch_prototypes.h \ remote_dispatch_localvars.h \ diff -r e17c1bd119fc qemud/libvirtd.policy --- a/qemud/libvirtd.policy Wed Jul 09 09:26:26 2008 +0100 +++ b/qemud/libvirtd.policy Wed Jul 09 10:32:24 2008 +0100 @@ -36,7 +36,7 @@ read-write mode for management, and we require user password --> <allow_any>no</allow_any> <allow_inactive>no</allow_inactive> - <allow_active>auth_self_keep_session</allow_active> + <allow_active>auth_admin_keep_session</allow_active> </defaults> </action> -</policyconfig> \ No newline at end of file +</policyconfig> -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|

2 1

[libvirt] monitor cpu & network load
by Zu 09 Jul '08

09 Jul '08

Hi, I want to write a program to monitor the CPU and network usage of the Xen domUs. But I don't know how to implement. Can the libvirt APIs help me to do that? Does libvirt have the APIs to get the CPU and network usages? If yes I'll study libvirt APIs. Thanks Zu

3 2

[libvirt] PATCH: DOn't use policykit if running non-root
by Daniel P. Berrange 09 Jul '08

09 Jul '08

If the libvirtd daemon is running as non-root (ie a regular user) then there is no point in defaulting policykit, since only clients of same user account are able to connect to the UNIX socket anyway. This removes the pointless login prompt when using qemu:///session. Daniel diff -r 9a457b847ffc qemud/qemud.c --- a/qemud/qemud.c Tue Jul 08 16:17:52 2008 +0100 +++ b/qemud/qemud.c Wed Jul 09 09:24:53 2008 +0100 @@ -1926,6 +1926,14 @@ GET_CONF_STR (conf, filename, tcp_port); GET_CONF_STR (conf, filename, listen_addr); +#if HAVE_POLKIT + /* Change the default back to no auth for non-root */ + if (getuid() != 0 && auth_unix_rw == REMOTE_AUTH_POLKIT) + auth_unix_rw = REMOTE_AUTH_NONE; + if (getuid() != 0 && auth_unix_ro == REMOTE_AUTH_POLKIT) + auth_unix_ro = REMOTE_AUTH_NONE; +#endif + if (remoteConfigGetAuth(conf, "auth_unix_rw", &auth_unix_rw, filename) < 0) goto free_and_fail; #if HAVE_POLKIT -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|

2 1

[libvirt] [PATCH] give a more useful diagnostic for tap-add failure w/ENOTSUP
by Jim Meyering 09 Jul '08

09 Jul '08

I invoked virt-isntall with --network=bridge:eth1 rather than --network=bridge:br1 and got the latter (current) diagnostic below. This change makes it so in this relatively common case people get a slightly more understandable diagnostic. >From 3d6dc8442fd9f1b0915c232040200154832fdf51 Mon Sep 17 00:00:00 2001 From: Jim Meyering <meyering(a)redhat.com> Date: Tue, 8 Jul 2008 13:58:10 +0200 Subject: [PATCH] give a more useful diagnostic for tap-add failure w/ENOTSUP * src/qemu_conf.c (qemudNetworkIfaceConnect): Suggestion from Daniel P. Berrange. --- src/qemu_conf.c | 14 +++++++++++--- 1 files changed, 11 insertions(+), 3 deletions(-) diff --git a/src/qemu_conf.c b/src/qemu_conf.c index 17f0162..4b8c01e 100644 --- a/src/qemu_conf.c +++ b/src/qemu_conf.c @@ -2304,9 +2304,17 @@ qemudNetworkIfaceConnect(virConnectPtr conn, if ((err = brAddTap(driver->brctl, brname, ifname, BR_IFNAME_MAXLEN, &tapfd))) { - qemudReportError(conn, NULL, NULL, VIR_ERR_INTERNAL_ERROR, - _("Failed to add tap interface '%s' to bridge '%s' : %s"), - ifname, brname, strerror(err)); + if (errno == ENOTSUP) { + /* In this particular case, give a better diagnostic. */ + qemudReportError(conn, NULL, NULL, VIR_ERR_INTERNAL_ERROR, + _("Failed to add tap interface to bridge. " + "%s is not a bridge device"), brname); + } else { + qemudReportError(conn, NULL, NULL, VIR_ERR_INTERNAL_ERROR, + _("Failed to add tap interface '%s' " + "to bridge '%s' : %s"), + ifname, brname, strerror(err)); + } goto error; } -- 1.5.6.2.221.gb589

3 3

[libvirt] [PATCH] Missing htonl (etc) on MinGW
by Richard W.M. Jones 08 Jul '08

08 Jul '08

With the attached patch you can get all the way through a compile of libvirt using the MinGW cross-compiler. Basically MinGW lacks the htonl/ntohl/htons/ntohs functions. This simply adds the same functions from glibc (which has a compatible license) in a single file called "byteswap.h". The reason it worked previously was that PortableXDR used to provide these functions by linking to winsock2. However I have now removed that dependency from PortableXDR because it prevented a DLL being built of PortableXDR. This doesn't fully resolve dynamic linking of libvirt yet, but it is one step (or rather, one library) closer to happening. Rich. -- Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones Read my OCaml programming blog: http://camltastic.blogspot.com/ Fedora now supports 59 OCaml packages (the OPEN alternative to F#) http://cocan.org/getting_started_with_ocaml_on_red_hat_and_fedora

2 2

[libvirt] incorrect VIR_DOMAIN_NONE usage
by Tóth István 08 Jul '08

08 Jul '08

As I was trying to understand exact semantics of the libvirt flags api, I found an error in the xs_internal.c file. When it wants to indicate that it cannot report the state of the domain, it user VIR_DOMAIN_NONE as a return value, which does not, in fact, refer to a domain state at all, but is a dummy flag for creating domains, instead of VIR_DOMAIN_NOSTATE. This patch does not affect the compiled code, only the readability. On a related note, the defined enum flags seem inconstent to me, half of them have explicitly named 0 default values, and half of them don't, it's a bit confusing. If enum virStorageVolDeleteFlags { VIR_STORAGE_VOL_DELETE_NORMAL = 0 : Delete metadata only (fast) VIR_STORAGE_VOL_DELETE_ZEROED = 1 : Clear all data to zeros (slow) } then why not enum virConnectFlags { VIR_CONNECT_RW = 0 : A read-write connection VIR_CONNECT_RO = 1 : A readonly connection } ? It would not affect existing code, and would make the library more consistent. regards István ? .project ? xs_internal_constant_semantics.patch Index: src/xs_internal.c =================================================================== RCS file: /data/cvs/libvirt/src/xs_internal.c,v retrieving revision 1.65 diff -u -p -r1.65 xs_internal.c --- src/xs_internal.c 10 Apr 2008 16:54:54 -0000 1.65 +++ src/xs_internal.c 1 Jul 2008 19:46:41 -0000 @@ -399,7 +399,7 @@ xenStoreGetDomainInfo(virDomainPtr domai info->state = VIR_DOMAIN_RUNNING; free(tmp); } else { - info->state = VIR_DOMAIN_NONE; + info->state = VIR_DOMAIN_NOSTATE; } tmp = virDomainDoStoreQuery(domain->conn, domain->id, "memory/target"); if (tmp != NULL) {

2 1

[Libvirt] [PATCH] 1+2=3 errors in docs
by Anton Protopopov 08 Jul '08

08 Jul '08

Hi. This patch fixes three examples given in docs/drvqemu.html.in and docs/ formatnetwork.html.in A.

2 1

[libvirt] libvirt and linux vserver
by ADNET Ghislain 08 Jul '08

08 Jul '08

Hi, i am new here , i looked on the web but cannot find anything about linux vserver support in libvirt. I found that one of the main dev of linux vserver submitted patches for the support but nothing seems to have been integrated from his work into libvirt. Do you have reviewed them ? Is libvirt a possibility to manage linux vservers ? * /From/: "Daniel Hokka Zakrisson" <daniel hozac com> * /To/: libvir-list redhat com * /Subject/: [Libvir] [PATCH] Linux-VServer support * /Date/: Wed, 9 Jan 2008 22:51:20 +0100 (CET) http://www.redhat.com/archives/libvir-list/2008-January/msg00097.html -- Cordialement, Ghislain

2 1