Commit 870dba07 (Mar 2008) added builddir/src to PATH to pick
up virsh.  Later, virsh was moved to tools; commit db68d6b1
(Oct 2009) noticed this, but only added the new location rather
than deleting the old location.

* tests/Makefile.am (path_add): Drop now-useless directory.
Suggested by Daniel P. Berrange.

Without this patch, at least tests/daemon-conf (which sticks
$builddir/src in the PATH) tries to execute the directory
$builddir/src/qemu rather than a real qemu binary.

* src/util/util.h (virFileExists): Adjust prototype.
(virFileIsExecutable): New prototype.
* src/util/util.c (virFindFileInPath): Reject non-executables and
directories.  Avoid huge stack allocation.
(virFileExists): Use lighter-weight syscall.
(virFileIsExecutable): New function.
* src/libvirt_private.syms (util.h): Export new function.

* bootstrap.conf (gnulib_modules): Add chown.

Signed-off-by: NWen Congyang <wency@cn.fujitsu.com>

When we do peer2peer migration, the dest uri is an address of the
target host as seen from the source machine. So we must specify
the ip or hostname of target host in dest uri. If we do not specify
it, report an error to the user.
Signed-off-by: NWen Congyang <wency@cn.fujitsu.com>

If the emulator doesn't support SDL graphic, we should reject
the use of SDL graphic xml with error messages, but not ignore
it silently, and pretend things are fine.

"-sdl" flag was exposed explicitly by qemu since 0.10.0, more detail:
http://www.redhat.com/archives/libvir-list/2011-January/msg00442.html

And we already have capability flag "QEMUD_CMD_FLAG_0_10", which
could be used to prevent the patch affecting the older versions
of QEMU.

* src/qemu/qemu_command.c

Don't report an error when the VirtualBox registry key is missing,
as this just indicates that VirtualBox is not installed in general.

This matches the behavior of the XPCOM glue that silently ignores
a missing VBoxXPCOMC.so.

Skip IB700 when assigning PCI slots.

Note: the I6300ESB watchdog _is_ a PCI device.

To test this: I applied this patch to libvirt-0.8.3-2.fc14 (rebasing
it slightly: qemu_command.c didn't exist in that version) and
installed this on my machine, then tested that I could successfully
add an ib700 watchdog device to a guest, start the guest, and the
ib700 was available to the guest.  I also added an i6300esb (PCI)
watchdog to another guest, and verified that libvirt assigned a PCI
device to it, that the guest could be started, and that i6300esb was
present in the guest.

Note that if you previously had a domain with a ib700 watchdog, it
would have had an <address type='pci' .../> clause added to it in the
libvirt configuration.  This patch does not attempt to remove this.
You cannot start such a domain -- qemu gives an error if you try.
With this patch you are able to remove the bogus address element
without libvirt adding it back.
Signed-off-by: NRichard W.M. Jones <rjones@redhat.com>

* src/cpu/cpu_x86.c (x86ModelLoad): Free data before overwriting.

* src/conf/network_conf.c (virNetworkDefParseXML): Release ipNodes.

* src/util/network.c (virSocketAddrMask): Zero out port, so that
iptables can initialize just the netmask then call
virSocketFormatAddr without an uninitialized read in getnameinfo.

On Fedore 14, virt-manager spews a bunch of warnings to the console:

/usr/lib64/python2.7/site-packages/libvirt.py:1781: PendingDeprecationWarning: The CObject type is marked Pending Deprecation in Python 2.7.  Please use capsule objects instead.

Have libvirt use the capsule API if available. I've verified this compiles
fine on older python (2.6 in RHEL6 which doesn't have capsules), and
virt-manager seems to function fine.

Make it easy to change debugging if being used by a client program.

After the remote driver runs an event callback, it unconditionally disables the
loop timer, thinking it just flushed every queued event. This doesn't work
correctly though if an event is queued while a callback is running.

The events actually aren't being lost, it's just that the event loop didn't
think there was anything that needed to be dispatched. So all those 'lost
events' should actually get re-triggered if you manually kick the loop by
generating a new event (like creating a new guest).

The solution is to disable the dispatch timer _before_ we invoke any event
callbacks. Events queued while a callback is running will properly reenable the
timer.

More info at https://bugzilla.redhat.com/show_bug.cgi?id=624252

The current security driver usage requires horrible code like

    if (driver->securityDriver &&
        driver->securityDriver->domainSetSecurityHostdevLabel &&
        driver->securityDriver->domainSetSecurityHostdevLabel(driver->securityDriver,
                                                              vm, hostdev) < 0)

This pair of checks for NULL clutters up the code, making the driver
calls 2 lines longer than they really need to be. The goal of the
patchset is to change the calling convention to simply

  if (virSecurityManagerSetHostdevLabel(driver->securityDriver,
                                        vm, hostdev) < 0)

The first check for 'driver->securityDriver' being NULL is removed
by introducing a 'no op' security driver that will always be present
if no real driver is enabled. This guarentees driver->securityDriver
!= NULL.

The second check for 'driver->securityDriver->domainSetSecurityHostdevLabel'
being non-NULL is hidden in a new abstraction called virSecurityManager.
This separates the driver callbacks, from main internal API. The addition
of a virSecurityManager object, that is separate from the virSecurityDriver
struct also allows for security drivers to carry state / configuration
information directly. Thus the DAC/Stack drivers from src/qemu which
used to pull config from 'struct qemud_driver' can now be moved into
the 'src/security' directory and store their config directly.

* src/qemu/qemu_conf.h, src/qemu/qemu_driver.c: Update to
  use new virSecurityManager APIs
* src/qemu/qemu_security_dac.c,  src/qemu/qemu_security_dac.h
  src/qemu/qemu_security_stacked.c, src/qemu/qemu_security_stacked.h:
  Move into src/security directory
* src/security/security_stack.c, src/security/security_stack.h,
  src/security/security_dac.c, src/security/security_dac.h: Generic
  versions of previous QEMU specific drivers
* src/security/security_apparmor.c, src/security/security_apparmor.h,
  src/security/security_driver.c, src/security/security_driver.h,
  src/security/security_selinux.c, src/security/security_selinux.h:
  Update to take virSecurityManagerPtr object as the first param
  in all callbacks
* src/security/security_nop.c, src/security/security_nop.h: Stub
  implementation of all security driver APIs.
* src/security/security_manager.h, src/security/security_manager.c:
  New internal API for invoking security drivers
* src/libvirt.c: Add missing debug for security APIs

If invalid type is specified, e.g.
<serial type='foo'>
    <target port='0'/>
</serial>

We replace 'foo' with "null" type implicitly, without reporting an
error message to tell the user, and "start" or "edit" the domain
will be success.

It's not good to guess what the user wants, This patch is to fix
the problem.

* src/conf/domain_conf.c

Setting unix_sock_group to something else than default "root" in
/etc/libvirt/libvirtd.conf prevents system libvirtd from dumping core on
crash. This is because we used setgid(unix_sock_group) before binding to
/var/run/libvirt/libvirt-sock* and setgid() back to original group.
However, if a process changes its effective or filesystem group ID, it
will be forbidden from leaving core dumps unless fs.suid_dumpable sysctl
is set to something else then 0 (and it is 0 by default).

Changing socket's group ownership after bind works better. And we can do
so without introducing a race condition since we loosen access rights by
changing the group from root to something else.

and keep it enabled by default. This allows downstreams to turn it off
via:

./configure --disable-maintainer-mode

as discussed in

https://www.redhat.com/archives/virt-tools-list/2010-October/msg00049.html

This simplifies the callers of esxVI_LookupObjectContentByType.

This avoids throwing the tests off if LD_LIBRARY_PATH or LD_PRELOAD or
other variables are set.
Signed-off-by: NDiego Elio Pettenò <flameeyes@gmail.com>

Update test suite accordingly.

VirtualBox uses megabyte, libvirt uses kilobyte.

Add VM name/UUID in log for domain related APIs.
Format: "dom=%p, (VM: name=%s, uuid=%s), param0=%s, param1=%s

*src/libvirt.c (introduce two macros: VIR_DOMAIN_DEBUG, and
VIR_DOMAIN_DEBUG0)

* docs/schemas/domain.rng (qemucdevSrcDef): Restrict list of
supported <protocol type=> values.

I added a host definition to a network definition:

<network>
  <name>Lokal</name>
  <uuid>2074f379-b82c-423f-9ada-305d8088daaa</uuid>
  <bridge name='virbr1' stp='on' delay='0' />
  <ip address='192.168.180.1' netmask='255.255.255.0'>
    <dhcp>
      <range start='192.168.180.128' end='192.168.180.254' />
      <host mac='23:74:00:03:42:02' name='somevm' ip='192.168.180.10' />
    </dhcp>
  </ip>
</network>

But due to the wrong if-statement the argument --dhcp-hostsfile doesn't get
added to the dnsmasq command. The patch below fixes it for me.

The warning is bogus since strtok_r doesn't use the value when it's
first called and initializes it for the following calls.

When dynamic_ownership=0, saved images must be owned by the same uid
as is used to run the qemu process, otherwise restore won't work. To
accomplish this, qemuSecurityDACRestoreSavedStateLabel() needs to
simply return when it's called.

This fix is in response to:

  https://bugzilla.redhat.com/show_bug.cgi?id=661720

* docs/hacking.html.in (Curly braces): Tighten recommendations to
disallow if (cond) one-line; else { block; }.
* HACKING: Regenerate.
Suggested by Daniel P. Berrange.

Although the upper-layer code protected against it, it was possible to
call iptablesForwardMasquerade() with an IPv6 address and have it
attempt to add a rule to the MASQUERADE chain of ip6tables (which
doesn't exist).

This patch changes that function to check the protocol of the given
address, generate an error log if it's not IPv4 (AF_INET), and finally
hardcodes all the family parameters sent down to lower-level functions.

This is partially in response to

  https://bugzilla.redhat.com/show_bug.cgi?id=653300

The crash in that report was coincidentally fixed when we switched
from using inet_pton() to using virSocketParseAddr(), but the absence
of an ip address in a dhcp static host definition was still silently
ignored (and that entry discarded from the saved XML). This patch
turns that into a logged failure; likewise if the entry has neither a
mac address nor a name attribute (the entry is useless without at
least one of those, plus an ip address).

Since the network name is now pulled into this function in order for
those error logs to be more informative, the other error messages in
the function have also been changed to take advantage.

Also added explicit links to the subscription and
archive pages for the user and developer mailing
lists.