aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Fix another rpmbuild failureDaniel Veillard2012-09-241-1/+2
| | | | | without systemd we should not try to package the non-installed %{_sysconfdir}/rc.d/init.d/libvirtd
* Fix an rpmbuild failureDaniel Veillard2012-09-241-0/+2
| | | | $RPM_BUILD_ROOT was embedded in /etc/rc.d/init.d/libvirt-guests
* Don't install legacy initscripts at same time as systemd onesDaniel P. Berrange2012-09-241-3/+1
| | | | | | | | The Fedora policies don't want us installing the legacy initscripts in parallel with the systemd ones, so switch to only install the systemd unit Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* network: log error for unknown virNetworkUpdate command codesLaine Stump2012-09-211-0/+15
| | | | | | | | | | | | | | | Every level of the code for virNetworkUpdate was assuming that some other level was checking for validity of the "command" arg, but none actually were. The result was that an invalid command code would do nothing, but also report success. Since the command code isn't used until the very lowest level backend functions, that's where I put the check. I made a separate one-line function to log the error. The compiler would have combined the identical strings used by multiple calls if I'd just called virReportError directly in each location, but sending them all to the same string in the source guards against inadvertant divergence (which would lead to extra work for translators.)
* network: make virNetworkObjUpdate error detection/recovery betterLaine Stump2012-09-211-13/+34
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1) virNetworkObjUpdate should be an all or none operation, but in the case that we want to update both the live state and persistent config versions of the network, it was committing the update to the live state before starting to update the persistent config. If update of the persistent config failed, we would leave with things in an inconsistent state - the live state would be updated (even though an error was returned), but persistent config unchanged. This patch changed virNetworkObjUpdate to use a separate pointer for each copy of the virNetworkDef, and not commit either of them in the virNetworkObj until both live and config parts of the update have successfully completed. 2) The parsers for various pieces of the virNetworkDef have all sorts of subtle limitations on them that may not be known by the Update[section] function, making it possible for one of these functions to make a modification directly to the object that may not pass the scrutiny of a subsequent parse. But normally another parse wouldn't be done on the data until the *next* time the object was updated (which could leave the network definition in an unusable state). Rather than fighting the losing battle of trying to duplicate all the checks from the parsers into the update functions as well, the more foolproof solution to this is to simply do an extra virNetworkDefCopy() operation on the updated networkdef - virNetworkDefCopy() does a virNetworkFormat() followed by a virNetworkParseString(), so it will do all the checks we need. If this fails, then we don't commit the changed def.
* network: don't "refresh" iptables rules on rule-less networksLaine Stump2012-09-211-3/+6
| | | | | | | | | | | | | | | The bridge driver implementation of virNetworkUpdate() removes and re-adds iptables rules any time a network has an <ip>, <forward>, or <forward>/<interface> element updated. There are some types of networks that have those elements and yet have no iptables rules associated with them, and unfortunately the functions that remove/add iptables rules don't check the type of network before attempting to remove/add the rules, sometimes leading to an erroneous failure of the entire update operation. Under normal circumstances I would refactor the lower level functions to be more robust, but to avoid code churn as much as possible, I've just added extra checks directly to networkUpdate().
* Drop unused return value of virLogOutputFuncMiloslav Trmač2012-09-213-41/+34
| | | | | | | | | | | | | Nothing uses the return value, and creating it requries otherwise unnecessary strlen () calls. This cleanup is conceptually independent from the rest of the series (although the later patches won't apply without it). This just seems a good opportunity to clean this up, instead of entrenching the unnecessary return value in the virLogOutputFunc instance that will be added in this series. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* Remove redundant lines in src/qemu/qemu_driver.cTang Chen2012-09-211-18/+0
| | | | | | | maxcpu and hostcpus are defined and calculated in qemudDomainPinVcpuFlags() and qemudDomainPinEmulator(), but never used. So remove them including nodeinfo. Signed-off-by: Tang Chen <tangchen@cn.fujitsu.com>
* Add <seclabel> to character devices.Richard W.M. Jones2012-09-215-30/+155
| | | | | | | This allows the user to control labelling of each character device separately (the default is to inherit from the VM). Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
* Make virSecurityDeviceLabelDefParseXML into generic device <seclabel> parser.Richard W.M. Jones2012-09-211-18/+25
| | | | | | | | | | | | This is just code motion, allowing us to reuse the same function to parse the <seclabel> from character devices too. However it also fixes a possible segfault in the original code if VIR_ALLOC_N returns an error and the cleanup code (at the error: label) tries to iterate over the unallocated array (thanks Michal Privoznik for spotting this). Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
* qemu: Fix failure path in disk hotplugJiri Denemark2012-09-211-4/+10
| | | | | | Disk hotplug is a two phase action: qemuMonitorAddDrive followed by qemuMonitorAddDevice. When the first part succeeds but the second one fails, we need to rollback the drive addition.
* locking: Remove README file in favor of internals/locking.htmlJiri Denemark2012-09-211-165/+0
| | | | | | The README file seems to be a leftover from some previous version of locking driver. It is not consistent with what the code does nor is it consistent with existing documentation in internals/locking.html.
* Improve some debugging log messages in LXC mount setupDaniel P. Berrange2012-09-211-4/+5
| | | | Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* Ensure existing selinux mount is removed before mounting new one in LXCDaniel P. Berrange2012-09-211-0/+16
| | | | | | | | Some kernel versions (at least RHEL-6 2.6.32) do not let you over-mount an existing selinuxfs instance with a new one. Thus we must unmount the existing instance inside our namespace. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* Fix crash accessing a NULL URI when looking up auth credentialsDaniel P. Berrange2012-09-213-2/+4
| | | | | | | | When auto-probing hypervisor drivers, the conn->uri field will initially be NULL. Care must be taken not to access members when doing auth lookups in the config file Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* Remove a redundant line in src/qemu/qemu_driver.cTang Chen2012-09-211-1/+0
| | | | Signed-off-by: Tang Chen <tangchen@cn.fujitsu.com>
* network: backend for virNetworkUpdate of portgroupsLaine Stump2012-09-211-6/+79
| | | | | | | | | | | | | | | | | | | | | | | | | | portgroup elements are located in the toplevel of <network> objects. There can be multiple <portgroup> elements, and they each have a unique name attribute. Add, delete, and modify are all supported for portgroup. When deleting a portgroup, only the name must be specified in the provided xml - all other attributes and subelements are ignored for the purposes of matching and existing portgroup. The bridge driver and virsh already know about the portgroup element, so providing this backend should cause the entire stack to work. Note that in the case of portgroup, there is no external daemon based on the portgroup config, so nothing must be restarted. It is important to note that guests make a copy of the appropriate network's portgroup data when they are started, so although an updated portgroup's configuration will have an affect on new guests started after the cahange, existing guests won't magically have their bandwidth changed, for example. If something like that is desired, it will take a lot of redesign work in the way network devices are setup (there is currently no link from the network back to the individual interfaces using it, much less from a portgroup within a network back to the individual interfaces).
* network: backend for virNetworkUpdate of dhcp rangeLaine Stump2012-09-211-4/+88
| | | | | | | | | | | | | | | | | | | | | | | The dhcp range element is contained in the <dhcp> element of one of a network's <ip> elements. There can be multiple <range> elements. Because there are only two attributes (start and end), and those are exactly what you would use to identify a particular range, it doesn't really make sense to modify an existing element, so VIR_NETWORK_UPDATE_COMMAND_MODIFY isn't supported for this section, only ADD_FIRST, ADD_LAST, and DELETE. Since virsh already has support for understanding all the defined sections, this new backend is automatically supported by virsh. You would use it like this: virsh net-update mynet add ip-dhcp-range \ "<range start='1.2.3.4' end='1.2.3.20'/>" --live --config The bridge driver also already supports all sections, so it's doing the correct thing in this case as well - since the dhcp range is placed on the dnsmasq commandline, the bridge driver recreates the dnsmasq commandline, and re-runs dnsmasq whenever a range is added/deleted (and AFFECT_LIVE is specified in the flags).
* virsh: new net-update commandLaine Stump2012-09-202-0/+194
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This command uses the new virNetworkUpdate() API to modify an existing network definition, and optionally have those modifications take effect immediately without restarting the network. An example usage: virsh net-update mynet add-last ip-dhcp-host \ "<host mac='00:11:22:33:44:55' ip='192.168.122.45'/>" \ --live --config If you like, you can instead put the xml into a file, and call like this: virsh net-update mynet add ip-dhcp-host /tmp/myxml.xml --live --config virsh will autodetect whether the argument is itself an xml element, or if it's a file, by looking at the first character - the first character of an xml element is always "<", and the first character of a file is almost always *not* "<" (in the rare case that it is, the user could specify "./<filename..."). A --parent-index option is also available (to give the index within a list of parent objects, e.g. the index of the parent <ip> element when updating ip-dhcp-host elements), but is optional and at least for now will probably be used rarely. --live, --config, and --current options - if you specify --live, only the live state of the network will be updated. If you also specify --config, then the persistent configuration will also be updated; these two commands can be given separately, or both together. If you don't specify either (you can optionally specify "--current" for the same effect), then the "current" config will be updated (i.e. if the network is active, then only its live config is affected, but if the network is inactive, only the persistent config is affected).
* docs: fix typo in filesystem docsEric Blake2012-09-201-1/+1
| | | | | | | Noticed this by reading the page. It would be so much nicer if our tools could automatically flag things like this as part of 'make'. * docs/formatdomain.html.in: Remove extra '>'.
* maint: fix up copyright notice inconsistenciesEric Blake2012-09-20507-509/+507
| | | | | | | | | https://www.gnu.org/licenses/gpl-howto.html recommends that the 'If not, see <url>.' phrase be a separate sentence. * tests/securityselinuxhelper.c: Remove doubled line. * tests/securityselinuxtest.c: Likewise. * globally: s/; If/. If/
* doc: include article about libvirt+audit in relatedlinks.htmlMarcelo Cerri2012-09-201-0/+3
| | | | | | This patch adds to relatedlinks.html a link to an article about libvirt describing how the Linux audit subsystem can be used to track qemu guest's life-cycle.
* Ensure autogen.sh exists if bootstrap failsDaniel P. Berrange2012-09-201-0/+2
| | | | | | | | If any of the bootstrap tasks (autoconf/automake/etc) failed, autogen.sh carried on running any pre-existing configure anyway. Use 'set -e' to ensure autogen.sh immediately exists on error. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
* tests: Add tests for dump-core optionMartin Kletzander2012-09-207-0/+69
|
* qemu: add support for dump-guest-core optionMartin Kletzander2012-09-204-10/+78
| | | | | | | | | | | | | | The "dump-guest-core' option is new option for the machine type (-machine pc,dump-guest-core) that controls whether the guest memory will be marked as dumpable. While testing this, I've found out that the value for the '-M' options is not parsed correctly when additional parameters are used. However, when '-machine' is used for the same options, it gets parsed as expected. That's why this patch also modifies the parsing and creating of the command line, so both '-M' and '-machine' are recognized. In QEMU's help there is only mention of the 'machine parameter now with no sign of the older '-M'.
* Add support for limiting guest coredumpMartin Kletzander2012-09-205-4/+52
| | | | | | | Sometimes when guest machine crashes, coredump can get huge due to the guest memory. This can be limited using madvise(2) system call and is being used in QEMU hypervisor. This patch adds an option for configuring that in the domain XML and related documentation.
* QEMU Tests for reboot-timeoutMartin Kletzander2012-09-207-0/+61
|
* qemu: Add support for reboot-timeoutMartin Kletzander2012-09-203-0/+36
| | | | | This patch adds support for "-boot reboot-timeout=rb_time" that is added in QEMU.
* Add support for reboot-timeoutMartin Kletzander2012-09-204-15/+56
| | | | | | | Whenever the guest machine fails to boot, new parameter (reboot-timeout) controls whether it should reboot and after how many ms it should do so. Docs included.
* security: Don't ignore errors when parsing DAC security labelsPeter Krempa2012-09-201-34/+61
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The DAC security driver silently ignored errors when parsing the DAC label and used default values instead. With a domain containing the following label definition: <seclabel type='static' model='dac' relabel='yes'> <label>sdfklsdjlfjklsdjkl</label> </seclabel> the domain would start normaly but the disk images would be still owned by root and no error was displayed. This patch changes the behavior if the parsing of the label fails (note that a not present label is not a failure and in this case the default label should be used) the error isn't masked but is raised that causes the domain start to fail with a descriptive error message: virsh # start tr error: Failed to start domain tr error: internal error invalid argument: failed to parse DAC seclabel 'sdfklsdjlfjklsdjkl' for domain 'tr' I also changed the error code to "invalid argument" from "internal error" and tweaked the various error messages to contain correct and useful information.
* simplify xenXMDomainPinVcpu functionliguang2012-09-202-35/+4
| | | | | | | supersede tedious statements getting cpu bitmap from parameter cpumap by virBitmapNewData function Signed-off-by: liguang <lig.fnst@cn.fujitsu.com>
* Cleanup of domain_conf sentinelsMartin Kletzander2012-09-201-29/+29
| | | | This patch removes all commas after *_LAST sentinels in the enums.
* qemu: Cleanup boot parameter buildingMartin Kletzander2012-09-205-28/+89
| | | | | | | | | | | | | | | | | | | | | | This patch cleans up building the "-boot" parameter and while on that fixes one inconsistency by modifying these things: - I completed the unfinished virDomainBootMenu enum by specifying LAST, declaring it and also declaring the TypeFromString and TypeToString parameters. - Previously mentioned TypeFromString and TypeToString are used when parsing the XML. - Last, but not least, visible change is that the "-boot" parameter is built and parsed properly: - The "order=" prefix is used only when additional parameters are used (menu, etc.). - It's rewritten in a way that other parameters can be added easily in the future (used in following patch). - The "order=" parameter is properly parsed regardless to where it is placed in the string (e.g. "menu=on,order=nc"). - The "menu=" parameter (and others in the future) are created when they should be (i.e. even when bootindex is supported and used, but not when bootloader is selected).
* qemu: Transition domain to PAUSED after 'stop' commandMichal Privoznik2012-09-201-6/+1
| | | | | | | | | | Currently, we mark domain PAUSED (but not emit an event) just before we issue 'stop' on monitor; This command can take ages to finish, esp. when domain's doing a lot of IO - users can enforce qemu to open files with O_DIRECT which doesn't return from write() until data reaches the block device. Having said that, we report PAUSED even if domain is not paused yet.
* network: fix element size / length in memmoveLaine Stump2012-09-191-2/+2
| | | | | | | | | | | The memmove to move elements in the dhcp hosts array when inserting and deleting items was mistakenly basing the length of the copy on the size of a virNetworkDHCPHostDefPtr rather than virNetworkDHCPHostDef, with the expected disastrous results. The memmove to delete an entry commits two errors - along with the size of each element being wrong, it also omits some required parentheses.
* virsh: Move daemon to misc since its not a networkDoug Goldstein2012-09-191-3/+3
| | | | | Move the 'Daemon' entry to the Miscellaneous section since its not a networking driver or component.
* network: fix incorrect VIR_NETWORK_UPDATE_COMMAND_* valuesLaine Stump2012-09-191-4/+4
| | | | | | | | | These enums originally were put into the flags for virNetworkUpdate, and when they were moved into their own enum, the numbers weren't appropriately changed, causing the commands to start with value 2 instead of 1. This causes problems for things like ENUM_IMPL, which wants a string for every value in the requested range, including those not used in the enum.
* build: define WITH_INTERFACE for the driverDoug Goldstein2012-09-1910-22/+73
| | | | | | | | | | | | | | | | | | Based exclusively on work by Eric Blake in a patch posted with the same subject. However some modifications related to comments and my plans to add another backend. Added WITH_INTERFACE as the only automake variable deciding whether to build the driver and using WITH_NETCF to identify that we're wanting to use the netcf library as the backend. * configure.ac: Added with_interface * src/interface/netcf_driver.c: Renamed.. * src/interface/interface_backend_netcf.c: ..to this to match storage. * src/interface/netcf_driver.h: Renamed.. * src/interface/interface_driver.h: ..to this. * daemon/Makefile.am: Respect WITH_INTERFACE and WITH_NETCF. * libvirt.spec.in: Add RPM support for --with-interface
* virsh: Rename QEmu to QEMU to match upstreamDoug Goldstein2012-09-191-1/+1
| | | | | Match upstream's naming of QEMU. There was a notice on the ML that said the preferred spelling was QEMU a while back.
* virsh: Fix resource leaks when editing files.Peter Krempa2012-09-191-2/+5
| | | | | | The cleanup path in virsh-edit helper was never reached when the edit was successful leaking the document in memory as well as the temporary file.
* util: don't print free'd dmidecode pathEric Blake2012-09-181-5/+1
| | | | | | | | | The path was freed before printing the error message, resulting in: error : virSysinfoRead:773 : internal error Failed to execute command (null) But virCommandRun already gives a better error message. * src/util/sysinfo.c (virSysinfoRead): Avoid overwriting error.
* build: avoid unused symbolEric Blake2012-09-181-1/+0
| | | | | | | | | Commit f36309d added an export with no matching implementation; probably a misspelling of an earlier version of the final addition of virNetworkObjSetDefTransient. * src/libvirt_private.syms (network_conf.h): Drop bogus virNetworkSetDefTransient.
* build: fix nodeinfo build on non-Linux platformsEric Blake2012-09-181-0/+4
| | | | | | | | Commit aaa8ab3 added new static functions that are only used on Linux; but commit 22acfdc didn't go far enough to fix compiler issues. * src/nodeinfo.c (nodeSetMemoryParameterValue) (nodeGetMemoryParameterValue): Conditionally compile based on use.
* bitmap: fix problems in previous commitEric Blake2012-09-182-7/+8
| | | | | | | | | | | | | | Commit ee3d3893 missed the fact that (unsigned char)<<(int) is truncated to int, and therefore failed for any bitmap data longer than four bytes. Also, I failed to run 'make syntax-check' on my commit 4bba6579; for whatever odd reason, ffs lives in a different header than ffsl. * src/util/bitmap.c (virBitmapNewData): Use correct shift type. (includes): Glibc (and therefore gnulib) decided ffs is in <strings.h>, but ffsl is in <string.h>. * tests/virbitmaptest.c (test5): Test it.
* build: avoid non-portable byte-swappingEric Blake2012-09-182-11/+28
| | | | | | | | | | | Commit 0fc89098 used functions only available on glibc, completely botched 32-bit environments, and risked SIGBUS due to unaligned memory access on platforms that aren't as forgiving as x86_64. * bootstrap.conf (gnulib_modules): Import ffsl. * src/util/bitmap.c (includes): Use <strings.h> for ffsl. (virBitmapNewData, virBitmapToData): Avoid 64-bit assumptions and non-portable functions.
* Fix minor details not only in apic eoiMartin Kletzander2012-09-182-6/+5
| | | | | | The introduction of APIC EOI patches had a few little details that could look better, so this patch fixes that and one more place in the file as well (same problem).
* secret: Fix error for private secretsMartin Kletzander2012-09-181-2/+2
| | | | | | | | | | | | | | When trying to get the value of a private secret, the code used 'operation denied' error. That error is specified as a error for read-only connections trying to perform denied operation. The following error seems more accurate. To compare the difference: - BEFORE error: operation secret is private forbidden for read only access - AFTER error: Invalid secret: secret is private
* virNetDevBandwidthClear: Improve error handlingMartin Kletzander2012-09-183-8/+10
| | | | | | | | | | | | | Two changes are introduced in this patch: - The first change removes ATTRIBUTE_RETURN_CHECK from virNetDevBandwidthClear, because it was called with ignore_value always, anyway. The function is used even when it's not necessary to call it, just for cleanup purposes. - The second change is added ignoring of the command's exit status, since it may report an error even when run just as "to be sure we clean up" function. No libvirt errors are suppresed by this.
* syntax-check: fix run.inMartin Kletzander2012-09-182-2/+2
| | | | Two more problems in "run.in" made the syntax-check fail.
* Adhere to copyright_address checkGuido Günther2012-09-181-2/+1
| | | | | | to fix "make syntax-check" Found by http://honk.sigxcpu.org:8001/job/libvirt-syntax-check/