August 2009 - Devel - libvirt List Archives

[libvirt] [PATCH] Remove a duplicated assignment in Xen PCI parsing.
by Chris Lalancette 11 Aug '09

11 Aug '09

Signed-off-by: Chris Lalancette <clalance(a)redhat.com> --- src/xm_internal.c | 1 - 1 files changed, 0 insertions(+), 1 deletions(-) diff --git a/src/xm_internal.c b/src/xm_internal.c index b7f9e67..71b852e 100644 --- a/src/xm_internal.c +++ b/src/xm_internal.c @@ -1160,7 +1160,6 @@ xenXMDomainConfigParse(virConnectPtr conn, virConfPtr conf) { goto skippci; /* pci=['0000:00:1b.0','0000:00:13.0'] */ - key = list->str; if (!(key = list->str)) goto skippci; if (!(nextkey = strchr(key, ':'))) -- 1.6.0.6

2 2

[libvirt] vbox save/restore
by Lucian Adrian Grijincu 11 Aug '09

11 Aug '09

Hello, I see that the vbox driver in virDomainSave doesn't use the destination file path and calls vbox's IConsole::SaveState. As I see it IConsole::SaveState is more like a "pause" command: you can save the state you're in and wait for the machine to stop running and you can resume it later. This limits the uses of the vbox support of libvirt. There is another way you can do virDomainSave/virDomainRestore: use snapshots. This way, you can specify the file in which you want to save the snapshot, you can continue to use the machine and do some crazy experiments and then restore the machine to the known good state. As of the current implementation, I don't think there's a way to do this in libvirt. I'd like to know if there's a real reason why virDomainSave is implemented this way (and virDomainRestore is unimplemented), or it just got implemented like this and no one cared much about it. -- . ..: Lucian

3 4

[libvirt] [PATCH] Compressed save image format for Qemu.
by Chris Lalancette 11 Aug '09

11 Aug '09

Implement a compressed save image format for qemu. While ideally we would have the choice between compressed/non-compressed available to the libvirt API, unfortunately there is no "flags" parameter to the virDomainSave() API. Therefore, implement this as a qemu.conf option. Both gzip and bzip2 are implemented, and it should be very easy to implement additional compression methods. One open question is if/how we should detect the gzip and bzip2 binaries. One way to do it is to do compile-time setting of the paths (via configure.in), but that doesn't seem like a great thing to do. Another solution (my preferred solution) is not to detect at all; when we go to run the commands that need them, if they aren't available, or aren't available in one of the standard paths, then we'll fail. Maybe somebody else has another option or opinion, though. In the future, we'll have a more robust (managed) save/restore API, at which time we can expose this functionality properly in the API. V2: get rid of redundant dd command and just use >> to append data. Signed-off-by: Chris Lalancette <clalance(a)redhat.com> --- src/qemu.conf | 10 +++++++ src/qemu_conf.c | 11 ++++++++ src/qemu_conf.h | 2 + src/qemu_driver.c | 71 ++++++++++++++++++++++++++++++++++++++++++++++++++--- 4 files changed, 90 insertions(+), 4 deletions(-) diff --git a/src/qemu.conf b/src/qemu.conf index 653f487..86dcc9d 100644 --- a/src/qemu.conf +++ b/src/qemu.conf @@ -129,3 +129,13 @@ # "/dev/ptmx", "/dev/kvm", "/dev/kqemu", # "/dev/rtc", "/dev/hpet", "/dev/net/tun", #] + +# The default format for Qemu/KVM guest save images is raw; that is, the +# memory from the domain is dumped out directly to a file. If you have +# guests with a large amount of memory, however, this can take up quite +# a bit of space. If you would like to compress the images while they +# are being saved to disk, you can also set "gzip" or "bzip2" for the +# save_image_format. Note that this means you slow down the process +# of saving a domain in order to save disk space. +# +# save_image_format = "raw" diff --git a/src/qemu_conf.c b/src/qemu_conf.c index 7ca5a15..ed87e13 100644 --- a/src/qemu_conf.c +++ b/src/qemu_conf.c @@ -280,6 +280,17 @@ int qemudLoadDriverConfig(struct qemud_driver *driver, driver->cgroupDeviceACL[i] = NULL; } + p = virConfGetValue (conf, "save_image_format"); + CHECK_TYPE ("save_image_format", VIR_CONF_STRING); + if (p && p->str) { + VIR_FREE(driver->saveImageFormat); + if (!(driver->saveImageFormat = strdup(p->str))) { + virReportOOMError(NULL); + virConfFree(conf); + return -1; + } + } + virConfFree (conf); return 0; } diff --git a/src/qemu_conf.h b/src/qemu_conf.h index 8f4ef6a..e34baab 100644 --- a/src/qemu_conf.h +++ b/src/qemu_conf.h @@ -111,6 +111,8 @@ struct qemud_driver { char *securityDriverName; virSecurityDriverPtr securityDriver; + + char *saveImageFormat; }; diff --git a/src/qemu_driver.c b/src/qemu_driver.c index 3c92635..b146330 100644 --- a/src/qemu_driver.c +++ b/src/qemu_driver.c @@ -3437,11 +3437,26 @@ static int qemudDomainSave(virDomainPtr dom, struct qemud_save_header header; int ret = -1; virDomainEventPtr event = NULL; + int internalret; memset(&header, 0, sizeof(header)); memcpy(header.magic, QEMUD_SAVE_MAGIC, sizeof(header.magic)); header.version = QEMUD_SAVE_VERSION; + if (driver->saveImageFormat == NULL) + header.compressed = QEMUD_SAVE_FORMAT_RAW; + else if (STREQ(driver->saveImageFormat, "raw")) + header.compressed = QEMUD_SAVE_FORMAT_RAW; + else if (STREQ(driver->saveImageFormat, "gzip")) + header.compressed = QEMUD_SAVE_FORMAT_GZIP; + else if (STREQ(driver->saveImageFormat, "bzip2")) + header.compressed = QEMUD_SAVE_FORMAT_BZIP2; + else { + qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED, + "%s", _("Invalid save image format specified in configuration file")); + return -1; + } + qemuDriverLock(driver); vm = virDomainFindByUUID(&driver->domains, dom->uuid); @@ -3514,11 +3529,25 @@ static int qemudDomainSave(virDomainPtr dom, virReportOOMError(dom->conn); goto cleanup; } - if (virAsprintf(&command, "migrate \"exec:" - "dd of='%s' oflag=append conv=notrunc 2>/dev/null" - "\"", safe_path) == -1) { + + if (header.compressed == QEMUD_SAVE_FORMAT_RAW) + internalret = virAsprintf(&command, "migrate \"exec:" + "dd of='%s' oflag=append conv=notrunc 2>/dev/null" + "\"", safe_path); + else if (header.compressed == QEMUD_SAVE_FORMAT_GZIP) + internalret = virAsprintf(&command, "migrate \"exec:" + "gzip -c >> '%s' 2>/dev/null\"", safe_path); + else if (header.compressed == QEMUD_SAVE_FORMAT_BZIP2) + internalret = virAsprintf(&command, "migrate \"exec:" + "bzip2 -c >> '%s' 2>/dev/null\"", safe_path); + else { + qemudReportError(dom->conn, dom, NULL, VIR_ERR_INTERNAL_ERROR, + _("Invalid compress format %d"), + header.compressed); + goto cleanup; + } + if (internalret < 0) { virReportOOMError(dom->conn); - command = NULL; goto cleanup; } @@ -4039,6 +4068,9 @@ static int qemudDomainRestore(virConnectPtr conn, char *xml = NULL; struct qemud_save_header header; virDomainEventPtr event = NULL; + int intermediatefd = -1; + pid_t intermediate_pid = -1; + int childstat; qemuDriverLock(driver); /* Verify the header and read the XML */ @@ -4128,8 +4160,39 @@ static int qemudDomainRestore(virConnectPtr conn, } def = NULL; + if (header.version == 2) { + const char *intermediate_argv[3] = { NULL, "-dc", NULL }; + if (header.compressed == QEMUD_SAVE_FORMAT_GZIP) + intermediate_argv[0] = "gzip"; + else if (header.compressed == QEMUD_SAVE_FORMAT_BZIP2) + intermediate_argv[0] = "bzip2"; + else if (header.compressed != QEMUD_SAVE_FORMAT_RAW) { + qemudReportError(conn, NULL, NULL, VIR_ERR_OPERATION_FAILED, + _("Unknown compressed save format %d"), + header.compressed); + goto cleanup; + } + if (intermediate_argv[0] != NULL) { + intermediatefd = fd; + fd = -1; + if (virExec(conn, intermediate_argv, NULL, NULL, + &intermediate_pid, intermediatefd, &fd, NULL, 0) < 0) { + qemudReportError(conn, NULL, NULL, VIR_ERR_INTERNAL_ERROR, + _("Failed to start decompression binary %s"), + intermediate_argv[0]); + goto cleanup; + } + } + } /* Set the migration source and start it up. */ ret = qemudStartVMDaemon(conn, driver, vm, "stdio", fd); + if (intermediate_pid != -1) { + /* Wait for intermediate process to exit */ + while (waitpid(intermediate_pid, &childstat, 0) == -1 && + errno == EINTR); + } + if (intermediatefd != -1) + close(intermediatefd); close(fd); fd = -1; if (ret < 0) { -- 1.6.0.6

2 2

[libvirt] [PATCH] Remove use of strncpy in qemudExtractMonitorPath.
by Chris Lalancette 11 Aug '09

11 Aug '09

qemudExtractMonitorPath() was doing a VIR_ALLOC_N followed by a strncpy. However, this isn't necessary; we can do the same thing using virAsprintf(), which is much safer. Signed-off-by: Chris Lalancette <clalance(a)redhat.com> --- src/qemu_driver.c | 7 ++++--- 1 files changed, 4 insertions(+), 3 deletions(-) diff --git a/src/qemu_driver.c b/src/qemu_driver.c index 55a09f5..37fdec2 100644 --- a/src/qemu_driver.c +++ b/src/qemu_driver.c @@ -1017,12 +1017,13 @@ qemudExtractMonitorPath(virConnectPtr conn, */ while (*tmp) { if (c_isspace(*tmp)) { - if (VIR_ALLOC_N(*path, (tmp-dev)+1) < 0) { + if (virAsprintf(path, "%s", dev) < 0) { virReportOOMError(conn); return -1; } - strncpy(*path, dev, (tmp-dev)); - (*path)[(tmp-dev)] = '\0'; + /* the last character is a \n, so back up one to overwrite */ + (*path)[tmp-dev] = '\0'; + /* ... now further update offset till we get EOL */ *offset = tmp - haystack; return 0; -- 1.6.0.6

2 1

[libvirt] [PATCH] Convert one use of strncpy + strcat to snprintf in test driver.
by Chris Lalancette 11 Aug '09

11 Aug '09

Signed-off-by: Chris Lalancette <clalance(a)redhat.com> --- src/test.c | 5 ++--- 1 files changed, 2 insertions(+), 3 deletions(-) diff --git a/src/test.c b/src/test.c index 470816b..ab6cfdf 100644 --- a/src/test.c +++ b/src/test.c @@ -417,9 +417,8 @@ static char *testBuildFilename(const char *relativeTo, char *absFile; if (VIR_ALLOC_N(absFile, baseLen + strlen(filename) + 1) < 0) return NULL; - strncpy(absFile, relativeTo, baseLen); - absFile[baseLen] = '\0'; - strcat(absFile, filename); + snprintf(absFile, baseLen + strlen(filename) + 1, "%s%s", + relativeTo, filename); return absFile; } else { return strdup(filename); -- 1.6.0.6

2 1

[libvirt] [PATCH] Error path mutex unlock in virGetStorageVol.
by Chris Lalancette 11 Aug '09

11 Aug '09

Signed-off-by: Chris Lalancette <clalance(a)redhat.com> --- src/datatypes.c | 5 +---- 1 files changed, 1 insertions(+), 4 deletions(-) diff --git a/src/datatypes.c b/src/datatypes.c index 1889dc3..ac61682 100644 --- a/src/datatypes.c +++ b/src/datatypes.c @@ -863,19 +863,16 @@ virGetStorageVol(virConnectPtr conn, const char *pool, const char *name, const c ret = (virStorageVolPtr) virHashLookup(conn->storageVols, key); if (ret == NULL) { if (VIR_ALLOC(ret) < 0) { - virMutexUnlock(&conn->lock); virReportOOMError(conn); goto error; } ret->pool = strdup(pool); if (ret->pool == NULL) { - virMutexUnlock(&conn->lock); virReportOOMError(conn); goto error; } ret->name = strdup(name); if (ret->name == NULL) { - virMutexUnlock(&conn->lock); virReportOOMError(conn); goto error; } @@ -885,7 +882,6 @@ virGetStorageVol(virConnectPtr conn, const char *pool, const char *name, const c ret->conn = conn; if (virHashAddEntry(conn->storageVols, key, ret) < 0) { - virMutexUnlock(&conn->lock); virLibConnError(conn, VIR_ERR_INTERNAL_ERROR, "%s", _("failed to add storage vol to connection hash table")); goto error; @@ -897,6 +893,7 @@ virGetStorageVol(virConnectPtr conn, const char *pool, const char *name, const c return(ret); error: + virMutexUnlock(&conn->lock); if (ret != NULL) { VIR_FREE(ret->name); VIR_FREE(ret->pool); -- 1.6.0.6

2 1

[libvirt] Crash while using virConnectRef
by Chris Lalancette 11 Aug '09

11 Aug '09

All, I've been doing some testing of the virConnectRef() function, and as far as I can tell, it's busted. Here's the simple example program I'm using: #include <stdio.h> #include <stdlib.h> #include <libvirt/libvirt.h> #include <unistd.h> int main(int argc, char *argv[]) { virConnectPtr conn; conn = virConnectOpen(NULL); printf("type is %s\n",virConnectGetType(conn)); virConnectRef(conn); virConnectClose(conn); virConnectClose(conn); return 0; } When compiling and running this program, I get a segfault during the *second* virConnectClose(). The crash comes in the remote_internal driver, because the first virConnectClose() actually freed up the remote_internal private memory, and now the second one comes along and accesses a NULL pointer. I think this actually points to a bug in virConnectClose(); we shouldn't be running the ->close() callbacks on the drivers until we are going to be really closing up the driver, i.e. we should move all of the ->close() callbacks into virUnrefConnect(). Is that the right way to fix this? -- Chris Lalancette

2 1

[libvirt] [PATCH] Handle kernels with no ipv6 support
by Mark McLoughlin 11 Aug '09

11 Aug '09

If the ipv6 kernel module is not loaded, then we get this when starting a virtual network: libvir: Network Config error : cannot enable /proc/sys/net/ipv6/conf/virbr0/disable_ipv6: No such file or directory If disable_ipv6 is not present, we should just merrily continue on our way. * src/network_driver.c: make networkDisableIPV6() not fail if the kernel has no ipv6 support --- src/network_driver.c | 6 ++++++ 1 files changed, 6 insertions(+), 0 deletions(-) diff --git a/src/network_driver.c b/src/network_driver.c index eaea454..84910ab 100644 --- a/src/network_driver.c +++ b/src/network_driver.c @@ -801,6 +801,12 @@ static int networkDisableIPV6(virConnectPtr conn, goto cleanup; } + if (access(field, W_OK) < 0 && errno == ENOENT) { + VIR_DEBUG("ipv6 appears to already be disabled on %s", network->def->bridge); + ret = 0; + goto cleanup; + } + if (virFileWriteStr(field, "1") < 0) { virReportSystemError(conn, errno, _("cannot enable %s"), field); -- 1.6.2.5

3 2

[libvirt] does libvirt support qemu-kvm vmchannel option?
by cyliu7 11 Aug '09

11 Aug '09

Hi all, I noticed that qemu-kvm support an option vmchannel (-net channel ...) to create a new device to communicate between host and guest. does libvirt support this option when creating a KVM based VM. if so, how to config the VM? is there any sample to show this feature? any suggestions are greatly appreciated. Regards, ------------------------ Chunyang Liu

2 1

[libvirt] PATCH: Support PolicyKit 1.0
by Daniel P. Berrange 10 Aug '09

10 Aug '09

In the seriously annoying way of things, the newest PolicyKit in Fedora 12 has been completely re-written from scratch with a totally incompatible application facing API. Conceptually it is still pretty similar though, with the exception that client applications no longer need to explicitly launch an auth dialog - that's done out-of-band by policykit itself. This patch adjusts libvirtd to the new API, and removes the libvirt client side code that spawned the auth helper. On the libvirtd side avoid their APIs and instead spawn an external auth checking program 'pkcheck', which returns 0 on success, non-0 for denial. In the final annoying bit, the XML format for the policy has remained with exactly the same DTD version, except that it has quietly changed the allowed values for some attributes in an incompatible manner. So I have to add a new policy file too. NB, it may not look like we've changed the client side, but we have, since the #ifdef for the external auth agent is no longer set. Tested with old policy kit, and new policykit, and with none at all. b/configure.in | 73 +++++++++++++++++++++++++++-------------- b/qemud/Makefile.am | 11 +++++- b/qemud/libvirtd.policy-0 | 42 +++++++++++++++++++++++ b/qemud/libvirtd.policy-1 | 42 +++++++++++++++++++++++ b/qemud/qemud.c | 4 +- b/qemud/qemud.h | 4 +- b/qemud/remote.c | 81 +++++++++++++++++++++++++++++++++++++++++++--- qemud/libvirtd.policy | 42 ----------------------- 8 files changed, 223 insertions(+), 76 deletions(-) Regards, Daniel diff --git a/configure.in b/configure.in index b905b23..77d6c9e 100644 --- a/configure.in +++ b/configure.in @@ -607,40 +607,61 @@ AC_SUBST([SASL_LIBS]) dnl PolicyKit library POLKIT_CFLAGS= POLKIT_LIBS= +PKCHECK_PATH= AC_ARG_WITH([polkit], [ --with-polkit use PolicyKit for UNIX socket access checks], [], [with_polkit=check]) +with_polkit0=no +with_polkit1=no if test "x$with_polkit" = "xyes" -o "x$with_polkit" = "xcheck"; then - PKG_CHECK_MODULES(POLKIT, polkit-dbus >= $POLKIT_REQUIRED, - [with_polkit=yes], [ - if test "x$with_polkit" = "xcheck" ; then - with_polkit=no - else - AC_MSG_ERROR( - [You must install PolicyKit >= $POLKIT_REQUIRED to compile libvirt]) - fi - ]) - if test "x$with_polkit" = "xyes" ; then + dnl Check for new polkit first - just a binary + AC_PATH_PROG([PKCHECK_PATH],[pkcheck], [], [/usr/sbin:$PATH]) + if test "x$PKCHECK_PATH" != "x" ; then + AC_DEFINE_UNQUOTED([PKCHECK_PATH],["$PKCHECK_PATH"],[Location of pkcheck program]) AC_DEFINE_UNQUOTED([HAVE_POLKIT], 1, - [use PolicyKit for UNIX socket access checks]) - - old_CFLAGS=$CFLAGS - old_LDFLAGS=$LDFLAGS - CFLAGS="$CFLAGS $POLKIT_CFLAGS" - LDFLAGS="$LDFLAGS $POLKIT_LIBS" - AC_CHECK_FUNCS([polkit_context_is_caller_authorized]) - CFLAGS="$old_CFLAGS" - LDFLAGS="$old_LDFLAGS" - - AC_PATH_PROG([POLKIT_AUTH], [polkit-auth]) - if test "x$POLKIT_AUTH" != "x"; then - AC_DEFINE_UNQUOTED([POLKIT_AUTH],["$POLKIT_AUTH"],[Location of polkit-auth program]) + [use PolicyKit for UNIX socket access checks]) + AC_DEFINE_UNQUOTED([HAVE_POLKIT1], 1, + [use PolicyKit for UNIX socket access checks]) + with_polkit="yes" + with_polkit1="yes" + else + dnl Check for old polkit second - library + binary + PKG_CHECK_MODULES(POLKIT, polkit-dbus >= $POLKIT_REQUIRED, + [with_polkit=yes], [ + if test "x$with_polkit" = "xcheck" ; then + with_polkit=no + else + AC_MSG_ERROR( + [You must install PolicyKit >= $POLKIT_REQUIRED to compile libvirt]) + fi + ]) + if test "x$with_polkit" = "xyes" ; then + AC_DEFINE_UNQUOTED([HAVE_POLKIT], 1, + [use PolicyKit for UNIX socket access checks]) + AC_DEFINE_UNQUOTED([HAVE_POLKIT0], 1, + [use PolicyKit for UNIX socket access checks]) + + old_CFLAGS=$CFLAGS + old_LDFLAGS=$LDFLAGS + CFLAGS="$CFLAGS $POLKIT_CFLAGS" + LDFLAGS="$LDFLAGS $POLKIT_LIBS" + AC_CHECK_FUNCS([polkit_context_is_caller_authorized]) + CFLAGS="$old_CFLAGS" + LDFLAGS="$old_LDFLAGS" + + AC_PATH_PROG([POLKIT_AUTH], [polkit-auth]) + if test "x$POLKIT_AUTH" != "x"; then + AC_DEFINE_UNQUOTED([POLKIT_AUTH],["$POLKIT_AUTH"],[Location of polkit-auth program]) + fi + with_polkit0="yes" fi fi fi AM_CONDITIONAL([HAVE_POLKIT], [test "x$with_polkit" = "xyes"]) +AM_CONDITIONAL([HAVE_POLKIT0], [test "x$with_polkit0" = "xyes"]) +AM_CONDITIONAL([HAVE_POLKIT1], [test "x$with_polkit1" = "xyes"]) AC_SUBST([POLKIT_CFLAGS]) AC_SUBST([POLKIT_LIBS]) @@ -1621,7 +1642,11 @@ else AC_MSG_NOTICE([ avahi: no]) fi if test "$with_polkit" = "yes" ; then -AC_MSG_NOTICE([ polkit: $POLKIT_CFLAGS $POLKIT_LIBS]) +if test "$with_polkit0" = "yes" ; then +AC_MSG_NOTICE([ polkit: $POLKIT_CFLAGS $POLKIT_LIBS (version 0)]) +else +AC_MSG_NOTICE([ polkit: $PKCHECK_PATH (version 1)]) +fi else AC_MSG_NOTICE([ polkit: no]) fi diff --git a/qemud/Makefile.am b/qemud/Makefile.am index 959ff88..3d143da 100644 --- a/qemud/Makefile.am +++ b/qemud/Makefile.am @@ -21,7 +21,8 @@ EXTRA_DIST = \ remote_protocol.x \ libvirtd.conf \ libvirtd.init.in \ - libvirtd.policy \ + libvirtd.policy-0 \ + libvirtd.policy-1 \ libvirtd.sasl \ libvirtd.sysconf \ libvirtd.aug \ @@ -147,7 +148,13 @@ endif libvirtd_LDADD += ../src/libvirt.la if HAVE_POLKIT +if HAVE_POLKIT0 policydir = $(datadir)/PolicyKit/policy +policyfile = libvirtd.policy-0 +else +policydir = $(datadir)/polkit-1/actions +policyfile = libvirtd.policy-1 +endif endif if HAVE_AVAHI @@ -197,7 +204,7 @@ endif if HAVE_POLKIT install-data-polkit:: install-init mkdir -p $(DESTDIR)$(policydir) - $(INSTALL_DATA) $(srcdir)/libvirtd.policy $(DESTDIR)$(policydir)/org.libvirt.unix.policy + $(INSTALL_DATA) $(srcdir)/$(policyfile) $(DESTDIR)$(policydir)/org.libvirt.unix.policy uninstall-data-polkit:: install-init rm -f $(DESTDIR)$(policydir)/org.libvirt.unix.policy else diff --git a/qemud/libvirtd.policy b/qemud/libvirtd.policy deleted file mode 100644 index b6da946..0000000 --- a/qemud/libvirtd.policy +++ /dev/null @@ -1,42 +0,0 @@ -<!DOCTYPE policyconfig PUBLIC - "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" - "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd"> - - - -<policyconfig> - <action id="org.libvirt.unix.monitor"> - <description>Monitor local virtualized systems</description> - <message>System policy prevents monitoring of local virtualized systems</message> - <defaults> -  - <allow_any>yes</allow_any> - <allow_inactive>yes</allow_inactive> - <allow_active>yes</allow_active> - </defaults> - </action> - - <action id="org.libvirt.unix.manage"> - <description>Manage local virtualized systems</description> - <message>System policy prevents management of local virtualized systems</message> - <defaults> -  - <allow_any>no</allow_any> - <allow_inactive>no</allow_inactive> - <allow_active>auth_admin_keep_session</allow_active> - </defaults> - </action> -</policyconfig> diff --git a/qemud/libvirtd.policy-0 b/qemud/libvirtd.policy-0 new file mode 100644 index 0000000..b6da946 --- /dev/null +++ b/qemud/libvirtd.policy-0 @@ -0,0 +1,42 @@ +<!DOCTYPE policyconfig PUBLIC + "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" + "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd"> + + + +<policyconfig> + <action id="org.libvirt.unix.monitor"> + <description>Monitor local virtualized systems</description> + <message>System policy prevents monitoring of local virtualized systems</message> + <defaults> +  + <allow_any>yes</allow_any> + <allow_inactive>yes</allow_inactive> + <allow_active>yes</allow_active> + </defaults> + </action> + + <action id="org.libvirt.unix.manage"> + <description>Manage local virtualized systems</description> + <message>System policy prevents management of local virtualized systems</message> + <defaults> +  + <allow_any>no</allow_any> + <allow_inactive>no</allow_inactive> + <allow_active>auth_admin_keep_session</allow_active> + </defaults> + </action> +</policyconfig> diff --git a/qemud/libvirtd.policy-1 b/qemud/libvirtd.policy-1 new file mode 100644 index 0000000..6fa3a5e --- /dev/null +++ b/qemud/libvirtd.policy-1 @@ -0,0 +1,42 @@ +<!DOCTYPE policyconfig PUBLIC + "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" + "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd"> + + + +<policyconfig> + <action id="org.libvirt.unix.monitor"> + <description>Monitor local virtualized systems</description> + <message>System policy prevents monitoring of local virtualized systems</message> + <defaults> +  + <allow_any>yes</allow_any> + <allow_inactive>yes</allow_inactive> + <allow_active>yes</allow_active> + </defaults> + </action> + + <action id="org.libvirt.unix.manage"> + <description>Manage local virtualized systems</description> + <message>System policy prevents management of local virtualized systems</message> + <defaults> +  + <allow_any>no</allow_any> + <allow_inactive>no</allow_inactive> + <allow_active>auth_admin_keep</allow_active> + </defaults> + </action> +</policyconfig> diff --git a/qemud/qemud.c b/qemud/qemud.c index 3e551ca..50b0cdd 100644 --- a/qemud/qemud.c +++ b/qemud/qemud.c @@ -895,7 +895,7 @@ static struct qemud_server *qemudNetworkInit(struct qemud_server *server) { } #endif -#ifdef HAVE_POLKIT +#if HAVE_POLKIT0 if (auth_unix_rw == REMOTE_AUTH_POLKIT || auth_unix_ro == REMOTE_AUTH_POLKIT) { DBusError derr; @@ -982,7 +982,7 @@ static struct qemud_server *qemudNetworkInit(struct qemud_server *server) { sock = sock->next; } -#ifdef HAVE_POLKIT +#if HAVE_POLKIT0 if (server->sysbus) dbus_connection_unref(server->sysbus); #endif diff --git a/qemud/qemud.h b/qemud/qemud.h index 254db44..e8ce209 100644 --- a/qemud/qemud.h +++ b/qemud/qemud.h @@ -34,7 +34,7 @@ #include <sasl/sasl.h> #endif -#ifdef HAVE_POLKIT +#if HAVE_POLKIT0 #include <dbus/dbus.h> #endif @@ -253,7 +253,7 @@ struct qemud_server { #if HAVE_SASL char **saslUsernameWhitelist; #endif -#if HAVE_POLKIT +#if HAVE_POLKIT0 DBusConnection *sysbus; #endif }; diff --git a/qemud/remote.c b/qemud/remote.c index d32d513..490a807 100644 --- a/qemud/remote.c +++ b/qemud/remote.c @@ -43,7 +43,7 @@ #include <fnmatch.h> #include "virterror_internal.h" -#ifdef HAVE_POLKIT +#if HAVE_POLKIT0 #include <polkit/polkit.h> #include <polkit-dbus/polkit-dbus.h> #endif @@ -3106,7 +3106,80 @@ remoteDispatchAuthSaslStep (struct qemud_server *server ATTRIBUTE_UNUSED, #endif /* HAVE_SASL */ -#if HAVE_POLKIT +#if HAVE_POLKIT1 +static int +remoteDispatchAuthPolkit (struct qemud_server *server, + struct qemud_client *client, + virConnectPtr conn ATTRIBUTE_UNUSED, + remote_error *rerr, + void *args ATTRIBUTE_UNUSED, + remote_auth_polkit_ret *ret) +{ + pid_t callerPid; + uid_t callerUid; + const char *action; + int status = -1; + char pidbuf[50]; + int rv; + + virMutexLock(&server->lock); + virMutexLock(&client->lock); + virMutexUnlock(&server->lock); + + action = client->readonly ? + "org.libvirt.unix.monitor" : + "org.libvirt.unix.manage"; + + const char * const pkcheck [] = { + PKCHECK_PATH, + "--action-id", action, + "--process", pidbuf, + "--allow-user-interaction", + NULL + }; + + REMOTE_DEBUG("Start PolicyKit auth %d", client->fd); + if (client->auth != REMOTE_AUTH_POLKIT) { + VIR_ERROR0(_("client tried invalid PolicyKit init request")); + goto authfail; + } + + if (qemudGetSocketIdentity(client->fd, &callerUid, &callerPid) < 0) { + VIR_ERROR0(_("cannot get peer socket identity")); + goto authfail; + } + + VIR_INFO(_("Checking PID %d running as %d"), callerPid, callerUid); + + rv = snprintf(pidbuf, sizeof pidbuf, "%d", callerPid); + if (rv < 0 || rv >= sizeof pidbuf) { + VIR_ERROR(_("Caller PID was too large %d"), callerPid); + goto authfail; + } + + if (virRun(NULL, pkcheck, &status) < 0) { + VIR_ERROR(_("Cannot invoke %s"), PKCHECK_PATH); + goto authfail; + } + if (status != 0) { + VIR_ERROR(_("Policy kit denied action %s from pid %d, uid %d, result: %d\n"), + action, callerPid, callerUid, status); + goto authfail; + } + VIR_INFO(_("Policy allowed action %s from pid %d, uid %d"), + action, callerPid, callerUid); + ret->complete = 1; + client->auth = REMOTE_AUTH_NONE; + + virMutexUnlock(&client->lock); + return 0; + +authfail: + remoteDispatchAuthError(rerr); + virMutexUnlock(&client->lock); + return -1; +} +#elif HAVE_POLKIT0 static int remoteDispatchAuthPolkit (struct qemud_server *server, struct qemud_client *client, @@ -3217,7 +3290,7 @@ authfail: return -1; } -#else /* HAVE_POLKIT */ +#else /* !HAVE_POLKIT0 & !HAVE_POLKIT1*/ static int remoteDispatchAuthPolkit (struct qemud_server *server ATTRIBUTE_UNUSED, @@ -3231,7 +3304,7 @@ remoteDispatchAuthPolkit (struct qemud_server *server ATTRIBUTE_UNUSED, remoteDispatchAuthError(rerr); return -1; } -#endif /* HAVE_POLKIT */ +#endif /* HAVE_POLKIT1 */ /*************************************************************** -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|

2 1