September 2008 - Devel - libvirt List Archives

[libvirt] FYI: [PATCH] Missing include file
by Richard W.M. Jones 17 Sep '08

17 Sep '08

Just FYI, I applied the following minor patch which fixes the build when configured with --enable-compile-warnings=error. Rich. -- Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones Read my OCaml programming blog: http://camltastic.blogspot.com/ Fedora now supports 68 OCaml packages (the OPEN alternative to F#) http://cocan.org/getting_started_with_ocaml_on_red_hat_and_fedora

2 1

[libvirt] [PATCH] segfailt in openvz driver
by Evgeniy Sokolov 17 Sep '08

17 Sep '08

There was segmentation failt in openvz driver during 'create' command if domain with same id exist. Segfault was because of using structure (print warning with name of container) which is free. other: use openvzError instead of openvzLog.

2 4

[libvirt] Any outstanding patches?
by Richard W.M. Jones 17 Sep '08

17 Sep '08

While Daniel Veillard is away, if you have any outstanding patches which have been approved but not committed, please reply to this message with a pointer to the mailing list message or patch. Rich. -- Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones virt-df lists disk usage of guests without needing to install any software inside the virtual machine. Supports Linux and Windows. http://et.redhat.com/~rjones/virt-df/

2 1

[libvirt] [PATCH] remove dead code
by Nguyen Anh Quynh 17 Sep '08

17 Sep '08

Hi, This patch removes dead code in the qemu driver. Thanks, Quynh # diffstat fix8.patch qemu_driver.c | 2 --

2 2

[libvirt] [PATCH] Wrong comments
by Anton Protopopov 17 Sep '08

17 Sep '08

Hi! In comments to structure 'virDomainInfo' there was reference to smth of type 'virDomainFlags'. Actually, the type of this field must be 'virDomainState'. Patch includes another one such replacement. There is another place where 'virDomainFlags' mentioned: src/xend_internal.c. I think, that argument must be of type 'virConnectFlags', but it is marked as ATTRIBUTE_UNUSED, so I leave the comment as it is :) And why are you writing unsigned char state; instead of virDomainState state; ? Anton

2 2

[libvirt] [PATCH] spec file enhancements for minimal "client-only" build
by Ben Guthro 17 Sep '08

17 Sep '08

Attached is a patch to add some additional options to the spec file, allowing for more flexibility when building. With this patch, it allows you to build a "client-only" version of libvirt for machines that may have an interest in communicating over the remote driver, but do not have a hypervisor themselves. It enables command line overrides of control variables for the build eg: rpmbuild $(RPM_FLAGS) --nodeps \ --without xen \ --without xen_proxy \ --without qemu \ --without openvz \ --without lxc \ --without polkit \ --without libvirtd \ --without avahi \ --without sasl \ --without python \ --without devel \ -ta --clean libvirt*.tar.gz Signed-off-by: Ben Guthro <bguthro(a)virtualiron.com> diff --git a/libvirt.spec.in b/libvirt.spec.in index 18b2127..666fb83 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1,11 +1,16 @@ # -*- rpm-spec -*- -%define with_xen 1 -%define with_xen_proxy 1 -%define with_qemu 1 -%define with_openvz 1 -%define with_lxc 1 -%define with_polkit 0 +%define with_xen 0%{!?_without_xen:1} +%define with_xen_proxy 0%{!?_without_xen_proxy:1} +%define with_qemu 0%{!?_without_qemu:1} +%define with_openvz 0%{!?_without_openvz:1} +%define with_lxc 0%{!?_without_lxc:1} +%define with_sasl 0%{!?_without_sasl:1} +%define with_avahi 0%{!?_without_avahi:1} +%define with_polkit 0%{!?_without_polkit:0} +%define with_python 0%{!?_without_python:1} +%define with_libvirtd 0%{!?_without_libvirtd:1} +%define with_devel 0%{!?_without_devel:1} # Xen is available only on i386 x86_64 ia64 %ifnarch i386 i686 x86_64 ia64 @@ -23,7 +28,7 @@ %endif %if 0%{fedora} >= 8 -%define with_polkit 1 +%define with_polkit 0%{!?_without_polkit:1} %define with_xen_proxy 0 %endif @@ -46,10 +51,12 @@ Requires: iptables # So remote clients can access libvirt over SSH tunnel # (client invokes 'nc' against the UNIX socket on the server) Requires: nc +%if %{with_sasl} Requires: cyrus-sasl # Not technically required, but makes 'out-of-box' config # work correctly & doesn't have onerous dependencies Requires: cyrus-sasl-md5 +%endif %if %{with_polkit} Requires: PolicyKit >= 0.6 %endif @@ -82,14 +89,18 @@ BuildRequires: readline-devel BuildRequires: ncurses-devel BuildRequires: gettext BuildRequires: gnutls-devel +%if %{with_avahi} BuildRequires: avahi-devel +%endif BuildRequires: libselinux-devel BuildRequires: dnsmasq BuildRequires: bridge-utils %if %{with_qemu} BuildRequires: qemu %endif +%if %{with_sasl} BuildRequires: cyrus-sasl-devel +%endif %if %{with_polkit} BuildRequires: PolicyKit-devel >= 0.6 %endif @@ -119,6 +130,7 @@ BuildRequires: gawk Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux (and other OSes). +%if %{with_devel} %package devel Summary: Libraries, includes, etc. to compile with the libvirt library Group: Development/Libraries @@ -132,7 +144,9 @@ Obsoletes: libvir-devel %description devel Includes and documentations for the C library providing an API to use the virtualization capabilities of recent versions of Linux (and other OSes). +%endif +%if %{with_python} %package python Summary: Python bindings for the libvirt library Group: Development/Libraries @@ -144,6 +158,7 @@ The libvirt-python package contains a module that permits applications written in the Python programming language to use the interface supplied by the libvirt library to use the virtualization capabilities of recent versions of Linux (and other OSes). +%endif %prep %setup -q @@ -190,6 +205,7 @@ install -d -m 0755 $RPM_BUILD_ROOT%{_localstatedir}/lib/libvirt/images/ # Default dir for kernel+initrd images defnied in SELinux policy install -d -m 0755 $RPM_BUILD_ROOT%{_localstatedir}/lib/libvirt/boot/ +%if %{with_qemu} # We don't want to install /etc/libvirt/qemu/networks in the main %files list # because if the admin wants to delete the default network completely, we don't # want to end up re-incarnating it on every RPM upgrade. @@ -200,14 +216,33 @@ rm -f $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/qemu/networks/default.xml rm -f $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/qemu/networks/autostart/default.xml # Strip auto-generated UUID - we need it generated per-install sed -i -e "/<uuid>/d" $RPM_BUILD_ROOT%{_datadir}/libvirt/networks/default.xml +%endif %find_lang %{name} +# If we are not building with certain options, we need to remove files +# so that we don't get Installed (but unpackaged) errors +%if ! %{with_devel} +rm -rf $RPM_BUILD_ROOT%{_datadir}/gtk-doc/html/libvirt +rm -rf $RPM_BUILD_ROOT%{_includedir}/libvirt +rm -rf $RPM_BUILD_ROOT%{_libdir}/lib*.so +rm -rf $RPM_BUILD_ROOT%{_libdir}/pkgconfig/libvirt.pc +%endif + +%if ! %{with_python} +rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/libvirt-python-%{version} +%endif + +%if ! %{with_qemu} +rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/qemu.conf +%endif + %clean rm -fr %{buildroot} %post /sbin/ldconfig +%if %{with_libvirtd} # We want to install the default network for initial RPM installs # or on the first upgrade from a non-network aware libvirt only. # We check this by looking to see if the daemon is already installed @@ -222,12 +257,15 @@ then fi /sbin/chkconfig --add libvirtd +%endif %preun +%if %{with_libvirtd} if [ $1 = 0 ]; then /sbin/service libvirtd stop 1>/dev/null 2>&1 /sbin/chkconfig --del libvirtd fi +%endif %postun /sbin/ldconfig @@ -240,40 +278,73 @@ fi %{_bindir}/virsh %{_libdir}/lib*.so.* %dir %attr(0700, root, root) %{_sysconfdir}/libvirt/ + +%if %{with_qemu} %dir %attr(0700, root, root) %{_sysconfdir}/libvirt/qemu/ %dir %attr(0700, root, root) %{_sysconfdir}/libvirt/qemu/networks/ %dir %attr(0700, root, root) %{_sysconfdir}/libvirt/qemu/networks/autostart +%endif + +%if %{with_libvirtd} %{_sysconfdir}/rc.d/init.d/libvirtd %config(noreplace) %{_sysconfdir}/sysconfig/libvirtd %config(noreplace) %{_sysconfdir}/libvirt/libvirtd.conf +%endif + +%if %{with_qemu} %config(noreplace) %{_sysconfdir}/libvirt/qemu.conf +%endif + +%if %{with_sasl} %config(noreplace) %{_sysconfdir}/sasl2/libvirt.conf +%endif + +%if %{with_qemu} %dir %{_datadir}/libvirt/ %dir %{_datadir}/libvirt/networks/ %{_datadir}/libvirt/networks/default.xml +%endif + %dir %{_localstatedir}/run/libvirt/ %dir %{_localstatedir}/lib/libvirt/ %dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/images/ %dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/boot/ -%{_datadir}/augeas/lenses/libvirtd.aug + +%if %{with_qemu} %{_datadir}/augeas/lenses/libvirtd_qemu.aug -%{_datadir}/augeas/lenses/tests/test_libvirtd.aug %{_datadir}/augeas/lenses/tests/test_libvirtd_qemu.aug +%endif + +%if %{with_libvirtd} +%{_datadir}/augeas/lenses/libvirtd.aug +%{_datadir}/augeas/lenses/tests/test_libvirtd.aug +%endif + %if %{with_polkit} %{_datadir}/PolicyKit/policy/org.libvirt.unix.policy %endif + +%if %{with_qemu} %dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/qemu/ +%endif + %if %{with_xen_proxy} %attr(4755, root, root) %{_libexecdir}/libvirt_proxy %endif -%attr(0755, root, root) %{_libexecdir}/libvirt_parthelper + %if %{with_lxc} %attr(0755, root, root) %{_libexecdir}/libvirt_lxc %endif + +%if %{with_libvirtd} +%attr(0755, root, root) %{_libexecdir}/libvirt_parthelper %attr(0755, root, root) %{_sbindir}/libvirtd +%endif + %doc docs/*.rng %doc docs/*.xml +%if %{with_devel} %files devel %defattr(-, root, root) @@ -289,7 +360,9 @@ fi %doc docs/*.html docs/html docs/*.gif %doc docs/examples %doc docs/libvirt-api.xml +%endif +%if %{with_python} %files python %defattr(-, root, root) @@ -300,6 +373,7 @@ fi %doc python/TODO %doc python/libvirtclass.txt %doc docs/examples/python +%endif %changelog * Mon Sep 8 2008 Daniel Veillard <veillard(a)redhat.com> - 0.4.5-1

3 10

[libvirt] [PATCH] kvm: maxVCPU runtime detection
by Guido Günther 17 Sep '08

17 Sep '08

Hi, with recent linux kernels we can detect the maximum number of virtual cpus at runtime via an ioctl. Possible patch attached. It does this on every call to qemudGetMaxVCPUs. Would you prefer something that does this only once in qemudStartup()? Cheers, -- Guido

7 24

[libvirt] Calling libvirt from C# (Mono/.Net)
by Richard W.M. Jones 17 Sep '08

17 Sep '08

As an experiment I managed to call libvirt from C# (using Mono, but similar code should work for .Net). This email should give interested people enough information to produce a proper set of bindings for libvirt. ---------------------------------------------------------------------- using System; using System.Runtime.InteropServices; [StructLayout (LayoutKind.Sequential)] class NodeInfo { [MarshalAs (UnmanagedType.ByValTStr, SizeConst=32)] public string model; public ulong memory; public uint cpus; public uint mhz; public uint nodes; public uint sockets; public uint cores; public uint threads; } class Connection { IntPtr _handle; [DllImport ("libvirt.so")] static extern IntPtr virConnectOpen ([In] string name); public Connection (string name) { _handle = virConnectOpen (name); } [DllImport ("libvirt.so")] static extern IntPtr virConnectClose (IntPtr h); ~Connection () { virConnectClose (_handle); } [DllImport ("libvirt.so")] static extern int virNodeGetInfo (IntPtr h, [Out] NodeInfo info); public NodeInfo nodeGetInfo () { NodeInfo info = new NodeInfo (); if (virNodeGetInfo (_handle, info) == -1) { // throw new LibvirtException ("virNodeGetInfo"); } return info; } } class Test { public static void Main () { Connection conn = new Connection ("test:///default"); NodeInfo info = conn.nodeGetInfo (); Console.WriteLine ("Results of virNodeGetInfo:"); Console.WriteLine ("model = {0}", info.model); Console.WriteLine ("memory = {0}", info.memory); Console.WriteLine ("cpus = {0}", info.cpus); Console.WriteLine ("mhz = {0}", info.mhz); Console.WriteLine ("nodes = {0}", info.nodes); Console.WriteLine ("sockets = {0}", info.sockets); Console.WriteLine ("cores = {0}", info.cores); Console.WriteLine ("threads = {0}", info.threads); } } ---------------------------------------------------------------------- Compile and run this code with: $ gmcs libvirt-test.c# $ LIBVIRT_DEBUG=1 mono ./libvirt-test.exe ---------------------------------------------------------------------- DEBUG: libvirt.c: virInitialize (register drivers) DEBUG: libvirt.c: virConnectOpen (name=test:///default) DEBUG: libvirt.c: do_open (name "test:///default" to URI components: scheme test opaque (null) authority (null) server (null) user (null) port 0 path /default ) DEBUG: libvirt.c: do_open (trying driver 0 (Test) ...) DEBUG: libvirt.c: do_open (driver 0 Test returned SUCCESS) DEBUG: libvirt.c: do_open (network driver 0 Test returned SUCCESS) DEBUG: libvirt.c: do_open (storage driver 0 Test returned SUCCESS) DEBUG: libvirt.c: virNodeGetInfo (conn=0xa8d560, info=0x7fff9530c070) Results of virNodeGetInfo: model = i686 memory = 3145728 cpus = 16 mhz = 1400 nodes = 2 sockets = 2 cores = 2 threads = 2 DEBUG: libvirt.c: virConnectClose (conn=0xa8d560) DEBUG: hash.c: virUnrefConnect (unref connection 0xa8d560 test:///default 1) DEBUG: hash.c: virReleaseConnect (release connection 0xa8d560 test:///default) ---------------------------------------------------------------------- Rich. -- Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones virt-top is 'top' for virtual machines. Tiny program with many powerful monitoring features, net stats, disk stats, logging, etc. http://et.redhat.com/~rjones/virt-top

1 0

[libvirt] network domain name patch
by JJ Reynolds 15 Sep '08

15 Sep '08

Hi all, This is a followup to the excellent patch which allows static IP address assignment. The problem with that patch is that you can only set the host name and cannot set a FQDN because dnsmasq will, as a security measure, not allow it unless --domain is specified. This patch adds support for adding <domain name="my.domain" /> to the network config file. With that stanza, one can then use FQDNs on the static host assignments, and this should be the domain reported for any clients that request it. If <domain name .. ./> is not specified in the config file, then there is no change in behaviour. As a special case, you can also set the domain name to "#", whereupon dnsmasq interprets that to use the domain of the host OS. Example default.xml: <network> <name>default</name> <uuid>0098abb7-ff94-4df9-aa78-e4c3fe636a3d</uuid> <bridge name="virbr0" /> <domain name="mynet.net" /> <forward/> <ip address="192.168.122.1" netmask="255.255.255.0"> <dhcp> <host name="vm1.mynet.net" mac="00:16:3e:24:a5:84" ip="192.168.122.101" /> <host name='vm2.mynet.net' mac="00:16:3e:1f:9a:95" ip="192.168.122.102" /> <range start="192.168.122.2" end="192.168.122.99" /> </dhcp> </ip> </network> Here is the patch: diff -r -U 3 libvirt-0.4.4/src/network_conf.c libvirt-0.4.4jjr/src/network_conf.c --- libvirt-0.4.4/src/network_conf.c 2008-08-20 09:20:01.000000000 -0400 +++ libvirt-0.4.4jjr/src/network_conf.c 2008-09-06 14:03:56.000000000 -0400 @@ -326,6 +326,9 @@ VIR_FREE(tmp); } + /* Parse network domain information */ + def->domain = virXPathString(conn, "string(./domain[1]/@name)", ctxt); + /* Parse bridge information */ def->bridge = virXPathString(conn, "string(./bridge[1]/@name)", ctxt); tmp = virXPathString(conn, "string(./bridge[1]/@stp)", ctxt); diff -r -U 3 libvirt-0.4.4/src/network_conf.h libvirt-0.4.4jjr/src/network_conf.h --- libvirt-0.4.4/src/network_conf.h 2008-08-20 09:20:01.000000000 -0400 +++ libvirt-0.4.4jjr/src/network_conf.h 2008-09-06 14:03:56.000000000 -0400 @@ -57,6 +57,7 @@ char *name; char *bridge; /* Name of bridge device */ + char *domain; unsigned long delay; /* Bridge forward delay (ms) */ int stp : 1; /* Spanning tree protocol */ diff -r -U 3 libvirt-0.4.4/src/qemu_driver.c libvirt-0.4.4jjr/src/qemu_driver.c --- libvirt-0.4.4/src/qemu_driver.c 2008-08-29 03:20:02.000000000 -0400 +++ libvirt-0.4.4jjr/src/qemu_driver.c 2008-09-06 14:15:28.000000000 -0400 @@ -1105,6 +1105,7 @@ 1 + /* --keep-in-foreground */ 1 + /* --strict-order */ 1 + /* --bind-interfaces */ + (network->def->domain?2:0) + /* --domain name */ 2 + /* --pid-file "" */ 2 + /* --conf-file "" */ /*2 + *//* --interface virbr0 */ @@ -1136,6 +1137,11 @@ APPEND_ARG(*argv, i++, "--strict-order"); APPEND_ARG(*argv, i++, "--bind-interfaces"); + if (network->def->domain) { + APPEND_ARG(*argv, i++, "--domain"); + APPEND_ARG(*argv, i++, network->def->domain); + } + APPEND_ARG(*argv, i++, "--pid-file"); APPEND_ARG(*argv, i++, ""); Thanks! -JJ Reynolds

3 11

[libvirt] LXC: making the private root filesystem more secure
by Daniel P. Berrange 12 Sep '08

12 Sep '08

When I wrote the private root filesystem stuff for LXC (which I just committed) I noted that we couldn't actually make this secure, because someone inside the chroot can just 'mknod' and access the host devices. What I completely forgot was that cgroups as of 2.6.26 has device ACLs If we place every container in a cgroup (which was planned anyway), then we can trivially prevent containers accessing host devices One time setup mount -t cgroups /dev/cgroups mkdir /dev/cgroups/libvirt mkdir /dev/cgroups/libvirt/lxc For each new container 'NAME' mkdir /dev/cgroups/libvirt/lxc/{NAME} echo "a" > /dev/cgroups/libvirt/lxc/{NAME}/devices.deny echo "c 1:3 rwm" > /dev/cgroups/libvirt/lxc/{NAME}/devices.allow echo "c 1:5 rwm" > /dev/cgroups/libvirt/lxc/{NAME}/devices.allow echo "c 1:7 rwm" > /dev/cgroups/libvirt/lxc/{NAME}/devices.allow echo "c 5:1 rwm" > /dev/cgroups/libvirt/lxc/{NAME}/devices.allow echo "c 1:8 rwm" > /dev/cgroups/libvirt/lxc/{NAME}/devices.allow echo "c 1:9 rwm" > /dev/cgroups/libvirt/lxc/{NAME}/devices.allow This denies all devices, and then allows null, zero, full, console, random and urandom. Allowing use of 'random' is debatable. The 'devpts' namespace stuff is also needed to provide private PTYs. The 'user' namespace stuff is needed to prevent an unprivileged user in the host OS from killing off processes with same UID inside the container. There looks to be active patchsets for both of these being discussed, so we're getting close to having a genuinely useful container based virt driver with LXC Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|

5 11