[libvirt] [PATCH 00/41] Split the libvirtd daemon into per-driver daemons

This is what all the driver refactoring I've done has been about enabling. We gain new daemons for each driver, for the primary virt drivers: virtlibxld virtlxcd virtqemud virtvboxd virtvzd And again for the secondary drivers virtinterfaced virtnetworkd virtnodedevd virtnwfilterd virtsecretd virtstoraged Finally to support IP connectivity, and also the legacy lbivirtd UNIX domain socket (for the old libvirt remote driver SSH tunnelling): virtproxyd The the sake of facilitating upgrades, the existing libvirtd still exists and works the same way it always has. You either run libvirtd, or you run the per-driver daemons, never both. The remote driver will look to see whether libvirtd is running to figure out whether to connect to libvirtd or the new per-driver daemons. When auto-spawning daemons for nonroot users, we default to spawning the per-driver daemons. This can be controlled with a UR parameter "?mode=direct|legacy|auto", where 'direct' means per-driver and 'legacy' means libvirtd (or indirect via virtproxyd if that's running). Changed in v2: - Added systemd unit files for service & sockets, ensuring conflicts with libvirtd - Fixed proxy to actually handle probing of URIs (still not quite perfect) - Renamed virtlibxld to virtxend as "xen" is the user facing name of the URI - Lazy loading of secondary drivers, so connecting to virtqemud does't auto-spawn all secondary driver daemons, until a relevant API is actually invoked - Actually generated config files / augeas files per daemon - Abort daemon startup if driver fails to load - Many other fixes Still a few things to do.... Important: - Tweak virtxend to not start unless on a xen host - Identity forwarding so that when connecting to virtproxyd the apps identity is sent onto virtqemud. Without this, virtqemud would see the client as "root" and so polkit would allow all access. Opps Nice to have - MAYBE make it possible to disable build of libvirtd, or of the per-driver daemons so downstream vendors can decide which to ship. Alternatively they can just not include the binary in the package file list ? - Tuning of the daemon defaults for worker threads to better suit the fact that we have per-driver daemons - More work on RPM packaging to allow install of per-driver daemosn without pulling in libvirtd too - Hopefully not much else. Daniel P. Berrangé (41): build: make augeas-gentest.pl write to stdout build: create all augeas test files in same dir as their source build: collapse rules adding augeas tests to CLEANFILES build: use a common rule for checking augeas test data files build: centralize rule for handling generated config files remote: stop trying to print help as giant blocks of text remote: conditionalize socket names in libvirtd daemon remote: conditionalize daemon name in libvirtd daemon remote: conditionalize driver loading in libvirtd daemon remote: conditionalize IP socket usage in libvirtd daemon remote: conditionalize IP socket config in libvirtd.conf remote: conditionalize IP socket config in augeas definitions remote: refactor & rename variables for building libvirtd remote: don't hardcode /etc in the systemd units remote: reduce duplication in systemd unit file make rules into one remote: conditionalize systemd socket unit files remote: refactor how list of systemd unit files is built remote: in per-driver daemons ensure that state initialize succeeds remote: introduce virtproxyd daemon to handle IP connectivity secret: introduce virtsecretd daemon network: introduce virtnetworkd daemon interface: introduce virtinterfaced daemon storage: introduce virtstoraged daemon nodedev: introduce virtnodedevd daemon nwfilter: introduce virtnwfilterd daemon libxl: introduce virtxend daemon qemu: introduce virtqemud daemon lxc: introduce virtlxcd daemon vbox: introduce virtvboxd daemon bhyve: introduce virtbhyved daemon vz: introduce virtvzd daemon admin: add ability to connect to the per-driver daemon sockets remote: get rid of bogus ATTRIBUTE_UNUSED annotation client param remote: change generated methods to not directly access connection remote: change hand written methods to not directly access connection remote: open secondary drivers via remote driver if needed remote: handle autoprobing of driver within virtproxyd remote: use enum helpers for parsing remote driver transport remote: refactor the code for choosing the UNIX socket path remote: switch to connect to per-driver daemons by default libvirt: correctly print out URI returned from probing .gitignore | 62 +- build-aux/augeas-gentest.pl | 22 +- libvirt.spec.in | 91 ++ m4/virt-driver-remote.m4 | 15 + src/Makefile.am | 26 +- src/admin/admin_server_dispatch.c | 9 + src/bhyve/Makefile.inc.am | 55 +- src/bhyve/bhyve_driver.c | 10 +- src/driver-state.h | 8 +- src/driver.h | 2 + src/interface/Makefile.inc.am | 62 + src/interface/interface_backend_netcf.c | 8 +- src/interface/interface_backend_udev.c | 4 +- src/interface/virtinterfaced.service.in | 24 + src/libvirt-admin.c | 32 +- src/libvirt.c | 42 +- src/libvirt_internal.h | 1 + src/libxl/Makefile.inc.am | 79 +- src/libxl/libxl_driver.c | 10 +- src/libxl/virtxend.service.in | 24 + src/locking/Makefile.inc.am | 76 +- src/logging/Makefile.inc.am | 22 +- src/lxc/Makefile.inc.am | 77 +- src/lxc/lxc_driver.c | 12 +- src/lxc/virtlxcd.service.in | 24 + src/network/Makefile.inc.am | 61 + src/network/bridge_driver.c | 4 +- src/network/virtnetworkd.service.in | 24 + src/node_device/Makefile.inc.am | 62 + src/node_device/node_device_hal.c | 12 +- src/node_device/node_device_udev.c | 8 +- src/node_device/virtnodedevd.service.in | 24 + src/nwfilter/Makefile.inc.am | 62 + src/nwfilter/nwfilter_driver.c | 12 +- src/nwfilter/virtnwfilterd.service.in | 24 + src/qemu/Makefile.inc.am | 76 +- src/qemu/qemu_driver.c | 8 +- src/qemu/virtqemud.service.in | 24 + src/remote/Makefile.inc.am | 281 ++-- src/remote/libvirtd-admin.socket.in | 15 +- src/remote/libvirtd-ro.socket.in | 15 +- src/remote/libvirtd-tcp.socket.in | 13 +- src/remote/libvirtd-tls.socket.in | 13 +- src/remote/{libvirtd.aug => libvirtd.aug.in} | 26 +- .../{libvirtd.conf => libvirtd.conf.in} | 42 +- src/remote/libvirtd.service.in | 2 +- src/remote/libvirtd.socket.in | 11 +- src/remote/remote_daemon.c | 291 ++-- src/remote/remote_daemon.h | 13 + src/remote/remote_daemon_config.c | 47 +- src/remote/remote_daemon_config.h | 9 +- src/remote/remote_daemon_dispatch.c | 1205 +++++++++-------- src/remote/remote_driver.c | 396 ++++-- src/remote/remote_driver.h | 4 - src/remote/test_libvirtd.aug.in | 16 +- src/remote/virtproxyd.service.in | 24 + src/rpc/gendispatch.pl | 96 +- src/secret/Makefile.inc.am | 62 + src/secret/secret_driver.c | 8 +- src/secret/virtsecretd.service.in | 24 + src/storage/Makefile.inc.am | 61 + src/storage/storage_driver.c | 8 +- src/storage/virtstoraged.service.in | 24 + src/vbox/Makefile.inc.am | 62 + src/vbox/virtvboxd.service.in | 24 + src/vz/Makefile.inc.am | 62 + src/vz/virtvzd.service.in | 24 + src/vz/vz_driver.c | 14 +- 68 files changed, 2832 insertions(+), 1258 deletions(-) create mode 100644 src/interface/virtinterfaced.service.in create mode 100644 src/libxl/virtxend.service.in create mode 100644 src/lxc/virtlxcd.service.in create mode 100644 src/network/virtnetworkd.service.in create mode 100644 src/node_device/virtnodedevd.service.in create mode 100644 src/nwfilter/virtnwfilterd.service.in create mode 100644 src/qemu/virtqemud.service.in rename src/remote/{libvirtd.aug => libvirtd.aug.in} (89%) rename src/remote/{libvirtd.conf => libvirtd.conf.in} (95%) create mode 100644 src/remote/virtproxyd.service.in create mode 100644 src/secret/virtsecretd.service.in create mode 100644 src/storage/virtstoraged.service.in create mode 100644 src/vbox/virtvboxd.service.in create mode 100644 src/vz/virtvzd.service.in -- 2.21.0

The augeas-gentest.pl program merges a config file into a augeas file, saving the output to a new file. It is going to be useful to further process the output file, and it would be easier if this can be done with a pipeline, so change augeas-gentest.pl to write to stdout instead of a file. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- build-aux/augeas-gentest.pl | 20 ++++++-------------- src/bhyve/Makefile.inc.am | 2 +- src/libxl/Makefile.inc.am | 2 +- src/locking/Makefile.inc.am | 6 +++--- src/logging/Makefile.inc.am | 2 +- src/lxc/Makefile.inc.am | 2 +- src/qemu/Makefile.inc.am | 2 +- src/remote/Makefile.inc.am | 2 +- 8 files changed, 15 insertions(+), 23 deletions(-) diff --git a/build-aux/augeas-gentest.pl b/build-aux/augeas-gentest.pl index 567fc651f3..faf2fd593e 100755 --- a/build-aux/augeas-gentest.pl +++ b/build-aux/augeas-gentest.pl @@ -20,17 +20,10 @@ use strict; use warnings; -die "syntax: $0 CONFIG TEMPLATE AUGTEST\n" unless @ARGV == 3; +die "syntax: $0 CONFIG TEMPLATE\n" unless @ARGV == 2; my $config = shift @ARGV; my $template = shift @ARGV; -my $augtest = shift @ARGV; - -open AUGTEST, ">", $augtest or die "cannot create $augtest: $!"; - -$SIG{__DIE__} = sub { - unlink $augtest; -}; open CONFIG, "<", $config or die "cannot read $config: $!"; open TEMPLATE, "<", $template or die "cannot read $template: $!"; @@ -39,12 +32,12 @@ my $group = 0; while (<TEMPLATE>) { if (/::CONFIG::/) { my $group = 0; - print AUGTEST " let conf = \""; + print " let conf = \""; while (<CONFIG>) { if (/^#\w/) { s/^#//; s/\"/\\\"/g; - print AUGTEST $_; + print $_; $group = /\[\s$/; } elsif ($group) { s/\"/\\\"/g; @@ -53,16 +46,15 @@ while (<TEMPLATE>) { } if (/^#/) { s/^#//; - print AUGTEST $_; + print $_; } } } - print AUGTEST "\"\n"; + print "\"\n"; } else { - print AUGTEST $_; + print $_; } } close TEMPLATE; close CONFIG; -close AUGTEST or die "cannot save $augtest: $!"; diff --git a/src/bhyve/Makefile.inc.am b/src/bhyve/Makefile.inc.am index 36af5d7504..6e8e6ad5d8 100644 --- a/src/bhyve/Makefile.inc.am +++ b/src/bhyve/Makefile.inc.am @@ -55,7 +55,7 @@ AUGEAS_DIRS += bhyve test_libvirtd_bhyve.aug: bhyve/test_libvirtd_bhyve.aug.in \ $(srcdir)/bhyve/bhyve.conf $(AUG_GENTEST) - $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/bhyve/bhyve.conf $< $@ + $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/bhyve/bhyve.conf $< > $@ check-augeas-bhyve: test_libvirtd_bhyve.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ diff --git a/src/libxl/Makefile.inc.am b/src/libxl/Makefile.inc.am index 7f60b449d8..abc65ede2c 100644 --- a/src/libxl/Makefile.inc.am +++ b/src/libxl/Makefile.inc.am @@ -74,7 +74,7 @@ AUGEAS_DIRS += libxl test_libvirtd_libxl.aug: libxl/test_libvirtd_libxl.aug.in \ $(srcdir)/libxl/libxl.conf $(AUG_GENTEST) - $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/libxl/libxl.conf $< $@ + $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/libxl/libxl.conf $< > $@ check-augeas-libxl: test_libvirtd_libxl.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ diff --git a/src/locking/Makefile.inc.am b/src/locking/Makefile.inc.am index 46ab11c2a9..c44f74a529 100644 --- a/src/locking/Makefile.inc.am +++ b/src/locking/Makefile.inc.am @@ -228,7 +228,7 @@ if WITH_SANLOCK if WITH_QEMU test_libvirt_sanlock.aug: locking/test_libvirt_sanlock.aug.in \ locking/qemu-sanlock.conf $(AUG_GENTEST) - $(AM_V_GEN)$(AUG_GENTEST) locking/qemu-sanlock.conf $< $@ + $(AM_V_GEN)$(AUG_GENTEST) locking/qemu-sanlock.conf $< > $@ check-augeas-sanlock: test_libvirt_sanlock.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ @@ -244,14 +244,14 @@ endif ! WITH_SANLOCK if WITH_QEMU test_libvirt_lockd.aug: locking/test_libvirt_lockd.aug.in \ locking/qemu-lockd.conf $(AUG_GENTEST) - $(AM_V_GEN)$(AUG_GENTEST) locking/qemu-lockd.conf $< $@ + $(AM_V_GEN)$(AUG_GENTEST) locking/qemu-lockd.conf $< > $@ else ! WITH_QEMU test_libvirt_lockd.aug: endif ! WITH_QEMU test_virtlockd.aug: locking/test_virtlockd.aug.in \ locking/virtlockd.conf $(AUG_GENTEST) - $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/locking/virtlockd.conf $< $@ + $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/locking/virtlockd.conf $< > $@ if WITH_QEMU check-augeas-lockd: test_libvirt_lockd.aug diff --git a/src/logging/Makefile.inc.am b/src/logging/Makefile.inc.am index d57394cbde..8527890eb0 100644 --- a/src/logging/Makefile.inc.am +++ b/src/logging/Makefile.inc.am @@ -101,7 +101,7 @@ augeastest_DATA += test_virtlogd.aug test_virtlogd.aug: logging/test_virtlogd.aug.in \ logging/virtlogd.conf $(AUG_GENTEST) - $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/logging/virtlogd.conf $< $@ + $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/logging/virtlogd.conf $< > $@ AUGEAS_DIRS += logging diff --git a/src/lxc/Makefile.inc.am b/src/lxc/Makefile.inc.am index f27827c1e9..1c0b715a2f 100644 --- a/src/lxc/Makefile.inc.am +++ b/src/lxc/Makefile.inc.am @@ -163,7 +163,7 @@ AUGEAS_DIRS += lxc test_libvirtd_lxc.aug: lxc/test_libvirtd_lxc.aug.in \ $(srcdir)/lxc/lxc.conf $(AUG_GENTEST) - $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/lxc/lxc.conf $< $@ + $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/lxc/lxc.conf $< > $@ check-augeas-lxc: test_libvirtd_lxc.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ diff --git a/src/qemu/Makefile.inc.am b/src/qemu/Makefile.inc.am index 254ba07dc0..e8c7d4b5b1 100644 --- a/src/qemu/Makefile.inc.am +++ b/src/qemu/Makefile.inc.am @@ -122,7 +122,7 @@ AUGEAS_DIRS += qemu test_libvirtd_qemu.aug: qemu/test_libvirtd_qemu.aug.in \ $(srcdir)/qemu/qemu.conf $(AUG_GENTEST) - $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/qemu/qemu.conf $< $@ + $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/qemu/qemu.conf $< > $@ check-augeas-qemu: test_libvirtd_qemu.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index 0cf00cb902..4f706f9743 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -190,7 +190,7 @@ AUGEAS_DIRS += remote test_libvirtd.aug: remote/test_libvirtd.aug.in \ remote/libvirtd.conf $(AUG_GENTEST) - $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/remote/libvirtd.conf $< $@ + $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/remote/libvirtd.conf $< > $@ check-augeas-remote: test_libvirtd.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ -- 2.21.0

On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote:
The augeas-gentest.pl program merges a config file into a augeas file, saving the output to a new file. It is going to be useful to further process the output file, and it would be easier if this can be done with a pipeline, so change augeas-gentest.pl to write to stdout instead of a file.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- build-aux/augeas-gentest.pl | 20 ++++++-------------- src/bhyve/Makefile.inc.am | 2 +- src/libxl/Makefile.inc.am | 2 +- src/locking/Makefile.inc.am | 6 +++--- src/logging/Makefile.inc.am | 2 +- src/lxc/Makefile.inc.am | 2 +- src/qemu/Makefile.inc.am | 2 +- src/remote/Makefile.inc.am | 2 +- 8 files changed, 15 insertions(+), 23 deletions(-)
Reviewed-by: Andrea Bolognani <abologna@redhat.com> -- Andrea Bolognani / Red Hat / Virtualization

The current make rules are inconsistent about which directory the augeas test files are created in. Put them all in the same dir as their source. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- .gitignore | 8 +++++--- src/bhyve/Makefile.inc.am | 9 +++++---- src/libxl/Makefile.inc.am | 10 +++++----- src/locking/Makefile.inc.am | 34 ++++++++++++++++------------------ src/logging/Makefile.inc.am | 11 ++++++----- src/lxc/Makefile.inc.am | 10 +++++----- src/qemu/Makefile.inc.am | 10 +++++----- src/remote/Makefile.inc.am | 10 +++++----- 8 files changed, 52 insertions(+), 50 deletions(-) diff --git a/.gitignore b/.gitignore index 727bfdb6ec..d75b24c743 100644 --- a/.gitignore +++ b/.gitignore @@ -135,6 +135,7 @@ /src/libvirt_lxc /src/libvirtd /src/libvirtd*.logrotate +/src/libxl/test_libvirtd_libxl.aug /src/locking/libxl-lockd.conf /src/locking/libxl-sanlock.conf /src/locking/lock_daemon_dispatch_stubs.h @@ -142,8 +143,11 @@ /src/locking/qemu-lockd.conf /src/locking/qemu-sanlock.conf /src/locking/test_libvirt_sanlock.aug +/src/locking/test_libvirt_lockd.aug +/src/locking/test_virtlockd.aug /src/logging/log_daemon_dispatch_stubs.h /src/logging/log_protocol.[ch] +/src/logging/test_virtlogd.aug /src/lxc/lxc_controller_dispatch.h /src/lxc/lxc_monitor_dispatch.h /src/lxc/lxc_monitor_protocol.c @@ -154,11 +158,9 @@ /src/remote/*_client_bodies.h /src/remote/*_protocol.[ch] /src/remote/*_stubs.h +/src/remote/test_libvirtd.aug /src/rpc/virkeepaliveprotocol.[ch] /src/rpc/virnetprotocol.[ch] -/src/test_libvirt*.aug -/src/test_virtlockd.aug -/src/test_virtlogd.aug /src/util/virkeycodetable*.h /src/util/virkeynametable*.h /src/virt-aa-helper diff --git a/src/bhyve/Makefile.inc.am b/src/bhyve/Makefile.inc.am index 6e8e6ad5d8..d9cc64a827 100644 --- a/src/bhyve/Makefile.inc.am +++ b/src/bhyve/Makefile.inc.am @@ -49,17 +49,18 @@ libvirt_driver_bhyve_impl_la_SOURCES = $(BHYVE_DRIVER_SOURCES) conf_DATA += bhyve/bhyve.conf augeas_DATA += bhyve/libvirtd_bhyve.aug -augeastest_DATA += test_libvirtd_bhyve.aug +augeastest_DATA += bhyve/test_libvirtd_bhyve.aug +CLEANFILES += bhyve/test_libvirtd_bhyve.aug AUGEAS_DIRS += bhyve -test_libvirtd_bhyve.aug: bhyve/test_libvirtd_bhyve.aug.in \ +bhyve/test_libvirtd_bhyve.aug: bhyve/test_libvirtd_bhyve.aug.in \ $(srcdir)/bhyve/bhyve.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/bhyve/bhyve.conf $< > $@ -check-augeas-bhyve: test_libvirtd_bhyve.aug +check-augeas-bhyve: bhyve/test_libvirtd_bhyve.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/bhyve test_libvirtd_bhyve.aug; \ + '$(AUGPARSE)' -I $(srcdir)/bhyve bhyve/test_libvirtd_bhyve.aug; \ fi endif WITH_BHYVE diff --git a/src/libxl/Makefile.inc.am b/src/libxl/Makefile.inc.am index abc65ede2c..1abdeff390 100644 --- a/src/libxl/Makefile.inc.am +++ b/src/libxl/Makefile.inc.am @@ -67,18 +67,18 @@ libvirt_driver_libxl_impl_la_SOURCES = $(LIBXL_DRIVER_SOURCES) conf_DATA += libxl/libxl.conf augeas_DATA += libxl/libvirtd_libxl.aug -augeastest_DATA += test_libvirtd_libxl.aug -CLEANFILES += test_libvirtd_libxl.aug +augeastest_DATA += libxl/test_libvirtd_libxl.aug +CLEANFILES += libxl/test_libvirtd_libxl.aug AUGEAS_DIRS += libxl -test_libvirtd_libxl.aug: libxl/test_libvirtd_libxl.aug.in \ +libxl/test_libvirtd_libxl.aug: libxl/test_libvirtd_libxl.aug.in \ $(srcdir)/libxl/libxl.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/libxl/libxl.conf $< > $@ -check-augeas-libxl: test_libvirtd_libxl.aug +check-augeas-libxl: libxl/test_libvirtd_libxl.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/libxl test_libvirtd_libxl.aug; \ + '$(AUGPARSE)' -I $(srcdir)/libxl libxl/test_libvirtd_libxl.aug; \ fi INSTALL_DATA_DIRS += libxl diff --git a/src/locking/Makefile.inc.am b/src/locking/Makefile.inc.am index c44f74a529..8041ae89b8 100644 --- a/src/locking/Makefile.inc.am +++ b/src/locking/Makefile.inc.am @@ -114,8 +114,8 @@ lockd_la_CFLAGS += \ endif WITH_SASL if WITH_QEMU -augeastest_DATA += test_libvirt_lockd.aug -CLEANFILES += test_libvirt_lockd.aug +augeastest_DATA += locking/test_libvirt_lockd.aug +CLEANFILES += locking/test_libvirt_lockd.aug nodist_conf_DATA += locking/qemu-lockd.conf BUILT_SOURCES += locking/qemu-lockd.conf DISTCLEANFILES += locking/qemu-lockd.conf @@ -170,8 +170,8 @@ sanlock_la_LIBADD = -lsanlock_client libvirt.la ../gnulib/lib/libgnu.la augeas_DATA += locking/libvirt_sanlock.aug if WITH_QEMU -augeastest_DATA += test_libvirt_sanlock.aug -CLEANFILES += test_libvirt_sanlock.aug +augeastest_DATA += locking/test_libvirt_sanlock.aug +CLEANFILES += locking/test_libvirt_sanlock.aug nodist_conf_DATA += locking/qemu-sanlock.conf BUILT_SOURCES += locking/qemu-sanlock.conf DISTCLEANFILES += locking/qemu-sanlock.conf @@ -203,8 +203,8 @@ man8_MANS += virtlockd.8 conf_DATA += locking/virtlockd.conf augeas_DATA += locking/virtlockd.aug -augeastest_DATA += test_virtlockd.aug - +augeastest_DATA += locking/test_virtlockd.aug +CLEANFILES += locking/test_virtlockd.aug INSTALL_DATA_DIRS += locking @@ -226,13 +226,13 @@ endif WITH_SANLOCK if WITH_SANLOCK if WITH_QEMU -test_libvirt_sanlock.aug: locking/test_libvirt_sanlock.aug.in \ +locking/test_libvirt_sanlock.aug: locking/test_libvirt_sanlock.aug.in \ locking/qemu-sanlock.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) locking/qemu-sanlock.conf $< > $@ -check-augeas-sanlock: test_libvirt_sanlock.aug +check-augeas-sanlock: locking/test_libvirt_sanlock.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/locking test_libvirt_sanlock.aug; \ + '$(AUGPARSE)' -I $(srcdir)/locking locking/test_libvirt_sanlock.aug; \ fi else ! WITH_QEMU check-augeas-sanlock: @@ -242,29 +242,27 @@ check-augeas-sanlock: endif ! WITH_SANLOCK if WITH_QEMU -test_libvirt_lockd.aug: locking/test_libvirt_lockd.aug.in \ +locking/test_libvirt_lockd.aug: locking/test_libvirt_lockd.aug.in \ locking/qemu-lockd.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) locking/qemu-lockd.conf $< > $@ -else ! WITH_QEMU -test_libvirt_lockd.aug: -endif ! WITH_QEMU +endif WITH_QEMU -test_virtlockd.aug: locking/test_virtlockd.aug.in \ +locking/test_virtlockd.aug: locking/test_virtlockd.aug.in \ locking/virtlockd.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/locking/virtlockd.conf $< > $@ if WITH_QEMU -check-augeas-lockd: test_libvirt_lockd.aug +check-augeas-lockd: locking/test_libvirt_lockd.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/locking test_libvirt_lockd.aug; \ + '$(AUGPARSE)' -I $(srcdir)/locking locking/test_libvirt_lockd.aug; \ fi else ! WITH_QEMU check-augeas-lockd: endif ! WITH_QEMU -check-augeas-virtlockd: test_virtlockd.aug +check-augeas-virtlockd: locking/test_virtlockd.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/locking test_virtlockd.aug; \ + '$(AUGPARSE)' -I $(srcdir)/locking locking/test_virtlockd.aug; \ fi AUGEAS_DIRS += locking diff --git a/src/logging/Makefile.inc.am b/src/logging/Makefile.inc.am index 8527890eb0..7e8391b3cc 100644 --- a/src/logging/Makefile.inc.am +++ b/src/logging/Makefile.inc.am @@ -46,7 +46,7 @@ MAINTAINERCLEANFILES += \ $(LOG_DAEMON_GENERATED) \ $(NULL) -CLEANFILES += test_virtlogd.aug +CLEANFILES += logging/test_virtlogd.aug PODFILES += logging/virtlogd.pod MANINFILES += virtlogd.8.in @@ -97,17 +97,18 @@ endif WITH_SASL conf_DATA += logging/virtlogd.conf augeas_DATA += logging/virtlogd.aug -augeastest_DATA += test_virtlogd.aug +augeastest_DATA += logging/test_virtlogd.aug +CLEANFILES += logging/test_virtlogd.aug -test_virtlogd.aug: logging/test_virtlogd.aug.in \ +logging/test_virtlogd.aug: logging/test_virtlogd.aug.in \ logging/virtlogd.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/logging/virtlogd.conf $< > $@ AUGEAS_DIRS += logging -check-augeas-logging: test_virtlogd.aug +check-augeas-logging: logging/test_virtlogd.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/logging test_virtlogd.aug; \ + '$(AUGPARSE)' -I $(srcdir)/logging logging/test_virtlogd.aug; \ fi endif WITH_LIBVIRTD diff --git a/src/lxc/Makefile.inc.am b/src/lxc/Makefile.inc.am index 1c0b715a2f..b7f539b878 100644 --- a/src/lxc/Makefile.inc.am +++ b/src/lxc/Makefile.inc.am @@ -156,18 +156,18 @@ endif conf_DATA += lxc/lxc.conf augeas_DATA += lxc/libvirtd_lxc.aug -augeastest_DATA += test_libvirtd_lxc.aug -CLEANFILES += test_libvirtd_lxc.aug +augeastest_DATA += lxc/test_libvirtd_lxc.aug +CLEANFILES += lxc/test_libvirtd_lxc.aug AUGEAS_DIRS += lxc -test_libvirtd_lxc.aug: lxc/test_libvirtd_lxc.aug.in \ +lxc/test_libvirtd_lxc.aug: lxc/test_libvirtd_lxc.aug.in \ $(srcdir)/lxc/lxc.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/lxc/lxc.conf $< > $@ -check-augeas-lxc: test_libvirtd_lxc.aug +check-augeas-lxc: lxc/test_libvirtd_lxc.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/lxc test_libvirtd_lxc.aug; \ + '$(AUGPARSE)' -I $(srcdir)/lxc lxc/test_libvirtd_lxc.aug; \ fi INSTALL_DATA_DIRS += lxc diff --git a/src/qemu/Makefile.inc.am b/src/qemu/Makefile.inc.am index e8c7d4b5b1..464bbfe735 100644 --- a/src/qemu/Makefile.inc.am +++ b/src/qemu/Makefile.inc.am @@ -115,18 +115,18 @@ endif WITH_DTRACE_PROBES conf_DATA += qemu/qemu.conf augeas_DATA += qemu/libvirtd_qemu.aug -augeastest_DATA += test_libvirtd_qemu.aug -CLEANFILES += test_libvirtd_qemu.aug +augeastest_DATA += qemu/test_libvirtd_qemu.aug +CLEANFILES += qemu/test_libvirtd_qemu.aug AUGEAS_DIRS += qemu -test_libvirtd_qemu.aug: qemu/test_libvirtd_qemu.aug.in \ +qemu/test_libvirtd_qemu.aug: qemu/test_libvirtd_qemu.aug.in \ $(srcdir)/qemu/qemu.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/qemu/qemu.conf $< > $@ -check-augeas-qemu: test_libvirtd_qemu.aug +check-augeas-qemu: qemu/test_libvirtd_qemu.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/qemu test_libvirtd_qemu.aug; \ + '$(AUGPARSE)' -I $(srcdir)/qemu qemu/test_libvirtd_qemu.aug; \ fi INSTALL_DATA_DIRS += qemu diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index 4f706f9743..4a1d89ee17 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -126,11 +126,11 @@ sbin_PROGRAMS += libvirtd augeas_DATA += remote/libvirtd.aug -augeastest_DATA += test_libvirtd.aug +augeastest_DATA += remote/test_libvirtd.aug conf_DATA += remote/libvirtd.conf -CLEANFILES += test_libvirtd.aug +CLEANFILES += remote/test_libvirtd.aug man8_MANS += libvirtd.8 @@ -188,13 +188,13 @@ uninstall-data-remote: AUGEAS_DIRS += remote -test_libvirtd.aug: remote/test_libvirtd.aug.in \ +remote/test_libvirtd.aug: remote/test_libvirtd.aug.in \ remote/libvirtd.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/remote/libvirtd.conf $< > $@ -check-augeas-remote: test_libvirtd.aug +check-augeas-remote: remote/test_libvirtd.aug $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/remote test_libvirtd.aug; \ + '$(AUGPARSE)' -I $(srcdir)/remote remote/test_libvirtd.aug; \ fi if WITH_SYSCTL -- 2.21.0

On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote:
+++ b/src/bhyve/Makefile.inc.am @@ -49,17 +49,18 @@ libvirt_driver_bhyve_impl_la_SOURCES = $(BHYVE_DRIVER_SOURCES)
conf_DATA += bhyve/bhyve.conf augeas_DATA += bhyve/libvirtd_bhyve.aug -augeastest_DATA += test_libvirtd_bhyve.aug +augeastest_DATA += bhyve/test_libvirtd_bhyve.aug +CLEANFILES += bhyve/test_libvirtd_bhyve.aug
Since you're going to remove all CLEANFILES with the next patch, it's pointless to add them here: just switch the two patches around. Everything else looks fine, so once you've done that Reviewed-by: Andrea Bolognani <abologna@redhat.com> -- Andrea Bolognani / Red Hat / Virtualization

We already have a variable that lists all augeas test files, so we can add everything to CLEANFILES at once. --- src/Makefile.am | 1 + src/bhyve/Makefile.inc.am | 1 - src/libxl/Makefile.inc.am | 1 - src/locking/Makefile.inc.am | 5 +---- src/logging/Makefile.inc.am | 3 --- src/lxc/Makefile.inc.am | 1 - src/qemu/Makefile.inc.am | 1 - src/remote/Makefile.inc.am | 2 -- 8 files changed, 2 insertions(+), 13 deletions(-) diff --git a/src/Makefile.am b/src/Makefile.am index 0b562dc250..58f0c792ed 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -149,6 +149,7 @@ augeasdir = $(datadir)/augeas/lenses augeastestdir = $(datadir)/augeas/lenses/tests +CLEANFILES += $(augeastest_DATA) # Internal generic driver infrastructure DATATYPES_SOURCES = datatypes.h datatypes.c diff --git a/src/bhyve/Makefile.inc.am b/src/bhyve/Makefile.inc.am index d9cc64a827..0aef5e17c7 100644 --- a/src/bhyve/Makefile.inc.am +++ b/src/bhyve/Makefile.inc.am @@ -50,7 +50,6 @@ libvirt_driver_bhyve_impl_la_SOURCES = $(BHYVE_DRIVER_SOURCES) conf_DATA += bhyve/bhyve.conf augeas_DATA += bhyve/libvirtd_bhyve.aug augeastest_DATA += bhyve/test_libvirtd_bhyve.aug -CLEANFILES += bhyve/test_libvirtd_bhyve.aug AUGEAS_DIRS += bhyve diff --git a/src/libxl/Makefile.inc.am b/src/libxl/Makefile.inc.am index 1abdeff390..e73f34db8e 100644 --- a/src/libxl/Makefile.inc.am +++ b/src/libxl/Makefile.inc.am @@ -68,7 +68,6 @@ libvirt_driver_libxl_impl_la_SOURCES = $(LIBXL_DRIVER_SOURCES) conf_DATA += libxl/libxl.conf augeas_DATA += libxl/libvirtd_libxl.aug augeastest_DATA += libxl/test_libvirtd_libxl.aug -CLEANFILES += libxl/test_libvirtd_libxl.aug AUGEAS_DIRS += libxl diff --git a/src/locking/Makefile.inc.am b/src/locking/Makefile.inc.am index 8041ae89b8..0f284faf25 100644 --- a/src/locking/Makefile.inc.am +++ b/src/locking/Makefile.inc.am @@ -74,7 +74,7 @@ SYSCONF_FILES += locking/virtlockd.sysconf PODFILES += locking/virtlockd.pod MANINFILES += virtlockd.8.in -CLEANFILES += test_virtlockd.aug $(man8_MANS) +CLEANFILES += $(man8_MANS) MAINTAINERCLEANFILES += $(MANINFILES) SYSTEMD_UNIT_FILES_IN += \ @@ -115,7 +115,6 @@ endif WITH_SASL if WITH_QEMU augeastest_DATA += locking/test_libvirt_lockd.aug -CLEANFILES += locking/test_libvirt_lockd.aug nodist_conf_DATA += locking/qemu-lockd.conf BUILT_SOURCES += locking/qemu-lockd.conf DISTCLEANFILES += locking/qemu-lockd.conf @@ -171,7 +170,6 @@ augeas_DATA += locking/libvirt_sanlock.aug if WITH_QEMU augeastest_DATA += locking/test_libvirt_sanlock.aug -CLEANFILES += locking/test_libvirt_sanlock.aug nodist_conf_DATA += locking/qemu-sanlock.conf BUILT_SOURCES += locking/qemu-sanlock.conf DISTCLEANFILES += locking/qemu-sanlock.conf @@ -204,7 +202,6 @@ conf_DATA += locking/virtlockd.conf augeas_DATA += locking/virtlockd.aug augeastest_DATA += locking/test_virtlockd.aug -CLEANFILES += locking/test_virtlockd.aug INSTALL_DATA_DIRS += locking diff --git a/src/logging/Makefile.inc.am b/src/logging/Makefile.inc.am index 7e8391b3cc..58a139ec2f 100644 --- a/src/logging/Makefile.inc.am +++ b/src/logging/Makefile.inc.am @@ -46,8 +46,6 @@ MAINTAINERCLEANFILES += \ $(LOG_DAEMON_GENERATED) \ $(NULL) -CLEANFILES += logging/test_virtlogd.aug - PODFILES += logging/virtlogd.pod MANINFILES += virtlogd.8.in SYSCONF_FILES += logging/virtlogd.sysconf @@ -98,7 +96,6 @@ conf_DATA += logging/virtlogd.conf augeas_DATA += logging/virtlogd.aug augeastest_DATA += logging/test_virtlogd.aug -CLEANFILES += logging/test_virtlogd.aug logging/test_virtlogd.aug: logging/test_virtlogd.aug.in \ logging/virtlogd.conf $(AUG_GENTEST) diff --git a/src/lxc/Makefile.inc.am b/src/lxc/Makefile.inc.am index b7f539b878..f011d90e95 100644 --- a/src/lxc/Makefile.inc.am +++ b/src/lxc/Makefile.inc.am @@ -157,7 +157,6 @@ conf_DATA += lxc/lxc.conf augeas_DATA += lxc/libvirtd_lxc.aug augeastest_DATA += lxc/test_libvirtd_lxc.aug -CLEANFILES += lxc/test_libvirtd_lxc.aug AUGEAS_DIRS += lxc diff --git a/src/qemu/Makefile.inc.am b/src/qemu/Makefile.inc.am index 464bbfe735..750b8a5c85 100644 --- a/src/qemu/Makefile.inc.am +++ b/src/qemu/Makefile.inc.am @@ -116,7 +116,6 @@ conf_DATA += qemu/qemu.conf augeas_DATA += qemu/libvirtd_qemu.aug augeastest_DATA += qemu/test_libvirtd_qemu.aug -CLEANFILES += qemu/test_libvirtd_qemu.aug AUGEAS_DIRS += qemu diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index 4a1d89ee17..18519b129d 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -130,8 +130,6 @@ augeastest_DATA += remote/test_libvirtd.aug conf_DATA += remote/libvirtd.conf -CLEANFILES += remote/test_libvirtd.aug - man8_MANS += libvirtd.8 libvirtd_SOURCES = $(LIBVIRTD_SOURCES) -- 2.21.0

On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote:
+++ b/src/locking/Makefile.inc.am @@ -74,7 +74,7 @@ SYSCONF_FILES += locking/virtlockd.sysconf PODFILES += locking/virtlockd.pod MANINFILES += virtlockd.8.in
-CLEANFILES += test_virtlockd.aug $(man8_MANS) +CLEANFILES += $(man8_MANS)
You forgot to update this in the previous patch, but once you've inverted them it won't matter :) With 2/41 and 3/41 switched, Reviewed-by: Andrea Bolognani <abologna@redhat.com> -- Andrea Bolognani / Red Hat / Virtualization

Instead of each subdir containing its own custom rule for checking the augeas tests, use common rule for all. The new rule searches both src + build dirs for include files, since some augeas files will be auto-generated very shortly. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/Makefile.am | 14 +++++++++----- src/bhyve/Makefile.inc.am | 11 ----------- src/libxl/Makefile.inc.am | 11 ----------- src/locking/Makefile.inc.am | 34 ++-------------------------------- src/logging/Makefile.inc.am | 9 --------- src/lxc/Makefile.inc.am | 8 -------- src/qemu/Makefile.inc.am | 8 -------- src/remote/Makefile.inc.am | 8 -------- 8 files changed, 11 insertions(+), 92 deletions(-) diff --git a/src/Makefile.am b/src/Makefile.am index 58f0c792ed..cf6f920576 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -74,7 +74,6 @@ GENERATED_SYM_FILES = augeas_DATA = augeastest_DATA = conf_DATA = -AUGEAS_DIRS = if WITH_DTRACE_PROBES tapset_DATA = endif WITH_DTRACE_PROBES @@ -396,13 +395,18 @@ GENERATED_SYM_FILES += \ - - - +AUG_TEST_NAMES = $(subst /,-, $(augeastest_DATA)) check-local: check-augeas -check-augeas: $(AUGEAS_DIRS:%=check-augeas-%) +check-augeas: $(AUG_TEST_NAMES:%=check-augeas-%) + +check-augeas-%: $(augeas_DATA) $(augeastest_DATA) + $(AM_V_GEN)export FILE=`echo $* | sed -e 's/.*-//'`; \ + export DIR=`echo $* | sed -e 's/-.*//'`; \ + if test -x '$(AUGPARSE)'; then \ + '$(AUGPARSE)' -I $(srcdir)/$$DIR -I $(builddir)/$$DIR $$DIR/$$FILE; \ + fi AUG_GENTEST = $(PERL) $(top_srcdir)/build-aux/augeas-gentest.pl diff --git a/src/bhyve/Makefile.inc.am b/src/bhyve/Makefile.inc.am index 0aef5e17c7..8b662e9775 100644 --- a/src/bhyve/Makefile.inc.am +++ b/src/bhyve/Makefile.inc.am @@ -51,17 +51,10 @@ conf_DATA += bhyve/bhyve.conf augeas_DATA += bhyve/libvirtd_bhyve.aug augeastest_DATA += bhyve/test_libvirtd_bhyve.aug -AUGEAS_DIRS += bhyve - bhyve/test_libvirtd_bhyve.aug: bhyve/test_libvirtd_bhyve.aug.in \ $(srcdir)/bhyve/bhyve.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/bhyve/bhyve.conf $< > $@ -check-augeas-bhyve: bhyve/test_libvirtd_bhyve.aug - $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/bhyve bhyve/test_libvirtd_bhyve.aug; \ - fi - endif WITH_BHYVE EXTRA_DIST += \ @@ -69,7 +62,3 @@ EXTRA_DIST += \ bhyve/libvirtd_bhyve.aug \ bhyve/test_libvirtd_bhyve.aug.in \ $(NULL) - -.PHONY: \ - check-augeas-bhyve \ - $(NULL) diff --git a/src/libxl/Makefile.inc.am b/src/libxl/Makefile.inc.am index e73f34db8e..467c2720b2 100644 --- a/src/libxl/Makefile.inc.am +++ b/src/libxl/Makefile.inc.am @@ -69,17 +69,10 @@ conf_DATA += libxl/libxl.conf augeas_DATA += libxl/libvirtd_libxl.aug augeastest_DATA += libxl/test_libvirtd_libxl.aug -AUGEAS_DIRS += libxl - libxl/test_libvirtd_libxl.aug: libxl/test_libvirtd_libxl.aug.in \ $(srcdir)/libxl/libxl.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/libxl/libxl.conf $< > $@ -check-augeas-libxl: libxl/test_libvirtd_libxl.aug - $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/libxl libxl/test_libvirtd_libxl.aug; \ - fi - INSTALL_DATA_DIRS += libxl install-data-libxl: @@ -94,10 +87,6 @@ uninstall-data-libxl: endif WITH_LIBXL -.PHONY: \ - check-augeas-libxl \ - $(NULL) - EXTRA_DIST += \ libxl/libxl.conf \ libxl/libvirtd_libxl.aug \ diff --git a/src/locking/Makefile.inc.am b/src/locking/Makefile.inc.am index 0f284faf25..24d83fdd80 100644 --- a/src/locking/Makefile.inc.am +++ b/src/locking/Makefile.inc.am @@ -227,16 +227,8 @@ locking/test_libvirt_sanlock.aug: locking/test_libvirt_sanlock.aug.in \ locking/qemu-sanlock.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) locking/qemu-sanlock.conf $< > $@ -check-augeas-sanlock: locking/test_libvirt_sanlock.aug - $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/locking locking/test_libvirt_sanlock.aug; \ - fi -else ! WITH_QEMU -check-augeas-sanlock: -endif ! WITH_QEMU -else ! WITH_SANLOCK -check-augeas-sanlock: -endif ! WITH_SANLOCK +endif WITH_QEMU +endif WITH_SANLOCK if WITH_QEMU locking/test_libvirt_lockd.aug: locking/test_libvirt_lockd.aug.in \ @@ -248,33 +240,11 @@ locking/test_virtlockd.aug: locking/test_virtlockd.aug.in \ locking/virtlockd.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/locking/virtlockd.conf $< > $@ -if WITH_QEMU -check-augeas-lockd: locking/test_libvirt_lockd.aug - $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/locking locking/test_libvirt_lockd.aug; \ - fi -else ! WITH_QEMU -check-augeas-lockd: -endif ! WITH_QEMU - -check-augeas-virtlockd: locking/test_virtlockd.aug - $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/locking locking/test_virtlockd.aug; \ - fi - -AUGEAS_DIRS += locking - -check-augeas-locking: check-augeas-virtlockd check-augeas-lockd check-augeas-sanlock - endif WITH_LIBVIRTD .PHONY: \ install-data-locking \ uninstall-data-locking \ - check-augeas-locking \ - check-augeas-virtlockd \ - check-augeas-lockd \ - check-augeas-sanlock \ $(NULL) locking/%-lockd.conf: $(srcdir)/locking/lockd.conf diff --git a/src/logging/Makefile.inc.am b/src/logging/Makefile.inc.am index 58a139ec2f..f0c49330f5 100644 --- a/src/logging/Makefile.inc.am +++ b/src/logging/Makefile.inc.am @@ -101,17 +101,8 @@ logging/test_virtlogd.aug: logging/test_virtlogd.aug.in \ logging/virtlogd.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/logging/virtlogd.conf $< > $@ -AUGEAS_DIRS += logging - -check-augeas-logging: logging/test_virtlogd.aug - $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/logging logging/test_virtlogd.aug; \ - fi - endif WITH_LIBVIRTD -.PHONY: check-augeas-logging - logging/log_daemon_dispatch_stubs.h: $(LOG_PROTOCOL) \ $(srcdir)/rpc/gendispatch.pl Makefile.am $(AM_V_GEN)perl -w $(srcdir)/rpc/gendispatch.pl --mode=server \ diff --git a/src/lxc/Makefile.inc.am b/src/lxc/Makefile.inc.am index f011d90e95..0c241fc5c1 100644 --- a/src/lxc/Makefile.inc.am +++ b/src/lxc/Makefile.inc.am @@ -158,17 +158,10 @@ conf_DATA += lxc/lxc.conf augeas_DATA += lxc/libvirtd_lxc.aug augeastest_DATA += lxc/test_libvirtd_lxc.aug -AUGEAS_DIRS += lxc - lxc/test_libvirtd_lxc.aug: lxc/test_libvirtd_lxc.aug.in \ $(srcdir)/lxc/lxc.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/lxc/lxc.conf $< > $@ -check-augeas-lxc: lxc/test_libvirtd_lxc.aug - $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/lxc lxc/test_libvirtd_lxc.aug; \ - fi - INSTALL_DATA_DIRS += lxc install-data-lxc: @@ -196,7 +189,6 @@ lxc/lxc_controller_dispatch.h: $(srcdir)/rpc/gendispatch.pl \ $(srcdir)/lxc/lxc_controller_dispatch.h .PHONY: \ - check-agueas-lxc \ install-data-lxc \ uninstall-data-lxc \ $(NULL) diff --git a/src/qemu/Makefile.inc.am b/src/qemu/Makefile.inc.am index 750b8a5c85..12236a9e7b 100644 --- a/src/qemu/Makefile.inc.am +++ b/src/qemu/Makefile.inc.am @@ -117,17 +117,10 @@ conf_DATA += qemu/qemu.conf augeas_DATA += qemu/libvirtd_qemu.aug augeastest_DATA += qemu/test_libvirtd_qemu.aug -AUGEAS_DIRS += qemu - qemu/test_libvirtd_qemu.aug: qemu/test_libvirtd_qemu.aug.in \ $(srcdir)/qemu/qemu.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/qemu/qemu.conf $< > $@ -check-augeas-qemu: qemu/test_libvirtd_qemu.aug - $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/qemu qemu/test_libvirtd_qemu.aug; \ - fi - INSTALL_DATA_DIRS += qemu install-data-qemu: @@ -151,7 +144,6 @@ uninstall-data-qemu: endif WITH_QEMU .PHONY: \ - check-augeas-qemu \ install-data-qemu \ uninstall-data-qemu \ $(NULL) diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index 18519b129d..0400dabad9 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -184,17 +184,10 @@ install-data-remote: uninstall-data-remote: rmdir "$(DESTDIR)$(localstatedir)/log/libvirt" ||: -AUGEAS_DIRS += remote - remote/test_libvirtd.aug: remote/test_libvirtd.aug.in \ remote/libvirtd.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/remote/libvirtd.conf $< > $@ -check-augeas-remote: remote/test_libvirtd.aug - $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \ - '$(AUGPARSE)' -I $(srcdir)/remote remote/test_libvirtd.aug; \ - fi - if WITH_SYSCTL # Use $(prefix)/lib rather than $(libdir), since man sysctl.d insists on # /usr/lib/sysctl.d/ even when libdir is /usr/lib64 @@ -241,7 +234,6 @@ endif WITH_LIBVIRTD .PHONY: \ install-data-remote \ uninstall-data-remote \ - check-augeas-remote \ $(NULL) # This is needed for clients too, so can't wrap in -- 2.21.0

On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote: [...]
+AUG_TEST_NAMES = $(subst /,-, $(augeastest_DATA))
check-local: check-augeas
-check-augeas: $(AUGEAS_DIRS:%=check-augeas-%) +check-augeas: $(AUG_TEST_NAMES:%=check-augeas-%) + +check-augeas-%: $(augeas_DATA) $(augeastest_DATA) + $(AM_V_GEN)export FILE=`echo $* | sed -e 's/.*-//'`; \ + export DIR=`echo $* | sed -e 's/-.*//'`; \ + if test -x '$(AUGPARSE)'; then \ + '$(AUGPARSE)' -I $(srcdir)/$$DIR -I $(builddir)/$$DIR $$DIR/$$FILE; \ + fi
How about we skip the double conversion steps and just do check-augeas: $(augeas_DATA) $(augeastest_DATA) $(AM_V_GEN) \ if test -x "$(AUGPARSE)"; then \ for f in $(augeastest_DATA); do \ DIR=$$(dirname "$$f"); \ FILE=$$(basename "$$f"); \ "$(AUGPARSE)" \ -I "$(srcdir)/$$DIR" -I "$(builddir)/$$DIR" \ "$$DIR/$$FILE"; \ done; \ fi .PHONY: check-augeas instead? As an added bonus, this version avoids doing any work if augparse is not available and is correctly marked as PHONY, which the rules you're replacing also were. The rest of the changes look good. [...]
bhyve/test_libvirtd_bhyve.aug: bhyve/test_libvirtd_bhyve.aug.in \ $(srcdir)/bhyve/bhyve.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/bhyve/bhyve.conf $< > $@
Later on it would be nice to remove duplication for all these rules as well... I don't think you do it in your series. But it's perfectly fine not to do it right now, I just though I'd point it out :) -- Andrea Bolognani / Red Hat / Virtualization

On Fri, Jul 26, 2019 at 11:18:03AM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote: [...]
+AUG_TEST_NAMES = $(subst /,-, $(augeastest_DATA))
check-local: check-augeas
-check-augeas: $(AUGEAS_DIRS:%=check-augeas-%) +check-augeas: $(AUG_TEST_NAMES:%=check-augeas-%) + +check-augeas-%: $(augeas_DATA) $(augeastest_DATA) + $(AM_V_GEN)export FILE=`echo $* | sed -e 's/.*-//'`; \ + export DIR=`echo $* | sed -e 's/-.*//'`; \ + if test -x '$(AUGPARSE)'; then \ + '$(AUGPARSE)' -I $(srcdir)/$$DIR -I $(builddir)/$$DIR $$DIR/$$FILE; \ + fi
How about we skip the double conversion steps and just do
check-augeas: $(augeas_DATA) $(augeastest_DATA) $(AM_V_GEN) \ if test -x "$(AUGPARSE)"; then \ for f in $(augeastest_DATA); do \ DIR=$$(dirname "$$f"); \ FILE=$$(basename "$$f"); \ "$(AUGPARSE)" \ -I "$(srcdir)/$$DIR" -I "$(builddir)/$$DIR" \ "$$DIR/$$FILE"; \ done; \ fi .PHONY: check-augeas
instead? As an added bonus, this version avoids doing any work if augparse is not available and is correctly marked as PHONY, which the rules you're replacing also were.
This doesn't show any output for the files - I wanted to see the make output for each file being checked, as its a useful confirmation that we're actually processing the files we expect to have.
The rest of the changes look good.
[...]
bhyve/test_libvirtd_bhyve.aug: bhyve/test_libvirtd_bhyve.aug.in \ $(srcdir)/bhyve/bhyve.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/bhyve/bhyve.conf $< > $@
Later on it would be nice to remove duplication for all these rules as well... I don't think you do it in your series. But it's perfectly fine not to do it right now, I just though I'd point it out :)
-- Andrea Bolognani / Red Hat / Virtualization
Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

On Fri, 2019-07-26 at 10:23 +0100, Daniel P. Berrangé wrote:
On Fri, Jul 26, 2019 at 11:18:03AM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote: [...]
+AUG_TEST_NAMES = $(subst /,-, $(augeastest_DATA))
check-local: check-augeas
-check-augeas: $(AUGEAS_DIRS:%=check-augeas-%) +check-augeas: $(AUG_TEST_NAMES:%=check-augeas-%) + +check-augeas-%: $(augeas_DATA) $(augeastest_DATA) + $(AM_V_GEN)export FILE=`echo $* | sed -e 's/.*-//'`; \ + export DIR=`echo $* | sed -e 's/-.*//'`; \ + if test -x '$(AUGPARSE)'; then \ + '$(AUGPARSE)' -I $(srcdir)/$$DIR -I $(builddir)/$$DIR $$DIR/$$FILE; \ + fi
How about we skip the double conversion steps and just do
check-augeas: $(augeas_DATA) $(augeastest_DATA) $(AM_V_GEN) \ if test -x "$(AUGPARSE)"; then \ for f in $(augeastest_DATA); do \ DIR=$$(dirname "$$f"); \ FILE=$$(basename "$$f"); \ "$(AUGPARSE)" \ -I "$(srcdir)/$$DIR" -I "$(builddir)/$$DIR" \ "$$DIR/$$FILE"; \ done; \ fi .PHONY: check-augeas
instead? As an added bonus, this version avoids doing any work if augparse is not available and is correctly marked as PHONY, which the rules you're replacing also were.
This doesn't show any output for the files - I wanted to see the make output for each file being checked, as its a useful confirmation that we're actually processing the files we expect to have.
That's only a couple small tweaks away: check-augeas: $(augeas_DATA) $(augeastest_DATA) @if test -x "$(AUGPARSE)"; then \ for f in $(augeastest_DATA); do \ DIR=$$(dirname "$$f"); \ FILE=$$(basename "$$f"); \ echo "AUGPARSE $$f"; \ "$(AUGPARSE)" \ -I "$(srcdir)/$$DIR" -I "$(builddir)/$$DIR" \ "$$DIR/$$FILE"; \ done; \ fi .PHONY: check-augeas This version even results in a more accurate output, as we're not really generating the files but rather validating them. -- Andrea Bolognani / Red Hat / Virtualization

Instead of adding generated config files to CLEANFILES and BUILT_SOURCES in each makefile, add them all at once. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/Makefile.am | 3 +++ src/locking/Makefile.inc.am | 8 -------- 2 files changed, 3 insertions(+), 8 deletions(-) diff --git a/src/Makefile.am b/src/Makefile.am index cf6f920576..dbbb94e7f1 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -144,6 +144,9 @@ moddir = $(libdir)/libvirt/connection-driver confdir = $(sysconfdir)/libvirt conf_DATA += libvirt.conf libvirt-admin.conf +CLEANFILES += $(nodist_conf_DATA) +BUILT_SOURCES += $(nodist_conf_DATA) + augeasdir = $(datadir)/augeas/lenses augeastestdir = $(datadir)/augeas/lenses/tests diff --git a/src/locking/Makefile.inc.am b/src/locking/Makefile.inc.am index 24d83fdd80..161410051c 100644 --- a/src/locking/Makefile.inc.am +++ b/src/locking/Makefile.inc.am @@ -116,14 +116,10 @@ endif WITH_SASL if WITH_QEMU augeastest_DATA += locking/test_libvirt_lockd.aug nodist_conf_DATA += locking/qemu-lockd.conf -BUILT_SOURCES += locking/qemu-lockd.conf -DISTCLEANFILES += locking/qemu-lockd.conf endif WITH_QEMU if WITH_LIBXL nodist_conf_DATA += locking/libxl-lockd.conf -BUILT_SOURCES += locking/libxl-lockd.conf -DISTCLEANFILES += locking/libxl-lockd.conf endif WITH_LIBXL sbin_PROGRAMS += virtlockd @@ -171,14 +167,10 @@ augeas_DATA += locking/libvirt_sanlock.aug if WITH_QEMU augeastest_DATA += locking/test_libvirt_sanlock.aug nodist_conf_DATA += locking/qemu-sanlock.conf -BUILT_SOURCES += locking/qemu-sanlock.conf -DISTCLEANFILES += locking/qemu-sanlock.conf endif WITH_QEMU if WITH_LIBXL nodist_conf_DATA += locking/libxl-sanlock.conf -BUILT_SOURCES += locking/libxl-sanlock.conf -DISTCLEANFILES += locking/libxl-sanlock.conf endif WITH_LIBXL libexec_PROGRAMS += libvirt_sanlock_helper -- 2.21.0

On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote:
Instead of adding generated config files to CLEANFILES and BUILT_SOURCES in each makefile, add them all at once.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/Makefile.am | 3 +++ src/locking/Makefile.inc.am | 8 -------- 2 files changed, 3 insertions(+), 8 deletions(-)
Reviewed-by: Andrea Bolognani <abologna@redhat.com> -- Andrea Bolognani / Red Hat / Virtualization

The remote daemon tries to print out its help text in a couple of giant blocks of text. This has already lead to duplication of the text for the privileged vs unprivileged execution mode. With the introduction of more daemons, this text is going to be duplicated many more times with small variations. This is very unfriendly to translators as they have to translate approximately the same text many times with small tweaks. Splitting the text up into individual strings to print means that each piece will only need translating once. It also gets rid of all the layout information from the translated strings, so avoids the problem of translators breaking formatting by mistake. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/remote/remote_daemon.c | 126 ++++++++++++++++++------------------- 1 file changed, 62 insertions(+), 64 deletions(-) diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c index d887b7abfb..49ac3f0ae5 100644 --- a/src/remote/remote_daemon.c +++ b/src/remote/remote_daemon.c @@ -863,71 +863,69 @@ daemonSetupHostUUID(const struct daemonConfig *config) static void daemonUsage(const char *argv0, bool privileged) { - fprintf(stderr, - _("\n" - "Usage:\n" - " %s [options]\n" - "\n" - "Options:\n" - " -h | --help Display program help:\n" - " -v | --verbose Verbose messages.\n" - " -d | --daemon Run as a daemon & write PID file.\n" - " -l | --listen Listen for TCP/IP connections.\n" - " -t | --timeout <secs> Exit after timeout period.\n" - " -f | --config <file> Configuration file.\n" - " -V | --version Display version information.\n" - " -p | --pid-file <file> Change name of PID file.\n" - "\n" - "libvirt management daemon:\n"), - argv0); + size_t i; + struct virOptionHelp { + const char *opts; + const char *help; + } opthelp[] = { + { "-h | --help", N_("Display program help") }, + { "-v | --verbose", N_("Verbose messages") }, + { "-d | --daemon", N_("Run as a daemon & write PID file") }, + { "-l | --listen", N_("Listen for TCP/IP connections") }, + { "-t | --timeout <secs>", N_("Exit after timeout period") }, + { "-f | --config <file>", N_("Configuration file") }, + { "-V | --version", N_("Display version information") }, + { "-p | --pid-file <file>", N_("Change name of PID file") }, + }; - if (privileged) { - fprintf(stderr, - _("\n" - " Default paths:\n" - "\n" - " Configuration file (unless overridden by -f):\n" - " %s\n" - "\n" - " Sockets:\n" - " %s\n" - " %s\n" - "\n" - " TLS:\n" - " CA certificate: %s\n" - " Server certificate: %s\n" - " Server private key: %s\n" - "\n" - " PID file (unless overridden by -p):\n" - " %s/run/libvirtd.pid\n" - "\n"), - LIBVIRTD_CONFIGURATION_FILE, - LIBVIRTD_PRIV_UNIX_SOCKET, - LIBVIRTD_PRIV_UNIX_SOCKET_RO, - LIBVIRT_CACERT, - LIBVIRT_SERVERCERT, - LIBVIRT_SERVERKEY, - LOCALSTATEDIR); - } else { - fprintf(stderr, "%s", - _("\n" - " Default paths:\n" - "\n" - " Configuration file (unless overridden by -f):\n" - " $XDG_CONFIG_HOME/libvirt/libvirtd.conf\n" - "\n" - " Sockets:\n" - " $XDG_RUNTIME_DIR/libvirt/libvirt-sock\n" - "\n" - " TLS:\n" - " CA certificate: $HOME/.pki/libvirt/cacert.pem\n" - " Server certificate: $HOME/.pki/libvirt/servercert.pem\n" - " Server private key: $HOME/.pki/libvirt/serverkey.pem\n" - "\n" - " PID file:\n" - " $XDG_RUNTIME_DIR/libvirt/libvirtd.pid\n" - "\n")); - } + fprintf(stderr, "\n"); + fprintf(stderr, "%s:\n", _("Usage")); + fprintf(stderr, " %s [%s]\n", argv0, _("options")); + fprintf(stderr, "\n"); + + fprintf(stderr, "%s:\n", _("Options")); + for (i = 0; i < ARRAY_CARDINALITY(opthelp); i++) + fprintf(stderr, " %-22s %s\n", opthelp[i].opts, N_(opthelp[i].help)); + fprintf(stderr, "\n"); + + fprintf(stderr, "%s:\n", _("libvirt management daemon")); + + fprintf(stderr, "\n"); + fprintf(stderr, " %s:\n", _("Default paths")); + fprintf(stderr, "\n"); + + fprintf(stderr, " %s:\n", _("Configuration file (unless overridden by -f)")); + fprintf(stderr, " %s/libvirt/libvirtd.conf\n", + privileged ? SYSCONFDIR : "$XDG_CONFIG_HOME"); + fprintf(stderr, "\n"); + + fprintf(stderr, " %s:\n", _("Sockets")); + fprintf(stderr, " %s\n", + privileged ? LOCALSTATEDIR "/run/libvirt/libvirt-sock" : + "$XDG_RUNTIME_DIR/libvirt/libvirt-sock"); + if (privileged) + fprintf(stderr, " %s\n", + LOCALSTATEDIR "/run/libvirt/libvirt-sock-ro"); + fprintf(stderr, "\n"); + + fprintf(stderr, " %s:\n", _("TLS")); + fprintf(stderr, " %s: %s\n", + _("CA certificate"), + privileged ? LIBVIRT_CACERT : "$HOME/.pki/libvirt/cacert.pem"); + fprintf(stderr, " %s: %s\n", + _("Server certificate"), + privileged ? LIBVIRT_SERVERCERT : "$HOME/.pki/libvirt/servercert.pem"); + fprintf(stderr, " %s: %s\n", + _("Server private key"), + privileged ? LIBVIRT_SERVERKEY : "$HOME/.pki/libvirt/serverkey.pem"); + fprintf(stderr, "\n"); + + fprintf(stderr, " %s:\n", + _("PID file (unless overridden by -p)")); + fprintf(stderr, " %s\n", + privileged ? LOCALSTATEDIR "/run/libvirtd.pid": + "$XDG_RUNTIME_DIR/libvirt/libvirtd.pid"); + fprintf(stderr, "\n"); } int main(int argc, char **argv) { -- 2.21.0

On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote: [...]
+ struct virOptionHelp { + const char *opts; + const char *help; + } opthelp[] = { + { "-h | --help", N_("Display program help") }, + { "-v | --verbose", N_("Verbose messages") }, + { "-d | --daemon", N_("Run as a daemon & write PID file") }, + { "-l | --listen", N_("Listen for TCP/IP connections") }, + { "-t | --timeout <secs>", N_("Exit after timeout period") }, + { "-f | --config <file>", N_("Configuration file") }, + { "-V | --version", N_("Display version information") }, + { "-p | --pid-file <file>", N_("Change name of PID file") }, + };
The way you declare the struct at the same time as you use it for a local variable is highly unusual in our codebase, especially considering that you do the former inside a function which is, at least as far as I'm aware, basically unprecedented in libvirt. Can you please move the struct declaration outside of the function? [...]
+ fprintf(stderr, " %s:\n", _("TLS")); + fprintf(stderr, " %s: %s\n", + _("CA certificate"), + privileged ? LIBVIRT_CACERT : "$HOME/.pki/libvirt/cacert.pem"); + fprintf(stderr, " %s: %s\n", + _("Server certificate"), + privileged ? LIBVIRT_SERVERCERT : "$HOME/.pki/libvirt/servercert.pem"); + fprintf(stderr, " %s: %s\n", + _("Server private key"), + privileged ? LIBVIRT_SERVERKEY : "$HOME/.pki/libvirt/serverkey.pem"); + fprintf(stderr, "\n");
I think the above would work better if you used " %-18s %s\n" as the format string, which would result in TLS: CA certificate $HOME/.pki/libvirt/cacert.pem Server certificate $HOME/.pki/libvirt/servercert.pem Server private key $HOME/.pki/libvirt/serverkey.pem instead of TLS: CA certificate: $HOME/.pki/libvirt/cacert.pem Server certificate: $HOME/.pki/libvirt/servercert.pem Server private key: $HOME/.pki/libvirt/serverkey.pem as the output. Not a big deal either way, but since we're going out of our way to align options and their descriptions above it makes sense to me that we'd do the same here as well. After this patch, the code looks much less readable, but I understand why you want to do this and you also get rid of some duplication when it comes to the system/session daemons, so I'm overall okay with the change. -- Andrea Bolognani / Red Hat / Virtualization

On Fri, Jul 26, 2019 at 02:02:18PM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote: [...]
+ struct virOptionHelp { + const char *opts; + const char *help; + } opthelp[] = { + { "-h | --help", N_("Display program help") }, + { "-v | --verbose", N_("Verbose messages") }, + { "-d | --daemon", N_("Run as a daemon & write PID file") }, + { "-l | --listen", N_("Listen for TCP/IP connections") }, + { "-t | --timeout <secs>", N_("Exit after timeout period") }, + { "-f | --config <file>", N_("Configuration file") }, + { "-V | --version", N_("Display version information") }, + { "-p | --pid-file <file>", N_("Change name of PID file") }, + };
The way you declare the struct at the same time as you use it for a local variable is highly unusual in our codebase, especially considering that you do the former inside a function which is, at least as far as I'm aware, basically unprecedented in libvirt.
Can you please move the struct declaration outside of the function?
[...]
+ fprintf(stderr, " %s:\n", _("TLS")); + fprintf(stderr, " %s: %s\n", + _("CA certificate"), + privileged ? LIBVIRT_CACERT : "$HOME/.pki/libvirt/cacert.pem"); + fprintf(stderr, " %s: %s\n", + _("Server certificate"), + privileged ? LIBVIRT_SERVERCERT : "$HOME/.pki/libvirt/servercert.pem"); + fprintf(stderr, " %s: %s\n", + _("Server private key"), + privileged ? LIBVIRT_SERVERKEY : "$HOME/.pki/libvirt/serverkey.pem"); + fprintf(stderr, "\n");
I think the above would work better if you used
" %-18s %s\n"
as the format string, which would result in
TLS: CA certificate $HOME/.pki/libvirt/cacert.pem Server certificate $HOME/.pki/libvirt/servercert.pem Server private key $HOME/.pki/libvirt/serverkey.pem
instead of
TLS: CA certificate: $HOME/.pki/libvirt/cacert.pem Server certificate: $HOME/.pki/libvirt/servercert.pem Server private key: $HOME/.pki/libvirt/serverkey.pem
as the output. Not a big deal either way, but since we're going out of our way to align options and their descriptions above it makes sense to me that we'd do the same here as well.
After this patch, the code looks much less readable, but I understand why you want to do this and you also get rid of some duplication when it comes to the system/session daemons, so I'm overall okay with the change.
Yeah it is pretty ugly, but at least some of this uglyness goes away if we adopt GLib, because its CLI parsing APIs are much better than getopt, in particular capable of auto-generating the help output for all args. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

On Fri, Jul 26, 2019 at 02:02:18PM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote: [...]
+ struct virOptionHelp { + const char *opts; + const char *help; + } opthelp[] = { + { "-h | --help", N_("Display program help") }, + { "-v | --verbose", N_("Verbose messages") }, + { "-d | --daemon", N_("Run as a daemon & write PID file") }, + { "-l | --listen", N_("Listen for TCP/IP connections") }, + { "-t | --timeout <secs>", N_("Exit after timeout period") }, + { "-f | --config <file>", N_("Configuration file") }, + { "-V | --version", N_("Display version information") }, + { "-p | --pid-file <file>", N_("Change name of PID file") }, + };
The way you declare the struct at the same time as you use it for a local variable is highly unusual in our codebase, especially considering that you do the former inside a function which is, at least as far as I'm aware, basically unprecedented in libvirt.
Can you please move the struct declaration outside of the function?
[...]
+ fprintf(stderr, " %s:\n", _("TLS")); + fprintf(stderr, " %s: %s\n", + _("CA certificate"), + privileged ? LIBVIRT_CACERT : "$HOME/.pki/libvirt/cacert.pem"); + fprintf(stderr, " %s: %s\n", + _("Server certificate"), + privileged ? LIBVIRT_SERVERCERT : "$HOME/.pki/libvirt/servercert.pem"); + fprintf(stderr, " %s: %s\n", + _("Server private key"), + privileged ? LIBVIRT_SERVERKEY : "$HOME/.pki/libvirt/serverkey.pem"); + fprintf(stderr, "\n");
I think the above would work better if you used
" %-18s %s\n"
as the format string, which would result in
TLS: CA certificate $HOME/.pki/libvirt/cacert.pem Server certificate $HOME/.pki/libvirt/servercert.pem Server private key $HOME/.pki/libvirt/serverkey.pem
instead of
TLS: CA certificate: $HOME/.pki/libvirt/cacert.pem Server certificate: $HOME/.pki/libvirt/servercert.pem Server private key: $HOME/.pki/libvirt/serverkey.pem
You're only thinking about this from POV of english text. When this is translated into other languages, all bets are off for such alignment, as translated text could easily be longer than 18 characters and I don't fancy guessing the max field width to cope with arbitrary languages. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

On Mon, 2019-07-29 at 10:51 +0100, Daniel P. Berrangé wrote:
On Fri, Jul 26, 2019 at 02:02:18PM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote:
+ fprintf(stderr, " %s:\n", _("TLS")); + fprintf(stderr, " %s: %s\n", + _("CA certificate"), + privileged ? LIBVIRT_CACERT : "$HOME/.pki/libvirt/cacert.pem"); + fprintf(stderr, " %s: %s\n", + _("Server certificate"), + privileged ? LIBVIRT_SERVERCERT : "$HOME/.pki/libvirt/servercert.pem"); + fprintf(stderr, " %s: %s\n", + _("Server private key"), + privileged ? LIBVIRT_SERVERKEY : "$HOME/.pki/libvirt/serverkey.pem"); + fprintf(stderr, "\n");
I think the above would work better if you used
" %-18s %s\n"
as the format string, which would result in
TLS: CA certificate $HOME/.pki/libvirt/cacert.pem Server certificate $HOME/.pki/libvirt/servercert.pem Server private key $HOME/.pki/libvirt/serverkey.pem
instead of
TLS: CA certificate: $HOME/.pki/libvirt/cacert.pem Server certificate: $HOME/.pki/libvirt/servercert.pem Server private key: $HOME/.pki/libvirt/serverkey.pem
You're only thinking about this from POV of english text. When this is translated into other languages, all bets are off for such alignment, as translated text could easily be longer than 18 characters and I don't fancy guessing the max field width to cope with arbitrary languages.
Right, I was tricked by the fact that you use "%-22s" earlier in the same function, but of course that's appropriate because you're printing the option names and those are not subject to i18n... We should move the vshTable API inside libvirt so that we can do this kind of thing easily! (Only partially kidding.) -- Andrea Bolognani / Red Hat / Virtualization

Prepare for reusing libvirtd source to create other daemons by making the socket names conditionally defined by the make rules. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/remote/Makefile.inc.am | 1 + src/remote/remote_daemon.c | 24 ++++++++++++------------ 2 files changed, 13 insertions(+), 12 deletions(-) diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index 0400dabad9..ced940d3c1 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -146,6 +146,7 @@ libvirtd_CFLAGS = \ -I$(srcdir)/access \ -I$(srcdir)/conf \ -I$(srcdir)/rpc \ + -DSOCK_PREFIX="\"libvirt\"" \ $(NULL) libvirtd_LDFLAGS = \ diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c index 49ac3f0ae5..056ae2ba91 100644 --- a/src/remote/remote_daemon.c +++ b/src/remote/remote_daemon.c @@ -221,19 +221,19 @@ daemonUnixSocketPaths(struct daemonConfig *config, char *rundir = NULL; if (config->unix_sock_dir) { - if (virAsprintf(sockfile, "%s/libvirt-sock", config->unix_sock_dir) < 0) + if (virAsprintf(sockfile, "%s/" SOCK_PREFIX "-sock", config->unix_sock_dir) < 0) goto cleanup; if (privileged) { - if (virAsprintf(rosockfile, "%s/libvirt-sock-ro", config->unix_sock_dir) < 0 || - virAsprintf(admsockfile, "%s/libvirt-admin-sock", config->unix_sock_dir) < 0) + if (virAsprintf(rosockfile, "%s/" SOCK_PREFIX "-sock-ro", config->unix_sock_dir) < 0 || + virAsprintf(admsockfile, "%s/" SOCK_PREFIX "-admin-sock", config->unix_sock_dir) < 0) goto cleanup; } } else { if (privileged) { - if (VIR_STRDUP(*sockfile, LOCALSTATEDIR "/run/libvirt/libvirt-sock") < 0 || - VIR_STRDUP(*rosockfile, LOCALSTATEDIR "/run/libvirt/libvirt-sock-ro") < 0 || - VIR_STRDUP(*admsockfile, LOCALSTATEDIR "/run/libvirt/libvirt-admin-sock") < 0) + if (VIR_STRDUP(*sockfile, LOCALSTATEDIR "/run/libvirt/" SOCK_PREFIX "-sock") < 0 || + VIR_STRDUP(*rosockfile, LOCALSTATEDIR "/run/libvirt/" SOCK_PREFIX "-sock-ro") < 0 || + VIR_STRDUP(*admsockfile, LOCALSTATEDIR "/run/libvirt/" SOCK_PREFIX "-admin-sock") < 0) goto cleanup; } else { mode_t old_umask; @@ -248,8 +248,8 @@ daemonUnixSocketPaths(struct daemonConfig *config, } umask(old_umask); - if (virAsprintf(sockfile, "%s/libvirt-sock", rundir) < 0 || - virAsprintf(admsockfile, "%s/libvirt-admin-sock", rundir) < 0) + if (virAsprintf(sockfile, "%s/" SOCK_PREFIX "-sock", rundir) < 0 || + virAsprintf(admsockfile, "%s/" SOCK_PREFIX "-admin-sock", rundir) < 0) goto cleanup; } } @@ -900,12 +900,12 @@ daemonUsage(const char *argv0, bool privileged) fprintf(stderr, "\n"); fprintf(stderr, " %s:\n", _("Sockets")); - fprintf(stderr, " %s\n", - privileged ? LOCALSTATEDIR "/run/libvirt/libvirt-sock" : - "$XDG_RUNTIME_DIR/libvirt/libvirt-sock"); + fprintf(stderr, " %s/libvirt/" SOCK_PREFIX "-sock\n", + privileged ? LOCALSTATEDIR "/run" : + "$XDG_RUNTIME_DIR"); if (privileged) fprintf(stderr, " %s\n", - LOCALSTATEDIR "/run/libvirt/libvirt-sock-ro"); + LOCALSTATEDIR "/run/libvirt/" SOCK_PREFIX "-sock-ro"); fprintf(stderr, "\n"); fprintf(stderr, " %s:\n", _("TLS")); -- 2.21.0

On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote: [...]
if (config->unix_sock_dir) { - if (virAsprintf(sockfile, "%s/libvirt-sock", config->unix_sock_dir) < 0) + if (virAsprintf(sockfile, "%s/" SOCK_PREFIX "-sock", config->unix_sock_dir) < 0) goto cleanup;
Since you're using virAsprintf() already, I'd write this as virAsprintf(sockfile, "%s/%s-sock", SOCK_PREFIX, config->unix_sock_dir) instead of using static string concatenation: it looks a bit cleaner in my opinion. [...]
if (privileged) { - if (VIR_STRDUP(*sockfile, LOCALSTATEDIR "/run/libvirt/libvirt-sock") < 0 || - VIR_STRDUP(*rosockfile, LOCALSTATEDIR "/run/libvirt/libvirt-sock-ro") < 0 || - VIR_STRDUP(*admsockfile, LOCALSTATEDIR "/run/libvirt/libvirt-admin-sock") < 0) + if (VIR_STRDUP(*sockfile, LOCALSTATEDIR "/run/libvirt/" SOCK_PREFIX "-sock") < 0 || + VIR_STRDUP(*rosockfile, LOCALSTATEDIR "/run/libvirt/" SOCK_PREFIX "-sock-ro") < 0 || + VIR_STRDUP(*admsockfile, LOCALSTATEDIR "/run/libvirt/" SOCK_PREFIX "-admin-sock") < 0) goto cleanup;
These are not using virAsprintf() but could easily be converted. [...]
fprintf(stderr, " %s:\n", _("Sockets")); - fprintf(stderr, " %s\n", - privileged ? LOCALSTATEDIR "/run/libvirt/libvirt-sock" : - "$XDG_RUNTIME_DIR/libvirt/libvirt-sock"); + fprintf(stderr, " %s/libvirt/" SOCK_PREFIX "-sock\n", + privileged ? LOCALSTATEDIR "/run" : + "$XDG_RUNTIME_DIR");
All fprintf() calls could be converted as well, except for this one where the conversion would require adding one extra step and thus is probably not worth it. While I think following this proposal would result in slightly cleaner code, functionally both approaches are identicaly so Reviewed-by: Andrea Bolognani <abologna@redhat.com> regardless of whether or not you decide to implement my suggestion. -- Andrea Bolognani / Red Hat / Virtualization

Prepare for reusing libvirtd source to create other daemons by making the daemon name conditionally defined by the make rules. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/remote/Makefile.inc.am | 1 + src/remote/remote_daemon.c | 48 +++++++++++++++++-------------- src/remote/remote_daemon_config.c | 5 ++-- src/remote/remote_driver.h | 1 - 4 files changed, 30 insertions(+), 25 deletions(-) diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index ced940d3c1..b72186109a 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -147,6 +147,7 @@ libvirtd_CFLAGS = \ -I$(srcdir)/conf \ -I$(srcdir)/rpc \ -DSOCK_PREFIX="\"libvirt\"" \ + -DDAEMON_NAME="\"libvirtd\"" \ $(NULL) libvirtd_LDFLAGS = \ diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c index 056ae2ba91..0982e281de 100644 --- a/src/remote/remote_daemon.c +++ b/src/remote/remote_daemon.c @@ -64,7 +64,11 @@ #include "virdbus.h" -VIR_LOG_INIT("daemon.libvirtd"); +VIR_LOG_INIT("daemon." DAEMON_NAME); + +#ifndef SOCK_PREFIX +# define SOCK_PREFIX DAEMON_NAME +#endif #if WITH_SASL virNetSASLContextPtr saslCtxt = NULL; @@ -375,11 +379,11 @@ daemonSetupNetworking(virNetServerPtr srv, int ret = -1; VIR_AUTOPTR(virSystemdActivation) act = NULL; virSystemdActivationMap actmap[] = { - { .name = "libvirtd.socket", .family = AF_UNIX, .path = sock_path }, - { .name = "libvirtd-ro.socket", .family = AF_UNIX, .path = sock_path_ro }, - { .name = "libvirtd-admin.socket", .family = AF_UNIX, .path = sock_path_adm }, - { .name = "libvirtd-tcp.socket", .family = AF_INET }, - { .name = "libvirtd-tls.socket", .family = AF_INET }, + { .name = DAEMON_NAME ".socket", .family = AF_UNIX, .path = sock_path }, + { .name = DAEMON_NAME "-ro.socket", .family = AF_UNIX, .path = sock_path_ro }, + { .name = DAEMON_NAME "-admin.socket", .family = AF_UNIX, .path = sock_path_adm }, + { .name = DAEMON_NAME "-tcp.socket", .family = AF_INET }, + { .name = DAEMON_NAME "-tls.socket", .family = AF_INET }, }; if ((actmap[3].port = virSocketAddrResolveService(config->tcp_port)) < 0) @@ -413,7 +417,7 @@ daemonSetupNetworking(virNetServerPtr srv, if (virNetServerAddServiceUNIX(srv, act, - "libvirtd.socket", + DAEMON_NAME ".socket", sock_path, unix_sock_rw_mask, unix_sock_gid, @@ -426,7 +430,7 @@ daemonSetupNetworking(virNetServerPtr srv, if (sock_path_ro && virNetServerAddServiceUNIX(srv, act, - "libvirtd-ro.socket", + DAEMON_NAME "-ro.socket", sock_path_ro, unix_sock_ro_mask, unix_sock_gid, @@ -440,7 +444,7 @@ daemonSetupNetworking(virNetServerPtr srv, if (sock_path_adm && virNetServerAddServiceUNIX(srvAdm, act, - "libvirtd-admin.socket", + DAEMON_NAME "-admin.socket", sock_path_adm, unix_sock_adm_mask, unix_sock_gid, @@ -454,7 +458,7 @@ daemonSetupNetworking(virNetServerPtr srv, if (((ipsock && config->listen_tcp) || act) && virNetServerAddServiceTCP(srv, act, - "libvirtd-tcp.socket", + DAEMON_NAME "-tcp.socket", config->listen_addr, config->tcp_port, AF_UNSPEC, @@ -511,7 +515,7 @@ daemonSetupNetworking(virNetServerPtr srv, config->listen_addr, config->tls_port); if (virNetServerAddServiceTCP(srv, act, - "libvirtd-tls.socket", + DAEMON_NAME "-tls.socket", config->listen_addr, config->tls_port, AF_UNSPEC, @@ -556,7 +560,7 @@ daemonSetupNetDevOpenvswitch(struct daemonConfig *config) /* * Set up the logging environment - * By default if daemonized all errors go to the logfile libvirtd.log, + * By default if daemonized all errors go to journald/a logfile * but if verbose or error debugging is asked for then also output * informational and debug messages. Default size if 64 kB. */ @@ -569,7 +573,7 @@ daemonSetupLogging(struct daemonConfig *config, virLogReset(); /* - * Libvirtd's order of precedence is: + * Logging setup order of precedence is: * cmdline > environment > config * * Given the precedence, we must process the variables in the opposite @@ -597,7 +601,7 @@ daemonSetupLogging(struct daemonConfig *config, /* Define the default output. This is only applied if there was no setting * from either the config or the environment. */ - if (virLogSetDefaultOutput("libvirtd", godaemon, privileged) < 0) + if (virLogSetDefaultOutput(DAEMON_NAME, godaemon, privileged) < 0) return -1; if (virLogGetNbOutputs() == 0) @@ -709,7 +713,7 @@ static void daemonStopWorker(void *opaque) VIR_DEBUG("Completed stop dmn=%p", dmn); - /* Exit libvirtd cleanly */ + /* Exit daemon cleanly */ virNetDaemonQuit(dmn); } @@ -788,7 +792,7 @@ static void daemonRunStateInit(void *opaque) driversInitialized = true; #ifdef WITH_DBUS - /* Tie the non-privileged libvirtd to the session/shutdown lifecycle */ + /* Tie the non-privileged daemons to the session/shutdown lifecycle */ if (!virNetDaemonIsPrivileged(dmn)) { sessionBus = virDBusGetSessionBus(); @@ -895,7 +899,7 @@ daemonUsage(const char *argv0, bool privileged) fprintf(stderr, "\n"); fprintf(stderr, " %s:\n", _("Configuration file (unless overridden by -f)")); - fprintf(stderr, " %s/libvirt/libvirtd.conf\n", + fprintf(stderr, " %s/libvirt/" DAEMON_NAME ".conf\n", privileged ? SYSCONFDIR : "$XDG_CONFIG_HOME"); fprintf(stderr, "\n"); @@ -922,9 +926,9 @@ daemonUsage(const char *argv0, bool privileged) fprintf(stderr, " %s:\n", _("PID file (unless overridden by -p)")); - fprintf(stderr, " %s\n", - privileged ? LOCALSTATEDIR "/run/libvirtd.pid": - "$XDG_RUNTIME_DIR/libvirt/libvirtd.pid"); + fprintf(stderr, " %s/\n", + privileged ? LOCALSTATEDIR "/run/" DAEMON_NAME ".pid": + "$XDG_RUNTIME_DIR/libvirt/" DAEMON_NAME ".pid"); fprintf(stderr, "\n"); } @@ -1088,7 +1092,7 @@ int main(int argc, char **argv) { if (!pid_file && virPidFileConstructPath(privileged, LOCALSTATEDIR, - "libvirtd", + DAEMON_NAME, &pid_file) < 0) { VIR_ERROR(_("Can't determine pid file path.")); exit(EXIT_FAILURE); @@ -1168,7 +1172,7 @@ int main(int argc, char **argv) { goto cleanup; } - if (!(srv = virNetServerNew("libvirtd", 1, + if (!(srv = virNetServerNew(DAEMON_NAME, 1, config->min_workers, config->max_workers, config->prio_workers, diff --git a/src/remote/remote_daemon_config.c b/src/remote/remote_daemon_config.c index 537b90a855..3e62b4203f 100644 --- a/src/remote/remote_daemon_config.c +++ b/src/remote/remote_daemon_config.c @@ -77,7 +77,8 @@ int daemonConfigFilePath(bool privileged, char **configfile) { if (privileged) { - if (VIR_STRDUP(*configfile, SYSCONFDIR "/libvirt/libvirtd.conf") < 0) + if (VIR_STRDUP(*configfile, + SYSCONFDIR "/libvirt/" DAEMON_NAME ".conf") < 0) goto error; } else { char *configdir = NULL; @@ -85,7 +86,7 @@ daemonConfigFilePath(bool privileged, char **configfile) if (!(configdir = virGetUserConfigDirectory())) goto error; - if (virAsprintf(configfile, "%s/libvirtd.conf", configdir) < 0) { + if (virAsprintf(configfile, "%s/%s.conf", configdir, DAEMON_NAME) < 0) { VIR_FREE(configdir); goto error; } diff --git a/src/remote/remote_driver.h b/src/remote/remote_driver.h index 8c7da6b000..132e478ef3 100644 --- a/src/remote/remote_driver.h +++ b/src/remote/remote_driver.h @@ -34,7 +34,6 @@ unsigned long remoteVersion(void); #define LIBVIRTD_PRIV_UNIX_SOCKET LOCALSTATEDIR "/run/libvirt/libvirt-sock" #define LIBVIRTD_PRIV_UNIX_SOCKET_RO LOCALSTATEDIR "/run/libvirt/libvirt-sock-ro" #define LIBVIRTD_USER_UNIX_SOCKET "libvirt-sock" -#define LIBVIRTD_CONFIGURATION_FILE SYSCONFDIR "/libvirt/libvirtd.conf" /* Defaults for PKI directory. */ #define LIBVIRT_PKI_DIR SYSCONFDIR "/pki" -- 2.21.0

On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote: [...]
@@ -895,7 +899,7 @@ daemonUsage(const char *argv0, bool privileged) fprintf(stderr, "\n");
fprintf(stderr, " %s:\n", _("Configuration file (unless overridden by -f)")); - fprintf(stderr, " %s/libvirt/libvirtd.conf\n", + fprintf(stderr, " %s/libvirt/" DAEMON_NAME ".conf\n", privileged ? SYSCONFDIR : "$XDG_CONFIG_HOME");
Similarly to the previous commit, this should be fprintf(stderr, " %s/libvirt/%s.conf\n", DAEMON_NAME, privileged ? SYSCONFDIR : "$XDG_CONFIG_HOME"); [...]
@@ -922,9 +926,9 @@ daemonUsage(const char *argv0, bool privileged)
fprintf(stderr, " %s:\n", _("PID file (unless overridden by -p)")); - fprintf(stderr, " %s\n", - privileged ? LOCALSTATEDIR "/run/libvirtd.pid": - "$XDG_RUNTIME_DIR/libvirt/libvirtd.pid"); + fprintf(stderr, " %s/\n", + privileged ? LOCALSTATEDIR "/run/" DAEMON_NAME ".pid": + "$XDG_RUNTIME_DIR/libvirt/" DAEMON_NAME ".pid");
The pattern suggested above and in the previous patch make even more sense here. [...]
+++ b/src/remote/remote_daemon_config.c @@ -77,7 +77,8 @@ int daemonConfigFilePath(bool privileged, char **configfile) { if (privileged) { - if (VIR_STRDUP(*configfile, SYSCONFDIR "/libvirt/libvirtd.conf") < 0) + if (VIR_STRDUP(*configfile, + SYSCONFDIR "/libvirt/" DAEMON_NAME ".conf") < 0)
Same here - just use virAsprintf() instead of VIR_STRDUP(). [...]
@@ -85,7 +86,7 @@ daemonConfigFilePath(bool privileged, char **configfile) if (!(configdir = virGetUserConfigDirectory())) goto error;
- if (virAsprintf(configfile, "%s/libvirtd.conf", configdir) < 0) { + if (virAsprintf(configfile, "%s/%s.conf", configdir, DAEMON_NAME) < 0) {
This is what I'm talking about! ;) [...]
+++ b/src/remote/remote_driver.h @@ -34,7 +34,6 @@ unsigned long remoteVersion(void); #define LIBVIRTD_PRIV_UNIX_SOCKET LOCALSTATEDIR "/run/libvirt/libvirt-sock" #define LIBVIRTD_PRIV_UNIX_SOCKET_RO LOCALSTATEDIR "/run/libvirt/libvirt-sock-ro" #define LIBVIRTD_USER_UNIX_SOCKET "libvirt-sock" -#define LIBVIRTD_CONFIGURATION_FILE SYSCONFDIR "/libvirt/libvirtd.conf"
Oh, this was unused even before your changes, wasn't it? You should drop it in a separate, trivial patch. Going through this patch only strenghtened my convintion that what I suggested in the previous patch is the way to go, so I urge you to implement that suggestion; however, for the sake of being coherent, even if you decide not to go through with it you can still consider this Reviewed-by: Andrea Bolognani <abologna@redhat.com> -- Andrea Bolognani / Red Hat / Virtualization

On Fri, Jul 26, 2019 at 02:39:51PM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote: [...]
+++ b/src/remote/remote_driver.h @@ -34,7 +34,6 @@ unsigned long remoteVersion(void); #define LIBVIRTD_PRIV_UNIX_SOCKET LOCALSTATEDIR "/run/libvirt/libvirt-sock" #define LIBVIRTD_PRIV_UNIX_SOCKET_RO LOCALSTATEDIR "/run/libvirt/libvirt-sock-ro" #define LIBVIRTD_USER_UNIX_SOCKET "libvirt-sock" -#define LIBVIRTD_CONFIGURATION_FILE SYSCONFDIR "/libvirt/libvirtd.conf"
Oh, this was unused even before your changes, wasn't it? You should drop it in a separate, trivial patch.
No it was used, but this should have been done in patch 6 instead. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

On Fri, 2019-07-26 at 16:24 +0100, Daniel P. Berrangé wrote:
On Fri, Jul 26, 2019 at 02:39:51PM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote: [...]
+++ b/src/remote/remote_driver.h @@ -34,7 +34,6 @@ unsigned long remoteVersion(void); #define LIBVIRTD_PRIV_UNIX_SOCKET LOCALSTATEDIR "/run/libvirt/libvirt-sock" #define LIBVIRTD_PRIV_UNIX_SOCKET_RO LOCALSTATEDIR "/run/libvirt/libvirt-sock-ro" #define LIBVIRTD_USER_UNIX_SOCKET "libvirt-sock" -#define LIBVIRTD_CONFIGURATION_FILE SYSCONFDIR "/libvirt/libvirtd.conf"
Oh, this was unused even before your changes, wasn't it? You should drop it in a separate, trivial patch.
No it was used, but this should have been done in patch 6 instead.
Right you are! I just checked @^ instead of master... The hunk should be squashed into patch 6 then. -- Andrea Bolognani / Red Hat / Virtualization

Prepare for reusing libvirtd source to create other daemons by making the driver(s) to load conditionally defined by the make rules. If nothing is set, all drivers will be loaded, ignoring any missing ones as historically done. If MODULE_NAME is set only one driver will be loaded and that one must succeed. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/remote/remote_daemon.c | 51 +++++++++++++++++++++----------------- 1 file changed, 28 insertions(+), 23 deletions(-) diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c index 0982e281de..2abeb08e16 100644 --- a/src/remote/remote_daemon.c +++ b/src/remote/remote_daemon.c @@ -303,6 +303,10 @@ static int daemonErrorLogFilter(virErrorPtr err, int priority) static int daemonInitialize(void) { +#ifdef MODULE_NAME + if (virDriverLoadModule(MODULE_NAME, MODULE_NAME "Register", true) < 0) + return -1; +#else /* * Note that the order is important: the first ones have a higher * priority when calling virStateInitialize. We must register the @@ -310,53 +314,54 @@ static int daemonInitialize(void) * driver, since their resources must be auto-started before any * domains can be auto-started. */ -#ifdef WITH_NETWORK +# ifdef WITH_NETWORK if (virDriverLoadModule("network", "networkRegister", false) < 0) return -1; -#endif -#ifdef WITH_INTERFACE +# endif +# ifdef WITH_INTERFACE if (virDriverLoadModule("interface", "interfaceRegister", false) < 0) return -1; -#endif -#ifdef WITH_SECRETS +# endif +# ifdef WITH_SECRETS if (virDriverLoadModule("secret", "secretRegister", false) < 0) return -1; -#endif -#ifdef WITH_STORAGE +# endif +# ifdef WITH_STORAGE if (virDriverLoadModule("storage", "storageRegister", false) < 0) return -1; -#endif -#ifdef WITH_NODE_DEVICES +# endif +# ifdef WITH_NODE_DEVICES if (virDriverLoadModule("nodedev", "nodedevRegister", false) < 0) return -1; -#endif -#ifdef WITH_NWFILTER +# endif +# ifdef WITH_NWFILTER if (virDriverLoadModule("nwfilter", "nwfilterRegister", false) < 0) return -1; -#endif -#ifdef WITH_LIBXL +# endif +# ifdef WITH_LIBXL if (virDriverLoadModule("libxl", "libxlRegister", false) < 0) return -1; -#endif -#ifdef WITH_QEMU +# endif +# ifdef WITH_QEMU if (virDriverLoadModule("qemu", "qemuRegister", false) < 0) return -1; -#endif -#ifdef WITH_LXC +# endif +# ifdef WITH_LXC if (virDriverLoadModule("lxc", "lxcRegister", false) < 0) return -1; -#endif -#ifdef WITH_VBOX +# endif +# ifdef WITH_VBOX if (virDriverLoadModule("vbox", "vboxRegister", false) < 0) return -1; -#endif -#ifdef WITH_BHYVE +# endif +# ifdef WITH_BHYVE if (virDriverLoadModule("bhyve", "bhyveRegister", false) < 0) return -1; -#endif -#ifdef WITH_VZ +# endif +# ifdef WITH_VZ if (virDriverLoadModule("vz", "vzRegister", false) < 0) return -1; +# endif #endif return 0; } -- 2.21.0

On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote: [...]
+++ b/src/remote/remote_daemon.c @@ -303,6 +303,10 @@ static int daemonErrorLogFilter(virErrorPtr err, int priority)
static int daemonInitialize(void) { +#ifdef MODULE_NAME + if (virDriverLoadModule(MODULE_NAME, MODULE_NAME "Register", true) < 0) + return -1;
Perhaps a short comment along the lines of what you explained in the commit message would be in order here? Regardless, Reviewed-by: Andrea Bolognani <abologna@redhat.com> -- Andrea Bolognani / Red Hat / Virtualization

Prepare for reusing libvirtd source to create other daemons by making the use of IP sockets conditionally defined by the make rules. The main libvirtd daemon will retain IP listen ability, but all the driver specific daemons will be local UNIX sockets only. Apps needing IP connectivity will connect via the libvirtd daemon which will proxy to the driver specfic daemon. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/remote/Makefile.inc.am | 1 + src/remote/remote_daemon.c | 39 ++++++++++++++++++++++++++----- src/remote/remote_daemon_config.c | 36 ++++++++++++++++++++-------- src/remote/remote_daemon_config.h | 9 ++++++- 4 files changed, 68 insertions(+), 17 deletions(-) diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index b72186109a..2277bf49d2 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -148,6 +148,7 @@ libvirtd_CFLAGS = \ -I$(srcdir)/rpc \ -DSOCK_PREFIX="\"libvirt\"" \ -DDAEMON_NAME="\"libvirtd\"" \ + -DENABLE_IP \ $(NULL) libvirtd_LDFLAGS = \ diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c index 2abeb08e16..45b52af987 100644 --- a/src/remote/remote_daemon.c +++ b/src/remote/remote_daemon.c @@ -371,11 +371,13 @@ static int ATTRIBUTE_NONNULL(3) daemonSetupNetworking(virNetServerPtr srv, virNetServerPtr srvAdm, struct daemonConfig *config, +#ifdef ENABLE_IP + bool ipsock, + bool privileged, +#endif /* ! ENABLE_IP */ const char *sock_path, const char *sock_path_ro, - const char *sock_path_adm, - bool ipsock, - bool privileged) + const char *sock_path_adm) { gid_t unix_sock_gid = 0; int unix_sock_ro_mask = 0; @@ -387,15 +389,19 @@ daemonSetupNetworking(virNetServerPtr srv, { .name = DAEMON_NAME ".socket", .family = AF_UNIX, .path = sock_path }, { .name = DAEMON_NAME "-ro.socket", .family = AF_UNIX, .path = sock_path_ro }, { .name = DAEMON_NAME "-admin.socket", .family = AF_UNIX, .path = sock_path_adm }, +#ifdef ENABLE_IP { .name = DAEMON_NAME "-tcp.socket", .family = AF_INET }, { .name = DAEMON_NAME "-tls.socket", .family = AF_INET }, +#endif /* ! ENABLE_IP */ }; +#ifdef ENABLE_IP if ((actmap[3].port = virSocketAddrResolveService(config->tcp_port)) < 0) return -1; if ((actmap[4].port = virSocketAddrResolveService(config->tls_port)) < 0) return -1; +#endif /* ! ENABLE_IP */ if (virSystemdGetActivation(actmap, ARRAY_CARDINALITY(actmap), &act) < 0) return -1; @@ -460,6 +466,7 @@ daemonSetupNetworking(virNetServerPtr srv, config->admin_max_client_requests) < 0) goto cleanup; +#ifdef ENABLE_IP if (((ipsock && config->listen_tcp) || act) && virNetServerAddServiceTCP(srv, act, @@ -534,6 +541,7 @@ daemonSetupNetworking(virNetServerPtr srv, } virObjectUnref(ctxt); } +#endif /* ! ENABLE_IP */ if (act && virSystemdActivationComplete(act) < 0) @@ -880,7 +888,9 @@ daemonUsage(const char *argv0, bool privileged) { "-h | --help", N_("Display program help") }, { "-v | --verbose", N_("Verbose messages") }, { "-d | --daemon", N_("Run as a daemon & write PID file") }, +#ifdef ENABLE_IP { "-l | --listen", N_("Listen for TCP/IP connections") }, +#endif /* ENABLE_IP */ { "-t | --timeout <secs>", N_("Exit after timeout period") }, { "-f | --config <file>", N_("Configuration file") }, { "-V | --version", N_("Display version information") }, @@ -917,6 +927,7 @@ daemonUsage(const char *argv0, bool privileged) LOCALSTATEDIR "/run/libvirt/" SOCK_PREFIX "-sock-ro"); fprintf(stderr, "\n"); +#ifdef ENABLE_IP fprintf(stderr, " %s:\n", _("TLS")); fprintf(stderr, " %s: %s\n", _("CA certificate"), @@ -928,6 +939,7 @@ daemonUsage(const char *argv0, bool privileged) _("Server private key"), privileged ? LIBVIRT_SERVERKEY : "$HOME/.pki/libvirt/serverkey.pem"); fprintf(stderr, "\n"); +#endif /* ENABLE_IP */ fprintf(stderr, " %s:\n", _("PID file (unless overridden by -p)")); @@ -954,7 +966,9 @@ int main(int argc, char **argv) { int timeout = -1; /* -t: Shutdown timeout */ int verbose = 0; int godaemon = 0; +#ifdef ENABLE_IP int ipsock = 0; +#endif /* ! ENABLE_IP */ struct daemonConfig *config; bool privileged = geteuid() == 0 ? true : false; bool implicit_conf = false; @@ -964,7 +978,9 @@ int main(int argc, char **argv) { struct option opts[] = { { "verbose", no_argument, &verbose, 'v'}, { "daemon", no_argument, &godaemon, 'd'}, +#ifdef ENABLE_IP { "listen", no_argument, &ipsock, 'l'}, +#endif /* ! ENABLE_IP */ { "config", required_argument, NULL, 'f'}, { "timeout", required_argument, NULL, 't'}, { "pid-file", required_argument, NULL, 'p'}, @@ -988,7 +1004,13 @@ int main(int argc, char **argv) { int c; char *tmp; - c = getopt_long(argc, argv, "ldf:p:t:vVh", opts, &optidx); + c = getopt_long(argc, argv, +#ifdef ENABLE_IP + "ldf:p:t:vVh", +#else /* ! ENABLE_IP */ + "df:p:t:vVh", +#endif /* ! ENABLE_IP */ + opts, &optidx); if (c == -1) break; @@ -1003,9 +1025,11 @@ int main(int argc, char **argv) { case 'd': godaemon = 1; break; +#ifdef ENABLE_IP case 'l': ipsock = 1; break; +#endif /* ! ENABLE_IP */ case 't': if (virStrToLong_i(optarg, &tmp, 10, &timeout) != 0 @@ -1319,10 +1343,13 @@ int main(int argc, char **argv) { if (daemonSetupNetworking(srv, srvAdm, config, +#ifdef ENABLE_IP + ipsock, + privileged, +#endif /* !ENABLE_IP */ sock_file, sock_file_ro, - sock_file_adm, - ipsock, privileged) < 0) { + sock_file_adm) < 0) { ret = VIR_DAEMON_ERR_NETWORK; goto cleanup; } diff --git a/src/remote/remote_daemon_config.c b/src/remote/remote_daemon_config.c index 3e62b4203f..3c5ccd5ba8 100644 --- a/src/remote/remote_daemon_config.c +++ b/src/remote/remote_daemon_config.c @@ -107,12 +107,14 @@ daemonConfigNew(bool privileged ATTRIBUTE_UNUSED) if (VIR_ALLOC(data) < 0) return NULL; +#ifdef ENABLE_IP data->listen_tls = 1; data->listen_tcp = 0; if (VIR_STRDUP(data->tls_port, LIBVIRTD_TLS_PORT) < 0 || VIR_STRDUP(data->tcp_port, LIBVIRTD_TCP_PORT) < 0) goto error; +#endif /* !ENABLE_IP */ /* Only default to PolicyKit if running as root */ #if WITH_POLKIT @@ -133,12 +135,14 @@ daemonConfigNew(bool privileged ATTRIBUTE_UNUSED) VIR_STRDUP(data->unix_sock_admin_perms, "0700") < 0) goto error; -#if WITH_SASL +#ifdef ENABLE_IP +# if WITH_SASL data->auth_tcp = REMOTE_AUTH_SASL; -#else +# else data->auth_tcp = REMOTE_AUTH_NONE; -#endif +# endif data->auth_tls = REMOTE_AUTH_NONE; +#endif /* ! ENABLE_IP */ data->min_workers = 5; data->max_workers = 20; @@ -182,9 +186,12 @@ daemonConfigFree(struct daemonConfig *data) if (!data) return; +#ifdef ENABLE_IP VIR_FREE(data->listen_addr); VIR_FREE(data->tls_port); VIR_FREE(data->tcp_port); +#endif /* ! ENABLE_IP */ + tmp = data->access_drivers; while (tmp && *tmp) { VIR_FREE(*tmp); @@ -198,25 +205,28 @@ daemonConfigFree(struct daemonConfig *data) VIR_FREE(data->unix_sock_group); VIR_FREE(data->unix_sock_dir); - tmp = data->tls_allowed_dn_list; + tmp = data->sasl_allowed_username_list; while (tmp && *tmp) { VIR_FREE(*tmp); tmp++; } - VIR_FREE(data->tls_allowed_dn_list); + VIR_FREE(data->sasl_allowed_username_list); - tmp = data->sasl_allowed_username_list; +#ifdef ENABLE_IP + tmp = data->tls_allowed_dn_list; while (tmp && *tmp) { VIR_FREE(*tmp); tmp++; } - VIR_FREE(data->sasl_allowed_username_list); + VIR_FREE(data->tls_allowed_dn_list); + VIR_FREE(data->tls_priority); VIR_FREE(data->key_file); VIR_FREE(data->ca_file); VIR_FREE(data->cert_file); VIR_FREE(data->crl_file); +#endif /* ! ENABLE_IP */ VIR_FREE(data->host_uuid); VIR_FREE(data->host_uuid_source); @@ -231,6 +241,7 @@ daemonConfigLoadOptions(struct daemonConfig *data, const char *filename, virConfPtr conf) { +#ifdef ENABLE_IP if (virConfGetValueBool(conf, "listen_tcp", &data->listen_tcp) < 0) goto error; if (virConfGetValueBool(conf, "listen_tls", &data->listen_tls) < 0) @@ -241,6 +252,7 @@ daemonConfigLoadOptions(struct daemonConfig *data, goto error; if (virConfGetValueString(conf, "listen_addr", &data->listen_addr) < 0) goto error; +#endif /* !ENABLE_IP */ if (remoteConfigGetAuth(conf, filename, "auth_unix_rw", &data->auth_unix_rw) < 0) goto error; @@ -256,10 +268,13 @@ daemonConfigLoadOptions(struct daemonConfig *data, #endif if (remoteConfigGetAuth(conf, filename, "auth_unix_ro", &data->auth_unix_ro) < 0) goto error; + +#ifdef ENABLE_IP if (remoteConfigGetAuth(conf, filename, "auth_tcp", &data->auth_tcp) < 0) goto error; if (remoteConfigGetAuth(conf, filename, "auth_tls", &data->auth_tls) < 0) goto error; +#endif /* ! ENABLE_IP */ if (virConfGetValueStringList(conf, "access_drivers", false, &data->access_drivers) < 0) @@ -277,6 +292,7 @@ daemonConfigLoadOptions(struct daemonConfig *data, if (virConfGetValueString(conf, "unix_sock_dir", &data->unix_sock_dir) < 0) goto error; +#ifdef ENABLE_IP if (virConfGetValueBool(conf, "tls_no_sanity_certificate", &data->tls_no_sanity_certificate) < 0) goto error; if (virConfGetValueBool(conf, "tls_no_verify_certificate", &data->tls_no_verify_certificate) < 0) @@ -295,14 +311,14 @@ daemonConfigLoadOptions(struct daemonConfig *data, &data->tls_allowed_dn_list) < 0) goto error; + if (virConfGetValueString(conf, "tls_priority", &data->tls_priority) < 0) + goto error; +#endif /* ! ENABLE_IP */ if (virConfGetValueStringList(conf, "sasl_allowed_username_list", false, &data->sasl_allowed_username_list) < 0) goto error; - if (virConfGetValueString(conf, "tls_priority", &data->tls_priority) < 0) - goto error; - if (virConfGetValueUInt(conf, "min_workers", &data->min_workers) < 0) goto error; if (virConfGetValueUInt(conf, "max_workers", &data->max_workers) < 0) diff --git a/src/remote/remote_daemon_config.h b/src/remote/remote_daemon_config.h index d580e7d49c..842ce98c60 100644 --- a/src/remote/remote_daemon_config.h +++ b/src/remote/remote_daemon_config.h @@ -27,11 +27,13 @@ struct daemonConfig { char *host_uuid; char *host_uuid_source; +#ifdef ENABLE_IP bool listen_tls; bool listen_tcp; char *listen_addr; char *tls_port; char *tcp_port; +#endif /* ! ENABLE_IP */ char *unix_sock_admin_perms; char *unix_sock_ro_perms; @@ -41,21 +43,26 @@ struct daemonConfig { int auth_unix_rw; int auth_unix_ro; +#ifdef ENABLE_IP int auth_tcp; int auth_tls; +#endif /* ! ENABLE_IP */ char **access_drivers; +#ifdef ENABLE_IP bool tls_no_verify_certificate; bool tls_no_sanity_certificate; char **tls_allowed_dn_list; - char **sasl_allowed_username_list; char *tls_priority; char *key_file; char *cert_file; char *ca_file; char *crl_file; +#endif /* ! ENABLE_IP */ + + char **sasl_allowed_username_list; unsigned int min_workers; unsigned int max_workers; -- 2.21.0

On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote: [...]
@@ -988,7 +1004,13 @@ int main(int argc, char **argv) { int c; char *tmp;
- c = getopt_long(argc, argv, "ldf:p:t:vVh", opts, &optidx); + c = getopt_long(argc, argv, +#ifdef ENABLE_IP + "ldf:p:t:vVh", +#else /* ! ENABLE_IP */ + "df:p:t:vVh", +#endif /* ! ENABLE_IP */ + opts, &optidx);
This looks pretty awful... Can you please do something like #ifdef ENABLE_IP const char *optstr = "ldf:p:t:vVh"; #else /* ! ENABLE_IP */ const char *optstr = "df:p:t:vVh"; #endif /* ! ENABLE_IP */ c = getopt_long(argc, argv, optstr, opts, &optidx); instead? [...]
@@ -1003,9 +1025,11 @@ int main(int argc, char **argv) { case 'd': godaemon = 1; break;
One extra empty line here for clarity, please...
+#ifdef ENABLE_IP case 'l': ipsock = 1; break; +#endif /* ! ENABLE_IP */
[...]
+++ b/src/remote/remote_daemon_config.h @@ -41,21 +43,26 @@ struct daemonConfig {
int auth_unix_rw; int auth_unix_ro;
... and one here as well. With the above addressed, Reviewed-by: Andrea Bolognani <abologna@redhat.com> [...]
+ char **sasl_allowed_username_list;
I like this approach you've taken of completely eliminating structure members when the corresponding feature is not compiled in, and in fact I think we should use it more extensively: for example, we should guard sasl_allowed_username_list with IF_SASL. Out of scope for the patch series at hand, of course! :) -- Andrea Bolognani / Red Hat / Virtualization

Prepare for reusing libvirtd config to create other daemons by making the config parameters for IP sockets conditionally defined by the make rules. The main libvirtd daemon will retain IP listen ability, but all the driver specific daemons will be local UNIX sockets only. Apps needing IP connectivity will connect via the libvirtd daemon which will proxy to the driver specfic daemon. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- .gitignore | 1 + src/remote/Makefile.inc.am | 16 +++++-- .../{libvirtd.conf => libvirtd.conf.in} | 42 +++++++++++-------- src/remote/test_libvirtd.aug.in | 2 +- 4 files changed, 40 insertions(+), 21 deletions(-) rename src/remote/{libvirtd.conf => libvirtd.conf.in} (95%) diff --git a/.gitignore b/.gitignore index d75b24c743..a09f45af50 100644 --- a/.gitignore +++ b/.gitignore @@ -158,6 +158,7 @@ /src/remote/*_client_bodies.h /src/remote/*_protocol.[ch] /src/remote/*_stubs.h +/src/remote/libvirtd.conf /src/remote/test_libvirtd.aug /src/rpc/virkeepaliveprotocol.[ch] /src/rpc/virnetprotocol.[ch] diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index 2277bf49d2..15c100cc86 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -76,7 +76,7 @@ EXTRA_DIST += \ $(LIBVIRTD_SOURCES) \ remote/test_libvirtd.aug.in \ remote/libvirtd.aug \ - remote/libvirtd.conf \ + remote/libvirtd.conf.in \ remote/libvirtd.policy \ remote/libvirtd.rules \ remote/libvirtd.sasl \ @@ -93,6 +93,9 @@ MAINTAINERCLEANFILES += \ $(REMOTE_DRIVER_GENERATED) \ $(LIBVIRTD_GENERATED) \ $(NULL) +CLEANFILES += \ + remote/libvirtd.conf \ + $(NULL) if WITH_REMOTE noinst_LTLIBRARIES += libvirt_driver_remote.la @@ -128,7 +131,7 @@ augeas_DATA += remote/libvirtd.aug augeastest_DATA += remote/test_libvirtd.aug -conf_DATA += remote/libvirtd.conf +nodist_conf_DATA += remote/libvirtd.conf man8_MANS += libvirtd.8 @@ -179,6 +182,13 @@ libvirtd_LDADD += \ $(LIBSOCKET) \ $(NULL) +remote/libvirtd.conf: remote/libvirtd.conf.in + $(AM_V_GEN)sed \ + -e '/:: CUT ENABLE_IP ::/d' \ + -e '/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/libvirtd/' \ + < $^ > $@ + INSTALL_DATA_DIRS += remote install-data-remote: @@ -189,7 +199,7 @@ uninstall-data-remote: remote/test_libvirtd.aug: remote/test_libvirtd.aug.in \ remote/libvirtd.conf $(AUG_GENTEST) - $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/remote/libvirtd.conf $< > $@ + $(AM_V_GEN)$(AUG_GENTEST) remote/libvirtd.conf $< > $@ if WITH_SYSCTL # Use $(prefix)/lib rather than $(libdir), since man sysctl.d insists on diff --git a/src/remote/libvirtd.conf b/src/remote/libvirtd.conf.in similarity index 95% rename from src/remote/libvirtd.conf rename to src/remote/libvirtd.conf.in index b63b8d61b7..a6c2dd7467 100644 --- a/src/remote/libvirtd.conf +++ b/src/remote/libvirtd.conf.in @@ -1,13 +1,14 @@ # Master libvirt daemon configuration file # +:: CUT ENABLE_IP :: ################################################################# # # Network connectivity controls # # Flag listening for secure TLS connections on the public TCP/IP port. -# NB, must pass the --listen flag to the libvirtd process for this to +# NB, must pass the --listen flag to the :: DAEMON_NAME :: process for this to # have any effect. # # This setting is not required or honoured if using systemd socket @@ -20,7 +21,7 @@ #listen_tls = 0 # Listen for unencrypted TCP connections on the public TCP/IP port. -# NB, must pass the --listen flag to the libvirtd process for this to +# NB, must pass the --listen flag to the :: DAEMON_NAME :: process for this to # have any effect. # # This setting is not required or honoured if using systemd socket @@ -58,13 +59,14 @@ # This setting is not required or honoured if using systemd socket # activation. # -# If the libvirtd service is started in parallel with network +# If the :: DAEMON_NAME :: service is started in parallel with network # startup (e.g. with systemd), binding to addresses other than # the wildcards (0.0.0.0/::) might not be available yet. # #listen_addr = "192.168.0.1" +:: END :: ################################################################# # # UNIX socket access controls @@ -157,6 +159,7 @@ # If the unix_sock_rw_perms are changed you may wish to enable # an authentication mechanism here #auth_unix_rw = "none" +:: CUT ENABLE_IP :: # Change the authentication scheme for TCP sockets. # @@ -174,6 +177,7 @@ # It is possible to make use of any SASL authentication # mechanism as well, by using 'sasl' for this option #auth_tls = "none" +:: END :: # Change the API access control scheme @@ -182,10 +186,11 @@ # to all APIs. Access drivers can place restrictions # on this. By default the 'nop' driver is enabled, # meaning no access control checks are done once a -# client has authenticated with libvirtd +# client has authenticated with :: DAEMON_NAME :: # #access_drivers = [ "polkit" ] +:: CUT ENABLE_IP :: ################################################################# # # TLS x509 certificate configuration @@ -225,15 +230,17 @@ +:: END :: ################################################################# # # Authorization controls # +:: CUT ENABLE_IP :: # Flag to disable verification of our own server certificates # -# When libvirtd starts it performs some sanity checks against +# When :: DAEMON_NAME :: starts it performs some sanity checks against # its own certificates. # # Default is to always run sanity checks. Uncommenting this @@ -265,6 +272,15 @@ #tls_allowed_dn_list = ["DN1", "DN2"] +# Override the compile time default TLS priority string. The +# default is usually "NORMAL" unless overridden at build time. +# Only set this is it is desired for libvirt to deviate from +# the global default settings. +# +#tls_priority="NORMAL" + + +:: END :: # A whitelist of allowed SASL usernames. The format for username # depends on the SASL authentication mechanism. Kerberos usernames # look like username@REALM @@ -282,14 +298,6 @@ #sasl_allowed_username_list = ["joe@EXAMPLE.COM", "fred@EXAMPLE.COM" ] -# Override the compile time default TLS priority string. The -# default is usually "NORMAL" unless overridden at build time. -# Only set this is it is desired for libvirt to deviate from -# the global default settings. -# -#tls_priority="NORMAL" - - ################################################################# # # Processing controls @@ -417,8 +425,8 @@ # 4: ERROR # # Multiple outputs can be defined, they just need to be separated by spaces. -# e.g. to log all warnings and errors to syslog under the libvirtd ident: -#log_outputs="3:syslog:libvirtd" +# e.g. to log all warnings and errors to syslog under the :: DAEMON_NAME :: ident: +#log_outputs="3:syslog::: DAEMON_NAME ::" ################################################################## @@ -461,7 +469,7 @@ ################################################################### # Keepalive protocol: -# This allows libvirtd to detect broken client connections or even +# This allows :: DAEMON_NAME :: to detect broken client connections or even # dead clients. A keepalive message is sent to a client after # keepalive_interval seconds of inactivity to check if the client is # still responding; keepalive_count is a maximum number of keepalive @@ -470,7 +478,7 @@ # words, the connection is automatically closed approximately after # keepalive_interval * (keepalive_count + 1) seconds since the last # message received from the client. If keepalive_interval is set to -# -1, libvirtd will never send keepalive requests; however clients +# -1, :: DAEMON_NAME :: will never send keepalive requests; however clients # can still send them and the daemon will send responses. When # keepalive_count is set to 0, connections will be automatically # closed after keepalive_interval seconds of inactivity without diff --git a/src/remote/test_libvirtd.aug.in b/src/remote/test_libvirtd.aug.in index ad6450a569..a4c7b4afe8 100644 --- a/src/remote/test_libvirtd.aug.in +++ b/src/remote/test_libvirtd.aug.in @@ -29,11 +29,11 @@ module Test_libvirtd = { "1" = "DN1"} { "2" = "DN2"} } + { "tls_priority" = "NORMAL" } { "sasl_allowed_username_list" { "1" = "joe@EXAMPLE.COM" } { "2" = "fred@EXAMPLE.COM" } } - { "tls_priority" = "NORMAL" } { "max_clients" = "5000" } { "max_queued_clients" = "1000" } { "max_anonymous_clients" = "20" } -- 2.21.0

On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote:
+remote/libvirtd.conf: remote/libvirtd.conf.in + $(AM_V_GEN)sed \ + -e '/:: CUT ENABLE_IP ::/d' \ + -e '/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/libvirtd/' \ + < $^ > $@
Using $^ seems a bit weird considering that you have a single input... Any reason not to use $< here? I would also use @DAEMON_NAME@ instead of ":: DAEMON_NAME ::" since the former style is already used everywhere for simple value replacement in .in files. -- Andrea Bolognani / Red Hat / Virtualization

On Fri, Jul 26, 2019 at 03:59:23PM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote:
+remote/libvirtd.conf: remote/libvirtd.conf.in + $(AM_V_GEN)sed \ + -e '/:: CUT ENABLE_IP ::/d' \ + -e '/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/libvirtd/' \ + < $^ > $@
Using $^ seems a bit weird considering that you have a single input... Any reason not to use $< here?
it is an accident.
I would also use @DAEMON_NAME@ instead of ":: DAEMON_NAME ::" since the former style is already used everywhere for simple value replacement in .in files.
The augeas files already use "::" which is why I picked that. So we'll need another patch first to remove existing usage. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

On Fri, 2019-07-26 at 16:22 +0100, Daniel P. Berrangé wrote:
On Fri, Jul 26, 2019 at 03:59:23PM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote:
+remote/libvirtd.conf: remote/libvirtd.conf.in + $(AM_V_GEN)sed \ + -e '/:: CUT ENABLE_IP ::/d' \ + -e '/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/libvirtd/' \ + < $^ > $@
Using $^ seems a bit weird considering that you have a single input... Any reason not to use $< here?
it is an accident.
I would also use @DAEMON_NAME@ instead of ":: DAEMON_NAME ::" since the former style is already used everywhere for simple value replacement in .in files.
The augeas files already use "::" which is why I picked that. So we'll need another patch first to remove existing usage.
Yeah, it'd make sense to use @CONFIG@ as well. With $^ replaced with $< and ":: DAEMON_NAME ::" replaced with @DAEMON_NAME@, Reviewed-by: Andrea Bolognani <abologna@redhat.com> -- Andrea Bolognani / Red Hat / Virtualization

Prepare for reusing libvirtd augeas defintions with other daemons by making the config parameters for IP sockets conditionally defined by the make rules. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- .gitignore | 1 + build-aux/augeas-gentest.pl | 2 +- src/remote/Makefile.inc.am | 20 +++++++++++++-- src/remote/{libvirtd.aug => libvirtd.aug.in} | 26 +++++++++++++------- src/remote/test_libvirtd.aug.in | 14 ++++++++--- 5 files changed, 47 insertions(+), 16 deletions(-) rename src/remote/{libvirtd.aug => libvirtd.aug.in} (89%) diff --git a/.gitignore b/.gitignore index a09f45af50..4463660c85 100644 --- a/.gitignore +++ b/.gitignore @@ -158,6 +158,7 @@ /src/remote/*_client_bodies.h /src/remote/*_protocol.[ch] /src/remote/*_stubs.h +/src/remote/libvirtd.aug /src/remote/libvirtd.conf /src/remote/test_libvirtd.aug /src/rpc/virkeepaliveprotocol.[ch] diff --git a/build-aux/augeas-gentest.pl b/build-aux/augeas-gentest.pl index faf2fd593e..b94c1f2b7f 100755 --- a/build-aux/augeas-gentest.pl +++ b/build-aux/augeas-gentest.pl @@ -30,7 +30,7 @@ open TEMPLATE, "<", $template or die "cannot read $template: $!"; my $group = 0; while (<TEMPLATE>) { - if (/::CONFIG::/) { + if (/::\s*CONFIG\s*::/) { my $group = 0; print " let conf = \""; while (<CONFIG>) { diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index 15c100cc86..a11b2ff9b9 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -75,7 +75,7 @@ EXTRA_DIST += \ $(REMOTE_DRIVER_SOURCES) \ $(LIBVIRTD_SOURCES) \ remote/test_libvirtd.aug.in \ - remote/libvirtd.aug \ + remote/libvirtd.aug.in \ remote/libvirtd.conf.in \ remote/libvirtd.policy \ remote/libvirtd.rules \ @@ -133,6 +133,8 @@ augeastest_DATA += remote/test_libvirtd.aug nodist_conf_DATA += remote/libvirtd.conf +CLEANFILES += remote/libvirtd.aug + man8_MANS += libvirtd.8 libvirtd_SOURCES = $(LIBVIRTD_SOURCES) @@ -197,9 +199,23 @@ install-data-remote: uninstall-data-remote: rmdir "$(DESTDIR)$(localstatedir)/log/libvirt" ||: +remote/libvirtd.aug: remote/libvirtd.aug.in + $(AM_V_GEN)$(SED) \ + -e '/:: CUT ENABLE_IP ::/d' \ + -e '/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/libvirtd/' \ + -e 's/:: DAEMON_NAME_UC ::/Libvirtd/' \ + $< > $@ + remote/test_libvirtd.aug: remote/test_libvirtd.aug.in \ remote/libvirtd.conf $(AUG_GENTEST) - $(AM_V_GEN)$(AUG_GENTEST) remote/libvirtd.conf $< > $@ + $(AM_V_GEN)$(AUG_GENTEST) remote/libvirtd.conf \ + $(srcdir)/remote/test_libvirtd.aug.in | \ + $(SED) -e '/:: CUT ENABLE_IP ::/d' \ + -e '/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/libvirtd/' \ + -e 's/:: DAEMON_NAME_UC ::/Libvirtd/' \ + > $@ || rm -f $@ if WITH_SYSCTL # Use $(prefix)/lib rather than $(libdir), since man sysctl.d insists on diff --git a/src/remote/libvirtd.aug b/src/remote/libvirtd.aug.in similarity index 89% rename from src/remote/libvirtd.aug rename to src/remote/libvirtd.aug.in index 0188c23dd7..9410afb51c 100644 --- a/src/remote/libvirtd.aug +++ b/src/remote/libvirtd.aug.in @@ -1,6 +1,6 @@ -(* /etc/libvirt/libvirtd.conf *) +(* /etc/libvirt/:: DAEMON_NAME ::.conf *) -module Libvirtd = +module :: DAEMON_NAME_UC :: = autoload xfm let eol = del /[ \t]*\n/ "\n" @@ -24,11 +24,13 @@ module Libvirtd = (* Config entry grouped by function - same order as example config *) +:: CUT ENABLE_IP :: let network_entry = bool_entry "listen_tls" | bool_entry "listen_tcp" | str_entry "tls_port" | str_entry "tcp_port" | str_entry "listen_addr" +:: END :: let sock_acl_entry = str_entry "unix_sock_group" | str_entry "unix_sock_ro_perms" @@ -38,6 +40,7 @@ module Libvirtd = let authentication_entry = str_entry "auth_unix_ro" | str_entry "auth_unix_rw" +:: CUT ENABLE_IP :: | str_entry "auth_tcp" | str_entry "auth_tls" @@ -46,12 +49,14 @@ module Libvirtd = | str_entry "ca_file" | str_entry "crl_file" - let authorization_entry = bool_entry "tls_no_verify_certificate" + let tls_authorization_entry = bool_entry "tls_no_verify_certificate" | bool_entry "tls_no_sanity_certificate" | str_array_entry "tls_allowed_dn_list" - | str_array_entry "sasl_allowed_username_list" - | str_array_entry "access_drivers" | str_entry "tls_priority" +:: END :: + + let misc_authorization_entry = str_array_entry "sasl_allowed_username_list" + | str_array_entry "access_drivers" let processing_entry = int_entry "min_workers" | int_entry "max_workers" @@ -87,11 +92,14 @@ module Libvirtd = | int_entry "ovs_timeout" (* Each enty in the config is one of the following three ... *) - let entry = network_entry - | sock_acl_entry + let entry = sock_acl_entry | authentication_entry +:: CUT ENABLE_IP :: + | network_entry | certificate_entry - | authorization_entry + | tls_authorization_entry +:: END :: + | misc_authorization_entry | processing_entry | admin_processing_entry | logging_entry @@ -106,7 +114,7 @@ module Libvirtd = let lns = ( record | comment | empty ) * - let filter = incl "/etc/libvirt/libvirtd.conf" + let filter = incl "/etc/libvirt/:: DAEMON_NAME ::.conf" . Util.stdexcl let xfm = transform lns filter diff --git a/src/remote/test_libvirtd.aug.in b/src/remote/test_libvirtd.aug.in index a4c7b4afe8..ac3e0493b6 100644 --- a/src/remote/test_libvirtd.aug.in +++ b/src/remote/test_libvirtd.aug.in @@ -1,12 +1,14 @@ -module Test_libvirtd = - ::CONFIG:: +module Test_:: DAEMON_NAME :: = + :: CONFIG :: - test Libvirtd.lns get conf = + test :: DAEMON_NAME_UC ::.lns get conf = +:: CUT ENABLE_IP :: { "listen_tls" = "0" } { "listen_tcp" = "1" } { "tls_port" = "16514" } { "tcp_port" = "16509" } { "listen_addr" = "192.168.0.1" } +:: END :: { "unix_sock_group" = "libvirt" } { "unix_sock_ro_perms" = "0777" } { "unix_sock_rw_perms" = "0770" } @@ -14,11 +16,14 @@ module Test_libvirtd = { "unix_sock_dir" = "/var/run/libvirt" } { "auth_unix_ro" = "none" } { "auth_unix_rw" = "none" } +:: CUT ENABLE_IP :: { "auth_tcp" = "sasl" } { "auth_tls" = "none" } +:: END :: { "access_drivers" { "1" = "polkit" } } +:: CUT ENABLE_IP :: { "key_file" = "/etc/pki/libvirt/private/serverkey.pem" } { "cert_file" = "/etc/pki/libvirt/servercert.pem" } { "ca_file" = "/etc/pki/CA/cacert.pem" } @@ -30,6 +35,7 @@ module Test_libvirtd = { "2" = "DN2"} } { "tls_priority" = "NORMAL" } +:: END :: { "sasl_allowed_username_list" { "1" = "joe@EXAMPLE.COM" } { "2" = "fred@EXAMPLE.COM" } @@ -48,7 +54,7 @@ module Test_libvirtd = { "admin_max_client_requests" = "5" } { "log_level" = "3" } { "log_filters" = "1:qemu 1:libvirt 4:object 4:json 4:event 1:util" } - { "log_outputs" = "3:syslog:libvirtd" } + { "log_outputs" = "3:syslog::: DAEMON_NAME ::" } { "audit_level" = "2" } { "audit_logging" = "1" } { "host_uuid" = "00000000-0000-0000-0000-000000000000" } -- 2.21.0

On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote: [...]
remote/test_libvirtd.aug: remote/test_libvirtd.aug.in \ remote/libvirtd.conf $(AUG_GENTEST) - $(AM_V_GEN)$(AUG_GENTEST) remote/libvirtd.conf $< > $@ + $(AM_V_GEN)$(AUG_GENTEST) remote/libvirtd.conf \ + $(srcdir)/remote/test_libvirtd.aug.in | \ + $(SED) -e '/:: CUT ENABLE_IP ::/d' \ + -e '/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/libvirtd/' \ + -e 's/:: DAEMON_NAME_UC ::/Libvirtd/' \ + > $@ || rm -f $@
The indentation for sed arguments, especially the first one, is quite awkward here. [...]
+++ b/src/remote/libvirtd.aug.in @@ -1,6 +1,6 @@ -(* /etc/libvirt/libvirtd.conf *) +(* /etc/libvirt/:: DAEMON_NAME ::.conf *)
This is a pretty obvious example of ":: VARIABLE ::" being inferior than the existing convention: compare it with the much more readable (* /etc/libvirt/@DAEMON_NAME@.conf *) [...]
+++ b/src/remote/test_libvirtd.aug.in @@ -48,7 +54,7 @@ module Test_libvirtd = { "admin_max_client_requests" = "5" } { "log_level" = "3" } { "log_filters" = "1:qemu 1:libvirt 4:object 4:json 4:event 1:util" } - { "log_outputs" = "3:syslog:libvirtd" } + { "log_outputs" = "3:syslog::: DAEMON_NAME ::" }
And another example right here: { "log_outputs" = "3:syslog:@DAEMON_NAME@" } would be much better. With the markers used for variable substitution changed, Reviewed-by: Andrea Bolognani <abologna@redhat.com> -- Andrea Bolognani / Red Hat / Virtualization

The same make variables will be useful for building both libvirtd and the split daemons, so refactor & rename variables to facilitate reuse. Automake gets annoyed if you define a variable ending LDFLAGS: src/remote/Makefile.inc.am:53: warning: variable 'REMOTE_DAEMON_LDFLAGS' is defined but no program or src/remote/Makefile.inc.am:53: library has 'REMOTE_DAEMON' as canonical name (possible typo) So we trick it by using an LD_FLAGS or LD_ADD suffix instead. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/remote/Makefile.inc.am | 95 ++++++++++++++++++++------------------ 1 file changed, 51 insertions(+), 44 deletions(-) diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index a11b2ff9b9..e45c0a6ce7 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -18,13 +18,13 @@ REMOTE_DRIVER_SOURCES = \ $(REMOTE_DRIVER_GENERATED) \ $(NULL) -LIBVIRTD_GENERATED = \ +REMOTE_DAEMON_GENERATED = \ remote/remote_daemon_dispatch_stubs.h \ remote/remote_daemon_dispatch_lxc_stubs.h \ remote/remote_daemon_dispatch_qemu_stubs.h \ $(NULL) -LIBVIRTD_SOURCES = \ +REMOTE_DAEMON_SOURCES = \ remote/remote_daemon.c \ remote/remote_daemon.h \ remote/remote_daemon_config.c \ @@ -33,9 +33,50 @@ LIBVIRTD_SOURCES = \ remote/remote_daemon_dispatch.h \ remote/remote_daemon_stream.c \ remote/remote_daemon_stream.h \ - $(LIBVIRTD_GENERATED) \ + $(REMOTE_DAEMON_GENERATED) \ $(NULL) +REMOTE_DAEMON_CFLAGS = \ + $(LIBXML_CFLAGS) \ + $(GNUTLS_CFLAGS) \ + $(SASL_CFLAGS) \ + $(XDR_CFLAGS) \ + $(DBUS_CFLAGS) \ + $(LIBNL_CFLAGS) \ + $(WARN_CFLAGS) \ + $(PIE_CFLAGS) \ + -I$(srcdir)/access \ + -I$(srcdir)/conf \ + -I$(srcdir)/rpc \ + $(NULL) + +REMOTE_DAEMON_LD_FLAGS = \ + $(RELRO_LDFLAGS) \ + $(PIE_LDFLAGS) \ + $(NO_INDIRECT_LDFLAGS) \ + $(NO_UNDEFINED_LDFLAGS) \ + $(NULL) + +REMOTE_DAEMON_LD_ADD = \ + libvirt_driver_admin.la \ + libvirt-lxc.la \ + libvirt-qemu.la \ + libvirt.la \ + $(LIBXML_LIBS) \ + $(GNUTLS_LIBS) \ + $(SASL_LIBS) \ + $(DBUS_LIBS) \ + $(LIBNL_LIBS) \ + $(NULL) + +if WITH_DTRACE_PROBES +REMOTE_DAEMON_LD_ADD += ../src/libvirt_probes.lo +endif WITH_DTRACE_PROBES + +REMOTE_DAEMON_LD_ADD += \ + ../gnulib/lib/libgnu.la \ + $(LIBSOCKET) \ + $(NULL) LOGROTATE_FILES_IN += \ remote/libvirtd.qemu.logrotate.in \ @@ -73,7 +114,7 @@ DRIVER_SOURCE_FILES += $(REMOTE_DRIVER_SOURCES) EXTRA_DIST += \ $(REMOTE_DRIVER_PROTOCOL) \ $(REMOTE_DRIVER_SOURCES) \ - $(LIBVIRTD_SOURCES) \ + $(REMOTE_DAEMON_SOURCES) \ remote/test_libvirtd.aug.in \ remote/libvirtd.aug.in \ remote/libvirtd.conf.in \ @@ -87,11 +128,11 @@ EXTRA_DIST += \ # the WITH_REMOTE/WITH_LIBVIRTD conditionals BUILT_SOURCES += \ $(REMOTE_DRIVER_GENERATED) \ - $(LIBVIRTD_GENERATED) \ + $(REMOTE_DAEMON_GENERATED) \ $(NULL) MAINTAINERCLEANFILES += \ $(REMOTE_DRIVER_GENERATED) \ - $(LIBVIRTD_GENERATED) \ + $(REMOTE_DAEMON_GENERATED) \ $(NULL) CLEANFILES += \ remote/libvirtd.conf \ @@ -137,52 +178,18 @@ CLEANFILES += remote/libvirtd.aug man8_MANS += libvirtd.8 -libvirtd_SOURCES = $(LIBVIRTD_SOURCES) +libvirtd_SOURCES = $(REMOTE_DAEMON_SOURCES) libvirtd_CFLAGS = \ - $(LIBXML_CFLAGS) \ - $(GNUTLS_CFLAGS) \ - $(SASL_CFLAGS) \ - $(XDR_CFLAGS) \ - $(DBUS_CFLAGS) \ - $(LIBNL_CFLAGS) \ - $(WARN_CFLAGS) \ - $(PIE_CFLAGS) \ - -I$(srcdir)/access \ - -I$(srcdir)/conf \ - -I$(srcdir)/rpc \ + $(REMOTE_DAEMON_CFLAGS) \ -DSOCK_PREFIX="\"libvirt\"" \ -DDAEMON_NAME="\"libvirtd\"" \ -DENABLE_IP \ $(NULL) -libvirtd_LDFLAGS = \ - $(RELRO_LDFLAGS) \ - $(PIE_LDFLAGS) \ - $(NO_INDIRECT_LDFLAGS) \ - $(NO_UNDEFINED_LDFLAGS) \ - $(NULL) - -libvirtd_LDADD = \ - libvirt_driver_admin.la \ - libvirt-lxc.la \ - libvirt-qemu.la \ - libvirt.la \ - $(LIBXML_LIBS) \ - $(GNUTLS_LIBS) \ - $(SASL_LIBS) \ - $(DBUS_LIBS) \ - $(LIBNL_LIBS) \ - $(NULL) - -if WITH_DTRACE_PROBES -libvirtd_LDADD += ../src/libvirt_probes.lo -endif WITH_DTRACE_PROBES +libvirtd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) -libvirtd_LDADD += \ - ../gnulib/lib/libgnu.la \ - $(LIBSOCKET) \ - $(NULL) +libvirtd_LDADD = $(REMOTE_DAEMON_LD_ADD) remote/libvirtd.conf: remote/libvirtd.conf.in $(AM_V_GEN)sed \ -- 2.21.0

On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote:
The same make variables will be useful for building both libvirtd and the split daemons, so refactor & rename variables to facilitate reuse.
Automake gets annoyed if you define a variable ending LDFLAGS:
src/remote/Makefile.inc.am:53: warning: variable 'REMOTE_DAEMON_LDFLAGS' is defined but no program or src/remote/Makefile.inc.am:53: library has 'REMOTE_DAEMON' as canonical name (possible typo)
I'd indent this by two spaces for readabilty. You're recreating the pre-existing setup faithfully, so Reviewed-by: Andrea Bolognani <abologna@redhat.com> [...]
+REMOTE_DAEMON_LD_ADD += \ + ../gnulib/lib/libgnu.la \ + $(LIBSOCKET) \ + $(NULL)
As an aside, it looks like $(LIBSOCKET) is a leftover of days long gone and no longer used for anything. -- Andrea Bolognani / Red Hat / Virtualization

On Fri, Jul 26, 2019 at 05:19:56PM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote:
The same make variables will be useful for building both libvirtd and the split daemons, so refactor & rename variables to facilitate reuse.
Automake gets annoyed if you define a variable ending LDFLAGS:
src/remote/Makefile.inc.am:53: warning: variable 'REMOTE_DAEMON_LDFLAGS' is defined but no program or src/remote/Makefile.inc.am:53: library has 'REMOTE_DAEMON' as canonical name (possible typo)
I'd indent this by two spaces for readabilty.
You're recreating the pre-existing setup faithfully, so
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
[...]
+REMOTE_DAEMON_LD_ADD += \ + ../gnulib/lib/libgnu.la \ + $(LIBSOCKET) \ + $(NULL)
As an aside, it looks like $(LIBSOCKET) is a leftover of days long gone and no longer used for anything.
It is something that gnulib defines. Whether it expands to a non-empty string on any of our supported build platforms though, I don't know. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

On Fri, 2019-07-26 at 16:21 +0100, Daniel P. Berrangé wrote:
On Fri, Jul 26, 2019 at 05:19:56PM +0200, Andrea Bolognani wrote:
[...]
+REMOTE_DAEMON_LD_ADD += \ + ../gnulib/lib/libgnu.la \ + $(LIBSOCKET) \ + $(NULL)
As an aside, it looks like $(LIBSOCKET) is a leftover of days long gone and no longer used for anything.
It is something that gnulib defines. Whether it expands to a non-empty string on any of our supported build platforms though, I don't know.
I tried removing it and ran it through the full gauntlet without getting any failures, so I'm pretty confident we don't need it. It'd be pretty weird if we did, since we have at least two other daemons already and neither of those is using it... -- Andrea Bolognani / Red Hat / Virtualization

On Fri, Jul 26, 2019 at 05:46:38PM +0200, Andrea Bolognani wrote:
On Fri, 2019-07-26 at 16:21 +0100, Daniel P. Berrangé wrote:
On Fri, Jul 26, 2019 at 05:19:56PM +0200, Andrea Bolognani wrote:
[...]
+REMOTE_DAEMON_LD_ADD += \ + ../gnulib/lib/libgnu.la \ + $(LIBSOCKET) \ + $(NULL)
As an aside, it looks like $(LIBSOCKET) is a leftover of days long gone and no longer used for anything.
It is something that gnulib defines. Whether it expands to a non-empty string on any of our supported build platforms though, I don't know.
I tried removing it and ran it through the full gauntlet without getting any failures, so I'm pretty confident we don't need it. It'd be pretty weird if we did, since we have at least two other daemons already and neither of those is using it...
LIBSOCKET is set to -lws2_32 on Windows builds. We don't build libvirtd on mingw though which is why you don't see a problem. Previously we would have needed this for cygwin I expect but that's not a supported build target Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

On Mon, 2019-07-29 at 12:39 +0100, Daniel P. Berrangé wrote:
On Fri, Jul 26, 2019 at 05:46:38PM +0200, Andrea Bolognani wrote:
On Fri, 2019-07-26 at 16:21 +0100, Daniel P. Berrangé wrote:
On Fri, Jul 26, 2019 at 05:19:56PM +0200, Andrea Bolognani wrote:
[...]
+REMOTE_DAEMON_LD_ADD += \ + ../gnulib/lib/libgnu.la \ + $(LIBSOCKET) \ + $(NULL)
As an aside, it looks like $(LIBSOCKET) is a leftover of days long gone and no longer used for anything.
It is something that gnulib defines. Whether it expands to a non-empty string on any of our supported build platforms though, I don't know.
I tried removing it and ran it through the full gauntlet without getting any failures, so I'm pretty confident we don't need it. It'd be pretty weird if we did, since we have at least two other daemons already and neither of those is using it...
LIBSOCKET is set to -lws2_32 on Windows builds.
We don't build libvirtd on mingw though which is why you don't see a problem. Previously we would have needed this for cygwin I expect but that's not a supported build target
I guess anyone who wanted to (re?)introduce support for non-MinGW builds will have to address many more issues, so as long as it's not needed on any of our target build platforms we can safely drop it. -- Andrea Bolognani / Red Hat / Virtualization

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/remote/Makefile.inc.am | 5 +++++ src/remote/libvirtd-admin.socket.in | 2 +- src/remote/libvirtd-ro.socket.in | 2 +- src/remote/libvirtd-tcp.socket.in | 2 +- src/remote/libvirtd-tls.socket.in | 2 +- src/remote/libvirtd.service.in | 2 +- src/remote/libvirtd.socket.in | 2 +- 7 files changed, 11 insertions(+), 6 deletions(-) diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index e45c0a6ce7..7fd50a15df 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -301,30 +301,35 @@ libvirtd.service: remote/libvirtd.service.in $(top_builddir)/config.status libvirtd.socket: remote/libvirtd.socket.in $(top_builddir)/config.status $(AM_V_GEN)sed \ -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ < $< > $@-t && \ mv $@-t $@ libvirtd-ro.socket: remote/libvirtd-ro.socket.in $(top_builddir)/config.status $(AM_V_GEN)sed \ -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ < $< > $@-t && \ mv $@-t $@ libvirtd-admin.socket: remote/libvirtd-admin.socket.in $(top_builddir)/config.status $(AM_V_GEN)sed \ -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ < $< > $@-t && \ mv $@-t $@ libvirtd-tcp.socket: remote/libvirtd-tcp.socket.in $(top_builddir)/config.status $(AM_V_GEN)sed \ -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ < $< > $@-t && \ mv $@-t $@ libvirtd-tls.socket: remote/libvirtd-tls.socket.in $(top_builddir)/config.status $(AM_V_GEN)sed \ -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ < $< > $@-t && \ mv $@-t $@ diff --git a/src/remote/libvirtd-admin.socket.in b/src/remote/libvirtd-admin.socket.in index 307c9ba24b..bbab4ea355 100644 --- a/src/remote/libvirtd-admin.socket.in +++ b/src/remote/libvirtd-admin.socket.in @@ -5,7 +5,7 @@ BindsTo=libvirtd.socket After=libvirtd.socket [Socket] -# The directory must match the /etc/libvirt/libvirtd.conf unix_sock_dir setting +# The directory must match the @sysconfdir@/libvirt/libvirtd.conf unix_sock_dir setting # when using systemd version < 227 ListenStream=@localstatedir@/run/libvirt/libvirt-admin-sock Service=libvirtd.service diff --git a/src/remote/libvirtd-ro.socket.in b/src/remote/libvirtd-ro.socket.in index 876daf0c9c..5f8b1892d5 100644 --- a/src/remote/libvirtd-ro.socket.in +++ b/src/remote/libvirtd-ro.socket.in @@ -5,7 +5,7 @@ BindsTo=libvirtd.socket After=libvirtd.socket [Socket] -# The directory must match the /etc/libvirt/libvirtd.conf unix_sock_dir setting +# The directory must match the @sysconfdir@/libvirt/libvirtd.conf unix_sock_dir setting # when using systemd version < 227 ListenStream=@localstatedir@/run/libvirt/libvirt-sock-ro Service=libvirtd.service diff --git a/src/remote/libvirtd-tcp.socket.in b/src/remote/libvirtd-tcp.socket.in index 16a4764283..1103036c45 100644 --- a/src/remote/libvirtd-tcp.socket.in +++ b/src/remote/libvirtd-tcp.socket.in @@ -5,7 +5,7 @@ BindsTo=libvirtd.socket After=libvirtd.socket [Socket] -# This must match the /etc/libvirt/libvirtd.conf tcp_port setting +# This must match the @sysconfdir@/libvirt/libvirtd.conf tcp_port setting # when using systemd version < 227 ListenStream=16509 Service=libvirtd.service diff --git a/src/remote/libvirtd-tls.socket.in b/src/remote/libvirtd-tls.socket.in index e904583cf9..e2b1f839de 100644 --- a/src/remote/libvirtd-tls.socket.in +++ b/src/remote/libvirtd-tls.socket.in @@ -5,7 +5,7 @@ BindsTo=libvirtd.socket After=libvirtd.socket [Socket] -# This must match the /etc/libvirt/libvirtd.conf tls_port setting +# This must match the @sysconfdir@/libvirt/libvirtd.conf tls_port setting # when using systemd version < 227 ListenStream=16514 Service=libvirtd.service diff --git a/src/remote/libvirtd.service.in b/src/remote/libvirtd.service.in index 3ddf0e229b..20d6f84d27 100644 --- a/src/remote/libvirtd.service.in +++ b/src/remote/libvirtd.service.in @@ -20,7 +20,7 @@ Documentation=https://libvirt.org [Service] Type=notify -EnvironmentFile=-/etc/sysconfig/libvirtd +EnvironmentFile=-@sysconfdir@/sysconfig/libvirtd # libvirtd.service is set to run on boot so that autostart of # VMs can be performed. We don't want it to stick around if # unused though, so we set a timeout. The socket activation diff --git a/src/remote/libvirtd.socket.in b/src/remote/libvirtd.socket.in index 2ee4d7d7a2..872f70eb21 100644 --- a/src/remote/libvirtd.socket.in +++ b/src/remote/libvirtd.socket.in @@ -3,7 +3,7 @@ Description=Libvirt local socket Before=libvirtd.service [Socket] -# The directory must match the /etc/libvirt/libvirtd.conf unix_sock_dir setting +# The directory must match the @sysconfdir@/libvirt/libvirtd.conf unix_sock_dir setting # when using systemd version < 227 ListenStream=@localstatedir@/run/libvirt/libvirt-sock Service=libvirtd.service -- 2.21.0

On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote: [...]
+++ b/src/remote/libvirtd.service.in @@ -20,7 +20,7 @@ Documentation=https://libvirt.org
[Service] Type=notify -EnvironmentFile=-/etc/sysconfig/libvirtd +EnvironmentFile=-@sysconfdir@/sysconfig/libvirtd
At least src/locking/virtlockd.service.in src/logging/virtlogd.service.in tools/libvirt-guests.service.in need the same change; additionally, the various .aug files contain references to /etc/libvirt and I think they should be tweaked too. -- Andrea Bolognani / Red Hat / Virtualization

The make rules for the systemd socket unit files are all essentially identical and can be collapsed into a single generic rule. The service unit file rule can be simplified too. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/Makefile.am | 6 +++++ src/remote/Makefile.inc.am | 47 ++++++-------------------------------- 2 files changed, 13 insertions(+), 40 deletions(-) diff --git a/src/Makefile.am b/src/Makefile.am index dbbb94e7f1..d254069e4b 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -89,6 +89,12 @@ man8_MANS = DRIVER_SOURCES = man7_MANS = +COMMON_UNIT_VARS = \ + -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + -e 's|[@]sbindir[@]|$(sbindir)|g' \ + -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ + $(NULL) + include util/Makefile.inc.am include conf/Makefile.inc.am include cpu/Makefile.inc.am diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index 7fd50a15df..6b09fc9294 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -290,48 +290,15 @@ INSTALL_DATA_LOCAL += install-sasl UNINSTALL_LOCAL += uninstall-sasl endif WITH_SASL -libvirtd.service: remote/libvirtd.service.in $(top_builddir)/config.status - $(AM_V_GEN)sed \ - -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ - -e 's|[@]sbindir[@]|$(sbindir)|g' \ - -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ - < $< > $@-t && \ - mv $@-t $@ - -libvirtd.socket: remote/libvirtd.socket.in $(top_builddir)/config.status - $(AM_V_GEN)sed \ - -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ - -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ - < $< > $@-t && \ - mv $@-t $@ - -libvirtd-ro.socket: remote/libvirtd-ro.socket.in $(top_builddir)/config.status - $(AM_V_GEN)sed \ - -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ - -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ - < $< > $@-t && \ - mv $@-t $@ - -libvirtd-admin.socket: remote/libvirtd-admin.socket.in $(top_builddir)/config.status - $(AM_V_GEN)sed \ - -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ - -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ - < $< > $@-t && \ - mv $@-t $@ +LIBVIRTD_UNIT_VARS = \ + $(COMMON_UNIT_VARS) \ + $(NULL) -libvirtd-tcp.socket: remote/libvirtd-tcp.socket.in $(top_builddir)/config.status - $(AM_V_GEN)sed \ - -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ - -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ - < $< > $@-t && \ - mv $@-t $@ +libvirtd.service: remote/libvirtd.service.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(LIBVIRTD_UNIT_VARS) < $< > $@-t && mv $@-t $@ -libvirtd-tls.socket: remote/libvirtd-tls.socket.in $(top_builddir)/config.status - $(AM_V_GEN)sed \ - -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ - -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ - < $< > $@-t && \ - mv $@-t $@ +libvirt%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(LIBVIRTD_UNIT_VARS) < $< > $@-t && mv $@-t $@ virt-guest-shutdown.target: remote/virt-guest-shutdown.target.in \ $(top_builddir)/config.status -- 2.21.0

On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote: [...]
+COMMON_UNIT_VARS = \ + -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + -e 's|[@]sbindir[@]|$(sbindir)|g' \ + -e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \ + $(NULL)
+LIBVIRTD_UNIT_VARS = \ + $(COMMON_UNIT_VARS) \ + $(NULL)
+libvirtd.service: remote/libvirtd.service.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(LIBVIRTD_UNIT_VARS) < $< > $@-t && mv $@-t $@
+libvirt%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(LIBVIRTD_UNIT_VARS) < $< > $@-t && mv $@-t $@
This is a fantastic refactoring that I've been thinking about spending time on for a long time, so thanks a lot for doing it! It's a bummer that we don't go further in our DRY crusade and extend it to .service files (even after the entire series has been applied), but we can always do that as a follow-up series :) Reviewed-by: Andrea Bolognani <abologna@redhat.com> -- Andrea Bolognani / Red Hat / Virtualization

Prepare for reusing libvirtd socket unit files with other daemons by making various parts of their config conditionally defined by the make rules. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/remote/Makefile.inc.am | 3 +++ src/remote/libvirtd-admin.socket.in | 15 ++++++++------- src/remote/libvirtd-ro.socket.in | 15 ++++++++------- src/remote/libvirtd-tcp.socket.in | 13 +++++++------ src/remote/libvirtd-tls.socket.in | 13 +++++++------ src/remote/libvirtd.socket.in | 11 ++++++----- 6 files changed, 39 insertions(+), 31 deletions(-) diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index 6b09fc9294..c56f9230f2 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -292,6 +292,9 @@ endif WITH_SASL LIBVIRTD_UNIT_VARS = \ $(COMMON_UNIT_VARS) \ + -e 's|[@]name[@]|Libvirt|g' \ + -e 's|[@]service[@]|libvirtd|g' \ + -e 's|[@]sockprefix[@]|libvirt|g' \ $(NULL) libvirtd.service: remote/libvirtd.service.in $(top_builddir)/config.status diff --git a/src/remote/libvirtd-admin.socket.in b/src/remote/libvirtd-admin.socket.in index bbab4ea355..dcce7fdc93 100644 --- a/src/remote/libvirtd-admin.socket.in +++ b/src/remote/libvirtd-admin.socket.in @@ -1,14 +1,15 @@ [Unit] -Description=Libvirt admin socket -Before=libvirtd.service -BindsTo=libvirtd.socket -After=libvirtd.socket +Description=@name@ admin socket +Before=@service@.service +BindsTo=@service@.socket +After=@service@.socket +@deps@ [Socket] -# The directory must match the @sysconfdir@/libvirt/libvirtd.conf unix_sock_dir setting +# The directory must match the @sysconfdir@/libvirt/@service@.conf unix_sock_dir setting # when using systemd version < 227 -ListenStream=@localstatedir@/run/libvirt/libvirt-admin-sock -Service=libvirtd.service +ListenStream=@localstatedir@/run/libvirt/@sockprefix@-admin-sock +Service=@service@.service SocketMode=0600 [Install] diff --git a/src/remote/libvirtd-ro.socket.in b/src/remote/libvirtd-ro.socket.in index 5f8b1892d5..a287f78201 100644 --- a/src/remote/libvirtd-ro.socket.in +++ b/src/remote/libvirtd-ro.socket.in @@ -1,14 +1,15 @@ [Unit] -Description=Libvirt local read-only socket -Before=libvirtd.service -BindsTo=libvirtd.socket -After=libvirtd.socket +Description=@name@ local read-only socket +Before=@service@.service +BindsTo=@service@.socket +After=@service@.socket +@deps@ [Socket] -# The directory must match the @sysconfdir@/libvirt/libvirtd.conf unix_sock_dir setting +# The directory must match the @sysconfdir@/libvirt/@service@.conf unix_sock_dir setting # when using systemd version < 227 -ListenStream=@localstatedir@/run/libvirt/libvirt-sock-ro -Service=libvirtd.service +ListenStream=@localstatedir@/run/libvirt/@sockprefix@-sock-ro +Service=@service@.service SocketMode=0666 [Install] diff --git a/src/remote/libvirtd-tcp.socket.in b/src/remote/libvirtd-tcp.socket.in index 1103036c45..dd60317d47 100644 --- a/src/remote/libvirtd-tcp.socket.in +++ b/src/remote/libvirtd-tcp.socket.in @@ -1,14 +1,15 @@ [Unit] -Description=Libvirt non-TLS IP socket -Before=libvirtd.service -BindsTo=libvirtd.socket -After=libvirtd.socket +Description=@name@ non-TLS IP socket +Before=@service@.service +BindsTo=@service@.socket +After=@service@.socket +@deps@ [Socket] -# This must match the @sysconfdir@/libvirt/libvirtd.conf tcp_port setting +# This must match the @sysconfdir@/libvirt/@service@.conf tcp_port setting # when using systemd version < 227 ListenStream=16509 -Service=libvirtd.service +Service=@service@.service [Install] WantedBy=sockets.target diff --git a/src/remote/libvirtd-tls.socket.in b/src/remote/libvirtd-tls.socket.in index e2b1f839de..8b89737fff 100644 --- a/src/remote/libvirtd-tls.socket.in +++ b/src/remote/libvirtd-tls.socket.in @@ -1,14 +1,15 @@ [Unit] -Description=Libvirt TLS IP socket -Before=libvirtd.service -BindsTo=libvirtd.socket -After=libvirtd.socket +Description=@name@ TLS IP socket +Before=@service@.service +BindsTo=@service@.socket +After=@service@.socket +@deps@ [Socket] -# This must match the @sysconfdir@/libvirt/libvirtd.conf tls_port setting +# This must match the @sysconfdir@/libvirt/@service@.conf tls_port setting # when using systemd version < 227 ListenStream=16514 -Service=libvirtd.service +Service=@service@.service [Install] WantedBy=sockets.target diff --git a/src/remote/libvirtd.socket.in b/src/remote/libvirtd.socket.in index 872f70eb21..cb61409e23 100644 --- a/src/remote/libvirtd.socket.in +++ b/src/remote/libvirtd.socket.in @@ -1,12 +1,13 @@ [Unit] -Description=Libvirt local socket -Before=libvirtd.service +Description=@name@ local socket +Before=@service@.service +@deps@ [Socket] -# The directory must match the @sysconfdir@/libvirt/libvirtd.conf unix_sock_dir setting +# The directory must match the @sysconfdir@/libvirt/@service@.conf unix_sock_dir setting # when using systemd version < 227 -ListenStream=@localstatedir@/run/libvirt/libvirt-sock -Service=libvirtd.service +ListenStream=@localstatedir@/run/libvirt/@sockprefix@-sock +Service=@service@.service SocketMode=0666 [Install] -- 2.21.0

On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote: [...]
+++ b/src/remote/Makefile.inc.am @@ -292,6 +292,9 @@ endif WITH_SASL
LIBVIRTD_UNIT_VARS = \ $(COMMON_UNIT_VARS) \ + -e 's|[@]name[@]|Libvirt|g' \ + -e 's|[@]service[@]|libvirtd|g' \ + -e 's|[@]sockprefix[@]|libvirt|g' \ $(NULL)
Patch 19 contains this hunk: @@ -298,13 +369,34 @@ LIBVIRTD_UNIT_VARS = \ -e 's|[@]name[@]|Libvirt|g' \ -e 's|[@]service[@]|libvirtd|g' \ -e 's|[@]sockprefix[@]|libvirt|g' \ + -e 's|[@]deps[@]||g' \ + $(NULL) but it should be in this commit instead, since... [...]
+++ b/src/remote/libvirtd-admin.socket.in @@ -1,14 +1,15 @@ [Unit] -Description=Libvirt admin socket -Before=libvirtd.service -BindsTo=libvirtd.socket -After=libvirtd.socket +Description=@name@ admin socket +Before=@service@.service +BindsTo=@service@.socket +After=@service@.socket +@deps@
... you already have @deps@ here, and without the above the placeholder will show up in the output file. With that hunk squashed in, Reviewed-by: Andrea Bolognani <abologna@redhat.com> -- Andrea Bolognani / Red Hat / Virtualization

The make logic assumes that the SYSTEMD_UNIT_FILES var can be built from SYSTEMD_UNIT_FILES_IN by simply dropping the directory prefix and the .in suffix. This won't work in future when a single .in unit file can be used to generate multiple different units. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/Makefile.am | 2 +- src/locking/Makefile.inc.am | 5 ++++- src/logging/Makefile.inc.am | 5 ++++- src/remote/Makefile.inc.am | 5 ++++- 4 files changed, 13 insertions(+), 4 deletions(-) diff --git a/src/Makefile.am b/src/Makefile.am index d254069e4b..4c534d2f48 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -82,6 +82,7 @@ RPC_PROBE_FILES = LOGROTATE_FILES_IN = PODFILES = MANINFILES = +SYSTEMD_UNIT_FILES = SYSTEMD_UNIT_FILES_IN = SYSCONF_FILES = sbin_PROGRAMS = @@ -832,7 +833,6 @@ if WITH_LIBVIRTD if LIBVIRT_INIT_SCRIPT_SYSTEMD SYSTEMD_UNIT_DIR = $(prefix)/lib/systemd/system -SYSTEMD_UNIT_FILES = $(notdir $(SYSTEMD_UNIT_FILES_IN:%.in=%)) BUILT_SOURCES += $(SYSTEMD_UNIT_FILES) DISTCLEANFILES += $(SYSTEMD_UNIT_FILES) diff --git a/src/locking/Makefile.inc.am b/src/locking/Makefile.inc.am index 161410051c..1f002acce6 100644 --- a/src/locking/Makefile.inc.am +++ b/src/locking/Makefile.inc.am @@ -77,12 +77,15 @@ MANINFILES += virtlockd.8.in CLEANFILES += $(man8_MANS) MAINTAINERCLEANFILES += $(MANINFILES) -SYSTEMD_UNIT_FILES_IN += \ +VIRTLOCKD_UNIT_FILES_IN = \ locking/virtlockd.service.in \ locking/virtlockd.socket.in \ locking/virtlockd-admin.socket.in \ $(NULL) +SYSTEMD_UNIT_FILES += $(notdir $(VIRTLOCKD_UNIT_FILES_IN:%.in=%)) +SYSTEMD_UNIT_FILES_IN += $(VIRTLOCKD_UNIT_FILES_IN) + lockdriverdir = $(libdir)/libvirt/lock-driver lockdriver_LTLIBRARIES = diff --git a/src/logging/Makefile.inc.am b/src/logging/Makefile.inc.am index f0c49330f5..ef853cdcc4 100644 --- a/src/logging/Makefile.inc.am +++ b/src/logging/Makefile.inc.am @@ -50,12 +50,15 @@ PODFILES += logging/virtlogd.pod MANINFILES += virtlogd.8.in SYSCONF_FILES += logging/virtlogd.sysconf -SYSTEMD_UNIT_FILES_IN += \ +VIRTLOGD_UNIT_FILES_IN = \ logging/virtlogd.service.in \ logging/virtlogd.socket.in \ logging/virtlogd-admin.socket.in \ $(NULL) +SYSTEMD_UNIT_FILES += $(notdir $(VIRTLOGD_UNIT_FILES_IN:%.in=%)) +SYSTEMD_UNIT_FILES_IN += $(VIRTLOGD_UNIT_FILES_IN) + if WITH_LIBVIRTD sbin_PROGRAMS += virtlogd diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index c56f9230f2..e1a3fb1888 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -90,7 +90,7 @@ SYSCONF_FILES += remote/libvirtd.sysconf PODFILES += remote/libvirtd.pod MANINFILES += libvirtd.8.in -SYSTEMD_UNIT_FILES_IN += \ +LIBVIRTD_UNIT_FILES_IN = \ remote/libvirtd.service.in \ remote/libvirtd.socket.in \ remote/libvirtd-ro.socket.in \ @@ -100,6 +100,9 @@ SYSTEMD_UNIT_FILES_IN += \ remote/virt-guest-shutdown.target.in \ $(NULL) +SYSTEMD_UNIT_FILES += $(notdir $(LIBVIRTD_UNIT_FILES_IN:%.in=%)) +SYSTEMD_UNIT_FILES_IN += $(LIBVIRTD_UNIT_FILES_IN) + REMOTE_PROTOCOL = $(srcdir)/remote/remote_protocol.x LXC_PROTOCOL = $(srcdir)/remote/lxc_protocol.x QEMU_PROTOCOL = $(srcdir)/remote/qemu_protocol.x -- 2.21.0

On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote:
The make logic assumes that the SYSTEMD_UNIT_FILES var can be built from SYSTEMD_UNIT_FILES_IN by simply dropping the directory prefix and the .in suffix.
This won't work in future when a single .in unit file can be used to generate multiple different units.
IIUC this is mostly for sockets, correct? As in, with the entire series applied we'll have eg. SYSTEMD_UNIT_FILES += \ virtqemud.service \ virtqemud.socket \ virtqemud-ro.socket \ virtqemud-admin.socket \ $(NULL) SYSTEMD_UNIT_FILES_IN += \ qemu/virtqemud.service.in \ $(NULL) where virtqemud*.socket are not generated, as the current code would expect, from virtqemud*.socket.in, but rather from libvirtd*.socket.in - hence the need for this patch. Again IIUC there's nothing really stopping us from generating virtqemud*.service from libvirtd*.service.in, or at least from a common virtd*.service.in, since eg. virtqemud.service.in and virtlxcd.service.in are basically identical - it's just that you haven't unified the generation rules yet. Assuming I've understood the intent correctly, then the changes themselves look good, so Reviewed-by: Andrea Bolognani <abologna@redhat.com> -- Andrea Bolognani / Red Hat / Virtualization

On Fri, Jul 26, 2019 at 08:01:52PM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote:
The make logic assumes that the SYSTEMD_UNIT_FILES var can be built from SYSTEMD_UNIT_FILES_IN by simply dropping the directory prefix and the .in suffix.
This won't work in future when a single .in unit file can be used to generate multiple different units.
IIUC this is mostly for sockets, correct? As in, with the entire series applied we'll have eg.
SYSTEMD_UNIT_FILES += \ virtqemud.service \ virtqemud.socket \ virtqemud-ro.socket \ virtqemud-admin.socket \ $(NULL) SYSTEMD_UNIT_FILES_IN += \ qemu/virtqemud.service.in \ $(NULL)
where virtqemud*.socket are not generated, as the current code would expect, from virtqemud*.socket.in, but rather from libvirtd*.socket.in - hence the need for this patch.
Yes
Again IIUC there's nothing really stopping us from generating virtqemud*.service from libvirtd*.service.in, or at least from a common virtd*.service.in, since eg. virtqemud.service.in and virtlxcd.service.in are basically identical - it's just that you haven't unified the generation rules yet.
I'm was not anticipating sharing the service.in file, as many of the parameters will be driver specific.
Assuming I've understood the intent correctly, then the changes themselves look good, so
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

On Mon, 2019-07-29 at 13:17 +0100, Daniel P. Berrangé wrote:
On Fri, Jul 26, 2019 at 08:01:52PM +0200, Andrea Bolognani wrote:
Again IIUC there's nothing really stopping us from generating virtqemud*.service from libvirtd*.service.in, or at least from a common virtd*.service.in, since eg. virtqemud.service.in and virtlxcd.service.in are basically identical - it's just that you haven't unified the generation rules yet.
I'm was not anticipating sharing the service.in file, as many of the parameters will be driver specific.
It doesn't look to me like there's much more that's driver-specific in the .service files than there is in the .socket files, and we're generating the latter from a single template. But it doesn't really matter anyway, as I said if there's room for reducing duplication we can just do that after the fact :) -- Andrea Bolognani / Red Hat / Virtualization

On 7/29/19 8:18 AM, Andrea Bolognani wrote:
On Mon, 2019-07-29 at 13:17 +0100, Daniel P. Berrangé wrote:
On Fri, Jul 26, 2019 at 08:01:52PM +0200, Andrea Bolognani wrote:
Again IIUC there's nothing really stopping us from generating virtqemud*.service from libvirtd*.service.in, or at least from a common virtd*.service.in, since eg. virtqemud.service.in and virtlxcd.service.in are basically identical - it's just that you haven't unified the generation rules yet.
I'm was not anticipating sharing the service.in file, as many of the parameters will be driver specific.
It doesn't look to me like there's much more that's driver-specific in the .service files than there is in the .socket files, and we're generating the latter from a single template.
I have a downstream patch that adds After=xencommons.service Conflicts=xendomains.service to libvirtd.service.in. IMO the patch needs to be improved before pushing upstream, e.g. conditionally adding those lines at build time when the xen driver is selected. With driver-specific service files we can trivially add those to virtxend.service. Regards, Jim

On Mon, Jul 29, 2019 at 07:14:36PM +0000, Jim Fehlig wrote:
On 7/29/19 8:18 AM, Andrea Bolognani wrote:
On Mon, 2019-07-29 at 13:17 +0100, Daniel P. Berrangé wrote:
On Fri, Jul 26, 2019 at 08:01:52PM +0200, Andrea Bolognani wrote:
Again IIUC there's nothing really stopping us from generating virtqemud*.service from libvirtd*.service.in, or at least from a common virtd*.service.in, since eg. virtqemud.service.in and virtlxcd.service.in are basically identical - it's just that you haven't unified the generation rules yet.
I'm was not anticipating sharing the service.in file, as many of the parameters will be driver specific.
It doesn't look to me like there's much more that's driver-specific in the .service files than there is in the .socket files, and we're generating the latter from a single template.
I have a downstream patch that adds
After=xencommons.service Conflicts=xendomains.service
to libvirtd.service.in. IMO the patch needs to be improved before pushing upstream, e.g. conditionally adding those lines at build time when the xen driver is selected. With driver-specific service files we can trivially add those to virtxend.service.
Sure, go ahead & send that for libvirtd.service.in Meanwhile, I'll add them to virtxend.sevice in my patch series right now. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

When running in libvirtd, we are happy for any of the drivers to simply skip their initialization in virStateInitialize, as other drivers are still potentially useful. When running in per-driver daemons though, we want the daemon to abort startup if the driver cannot initialize itself, as the daemon will be useless without it. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/bhyve/bhyve_driver.c | 10 +++++----- src/driver-state.h | 8 +++++++- src/interface/interface_backend_netcf.c | 8 ++++---- src/interface/interface_backend_udev.c | 4 ++-- src/libvirt.c | 16 +++++++++++++--- src/libvirt_internal.h | 1 + src/libxl/libxl_driver.c | 10 +++++----- src/lxc/lxc_driver.c | 12 ++++++------ src/network/bridge_driver.c | 4 ++-- src/node_device/node_device_hal.c | 12 ++++++------ src/node_device/node_device_udev.c | 8 ++++---- src/nwfilter/nwfilter_driver.c | 12 ++++++------ src/qemu/qemu_driver.c | 8 ++++---- src/remote/remote_daemon.c | 5 +++++ src/remote/remote_driver.c | 2 +- src/secret/secret_driver.c | 8 ++++---- src/storage/storage_driver.c | 8 ++++---- src/vz/vz_driver.c | 14 +++++++------- 18 files changed, 86 insertions(+), 64 deletions(-) diff --git a/src/bhyve/bhyve_driver.c b/src/bhyve/bhyve_driver.c index 5387ac5570..e2c1b00080 100644 --- a/src/bhyve/bhyve_driver.c +++ b/src/bhyve/bhyve_driver.c @@ -1220,16 +1220,16 @@ bhyveStateInitialize(bool privileged, { if (!privileged) { VIR_INFO("Not running privileged, disabling driver"); - return 0; + return VIR_DRV_STATE_INIT_SKIPPED; } if (VIR_ALLOC(bhyve_driver) < 0) - return -1; + return VIR_DRV_STATE_INIT_ERROR; bhyve_driver->lockFD = -1; if (virMutexInit(&bhyve_driver->lock) < 0) { VIR_FREE(bhyve_driver); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } if (!(bhyve_driver->closeCallbacks = virCloseCallbacksNew())) @@ -1303,11 +1303,11 @@ bhyveStateInitialize(bool privileged, bhyveAutostartDomains(bhyve_driver); - return 0; + return VIR_DRV_STATE_INIT_COMPLETE; cleanup: bhyveStateCleanup(); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } unsigned diff --git a/src/driver-state.h b/src/driver-state.h index 974b2252ee..69e2678dfc 100644 --- a/src/driver-state.h +++ b/src/driver-state.h @@ -24,7 +24,13 @@ # error "Don't include this file directly, only use driver.h" #endif -typedef int +typedef enum { + VIR_DRV_STATE_INIT_ERROR = -1, + VIR_DRV_STATE_INIT_SKIPPED, + VIR_DRV_STATE_INIT_COMPLETE, +} virDrvStateInitResult; + +typedef virDrvStateInitResult (*virDrvStateInitialize)(bool privileged, virStateInhibitCallback callback, void *opaque); diff --git a/src/interface/interface_backend_netcf.c b/src/interface/interface_backend_netcf.c index 0000587cee..eb509ccc13 100644 --- a/src/interface/interface_backend_netcf.c +++ b/src/interface/interface_backend_netcf.c @@ -93,10 +93,10 @@ netcfStateInitialize(bool privileged, void *opaque ATTRIBUTE_UNUSED) { if (virNetcfDriverStateInitialize() < 0) - return -1; + return VIR_DRV_STATE_INIT_ERROR; if (!(driver = virObjectLockableNew(virNetcfDriverStateClass))) - return -1; + return VIR_DRV_STATE_INIT_ERROR; driver->privileged = privileged; @@ -129,12 +129,12 @@ netcfStateInitialize(bool privileged, _("failed to initialize netcf")); goto error; } - return 0; + return VIR_DRV_STATE_INIT_COMPLETE; error: virObjectUnref(driver); driver = NULL; - return -1; + return VIR_DRV_STATE_INIT_ERROR; } diff --git a/src/interface/interface_backend_udev.c b/src/interface/interface_backend_udev.c index fea5108dbc..ef748540d1 100644 --- a/src/interface/interface_backend_udev.c +++ b/src/interface/interface_backend_udev.c @@ -1172,7 +1172,7 @@ udevStateInitialize(bool privileged, virStateInhibitCallback callback ATTRIBUTE_UNUSED, void *opaque ATTRIBUTE_UNUSED) { - int ret = -1; + int ret = VIR_DRV_STATE_INIT_ERROR; if (VIR_ALLOC(driver) < 0) goto cleanup; @@ -1210,7 +1210,7 @@ udevStateInitialize(bool privileged, } driver->privileged = privileged; - ret = 0; + ret = VIR_DRV_STATE_INIT_COMPLETE; cleanup: if (ret < 0) diff --git a/src/libvirt.c b/src/libvirt.c index 7e665b6cba..4d6def2e0a 100644 --- a/src/libvirt.c +++ b/src/libvirt.c @@ -629,6 +629,7 @@ virRegisterStateDriver(virStateDriverPtr driver) /** * virStateInitialize: * @privileged: set to true if running with root privilege, false otherwise + * @mandatory: set to true if all drivers must report success, not skipped * @callback: callback to invoke to inhibit shutdown of the daemon * @opaque: data to pass to @callback * @@ -638,6 +639,7 @@ virRegisterStateDriver(virStateDriverPtr driver) */ int virStateInitialize(bool privileged, + bool mandatory, virStateInhibitCallback callback, void *opaque) { @@ -648,15 +650,23 @@ virStateInitialize(bool privileged, for (i = 0; i < virStateDriverTabCount; i++) { if (virStateDriverTab[i]->stateInitialize) { + virDrvStateInitResult ret; VIR_DEBUG("Running global init for %s state driver", virStateDriverTab[i]->name); - if (virStateDriverTab[i]->stateInitialize(privileged, - callback, - opaque) < 0) { + ret = virStateDriverTab[i]->stateInitialize(privileged, + callback, + opaque); + VIR_DEBUG("State init result %d (mandatory=%d)", ret, mandatory); + if (ret == VIR_DRV_STATE_INIT_ERROR) { VIR_ERROR(_("Initialization of %s state driver failed: %s"), virStateDriverTab[i]->name, virGetLastErrorMessage()); return -1; + } else if (ret == VIR_DRV_STATE_INIT_SKIPPED && + mandatory) { + VIR_ERROR(_("Initialization of mandatory %s state driver skipped"), + virStateDriverTab[i]->name); + return -1; } } } diff --git a/src/libvirt_internal.h b/src/libvirt_internal.h index 3f012fdd4b..4a74dbc2af 100644 --- a/src/libvirt_internal.h +++ b/src/libvirt_internal.h @@ -30,6 +30,7 @@ typedef void (*virStateInhibitCallback)(bool inhibit, void *opaque); int virStateInitialize(bool privileged, + bool mandatory, virStateInhibitCallback inhibit, void *opaque); int virStateCleanup(void); diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c index 492028c487..231960b817 100644 --- a/src/libxl/libxl_driver.c +++ b/src/libxl/libxl_driver.c @@ -657,17 +657,17 @@ libxlStateInitialize(bool privileged, char ebuf[1024]; if (!libxlDriverShouldLoad(privileged)) - return 0; + return VIR_DRV_STATE_INIT_SKIPPED; if (VIR_ALLOC(libxl_driver) < 0) - return -1; + return VIR_DRV_STATE_INIT_ERROR; libxl_driver->lockFD = -1; if (virMutexInit(&libxl_driver->lock) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("cannot initialize mutex")); VIR_FREE(libxl_driver); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } /* Allocate bitmap for vnc port reservation */ @@ -806,12 +806,12 @@ libxlStateInitialize(bool privileged, virDomainObjListForEach(libxl_driver->domains, libxlDomainManagedSaveLoad, libxl_driver); - return 0; + return VIR_DRV_STATE_INIT_COMPLETE; error: VIR_FREE(driverConf); libxlStateCleanup(); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } static int diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c index d0b6703101..0baf18f3ef 100644 --- a/src/lxc/lxc_driver.c +++ b/src/lxc/lxc_driver.c @@ -1545,7 +1545,7 @@ static int lxcStateInitialize(bool privileged, /* Check that the user is root, silently disable if not */ if (!privileged) { VIR_INFO("Not running privileged, disabling driver"); - return 0; + return VIR_DRV_STATE_INIT_SKIPPED; } /* Check that this is a container enabled kernel */ @@ -1554,15 +1554,15 @@ static int lxcStateInitialize(bool privileged, VIR_PROCESS_NAMESPACE_UTS | VIR_PROCESS_NAMESPACE_IPC) < 0) { VIR_INFO("LXC support not available in this kernel, disabling driver"); - return 0; + return VIR_DRV_STATE_INIT_SKIPPED; } if (VIR_ALLOC(lxc_driver) < 0) - return -1; + return VIR_DRV_STATE_INIT_ERROR; lxc_driver->lockFD = -1; if (virMutexInit(&lxc_driver->lock) < 0) { VIR_FREE(lxc_driver); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } if (!(lxc_driver->domains = virDomainObjListNew())) @@ -1633,12 +1633,12 @@ static int lxcStateInitialize(bool privileged, virLXCProcessAutostartAll(lxc_driver); virObjectUnref(caps); - return 0; + return VIR_DRV_STATE_INIT_COMPLETE; cleanup: virObjectUnref(caps); lxcStateCleanup(); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } static void lxcNotifyLoadDomain(virDomainObjPtr vm, int newVM, void *opaque) diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c index 41fa89a4af..2b1fa59390 100644 --- a/src/network/bridge_driver.c +++ b/src/network/bridge_driver.c @@ -713,7 +713,7 @@ networkStateInitialize(bool privileged, virStateInhibitCallback callback ATTRIBUTE_UNUSED, void *opaque ATTRIBUTE_UNUSED) { - int ret = -1; + int ret = VIR_DRV_STATE_INIT_ERROR; char *configdir = NULL; char *rundir = NULL; #ifdef WITH_FIREWALLD @@ -847,7 +847,7 @@ networkStateInitialize(bool privileged, } #endif - ret = 0; + ret = VIR_DRV_STATE_INIT_COMPLETE; cleanup: VIR_FREE(configdir); VIR_FREE(rundir); diff --git a/src/node_device/node_device_hal.c b/src/node_device/node_device_hal.c index 1f3f867599..d46e4e98f3 100644 --- a/src/node_device/node_device_hal.c +++ b/src/node_device/node_device_hal.c @@ -599,7 +599,7 @@ nodeStateInitialize(bool privileged ATTRIBUTE_UNUSED, char **udi = NULL; int num_devs; size_t i; - int ret = -1; + int ret = VIR_DRV_STATE_INIT_ERROR; DBusConnection *sysbus; DBusError err; @@ -608,12 +608,12 @@ nodeStateInitialize(bool privileged ATTRIBUTE_UNUSED, cmpstringp); if (VIR_ALLOC(driver) < 0) - return -1; + return VIR_DRV_STATE_INIT_ERROR; driver->lockFD = -1; if (virMutexInit(&driver->lock) < 0) { VIR_FREE(driver); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } nodeDeviceLock(); @@ -648,7 +648,7 @@ nodeStateInitialize(bool privileged ATTRIBUTE_UNUSED, virReportError(VIR_ERR_INTERNAL_ERROR, _("DBus not available, disabling HAL driver: %s"), virGetLastErrorMessage()); - ret = 0; + ret = VIR_DRV_STATE_INIT_SKIPPED; goto failure; } @@ -671,7 +671,7 @@ nodeStateInitialize(bool privileged ATTRIBUTE_UNUSED, /* We don't want to show a fatal error here, otherwise entire libvirtd shuts down when hald isn't running */ - ret = 0; + ret = VIR_DRV_STATE_INIT_SKIPPED; goto failure; } @@ -709,7 +709,7 @@ nodeStateInitialize(bool privileged ATTRIBUTE_UNUSED, } VIR_FREE(udi); - return 0; + return VIR_DRV_STATE_INIT_COMPLETE; failure: if (dbus_error_is_set(&err)) { diff --git a/src/node_device/node_device_udev.c b/src/node_device/node_device_udev.c index 8bc63c506c..adf60e4537 100644 --- a/src/node_device/node_device_udev.c +++ b/src/node_device/node_device_udev.c @@ -1816,14 +1816,14 @@ nodeStateInitialize(bool privileged, virThread enumThread; if (VIR_ALLOC(driver) < 0) - return -1; + return VIR_DRV_STATE_INIT_ERROR; driver->lockFD = -1; if (virMutexInit(&driver->lock) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("Unable to initialize mutex")); VIR_FREE(driver); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } driver->privileged = privileged; @@ -1919,11 +1919,11 @@ nodeStateInitialize(bool privileged, goto cleanup; } - return 0; + return VIR_DRV_STATE_INIT_COMPLETE; cleanup: nodeStateCleanup(); - return -1; + return VIR_DRV_STATE_INIT_ERROR; unlock: virObjectUnlock(priv); diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c index 530e4f5872..6073143437 100644 --- a/src/nwfilter/nwfilter_driver.c +++ b/src/nwfilter/nwfilter_driver.c @@ -184,10 +184,10 @@ nwfilterStateInitialize(bool privileged, if (virDBusHasSystemBus() && !(sysbus = virDBusGetSystemBus())) - return -1; + return VIR_DRV_STATE_INIT_ERROR; if (VIR_ALLOC(driver) < 0) - return -1; + return VIR_DRV_STATE_INIT_ERROR; driver->lockFD = -1; if (virMutexInit(&driver->lock) < 0) @@ -201,7 +201,7 @@ nwfilterStateInitialize(bool privileged, goto error; if (!privileged) - return 0; + return VIR_DRV_STATE_INIT_SKIPPED; nwfilterDriverLock(); @@ -281,13 +281,13 @@ nwfilterStateInitialize(bool privileged, nwfilterDriverUnlock(); - return 0; + return VIR_DRV_STATE_INIT_COMPLETE; error: nwfilterDriverUnlock(); nwfilterStateCleanup(); - return -1; + return VIR_DRV_STATE_INIT_ERROR; err_techdrivers_shutdown: virNWFilterTechDriversShutdown(); @@ -302,7 +302,7 @@ nwfilterStateInitialize(bool privileged, virNWFilterObjListFree(driver->nwfilters); VIR_FREE(driver); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } /** diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 329c166255..265e49591b 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -586,7 +586,7 @@ qemuStateInitialize(bool privileged, size_t i; if (VIR_ALLOC(qemu_driver) < 0) - return -1; + return VIR_DRV_STATE_INIT_ERROR; qemu_driver->lockFD = -1; @@ -594,7 +594,7 @@ qemuStateInitialize(bool privileged, virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("cannot initialize mutex")); VIR_FREE(qemu_driver); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } qemu_driver->inhibitCallback = callback; @@ -914,14 +914,14 @@ qemuStateInitialize(bool privileged, qemuAutostartDomains(qemu_driver); - return 0; + return VIR_DRV_STATE_INIT_COMPLETE; error: VIR_FREE(driverConf); VIR_FREE(hugepagePath); VIR_FREE(memoryBackingPath); qemuStateCleanup(); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } static void qemuNotifyLoadDomain(virDomainObjPtr vm, int newVM, void *opaque) diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c index 45b52af987..0515a4575f 100644 --- a/src/remote/remote_daemon.c +++ b/src/remote/remote_daemon.c @@ -794,6 +794,11 @@ static void daemonRunStateInit(void *opaque) * we're ready, since it can take a long time and this will * seriously delay OS bootup process */ if (virStateInitialize(virNetDaemonIsPrivileged(dmn), +#ifdef MODULE_NAME + true, +#else /* ! MODULE_NAME */ + false, +#endif /* ! MODULE_NAME */ daemonInhibitCallback, dmn) < 0) { VIR_ERROR(_("Driver state initialization failed")); diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index 925ada1cac..e04bb3153d 100644 --- a/src/remote/remote_driver.c +++ b/src/remote/remote_driver.c @@ -193,7 +193,7 @@ remoteStateInitialize(bool privileged ATTRIBUTE_UNUSED, * re-entering ourselves */ inside_daemon = true; - return 0; + return VIR_DRV_STATE_INIT_COMPLETE; } diff --git a/src/secret/secret_driver.c b/src/secret/secret_driver.c index 0af2bcef96..0d5ea05f56 100644 --- a/src/secret/secret_driver.c +++ b/src/secret/secret_driver.c @@ -457,12 +457,12 @@ secretStateInitialize(bool privileged, void *opaque ATTRIBUTE_UNUSED) { if (VIR_ALLOC(driver) < 0) - return -1; + return VIR_DRV_STATE_INIT_ERROR; driver->lockFD = -1; if (virMutexInit(&driver->lock) < 0) { VIR_FREE(driver); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } secretDriverLock(); @@ -514,12 +514,12 @@ secretStateInitialize(bool privileged, goto error; secretDriverUnlock(); - return 0; + return VIR_DRV_STATE_INIT_COMPLETE; error: secretDriverUnlock(); secretStateCleanup(); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } diff --git a/src/storage/storage_driver.c b/src/storage/storage_driver.c index 03ac6a6845..dfa654178b 100644 --- a/src/storage/storage_driver.c +++ b/src/storage/storage_driver.c @@ -255,12 +255,12 @@ storageStateInitialize(bool privileged, VIR_AUTOFREE(char *) rundir = NULL; if (VIR_ALLOC(driver) < 0) - return -1; + return VIR_DRV_STATE_INIT_ERROR; driver->lockFD = -1; if (virMutexInit(&driver->lock) < 0) { VIR_FREE(driver); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } storageDriverLock(); @@ -326,12 +326,12 @@ storageStateInitialize(bool privileged, storageDriverUnlock(); - return 0; + return VIR_DRV_STATE_INIT_COMPLETE; error: storageDriverUnlock(); storageStateCleanup(); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } /** diff --git a/src/vz/vz_driver.c b/src/vz/vz_driver.c index f5d05a7f43..da72b209d1 100644 --- a/src/vz/vz_driver.c +++ b/src/vz/vz_driver.c @@ -4118,36 +4118,36 @@ vzStateInitialize(bool privileged, void *opaque ATTRIBUTE_UNUSED) { if (!privileged) - return 0; + return VIR_DRV_STATE_INIT_SKIPPED; vz_driver_privileged = privileged; if (virFileMakePathWithMode(VZ_STATEDIR, S_IRWXU) < 0) { virReportSystemError(errno, _("cannot create state directory '%s'"), VZ_STATEDIR); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } if ((vz_driver_lock_fd = virPidFileAcquire(VZ_STATEDIR, "driver", false, getpid())) < 0) - return -1; + return VIR_DRV_STATE_INIT_ERROR; if (prlsdkInit() < 0) { VIR_DEBUG("%s", _("Can't initialize Parallels SDK")); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } - if (virMutexInit(&vz_driver_lock) < 0) + if (virMutexInit(&vz_driver_lock) < 0) goto error; /* Failing to create driver here is not fatal and only means * that next driver client will try once more when connecting */ vz_driver = vzDriverObjNew(); - return 0; + return VIR_DRV_STATE_INIT_COMPLETE; error: vzStateCleanup(); - return -1; + return VIR_DRV_STATE_INIT_ERROR; } static virStateDriver vzStateDriver = { -- 2.21.0

On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote: [...]
@@ -648,15 +650,23 @@ virStateInitialize(bool privileged, [...] + if (ret == VIR_DRV_STATE_INIT_ERROR) { VIR_ERROR(_("Initialization of %s state driver failed: %s"), virStateDriverTab[i]->name, virGetLastErrorMessage()); return -1; + } else if (ret == VIR_DRV_STATE_INIT_SKIPPED && + mandatory) {
You can fit this entire condition on a single line. [...]
+++ b/src/remote/remote_daemon.c @@ -794,6 +794,11 @@ static void daemonRunStateInit(void *opaque) * we're ready, since it can take a long time and this will * seriously delay OS bootup process */ if (virStateInitialize(virNetDaemonIsPrivileged(dmn), +#ifdef MODULE_NAME + true, +#else /* ! MODULE_NAME */ + false, +#endif /* ! MODULE_NAME */ daemonInhibitCallback, dmn) < 0) {
Just like in patch 10, this is really ugly... Please change it to something like #ifdef MODULE_NAME bool mandatory = true; #else /* ! MODULE_NAME */ bool mandatory = false; #endif /* ! MODULE_NAME */ virStateInitialize(virNetDaemonIsPrivileged(dmn), mandatory, daemonInhibitCallback, dmn); [...]
+++ b/src/vz/vz_driver.c @@ -4118,36 +4118,36 @@ vzStateInitialize(bool privileged, [...] /* Failing to create driver here is not fatal and only means * that next driver client will try once more when connecting */ vz_driver = vzDriverObjNew(); - return 0; + return VIR_DRV_STATE_INIT_COMPLETE;
Given the comment, are you sure we shouldn't do something like if (!(vz_driver = vzDriverObjNew())) return VIR_DRV_STATE_INIT_SKIPPED; return VIR_DRV_STATE_INIT_COMPLETE; here instead? With the nits above addressed, and assuming the logic in the vz driver either is confirmed to be fine as or is changed appropriately, Reviewed-by: Andrea Bolognani <abologna@redhat.com> -- Andrea Bolognani / Red Hat / Virtualization

On Fri, Jul 26, 2019 at 08:25:05PM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote: [...]
@@ -648,15 +650,23 @@ virStateInitialize(bool privileged, [...] + if (ret == VIR_DRV_STATE_INIT_ERROR) { VIR_ERROR(_("Initialization of %s state driver failed: %s"), virStateDriverTab[i]->name, virGetLastErrorMessage()); return -1; + } else if (ret == VIR_DRV_STATE_INIT_SKIPPED && + mandatory) {
You can fit this entire condition on a single line.
[...]
+++ b/src/remote/remote_daemon.c @@ -794,6 +794,11 @@ static void daemonRunStateInit(void *opaque) * we're ready, since it can take a long time and this will * seriously delay OS bootup process */ if (virStateInitialize(virNetDaemonIsPrivileged(dmn), +#ifdef MODULE_NAME + true, +#else /* ! MODULE_NAME */ + false, +#endif /* ! MODULE_NAME */ daemonInhibitCallback, dmn) < 0) {
Just like in patch 10, this is really ugly... Please change it to something like
#ifdef MODULE_NAME bool mandatory = true; #else /* ! MODULE_NAME */ bool mandatory = false; #endif /* ! MODULE_NAME */
virStateInitialize(virNetDaemonIsPrivileged(dmn), mandatory, daemonInhibitCallback, dmn);
[...]
+++ b/src/vz/vz_driver.c @@ -4118,36 +4118,36 @@ vzStateInitialize(bool privileged, [...] /* Failing to create driver here is not fatal and only means * that next driver client will try once more when connecting */ vz_driver = vzDriverObjNew(); - return 0; + return VIR_DRV_STATE_INIT_COMPLETE;
Given the comment, are you sure we shouldn't do something like
if (!(vz_driver = vzDriverObjNew())) return VIR_DRV_STATE_INIT_SKIPPED;
return VIR_DRV_STATE_INIT_COMPLETE;
here instead?
Marking it as skipped would cause the daemon to exit which against the semantics that the vz driver code was trying to achieve with this startup behaviour.
With the nits above addressed, and assuming the logic in the vz driver either is confirmed to be fine as or is changed appropriately,
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

The libvirtd daemon provides the traditional libvirt experience where all the drivers are in a single daemon, and is accessible over both local UNIX sockets and remote IP sockets. In the new world we're having a set of per-driver daemons which will primarily be accessed locally via their own UNIX sockets. We still, however, need to allow for case of applications which will connect to libvirt remotely. These remote connections can be done as TCP/TLS sockets, or by SSH tunnelling to the UNIX socket. In the later case, the old libvirt.so clients will only know about the path to the old libvirtd socket /var/run/libvirt/libvirt-sock, and not the new driver sockets /var/run/libvirt/virtqemud-sock. It is also not desirable to expose the main driver specific daemons over IP directly to minimize their attack service. Thus the virtproxyd daemon steps into place, to provide TCP/TLS sockets, and back compat for the old libvirtd UNIX socket path(s). It will then forward all RPC calls made to the appropriate driver specific daemon. Essentially it is equivalent to the old libvirtd with absolutely no drivers registered except for the remote driver (and other stateless drivers in libvirt.so). We could have modified libvirtd so none of the drivers are registed to get the same end result. We could even add a libvirtd.conf parameter to control whether the drivers are loaded to enable users to switch back to the old world if we discover bugs in the split-daemon model. Using a new daemon though has some advantages - We can make virtproxyd and the virtXXXd per-driver daemons all have "Conflicts: libvirtd.service" in their systemd unit files. This will guarantee that libvirtd is never started at the same time, as this would result in two daemons running the same driver. Fortunately drivers use locking to protect themselves, but it is better to avoid starting a daemon we know will conflict. - It allows us to break CLI compat to remove the --listen parameter. Both listen_tcp and listen_tls parameters in /etc/libvirtd/virtd.conf will default to zero. Either TLS or TCP can be enabled exclusively though virtd.conf without requiring the extra step of adding --listen. - It allows us to set a strict SELinux policy over virtproxyd. For back compat the libvirtd policy must continue to allow all drivers to run. We can't easily give a second policy to libvirtd which locks it down. By introducing a new virtproxyd we can set a strict policy for that daemon only. - It gets rid of the wierd naming of having a daemon with "lib" in its name. Now all normal daemons libvirt ships will have "virt" as their prefix not "libvirt". - Distros can more easily choose their upgrade path. They can ship both sets of daemons in their packages, and choose to either enable libvirtd, or enable the per-driver daemons and virtproxyd out of the box. Users can easily override this if desired by just tweaking which systemd units are active. After some time we can deprecate use of libvirtd and after some more time delete it entirely, leaving us in a pretty world filled with prancing unicorns. The main downside with introducing a new daemon, and with the per-driver daemons in general, is figuring out the correct upgrade path. The conservative option is to leave libvirtd running if it was an existing installation. Only use the new daemons & virtproxyd on completely new installs. The aggressive option is to disable libvirtd if already running and activate all the new daemons. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- .gitignore | 4 ++ libvirt.spec.in | 10 +++ src/remote/Makefile.inc.am | 112 +++++++++++++++++++++++++++--- src/remote/remote_daemon.c | 32 ++++++--- src/remote/remote_daemon_config.c | 6 +- src/remote/virtproxyd.service.in | 24 +++++++ 6 files changed, 167 insertions(+), 21 deletions(-) create mode 100644 src/remote/virtproxyd.service.in diff --git a/.gitignore b/.gitignore index 4463660c85..05bc166860 100644 --- a/.gitignore +++ b/.gitignore @@ -161,6 +161,9 @@ /src/remote/libvirtd.aug /src/remote/libvirtd.conf /src/remote/test_libvirtd.aug +/src/remote/test_virtproxyd.aug +/src/remote/virtproxyd.aug +/src/remote/virtproxyd.conf /src/rpc/virkeepaliveprotocol.[ch] /src/rpc/virnetprotocol.[ch] /src/util/virkeycodetable*.h @@ -168,6 +171,7 @@ /src/virt-aa-helper /src/virtlockd /src/virtlogd +/src/virtproxyd /src/virt-guest-shutdown.target /tests/*.log /tests/*.pid diff --git a/libvirt.spec.in b/libvirt.spec.in index b13b863928..2f64dcabe3 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1527,6 +1527,12 @@ exit 0 %{_unitdir}/libvirtd-admin.socket %{_unitdir}/libvirtd-tcp.socket %{_unitdir}/libvirtd-tls.socket +%{_unitdir}/virtproxyd.service +%{_unitdir}/virtproxyd.socket +%{_unitdir}/virtproxyd-ro.socket +%{_unitdir}/virtproxyd-admin.socket +%{_unitdir}/virtproxyd-tcp.socket +%{_unitdir}/virtproxyd-tls.socket %{_unitdir}/virt-guest-shutdown.target %{_unitdir}/virtlogd.service %{_unitdir}/virtlogd.socket @@ -1538,6 +1544,7 @@ exit 0 %config(noreplace) %{_sysconfdir}/sysconfig/virtlogd %config(noreplace) %{_sysconfdir}/sysconfig/virtlockd %config(noreplace) %{_sysconfdir}/libvirt/libvirtd.conf +%config(noreplace) %{_sysconfdir}/libvirt/virtproxyd.conf %config(noreplace) %{_sysconfdir}/libvirt/virtlogd.conf %config(noreplace) %{_sysconfdir}/libvirt/virtlockd.conf %config(noreplace) %{_sysconfdir}/sasl2/libvirt.conf @@ -1565,6 +1572,8 @@ exit 0 %{_datadir}/augeas/lenses/tests/test_virtlogd.aug %{_datadir}/augeas/lenses/virtlockd.aug %{_datadir}/augeas/lenses/tests/test_virtlockd.aug +%{_datadir}/augeas/lenses/virtproxyd.aug +%{_datadir}/augeas/lenses/tests/test_virtproxyd.aug %{_datadir}/augeas/lenses/libvirt_lockd.aug %if %{with_qemu} %{_datadir}/augeas/lenses/tests/test_libvirt_lockd.aug @@ -1579,6 +1588,7 @@ exit 0 %attr(0755, root, root) %{_libexecdir}/libvirt_iohelper %attr(0755, root, root) %{_sbindir}/libvirtd +%attr(0755, root, root) %{_sbindir}/virtproxyd %attr(0755, root, root) %{_sbindir}/virtlogd %attr(0755, root, root) %{_sbindir}/virtlockd diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index e1a3fb1888..7b4f6a10bc 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -90,18 +90,40 @@ SYSCONF_FILES += remote/libvirtd.sysconf PODFILES += remote/libvirtd.pod MANINFILES += libvirtd.8.in -LIBVIRTD_UNIT_FILES_IN = \ - remote/libvirtd.service.in \ +LIBVIRTD_SOCKET_UNIT_FILES_IN = \ remote/libvirtd.socket.in \ remote/libvirtd-ro.socket.in \ remote/libvirtd-admin.socket.in \ remote/libvirtd-tcp.socket.in \ remote/libvirtd-tls.socket.in \ + $(NULL) + +LIBVIRTD_SOCKET_UNIT_FILES = $(notdir $(LIBVIRTD_SOCKET_UNIT_FILES_IN:%.in=%)) + +LIBVIRTD_UNIT_FILES_IN = \ + remote/libvirtd.service.in \ + $(LIBVIRTD_SOCKET_UNIT_FILES_IN) \ + $(NULL) + +VIRTPROXYD_UNIT_FILES_IN = \ + remote/virtproxyd.service.in \ + $(NULL) + +GUEST_UNIT_FILES_IN = \ remote/virt-guest-shutdown.target.in \ $(NULL) -SYSTEMD_UNIT_FILES += $(notdir $(LIBVIRTD_UNIT_FILES_IN:%.in=%)) -SYSTEMD_UNIT_FILES_IN += $(LIBVIRTD_UNIT_FILES_IN) + +SYSTEMD_UNIT_FILES += \ + $(notdir $(LIBVIRTD_UNIT_FILES_IN:%.in=%)) \ + $(notdir $(LIBVIRTD_UNIT_FILES_IN:remote/libvirtd%.in=remote/virtproxyd%)) \ + $(notdir $(GUEST_UNIT_FILES_IN:%.in=%)) \ + $(NULL) +SYSTEMD_UNIT_FILES_IN += \ + $(LIBVIRTD_UNIT_FILES_IN) \ + $(VIRTPROXYD_UNIT_FILES_IN) \ + $(GUEST_UNIT_FILES_IN) \ + $(NULL) REMOTE_PROTOCOL = $(srcdir)/remote/remote_protocol.x LXC_PROTOCOL = $(srcdir)/remote/lxc_protocol.x @@ -139,6 +161,7 @@ MAINTAINERCLEANFILES += \ $(NULL) CLEANFILES += \ remote/libvirtd.conf \ + remote/virtproxyd.conf \ $(NULL) if WITH_REMOTE @@ -169,15 +192,27 @@ endif ! WITH_REMOTE if WITH_LIBVIRTD -sbin_PROGRAMS += libvirtd +sbin_PROGRAMS += libvirtd virtproxyd -augeas_DATA += remote/libvirtd.aug +augeas_DATA += \ + remote/libvirtd.aug \ + remote/virtproxyd.aug \ + $(NULL) -augeastest_DATA += remote/test_libvirtd.aug +augeastest_DATA += \ + remote/test_libvirtd.aug \ + remote/test_virtproxyd.aug \ + $(NULL) -nodist_conf_DATA += remote/libvirtd.conf +nodist_conf_DATA += \ + remote/libvirtd.conf \ + remote/virtproxyd.conf \ + $(NULL) -CLEANFILES += remote/libvirtd.aug +CLEANFILES += \ + remote/libvirtd.aug \ + remote/virtproxyd.aug \ + $(NULL) man8_MANS += libvirtd.8 @@ -188,12 +223,23 @@ libvirtd_CFLAGS = \ -DSOCK_PREFIX="\"libvirt\"" \ -DDAEMON_NAME="\"libvirtd\"" \ -DENABLE_IP \ + -DLIBVIRTD \ $(NULL) libvirtd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) libvirtd_LDADD = $(REMOTE_DAEMON_LD_ADD) +virtproxyd_SOURCES = $(REMOTE_DAEMON_SOURCES) +virtproxyd_CFLAGS = \ + $(REMOTE_DAEMON_CFLAGS) \ + -DSOCK_PREFIX="\"libvirt\"" \ + -DDAEMON_NAME="\"virtproxyd\"" \ + -DENABLE_IP \ + $(NULL) +virtproxyd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) +virtproxyd_LDADD = $(REMOTE_DAEMON_LD_ADD) + remote/libvirtd.conf: remote/libvirtd.conf.in $(AM_V_GEN)sed \ -e '/:: CUT ENABLE_IP ::/d' \ @@ -201,6 +247,13 @@ remote/libvirtd.conf: remote/libvirtd.conf.in -e 's/:: DAEMON_NAME ::/libvirtd/' \ < $^ > $@ +remote/virtproxyd.conf: remote/libvirtd.conf.in + $(AM_V_GEN)sed \ + -e '/:: CUT ENABLE_IP ::/d' \ + -e '/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtproxyd/' \ + < $^ > $@ + INSTALL_DATA_DIRS += remote install-data-remote: @@ -217,6 +270,14 @@ remote/libvirtd.aug: remote/libvirtd.aug.in -e 's/:: DAEMON_NAME_UC ::/Libvirtd/' \ $< > $@ +remote/virtproxyd.aug: remote/libvirtd.aug.in + $(AM_V_GEN)$(SED) \ + -e '/:: CUT ENABLE_IP ::/d' \ + -e '/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtproxyd/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtproxyd/' \ + $< > $@ + remote/test_libvirtd.aug: remote/test_libvirtd.aug.in \ remote/libvirtd.conf $(AUG_GENTEST) $(AM_V_GEN)$(AUG_GENTEST) remote/libvirtd.conf \ @@ -227,6 +288,16 @@ remote/test_libvirtd.aug: remote/test_libvirtd.aug.in \ -e 's/:: DAEMON_NAME_UC ::/Libvirtd/' \ > $@ || rm -f $@ +remote/test_virtproxyd.aug: remote/test_libvirtd.aug.in \ + remote/virtproxyd.conf $(AUG_GENTEST) + $(AM_V_GEN)$(AUG_GENTEST) remote/virtproxyd.conf \ + $(srcdir)/remote/test_libvirtd.aug.in | \ + $(SED) -e '/:: CUT ENABLE_IP ::/d' \ + -e '/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtproxyd/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtproxyd/' \ + > $@ || rm -f $@ + if WITH_SYSCTL # Use $(prefix)/lib rather than $(libdir), since man sysctl.d insists on # /usr/lib/sysctl.d/ even when libdir is /usr/lib64 @@ -298,13 +369,34 @@ LIBVIRTD_UNIT_VARS = \ -e 's|[@]name[@]|Libvirt|g' \ -e 's|[@]service[@]|libvirtd|g' \ -e 's|[@]sockprefix[@]|libvirt|g' \ + -e 's|[@]deps[@]||g' \ + $(NULL) + +VIRTD_UNIT_VARS = \ + $(COMMON_UNIT_VARS) \ + -e 's|[@]deps[@]|Conflicts=$(LIBVIRTD_SOCKET_UNIT_FILES)|g' \ + $(NULL) + +VIRTPROXYD_UNIT_VARS = \ + $(VIRTD_UNIT_VARS) \ + -e 's|[@]name[@]|Libvirt proxy|g' \ + -e 's|[@]service[@]|virtproxyd|g' \ + -e 's|[@]sockprefix[@]|libvirt|g' \ $(NULL) libvirtd.service: remote/libvirtd.service.in $(top_builddir)/config.status $(AM_V_GEN)sed $(LIBVIRTD_UNIT_VARS) < $< > $@-t && mv $@-t $@ libvirt%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status - $(AM_V_GEN)sed $(LIBVIRTD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + $(AM_V_GEN)sed $(LIBVIRTD_UNIT_VARS) \ + < $< > $@-t && mv $@-t $@ + +virtproxyd.service: remote/virtproxyd.service.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTPROXYD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +virtproxy%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTPROXYD_UNIT_VARS) \ + < $< > $@-t && mv $@-t $@ virt-guest-shutdown.target: remote/virt-guest-shutdown.target.in \ $(top_builddir)/config.status diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c index 0515a4575f..87742c152f 100644 --- a/src/remote/remote_daemon.c +++ b/src/remote/remote_daemon.c @@ -303,11 +303,19 @@ static int daemonErrorLogFilter(virErrorPtr err, int priority) static int daemonInitialize(void) { -#ifdef MODULE_NAME +#ifndef LIBVIRTD +# ifdef MODULE_NAME + /* This a dedicated per-driver daemon build */ if (virDriverLoadModule(MODULE_NAME, MODULE_NAME "Register", true) < 0) return -1; +# else + /* This is virtproxyd which merely proxies to the per-driver + * daemons for back compat, and also allows IP connectivity. + */ +# endif #else - /* + /* This is the legacy monolithic libvirtd built with all drivers + * * Note that the order is important: the first ones have a higher * priority when calling virStateInitialize. We must register the * network, storage and nodedev drivers before any stateful domain @@ -893,9 +901,9 @@ daemonUsage(const char *argv0, bool privileged) { "-h | --help", N_("Display program help") }, { "-v | --verbose", N_("Verbose messages") }, { "-d | --daemon", N_("Run as a daemon & write PID file") }, -#ifdef ENABLE_IP +#if defined(ENABLE_IP) && defined (LIBVIRTD) { "-l | --listen", N_("Listen for TCP/IP connections") }, -#endif /* ENABLE_IP */ +#endif /* ENABLE_IP && LIBVIRTD */ { "-t | --timeout <secs>", N_("Exit after timeout period") }, { "-f | --config <file>", N_("Configuration file") }, { "-V | --version", N_("Display version information") }, @@ -972,7 +980,11 @@ int main(int argc, char **argv) { int verbose = 0; int godaemon = 0; #ifdef ENABLE_IP +# ifdef LIBVIRTD int ipsock = 0; +# else + int ipsock = 1; /* listen_tcp/listen_tls default to 0 */ +# endif #endif /* ! ENABLE_IP */ struct daemonConfig *config; bool privileged = geteuid() == 0 ? true : false; @@ -983,9 +995,9 @@ int main(int argc, char **argv) { struct option opts[] = { { "verbose", no_argument, &verbose, 'v'}, { "daemon", no_argument, &godaemon, 'd'}, -#ifdef ENABLE_IP +#if defined(ENABLE_IP) && defined(LIBVIRTD) { "listen", no_argument, &ipsock, 'l'}, -#endif /* ! ENABLE_IP */ +#endif /* ENABLE_IP && LIBVIRTD */ { "config", required_argument, NULL, 'f'}, { "timeout", required_argument, NULL, 't'}, { "pid-file", required_argument, NULL, 'p'}, @@ -1010,11 +1022,11 @@ int main(int argc, char **argv) { char *tmp; c = getopt_long(argc, argv, -#ifdef ENABLE_IP +#if defined(ENABLE_IP) && defined(LIBVIRTD) "ldf:p:t:vVh", -#else /* ! ENABLE_IP */ +#else /* ! ENABLE_IP && ! LIBVIRTD */ "df:p:t:vVh", -#endif /* ! ENABLE_IP */ +#endif /* ! ENABLE_IP && ! LIBVIRTD */ opts, &optidx); if (c == -1) @@ -1030,7 +1042,7 @@ int main(int argc, char **argv) { case 'd': godaemon = 1; break; -#ifdef ENABLE_IP +#if defined(ENABLE_IP) && defined(LIBVIRTD) case 'l': ipsock = 1; break; diff --git a/src/remote/remote_daemon_config.c b/src/remote/remote_daemon_config.c index 3c5ccd5ba8..f583442dc7 100644 --- a/src/remote/remote_daemon_config.c +++ b/src/remote/remote_daemon_config.c @@ -108,7 +108,11 @@ daemonConfigNew(bool privileged ATTRIBUTE_UNUSED) return NULL; #ifdef ENABLE_IP - data->listen_tls = 1; +# ifdef LIBVIRTD + data->listen_tls = 1; /* Only honoured it --listen is set */ +# else /* ! LIBVIRTD */ + data->listen_tls = 0; /* Always honoured, --listen doesn't exist. */ +# endif /* ! LIBVIRTD */ data->listen_tcp = 0; if (VIR_STRDUP(data->tls_port, LIBVIRTD_TLS_PORT) < 0 || diff --git a/src/remote/virtproxyd.service.in b/src/remote/virtproxyd.service.in new file mode 100644 index 0000000000..01a0ce9376 --- /dev/null +++ b/src/remote/virtproxyd.service.in @@ -0,0 +1,24 @@ +[Unit] +Description=Virtualization daemon +Conflicts=libvirtd.service +Requires=virtproxyd.socket +Requires=virtproxyd-ro.socket +Requires=virtproxyd-admin.socket +After=network.target +After=dbus.service +After=apparmor.service +After=local-fs.target +After=remote-fs.target +Documentation=man:libvirtd(8) +Documentation=https://libvirt.org + +[Service] +Type=notify +ExecStart=@sbindir@/virtproxyd --timeout 120 +ExecReload=/bin/kill -HUP $MAINPID +Restart=on-failure + +[Install] +WantedBy=multi-user.target +Also=virtproxyd.socket +Also=virtproxyd-ro.socket -- 2.21.0

On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote: [...]
- We can make virtproxyd and the virtXXXd per-driver daemons all have "Conflicts: libvirtd.service" in their systemd unit files. This will guarantee that libvirtd is never started at the same time, as this would result in two daemons running the same driver. Fortunately drivers use locking to protect themselves, but it is better to avoid starting a daemon we know will conflict.
I feel like this will need to be tested extensively to make sure we're always doing the right thing, including on non-systemd hosts. [...]
After some time we can deprecate use of libvirtd and after some more time delete it entirely, leaving us in a pretty world filled with prancing unicorns.
Awww!
The main downside with introducing a new daemon, and with the per-driver daemons in general, is figuring out the correct upgrade path.
The conservative option is to leave libvirtd running if it was an existing installation. Only use the new daemons & virtproxyd on completely new installs.
The aggressive option is to disable libvirtd if already running and activate all the new daemons.
I vote for the conservative option :) As an aside, the above basically a master class in how to write a good commit message. Well done! [...]
+++ b/src/remote/Makefile.inc.am [...] +VIRTD_UNIT_VARS = \ + $(COMMON_UNIT_VARS) \ + -e 's|[@]deps[@]|Conflicts=$(LIBVIRTD_SOCKET_UNIT_FILES)|g' \ + $(NULL)
Considering that we only use LIBVIRTD_SOCKET_UNIT_FILES here, I'd move its definition to this general area. [...]
+++ b/src/remote/remote_daemon.c @@ -303,11 +303,19 @@ static int daemonErrorLogFilter(virErrorPtr err, int priority)
static int daemonInitialize(void) { -#ifdef MODULE_NAME +#ifndef LIBVIRTD +# ifdef MODULE_NAME + /* This a dedicated per-driver daemon build */ if (virDriverLoadModule(MODULE_NAME, MODULE_NAME "Register", true) < 0) return -1; +# else + /* This is virtproxyd which merely proxies to the per-driver + * daemons for back compat, and also allows IP connectivity. + */ +# endif #else - /* + /* This is the legacy monolithic libvirtd built with all drivers + *
This is exactly the kind of comment I suggested you add in patch 9, so I guess just move the first and third one to that patch. [...]
@@ -893,9 +901,9 @@ daemonUsage(const char *argv0, bool privileged) { "-h | --help", N_("Display program help") }, { "-v | --verbose", N_("Verbose messages") }, { "-d | --daemon", N_("Run as a daemon & write PID file") }, -#ifdef ENABLE_IP +#if defined(ENABLE_IP) && defined (LIBVIRTD)
Extra whitespace in "defined (LIBVIRTD)". [...]
+++ b/src/remote/virtproxyd.service.in @@ -0,0 +1,24 @@ +[Unit] +Description=Virtualization daemon +Conflicts=libvirtd.service +Requires=virtproxyd.socket +Requires=virtproxyd-ro.socket +Requires=virtproxyd-admin.socket +After=network.target +After=dbus.service +After=apparmor.service +After=local-fs.target +After=remote-fs.target +Documentation=man:libvirtd(8) +Documentation=https://libvirt.org
There are a few non-obvious changes between libvirtd.service.in and this file: -Requires=virtlogd.socket -Requires=virtlockd.socket -Wants=systemd-machined.service -Before=libvirt-guests.service -After=iscsid.service -After=systemd-logind.service -After=systemd-machined.service I can see why we'd move the relationships with iscsid and virtlockd to virtstoraged, except looking ahead to patch 23 I see you haven't actually done that; either way, I'm not so convinced about the remaining changes. Care to explain the rationale behind them?
+[Service] +Type=notify +ExecStart=@sbindir@/virtproxyd --timeout 120 +ExecReload=/bin/kill -HUP $MAINPID +Restart=on-failure
More changes in this section: -EnvironmentFile=-@sysconfdir@/sysconfig/libvirtd -KillMode=process -LimitNOFILE=8192 -TasksMax=32768 EnvironmentFile is clearly no longer needed, while both LimitNOFILE and TasksMax probably belong to the hypervisor-specific daemons, but I'm unclear on why KillMode was changed.
+[Install] +WantedBy=multi-user.target +Also=virtproxyd.socket +Also=virtproxyd-ro.socket
Kind of a side note since it's pre-existing, but don't we want to list virtproxyd-admin.socket here too? Overall, the changes look good. -- Andrea Bolognani / Red Hat / Virtualization

On Sun, Jul 28, 2019 at 04:42:52PM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote: [...]
- We can make virtproxyd and the virtXXXd per-driver daemons all have "Conflicts: libvirtd.service" in their systemd unit files. This will guarantee that libvirtd is never started at the same time, as this would result in two daemons running the same driver. Fortunately drivers use locking to protect themselves, but it is better to avoid starting a daemon we know will conflict.
I feel like this will need to be tested extensively to make sure we're always doing the right thing, including on non-systemd hosts.
Testing is quite easy - just try to start the two units and make sure only one ends up running. Similarly for non-systemd hosts, start both daemons & see that only one succeeds - the others fail with lock conflict.
+++ b/src/remote/virtproxyd.service.in @@ -0,0 +1,24 @@ +[Unit] +Description=Virtualization daemon +Conflicts=libvirtd.service +Requires=virtproxyd.socket +Requires=virtproxyd-ro.socket +Requires=virtproxyd-admin.socket +After=network.target +After=dbus.service +After=apparmor.service +After=local-fs.target +After=remote-fs.target +Documentation=man:libvirtd(8) +Documentation=https://libvirt.org
There are a few non-obvious changes between libvirtd.service.in and this file:
-Requires=virtlogd.socket -Requires=virtlockd.socket -Wants=systemd-machined.service -Before=libvirt-guests.service -After=iscsid.service -After=systemd-logind.service -After=systemd-machined.service
I can see why we'd move the relationships with iscsid and virtlockd to virtstoraged, except looking ahead to patch 23 I see you haven't actually done that; either way, I'm not so convinced about the remaining changes. Care to explain the rationale behind them?
virtproxdy contains no drivers, so it doesn't need to depend on any of these services. virtdstoraged/qemud/lxcd should have gained some of these though.
+[Service] +Type=notify +ExecStart=@sbindir@/virtproxyd --timeout 120 +ExecReload=/bin/kill -HUP $MAINPID +Restart=on-failure
More changes in this section:
-EnvironmentFile=-@sysconfdir@/sysconfig/libvirtd -KillMode=process -LimitNOFILE=8192 -TasksMax=32768
EnvironmentFile is clearly no longer needed, while both LimitNOFILE and TasksMax probably belong to the hypervisor-specific daemons, but I'm unclear on why KillMode was changed.
The systemd default is fine as we don't need any other processes to survive shutdown.
+[Install] +WantedBy=multi-user.target +Also=virtproxyd.socket +Also=virtproxyd-ro.socket
Kind of a side note since it's pre-existing, but don't we want to list virtproxyd-admin.socket here too?
It is redundant - the deps force virtproxyd-admin.socket to become enabled regardless. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

On Mon, Jul 29, 2019 at 01:30:42PM +0100, Daniel P. Berrangé wrote:
On Sun, Jul 28, 2019 at 04:42:52PM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote: [...]
- We can make virtproxyd and the virtXXXd per-driver daemons all have "Conflicts: libvirtd.service" in their systemd unit files. This will guarantee that libvirtd is never started at the same time, as this would result in two daemons running the same driver. Fortunately drivers use locking to protect themselves, but it is better to avoid starting a daemon we know will conflict.
I feel like this will need to be tested extensively to make sure we're always doing the right thing, including on non-systemd hosts.
Testing is quite easy - just try to start the two units and make sure only one ends up running. Similarly for non-systemd hosts, start both daemons & see that only one succeeds - the others fail with lock conflict.
+++ b/src/remote/virtproxyd.service.in @@ -0,0 +1,24 @@ +[Unit] +Description=Virtualization daemon +Conflicts=libvirtd.service +Requires=virtproxyd.socket +Requires=virtproxyd-ro.socket +Requires=virtproxyd-admin.socket +After=network.target +After=dbus.service +After=apparmor.service +After=local-fs.target +After=remote-fs.target +Documentation=man:libvirtd(8) +Documentation=https://libvirt.org
There are a few non-obvious changes between libvirtd.service.in and this file:
-Requires=virtlogd.socket -Requires=virtlockd.socket -Wants=systemd-machined.service -Before=libvirt-guests.service -After=iscsid.service -After=systemd-logind.service -After=systemd-machined.service
I can see why we'd move the relationships with iscsid and virtlockd to virtstoraged, except looking ahead to patch 23 I see you haven't actually done that; either way, I'm not so convinced about the remaining changes. Care to explain the rationale behind them?
virtproxdy contains no drivers, so it doesn't need to depend on any of these services.
virtdstoraged/qemud/lxcd should have gained some of these though.
I should have killed dbus.service and remote-fs.service too. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

On Mon, Jul 29, 2019 at 01:50:22PM +0100, Daniel P. Berrangé wrote:
On Mon, Jul 29, 2019 at 01:30:42PM +0100, Daniel P. Berrangé wrote:
On Sun, Jul 28, 2019 at 04:42:52PM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote: [...]
- We can make virtproxyd and the virtXXXd per-driver daemons all have "Conflicts: libvirtd.service" in their systemd unit files. This will guarantee that libvirtd is never started at the same time, as this would result in two daemons running the same driver. Fortunately drivers use locking to protect themselves, but it is better to avoid starting a daemon we know will conflict.
I feel like this will need to be tested extensively to make sure we're always doing the right thing, including on non-systemd hosts.
Testing is quite easy - just try to start the two units and make sure only one ends up running. Similarly for non-systemd hosts, start both daemons & see that only one succeeds - the others fail with lock conflict.
+++ b/src/remote/virtproxyd.service.in @@ -0,0 +1,24 @@ +[Unit] +Description=Virtualization daemon +Conflicts=libvirtd.service +Requires=virtproxyd.socket +Requires=virtproxyd-ro.socket +Requires=virtproxyd-admin.socket +After=network.target +After=dbus.service +After=apparmor.service +After=local-fs.target +After=remote-fs.target +Documentation=man:libvirtd(8) +Documentation=https://libvirt.org
There are a few non-obvious changes between libvirtd.service.in and this file:
-Requires=virtlogd.socket -Requires=virtlockd.socket -Wants=systemd-machined.service -Before=libvirt-guests.service -After=iscsid.service -After=systemd-logind.service -After=systemd-machined.service
I can see why we'd move the relationships with iscsid and virtlockd to virtstoraged, except looking ahead to patch 23 I see you haven't actually done that; either way, I'm not so convinced about the remaining changes. Care to explain the rationale behind them?
virtproxdy contains no drivers, so it doesn't need to depend on any of these services.
virtdstoraged/qemud/lxcd should have gained some of these though.
I should have killed dbus.service and remote-fs.service too.
Doh, not. dbus must always be present for polkit to work. remote-fs.service is ok as that's only needed for the hypervisor services (to access disk images). Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

On Mon, 2019-07-29 at 13:30 +0100, Daniel P. Berrangé wrote:
On Sun, Jul 28, 2019 at 04:42:52PM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote:
+[Install] +WantedBy=multi-user.target +Also=virtproxyd.socket +Also=virtproxyd-ro.socket
Kind of a side note since it's pre-existing, but don't we want to list virtproxyd-admin.socket here too?
It is redundant - the deps force virtproxyd-admin.socket to become enabled regardless.
Hm, yeah: we either want this to be socket activated, in which case we'd have to enable the various sockets but not the service, or we want it to start at boot, in which case enabling the sockets is unnecessary. Can you please drop the Also= lines for this as well as all other virt*d.service files then? -- Andrea Bolognani / Red Hat / Virtualization

On 7/23/19 10:02 AM, Daniel P. Berrangé wrote:
The libvirtd daemon provides the traditional libvirt experience where all the drivers are in a single daemon, and is accessible over both local UNIX sockets and remote IP sockets.
In the new world we're having a set of per-driver daemons which will primarily be accessed locally via their own UNIX sockets.
We still, however, need to allow for case of applications which will connect to libvirt remotely. These remote connections can be done as TCP/TLS sockets, or by SSH tunnelling to the UNIX socket.
In the later case, the old libvirt.so clients will only know about the path to the old libvirtd socket /var/run/libvirt/libvirt-sock, and not the new driver sockets /var/run/libvirt/virtqemud-sock.
It is also not desirable to expose the main driver specific daemons over IP directly to minimize their attack service.
Thus the virtproxyd daemon steps into place, to provide TCP/TLS sockets, and back compat for the old libvirtd UNIX socket path(s). It will then forward all RPC calls made to the appropriate driver specific daemon.
Essentially it is equivalent to the old libvirtd with absolutely no drivers registered except for the remote driver (and other stateless drivers in libvirt.so).
We could have modified libvirtd so none of the drivers are registed to get the same end result. We could even add a libvirtd.conf parameter to control whether the drivers are loaded to enable users to switch back to the old world if we discover bugs in the split-daemon model. Using a new daemon though has some advantages
- We can make virtproxyd and the virtXXXd per-driver daemons all have "Conflicts: libvirtd.service" in their systemd unit files. This will guarantee that libvirtd is never started at the same time, as this would result in two daemons running the same driver. Fortunately drivers use locking to protect themselves, but it is better to avoid starting a daemon we know will conflict.
- It allows us to break CLI compat to remove the --listen parameter. Both listen_tcp and listen_tls parameters in /etc/libvirtd/virtd.conf will default to zero. Either TLS or TCP can be enabled exclusively though virtd.conf without requiring the extra step of adding --listen.
- It allows us to set a strict SELinux policy over virtproxyd. For back compat the libvirtd policy must continue to allow all drivers to run. We can't easily give a second policy to libvirtd which locks it down. By introducing a new virtproxyd we can set a strict policy for that daemon only.
Reading this paragraph reminds me that the apparmor profiles will need adjusting too. Regards, Jim

The virtsecretd daemon will be responsible for providing the secret API driver functionality. The secret driver is still loaded by the main libvirtd daemon at this stage, so virtsecretd must not be running at the same time. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- .gitignore | 4 ++ libvirt.spec.in | 8 ++++ src/secret/Makefile.inc.am | 62 +++++++++++++++++++++++++++++++ src/secret/virtsecretd.service.in | 24 ++++++++++++ 4 files changed, 98 insertions(+) create mode 100644 src/secret/virtsecretd.service.in diff --git a/.gitignore b/.gitignore index 05bc166860..162b017c4a 100644 --- a/.gitignore +++ b/.gitignore @@ -166,12 +166,16 @@ /src/remote/virtproxyd.conf /src/rpc/virkeepaliveprotocol.[ch] /src/rpc/virnetprotocol.[ch] +/src/secret/test_virtsecretd.aug +/src/secret/virtsecretd.aug +/src/secret/virtsecretd.conf /src/util/virkeycodetable*.h /src/util/virkeynametable*.h /src/virt-aa-helper /src/virtlockd /src/virtlogd /src/virtproxyd +/src/virtsecretd /src/virt-guest-shutdown.target /tests/*.log /tests/*.pid diff --git a/libvirt.spec.in b/libvirt.spec.in index 2f64dcabe3..8b78415761 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1634,6 +1634,14 @@ exit 0 %{_libdir}/%{name}/connection-driver/libvirt_driver_nwfilter.so %files daemon-driver-secret +%config(noreplace) %{_sysconfdir}/libvirt/virtsecretd.conf +%{_datadir}/augeas/lenses/virtsecretd.aug +%{_datadir}/augeas/lenses/tests/test_virtsecretd.aug +%{_unitdir}/virtsecretd.service +%{_unitdir}/virtsecretd.socket +%{_unitdir}/virtsecretd-ro.socket +%{_unitdir}/virtsecretd-admin.socket +%attr(0755, root, root) %{_sbindir}/virtsecretd %{_libdir}/%{name}/connection-driver/libvirt_driver_secret.so %files daemon-driver-storage diff --git a/src/secret/Makefile.inc.am b/src/secret/Makefile.inc.am index 7a1c8f8e1a..653c95b584 100644 --- a/src/secret/Makefile.inc.am +++ b/src/secret/Makefile.inc.am @@ -37,4 +37,66 @@ libvirt_driver_secret_la_LIBADD = \ $(NULL) libvirt_driver_secret_la_LDFLAGS = $(AM_LDFLAGS_MOD_NOUNDEF) libvirt_driver_secret_la_SOURCES = $(SECRET_DRIVER_SOURCES) + +sbin_PROGRAMS += virtsecretd + +nodist_conf_DATA += secret/virtsecretd.conf +augeas_DATA += secret/virtsecretd.aug +augeastest_DATA += secret/test_virtsecretd.aug +CLEANFILES += secret/virtsecretd.aug + +virtsecretd_SOURCES = $(REMOTE_DAEMON_SOURCES) +virtsecretd_CFLAGS = \ + $(REMOTE_DAEMON_CFLAGS) \ + -DDAEMON_NAME="\"virtsecretd\"" \ + -DMODULE_NAME="\"secret\"" \ + $(NULL) +virtsecretd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) +virtsecretd_LDADD = $(REMOTE_DAEMON_LD_ADD) + +SYSTEMD_UNIT_FILES += \ + virtsecretd.service \ + virtsecretd.socket \ + virtsecretd-ro.socket \ + virtsecretd-admin.socket \ + $(NULL) +SYSTEMD_UNIT_FILES_IN += \ + secret/virtsecretd.service.in \ + $(NULL) + +VIRTSECRETD_UNIT_VARS = \ + $(VIRTD_UNIT_VARS) \ + -e 's|[@]name[@]|Libvirt secret|g' \ + -e 's|[@]service[@]|virtsecretd|g' \ + -e 's|[@]sockprefix[@]|virtsecretd|g' \ + $(NULL) + +virtsecretd.service: secret/virtsecretd.service.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTSECRETD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +virtsecret%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTSECRETD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +secret/virtsecretd.conf: remote/libvirtd.conf.in + $(AM_V_GEN)sed \ + -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtsecretd/' \ + < $^ > $@ + +secret/virtsecretd.aug: remote/libvirtd.aug.in + $(AM_V_GEN)$(SED) \ + -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtsecretd/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtsecretd/' \ + $< > $@ + +secret/test_virtsecretd.aug: remote/test_libvirtd.aug.in \ + secret/virtsecretd.conf $(AUG_GENTEST) + $(AM_V_GEN)$(AUG_GENTEST) secret/virtsecretd.conf \ + $(srcdir)/remote/test_libvirtd.aug.in | \ + $(SED) -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtsecretd/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtsecretd/' \ + > $@ || rm -f $@ + endif WITH_SECRETS diff --git a/src/secret/virtsecretd.service.in b/src/secret/virtsecretd.service.in new file mode 100644 index 0000000000..00cdc26b97 --- /dev/null +++ b/src/secret/virtsecretd.service.in @@ -0,0 +1,24 @@ +[Unit] +Description=Virtualization secret daemon +Conflicts=libvirtd.service +Requires=virtsecretd.socket +Requires=virtsecretd-ro.socket +Requires=virtsecretd-admin.socket +After=network.target +After=dbus.service +After=apparmor.service +After=local-fs.target +Documentation=man:libvirtd(8) +Documentation=https://libvirt.org + +[Service] +Type=notify +ExecStart=@sbindir@/virtsecretd --timeout 120 +ExecReload=/bin/kill -HUP $MAINPID +Restart=on-failure + +[Install] +WantedBy=multi-user.target +Also=virtsecretd.socket +Also=virtsecretd-ro.socket +Also=virtsecretd-admin.socket -- 2.21.0

On Tue, 2019-07-23 at 17:02 +0100, Daniel P. Berrangé wrote: [...]
+++ b/src/secret/virtsecretd.service.in [...] +[Install] +WantedBy=multi-user.target +Also=virtsecretd.socket +Also=virtsecretd-ro.socket +Also=virtsecretd-admin.socket
Interestingly, we *do* include the admin socket here, and for all other newly-introduced daemons too it would seem! Anyway, with the caveat that the comments made for previous patches are addressed here as well if they apply, Reviewed-by: Andrea Bolognani <abologna@redhat.com> -- Andrea Bolognani / Red Hat / Virtualization

On Sun, 2019-07-28 at 17:22 +0200, Andrea Bolognani wrote:
Anyway, with the caveat that the comments made for previous patches are addressed here as well if they apply,
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Patches 21-31 are basically the same as this one, so they also get a R-b with the same caveats. -- Andrea Bolognani / Red Hat / Virtualization

The virtnetworkd daemon will be responsible for providing the network API driver functionality. The network driver is still loaded by the main libvirtd daemon at this stage, so virtnetworkd must not be running at the same time. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- .gitignore | 4 ++ libvirt.spec.in | 8 ++++ src/network/Makefile.inc.am | 61 +++++++++++++++++++++++++++++ src/network/virtnetworkd.service.in | 24 ++++++++++++ 4 files changed, 97 insertions(+) create mode 100644 src/network/virtnetworkd.service.in diff --git a/.gitignore b/.gitignore index 162b017c4a..4101bb4564 100644 --- a/.gitignore +++ b/.gitignore @@ -154,6 +154,9 @@ /src/lxc/lxc_monitor_protocol.h /src/lxc/lxc_protocol.[ch] /src/lxc/test_libvirtd_lxc.aug +/src/network/test_virtnetworkd.aug +/src/network/virtnetworkd.aug +/src/network/virtnetworkd.conf /src/qemu/test_libvirtd_qemu.aug /src/remote/*_client_bodies.h /src/remote/*_protocol.[ch] @@ -174,6 +177,7 @@ /src/virt-aa-helper /src/virtlockd /src/virtlogd +/src/virtnetworkd /src/virtproxyd /src/virtsecretd /src/virt-guest-shutdown.target diff --git a/libvirt.spec.in b/libvirt.spec.in index 8b78415761..4569f59a98 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1612,6 +1612,14 @@ exit 0 %{_libdir}/%{name}/connection-driver/libvirt_driver_interface.so %files daemon-driver-network +%config(noreplace) %{_sysconfdir}/libvirt/virtnetworkd.conf +%{_datadir}/augeas/lenses/virtnetworkd.aug +%{_datadir}/augeas/lenses/tests/test_virtnetworkd.aug +%{_unitdir}/virtnetworkd.service +%{_unitdir}/virtnetworkd.socket +%{_unitdir}/virtnetworkd-ro.socket +%{_unitdir}/virtnetworkd-admin.socket +%attr(0755, root, root) %{_sbindir}/virtnetworkd %dir %attr(0700, root, root) %{_sysconfdir}/libvirt/qemu/ %dir %attr(0700, root, root) %{_sysconfdir}/libvirt/qemu/networks/ %dir %attr(0700, root, root) %{_sysconfdir}/libvirt/qemu/networks/autostart diff --git a/src/network/Makefile.inc.am b/src/network/Makefile.inc.am index 23cf39b6f4..7774049c8e 100644 --- a/src/network/Makefile.inc.am +++ b/src/network/Makefile.inc.am @@ -49,6 +49,67 @@ libvirt_driver_network_impl_la_CFLAGS = \ libvirt_driver_network_impl_la_SOURCES = $(NETWORK_DRIVER_SOURCES) libvirt_driver_network_impl_la_LIBADD = $(DBUS_LIBS) $(LIBXML_LIBS) +sbin_PROGRAMS += virtnetworkd + +nodist_conf_DATA += network/virtnetworkd.conf +augeas_DATA += network/virtnetworkd.aug +augeastest_DATA += network/test_virtnetworkd.aug +CLEANFILES += network/virtnetworkd.aug + +virtnetworkd_SOURCES = $(REMOTE_DAEMON_SOURCES) +virtnetworkd_CFLAGS = \ + $(REMOTE_DAEMON_CFLAGS) \ + -DDAEMON_NAME="\"virtnetworkd\"" \ + -DMODULE_NAME="\"network\"" \ + $(NULL) +virtnetworkd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) +virtnetworkd_LDADD = $(REMOTE_DAEMON_LD_ADD) + +SYSTEMD_UNIT_FILES += \ + virtnetworkd.service \ + virtnetworkd.socket \ + virtnetworkd-ro.socket \ + virtnetworkd-admin.socket \ + $(NULL) +SYSTEMD_UNIT_FILES_IN += \ + network/virtnetworkd.service.in \ + $(NULL) + +VIRTNETWORKD_UNIT_VARS = \ + $(VIRTD_UNIT_VARS) \ + -e 's|[@]name[@]|Libvirt network|g' \ + -e 's|[@]service[@]|virtnetworkd|g' \ + -e 's|[@]sockprefix[@]|virtnetworkd|g' \ + $(NULL) + +virtnetworkd.service: network/virtnetworkd.service.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTNETWORKD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +virtnetwork%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTNETWORKD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +network/virtnetworkd.conf: remote/libvirtd.conf.in + $(AM_V_GEN)sed \ + -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtnetworkd/' \ + < $^ > $@ + +network/virtnetworkd.aug: remote/libvirtd.aug.in + $(AM_V_GEN)$(SED) \ + -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtnetworkd/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtnetworkd/' \ + $< > $@ + +network/test_virtnetworkd.aug: remote/test_libvirtd.aug.in \ + network/virtnetworkd.conf $(AUG_GENTEST) + $(AM_V_GEN)$(AUG_GENTEST) network/virtnetworkd.conf \ + $(srcdir)/remote/test_libvirtd.aug.in | \ + $(SED) -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtnetworkd/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtnetworkd/' \ + > $@ || rm -f $@ + libexec_PROGRAMS += libvirt_leaseshelper libvirt_leaseshelper_SOURCES = $(NETWORK_LEASES_HELPER_SOURCES) libvirt_leaseshelper_LDFLAGS = \ diff --git a/src/network/virtnetworkd.service.in b/src/network/virtnetworkd.service.in new file mode 100644 index 0000000000..4e66d0f28d --- /dev/null +++ b/src/network/virtnetworkd.service.in @@ -0,0 +1,24 @@ +[Unit] +Description=Virtualization network daemon +Conflicts=libvirtd.service +Requires=virtnetworkd.socket +Requires=virtnetworkd-ro.socket +Requires=virtnetworkd-admin.socket +After=network.target +After=dbus.service +After=apparmor.service +After=local-fs.target +Documentation=man:libvirtd(8) +Documentation=https://libvirt.org + +[Service] +Type=notify +ExecStart=@sbindir@/virtnetworkd --timeout 120 +ExecReload=/bin/kill -HUP $MAINPID +Restart=on-failure + +[Install] +WantedBy=multi-user.target +Also=virtnetworkd.socket +Also=virtnetworkd-ro.socket +Also=virtnetworkd-admin.socket -- 2.21.0

The virtinterfaced daemon will be responsible for providing the interface API driver functionality. The interface driver is still loaded by the main libvirtd daemon at this stage, so virtinterfaced must not be running at the same time. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- .gitignore | 4 ++ libvirt.spec.in | 8 ++++ src/interface/Makefile.inc.am | 62 +++++++++++++++++++++++++ src/interface/virtinterfaced.service.in | 24 ++++++++++ 4 files changed, 98 insertions(+) create mode 100644 src/interface/virtinterfaced.service.in diff --git a/.gitignore b/.gitignore index 4101bb4564..c361d87868 100644 --- a/.gitignore +++ b/.gitignore @@ -120,6 +120,9 @@ /src/admin/admin_server_dispatch_stubs.h /src/esx/*.generated.* /src/hyperv/*.generated.* +/src/interface/test_virtinterfaced.aug +/src/interface/virtinterfaced.aug +/src/interface/virtinterfaced.conf /src/libvirt*.def /src/libvirt.syms /src/libvirt_access.syms @@ -175,6 +178,7 @@ /src/util/virkeycodetable*.h /src/util/virkeynametable*.h /src/virt-aa-helper +/src/virtinterfaced /src/virtlockd /src/virtlogd /src/virtnetworkd diff --git a/libvirt.spec.in b/libvirt.spec.in index 4569f59a98..25bd2a359d 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1609,6 +1609,14 @@ exit 0 %ghost %{_sysconfdir}/libvirt/nwfilter/*.xml %files daemon-driver-interface +%config(noreplace) %{_sysconfdir}/libvirt/virtinterfaced.conf +%{_datadir}/augeas/lenses/virtinterfaced.aug +%{_datadir}/augeas/lenses/tests/test_virtinterfaced.aug +%{_unitdir}/virtinterfaced.service +%{_unitdir}/virtinterfaced.socket +%{_unitdir}/virtinterfaced-ro.socket +%{_unitdir}/virtinterfaced-admin.socket +%attr(0755, root, root) %{_sbindir}/virtinterfaced %{_libdir}/%{name}/connection-driver/libvirt_driver_interface.so %files daemon-driver-network diff --git a/src/interface/Makefile.inc.am b/src/interface/Makefile.inc.am index 339a92786b..0476eb7de2 100644 --- a/src/interface/Makefile.inc.am +++ b/src/interface/Makefile.inc.am @@ -41,4 +41,66 @@ libvirt_driver_interface_la_LIBADD += $(UDEV_LIBS) libvirt_driver_interface_la_SOURCES += $(INTERFACE_DRIVER_UDEV_SOURCES) endif WITH_UDEV libvirt_driver_interface_la_LIBADD += ../gnulib/lib/libgnu.la + +sbin_PROGRAMS += virtinterfaced + +nodist_conf_DATA += interface/virtinterfaced.conf +augeas_DATA += interface/virtinterfaced.aug +augeastest_DATA += interface/test_virtinterfaced.aug +CLEANFILES += interface/virtinterfaced.aug + +virtinterfaced_SOURCES = $(REMOTE_DAEMON_SOURCES) +virtinterfaced_CFLAGS = \ + $(REMOTE_DAEMON_CFLAGS) \ + -DDAEMON_NAME="\"virtinterfaced\"" \ + -DMODULE_NAME="\"interface\"" \ + $(NULL) +virtinterfaced_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) +virtinterfaced_LDADD = $(REMOTE_DAEMON_LD_ADD) + +SYSTEMD_UNIT_FILES += \ + virtinterfaced.service \ + virtinterfaced.socket \ + virtinterfaced-ro.socket \ + virtinterfaced-admin.socket \ + $(NULL) +SYSTEMD_UNIT_FILES_IN += \ + interface/virtinterfaced.service.in \ + $(NULL) + +VIRTINTERFACED_UNIT_VARS = \ + $(VIRTD_UNIT_VARS) \ + -e 's|[@]name[@]|Libvirt interface|g' \ + -e 's|[@]service[@]|virtinterfaced|g' \ + -e 's|[@]sockprefix[@]|virtinterfaced|g' \ + $(NULL) + +virtinterfaced.service: interface/virtinterfaced.service.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTINTERFACED_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +virtinterface%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTINTERFACED_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +interface/virtinterfaced.conf: remote/libvirtd.conf.in + $(AM_V_GEN)sed \ + -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtinterfaced/' \ + < $^ > $@ + +interface/virtinterfaced.aug: remote/libvirtd.aug.in + $(AM_V_GEN)$(SED) \ + -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtinterfaced/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtinterfaced/' \ + $< > $@ + +interface/test_virtinterfaced.aug: remote/test_libvirtd.aug.in \ + interface/virtinterfaced.conf $(AUG_GENTEST) + $(AM_V_GEN)$(AUG_GENTEST) interface/virtinterfaced.conf \ + $(srcdir)/remote/test_libvirtd.aug.in | \ + $(SED) -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtinterfaced/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtinterfaced/' \ + > $@ || rm -f $@ + endif WITH_INTERFACE diff --git a/src/interface/virtinterfaced.service.in b/src/interface/virtinterfaced.service.in new file mode 100644 index 0000000000..ff3a611d16 --- /dev/null +++ b/src/interface/virtinterfaced.service.in @@ -0,0 +1,24 @@ +[Unit] +Description=Virtualization interface daemon +Conflicts=libvirtd.service +Requires=virtinterfaced.socket +Requires=virtinterfaced-ro.socket +Requires=virtinterfaced-admin.socket +After=network.target +After=dbus.service +After=apparmor.service +After=local-fs.target +Documentation=man:libvirtd(8) +Documentation=https://libvirt.org + +[Service] +Type=notify +ExecStart=@sbindir@/virtinterfaced --timeout 120 +ExecReload=/bin/kill -HUP $MAINPID +Restart=on-failure + +[Install] +WantedBy=multi-user.target +Also=virtinterfaced.socket +Also=virtinterfaced-ro.socket +Also=virtinterfaced-admin.socket -- 2.21.0

The virtstoraged daemon will be responsible for providing the storage API driver functionality. The storage driver is still loaded by the main libvirtd daemon at this stage, so virtstoraged must not be running at the same time. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- .gitignore | 4 ++ libvirt.spec.in | 8 ++++ src/storage/Makefile.inc.am | 61 +++++++++++++++++++++++++++++ src/storage/virtstoraged.service.in | 24 ++++++++++++ 4 files changed, 97 insertions(+) create mode 100644 src/storage/virtstoraged.service.in diff --git a/.gitignore b/.gitignore index c361d87868..3b86183bee 100644 --- a/.gitignore +++ b/.gitignore @@ -175,6 +175,9 @@ /src/secret/test_virtsecretd.aug /src/secret/virtsecretd.aug /src/secret/virtsecretd.conf +/src/storage/test_virtstoraged.aug +/src/storage/virtstoraged.aug +/src/storage/virtstoraged.conf /src/util/virkeycodetable*.h /src/util/virkeynametable*.h /src/virt-aa-helper @@ -184,6 +187,7 @@ /src/virtnetworkd /src/virtproxyd /src/virtsecretd +/src/virtstoraged /src/virt-guest-shutdown.target /tests/*.log /tests/*.pid diff --git a/libvirt.spec.in b/libvirt.spec.in index 25bd2a359d..dce428ede3 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1663,6 +1663,14 @@ exit 0 %files daemon-driver-storage %files daemon-driver-storage-core +%config(noreplace) %{_sysconfdir}/libvirt/virtstoraged.conf +%{_datadir}/augeas/lenses/virtstoraged.aug +%{_datadir}/augeas/lenses/tests/test_virtstoraged.aug +%{_unitdir}/virtstoraged.service +%{_unitdir}/virtstoraged.socket +%{_unitdir}/virtstoraged-ro.socket +%{_unitdir}/virtstoraged-admin.socket +%attr(0755, root, root) %{_sbindir}/virtstoraged %attr(0755, root, root) %{_libexecdir}/libvirt_parthelper %{_libdir}/%{name}/connection-driver/libvirt_driver_storage.so %{_libdir}/%{name}/storage-backend/libvirt_storage_backend_fs.so diff --git a/src/storage/Makefile.inc.am b/src/storage/Makefile.inc.am index 538709256d..8083a6b8ac 100644 --- a/src/storage/Makefile.inc.am +++ b/src/storage/Makefile.inc.am @@ -142,6 +142,67 @@ mod_LTLIBRARIES += libvirt_driver_storage.la libvirt_driver_storage_la_LDFLAGS = $(AM_LDFLAGS_MOD_NOUNDEF) libvirt_driver_storage_impl_la_SOURCES += $(STORAGE_DRIVER_SOURCES) +sbin_PROGRAMS += virtstoraged + +nodist_conf_DATA += storage/virtstoraged.conf +augeas_DATA += storage/virtstoraged.aug +augeastest_DATA += storage/test_virtstoraged.aug +CLEANFILES += storage/virtstoraged.aug + +virtstoraged_SOURCES = $(REMOTE_DAEMON_SOURCES) +virtstoraged_CFLAGS = \ + $(REMOTE_DAEMON_CFLAGS) \ + -DDAEMON_NAME="\"virtstoraged\"" \ + -DMODULE_NAME="\"storage\"" \ + $(NULL) +virtstoraged_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) +virtstoraged_LDADD = $(REMOTE_DAEMON_LD_ADD) + +SYSTEMD_UNIT_FILES += \ + virtstoraged.service \ + virtstoraged.socket \ + virtstoraged-ro.socket \ + virtstoraged-admin.socket \ + $(NULL) +SYSTEMD_UNIT_FILES_IN += \ + storage/virtstoraged.service.in \ + $(NULL) + +VIRTSTORAGED_UNIT_VARS = \ + $(VIRTD_UNIT_VARS) \ + -e 's|[@]name[@]|Libvirt storage|g' \ + -e 's|[@]service[@]|virtstoraged|g' \ + -e 's|[@]sockprefix[@]|virtstoraged|g' \ + $(NULL) + +virtstoraged.service: storage/virtstoraged.service.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTSTORAGED_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +virtstorage%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTSTORAGED_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +storage/virtstoraged.conf: remote/libvirtd.conf.in + $(AM_V_GEN)sed \ + -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtstoraged/' \ + < $^ > $@ + +storage/virtstoraged.aug: remote/libvirtd.aug.in + $(AM_V_GEN)$(SED) \ + -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtstoraged/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtstoraged/' \ + $< > $@ + +storage/test_virtstoraged.aug: remote/test_libvirtd.aug.in \ + storage/virtstoraged.conf $(AUG_GENTEST) + $(AM_V_GEN)$(AUG_GENTEST) storage/virtstoraged.conf \ + $(srcdir)/remote/test_libvirtd.aug.in | \ + $(SED) -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtstoraged/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtstoraged/' \ + > $@ || rm -f $@ + libvirt_storage_backend_fs_la_SOURCES = $(STORAGE_DRIVER_FS_SOURCES) libvirt_storage_backend_fs_la_CFLAGS = \ diff --git a/src/storage/virtstoraged.service.in b/src/storage/virtstoraged.service.in new file mode 100644 index 0000000000..687e3b930e --- /dev/null +++ b/src/storage/virtstoraged.service.in @@ -0,0 +1,24 @@ +[Unit] +Description=Virtualization storage daemon +Conflicts=libvirtd.service +Requires=virtstoraged.socket +Requires=virtstoraged-ro.socket +Requires=virtstoraged-admin.socket +After=network.target +After=dbus.service +After=apparmor.service +After=local-fs.target +Documentation=man:libvirtd(8) +Documentation=https://libvirt.org + +[Service] +Type=notify +ExecStart=@sbindir@/virtstoraged --timeout 120 +ExecReload=/bin/kill -HUP $MAINPID +Restart=on-failure + +[Install] +WantedBy=multi-user.target +Also=virtstoraged.socket +Also=virtstoraged-ro.socket +Also=virtstoraged-admin.socket -- 2.21.0

The virtnodedevd daemon will be responsible for providing the nodedev API driver functionality. The nodedev driver is still loaded by the main libvirtd daemon at this stage, so virtnodedevd must not be running at the same time. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- .gitignore | 4 ++ libvirt.spec.in | 8 ++++ src/node_device/Makefile.inc.am | 62 +++++++++++++++++++++++++ src/node_device/virtnodedevd.service.in | 24 ++++++++++ 4 files changed, 98 insertions(+) create mode 100644 src/node_device/virtnodedevd.service.in diff --git a/.gitignore b/.gitignore index 3b86183bee..ada72fd618 100644 --- a/.gitignore +++ b/.gitignore @@ -160,6 +160,9 @@ /src/network/test_virtnetworkd.aug /src/network/virtnetworkd.aug /src/network/virtnetworkd.conf +/src/node_device/test_virtnodedevd.aug +/src/node_device/virtnodedevd.aug +/src/node_device/virtnodedevd.conf /src/qemu/test_libvirtd_qemu.aug /src/remote/*_client_bodies.h /src/remote/*_protocol.[ch] @@ -185,6 +188,7 @@ /src/virtlockd /src/virtlogd /src/virtnetworkd +/src/virtnodedevd /src/virtproxyd /src/virtsecretd /src/virtstoraged diff --git a/libvirt.spec.in b/libvirt.spec.in index dce428ede3..c0b880d569 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1642,6 +1642,14 @@ exit 0 %endif %files daemon-driver-nodedev +%config(noreplace) %{_sysconfdir}/libvirt/virtnodedevd.conf +%{_datadir}/augeas/lenses/virtnodedevd.aug +%{_datadir}/augeas/lenses/tests/test_virtnodedevd.aug +%{_unitdir}/virtnodedevd.service +%{_unitdir}/virtnodedevd.socket +%{_unitdir}/virtnodedevd-ro.socket +%{_unitdir}/virtnodedevd-admin.socket +%attr(0755, root, root) %{_sbindir}/virtnodedevd %{_libdir}/%{name}/connection-driver/libvirt_driver_nodedev.so %files daemon-driver-nwfilter diff --git a/src/node_device/Makefile.inc.am b/src/node_device/Makefile.inc.am index 3e04651e8c..34d65849e1 100644 --- a/src/node_device/Makefile.inc.am +++ b/src/node_device/Makefile.inc.am @@ -64,4 +64,66 @@ libvirt_driver_nodedev_la_LIBADD += \ endif WITH_UDEV libvirt_driver_nodedev_la_LIBADD += ../gnulib/lib/libgnu.la + +sbin_PROGRAMS += virtnodedevd + +nodist_conf_DATA += node_device/virtnodedevd.conf +augeas_DATA += node_device/virtnodedevd.aug +augeastest_DATA += node_device/test_virtnodedevd.aug +CLEANFILES += node_device/virtnodedevd.aug + +virtnodedevd_SOURCES = $(REMOTE_DAEMON_SOURCES) +virtnodedevd_CFLAGS = \ + $(REMOTE_DAEMON_CFLAGS) \ + -DDAEMON_NAME="\"virtnodedevd\"" \ + -DMODULE_NAME="\"nodedev\"" \ + $(NULL) +virtnodedevd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) +virtnodedevd_LDADD = $(REMOTE_DAEMON_LD_ADD) + +SYSTEMD_UNIT_FILES += \ + virtnodedevd.service \ + virtnodedevd.socket \ + virtnodedevd-ro.socket \ + virtnodedevd-admin.socket \ + $(NULL) +SYSTEMD_UNIT_FILES_IN += \ + node_device/virtnodedevd.service.in \ + $(NULL) + +VIRTNODEDEVD_UNIT_VARS = \ + $(VIRTD_UNIT_VARS) \ + -e 's|[@]name[@]|Libvirt nodedev|g' \ + -e 's|[@]service[@]|virtnodedevd|g' \ + -e 's|[@]sockprefix[@]|virtnodedevd|g' \ + $(NULL) + +virtnodedevd.service: node_device/virtnodedevd.service.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTNODEDEVD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +virtnodedev%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTNODEDEVD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +node_device/virtnodedevd.conf: remote/libvirtd.conf.in + $(AM_V_GEN)sed \ + -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtnodedevd/' \ + < $^ > $@ + +node_device/virtnodedevd.aug: remote/libvirtd.aug.in + $(AM_V_GEN)$(SED) \ + -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtnodedevd/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtnodedevd/' \ + $< > $@ + +node_device/test_virtnodedevd.aug: remote/test_libvirtd.aug.in \ + node_device/virtnodedevd.conf $(AUG_GENTEST) + $(AM_V_GEN)$(AUG_GENTEST) node_device/virtnodedevd.conf \ + $(srcdir)/remote/test_libvirtd.aug.in | \ + $(SED) -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtnodedevd/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtnodedevd/' \ + > $@ || rm -f $@ + endif WITH_NODE_DEVICES diff --git a/src/node_device/virtnodedevd.service.in b/src/node_device/virtnodedevd.service.in new file mode 100644 index 0000000000..132ee05a7f --- /dev/null +++ b/src/node_device/virtnodedevd.service.in @@ -0,0 +1,24 @@ +[Unit] +Description=Virtualization nodedev daemon +Conflicts=libvirtd.service +Requires=virtnodedevd.socket +Requires=virtnodedevd-ro.socket +Requires=virtnodedevd-admin.socket +After=network.target +After=dbus.service +After=apparmor.service +After=local-fs.target +Documentation=man:libvirtd(8) +Documentation=https://libvirt.org + +[Service] +Type=notify +ExecStart=@sbindir@/virtnodedevd --timeout 120 +ExecReload=/bin/kill -HUP $MAINPID +Restart=on-failure + +[Install] +WantedBy=multi-user.target +Also=virtnodedevd.socket +Also=virtnodedevd-ro.socket +Also=virtnodedevd-admin.socket -- 2.21.0

The virtnwfilterd daemon will be responsible for providing the nwfilter API driver functionality. The nwfilter driver is still loaded by the main libvirtd daemon at this stage, so virtnwfilterd must not be running at the same time. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- .gitignore | 4 ++ libvirt.spec.in | 8 ++++ src/nwfilter/Makefile.inc.am | 62 +++++++++++++++++++++++++++ src/nwfilter/virtnwfilterd.service.in | 24 +++++++++++ 4 files changed, 98 insertions(+) create mode 100644 src/nwfilter/virtnwfilterd.service.in diff --git a/.gitignore b/.gitignore index ada72fd618..b93fd1b044 100644 --- a/.gitignore +++ b/.gitignore @@ -163,6 +163,9 @@ /src/node_device/test_virtnodedevd.aug /src/node_device/virtnodedevd.aug /src/node_device/virtnodedevd.conf +/src/nwfilter/test_virtnwfilterd.aug +/src/nwfilter/virtnwfilterd.aug +/src/nwfilter/virtnwfilterd.conf /src/qemu/test_libvirtd_qemu.aug /src/remote/*_client_bodies.h /src/remote/*_protocol.[ch] @@ -189,6 +192,7 @@ /src/virtlogd /src/virtnetworkd /src/virtnodedevd +/src/virtnwfilterd /src/virtproxyd /src/virtsecretd /src/virtstoraged diff --git a/libvirt.spec.in b/libvirt.spec.in index c0b880d569..ae1a278152 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1653,6 +1653,14 @@ exit 0 %{_libdir}/%{name}/connection-driver/libvirt_driver_nodedev.so %files daemon-driver-nwfilter +%config(noreplace) %{_sysconfdir}/libvirt/virtnwfilterd.conf +%{_datadir}/augeas/lenses/virtnwfilterd.aug +%{_datadir}/augeas/lenses/tests/test_virtnwfilterd.aug +%{_unitdir}/virtnwfilterd.service +%{_unitdir}/virtnwfilterd.socket +%{_unitdir}/virtnwfilterd-ro.socket +%{_unitdir}/virtnwfilterd-admin.socket +%attr(0755, root, root) %{_sbindir}/virtnwfilterd %dir %attr(0700, root, root) %{_sysconfdir}/libvirt/nwfilter/ %ghost %dir %{_localstatedir}/run/libvirt/network/ %{_libdir}/%{name}/connection-driver/libvirt_driver_nwfilter.so diff --git a/src/nwfilter/Makefile.inc.am b/src/nwfilter/Makefile.inc.am index 810ca54bcc..3142c1298b 100644 --- a/src/nwfilter/Makefile.inc.am +++ b/src/nwfilter/Makefile.inc.am @@ -41,4 +41,66 @@ libvirt_driver_nwfilter_impl_la_LIBADD = \ ../gnulib/lib/libgnu.la \ $(NULL) libvirt_driver_nwfilter_impl_la_SOURCES = $(NWFILTER_DRIVER_SOURCES) + +sbin_PROGRAMS += virtnwfilterd + +nodist_conf_DATA += nwfilter/virtnwfilterd.conf +augeas_DATA += nwfilter/virtnwfilterd.aug +augeastest_DATA += nwfilter/test_virtnwfilterd.aug +CLEANFILES += nwfilter/virtnwfilterd.aug + +virtnwfilterd_SOURCES = $(REMOTE_DAEMON_SOURCES) +virtnwfilterd_CFLAGS = \ + $(REMOTE_DAEMON_CFLAGS) \ + -DDAEMON_NAME="\"virtnwfilterd\"" \ + -DMODULE_NAME="\"nwfilter\"" \ + $(NULL) +virtnwfilterd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) +virtnwfilterd_LDADD = $(REMOTE_DAEMON_LD_ADD) + +SYSTEMD_UNIT_FILES += \ + virtnwfilterd.service \ + virtnwfilterd.socket \ + virtnwfilterd-ro.socket \ + virtnwfilterd-admin.socket \ + $(NULL) +SYSTEMD_UNIT_FILES_IN += \ + nwfilter/virtnwfilterd.service.in \ + $(NULL) + +VIRTNWFILTERD_UNIT_VARS = \ + $(VIRTD_UNIT_VARS) \ + -e 's|[@]name[@]|Libvirt nwfilter|g' \ + -e 's|[@]service[@]|virtnwfilterd|g' \ + -e 's|[@]sockprefix[@]|virtnwfilterd|g' \ + $(NULL) + +virtnwfilterd.service: nwfilter/virtnwfilterd.service.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTNWFILTERD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +virtnwfilter%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTNWFILTERD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +nwfilter/virtnwfilterd.conf: remote/libvirtd.conf.in + $(AM_V_GEN)sed \ + -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtnwfilterd/' \ + < $^ > $@ + +nwfilter/virtnwfilterd.aug: remote/libvirtd.aug.in + $(AM_V_GEN)$(SED) \ + -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtnwfilterd/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtnwfilterd/' \ + $< > $@ + +nwfilter/test_virtnwfilterd.aug: remote/test_libvirtd.aug.in \ + nwfilter/virtnwfilterd.conf $(AUG_GENTEST) + $(AM_V_GEN)$(AUG_GENTEST) nwfilter/virtnwfilterd.conf \ + $(srcdir)/remote/test_libvirtd.aug.in | \ + $(SED) -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtnwfilterd/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtnwfilterd/' \ + > $@ || rm -f $@ + endif WITH_NWFILTER diff --git a/src/nwfilter/virtnwfilterd.service.in b/src/nwfilter/virtnwfilterd.service.in new file mode 100644 index 0000000000..57c2fafe43 --- /dev/null +++ b/src/nwfilter/virtnwfilterd.service.in @@ -0,0 +1,24 @@ +[Unit] +Description=Virtualization nwfilter daemon +Conflicts=libvirtd.service +Requires=virtnwfilterd.socket +Requires=virtnwfilterd-ro.socket +Requires=virtnwfilterd-admin.socket +After=network.target +After=dbus.service +After=apparmor.service +After=local-fs.target +Documentation=man:libvirtd(8) +Documentation=https://libvirt.org + +[Service] +Type=notify +ExecStart=@sbindir@/virtnwfilterd --timeout 120 +ExecReload=/bin/kill -HUP $MAINPID +Restart=on-failure + +[Install] +WantedBy=multi-user.target +Also=virtnwfilterd.socket +Also=virtnwfilterd-ro.socket +Also=virtnwfilterd-admin.socket -- 2.21.0

The virtxend daemon will be responsible for providing the libxl API driver functionality. The libxl driver is still loaded by the main libvirtd daemon at this stage, so virtxend must not be running at the same time. This naming is slightly different than other drivers. With the libxl driver, the user still has a 'xen:///system' URI, and we provide it in a libvirt-daemon-xen RPM, which pulls in a libvirt-daemon-driver-libxl RPM. Arguably we could rename the libxl driver to "xen" since it is the only xen driver we have these days, and that matches how we expose it to users in the URI naming. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- .gitignore | 4 +++ libvirt.spec.in | 8 +++++ src/libxl/Makefile.inc.am | 61 +++++++++++++++++++++++++++++++++++ src/libxl/virtxend.service.in | 24 ++++++++++++++ 4 files changed, 97 insertions(+) create mode 100644 src/libxl/virtxend.service.in diff --git a/.gitignore b/.gitignore index b93fd1b044..1c746cec44 100644 --- a/.gitignore +++ b/.gitignore @@ -139,6 +139,9 @@ /src/libvirtd /src/libvirtd*.logrotate /src/libxl/test_libvirtd_libxl.aug +/src/libxl/test_virtxend.aug +/src/libxl/virtxend.aug +/src/libxl/virtxend.conf /src/locking/libxl-lockd.conf /src/locking/libxl-sanlock.conf /src/locking/lock_daemon_dispatch_stubs.h @@ -188,6 +191,7 @@ /src/util/virkeynametable*.h /src/virt-aa-helper /src/virtinterfaced +/src/virtxend /src/virtlockd /src/virtlogd /src/virtnetworkd diff --git a/libvirt.spec.in b/libvirt.spec.in index ae1a278152..06e8666bc5 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1765,6 +1765,14 @@ exit 0 %if %{with_libxl} %files daemon-driver-libxl +%config(noreplace) %{_sysconfdir}/libvirt/virtxend.conf +%{_datadir}/augeas/lenses/virtxend.aug +%{_datadir}/augeas/lenses/tests/test_virtxend.aug +%{_unitdir}/virtxend.service +%{_unitdir}/virtxend.socket +%{_unitdir}/virtxend-ro.socket +%{_unitdir}/virtxend-admin.socket +%attr(0755, root, root) %{_sbindir}/virtxend %config(noreplace) %{_sysconfdir}/libvirt/libxl.conf %config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd.libxl %config(noreplace) %{_sysconfdir}/libvirt/libxl-lockd.conf diff --git a/src/libxl/Makefile.inc.am b/src/libxl/Makefile.inc.am index 467c2720b2..0079760488 100644 --- a/src/libxl/Makefile.inc.am +++ b/src/libxl/Makefile.inc.am @@ -65,6 +65,67 @@ libvirt_driver_libxl_impl_la_LIBADD = \ $(NULL) libvirt_driver_libxl_impl_la_SOURCES = $(LIBXL_DRIVER_SOURCES) +sbin_PROGRAMS += virtxend + +nodist_conf_DATA += libxl/virtxend.conf +augeas_DATA += libxl/virtxend.aug +augeastest_DATA += libxl/test_virtxend.aug +CLEANFILES += libxl/virtxend.aug + +virtxend_SOURCES = $(REMOTE_DAEMON_SOURCES) +virtxend_CFLAGS = \ + $(REMOTE_DAEMON_CFLAGS) \ + -DDAEMON_NAME="\"virtxend\"" \ + -DMODULE_NAME="\"libxl\"" \ + $(NULL) +virtxend_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) +virtxend_LDADD = $(REMOTE_DAEMON_LD_ADD) + +SYSTEMD_UNIT_FILES += \ + virtxend.service \ + virtxend.socket \ + virtxend-ro.socket \ + virtxend-admin.socket \ + $(NULL) +SYSTEMD_UNIT_FILES_IN += \ + libxl/virtxend.service.in \ + $(NULL) + +VIRTXEND_UNIT_VARS = \ + $(VIRTD_UNIT_VARS) \ + -e 's|[@]name[@]|Libvirt libxl|g' \ + -e 's|[@]service[@]|virtxend|g' \ + -e 's|[@]sockprefix[@]|virtxend|g' \ + $(NULL) + +virtxend.service: libxl/virtxend.service.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTXEND_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +virtxen%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTXEND_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +libxl/virtxend.conf: remote/libvirtd.conf.in + $(AM_V_GEN)sed \ + -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtxend/' \ + < $^ > $@ + +libxl/virtxend.aug: remote/libvirtd.aug.in + $(AM_V_GEN)$(SED) \ + -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtxend/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtxend/' \ + $< > $@ + +libxl/test_virtxend.aug: remote/test_libvirtd.aug.in \ + libxl/virtxend.conf $(AUG_GENTEST) + $(AM_V_GEN)$(AUG_GENTEST) libxl/virtxend.conf \ + $(srcdir)/remote/test_libvirtd.aug.in | \ + $(SED) -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtxend/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtxend/' \ + > $@ || rm -f $@ + conf_DATA += libxl/libxl.conf augeas_DATA += libxl/libvirtd_libxl.aug augeastest_DATA += libxl/test_libvirtd_libxl.aug diff --git a/src/libxl/virtxend.service.in b/src/libxl/virtxend.service.in new file mode 100644 index 0000000000..fdb0ccd312 --- /dev/null +++ b/src/libxl/virtxend.service.in @@ -0,0 +1,24 @@ +[Unit] +Description=Virtualization xen daemon +Conflicts=libvirtd.service +Requires=virtxend.socket +Requires=virtxend-ro.socket +Requires=virtxend-admin.socket +After=network.target +After=dbus.service +After=apparmor.service +After=local-fs.target +Documentation=man:libvirtd(8) +Documentation=https://libvirt.org + +[Service] +Type=notify +ExecStart=@sbindir@/virtxend --timeout 120 +ExecReload=/bin/kill -HUP $MAINPID +Restart=on-failure + +[Install] +WantedBy=multi-user.target +Also=virtxend.socket +Also=virtxend-ro.socket +Also=virtxend-admin.socket -- 2.21.0

On 7/23/19 10:03 AM, Daniel P. Berrangé wrote:
The virtxend daemon will be responsible for providing the libxl API
Written that way, with the 'xen' and 'd' squashed together, revives nightmares of another thing with similar name :-). However I agree it is the correct name to use here and the 'virt' prefix helps settle my stomach.
driver functionality. The libxl driver is still loaded by the main libvirtd daemon at this stage, so virtxend must not be running at the same time.
This naming is slightly different than other drivers. With the libxl driver, the user still has a 'xen:///system' URI, and we provide it in a libvirt-daemon-xen RPM, which pulls in a libvirt-daemon-driver-libxl RPM.
Arguably we could rename the libxl driver to "xen" since it is the only xen driver we have these days, and that matches how we expose it to users in the URI naming.
Nod. And the contents of xenconfig directory could likely be moved under it. Regards, Jim

On Fri, Jul 26, 2019 at 11:13:57PM +0000, Jim Fehlig wrote:
On 7/23/19 10:03 AM, Daniel P. Berrangé wrote:
The virtxend daemon will be responsible for providing the libxl API
Written that way, with the 'xen' and 'd' squashed together, revives nightmares of another thing with similar name :-). However I agree it is the correct name to use here and the 'virt' prefix helps settle my stomach.
Yeah, I can't say I was thrilled when I realized that this really was the right name :-) Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

The virtqemud daemon will be responsible for providing the qemu API driver functionality. The qemu driver is still loaded by the main libvirtd daemon at this stage, so virtqemud must not be running at the same time. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- .gitignore | 4 +++ libvirt.spec.in | 8 +++++ src/qemu/Makefile.inc.am | 61 +++++++++++++++++++++++++++++++++++ src/qemu/virtqemud.service.in | 24 ++++++++++++++ 4 files changed, 97 insertions(+) create mode 100644 src/qemu/virtqemud.service.in diff --git a/.gitignore b/.gitignore index 1c746cec44..d23ffa94f0 100644 --- a/.gitignore +++ b/.gitignore @@ -170,6 +170,9 @@ /src/nwfilter/virtnwfilterd.aug /src/nwfilter/virtnwfilterd.conf /src/qemu/test_libvirtd_qemu.aug +/src/qemu/test_virtqemud.aug +/src/qemu/virtqemud.aug +/src/qemu/virtqemud.conf /src/remote/*_client_bodies.h /src/remote/*_protocol.[ch] /src/remote/*_stubs.h @@ -198,6 +201,7 @@ /src/virtnodedevd /src/virtnwfilterd /src/virtproxyd +/src/virtqemud /src/virtsecretd /src/virtstoraged /src/virt-guest-shutdown.target diff --git a/libvirt.spec.in b/libvirt.spec.in index 06e8666bc5..7d2597e3dd 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1735,6 +1735,14 @@ exit 0 %if %{with_qemu} %files daemon-driver-qemu +%config(noreplace) %{_sysconfdir}/libvirt/virtqemud.conf +%{_datadir}/augeas/lenses/virtqemud.aug +%{_datadir}/augeas/lenses/tests/test_virtqemud.aug +%{_unitdir}/virtqemud.service +%{_unitdir}/virtqemud.socket +%{_unitdir}/virtqemud-ro.socket +%{_unitdir}/virtqemud-admin.socket +%attr(0755, root, root) %{_sbindir}/virtqemud %dir %attr(0700, root, root) %{_sysconfdir}/libvirt/qemu/ %dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/qemu/ %config(noreplace) %{_sysconfdir}/libvirt/qemu.conf diff --git a/src/qemu/Makefile.inc.am b/src/qemu/Makefile.inc.am index 12236a9e7b..c343c4d597 100644 --- a/src/qemu/Makefile.inc.am +++ b/src/qemu/Makefile.inc.am @@ -112,6 +112,67 @@ CLEANFILES += \ endif WITH_DTRACE_PROBES +sbin_PROGRAMS += virtqemud + +nodist_conf_DATA += qemu/virtqemud.conf +augeas_DATA += qemu/virtqemud.aug +augeastest_DATA += qemu/test_virtqemud.aug +CLEANFILES += qemu/virtqemud.aug + +virtqemud_SOURCES = $(REMOTE_DAEMON_SOURCES) +virtqemud_CFLAGS = \ + $(REMOTE_DAEMON_CFLAGS) \ + -DDAEMON_NAME="\"virtqemud\"" \ + -DMODULE_NAME="\"qemu\"" \ + $(NULL) +virtqemud_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) +virtqemud_LDADD = $(REMOTE_DAEMON_LD_ADD) + +SYSTEMD_UNIT_FILES += \ + virtqemud.service \ + virtqemud.socket \ + virtqemud-ro.socket \ + virtqemud-admin.socket \ + $(NULL) +SYSTEMD_UNIT_FILES_IN += \ + qemu/virtqemud.service.in \ + $(NULL) + +VIRTQEMUD_UNIT_VARS = \ + $(VIRTD_UNIT_VARS) \ + -e 's|[@]name[@]|Libvirt qemu|g' \ + -e 's|[@]service[@]|virtqemud|g' \ + -e 's|[@]sockprefix[@]|virtqemud|g' \ + $(NULL) + +virtqemud.service: qemu/virtqemud.service.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTQEMUD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +virtqemu%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTQEMUD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +qemu/virtqemud.conf: remote/libvirtd.conf.in + $(AM_V_GEN)sed \ + -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtqemud/' \ + < $^ > $@ + +qemu/virtqemud.aug: remote/libvirtd.aug.in + $(AM_V_GEN)$(SED) \ + -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtqemud/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtqemud/' \ + $< > $@ + +qemu/test_virtqemud.aug: remote/test_libvirtd.aug.in \ + qemu/virtqemud.conf $(AUG_GENTEST) + $(AM_V_GEN)$(AUG_GENTEST) qemu/virtqemud.conf \ + $(srcdir)/remote/test_libvirtd.aug.in | \ + $(SED) -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtqemud/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtqemud/' \ + > $@ || rm -f $@ + conf_DATA += qemu/qemu.conf augeas_DATA += qemu/libvirtd_qemu.aug diff --git a/src/qemu/virtqemud.service.in b/src/qemu/virtqemud.service.in new file mode 100644 index 0000000000..124abfe2fd --- /dev/null +++ b/src/qemu/virtqemud.service.in @@ -0,0 +1,24 @@ +[Unit] +Description=Virtualization qemu daemon +Conflicts=libvirtd.service +Requires=virtqemud.socket +Requires=virtqemud-ro.socket +Requires=virtqemud-admin.socket +After=network.target +After=dbus.service +After=apparmor.service +After=local-fs.target +Documentation=man:libvirtd(8) +Documentation=https://libvirt.org + +[Service] +Type=notify +ExecStart=@sbindir@/virtqemud --timeout 120 +ExecReload=/bin/kill -HUP $MAINPID +Restart=on-failure + +[Install] +WantedBy=multi-user.target +Also=virtqemud.socket +Also=virtqemud-ro.socket +Also=virtqemud-admin.socket -- 2.21.0

The virtlxcd daemon will be responsible for providing the lxc API driver functionality. The lxc driver is still loaded by the main libvirtd daemon at this stage, so virtlxcd must not be running at the same time. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- .gitignore | 4 +++ libvirt.spec.in | 8 +++++ src/lxc/Makefile.inc.am | 62 +++++++++++++++++++++++++++++++++++++ src/lxc/virtlxcd.service.in | 24 ++++++++++++++ 4 files changed, 98 insertions(+) create mode 100644 src/lxc/virtlxcd.service.in diff --git a/.gitignore b/.gitignore index d23ffa94f0..d279c7bc1f 100644 --- a/.gitignore +++ b/.gitignore @@ -160,6 +160,9 @@ /src/lxc/lxc_monitor_protocol.h /src/lxc/lxc_protocol.[ch] /src/lxc/test_libvirtd_lxc.aug +/src/lxc/test_virtlxcd.aug +/src/lxc/virtlxcd.aug +/src/lxc/virtlxcd.conf /src/network/test_virtnetworkd.aug /src/network/virtnetworkd.aug /src/network/virtnetworkd.conf @@ -197,6 +200,7 @@ /src/virtxend /src/virtlockd /src/virtlogd +/src/virtlxcd /src/virtnetworkd /src/virtnodedevd /src/virtnwfilterd diff --git a/libvirt.spec.in b/libvirt.spec.in index 7d2597e3dd..e64c2931ac 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1760,6 +1760,14 @@ exit 0 %if %{with_lxc} %files daemon-driver-lxc +%config(noreplace) %{_sysconfdir}/libvirt/virtlxcd.conf +%{_datadir}/augeas/lenses/virtlxcd.aug +%{_datadir}/augeas/lenses/tests/test_virtlxcd.aug +%{_unitdir}/virtlxcd.service +%{_unitdir}/virtlxcd.socket +%{_unitdir}/virtlxcd-ro.socket +%{_unitdir}/virtlxcd-admin.socket +%attr(0755, root, root) %{_sbindir}/virtlxcd %dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/lxc/ %config(noreplace) %{_sysconfdir}/libvirt/lxc.conf %config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd.lxc diff --git a/src/lxc/Makefile.inc.am b/src/lxc/Makefile.inc.am index 0c241fc5c1..7c81761a81 100644 --- a/src/lxc/Makefile.inc.am +++ b/src/lxc/Makefile.inc.am @@ -110,6 +110,68 @@ endif WITH_BLKID libvirt_driver_lxc_impl_la_LIBADD += $(SECDRIVER_LIBS) libvirt_driver_lxc_impl_la_SOURCES = $(LXC_DRIVER_SOURCES) + +sbin_PROGRAMS += virtlxcd + +nodist_conf_DATA += lxc/virtlxcd.conf +augeas_DATA += lxc/virtlxcd.aug +augeastest_DATA += lxc/test_virtlxcd.aug +CLEANFILES += lxc/virtlxcd.aug + +virtlxcd_SOURCES = $(REMOTE_DAEMON_SOURCES) +virtlxcd_CFLAGS = \ + $(REMOTE_DAEMON_CFLAGS) \ + -DDAEMON_NAME="\"virtlxcd\"" \ + -DMODULE_NAME="\"lxc\"" \ + $(NULL) +virtlxcd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) +virtlxcd_LDADD = $(REMOTE_DAEMON_LD_ADD) + +SYSTEMD_UNIT_FILES += \ + virtlxcd.service \ + virtlxcd.socket \ + virtlxcd-ro.socket \ + virtlxcd-admin.socket \ + $(NULL) +SYSTEMD_UNIT_FILES_IN += \ + lxc/virtlxcd.service.in \ + $(NULL) + +VIRTLXCD_UNIT_VARS = \ + $(VIRTD_UNIT_VARS) \ + -e 's|[@]name[@]|Libvirt lxc|g' \ + -e 's|[@]service[@]|virtlxcd|g' \ + -e 's|[@]sockprefix[@]|virtlxcd|g' \ + $(NULL) + +virtlxcd.service: lxc/virtlxcd.service.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTLXCD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +virtlxc%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTLXCD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +lxc/virtlxcd.conf: remote/libvirtd.conf.in + $(AM_V_GEN)sed \ + -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtlxcd/' \ + < $^ > $@ + +lxc/virtlxcd.aug: remote/libvirtd.aug.in + $(AM_V_GEN)$(SED) \ + -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtlxcd/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtlxcd/' \ + $< > $@ + +lxc/test_virtlxcd.aug: remote/test_libvirtd.aug.in \ + lxc/virtlxcd.conf $(AUG_GENTEST) + $(AM_V_GEN)$(AUG_GENTEST) lxc/virtlxcd.conf \ + $(srcdir)/remote/test_libvirtd.aug.in | \ + $(SED) -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtlxcd/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtlxcd/' \ + > $@ || rm -f $@ + libexec_PROGRAMS += libvirt_lxc libvirt_lxc_SOURCES = \ diff --git a/src/lxc/virtlxcd.service.in b/src/lxc/virtlxcd.service.in new file mode 100644 index 0000000000..d06aa1480f --- /dev/null +++ b/src/lxc/virtlxcd.service.in @@ -0,0 +1,24 @@ +[Unit] +Description=Virtualization lxc daemon +Conflicts=libvirtd.service +Requires=virtlxcd.socket +Requires=virtlxcd-ro.socket +Requires=virtlxcd-admin.socket +After=network.target +After=dbus.service +After=apparmor.service +After=local-fs.target +Documentation=man:libvirtd(8) +Documentation=https://libvirt.org + +[Service] +Type=notify +ExecStart=@sbindir@/virtlxcd --timeout 120 +ExecReload=/bin/kill -HUP $MAINPID +Restart=on-failure + +[Install] +WantedBy=multi-user.target +Also=virtlxcd.socket +Also=virtlxcd-ro.socket +Also=virtlxcd-admin.socket -- 2.21.0

The virtvboxd daemon will be responsible for providing the vbox API driver functionality. The vbox driver is still loaded by the main libvirtd daemon at this stage, so virtvboxd must not be running at the same time. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- .gitignore | 4 +++ libvirt.spec.in | 8 +++++ src/vbox/Makefile.inc.am | 62 +++++++++++++++++++++++++++++++++++ src/vbox/virtvboxd.service.in | 24 ++++++++++++++ 4 files changed, 98 insertions(+) create mode 100644 src/vbox/virtvboxd.service.in diff --git a/.gitignore b/.gitignore index d279c7bc1f..a23828cce6 100644 --- a/.gitignore +++ b/.gitignore @@ -195,6 +195,9 @@ /src/storage/virtstoraged.conf /src/util/virkeycodetable*.h /src/util/virkeynametable*.h +/src/vbox/test_virtvboxd.aug +/src/vbox/virtvboxd.aug +/src/vbox/virtvboxd.conf /src/virt-aa-helper /src/virtinterfaced /src/virtxend @@ -208,6 +211,7 @@ /src/virtqemud /src/virtsecretd /src/virtstoraged +/src/virtvboxd /src/virt-guest-shutdown.target /tests/*.log /tests/*.pid diff --git a/libvirt.spec.in b/libvirt.spec.in index e64c2931ac..3e897459f1 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1802,6 +1802,14 @@ exit 0 %if %{with_vbox} %files daemon-driver-vbox +%config(noreplace) %{_sysconfdir}/libvirt/virtvboxd.conf +%{_datadir}/augeas/lenses/virtvboxd.aug +%{_datadir}/augeas/lenses/tests/test_virtvboxd.aug +%{_unitdir}/virtvboxd.service +%{_unitdir}/virtvboxd.socket +%{_unitdir}/virtvboxd-ro.socket +%{_unitdir}/virtvboxd-admin.socket +%attr(0755, root, root) %{_sbindir}/virtvboxd %{_libdir}/%{name}/connection-driver/libvirt_driver_vbox.so %endif diff --git a/src/vbox/Makefile.inc.am b/src/vbox/Makefile.inc.am index 95407778f7..dfa0ab4016 100644 --- a/src/vbox/Makefile.inc.am +++ b/src/vbox/Makefile.inc.am @@ -63,4 +63,66 @@ libvirt_driver_vbox_impl_la_LIBADD = \ $(LIBXML_LIBS) \ $(NULL) libvirt_driver_vbox_impl_la_SOURCES = $(VBOX_DRIVER_SOURCES) + +sbin_PROGRAMS += virtvboxd + +nodist_conf_DATA += vbox/virtvboxd.conf +augeas_DATA += vbox/virtvboxd.aug +augeastest_DATA += vbox/test_virtvboxd.aug +CLEANFILES += vbox/virtvboxd.aug + +virtvboxd_SOURCES = $(REMOTE_DAEMON_SOURCES) +virtvboxd_CFLAGS = \ + $(REMOTE_DAEMON_CFLAGS) \ + -DDAEMON_NAME="\"virtvboxd\"" \ + -DMODULE_NAME="\"vbox\"" \ + $(NULL) +virtvboxd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) +virtvboxd_LDADD = $(REMOTE_DAEMON_LD_ADD) + +SYSTEMD_UNIT_FILES += \ + virtvboxd.service \ + virtvboxd.socket \ + virtvboxd-ro.socket \ + virtvboxd-admin.socket \ + $(NULL) +SYSTEMD_UNIT_FILES_IN += \ + vbox/virtvboxd.service.in \ + $(NULL) + +VIRTVBOXD_UNIT_VARS = \ + $(VIRTD_UNIT_VARS) \ + -e 's|[@]name[@]|Libvirt vbox|g' \ + -e 's|[@]service[@]|virtvboxd|g' \ + -e 's|[@]sockprefix[@]|virtvboxd|g' \ + $(NULL) + +virtvboxd.service: vbox/virtvboxd.service.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTVBOXD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +virtvbox%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTVBOXD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +vbox/virtvboxd.conf: remote/libvirtd.conf.in + $(AM_V_GEN)sed \ + -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtvboxd/' \ + < $^ > $@ + +vbox/virtvboxd.aug: remote/libvirtd.aug.in + $(AM_V_GEN)$(SED) \ + -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtvboxd/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtvboxd/' \ + $< > $@ + +vbox/test_virtvboxd.aug: remote/test_libvirtd.aug.in \ + vbox/virtvboxd.conf $(AUG_GENTEST) + $(AM_V_GEN)$(AUG_GENTEST) vbox/virtvboxd.conf \ + $(srcdir)/remote/test_libvirtd.aug.in | \ + $(SED) -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtvboxd/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtvboxd/' \ + > $@ || rm -f $@ + endif WITH_VBOX diff --git a/src/vbox/virtvboxd.service.in b/src/vbox/virtvboxd.service.in new file mode 100644 index 0000000000..e4c00f2d68 --- /dev/null +++ b/src/vbox/virtvboxd.service.in @@ -0,0 +1,24 @@ +[Unit] +Description=Virtualization vbox daemon +Conflicts=libvirtd.service +Requires=virtvboxd.socket +Requires=virtvboxd-ro.socket +Requires=virtvboxd-admin.socket +After=network.target +After=dbus.service +After=apparmor.service +After=local-fs.target +Documentation=man:libvirtd(8) +Documentation=https://libvirt.org + +[Service] +Type=notify +ExecStart=@sbindir@/virtvboxd --timeout 120 +ExecReload=/bin/kill -HUP $MAINPID +Restart=on-failure + +[Install] +WantedBy=multi-user.target +Also=virtvboxd.socket +Also=virtvboxd-ro.socket +Also=virtvboxd-admin.socket -- 2.21.0

The virtbhyved daemon will be responsible for providing the bhyve API driver functionality. The bhyve driver is still loaded by the main libvirtd daemon at this stage, so virtbhyved must not be running at the same time. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- .gitignore | 4 ++++ src/bhyve/Makefile.inc.am | 38 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 42 insertions(+) diff --git a/.gitignore b/.gitignore index a23828cce6..4e46adaa55 100644 --- a/.gitignore +++ b/.gitignore @@ -118,6 +118,9 @@ /src/admin/admin_client.h /src/admin/admin_protocol.[ch] /src/admin/admin_server_dispatch_stubs.h +/src/bhyve/test_virtbhyved.aug +/src/bhyve/virtbhyved.aug +/src/bhyve/virtbhyved.conf /src/esx/*.generated.* /src/hyperv/*.generated.* /src/interface/test_virtinterfaced.aug @@ -199,6 +202,7 @@ /src/vbox/virtvboxd.aug /src/vbox/virtvboxd.conf /src/virt-aa-helper +/src/virtbhyved /src/virtinterfaced /src/virtxend /src/virtlockd diff --git a/src/bhyve/Makefile.inc.am b/src/bhyve/Makefile.inc.am index 8b662e9775..a06af494e6 100644 --- a/src/bhyve/Makefile.inc.am +++ b/src/bhyve/Makefile.inc.am @@ -47,6 +47,44 @@ libvirt_driver_bhyve_impl_la_CFLAGS = \ libvirt_driver_bhyve_impl_la_LDFLAGS = $(AM_LDFLAGS) libvirt_driver_bhyve_impl_la_SOURCES = $(BHYVE_DRIVER_SOURCES) +sbin_PROGRAMS += virtbhyved + +nodist_conf_DATA += bhyve/virtbhyved.conf +augeas_DATA += bhyve/virtbhyved.aug +augeastest_DATA += bhyve/test_virtbhyved.aug +CLEANFILES += bhyve/virtbhyved.aug + +virtbhyved_SOURCES = $(REMOTE_DAEMON_SOURCES) +virtbhyved_CFLAGS = \ + $(REMOTE_DAEMON_CFLAGS) \ + -DDAEMON_NAME="\"virtbhyved\"" \ + -DMODULE_NAME="\"bhyve\"" \ + $(NULL) +virtbhyved_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) +virtbhyved_LDADD = $(REMOTE_DAEMON_LD_ADD) + +bhyve/virtbhyved.conf: remote/libvirtd.conf.in + $(AM_V_GEN)sed \ + -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtbhyved/' \ + < $^ > $@ + +bhyve/virtbhyved.aug: remote/libvirtd.aug.in + $(AM_V_GEN)$(SED) \ + -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtbhyved/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtbhyved/' \ + $< > $@ + +bhyve/test_virtbhyved.aug: remote/test_libvirtd.aug.in \ + bhyve/virtbhyved.conf $(AUG_GENTEST) + $(AM_V_GEN)$(AUG_GENTEST) bhyve/virtbhyved.conf \ + $(srcdir)/remote/test_libvirtd.aug.in | \ + $(SED) -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtbhyved/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtbhyved/' \ + > $@ || rm -f $@ + conf_DATA += bhyve/bhyve.conf augeas_DATA += bhyve/libvirtd_bhyve.aug augeastest_DATA += bhyve/test_libvirtd_bhyve.aug -- 2.21.0

The virtvzd daemon will be responsible for providing the vz API driver functionality. The vz driver is still loaded by the main libvirtd daemon at this stage, so virtvzd must not be running at the same time. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- .gitignore | 4 +++ src/vz/Makefile.inc.am | 62 +++++++++++++++++++++++++++++++++++++++ src/vz/virtvzd.service.in | 24 +++++++++++++++ 3 files changed, 90 insertions(+) create mode 100644 src/vz/virtvzd.service.in diff --git a/.gitignore b/.gitignore index 4e46adaa55..e35a3409f2 100644 --- a/.gitignore +++ b/.gitignore @@ -216,7 +216,11 @@ /src/virtsecretd /src/virtstoraged /src/virtvboxd +/src/virtvzd /src/virt-guest-shutdown.target +/src/vz/test_virtvzd.aug +/src/vz/virtvzd.aug +/src/vz/virtvzd.conf /tests/*.log /tests/*.pid /tests/*.trs diff --git a/src/vz/Makefile.inc.am b/src/vz/Makefile.inc.am index a3a146c627..72280614da 100644 --- a/src/vz/Makefile.inc.am +++ b/src/vz/Makefile.inc.am @@ -37,4 +37,66 @@ libvirt_driver_vz_impl_la_LIBADD = \ $(PARALLELS_SDK_LIBS) \ $(LIBNL_LIBS) \ $(NULL) + +sbin_PROGRAMS += virtvzd + +nodist_conf_DATA += vz/virtvzd.conf +augeas_DATA += vz/virtvzd.aug +augeastest_DATA += vz/test_virtvzd.aug +CLEANFILES += vz/virtvzd.aug + +virtvzd_SOURCES = $(REMOTE_DAEMON_SOURCES) +virtvzd_CFLAGS = \ + $(REMOTE_DAEMON_CFLAGS) \ + -DDAEMON_NAME="\"virtvzd\"" \ + -DMODULE_NAME="\"vz\"" \ + $(NULL) +virtvzd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) +virtvzd_LDADD = $(REMOTE_DAEMON_LD_ADD) + +SYSTEMD_UNIT_FILES += \ + virtvzd.service \ + virtvzd.socket \ + virtvzd-ro.socket \ + virtvzd-admin.socket \ + $(NULL) +SYSTEMD_UNIT_FILES_IN += \ + vz/virtvzd.service.in \ + $(NULL) + +VIRTVZD_UNIT_VARS = \ + $(VIRTD_UNIT_VARS) \ + -e 's|[@]name[@]|Libvirt vz|g' \ + -e 's|[@]service[@]|virtvzd|g' \ + -e 's|[@]sockprefix[@]|virtvzd|g' \ + $(NULL) + +virtvzd.service: vz/virtvzd.service.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTVZD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +virtvz%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed $(VIRTVZD_UNIT_VARS) < $< > $@-t && mv $@-t $@ + +vz/virtvzd.conf: remote/libvirtd.conf.in + $(AM_V_GEN)sed \ + -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtvzd/' \ + < $^ > $@ + +vz/virtvzd.aug: remote/libvirtd.aug.in + $(AM_V_GEN)$(SED) \ + -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtvzd/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtvzd/' \ + $< > $@ + +vz/test_virtvzd.aug: remote/test_libvirtd.aug.in \ + vz/virtvzd.conf $(AUG_GENTEST) + $(AM_V_GEN)$(AUG_GENTEST) vz/virtvzd.conf \ + $(srcdir)/remote/test_libvirtd.aug.in | \ + $(SED) -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/virtvzd/' \ + -e 's/:: DAEMON_NAME_UC ::/Virtvzd/' \ + > $@ || rm -f $@ + endif WITH_VZ diff --git a/src/vz/virtvzd.service.in b/src/vz/virtvzd.service.in new file mode 100644 index 0000000000..a591791df0 --- /dev/null +++ b/src/vz/virtvzd.service.in @@ -0,0 +1,24 @@ +[Unit] +Description=Virtualization vz daemon +Conflicts=libvirtd.service +Requires=virtvzd.socket +Requires=virtvzd-ro.socket +Requires=virtvzd-admin.socket +After=network.target +After=dbus.service +After=apparmor.service +After=local-fs.target +Documentation=man:libvirtd(8) +Documentation=https://libvirt.org + +[Service] +Type=notify +ExecStart=@sbindir@/virtvzd --timeout 120 +ExecReload=/bin/kill -HUP $MAINPID +Restart=on-failure + +[Install] +WantedBy=multi-user.target +Also=virtvzd.socket +Also=virtvzd-ro.socket +Also=virtvzd-admin.socket -- 2.21.0

The admin client now supports addressing the per-driver daemons using the obvious URI schemes for each daemon. eg virtqemud:///system virtqemud:///session, etc. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/libvirt-admin.c | 32 +++++++++++++++----------------- 1 file changed, 15 insertions(+), 17 deletions(-) diff --git a/src/libvirt-admin.c b/src/libvirt-admin.c index 74dedf64d8..97290b337f 100644 --- a/src/libvirt-admin.c +++ b/src/libvirt-admin.c @@ -36,10 +36,6 @@ #define VIR_FROM_THIS VIR_FROM_ADMIN -#define LIBVIRTD_ADMIN_SOCK_NAME "libvirt-admin-sock" -#define VIRTLOGD_ADMIN_SOCK_NAME "virtlogd-admin-sock" -#define VIRTLOCKD_ADMIN_SOCK_NAME "virtlockd-admin-sock" - VIR_LOG_INIT("libvirt-admin"); @@ -101,6 +97,7 @@ virAdmInitialize(void) return 0; } + static char * getSocketPath(virURIPtr uri) { @@ -127,27 +124,28 @@ getSocketPath(virURIPtr uri) } if (!sock_path) { - const char *sockbase = NULL; - if (STREQ_NULLABLE(uri->scheme, "libvirtd")) { - sockbase = LIBVIRTD_ADMIN_SOCK_NAME; - } else if (STREQ_NULLABLE(uri->scheme, "virtlogd")) { - sockbase = VIRTLOGD_ADMIN_SOCK_NAME; - } else if (STREQ_NULLABLE(uri->scheme, "virtlockd")) { - sockbase = VIRTLOCKD_ADMIN_SOCK_NAME; - } else { + bool legacy = false; + if (!uri->scheme) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + "%s", _("No URI scheme specified")); + goto error; + } + if (STREQ(uri->scheme, "libvirtd")) { + legacy = true; + } else if (!STRPREFIX(uri->scheme, "virt")) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("Unsupported URI scheme '%s'"), - NULLSTR(uri->scheme)); + uri->scheme); goto error; } if (STREQ_NULLABLE(uri->path, "/system")) { - if (virAsprintf(&sock_path, LOCALSTATEDIR "/run/libvirt/%s", - sockbase) < 0) + if (virAsprintf(&sock_path, LOCALSTATEDIR "/run/libvirt/%s-admin-sock", + legacy ? "libvirt" : uri->scheme) < 0) goto error; } else if (STREQ_NULLABLE(uri->path, "/session")) { - if (!rundir || virAsprintf(&sock_path, "%s/%s", rundir, - sockbase) < 0) + if (!rundir || virAsprintf(&sock_path, "%s/%s-admin-sock", rundir, + legacy ? "libvirt" : uri->scheme) < 0) goto error; } else { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, -- 2.21.0

On Tue, 2019-07-23 at 17:03 +0100, Daniel P. Berrangé wrote: [...]
+++ b/src/libvirt-admin.c @@ -101,6 +97,7 @@ virAdmInitialize(void) return 0; }
+ static char * getSocketPath(virURIPtr uri) {
Unrelated whitespace change. [...]
@@ -127,27 +124,28 @@ getSocketPath(virURIPtr uri) if (STREQ_NULLABLE(uri->path, "/system")) { - if (virAsprintf(&sock_path, LOCALSTATEDIR "/run/libvirt/%s", - sockbase) < 0) + if (virAsprintf(&sock_path, LOCALSTATEDIR "/run/libvirt/%s-admin-sock", + legacy ? "libvirt" : uri->scheme) < 0)
Since you're touching this anyway, you might as well turn it into virAsprintf(&sock_path, "%s/run/libvirt/%s-admin-sock", LOCALSTATEDIR, legacy ? "libvirt" : uri->scheme) With these nits addressed, Reviewed-by: Andrea Bolognani <abologna@redhat.com> -- Andrea Bolognani / Red Hat / Virtualization

The client parameter is always used to get access to the private data struct. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/remote/remote_daemon_dispatch.c | 98 ++++++++++++++--------------- 1 file changed, 49 insertions(+), 49 deletions(-) diff --git a/src/remote/remote_daemon_dispatch.c b/src/remote/remote_daemon_dispatch.c index 856c5e48e7..b7085a3ae3 100644 --- a/src/remote/remote_daemon_dispatch.c +++ b/src/remote/remote_daemon_dispatch.c @@ -2004,7 +2004,7 @@ remoteDispatchConnectOpen(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchConnectClose(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr ATTRIBUTE_UNUSED) { @@ -2015,7 +2015,7 @@ remoteDispatchConnectClose(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainGetSchedulerType(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_get_scheduler_type_args *args, @@ -2052,7 +2052,7 @@ remoteDispatchDomainGetSchedulerType(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainGetSchedulerParameters(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_get_scheduler_parameters_args *args, @@ -2102,7 +2102,7 @@ remoteDispatchDomainGetSchedulerParameters(virNetServerPtr server ATTRIBUTE_UNUS static int remoteDispatchDomainGetSchedulerParametersFlags(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_get_scheduler_parameters_flags_args *args, @@ -2153,7 +2153,7 @@ remoteDispatchDomainGetSchedulerParametersFlags(virNetServerPtr server ATTRIBUTE static int remoteDispatchDomainMemoryStats(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_memory_stats_args *args, @@ -2211,7 +2211,7 @@ remoteDispatchDomainMemoryStats(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainBlockPeek(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_block_peek_args *args, @@ -2265,7 +2265,7 @@ remoteDispatchDomainBlockPeek(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainBlockStatsFlags(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_block_stats_flags_args *args, @@ -2328,7 +2328,7 @@ remoteDispatchDomainBlockStatsFlags(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainMemoryPeek(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_memory_peek_args *args, @@ -2380,7 +2380,7 @@ remoteDispatchDomainMemoryPeek(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainGetSecurityLabel(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_get_security_label_args *args, @@ -2424,7 +2424,7 @@ remoteDispatchDomainGetSecurityLabel(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainGetSecurityLabelList(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_get_security_label_list_args *args, @@ -2481,7 +2481,7 @@ remoteDispatchDomainGetSecurityLabelList(virNetServerPtr server ATTRIBUTE_UNUSED static int remoteDispatchNodeGetSecurityModel(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_node_get_security_model_ret *ret) @@ -2520,7 +2520,7 @@ remoteDispatchNodeGetSecurityModel(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainGetVcpuPinInfo(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_get_vcpu_pin_info_args *args, @@ -2621,7 +2621,7 @@ remoteDispatchDomainPinEmulator(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainGetEmulatorPinInfo(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_get_emulator_pin_info_args *args, @@ -2670,7 +2670,7 @@ remoteDispatchDomainGetEmulatorPinInfo(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainGetVcpus(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_get_vcpus_args *args, @@ -2823,7 +2823,7 @@ remoteDispatchDomainGetIOThreadInfo(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainMigratePrepare(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_migrate_prepare_args *args, @@ -2878,7 +2878,7 @@ remoteDispatchDomainMigratePrepare(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainMigratePrepare2(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_migrate_prepare2_args *args, @@ -2930,7 +2930,7 @@ remoteDispatchDomainMigratePrepare2(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainGetMemoryParameters(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_get_memory_parameters_args *args, @@ -2992,7 +2992,7 @@ remoteDispatchDomainGetMemoryParameters(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainGetNumaParameters(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_get_numa_parameters_args *args, @@ -3054,7 +3054,7 @@ remoteDispatchDomainGetNumaParameters(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainGetBlkioParameters(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_get_blkio_parameters_args *args, @@ -3116,7 +3116,7 @@ remoteDispatchDomainGetBlkioParameters(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchNodeGetCPUStats(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_node_get_cpu_stats_args *args, @@ -3188,7 +3188,7 @@ remoteDispatchNodeGetCPUStats(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchNodeGetMemoryStats(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_node_get_memory_stats_args *args, @@ -3260,7 +3260,7 @@ remoteDispatchNodeGetMemoryStats(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainGetLaunchSecurityInfo(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_get_launch_security_info_args *args, @@ -3307,7 +3307,7 @@ remoteDispatchDomainGetLaunchSecurityInfo(virNetServerPtr server ATTRIBUTE_UNUSE static int remoteDispatchDomainGetPerfEvents(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_get_perf_events_args *args, @@ -3354,7 +3354,7 @@ remoteDispatchDomainGetPerfEvents(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainGetBlockJobInfo(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_get_block_job_info_args *args, @@ -3394,7 +3394,7 @@ remoteDispatchDomainGetBlockJobInfo(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainGetBlockIoTune(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr hdr ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_get_block_io_tune_args *args, @@ -3972,7 +3972,7 @@ remoteDispatchAuthPolkit(virNetServerPtr server, static int remoteDispatchNodeDeviceGetParent(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_node_device_get_parent_args *args, @@ -4228,7 +4228,7 @@ remoteDispatchObjectEventSend(virNetServerClientPtr client, static int remoteDispatchSecretGetValue(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_secret_get_value_args *args, @@ -4266,7 +4266,7 @@ remoteDispatchSecretGetValue(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainGetState(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_get_state_args *args, @@ -4560,7 +4560,7 @@ remoteDispatchConnectDomainEventCallbackDeregisterAny(virNetServerPtr server ATT static int qemuDispatchDomainMonitorCommand(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, qemu_domain_monitor_command_args *args, @@ -4595,7 +4595,7 @@ qemuDispatchDomainMonitorCommand(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainMigrateBegin3(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_migrate_begin3_args *args, @@ -4646,7 +4646,7 @@ remoteDispatchDomainMigrateBegin3(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainMigratePrepare3(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_migrate_prepare3_args *args, @@ -4702,7 +4702,7 @@ remoteDispatchDomainMigratePrepare3(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainMigratePerform3(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_migrate_perform3_args *args, @@ -4757,7 +4757,7 @@ remoteDispatchDomainMigratePerform3(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainMigrateFinish3(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_migrate_finish3_args *args, @@ -4811,7 +4811,7 @@ remoteDispatchDomainMigrateFinish3(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainMigrateConfirm3(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_migrate_confirm3_args *args) @@ -4911,7 +4911,7 @@ static int remoteDispatchConnectSupportsFeature(virNetServerPtr server ATTRIBUTE static int remoteDispatchDomainOpenGraphics(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg, virNetMessageErrorPtr rerr, remote_domain_open_graphics_args *args) @@ -4952,7 +4952,7 @@ remoteDispatchDomainOpenGraphics(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainOpenGraphicsFd(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg, virNetMessageErrorPtr rerr, remote_domain_open_graphics_fd_args *args) @@ -4995,7 +4995,7 @@ remoteDispatchDomainOpenGraphicsFd(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainGetInterfaceParameters(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_get_interface_parameters_args *args, @@ -5058,7 +5058,7 @@ remoteDispatchDomainGetInterfaceParameters(virNetServerPtr server ATTRIBUTE_UNUS static int remoteDispatchDomainGetCPUStats(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr hdr ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_get_cpu_stats_args *args, @@ -5190,7 +5190,7 @@ remoteDispatchDomainGetDiskErrors(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchNodeGetSevInfo(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_node_get_sev_info_args *args, @@ -5234,7 +5234,7 @@ remoteDispatchNodeGetSevInfo(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchNodeGetMemoryParameters(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_node_get_memory_parameters_args *args, @@ -5291,7 +5291,7 @@ remoteDispatchNodeGetMemoryParameters(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchNodeGetCPUMap(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_node_get_cpu_map_args *args, @@ -5338,7 +5338,7 @@ remoteDispatchNodeGetCPUMap(virNetServerPtr server ATTRIBUTE_UNUSED, static int lxcDispatchDomainOpenNamespace(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, lxc_domain_open_namespace_args *args) @@ -5438,7 +5438,7 @@ remoteDispatchDomainGetJobStats(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainMigrateBegin3Params(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_migrate_begin3_params_args *args, @@ -5495,7 +5495,7 @@ remoteDispatchDomainMigrateBegin3Params(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchDomainMigratePrepare3Params(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_migrate_prepare3_params_args *args, @@ -5625,7 +5625,7 @@ remoteDispatchDomainMigratePrepareTunnel3Params(virNetServerPtr server ATTRIBUTE static int remoteDispatchDomainMigratePerform3Params(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_migrate_perform3_params_args *args, @@ -5686,7 +5686,7 @@ remoteDispatchDomainMigratePerform3Params(virNetServerPtr server ATTRIBUTE_UNUSE static int remoteDispatchDomainMigrateFinish3Params(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_migrate_finish3_params_args *args, @@ -5747,7 +5747,7 @@ remoteDispatchDomainMigrateFinish3Params(virNetServerPtr server ATTRIBUTE_UNUSED static int remoteDispatchDomainMigrateConfirm3Params(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_domain_migrate_confirm3_params_args *args) @@ -5798,7 +5798,7 @@ remoteDispatchDomainMigrateConfirm3Params(virNetServerPtr server ATTRIBUTE_UNUSE static int remoteDispatchConnectGetCPUModelNames(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_connect_get_cpu_model_names_args *args, @@ -7179,7 +7179,7 @@ remoteDispatchStorageVolGetInfoFlags(virNetServerPtr server ATTRIBUTE_UNUSED, static int remoteDispatchNetworkPortGetParameters(virNetServerPtr server ATTRIBUTE_UNUSED, - virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetServerClientPtr client, virNetMessagePtr msg ATTRIBUTE_UNUSED, virNetMessageErrorPtr rerr, remote_network_port_get_parameters_args *args, -- 2.21.0

On Tue, 2019-07-23 at 17:03 +0100, Daniel P. Berrangé wrote:
The client parameter is always used to get access to the private data struct.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/remote/remote_daemon_dispatch.c | 98 ++++++++++++++--------------- 1 file changed, 49 insertions(+), 49 deletions(-)
Reviewed-by: Andrea Bolognani <abologna@redhat.com> -- Andrea Bolognani / Red Hat / Virtualization

The driver dispatch methods access the priv->conn variables directly. In future we want to dynamically open the connections for the secondary driver. Thus we want the methods to call a method to get the connection handle instead of assuming the private variable is non-NULL. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/admin/admin_server_dispatch.c | 9 ++ src/remote/remote_daemon_dispatch.c | 122 ++++++++++++++++++++++++++++ src/rpc/gendispatch.pl | 96 ++++++++++++---------- 3 files changed, 184 insertions(+), 43 deletions(-) diff --git a/src/admin/admin_server_dispatch.c b/src/admin/admin_server_dispatch.c index 6e3b99f97d..1973664488 100644 --- a/src/admin/admin_server_dispatch.c +++ b/src/admin/admin_server_dispatch.c @@ -206,6 +206,15 @@ adminConnectGetLibVersion(virNetDaemonPtr dmn ATTRIBUTE_UNUSED, return 0; } +static virNetDaemonPtr +adminGetConn(virNetServerClientPtr client) +{ + struct daemonAdmClientPrivate *priv = + virNetServerClientGetPrivateData(client); + + return priv->dmn; +} + static int adminDispatchServerGetThreadpoolParameters(virNetServerPtr server ATTRIBUTE_UNUSED, virNetServerClientPtr client, diff --git a/src/remote/remote_daemon_dispatch.c b/src/remote/remote_daemon_dispatch.c index b7085a3ae3..ecce0b0112 100644 --- a/src/remote/remote_daemon_dispatch.c +++ b/src/remote/remote_daemon_dispatch.c @@ -110,6 +110,22 @@ remoteSerializeDomainDiskErrors(virDomainDiskErrorPtr errors, remote_domain_disk_error **ret_errors_val, u_int *ret_errors_len); +static virConnectPtr +remoteGetHypervisorConn(virNetServerClientPtr client); +static virConnectPtr +remoteGetInterfaceConn(virNetServerClientPtr client); +static virConnectPtr +remoteGetNetworkConn(virNetServerClientPtr client); +static virConnectPtr +remoteGetNodeDevConn(virNetServerClientPtr client); +static virConnectPtr +remoteGetNWFilterConn(virNetServerClientPtr client); +static virConnectPtr +remoteGetSecretConn(virNetServerClientPtr client); +static virConnectPtr +remoteGetStorageConn(virNetServerClientPtr client); + + #include "remote_daemon_dispatch_stubs.h" #include "remote_daemon_dispatch_qemu_stubs.h" #include "remote_daemon_dispatch_lxc_stubs.h" @@ -1923,6 +1939,111 @@ static void remoteClientCloseFunc(virNetServerClientPtr client) } +static virConnectPtr +remoteGetHypervisorConn(virNetServerClientPtr client) +{ + struct daemonClientPrivate *priv = + virNetServerClientGetPrivateData(client); + + if (!priv->conn) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connection not open")); + return NULL; + } + + return priv->conn; +} + + +static virConnectPtr +remoteGetInterfaceConn(virNetServerClientPtr client) +{ + struct daemonClientPrivate *priv = + virNetServerClientGetPrivateData(client); + + if (!priv->interfaceConn) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connection not open")); + return NULL; + } + + return priv->interfaceConn; +} + + +static virConnectPtr +remoteGetNetworkConn(virNetServerClientPtr client) +{ + struct daemonClientPrivate *priv = + virNetServerClientGetPrivateData(client); + + if (!priv->networkConn) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connection not open")); + return NULL; + } + + return priv->networkConn; +} + + +static virConnectPtr +remoteGetNodeDevConn(virNetServerClientPtr client) +{ + struct daemonClientPrivate *priv = + virNetServerClientGetPrivateData(client); + + if (!priv->nodedevConn) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connection not open")); + return NULL; + } + + return priv->nodedevConn; +} + + +static virConnectPtr +remoteGetNWFilterConn(virNetServerClientPtr client) +{ + struct daemonClientPrivate *priv = + virNetServerClientGetPrivateData(client); + + if (!priv->nwfilterConn) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connection not open")); + return NULL; + } + + return priv->nwfilterConn; +} + + +static virConnectPtr +remoteGetSecretConn(virNetServerClientPtr client) +{ + struct daemonClientPrivate *priv = + virNetServerClientGetPrivateData(client); + + if (!priv->secretConn) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connection not open")); + return NULL; + } + + return priv->secretConn; +} + + +static virConnectPtr +remoteGetStorageConn(virNetServerClientPtr client) +{ + struct daemonClientPrivate *priv = + virNetServerClientGetPrivateData(client); + + if (!priv->storageConn) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connection not open")); + return NULL; + } + + return priv->storageConn; +} + + void *remoteClientNew(virNetServerClientPtr client, void *opaque ATTRIBUTE_UNUSED) { @@ -2013,6 +2134,7 @@ remoteDispatchConnectClose(virNetServerPtr server ATTRIBUTE_UNUSED, } + static int remoteDispatchDomainGetSchedulerType(virNetServerPtr server ATTRIBUTE_UNUSED, virNetServerClientPtr client, diff --git a/src/rpc/gendispatch.pl b/src/rpc/gendispatch.pl index f683e711ce..6e5b6a2937 100755 --- a/src/rpc/gendispatch.pl +++ b/src/rpc/gendispatch.pl @@ -110,13 +110,29 @@ sub name_to_TypeName { return $typename; } -sub get_conn_arg { +sub get_conn_type { + if ($structprefix eq "admin") { + return "virNetDaemonPtr"; + } else { + return "virConnectPtr"; + } +} + +sub get_conn_var { + if ($structprefix eq "admin") { + return "dmn"; + } else { + return "conn"; + } +} + +sub get_conn_method { my $proc = shift; my $args = shift; my $rets = shift; if ($structprefix eq "admin") { - return "priv->dmn"; + return "adminGetConn"; } my @types; @@ -126,22 +142,22 @@ sub get_conn_arg { # This correctly detects most APIs foreach my $type (@types) { if ($type =~ /remote_nonnull_interface/) { - return "priv->interfaceConn"; + return "remoteGetInterfaceConn"; } if ($type =~ /remote_nonnull_network/) { - return "priv->networkConn"; + return "remoteGetNetworkConn"; } if ($type =~ /remote_nonnull_node_device/) { - return "priv->nodedevConn"; + return "remoteGetNodeDevConn"; } if ($type =~ /remote_nonnull_nwfilter/) { - return "priv->nwfilterConn"; + return "remoteGetNWFilterConn"; } if ($type =~ /remote_nonnull_secret/) { - return "priv->secretConn"; + return "remoteGetSecretConn"; } if ($type =~ /remote_nonnull_storage/) { - return "priv->storageConn"; + return "remoteGetStorageConn"; } } @@ -149,25 +165,25 @@ sub get_conn_arg { # return things which aren't objects. eg list # of pool names, or number of pools. if ($proc =~ /Connect.*Interface/ || $proc =~ /InterfaceChange/) { - return "priv->interfaceConn"; + return "remoteGetInterfaceConn"; } if ($proc =~ /Connect.*Network/) { - return "priv->networkConn"; + return "remoteGetNetworkConn"; } if ($proc =~ /Node.*Device/) { - return "priv->nodedevConn"; + return "remoteGetNodeDevConn"; } if ($proc =~ /Connect.*NWFilter/) { - return "priv->nwfilterConn"; + return "remoteGetNWFilterConn"; } if ($proc =~ /Connect.*Secret/) { - return "priv->secretConn"; + return "remoteGetSecretConn"; } if ($proc =~ /Connect.*Storage/) { - return "priv->storageConn"; + return "remoteGetStorageConn"; } - return "priv->conn"; + return "remoteGetHypervisorConn"; } # Read the input file (usually remote_protocol.x) and form an @@ -534,7 +550,9 @@ elsif ($mode eq "server") { my @free_list = (); my @free_list_on_error = ("virNetMessageSaveError(rerr);"); - my $conn = get_conn_arg($call->{ProcName}, $call->{args_members}, $call->{ret_members}); + my $conn_method = get_conn_method($call->{ProcName}, $call->{args_members}, $call->{ret_members}); + my $conn_var = get_conn_var(); + my $conn_type = get_conn_type(); # handle arguments to the function if ($argtype ne "void") { @@ -546,7 +564,7 @@ elsif ($mode eq "server") { $has_node_device = 1; push(@vars_list, "virNodeDevicePtr dev = NULL"); push(@getters_list, - " if (!(dev = virNodeDeviceLookupByName($conn, args->name)))\n" . + " if (!(dev = virNodeDeviceLookupByName($conn_var, args->name)))\n" . " goto cleanup;\n"); push(@args_list, "dev"); push(@free_list, @@ -562,7 +580,7 @@ elsif ($mode eq "server") { push(@vars_list, "vir${type_name}Ptr $2 = NULL"); push(@getters_list, - " if (!($2 = get_nonnull_$1($conn, args->$2)))\n" . + " if (!($2 = get_nonnull_$1($conn_var, args->$2)))\n" . " goto cleanup;\n"); push(@args_list, "$2"); push(@free_list, @@ -571,7 +589,7 @@ elsif ($mode eq "server") { push(@vars_list, "virDomainPtr dom = NULL"); push(@vars_list, "virDomainSnapshotPtr snapshot = NULL"); push(@getters_list, - " if (!(dom = get_nonnull_domain($conn, args->${1}.dom)))\n" . + " if (!(dom = get_nonnull_domain($conn_var, args->${1}.dom)))\n" . " goto cleanup;\n" . "\n" . " if (!(snapshot = get_nonnull_domain_snapshot(dom, args->${1})))\n" . @@ -581,11 +599,11 @@ elsif ($mode eq "server") { " virObjectUnref(snapshot);\n" . " virObjectUnref(dom);"); } elsif ($args_member =~ m/^(?:(?:admin|remote)_string|remote_uuid) (\S+)<\S+>;/) { - push(@args_list, $conn) if !@args_list; + push(@args_list, "$conn_var") if !@args_list; push(@args_list, "args->$1.$1_val"); push(@args_list, "args->$1.$1_len"); } elsif ($args_member =~ m/^(?:opaque|(?:admin|remote)_nonnull_string) (\S+)<\S+>;(.*)$/) { - push(@args_list, $conn) if !@args_list; + push(@args_list, "$conn_var") if !@args_list; my $cast = ""; my $arg_name = $1; @@ -602,7 +620,7 @@ elsif ($mode eq "server") { push(@args_list, "${cast}args->$arg_name.${arg_name}_val"); push(@args_list, "args->$arg_name.${arg_name}_len"); } elsif ($args_member =~ m/^(?:unsigned )?int (\S+)<\S+>;/) { - push(@args_list, $conn) if !@args_list; + push(@args_list, "$conn_var") if !@args_list; push(@args_list, "args->$1.$1_val"); push(@args_list, "args->$1.$1_len"); @@ -610,7 +628,7 @@ elsif ($mode eq "server") { push(@vars_list, "virTypedParameterPtr $1 = NULL"); push(@vars_list, "int n$1 = 0"); if ($call->{ProcName} eq "NodeSetMemoryParameters") { - push(@args_list, "$conn"); + push(@args_list, "$conn_var"); } push(@args_list, "$1"); push(@args_list, "n$1"); @@ -625,25 +643,25 @@ elsif ($mode eq "server") { # just make all other array types fail die "unhandled type for argument value: $args_member"; } elsif ($args_member =~ m/^remote_uuid (\S+);/) { - push(@args_list, $conn) if !@args_list; + push(@args_list, "$conn_var") if !@args_list; push(@args_list, "(unsigned char *) args->$1"); } elsif ($args_member =~ m/^(?:admin|remote)_string (\S+);/) { - push(@args_list, $conn) if !@args_list; + push(@args_list, "$conn_var") if !@args_list; push(@vars_list, "char *$1"); push(@optionals_list, "$1"); push(@args_list, "$1"); } elsif ($args_member =~ m/^(?:admin|remote)_nonnull_string (\S+);/) { - push(@args_list, $conn) if !@args_list; + push(@args_list, "$conn_var") if !@args_list; push(@args_list, "args->$1"); } elsif ($args_member =~ m/^(unsigned )?int (\S+);/) { - push(@args_list, $conn) if !@args_list; + push(@args_list, "$conn_var") if !@args_list; push(@args_list, "args->$2"); } elsif ($args_member =~ m/^(unsigned )?hyper (\S+);/) { - push(@args_list, $conn) if !@args_list; + push(@args_list, "$conn_var") if !@args_list; my $arg_name = $2; @@ -662,7 +680,7 @@ elsif ($mode eq "server") { push(@vars_list, "virNet${type_name}Ptr $2 = NULL"); push(@getters_list, - " if (!($2 = get_nonnull_$1($conn, args->$2)))\n" . + " if (!($2 = get_nonnull_$1($conn_var, args->$2)))\n" . " goto cleanup;\n"); push(@args_list, "$2"); push(@free_list, @@ -673,7 +691,7 @@ elsif ($mode eq "server") { push(@vars_list, "virNetServerPtr srv = NULL"); push(@vars_list, "virNetServer${type_name}Ptr $2 = NULL"); push(@getters_list, - " if (!(srv = get_nonnull_server($conn, args->$2.srv)))\n" . + " if (!(srv = get_nonnull_server($conn_var, args->$2.srv)))\n" . " goto cleanup;\n"); push(@getters_list, " if (!($2 = get_nonnull_$1(srv, args->$2)))\n" . @@ -949,7 +967,7 @@ elsif ($mode eq "server") { # select struct type for multi-return-value functions if ($multi_ret) { if (defined $call->{ret_offset}) { - push(@args_list, $conn) if !@args_list; + push(@args_list, "$conn_var") if !@args_list; if ($modern_ret_as_list) { my $struct_name = name_to_TypeName($modern_ret_struct_name); @@ -1029,13 +1047,6 @@ elsif ($mode eq "server") { print " $var;\n"; } - if ($structprefix eq "admin") { - print " struct daemonAdmClientPrivate *priv =\n"; - } else { - print " struct daemonClientPrivate *priv =\n"; - } - print " virNetServerClientGetPrivateData(client);\n"; - if ($call->{streamflag} ne "none") { print " virStreamPtr st = NULL;\n"; print " daemonClientStreamPtr stream = NULL;\n"; @@ -1048,10 +1059,9 @@ elsif ($mode eq "server") { print "\n"; - print " if (!$conn) {\n"; - print " virReportError(VIR_ERR_INTERNAL_ERROR, \"%s\", _(\"connection not open\"));\n"; + print " $conn_type $conn_var = $conn_method(client);\n"; + print " if (!$conn_var) \n"; print " goto cleanup;\n"; - print " }\n"; print "\n"; if ($single_ret_as_list) { @@ -1078,7 +1088,7 @@ elsif ($mode eq "server") { } if ($call->{streamflag} ne "none") { - print " if (!(st = virStreamNew($conn, VIR_STREAM_NONBLOCK)))\n"; + print " if (!(st = virStreamNew($conn_var, VIR_STREAM_NONBLOCK)))\n"; print " goto cleanup;\n"; print "\n"; print " if (!(stream = daemonCreateClientStream(client, st, remoteProgram, &msg->header, sparse)))\n"; @@ -1095,7 +1105,7 @@ elsif ($mode eq "server") { } elsif (!$multi_ret) { my $proc_name = $call->{ProcName}; - push(@args_list, $conn) if !@args_list; + push(@args_list, $conn_var) if !@args_list; if ($structprefix eq "qemu" && $call->{ProcName} =~ /^(Connect)?Domain/) { -- 2.21.0

On Tue, 2019-07-23 at 17:03 +0100, Daniel P. Berrangé wrote:
+++ b/src/remote/remote_daemon_dispatch.c @@ -2013,6 +2134,7 @@ remoteDispatchConnectClose(virNetServerPtr server ATTRIBUTE_UNUSED, }
+ static int remoteDispatchDomainGetSchedulerType(virNetServerPtr server ATTRIBUTE_UNUSED, virNetServerClientPtr client,
Unrelated whitespace change. [...]
+++ b/src/rpc/gendispatch.pl @@ -581,11 +599,11 @@ elsif ($mode eq "server") { " virObjectUnref(snapshot);\n" . " virObjectUnref(dom);"); } elsif ($args_member =~ m/^(?:(?:admin|remote)_string|remote_uuid) (\S+)<\S+>;/) { - push(@args_list, $conn) if !@args_list; + push(@args_list, "$conn_var") if !@args_list;
I don't speak Perl, so asking mostly out of curiosity: why is the argument quoted now? Especially since...
@@ -1095,7 +1105,7 @@ elsif ($mode eq "server") { } elsif (!$multi_ret) { my $proc_name = $call->{ProcName};
- push(@args_list, $conn) if !@args_list; + push(@args_list, $conn_var) if !@args_list;
... this code looks like it's performing the same operation, yet the argument is not quoted here, which leads me to believe one of the two is not correct. Anyway, from a high-level perspective the changes in the script seem reasonable enough and so do the changes they produce in the generated files, so Reviewed-by: Andrea Bolognani <abologna@redhat.com> -- Andrea Bolognani / Red Hat / Virtualization

On Sun, Jul 28, 2019 at 07:50:28PM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:03 +0100, Daniel P. Berrangé wrote:
+++ b/src/remote/remote_daemon_dispatch.c @@ -2013,6 +2134,7 @@ remoteDispatchConnectClose(virNetServerPtr server ATTRIBUTE_UNUSED, }
+ static int remoteDispatchDomainGetSchedulerType(virNetServerPtr server ATTRIBUTE_UNUSED, virNetServerClientPtr client,
Unrelated whitespace change.
[...]
+++ b/src/rpc/gendispatch.pl @@ -581,11 +599,11 @@ elsif ($mode eq "server") { " virObjectUnref(snapshot);\n" . " virObjectUnref(dom);"); } elsif ($args_member =~ m/^(?:(?:admin|remote)_string|remote_uuid) (\S+)<\S+>;/) { - push(@args_list, $conn) if !@args_list; + push(@args_list, "$conn_var") if !@args_list;
I don't speak Perl, so asking mostly out of curiosity: why is the argument quoted now? Especially since...
@@ -1095,7 +1105,7 @@ elsif ($mode eq "server") { } elsif (!$multi_ret) { my $proc_name = $call->{ProcName};
- push(@args_list, $conn) if !@args_list; + push(@args_list, $conn_var) if !@args_list;
... this code looks like it's performing the same operation, yet the argument is not quoted here, which leads me to believe one of the two is not correct.
Both styles are functionally identical in their result. The quoted form just adds wastefull string reallocation. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

On Mon, 2019-07-29 at 14:33 +0100, Daniel P. Berrangé wrote:
On Sun, Jul 28, 2019 at 07:50:28PM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:03 +0100, Daniel P. Berrangé wrote:
+++ b/src/rpc/gendispatch.pl @@ -581,11 +599,11 @@ elsif ($mode eq "server") { " virObjectUnref(snapshot);\n" . " virObjectUnref(dom);"); } elsif ($args_member =~ m/^(?:(?:admin|remote)_string|remote_uuid) (\S+)<\S+>;/) { - push(@args_list, $conn) if !@args_list; + push(@args_list, "$conn_var") if !@args_list;
I don't speak Perl, so asking mostly out of curiosity: why is the argument quoted now? Especially since...
@@ -1095,7 +1105,7 @@ elsif ($mode eq "server") { } elsif (!$multi_ret) { my $proc_name = $call->{ProcName};
- push(@args_list, $conn) if !@args_list; + push(@args_list, $conn_var) if !@args_list;
... this code looks like it's performing the same operation, yet the argument is not quoted here, which leads me to believe one of the two is not correct.
Both styles are functionally identical in their result. The quoted form just adds wastefull string reallocation.
Alright, can you standardize on the non-quoted style before pushing then? -- Andrea Bolognani / Red Hat / Virtualization

The driver dispatch methods access the priv->conn variables directly. In future we want to dynamically open the connections for the secondary driver. Thus we want the methods to call a method to get the connection handle instead of assuming the private variable is non-NULL. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/remote/remote_daemon_dispatch.c | 782 ++++++++++------------------ 1 file changed, 289 insertions(+), 493 deletions(-) diff --git a/src/remote/remote_daemon_dispatch.c b/src/remote/remote_daemon_dispatch.c index ecce0b0112..b677bd44ee 100644 --- a/src/remote/remote_daemon_dispatch.c +++ b/src/remote/remote_daemon_dispatch.c @@ -2147,15 +2147,12 @@ remoteDispatchDomainGetSchedulerType(virNetServerPtr server ATTRIBUTE_UNUSED, char *type; int nparams; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (!(type = virDomainGetSchedulerType(dom, &nparams))) @@ -2184,13 +2181,10 @@ remoteDispatchDomainGetSchedulerParameters(virNetServerPtr server ATTRIBUTE_UNUS virTypedParameterPtr params = NULL; int nparams = 0; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->nparams > REMOTE_DOMAIN_SCHEDULER_PARAMETERS_MAX) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large")); @@ -2200,7 +2194,7 @@ remoteDispatchDomainGetSchedulerParameters(virNetServerPtr server ATTRIBUTE_UNUS goto cleanup; nparams = args->nparams; - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainGetSchedulerParameters(dom, params, &nparams) < 0) @@ -2234,13 +2228,10 @@ remoteDispatchDomainGetSchedulerParametersFlags(virNetServerPtr server ATTRIBUTE virTypedParameterPtr params = NULL; int nparams = 0; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->nparams > REMOTE_DOMAIN_SCHEDULER_PARAMETERS_MAX) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large")); @@ -2250,7 +2241,7 @@ remoteDispatchDomainGetSchedulerParametersFlags(virNetServerPtr server ATTRIBUTE goto cleanup; nparams = args->nparams; - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainGetSchedulerParametersFlags(dom, params, &nparams, @@ -2286,13 +2277,10 @@ remoteDispatchDomainMemoryStats(virNetServerPtr server ATTRIBUTE_UNUSED, int nr_stats; size_t i; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->maxStats > REMOTE_DOMAIN_MEMORY_STATS_MAX) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", @@ -2300,7 +2288,7 @@ remoteDispatchDomainMemoryStats(virNetServerPtr server ATTRIBUTE_UNUSED, goto cleanup; } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; /* Allocate stats array for making dispatch call */ @@ -2345,15 +2333,12 @@ remoteDispatchDomainBlockPeek(virNetServerPtr server ATTRIBUTE_UNUSED, size_t size; unsigned int flags; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; path = args->path; offset = args->offset; @@ -2399,15 +2384,12 @@ remoteDispatchDomainBlockStatsFlags(virNetServerPtr server ATTRIBUTE_UNUSED, int nparams = 0; unsigned int flags; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; flags = args->flags; @@ -2461,15 +2443,12 @@ remoteDispatchDomainMemoryPeek(virNetServerPtr server ATTRIBUTE_UNUSED, size_t size; unsigned int flags; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; offset = args->offset; size = args->size; @@ -2511,15 +2490,12 @@ remoteDispatchDomainGetSecurityLabel(virNetServerPtr server ATTRIBUTE_UNUSED, virDomainPtr dom = NULL; virSecurityLabelPtr seclabel = NULL; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (VIR_ALLOC(seclabel) < 0) @@ -2556,15 +2532,12 @@ remoteDispatchDomainGetSecurityLabelList(virNetServerPtr server ATTRIBUTE_UNUSED virSecurityLabelPtr seclabels = NULL; int len, rv = -1; size_t i; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if ((len = virDomainGetSecurityLabelList(dom, &seclabels)) < 0) { @@ -2610,16 +2583,13 @@ remoteDispatchNodeGetSecurityModel(virNetServerPtr server ATTRIBUTE_UNUSED, { virSecurityModel secmodel; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } memset(&secmodel, 0, sizeof(secmodel)); - if (virNodeGetSecurityModel(priv->conn, &secmodel) < 0) + if (virNodeGetSecurityModel(conn, &secmodel) < 0) goto cleanup; ret->model.model_len = strlen(secmodel.model) + 1; @@ -2652,15 +2622,12 @@ remoteDispatchDomainGetVcpuPinInfo(virNetServerPtr server ATTRIBUTE_UNUSED, unsigned char *cpumaps = NULL; int num; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (args->ncpumaps > REMOTE_VCPUINFO_MAX) { @@ -2714,15 +2681,12 @@ remoteDispatchDomainPinEmulator(virNetServerPtr server ATTRIBUTE_UNUSED, { int rv = -1; virDomainPtr dom = NULL; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainPinEmulator(dom, @@ -2753,15 +2717,12 @@ remoteDispatchDomainGetEmulatorPinInfo(virNetServerPtr server ATTRIBUTE_UNUSED, unsigned char *cpumaps = NULL; int r; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; /* Allocate buffers to take the results */ @@ -2804,15 +2765,12 @@ remoteDispatchDomainGetVcpus(virNetServerPtr server ATTRIBUTE_UNUSED, int info_len; size_t i; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (args->maxinfo > REMOTE_VCPUINFO_MAX) { @@ -2881,18 +2839,16 @@ remoteDispatchDomainGetIOThreadInfo(virNetServerPtr server ATTRIBUTE_UNUSED, { int rv = -1; size_t i; - struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); virDomainIOThreadInfoPtr *info = NULL; virDomainPtr dom = NULL; remote_domain_iothread_info *dst; int ninfo = 0; + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if ((ninfo = virDomainGetIOThreadInfo(dom, &info, args->flags)) < 0) @@ -2957,13 +2913,10 @@ remoteDispatchDomainMigratePrepare(virNetServerPtr server ATTRIBUTE_UNUSED, char **uri_out; char *dname; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } uri_in = args->uri_in == NULL ? NULL : *args->uri_in; dname = args->dname == NULL ? NULL : *args->dname; @@ -2972,7 +2925,7 @@ remoteDispatchDomainMigratePrepare(virNetServerPtr server ATTRIBUTE_UNUSED, if (VIR_ALLOC(uri_out) < 0) goto cleanup; - if (virDomainMigratePrepare(priv->conn, &cookie, &cookielen, + if (virDomainMigratePrepare(conn, &cookie, &cookielen, uri_in, uri_out, args->flags, dname, args->resource) < 0) goto cleanup; @@ -3012,13 +2965,10 @@ remoteDispatchDomainMigratePrepare2(virNetServerPtr server ATTRIBUTE_UNUSED, char **uri_out; char *dname; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } uri_in = args->uri_in == NULL ? NULL : *args->uri_in; dname = args->dname == NULL ? NULL : *args->dname; @@ -3027,7 +2977,7 @@ remoteDispatchDomainMigratePrepare2(virNetServerPtr server ATTRIBUTE_UNUSED, if (VIR_ALLOC(uri_out) < 0) goto cleanup; - if (virDomainMigratePrepare2(priv->conn, &cookie, &cookielen, + if (virDomainMigratePrepare2(conn, &cookie, &cookielen, uri_in, uri_out, args->flags, dname, args->resource, args->dom_xml) < 0) @@ -3063,13 +3013,10 @@ remoteDispatchDomainGetMemoryParameters(virNetServerPtr server ATTRIBUTE_UNUSED, int nparams = 0; unsigned int flags; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } flags = args->flags; @@ -3081,7 +3028,7 @@ remoteDispatchDomainGetMemoryParameters(virNetServerPtr server ATTRIBUTE_UNUSED, goto cleanup; nparams = args->nparams; - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainGetMemoryParameters(dom, params, &nparams, flags) < 0) @@ -3125,13 +3072,10 @@ remoteDispatchDomainGetNumaParameters(virNetServerPtr server ATTRIBUTE_UNUSED, int nparams = 0; unsigned int flags; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } flags = args->flags; @@ -3143,7 +3087,7 @@ remoteDispatchDomainGetNumaParameters(virNetServerPtr server ATTRIBUTE_UNUSED, goto cleanup; nparams = args->nparams; - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainGetNumaParameters(dom, params, &nparams, flags) < 0) @@ -3187,13 +3131,10 @@ remoteDispatchDomainGetBlkioParameters(virNetServerPtr server ATTRIBUTE_UNUSED, int nparams = 0; unsigned int flags; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } flags = args->flags; @@ -3205,7 +3146,7 @@ remoteDispatchDomainGetBlkioParameters(virNetServerPtr server ATTRIBUTE_UNUSED, goto cleanup; nparams = args->nparams; - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainGetBlkioParameters(dom, params, &nparams, flags) < 0) @@ -3250,13 +3191,10 @@ remoteDispatchNodeGetCPUStats(virNetServerPtr server ATTRIBUTE_UNUSED, int nparams = 0; unsigned int flags; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } flags = args->flags; @@ -3268,7 +3206,7 @@ remoteDispatchNodeGetCPUStats(virNetServerPtr server ATTRIBUTE_UNUSED, goto cleanup; nparams = args->nparams; - if (virNodeGetCPUStats(priv->conn, cpuNum, params, &nparams, flags) < 0) + if (virNodeGetCPUStats(conn, cpuNum, params, &nparams, flags) < 0) goto cleanup; /* In this case, we need to send back the number of stats @@ -3322,13 +3260,10 @@ remoteDispatchNodeGetMemoryStats(virNetServerPtr server ATTRIBUTE_UNUSED, int nparams = 0; unsigned int flags; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } flags = args->flags; @@ -3340,7 +3275,7 @@ remoteDispatchNodeGetMemoryStats(virNetServerPtr server ATTRIBUTE_UNUSED, goto cleanup; nparams = args->nparams; - if (virNodeGetMemoryStats(priv->conn, cellNum, params, &nparams, flags) < 0) + if (virNodeGetMemoryStats(conn, cellNum, params, &nparams, flags) < 0) goto cleanup; /* In this case, we need to send back the number of parameters @@ -3392,15 +3327,12 @@ remoteDispatchDomainGetLaunchSecurityInfo(virNetServerPtr server ATTRIBUTE_UNUSE virTypedParameterPtr params = NULL; int nparams = 0; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainGetLaunchSecurityInfo(dom, ¶ms, &nparams, args->flags) < 0) @@ -3439,15 +3371,12 @@ remoteDispatchDomainGetPerfEvents(virNetServerPtr server ATTRIBUTE_UNUSED, virTypedParameterPtr params = NULL; int nparams = 0; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainGetPerfEvents(dom, ¶ms, &nparams, args->flags) < 0) @@ -3485,15 +3414,12 @@ remoteDispatchDomainGetBlockJobInfo(virNetServerPtr server ATTRIBUTE_UNUSED, virDomainPtr dom = NULL; virDomainBlockJobInfo tmp; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; rv = virDomainGetBlockJobInfo(dom, args->path, &tmp, args->flags); @@ -3526,13 +3452,10 @@ remoteDispatchDomainGetBlockIoTune(virNetServerPtr server ATTRIBUTE_UNUSED, int rv = -1; virTypedParameterPtr params = NULL; int nparams = 0; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->nparams > REMOTE_DOMAIN_BLOCK_IO_TUNE_PARAMETERS_MAX) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large")); @@ -3543,7 +3466,7 @@ remoteDispatchDomainGetBlockIoTune(virNetServerPtr server ATTRIBUTE_UNUSED, goto cleanup; nparams = args->nparams; - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainGetBlockIoTune(dom, args->disk ? *args->disk : NULL, @@ -4103,15 +4026,12 @@ remoteDispatchNodeDeviceGetParent(virNetServerPtr server ATTRIBUTE_UNUSED, virNodeDevicePtr dev = NULL; const char *parent = NULL; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetNodeDevConn(client); - if (!priv->nodedevConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dev = virNodeDeviceLookupByName(priv->nodedevConn, args->name))) + if (!(dev = virNodeDeviceLookupByName(conn, args->name))) goto cleanup; parent = virNodeDeviceGetParent(dev); @@ -4143,15 +4063,14 @@ remoteDispatchConnectRegisterCloseCallback(virNetServerPtr server ATTRIBUTE_UNUS int rv = -1; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); virMutexLock(&priv->lock); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (virConnectRegisterCloseCallback(priv->conn, + if (virConnectRegisterCloseCallback(conn, remoteRelayConnectionClosedEvent, client, NULL) < 0) goto cleanup; @@ -4175,15 +4094,14 @@ remoteDispatchConnectUnregisterCloseCallback(virNetServerPtr server ATTRIBUTE_UN int rv = -1; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); virMutexLock(&priv->lock); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (virConnectUnregisterCloseCallback(priv->conn, + if (virConnectUnregisterCloseCallback(conn, remoteRelayConnectionClosedEvent) < 0) goto cleanup; @@ -4210,14 +4128,13 @@ remoteDispatchConnectDomainEventRegister(virNetServerPtr server ATTRIBUTE_UNUSED daemonClientEventCallbackPtr ref; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); - - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); - goto cleanup; - } + virConnectPtr conn = remoteGetHypervisorConn(client); virMutexLock(&priv->lock); + if (!conn) + goto cleanup; + /* If we call register first, we could append a complete callback * to our array, but on OOM append failure, we'd have to then hope * deregister works to undo our register. So instead we append an @@ -4238,7 +4155,7 @@ remoteDispatchConnectDomainEventRegister(virNetServerPtr server ATTRIBUTE_UNUSED callback) < 0) goto cleanup; - if ((callbackID = virConnectDomainEventRegisterAny(priv->conn, + if ((callbackID = virConnectDomainEventRegisterAny(conn, NULL, VIR_DOMAIN_EVENT_ID_LIFECYCLE, VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventLifecycle), @@ -4274,14 +4191,13 @@ remoteDispatchConnectDomainEventDeregister(virNetServerPtr server ATTRIBUTE_UNUS size_t i; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); - - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); - goto cleanup; - } + virConnectPtr conn = remoteGetHypervisorConn(client); virMutexLock(&priv->lock); + if (!conn) + goto cleanup; + for (i = 0; i < priv->ndomainEventCallbacks; i++) { if (priv->domainEventCallbacks[i]->eventID == VIR_DOMAIN_EVENT_ID_LIFECYCLE) { callbackID = priv->domainEventCallbacks[i]->callbackID; @@ -4296,7 +4212,7 @@ remoteDispatchConnectDomainEventDeregister(virNetServerPtr server ATTRIBUTE_UNUS goto cleanup; } - if (virConnectDomainEventDeregisterAny(priv->conn, callbackID) < 0) + if (virConnectDomainEventDeregisterAny(conn, callbackID) < 0) goto cleanup; VIR_DELETE_ELEMENT(priv->domainEventCallbacks, i, @@ -4360,15 +4276,12 @@ remoteDispatchSecretGetValue(virNetServerPtr server ATTRIBUTE_UNUSED, size_t value_size; unsigned char *value; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetSecretConn(client); - if (!priv->secretConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(secret = get_nonnull_secret(priv->secretConn, args->secret))) + if (!(secret = get_nonnull_secret(conn, args->secret))) goto cleanup; if (!(value = virSecretGetValue(secret, &value_size, args->flags))) @@ -4396,15 +4309,12 @@ remoteDispatchDomainGetState(virNetServerPtr server ATTRIBUTE_UNUSED, { virDomainPtr dom = NULL; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainGetState(dom, &ret->state, &ret->reason, args->flags) < 0) @@ -4438,14 +4348,13 @@ remoteDispatchConnectDomainEventRegisterAny(virNetServerPtr server ATTRIBUTE_UNU daemonClientEventCallbackPtr ref; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); - - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); - goto cleanup; - } + virConnectPtr conn = remoteGetHypervisorConn(client); virMutexLock(&priv->lock); + if (!conn) + goto cleanup; + /* We intentionally do not use VIR_DOMAIN_EVENT_ID_LAST here; any * new domain events added after this point should only use the * modern callback style of RPC. */ @@ -4474,7 +4383,7 @@ remoteDispatchConnectDomainEventRegisterAny(virNetServerPtr server ATTRIBUTE_UNU callback) < 0) goto cleanup; - if ((callbackID = virConnectDomainEventRegisterAny(priv->conn, + if ((callbackID = virConnectDomainEventRegisterAny(conn, NULL, args->eventID, domainEventCallbacks[args->eventID], @@ -4514,16 +4423,15 @@ remoteDispatchConnectDomainEventCallbackRegisterAny(virNetServerPtr server ATTRI struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); virDomainPtr dom = NULL; - - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); - goto cleanup; - } + virConnectPtr conn = remoteGetHypervisorConn(client); virMutexLock(&priv->lock); + if (!conn) + goto cleanup; + if (args->dom && - !(dom = get_nonnull_domain(priv->conn, *args->dom))) + !(dom = get_nonnull_domain(conn, *args->dom))) goto cleanup; if (args->eventID >= VIR_DOMAIN_EVENT_ID_LAST || args->eventID < 0) { @@ -4549,7 +4457,7 @@ remoteDispatchConnectDomainEventCallbackRegisterAny(virNetServerPtr server ATTRI callback) < 0) goto cleanup; - if ((callbackID = virConnectDomainEventRegisterAny(priv->conn, + if ((callbackID = virConnectDomainEventRegisterAny(conn, dom, args->eventID, domainEventCallbacks[args->eventID], @@ -4588,14 +4496,13 @@ remoteDispatchConnectDomainEventDeregisterAny(virNetServerPtr server ATTRIBUTE_U size_t i; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); - - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); - goto cleanup; - } + virConnectPtr conn = remoteGetHypervisorConn(client); virMutexLock(&priv->lock); + if (!conn) + goto cleanup; + /* We intentionally do not use VIR_DOMAIN_EVENT_ID_LAST here; any * new domain events added after this point should only use the * modern callback style of RPC. */ @@ -4618,7 +4525,7 @@ remoteDispatchConnectDomainEventDeregisterAny(virNetServerPtr server ATTRIBUTE_U goto cleanup; } - if (virConnectDomainEventDeregisterAny(priv->conn, callbackID) < 0) + if (virConnectDomainEventDeregisterAny(conn, callbackID) < 0) goto cleanup; VIR_DELETE_ELEMENT(priv->domainEventCallbacks, i, @@ -4645,14 +4552,13 @@ remoteDispatchConnectDomainEventCallbackDeregisterAny(virNetServerPtr server ATT size_t i; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); - - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); - goto cleanup; - } + virConnectPtr conn = remoteGetHypervisorConn(client); virMutexLock(&priv->lock); + if (!conn) + goto cleanup; + for (i = 0; i < priv->ndomainEventCallbacks; i++) { if (priv->domainEventCallbacks[i]->callbackID == args->callbackID) break; @@ -4664,7 +4570,7 @@ remoteDispatchConnectDomainEventCallbackDeregisterAny(virNetServerPtr server ATT goto cleanup; } - if (virConnectDomainEventDeregisterAny(priv->conn, args->callbackID) < 0) + if (virConnectDomainEventDeregisterAny(conn, args->callbackID) < 0) goto cleanup; VIR_DELETE_ELEMENT(priv->domainEventCallbacks, i, @@ -4690,15 +4596,12 @@ qemuDispatchDomainMonitorCommand(virNetServerPtr server ATTRIBUTE_UNUSED, { virDomainPtr dom = NULL; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainQemuMonitorCommand(dom, args->cmd, &ret->result, @@ -4730,15 +4633,12 @@ remoteDispatchDomainMigrateBegin3(virNetServerPtr server ATTRIBUTE_UNUSED, char *cookieout = NULL; int cookieoutlen = 0; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; xmlin = args->xmlin == NULL ? NULL : *args->xmlin; @@ -4780,13 +4680,10 @@ remoteDispatchDomainMigratePrepare3(virNetServerPtr server ATTRIBUTE_UNUSED, char **uri_out; char *dname; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } uri_in = args->uri_in == NULL ? NULL : *args->uri_in; dname = args->dname == NULL ? NULL : *args->dname; @@ -4795,7 +4692,7 @@ remoteDispatchDomainMigratePrepare3(virNetServerPtr server ATTRIBUTE_UNUSED, if (VIR_ALLOC(uri_out) < 0) goto cleanup; - if (virDomainMigratePrepare3(priv->conn, + if (virDomainMigratePrepare3(conn, args->cookie_in.cookie_in_val, args->cookie_in.cookie_in_len, &cookieout, &cookieoutlen, @@ -4838,15 +4735,12 @@ remoteDispatchDomainMigratePerform3(virNetServerPtr server ATTRIBUTE_UNUSED, char *cookieout = NULL; int cookieoutlen = 0; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; xmlin = args->xmlin == NULL ? NULL : *args->xmlin; @@ -4891,18 +4785,15 @@ remoteDispatchDomainMigrateFinish3(virNetServerPtr server ATTRIBUTE_UNUSED, char *uri; char *dconnuri; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } uri = args->uri == NULL ? NULL : *args->uri; dconnuri = args->dconnuri == NULL ? NULL : *args->dconnuri; - if (!(dom = virDomainMigrateFinish3(priv->conn, args->dname, + if (!(dom = virDomainMigrateFinish3(conn, args->dname, args->cookie_in.cookie_in_val, args->cookie_in.cookie_in_len, &cookieout, &cookieoutlen, @@ -4940,15 +4831,12 @@ remoteDispatchDomainMigrateConfirm3(virNetServerPtr server ATTRIBUTE_UNUSED, { virDomainPtr dom = NULL; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainMigrateConfirm3(dom, @@ -4976,8 +4864,7 @@ static int remoteDispatchConnectSupportsFeature(virNetServerPtr server ATTRIBUTE { int rv = -1; int supported = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = NULL; /* This feature is checked before opening the connection, thus we must * check it first. @@ -4989,10 +4876,10 @@ static int remoteDispatchConnectSupportsFeature(virNetServerPtr server ATTRIBUTE goto done; } - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + conn = remoteGetHypervisorConn(client); + + if (!conn) goto cleanup; - } switch ((virDrvFeature) args->feature) { case VIR_DRV_FEATURE_FD_PASSING: @@ -5012,7 +4899,7 @@ static int remoteDispatchConnectSupportsFeature(virNetServerPtr server ATTRIBUTE case VIR_DRV_FEATURE_MIGRATION_OFFLINE: case VIR_DRV_FEATURE_MIGRATION_PARAMS: default: - if ((supported = virConnectSupportsFeature(priv->conn, args->feature)) < 0) + if ((supported = virConnectSupportsFeature(conn, args->feature)) < 0) goto cleanup; break; case VIR_DRV_FEATURE_PROGRAM_KEEPALIVE: @@ -5041,15 +4928,12 @@ remoteDispatchDomainOpenGraphics(virNetServerPtr server ATTRIBUTE_UNUSED, virDomainPtr dom = NULL; int rv = -1; int fd = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if ((fd = virNetMessageDupFD(msg, 0)) < 0) @@ -5082,15 +4966,12 @@ remoteDispatchDomainOpenGraphicsFd(virNetServerPtr server ATTRIBUTE_UNUSED, virDomainPtr dom = NULL; int rv = -1; int fd = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if ((fd = virDomainOpenGraphicsFD(dom, @@ -5129,13 +5010,10 @@ remoteDispatchDomainGetInterfaceParameters(virNetServerPtr server ATTRIBUTE_UNUS int nparams = 0; unsigned int flags; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } flags = args->flags; @@ -5147,7 +5025,7 @@ remoteDispatchDomainGetInterfaceParameters(virNetServerPtr server ATTRIBUTE_UNUS goto cleanup; nparams = args->nparams; - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainGetInterfaceParameters(dom, device, params, &nparams, flags) < 0) @@ -5187,16 +5065,13 @@ remoteDispatchDomainGetCPUStats(virNetServerPtr server ATTRIBUTE_UNUSED, remote_domain_get_cpu_stats_ret *ret) { virDomainPtr dom = NULL; - struct daemonClientPrivate *priv; virTypedParameterPtr params = NULL; int rv = -1; int percpu_len = 0; + virConnectPtr conn = remoteGetHypervisorConn(client); - priv = virNetServerClientGetPrivateData(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->nparams > REMOTE_NODE_CPU_STATS_MAX) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large")); @@ -5211,7 +5086,7 @@ remoteDispatchDomainGetCPUStats(virNetServerPtr server ATTRIBUTE_UNUSED, VIR_ALLOC_N(params, args->ncpus * args->nparams) < 0) goto cleanup; - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; percpu_len = virDomainGetCPUStats(dom, params, args->nparams, @@ -5261,15 +5136,12 @@ remoteDispatchDomainGetDiskErrors(virNetServerPtr server ATTRIBUTE_UNUSED, virDomainPtr dom = NULL; virDomainDiskErrorPtr errors = NULL; int len = 0; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (args->maxerrors > REMOTE_DOMAIN_DISK_ERRORS_MAX) { @@ -5321,15 +5193,12 @@ remoteDispatchNodeGetSevInfo(virNetServerPtr server ATTRIBUTE_UNUSED, virTypedParameterPtr params = NULL; int nparams = 0; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (virNodeGetSEVInfo(priv->conn, ¶ms, &nparams, args->flags) < 0) + if (virNodeGetSEVInfo(conn, ¶ms, &nparams, args->flags) < 0) goto cleanup; if (nparams > REMOTE_NODE_SEV_INFO_MAX) { @@ -5366,13 +5235,10 @@ remoteDispatchNodeGetMemoryParameters(virNetServerPtr server ATTRIBUTE_UNUSED, int nparams = 0; unsigned int flags; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } flags = args->flags; @@ -5384,7 +5250,7 @@ remoteDispatchNodeGetMemoryParameters(virNetServerPtr server ATTRIBUTE_UNUSED, goto cleanup; nparams = args->nparams; - if (virNodeGetMemoryParameters(priv->conn, params, &nparams, flags) < 0) + if (virNodeGetMemoryParameters(conn, params, &nparams, flags) < 0) goto cleanup; /* In this case, we need to send back the number of parameters @@ -5424,17 +5290,14 @@ remoteDispatchNodeGetCPUMap(virNetServerPtr server ATTRIBUTE_UNUSED, unsigned int flags; int cpunum; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } flags = args->flags; - cpunum = virNodeGetCPUMap(priv->conn, args->need_map ? &cpumap : NULL, + cpunum = virNodeGetCPUMap(conn, args->need_map ? &cpumap : NULL, args->need_online ? &online : NULL, flags); if (cpunum < 0) goto cleanup; @@ -5466,19 +5329,16 @@ lxcDispatchDomainOpenNamespace(virNetServerPtr server ATTRIBUTE_UNUSED, lxc_domain_open_namespace_args *args) { int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); int *fdlist = NULL; int ret; virDomainPtr dom = NULL; size_t i; + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; ret = virDomainLxcOpenNamespace(dom, @@ -5520,15 +5380,12 @@ remoteDispatchDomainGetJobStats(virNetServerPtr server ATTRIBUTE_UNUSED, virTypedParameterPtr params = NULL; int nparams = 0; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainGetJobStats(dom, &ret->type, ¶ms, @@ -5573,13 +5430,10 @@ remoteDispatchDomainMigrateBegin3Params(virNetServerPtr server ATTRIBUTE_UNUSED, char *cookieout = NULL; int cookieoutlen = 0; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->params.params_len > REMOTE_DOMAIN_MIGRATE_PARAM_LIST_MAX) { virReportError(VIR_ERR_RPC, @@ -5588,7 +5442,7 @@ remoteDispatchDomainMigrateBegin3Params(virNetServerPtr server ATTRIBUTE_UNUSED, goto cleanup; } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virTypedParamsDeserialize((virTypedParameterRemotePtr) args->params.params_val, @@ -5629,13 +5483,10 @@ remoteDispatchDomainMigratePrepare3Params(virNetServerPtr server ATTRIBUTE_UNUSE int cookieoutlen = 0; char **uri_out; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->params.params_len > REMOTE_DOMAIN_MIGRATE_PARAM_LIST_MAX) { virReportError(VIR_ERR_RPC, @@ -5653,7 +5504,7 @@ remoteDispatchDomainMigratePrepare3Params(virNetServerPtr server ATTRIBUTE_UNUSE if (VIR_ALLOC(uri_out) < 0) goto cleanup; - if (virDomainMigratePrepare3Params(priv->conn, params, nparams, + if (virDomainMigratePrepare3Params(conn, params, nparams, args->cookie_in.cookie_in_val, args->cookie_in.cookie_in_len, &cookieout, &cookieoutlen, @@ -5688,15 +5539,12 @@ remoteDispatchDomainMigratePrepareTunnel3Params(virNetServerPtr server ATTRIBUTE char *cookieout = NULL; int cookieoutlen = 0; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); virStreamPtr st = NULL; daemonClientStreamPtr stream = NULL; + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->params.params_len > REMOTE_DOMAIN_MIGRATE_PARAM_LIST_MAX) { virReportError(VIR_ERR_RPC, @@ -5710,12 +5558,12 @@ remoteDispatchDomainMigratePrepareTunnel3Params(virNetServerPtr server ATTRIBUTE 0, ¶ms, &nparams) < 0) goto cleanup; - if (!(st = virStreamNew(priv->conn, VIR_STREAM_NONBLOCK)) || + if (!(st = virStreamNew(conn, VIR_STREAM_NONBLOCK)) || !(stream = daemonCreateClientStream(client, st, remoteProgram, &msg->header, false))) goto cleanup; - if (virDomainMigratePrepareTunnel3Params(priv->conn, st, params, nparams, + if (virDomainMigratePrepareTunnel3Params(conn, st, params, nparams, args->cookie_in.cookie_in_val, args->cookie_in.cookie_in_len, &cookieout, &cookieoutlen, @@ -5760,13 +5608,10 @@ remoteDispatchDomainMigratePerform3Params(virNetServerPtr server ATTRIBUTE_UNUSE int cookieoutlen = 0; char *dconnuri; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->params.params_len > REMOTE_DOMAIN_MIGRATE_PARAM_LIST_MAX) { virReportError(VIR_ERR_RPC, @@ -5775,7 +5620,7 @@ remoteDispatchDomainMigratePerform3Params(virNetServerPtr server ATTRIBUTE_UNUSE goto cleanup; } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virTypedParamsDeserialize((virTypedParameterRemotePtr) args->params.params_val, @@ -5820,13 +5665,10 @@ remoteDispatchDomainMigrateFinish3Params(virNetServerPtr server ATTRIBUTE_UNUSED char *cookieout = NULL; int cookieoutlen = 0; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->params.params_len > REMOTE_DOMAIN_MIGRATE_PARAM_LIST_MAX) { virReportError(VIR_ERR_RPC, @@ -5840,7 +5682,7 @@ remoteDispatchDomainMigrateFinish3Params(virNetServerPtr server ATTRIBUTE_UNUSED 0, ¶ms, &nparams) < 0) goto cleanup; - dom = virDomainMigrateFinish3Params(priv->conn, params, nparams, + dom = virDomainMigrateFinish3Params(conn, params, nparams, args->cookie_in.cookie_in_val, args->cookie_in.cookie_in_len, &cookieout, &cookieoutlen, @@ -5878,13 +5720,10 @@ remoteDispatchDomainMigrateConfirm3Params(virNetServerPtr server ATTRIBUTE_UNUSE int nparams = 0; virDomainPtr dom = NULL; int rv = -1; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->params.params_len > REMOTE_DOMAIN_MIGRATE_PARAM_LIST_MAX) { virReportError(VIR_ERR_RPC, @@ -5893,7 +5732,7 @@ remoteDispatchDomainMigrateConfirm3Params(virNetServerPtr server ATTRIBUTE_UNUSE goto cleanup; } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virTypedParamsDeserialize((virTypedParameterRemotePtr) args->params.params_val, @@ -5928,15 +5767,12 @@ remoteDispatchConnectGetCPUModelNames(virNetServerPtr server ATTRIBUTE_UNUSED, { int len, rv = -1; char **models = NULL; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - len = virConnectGetCPUModelNames(priv->conn, args->arch, + len = virConnectGetCPUModelNames(conn, args->arch, args->need_results ? &models : NULL, args->flags); if (len < 0) @@ -5980,16 +5816,13 @@ remoteDispatchDomainCreateXMLWithFiles(virNetServerPtr server ATTRIBUTE_UNUSED, { int rv = -1; virDomainPtr dom = NULL; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); int *files = NULL; unsigned int nfiles = 0; size_t i; + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (VIR_ALLOC_N(files, msg->nfds) < 0) goto cleanup; @@ -5999,7 +5832,7 @@ remoteDispatchDomainCreateXMLWithFiles(virNetServerPtr server ATTRIBUTE_UNUSED, nfiles++; } - if ((dom = virDomainCreateXMLWithFiles(priv->conn, args->xml_desc, + if ((dom = virDomainCreateXMLWithFiles(conn, args->xml_desc, nfiles, files, args->flags)) == NULL) goto cleanup; @@ -6029,16 +5862,13 @@ static int remoteDispatchDomainCreateWithFiles(virNetServerPtr server ATTRIBUTE_ { int rv = -1; virDomainPtr dom = NULL; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); int *files = NULL; unsigned int nfiles = 0; size_t i; + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (VIR_ALLOC_N(files, msg->nfds) < 0) goto cleanup; @@ -6048,7 +5878,7 @@ static int remoteDispatchDomainCreateWithFiles(virNetServerPtr server ATTRIBUTE_ nfiles++; } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainCreateWithFiles(dom, @@ -6084,19 +5914,18 @@ remoteDispatchConnectNetworkEventRegisterAny(virNetServerPtr server ATTRIBUTE_UN int rv = -1; daemonClientEventCallbackPtr callback = NULL; daemonClientEventCallbackPtr ref; + virNetworkPtr net = NULL; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); - virNetworkPtr net = NULL; - - if (!priv->networkConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); - goto cleanup; - } + virConnectPtr conn = remoteGetNetworkConn(client); virMutexLock(&priv->lock); + if (!conn) + goto cleanup; + if (args->net && - !(net = get_nonnull_network(priv->networkConn, *args->net))) + !(net = get_nonnull_network(conn, *args->net))) goto cleanup; if (args->eventID >= VIR_NETWORK_EVENT_ID_LAST || args->eventID < 0) { @@ -6122,7 +5951,7 @@ remoteDispatchConnectNetworkEventRegisterAny(virNetServerPtr server ATTRIBUTE_UN callback) < 0) goto cleanup; - if ((callbackID = virConnectNetworkEventRegisterAny(priv->networkConn, + if ((callbackID = virConnectNetworkEventRegisterAny(conn, net, args->eventID, networkEventCallbacks[args->eventID], @@ -6160,14 +5989,13 @@ remoteDispatchConnectNetworkEventDeregisterAny(virNetServerPtr server ATTRIBUTE_ size_t i; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); - - if (!priv->networkConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); - goto cleanup; - } + virConnectPtr conn = remoteGetNetworkConn(client); virMutexLock(&priv->lock); + if (!conn) + goto cleanup; + for (i = 0; i < priv->nnetworkEventCallbacks; i++) { if (priv->networkEventCallbacks[i]->callbackID == args->callbackID) break; @@ -6179,7 +6007,7 @@ remoteDispatchConnectNetworkEventDeregisterAny(virNetServerPtr server ATTRIBUTE_ goto cleanup; } - if (virConnectNetworkEventDeregisterAny(priv->networkConn, args->callbackID) < 0) + if (virConnectNetworkEventDeregisterAny(conn, args->callbackID) < 0) goto cleanup; VIR_DELETE_ELEMENT(priv->networkEventCallbacks, i, @@ -6209,16 +6037,15 @@ remoteDispatchConnectStoragePoolEventRegisterAny(virNetServerPtr server ATTRIBUT struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); virStoragePoolPtr pool = NULL; - - if (!priv->storageConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); - goto cleanup; - } + virConnectPtr conn = remoteGetStorageConn(client); virMutexLock(&priv->lock); + if (!conn) + goto cleanup; + if (args->pool && - !(pool = get_nonnull_storage_pool(priv->storageConn, *args->pool))) + !(pool = get_nonnull_storage_pool(conn, *args->pool))) goto cleanup; if (args->eventID >= VIR_STORAGE_POOL_EVENT_ID_LAST || args->eventID < 0) { @@ -6244,7 +6071,7 @@ remoteDispatchConnectStoragePoolEventRegisterAny(virNetServerPtr server ATTRIBUT callback) < 0) goto cleanup; - if ((callbackID = virConnectStoragePoolEventRegisterAny(priv->storageConn, + if ((callbackID = virConnectStoragePoolEventRegisterAny(conn, pool, args->eventID, storageEventCallbacks[args->eventID], @@ -6281,14 +6108,13 @@ remoteDispatchConnectStoragePoolEventDeregisterAny(virNetServerPtr server ATTRIB size_t i; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); - - if (!priv->storageConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); - goto cleanup; - } + virConnectPtr conn = remoteGetStorageConn(client); virMutexLock(&priv->lock); + if (!conn) + goto cleanup; + for (i = 0; i < priv->nstorageEventCallbacks; i++) { if (priv->storageEventCallbacks[i]->callbackID == args->callbackID) break; @@ -6300,7 +6126,7 @@ remoteDispatchConnectStoragePoolEventDeregisterAny(virNetServerPtr server ATTRIB goto cleanup; } - if (virConnectStoragePoolEventDeregisterAny(priv->storageConn, args->callbackID) < 0) + if (virConnectStoragePoolEventDeregisterAny(conn, args->callbackID) < 0) goto cleanup; VIR_DELETE_ELEMENT(priv->storageEventCallbacks, i, @@ -6330,16 +6156,15 @@ remoteDispatchConnectNodeDeviceEventRegisterAny(virNetServerPtr server ATTRIBUTE struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); virNodeDevicePtr dev = NULL; - - if (!priv->nodedevConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); - goto cleanup; - } + virConnectPtr conn = remoteGetNodeDevConn(client); virMutexLock(&priv->lock); + if (!conn) + goto cleanup; + if (args->dev && - !(dev = get_nonnull_node_device(priv->nodedevConn, *args->dev))) + !(dev = get_nonnull_node_device(conn, *args->dev))) goto cleanup; if (args->eventID >= VIR_NODE_DEVICE_EVENT_ID_LAST || args->eventID < 0) { @@ -6365,7 +6190,7 @@ remoteDispatchConnectNodeDeviceEventRegisterAny(virNetServerPtr server ATTRIBUTE callback) < 0) goto cleanup; - if ((callbackID = virConnectNodeDeviceEventRegisterAny(priv->nodedevConn, + if ((callbackID = virConnectNodeDeviceEventRegisterAny(conn, dev, args->eventID, nodeDeviceEventCallbacks[args->eventID], @@ -6402,14 +6227,13 @@ remoteDispatchConnectNodeDeviceEventDeregisterAny(virNetServerPtr server ATTRIBU size_t i; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); - - if (!priv->nodedevConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); - goto cleanup; - } + virConnectPtr conn = remoteGetNodeDevConn(client); virMutexLock(&priv->lock); + if (!conn) + goto cleanup; + for (i = 0; i < priv->nnodeDeviceEventCallbacks; i++) { if (priv->nodeDeviceEventCallbacks[i]->callbackID == args->callbackID) break; @@ -6421,7 +6245,7 @@ remoteDispatchConnectNodeDeviceEventDeregisterAny(virNetServerPtr server ATTRIBU goto cleanup; } - if (virConnectNodeDeviceEventDeregisterAny(priv->nodedevConn, args->callbackID) < 0) + if (virConnectNodeDeviceEventDeregisterAny(conn, args->callbackID) < 0) goto cleanup; VIR_DELETE_ELEMENT(priv->nodeDeviceEventCallbacks, i, @@ -6451,16 +6275,15 @@ remoteDispatchConnectSecretEventRegisterAny(virNetServerPtr server ATTRIBUTE_UNU struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); virSecretPtr secret = NULL; - - if (!priv->secretConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); - goto cleanup; - } + virConnectPtr conn = remoteGetSecretConn(client); virMutexLock(&priv->lock); + if (!conn) + goto cleanup; + if (args->secret && - !(secret = get_nonnull_secret(priv->secretConn, *args->secret))) + !(secret = get_nonnull_secret(conn, *args->secret))) goto cleanup; if (args->eventID >= VIR_SECRET_EVENT_ID_LAST || args->eventID < 0) { @@ -6486,7 +6309,7 @@ remoteDispatchConnectSecretEventRegisterAny(virNetServerPtr server ATTRIBUTE_UNU callback) < 0) goto cleanup; - if ((callbackID = virConnectSecretEventRegisterAny(priv->secretConn, + if ((callbackID = virConnectSecretEventRegisterAny(conn, secret, args->eventID, secretEventCallbacks[args->eventID], @@ -6523,14 +6346,13 @@ remoteDispatchConnectSecretEventDeregisterAny(virNetServerPtr server ATTRIBUTE_U size_t i; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); - - if (!priv->secretConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); - goto cleanup; - } + virConnectPtr conn = remoteGetSecretConn(client); virMutexLock(&priv->lock); + if (!conn) + goto cleanup; + for (i = 0; i < priv->nsecretEventCallbacks; i++) { if (priv->secretEventCallbacks[i]->callbackID == args->callbackID) break; @@ -6542,7 +6364,7 @@ remoteDispatchConnectSecretEventDeregisterAny(virNetServerPtr server ATTRIBUTE_U goto cleanup; } - if (virConnectSecretEventDeregisterAny(priv->secretConn, args->callbackID) < 0) + if (virConnectSecretEventDeregisterAny(conn, args->callbackID) < 0) goto cleanup; VIR_DELETE_ELEMENT(priv->secretEventCallbacks, i, @@ -6573,16 +6395,15 @@ qemuDispatchConnectDomainMonitorEventRegister(virNetServerPtr server ATTRIBUTE_U virNetServerClientGetPrivateData(client); virDomainPtr dom = NULL; const char *event = args->event ? *args->event : NULL; - - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); - goto cleanup; - } + virConnectPtr conn = remoteGetHypervisorConn(client); virMutexLock(&priv->lock); + if (!conn) + goto cleanup; + if (args->dom && - !(dom = get_nonnull_domain(priv->conn, *args->dom))) + !(dom = get_nonnull_domain(conn, *args->dom))) goto cleanup; /* If we call register first, we could append a complete callback @@ -6602,7 +6423,7 @@ qemuDispatchConnectDomainMonitorEventRegister(virNetServerPtr server ATTRIBUTE_U callback) < 0) goto cleanup; - if ((callbackID = virConnectDomainQemuMonitorEventRegister(priv->conn, + if ((callbackID = virConnectDomainQemuMonitorEventRegister(conn, dom, event, remoteRelayDomainQemuMonitorEvent, @@ -6641,14 +6462,13 @@ qemuDispatchConnectDomainMonitorEventDeregister(virNetServerPtr server ATTRIBUTE size_t i; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); - - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); - goto cleanup; - } + virConnectPtr conn = remoteGetHypervisorConn(client); virMutexLock(&priv->lock); + if (!conn) + goto cleanup; + for (i = 0; i < priv->nqemuEventCallbacks; i++) { if (priv->qemuEventCallbacks[i]->callbackID == args->callbackID) break; @@ -6660,7 +6480,7 @@ qemuDispatchConnectDomainMonitorEventDeregister(virNetServerPtr server ATTRIBUTE goto cleanup; } - if (virConnectDomainQemuMonitorEventDeregister(priv->conn, + if (virConnectDomainQemuMonitorEventDeregister(conn, args->callbackID) < 0) goto cleanup; @@ -6688,15 +6508,12 @@ remoteDispatchDomainGetTime(virNetServerPtr server ATTRIBUTE_UNUSED, virDomainPtr dom = NULL; long long seconds; unsigned int nseconds; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if (virDomainGetTime(dom, &seconds, &nseconds, args->flags) < 0) @@ -6724,13 +6541,10 @@ remoteDispatchNodeGetFreePages(virNetServerPtr server ATTRIBUTE_UNUSED, { int rv = -1; int len; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->pages.pages_len * args->cellCount > REMOTE_NODE_MAX_CELLS) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", @@ -6743,7 +6557,7 @@ remoteDispatchNodeGetFreePages(virNetServerPtr server ATTRIBUTE_UNUSED, args->pages.pages_len * args->cellCount) < 0) goto cleanup; - if ((len = virNodeGetFreePages(priv->conn, + if ((len = virNodeGetFreePages(conn, args->pages.pages_len, args->pages.pages_val, args->startCell, @@ -6837,17 +6651,15 @@ remoteDispatchNetworkGetDHCPLeases(virNetServerPtr server ATTRIBUTE_UNUSED, { int rv = -1; size_t i; - struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); virNetworkDHCPLeasePtr *leases = NULL; virNetworkPtr net = NULL; int nleases = 0; + virConnectPtr conn = remoteGetNetworkConn(client); - if (!priv->networkConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(net = get_nonnull_network(priv->networkConn, args->net))) + if (!(net = get_nonnull_network(conn, args->net))) goto cleanup; if ((nleases = virNetworkGetDHCPLeases(net, @@ -6905,22 +6717,20 @@ remoteDispatchConnectGetAllDomainStats(virNetServerPtr server ATTRIBUTE_UNUSED, { int rv = -1; size_t i; - struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); virDomainStatsRecordPtr *retStats = NULL; int nrecords = 0; virDomainPtr *doms = NULL; + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } if (args->doms.doms_len) { if (VIR_ALLOC_N(doms, args->doms.doms_len + 1) < 0) goto cleanup; for (i = 0; i < args->doms.doms_len; i++) { - if (!(doms[i] = get_nonnull_domain(priv->conn, args->doms.doms_val[i]))) + if (!(doms[i] = get_nonnull_domain(conn, args->doms.doms_val[i]))) goto cleanup; } @@ -6930,7 +6740,7 @@ remoteDispatchConnectGetAllDomainStats(virNetServerPtr server ATTRIBUTE_UNUSED, args->flags)) < 0) goto cleanup; } else { - if ((nrecords = virConnectGetAllDomainStats(priv->conn, + if ((nrecords = virConnectGetAllDomainStats(conn, args->stats, &retStats, args->flags)) < 0) @@ -6992,15 +6802,12 @@ remoteDispatchNodeAllocPages(virNetServerPtr server ATTRIBUTE_UNUSED, { int rv = -1; int len; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if ((len = virNodeAllocPages(priv->conn, + if ((len = virNodeAllocPages(conn, args->pageSizes.pageSizes_len, args->pageSizes.pageSizes_val, (unsigned long long *) args->pageCounts.pageCounts_val, @@ -7029,19 +6836,17 @@ remoteDispatchDomainGetFSInfo(virNetServerPtr server ATTRIBUTE_UNUSED, { int rv = -1; size_t i, j; - struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); virDomainFSInfoPtr *info = NULL; virDomainPtr dom = NULL; remote_domain_fsinfo *dst; int ninfo = 0; size_t ndisk; + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if ((ninfo = virDomainGetFSInfo(dom, &info, args->flags)) < 0) @@ -7226,15 +7031,12 @@ remoteDispatchDomainInterfaceAddresses(virNetServerPtr server ATTRIBUTE_UNUSED, virDomainPtr dom = NULL; virDomainInterfacePtr *ifaces = NULL; int ifaces_count = 0; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetHypervisorConn(client); - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(dom = get_nonnull_domain(priv->conn, args->dom))) + if (!(dom = get_nonnull_domain(conn, args->dom))) goto cleanup; if ((ifaces_count = virDomainInterfaceAddresses(dom, &ifaces, args->source, args->flags)) < 0) @@ -7272,15 +7074,12 @@ remoteDispatchStorageVolGetInfoFlags(virNetServerPtr server ATTRIBUTE_UNUSED, int rv = -1; virStorageVolPtr vol = NULL; virStorageVolInfo tmp; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetStorageConn(client); - if (!priv->storageConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(vol = get_nonnull_storage_vol(priv->storageConn, args->vol))) + if (!(vol = get_nonnull_storage_vol(conn, args->vol))) goto cleanup; if (virStorageVolGetInfoFlags(vol, &tmp, args->flags) < 0) @@ -7311,15 +7110,12 @@ remoteDispatchNetworkPortGetParameters(virNetServerPtr server ATTRIBUTE_UNUSED, virNetworkPortPtr port = NULL; virTypedParameterPtr params = NULL; int nparams = 0; - struct daemonClientPrivate *priv = - virNetServerClientGetPrivateData(client); + virConnectPtr conn = remoteGetNetworkConn(client); - if (!priv->networkConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + if (!conn) goto cleanup; - } - if (!(port = get_nonnull_network_port(priv->networkConn, args->port))) + if (!(port = get_nonnull_network_port(conn, args->port))) goto cleanup; if (virNetworkPortGetParameters(port, ¶ms, &nparams, args->flags) < 0) -- 2.21.0

On Tue, 2019-07-23 at 17:03 +0100, Daniel P. Berrangé wrote: [...]
+++ b/src/remote/remote_daemon_dispatch.c @@ -4210,14 +4128,13 @@ remoteDispatchConnectDomainEventRegister(virNetServerPtr server ATTRIBUTE_UNUSED daemonClientEventCallbackPtr ref; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); - - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); - goto cleanup; - } + virConnectPtr conn = remoteGetHypervisorConn(client);
virMutexLock(&priv->lock);
+ if (!conn) + goto cleanup; +
Shouldn't this be *before* the virMutexLock() call? As far as I can tell, that would match the existing behavior... The same is true for remoteDispatchConnectDomainEventDeregister() remoteDispatchConnectDomainEventRegisterAny() remoteDispatchConnectDomainEventDeregisterAny() remoteDispatchConnectDomainEventCallbackRegisterAny() remoteDispatchConnectDomainEventCallbackDeregisterAny() remoteDispatchConnectNetworkEventRegisterAny() remoteDispatchConnectNetworkEventDeregisterAny() remoteDispatchConnectStoragePoolEventRegisterAny() remoteDispatchConnectStoragePoolEventDeregisterAny() remoteDispatchConnectNodeDeviceEventRegisterAny() remoteDispatchConnectNodeDeviceEventDeregisterAny() remoteDispatchConnectSecretEventRegisterAny() remoteDispatchConnectSecretEventDeregisterAny() qemuDispatchConnectDomainMonitorEventRegister() qemuDispatchConnectDomainMonitorEventDeregister() With either all of them updated, if my understanding of the situation as described above is correct, or left as is otherwise, Reviewed-by: Andrea Bolognani <abologna@redhat.com> -- Andrea Bolognani / Red Hat / Virtualization

On Sun, Jul 28, 2019 at 08:19:40PM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:03 +0100, Daniel P. Berrangé wrote: [...]
+++ b/src/remote/remote_daemon_dispatch.c @@ -4210,14 +4128,13 @@ remoteDispatchConnectDomainEventRegister(virNetServerPtr server ATTRIBUTE_UNUSED daemonClientEventCallbackPtr ref; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); - - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); - goto cleanup; - } + virConnectPtr conn = remoteGetHypervisorConn(client);
virMutexLock(&priv->lock);
+ if (!conn) + goto cleanup; +
Shouldn't this be *before* the virMutexLock() call? As far as I can tell, that would match the existing behavior...
Looking at this I think the original code is broken. The "cleanup:" label calls virMutexUnlock(). So the original code was jumping to the cleanup label with an unlocked mutex and then unlocking it again.
The same is true for
remoteDispatchConnectDomainEventDeregister() remoteDispatchConnectDomainEventRegisterAny() remoteDispatchConnectDomainEventDeregisterAny() remoteDispatchConnectDomainEventCallbackRegisterAny() remoteDispatchConnectDomainEventCallbackDeregisterAny() remoteDispatchConnectNetworkEventRegisterAny() remoteDispatchConnectNetworkEventDeregisterAny() remoteDispatchConnectStoragePoolEventRegisterAny() remoteDispatchConnectStoragePoolEventDeregisterAny() remoteDispatchConnectNodeDeviceEventRegisterAny() remoteDispatchConnectNodeDeviceEventDeregisterAny() remoteDispatchConnectSecretEventRegisterAny() remoteDispatchConnectSecretEventDeregisterAny() qemuDispatchConnectDomainMonitorEventRegister() qemuDispatchConnectDomainMonitorEventDeregister()
With either all of them updated, if my understanding of the situation as described above is correct, or left as is otherwise,
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

On Mon, 2019-07-29 at 14:36 +0100, Daniel P. Berrangé wrote:
On Sun, Jul 28, 2019 at 08:19:40PM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:03 +0100, Daniel P. Berrangé wrote: [...]
+++ b/src/remote/remote_daemon_dispatch.c @@ -4210,14 +4128,13 @@ remoteDispatchConnectDomainEventRegister(virNetServerPtr server ATTRIBUTE_UNUSED daemonClientEventCallbackPtr ref; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); - - if (!priv->conn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); - goto cleanup; - } + virConnectPtr conn = remoteGetHypervisorConn(client);
virMutexLock(&priv->lock);
+ if (!conn) + goto cleanup; +
Shouldn't this be *before* the virMutexLock() call? As far as I can tell, that would match the existing behavior...
Looking at this I think the original code is broken. The "cleanup:" label calls virMutexUnlock(). So the original code was jumping to the cleanup label with an unlocked mutex and then unlocking it again.
Yeah, I thought the same but I'm not too familiar with this part of libvirt. If the existing code is wrong, then I think we should have a preparatory patch addressing the issue and only replace direct struct member access with use of the newly-introduced helper function in this one. What do you think? -- Andrea Bolognani / Red Hat / Virtualization

When the client has a connection to one of the hypervisor specific daemons (eg virtqemud), the app may still expect to use the secondary driver APIs (storage, network, etc). None of these will be registered in the hypervisor daemon, so we must explicitly open a connection to each of the daemons for the secondary drivers we need. We don't want to open these secondary driver connections at the same time as the primary connection is opened though. That would mean that establishing a connection to virtqemud would immediately trigger activation of virtnetworkd, virnwfilterd, etc despite that that these drivers may never be used by the app. Thus we only open the secondary driver connections at time of first use by an API call. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/remote/remote_daemon.h | 13 +++ src/remote/remote_daemon_dispatch.c | 146 ++++++++++++++++++---------- 2 files changed, 109 insertions(+), 50 deletions(-) diff --git a/src/remote/remote_daemon.h b/src/remote/remote_daemon.h index a403d2593a..a2d9af4036 100644 --- a/src/remote/remote_daemon.h +++ b/src/remote/remote_daemon.h @@ -70,12 +70,25 @@ struct daemonClientPrivate { * called, it will be set back to NULL if that succeeds. */ virConnectPtr conn; + + /* These secondary drivers may point back to 'conn' + * in the monolithic daemon setups. Otherwise they + * can be NULL and opened on first use, pointing + * to remote driver use of an external daemon + */ virConnectPtr interfaceConn; + const char *interfaceURI; virConnectPtr networkConn; + const char *networkURI; virConnectPtr nodedevConn; + const char *nodedevURI; virConnectPtr nwfilterConn; + const char *nwfilterURI; virConnectPtr secretConn; + const char *secretURI; virConnectPtr storageConn; + const char *storageURI; + bool readonly; daemonClientStreamPtr streams; }; diff --git a/src/remote/remote_daemon_dispatch.c b/src/remote/remote_daemon_dispatch.c index b677bd44ee..f1304695bd 100644 --- a/src/remote/remote_daemon_dispatch.c +++ b/src/remote/remote_daemon_dispatch.c @@ -1954,18 +1954,35 @@ remoteGetHypervisorConn(virNetServerClientPtr client) } +static virConnectPtr +remoteGetSecondaryConn(bool readonly, virConnectPtr *conn, const char *uri) +{ + if (!*conn) { + if (uri) { + VIR_DEBUG("Opening driver %s", uri); + if (readonly) + *conn = virConnectOpenReadOnly(uri); + else + *conn = virConnectOpen(uri); + if (!conn) + return NULL; + VIR_DEBUG("Opened driver %p", *conn); + } else { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + return NULL; + } + } + + return *conn; +} + static virConnectPtr remoteGetInterfaceConn(virNetServerClientPtr client) { struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); - if (!priv->interfaceConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connection not open")); - return NULL; - } - - return priv->interfaceConn; + return remoteGetSecondaryConn(priv->readonly, &priv->interfaceConn, priv->interfaceURI); } @@ -1975,12 +1992,7 @@ remoteGetNetworkConn(virNetServerClientPtr client) struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); - if (!priv->networkConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connection not open")); - return NULL; - } - - return priv->networkConn; + return remoteGetSecondaryConn(priv->readonly, &priv->networkConn, priv->networkURI); } @@ -1990,12 +2002,7 @@ remoteGetNodeDevConn(virNetServerClientPtr client) struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); - if (!priv->nodedevConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connection not open")); - return NULL; - } - - return priv->nodedevConn; + return remoteGetSecondaryConn(priv->readonly, &priv->nodedevConn, priv->nodedevURI); } @@ -2005,12 +2012,7 @@ remoteGetNWFilterConn(virNetServerClientPtr client) struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); - if (!priv->nwfilterConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connection not open")); - return NULL; - } - - return priv->nwfilterConn; + return remoteGetSecondaryConn(priv->readonly, &priv->nwfilterConn, priv->nwfilterURI); } @@ -2020,12 +2022,7 @@ remoteGetSecretConn(virNetServerClientPtr client) struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); - if (!priv->secretConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connection not open")); - return NULL; - } - - return priv->secretConn; + return remoteGetSecondaryConn(priv->readonly, &priv->secretConn, priv->secretURI); } @@ -2035,15 +2032,11 @@ remoteGetStorageConn(virNetServerClientPtr client) struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); - if (!priv->storageConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connection not open")); - return NULL; - } - - return priv->storageConn; + return remoteGetSecondaryConn(priv->readonly, &priv->storageConn, priv->storageURI); } + void *remoteClientNew(virNetServerClientPtr client, void *opaque ATTRIBUTE_UNUSED) { @@ -2075,6 +2068,9 @@ remoteDispatchConnectOpen(virNetServerPtr server ATTRIBUTE_UNUSED, unsigned int flags; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); int rv = -1; +#ifndef LIBVIRTD + const char *type = NULL; +#endif VIR_DEBUG("priv=%p conn=%p", priv, priv->conn); virMutexLock(&priv->lock); @@ -2093,20 +2089,70 @@ remoteDispatchConnectOpen(virNetServerPtr server ATTRIBUTE_UNUSED, if (virNetServerClientGetReadonly(client)) flags |= VIR_CONNECT_RO; - priv->conn = - flags & VIR_CONNECT_RO - ? virConnectOpenReadOnly(name) - : virConnectOpen(name); - - if (priv->conn == NULL) - goto cleanup; - - priv->interfaceConn = virObjectRef(priv->conn); - priv->networkConn = virObjectRef(priv->conn); - priv->nodedevConn = virObjectRef(priv->conn); - priv->nwfilterConn = virObjectRef(priv->conn); - priv->secretConn = virObjectRef(priv->conn); - priv->storageConn = virObjectRef(priv->conn); + priv->readonly = flags & VIR_CONNECT_RO; + + VIR_DEBUG("Opening driver %s", name); + if (!(priv->conn = priv->readonly ? + virConnectOpenReadOnly(name) : + virConnectOpen(name))) + goto cleanup; + VIR_DEBUG("Opened %p", priv->conn); + +#ifndef LIBVIRTD + if (!(type = virConnectGetType(priv->conn))) + goto cleanup; + + VIR_DEBUG("Primary driver type is '%s'", type); + if (STREQ(type, "QEMU") || + STREQ(type, "LIBXL") || + STREQ(type, "LXC") || + STREQ(type, "VBOX") || + STREQ(type, "bhyve") || + STREQ(type, "vz") || + STREQ(type, "Parallels")) { + VIR_DEBUG("Hypervisor driver found, setting URIs for secondary drivers"); + priv->interfaceURI = getuid() == 0 ? "interface:///system" : "interface:///session"; + priv->networkURI = getuid() == 0 ? "network:///system" : "network:///session"; + priv->nodedevURI = getuid() == 0 ? "nodedev:///system" : "nodedev:///session"; + if (getuid() == 0) + priv->nwfilterURI = "nwfilter:///system"; + priv->secretURI = getuid() == 0 ? "secret:///system" : "secret:///session"; + priv->storageURI = getuid() == 0 ? "storage:///system" : "storage:///session"; + } else if (STREQ(type, "interface")) { + VIR_DEBUG("Interface driver found"); + priv->interfaceConn = virObjectRef(priv->conn); + } else if (STREQ(type, "network")) { + VIR_DEBUG("Network driver found"); + priv->networkConn = virObjectRef(priv->conn); + } else if (STREQ(type, "nodedev")) { + VIR_DEBUG("Nodedev driver found"); + priv->nodedevConn = virObjectRef(priv->conn); + } else if (STREQ(type, "nwfilter")) { + VIR_DEBUG("NWFilter driver found"); + priv->nwfilterConn = virObjectRef(priv->conn); + } else if (STREQ(type, "secret")) { + VIR_DEBUG("Secret driver found"); + priv->secretConn = virObjectRef(priv->conn); + } else if (STREQ(type, "storage")) { + VIR_DEBUG("Storage driver found"); + priv->storageConn = virObjectRef(priv->conn); + + /* Co-open the secret driver, as apps using the storage driver may well + * need access to secrets for storage auth + */ + priv->secretURI = getuid() == 0 ? "secret:///system" : "secret:///session"; + } else { +#endif /* LIBVIRTD */ + VIR_DEBUG("Pointing secondary drivers to primary"); + priv->interfaceConn = virObjectRef(priv->conn); + priv->networkConn = virObjectRef(priv->conn); + priv->nodedevConn = virObjectRef(priv->conn); + priv->nwfilterConn = virObjectRef(priv->conn); + priv->secretConn = virObjectRef(priv->conn); + priv->storageConn = virObjectRef(priv->conn); +#ifndef LIBVIRTD + } +#endif /* LIBVIRTD */ /* force update the @readonly attribute which was inherited from the * virNetServerService object - this is important for sockets that are RW -- 2.21.0

On Tue, Jul 23, 2019 at 05:03:14PM +0100, Daniel P. Berrangé wrote:
When the client has a connection to one of the hypervisor specific daemons (eg virtqemud), the app may still expect to use the secondary driver APIs (storage, network, etc). None of these will be registered in the hypervisor daemon, so we must explicitly open a connection to each of the daemons for the secondary drivers we need.
We don't want to open these secondary driver connections at the same time as the primary connection is opened though. That would mean that establishing a connection to virtqemud would immediately trigger activation of virtnetworkd, virnwfilterd, etc despite that that these drivers may never be used by the app.
Thus we only open the secondary driver connections at time of first use by an API call.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/remote/remote_daemon.h | 13 +++ src/remote/remote_daemon_dispatch.c | 146 ++++++++++++++++++---------- 2 files changed, 109 insertions(+), 50 deletions(-)
diff --git a/src/remote/remote_daemon_dispatch.c b/src/remote/remote_daemon_dispatch.c index b677bd44ee..f1304695bd 100644 --- a/src/remote/remote_daemon_dispatch.c +++ b/src/remote/remote_daemon_dispatch.c @@ -1954,18 +1954,35 @@ remoteGetHypervisorConn(virNetServerClientPtr client) }
+static virConnectPtr +remoteGetSecondaryConn(bool readonly, virConnectPtr *conn, const char *uri) +{ + if (!*conn) { + if (uri) { + VIR_DEBUG("Opening driver %s", uri); + if (readonly) + *conn = virConnectOpenReadOnly(uri); + else + *conn = virConnectOpen(uri); + if (!conn) + return NULL;
This needs to be !*conn
+ VIR_DEBUG("Opened driver %p", *conn); + } else { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not open")); + return NULL; + } + } + + return *conn; +}
Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

On Tue, 2019-07-23 at 17:03 +0100, Daniel P. Berrangé wrote: [...]
+++ b/src/remote/remote_daemon_dispatch.c @@ -1954,18 +1954,35 @@ remoteGetHypervisorConn(virNetServerClientPtr client) }
+static virConnectPtr +remoteGetSecondaryConn(bool readonly, virConnectPtr *conn, const char *uri)
We seem to mostly have a single empty line between functions in this file, so please stick to that style. Also, have each argument on its own line. Additional comments: it personally would make more sense to me if readonly was the last argument, though I won't object if you prefer keeping it this way; however, the way you return the connection pointer in addition to storing it in the user-provided location looks weird to me. You could have static bool remoteGetSecondaryConn(virConnectPtr *conn, const char *uri, bool readonly) or actually even static void remoteGetSecondaryConn(virConnectPtr *conn, const char *uri, bool readonly) since you're not doing any additional check on the return value in the caller. Then... [...]
static virConnectPtr remoteGetInterfaceConn(virNetServerClientPtr client) { struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client);
- if (!priv->interfaceConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connection not open")); - return NULL; - } - - return priv->interfaceConn; + return remoteGetSecondaryConn(priv->readonly, &priv->interfaceConn, priv->interfaceURI);
... you could leave the 'return' statement alone, and just replace the check on priv->xxxConn with a call to remoteGetSecondaryConn(). [...]
}
+ void *remoteClientNew(virNetServerClientPtr client, void *opaque ATTRIBUTE_UNUSED)
Unrelated whitespace change. [...]
@@ -2093,20 +2089,70 @@ remoteDispatchConnectOpen(virNetServerPtr server ATTRIBUTE_UNUSED, + VIR_DEBUG("Opening driver %s", name); + if (!(priv->conn = priv->readonly ? + virConnectOpenReadOnly(name) : + virConnectOpen(name))) + goto cleanup; + VIR_DEBUG("Opened %p", priv->conn);
Ewww. Please get rid of the Elvis operator and just use a regular if/else instead.
+ +#ifndef LIBVIRTD + if (!(type = virConnectGetType(priv->conn))) + goto cleanup; + + VIR_DEBUG("Primary driver type is '%s'", type); + if (STREQ(type, "QEMU") || + STREQ(type, "LIBXL") || + STREQ(type, "LXC") || + STREQ(type, "VBOX") || + STREQ(type, "bhyve") || + STREQ(type, "vz") || + STREQ(type, "Parallels")) {
Wait, we store the connection type as a string? Ewww.
+ VIR_DEBUG("Hypervisor driver found, setting URIs for secondary drivers"); + priv->interfaceURI = getuid() == 0 ? "interface:///system" : "interface:///session"; + priv->networkURI = getuid() == 0 ? "network:///system" : "network:///session"; + priv->nodedevURI = getuid() == 0 ? "nodedev:///system" : "nodedev:///session"; + if (getuid() == 0) + priv->nwfilterURI = "nwfilter:///system"; + priv->secretURI = getuid() == 0 ? "secret:///system" : "secret:///session"; + priv->storageURI = getuid() == 0 ? "storage:///system" : "storage:///session";
Lots of repeated calls to getuid() and lots of Elvis operators here... I would rewrite it along the lines of if (getuid() == 0) { priv->interfaceURI = "interface:///system"; priv->networkURI = "network:///system"; priv->nodedevURI = "nodedev:///system"; priv->secretURI = "secret:///system"; priv->storageURI = "storage:///system"; priv->nwfilterURI = "nwfilter:///system"; } else { priv->interfaceURI = "interface:///session"; priv->networkURI = "network:///session"; priv->nodedevURI = "nodedev:///session"; priv->secretURI = "secret:///session"; priv->storageURI = "storage:///session"; /* No session URI for the nwfilter driver */ } [...]
+ } else if (STREQ(type, "storage")) { + VIR_DEBUG("Storage driver found"); + priv->storageConn = virObjectRef(priv->conn); + + /* Co-open the secret driver, as apps using the storage driver may well + * need access to secrets for storage auth + */ + priv->secretURI = getuid() == 0 ? "secret:///system" : "secret:///session";
Again, lose the Elvis operator. Could there be other dependencies like this one we might be missing? I guess we're gonna find out as people start using this :)
+ } else { +#endif /* LIBVIRTD */
The comment should be "! LIBVIRTD". Same below.
+ VIR_DEBUG("Pointing secondary drivers to primary"); + priv->interfaceConn = virObjectRef(priv->conn); + priv->networkConn = virObjectRef(priv->conn); + priv->nodedevConn = virObjectRef(priv->conn); + priv->nwfilterConn = virObjectRef(priv->conn); + priv->secretConn = virObjectRef(priv->conn); + priv->storageConn = virObjectRef(priv->conn);
Do we even need this code for the non-libvirtd case? We have listed all drivers, primary and secondary, above, so I can't think of any valid reason we'd end up here unless there's a bug, and in that case we'd just be masking it, no? So the structure should be more like #ifdef LIBVIRTD /* point all secondary drivers to primary */ #else /* ! LIBVIRTD */ if (STREQ(type, ...) { ... } else if (STREQ(type, ...) { ... } else { /* freak out */ } #endif /* ! LIBVIRTD */ -- Andrea Bolognani / Red Hat / Virtualization

On Mon, Jul 29, 2019 at 10:33:08AM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:03 +0100, Daniel P. Berrangé wrote: [...]
+++ b/src/remote/remote_daemon_dispatch.c @@ -1954,18 +1954,35 @@ remoteGetHypervisorConn(virNetServerClientPtr client) }
+static virConnectPtr +remoteGetSecondaryConn(bool readonly, virConnectPtr *conn, const char *uri)
We seem to mostly have a single empty line between functions in this file, so please stick to that style. Also, have each argument on its own line.
Additional comments: it personally would make more sense to me if readonly was the last argument, though I won't object if you prefer keeping it this way; however, the way you return the connection pointer in addition to storing it in the user-provided location looks weird to me.
You could have
static bool remoteGetSecondaryConn(virConnectPtr *conn, const char *uri, bool readonly)
or actually even
static void remoteGetSecondaryConn(virConnectPtr *conn, const char *uri, bool readonly)
since you're not doing any additional check on the return value in the caller. Then...
[...]
static virConnectPtr remoteGetInterfaceConn(virNetServerClientPtr client) { struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client);
- if (!priv->interfaceConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connection not open")); - return NULL; - } - - return priv->interfaceConn; + return remoteGetSecondaryConn(priv->readonly, &priv->interfaceConn, priv->interfaceURI);
... you could leave the 'return' statement alone, and just replace the check on priv->xxxConn with a call to remoteGetSecondaryConn().
[...]
}
+ void *remoteClientNew(virNetServerClientPtr client, void *opaque ATTRIBUTE_UNUSED)
Unrelated whitespace change.
[...]
@@ -2093,20 +2089,70 @@ remoteDispatchConnectOpen(virNetServerPtr server ATTRIBUTE_UNUSED, + VIR_DEBUG("Opening driver %s", name); + if (!(priv->conn = priv->readonly ? + virConnectOpenReadOnly(name) : + virConnectOpen(name))) + goto cleanup; + VIR_DEBUG("Opened %p", priv->conn);
Ewww. Please get rid of the Elvis operator and just use a regular if/else instead.
+ +#ifndef LIBVIRTD + if (!(type = virConnectGetType(priv->conn))) + goto cleanup; + + VIR_DEBUG("Primary driver type is '%s'", type); + if (STREQ(type, "QEMU") || + STREQ(type, "LIBXL") || + STREQ(type, "LXC") || + STREQ(type, "VBOX") || + STREQ(type, "bhyve") || + STREQ(type, "vz") || + STREQ(type, "Parallels")) {
Wait, we store the connection type as a string? Ewww.
+ VIR_DEBUG("Hypervisor driver found, setting URIs for secondary drivers"); + priv->interfaceURI = getuid() == 0 ? "interface:///system" : "interface:///session"; + priv->networkURI = getuid() == 0 ? "network:///system" : "network:///session"; + priv->nodedevURI = getuid() == 0 ? "nodedev:///system" : "nodedev:///session"; + if (getuid() == 0) + priv->nwfilterURI = "nwfilter:///system"; + priv->secretURI = getuid() == 0 ? "secret:///system" : "secret:///session"; + priv->storageURI = getuid() == 0 ? "storage:///system" : "storage:///session";
Lots of repeated calls to getuid() and lots of Elvis operators here... I would rewrite it along the lines of
if (getuid() == 0) { priv->interfaceURI = "interface:///system"; priv->networkURI = "network:///system"; priv->nodedevURI = "nodedev:///system"; priv->secretURI = "secret:///system"; priv->storageURI = "storage:///system"; priv->nwfilterURI = "nwfilter:///system"; } else { priv->interfaceURI = "interface:///session"; priv->networkURI = "network:///session"; priv->nodedevURI = "nodedev:///session"; priv->secretURI = "secret:///session"; priv->storageURI = "storage:///session"; /* No session URI for the nwfilter driver */ }
[...]
+ } else if (STREQ(type, "storage")) { + VIR_DEBUG("Storage driver found"); + priv->storageConn = virObjectRef(priv->conn); + + /* Co-open the secret driver, as apps using the storage driver may well + * need access to secrets for storage auth + */ + priv->secretURI = getuid() == 0 ? "secret:///system" : "secret:///session";
Again, lose the Elvis operator.
Could there be other dependencies like this one we might be missing? I guess we're gonna find out as people start using this :)
+ } else { +#endif /* LIBVIRTD */
The comment should be "! LIBVIRTD". Same below.
+ VIR_DEBUG("Pointing secondary drivers to primary"); + priv->interfaceConn = virObjectRef(priv->conn); + priv->networkConn = virObjectRef(priv->conn); + priv->nodedevConn = virObjectRef(priv->conn); + priv->nwfilterConn = virObjectRef(priv->conn); + priv->secretConn = virObjectRef(priv->conn); + priv->storageConn = virObjectRef(priv->conn);
Do we even need this code for the non-libvirtd case? We have listed all drivers, primary and secondary, above, so I can't think of any valid reason we'd end up here unless there's a bug, and in that case we'd just be masking it, no? So the structure should be more like
It is handling the remote driver case for virtproxyd, but we could make that more explicit.
#ifdef LIBVIRTD /* point all secondary drivers to primary */ #else /* ! LIBVIRTD */ if (STREQ(type, ...) { ... } else if (STREQ(type, ...) { ... } else { /* freak out */ } #endif /* ! LIBVIRTD */
Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

On Mon, 2019-07-29 at 14:46 +0100, Daniel P. Berrangé wrote:
On Mon, Jul 29, 2019 at 10:33:08AM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:03 +0100, Daniel P. Berrangé wrote:
+ VIR_DEBUG("Pointing secondary drivers to primary"); + priv->interfaceConn = virObjectRef(priv->conn); + priv->networkConn = virObjectRef(priv->conn); + priv->nodedevConn = virObjectRef(priv->conn); + priv->nwfilterConn = virObjectRef(priv->conn); + priv->secretConn = virObjectRef(priv->conn); + priv->storageConn = virObjectRef(priv->conn);
Do we even need this code for the non-libvirtd case? We have listed all drivers, primary and secondary, above, so I can't think of any valid reason we'd end up here unless there's a bug, and in that case we'd just be masking it, no?
It is handling the remote driver case for virtproxyd, but we could make that more explicit.
Yeah, that'd be great! I didn't realize that was the case at all. -- Andrea Bolognani / Red Hat / Virtualization

The virtproxyd daemon is merely responsible for forwarding RPC calls to one of the other per-driver daemons. As such, it does not have any drivers loaded and so regular auto-probing logic will not work. We need it to be able to handle NULL URIs though, so must implement some kind of alternative probing logic. When running as root this is quite crude. If a per-driver daemon is running, its UNIX socket will exist and we can assume it will accept connections. If the per-driver daemon is not running, but socket autostart is enabled, we again just assume it will accept connections. The is not great, however, because a default install may well have all sockets available for activation. IOW, the virtxend socket may exist, despite the fact that the libxl driver will not actually work. When running as non-root this is slightly easier as we only have two drivers, QEMU and VirtualBox. These daemons will likely not be running and socket activation won't be used either, as libvirt spawns the daemon on demand. So we just check whether the daemon actually is installed. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/remote/Makefile.inc.am | 1 + src/remote/remote_daemon_dispatch.c | 135 +++++++++++++++++++++++++++- 2 files changed, 135 insertions(+), 1 deletion(-) diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index 7b4f6a10bc..7f67495a0d 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -236,6 +236,7 @@ virtproxyd_CFLAGS = \ -DSOCK_PREFIX="\"libvirt\"" \ -DDAEMON_NAME="\"virtproxyd\"" \ -DENABLE_IP \ + -DVIRTPROXYD \ $(NULL) virtproxyd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS) virtproxyd_LDADD = $(REMOTE_DAEMON_LD_ADD) diff --git a/src/remote/remote_daemon_dispatch.c b/src/remote/remote_daemon_dispatch.c index f1304695bd..964d5d8347 100644 --- a/src/remote/remote_daemon_dispatch.c +++ b/src/remote/remote_daemon_dispatch.c @@ -50,6 +50,7 @@ #include "viraccessapicheckqemu.h" #include "virpolkit.h" #include "virthreadjob.h" +#include "configmake.h" #define VIR_FROM_THIS VIR_FROM_RPC @@ -2057,6 +2058,126 @@ void *remoteClientNew(virNetServerClientPtr client, /*----- Functions. -----*/ +#ifdef VIRTPROXYD +/* + * When running in virtproxyd regular auto-probing of drivers + * does not work as we don't have any drivers present (except + * stateless ones inside libvirt.so). All the interesting + * drivers are in separate daemons. Thus when we get a NULL + * URI we need to simulate probing that virConnectOpen would + * previously do. We use the existance of the UNIX domain + * socket as our hook for probing. + * + * This assumes no stale sockets left over from a now dead + * daemon, but that's reasonable since libvirtd unlinks + * sockets it creates on shutdown, or uses systemd activation + * + * We only try to probe for primary hypervisor drivers, + * not the secondary drivers. + */ +static int +remoteDispatchProbeURI(bool readonly, char **probeduri) +{ + *probeduri = NULL; + VIR_DEBUG("Probing for driver daemon sockets"); + + /* + * If running root, either the daemon is running and the socket + * exists, or we're using socket activation so the socket exists + * too. + * + * If running non-root, chances are that the daemon won't be + * running, nor any socket activation is used. We need to + * be able to auto-spawn the daemon. We thus just check to + * see what daemons are installed. This is not a big deal as + * only QEMU & VBox run as non-root, anyway. + */ + if (geteuid() != 0) { + /* Order these the same as virDriverLoadModule + * calls in daemonInitialize */ + const char *drivers[] = { +# ifdef WITH_QEMU + "qemu", +# endif +# ifdef WITH_VBOX + "vbox", +# endif + }; + size_t i; + + for (i = 0; i < ARRAY_CARDINALITY(drivers) && !*probeduri; i++) { + VIR_AUTOFREE(char *)daemonname = NULL; + + if (!(daemonname = virFileFindResource("virtqemud", "src", BINDIR))) + return -1; + + if (!virFileExists(daemonname)) { + VIR_DEBUG("Missing daemon %s for driver %s", daemonname, drivers[i]); + continue; + } + + if (virAsprintf(probeduri, "%s:///session", drivers[i]) < 0) + return -1; + + VIR_DEBUG("Probed URI %s via sock %s", *probeduri, daemonname); + return 0; + } + } else { + /* Order these the same as virDriverLoadModule + * calls in daemonInitialize */ + const char *drivers[] = { +# ifdef WITH_LIBXL + "libxl", +# endif +# ifdef WITH_QEMU + "qemu", +# endif +# ifdef WITH_LXC + "lxc", +# endif +# ifdef WITH_VBOX + "vbox", +# endif +# ifdef WITH_BHYVE + "bhyve", +# endif +# ifdef WITH_VZ + "vz", +# endif + }; + size_t i; + + for (i = 0; i < ARRAY_CARDINALITY(drivers) && !*probeduri; i++) { + VIR_AUTOFREE(char *) sockname = NULL; + + if (virAsprintf(&sockname, "%s/run/libvirt/virt%sd-%s", + LOCALSTATEDIR, drivers[i], + readonly ? "sock-ro" : "sock") < 0) + return -1; + + if (!virFileExists(sockname)) { + VIR_DEBUG("Missing sock %s for driver %s", sockname, drivers[i]); + continue; + } + + if (virAsprintf(probeduri, "%s:///system", drivers[i]) < 0) + return -1; + + VIR_DEBUG("Probed URI %s via sock %s", *probeduri, sockname); + return 0; + } + } + + /* Even if we didn't probe any socket, we won't + * return error. Just let virConnectOpen's normal + * logic run which will likely return an error anyway + */ + VIR_DEBUG("No driver sock exists"); + return 0; +} +#endif /* VIRTPROXYD */ + + static int remoteDispatchConnectOpen(virNetServerPtr server ATTRIBUTE_UNUSED, virNetServerClientPtr client, @@ -2065,6 +2186,9 @@ remoteDispatchConnectOpen(virNetServerPtr server ATTRIBUTE_UNUSED, struct remote_connect_open_args *args) { const char *name; +#ifdef VIRTPROXYD + VIR_AUTOFREE(char *)probeduri = NULL; +#endif unsigned int flags; struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); int rv = -1; @@ -2091,7 +2215,16 @@ remoteDispatchConnectOpen(virNetServerPtr server ATTRIBUTE_UNUSED, priv->readonly = flags & VIR_CONNECT_RO; - VIR_DEBUG("Opening driver %s", name); +#ifdef VIRTPROXYD + if (!name || STREQ(name, "")) { + if (remoteDispatchProbeURI(priv->readonly, &probeduri) < 0) + goto cleanup; + + name = probeduri; + } +#endif + + VIR_DEBUG("Opening driver '%s'", name); if (!(priv->conn = priv->readonly ? virConnectOpenReadOnly(name) : virConnectOpen(name))) -- 2.21.0

On Tue, 2019-07-23 at 17:03 +0100, Daniel P. Berrangé wrote: [...]
+++ b/src/remote/remote_daemon_dispatch.c +static int +remoteDispatchProbeURI(bool readonly, char **probeduri)
Once again, there should be one argument per line and a personal preference I'd rather have readonly as the last one, but you can safely ignore the latter comment if you feel otherwise. [...]
+ for (i = 0; i < ARRAY_CARDINALITY(drivers) && !*probeduri; i++) { + VIR_AUTOFREE(char *)daemonname = NULL;
Missing space between "(char *)" and "daemonname".
+ if (!(daemonname = virFileFindResource("virtqemud", "src", BINDIR))) + return -1;
Err, no :) First of all, you need to use virAsprintf() or similar to build the name of the daemon, since the above will not work for the vbox driver; additionally, we install the daemons in SBINDIR, so you need to look for them there rather than in BINDIR. [...]
+ VIR_DEBUG("Probed URI %s via sock %s", *probeduri, daemonname);
s/sock/daemon/ [...]
+ /* Even if we didn't probe any socket, we won't + * return error. Just let virConnectOpen's normal + * logic run which will likely return an error anyway + */
I didn't verify this myself, but I hope that when you wrote "likely" above what you really meant was "definitely", "certainly", "absolutely", "without any doubt" or something along those lines ;) [...]
@@ -2065,6 +2186,9 @@ remoteDispatchConnectOpen(virNetServerPtr server ATTRIBUTE_UNUSED, struct remote_connect_open_args *args) { const char *name; +#ifdef VIRTPROXYD + VIR_AUTOFREE(char *)probeduri = NULL; +#endif
Missing space between "(char *)" and "probeduri". -- Andrea Bolognani / Red Hat / Virtualization

On Mon, Jul 29, 2019 at 12:25:08PM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:03 +0100, Daniel P. Berrangé wrote: [...]
+++ b/src/remote/remote_daemon_dispatch.c +static int +remoteDispatchProbeURI(bool readonly, char **probeduri)
Once again, there should be one argument per line and a personal preference I'd rather have readonly as the last one, but you can safely ignore the latter comment if you feel otherwise.
probeduri is an output parameter, and by convention those should always be last.
[...]
+ /* Even if we didn't probe any socket, we won't + * return error. Just let virConnectOpen's normal + * logic run which will likely return an error anyway + */
I didn't verify this myself, but I hope that when you wrote "likely" above what you really meant was "definitely", "certainly", "absolutely", "without any doubt" or something along those lines ;)
It could still fallback to open a stateless driver, so "likely" is correct. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Instead of open-coding a string -> enum conversion, use the enum helpers for the remote driver transport. The old code uses STRCASEEQ, so we must force the URI transport to lowercase for sake of back-compatibility. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/remote/remote_driver.c | 112 ++++++++++++++++++------------------- 1 file changed, 56 insertions(+), 56 deletions(-) diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index e04bb3153d..0500998502 100644 --- a/src/remote/remote_driver.c +++ b/src/remote/remote_driver.c @@ -49,11 +49,29 @@ #include "virauth.h" #include "virauthconfig.h" #include "virstring.h" +#include "c-ctype.h" #define VIR_FROM_THIS VIR_FROM_REMOTE VIR_LOG_INIT("remote.remote_driver"); +typedef enum { + REMOTE_DRIVER_TRANSPORT_TLS, + REMOTE_DRIVER_TRANSPORT_UNIX, + REMOTE_DRIVER_TRANSPORT_SSH, + REMOTE_DRIVER_TRANSPORT_LIBSSH2, + REMOTE_DRIVER_TRANSPORT_EXT, + REMOTE_DRIVER_TRANSPORT_TCP, + REMOTE_DRIVER_TRANSPORT_LIBSSH, + + REMOTE_DRIVER_TRANSPORT_LAST, +} remoteDriverTransport; + +VIR_ENUM_DECL(remoteDriverTransport); +VIR_ENUM_IMPL(remoteDriverTransport, + REMOTE_DRIVER_TRANSPORT_LAST, + "tls", "unix", "ssh", "libssh2", "ext", "tcp", "libssh"); + #if SIZEOF_LONG < 8 # define HYPER_TO_TYPE(_type, _to, _from) \ do { \ @@ -174,10 +192,17 @@ static int remoteSplitURIScheme(virURIPtr uri, if (VIR_STRNDUP(*driver, uri->scheme, p ? p - uri->scheme : -1) < 0) return -1; - if (p && - VIR_STRDUP(*transport, p + 1) < 0) { - VIR_FREE(*driver); - return -1; + if (p) { + if (VIR_STRDUP(*transport, p + 1) < 0) { + VIR_FREE(*driver); + return -1; + } + + p = *transport; + while (*p) { + *p = c_tolower(*p); + p++; + } } return 0; @@ -776,15 +801,7 @@ doRemoteOpen(virConnectPtr conn, virConfPtr conf, unsigned int flags) { - enum { - trans_tls, - trans_unix, - trans_ssh, - trans_libssh2, - trans_ext, - trans_tcp, - trans_libssh, - } transport; + int transport; #ifndef WIN32 VIR_AUTOFREE(char *) daemonPath = NULL; #endif @@ -813,42 +830,25 @@ doRemoteOpen(virConnectPtr conn, if (conn->uri) { if (!transport_str) { if (conn->uri->server) - transport = trans_tls; + transport = REMOTE_DRIVER_TRANSPORT_TLS; else - transport = trans_unix; + transport = REMOTE_DRIVER_TRANSPORT_UNIX; } else { - if (STRCASEEQ(transport_str, "tls")) { - transport = trans_tls; - } else if (STRCASEEQ(transport_str, "unix")) { - if (conn->uri->server) { - virReportError(VIR_ERR_INVALID_ARG, - _("using unix socket and remote " - "server '%s' is not supported."), - conn->uri->server); - return VIR_DRV_OPEN_ERROR; - } else { - transport = trans_unix; - } - } else if (STRCASEEQ(transport_str, "ssh")) { - transport = trans_ssh; - } else if (STRCASEEQ(transport_str, "libssh2")) { - transport = trans_libssh2; - } else if (STRCASEEQ(transport_str, "ext")) { - transport = trans_ext; - } else if (STRCASEEQ(transport_str, "tcp")) { - transport = trans_tcp; - } else if (STRCASEEQ(transport_str, "libssh")) { - transport = trans_libssh; - } else { - virReportError(VIR_ERR_INVALID_ARG, "%s", - _("remote_open: transport in URL not recognised " - "(should be tls|unix|ssh|ext|tcp|libssh2|libssh)")); + if ((transport = remoteDriverTransportTypeFromString(transport_str)) < 0) + return VIR_DRV_OPEN_ERROR; + + if (transport == REMOTE_DRIVER_TRANSPORT_UNIX && + conn->uri->server) { + virReportError(VIR_ERR_INVALID_ARG, + _("using unix socket and remote " + "server '%s' is not supported."), + conn->uri->server); return VIR_DRV_OPEN_ERROR; } } } else { /* No URI, then must be probing so use UNIX socket */ - transport = trans_unix; + transport = REMOTE_DRIVER_TRANSPORT_UNIX; } /* @@ -859,7 +859,7 @@ doRemoteOpen(virConnectPtr conn, * not require any external libraries or command execution */ if (virIsSUID() && - transport != trans_unix) { + transport != REMOTE_DRIVER_TRANSPORT_UNIX) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("Only Unix socket URI transport is allowed in setuid mode")); return VIR_DRV_OPEN_ERROR; @@ -870,10 +870,10 @@ doRemoteOpen(virConnectPtr conn, if (conn->uri && conn->uri->port != 0) { if (virAsprintf(&port, "%d", conn->uri->port) < 0) goto failed; - } else if (transport == trans_tls) { + } else if (transport == REMOTE_DRIVER_TRANSPORT_TLS) { if (VIR_STRDUP(port, LIBVIRTD_TLS_PORT) < 0) goto failed; - } else if (transport == trans_tcp) { + } else if (transport == REMOTE_DRIVER_TRANSPORT_TCP) { if (VIR_STRDUP(port, LIBVIRTD_TCP_PORT) < 0) goto failed; } /* Port not used for unix, ext., default for ssh */ @@ -957,7 +957,7 @@ doRemoteOpen(virConnectPtr conn, VIR_DEBUG("proceeding with name = %s", name); /* For ext transport, command is required. */ - if (transport == trans_ext && !command) { + if (transport == REMOTE_DRIVER_TRANSPORT_EXT && !command) { virReportError(VIR_ERR_INVALID_ARG, "%s", _("remote_open: for 'ext' transport, command is required")); goto failed; @@ -966,7 +966,7 @@ doRemoteOpen(virConnectPtr conn, VIR_DEBUG("Connecting with transport %d", transport); /* Connect to the remote service. */ switch (transport) { - case trans_tls: + case REMOTE_DRIVER_TRANSPORT_TLS: if (conf && !tls_priority && virConfGetValueString(conf, "tls_priority", &tls_priority) < 0) goto failed; @@ -989,7 +989,7 @@ doRemoteOpen(virConnectPtr conn, goto failed; #endif - case trans_tcp: + case REMOTE_DRIVER_TRANSPORT_TCP: priv->client = virNetClientNewTCP(priv->hostname, port, AF_UNSPEC); if (!priv->client) goto failed; @@ -1004,7 +1004,7 @@ doRemoteOpen(virConnectPtr conn, break; - case trans_libssh2: + case REMOTE_DRIVER_TRANSPORT_LIBSSH2: if (!sockname) { /* Right now we don't support default session connections */ if (flags & VIR_DRV_OPEN_REMOTE_USER) { @@ -1039,7 +1039,7 @@ doRemoteOpen(virConnectPtr conn, priv->is_secure = 1; break; - case trans_libssh: + case REMOTE_DRIVER_TRANSPORT_LIBSSH: if (!sockname) { /* Right now we don't support default session connections */ if (flags & VIR_DRV_OPEN_REMOTE_USER) { @@ -1075,7 +1075,7 @@ doRemoteOpen(virConnectPtr conn, break; #ifndef WIN32 - case trans_unix: + case REMOTE_DRIVER_TRANSPORT_UNIX: if (!sockname) { if (flags & VIR_DRV_OPEN_REMOTE_USER) sockname = remoteGetUNIXSocketNonRoot(); @@ -1101,7 +1101,7 @@ doRemoteOpen(virConnectPtr conn, priv->is_secure = 1; break; - case trans_ssh: + case REMOTE_DRIVER_TRANSPORT_SSH: if (!command && VIR_STRDUP(command, "ssh") < 0) goto failed; @@ -1133,7 +1133,7 @@ doRemoteOpen(virConnectPtr conn, priv->is_secure = 1; break; - case trans_ext: { + case REMOTE_DRIVER_TRANSPORT_EXT: { char const *cmd_argv[] = { command, NULL }; if (!(priv->client = virNetClientNewExternal(cmd_argv))) goto failed; @@ -1145,9 +1145,9 @@ doRemoteOpen(virConnectPtr conn, #else /* WIN32 */ - case trans_unix: - case trans_ssh: - case trans_ext: + case REMOTE_DRIVER_TRANSPORT_UNIX: + case REMOTE_DRIVER_TRANSPORT_SSH: + case REMOTE_DRIVER_TRANSPORT_EXT: virReportError(VIR_ERR_INVALID_ARG, "%s", _("transport methods unix, ssh and ext are not supported " "under Windows")); -- 2.21.0

On Tue, 2019-07-23 at 17:03 +0100, Daniel P. Berrangé wrote: [...]
+++ b/src/remote/remote_driver.c +VIR_ENUM_IMPL(remoteDriverTransport, + REMOTE_DRIVER_TRANSPORT_LAST, + "tls", "unix", "ssh", "libssh2", "ext", "tcp", "libssh");
One line per enum value, please. [...]
@@ -174,10 +192,17 @@ static int remoteSplitURIScheme(virURIPtr uri, + p = *transport; + while (*p) { + *p = c_tolower(*p); + p++; + }
I can't believe we don't have a virString helper for this. Oh well. [...]
- if (STRCASEEQ(transport_str, "tls")) { - transport = trans_tls; [...] - } else if (STRCASEEQ(transport_str, "libssh")) { - transport = trans_libssh; - } else { - virReportError(VIR_ERR_INVALID_ARG, "%s", - _("remote_open: transport in URL not recognised " - "(should be tls|unix|ssh|ext|tcp|libssh2|libssh)")); + if ((transport = remoteDriverTransportTypeFromString(transport_str)) < 0) + return VIR_DRV_OPEN_ERROR;
You're no longer calling virReportError() when the user attempts to use an unknown transport. While I don't think hardcoding the list of valid transport in the error message is a good idea, neither is failing without telling the user what they did wrong. Please restore the virReportError() call. [...]
@@ -966,7 +966,7 @@ doRemoteOpen(virConnectPtr conn, VIR_DEBUG("Connecting with transport %d", transport); /* Connect to the remote service. */ switch (transport) {
Idea for a follow-up patch: "transport" could be cast to remoteDriverTransport here, so that the compiler will ensure we're covering all possible values. Anyway, with the VIR_ENUM_IMPL() arguments formatted correctly and some error message reported on unknown transport, Reviewed-by: Andrea Bolognani <abologna@redhat.com> -- Andrea Bolognani / Red Hat / Virtualization

The ssh, libssh, libssh2 & unix transports all need to use a UNIX socket path, and duplicate some of the same logic for error checking. Pull this out into a separate method to increase code sharing. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/remote/remote_driver.c | 111 ++++++++++++------------------------- 1 file changed, 36 insertions(+), 75 deletions(-) diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index 0500998502..6dc282c139 100644 --- a/src/remote/remote_driver.c +++ b/src/remote/remote_driver.c @@ -739,34 +739,35 @@ remoteConnectSupportsFeatureUnlocked(virConnectPtr conn, } -#ifndef WIN32 -static char *remoteGetUNIXSocketNonRoot(void) +static char * +remoteGetUNIXSocket(remoteDriverTransport transport, + unsigned int flags) { char *sockname = NULL; - char *userdir = virGetUserRuntimeDirectory(); - - if (!userdir) - return NULL; + VIR_AUTOFREE(char *userdir); + + if (flags & VIR_DRV_OPEN_REMOTE_USER) { + if (transport != REMOTE_DRIVER_TRANSPORT_UNIX) { + virReportError(VIR_ERR_OPERATION_UNSUPPORTED, + _("Connecting to session instance without " + "socket path is not supported by the %s " + "transport"), + remoteDriverTransportTypeToString(transport)); + return NULL; + } + if (!(userdir = virGetUserRuntimeDirectory())) + return NULL; - if (virAsprintf(&sockname, "%s/" LIBVIRTD_USER_UNIX_SOCKET, userdir) < 0) { - VIR_FREE(userdir); - return NULL; + if (virAsprintf(&sockname, + "%s/" LIBVIRTD_USER_UNIX_SOCKET, userdir) < 0) + return NULL; + } else { + if (VIR_STRDUP(sockname, + flags & VIR_DRV_OPEN_REMOTE_RO ? + LIBVIRTD_PRIV_UNIX_SOCKET_RO : + LIBVIRTD_PRIV_UNIX_SOCKET) < 0) + return NULL; } - VIR_FREE(userdir); - - VIR_DEBUG("Chosen UNIX sockname %s", sockname); - return sockname; -} -#endif /* WIN32 */ - -static char *remoteGetUNIXSocketRoot(unsigned int flags) -{ - char *sockname = NULL; - - if (VIR_STRDUP(sockname, - flags & VIR_DRV_OPEN_REMOTE_RO ? - LIBVIRTD_PRIV_UNIX_SOCKET_RO : LIBVIRTD_PRIV_UNIX_SOCKET) < 0) - return NULL; VIR_DEBUG("Chosen UNIX sockname %s", sockname); return sockname; @@ -964,6 +965,17 @@ doRemoteOpen(virConnectPtr conn, } VIR_DEBUG("Connecting with transport %d", transport); + + if ((transport == REMOTE_DRIVER_TRANSPORT_UNIX || + transport == REMOTE_DRIVER_TRANSPORT_SSH || + transport == REMOTE_DRIVER_TRANSPORT_LIBSSH || + transport == REMOTE_DRIVER_TRANSPORT_LIBSSH2) && + !sockname && + !(sockname = remoteGetUNIXSocket(transport, flags))) + goto failed; + + VIR_DEBUG("Chosen UNIX socket %s", NULLSTR(sockname)); + /* Connect to the remote service. */ switch (transport) { case REMOTE_DRIVER_TRANSPORT_TLS: @@ -1005,20 +1017,6 @@ doRemoteOpen(virConnectPtr conn, break; case REMOTE_DRIVER_TRANSPORT_LIBSSH2: - if (!sockname) { - /* Right now we don't support default session connections */ - if (flags & VIR_DRV_OPEN_REMOTE_USER) { - virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", - _("Connecting to session instance without " - "socket path is not supported by the libssh2 " - "connection driver")); - goto failed; - } - - if (!(sockname = remoteGetUNIXSocketRoot(flags))) - goto failed; - } - VIR_DEBUG("Starting LibSSH2 session"); priv->client = virNetClientNewLibSSH2(priv->hostname, @@ -1040,20 +1038,6 @@ doRemoteOpen(virConnectPtr conn, break; case REMOTE_DRIVER_TRANSPORT_LIBSSH: - if (!sockname) { - /* Right now we don't support default session connections */ - if (flags & VIR_DRV_OPEN_REMOTE_USER) { - virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", - _("Connecting to session instance without " - "socket path is not supported by the libssh " - "connection driver")); - goto failed; - } - - if (!(sockname = remoteGetUNIXSocketRoot(flags))) - goto failed; - } - VIR_DEBUG("Starting libssh session"); priv->client = virNetClientNewLibssh(priv->hostname, @@ -1076,15 +1060,6 @@ doRemoteOpen(virConnectPtr conn, #ifndef WIN32 case REMOTE_DRIVER_TRANSPORT_UNIX: - if (!sockname) { - if (flags & VIR_DRV_OPEN_REMOTE_USER) - sockname = remoteGetUNIXSocketNonRoot(); - else - sockname = remoteGetUNIXSocketRoot(flags); - if (!sockname) - goto failed; - } - if ((flags & VIR_DRV_OPEN_REMOTE_AUTOSTART) && !(daemonPath = virFileFindResourceFull("libvirtd", NULL, NULL, @@ -1105,20 +1080,6 @@ doRemoteOpen(virConnectPtr conn, if (!command && VIR_STRDUP(command, "ssh") < 0) goto failed; - if (!sockname) { - /* Right now we don't support default session connections */ - if (flags & VIR_DRV_OPEN_REMOTE_USER) { - virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", - _("Connecting to session instance without " - "socket path is not supported by the ssh " - "connection driver")); - goto failed; - } - - if (!(sockname = remoteGetUNIXSocketRoot(flags))) - goto failed; - } - if (!(priv->client = virNetClientNewSSH(priv->hostname, port, command, -- 2.21.0

On Tue, 2019-07-23 at 17:03 +0100, Daniel P. Berrangé wrote: [...]
+++ b/src/remote/remote_driver.c @@ -739,34 +739,35 @@ remoteConnectSupportsFeatureUnlocked(virConnectPtr conn, +static char * +remoteGetUNIXSocket(remoteDriverTransport transport, + unsigned int flags) { char *sockname = NULL; - char *userdir = virGetUserRuntimeDirectory(); - - if (!userdir) - return NULL; + VIR_AUTOFREE(char *userdir);
This should be VIR_AUTOFREE(char *) userdir = NULL;
@@ -964,6 +965,17 @@ doRemoteOpen(virConnectPtr conn, + if ((transport == REMOTE_DRIVER_TRANSPORT_UNIX || + transport == REMOTE_DRIVER_TRANSPORT_SSH || + transport == REMOTE_DRIVER_TRANSPORT_LIBSSH || + transport == REMOTE_DRIVER_TRANSPORT_LIBSSH2) && + !sockname && + !(sockname = remoteGetUNIXSocket(transport, flags))) + goto failed;
The check for transport type should be implemented as a switch statement for maximum futureproofness. With at least the "userdir" declaration fixed, Reviewed-by: Andrea Bolognani <abologna@redhat.com> -- Andrea Bolognani / Red Hat / Virtualization

Historically URIs handled by the remote driver will always connect to the libvirtd UNIX socket. There will now be one daemon per driver, and each of these has its own UNIX sockets to connect to. It will still be possible to run the traditional monolithic libvirtd though, which will have the original UNIX socket path. In addition there is a virproxyd daemon that doesn't run any drivers, but provides proxying for clients accessing libvirt over IP sockets, or tunnelling to the legacy libvirtd UNIX socket path. Finally when running inside a daemon, the remote driver must not reject connections unconditionally. For example, the QEMU driver needs to be able to connect to the network driver. The remote driver must thus be willing to handle connections even when inside the daemon, provided no local driver is registered. This refactoring causes the remote driver to prefer connecting to the per-driver daemons. The URI parameter "mode" accepts the values "auto", "direct" and "legacy" to control which daemons are connected to. The client side libvirt.conf config file also supports a "remote_mode" setting which is used if the URI parameter is not set. If neither the config file or URI parameter set a mode, then "auto" is used, whereby the client looks to see which sockets actually exist right now. The remote driver will only ever spawn the per-driver daemons, or the legacy libvirtd. It won't ever try to spawn virtproxyd, as that is only there for IP based connectivity, or for access from legacy remote clients. If connecting to a remote host over any kind of ssh tunnel, for now we must assume only the legacy socket exists. A future patch will introduce a netcat replacement that is tailored for libvirt to make remote tunnelling easier. The configure arg '--with-remote-default-mode=legacy|direct' allows packagers to set a default at build time. If not given, it will default to direct mode. In RPM builds this is overriden, because before we can default to the new daemons, we must get SELinux policy written & the timeframe for that is unclear at this stage. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- libvirt.spec.in | 1 + m4/virt-driver-remote.m4 | 15 +++ src/driver.h | 2 + src/libvirt.c | 24 +++++ src/remote/remote_driver.c | 207 ++++++++++++++++++++++++++++++++----- src/remote/remote_driver.h | 3 - 6 files changed, 226 insertions(+), 26 deletions(-) diff --git a/libvirt.spec.in b/libvirt.spec.in index 3e897459f1..be4bbdfa1f 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1170,6 +1170,7 @@ rm -f po/stamp-po --without-xenapi \ --without-vz \ --without-bhyve \ + --with-remote-default-mode=legacy \ --with-interface \ --with-network \ --with-storage-fs \ diff --git a/m4/virt-driver-remote.m4 b/m4/virt-driver-remote.m4 index c7af5b3fc6..67ba580446 100644 --- a/m4/virt-driver-remote.m4 +++ b/m4/virt-driver-remote.m4 @@ -19,6 +19,7 @@ dnl AC_DEFUN([LIBVIRT_DRIVER_ARG_REMOTE], [ LIBVIRT_ARG_WITH_FEATURE([REMOTE], [remote driver], [yes]) + LIBVIRT_ARG_WITH([REMOTE_DEFAULT_MODE], [remote driver default mode], [direct]) ]) AC_DEFUN([LIBVIRT_DRIVER_CHECK_REMOTE], [ @@ -26,6 +27,20 @@ AC_DEFUN([LIBVIRT_DRIVER_CHECK_REMOTE], [ AC_DEFINE_UNQUOTED([WITH_REMOTE], 1, [whether Remote driver is enabled]) fi AM_CONDITIONAL([WITH_REMOTE], [test "$with_remote" = "yes"]) + + case "$with_remote_default_mode" in + legacy) + REMOTE_DRIVER_MODE_DEFAULT=REMOTE_DRIVER_MODE_LEGACY + ;; + direct) + REMOTE_DRIVER_MODE_DEFAULT=REMOTE_DRIVER_MODE_DIRECT + ;; + *) + AC_MSG_ERROR([Unknown remote mode '$with_remote_default_mode']) + ;; + esac + + AC_DEFINE_UNQUOTED([REMOTE_DRIVER_MODE_DEFAULT],[$REMOTE_DRIVER_MODE_DEFAULT], [Default remote driver mode]) ]) AC_DEFUN([LIBVIRT_DRIVER_RESULT_REMOTE], [ diff --git a/src/driver.h b/src/driver.h index 898fb96df4..f7d667a03c 100644 --- a/src/driver.h +++ b/src/driver.h @@ -108,6 +108,8 @@ int virSetSharedNWFilterDriver(virNWFilterDriverPtr driver) ATTRIBUTE_RETURN_CHE int virSetSharedSecretDriver(virSecretDriverPtr driver) ATTRIBUTE_RETURN_CHECK; int virSetSharedStorageDriver(virStorageDriverPtr driver) ATTRIBUTE_RETURN_CHECK; +bool virHasDriverForURIScheme(const char *scheme); + int virDriverLoadModule(const char *name, const char *regfunc, bool required); diff --git a/src/libvirt.c b/src/libvirt.c index 4d6def2e0a..22efd4da95 100644 --- a/src/libvirt.c +++ b/src/libvirt.c @@ -601,6 +601,30 @@ virRegisterConnectDriver(virConnectDriverPtr driver, } +/** + * virHasDriverForURIScheme: + * @scheme: the URI scheme + * + * Determine if there is a driver registered that explicitly + * handles URIs with the scheme @scheme. + * + * Returns: true if a driver is registered + */ +bool virHasDriverForURIScheme(const char *scheme) +{ + size_t i, j; + for (i = 0; i < virConnectDriverTabCount; i++) { + if (!virConnectDriverTab[i]->uriSchemes) + continue; + for (j = 0; virConnectDriverTab[i]->uriSchemes[j]; j++) { + if (STREQ(virConnectDriverTab[i]->uriSchemes[j], scheme)) + return true; + } + } + + return false; +} + /** * virRegisterStateDriver: * @driver: pointer to a driver block diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index 6dc282c139..667a92714f 100644 --- a/src/remote/remote_driver.c +++ b/src/remote/remote_driver.c @@ -72,6 +72,22 @@ VIR_ENUM_IMPL(remoteDriverTransport, REMOTE_DRIVER_TRANSPORT_LAST, "tls", "unix", "ssh", "libssh2", "ext", "tcp", "libssh"); +typedef enum { + /* Prefer per-driver virt*d daemons, but fallback to legacy libvirtd */ + REMOTE_DRIVER_MODE_AUTO, + /* Always use the legacy libvirtd */ + REMOTE_DRIVER_MODE_LEGACY, + /* Always use the per-driver virt*d daemons */ + REMOTE_DRIVER_MODE_DIRECT, + + REMOTE_DRIVER_MODE_LAST +} remoteDriverMode; + +VIR_ENUM_DECL(remoteDriverMode); +VIR_ENUM_IMPL(remoteDriverMode, + REMOTE_DRIVER_MODE_LAST, + "auto", "legacy", "direct"); + #if SIZEOF_LONG < 8 # define HYPER_TO_TYPE(_type, _to, _from) \ do { \ @@ -92,6 +108,7 @@ VIR_ENUM_IMPL(remoteDriverTransport, static bool inside_daemon; + struct private_data { virMutex lock; @@ -740,11 +757,12 @@ remoteConnectSupportsFeatureUnlocked(virConnectPtr conn, static char * -remoteGetUNIXSocket(remoteDriverTransport transport, - unsigned int flags) +remoteGetUNIXSocketHelper(remoteDriverTransport transport, + const char *sock_prefix, + unsigned int flags) { char *sockname = NULL; - VIR_AUTOFREE(char *userdir); + VIR_AUTOFREE(char *) userdir = NULL; if (flags & VIR_DRV_OPEN_REMOTE_USER) { if (transport != REMOTE_DRIVER_TRANSPORT_UNIX) { @@ -758,21 +776,126 @@ remoteGetUNIXSocket(remoteDriverTransport transport, if (!(userdir = virGetUserRuntimeDirectory())) return NULL; - if (virAsprintf(&sockname, - "%s/" LIBVIRTD_USER_UNIX_SOCKET, userdir) < 0) + if (virAsprintf(&sockname, "%s/%s-sock", + userdir, sock_prefix) < 0) return NULL; } else { - if (VIR_STRDUP(sockname, - flags & VIR_DRV_OPEN_REMOTE_RO ? - LIBVIRTD_PRIV_UNIX_SOCKET_RO : - LIBVIRTD_PRIV_UNIX_SOCKET) < 0) + if (virAsprintf(&sockname, "%s/run/libvirt/%s-%s", + LOCALSTATEDIR, sock_prefix, + flags & VIR_DRV_OPEN_REMOTE_RO ? + "sock-ro" : "sock") < 0) return NULL; } - VIR_DEBUG("Chosen UNIX sockname %s", sockname); + VIR_DEBUG("Built UNIX sockname %s for transport %s prefix %s flags=0x%x", + sockname, remoteDriverTransportTypeToString(transport), + sock_prefix, flags); return sockname; } + +static char * +remoteGetUNIXSocket(remoteDriverTransport transport, + remoteDriverMode mode, + const char *driver, + char **daemon, + unsigned int flags) +{ + char *sock_name = NULL; + VIR_AUTOFREE(char *) direct_daemon = NULL; + VIR_AUTOFREE(char *) legacy_daemon = NULL; + VIR_AUTOFREE(char *) direct_sock_name = NULL; + VIR_AUTOFREE(char *) legacy_sock_name = NULL; + + if (driver && + virAsprintf(&direct_daemon, "virt%sd", driver) < 0) + return NULL; + + if (VIR_STRDUP(legacy_daemon, "libvirtd") < 0) + return NULL; + + if (driver && + !(direct_sock_name = remoteGetUNIXSocketHelper(transport, direct_daemon, flags))) + return NULL; + + if (!(legacy_sock_name = remoteGetUNIXSocketHelper(transport, "libvirt", flags))) + return NULL; + + if (mode == REMOTE_DRIVER_MODE_AUTO) { + if (transport == REMOTE_DRIVER_TRANSPORT_UNIX) { + if (direct_sock_name && virFileExists(direct_sock_name)) { + mode = REMOTE_DRIVER_MODE_DIRECT; + } else if (virFileExists(legacy_sock_name)) { + mode = REMOTE_DRIVER_MODE_LEGACY; + } else if (driver) { + /* + * This constant comes from the configure script and + * maps to either the direct or legacy mode constant + */ + mode = REMOTE_DRIVER_MODE_DEFAULT; + } else { + mode = REMOTE_DRIVER_MODE_LEGACY; + } + } else { + mode = REMOTE_DRIVER_MODE_LEGACY; + } + } + + if (mode == REMOTE_DRIVER_MODE_LEGACY) { + sock_name = legacy_sock_name; + legacy_sock_name = NULL; + *daemon = legacy_daemon; + legacy_daemon = NULL; + } else if (mode == REMOTE_DRIVER_MODE_DIRECT) { + if (transport != REMOTE_DRIVER_TRANSPORT_UNIX) { + virReportError(VIR_ERR_OPERATION_UNSUPPORTED, + _("Cannot use direct socket mode for %s transport"), + remoteDriverTransportTypeToString(transport)); + return NULL; + } + + if (!direct_sock_name) { + virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", + _("Cannot use direct socket mode if no URI is set")); + return NULL; + } + + sock_name = direct_sock_name; + direct_sock_name = NULL; + *daemon = direct_daemon; + direct_daemon = NULL; + } else { + virReportEnumRangeError(remoteDriverMode, mode); + return NULL; + } + + VIR_DEBUG("Chosen UNIX sockname %s daemon %s " + "for mode %s transport %s flags=0x%x", + sock_name, NULLSTR(*daemon), + remoteDriverModeTypeToString(mode), + remoteDriverTransportTypeToString(transport), + flags); + return sock_name; +} + + +#ifndef WIN32 +static const char * +remoteGetDaemonPathEnv(void) +{ + /* We prefer a VIRTD_PATH env var to use for all daemons, + * but if it is not set we will fallback to LIBVIRTD_PATH + * for previous behaviour + */ + if (virGetEnvBlockSUID("VIRTD_PATH") != NULL) { + return "VIRTD_PATH"; + } else { + return "LIBVIRTD_PATH"; + } +} +#endif /* WIN32 */ + + /* * URIs that this driver needs to handle: * @@ -819,11 +942,20 @@ doRemoteOpen(virConnectPtr conn, VIR_AUTOFREE(char *) sshauth = NULL; VIR_AUTOFREE(char *) knownHostsVerify = NULL; VIR_AUTOFREE(char *) knownHosts = NULL; + VIR_AUTOFREE(char *) mode_str = NULL; + VIR_AUTOFREE(char *) daemon_name = NULL; bool sanity = true; bool verify = true; #ifndef WIN32 bool tty = true; #endif + int mode; + + if (inside_daemon && !conn->uri->server) { + mode = REMOTE_DRIVER_MODE_DIRECT; + } else { + mode = REMOTE_DRIVER_MODE_AUTO; + } /* We handle *ALL* URIs here. The caller has rejected any * URIs we don't care about */ @@ -908,7 +1040,7 @@ doRemoteOpen(virConnectPtr conn, EXTRACT_URI_ARG_STR("known_hosts", knownHosts); EXTRACT_URI_ARG_STR("known_hosts_verify", knownHostsVerify); EXTRACT_URI_ARG_STR("tls_priority", tls_priority); - + EXTRACT_URI_ARG_STR("mode", mode_str); EXTRACT_URI_ARG_BOOL("no_sanity", sanity); EXTRACT_URI_ARG_BOOL("no_verify", verify); #ifndef WIN32 @@ -955,6 +1087,21 @@ doRemoteOpen(virConnectPtr conn, goto failed; } + if (conf && !mode_str && + virConfGetValueString(conf, "remote_mode", &mode_str) < 0) + goto failed; + + if (mode_str && + (mode = remoteDriverModeTypeFromString(mode_str)) < 0) + goto failed; + + /* Sanity check that nothing requested !direct mode by mistake */ + if (inside_daemon && !conn->uri->server && mode != REMOTE_DRIVER_MODE_DIRECT) { + virReportError(VIR_ERR_INVALID_ARG, "%s", + _("Connections from inside daemon must be direct")); + return VIR_DRV_OPEN_ERROR; + } + VIR_DEBUG("proceeding with name = %s", name); /* For ext transport, command is required. */ @@ -971,7 +1118,8 @@ doRemoteOpen(virConnectPtr conn, transport == REMOTE_DRIVER_TRANSPORT_LIBSSH || transport == REMOTE_DRIVER_TRANSPORT_LIBSSH2) && !sockname && - !(sockname = remoteGetUNIXSocket(transport, flags))) + !(sockname = remoteGetUNIXSocket(transport, mode, driver_str, + &daemon_name, flags))) goto failed; VIR_DEBUG("Chosen UNIX socket %s", NULLSTR(sockname)); @@ -1060,13 +1208,15 @@ doRemoteOpen(virConnectPtr conn, #ifndef WIN32 case REMOTE_DRIVER_TRANSPORT_UNIX: - if ((flags & VIR_DRV_OPEN_REMOTE_AUTOSTART) && - !(daemonPath = virFileFindResourceFull("libvirtd", - NULL, NULL, - abs_top_builddir "/src", - SBINDIR, - "LIBVIRTD_PATH"))) - goto failed; + if (flags & VIR_DRV_OPEN_REMOTE_AUTOSTART) { + const char *env_name = remoteGetDaemonPathEnv(); + if (!(daemonPath = virFileFindResourceFull(daemon_name, + NULL, NULL, + abs_top_builddir "/src", + SBINDIR, + env_name))) + goto failed; + } if (!(priv->client = virNetClientNewUNIX(sockname, flags & VIR_DRV_OPEN_REMOTE_AUTOSTART, @@ -1177,7 +1327,7 @@ doRemoteOpen(virConnectPtr conn, { remote_connect_open_args args = { &name, flags }; - VIR_DEBUG("Trying to open URI %s", name); + VIR_DEBUG("Trying to open URI '%s'", name); if (call(conn, priv, 0, REMOTE_PROC_CONNECT_OPEN, (xdrproc_t) xdr_remote_connect_open_args, (char *) &args, (xdrproc_t) xdr_void, (char *) NULL) == -1) @@ -1279,9 +1429,20 @@ remoteConnectOpen(virConnectPtr conn, remoteSplitURIScheme(conn->uri, &driver, &transport) < 0) goto cleanup; - if (inside_daemon && (!conn->uri || !conn->uri->server)) { - ret = VIR_DRV_OPEN_DECLINED; - goto cleanup; + if (inside_daemon) { + if (!conn->uri) { + ret = VIR_DRV_OPEN_DECLINED; + goto cleanup; + } + + /* If there's a driver registered we must defer to that. + * If there isn't a driver, we must connect in "direct" + * mode - see doRemoteOpen */ + if (!conn->uri->server && + virHasDriverForURIScheme(driver)) { + ret = VIR_DRV_OPEN_DECLINED; + goto cleanup; + } } if (!(priv = remoteAllocPrivateData())) diff --git a/src/remote/remote_driver.h b/src/remote/remote_driver.h index 132e478ef3..1fab5a6cc4 100644 --- a/src/remote/remote_driver.h +++ b/src/remote/remote_driver.h @@ -31,9 +31,6 @@ unsigned long remoteVersion(void); #define LIBVIRTD_LISTEN_ADDR NULL #define LIBVIRTD_TLS_PORT "16514" #define LIBVIRTD_TCP_PORT "16509" -#define LIBVIRTD_PRIV_UNIX_SOCKET LOCALSTATEDIR "/run/libvirt/libvirt-sock" -#define LIBVIRTD_PRIV_UNIX_SOCKET_RO LOCALSTATEDIR "/run/libvirt/libvirt-sock-ro" -#define LIBVIRTD_USER_UNIX_SOCKET "libvirt-sock" /* Defaults for PKI directory. */ #define LIBVIRT_PKI_DIR SYSCONFDIR "/pki" -- 2.21.0

On Tue, 2019-07-23 at 17:03 +0100, Daniel P. Berrangé wrote: [...]
If connecting to a remote host over any kind of ssh tunnel, for now we must assume only the legacy socket exists. A future patch will introduce a netcat replacement that is tailored for libvirt to make remote tunnelling easier.
The configure arg '--with-remote-default-mode=legacy|direct' allows packagers to set a default at build time. If not given, it will default to direct mode.
In RPM builds this is overriden, because before we can default to the new daemons, we must get SELinux policy written & the timeframe for that is unclear at this stage.
If direct mode is not ready to be the default for RPM builds, then it's not ready to be the default for any build. Let's stick with legacy mode as the default until we have the missing pieces you mention and also the code has undergone more testing.
+++ b/src/libvirt.c @@ -601,6 +601,30 @@ virRegisterConnectDriver(virConnectDriverPtr driver, +/** + * virHasDriverForURIScheme: + * @scheme: the URI scheme + * + * Determine if there is a driver registered that explicitly + * handles URIs with the scheme @scheme. + * + * Returns: true if a driver is registered + */ +bool virHasDriverForURIScheme(const char *scheme)
Return type on a separate line.
+{ + size_t i, j;
One variable declaration per line. Also, leave an empty line between variable declarations and the rest of the function. [...]
+++ b/src/remote/remote_driver.c +typedef enum { + /* Prefer per-driver virt*d daemons, but fallback to legacy libvirtd */ + REMOTE_DRIVER_MODE_AUTO,
I mean, even with --with-remote-default-mode=direct this comment is not really accurate, since the algorithm is more nuanced than this. Please use a more neutral language. [...]
+VIR_ENUM_IMPL(remoteDriverMode, + REMOTE_DRIVER_MODE_LAST, + "auto", "legacy", "direct");
One enum value per line. [...]
@@ -92,6 +108,7 @@ VIR_ENUM_IMPL(remoteDriverTransport, static bool inside_daemon;
+ struct private_data { virMutex lock;
Unrelated whitespace change. [...]
+remoteGetUNIXSocketHelper(remoteDriverTransport transport, + const char *sock_prefix, + unsigned int flags) { char *sockname = NULL; - VIR_AUTOFREE(char *userdir); + VIR_AUTOFREE(char *) userdir = NULL;
Once you declare userdir correctly in the first place, this hunk will go away :) [...]
@@ -758,21 +776,126 @@ remoteGetUNIXSocket(remoteDriverTransport transport, if (!(userdir = virGetUserRuntimeDirectory())) return NULL;
- if (virAsprintf(&sockname, - "%s/" LIBVIRTD_USER_UNIX_SOCKET, userdir) < 0) + if (virAsprintf(&sockname, "%s/%s-sock", + userdir, sock_prefix) < 0)
I kinda just noticed, but don't we support R/O connections in session mode? [...]
+static char * +remoteGetUNIXSocket(remoteDriverTransport transport, + remoteDriverMode mode, + const char *driver, + char **daemon, + unsigned int flags) +{ [...] + if (mode == REMOTE_DRIVER_MODE_LEGACY) { + sock_name = legacy_sock_name; + legacy_sock_name = NULL; + *daemon = legacy_daemon; + legacy_daemon = NULL;
This is VIR_STEAL_PTR(sock_name, legacy_sock_name); VIR_STEAL_PTR(*daemon, legacy_daemon);
+ } else if (mode == REMOTE_DRIVER_MODE_DIRECT) { + if (transport != REMOTE_DRIVER_TRANSPORT_UNIX) { + virReportError(VIR_ERR_OPERATION_UNSUPPORTED, + _("Cannot use direct socket mode for %s transport"), + remoteDriverTransportTypeToString(transport)); + return NULL; + } + + if (!direct_sock_name) { + virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", + _("Cannot use direct socket mode if no URI is set")); + return NULL; + }
Is the error message accurate? We should be way past making sure we have a URI to work with by now.
+ sock_name = direct_sock_name; + direct_sock_name = NULL; + *daemon = direct_daemon; + direct_daemon = NULL;
This is VIR_STEAL_PTR(sock_name, direct_sock_name); VIR_STEAL_PTR(*daemon, direct_daemon);
+ } else { + virReportEnumRangeError(remoteDriverMode, mode); + return NULL; + }
See, I was going to suggest you turn this into a switch statement anyway, but the fact that you have used virReportEnumRangeError() here definitely seals the deal :) [...]
+#ifndef WIN32 +static const char * +remoteGetDaemonPathEnv(void) +{ + /* We prefer a VIRTD_PATH env var to use for all daemons, + * but if it is not set we will fallback to LIBVIRTD_PATH + * for previous behaviour + */ + if (virGetEnvBlockSUID("VIRTD_PATH") != NULL) { + return "VIRTD_PATH"; + } else { + return "LIBVIRTD_PATH"; + } +} +#endif /* WIN32 */
I don't think this function needs to be guarded by 'ifndef WIN32': we already do so at the call site, and AFAICT there's nothing in the helper itself that warrants compiling it out on Windows. [...]
@@ -819,11 +942,20 @@ doRemoteOpen(virConnectPtr conn, VIR_AUTOFREE(char *) sshauth = NULL; VIR_AUTOFREE(char *) knownHostsVerify = NULL; VIR_AUTOFREE(char *) knownHosts = NULL; + VIR_AUTOFREE(char *) mode_str = NULL; + VIR_AUTOFREE(char *) daemon_name = NULL; bool sanity = true; bool verify = true; #ifndef WIN32 bool tty = true; #endif + int mode;
This could be remoteDriverNode. [...]
@@ -955,6 +1087,21 @@ doRemoteOpen(virConnectPtr conn, goto failed; }
+ if (conf && !mode_str && + virConfGetValueString(conf, "remote_mode", &mode_str) < 0) + goto failed;
We definitely need to document the "remote_mode" daemon configuration knob properly, along with the "mode" URI parameter... The rest looks good, even though I don't think I can confidently claim that I have a clear mental picture of all the nuances involved in routing connections to the appropriate endpoints, and I will feel much better about the changes once they've been subjected to extensive testing. -- Andrea Bolognani / Red Hat / Virtualization

On Mon, Jul 29, 2019 at 02:32:31PM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:03 +0100, Daniel P. Berrangé wrote: [...]
If connecting to a remote host over any kind of ssh tunnel, for now we must assume only the legacy socket exists. A future patch will introduce a netcat replacement that is tailored for libvirt to make remote tunnelling easier.
The configure arg '--with-remote-default-mode=legacy|direct' allows packagers to set a default at build time. If not given, it will default to direct mode.
In RPM builds this is overriden, because before we can default to the new daemons, we must get SELinux policy written & the timeframe for that is unclear at this stage.
@@ -758,21 +776,126 @@ remoteGetUNIXSocket(remoteDriverTransport transport, if (!(userdir = virGetUserRuntimeDirectory())) return NULL;
- if (virAsprintf(&sockname, - "%s/" LIBVIRTD_USER_UNIX_SOCKET, userdir) < 0) + if (virAsprintf(&sockname, "%s/%s-sock", + userdir, sock_prefix) < 0)
I kinda just noticed, but don't we support R/O connections in session mode?
The client app is required to be the same user ID as the daemon. As such there's no meaningful security separation between the two from a DAC pov, so R/O socket was deemed to be a waste of time. If you had SELinux strictly locking things down it could be considered slightly more secure, but no one has ever cared enough to enable it.
+ if (!direct_sock_name) { + virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", + _("Cannot use direct socket mode if no URI is set")); + return NULL; + }
Is the error message accurate? We should be way past making sure we have a URI to work with by now.
We'll only hit direct_sock_name == NULL, if driver == NULL. We'll only hit driver == NULL, if the original URI was NULL.
+#ifndef WIN32 +static const char * +remoteGetDaemonPathEnv(void) +{ + /* We prefer a VIRTD_PATH env var to use for all daemons, + * but if it is not set we will fallback to LIBVIRTD_PATH + * for previous behaviour + */ + if (virGetEnvBlockSUID("VIRTD_PATH") != NULL) { + return "VIRTD_PATH"; + } else { + return "LIBVIRTD_PATH"; + } +} +#endif /* WIN32 */
I don't think this function needs to be guarded by 'ifndef WIN32': we already do so at the call site, and AFAICT there's nothing in the helper itself that warrants compiling it out on Windows.
It is a static function, so will trigger an unused function warning. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

On Mon, 2019-07-29 at 16:49 +0100, Daniel P. Berrangé wrote:
On Mon, Jul 29, 2019 at 02:32:31PM +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:03 +0100, Daniel P. Berrangé wrote:
- if (virAsprintf(&sockname, - "%s/" LIBVIRTD_USER_UNIX_SOCKET, userdir) < 0) + if (virAsprintf(&sockname, "%s/%s-sock", + userdir, sock_prefix) < 0)
I kinda just noticed, but don't we support R/O connections in session mode?
The client app is required to be the same user ID as the daemon. As such there's no meaningful security separation between the two from a DAC pov, so R/O socket was deemed to be a waste of time.
If you had SELinux strictly locking things down it could be considered slightly more secure, but no one has ever cared enough to enable it.
Alright.
+ if (!direct_sock_name) { + virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", + _("Cannot use direct socket mode if no URI is set")); + return NULL; + }
Is the error message accurate? We should be way past making sure we have a URI to work with by now.
We'll only hit direct_sock_name == NULL, if driver == NULL.
We'll only hit driver == NULL, if the original URI was NULL.
Okay.
+#ifndef WIN32 +static const char * +remoteGetDaemonPathEnv(void) +{ + /* We prefer a VIRTD_PATH env var to use for all daemons, + * but if it is not set we will fallback to LIBVIRTD_PATH + * for previous behaviour + */ + if (virGetEnvBlockSUID("VIRTD_PATH") != NULL) { + return "VIRTD_PATH"; + } else { + return "LIBVIRTD_PATH"; + } +} +#endif /* WIN32 */
I don't think this function needs to be guarded by 'ifndef WIN32': we already do so at the call site, and AFAICT there's nothing in the helper itself that warrants compiling it out on Windows.
It is a static function, so will trigger an unused function warning.
You've convinced me, so Reviewed-by: Andrea Bolognani <abologna@redhat.com> if you address the style issues and most importantly switch the default mode to legacy. -- Andrea Bolognani / Red Hat / Virtualization

Turning a NULL URI instead the empty string is very misleading when reading the debug logs as the distinction between the two is functionally important. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/libvirt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libvirt.c b/src/libvirt.c index 22efd4da95..7055f8e317 100644 --- a/src/libvirt.c +++ b/src/libvirt.c @@ -920,7 +920,7 @@ virConnectOpenInternal(const char *name, goto failed; VIR_DEBUG("%s driver URI probe returned '%s'", virConnectDriverTab[i]->hypervisorDriver->name, - NULLSTR_EMPTY(uristr)); + NULLSTR(uristr)); } } } -- 2.21.0

On Tue, 2019-07-23 at 17:03 +0100, Daniel P. Berrangé wrote:
Turning a NULL URI instead the empty string is very misleading when reading the debug logs as the distinction between the two is functionally important.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/libvirt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
This looks like it could have been waaay earlier in the series, or even pushed trivially outside of it... I guess you wanted to have a little treat for whoever made it to the end of the series! :) Looking forward to v3! -- Andrea Bolognani / Red Hat / Virtualization

On Mon, 2019-07-29 at 14:34 +0200, Andrea Bolognani wrote:
On Tue, 2019-07-23 at 17:03 +0100, Daniel P. Berrangé wrote:
Turning a NULL URI instead the empty string is very misleading when reading the debug logs as the distinction between the two is functionally important.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/libvirt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
This looks like it could have been waaay earlier in the series, or even pushed trivially outside of it... I guess you wanted to have a little treat for whoever made it to the end of the series! :)
Looking forward to v3!
And of course I forgot the most important bit: Reviewed-by: Andrea Bolognani <abologna@redhat.com> -- Andrea Bolognani / Red Hat / Virtualization
participants (3)
-
Andrea Bolognani
-
Daniel P. Berrangé
-
Jim Fehlig