[libvirt] dnsmasq, dhcp - bug or feature
by Zdenek Styblik
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello list,
I have network definition like this:
<network>
<name>default</name>
<uuid>5539715b-ae89-c15c-aa2e-2f5a7afd55b8</uuid>
<forward mode='route'/>
<bridge name='virbr0' stp='on' delay='0' />
<ip address='10.117.9.1' netmask='255.255.255.224'>
</ip>
</network>
and I would assume it means DHCP is off. Even virt-manager claims it's
off, yet dnsmasq gets started every time. And what's "worse", it's
giving away IP addresses.
So, I'm wondering if it's bug or feature or have I missed something? :o)
libvirt version is 0.8.4 as I haven't upgraded to 0.8.5 yet.
Thanks for reply and have a nice weekend,
Zdenek Styblik
- --
Zdenek Styblik
Net/Linux admin
OS TurnovFree.net
email: stybla(a)turnovfree.net
jabber: stybla(a)jabber.turnovfree.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkyTx74ACgkQ8MreUbSH7il8agCfRHP4IbW8t4MheQs5JIU4xGgE
SmgAni4XwNdfYfYTq2hc1F99Y7sbPyeD
=CebK
-----END PGP SIGNATURE-----
14 years, 2 months
Re: [libvirt] RFC [3/3]: Lock manager usage scenarios
by Ayal Baron
----- "Daniel P. Berrange" <berrange(a)redhat.com> wrote:
> On Tue, Sep 14, 2010 at 05:03:21PM -0400, Ayal Baron wrote:
> >
> > ----- "Daniel P. Berrange" <berrange(a)redhat.com> wrote:
> >
> > >
> > > That is probably possible with the current security driver
> > > implementations
> > > but more generally I think it will still hit some trouble.
> > > Specifically
> > > one of the items on our todo list is a new security driver that
> makes
> > > use
> > > of Linux container namespace functionality to isolate the VMs, so
> they
> > >
> > > can't even see other resources / processes on the host. This may
> well
> > > prevent the sync manager wrapper talking to a central sync mnager
> > > process
> > > The general rule we aim for is that once libvirtd has spawned a
> VM
> > > they
> > > are completely isolated with exception of any disks marked with
> > > <shareable/>
> > > In other words, any communictions channels must be
> > > initiated/established
> > > by the mgmt layer to the VM process, with nothing to be
> established in
> > > the
> > > reverse direction.
> > Correct me if I'm wrong, but the security limitations (selinux
> context)
> > would only take effect after the "exec", no? so the process could
> still
> > communicate with the daemon, open an FD and then exec. After exec,
> the
> > VM would be locked down but the daemon could still wait on the FD to
> see
> > whether VM has died.
>
> It depends on which exec you are talking about here. If the comms to
> the daemon are done straight from the libvirtd plugin, then it would
> still be unrestricted. If the comms were done from the supervisor
> process, it would be restricted.
>
> Daniel
I'm talking about the supervisor. You said you spoke to Dan Walsh and that the supervisor and qemu processes could get different contexts. Now you're saying the supervisor would be restricted nonetheless. What am I missing?
> --
> |: Red Hat, Engineering, London -o-
> http://people.redhat.com/berrange/ :|
> |: http://libvirt.org -o- http://virt-manager.org -o-
> http://deltacloud.org :|
> |: http://autobuild.org -o-
> http://search.cpan.org/~danberr/ :|
> |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B
> 9505 :|
14 years, 2 months
[libvirt] [PATCH 0/3] Experimental support for DTrace probes
by Daniel P. Berrange
This patchset provides the infrastructure for supporting dynamic
probing of libvirtd, using static DTrace markers. This can be
used by SystemTAP on Linux, or DTrace on Solaris/OS-X/BSD for
low overhead tracing.
The proof of concept provides a handful of markers wrt to network
client connections, security & auth. Obviously it can be expanded
to cover a huge area of our codebase for different tasks. The
hard bit is deciding what should be exposed as a probe point.
Ideally probes should not be changed/removed once added, since
this would break any user tracing scripts. So a little care needs
to be taken in placing probes to be robust against future code
re-factoring.
Daniel
14 years, 2 months
[libvirt] [PATCH 0/2] tests: silence qemuargv2xmltest
by Eric Blake
Oh well, this missed the 0.8.4 deadline. This cleanup has already been
mentioned for some time on the list, and I finally got it done.
Eric Blake (2):
tests: clean up qemuargv2xmltest
tests: silence qemuargv2xmltest noise
tests/qemuargv2xmltest.c | 200 +++++++++++++++++++++++++++-------------------
1 files changed, 117 insertions(+), 83 deletions(-)
--
1.7.2.2
14 years, 2 months
[libvirt] [PATCH] docs: reworked the policykit patch submitted by Patrick Dignan
by Justin Clift
Tweaked the PolicyKit documentation improvement patch submitted
by Patrick Dignan.
Additionally, removed the reference to PolicyKit.conf, which is
no longer used by PolicyKit, plus added a link to the expanded
PolicyKit example page on the wiki.
---
The concept submitted was both valid and useful, but the keyswords in
the "Result*" lines are case sensitive, so the example provided
didn't work.
docs/auth.html.in | 42 ++++++++++++++++++++----------------------
1 files changed, 20 insertions(+), 22 deletions(-)
diff --git a/docs/auth.html.in b/docs/auth.html.in
index ab6c3e9..13731eb 100644
--- a/docs/auth.html.in
+++ b/docs/auth.html.in
@@ -65,29 +65,27 @@ auth, but does not require that the client application ultimately run as root.
Default policy will still allow any application to connect to the RO socket.
</p>
<p>
-The default policy can be overridden by the administrator using the PolicyKit
-master configuration file in <code>/etc/PolicyKit/PolicyKit.conf</code>. The
-<code>PolicyKit.conf(5)</code> manual page provides details on the syntax
-available. The two libvirt daemon actions available are named <code>org.libvirt.unix.monitor</code>
-for the RO socket, and <code>org.libvirt.unix.manage</code> for the RW socket.
-</p>
+The default policy can be overridden by creating a new policy file in the
+local override directory <code>/etc/polkit-1/localauthority/50-local.d/</code>.
+Policy files should have a unique name ending with .pkla. Using reverse DNS
+naming works well. Information on the options available can be found by
+reading the pklocalauthority man page. The two libvirt daemon actions
+available are named <code>org.libvirt.unix.manage</code> for full management
+access, and <code>org.libvirt.unix.monitor</code> for read-only access.
+ </p>
<p>
-As an example, to allow a user <code>fred</code> full access to the RW socket,
-while requiring <code>joe</code> to authenticate with the admin password,
-would require adding the following snippet to <code>PolicyKit.conf</code>.
-</p>
- <pre>
- <match action="org.libvirt.unix.manage">
- <match user="fred">
- <return result="yes"/>
- </match>
- </match>
- <match action="org.libvirt.unix.manage">
- <match user="joe">
- <return result="auth_admin"/>
- </match>
- </match>
-</pre>
+As an example, this gives the user <code>fred</code> full management access:
+ </p>
+<pre>[Allow fred libvirt management permissions]
+Identity=unix-user:fred
+Action=org.libvirt.unix.manage
+ResultAny=yes
+ResultInactive=yes
+ResultActive=yes</pre>
+ <p>
+Further examples of PolicyKit setup can be found on the
+<a href="http://wiki.libvirt.org/page/SSHPolicyKitSetup">wiki page</a>.
+ </p>
<h3><a name="ACL_server_username">Username/password auth</a></h3>
<p>
The plain TCP socket of the libvirt daemon defaults to using SASL for authentication.
--
1.7.2.3
14 years, 2 months
[libvirt] [PATCH] docs: fix the xml validity errors regarding name and id
by Justin Clift
Got sick of seeing the "validity error : ID Objects already defined"
errors, which this patch addresses.
---
docs/api.html.in | 8 ++++----
docs/architecture.html.in | 6 +++---
docs/downloads.html.in | 2 +-
docs/remote.html.in | 30 +++++++++++++++---------------
docs/storage.html.in | 16 ++++++++--------
docs/uri.html.in | 24 ++++++++++++------------
6 files changed, 43 insertions(+), 43 deletions(-)
diff --git a/docs/api.html.in b/docs/api.html.in
index 4b6a529..c9c0c67 100644
--- a/docs/api.html.in
+++ b/docs/api.html.in
@@ -19,7 +19,7 @@
<a href="#Remote">Daemon and remote access</a>
</li>
</ul>
- <h2><a name="Objects" id="Objects">Objects exposed</a></h2>
+ <h2><a name="Objects" id="id-Objects">Objects exposed</a></h2>
<p> As defined in the <a href="goals.html">goals section</a>, libvirt
API need to expose all the resources needed to manage the virtualization
support of recent operating systems. The first object manipulated though
@@ -85,7 +85,7 @@
set of nodes.</li>
</ul>
- <h2><a name="Functions" id="Functions">Functions and naming
+ <h2><a name="Functions" id="id-Functions">Functions and naming
conventions</a></h2>
<p> The naming of the functions present in the library is usually
made of a prefix describing the object associated to the function
@@ -120,13 +120,13 @@
</ul>
<p> For more in-depth details of the storage related APIs see
<a href="storage.html">the storage management page</a>,
- <h2><a name="Driver" id="Driver">The libvirt drivers</a></h2>
+ <h2><a name="Driver" id="id-Driver">The libvirt drivers</a></h2>
<p></p>
<p class="image">
<img alt="The libvirt driver architecture"
src="libvirt-driver-arch.png"/>
</p>
- <h2><a name="Remote" id="Remote">Daemon and remote access</a></h2>
+ <h2><a name="Remote" id="id-Remote">Daemon and remote access</a></h2>
<p></p>
<p class="image">
<img alt="The libvirt daemon and remote architecture"
diff --git a/docs/architecture.html.in b/docs/architecture.html.in
index f5cc520..c147435 100644
--- a/docs/architecture.html.in
+++ b/docs/architecture.html.in
@@ -16,7 +16,7 @@ engines:</p>
</li>
</ul>
<h3>
- <a name="Xen" id="Xen">Libvirt Xen support</a>
+ <a name="Xen" id="id-Xen">Libvirt Xen support</a>
</h3>
<p>When running in a Xen environment, programs using libvirt have to execute
in "Domain 0", which is the primary Linux OS loaded on the machine. That OS
@@ -49,7 +49,7 @@ connect to initialize the library. It will then fork a libvirt_proxy
program running as root and providing read_only access to the API, this is
then only useful for reporting and monitoring.</p>
<h3>
- <a name="QEmu" id="QEmu">Libvirt QEmu and KVM support</a>
+ <a name="QEmu" id="id-QEmu">Libvirt QEmu and KVM support</a>
</h3>
<p>The model for QEmu and KVM is completely similar, basically KVM is based
on QEmu for the process controlling a new domain, only small details differs
@@ -63,7 +63,7 @@ domain, by specifying the architecture and machine type targeted.</p>
<p>The code controlling the QEmu process is available in the
<code>qemud/</code> directory.</p>
<h3>
- <a name="drivers" id="drivers">the driver based architecture</a>
+ <a name="drivers" id="id-drivers">the driver based architecture</a>
</h3>
<p>As the previous section explains, libvirt can communicate using different
channels with the current hypervisor, and should also be able to use
diff --git a/docs/downloads.html.in b/docs/downloads.html.in
index 2ce1048..3bea264 100644
--- a/docs/downloads.html.in
+++ b/docs/downloads.html.in
@@ -91,7 +91,7 @@
<h1>libvirt Installation</h1>
- <h2><a name="Compilatio" id="Compilatio">Compilation</a></h2>
+ <h2><a name="Compilatio" id="id-Compilatio">Compilation</a></h2>
<p>
libvirt uses the standard configure/make/install steps:
diff --git a/docs/remote.html.in b/docs/remote.html.in
index b8b8f2b..eb787c2 100644
--- a/docs/remote.html.in
+++ b/docs/remote.html.in
@@ -58,7 +58,7 @@ machines through authenticated and encrypted connections.
</li>
</ul>
<h3>
- <a name="Remote_basic_usage" id="Remote_basic_usage">Basic usage</a>
+ <a name="Remote_basic_usage" id="id-Remote_basic_usage">Basic usage</a>
</h3>
<p>
On the remote machine, <code>libvirtd</code> should be running.
@@ -92,7 +92,7 @@ relating to failures in the remote transport itself. </li>
much slower than, say, direct hypervisor calls. </li>
</ul>
<h3>
- <a name="Remote_transports" id="Remote_transports">Transports</a>
+ <a name="Remote_transports" id="id-Remote_transports">Transports</a>
</h3>
<p>
Remote libvirt supports a range of transports:
@@ -140,7 +140,7 @@ Remote libvirt supports a range of transports:
The default transport, if no other is specified, is <code>tls</code>.
</p>
<h3>
- <a name="Remote_URI_reference" id="Remote_URI_reference">Remote URIs</a>
+ <a name="Remote_URI_reference" id="id-Remote_URI_reference">Remote URIs</a>
</h3>
<p>
See also: <a href="uri.html">documentation on ordinary ("local") URIs</a>.
@@ -181,7 +181,7 @@ settings.
</li>
</ul>
<h4>
- <a name="Remote_URI_parameters" id="Remote_URI_parameters">Extra parameters</a>
+ <a name="Remote_URI_parameters" id="id-Remote_URI_parameters">Extra parameters</a>
</h4>
<p>
Extra parameters can be added to remote URIs as part
@@ -304,10 +304,10 @@ Note that parameter values must be
</tr>
</table>
<h3>
- <a name="Remote_certificates" id="Remote_certificates">Generating TLS certificates</a>
+ <a name="Remote_certificates" id="id-Remote_certificates">Generating TLS certificates</a>
</h3>
<h4>
- <a name="Remote_PKI" id="Remote_PKI">Public Key Infrastructure set up</a>
+ <a name="Remote_PKI" id="id-Remote_PKI">Public Key Infrastructure set up</a>
</h4>
<p>
If you are unsure how to create TLS certificates, skip to the
@@ -367,7 +367,7 @@ next section.
</tr>
</table>
<h4>
- <a name="Remote_TLS_background" id="Remote_TLS_background">Background to TLS certificates</a>
+ <a name="Remote_TLS_background" id="id-Remote_TLS_background">Background to TLS certificates</a>
</h4>
<p>
Libvirt supports TLS certificates for verifying the identity
@@ -402,7 +402,7 @@ address. You may want to change this to make it less (or more)
permissive, depending on your needs.
</p>
<h4>
- <a name="Remote_TLS_CA" id="Remote_TLS_CA">Setting up a Certificate Authority (CA)</a>
+ <a name="Remote_TLS_CA" id="id-Remote_TLS_CA">Setting up a Certificate Authority (CA)</a>
</h4>
<p>
You will need the <a href="http://www.gnu.org/software/gnutls/manual/html_node/Invoking-certtool.html">GnuTLS
@@ -473,7 +473,7 @@ key carefully as you will need it when you come to issue certificates
for your clients and servers.
</p>
<h4>
- <a name="Remote_TLS_server_certificates" id="Remote_TLS_server_certificates">Issuing server certificates</a>
+ <a name="Remote_TLS_server_certificates" id="id-Remote_TLS_server_certificates">Issuing server certificates</a>
</h4>
<p>
For each server (libvirtd) you need to issue a certificate
@@ -556,7 +556,7 @@ which can be installed on the server as
</li>
</ul>
<h4>
- <a name="Remote_TLS_client_certificates" id="Remote_TLS_client_certificates">Issuing client certificates</a>
+ <a name="Remote_TLS_client_certificates" id="id-Remote_TLS_client_certificates">Issuing client certificates</a>
</h4>
<p>
For each client (ie. any program linked with libvirt, such as
@@ -609,7 +609,7 @@ cp clientcert.pem /etc/pki/libvirt/clientcert.pem
</li>
</ol>
<h4>
- <a name="Remote_TLS_troubleshooting" id="Remote_TLS_troubleshooting">Troubleshooting TLS certificate problems</a>
+ <a name="Remote_TLS_troubleshooting" id="id-Remote_TLS_troubleshooting">Troubleshooting TLS certificate problems</a>
</h4>
<dl>
<dt> failed to verify client's certificate </dt>
@@ -627,7 +627,7 @@ to analyze the setup on the client or server machines, preferably as root.
It will try to point out the possible problems and provide solutions to
fix the set up up to a point where you have secure remote access.</p>
<h3>
- <a name="Remote_libvirtd_configuration" id="Remote_libvirtd_configuration">libvirtd configuration file</a>
+ <a name="Remote_libvirtd_configuration" id="id-Remote_libvirtd_configuration">libvirtd configuration file</a>
</h3>
<p>
Libvirtd (the remote daemon) is configured from a file called
@@ -795,7 +795,7 @@ Blank lines and comments beginning with <code>#</code> are ignored.
</tr>
</table>
<h3>
- <a name="Remote_IPv6" id="Remote_IPv6">IPv6 support</a>
+ <a name="Remote_IPv6" id="id-Remote_IPv6">IPv6 support</a>
</h3>
<p>
The libvirtd service and libvirt remote client driver both use the
@@ -808,7 +808,7 @@ connection will be made, otherwise IPv4 will be used. In summary it
should just 'do the right thing(tm)'.
</p>
<h3>
- <a name="Remote_limitations" id="Remote_limitations">Limitations</a>
+ <a name="Remote_limitations" id="id-Remote_limitations">Limitations</a>
</h3>
<ul>
<li> Fine-grained authentication: libvirt in general,
@@ -821,7 +821,7 @@ just read-write/read-only as at present.
Please come and discuss these issues and more on <a href="https://www.redhat.com/mailman/listinfo/libvir-list" title="libvir-list mailing list">the mailing list</a>.
</p>
<h3>
- <a name="Remote_implementation_notes" id="Remote_implementation_notes">Implementation notes</a>
+ <a name="Remote_implementation_notes" id="id-Remote_implementation_notes">Implementation notes</a>
</h3>
<p>
The current implementation uses <a href="http://en.wikipedia.org/wiki/External_Data_Representation" title="External Data Representation">XDR</a>-encoded packets with a
diff --git a/docs/storage.html.in b/docs/storage.html.in
index 079192b..a1eddf8 100644
--- a/docs/storage.html.in
+++ b/docs/storage.html.in
@@ -33,7 +33,7 @@ libvirt.
</li>
</ul>
- <h2><a name="StorageBackendDir" id="StorageBackendDir">Directory pool</a></h2>
+ <h2><a name="StorageBackendDir" id="id-StorageBackendDir">Directory pool</a></h2>
<p>
A pool with a type of <code>dir</code> provides the means to manage
files within a directory. The files can be fully allocated raw files,
@@ -85,7 +85,7 @@ libvirt.
</p>
- <h2><a name="StorageBackendFS" id="StorageBackendFS">Filesystem pool</a></h2>
+ <h2><a name="StorageBackendFS" id="id-StorageBackendFS">Filesystem pool</a></h2>
<p>
This is a variant of the directory pool. Instead of creating a
directory on an existing mounted filesystem though, it expects
@@ -156,7 +156,7 @@ libvirt.
</p>
- <h2><a name="StorageBackendNetFS" id="StorageBackendNetFS">Network filesystem pool</a></h2>
+ <h2><a name="StorageBackendNetFS" id="id-StorageBackendNetFS">Network filesystem pool</a></h2>
<p>
This is a variant of the filesystem pool. Instead of requiring
a local block device as the source, it requires the name of a
@@ -196,7 +196,7 @@ libvirt.
</p>
- <h2><a name="StorageBackendLogical" id="StorageBackendLogical">Logical volume pools</a></h2>
+ <h2><a name="StorageBackendLogical" id="id-StorageBackendLogical">Logical volume pools</a></h2>
<p>
This provides a pool based on an LVM volume group. For a
pre-defined LVM volume group, simply providing the group
@@ -231,7 +231,7 @@ libvirt.
</p>
- <h2><a name="StorageBackendDisk" id="StorageBackendDisk">Disk volume pools</a></h2>
+ <h2><a name="StorageBackendDisk" id="id-StorageBackendDisk">Disk volume pools</a></h2>
<p>
This provides a pool based on a physical disk. Volumes are created
by adding partitions to the disk. Disk pools are have constraints
@@ -318,7 +318,7 @@ libvirt.
</ul>
- <h2><a name="StorageBackendISCSI" id="StorageBackendISCSI">iSCSI volume pools</a></h2>
+ <h2><a name="StorageBackendISCSI" id="id-StorageBackendISCSI">iSCSI volume pools</a></h2>
<p>
This provides a pool based on an iSCSI target. Volumes must be
pre-allocated on the iSCSI server, and cannot be created via
@@ -351,7 +351,7 @@ libvirt.
The iSCSI volume pool does not use the volume format type element.
</p>
- <h2><a name="StorageBackendSCSI" id="StorageBackendSCSI">SCSI volume pools</a></h2>
+ <h2><a name="StorageBackendSCSI" id="id-StorageBackendSCSI">SCSI volume pools</a></h2>
<p>
This provides a pool based on a SCSI HBA. Volumes are preexisting SCSI
LUNs, and cannot be created via the libvirt APIs. Since /dev/XXX names
@@ -383,7 +383,7 @@ libvirt.
The SCSI volume pool does not use the volume format type element.
</p>
- <h2><a name="StorageBackendMultipath" id="StorageBackendMultipath">Multipath pools</a></h2>
+ <h2><a name="StorageBackendMultipath" id="id-StorageBackendMultipath">Multipath pools</a></h2>
<p>
This provides a pool that contains all the multipath devices on the
host. Volume creating is not supported via the libvirt APIs.
diff --git a/docs/uri.html.in b/docs/uri.html.in
index 0540dab..ffb86c1 100644
--- a/docs/uri.html.in
+++ b/docs/uri.html.in
@@ -37,7 +37,7 @@ documents libvirt URIs.
</li>
</ul>
<h3>
- <a name="URI_libvirt" id="URI_libvirt">Specifying URIs to libvirt</a>
+ <a name="URI_libvirt" id="id-URI_libvirt">Specifying URIs to libvirt</a>
</h3>
<p>
The URI is passed as the <code>name</code> parameter to <a href="html/libvirt-libvirt.html#virConnectOpen"><code>virConnectOpen</code></a> or <a href="html/libvirt-libvirt.html#virConnectOpenReadOnly"><code>virConnectOpenReadOnly</code></a>. For example:
@@ -46,7 +46,7 @@ The URI is passed as the <code>name</code> parameter to <a href="html/libvirt-li
virConnectPtr conn = virConnectOpenReadOnly (<b>"test:///default"</b>);
</pre>
<h3>
- <a name="URI_virsh" id="URI_virsh">Specifying URIs to virsh, virt-manager and virt-install</a>
+ <a name="URI_virsh" id="id-URI_virsh">Specifying URIs to virsh, virt-manager and virt-install</a>
</h3>
<p>
In virsh use the <code>-c</code> or <code>--connect</code> option:
@@ -77,7 +77,7 @@ In virt-install use the <code>--connect=</code><i>URI</i> option:
virt-install <b>--connect=test:///default</b> <i>[other options]</i>
</pre>
<h3>
- <a name="URI_xen" id="URI_xen">xen:/// URI</a>
+ <a name="URI_xen" id="id-URI_xen">xen:/// URI</a>
</h3>
<p>
<i>This section describes a feature which is new in libvirt >
@@ -88,7 +88,7 @@ To access a Xen hypervisor running on the local machine
use the URI <code>xen:///</code>.
</p>
<h3>
- <a name="URI_qemu" id="URI_qemu">qemu:///... QEMU and KVM URIs</a>
+ <a name="URI_qemu" id="id-URI_qemu">qemu:///... QEMU and KVM URIs</a>
</h3>
<p>
To use QEMU support in libvirt you must be running the
@@ -120,7 +120,7 @@ KVM guests in the <a href="format.html#KVM1">guest XML as described
here</a>.
</p>
<h3>
- <a name="URI_remote" id="URI_remote">Remote URIs</a>
+ <a name="URI_remote" id="id-URI_remote">Remote URIs</a>
</h3>
<p>
Remote URIs are formed by taking ordinary local URIs and adding a
@@ -183,7 +183,7 @@ remote URI reference</a> and <a href="remote.html">full documentation
for libvirt remote support</a>.
</p>
<h3>
- <a name="URI_test" id="URI_test">test:///... Test URIs</a>
+ <a name="URI_test" id="id-URI_test">test:///... Test URIs</a>
</h3>
<p>
The test driver is a dummy hypervisor for test purposes.
@@ -197,10 +197,10 @@ a set of host definitions held in the named file.
</li>
</ul>
<h3>
- <a name="URI_legacy" id="URI_legacy">Other & legacy URI formats</a>
+ <a name="URI_legacy" id="id-URI_legacy">Other & legacy URI formats</a>
</h3>
<h4>
- <a name="URI_NULL" id="URI_NULL">NULL and empty string URIs</a>
+ <a name="URI_NULL" id="id-URI_NULL">NULL and empty string URIs</a>
</h4>
<p>
Libvirt allows you to pass a <code>NULL</code> pointer to
@@ -224,7 +224,7 @@ application wishes to connect specifically to a Xen hypervisor, then
for future proofing it should choose a full <a href="#URI_xen"><code>xen:///</code> URI</a>.
</p>
<h4>
- <a name="URI_file" id="URI_file">File paths (xend-unix-server)</a>
+ <a name="URI_file" id="id-URI_file">File paths (xend-unix-server)</a>
</h4>
<p>
If XenD is running and configured in <code>/etc/xen/xend-config.sxp</code>:
@@ -241,7 +241,7 @@ using a file URI such as:
virsh -c ///var/run/xend/xend-socket
</pre>
<h4>
- <a name="URI_http" id="URI_http">Legacy: <code>http://...</code> (xend-http-server)</a>
+ <a name="URI_http" id="id-URI_http">Legacy: <code>http://...</code> (xend-http-server)</a>
</h4>
<p>
If XenD is running and configured in <code>/etc/xen/xend-config.sxp</code>:
@@ -277,7 +277,7 @@ Notes:
documentation as "unix server" or "http server".</li>
</ol>
<h4>
- <a name="URI_legacy_xen" id="URI_legacy_xen">Legacy: <code>"xen"</code></a>
+ <a name="URI_legacy_xen" id="id-URI_legacy_xen">Legacy: <code>"xen"</code></a>
</h4>
<p>
Another legacy URI is to specify name as the string
@@ -285,7 +285,7 @@ Another legacy URI is to specify name as the string
hypervisor. However you should prefer a full <a href="#URI_xen"><code>xen:///</code> URI</a> in all future code.
</p>
<h4>
- <a name="URI_legacy_proxy" id="URI_legacy_proxy">Legacy: Xen proxy</a>
+ <a name="URI_legacy_proxy" id="id-URI_legacy_proxy">Legacy: Xen proxy</a>
</h4>
<p>
Libvirt continues to support connections to a separately running Xen
--
1.7.2.3
14 years, 2 months
Re: [libvirt] Why is avahi-daemon being started?
by Eric Blake
[adding libvir-list]
On 09/07/2010 07:42 AM, Tom Horsley wrote:
> On Tue, 07 Sep 2010 13:51:09 +0100
> Adam Williamson wrote:
>
>>> I did find a "Should-start: avahi-daemon" comment in the libvirtd
>>> init script, so maybe that is the source.
>>
>> Shouldn't be. 'Should-start' means 'if this other service is enabled, it
>> should be started before this one': it's not a strict dependency, 'this
>> other service MUST be started before this one'.
>
> Yea, changing the comment there didn't fix anything, but it was a good
> hint since I finally found the "mdns_adv" setting in the libvirtd.conf
> file and uncommenting it did finally squash avahi-daemon :-).
I'm wondering if this means that libvirt should change any of its
policies about auto-starting avahi-daemon, or at the very least, if
there is a documentation shortcoming on why libvirt defaults to enabling
this and when you might want to change that default.
--
Eric Blake eblake(a)redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
14 years, 2 months
Re: [libvirt] IPv6 structs on MacOS X
by Justin Clift
On 09/16/2010 04:52 AM, Bruno Haible wrote:
<snip>
> This message talks about the unportability of a field 's6_addr32' in
> 'struct in6_addr'. Sure this is unportable: POSIX [1] specifies only the
> presence of 's6_addr'.
>
> I don't see why gnulib should support this: An application can perfectly
> access the 16 bytes of the s6_addr[] array. Why would it need to access a
> specific part of it in a special way?
My apologies. I should have been significantly clearer in what I was
trying for there. :)
(adding the libvirt devel mailing list back in, due to relevance)
Tried compiling libvirt on OS X, which errored on this piece of IPv6 code:
http://www.redhat.com/archives/libvir-list/2010-September/msg00243.html
The message I quoted to Eric above, which you've then looked at, was
danpb wondering whether we should be using gnulib to avoid the
portability problem.
This stuff is outside my area of expertise though. :)
Regards and best wishes,
Justin Clift
14 years, 2 months
Re: [libvirt] OSX 10.6 build failures
by Osier
----- "Justin Clift" <jclift(a)redhat.com> wrote:
> From: "Justin Clift" <jclift(a)redhat.com>
> To: "Libvirt Developers Mailing List" <libvir-list(a)redhat.com>
> Sent: Wednesday, September 15, 2010 7:42:48 AM GMT +08:00 Beijing / Chongqing / Hong Kong / Urumqi
> Subject: [libvirt] OSX 10.6 build failures
>
> Hi us,
>
> Going through the process of getting libvirt to compile on OSX, making
>
> notes of the failures on the way through (from a clean system) to be
> fixed.
>
> a) libtool -> glibtool
> libtoolize -> glibtoolize
>
> It turns out that autogen.sh is hard coded to use "libtool", and
> wants the GNU version.
>
> OSX supplies has it's own version, without a --version option, so
> autogen.sh fails.
>
> Installing GNU libtool through MacPorts, makes it available as
> glibtool, with libtoolize being glibtoolize.
>
> Adjusting autogen.sh to detect that, then set LIBTOOL and
> LIBTOOLIZE
> appropriately was fairly trivial.
>
> Will submit a patch to fix that in a bit.
>
>
> b) pkg-config
>
> The next thing to barf was autoconf, complaining about
> AC_MSG_ERROR
> not being a defined macro.
>
> Googling with some persistence showed this is caused by
> pkg-config
> not being installed. Fixed that.
>
> Will submit a patch for that too. Probably "pkg-config
> --version"
> based, copying the approach used for the other autogen.sh checks.
>
>
> c) This is a compilation failure, one I don't readily know how to
> fix:
>
> ...
> Making all in src
> make all-am
> CC libvirt_util_la-network.lo
> util/network.c: In function 'getIPv6Addr':
> util/network.c:50: error: 'struct in6_addr' has no member named
> 's6_addr16'
> util/network.c:50: error: 'struct in6_addr' has no member named
> 's6_addr16'
> util/network.c:50: error: 'struct in6_addr' has no member named
> 's6_addr16'
> util/network.c:50: error: 'struct in6_addr' has no member named
> 's6_addr16'
> make[3]: *** [libvirt_util_la-network.lo] Error 1
> make[2]: *** [all] Error 2
> make[1]: *** [all-recursive] Error 1
> make: *** [all] Error 2
> $
>
> They're the only problems so far, though most things have been
> disabled
> on the ./configure line so it's only the client libraries being
> built.
>
> Anyone know how to address that third one?
>
% man ipv6
Address Format
struct sockaddr_in6 {
sa_family_t sin6_family; /* AF_INET6 */
in_port_t sin6_port; /* port number */
uint32_t sin6_flowinfo; /* IPv6 flow information */
struct in6_addr sin6_addr; /* IPv6 address */
uint32_t sin6_scope_id; /* Scope ID (new in 2.4) */
};
struct in6_addr {
unsigned char s6_addr[16]; /* IPv6 address */
};
% vim libvirt/src/util/network.c
43 static int getIPv6Addr(virSocketAddrPtr addr, virIPv6AddrPtr tab) {
44 int i;
45
46 if ((addr == NULL) || (tab == NULL) || (addr->stor.ss_family != AF_INET6 ))
47 return(-1);
48
49 for (i = 0;i < 8;i++) {
50 (*tab)[i] = ntohs(addr->inet6.sin6_addr.s6_addr16[i]);
51 }
52
53 return(0);
54 }
I guess it's a typo, should be "addr->inet6.sin6_addr.s6_addr[i]", but not
"addr->inet6.sin6_addr.s6_addr16[i]".. :-)
- Osier
> Regards and best wishes,
>
> Justin Clift
>
> --
> libvir-list mailing list
> libvir-list(a)redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list
14 years, 2 months
