- 13 9月, 2013 3 次提交
-
-
由 Martin Kletzander 提交于
-
由 Martin Kletzander 提交于
-
由 Daniel P. Berrange 提交于
The VIR_ACCESS_PERM_CONNECT_DETECT_STORAGE_POOLS enum constant had its string format be 'detect_storage_pool', note the missing trailing 's'. This prevent the ACL check from ever succeeding. Fix this and add a simple test script to validate this problem of matching names. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 12 9月, 2013 13 次提交
-
-
由 Gao feng 提交于
Right now we mount selinuxfs even user namespace is enabled and ignore the error. But we shouldn't ignore these errors when user namespace is not enabled. This patch skips mounting selinuxfs when user namespace enabled. Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com>
-
由 Peter Krempa 提交于
When reverting a live internal snapshot with a live guest the ABI compatiblity check was comparing a "migratable" definition with a normal one. This resulted in the check failing with: revert requires force: Target device address type none does not match source pci This patch generates a "migratable" definition from the actual one to check against the definition from the snapshot to avoid this problem. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1006886
-
由 Laine Stump 提交于
This resolves: https://bugzilla.redhat.com/show_bug.cgi?id=983026 The netcf interface driver previously had no state driver associated with it - as a connection was opened, it would create a new netcf instance just for that connection, and close it when it was finished. the problem with this is that each connection to libvirt used up a netlink socket, and there is a per process maximum of ~1000 netlink sockets. The solution is to create a state driver to go along with the netcf driver. The state driver will opens a netcf instance, then all connections share that same netcf instance, thus only a single netlink socket will be used no matter how many connections are mde to libvirtd. This was rather simple to do - a new virObjectLockable class is created for the single driverState object, which is created in netcfStateInitialize and contains the single netcf handle; instead of creating a new object for each client connection, netcfInterfaceOpen now just increments the driverState object's reference count and puts a pointer to it into the connection's privateData. Similarly, netcfInterfaceClose() just un-refs the driverState object (as does netcfStateCleanup()), and virNetcfInterfaceDriverStateDispose() handles closing the netcf instance. Since all the functions already have locking around them, the static lock functions used by all functions just needed to be changed to call virObjectLock() and virObjectUnlock() instead of directly calling the virMutex* functions.
-
由 Laine Stump 提交于
This better fits the modern naming scheme in libvirt, and anticipates an upcoming change where a single instance of this state will be maintained by a separate state driver, and every instance of the netcf driver will share the same state.
-
由 Daniel P. Berrange 提交于
If the guest is configured with <filesystem type='mount'> <source dir='/'/> <target dir='/'/> <readonly/> </filesystem> Then any submounts under / should also end up readonly, except for those setup as basic mounts. eg if the user has /home on a separate volume, they'd expect /home to be readonly, but we should not touch the /sys, /proc, etc dirs we setup ourselves. Users can selectively make sub-mounts read-write again by simply listing them as new mounts without the <readonly> flag set <filesystem type='mount'> <source dir='/home'/> <target dir='/home'/> </filesystem> Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Move the array of basic mounts out of the lxcContainerMountBasicFS function, to a global variable. This is to allow it to be referenced by other methods wanting to know what the basic mount paths are. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Describe some of the issues to be aware of when configuring LXC guests with security isolation as a goal. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Debian systems may run the 'systemd-logind' daemon, which causes the /sys/fs/cgroup/systemd mount to be setup, but no other cgroup controllers are created. While the LXC driver considers cgroups to be mandatory, the QEMU driver is supposed to accept them as optional. We detect whether they are present by looking in /proc/mounts for any mounts of type 'cgroups', but this is not sufficient. We need to skip any named mounts (as seen by a name=XXX string in the mount options), so that we only detect actual resource controllers. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721979Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The polkit access driver used the wrong permission names for checks on storage pools, volumes and node devices. This led to them always being denied access. The 'dettach' permission was also mis-spelt and should have been 'detach'. While permission names are ABI sensitive, the fact that the code used the wrong object name for checking node device permissions, means that no one could have used the mis-spelt 'dettach' permission. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Jiri Denemark 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1006864 Commit 38ab1225 changed the default value of ret from true to false but forgot to set ret = true when job is NONE. Thus, virsh domjobinfo returned 1 when there was no job running for a domain but it used to (and should) return 0 in this case.
-
由 Daniel Veillard 提交于
First make sure that the input is xhtml as the stylesheets expect namespaced element, then use a span element instead of a as a is treated specially, finally adjust the makefile to check for the new span element and replace it with the PHP code
-
由 Michal Novotny 提交于
This fixes the description of virConnectGetType() API function in API documentation to match the real functionality that it can be used to get driver name, and provide a hint on how to learn about full capabilities. Signed-off-by: NMichal Novotny <minovotn@redhat.com> Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
Commits 9298bfbc and f6c29515 both tried to make it possible to select the correct libnl (1 vs. 3) according to what netcf used, when both libraries are installed. This works to avoid libnl-3 when netcf used libnl-1. But on the converse side, if only libnl-1 development code is installed, while netcf uses libnl-3, then configure happily uses libnl-1 anyways, leading to a test failure: $ VIR_TEST_DEBUG=1 ./virdrivermoduletest TEST: virdrivermoduletest 1) Test driver "network" ... OK 2) Test driver "storage" ... OK 3) Test driver "nodedev" ... OK 4) Test driver "secret" ... OK 5) Test driver "nwfilter" ... OK 6) Test driver "interface" ... lt-virdrivermoduletest: route/tc.c:973: rtnl_tc_register: Assertion `0' failed. Aborted It's much nicer to prevent this at configure time, by requiring that if we know what netcf used, then we want the same libnl version. As before, this can be bypassed by someone who knows what they are doing by setting LIBNL_CFLAGS (perhaps useful to the rare person where the build box has a different version of netcf than the installation box). * configure.ac (LIBNL): If we can prove netcf used libnl-3, then don't let configure succeed with libnl-1. Signed-off-by: NEric Blake <eblake@redhat.com>
-
- 11 9月, 2013 10 次提交
-
-
由 Daniel P. Berrange 提交于
The change to query org.freedesktop.DBus.ListActivatableNames to detect systemd broke the test suite, since we did not have stubs to respond to this dbus call. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Gao feng 提交于
This patch introduces virDBusIsServiceEnabled, we can use this method to get if the service is supported. In one case, if org.freedesktop.machine1 is unavailable on host, we should skip creating machine through systemd. Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com>
-
由 Gao feng 提交于
Move the unmounting private or useless filesystems for container to this function. Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com>
-
由 Gao feng 提交于
The devpts, dev and fuse filesystems are mounted temporarily. there is no need to export them to container if container shares the root directory with host. Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com>
-
由 Daniel P. Berrange 提交于
Mention that user namespace can be enabled using the UID/GID mapping schema. Fix typo in link anchor for container args in domain XML docs. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Some users in Ubuntu/Debian seem to have a setup where all the cgroup controllers are mounted on /sys/fs/cgroup rather than any /sys/fs/cgroup/<controller> name. In the loop which detects which controllers are present for a mount point we were modifying 'mnt_dir' field in the 'struct mntent' var, but not always restoring the original value. This caused detection to break in the all-in-one mount setup. Fix that logic bug and add test case coverage for this mount setup. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Liuji (Jeremy) 提交于
After freeing the bitmap pointer, it must set the pointer to NULL. This will avoid any other use of the freed memory of the bitmap pointer. https://bugzilla.redhat.com/show_bug.cgi?id=1006710Signed-off-by: NLiuji (Jeremy) <jeremy.liu@huawei.com>
-
由 Oskari Saarenmaa 提交于
Signed-off-by: NOskari Saarenmaa <os@ohmu.fi> Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
Jonathan Lebon reported an issue to me off-list about his build failing to use qemu because he failed to install yajl-devel. But I recalled specifically tweaking configure.ac to die in that situation (commits 350583c8, ba9c38b4). After a bit more head-scratching, we found the cause of the regression: commit 654c709b rearranged things so that the qemu version check now occurs before AC_ARG_WITH has had a chance to set either $with_qemu or $with_yajl. Coincidentally, this fix aligns with a documentation patch that was just posted to the autoconf mailing list :) http://thread.gmane.org/gmane.comp.sysutils.autoconf.patches/8324 * m4/virt-lib.m4 (LIBVIRT_CHECK_LIB, LIBVIRT_CHECK_LIB_ALT) (LIBVIRT_CHECK_PKG): Populate defaults earlier. * configure.ac (AC_ARG_WITH): Likewise for drivers. Signed-off-by: NEric Blake <eblake@redhat.com>
-
- 10 9月, 2013 7 次提交
-
-
由 Eric Blake 提交于
Autoconf states that AC_HELP_STRING is obsolete, and that new programs should use AS_HELP_STRING. We also had instances of not properly quoting the macro usage, and not relying on autoconf's word-wrapping abilities to avoid long lines. I validated that this commit has no impact to the generated configure file. * configure.ac (AC_ARG_WITH, AC_ARG_ENABLE): Autoconf recommends the use of AS_HELP_STRING. Also, use proper quoting and wrap long lines. * m4/virt-apparmor.m4 (LIBVIRT_CHECK_APPARMOR): Likewise. * m4/virt-selinux.m4 (LIBVIRT_CHECK_SELINUX): Likewise. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
Osier Yang pointed out that ever since commit 31cb030a, the signature of qemuDomainObjEndJob was changed to return a bool. While comparison against 0 or > 0 still gives the right results, it looks fishy; we also had one place that was comparing < 0 which is effectively dead code. * src/qemu/qemu_migration.c (qemuMigrationPrepareAny): Fix dead code bug. (qemuMigrationBegin): Use more canonical form of bool check. * src/qemu/qemu_driver.c (qemuAutostartDomain) (qemuDomainCreateXML, qemuDomainSuspend, qemuDomainResume) (qemuDomainShutdownFlags, qemuDomainReboot, qemuDomainReset) (qemuDomainDestroyFlags, qemuDomainSetMemoryFlags) (qemuDomainSetMemoryStatsPeriod, qemuDomainInjectNMI) (qemuDomainSendKey, qemuDomainGetInfo, qemuDomainScreenshot) (qemuDomainSetVcpusFlags, qemuDomainGetVcpusFlags) (qemuDomainRestoreFlags, qemuDomainGetXMLDesc) (qemuDomainCreateWithFlags, qemuDomainAttachDeviceFlags) (qemuDomainUpdateDeviceFlags, qemuDomainDetachDeviceFlags) (qemuDomainBlockResize, qemuDomainBlockStats) (qemuDomainBlockStatsFlags, qemuDomainMemoryStats) (qemuDomainMemoryPeek, qemuDomainGetBlockInfo) (qemuDomainAbortJob, qemuDomainMigrateSetMaxDowntime) (qemuDomainMigrateGetCompressionCache) (qemuDomainMigrateSetCompressionCache) (qemuDomainMigrateSetMaxSpeed) (qemuDomainSnapshotCreateActiveInternal) (qemuDomainRevertToSnapshot, qemuDomainSnapshotDelete) (qemuDomainQemuMonitorCommand, qemuDomainQemuAttach) (qemuDomainBlockJobImpl, qemuDomainBlockCopy) (qemuDomainBlockCommit, qemuDomainOpenGraphics) (qemuDomainGetBlockIoTune, qemuDomainGetDiskErrors) (qemuDomainPMSuspendForDuration, qemuDomainPMWakeup) (qemuDomainQemuAgentCommand, qemuDomainFSTrim): Likewise. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
Automake 2.0 will enable subdir-objects by default; in preparation for that change, automake 1.14 outputs LOADS of warnings: daemon/Makefile.am:38: warning: source file '../src/remote/remote_protocol.c' is in a subdirectory, daemon/Makefile.am:38: but option 'subdir-objects' is disabled automake-1.14: warning: possible forward-incompatibility. automake-1.14: At least a source file is in a subdirectory, but the 'subdir-objects' automake-1.14: automake option hasn't been enabled. For now, the corresponding output automake-1.14: object file(s) will be placed in the top-level directory. However, automake-1.14: this behaviour will change in future Automake versions: they will automake-1.14: unconditionally cause object files to be placed in the same subdirectory automake-1.14: of the corresponding sources. automake-1.14: You are advised to start using 'subdir-objects' option throughout your automake-1.14: project, to avoid future incompatibilities. daemon/Makefile.am:38: warning: source file '../src/remote/lxc_protocol.c' is in a subdirectory, daemon/Makefile.am:38: but option 'subdir-objects' is disabled ... As automake 1.9 also supported this option, and the previous patches fixed up the code base to work with it, it is safe to now turn it on unconditionally. * configure.ac (AM_INIT_AUTOMAKE): Enable subdir-objects. * .gitignore: Ignore .dirstamp directories. * src/Makefile.am (PDWTAGS, *-protocol-struct): Adjust to new subdir-object location of .lo files. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
We have been adding new .x files without keeping the list of *-structs files up-to-date. This adds the support for the recent additions. In the process of testing this, I also noticed that Fedora 19's use of dwarves-1.10 (providing pdwtags version 1.9) was producing a single line on stderr but still giving enough useful info on stdout that we could check structs; the real goal of checking stderr separately from stdout was to avoid the bug in dwarves-1.9 where stdout was empty (see bug http://bugzilla.redhat.com/772358). * src/Makefile.am (struct_prefix, PROTOCOL_STRUCTS): Add missing struct tests. (PDWTAGS): Work with Fedora 19 pdwtags. (lxc_monitor_protocol-struct, lock_protocol-struct): New rules. * src/lxc_monitor_protocol-structs: New file. * src/lock_protocol-structs): Likewise. * cfg.mk (generated_files): Enlarge list. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
If we use subdir-objects with automake, any reference to a cross-directory .c file will result in automake creating rules that track dependency in the cross directory. But this presents a problem during 'make distclean' - if the cross directory is cleaned up first, then the daemon directory will be left with dangling references to .Po dependency files that no longer exist. Meanwhile, referring to the cross-directory .c file means that we are compiling the file twice - once in src, and once in daemon. Better is to compile just once in src into a convenience library, and then use that library from daemon. The tests directory had a similar situation of a cross-directory .c file; to solve that, we actually need a convenience library. * daemon/Makefile.am (DAEMON_SOURCES): Drop .c files... (libvirtd_LDADD): ...and instead use library. (libvirtd_conf_la_SOURCES): Declare a new convenience library. (libvirtd_LDFLAGS): Drop duplicate flag. * tests/Makefile.am (libvirtdconftest_SOURCES): Drop .c file... (libvirtdconftest_LDADD): ..and instead use library. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
Trying to enable automake's subdir-objects option resulted in the creation of literal directories such as src/$(srcdir)/remote/. I traced this to the fact that we had used a literal $(srcdir) in a location that later fed an automake *_SOURCES variable. This has also been reported as an automake bug: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=13928 but it's better to fix our code than to wait for an automake fix. Some things to remember that affect VPATH builds, and where an in-tree build is blissfully unaware of the issues: if a VPATH build fails to find a file that was used as a prereq of any other target, then the rule for that file will expand $@ to prefer the current build dir (bad because a VPATH build on a fresh checkout will then stick $@ in the current directory instead of the desired srcdir); conversely, if a VPATH build finds the file in srcdir but decides it needs to be rebuilt, then the rule for that file will expand $@ to include the directory where it was found out-of-date (bad for an explicit listing of $(srcdir)/$@ because an incremental VPATH build will then expand srcdir twice). As we want these files to go into srcdir unconditionally, we have to massage or avoid $@ for any recipe that involves one of these files. Therefore, this patch removes all uses of $(srcdir) from any generated file name that later feeds a *_SOURCES variable, and then rewrites all the recipes to generate those files to hard-code their creation into srcdir without the use of $@. * src/Makefile.am (REMOTE_DRIVER_GENERATED): Drop $(srcdir); VPATH builds know how to find the files, and automake subdir-objects fails with it in place. (LXC_MONITOR_PROTOCOL_GENERATED, (LXC_MONITOR_GENERATED) (ACCESS_DRIVER_GENERATED, LOCK_PROTOCOL_GENERATED): Likewise. (*_client_bodies.h): Hard-code rules to write into srcdir, as VPATH tries to build $@ locally if missing. (util/virkeymaps.h): Likewise. (lxc/lxc_monitor_dispatch.h): Likewise. (access/viraccessapi*): Likewise. (locking/lock_daemon_dispatch_stubs.h): Likewise. * daemon/Makeflie.am (DAEMON_GENERATED, remote_dispatch.h): Likewise. Signed-off-by: NEric Blake <eblake@redhat.com> fixup DAEMON_GENERATED
-
由 Li Zhang 提交于
This patch is to Cleanup ppcCompute to avoid memory leak to make the code better. Signed-off-by: NLi Zhang <zhlcindy@linux.vnet.ibm.com>
-
- 09 9月, 2013 4 次提交
-
-
由 Eric Blake 提交于
Failure to attach to a domain during 'virsh qemu-attach' left the list of domains in an odd state: $ virsh qemu-attach 4176 error: An error occurred, but the cause is unknown $ virsh list --all Id Name State ---------------------------------------------------- 2 foo shut off $ virsh qemu-attach 4176 error: Requested operation is not valid: domain is already active as 'foo' $ virsh undefine foo error: Failed to undefine domain foo error: Requested operation is not valid: cannot undefine transient domain $ virsh shutdown foo error: Failed to shutdown domain foo error: invalid argument: monitor must not be NULL It all stems from leaving the list of domains unmodified on the initial failure; we should follow the lead of createXML which removes vm on failure (the actual initial failure still needs to be fixed in a later patch, but at least this patch gets us to the point where we aren't getting stuck with an unremovable "shut off" transient domain). While investigating, I also found a leak in qemuDomainCreateXML; the two functions should behave similarly. Note that there are still two unusual paths: if dom is not allocated, the user will see an OOM error even though the vm remains registered (but oom errors already indicate tricky cleanup); and if the vm starts and then quits again all before the job ends, it is possible to return a non-NULL dom even though the dom will no longer be useful for anything (but this at least lets the user know their short-lived vm ran). * src/qemu/qemu_driver.c (qemuDomainCreateXML): Don't leak vm on failure to obtain job. (qemuDomainQemuAttach): Match cleanup of qemuDomainCreateXML. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Yogesh Tillu 提交于
ARM v7 can operate in either little or big endian modes. Add support for the big-endian version known as armv7b from uname. Signed-off-by: NYogesh Tillu <tillu.yogesh@gmail.com> Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Li Zhang 提交于
Currently, only X86 provides users CPU features with CPUID instruction. If users specify the features for non-x86, it should tell users to remove them. This patch is to report one error if features are specified by users for non-x86 platform. Signed-off-by: NLi Zhang <zhlcindy@linux.vnet.ibm.com>
-
由 Hongwei Bi 提交于
The variable vroot should be freed in label cleanup.
-
- 07 9月, 2013 1 次提交
-
-
由 Eric Blake 提交于
While debugging a failure of 'virsh qemu-attach', I noticed that we were leaking the count of active domains on failure. This means that a libvirtd session that is supposed to quit after active domains disappear will hang around forever. * src/qemu/qemu_process.c (qemuProcessAttach): Undo count of active domains on failure. Signed-off-by: NEric Blake <eblake@redhat.com>
-
- 06 9月, 2013 2 次提交
-
-
由 Eric Blake 提交于
In Fedora 19, 'qemu-kvm' is a simple wrapper that calls 'qemu-system-x86_64 -machine accel=kvm'. Attempting to use 'virsh qemu-attach $pid' to a machine started as: qemu-kvm -cdrom /var/lib/libvirt/images/foo.img \ -monitor unix:/tmp/demo,server,nowait -name foo \ --uuid cece4f9f-dff0-575d-0e8e-01fe380f12ea was failing with: error: XML error: No PCI buses available because we did not see 'kvm' in the executable name read from /proc/$pid/cmdline, and tried to assign os.machine as "accel=kvm" instead of "pc"; this in turn led to refusal to recognize the pci bus. Noticed while investigating https://bugzilla.redhat.com/995312 although there are still other issues to fix before that bug will be completely solved. I've concluded that the existing parser code for native-to-xml is a horrendous hodge-podge of ad-hoc approaches; I basically rewrote the -machine section to be a bit saner. * src/qemu/qemu_command.c (qemuParseCommandLine): Don't assume -machine argument is always appropriate for os.machine; set virtType if accel is present. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Eric Blake 提交于
'virsh domxml-from-native' and 'virsh qemu-attach' could misbehave for an emulator installed in (a somewhat unlikely) location such as /usr/local/qemu-1.6/qemu-system-x86_64 or (an even less likely) /opt/notxen/qemu-system-x86_64. Limit the strstr seach to just the basename of the file where we are assuming details about the binary based on its name. While testing, I accidentally triggered a core dump during strcmp when I forgot to set os.type on one of my code paths; this patch changes such a coding error to raise a nicer internal error instead. * src/qemu/qemu_command.c (qemuParseCommandLine): Compute basename earlier. * src/conf/domain_conf.c (virDomainDefPostParseInternal): Avoid NULL deref. Signed-off-by: NEric Blake <eblake@redhat.com>
-