- 19 4月, 2013 2 次提交
-
-
由 Paolo Bonzini 提交于
When running unprivileged, virSetUIDGIDWithCaps will fail because it tries to add the requested capabilities to the permitted and effective sets. Detect this case, and invoke the child with cleared permitted and effective sets. If it is a setuid program, it will get them. Some care is needed also because you cannot drop capabilities from the bounding set without CAP_SETPCAP. Because of that, ignore errors from setting the bounding set. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Paolo Bonzini 提交于
The need_prctl variable is not really needed. If it is false, capng_apply will be called twice with the same set, causing a little extra work but no problem. This keeps the code a bit simpler. It is also clearer to invoke capng_apply(CAPNG_SELECT_BOUNDS) separately, to make sure it is done while we have CAP_SETPCAP. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
- 18 4月, 2013 4 次提交
-
-
由 Tal Kain 提交于
Reusing the result of virArchFromHost instead of calling it multiple times Signed-off-by: NTal Kain <tal.kain@ravellosystems.com> Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Peter Krempa 提交于
When turning a started persistent network into a transient one we forgot to remove the autostart flag that is no longer valid at that point.
-
由 Osier Yang 提交于
Directories python/tools/examples should include them in <> form, though this patch allows "" form in these directories by excluding them, a later patch will do the cleanup.
-
由 Ján Tomko 提交于
-
- 17 4月, 2013 5 次提交
-
-
由 Osier Yang 提交于
Commit 2d25fd4f removed the including of "libvirt/libvirt.h", which breaks the build. Pushed under build-breaker rule.
-
由 Osier Yang 提交于
The recent qemu requires "0x" prefix for the disk wwn, this patch changes virValidateWWN to allow the prefix, and prepend "0x" if it's not specified. E.g. qemu-kvm: -device scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=0,\ drive=drive-scsi0-0-0-0,id=scsi0-0-0-0,wwn=6000c60016ea71ad: Property 'scsi-hd.wwn' doesn't take value '6000c60016ea71ad' Though it's a qemu regression, but it's nice to allow the prefix, and doesn't hurt for us to always output "0x".
-
由 Osier Yang 提交于
Which is already included in "internal.h", later patch will add syntax-check to avoid it.
-
由 Osier Yang 提交于
Which is already included by "internal.h", later patch will add syntax-check to avoid it.
-
由 Osier Yang 提交于
Detected by a simple Shell script: for i in $(git ls-files -- '*.[ch]'); do awk 'BEGIN { fail=0 } /# *include.*\.h/{ match($0, /["<][^">]*[">]/) arr[substr($0, RSTART+1, RLENGTH-2)]++ } END { for (key in arr) { if (arr[key] > 1) { fail=1 printf("%d %s\n", arr[key], key) } } if (fail == 1) exit 1 }' $i if test $? != 0; then echo "Duplicate header(s) in $i" fi done; A later patch will add the syntax-check to avoid duplicate headers.
-
- 16 4月, 2013 26 次提交
-
-
由 Stefan Berger 提交于
Fix the error util/vircgroup.c: In function 'virCgroupNewDomainPartition': util/vircgroup.c:1299:11: error: declaration of 'dirname' shadows a global declaration [-Werror=shadow] Signed-off-by: NStefan Berger <stefanb@linux.vnet.ibm.com>
-
由 John Ferlan 提交于
Using "./autogen.sh --system lv_cv_static_analysis=yes" for my daily Coverity builds resulted in the following error when building: In file included from util/vircgrouppriv.h:32:0, from util/vircgroup.c:44: util/vircgroup.h:59:5: error: nonnull argument with out-of-range operand number (argument 1, operand 5) util/vircgroup.h:74:5: error: nonnull argument references non-pointer operand (argument 1, operand 4) make[3]: *** [libvirt_util_la-vircgroup.lo] Error 1 make[3]: Leaving directory `/home/jferlan/libvirt.cov.curr/src' make[2]: *** [all] Error 2 make[2]: Leaving directory `/home/jferlan/libvirt.cov.curr/src' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/home/jferlan/libvirt.cov.curr' make: *** [all] Error 2
-
由 Stefan Berger 提交于
Check for an unsupported QMP command when using the query-tpm-models and query-tpm-types commands before checking for general errors in order to avoid error messages in the log. Signed-off-by: NStefan Berger <stefanb@linux.vnet.ibm.com>
-
由 Stefan Berger 提交于
Revert the patch checking for the QMP query-tpm-models command. Signed-off-by: NStefan Berger <stefanb@linux.vnet.ibm.com>
-
由 Peter Krempa 提交于
Add support for array elements for agent commands just like 64d5e815 did for monitor commands
-
由 Peter Krempa 提交于
The return value description stated that 0 is returned in case of success instead of the count of vCPUs.
-
由 Stefan Berger 提交于
Check for QMP query-tpm-models and set a capability flag. Do not use this QMP command if it is not supported. Signed-off-by: NStefan Berger <stefanb@linux.vnet.ibm.com>
-
由 Daniel P. Berrange 提交于
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The LXC driver currently has code to detect cgroups mounts and then re-mount them inside the new root filesystem. Replace this fragile code with a call to virCgroupIsolateMount. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Add a virCgroupIsolateMount method which looks at where the current process is place in the cgroups (eg /system/demo.lxc.libvirt) and then remounts the cgroups such that this sub-directory becomes the root directory from the current process' POV. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
If a cgroup controller is co-mounted with another, eg /sys/fs/cgroup/cpu,cpuacct Then it is a requirement that there exist symlinks at /sys/fs/cgroup/cpu /sys/fs/cgroup/cpuacct pointing to the real mount point. Add support to virCgroupPtr to detect and track these symlinks Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The virCgroupNewDriver method had a 'bool privileged' param. If a false value was ever passed in, it would simply not work, since non-root users don't have any privileges to create new cgroups. Just delete this broken code entirely and make the QEMU driver skip cgroup setup in non-privileged mode Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Historically QEMU/LXC guests have been placed in a cgroup layout that is $LOCATION-OF-LIBVIRTD/libvirt/{qemu,lxc}/$VMNAME This is bad for a number of reasons - The cgroup hierarchy gets very deep which seriously impacts kernel performance due to cgroups scalability limitations. - It is hard to setup cgroup policies which apply across services and virtual machines, since all VMs are underneath the libvirtd service. To address this the default cgroup location is changed to be /system/$VMNAME.{lxc,qemu}.libvirt This puts virtual machines at the same level in the hierarchy as system services, allowing consistent policy to be setup across all of them. This also honours the new resource partition location from the XML configuration, for example <resource> <partition>/virtualmachines/production</partitions> </resource> will result in the VM being placed at /virtualmachines/production/$VMNAME.{lxc,qemu}.libvirt NB, with the exception of the default, /system, path which is intended to always exist, libvirt will not attempt to auto-create the partitions in the XML. It is the responsibility of the admin/app to configure the partitions. Later libvirt APIs will provide a way todo this. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Allow VMs to be placed into resource groups using the following syntax <resource> <partition>/virtualmachines/production</partition> </resource> A resource cgroup will be backed by some hypervisor specific functionality, such as cgroups with KVM/LXC. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
A resource partition is an absolute cgroup path, ignoring the current process placement. Expose a virCgroupNewPartition API for constructing such cgroups Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Currently if virCgroupMakeGroup fails, we can get in a situation where some controllers have been setup, but others not. Ensure we call virCgroupRemove to remove what we've done upon failure Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Currently the virCgroupPtr struct contains 3 pieces of information - path - path of the cgroup, relative to current process' cgroup placement - placement - current process' placement in each controller - mounts - mount point of each controller When reading/writing cgroup settings, the path & placement strings are combined to form the file path. This approach only works if we assume all cgroups will be relative to the current process' cgroup placement. To allow support for managing cgroups at any place in the heirarchy a change is needed. The 'placement' data should reflect the absolute path to the cgroup, and the 'path' value should no longer be used to form the paths to the cgroup attribute files. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Rename all the virCgroupForXXX methods to use the form virCgroupNewXXX since they are all constructors. Also make sure the output parameter is the last one in the list, and annotate all pointers as non-null. Fix up all callers, and make sure they use true/false not 0/1 for the boolean parameters Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The definition of structs for cgroups are kept in vircgroup.c since they are intended to be private from users of the API. To enable effective testing, however, they need to be accessible. To address the latter issue, without compronmising the former, this introduces a new vircgrouppriv.h file to hold the struct definitions. To prevent other files including this private header, it requires that __VIR_CGROUP_ALLOW_INCLUDE_PRIV_H__ be defined before inclusion Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Instead of calling virCgroupForDomain every time we need the virCgrouPtr instance, just do it once at Vm startup and cache a reference to the object in virLXCDomainObjPrivatePtr until shutdown of the VM. Removing the virCgroupPtr from the LXC driver state also means we don't have stale mount info, if someone mounts the cgroups filesystem after libvirtd has been started Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Instead of calling virCgroupForDomain every time we need the virCgrouPtr instance, just do it once at Vm startup and cache a reference to the object in qemuDomainObjPrivatePtr until shutdown of the VM. Removing the virCgroupPtr from the QEMU driver state also means we don't have stale mount info, if someone mounts the cgroups filesystem after libvirtd has been started Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The virCgroupForDriver method recently gained an 'int controllers' parameter, but the stub impl did not Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Introduce a method virFileDeleteTree for recursively deleting an entire directory tree Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The second param of virNetlinkCommand should be struct nlmsghdr, not unsigned char. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Win32 does not like undefined symbols, so define an empty virThreadCancel impl. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 15 4月, 2013 3 次提交
-
-
由 Osier Yang 提交于
Though they are the same thing, mixed use of them is uncomfortable. "unsigned" is used a lot in old codes, this just tries to change the ones in utils.
-
由 Daniel P. Berrange 提交于
If libvirt makes any gcry_control() calls, then this prevents gnutls for doing any initialization. As such we must take care to do full initialization of libcrypt on a par with what gnutls would have done. In particular we must disable "sec mem" for cases where the user does not have mlock() permission. We also skip our init of libgcrypt if something else (ie the app using libvirt) has beaten us to it. https://bugzilla.redhat.com/show_bug.cgi?id=951630Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Peter Krempa 提交于
Report the errors as: Domain not found: no domain with matching uuid '41414141-4141-4141-4141-414141414141' (crashtest) instead of: Domain not found: no domain with matching uuid '41414141-4141-4141-4141-414141414141'
-