[libvirt] [PATCHv3] Disable nwfilter driver when running unprivileged
by Ján Tomko
When opening a new connection to the driver, nwfilterOpen
only succeeds if the driverState has been allocated.
Move the privilege check in driver initialization before
the state allocation to disable the driver.
This changes the nwfilter-define error from:
error: cannot create config directory (null): Bad address
To:
this function is not supported by the connection driver:
virNWFilterDefineXML
https://bugzilla.redhat.com/show_bug.cgi?id=1029266
---
v1: https://www.redhat.com/archives/libvir-list/2013-November/msg00368.html
v2: https://www.redhat.com/archives/libvir-list/2013-November/msg00374.html
forbid everything instead of just virNWFilterDefineXML
v3: cut a pair of holes into my brown paper bag
src/nwfilter/nwfilter_driver.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c
index 6602d73..d521adf 100644
--- a/src/nwfilter/nwfilter_driver.c
+++ b/src/nwfilter/nwfilter_driver.c
@@ -174,6 +174,9 @@ nwfilterStateInitialize(bool privileged,
char *base = NULL;
DBusConnection *sysbus = NULL;
+ if (!privileged)
+ return 0;
+
#if WITH_DBUS
if (virDBusHasSystemBus() &&
!(sysbus = virDBusGetSystemBus()))
@@ -190,9 +193,6 @@ nwfilterStateInitialize(bool privileged,
driverState->watchingFirewallD = (sysbus != NULL);
driverState->privileged = privileged;
- if (!privileged)
- return 0;
-
nwfilterDriverLock(driverState);
if (virNWFilterIPAddrMapInit() < 0)
--
1.8.3.2
11 years
[libvirt] libvirt-python on windows
by yao xu
Hello guys!
These days I have met a problem .
As you know , libvirt-python on windows can compiled with cygwin
environment .
But in my environment, I want to make it possible to run libvirt-python
in native windows environment . Is it possible ?
Anyone tried it ?
11 years
[libvirt] [PATCH]lxc: don't mount dir if ownership couldn't be known
by Chen Hanxiao
From: Chen Hanxiao <chenhanxiao(a)cn.fujitsu.com>
We bind mount some dir from host to guest.
With userns enabled, if we couldn't know
the dir's ownership, don't mount it.
Signed-off-by: Chen Hanxiao <chenhanxiao(a)cn.fujitsu.com>
---
src/lxc/lxc_container.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index 255c711..92d0a39 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -96,6 +96,8 @@
typedef char lxc_message_t;
#define LXC_CONTINUE_MSG 'c'
+#define OVERFLOWUID 65534
+
typedef struct __lxc_child_argv lxc_child_argv_t;
struct __lxc_child_argv {
virDomainDefPtr config;
@@ -1073,6 +1075,18 @@ static int lxcContainerMountFSBind(virDomainFSDefPtr fs,
if (virAsprintf(&src, "%s%s", srcprefix, fs->src) < 0)
goto cleanup;
+ if (stat(src, &st) < 0) {
+ virReportSystemError(errno, _("Unable to stat bind source %s"),
+ src);
+ goto cleanup;
+ } else {
+ if (OVERFLOWUID == st.st_uid || OVERFLOWUID == st.st_gid)
+ errno = EPERM;
+ virReportSystemError(errno, _("Unknown st_uid/st_gid for %s"),
+ fs->src);
+ goto cleanup;
+ }
+
if (stat(fs->dst, &st) < 0) {
if (errno != ENOENT) {
virReportSystemError(errno, _("Unable to stat bind target %s"),
--
1.8.2.1
11 years
[libvirt] rpmbuild problem for 1.1.4
by Franky Van Liedekerke
Hi,
using the latest 1.1.4, I'm having issues to get the rpm build to
complete. I'm always getting this error:
==================
Wrote: /root/rpmbuild/RPMS/x86_64/libvirt-1.1.4-1.el6.x86_64.rpm
error: create archive failed on file
/root/rpmbuild/BUILDROOT/libvirt-1.1.4-1.el6.x86_64/usr/share/doc/libvirt-docs-1.1.4/html/32favicon.png:
cpio: Bad magic
RPM build errors:
File listed twice: /usr/share/doc/libvirt-docs-1.1.4
create archive failed on file
/root/rpmbuild/BUILDROOT/libvirt-1.1.4-1.el6.x86_64/usr/share/doc/libvirt-docs-1.1.4/html/32favicon.png:
cpio: Bad magic
==================
Using 1.1.3-1 results in the same error, while 1.1.2 builds without
problems (all 3 tried today).
The command is just "rpmbuild -tb libvirt-xxx.tgz" on a patched CentOS
6 system.
I also did a diff on the favicon file and it is the same in 1.1.2 and
1.1.3-1.
Any hints on how the get the build to work on a CentOS 6 system? The
spec file has changed quite a bit between 1.1.2 and 1.1.3 ...
Franky
11 years
[libvirt] [PATCHv3 0/4] glusterfs storage pool
by Eric Blake
v2 at:
https://www.redhat.com/archives/libvir-list/2013-November/msg00099.html
Since then: minor improvements to patch 1 and 3 based on testing;
patch 4 is new
Eric Blake (4):
storage: initial support for linking with libgfapi
storage: document gluster pool
storage: implement rudimentary glusterfs pool refresh
storage: probe qcow2 volumes in gluster pool
configure.ac | 21 ++
docs/formatstorage.html.in | 11 +-
docs/schemas/storagepool.rng | 21 ++
docs/storage.html.in | 90 ++++++-
libvirt.spec.in | 15 ++
m4/virt-gluster.m4 | 26 ++
po/POTFILES.in | 1 +
src/Makefile.am | 9 +
src/conf/storage_conf.c | 20 +-
src/conf/storage_conf.h | 3 +-
src/storage/storage_backend.c | 6 +
src/storage/storage_backend.h | 6 +-
src/storage/storage_backend_gluster.c | 343 +++++++++++++++++++++++++++
src/storage/storage_backend_gluster.h | 29 +++
tests/storagepoolxml2xmlin/pool-gluster.xml | 8 +
tests/storagepoolxml2xmlout/pool-gluster.xml | 11 +
tests/storagepoolxml2xmltest.c | 1 +
17 files changed, 608 insertions(+), 13 deletions(-)
create mode 100644 m4/virt-gluster.m4
create mode 100644 src/storage/storage_backend_gluster.c
create mode 100644 src/storage/storage_backend_gluster.h
create mode 100644 tests/storagepoolxml2xmlin/pool-gluster.xml
create mode 100644 tests/storagepoolxml2xmlout/pool-gluster.xml
--
1.8.3.1
11 years
[libvirt] [PATCH 0/2] Fix startup of qemu guests with qemu < 1.5
by Peter Krempa
One of my recent commits broke this. This series should fix it sufficiently.
Peter Krempa (2):
qemu: Change return type of qemuMonitorGetGuestCPU()
qemu: Check for presence of device and properities when getting CPUID
src/qemu/qemu_monitor.c | 19 +++++++-----
src/qemu/qemu_monitor.h | 5 +--
src/qemu/qemu_monitor_json.c | 74 +++++++++++++++++++++++++++++++++++++-------
src/qemu/qemu_monitor_json.h | 4 ++-
src/qemu/qemu_process.c | 9 ++++--
tests/qemumonitorjsontest.c | 21 +++++++++++--
6 files changed, 107 insertions(+), 25 deletions(-)
--
1.8.4.2
11 years
[libvirt] [PATCH] virsh-volume: Unify alignment of vol-list output columns
by Peter Krempa
Add an extra space before the first column as we have when listing
domains.
Previous output:
$ virsh vol-list glusterpool
Name Path
-----------------------------------------
asdf gluster://gluster-node-1/gv0/asdf
c gluster://gluster-node-1/gv0/c
cd gluster://gluster-node-1/gv0/cd
$ virsh vol-list glusterpool --details
Name Path Type Capacity Allocation
----------------------------------------------------------------------
asdf gluster://gluster-node-1/gv0/asdf unknown 0.00 B 0.00 B
c gluster://gluster-node-1/gv0/c unknown 16.00 B 16.00 B
cd gluster://gluster-node-1/gv0/cd unknown 0.00 B 0.00 B
New output:
$ virsh vol-list glusterpool
Name Path
------------------------------------------------------------------------------
asdf gluster://gluster-node-1/gv0/asdf
c gluster://gluster-node-1/gv0/c
cd gluster://gluster-node-1/gv0/cd
$ virsh vol-list glusterpool --details
Name Path Type Capacity Allocation
------------------------------------------------------------------------
asdf gluster://gluster-node-1/gv0/asdf unknown 0.00 B 0.00 B
c gluster://gluster-node-1/gv0/c unknown 16.00 B 16.00 B
cd gluster://gluster-node-1/gv0/cd unknown 0.00 B 0.00 B
---
tools/virsh-volume.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/tools/virsh-volume.c b/tools/virsh-volume.c
index 0a66a6c..d85ae92 100644
--- a/tools/virsh-volume.c
+++ b/tools/virsh-volume.c
@@ -1450,10 +1450,11 @@ cmdVolList(vshControl *ctl, const vshCmd *cmd ATTRIBUTE_UNUSED)
/* Output basic info then return if --details option not selected */
if (!details) {
/* The old output format */
- vshPrintExtra(ctl, "%-20s %-40s\n", _("Name"), _("Path"));
- vshPrintExtra(ctl, "-----------------------------------------\n");
+ vshPrintExtra(ctl, " %-20s %-40s\n", _("Name"), _("Path"));
+ vshPrintExtra(ctl, "---------------------------------------"
+ "---------------------------------------\n");
for (i = 0; i < list->nvols; i++) {
- vshPrint(ctl, "%-20s %-40s\n", virStorageVolGetName(list->vols[i]),
+ vshPrint(ctl, " %-20s %-40s\n", virStorageVolGetName(list->vols[i]),
volInfoTexts[i].path);
}
@@ -1503,7 +1504,7 @@ cmdVolList(vshControl *ctl, const vshCmd *cmd ATTRIBUTE_UNUSED)
/* Create the output template */
ret = virAsprintf(&outputStr,
- "%%-%lus %%-%lus %%-%lus %%%lus %%%lus\n",
+ " %%-%lus %%-%lus %%-%lus %%%lus %%%lus\n",
(unsigned long) nameStrLength,
(unsigned long) pathStrLength,
(unsigned long) typeStrLength,
@@ -1519,7 +1520,7 @@ cmdVolList(vshControl *ctl, const vshCmd *cmd ATTRIBUTE_UNUSED)
("Capacity"), _("Allocation"));
for (i = nameStrLength + pathStrLength + typeStrLength
+ capStrLength + allocStrLength
- + 8; i > 0; i--)
+ + 10; i > 0; i--)
vshPrintExtra(ctl, "-");
vshPrintExtra(ctl, "\n");
--
1.8.4.3
11 years
[libvirt] [PATCH] virsh-volume: Unify strigification of volume type
by Peter Krempa
There were two separate places with that were stringifying type of a
volume. One of the places was out of sync with types implemented
upstream.
To avoid such problems in the future, this patch adds a common function
to convert the type to string and reuses it across the two said places.
---
tools/virsh-volume.c | 59 ++++++++++++++++++++++++----------------------------
1 file changed, 27 insertions(+), 32 deletions(-)
diff --git a/tools/virsh-volume.c b/tools/virsh-volume.c
index d85ae92..604ada5 100644
--- a/tools/virsh-volume.c
+++ b/tools/virsh-volume.c
@@ -942,6 +942,29 @@ out:
return ret;
}
+
+static const char *
+vshVolumeTypeToString(int type)
+{
+ switch (type) {
+ case VIR_STORAGE_VOL_FILE:
+ return N_("file");
+
+ case VIR_STORAGE_VOL_BLOCK:
+ return N_("block");
+
+ case VIR_STORAGE_VOL_DIR:
+ return N_("dir");
+
+ case VIR_STORAGE_VOL_NETWORK:
+ return N_("network");
+
+ default:
+ return N_("unknown");
+ }
+}
+
+
/*
* "vol-info" command
*/
@@ -983,26 +1006,9 @@ cmdVolInfo(vshControl *ctl, const vshCmd *cmd)
if (virStorageVolGetInfo(vol, &info) == 0) {
double val;
const char *unit;
- switch (info.type) {
- case VIR_STORAGE_VOL_FILE:
- vshPrint(ctl, "%-15s %s\n", _("Type:"), _("file"));
- break;
-
- case VIR_STORAGE_VOL_BLOCK:
- vshPrint(ctl, "%-15s %s\n", _("Type:"), _("block"));
- break;
- case VIR_STORAGE_VOL_DIR:
- vshPrint(ctl, "%-15s %s\n", _("Type:"), _("dir"));
- break;
-
- case VIR_STORAGE_VOL_NETWORK:
- vshPrint(ctl, "%-15s %s\n", _("Type:"), _("network"));
- break;
-
- default:
- vshPrint(ctl, "%-15s %s\n", _("Type:"), _("unknown"));
- }
+ vshPrint(ctl, "%-15s %s\n", _("Type:"),
+ _(vshVolumeTypeToString(info.type)));
val = vshPrettyCapacity(info.capacity, &unit);
vshPrint(ctl, "%-15s %2.2lf %s\n", _("Capacity:"), val, unit);
@@ -1377,19 +1383,8 @@ cmdVolList(vshControl *ctl, const vshCmd *cmd ATTRIBUTE_UNUSED)
/* Convert the returned volume info into output strings */
/* Volume type */
- switch (volumeInfo.type) {
- case VIR_STORAGE_VOL_FILE:
- volInfoTexts[i].type = vshStrdup(ctl, _("file"));
- break;
- case VIR_STORAGE_VOL_BLOCK:
- volInfoTexts[i].type = vshStrdup(ctl, _("block"));
- break;
- case VIR_STORAGE_VOL_DIR:
- volInfoTexts[i].type = vshStrdup(ctl, _("dir"));
- break;
- default:
- volInfoTexts[i].type = vshStrdup(ctl, _("unknown"));
- }
+ volInfoTexts[i].type = vshStrdup(ctl,
+ _(vshVolumeTypeToString(volumeInfo.type)));
/* Create the capacity output string */
val = vshPrettyCapacity(volumeInfo.capacity, &unit);
--
1.8.4.3
11 years
[libvirt] [PATCH] libxl: Fix Xen 4.4 libxlVmStart logic
by Jason Andryuk
ifdef LIBXL_HAVE_DOMAIN_CREATE_RESTORE_PARAMS hides a multi-line body
for a brace-less else. Add braces to ensure proper logic is applied.
Without this fix, new domains cannot be started. Both
libxl_domain_create_new and libxl_domain_create_restore are called when
starting a new domain leading to this error:
libxl: error: libxl.c:324:libxl__domain_rename: domain with name "guest" already exists.
libxl: error: libxl_create.c:800:initiate_domain_create: cannot make domain: -6
---
src/libxl/libxl_driver.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c
index ab0233a..0ff731f 100644
--- a/src/libxl/libxl_driver.c
+++ b/src/libxl/libxl_driver.c
@@ -660,10 +660,10 @@ libxlVmStart(libxlDriverPrivatePtr driver, virDomainObjPtr vm,
/* use as synchronous operations => ao_how = NULL and no intermediate reports => ao_progress = NULL */
- if (restore_fd < 0)
+ if (restore_fd < 0) {
ret = libxl_domain_create_new(priv->ctx, &d_config,
&domid, NULL, NULL);
- else
+ } else {
#ifdef LIBXL_HAVE_DOMAIN_CREATE_RESTORE_PARAMS
params.checkpointed_stream = 0;
ret = libxl_domain_create_restore(priv->ctx, &d_config, &domid,
@@ -672,6 +672,7 @@ libxlVmStart(libxlDriverPrivatePtr driver, virDomainObjPtr vm,
ret = libxl_domain_create_restore(priv->ctx, &d_config, &domid,
restore_fd, NULL, NULL);
#endif
+ }
if (ret) {
if (restore_fd < 0)
--
1.8.3.1
11 years
