[libvirt] [PATCH 1/3] Create /var/lib/libvirt/filesystems for LXC trees
From: "Daniel P. Berrange" <berrange@redhat.com> We already have a /var/lib/libvirt/images for OS install images. We need a separate /var/lib/libvirt/filesystems for OS install trees, since SELinux labelling will be different * libvirt.spec.in: Add /var/lib/libvirt/filesystems * src/Makefile.am: Create /var/lib/libvirt/filesystems --- libvirt.spec.in | 1 + src/Makefile.am | 2 ++ 2 files changed, 3 insertions(+), 0 deletions(-) diff --git a/libvirt.spec.in b/libvirt.spec.in index 262cfed..261f34c 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1001,6 +1001,7 @@ rm -f $RPM_BUILD_ROOT%{_sysconfdir}/sysctl.d/libvirtd %dir %{_localstatedir}/run/libvirt/ %dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/images/ +%dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/filesystems/ %dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/boot/ %dir %attr(0711, root, root) %{_localstatedir}/cache/libvirt/ diff --git a/src/Makefile.am b/src/Makefile.am index 5cbe1ac..c36664b 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -1522,6 +1522,7 @@ EXTRA_DIST += $(SECURITY_DRIVER_APPARMOR_HELPER_SOURCES) install-data-local: $(MKDIR_P) "$(DESTDIR)$(localstatedir)/cache/libvirt" $(MKDIR_P) "$(DESTDIR)$(localstatedir)/lib/libvirt/images" + $(MKDIR_P) "$(DESTDIR)$(localstatedir)/lib/libvirt/filesystems" $(MKDIR_P) "$(DESTDIR)$(localstatedir)/lib/libvirt/boot" if HAVE_SANLOCK $(MKDIR_P) "$(DESTDIR)$(localstatedir)/lib/libvirt/sanlock" @@ -1567,6 +1568,7 @@ endif uninstall-local:: rmdir "$(DESTDIR)$(localstatedir)/cache/libvirt" ||: rmdir "$(DESTDIR)$(localstatedir)/lib/libvirt/images" ||: + rmdir "$(DESTDIR)$(localstatedir)/lib/libvirt/filesystems" ||: rmdir "$(DESTDIR)$(localstatedir)/lib/libvirt/boot" ||: if HAVE_SANLOCK rmdir "$(DESTDIR)$(localstatedir)/lib/libvirt/sanlock" ||: -- 1.7.6.4
From: "Daniel P. Berrange" <berrange@redhat.com> Only some of the return paths of lxcContainerWaitForContinue will have set errno. In other paths we need to set it manually to avoid the caller getting a random stale errno value * src/lxc/lxc_container.c: Set errno in lxcContainerWaitForContinue --- src/lxc/lxc_container.c | 9 +++++++-- 1 files changed, 7 insertions(+), 2 deletions(-) diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index 06ccf7e..7a3589b 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -224,8 +224,13 @@ int lxcContainerWaitForContinue(int control) int readLen; readLen = saferead(control, &msg, sizeof(msg)); - if (readLen != sizeof(msg) || - msg != LXC_CONTINUE_MSG) { + if (readLen != sizeof(msg)) { + if (readLen >= 0) + errno = EIO; + return -1; + } + if (msg != LXC_CONTINUE_MSG) { + errno = EINVAL; return -1; } -- 1.7.6.4
On 11/01/2011 08:31 AM, Daniel P. Berrange wrote:
From: "Daniel P. Berrange"<berrange@redhat.com>
Only some of the return paths of lxcContainerWaitForContinue will have set errno. In other paths we need to set it manually to avoid the caller getting a random stale errno value
* src/lxc/lxc_container.c: Set errno in lxcContainerWaitForContinue --- src/lxc/lxc_container.c | 9 +++++++-- 1 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index 06ccf7e..7a3589b 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -224,8 +224,13 @@ int lxcContainerWaitForContinue(int control) int readLen;
readLen = saferead(control,&msg, sizeof(msg)); - if (readLen != sizeof(msg) || - msg != LXC_CONTINUE_MSG) { + if (readLen != sizeof(msg)) { + if (readLen>= 0) + errno = EIO; + return -1; + } + if (msg != LXC_CONTINUE_MSG) { msg being a single char -- ok so that works. + errno = EINVAL; return -1; }
ACK
From: "Daniel P. Berrange" <berrange@redhat.com> The /etc/filesystems file can contain a '*' on the last line to indicate that /proc/filessystems should be tried next. We have a check that this '*' only occurs on the last line. Unfortunately when we then start reading /proc/filesystems, we mistakenly think we've seen '*' in /proc/filesystems and fail * src/lxc/lxc_container.c: Skip '*' validation when we're reading /proc/filesystems --- src/lxc/lxc_container.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index 7a3589b..63284e5 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -700,7 +700,7 @@ retry: /* * /etc/filesystems is only allowed to contain '*' on the last line */ - if (gotStar) { + if (gotStar && !tryProc) { lxcError(VIR_ERR_INTERNAL_ERROR, _("%s has unexpected '*' before last line"), fslist); -- 1.7.6.4
On 11/01/2011 08:31 AM, Daniel P. Berrange wrote:
From: "Daniel P. Berrange"<berrange@redhat.com>
The /etc/filesystems file can contain a '*' on the last line to indicate that /proc/filessystems should be tried next. We have a check that this '*' only occurs on the last line. Unfortunately when we then start reading /proc/filesystems, we mistakenly think we've seen '*' in /proc/filesystems and fail
* src/lxc/lxc_container.c: Skip '*' validation when we're reading /proc/filesystems --- src/lxc/lxc_container.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index 7a3589b..63284e5 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -700,7 +700,7 @@ retry: /* * /etc/filesystems is only allowed to contain '*' on the last line */ - if (gotStar) { + if (gotStar&& !tryProc) { lxcError(VIR_ERR_INTERNAL_ERROR, _("%s has unexpected '*' before last line"), fslist); ACK
On 11/01/2011 08:31 AM, Daniel P. Berrange wrote:
From: "Daniel P. Berrange"<berrange@redhat.com>
We already have a /var/lib/libvirt/images for OS install images. We need a separate /var/lib/libvirt/filesystems for OS install trees, since SELinux labelling will be different
* libvirt.spec.in: Add /var/lib/libvirt/filesystems * src/Makefile.am: Create /var/lib/libvirt/filesystems --- libvirt.spec.in | 1 + src/Makefile.am | 2 ++ 2 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in index 262cfed..261f34c 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1001,6 +1001,7 @@ rm -f $RPM_BUILD_ROOT%{_sysconfdir}/sysctl.d/libvirtd %dir %{_localstatedir}/run/libvirt/
%dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/images/ +%dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/filesystems/ %dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/boot/ %dir %attr(0711, root, root) %{_localstatedir}/cache/libvirt/
diff --git a/src/Makefile.am b/src/Makefile.am index 5cbe1ac..c36664b 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -1522,6 +1522,7 @@ EXTRA_DIST += $(SECURITY_DRIVER_APPARMOR_HELPER_SOURCES) install-data-local: $(MKDIR_P) "$(DESTDIR)$(localstatedir)/cache/libvirt" $(MKDIR_P) "$(DESTDIR)$(localstatedir)/lib/libvirt/images" + $(MKDIR_P) "$(DESTDIR)$(localstatedir)/lib/libvirt/filesystems" $(MKDIR_P) "$(DESTDIR)$(localstatedir)/lib/libvirt/boot" if HAVE_SANLOCK $(MKDIR_P) "$(DESTDIR)$(localstatedir)/lib/libvirt/sanlock" @@ -1567,6 +1568,7 @@ endif uninstall-local:: rmdir "$(DESTDIR)$(localstatedir)/cache/libvirt" ||: rmdir "$(DESTDIR)$(localstatedir)/lib/libvirt/images" ||: + rmdir "$(DESTDIR)$(localstatedir)/lib/libvirt/filesystems" ||: rmdir "$(DESTDIR)$(localstatedir)/lib/libvirt/boot" ||: if HAVE_SANLOCK rmdir "$(DESTDIR)$(localstatedir)/lib/libvirt/sanlock" ||: Following that it's similar to what already exists -- ACK
participants (2)
-
Daniel P. Berrange -
Stefan Berger