Compare commits
10 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 Daniel P. Berrange
|
576c952d6c | ||
|
Daniel Veillard
|
6cba2d7c9e | ||
|
Daniel Veillard
|
824ac1932d | ||
|
Daniel Veillard
|
2457ff7037 | ||
|
Daniel Veillard
|
d8ce9b00e6 | ||
|
Daniel P. Berrange
|
5238691972 | ||
|
Daniel P. Berrange
|
49bd0fe0f6 | ||
|
Daniel P. Berrange
|
f57c13f43b | ||
|
Daniel Veillard
|
b4531a6202 | ||
|
Jesse Keating
|
0685aa3535 |
+24
@@ -0,0 +1,24 @@
|
||||
libvirt-0.0.3.tar.gz
|
||||
libvirt-0.0.4.tar.gz
|
||||
libvirt-0.0.5.tar.gz
|
||||
libvirt-0.0.6.tar.gz
|
||||
libvirt-0.1.0.tar.gz
|
||||
libvirt-0.1.2.tar.gz
|
||||
libvirt-0.1.1.tar.gz
|
||||
libvirt-0.1.3.tar.gz
|
||||
libvirt-0.1.4.tar.gz
|
||||
libvirt-0.1.5.tar.gz
|
||||
libvirt-0.1.6.tar.gz
|
||||
libvirt-0.1.7.tar.gz
|
||||
libvirt-0.1.8.tar.gz
|
||||
libvirt-0.1.9.tar.gz
|
||||
libvirt-0.1.10.tar.gz
|
||||
libvirt-0.1.11.tar.gz
|
||||
libvirt-0.2.0.tar.gz
|
||||
libvirt-0.2.1.tar.gz
|
||||
libvirt-0.2.2.tar.gz
|
||||
libvirt-0.2.3.tar.gz
|
||||
libvirt-0.3.0.tar.gz
|
||||
libvirt-0.3.1.tar.gz
|
||||
libvirt-0.3.2.tar.gz
|
||||
libvirt-0.3.3.tar.gz
|
||||
@@ -1,5 +0,0 @@
|
||||
.build*.log
|
||||
*.rpm
|
||||
i686
|
||||
x86_64
|
||||
libvirt-*.tar.gz
|
||||
@@ -1,38 +0,0 @@
|
||||
From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
|
||||
Date: Thu, 17 Dec 2015 13:43:58 +0100
|
||||
Subject: [PATCH] schema: interleave domain name and uuid with other elements
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Allow <name> and <uuid> anywhere under <domain>, not just at the top:
|
||||
|
||||
error:XML document failed to validate against schema: Unable to validate
|
||||
doc against /usr/share/libvirt/schemas/domain.rng
|
||||
Expecting an element name, got nothing
|
||||
Invalid sequence in interleave
|
||||
Element domain failed to validate content
|
||||
|
||||
Introduced with the first RelaxNG schema in commit c642103.
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1292131
|
||||
(cherry picked from commit b4e0549febe416ffefc16f389423740d6d65fa74)
|
||||
Signed-off-by: Ján Tomko <jtomko@redhat.com>
|
||||
---
|
||||
docs/schemas/domaincommon.rng | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
|
||||
index b252a17..48610ce 100644
|
||||
--- a/docs/schemas/domaincommon.rng
|
||||
+++ b/docs/schemas/domaincommon.rng
|
||||
@@ -30,8 +30,8 @@
|
||||
<define name="domain">
|
||||
<element name="domain">
|
||||
<ref name="hvs"/>
|
||||
- <ref name="ids"/>
|
||||
<interleave>
|
||||
+ <ref name="ids"/>
|
||||
<optional>
|
||||
<ref name="title"/>
|
||||
</optional>
|
||||
@@ -1,32 +0,0 @@
|
||||
From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
|
||||
Date: Thu, 14 Jan 2016 14:31:17 +0100
|
||||
Subject: [PATCH] leaseshelper: fix crash when no mac is specified
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
If dnsmasq specified DNSMASQ_IAID (so we're dealing with an IPv6
|
||||
lease) but no DNSMASQ_MAC, we skip creation of the new lease object.
|
||||
|
||||
Also skip adding it to the leases array.
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1202350
|
||||
(cherry picked from commit df9fe124d650bc438c531673492569da87523d20)
|
||||
Signed-off-by: Ján Tomko <jtomko@redhat.com>
|
||||
---
|
||||
src/network/leaseshelper.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/network/leaseshelper.c b/src/network/leaseshelper.c
|
||||
index 2d528f7..6930310 100644
|
||||
--- a/src/network/leaseshelper.c
|
||||
+++ b/src/network/leaseshelper.c
|
||||
@@ -439,7 +439,7 @@ main(int argc, char **argv)
|
||||
|
||||
case VIR_LEASE_ACTION_OLD:
|
||||
case VIR_LEASE_ACTION_ADD:
|
||||
- if (virJSONValueArrayAppend(leases_array_new, lease_new) < 0) {
|
||||
+ if (lease_new && virJSONValueArrayAppend(leases_array_new, lease_new) < 0) {
|
||||
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
|
||||
_("failed to create json"));
|
||||
goto cleanup;
|
||||
@@ -1,63 +0,0 @@
|
||||
From: Cole Robinson <crobinso@redhat.com>
|
||||
Date: Tue, 19 Jan 2016 22:19:56 -0500
|
||||
Subject: [PATCH] build: predictably generate systemtap tapsets (bz 1173641)
|
||||
|
||||
The generated output is dependent on perl hashtable ordering, which
|
||||
gives different results for i686 and x86_64. Fix this by sorting
|
||||
the hash keys before iterating over them
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1173641
|
||||
(cherry picked from commit a1edb05c6028470aa24b74aa0f8d5fb5a181128a)
|
||||
---
|
||||
src/rpc/gensystemtap.pl | 10 +++++-----
|
||||
1 file changed, 5 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/src/rpc/gensystemtap.pl b/src/rpc/gensystemtap.pl
|
||||
index 2467300..7b80fbf 100755
|
||||
--- a/src/rpc/gensystemtap.pl
|
||||
+++ b/src/rpc/gensystemtap.pl
|
||||
@@ -72,7 +72,7 @@ function libvirt_rpc_auth_name(type, verbose)
|
||||
{
|
||||
EOF
|
||||
my $first = 1;
|
||||
-foreach my $type (keys %auth) {
|
||||
+foreach my $type (sort(keys %auth)) {
|
||||
my $cond = $first ? "if" : "} else if";
|
||||
$first = 0;
|
||||
print " $cond (type == ", $type, ") {\n";
|
||||
@@ -95,7 +95,7 @@ function libvirt_rpc_type_name(type, verbose)
|
||||
{
|
||||
EOF
|
||||
$first = 1;
|
||||
-foreach my $type (keys %type) {
|
||||
+foreach my $type (sort(keys %type)) {
|
||||
my $cond = $first ? "if" : "} else if";
|
||||
$first = 0;
|
||||
print " $cond (type == ", $type, ") {\n";
|
||||
@@ -118,7 +118,7 @@ function libvirt_rpc_status_name(status, verbose)
|
||||
{
|
||||
EOF
|
||||
$first = 1;
|
||||
-foreach my $status (keys %status) {
|
||||
+foreach my $status (sort(keys %status)) {
|
||||
my $cond = $first ? "if" : "} else if";
|
||||
$first = 0;
|
||||
print " $cond (status == ", $status, ") {\n";
|
||||
@@ -141,7 +141,7 @@ function libvirt_rpc_program_name(program, verbose)
|
||||
{
|
||||
EOF
|
||||
$first = 1;
|
||||
-foreach my $prog (keys %funcs) {
|
||||
+foreach my $prog (sort(keys %funcs)) {
|
||||
my $cond = $first ? "if" : "} else if";
|
||||
$first = 0;
|
||||
print " $cond (program == ", $funcs{$prog}->{id}, ") {\n";
|
||||
@@ -165,7 +165,7 @@ function libvirt_rpc_procedure_name(program, version, proc, verbose)
|
||||
{
|
||||
EOF
|
||||
$first = 1;
|
||||
-foreach my $prog (keys %funcs) {
|
||||
+foreach my $prog (sort(keys %funcs)) {
|
||||
my $cond = $first ? "if" : "} else if";
|
||||
$first = 0;
|
||||
print " $cond (program == ", $funcs{$prog}->{id}, " && version == ", $funcs{$prog}->{version}, ") {\n";
|
||||
@@ -1,30 +0,0 @@
|
||||
From: "Daniel P. Berrange" <berrange@redhat.com>
|
||||
Date: Fri, 3 Jul 2015 16:51:56 +0100
|
||||
Subject: [PATCH] rpc: ensure daemon is spawn even if dead socket exists
|
||||
|
||||
The auto-spawn code would originally attempt to spawn the
|
||||
daemon for both ENOENT and ECONNREFUSED errors from connect().
|
||||
The various refactorings eventually lost this so we only
|
||||
spawn the daemon on ENOENT. The result is if the daemon exits
|
||||
uncleanly, so that the socket is left in the filesystem, we
|
||||
will never be able to auto-spawn the daemon again.
|
||||
|
||||
(cherry picked from commit 406ee8c226d2197ba1aaecb9cf3ad2b6df31ae44)
|
||||
---
|
||||
src/rpc/virnetsocket.c | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
|
||||
index 51f94d4..6153e0e 100644
|
||||
--- a/src/rpc/virnetsocket.c
|
||||
+++ b/src/rpc/virnetsocket.c
|
||||
@@ -610,7 +610,8 @@ int virNetSocketNewConnectUNIX(const char *path,
|
||||
|
||||
while (retries &&
|
||||
connect(fd, &remoteAddr.data.sa, remoteAddr.len) < 0) {
|
||||
- if (!(spawnDaemon && errno == ENOENT)) {
|
||||
+ if (!(spawnDaemon && (errno == ENOENT ||
|
||||
+ errno == ECONNREFUSED))) {
|
||||
virReportSystemError(errno, _("Failed to connect socket to '%s'"),
|
||||
path);
|
||||
goto cleanup;
|
||||
@@ -1,48 +0,0 @@
|
||||
From: Cole Robinson <crobinso@redhat.com>
|
||||
Date: Mon, 11 Jan 2016 20:01:24 -0500
|
||||
Subject: [PATCH] rpc: socket: Minor cleanups
|
||||
|
||||
- Add some debugging
|
||||
- Make the loop dependent only on retries
|
||||
- Make it explicit that connect(2) success exits the loop
|
||||
- Invert the error checking logic
|
||||
|
||||
(cherry picked from commit f102c7146ed7f6e04af0ad3bce302476239f2502)
|
||||
---
|
||||
src/rpc/virnetsocket.c | 16 ++++++++++++----
|
||||
1 file changed, 12 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
|
||||
index 6153e0e..dcff69e 100644
|
||||
--- a/src/rpc/virnetsocket.c
|
||||
+++ b/src/rpc/virnetsocket.c
|
||||
@@ -548,6 +548,9 @@ int virNetSocketNewConnectUNIX(const char *path,
|
||||
char *rundir = NULL;
|
||||
int ret = -1;
|
||||
|
||||
+ VIR_DEBUG("path=%s spawnDaemon=%d binary=%s", path, spawnDaemon,
|
||||
+ NULLSTR(binary));
|
||||
+
|
||||
memset(&localAddr, 0, sizeof(localAddr));
|
||||
memset(&remoteAddr, 0, sizeof(remoteAddr));
|
||||
|
||||
@@ -608,10 +611,15 @@ int virNetSocketNewConnectUNIX(const char *path,
|
||||
if (remoteAddr.data.un.sun_path[0] == '@')
|
||||
remoteAddr.data.un.sun_path[0] = '\0';
|
||||
|
||||
- while (retries &&
|
||||
- connect(fd, &remoteAddr.data.sa, remoteAddr.len) < 0) {
|
||||
- if (!(spawnDaemon && (errno == ENOENT ||
|
||||
- errno == ECONNREFUSED))) {
|
||||
+ while (retries) {
|
||||
+ if (connect(fd, &remoteAddr.data.sa, remoteAddr.len) == 0) {
|
||||
+ VIR_DEBUG("connect() succeeded");
|
||||
+ break;
|
||||
+ }
|
||||
+ VIR_DEBUG("connect() failed: retries=%d errno=%d", retries, errno);
|
||||
+
|
||||
+ if (!spawnDaemon ||
|
||||
+ (errno != ENOENT && errno != ECONNREFUSED)) {
|
||||
virReportSystemError(errno, _("Failed to connect socket to '%s'"),
|
||||
path);
|
||||
goto cleanup;
|
||||
@@ -1,40 +0,0 @@
|
||||
From: Cole Robinson <crobinso@redhat.com>
|
||||
Date: Mon, 11 Jan 2016 20:08:45 -0500
|
||||
Subject: [PATCH] rpc: socket: Explicitly error if we exceed retry count
|
||||
|
||||
When we autolaunch libvirtd for session URIs, we spin in a retry
|
||||
loop waiting for the daemon to start and the connect(2) to succeed.
|
||||
|
||||
However if we exceed the retry count, we don't explicitly raise an
|
||||
error, which can yield a slew of different error messages elsewhere
|
||||
in the code.
|
||||
|
||||
Explicitly raise the last connect(2) failure if we run out of retries.
|
||||
|
||||
(cherry picked from commit 8da02d528068942303923fc4f935e77cccac9c7c)
|
||||
---
|
||||
src/rpc/virnetsocket.c | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
|
||||
index dcff69e..90951be 100644
|
||||
--- a/src/rpc/virnetsocket.c
|
||||
+++ b/src/rpc/virnetsocket.c
|
||||
@@ -618,7 +618,9 @@ int virNetSocketNewConnectUNIX(const char *path,
|
||||
}
|
||||
VIR_DEBUG("connect() failed: retries=%d errno=%d", retries, errno);
|
||||
|
||||
+ retries--;
|
||||
if (!spawnDaemon ||
|
||||
+ retries == 0 ||
|
||||
(errno != ENOENT && errno != ECONNREFUSED)) {
|
||||
virReportSystemError(errno, _("Failed to connect socket to '%s'"),
|
||||
path);
|
||||
@@ -628,7 +630,6 @@ int virNetSocketNewConnectUNIX(const char *path,
|
||||
if (virNetSocketForkDaemon(binary) < 0)
|
||||
goto cleanup;
|
||||
|
||||
- retries--;
|
||||
usleep(5000);
|
||||
}
|
||||
|
||||
@@ -1,43 +0,0 @@
|
||||
From: Cole Robinson <crobinso@redhat.com>
|
||||
Date: Mon, 11 Jan 2016 20:13:38 -0500
|
||||
Subject: [PATCH] rpc: socket: Don't repeatedly attempt to launch daemon
|
||||
|
||||
On every socket connect(2) attempt we were re-launching session
|
||||
libvirtd, up to 100 times in 5 seconds.
|
||||
|
||||
This understandably caused some weird load races and intermittent
|
||||
qemu:///session startup failures
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1271183
|
||||
(cherry picked from commit 2eb7a975756d05a5b54ab4acf60083beb6161ac6)
|
||||
---
|
||||
src/rpc/virnetsocket.c | 9 +++++++--
|
||||
1 file changed, 7 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
|
||||
index 90951be..2ee4b6e 100644
|
||||
--- a/src/rpc/virnetsocket.c
|
||||
+++ b/src/rpc/virnetsocket.c
|
||||
@@ -547,6 +547,7 @@ int virNetSocketNewConnectUNIX(const char *path,
|
||||
virSocketAddr remoteAddr;
|
||||
char *rundir = NULL;
|
||||
int ret = -1;
|
||||
+ bool daemonLaunched = false;
|
||||
|
||||
VIR_DEBUG("path=%s spawnDaemon=%d binary=%s", path, spawnDaemon,
|
||||
NULLSTR(binary));
|
||||
@@ -627,8 +628,12 @@ int virNetSocketNewConnectUNIX(const char *path,
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
- if (virNetSocketForkDaemon(binary) < 0)
|
||||
- goto cleanup;
|
||||
+ if (!daemonLaunched) {
|
||||
+ if (virNetSocketForkDaemon(binary) < 0)
|
||||
+ goto cleanup;
|
||||
+
|
||||
+ daemonLaunched = true;
|
||||
+ }
|
||||
|
||||
usleep(5000);
|
||||
}
|
||||
@@ -1,57 +0,0 @@
|
||||
From: Jiri Denemark <jdenemar@redhat.com>
|
||||
Date: Fri, 15 Jan 2016 10:55:58 +0100
|
||||
Subject: [PATCH] security: Do not restore kernel and initrd labels
|
||||
|
||||
Kernel/initrd files are essentially read-only shareable images and thus
|
||||
should be handled in the same way. We already use the appropriate label
|
||||
for kernel/initrd files when starting a domain, but when a domain gets
|
||||
destroyed we would remove the labels which would make other running
|
||||
domains using the same files very unhappy.
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=921135
|
||||
|
||||
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
(cherry picked from commit 68acc701bd449481e3206723c25b18fcd3d261b7)
|
||||
---
|
||||
src/security/security_dac.c | 8 --------
|
||||
src/security/security_selinux.c | 8 --------
|
||||
2 files changed, 16 deletions(-)
|
||||
|
||||
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
|
||||
index deb6980..d01215f 100644
|
||||
--- a/src/security/security_dac.c
|
||||
+++ b/src/security/security_dac.c
|
||||
@@ -971,14 +971,6 @@ virSecurityDACRestoreSecurityAllLabel(virSecurityManagerPtr mgr,
|
||||
virSecurityDACRestoreSecurityFileLabel(def->os.loader->nvram) < 0)
|
||||
rc = -1;
|
||||
|
||||
- if (def->os.kernel &&
|
||||
- virSecurityDACRestoreSecurityFileLabel(def->os.kernel) < 0)
|
||||
- rc = -1;
|
||||
-
|
||||
- if (def->os.initrd &&
|
||||
- virSecurityDACRestoreSecurityFileLabel(def->os.initrd) < 0)
|
||||
- rc = -1;
|
||||
-
|
||||
if (def->os.dtb &&
|
||||
virSecurityDACRestoreSecurityFileLabel(def->os.dtb) < 0)
|
||||
rc = -1;
|
||||
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
|
||||
index 6e67a86..2475a80 100644
|
||||
--- a/src/security/security_selinux.c
|
||||
+++ b/src/security/security_selinux.c
|
||||
@@ -1953,14 +1953,6 @@ virSecuritySELinuxRestoreSecurityAllLabel(virSecurityManagerPtr mgr,
|
||||
virSecuritySELinuxRestoreSecurityFileLabel(mgr, def->os.loader->nvram) < 0)
|
||||
rc = -1;
|
||||
|
||||
- if (def->os.kernel &&
|
||||
- virSecuritySELinuxRestoreSecurityFileLabel(mgr, def->os.kernel) < 0)
|
||||
- rc = -1;
|
||||
-
|
||||
- if (def->os.initrd &&
|
||||
- virSecuritySELinuxRestoreSecurityFileLabel(mgr, def->os.initrd) < 0)
|
||||
- rc = -1;
|
||||
-
|
||||
if (def->os.dtb &&
|
||||
virSecuritySELinuxRestoreSecurityFileLabel(mgr, def->os.dtb) < 0)
|
||||
rc = -1;
|
||||
@@ -1,37 +0,0 @@
|
||||
From: Cole Robinson <crobinso@redhat.com>
|
||||
Date: Tue, 15 Mar 2016 17:04:32 -0400
|
||||
Subject: [PATCH] rpc: wait longer for session daemon to start up
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1271183
|
||||
|
||||
We only wait 0.5 seconds for the session daemon to start up and present
|
||||
its socket, which isn't sufficient for many users. Bump up the sleep
|
||||
interval and retry amount so we wait for a total of 5.0 seconds.
|
||||
|
||||
(cherry picked from commit ca0c06f4008154de55e0b3109885facd0bf02d32)
|
||||
---
|
||||
src/rpc/virnetsocket.c | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
|
||||
index 2ee4b6e..275f1f5 100644
|
||||
--- a/src/rpc/virnetsocket.c
|
||||
+++ b/src/rpc/virnetsocket.c
|
||||
@@ -542,7 +542,7 @@ int virNetSocketNewConnectUNIX(const char *path,
|
||||
char *lockpath = NULL;
|
||||
int lockfd = -1;
|
||||
int fd = -1;
|
||||
- int retries = 100;
|
||||
+ int retries = 500;
|
||||
virSocketAddr localAddr;
|
||||
virSocketAddr remoteAddr;
|
||||
char *rundir = NULL;
|
||||
@@ -635,7 +635,7 @@ int virNetSocketNewConnectUNIX(const char *path,
|
||||
daemonLaunched = true;
|
||||
}
|
||||
|
||||
- usleep(5000);
|
||||
+ usleep(10000);
|
||||
}
|
||||
|
||||
localAddr.len = sizeof(localAddr.data);
|
||||
@@ -1,27 +0,0 @@
|
||||
From: Jovanka Gulicoska <jovanka.gulicoska@gmail.com>
|
||||
Date: Thu, 17 Mar 2016 20:02:20 +0100
|
||||
Subject: [PATCH] driver: log missing modules as INFO, not WARN
|
||||
|
||||
Missing modules is a common expected scenario for most libvirt usage on
|
||||
RPM distributions like Fedora, so it doesn't really warrant logging at
|
||||
WARN level. Use INFO instead
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1274849
|
||||
(cherry picked from commit 9a0c7f5f834185db9017c34aabc03ad99cf37bed)
|
||||
---
|
||||
src/driver.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/driver.c b/src/driver.c
|
||||
index db03438..f926fe4 100644
|
||||
--- a/src/driver.c
|
||||
+++ b/src/driver.c
|
||||
@@ -62,7 +62,7 @@ virDriverLoadModule(const char *name)
|
||||
return NULL;
|
||||
|
||||
if (access(modfile, R_OK) < 0) {
|
||||
- VIR_WARN("Module %s not accessible", modfile);
|
||||
+ VIR_INFO("Module %s not accessible", modfile);
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
@@ -1,126 +0,0 @@
|
||||
From: Cole Robinson <crobinso@redhat.com>
|
||||
Date: Tue, 28 Apr 2015 17:38:00 -0400
|
||||
Subject: [PATCH] polkit: Allow password-less access for 'libvirt' group
|
||||
|
||||
Many users, who admin their own machines, want to be able to access
|
||||
system libvirtd via tools like virt-manager without having to enter
|
||||
a root password. Just google 'virt-manager without password' and
|
||||
you'll find many hits. I've read at least 5 blog posts over the years
|
||||
describing slightly different ways of achieving this goal.
|
||||
|
||||
Let's finally add official support for this.
|
||||
|
||||
Install a polkit-1 rules file granting password-less auth for any user
|
||||
in the new 'libvirt' group. Create the group on RPM install
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=957300
|
||||
(cherry picked from commit e94979e901517af9fdde358d7b7c92cc055dd50c)
|
||||
---
|
||||
daemon/Makefile.am | 13 +++++++++++++
|
||||
daemon/libvirt.rules | 9 +++++++++
|
||||
libvirt.spec.in | 15 +++++++++++++--
|
||||
3 files changed, 35 insertions(+), 2 deletions(-)
|
||||
create mode 100644 daemon/libvirt.rules
|
||||
|
||||
diff --git a/daemon/Makefile.am b/daemon/Makefile.am
|
||||
index b95a79d..9c5ea37 100644
|
||||
--- a/daemon/Makefile.am
|
||||
+++ b/daemon/Makefile.am
|
||||
@@ -53,6 +53,7 @@ EXTRA_DIST = \
|
||||
libvirtd.init.in \
|
||||
libvirtd.upstart \
|
||||
libvirtd.policy.in \
|
||||
+ libvirt.rules \
|
||||
libvirtd.sasl \
|
||||
libvirtd.service.in \
|
||||
libvirtd.socket.in \
|
||||
@@ -233,6 +234,8 @@ policyauth = auth_admin_keep_session
|
||||
else ! WITH_POLKIT0
|
||||
policydir = $(datadir)/polkit-1/actions
|
||||
policyauth = auth_admin_keep
|
||||
+rulesdir = $(datadir)/polkit-1/rules.d
|
||||
+rulesfile = libvirt.rules
|
||||
endif ! WITH_POLKIT0
|
||||
endif WITH_POLKIT
|
||||
|
||||
@@ -263,9 +266,19 @@ if WITH_POLKIT
|
||||
install-data-polkit::
|
||||
$(MKDIR_P) $(DESTDIR)$(policydir)
|
||||
$(INSTALL_DATA) libvirtd.policy $(DESTDIR)$(policydir)/org.libvirt.unix.policy
|
||||
+if ! WITH_POLKIT0
|
||||
+ $(MKDIR_P) $(DESTDIR)$(rulesdir)
|
||||
+ $(INSTALL_DATA) $(srcdir)/$(rulesfile) $(DESTDIR)$(rulesdir)/50-libvirt.rules
|
||||
+endif ! WITH_POLKIT0
|
||||
+
|
||||
uninstall-data-polkit::
|
||||
rm -f $(DESTDIR)$(policydir)/org.libvirt.unix.policy
|
||||
rmdir $(DESTDIR)$(policydir) || :
|
||||
+if ! WITH_POLKIT0
|
||||
+ rm -f $(DESTDIR)$(rulesdir)/50-libvirt.rules
|
||||
+ rmdir $(DESTDIR)$(rulesdir) || :
|
||||
+endif ! WITH_POLKIT0
|
||||
+
|
||||
else ! WITH_POLKIT
|
||||
install-data-polkit::
|
||||
uninstall-data-polkit::
|
||||
diff --git a/daemon/libvirt.rules b/daemon/libvirt.rules
|
||||
new file mode 100644
|
||||
index 0000000..01a15fa
|
||||
--- /dev/null
|
||||
+++ b/daemon/libvirt.rules
|
||||
@@ -0,0 +1,9 @@
|
||||
+// Allow any user in the 'libvirt' group to connect to system libvirtd
|
||||
+// without entering a password.
|
||||
+
|
||||
+polkit.addRule(function(action, subject) {
|
||||
+ if (action.id == "org.libvirt.unix.manage" &&
|
||||
+ subject.isInGroup("libvirt")) {
|
||||
+ return polkit.Result.YES;
|
||||
+ }
|
||||
+});
|
||||
diff --git a/libvirt.spec.in b/libvirt.spec.in
|
||||
index dc327a2..a23629d 100644
|
||||
--- a/libvirt.spec.in
|
||||
+++ b/libvirt.spec.in
|
||||
@@ -1631,9 +1631,9 @@ then
|
||||
fi
|
||||
|
||||
%if %{with_libvirtd}
|
||||
+%pre daemon
|
||||
%if ! %{with_driver_modules}
|
||||
%if %{with_qemu}
|
||||
-%pre daemon
|
||||
%if 0%{?fedora} || 0%{?rhel} >= 6
|
||||
# We want soft static allocation of well-known ids, as disk images
|
||||
# are commonly shared across NFS mounts by id rather than name; see
|
||||
@@ -1647,11 +1647,21 @@ if ! getent passwd qemu >/dev/null; then
|
||||
useradd -r -g qemu -G kvm -d / -s /sbin/nologin -c "qemu user" qemu
|
||||
fi
|
||||
fi
|
||||
-exit 0
|
||||
%endif
|
||||
%endif
|
||||
%endif
|
||||
|
||||
+ %if %{with_polkit}
|
||||
+ %if 0%{?fedora} || 0%{?rhel} >= 6
|
||||
+# 'libvirt' group is just to allow password-less polkit access to
|
||||
+# libvirtd. The uid number is irrelevant, so we use dynamic allocation
|
||||
+# described at the above link.
|
||||
+getent group libvirt >/dev/null || groupadd -r libvirt
|
||||
+ %endif
|
||||
+ %endif
|
||||
+
|
||||
+exit 0
|
||||
+
|
||||
%post daemon
|
||||
|
||||
%if %{with_systemd}
|
||||
@@ -1925,6 +1935,7 @@ exit 0
|
||||
%if 0%{?fedora} || 0%{?rhel} >= 6
|
||||
%{_datadir}/polkit-1/actions/org.libvirt.unix.policy
|
||||
%{_datadir}/polkit-1/actions/org.libvirt.api.policy
|
||||
+%{_datadir}/polkit-1/rules.d/50-libvirt.rules
|
||||
%else
|
||||
%{_datadir}/PolicyKit/policy/org.libvirt.unix.policy
|
||||
%endif
|
||||
@@ -4,7 +4,7 @@ NAME := libvirt
|
||||
SPECFILE = $(firstword $(wildcard *.spec))
|
||||
|
||||
define find-makefile-common
|
||||
for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
|
||||
for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
|
||||
endef
|
||||
|
||||
MAKEFILE_COMMON := $(shell $(find-makefile-common))
|
||||
|
||||
@@ -0,0 +1,48 @@
|
||||
diff -rup libvirt-0.4.1.orig/qemud/qemud.c libvirt-0.4.1.new/qemud/qemud.c
|
||||
--- libvirt-0.4.1.orig/qemud/qemud.c 2008-03-10 17:31:09.000000000 -0400
|
||||
+++ libvirt-0.4.1.new/qemud/qemud.c 2008-03-10 17:31:36.000000000 -0400
|
||||
@@ -393,7 +393,7 @@ static int qemudGoDaemon(void) {
|
||||
case -1:
|
||||
return -1;
|
||||
default:
|
||||
- return nextpid;
|
||||
+ _exit(0);
|
||||
}
|
||||
|
||||
cleanup:
|
||||
@@ -418,8 +418,7 @@ static int qemudGoDaemon(void) {
|
||||
status != 0) {
|
||||
return -1;
|
||||
}
|
||||
-
|
||||
- return pid;
|
||||
+ _exit(0);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -2116,16 +2115,12 @@ int main(int argc, char **argv) {
|
||||
goto error1;
|
||||
|
||||
if (godaemon) {
|
||||
- int pid;
|
||||
openlog("libvirtd", 0, 0);
|
||||
- pid = qemudGoDaemon();
|
||||
- if (pid < 0) {
|
||||
+ if (qemudGoDaemon() < 0) {
|
||||
qemudLog(QEMUD_ERR, _("Failed to fork as daemon: %s"),
|
||||
strerror(errno));
|
||||
goto error1;
|
||||
}
|
||||
- if (pid > 0)
|
||||
- goto out;
|
||||
|
||||
/* Choose the name of the PID file. */
|
||||
if (!pid_file) {
|
||||
@@ -2172,7 +2167,6 @@ int main(int argc, char **argv) {
|
||||
if (godaemon)
|
||||
closelog();
|
||||
|
||||
- out:
|
||||
ret = 0;
|
||||
|
||||
error2:
|
||||
@@ -0,0 +1,400 @@
|
||||
diff -rup libvirt-0.4.1.orig/configure.in libvirt-0.4.1.new/configure.in
|
||||
--- libvirt-0.4.1.orig/configure.in 2008-03-03 09:14:19.000000000 -0500
|
||||
+++ libvirt-0.4.1.new/configure.in 2008-04-03 15:37:49.000000000 -0400
|
||||
@@ -450,10 +450,6 @@ if test "x$with_polkit" = "xyes" -o "x$w
|
||||
CFLAGS="$old_CFLAGS"
|
||||
LDFLAGS="$old_LDFLAGS"
|
||||
|
||||
- AC_PATH_PROG(POLKIT_GRANT, polkit-grant)
|
||||
- if test "x$POLKIT_GRANT" != "x"; then
|
||||
- AC_DEFINE_UNQUOTED([POLKIT_GRANT],["$POLKIT_GRANT"],[Location of polkit-grant program])
|
||||
- fi
|
||||
AC_PATH_PROG(POLKIT_AUTH, polkit-auth)
|
||||
if test "x$POLKIT_AUTH" != "x"; then
|
||||
AC_DEFINE_UNQUOTED([POLKIT_AUTH],["$POLKIT_AUTH"],[Location of polkit-auth program])
|
||||
diff -rup libvirt-0.4.1.orig/qemud/internal.h libvirt-0.4.1.new/qemud/internal.h
|
||||
--- libvirt-0.4.1.orig/qemud/internal.h 2008-01-24 12:07:43.000000000 -0500
|
||||
+++ libvirt-0.4.1.new/qemud/internal.h 2008-04-03 15:38:03.000000000 -0400
|
||||
@@ -179,6 +179,9 @@ void qemudLog(int priority, const char *
|
||||
void remoteDispatchClientRequest (struct qemud_server *server,
|
||||
struct qemud_client *client);
|
||||
|
||||
+#if HAVE_POLKIT
|
||||
+int qemudGetSocketIdentity(int fd, uid_t *uid, pid_t *pid);
|
||||
+#endif
|
||||
|
||||
#endif
|
||||
|
||||
diff -rup libvirt-0.4.1.orig/qemud/qemud.c libvirt-0.4.1.new/qemud/qemud.c
|
||||
--- libvirt-0.4.1.orig/qemud/qemud.c 2008-04-03 15:39:15.000000000 -0400
|
||||
+++ libvirt-0.4.1.new/qemud/qemud.c 2008-04-03 15:38:03.000000000 -0400
|
||||
@@ -1040,6 +1040,28 @@ remoteCheckAccess (struct qemud_client *
|
||||
return 0;
|
||||
}
|
||||
|
||||
+#if HAVE_POLKIT
|
||||
+int qemudGetSocketIdentity(int fd, uid_t *uid, pid_t *pid) {
|
||||
+#ifdef SO_PEERCRED
|
||||
+ struct ucred cr;
|
||||
+ unsigned int cr_len = sizeof (cr);
|
||||
+
|
||||
+ if (getsockopt (fd, SOL_SOCKET, SO_PEERCRED, &cr, &cr_len) < 0) {
|
||||
+ qemudLog(QEMUD_ERR, _("Failed to verify client credentials: %s"),
|
||||
+ strerror(errno));
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ *pid = cr.pid;
|
||||
+ *uid = cr.uid;
|
||||
+#else
|
||||
+ /* XXX Many more OS support UNIX socket credentials we could port to. See dbus ....*/
|
||||
+#error "UNIX socket credentials not supported/implemented on this platform yet..."
|
||||
+#endif
|
||||
+ return 0;
|
||||
+}
|
||||
+#endif
|
||||
+
|
||||
static int qemudDispatchServer(struct qemud_server *server, struct qemud_socket *sock) {
|
||||
int fd;
|
||||
struct sockaddr_storage addr;
|
||||
@@ -1075,6 +1097,26 @@ static int qemudDispatchServer(struct qe
|
||||
memcpy (&client->addr, &addr, sizeof addr);
|
||||
client->addrlen = addrlen;
|
||||
|
||||
+#if HAVE_POLKIT
|
||||
+ /* Only do policy checks for non-root - allow root user
|
||||
+ through with no checks, as a fail-safe - root can easily
|
||||
+ change policykit policy anyway, so its pointless trying
|
||||
+ to restrict root */
|
||||
+ if (client->auth == REMOTE_AUTH_POLKIT) {
|
||||
+ uid_t uid;
|
||||
+ pid_t pid;
|
||||
+
|
||||
+ if (qemudGetSocketIdentity(client->fd, &uid, &pid) < 0)
|
||||
+ goto cleanup;
|
||||
+
|
||||
+ /* Cient is running as root, so disable auth */
|
||||
+ if (uid == 0) {
|
||||
+ qemudLog(QEMUD_INFO, _("Turn off polkit auth for privileged client %d"), pid);
|
||||
+ client->auth = REMOTE_AUTH_NONE;
|
||||
+ }
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
if (client->type != QEMUD_SOCK_TYPE_TLS) {
|
||||
client->mode = QEMUD_MODE_RX_HEADER;
|
||||
client->bufferLength = REMOTE_MESSAGE_HEADER_XDR_LEN;
|
||||
diff -rup libvirt-0.4.1.orig/qemud/remote.c libvirt-0.4.1.new/qemud/remote.c
|
||||
--- libvirt-0.4.1.orig/qemud/remote.c 2008-02-29 11:23:17.000000000 -0500
|
||||
+++ libvirt-0.4.1.new/qemud/remote.c 2008-04-03 15:38:03.000000000 -0400
|
||||
@@ -2564,27 +2564,6 @@ remoteDispatchAuthSaslStep (struct qemud
|
||||
|
||||
|
||||
#if HAVE_POLKIT
|
||||
-static int qemudGetSocketIdentity(int fd, uid_t *uid, pid_t *pid) {
|
||||
-#ifdef SO_PEERCRED
|
||||
- struct ucred cr;
|
||||
- unsigned int cr_len = sizeof (cr);
|
||||
-
|
||||
- if (getsockopt (fd, SOL_SOCKET, SO_PEERCRED, &cr, &cr_len) < 0) {
|
||||
- qemudLog(QEMUD_ERR, _("Failed to verify client credentials: %s"),
|
||||
- strerror(errno));
|
||||
- return -1;
|
||||
- }
|
||||
-
|
||||
- *pid = cr.pid;
|
||||
- *uid = cr.uid;
|
||||
-#else
|
||||
- /* XXX Many more OS support UNIX socket credentials we could port to. See dbus ....*/
|
||||
-#error "UNIX socket credentials not supported/implemented on this platform yet..."
|
||||
-#endif
|
||||
- return 0;
|
||||
-}
|
||||
-
|
||||
-
|
||||
static int
|
||||
remoteDispatchAuthPolkit (struct qemud_server *server ATTRIBUTE_UNUSED,
|
||||
struct qemud_client *client,
|
||||
@@ -2594,6 +2573,15 @@ remoteDispatchAuthPolkit (struct qemud_s
|
||||
{
|
||||
pid_t callerPid;
|
||||
uid_t callerUid;
|
||||
+ PolKitCaller *pkcaller = NULL;
|
||||
+ PolKitAction *pkaction = NULL;
|
||||
+ PolKitContext *pkcontext = NULL;
|
||||
+ PolKitError *pkerr = NULL;
|
||||
+ PolKitResult pkresult;
|
||||
+ DBusError err;
|
||||
+ const char *action = client->readonly ?
|
||||
+ "org.libvirt.unix.monitor" :
|
||||
+ "org.libvirt.unix.manage";
|
||||
|
||||
REMOTE_DEBUG("Start PolicyKit auth %d", client->fd);
|
||||
if (client->auth != REMOTE_AUTH_POLKIT) {
|
||||
@@ -2609,98 +2597,78 @@ remoteDispatchAuthPolkit (struct qemud_s
|
||||
return -2;
|
||||
}
|
||||
|
||||
- /* Only do policy checks for non-root - allow root user
|
||||
- through with no checks, as a fail-safe - root can easily
|
||||
- change policykit policy anyway, so its pointless trying
|
||||
- to restrict root */
|
||||
- if (callerUid == 0) {
|
||||
- qemudLog(QEMUD_INFO, _("Allowing PID %d running as root"), callerPid);
|
||||
- ret->complete = 1;
|
||||
- client->auth = REMOTE_AUTH_NONE;
|
||||
- } else {
|
||||
- PolKitCaller *pkcaller = NULL;
|
||||
- PolKitAction *pkaction = NULL;
|
||||
- PolKitContext *pkcontext = NULL;
|
||||
- PolKitError *pkerr = NULL;
|
||||
- PolKitResult pkresult;
|
||||
- DBusError err;
|
||||
- const char *action = client->readonly ?
|
||||
- "org.libvirt.unix.monitor" :
|
||||
- "org.libvirt.unix.manage";
|
||||
-
|
||||
- qemudLog(QEMUD_INFO, _("Checking PID %d running as %d"),
|
||||
- callerPid, callerUid);
|
||||
- dbus_error_init(&err);
|
||||
- if (!(pkcaller = polkit_caller_new_from_pid(server->sysbus,
|
||||
- callerPid, &err))) {
|
||||
- qemudLog(QEMUD_ERR, _("Failed to lookup policy kit caller: %s"),
|
||||
- err.message);
|
||||
- dbus_error_free(&err);
|
||||
- remoteDispatchFailAuth(client, req);
|
||||
- return -2;
|
||||
- }
|
||||
-
|
||||
- if (!(pkaction = polkit_action_new())) {
|
||||
- qemudLog(QEMUD_ERR, _("Failed to create polkit action %s\n"),
|
||||
- strerror(errno));
|
||||
- polkit_caller_unref(pkcaller);
|
||||
- remoteDispatchFailAuth(client, req);
|
||||
- return -2;
|
||||
- }
|
||||
- polkit_action_set_action_id(pkaction, action);
|
||||
-
|
||||
- if (!(pkcontext = polkit_context_new()) ||
|
||||
- !polkit_context_init(pkcontext, &pkerr)) {
|
||||
- qemudLog(QEMUD_ERR, _("Failed to create polkit context %s\n"),
|
||||
- (pkerr ? polkit_error_get_error_message(pkerr)
|
||||
- : strerror(errno)));
|
||||
- if (pkerr)
|
||||
- polkit_error_free(pkerr);
|
||||
- polkit_caller_unref(pkcaller);
|
||||
- polkit_action_unref(pkaction);
|
||||
- dbus_error_free(&err);
|
||||
- remoteDispatchFailAuth(client, req);
|
||||
- return -2;
|
||||
- }
|
||||
+ qemudLog(QEMUD_INFO, _("Checking PID %d running as %d"),
|
||||
+ callerPid, callerUid);
|
||||
+ dbus_error_init(&err);
|
||||
+ if (!(pkcaller = polkit_caller_new_from_pid(server->sysbus,
|
||||
+ callerPid, &err))) {
|
||||
+ qemudLog(QEMUD_ERR, _("Failed to lookup policy kit caller: %s"),
|
||||
+ err.message);
|
||||
+ dbus_error_free(&err);
|
||||
+ remoteDispatchFailAuth(client, req);
|
||||
+ return -2;
|
||||
+ }
|
||||
+
|
||||
+ if (!(pkaction = polkit_action_new())) {
|
||||
+ qemudLog(QEMUD_ERR, _("Failed to create polkit action %s\n"),
|
||||
+ strerror(errno));
|
||||
+ polkit_caller_unref(pkcaller);
|
||||
+ remoteDispatchFailAuth(client, req);
|
||||
+ return -2;
|
||||
+ }
|
||||
+ polkit_action_set_action_id(pkaction, action);
|
||||
+
|
||||
+ if (!(pkcontext = polkit_context_new()) ||
|
||||
+ !polkit_context_init(pkcontext, &pkerr)) {
|
||||
+ qemudLog(QEMUD_ERR, _("Failed to create polkit context %s\n"),
|
||||
+ (pkerr ? polkit_error_get_error_message(pkerr)
|
||||
+ : strerror(errno)));
|
||||
+ if (pkerr)
|
||||
+ polkit_error_free(pkerr);
|
||||
+ polkit_caller_unref(pkcaller);
|
||||
+ polkit_action_unref(pkaction);
|
||||
+ dbus_error_free(&err);
|
||||
+ remoteDispatchFailAuth(client, req);
|
||||
+ return -2;
|
||||
+ }
|
||||
|
||||
#if HAVE_POLKIT_CONTEXT_IS_CALLER_AUTHORIZED
|
||||
- pkresult = polkit_context_is_caller_authorized(pkcontext,
|
||||
- pkaction,
|
||||
- pkcaller,
|
||||
- 0,
|
||||
- &pkerr);
|
||||
- if (pkerr && polkit_error_is_set(pkerr)) {
|
||||
- qemudLog(QEMUD_ERR,
|
||||
- _("Policy kit failed to check authorization %d %s"),
|
||||
- polkit_error_get_error_code(pkerr),
|
||||
- polkit_error_get_error_message(pkerr));
|
||||
- remoteDispatchFailAuth(client, req);
|
||||
- return -2;
|
||||
- }
|
||||
+ pkresult = polkit_context_is_caller_authorized(pkcontext,
|
||||
+ pkaction,
|
||||
+ pkcaller,
|
||||
+ 0,
|
||||
+ &pkerr);
|
||||
+ if (pkerr && polkit_error_is_set(pkerr)) {
|
||||
+ qemudLog(QEMUD_ERR,
|
||||
+ _("Policy kit failed to check authorization %d %s"),
|
||||
+ polkit_error_get_error_code(pkerr),
|
||||
+ polkit_error_get_error_message(pkerr));
|
||||
+ remoteDispatchFailAuth(client, req);
|
||||
+ return -2;
|
||||
+ }
|
||||
#else
|
||||
- pkresult = polkit_context_can_caller_do_action(pkcontext,
|
||||
- pkaction,
|
||||
- pkcaller);
|
||||
+ pkresult = polkit_context_can_caller_do_action(pkcontext,
|
||||
+ pkaction,
|
||||
+ pkcaller);
|
||||
#endif
|
||||
- polkit_context_unref(pkcontext);
|
||||
- polkit_caller_unref(pkcaller);
|
||||
- polkit_action_unref(pkaction);
|
||||
- if (pkresult != POLKIT_RESULT_YES) {
|
||||
- qemudLog(QEMUD_ERR,
|
||||
- _("Policy kit denied action %s from pid %d, uid %d,"
|
||||
- " result: %s\n"),
|
||||
- action, callerPid, callerUid,
|
||||
- polkit_result_to_string_representation(pkresult));
|
||||
- remoteDispatchFailAuth(client, req);
|
||||
- return -2;
|
||||
- }
|
||||
- qemudLog(QEMUD_INFO,
|
||||
- _("Policy allowed action %s from pid %d, uid %d, result %s"),
|
||||
+ polkit_context_unref(pkcontext);
|
||||
+ polkit_caller_unref(pkcaller);
|
||||
+ polkit_action_unref(pkaction);
|
||||
+ if (pkresult != POLKIT_RESULT_YES) {
|
||||
+ qemudLog(QEMUD_ERR,
|
||||
+ _("Policy kit denied action %s from pid %d, uid %d,"
|
||||
+ " result: %s\n"),
|
||||
action, callerPid, callerUid,
|
||||
polkit_result_to_string_representation(pkresult));
|
||||
- ret->complete = 1;
|
||||
- client->auth = REMOTE_AUTH_NONE;
|
||||
+ remoteDispatchFailAuth(client, req);
|
||||
+ return -2;
|
||||
}
|
||||
+ qemudLog(QEMUD_INFO,
|
||||
+ _("Policy allowed action %s from pid %d, uid %d, result %s"),
|
||||
+ action, callerPid, callerUid,
|
||||
+ polkit_result_to_string_representation(pkresult));
|
||||
+ ret->complete = 1;
|
||||
+ client->auth = REMOTE_AUTH_NONE;
|
||||
|
||||
return 0;
|
||||
}
|
||||
diff -rup libvirt-0.4.1.orig/src/libvirt.c libvirt-0.4.1.new/src/libvirt.c
|
||||
--- libvirt-0.4.1.orig/src/libvirt.c 2008-02-26 10:37:43.000000000 -0500
|
||||
+++ libvirt-0.4.1.new/src/libvirt.c 2008-04-03 15:38:47.000000000 -0400
|
||||
@@ -19,6 +19,9 @@
|
||||
#include <sys/stat.h>
|
||||
#include <unistd.h>
|
||||
#include <assert.h>
|
||||
+#ifdef HAVE_SYS_WAIT_H
|
||||
+#include <sys/wait.h>
|
||||
+#endif
|
||||
|
||||
#include <libxml/parser.h>
|
||||
#include <libxml/xpath.h>
|
||||
@@ -66,6 +69,39 @@ static int initialized = 0;
|
||||
int debugFlag = 0;
|
||||
#endif
|
||||
|
||||
+#if defined(POLKIT_AUTH)
|
||||
+static int virConnectAuthGainPolkit(const char *privilege) {
|
||||
+ const char *const args[] = {
|
||||
+ POLKIT_AUTH, "--obtain", privilege, NULL
|
||||
+ };
|
||||
+ int childpid, status, ret;
|
||||
+
|
||||
+ /* Root has all rights */
|
||||
+ if (getuid() == 0)
|
||||
+ return 0;
|
||||
+
|
||||
+ if ((childpid = fork()) < 0)
|
||||
+ return -1;
|
||||
+
|
||||
+ if (!childpid) {
|
||||
+ execvp(args[0], (char **)args);
|
||||
+ _exit(-1);
|
||||
+ }
|
||||
+
|
||||
+ while ((ret = waitpid(childpid, &status, 0) == -1) && errno == EINTR);
|
||||
+ if (ret == -1) {
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ if (!WIFEXITED(status) ||
|
||||
+ (WEXITSTATUS(status) != 0 && WEXITSTATUS(status) != 1)) {
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+#endif
|
||||
+
|
||||
static int virConnectAuthCallbackDefault(virConnectCredentialPtr cred,
|
||||
unsigned int ncred,
|
||||
void *cbdata ATTRIBUTE_UNUSED) {
|
||||
@@ -77,28 +113,25 @@ static int virConnectAuthCallbackDefault
|
||||
size_t len;
|
||||
|
||||
switch (cred[i].type) {
|
||||
-#if defined(POLKIT_GRANT) || defined(POLKIT_AUTH)
|
||||
case VIR_CRED_EXTERNAL: {
|
||||
int ret;
|
||||
- const char *const args[] = {
|
||||
-#if defined(POLKIT_GRANT)
|
||||
- POLKIT_GRANT, "--gain", cred[i].prompt, NULL
|
||||
-#else
|
||||
- POLKIT_AUTH, "--obtain", cred[i].prompt, NULL
|
||||
-#endif
|
||||
- };
|
||||
-
|
||||
if (STRNEQ(cred[i].challenge, "PolicyKit"))
|
||||
return -1;
|
||||
- if (virRun(NULL, (char **) args, &ret) < 0)
|
||||
- return -1;
|
||||
|
||||
- if (!WIFEXITED(ret) ||
|
||||
- (WEXITSTATUS(ret) != 0 && WEXITSTATUS(ret) != 1))
|
||||
+#if defined(POLKIT_AUTH)
|
||||
+ if (virConnectAuthGainPolkit(cred[i].prompt) < 0)
|
||||
return -1;
|
||||
+#else
|
||||
+ /*
|
||||
+ * Ignore & carry on. Although we can't auth
|
||||
+ * directly, the user may have authenticated
|
||||
+ * themselves already outside context of libvirt
|
||||
+ */
|
||||
+#endif
|
||||
+
|
||||
break;
|
||||
}
|
||||
-#endif
|
||||
+
|
||||
case VIR_CRED_USERNAME:
|
||||
case VIR_CRED_AUTHNAME:
|
||||
case VIR_CRED_ECHOPROMPT:
|
||||
@@ -158,9 +191,7 @@ static int virConnectCredTypeDefault[] =
|
||||
VIR_CRED_REALM,
|
||||
VIR_CRED_PASSPHRASE,
|
||||
VIR_CRED_NOECHOPROMPT,
|
||||
-#if defined(POLKIT_AUTH) || defined(POLKIT_GRANT)
|
||||
VIR_CRED_EXTERNAL,
|
||||
-#endif
|
||||
};
|
||||
|
||||
static virConnectAuth virConnectAuthDefault = {
|
||||
@@ -0,0 +1,128 @@
|
||||
commit 570fd656d1b67e5d02f52e107946930257e811a7
|
||||
Author: Daniel Veillard <veillard@redhat.com>
|
||||
Date: Thu Mar 13 09:17:45 2008 +0000
|
||||
|
||||
* src/qemu_conf.c src/qemu_driver.c: patch from Cole Robinson
|
||||
fixing CD Rom change on live QEmu/KVM domains.
|
||||
Daniel
|
||||
|
||||
diff --git a/src/qemu_conf.c b/src/qemu_conf.c
|
||||
index e54da5b..ebbd251 100644
|
||||
--- a/src/qemu_conf.c
|
||||
+++ b/src/qemu_conf.c
|
||||
@@ -594,9 +594,16 @@ static int qemudParseDiskXML(virConnectPtr conn,
|
||||
}
|
||||
|
||||
if (source == NULL) {
|
||||
- qemudReportError(conn, NULL, NULL, VIR_ERR_NO_SOURCE, target ? "%s" : NULL, target);
|
||||
- goto error;
|
||||
+ /* There is a case without the source
|
||||
+ * to the CD-ROM device
|
||||
+ */
|
||||
+ if (!device || STRNEQ((const char *) device, "cdrom")) {
|
||||
+ qemudReportError(conn, NULL, NULL, VIR_ERR_NO_SOURCE,
|
||||
+ target ? "%s" : NULL, target);
|
||||
+ goto error;
|
||||
+ }
|
||||
}
|
||||
+
|
||||
if (target == NULL) {
|
||||
qemudReportError(conn, NULL, NULL, VIR_ERR_NO_TARGET, source ? "%s" : NULL, source);
|
||||
goto error;
|
||||
@@ -630,7 +637,7 @@ static int qemudParseDiskXML(virConnectPtr conn,
|
||||
goto error;
|
||||
}
|
||||
|
||||
- strncpy(disk->src, (const char *)source, NAME_MAX-1);
|
||||
+ strncpy(disk->src, (source ? (const char *) source : "\0"), NAME_MAX-1);
|
||||
disk->src[NAME_MAX-1] = '\0';
|
||||
|
||||
strncpy(disk->dst, (const char *)target, NAME_MAX-1);
|
||||
@@ -1747,9 +1754,15 @@ int qemudBuildCommandLine(virConnectPtr conn,
|
||||
char dev[NAME_MAX];
|
||||
char file[PATH_MAX];
|
||||
if (!strcmp(disk->dst, "hdc") &&
|
||||
- disk->device == QEMUD_DISK_CDROM)
|
||||
- snprintf(dev, NAME_MAX, "-%s", "cdrom");
|
||||
- else
|
||||
+ disk->device == QEMUD_DISK_CDROM) {
|
||||
+ if (disk->src[0])
|
||||
+ snprintf(dev, NAME_MAX, "-%s", "cdrom");
|
||||
+ else {
|
||||
+ /* Don't put anything on the cmdline for an empty cdrom*/
|
||||
+ disk = disk->next;
|
||||
+ continue;
|
||||
+ }
|
||||
+ } else
|
||||
snprintf(dev, NAME_MAX, "-%s", disk->dst);
|
||||
snprintf(file, PATH_MAX, "%s", disk->src);
|
||||
|
||||
@@ -2906,8 +2919,10 @@ char *qemudGenerateXML(virConnectPtr conn,
|
||||
types[disk->type], devices[disk->device]) < 0)
|
||||
goto no_memory;
|
||||
|
||||
- if (virBufferVSprintf(buf, " <source %s='%s'/>\n", typeAttrs[disk->type], disk->src) < 0)
|
||||
- goto no_memory;
|
||||
+ if (disk->src[0])
|
||||
+ if (virBufferVSprintf(buf, " <source %s='%s'/>\n",
|
||||
+ typeAttrs[disk->type], disk->src) < 0)
|
||||
+ goto no_memory;
|
||||
|
||||
if (virBufferVSprintf(buf, " <target dev='%s'/>\n", disk->dst) < 0)
|
||||
goto no_memory;
|
||||
diff --git a/src/qemu_driver.c b/src/qemu_driver.c
|
||||
index 21f0fed..2b4c2a6 100644
|
||||
--- a/src/qemu_driver.c
|
||||
+++ b/src/qemu_driver.c
|
||||
@@ -2223,23 +2223,29 @@ static int qemudDomainChangeCDROM(virDomainPtr dom,
|
||||
struct qemud_driver *driver = (struct qemud_driver *)dom->conn->privateData;
|
||||
char *cmd, *reply, *safe_path;
|
||||
|
||||
- /* Migrate to file */
|
||||
- safe_path = qemudEscapeMonitorArg(newdisk->src);
|
||||
- if (!safe_path) {
|
||||
- qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED,
|
||||
- "out of memory");
|
||||
- return -1;
|
||||
- }
|
||||
- if (asprintf (&cmd, "change %s \"%s\"",
|
||||
- /* XXX qemu may support multiple CDROM in future */
|
||||
- /* olddisk->dst */ "cdrom",
|
||||
- safe_path) == -1) {
|
||||
+ if (newdisk->src[0]) {
|
||||
+ safe_path = qemudEscapeMonitorArg(newdisk->src);
|
||||
+ if (!safe_path) {
|
||||
+ qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED,
|
||||
+ "out of memory");
|
||||
+ return -1;
|
||||
+ }
|
||||
+ if (asprintf (&cmd, "change %s \"%s\"",
|
||||
+ /* XXX qemu may support multiple CDROM in future */
|
||||
+ /* olddisk->dst */ "cdrom",
|
||||
+ safe_path) == -1) {
|
||||
+ qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED,
|
||||
+ "out of memory");
|
||||
+ free(safe_path);
|
||||
+ return -1;
|
||||
+ }
|
||||
+ free(safe_path);
|
||||
+
|
||||
+ } else if (asprintf(&cmd, "eject cdrom") == -1) {
|
||||
qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED,
|
||||
"out of memory");
|
||||
- free(safe_path);
|
||||
return -1;
|
||||
}
|
||||
- free(safe_path);
|
||||
|
||||
if (qemudMonitorCommand(driver, vm, cmd, &reply) < 0) {
|
||||
qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED, "cannot change cdrom media");
|
||||
@@ -2248,7 +2254,7 @@ static int qemudDomainChangeCDROM(virDomainPtr dom,
|
||||
}
|
||||
free(reply);
|
||||
free(cmd);
|
||||
- strcpy(olddisk->dst, newdisk->dst);
|
||||
+ strcpy(olddisk->src, newdisk->src);
|
||||
olddisk->type = newdisk->type;
|
||||
return 0;
|
||||
}
|
||||
@@ -0,0 +1,38 @@
|
||||
|
||||
Avoid segfault upon early libvirtd failure.
|
||||
* qemud/qemud.c (main): Don't call qemudCleanup on an
|
||||
uninitialized pointer.
|
||||
|
||||
By the way, even though this evoked a warning from gcc,
|
||||
"make distcheck" passes. Obviously, that means the distcheck
|
||||
rule is inadequate. I'll fix it so that it turns on -Werror
|
||||
for the final build.
|
||||
|
||||
Signed-off-by: Jim Meyering <meyering@redhat.com>
|
||||
---
|
||||
qemud/qemud.c | 5 +++--
|
||||
1 files changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/qemud/qemud.c b/qemud/qemud.c
|
||||
index 96fdf32..b6b82ed 100644
|
||||
--- a/qemud/qemud.c
|
||||
+++ b/qemud/qemud.c
|
||||
@@ -2025,7 +2025,7 @@ libvirt management daemon:\n\
|
||||
|
||||
#define MAX_LISTEN 5
|
||||
int main(int argc, char **argv) {
|
||||
- struct qemud_server *server;
|
||||
+ struct qemud_server *server = NULL;
|
||||
struct sigaction sig_action;
|
||||
int sigpipe[2];
|
||||
const char *pid_file = NULL;
|
||||
@@ -2180,7 +2180,8 @@ int main(int argc, char **argv) {
|
||||
unlink (pid_file);
|
||||
|
||||
error1:
|
||||
- qemudCleanup(server);
|
||||
+ if (server)
|
||||
+ qemudCleanup(server);
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -0,0 +1,23 @@
|
||||
|
||||
Don't use first byte of string as a pointer.
|
||||
* src/qemu_conf.c (qemudReportError): Use the pointer, errorMessage,
|
||||
not its first byte, errorMessage[0].
|
||||
|
||||
Signed-off-by: Jim Meyering <meyering@redhat.com>
|
||||
---
|
||||
src/qemu_conf.c | 2 +-
|
||||
1 files changed, 1 insertions(+), 1 deletions(-)
|
||||
|
||||
diff --git a/src/qemu_conf.c b/src/qemu_conf.c
|
||||
index eead0bc..e54da5b 100644
|
||||
--- a/src/qemu_conf.c
|
||||
+++ b/src/qemu_conf.c
|
||||
@@ -68,7 +68,7 @@ void qemudReportError(virConnectPtr conn,
|
||||
errorMessage[0] = '\0';
|
||||
}
|
||||
|
||||
- virerr = __virErrorMsg(code, (errorMessage[0] ? errorMessage[0] : NULL));
|
||||
+ virerr = __virErrorMsg(code, (errorMessage[0] ? errorMessage : NULL));
|
||||
__virRaiseError(conn, dom, net, VIR_FROM_QEMU, code, VIR_ERR_ERROR,
|
||||
virerr, errorMessage, NULL, -1, -1, virerr, errorMessage);
|
||||
}
|
||||
@@ -0,0 +1,63 @@
|
||||
diff -rupN libvirt-0.4.1.orig/src/bridge.c libvirt-0.4.1.new/src/bridge.c
|
||||
--- libvirt-0.4.1.orig/src/bridge.c 2008-02-28 06:16:21.000000000 -0500
|
||||
+++ libvirt-0.4.1.new/src/bridge.c 2008-03-13 11:25:12.000000000 -0400
|
||||
@@ -313,7 +313,6 @@ brDeleteInterface(brControl *ctl ATTRIBU
|
||||
int
|
||||
brAddTap(brControl *ctl,
|
||||
const char *bridge,
|
||||
- unsigned char *macaddr,
|
||||
char *ifname,
|
||||
int maxlen,
|
||||
int *tapfd)
|
||||
@@ -357,18 +356,6 @@ brAddTap(brControl *ctl,
|
||||
}
|
||||
|
||||
if (ioctl(fd, TUNSETIFF, &try) == 0) {
|
||||
- struct ifreq addr;
|
||||
- memset(&addr, 0, sizeof(addr));
|
||||
- memcpy(addr.ifr_hwaddr.sa_data, macaddr, 6);
|
||||
- addr.ifr_hwaddr.sa_family = ARPHRD_ETHER;
|
||||
-
|
||||
- /* Device actually starts in 'UP' state, but it
|
||||
- * needs to be down to set the MAC addr
|
||||
- */
|
||||
- if ((errno = brSetInterfaceUp(ctl, try.ifr_name, 0)))
|
||||
- goto error;
|
||||
- if (ioctl(fd, SIOCSIFHWADDR, &addr) != 0)
|
||||
- goto error;
|
||||
if ((errno = brAddInterface(ctl, bridge, try.ifr_name)))
|
||||
goto error;
|
||||
if ((errno = brSetInterfaceUp(ctl, try.ifr_name, 1)))
|
||||
diff -rupN libvirt-0.4.1.orig/src/bridge.h libvirt-0.4.1.new/src/bridge.h
|
||||
--- libvirt-0.4.1.orig/src/bridge.h 2008-02-28 06:16:21.000000000 -0500
|
||||
+++ libvirt-0.4.1.new/src/bridge.h 2008-03-13 11:25:12.000000000 -0400
|
||||
@@ -62,7 +62,6 @@ int brDeleteInterface (brContr
|
||||
|
||||
int brAddTap (brControl *ctl,
|
||||
const char *bridge,
|
||||
- unsigned char *mac,
|
||||
char *ifname,
|
||||
int maxlen,
|
||||
int *tapfd);
|
||||
diff -rupN libvirt-0.4.1.orig/src/qemu_conf.c libvirt-0.4.1.new/src/qemu_conf.c
|
||||
--- libvirt-0.4.1.orig/src/qemu_conf.c 2008-03-13 11:24:39.000000000 -0400
|
||||
+++ libvirt-0.4.1.new/src/qemu_conf.c 2008-03-13 11:25:12.000000000 -0400
|
||||
@@ -1540,7 +1540,6 @@ qemudNetworkIfaceConnect(virConnectPtr c
|
||||
}
|
||||
|
||||
if ((err = brAddTap(driver->brctl, brname,
|
||||
- net->mac,
|
||||
ifname, BR_IFNAME_MAXLEN, &tapfd))) {
|
||||
qemudReportError(conn, NULL, NULL, VIR_ERR_INTERNAL_ERROR,
|
||||
"Failed to add tap interface '%s' to bridge '%s' : %s",
|
||||
@@ -1548,7 +1547,9 @@ qemudNetworkIfaceConnect(virConnectPtr c
|
||||
goto error;
|
||||
}
|
||||
|
||||
- snprintf(tapfdstr, sizeof(tapfdstr), "tap,fd=%d,script=,vlan=%d", tapfd, vlan);
|
||||
+ snprintf(tapfdstr, sizeof(tapfdstr),
|
||||
+ "tap,fd=%d,script=,vlan=%d,ifname=%s",
|
||||
+ tapfd, vlan, ifname);
|
||||
|
||||
if (!(retval = strdup(tapfdstr)))
|
||||
goto no_memory;
|
||||
@@ -0,0 +1,21 @@
|
||||
commit 2bcf35336cd649e58c08d7cf3452a8d4353bcf85
|
||||
Author: Daniel Veillard <veillard@redhat.com>
|
||||
Date: Fri Mar 7 09:23:30 2008 +0000
|
||||
|
||||
* src/xend_internal.c: applied patch from Cole Robinson to not
|
||||
loose the boot tag when defining a fully virtualized xen domain
|
||||
Daniel
|
||||
|
||||
diff --git a/src/xend_internal.c b/src/xend_internal.c
|
||||
index 8bbc28f..fef54f8 100644
|
||||
--- a/src/xend_internal.c
|
||||
+++ b/src/xend_internal.c
|
||||
@@ -1323,7 +1323,7 @@ xend_parse_sexp_desc_os(virConnectPtr xend, struct sexpr *node, virBufferPtr buf
|
||||
if (hvm)
|
||||
virBufferVSprintf(buf, " <loader>%s</loader>\n", loader);
|
||||
|
||||
- if (kernel) {
|
||||
+ if ((kernel) && ((!loader) || (STRNEQ(kernel, loader)))) {
|
||||
virBufferVSprintf(buf, " <kernel>%s</kernel>\n", kernel);
|
||||
if (initrd && initrd[0])
|
||||
virBufferVSprintf(buf, " <initrd>%s</initrd>\n", initrd);
|
||||
@@ -0,0 +1,146 @@
|
||||
--- a/src/storage_backend_iscsi.c 4 Mar 2008 20:02:34 -0000 1.3
|
||||
+++ b/src/storage_backend_iscsi.c 26 Mar 2008 22:07:05 -0000
|
||||
@@ -170,20 +170,91 @@
|
||||
virStorageBackendISCSIMakeLUN(virConnectPtr conn,
|
||||
virStoragePoolObjPtr pool,
|
||||
char **const groups,
|
||||
- void *data ATTRIBUTE_UNUSED)
|
||||
+ void *data)
|
||||
{
|
||||
virStorageVolDefPtr vol;
|
||||
int fd = -1;
|
||||
+ unsigned int target, channel, id, lun;
|
||||
char lunid[100];
|
||||
- char *dev = groups[4];
|
||||
int opentries = 0;
|
||||
char *devpath = NULL;
|
||||
+ char *session = data;
|
||||
+ char sysfs_path[PATH_MAX];
|
||||
+ char *dev = NULL;
|
||||
+ DIR *sysdir;
|
||||
+ struct dirent *block_dirent;
|
||||
+ struct stat sbuf;
|
||||
+ int len;
|
||||
+
|
||||
+ if ((virStrToLong_ui(groups[0], NULL, 10, &target) < 0) ||
|
||||
+ (virStrToLong_ui(groups[1], NULL, 10, &channel) < 0) ||
|
||||
+ (virStrToLong_ui(groups[2], NULL, 10, &id) < 0) ||
|
||||
+ (virStrToLong_ui(groups[3], NULL, 10, &lun) < 0)) {
|
||||
+ virStorageReportError(conn, VIR_ERR_INTERNAL_ERROR, "%s",
|
||||
+ _("Failed parsing iscsiadm commands"));
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ if (lun == 0) {
|
||||
+ /* the 0'th LUN isn't a real LUN, it's just a control LUN; skip it */
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
+ snprintf(sysfs_path, PATH_MAX,
|
||||
+ "/sys/class/iscsi_session/session%s/device/"
|
||||
+ "target%d:%d:%d/%d:%d:%d:%d/block",
|
||||
+ session, target, channel, id, target, channel, id, lun);
|
||||
+
|
||||
+ if (stat(sysfs_path, &sbuf) < 0) {
|
||||
+ /* block path in subdir didn't exist; this is unexpected, so fail */
|
||||
+ virStorageReportError(conn, VIR_ERR_INTERNAL_ERROR,
|
||||
+ _("Failed to find the sysfs path for %d:%d:%d:%d: %s"),
|
||||
+ target, channel, id, lun, strerror(errno));
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ sysdir = opendir(sysfs_path);
|
||||
+ if (sysdir == NULL) {
|
||||
+ /* we failed for some reason; return an error */
|
||||
+ virStorageReportError(conn, VIR_ERR_INTERNAL_ERROR,
|
||||
+ _("Failed to opendir sysfs path %s: %s"),
|
||||
+ sysfs_path, strerror(errno));
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ while ((block_dirent = readdir(sysdir)) != NULL) {
|
||||
+ len = strlen(block_dirent->d_name);
|
||||
+ if ((len == 1 && block_dirent->d_name[0] == '.') ||
|
||||
+ (len == 2 && block_dirent->d_name[0] == '.' && block_dirent->d_name[1] == '.')) {
|
||||
+ /* the . and .. directories; just skip them */
|
||||
+ continue;
|
||||
+ }
|
||||
+
|
||||
+ /* OK, not . or ..; let's see if it is a SCSI device */
|
||||
+ if (len > 2 &&
|
||||
+ block_dirent->d_name[0] == 's' &&
|
||||
+ block_dirent->d_name[1] == 'd') {
|
||||
+ /* looks like a scsi device, smells like scsi device; it must be
|
||||
+ a scsi device */
|
||||
+ dev = strdup(block_dirent->d_name);
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
+ closedir(sysdir);
|
||||
+
|
||||
+ if (dev == NULL) {
|
||||
+ /* we didn't find the sd? device we were looking for; fail */
|
||||
+ virStorageReportError(conn, VIR_ERR_INTERNAL_ERROR,
|
||||
+ _("Failed to find SCSI device for %d:%d:%d:%d: %s"),
|
||||
+ target, channel, id, lun, strerror(errno));
|
||||
+ return -1;
|
||||
+ }
|
||||
|
||||
snprintf(lunid, sizeof(lunid)-1, "lun-%s", groups[3]);
|
||||
|
||||
if ((vol = calloc(1, sizeof(virStorageVolDef))) == NULL) {
|
||||
virStorageReportError(conn, VIR_ERR_NO_MEMORY, "%s", _("volume"));
|
||||
- return -1;
|
||||
+ goto cleanup;
|
||||
}
|
||||
|
||||
if ((vol->name = strdup(lunid)) == NULL) {
|
||||
@@ -197,6 +268,8 @@
|
||||
}
|
||||
strcpy(devpath, "/dev/");
|
||||
strcat(devpath, dev);
|
||||
+ free(dev);
|
||||
+ dev = NULL;
|
||||
/* It can take a little while between logging into the ISCSI
|
||||
* server and udev creating the /dev nodes, so if we get ENOENT
|
||||
* we must retry a few times - they should eventually appear.
|
||||
@@ -258,6 +331,7 @@
|
||||
if (fd != -1) close(fd);
|
||||
free(devpath);
|
||||
virStorageVolDefFree(vol);
|
||||
+ free(dev);
|
||||
return -1;
|
||||
}
|
||||
|
||||
@@ -281,14 +355,13 @@
|
||||
* scsi1 Channel 00 Id 0 Lun: 5
|
||||
* Attached scsi disk sdg State: running
|
||||
*
|
||||
- * Need 2 regex to match alternating lines
|
||||
+ * Need a regex to match the Channel:Id:Lun lines
|
||||
*/
|
||||
const char *regexes[] = {
|
||||
- "^\\s*scsi(\\S+)\\s+Channel\\s+(\\S+)\\s+Id\\s+(\\S+)\\s+Lun:\\s+(\\S+)\\s*$",
|
||||
- "^\\s*Attached\\s+scsi\\s+disk\\s+(\\S+)\\s+State:\\s+running\\s*$"
|
||||
+ "^\\s*scsi(\\S+)\\s+Channel\\s+(\\S+)\\s+Id\\s+(\\S+)\\s+Lun:\\s+(\\S+)\\s*$"
|
||||
};
|
||||
int vars[] = {
|
||||
- 4, 1
|
||||
+ 4
|
||||
};
|
||||
const char *prog[] = {
|
||||
ISCSIADM, "--mode", "session", "-r", session, "-P", "3", NULL,
|
||||
@@ -296,11 +369,11 @@
|
||||
|
||||
return virStorageBackendRunProgRegex(conn, pool,
|
||||
prog,
|
||||
- 2,
|
||||
+ 1,
|
||||
regexes,
|
||||
vars,
|
||||
virStorageBackendISCSIMakeLUN,
|
||||
- NULL);
|
||||
+ (void *)session);
|
||||
}
|
||||
|
||||
|
||||
@@ -0,0 +1,17 @@
|
||||
Index: src/storage_conf.c
|
||||
===================================================================
|
||||
RCS file: /data/cvs/libvirt/src/storage_conf.c,v
|
||||
retrieving revision 1.3
|
||||
retrieving revision 1.4
|
||||
diff -u -r1.3 -r1.4
|
||||
--- a/src/storage_conf.c 27 Feb 2008 10:37:19 -0000 1.3
|
||||
+++ b/src/storage_conf.c 28 Mar 2008 17:56:44 -0000 1.4
|
||||
@@ -479,7 +479,7 @@
|
||||
}
|
||||
if ((options->flags & VIR_STORAGE_BACKEND_POOL_SOURCE_DIR) &&
|
||||
def->source.dir &&
|
||||
- virBufferVSprintf(buf," <directory path='%s'/>\n", def->source.dir) < 0)
|
||||
+ virBufferVSprintf(buf," <dir path='%s'/>\n", def->source.dir) < 0)
|
||||
goto no_memory;
|
||||
if ((options->flags & VIR_STORAGE_BACKEND_POOL_SOURCE_ADAPTER) &&
|
||||
def->source.adapter &&
|
||||
@@ -0,0 +1,17 @@
|
||||
--- /home/boston/clalance/devel/libvirt--devel/src/storage_backend_iscsi.c 2008-02-13 13:48:32.497466000 -0500
|
||||
+++ libvirt-0.4.0/src/storage_backend_iscsi.c 2008-02-11 17:19:35.000000000 -0500
|
||||
@@ -143,6 +143,14 @@ static int virStorageBackendISCSIConnect
|
||||
"--targetname", pool->def->source.devices[0].path, action, NULL
|
||||
};
|
||||
|
||||
+ const char *cmdsendtarget[] = {
|
||||
+ ISCSIADM, "--mode", "discovery", "--type", "sendtargets",
|
||||
+ "--portal", portal, NULL
|
||||
+ };
|
||||
+
|
||||
+ if (virRun(conn, (char **)cmdsendtarget, NULL) < 0)
|
||||
+ return -1;
|
||||
+
|
||||
if (virRun(conn, (char **)cmdargv, NULL) < 0)
|
||||
return -1;
|
||||
|
||||
+257
-3095
File diff suppressed because it is too large
Load Diff
Reference in New Issue
Block a user