- 06 2月, 2012 1 次提交
-
-
由 Jiri Denemark 提交于
Typo introduced by c18a88ac
-
- 04 2月, 2012 1 次提交
-
-
由 Laine Stump 提交于
This eliminates the warning message reported in: https://bugzilla.redhat.com/show_bug.cgi?id=624447 It was caused by a failure to open an image file that is not accessible by root (the uid libvirtd is running as) because it's on a root-squash NFS share, owned by a different user, with permissions of 660 (or maybe 600). The solution is to use virFileOpenAs() rather than open(). The codepath that generates the error is during qemuSetupDiskCGroup(), but the actual open() is in a lower-level generic function called from many places (virDomainDiskDefForeachPath), so some other pieces of the code were touched just to add dummy (or possibly useful) uid and gid arguments. Eliminating this warning message has the nice side effect that the requested operation may even succeed (which in this case isn't necessary, but shouldn't hurt anything either).
-
- 27 1月, 2012 1 次提交
-
-
由 Jiri Denemark 提交于
Without this, virt-aa-helper would segfault in -c or -r commands.
-
- 03 12月, 2011 1 次提交
-
-
由 Serge Hallyn 提交于
The pathname for the pipe for tunnelled migration is unresolvable. The libvirt apparmor driver therefore refuses access, causing migration to fail. If we can't resolve the path, the worst that can happen is that we should have given permission to the file but didn't. Otherwise (especially since this is a /proc/$$/fd/N file) the file is already open and libvirt won't be refused access by apparmor anyway. Also adjust virt-aa-helper to allow access to the *.tunnelmigrate.dest.name files. For more information, see https://launchpad.net/bugs/869553. Signed-off-by: NSerge Hallyn <serge.hallyn@canonical.com>
-
- 28 11月, 2011 1 次提交
-
-
由 Michal Privoznik 提交于
When user pass wrong root element, it is not 'internal error' and we can give him hint what we are expecting.
-
- 07 11月, 2011 1 次提交
-
-
由 Daniel P. Berrange 提交于
Every instance of virCapsPtr must have the defaultConsoleTargetType field set. * src/security/virt-aa-helper.c: Add defaultConsoleTargetType to virCapsPtr
-
- 03 11月, 2011 1 次提交
-
-
由 Daniel P. Berrange 提交于
While Xen only has a single paravirt console, UML, and QEMU both support multiple paravirt consoles. The LXC driver can also be trivially made to support multiple consoles. This patch extends the XML to allow multiple <console> elements in the XML. It also makes the UML and QEMU drivers support this config. * src/conf/domain_conf.c, src/conf/domain_conf.h: Allow multiple <console> devices * src/lxc/lxc_driver.c, src/xen/xen_driver.c, src/xenxs/xen_sxpr.c, src/xenxs/xen_xm.c: Update for internal API changes * src/security/security_selinux.c, src/security/virt-aa-helper.c: Only label consoles that aren't a copy of the serial device * src/qemu/qemu_command.c, src/qemu/qemu_driver.c, src/qemu/qemu_process.c, src/uml/uml_conf.c, src/uml/uml_driver.c: Support multiple console devices * tests/qemuxml2xmltest.c, tests/qemuxml2argvtest.c: Extra tests for multiple virtio consoles. Set QEMU_CAPS_CHARDEV for all console /channel tests * tests/qemuxml2argvdata/qemuxml2argv-channel-virtio-auto.args, tests/qemuxml2argvdata/qemuxml2argv-channel-virtio.args tests/qemuxml2argvdata/qemuxml2argv-console-virtio.args: Update for correct chardev syntax * tests/qemuxml2argvdata/qemuxml2argv-console-virtio-many.args, tests/qemuxml2argvdata/qemuxml2argv-console-virtio-many.xml: New test file
-
- 28 9月, 2011 1 次提交
-
-
由 Jamie Strandboge 提交于
The AppArmor security driver adds only the path specified in the domain XML for character devices of type 'pipe'. It should be using <path>.in and <path>.out. We do this by creating a new vah_add_file_chardev() and use it for char devices instead of vah_add_file(). Also adjust valid_path() to accept S_FIFO (since qemu chardevs of type 'pipe' use fifos). This is https://launchpad.net/bugs/832507
-
- 14 9月, 2011 1 次提交
-
-
由 Peter Krempa 提交于
Commit 498d7833 cleans up some of virtual file names for parsing strings in memory. This patch cleans up (hopefuly) the rest forgotten by the first patch. This patch also changes all of the previously modified "filenames" to valid URI's replacing spaces for underscores. Changes to v1: - Replace all spaces for underscores, so that the strings form valid URI's - Replace spaces in places changed by commit 498d7833
-
- 09 9月, 2011 1 次提交
-
-
由 Peter Krempa 提交于
While parsing XML strings from memory, the previous convention in libvirt was to set the virtual file name to "domain.xml" or something similar. This could potentialy trick the user into looking for a file named domain.xml on the disk in an attempt to fix the error. This patch changes these filenames to something that can't be as easily confused for a valid filename. Examples of error messages: --------------------------- Error while loading file from disk: 15:07:59.015: 527: error : catchXMLError:709 : /path/to/domain.xml:1: StartTag: invalid element name <domain type='kvm'>< --------------------^ Error while parsing definition in memory: 15:08:43.581: 525: error : catchXMLError:709 : (domain definition):2: error parsing attribute name <name>vm1</name> --^
-
- 19 8月, 2011 1 次提交
-
-
由 Eric Blake 提交于
Repetitive patterns should be factored. The sign of a good factorization is a change that kills 5x more lines than it adds :) * src/conf/domain_conf.c (virDomainDeviceDefParse) (virDomainSnapshotDefParseString): Use new convenience macros. * src/conf/storage_conf.c (virStoragePoolDefParseSourceString): Likewise. * src/cpu/cpu.c (cpuCompareXML, cpuBaselineXML): Likewise. * src/esx/esx_vi.c (esxVI_Context_Execute): Likewise. * src/qemu/qemu_migration.c (qemuMigrationCookieXMLParseStr): Likewise. * src/security/virt-aa-helper.c (caps_mockup): Likewise. * src/test/test_driver.c (testOpenFromFile): Likewise. * tests/cputest.c (cpuTestLoadXML, cpuTestLoadMultiXML): Likewise. * tools/virsh.c (cmdFreecell, makeCloneXML, cmdVNCDisplay) (cmdTTYConsole, cmdDetachInterface, cmdDetachDisk) (cmdSnapshotCreate, cmdSnapshotCreateAs, cmdSnapshotCurrent) (cmdSnapshotList, cmdSnapshotParent): Likewise.
-
- 22 7月, 2011 1 次提交
-
-
由 Eric Blake 提交于
In preparation for a future patch adding new virFile APIs. * src/util/files.h, src/util/files.c: Move... * src/util/virfile.h, src/util/virfile.c: ...here, and rename functions to virFile prefix. Macro names are intentionally left alone. * *.c: All '#include "files.h"' uses changed. * src/Makefile.am (UTIL_SOURCES): Reflect rename. * cfg.mk (exclude_file_name_regexp--sc_prohibit_close): Likewise. * src/libvirt_private.syms: Likewise. * docs/hacking.html.in: Likewise. * HACKING: Regenerate.
-
- 15 7月, 2011 1 次提交
-
-
由 Jamie Strandboge 提交于
In the Ubuntu development release we recently got a new udev that moves /var/run to /run, /var/lock to /run/lock and /dev/shm to /run/shm. This change in udev requires updating the apparmor security driver in libvirt[1]. Attached is a patch that: * adjusts src/security/virt-aa-helper.c to allow both LOCALSTATEDIR/run/libvirt/**/%s.pid and /run/libvirt/**/%s.pid. While the profile is not as precise, LOCALSTATEDIR/run/ is typically a symlink to /run/ anyway, so there is no additional access (remember that apparmor resolves symlinks, which is why this is still required even if /var/run points to /run). * adjusts example/apparmor/libvirt-qemu paths for /dev/shm [1]https://launchpad.net/bugs/810270 -- Jamie Strandboge | http://www.canonical.com
-
- 12 7月, 2011 1 次提交
-
-
由 Matthias Bolte 提交于
The drivers were accepting domain configs without checking if those were actually meant for them. For example the LXC driver happily accepts configs with type QEMU. Add a check for the expected domain types to the virDomainDefParse* functions.
-
- 08 6月, 2011 1 次提交
-
-
由 Eric Blake 提交于
Regression introduced in commit 02e86910. * src/security/virt-aa-helper.c (includes): Reflect move of virRun.
-
- 13 5月, 2011 1 次提交
-
-
由 Cole Robinson 提交于
virt-aa-helper isn't even compile tested since I don't have the setup for it. v2: virt-aa-helper fixes from Eric
-
- 10 5月, 2011 1 次提交
-
-
由 Matthias Bolte 提交于
-
- 06 5月, 2011 1 次提交
-
-
由 Eric Blake 提交于
We already have virAsprintf, so picking a similar name helps for seeing a similar purpose. Furthermore, the prefix V before printf generally implies 'va_list', even though this variant was '...', and the old name got in the way of adding a new va_list version. global rename performed with: $ git grep -l virBufferVSprintf \ | xargs -L1 sed -i 's/virBufferVSprintf/virBufferAsprintf/g' then revert the changes in ChangeLog-old.
-
- 16 4月, 2011 1 次提交
-
-
由 Eric Blake 提交于
It costs quite a few processor cycles to go through printf parsing just to determine that we only meant to append. * src/xen/xend_internal.c (xend_op_ext): Consolidate multiple printfs into one. * src/qemu/qemu_command.c (qemuBuildWatchdogDevStr) (qemuBuildUSBInputDevStr, qemuBuildSoundDevStr) (qemuBuildSoundCodecStr, qemuBuildVideoDevStr): Likewise. (qemuBuildCpuArgStr, qemuBuildCommandLine): Prefer virBufferAdd over virBufferVsprintf for trivial appends. * src/phyp/phyp_driver.c (phypExec, phypUUIDTable_Push) (phypUUIDTable_Pull): Likewise. * src/conf/nwfilter_conf.c (macProtocolIDFormatter) (arpOpcodeFormatter, formatIPProtocolID, printStringItems) (virNWFilterPrintStateMatchFlags, virNWIPAddressFormat) (virNWFilterDefFormat): Likewise. * src/security/virt-aa-helper.c (main): Likewise. * src/util/sexpr.c (sexpr2string): Likewise. * src/xenxs/xen_sxpr.c (xenFormatSxprChr): Likewise. * src/xenxs/xen_xm.c (xenFormatXMDisk): Likewise.
-
- 05 4月, 2011 1 次提交
-
-
由 Matthias Bolte 提交于
-
- 24 2月, 2011 1 次提交
-
-
由 Daniel P. Berrange 提交于
Remove the <stdbool.h> header from all source files / headers and just put it into internal.h * src/internal.h: Add <stdbool.h>
-
- 15 1月, 2011 1 次提交
-
-
由 Eric Blake 提交于
This opens up the possibility of reusing the smaller ChrSourceDef for both qemu monitor and a passthrough smartcard device. * src/conf/domain_conf.h (_virDomainChrDef): Factor host details... (_virDomainChrSourceDef): ...into new struct. (virDomainChrSourceDefFree): New prototype. * src/conf/domain_conf.c (virDomainChrDefFree) (virDomainChrDefParseXML, virDomainChrDefFormat): Split... (virDomainChrSourceDefClear, virDomainChrSourceDefFree) (virDomainChrSourceDefParseXML, virDomainChrSourceDefFormat): ...into new functions. (virDomainChrDefParseTargetXML): Update clients to reflect type split. * src/vmx/vmx.c (virVMXParseSerial, virVMXParseParallel) (virVMXFormatSerial, virVMXFormatParallel): Likewise. * src/xen/xen_driver.c (xenUnifiedDomainOpenConsole): Likewise. * src/xen/xend_internal.c (xenDaemonParseSxprChar) (xenDaemonFormatSxprChr): Likewise. * src/vbox/vbox_tmpl.c (vboxDomainDumpXML, vboxAttachSerial) (vboxAttachParallel): Likewise. * src/security/security_dac.c (virSecurityDACSetChardevLabel) (virSecurityDACSetChardevCallback) (virSecurityDACRestoreChardevLabel) (virSecurityDACRestoreChardevCallback): Likewise. * src/security/security_selinux.c (SELinuxSetSecurityChardevLabel) (SELinuxSetSecurityChardevCallback) (SELinuxRestoreSecurityChardevLabel) (SELinuxSetSecurityChardevCallback): Likewise. * src/security/virt-aa-helper.c (get_files): Likewise. * src/lxc/lxc_driver.c (lxcVmStart, lxcDomainOpenConsole): Likewise. * src/uml/uml_conf.c (umlBuildCommandLineChr): Likewise. * src/uml/uml_driver.c (umlIdentifyOneChrPTY, umlIdentifyChrPTY) (umlDomainOpenConsole): Likewise. * src/qemu/qemu_command.c (qemuBuildChrChardevStr) (qemuBuildChrArgStr, qemuBuildCommandLine) (qemuParseCommandLineChr): Likewise. * src/qemu/qemu_domain.c (qemuDomainObjPrivateXMLFormat) (qemuDomainObjPrivateXMLParse): Likewise. * src/qemu/qemu_cgroup.c (qemuSetupChardevCgroup): Likewise. * src/qemu/qemu_hotplug.c (qemuDomainAttachNetDevice): Likewise. * src/qemu/qemu_driver.c (qemudFindCharDevicePTYsMonitor) (qemudFindCharDevicePTYs, qemuPrepareChardevDevice) (qemuPrepareMonitorChr, qemudShutdownVMDaemon) (qemuDomainOpenConsole): Likewise. * src/qemu/qemu_command.h (qemuBuildChrChardevStr) (qemuBuildChrArgStr): Delete, now that they are static. * src/libvirt_private.syms (domain_conf.h): New exports. * cfg.mk (useless_free_options): Update list. * tests/qemuxml2argvtest.c (testCompareXMLToArgvFiles): Update tests.
-
- 18 11月, 2010 3 次提交
-
-
由 Matthias Bolte 提交于
Include locale.h for setlocale(). Revert the usage string back to it's original form. Use puts() instead of fputs(), as fputs() expects a FILE*. Add closing parenthesis to some vah_error() calls. Use argv[0] instead of an undefined argv0.
-
由 Eric Blake 提交于
These messages are visible to the user, so they should be consistently translated. * cfg.mk (msg_gen_function): Add vah_error, vah_warning. * src/security/virt-aa-helper.c: Translate messages. (catchXMLError): Fix capitalization.
-
由 Eric Blake 提交于
Per the gettext developer: http://lists.gnu.org/archive/html/bug-gnu-utils/2010-10/msg00019.html http://lists.gnu.org/archive/html/bug-gnu-utils/2010-10/msg00021.html gettext() doesn't work correctly on all platforms unless you have called setlocale(). Furthermore, gnulib's gettext.h has provisions for setting up a default locale, which is the preferred method for libraries to use gettext without having to call textdomain() and override the main program's default domain (virInitialize already calls bindtextdomain(), but this is insufficient without the setlocale() added in this patch; and a redundant bindtextdomain() in this patch doesn't hurt, but serves as a good example for other packages that need to bind a second translation domain). This patch is needed to silence a new gnulib 'make syntax-check' rule in the next patch. * daemon/libvirtd.c (main): Setup locale and gettext. * src/lxc/lxc_controller.c (main): Likewise. * src/security/virt-aa-helper.c (main): Likewise. * src/storage/parthelper.c (main): Likewise. * tools/virsh.c (main): Fix exit status. * src/internal.h (DEFAULT_TEXT_DOMAIN): Define, for gettext.h. (_): Simplify definition accordingly. * po/POTFILES.in: Add src/storage/parthelper.c.
-
- 17 11月, 2010 1 次提交
-
-
由 Eric Blake 提交于
* bootstrap.conf (gnulib_modules): Add configmake. * daemon/Makefile.am (libvirtd_CFLAGS): Drop defines provided by gnulib. * src/Makefile.am (INCLUDES): Likewise. * tests/Makefile.am (INCLUDES): Likewise. * tools/Makefile.am (virsh_CFLAGS): Likewise. * daemon/libvirtd.c (qemudInitPaths, usage, main): Update clients. * src/cpu/cpu_map.c (CPUMAPFILE): Likewise. * src/driver.c (DEFAULT_DRIVER_DIR): Likewise. * src/internal.h (_): Likewise. * src/libvirt.c (virInitialize): Likewise. * src/lxc/lxc_conf.h (LXC_CONFIG_DIR, LXC_STATE_DIR, LXC_LOG_DIR): Likewise. * src/lxc/lxc_conf.c (lxcCapsInit, lxcLoadDriverConfig): Likewise. * src/network/bridge_driver.c (NETWORK_PID_DIR) (NETWORK_STATE_DIR, DNSMASQ_STATE_DIR, networkStartup): Likewise. * src/nwfilter/nwfilter_driver.c (nwfilterDriverStartup): Likewise. * src/qemu/qemu_conf.c (qemudLoadDriverConfig): Likewise. * src/qemu/qemu_driver.c (qemudStartup): Likewise. * src/remote/remote_driver.h (LIBVIRTD_PRIV_UNIX_SOCKET) (LIBVIRTD_PRIV_UNIX_SOCKET_RO, LIBVIRTD_CONFIGURATION_FILE) (LIBVIRT_PKI_DIR): Likewise. * src/secret/secret_driver.c (secretDriverStartup): Likewise. * src/security/security_apparmor.c (VIRT_AA_HELPER): Likewise. * src/security/virt-aa-helper.c (main): Likewise. * src/storage/storage_backend_disk.c (PARTHELPER): Likewise. * src/storage/storage_driver.c (storageDriverStartup): Likewise. * src/uml/uml_driver.c (TEMPDIR, umlStartup): Likewise. * src/util/hooks.c (LIBVIRT_HOOK_DIR): Likewise. * tools/virsh.c (main): Likewise. * docs/hooks.html.in: Likewise.
-
- 12 11月, 2010 1 次提交
-
-
由 Jamie Strandboge 提交于
When <uuid> is not in the XML, a virUUIDGenerate() ends up being called which is unnecessary and can lead to crashes if /dev/urandom isn't available because virRandomInitialize() is not called within virt-aa-helper. This patch adds verify_xpath_context() and updates caps_mockup() to use it. Bug-Ubuntu: https://launchpad.net/bugs/672943
-
- 10 11月, 2010 1 次提交
-
-
由 Stefan Berger 提交于
Using automated replacement with sed and editing I have now replaced all occurrences of close() with VIR_(FORCE_)CLOSE() except for one, of course. Some replacements were straight forward, others I needed to pay attention. I hope I payed attention in all the right places... Please have a look. This should have at least solved one more double-close error.
-
- 01 10月, 2010 1 次提交
-
-
由 Jamie Strandboge 提交于
Description: Implement AppArmorSetSecurityHostdevLabel() and AppArmorRestoreSecurityHostdevLabel() for hostdev and pcidev attach. virt-aa-helper also has to be adjusted because *FileIterate() is used for pci and usb devices and the corresponding XML for hot attached hostdev and pcidev is not in the XML passed to virt-aa-helper. The new '-F filename' option is added to append a rule to the profile as opposed to the existing '-f filename', which rewrites the libvirt-<uuid>.files file anew. This new '-F' option will append a rule to an existing libvirt-<uuid>.files if it exists, otherwise it acts the same as '-f'. load_profile() and reload_profile() have been adjusted to add an 'append' argument, which when true will use '-F' instead of '-f' when executing virt-aa-helper. All existing calls to load_profile() and reload_profile() have been adjusted to use the old behavior (ie append==false) except AppArmorSetSavedStateLabel() where it made sense to use the new behavior. This patch also adds tests for '-F'. Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/640993
-
- 24 9月, 2010 1 次提交
-
-
由 Jamie Strandboge 提交于
Description: Check for VIR_DOMAIN_CHR_TYPE in serial ports and add 'rw' for defined serial ports, parallel ports and channels Bug-Ubuntu: LP: #578527, LP: #609055
-
- 17 8月, 2010 1 次提交
-
-
由 Jamie Strandboge 提交于
* src/security/virt-aa-helper.c: Add missing include.
-
- 24 7月, 2010 3 次提交
-
-
由 Matthias Bolte 提交于
Commit 68719c4b added the p option to control disk format probing, but it wasn't added to the getopt_long optstring parameter. Add the p option to the getopt_long optstring parameter.
-
由 Matthias Bolte 提交于
Commit a8853344 added this function and wrapped vah_add_file in it. vah_add_file may return -1, 0, 1. It returns 1 in case the call to valid_path detects a restricted file. The original code treated a return value != 0 as error. The refactored code treats a return value < 0 as error. This triggers segfault in virt-aa-helper and breaks virt-aa-helper-test for the restricted file tests. Make sure that add_file_path returns -1 on error.
-
由 Matthias Bolte 提交于
virt-aa-helper used to ignore errors when opening files. Commit a8853344 refactored the related code and changed this behavior. virt-aa-helper didn't ignore open errors anymore and virt-aa-helper-test fails. Make sure that virt-aa-helper ignores open errors again.
-
- 20 7月, 2010 3 次提交
-
-
由 Daniel P. Berrange 提交于
Disk format probing is now disabled by default. A new config option in /etc/qemu/qemu.conf will re-enable it for existing deployments where this causes trouble
-
由 Daniel P. Berrange 提交于
Update the QEMU cgroups code, QEMU DAC security driver, SELinux and AppArmour security drivers over to use the shared helper API virDomainDiskDefForeachPath(). * src/qemu/qemu_driver.c, src/qemu/qemu_security_dac.c, src/security/security_selinux.c, src/security/virt-aa-helper.c: Convert over to use virDomainDiskDefForeachPath()
-
由 Daniel P. Berrange 提交于
Require the disk image to be passed into virStorageFileGetMetadata. If this is set to VIR_STORAGE_FILE_AUTO, then the format will be resolved using probing. This makes it easier to control when probing will be used * src/qemu/qemu_driver.c, src/qemu/qemu_security_dac.c, src/security/security_selinux.c, src/security/virt-aa-helper.c: Set VIR_STORAGE_FILE_AUTO when calling virStorageFileGetMetadata. * src/storage/storage_backend_fs.c: Probe for disk format before calling virStorageFileGetMetadata. * src/util/storage_file.h, src/util/storage_file.c: Remove format from virStorageFileMeta struct & require it to be passed into method.
-
- 19 5月, 2010 1 次提交
-
-
由 Jim Meyering 提交于
Do not require each caller of virStorageFileGetMetadata and virStorageFileGetMetadataFromFD to first clear the storage of the "meta" buffer. Instead, initialize that storage in virStorageFileGetMetadataFromFD. * src/util/storage_file.c (virStorageFileGetMetadataFromFD): Clear "meta" here, not before each of the following callers. * src/qemu/qemu_driver.c (qemuSetupDiskCgroup): Don't clear "meta" here. (qemuTeardownDiskCgroup): Likewise. * src/qemu/qemu_security_dac.c (qemuSecurityDACSetSecurityImageLabel): Likewise. * src/security/security_selinux.c (SELinuxSetSecurityImageLabel): Likewise. * src/security/virt-aa-helper.c (get_files): Likewise.
-
- 18 5月, 2010 1 次提交
-
-
由 Jim Meyering 提交于
* cfg.mk (useless_free_options): Add many vir*Free* function names, and then remove the useless if-before-free tests exposed by running make syntax-check. * src/conf/interface_conf.c (virInterfaceDefFree): Remove useless "if". (virInterfaceAssignDef): Likewise. * src/conf/network_conf.c (virNetworkAssignDef): Likewise. * src/conf/storage_conf.c (virStoragePoolObjAssignDef): Likewise. * src/node_device/node_device_hal.c (dev_create): Likewise. * src/security/virt-aa-helper.c (vahDeinit): Likewise. * src/test/test_driver.c (testNodeDeviceCreateXML): Likewise. * src/util/conf.c (virConfSetValue): Likewise.
-
- 07 4月, 2010 1 次提交
-
-
由 Jamie Strandboge 提交于
* src/security/virt-aa-helper.c: add support for SDL devices and 3 code cleanups
-