September 2013 - Devel - libvirt List Archives

Re: [libvirt] [PATCH] virsh: Fix domdisplay when domain only uses TLS
by Martin Kletzander 27 Sep '13

27 Sep '13

On Fri, Sep 27, 2013 at 05:43:50PM +0200, Christophe Fergeau wrote: > Hey Martin, > > Your reply wasn't sent to the mailing list, I'm assuming this was > unintentional. > Yes, sorry, that happened to me with 2 ACKs today :-( > On Fri, Sep 27, 2013 at 12:08:27PM +0200, Martin Kletzander wrote: > > On Wed, Sep 25, 2013 at 05:59:54PM +0200, Christophe Fergeau wrote: > > > It's possible to create a domain which will only use a TLS port > > > and will not have a non-TLS port set by using: > > > <graphics type='spice' autoport='yes' defaultMode='secure'/> > > > In such a setup, the 'graphics' node for the running domain will be: > > > <graphics type='spice' tlsPort='5900' > > > autoport='yes' listen='127.0.0.1' > > > defaultMode='secure'> > > > > > > However, cmdDomDisplay loops over all the 'graphics' node, and it > > > ignores nodes which don't have a 'port' attribute. This means > > > 'virsh domdisplay' will only return an empty string for domains > > > as the one above. > > > > > > This commit looks for both 'port' and 'tlsPort' before deciding > > > to ignore a graphics node. It also makes sure 'port' is not printed > > > when it's not set. > > > This makes 'virsh domdisplay' return > > > 'spice://127.0.0.1?tls-port=5900' for domains using only a TLS > > > port. > > > > > > Signed-off-by: Christophe Fergeau <cfergeau(a)redhat.com> > > > --- > > > tools/virsh-domain.c | 28 ++++++++++++++++------------ > > > 1 file changed, 16 insertions(+), 12 deletions(-) > > > > > > > ACK and OK for this release. > > Thanks, I've pushed this to master. > > This patch would also be a good candidate for the stable branch, is there > some process to follow to get it in there? > IIRC, either let Cole know or, if you have the rights, feel free to just back-port it when it is a bug (which this is). Martin

1 0

[libvirt] [PATCH v2] fchosttest: Run the test only under linux
by Michal Privoznik 27 Sep '13

27 Sep '13

Currently, we have functions to handle fc_host implemented just for linux. On all other platforms an error is thrown. It makes no sense to run the test on those platforms then. Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com> --- tests/Makefile.am | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/tests/Makefile.am b/tests/Makefile.am index 1a7ff4b..17a2a72 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -129,9 +129,12 @@ test_programs = virshtest sockettest \ virportallocatortest \ sysinfotest \ virstoragetest \ - fchosttest \ $(NULL) +if WITH_LINUX +test_programs += fchosttest +endif WITH_LINUX + if WITH_LIBVIRTD test_programs += fdstreamtest endif WITH_LIBVIRTD @@ -845,10 +848,15 @@ fdstreamtest_SOURCES = \ fdstreamtest.c testutils.h testutils.c fdstreamtest_LDADD = $(LDADDS) +if WITH_LINUX fchosttest_SOURCES = \ fchosttest.c testutils.h testutils.c fchosttest_LDADD = $(LDADDS) +else ! WITH_LINUX +EXTRA_DIST += fchosttest.c +endif ! WITH_LINUX + if WITH_CIL CILOPTFLAGS = CILOPTINCS = -- 1.8.1.5

2 1

[libvirt] [PATCH] Makefile.am: Always include rule to make org.libvirt.api.policy
by Michal Privoznik 27 Sep '13

27 Sep '13

When running 'make dist' on a system without policykit, we currently fail. This is because $(srcdir)/access/org.libvirt.api.policy is in EXTRA_DIST, however, the rule to generate the file is conditional whether we build with polkit or not. Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com> --- src/Makefile.am | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/Makefile.am b/src/Makefile.am index 09311b7..2b4549e 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -1519,6 +1519,10 @@ libvirt_driver_access_la_LIBADD = EXTRA_DIST += access/genpolkit.pl +$(ACCESS_DRIVER_POLKIT_POLICY): $(srcdir)/access/viraccessperm.h \ + $(srcdir)/access/genpolkit.pl Makefile.am + $(AM_V_GEN)$(PERL) $(srcdir)/access/genpolkit.pl < $< > $@ || rm -f $@ + if WITH_POLKIT1 libvirt_driver_access_la_SOURCES += $(ACCESS_DRIVER_POLKIT_SOURCES) @@ -1527,10 +1531,6 @@ if WITH_LIBVIRTD polkitaction_DATA = $(ACCESS_DRIVER_POLKIT_POLICY) endif WITH_LIBVIRTD -$(ACCESS_DRIVER_POLKIT_POLICY): $(srcdir)/access/viraccessperm.h \ - $(srcdir)/access/genpolkit.pl Makefile.am - $(AM_V_GEN)$(PERL) $(srcdir)/access/genpolkit.pl < $< > $@ || rm -f $@ - CLEANFILES += $(ACCESS_DRIVER_POLKIT_POLICY) BUILT_SOURCES += $(ACCESS_DRIVER_POLKIT_POLICY) else ! WITH_POLKIT1 -- 1.8.1.5

2 1

[libvirt] [PATCH 1/3] BSD: Ensure UNIX socket credentials are valid
by Doug Goldstein 27 Sep '13

27 Sep '13

Ensure that the socket credentials we got back on BSD are valid before using them. --- src/rpc/virnetsocket.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c index b311aae..49c6ddc 100644 --- a/src/rpc/virnetsocket.c +++ b/src/rpc/virnetsocket.c @@ -1166,6 +1166,18 @@ int virNetSocketGetUNIXIdentity(virNetSocketPtr sock, return -1; } + if (cr.cr_version != XUCRED_VERSION) { + virReportError(VIR_ERR_SYSTEM_ERROR, "%s", + _("Failed to get valid client socket identity")); + return -1; + } + + if (cr.cr_ngroups == 0) { + virReportError(VIR_ERR_SYSTEM_ERROR, "%s", + _("Failed to get valid client socket identity groups")); + return -1; + } + *pid = -1; *uid = cr.cr_uid; *gid = cr.cr_gid; -- 1.8.1.5

2 7

[libvirt] [PATCH 00/17] Many OOM fixes
by Daniel P. Berrange 27 Sep '13

27 Sep '13

From: "Daniel P. Berrange" <berrange(a)redhat.com> This series fixes a large number of problems in OOM codepaths. These are primarily memory leaks, but there's one crash in Xen parsing code and a few places which silently ignore failure leading to corrupt or malformed output. Daniel P. Berrange (17): Fix leak in virDomainVcpuPinDefArrayFree Avoid leak if virDomainSoundCodecDefParseXML return error Fix leak in virDomainVcpuPinDefParseXML parsing cpumask Fix leak in virDomainDefParseXML parsing vcpupin Fix leak of address string in qemuDomainPCIAddressGetNextSlot Avoid leak in qemuParseRBDString on failure of qemuAddRBDHost Fix failure to honour OOM status in qemuParseNBDString Fix leak on OOM in qemuBuildCommandLine dealing with sound card Fix leak in qemuParseCommandLineDisk on OOM Fix missing jump to error cleanup in qemuParseCommandLineDisk Fix leak in qemuStringToArgvEnv upon OOM Fix leak in qemuParseCommandLine on OOM Fix leak of command line args in qemuParseCommandLine Fix leak of char device in xenParseXM Fix crash on OOM in xenParseXM handling consoles Fix broken formatting on OOM in xenFormatXM Fix leak of serial value in xenFormatXM on OOM src/conf/domain_conf.c | 16 +++++++++----- src/qemu/qemu_command.c | 56 ++++++++++++++++++++++++++++--------------------- src/qemu/qemu_conf.c | 18 ++++++++++++++++ src/qemu/qemu_conf.h | 2 ++ src/qemu/qemu_domain.c | 15 +------------ src/xenxs/xen_xm.c | 12 +++++++---- 6 files changed, 72 insertions(+), 47 deletions(-) -- 1.8.3.1

3 36

[libvirt] [PATCH] LXC: workaround machined uncleaned data with containers running systemd.
by Cédric Bosdonnat 27 Sep '13

27 Sep '13

The problem is described by [0] but its effect on libvirt is that starting a container with a full distro running systemd after having stopped it simply fails. The container cleanup now calls the machined Terminate function to make sure that everything is in order for the next run. [0]: https://bugs.freedesktop.org/show_bug.cgi?id=68370 --- src/Makefile.am | 4 +++- src/lxc/lxc_process.c | 8 ++++++++ src/util/virsystemd.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++ src/util/virsystemd.h | 4 ++++ 4 files changed, 70 insertions(+), 1 deletion(-) diff --git a/src/Makefile.am b/src/Makefile.am index 4375ef7..211b42e 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -1170,7 +1170,9 @@ EXTRA_DIST += qemu/qemu.conf qemu/libvirtd_qemu.aug \ if WITH_LXC noinst_LTLIBRARIES += libvirt_driver_lxc_impl.la libvirt_driver_lxc_la_SOURCES = -libvirt_driver_lxc_la_LIBADD = libvirt_driver_lxc_impl.la +libvirt_driver_lxc_la_LIBADD = \ + libvirt_driver_lxc_impl.la \ + libvirt_util.la if WITH_DRIVER_MODULES mod_LTLIBRARIES += libvirt_driver_lxc.la libvirt_driver_lxc_la_LIBADD += ../gnulib/lib/libgnu.la diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c index 4835bd5..f92c613 100644 --- a/src/lxc/lxc_process.c +++ b/src/lxc/lxc_process.c @@ -50,6 +50,7 @@ #include "virstring.h" #include "viratomic.h" #include "virprocess.h" +#include "virsystemd.h" #define VIR_FROM_THIS VIR_FROM_LXC @@ -210,6 +211,13 @@ static void virLXCProcessCleanup(virLXCDriverPtr driver, virCgroupFree(&priv->cgroup); } + /* Get machined to terminate the machine as it may not have cleaned it + * properly. See https://bugs.freedesktop.org/show_bug.cgi?id=68370 for + * the bug we are working around here. + */ + virSystemdTerminateMachine(vm->def->name, "lxc", true); + + /* now that we know it's stopped call the hook if present */ if (virHookPresent(VIR_HOOK_DRIVER_LXC)) { char *xml = virDomainDefFormat(vm->def, 0); diff --git a/src/util/virsystemd.c b/src/util/virsystemd.c index e72b7f0..3320e53 100644 --- a/src/util/virsystemd.c +++ b/src/util/virsystemd.c @@ -242,3 +242,58 @@ cleanup: VIR_FREE(slicename); return ret; } + +int virSystemdTerminateMachine(const char *name, + const char *drivername, + bool privileged) +{ + int ret; + DBusConnection *conn; + char *machinename = NULL; + char *username = NULL; + + ret = virDBusIsServiceEnabled("org.freedesktop.machine1"); + if (ret < 0) + return ret; + + conn = virDBusGetSystemBus(); + + ret = -1; + if (privileged) { + if (virAsprintf(&machinename, "%s-%s", drivername, name) < 0) + goto cleanup; + } else { + if (!(username = virGetUserName(geteuid()))) + goto cleanup; + if (virAsprintf(&machinename, "%s-%s-%s", username, drivername, name) < 0) + goto cleanup; + } + + /* + * The systemd DBus API we're invoking has the + * following signature + * + * TerminateMachine(in s name); + * + * @name a host unique name for the machine. shows up + * in 'ps' listing & similar + */ + + VIR_DEBUG("Attempting to terminate machine via systemd"); + if (virDBusCallMethod(conn, + NULL, + "org.freedesktop.machine1", + "/org/freedesktop/machine1", + "org.freedesktop.machine1.Manager", + "TerminateMachine", + "s", + machinename) < 0) + goto cleanup; + + ret = 0; + +cleanup: + VIR_FREE(username); + VIR_FREE(machinename); + return ret; +} diff --git a/src/util/virsystemd.h b/src/util/virsystemd.h index 414ae5a..6c9c6df 100644 --- a/src/util/virsystemd.h +++ b/src/util/virsystemd.h @@ -38,4 +38,8 @@ int virSystemdCreateMachine(const char *name, bool iscontainer, const char *partition); +int virSystemdTerminateMachine(const char *name, + const char *drivername, + bool privileged); + #endif /* __VIR_SYSTEMD_H__ */ -- 1.8.4

2 1

[libvirt] [PATCH] fchosttest: Run the test only under linux
by Michal Privoznik 27 Sep '13

27 Sep '13

Currently, we have functions to handle fc_host implemented just for linux. On all other platforms an error is thrown. It makes no sense to run the test on those platforms then. Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com> --- tests/fchosttest.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/tests/fchosttest.c b/tests/fchosttest.c index 05ff20b..46bd784 100644 --- a/tests/fchosttest.c +++ b/tests/fchosttest.c @@ -163,6 +163,11 @@ mymain(void) { int ret = 0; +#ifndef __linux__ + fputs("Not compiled under linux, skipping this test\n", stderr); + return EXIT_AM_SKIP; +#endif + if (virAsprintf(&fchost_prefix, "%s/%s", abs_srcdir, "fchostdata/fc_host/") < 0) { ret = -1; -- 1.8.1.5

3 2

[libvirt] [PATCH 0/2] Fix a few memory leaks in libvirtd
by Jiri Denemark 27 Sep '13

27 Sep '13

Jiri Denemark (2): qemu: Don't leak reference to virQEMUDriverConfigPtr qemu: Free all driver data in qemuStateCleanup src/qemu/qemu_driver.c | 2 ++ src/qemu/qemu_process.c | 3 ++- 2 files changed, 4 insertions(+), 1 deletion(-) -- 1.8.3.2

2 4

[libvirt] [PATCH] build: Fix VPATH build error for locking daemon
by Viktor Mihajlovski 27 Sep '13

27 Sep '13

Removed superfluous/wrong srcdir prefix. Signed-off-by: Viktor Mihajlovski <mihajlov(a)linux.vnet.ibm.com> --- src/Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Makefile.am b/src/Makefile.am index 4057eda..09311b7 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -196,7 +196,7 @@ BUILT_SOURCES += $(LOCK_PROTOCOL_GENERATED) MAINTAINERCLEANFILES += $(LOCK_PROTOCOL_GENERATED) LOCK_DAEMON_GENERATED = \ - $(srcdir)/locking/lock_daemon_dispatch_stubs.h + locking/lock_daemon_dispatch_stubs.h $(NULL) BUILT_SOURCES += $(LOCK_DAEMON_GENERATED) -- 1.7.9.5

2 1

[libvirt] [PATCH]lxc: don't start container when no root fs found
by Chen Hanxiao 27 Sep '13

27 Sep '13

From: Chen Hanxiao <chenhanxiao(a)cn.fujitsu.com> Currently, if we don't explicitly add root fs for container, libvirt will add one for us implicitly with "/" as src. It would be not safe. Unless user asked for it, we should not assume this. Signed-off-by: Chen Hanxiao <chenhanxiao(a)cn.fujitsu.com> --- src/lxc/lxc_process.c | 29 +++++++---------------------- 1 file changed, 7 insertions(+), 22 deletions(-) diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c index 4835bd5..4f4a906 100644 --- a/src/lxc/lxc_process.c +++ b/src/lxc/lxc_process.c @@ -911,29 +911,14 @@ virLXCProcessEnsureRootFS(virDomainObjPtr vm) { virDomainFSDefPtr root = virDomainGetRootFilesystem(vm->def); - if (root) + if (root) { return 0; - - if (VIR_ALLOC(root) < 0) - goto error; - - root->type = VIR_DOMAIN_FS_TYPE_MOUNT; - - if (VIR_STRDUP(root->src, "/") < 0 || - VIR_STRDUP(root->dst, "/") < 0) - goto error; - - if (VIR_INSERT_ELEMENT(vm->def->fss, - 0, - vm->def->nfss, - root) < 0) - goto error; - - return 0; - -error: - virDomainFSDefFree(root); - return -1; + } else { + errno = EINVAL; + virReportSystemError(errno, "%s", + _("No root fs found for container")); + return -1; + } } /** -- 1.8.2.1

2 2