11:04 a.m.
Prepare for reusing libvirtd source to create other daemons by making
the use of IP sockets conditionally defined by the make rules.
The main libvirtd daemon will retain IP listen ability, but all the
driver specific daemons will be local UNIX sockets only. Apps needing
IP connectivity will connect via the libvirtd daemon which will proxy
to the driver specfic daemon.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
src/remote/Makefile.inc.am | 1 +
src/remote/remote_daemon.c | 90 ++++++++++++++++++++++++++++---
src/remote/remote_daemon_config.c | 36 +++++++++----
src/remote/remote_daemon_config.h | 9 +++-
4 files changed, 119 insertions(+), 17 deletions(-)
diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am
index ba385aac4d..25921437e2 100644
--- a/src/remote/Makefile.inc.am
+++ b/src/remote/Makefile.inc.am
@@ -147,6 +147,7 @@ libvirtd_CFLAGS = \
-DSOCK_NAME_RO="\"libvirt-sock-ro\"" \
-DSOCK_NAME_ADMIN="\"libvirt-admin-sock\"" \
-DDAEMON_NAME="\"libvirtd\"" \
+ -DENABLE_IP \
$(NULL)
libvirtd_LDFLAGS = \
diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c
index e1fb081bfe..d01a303f70 100644
--- a/src/remote/remote_daemon.c
+++ b/src/remote/remote_daemon.c
@@ -366,11 +366,13 @@ static int ATTRIBUTE_NONNULL(3)
daemonSetupNetworking(virNetServerPtr srv,
virNetServerPtr srvAdm,
struct daemonConfig *config,
+#ifdef ENABLE_IP
+ bool ipsock,
+ bool privileged,
+#endif /* ! ENABLE_IP */
const char *sock_path,
const char *sock_path_ro,
- const char *sock_path_adm,
- bool ipsock,
- bool privileged)
+ const char *sock_path_adm)
{
virNetServerServicePtr svc = NULL;
virNetServerServicePtr svcAdm = NULL;
@@ -457,6 +459,7 @@ daemonSetupNetworking(virNetServerPtr srv,
goto cleanup;
}
+#ifdef ENABLE_IP
if (ipsock) {
if (config->listen_tcp) {
VIR_DEBUG("Registering TCP socket %s:%s",
@@ -537,6 +540,7 @@ daemonSetupNetworking(virNetServerPtr srv,
virObjectUnref(ctxt);
}
}
+#endif /* ! ENABLE_IP */
#if WITH_SASL
if (virNetServerNeedsAuth(srv, REMOTE_AUTH_SASL) &&
@@ -876,6 +880,7 @@ daemonSetupHostUUID(const struct daemonConfig *config)
static void
daemonUsage(const char *argv0, bool privileged)
{
+#ifdef ENABLE_IP
fprintf(stderr,
_("\n"
"Usage:\n"
@@ -946,6 +951,64 @@ daemonUsage(const char *argv0, bool privileged)
SOCK_NAME,
DAEMON_NAME);
}
+#else
+ fprintf(stderr,
+ _("\n"
+ "Usage:\n"
+ " %s [options]\n"
+ "\n"
+ "Options:\n"
+ " -h | --help Display program help:\n"
+ " -v | --verbose Verbose messages.\n"
+ " -d | --daemon Run as a daemon & write PID
file.\n"
+ " -t | --timeout <secs> Exit after timeout period.\n"
+ " -f | --config <file> Configuration file.\n"
+ " -V | --version Display version information.\n"
+ " -p | --pid-file <file> Change name of PID file.\n"
+ "\n"
+ "libvirt management daemon:\n"),
+ argv0);
+
+ if (privileged) {
+ fprintf(stderr,
+ _("\n"
+ " Default paths:\n"
+ "\n"
+ " Configuration file (unless overridden by -f):\n"
+ " %s/libvirt/%s.conf\n"
+ "\n"
+ " Sockets:\n"
+ " %s\n"
+ " %s\n"
+ "\n"
+ " PID file (unless overridden by -p):\n"
+ " %s/run/%s.pid\n"
+ "\n"),
+ SYSCONFDIR,
+ DAEMON_NAME,
+ LOCALSTATEDIR "/run/libvirt/" SOCK_NAME,
+ LOCALSTATEDIR "/run/libvirt/" SOCK_NAME_RO,
+ LOCALSTATEDIR,
+ DAEMON_NAME);
+ } else {
+ fprintf(stderr,
+ _("\n"
+ " Default paths:\n"
+ "\n"
+ " Configuration file (unless overridden by -f):\n"
+ " $XDG_CONFIG_HOME/libvirt/%s.conf\n"
+ "\n"
+ " Sockets:\n"
+ " $XDG_RUNTIME_DIR/libvirt/%s\n"
+ "\n"
+ " PID file:\n"
+ " $XDG_RUNTIME_DIR/libvirt/%s.pid\n"
+ "\n"),
+ DAEMON_NAME,
+ SOCK_NAME,
+ DAEMON_NAME);
+ }
+#endif
}
int main(int argc, char **argv) {
@@ -965,7 +1028,9 @@ int main(int argc, char **argv) {
int timeout = -1; /* -t: Shutdown timeout */
int verbose = 0;
int godaemon = 0;
+#ifdef ENABLE_IP
int ipsock = 0;
+#endif /* ! ENABLE_IP */
struct daemonConfig *config;
bool privileged = geteuid() == 0 ? true : false;
bool implicit_conf = false;
@@ -975,7 +1040,9 @@ int main(int argc, char **argv) {
struct option opts[] = {
{ "verbose", no_argument, &verbose, 'v'},
{ "daemon", no_argument, &godaemon, 'd'},
+#ifdef ENABLE_IP
{ "listen", no_argument, &ipsock, 'l'},
+#endif /* ! ENABLE_IP */
{ "config", required_argument, NULL, 'f'},
{ "timeout", required_argument, NULL, 't'},
{ "pid-file", required_argument, NULL, 'p'},
@@ -999,7 +1066,13 @@ int main(int argc, char **argv) {
int c;
char *tmp;
- c = getopt_long(argc, argv, "ldf:p:t:vVh", opts, &optidx);
+ c = getopt_long(argc, argv,
+#ifdef ENABLE_IP
+ "ldf:p:t:vVh",
+#else /* ! ENABLE_IP */
+ "df:p:t:vVh",
+#endif /* ! ENABLE_IP */
+ opts, &optidx);
if (c == -1)
break;
@@ -1014,9 +1087,11 @@ int main(int argc, char **argv) {
case 'd':
godaemon = 1;
break;
+#ifdef ENABLE_IP
case 'l':
ipsock = 1;
break;
+#endif /* ! ENABLE_IP */
case 't':
if (virStrToLong_i(optarg, &tmp, 10, &timeout) != 0
@@ -1330,10 +1405,13 @@ int main(int argc, char **argv) {
if (daemonSetupNetworking(srv, srvAdm,
config,
+#ifdef ENABLE_IP
+ ipsock,
+ privileged,
+#endif /* !ENABLE_IP */
sock_file,
sock_file_ro,
- sock_file_adm,
- ipsock, privileged) < 0) {
+ sock_file_adm) < 0) {
ret = VIR_DAEMON_ERR_NETWORK;
goto cleanup;
}
diff --git a/src/remote/remote_daemon_config.c b/src/remote/remote_daemon_config.c
index 3e62b4203f..3c5ccd5ba8 100644
--- a/src/remote/remote_daemon_config.c
+++ b/src/remote/remote_daemon_config.c
@@ -107,12 +107,14 @@ daemonConfigNew(bool privileged ATTRIBUTE_UNUSED)
if (VIR_ALLOC(data) < 0)
return NULL;
+#ifdef ENABLE_IP
data->listen_tls = 1;
data->listen_tcp = 0;
if (VIR_STRDUP(data->tls_port, LIBVIRTD_TLS_PORT) < 0 ||
VIR_STRDUP(data->tcp_port, LIBVIRTD_TCP_PORT) < 0)
goto error;
+#endif /* !ENABLE_IP */
/* Only default to PolicyKit if running as root */
#if WITH_POLKIT
@@ -133,12 +135,14 @@ daemonConfigNew(bool privileged ATTRIBUTE_UNUSED)
VIR_STRDUP(data->unix_sock_admin_perms, "0700") < 0)
goto error;
-#if WITH_SASL
+#ifdef ENABLE_IP
+# if WITH_SASL
data->auth_tcp = REMOTE_AUTH_SASL;
-#else
+# else
data->auth_tcp = REMOTE_AUTH_NONE;
-#endif
+# endif
data->auth_tls = REMOTE_AUTH_NONE;
+#endif /* ! ENABLE_IP */
data->min_workers = 5;
data->max_workers = 20;
@@ -182,9 +186,12 @@ daemonConfigFree(struct daemonConfig *data)
if (!data)
return;
+#ifdef ENABLE_IP
VIR_FREE(data->listen_addr);
VIR_FREE(data->tls_port);
VIR_FREE(data->tcp_port);
+#endif /* ! ENABLE_IP */
+
tmp = data->access_drivers;
while (tmp && *tmp) {
VIR_FREE(*tmp);
@@ -198,25 +205,28 @@ daemonConfigFree(struct daemonConfig *data)
VIR_FREE(data->unix_sock_group);
VIR_FREE(data->unix_sock_dir);
- tmp = data->tls_allowed_dn_list;
+ tmp = data->sasl_allowed_username_list;
while (tmp && *tmp) {
VIR_FREE(*tmp);
tmp++;
}
- VIR_FREE(data->tls_allowed_dn_list);
+ VIR_FREE(data->sasl_allowed_username_list);
- tmp = data->sasl_allowed_username_list;
+#ifdef ENABLE_IP
+ tmp = data->tls_allowed_dn_list;
while (tmp && *tmp) {
VIR_FREE(*tmp);
tmp++;
}
- VIR_FREE(data->sasl_allowed_username_list);
+ VIR_FREE(data->tls_allowed_dn_list);
+
VIR_FREE(data->tls_priority);
VIR_FREE(data->key_file);
VIR_FREE(data->ca_file);
VIR_FREE(data->cert_file);
VIR_FREE(data->crl_file);
+#endif /* ! ENABLE_IP */
VIR_FREE(data->host_uuid);
VIR_FREE(data->host_uuid_source);
@@ -231,6 +241,7 @@ daemonConfigLoadOptions(struct daemonConfig *data,
const char *filename,
virConfPtr conf)
{
+#ifdef ENABLE_IP
if (virConfGetValueBool(conf, "listen_tcp", &data->listen_tcp) <
0)
goto error;
if (virConfGetValueBool(conf, "listen_tls", &data->listen_tls) <
0)
@@ -241,6 +252,7 @@ daemonConfigLoadOptions(struct daemonConfig *data,
goto error;
if (virConfGetValueString(conf, "listen_addr", &data->listen_addr)
< 0)
goto error;
+#endif /* !ENABLE_IP */
if (remoteConfigGetAuth(conf, filename, "auth_unix_rw",
&data->auth_unix_rw) < 0)
goto error;
@@ -256,10 +268,13 @@ daemonConfigLoadOptions(struct daemonConfig *data,
#endif
if (remoteConfigGetAuth(conf, filename, "auth_unix_ro",
&data->auth_unix_ro) < 0)
goto error;
+
+#ifdef ENABLE_IP
if (remoteConfigGetAuth(conf, filename, "auth_tcp", &data->auth_tcp)
< 0)
goto error;
if (remoteConfigGetAuth(conf, filename, "auth_tls", &data->auth_tls)
< 0)
goto error;
+#endif /* ! ENABLE_IP */
if (virConfGetValueStringList(conf, "access_drivers", false,
&data->access_drivers) < 0)
@@ -277,6 +292,7 @@ daemonConfigLoadOptions(struct daemonConfig *data,
if (virConfGetValueString(conf, "unix_sock_dir",
&data->unix_sock_dir) < 0)
goto error;
+#ifdef ENABLE_IP
if (virConfGetValueBool(conf, "tls_no_sanity_certificate",
&data->tls_no_sanity_certificate) < 0)
goto error;
if (virConfGetValueBool(conf, "tls_no_verify_certificate",
&data->tls_no_verify_certificate) < 0)
@@ -295,14 +311,14 @@ daemonConfigLoadOptions(struct daemonConfig *data,
&data->tls_allowed_dn_list) < 0)
goto error;
+ if (virConfGetValueString(conf, "tls_priority", &data->tls_priority)
< 0)
+ goto error;
+#endif /* ! ENABLE_IP */
if (virConfGetValueStringList(conf, "sasl_allowed_username_list", false,
&data->sasl_allowed_username_list) < 0)
goto error;
- if (virConfGetValueString(conf, "tls_priority", &data->tls_priority)
< 0)
- goto error;
-
if (virConfGetValueUInt(conf, "min_workers", &data->min_workers)
< 0)
goto error;
if (virConfGetValueUInt(conf, "max_workers", &data->max_workers)
< 0)
diff --git a/src/remote/remote_daemon_config.h b/src/remote/remote_daemon_config.h
index d580e7d49c..842ce98c60 100644
--- a/src/remote/remote_daemon_config.h
+++ b/src/remote/remote_daemon_config.h
@@ -27,11 +27,13 @@ struct daemonConfig {
char *host_uuid;
char *host_uuid_source;
+#ifdef ENABLE_IP
bool listen_tls;
bool listen_tcp;
char *listen_addr;
char *tls_port;
char *tcp_port;
+#endif /* ! ENABLE_IP */
char *unix_sock_admin_perms;
char *unix_sock_ro_perms;
@@ -41,21 +43,26 @@ struct daemonConfig {
int auth_unix_rw;
int auth_unix_ro;
+#ifdef ENABLE_IP
int auth_tcp;
int auth_tls;
+#endif /* ! ENABLE_IP */
char **access_drivers;
+#ifdef ENABLE_IP
bool tls_no_verify_certificate;
bool tls_no_sanity_certificate;
char **tls_allowed_dn_list;
- char **sasl_allowed_username_list;
char *tls_priority;
char *key_file;
char *cert_file;
char *ca_file;
char *crl_file;
+#endif /* ! ENABLE_IP */
+
+ char **sasl_allowed_username_list;
unsigned int min_workers;
unsigned int max_workers;
--
2.21.0