[libvirt] [PATCH] fix Relax-NG pattern matching
by John Levon
Don't use unescaped meta-characters.
Signed-off-by: John Levon <john.levon(a)sun.com>
Index: docs/libvirt.rng
===================================================================
RCS file: /data/cvs/libvirt/docs/libvirt.rng,v
retrieving revision 1.9
diff -u -r1.9 libvirt.rng
--- docs/libvirt.rng 10 Jul 2008 08:05:39 -0000 1.9
+++ docs/libvirt.rng 24 Jul 2008 16:40:16 -0000
@@ -840,7 +840,7 @@
</define>
<define name='domainName'>
<data type='string'>
- <param name="pattern">[A-Za-z0-9_.:/\+\-&-]+</param>
+ <param name="pattern">[A-Za-z0-9_\.\+\-&:/]+</param>
</data>
</define>
<define name='genericName'>
@@ -860,22 +860,22 @@
</define>
<define name='filePath'>
<data type='string'>
- <param name="pattern">[a-zA-Z0-9_\+\-%./&]+</param>
+ <param name="pattern">[a-zA-Z0-9_\.\+\-&/%]+</param>
</data>
</define>
<define name='absFilePath'>
<data type='string'>
- <param name="pattern">/[a-zA-Z0-9_\+\-%./&]+</param>
+ <param name="pattern">/[a-zA-Z0-9_\.\+\-&/%]+</param>
</data>
</define>
<define name='devicePath'>
<data type='string'>
- <param name="pattern">/[a-zA-Z0-9_\+\-%/]+</param>
+ <param name="pattern">/[a-zA-Z0-9_\+\-/%]+</param>
</data>
</define>
<define name='deviceName'>
<data type='string'>
- <param name="pattern">[a-zA-Z0-9_\-:./]+</param>
+ <param name="pattern">[a-zA-Z0-9_\.\-:/]+</param>
</data>
</define>
<define name='addrMAC'>
16 years, 4 months
[libvirt] Virt-Manager, libvirt & TLS
by Geoff Wiener
Hi!
This is my first post to either of these list, I have been lurking, (sorry to cross post but I don't know if this is a virt-manager or libvirt question). So first off thank you to everyone for all your efforts. I think libvirt and virt-manager are excellent! I've built a pair of server s in the lab with a Xen stack and have been attempting to get virt-manager 0.5.4 to communicate with, first libvirt 0.4.2 and then libvirt 0.4.4 using TLS across the network in a "client / server" configuration unsuccessfully. All the machines are on the same subnet (192.168.4.x/24). I can make Virt-Manager communicate with Libvirt over TCP without authentication so now that I know the installation works I want to further secure it using TLS.
I've read everything I can get my hands on, subscribe to the lists and feel that I must be making a simple error ;I could really use a fresh perspective. I would really appreciate any feedback you can offer.
Here's my configuration and testing method.
Workstation
Ubuntu Hardy Heron 64 bit
Virt-manager 0.5.4
Server
Distribution = CentOS 5.1 (64 bit)
Kernel = 2.6.18.8-xen (compiled from source)
Xen = 3.2.1.gz
virsh # version
Compiled against library: libvir 0.4.4
Using library: libvir 0.4.4
Using API: Xen 3.0.1
Running hypervisor: Xen 3.2.0
/usr/local/etc/libvirt/libvirtd.conf
Listen_tcp = 1
auth_unix_ro = "none"
auth_unix_rw="none"
auth_tcp="none"
In this configuration I can use "Remove Password or Kerberos" to connect. I just enter the hostname of the Xen machine and Virt-Manager lets me see all the Domains that are running (or shutdown if I virsh define them) as well as look at their consoles (if the vfb is configured correctly).
I followed the configuration notes at: http://libvirt.org/remote.html with a couple of exceptions:
1. I already have a linux based CA that I use with OpenVPN so I used that CA root certificate and just generated client and server cert / key pairs for my client and server (I tested with just one server)
2. I reverted back to the default libvirtd.conf to setup for TLS and noticed that the default paths for the certificate locations were not in line with the documentation on the web page but there were commented sections as follows that matched the documentation, so I uncommented them:
key_file = "/etc/pki/libvirt/private/serverkey.pem"
cert_file = "/etc/pki/libvirt/servercert.pem"
ca_file = "/etc/pki/CA/cacert.pem"
#crl_file = "/etc/pki/CA/crl.pem"
Note: I did not uncomment the CRL_FILE path as I do not want to use a CRL at this time
3. On the server I execute "libvirtd -listen -verbose" (libvirtd output) attached
4. virt-manager 0.5.4 (as root) , File, Open Connection
Hypervisor: Xen
Connection: Remote SSL/TLS with x509 certificate
Hostname: vxen-01.aenigmacorp.com (I have a host entry for this machine)
The virt-manager console reports "unable to open a connection to the libvirt management daemon". Verify that the "libvirtd" daemon has been started. Then, in details there is a lot of info (see virt-manager output)
5. If I tail /root/.virt-manager/virt-manager.log I get the following output (see virt-manager.log)
That about sums it up. I have not read any instructions that ask me to copy the CA root certificate to the client, is that required? And if so where would I put it. Also, whenever I attempt to connect there are no errors appearing in the libvirtd output, which is a bit surprising. I would have expected that by using -verbose on the libvirtd command line that i would see more info. Lin 94 in the libvirt.py script is definitely trying to do some kind of authentication but I don't really know what to do to troubleshot this next? I still don't know if my issue is related to the client or the server?
Any advice would be greatly appreciated.
Many thanks
Geoff Wiener
16 years, 4 months
[libvirt] xml format for openvz driver
by Evgeniy Sokolov
Hello!
I made review of domain XML format for driver in libvirt.
And I have several questions and additions.
For tag domain:
need to add "vmid" or "id" - currenly tag "name" is used for ID.
OpenVZ has mandatory parameter ID, but it also support optional
parameter "name", which is not implemented for openvz driver now. I plan
to support of "name" in future.
For tag domain/os:
need to add "ostemplate"
desirable "config"
For tag domain/devices/disk:
need to add "diskspace"
desirable "diskinodes" - it is optional because of "disknodes" are over
very rarely.
For tag domain/devices/interface:
How to describe, if want to add ip addresses for routing network?
Also, OpenVZ may move network adapter to VM (for example, eth1), adapter
becomes inaccessible on harware node. How to describe it? Is it
ethernet type?
Thanks!
Evgeniy
16 years, 4 months
[libvirt] [FeatureRequest/RFC] non-volitile domain defines
by Stefan de Konink
I think I have already sent an email about this to the list, but no reply
on this specific point.
Libvirt is currently capable of storing storage, networks, the only thing
that is really missing is the direct storage of domains. I wonder if a
patch would be accepted that stores defined domains (live) to disk upon
change. Some sort of dumpxml per define/attach/etc. when a domain is
undefined the file is removed.
Stefan
16 years, 4 months
[libvirt] [PATCH] repeat lookup by name in LookupByID
by Evgeniy Sokolov
There was error every time when I undefine stoped container
"no domain with matching id".
Bug arrise due to stoped container has ID = -1.
In such case container will be searched by name.
other:
use VIR_ERR_NO_DOMAIN when domain is not found
16 years, 4 months
[libvirt] Release of libvirt-java-0.2.0
by Daniel Veillard
Okay I made a new release with the API renaming changes we discussed
previously. It is available at the usual place:
ftp://libvirt.org/libvirt/java/
I also built it for Fedora-9, it should be available for testing there
soon too.
There is still a few issues, for example I get an out of bound exception
error when running the test.java, looks like a pointer/integer conversion
error when using the authentification callbacks (I realize i may have left
a couple of debug statement in the JNI C file there). In general I'm not sure
the jlong VDP cast trick will always work, it looks a bit unsafe but that's
an implementation detail it should not affect the API.
I tried to incorporate some solaris fixes from John Levon, but i can't
garantee it's all fixed (well not the warnings due to the VDP cast)
So this is a good version for testing, feedback, patches and expertise
much welcome, as I'm sort of a Java newbie !
Daniel
--
Red Hat Virtualization group http://redhat.com/virtualization/
Daniel Veillard | virtualization library http://libvirt.org/
veillard(a)redhat.com | libxml GNOME XML XSLT toolkit http://xmlsoft.org/
http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/
16 years, 4 months
[libvirt] Re: ruby-libvirt on debian based systems
by Tom Verhaeghe
Yes it does, it works like a train on rails 2.0.2 & ruby 1.8.6
I'll keep you in touch if anything goes wrong
On Tue, Jul 22, 2008 at 1:19 AM, David Lutterkort <dlutter(a)redhat.com>
wrote:
> On Mon, 2008-07-21 at 16:48 +0200, Tom Verhaeghe wrote:
> > Solved, i had to install libxen3-dev in order to make it work.
>
> I assume that that contains the pkgconfig for libvirt; the extconf.rb in
> ruby-libvirt needs that.
>
> With that ruby-libvirt works fine on Ubuntu ? I am glad to hear that.
>
> David
>
>
>
>
16 years, 4 months
