Re: [libvirt] [PATCH] logging: Don't inhibit shutdown

Thursday, 26 April 2018

On Wed, Apr 25, 2018 at 03:03:37PM +0100, Daniel P. Berrangé wrote:
...
On Wed, Apr 25, 2018 at 03:57:05PM +0200, Martin Kletzander wrote:
> That is a job of libvirtd and virtlogd has a dependency on it, so that will
> prevent it properly.  Doing it one extra time in virtlogd might also cause AVC
> denials because it is not allowed to call that dbus method.
>
> This basically reverts df34363d58bbf424d5c8170a93d3ad5dcd4afb26, but manually
> due to the numerous changes since that was merged.
>
> Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1547250

Doh, I totally missed/forgot commit df34363d58bbf424d5c8170a93d3ad5dcd4afb26
and yet I wrote it :-(

I think the problem described in that commit still exists, for
*unprivileged* libvirtd, as that's not systemd managed.

We've applied the inhibition for both privileged and unprivilegd
libvirtd's though. We could optimize so that we only do the
inhibit when running unprivileged.

That would avoid the dbus AVC since only privileged libvirtd
is running with virtd_t type IIRC.

I was looking for that actually, but I don't think that's as clean solution as
it could be.  I'll do it that way just to fix the issue for now.  For the
future, however, I'll try to cook up a patch that will add a callback to
virNetServer (or virNetDaemon) that will be called to ask whether the daemon can
be shut down.  Then virNetDaemonAutoShutdownTimer() will actually ask whether
daemon and its servers can be shut down instead of just asking for clients.  But
I'll post that afterwards as a "clean-up" ;)

...

>
> Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com&gt;
> ---
>  src/logging/log_daemon.c  | 19 ++-----------------
>  src/logging/log_handler.c | 28 ++++------------------------
>  src/logging/log_handler.h | 11 ++---------
>  3 files changed, 8 insertions(+), 50 deletions(-)
>
> diff --git a/src/logging/log_daemon.c b/src/logging/log_daemon.c
> index 35d7ebb6d2bb..9cf3fd4dbb5f 100644
> --- a/src/logging/log_daemon.c
> +++ b/src/logging/log_daemon.c
> @@ -123,17 +123,6 @@ virLogDaemonFree(virLogDaemonPtr logd)
>  }
>
>
> -static void
> -virLogDaemonInhibitor(bool inhibit, void *opaque)
> -{
> -    virLogDaemonPtr dmn = opaque;
> -
> -    if (inhibit)
> -        virNetDaemonAddShutdownInhibition(dmn->dmn);
> -    else
> -        virNetDaemonRemoveShutdownInhibition(dmn->dmn);
> -}
> -
>  static virLogDaemonPtr
>  virLogDaemonNew(virLogDaemonConfigPtr config, bool privileged)
>  {
> @@ -185,9 +174,7 @@ virLogDaemonNew(virLogDaemonConfigPtr config, bool privileged)
>
>      if (!(logd->handler = virLogHandlerNew(privileged,
>                                             config->max_size,
> -                                           config->max_backups,
> -                                           virLogDaemonInhibitor,
> -                                           logd)))
> +                                           config->max_backups)))
>          goto error;
>
>      return logd;
> @@ -277,9 +264,7 @@ virLogDaemonNewPostExecRestart(virJSONValuePtr object, bool
privileged,
>      if (!(logd->handler = virLogHandlerNewPostExecRestart(child,
>                                                            privileged,
>                                                            config->max_size,
> -                                                          config->max_backups,
> -                                                          virLogDaemonInhibitor,
> -                                                          logd)))
> +                                                          config->max_backups)))
>          goto error;
>
>      return logd;
> diff --git a/src/logging/log_handler.c b/src/logging/log_handler.c
> index 40dfa8ecaebe..6d4e539f078e 100644
> --- a/src/logging/log_handler.c
> +++ b/src/logging/log_handler.c
> @@ -65,9 +65,6 @@ struct _virLogHandler {
>
>      virLogHandlerLogFilePtr *files;
>      size_t nfiles;
> -
> -    virLogHandlerShutdownInhibitor inhibitor;
> -    void *opaque;
>  };
>
>  static virClassPtr virLogHandlerClass;
> @@ -174,7 +171,6 @@ virLogHandlerDomainLogFileEvent(int watch,
>      return;
>
>   error:
> -    handler->inhibitor(false, handler->opaque);
>      virLogHandlerLogFileClose(handler, logfile);
>      virObjectUnlock(handler);
>  }
> @@ -183,9 +179,7 @@ virLogHandlerDomainLogFileEvent(int watch,
>  virLogHandlerPtr
>  virLogHandlerNew(bool privileged,
>                   size_t max_size,
> -                 size_t max_backups,
> -                 virLogHandlerShutdownInhibitor inhibitor,
> -                 void *opaque)
> +                 size_t max_backups)
>  {
>      virLogHandlerPtr handler;
>
> @@ -198,8 +192,6 @@ virLogHandlerNew(bool privileged,
>      handler->privileged = privileged;
>      handler->max_size = max_size;
>      handler->max_backups = max_backups;
> -    handler->inhibitor = inhibitor;
> -    handler->opaque = opaque;
>
>      return handler;
>
> @@ -220,8 +212,6 @@ virLogHandlerLogFilePostExecRestart(virLogHandlerPtr handler,
>      if (VIR_ALLOC(file) < 0)
>          return NULL;
>
> -    handler->inhibitor(true, handler->opaque);
> -
>      if ((path = virJSONValueObjectGetString(object, "path")) == NULL) {
>          virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
>                         _("Missing 'path' field in JSON
document"));
> @@ -276,7 +266,6 @@ virLogHandlerLogFilePostExecRestart(virLogHandlerPtr handler,
>      return file;
>
>   error:
> -    handler->inhibitor(false, handler->opaque);
>      virLogHandlerLogFileFree(file);
>      return NULL;
>  }
> @@ -286,9 +275,7 @@ virLogHandlerPtr
>  virLogHandlerNewPostExecRestart(virJSONValuePtr object,
>                                  bool privileged,
>                                  size_t max_size,
> -                                size_t max_backups,
> -                                virLogHandlerShutdownInhibitor inhibitor,
> -                                void *opaque)
> +                                size_t max_backups)
>  {
>      virLogHandlerPtr handler;
>      virJSONValuePtr files;
> @@ -297,9 +284,7 @@ virLogHandlerNewPostExecRestart(virJSONValuePtr object,
>
>      if (!(handler = virLogHandlerNew(privileged,
>                                       max_size,
> -                                     max_backups,
> -                                     inhibitor,
> -                                     opaque)))
> +                                     max_backups)))
>          return NULL;
>
>      if (!(files = virJSONValueObjectGet(object, "files"))) {
> @@ -349,10 +334,8 @@ virLogHandlerDispose(void *obj)
>      virLogHandlerPtr handler = obj;
>      size_t i;
>
> -    for (i = 0; i < handler->nfiles; i++) {
> -        handler->inhibitor(false, handler->opaque);
> +    for (i = 0; i < handler->nfiles; i++)
>          virLogHandlerLogFileFree(handler->files[i]);
> -    }
>      VIR_FREE(handler->files);
>  }
>
> @@ -373,8 +356,6 @@ virLogHandlerDomainOpenLogFile(virLogHandlerPtr handler,
>
>      virObjectLock(handler);
>
> -    handler->inhibitor(true, handler->opaque);
> -
>      for (i = 0; i < handler->nfiles; i++) {
>          if (STREQ(virRotatingFileWriterGetPath(handler->files[i]->file),
>                    path)) {
> @@ -429,7 +410,6 @@ virLogHandlerDomainOpenLogFile(virLogHandlerPtr handler,
>   error:
>      VIR_FORCE_CLOSE(pipefd[0]);
>      VIR_FORCE_CLOSE(pipefd[1]);
> -    handler->inhibitor(false, handler->opaque);
>      virLogHandlerLogFileFree(file);
>      virObjectUnlock(handler);
>      return -1;
> diff --git a/src/logging/log_handler.h b/src/logging/log_handler.h
> index 70be567ccc37..76df55c55e57 100644
> --- a/src/logging/log_handler.h
> +++ b/src/logging/log_handler.h
> @@ -30,20 +30,13 @@ typedef struct _virLogHandler virLogHandler;
>  typedef virLogHandler *virLogHandlerPtr;
>
>
> -typedef void (*virLogHandlerShutdownInhibitor)(bool inhibit,
> -                                               void *opaque);
> -
>  virLogHandlerPtr virLogHandlerNew(bool privileged,
>                                    size_t max_size,
> -                                  size_t max_backups,
> -                                  virLogHandlerShutdownInhibitor inhibitor,
> -                                  void *opaque);
> +                                  size_t max_backups);
>  virLogHandlerPtr virLogHandlerNewPostExecRestart(virJSONValuePtr child,
>                                                   bool privileged,
>                                                   size_t max_size,
> -                                                 size_t max_backups,
> -                                                 virLogHandlerShutdownInhibitor
inhibitor,
> -                                                 void *opaque);
> +                                                 size_t max_backups);
>
>  void virLogHandlerFree(virLogHandlerPtr handler);
>
> --
> 2.17.0
>
> --
> libvir-list mailing list
> libvir-list(a)redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :| 

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Re: [libvirt] [PATCH] logging: Don't inhibit shutdown