- 22 10月, 2010 16 次提交
-
-
由 Matthias Bolte 提交于
-
由 Daniel P. Berrange 提交于
The boot server IP address is optional, so it needs to be checked before attempting to parse it. * src/conf/network_conf.c: Don't parse NULL ip address for boot server
-
由 Daniel P. Berrange 提交于
Instead of storing the IP address string in virNetwork related structs, store the parsed virSocketAddr. This will make it easier to add IPv6 support in the future, by letting driver code directly check what address family is present * src/conf/network_conf.c, src/conf/network_conf.h, src/network/bridge_driver.c: Convert to use virSocketAddr in virNetwork, instead of char *. * src/util/bridge.c, src/util/bridge.h, src/util/dnsmasq.c, src/util/dnsmasq.h, src/util/iptables.c, src/util/iptables.h: Convert to take a virSocketAddr instead of char * for any IP address parameters * src/util/network.h: Add macros to determine if an address is set, and what address family is set.
-
由 Daniel P. Berrange 提交于
It is useful to know where the client is connecting from, so include the socket address in probe data. * daemon/libvirtd.h: Use virSocketAddr for storing client address and keep printable address handy for logging * daemon/libvirtd.c: Include socket address in client connect/disconnect probes * daemon/probes.d: Add socket address to probes * examples/systemtap/client.stp: Print socket address * src/util/network.h: Add sockaddr_un to virSocketAddr union
-
由 Daniel P. Berrange 提交于
Adds initial support for dtrace static probes in libvirtd daemon, assuming use of systemtap dtrace compat shim on Linux. The probes are inserted for network client connect, disconnect, TLS handshake states and authentication protocol states. This can be tested by running the xample program and then attempting to connect with any libvirt client (virsh, virt-manager, etc). # stap examples/systemtap/client.stp Client fd=44 connected readonly=0 Client fd=44 auth polkit deny pid:24997,uid:500 Client fd=44 disconnected Client fd=46 connected readonly=1 Client fd=46 auth sasl allow test Client fd=46 disconnected The libvirtd.stp file should also really not be required, since it is duplicated info that is already available in the main probes.d definition file. A script to autogenerate the .stp file is needed, either in libvirtd tree, or better as part of systemtap itself. * Makefile.am: Add examples/systemtap subdir * autobuild.sh: Disable dtrace for mingw32 * configure.ac: Add check for dtrace * daemon/.gitignore: Ignore generated dtrace probe file * daemon/Makefile.am: Build dtrace probe header & object files * daemon/libvirtd.stp: SystemTAP convenience probeset * daemon/libvirtd.c: Add connect/disconnect & TLS probes * daemon/remote.c: Add SASL and PolicyKit auth probes * daemon/probes.d: Master probe definition * daemon/libvirtd.h: Add convenience macro for probes so that compilation is a no-op when dtrace is not available * examples/systemtap/Makefile.am, examples/systemtap/client.stp Example systemtap script using dtrace probe markers * libvirt.spec.in: Enable dtrace on F13/RHEL6 * mingw32-libvirt.spec.in: Force disable dtrace
-
由 Daniel P. Berrange 提交于
Add a test suite for check parsing, formatting, range calculation and netmask checking APIs in virSocketAddr. * tests/sockettest.c, tests/Makefile.am: Add new test case
-
由 Daniel P. Berrange 提交于
All the inet_* functions can be replaced with calls to the virSocket APIs. Since many of the inet_* funtions are unsafe, and the remainder are obsolete, forbid all future use of them in libvirt. * Makefile.nonreentrant: Ban use of inet_*
-
由 Daniel P. Berrange 提交于
The inet_pton and inet_ntop functions are obsolete, replaced by getaddrinfo+getnameinfo with the AI_NUMERICHOST flag set. These can be accessed via the virSocket APIs. The bridge.c code had methods for fetching the IP address of a bridge which used inet_ntop. Aside from the use of inet_ntop these methods are broken, because a NIC can have multiple addresses and this only returns one address. Since the methods are never used, just remove them. * src/conf/network_conf.c, src/nwfilter/nwfilter_learnipaddr.c: Replace inet_pton and inet_ntop with virSocket APIs * src/util/bridge.c, src/util/bridge.h: Remove unused methods which called inet_ntop.
-
由 Daniel P. Berrange 提交于
The addrToString functionality is now available via the virSocketFormatAddrFull method. * daemon/remote.c, src/remote/remote_driver.c: Remove addrToString methods
-
由 Daniel P. Berrange 提交于
The virSocketParse method was not doing any error reporting which meant the true cause of the problem was lost. Remove all error reporting from callers, and push it into virSocketParse * src/util/network.c: Add error reporting to virSocketParse * src/conf/domain_conf.c, src/conf/network_conf.c, src/network/bridge_driver.c: Remove error reporting in callers of virSocketParse
-
由 Daniel P. Berrange 提交于
The getnameinfo() function is more flexible than inet_ntop() avoiding the need to if/else the code based on socket family. Also make it support UNIX socket addrs and allow inclusion of a port (service) address. Finally do proper error reporting via normal APIs. * src/conf/domain_conf.c, src/nwfilter/nwfilter_ebiptables_driver.c, src/qemu/qemu_conf.c: Fix error handling with virSocketFormat * src/util/network.c: Rewrite virSocketFormat to use getnameinfo and cope with UNIX socket addrs.
-
由 Daniel P. Berrange 提交于
The nwIPAddress was simply a wrapper about virSocketAddr. Just use the latter directly, removing all the extra field de-references from code & helper APIs for parsing/formatting. Also remove all the redundant casts from strong types to void * and then immediately back to strong types. * src/conf/nwfilter_conf.h: Remove nwIPAddress * src/conf/nwfilter_conf.c, src/nwfilter/nwfilter_ebiptables_driver.c: Update to use virSocketAddr and remove void * casts.
-
由 Daniel P. Berrange 提交于
There was a typo in the IPv6 path of virSocketCheckNetmask which caused it to never execute. * src/util/network.c: s/AF_INET/AF_INET6/ in virSocketCheckNetmask
-
由 Daniel P. Berrange 提交于
The virSocketParseAddr function was accepting any AF_* constant and using that to set the ai_flags field in struct addrinfo. This is invalid, since address families must go in the ai_family field of the struct. * src/util/network.c: Fix handling of address family * src/conf/network_conf.c, src/network/bridge_driver.c: Pass AF_UNSPEC instead of relying on it being 0.
-
由 Daniel P. Berrange 提交于
Some operations on socket addresses need to know the length of the sockaddr struct for the particular address family. This info was being discarded when passing around virSocketAddr instances. Turn it from a union into a struct containing union+socklen_t fields, so length is always kept around. * src/util/network.h: Add socklen_t field to virSocketAddr * src/util/network.c, src/network/bridge_driver.c, src/conf/domain_conf.c: Update to take account of new struct definition.
-
由 Daniel P. Berrange 提交于
If getnameinfo() with NI_NUMERICHOST set fails, there are no grounds to expect inet_ntop to succeed, since these calls are functionally equivalent. Remove useless inet_ntop code in the getnameinfo() error path. * daemon/remote.c, src/remote/remote_driver.c: Remove calls to inet_ntop
-
- 21 10月, 2010 7 次提交
-
-
由 Eric Blake 提交于
* src/libvirt_private.syms: Sort by header name, then within header, and drop duplicate virNetworkDefParseNode, virFileLinkPointsTo and virXPathBoolean.
-
由 Daniel P. Berrange 提交于
The QEMU 0.13 release is finally out and from testing in RHEL-6 we know that its JSON and netdev features are now good enough for us to use by default. * src/qemu/qemu_conf.c: Enable JSON + netdev for QEMU >= 0.13
-
由 Eric Blake 提交于
* src/util/virtaudit.c (virAuditSend): one less ifdef, since gcc does not care if an ATTRIBUTE_UNUSED var gets used in some paths.
-
由 Matthias Bolte 提交于
There is no point in trying to fill params beyond the first error, because when qemuDomainGetMemoryParameters returns -1 then the caller cannot detect which values in params are valid.
-
由 Matthias Bolte 提交于
Also exit early when nparams is 0.
-
由 Matthias Bolte 提交于
To get them under the common VIR_DOMAIN_MEMORY_* prefix.
-
由 Matthias Bolte 提交于
Also output the min_guarantee element when set.
-
- 20 10月, 2010 17 次提交
-
-
由 Jiri Denemark 提交于
The test for <vcpu> element is unrelated to vnc so the easiest fix is to remove related configuration.
-
由 Matthias Bolte 提交于
-
由 Nikunj A. Dadhania 提交于
* include/libvirt/libvirt.h.in: Update comment with actual description
-
由 Daniel Veillard 提交于
-
由 John Morrissey 提交于
This sets the process name to the same value as the Windows title, but since the name is limited to 16 chars only this is kept as a configuration option and turned off by default * src/qemu/qemu.conf src/qemu/qemu_conf.[ch]: hceck for support in the QEmu help output, add the option in qemu conf file and augment qemudBuildCommandLine to add it if switched on * src/qemu/libvirtd_qemu.aug src/qemu/test_libvirtd_qemu.aug: augment the augeas lenses accordingly * tests/qemuhelptest.c: cope with the extra flag being detected now
-
由 Stefan Berger 提交于
Avoid the enforcement of direction if - icmp rules specify the type/code information - the 'skipMatch' variable is set to 'true'
-
由 Justin Clift 提交于
Adds a new page for the C# language bindings being developed by Arnaud Champion.
-
由 Guido Günther 提交于
Debian stock kernel has CONFIG_CGROUP_MEM_RES_CTLR disabled due to the overhead [1]. Allow to start containers if the corresponding files in the cgroup filesystem are missing. This fixes Debian bug #566180 [2]. [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534964 [2] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566180
-
由 Matthias Bolte 提交于
-
由 Daniel P. Berrange 提交于
The libvirt_util.la library was mistakenly linked into libvirtd directly. Since libvirt_util.la is already linked to libvirt.so, this resulted in libvirtd getting two copies of the code and more critically 2 copies of static global variables. Testing in turn exposed a issue with loadable modules. The gnulib replacement functions are not exported to loadable modules. Rather than trying to figure out the name sof all gnulib functions & export them, just linkage all loadable modules against libgnu.la statically. * daemon/Makefile.am: Remove linkage of libvirt_util.la and libvirt_driver.la * src/Makefile.am: Link driver modules against libgnu.la * src/libvirt.c: Don't try to load modules which were compiled out * src/libvirt_private.syms: Export all other internal symbols that are required by drivers
-
由 Miloslav Trmač 提交于
A more natural auditing point would perhaps be SELinuxSetSecurityProcessLabel, but this happens in the child after root permissions are dropped, so the kernel would refuse the audit record.
-
由 Miloslav Trmač 提交于
Most operations are audited at the libvirtd level; auditing in src/libvirt.c would result in two audit entries per operation (one in the client, one in libvirtd). The only exception is a domain stopping of its own will (e.g. because the user clicks on "shutdown" inside the interface). There can often be no client connected at the time the domain stops, so libvirtd does not have any virConnectPtr object on which to attach an event watch. This patch therefore adds auditing directly inside the qemu driver (other drivers are not supported).
-
由 Daniel P. Berrange 提交于
Integrate with libaudit.so for auditing of important operations. libvirtd gains a couple of config entries for auditing. By default it will enable auditing, if its enabled on the host. It can be configured to force exit if auditing is disabled on the host. It will can also send audit messages via libvirt internal logging API Places requiring audit reporting can use the VIR_AUDIT macro to report data. This is a no-op unless auditing is enabled * autobuild.sh, mingw32-libvirt.spec.in: Disable audit on mingw * configure.ac: Add check for libaudit * daemon/libvirtd.aug, daemon/libvirtd.conf, daemon/test_libvirtd.aug, daemon/libvirtd.c: Add config options to enable auditing * include/libvirt/virterror.h, src/util/virterror.c: Add VIR_FROM_AUDIT source * libvirt.spec.in: Enable audit * src/util/virtaudit.h, src/util/virtaudit.c: Simple internal API for auditing messages
-
由 Daniel P. Berrange 提交于
The statstest is xen specific. Instead of filling the code with a huge number of #ifdef WITH_XEN, just make its entire compilation conditional in the Makefile.am. Also ensure it links to the Xen driver so that it builds when driver modules are enabled * tests/Makefile.am: Make statstest xen conditional. Link to xen driver * tests/Makefile.am: Remove all conditionals
-
由 Eric Blake 提交于
* tools/virsh.pod (memtune): Drop second copy, fill to 80 columns, enhance wording.
-
由 Eric Blake 提交于
* src/xen/xen_driver.h (xenUnifiedDriver): Remove now-unused domainGetMaxVcpus, domainSetVcpus. * src/xen/proxy_internal.c (xenProxyDriver): Likewise. * src/xen/xen_hypervisor.c (xenHypervisorDriver): Likewise. * src/xen/xen_inotify.c (xenInotifyDriver): Likewise. * src/xen/xend_internal.c (xenDaemonDriver) (xenDaemonDomainSetVcpus): Likewise. * src/xen/xm_internal.c (xenXMDriver, xenXMDomainSetVcpus): Likewise. * src/xen/xs_internal.c (xenStoreDriver): Likewise.
-
由 Eric Blake 提交于
Tested with RHEL 5.6 (xendConfigVersion 2, where xend_internal controls live domains and xm_internal controls inactive domains). Hopefully this works with xendConfigVersion 3 (where xend_internal controls everything). * src/xen/xen_driver.c (xenUnifiedDomainSetVcpusFlags): Support more flags. (xenUnifiedGetMaxVcpus): Export. * src/xen/xm_internal.h (xenXMDomainSetVcpusFlags): New prototype. * src/xen/xend_internal.h (xenDaemonDomainSetVcpusFlags): Likewise. * src/xen/xen_driver.h (xenUnifiedGetMaxVcpus): Likewise. * src/xen/xm_internal.c (xenXMDomainSetVcpusFlags): New function. * src/xen/xend_internal.c (xenDaemonDomainSetVcpusFlags): Likewise.
-