- 19 9月, 2013 2 次提交
-
-
由 Daniel P. Berrange 提交于
With the existing pkcheck (pid, start time) tuple for identifying the process, there is a race condition, where a process can make a libvirt RPC call and in another thread exec a setuid application, causing it to change to effective UID 0. This in turn causes polkit to do its permission check based on the wrong UID. To address this, libvirt must get the UID the caller had at time of connect() (from SO_PEERCRED) and pass a (pid, start time, uid) triple to the pkcheck program. Signed-off-by: NColin Walters <walters@redhat.com> Signed-off-by: NDaniel P. Berrange <berrange@redhat.com> (cherry picked from commit 922b7fda) Conflicts: src/access/viraccessdriverpolkit.c Resolution: Dropped file that does not exist in this branch.
-
由 Daniel P. Berrange 提交于
Since PIDs can be reused, polkit prefers to be given a (PID,start time) pair. If given a PID on its own, it will attempt to lookup the start time in /proc/pid/stat, though this is subject to races. It is safer if the client app resolves the PID start time itself, because as long as the app has the client socket open, the client PID won't be reused. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com> (cherry picked from commit 979e9c56) Conflicts: src/util/virprocess.c src/util/virstring.c src/util/virstring.h src/rpc/virnetserverclient.c src/rpc/virnetsocket.h src/util/viridentity.h
-
- 11 7月, 2013 2 次提交
-
-
由 Ján Tomko 提交于
Don't reuse the return value of virStorageBackendFileSystemIsMounted. If it's 0, we'd return it even if the mount command failed. Also, don't report another error if it's -1, since one has already been reported. Introduced by 258e06c8. https://bugzilla.redhat.com/show_bug.cgi?id=981251 (cherry picked from commit 13fde7ce)
-
由 Ján Tomko 提交于
If qemuMonitorBlockJob returned 0, qemuDomainBlockPivot might return 0 even if an error occured. https://bugzilla.redhat.com/show_bug.cgi?id=977678 (cherry picked from commit c34107df)
-
- 01 7月, 2013 3 次提交
-
-
由 Ján Tomko 提交于
If networkUnplugBandwidth is called on a network which has no bandwidth defined, print a warning instead of crashing. This can happen when destroying a domain with bandwidth if bandwidth was removed from the network after the domain was started. https://bugzilla.redhat.com/show_bug.cgi?id=975359 (cherry picked from commit 658c932a)
-
由 Ján Tomko 提交于
Don't check for '\n' at the end of file if zero bytes were read. Found by valgrind: ==404== Invalid read of size 1 ==404== at 0x529B09F: virCgroupGetValueStr (vircgroup.c:540) ==404== by 0x529AF64: virCgroupMoveTask (vircgroup.c:1079) ==404== by 0x1EB475: qemuSetupCgroupForEmulator (qemu_cgroup.c:1061) ==404== by 0x1D9489: qemuProcessStart (qemu_process.c:3801) ==404== by 0x18557E: qemuDomainObjStart (qemu_driver.c:5787) ==404== by 0x190FA4: qemuDomainCreateWithFlags (qemu_driver.c:5839) Introduced by 0d0b4098. https://bugzilla.redhat.com/show_bug.cgi?id=978356 (cherry picked from commit 306c49ff)
-
由 Ján Tomko 提交于
Free the old XML strings before overwriting them if the user has chosen to reedit the file or force the redefinition. Found by Alex Jia trying to reproduce another bug: https://bugzilla.redhat.com/show_bug.cgi?id=977430#c3 (cherry picked from commit 1e3a2529)
-
- 01 6月, 2013 1 次提交
-
-
由 Laine Stump 提交于
This should resolve: https://bugzilla.redhat.com/show_bug.cgi?id=959191 The problem was that qemuUpdateActivePciHostdevs was returning 0 (success) when no hostdevs were present, but would otherwise return -1 (failure) even when it completed successfully. It is only called from qemuProcessReconnect(), and when qemuProcessReconnect got back an error, it would not only stop reconnecting, but would terminate the guest qemu process "to remove danger of it ending up running twice if user tries to start it again later". (This bug was introduced in commit 011cf7ad, which was pushed between v1.0.2 and v1.0.3, so all maintenance branches from v1.0.3 up to 1.0.5 will need this one line patch applied.) (cherry picked from commit 2ea45647)
-
- 16 5月, 2013 1 次提交
-
- 09 5月, 2013 7 次提交
-
-
由 Ján Tomko 提交于
The controller element supports non-disk controller types too. https://bugzilla.redhat.com/show_bug.cgi?id=960958 (cherry picked from commit c075f89f)
-
由 Ján Tomko 提交于
Set spice password even if default VNC password hasn't been set. https://bugzilla.redhat.com/show_bug.cgi?id=953720 (cherry picked from commit 4327df7e)
-
由 Ján Tomko 提交于
Don't print the pool option name if it's null. Before: virsh # vol-name vol error: failed to get vol 'vol', specifying --(null) might help error: Storage volume not found: no storage vol with matching path vol After: virsh # vol-name vol error: failed to get vol 'vol' error: Storage volume not found: no storage vol with matching path vol Bug: https://bugzilla.redhat.com/show_bug.cgi?id=924571 (cherry picked from commit 7f913c82)
-
由 Ján Tomko 提交于
Since the refactoring in fbe2d494 we call virSecretFree even if virSecretDefineXML fails, which leads to overwriting the error message with: error: Invalid secret: virSecretFree Bug: https://bugzilla.redhat.com/show_bug.cgi?id=929045 (cherry picked from commit bfb4b822)
-
由 Atsushi Kumagai 提交于
When creating a logical volume with virStorageVolCreateXMLFrom, "qemu-img convert" is called internally if clonevol is a file volume. Then, vol->target.format is used as output_fmt parameter but the target.format of logical volumes is always 0 because logical volumes haven't the volume format type element. Fortunately, 0 was treated as RAW file format before commit f772b3d9, so there was no problem. But now, 0 is treated as the type of none, qemu-img fails with "Unknown file format 'none'". This patch fixes this issue by treating output block devices as RAW file format like for input block devices. Signed-off-by: NAtsushi Kumagai <kumagai-atsushi@mxc.nes.nec.co.jp> (cherry picked from commit d369e508)
-
由 Ján Tomko 提交于
If the path part of connection URI is not present, cfg is used unitialized. https://bugzilla.redhat.com/show_bug.cgi?id=950855 (cherry picked from commit 74bff250)
-
- 20 3月, 2013 1 次提交
-
-
由 Doug Goldstein 提交于
When building with --without-libvirtd and udev support is detected we will fail to build with the following error: node_device/node_device_udev.c:1608:37: error: unknown type name 'virStateInhibitCallback' (cherry picked from commit 52ad612c)
-
- 16 3月, 2013 1 次提交
-
-
由 Eric Blake 提交于
We've already scrubbed for comparisons of 'uid_t == -1' (which fail on platforms where uid_t is a u16), but another one snuck in. * src/util/virutil.c (virSetUIDGIDWithCaps): Correct uid comparison. * cfg.mk (sc_prohibit_risky_id_promotion): New rule. (cherry picked from commit 7af86379)
-
- 15 3月, 2013 1 次提交
-
-
由 Laine Stump 提交于
My commit 7a2e845a (and its prerequisites) managed to effectively ignore the clear_emulator_capabilities setting in qemu.conf (visible in the code as the VIR_EXEC_CLEAR_CAPS flag when qemu is being exec'ed), with the result that the capabilities are always cleared regardless of the qemu.conf setting. This patch fixes it by passing the flag through to virSetUIDGIDWithCaps(), which uses it to decide whether or not to clear existing capabilities before adding in those that were requested. Note that the existing capabilities are *always* cleared if the new process is going to run as non-root, since the whole point of running non-root is to have the capabilities removed (it's still possible to maintain individual capabilities as needed using the capBits argument though). (cherry picked from commit 2639c6320647778c1496008058dde57dfca35b92)
-
- 14 3月, 2013 7 次提交
-
-
由 Ján Tomko 提交于
Commit 027bf2ea used the wrong offset: the text field at the start of the header has 64 bytes, not 68. [1] Bug: https://bugzilla.redhat.com/show_bug.cgi?id=921452 [1] https://forums.virtualbox.org/viewtopic.php?p=29267#p29267 (cherry picked from commit 6e46477c)
-
由 Guannan Ren 提交于
virsh subcommand memtune forgot updating domain live xml after setting cgroup value. (cherry picked from commit 0047d5d6)
-
由 Daniel P. Berrange 提交于
In some startup failure modes, the fuse thread may get itself wedged. This will cause the entire libvirt_lxc process to hang trying to the join the thread. There is no compelling reason to wait for the thread to exit if the whole process is exiting, so just daemonize the fuse thread instead. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com> (cherry picked from commit e31f32c6)
-
由 Ján Tomko 提交于
Properly check the return value of vshCommandOptStringReq for xmlfile: * error out on incorrect input (--xmlfile '') * use default XML <domainsnapshot/> with no --xmlfile specified (Broken by commit b2e85855) Bug: https://bugzilla.redhat.com/show_bug.cgi?id=919826 (cherry picked from commit 2fc5ff11)
-
由 Guido Günther 提交于
otherwise we crash with #0 virUSBDeviceListFind (list=0x0, dev=dev@entry=0x8193d70) at util/virusb.c:526 #1 0xb1a4995b in virLXCPrepareHostdevUSBDevices (driver=driver@entry=0x815d9a0, name=0x815dbf8 "debian-700267", list=list@entry=0x81d8f08) at lxc/lxc_hostdev.c:88 #2 0xb1a49fce in virLXCPrepareHostUSBDevices (def=0x8193af8, driver=0x815d9a0) at lxc/lxc_hostdev.c:261 #3 virLXCPrepareHostDevices (driver=driver@entry=0x815d9a0, def=0x8193af8) at lxc/lxc_hostdev.c:328 #4 0xb1a4c5b1 in virLXCProcessStart (conn=0x817d3f8, driver=driver@entry=0x815d9a0, vm=vm@entry=0x8190908, autoDestroy=autoDestroy@entry=false, reason=reason@entry=VIR_DOMAIN_RUNNING_BOOTED) at lxc/lxc_process.c:1068 #5 0xb1a57e00 in lxcDomainStartWithFlags (dom=dom@entry=0x815e460, flags=flags@entry=0) at lxc/lxc_driver.c:1014 #6 0xb1a57fc3 in lxcDomainStart (dom=0x815e460) at lxc/lxc_driver.c:1046 #7 0xb79c8375 in virDomainCreate (domain=domain@entry=0x815e460) at libvirt.c:8450 #8 0x08078959 in remoteDispatchDomainCreate (args=0x81920a0, rerr=0xb65c21d0, client=0xb0d00490, server=<optimized out>, msg=<optimized out>) at remote_dispatch.h:1066 #9 remoteDispatchDomainCreateHelper (server=0x80c4928, client=0xb0d00490, msg=0xb0d005b0, rerr=0xb65c21d0, args=0x81920a0, ret=0x815d208) at remote_dispatch.h:1044 #10 0xb7a36901 in virNetServerProgramDispatchCall (msg=0xb0d005b0, client=0xb0d00490, server=0x80c4928, prog=0x80c6438) at rpc/virnetserverprogram.c:432 #11 virNetServerProgramDispatch (prog=0x80c6438, server=server@entry=0x80c4928, client=0xb0d00490, msg=0xb0d005b0) at rpc/virnetserverprogram.c:305 #12 0xb7a300a7 in virNetServerProcessMsg (msg=<optimized out>, prog=<optimized out>, client=<optimized out>, srv=0x80c4928) at rpc/virnetserver.c:162 #13 virNetServerHandleJob (jobOpaque=0xb0d00510, opaque=0x80c4928) at rpc/virnetserver.c:183 #14 0xb7924f98 in virThreadPoolWorker (opaque=opaque@entry=0x80a94b0) at util/virthreadpool.c:144 #15 0xb7924515 in virThreadHelper (data=0x80a9440) at util/virthreadpthread.c:161 #16 0xb7887c39 in start_thread (arg=0xb65c2b70) at pthread_create.c:304 #17 0xb77eb78e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130 when adding a domain with a usb device. This is Debian bug http://bugs.debian.org/700267 (cherry picked from commit 6082bc27)
-
由 Guido Günther 提交于
This fixes the build on Debian Wheezy which otherwise fails with: CC libvirt_driver_lxc_impl_la-lxc_process.lo lxc/lxc_process.c: In function 'virLXCProcessGetNsInode': lxc/lxc_process.c:648:5: error: implicit declaration of function 'stat' [-Werror=implicit-function-declaration] lxc/lxc_process.c:648:5: error: nested extern declaration of 'stat' [-Werror=nested-externs] cc1: all warnings being treated as errors (cherry picked from commit c8871d8f)
-
由 Guannan Ren 提交于
A value which is equal to a integer maximum such as LLONG_MAX is a valid integer value. The patch fix the following error: 1, virsh memtune vm --swap-hard-limit -1 2, virsh start vm In debug mode, it shows error like: virScaleInteger:1813 : numerical overflow:\ value too large: 9007199254740991KiB (cherry picked from commit b38a040a)
-
- 05 3月, 2013 13 次提交
-
-
由 Daniel Veillard 提交于
- configure.ac docs/news.html.in libvirt.spec.in: update for the release - po/*.po*: merged in transifex updates for fr,hi,pl,ja,uk,it and regenerated
-
由 Eric Blake 提交于
There is some controversy[1] on the qemu list on whether qemu should have ever allowed arbitrary file name passthrough, or whether it should be restricted to JUST /dev/random and /dev/hwrng. It is always easier to add support for additional filenames than it is to remove support for something once released, so this patch restricts libvirt 1.0.3 (where the virtio-random backend was first supported) to just the two uncontroversial names, letting us defer to a later date any decision on whether supporting arbitrary files makes sense. Additionally, since qemu 1.4 does NOT support /dev/fdset/nnn fd passthrough for the backend, limiting to just two known names means that we don't get tempted to try fd passthrough where it won't work. [1]https://lists.gnu.org/archive/html/qemu-devel/2013-03/threads.html#00023 * src/conf/domain_conf.c (virDomainRNGDefParseXML): Only allow /dev/random and /dev/hwrng. * docs/schemas/domaincommon.rng: Flag invalid files. * docs/formatdomain.html.in (elementsRng): Document this. * tests/qemuxml2argvdata/qemuxml2argv-virtio-rng-random.args: Update test to match. * tests/qemuxml2argvdata/qemuxml2argv-virtio-rng-random.xml: Likewise.
-
由 John Ferlan 提交于
Added a picture and explanation describing the virConnectOpen processing at a "higher" level, but with some source code references.
-
由 John Ferlan 提交于
-
由 John Ferlan 提交于
-
由 John Ferlan 提交于
-
由 John Ferlan 提交于
-
由 John Ferlan 提交于
-
由 John Ferlan 提交于
-
由 John Ferlan 提交于
Change the order of some conditions and use the AllDomains API to get a list of all the active and defined domains, then use the Active and Name API's in order to print. This changes here adjust the output from: Attempting to connect to hypervisor Connected to hypervisor at "qemu:///system" Hypervisor: "QEMU" version: 0.32.656 There are 0 active and 2 inactive domains Inactive domains: foo bar Disconnected from hypervisor to Attempting to connect to hypervisor Connected to hypervisor at "qemu:///system" Hypervisor: "QEMU" version: 0.32.656 There are 0 active and 2 inactive domains foo (non-active) bar (non-active) Disconnected from hypervisor
-
由 John Ferlan 提交于
Update the function prototypes to include a message about the client needing to free() returned name fields. Fix the all domains example flags values.
-
由 Daniel P. Berrange 提交于
When given a CA cert with basic constraints to set non-critical, and key usage of 'key signing', this should be rejected. Version of GNUTLS < 3 do not rejecte it though, so we never noticed the test case was broken Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Satoru Moriya 提交于
19c6ad9a (qemu: Refactor qemuDomainSetMemoryParameters) introduced a new macro, VIR_GET_LIMIT_PARAMETER(PARAM, VALUE). But if statement in the macro is not correct and so set_XXXX flags are set to false in the wrong. As a result, libvirt ignores all memtune parameters. This patch fixes the conditional expression to work correctly. Signed-off-by: NSatoru Moriya <satoru.moriya@hds.com>
-
- 04 3月, 2013 1 次提交
-
-
由 Guannan Ren 提交于
BZ:https://bugzilla.redhat.com/show_bug.cgi?id=912021 Without error handler set, virDefaultErrorFunc will be called, the error message is prefixed with "libvir:". It become a little better by using prefix "libvirt:" when working with upper application. For example: 1, stop libvirtd daemon 2, run virt-top. libvir: XML-RPC error : Failed to connect \ socket to '/var/run/libvirt/libvirt-sock-ro': \ No such file or directory libvirt: VIR_ERR_SYSTEM_ERROR: VIR_FROM_RPC: \ Failed to connect socket to '/var/run/libvirt/libvirt-sock-ro': \ No such file or directory
-