- 25 3月, 2014 3 次提交
-
-
由 Jiri Denemark 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=905282 https://bugzilla.redhat.com/show_bug.cgi?id=967494 When lock failure is detected by sanlock, our sanlock_helper kill script will try to restart (shutdown followed by start) the affected domain when RESTART action is configured for it. While shutting down kills QEMU and removes all its leases (which is what sanlock wants to happen), trying to start it again just hangs because libvirt tries reacquire the locks in the failed lock space. Hence, this action cannot be supported by sanlock driver. Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
由 Jiri Denemark 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=905280 https://bugzilla.redhat.com/show_bug.cgi?id=967493 Sanlock expects that the configured kill script either kills the PID on lock failure or removes all locks the PID owns. If none of the two options happen, sanlock will reboot the host. Although IGNORE action is supposed to ignore the request to kill the PID or remove all leases, it's certainly not designed to cause the host to be rebooted. That said, IGNORE action is incompatible with sanlock and should be forbidden by libvirt. Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
由 Eric Blake 提交于
Part of a series of cleanups to use new accessor methods. * src/locking/domain_lock.c (virDomainLockManagerAddDisk): Use accessors. Signed-off-by: NEric Blake <eblake@redhat.com>
-
- 18 3月, 2014 5 次提交
-
-
由 Daniel P. Berrange 提交于
A earlier commit changed the global log buffer so that it only records messages that are explicitly requested via the log filters setting. This removes the performance burden, and improves the signal/noise ratio for messages in the global buffer. At the same time though, it is somewhat pointless, since all the recorded log messages are already going to be sent to an explicit log output like syslog, stderr or the journal. The global log buffer is thus just duplicating this data on stderr upon crash. The log_buffer_size config parameter is left in the augeas lens to prevent breakage for users on upgrade. It is however completely ignored hereafter. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Any source file which calls the logging APIs now needs to have a VIR_LOG_INIT("source.name") declaration at the start of the file. This provides a static variable of the virLogSource type. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Martin Kletzander 提交于
Commit a1cbe4b5 added a check for spaces around assignments and this patch extends it to checks for spaces around '=='. One exception is virAssertCmpInt where comma after '==' is acceptable (since it is a macro and '==' is its argument). Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
由 Michal Privoznik 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=992980 This config tunable allows users to determine the maximum number of accepted but yet not authenticated users. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Nehal J Wani 提交于
Our current pidfile acquire APis (virPidFileAcquire) simply return -1 upon failure to acquire a lock. This patch adds a parameter 'bool waitForLock' which instructs the APIs if we want to make it block and wait for the lock or not.
-
- 11 3月, 2014 1 次提交
-
-
由 Daniel P. Berrange 提交于
Convert the sanlock and lockd lock driver plugins over to use the new virCryptoHashString APIs instead of having their own duplicated code. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 10 3月, 2014 1 次提交
-
-
由 Ján Tomko 提交于
Some of these are leftovers from renaming the files, others are just typos. Also introduce an ugly awk script to enforce this.
-
- 27 2月, 2014 1 次提交
-
-
由 Jiri Denemark 提交于
Libvirt uses a domain name to fill in owner_name in sanlock_options in virLockManagerSanlockAcquire. Unfortunately, owner_name is limited to SANLK_NAME_LEN characters (including trailing '\0'), which means domains with longer names fail to start when sanlock is enabled. However, we can truncate the name when setting owner_name as explained by sanlock's author: Setting sanlk_options or the owner_name is unnecessary, and has very little to no benefit. If you do provide something in owner_name, it can be anything, sanlock doesn't care or use it. If you run the command "sanlock status", the output will display a list of clients connected to the sanlock daemon. This client list is displayed as "pid owner_name" if the client has provided an owner_name via sanlk_options. This debugging output is the only usage of owner_name, so its only benefit is to potentially provide a more human friendly output for debugging purposes.
-
- 22 1月, 2014 1 次提交
-
-
由 Michael Chapman 提交于
- Use $XDG_RUNTIME_DIR for re-exec state file when running unprivileged. - argv[0] may not contain a full path to the binary, however it should contain something that can be looked up in the PATH. Use execvp() to do path lookup on re-exec. - As per list discussion [1], ignore --daemon on re-exec. [1] https://www.redhat.com/archives/libvir-list/2013-December/msg00514.htmlSigned-off-by: NMichael Chapman <mike@very.puzzling.org>
-
- 09 1月, 2014 1 次提交
-
-
由 Guido Günther 提交于
We point to the manpages where available and redirect to libvirt's homepage as a last resort.
-
- 06 1月, 2014 1 次提交
-
-
由 Eric Blake 提交于
Some of our operation denied messages are outright stupid; for example, if virIdentitySetAttr fails: error: operation Identity attribute is already set forbidden for read only access This patch fixes things to a saner: error: operation forbidden: Identity attribute is already set It also consolidates the most common usage pattern for operation denied errors: read-only connections preventing a public API. In this case, 'virsh -r -c test:///default destroy test' changes from: error: operation virDomainDestroy forbidden for read only access to: error: operation forbidden: read only access prevents virDomainDestroy Note that we were previously inconsistent on which APIs used VIR_FROM_DOM (such as virDomainDestroy) vs. VIR_FROM_NONE (such as virDomainPMSuspendForDuration). After this patch, all uses consistently use VIR_FROM_NONE, on the grounds that it is unlikely that a caller learning that a call is denied can do anything in particular with extra knowledge which error domain the call belongs to (similar to what we did in commit baa72449). * src/util/virerror.c (virErrorMsg): Rework OPERATION_DENIED error message. * src/internal.h (virCheckReadOnlyGoto): New macro. * src/util/virerror.h (virReportRestrictedError): New macro. * src/libvirt-lxc.c: Use new macros. * src/libvirt-qemu.c: Likewise. * src/libvirt.c: Likewise. * src/locking/lock_daemon.c (virLockDaemonClientNew): Likewise. Signed-off-by: NEric Blake <eblake@redhat.com>
-
- 10 12月, 2013 5 次提交
-
-
由 Michal Privoznik 提交于
This reverts commit 8355d42d. After some discussion upstream [1] this patch turns out to be spurious. It better gets reverted prior to a release. 1: https://www.redhat.com/archives/libvir-list/2013-December/msg00563.htmlSigned-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michael Chapman 提交于
Also use a distinct, valid exit status for daemon re-execution failure. Signed-off-by: NMichael Chapman <mike@very.puzzling.org>
-
由 Michael Chapman 提交于
SIGHUP is commonly used to instruct a daemon to reload its config. For now we should handle it in virtlockd just like SIGUSR1, rather than having it kill the process. Signed-off-by: NMichael Chapman <mike@very.puzzling.org> Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michael Chapman 提交于
- Use SIGUSR1, not SIGHUP, on reload. At present, virtlockd only responds to the former. - Fix PID file for virtlockd. - Do not start virtlockd in any runlevels by default. It needs to be explicitly selected in libvirt's qemu.conf anyway, so there is no need to have it running on all systems regardless. - Fix chkconfig priorities to ensure virtlockd is started before libvirtd is started, and stopped after libvirtd is stopped. - Add "Should-Start: virtlockd" to the libvirtd initscript's LSB header, for the same reason. - Add "Default-Stop" to both libvirtd and virtlockd initscripts. LSB does not guarantee that this defaults to the inverse of "Default-Start". Signed-off-by: NMichael Chapman <mike@very.puzzling.org> Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Michael Chapman 提交于
- Pass VIRTLOCKD_ARGS through to virtlockd. - Use SIGUSR1, not SIGHUP, in ExecReload. At present, virtlockd only responds to the former. - Have "systemctl enable virtlockd.service" enable virtlockd.socket, rather than throw an error. - Make virtlockd.socket wanted by sockets.target, rather than multi-user.target. This is consistent with other socket units in Fedora, and it ensures that the socket is available before libvirtd is started. Signed-off-by: NMichael Chapman <mike@very.puzzling.org>
-
- 20 11月, 2013 1 次提交
-
-
由 Guido Günther 提交于
Syslog is socket activated since at least systemd v35 so we can drop this dependency. Debian's linitian otherwise complains about it. References: http://www.freedesktop.org/wiki/Software/systemd/syslog/ http://lintian.debian.org/tags/systemd-service-file-refers-to-obsolete-target.html
-
- 21 10月, 2013 2 次提交
-
-
由 Daniel P. Berrange 提交于
Most of the usage of getuid()/getgid() is in cases where we are considering what privileges we have. As such the code should be using the effective IDs, not real IDs. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Unconditional use of getenv is not secure in setuid env. While not all libvirt code runs in a setuid env (since much of it only exists inside libvirtd) this is not always clear to developers. So make all the code paranoid, even if it only ever runs inside libvirtd. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 03 9月, 2013 1 次提交
-
-
由 Michal Privoznik 提交于
The test should refer to Virtlockd.lns, which is the name of the module + lens in virtlockd.aug.
-
- 30 8月, 2013 1 次提交
-
-
由 Guido Günther 提交于
-
- 19 8月, 2013 1 次提交
-
-
由 David Weber 提交于
Each new VM requires a new connection from libvirtd to virtlockd. The default max clients limit in virtlockd of 20 is thus woefully insufficient. virtlockd sockets are only accessible to matching users, so there is no security need for such a tight limit. Make it configurable and default to 1024. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 13 8月, 2013 1 次提交
-
-
由 Daniel P. Berrange 提交于
The virtlockd/libvirtd daemons had listed '?' as the short option for --help. getopt_long uses '?' for any unknown option. We want to be able to distinguish unknown options (which use EXIT_FAILURE) from correct usage of help (which should use EXIT_SUCCESS). Thus we should use 'h' as a short option for --help. Also add this to the man page docs The virtlockd/libvirtd daemons did not list any short option for the --version arg. Add -V as a valid short option, since -v is already used for --verbose. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 09 8月, 2013 2 次提交
-
-
由 Daniel P. Berrange 提交于
The virtlockd daemon supports an /etc/libvirt/virtlockd.conf config file, but we never installed a default config, nor created any augeas scripts. This change addresses that omission. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Create a virtlockd.pod.in file containing the man page content for virtlockd. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 05 8月, 2013 1 次提交
-
-
由 Michal Privoznik 提交于
This configuration knob lets user to set the length of queue of connection requests waiting to be accept()-ed by the daemon. IOW, it just controls the @backlog passed to listen: int listen(int sockfd, int backlog);
-
- 11 7月, 2013 1 次提交
-
-
由 Daniel P. Berrange 提交于
Convert the type of loop iterators named 'i', 'j', k', 'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or 'unsigned int', also santizing 'ii', 'jj', 'kk' to use the normal 'i', 'j', 'k' naming Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 10 7月, 2013 1 次提交
-
-
由 Michal Privoznik 提交于
-
- 24 6月, 2013 1 次提交
-
-
由 Daniel P. Berrange 提交于
Introduce annotations to all RPC messages to declare what access control checks are required. There are two new annotations defined: @acl: <object>:<permission> @acl: <object>:<permission>:<flagname> Declare the access control requirements for the API. May be repeated multiple times, if multiple rules are required. <object> is one of 'connect', 'domain', 'network', 'storagepool', 'interface', 'nodedev', 'secret'. <permission> is one of the permissions in access/viraccessperm.h <flagname> indicates the rule only applies if the named flag is set in the API call @aclfilter: <object>:<permission> Declare an access control filter that will be applied to a list of objects being returned by an API. This allows the returned list to be filtered to only show those the user has permissions against Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 05 6月, 2013 1 次提交
-
-
由 Ján Tomko 提交于
Change the socket path to match the one used by lockd driver. https://bugzilla.redhat.com/show_bug.cgi?id=968128
-
- 21 5月, 2013 1 次提交
-
-
由 Osier Yang 提交于
-
- 09 5月, 2013 1 次提交
-
-
由 Michal Privoznik 提交于
-
- 08 5月, 2013 1 次提交
-
-
由 Daniel P. Berrange 提交于
Since PIDs can be reused, polkit prefers to be given a (PID,start time) pair. If given a PID on its own, it will attempt to lookup the start time in /proc/pid/stat, though this is subject to races. It is safer if the client app resolves the PID start time itself, because as long as the app has the client socket open, the client PID won't be reused. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
- 03 5月, 2013 3 次提交
-
-
由 Daniel P. Berrange 提交于
A 'uri' parameter was added for the benefit of sanlock. This causes a warning in the lockd driver though 2013-05-03 13:20:35.347+0000: 28403: error : virLockManagerLockDaemonNew:482 : internal error Unexpected parameter uri for object Ignore this parameter, since lockd does not require it and it is harmless if not used. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
The lockd plugin for the lock manager was not correctly handling the release of resource locks. This meant that during migration, or when pausing a VM, the locks would not get released. This in turn made it impossible to resume the domain, or finish migration
-
由 Laine Stump 提交于
commit 7c9a2d88 missed adding in a few #include "virstring.h"s, causing builds to fail.
-
- 02 5月, 2013 1 次提交
-
-
由 Michal Privoznik 提交于
The source code base needs to be adapted as well. Some files include virutil.h just for the string related functions (here, the include is substituted to match the new file), some include virutil.h without any need (here, the include is removed), and some require both.
-