[libvirt] [PATCH 00/18] Add support for vTPM state encryption
by Stefan Berger
This series of patches addresses the RFE in BZ 172830:
https://bugzilla.redhat.com/show_bug.cgi?id=1728030
This series of patches adds support for vTPM state encryption by passing
the read-end of a pipe's file descriptor to 'swtpm_setup' and 'swtpm'
where they can read a passphrase from and derive a key from that passphrase.
The TPM's domain XML looks to enable state encryption looks like this:
<tpm model='tpm-tis'>
<backend type='emulator' version='1.2'>
<encryption format='vtpm'>
<secret type='passphrase' uuid='2c9ceaba-c6ef-4f38-86fd-6e3adb2df5cd'/>
</encryption>
</backend>
<alias name='tpm0'/>
</tpm>
The vTPM secret holding the passphrase looks like this:
<secret ephemeral='no' private='yes'>
<uuid>2c9ceaba-c6ef-4f38-86fd-6e3adb2df5cd</uuid>
<description>vTPM passphrase example</description>
<usage type='vtpm'>
<name>vtpm_example</name>
</usage>
</secret>
The swtpm v0.2 (upcoming) is needed that supports the command line option
--print-capabilities returning a JSON object that identifies features added
since v0.1. One such features is the possibility to pass a passphrase via a
file descriptor.
The patches do some refactoring of existing code on the way.
Stefan
Stefan Berger (18):
secret: Add support for usage type vTPM
tests: Add test for new Secret vTPM usage type
tests: Add already existing test case tpm-emulator-tpm2
util: Add VIR_STORAGE_ENCRYPTION_FORMAT_VTPM
conf: Extend TPM XML parser with encryption support
schema: Extend the TPM XML schema with support for encryption
tests: Add test for TPM XML encryption parser and formatter
tests: Add tests for QEMU command line generation with encrypted TPM
tpm: Move virtpm.c from utils dir to own tpm dir
tpm: Move qemuTPMEmulatorInit to virTPMEmulatorInit in virtpm.c
tpm: Refactor virTPMEmulatorInit to use loop
tpm: Check whether previously found executables were updated
tpm: Parse the capabilities supported by swtpm and swtpm_setup
tpm: Use fd to pass password to swtpm_setup and swtpm
tpm: Pass migration key passphrase via fd to swtpm
tpm: Check TPM XML device configuration changes after edit
docs: Extend Secret XML documentation with vtpm usage type
docs: Extend TPM docs with new encryption element
docs/formatdomain.html.in | 16 +
docs/formatsecret.html.in | 61 +++-
docs/schemas/domaincommon.rng | 30 ++
docs/schemas/secret.rng | 10 +
include/libvirt/libvirt-secret.h | 1 +
po/POTFILES | 2 +-
src/Makefile.am | 1 +
src/conf/Makefile.inc.am | 7 +
src/conf/domain_conf.c | 96 ++++-
src/conf/domain_conf.h | 5 +
src/conf/secret_conf.c | 13 +
src/conf/virtpm_conf.c | 36 ++
src/conf/virtpm_conf.h | 36 ++
src/libvirt_private.syms | 20 +-
src/qemu/Makefile.inc.am | 1 +
src/qemu/qemu_block.c | 1 +
src/qemu/qemu_driver.c | 28 ++
src/qemu/qemu_extdevice.c | 2 +-
src/qemu/qemu_extdevice.h | 3 +
src/qemu/qemu_tpm.c | 193 ++++++----
src/security/Makefile.inc.am | 1 +
src/tpm/Makefile.inc.am | 20 ++
src/tpm/virtpm.c | 330 ++++++++++++++++++
src/{util => tpm}/virtpm.h | 8 +
src/util/Makefile.inc.am | 2 -
src/util/virsecret.c | 2 +-
src/util/virstorageencryption.c | 2 +-
src/util/virstorageencryption.h | 1 +
src/util/virtpm.c | 74 ----
tests/Makefile.am | 1 +
.../tpm-emulator-tpm2-enc.x86_64-latest.args | 35 ++
.../tpm-emulator-tpm2-enc.xml | 34 ++
tests/qemuxml2argvtest.c | 1 +
.../tpm-emulator-tpm2-enc.xml | 38 ++
tests/qemuxml2xmltest.c | 2 +
tests/secretxml2xmlin/usage-vtpm.xml | 7 +
tests/secretxml2xmltest.c | 1 +
37 files changed, 957 insertions(+), 164 deletions(-)
create mode 100644 src/conf/virtpm_conf.c
create mode 100644 src/conf/virtpm_conf.h
create mode 100644 src/tpm/Makefile.inc.am
create mode 100644 src/tpm/virtpm.c
rename src/{util => tpm}/virtpm.h (77%)
delete mode 100644 src/util/virtpm.c
create mode 100644 tests/qemuxml2argvdata/tpm-emulator-tpm2-enc.x86_64-latest.args
create mode 100644 tests/qemuxml2argvdata/tpm-emulator-tpm2-enc.xml
create mode 100644 tests/qemuxml2xmloutdata/tpm-emulator-tpm2-enc.xml
create mode 100644 tests/secretxml2xmlin/usage-vtpm.xml
--
2.20.1
5 years, 5 months
[libvirt] [PATCH v9 00/10] work-in-progress: incremental backup
by Eric Blake
This is the current state of my incremental backup work on top of the
v9 checkpoint patches [1]. While everything compiles and my local
tests are able to perform an incremental backup, I already know that
the code needs a lot of cleanups before it can be accepted upstream;
this is more of a preview post to allow further testing against the
APIs while my more immediate focus is on getting checkpoints in. There
will be a v10 of this portion of the backup work, but now that
checkpoints are nearly ready to go, I'm still aiming to get backups in
the same 5.6 release window.
[1] https://www.redhat.com/archives/libvir-list/2019-July/msg00236.html
I've pushed a tag backup-v9 to both my libvirt.git and
libvirt-python.git repos to match:
https://repo.or.cz/libvirt/ericb.git/shortlog/refs/tags/backup-v9
https://repo.or.cz/libvirt-python/ericb.git/shortlog/refs/tags/backup-v9
Changes since v8:
- lots of rebasing
- however, reviews from v8 on this part of the series have not been
addressed yet...
001/10:[down] 'backup: qemu: Implement VIR_DOMAIN_CHECKPOINT_XML_SIZE flag'
002/10:[0016] [FC] 'backup: Document new XML for backups'
003/10:[0112] [FC] 'backup: Introduce virDomainBackup APIs'
004/10:[0419] [FC] 'backup: Implement backup APIs for remote driver'
005/10:[0023] [FC] 'backup: Parse and output backup XML'
006/10:[0052] [FC] 'backup: Implement virsh support for backup'
007/10:[0006] [FC] 'backup: qemu: Implement framework for backup job APIs'
008/10:[0010] [FC] 'backup: Wire up qemu full pull backup commands over QMP'
009/10:[----] [-C] 'backup: qemu: Wire up qemu full push backup commands over QMP'
010/10:[down] 'backup: Implement qemu incremental pull backup'
Eric Blake (10):
backup: qemu: Implement VIR_DOMAIN_CHECKPOINT_XML_SIZE flag
backup: Document new XML for backups
backup: Introduce virDomainBackup APIs
backup: Implement backup APIs for remote driver
backup: Parse and output backup XML
backup: Implement virsh support for backup
backup: qemu: Implement framework for backup job APIs
backup: Wire up qemu full pull backup commands over QMP
backup: qemu: Wire up qemu full push backup commands over QMP
backup: Implement qemu incremental pull backup
include/libvirt/libvirt-domain.h | 41 +-
src/conf/backup_conf.h | 94 +++
src/conf/virconftypes.h | 3 +
src/driver-hypervisor.h | 14 +
src/qemu/qemu_blockjob.h | 1 +
src/qemu/qemu_domain.h | 4 +
src/qemu/qemu_monitor.h | 4 +
src/qemu/qemu_monitor_json.h | 3 +
docs/docs.html.in | 3 +-
docs/format.html.in | 1 +
docs/formatbackup.html.in | 184 +++++
docs/formatcheckpoint.html.in | 12 +-
docs/index.html.in | 3 +-
docs/schemas/domainbackup.rng | 219 ++++++
examples/c/misc/event-test.c | 3 +
libvirt.spec.in | 1 +
mingw-libvirt.spec.in | 2 +
src/conf/Makefile.inc.am | 2 +
src/conf/backup_conf.c | 546 ++++++++++++++
src/conf/domain_conf.c | 2 +-
src/libvirt-domain-checkpoint.c | 7 +-
src/libvirt-domain.c | 219 ++++++
src/libvirt_private.syms | 8 +-
src/libvirt_public.syms | 3 +
src/qemu/qemu_domain.c | 37 +-
src/qemu/qemu_driver.c | 706 ++++++++++++++++++-
src/qemu/qemu_monitor.c | 11 +
src/qemu/qemu_monitor_json.c | 80 +++
src/qemu/qemu_process.c | 9 +
src/remote/remote_driver.c | 3 +
src/remote/remote_protocol.x | 53 +-
src/remote_protocol-structs | 28 +
tests/Makefile.am | 2 +
tests/domainbackupxml2xmlin/backup-pull.xml | 9 +
tests/domainbackupxml2xmlin/backup-push.xml | 9 +
tests/domainbackupxml2xmlin/empty.xml | 1 +
tests/domainbackupxml2xmlout/backup-pull.xml | 9 +
tests/domainbackupxml2xmlout/backup-push.xml | 9 +
tests/domainbackupxml2xmlout/empty.xml | 7 +
tests/virschematest.c | 2 +
tools/virsh-domain.c | 253 ++++++-
tools/virsh.pod | 49 ++
42 files changed, 2634 insertions(+), 22 deletions(-)
create mode 100644 src/conf/backup_conf.h
create mode 100644 docs/formatbackup.html.in
create mode 100644 docs/schemas/domainbackup.rng
create mode 100644 src/conf/backup_conf.c
create mode 100644 tests/domainbackupxml2xmlin/backup-pull.xml
create mode 100644 tests/domainbackupxml2xmlin/backup-push.xml
create mode 100644 tests/domainbackupxml2xmlin/empty.xml
create mode 100644 tests/domainbackupxml2xmlout/backup-pull.xml
create mode 100644 tests/domainbackupxml2xmlout/backup-push.xml
create mode 100644 tests/domainbackupxml2xmlout/empty.xml
--
2.20.1
5 years, 5 months
[libvirt] [jenkins-ci PATCH] guests: Define package_manager for Ubuntu 16.04
by Andrea Bolognani
Commit 611b85c2aa70 added this for all operating systems,
but at the time we had (mistakenly) dropped support for
Ubuntu 16.04, so we need to catch up after the recent
revert brought it back.
Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
---
Pushed as trivial.
guests/host_vars/libvirt-ubuntu-16/main.yml | 1 +
1 file changed, 1 insertion(+)
diff --git a/guests/host_vars/libvirt-ubuntu-16/main.yml b/guests/host_vars/libvirt-ubuntu-16/main.yml
index 0e38128..179dd03 100644
--- a/guests/host_vars/libvirt-ubuntu-16/main.yml
+++ b/guests/host_vars/libvirt-ubuntu-16/main.yml
@@ -16,6 +16,7 @@ projects:
- virt-viewer
package_format: 'deb'
+package_manager: 'apt-get'
os_name: 'Ubuntu'
os_version: '16'
--
2.21.0
5 years, 5 months
[libvirt] [jenkins-ci PATCH 0/2] Re-introduce Ubuntu 16.04
by Andrea Bolognani
See commit 1/2 for the explanation.
Andrea Bolognani (2):
guests: Re-introduce Ubuntu 16.04
Start building on Ubuntu 16.04 once again
guests/host_vars/libvirt-ubuntu-16/docker.yml | 2 ++
.../host_vars/libvirt-ubuntu-16/install.yml | 2 ++
guests/host_vars/libvirt-ubuntu-16/main.yml | 22 +++++++++++++++++++
guests/inventory | 1 +
guests/playbooks/build/jobs/defaults.yml | 1 +
.../playbooks/build/projects/libvirt-dbus.yml | 5 ++++-
.../build/projects/libvirt-go-xml.yml | 1 +
.../playbooks/build/projects/libvirt-go.yml | 1 +
.../build/projects/libvirt-ocaml.yml | 1 +
.../build/projects/libvirt-sandbox.yml | 1 +
.../playbooks/build/projects/libvirt-tck.yml | 1 +
guests/playbooks/build/projects/libvirt.yml | 1 +
guests/playbooks/build/projects/osinfo-db.yml | 1 +
.../playbooks/build/projects/virt-manager.yml | 4 +++-
guests/vars/mappings.yml | 3 +++
15 files changed, 45 insertions(+), 2 deletions(-)
create mode 100644 guests/host_vars/libvirt-ubuntu-16/docker.yml
create mode 100644 guests/host_vars/libvirt-ubuntu-16/install.yml
create mode 100644 guests/host_vars/libvirt-ubuntu-16/main.yml
--
2.21.0
5 years, 5 months
[libvirt] [PATCH] logging: ensure virtlogd rollover takes priority over logrotate
by Daniel P. Berrangé
The virtlogd config is set to rollover logs every 2 MB.
Normally a logrotate config file is also installed to handle cases where
virtlogd is disabled. This is set to rollover weekly with no size
constraint.
As a result logrotate can interfere with virtlogd's, rolling over files
that virtlogd has already taken care of.
This changes logrotate configs to rollover based on a max size
constraint of 2 MB + 1 byte. When virtlogd is running the log files will
never get this large, making logrotate a no-op.
If the user changes the size in virtlogd's config to something larger,
they are responsible for also changing the logrotate config suitably.
The LXC driver doesn't use virtlogd, but its logrotate config is altered
to match the QEMU driver logrotate, just for the sake of consistency.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
src/logging/virtlogd.conf | 6 ++++++
src/remote/libvirtd.lxc.logrotate.in | 2 +-
src/remote/libvirtd.qemu.logrotate.in | 12 +++++++++---
3 files changed, 16 insertions(+), 4 deletions(-)
diff --git a/src/logging/virtlogd.conf b/src/logging/virtlogd.conf
index 72da7f0705..bc41edbc6b 100644
--- a/src/logging/virtlogd.conf
+++ b/src/logging/virtlogd.conf
@@ -90,6 +90,12 @@
#admin_max_clients = 5
# Maximum file size before rolling over. Defaults to 2 MB
+#
+# Beware that a logrotate config file might be installed too,
+# to handle cases where virtlogd is disabled. To ensure that
+# the logrotate config is a no-op when virtlogd is running,
+# make sure that max_size here is smaller than size listed
+# in the logrotate config.
#max_size = 2097152
# Maximum number of backup files to keep. Defaults to 3,
diff --git a/src/remote/libvirtd.lxc.logrotate.in b/src/remote/libvirtd.lxc.logrotate.in
index 2bb9dfba12..b88dabb58e 100644
--- a/src/remote/libvirtd.lxc.logrotate.in
+++ b/src/remote/libvirtd.lxc.logrotate.in
@@ -1,5 +1,5 @@
@localstatedir(a)/log/libvirt/lxc/*.log {
- weekly
+ size 2097153
missingok
rotate 4
compress
diff --git a/src/remote/libvirtd.qemu.logrotate.in b/src/remote/libvirtd.qemu.logrotate.in
index cdb399ef23..9b9db716ab 100644
--- a/src/remote/libvirtd.qemu.logrotate.in
+++ b/src/remote/libvirtd.qemu.logrotate.in
@@ -1,8 +1,14 @@
@localstatedir(a)/log/libvirt/qemu/*.log {
- weekly
+ # The QEMU driver is configured to use virtlogd by
+ # default, which will perform log rollover.
+ # This logrotate config is still installed for cases
+ # where the user has switched off virtlogd.
+ #
+ # If virtlogd is active, ensure that size here is
+ # larger than 'max_size' in the virtlogd config
+ # so that logrotate becomes a no-op
+ size 2097153
missingok
rotate 4
- compress
- delaycompress
copytruncate
}
--
2.21.0
5 years, 5 months
[libvirt] [PATCH] util: assume modern CPU_ALLOC macros always exist
by Daniel P. Berrangé
Support for the modern CPU_ALLOC macros was added 10 years ago in
commit a73cd93b2428adbbc62bb919b6cf5ffd27728040
Author: Daniel P. Berrange <berrange(a)redhat.com>
Date: Mon Nov 16 16:08:29 2009 +0000
Alternate CPU affinity impl to cope with NR_CPUS > 1024
This is long enough that we can assume it always exists and drop the
back compat code.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
src/util/virprocess.c | 36 ------------------------------------
1 file changed, 36 deletions(-)
diff --git a/src/util/virprocess.c b/src/util/virprocess.c
index f2533f639f..66834d37d3 100644
--- a/src/util/virprocess.c
+++ b/src/util/virprocess.c
@@ -422,8 +422,6 @@ int virProcessSetAffinity(pid_t pid, virBitmapPtr map)
{
size_t i;
VIR_DEBUG("Set process affinity on %lld", (long long)pid);
-# ifdef CPU_ALLOC
- /* New method dynamically allocates cpu mask, allowing unlimted cpus */
int numcpus = 1024;
size_t masklen;
cpu_set_t *mask;
@@ -462,22 +460,6 @@ int virProcessSetAffinity(pid_t pid, virBitmapPtr map)
return -1;
}
CPU_FREE(mask);
-# else
- /* Legacy method uses a fixed size cpu mask, only allows up to 1024 cpus */
- cpu_set_t mask;
-
- CPU_ZERO(&mask);
- for (i = 0; i < virBitmapSize(map); i++) {
- if (virBitmapIsBitSet(map, i))
- CPU_SET(i, &mask);
- }
-
- if (sched_setaffinity(pid, sizeof(mask), &mask) < 0) {
- virReportSystemError(errno,
- _("cannot set CPU affinity on process %d"), pid);
- return -1;
- }
-# endif
return 0;
}
@@ -491,7 +473,6 @@ virProcessGetAffinity(pid_t pid)
size_t ncpus;
virBitmapPtr ret = NULL;
-# ifdef CPU_ALLOC
/* 262144 cpus ought to be enough for anyone */
ncpus = 1024 << 8;
masklen = CPU_ALLOC_SIZE(ncpus);
@@ -503,14 +484,6 @@ virProcessGetAffinity(pid_t pid)
}
CPU_ZERO_S(masklen, mask);
-# else
- ncpus = 1024;
- if (VIR_ALLOC(mask) < 0)
- return NULL;
-
- masklen = sizeof(*mask);
- CPU_ZERO(mask);
-# endif
if (sched_getaffinity(pid, masklen, mask) < 0) {
virReportSystemError(errno,
@@ -522,22 +495,13 @@ virProcessGetAffinity(pid_t pid)
goto cleanup;
for (i = 0; i < ncpus; i++) {
-# ifdef CPU_ALLOC
/* coverity[overrun-local] */
if (CPU_ISSET_S(i, masklen, mask))
ignore_value(virBitmapSetBit(ret, i));
-# else
- if (CPU_ISSET(i, mask))
- ignore_value(virBitmapSetBit(ret, i));
-# endif
}
cleanup:
-# ifdef CPU_ALLOC
CPU_FREE(mask);
-# else
- VIR_FREE(mask);
-# endif
return ret;
}
--
2.21.0
5 years, 5 months
[libvirt] [PATCH] libxl_driver: Drop needless variable
by Michal Privoznik
The @oldDef variable in libxlAddDom0() is not used really. Drop
it.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/libxl/libxl_driver.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c
index 7c236383e4..731700ded6 100644
--- a/src/libxl/libxl_driver.c
+++ b/src/libxl/libxl_driver.c
@@ -606,7 +606,6 @@ libxlAddDom0(libxlDriverPrivatePtr driver)
libxlDriverConfigPtr cfg = libxlDriverConfigGet(driver);
virDomainDefPtr def = NULL;
virDomainObjPtr vm = NULL;
- virDomainDefPtr oldDef = NULL;
libxl_dominfo d_info;
unsigned long long maxmem;
int ret = -1;
@@ -636,7 +635,7 @@ libxlAddDom0(libxlDriverPrivatePtr driver)
if (!(vm = virDomainObjListAdd(driver->domains, def,
driver->xmlopt,
0,
- &oldDef)))
+ NULL)))
goto cleanup;
def = NULL;
@@ -657,7 +656,6 @@ libxlAddDom0(libxlDriverPrivatePtr driver)
cleanup:
libxl_dominfo_dispose(&d_info);
virDomainDefFree(def);
- virDomainDefFree(oldDef);
virDomainObjEndAPI(&vm);
virObjectUnref(cfg);
return ret;
--
2.21.0
5 years, 5 months
[libvirt] [PATCH] maint: Typo fix for whether
by Eric Blake
Signed-off-by: Eric Blake <eblake(a)redhat.com>
---
Pushing under trivial rule.
src/driver.h | 4 ++--
docs/news-2014.html.in | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/driver.h b/src/driver.h
index 3fcea0d629..898fb96df4 100644
--- a/src/driver.h
+++ b/src/driver.h
@@ -78,9 +78,9 @@ typedef struct _virConnectDriver virConnectDriver;
typedef virConnectDriver *virConnectDriverPtr;
struct _virConnectDriver {
- /* Wether driver permits a server in the URI */
+ /* Whether driver permits a server in the URI */
bool localOnly;
- /* Wether driver needs a server in the URI */
+ /* Whether driver needs a server in the URI */
bool remoteOnly;
/*
* NULL terminated list of supported URI schemes.
diff --git a/docs/news-2014.html.in b/docs/news-2014.html.in
index 91a4f2f26f..2dbbe070de 100644
--- a/docs/news-2014.html.in
+++ b/docs/news-2014.html.in
@@ -2041,7 +2041,7 @@
build: avoid compiler warning on shadowed name (Jean-Baptiste Rouault),<br/>
tests: link against libxml2 (Guido Günther),<br/>
tests: build viridentitytest only WITH_ATTR. (Jincheng Miao),<br/>
- maint: Correctly detect wether "gluster" cli tool is accessible (Peter Krempa),<br/>
+ maint: Correctly detect whether "gluster" cli tool is accessible (Peter Krempa),<br/>
libvirt-guests: avoid bashism (Guido Günther),<br/>
Use the force flag for mkfs -t xfs (Ján Tomko)<br/>
</li>
--
2.20.1
5 years, 5 months
[libvirt] [PATCH] tests: Add getuid() to virnetdevbandwidthmock
by Andrea Bolognani
When only geteuid() is mocked, the test crashes on Debian 10.
Fatal: failed to reset uid: No such file or directory
Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) t a a bt
Thread 1 (Thread 0x7ffff3b3e080 (LWP 12003)):
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1 0x00007ffff7798535 in __GI_abort () at abort.c:79
#2 0x00007ffff485ca20 in _gcry_logv (level=level@entry=40, fmt=fmt@entry=0x7ffff4929126 "failed to reset uid: %s\n", arg_ptr=arg_ptr@entry=0x7fffffffe4a0) at ../../src/misc.c:142
#3 0x00007ffff485cd61 in _gcry_log_fatal (fmt=fmt@entry=0x7ffff4929126 "failed to reset uid: %s\n") at ../../src/misc.c:218
#4 0x00007ffff48639d1 in lock_pool_pages (n=<optimized out>, p=<optimized out>) at ../../src/secmem.c:340
#5 _gcry_secmem_init_internal (n=<optimized out>) at ../../src/secmem.c:563
#6 0x00007ffff4863d78 in _gcry_secmem_init (n=4096) at ../../src/secmem.c:581
#7 0x00007ffff485e4e6 in _gcry_vcontrol (cmd=<optimized out>, arg_ptr=arg_ptr@entry=0x7fffffffe5e0) at ../../src/global.c:506
#8 0x00007ffff485a789 in gcry_control (cmd=cmd@entry=GCRYCTL_INIT_SECMEM) at ../../src/visibility.c:79
#9 0x00007ffff71af10f in ssh_crypto_init () at ./src/libgcrypt.c:621
#10 0x00007ffff7193796 in _ssh_init (constructor=constructor@entry=1) at ./src/init.c:79
#11 0x00007ffff71834de in libssh_constructor () at ./src/init.c:116
#12 0x00007ffff7fe437a in call_init (l=<optimized out>, argc=argc@entry=1, argv=argv@entry=0x7fffffffe778, env=env@entry=0x7fffffffe788) at dl-init.c:72
#13 0x00007ffff7fe4476 in call_init (env=0x7fffffffe788, argv=0x7fffffffe778, argc=1, l=<optimized out>) at dl-init.c:30
#14 _dl_init (main_map=0x7ffff7ffe190, argc=1, argv=0x7fffffffe778, env=0x7fffffffe788) at dl-init.c:119
#15 0x00007ffff7fd60ca in _dl_start_user () from /lib64/ld-linux-x86-64.so.2
#16 0x0000000000000001 in ?? ()
#17 0x00007fffffffea26 in ?? ()
#18 0x0000000000000000 in ?? ()
Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
---
tests/virnetdevbandwidthmock.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/tests/virnetdevbandwidthmock.c b/tests/virnetdevbandwidthmock.c
index cb48933447..f0c6b22c5f 100644
--- a/tests/virnetdevbandwidthmock.c
+++ b/tests/virnetdevbandwidthmock.c
@@ -24,3 +24,8 @@ uid_t geteuid(void)
{
return 0;
}
+
+uid_t getuid(void)
+{
+ return 0;
+}
--
2.21.0
5 years, 5 months
[libvirt] [PATCHv2] Do not keep empty log files for deleted domains
by Jan Zerebecki
With logrotates copytruncate when e.g. domain1 doesn't exist anymore
/var/log/libvirt/qemu/domain1.log will still exist after rotation even
though it will never be written to. When new domain names keep getting
used this leads to a lot of empty logfiles. This may lead to slowdown or
lack of free disk space / inodes.
Fix this by replacing copytruncate with the apropriate postrotate
command to reopen log files. Thus after the apropriate time log files
for deleted domains will be gone. This also has the advantage that the
chance for loss of a few lines during copytruncate is gone.
This only fixes the issue for qemu domains, others still have the same
problem unfixed.
Signed-off-by: Jan Zerebecki <jan.suse(a)zerebecki.de>
---
v2: drop changes to other logrotate confis
src/remote/libvirtd.qemu.logrotate.in | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/remote/libvirtd.qemu.logrotate.in b/src/remote/libvirtd.qemu.logrotate.in
index cdb399ef23..95407cec1a 100644
--- a/src/remote/libvirtd.qemu.logrotate.in
+++ b/src/remote/libvirtd.qemu.logrotate.in
@@ -4,5 +4,7 @@
rotate 4
compress
delaycompress
- copytruncate
+ postrotate
+ /usr/bin/killall -USR1 virtlogd
+ endscript
}
--
2.20.1
5 years, 5 months