[libvirt] PATCH: Relabel disk images *before* hotplugging
by Daniel P. Berrange
For some bizarre reason the original code we added for sVirt disk labelling
with hotplug did not relabel the disks until after telling QEMU to hotplug.
Clearly this is going to fail 99% of the time. It also forgot todo labelling
when invoking a CDROM media change
src/qemu_driver.c | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)
Daniel
diff --git a/src/qemu_driver.c b/src/qemu_driver.c
index 25d446d..59c163c 100644
--- a/src/qemu_driver.c
+++ b/src/qemu_driver.c
@@ -4136,10 +4136,14 @@ static int qemudDomainAttachDevice(virDomainPtr dom,
switch (dev->data.disk->device) {
case VIR_DOMAIN_DISK_DEVICE_CDROM:
case VIR_DOMAIN_DISK_DEVICE_FLOPPY:
+ if (driver->securityDriver)
+ driver->securityDriver->domainSetSecurityImageLabel(dom->conn, vm, dev->data.disk);
ret = qemudDomainChangeEjectableMedia(dom->conn, vm, dev);
break;
case VIR_DOMAIN_DISK_DEVICE_DISK:
+ if (driver->securityDriver)
+ driver->securityDriver->domainSetSecurityImageLabel(dom->conn, vm, dev->data.disk);
if (dev->data.disk->bus == VIR_DOMAIN_DISK_BUS_USB) {
ret = qemudDomainAttachUsbMassstorageDevice(dom->conn, vm, dev);
} else if (dev->data.disk->bus == VIR_DOMAIN_DISK_BUS_SCSI ||
@@ -4151,8 +4155,6 @@ static int qemudDomainAttachDevice(virDomainPtr dom,
virDomainDiskBusTypeToString(dev->data.disk->bus));
goto cleanup;
}
- if (driver->securityDriver)
- driver->securityDriver->domainSetSecurityImageLabel(dom->conn, vm, dev->data.disk);
break;
default:
--
1.6.2.5
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
15 years, 4 months
[libvirt] PATCH Fix QEMU monitor prompt confusion
by Daniel P. Berrange
When you first connect to the QEMU monitor after a VM starts, it will
print out
QEMU 0.10.5 monitor - type 'help' for more information
We already have code to detect & discard this. Unfortunately it seems that
with QEMU >= 0.10.0 it will also print out this prompt when you disconnect
and reconnect to the QEMU monitor. Except it doesn't print this out every
time. It only appears to happen 50% of the time when libvirtd restarts
and reconnects. When it does happen though it totally breaks all future
monitor commands libvirt tries to run.
This patch takes a fairly simple approach to solving it. Before running
any QEMU monitor command, read and discard all pending data. 99% of the
time there will be none, but if there is, this saves us from disaster.
Daniel
diff --git a/src/qemu_driver.c b/src/qemu_driver.c
index 95ea882..fdbbb56 100644
--- a/src/qemu_driver.c
+++ b/src/qemu_driver.c
@@ -1656,6 +1656,28 @@ cleanup:
qemuDriverUnlock(driver);
}
+
+/* Throw away any data available on the monitor
+ * This is done before executing a command, in order
+ * to allow re-synchronization if something went badly
+ * wrong in the past. it also deals with problem of
+ * QEMU *sometimes* re-printing its initial greeting
+ * when we reconnect to the monitor after restarts.
+ */
+static void
+qemuMonitorDiscardPendingData(virDomainObjPtr vm) {
+ char buf[1024];
+ int ret = 0;
+
+ /* Monitor is non-blocking, so just loop till we
+ * get -1 or 0. Don't bother with detecting
+ * errors, since we'll deal with that better later */
+ do {
+ ret = read(vm->monitor, buf, sizeof (buf)-1);
+ } while (ret > 0);
+}
+
+
static int
qemudMonitorCommandExtra(const virDomainObjPtr vm,
const char *cmd,
@@ -1667,6 +1689,8 @@ qemudMonitorCommandExtra(const virDomainObjPtr vm,
size_t cmdlen = strlen(cmd);
size_t extralen = extra ? strlen(extra) : 0;
+ qemuMonitorDiscardPendingData(vm);
+
if (safewrite(vm->monitor, cmd, cmdlen) != cmdlen)
return -1;
if (safewrite(vm->monitor, "\r", 1) != 1)
--
1.6.2.5
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
15 years, 4 months
[libvirt] PATCH: Set stdout/err to /dev/null for spawned children
by Daniel P. Berrange
If passing a 'NULL' to virExec() for the stdout/err file descriptor it
is intended that the child process get connected to /dev/null. This
behaviour was previously broken when built with DEBUG enabled, and with
Amy's recent logging change, it is now permanently broken. The problem
this causes, is that the child process ends up still connected to the
parent app's stderr/out. This causes things like Perl's test harness
to hang waiting for end of file that will never come while libvirtd is
running. THis patch puts virExec back to its original documented behaviour
Daniel
src/util.c | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/src/util.c b/src/util.c
index f82cddc..178ff0c 100644
--- a/src/util.c
+++ b/src/util.c
@@ -376,6 +376,8 @@ __virExec(virConnectPtr conn,
} else {
childout = *outfd;
}
+ } else {
+ childout = null;
}
if (errfd != NULL) {
@@ -403,6 +405,8 @@ __virExec(virConnectPtr conn,
} else {
childerr = *errfd;
}
+ } else {
+ childerr = null;
}
if ((pid = fork()) < 0) {
--
1.6.2.5
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
15 years, 4 months
[libvirt] PATCH: Allow libvirtd autostart to be disabled
by Daniel P. Berrange
When connecting to a non-root libvirt driver, the remote libvirt will
attempt to perform autostart of the libvirtd daemon. This is not always
desirable, particularly in test scripts where you don't want the daemon
autostarted every time it crashes - you want a clear failure
Daniel
src/remote_internal.c | 9 +++++++--
1 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/src/remote_internal.c b/src/remote_internal.c
index 6df0282..77b4810 100644
--- a/src/remote_internal.c
+++ b/src/remote_internal.c
@@ -972,6 +972,7 @@ remoteOpen (virConnectPtr conn,
{
struct private_data *priv;
int ret, rflags = 0;
+ const char *autostart = getenv("LIBVIRT_AUTOSTART");
if (inside_daemon)
return VIR_DRV_OPEN_DECLINED;
@@ -998,7 +999,9 @@ remoteOpen (virConnectPtr conn,
getuid() > 0) {
DEBUG0("Auto-spawn user daemon instance");
rflags |= VIR_DRV_OPEN_REMOTE_USER;
- rflags |= VIR_DRV_OPEN_REMOTE_AUTOSTART;
+ if (!autostart ||
+ STRNEQ(autostart, "0"))
+ rflags |= VIR_DRV_OPEN_REMOTE_AUTOSTART;
}
/*
@@ -1013,7 +1016,9 @@ remoteOpen (virConnectPtr conn,
if (getuid() > 0) {
DEBUG0("Auto-spawn user daemon instance");
rflags |= VIR_DRV_OPEN_REMOTE_USER;
- rflags |= VIR_DRV_OPEN_REMOTE_AUTOSTART;
+ if (!autostart ||
+ STRNEQ(autostart, "0"))
+ rflags |= VIR_DRV_OPEN_REMOTE_AUTOSTART;
}
#endif
}
--
1.6.2.5
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
15 years, 4 months
[libvirt] [PATCH] 1/3 add support for netcf XML import and export
by Daniel Veillard
Basically this implement the routines to read an netcf XML definition
and build the associated internal data structures. It does the checking
of the input XML up to making sure all the needed informations are
availble in the right place, but does not check for extra data. It
should support the full format as defined by interface.rng as of netcf
version 0.1.0, both for input and output.
This is rather repetitive and boring code, so I tried to factorize
things following patterms similar to the one used in the grammar,
the code reflects to a large extent the definition blocks there.
The main data structure is virInterfaceDef, it defines the most
common and shared attributes of all interfaces, the protocol definition
allowed in the schemas is only ipv4 at the moment but with the expected
extension to allow ipv6 in parallel I made a separate structure
(currently embedded in the main one). There is a enum discriminating the
specific structures needed for vlan, bride and bonding, and for the two
last ones, a dynamically allocated array of bare interfaces (which can
be of vlan or ethernet type, merged into a single structure).
This passes valgrind, but since I'm not testing agaisnt misformed
XML input I afraid of potential leaks on exit paths, otherwise this
should be fine.
Daniel
--
Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
daniel(a)veillard.com | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library http://libvirt.org/
15 years, 4 months
[libvirt] Fix svirt handling of shared/readonly disks
by Daniel P. Berrange
The patch committed here
commit 547147084d03ebf30d09d242a5a721a4df664ffe
Author: Mark McLoughlin <markmc(a)redhat.com>
Date: Fri Jul 3 10:26:37 2009 +0000
was not actually the latest version currently used in Fedora. It causes
shared disks to be re-labelled upon VM shutdown, breaking any other
guests still runing with this disk. The only safe option is to skip
relabel for all readonly & shared disks
Daniel
diff --git a/src/security_selinux.c b/src/security_selinux.c
index 80c1c85..0db9f49 100644
--- a/src/security_selinux.c
+++ b/src/security_selinux.c
@@ -354,6 +354,17 @@ SELinuxRestoreSecurityImageLabel(virConnectPtr conn,
char *newpath = NULL;
const char *path = disk->src;
+ /* Don't restore labels on readoly/shared disks, because
+ * other VMs may still be accessing these
+ * Alternatively we could iterate over all running
+ * domains and try to figure out if it is in use, but
+ * this would not work for clustered filesystems, since
+ * we can't see running VMs using the file on other nodes
+ * Safest bet is thus to skip the restore step.
+ */
+ if (disk->readonly || disk->shared)
+ return 0;
+
if ((err = virFileResolveLink(path, &newpath)) < 0) {
virReportSystemError(conn, err,
_("cannot resolve symlink %s"), path);
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
15 years, 4 months
[libvirt] [PATCH] build: submodule machinery now works also when no tag is reachable
by Jim Meyering
Mike Burns wrote:
> I hit an issue with libvirt autobuild. I am running on an F11 machine and the build stage of libvirt--devel is failing.
...
> I talked to danpb and he pointed out that there is a difference between .git-module-status and git submodule status:
>
> <danpb1> $ cat .git-module-status
> <danpb1> -b653eda3ac4864de205419d9f41eec267cb89eeb .gnulib
> <danpb1> git submodule status
> <danpb1> b653eda3ac4864de205419d9f41eec267cb89eeb .gnulib (v0.0-2286-gb653eda)
Hi Mike,
Thanks for the report, and thanks to Dan for looking into it.
Here's a patch:
>From 3d3f1b105e4808d1c02f2132317bf815cf587604 Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering(a)redhat.com>
Date: Wed, 15 Jul 2009 09:54:26 +0200
Subject: [PATCH] build: submodule machinery now works also when no tag is reachable
The code in cfg.mk to detect when the git submodule was out of date
worked most of the time, but not when checked out in a certain way.
* cfg.mk: Extract submodule hash from command output and file,
and compare only that, since the format of the full line may vary.
Reported by Mike Burns, with some diagnosis by Daniel P Berrange.
---
cfg.mk | 14 +++++++++++---
1 files changed, 11 insertions(+), 3 deletions(-)
diff --git a/cfg.mk b/cfg.mk
index 3b3d57f..a5514c4 100644
--- a/cfg.mk
+++ b/cfg.mk
@@ -233,9 +233,17 @@ prev_version_file = /dev/null
ifeq (0,$(MAKELEVEL))
_curr_status = .git-module-status
- _update_required := \
- $(shell t=$$(git submodule status); \
- test "$$t" = "$$(cat $(_curr_status) 2>/dev/null)"; echo $$?)
+ # The sed filter accommodates those who check out on a commit from which
+ # no tag is reachable. In that case, git submodule status prints a "-"
+ # in column 1 and does not print a "git describe"-style string after the
+ # submodule name. Contrast these:
+ # -b653eda3ac4864de205419d9f41eec267cb89eeb .gnulib
+ # b653eda3ac4864de205419d9f41eec267cb89eeb .gnulib (v0.0-2286-gb653eda)
+ _submodule_hash = sed 's/.//;s/ .*//'
+ _update_required := $(shell \
+ actual=$$(git submodule status | $(_submodule_hash)); \
+ stamp="$$($(_submodule_hash) $(_curr_status) 2>/dev/null)"; \
+ test "$$stamp" = "$$actual"; echo $$?)
ifeq (1,$(_update_required))
$(error gnulib update required; run ./autogen.sh first)
endif
--
1.6.4.rc0.127.g81400
15 years, 4 months