[libvirt] Problem with the current svirt patch
by Daniel J Walsh
The current svirt patch relabels all disk to the image_t:MCS, which is
incorrect. Read Only Disks and Sharable Disks should not be labeled.
Also when libvirt is completed running the image it needs to relabel the
image back to something sane. Right now it is labeling everything
imagelabel:s0, including phisical disk partitions. I considered two
ways of labeling the "disk" back. We can either grab the label when
libvirt starts and change it back to this label when ever an image
completes or we can ask the system what the label should be.
(matcpathcon). I originally coded up the first, but quickly realized if
anything went wrong with libvirt labeling like a crash, the labels on
disk could be wrong. And libvirt would continuously set them to this
wrong label. With matchpathcon, libvirt will at least set them to
something sane.
So this patch Removes labeling of readonly and shared disks and restores
the images label to the system default when the image completes.
I would really like to get this in ASAP. Since currently libvirt is
relabeing the cdrom to virt_image_t when it is complete as well as
physical disks.
16 years
[libvirt] [RFC][PATCH] storage: allow alphabetical names in owner/group of permissions
by Ryota Ozaki
Hi,
This patch allows to specify owner/group of permissions in storage XML
as alphabetical names.
One concern of this patch is since alphabetical names are converted
to uid/gid at XML parsing (e.g., virsh pool-define some-pool.xml),
the generated XML file for libvirt internal does not contain the original
alphabetical names and dumpxml does not as well. Is it better the
conversion is done when activated not defined?
And I know I need to modify documents and write test XMLs.
Any comments are welcome!
Thanks,
ozaki-r
>From bf8a01689e345ec9c08a1348b5781c51b6016ef4 Mon Sep 17 00:00:00 2001
From: Ryota Ozaki <ozaki.ryota(a)gmail.com>
Date: Sun, 15 Mar 2009 02:30:02 +0900
Subject: [PATCH] storage: allow alphabetical names in owner/group of permissions
---
configure.in | 2 +-
src/storage_conf.c | 50 ++++++++++++++++++++++++++++++++++++---------
src/util.c | 57 +++++++++++++++++++++++++++++++++++++++++++++++++++-
src/util.h | 8 +++++++
4 files changed, 105 insertions(+), 12 deletions(-)
diff --git a/configure.in b/configure.in
index 413d27c..0277d9a 100644
--- a/configure.in
+++ b/configure.in
@@ -75,7 +75,7 @@ dnl Availability of various common functions
(non-fatal if missing).
AC_CHECK_FUNCS([cfmakeraw regexec uname sched_getaffinity getuid getgid])
dnl Availability of various not common threadsafe functions
-AC_CHECK_FUNCS([strerror_r strtok_r getmntent_r getgrnam_r getpwuid_r])
+AC_CHECK_FUNCS([strerror_r strtok_r getmntent_r getgrnam_r getpwuid_r
getpwnam_r])
dnl Availability of various common headers (non-fatal if missing).
AC_CHECK_HEADERS([pwd.h paths.h regex.h sys/syslimits.h sys/utsname.h
sys/wait.h winsock2.h sched.h termios.h sys/poll.h syslog.h])
diff --git a/src/storage_conf.c b/src/storage_conf.c
index 1c9a4e5..7d75b71 100644
--- a/src/storage_conf.c
+++ b/src/storage_conf.c
@@ -412,23 +412,53 @@ virStorageDefParsePerms(virConnectPtr conn,
if (virXPathNode(conn, "./owner", ctxt) == NULL) {
perms->uid = getuid();
} else {
- if (virXPathLong(conn, "number(./owner)", ctxt, &v) < 0) {
- virStorageReportError(conn, VIR_ERR_XML_ERROR,
- "%s", _("malformed owner element"));
- goto error;
+ if (virXPathLong(conn, "number(./owner)", ctxt, &v) == 0) {
+ perms->uid = (int)v;
+ } else {
+ char *name;
+ int uid;
+
+ name = virXPathString(conn, "string(./owner)", ctxt);
+ if (!name) {
+ virStorageReportError(conn, VIR_ERR_XML_ERROR,
+ "%s", _("malformed owner element"));
+ goto error;
+ }
+
+ uid = virGetUIDByUsername(conn, name);
+ VIR_FREE(name);
+ if (uid < 0) {
+ goto error;
+ }
+
+ perms->uid = uid;
}
- perms->uid = (int)v;
}
if (virXPathNode(conn, "./group", ctxt) == NULL) {
perms->gid = getgid();
} else {
- if (virXPathLong(conn, "number(./group)", ctxt, &v) < 0) {
- virStorageReportError(conn, VIR_ERR_XML_ERROR,
- "%s", _("malformed group element"));
- goto error;
+ if (virXPathLong(conn, "number(./group)", ctxt, &v) == 0) {
+ perms->gid = (int)v;
+ } else {
+ char *name;
+ int gid;
+
+ name = virXPathString(conn, "string(./group)", ctxt);
+ if (!name) {
+ virStorageReportError(conn, VIR_ERR_XML_ERROR,
+ "%s", _("malformed group element"));
+ goto error;
+ }
+
+ gid = virGetGIDByGroupname(conn, name);
+ VIR_FREE(name);
+ if (gid < 0) {
+ goto error;
+ }
+
+ perms->gid = gid;
}
- perms->gid = (int)v;
}
/* NB, we're ignoring missing labels here - they'll simply inherit */
diff --git a/src/util.c b/src/util.c
index 9b74757..fbe329d 100644
--- a/src/util.c
+++ b/src/util.c
@@ -50,9 +50,12 @@
#include <paths.h>
#endif
#include <netdb.h>
-#ifdef HAVE_GETPWUID_R
+#if defined(HAVE_GETPWUID_R) || defined(HAVE_GETPWNAM_R)
#include <pwd.h>
#endif
+#ifdef HAVE_GETGRNAM_R
+#include <grp.h>
+#endif
#include "virterror_internal.h"
#include "logging.h"
@@ -1558,3 +1561,55 @@ char *virGetUserDirectory(virConnectPtr conn,
return ret;
}
#endif
+
+
+#ifdef HAVE_GETPWNAM_R
+int virGetUIDByUsername(virConnectPtr conn, char *name)
+{
+ struct passwd pwbuf;
+ struct passwd *pw = NULL;
+ char *strbuf;
+ size_t strbuflen = sysconf(_SC_GETPW_R_SIZE_MAX);
+
+ if (VIR_ALLOC_N(strbuf, strbuflen) < 0) {
+ virReportOOMError(conn);
+ return -1;
+ }
+
+ if (getpwnam_r(name, &pwbuf, strbuf, strbuflen, &pw) != 0 || pw == NULL) {
+ virReportSystemError(conn, errno,
+ _("Failed to find user record for name '%s'"),
+ name);
+ VIR_FREE(strbuf);
+ return -1;
+ }
+ VIR_FREE(strbuf);
+ return pw->pw_uid;
+}
+#endif
+
+
+#ifdef HAVE_GETGRNAM_R
+int virGetGIDByGroupname(virConnectPtr conn, char *name)
+{
+ struct group grbuf;
+ struct group *gr = NULL;
+ char *strbuf;
+ size_t strbuflen = sysconf(_SC_GETGR_R_SIZE_MAX);
+
+ if (VIR_ALLOC_N(strbuf, strbuflen) < 0) {
+ virReportOOMError(conn);
+ return -1;
+ }
+
+ if (getgrnam_r(name, &grbuf, strbuf, strbuflen, &gr) != 0 || gr == NULL) {
+ virReportSystemError(conn, errno,
+ _("Failed to find group record for name '%s'"),
+ name);
+ VIR_FREE(strbuf);
+ return -1;
+ }
+ VIR_FREE(strbuf);
+ return gr->gr_gid;
+}
+#endif
diff --git a/src/util.h b/src/util.h
index 87cbf67..ffd3458 100644
--- a/src/util.h
+++ b/src/util.h
@@ -195,6 +195,14 @@ char *virGetUserDirectory(virConnectPtr conn,
uid_t uid);
#endif
+#ifdef HAVE_GETPWNAM_R
+int virGetUIDByUsername(virConnectPtr conn, char *name);
+#endif
+
+#ifdef HAVE_GETGRNAM_R
+int virGetGIDByGroupname(virConnectPtr conn, char *name);
+#endif
+
int virRandomInitialize(unsigned int seed);
int virRandom(int max);
--
1.6.0.6
16 years
[libvirt] The gui should drop the connection if libvirt stops for any reason like service libvirt stop.
by Daniel J Walsh
diff -u virtManager/engine.py~ virtManager/engine.py
--- virtManager/engine.py~ 2009-03-16 14:49:16.000000000 -0400
+++ virtManager/engine.py 2009-03-16 14:58:05.000000000 -0400
@@ -158,6 +158,7 @@
logging.error(("Could not refresh connection %s\n" %
(uri)) + str(sys.exc_info()[0]) + \
" " + str(sys.exc_info()[1]) + "\n" + \
traceback.format_exc(sys.exc_info()[2]))
+ self.connections[uri]["connection"].close()
return 1
def change_timer_interval(self,ignore1,ignore2,ignore3,ignore4):
16 years
[libvirt] [PATCH] Fix test driver domain save
by Cole Robinson
Saving a domain via the test driver currently locks up, since the save
command is calling out to another public driver method. The attached
patch fixes this.
Thanks,
Cole
16 years
[libvirt] shit-off domains
by Zvi Dubitzky
I do not see a way to get the shut-off domain list from a libvirt API
(case when no id shown under virsh , just domain name)
Am I missing something ?
thanks
Zvi Dubitzky
Virtualization and System Architecture Email:dubi@il.ibm.com
IBM Haifa Research Laboratory Phone: +972-4-8296182
Haifa, 31905, ISRAEL
16 years
[libvirt] [PATCH] fix Xen event handling
by Daniel Veillard
As was reported on IRC and found by Dan Berrange, sometimes Xen event
handling could start to go wild and block processing of requests in the
daemon.
The fault at least on libvirt side is that we didn't filter out non
read/write event requests when asking for watches in the xenstore. The
provided patch seems to work for the person who reported the original
problem,
Daniel
--
Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
daniel(a)veillard.com | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library http://libvirt.org/
16 years
[libvirt] libvirt-cim
by Zvi Dubitzky
Hi
can someone tell me what is libvirt-cim . Does it mean libvirt utilized
by CIM or there is a special 'dialect' called livirt-cim
thanks
Zvi Dubitzky
Virtualization and System Architecture Email:dubi@il.ibm.com
IBM Haifa Research Laboratory Phone: +972-4-8296182
Haifa, 31905, ISRAEL
16 years
