Re: [libvirt] [PATCH 00/10] virFork cleanups

Some of these patches were written while working on CVE-2013-6456; we decided to reorder things and fix that problem first. While rebasing these patches to the latest tree, I found other things worth fixing. Eric Blake (10): nwfilter: don't ignore child process failures virFork: give specific status on failure prior to exec util: make it easier to reflect child exit status util: preserve exit status from mount namespace callback util: make it easier to grab only regular process exit util: make it easier to grab only regular command exit virFork: simplify semantics virt-login-shell: use single instead of double fork virt-login-shell: saner exit value virsh: report exit status of failed lxc-enter-namespace daemon/libvirtd.c | 4 +- daemon/remote.c | 7 +- docs/internals/command.html.in | 17 ++- src/access/viraccessdriverpolkit.c | 9 +- src/bhyve/bhyve_process.c | 19 +--- src/fdstream.c | 3 +- src/internal.h | 7 ++ src/libvirt.c | 4 +- src/libvirt_private.syms | 2 + src/lxc/lxc_container.c | 6 +- src/lxc/lxc_process.c | 11 +- src/nwfilter/nwfilter_ebiptables_driver.c | 89 ++++++--------- src/openvz/openvz_driver.c | 18 +--- src/qemu/qemu_capabilities.c | 1 + src/qemu/qemu_command.c | 3 +- src/storage/storage_backend_iscsi.c | 7 +- src/util/vircommand.c | 173 +++++++++++++++--------------- src/util/vircommand.h | 4 +- src/util/virebtables.c | 5 +- src/util/virfile.c | 35 ++---- src/util/viriptables.c | 7 +- src/util/virnetdevveth.c | 4 +- src/util/virprocess.c | 121 +++++++++++++++------ src/util/virprocess.h | 8 +- src/xen/xen_driver.c | 9 +- tests/commandtest.c | 126 +++++++++++++++++++++- tests/reconnect.c | 3 +- tests/statstest.c | 3 +- tests/testutils.c | 4 +- tools/virsh-domain.c | 30 +++--- tools/virsh.pod | 5 +- tools/virt-login-shell.c | 141 ++++++++++-------------- tools/virt-login-shell.pod | 25 ++++- 33 files changed, 525 insertions(+), 385 deletions(-)