Commit Graph

116 Commits

Author SHA1 Message Date
Michal Privoznik
22f7ceb695 nss: Introduce libvirt-guest module
So far the NSS module looks up only hostnames as provided by
guests themselves. However, there are some cases where this is
not enough: e.g. when there's a fresh new guest being installed
(with some generic hostname) say from a live ISO image; or some
(older) systems don't advertise their hostname in DHCP
transactions at all.
In cases like that it would be helpful if we translate domain
name as seen by libvirt too so that users can:

  # virsh start $dom && ssh $dom

In order to achieve that new libvirt-guest module is introduced,
while older libvirt module maintains its current behaviour (that
is translating guest provided names into IP addresses).

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-12-06 13:34:00 +01:00
Andrea Bolognani
3abb8b6969 wireshark: Don't redefine ws_plugindir
autoconf already defines the variable for us, and prints out
a warning if we try to do it a second time. So let's not :)
2016-11-07 10:16:06 +01:00
Andrea Bolognani
3cbf054995 wireshark: Rename plugindir to ws_plugindir
Since we're using autoconf to substitute the right value in
Makefile.am now, we can use a less generic name without running
into circular dependencies.
2016-10-26 17:00:21 +02:00
Andrea Bolognani
c587c73549 wireshark: Inject $(prefix) at the right time
Adding $(prefix) in Makefile.am, as we were doing, means that
it would be prepended even when using --with-ws-plugindir,
which is something we don't want to happen.

Instead, we add it beforehand but take care that it doesn't
get expanded until make is called.
2016-10-26 17:00:21 +02:00
Michal Privoznik
35e45760ee virt-wireshark.m4: Defer $(prefix) substitution
The autoconf manual says we shouldn't be using this variable (and
some others) outside of Makefiles as it prevents users providing
their own prefix at the installation phase.

https://www.gnu.org/software/autoconf/manual/autoconf-2.69/html_node/Installation-Directory-Variables.html

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-10-21 09:27:33 +08:00
Michal Privoznik
8540301b78 tools: Don't list virsh-* under EXTRA_DIST
When we wanted to break huge and unmaintainable virsh into
smaller files first thing we did was to just move funcs into
virsh-.c files and then #include them from virsh. Having it done
this way we also needed to have them listed under EXTRA_DIST.
However, things got changed since then and now all the virsh-*.c
files are proper source files. Therefore they are listed under
virsh_SOURCES too. But for some reason we forgot to remove them
from EXTRA_DIST.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-08-31 12:52:11 +02:00
Michal Privoznik
90bf5f5cb2 tools: Introduce install-nss targets
We do have something similar for installing init system files.
Basically I'm trying to avoid the following warning produced by
automake:

tools/Makefile.am:429: warning: uninstall-local was already defined in condition TRUE, which includes condition WITH_BSD_NSS ...
tools/Makefile.am:292: ... 'uninstall-local' previously defined here

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-04-25 18:56:48 +02:00
Andrea Bolognani
6e742c7f18 build: Always ship virt-login-shell.conf
No need to special-case this one: we can add it to EXTRA_DIST so
that it will be shipped in any case, and if WITH_LOGIN_SHELL
happens to be enabled we mark it for installation as well.
2016-04-25 15:40:44 +02:00
Andrea Bolognani
49ba028aed build: Replace variables in man pages
We can't use eg. @sysconfdir@ directly in the .pod file, because
pod2man(1) will interpret that as a variable name and format it
accordingly.

Instead, we use eg. SYSCONFDIR and use a subsequent sed(1) call
to turn it into the expected @sysconfdir@.
2016-04-25 15:40:44 +02:00
Andrea Bolognani
f806febbdf build: Ensure intermediate files are cleaned up properly
All $(MANINFILES) should be deleted on distclean.
2016-04-25 15:40:44 +02:00
Andrea Bolognani
7351f7fe68 build: Group files
Define $(PODFILES) and $(MANINFILES) so that adding a new man
page only requires changes in a few, well defined spots.
2016-04-25 15:40:44 +02:00
Andrea Bolognani
378338ba28 build: Never ship man pages
The generated man pages may contain information that depend on
the build configuration, so they should not be shipped but
rather always built on the user's machine.
2016-04-25 15:40:44 +02:00
Andrea Bolognani
5b479f3b5b build: Standardize on .pod -> .x.in -> .x
After this commit, all man pages are generated using the same two
steps:

  1. Process a source $command.pod file with pod2man(1) to obtain
     a valid man page in $command.$section.in

  2. Process $command.$section.in with sed(1) to obtain the final
     man page in $command.$section
2016-04-25 15:40:44 +02:00
Andrea Bolognani
9b77ce63f1 build: Perform post-processing on all man pages
Man pages in daemon/ and src/ are being already subjected to this
post-processing step: make it so those in tools/ are as well.
2016-04-25 15:40:44 +02:00
Andrea Bolognani
90709d8d22 build: Build man pages in $(builddir)
No file should be created inside $(srcdir) during build.
2016-04-25 15:40:43 +02:00
Andrea Bolognani
94bf7e5d84 build: Extract pod from source files
Instead of embedding the pod information inside the respective
source files, store them in separate files.

This allows us to reduce the number of custom build rules as
most of the information can be inferred for the file name;
moreover, text editors are more likely to use proper syntax
highlighting for standalone pod files.
2016-04-25 15:40:43 +02:00
Andrea Bolognani
2d1269605c build: Ship virt-admin.pod
This is the source file for the virt-admin(1) manual page, so
it should be shipped.
2016-04-25 15:40:43 +02:00
Andrea Bolognani
d0062fb9b5 dist: ln(1) is not guaranteed to have a '-f' option
According to the autoconf manual, using '$(LN_S) -f' is not
portable; remove the target explicitly beforehand to work around
this limitation.

Adjust some slightly awkward indentation while at it.
2016-04-21 15:36:14 +02:00
Andrea Bolognani
ed5c929777 build: Use $(LN_S) safely
The autoconf documentation recommends to always use this
construct when creating symbolic links with $(LN_S) to avoid
unexpected behavior.
2016-04-21 10:02:36 +02:00
Andrea Bolognani
ce8379eedc build: Overwrite existing symbolic links
The current rule fails if the target already exists:

  cd /home/jenkins/build/libvirt/lib && \
    ln -s libnss_libvirt.so.1 nss_libvirt.so.1
  ln: nss_libvirt.so.1: File exists
  Makefile:3357: recipe for target 'install-exec-hook' failed

However, all other rules concerned with installation are
idempotent and will happily overwrite an existing target,
so this one should as well.
2016-04-21 10:02:36 +02:00
Michal Privoznik
2f3c89fbbb nss: Try harder to uninstall
On BSD we are creating this symlink to libnss_libvirt.so called
nss_libvirt.so. That's just the way it is on BSD. However, when
uninstalling, we try to remove libnss_libvirt.so instead of the
symlink. Moreover, if file we are trying to remove does not exist
we error out instead of ignoring the error.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-04-20 17:33:48 +02:00
Andrea Bolognani
edebc16607 configure: Make virt-host-validate optional
virt-host-validate, just like virt-login-shell, doesn't make sense
on Windows, so we should avoid building it.

Make the tool optional and build it by default on all platforms
except Windows, erroring out if the user attempts to build it
anyway.
2016-04-13 10:06:29 +02:00
Andrea Bolognani
0b431fa0e6 tools: Reorganize conditional bits
Instead of having separate handling for programs and man pages,
deal with both in the same place.
2016-04-13 10:06:29 +02:00
Roman Bogorodskiy
ec5b9331c4 nss: properly include syms files to dist
Explicitly add Linux and BSD syms files for nss to EXTRA_DIST
instead of using the LIBVIRT_NSS_SYMBOL_FILE variable, because its value
will point to either Linux or BSD syms file, but we need to ship both.
2016-04-09 08:27:50 +03:00
Roman Bogorodskiy
45408cd892 nss: FreeBSD support
* tools/nss/libvirt_nss.[ch]: add BSD-comptabile wrappers and
   register via the nss_module_register() interface
 * m4/virt-nss.m4: add checks if we're building NSS for FreeBSD
 * tools/Makefile.am: handle target library name differences, as
   Linux needs libnss_libvirt.so.2 and FreeBSD needs
   nss_libvirt.so.1. Also, different syms files have to be used
   as Linux needs to export all the methods while FreeBSD
   only needs to have nss_module_register()
 * tests/nsstest.c, tests/nssmock.c: s/__linux__/NSS/
 * tests/nssmock.c: pass int instead of mode_t to va_arg() to please
   gcc 4.8
 * libvirt_nss_bsd.syms: FreeBSD syms file
2016-03-30 10:21:44 +03:00
Roman Bogorodskiy
ae33a7b336 nss: don't try to build nss plugin when disabled
Even if nss is disabled, the build system tries to build some
targets like libnss_libvirt_impl.la and nsstest. Hide those
under the "if WITH_NSS" block like the rest of NSS plugin bits.
2016-03-20 18:44:35 +03:00
Michal Privoznik
7dbcb26f7f nss: Implement _nss_libvirt_gethostbyname3_r
The implementation is pretty straightforward. Moreover, because
of the nature of things, gethostbyname_r and gethostbyname2_r can
be implemented at the same time too.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-03-18 17:29:53 +01:00
Michal Privoznik
859cb18d54 Initial support for NSS plugin skeleton
Name Service Switch is a glibc feature responsible for many
things. Translating domain names into IP addresses and vice versa
is just one of them. However, currently it's the only
functionality that this commit is tickling. Well, in this commit
the plugin skeleton is introduced. Implementation to come in next
patches.
Because of the future testing, where the implementation is to be
linked with a test, this needs to go into static library. Linking
a program with an .so statically is not portable. Therefore a
dummy libnss_libvirt_impl library is being introduced too.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-03-18 17:29:53 +01:00
Michal Privoznik
f99f79e380 wireshark: Drop DESTDIR from install path
In 50078cfbcb I've tried to fix distcheck but accidentally
broke rpm build. The problem is that rpm build not only sets
DESTDIR but also passes plugindir path. This results in double
DESTDIR being in the plugin path, Drop one.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-01-14 08:05:28 +01:00
Cole Robinson
e20dd2a4fd build: fix distdir with wireshark disabled
Even though the Makefile has WITH_WIRESHARK guards, the _SOURCES
variables are still processed when adding bits to the dist archive.

plugin.c is a generated file that is only built when wireshark is
enabled and it shouldn't be distributed, so use 'nodist'
2016-01-13 09:41:35 -05:00
Michal Privoznik
50078cfbcb wireshark: Install into DESTDIR
Like everything we install, it should be prefixed with DESTDIR.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-01-12 18:51:38 +01:00
Cole Robinson
3445acdbaa build: Kill tools/wireshark Makefiles
Just handle it all in tools/Makefile.am. I verified the generated output
looks similar to the pre patch output, but I didn't test it.
2016-01-12 11:30:08 -05:00
Michal Privoznik
0059848e9e tools: Include PIE_LDFLAGS at the correct place
This is no functional change, but I find it disturbing that
something_LDADD contains PIE_LDFLAGS while something_LDFLAGS
doesn't.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-12-24 18:03:50 +01:00
Cédric Bosdonnat
bec787ee9d Allow building lxc without virt-login-shell
Add a configure option to disable virt-login-shell build even if lxc is
enabled.
2015-12-17 15:49:06 +01:00
Erik Skultety
163a781e63 virt-admin: Provide a man page for virt-admin 2015-11-30 09:44:28 +01:00
Erik Skultety
6409578790 virt-admin: Introduce first working skeleton
This patch introduces virt-admin client which is based on virsh client,
but had to reimplement several methods to meet virt-admin specific needs
or remove unnecessary virsh specific logic.
2015-11-30 09:44:28 +01:00
Michal Privoznik
1fb8ac4c79 tools: Link libvirt.la and readline to libvirt_shell.a
So, our mingw build is broken. It's because while libvirt_shell
library is using some of our internal APIs, e.g. virStrndup, and
readline API but it's not being linked with nor libvirt.la nor
libreadline.  Only subsequent users of the library, like virsh,
do link to the needed libraries. In fact, I'm surprised Linux
linker doesn't care, because how can it make a static library
with missing symbols is mystery to me.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-09-25 14:33:06 +02:00
Erik Skultety
2d9fcb3102 vsh: create a noinstall libvirt_shell library
Instead of referencing vsh sources in all relevant client targets,
create a library that the client can link against.
2015-09-24 16:58:28 +02:00
Erik Skultety
834c5720e4 tools: Introduce new client generic module vsh
In order to share as much virsh' logic as possible with upcomming
virt-admin client we need to split virsh logic into virsh specific and
client generic features.

Since majority of virsh methods should be generic enough to be used by
other clients, it's much easier to rename virsh specific data to virshX
than doing this vice versa. It moved generic virsh commands (including info
and opts structures) to generic module vsh.c.

Besides renaming methods and structures, this patch also involves introduction
of a client specific control structure being referenced as private data in the
original control structure, introduction of a new global vsh Initializer,
which currently doesn't do much, but there is a potential for added
functionality in the future.
Lastly it introduced client hooks which are especially necessary during
client connecting phase.
2015-08-14 15:45:44 +02:00
Eric Blake
8a20e227f6 conf: move storage source type to util/
With this patch, all information related to a host resource in
a storage file backing chain now lives in util/virstoragefile.h.
The next step will be to consolidate various places that have
been tracking backing chain details to all use a common struct.

The changes to tools/Makefile.am were made necessary by the
fact that virstorageencryption includes uses of libxml, and is
now pulled in by inclusion from virstoragefile.h.  No
additional libraries are linked into the final image, and in
comparison, the build of the setuid library in src/Makefile.am
already was using LIBXML_CFLAGS via AM_CFLAGS.

* src/conf/domain_conf.h (virDomainDiskSourceDef): Move...
* src/util/virstoragefile.h (virStorageSource): ...and rename.
* src/conf/domain_conf.c (virDomainDiskSourceDefClear)
(virDomainDiskAuthClear): Adjust clients.
* tools/Makefile.am (virt_login_shell_CFLAGS)
(virt_host_validate_CFLAGS): Add libxml headers.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-04-01 10:38:14 -06:00
Laine Stump
00e9d6071b build: add $(prefix) to SYSTEMD_UNIT_DIR
I noticed this problem when adding systemd support to netcf, because I
setup the configure.ac to automatically prefer using systemd over
initscripts when possible - although I had copied the
install-data-local target from the example of libvirt's
"libvirt-guests" service more or less verbatim, "make distcheck" would
fail because it was trying to install the service file directly into
/lib/systemd/system rather than into
/home/user/some/unimportant/name/lib/systemd/system.

This is caused by the install/uninstall rules for the systemd unit
files relying on $(DESTDIR) pointing the installed files to the right
place, but in reality $(DESTDIR) is empty during this part of make
distcheck - it instead sets $(prefix) with the toplevel directory used
for its test build/install/uninstall cycle.

(This problem hasn't been seen when running "make distcheck" in
libvirt because libvirt will never build/install systemd support
unless explicitly told to do so on the configure commandline, and
"make distcheck" doesn't put the "--with-initscript=..." option on the
configure commandline.)

I verified that the same problem does exist in libvirt by modifying
libvirt's configure.ac to set:

  init_systemd=yes
  with_init_script=systemd+redhat

This forces a build/install of the systemd unit files during
distcheck, which yields an error like this:

/usr/bin/install -c -m 644 virtlockd.service \
  /lib/systemd/system/
libtool: install: warning: relinking `libvirt-qemu.la'
/usr/bin/install: cannot remove '/lib/systemd/system/virtlockd.service': Permission denied
make[4]: *** [install-systemd] Error 1

After adding $(prefix) to all the definitions of SYSTEMD_UNIT_DIR,
make distcheck now completes successfully with the modified
configure.ac, and the above lines change to something like this:

/usr/bin/install -c -m 644 virtlockd.service \
  /home/laine/devel/libvirt/libvirt-1.2.1/_inst/lib/systemd/system/
2014-01-21 13:19:46 +02:00
Daniel P. Berrange
3e2f27e13b Don't link virt-login-shell against libvirt.so (CVE-2013-4400)
The libvirt.so library has far too many library deps to allow
linking against it from setuid programs. Those libraries can
do stuff in __attribute__((constructor) functions which is
not setuid safe.

The virt-login-shell needs to link directly against individual
files that it uses, with all library deps turned off except
for libxml2 and libselinux.

Create a libvirt-setuid-rpc-client.la library which is linked
to by virt-login-shell. A config-post.h file allows this library
to disable all external deps except libselinux and libxml2.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-10-21 14:03:52 +01:00
Eric Blake
8771b947db build: fix build --without-lxc
'make distcheck' fails from a directory configured --without-lxc:

  GEN      virt-login-shell.1
Can't write-open ../../tools/virt-login-shell.1: Permission denied at /usr/bin/pod2man line 69.

* tools/Makefile.am (EXTRA_DIST): Ship pre-built man page.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-09-27 21:28:01 -06:00
Eric Blake
ec81852f46 build: enforce makefile conditional style
Automake has builtin support to prevent botched conditional nesting,
but only if you use:
if FOO
else !FOO
endif !FOO

An example error message when using the wrong name:

daemon/Makefile.am:378: error: else reminder (LIBVIRT_INIT_SCRIPT_SYSTEMD_TRUE) incompatible with current conditional: LIBVIRT_INIT_SCRIPT_SYSTEMD_FALSE
daemon/Makefile.am:381: error: endif reminder (LIBVIRT_INIT_SCRIPT_SYSTEMD_TRUE) incompatible with current conditional: LIBVIRT_INIT_SCRIPT_SYSTEMD_FALSE

As our makefiles tend to have quite a bit of nested conditionals,
it's better to take advantage of the benefits of the build system
double-checking that our conditionals are well-nested, but that
requires a syntax check to enforce our usage style.

Alas, unlike C preprocessor and spec files, we can't use indentation
to make it easier to see how deeply nesting goes.

* cfg.mk (sc_makefile_conditionals): New rule.
* daemon/Makefile.am: Enforce the style.
* gnulib/tests/Makefile.am: Likewise.
* python/Makefile.am: Likewise.
* src/Makefile.am: Likewise.
* tests/Makefile.am: Likewise.
* tools/Makefile.am: Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-09-04 09:40:20 -06:00
Peter Krempa
40f1d18fea tools: rename console.[ch] to virsh-console.[ch] and fix coding style 2013-09-03 14:06:11 +02:00
Eric Blake
b9189c808b build: only create virt-login-shell for lxc builds
I noticed from an ./autobuild.sh run that we were installing a
virt-login-shell.exe binary when cross-building for mingw,
even though such a binary is necessarily worthless since the
code depends on lxc which is a Linux-only concept.

* tools/Makefile.am (conf_DATA, bin_PROGRAMS, dist_man1_MANS):
Make virt-login-shell installation conditional.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-08-30 14:00:56 -06:00
Guido Günther
3e2799add2 Check for --no-copy-dt-needed linker flag
and use it when available
2013-08-22 16:17:36 +02:00
Guido Günther
d9527b6d56 Simplify RELRO_LDFLAGS
by adding it to AM_LDFLAGS instead of every linking rule and
by avoiding a forked grep.
2013-08-22 16:17:35 +02:00
Eric Blake
53924ad5d5 virt-pki-validate: add --help/--version option
Another program gains --help/--version :)

* tools/virt-pki-validate.in: Add option parsing.  Update
documentation to match.
* tools/Makefile.am (virt-pki-validate): Substitute version.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-08-19 20:25:53 -06:00
Eric Blake
b2ea248ef7 virt-xml-validate: add --help/--version option
All good tools should have --help and --version output :)

Furthermore, we want to ensure a failed exit if xmllint fails,
or even for 'virt-xml-validate > /dev/full'.

* tools/virt-xml-validate.in: Add option parsing.  Output errors
to stderr.  Update documentation to match.
* tools/Makefile.am (virt-xml-validate): Substitute version.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-08-19 20:23:39 -06:00