[libvirt] [PATCH] sanlock: Truncate domain names longer than SANLK_NAME_LEN
by Jiri Denemark
Libvirt uses a domain name to fill in owner_name in sanlock_options in
virLockManagerSanlockAcquire. Unfortunately, owner_name is limited to
SANLK_NAME_LEN characters (including trailing '\0'), which means domains
with longer names fail to start when sanlock is enabled. However, we can
truncate the name when setting owner_name as explained by sanlock's
author:
Setting sanlk_options or the owner_name is unnecessary, and has very
little to no benefit. If you do provide something in owner_name, it can
be anything, sanlock doesn't care or use it.
If you run the command "sanlock status", the output will display a list
of clients connected to the sanlock daemon. This client list is
displayed as "pid owner_name" if the client has provided an owner_name
via sanlk_options. This debugging output is the only usage of
owner_name, so its only benefit is to potentially provide a more human
friendly output for debugging purposes.
Signed-off-by: Jiri Denemark <jdenemar(a)redhat.com>
---
src/locking/lock_driver_sanlock.c | 19 +++++++------------
1 file changed, 7 insertions(+), 12 deletions(-)
diff --git a/src/locking/lock_driver_sanlock.c b/src/locking/lock_driver_sanlock.c
index 958d39a..f11f3c6 100644
--- a/src/locking/lock_driver_sanlock.c
+++ b/src/locking/lock_driver_sanlock.c
@@ -81,7 +81,7 @@ static virLockManagerSanlockDriver *driver = NULL;
struct _virLockManagerSanlockPrivate {
const char *vm_uri;
- char vm_name[SANLK_NAME_LEN];
+ char *vm_name;
unsigned char vm_uuid[VIR_UUID_BUFLEN];
unsigned int vm_id;
unsigned int vm_pid;
@@ -474,12 +474,8 @@ static int virLockManagerSanlockNew(virLockManagerPtr lock,
if (STREQ(param->key, "uuid")) {
memcpy(priv->vm_uuid, param->value.uuid, 16);
} else if (STREQ(param->key, "name")) {
- if (!virStrcpy(priv->vm_name, param->value.str, SANLK_NAME_LEN)) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("Domain name '%s' exceeded %d characters"),
- param->value.str, SANLK_NAME_LEN);
+ if (VIR_STRDUP(priv->vm_name, param->value.str) < 0)
goto error;
- }
} else if (STREQ(param->key, "pid")) {
priv->vm_pid = param->value.ui;
} else if (STREQ(param->key, "id")) {
@@ -505,6 +501,7 @@ static void virLockManagerSanlockFree(virLockManagerPtr lock)
if (!priv)
return;
+ VIR_FREE(priv->vm_name);
for (i = 0; i < priv->res_count; i++)
VIR_FREE(priv->res_args[i]);
VIR_FREE(priv);
@@ -909,12 +906,10 @@ static int virLockManagerSanlockAcquire(virLockManagerPtr lock,
if (VIR_ALLOC(opt) < 0)
return -1;
- if (!virStrcpy(opt->owner_name, priv->vm_name, SANLK_NAME_LEN)) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("Domain name '%s' exceeded %d characters"),
- priv->vm_name, SANLK_NAME_LEN);
- goto error;
- }
+ /* sanlock doesn't use owner_name for anything, so it's safe to take just
+ * the first SANLK_NAME_LEN - 1 characters from vm_name */
+ ignore_value(virStrncpy(opt->owner_name, priv->vm_name,
+ SANLK_NAME_LEN - 1, SANLK_NAME_LEN));
if (state && STRNEQ(state, "")) {
if ((rv = sanlock_state_to_args((char *)state,
--
1.9.0
10 years, 9 months
[libvirt] [PATCH] build: skip virportallocatortest on cygwin
by Eric Blake
Cygwin supports <dlfcn.h> and even has limited LD_PRELOAD
capabilities; but because it does not use ELF binaries it
cannot support RTLD_NEXT lookups.
CC libvirportallocatormock_la-virportallocatortest.lo
virportallocatortest.c: In function 'init_syms':
virportallocatortest.c:47:24: error: 'RTLD_NEXT' undeclared (first use in this function)
realsocket = dlsym(RTLD_NEXT, "socket");
* tests/virportallocatortest.c: Also require RTLD_NEXT.
Signed-off-by: Eric Blake <eblake(a)redhat.com>
---
Pushing under the build-breaker rule.
tests/virportallocatortest.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/virportallocatortest.c b/tests/virportallocatortest.c
index 34843e3..5a93dad 100644
--- a/tests/virportallocatortest.c
+++ b/tests/virportallocatortest.c
@@ -23,7 +23,7 @@
#include "virfile.h"
#include "testutils.h"
-#if HAVE_DLFCN_H
+#if HAVE_DLFCN_H && defined(RTLD_NEXT)
# ifdef MOCK_HELPER
# include "internal.h"
--
1.8.5.3
10 years, 9 months
[libvirt] [PATCH] build: ignore cygwin toolchain droppings
by Eric Blake
The cygwin compiler automatically creates a '*.exe.manifest'
companion file for any .exe file that contains a substring
that would otherwise cause newer Windows to pester users about
needing admin rights (such as "update", "instal", "setup"...).
This means that compilation on cygwin left behind
tests/networkxml2xmlupdatetest.exe.manifest.
* .gitignore: Ignore manifest files.
Signed-off-by: Eric Blake <eblake(a)redhat.com>
---
Pushing under the trivial rule.
.gitignore | 1 +
1 file changed, 1 insertion(+)
diff --git a/.gitignore b/.gitignore
index 69c81df..1b063e1 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,6 +3,7 @@
*.a
*.cov
*.exe
+*.exe.manifest
*.gcda
*.gcno
*.gcov
--
1.8.5.3
10 years, 9 months
[libvirt] [PATCH] Fix minor typo (unkown)
by Yuri Chornoivan
Hi,
Sorry for not using git mailing capabilities (my mail service does not
work well with git).
Thanks for reviewing this patch.
Best regards,
Yuri
10 years, 9 months
[libvirt] [PATCH] qemu: cleanup tap devices on FreeBSD
by Roman Bogorodskiy
We have to explicitly destroy TAP devices on FreeBSD because
they're not freed after being closed, otherwise we end up with
orphaned TAP devices after destroying a domain.
---
src/qemu/qemu_process.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index ffa939a..9181423 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -61,6 +61,7 @@
#include "viruuid.h"
#include "virprocess.h"
#include "virtime.h"
+#include "virnetdevbridge.h"
#include "virnetdevtap.h"
#include "virbitmap.h"
#include "viratomic.h"
@@ -4381,6 +4382,12 @@ void qemuProcessStop(virQEMUDriverPtr driver,
virDomainNetGetActualVirtPortProfile(net),
cfg->stateDir));
VIR_FREE(net->ifname);
+ } else if (virDomainNetGetActualType(net) == VIR_DOMAIN_NET_TYPE_BRIDGE) {
+ /* On some OSes, e.g. FreeBSD, tap devices are not cleaned up when released,
+ * so we have to handle that manually */
+ ignore_value(virNetDevBridgeRemovePort(virDomainNetGetActualBridgeName(net),
+ net->ifname));
+ ignore_value(virNetDevTapDelete(net->ifname));
}
/* release the physical device (or any other resources used by
* this interface in the network driver
--
1.8.4.3
10 years, 9 months
Re: [libvirt] [lxc-devel] capset fails with userns
by Serge Hallyn
Quoting Stephan Sachse (ste.sachse(a)gmail.com):
> > Look at security/commoncap.c:cap_inode_setxattr()
> >
> > Whereas file ownership is properly namespaced, and task capabilities
> > are properly namespaced, file capabilities are more problematic. To
> > support this, I think we'd need a new capability xattr format. If we
> > add the kuid_t of the user_namespace root id, I think we could safely
> > support this.
>
> sorry for this :) but i'm not a kernel/c programmer.
No no, thanks for raising the issue, and thanks for having sent a patch!
> maybe there must be more then one cap set per file.
>
> security.capability for the init_ns
> security.capability.{kuid_t} for the userns
>
> the name of the xattr must be transparently mapped.
>
> in userns for get*() if there is no security.capability.{kuid_t} use
> the security.capability. but never write to security.capability always
> to security.capability.{kuid_t}
>
> or the format of security.capability must be changed to support more
> then one set of caps. every capability set must be associated with a
> kuid_t.
To avoid impacting the performance of the host case, we could
keep the current XATTR_NAME_CAPS format in init_user_ns, and
add a new XATTR_NAME_CAPS_V2 which adds the kuid_t.
> back to line one of my mail: i'm not a kernel/c programmer :'(
This frankly looks like fun, but I won't have time to work on this
this week. If anyone else does, I'll happily look at the patches.
thanks,
-serge
10 years, 9 months
[libvirt] LXC: capset fails with userns
by Stephan Sachse
w/ userns:
[root@fedora2 ~]# setcap 'cap_net_admin,cap_net_raw+ep' /usr/bin/ping
Failed to set capabilities on file `/usr/bin/ping' (Operation not permitted)
[root@fedora2 ~]# id
uid=0(root) gid=0(root) groups=0(root)
w/o userns:
[root@fedora2 ~]# setcap 'cap_net_admin,cap_net_raw+ep' /usr/bin/ping
[root@fedora2 ~]# getcap /usr/bin/ping
/usr/bin/ping = cap_net_admin,cap_net_raw+ep
[root@fedora2 ~]# id
uid=0(root) gid=0(root) groups=0(root)
every yum install <pkg> where the pkg has file capabilities fails with
Error unpacking rpm package <PKG>
error: unpacking of archive failed on file <FILE>: cpio: cap_set_file
is there a way to get this working?
/stephan
--
Software is like sex, it's better when it's free!
10 years, 9 months
[libvirt] [PATCH v2 0/2] support dumping guest memory in compressed format
by Qiao Nuohan
dumping guest's memroy is introduced without compression supported, and this is
a freature regression of 'virsh dump --memory-only'. This patchset is used to
add support in libvirt side to make qemu dump guest's memory in kdump-compressed
format and please refer the following address to see implementation of the qemu
side, the lastest version of qemu side is v9(ready for being queued).
http://lists.nongnu.org/archive/html/qemu-devel/2014-02/msg03016.html
ChangLog:
Changes from v1 to v2:
1. address Daniel P. Berrange's comment about using a new parameter to replace
flags like VIR_DUMP_COMPRESS_ZLIB.
qiaonuohan (2):
make qemu dump memory in kdump-compressed format
add dump_memory_format in qemu.conf
include/libvirt/libvirt.h.in | 15 +++++++++-
src/driver.h | 3 +-
src/libvirt.c | 10 +++++--
src/qemu/libvirtd_qemu.aug | 1 +
src/qemu/qemu.conf | 13 +++++++-
src/qemu/qemu_conf.c | 3 ++
src/qemu/qemu_conf.h | 2 ++
src/qemu/qemu_driver.c | 61 +++++++++++++++++++++++++++++++++-----
src/qemu/qemu_monitor.c | 6 ++--
src/qemu/qemu_monitor.h | 3 +-
src/qemu/qemu_monitor_json.c | 4 ++-
src/qemu/qemu_monitor_json.h | 3 +-
src/qemu/test_libvirtd_qemu.aug.in | 1 +
src/remote/remote_protocol.x | 1 +
src/test/test_driver.c | 12 +++++++-
tests/qemumonitorjsontest.c | 2 +-
tools/virsh-domain.c | 45 +++++++++++++++++++++++++++-
17 files changed, 163 insertions(+), 22 deletions(-)
10 years, 9 months
[libvirt] [PATCH] spec: Fix braces around macros
by Peter Krempa
In commit 72f7658ba24491672e6b81118f892400916e9404 I've added a few
macros with bad bracing. Although they work as expected fix them so that
we use uniform syntax.
---
libvirt.spec.in | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index fae4bb7..ef3b832 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -98,7 +98,7 @@
%else
%define with_storage_sheepdog 0
%endif
-%if 0%{?fedora} >= 19 || 0%{?rhel >= 6}
+%if 0%{?fedora} >= 19 || 0%{?rhel} >= 6
%define with_storage_gluster 0%{!?_without_storage_gluster:%{server_drivers}}
%else
%define with_storage_gluster 0
@@ -155,7 +155,7 @@
# libgfapi is built only on x86_64 on rhel
%ifnarch x86_64
- %if 0%{?rhel >= 6}
+ %if 0%{?rhel} >= 6
%define with_storage_gluster 0
%endif
%endif
--
1.8.5.5
10 years, 9 months
[libvirt] [PATCH] spec: Use correct versions of libgfapi in RHEL builds
by Peter Krempa
RHEL still uses the 3.4.0 package of libgfapi and the package is built
only for x86_64.
---
libvirt.spec.in | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index 3d5a69e..67b5557 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -98,7 +98,7 @@
%else
%define with_storage_sheepdog 0
%endif
-%if 0%{?fedora} >= 19
+%if 0%{?fedora} >= 19 || 0%{?rhel >= 6}
%define with_storage_gluster 0%{!?_without_storage_gluster:%{server_drivers}}
%else
%define with_storage_gluster 0
@@ -153,6 +153,13 @@
%define with_numactl 0
%endif
+# libgfapi is built only on x86_64 on rhel
+%ifnarch x86_64
+ %if 0%{?rhel >= 6}
+ %define with_storage_gluster 0
+ %endif
+%endif
+
# RHEL doesn't ship OpenVZ, VBox, UML, PowerHypervisor,
# VMWare, libxenserver (xenapi), libxenlight (Xen 4.1 and newer),
# or HyperV.
@@ -571,9 +578,14 @@ BuildRequires: ceph-devel
%endif
%endif
%if %{with_storage_gluster}
+%if 0%{?rhel} >= 6
+BuildRequires: glusterfs-api-devel >= 3.4.0
+BuildRequires: glusterfs-devel >= 3.4.0
+%else
BuildRequires: glusterfs-api-devel >= 3.4.1
BuildRequires: glusterfs-devel >= 3.4.1
%endif
+%endif
%if %{with_numactl}
# For QEMU/LXC numa info
BuildRequires: numactl-devel
--
1.8.5.5
10 years, 9 months
