Re: [libvirt] [PATCH] virsh: Fix domdisplay when domain only uses TLS
by Martin Kletzander
On Fri, Sep 27, 2013 at 05:43:50PM +0200, Christophe Fergeau wrote:
> Hey Martin,
>
> Your reply wasn't sent to the mailing list, I'm assuming this was
> unintentional.
>
Yes, sorry, that happened to me with 2 ACKs today :-(
> On Fri, Sep 27, 2013 at 12:08:27PM +0200, Martin Kletzander wrote:
> > On Wed, Sep 25, 2013 at 05:59:54PM +0200, Christophe Fergeau wrote:
> > > It's possible to create a domain which will only use a TLS port
> > > and will not have a non-TLS port set by using:
> > > <graphics type='spice' autoport='yes' defaultMode='secure'/>
> > > In such a setup, the 'graphics' node for the running domain will be:
> > > <graphics type='spice' tlsPort='5900'
> > > autoport='yes' listen='127.0.0.1'
> > > defaultMode='secure'>
> > >
> > > However, cmdDomDisplay loops over all the 'graphics' node, and it
> > > ignores nodes which don't have a 'port' attribute. This means
> > > 'virsh domdisplay' will only return an empty string for domains
> > > as the one above.
> > >
> > > This commit looks for both 'port' and 'tlsPort' before deciding
> > > to ignore a graphics node. It also makes sure 'port' is not printed
> > > when it's not set.
> > > This makes 'virsh domdisplay' return
> > > 'spice://127.0.0.1?tls-port=5900' for domains using only a TLS
> > > port.
> > >
> > > Signed-off-by: Christophe Fergeau <cfergeau(a)redhat.com>
> > > ---
> > > tools/virsh-domain.c | 28 ++++++++++++++++------------
> > > 1 file changed, 16 insertions(+), 12 deletions(-)
> > >
> >
> > ACK and OK for this release.
>
> Thanks, I've pushed this to master.
>
> This patch would also be a good candidate for the stable branch, is there
> some process to follow to get it in there?
>
IIRC, either let Cole know or, if you have the rights, feel free to
just back-port it when it is a bug (which this is).
Martin
11 years, 8 months
[libvirt] [PATCH v2] fchosttest: Run the test only under linux
by Michal Privoznik
Currently, we have functions to handle fc_host implemented just
for linux. On all other platforms an error is thrown. It makes no
sense to run the test on those platforms then.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
tests/Makefile.am | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 1a7ff4b..17a2a72 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -129,9 +129,12 @@ test_programs = virshtest sockettest \
virportallocatortest \
sysinfotest \
virstoragetest \
- fchosttest \
$(NULL)
+if WITH_LINUX
+test_programs += fchosttest
+endif WITH_LINUX
+
if WITH_LIBVIRTD
test_programs += fdstreamtest
endif WITH_LIBVIRTD
@@ -845,10 +848,15 @@ fdstreamtest_SOURCES = \
fdstreamtest.c testutils.h testutils.c
fdstreamtest_LDADD = $(LDADDS)
+if WITH_LINUX
fchosttest_SOURCES = \
fchosttest.c testutils.h testutils.c
fchosttest_LDADD = $(LDADDS)
+else ! WITH_LINUX
+EXTRA_DIST += fchosttest.c
+endif ! WITH_LINUX
+
if WITH_CIL
CILOPTFLAGS =
CILOPTINCS =
--
1.8.1.5
11 years, 8 months
[libvirt] [PATCH] Makefile.am: Always include rule to make org.libvirt.api.policy
by Michal Privoznik
When running 'make dist' on a system without policykit, we currently
fail. This is because $(srcdir)/access/org.libvirt.api.policy is in
EXTRA_DIST, however, the rule to generate the file is conditional
whether we build with polkit or not.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/Makefile.am | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/Makefile.am b/src/Makefile.am
index 09311b7..2b4549e 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -1519,6 +1519,10 @@ libvirt_driver_access_la_LIBADD =
EXTRA_DIST += access/genpolkit.pl
+$(ACCESS_DRIVER_POLKIT_POLICY): $(srcdir)/access/viraccessperm.h \
+ $(srcdir)/access/genpolkit.pl Makefile.am
+ $(AM_V_GEN)$(PERL) $(srcdir)/access/genpolkit.pl < $< > $@ || rm -f $@
+
if WITH_POLKIT1
libvirt_driver_access_la_SOURCES += $(ACCESS_DRIVER_POLKIT_SOURCES)
@@ -1527,10 +1531,6 @@ if WITH_LIBVIRTD
polkitaction_DATA = $(ACCESS_DRIVER_POLKIT_POLICY)
endif WITH_LIBVIRTD
-$(ACCESS_DRIVER_POLKIT_POLICY): $(srcdir)/access/viraccessperm.h \
- $(srcdir)/access/genpolkit.pl Makefile.am
- $(AM_V_GEN)$(PERL) $(srcdir)/access/genpolkit.pl < $< > $@ || rm -f $@
-
CLEANFILES += $(ACCESS_DRIVER_POLKIT_POLICY)
BUILT_SOURCES += $(ACCESS_DRIVER_POLKIT_POLICY)
else ! WITH_POLKIT1
--
1.8.1.5
11 years, 8 months
[libvirt] [PATCH 1/3] BSD: Ensure UNIX socket credentials are valid
by Doug Goldstein
Ensure that the socket credentials we got back on BSD are valid before
using them.
---
src/rpc/virnetsocket.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
index b311aae..49c6ddc 100644
--- a/src/rpc/virnetsocket.c
+++ b/src/rpc/virnetsocket.c
@@ -1166,6 +1166,18 @@ int virNetSocketGetUNIXIdentity(virNetSocketPtr sock,
return -1;
}
+ if (cr.cr_version != XUCRED_VERSION) {
+ virReportError(VIR_ERR_SYSTEM_ERROR, "%s",
+ _("Failed to get valid client socket identity"));
+ return -1;
+ }
+
+ if (cr.cr_ngroups == 0) {
+ virReportError(VIR_ERR_SYSTEM_ERROR, "%s",
+ _("Failed to get valid client socket identity groups"));
+ return -1;
+ }
+
*pid = -1;
*uid = cr.cr_uid;
*gid = cr.cr_gid;
--
1.8.1.5
11 years, 8 months
[libvirt] [PATCH 00/17] Many OOM fixes
by Daniel P. Berrange
From: "Daniel P. Berrange" <berrange(a)redhat.com>
This series fixes a large number of problems in OOM codepaths. These
are primarily memory leaks, but there's one crash in Xen parsing code
and a few places which silently ignore failure leading to corrupt
or malformed output.
Daniel P. Berrange (17):
Fix leak in virDomainVcpuPinDefArrayFree
Avoid leak if virDomainSoundCodecDefParseXML return error
Fix leak in virDomainVcpuPinDefParseXML parsing cpumask
Fix leak in virDomainDefParseXML parsing vcpupin
Fix leak of address string in qemuDomainPCIAddressGetNextSlot
Avoid leak in qemuParseRBDString on failure of qemuAddRBDHost
Fix failure to honour OOM status in qemuParseNBDString
Fix leak on OOM in qemuBuildCommandLine dealing with sound card
Fix leak in qemuParseCommandLineDisk on OOM
Fix missing jump to error cleanup in qemuParseCommandLineDisk
Fix leak in qemuStringToArgvEnv upon OOM
Fix leak in qemuParseCommandLine on OOM
Fix leak of command line args in qemuParseCommandLine
Fix leak of char device in xenParseXM
Fix crash on OOM in xenParseXM handling consoles
Fix broken formatting on OOM in xenFormatXM
Fix leak of serial value in xenFormatXM on OOM
src/conf/domain_conf.c | 16 +++++++++-----
src/qemu/qemu_command.c | 56 ++++++++++++++++++++++++++++---------------------
src/qemu/qemu_conf.c | 18 ++++++++++++++++
src/qemu/qemu_conf.h | 2 ++
src/qemu/qemu_domain.c | 15 +------------
src/xenxs/xen_xm.c | 12 +++++++----
6 files changed, 72 insertions(+), 47 deletions(-)
--
1.8.3.1
11 years, 8 months
[libvirt] [PATCH] LXC: workaround machined uncleaned data with containers running systemd.
by Cédric Bosdonnat
The problem is described by [0] but its effect on libvirt is that
starting a container with a full distro running systemd after having
stopped it simply fails.
The container cleanup now calls the machined Terminate function to make
sure that everything is in order for the next run.
[0]: https://bugs.freedesktop.org/show_bug.cgi?id=68370
---
src/Makefile.am | 4 +++-
src/lxc/lxc_process.c | 8 ++++++++
src/util/virsystemd.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++
src/util/virsystemd.h | 4 ++++
4 files changed, 70 insertions(+), 1 deletion(-)
diff --git a/src/Makefile.am b/src/Makefile.am
index 4375ef7..211b42e 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -1170,7 +1170,9 @@ EXTRA_DIST += qemu/qemu.conf qemu/libvirtd_qemu.aug \
if WITH_LXC
noinst_LTLIBRARIES += libvirt_driver_lxc_impl.la
libvirt_driver_lxc_la_SOURCES =
-libvirt_driver_lxc_la_LIBADD = libvirt_driver_lxc_impl.la
+libvirt_driver_lxc_la_LIBADD = \
+ libvirt_driver_lxc_impl.la \
+ libvirt_util.la
if WITH_DRIVER_MODULES
mod_LTLIBRARIES += libvirt_driver_lxc.la
libvirt_driver_lxc_la_LIBADD += ../gnulib/lib/libgnu.la
diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c
index 4835bd5..f92c613 100644
--- a/src/lxc/lxc_process.c
+++ b/src/lxc/lxc_process.c
@@ -50,6 +50,7 @@
#include "virstring.h"
#include "viratomic.h"
#include "virprocess.h"
+#include "virsystemd.h"
#define VIR_FROM_THIS VIR_FROM_LXC
@@ -210,6 +211,13 @@ static void virLXCProcessCleanup(virLXCDriverPtr driver,
virCgroupFree(&priv->cgroup);
}
+ /* Get machined to terminate the machine as it may not have cleaned it
+ * properly. See https://bugs.freedesktop.org/show_bug.cgi?id=68370 for
+ * the bug we are working around here.
+ */
+ virSystemdTerminateMachine(vm->def->name, "lxc", true);
+
+
/* now that we know it's stopped call the hook if present */
if (virHookPresent(VIR_HOOK_DRIVER_LXC)) {
char *xml = virDomainDefFormat(vm->def, 0);
diff --git a/src/util/virsystemd.c b/src/util/virsystemd.c
index e72b7f0..3320e53 100644
--- a/src/util/virsystemd.c
+++ b/src/util/virsystemd.c
@@ -242,3 +242,58 @@ cleanup:
VIR_FREE(slicename);
return ret;
}
+
+int virSystemdTerminateMachine(const char *name,
+ const char *drivername,
+ bool privileged)
+{
+ int ret;
+ DBusConnection *conn;
+ char *machinename = NULL;
+ char *username = NULL;
+
+ ret = virDBusIsServiceEnabled("org.freedesktop.machine1");
+ if (ret < 0)
+ return ret;
+
+ conn = virDBusGetSystemBus();
+
+ ret = -1;
+ if (privileged) {
+ if (virAsprintf(&machinename, "%s-%s", drivername, name) < 0)
+ goto cleanup;
+ } else {
+ if (!(username = virGetUserName(geteuid())))
+ goto cleanup;
+ if (virAsprintf(&machinename, "%s-%s-%s", username, drivername, name) < 0)
+ goto cleanup;
+ }
+
+ /*
+ * The systemd DBus API we're invoking has the
+ * following signature
+ *
+ * TerminateMachine(in s name);
+ *
+ * @name a host unique name for the machine. shows up
+ * in 'ps' listing & similar
+ */
+
+ VIR_DEBUG("Attempting to terminate machine via systemd");
+ if (virDBusCallMethod(conn,
+ NULL,
+ "org.freedesktop.machine1",
+ "/org/freedesktop/machine1",
+ "org.freedesktop.machine1.Manager",
+ "TerminateMachine",
+ "s",
+ machinename) < 0)
+ goto cleanup;
+
+ ret = 0;
+
+cleanup:
+ VIR_FREE(username);
+ VIR_FREE(machinename);
+ return ret;
+}
diff --git a/src/util/virsystemd.h b/src/util/virsystemd.h
index 414ae5a..6c9c6df 100644
--- a/src/util/virsystemd.h
+++ b/src/util/virsystemd.h
@@ -38,4 +38,8 @@ int virSystemdCreateMachine(const char *name,
bool iscontainer,
const char *partition);
+int virSystemdTerminateMachine(const char *name,
+ const char *drivername,
+ bool privileged);
+
#endif /* __VIR_SYSTEMD_H__ */
--
1.8.4
11 years, 8 months
[libvirt] [PATCH] fchosttest: Run the test only under linux
by Michal Privoznik
Currently, we have functions to handle fc_host implemented just
for linux. On all other platforms an error is thrown. It makes no
sense to run the test on those platforms then.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
tests/fchosttest.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/tests/fchosttest.c b/tests/fchosttest.c
index 05ff20b..46bd784 100644
--- a/tests/fchosttest.c
+++ b/tests/fchosttest.c
@@ -163,6 +163,11 @@ mymain(void)
{
int ret = 0;
+#ifndef __linux__
+ fputs("Not compiled under linux, skipping this test\n", stderr);
+ return EXIT_AM_SKIP;
+#endif
+
if (virAsprintf(&fchost_prefix, "%s/%s", abs_srcdir,
"fchostdata/fc_host/") < 0) {
ret = -1;
--
1.8.1.5
11 years, 8 months
[libvirt] [PATCH 0/2] Fix a few memory leaks in libvirtd
by Jiri Denemark
Jiri Denemark (2):
qemu: Don't leak reference to virQEMUDriverConfigPtr
qemu: Free all driver data in qemuStateCleanup
src/qemu/qemu_driver.c | 2 ++
src/qemu/qemu_process.c | 3 ++-
2 files changed, 4 insertions(+), 1 deletion(-)
--
1.8.3.2
11 years, 8 months
[libvirt] [PATCH] build: Fix VPATH build error for locking daemon
by Viktor Mihajlovski
Removed superfluous/wrong srcdir prefix.
Signed-off-by: Viktor Mihajlovski <mihajlov(a)linux.vnet.ibm.com>
---
src/Makefile.am | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/Makefile.am b/src/Makefile.am
index 4057eda..09311b7 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -196,7 +196,7 @@ BUILT_SOURCES += $(LOCK_PROTOCOL_GENERATED)
MAINTAINERCLEANFILES += $(LOCK_PROTOCOL_GENERATED)
LOCK_DAEMON_GENERATED = \
- $(srcdir)/locking/lock_daemon_dispatch_stubs.h
+ locking/lock_daemon_dispatch_stubs.h
$(NULL)
BUILT_SOURCES += $(LOCK_DAEMON_GENERATED)
--
1.7.9.5
11 years, 8 months
[libvirt] [PATCH]lxc: don't start container when no root fs found
by Chen Hanxiao
From: Chen Hanxiao <chenhanxiao(a)cn.fujitsu.com>
Currently, if we don't explicitly add root fs for container,
libvirt will add one for us implicitly with "/" as src.
It would be not safe.
Unless user asked for it, we should not assume this.
Signed-off-by: Chen Hanxiao <chenhanxiao(a)cn.fujitsu.com>
---
src/lxc/lxc_process.c | 29 +++++++----------------------
1 file changed, 7 insertions(+), 22 deletions(-)
diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c
index 4835bd5..4f4a906 100644
--- a/src/lxc/lxc_process.c
+++ b/src/lxc/lxc_process.c
@@ -911,29 +911,14 @@ virLXCProcessEnsureRootFS(virDomainObjPtr vm)
{
virDomainFSDefPtr root = virDomainGetRootFilesystem(vm->def);
- if (root)
+ if (root) {
return 0;
-
- if (VIR_ALLOC(root) < 0)
- goto error;
-
- root->type = VIR_DOMAIN_FS_TYPE_MOUNT;
-
- if (VIR_STRDUP(root->src, "/") < 0 ||
- VIR_STRDUP(root->dst, "/") < 0)
- goto error;
-
- if (VIR_INSERT_ELEMENT(vm->def->fss,
- 0,
- vm->def->nfss,
- root) < 0)
- goto error;
-
- return 0;
-
-error:
- virDomainFSDefFree(root);
- return -1;
+ } else {
+ errno = EINVAL;
+ virReportSystemError(errno, "%s",
+ _("No root fs found for container"));
+ return -1;
+ }
}
/**
--
1.8.2.1
11 years, 8 months
