1. 28 10月, 2012 18 次提交
    • O
      storage: Add timeout for iscsi volume's stable path discovery · aa9f65c8
      Osier Yang 提交于
      It might need some time till the LUN's stable path shows up on
      initiator host, and although the time window is not foreseeable,
      as a better than nothing fix, this patch adds timeout for the
      stable path discovery process.
      (cherry picked from commit de7f0774)
      aa9f65c8
    • C
      spec: Fix multilib issue with systemtap tapsets · acb169d0
      Cole Robinson 提交于
      If building on a 64bit host, rename the affected tapsets to <name>-64.stp.
      This is similar to what the python package does in fedora.
      
      https://bugzilla.redhat.com/show_bug.cgi?id=831425
      (cherry picked from commit 18d0632d)
      acb169d0
    • C
      docs: Fix installation of internals/*.html · 965e4c3c
      Cole Robinson 提交于
      We were just installing them in the top level html directory, which
      broke navigation and overwrote other pages.
      
      https://bugzilla.redhat.com/show_bug.cgi?id=837825
      (cherry picked from commit 7146d416)
      965e4c3c
    • O
      virsh: Fix segfault of snapshot-list · 3d124636
      Osier Yang 提交于
      'snaps' is used after free()'ed.
      (cherry picked from commit e0ad4669)
      3d124636
    • C
      6bae2c41
    • C
      daemon: Avoid 'Could not find keytab file' in syslog · a5f8a78f
      Cole Robinson 提交于
      On F17 at least, every time libvirtd starts we get this in syslog:
      
      libvirtd: Could not find keytab file: /etc/libvirt/krb5.tab: No such file or directory
      
      This comes from cyrus-sasl, and happens regardless of whether the
      gssapi plugin is requested, which is what actually uses
      /etc/libvirt/krb5.tab.
      
      While cyrus-sasl shouldn't complain, we can easily make it shut up by
      commenting out the keytab value by default.
      
      Also update the keytab comment to the more modern one from qemu's
      sasl config file.
      (cherry picked from commit fe772f24)
      a5f8a78f
    • L
      network: don't allow multiple default portgroups · 10f8762b
      Laine Stump 提交于
      This resolves: https://bugzilla.redhat.com/show_bug.cgi?id=868483
      
      virNetworkUpdate, virNetworkDefine, and virNetworkCreate all three
      allow network definitions to contain multiple <portgroup> elements
      with default='yes'. Only a single default portgroup should be allowed
      for each network.
      
      This patch updates networkValidate() (called by both
      virNetworkCreate() and virNetworkDefine()) and
      virNetworkDefUpdatePortGroup (called by virNetworkUpdate() to not
      allow multiple default portgroups.
      (cherry picked from commit 6f8a8b30)
      10f8762b
    • L
      network: always create dnsmasq hosts and addnhosts files, even if empty · 874a3361
      Laine Stump 提交于
      This fixes the problem reported in:
      
        https://bugzilla.redhat.com/show_bug.cgi?id=868389
      
      Previously, the dnsmasq hosts file (used for static dhcp entries, and
      addnhosts file (used for additional dns host entries) were only
      created/referenced on the dnsmasq commandline if there was something
      to put in them at the time the network was started. Once we can update
      a network definition while it's active (which is now possible with
      virNetworkUpdate), this is no longer a valid strategy - if there were
      0 dhcp static hosts (resulting in no reference to the hosts file on the
      commandline), then one was later added, the commandline wouldn't have
      linked dnsmasq up to the file, so even though we create it, dnsmasq
      doesn't pay any attention.
      
      The solution is to just always create these files and reference them
      on the dnsmasq commandline (almost always, anyway). That way dnsmasq
      can notice when a new entry is added at runtime (a SIGHUP is sent to
      dnsmasq by virNetworkUdpate whenever a host entry is added or removed)
      
      The exception to this is that the dhcp static hosts file isn't created
      if there are no lease ranges *and* no static hosts. This is because in
      this case dnsmasq won't be setup to listen for dhcp requests anyway -
      in that case, if the count of dhcp hosts goes from 0 to 1, dnsmasq
      will need to be restarted anyway (to get it listening on the dhcp
      port). Likewise, if the dhcp hosts count goes from 1 to 0 (and there
      are no dhcp ranges) we need to restart dnsmasq so that it will stop
      listening on port 67. These special situations are handled in the
      bridge driver's networkUpdate() by checking for ((bool)
      nranges||nhosts) both before and after the update, and triggering a
      dnsmasq restart if the before and after don't match.
      (cherry picked from commit 1cb1f9da)
      874a3361
    • L
      network: free/null newDef if network fails to start · f1de8d3b
      Laine Stump 提交于
      https://bugzilla.redhat.com/show_bug.cgi?id=866364
      
      pointed out a crash due to virNetworkObjAssignDef free'ing
      network->newDef without NULLing it afterward. A fix for this is in
      upstream commit b7e92024. While the
      NULLing of newDef was a legitimate fix, newDef should have already
      been empty (NULL) anyway (as indicated in the comment that was deleted
      by that commit).
      
      The reason that newDef had a non-NULL value (i.e. the root cause) was
      that networkStartNetwork() had failed after populating
      network->newDef, but then neglected to free/NULL newDef in the
      cleanup.
      
      (A bit of background here: network->newDef should contain the
      persistent config of a network when a network is active (and of course
      only when it is persisten), and NULL at all other times. There is also
      a network->def which should contain the persistent definition of the
      network when it is inactive, and the current live state at all other
      times. The idea is that you can make changes to network->newDef which
      will take effect the next time the network is restarted, but won't
      mess with the current state of the network (virDomainObj has a similar
      pair of virDomainDefs that behave in the same fashion). Personally I
      think there should be a network->live and network->config, and the
      location of the persistent config should *always* be in
      network->config, but that's for a later cleanup).
      
      Since I love things to be symmetric, I created a new function called
      virNetworkObjUnsetDefTransient(), which reverses the effects of
      virNetworkObjSetDefTransient(). I don't really like the name of the
      new function, but then I also didn't really like the name of the old
      one either (it's just named that way to match a similar function in
      the domain conf code).
      (cherry picked from commit 78fab277)
      f1de8d3b
    • C
      Autogenerate AUTHORS · 11b13b36
      Cole Robinson 提交于
      AUTHORS.in tracks the maintainers, as well as some folks who were
      previously in AUTHORS but don't have a git commit with proper
      attribution.
      
      Generated output is sorted alphabetically and lacks pretty spacing, so
      tweak AUTHORS.in to follow the same format.
      
      Additionally, drop the syntax-check rule that previously validated
      AUTHORS against git log.
      (cherry picked from commit 7b21981c)
      
      Conflicts:
      	.mailmap
      	AUTHORS
      11b13b36
    • E
      build: avoid infinite autogen loop · 64a9993c
      Eric Blake 提交于
      Several people have reported that if the .gnulib submodule is dirty,
      then 'make' will go into an infinite loop attempting to rerun bootstrap,
      because that never cleans up the dirty submodule.  By default, we
      should halt and make the user investigate, but if the user doesn't
      know why or care that the submodule is dirty, I also added the ability
      to 'make CLEAN_SUBMODULE=1' to get things going again.
      
      Also, while testing this, I noticed that when a submodule update was
      needed, 'make' would first run autoreconf, then bootstrap (which
      reruns autoreconf); adding a strategic dependency allows for less work.
      
      * .gnulib: Update to latest, for maint.mk improvements.
      * cfg.mk (_autogen): Also hook maint.mk, to run before autoreconf.
      * autogen.sh (bootstrap): Refuse to run if gnulib is dirty, unless
      user requests discarding gnulib changes.
      (cherry picked from commit c5f16220)
      64a9993c
    • G
      selinux: relabel tapfd in qemuPhysIfaceConnect · cefa64ca
      Guannan Ren 提交于
      Relabeling tapfd right after the tap device is created.
      qemuPhysIfaceConnect is common function called both for static
      netdevs and for hotplug netdevs.
      (cherry picked from commit 4492ef7f)
      cefa64ca
    • M
      network: Set to NULL after virNetworkDefFree() · ec08a738
      Michal Privoznik 提交于
      which frees all allocated memory but doesn't set the passed pointer to
      NULL.  Therefore, we must do it ourselves. This is causing actual
      libvirtd crash: Basically, when doing 'virsh net-edit' the newDef should
      be dropped.  And the memory is freed, indeed. However, the pointer is
      not set to NULL but kept instead. And the next duo of calls 'virsh
      net-start' and 'virsh net-destroy' starts the disaster. The latter one
      does the same as 'virsh destroy'; it sees that newDef is nonNULL so it
      replaces def with newDef (which has been freed already as said a few
      lines above). Therefore any subsequent call accessing def will hit the ground.
      (cherry picked from commit b7e92024)
      ec08a738
    • G
      selinux: remove unused variables in socket labelling · 4c2a38d1
      Guannan Ren 提交于
      (cherry picked from commit d37a3a1d)
      4c2a38d1
    • G
      selinux: fix wrong tapfd relablling · 2716c78c
      Guannan Ren 提交于
      It should relabel tapfd of virtual network of type VIR_DOMAIN_NET_TYPE_DIRECT
      rather than VIR_DOMAIN_NET_TYPE_NETWORK and VIR_DOMAIN_NET_TYPE_BRIDGE
      (commit ae368ebf introduced this bug)
      
      Caution: The context of the two hunks is identical other than indentation.
      Please be extremely cautious of where the patch gets applied.
      (cherry picked from commit 89b63f0a)
      2716c78c
    • M
      selinux: Use raw contexts 2 · e620a97a
      Martin Kletzander 提交于
      In commit 9674f2c6, I forgot to change
      selabel_lookup with the other functions, so this one-liner does exactly
      that.
      (cherry picked from commit 6676c1fc)
      e620a97a
    • G
      selinux: add security selinux function to label tapfd · 0dd956b9
      Guannan Ren 提交于
      BZ:https://bugzilla.redhat.com/show_bug.cgi?id=851981
      When using macvtap, a character device gets first created by
      kernel with name /dev/tapN, its selinux context is:
      system_u:object_r:device_t:s0
      
      Shortly, when udev gets notification when new file is created
      in /dev, it will then jump in and relabel this file back to the
      expected default context:
      system_u:object_r:tun_tap_device_t:s0
      
      There is a time gap happened.
      Sometimes, it will have migration failed, AVC error message:
      type=AVC msg=audit(1349858424.233:42507): avc:  denied  { read write } for
      pid=19926 comm="qemu-kvm" path="/dev/tap33" dev=devtmpfs ino=131524
      scontext=unconfined_u:system_r:svirt_t:s0:c598,c908
      tcontext=system_u:object_r:device_t:s0 tclass=chr_file
      
      This patch will label the tapfd device before qemu process starts:
      system_u:object_r:tun_tap_device_t:MCS(MCS from seclabel->label)
      (cherry picked from commit ae368ebf)
      0dd956b9
    • M
      selinux: Use raw contexts · 39db0d2d
      Martin Kletzander 提交于
      We are currently able to work only with non-translated SELinux
      contexts, but we are using functions that work with translated
      contexts throughout the code.  This patch swaps all SELinux context
      translation relative calls with their raw sisters to avoid parsing
      problems.
      
      The problems can be experienced with mcstrans for example.  The
      difference is that if you have translations enabled (yum install
      mcstrans; service mcstrans start), fgetfilecon_raw() will get you
      something like 'system_u:object_r:virt_image_t:s0', whereas
      fgetfilecon() will return 'system_u:object_r:virt_image_t:SystemLow'
      that we cannot parse.
      
      I was trying to confirm that the _raw variants were here since the dawn of
      time, but the only thing I see now is that it was imported together in
      the upstream repo [1] from svn, so before 2008.
      
      Thanks Laurent Bigonville for finding this out.
      
      [1] http://oss.tresys.com/git/selinux.git
      (cherry picked from commit 9674f2c6)
      39db0d2d
  2. 24 10月, 2012 1 次提交
    • B
      network: fix dnsmasq/radvd binding to IPv6 on recent kernels · f5650a37
      Benjamin Cama 提交于
      I hit this problem recently when trying to create a bridge with an IPv6
      address on a 3.2 kernel: dnsmasq (and, further, radvd) would not bind to
      the given address, waiting 20s and then giving up with -EADDRNOTAVAIL
      (resp. exiting immediately with "error parsing or activating the config
      file", without libvirt noticing it, BTW). This can be reproduced with (I
      think) any kernel >= 2.6.39 and the following XML (to be used with
      "virsh net-create"):
      
              <network>
                <name>test-bridge</name>
                <bridge name='testbr0' />
                <ip family='ipv6' address='fd00::1' prefix='64'>
                </ip>
              </network>
      
      (it happens even when you have an IPv4, too)
      
      The problem is that since commit [1] (which, ironically, was made to
      “help IPv6 autoconfiguration”) the linux bridge code makes bridges
      behave like “real” devices regarding carrier detection. This makes the
      bridges created by libvirt, which are started without any up devices,
      stay with the NO-CARRIER flag set, and thus prevents DAD (Duplicate
      address detection) from happening, thus letting the IPv6 address flagged
      as “tentative”. Such addresses cannot be bound to (see RFC 2462), so
      dnsmasq fails binding to it (for radvd, it detects that "interface XXX
      is not RUNNING", thus that "interface XXX does not exist, ignoring the
      interface" (sic)). It seems that this behavior was enhanced somehow with
      commit [2] by avoiding setting NO-CARRIER on empty bridges, but I
      couldn't reproduce this behavior on my kernel. Anyway, with the “dummy
      tap to set MAC address” trick, this wouldn't work.
      
      To fix this, the idea is to get the bridge's attached device to be up so
      that DAD can happen (deactivating DAD altogether is not a good idea, I
      think). Currently, libvirt creates a dummy TAP device to set the MAC
      address of the bridge, keeping it down. But even if we set this device
      up, it is not RUNNING as soon as the tap file descriptor attached to it
      is closed, thus still preventing DAD. So, we must modify the API a bit,
      so that we can get the fd, keep the tap device persistent, run the
      daemons, and close it after DAD has taken place. After that, the bridge
      will be flagged NO-CARRIER again, but the daemons will be running, even
      if not happy about the device's state (but we don't really care about
      the bridge's daemons doing anything when no up interface is connected to
      it).
      
      Other solutions that I envisioned were:
            * Keeping the *-nic interface up: this would waste an fd for each
              bridge during all its life. May be acceptable, I don't really
              know.
            * Stop using the dummy tap trick, and set the MAC address directly
              on the bridge: it is possible since quite some time it seems,
              even if then there is the problem of the bridge not being
              RUNNING when empty, contrary to what [2] says, so this will need
              fixing (and this fix only happened in 3.1, so it wouldn't work
              for 2.6.39)
            * Using the --interface option of dnsmasq, but I saw somewhere
              that it's not used by libvirt for backward compatibility. I am
              not sure this would solve this problem, though, as I don't know
              how dnsmasq binds itself to it with this option.
      
      This is why this patch does what's described earlier.
      
      This patch also makes radvd start even if the interface is
      “missing” (i.e. it is not RUNNING), as it daemonizes before binding to
      it, and thus sometimes does it after the interface has been brought down
      by us (by closing the tap fd), and then originally stops. This also
      makes it stop yelling about it in the logs when the interface is down at
      a later time.
      
      [1]
      http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=1faa4356a3bd89ea11fb92752d897cff3a20ec0e
      [2]
      http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=b64b73d7d0c480f75684519c6134e79d50c1b341
      (cherry picked from commit db488c79)
      f5650a37
  3. 19 10月, 2012 21 次提交
    • J
      qemu: Clear async job when p2p migration fails early · 77cecd2b
      Jiri Denemark 提交于
      When p2p migration fails early because qemuMigrationIsAllowed or
      qemuMigrationIsSafe say migration should be cancelled, we fail to clear
      the migration-out async job. As a result of that, further APIs called
      for the same domain may fail with Timed out during operation: cannot
      acquire state change lock.
      
      Reported by Guido Winkelmann.
      (cherry picked from commit 837993d8)
      77cecd2b
    • C
      storage: lvm: lvcreate fails with allocation=0, don't do that · 29a2a911
      Cole Robinson 提交于
      On F17 at least, this command fails:
      
      $ sudo /usr/sbin/lvcreate --name sparsetest -L 0K --virtualsize 16384K vgvirt
        Unable to create new logical volume with no extents
      
      Which is unfortunate since allocation=0 is what virt-manager tries to use
      by default.
      
      Rather than telling the user 'don't do that', let's just give them the
      smallest allocation possible if alloc=0 is requested.
      
      https://bugzilla.redhat.com/show_bug.cgi?id=866481
      (cherry picked from commit 9f0e9cba)
      29a2a911
    • C
      storage: lvm: Don't overwrite lvcreate errors · 95440c51
      Cole Robinson 提交于
      Before:
      $ sudo virsh vol-create-as --pool vgvirt sparsetest --capacity 16M --allocation 0
      error: Failed to create vol sparsetest
      error: internal error Child process (/usr/sbin/lvchange -aln vgvirt/sparsetest) unexpected exit status 5:   One or more specified logical volume(s) not found.
      
      After:
      $ sudo virsh vol-create-as --pool vgvirt sparsetest --capacity 16M --allocation 0
      error: Failed to create vol sparsetest
      error: internal error Child process (/usr/sbin/lvcreate --name sparsetest -L 0K --virtualsize 16384K vgvirt) unexpected exit status 5:   Unable to create new logical volume with no extents
      (cherry picked from commit 01df6f2b)
      95440c51
    • P
      spec: Add runtime requirement for libssh2 · ad5afcd1
      Peter Krempa 提交于
      libssh2 unfortunately doesn't support symbol versioning so RPM can't
      figure out what version is needed for the currently installed libvirt
      package. This patch adds a runtime requirement, so that the correct
      version of libssh2 can be installed along with libvirt.
      (cherry picked from commit cb4f41b8)
      ad5afcd1
    • P
      spec: Add support for libssh2 transport · 3709804d
      Peter Krempa 提交于
      Libssh2 transport support was enabled lately but the spec file wasn't
      updated to take this into account. This caused libvirt to be built
      without libssh2 support in Red Hat based OSes.
      (cherry picked from commit 1e25c54f)
      3709804d
    • M
      conf: Fix crash with cleanup · 1fd7c261
      Martin Kletzander 提交于
      There was a crash possible when both <boot dev... and <boot
      order... were specified due to virDomainDefParseBootXML() erroring out
      before setting *tmp (which was free'd in cleanup).  As a fix, I
      created this cleanup that uses one pointer for all the temporary
      stored XPath strings and values, plus this pointer is correctly
      initialized to NULL.
      (cherry picked from commit 280b8c9e)
      1fd7c261
    • G
      Properly parse (unsigned) long long · 95110e71
      Guido Günther 提交于
      This fixes problems on platforms where sizeof(long) != sizeof(long long)
      like ia32.
      (cherry picked from commit d78035d0)
      95110e71
    • Z
      Correct name of domain/pm/suspend-to-mem in docs · 71460b50
      Zeeshan Ali (Khattak) 提交于
      (cherry picked from commit 0ec6aebb)
      71460b50
    • C
      storage: Report UUID/name consistently in driver errors · 81a7baf1
      Cole Robinson 提交于
      Done with:
      
      sed -i -e "s/no pool with matching uuid/no storage pool with matching uuid/g" src/storage/storage_driver.c
      sed -i -e 's/"%s", _("no storage pool with matching uuid")/_("no storage pool with matching uuid %s"), obj->uuid/g' src/storage/storage_driver.c
      sed -i -e 's/"%s", _("storage pool is not active")/_("storage pool '%s' is not active"), pool->def->name/g' src/storage/storage_driver.c
      
      And a couple fixups before, during, and after, and a manual inspection
      pass to make sure nothing was wonky.
      (cherry picked from commit 3af8280b)
      81a7baf1
    • D
      Change qemuSetSchedularParameters to use AFFECT_CURRENT · 220d25cd
      Daniel P. Berrange 提交于
      When adding variants of parameter setting APIs which accepted
      flags, the existing APIs were all adapted internally to pass
      VIR_DOMAIN_AFFECT_CURRENT to the new API. The QEMU impl
      qemuSetSchedularParameters was an exception, which instead
      used VIR_DOMAIN_AFFECT_LIVE. Change this to match other
      compatibility scenarios, so that calling
      
         virDomainSetSchedularParameters(dom, params, nparams);
      
      Has the same semantics as
      
         virDomainSetSchedularParametersFlags(dom, params, nparams, 0);
      
      And
      
         virDomainSetSchedularParametersFlags(dom, params, nparams, VIR_DOMAIN_AFFECT_CURRENT);
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      (cherry picked from commit 4da9b2c1)
      220d25cd
    • M
      nodeinfo: Fully convert to new virReportError · d2c0f2e3
      Michal Privoznik 提交于
      With our latest s/[a-z]+ReportError/virReportError/ rewrite
      (47ab34e2) we forgot to update arm part of the code.
      (cherry picked from commit 84a8917b)
      d2c0f2e3
    • M
      Call curl_global_init from virInitialize to avoid thread-safety issues · 47489d64
      Matthias Bolte 提交于
      curl_global_init is not thread-safe. curl_easy_init might call
      curl_global_init when it was no called before. But curl_easy_init
      can be called from different threads by the ESX driver. Therefore,
      call curl_global_init from virInitialize to stop curl_easy_init from
      calling it.
      
      Reported by Benjamin Wang.
      (cherry picked from commit 458c4998)
      47489d64
    • M
      fix kvm_pv_eoi with kvmclock · 88c7f28b
      Martin Kletzander 提交于
      When both kvmclock and kvm_pv_eoi are configured (either disabled or
      enabled) libvirt will generate invalid CPU specification due to the
      fact that even though kvmclock causes the CPU to be specified, it
      doesn't set have_cpu flag to true (and the new kvm_pv_eoi as well).
      This patch fixes the issue and adds a test exactly for that to show
      that it is fixed correctly (and also to keep it that way in the future
      of course).
      (cherry picked from commit 5d692cc7)
      88c7f28b
    • M
      esx: Disable libcurl's use of signals to fix a segfault · 9e423dd3
      Matthias Bolte 提交于
      libcurl uses a SIGALRM in combination with sigsetjmp/siglongjmp to be
      able to abort a DNS lookup when it takes too long. The problem with this
      in a multi-threaded application is that the signal handler for SIGALRM
      and the call to siglongjmp can be executed on a thread that is different
      from the one that initially did the SIGALRM setup and the call to
      sigsetjmp. In the reported case this triggered a segfault.
      
      Disable libcurl's use of signals to avoid this situation. This has the
      disadvantage of losing the ability to abort synchronous DNS lookups which
      might result in libcurl getting stuck in a DNS lookup in the worst case.
      When libcurl was build with an asynchronous DNS backend such as c-ares
      then there is no problem because the timeout mechanism works without
      signals here anyway.
      
      Reported by Benjamin Wang.
      (cherry picked from commit 0821ea6b)
      9e423dd3
    • V
      S390: Buffer too small for large CPU numbers. · 1bc28c28
      Viktor Mihajlovski 提交于
      The output buffer for virFileReadAll was too small for systems with
      more than 30 CPUs which leads to a log entry and incorrect behavior.
      The new size will be sufficient for the current
      architectural limits.
      Signed-off-by: NViktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
      (cherry picked from commit 4bdc8606)
      1bc28c28
    • E
      spec: prefer canonical name of util-linux · 6730e635
      Eric Blake 提交于
      I noticed that in two places, we require util-linux, and in a third,
      we require util-linux-ng.  On Fedora (I tested F15 through rawhide),
      util-linux-ng is obsoleted by util-linux; on RHEL 6, util-linux
      is obsoleted by util-linux-ng.  That is, on either platform, either
      name will get you the correct package installed (where the preferred
      name on fedora is util-linux, and on RHEL 6 is util-linux-ng).  But
      on RHEL 5, there is no util-linux-ng
      
      * libvirt.spec.in (Requires): Use util-linux, not util-linux-ng.
      (cherry picked from commit a9087ad1)
      6730e635
    • E
      docs: fix links in migration.html TOC · 6d4bca5b
      Eric Blake 提交于
      Use of the wrong attribute name caused the table of contents to
      be useless.  Fix suggested by Daniel P. Berrange.
      
      * docs/migration.html.in: Use correct anchoring attribute.
      (cherry picked from commit eeb8c924)
      6d4bca5b
    • K
      Correct checking of virStrcpyStatic() return value · cf2d85cd
      Kyle Mestery 提交于
      Correct the check for the return value of virStrcpyStatic()
      when copying port-profile names. Fixes Open vSwitch ports
      which utilize port-profiles from network definitions.
      Signed-off-by: NKyle Mestery <kmestery@cisco.com>
      (cherry picked from commit 83aebf6d)
      cf2d85cd
    • E
      build: avoid -Wno-format on new-enough gcc · e302d32f
      Eric Blake 提交于
      Commit c579d6b3 added a sledgehammer to silence spurious warnings from
      gcc 4.2, but in the process, it also silenced useful warnings from
      gcc 4.3 through 4.5.  As a result, a bug slipped in to commit 0caccb58.
      
      Tested with FreeBSD (gcc 4.2.1), RHEL 6.3 (gcc 4.4), and F17 (gcc 4.7.2),
      where the former didn't trip on spurious warnings, and where the latter
      two detected a revert of 2b804cfa.
      
      * m4/virt-compile-warnings.m4 (-Wno-format): Probe for the actual
      spurious message, to once again allow gcc 4.4 to use -Wformat.
      (cherry picked from commit 814a8dea)
      e302d32f
    • P
      qemu: Use proper agent entering function when freezing filesystems · ccc76711
      Peter Krempa 提交于
      When doing snapshots, the filesystem freeze function used the agent
      entering function that expects the qemud_driver unlocked. This might
      cause a deadlock of the qemu driver if the agent does not respond.
      
      The only call path of this function has the qemud_driver locked, so this
      patch changes the entering functions to those expecting the driver
      locked.
      (cherry picked from commit e0316b5e)
      ccc76711
    • M
      lxc: Correctly report active cgroups · 5c188057
      Michal Privoznik 提交于
      There was an inverted return value in lxcCgroupControllerActive().
      The function assumes cgroups are active and do couple of checks
      to prove that. If any of them fails, false is returned. Therefore,
      at the end, after all checks are done we must return true, not false.
      (cherry picked from commit 0dddd680)
      5c188057