Hi Dan
Thank you for a reviewing.
I understand your suggestion.
- Libvirt should not check the device source path.
- The device source path should be checked by the Xen hotplug scripts.
I consider a fixing of Xen.
Thefore, I decline applying this patch.
Thanks,
Masayuki Sunou.
In message <20070712025025.GA18778(a)redhat.com>
"Re: [Libvir] [PATCH] Add the check of the device source"
""Daniel P. Berrange" <berrange(a)redhat.com>" wrote:
On Thu, Jul 12, 2007 at 09:34:18AM +0900, Masayuki Sunou wrote:
> Hi
>
> If specified device source does not exist,
> Not appropriate error is displayed.
> ----------------------------------------------------------------------
> # virsh attach-disk PV_FC7_14 NOT_EXIST_PATH xvdd
> libvir: Xen Daemon error : POST operation failed: (xend.err 'Device
> 51760 (vbd) could not be connected. Hotplug scripts not working.')
> ----------------------------------------------------------------------
This is a bug in the Xen hotplug scripts.
> This patch checks the existence of the device source path,
> and correct message is displayed in case of error.
Checking the device path in libvirt does not work because libvirt is not
running under the same security context as XenD or the hotplug scripts.
So while libvirt make check & successfully be able to access the device,
XenD / hotplug script may still fail due to SELinux policy constraints.
The only place you can correctly check for this is in the hotplug scripts
themelves.
As an example to deal with the scenario you describe, it is possible to
add the following to /etc/xen/scripts/block:
--- /etc/xen/scripts/block.orig 2006-11-28 16:04:50.000000000 -0500
+++ /etc/xen/scripts/block 2007-07-11 23:10:31.000000000 -0400
@@ -252,6 +252,12 @@
FRONTEND_UUID=$(xenstore_read_default \
"/local/domain/$FRONTEND_ID/vm" 'unknown')
claim_lock "block"
+ if [ ! -e "$dev" ] ; then
+ fatal "Path $dev does not exist"
+ fi
+ if [ ! -b "$dev" ]; then
+ fatal "Path $dev is not a block device"
+ fi
check_device_sharing "$dev" "$mode"
write_dev "$dev"
release_lock "block"
This will mean that a real message gets sent back:
# virsh attach-disk f7pv bogus xvdd
libvir: Xen Daemon error : POST operation failed: (xend.err
'Device 51760 (vbd) could not be connected. Path /dev/bogus does not exist')
This also means that other Xen tools also benefit from the error checking.
There's probably other checks that can be done in the hotplug scripts for
various conditions - basically any time you see ever see the message
'Hotplug scripts not working' from Xen is a bug in the hotplug scripts
themselves which needs fixing.
Regards,
Dan.
--
|=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=|
|=- Perl modules:
http://search.cpan.org/~danberr/ -=|
|=- Projects:
http://freshmeat.net/~danielpb/ -=|
|=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|