[libvirt] [PATCH RFC] Add a virt-host-validate command to sanity check HV config
by Daniel P. Berrange
From: "Daniel P. Berrange" <berrange(a)redhat.com>
To assist people in verifying that their host is operating in an
optimal manner, provide a 'virt-host-validate' command. For each
type of hypervisor, it will check any pre-requisites, or other
good recommendations and report what's working & what is not.
eg
# virt-host-validate
QEMU: Checking for device /dev/kvm : FAIL (Check that the 'kvm-intel' or 'kvm-amd' modules are loaded & the BIOS has enabled virtualization)
QEMU: Checking for device /dev/vhost : WARN (Load the 'vhost_net' module to improve performance of virtio networking)
QEMU: Checking for device /dev/net/tun : PASS
LXC: Checking for Linux >= 2.6.26 : PASS
This warns people if they have vmx/svm, but don't have /dev/kvm. It
also warns about missing /dev/vhost net.
---
tools/Makefile.am | 25 ++++++-
tools/virt-host-validate-common.c | 166 +++++++++++++++++++++++++++++++++++++
tools/virt-host-validate-common.h | 53 ++++++++++++
tools/virt-host-validate-lxc.c | 37 ++++++++
tools/virt-host-validate-lxc.h | 27 ++++++
tools/virt-host-validate-qemu.c | 50 +++++++++++
tools/virt-host-validate-qemu.h | 27 ++++++
tools/virt-host-validate.c | 77 +++++++++++++++++
8 files changed, 461 insertions(+), 1 deletions(-)
create mode 100644 tools/virt-host-validate-common.c
create mode 100644 tools/virt-host-validate-common.h
create mode 100644 tools/virt-host-validate-lxc.c
create mode 100644 tools/virt-host-validate-lxc.h
create mode 100644 tools/virt-host-validate-qemu.c
create mode 100644 tools/virt-host-validate-qemu.h
create mode 100644 tools/virt-host-validate.c
diff --git a/tools/Makefile.am b/tools/Makefile.am
index 6705546..2b14319 100644
--- a/tools/Makefile.am
+++ b/tools/Makefile.am
@@ -30,7 +30,7 @@ EXTRA_DIST = \
DISTCLEANFILES =
bin_SCRIPTS = virt-xml-validate virt-pki-validate
-bin_PROGRAMS = virsh
+bin_PROGRAMS = virsh virt-host-validate
if HAVE_SANLOCK
sbin_SCRIPTS = virt-sanlock-cleanup
@@ -64,6 +64,29 @@ virt-sanlock-cleanup: virt-sanlock-cleanup.in Makefile
virt-sanlock-cleanup.8: virt-sanlock-cleanup.in
$(AM_V_GEN)$(POD2MAN) $< $(srcdir)/$@
+virt_host_validate_SOURCES = \
+ virt-host-validate.c \
+ virt-host-validate-common.c virt-host-validate-common.h \
+ virt-host-validate-qemu.c virt-host-validate-qemu.h \
+ virt-host-validate-lxc.c virt-host-validate-lxc.h \
+ $(NULL)
+
+virt_host_validate_LDFLAGS = \
+ $(WARN_LDFLAGS) \
+ $(COVERAGE_LDFLAGS) \
+ $(NULL)
+
+virt_host_validate_LDADD = \
+ $(WARN_CFLAGS) \
+ ../src/libvirt.la \
+ ../gnulib/lib/libgnu.la \
+ $(NULL)
+
+virt_host_validate_CFLAGS = \
+ $(WARN_CFLAGS) \
+ $(COVERAGE_CFLAGS) \
+ $(NULL)
+
virsh_SOURCES = \
console.c console.h \
virsh.c
diff --git a/tools/virt-host-validate-common.c b/tools/virt-host-validate-common.c
new file mode 100644
index 0000000..7ada218
--- /dev/null
+++ b/tools/virt-host-validate-common.c
@@ -0,0 +1,166 @@
+/*
+ * virt-host-validate-common.c: Sanity check helper APis
+ *
+ * Copyright (C) 2011 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ */
+
+#include <config.h>
+
+#include <stdarg.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <sys/utsname.h>
+
+#include "util.h"
+#include "memory.h"
+#include "virt-host-validate-common.h"
+
+void virHostMsgCheck(const char *prefix,
+ const char *format,
+ ...)
+{
+ va_list args;
+ char *msg;
+
+ va_start(args, format);
+ if (virVasprintf(&msg, format, args) < 0) {
+ perror("malloc");
+ abort();
+ }
+ va_end(args);
+
+ fprintf(stdout, "%6s: Checking %-60s: ", prefix, msg);
+ VIR_FREE(msg);
+}
+
+void virHostMsgPass(void)
+{
+ fprintf(stdout, "\033[32mPASS\033[0m\n");
+}
+
+void virHostMsgFail(virHostValidateLevel level,
+ const char *hint)
+{
+ if (level == VIR_HOST_VALIDATE_FAIL)
+ fprintf(stdout, "\033[31mFAIL\033[0m (%s)\n", hint);
+ else if (level == VIR_HOST_VALIDATE_WARN)
+ fprintf(stdout, "\033[33mWARN\033[0m (%s)\n", hint);
+ else if (level == VIR_HOST_VALIDATE_NOTE)
+ fprintf(stdout, "\033[34mNOTE\033[0m (%s)\n", hint);
+}
+
+
+int virHostValidateDevice(const char *hvname,
+ const char *devname,
+ virHostValidateLevel level,
+ const char *hint)
+{
+ virHostMsgCheck(hvname, "for device %s", devname);
+
+ if (access(devname, R_OK|W_OK) < 0) {
+ virHostMsgFail(level, hint);
+ return -1;
+ }
+
+ virHostMsgPass();
+ return 0;
+}
+
+
+int virHostValidateHasCPUFlag(const char *name)
+{
+ FILE *fp = fopen("/proc/cpuinfo", "r");
+ int ret = 0;
+
+ if (!fp)
+ return 0;
+
+ do {
+ char line[1024];
+
+ if (!fgets(line, sizeof(line), fp))
+ break;
+
+ if (strstr(line, name)) {
+ ret = 1;
+ break;
+ }
+ } while (1);
+
+ fclose(fp);
+
+ return ret;
+}
+
+
+int virHostValidateLinuxKernel(const char *hvname,
+ int version,
+ virHostValidateLevel level,
+ const char *hint)
+{
+ struct utsname uts;
+ int major, minor, micro;
+
+ uname(&uts);
+
+ virHostMsgCheck(hvname, "for Linux >= %d.%d.%d",
+ ((version >> 16) & 0xff),
+ ((version >> 8) & 0xff),
+ (version & 0xff));
+
+ if (STRNEQ(uts.sysname, "Linux")) {
+ virHostMsgFail(level, hint);
+ return -1;
+ }
+
+ if (sscanf(uts.release, "%d.%d.%d", &major, &minor, µ) != 3) {
+ micro = 0;
+ if (sscanf(uts.release, "%d.%d", &major, &minor) != 2) {
+ virHostMsgFail(level, hint);
+ return -1;
+ }
+ }
+
+ if (major > ((version >> 16) & 0xff)) {
+ virHostMsgPass();
+ return 0;
+ } else if (major < ((version >> 16) & 0xff)) {
+ virHostMsgFail(level, hint);
+ return -1;
+ }
+
+ if (minor > ((version >> 8) & 0xff)) {
+ virHostMsgPass();
+ return 0;
+ } else if (minor < ((version >> 8) & 0xff)) {
+ virHostMsgFail(level, hint);
+ return -1;
+ }
+
+ if (micro > (version & 0xff)) {
+ virHostMsgPass();
+ return 0;
+ } else if (micro < (version & 0xff)) {
+ virHostMsgFail(level, hint);
+ return -1;
+ }
+
+ virHostMsgPass();
+ return 0;
+}
diff --git a/tools/virt-host-validate-common.h b/tools/virt-host-validate-common.h
new file mode 100644
index 0000000..6a4d1ac
--- /dev/null
+++ b/tools/virt-host-validate-common.h
@@ -0,0 +1,53 @@
+/*
+ * virt-host-validate-common.h: Sanity check helper APis
+ *
+ * Copyright (C) 2011 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ */
+
+#ifndef __VIRT_HOST_VALIDATE_COMMON_H__
+#define __VIRT_HOST_VALIDATE_COMMON_H__
+
+#include "internal.h"
+
+typedef enum {
+ VIR_HOST_VALIDATE_FAIL,
+ VIR_HOST_VALIDATE_WARN,
+ VIR_HOST_VALIDATE_NOTE,
+} virHostValidateLevel;
+
+extern void virHostMsgCheck(const char *prefix,
+ const char *format,
+ ...) ATTRIBUTE_FMT_PRINTF(2, 3);
+
+extern void virHostMsgPass(void);
+extern void virHostMsgFail(virHostValidateLevel level,
+ const char *hint);
+
+extern int virHostValidateDevice(const char *hvname,
+ const char *devname,
+ virHostValidateLevel level,
+ const char *hint);
+
+extern int virHostValidateHasCPUFlag(const char *name);
+
+extern int virHostValidateLinuxKernel(const char *hvname,
+ int version,
+ virHostValidateLevel level,
+ const char *hint);
+
+#endif /* __VIRT_HOST_VALIDATE_COMMON_H__ */
diff --git a/tools/virt-host-validate-lxc.c b/tools/virt-host-validate-lxc.c
new file mode 100644
index 0000000..f41cf78
--- /dev/null
+++ b/tools/virt-host-validate-lxc.c
@@ -0,0 +1,37 @@
+/*
+ * virt-host-validate-lxc.c: Sanity check a LXC hypervisor host
+ *
+ * Copyright (C) 2011 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ */
+
+#include <config.h>
+
+#include "virt-host-validate-lxc.h"
+#include "virt-host-validate-common.h"
+
+int virHostValidateLXC(void)
+{
+ int ret = 0;
+
+ if (virHostValidateLinuxKernel("LXC", (2 << 16) | (6 << 8) | 26,
+ VIR_HOST_VALIDATE_FAIL,
+ "Upgrade to a kernel supporting namespaces") < 0)
+ ret = -1;
+
+ return ret;
+}
diff --git a/tools/virt-host-validate-lxc.h b/tools/virt-host-validate-lxc.h
new file mode 100644
index 0000000..3cae39f
--- /dev/null
+++ b/tools/virt-host-validate-lxc.h
@@ -0,0 +1,27 @@
+/*
+ * virt-host-validate-lxc.h: Sanity check a LXC hypervisor host
+ *
+ * Copyright (C) 2011 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ */
+
+#ifndef __VIRT_HOST_VALIDATE_LXC_H__
+#define __VIRT_HOST_VALIDATE_LXC_H__
+
+extern int virHostValidateLXC(void);
+
+#endif /* __VIRT_HOST_VALIDATE_LXC_H__ */
diff --git a/tools/virt-host-validate-qemu.c b/tools/virt-host-validate-qemu.c
new file mode 100644
index 0000000..b0e4fe5
--- /dev/null
+++ b/tools/virt-host-validate-qemu.c
@@ -0,0 +1,50 @@
+/*
+ * virt-host-validate-qemu.c: Sanity check a QEMU hypervisor host
+ *
+ * Copyright (C) 2011 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ */
+
+#include <config.h>
+
+#include "virt-host-validate-qemu.h"
+#include "virt-host-validate-common.h"
+
+int virHostValidateQEMU(void)
+{
+ int ret = 0;
+
+ if (virHostValidateHasCPUFlag("svm") ||
+ virHostValidateHasCPUFlag("vmx")) {
+ if (virHostValidateDevice("QEMU", "/dev/kvm",
+ VIR_HOST_VALIDATE_FAIL,
+ "Check that the 'kvm-intel' or 'kvm-amd' modules are loaded & the BIOS has enabled virtualization") < 0)
+ ret = -1;
+ }
+
+ if (virHostValidateDevice("QEMU", "/dev/vhost",
+ VIR_HOST_VALIDATE_WARN,
+ "Load the 'vhost_net' module to improve performance of virtio networking") < 0)
+ ret = -1;
+
+ if (virHostValidateDevice("QEMU", "/dev/net/tun",
+ VIR_HOST_VALIDATE_FAIL,
+ "Load the 'tun' module to enable networking for QEMU guests") < 0)
+ ret = -1;
+
+ return ret;
+}
diff --git a/tools/virt-host-validate-qemu.h b/tools/virt-host-validate-qemu.h
new file mode 100644
index 0000000..e1dbcbe
--- /dev/null
+++ b/tools/virt-host-validate-qemu.h
@@ -0,0 +1,27 @@
+/*
+ * virt-host-validate-qemu.h: Sanity check a QEMU hypervisor host
+ *
+ * Copyright (C) 2011 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ */
+
+#ifndef __VIRT_HOST_VALIDATE_QEMU_H__
+#define __VIRT_HOST_VALIDATE_QEMU_H__
+
+extern int virHostValidateQEMU(void);
+
+#endif /* __VIRT_HOST_VALIDATE_QEMU_H__ */
diff --git a/tools/virt-host-validate.c b/tools/virt-host-validate.c
new file mode 100644
index 0000000..b94aa8f
--- /dev/null
+++ b/tools/virt-host-validate.c
@@ -0,0 +1,77 @@
+/*
+ * virt-host-check.c: Sanity check a hypervisor host
+ *
+ * Copyright (C) 2011 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ */
+
+#include <config.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <gettext.h>
+
+#include "internal.h"
+#include "configmake.h"
+
+#include "virt-host-validate-qemu.h"
+#include "virt-host-validate-lxc.h"
+
+static void
+show_help(FILE *out, const char *argv0)
+{
+ fprintf(out, "syntax: %s [OPTIONS] [HVTYPE]\n", argv0);
+}
+
+int
+main(int argc, char **argv)
+{
+ const char *hvname = NULL;
+ int ret = EXIT_SUCCESS;
+
+ if (!setlocale(LC_ALL, "")) {
+ perror("setlocale");
+ /* failure to setup locale is not fatal */
+ }
+ if (!bindtextdomain(PACKAGE, LOCALEDIR)) {
+ perror("bindtextdomain");
+ return EXIT_FAILURE;
+ }
+ if (!textdomain(PACKAGE)) {
+ perror("textdomain");
+ return EXIT_FAILURE;
+ }
+
+ if (argc > 2) {
+ fprintf(stderr, "too many command line arguments\n");
+ show_help(stderr, argv[0]);
+ return EXIT_FAILURE;
+ }
+
+ if (argc > 1)
+ hvname = argv[1];
+
+ if ((!hvname || STREQ(hvname, "qemu")) &&
+ virHostValidateQEMU() < 0)
+ ret = EXIT_FAILURE;
+
+ if ((!hvname || STREQ(hvname, "lxc")) &&
+ virHostValidateLXC() < 0)
+ ret = EXIT_FAILURE;
+
+ return ret;
+}
--
1.7.7.5
13 years, 1 month
[libvirt] [PATCH 0/4] Add virDomainIOError API
by Jiri Denemark
We already provide ways to detect when a domain has been paused as a
result of I/O error, but there was no way of getting the exact error or
even the device that experienced it. This new API may be used for both.
Jiri Denemark (4):
virDomainIOError public API and remote protocol
virsh: Implement domioerror command
qemu: Refactor qemuMonitorGetBlockInfo
qemu: Implement virDomainIOError
include/libvirt/libvirt.h.in | 19 +++++++
src/driver.h | 6 ++
src/libvirt.c | 53 ++++++++++++++++++++
src/libvirt_public.syms | 5 ++
src/qemu/qemu_conf.h | 1 +
src/qemu/qemu_driver.c | 82 +++++++++++++++++++++++++++++++
src/qemu/qemu_hotplug.c | 22 +++++---
src/qemu/qemu_monitor.c | 83 ++++++++++++++++++++++++++++---
src/qemu/qemu_monitor.h | 10 +++-
src/qemu/qemu_monitor_json.c | 34 +++++++------
src/qemu/qemu_monitor_json.h | 3 +-
src/qemu/qemu_monitor_text.c | 62 ++++++++++++++++--------
src/qemu/qemu_monitor_text.h | 3 +-
src/remote/remote_driver.c | 1 +
src/remote/remote_protocol.x | 13 +++++-
src/remote_protocol-structs | 9 +++
tools/virsh.c | 111 ++++++++++++++++++++++++++++++++++++++++++
tools/virsh.pod | 11 ++++
18 files changed, 468 insertions(+), 60 deletions(-)
--
1.7.8.4
13 years, 1 month
[libvirt] [PATCH] apparmor: Fix use of uninitialized random_data
by Jiri Denemark
Without this, virt-aa-helper would segfault in -c or -r commands.
---
src/security/virt-aa-helper.c | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index 4561bb9..b484a20 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -42,6 +42,7 @@
#include "pci.h"
#include "virfile.h"
#include "configmake.h"
+#include "virrandom.h"
#define VIR_FROM_THIS VIR_FROM_SECURITY
@@ -1182,6 +1183,9 @@ main(int argc, char **argv)
memset(ctl, 0, sizeof(vahControl));
+ if (virRandomInitialize(time(NULL) ^ getpid()) < 0)
+ vah_error(ctl, 1, _("could not initialize random generator"));
+
if (vahParseArgv(ctl, argc, argv) != 0)
vah_error(ctl, 1, _("could not parse arguments"));
--
1.7.8.4
13 years, 1 month
[libvirt] [PATCH] util: Include stdint.h because of uint32_t
by Michal Privoznik
Some files are using uint32_t or int64_t without including
stdint.h which defines them. Fix this.
---
Pushing under trivial & build-breaker rules.
src/util/virhash.h | 2 ++
src/util/virhashcode.h | 1 +
src/util/virrandom.h | 1 +
3 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/src/util/virhash.h b/src/util/virhash.h
index 0170eaa..7acbcbd 100644
--- a/src/util/virhash.h
+++ b/src/util/virhash.h
@@ -13,6 +13,8 @@
#ifndef __VIR_HASH_H__
# define __VIR_HASH_H__
+# include <stdint.h>
+
/*
* The hash table.
*/
diff --git a/src/util/virhashcode.h b/src/util/virhashcode.h
index 867e04e..a38043e 100644
--- a/src/util/virhashcode.h
+++ b/src/util/virhashcode.h
@@ -29,6 +29,7 @@
# define __VIR_HASH_CODE_H__
# include "internal.h"
+# include <stdint.h>
extern uint32_t virHashCodeGen(const void *key, size_t len, uint32_t seed);
diff --git a/src/util/virrandom.h b/src/util/virrandom.h
index eede373..e180a2f 100644
--- a/src/util/virrandom.h
+++ b/src/util/virrandom.h
@@ -23,6 +23,7 @@
# define __VIR_RANDOM_H__
# include "internal.h"
+# include <stdint.h>
int virRandomInitialize(uint32_t seed) ATTRIBUTE_RETURN_CHECK;
uint64_t virRandomBits(int nbits);
--
1.7.3.4
13 years, 1 month
[libvirt] [PATCH] Update VIRT_CONTROL audit record with pid.
by Marcelo Cerri
Added a new field "vm-pid" to the VIRT_CONTROL audit record. This information
is useful to correlated another audit events to the events generated by
libvirt.
---
src/conf/domain_audit.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c
index 16937dc..eb85ec7 100644
--- a/src/conf/domain_audit.c
+++ b/src/conf/domain_audit.c
@@ -562,8 +562,8 @@ virDomainAuditLifecycle(virDomainObjPtr vm, const char *op,
}
VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_CONTROL, success,
- "virt=%s op=%s reason=%s %s uuid=%s",
- virt, op, reason, vmname, uuidstr);
+ "virt=%s op=%s reason=%s %s uuid=%s vm-pid=%d",
+ virt, op, reason, vmname, uuidstr, vm->pid);
VIR_FREE(vmname);
}
--
1.7.1
13 years, 1 month
[libvirt] [PATCH 1/2] daemon: convert virRun to virCommand
by Eric Blake
Using snprintf to build up argv seems archaic.
* daemon/remote.c (remoteDispatchAuthPolkit): Modernize command call.
---
daemon/remote.c | 42 +++++++++++++++++-------------------------
1 files changed, 17 insertions(+), 25 deletions(-)
diff --git a/daemon/remote.c b/daemon/remote.c
index b158b8b..7f552a7 100644
--- a/daemon/remote.c
+++ b/daemon/remote.c
@@ -2468,26 +2468,17 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
uid_t callerUid = -1;
const char *action;
int status = -1;
- char pidbuf[50];
- char ident[100];
- int rv = -1;
+ char *ident = NULL;
struct daemonClientPrivate *priv =
virNetServerClientGetPrivateData(client);
-
- memset(ident, 0, sizeof ident);
+ virCommandPtr cmd = NULL;
virMutexLock(&priv->lock);
action = virNetServerClientGetReadonly(client) ?
"org.libvirt.unix.monitor" :
"org.libvirt.unix.manage";
- const char * const pkcheck [] = {
- PKCHECK_PATH,
- "--action-id", action,
- "--process", pidbuf,
- "--allow-user-interaction",
- NULL
- };
+ cmd = virCommandNewArgList(PKCHECK_PATH, "--action-id", action, NULL);
VIR_DEBUG("Start PolicyKit auth %d", virNetServerClientGetFD(client));
if (virNetServerClientGetAuth(client) != VIR_NET_SERVER_SERVICE_AUTH_POLKIT) {
@@ -2495,28 +2486,25 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
goto authfail;
}
- if (virNetServerClientGetUNIXIdentity(client, &callerUid, &callerGid, &callerPid) < 0) {
+ if (virNetServerClientGetUNIXIdentity(client, &callerUid, &callerGid,
+ &callerPid) < 0) {
goto authfail;
}
VIR_INFO("Checking PID %d running as %d", callerPid, callerUid);
- rv = snprintf(pidbuf, sizeof pidbuf, "%d", callerPid);
- if (rv < 0 || rv >= sizeof pidbuf) {
- VIR_ERROR(_("Caller PID was too large %d"), callerPid);
- goto authfail;
- }
+ virCommandAddArg(cmd, "--process");
+ virCommandAddArgFormat(cmd, "%d", callerPid);
+ virCommandAddArg(cmd, "--allow-user-interaction");
- rv = snprintf(ident, sizeof ident, "pid:%d,uid:%d", callerPid, callerUid);
- if (rv < 0 || rv >= sizeof ident) {
- VIR_ERROR(_("Caller identity was too large %d:%d"), callerPid, callerUid);
+ if (virAsprintf(&ident, "pid:%d,uid:%d", callerPid, callerUid) < 0) {
+ virReportOOMError();
goto authfail;
}
- if (virRun(pkcheck, &status) < 0) {
- VIR_ERROR(_("Cannot invoke %s"), PKCHECK_PATH);
+ if (virCommandRun(cmd, &status) < 0)
goto authfail;
- }
+
if (status != 0) {
char *tmp = virCommandTranslateStatus(status);
VIR_ERROR(_("Policy kit denied action %s from pid %d, uid %d: %s"),
@@ -2533,10 +2521,14 @@ remoteDispatchAuthPolkit(virNetServerPtr server ATTRIBUTE_UNUSED,
virNetServerClientSetIdentity(client, ident);
virMutexUnlock(&priv->lock);
+ virCommandFree(cmd);
+ VIR_FREE(ident);
return 0;
error:
+ virCommandFree(cmd);
+ VIR_FREE(ident);
virResetLastError();
virNetError(VIR_ERR_AUTH_FAILED, "%s",
_("authentication failed"));
@@ -2553,7 +2545,7 @@ authfail:
authdeny:
PROBE(RPC_SERVER_CLIENT_AUTH_DENY,
"client=%p auth=%d identity=%s",
- client, REMOTE_AUTH_POLKIT, (char *)ident);
+ client, REMOTE_AUTH_POLKIT, ident);
goto error;
}
#elif HAVE_POLKIT0
--
1.7.7.6
13 years, 1 month
[libvirt] [PATCH] hash: minor touchups
by Eric Blake
On RHEL5, I got:
util/virrandom.c:66: warning: nested extern declaration of '_gl_verify_function66' [-Wnested-externs]
The fix is to hoist the verify earlier. Also some other hodge-podge
fixes I noticed while reviewing Dan's recent series.
* .gitignore: Ignore new test.
* src/util/cgroup.c: Bump copyright year.
* src/util/virhash.c: Fix typo in description.
* src/util/virrandom.c (virRandomBits): Mark doc comment, and
hoist assert to silence older gcc.
---
Pushing under the build-breaker rule.
We didn't notice it earlier because newer gcc introduced
_Static_assert (per C11), so that verify() doesn't have to
rely on extern declarations in that case.
.gitignore | 1 +
src/util/cgroup.c | 2 +-
src/util/virhash.c | 2 +-
src/util/virrandom.c | 10 +++++-----
4 files changed, 8 insertions(+), 7 deletions(-)
diff --git a/.gitignore b/.gitignore
index 61a9a38..2533fce 100644
--- a/.gitignore
+++ b/.gitignore
@@ -78,6 +78,7 @@
/tests/openvzutilstest
/tests/qemuxmlnstest
/tests/shunloadtest
+/tests/virhashtest
/update.log
Makefile
Makefile.in
diff --git a/src/util/cgroup.c b/src/util/cgroup.c
index 3f092ab..15b870d 100644
--- a/src/util/cgroup.c
+++ b/src/util/cgroup.c
@@ -1,7 +1,7 @@
/*
* cgroup.c: Tools for managing cgroups
*
- * Copyright (C) 2010-2011 Red Hat, Inc.
+ * Copyright (C) 2010-2012 Red Hat, Inc.
* Copyright IBM Corp. 2008
*
* See COPYING.LIB for the License of this software
diff --git a/src/util/virhash.c b/src/util/virhash.c
index efaa286..6dec684 100644
--- a/src/util/virhash.c
+++ b/src/util/virhash.c
@@ -1,5 +1,5 @@
/*
- * virhash.c: chained hash tables for domain and domain/connection deallocatiosn
+ * virhash.c: chained hash tables
*
* Reference: Your favorite introductory book on algorithms
*
diff --git a/src/util/virrandom.c b/src/util/virrandom.c
index 0af94d5..ec0cf03 100644
--- a/src/util/virrandom.c
+++ b/src/util/virrandom.c
@@ -46,7 +46,11 @@ int virRandomInitialize(uint32_t seed)
return 0;
}
-/*
+/* The algorithm of virRandomBits requires that RAND_MAX == 2^n-1 for
+ * some n; gnulib's random_r meets this property. */
+verify(((RAND_MAX + 1U) & RAND_MAX) == 0);
+
+/**
* virRandomBits:
* @nbits: Number of bits of randommess required
*
@@ -61,10 +65,6 @@ uint64_t virRandomBits(int nbits)
uint64_t ret = 0;
int32_t bits;
- /* This algorithm requires that RAND_MAX == 2^n-1 for some n;
- gnulib's random_r meets this property. */
- verify(((RAND_MAX + 1U) & RAND_MAX) == 0);
-
virMutexLock(&randomLock);
while (nbits > bits_per_iter) {
--
1.7.7.6
13 years, 1 month
[libvirt] libvirt doesn't work with qemu 1.0
by Gerd Hoffmann
Hi,
$subject says all. The error message is:
error: internal error cannot parse /home/kraxel/bin/qemu-default version
number in 'QEMU emulator version 1.0, Copyright (c) 2003-2008 Fabrice
Bellard'
cheers,
Gerd
PS: libvirt-0.9.4-23.el6.x86_64
13 years, 1 month
[libvirt] [libvirt-glib] Don't loop forever on blank nodes
by Zeeshan Ali (Khattak)
From: "Zeeshan Ali (Khattak)" <zeeshanak(a)gnome.org>
---
libvirt-gconfig/libvirt-gconfig-helpers.c | 11 ++++++-----
1 files changed, 6 insertions(+), 5 deletions(-)
diff --git a/libvirt-gconfig/libvirt-gconfig-helpers.c b/libvirt-gconfig/libvirt-gconfig-helpers.c
index c406a49..fecf3eb 100644
--- a/libvirt-gconfig/libvirt-gconfig-helpers.c
+++ b/libvirt-gconfig/libvirt-gconfig-helpers.c
@@ -174,11 +174,12 @@ void gvir_config_xml_foreach_child(xmlNodePtr node,
gboolean cont;
xmlNodePtr next = it->next;
- if (xmlIsBlankNode(it))
- continue;
- cont = iter_func(it, opaque);
- if (!cont)
- break;
+ if (!xmlIsBlankNode(it)) {
+ cont = iter_func(it, opaque);
+ if (!cont)
+ break;
+ }
+
it = next;
}
}
--
1.7.7.5
13 years, 1 month
