1. 25 3月, 2013 1 次提交
    • O
      util: Add one helper virReadFCHost to read the value of fc_host entry · 244ce462
      Osier Yang 提交于
      "open_wwn_file" in node_device_linux_sysfs.c is redundant, on one
      hand it duplicates work of virFileReadAll, on the other hand, it's
      waste to use a function for it, as there is no other users of it.
      So I don't see why the file opening work cannot be done in
      "read_wwn_linux".
      
      "read_wwn_linux" can be abstracted as an util function. As what all
      it does is to read the sysfs entry.
      
      So this patch removes "open_wwn_file", and abstract "read_wwn_linux"
      as an util function "virReadFCHost" (a more general name, because
      after changes, it can read each of the fc_host entry now).
      
      * src/util/virutil.h: (Declare virReadFCHost)
      * src/util/virutil.c: (Implement virReadFCHost)
      * src/node_device/node_device_linux_sysfs.c: (Remove open_wwn_file,
        and read_wwn_linux)
      src/node_device/node_device_driver.h: (Remove the declaration of
        read_wwn_linux, and the related macros)
      src/libvirt_private.syms: (Export virReadFCHost)
      244ce462
  2. 16 3月, 2013 1 次提交
    • E
      util: portably check for unchanged uid · 7af86379
      Eric Blake 提交于
      We've already scrubbed for comparisons of 'uid_t == -1' (which fail
      on platforms where uid_t is a u16), but another one snuck in.
      
      * src/util/virutil.c (virSetUIDGIDWithCaps): Correct uid comparison.
      * cfg.mk (sc_prohibit_risky_id_promotion): New rule.
      7af86379
  3. 15 3月, 2013 1 次提交
    • L
      util: fix clear_emulator_capabilities=0 · 49fa91b3
      Laine Stump 提交于
      My commit 7a2e845a (and its
      prerequisites) managed to effectively ignore the
      clear_emulator_capabilities setting in qemu.conf (visible in the code
      as the VIR_EXEC_CLEAR_CAPS flag when qemu is being exec'ed), with the
      result that the capabilities are always cleared regardless of the
      qemu.conf setting. This patch fixes it by passing the flag through to
      virSetUIDGIDWithCaps(), which uses it to decide whether or not to
      clear existing capabilities before adding in those that were
      requested.
      
      Note that the existing capabilities are *always* cleared if the new
      process is going to run as non-root, since the whole point of running
      non-root is to have the capabilities removed (it's still possible to
      maintain individual capabilities as needed using the capBits argument
      though).
      49fa91b3
  4. 06 3月, 2013 1 次提交
    • G
      util: fix a integer boundary error · b38a040a
      Guannan Ren 提交于
      A value which is equal to a integer maximum such as LLONG_MAX is
      a valid integer value.
      
      The patch fix the following error:
      1, virsh memtune vm --swap-hard-limit -1
      2, virsh start vm
      In debug mode, it shows error like:
      virScaleInteger:1813 : numerical overflow:\
                             value too large: 9007199254740991KiB
      b38a040a
  5. 25 2月, 2013 2 次提交
  6. 16 2月, 2013 1 次提交
    • E
      build: fix mingw build · 660db5bf
      Eric Blake 提交于
      Commits 20253560 and ba72cb12 introduced typos.
      
      * src/util/virpci.c (virPCIIsVirtualFunction) [!__linux__]: Fix
      function name.
      * src/util/virutil.c (virGetDeviceID): Fix attribute spelling.
      660db5bf
  7. 14 2月, 2013 2 次提交
    • L
      util: virSetUIDGIDWithCaps - change uid while keeping caps · e11451f4
      Laine Stump 提交于
      Normally when a process' uid is changed to non-0, all the capabilities
      bits are cleared, even those explicitly set with calls to
      capng_update()/capng_apply() made immediately before setuid. And
      *after* the process' uid has been changed, it no longer has the
      necessary privileges to add capabilities back to the process.
      
      In order to set a non-0 uid while still maintaining any capabilities
      bits, it is necessary to either call capng_change_id() (which
      unfortunately doesn't currently call initgroups to setup auxiliary
      group membership), or to perform the small amount of calisthenics
      contained in the new utility function virSetUIDGIDWithCaps().
      
      Another very important difference between the capabilities
      setting/clearing in virSetUIDGIDWithCaps() and virCommand's
      virSetCapabilities() (which it will replace in the next patch) is that
      the new function properly clears the capabilities bounding set, so it
      will not be possible for a child process to set any new
      capabilities.
      
      A short description of what is done by virSetUIDGIDWithCaps():
      
      1) clear all capabilities then set all those desired by the caller (in
      capBits) plus CAP_SETGID, CAP_SETUID, and CAP_SETPCAP (which is needed
      to change the capabilities bounding set).
      
      2) call prctl(), telling it that we want to maintain current
      capabilities across an upcoming setuid().
      
      3) switch to the new uid/gid
      
      4) again call prctl(), telling it we will no longer want capabilities
      maintained if this process does another setuid().
      
      5) clear the capabilities that we added to allow us to
      setuid/setgid/change the bounding set (unless they were also requested
      by the caller via the virCommand API).
      
      Because the modification/maintaining of capabilities is intermingled
      with setting the uid, this is necessarily done in a single function,
      rather than having two independent functions.
      
      Note that, due to the way that effective capabilities are computed (at
      time of execve) for a process that has uid != 0, the *file*
      capabilities of the binary being executed must also have the desired
      capabilities bit(s) set (see "man 7 capabilities"). This can be done
      with the "filecap" command. (e.g. "filecap /usr/bin/qemu-kvm sys_rawio").
      e11451f4
    • L
      util: make virSetUIDGID a NOP only when uid or gid is -1 · f506a4c1
      Laine Stump 提交于
      Rather than treating uid:gid of 0:0 as a NOP, we blindly pass that
      through to the lower layers. However, we *do* check for a requested
      value of "-1" to mean "don't change this setting". setregid() and
      setreuid() already interpret -1 as a NOP, so this is just an
      optimization, but we are also calling getpwuid_r and initgroups, and
      it's unclear what the former would do with a uid of -1.
      f506a4c1
  8. 22 1月, 2013 1 次提交
    • M
      safe{read,write}: Document usage with nonblocking FD · 074b6d45
      Michal Privoznik 提交于
      Currently, whenever somebody calls saferead() on nonblocking FD
      (safewrite() is totally interchangeable for purpose of this message)
      he might get wrong return value. For instance, in the first iteration
      some data is read. The number of bytes read is stored into local
      variable 'nread'. However, in next iterations we can get -1 from
      read() with errno == EAGAIN, in which case the -1 is returned despite
      fact some data has already been read. So the caller gets confused.
      Bare read() should be used for nonblocking FD.
      074b6d45
  9. 14 1月, 2013 1 次提交
  10. 11 1月, 2013 1 次提交
    • E
      util: reduce syscalls for virGetDeviceID · 9f2879d3
      Eric Blake 提交于
      There's no need to do lots of readlink() calls to canonicalize
      a name if we're only going to use stat() on it, since stat()
      already chases symlinks.
      
      * src/util/virutil.c (virGetDeviceID): Let stat() do the symlink
      chasing.
      9f2879d3
  11. 07 1月, 2013 2 次提交
    • O
      qemu: set unpriv_sgio when starting domain and attaching disk · 278f87c4
      Osier Yang 提交于
      This ignores the default "filtered" if unpriv_sgio is not supported
      by kernel, but for explicit request "filtered", it error out for
      domain starting.
      278f87c4
    • O
      util: Prepare helpers for unpriv_sgio setting · ba72cb12
      Osier Yang 提交于
      "virGetDeviceID" could be used across the sources, but it doesn't
      relate with this series, and could be done later.
      
      * src/util/virutil.h: (Declare virGetDeviceID, and
                             vir{Get,Set}DeviceUnprivSGIO)
      * src/util/virutil.c: (Implement virGetDeviceID and
                             vir{Get,Set}DeviceUnprivSGIO)
      * src/libvirt_private.syms: Export private symbols of upper helpers
      ba72cb12
  12. 21 12月, 2012 8 次提交
  13. 12 12月, 2012 2 次提交
  14. 07 12月, 2012 3 次提交
    • O
      qemu: Allow the user to specify vendor and product for disk · b718ded3
      Osier Yang 提交于
      QEMU supports setting vendor and product strings for disk since
      1.2.0 (only scsi-disk, scsi-hd, scsi-cd support it), this patch
      exposes it with new XML elements <vendor> and <product> of disk
      device.
      b718ded3
    • C
      util: Don't fail virGetGroupIDByName when group not found · a33f4eae
      Christophe Fergeau 提交于
      virGetGroupIDByName is documented as returning 1 if the groupname
      cannot be found. getgrnam_r is documented as returning:
      « 0 or ENOENT or ESRCH or EBADF or EPERM or ...  The given name
      or gid was not found. »
       and that:
      « The formulation given above under "RETURN VALUE" is from POSIX.1-2001.
      It  does  not  call  "not  found"  an error, hence does not specify what
      value errno might have in this situation.  But that makes it impossible to
      recognize errors.  One might argue that according to POSIX errno should be
      left unchanged if an entry is not found.  Experiments on various UNIX-like
      systems shows that lots of different values occur in this situation: 0,
      ENOENT, EBADF, ESRCH, EWOULDBLOCK, EPERM and probably others. »
      
      virGetGroupIDByName returns an error when the return value of getgrnam_r
      is non-0. However on my RHEL system, getgrnam_r returns ENOENT when the
      requested user cannot be found, which then causes virGetGroupID not
      to behave as documented (it returns an error instead of falling back
      to parsing the passed-in value as an gid).
      
      This commit makes virGetGroupIDByName only report an error when errno
      is set to one of the values in the posix description of getgrnam_r
      (which are the same as the ones described in the manpage on my system).
      a33f4eae
    • C
      util: Don't fail virGetUserIDByName when user not found · 6c6c03dc
      Christophe Fergeau 提交于
      virGetUserIDByName is documented as returning 1 if the username
      cannot be found. getpwnam_r is documented as returning:
      « 0 or ENOENT or ESRCH or EBADF or EPERM or ...  The given name
      or uid was not found. »
       and that:
      « The formulation given above under "RETURN VALUE" is from POSIX.1-2001.
      It  does  not  call  "not  found"  an error, hence does not specify what
      value errno might have in this situation.  But that makes it impossible to
      recognize errors.  One might argue that according to POSIX errno should be
      left unchanged if an entry is not found.  Experiments on various UNIX-like
      systems shows that lots of different values occur in this situation: 0,
      ENOENT, EBADF, ESRCH, EWOULDBLOCK, EPERM and probably others. »
      
      virGetUserIDByName returns an error when the return value of getpwnam_r
      is non-0. However on my RHEL system, getpwnam_r returns ENOENT when the
      requested user cannot be found, which then causes virGetUserID not
      to behave as documented (it returns an error instead of falling back
      to parsing the passed-in value as an uid).
      
      This commit makes virGetUserIDByName only report an error when errno
      is set to one of the values in the posix description of getpwnam_r
      (which are the same as the ones described in the manpage on my system).
      6c6c03dc
  15. 23 11月, 2012 1 次提交
  16. 02 11月, 2012 1 次提交
  17. 22 10月, 2012 1 次提交
  18. 10 10月, 2012 1 次提交
    • M
      win32: Pretend that close-on-exec works · fcfa4bfb
      Matthias Bolte 提交于
      Currently virNetSocketNew fails because virSetCloseExec fails as there
      is no proper implementation for it on Windows at the moment. Workaround
      this by pretending that setting close-on-exec on the fd works. This can
      be done because libvirt currently lacks the ability to create child
      processes on Windows anyway. So there is no point in failing to set a
      flag that isn't useful at the moment anyway.
      fcfa4bfb
  19. 09 10月, 2012 1 次提交
    • M
      util: extend virGetUserID and virGetGroupID to support names and IDs · 0b237296
      Marcelo Cerri 提交于
      This patch updates virGetUserID and virGetGroupID to be able to parse a
      user or group name in a similar way to coreutils' chown. This means that
      a numeric value with a leading plus sign is always parsed as an ID,
      otherwise the functions try to parse the input first as a user or group
      name and if this fails they try to parse it as an ID.
      
      This patch includes Peter Krempa's changes to correctly handle errors
      returned by getpwnam_r and getgrnam_r.
      0b237296
  20. 28 9月, 2012 1 次提交
    • D
      Add systemd journal support · f6430390
      Daniel P. Berrange 提交于
      Add support for logging to the systemd journal, using its
      simple client library. The benefit over syslog is that it
      accepts structured log data, so the journald can store
      individual items like code file/line/func separately from
      the string message. Tools which require structured log
      data can then query the journal to extract exactly what
      they desire without resorting to string parsing
      
      While systemd provides a simple client library for logging,
      it is more convenient for libvirt to directly write its
      own client code. This lets us build up the iovec's on
      the stack, avoiding the need to alloc memory when writing
      log messages.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      f6430390
  21. 26 9月, 2012 4 次提交
  22. 21 9月, 2012 1 次提交
  23. 18 9月, 2012 1 次提交
    • O
      conf: Parse and format disk <wwn> · facc1c00
      Osier Yang 提交于
      Validates the wwn while parsing, error out if it's malformed.
      
      * src/util/util.h: Declare virValidateWWN
      * src/util/util.c: Implement virValidateWWN
      * src/libvirt_private.syms: Export virValidateWWN.
      * src/conf/domain_conf.h: New member 'wwn' for disk def.
      * src/conf/domain_conf.c: Parse and format disk <wwn>
      facc1c00
  24. 29 8月, 2012 1 次提交
    • P
      util: Fix error message when getpwuid_r fails to find the user · f2bb32b1
      Peter Krempa 提交于
      getpwuid_r returns success but sets the return structure to NULL when it
      fails to deliver data about the requested uid. In our helper code this
      created following strange error messages:
      
      " ... cannot getpwuid_r(1234): Success"
      
      This patch creates a more helpful message:
      " ... getpwuid_r failed to retrieve data for uid '1234'"
      f2bb32b1