[libvirt] [PATCH python] Skip copying manually written python for C APIs which don't exist
by Daniel P. Berrange
From: "Daniel P. Berrange" <berrange(a)redhat.com>
If the libvirt-override-virXXXX.py file has methods which call
C APIs that don't exist in the version of libvirt built against
we need to skip copying their code.
eg for 0.9.13 libvirt we should not copy the 'listAllDomains'
method.
The way this works is that it breaks the override file into
individual methods by looking for ' def '. It then collects
the contents until the next method start, whereupon it looks
for a libvirtmod.XXXXXX API call. It checks if the XXXXX part
is present in the XML description we have, and if not, it
discards the entire method.
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
---
generator.py | 42 +++++++++++++++++++++++++++++++++++++++++-
1 file changed, 41 insertions(+), 1 deletion(-)
diff --git a/generator.py b/generator.py
index e8d8ea9..a9f98ab 100755
--- a/generator.py
+++ b/generator.py
@@ -1719,11 +1719,51 @@ def buildWrappers(module):
classes.write("\n")
# Append "<classname>.py" to class def, iff it exists
try:
+ wantfuncs = []
extra = open("libvirt-override-" + classname + ".py", "r")
classes.write (" #\n")
classes.write (" # %s methods from %s.py (hand coded)\n" % (classname,classname))
classes.write (" #\n")
- classes.writelines(extra.readlines())
+ cached = None
+
+
+ # Since we compile with older libvirt, we don't want to pull
+ # in manually written python methods which call C methods
+ # that don't exist. This code attempts to detect which
+ # methods to skip by looking at the libvirtmod.XXXX calls
+
+ def shouldSkip(lines):
+ for line in lines:
+ offset = line.find("libvirtmod.")
+ if offset != -1:
+ func = line[offset + 11:]
+ offset = func.find("(")
+ func = func[0:offset]
+ if func not in functions_skipped:
+ return True
+ return False
+
+ for line in extra.readlines():
+ offset = line.find(" def ")
+ if offset != -1:
+ name = line[offset+5:]
+ offset = name.find("(")
+ name = name[0:offset]
+ if cached is not None:
+ if not shouldSkip(cached):
+ classes.writelines(cached)
+ if name == "__del__":
+ cached = None
+ classes.write(line)
+ else:
+ cached = [line]
+ else:
+ if cached is not None:
+ cached.append(line)
+ else:
+ classes.write(line)
+ if not shouldSkip(cached):
+ classes.writelines(cached)
classes.write("\n")
extra.close()
except:
--
1.8.3.1
10 years, 11 months
[libvirt] [PATCH] Added python binding for the new network events API
by Cédric Bosdonnat
This patch was extracted from the network events feature patch to fit the
new libvirt-python repository.
---
generator.py | 2 +
libvirt-override-virConnect.py | 34 +++++++++
libvirt-override.c | 154 +++++++++++++++++++++++++++++++++++++++++
3 files changed, 190 insertions(+)
diff --git a/generator.py b/generator.py
index a9f98ab..02ea821 100755
--- a/generator.py
+++ b/generator.py
@@ -491,6 +491,8 @@ skip_function = (
'virConnectDomainEventDeregister', # overridden in virConnect.py
'virConnectDomainEventRegisterAny', # overridden in virConnect.py
'virConnectDomainEventDeregisterAny', # overridden in virConnect.py
+ 'virConnectNetworkEventRegisterAny', # overridden in virConnect.py
+ 'virConnectNetworkEventDeregisterAny', # overridden in virConnect.py
'virSaveLastError', # We have our own python error wrapper
'virFreeError', # Only needed if we use virSaveLastError
'virConnectListAllDomains', # overridden in virConnect.py
diff --git a/libvirt-override-virConnect.py b/libvirt-override-virConnect.py
index 23fadfd..15e9c54 100644
--- a/libvirt-override-virConnect.py
+++ b/libvirt-override-virConnect.py
@@ -198,6 +198,40 @@
except AttributeError:
pass
+ def _dispatchNetworkEventLifecycleCallback(self, net, event, cbData):
+ """Dispatches events to python user network lifecycle event callbacks
+ """
+ cb = cbData["cb"]
+ opaque = cbData["opaque"]
+
+ cb(self, virNetwork(self, _obj=net), event, opaque)
+ return 0
+
+ def networkEventDeregisterAny(self, callbackID):
+ """Removes a Network Event Callback. De-registering for a
+ network callback will disable delivery of this event type """
+ try:
+ ret = libvirtmod.virConnectNetworkEventDeregisterAny(self._o, callbackID)
+ if ret == -1: raise libvirtError ('virConnectNetworkEventDeregisterAny() failed', conn=self)
+ del self.networkEventCallbackID[callbackID]
+ except AttributeError:
+ pass
+
+ def networkEventRegisterAny(self, net, eventID, cb, opaque):
+ """Adds a Network Event Callback. Registering for a network
+ callback will enable delivery of the events """
+ if not hasattr(self, 'networkEventCallbackID'):
+ self.networkEventCallbackID = {}
+ cbData = { "cb": cb, "conn": self, "opaque": opaque }
+ if net is None:
+ ret = libvirtmod.virConnectNetworkEventRegisterAny(self._o, None, eventID, cbData)
+ else:
+ ret = libvirtmod.virConnectNetworkEventRegisterAny(self._o, net._o, eventID, cbData)
+ if ret == -1:
+ raise libvirtError ('virConnectNetworkEventRegisterAny() failed', conn=self)
+ self.networkEventCallbackID[ret] = opaque
+ return ret
+
def domainEventRegisterAny(self, dom, eventID, cb, opaque):
"""Adds a Domain Event Callback. Registering for a domain
callback will enable delivery of the events """
diff --git a/libvirt-override.c b/libvirt-override.c
index 93b9c5f..d613b0d 100644
--- a/libvirt-override.c
+++ b/libvirt-override.c
@@ -6569,6 +6569,156 @@ libvirt_virConnectDomainEventDeregisterAny(ATTRIBUTE_UNUSED PyObject * self,
return py_retval;
}
+#if LIBVIR_CHECK_VERSION(1, 2, 1)
+static void
+libvirt_virConnectNetworkEventFreeFunc(void *opaque)
+{
+ PyObject *pyobj_conn = (PyObject*)opaque;
+ LIBVIRT_ENSURE_THREAD_STATE;
+ Py_DECREF(pyobj_conn);
+ LIBVIRT_RELEASE_THREAD_STATE;
+}
+
+static int
+libvirt_virConnectNetworkEventLifecycleCallback(virConnectPtr conn ATTRIBUTE_UNUSED,
+ virNetworkPtr net,
+ int event,
+ void *opaque)
+{
+ PyObject *pyobj_cbData = (PyObject*)opaque;
+ PyObject *pyobj_net;
+ PyObject *pyobj_ret;
+ PyObject *pyobj_conn;
+ PyObject *dictKey;
+ int ret = -1;
+
+ LIBVIRT_ENSURE_THREAD_STATE;
+
+ /* Create a python instance of this virNetworkPtr */
+ virNetworkRef(net);
+ pyobj_net = libvirt_virNetworkPtrWrap(net);
+ Py_INCREF(pyobj_cbData);
+
+ dictKey = libvirt_constcharPtrWrap("conn");
+ pyobj_conn = PyDict_GetItem(pyobj_cbData, dictKey);
+ Py_DECREF(dictKey);
+
+ /* Call the Callback Dispatcher */
+ pyobj_ret = PyObject_CallMethod(pyobj_conn,
+ (char*)"_dispatchNetworkEventLifecycleCallback",
+ (char*)"OiO",
+ pyobj_net,
+ event,
+ pyobj_cbData);
+
+ Py_DECREF(pyobj_cbData);
+ Py_DECREF(pyobj_net);
+
+ if (!pyobj_ret) {
+ DEBUG("%s - ret:%p\n", __FUNCTION__, pyobj_ret);
+ PyErr_Print();
+ } else {
+ Py_DECREF(pyobj_ret);
+ ret = 0;
+ }
+
+ LIBVIRT_RELEASE_THREAD_STATE;
+ return ret;
+}
+
+static PyObject *
+libvirt_virConnectNetworkEventRegisterAny(ATTRIBUTE_UNUSED PyObject * self,
+ PyObject * args)
+{
+ PyObject *py_retval; /* return value */
+ PyObject *pyobj_conn; /* virConnectPtr */
+ PyObject *pyobj_net;
+ PyObject *pyobj_cbData; /* hash of callback data */
+ int eventID;
+ virConnectPtr conn;
+ int ret = 0;
+ virConnectNetworkEventGenericCallback cb = NULL;
+ virNetworkPtr net;
+ virNetworkEventID eventId = VIR_NETWORK_EVENT_ID_LAST;
+
+ if (!PyArg_ParseTuple
+ (args, (char *) "OOiO:virConnectNetworkEventRegisterAny",
+ &pyobj_conn, &pyobj_net, &eventID, &pyobj_cbData)) {
+ DEBUG("%s failed parsing tuple\n", __FUNCTION__);
+ return VIR_PY_INT_FAIL;
+ }
+
+ DEBUG("libvirt_virConnectNetworkEventRegister(%p %p %d %p) called\n",
+ pyobj_conn, pyobj_net, eventID, pyobj_cbData);
+ conn = PyvirConnect_Get(pyobj_conn);
+ if (pyobj_net == Py_None)
+ net = NULL;
+ else
+ net = PyvirNetwork_Get(pyobj_net);
+
+ if ( ((eventID & 0xFF00) >> 8) != VIR_EVENT_NAMESPACE_NETWORK) {
+ return VIR_PY_INT_FAIL;
+ }
+
+ eventId = (virNetworkEventID) (eventID & 0xFF);
+ switch (eventId) {
+ case VIR_NETWORK_EVENT_ID_LIFECYCLE:
+ cb = VIR_NETWORK_EVENT_CALLBACK(libvirt_virConnectNetworkEventLifecycleCallback);
+ break;
+
+ case VIR_NETWORK_EVENT_ID_LAST:
+ break;
+ }
+
+ if (!cb) {
+ return VIR_PY_INT_FAIL;
+ }
+
+ Py_INCREF(pyobj_cbData);
+
+ LIBVIRT_BEGIN_ALLOW_THREADS;
+ ret = virConnectNetworkEventRegisterAny(conn, net, eventID,
+ cb, pyobj_cbData,
+ libvirt_virConnectNetworkEventFreeFunc);
+ LIBVIRT_END_ALLOW_THREADS;
+
+ if (ret < 0) {
+ Py_DECREF(pyobj_cbData);
+ }
+
+ py_retval = libvirt_intWrap(ret);
+ return py_retval;
+}
+
+static PyObject *
+libvirt_virConnectNetworkEventDeregisterAny(ATTRIBUTE_UNUSED PyObject * self,
+ PyObject * args)
+{
+ PyObject *py_retval;
+ PyObject *pyobj_conn;
+ int callbackID;
+ virConnectPtr conn;
+ int ret = 0;
+
+ if (!PyArg_ParseTuple
+ (args, (char *) "Oi:virConnectNetworkEventDeregister",
+ &pyobj_conn, &callbackID))
+ return NULL;
+
+ DEBUG("libvirt_virConnectNetworkEventDeregister(%p) called\n", pyobj_conn);
+
+ conn = (virConnectPtr) PyvirConnect_Get(pyobj_conn);
+
+ LIBVIRT_BEGIN_ALLOW_THREADS;
+
+ ret = virConnectNetworkEventDeregisterAny(conn, callbackID);
+
+ LIBVIRT_END_ALLOW_THREADS;
+ py_retval = libvirt_intWrap(ret);
+ return py_retval;
+}
+#endif /* LIBVIR_CHECK_VERSION(1, 2, 1)*/
+
#if LIBVIR_CHECK_VERSION(0, 10, 0)
static void
libvirt_virConnectCloseCallbackDispatch(virConnectPtr conn ATTRIBUTE_UNUSED,
@@ -7369,6 +7519,10 @@ static PyMethodDef libvirtMethods[] = {
{(char *) "virConnectDomainEventDeregister", libvirt_virConnectDomainEventDeregister, METH_VARARGS, NULL},
{(char *) "virConnectDomainEventRegisterAny", libvirt_virConnectDomainEventRegisterAny, METH_VARARGS, NULL},
{(char *) "virConnectDomainEventDeregisterAny", libvirt_virConnectDomainEventDeregisterAny, METH_VARARGS, NULL},
+#if LIBVIR_CHECK_VERSION(1, 2, 1)
+ {(char *) "virConnectNetworkEventRegisterAny", libvirt_virConnectNetworkEventRegisterAny, METH_VARARGS, NULL},
+ {(char *) "virConnectNetworkEventDeregisterAny", libvirt_virConnectNetworkEventDeregisterAny, METH_VARARGS, NULL},
+#endif /* LIBVIR_CHECK_VERSION(1, 2, 1) */
#if LIBVIR_CHECK_VERSION(0, 10, 0)
{(char *) "virConnectRegisterCloseCallback", libvirt_virConnectRegisterCloseCallback, METH_VARARGS, NULL},
{(char *) "virConnectUnregisterCloseCallback", libvirt_virConnectUnregisterCloseCallback, METH_VARARGS, NULL},
--
1.8.4.2
10 years, 11 months
[libvirt] [PATCH] Add docs about audit subsystem logging
by Daniel P. Berrange
From: "Daniel P. Berrange" <berrange(a)redhat.com>
Adds a new page to the website "Deployment" section describing
what data is sent to the audit logs and how to configure libvirtd
audit settings.
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
---
docs/auditlog.html.in | 321 ++++++++++++++++++++++++++++++++++++++++++++++++++
docs/sitemap.html.in | 4 +
2 files changed, 325 insertions(+)
create mode 100644 docs/auditlog.html.in
diff --git a/docs/auditlog.html.in b/docs/auditlog.html.in
new file mode 100644
index 0000000..c827ab9
--- /dev/null
+++ b/docs/auditlog.html.in
@@ -0,0 +1,321 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <body>
+ <h1>Audit log</h1>
+
+ <ul id="toc"></ul>
+
+ <h2><a name="intro">Introduction</a></h2>
+
+ <p>
+ A number of the libvirt virtualization drivers (QEMU/KVM and LXC) include
+ support for logging details of important operations to the host's audit
+ subsystem. This provides administrators / auditors with a canonical historical
+ record of changes to virtual machines' / containers' lifecycle states and
+ their configuration. On hosts which are running the Linux audit daemon,
+ the logs will usually end up in <code>/var/log/audit/audit.log</code>
+ </p>
+
+ <h2><a name="config">Configuration</a></h2>
+
+ <p>
+ The libvirt audit integration is enabled by default on any host which has
+ the Linux audit subsystem active, and disabled otherwise. It is possible
+ to alter this behaviour in the <code>/etc/libvirt/libvirtd.conf</code>
+ configuration file, via the <code>audit_level</code> parameter
+ </p>
+
+ <ul>
+ <li><code>audit_level=0</code> - libvirt auditing is disabled regardless
+ of host audit subsystem enablement.</li>
+ <li><code>audit_level=1</code> - libvirt auditing is enabled if the host
+ audit subsystem is enabled, otherwise it is disabled. This is the
+ default behaviour.</li>
+ <li><code>audit_level=2</code> - libvirt auditing is enabled regardless
+ of host audit subsystem enablement. If the host audit subsystem is
+ disabled, then libvirtd will refuse to complete startup and exit with
+ an error.</li>
+ </ul>
+
+ <p>
+ In addition to have formal messages sent to the audit subsystem it is
+ possible to tell libvirt to inject messages into its own logging
+ layer. This will result in messages ending up in the systemd journal
+ or <code>/var/log/libvirt/libivrtd.log</code> on non-systemd hosts.
+ This is disabled by default, but can be requested by setting the
+ <code>audit_logging=1</code> configuration parameter in the same file
+ mentioned above.
+ </p>
+
+ <h2><a name="types">Message types</a></h2>
+
+ <p>
+ Libvirt defines three core audit message types each of which will
+ be described below. There are a number of common fields that will
+ be reported for all message types.
+ </p>
+
+ <dl>
+ <dt>pid</dt>
+ <dd>Process ID of the libvirtd daemon generating the audit record.</dd>
+ <dt>uid</dt>
+ <dd>User ID of the libvirtd daemon process generating the audit record.</dd>
+ <dt>subj</dt>
+ <dd>Security context of the libvirtd daemon process generating the audit record.</dd>
+ <dt>msg</dt>
+ <dd>String containing a list of key=value pairs specific to the type of audit record being reported.</dd>
+ </dl>
+
+ <p>
+ Some fields in the <code>msg</code> string are common to audit records
+ </p>
+
+ <dl>
+ <dt>virt</dt>
+ <dd>Type of virtualization driver used. One of <code>qemu</code> or <code>lxc</code></dd>
+ <dt>vm</dt>
+ <dd>Host driver unique name of the guest</dd>
+ <dt>uuid</dt>
+ <dd>Globally unique identifier for the guest</dd>
+ <dt>exe</dt>
+ <dd>Path of the libvirtd daemon</dd>
+ <dt>hostname</dt>
+ <dd>Currently unused</dd>
+ <dt>addr</dt>
+ <dd>Currently unused</dd>
+ <dt>terminal</dt>
+ <dd>Currently unused</dd>
+ <dt>res</dt>
+ <dd>Result of the action, either <code>success</code> or <code>failed</code></dd>
+ </dl>
+
+ <h3><a name="typecontrol">VIRT_CONTROL</a></h3>
+
+ <p>
+ Reports change in the lifecycle state of a virtual machine. The <code>msg</code>
+ field will include the following sub-fields
+ </p>
+
+ <dl>
+ <dt>op</dt>
+ <dd>Type of operation performed. One of <code>start</code>, <code>stop</code> or <code>init</code></dd>
+ <dt>reason</dt>
+ <dd>The reason which caused the operation to happen</dd>
+ <dt>vm-pid</dt>
+ <dd>ID of the primary/leading process associated with the guest</dd>
+ <dt>init-pid</dt>
+ <dd>ID of the <code>init</code> process in a container. Only if <code>op=init</code> and <code>virt=lxc</code></dd>
+ <dt>pid-ns</dt>
+ <dd>Namespace ID of the <code>init</code> process in a container. Only if <code>op=init</code> and <code>virt=lxc</code></dd>
+ </dl>
+
+ <h3><a name="typemachine">VIRT_MACHINE_ID</a></h3>
+
+ <p>
+ Reports the association of a security context with a guest. The <code>msg</code>
+ field will include the following sub-fields
+ </p>
+
+ <dl>
+ <dt>model</dt>
+ <dd>The security driver type. One of <code>selinux</code> or <code>apparmor</code></dd>
+ <dt>vm-ctx</dt>
+ <dd>Security context for the guest process</dd>
+ <dt>img-ctx</dt>
+ <dd>Security context for the guest disk images and other assigned host resources</dd>
+ </dl>
+
+ <h3><a name="typeresource">VIRT_RESOURCE</a></h3>
+
+ <p>
+ Reports the usage of a host resource by a guest. The fields include will
+ vary according to the type of device being reported. When the guest is
+ initially booted records will be generated for all assigned resources.
+ If any changes are made to the running guest configuration, for example
+ hotplug devices, or adjust resources allocation, further records will
+ be generated.
+ </p>
+
+ <h4><a name="typeresourcevcpu">Virtual CPU</a></h4>
+
+ <p>
+ The <code>msg</code> field will include the following sub-fields
+ </p>
+
+ <dl>
+ <dt>reason</dt>
+ <dd>The reason which caused the resource to be assigned to happen</dd>
+ <dt>resrc</dt>
+ <dd>The type of resource assigned. Set to <code>vcpu</code></dd>
+ <dt>old-vcpu</dt>
+ <dd>Original vCPU count, or 0</dd>
+ <dt>new-vcpu</dt>
+ <dd>Updated vCPU count</dd>
+ </dl>
+
+
+ <h4><a name="typeresourcemem">Memory</a></h4>
+
+ <p>
+ The <code>msg</code> field will include the following sub-fields
+ </p>
+
+ <dl>
+ <dt>reason</dt>
+ <dd>The reason which caused the resource to be assigned to happen</dd>
+ <dt>resrc</dt>
+ <dd>The type of resource assigned. Set to <code>mem</code></dd>
+ <dt>old-mem</dt>
+ <dd>Original memory size in bytes, or 0</dd>
+ <dt>new-mem</dt>
+ <dd>Updated memory size in bytes</dd>
+ </dl>
+
+ <h4><a name="typeresourcedisk">Disk</a></h4>
+ <p>
+ The <code>msg</code> field will include the following sub-fields
+ </p>
+
+ <dl>
+ <dt>reason</dt>
+ <dd>The reason which caused the resource to be assigned to happen</dd>
+ <dt>resrc</dt>
+ <dd>The type of resource assigned. Set to <code>disk</code></dd>
+ <dt>old-disk</dt>
+ <dd>Original host file or device path acting as the disk backing file</dd>
+ <dt>new-disk</dt>
+ <dd>Updated host file or device path acting as the disk backing file</dd>
+ </dl>
+
+ <h4><a name="typeresourcenic">Network interface</a></h4>
+
+ <p>
+ The <code>msg</code> field will include the following sub-fields
+ </p>
+
+ <dl>
+ <dt>reason</dt>
+ <dd>The reason which caused the resource to be assigned to happen</dd>
+ <dt>resrc</dt>
+ <dd>The type of resource assigned. Set to <code>net</code></dd>
+ <dt>old-net</dt>
+ <dd>Original MAC address of the guest network interface</dd>
+ <dt>new-net</dt>
+ <dd>Updated MAC address of the guest network interface</dd>
+ </dl>
+
+ <p>
+ If there is a host network interace associated with the guest NIC then
+ further records may be generated
+ </p>
+
+ <dl>
+ <dt>reason</dt>
+ <dd>The reason which caused the resource to be assigned to happen</dd>
+ <dt>resrc</dt>
+ <dd>The type of resource assigned. Set to <code>net</code></dd>
+ <dt>net</dt>
+ <dd>MAC address of the host network interface</dd>
+ <dt>rdev</dt>
+ <dd>Name of the host network interface</dd>
+ </dl>
+
+ <h4><a name="typeresourcefs">Filesystem</a></h4>
+ <p>
+ The <code>msg</code> field will include the following sub-fields
+ </p>
+
+ <dl>
+ <dt>reason</dt>
+ <dd>The reason which caused the resource to be assigned to happen</dd>
+ <dt>resrc</dt>
+ <dd>The type of resource assigned. Set to <code>fs</code></dd>
+ <dt>old-fs</dt>
+ <dd>Original host directory, file or device path backing the filesystem </dd>
+ <dt>new-fs</dt>
+ <dd>Updated host directory, file or device path backing the filesystem</dd>
+ </dl>
+
+ <h4><a name="typeresourcehost">Host device</a></h4>
+ <p>
+ The <code>msg</code> field will include the following sub-fields
+ </p>
+
+ <dl>
+ <dt>reason</dt>
+ <dd>The reason which caused the resource to be assigned to happen</dd>
+ <dt>resrc</dt>
+ <dd>The type of resource assigned. Set to <code>hostdev</code> or <code>dev</code></dd>
+ <dt>dev</dt>
+ <dd>The unique bus identifier of the USB, PCI or SCSI device, if <code>resrc=dev</code></dd>
+ <dt>disk</dt>
+ <dd>The path of the block device assigned to the guest, if <code>resrc=hostdev</code></dd>
+ <dt>chardev</dt>
+ <dd>The path of the charecter device assigned to the guest, if <code>resrc=hostdev</code></dd>
+ </dl>
+
+ <h4><a name="typeresourcetpm">TPM</a></h4>
+ <p>
+ The <code>msg</code> field will include the following sub-fields
+ </p>
+
+ <dl>
+ <dt>reason</dt>
+ <dd>The reason which caused the resource to be assigned to happen</dd>
+ <dt>resrc</dt>
+ <dd>The type of resource assigned. Set to <code>tpm</code></dd>
+ <dt>device</dt>
+ <dd>The path of the host TPM device assigned to the guest</dd>
+ </dl>
+
+ <h4><a name="typeresourcerng">RNG</a></h4>
+ <p>
+ The <code>msg</code> field will include the following sub-fields
+ </p>
+
+ <dl>
+ <dt>reason</dt>
+ <dd>The reason which caused the resource to be assigned to happen</dd>
+ <dt>resrc</dt>
+ <dd>The type of resource assigned. Set to <code>rng</code></dd>
+ <dt>old-rng</dt>
+ <dd>Original path of the host entropy source for the RNG</dd>
+ <dt>new-rng</dt>
+ <dd>Updated path of the host entropy source for the RNG</dd>
+ </dl>
+
+
+ <h4><a name="typeresourceredir">Redirected device</a></h4>
+ <p>
+ The <code>msg</code> field will include the following sub-fields
+ </p>
+
+ <dl>
+ <dt>reason</dt>
+ <dd>The reason which caused the resource to be assigned to happen</dd>
+ <dt>resrc</dt>
+ <dd>The type of resource assigned. Set to <code>redir</code></dd>
+ <dt>bus</dt>
+ <dd>The bus type, only <code>usb</code> allowed</dd>
+ <dt>device</dt>
+ <dd>The device type, only <code>USB redir</code> allowed</dd>
+ </dl>
+
+ <h4><a name="typeresourcecgroup">Control group</a></h4>
+
+ <p>
+ The <code>msg</code> field will include the following sub-fields
+ </p>
+
+ <dl>
+ <dt>reason</dt>
+ <dd>The reason which caused the resource to be assigned to happen</dd>
+ <dt>resrc</dt>
+ <dd>The type of resource assigned. Set to <code>cgroup</code></dd>
+ <dt>cgroup</dt>
+ <dd>The name of the cgroup controller</dd>
+ </dl>
+
+ </body>
+</html>
diff --git a/docs/sitemap.html.in b/docs/sitemap.html.in
index d821a9e..60daf15 100644
--- a/docs/sitemap.html.in
+++ b/docs/sitemap.html.in
@@ -91,6 +91,10 @@
<span>The library and the daemon logging support</span>
</li>
<li>
+ <a href="auditlog.html">Audit log</a>
+ <span>Audit trail logs for host operations</span>
+ </li>
+ <li>
<a href="firewall.html">Firewall</a>
<span>Firewall and network filter configuration</span>
</li>
--
1.8.3.1
10 years, 11 months
[libvirt] GlusterFS with libvirt
by Umar Draz
Hi All,
Is any body help me how I can integrate libvirt with glusterfs on Ubuntu
13.10 Server.
I tried the following, but its not working.
qemu-img: Unknown protocol 'gluster://localhost/gv1/test.img'
Br.
Umar
10 years, 11 months
[libvirt] Internal error message from netcf when trying to start libvirtd
by Christophe Fergeau
Hey,
Due to a configuration issue on my system, libvirtd is not starting on my
system (not complaining about this!):
2013-10-15 15:40:51.024+0000: 10222: info : libvirt version: 1.1.3
2013-10-15 15:40:51.024+0000: 10222: error : virNetTLSContextCheckCertFile:117 : Cannot read CA certificate
'/home/teuf/usr/etc/pki/CA/cacert.pem': No such file or directory
However, before libvirtd exits, I get another error message from the netcf
code, which is unexpected this time:
2013-10-15 15:49:18.361+0000: 10222: error : netcfStateCleanup:105 :
internal error: Attempt to close netcf state driver already closed
This message comes from the call of virStateCleanup() at the end of main()
in libvirtd.c. virStateCleanup() should not be called before
daemonStateInit() has been called in main.
After this call, things get more ugly as daemonStateInit() calls
virStateInitialize() from a thread, so there's probably a small window for
virStateInitialize() and virStateCleanup() running concurrently if an error
occurs between the call to daemonStateInit() and the call to
virNetServerRun().
I'm sending this email rather than a patch as I'm not sure what is the best
way to fix it. The easy way would be for virStateCleanup() to be a noop
when virStateInitialize() hasn't been called (iow remove the error message
from netcfStateCleanup). However, this would leave this small race
condition around (which is not that bad as it would only occurs in
situations when the daemon fails to start). So another approach would be to
set a vir_state_initialized boolean once the thread has called
ivrStateInitialize, and only call virStateCleanup() when it's set.
Or maybe there's a 3rd way to fix this?
Let me know if you have any guidance into the best way to fix this,
Christophe
10 years, 11 months
[libvirt] [PATCH] docs: fix typos in libvirt.h.in
by Chen Hanxiao
From: Chen Hanxiao <chenhanxiao(a)cn.fujitsu.com>
s/caused/cause
Signed-off-by: Chen Hanxiao <chenhanxiao(a)cn.fujitsu.com>
---
include/libvirt/libvirt.h.in | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/include/libvirt/libvirt.h.in b/include/libvirt/libvirt.h.in
index 146a59b..934d425 100644
--- a/include/libvirt/libvirt.h.in
+++ b/include/libvirt/libvirt.h.in
@@ -3461,7 +3461,7 @@ typedef enum {
/**
* virDomainEventDefinedDetailType:
*
- * Details on the caused of the 'defined' lifecycle event
+ * Details on the cause of the 'defined' lifecycle event
*/
typedef enum {
VIR_DOMAIN_EVENT_DEFINED_ADDED = 0, /* Newly created config file */
@@ -3475,7 +3475,7 @@ typedef enum {
/**
* virDomainEventUndefinedDetailType:
*
- * Details on the caused of the 'undefined' lifecycle event
+ * Details on the cause of the 'undefined' lifecycle event
*/
typedef enum {
VIR_DOMAIN_EVENT_UNDEFINED_REMOVED = 0, /* Deleted the config file */
@@ -3488,7 +3488,7 @@ typedef enum {
/**
* virDomainEventStartedDetailType:
*
- * Details on the caused of the 'started' lifecycle event
+ * Details on the cause of the 'started' lifecycle event
*/
typedef enum {
VIR_DOMAIN_EVENT_STARTED_BOOTED = 0, /* Normal startup from boot */
@@ -3505,7 +3505,7 @@ typedef enum {
/**
* virDomainEventSuspendedDetailType:
*
- * Details on the caused of the 'suspended' lifecycle event
+ * Details on the cause of the 'suspended' lifecycle event
*/
typedef enum {
VIR_DOMAIN_EVENT_SUSPENDED_PAUSED = 0, /* Normal suspend due to admin pause */
@@ -3524,7 +3524,7 @@ typedef enum {
/**
* virDomainEventResumedDetailType:
*
- * Details on the caused of the 'resumed' lifecycle event
+ * Details on the cause of the 'resumed' lifecycle event
*/
typedef enum {
VIR_DOMAIN_EVENT_RESUMED_UNPAUSED = 0, /* Normal resume due to admin unpause */
@@ -3539,7 +3539,7 @@ typedef enum {
/**
* virDomainEventStoppedDetailType:
*
- * Details on the caused of the 'stopped' lifecycle event
+ * Details on the cause of the 'stopped' lifecycle event
*/
typedef enum {
VIR_DOMAIN_EVENT_STOPPED_SHUTDOWN = 0, /* Normal shutdown */
--
1.8.2.1
10 years, 11 months
[libvirt] RFC: virsh: add support for redirecting output to files in virsh shell
by Nehal J Wani
Currently, for redirecting output (most of the times its the output of
--dumpxml) we use:
virsh $command > $file
But such redirection is not possible in virsh shell. It would be great
if libvirt supported this feature for those who love working in the
'virsh shell' (instead of typing 'virsh' before every command).
A simple approach would be to either add the redirection feature using
'>' or having some option like -o or --outfile (it would be nice if it
is available for each command, and not just restricted to --dumpxml
ones)
Regards,
Nehal J Wani
10 years, 11 months
[libvirt] [PATCH] qemu: default to vfio for nodedev-detach
by Laine Stump
This patch resolves:
https://bugzilla.redhat.com/show_bug.cgi?id=1035188
Commit f094aaac48a6 changed the PCI device assignment in qemu domains
to default to using VFIO rather than legacy KVM device assignment
(when VFIO is available). It didn't change which driver was used by
default for virNodeDeviceDetachFlags(), though, so that API (and the
virsh nodedev-detach command) was still binding to the pci-stub
driver, used by legacy KVM assignment, by default.
This patch publicizes (only within the qemu module, though, so no
additions to the symbol exports are needed) the functions that check
for presence of KVM and VFIO device assignment, then uses those
functions to decide what to do when no driver is specified for
virNodeDeviceDetachFlags(); if the vfio driver is loaded, the device
will be bound to vfio-pci, or if legacy KVM assignment is supported on
this system, the device will be bound to pci-stub; if neither method
is avialable, the detach will fail.
---
src/qemu/qemu_driver.c | 19 ++++++++++++++++---
src/qemu/qemu_hostdev.c | 6 +++---
src/qemu/qemu_hostdev.h | 4 +++-
3 files changed, 22 insertions(+), 7 deletions(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 47d8a09..6e65d7c 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -10737,12 +10737,25 @@ qemuNodeDeviceDetachFlags(virNodeDevicePtr dev,
if (!pci)
goto cleanup;
- if (!driverName || STREQ(driverName, "kvm")) {
- if (virPCIDeviceSetStubDriver(pci, "pci-stub") < 0)
- goto cleanup;
+ if (!driverName) {
+ /* prefer vfio */
+ if (qemuHostdevHostSupportsPassthroughVFIO())
+ driverName = "vfio";
+ else if (qemuHostdevHostSupportsPassthroughLegacy())
+ driverName = "kvm";
+ }
+
+ if (!driverName) {
+ virReportError(VIR_ERR_INVALID_ARG, "%s",
+ _("neither VFIO nor kvm device assignment is "
+ "currently supported on this system"));
+ goto cleanup;
} else if (STREQ(driverName, "vfio")) {
if (virPCIDeviceSetStubDriver(pci, "vfio-pci") < 0)
goto cleanup;
+ } else if (STREQ(driverName, "kvm")) {
+ if (virPCIDeviceSetStubDriver(pci, "pci-stub") < 0)
+ goto cleanup;
} else {
virReportError(VIR_ERR_INVALID_ARG,
_("unknown driver name '%s'"), driverName);
diff --git a/src/qemu/qemu_hostdev.c b/src/qemu/qemu_hostdev.c
index f5cad15..dee61e7 100644
--- a/src/qemu/qemu_hostdev.c
+++ b/src/qemu/qemu_hostdev.c
@@ -501,7 +501,7 @@ qemuDomainHostdevNetConfigRestore(virDomainHostdevDefPtr hostdev,
}
-static bool
+bool
qemuHostdevHostSupportsPassthroughVFIO(void)
{
DIR *iommuDir = NULL;
@@ -541,7 +541,7 @@ cleanup:
#if HAVE_LINUX_KVM_H
# include <linux/kvm.h>
-static bool
+bool
qemuHostdevHostSupportsPassthroughLegacy(void)
{
int kvmfd = -1;
@@ -563,7 +563,7 @@ cleanup:
return ret;
}
#else
-static bool
+bool
qemuHostdevHostSupportsPassthroughLegacy(void)
{
return false;
diff --git a/src/qemu/qemu_hostdev.h b/src/qemu/qemu_hostdev.h
index 272086e..ffb3167 100644
--- a/src/qemu/qemu_hostdev.h
+++ b/src/qemu/qemu_hostdev.h
@@ -1,7 +1,7 @@
/*
* qemu_hostdev.h: QEMU hostdev management
*
- * Copyright (C) 2006-2007, 2009-2010 Red Hat, Inc.
+ * Copyright (C) 2006-2007, 2009-2013 Red Hat, Inc.
* Copyright (C) 2006 Daniel P. Berrange
*
* This library is free software; you can redistribute it and/or
@@ -33,6 +33,8 @@ int qemuUpdateActiveUsbHostdevs(virQEMUDriverPtr driver,
virDomainDefPtr def);
int qemuUpdateActiveScsiHostdevs(virQEMUDriverPtr driver,
virDomainDefPtr def);
+bool qemuHostdevHostSupportsPassthroughLegacy(void);
+bool qemuHostdevHostSupportsPassthroughVFIO(void);
int qemuPrepareHostdevPCIDevices(virQEMUDriverPtr driver,
const char *name,
const unsigned char *uuid,
--
1.8.4.2
10 years, 11 months
[libvirt] [PATCHv2 0/4] Refactor pool source formatting
by Peter Krempa
A subset of the big gluster snapshot series. I accidentaly squashed two patches
together so I'm reposting the subset that was broken for re-review.
Peter Krempa (4):
test: Implement fake storage pool driver in qemuxml2argv test
qemuxml2argv: Add test to verify correct usage of disk type="volume"
qemuxml2argv: Add test for disk type='volume' with iSCSI pools
qemu: Refactor qemuTranslatePool source
src/conf/domain_conf.h | 1 +
src/libvirt_private.syms | 1 +
src/qemu/qemu_command.c | 76 +--------
src/qemu/qemu_conf.c | 129 +++++++++-----
src/qemu/qemu_conf.h | 2 +
.../qemuxml2argv-disk-source-pool-mode.args | 10 ++
.../qemuxml2argv-disk-source-pool-mode.xml | 4 +-
.../qemuxml2argv-disk-source-pool.args | 8 +
.../qemuxml2argv-disk-source-pool.xml | 2 +-
tests/qemuxml2argvtest.c | 187 +++++++++++++++++++++
10 files changed, 306 insertions(+), 114 deletions(-)
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-source-pool-mode.args
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-source-pool.args
--
1.8.4.3
10 years, 11 months
[libvirt] [PATCH] Link libvirt-sandbox from apps page
by Daniel P. Berrange
From: "Daniel P. Berrange" <berrange(a)redhat.com>
Add a link to the http://sandbox.libvirt.org sub-site from the
list of libraries related to libvirt. Also fix formatting for
the ruby libvirt binding.
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
---
docs/apps.html.in | 27 ++++++++++++++++-----------
1 file changed, 16 insertions(+), 11 deletions(-)
diff --git a/docs/apps.html.in b/docs/apps.html.in
index 3598062..79e46fd 100644
--- a/docs/apps.html.in
+++ b/docs/apps.html.in
@@ -277,19 +277,24 @@
host, and there is a subproject to allow merging changes into the
Windows Registry in Windows guests.
</dd>
+
+ <dt><a href="http://sandbox.libvirt.org">libvirt-sandbox</a></dd>
+ <dd>
+ A library and command line tools for simplifying the creation of
+ application sandboxes using virtualization technology. It currently
+ supports either KVM, QEMU or LXC as backends. Integration with
+ systemd facilitates sandboxing of system services like apache.
+ </dd>
+ <dt><a href="https://github.com/ohadlevy/virt#readme">Ruby
+ Libvirt Object bindings</a></dt>
+ <dd>
+ Allows using simple ruby objects to manipulate
+ hypervisors, guests, storage, network etc. It is
+ based on top of
+ the <a href="http://libvirt.org/ruby">native ruby bindings</a>.
+ </dd>
</dl>
- <dl>
- <dt><a href="https://github.com/ohadlevy/virt#readme">Ruby
- Libvirt Object bindings</a></dt>
- <dd>
- Allows using simple ruby objects to manipulate
- hypervisors, guests, storage, network etc. It is
- based on top of
- the <a href="http://libvirt.org/ruby">native ruby
- bindings</a>.
- </dd>
- </dl>
<h2><a name="livecd">LiveCD / Appliances</a></h2>
<dl>
--
1.8.3.1
10 years, 11 months