September 2012 - Devel - libvirt List Archives

[libvirt] [PATCH] build: fix missing include
by Dwight Engen 17 Sep '12

17 Sep '12

virNWFilterSnoopAdjustPoll() uses a struct pollfd but poll.h is never included nwfilter/nwfilter_dhcpsnoop.c:1297: error: 'struct pollfd' declared inside parameter list --- src/nwfilter/nwfilter_dhcpsnoop.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/src/nwfilter/nwfilter_dhcpsnoop.c b/src/nwfilter/nwfilter_dhcpsnoop.c index eb03f9d..04dd37a 100644 --- a/src/nwfilter/nwfilter_dhcpsnoop.c +++ b/src/nwfilter/nwfilter_dhcpsnoop.c @@ -47,6 +47,7 @@ #endif #include <fcntl.h> +#include <poll.h> #include <arpa/inet.h> #include <netinet/ip.h> -- 1.7.1

3 2

[libvirt] [PATCHv2] svirt: Label serial sockets (RHBZ#853393).
by Richard W.M. Jones 17 Sep '12

17 Sep '12

From: "Richard W.M. Jones" <rjones(a)redhat.com> libvirt skips labelling these, for unknown reasons. This breaks libguestfs. Adding this and some SELinux rules (RHBZ#857453) fixes everything for me. --- src/security/security_selinux.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c index a7e2420..4214105 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -1233,6 +1233,14 @@ virSecuritySELinuxSetSecurityChardevLabel(virDomainDefPtr def, ret = virSecuritySELinuxSetFilecon(dev->data.file.path, secdef->imagelabel); break; + case VIR_DOMAIN_CHR_TYPE_UNIX: + if (!dev->data.nix.listen) { + if (virSecuritySELinuxSetFilecon(dev->data.file.path, secdef->imagelabel) < 0) + goto done; + } + ret = 0; + break; + case VIR_DOMAIN_CHR_TYPE_PIPE: if ((virAsprintf(&in, "%s.in", dev->data.file.path) < 0) || (virAsprintf(&out, "%s.out", dev->data.file.path) < 0)) { @@ -1284,6 +1292,15 @@ virSecuritySELinuxRestoreSecurityChardevLabel(virDomainDefPtr def, goto done; ret = 0; break; + + case VIR_DOMAIN_CHR_TYPE_UNIX: + if (!dev->data.nix.listen) { + if (virSecuritySELinuxRestoreSecurityFileLabel(dev->data.file.path) < 0) + goto done; + } + ret = 0; + break; + case VIR_DOMAIN_CHR_TYPE_PIPE: if ((virAsprintf(&out, "%s.out", dev->data.file.path) < 0) || (virAsprintf(&in, "%s.in", dev->data.file.path) < 0)) { -- 1.7.10.4

2 1

[libvirt] [libvirt-designer][PATCH v2 0/4] Yet another functional extension
by Michal Privoznik 17 Sep '12

17 Sep '12

This time aimed on virtxml tool to make it user friendlier a little bit. Michal Privoznik (4): virtxml: Init variables virtxml: Detect OS from given ISO virtxml: Detect platform from libvirt connection URI Implement resources setting configure.ac | 2 +- examples/virtxml.c | 260 +++++++++++++++++++++++++--- libvirt-designer/libvirt-designer-domain.c | 91 ++++++++++ libvirt-designer/libvirt-designer-domain.h | 8 + libvirt-designer/libvirt-designer.sym | 1 + 5 files changed, 335 insertions(+), 27 deletions(-) -- 1.7.8.6

2 9

[libvirt] [PATCHv2 0/4] qemu: Add seccomp sandbox support
by Ján Tomko 17 Sep '12

17 Sep '12

This series adds support to run QEMU with seccomp sandbox enabled. It can be configured in qemu.conf to on, off, or the QEMU default, which is off in 1.2. Default value is the QEMU default. V1 of the patches supports tri-state configuration and includes a test for detecting the capability. V2 includes libvirtd_qemu.aug, renames vague 'sandbox' to 'seccompSandbox' and prints an error if the sandbox was requested but QEMU doesn't have the capability. Ján Tomko (4): qemu: add capability flag for seccomp sandbox qemu: conf: add seccomp_sandbox option qemu: add -sandbox to command line if requested tests: add qemu-1.2.0 help data src/qemu/libvirtd_qemu.aug | 1 + src/qemu/qemu.conf | 8 + src/qemu/qemu_capabilities.c | 3 + src/qemu/qemu_capabilities.h | 1 + src/qemu/qemu_command.c | 11 ++ src/qemu/qemu_conf.c | 5 + src/qemu/qemu_conf.h | 1 + tests/qemuhelpdata/qemu-1.2.0 | 270 ++++++++++++++++++++++++++++++++++ tests/qemuhelpdata/qemu-1.2.0-device | 181 +++++++++++++++++++++++ tests/qemuhelptest.c | 82 ++++++++++ 10 files changed, 563 insertions(+), 0 deletions(-) create mode 100644 tests/qemuhelpdata/qemu-1.2.0 create mode 100644 tests/qemuhelpdata/qemu-1.2.0-device -- 1.7.8.6

2 6

[libvirt] [PATCH 0/6 v3] New APIs to get/set node memory tunables
by Osier Yang 17 Sep '12

17 Sep '12

v1: https://www.redhat.com/archives/libvir-list/2012-September/msg00517.html v1 - v2: * Rename virNode{Get,Set}SharedMemoryParameters to virNode{Get,Set}MemoryParameters, in case of we could add more node memory tunables in future. v2 - v3: * Add prefix "shm_" to the shared memory parameter field. * Change REMOTE_NODE_MEMORY_PARAMETERS_MAX from 16 to 64. * Helper fucntions for internal APIs (node{Get,Set}MemoryParameters) * Add "shm" prefix for the virsh options. As a result of RFC: https://www.redhat.com/archives/libvir-list/2012-August/msg01998.html, this adds two new APIs (virNode{Get,Set}MemoryParameters) to get and set the host shared memory tunables (ksm under linux). Osier Yang (6): node_memory: Define the APIs to get/set memory parameters node_memory: Wire up the RPC protocol node_memory: Implement the internal APIs node_memory: Support get/set memory parameters for drivers node_memory: Expose the APIs to virsh node_memory: Expose the APIs to Python bindings daemon/remote.c | 59 +++++++++ include/libvirt/libvirt.h.in | 63 ++++++++++ python/generator.py | 2 + python/libvirt-override-api.xml | 13 ++ python/libvirt-override.c | 125 ++++++++++++++++++++ src/driver.h | 14 ++ src/libvirt.c | 121 +++++++++++++++++++ src/libvirt_private.syms | 2 + src/libvirt_public.syms | 2 + src/lxc/lxc_driver.c | 2 + src/nodeinfo.c | 249 +++++++++++++++++++++++++++++++++++++++ src/nodeinfo.h | 10 ++ src/qemu/qemu_driver.c | 2 + src/remote/remote_driver.c | 50 ++++++++ src/remote/remote_protocol.x | 24 ++++- src/remote_protocol-structs | 20 +++ src/rpc/gendispatch.pl | 3 + src/uml/uml_driver.c | 2 + src/xen/xen_driver.c | 3 + tools/virsh-host.c | 116 ++++++++++++++++++ tools/virsh.pod | 8 ++ 21 files changed, 889 insertions(+), 1 deletions(-) -- 1.7.7.3

2 8

[libvirt] [PATCH 0/5 v5] Atomic API to list secrets
by Osier Yang 17 Sep '12

17 Sep '12

v4 - v5: * Support filter the returned secrets by its properties "ephemeral" and "private". Osier Yang (5): list: Define new API virConnectListAllSecrets list: Implement RPC calls for virConnectListAllSecrets list: Implement listAllSecrets list: Expose virConnectListAllSecrets to Python binding list: Use virConnectListAllSecrets in virsh daemon/remote.c | 54 +++++++++ include/libvirt/libvirt.h.in | 21 ++++ python/generator.py | 1 + python/libvirt-override-api.xml | 6 + python/libvirt-override-virConnect.py | 12 ++ python/libvirt-override.c | 48 ++++++++ src/conf/secret_conf.h | 12 ++ src/driver.h | 5 + src/libvirt.c | 66 +++++++++++ src/libvirt_public.syms | 1 + src/remote/remote_driver.c | 64 ++++++++++ src/remote/remote_protocol.x | 13 ++- src/remote_protocol-structs | 12 ++ src/secret/secret_driver.c | 82 +++++++++++++- tools/virsh-secret.c | 209 ++++++++++++++++++++++++++++----- tools/virsh.pod | 8 +- 16 files changed, 581 insertions(+), 33 deletions(-) -- 1.7.7.3

2 13

[libvirt] [PATCH 0/5 v4] Atomic API to list network filters
by Osier Yang 17 Sep '12

17 Sep '12

v3 - v4: * Just rebase on the top, and split the patches from v3's large set. Osier Yang (5): list: Define new API virConnectListAllNWFilters list: Implement RPC calls for virConnectListAllNWFilters list: Implement listAllNWFilters list: Expose virConnectListAllNWFilters to Python binding list: Use virConnectListAllNWFilters in virsh daemon/remote.c | 54 +++++++++++ include/libvirt/libvirt.h.in | 4 +- python/generator.py | 1 + python/libvirt-override-api.xml | 6 + python/libvirt-override-virConnect.py | 12 +++ python/libvirt-override.c | 48 ++++++++++ src/driver.h | 5 + src/libvirt.c | 50 ++++++++++ src/libvirt_public.syms | 1 + src/nwfilter/nwfilter_driver.c | 56 +++++++++++ src/remote/remote_driver.c | 63 +++++++++++++ src/remote/remote_protocol.x | 13 +++- src/remote_protocol-structs | 12 +++ tools/virsh-nwfilter.c | 163 +++++++++++++++++++++++++++------ 14 files changed, 457 insertions(+), 31 deletions(-) -- 1.7.7.3

3 10

[libvirt] [PATCH 0/7 v4] Atomic API to list node devices
by Osier Yang 17 Sep '12

17 Sep '12

v3 - v4: * Just rebase on the top, split the patches from v3's larget set. Osier Yang (7): list: Define new API virConnectListAllNodeDevices list: Implemente RPC calls for virConnectListAllNodeDevices list: Add helpers for listing node devices list: Implement listAllNodeDevices list: Expose virConnectListAllNodeDevices to Python binding virsh: Fix a bug of nodedev-list list: Use virConnectListAllNodeDevices in virsh daemon/remote.c | 53 ++++++ include/libvirt/libvirt.h.in | 25 +++ python/generator.py | 1 + python/libvirt-override-api.xml | 6 + python/libvirt-override-virConnect.py | 12 ++ python/libvirt-override.c | 48 +++++ src/conf/node_device_conf.c | 103 +++++++++++ src/conf/node_device_conf.h | 16 ++ src/driver.h | 4 + src/libvirt.c | 62 +++++++ src/libvirt_private.syms | 2 + src/libvirt_public.syms | 1 + src/node_device/node_device_driver.c | 15 ++ src/node_device/node_device_driver.h | 3 + src/node_device/node_device_hal.c | 1 + src/node_device/node_device_udev.c | 1 + src/remote/remote_driver.c | 64 +++++++ src/remote/remote_protocol.x | 13 ++- src/remote_protocol-structs | 12 ++ tools/virsh-nodedev.c | 303 ++++++++++++++++++++++++++++----- tools/virsh.pod | 8 +- 21 files changed, 710 insertions(+), 43 deletions(-) -- 1.7.7.3

3 29

[libvirt] Memory statistics patch for collectd plugin
by Chris Furlough 17 Sep '12

17 Sep '12

Hello list, I see several mentions online for a patch that adds memory statistics to the libvirt plugin for collectd. Can anyone point me to the patch? Thanks! Frank

1 0

[libvirt] libvirt plans: dns support for IPv6?
by Gene Czarcinski 16 Sep '12

16 Sep '12

I would like to know what the plans are for supporting dns for virtual guests with only IPv6. My objective is to be able to reference a virtual guest for the host ... doing ssh, scp, etc. such functions work just fine if you specify the ip-address but, after a while, those ip-addresses are difficult to remember ... afterall, that is why dns exists. For IPv4, with a some patches to libvert implementing "--local=/virt/ --domain-needed" if "--domain virt" is specified, I am now able to ssh to guests by name. The additions needed are to run the NetworkManager supporting "--conf-dir=/etc/NetworkManager/dnsmasq.d/" (or patch it like I did), and add a file specifying the dnsmasq on the virtual NIC. For example, server=/virt/,192.168.122.1 will forward queries. Alternatively, you can run yet another dnsmasq on the host which just passes queries to the dnsmasq and modify your upstream dns server to forward any queries for the virtual domains to the dnsmasq on the host. IPv6 is another situation entirely. And it may be even more important to have dns support because if IPv4 address are difficult to remember, IPv6 are practically impossible. So, are there any plans for providing dns on the IPv6 virtual networks? I can see a couple of solutions and each has pluses and minuses. 1. Do it the same way the it is done for IPv4. The current version of dnsmasq (2.63) supports dhcp for IPv6 and, IIRC, has since 2.61. I realize that you need to continue support of libvirt on RHEL 6 and possibly others that are running an old version of dnsmasq, but isn't it time to move along? While you can manually configure IPv6 interfaces so that you can add the definitions to a /etc/host file, this is not a good approach from my perspective. The use of dnsmasq also allows specification of different domains for each virtual IPv6 network. 2. There is another approach and it would be useful for both dnsmasq and this approach be available. That is, continue to use radvd and have the virtual guests autoconf the ip addresses. Then use mDNS (avahi and nss-mdns) to support access by name. This does not require doing anything about dnsmasq. In fact, it is possible thatyou do not need it at all. In addition, the plans for Fedora 18 are to make mDNS the default for Desktop installs [I am not sure what that means]. A big problem is that there is only a single domain which is ".local" by default. An even bigger problem is that ssh (openssh) has an error if a mDNS name is specified. I noticed that Daniel Berrange has put in a bugzilla request that dnsmasq be updated. If someone is already coding up patches to add dhcp for IPv6 or will "real soon now", I will be happy to test it. Otherwise, I could take a shot at coming up with the patches. Gene

3 7