The augeas-gentest.pl program merges a config file into a augeas file, saving the output to a new file. It is going to be useful to further process the output file, and it would be easier if this can be done with a pipeline, so change augeas-gentest.pl to write to stdout instead of a file. Reviewed-by: Andrea Bolognani <abologna(a)redhat.com&gt; Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- build-aux/augeas-gentest.pl | 20 ++++++-------------- src/bhyve/Makefile.inc.am | 2 +- src/libxl/Makefile.inc.am | 2 +- src/locking/Makefile.inc.am | 6 +++--- src/logging/Makefile.inc.am | 2 +- src/lxc/Makefile.inc.am | 2 +- src/qemu/Makefile.inc.am | 2 +- src/remote/Makefile.inc.am | 2 +- 8 files changed, 15 insertions(+), 23 deletions(-) diff --git a/build-aux/augeas-gentest.pl b/build-aux/augeas-gentest.pl index 567fc651f3..faf2fd593e 100755 --- a/build-aux/augeas-gentest.pl +++ b/build-aux/augeas-gentest.pl @@ -20,17 +20,10 @@ use strict; use warnings; -die "syntax: $0 CONFIG TEMPLATE AUGTEST\n" unless @ARGV == 3; +die "syntax: $0 CONFIG TEMPLATE\n" unless @ARGV == 2; my $config = shift @ARGV; my $template = shift @ARGV; -my $augtest = shift @ARGV; - -open AUGTEST, ">", $augtest or die "cannot create $augtest: $!"; - -$SIG{__DIE__} = sub { - unlink $augtest; -}; open CONFIG, "<", $config or die "cannot read $config: $!"; open TEMPLATE, "<", $template or die "cannot read $template: $!"; @@ -39,12 +32,12 @@ my $group = 0; while (<TEMPLATE>) { if (/::CONFIG::/) { my $group = 0; - print AUGTEST " let conf = \""; + print " let conf = \""; while (<CONFIG>) { if (/^#\w/) { s/^#//; s/\"/\\\"/g; - print AUGTEST $_; + print $_; $group = /\[\s$/; } elsif ($group) { s/\"/\\\"/g; @@ -53,16 +46,15 @@ while (<TEMPLATE>) { } if (/^#/) { s/^#//; - print AUGTEST $_; + print $_; } } } - print AUGTEST "\"\n"; + print "\"\n"; } else { - print AUGTEST $_; + print $_; } } close TEMPLATE; close CONFIG; -close AUGTEST or die "cannot save $augtest: $!"; diff --git a/src/bhyve/Makefile.inc.am b/src/bhyve/Makefile.inc.am index 36af5d7504..6e8e6ad5d8 100644 --- a/src/bhyve/Makefile.inc.am +++ b/src/bhyve/Makefile.inc.am @@ -55,7 +55,7 @@ AUGEAS_DIRS += bhyve test_libvirtd_bhyve.aug: bhyve/test_libvirtd_bhyve.aug.in \ $(srcdir)/bhyve/bhyve.conf $(AUG_GENTEST) - $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/bhyve/bhyve.conf $< $@ + $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/bhyve/bhyve.conf $< > $@ check-augeas-bhyve: test_libvirtd_bhyve.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ diff --git a/src/libxl/Makefile.inc.am b/src/libxl/Makefile.inc.am index 7f60b449d8..abc65ede2c 100644 --- a/src/libxl/Makefile.inc.am +++ b/src/libxl/Makefile.inc.am @@ -74,7 +74,7 @@ AUGEAS_DIRS += libxl test_libvirtd_libxl.aug: libxl/test_libvirtd_libxl.aug.in \ $(srcdir)/libxl/libxl.conf $(AUG_GENTEST) - $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/libxl/libxl.conf $< $@ + $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/libxl/libxl.conf $< > $@ check-augeas-libxl: test_libvirtd_libxl.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ diff --git a/src/locking/Makefile.inc.am b/src/locking/Makefile.inc.am index 46ab11c2a9..c44f74a529 100644 --- a/src/locking/Makefile.inc.am +++ b/src/locking/Makefile.inc.am @@ -228,7 +228,7 @@ if WITH_SANLOCK if WITH_QEMU test_libvirt_sanlock.aug: locking/test_libvirt_sanlock.aug.in \ locking/qemu-sanlock.conf $(AUG_GENTEST) - $(AM_V_GEN)$(AUG_GENTEST) locking/qemu-sanlock.conf $< $@ + $(AM_V_GEN)$(AUG_GENTEST) locking/qemu-sanlock.conf $< > $@ check-augeas-sanlock: test_libvirt_sanlock.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ @@ -244,14 +244,14 @@ endif ! WITH_SANLOCK if WITH_QEMU test_libvirt_lockd.aug: locking/test_libvirt_lockd.aug.in \ locking/qemu-lockd.conf $(AUG_GENTEST) - $(AM_V_GEN)$(AUG_GENTEST) locking/qemu-lockd.conf $< $@ + $(AM_V_GEN)$(AUG_GENTEST) locking/qemu-lockd.conf $< > $@ else ! WITH_QEMU test_libvirt_lockd.aug: endif ! WITH_QEMU test_virtlockd.aug: locking/test_virtlockd.aug.in \ locking/virtlockd.conf $(AUG_GENTEST) - $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/locking/virtlockd.conf $< $@ + $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/locking/virtlockd.conf $< > $@ if WITH_QEMU check-augeas-lockd: test_libvirt_lockd.aug diff --git a/src/logging/Makefile.inc.am b/src/logging/Makefile.inc.am index d57394cbde..8527890eb0 100644 --- a/src/logging/Makefile.inc.am +++ b/src/logging/Makefile.inc.am @@ -101,7 +101,7 @@ augeastest_DATA += test_virtlogd.aug test_virtlogd.aug: logging/test_virtlogd.aug.in \ logging/virtlogd.conf $(AUG_GENTEST) - $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/logging/virtlogd.conf $< $@ + $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/logging/virtlogd.conf $< > $@ AUGEAS_DIRS += logging diff --git a/src/lxc/Makefile.inc.am b/src/lxc/Makefile.inc.am index f27827c1e9..1c0b715a2f 100644 --- a/src/lxc/Makefile.inc.am +++ b/src/lxc/Makefile.inc.am @@ -163,7 +163,7 @@ AUGEAS_DIRS += lxc test_libvirtd_lxc.aug: lxc/test_libvirtd_lxc.aug.in \ $(srcdir)/lxc/lxc.conf $(AUG_GENTEST) - $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/lxc/lxc.conf $< $@ + $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/lxc/lxc.conf $< > $@ check-augeas-lxc: test_libvirtd_lxc.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ diff --git a/src/qemu/Makefile.inc.am b/src/qemu/Makefile.inc.am index 254ba07dc0..e8c7d4b5b1 100644 --- a/src/qemu/Makefile.inc.am +++ b/src/qemu/Makefile.inc.am @@ -122,7 +122,7 @@ AUGEAS_DIRS += qemu test_libvirtd_qemu.aug: qemu/test_libvirtd_qemu.aug.in \ $(srcdir)/qemu/qemu.conf $(AUG_GENTEST) - $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/qemu/qemu.conf $< $@ + $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/qemu/qemu.conf $< > $@ check-augeas-qemu: test_libvirtd_qemu.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index 0cf00cb902..4f706f9743 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -190,7 +190,7 @@ AUGEAS_DIRS += remote test_libvirtd.aug: remote/test_libvirtd.aug.in \ remote/libvirtd.conf $(AUG_GENTEST) - $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/remote/libvirtd.conf $< $@ + $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/remote/libvirtd.conf $< > $@ check-augeas-remote: test_libvirtd.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ -- 2.21.0

The current make rules are inconsistent about which directory the augeas test files are created in. Put them all in the same dir as their source. Reviewed-by: Andrea Bolognani <abologna(a)redhat.com&gt; Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- .gitignore | 8 +++++--- src/bhyve/Makefile.inc.am | 8 ++++---- src/libxl/Makefile.inc.am | 8 ++++---- src/locking/Makefile.inc.am | 29 +++++++++++++---------------- src/logging/Makefile.inc.am | 8 ++++---- src/lxc/Makefile.inc.am | 8 ++++---- src/qemu/Makefile.inc.am | 8 ++++---- src/remote/Makefile.inc.am | 8 ++++---- 8 files changed, 42 insertions(+), 43 deletions(-) diff --git a/.gitignore b/.gitignore index 727bfdb6ec..d75b24c743 100644 --- a/.gitignore +++ b/.gitignore @@ -135,6 +135,7 @@ /src/libvirt_lxc /src/libvirtd /src/libvirtd*.logrotate +/src/libxl/test_libvirtd_libxl.aug /src/locking/libxl-lockd.conf /src/locking/libxl-sanlock.conf /src/locking/lock_daemon_dispatch_stubs.h @@ -142,8 +143,11 @@ /src/locking/qemu-lockd.conf /src/locking/qemu-sanlock.conf /src/locking/test_libvirt_sanlock.aug +/src/locking/test_libvirt_lockd.aug +/src/locking/test_virtlockd.aug /src/logging/log_daemon_dispatch_stubs.h /src/logging/log_protocol.[ch] +/src/logging/test_virtlogd.aug /src/lxc/lxc_controller_dispatch.h /src/lxc/lxc_monitor_dispatch.h /src/lxc/lxc_monitor_protocol.c @@ -154,11 +158,9 @@ /src/remote/*_client_bodies.h /src/remote/*_protocol.[ch] /src/remote/*_stubs.h +/src/remote/test_libvirtd.aug /src/rpc/virkeepaliveprotocol.[ch] /src/rpc/virnetprotocol.[ch] -/src/test_libvirt*.aug -/src/test_virtlockd.aug -/src/test_virtlogd.aug /src/util/virkeycodetable*.h /src/util/virkeynametable*.h /src/virt-aa-helper diff --git a/src/bhyve/Makefile.inc.am b/src/bhyve/Makefile.inc.am index 6e8e6ad5d8..0aef5e17c7 100644 --- a/src/bhyve/Makefile.inc.am +++ b/src/bhyve/Makefile.inc.am @@ -49,17 +49,17 @@ libvirt_driver_bhyve_impl_la_SOURCES = $(BHYVE_DRIVER_SOURCES) conf_DATA += bhyve/bhyve.conf augeas_DATA += bhyve/libvirtd_bhyve.aug -augeastest_DATA += test_libvirtd_bhyve.aug +augeastest_DATA += bhyve/test_libvirtd_bhyve.aug AUGEAS_DIRS += bhyve -test_libvirtd_bhyve.aug: bhyve/test_libvirtd_bhyve.aug.in \ +bhyve/test_libvirtd_bhyve.aug: bhyve/test_libvirtd_bhyve.aug.in \ $(srcdir)/bhyve/bhyve.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/bhyve/bhyve.conf $< > $@ -check-augeas-bhyve: test_libvirtd_bhyve.aug +check-augeas-bhyve: bhyve/test_libvirtd_bhyve.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/bhyve test_libvirtd_bhyve.aug; \ + '$(AUGPARSE)' -I $(srcdir)/bhyve bhyve/test_libvirtd_bhyve.aug; \ fi endif WITH_BHYVE diff --git a/src/libxl/Makefile.inc.am b/src/libxl/Makefile.inc.am index cfe136f07e..e73f34db8e 100644 --- a/src/libxl/Makefile.inc.am +++ b/src/libxl/Makefile.inc.am @@ -67,17 +67,17 @@ libvirt_driver_libxl_impl_la_SOURCES = $(LIBXL_DRIVER_SOURCES) conf_DATA += libxl/libxl.conf augeas_DATA += libxl/libvirtd_libxl.aug -augeastest_DATA += test_libvirtd_libxl.aug +augeastest_DATA += libxl/test_libvirtd_libxl.aug AUGEAS_DIRS += libxl -test_libvirtd_libxl.aug: libxl/test_libvirtd_libxl.aug.in \ +libxl/test_libvirtd_libxl.aug: libxl/test_libvirtd_libxl.aug.in \ $(srcdir)/libxl/libxl.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/libxl/libxl.conf $< > $@ -check-augeas-libxl: test_libvirtd_libxl.aug +check-augeas-libxl: libxl/test_libvirtd_libxl.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/libxl test_libvirtd_libxl.aug; \ + '$(AUGPARSE)' -I $(srcdir)/libxl libxl/test_libvirtd_libxl.aug; \ fi INSTALL_DATA_DIRS += libxl diff --git a/src/locking/Makefile.inc.am b/src/locking/Makefile.inc.am index 2c53cff190..0f284faf25 100644 --- a/src/locking/Makefile.inc.am +++ b/src/locking/Makefile.inc.am @@ -114,7 +114,7 @@ lockd_la_CFLAGS += \ endif WITH_SASL if WITH_QEMU -augeastest_DATA += test_libvirt_lockd.aug +augeastest_DATA += locking/test_libvirt_lockd.aug nodist_conf_DATA += locking/qemu-lockd.conf BUILT_SOURCES += locking/qemu-lockd.conf DISTCLEANFILES += locking/qemu-lockd.conf @@ -169,7 +169,7 @@ sanlock_la_LIBADD = -lsanlock_client libvirt.la ../gnulib/lib/libgnu.la augeas_DATA += locking/libvirt_sanlock.aug if WITH_QEMU -augeastest_DATA += test_libvirt_sanlock.aug +augeastest_DATA += locking/test_libvirt_sanlock.aug nodist_conf_DATA += locking/qemu-sanlock.conf BUILT_SOURCES += locking/qemu-sanlock.conf DISTCLEANFILES += locking/qemu-sanlock.conf @@ -201,8 +201,7 @@ man8_MANS += virtlockd.8 conf_DATA += locking/virtlockd.conf augeas_DATA += locking/virtlockd.aug -augeastest_DATA += test_virtlockd.aug - +augeastest_DATA += locking/test_virtlockd.aug INSTALL_DATA_DIRS += locking @@ -224,13 +223,13 @@ endif WITH_SANLOCK if WITH_SANLOCK if WITH_QEMU -test_libvirt_sanlock.aug: locking/test_libvirt_sanlock.aug.in \ +locking/test_libvirt_sanlock.aug: locking/test_libvirt_sanlock.aug.in \ locking/qemu-sanlock.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) locking/qemu-sanlock.conf $< > $@ -check-augeas-sanlock: test_libvirt_sanlock.aug +check-augeas-sanlock: locking/test_libvirt_sanlock.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/locking test_libvirt_sanlock.aug; \ + '$(AUGPARSE)' -I $(srcdir)/locking locking/test_libvirt_sanlock.aug; \ fi else ! WITH_QEMU check-augeas-sanlock: @@ -240,29 +239,27 @@ check-augeas-sanlock: endif ! WITH_SANLOCK if WITH_QEMU -test_libvirt_lockd.aug: locking/test_libvirt_lockd.aug.in \ +locking/test_libvirt_lockd.aug: locking/test_libvirt_lockd.aug.in \ locking/qemu-lockd.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) locking/qemu-lockd.conf $< > $@ -else ! WITH_QEMU -test_libvirt_lockd.aug: -endif ! WITH_QEMU +endif WITH_QEMU -test_virtlockd.aug: locking/test_virtlockd.aug.in \ +locking/test_virtlockd.aug: locking/test_virtlockd.aug.in \ locking/virtlockd.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/locking/virtlockd.conf $< > $@ if WITH_QEMU -check-augeas-lockd: test_libvirt_lockd.aug +check-augeas-lockd: locking/test_libvirt_lockd.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/locking test_libvirt_lockd.aug; \ + '$(AUGPARSE)' -I $(srcdir)/locking locking/test_libvirt_lockd.aug; \ fi else ! WITH_QEMU check-augeas-lockd: endif ! WITH_QEMU -check-augeas-virtlockd: test_virtlockd.aug +check-augeas-virtlockd: locking/test_virtlockd.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/locking test_virtlockd.aug; \ + '$(AUGPARSE)' -I $(srcdir)/locking locking/test_virtlockd.aug; \ fi AUGEAS_DIRS += locking diff --git a/src/logging/Makefile.inc.am b/src/logging/Makefile.inc.am index bf89c47b3b..58a139ec2f 100644 --- a/src/logging/Makefile.inc.am +++ b/src/logging/Makefile.inc.am @@ -95,17 +95,17 @@ endif WITH_SASL conf_DATA += logging/virtlogd.conf augeas_DATA += logging/virtlogd.aug -augeastest_DATA += test_virtlogd.aug +augeastest_DATA += logging/test_virtlogd.aug -test_virtlogd.aug: logging/test_virtlogd.aug.in \ +logging/test_virtlogd.aug: logging/test_virtlogd.aug.in \ logging/virtlogd.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/logging/virtlogd.conf $< > $@ AUGEAS_DIRS += logging -check-augeas-logging: test_virtlogd.aug +check-augeas-logging: logging/test_virtlogd.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/logging test_virtlogd.aug; \ + '$(AUGPARSE)' -I $(srcdir)/logging logging/test_virtlogd.aug; \ fi endif WITH_LIBVIRTD diff --git a/src/lxc/Makefile.inc.am b/src/lxc/Makefile.inc.am index df8d5db110..f011d90e95 100644 --- a/src/lxc/Makefile.inc.am +++ b/src/lxc/Makefile.inc.am @@ -156,17 +156,17 @@ endif conf_DATA += lxc/lxc.conf augeas_DATA += lxc/libvirtd_lxc.aug -augeastest_DATA += test_libvirtd_lxc.aug +augeastest_DATA += lxc/test_libvirtd_lxc.aug AUGEAS_DIRS += lxc -test_libvirtd_lxc.aug: lxc/test_libvirtd_lxc.aug.in \ +lxc/test_libvirtd_lxc.aug: lxc/test_libvirtd_lxc.aug.in \ $(srcdir)/lxc/lxc.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/lxc/lxc.conf $< > $@ -check-augeas-lxc: test_libvirtd_lxc.aug +check-augeas-lxc: lxc/test_libvirtd_lxc.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/lxc test_libvirtd_lxc.aug; \ + '$(AUGPARSE)' -I $(srcdir)/lxc lxc/test_libvirtd_lxc.aug; \ fi INSTALL_DATA_DIRS += lxc diff --git a/src/qemu/Makefile.inc.am b/src/qemu/Makefile.inc.am index 69aaeb46c2..750b8a5c85 100644 --- a/src/qemu/Makefile.inc.am +++ b/src/qemu/Makefile.inc.am @@ -115,17 +115,17 @@ endif WITH_DTRACE_PROBES conf_DATA += qemu/qemu.conf augeas_DATA += qemu/libvirtd_qemu.aug -augeastest_DATA += test_libvirtd_qemu.aug +augeastest_DATA += qemu/test_libvirtd_qemu.aug AUGEAS_DIRS += qemu -test_libvirtd_qemu.aug: qemu/test_libvirtd_qemu.aug.in \ +qemu/test_libvirtd_qemu.aug: qemu/test_libvirtd_qemu.aug.in \ $(srcdir)/qemu/qemu.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/qemu/qemu.conf $< > $@ -check-augeas-qemu: test_libvirtd_qemu.aug +check-augeas-qemu: qemu/test_libvirtd_qemu.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/qemu test_libvirtd_qemu.aug; \ + '$(AUGPARSE)' -I $(srcdir)/qemu qemu/test_libvirtd_qemu.aug; \ fi INSTALL_DATA_DIRS += qemu diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index 7d5c90cff1..18519b129d 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -126,7 +126,7 @@ sbin_PROGRAMS += libvirtd augeas_DATA += remote/libvirtd.aug -augeastest_DATA += test_libvirtd.aug +augeastest_DATA += remote/test_libvirtd.aug conf_DATA += remote/libvirtd.conf @@ -186,13 +186,13 @@ uninstall-data-remote: AUGEAS_DIRS += remote -test_libvirtd.aug: remote/test_libvirtd.aug.in \ +remote/test_libvirtd.aug: remote/test_libvirtd.aug.in \ remote/libvirtd.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/remote/libvirtd.conf $< > $@ -check-augeas-remote: test_libvirtd.aug +check-augeas-remote: remote/test_libvirtd.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/remote test_libvirtd.aug; \ + '$(AUGPARSE)' -I $(srcdir)/remote remote/test_libvirtd.aug; \ fi if WITH_SYSCTL -- 2.21.0

On Mon, 2019-07-29 at 18:10 +0100, Daniel P. Berrangé wrote: AUG_TEST_NAMES is no longer necessary. Why didn't you do for the alternative version, the one in https://www.redhat.com/archives/libvir-list/2019-July/msg01609.html which prints the name of each file as they are processed? With either version of the check-augeas rule, and with AUG_TEST_NAMES gone, Reviewed-by: Andrea Bolognani <abologna(a)redhat.com&gt; -- Andrea Bolognani / Red Hat / Virtualization

Instead of adding generated config files to CLEANFILES and BUILT_SOURCES in each makefile, add them all at once. Reviewed-by: Andrea Bolognani <abologna(a)redhat.com&gt; Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- src/Makefile.am | 3 +++ src/locking/Makefile.inc.am | 8 -------- 2 files changed, 3 insertions(+), 8 deletions(-) diff --git a/src/Makefile.am b/src/Makefile.am index 6bb33524cf..255e8e2b57 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -144,6 +144,9 @@ moddir = $(libdir)/libvirt/connection-driver confdir = $(sysconfdir)/libvirt conf_DATA += libvirt.conf libvirt-admin.conf +CLEANFILES += $(nodist_conf_DATA) +BUILT_SOURCES += $(nodist_conf_DATA) + augeasdir = $(datadir)/augeas/lenses augeastestdir = $(datadir)/augeas/lenses/tests diff --git a/src/locking/Makefile.inc.am b/src/locking/Makefile.inc.am index 24d83fdd80..161410051c 100644 --- a/src/locking/Makefile.inc.am +++ b/src/locking/Makefile.inc.am @@ -116,14 +116,10 @@ endif WITH_SASL if WITH_QEMU augeastest_DATA += locking/test_libvirt_lockd.aug nodist_conf_DATA += locking/qemu-lockd.conf -BUILT_SOURCES += locking/qemu-lockd.conf -DISTCLEANFILES += locking/qemu-lockd.conf endif WITH_QEMU if WITH_LIBXL nodist_conf_DATA += locking/libxl-lockd.conf -BUILT_SOURCES += locking/libxl-lockd.conf -DISTCLEANFILES += locking/libxl-lockd.conf endif WITH_LIBXL sbin_PROGRAMS += virtlockd @@ -171,14 +167,10 @@ augeas_DATA += locking/libvirt_sanlock.aug if WITH_QEMU augeastest_DATA += locking/test_libvirt_sanlock.aug nodist_conf_DATA += locking/qemu-sanlock.conf -BUILT_SOURCES += locking/qemu-sanlock.conf -DISTCLEANFILES += locking/qemu-sanlock.conf endif WITH_QEMU if WITH_LIBXL nodist_conf_DATA += locking/libxl-sanlock.conf -BUILT_SOURCES += locking/libxl-sanlock.conf -DISTCLEANFILES += locking/libxl-sanlock.conf endif WITH_LIBXL libexec_PROGRAMS += libvirt_sanlock_helper -- 2.21.0

Daniel P. Berrangé writes: Why use N_ both here and in the printout code (copied below)? fprintf(stderr, " %-22s %s\n", opthelp[i].opts, N_(opthelp[i].help)); When is the message translated? Here, despite your argument regarding formatting, I believe that translators should have a larger context. Also, as the gettext documentation points out, ":" needs a space before in French, so it should be placed within the part to translate. fprintf(stderr, _("Usage:\n %s [options]\n\n"), argv0); Same, for localization of whitespace around : it would be better to have fprintf(stderr, _("Options:\n")); This applies to all cases where you have %s: below. Based on comment above, replace N_ with _ ? Add a N_ ? Add N_ ? Add N_? Reviewed-by: Christophe de Dinechin <dinechin(a)redhat.com&gt; -- Cheers, Christophe de Dinechin (IRC c3d)

https://www.gnu.org/software/gettext/manual/gettext.html See end of section 4.4, specifically: For example, ‘"%s"’ is an example of string not requiring translation. But ‘"%s: %d"’ does require translation, because in French, unlike in English, it’s customary to put a space before a colon.

Well, I’ve always been confused with what “N_” meant exactly, but to me it was a tell to translator “don’t try translating this one”. If there is nothing, the translator might waste time looking at it. Maybe I got that backwards, though. Can’t say the doc is super clear.

Prepare for reusing libvirtd source to create other daemons by making the socket names conditionally defined by the make rules. Reviewed-by: Andrea Bolognani <abologna(a)redhat.com&gt; Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- src/remote/Makefile.inc.am | 1 + src/remote/remote_daemon.c | 34 +++++++++++++++++++++------------- 2 files changed, 22 insertions(+), 13 deletions(-) diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index 0400dabad9..ced940d3c1 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -146,6 +146,7 @@ libvirtd_CFLAGS = \ -I$(srcdir)/access \ -I$(srcdir)/conf \ -I$(srcdir)/rpc \ + -DSOCK_PREFIX="\"libvirt\"" \ $(NULL) libvirtd_LDFLAGS = \ diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c index 69385af1c4..f9d923b357 100644 --- a/src/remote/remote_daemon.c +++ b/src/remote/remote_daemon.c @@ -221,19 +221,25 @@ daemonUnixSocketPaths(struct daemonConfig *config, char *rundir = NULL; if (config->unix_sock_dir) { - if (virAsprintf(sockfile, "%s/libvirt-sock", config->unix_sock_dir) < 0) + if (virAsprintf(sockfile, "%s/%s-sock", + SOCK_PREFIX, config->unix_sock_dir) < 0) goto cleanup; if (privileged) { - if (virAsprintf(rosockfile, "%s/libvirt-sock-ro", config->unix_sock_dir) < 0 || - virAsprintf(admsockfile, "%s/libvirt-admin-sock", config->unix_sock_dir) < 0) + if (virAsprintf(rosockfile, "%s/%s-sock-ro", + SOCK_PREFIX, config->unix_sock_dir) < 0 || + virAsprintf(admsockfile, "%s/%s-admin-sock", + SOCK_PREFIX, config->unix_sock_dir) < 0) goto cleanup; } } else { if (privileged) { - if (VIR_STRDUP(*sockfile, LOCALSTATEDIR "/run/libvirt/libvirt-sock") < 0 || - VIR_STRDUP(*rosockfile, LOCALSTATEDIR "/run/libvirt/libvirt-sock-ro") < 0 || - VIR_STRDUP(*admsockfile, LOCALSTATEDIR "/run/libvirt/libvirt-admin-sock") < 0) + if (virAsprintf(sockfile, "%s/run/libvirt/%s-sock", + LOCALSTATEDIR, SOCK_PREFIX) < 0 || + virAsprintf(sockfile, "%s/run/libvirt/%s-sock-ro", + LOCALSTATEDIR, SOCK_PREFIX) < 0 || + virAsprintf(sockfile, "%s/run/libvirt/%s-admin-sock", + LOCALSTATEDIR, SOCK_PREFIX) < 0) goto cleanup; } else { mode_t old_umask; @@ -248,8 +254,10 @@ daemonUnixSocketPaths(struct daemonConfig *config, } umask(old_umask); - if (virAsprintf(sockfile, "%s/libvirt-sock", rundir) < 0 || - virAsprintf(admsockfile, "%s/libvirt-admin-sock", rundir) < 0) + if (virAsprintf(sockfile, "%s/%s-sock", + rundir, SOCK_PREFIX) < 0 || + virAsprintf(admsockfile, "%s/%s-admin-sock", + rundir, SOCK_PREFIX) < 0) goto cleanup; } } @@ -902,12 +910,12 @@ daemonUsage(const char *argv0, bool privileged) fprintf(stderr, "\n"); fprintf(stderr, " %s:\n", _("Sockets")); - fprintf(stderr, " %s\n", - privileged ? LOCALSTATEDIR "/run/libvirt/libvirt-sock" : - "$XDG_RUNTIME_DIR/libvirt/libvirt-sock"); + fprintf(stderr, " %s/libvirt/%s-sock\n", + privileged ? LOCALSTATEDIR "/run" : "$XDG_RUNTIME_DIR", + SOCK_PREFIX); if (privileged) - fprintf(stderr, " %s\n", - LOCALSTATEDIR "/run/libvirt/libvirt-sock-ro"); + fprintf(stderr, " %s/run/libvirt/%s-sock-ro\n", + LOCALSTATEDIR, SOCK_PREFIX); fprintf(stderr, "\n"); fprintf(stderr, " %s:\n", _("TLS")); -- 2.21.0

Daniel P. Berrangé writes: Copy-paste error on the variable name (use rosockfile and admsockfile) -- Cheers, Christophe de Dinechin (IRC c3d)

On Tue, 2019-07-30 at 12:24 +0200, Christophe de Dinechin wrote: Good catch, this definitely needs to be fixed before pushing. We can do this in a follow-up patch, especially since the issue is very much pre-exisisting. With the pastos fixed, Reviewed-by: Andrea Bolognani <abologna(a)redhat.com&gt; [...] Both of these come from the previous patch. -- Andrea Bolognani / Red Hat / Virtualization

P. Berrangé writes: Maybe cleanup configfile on the error path? Not presently a bug, but might become a leak if additional error exits are added later. Reviewed-by: Christophe de Dinechin <dinechin(a)redhat.com&gt; -- Cheers, Christophe de Dinechin (IRC c3d)

Do you want to use the "xen" name here too? Daniel P. Berrangé writes: Reviewed-by: Christophe de Dinechin <dinechin(a)redhat.com&gt; -- Cheers, Christophe de Dinechin (IRC c3d)

Prepare for reusing libvirtd source to create other daemons by making the use of IP sockets conditionally defined by the make rules. The main libvirtd daemon will retain IP listen ability, but all the driver specific daemons will be local UNIX sockets only. Apps needing IP connectivity will connect via the libvirtd daemon which will proxy to the driver specfic daemon. Reviewed-by: Andrea Bolognani <abologna(a)redhat.com&gt; Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- src/remote/Makefile.inc.am | 1 + src/remote/remote_daemon.c | 39 ++++++++++++++++++++++++++----- src/remote/remote_daemon_config.c | 36 ++++++++++++++++++++-------- src/remote/remote_daemon_config.h | 10 +++++++- 4 files changed, 69 insertions(+), 17 deletions(-) diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index b72186109a..2277bf49d2 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -148,6 +148,7 @@ libvirtd_CFLAGS = \ -I$(srcdir)/rpc \ -DSOCK_PREFIX="\"libvirt\"" \ -DDAEMON_NAME="\"libvirtd\"" \ + -DENABLE_IP \ $(NULL) libvirtd_LDFLAGS = \ diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c index 97621884b0..fadfc7c016 100644 --- a/src/remote/remote_daemon.c +++ b/src/remote/remote_daemon.c @@ -381,11 +381,13 @@ static int ATTRIBUTE_NONNULL(3) daemonSetupNetworking(virNetServerPtr srv, virNetServerPtr srvAdm, struct daemonConfig *config, +#ifdef ENABLE_IP + bool ipsock, + bool privileged, +#endif /* ! ENABLE_IP */ const char *sock_path, const char *sock_path_ro, - const char *sock_path_adm, - bool ipsock, - bool privileged) + const char *sock_path_adm) { gid_t unix_sock_gid = 0; int unix_sock_ro_mask = 0; @@ -397,15 +399,19 @@ daemonSetupNetworking(virNetServerPtr srv, { .name = DAEMON_NAME ".socket", .family = AF_UNIX, .path = sock_path }, { .name = DAEMON_NAME "-ro.socket", .family = AF_UNIX, .path = sock_path_ro }, { .name = DAEMON_NAME "-admin.socket", .family = AF_UNIX, .path = sock_path_adm }, +#ifdef ENABLE_IP { .name = DAEMON_NAME "-tcp.socket", .family = AF_INET }, { .name = DAEMON_NAME "-tls.socket", .family = AF_INET }, +#endif /* ! ENABLE_IP */ }; +#ifdef ENABLE_IP if ((actmap[3].port = virSocketAddrResolveService(config->tcp_port)) < 0) return -1; if ((actmap[4].port = virSocketAddrResolveService(config->tls_port)) < 0) return -1; +#endif /* ! ENABLE_IP */ if (virSystemdGetActivation(actmap, ARRAY_CARDINALITY(actmap), &act) < 0) return -1; @@ -470,6 +476,7 @@ daemonSetupNetworking(virNetServerPtr srv, config->admin_max_client_requests) < 0) goto cleanup; +#ifdef ENABLE_IP if (((ipsock && config->listen_tcp) || act) && virNetServerAddServiceTCP(srv, act, @@ -544,6 +551,7 @@ daemonSetupNetworking(virNetServerPtr srv, } virObjectUnref(ctxt); } +#endif /* ! ENABLE_IP */ if (act && virSystemdActivationComplete(act) < 0) @@ -892,7 +900,9 @@ daemonUsage(const char *argv0, bool privileged) { "-h | --help", N_("Display program help") }, { "-v | --verbose", N_("Verbose messages") }, { "-d | --daemon", N_("Run as a daemon & write PID file") }, +#ifdef ENABLE_IP { "-l | --listen", N_("Listen for TCP/IP connections") }, +#endif /* ENABLE_IP */ { "-t | --timeout <secs>", N_("Exit after timeout period") }, { "-f | --config <file>", N_("Configuration file") }, { "-V | --version", N_("Display version information") }, @@ -929,6 +939,7 @@ daemonUsage(const char *argv0, bool privileged) LOCALSTATEDIR, SOCK_PREFIX); fprintf(stderr, "\n"); +#ifdef ENABLE_IP fprintf(stderr, " %s:\n", _("TLS")); fprintf(stderr, " %s: %s\n", _("CA certificate"), @@ -940,6 +951,7 @@ daemonUsage(const char *argv0, bool privileged) _("Server private key"), privileged ? LIBVIRT_SERVERKEY : "$HOME/.pki/libvirt/serverkey.pem"); fprintf(stderr, "\n"); +#endif /* ENABLE_IP */ fprintf(stderr, " %s:\n", _("PID file (unless overridden by -p)")); @@ -966,7 +978,9 @@ int main(int argc, char **argv) { int timeout = -1; /* -t: Shutdown timeout */ int verbose = 0; int godaemon = 0; +#ifdef ENABLE_IP int ipsock = 0; +#endif /* ! ENABLE_IP */ struct daemonConfig *config; bool privileged = geteuid() == 0 ? true : false; bool implicit_conf = false; @@ -976,7 +990,9 @@ int main(int argc, char **argv) { struct option opts[] = { { "verbose", no_argument, &verbose, 'v'}, { "daemon", no_argument, &godaemon, 'd'}, +#ifdef ENABLE_IP { "listen", no_argument, &ipsock, 'l'}, +#endif /* ! ENABLE_IP */ { "config", required_argument, NULL, 'f'}, { "timeout", required_argument, NULL, 't'}, { "pid-file", required_argument, NULL, 'p'}, @@ -999,8 +1015,13 @@ int main(int argc, char **argv) { int optidx = 0; int c; char *tmp; +#ifdef ENABLE_IP + const char *optstr = "ldf:p:t:vVh"; +#else /* ! ENABLE_IP */ + const char *optstr = "df:p:t:vVh"; +#endif /* ! ENABLE_IP */ - c = getopt_long(argc, argv, "ldf:p:t:vVh", opts, &optidx); + c = getopt_long(argc, argv, optstr, opts, &optidx); if (c == -1) break; @@ -1015,9 +1036,12 @@ int main(int argc, char **argv) { case 'd': godaemon = 1; break; + +#ifdef ENABLE_IP case 'l': ipsock = 1; break; +#endif /* ! ENABLE_IP */ case 't': if (virStrToLong_i(optarg, &tmp, 10, &timeout) != 0 @@ -1331,10 +1355,13 @@ int main(int argc, char **argv) { if (daemonSetupNetworking(srv, srvAdm, config, +#ifdef ENABLE_IP + ipsock, + privileged, +#endif /* !ENABLE_IP */ sock_file, sock_file_ro, - sock_file_adm, - ipsock, privileged) < 0) { + sock_file_adm) < 0) { ret = VIR_DAEMON_ERR_NETWORK; goto cleanup; } diff --git a/src/remote/remote_daemon_config.c b/src/remote/remote_daemon_config.c index 3e62b4203f..3c5ccd5ba8 100644 --- a/src/remote/remote_daemon_config.c +++ b/src/remote/remote_daemon_config.c @@ -107,12 +107,14 @@ daemonConfigNew(bool privileged ATTRIBUTE_UNUSED) if (VIR_ALLOC(data) < 0) return NULL; +#ifdef ENABLE_IP data->listen_tls = 1; data->listen_tcp = 0; if (VIR_STRDUP(data->tls_port, LIBVIRTD_TLS_PORT) < 0 || VIR_STRDUP(data->tcp_port, LIBVIRTD_TCP_PORT) < 0) goto error; +#endif /* !ENABLE_IP */ /* Only default to PolicyKit if running as root */ #if WITH_POLKIT @@ -133,12 +135,14 @@ daemonConfigNew(bool privileged ATTRIBUTE_UNUSED) VIR_STRDUP(data->unix_sock_admin_perms, "0700") < 0) goto error; -#if WITH_SASL +#ifdef ENABLE_IP +# if WITH_SASL data->auth_tcp = REMOTE_AUTH_SASL; -#else +# else data->auth_tcp = REMOTE_AUTH_NONE; -#endif +# endif data->auth_tls = REMOTE_AUTH_NONE; +#endif /* ! ENABLE_IP */ data->min_workers = 5; data->max_workers = 20; @@ -182,9 +186,12 @@ daemonConfigFree(struct daemonConfig *data) if (!data) return; +#ifdef ENABLE_IP VIR_FREE(data->listen_addr); VIR_FREE(data->tls_port); VIR_FREE(data->tcp_port); +#endif /* ! ENABLE_IP */ + tmp = data->access_drivers; while (tmp && *tmp) { VIR_FREE(*tmp); @@ -198,25 +205,28 @@ daemonConfigFree(struct daemonConfig *data) VIR_FREE(data->unix_sock_group); VIR_FREE(data->unix_sock_dir); - tmp = data->tls_allowed_dn_list; + tmp = data->sasl_allowed_username_list; while (tmp && *tmp) { VIR_FREE(*tmp); tmp++; } - VIR_FREE(data->tls_allowed_dn_list); + VIR_FREE(data->sasl_allowed_username_list); - tmp = data->sasl_allowed_username_list; +#ifdef ENABLE_IP + tmp = data->tls_allowed_dn_list; while (tmp && *tmp) { VIR_FREE(*tmp); tmp++; } - VIR_FREE(data->sasl_allowed_username_list); + VIR_FREE(data->tls_allowed_dn_list); + VIR_FREE(data->tls_priority); VIR_FREE(data->key_file); VIR_FREE(data->ca_file); VIR_FREE(data->cert_file); VIR_FREE(data->crl_file); +#endif /* ! ENABLE_IP */ VIR_FREE(data->host_uuid); VIR_FREE(data->host_uuid_source); @@ -231,6 +241,7 @@ daemonConfigLoadOptions(struct daemonConfig *data, const char *filename, virConfPtr conf) { +#ifdef ENABLE_IP if (virConfGetValueBool(conf, "listen_tcp", &data->listen_tcp) < 0) goto error; if (virConfGetValueBool(conf, "listen_tls", &data->listen_tls) < 0) @@ -241,6 +252,7 @@ daemonConfigLoadOptions(struct daemonConfig *data, goto error; if (virConfGetValueString(conf, "listen_addr", &data->listen_addr) < 0) goto error; +#endif /* !ENABLE_IP */ if (remoteConfigGetAuth(conf, filename, "auth_unix_rw", &data->auth_unix_rw) < 0) goto error; @@ -256,10 +268,13 @@ daemonConfigLoadOptions(struct daemonConfig *data, #endif if (remoteConfigGetAuth(conf, filename, "auth_unix_ro", &data->auth_unix_ro) < 0) goto error; + +#ifdef ENABLE_IP if (remoteConfigGetAuth(conf, filename, "auth_tcp", &data->auth_tcp) < 0) goto error; if (remoteConfigGetAuth(conf, filename, "auth_tls", &data->auth_tls) < 0) goto error; +#endif /* ! ENABLE_IP */ if (virConfGetValueStringList(conf, "access_drivers", false, &data->access_drivers) < 0) @@ -277,6 +292,7 @@ daemonConfigLoadOptions(struct daemonConfig *data, if (virConfGetValueString(conf, "unix_sock_dir", &data->unix_sock_dir) < 0) goto error; +#ifdef ENABLE_IP if (virConfGetValueBool(conf, "tls_no_sanity_certificate", &data->tls_no_sanity_certificate) < 0) goto error; if (virConfGetValueBool(conf, "tls_no_verify_certificate", &data->tls_no_verify_certificate) < 0) @@ -295,14 +311,14 @@ daemonConfigLoadOptions(struct daemonConfig *data, &data->tls_allowed_dn_list) < 0) goto error; + if (virConfGetValueString(conf, "tls_priority", &data->tls_priority) < 0) + goto error; +#endif /* ! ENABLE_IP */ if (virConfGetValueStringList(conf, "sasl_allowed_username_list", false, &data->sasl_allowed_username_list) < 0) goto error; - if (virConfGetValueString(conf, "tls_priority", &data->tls_priority) < 0) - goto error; - if (virConfGetValueUInt(conf, "min_workers", &data->min_workers) < 0) goto error; if (virConfGetValueUInt(conf, "max_workers", &data->max_workers) < 0) diff --git a/src/remote/remote_daemon_config.h b/src/remote/remote_daemon_config.h index d580e7d49c..5a54abed85 100644 --- a/src/remote/remote_daemon_config.h +++ b/src/remote/remote_daemon_config.h @@ -27,11 +27,13 @@ struct daemonConfig { char *host_uuid; char *host_uuid_source; +#ifdef ENABLE_IP bool listen_tls; bool listen_tcp; char *listen_addr; char *tls_port; char *tcp_port; +#endif /* ! ENABLE_IP */ char *unix_sock_admin_perms; char *unix_sock_ro_perms; @@ -41,21 +43,27 @@ struct daemonConfig { int auth_unix_rw; int auth_unix_ro; + +#ifdef ENABLE_IP int auth_tcp; int auth_tls; +#endif /* ! ENABLE_IP */ char **access_drivers; +#ifdef ENABLE_IP bool tls_no_verify_certificate; bool tls_no_sanity_certificate; char **tls_allowed_dn_list; - char **sasl_allowed_username_list; char *tls_priority; char *key_file; char *cert_file; char *ca_file; char *crl_file; +#endif /* ! ENABLE_IP */ + + char **sasl_allowed_username_list; unsigned int min_workers; unsigned int max_workers; -- 2.21.0

On Tue, Jul 30, 2019 at 12:46:31PM +0200, Christophe de Dinechin wrote: Perhaps. I'll see how much hell that creates with merge conflicts in the later part of the series. I moved them here, because if you have #ifdef conditional around the last parameter in the function, the formatting gets messy wrt to the closing ')', and need to trim the trailing ',' on the previous parameter. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Indeed. “Absolute nit” :-)

Using @VARNAME@ is a normal style of automake, so lets match that. Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- build-aux/augeas-gentest.pl | 2 +- src/bhyve/test_libvirtd_bhyve.aug.in | 2 +- src/libxl/test_libvirtd_libxl.aug.in | 2 +- src/locking/test_libvirt_lockd.aug.in | 2 +- src/locking/test_libvirt_sanlock.aug.in | 2 +- src/locking/test_virtlockd.aug.in | 2 +- src/logging/test_virtlogd.aug.in | 2 +- src/lxc/test_libvirtd_lxc.aug.in | 2 +- src/qemu/test_libvirtd_qemu.aug.in | 2 +- src/remote/test_libvirtd.aug.in | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/build-aux/augeas-gentest.pl b/build-aux/augeas-gentest.pl index faf2fd593e..65834b533b 100755 --- a/build-aux/augeas-gentest.pl +++ b/build-aux/augeas-gentest.pl @@ -30,7 +30,7 @@ open TEMPLATE, "<", $template or die "cannot read $template: $!"; my $group = 0; while (<TEMPLATE>) { - if (/::CONFIG::/) { + if (/\@CONFIG\@/) { my $group = 0; print " let conf = \""; while (<CONFIG>) { diff --git a/src/bhyve/test_libvirtd_bhyve.aug.in b/src/bhyve/test_libvirtd_bhyve.aug.in index f28e58614d..ec932b4b11 100644 --- a/src/bhyve/test_libvirtd_bhyve.aug.in +++ b/src/bhyve/test_libvirtd_bhyve.aug.in @@ -1,5 +1,5 @@ module Test_libvirtd_bhyve = - ::CONFIG:: + @CONFIG@ test Libvirtd_bhyve.lns get conf = { "firmware_dir" = "/usr/local/share/uefi-firmware" } diff --git a/src/libxl/test_libvirtd_libxl.aug.in b/src/libxl/test_libvirtd_libxl.aug.in index 372a43f94a..ac37de67eb 100644 --- a/src/libxl/test_libvirtd_libxl.aug.in +++ b/src/libxl/test_libvirtd_libxl.aug.in @@ -1,5 +1,5 @@ module Test_libvirtd_libxl = - ::CONFIG:: + @CONFIG@ test Libvirtd_libxl.lns get conf = { "autoballoon" = "1" } diff --git a/src/locking/test_libvirt_lockd.aug.in b/src/locking/test_libvirt_lockd.aug.in index 52b37541cb..0f3b57eb34 100644 --- a/src/locking/test_libvirt_lockd.aug.in +++ b/src/locking/test_libvirt_lockd.aug.in @@ -1,5 +1,5 @@ module Test_libvirt_lockd = - ::CONFIG:: + @CONFIG@ test Libvirt_lockd.lns get conf = { "auto_disk_leases" = "0" } diff --git a/src/locking/test_libvirt_sanlock.aug.in b/src/locking/test_libvirt_sanlock.aug.in index 7f66f8192b..5eabb6726d 100644 --- a/src/locking/test_libvirt_sanlock.aug.in +++ b/src/locking/test_libvirt_sanlock.aug.in @@ -1,5 +1,5 @@ module Test_libvirt_sanlock = - ::CONFIG:: + @CONFIG@ test Libvirt_sanlock.lns get conf = { "auto_disk_leases" = "1" } diff --git a/src/locking/test_virtlockd.aug.in b/src/locking/test_virtlockd.aug.in index f2f6979ef5..fad0c418b9 100644 --- a/src/locking/test_virtlockd.aug.in +++ b/src/locking/test_virtlockd.aug.in @@ -1,5 +1,5 @@ module Test_virtlockd = - ::CONFIG:: + @CONFIG@ test Virtlockd.lns get conf = { "log_level" = "3" } diff --git a/src/logging/test_virtlogd.aug.in b/src/logging/test_virtlogd.aug.in index a29e7e3730..cd5b0d91f8 100644 --- a/src/logging/test_virtlogd.aug.in +++ b/src/logging/test_virtlogd.aug.in @@ -1,5 +1,5 @@ module Test_virtlogd = - ::CONFIG:: + @CONFIG@ test Virtlogd.lns get conf = { "log_level" = "3" } diff --git a/src/lxc/test_libvirtd_lxc.aug.in b/src/lxc/test_libvirtd_lxc.aug.in index 3eb25aa292..68db2e1c86 100644 --- a/src/lxc/test_libvirtd_lxc.aug.in +++ b/src/lxc/test_libvirtd_lxc.aug.in @@ -1,5 +1,5 @@ module Test_libvirtd_lxc = - ::CONFIG:: + @CONFIG@ test Libvirtd_lxc.lns get conf = { "log_with_libvirtd" = "1" } diff --git a/src/qemu/test_libvirtd_qemu.aug.in b/src/qemu/test_libvirtd_qemu.aug.in index b3b44d42d9..9f81759cb5 100644 --- a/src/qemu/test_libvirtd_qemu.aug.in +++ b/src/qemu/test_libvirtd_qemu.aug.in @@ -1,5 +1,5 @@ module Test_libvirtd_qemu = - ::CONFIG:: + @CONFIG@ test Libvirtd_qemu.lns get conf = { "default_tls_x509_cert_dir" = "/etc/pki/qemu" } diff --git a/src/remote/test_libvirtd.aug.in b/src/remote/test_libvirtd.aug.in index ad6450a569..6c51b7b9e7 100644 --- a/src/remote/test_libvirtd.aug.in +++ b/src/remote/test_libvirtd.aug.in @@ -1,5 +1,5 @@ module Test_libvirtd = - ::CONFIG:: + @CONFIG@ test Libvirtd.lns get conf = { "listen_tls" = "0" } -- 2.21.0

Prepare for reusing libvirtd config to create other daemons by making the config parameters for IP sockets conditionally defined by the make rules. The main libvirtd daemon will retain IP listen ability, but all the driver specific daemons will be local UNIX sockets only. Apps needing IP connectivity will connect via the libvirtd daemon which will proxy to the driver specfic daemon. Reviewed-by: Andrea Bolognani <abologna(a)redhat.com&gt; Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- .gitignore | 1 + src/remote/Makefile.inc.am | 16 +++++-- .../{libvirtd.conf => libvirtd.conf.in} | 42 +++++++++++-------- src/remote/test_libvirtd.aug.in | 2 +- 4 files changed, 40 insertions(+), 21 deletions(-) rename src/remote/{libvirtd.conf => libvirtd.conf.in} (95%) diff --git a/.gitignore b/.gitignore index d75b24c743..a09f45af50 100644 --- a/.gitignore +++ b/.gitignore @@ -158,6 +158,7 @@ /src/remote/*_client_bodies.h /src/remote/*_protocol.[ch] /src/remote/*_stubs.h +/src/remote/libvirtd.conf /src/remote/test_libvirtd.aug /src/rpc/virkeepaliveprotocol.[ch] /src/rpc/virnetprotocol.[ch] diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index 2277bf49d2..93a7a6c14e 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -76,7 +76,7 @@ EXTRA_DIST += \ $(LIBVIRTD_SOURCES) \ remote/test_libvirtd.aug.in \ remote/libvirtd.aug \ - remote/libvirtd.conf \ + remote/libvirtd.conf.in \ remote/libvirtd.policy \ remote/libvirtd.rules \ remote/libvirtd.sasl \ @@ -93,6 +93,9 @@ MAINTAINERCLEANFILES += \ $(REMOTE_DRIVER_GENERATED) \ $(LIBVIRTD_GENERATED) \ $(NULL) +CLEANFILES += \ + remote/libvirtd.conf \ + $(NULL) if WITH_REMOTE noinst_LTLIBRARIES += libvirt_driver_remote.la @@ -128,7 +131,7 @@ augeas_DATA += remote/libvirtd.aug augeastest_DATA += remote/test_libvirtd.aug -conf_DATA += remote/libvirtd.conf +nodist_conf_DATA += remote/libvirtd.conf man8_MANS += libvirtd.8 @@ -179,6 +182,13 @@ libvirtd_LDADD += \ $(LIBSOCKET) \ $(NULL) +remote/libvirtd.conf: remote/libvirtd.conf.in + $(AM_V_GEN)$(SED) \ + -e '/[@]CUT_ENABLE_IP[@]/d' \ + -e '/[@]END[@]/d' \ + -e 's|[@]DAEMON_NAME[@]|libvirtd|' \ + < $< > $@ + INSTALL_DATA_DIRS += remote install-data-remote: @@ -189,7 +199,7 @@ uninstall-data-remote: remote/test_libvirtd.aug: remote/test_libvirtd.aug.in \ remote/libvirtd.conf $(AUG_GENTEST) - $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/remote/libvirtd.conf $< > $@ + $(AM_V_GEN)$(AUG_GENTEST) remote/libvirtd.conf $< > $@ if WITH_SYSCTL # Use $(prefix)/lib rather than $(libdir), since man sysctl.d insists on diff --git a/src/remote/libvirtd.conf b/src/remote/libvirtd.conf.in similarity index 95% rename from src/remote/libvirtd.conf rename to src/remote/libvirtd.conf.in index b63b8d61b7..e351a8c190 100644 --- a/src/remote/libvirtd.conf +++ b/src/remote/libvirtd.conf.in @@ -1,13 +1,14 @@ # Master libvirt daemon configuration file # +@CUT_ENABLE_IP@ ################################################################# # # Network connectivity controls # # Flag listening for secure TLS connections on the public TCP/IP port. -# NB, must pass the --listen flag to the libvirtd process for this to +# NB, must pass the --listen flag to the @DAEMON_NAME@ process for this to # have any effect. # # This setting is not required or honoured if using systemd socket @@ -20,7 +21,7 @@ #listen_tls = 0 # Listen for unencrypted TCP connections on the public TCP/IP port. -# NB, must pass the --listen flag to the libvirtd process for this to +# NB, must pass the --listen flag to the @DAEMON_NAME@ process for this to # have any effect. # # This setting is not required or honoured if using systemd socket @@ -58,13 +59,14 @@ # This setting is not required or honoured if using systemd socket # activation. # -# If the libvirtd service is started in parallel with network +# If the @DAEMON_NAME@ service is started in parallel with network # startup (e.g. with systemd), binding to addresses other than # the wildcards (0.0.0.0/::) might not be available yet. # #listen_addr = "192.168.0.1" +@END@ ################################################################# # # UNIX socket access controls @@ -157,6 +159,7 @@ # If the unix_sock_rw_perms are changed you may wish to enable # an authentication mechanism here #auth_unix_rw = "none" +@CUT_ENABLE_IP@ # Change the authentication scheme for TCP sockets. # @@ -174,6 +177,7 @@ # It is possible to make use of any SASL authentication # mechanism as well, by using 'sasl' for this option #auth_tls = "none" +@END@ # Change the API access control scheme @@ -182,10 +186,11 @@ # to all APIs. Access drivers can place restrictions # on this. By default the 'nop' driver is enabled, # meaning no access control checks are done once a -# client has authenticated with libvirtd +# client has authenticated with @DAEMON_NAME@ # #access_drivers = [ "polkit" ] +@CUT_ENABLE_IP@ ################################################################# # # TLS x509 certificate configuration @@ -225,15 +230,17 @@ +@END@ ################################################################# # # Authorization controls # +@CUT_ENABLE_IP@ # Flag to disable verification of our own server certificates # -# When libvirtd starts it performs some sanity checks against +# When @DAEMON_NAME@ starts it performs some sanity checks against # its own certificates. # # Default is to always run sanity checks. Uncommenting this @@ -265,6 +272,15 @@ #tls_allowed_dn_list = ["DN1", "DN2"] +# Override the compile time default TLS priority string. The +# default is usually "NORMAL" unless overridden at build time. +# Only set this is it is desired for libvirt to deviate from +# the global default settings. +# +#tls_priority="NORMAL" + + +@END@ # A whitelist of allowed SASL usernames. The format for username # depends on the SASL authentication mechanism. Kerberos usernames # look like username@REALM @@ -282,14 +298,6 @@ #sasl_allowed_username_list = [&quot;joe(a)EXAMPLE.COM&quot;, &quot;fred(a)EXAMPLE.COM&quot; ] -# Override the compile time default TLS priority string. The -# default is usually "NORMAL" unless overridden at build time. -# Only set this is it is desired for libvirt to deviate from -# the global default settings. -# -#tls_priority="NORMAL" - - ################################################################# # # Processing controls @@ -417,8 +425,8 @@ # 4: ERROR # # Multiple outputs can be defined, they just need to be separated by spaces. -# e.g. to log all warnings and errors to syslog under the libvirtd ident: -#log_outputs="3:syslog:libvirtd" +# e.g. to log all warnings and errors to syslog under the @DAEMON_NAME@ ident: +#log_outputs="3:syslog:@DAEMON_NAME@" ################################################################## @@ -461,7 +469,7 @@ ################################################################### # Keepalive protocol: -# This allows libvirtd to detect broken client connections or even +# This allows @DAEMON_NAME@ to detect broken client connections or even # dead clients. A keepalive message is sent to a client after # keepalive_interval seconds of inactivity to check if the client is # still responding; keepalive_count is a maximum number of keepalive @@ -470,7 +478,7 @@ # words, the connection is automatically closed approximately after # keepalive_interval * (keepalive_count + 1) seconds since the last # message received from the client. If keepalive_interval is set to -# -1, libvirtd will never send keepalive requests; however clients +# -1, @DAEMON_NAME@ will never send keepalive requests; however clients # can still send them and the daemon will send responses. When # keepalive_count is set to 0, connections will be automatically # closed after keepalive_interval seconds of inactivity without diff --git a/src/remote/test_libvirtd.aug.in b/src/remote/test_libvirtd.aug.in index 6c51b7b9e7..d768b30b55 100644 --- a/src/remote/test_libvirtd.aug.in +++ b/src/remote/test_libvirtd.aug.in @@ -29,11 +29,11 @@ module Test_libvirtd = { "1" = "DN1"} { "2" = "DN2"} } + { "tls_priority" = "NORMAL" } { "sasl_allowed_username_list" { "1" = &quot;joe(a)EXAMPLE.COM&quot; } { "2" = &quot;fred(a)EXAMPLE.COM&quot; } } - { "tls_priority" = "NORMAL" } { "max_clients" = "5000" } { "max_queued_clients" = "1000" } { "max_anonymous_clients" = "20" } -- 2.21.0

On Tue, Jul 30, 2019 at 12:48:03PM +0200, Christophe de Dinechin wrote: Yes, because I moved the config parameter in libvirtd.conf, this influences the order seen in the augeas unit test here, as its input is auto-generated from from the libvirtd.conf Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Prepare for reusing libvirtd augeas defintions with other daemons by making the config parameters for IP sockets conditionally defined by the make rules. Reviewed-by: Andrea Bolognani <abologna(a)redhat.com&gt; Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- .gitignore | 1 + src/remote/Makefile.inc.am | 20 +++++++++++++-- src/remote/{libvirtd.aug => libvirtd.aug.in} | 26 +++++++++++++------- src/remote/test_libvirtd.aug.in | 12 ++++++--- 4 files changed, 45 insertions(+), 14 deletions(-) rename src/remote/{libvirtd.aug => libvirtd.aug.in} (89%) diff --git a/.gitignore b/.gitignore index a09f45af50..4463660c85 100644 --- a/.gitignore +++ b/.gitignore @@ -158,6 +158,7 @@ /src/remote/*_client_bodies.h /src/remote/*_protocol.[ch] /src/remote/*_stubs.h +/src/remote/libvirtd.aug /src/remote/libvirtd.conf /src/remote/test_libvirtd.aug /src/rpc/virkeepaliveprotocol.[ch] diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index 93a7a6c14e..45dd6cc1cb 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -75,7 +75,7 @@ EXTRA_DIST += \ $(REMOTE_DRIVER_SOURCES) \ $(LIBVIRTD_SOURCES) \ remote/test_libvirtd.aug.in \ - remote/libvirtd.aug \ + remote/libvirtd.aug.in \ remote/libvirtd.conf.in \ remote/libvirtd.policy \ remote/libvirtd.rules \ @@ -133,6 +133,8 @@ augeastest_DATA += remote/test_libvirtd.aug nodist_conf_DATA += remote/libvirtd.conf +CLEANFILES += remote/libvirtd.aug + man8_MANS += libvirtd.8 libvirtd_SOURCES = $(LIBVIRTD_SOURCES) @@ -197,9 +199,23 @@ install-data-remote: uninstall-data-remote: rmdir "$(DESTDIR)$(localstatedir)/log/libvirt" ||: +remote/libvirtd.aug: remote/libvirtd.aug.in + $(AM_V_GEN)$(SED) \ + -e '/[@]CUT_ENABLE_IP[@]/d' \ + -e '/[@]END[@]/d' \ + -e 's|[@]DAEMON_NAME[@]|libvirtd|' \ + -e 's|[@]DAEMON_NAME_UC[@]|Libvirtd|' \ + $< > $@ + remote/test_libvirtd.aug: remote/test_libvirtd.aug.in \ remote/libvirtd.conf $(AUG_GENTEST) - $(AM_V_GEN)$(AUG_GENTEST) remote/libvirtd.conf $< > $@ + $(AM_V_GEN)$(AUG_GENTEST) remote/libvirtd.conf \ + $(srcdir)/remote/test_libvirtd.aug.in | \ + $(SED) -e '/[@]CUT_ENABLE_IP[@]/d' \ + -e '/[@]END[@]/d' \ + -e 's|[@]DAEMON_NAME[@]|libvirtd|' \ + -e 's|[@]DAEMON_NAME_UC[@]|Libvirtd|' \ + > $@ || rm -f $@ if WITH_SYSCTL # Use $(prefix)/lib rather than $(libdir), since man sysctl.d insists on diff --git a/src/remote/libvirtd.aug b/src/remote/libvirtd.aug.in similarity index 89% rename from src/remote/libvirtd.aug rename to src/remote/libvirtd.aug.in index 0188c23dd7..eec3433f29 100644 --- a/src/remote/libvirtd.aug +++ b/src/remote/libvirtd.aug.in @@ -1,6 +1,6 @@ -(* /etc/libvirt/libvirtd.conf *) +(* /etc/libvirt/@DAEMON_NAME@.conf *) -module Libvirtd = +module @DAEMON_NAME_UC@ = autoload xfm let eol = del /[ \t]*\n/ "\n" @@ -24,11 +24,13 @@ module Libvirtd = (* Config entry grouped by function - same order as example config *) +@CUT_ENABLE_IP@ let network_entry = bool_entry "listen_tls" | bool_entry "listen_tcp" | str_entry "tls_port" | str_entry "tcp_port" | str_entry "listen_addr" +@END@ let sock_acl_entry = str_entry "unix_sock_group" | str_entry "unix_sock_ro_perms" @@ -38,6 +40,7 @@ module Libvirtd = let authentication_entry = str_entry "auth_unix_ro" | str_entry "auth_unix_rw" +@CUT_ENABLE_IP@ | str_entry "auth_tcp" | str_entry "auth_tls" @@ -46,12 +49,14 @@ module Libvirtd = | str_entry "ca_file" | str_entry "crl_file" - let authorization_entry = bool_entry "tls_no_verify_certificate" + let tls_authorization_entry = bool_entry "tls_no_verify_certificate" | bool_entry "tls_no_sanity_certificate" | str_array_entry "tls_allowed_dn_list" - | str_array_entry "sasl_allowed_username_list" - | str_array_entry "access_drivers" | str_entry "tls_priority" +@END@ + + let misc_authorization_entry = str_array_entry "sasl_allowed_username_list" + | str_array_entry "access_drivers" let processing_entry = int_entry "min_workers" | int_entry "max_workers" @@ -87,11 +92,14 @@ module Libvirtd = | int_entry "ovs_timeout" (* Each enty in the config is one of the following three ... *) - let entry = network_entry - | sock_acl_entry + let entry = sock_acl_entry | authentication_entry +@CUT_ENABLE_IP@ + | network_entry | certificate_entry - | authorization_entry + | tls_authorization_entry +@END@ + | misc_authorization_entry | processing_entry | admin_processing_entry | logging_entry @@ -106,7 +114,7 @@ module Libvirtd = let lns = ( record | comment | empty ) * - let filter = incl "/etc/libvirt/libvirtd.conf" + let filter = incl "/etc/libvirt/@DAEMON_NAME@.conf" . Util.stdexcl let xfm = transform lns filter diff --git a/src/remote/test_libvirtd.aug.in b/src/remote/test_libvirtd.aug.in index d768b30b55..2fd809af4a 100644 --- a/src/remote/test_libvirtd.aug.in +++ b/src/remote/test_libvirtd.aug.in @@ -1,12 +1,14 @@ -module Test_libvirtd = +module Test_@DAEMON_NAME@ = @CONFIG@ - test Libvirtd.lns get conf = + test @DAEMON_NAME_UC@.lns get conf = +@CUT_ENABLE_IP@ { "listen_tls" = "0" } { "listen_tcp" = "1" } { "tls_port" = "16514" } { "tcp_port" = "16509" } { "listen_addr" = "192.168.0.1" } +@END@ { "unix_sock_group" = "libvirt" } { "unix_sock_ro_perms" = "0777" } { "unix_sock_rw_perms" = "0770" } @@ -14,11 +16,14 @@ module Test_libvirtd = { "unix_sock_dir" = "/var/run/libvirt" } { "auth_unix_ro" = "none" } { "auth_unix_rw" = "none" } +@CUT_ENABLE_IP@ { "auth_tcp" = "sasl" } { "auth_tls" = "none" } +@END@ { "access_drivers" { "1" = "polkit" } } +@CUT_ENABLE_IP@ { "key_file" = "/etc/pki/libvirt/private/serverkey.pem" } { "cert_file" = "/etc/pki/libvirt/servercert.pem" } { "ca_file" = "/etc/pki/CA/cacert.pem" } @@ -30,6 +35,7 @@ module Test_libvirtd = { "2" = "DN2"} } { "tls_priority" = "NORMAL" } +@END@ { "sasl_allowed_username_list" { "1" = &quot;joe(a)EXAMPLE.COM&quot; } { "2" = &quot;fred(a)EXAMPLE.COM&quot; } @@ -48,7 +54,7 @@ module Test_libvirtd = { "admin_max_client_requests" = "5" } { "log_level" = "3" } { "log_filters" = "1:qemu 1:libvirt 4:object 4:json 4:event 1:util" } - { "log_outputs" = "3:syslog:libvirtd" } + { "log_outputs" = "3:syslog:@DAEMON_NAME@" } { "audit_level" = "2" } { "audit_logging" = "1" } { "host_uuid" = "00000000-0000-0000-0000-000000000000" } -- 2.21.0

The same make variables will be useful for building both libvirtd and the split daemons, so refactor & rename variables to facilitate reuse. Automake gets annoyed if you define a variable ending LDFLAGS: src/remote/Makefile.inc.am:53: warning: variable 'REMOTE_DAEMON_LDFLAGS' is defined but no program or src/remote/Makefile.inc.am:53: library has 'REMOTE_DAEMON' as canonical name (possible typo) So we trick it by using an LD_FLAGS or LD_ADD suffix instead. LIBSOCKET is dropped as it is only set on Windows and we don't build the libvirtd daemon under mingw. Reviewed-by: Andrea Bolognani <abologna(a)redhat.com&gt; Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- src/remote/Makefile.inc.am | 94 ++++++++++++++++++++------------------ 1 file changed, 50 insertions(+), 44 deletions(-) diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index 45dd6cc1cb..0ec7abb880 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -18,13 +18,13 @@ REMOTE_DRIVER_SOURCES = \ $(REMOTE_DRIVER_GENERATED) \ $(NULL) -LIBVIRTD_GENERATED = \ +REMOTE_DAEMON_GENERATED = \ remote/remote_daemon_dispatch_stubs.h \ remote/remote_daemon_dispatch_lxc_stubs.h \ remote/remote_daemon_dispatch_qemu_stubs.h \ $(NULL) -LIBVIRTD_SOURCES = \ +REMOTE_DAEMON_SOURCES = \ remote/remote_daemon.c \ remote/remote_daemon.h \ remote/remote_daemon_config.c \ @@ -33,9 +33,49 @@ LIBVIRTD_SOURCES = \ remote/remote_daemon_dispatch.h \ remote/remote_daemon_stream.c \ remote/remote_daemon_stream.h \ - $(LIBVIRTD_GENERATED) \ + $(REMOTE_DAEMON_GENERATED) \ $(NULL) +REMOTE_DAEMON_CFLAGS = \ + $(LIBXML_CFLAGS) \ + $(GNUTLS_CFLAGS) \ + $(SASL_CFLAGS) \ + $(XDR_CFLAGS) \ + $(DBUS_CFLAGS) \ + $(LIBNL_CFLAGS) \ + $(WARN_CFLAGS) \ + $(PIE_CFLAGS) \ + -I$(srcdir)/access \ + -I$(srcdir)/conf \ + -I$(srcdir)/rpc \ + $(NULL) + +REMOTE_DAEMON_LD_FLAGS = \ + $(RELRO_LDFLAGS) \ + $(PIE_LDFLAGS) \ + $(NO_INDIRECT_LDFLAGS) \ + $(NO_UNDEFINED_LDFLAGS) \ + $(NULL) + +REMOTE_DAEMON_LD_ADD = \ + libvirt_driver_admin.la \ + libvirt-lxc.la \ + libvirt-qemu.la \ + libvirt.la \ + $(LIBXML_LIBS) \ + $(GNUTLS_LIBS) \ + $(SASL_LIBS) \ + $(DBUS_LIBS) \ + $(LIBNL_LIBS) \ + $(NULL) + +if WITH_DTRACE_PROBES +REMOTE_DAEMON_LD_ADD += ../src/libvirt_probes.lo +endif WITH_DTRACE_PROBES + +REMOTE_DAEMON_LD_ADD += \ + ../gnulib/lib/libgnu.la \ + $(NULL) LOGROTATE_FILES_IN += \ remote/libvirtd.qemu.logrotate.in \ @@ -73,7 +113,7 @@ DRIVER_SOURCE_FILES += $(REMOTE_DRIVER_SOURCES) EXTRA_DIST += \ $(REMOTE_DRIVER_PROTOCOL) \ $(REMOTE_DRIVER_SOURCES) \ - $(LIBVIRTD_SOURCES) \ + $(REMOTE_DAEMON_SOURCES) \ remote/test_libvirtd.aug.in \ remote/libvirtd.aug.in \ remote/libvirtd.conf.in \ @@ -87,11 +127,11 @@ EXTRA_DIST += \ # the WITH_REMOTE/WITH_LIBVIRTD conditionals BUILT_SOURCES += \ $(REMOTE_DRIVER_GENERATED) \ - $(LIBVIRTD_GENERATED) \ + $(REMOTE_DAEMON_GENERATED) \ $(NULL) MAINTAINERCLEANFILES += \ $(REMOTE_DRIVER_GENERATED) \ - $(LIBVIRTD_GENERATED) \ + $(REMOTE_DAEMON_GENERATED) \ $(NULL) CLEANFILES += \ remote/libvirtd.conf \ @@ -137,52 +177,18 @@ CLEANFILES += remote/libvirtd.aug man8_MANS += libvirtd.8 -libvirtd_SOURCES = $(LIBVIRTD_SOURCES) +libvirtd_SOURCES = $(REMOTE_DAEMON_SOURCES) libvirtd_CFLAGS = \ - $(LIBXML_CFLAGS) \ - $(GNUTLS_CFLAGS) \ - $(SASL_CFLAGS) \ - $(XDR_CFLAGS) \ - $(DBUS_CFLAGS) \ - $(LIBNL_CFLAGS) \ - $(WARN_CFLAGS) \ - $(PIE_CFLAGS) \ - -I$(srcdir)/access \ - -I$(srcdir)/conf \ - -I$(srcdir)/rpc \ + $(REMOTE_DAEMON_CFLAGS) \ -DSOCK_PREFIX="\"libvirt\"" \ -DDAEMON_NAME="\"libvirtd\"" \ -DENABLE_IP \ $(NULL) -libvirtd_LDFLAGS = \ - $(RELRO_LDFLAGS) \ - $(PIE_LDFLAGS) \ - $(NO_INDIRECT_LDFLAGS) \ - $(NO_UNDEFINED_LDFLAGS) \ - $(NULL) +libvirtd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) -libvirtd_LDADD = \ - libvirt_driver_admin.la \ - libvirt-lxc.la \ - libvirt-qemu.la \ - libvirt.la \ - $(LIBXML_LIBS) \ - $(GNUTLS_LIBS) \ - $(SASL_LIBS) \ - $(DBUS_LIBS) \ - $(LIBNL_LIBS) \ - $(NULL) - -if WITH_DTRACE_PROBES -libvirtd_LDADD += ../src/libvirt_probes.lo -endif WITH_DTRACE_PROBES - -libvirtd_LDADD += \ - ../gnulib/lib/libgnu.la \ - $(LIBSOCKET) \ - $(NULL) +libvirtd_LDADD = $(REMOTE_DAEMON_LD_ADD) remote/libvirtd.conf: remote/libvirtd.conf.in $(AM_V_GEN)$(SED) \ -- 2.21.0

Substitute in the @sysconfigdir@ value instead of /etc. Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- src/locking/Makefile.inc.am | 1 + src/locking/virtlockd.service.in | 2 +- src/logging/Makefile.inc.am | 1 + src/logging/virtlogd.service.in | 2 +- src/remote/Makefile.inc.am | 8 ++++++++ src/remote/libvirtd-admin.socket.in | 2 +- src/remote/libvirtd-ro.socket.in | 2 +- src/remote/libvirtd-tcp.socket.in | 2 +- src/remote/libvirtd-tls.socket.in | 2 +- src/remote/libvirtd.aug.in | 4 ++-- src/remote/libvirtd.conf.in | 18 +++++++++--------- src/remote/libvirtd.service.in | 2 +- src/remote/libvirtd.socket.in | 2 +- src/remote/test_libvirtd.aug.in | 8 ++++---- tools/libvirt-guests.service.in | 2 +- 15 files changed, 34 insertions(+), 24 deletions(-) diff --git a/src/locking/Makefile.inc.am b/src/locking/Makefile.inc.am index 161410051c..bc1a05549a 100644 --- a/src/locking/Makefile.inc.am +++ b/src/locking/Makefile.inc.am @@ -258,6 +258,7 @@ locking/lock_daemon_dispatch_stubs.h: $(LOCK_PROTOCOL) \ virtlockd.service: locking/virtlockd.service.in $(top_builddir)/config.status $(AM_V_GEN)sed \ -e 's|[@]sbindir[@]|$(sbindir)|g' \ + -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ < $< > $@-t && \ mv $@-t $@ diff --git a/src/locking/virtlockd.service.in b/src/locking/virtlockd.service.in index 3c9d587032..e7f8057c06 100644 --- a/src/locking/virtlockd.service.in +++ b/src/locking/virtlockd.service.in @@ -7,7 +7,7 @@ Documentation=man:virtlockd(8) Documentation=https://libvirt.org [Service] -EnvironmentFile=-/etc/sysconfig/virtlockd +EnvironmentFile=-@sysconfdir@/sysconfig/virtlockd ExecStart=@sbindir@/virtlockd $VIRTLOCKD_ARGS ExecReload=/bin/kill -USR1 $MAINPID # Loosing the locks is a really bad thing that will diff --git a/src/logging/Makefile.inc.am b/src/logging/Makefile.inc.am index f0c49330f5..18772fde2f 100644 --- a/src/logging/Makefile.inc.am +++ b/src/logging/Makefile.inc.am @@ -122,6 +122,7 @@ virtlogd.8.in: logging/virtlogd.pod virtlogd.service: logging/virtlogd.service.in $(top_builddir)/config.status $(AM_V_GEN)sed \ -e 's|[@]sbindir[@]|$(sbindir)|g' \ + -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ < $< > $@-t && \ mv $@-t $@ diff --git a/src/logging/virtlogd.service.in b/src/logging/virtlogd.service.in index 3d9ae36150..daff48e67d 100644 --- a/src/logging/virtlogd.service.in +++ b/src/logging/virtlogd.service.in @@ -7,7 +7,7 @@ Documentation=man:virtlogd(8) Documentation=https://libvirt.org [Service] -EnvironmentFile=-/etc/sysconfig/virtlogd +EnvironmentFile=-@sysconfdir@/sysconfig/virtlogd ExecStart=@sbindir@/virtlogd $VIRTLOGD_ARGS ExecReload=/bin/kill -USR1 $MAINPID # Loosing the logs is a really bad thing that will diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index 0ec7abb880..fc04af5cb5 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -194,6 +194,7 @@ remote/libvirtd.conf: remote/libvirtd.conf.in $(AM_V_GEN)$(SED) \ -e '/[@]CUT_ENABLE_IP[@]/d' \ -e '/[@]END[@]/d' \ + -e 's|[@]sysconfdir[@]|@sysconfdir@|' \ -e 's|[@]DAEMON_NAME[@]|libvirtd|' \ < $< > $@ @@ -209,6 +210,7 @@ remote/libvirtd.aug: remote/libvirtd.aug.in $(AM_V_GEN)$(SED) \ -e '/[@]CUT_ENABLE_IP[@]/d' \ -e '/[@]END[@]/d' \ + -e 's|[@]sysconfdir[@]|@sysconfdir@|' \ -e 's|[@]DAEMON_NAME[@]|libvirtd|' \ -e 's|[@]DAEMON_NAME_UC[@]|Libvirtd|' \ $< > $@ @@ -219,6 +221,7 @@ remote/test_libvirtd.aug: remote/test_libvirtd.aug.in \ $(srcdir)/remote/test_libvirtd.aug.in | \ $(SED) -e '/[@]CUT_ENABLE_IP[@]/d' \ -e '/[@]END[@]/d' \ + -e 's|[@]sysconfdir[@]|@sysconfdir@|' \ -e 's|[@]DAEMON_NAME[@]|libvirtd|' \ -e 's|[@]DAEMON_NAME_UC[@]|Libvirtd|' \ @@ -300,30 +303,35 @@ libvirtd.service: remote/libvirtd.service.in $(top_builddir)/config.status libvirtd.socket: remote/libvirtd.socket.in $(top_builddir)/config.status $(AM_V_GEN)sed \ -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ < $< > $@-t && \ mv $@-t $@ libvirtd-ro.socket: remote/libvirtd-ro.socket.in $(top_builddir)/config.status $(AM_V_GEN)sed \ -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ < $< > $@-t && \ mv $@-t $@ libvirtd-admin.socket: remote/libvirtd-admin.socket.in $(top_builddir)/config.status $(AM_V_GEN)sed \ -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ < $< > $@-t && \ mv $@-t $@ libvirtd-tcp.socket: remote/libvirtd-tcp.socket.in $(top_builddir)/config.status $(AM_V_GEN)sed \ -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ < $< > $@-t && \ mv $@-t $@ libvirtd-tls.socket: remote/libvirtd-tls.socket.in $(top_builddir)/config.status $(AM_V_GEN)sed \ -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ < $< > $@-t && \ mv $@-t $@ diff --git a/src/remote/libvirtd-admin.socket.in b/src/remote/libvirtd-admin.socket.in index 307c9ba24b..bbab4ea355 100644 --- a/src/remote/libvirtd-admin.socket.in +++ b/src/remote/libvirtd-admin.socket.in @@ -5,7 +5,7 @@ BindsTo=libvirtd.socket After=libvirtd.socket [Socket] -# The directory must match the /etc/libvirt/libvirtd.conf unix_sock_dir setting +# The directory must match the @sysconfdir(a)/libvirt/libvirtd.conf unix_sock_dir setting # when using systemd version < 227 ListenStream=@localstatedir@/run/libvirt/libvirt-admin-sock Service=libvirtd.service diff --git a/src/remote/libvirtd-ro.socket.in b/src/remote/libvirtd-ro.socket.in index 876daf0c9c..5f8b1892d5 100644 --- a/src/remote/libvirtd-ro.socket.in +++ b/src/remote/libvirtd-ro.socket.in @@ -5,7 +5,7 @@ BindsTo=libvirtd.socket After=libvirtd.socket [Socket] -# The directory must match the /etc/libvirt/libvirtd.conf unix_sock_dir setting +# The directory must match the @sysconfdir(a)/libvirt/libvirtd.conf unix_sock_dir setting # when using systemd version < 227 ListenStream=@localstatedir@/run/libvirt/libvirt-sock-ro Service=libvirtd.service diff --git a/src/remote/libvirtd-tcp.socket.in b/src/remote/libvirtd-tcp.socket.in index 16a4764283..1103036c45 100644 --- a/src/remote/libvirtd-tcp.socket.in +++ b/src/remote/libvirtd-tcp.socket.in @@ -5,7 +5,7 @@ BindsTo=libvirtd.socket After=libvirtd.socket [Socket] -# This must match the /etc/libvirt/libvirtd.conf tcp_port setting +# This must match the @sysconfdir(a)/libvirt/libvirtd.conf tcp_port setting # when using systemd version < 227 ListenStream=16509 Service=libvirtd.service diff --git a/src/remote/libvirtd-tls.socket.in b/src/remote/libvirtd-tls.socket.in index e904583cf9..e2b1f839de 100644 --- a/src/remote/libvirtd-tls.socket.in +++ b/src/remote/libvirtd-tls.socket.in @@ -5,7 +5,7 @@ BindsTo=libvirtd.socket After=libvirtd.socket [Socket] -# This must match the /etc/libvirt/libvirtd.conf tls_port setting +# This must match the @sysconfdir(a)/libvirt/libvirtd.conf tls_port setting # when using systemd version < 227 ListenStream=16514 Service=libvirtd.service diff --git a/src/remote/libvirtd.aug.in b/src/remote/libvirtd.aug.in index eec3433f29..23a01c41e2 100644 --- a/src/remote/libvirtd.aug.in +++ b/src/remote/libvirtd.aug.in @@ -1,4 +1,4 @@ -(* /etc/libvirt/@DAEMON_NAME@.conf *) +(* @sysconfdir@/libvirt/@DAEMON_NAME@.conf *) module @DAEMON_NAME_UC@ = autoload xfm @@ -114,7 +114,7 @@ module @DAEMON_NAME_UC@ = let lns = ( record | comment | empty ) * - let filter = incl "/etc/libvirt/@DAEMON_NAME@.conf" + let filter = incl "@sysconfdir@/libvirt/@DAEMON_NAME@.conf" . Util.stdexcl let xfm = transform lns filter diff --git a/src/remote/libvirtd.conf.in b/src/remote/libvirtd.conf.in index e351a8c190..71c4ce1bfd 100644 --- a/src/remote/libvirtd.conf.in +++ b/src/remote/libvirtd.conf.in @@ -134,7 +134,7 @@ # the network providing auth (eg, TLS/x509 certificates) # # - sasl: use SASL infrastructure. The actual auth scheme is then -# controlled from /etc/sasl2/libvirt.conf. For the TCP +# controlled from @sysconfdir(a)/sasl2/libvirt.conf. For the TCP # socket only GSSAPI & DIGEST-MD5 mechanisms will be used. # For non-TCP or TLS sockets, any scheme is allowed. # @@ -166,7 +166,7 @@ # If you don't enable SASL, then all TCP traffic is cleartext. # Don't do this outside of a dev/test scenario. For real world # use, always enable SASL and use the GSSAPI or DIGEST-MD5 -# mechanism in /etc/sasl2/libvirt.conf +# mechanism in @sysconfdir(a)/sasl2/libvirt.conf #auth_tcp = "sasl" # Change the authentication scheme for TLS sockets. @@ -199,10 +199,10 @@ # Use of TLS requires that x509 certificates be issued. The default locations # for the certificate files is as follows: # -# /etc/pki/CA/cacert.pem - The CA master certificate -# /etc/pki/libvirt/servercert.pem - The server certificate signed with +# @sysconfdir(a)/pki/CA/cacert.pem - The CA master certificate +# @sysconfdir(a)/pki/libvirt/servercert.pem - The server certificate signed with # the cacert.pem -# /etc/pki/libvirt/private/serverkey.pem - The server private key +# @sysconfdir(a)/pki/libvirt/private/serverkey.pem - The server private key # # It is possible to override the default locations by altering the 'key_file', # 'cert_file', and 'ca_file' values and uncommenting them below. @@ -213,20 +213,20 @@ # Override the default server key file path # -#key_file = "/etc/pki/libvirt/private/serverkey.pem" +#key_file = &quot;@sysconfdir(a)/pki/libvirt/private/serverkey.pem&quot; # Override the default server certificate file path # -#cert_file = "/etc/pki/libvirt/servercert.pem" +#cert_file = &quot;@sysconfdir(a)/pki/libvirt/servercert.pem&quot; # Override the default CA certificate path # -#ca_file = "/etc/pki/CA/cacert.pem" +#ca_file = &quot;@sysconfdir(a)/pki/CA/cacert.pem&quot; # Specify a certificate revocation list. # # Defaults to not using a CRL, uncomment to enable it -#crl_file = "/etc/pki/CA/crl.pem" +#crl_file = &quot;@sysconfdir(a)/pki/CA/crl.pem&quot; diff --git a/src/remote/libvirtd.service.in b/src/remote/libvirtd.service.in index 3ddf0e229b..20d6f84d27 100644 --- a/src/remote/libvirtd.service.in +++ b/src/remote/libvirtd.service.in @@ -20,7 +20,7 @@ Documentation=https://libvirt.org [Service] Type=notify -EnvironmentFile=-/etc/sysconfig/libvirtd +EnvironmentFile=-@sysconfdir@/sysconfig/libvirtd # libvirtd.service is set to run on boot so that autostart of # VMs can be performed. We don't want it to stick around if # unused though, so we set a timeout. The socket activation diff --git a/src/remote/libvirtd.socket.in b/src/remote/libvirtd.socket.in index 2ee4d7d7a2..872f70eb21 100644 --- a/src/remote/libvirtd.socket.in +++ b/src/remote/libvirtd.socket.in @@ -3,7 +3,7 @@ Description=Libvirt local socket Before=libvirtd.service [Socket] -# The directory must match the /etc/libvirt/libvirtd.conf unix_sock_dir setting +# The directory must match the @sysconfdir(a)/libvirt/libvirtd.conf unix_sock_dir setting # when using systemd version < 227 ListenStream=@localstatedir@/run/libvirt/libvirt-sock Service=libvirtd.service diff --git a/src/remote/test_libvirtd.aug.in b/src/remote/test_libvirtd.aug.in index 2fd809af4a..fc9fb69b67 100644 --- a/src/remote/test_libvirtd.aug.in +++ b/src/remote/test_libvirtd.aug.in @@ -24,10 +24,10 @@ module Test_@DAEMON_NAME@ = { "1" = "polkit" } } @CUT_ENABLE_IP@ - { "key_file" = "/etc/pki/libvirt/private/serverkey.pem" } - { "cert_file" = "/etc/pki/libvirt/servercert.pem" } - { "ca_file" = "/etc/pki/CA/cacert.pem" } - { "crl_file" = "/etc/pki/CA/crl.pem" } + { "key_file" = &quot;@sysconfdir(a)/pki/libvirt/private/serverkey.pem&quot; } + { "cert_file" = &quot;@sysconfdir(a)/pki/libvirt/servercert.pem&quot; } + { "ca_file" = &quot;@sysconfdir(a)/pki/CA/cacert.pem&quot; } + { "crl_file" = &quot;@sysconfdir(a)/pki/CA/crl.pem&quot; } { "tls_no_sanity_certificate" = "1" } { "tls_no_verify_certificate" = "1" } { "tls_allowed_dn_list" diff --git a/tools/libvirt-guests.service.in b/tools/libvirt-guests.service.in index 491ca62138..10c664016a 100644 --- a/tools/libvirt-guests.service.in +++ b/tools/libvirt-guests.service.in @@ -10,7 +10,7 @@ Documentation=man:libvirtd(8) Documentation=https://libvirt.org [Service] -EnvironmentFile=-/etc/sysconfig/libvirt-guests +EnvironmentFile=-@sysconfdir@/sysconfig/libvirt-guests # Hack just call traditional service until we factor # out the code ExecStart=@libexecdir(a)/libvirt-guests.sh start -- 2.21.0

The make rules for the systemd socket unit files are all essentially identical and can be collapsed into a single generic rule. The service unit file rule can be simplified too. Reviewed-by: Andrea Bolognani <abologna(a)redhat.com&gt; Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- src/Makefile.am | 6 +++++ src/remote/Makefile.inc.am | 49 +++++++------------------------------- 2 files changed, 14 insertions(+), 41 deletions(-) diff --git a/src/Makefile.am b/src/Makefile.am index 255e8e2b57..b4544b12a7 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -89,6 +89,12 @@ man8_MANS = DRIVER_SOURCES = man7_MANS = +COMMON_UNIT_VARS = \ + -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + -e 's|[@]sbindir[@]|$(sbindir)|g' \ + -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ + $(NULL) + include util/Makefile.inc.am include conf/Makefile.inc.am include cpu/Makefile.inc.am diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index fc04af5cb5..0c6d859a41 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -292,48 +292,15 @@ INSTALL_DATA_LOCAL += install-sasl UNINSTALL_LOCAL += uninstall-sasl endif WITH_SASL +LIBVIRTD_UNIT_VARS = \ + $(COMMON_UNIT_VARS) \ + $(NULL) + libvirtd.service: remote/libvirtd.service.in $(top_builddir)/config.status - $(AM_V_GEN)sed \ - -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ - -e 's|[@]sbindir[@]|$(sbindir)|g' \ - -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ - < $< > $@-t && \ - mv $@-t $@ - -libvirtd.socket: remote/libvirtd.socket.in $(top_builddir)/config.status - $(AM_V_GEN)sed \ - -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ - -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ - < $< > $@-t && \ - mv $@-t $@ - -libvirtd-ro.socket: remote/libvirtd-ro.socket.in $(top_builddir)/config.status - $(AM_V_GEN)sed \ - -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ - -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ - < $< > $@-t && \ - mv $@-t $@ - -libvirtd-admin.socket: remote/libvirtd-admin.socket.in $(top_builddir)/config.status - $(AM_V_GEN)sed \ - -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ - -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ - < $< > $@-t && \ - mv $@-t $@ - -libvirtd-tcp.socket: remote/libvirtd-tcp.socket.in $(top_builddir)/config.status - $(AM_V_GEN)sed \ - -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ - -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ - < $< > $@-t && \ - mv $@-t $@ - -libvirtd-tls.socket: remote/libvirtd-tls.socket.in $(top_builddir)/config.status - $(AM_V_GEN)sed \ - -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ - -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ - < $< > $@-t && \ - mv $@-t $@ + $(AM_V_GEN)sed $(LIBVIRTD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +libvirt%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(LIBVIRTD_UNIT_VARS) < $< > $@-t && mv $@-t $@ virt-guest-shutdown.target: remote/virt-guest-shutdown.target.in \ $(top_builddir)/config.status -- 2.21.0

Prepare for reusing libvirtd socket unit files with other daemons by making various parts of their config conditionally defined by the make rules. Reviewed-by: Andrea Bolognani <abologna(a)redhat.com&gt; Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- src/remote/Makefile.inc.am | 4 ++++ src/remote/libvirtd-admin.socket.in | 15 ++++++++------- src/remote/libvirtd-ro.socket.in | 15 ++++++++------- src/remote/libvirtd-tcp.socket.in | 13 +++++++------ src/remote/libvirtd-tls.socket.in | 13 +++++++------ src/remote/libvirtd.socket.in | 11 ++++++----- 6 files changed, 40 insertions(+), 31 deletions(-) diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index 0c6d859a41..0e9c0b9e1b 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -294,6 +294,10 @@ endif WITH_SASL LIBVIRTD_UNIT_VARS = \ $(COMMON_UNIT_VARS) \ + -e 's|[@]name[@]|Libvirt|g' \ + -e 's|[@]service[@]|libvirtd|g' \ + -e 's|[@]sockprefix[@]|libvirt|g' \ + -e 's|[@]deps[@]||g' \ $(NULL) libvirtd.service: remote/libvirtd.service.in $(top_builddir)/config.status diff --git a/src/remote/libvirtd-admin.socket.in b/src/remote/libvirtd-admin.socket.in index bbab4ea355..dcce7fdc93 100644 --- a/src/remote/libvirtd-admin.socket.in +++ b/src/remote/libvirtd-admin.socket.in @@ -1,14 +1,15 @@ [Unit] -Description=Libvirt admin socket -Before=libvirtd.service -BindsTo=libvirtd.socket -After=libvirtd.socket +Description=@name@ admin socket +Before=@service@.service +BindsTo=@service@.socket +After=@service@.socket +@deps@ [Socket] -# The directory must match the @sysconfdir(a)/libvirt/libvirtd.conf unix_sock_dir setting +# The directory must match the @sysconfdir@/libvirt/@service@.conf unix_sock_dir setting # when using systemd version < 227 -ListenStream=@localstatedir@/run/libvirt/libvirt-admin-sock -Service=libvirtd.service +ListenStream=@localstatedir@/run/libvirt/@sockprefix@-admin-sock +Service=@service@.service SocketMode=0600 [Install] diff --git a/src/remote/libvirtd-ro.socket.in b/src/remote/libvirtd-ro.socket.in index 5f8b1892d5..a287f78201 100644 --- a/src/remote/libvirtd-ro.socket.in +++ b/src/remote/libvirtd-ro.socket.in @@ -1,14 +1,15 @@ [Unit] -Description=Libvirt local read-only socket -Before=libvirtd.service -BindsTo=libvirtd.socket -After=libvirtd.socket +Description=@name@ local read-only socket +Before=@service@.service +BindsTo=@service@.socket +After=@service@.socket +@deps@ [Socket] -# The directory must match the @sysconfdir(a)/libvirt/libvirtd.conf unix_sock_dir setting +# The directory must match the @sysconfdir@/libvirt/@service@.conf unix_sock_dir setting # when using systemd version < 227 -ListenStream=@localstatedir@/run/libvirt/libvirt-sock-ro -Service=libvirtd.service +ListenStream=@localstatedir@/run/libvirt/@sockprefix@-sock-ro +Service=@service@.service SocketMode=0666 [Install] diff --git a/src/remote/libvirtd-tcp.socket.in b/src/remote/libvirtd-tcp.socket.in index 1103036c45..dd60317d47 100644 --- a/src/remote/libvirtd-tcp.socket.in +++ b/src/remote/libvirtd-tcp.socket.in @@ -1,14 +1,15 @@ [Unit] -Description=Libvirt non-TLS IP socket -Before=libvirtd.service -BindsTo=libvirtd.socket -After=libvirtd.socket +Description=@name@ non-TLS IP socket +Before=@service@.service +BindsTo=@service@.socket +After=@service@.socket +@deps@ [Socket] -# This must match the @sysconfdir(a)/libvirt/libvirtd.conf tcp_port setting +# This must match the @sysconfdir@/libvirt/@service@.conf tcp_port setting # when using systemd version < 227 ListenStream=16509 -Service=libvirtd.service +Service=@service@.service [Install] WantedBy=sockets.target diff --git a/src/remote/libvirtd-tls.socket.in b/src/remote/libvirtd-tls.socket.in index e2b1f839de..8b89737fff 100644 --- a/src/remote/libvirtd-tls.socket.in +++ b/src/remote/libvirtd-tls.socket.in @@ -1,14 +1,15 @@ [Unit] -Description=Libvirt TLS IP socket -Before=libvirtd.service -BindsTo=libvirtd.socket -After=libvirtd.socket +Description=@name@ TLS IP socket +Before=@service@.service +BindsTo=@service@.socket +After=@service@.socket +@deps@ [Socket] -# This must match the @sysconfdir(a)/libvirt/libvirtd.conf tls_port setting +# This must match the @sysconfdir@/libvirt/@service@.conf tls_port setting # when using systemd version < 227 ListenStream=16514 -Service=libvirtd.service +Service=@service@.service [Install] WantedBy=sockets.target diff --git a/src/remote/libvirtd.socket.in b/src/remote/libvirtd.socket.in index 872f70eb21..cb61409e23 100644 --- a/src/remote/libvirtd.socket.in +++ b/src/remote/libvirtd.socket.in @@ -1,12 +1,13 @@ [Unit] -Description=Libvirt local socket -Before=libvirtd.service +Description=@name@ local socket +Before=@service@.service +@deps@ [Socket] -# The directory must match the @sysconfdir(a)/libvirt/libvirtd.conf unix_sock_dir setting +# The directory must match the @sysconfdir@/libvirt/@service@.conf unix_sock_dir setting # when using systemd version < 227 -ListenStream=@localstatedir@/run/libvirt/libvirt-sock -Service=libvirtd.service +ListenStream=@localstatedir@/run/libvirt/@sockprefix@-sock +Service=@service@.service SocketMode=0666 [Install] -- 2.21.0

When running in libvirtd, we are happy for any of the drivers to simply skip their initialization in virStateInitialize, as other drivers are still potentially useful. When running in per-driver daemons though, we want the daemon to abort startup if the driver cannot initialize itself, as the daemon will be useless without it. Reviewed-by: Andrea Bolognani <abologna(a)redhat.com&gt; Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- src/bhyve/bhyve_driver.c | 10 +++++----- src/driver-state.h | 8 +++++++- src/interface/interface_backend_netcf.c | 8 ++++---- src/interface/interface_backend_udev.c | 4 ++-- src/libvirt.c | 15 ++++++++++++--- src/libvirt_internal.h | 1 + src/libxl/libxl_driver.c | 10 +++++----- src/lxc/lxc_driver.c | 12 ++++++------ src/network/bridge_driver.c | 4 ++-- src/node_device/node_device_hal.c | 12 ++++++------ src/node_device/node_device_udev.c | 8 ++++---- src/nwfilter/nwfilter_driver.c | 12 ++++++------ src/qemu/qemu_driver.c | 8 ++++---- src/remote/remote_daemon.c | 6 ++++++ src/remote/remote_driver.c | 2 +- src/secret/secret_driver.c | 8 ++++---- src/storage/storage_driver.c | 8 ++++---- src/vz/vz_driver.c | 14 +++++++------- 18 files changed, 86 insertions(+), 64 deletions(-) diff --git a/src/bhyve/bhyve_driver.c b/src/bhyve/bhyve_driver.c index 5387ac5570..e2c1b00080 100644 --- a/src/bhyve/bhyve_driver.c +++ b/src/bhyve/bhyve_driver.c @@ -1220,16 +1220,16 @@ bhyveStateInitialize(bool privileged, { if (!privileged) { VIR_INFO("Not running privileged, disabling driver"); - return 0; + return VIR_DRV_STATE_INIT_SKIPPED; } if (VIR_ALLOC(bhyve_driver) < 0) - return -1; + return VIR_DRV_STATE_INIT_ERROR; bhyve_driver->lockFD = -1; if (virMutexInit(&bhyve_driver->lock) < 0) { VIR_FREE(bhyve_driver); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } if (!(bhyve_driver->closeCallbacks = virCloseCallbacksNew())) @@ -1303,11 +1303,11 @@ bhyveStateInitialize(bool privileged, bhyveAutostartDomains(bhyve_driver); - return 0; + return VIR_DRV_STATE_INIT_COMPLETE; cleanup: bhyveStateCleanup(); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } unsigned diff --git a/src/driver-state.h b/src/driver-state.h index 974b2252ee..69e2678dfc 100644 --- a/src/driver-state.h +++ b/src/driver-state.h @@ -24,7 +24,13 @@ # error "Don't include this file directly, only use driver.h" #endif -typedef int +typedef enum { + VIR_DRV_STATE_INIT_ERROR = -1, + VIR_DRV_STATE_INIT_SKIPPED, + VIR_DRV_STATE_INIT_COMPLETE, +} virDrvStateInitResult; + +typedef virDrvStateInitResult (*virDrvStateInitialize)(bool privileged, virStateInhibitCallback callback, void *opaque); diff --git a/src/interface/interface_backend_netcf.c b/src/interface/interface_backend_netcf.c index 0000587cee..eb509ccc13 100644 --- a/src/interface/interface_backend_netcf.c +++ b/src/interface/interface_backend_netcf.c @@ -93,10 +93,10 @@ netcfStateInitialize(bool privileged, void *opaque ATTRIBUTE_UNUSED) { if (virNetcfDriverStateInitialize() < 0) - return -1; + return VIR_DRV_STATE_INIT_ERROR; if (!(driver = virObjectLockableNew(virNetcfDriverStateClass))) - return -1; + return VIR_DRV_STATE_INIT_ERROR; driver->privileged = privileged; @@ -129,12 +129,12 @@ netcfStateInitialize(bool privileged, _("failed to initialize netcf")); goto error; } - return 0; + return VIR_DRV_STATE_INIT_COMPLETE; error: virObjectUnref(driver); driver = NULL; - return -1; + return VIR_DRV_STATE_INIT_ERROR; } diff --git a/src/interface/interface_backend_udev.c b/src/interface/interface_backend_udev.c index fea5108dbc..ef748540d1 100644 --- a/src/interface/interface_backend_udev.c +++ b/src/interface/interface_backend_udev.c @@ -1172,7 +1172,7 @@ udevStateInitialize(bool privileged, virStateInhibitCallback callback ATTRIBUTE_UNUSED, void *opaque ATTRIBUTE_UNUSED) { - int ret = -1; + int ret = VIR_DRV_STATE_INIT_ERROR; if (VIR_ALLOC(driver) < 0) goto cleanup; @@ -1210,7 +1210,7 @@ udevStateInitialize(bool privileged, } driver->privileged = privileged; - ret = 0; + ret = VIR_DRV_STATE_INIT_COMPLETE; cleanup: if (ret < 0) diff --git a/src/libvirt.c b/src/libvirt.c index f0a768fc7e..9390a767f9 100644 --- a/src/libvirt.c +++ b/src/libvirt.c @@ -629,6 +629,7 @@ virRegisterStateDriver(virStateDriverPtr driver) /** * virStateInitialize: * @privileged: set to true if running with root privilege, false otherwise + * @mandatory: set to true if all drivers must report success, not skipped * @callback: callback to invoke to inhibit shutdown of the daemon * @opaque: data to pass to @callback * @@ -638,6 +639,7 @@ virRegisterStateDriver(virStateDriverPtr driver) */ int virStateInitialize(bool privileged, + bool mandatory, virStateInhibitCallback callback, void *opaque) { @@ -648,15 +650,22 @@ virStateInitialize(bool privileged, for (i = 0; i < virStateDriverTabCount; i++) { if (virStateDriverTab[i]->stateInitialize) { + virDrvStateInitResult ret; VIR_DEBUG("Running global init for %s state driver", virStateDriverTab[i]->name); - if (virStateDriverTab[i]->stateInitialize(privileged, - callback, - opaque) < 0) { + ret = virStateDriverTab[i]->stateInitialize(privileged, + callback, + opaque); + VIR_DEBUG("State init result %d (mandatory=%d)", ret, mandatory); + if (ret == VIR_DRV_STATE_INIT_ERROR) { VIR_ERROR(_("Initialization of %s state driver failed: %s"), virStateDriverTab[i]->name, virGetLastErrorMessage()); return -1; + } else if (ret == VIR_DRV_STATE_INIT_SKIPPED && mandatory) { + VIR_ERROR(_("Initialization of mandatory %s state driver skipped"), + virStateDriverTab[i]->name); + return -1; } } } diff --git a/src/libvirt_internal.h b/src/libvirt_internal.h index 3f012fdd4b..4a74dbc2af 100644 --- a/src/libvirt_internal.h +++ b/src/libvirt_internal.h @@ -30,6 +30,7 @@ typedef void (*virStateInhibitCallback)(bool inhibit, void *opaque); int virStateInitialize(bool privileged, + bool mandatory, virStateInhibitCallback inhibit, void *opaque); int virStateCleanup(void); diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c index 492028c487..231960b817 100644 --- a/src/libxl/libxl_driver.c +++ b/src/libxl/libxl_driver.c @@ -657,17 +657,17 @@ libxlStateInitialize(bool privileged, char ebuf[1024]; if (!libxlDriverShouldLoad(privileged)) - return 0; + return VIR_DRV_STATE_INIT_SKIPPED; if (VIR_ALLOC(libxl_driver) < 0) - return -1; + return VIR_DRV_STATE_INIT_ERROR; libxl_driver->lockFD = -1; if (virMutexInit(&libxl_driver->lock) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("cannot initialize mutex")); VIR_FREE(libxl_driver); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } /* Allocate bitmap for vnc port reservation */ @@ -806,12 +806,12 @@ libxlStateInitialize(bool privileged, virDomainObjListForEach(libxl_driver->domains, libxlDomainManagedSaveLoad, libxl_driver); - return 0; + return VIR_DRV_STATE_INIT_COMPLETE; error: VIR_FREE(driverConf); libxlStateCleanup(); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } static int diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c index d0b6703101..0baf18f3ef 100644 --- a/src/lxc/lxc_driver.c +++ b/src/lxc/lxc_driver.c @@ -1545,7 +1545,7 @@ static int lxcStateInitialize(bool privileged, /* Check that the user is root, silently disable if not */ if (!privileged) { VIR_INFO("Not running privileged, disabling driver"); - return 0; + return VIR_DRV_STATE_INIT_SKIPPED; } /* Check that this is a container enabled kernel */ @@ -1554,15 +1554,15 @@ static int lxcStateInitialize(bool privileged, VIR_PROCESS_NAMESPACE_UTS | VIR_PROCESS_NAMESPACE_IPC) < 0) { VIR_INFO("LXC support not available in this kernel, disabling driver"); - return 0; + return VIR_DRV_STATE_INIT_SKIPPED; } if (VIR_ALLOC(lxc_driver) < 0) - return -1; + return VIR_DRV_STATE_INIT_ERROR; lxc_driver->lockFD = -1; if (virMutexInit(&lxc_driver->lock) < 0) { VIR_FREE(lxc_driver); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } if (!(lxc_driver->domains = virDomainObjListNew())) @@ -1633,12 +1633,12 @@ static int lxcStateInitialize(bool privileged, virLXCProcessAutostartAll(lxc_driver); virObjectUnref(caps); - return 0; + return VIR_DRV_STATE_INIT_COMPLETE; cleanup: virObjectUnref(caps); lxcStateCleanup(); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } static void lxcNotifyLoadDomain(virDomainObjPtr vm, int newVM, void *opaque) diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c index 41fa89a4af..2b1fa59390 100644 --- a/src/network/bridge_driver.c +++ b/src/network/bridge_driver.c @@ -713,7 +713,7 @@ networkStateInitialize(bool privileged, virStateInhibitCallback callback ATTRIBUTE_UNUSED, void *opaque ATTRIBUTE_UNUSED) { - int ret = -1; + int ret = VIR_DRV_STATE_INIT_ERROR; char *configdir = NULL; char *rundir = NULL; #ifdef WITH_FIREWALLD @@ -847,7 +847,7 @@ networkStateInitialize(bool privileged, } #endif - ret = 0; + ret = VIR_DRV_STATE_INIT_COMPLETE; cleanup: VIR_FREE(configdir); VIR_FREE(rundir); diff --git a/src/node_device/node_device_hal.c b/src/node_device/node_device_hal.c index 1f3f867599..d46e4e98f3 100644 --- a/src/node_device/node_device_hal.c +++ b/src/node_device/node_device_hal.c @@ -599,7 +599,7 @@ nodeStateInitialize(bool privileged ATTRIBUTE_UNUSED, char **udi = NULL; int num_devs; size_t i; - int ret = -1; + int ret = VIR_DRV_STATE_INIT_ERROR; DBusConnection *sysbus; DBusError err; @@ -608,12 +608,12 @@ nodeStateInitialize(bool privileged ATTRIBUTE_UNUSED, cmpstringp); if (VIR_ALLOC(driver) < 0) - return -1; + return VIR_DRV_STATE_INIT_ERROR; driver->lockFD = -1; if (virMutexInit(&driver->lock) < 0) { VIR_FREE(driver); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } nodeDeviceLock(); @@ -648,7 +648,7 @@ nodeStateInitialize(bool privileged ATTRIBUTE_UNUSED, virReportError(VIR_ERR_INTERNAL_ERROR, _("DBus not available, disabling HAL driver: %s"), virGetLastErrorMessage()); - ret = 0; + ret = VIR_DRV_STATE_INIT_SKIPPED; goto failure; } @@ -671,7 +671,7 @@ nodeStateInitialize(bool privileged ATTRIBUTE_UNUSED, /* We don't want to show a fatal error here, otherwise entire libvirtd shuts down when hald isn't running */ - ret = 0; + ret = VIR_DRV_STATE_INIT_SKIPPED; goto failure; } @@ -709,7 +709,7 @@ nodeStateInitialize(bool privileged ATTRIBUTE_UNUSED, } VIR_FREE(udi); - return 0; + return VIR_DRV_STATE_INIT_COMPLETE; failure: if (dbus_error_is_set(&err)) { diff --git a/src/node_device/node_device_udev.c b/src/node_device/node_device_udev.c index 8bc63c506c..adf60e4537 100644 --- a/src/node_device/node_device_udev.c +++ b/src/node_device/node_device_udev.c @@ -1816,14 +1816,14 @@ nodeStateInitialize(bool privileged, virThread enumThread; if (VIR_ALLOC(driver) < 0) - return -1; + return VIR_DRV_STATE_INIT_ERROR; driver->lockFD = -1; if (virMutexInit(&driver->lock) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("Unable to initialize mutex")); VIR_FREE(driver); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } driver->privileged = privileged; @@ -1919,11 +1919,11 @@ nodeStateInitialize(bool privileged, goto cleanup; } - return 0; + return VIR_DRV_STATE_INIT_COMPLETE; cleanup: nodeStateCleanup(); - return -1; + return VIR_DRV_STATE_INIT_ERROR; unlock: virObjectUnlock(priv); diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c index 530e4f5872..6073143437 100644 --- a/src/nwfilter/nwfilter_driver.c +++ b/src/nwfilter/nwfilter_driver.c @@ -184,10 +184,10 @@ nwfilterStateInitialize(bool privileged, if (virDBusHasSystemBus() && !(sysbus = virDBusGetSystemBus())) - return -1; + return VIR_DRV_STATE_INIT_ERROR; if (VIR_ALLOC(driver) < 0) - return -1; + return VIR_DRV_STATE_INIT_ERROR; driver->lockFD = -1; if (virMutexInit(&driver->lock) < 0) @@ -201,7 +201,7 @@ nwfilterStateInitialize(bool privileged, goto error; if (!privileged) - return 0; + return VIR_DRV_STATE_INIT_SKIPPED; nwfilterDriverLock(); @@ -281,13 +281,13 @@ nwfilterStateInitialize(bool privileged, nwfilterDriverUnlock(); - return 0; + return VIR_DRV_STATE_INIT_COMPLETE; error: nwfilterDriverUnlock(); nwfilterStateCleanup(); - return -1; + return VIR_DRV_STATE_INIT_ERROR; err_techdrivers_shutdown: virNWFilterTechDriversShutdown(); @@ -302,7 +302,7 @@ nwfilterStateInitialize(bool privileged, virNWFilterObjListFree(driver->nwfilters); VIR_FREE(driver); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } /** diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 4ca3eb7bde..d4fc8bbbd6 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -730,7 +730,7 @@ qemuStateInitialize(bool privileged, size_t i; if (VIR_ALLOC(qemu_driver) < 0) - return -1; + return VIR_DRV_STATE_INIT_ERROR; qemu_driver->lockFD = -1; @@ -738,7 +738,7 @@ qemuStateInitialize(bool privileged, virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("cannot initialize mutex")); VIR_FREE(qemu_driver); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } qemu_driver->inhibitCallback = callback; @@ -1074,14 +1074,14 @@ qemuStateInitialize(bool privileged, qemuAutostartDomains(qemu_driver); - return 0; + return VIR_DRV_STATE_INIT_COMPLETE; error: VIR_FREE(driverConf); VIR_FREE(hugepagePath); VIR_FREE(memoryBackingPath); qemuStateCleanup(); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } static void qemuNotifyLoadDomain(virDomainObjPtr vm, int newVM, void *opaque) diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c index fadfc7c016..42c51c1329 100644 --- a/src/remote/remote_daemon.c +++ b/src/remote/remote_daemon.c @@ -792,6 +792,11 @@ static void daemonRunStateInit(void *opaque) { virNetDaemonPtr dmn = opaque; virIdentityPtr sysident = virIdentityGetSystem(); +#ifdef MODULE_NAME + bool mandatory = true; +#else /* ! MODULE_NAME */ + bool mandatory = false; +#endif /* ! MODULE_NAME */ virIdentitySetCurrent(sysident); @@ -804,6 +809,7 @@ static void daemonRunStateInit(void *opaque) * we're ready, since it can take a long time and this will * seriously delay OS bootup process */ if (virStateInitialize(virNetDaemonIsPrivileged(dmn), + mandatory, daemonInhibitCallback, dmn) < 0) { VIR_ERROR(_("Driver state initialization failed")); diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index 72c2336b7a..8e1024dca3 100644 --- a/src/remote/remote_driver.c +++ b/src/remote/remote_driver.c @@ -195,7 +195,7 @@ remoteStateInitialize(bool privileged ATTRIBUTE_UNUSED, * re-entering ourselves */ inside_daemon = true; - return 0; + return VIR_DRV_STATE_INIT_COMPLETE; } diff --git a/src/secret/secret_driver.c b/src/secret/secret_driver.c index 0af2bcef96..0d5ea05f56 100644 --- a/src/secret/secret_driver.c +++ b/src/secret/secret_driver.c @@ -457,12 +457,12 @@ secretStateInitialize(bool privileged, void *opaque ATTRIBUTE_UNUSED) { if (VIR_ALLOC(driver) < 0) - return -1; + return VIR_DRV_STATE_INIT_ERROR; driver->lockFD = -1; if (virMutexInit(&driver->lock) < 0) { VIR_FREE(driver); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } secretDriverLock(); @@ -514,12 +514,12 @@ secretStateInitialize(bool privileged, goto error; secretDriverUnlock(); - return 0; + return VIR_DRV_STATE_INIT_COMPLETE; error: secretDriverUnlock(); secretStateCleanup(); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } diff --git a/src/storage/storage_driver.c b/src/storage/storage_driver.c index 03ac6a6845..dfa654178b 100644 --- a/src/storage/storage_driver.c +++ b/src/storage/storage_driver.c @@ -255,12 +255,12 @@ storageStateInitialize(bool privileged, VIR_AUTOFREE(char *) rundir = NULL; if (VIR_ALLOC(driver) < 0) - return -1; + return VIR_DRV_STATE_INIT_ERROR; driver->lockFD = -1; if (virMutexInit(&driver->lock) < 0) { VIR_FREE(driver); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } storageDriverLock(); @@ -326,12 +326,12 @@ storageStateInitialize(bool privileged, storageDriverUnlock(); - return 0; + return VIR_DRV_STATE_INIT_COMPLETE; error: storageDriverUnlock(); storageStateCleanup(); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } /** diff --git a/src/vz/vz_driver.c b/src/vz/vz_driver.c index f5d05a7f43..da72b209d1 100644 --- a/src/vz/vz_driver.c +++ b/src/vz/vz_driver.c @@ -4118,36 +4118,36 @@ vzStateInitialize(bool privileged, void *opaque ATTRIBUTE_UNUSED) { if (!privileged) - return 0; + return VIR_DRV_STATE_INIT_SKIPPED; vz_driver_privileged = privileged; if (virFileMakePathWithMode(VZ_STATEDIR, S_IRWXU) < 0) { virReportSystemError(errno, _("cannot create state directory '%s'"), VZ_STATEDIR); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } if ((vz_driver_lock_fd = virPidFileAcquire(VZ_STATEDIR, "driver", false, getpid())) < 0) - return -1; + return VIR_DRV_STATE_INIT_ERROR; if (prlsdkInit() < 0) { VIR_DEBUG("%s", _("Can't initialize Parallels SDK")); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } - if (virMutexInit(&vz_driver_lock) < 0) + if (virMutexInit(&vz_driver_lock) < 0) goto error; /* Failing to create driver here is not fatal and only means * that next driver client will try once more when connecting */ vz_driver = vzDriverObjNew(); - return 0; + return VIR_DRV_STATE_INIT_COMPLETE; error: vzStateCleanup(); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } static virStateDriver vzStateDriver = { -- 2.21.0

On Tue, 2019-07-30 at 12:59 +0200, Christophe de Dinechin wrote: [... 163 lines removed ...] Most functions in libvirt either succeed (0) or fail (-1), but in some cases we need to be able to tell apart different reasons for the failure and so, accordingly, we return different negative numbers: that doesn't mean that every single caller of those functions will care about the specific failure cause, so the <0 check might still be perfectly fine even in those cases. Here we have a small number of named return codes, so I agree with Dan's approach: comparing by name instead of just checking whether the return value is negative looks a bit cleaner. [... 469 lines removed ...] Meta: can you please trim the parts of the original message that you're not specifically replying to? In this particularly egregious case, less than 10% of the message was actual content rather than noise. Please be considerate to list subscribers and make sure they don't have to waste time and bandwidth fetching additional, unrelated text just so they can then waste even more time scrolling past them before getting to your actual reply. -- Andrea Bolognani / Red Hat / Virtualization

Daniel P. Berrangé writes: "weird" Had to learn a new word, "prancing" :-) Note that prancing unicorns are surrounded by a swarm of daemons. Not sure they will like it. Just saying. Reviewed-by: Christophe de Dinechin <dinechin(a)redhat.com&gt; -- Cheers, Christophe de Dinechin (IRC c3d)

The virtsecretd daemon will be responsible for providing the secret API driver functionality. The secret driver is still loaded by the main libvirtd daemon at this stage, so virtsecretd must not be running at the same time. Reviewed-by: Andrea Bolognani <abologna(a)redhat.com&gt; Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- .gitignore | 4 ++ libvirt.spec.in | 8 ++++ src/secret/Makefile.inc.am | 62 +++++++++++++++++++++++++++++++ src/secret/virtsecretd.service.in | 24 ++++++++++++ 4 files changed, 98 insertions(+) create mode 100644 src/secret/virtsecretd.service.in diff --git a/.gitignore b/.gitignore index 05bc166860..162b017c4a 100644 --- a/.gitignore +++ b/.gitignore @@ -166,12 +166,16 @@ /src/remote/virtproxyd.conf /src/rpc/virkeepaliveprotocol.[ch] /src/rpc/virnetprotocol.[ch] +/src/secret/test_virtsecretd.aug +/src/secret/virtsecretd.aug +/src/secret/virtsecretd.conf /src/util/virkeycodetable*.h /src/util/virkeynametable*.h /src/virt-aa-helper /src/virtlockd /src/virtlogd /src/virtproxyd +/src/virtsecretd /src/virt-guest-shutdown.target /tests/*.log /tests/*.pid diff --git a/libvirt.spec.in b/libvirt.spec.in index c7f276b2bc..7eeb2b4f07 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1634,6 +1634,14 @@ exit 0 %{_libdir}/%{name}/connection-driver/libvirt_driver_nwfilter.so %files daemon-driver-secret +%config(noreplace) %{_sysconfdir}/libvirt/virtsecretd.conf +%{_datadir}/augeas/lenses/virtsecretd.aug +%{_datadir}/augeas/lenses/tests/test_virtsecretd.aug +%{_unitdir}/virtsecretd.service +%{_unitdir}/virtsecretd.socket +%{_unitdir}/virtsecretd-ro.socket +%{_unitdir}/virtsecretd-admin.socket +%attr(0755, root, root) %{_sbindir}/virtsecretd %{_libdir}/%{name}/connection-driver/libvirt_driver_secret.so %files daemon-driver-storage diff --git a/src/secret/Makefile.inc.am b/src/secret/Makefile.inc.am index 7a1c8f8e1a..5535fc5862 100644 --- a/src/secret/Makefile.inc.am +++ b/src/secret/Makefile.inc.am @@ -37,4 +37,66 @@ libvirt_driver_secret_la_LIBADD = \ $(NULL) libvirt_driver_secret_la_LDFLAGS = $(AM_LDFLAGS_MOD_NOUNDEF) libvirt_driver_secret_la_SOURCES = $(SECRET_DRIVER_SOURCES) + +sbin_PROGRAMS += virtsecretd + +nodist_conf_DATA += secret/virtsecretd.conf +augeas_DATA += secret/virtsecretd.aug +augeastest_DATA += secret/test_virtsecretd.aug +CLEANFILES += secret/virtsecretd.aug + +virtsecretd_SOURCES = $(REMOTE_DAEMON_SOURCES) +virtsecretd_CFLAGS = \ + $(REMOTE_DAEMON_CFLAGS) \ + -DDAEMON_NAME="\"virtsecretd\"" \ + -DMODULE_NAME="\"secret\"" \ + $(NULL) +virtsecretd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) +virtsecretd_LDADD = $(REMOTE_DAEMON_LD_ADD) + +SYSTEMD_UNIT_FILES += \ + virtsecretd.service \ + virtsecretd.socket \ + virtsecretd-ro.socket \ + virtsecretd-admin.socket \ + $(NULL) +SYSTEMD_UNIT_FILES_IN += \ + secret/virtsecretd.service.in \ + $(NULL) + +VIRTSECRETD_UNIT_VARS = \ + $(VIRTD_UNIT_VARS) \ + -e 's|[@]name[@]|Libvirt secret|g' \ + -e 's|[@]service[@]|virtsecretd|g' \ + -e 's|[@]sockprefix[@]|virtsecretd|g' \ + $(NULL) + +virtsecretd.service: secret/virtsecretd.service.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTSECRETD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +virtsecret%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTSECRETD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +secret/virtsecretd.conf: remote/libvirtd.conf.in + $(AM_V_GEN)sed \ + -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \ + -e 's/[@]DAEMON_NAME[@]/virtsecretd/' \ + < $^ > $@ + +secret/virtsecretd.aug: remote/libvirtd.aug.in + $(AM_V_GEN)$(SED) \ + -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \ + -e 's/[@]DAEMON_NAME[@]/virtsecretd/' \ + -e 's/[@]DAEMON_NAME_UC[@]/Virtsecretd/' \ + $< > $@ + +secret/test_virtsecretd.aug: remote/test_libvirtd.aug.in \ + secret/virtsecretd.conf $(AUG_GENTEST) + $(AM_V_GEN)$(AUG_GENTEST) secret/virtsecretd.conf \ + $(srcdir)/remote/test_libvirtd.aug.in | \ + $(SED) -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \ + -e 's/[@]DAEMON_NAME[@]/virtsecretd/' \ + -e 's/[@]DAEMON_NAME_UC[@]/Virtsecretd/' \ + > $@ || rm -f $@ + endif WITH_SECRETS diff --git a/src/secret/virtsecretd.service.in b/src/secret/virtsecretd.service.in new file mode 100644 index 0000000000..00cdc26b97 --- /dev/null +++ b/src/secret/virtsecretd.service.in @@ -0,0 +1,24 @@ +[Unit] +Description=Virtualization secret daemon +Conflicts=libvirtd.service +Requires=virtsecretd.socket +Requires=virtsecretd-ro.socket +Requires=virtsecretd-admin.socket +After=network.target +After=dbus.service +After=apparmor.service +After=local-fs.target +Documentation=man:libvirtd(8) +Documentation=https://libvirt.org + +[Service] +Type=notify +ExecStart=@sbindir@/virtsecretd --timeout 120 +ExecReload=/bin/kill -HUP $MAINPID +Restart=on-failure + +[Install] +WantedBy=multi-user.target +Also=virtsecretd.socket +Also=virtsecretd-ro.socket +Also=virtsecretd-admin.socket -- 2.21.0

The virtnetworkd daemon will be responsible for providing the network API driver functionality. The network driver is still loaded by the main libvirtd daemon at this stage, so virtnetworkd must not be running at the same time. Reviewed-by: Andrea Bolognani <abologna(a)redhat.com&gt; Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- .gitignore | 4 ++ libvirt.spec.in | 8 ++++ src/network/Makefile.inc.am | 61 +++++++++++++++++++++++++++++ src/network/virtnetworkd.service.in | 25 ++++++++++++ 4 files changed, 98 insertions(+) create mode 100644 src/network/virtnetworkd.service.in diff --git a/.gitignore b/.gitignore index 162b017c4a..4101bb4564 100644 --- a/.gitignore +++ b/.gitignore @@ -154,6 +154,9 @@ /src/lxc/lxc_monitor_protocol.h /src/lxc/lxc_protocol.[ch] /src/lxc/test_libvirtd_lxc.aug +/src/network/test_virtnetworkd.aug +/src/network/virtnetworkd.aug +/src/network/virtnetworkd.conf /src/qemu/test_libvirtd_qemu.aug /src/remote/*_client_bodies.h /src/remote/*_protocol.[ch] @@ -174,6 +177,7 @@ /src/virt-aa-helper /src/virtlockd /src/virtlogd +/src/virtnetworkd /src/virtproxyd /src/virtsecretd /src/virt-guest-shutdown.target diff --git a/libvirt.spec.in b/libvirt.spec.in index 7eeb2b4f07..52a671d908 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1612,6 +1612,14 @@ exit 0 %{_libdir}/%{name}/connection-driver/libvirt_driver_interface.so %files daemon-driver-network +%config(noreplace) %{_sysconfdir}/libvirt/virtnetworkd.conf +%{_datadir}/augeas/lenses/virtnetworkd.aug +%{_datadir}/augeas/lenses/tests/test_virtnetworkd.aug +%{_unitdir}/virtnetworkd.service +%{_unitdir}/virtnetworkd.socket +%{_unitdir}/virtnetworkd-ro.socket +%{_unitdir}/virtnetworkd-admin.socket +%attr(0755, root, root) %{_sbindir}/virtnetworkd %dir %attr(0700, root, root) %{_sysconfdir}/libvirt/qemu/ %dir %attr(0700, root, root) %{_sysconfdir}/libvirt/qemu/networks/ %dir %attr(0700, root, root) %{_sysconfdir}/libvirt/qemu/networks/autostart diff --git a/src/network/Makefile.inc.am b/src/network/Makefile.inc.am index 23cf39b6f4..672142452e 100644 --- a/src/network/Makefile.inc.am +++ b/src/network/Makefile.inc.am @@ -49,6 +49,67 @@ libvirt_driver_network_impl_la_CFLAGS = \ libvirt_driver_network_impl_la_SOURCES = $(NETWORK_DRIVER_SOURCES) libvirt_driver_network_impl_la_LIBADD = $(DBUS_LIBS) $(LIBXML_LIBS) +sbin_PROGRAMS += virtnetworkd + +nodist_conf_DATA += network/virtnetworkd.conf +augeas_DATA += network/virtnetworkd.aug +augeastest_DATA += network/test_virtnetworkd.aug +CLEANFILES += network/virtnetworkd.aug + +virtnetworkd_SOURCES = $(REMOTE_DAEMON_SOURCES) +virtnetworkd_CFLAGS = \ + $(REMOTE_DAEMON_CFLAGS) \ + -DDAEMON_NAME="\"virtnetworkd\"" \ + -DMODULE_NAME="\"network\"" \ + $(NULL) +virtnetworkd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) +virtnetworkd_LDADD = $(REMOTE_DAEMON_LD_ADD) + +SYSTEMD_UNIT_FILES += \ + virtnetworkd.service \ + virtnetworkd.socket \ + virtnetworkd-ro.socket \ + virtnetworkd-admin.socket \ + $(NULL) +SYSTEMD_UNIT_FILES_IN += \ + network/virtnetworkd.service.in \ + $(NULL) + +VIRTNETWORKD_UNIT_VARS = \ + $(VIRTD_UNIT_VARS) \ + -e 's|[@]name[@]|Libvirt network|g' \ + -e 's|[@]service[@]|virtnetworkd|g' \ + -e 's|[@]sockprefix[@]|virtnetworkd|g' \ + $(NULL) + +virtnetworkd.service: network/virtnetworkd.service.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTNETWORKD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +virtnetwork%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTNETWORKD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +network/virtnetworkd.conf: remote/libvirtd.conf.in + $(AM_V_GEN)sed \ + -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \ + -e 's/[@]DAEMON_NAME[@]/virtnetworkd/' \ + < $^ > $@ + +network/virtnetworkd.aug: remote/libvirtd.aug.in + $(AM_V_GEN)$(SED) \ + -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \ + -e 's/[@]DAEMON_NAME[@]/virtnetworkd/' \ + -e 's/[@]DAEMON_NAME_UC[@]/Virtnetworkd/' \ + $< > $@ + +network/test_virtnetworkd.aug: remote/test_libvirtd.aug.in \ + network/virtnetworkd.conf $(AUG_GENTEST) + $(AM_V_GEN)$(AUG_GENTEST) network/virtnetworkd.conf \ + $(srcdir)/remote/test_libvirtd.aug.in | \ + $(SED) -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \ + -e 's/[@]DAEMON_NAME[@]/virtnetworkd/' \ + -e 's/[@]DAEMON_NAME_UC[@]/Virtnetworkd/' \ + > $@ || rm -f $@ + libexec_PROGRAMS += libvirt_leaseshelper libvirt_leaseshelper_SOURCES = $(NETWORK_LEASES_HELPER_SOURCES) libvirt_leaseshelper_LDFLAGS = \ diff --git a/src/network/virtnetworkd.service.in b/src/network/virtnetworkd.service.in new file mode 100644 index 0000000000..656e8b4f84 --- /dev/null +++ b/src/network/virtnetworkd.service.in @@ -0,0 +1,25 @@ +[Unit] +Description=Virtualization network daemon +Conflicts=libvirtd.service +Requires=virtnetworkd.socket +Requires=virtnetworkd-ro.socket +Requires=virtnetworkd-admin.socket +After=network.target +After=dbus.service +After=apparmor.service +After=local-fs.target +Documentation=man:libvirtd(8) +Documentation=https://libvirt.org + +[Service] +Type=notify +ExecStart=@sbindir@/virtnetworkd --timeout 120 +ExecReload=/bin/kill -HUP $MAINPID +Restart=on-failure +KillMode=process + +[Install] +WantedBy=multi-user.target +Also=virtnetworkd.socket +Also=virtnetworkd-ro.socket +Also=virtnetworkd-admin.socket -- 2.21.0

On Tue, Jul 30, 2019 at 01:08:53PM +0200, Christophe de Dinechin wrote: Yes, I need to figure out a way to auto-generate the man page for each daemon with irrelevant content stripped. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

On Tue, Jul 30, 2019 at 02:52:14PM +0200, Christophe de Dinechin wrote: Yes, some cli parameters are not valid with the new daemons, so we need to trim those out of the man Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Daniel P. Berrangé writes: Provide its own man page? Reviewed-by: Christophe de Dinechin <dinechin(a)redhat.com&gt; -- Cheers, Christophe de Dinechin (IRC c3d)

Daniel P. Berrangé writes: Reviewed-by: Christophe de Dinechin <dinechin(a)redhat.com&gt; -- Cheers, Christophe de Dinechin (IRC c3d)

The virtnwfilterd daemon will be responsible for providing the nwfilter API driver functionality. The nwfilter driver is still loaded by the main libvirtd daemon at this stage, so virtnwfilterd must not be running at the same time. Reviewed-by: Andrea Bolognani <abologna(a)redhat.com&gt; Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- .gitignore | 4 ++ libvirt.spec.in | 8 ++++ src/nwfilter/Makefile.inc.am | 62 +++++++++++++++++++++++++++ src/nwfilter/virtnwfilterd.service.in | 24 +++++++++++ 4 files changed, 98 insertions(+) create mode 100644 src/nwfilter/virtnwfilterd.service.in diff --git a/.gitignore b/.gitignore index ada72fd618..b93fd1b044 100644 --- a/.gitignore +++ b/.gitignore @@ -163,6 +163,9 @@ /src/node_device/test_virtnodedevd.aug /src/node_device/virtnodedevd.aug /src/node_device/virtnodedevd.conf +/src/nwfilter/test_virtnwfilterd.aug +/src/nwfilter/virtnwfilterd.aug +/src/nwfilter/virtnwfilterd.conf /src/qemu/test_libvirtd_qemu.aug /src/remote/*_client_bodies.h /src/remote/*_protocol.[ch] @@ -189,6 +192,7 @@ /src/virtlogd /src/virtnetworkd /src/virtnodedevd +/src/virtnwfilterd /src/virtproxyd /src/virtsecretd /src/virtstoraged diff --git a/libvirt.spec.in b/libvirt.spec.in index 7519ebebcf..3c0194df29 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1653,6 +1653,14 @@ exit 0 %{_libdir}/%{name}/connection-driver/libvirt_driver_nodedev.so %files daemon-driver-nwfilter +%config(noreplace) %{_sysconfdir}/libvirt/virtnwfilterd.conf +%{_datadir}/augeas/lenses/virtnwfilterd.aug +%{_datadir}/augeas/lenses/tests/test_virtnwfilterd.aug +%{_unitdir}/virtnwfilterd.service +%{_unitdir}/virtnwfilterd.socket +%{_unitdir}/virtnwfilterd-ro.socket +%{_unitdir}/virtnwfilterd-admin.socket +%attr(0755, root, root) %{_sbindir}/virtnwfilterd %dir %attr(0700, root, root) %{_sysconfdir}/libvirt/nwfilter/ %ghost %dir %{_localstatedir}/run/libvirt/network/ %{_libdir}/%{name}/connection-driver/libvirt_driver_nwfilter.so diff --git a/src/nwfilter/Makefile.inc.am b/src/nwfilter/Makefile.inc.am index 810ca54bcc..5c5e636ccc 100644 --- a/src/nwfilter/Makefile.inc.am +++ b/src/nwfilter/Makefile.inc.am @@ -41,4 +41,66 @@ libvirt_driver_nwfilter_impl_la_LIBADD = \ ../gnulib/lib/libgnu.la \ $(NULL) libvirt_driver_nwfilter_impl_la_SOURCES = $(NWFILTER_DRIVER_SOURCES) + +sbin_PROGRAMS += virtnwfilterd + +nodist_conf_DATA += nwfilter/virtnwfilterd.conf +augeas_DATA += nwfilter/virtnwfilterd.aug +augeastest_DATA += nwfilter/test_virtnwfilterd.aug +CLEANFILES += nwfilter/virtnwfilterd.aug + +virtnwfilterd_SOURCES = $(REMOTE_DAEMON_SOURCES) +virtnwfilterd_CFLAGS = \ + $(REMOTE_DAEMON_CFLAGS) \ + -DDAEMON_NAME="\"virtnwfilterd\"" \ + -DMODULE_NAME="\"nwfilter\"" \ + $(NULL) +virtnwfilterd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) +virtnwfilterd_LDADD = $(REMOTE_DAEMON_LD_ADD) + +SYSTEMD_UNIT_FILES += \ + virtnwfilterd.service \ + virtnwfilterd.socket \ + virtnwfilterd-ro.socket \ + virtnwfilterd-admin.socket \ + $(NULL) +SYSTEMD_UNIT_FILES_IN += \ + nwfilter/virtnwfilterd.service.in \ + $(NULL) + +VIRTNWFILTERD_UNIT_VARS = \ + $(VIRTD_UNIT_VARS) \ + -e 's|[@]name[@]|Libvirt nwfilter|g' \ + -e 's|[@]service[@]|virtnwfilterd|g' \ + -e 's|[@]sockprefix[@]|virtnwfilterd|g' \ + $(NULL) + +virtnwfilterd.service: nwfilter/virtnwfilterd.service.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTNWFILTERD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +virtnwfilter%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTNWFILTERD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +nwfilter/virtnwfilterd.conf: remote/libvirtd.conf.in + $(AM_V_GEN)sed \ + -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \ + -e 's/[@]DAEMON_NAME[@]/virtnwfilterd/' \ + < $^ > $@ + +nwfilter/virtnwfilterd.aug: remote/libvirtd.aug.in + $(AM_V_GEN)$(SED) \ + -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \ + -e 's/[@]DAEMON_NAME[@]/virtnwfilterd/' \ + -e 's/[@]DAEMON_NAME_UC[@]/Virtnwfilterd/' \ + $< > $@ + +nwfilter/test_virtnwfilterd.aug: remote/test_libvirtd.aug.in \ + nwfilter/virtnwfilterd.conf $(AUG_GENTEST) + $(AM_V_GEN)$(AUG_GENTEST) nwfilter/virtnwfilterd.conf \ + $(srcdir)/remote/test_libvirtd.aug.in | \ + $(SED) -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \ + -e 's/[@]DAEMON_NAME[@]/virtnwfilterd/' \ + -e 's/[@]DAEMON_NAME_UC[@]/Virtnwfilterd/' \ + > $@ || rm -f $@ + endif WITH_NWFILTER diff --git a/src/nwfilter/virtnwfilterd.service.in b/src/nwfilter/virtnwfilterd.service.in new file mode 100644 index 0000000000..57c2fafe43 --- /dev/null +++ b/src/nwfilter/virtnwfilterd.service.in @@ -0,0 +1,24 @@ +[Unit] +Description=Virtualization nwfilter daemon +Conflicts=libvirtd.service +Requires=virtnwfilterd.socket +Requires=virtnwfilterd-ro.socket +Requires=virtnwfilterd-admin.socket +After=network.target +After=dbus.service +After=apparmor.service +After=local-fs.target +Documentation=man:libvirtd(8) +Documentation=https://libvirt.org + +[Service] +Type=notify +ExecStart=@sbindir@/virtnwfilterd --timeout 120 +ExecReload=/bin/kill -HUP $MAINPID +Restart=on-failure + +[Install] +WantedBy=multi-user.target +Also=virtnwfilterd.socket +Also=virtnwfilterd-ro.socket +Also=virtnwfilterd-admin.socket -- 2.21.0

The virtqemud daemon will be responsible for providing the qemu API driver functionality. The qemu driver is still loaded by the main libvirtd daemon at this stage, so virtqemud must not be running at the same time. Reviewed-by: Andrea Bolognani <abologna(a)redhat.com&gt; Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- .gitignore | 4 +++ libvirt.spec.in | 8 +++++ src/qemu/Makefile.inc.am | 61 +++++++++++++++++++++++++++++++++++ src/qemu/virtqemud.service.in | 40 +++++++++++++++++++++++ 4 files changed, 113 insertions(+) create mode 100644 src/qemu/virtqemud.service.in diff --git a/.gitignore b/.gitignore index 1c746cec44..d23ffa94f0 100644 --- a/.gitignore +++ b/.gitignore @@ -170,6 +170,9 @@ /src/nwfilter/virtnwfilterd.aug /src/nwfilter/virtnwfilterd.conf /src/qemu/test_libvirtd_qemu.aug +/src/qemu/test_virtqemud.aug +/src/qemu/virtqemud.aug +/src/qemu/virtqemud.conf /src/remote/*_client_bodies.h /src/remote/*_protocol.[ch] /src/remote/*_stubs.h @@ -198,6 +201,7 @@ /src/virtnodedevd /src/virtnwfilterd /src/virtproxyd +/src/virtqemud /src/virtsecretd /src/virtstoraged /src/virt-guest-shutdown.target diff --git a/libvirt.spec.in b/libvirt.spec.in index a9d12faa2a..f86b0212c7 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1735,6 +1735,14 @@ exit 0 %if %{with_qemu} %files daemon-driver-qemu +%config(noreplace) %{_sysconfdir}/libvirt/virtqemud.conf +%{_datadir}/augeas/lenses/virtqemud.aug +%{_datadir}/augeas/lenses/tests/test_virtqemud.aug +%{_unitdir}/virtqemud.service +%{_unitdir}/virtqemud.socket +%{_unitdir}/virtqemud-ro.socket +%{_unitdir}/virtqemud-admin.socket +%attr(0755, root, root) %{_sbindir}/virtqemud %dir %attr(0700, root, root) %{_sysconfdir}/libvirt/qemu/ %dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/qemu/ %config(noreplace) %{_sysconfdir}/libvirt/qemu.conf diff --git a/src/qemu/Makefile.inc.am b/src/qemu/Makefile.inc.am index 12236a9e7b..215283cecd 100644 --- a/src/qemu/Makefile.inc.am +++ b/src/qemu/Makefile.inc.am @@ -112,6 +112,67 @@ CLEANFILES += \ endif WITH_DTRACE_PROBES +sbin_PROGRAMS += virtqemud + +nodist_conf_DATA += qemu/virtqemud.conf +augeas_DATA += qemu/virtqemud.aug +augeastest_DATA += qemu/test_virtqemud.aug +CLEANFILES += qemu/virtqemud.aug + +virtqemud_SOURCES = $(REMOTE_DAEMON_SOURCES) +virtqemud_CFLAGS = \ + $(REMOTE_DAEMON_CFLAGS) \ + -DDAEMON_NAME="\"virtqemud\"" \ + -DMODULE_NAME="\"qemu\"" \ + $(NULL) +virtqemud_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) +virtqemud_LDADD = $(REMOTE_DAEMON_LD_ADD) + +SYSTEMD_UNIT_FILES += \ + virtqemud.service \ + virtqemud.socket \ + virtqemud-ro.socket \ + virtqemud-admin.socket \ + $(NULL) +SYSTEMD_UNIT_FILES_IN += \ + qemu/virtqemud.service.in \ + $(NULL) + +VIRTQEMUD_UNIT_VARS = \ + $(VIRTD_UNIT_VARS) \ + -e 's|[@]name[@]|Libvirt qemu|g' \ + -e 's|[@]service[@]|virtqemud|g' \ + -e 's|[@]sockprefix[@]|virtqemud|g' \ + $(NULL) + +virtqemud.service: qemu/virtqemud.service.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTQEMUD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +virtqemu%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTQEMUD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +qemu/virtqemud.conf: remote/libvirtd.conf.in + $(AM_V_GEN)sed \ + -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \ + -e 's/[@]DAEMON_NAME[@]/virtqemud/' \ + < $^ > $@ + +qemu/virtqemud.aug: remote/libvirtd.aug.in + $(AM_V_GEN)$(SED) \ + -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \ + -e 's/[@]DAEMON_NAME[@]/virtqemud/' \ + -e 's/[@]DAEMON_NAME_UC[@]/Virtqemud/' \ + $< > $@ + +qemu/test_virtqemud.aug: remote/test_libvirtd.aug.in \ + qemu/virtqemud.conf $(AUG_GENTEST) + $(AM_V_GEN)$(AUG_GENTEST) qemu/virtqemud.conf \ + $(srcdir)/remote/test_libvirtd.aug.in | \ + $(SED) -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \ + -e 's/[@]DAEMON_NAME[@]/virtqemud/' \ + -e 's/[@]DAEMON_NAME_UC[@]/Virtqemud/' \ + > $@ || rm -f $@ + conf_DATA += qemu/qemu.conf augeas_DATA += qemu/libvirtd_qemu.aug diff --git a/src/qemu/virtqemud.service.in b/src/qemu/virtqemud.service.in new file mode 100644 index 0000000000..44eb2a2bf7 --- /dev/null +++ b/src/qemu/virtqemud.service.in @@ -0,0 +1,40 @@ +[Unit] +Description=Virtualization qemu daemon +Conflicts=libvirtd.service +Requires=virtqemud.socket +Requires=virtqemud-ro.socket +Requires=virtqemud-admin.socket +Wants=systemd-machined.service +Before=libvirt-guests.service +After=network.target +After=dbus.service +After=apparmor.service +After=local-fs.target +After=remote-fs.target +After=systemd-logind.service +After=systemd-machined.service +Documentation=man:libvirtd(8) +Documentation=https://libvirt.org + +[Service] +Type=notify +ExecStart=@sbindir@/virtqemud --timeout 120 +ExecReload=/bin/kill -HUP $MAINPID +KillMode=process +Restart=on-failure +# At least 1 FD per guest, often 2 (eg qemu monitor + qemu agent). +# eg if we want to support 4096 guests, we'll typically need 8192 FDs +# If changing this, also consider virtlogd.service & virtlockd.service +# limits which are also related to number of guests +LimitNOFILE=8192 +# The cgroups pids controller can limit the number of tasks started by +# the daemon, which can limit the number of domains for some hypervisors. +# A conservative default of 8 tasks per guest results in a TasksMax of +# 32k to support 4096 guests. +TasksMax=32768 + +[Install] +WantedBy=multi-user.target +Also=virtqemud.socket +Also=virtqemud-ro.socket +Also=virtqemud-admin.socket -- 2.21.0

The virtvboxd daemon will be responsible for providing the vbox API driver functionality. The vbox driver is still loaded by the main libvirtd daemon at this stage, so virtvboxd must not be running at the same time. Reviewed-by: Andrea Bolognani <abologna(a)redhat.com&gt; Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- .gitignore | 4 +++ libvirt.spec.in | 8 +++++ src/vbox/Makefile.inc.am | 62 +++++++++++++++++++++++++++++++++++ src/vbox/virtvboxd.service.in | 25 ++++++++++++++ 4 files changed, 99 insertions(+) create mode 100644 src/vbox/virtvboxd.service.in diff --git a/.gitignore b/.gitignore index d279c7bc1f..a23828cce6 100644 --- a/.gitignore +++ b/.gitignore @@ -195,6 +195,9 @@ /src/storage/virtstoraged.conf /src/util/virkeycodetable*.h /src/util/virkeynametable*.h +/src/vbox/test_virtvboxd.aug +/src/vbox/virtvboxd.aug +/src/vbox/virtvboxd.conf /src/virt-aa-helper /src/virtinterfaced /src/virtxend @@ -208,6 +211,7 @@ /src/virtqemud /src/virtsecretd /src/virtstoraged +/src/virtvboxd /src/virt-guest-shutdown.target /tests/*.log /tests/*.pid diff --git a/libvirt.spec.in b/libvirt.spec.in index 81fc1481e0..c1da28892a 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1802,6 +1802,14 @@ exit 0 %if %{with_vbox} %files daemon-driver-vbox +%config(noreplace) %{_sysconfdir}/libvirt/virtvboxd.conf +%{_datadir}/augeas/lenses/virtvboxd.aug +%{_datadir}/augeas/lenses/tests/test_virtvboxd.aug +%{_unitdir}/virtvboxd.service +%{_unitdir}/virtvboxd.socket +%{_unitdir}/virtvboxd-ro.socket +%{_unitdir}/virtvboxd-admin.socket +%attr(0755, root, root) %{_sbindir}/virtvboxd %{_libdir}/%{name}/connection-driver/libvirt_driver_vbox.so %endif diff --git a/src/vbox/Makefile.inc.am b/src/vbox/Makefile.inc.am index 95407778f7..74f274eb6a 100644 --- a/src/vbox/Makefile.inc.am +++ b/src/vbox/Makefile.inc.am @@ -63,4 +63,66 @@ libvirt_driver_vbox_impl_la_LIBADD = \ $(LIBXML_LIBS) \ $(NULL) libvirt_driver_vbox_impl_la_SOURCES = $(VBOX_DRIVER_SOURCES) + +sbin_PROGRAMS += virtvboxd + +nodist_conf_DATA += vbox/virtvboxd.conf +augeas_DATA += vbox/virtvboxd.aug +augeastest_DATA += vbox/test_virtvboxd.aug +CLEANFILES += vbox/virtvboxd.aug + +virtvboxd_SOURCES = $(REMOTE_DAEMON_SOURCES) +virtvboxd_CFLAGS = \ + $(REMOTE_DAEMON_CFLAGS) \ + -DDAEMON_NAME="\"virtvboxd\"" \ + -DMODULE_NAME="\"vbox\"" \ + $(NULL) +virtvboxd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) +virtvboxd_LDADD = $(REMOTE_DAEMON_LD_ADD) + +SYSTEMD_UNIT_FILES += \ + virtvboxd.service \ + virtvboxd.socket \ + virtvboxd-ro.socket \ + virtvboxd-admin.socket \ + $(NULL) +SYSTEMD_UNIT_FILES_IN += \ + vbox/virtvboxd.service.in \ + $(NULL) + +VIRTVBOXD_UNIT_VARS = \ + $(VIRTD_UNIT_VARS) \ + -e 's|[@]name[@]|Libvirt vbox|g' \ + -e 's|[@]service[@]|virtvboxd|g' \ + -e 's|[@]sockprefix[@]|virtvboxd|g' \ + $(NULL) + +virtvboxd.service: vbox/virtvboxd.service.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTVBOXD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +virtvbox%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTVBOXD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +vbox/virtvboxd.conf: remote/libvirtd.conf.in + $(AM_V_GEN)sed \ + -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \ + -e 's/[@]DAEMON_NAME[@]/virtvboxd/' \ + < $^ > $@ + +vbox/virtvboxd.aug: remote/libvirtd.aug.in + $(AM_V_GEN)$(SED) \ + -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \ + -e 's/[@]DAEMON_NAME[@]/virtvboxd/' \ + -e 's/[@]DAEMON_NAME_UC[@]/Virtvboxd/' \ + $< > $@ + +vbox/test_virtvboxd.aug: remote/test_libvirtd.aug.in \ + vbox/virtvboxd.conf $(AUG_GENTEST) + $(AM_V_GEN)$(AUG_GENTEST) vbox/virtvboxd.conf \ + $(srcdir)/remote/test_libvirtd.aug.in | \ + $(SED) -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \ + -e 's/[@]DAEMON_NAME[@]/virtvboxd/' \ + -e 's/[@]DAEMON_NAME_UC[@]/Virtvboxd/' \ + > $@ || rm -f $@ + endif WITH_VBOX diff --git a/src/vbox/virtvboxd.service.in b/src/vbox/virtvboxd.service.in new file mode 100644 index 0000000000..7e0f7518d6 --- /dev/null +++ b/src/vbox/virtvboxd.service.in @@ -0,0 +1,25 @@ +[Unit] +Description=Virtualization vbox daemon +Conflicts=libvirtd.service +Requires=virtvboxd.socket +Requires=virtvboxd-ro.socket +Requires=virtvboxd-admin.socket +After=network.target +After=dbus.service +After=apparmor.service +After=local-fs.target +After=remote-fs.target +Documentation=man:libvirtd(8) +Documentation=https://libvirt.org + +[Service] +Type=notify +ExecStart=@sbindir@/virtvboxd --timeout 120 +ExecReload=/bin/kill -HUP $MAINPID +Restart=on-failure + +[Install] +WantedBy=multi-user.target +Also=virtvboxd.socket +Also=virtvboxd-ro.socket +Also=virtvboxd-admin.socket -- 2.21.0

The virtvzd daemon will be responsible for providing the vz API driver functionality. The vz driver is still loaded by the main libvirtd daemon at this stage, so virtvzd must not be running at the same time. Reviewed-by: Andrea Bolognani <abologna(a)redhat.com&gt; Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- .gitignore | 4 +++ src/vz/Makefile.inc.am | 62 +++++++++++++++++++++++++++++++++++++++ src/vz/virtvzd.service.in | 25 ++++++++++++++++ 3 files changed, 91 insertions(+) create mode 100644 src/vz/virtvzd.service.in diff --git a/.gitignore b/.gitignore index 4e46adaa55..e35a3409f2 100644 --- a/.gitignore +++ b/.gitignore @@ -216,7 +216,11 @@ /src/virtsecretd /src/virtstoraged /src/virtvboxd +/src/virtvzd /src/virt-guest-shutdown.target +/src/vz/test_virtvzd.aug +/src/vz/virtvzd.aug +/src/vz/virtvzd.conf /tests/*.log /tests/*.pid /tests/*.trs diff --git a/src/vz/Makefile.inc.am b/src/vz/Makefile.inc.am index a3a146c627..0176586d4c 100644 --- a/src/vz/Makefile.inc.am +++ b/src/vz/Makefile.inc.am @@ -37,4 +37,66 @@ libvirt_driver_vz_impl_la_LIBADD = \ $(PARALLELS_SDK_LIBS) \ $(LIBNL_LIBS) \ $(NULL) + +sbin_PROGRAMS += virtvzd + +nodist_conf_DATA += vz/virtvzd.conf +augeas_DATA += vz/virtvzd.aug +augeastest_DATA += vz/test_virtvzd.aug +CLEANFILES += vz/virtvzd.aug + +virtvzd_SOURCES = $(REMOTE_DAEMON_SOURCES) +virtvzd_CFLAGS = \ + $(REMOTE_DAEMON_CFLAGS) \ + -DDAEMON_NAME="\"virtvzd\"" \ + -DMODULE_NAME="\"vz\"" \ + $(NULL) +virtvzd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) +virtvzd_LDADD = $(REMOTE_DAEMON_LD_ADD) + +SYSTEMD_UNIT_FILES += \ + virtvzd.service \ + virtvzd.socket \ + virtvzd-ro.socket \ + virtvzd-admin.socket \ + $(NULL) +SYSTEMD_UNIT_FILES_IN += \ + vz/virtvzd.service.in \ + $(NULL) + +VIRTVZD_UNIT_VARS = \ + $(VIRTD_UNIT_VARS) \ + -e 's|[@]name[@]|Libvirt vz|g' \ + -e 's|[@]service[@]|virtvzd|g' \ + -e 's|[@]sockprefix[@]|virtvzd|g' \ + $(NULL) + +virtvzd.service: vz/virtvzd.service.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTVZD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +virtvz%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTVZD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +vz/virtvzd.conf: remote/libvirtd.conf.in + $(AM_V_GEN)sed \ + -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \ + -e 's/[@]DAEMON_NAME[@]/virtvzd/' \ + < $^ > $@ + +vz/virtvzd.aug: remote/libvirtd.aug.in + $(AM_V_GEN)$(SED) \ + -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \ + -e 's/[@]DAEMON_NAME[@]/virtvzd/' \ + -e 's/[@]DAEMON_NAME_UC[@]/Virtvzd/' \ + $< > $@ + +vz/test_virtvzd.aug: remote/test_libvirtd.aug.in \ + vz/virtvzd.conf $(AUG_GENTEST) + $(AM_V_GEN)$(AUG_GENTEST) vz/virtvzd.conf \ + $(srcdir)/remote/test_libvirtd.aug.in | \ + $(SED) -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \ + -e 's/[@]DAEMON_NAME[@]/virtvzd/' \ + -e 's/[@]DAEMON_NAME_UC[@]/Virtvzd/' \ + > $@ || rm -f $@ + endif WITH_VZ diff --git a/src/vz/virtvzd.service.in b/src/vz/virtvzd.service.in new file mode 100644 index 0000000000..cd0f558768 --- /dev/null +++ b/src/vz/virtvzd.service.in @@ -0,0 +1,25 @@ +[Unit] +Description=Virtualization vz daemon +Conflicts=libvirtd.service +Requires=virtvzd.socket +Requires=virtvzd-ro.socket +Requires=virtvzd-admin.socket +After=network.target +After=dbus.service +After=apparmor.service +After=local-fs.target +After=remote-fs.target +Documentation=man:libvirtd(8) +Documentation=https://libvirt.org + +[Service] +Type=notify +ExecStart=@sbindir@/virtvzd --timeout 120 +ExecReload=/bin/kill -HUP $MAINPID +Restart=on-failure + +[Install] +WantedBy=multi-user.target +Also=virtvzd.socket +Also=virtvzd-ro.socket +Also=virtvzd-admin.socket -- 2.21.0

On Mon, 2019-07-29 at 18:11 +0100, Daniel P. Berrangé wrote: I'm not sure why I didn't suggest this during the previous review round, but you could also do something like VIR_AUTOFREE(char *) sockbase = NULL; /* ... */ if (legacy) { if (VIR_STRDUP(sockbase, "libvirt-admin-sock") < 0) goto error; } else { if (virAsprintf(&sockbase, "%s-admin-sock", uri->scheme) < 0) goto error; } or even VIR_AUTOFREE(char *) sockbase = NULL; /* ... */ if (virAsprintf(&sockbase, "%s-admin-sock", legacy ? "libvirt" : uri->scheme) < 0) { goto error; } and then keep using sockbase when building sock_path, getting rid of the duplicated Elvis operator in the process. But either version works, really. -- Andrea Bolognani / Red Hat / Virtualization

The driver dispatch methods access the priv->conn variables directly. In future we want to dynamically open the connections for the secondary driver. Thus we want the methods to call a method to get the connection handle instead of assuming the private variable is non-NULL. Reviewed-by: Andrea Bolognani <abologna(a)redhat.com&gt; Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- src/admin/admin_server_dispatch.c | 9 +++ src/remote/remote_daemon_dispatch.c | 121 ++++++++++++++++++++++++++++ src/rpc/gendispatch.pl | 96 ++++++++++++---------- 3 files changed, 183 insertions(+), 43 deletions(-) diff --git a/src/admin/admin_server_dispatch.c b/src/admin/admin_server_dispatch.c index 6e3b99f97d..1973664488 100644 --- a/src/admin/admin_server_dispatch.c +++ b/src/admin/admin_server_dispatch.c @@ -206,6 +206,15 @@ adminConnectGetLibVersion(virNetDaemonPtr dmn ATTRIBUTE_UNUSED, return 0; } +static virNetDaemonPtr +adminGetConn(virNetServerClientPtr client) +{ + struct daemonAdmClientPrivate *priv = + virNetServerClientGetPrivateData(client); + + return priv->dmn; +} + static int adminDispatchServerGetThreadpoolParameters(virNetServerPtr server ATTRIBUTE_UNUSED, virNetServerClientPtr client, diff --git a/src/remote/remote_daemon_dispatch.c b/src/remote/remote_daemon_dispatch.c index 0145279d72..90103f5093 100644 --- a/src/remote/remote_daemon_dispatch.c +++ b/src/remote/remote_daemon_dispatch.c @@ -112,6 +112,22 @@ remoteSerializeDomainDiskErrors(virDomainDiskErrorPtr errors, remote_domain_disk_error **ret_errors_val, u_int *ret_errors_len); +static virConnectPtr +remoteGetHypervisorConn(virNetServerClientPtr client); +static virConnectPtr +remoteGetInterfaceConn(virNetServerClientPtr client); +static virConnectPtr +remoteGetNetworkConn(virNetServerClientPtr client); +static virConnectPtr +remoteGetNodeDevConn(virNetServerClientPtr client); +static virConnectPtr +remoteGetNWFilterConn(virNetServerClientPtr client); +static virConnectPtr +remoteGetSecretConn(virNetServerClientPtr client); +static virConnectPtr +remoteGetStorageConn(virNetServerClientPtr client); + + #include "remote_daemon_dispatch_stubs.h" #include "remote_daemon_dispatch_qemu_stubs.h" #include "remote_daemon_dispatch_lxc_stubs.h" @@ -1925,6 +1941,111 @@ static void remoteClientCloseFunc(virNetServerClientPtr client) } +static virConnectPtr +remoteGetHypervisorConn(virNetServerClientPtr client) +{ + struct daemonClientPrivate *priv = + virNetServerClientGetPrivateData(client); + + if (!priv->conn) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connection not open")); + return NULL; + } + + return priv->conn; +} + + +static virConnectPtr +remoteGetInterfaceConn(virNetServerClientPtr client) +{ + struct daemonClientPrivate *priv = + virNetServerClientGetPrivateData(client); + + if (!priv->interfaceConn) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connection not open")); + return NULL; + } + + return priv->interfaceConn; +} + + +static virConnectPtr +remoteGetNetworkConn(virNetServerClientPtr client) +{ + struct daemonClientPrivate *priv = + virNetServerClientGetPrivateData(client); + + if (!priv->networkConn) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connection not open")); + return NULL; + } + + return priv->networkConn; +} + + +static virConnectPtr +remoteGetNodeDevConn(virNetServerClientPtr client) +{ + struct daemonClientPrivate *priv = + virNetServerClientGetPrivateData(client); + + if (!priv->nodedevConn) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connection not open")); + return NULL; + } + + return priv->nodedevConn; +} + + +static virConnectPtr +remoteGetNWFilterConn(virNetServerClientPtr client) +{ + struct daemonClientPrivate *priv = + virNetServerClientGetPrivateData(client); + + if (!priv->nwfilterConn) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connection not open")); + return NULL; + } + + return priv->nwfilterConn; +} + + +static virConnectPtr +remoteGetSecretConn(virNetServerClientPtr client) +{ + struct daemonClientPrivate *priv = + virNetServerClientGetPrivateData(client); + + if (!priv->secretConn) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connection not open")); + return NULL; + } + + return priv->secretConn; +} + + +static virConnectPtr +remoteGetStorageConn(virNetServerClientPtr client) +{ + struct daemonClientPrivate *priv = + virNetServerClientGetPrivateData(client); + + if (!priv->storageConn) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connection not open")); + return NULL; + } + + return priv->storageConn; +} + + void *remoteClientNew(virNetServerClientPtr client, void *opaque ATTRIBUTE_UNUSED) { diff --git a/src/rpc/gendispatch.pl b/src/rpc/gendispatch.pl index 4e548e14cd..ff21834091 100755 --- a/src/rpc/gendispatch.pl +++ b/src/rpc/gendispatch.pl @@ -111,13 +111,29 @@ sub name_to_TypeName { return $typename; } -sub get_conn_arg { +sub get_conn_type { + if ($structprefix eq "admin") { + return "virNetDaemonPtr"; + } else { + return "virConnectPtr"; + } +} + +sub get_conn_var { + if ($structprefix eq "admin") { + return "dmn"; + } else { + return "conn"; + } +} + +sub get_conn_method { my $proc = shift; my $args = shift; my $rets = shift; if ($structprefix eq "admin") { - return "priv->dmn"; + return "adminGetConn"; } my @types; @@ -127,22 +143,22 @@ sub get_conn_arg { # This correctly detects most APIs foreach my $type (@types) { if ($type =~ /remote_nonnull_interface/) { - return "priv->interfaceConn"; + return "remoteGetInterfaceConn"; } if ($type =~ /remote_nonnull_network/) { - return "priv->networkConn"; + return "remoteGetNetworkConn"; } if ($type =~ /remote_nonnull_node_device/) { - return "priv->nodedevConn"; + return "remoteGetNodeDevConn"; } if ($type =~ /remote_nonnull_nwfilter/) { - return "priv->nwfilterConn"; + return "remoteGetNWFilterConn"; } if ($type =~ /remote_nonnull_secret/) { - return "priv->secretConn"; + return "remoteGetSecretConn"; } if ($type =~ /remote_nonnull_storage/) { - return "priv->storageConn"; + return "remoteGetStorageConn"; } } @@ -150,25 +166,25 @@ sub get_conn_arg { # return things which aren't objects. eg list # of pool names, or number of pools. if ($proc =~ /Connect.*Interface/ || $proc =~ /InterfaceChange/) { - return "priv->interfaceConn"; + return "remoteGetInterfaceConn"; } if ($proc =~ /Connect.*Network/) { - return "priv->networkConn"; + return "remoteGetNetworkConn"; } if ($proc =~ /Node.*Device/) { - return "priv->nodedevConn"; + return "remoteGetNodeDevConn"; } if ($proc =~ /Connect.*NWFilter/) { - return "priv->nwfilterConn"; + return "remoteGetNWFilterConn"; } if ($proc =~ /Connect.*Secret/) { - return "priv->secretConn"; + return "remoteGetSecretConn"; } if ($proc =~ /Connect.*Storage/) { - return "priv->storageConn"; + return "remoteGetStorageConn"; } - return "priv->conn"; + return "remoteGetHypervisorConn"; } # Read the input file (usually remote_protocol.x) and form an @@ -535,7 +551,9 @@ elsif ($mode eq "server") { my @free_list = (); my @free_list_on_error = ("virNetMessageSaveError(rerr);"); - my $conn = get_conn_arg($call->{ProcName}, $call->{args_members}, $call->{ret_members}); + my $conn_method = get_conn_method($call->{ProcName}, $call->{args_members}, $call->{ret_members}); + my $conn_var = get_conn_var(); + my $conn_type = get_conn_type(); # handle arguments to the function if ($argtype ne "void") { @@ -547,7 +565,7 @@ elsif ($mode eq "server") { $has_node_device = 1; push(@vars_list, "virNodeDevicePtr dev = NULL"); push(@getters_list, - " if (!(dev = virNodeDeviceLookupByName($conn, args->name)))\n" . + " if (!(dev = virNodeDeviceLookupByName($conn_var, args->name)))\n" . " goto cleanup;\n"); push(@args_list, "dev"); push(@free_list, @@ -563,7 +581,7 @@ elsif ($mode eq "server") { push(@vars_list, "vir${type_name}Ptr $2 = NULL"); push(@getters_list, - " if (!($2 = get_nonnull_$1($conn, args->$2)))\n" . + " if (!($2 = get_nonnull_$1($conn_var, args->$2)))\n" . " goto cleanup;\n"); push(@args_list, "$2"); push(@free_list, @@ -574,7 +592,7 @@ elsif ($mode eq "server") { push(@vars_list, "virDomainPtr dom = NULL"); push(@vars_list, "virDomain${type_name}Ptr ${1} = NULL"); push(@getters_list, - " if (!(dom = get_nonnull_domain($conn, args->${2}.dom)))\n" . + " if (!(dom = get_nonnull_domain($conn_var, args->${2}.dom)))\n" . " goto cleanup;\n" . "\n" . " if (!($1 = get_nonnull_domain_${1}(dom, args->$2)))\n" . @@ -584,11 +602,11 @@ elsif ($mode eq "server") { " virObjectUnref($1);\n" . " virObjectUnref(dom);"); } elsif ($args_member =~ m/^(?:(?:admin|remote)_string|remote_uuid) (\S+)<\S+>;/) { - push(@args_list, $conn) if !@args_list; + push(@args_list, $conn_var) if !@args_list; push(@args_list, "args->$1.$1_val"); push(@args_list, "args->$1.$1_len"); } elsif ($args_member =~ m/^(?:opaque|(?:admin|remote)_nonnull_string) (\S+)<\S+>;(.*)$/) { - push(@args_list, $conn) if !@args_list; + push(@args_list, $conn_var) if !@args_list; my $cast = ""; my $arg_name = $1; @@ -605,7 +623,7 @@ elsif ($mode eq "server") { push(@args_list, "${cast}args->$arg_name.${arg_name}_val"); push(@args_list, "args->$arg_name.${arg_name}_len"); } elsif ($args_member =~ m/^(?:unsigned )?int (\S+)<\S+>;/) { - push(@args_list, $conn) if !@args_list; + push(@args_list, $conn_var) if !@args_list; push(@args_list, "args->$1.$1_val"); push(@args_list, "args->$1.$1_len"); @@ -613,7 +631,7 @@ elsif ($mode eq "server") { push(@vars_list, "virTypedParameterPtr $1 = NULL"); push(@vars_list, "int n$1 = 0"); if ($call->{ProcName} eq "NodeSetMemoryParameters") { - push(@args_list, "$conn"); + push(@args_list, $conn_var); } push(@args_list, "$1"); push(@args_list, "n$1"); @@ -628,25 +646,25 @@ elsif ($mode eq "server") { # just make all other array types fail die "unhandled type for argument value: $args_member"; } elsif ($args_member =~ m/^remote_uuid (\S+);/) { - push(@args_list, $conn) if !@args_list; + push(@args_list, $conn_var) if !@args_list; push(@args_list, "(unsigned char *) args->$1"); } elsif ($args_member =~ m/^(?:admin|remote)_string (\S+);/) { - push(@args_list, $conn) if !@args_list; + push(@args_list, $conn_var) if !@args_list; push(@vars_list, "char *$1"); push(@optionals_list, "$1"); push(@args_list, "$1"); } elsif ($args_member =~ m/^(?:admin|remote)_nonnull_string (\S+);/) { - push(@args_list, $conn) if !@args_list; + push(@args_list, $conn_var) if !@args_list; push(@args_list, "args->$1"); } elsif ($args_member =~ m/^(unsigned )?int (\S+);/) { - push(@args_list, $conn) if !@args_list; + push(@args_list, $conn_var) if !@args_list; push(@args_list, "args->$2"); } elsif ($args_member =~ m/^(unsigned )?hyper (\S+);/) { - push(@args_list, $conn) if !@args_list; + push(@args_list, $conn_var) if !@args_list; my $arg_name = $2; @@ -665,7 +683,7 @@ elsif ($mode eq "server") { push(@vars_list, "virNet${type_name}Ptr $2 = NULL"); push(@getters_list, - " if (!($2 = get_nonnull_$1($conn, args->$2)))\n" . + " if (!($2 = get_nonnull_$1($conn_var, args->$2)))\n" . " goto cleanup;\n"); push(@args_list, "$2"); push(@free_list, @@ -676,7 +694,7 @@ elsif ($mode eq "server") { push(@vars_list, "virNetServerPtr srv = NULL"); push(@vars_list, "virNetServer${type_name}Ptr $2 = NULL"); push(@getters_list, - " if (!(srv = get_nonnull_server($conn, args->$2.srv)))\n" . + " if (!(srv = get_nonnull_server($conn_var, args->$2.srv)))\n" . " goto cleanup;\n"); push(@getters_list, " if (!($2 = get_nonnull_$1(srv, args->$2)))\n" . @@ -952,7 +970,7 @@ elsif ($mode eq "server") { # select struct type for multi-return-value functions if ($multi_ret) { if (defined $call->{ret_offset}) { - push(@args_list, $conn) if !@args_list; + push(@args_list, $conn_var) if !@args_list; if ($modern_ret_as_list) { my $struct_name = name_to_TypeName($modern_ret_struct_name); @@ -1032,13 +1050,6 @@ elsif ($mode eq "server") { print " $var;\n"; } - if ($structprefix eq "admin") { - print " struct daemonAdmClientPrivate *priv =\n"; - } else { - print " struct daemonClientPrivate *priv =\n"; - } - print " virNetServerClientGetPrivateData(client);\n"; - if ($call->{streamflag} ne "none") { print " virStreamPtr st = NULL;\n"; print " daemonClientStreamPtr stream = NULL;\n"; @@ -1051,10 +1062,9 @@ elsif ($mode eq "server") { print "\n"; - print " if (!$conn) {\n"; - print " virReportError(VIR_ERR_INTERNAL_ERROR, \"%s\", _(\"connection not open\"));\n"; + print " $conn_type $conn_var = $conn_method(client);\n"; + print " if (!$conn_var) \n"; print " goto cleanup;\n"; - print " }\n"; print "\n"; if ($single_ret_as_list) { @@ -1081,7 +1091,7 @@ elsif ($mode eq "server") { } if ($call->{streamflag} ne "none") { - print " if (!(st = virStreamNew($conn, VIR_STREAM_NONBLOCK)))\n"; + print " if (!(st = virStreamNew($conn_var, VIR_STREAM_NONBLOCK)))\n"; print " goto cleanup;\n"; print "\n"; print " if (!(stream = daemonCreateClientStream(client, st, remoteProgram, &msg->header, sparse)))\n"; @@ -1098,7 +1108,7 @@ elsif ($mode eq "server") { } elsif (!$multi_ret) { my $proc_name = $call->{ProcName}; - push(@args_list, $conn) if !@args_list; + push(@args_list, $conn_var) if !@args_list; if ($structprefix eq "qemu" && $call->{ProcName} =~ /^(Connect)?Domain/) { -- 2.21.0

The driver dispatch methods access the priv->conn variables directly. In future we want to dynamically open the connections for the secondary driver. Thus we want the methods to call a method to get the connection handle instead of assuming the private variable is non-NULL. Reviewed-by: Andrea Bolognani <abologna(a)redhat.com&gt; Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- src/remote/remote_daemon_dispatch.c | 718 ++++++++++------------------ 1 file changed, 257 insertions(+), 461 deletions(-) diff --git a/src/remote/remote_daemon_dispatch.c b/src/remote/remote_daemon_dispatch.c index 4a3312a944..5609eb4caf 100644 --- a/src/remote/remote_daemon_dispatch.c +++ b/src/remote/remote_daemon_dispatch.c @@ -2148,15 +2148,12 @@ remoteDispatchDomainGetSchedulerType(virNetServerPtr server ATTRIBUTE_UNUSED, char *type; int nparams; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (!(type = virDomainGetSchedulerType(dom, &nparams))) @@ -2185,13 +2182,10 @@ remoteDispatchDomainGetSchedulerParameters(virNetServerPtr server ATTRIBUTE_UNUS virTypedParameterPtr params = NULL; int nparams = 0; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->nparams > REMOTE_DOMAIN_SCHEDULER_PARAMETERS_MAX) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large")); @@ -2201,7 +2195,7 @@ remoteDispatchDomainGetSchedulerParameters(virNetServerPtr server ATTRIBUTE_UNUS goto cleanup; nparams = args->nparams; - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainGetSchedulerParameters(dom, params, &nparams) < 0) @@ -2235,13 +2229,10 @@ remoteDispatchDomainGetSchedulerParametersFlags(virNetServerPtr server ATTRIBUTE virTypedParameterPtr params = NULL; int nparams = 0; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->nparams > REMOTE_DOMAIN_SCHEDULER_PARAMETERS_MAX) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large")); @@ -2251,7 +2242,7 @@ remoteDispatchDomainGetSchedulerParametersFlags(virNetServerPtr server ATTRIBUTE goto cleanup; nparams = args->nparams; - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainGetSchedulerParametersFlags(dom, params, &nparams, @@ -2287,13 +2278,10 @@ remoteDispatchDomainMemoryStats(virNetServerPtr server ATTRIBUTE_UNUSED, int nr_stats; size_t i; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->maxStats > REMOTE_DOMAIN_MEMORY_STATS_MAX) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", @@ -2301,7 +2289,7 @@ remoteDispatchDomainMemoryStats(virNetServerPtr server ATTRIBUTE_UNUSED, goto cleanup; } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; /* Allocate stats array for making dispatch call */ @@ -2346,15 +2334,12 @@ remoteDispatchDomainBlockPeek(virNetServerPtr server ATTRIBUTE_UNUSED, size_t size; unsigned int flags; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; path = args->path; offset = args->offset; @@ -2400,15 +2385,12 @@ remoteDispatchDomainBlockStatsFlags(virNetServerPtr server ATTRIBUTE_UNUSED, int nparams = 0; unsigned int flags; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; flags = args->flags; @@ -2462,15 +2444,12 @@ remoteDispatchDomainMemoryPeek(virNetServerPtr server ATTRIBUTE_UNUSED, size_t size; unsigned int flags; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; offset = args->offset; size = args->size; @@ -2512,15 +2491,12 @@ remoteDispatchDomainGetSecurityLabel(virNetServerPtr server ATTRIBUTE_UNUSED, virDomainPtr dom = NULL; virSecurityLabelPtr seclabel = NULL; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (VIR_ALLOC(seclabel) < 0) @@ -2557,15 +2533,12 @@ remoteDispatchDomainGetSecurityLabelList(virNetServerPtr server ATTRIBUTE_UNUSED virSecurityLabelPtr seclabels = NULL; int len, rv = -1; size_t i; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if ((len = virDomainGetSecurityLabelList(dom, &seclabels)) < 0) { @@ -2611,16 +2584,13 @@ remoteDispatchNodeGetSecurityModel(virNetServerPtr server ATTRIBUTE_UNUSED, { virSecurityModel secmodel; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } memset(&secmodel, 0, sizeof(secmodel)); - if (virNodeGetSecurityModel(priv->conn, &secmodel) < 0) + if (virNodeGetSecurityModel(conn, &secmodel) < 0) goto cleanup; ret->model.model_len = strlen(secmodel.model) + 1; @@ -2653,15 +2623,12 @@ remoteDispatchDomainGetVcpuPinInfo(virNetServerPtr server ATTRIBUTE_UNUSED, unsigned char *cpumaps = NULL; int num; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (args->ncpumaps > REMOTE_VCPUINFO_MAX) { @@ -2715,15 +2682,12 @@ remoteDispatchDomainPinEmulator(virNetServerPtr server ATTRIBUTE_UNUSED, { int rv = -1; virDomainPtr dom = NULL; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainPinEmulator(dom, @@ -2754,15 +2718,12 @@ remoteDispatchDomainGetEmulatorPinInfo(virNetServerPtr server ATTRIBUTE_UNUSED, unsigned char *cpumaps = NULL; int r; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; /* Allocate buffers to take the results */ @@ -2805,15 +2766,12 @@ remoteDispatchDomainGetVcpus(virNetServerPtr server ATTRIBUTE_UNUSED, int info_len; size_t i; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (args->maxinfo > REMOTE_VCPUINFO_MAX) { @@ -2882,18 +2840,16 @@ remoteDispatchDomainGetIOThreadInfo(virNetServerPtr server ATTRIBUTE_UNUSED, { int rv = -1; size_t i; - struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); virDomainIOThreadInfoPtr *info = NULL; virDomainPtr dom = NULL; remote_domain_iothread_info *dst; int ninfo = 0; + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if ((ninfo = virDomainGetIOThreadInfo(dom, &info, args->flags)) < 0) @@ -2958,13 +2914,10 @@ remoteDispatchDomainMigratePrepare(virNetServerPtr server ATTRIBUTE_UNUSED, char **uri_out; char *dname; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } uri_in = args->uri_in == NULL ? NULL : *args->uri_in; dname = args->dname == NULL ? NULL : *args->dname; @@ -2973,7 +2926,7 @@ remoteDispatchDomainMigratePrepare(virNetServerPtr server ATTRIBUTE_UNUSED, if (VIR_ALLOC(uri_out) < 0) goto cleanup; - if (virDomainMigratePrepare(priv->conn, &cookie, &cookielen, + if (virDomainMigratePrepare(conn, &cookie, &cookielen, uri_in, uri_out, args->flags, dname, args->resource) < 0) goto cleanup; @@ -3013,13 +2966,10 @@ remoteDispatchDomainMigratePrepare2(virNetServerPtr server ATTRIBUTE_UNUSED, char **uri_out; char *dname; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } uri_in = args->uri_in == NULL ? NULL : *args->uri_in; dname = args->dname == NULL ? NULL : *args->dname; @@ -3028,7 +2978,7 @@ remoteDispatchDomainMigratePrepare2(virNetServerPtr server ATTRIBUTE_UNUSED, if (VIR_ALLOC(uri_out) < 0) goto cleanup; - if (virDomainMigratePrepare2(priv->conn, &cookie, &cookielen, + if (virDomainMigratePrepare2(conn, &cookie, &cookielen, uri_in, uri_out, args->flags, dname, args->resource, args->dom_xml) < 0) @@ -3064,13 +3014,10 @@ remoteDispatchDomainGetMemoryParameters(virNetServerPtr server ATTRIBUTE_UNUSED, int nparams = 0; unsigned int flags; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } flags = args->flags; @@ -3082,7 +3029,7 @@ remoteDispatchDomainGetMemoryParameters(virNetServerPtr server ATTRIBUTE_UNUSED, goto cleanup; nparams = args->nparams; - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainGetMemoryParameters(dom, params, &nparams, flags) < 0) @@ -3126,13 +3073,10 @@ remoteDispatchDomainGetNumaParameters(virNetServerPtr server ATTRIBUTE_UNUSED, int nparams = 0; unsigned int flags; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } flags = args->flags; @@ -3144,7 +3088,7 @@ remoteDispatchDomainGetNumaParameters(virNetServerPtr server ATTRIBUTE_UNUSED, goto cleanup; nparams = args->nparams; - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainGetNumaParameters(dom, params, &nparams, flags) < 0) @@ -3188,13 +3132,10 @@ remoteDispatchDomainGetBlkioParameters(virNetServerPtr server ATTRIBUTE_UNUSED, int nparams = 0; unsigned int flags; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } flags = args->flags; @@ -3206,7 +3147,7 @@ remoteDispatchDomainGetBlkioParameters(virNetServerPtr server ATTRIBUTE_UNUSED, goto cleanup; nparams = args->nparams; - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainGetBlkioParameters(dom, params, &nparams, flags) < 0) @@ -3251,13 +3192,10 @@ remoteDispatchNodeGetCPUStats(virNetServerPtr server ATTRIBUTE_UNUSED, int nparams = 0; unsigned int flags; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } flags = args->flags; @@ -3269,7 +3207,7 @@ remoteDispatchNodeGetCPUStats(virNetServerPtr server ATTRIBUTE_UNUSED, goto cleanup; nparams = args->nparams; - if (virNodeGetCPUStats(priv->conn, cpuNum, params, &nparams, flags) < 0) + if (virNodeGetCPUStats(conn, cpuNum, params, &nparams, flags) < 0) goto cleanup; /* In this case, we need to send back the number of stats @@ -3323,13 +3261,10 @@ remoteDispatchNodeGetMemoryStats(virNetServerPtr server ATTRIBUTE_UNUSED, int nparams = 0; unsigned int flags; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } flags = args->flags; @@ -3341,7 +3276,7 @@ remoteDispatchNodeGetMemoryStats(virNetServerPtr server ATTRIBUTE_UNUSED, goto cleanup; nparams = args->nparams; - if (virNodeGetMemoryStats(priv->conn, cellNum, params, &nparams, flags) < 0) + if (virNodeGetMemoryStats(conn, cellNum, params, &nparams, flags) < 0) goto cleanup; /* In this case, we need to send back the number of parameters @@ -3393,15 +3328,12 @@ remoteDispatchDomainGetLaunchSecurityInfo(virNetServerPtr server ATTRIBUTE_UNUSE virTypedParameterPtr params = NULL; int nparams = 0; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainGetLaunchSecurityInfo(dom, &params, &nparams, args->flags) < 0) @@ -3440,15 +3372,12 @@ remoteDispatchDomainGetPerfEvents(virNetServerPtr server ATTRIBUTE_UNUSED, virTypedParameterPtr params = NULL; int nparams = 0; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainGetPerfEvents(dom, &params, &nparams, args->flags) < 0) @@ -3486,15 +3415,12 @@ remoteDispatchDomainGetBlockJobInfo(virNetServerPtr server ATTRIBUTE_UNUSED, virDomainPtr dom = NULL; virDomainBlockJobInfo tmp; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; rv = virDomainGetBlockJobInfo(dom, args->path, &tmp, args->flags); @@ -3527,13 +3453,10 @@ remoteDispatchDomainGetBlockIoTune(virNetServerPtr server ATTRIBUTE_UNUSED, int rv = -1; virTypedParameterPtr params = NULL; int nparams = 0; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->nparams > REMOTE_DOMAIN_BLOCK_IO_TUNE_PARAMETERS_MAX) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large")); @@ -3544,7 +3467,7 @@ remoteDispatchDomainGetBlockIoTune(virNetServerPtr server ATTRIBUTE_UNUSED, goto cleanup; nparams = args->nparams; - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainGetBlockIoTune(dom, args->disk ? *args->disk : NULL, @@ -4104,15 +4027,12 @@ remoteDispatchNodeDeviceGetParent(virNetServerPtr server ATTRIBUTE_UNUSED, virNodeDevicePtr dev = NULL; const char *parent = NULL; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetNodeDevConn(client); - if (!priv->nodedevConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dev = virNodeDeviceLookupByName(priv->nodedevConn, args->name))) + if (!(dev = virNodeDeviceLookupByName(conn, args->name))) goto cleanup; parent = virNodeDeviceGetParent(dev); @@ -4144,15 +4064,14 @@ remoteDispatchConnectRegisterCloseCallback(virNetServerPtr server ATTRIBUTE_UNUS int rv = -1; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); virMutexLock(&priv->lock); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (virConnectRegisterCloseCallback(priv->conn, + if (virConnectRegisterCloseCallback(conn, remoteRelayConnectionClosedEvent, client, NULL) < 0) goto cleanup; @@ -4176,15 +4095,14 @@ remoteDispatchConnectUnregisterCloseCallback(virNetServerPtr server ATTRIBUTE_UN int rv = -1; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); virMutexLock(&priv->lock); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (virConnectUnregisterCloseCallback(priv->conn, + if (virConnectUnregisterCloseCallback(conn, remoteRelayConnectionClosedEvent) < 0) goto cleanup; @@ -4211,13 +4129,12 @@ remoteDispatchConnectDomainEventRegister(virNetServerPtr server ATTRIBUTE_UNUSED daemonClientEventCallbackPtr ref; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); virMutexLock(&priv->lock); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } /* If we call register first, we could append a complete callback * to our array, but on OOM append failure, we'd have to then hope @@ -4239,7 +4156,7 @@ remoteDispatchConnectDomainEventRegister(virNetServerPtr server ATTRIBUTE_UNUSED callback) < 0) goto cleanup; - if ((callbackID = virConnectDomainEventRegisterAny(priv->conn, + if ((callbackID = virConnectDomainEventRegisterAny(conn, NULL, VIR_DOMAIN_EVENT_ID_LIFECYCLE, VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventLifecycle), @@ -4275,13 +4192,12 @@ remoteDispatchConnectDomainEventDeregister(virNetServerPtr server ATTRIBUTE_UNUS size_t i; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); virMutexLock(&priv->lock); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } for (i = 0; i < priv->ndomainEventCallbacks; i++) { if (priv->domainEventCallbacks[i]->eventID == VIR_DOMAIN_EVENT_ID_LIFECYCLE) { @@ -4297,7 +4213,7 @@ remoteDispatchConnectDomainEventDeregister(virNetServerPtr server ATTRIBUTE_UNUS goto cleanup; } - if (virConnectDomainEventDeregisterAny(priv->conn, callbackID) < 0) + if (virConnectDomainEventDeregisterAny(conn, callbackID) < 0) goto cleanup; VIR_DELETE_ELEMENT(priv->domainEventCallbacks, i, @@ -4361,15 +4277,12 @@ remoteDispatchSecretGetValue(virNetServerPtr server ATTRIBUTE_UNUSED, size_t value_size; unsigned char *value; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetSecretConn(client); - if (!priv->secretConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(secret = get_nonnull_secret(priv->secretConn, args->secret))) + if (!(secret = get_nonnull_secret(conn, args->secret))) goto cleanup; if (!(value = virSecretGetValue(secret, &value_size, args->flags))) @@ -4397,15 +4310,12 @@ remoteDispatchDomainGetState(virNetServerPtr server ATTRIBUTE_UNUSED, { virDomainPtr dom = NULL; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainGetState(dom, &ret->state, &ret->reason, args->flags) < 0) @@ -4439,13 +4349,12 @@ remoteDispatchConnectDomainEventRegisterAny(virNetServerPtr server ATTRIBUTE_UNU daemonClientEventCallbackPtr ref; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); virMutexLock(&priv->lock); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } /* We intentionally do not use VIR_DOMAIN_EVENT_ID_LAST here; any * new domain events added after this point should only use the @@ -4475,7 +4384,7 @@ remoteDispatchConnectDomainEventRegisterAny(virNetServerPtr server ATTRIBUTE_UNU callback) < 0) goto cleanup; - if ((callbackID = virConnectDomainEventRegisterAny(priv->conn, + if ((callbackID = virConnectDomainEventRegisterAny(conn, NULL, args->eventID, domainEventCallbacks[args->eventID], @@ -4515,16 +4424,15 @@ remoteDispatchConnectDomainEventCallbackRegisterAny(virNetServerPtr server ATTRI struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); virDomainPtr dom = NULL; + virConnectPtr conn = remoteGetHypervisorConn(client); virMutexLock(&priv->lock); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->dom && - !(dom = get_nonnull_domain(priv->conn, *args->dom))) + !(dom = get_nonnull_domain(conn, *args->dom))) goto cleanup; if (args->eventID >= VIR_DOMAIN_EVENT_ID_LAST || args->eventID < 0) { @@ -4550,7 +4458,7 @@ remoteDispatchConnectDomainEventCallbackRegisterAny(virNetServerPtr server ATTRI callback) < 0) goto cleanup; - if ((callbackID = virConnectDomainEventRegisterAny(priv->conn, + if ((callbackID = virConnectDomainEventRegisterAny(conn, dom, args->eventID, domainEventCallbacks[args->eventID], @@ -4589,13 +4497,12 @@ remoteDispatchConnectDomainEventDeregisterAny(virNetServerPtr server ATTRIBUTE_U size_t i; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); virMutexLock(&priv->lock); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } /* We intentionally do not use VIR_DOMAIN_EVENT_ID_LAST here; any * new domain events added after this point should only use the @@ -4619,7 +4526,7 @@ remoteDispatchConnectDomainEventDeregisterAny(virNetServerPtr server ATTRIBUTE_U goto cleanup; } - if (virConnectDomainEventDeregisterAny(priv->conn, callbackID) < 0) + if (virConnectDomainEventDeregisterAny(conn, callbackID) < 0) goto cleanup; VIR_DELETE_ELEMENT(priv->domainEventCallbacks, i, @@ -4646,13 +4553,12 @@ remoteDispatchConnectDomainEventCallbackDeregisterAny(virNetServerPtr server ATT size_t i; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); virMutexLock(&priv->lock); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } for (i = 0; i < priv->ndomainEventCallbacks; i++) { if (priv->domainEventCallbacks[i]->callbackID == args->callbackID) @@ -4665,7 +4571,7 @@ remoteDispatchConnectDomainEventCallbackDeregisterAny(virNetServerPtr server ATT goto cleanup; } - if (virConnectDomainEventDeregisterAny(priv->conn, args->callbackID) < 0) + if (virConnectDomainEventDeregisterAny(conn, args->callbackID) < 0) goto cleanup; VIR_DELETE_ELEMENT(priv->domainEventCallbacks, i, @@ -4691,15 +4597,12 @@ qemuDispatchDomainMonitorCommand(virNetServerPtr server ATTRIBUTE_UNUSED, { virDomainPtr dom = NULL; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainQemuMonitorCommand(dom, args->cmd, &ret->result, @@ -4731,15 +4634,12 @@ remoteDispatchDomainMigrateBegin3(virNetServerPtr server ATTRIBUTE_UNUSED, char *cookieout = NULL; int cookieoutlen = 0; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; xmlin = args->xmlin == NULL ? NULL : *args->xmlin; @@ -4781,13 +4681,10 @@ remoteDispatchDomainMigratePrepare3(virNetServerPtr server ATTRIBUTE_UNUSED, char **uri_out; char *dname; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } uri_in = args->uri_in == NULL ? NULL : *args->uri_in; dname = args->dname == NULL ? NULL : *args->dname; @@ -4796,7 +4693,7 @@ remoteDispatchDomainMigratePrepare3(virNetServerPtr server ATTRIBUTE_UNUSED, if (VIR_ALLOC(uri_out) < 0) goto cleanup; - if (virDomainMigratePrepare3(priv->conn, + if (virDomainMigratePrepare3(conn, args->cookie_in.cookie_in_val, args->cookie_in.cookie_in_len, &cookieout, &cookieoutlen, @@ -4839,15 +4736,12 @@ remoteDispatchDomainMigratePerform3(virNetServerPtr server ATTRIBUTE_UNUSED, char *cookieout = NULL; int cookieoutlen = 0; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; xmlin = args->xmlin == NULL ? NULL : *args->xmlin; @@ -4892,18 +4786,15 @@ remoteDispatchDomainMigrateFinish3(virNetServerPtr server ATTRIBUTE_UNUSED, char *uri; char *dconnuri; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } uri = args->uri == NULL ? NULL : *args->uri; dconnuri = args->dconnuri == NULL ? NULL : *args->dconnuri; - if (!(dom = virDomainMigrateFinish3(priv->conn, args->dname, + if (!(dom = virDomainMigrateFinish3(conn, args->dname, args->cookie_in.cookie_in_val, args->cookie_in.cookie_in_len, &cookieout, &cookieoutlen, @@ -4941,15 +4832,12 @@ remoteDispatchDomainMigrateConfirm3(virNetServerPtr server ATTRIBUTE_UNUSED, { virDomainPtr dom = NULL; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainMigrateConfirm3(dom, @@ -4977,8 +4865,7 @@ static int remoteDispatchConnectSupportsFeature(virNetServerPtr server ATTRIBUTE { int rv = -1; int supported = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = NULL; /* This feature is checked before opening the connection, thus we must * check it first. @@ -4990,10 +4877,10 @@ static int remoteDispatchConnectSupportsFeature(virNetServerPtr server ATTRIBUTE goto done; } - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + conn = remoteGetHypervisorConn(client); + + if (!conn) goto cleanup; - } switch ((virDrvFeature) args->feature) { case VIR_DRV_FEATURE_FD_PASSING: @@ -5013,7 +4900,7 @@ static int remoteDispatchConnectSupportsFeature(virNetServerPtr server ATTRIBUTE case VIR_DRV_FEATURE_MIGRATION_OFFLINE: case VIR_DRV_FEATURE_MIGRATION_PARAMS: default: - if ((supported = virConnectSupportsFeature(priv->conn, args->feature)) < 0) + if ((supported = virConnectSupportsFeature(conn, args->feature)) < 0) goto cleanup; break; case VIR_DRV_FEATURE_PROGRAM_KEEPALIVE: @@ -5042,15 +4929,12 @@ remoteDispatchDomainOpenGraphics(virNetServerPtr server ATTRIBUTE_UNUSED, virDomainPtr dom = NULL; int rv = -1; int fd = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if ((fd = virNetMessageDupFD(msg, 0)) < 0) @@ -5083,15 +4967,12 @@ remoteDispatchDomainOpenGraphicsFd(virNetServerPtr server ATTRIBUTE_UNUSED, virDomainPtr dom = NULL; int rv = -1; int fd = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if ((fd = virDomainOpenGraphicsFD(dom, @@ -5130,13 +5011,10 @@ remoteDispatchDomainGetInterfaceParameters(virNetServerPtr server ATTRIBUTE_UNUS int nparams = 0; unsigned int flags; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } flags = args->flags; @@ -5148,7 +5026,7 @@ remoteDispatchDomainGetInterfaceParameters(virNetServerPtr server ATTRIBUTE_UNUS goto cleanup; nparams = args->nparams; - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainGetInterfaceParameters(dom, device, params, &nparams, flags) < 0) @@ -5188,16 +5066,13 @@ remoteDispatchDomainGetCPUStats(virNetServerPtr server ATTRIBUTE_UNUSED, remote_domain_get_cpu_stats_ret *ret) { virDomainPtr dom = NULL; - struct daemonClientPrivate *priv; virTypedParameterPtr params = NULL; int rv = -1; int percpu_len = 0; + virConnectPtr conn = remoteGetHypervisorConn(client); - priv = virNetServerClientGetPrivateData(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->nparams > REMOTE_NODE_CPU_STATS_MAX) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large")); @@ -5212,7 +5087,7 @@ remoteDispatchDomainGetCPUStats(virNetServerPtr server ATTRIBUTE_UNUSED, VIR_ALLOC_N(params, args->ncpus * args->nparams) < 0) goto cleanup; - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; percpu_len = virDomainGetCPUStats(dom, params, args->nparams, @@ -5262,15 +5137,12 @@ remoteDispatchDomainGetDiskErrors(virNetServerPtr server ATTRIBUTE_UNUSED, virDomainPtr dom = NULL; virDomainDiskErrorPtr errors = NULL; int len = 0; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (args->maxerrors > REMOTE_DOMAIN_DISK_ERRORS_MAX) { @@ -5322,15 +5194,12 @@ remoteDispatchNodeGetSevInfo(virNetServerPtr server ATTRIBUTE_UNUSED, virTypedParameterPtr params = NULL; int nparams = 0; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (virNodeGetSEVInfo(priv->conn, &params, &nparams, args->flags) < 0) + if (virNodeGetSEVInfo(conn, &params, &nparams, args->flags) < 0) goto cleanup; if (nparams > REMOTE_NODE_SEV_INFO_MAX) { @@ -5367,13 +5236,10 @@ remoteDispatchNodeGetMemoryParameters(virNetServerPtr server ATTRIBUTE_UNUSED, int nparams = 0; unsigned int flags; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } flags = args->flags; @@ -5385,7 +5251,7 @@ remoteDispatchNodeGetMemoryParameters(virNetServerPtr server ATTRIBUTE_UNUSED, goto cleanup; nparams = args->nparams; - if (virNodeGetMemoryParameters(priv->conn, params, &nparams, flags) < 0) + if (virNodeGetMemoryParameters(conn, params, &nparams, flags) < 0) goto cleanup; /* In this case, we need to send back the number of parameters @@ -5425,17 +5291,14 @@ remoteDispatchNodeGetCPUMap(virNetServerPtr server ATTRIBUTE_UNUSED, unsigned int flags; int cpunum; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } flags = args->flags; - cpunum = virNodeGetCPUMap(priv->conn, args->need_map ? &cpumap : NULL, + cpunum = virNodeGetCPUMap(conn, args->need_map ? &cpumap : NULL, args->need_online ? &online : NULL, flags); if (cpunum < 0) goto cleanup; @@ -5467,19 +5330,16 @@ lxcDispatchDomainOpenNamespace(virNetServerPtr server ATTRIBUTE_UNUSED, lxc_domain_open_namespace_args *args) { int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); int *fdlist = NULL; int ret; virDomainPtr dom = NULL; size_t i; + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; ret = virDomainLxcOpenNamespace(dom, @@ -5521,15 +5381,12 @@ remoteDispatchDomainGetJobStats(virNetServerPtr server ATTRIBUTE_UNUSED, virTypedParameterPtr params = NULL; int nparams = 0; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainGetJobStats(dom, &ret->type, &params, @@ -5574,13 +5431,10 @@ remoteDispatchDomainMigrateBegin3Params(virNetServerPtr server ATTRIBUTE_UNUSED, char *cookieout = NULL; int cookieoutlen = 0; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->params.params_len > REMOTE_DOMAIN_MIGRATE_PARAM_LIST_MAX) { virReportError(VIR_ERR_RPC, @@ -5589,7 +5443,7 @@ remoteDispatchDomainMigrateBegin3Params(virNetServerPtr server ATTRIBUTE_UNUSED, goto cleanup; } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virTypedParamsDeserialize((virTypedParameterRemotePtr) args->params.params_val, @@ -5630,13 +5484,10 @@ remoteDispatchDomainMigratePrepare3Params(virNetServerPtr server ATTRIBUTE_UNUSE int cookieoutlen = 0; char **uri_out; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->params.params_len > REMOTE_DOMAIN_MIGRATE_PARAM_LIST_MAX) { virReportError(VIR_ERR_RPC, @@ -5654,7 +5505,7 @@ remoteDispatchDomainMigratePrepare3Params(virNetServerPtr server ATTRIBUTE_UNUSE if (VIR_ALLOC(uri_out) < 0) goto cleanup; - if (virDomainMigratePrepare3Params(priv->conn, params, nparams, + if (virDomainMigratePrepare3Params(conn, params, nparams, args->cookie_in.cookie_in_val, args->cookie_in.cookie_in_len, &cookieout, &cookieoutlen, @@ -5689,15 +5540,12 @@ remoteDispatchDomainMigratePrepareTunnel3Params(virNetServerPtr server ATTRIBUTE char *cookieout = NULL; int cookieoutlen = 0; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); virStreamPtr st = NULL; daemonClientStreamPtr stream = NULL; + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->params.params_len > REMOTE_DOMAIN_MIGRATE_PARAM_LIST_MAX) { virReportError(VIR_ERR_RPC, @@ -5711,12 +5559,12 @@ remoteDispatchDomainMigratePrepareTunnel3Params(virNetServerPtr server ATTRIBUTE 0, &params, &nparams) < 0) goto cleanup; - if (!(st = virStreamNew(priv->conn, VIR_STREAM_NONBLOCK)) || + if (!(st = virStreamNew(conn, VIR_STREAM_NONBLOCK)) || !(stream = daemonCreateClientStream(client, st, remoteProgram, &msg->header, false))) goto cleanup; - if (virDomainMigratePrepareTunnel3Params(priv->conn, st, params, nparams, + if (virDomainMigratePrepareTunnel3Params(conn, st, params, nparams, args->cookie_in.cookie_in_val, args->cookie_in.cookie_in_len, &cookieout, &cookieoutlen, @@ -5761,13 +5609,10 @@ remoteDispatchDomainMigratePerform3Params(virNetServerPtr server ATTRIBUTE_UNUSE int cookieoutlen = 0; char *dconnuri; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->params.params_len > REMOTE_DOMAIN_MIGRATE_PARAM_LIST_MAX) { virReportError(VIR_ERR_RPC, @@ -5776,7 +5621,7 @@ remoteDispatchDomainMigratePerform3Params(virNetServerPtr server ATTRIBUTE_UNUSE goto cleanup; } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virTypedParamsDeserialize((virTypedParameterRemotePtr) args->params.params_val, @@ -5821,13 +5666,10 @@ remoteDispatchDomainMigrateFinish3Params(virNetServerPtr server ATTRIBUTE_UNUSED char *cookieout = NULL; int cookieoutlen = 0; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->params.params_len > REMOTE_DOMAIN_MIGRATE_PARAM_LIST_MAX) { virReportError(VIR_ERR_RPC, @@ -5841,7 +5683,7 @@ remoteDispatchDomainMigrateFinish3Params(virNetServerPtr server ATTRIBUTE_UNUSED 0, &params, &nparams) < 0) goto cleanup; - dom = virDomainMigrateFinish3Params(priv->conn, params, nparams, + dom = virDomainMigrateFinish3Params(conn, params, nparams, args->cookie_in.cookie_in_val, args->cookie_in.cookie_in_len, &cookieout, &cookieoutlen, @@ -5879,13 +5721,10 @@ remoteDispatchDomainMigrateConfirm3Params(virNetServerPtr server ATTRIBUTE_UNUSE int nparams = 0; virDomainPtr dom = NULL; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->params.params_len > REMOTE_DOMAIN_MIGRATE_PARAM_LIST_MAX) { virReportError(VIR_ERR_RPC, @@ -5894,7 +5733,7 @@ remoteDispatchDomainMigrateConfirm3Params(virNetServerPtr server ATTRIBUTE_UNUSE goto cleanup; } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virTypedParamsDeserialize((virTypedParameterRemotePtr) args->params.params_val, @@ -5929,15 +5768,12 @@ remoteDispatchConnectGetCPUModelNames(virNetServerPtr server ATTRIBUTE_UNUSED, { int len, rv = -1; char **models = NULL; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - len = virConnectGetCPUModelNames(priv->conn, args->arch, + len = virConnectGetCPUModelNames(conn, args->arch, args->need_results ? &models : NULL, args->flags); if (len < 0) @@ -5981,16 +5817,13 @@ remoteDispatchDomainCreateXMLWithFiles(virNetServerPtr server ATTRIBUTE_UNUSED, { int rv = -1; virDomainPtr dom = NULL; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); int *files = NULL; unsigned int nfiles = 0; size_t i; + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (VIR_ALLOC_N(files, msg->nfds) < 0) goto cleanup; @@ -6000,7 +5833,7 @@ remoteDispatchDomainCreateXMLWithFiles(virNetServerPtr server ATTRIBUTE_UNUSED, nfiles++; } - if ((dom = virDomainCreateXMLWithFiles(priv->conn, args->xml_desc, + if ((dom = virDomainCreateXMLWithFiles(conn, args->xml_desc, nfiles, files, args->flags)) == NULL) goto cleanup; @@ -6030,16 +5863,13 @@ static int remoteDispatchDomainCreateWithFiles(virNetServerPtr server ATTRIBUTE_ { int rv = -1; virDomainPtr dom = NULL; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); int *files = NULL; unsigned int nfiles = 0; size_t i; + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (VIR_ALLOC_N(files, msg->nfds) < 0) goto cleanup; @@ -6049,7 +5879,7 @@ static int remoteDispatchDomainCreateWithFiles(virNetServerPtr server ATTRIBUTE_ nfiles++; } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainCreateWithFiles(dom, @@ -6085,19 +5915,18 @@ remoteDispatchConnectNetworkEventRegisterAny(virNetServerPtr server ATTRIBUTE_UN int rv = -1; daemonClientEventCallbackPtr callback = NULL; daemonClientEventCallbackPtr ref; + virNetworkPtr net = NULL; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); - virNetworkPtr net = NULL; + virConnectPtr conn = remoteGetNetworkConn(client); virMutexLock(&priv->lock); - if (!priv->networkConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->net && - !(net = get_nonnull_network(priv->networkConn, *args->net))) + !(net = get_nonnull_network(conn, *args->net))) goto cleanup; if (args->eventID >= VIR_NETWORK_EVENT_ID_LAST || args->eventID < 0) { @@ -6123,7 +5952,7 @@ remoteDispatchConnectNetworkEventRegisterAny(virNetServerPtr server ATTRIBUTE_UN callback) < 0) goto cleanup; - if ((callbackID = virConnectNetworkEventRegisterAny(priv->networkConn, + if ((callbackID = virConnectNetworkEventRegisterAny(conn, net, args->eventID, networkEventCallbacks[args->eventID], @@ -6161,13 +5990,12 @@ remoteDispatchConnectNetworkEventDeregisterAny(virNetServerPtr server ATTRIBUTE_ size_t i; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetNetworkConn(client); virMutexLock(&priv->lock); - if (!priv->networkConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } for (i = 0; i < priv->nnetworkEventCallbacks; i++) { if (priv->networkEventCallbacks[i]->callbackID == args->callbackID) @@ -6180,7 +6008,7 @@ remoteDispatchConnectNetworkEventDeregisterAny(virNetServerPtr server ATTRIBUTE_ goto cleanup; } - if (virConnectNetworkEventDeregisterAny(priv->networkConn, args->callbackID) < 0) + if (virConnectNetworkEventDeregisterAny(conn, args->callbackID) < 0) goto cleanup; VIR_DELETE_ELEMENT(priv->networkEventCallbacks, i, @@ -6210,16 +6038,15 @@ remoteDispatchConnectStoragePoolEventRegisterAny(virNetServerPtr server ATTRIBUT struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); virStoragePoolPtr pool = NULL; + virConnectPtr conn = remoteGetStorageConn(client); virMutexLock(&priv->lock); - if (!priv->storageConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->pool && - !(pool = get_nonnull_storage_pool(priv->storageConn, *args->pool))) + !(pool = get_nonnull_storage_pool(conn, *args->pool))) goto cleanup; if (args->eventID >= VIR_STORAGE_POOL_EVENT_ID_LAST || args->eventID < 0) { @@ -6245,7 +6072,7 @@ remoteDispatchConnectStoragePoolEventRegisterAny(virNetServerPtr server ATTRIBUT callback) < 0) goto cleanup; - if ((callbackID = virConnectStoragePoolEventRegisterAny(priv->storageConn, + if ((callbackID = virConnectStoragePoolEventRegisterAny(conn, pool, args->eventID, storageEventCallbacks[args->eventID], @@ -6282,13 +6109,12 @@ remoteDispatchConnectStoragePoolEventDeregisterAny(virNetServerPtr server ATTRIB size_t i; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetStorageConn(client); virMutexLock(&priv->lock); - if (!priv->storageConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } for (i = 0; i < priv->nstorageEventCallbacks; i++) { if (priv->storageEventCallbacks[i]->callbackID == args->callbackID) @@ -6301,7 +6127,7 @@ remoteDispatchConnectStoragePoolEventDeregisterAny(virNetServerPtr server ATTRIB goto cleanup; } - if (virConnectStoragePoolEventDeregisterAny(priv->storageConn, args->callbackID) < 0) + if (virConnectStoragePoolEventDeregisterAny(conn, args->callbackID) < 0) goto cleanup; VIR_DELETE_ELEMENT(priv->storageEventCallbacks, i, @@ -6331,16 +6157,15 @@ remoteDispatchConnectNodeDeviceEventRegisterAny(virNetServerPtr server ATTRIBUTE struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); virNodeDevicePtr dev = NULL; + virConnectPtr conn = remoteGetNodeDevConn(client); virMutexLock(&priv->lock); - if (!priv->nodedevConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->dev && - !(dev = get_nonnull_node_device(priv->nodedevConn, *args->dev))) + !(dev = get_nonnull_node_device(conn, *args->dev))) goto cleanup; if (args->eventID >= VIR_NODE_DEVICE_EVENT_ID_LAST || args->eventID < 0) { @@ -6366,7 +6191,7 @@ remoteDispatchConnectNodeDeviceEventRegisterAny(virNetServerPtr server ATTRIBUTE callback) < 0) goto cleanup; - if ((callbackID = virConnectNodeDeviceEventRegisterAny(priv->nodedevConn, + if ((callbackID = virConnectNodeDeviceEventRegisterAny(conn, dev, args->eventID, nodeDeviceEventCallbacks[args->eventID], @@ -6403,13 +6228,12 @@ remoteDispatchConnectNodeDeviceEventDeregisterAny(virNetServerPtr server ATTRIBU size_t i; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetNodeDevConn(client); virMutexLock(&priv->lock); - if (!priv->nodedevConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } for (i = 0; i < priv->nnodeDeviceEventCallbacks; i++) { if (priv->nodeDeviceEventCallbacks[i]->callbackID == args->callbackID) @@ -6422,7 +6246,7 @@ remoteDispatchConnectNodeDeviceEventDeregisterAny(virNetServerPtr server ATTRIBU goto cleanup; } - if (virConnectNodeDeviceEventDeregisterAny(priv->nodedevConn, args->callbackID) < 0) + if (virConnectNodeDeviceEventDeregisterAny(conn, args->callbackID) < 0) goto cleanup; VIR_DELETE_ELEMENT(priv->nodeDeviceEventCallbacks, i, @@ -6452,16 +6276,15 @@ remoteDispatchConnectSecretEventRegisterAny(virNetServerPtr server ATTRIBUTE_UNU struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); virSecretPtr secret = NULL; + virConnectPtr conn = remoteGetSecretConn(client); virMutexLock(&priv->lock); - if (!priv->secretConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->secret && - !(secret = get_nonnull_secret(priv->secretConn, *args->secret))) + !(secret = get_nonnull_secret(conn, *args->secret))) goto cleanup; if (args->eventID >= VIR_SECRET_EVENT_ID_LAST || args->eventID < 0) { @@ -6487,7 +6310,7 @@ remoteDispatchConnectSecretEventRegisterAny(virNetServerPtr server ATTRIBUTE_UNU callback) < 0) goto cleanup; - if ((callbackID = virConnectSecretEventRegisterAny(priv->secretConn, + if ((callbackID = virConnectSecretEventRegisterAny(conn, secret, args->eventID, secretEventCallbacks[args->eventID], @@ -6524,13 +6347,12 @@ remoteDispatchConnectSecretEventDeregisterAny(virNetServerPtr server ATTRIBUTE_U size_t i; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetSecretConn(client); virMutexLock(&priv->lock); - if (!priv->secretConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } for (i = 0; i < priv->nsecretEventCallbacks; i++) { if (priv->secretEventCallbacks[i]->callbackID == args->callbackID) @@ -6543,7 +6365,7 @@ remoteDispatchConnectSecretEventDeregisterAny(virNetServerPtr server ATTRIBUTE_U goto cleanup; } - if (virConnectSecretEventDeregisterAny(priv->secretConn, args->callbackID) < 0) + if (virConnectSecretEventDeregisterAny(conn, args->callbackID) < 0) goto cleanup; VIR_DELETE_ELEMENT(priv->secretEventCallbacks, i, @@ -6574,16 +6396,15 @@ qemuDispatchConnectDomainMonitorEventRegister(virNetServerPtr server ATTRIBUTE_U virNetServerClientGetPrivateData(client); virDomainPtr dom = NULL; const char *event = args->event ? *args->event : NULL; + virConnectPtr conn = remoteGetHypervisorConn(client); virMutexLock(&priv->lock); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->dom && - !(dom = get_nonnull_domain(priv->conn, *args->dom))) + !(dom = get_nonnull_domain(conn, *args->dom))) goto cleanup; /* If we call register first, we could append a complete callback @@ -6603,7 +6424,7 @@ qemuDispatchConnectDomainMonitorEventRegister(virNetServerPtr server ATTRIBUTE_U callback) < 0) goto cleanup; - if ((callbackID = virConnectDomainQemuMonitorEventRegister(priv->conn, + if ((callbackID = virConnectDomainQemuMonitorEventRegister(conn, dom, event, remoteRelayDomainQemuMonitorEvent, @@ -6642,13 +6463,12 @@ qemuDispatchConnectDomainMonitorEventDeregister(virNetServerPtr server ATTRIBUTE size_t i; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); virMutexLock(&priv->lock); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } for (i = 0; i < priv->nqemuEventCallbacks; i++) { if (priv->qemuEventCallbacks[i]->callbackID == args->callbackID) @@ -6661,7 +6481,7 @@ qemuDispatchConnectDomainMonitorEventDeregister(virNetServerPtr server ATTRIBUTE goto cleanup; } - if (virConnectDomainQemuMonitorEventDeregister(priv->conn, + if (virConnectDomainQemuMonitorEventDeregister(conn, args->callbackID) < 0) goto cleanup; @@ -6689,15 +6509,12 @@ remoteDispatchDomainGetTime(virNetServerPtr server ATTRIBUTE_UNUSED, virDomainPtr dom = NULL; long long seconds; unsigned int nseconds; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainGetTime(dom, &seconds, &nseconds, args->flags) < 0) @@ -6725,13 +6542,10 @@ remoteDispatchNodeGetFreePages(virNetServerPtr server ATTRIBUTE_UNUSED, { int rv = -1; int len; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->pages.pages_len * args->cellCount > REMOTE_NODE_MAX_CELLS) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", @@ -6744,7 +6558,7 @@ remoteDispatchNodeGetFreePages(virNetServerPtr server ATTRIBUTE_UNUSED, args->pages.pages_len * args->cellCount) < 0) goto cleanup; - if ((len = virNodeGetFreePages(priv->conn, + if ((len = virNodeGetFreePages(conn, args->pages.pages_len, args->pages.pages_val, args->startCell, @@ -6838,17 +6652,15 @@ remoteDispatchNetworkGetDHCPLeases(virNetServerPtr server ATTRIBUTE_UNUSED, { int rv = -1; size_t i; - struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); virNetworkDHCPLeasePtr *leases = NULL; virNetworkPtr net = NULL; int nleases = 0; + virConnectPtr conn = remoteGetNetworkConn(client); - if (!priv->networkConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(net = get_nonnull_network(priv->networkConn, args->net))) + if (!(net = get_nonnull_network(conn, args->net))) goto cleanup; if ((nleases = virNetworkGetDHCPLeases(net, @@ -6906,22 +6718,20 @@ remoteDispatchConnectGetAllDomainStats(virNetServerPtr server ATTRIBUTE_UNUSED, { int rv = -1; size_t i; - struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); virDomainStatsRecordPtr *retStats = NULL; int nrecords = 0; virDomainPtr *doms = NULL; + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->doms.doms_len) { if (VIR_ALLOC_N(doms, args->doms.doms_len + 1) < 0) goto cleanup; for (i = 0; i < args->doms.doms_len; i++) { - if (!(doms[i] = get_nonnull_domain(priv->conn, args->doms.doms_val[i]))) + if (!(doms[i] = get_nonnull_domain(conn, args->doms.doms_val[i]))) goto cleanup; } @@ -6931,7 +6741,7 @@ remoteDispatchConnectGetAllDomainStats(virNetServerPtr server ATTRIBUTE_UNUSED, args->flags)) < 0) goto cleanup; } else { - if ((nrecords = virConnectGetAllDomainStats(priv->conn, + if ((nrecords = virConnectGetAllDomainStats(conn, args->stats, &retStats, args->flags)) < 0) @@ -6993,15 +6803,12 @@ remoteDispatchNodeAllocPages(virNetServerPtr server ATTRIBUTE_UNUSED, { int rv = -1; int len; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if ((len = virNodeAllocPages(priv->conn, + if ((len = virNodeAllocPages(conn, args->pageSizes.pageSizes_len, args->pageSizes.pageSizes_val, (unsigned long long *) args->pageCounts.pageCounts_val, @@ -7030,19 +6837,17 @@ remoteDispatchDomainGetFSInfo(virNetServerPtr server ATTRIBUTE_UNUSED, { int rv = -1; size_t i, j; - struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); virDomainFSInfoPtr *info = NULL; virDomainPtr dom = NULL; remote_domain_fsinfo *dst; int ninfo = 0; size_t ndisk; + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if ((ninfo = virDomainGetFSInfo(dom, &info, args->flags)) < 0) @@ -7227,15 +7032,12 @@ remoteDispatchDomainInterfaceAddresses(virNetServerPtr server ATTRIBUTE_UNUSED, virDomainPtr dom = NULL; virDomainInterfacePtr *ifaces = NULL; int ifaces_count = 0; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if ((ifaces_count = virDomainInterfaceAddresses(dom, &ifaces, args->source, args->flags)) < 0) @@ -7273,15 +7075,12 @@ remoteDispatchStorageVolGetInfoFlags(virNetServerPtr server ATTRIBUTE_UNUSED, int rv = -1; virStorageVolPtr vol = NULL; virStorageVolInfo tmp; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetStorageConn(client); - if (!priv->storageConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(vol = get_nonnull_storage_vol(priv->storageConn, args->vol))) + if (!(vol = get_nonnull_storage_vol(conn, args->vol))) goto cleanup; if (virStorageVolGetInfoFlags(vol, &tmp, args->flags) < 0) @@ -7312,15 +7111,12 @@ remoteDispatchNetworkPortGetParameters(virNetServerPtr server ATTRIBUTE_UNUSED, virNetworkPortPtr port = NULL; virTypedParameterPtr params = NULL; int nparams = 0; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetNetworkConn(client); - if (!priv->networkConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(port = get_nonnull_network_port(priv->networkConn, args->port))) + if (!(port = get_nonnull_network_port(conn, args->port))) goto cleanup; if (virNetworkPortGetParameters(port, &params, &nparams, args->flags) < 0) -- 2.21.0

On Mon, 2019-07-29 at 18:11 +0100, Daniel P. Berrangé wrote: Empty line here. Our coding style guidelines allow this, but personally I think it's less readable and in this specific case also happens to make the diff unnecessarily bigger, so I would suggest keeping the curly braces. If you prefer not making this change, though, that's alright too :) I thought we agreed to have at least a comment explaining that this is necessary to support the virtproxyd use case? With the comment added, Reviewed-by: Andrea Bolognani <abologna(a)redhat.com&gt; -- Andrea Bolognani / Red Hat / Virtualization

On Mon, 2019-07-29 at 18:11 +0100, Daniel P. Berrangé wrote: One argument per line. Reviewed-by: Andrea Bolognani <abologna(a)redhat.com&gt; -- Andrea Bolognani / Red Hat / Virtualization

The ssh, libssh, libssh2 & unix transports all need to use a UNIX socket path, and duplicate some of the same logic for error checking. Pull this out into a separate method to increase code sharing. Reviewed-by: Andrea Bolognani <abologna(a)redhat.com&gt; Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- src/remote/remote_driver.c | 123 +++++++++++++++---------------------- 1 file changed, 48 insertions(+), 75 deletions(-) diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index 706d9e6e14..e647a77f41 100644 --- a/src/remote/remote_driver.c +++ b/src/remote/remote_driver.c @@ -747,34 +747,35 @@ remoteConnectSupportsFeatureUnlocked(virConnectPtr conn, } -#ifndef WIN32 -static char *remoteGetUNIXSocketNonRoot(void) +static char * +remoteGetUNIXSocket(remoteDriverTransport transport, + unsigned int flags) { char *sockname = NULL; - char *userdir = virGetUserRuntimeDirectory(); - - if (!userdir) - return NULL; + VIR_AUTOFREE(char *) userdir = NULL; + + if (flags & VIR_DRV_OPEN_REMOTE_USER) { + if (transport != REMOTE_DRIVER_TRANSPORT_UNIX) { + virReportError(VIR_ERR_OPERATION_UNSUPPORTED, + _("Connecting to session instance without " + "socket path is not supported by the %s " + "transport"), + remoteDriverTransportTypeToString(transport)); + return NULL; + } + if (!(userdir = virGetUserRuntimeDirectory())) + return NULL; - if (virAsprintf(&sockname, "%s/" LIBVIRTD_USER_UNIX_SOCKET, userdir) < 0) { - VIR_FREE(userdir); - return NULL; + if (virAsprintf(&sockname, + "%s/" LIBVIRTD_USER_UNIX_SOCKET, userdir) < 0) + return NULL; + } else { + if (VIR_STRDUP(sockname, + flags & VIR_DRV_OPEN_REMOTE_RO ? + LIBVIRTD_PRIV_UNIX_SOCKET_RO : + LIBVIRTD_PRIV_UNIX_SOCKET) < 0) + return NULL; } - VIR_FREE(userdir); - - VIR_DEBUG("Chosen UNIX sockname %s", sockname); - return sockname; -} -#endif /* WIN32 */ - -static char *remoteGetUNIXSocketRoot(unsigned int flags) -{ - char *sockname = NULL; - - if (VIR_STRDUP(sockname, - flags & VIR_DRV_OPEN_REMOTE_RO ? - LIBVIRTD_PRIV_UNIX_SOCKET_RO : LIBVIRTD_PRIV_UNIX_SOCKET) < 0) - return NULL; VIR_DEBUG("Chosen UNIX sockname %s", sockname); return sockname; @@ -976,6 +977,29 @@ doRemoteOpen(virConnectPtr conn, } VIR_DEBUG("Connecting with transport %d", transport); + + switch ((remoteDriverTransport)transport) { + case REMOTE_DRIVER_TRANSPORT_UNIX: + case REMOTE_DRIVER_TRANSPORT_SSH: + case REMOTE_DRIVER_TRANSPORT_LIBSSH: + case REMOTE_DRIVER_TRANSPORT_LIBSSH2: + if (!sockname && + !(sockname = remoteGetUNIXSocket(transport, flags))) + goto failed; + + case REMOTE_DRIVER_TRANSPORT_TCP: + case REMOTE_DRIVER_TRANSPORT_TLS: + case REMOTE_DRIVER_TRANSPORT_EXT: + break; + + case REMOTE_DRIVER_TRANSPORT_LAST: + default: + virReportEnumRangeError(remoteDriverTransport, transport); + goto failed; + } + + VIR_DEBUG("Chosen UNIX socket %s", NULLSTR(sockname)); + /* Connect to the remote service. */ switch ((remoteDriverTransport)transport) { case REMOTE_DRIVER_TRANSPORT_TLS: @@ -1017,20 +1041,6 @@ doRemoteOpen(virConnectPtr conn, break; case REMOTE_DRIVER_TRANSPORT_LIBSSH2: - if (!sockname) { - /* Right now we don't support default session connections */ - if (flags & VIR_DRV_OPEN_REMOTE_USER) { - virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", - _("Connecting to session instance without " - "socket path is not supported by the libssh2 " - "connection driver")); - goto failed; - } - - if (!(sockname = remoteGetUNIXSocketRoot(flags))) - goto failed; - } - VIR_DEBUG("Starting LibSSH2 session"); priv->client = virNetClientNewLibSSH2(priv->hostname, @@ -1052,20 +1062,6 @@ doRemoteOpen(virConnectPtr conn, break; case REMOTE_DRIVER_TRANSPORT_LIBSSH: - if (!sockname) { - /* Right now we don't support default session connections */ - if (flags & VIR_DRV_OPEN_REMOTE_USER) { - virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", - _("Connecting to session instance without " - "socket path is not supported by the libssh " - "connection driver")); - goto failed; - } - - if (!(sockname = remoteGetUNIXSocketRoot(flags))) - goto failed; - } - VIR_DEBUG("Starting libssh session"); priv->client = virNetClientNewLibssh(priv->hostname, @@ -1088,15 +1084,6 @@ doRemoteOpen(virConnectPtr conn, #ifndef WIN32 case REMOTE_DRIVER_TRANSPORT_UNIX: - if (!sockname) { - if (flags & VIR_DRV_OPEN_REMOTE_USER) - sockname = remoteGetUNIXSocketNonRoot(); - else - sockname = remoteGetUNIXSocketRoot(flags); - if (!sockname) - goto failed; - } - if ((flags & VIR_DRV_OPEN_REMOTE_AUTOSTART) && !(daemonPath = virFileFindResourceFull("libvirtd", NULL, NULL, @@ -1117,20 +1104,6 @@ doRemoteOpen(virConnectPtr conn, if (!command && VIR_STRDUP(command, "ssh") < 0) goto failed; - if (!sockname) { - /* Right now we don't support default session connections */ - if (flags & VIR_DRV_OPEN_REMOTE_USER) { - virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", - _("Connecting to session instance without " - "socket path is not supported by the ssh " - "connection driver")); - goto failed; - } - - if (!(sockname = remoteGetUNIXSocketRoot(flags))) - goto failed; - } - if (!(priv->client = virNetClientNewSSH(priv->hostname, port, command, -- 2.21.0

Historically URIs handled by the remote driver will always connect to the libvirtd UNIX socket. There will now be one daemon per driver, and each of these has its own UNIX sockets to connect to. It will still be possible to run the traditional monolithic libvirtd though, which will have the original UNIX socket path. In addition there is a virproxyd daemon that doesn't run any drivers, but provides proxying for clients accessing libvirt over IP sockets, or tunnelling to the legacy libvirtd UNIX socket path. Finally when running inside a daemon, the remote driver must not reject connections unconditionally. For example, the QEMU driver needs to be able to connect to the network driver. The remote driver must thus be willing to handle connections even when inside the daemon, provided no local driver is registered. This refactoring enables the remote driver to be able to connect to the per-driver daemons. The URI parameter "mode" accepts the values "auto", "direct" and "legacy" to control which daemons are connected to. The client side libvirt.conf config file also supports a "remote_mode" setting which is used if the URI parameter is not set. If neither the config file or URI parameter set a mode, then "auto" is used, whereby the client looks to see which sockets actually exist right now. The remote driver will only ever spawn the per-driver daemons, or the legacy libvirtd. It won't ever try to spawn virtproxyd, as that is only there for IP based connectivity, or for access from legacy remote clients. If connecting to a remote host over any kind of ssh tunnel, for now we must assume only the legacy socket exists. A future patch will introduce a netcat replacement that is tailored for libvirt to make remote tunnelling easier. The configure arg '--with-remote-default-mode=legacy|direct' allows packagers to set a default at build time. If not given, it will default to legacy mode. Eventually the default will switch to default mode. Distros can choose todo the switch earlier if desired. The main blocker is testing and suitable SELinux/AppArmor policies. Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- docs/remote.html.in | 18 ++++ libvirt.spec.in | 1 + m4/virt-driver-remote.m4 | 15 +++ src/driver.h | 2 + src/libvirt.c | 27 +++++ src/remote/remote_driver.c | 209 +++++++++++++++++++++++++++++++++---- src/remote/remote_driver.h | 3 - 7 files changed, 250 insertions(+), 25 deletions(-) diff --git a/docs/remote.html.in b/docs/remote.html.in index fbcc8bf01c..78e071a898 100644 --- a/docs/remote.html.in +++ b/docs/remote.html.in @@ -206,6 +206,24 @@ Note that parameter values must be <td colspan="2"/> <td> Example: <code>tls_priority=NORMAL:-VERS-SSL3.0</code> </td> </tr> + <tr> + <td> + <code>mode</code> + </td> + <td> unix, ssh, libssh, libssh2 </td> + <td> + <dl> + <dt><code>auto</code></dt><dd>automatically determine the daemon</dd> + <dt><code>direct</code></dt><dd>connect to per-driver daemons</dd> + <dt><code>legacy</code></dt><dd>connect to libvirtd</dd> + </dl> + Can also be set in <code>libvirt.conf</code> as <code>remote_mode</code> + </td> + </tr> + <tr> + <td colspan="2"/> + <td> Example: <code>mode=direct</code> </td> + </tr> <tr> <td> <code>command</code> diff --git a/libvirt.spec.in b/libvirt.spec.in index c1da28892a..112c3fe7c4 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1170,6 +1170,7 @@ rm -f po/stamp-po --without-xenapi \ --without-vz \ --without-bhyve \ + --with-remote-default-mode=legacy \ --with-interface \ --with-network \ --with-storage-fs \ diff --git a/m4/virt-driver-remote.m4 b/m4/virt-driver-remote.m4 index c7af5b3fc6..8d98e369b3 100644 --- a/m4/virt-driver-remote.m4 +++ b/m4/virt-driver-remote.m4 @@ -19,6 +19,7 @@ dnl AC_DEFUN([LIBVIRT_DRIVER_ARG_REMOTE], [ LIBVIRT_ARG_WITH_FEATURE([REMOTE], [remote driver], [yes]) + LIBVIRT_ARG_WITH([REMOTE_DEFAULT_MODE], [remote driver default mode], [legacy]) ]) AC_DEFUN([LIBVIRT_DRIVER_CHECK_REMOTE], [ @@ -26,6 +27,20 @@ AC_DEFUN([LIBVIRT_DRIVER_CHECK_REMOTE], [ AC_DEFINE_UNQUOTED([WITH_REMOTE], 1, [whether Remote driver is enabled]) fi AM_CONDITIONAL([WITH_REMOTE], [test "$with_remote" = "yes"]) + + case "$with_remote_default_mode" in + legacy) + REMOTE_DRIVER_MODE_DEFAULT=REMOTE_DRIVER_MODE_LEGACY + ;; + direct) + REMOTE_DRIVER_MODE_DEFAULT=REMOTE_DRIVER_MODE_DIRECT + ;; + *) + AC_MSG_ERROR([Unknown remote mode '$with_remote_default_mode']) + ;; + esac + + AC_DEFINE_UNQUOTED([REMOTE_DRIVER_MODE_DEFAULT],[$REMOTE_DRIVER_MODE_DEFAULT], [Default remote driver mode]) ]) AC_DEFUN([LIBVIRT_DRIVER_RESULT_REMOTE], [ diff --git a/src/driver.h b/src/driver.h index 898fb96df4..f7d667a03c 100644 --- a/src/driver.h +++ b/src/driver.h @@ -108,6 +108,8 @@ int virSetSharedNWFilterDriver(virNWFilterDriverPtr driver) ATTRIBUTE_RETURN_CHE int virSetSharedSecretDriver(virSecretDriverPtr driver) ATTRIBUTE_RETURN_CHECK; int virSetSharedStorageDriver(virStorageDriverPtr driver) ATTRIBUTE_RETURN_CHECK; +bool virHasDriverForURIScheme(const char *scheme); + int virDriverLoadModule(const char *name, const char *regfunc, bool required); diff --git a/src/libvirt.c b/src/libvirt.c index 9390a767f9..beafbc3716 100644 --- a/src/libvirt.c +++ b/src/libvirt.c @@ -601,6 +601,33 @@ virRegisterConnectDriver(virConnectDriverPtr driver, } +/** + * virHasDriverForURIScheme: + * @scheme: the URI scheme + * + * Determine if there is a driver registered that explicitly + * handles URIs with the scheme @scheme. + * + * Returns: true if a driver is registered + */ +bool +virHasDriverForURIScheme(const char *scheme) +{ + size_t i; + size_t j; + + for (i = 0; i < virConnectDriverTabCount; i++) { + if (!virConnectDriverTab[i]->uriSchemes) + continue; + for (j = 0; virConnectDriverTab[i]->uriSchemes[j]; j++) { + if (STREQ(virConnectDriverTab[i]->uriSchemes[j], scheme)) + return true; + } + } + + return false; +} + /** * virRegisterStateDriver: * @driver: pointer to a driver block diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index e647a77f41..889d62ba4f 100644 --- a/src/remote/remote_driver.c +++ b/src/remote/remote_driver.c @@ -78,6 +78,24 @@ VIR_ENUM_IMPL(remoteDriverTransport, "tcp", "libssh"); +typedef enum { + /* Try to figure out the "best" choice magically */ + REMOTE_DRIVER_MODE_AUTO, + /* Always use the legacy libvirtd */ + REMOTE_DRIVER_MODE_LEGACY, + /* Always use the per-driver virt*d daemons */ + REMOTE_DRIVER_MODE_DIRECT, + + REMOTE_DRIVER_MODE_LAST +} remoteDriverMode; + +VIR_ENUM_DECL(remoteDriverMode); +VIR_ENUM_IMPL(remoteDriverMode, + REMOTE_DRIVER_MODE_LAST, + "auto", + "legacy", + "direct"); + #if SIZEOF_LONG < 8 # define HYPER_TO_TYPE(_type, _to, _from) \ do { \ @@ -748,8 +766,9 @@ remoteConnectSupportsFeatureUnlocked(virConnectPtr conn, static char * -remoteGetUNIXSocket(remoteDriverTransport transport, - unsigned int flags) +remoteGetUNIXSocketHelper(remoteDriverTransport transport, + const char *sock_prefix, + unsigned int flags) { char *sockname = NULL; VIR_AUTOFREE(char *) userdir = NULL; @@ -766,21 +785,129 @@ remoteGetUNIXSocket(remoteDriverTransport transport, if (!(userdir = virGetUserRuntimeDirectory())) return NULL; - if (virAsprintf(&sockname, - "%s/" LIBVIRTD_USER_UNIX_SOCKET, userdir) < 0) + if (virAsprintf(&sockname, "%s/%s-sock", + userdir, sock_prefix) < 0) return NULL; } else { - if (VIR_STRDUP(sockname, - flags & VIR_DRV_OPEN_REMOTE_RO ? - LIBVIRTD_PRIV_UNIX_SOCKET_RO : - LIBVIRTD_PRIV_UNIX_SOCKET) < 0) + if (virAsprintf(&sockname, "%s/run/libvirt/%s-%s", + LOCALSTATEDIR, sock_prefix, + flags & VIR_DRV_OPEN_REMOTE_RO ? + "sock-ro" : "sock") < 0) return NULL; } - VIR_DEBUG("Chosen UNIX sockname %s", sockname); + VIR_DEBUG("Built UNIX sockname %s for transport %s prefix %s flags=0x%x", + sockname, remoteDriverTransportTypeToString(transport), + sock_prefix, flags); return sockname; } + +static char * +remoteGetUNIXSocket(remoteDriverTransport transport, + remoteDriverMode mode, + const char *driver, + char **daemon, + unsigned int flags) +{ + char *sock_name = NULL; + VIR_AUTOFREE(char *) direct_daemon = NULL; + VIR_AUTOFREE(char *) legacy_daemon = NULL; + VIR_AUTOFREE(char *) direct_sock_name = NULL; + VIR_AUTOFREE(char *) legacy_sock_name = NULL; + + if (driver && + virAsprintf(&direct_daemon, "virt%sd", driver) < 0) + return NULL; + + if (VIR_STRDUP(legacy_daemon, "libvirtd") < 0) + return NULL; + + if (driver && + !(direct_sock_name = remoteGetUNIXSocketHelper(transport, direct_daemon, flags))) + return NULL; + + if (!(legacy_sock_name = remoteGetUNIXSocketHelper(transport, "libvirt", flags))) + return NULL; + + if (mode == REMOTE_DRIVER_MODE_AUTO) { + if (transport == REMOTE_DRIVER_TRANSPORT_UNIX) { + if (direct_sock_name && virFileExists(direct_sock_name)) { + mode = REMOTE_DRIVER_MODE_DIRECT; + } else if (virFileExists(legacy_sock_name)) { + mode = REMOTE_DRIVER_MODE_LEGACY; + } else if (driver) { + /* + * This constant comes from the configure script and + * maps to either the direct or legacy mode constant + */ + mode = REMOTE_DRIVER_MODE_DEFAULT; + } else { + mode = REMOTE_DRIVER_MODE_LEGACY; + } + } else { + mode = REMOTE_DRIVER_MODE_LEGACY; + } + } + + switch ((remoteDriverMode)mode) { + case REMOTE_DRIVER_MODE_LEGACY: + VIR_STEAL_PTR(sock_name, legacy_sock_name); + VIR_STEAL_PTR(*daemon, legacy_daemon); + break; + + case REMOTE_DRIVER_MODE_DIRECT: + if (transport != REMOTE_DRIVER_TRANSPORT_UNIX) { + virReportError(VIR_ERR_OPERATION_UNSUPPORTED, + _("Cannot use direct socket mode for %s transport"), + remoteDriverTransportTypeToString(transport)); + return NULL; + } + + if (!direct_sock_name) { + virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", + _("Cannot use direct socket mode if no URI is set")); + return NULL; + } + + VIR_STEAL_PTR(sock_name, direct_sock_name); + VIR_STEAL_PTR(*daemon, direct_daemon); + break; + + case REMOTE_DRIVER_MODE_AUTO: + case REMOTE_DRIVER_MODE_LAST: + default: + virReportEnumRangeError(remoteDriverMode, mode); + return NULL; + } + + VIR_DEBUG("Chosen UNIX sockname %s daemon %s " + "for mode %s transport %s flags=0x%x", + sock_name, NULLSTR(*daemon), + remoteDriverModeTypeToString(mode), + remoteDriverTransportTypeToString(transport), + flags); + return sock_name; +} + + +#ifndef WIN32 +static const char * +remoteGetDaemonPathEnv(void) +{ + /* We prefer a VIRTD_PATH env var to use for all daemons, + * but if it is not set we will fallback to LIBVIRTD_PATH + * for previous behaviour + */ + if (virGetEnvBlockSUID("VIRTD_PATH") != NULL) { + return "VIRTD_PATH"; + } else { + return "LIBVIRTD_PATH"; + } +} +#endif /* WIN32 */ + + /* * URIs that this driver needs to handle: * @@ -827,11 +954,20 @@ doRemoteOpen(virConnectPtr conn, VIR_AUTOFREE(char *) sshauth = NULL; VIR_AUTOFREE(char *) knownHostsVerify = NULL; VIR_AUTOFREE(char *) knownHosts = NULL; + VIR_AUTOFREE(char *) mode_str = NULL; + VIR_AUTOFREE(char *) daemon_name = NULL; bool sanity = true; bool verify = true; #ifndef WIN32 bool tty = true; #endif + int mode; + + if (inside_daemon && !conn->uri->server) { + mode = REMOTE_DRIVER_MODE_DIRECT; + } else { + mode = REMOTE_DRIVER_MODE_AUTO; + } /* We handle *ALL* URIs here. The caller has rejected any * URIs we don't care about */ @@ -920,7 +1056,7 @@ doRemoteOpen(virConnectPtr conn, EXTRACT_URI_ARG_STR("known_hosts", knownHosts); EXTRACT_URI_ARG_STR("known_hosts_verify", knownHostsVerify); EXTRACT_URI_ARG_STR("tls_priority", tls_priority); - + EXTRACT_URI_ARG_STR("mode", mode_str); EXTRACT_URI_ARG_BOOL("no_sanity", sanity); EXTRACT_URI_ARG_BOOL("no_verify", verify); #ifndef WIN32 @@ -967,6 +1103,21 @@ doRemoteOpen(virConnectPtr conn, goto failed; } + if (conf && !mode_str && + virConfGetValueString(conf, "remote_mode", &mode_str) < 0) + goto failed; + + if (mode_str && + (mode = remoteDriverModeTypeFromString(mode_str)) < 0) + goto failed; + + /* Sanity check that nothing requested !direct mode by mistake */ + if (inside_daemon && !conn->uri->server && mode != REMOTE_DRIVER_MODE_DIRECT) { + virReportError(VIR_ERR_INVALID_ARG, "%s", + _("Connections from inside daemon must be direct")); + return VIR_DRV_OPEN_ERROR; + } + VIR_DEBUG("proceeding with name = %s", name); /* For ext transport, command is required. */ @@ -984,7 +1135,8 @@ doRemoteOpen(virConnectPtr conn, case REMOTE_DRIVER_TRANSPORT_LIBSSH: case REMOTE_DRIVER_TRANSPORT_LIBSSH2: if (!sockname && - !(sockname = remoteGetUNIXSocket(transport, flags))) + !(sockname = remoteGetUNIXSocket(transport, mode, driver_str, + &daemon_name, flags))) goto failed; case REMOTE_DRIVER_TRANSPORT_TCP: @@ -1084,13 +1236,15 @@ doRemoteOpen(virConnectPtr conn, #ifndef WIN32 case REMOTE_DRIVER_TRANSPORT_UNIX: - if ((flags & VIR_DRV_OPEN_REMOTE_AUTOSTART) && - !(daemonPath = virFileFindResourceFull("libvirtd", - NULL, NULL, - abs_top_builddir "/src", - SBINDIR, - "LIBVIRTD_PATH"))) - goto failed; + if (flags & VIR_DRV_OPEN_REMOTE_AUTOSTART) { + const char *env_name = remoteGetDaemonPathEnv(); + if (!(daemonPath = virFileFindResourceFull(daemon_name, + NULL, NULL, + abs_top_builddir "/src", + SBINDIR, + env_name))) + goto failed; + } if (!(priv->client = virNetClientNewUNIX(sockname, flags & VIR_DRV_OPEN_REMOTE_AUTOSTART, @@ -1206,7 +1360,7 @@ doRemoteOpen(virConnectPtr conn, { remote_connect_open_args args = { &name, flags }; - VIR_DEBUG("Trying to open URI %s", name); + VIR_DEBUG("Trying to open URI '%s'", name); if (call(conn, priv, 0, REMOTE_PROC_CONNECT_OPEN, (xdrproc_t) xdr_remote_connect_open_args, (char *) &args, (xdrproc_t) xdr_void, (char *) NULL) == -1) @@ -1308,9 +1462,20 @@ remoteConnectOpen(virConnectPtr conn, remoteSplitURIScheme(conn->uri, &driver, &transport) < 0) goto cleanup; - if (inside_daemon && (!conn->uri || !conn->uri->server)) { - ret = VIR_DRV_OPEN_DECLINED; - goto cleanup; + if (inside_daemon) { + if (!conn->uri) { + ret = VIR_DRV_OPEN_DECLINED; + goto cleanup; + } + + /* If there's a driver registered we must defer to that. + * If there isn't a driver, we must connect in "direct" + * mode - see doRemoteOpen */ + if (!conn->uri->server && + virHasDriverForURIScheme(driver)) { + ret = VIR_DRV_OPEN_DECLINED; + goto cleanup; + } } if (!(priv = remoteAllocPrivateData())) diff --git a/src/remote/remote_driver.h b/src/remote/remote_driver.h index 132e478ef3..1fab5a6cc4 100644 --- a/src/remote/remote_driver.h +++ b/src/remote/remote_driver.h @@ -31,9 +31,6 @@ unsigned long remoteVersion(void); #define LIBVIRTD_LISTEN_ADDR NULL #define LIBVIRTD_TLS_PORT "16514" #define LIBVIRTD_TCP_PORT "16509" -#define LIBVIRTD_PRIV_UNIX_SOCKET LOCALSTATEDIR "/run/libvirt/libvirt-sock" -#define LIBVIRTD_PRIV_UNIX_SOCKET_RO LOCALSTATEDIR "/run/libvirt/libvirt-sock-ro" -#define LIBVIRTD_USER_UNIX_SOCKET "libvirt-sock" /* Defaults for PKI directory. */ #define LIBVIRT_PKI_DIR SYSCONFDIR "/pki" -- 2.21.0

When using the fine grained access control mechanism for APIs, when a client connects to libvirtd, it will fetch the uid, gid, selinux info of the remote client on the UNIX domain socket. This is then used as the identity when checking ACLs. With the new split daemons things are a bit more complicated. The user can connect to virtproxyd, which in turn connects to virtqemud. When virtqemud requests the identity over the UNIX domain socket, it will get the identity that the virtproxyd is running as, not the identity of the real end user/application. virproxyd knows what the real identity is, and needs to be able to forward this information to virtqemud. The virConnectSetIdentity API provides a mechanism for doing this. Obviously virtqemud should not accept such identity overrides from any client, it must only honour it from a trusted client, aka one running as the same uid/gid as itself. The typed parameters exposed in the API are the same as those currently supported by the internal virIdentity class. Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- include/libvirt/libvirt-host.h | 75 ++++++++++++++++++++++++++++++++++ src/driver-hypervisor.h | 7 ++++ src/libvirt-host.c | 51 +++++++++++++++++++++++ src/libvirt_public.syms | 1 + 4 files changed, 134 insertions(+) diff --git a/include/libvirt/libvirt-host.h b/include/libvirt/libvirt-host.h index 7debb5f829..8ea3531750 100644 --- a/include/libvirt/libvirt-host.h +++ b/include/libvirt/libvirt-host.h @@ -579,6 +579,81 @@ virConnectPtr virConnectOpenAuth (const char *name, unsigned int flags); int virConnectRef (virConnectPtr conn); int virConnectClose (virConnectPtr conn); + +/** + * VIR_CONNECT_IDENTITY_OS_USER_NAME: + * + * The operating system user name as VIR_TYPED_PARAM_STRING + */ +# define VIR_CONNECT_IDENTITY_OS_USER_NAME "os-user-name" + +/** + * VIR_CONNECT_IDENTITY_OS_USER_ID: + * + * The operating system user ID as VIR_TYPED_PARAM_ULLONG + */ +# define VIR_CONNECT_IDENTITY_OS_USER_ID "os-user-id" + +/** + * VIR_CONNECT_IDENTITY_OS_GROUP_NAME: + * + * The operating system user ID as VIR_TYPED_PARAM_STRING + */ +# define VIR_CONNECT_IDENTITY_OS_GROUP_NAME "os-group-name" + +/** + * VIR_CONNECT_IDENTITY_OS_GROUP_ID: + * + * The operating system user ID as VIR_TYPED_PARAM_ULLONG + */ +# define VIR_CONNECT_IDENTITY_OS_GROUP_ID "os-group-id" + +/** + * VIR_CONNECT_IDENTITY_OS_PROCESS_ID: + * + * The operating system user ID as VIR_TYPED_PARAM_LLONG + */ +# define VIR_CONNECT_IDENTITY_OS_PROCESS_ID "os-process-id" + +/** + * VIR_CONNECT_IDENTITY_OS_PROCESS_TIME: + * + * The operating system process start time as VIR_TYPED_PARAM_ULLONG + * + * The units the time is measured in vary according to the + * host operating system. On Linux this is usually clock + * ticks (as reported in /proc/$PID/stat field 22). + */ +# define VIR_CONNECT_IDENTITY_OS_PROCESS_TIME "os-process-time" + +/** + * VIR_CONNECT_IDENTITY_SASL_USER_NAME: + * + * The SASL authenticated username as VIR_TYPED_PARAM_STRING + */ +# define VIR_CONNECT_IDENTITY_SASL_USER_NAME "sasl-user-name" + +/** + * VIR_CONNECT_IDENTITY_X509_DISTINGUISHED_NAME: + * + * The TLS x509 certificate distinguished named as VIR_TYPED_PARAM_STRING + */ +# define VIR_CONNECT_IDENTITY_X509_DISTINGUISHED_NAME "x509-distinguished-name" + +/** + * VIR_CONNECT_IDENTITY_SELINUX_CONTEXT: + * + * The application's SELinux context as VIR_TYPED_PARAM_STRING + * + */ +# define VIR_CONNECT_IDENTITY_SELINUX_CONTEXT "selinux-context" + + +int virConnectSetIdentity (virConnectPtr conn, + virTypedParameterPtr params, + int nparams, + unsigned int flags); + const char * virConnectGetType (virConnectPtr conn); int virConnectGetVersion (virConnectPtr conn, unsigned long *hvVer); diff --git a/src/driver-hypervisor.h b/src/driver-hypervisor.h index c1632ae4c6..f1bc355b65 100644 --- a/src/driver-hypervisor.h +++ b/src/driver-hypervisor.h @@ -36,6 +36,12 @@ typedef virDrvOpenStatus typedef int (*virDrvConnectClose)(virConnectPtr conn); +typedef int +(*virDrvConnectSetIdentity)(virConnectPtr conn, + virTypedParameterPtr params, + int nparams, + unsigned int flags); + typedef int (*virDrvConnectSupportsFeature)(virConnectPtr conn, int feature); @@ -1378,6 +1384,7 @@ struct _virHypervisorDriver { virDrvConnectURIProbe connectURIProbe; virDrvConnectOpen connectOpen; virDrvConnectClose connectClose; + virDrvConnectSetIdentity connectSetIdentity; virDrvConnectSupportsFeature connectSupportsFeature; virDrvConnectGetType connectGetType; virDrvConnectGetVersion connectGetVersion; diff --git a/src/libvirt-host.c b/src/libvirt-host.c index e5c4e5f72a..d7b1b82277 100644 --- a/src/libvirt-host.c +++ b/src/libvirt-host.c @@ -61,6 +61,57 @@ virConnectRef(virConnectPtr conn) } +/** + * virConnectSetIdentity: + * @conn: pointer to the hypervisor connection + * @params: parameters containing the identity attributes + * @nparams: size of @params array + * @flags: currently unused, pass 0 + * + * Override the default identity information associated with + * the connection. When connecting to a stateful driver over + * a UNIX socket, the daemon will interrogate the remote end + * of the UNIX socket to acquire the application's identity. + * This identity is used for the fine grained access control + * checks on API calls. + * + * There may be times when application is operating on behalf + * of a variety of users, and thus the identity that the + * application runs as is not appropriate for access control + * checks. In this case, if the application is considered + * trustworthy, it can supply alternative identity information. + * + * The driver may reject the request to change the identity + * on a connection if the application is not trustworthy. + * + * Returns: 0 if the identity change was accepted, -1 on error + */ +int +virConnectSetIdentity(virConnectPtr conn, + virTypedParameterPtr params, + int nparams, + unsigned int flags) +{ + VIR_DEBUG("conn=%p params=%p nparams=%d flags=0x%x", conn, params, nparams, flags); + VIR_TYPED_PARAMS_DEBUG(params, nparams); + + virResetLastError(); + + if (conn->driver->connectSetIdentity) { + int ret = conn->driver->connectSetIdentity(conn, params, nparams, flags); + if (ret < 0) + goto error; + return ret; + } + + virReportUnsupportedError(); + + error: + virDispatchError(conn); + return -1; +} + + /* * Not for public use. This function is part of the internal * implementation of driver features in the remote case. diff --git a/src/libvirt_public.syms b/src/libvirt_public.syms index 54256b6317..580b14b6a0 100644 --- a/src/libvirt_public.syms +++ b/src/libvirt_public.syms @@ -838,6 +838,7 @@ LIBVIRT_5.5.0 { LIBVIRT_5.6.0 { global: + virConnectSetIdentity; virDomainCheckpointCreateXML; virDomainCheckpointDelete; virDomainCheckpointFree; -- 2.21.0

Daniel P. Berrangé writes: What about "No process ID available"? What about "No process start time available"? What about "No caller user ID available"? (the term "user ID" is used elsewhere in the code) The UID acronym is not widely known outside of programmer circles, and for those who know it, it's practically always related to Unix-like systems (on Windows, it's generally called a SID). Even in function names, I believe that "OS" could be removed without much of a loss in readability. The above comment applies even more for a user name. There are some spots where "UNIX" remains... [...] ... whereas it is changed at other places. No functional issue found. Reviewed-by: Christophe de Dinechin <dinechin(a)redhat.com&gt; -- Cheers, Christophe de Dinechin (IRC c3d)

Daniel P. Berrangé writes: Why define a typedef if it's never used? e.g. here, might have virIdentityAttrType instead of unsigned int, might help the compiler emit better diagnostics. virIdentityAttrType (Following a discussion on another patch - Learning the conventions) Here is a case were error is checked with < 0... ... but the precise error is supposed to be -1 (at least when overwriting). Not complaining, just taking notes. I think this would fit on a single line now. Would fit on a single line That last fix not really related to the rest of the patch, but useful. (I don't know how important it is in the libvirt community to not mix "side fixes" with large patch series. I don't personally mind at all.) Only minor nits, nothing functional. Reviewed-by: Christophe de Dinechin <dinechin(a)redhat.com&gt; -- Cheers, Christophe de Dinechin (IRC c3d)

We'll shortly be exposing the identity as virTypedParameter in the public header, so it simplifies life to use that as the internal representation too. Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- src/libvirt_private.syms | 1 - src/util/viridentity.c | 385 ++++++++++++++++++--------------------- src/util/viridentity.h | 6 - tests/viridentitytest.c | 62 +------ 4 files changed, 180 insertions(+), 274 deletions(-) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index c7fb8c94e4..d42a939f5d 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -2147,7 +2147,6 @@ virIdentityGetSASLUserName; virIdentityGetSELinuxContext; virIdentityGetSystem; virIdentityGetX509DName; -virIdentityIsEqual; virIdentityNew; virIdentitySetCurrent; virIdentitySetOSGroupID; diff --git a/src/util/viridentity.c b/src/util/viridentity.c index fe0c416bba..5324400650 100644 --- a/src/util/viridentity.c +++ b/src/util/viridentity.c @@ -41,24 +41,12 @@ VIR_LOG_INIT("util.identity"); -typedef enum { - VIR_IDENTITY_ATTR_OS_USER_NAME, - VIR_IDENTITY_ATTR_OS_USER_ID, - VIR_IDENTITY_ATTR_OS_GROUP_NAME, - VIR_IDENTITY_ATTR_OS_GROUP_ID, - VIR_IDENTITY_ATTR_OS_PROCESS_ID, - VIR_IDENTITY_ATTR_OS_PROCESS_TIME, - VIR_IDENTITY_ATTR_SASL_USER_NAME, - VIR_IDENTITY_ATTR_X509_DISTINGUISHED_NAME, - VIR_IDENTITY_ATTR_SELINUX_CONTEXT, - - VIR_IDENTITY_ATTR_LAST, -} virIdentityAttrType; - struct _virIdentity { virObject parent; - char *attrs[VIR_IDENTITY_ATTR_LAST]; + int nparams; + int maxparams; + virTypedParameterPtr params; }; static virClassPtr virIdentityClass; @@ -188,6 +176,7 @@ virIdentityPtr virIdentityGetSystem(void) _("Unable to lookup SELinux process context")); return ret; } + VIR_DEBUG("Set con %s", con); if (virIdentitySetSELinuxContext(ret, con) < 0) { freecon(con); goto error; @@ -229,131 +218,38 @@ virIdentityPtr virIdentityNew(void) static void virIdentityDispose(void *object) { virIdentityPtr ident = object; - size_t i; - for (i = 0; i < VIR_IDENTITY_ATTR_LAST; i++) - VIR_FREE(ident->attrs[i]); -} - - -/** - * virIdentitySetAttr: - * @ident: the identity to modify - * @attr: the attribute type to set - * @value: the identifying value to associate with @attr - * - * Sets an identifying attribute @attr on @ident. Each - * @attr type can only be set once. - * - * Returns: 0 on success, or -1 on error - */ -static int -virIdentitySetAttr(virIdentityPtr ident, - unsigned int attr, - const char *value) -{ - int ret = -1; - VIR_DEBUG("ident=%p attribute=%u value=%s", ident, attr, value); - - if (ident->attrs[attr]) { - virReportError(VIR_ERR_OPERATION_DENIED, "%s", - _("Identity attribute is already set")); - goto cleanup; - } - - if (VIR_STRDUP(ident->attrs[attr], value) < 0) - goto cleanup; - - ret = 0; - - cleanup: - return ret; -} - - -/** - * virIdentityGetAttr: - * @ident: the identity to query - * @attr: the attribute to read - * @value: filled with the attribute value - * - * Fills @value with a pointer to the value associated - * with the identifying attribute @attr in @ident. If - * @attr is not set, then it will simply be initialized - * to NULL and considered as a successful read - * - * Returns 0 on success, -1 on error - */ -static int -virIdentityGetAttr(virIdentityPtr ident, - unsigned int attr, - const char **value) -{ - VIR_DEBUG("ident=%p attribute=%d value=%p", ident, attr, value); - - *value = ident->attrs[attr]; - - return 0; -} - - -/** - * virIdentityIsEqual: - * @identA: the first identity - * @identB: the second identity - * - * Compares every attribute in @identA and @identB - * to determine if they refer to the same identity - * - * Returns true if they are equal, false if not equal - */ -bool virIdentityIsEqual(virIdentityPtr identA, - virIdentityPtr identB) -{ - bool ret = false; - size_t i; - VIR_DEBUG("identA=%p identB=%p", identA, identB); - - for (i = 0; i < VIR_IDENTITY_ATTR_LAST; i++) { - if (STRNEQ_NULLABLE(identA->attrs[i], - identB->attrs[i])) - goto cleanup; - } - - ret = true; - cleanup: - return ret; + virTypedParamsFree(ident->params, ident->nparams); } int virIdentityGetOSUserName(virIdentityPtr ident, const char **username) { - return virIdentityGetAttr(ident, - VIR_IDENTITY_ATTR_OS_USER_NAME, - username); + return virTypedParamsGetString(ident->params, + ident->nparams, + VIR_CONNECT_IDENTITY_OS_USER_NAME, + username); } int virIdentityGetOSUserID(virIdentityPtr ident, uid_t *uid) { - int val; - const char *userid; + unsigned long long val; + int ret; *uid = -1; - if (virIdentityGetAttr(ident, - VIR_IDENTITY_ATTR_OS_USER_ID, - &userid) < 0) - return -1; - - if (!userid) - return -1; - if (virStrToLong_i(userid, NULL, 10, &val) < 0) + ret = virTypedParamsGetULLong(ident->params, + ident->nparams, + VIR_CONNECT_IDENTITY_OS_USER_ID, + &val); + if (ret < 0) return -1; - *uid = (uid_t)val; + if (ret == 1) + *uid = (uid_t)val; return 0; } @@ -361,31 +257,32 @@ int virIdentityGetOSUserID(virIdentityPtr ident, int virIdentityGetOSGroupName(virIdentityPtr ident, const char **groupname) { - return virIdentityGetAttr(ident, - VIR_IDENTITY_ATTR_OS_GROUP_NAME, - groupname); + *groupname = NULL; + if (virTypedParamsGetString(ident->params, + ident->nparams, + VIR_CONNECT_IDENTITY_OS_GROUP_NAME, + groupname) < 0) + return -1; + return 0; } int virIdentityGetOSGroupID(virIdentityPtr ident, gid_t *gid) { - int val; - const char *groupid; + int ret; + unsigned long long val; *gid = -1; - if (virIdentityGetAttr(ident, - VIR_IDENTITY_ATTR_OS_GROUP_ID, - &groupid) < 0) + ret = virTypedParamsGetULLong(ident->params, + ident->nparams, + VIR_CONNECT_IDENTITY_OS_GROUP_ID, + &val); + if (ret < 0) return -1; - if (!groupid) - return -1; - - if (virStrToLong_i(groupid, NULL, 10, &val) < 0) - return -1; - - *gid = (gid_t)val; + if (ret == 1) + *gid = (gid_t)val; return 0; } @@ -394,22 +291,19 @@ int virIdentityGetOSGroupID(virIdentityPtr ident, int virIdentityGetOSProcessID(virIdentityPtr ident, pid_t *pid) { - unsigned long long val; - const char *processid; + int ret; + long long val; *pid = 0; - if (virIdentityGetAttr(ident, - VIR_IDENTITY_ATTR_OS_PROCESS_ID, - &processid) < 0) - return -1; - - if (!processid) + ret = virTypedParamsGetLLong(ident->params, + ident->nparams, + VIR_CONNECT_IDENTITY_OS_PROCESS_ID, + &val); + if (ret < 0) return -1; - if (virStrToLong_ull(processid, NULL, 10, &val) < 0) - return -1; - - *pid = (pid_t)val; + if (ret == 1) + *pid = (gid_t)val; return 0; } @@ -418,16 +312,11 @@ int virIdentityGetOSProcessID(virIdentityPtr ident, int virIdentityGetOSProcessTime(virIdentityPtr ident, unsigned long long *timestamp) { - const char *processtime; - if (virIdentityGetAttr(ident, - VIR_IDENTITY_ATTR_OS_PROCESS_TIME, - &processtime) < 0) - return -1; - - if (!processtime) - return -1; - - if (virStrToLong_ull(processtime, NULL, 10, timestamp) < 0) + *timestamp = 0; + if (virTypedParamsGetULLong(ident->params, + ident->nparams, + VIR_CONNECT_IDENTITY_OS_PROCESS_TIME, + timestamp) < 0) return -1; return 0; @@ -437,101 +326,153 @@ int virIdentityGetOSProcessTime(virIdentityPtr ident, int virIdentityGetSASLUserName(virIdentityPtr ident, const char **username) { - return virIdentityGetAttr(ident, - VIR_IDENTITY_ATTR_SASL_USER_NAME, - username); + *username = NULL; + if (virTypedParamsGetString(ident->params, + ident->nparams, + VIR_CONNECT_IDENTITY_SASL_USER_NAME, + username) < 0) + return -1; + return 0; } int virIdentityGetX509DName(virIdentityPtr ident, const char **dname) { - return virIdentityGetAttr(ident, - VIR_IDENTITY_ATTR_X509_DISTINGUISHED_NAME, - dname); + *dname = NULL; + if (virTypedParamsGetString(ident->params, + ident->nparams, + VIR_CONNECT_IDENTITY_X509_DISTINGUISHED_NAME, + dname) < 0) + return -1; + return 0; } int virIdentityGetSELinuxContext(virIdentityPtr ident, const char **context) { - return virIdentityGetAttr(ident, - VIR_IDENTITY_ATTR_SELINUX_CONTEXT, - context); + *context = NULL; + if (virTypedParamsGetString(ident->params, + ident->nparams, + VIR_CONNECT_IDENTITY_SELINUX_CONTEXT, + context) < 0) + return -1; + return 0; } int virIdentitySetOSUserName(virIdentityPtr ident, const char *username) { - return virIdentitySetAttr(ident, - VIR_IDENTITY_ATTR_OS_USER_NAME, - username); + if (virTypedParamsGet(ident->params, + ident->nparams, + VIR_CONNECT_IDENTITY_OS_USER_NAME)) { + virReportError(VIR_ERR_OPERATION_DENIED, "%s", + _("Identity attribute is already set")); + return -1; + } + + return virTypedParamsAddString(&ident->params, + &ident->nparams, + &ident->maxparams, + VIR_CONNECT_IDENTITY_OS_USER_NAME, + username); } int virIdentitySetOSUserID(virIdentityPtr ident, uid_t uid) { - VIR_AUTOFREE(char *) val = NULL; - - if (virAsprintf(&val, "%d", (int)uid) < 0) + if (virTypedParamsGet(ident->params, + ident->nparams, + VIR_CONNECT_IDENTITY_OS_USER_ID)) { + virReportError(VIR_ERR_OPERATION_DENIED, "%s", + _("Identity attribute is already set")); return -1; + } - return virIdentitySetAttr(ident, - VIR_IDENTITY_ATTR_OS_USER_ID, - val); + return virTypedParamsAddULLong(&ident->params, + &ident->nparams, + &ident->maxparams, + VIR_CONNECT_IDENTITY_OS_USER_ID, + uid); } int virIdentitySetOSGroupName(virIdentityPtr ident, const char *groupname) { - return virIdentitySetAttr(ident, - VIR_IDENTITY_ATTR_OS_GROUP_NAME, - groupname); + if (virTypedParamsGet(ident->params, + ident->nparams, + VIR_CONNECT_IDENTITY_OS_GROUP_NAME)) { + virReportError(VIR_ERR_OPERATION_DENIED, "%s", + _("Identity attribute is already set")); + return -1; + } + + return virTypedParamsAddString(&ident->params, + &ident->nparams, + &ident->maxparams, + VIR_CONNECT_IDENTITY_OS_GROUP_NAME, + groupname); } int virIdentitySetOSGroupID(virIdentityPtr ident, gid_t gid) { - VIR_AUTOFREE(char *) val = NULL; - - if (virAsprintf(&val, "%d", (int)gid) < 0) + if (virTypedParamsGet(ident->params, + ident->nparams, + VIR_CONNECT_IDENTITY_OS_GROUP_ID)) { + virReportError(VIR_ERR_OPERATION_DENIED, "%s", + _("Identity attribute is already set")); return -1; + } - return virIdentitySetAttr(ident, - VIR_IDENTITY_ATTR_OS_GROUP_ID, - val); + return virTypedParamsAddULLong(&ident->params, + &ident->nparams, + &ident->maxparams, + VIR_CONNECT_IDENTITY_OS_GROUP_ID, + gid); } int virIdentitySetOSProcessID(virIdentityPtr ident, pid_t pid) { - VIR_AUTOFREE(char *) val = NULL; - - if (virAsprintf(&val, "%lld", (long long) pid) < 0) + if (virTypedParamsGet(ident->params, + ident->nparams, + VIR_CONNECT_IDENTITY_OS_PROCESS_ID)) { + virReportError(VIR_ERR_OPERATION_DENIED, "%s", + _("Identity attribute is already set")); return -1; + } - return virIdentitySetAttr(ident, - VIR_IDENTITY_ATTR_OS_PROCESS_ID, - val); + return virTypedParamsAddLLong(&ident->params, + &ident->nparams, + &ident->maxparams, + VIR_CONNECT_IDENTITY_OS_PROCESS_ID, + pid); } int virIdentitySetOSProcessTime(virIdentityPtr ident, unsigned long long timestamp) { - VIR_AUTOFREE(char *) val = NULL; - - if (virAsprintf(&val, "%llu", timestamp) < 0) + if (virTypedParamsGet(ident->params, + ident->nparams, + VIR_CONNECT_IDENTITY_OS_PROCESS_TIME)) { + virReportError(VIR_ERR_OPERATION_DENIED, "%s", + _("Identity attribute is already set")); return -1; + } - return virIdentitySetAttr(ident, - VIR_IDENTITY_ATTR_OS_PROCESS_TIME, - val); + return virTypedParamsAddULLong(&ident->params, + &ident->nparams, + &ident->maxparams, + VIR_CONNECT_IDENTITY_OS_PROCESS_TIME, + timestamp); } @@ -539,25 +480,55 @@ int virIdentitySetOSProcessTime(virIdentityPtr ident, int virIdentitySetSASLUserName(virIdentityPtr ident, const char *username) { - return virIdentitySetAttr(ident, - VIR_IDENTITY_ATTR_SASL_USER_NAME, - username); + if (virTypedParamsGet(ident->params, + ident->nparams, + VIR_CONNECT_IDENTITY_SASL_USER_NAME)) { + virReportError(VIR_ERR_OPERATION_DENIED, "%s", + _("Identity attribute is already set")); + return -1; + } + + return virTypedParamsAddString(&ident->params, + &ident->nparams, + &ident->maxparams, + VIR_CONNECT_IDENTITY_SASL_USER_NAME, + username); } int virIdentitySetX509DName(virIdentityPtr ident, const char *dname) { - return virIdentitySetAttr(ident, - VIR_IDENTITY_ATTR_X509_DISTINGUISHED_NAME, - dname); + if (virTypedParamsGet(ident->params, + ident->nparams, + VIR_CONNECT_IDENTITY_X509_DISTINGUISHED_NAME)) { + virReportError(VIR_ERR_OPERATION_DENIED, "%s", + _("Identity attribute is already set")); + return -1; + } + + return virTypedParamsAddString(&ident->params, + &ident->nparams, + &ident->maxparams, + VIR_CONNECT_IDENTITY_X509_DISTINGUISHED_NAME, + dname); } int virIdentitySetSELinuxContext(virIdentityPtr ident, const char *context) { - return virIdentitySetAttr(ident, - VIR_IDENTITY_ATTR_SELINUX_CONTEXT, - context); + if (virTypedParamsGet(ident->params, + ident->nparams, + VIR_CONNECT_IDENTITY_SELINUX_CONTEXT)) { + virReportError(VIR_ERR_OPERATION_DENIED, "%s", + _("Identity attribute is already set")); + return -1; + } + + return virTypedParamsAddString(&ident->params, + &ident->nparams, + &ident->maxparams, + VIR_CONNECT_IDENTITY_SELINUX_CONTEXT, + context); } diff --git a/src/util/viridentity.h b/src/util/viridentity.h index 0925b740d9..6dc0393810 100644 --- a/src/util/viridentity.h +++ b/src/util/viridentity.h @@ -33,12 +33,6 @@ virIdentityPtr virIdentityGetSystem(void); virIdentityPtr virIdentityNew(void); - -bool virIdentityIsEqual(virIdentityPtr identA, - virIdentityPtr identB) - ATTRIBUTE_NONNULL(1) - ATTRIBUTE_NONNULL(2); - int virIdentityGetOSUserName(virIdentityPtr ident, const char **username); int virIdentityGetOSUserID(virIdentityPtr ident, diff --git a/tests/viridentitytest.c b/tests/viridentitytest.c index e57b68ec43..ba85c90d6c 100644 --- a/tests/viridentitytest.c +++ b/tests/viridentitytest.c @@ -85,63 +85,6 @@ static int testIdentityAttrs(const void *data ATTRIBUTE_UNUSED) } -static int testIdentityEqual(const void *data ATTRIBUTE_UNUSED) -{ - int ret = -1; - virIdentityPtr identa = NULL; - virIdentityPtr identb = NULL; - - if (!(identa = virIdentityNew())) - goto cleanup; - if (!(identb = virIdentityNew())) - goto cleanup; - - if (!virIdentityIsEqual(identa, identb)) { - VIR_DEBUG("Empty identities were not equal"); - goto cleanup; - } - - if (virIdentitySetOSUserName(identa, "fred") < 0) - goto cleanup; - - if (virIdentityIsEqual(identa, identb)) { - VIR_DEBUG("Mis-matched identities should not be equal"); - goto cleanup; - } - - if (virIdentitySetOSUserName(identb, "fred") < 0) - goto cleanup; - - if (!virIdentityIsEqual(identa, identb)) { - VIR_DEBUG("Matched identities were not equal"); - goto cleanup; - } - - if (virIdentitySetOSGroupName(identa, "flintstone") < 0) - goto cleanup; - if (virIdentitySetOSGroupName(identb, "flintstone") < 0) - goto cleanup; - - if (!virIdentityIsEqual(identa, identb)) { - VIR_DEBUG("Matched identities were not equal"); - goto cleanup; - } - - if (virIdentitySetSASLUserName(identb, &quot;fred(a)FLINTSTONE.COM&quot;) < 0) - goto cleanup; - - if (virIdentityIsEqual(identa, identb)) { - VIR_DEBUG("Mis-matched identities should not be equal"); - goto cleanup; - } - - ret = 0; - cleanup: - virObjectUnref(identa); - virObjectUnref(identb); - return ret; -} - static int testIdentityGetSystem(const void *data) { const char *context = data; @@ -166,7 +109,8 @@ static int testIdentityGetSystem(const void *data) goto cleanup; if (STRNEQ_NULLABLE(val, context)) { - VIR_DEBUG("Unexpected SELinux context attribute"); + VIR_DEBUG("Unexpected SELinux context attribute '%s' != '%s'", + val, context); goto cleanup; } @@ -204,8 +148,6 @@ mymain(void) if (virTestRun("Identity attributes ", testIdentityAttrs, NULL) < 0) ret = -1; - if (virTestRun("Identity equality ", testIdentityEqual, NULL) < 0) - ret = -1; if (virTestRun("Setting fake SELinux context ", testSetFakeSELinuxContext, context) < 0) ret = -1; if (virTestRun("System identity (fake SELinux enabled) ", testIdentityGetSystem, context) < 0) -- 2.21.0

Andrea Bolognani writes: Thanks ;-) Curious why (I'm too lazy to look it up in earlier discussions)? In general, giving a name to an int type is a good idea, isn't it? You made me look at that code again, and now I'm confused as to why it's OK to leave garbage in *pid if we fail to find the corresponding typed param. Previously, the function returned -1 in that case, to indicate failure. Now, it returns 0, but does not update *uid. Is that intentional? -- Cheers, Christophe de Dinechin (IRC c3d)

Daniel P. Berrangé writes: Consider adding a variable "preserveIdentity = true" and passing that around to make it easier to read what that "true" is about? Why ATTRIBUTE_UNUSED? Seems used in the cleanup? (Trying to learn about coding style and conventions) Why is this not autounref here? Is there a convention that if you have explicit cleanup, you don't autounref? Would it be useful to change the value rv over these cases, and if rv < 0, add a VIR_DEBUG with its value? Or is there sufficient debugging info from the individual calls already? Indent by 8 spaces and try to align variables in the same file? Nothing good could come out of it ;-) Reviewed-by: Christophe de Dinechin <dinechin(a)redhat.com&gt; -- Cheers, Christophe de Dinechin (IRC c3d)

On Mon, 2019-07-29 at 18:11 +0100, Daniel P. Berrangé wrote: [...] Here I would go for the tried and true virTypedParameterPtr params = NULL; int nparams = 0; int ret = -1; if (operationFailed) goto error; ret = 0; cleanup: virTypedParamsFree(params, nparams); return ret; error: if (*conn) { virConnectClose(*conn); *conn = NULL; } goto cleanup; Less repetition, and more difficult to get wrong even as other people come in and make changes :) [...] So when opening secondary drivers, we'll always attempt to preserve the user identity... [...] ... and we'll do the same when forwarding a connection to hypervisor daemons through virtproxyd. Makes sense to me, I'm just not seeing the check ensuring we're running as the same user that you hinted to in patch 43... Is it enough to consider virtproxyd trusted for the hypervisor drivers, and in turn the hypervisor drivers trusted for the secondary drivers, as we seem to be doing here? As Christophe already pointed out, rerr is actually used. Usually we call this 'ret'. Again as pointed out by Christophe, this can be VIR_AUTOUNREF()d. Pretty sure you want to use REMOTE_CONNECT_IDENTITY_PARAMS_MAX here. Unrelated indentation change, but one that's probably not deserving of its own patch... Anyway, while the changes overall look good, there are still a few open questions that I hope you'll address. It also doesn't work at all for me, at least in legacy mode on a Fedora 30 machine where I installed the result of 'make rpm' on top of the distro packages: $ sudo systemctl start libvirtd Job for libvirtd.service failed because the control process exited with error code. See "systemctl status libvirtd.service" and "journalctl -xe" for details. $ sudo journalctl -b 0 -u libvirtd ... Jul 30 20:06:10 kinshicho systemd[1]: Failed to start Virtualization daemon. Jul 30 23:24:39 kinshicho systemd[1]: Starting Virtualization daemon... Jul 30 23:24:40 kinshicho systemd[1]: libvirtd.service: Main process exited, code=exited, status=6/NOTCONFIGURED Jul 30 23:24:40 kinshicho systemd[1]: libvirtd.service: Failed with result 'exit-code'. -- Andrea Bolognani / Red Hat / Virtualization