[libvirt PATCH 0/8] daemons: Improve timeout handling, plus some cleanups
The main motivation for this series is explained in patch 2/8, but of course in the process I managed to locate a number of yaks that were looking quite hairy indeed... Andrea Bolognani (8): daemons: Support --timeout 0 Revert "remote: move timeout arg into sysconf file" Revert "logging: Use default timeout of 120 seconds for virtlogd" logging, locking: Set default timeout of 120 seconds Add sysconf files for all daemons spec: Include new sysconf files qemu: Allow audio driver override in virtqemud remote: Drop KRB5_KTNAME override libvirt.spec.in | 11 +++++++++++ src/interface/Makefile.inc.am | 2 ++ src/interface/virtinterfaced.service.in | 3 ++- src/interface/virtinterfaced.sysconf | 3 +++ src/libxl/Makefile.inc.am | 2 ++ src/libxl/virtxend.service.in | 3 ++- src/libxl/virtxend.sysconf | 3 +++ src/locking/lock_daemon.c | 6 +++--- src/locking/virtlockd.service.in | 2 +- src/logging/log_daemon.c | 6 +++--- src/logging/virtlogd.service.in | 2 +- src/logging/virtlogd.sysconf | 2 +- src/lxc/Makefile.inc.am | 2 ++ src/lxc/virtlxcd.service.in | 3 ++- src/lxc/virtlxcd.sysconf | 3 +++ src/network/Makefile.inc.am | 2 ++ src/network/virtnetworkd.service.in | 3 ++- src/network/virtnetworkd.sysconf | 3 +++ src/node_device/Makefile.inc.am | 2 ++ src/node_device/virtnodedevd.service.in | 3 ++- src/node_device/virtnodedevd.sysconf | 3 +++ src/nwfilter/Makefile.inc.am | 2 ++ src/nwfilter/virtnwfilterd.service.in | 3 ++- src/nwfilter/virtnwfilterd.sysconf | 3 +++ src/qemu/Makefile.inc.am | 2 ++ src/qemu/virtqemud.service.in | 3 ++- src/qemu/virtqemud.sysconf | 12 ++++++++++++ src/remote/Makefile.inc.am | 5 ++++- src/remote/libvirtd.sasl | 4 +--- src/remote/libvirtd.service.in | 6 +++++- src/remote/libvirtd.sysconf | 15 +++------------ src/remote/remote_daemon.c | 6 +++--- src/remote/virtproxyd.service.in | 3 ++- src/remote/virtproxyd.sysconf | 3 +++ src/secret/Makefile.inc.am | 2 ++ src/secret/virtsecretd.service.in | 3 ++- src/secret/virtsecretd.sysconf | 3 +++ src/storage/Makefile.inc.am | 2 ++ src/storage/virtstoraged.service.in | 3 ++- src/storage/virtstoraged.sysconf | 3 +++ src/vbox/Makefile.inc.am | 2 ++ src/vbox/virtvboxd.service.in | 3 ++- src/vbox/virtvboxd.sysconf | 3 +++ src/vz/Makefile.inc.am | 2 ++ src/vz/virtvzd.service.in | 3 ++- src/vz/virtvzd.sysconf | 3 +++ 46 files changed, 127 insertions(+), 41 deletions(-) create mode 100644 src/interface/virtinterfaced.sysconf create mode 100644 src/libxl/virtxend.sysconf create mode 100644 src/lxc/virtlxcd.sysconf create mode 100644 src/network/virtnetworkd.sysconf create mode 100644 src/node_device/virtnodedevd.sysconf create mode 100644 src/nwfilter/virtnwfilterd.sysconf create mode 100644 src/qemu/virtqemud.sysconf create mode 100644 src/remote/virtproxyd.sysconf create mode 100644 src/secret/virtsecretd.sysconf create mode 100644 src/storage/virtstoraged.sysconf create mode 100644 src/vbox/virtvboxd.sysconf create mode 100644 src/vz/virtvzd.sysconf -- 2.25.1
When using systemd we want to take advantage of socket activation instead of keeping daemons running all the time, so we default to shutting them down after two minutes of inactivity. At the same time, we want it to be possible for the admin to opt out of this behavior and disable timeouts entirely. A very natural way to do so would be to specify a zero-length timeout, but that's currently not accepted by the command line parser. Address that. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/locking/lock_daemon.c | 6 +++--- src/logging/log_daemon.c | 6 +++--- src/remote/remote_daemon.c | 6 +++--- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/src/locking/lock_daemon.c b/src/locking/lock_daemon.c index 3d33995beb..4eff63014a 100644 --- a/src/locking/lock_daemon.c +++ b/src/locking/lock_daemon.c @@ -872,7 +872,7 @@ int main(int argc, char **argv) { int pid_file_fd = -1; char *sock_file = NULL; char *admin_sock_file = NULL; - int timeout = -1; /* -t: Shutdown timeout */ + int timeout = 0; /* -t: Shutdown timeout */ char *state_file = NULL; bool implicit_conf = false; mode_t old_umask; @@ -922,7 +922,7 @@ int main(int argc, char **argv) { case 't': if (virStrToLong_i(optarg, &tmp, 10, &timeout) != 0 - || timeout <= 0 + || timeout < 0 /* Ensure that we can multiply by 1000 without overflowing. */ || timeout > INT_MAX / 1000) { VIR_ERROR(_("Invalid value for timeout")); @@ -1123,7 +1123,7 @@ int main(int argc, char **argv) { adminSrv = virNetDaemonGetServer(lockDaemon->dmn, "admin"); } - if (timeout != -1) { + if (timeout > 0) { VIR_DEBUG("Registering shutdown timeout %d", timeout); virNetDaemonAutoShutdown(lockDaemon->dmn, timeout); diff --git a/src/logging/log_daemon.c b/src/logging/log_daemon.c index dcafcda926..f37054706e 100644 --- a/src/logging/log_daemon.c +++ b/src/logging/log_daemon.c @@ -653,7 +653,7 @@ int main(int argc, char **argv) { int pid_file_fd = -1; char *sock_file = NULL; char *admin_sock_file = NULL; - int timeout = -1; /* -t: Shutdown timeout */ + int timeout = 0; /* -t: Shutdown timeout */ char *state_file = NULL; bool implicit_conf = false; mode_t old_umask; @@ -703,7 +703,7 @@ int main(int argc, char **argv) { case 't': if (virStrToLong_i(optarg, &tmp, 10, &timeout) != 0 - || timeout <= 0 + || timeout < 0 /* Ensure that we can multiply by 1000 without overflowing. */ || timeout > INT_MAX / 1000) { VIR_ERROR(_("Invalid value for timeout")); @@ -905,7 +905,7 @@ int main(int argc, char **argv) { adminSrv = virNetDaemonGetServer(logDaemon->dmn, "admin"); } - if (timeout != -1) { + if (timeout > 0) { VIR_DEBUG("Registering shutdown timeout %d", timeout); virNetDaemonAutoShutdown(logDaemon->dmn, timeout); diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c index a1552800e9..7eec599177 100644 --- a/src/remote/remote_daemon.c +++ b/src/remote/remote_daemon.c @@ -770,7 +770,7 @@ int main(int argc, char **argv) { char *sock_file = NULL; char *sock_file_ro = NULL; char *sock_file_adm = NULL; - int timeout = -1; /* -t: Shutdown timeout */ + int timeout = 0; /* -t: Shutdown timeout */ int verbose = 0; int godaemon = 0; #ifdef WITH_IP @@ -844,7 +844,7 @@ int main(int argc, char **argv) { case 't': if (virStrToLong_i(optarg, &tmp, 10, &timeout) != 0 - || timeout <= 0 + || timeout < 0 /* Ensure that we can multiply by 1000 without overflowing. */ || timeout > INT_MAX / 1000) { VIR_ERROR(_("Invalid value for timeout")); @@ -1107,7 +1107,7 @@ int main(int argc, char **argv) { goto cleanup; } - if (timeout != -1) { + if (timeout > 0) { VIR_DEBUG("Registering shutdown timeout %d", timeout); virNetDaemonAutoShutdown(dmn, timeout); } -- 2.25.1
On a Wednesday in 2020, Andrea Bolognani wrote:
When using systemd we want to take advantage of socket activation instead of keeping daemons running all the time, so we default to shutting them down after two minutes of inactivity.
At the same time, we want it to be possible for the admin to opt out of this behavior and disable timeouts entirely. A very natural way to do so would be to specify a zero-length timeout, but that's currently not accepted by the command line parser. Address that.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/locking/lock_daemon.c | 6 +++--- src/logging/log_daemon.c | 6 +++--- src/remote/remote_daemon.c | 6 +++--- 3 files changed, 9 insertions(+), 9 deletions(-)
Reviewed-by: Ján Tomko <jtomko@redhat.com> Jano
On Wed, Apr 01, 2020 at 08:53:38PM +0200, Andrea Bolognani wrote:
When using systemd we want to take advantage of socket activation instead of keeping daemons running all the time, so we default to shutting them down after two minutes of inactivity.
At the same time, we want it to be possible for the admin to opt out of this behavior and disable timeouts entirely. A very natural way to do so would be to specify a zero-length timeout, but that's currently not accepted by the command line parser. Address that.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/locking/lock_daemon.c | 6 +++--- src/logging/log_daemon.c | 6 +++--- src/remote/remote_daemon.c | 6 +++--- 3 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/src/locking/lock_daemon.c b/src/locking/lock_daemon.c index 3d33995beb..4eff63014a 100644 --- a/src/locking/lock_daemon.c +++ b/src/locking/lock_daemon.c @@ -872,7 +872,7 @@ int main(int argc, char **argv) { int pid_file_fd = -1; char *sock_file = NULL; char *admin_sock_file = NULL; - int timeout = -1; /* -t: Shutdown timeout */ + int timeout = 0; /* -t: Shutdown timeout */ char *state_file = NULL; bool implicit_conf = false; mode_t old_umask; @@ -922,7 +922,7 @@ int main(int argc, char **argv) {
case 't': if (virStrToLong_i(optarg, &tmp, 10, &timeout) != 0 - || timeout <= 0 + || timeout < 0 /* Ensure that we can multiply by 1000 without overflowing. */ || timeout > INT_MAX / 1000) { VIR_ERROR(_("Invalid value for timeout")); @@ -1123,7 +1123,7 @@ int main(int argc, char **argv) { adminSrv = virNetDaemonGetServer(lockDaemon->dmn, "admin"); }
- if (timeout != -1) { + if (timeout > 0) { VIR_DEBUG("Registering shutdown timeout %d", timeout); virNetDaemonAutoShutdown(lockDaemon->dmn, timeout);
This conditional can be removed because virNetDaemonAutoShutdown treats "timeout == 0" as meaning no timeout. Likewise in other files. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
On Thu, 2020-04-02 at 13:05 +0100, Daniel P. Berrangé wrote:
On Wed, Apr 01, 2020 at 08:53:38PM +0200, Andrea Bolognani wrote:
- if (timeout != -1) { + if (timeout > 0) { VIR_DEBUG("Registering shutdown timeout %d", timeout); virNetDaemonAutoShutdown(lockDaemon->dmn, timeout);
This conditional can be removed because virNetDaemonAutoShutdown treats "timeout == 0" as meaning no timeout.
Can do, although to be honest I kinda like the current form, with the debug message only printed when a timeout is actually configured, a bit better. -- Andrea Bolognani / Red Hat / Virtualization
There is nothing really systemd-specific about passing extra arguments to daemons so it's reasonable, although not currently the case, that startup scripts written for other init systems might want to source these sysconf files; for those init systems, which likely do not support socket activation, making the daemon quit after a timeout has expired is probably not a good idea. More generally, the sysconf files should not reflect the default behavior, but only contain overrides explicitly put in place by the admin; now that we have a mechanism to disable timeouts regardless of the default set in the service file, that argument for having the default timeout in the sysconf file is moot as well. This reverts commit 581767a98ab5f674ac335d6c270efa8576bfdfbf. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/remote/libvirtd.service.in | 6 +++++- src/remote/libvirtd.sysconf | 12 +++--------- 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/src/remote/libvirtd.service.in b/src/remote/libvirtd.service.in index 90b2cad5b0..3e2d716af7 100644 --- a/src/remote/libvirtd.service.in +++ b/src/remote/libvirtd.service.in @@ -26,7 +26,11 @@ Documentation=https://libvirt.org [Service] Type=notify EnvironmentFile=-@sysconfdir@/sysconfig/libvirtd -ExecStart=@sbindir@/libvirtd $LIBVIRTD_ARGS +# libvirtd.service is set to run on boot so that autostart of +# VMs can be performed. We don't want it to stick around if +# unused though, so we set a timeout. The socket activation +# then ensures it gets started again if anything needs it +ExecStart=@sbindir@/libvirtd --timeout 120 $LIBVIRTD_ARGS ExecReload=/bin/kill -HUP $MAINPID KillMode=process Restart=on-failure diff --git a/src/remote/libvirtd.sysconf b/src/remote/libvirtd.sysconf index ee9db22bab..5969518bf2 100644 --- a/src/remote/libvirtd.sysconf +++ b/src/remote/libvirtd.sysconf @@ -1,14 +1,8 @@ # Customizations for the libvirtd.service systemd unit -# Default behaviour is for libvirtd.service to start on boot -# so that VM autostart can be performed. We then want it to -# shutdown again if nothing was started and rely on systemd -# socket activation to start it again when some client app -# connects. -LIBVIRTD_ARGS="--timeout 120" - -# If systemd socket activation is disabled, then the following -# can be used to listen on TCP/TLS sockets +# Listen for TCP/IP connections. This is not required if using systemd +# socket activation. +# NB. must setup TLS/SSL keys prior to using this #LIBVIRTD_ARGS="--listen" # Override Kerberos service keytab for SASL/GSSAPI -- 2.25.1
On a Wednesday in 2020, Andrea Bolognani wrote:
There is nothing really systemd-specific about passing extra arguments to daemons so it's reasonable, although not currently the case, that startup scripts written for other init systems might want to source these sysconf files; for those init systems, which likely do not support socket activation, making the daemon quit after a timeout has expired is probably not a good idea.
The sysconf file is documented to be a list of customizations for the systemd unit file, so having systemd-specific options in it is OK. Unless you actually have plans to use this in a different init system, I'd say you can drop this paragraph.
More generally, the sysconf files should not reflect the default behavior, but only contain overrides explicitly put in place by the admin;
If that's a rule, it seems to be widely broken on my Fedora machine.
now that we have a mechanism to disable timeouts regardless of the default set in the service file, that argument for having the default timeout in the sysconf file is moot as well.
This reverts commit 581767a98ab5f674ac335d6c270efa8576bfdfbf.
Please drop the trailing period.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/remote/libvirtd.service.in | 6 +++++- src/remote/libvirtd.sysconf | 12 +++--------- 2 files changed, 8 insertions(+), 10 deletions(-)
diff --git a/src/remote/libvirtd.service.in b/src/remote/libvirtd.service.in index 90b2cad5b0..3e2d716af7 100644 --- a/src/remote/libvirtd.service.in +++ b/src/remote/libvirtd.service.in @@ -26,7 +26,11 @@ Documentation=https://libvirt.org [Service] Type=notify EnvironmentFile=-@sysconfdir@/sysconfig/libvirtd -ExecStart=@sbindir@/libvirtd $LIBVIRTD_ARGS +# libvirtd.service is set to run on boot so that autostart of +# VMs can be performed. We don't want it to stick around if +# unused though, so we set a timeout. The socket activation +# then ensures it gets started again if anything needs it +ExecStart=@sbindir@/libvirtd --timeout 120 $LIBVIRTD_ARGS ExecReload=/bin/kill -HUP $MAINPID KillMode=process Restart=on-failure diff --git a/src/remote/libvirtd.sysconf b/src/remote/libvirtd.sysconf index ee9db22bab..5969518bf2 100644 --- a/src/remote/libvirtd.sysconf +++ b/src/remote/libvirtd.sysconf @@ -1,14 +1,8 @@ # Customizations for the libvirtd.service systemd unit
-# Default behaviour is for libvirtd.service to start on boot -# so that VM autostart can be performed. We then want it to -# shutdown again if nothing was started and rely on systemd -# socket activation to start it again when some client app -# connects. -LIBVIRTD_ARGS="--timeout 120" - -# If systemd socket activation is disabled, then the following -# can be used to listen on TCP/TLS sockets +# Listen for TCP/IP connections. This is not required if using systemd +# socket activation. +# NB. must setup TLS/SSL keys prior to using this #LIBVIRTD_ARGS="--listen"
But I'm happy to get rid of two assignments to the same variable in one file. Reviewed-by: Ján Tomko <jtomko@redhat.com> Jano
On Wed, Apr 01, 2020 at 08:53:39PM +0200, Andrea Bolognani wrote:
There is nothing really systemd-specific about passing extra arguments to daemons so it's reasonable, although not currently the case, that startup scripts written for other init systems might want to source these sysconf files; for those init systems, which likely do not support socket activation, making the daemon quit after a timeout has expired is probably not a good idea.
More generally, the sysconf files should not reflect the default behavior, but only contain overrides explicitly put in place by the admin; now that we have a mechanism to disable timeouts regardless of the default set in the service file, that argument for having the default timeout in the sysconf file is moot as well.
The effect on this though is that --timeout arg now has to be specified twice so we'll get a running process of "libvirtd --timeout 120 --timeout 0" which I find quite unappealing, so I'm not really in favour of this revert, especially as we don't actually use the sysconf files from other init systems Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
On Thu, 2020-04-02 at 13:00 +0100, Daniel P. Berrangé wrote:
On Wed, Apr 01, 2020 at 08:53:39PM +0200, Andrea Bolognani wrote:
There is nothing really systemd-specific about passing extra arguments to daemons so it's reasonable, although not currently the case, that startup scripts written for other init systems might want to source these sysconf files; for those init systems, which likely do not support socket activation, making the daemon quit after a timeout has expired is probably not a good idea.
More generally, the sysconf files should not reflect the default behavior, but only contain overrides explicitly put in place by the admin; now that we have a mechanism to disable timeouts regardless of the default set in the service file, that argument for having the default timeout in the sysconf file is moot as well.
The effect on this though is that --timeout arg now has to be specified twice so we'll get a running process of
"libvirtd --timeout 120 --timeout 0"
which I find quite unappealing, so I'm not really in favour of this revert, especially as we don't actually use the sysconf files from other init systems
I don't think it's a big deal, especially considering that most people will not end up actually changing the default, but I'm okay with flipping this around and moving --timeout from the service file to the ARGS variable in the corresponding sysconf file for all daemons instead, especially since Jano pointed out that a lot of sysconf files already look like that on a Fedora installation. Would that work for you? -- Andrea Bolognani / Red Hat / Virtualization
On Thu, Apr 02, 2020 at 02:16:46PM +0200, Andrea Bolognani wrote:
On Thu, 2020-04-02 at 13:00 +0100, Daniel P. Berrangé wrote:
On Wed, Apr 01, 2020 at 08:53:39PM +0200, Andrea Bolognani wrote:
There is nothing really systemd-specific about passing extra arguments to daemons so it's reasonable, although not currently the case, that startup scripts written for other init systems might want to source these sysconf files; for those init systems, which likely do not support socket activation, making the daemon quit after a timeout has expired is probably not a good idea.
More generally, the sysconf files should not reflect the default behavior, but only contain overrides explicitly put in place by the admin; now that we have a mechanism to disable timeouts regardless of the default set in the service file, that argument for having the default timeout in the sysconf file is moot as well.
The effect on this though is that --timeout arg now has to be specified twice so we'll get a running process of
"libvirtd --timeout 120 --timeout 0"
which I find quite unappealing, so I'm not really in favour of this revert, especially as we don't actually use the sysconf files from other init systems
I don't think it's a big deal, especially considering that most people will not end up actually changing the default, but I'm okay with flipping this around and moving --timeout from the service file to the ARGS variable in the corresponding sysconf file for all daemons instead, especially since Jano pointed out that a lot of sysconf files already look like that on a Fedora installation.
Would that work for you?
IIUC, what you describe is what the current setup already does, so you mean just dropping this patch ? Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
On Thu, 2020-04-02 at 13:38 +0100, Daniel P. Berrangé wrote:
On Thu, Apr 02, 2020 at 02:16:46PM +0200, Andrea Bolognani wrote:
On Thu, 2020-04-02 at 13:00 +0100, Daniel P. Berrangé wrote:
The effect on this though is that --timeout arg now has to be specified twice so we'll get a running process of
"libvirtd --timeout 120 --timeout 0"
which I find quite unappealing, so I'm not really in favour of this revert, especially as we don't actually use the sysconf files from other init systems
I don't think it's a big deal, especially considering that most people will not end up actually changing the default, but I'm okay with flipping this around and moving --timeout from the service file to the ARGS variable in the corresponding sysconf file for all daemons instead, especially since Jano pointed out that a lot of sysconf files already look like that on a Fedora installation.
Would that work for you?
IIUC, what you describe is what the current setup already does, so you mean just dropping this patch ?
That's currently only true of libvirtd: for all other daemons, the use of --timeout is embedded in the service file, and there is no sysconf file at all. I'm suggesting we achieve consistency by adopting the same approach for all other daemons as well. -- Andrea Bolognani / Red Hat / Virtualization
On Thu, Apr 02, 2020 at 05:34:03PM +0200, Andrea Bolognani wrote:
On Thu, 2020-04-02 at 13:38 +0100, Daniel P. Berrangé wrote:
On Thu, Apr 02, 2020 at 02:16:46PM +0200, Andrea Bolognani wrote:
On Thu, 2020-04-02 at 13:00 +0100, Daniel P. Berrangé wrote:
The effect on this though is that --timeout arg now has to be specified twice so we'll get a running process of
"libvirtd --timeout 120 --timeout 0"
which I find quite unappealing, so I'm not really in favour of this revert, especially as we don't actually use the sysconf files from other init systems
I don't think it's a big deal, especially considering that most people will not end up actually changing the default, but I'm okay with flipping this around and moving --timeout from the service file to the ARGS variable in the corresponding sysconf file for all daemons instead, especially since Jano pointed out that a lot of sysconf files already look like that on a Fedora installation.
Would that work for you?
IIUC, what you describe is what the current setup already does, so you mean just dropping this patch ?
That's currently only true of libvirtd: for all other daemons, the use of --timeout is embedded in the service file, and there is no sysconf file at all. I'm suggesting we achieve consistency by adopting the same approach for all other daemons as well.
Oh, I see what you mean, yes I agree with that. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
The sysconf file is not the correct place for this. This reverts commit 02b6005063d6e8b5c6c695ed1ffaf10ef45143b0. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/logging/virtlogd.sysconf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/logging/virtlogd.sysconf b/src/logging/virtlogd.sysconf index 678af34faf..5886f35110 100644 --- a/src/logging/virtlogd.sysconf +++ b/src/logging/virtlogd.sysconf @@ -1,3 +1,3 @@ # # Pass extra arguments to virtlogd -VIRTLOGD_ARGS="--timeout 120" +#VIRTLOGD_ARGS= -- 2.25.1
On a Wednesday in 2020, Andrea Bolognani wrote:
The sysconf file is not the correct place for this.
This reverts commit 02b6005063d6e8b5c6c695ed1ffaf10ef45143b0.
Same comment about the trailing period.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/logging/virtlogd.sysconf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
Reviewed-by: Ján Tomko <jtomko@redhat.com> Jano
This is consistent with what is already done for all other daemons. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/locking/virtlockd.service.in | 2 +- src/logging/virtlogd.service.in | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/locking/virtlockd.service.in b/src/locking/virtlockd.service.in index e7f8057c06..dc43f771cd 100644 --- a/src/locking/virtlockd.service.in +++ b/src/locking/virtlockd.service.in @@ -8,7 +8,7 @@ Documentation=https://libvirt.org [Service] EnvironmentFile=-@sysconfdir@/sysconfig/virtlockd -ExecStart=@sbindir@/virtlockd $VIRTLOCKD_ARGS +ExecStart=@sbindir@/virtlockd --timeout 120 $VIRTLOCKD_ARGS ExecReload=/bin/kill -USR1 $MAINPID # Loosing the locks is a really bad thing that will # cause the machine to be fenced (rebooted), so make diff --git a/src/logging/virtlogd.service.in b/src/logging/virtlogd.service.in index daff48e67d..7ad9545581 100644 --- a/src/logging/virtlogd.service.in +++ b/src/logging/virtlogd.service.in @@ -8,7 +8,7 @@ Documentation=https://libvirt.org [Service] EnvironmentFile=-@sysconfdir@/sysconfig/virtlogd -ExecStart=@sbindir@/virtlogd $VIRTLOGD_ARGS +ExecStart=@sbindir@/virtlogd --timeout 120 $VIRTLOGD_ARGS ExecReload=/bin/kill -USR1 $MAINPID # Loosing the logs is a really bad thing that will # cause the machine to be fenced (rebooted), so make -- 2.25.1
On a Wednesday in 2020, Andrea Bolognani wrote:
This is consistent with what is already done for all other daemons.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/locking/virtlockd.service.in | 2 +- src/logging/virtlogd.service.in | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)
Reviewed-by: Ján Tomko <jtomko@redhat.com> Jano
On Wed, Apr 01, 2020 at 08:53:41PM +0200, Andrea Bolognani wrote:
This is consistent with what is already done for all other daemons.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/locking/virtlockd.service.in | 2 +- src/logging/virtlogd.service.in | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/locking/virtlockd.service.in b/src/locking/virtlockd.service.in index e7f8057c06..dc43f771cd 100644 --- a/src/locking/virtlockd.service.in +++ b/src/locking/virtlockd.service.in @@ -8,7 +8,7 @@ Documentation=https://libvirt.org
[Service] EnvironmentFile=-@sysconfdir@/sysconfig/virtlockd -ExecStart=@sbindir@/virtlockd $VIRTLOCKD_ARGS +ExecStart=@sbindir@/virtlockd --timeout 120 $VIRTLOCKD_ARGS ExecReload=/bin/kill -USR1 $MAINPID # Loosing the locks is a really bad thing that will # cause the machine to be fenced (rebooted), so make
I think this is safe, because IIRC we intentionally leak the RPC connection FD to QEMU and thus will keep it open & inhibiti shutdown.
diff --git a/src/logging/virtlogd.service.in b/src/logging/virtlogd.service.in index daff48e67d..7ad9545581 100644 --- a/src/logging/virtlogd.service.in +++ b/src/logging/virtlogd.service.in @@ -8,7 +8,7 @@ Documentation=https://libvirt.org
[Service] EnvironmentFile=-@sysconfdir@/sysconfig/virtlogd -ExecStart=@sbindir@/virtlogd $VIRTLOGD_ARGS +ExecStart=@sbindir@/virtlogd --timeout 120 $VIRTLOGD_ARGS ExecReload=/bin/kill -USR1 $MAINPID # Loosing the logs is a really bad thing that will # cause the machine to be fenced (rebooted), so make
I'm fairly sure this is not safe on its own. virLogDaemonInhibitor only inhibits timer shutdown for the unprivileged daemon. This setting a timeout will cause the virtlogd to shutdown even when log files are open. I can't remember why I special cased this in the code now, but fairly sure we'll need to fix that first. Can you test to ensure that they don't prematurely shut down when logs or locks are held. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
On Thu, 2020-04-02 at 13:10 +0100, Daniel P. Berrangé wrote:
On Wed, Apr 01, 2020 at 08:53:41PM +0200, Andrea Bolognani wrote:
[Service] EnvironmentFile=-@sysconfdir@/sysconfig/virtlogd -ExecStart=@sbindir@/virtlogd $VIRTLOGD_ARGS +ExecStart=@sbindir@/virtlogd --timeout 120 $VIRTLOGD_ARGS ExecReload=/bin/kill -USR1 $MAINPID # Loosing the logs is a really bad thing that will # cause the machine to be fenced (rebooted), so make
I'm fairly sure this is not safe on its own.
virLogDaemonInhibitor only inhibits timer shutdown for the unprivileged daemon. This setting a timeout will cause the virtlogd to shutdown even when log files are open. I can't remember why I special cased this in the code now, but fairly sure we'll need to fix that first.
If we're not convinced this is safe, then we better revert 02b6005063d6 before 6.2.0 is tagged.
Can you test to ensure that they don't prematurely shut down when logs or locks are held.
I have been running some variation of master (including the commit mentioned above) for a while now and I haven't encountered any issues with it. What exactly should I be looking for? -- Andrea Bolognani / Red Hat / Virtualization
On Thu, Apr 02, 2020 at 02:20:27PM +0200, Andrea Bolognani wrote:
On Thu, 2020-04-02 at 13:10 +0100, Daniel P. Berrangé wrote:
On Wed, Apr 01, 2020 at 08:53:41PM +0200, Andrea Bolognani wrote:
[Service] EnvironmentFile=-@sysconfdir@/sysconfig/virtlogd -ExecStart=@sbindir@/virtlogd $VIRTLOGD_ARGS +ExecStart=@sbindir@/virtlogd --timeout 120 $VIRTLOGD_ARGS ExecReload=/bin/kill -USR1 $MAINPID # Loosing the logs is a really bad thing that will # cause the machine to be fenced (rebooted), so make
I'm fairly sure this is not safe on its own.
virLogDaemonInhibitor only inhibits timer shutdown for the unprivileged daemon. This setting a timeout will cause the virtlogd to shutdown even when log files are open. I can't remember why I special cased this in the code now, but fairly sure we'll need to fix that first.
If we're not convinced this is safe, then we better revert 02b6005063d6 before 6.2.0 is tagged.
Can you test to ensure that they don't prematurely shut down when logs or locks are held.
I have been running some variation of master (including the commit mentioned above) for a while now and I haven't encountered any issues with it. What exactly should I be looking for?
Just run "virtlogd --timeout 20" and then start a QEMU guest. I see that virtlogd shuts down while the guest is still running, thus breaking the logfile writing. NB run the system instance, not session instance. A similar test for virtlockd - it mustn't shutdown while any QEMU guest with disks, is running. As mentioned above, I think it is probably fine already, but worth checking Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
On Thu, 2020-04-02 at 13:36 +0100, Daniel P. Berrangé wrote:
On Thu, Apr 02, 2020 at 02:20:27PM +0200, Andrea Bolognani wrote:
On Thu, 2020-04-02 at 13:10 +0100, Daniel P. Berrangé wrote:
virLogDaemonInhibitor only inhibits timer shutdown for the unprivileged daemon. This setting a timeout will cause the virtlogd to shutdown even when log files are open. I can't remember why I special cased this in the code now, but fairly sure we'll need to fix that first.
If we're not convinced this is safe, then we better revert 02b6005063d6 before 6.2.0 is tagged.
Can you test to ensure that they don't prematurely shut down when logs or locks are held.
I have been running some variation of master (including the commit mentioned above) for a while now and I haven't encountered any issues with it. What exactly should I be looking for?
Just run "virtlogd --timeout 20" and then start a QEMU guest. I see that virtlogd shuts down while the guest is still running, thus breaking the logfile writing. NB run the system instance, not session instance.
I started a VM, waited a bit, and sure enough virtlogd quit on its own. However, after I ssh'd into the VM and executed poweroff, virtlogd was socket-activated (as expected) and the log file, which I was tailing from another terminal, was updated to report the fact that the VM was shutting down. So, at least from this very simple test, it would seem that there is no ill effect resulting from letting virtlogd shut itself down after a timeout. However, given the concern you've raised, I would personally err on the side of caution and merge patch 3/8 from this series right away, so that we are sure 6.2.0 is released in a known-good state. Any objection to that?
A similar test for virtlockd - it mustn't shutdown while any QEMU guest with disks, is running. As mentioned above, I think it is probably fine already, but worth checking
I've never used virtlockd, so I'm not even sure how to make libvirt take advantage of it. Either way, as of current master the timeout is not set for virtlockd, so we can take our time figuring this one out. -- Andrea Bolognani / Red Hat / Virtualization
On Thu, Apr 02, 2020 at 14:51:13 +0200, Andrea Bolognani wrote:
On Thu, 2020-04-02 at 13:36 +0100, Daniel P. Berrangé wrote:
On Thu, Apr 02, 2020 at 02:20:27PM +0200, Andrea Bolognani wrote:
On Thu, 2020-04-02 at 13:10 +0100, Daniel P. Berrangé wrote:
virLogDaemonInhibitor only inhibits timer shutdown for the unprivileged daemon. This setting a timeout will cause the virtlogd to shutdown even when log files are open. I can't remember why I special cased this in the code now, but fairly sure we'll need to fix that first.
If we're not convinced this is safe, then we better revert 02b6005063d6 before 6.2.0 is tagged.
Can you test to ensure that they don't prematurely shut down when logs or locks are held.
I have been running some variation of master (including the commit mentioned above) for a while now and I haven't encountered any issues with it. What exactly should I be looking for?
Just run "virtlogd --timeout 20" and then start a QEMU guest. I see that virtlogd shuts down while the guest is still running, thus breaking the logfile writing. NB run the system instance, not session instance.
I started a VM, waited a bit, and sure enough virtlogd quit on its own. However, after I ssh'd into the VM and executed poweroff, virtlogd was socket-activated (as expected) and the log file, which I was tailing from another terminal, was updated to report the fact that the VM was shutting down. So, at least from this very simple test, it would seem that there is no ill effect resulting from letting virtlogd shut itself down after a timeout.
The log entry about VM shutdown is added by libvirt and not by qemu. In fact there's no way for qemu to "socket activate" anything since we are logging the stderr/out of qemu via vitlogd via a pipe. If vitlogd exits while a VM is running you lose stdout/stderr logging of the qemu process and that is _very_ bad.
On Thu, Apr 02, 2020 at 02:51:13PM +0200, Andrea Bolognani wrote:
On Thu, 2020-04-02 at 13:36 +0100, Daniel P. Berrangé wrote:
On Thu, Apr 02, 2020 at 02:20:27PM +0200, Andrea Bolognani wrote:
On Thu, 2020-04-02 at 13:10 +0100, Daniel P. Berrangé wrote:
virLogDaemonInhibitor only inhibits timer shutdown for the unprivileged daemon. This setting a timeout will cause the virtlogd to shutdown even when log files are open. I can't remember why I special cased this in the code now, but fairly sure we'll need to fix that first.
If we're not convinced this is safe, then we better revert 02b6005063d6 before 6.2.0 is tagged.
Can you test to ensure that they don't prematurely shut down when logs or locks are held.
I have been running some variation of master (including the commit mentioned above) for a while now and I haven't encountered any issues with it. What exactly should I be looking for?
Just run "virtlogd --timeout 20" and then start a QEMU guest. I see that virtlogd shuts down while the guest is still running, thus breaking the logfile writing. NB run the system instance, not session instance.
I started a VM, waited a bit, and sure enough virtlogd quit on its own. However, after I ssh'd into the VM and executed poweroff, virtlogd was socket-activated (as expected) and the log file, which I was tailing from another terminal, was updated to report the fact that the VM was shutting down. So, at least from this very simple test, it would seem that there is no ill effect resulting from letting virtlogd shut itself down after a timeout.
Anything that QEMU would have written to the logfile is lost though.
However, given the concern you've raised, I would personally err on the side of caution and merge patch 3/8 from this series right away, so that we are sure 6.2.0 is released in a known-good state. Any objection to that?
Yes, we need to revert that change asap.
A similar test for virtlockd - it mustn't shutdown while any QEMU guest with disks, is running. As mentioned above, I think it is probably fine already, but worth checking
I've never used virtlockd, so I'm not even sure how to make libvirt take advantage of it. Either way, as of current master the timeout is not set for virtlockd, so we can take our time figuring this one out.
Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
On Thu, 2020-04-02 at 14:01 +0100, Daniel P. Berrangé wrote:
On Thu, Apr 02, 2020 at 02:51:13PM +0200, Andrea Bolognani wrote:
I started a VM, waited a bit, and sure enough virtlogd quit on its own. However, after I ssh'd into the VM and executed poweroff, virtlogd was socket-activated (as expected) and the log file, which I was tailing from another terminal, was updated to report the fact that the VM was shutting down. So, at least from this very simple test, it would seem that there is no ill effect resulting from letting virtlogd shut itself down after a timeout.
Anything that QEMU would have written to the logfile is lost though.
However, given the concern you've raised, I would personally err on the side of caution and merge patch 3/8 from this series right away, so that we are sure 6.2.0 is released in a known-good state. Any objection to that?
Yes, we need to revert that change asap.
Done. -- Andrea Bolognani / Red Hat / Virtualization
While not terribly useful in general, turning off each daemon's timeout is a valid use case which we can very easily support while being consistent with what already happens for libvirtd, virtlogd and virtlockd. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/interface/Makefile.inc.am | 2 ++ src/interface/virtinterfaced.service.in | 3 ++- src/interface/virtinterfaced.sysconf | 3 +++ src/libxl/Makefile.inc.am | 2 ++ src/libxl/virtxend.service.in | 3 ++- src/libxl/virtxend.sysconf | 3 +++ src/lxc/Makefile.inc.am | 2 ++ src/lxc/virtlxcd.service.in | 3 ++- src/lxc/virtlxcd.sysconf | 3 +++ src/network/Makefile.inc.am | 2 ++ src/network/virtnetworkd.service.in | 3 ++- src/network/virtnetworkd.sysconf | 3 +++ src/node_device/Makefile.inc.am | 2 ++ src/node_device/virtnodedevd.service.in | 3 ++- src/node_device/virtnodedevd.sysconf | 3 +++ src/nwfilter/Makefile.inc.am | 2 ++ src/nwfilter/virtnwfilterd.service.in | 3 ++- src/nwfilter/virtnwfilterd.sysconf | 3 +++ src/qemu/Makefile.inc.am | 2 ++ src/qemu/virtqemud.service.in | 3 ++- src/qemu/virtqemud.sysconf | 3 +++ src/remote/Makefile.inc.am | 5 ++++- src/remote/virtproxyd.service.in | 3 ++- src/remote/virtproxyd.sysconf | 3 +++ src/secret/Makefile.inc.am | 2 ++ src/secret/virtsecretd.service.in | 3 ++- src/secret/virtsecretd.sysconf | 3 +++ src/storage/Makefile.inc.am | 2 ++ src/storage/virtstoraged.service.in | 3 ++- src/storage/virtstoraged.sysconf | 3 +++ src/vbox/Makefile.inc.am | 2 ++ src/vbox/virtvboxd.service.in | 3 ++- src/vbox/virtvboxd.sysconf | 3 +++ src/vz/Makefile.inc.am | 2 ++ src/vz/virtvzd.service.in | 3 ++- src/vz/virtvzd.sysconf | 3 +++ 36 files changed, 86 insertions(+), 13 deletions(-) create mode 100644 src/interface/virtinterfaced.sysconf create mode 100644 src/libxl/virtxend.sysconf create mode 100644 src/lxc/virtlxcd.sysconf create mode 100644 src/network/virtnetworkd.sysconf create mode 100644 src/node_device/virtnodedevd.sysconf create mode 100644 src/nwfilter/virtnwfilterd.sysconf create mode 100644 src/qemu/virtqemud.sysconf create mode 100644 src/remote/virtproxyd.sysconf create mode 100644 src/secret/virtsecretd.sysconf create mode 100644 src/storage/virtstoraged.sysconf create mode 100644 src/vbox/virtvboxd.sysconf create mode 100644 src/vz/virtvzd.sysconf diff --git a/src/interface/Makefile.inc.am b/src/interface/Makefile.inc.am index 39157c0770..46a43e61db 100644 --- a/src/interface/Makefile.inc.am +++ b/src/interface/Makefile.inc.am @@ -61,6 +61,8 @@ virtinterfaced_CFLAGS = \ virtinterfaced_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) virtinterfaced_LDADD = $(REMOTE_DAEMON_LD_ADD) +SYSCONF_FILES += interface/virtinterfaced.sysconf + SYSTEMD_UNIT_FILES += \ virtinterfaced.service \ virtinterfaced.socket \ diff --git a/src/interface/virtinterfaced.service.in b/src/interface/virtinterfaced.service.in index ff3a611d16..4dbd7a627b 100644 --- a/src/interface/virtinterfaced.service.in +++ b/src/interface/virtinterfaced.service.in @@ -13,7 +13,8 @@ Documentation=https://libvirt.org [Service] Type=notify -ExecStart=@sbindir@/virtinterfaced --timeout 120 +EnvironmentFile=-@sysconfdir@/sysconfig/virtinterfaced +ExecStart=@sbindir@/virtinterfaced --timeout 120 $VIRTINTERFACED_ARGS ExecReload=/bin/kill -HUP $MAINPID Restart=on-failure diff --git a/src/interface/virtinterfaced.sysconf b/src/interface/virtinterfaced.sysconf new file mode 100644 index 0000000000..fb34143d7d --- /dev/null +++ b/src/interface/virtinterfaced.sysconf @@ -0,0 +1,3 @@ +# +# Pass extra arguments to virtinterfaced +#VIRTINTERFACED_ARGS= diff --git a/src/libxl/Makefile.inc.am b/src/libxl/Makefile.inc.am index ff6a2b0f69..619835a46b 100644 --- a/src/libxl/Makefile.inc.am +++ b/src/libxl/Makefile.inc.am @@ -73,6 +73,8 @@ virtxend_CFLAGS = \ virtxend_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) virtxend_LDADD = $(REMOTE_DAEMON_LD_ADD) +SYSCONF_FILES += libxl/virtxend.sysconf + SYSTEMD_UNIT_FILES += \ virtxend.service \ virtxend.socket \ diff --git a/src/libxl/virtxend.service.in b/src/libxl/virtxend.service.in index b4b6ce6d8c..8a794647ac 100644 --- a/src/libxl/virtxend.service.in +++ b/src/libxl/virtxend.service.in @@ -17,7 +17,8 @@ ConditionPathExists=/proc/xen/capabilities [Service] Type=notify -ExecStart=@sbindir@/virtxend --timeout 120 +EnvironmentFile=-@sysconfdir@/sysconfig/virtxend +ExecStart=@sbindir@/virtxend --timeout 120 $VIRTXEND_ARGS ExecReload=/bin/kill -HUP $MAINPID Restart=on-failure KillMode=process diff --git a/src/libxl/virtxend.sysconf b/src/libxl/virtxend.sysconf new file mode 100644 index 0000000000..878d333411 --- /dev/null +++ b/src/libxl/virtxend.sysconf @@ -0,0 +1,3 @@ +# +# Pass extra arguments to virtxend +#VIRTXEND_ARGS= diff --git a/src/lxc/Makefile.inc.am b/src/lxc/Makefile.inc.am index 2fee607d3d..b8c2e1eb3d 100644 --- a/src/lxc/Makefile.inc.am +++ b/src/lxc/Makefile.inc.am @@ -136,6 +136,8 @@ virtlxcd_CFLAGS = \ virtlxcd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) virtlxcd_LDADD = $(REMOTE_DAEMON_LD_ADD) +SYSCONF_FILES += lxc/virtlxcd.sysconf + SYSTEMD_UNIT_FILES += \ virtlxcd.service \ virtlxcd.socket \ diff --git a/src/lxc/virtlxcd.service.in b/src/lxc/virtlxcd.service.in index 33f8ca2d4d..0665f21ee0 100644 --- a/src/lxc/virtlxcd.service.in +++ b/src/lxc/virtlxcd.service.in @@ -18,7 +18,8 @@ Documentation=https://libvirt.org [Service] Type=notify -ExecStart=@sbindir@/virtlxcd --timeout 120 +EnvironmentFile=-@sysconfdir@/sysconfig/virtlxcd +ExecStart=@sbindir@/virtlxcd --timeout 120 $VIRTLXCD_ARGS ExecReload=/bin/kill -HUP $MAINPID KillMode=process Restart=on-failure diff --git a/src/lxc/virtlxcd.sysconf b/src/lxc/virtlxcd.sysconf new file mode 100644 index 0000000000..50d1d31540 --- /dev/null +++ b/src/lxc/virtlxcd.sysconf @@ -0,0 +1,3 @@ +# +# Pass extra arguments to virtlxcd +#VIRTLXCD_ARGS= diff --git a/src/network/Makefile.inc.am b/src/network/Makefile.inc.am index bc05b01987..196a30e16c 100644 --- a/src/network/Makefile.inc.am +++ b/src/network/Makefile.inc.am @@ -69,6 +69,8 @@ virtnetworkd_CFLAGS = \ virtnetworkd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) virtnetworkd_LDADD = $(REMOTE_DAEMON_LD_ADD) +SYSCONF_FILES += network/virtnetworkd.sysconf + SYSTEMD_UNIT_FILES += \ virtnetworkd.service \ virtnetworkd.socket \ diff --git a/src/network/virtnetworkd.service.in b/src/network/virtnetworkd.service.in index 656e8b4f84..beef277a34 100644 --- a/src/network/virtnetworkd.service.in +++ b/src/network/virtnetworkd.service.in @@ -13,7 +13,8 @@ Documentation=https://libvirt.org [Service] Type=notify -ExecStart=@sbindir@/virtnetworkd --timeout 120 +EnvironmentFile=-@sysconfdir@/sysconfig/virtnetworkd +ExecStart=@sbindir@/virtnetworkd --timeout 120 $VIRTNETWORKD_ARGS ExecReload=/bin/kill -HUP $MAINPID Restart=on-failure KillMode=process diff --git a/src/network/virtnetworkd.sysconf b/src/network/virtnetworkd.sysconf new file mode 100644 index 0000000000..c2a9eb6767 --- /dev/null +++ b/src/network/virtnetworkd.sysconf @@ -0,0 +1,3 @@ +# +# Pass extra arguments to virtnetworkd +#VIRTNETWORKD_ARGS= diff --git a/src/node_device/Makefile.inc.am b/src/node_device/Makefile.inc.am index 0b287189bc..788563665f 100644 --- a/src/node_device/Makefile.inc.am +++ b/src/node_device/Makefile.inc.am @@ -84,6 +84,8 @@ virtnodedevd_CFLAGS = \ virtnodedevd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) virtnodedevd_LDADD = $(REMOTE_DAEMON_LD_ADD) +SYSCONF_FILES += node_device/virtnodedevd.sysconf + SYSTEMD_UNIT_FILES += \ virtnodedevd.service \ virtnodedevd.socket \ diff --git a/src/node_device/virtnodedevd.service.in b/src/node_device/virtnodedevd.service.in index 132ee05a7f..4795fc9167 100644 --- a/src/node_device/virtnodedevd.service.in +++ b/src/node_device/virtnodedevd.service.in @@ -13,7 +13,8 @@ Documentation=https://libvirt.org [Service] Type=notify -ExecStart=@sbindir@/virtnodedevd --timeout 120 +EnvironmentFile=-@sysconfdir@/sysconfig/virtnodedevd +ExecStart=@sbindir@/virtnodedevd --timeout 120 $VIRTNODEDEVD_ARGS ExecReload=/bin/kill -HUP $MAINPID Restart=on-failure diff --git a/src/node_device/virtnodedevd.sysconf b/src/node_device/virtnodedevd.sysconf new file mode 100644 index 0000000000..6095bb6c94 --- /dev/null +++ b/src/node_device/virtnodedevd.sysconf @@ -0,0 +1,3 @@ +# +# Pass extra arguments to virtnodedevd +#VIRTNODEDEVD_ARGS= diff --git a/src/nwfilter/Makefile.inc.am b/src/nwfilter/Makefile.inc.am index 9a68fd80b6..20db8090e0 100644 --- a/src/nwfilter/Makefile.inc.am +++ b/src/nwfilter/Makefile.inc.am @@ -70,6 +70,8 @@ virtnwfilterd_CFLAGS = \ virtnwfilterd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) virtnwfilterd_LDADD = $(REMOTE_DAEMON_LD_ADD) +SYSCONF_FILES += nwfilter/virtnwfilterd.sysconf + SYSTEMD_UNIT_FILES += \ virtnwfilterd.service \ virtnwfilterd.socket \ diff --git a/src/nwfilter/virtnwfilterd.service.in b/src/nwfilter/virtnwfilterd.service.in index 57c2fafe43..3517232edc 100644 --- a/src/nwfilter/virtnwfilterd.service.in +++ b/src/nwfilter/virtnwfilterd.service.in @@ -13,7 +13,8 @@ Documentation=https://libvirt.org [Service] Type=notify -ExecStart=@sbindir@/virtnwfilterd --timeout 120 +EnvironmentFile=-@sysconfdir@/sysconfig/virtnwfilterd +ExecStart=@sbindir@/virtnwfilterd --timeout 120 $VIRTNWFILTERD_ARGS ExecReload=/bin/kill -HUP $MAINPID Restart=on-failure diff --git a/src/nwfilter/virtnwfilterd.sysconf b/src/nwfilter/virtnwfilterd.sysconf new file mode 100644 index 0000000000..704dc57a16 --- /dev/null +++ b/src/nwfilter/virtnwfilterd.sysconf @@ -0,0 +1,3 @@ +# +# Pass extra arguments to virtnwfilterd +#VIRTNWFILTERD_ARGS= diff --git a/src/qemu/Makefile.inc.am b/src/qemu/Makefile.inc.am index 51cd79879d..c42c470a4c 100644 --- a/src/qemu/Makefile.inc.am +++ b/src/qemu/Makefile.inc.am @@ -146,6 +146,8 @@ virtqemud_CFLAGS = \ virtqemud_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) virtqemud_LDADD = $(REMOTE_DAEMON_LD_ADD) +SYSCONF_FILES += qemu/virtqemud.sysconf + SYSTEMD_UNIT_FILES += \ virtqemud.service \ virtqemud.socket \ diff --git a/src/qemu/virtqemud.service.in b/src/qemu/virtqemud.service.in index aa24bdaab7..55a95640b1 100644 --- a/src/qemu/virtqemud.service.in +++ b/src/qemu/virtqemud.service.in @@ -18,7 +18,8 @@ Documentation=https://libvirt.org [Service] Type=notify -ExecStart=@sbindir@/virtqemud --timeout 120 +EnvironmentFile=-@sysconfdir@/sysconfig/virtqemud +ExecStart=@sbindir@/virtqemud --timeout 120 $VIRTQEMUD_ARGS ExecReload=/bin/kill -HUP $MAINPID KillMode=process Restart=on-failure diff --git a/src/qemu/virtqemud.sysconf b/src/qemu/virtqemud.sysconf new file mode 100644 index 0000000000..53d9de7a20 --- /dev/null +++ b/src/qemu/virtqemud.sysconf @@ -0,0 +1,3 @@ +# +# Pass extra arguments to virtqemud +#VIRTQEMUD_ARGS= diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index 958bd18f86..1b1be8340d 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -88,7 +88,10 @@ LOGROTATE_FILES_IN += \ remote/libvirtd.logrotate.in \ $(NULL) -SYSCONF_FILES += remote/libvirtd.sysconf +SYSCONF_FILES += \ + remote/libvirtd.sysconf \ + remote/virtproxyd.sysconf \ + $(NULL) LIBVIRTD_SOCKET_UNIT_FILES_IN = \ remote/libvirtd.socket.in \ diff --git a/src/remote/virtproxyd.service.in b/src/remote/virtproxyd.service.in index e99e2af19c..39d82bb53d 100644 --- a/src/remote/virtproxyd.service.in +++ b/src/remote/virtproxyd.service.in @@ -13,7 +13,8 @@ Documentation=https://libvirt.org [Service] Type=notify -ExecStart=@sbindir@/virtproxyd --timeout 120 +EnvironmentFile=-@sysconfdir@/sysconfig/virtproxyd +ExecStart=@sbindir@/virtproxyd --timeout 120 $VIRTPROXYD_ARGS ExecReload=/bin/kill -HUP $MAINPID Restart=on-failure diff --git a/src/remote/virtproxyd.sysconf b/src/remote/virtproxyd.sysconf new file mode 100644 index 0000000000..3cb64bdb4e --- /dev/null +++ b/src/remote/virtproxyd.sysconf @@ -0,0 +1,3 @@ +# +# Pass extra arguments to virtproxyd +#VIRTPROXYD_ARGS= diff --git a/src/secret/Makefile.inc.am b/src/secret/Makefile.inc.am index 63c8bc6dba..a8390f8265 100644 --- a/src/secret/Makefile.inc.am +++ b/src/secret/Makefile.inc.am @@ -47,6 +47,8 @@ virtsecretd_CFLAGS = \ virtsecretd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) virtsecretd_LDADD = $(REMOTE_DAEMON_LD_ADD) +SYSCONF_FILES += secret/virtsecretd.sysconf + SYSTEMD_UNIT_FILES += \ virtsecretd.service \ virtsecretd.socket \ diff --git a/src/secret/virtsecretd.service.in b/src/secret/virtsecretd.service.in index 00cdc26b97..84f2001028 100644 --- a/src/secret/virtsecretd.service.in +++ b/src/secret/virtsecretd.service.in @@ -13,7 +13,8 @@ Documentation=https://libvirt.org [Service] Type=notify -ExecStart=@sbindir@/virtsecretd --timeout 120 +EnvironmentFile=-@sysconfdir@/sysconfig/virtsecretd +ExecStart=@sbindir@/virtsecretd --timeout 120 $VIRTSECRETD_ARGS ExecReload=/bin/kill -HUP $MAINPID Restart=on-failure diff --git a/src/secret/virtsecretd.sysconf b/src/secret/virtsecretd.sysconf new file mode 100644 index 0000000000..6e89f38099 --- /dev/null +++ b/src/secret/virtsecretd.sysconf @@ -0,0 +1,3 @@ +# +# Pass extra arguments to virtsecretd +#VIRTSECRETD_ARGS= diff --git a/src/storage/Makefile.inc.am b/src/storage/Makefile.inc.am index 3655b8a53c..2f46d244f3 100644 --- a/src/storage/Makefile.inc.am +++ b/src/storage/Makefile.inc.am @@ -162,6 +162,8 @@ virtstoraged_CFLAGS = \ virtstoraged_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) virtstoraged_LDADD = $(REMOTE_DAEMON_LD_ADD) +SYSCONF_FILES += storage/virtstoraged.sysconf + SYSTEMD_UNIT_FILES += \ virtstoraged.service \ virtstoraged.socket \ diff --git a/src/storage/virtstoraged.service.in b/src/storage/virtstoraged.service.in index 9aa26764a9..a33fb289d5 100644 --- a/src/storage/virtstoraged.service.in +++ b/src/storage/virtstoraged.service.in @@ -15,7 +15,8 @@ Documentation=https://libvirt.org [Service] Type=notify -ExecStart=@sbindir@/virtstoraged --timeout 120 +EnvironmentFile=-@sysconfdir@/sysconfig/virtstoraged +ExecStart=@sbindir@/virtstoraged --timeout 120 $VIRTSTORAGED_ARGS ExecReload=/bin/kill -HUP $MAINPID Restart=on-failure diff --git a/src/storage/virtstoraged.sysconf b/src/storage/virtstoraged.sysconf new file mode 100644 index 0000000000..99c42e7958 --- /dev/null +++ b/src/storage/virtstoraged.sysconf @@ -0,0 +1,3 @@ +# +# Pass extra arguments to virtstoraged +#VIRTSTORAGED_ARGS= diff --git a/src/vbox/Makefile.inc.am b/src/vbox/Makefile.inc.am index 72a15c6468..8d2467f39e 100644 --- a/src/vbox/Makefile.inc.am +++ b/src/vbox/Makefile.inc.am @@ -81,6 +81,8 @@ virtvboxd_CFLAGS = \ virtvboxd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) virtvboxd_LDADD = $(REMOTE_DAEMON_LD_ADD) +SYSCONF_FILES += vbox/virtvboxd.sysconf + SYSTEMD_UNIT_FILES += \ virtvboxd.service \ virtvboxd.socket \ diff --git a/src/vbox/virtvboxd.service.in b/src/vbox/virtvboxd.service.in index 7e0f7518d6..8240c45646 100644 --- a/src/vbox/virtvboxd.service.in +++ b/src/vbox/virtvboxd.service.in @@ -14,7 +14,8 @@ Documentation=https://libvirt.org [Service] Type=notify -ExecStart=@sbindir@/virtvboxd --timeout 120 +EnvironmentFile=-@sysconfdir@/sysconfig/virtvboxd +ExecStart=@sbindir@/virtvboxd --timeout 120 $VIRTVBOXD_ARGS ExecReload=/bin/kill -HUP $MAINPID Restart=on-failure diff --git a/src/vbox/virtvboxd.sysconf b/src/vbox/virtvboxd.sysconf new file mode 100644 index 0000000000..0b3205710b --- /dev/null +++ b/src/vbox/virtvboxd.sysconf @@ -0,0 +1,3 @@ +# +# Pass extra arguments to virtvboxd +#VIRTVBOXD_ARGS= diff --git a/src/vz/Makefile.inc.am b/src/vz/Makefile.inc.am index cabe18a9a1..f60f73bf06 100644 --- a/src/vz/Makefile.inc.am +++ b/src/vz/Makefile.inc.am @@ -56,6 +56,8 @@ virtvzd_CFLAGS = \ virtvzd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) virtvzd_LDADD = $(REMOTE_DAEMON_LD_ADD) +SYSCONF_FILES += vz/virtvzd.sysconf + SYSTEMD_UNIT_FILES += \ virtvzd.service \ virtvzd.socket \ diff --git a/src/vz/virtvzd.service.in b/src/vz/virtvzd.service.in index cd0f558768..15ccfeb172 100644 --- a/src/vz/virtvzd.service.in +++ b/src/vz/virtvzd.service.in @@ -14,7 +14,8 @@ Documentation=https://libvirt.org [Service] Type=notify -ExecStart=@sbindir@/virtvzd --timeout 120 +EnvironmentFile=-@sysconfdir@/sysconfig/virtvzd +ExecStart=@sbindir@/virtvzd --timeout 120 $VIRTVZD_ARGS ExecReload=/bin/kill -HUP $MAINPID Restart=on-failure diff --git a/src/vz/virtvzd.sysconf b/src/vz/virtvzd.sysconf new file mode 100644 index 0000000000..536125b2d5 --- /dev/null +++ b/src/vz/virtvzd.sysconf @@ -0,0 +1,3 @@ +# +# Pass extra arguments to virtvzd +#VIRTVZD_ARGS= -- 2.25.1
On a Wednesday in 2020, Andrea Bolognani wrote:
While not terribly useful in general, turning off each daemon's timeout is a valid use case which we can very easily support while being consistent with what already happens for libvirtd, virtlogd and virtlockd.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/interface/Makefile.inc.am | 2 ++ src/interface/virtinterfaced.service.in | 3 ++- src/interface/virtinterfaced.sysconf | 3 +++ src/libxl/Makefile.inc.am | 2 ++ src/libxl/virtxend.service.in | 3 ++- src/libxl/virtxend.sysconf | 3 +++ src/lxc/Makefile.inc.am | 2 ++ src/lxc/virtlxcd.service.in | 3 ++- src/lxc/virtlxcd.sysconf | 3 +++ src/network/Makefile.inc.am | 2 ++ src/network/virtnetworkd.service.in | 3 ++- src/network/virtnetworkd.sysconf | 3 +++ src/node_device/Makefile.inc.am | 2 ++ src/node_device/virtnodedevd.service.in | 3 ++- src/node_device/virtnodedevd.sysconf | 3 +++ src/nwfilter/Makefile.inc.am | 2 ++ src/nwfilter/virtnwfilterd.service.in | 3 ++- src/nwfilter/virtnwfilterd.sysconf | 3 +++ src/qemu/Makefile.inc.am | 2 ++ src/qemu/virtqemud.service.in | 3 ++- src/qemu/virtqemud.sysconf | 3 +++ src/remote/Makefile.inc.am | 5 ++++- src/remote/virtproxyd.service.in | 3 ++- src/remote/virtproxyd.sysconf | 3 +++ src/secret/Makefile.inc.am | 2 ++ src/secret/virtsecretd.service.in | 3 ++- src/secret/virtsecretd.sysconf | 3 +++ src/storage/Makefile.inc.am | 2 ++ src/storage/virtstoraged.service.in | 3 ++- src/storage/virtstoraged.sysconf | 3 +++ src/vbox/Makefile.inc.am | 2 ++ src/vbox/virtvboxd.service.in | 3 ++- src/vbox/virtvboxd.sysconf | 3 +++ src/vz/Makefile.inc.am | 2 ++ src/vz/virtvzd.service.in | 3 ++- src/vz/virtvzd.sysconf | 3 +++ 36 files changed, 86 insertions(+), 13 deletions(-) create mode 100644 src/interface/virtinterfaced.sysconf create mode 100644 src/libxl/virtxend.sysconf create mode 100644 src/lxc/virtlxcd.sysconf create mode 100644 src/network/virtnetworkd.sysconf create mode 100644 src/node_device/virtnodedevd.sysconf create mode 100644 src/nwfilter/virtnwfilterd.sysconf create mode 100644 src/qemu/virtqemud.sysconf create mode 100644 src/remote/virtproxyd.sysconf create mode 100644 src/secret/virtsecretd.sysconf create mode 100644 src/storage/virtstoraged.sysconf create mode 100644 src/vbox/virtvboxd.sysconf create mode 100644 src/vz/virtvzd.sysconf
Reviewed-by: Ján Tomko <jtomko@redhat.com> Jano
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- libvirt.spec.in | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/libvirt.spec.in b/libvirt.spec.in index efeeac31b9..6061a26497 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1532,6 +1532,7 @@ exit 0 %{_unitdir}/virtlockd.socket %{_unitdir}/virtlockd-admin.socket %config(noreplace) %{_sysconfdir}/sysconfig/libvirtd +%config(noreplace) %{_sysconfdir}/sysconfig/virtproxyd %config(noreplace) %{_sysconfdir}/sysconfig/virtlogd %config(noreplace) %{_sysconfdir}/sysconfig/virtlockd %config(noreplace) %{_sysconfdir}/libvirt/libvirtd.conf @@ -1600,6 +1601,7 @@ exit 0 %ghost %{_sysconfdir}/libvirt/nwfilter/*.xml %files daemon-driver-interface +%config(noreplace) %{_sysconfdir}/sysconfig/virtinterfaced %config(noreplace) %{_sysconfdir}/libvirt/virtinterfaced.conf %{_datadir}/augeas/lenses/virtinterfaced.aug %{_datadir}/augeas/lenses/tests/test_virtinterfaced.aug @@ -1611,6 +1613,7 @@ exit 0 %{_libdir}/%{name}/connection-driver/libvirt_driver_interface.so %files daemon-driver-network +%config(noreplace) %{_sysconfdir}/sysconfig/virtnetworkd %config(noreplace) %{_sysconfdir}/libvirt/virtnetworkd.conf %{_datadir}/augeas/lenses/virtnetworkd.aug %{_datadir}/augeas/lenses/tests/test_virtnetworkd.aug @@ -1633,6 +1636,7 @@ exit 0 %endif %files daemon-driver-nodedev +%config(noreplace) %{_sysconfdir}/sysconfig/virtnodedevd %config(noreplace) %{_sysconfdir}/libvirt/virtnodedevd.conf %{_datadir}/augeas/lenses/virtnodedevd.aug %{_datadir}/augeas/lenses/tests/test_virtnodedevd.aug @@ -1644,6 +1648,7 @@ exit 0 %{_libdir}/%{name}/connection-driver/libvirt_driver_nodedev.so %files daemon-driver-nwfilter +%config(noreplace) %{_sysconfdir}/sysconfig/virtnwfilterd %config(noreplace) %{_sysconfdir}/libvirt/virtnwfilterd.conf %{_datadir}/augeas/lenses/virtnwfilterd.aug %{_datadir}/augeas/lenses/tests/test_virtnwfilterd.aug @@ -1657,6 +1662,7 @@ exit 0 %{_libdir}/%{name}/connection-driver/libvirt_driver_nwfilter.so %files daemon-driver-secret +%config(noreplace) %{_sysconfdir}/sysconfig/virtsecretd %config(noreplace) %{_sysconfdir}/libvirt/virtsecretd.conf %{_datadir}/augeas/lenses/virtsecretd.aug %{_datadir}/augeas/lenses/tests/test_virtsecretd.aug @@ -1670,6 +1676,7 @@ exit 0 %files daemon-driver-storage %files daemon-driver-storage-core +%config(noreplace) %{_sysconfdir}/sysconfig/virtstoraged %config(noreplace) %{_sysconfdir}/libvirt/virtstoraged.conf %{_datadir}/augeas/lenses/virtstoraged.aug %{_datadir}/augeas/lenses/tests/test_virtstoraged.aug @@ -1726,6 +1733,7 @@ exit 0 %if %{with_qemu} %files daemon-driver-qemu +%config(noreplace) %{_sysconfdir}/sysconfig/virtqemud %config(noreplace) %{_sysconfdir}/libvirt/virtqemud.conf %{_datadir}/augeas/lenses/virtqemud.aug %{_datadir}/augeas/lenses/tests/test_virtqemud.aug @@ -1753,6 +1761,7 @@ exit 0 %if %{with_lxc} %files daemon-driver-lxc +%config(noreplace) %{_sysconfdir}/sysconfig/virtlxcd %config(noreplace) %{_sysconfdir}/libvirt/virtlxcd.conf %{_datadir}/augeas/lenses/virtlxcd.aug %{_datadir}/augeas/lenses/tests/test_virtlxcd.aug @@ -1774,6 +1783,7 @@ exit 0 %if %{with_libxl} %files daemon-driver-libxl +%config(noreplace) %{_sysconfdir}/sysconfig/virtxend %config(noreplace) %{_sysconfdir}/libvirt/virtxend.conf %{_datadir}/augeas/lenses/virtxend.aug %{_datadir}/augeas/lenses/tests/test_virtxend.aug @@ -1795,6 +1805,7 @@ exit 0 %if %{with_vbox} %files daemon-driver-vbox +%config(noreplace) %{_sysconfdir}/sysconfig/virtvboxd %config(noreplace) %{_sysconfdir}/libvirt/virtvboxd.conf %{_datadir}/augeas/lenses/virtvboxd.aug %{_datadir}/augeas/lenses/tests/test_virtvboxd.aug -- 2.25.1
On a Wednesday in 2020, Andrea Bolognani wrote:
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- libvirt.spec.in | 11 +++++++++++ 1 file changed, 11 insertions(+)
Reviewed-by: Ján Tomko <jtomko@redhat.com> Jano
On Wed, Apr 01, 2020 at 08:53:43PM +0200, Andrea Bolognani wrote:
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- libvirt.spec.in | 11 +++++++++++ 1 file changed, 11 insertions(+)
This should be in the same commit that adds the files, for bisectability Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
On Thu, 2020-04-02 at 12:56 +0100, Daniel P. Berrangé wrote:
On Wed, Apr 01, 2020 at 08:53:43PM +0200, Andrea Bolognani wrote:
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- libvirt.spec.in | 11 +++++++++++ 1 file changed, 11 insertions(+)
This should be in the same commit that adds the files, for bisectability
Sure, I'll squash it in. -- Andrea Bolognani / Red Hat / Virtualization
libvirtd supports this feature, and virtqemud ultimately calls to the same code so it does as well: advertise it in the sysconf file for the latter, as is already the case for the former. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/qemu/virtqemud.sysconf | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src/qemu/virtqemud.sysconf b/src/qemu/virtqemud.sysconf index 53d9de7a20..50816be594 100644 --- a/src/qemu/virtqemud.sysconf +++ b/src/qemu/virtqemud.sysconf @@ -1,3 +1,12 @@ # # Pass extra arguments to virtqemud #VIRTQEMUD_ARGS= + +# Override the QEMU/SDL default audio driver probing when +# starting virtual machines using SDL graphics +# +# NB these have no effect for VMs using VNC, unless vnc_allow_host_audio +# is enabled in /etc/libvirt/qemu.conf +#QEMU_AUDIO_DRV=sdl +# +#SDL_AUDIODRIVER=pulse -- 2.25.1
When the comment in libvirtd.sasl was last updated with commit fe772f24a6809b3d937ed6547cbaa9d820e514b6 Author: Cole Robinson <crobinso@redhat.com> Date: Sat Oct 20 14:10:03 2012 -0400 daemon: Avoid 'Could not find keytab file' in syslog it was noted that only old versions of kerberos would need the environment variable to be set: that was more than sever years ago, so it's safe to assume that none of our current target platforms still requires that hack and setting the appropriate key in the configuration file will be enough. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/remote/libvirtd.sasl | 4 +--- src/remote/libvirtd.sysconf | 3 --- 2 files changed, 1 insertion(+), 6 deletions(-) diff --git a/src/remote/libvirtd.sasl b/src/remote/libvirtd.sasl index 9e7699c75a..7a45470a9d 100644 --- a/src/remote/libvirtd.sasl +++ b/src/remote/libvirtd.sasl @@ -33,9 +33,7 @@ mech_list: gssapi # qemu+tcp://hostname/system?auth=sasl.gssapi #mech_list: scram-sha-1 gssapi -# Some older builds of MIT kerberos on Linux ignore this option & -# instead need KRB5_KTNAME env var. -# For modern Linux, and other OS, this should be sufficient +# File containing the service principal for libvirtd # keytab: /etc/libvirt/krb5.tab diff --git a/src/remote/libvirtd.sysconf b/src/remote/libvirtd.sysconf index 5969518bf2..e1aec32c1b 100644 --- a/src/remote/libvirtd.sysconf +++ b/src/remote/libvirtd.sysconf @@ -5,9 +5,6 @@ # NB. must setup TLS/SSL keys prior to using this #LIBVIRTD_ARGS="--listen" -# Override Kerberos service keytab for SASL/GSSAPI -#KRB5_KTNAME=/etc/libvirt/krb5.tab - # Override the QEMU/SDL default audio driver probing when # starting virtual machines using SDL graphics # -- 2.25.1
On a Wednesday in 2020, Andrea Bolognani wrote:
When the comment in libvirtd.sasl was last updated with
commit fe772f24a6809b3d937ed6547cbaa9d820e514b6 Author: Cole Robinson <crobinso@redhat.com> Date: Sat Oct 20 14:10:03 2012 -0400
daemon: Avoid 'Could not find keytab file' in syslog
it was noted that only old versions of kerberos would need the environment variable to be set: that was more than sever years
sever years ago should be enough time.
ago, so it's safe to assume that none of our current target platforms still requires that hack and setting the appropriate key in the configuration file will be enough.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/remote/libvirtd.sasl | 4 +--- src/remote/libvirtd.sysconf | 3 --- 2 files changed, 1 insertion(+), 6 deletions(-)
You can delete the following occurrennccess too: $ git grep KRB5_KTNAME src/remote/libvirtd.init.in:start_stop_daemon_args="--env KRB5_KTNAME=/etc/libvirt/krb5.tab" src/remote/virtproxyd.init.in:start_stop_daemon_args="--env KRB5_KTNAME=/etc/libvirt/krb5.tab" Reviewed-by: Ján Tomko <jtomko@redhat.com> Jano
On Thu, 2020-04-02 at 12:39 +0200, Ján Tomko wrote:
You can delete the following occurrennccess too: $ git grep KRB5_KTNAME src/remote/libvirtd.init.in:start_stop_daemon_args="--env KRB5_KTNAME=/etc/libvirt/krb5.tab" src/remote/virtproxyd.init.in:start_stop_daemon_args="--env KRB5_KTNAME=/etc/libvirt/krb5.tab"
I figured I would drop those as part of a separate OpenRC-specific series that I'm planning for later, but you're right, it makes more sense to do so in this commit. Consider it squashed in. -- Andrea Bolognani / Red Hat / Virtualization
participants (4)
-
Andrea Bolognani -
Daniel P. Berrangé -
Ján Tomko -
Peter Krempa