Now that we have some qemuSecurity wrappers over
virSecurityManager APIs, lets make sure everybody sticks with
them. We have them for a reason and calling virSecurityManager
API directly instead of wrapper may lead into accidentally
labelling a file on the host instead of namespace.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
The utils code should stay separated from other code (except for very
well justified cases). Unfortunately commit 272769becc
made it trivial to break the separation (and not get slapped by the
syntax-check rule) by adding -I src/conf to the CFLAGS for utils.
Remove this shortcut and except the two offenders from the syntax check
so that the codebase can be kept separated.
Problem with VIR_FREE() is that we are not linking
libvirt-utils.so to our mock libs therefore there will be an
unresolved symbol. Fortunately, nsstest that eventually links
with the nssmock links also with libvirt-utils.so and thus the
symbol is resolved after all. However, if one wants to run the
test binary under valgrind it is impossible to do so. Because of
the unresolved symbol.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
The front page contains a bunch of content that is either
outdated (eg links to libvirt qpid) or not particularly
useful (links to vendor hypervisor sites).
This rewrites it to be more directly useful to visitors,
providing a updated intro to libvirt project, direct
links to key pieces of website content (new contributors
guide, security process, bug reporting, XML formats), and
feed showing recent 5 blog posts on the virt tools planet.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
This reverts commit 1f29f3da06.
Assuming <dt> is always used to document symbols is way too
broad, requiring far too many exemptions to be marked to
avoid syntax check rules.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
The original libvirt logo was built using what appears to be
either Overpass font, or one stylistically very similar (the
slanted top of letters like 'l', 't', etc). The newly recreated
libvirt logo will use Overpass. Use this font for the website
text too, to provide a consistent style.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
The library.xen file contains a braindump of thoughts dating
from the very first days of libvirt, when it was briefly
called libxen. This is not useful and potentially misleading
or confusing for people.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
This initially started as a fix of some debug printing in
virCgroupDetect. However it turned out that other places suffer
from the similar problem. While dealing with pids, esp. in cases
where we cannot use pid_t for ABI stability reasons, we often
chose an unsigned integer type. This makes no sense as pid_t is
signed.
Also, new syntax-check rule is introduced so we won't repeat this
mistake.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Some of the examples make use of asprintf and strtol functions (to keep
things simple) which are prohibited to use within our code (enforced by
syntax-check). Therefore besides adding some examples, this patch also updates
cfg.mk to exclude examples directory from asprintf and strtol rules, as well as
updates .gitignore to exclude all the new admin binaries created in the
'examples' dir.
Signed-off-by: Erik Skultety <eskultet@redhat.com>
This script can already operate on a list of files.
Add a --check parameter to check if multiple files are wrapped
correctly with a single invocation of the script.
This checks forbids using "can not" and checks the placement
of some texinfo tags.
Drop it since we do not use texinfo and the check takes almost
twice as much as the rest of the checks.
The prohibit_nonreentrant syntax-check rule spawns a new shell
for every non-reentrant function we know, to make it easier
to mention the function name in the error message, with the _r
appended.
Since the line with the offending function is already printed
and some of the functions on our list do not have a _r counterpart,
compile them into one big regex and use a more generic error message
to save time.
Move all APIs with a virHostCPU name prefix out into new
util/virhostcpu.h & util/virhostcpu.c files
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Fix the regex for excluding files for this syntax-rule. The rule "include/"
will not work, because we are matching the whole line like this
"^(...|include/|...)$ so we need to use "include/libvirt/libvirt.+". The second
issue is that we are using only one '$' but there should be two of those at the
end. The last small adjustment is to escape dots '.' so it match only dot.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
There is a lot to explain, but I try to make it as short as
possible. I'd start by pasting some parts of sys/stat.h:
extern int stat (const char *__restrict __file,
struct stat *__restrict __buf) __THROW __nonnull ((1, 2));
extern int __REDIRECT_NTH (stat, (const char *__restrict __file,
struct stat *__restrict __buf), stat64)
__nonnull ((1, 2));
__extern_inline int
__NTH (stat (const char *__path, struct stat *__statbuf))
{
return __xstat (_STAT_VER, __path, __statbuf);
}
Only one of these is effective at once, due to some usage of
the mess we are dealing with in here. So, basically, while
compiling or linking stat() in our code can be transformed into
some other func. Or a dragon.
Now, if you read stat(2) manpage, esp. "C library/kernel
differences" section, you'll learn that glibc uses some tricks
for older applications to work. I haven't gotten around actual
code that does this, but based on my observations, if 'stat'
symbol is found, glibc assumes it's dealing with ancient
application. Unfortunately, it can be just ours stat coming from
our mock. Therefore, calling stat() from a test will end up in
our mock. But since glibc is not exposing the symbol anymore, our
call of real_stat() will SIGSEGV immediately as the pointer to
function is NULL. Therefore, we should expose only those symbols
we know glibc has.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
The intent is that this library is going to be called every time
to check if we are not touching anything outside srcdir or
builddir.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Commit 61b070cf20 cleaned up a number of cases where the <dt>
element was used to document symbols, but the symbol itself was
not inside a <code> element.
To make sure we don't end up having to clean up again a few
months from now, introduce a syntax-check rule that can spot
such mistakes.
All existing exceptions are marked as such, with either file
or line granularity depending on the case.
$ echo -n 'log_level=1' > ~/.config/libvirt/libvirtd.conf
$ libvirtd --timeout=10
2014-10-10 10:30:56.394+0000: 6626: info : libvirt version: 1.1.3.6, package: 1.fc20 (Fedora Project, 2014-09-08-17:50:42, buildvm-05.phx2.fedoraproject.org)
2014-10-10 10:30:56.394+0000: 6626: error : main:1261 : Can't load config file: configuration file syntax error: /home/rjones/.config/libvirt/libvirtd.conf:1: expecting a value: /home/rjones/.config/libvirt/libvirtd.conf
Rather than try to fix this in the depths of the parser, just catch
the case when a config file doesn't end in a newline, and manually
append a newline to the content before parsing
https://bugzilla.redhat.com/show_bug.cgi?id=1151409
To prevent the error messages in cfg.mk from triggering the very
same rules they're supposed to explain, we split the message in
the middle of a symbol name, ending up with stuff like
'I am a me'ssage
Instead of relying on these quotation tricks, simply exclude
cfg.mk from the relevant checks.
Being consistent is nice, especially when it comes to defining our
regular expression, where using single quotes instead of double
quotes allows us to leave out a few backslashes.
Changing this required altering a few error messages.
The only remaining use of double quotes is one where they are
actually required for the check to work.
While we have a wiki page describing the feature [1] since the
feature is distributed in our .tar.gz we ought to document it. So
I went ahead, copied the wiki page and reformatted so it fits our
docs coding style.
1: http://wiki.libvirt.org/page/NSS_module
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
After 9c17d665fd the tap device for ethernet network type is
automatically precreated before spawning qemu. Problem is, the
qemuxml2argvtest wasn't updated and thus is failing. Because of
all the APIs that new code is calling, I had to mock a lot. Also,
since the tap FDs are labeled separately from the rest of the
devices/files I had to enable NOP security driver for the test
too.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
As mock libraries are not to be linked against libvirt, the
sc_prohibit_close syntax-check rule does not apply.
This fixes a syntax-check failure introduced by commit a03cbfe0fb.
There might be cases, like with typed params, where triggering this check isn't
desirable. But including the whole module in the exception regex is not always
to right way of doing things. By adding an option to manually disable this check
on a specific occurrence, the module itself will still be checked against the
rule.
As it turned out, we need to share some enums and declarations between
libvirt.h and libvirt-admin.h, but since our policy forbids direct includes of
libvirt*.h, there has to be some header exempt from this rule. This patch moves
the relevant part of code from libvirt.h.in to libvirt-common.h.in. Moreover,
since there is no need to have libvirt.h generated anymore, introduce a new
header libvirt.h which was previosly ignored from git and make the common
header ignored and generated instead.
Currently the QEMU stdout/stderr streams are written directly to
a regular file (eg /var/log/libvirt/qemu/$GUEST.log). While those
can be rotated by logrotate (using copytruncate option) this is
not very efficient. It also leaves open a window of opportunity
for a compromised/broken QEMU to DOS the host filesystem by
writing lots of text to stdout/stderr.
This makes it possible to connect the stdout/stderr file handles
to a pipe that is provided by virtlogd. The virtlogd daemon will
read from this pipe and write data to the log file, performing
file rotation whenever a pre-determined size limit is reached.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Copy the virtlockd codebase across to form the initial virlogd
code. Simple search & replace of s/lock/log/ and gut the remote
protocol & dispatcher. This gives us a daemon that starts up
and listens for connections, but does nothing with them.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Back in
commit bd6c46fa0c
Author: Juerg Haefliger <juerg.haefliger@hp.com>
Date: Mon Jan 31 06:42:57 2011 -0500
tests: handle backspace-newline pairs in test input files
all the test argv files were line wrapped so that the args
were less than 80 characters.
The way the line wrapping was done turns out to be quite
undesirable, because it often leaves multiple parameters
on the same line. If we later need to add or remove
individual parameters, then it leaves us having to redo
line wrapping.
This commit changes the line wrapping so that every
single "-param value" is one its own new line. If the
"value" is still too long, then we break on ',' or ':'
or ' ' as needed.
This means that when we come to add / remove parameters
from the test files line, the patch diffs will only
ever show a single line added/removed which will greatly
simplify review work.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
We have macros for both positive and negative string matching.
Therefore there is no need to use !STREQ or !STRNEQ. At the same
time as we are dropping this, new syntax-check rule is
introduced to make sure we won't introduce it again.
Signed-off-by: Ishmanpreet Kaur Khera <khera.ishman@gmail.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
In order to share as much virsh' logic as possible with upcomming
virt-admin client we need to split virsh logic into virsh specific and
client generic features.
Since majority of virsh methods should be generic enough to be used by
other clients, it's much easier to rename virsh specific data to virshX
than doing this vice versa. It moved generic virsh commands (including info
and opts structures) to generic module vsh.c.
Besides renaming methods and structures, this patch also involves introduction
of a client specific control structure being referenced as private data in the
original control structure, introduction of a new global vsh Initializer,
which currently doesn't do much, but there is a potential for added
functionality in the future.
Lastly it introduced client hooks which are especially necessary during
client connecting phase.
For this to pe properly separated from other protocols used by the
server, there is second server added which allows access to the whole
virNetDaemon to its clients.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Initial scratch of the admin library. It has its own virAdmConnectPtr
that inherits from virAbstractConnectPtr and thus trivially supports
error reporting.
There's pkg-config file added and spec-file adjusted as well.
Since the library should be "minimalistic" and not depend on any other
library, the list of files is especially crafted for it. Most of them
could've been put to it's own sub-libraries that would be LIBADD'd to
libvirt_util, libvirt_net_rpc and libvirt_setuid_rpc_client to minimize
the number of object files being built, but that's a refactoring that
isn't the orginal aim of this commit.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>