Prior to joining the namespaces of the container, move the
process into the containers' cgroups, so that the shell that
is subsequently launched is under the container resource
constraints.
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

Currently the shell must be looked up from the config setting in
/etc/libvirt/virt-login-shell.conf. This is inflexible if there
are containers where different users need different shells. Add
add a new 'auto-shell' config parameter which instructs us to
query the containers' /etc/passwd for the shell to be exec'd.
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

The virt-login-shell environment will be initialized with
an arbitrary number of environment variables determined
by the SSH daemon and PAM configuration. Most of these are
not relevant inside the container, and at best they are
noise and at worst they'll break apps. For example if
XDG_RUNTIME_DIR is leaked to the container, it'll break
any apps using it, since  the directory it points to is
only visible to the host OS filesystem, not the container
FS.

Use clearenv() to blank out everything and then set known
good values for PATH, SHELL, USER, LOGNAME HOME and TERM.
Everything else is left up to the login shell to initialize.
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

The virDomainFree / virConnectClose methods will reset the
last error handle, so we must save the error during cleanup
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

Currently the shell config file parameter must be a list
giving the shell path and args. Allow it to be a plain
string argument as well.
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

Currently we request a login shell by passing the -l argument
to the shell. This is either hardcoded, or required to be
specified by the user in the virt-login-shell.conf file.

The standard way for login programs to request a shell run
as a login shell is to modify the argv passed to execve()
so that argv[0] contains the relative shell filename
prefixed with a zero. eg instead of doing

  const char **shellargs = ["/bin/bash", "-l", NULL];
  execve(shellargs[0], shellargs, env);

We should be doing

  const char **shellargs = ["-bash", NULL];
  execve("/bin/bash", shellargs, env);
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

The virt-login-shell program is supposed to look like a
regular shell to clients. Login services like sshd
expect the shell to accept a '-c cmdstring' argument to
specify a command to launch instead of presenting an
interactive prompt.

We can implement this by simply passing the '-c cmdstring'
data straight through to the real shell we use. This does
not open any security holes, since the command is not run
until we're inside the container namespaces. This allows
scp to work for users with virt-login-shell.
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

Extend the lxc-enter-namespace command so that it joins the
containers' cgroups before starting new namespaces. This
ensures that the commands run have the normal resource
limits applied
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

Add the virDomainLxcEnterCGroup API to the libvirt-lxc.so
file. This method moves the calling process into the cgroups
associated with the container.
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

Add a virGetUserShell wrapper around virGetUserEnt, that
returns the shell field.
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

Move all APIs with a virHostMEM name prefix out into new
util/virhostmem.h & util/virhostmem.c files
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

Move all APIs with a virHostCPU name prefix out into new
util/virhostcpu.h & util/virhostcpu.c files
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

In preparation for moving all the CPU related APIs out of
the nodeinfo file, give them a virHostCPU name prefix.
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

In preparation for moving all the memory related APIs out of
the nodeinfo file, give them a virHostMem name prefix.
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

Instead of having platform specific code in nodeGetInfo to
fetch CPU topology, split it all out into a new method
nodeGetCPUInfo.
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

The GNULIB physmem module already provides support for
the FreeBSD platform, so there's no reason to re-implement
FreeBSD portability code in libvirt. If there are bugs in
the GNULIB code, we should fix GNULIB rather than workaround
it in libvirt.
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

The nodeGetInfo() method currently has its own code for getting
memory size in KB, that basically just re-invents what nodeGetMemory
already does. Remove it and just call nodeGetMemory, converting its
result from bytes to KB, allowing removal of more platform specific
conditional code.
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

Nearly all the methods in the nodeinfo file are given a
'const char *sysfs_prefix' parameter to override the
default sysfs path (/sys/devices/system). Every single
caller passes in NULL for this, except one use in the
unit tests. Furthermore this parameter is totally
Linux-specific, when the APIs are intended to be cross
platform portable.

This removes the sysfs_prefix parameter and instead gives
a new method linuxNodeInfoSetSysFSSystemPath for use by
the test suite.

For two of the methods this hardcodes use of the constant
SYSFS_SYSTEM_PATH, since the test suite does not need to
override the path for thos methods.
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

If you want to set block device I/O tuning values that end with '_max'
and there is nothing else set, libvirt emits an error.  In particular:

  error: internal error: Unexpected error

That's an unknown error.  That is because *_max values depend on their
respective non-_max values.  QEMU even says that in the error message
sent as a response to the monitor command:

  "error": {"class": "GenericError", "desc": "bps_max/iops_max require
  corresponding bps/iops values"}

the problem was that we didn't know that and there was no check for it.
Adding such check makes sure that there will be less confused users.
Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>

Signed-off-by: NPavel Hrdina <phrdina@redhat.com>

This new listen type is currently supported only by spice graphics.
It's introduced to make it easier and clearer specify to not listen
anywhere in order to start a guest with OpenGL support.

The old way to do this was set spice graphics autoport='no' and don't
specify any ports.  The new way is to use <listen type='none'/>.  In
order to be able to migrate to old libvirt the migratable XML will be
generated without the listen element and with autoport='no'.  Also the
old configuration will be automatically converted to the this listen
type.
Signed-off-by: NPavel Hrdina <phrdina@redhat.com>

Signed-off-by: NPavel Hrdina <phrdina@redhat.com>

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1335832Signed-off-by: NPavel Hrdina <phrdina@redhat.com>

Add a new capability to detect support of unix sockets for spice
graphics.
Signed-off-by: NPavel Hrdina <phrdina@redhat.com>

VNC graphics already supports sockets but only via 'socket' attribute.
This patch coverts that attribute into listen type 'socket'.

For backward compatibility we need to handle listen type 'socket' and 'socket'
attribute properly to support old XMLs and new XMLs.  If both are provided they
have to match, if only one of them is provided we need to be able to parse that
configuration too.

To not break migration back to old libvirt if the socket is provided by user we
need to generate migratable XML without the listen element and use only 'socket'
attribute.
Signed-off-by: NPavel Hrdina <phrdina@redhat.com>

Signed-off-by: NPavel Hrdina <phrdina@redhat.com>

This moves the socket generation if "vnc_auto_unix_socket" is set.

It also fixes a bug with this config option that we should auto-generate
socket path only if listen type is address and there is no address
specified.
Signed-off-by: NPavel Hrdina <phrdina@redhat.com>

Even though it's auto-generated it's based on qemu.conf option and listen type
address already uses "fromConfig" to carry this information.  Following commits
will convert the socket to listen element so this rename is required because
there will be also an option to get socket auto-generated independently on the
qemu.conf option.
Signed-off-by: NPavel Hrdina <phrdina@redhat.com>

There is no need to check again for vnc socket.
Signed-off-by: NPavel Hrdina <phrdina@redhat.com>

Since commit 71408079, qemu agent
channel cannot be plugged in because we won't generate its path
automatically.  Let's not only fix that, but also add tests for it so
next time it's checked for.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1322210Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>

Until now, the only hot thing in this test was the name.  That's because
we set the id to '-1' before every test.  With this change, we test the
hotplug on live domains as the name suggests and as it should be.
Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>

Put it into separate function called qemuDomainPrepareChannel() and call
it from the new qemuProcessPrepareDomain().
Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>

The actual CPU model in the data files is Penryn which makes the file
name look rather strange. Well, one of them contains Nehalem, but that's
a bug which will be fixed soon.
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>

Implemented in QEMU by commit 28b8e4d0bf93ba176b4b7be819d537383c5a9060.
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>

This was implemented in QEMU by commit 0bb0b2d2fe7f645dda.
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>

As a side effect this changes the order of CPU features in XMLs
generated by libvirt, but that's not a big deal since the order there is
insignificant.
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>

For two reasons:
- 0x00000001 is very similar to 0x80000001, but 0x01 is visually
  different
- 0x01 format is consistent with CPUID manual
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>

This patch makes our CPUID handling code up-to-date with the current
specification found in

Intel® 64 and IA-32 Architectures Developer's Manual: Vol. 2A
http://www.intel.com/content/www/us/en/processors/architectures-software-developer-manuals.htmlSigned-off-by: NJiri Denemark <jdenemar@redhat.com>

CPUID instruction normally takes its parameter from EAX, but sometimes
ECX is used as an additional parameter. This patch prepares the x86 CPU
driver code for the new 'ecx_in' CPUID parameter.
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>

Signed-off-by: NJiri Denemark <jdenemar@redhat.com>