11:34 a.m.
Hi,
currently running libvirtd without DBus fails due to:
error : nwfilterDriverStartup:208 : DBus matches could not be installed. Disabling
nwfilter driver
error : virDBusGetSystemBus:77 : internal error Unable to get DBus system bus connection:
Failed to connect to socket /var/run/dbus/system_bus_socket: No such file or directory
error : virStateInitialize:810 : Initialization of NWFilter state driver failed
error : daemonRunStateInit:784 : Driver state initialization failed
because we fail driver initialization hard in nwfilter_driver.c:
if (nwfilterDriverInstallDBusMatches(sysbus) < 0) {
VIR_ERROR(_("DBus matches could not be installed. Disabling nwfilter "
"driver"));
/*
* unfortunately this is fatal since virNWFilterTechDriversInit
* may have caused the ebiptables driver to use the firewall tool
* but now that the watches don't work, we just disable the nwfilter
* driver
*/
goto error;
}
I wonder if this on prupose or if we can just make this a soft error and
go on without DBus? At least in the !HAVE_FIREWALLD case it should be
o.k. to continue. Shouldn't it? See attached patch.
Cheers,
-- Guido
4:33 a.m.
On Sat, Nov 24, 2012 at 06:34:35PM +0100, Guido Günther wrote:
Hi,
currently running libvirtd without DBus fails due to:
error : nwfilterDriverStartup:208 : DBus matches could not be installed. Disabling
nwfilter driver
error : virDBusGetSystemBus:77 : internal error Unable to get DBus system bus connection:
Failed to connect to socket /var/run/dbus/system_bus_socket: No such file or directory
error : virStateInitialize:810 : Initialization of NWFilter state driver failed
error : daemonRunStateInit:784 : Driver state initialization failed
because we fail driver initialization hard in nwfilter_driver.c:
if (nwfilterDriverInstallDBusMatches(sysbus) < 0) {
VIR_ERROR(_("DBus matches could not be installed. Disabling nwfilter "
"driver"));
/*
* unfortunately this is fatal since virNWFilterTechDriversInit
* may have caused the ebiptables driver to use the firewall tool
* but now that the watches don't work, we just disable the nwfilter
* driver
*/
goto error;
}
I wonder if this on prupose or if we can just make this a soft error and
go on without DBus? At least in the !HAVE_FIREWALLD case it should be
o.k. to continue. Shouldn't it? See attached patch.
Generally, if DBus has been requested at compile time, it ought to
be treated as compulsory, otherwise it should be non-fatal.
>From 22571860568bfe8026e60dcede8f332ec6fd002f Mon Sep 17 00:00:00
2001
Message-Id:
<22571860568bfe8026e60dcede8f332ec6fd002f.1353774807.git.agx(a)sigxcpu.org>
From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx(a)sigxcpu.org>
Date: Sat, 24 Nov 2012 17:32:59 +0100
Subject: [PATCH] nwfilter: Allow DBus initialization to fail
To: libvir-list(a)redhat.com
in case we don't use firewalld. This allows us to run without
DBus on servers.
---
src/nwfilter/nwfilter_driver.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c
index 12f47ef..e4f6ec9 100644
--- a/src/nwfilter/nwfilter_driver.c
+++ b/src/nwfilter/nwfilter_driver.c
@@ -204,6 +204,7 @@ nwfilterDriverStartup(int privileged)
* initializing
*/
if (nwfilterDriverInstallDBusMatches(sysbus) < 0) {
+#if HAVE_FIREWALLD
VIR_ERROR(_("DBus matches could not be installed. Disabling nwfilter
"
"driver"));
/*
@@ -213,6 +214,7 @@ nwfilterDriverStartup(int privileged)
* driver
*/
goto error;
+#endif
}
IMHO any conditional should be in the nwfilterDriverInstallDBusMatches method
itself. ie that method should be a no-op hardcoded to return 0, if firewalld
has been disabled at compile time.
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
2:59 p.m.
On Mon, Nov 26, 2012 at 10:33:15AM +0000, Daniel P. Berrange wrote:
On Sat, Nov 24, 2012 at 06:34:35PM +0100, Guido Günther wrote:
> Hi,
> currently running libvirtd without DBus fails due to:
>
> error : nwfilterDriverStartup:208 : DBus matches could not be installed. Disabling
nwfilter driver
> error : virDBusGetSystemBus:77 : internal error Unable to get DBus system bus
connection: Failed to connect to socket /var/run/dbus/system_bus_socket: No such file or
directory
> error : virStateInitialize:810 : Initialization of NWFilter state driver failed
> error : daemonRunStateInit:784 : Driver state initialization failed
>
> because we fail driver initialization hard in nwfilter_driver.c:
>
> if (nwfilterDriverInstallDBusMatches(sysbus) < 0) {
> VIR_ERROR(_("DBus matches could not be installed. Disabling nwfilter
"
> "driver"));
> /*
> * unfortunately this is fatal since virNWFilterTechDriversInit
> * may have caused the ebiptables driver to use the firewall tool
> * but now that the watches don't work, we just disable the nwfilter
> * driver
> */
> goto error;
> }
>
> I wonder if this on prupose or if we can just make this a soft error and
> go on without DBus? At least in the !HAVE_FIREWALLD case it should be
> o.k. to continue. Shouldn't it? See attached patch.
Generally, if DBus has been requested at compile time, it ought to
be treated as compulsory, otherwise it should be non-fatal.
Thanks. Good to know.
> >From 22571860568bfe8026e60dcede8f332ec6fd002f Mon Sep 17 00:00:00 2001
> Message-Id:
<22571860568bfe8026e60dcede8f332ec6fd002f.1353774807.git.agx(a)sigxcpu.org>
> From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx(a)sigxcpu.org>
> Date: Sat, 24 Nov 2012 17:32:59 +0100
> Subject: [PATCH] nwfilter: Allow DBus initialization to fail
> To: libvir-list(a)redhat.com
>
> in case we don't use firewalld. This allows us to run without
> DBus on servers.
> ---
> src/nwfilter/nwfilter_driver.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c
> index 12f47ef..e4f6ec9 100644
> --- a/src/nwfilter/nwfilter_driver.c
> +++ b/src/nwfilter/nwfilter_driver.c
> @@ -204,6 +204,7 @@ nwfilterDriverStartup(int privileged)
> * initializing
> */
> if (nwfilterDriverInstallDBusMatches(sysbus) < 0) {
> +#if HAVE_FIREWALLD
> VIR_ERROR(_("DBus matches could not be installed. Disabling nwfilter
"
> "driver"));
> /*
> @@ -213,6 +214,7 @@ nwfilterDriverStartup(int privileged)
> * driver
> */
> goto error;
> +#endif
> }
IMHO any conditional should be in the nwfilterDriverInstallDBusMatches method
itself. ie that method should be a no-op hardcoded to return 0, if firewalld
has been disabled at compile time.
It turns out that this is already the case - I missed it since I only
tested with this patch and --without-firewalld.
So building --with-firewalld currently needs dbus and firewalld for
libvirtd to actually start.
Thanks,
-- Guido
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
4380
days inactive
4382
days old
2 comments
2 participants
participants (2)
-
Daniel P. Berrange -
Guido Günther