[libvirt] Question about verifying same uid:gid in src and dst for live migration
by Fei Li
Hi,
When I do live migration using virsh command line based on NFS shared
storage between two systems
having the same security mechanism and having the same kvm/qemu/libvirt
version, I encounter the
following error:
debug : qemuMonitorJSONIOProcessLine:193 : Line [{"timestamp": {"seconds": 1524893525, "microseconds": 522686},
"event": "BLOCK_IO_ERROR", "data": {"device": "drive-virtio-disk0", "nospace": false, "node-name": "#block120",
"reason": "Permission denied", "operation": "write", "action": "report"}}]
...
error: internal error: qemu unexpectedly closed the monitor:
qemu-system-x86_64: load of migration failed: Input/output error
...
According to the "Permission denied" && "write" information, I find the
below 2 ways can fix this error:
- Change the mode of guest's .qcow2 file from 644 to 646
- Keep qemu's uid the same one between src host and dst host (They are
not same before I change them)
My environment and test cases:
src:~ # id qemu
uid=473(qemu) gid=476(qemu) groups=488(kvm),476(qemu)
dst:~ # id qemu
uid=467(qemu) gid=470(qemu) groups=488(kvm),470(qemu)
In /etc/libvirt/qemu.conf, my confifuration is the following default:
# The user for QEMU processes run by the system instance. It can be
# specified as a user name or as a user id. The qemu driver will try to
# parse this value first as a name and then, if the name doesn't exist,
# as a user id.
#
# Since a sequence of digits is a valid user name, a leading plus sign
# can be used to ensure that a user id will not be interpreted as a user
# name.
#
# Some examples of valid values are:
#
# user = "qemu" # A user named "qemu"
# user = "+0" # Super user (uid=0)
# user = "100" # A user named "100" or a user with uid=100
#
#user = "root"
# The group for QEMU processes run by the system instance. It can be
# specified in a similar way to user.
#group = "root"
# Whether libvirt should dynamically change file ownership
# to match the configured user/group above. Defaults to 1.
# Set to 0 to disable file ownership changes.
#dynamic_ownership = 1
On the src, do live migration "virsh -d 0 migrate --live vm-name qemu+ssh://dst-ip/system":
- after a vm is defined, user:group=root:root
- after a vm is started, user:group=qemu:qemu
- after migration begins, user:group=467:470 (that is dst's uid:gid)
- after migration succeeds, user:group=467:470 (that is dst's uid:gid)
- after a vm is destroyed, user:group=root:root (back to the src's)
- after migration fails, user:group=467:470; the vm is still running in src but the file inside the guest
becomes read-only even its mode is 644
Other notes:
- I tried libvirt v3.3.0 && v4.0.0 to do the same test, both can see
such error.
After confirming that keeping qemu's uid identical between src host and
dst host can fix such issue,
my question is whether a fix in libvirt should be pursued or just
document the requirement for same
uid:gid across host systems in a migration cluster is ok?
BTW, if a fix is needed, maybe the pre-migration checks in libvirt could
determine different uid and/or gid
and fail sooner with a better/explicit error like "Should keep the qemu
uid in src and dst be the same for
migration, or elsemigration will fail"?
Does anyone have noticed this and could give some suggestions? Thanks a lot!
Have a nice day, thanks again
Fei
6 years, 5 months
[libvirt] [jenkins-ci PATCH] projects: Run libvirt's 'make check' on all machines
by Andrea Bolognani
Up until now, we had to skip it on FreeBSD due to some
portability issues in the test suite, but as of libvirt
commit 0b86e23d2569 they've all been fixed.
Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
---
projects/libvirt.yaml | 7 -------
1 file changed, 7 deletions(-)
diff --git a/projects/libvirt.yaml b/projects/libvirt.yaml
index 9b9b0b4..6f5464b 100644
--- a/projects/libvirt.yaml
+++ b/projects/libvirt.yaml
@@ -18,13 +18,6 @@
- libvirt-fedora-rawhide
- autotools-check-job:
parent_jobs: 'libvirt-master-syntax-check'
- machines:
- - libvirt-centos-7
- - libvirt-debian-8
- - libvirt-debian-9
- - libvirt-fedora-27
- - libvirt-fedora-28
- - libvirt-fedora-rawhide
local_env: |
export VIR_TEST_EXPENSIVE=1
export VIR_TEST_DEBUG=2
--
2.14.3
6 years, 5 months
[libvirt] [PATCHv2] Deprecate QEMU_CAPS_NESTING
by Ján Tomko
Unused since commit <a7424fa>.
Signed-off-by: Ján Tomko <jtomko(a)redhat.com>
---
v2: also delete the hasHwVirt variable as well as the whole 'svm'
checking
src/qemu/qemu_capabilities.h | 2 +-
src/qemu/qemu_command.c | 24 ------------------------
2 files changed, 1 insertion(+), 25 deletions(-)
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
index abd6eff14a..b9628b8266 100644
--- a/src/qemu/qemu_capabilities.h
+++ b/src/qemu/qemu_capabilities.h
@@ -105,7 +105,7 @@ typedef enum { /* virQEMUCapsFlags grouping marker for syntax-check */
/* 40 */
X_QEMU_CAPS_FSDEV, /* -fstype filesystem passthrough */
- QEMU_CAPS_NESTING, /* -enable-nesting (SVM/VMX) */
+ X_QEMU_CAPS_NESTING, /* -enable-nesting (SVM/VMX) */
X_QEMU_CAPS_NAME_PROCESS, /* Is -name process= available */
X_QEMU_CAPS_DRIVE_READONLY, /* -drive readonly=on|off */
X_QEMU_CAPS_SMBIOS_TYPE, /* Is -smbios type= available */
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 50b0ffcf94..22c560c67c 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -6652,7 +6652,6 @@ qemuBuildCpuCommandLine(virCommandPtr cmd,
{
virArch hostarch = virArchFromHost();
char *cpu = NULL, *cpu_flags = NULL;
- bool hasHwVirt = false;
int ret = -1;
virBuffer cpu_buf = VIR_BUFFER_INITIALIZER;
virBuffer buf = VIR_BUFFER_INITIALIZER;
@@ -6662,26 +6661,6 @@ qemuBuildCpuCommandLine(virCommandPtr cmd,
(def->cpu->mode != VIR_CPU_MODE_CUSTOM || def->cpu->model)) {
if (qemuBuildCpuModelArgStr(driver, def, &cpu_buf, qemuCaps) < 0)
goto cleanup;
-
- /* Only 'svm' requires --enable-nesting. The nested 'vmx' patches now
- * simply hook off the CPU features. */
- if (ARCH_IS_X86(def->os.arch) &&
- def->virtType == VIR_DOMAIN_VIRT_KVM) {
- virCPUDefPtr cpuDef = NULL;
-
- if (def->cpu->mode == VIR_CPU_MODE_CUSTOM)
- cpuDef = def->cpu;
- else if (def->cpu->mode == VIR_CPU_MODE_HOST_PASSTHROUGH)
- cpuDef = virQEMUCapsGetHostModel(qemuCaps, def->virtType,
- VIR_QEMU_CAPS_HOST_CPU_REPORTED);
-
- if (cpuDef) {
- int svm = virCPUCheckFeature(def->os.arch, cpuDef, "svm");
- if (svm < 0)
- goto cleanup;
- hasHwVirt = svm > 0;
- }
- }
} else {
/*
* Need to force a 32-bit guest CPU type if
@@ -6870,9 +6849,6 @@ qemuBuildCpuCommandLine(virCommandPtr cmd,
if (cpu) {
virCommandAddArg(cmd, "-cpu");
virCommandAddArgFormat(cmd, "%s%s", cpu, cpu_flags ? cpu_flags : "");
-
- if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_NESTING) && hasHwVirt)
- virCommandAddArg(cmd, "-enable-nesting");
}
ret = 0;
--
2.16.1
6 years, 5 months
[libvirt] [PATCH] rpc: fixing compilation error due to deprecated ssh_get_publickey().
by Julio Faracco
After 0.7.5 release, libssh deprecated ssh_get_publickey() method to
introduce ssh_get_server_publickey(). This commit check the current
version of libssh and use the proper method during the compilation.
See the error:
make[3]: Entering directory '/home/julio/Desktop/virt/libvirt/src'
CC rpc/libvirt_net_rpc_la-virnetlibsshsession.lo
rpc/virnetlibsshsession.c:217:9: error: 'ssh_get_publickey' is deprecated [-Werror,-Wdeprecated-declarations]
if (ssh_get_publickey(sess->session, &key) != SSH_OK) {
^
/usr/include/libssh/libssh.h:489:1: note: 'ssh_get_publickey' has been explicitly marked deprecated here
SSH_DEPRECATED LIBSSH_API int ssh_get_publickey(ssh_session session, ssh_key *key);
^
/usr/include/libssh/libssh.h:99:40: note: expanded from macro 'SSH_DEPRECATED'
^
1 error generated.
Makefile:8604: recipe for target 'rpc/libvirt_net_rpc_la-virnetlibsshsession.lo' failed
Signed-off-by: Julio Faracco <jcfaracco(a)gmail.com>
---
src/rpc/virnetlibsshsession.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/rpc/virnetlibsshsession.c b/src/rpc/virnetlibsshsession.c
index 309e8a9340..96c5bc0882 100644
--- a/src/rpc/virnetlibsshsession.c
+++ b/src/rpc/virnetlibsshsession.c
@@ -214,7 +214,11 @@ virLibsshServerKeyAsString(virNetLibsshSessionPtr sess)
size_t keyhashlen;
char *str;
+#if LIBSSH_VERSION_INT > 0x0705 /* 0.7.5 */
+ if (ssh_get_server_publickey(sess->session, &key) != SSH_OK) {
+#else
if (ssh_get_publickey(sess->session, &key) != SSH_OK) {
+#endif
virReportError(VIR_ERR_LIBSSH, "%s",
_("failed to get the key of the current "
"session"));
--
2.17.0
6 years, 5 months
[libvirt] [PATCH] xenconfig: remove my name and email from files
by David Kiarie
Remove my name and email from these files
Signed-off-by: David Kiarie <davidkiarie4(a)gmail.com>
---
src/xenconfig/xen_xl.c | 1 -
src/xenconfig/xen_xl.h | 1 -
tests/xlconfigtest.c | 1 -
3 files changed, 3 deletions(-)
diff --git a/src/xenconfig/xen_xl.c b/src/xenconfig/xen_xl.c
index 35d52f8a..f0d9177c 100644
--- a/src/xenconfig/xen_xl.c
+++ b/src/xenconfig/xen_xl.c
@@ -17,7 +17,6 @@
* License along with this library. If not, see
* <http://www.gnu.org/licenses/>.
*
- * Author: Kiarie Kahurani <davidkiarie4(a)gmail.com>
* Author: Jim Fehlig <jfehlig(a)suse.com>
*/
diff --git a/src/xenconfig/xen_xl.h b/src/xenconfig/xen_xl.h
index 68f332ac..588d8d11 100644
--- a/src/xenconfig/xen_xl.h
+++ b/src/xenconfig/xen_xl.h
@@ -17,7 +17,6 @@
* License along with this library. If not, see
* <http://www.gnu.org/licenses/>.
*
- * Author: Kiarie Kahurani<davidkiarie4(a)gmail.com>
*/
#ifndef __VIR_XEN_XL_H__
diff --git a/tests/xlconfigtest.c b/tests/xlconfigtest.c
index 39f51e2d..36f7699f 100644
--- a/tests/xlconfigtest.c
+++ b/tests/xlconfigtest.c
@@ -19,7 +19,6 @@
* <http://www.gnu.org/licenses/>.
*
* Author: Daniel P. Berrange <berrange(a)redhat.com>
- * Author: Kiarie Kahurani <davidkiarie4(a)gmail.com>
*
*/
--
2.17.0
6 years, 5 months
[libvirt] [PATCH 0/8] vfio-ccw passthrough support
by Shalini Chellathurai Saroja
Let us support the basic channel I/O passthrough infrastructure based on
vfio, which have been introduced in QEMU 2.10. The current focus is to
support dasd-eckd (cu_type/dev_type = 0x3990/0x3390) as the target
device.
Shalini Chellathurai Saroja (8):
qemu: introduce capability for virtual-css-bridge
qemu: introduce vfio-ccw capability
util: virhostdev: add virHostdevIsMdevDevice()
qemu: vfio-ccw device address generation
qemu: command line generation for vfio-ccw device
tests: tests for vfio-ccw passthrough
docs: documentation for vfio-ccw passthrough
news: documentation of new feature
docs/drvnodedev.html.in | 21 ++++-
docs/formatdomain.html.in | 20 +++-
docs/news.xml | 9 ++
docs/schemas/domaincommon.rng | 5 +-
src/libvirt_private.syms | 1 +
src/qemu/qemu_capabilities.c | 23 +++++
src/qemu/qemu_capabilities.h | 5 +
src/qemu/qemu_command.c | 37 ++++++--
src/qemu/qemu_domain.c | 2 +-
src/qemu/qemu_domain_address.c | 32 +++++--
src/qemu/qemu_hostdev.c | 3 +-
src/qemu/qemu_hotplug.c | 4 +-
src/util/virhostdev.c | 26 ++++--
src/util/virhostdev.h | 3 +
src/util/virmdev.c | 3 +-
src/util/virmdev.h | 1 +
.../qemucapabilitiesdata/caps_2.10.0.s390x.replies | 28 ++++--
tests/qemucapabilitiesdata/caps_2.10.0.s390x.xml | 3 +-
.../qemucapabilitiesdata/caps_2.11.0.s390x.replies | 28 ++++--
tests/qemucapabilitiesdata/caps_2.11.0.s390x.xml | 3 +-
.../qemucapabilitiesdata/caps_2.12.0.s390x.replies | 31 +++++--
tests/qemucapabilitiesdata/caps_2.12.0.s390x.xml | 3 +
.../qemucapabilitiesdata/caps_2.7.0.s390x.replies | 24 +++--
tests/qemucapabilitiesdata/caps_2.7.0.s390x.xml | 3 +-
.../qemucapabilitiesdata/caps_2.8.0.s390x.replies | 28 ++++--
tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml | 3 +-
.../qemucapabilitiesdata/caps_2.9.0.s390x.replies | 28 ++++--
tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml | 3 +-
tests/qemuhotplugtest.c | 2 +-
...tdev-subsys-mdev-vfio-ccw-duplicate-address.xml | 29 ++++++
...ostdev-subsys-mdev-vfio-ccw-invalid-address.xml | 23 +++++
.../hostdev-subsys-mdev-vfio-ccw.args | 23 +++++
.../hostdev-subsys-mdev-vfio-ccw.xml | 22 +++++
tests/qemuxml2argvtest.c | 102 ++++++++++++---------
.../hostdev-subsys-mdev-vfio-ccw.xml | 28 ++++++
tests/qemuxml2xmltest.c | 31 ++++---
36 files changed, 491 insertions(+), 149 deletions(-)
create mode 100644 tests/qemuxml2argvdata/hostdev-subsys-mdev-vfio-ccw-duplicate-address.xml
create mode 100644 tests/qemuxml2argvdata/hostdev-subsys-mdev-vfio-ccw-invalid-address.xml
create mode 100644 tests/qemuxml2argvdata/hostdev-subsys-mdev-vfio-ccw.args
create mode 100644 tests/qemuxml2argvdata/hostdev-subsys-mdev-vfio-ccw.xml
create mode 100644 tests/qemuxml2xmloutdata/hostdev-subsys-mdev-vfio-ccw.xml
--
2.13.4
6 years, 5 months
[libvirt] unix_sock_dir for virtlogd
by Mathieu Tarral
Hi !
I'm trying to run libvirtd from git, and the daemon is starting now,
but when i try to start a VM (using virt-manager) it complains that
virtlogd socket is unreachable.
The problem is that it tries to reach it at the following location:
virNetSocketNewConnectUNIX:713 : Failed to connect socket to
'/home/tarrma/usr/var/run/libvirt/virtlogd-sock': Connection refused
however, i specified in my $HOME/usr/etc/libvirt/libvirtd.conf
unix_sock_dir = "/var/run/libvirt"
Then why virt-manager is not using the socket from
/var/run/libvirt/virtlogd.sock ??
Any ideas, where i misconfigured my installation ?
Thanks a lot.
--
Mathieu Tarral
6 years, 5 months
[libvirt] [PATCH] util: file: Fix usage of STRPREFIX in virFileIsCDROM
by Peter Krempa
STRPREFIX takes only two arguments, but the code it was adapted from
used function with 3 arguments.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
Pushed under the build-breaker rule.t
src/util/virfile.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/util/virfile.c b/src/util/virfile.c
index ea2a3ea731..523241f64f 100644
--- a/src/util/virfile.c
+++ b/src/util/virfile.c
@@ -1982,8 +1982,8 @@ virFileIsCDROM(const char *path)
int
virFileIsCDROM(const char *path)
{
- if (STRPREFIX(path, "/dev/cd", NULL) ||
- STRPREFIX(path, "/dev/acd", NULL))
+ if (STRPREFIX(path, "/dev/cd") ||
+ STRPREFIX(path, "/dev/acd"))
return 1;
return 0;
--
2.16.2
6 years, 5 months
[libvirt] [tck PATCH] maint: Drop autobuild.sh
by Andrea Bolognani
The Test-AutoBuild project, that this script is supposed
to be used with, hasn't seen any activity in ~7 years;
these days, libvirt-tck CI builds are happening on the
Jenkins-based CentOS CI environment under the libvirt
umbrella[1], and in that context the script is not used
at all.
[1] https://ci.centos.org/view/libvirt/
Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
---
autobuild.sh | 59 -----------------------------------------------------------
1 file changed, 59 deletions(-)
delete mode 100755 autobuild.sh
diff --git a/autobuild.sh b/autobuild.sh
deleted file mode 100755
index 005993d..0000000
--- a/autobuild.sh
+++ /dev/null
@@ -1,59 +0,0 @@
-#!/bin/sh
-#
-# This script is used to Test::AutoBuild (http://www.autobuild.org)
-# to perform automated builds of the Sys-Virt module
-#
-# Copyright (C) 2009 Red Hat, Inc.
-# Copyright (C) 2009 Daniel P. Berrange
-#
-# This program is free software; You can redistribute it and/or modify
-# it under the GNU General Public License as published by the Free
-# Software Foundation; either version 2, or (at your option) any
-# later version
-#
-# The file "LICENSE" distributed along with this file provides full
-# details of the terms and conditions
-#
-
-NAME=Sys-Virt-TCK
-
-set -e
-
-rm -rf MANIFEST blib _build Build
-
-test -z "$AUTOBUILD_INSTALL_ROOT" && AUTOBUILD_INSTALL_ROOT=$HOME/builder
-
-perl Build.PL install_base=$AUTOBUILD_INSTALL_ROOT
-
-./Build
-./Build manifest
-
-
-if [ -z "$USE_COVER" ]; then
- perl -MDevel::Cover -e '' 1>/dev/null 2>&1 && USE_COVER=1 || USE_COVER=0
-fi
-
-if [ -z "$SKIP_TESTS" -o "$SKIP_TESTS" = "0" ]; then
- if [ "$USE_COVER" = "1" ]; then
- ./Build test
- else
- ./Build test
- fi
-fi
-
-./Build install
-
-rm -f $NAME-*.tar.gz
-./Build dist
-
-if [ -f /usr/bin/rpmbuild ]; then
- if [ -n "$AUTOBUILD_COUNTER" ]; then
- EXTRA_RELEASE=".auto$AUTOBUILD_COUNTER"
- else
- NOW=`date +"%s"`
- EXTRA_RELEASE=".$USER$NOW"
- fi
- rpmbuild -ta --define "extra_release $EXTRA_RELEASE" --clean $NAME-*.tar.gz
-fi
-
-exit 0
--
2.14.3
6 years, 5 months