Currently, we support only filling a volume with zeroes on wiping.
However, it is not enough as data might still be readable by
experienced and equipped attacker. Many technical papers have been
written, therefore we should support other wiping algorithms.
Extend the 'shutdown' and 'reboot' methods so that they both
accept a new argument
--mode acpi|agent
* tools/virsh.c: New args for shutdown/reboot
* tools/virsh.pod: Document new args
Other virsh domifXXX commands can accept target name
as a parameter to specify interface. From viewpoint of
consistency, virsh domif-getlink command should accept
target name as a parameter. This patch achieves this.
Signed-off-by: Taku Izumi <izumi.taku@jp.fujitsu.com>
Although this is a public API break, it only affects users that
were compiling against *_LAST values, and can be trivially
worked around without impacting compilation against older
headers, by the user defining VIR_ENUM_SENTINELS before using
libvirt.h. It is not an ABI break, since enum values do not
appear as .so entry points. Meanwhile, it prevents users from
using non-stable enum values without explicitly acknowledging
the risk of doing so.
See this list discussion:
https://www.redhat.com/archives/libvir-list/2012-January/msg00804.html
* include/libvirt/libvirt.h.in: Hide all sentinels behind
LIBVIRT_ENUM_SENTINELS, and add missing sentinels.
* src/internal.h (VIR_DEPRECATED): Allow inclusion after
libvirt.h.
(LIBVIRT_ENUM_SENTINELS): Expose sentinels internally.
* daemon/libvirtd.h: Use the sentinels.
* src/remote/remote_protocol.x (includes): Don't expose sentinels.
* python/generator.py (enum): Likewise.
* tests/cputest.c (cpuTestCompResStr): Silence compiler warning.
* tools/virsh.c (vshDomainStateReasonToString)
(vshDomainControlStateToString): Likewise.
Preparation for another patch that refactors common patterns
into the new file for fewer lines of code overall.
* src/util/util.h (virTypedParameterArrayClear): Move...
* src/util/virtypedparam.h: ...to new file.
(virTypedParameterArrayValidate, virTypedParameterAssign): New
prototypes.
* src/util/util.c (virTypedParameterArrayClear): Likewise.
* src/util/virtypedparam.c: New file.
* po/POTFILES.in: Mark file for translation.
* src/Makefile.am (UTIL_SOURCES): Build it.
* src/libvirt_private.syms (util.h): Split...
(virtypedparam.h): to new section.
(virkeycode.h): Sort.
* daemon/remote.c: Adjust callers.
* tools/virsh.c: Likewise.
When using "virsh domifstat" command or "virsh domiftune" command,
we pass an interface name as a parameter, so interface name is
important.
"virsh domiflist" output should display interface names
on the first row.
Signed-off-by: Taku Izumi <izumi.taku@jp.fujitsu.com>
Disk "type" and "device" are generally interesting stuff the
user may want to known, too. To not break any scripts which
parsed the output field, a new option "--details" is introduced
to output the two introduced fields.
Domain IDs are at least 16 bits for most hypervisors, theoretically
event 32-bits. 3 characters is clearly too small an alignment.
Increase alignment to 5 characters to allow 16-bit domain IDs to
display cleanly. Commonly seen with LXC where domain IDs are the
process IDs by default. Also increase the 'name' field from 20
to 30 characters to cope with longer guest names which are quite
common
Just like command "domblklist", the command extracts "type",
"source", "target", "model", and "MAC" of all virtual interfaces
from domain XML (live or persistent).
When running virsh migrate with --xml option and actual xml file doesn't
exist, virsh hasn't output any error information, although return value
is 1.
* tools/virsh.c: Raising a appropriate error information when operation fails.
* How to reproduce?
% virsh migrate <domain> --live qemu+ssh://<target host>/system --xml non-existent.xml
% echo $?
* Fixed result:
error: file 'non-existent.xml' doesn't exist
Signed-off-by: Alex Jia <ajia@redhat.com>
When disk snapshots were first implemented, libvirt blindly refused
to allow an external snapshot destination that already exists, since
qemu will blindly overwrite the contents of that file during the
snapshot_blkdev monitor command, and we don't like a default of
data loss by default. But VDSM has a scenario where NFS permissions
are intentionally set so that the destination file can only be
created by the management machine, and not the machine where the
guest is running, so that libvirt will necessarily see the destination
file already existing; adding a flag will allow VDSM to force the file
reuse without libvirt complaining of possible data loss.
https://bugzilla.redhat.com/show_bug.cgi?id=767104
* include/libvirt/libvirt.h.in (virDomainSnapshotCreateFlags): Add
VIR_DOMAIN_SNAPSHOT_CREATE_REUSE_EXT.
* src/libvirt.c (virDomainSnapshotCreateXML): Document it. Add
note about partial failure.
* tools/virsh.c (cmdSnapshotCreate, cmdSnapshotCreateAs): Add new
flag.
* tools/virsh.pod (snapshot-create, snapshot-create-as): Document
it.
* src/qemu/qemu_driver.c (qemuDomainSnapshotDiskPrepare)
(qemuDomainSnapshotCreateXML): Implement the new flag.
virshReportError() function frees the most recent error reported from
libvirt. Condition that checks if connection to the daemon was broken
during last command was then limited to check for SIGPIPE signal not
taking into account possible errors signalized without SIGPIPE.
This patch moves the check before the error is freed, to take into
account code that does not emit SIGPIPE while failing.
* tools/virsh.c: - move check for broken connection before error print.
Add a new command domiftune to get/set interface parameters.
* tools/virsh.c: implement the new command
* tools/virsh.pod: documentation of the new command
Trivial patch, move version command to host commands group.
It has no any related with any domain.
It may connect to the daemon, so the flag is 0 but not VSH_CMD_FLAG_NOCONNECT.
Virsh's echo command looks not having any relations with domains and its
description should go into the generic commands section instead of the
domain commands section (current).
Virsh's send-key command manipulates domains and its description should
go into the domain commands section instead of generic commands section
(current).
called vshWatchJob. This can be later used in other
job oriented commands like dump, save, managedsave
to report progress and allow user to cancel via ^C.
Detected by valgrind. Leaks introduced in commit 4d5383f.
* tools/virsh.c: fix memory leaks on cmdDomXMLFromNative and cmdDomXMLToNative.
* how to reproduce?
% virsh dumpxml ${guest} > foo.xml
% valgrind -v --leak-check=full virsh domxml-from-native qemu-argv foo.xml
% valgrind -v --leak-check=full virsh domxml-to-native qemu-argv foo.xml
* actual valgrind results:
==9724== 8,193 bytes in 1 blocks are definitely lost in loss record 31 of 33
==9724== at 0x4A05FDE: malloc (vg_replace_malloc.c:236)
==9724== by 0x4A06167: realloc (vg_replace_malloc.c:525)
==9724== by 0x4C7510B: virReallocN (memory.c:161)
==9724== by 0x4C84679: virFileReadLimFD (util.c:394)
==9724== by 0x4C84815: virFileReadAll (util.c:455)
==9724== by 0x41A89F: cmdDomXMLFromNative (virsh.c:5532)
==9724== by 0x414872: vshCommandRun (virsh.c:16464)
==9724== by 0x425623: main (virsh.c:17971)
==9724==
==9724== LEAK SUMMARY:
==9724== definitely lost: 8,193 bytes in 1 blocks
==9724== indirectly lost: 0 bytes in 0 blocks
==9724== possibly lost: 0 bytes in 0 blocks
==9724== still reachable: 127,128 bytes in 1,347 blocks
==7409== 8,193 bytes in 1 blocks are definitely lost in loss record 31 of 33
==7409== at 0x4A05FDE: malloc (vg_replace_malloc.c:236)
==7409== by 0x4A06167: realloc (vg_replace_malloc.c:525)
==7409== by 0x4C7510B: virReallocN (memory.c:161)
==7409== by 0x4C84679: virFileReadLimFD (util.c:394)
==7409== by 0x4C84815: virFileReadAll (util.c:455)
==7409== by 0x41A7AF: cmdDomXMLToNative (virsh.c:5578)
==7409== by 0x414892: vshCommandRun (virsh.c:16463)
==7409== by 0x425633: main (virsh.c:17970)
==7409==
==7409== LEAK SUMMARY:
==7409== definitely lost: 8,193 bytes in 1 blocks
==7409== indirectly lost: 0 bytes in 0 blocks
==7409== possibly lost: 0 bytes in 0 blocks
==7409== still reachable: 127,128 bytes in 1,347 blocks
Signed-off-by: Alex Jia <ajia@redhat.com>
Using 'virReallocN' to allocate memory on virConsoleEventOnStdin,
virConsoleEventOnStdout and virConsoleEventOnStream, however, the
cleanup function virConsoleShutdown hasn't released these memory.
* tools/console.c: fix memory leaks on virConsoleShutdown.
https://bugzilla.redhat.com/show_bug.cgi?id=767488
Signed-off-by: Alex Jia <ajia@redhat.com>
No need to repeat code for formatting typed parameters.
* tools/virsh.c (vshGetTypedParamValue): Support strings, and exit
on OOM.
(cmdSchedinfo, cmdBlkiotune, cmdMemtune, cmdBlkdeviotune): Use
it for less code.
Add an option for virsh undefine command, to remove associated storage
volumes while undefining a domain. This patch allows the user to remove
associated (libvirt managed ) storage volumes while undefining a domain.
The new option --storage for the undefine command takes a string
argument that consists of comma separated list of target or source path
of volumes to be undefined. Volumes are removed after the domain has
been successfully undefined,
If a volume is not part of a storage pool, the user is warned to remove
the volume in question himself.
Option --wipe-storage may be specified along with this, that ensures
the image is wiped before removing.
Option --remove-all-storage enables the user to remove all storage. The
name is chosen long as the users should be aware what they're about to
do.
I was wondering why 'virsh edit' didn't support the same
'--inactive' option as 'virsh dumpxml'; reading the source
code showed that --inactive was already implied, and that
the only way to alter a running guest rather than affecting
next boot is by hot-plugging individual devices, or by
something complex like saving the guest and modifying the
save image.
* tools/virsh.pod (define, edit): Mention behavior when guest is
already running.
If parsing of arguments failed, virsh did silently exit returning and
error state, but not specifying the possible problem.
* tools/virsh: cmdNodesuspend: - error handling added
Commit 4d9e51f6 fixed a 'make uninstall' failure, but failed
to follow other conventions already present in src/Makefile.am.
In particular, we prefer MKDIR_P over mkdir -p, and should
have a matching rmdir during uninstall for every directory
created during install (the idea being that uninstall in a
DESTDIR should be clean, while installation in the final
system should not fail with non-empty directories left behind).
* tools/Makefile.am (install-sysconfig, install-initscript)
(install-systemd): Use MKDIR_P.
(uninstall-sysconfig, uninstall-initscript, uninstall-systemd):
Also remove directories.
* daemon/Makefile.am (install-data-local, install-data-polkit)
(install-logrotate, install-sysconfig, install-sysctl)
(install-init-redhat, install-init-upstart, install-init-systemd)
(install-data-sasl): Use MKDIR_P.
(uninstall-data-polkit, uninstall-sysconfig, uninstall-sysctl)
(uninstall-init-redhat, uninstall-init-upstart)
(uninstall-init-systemd): Also remove directory.
(uninstall-logrotate): New rule.
(uninstall-local): Add uninstall-logrotate.
Detected by valgrind. Leak introduced in commit 88a993b:
* tools/virsh.c: fix memory leak on cmdDomblklist.
* how to reproduce?
% valgrind -v --leak-check=full virsh domblklist <domain name>
* actual valgrind result:
==6573== 1,836 bytes in 1 blocks are definitely lost in loss record 110 of 124
==6573== at 0x4A05FDE: malloc (vg_replace_malloc.c:236)
==6573== by 0x330D71497D: xdr_string (in /lib64/libc-2.12.so)
==6573== by 0x4D26CED: xdr_remote_nonnull_string (remote_protocol.c:30)
==6573== by 0x4D28138: xdr_remote_domain_get_xml_desc_ret (remote_protocol.c:1418)
==6573== by 0x4D3C0C2: virNetMessageDecodePayload (virnetmessage.c:382)
==6573== by 0x4D3279F: virNetClientProgramCall (virnetclientprogram.c:382)
==6573== by 0x4D0D50B: callWithFD (remote_driver.c:4339)
==6573== by 0x4D0D5AB: call (remote_driver.c:4360)
==6573== by 0x4D16EAF: remoteDomainGetXMLDesc (remote_client_bodies.h:861)
==6573== by 0x4CF9F4F: virDomainGetXMLDesc (libvirt.c:4098)
==6573== by 0x4154D9: cmdDomblklist (virsh.c:1722)
==6573== by 0x4149E2: vshCommandRun (virsh.c:16365)
==6573==
==6573== 46,009 (352 direct, 45,657 indirect) bytes in 1 blocks are definitely lost in loss record 123 of 124
==6573== at 0x4A05FDE: malloc (vg_replace_malloc.c:236)
==6573== by 0x3318286DC6: xmlXPathNewContext (in /usr/lib64/libxml2.so.2.7.6)
==6573== by 0x4C79AE2: virXMLParseHelper (xml.c:779)
==6573== by 0x415512: cmdDomblklist (virsh.c:1726)
==6573== by 0x4149E2: vshCommandRun (virsh.c:16365)
==6573== by 0x427743: main (virsh.c:17867)
==6573==
==6573== LEAK SUMMARY:
==6573== definitely lost: 2,188 bytes in 2 blocks
==6573== indirectly lost: 45,657 bytes in 332 blocks
==6573== possibly lost: 0 bytes in 0 blocks
==6573== still reachable: 128,034 bytes in 1,364 blocks
==6573== suppressed: 0 bytes in 0 blocks
Signed-off-by: Alex Jia <ajia@redhat.com>
Reported by Alex Jia <ajia@redhat.com>. Function cmdDomIfGetLink did not
set a success return value on success path.
Signed-off-by: Alex Jia<ajia@redhat.com>
Detected by valgrind. Leak introduced in commit dc675f3:
* tools/virsh.c: fix memory leak on cmdDomIfGetLink.
* how to reproduce?
% valgrind -v --leak-check=full virsh domif-getlink <domain name> 0
* actual valgrind result:
==13102== 18 bytes in 1 blocks are definitely lost in loss record 9 of 47
==13102== at 0x4A05FDE: malloc (vg_replace_malloc.c:236)
==13102== by 0x322A6A67DD: xmlStrndup (in /usr/lib64/libxml2.so.2.7.6)
==13102== by 0x414892: cmdDomIfGetLink (virsh.c:1538)
==13102== by 0x4136A2: vshCommandRun (virsh.c:16363)
==13102== by 0x4253FB: main (virsh.c:17865)
==13102==
==13102== LEAK SUMMARY:
==13102== definitely lost: 18 bytes in 1 blocks
==13102== indirectly lost: 0 bytes in 0 blocks
==13102== possibly lost: 0 bytes in 0 blocks
==13102== still reachable: 127,888 bytes in 1,361 blocks
==13102== suppressed: 0 bytes in 0 blocks
Signed-off-by: Alex Jia <ajia@redhat.com>
Detected by valgrind. Leak introduced in commit e9bd9a0:
* tools/virsh.c: fix memory leak on cmdBlkdeviotune.
* how to reproduce?
% valgrind -v --leak-check=full virsh blkdeviotune <domain name> <block device>
* actual valgrind result:
==12759== 576 bytes in 1 blocks are definitely lost in loss record 18 of 29
==12759== at 0x4A04A28: calloc (vg_replace_malloc.c:467)
==12759== by 0x42134E: _vshCalloc.clone.2 (virsh.c:422)
==12759== by 0x4217CB: cmdBlkdeviotune (virsh.c:6364)
==12759== by 0x4136A2: vshCommandRun (virsh.c:16363)
==12759== by 0x4253FB: main (virsh.c:17865)
==12759==
==12759== LEAK SUMMARY:
==12759== definitely lost: 576 bytes in 1 blocks
==12759== indirectly lost: 0 bytes in 0 blocks
==12759== possibly lost: 0 bytes in 0 blocks
==12759== still reachable: 126,964 bytes in 1,342 blocks
==12759== suppressed: 0 bytes in 0 blocks
Signed-off-by: Alex Jia <ajia@redhat.com>
The installation rules for the libvirt-guests.service were
totally broken
- Installing in the wrong location
- The location was not overridable
- The install-systemd rule was not invoked anywhere
- The install-systemd rule was not invoking install-initscript
which it depends on
- The installed service file lacked a .service extension
* tools/Makefile.am: Fix install of libvirt-guests.service
On RHEL 5, with libxml2-2.6.26, the build failed with:
virsh.c: In function 'vshNodeIsSuperset':
virsh.c:11951: warning: implicit declaration of function 'xmlChildElementCount'
(or if warnings aren't errors, a link failure later on).
* src/util/xml.h (virXMLChildElementCount): New prototype.
* src/util/xml.c (virXMLChildElementCount): New function.
* src/libvirt_private.syms (xml.h): Export it.
* tools/virsh.c (vshNodeIsSuperset): Use it.
https://bugzilla.redhat.com/show_bug.cgi?id=648855 mentioned a
misuse of 'an' where 'a' is proper; that has since been fixed,
but a search found other problems (some were a spelling error for
'and', while most were fixed by 'a').
* daemon/stream.c: Fix grammar.
* src/conf/domain_conf.c: Likewise.
* src/conf/domain_event.c: Likewise.
* src/esx/esx_driver.c: Likewise.
* src/esx/esx_vi.c: Likewise.
* src/rpc/virnetclient.c: Likewise.
* src/rpc/virnetserverprogram.c: Likewise.
* src/storage/storage_backend_fs.c: Likewise.
* src/util/conf.c: Likewise.
* src/util/dnsmasq.c: Likewise.
* src/util/iptables.c: Likewise.
* src/xen/xen_hypervisor.c: Likewise.
* src/xen/xend_internal.c: Likewise.
* src/xen/xs_internal.c: Likewise.
* tools/virsh.c: Likewise.
Currently virsh supports only ^] as escape character for console.
However, some users might want to use something else. This patch
creates such ability by specifying '-e' switch on virsh command
line.
Not only was ctl->quit accessed without a mutex but unfortunately,
virEventAddTimeout only interrupts the poll when event loop is running
so the hack needs to add a timeout that will make next poll return
immediately without blocking.
Prior to this patch, for a running dom, the commands:
$ virsh blkiotune dom --device-weights /dev/sda,502,/dev/sdb,498
$ virsh blkiotune dom --device-weights /dev/sda,503
$ virsh blkiotune dom
weight : 500
device_weight : /dev/sda,503
claim that /dev/sdb no longer has a non-default weight, but
directly querying cgroups says otherwise:
$ cat /cgroup/blkio/libvirt/qemu/dom/blkio.weight_device
8:0 503
8:16 498
After this patch, an explicit 0 is required to remove a device path
from the XML, and omitting a device path that was previously
specified leaves that device path untouched in the XML, to match
cgroups behavior.
* src/qemu/qemu_driver.c (parseBlkioWeightDeviceStr): Rename...
(qemuDomainParseDeviceWeightStr): ...and use correct type.
(qemuDomainSetBlkioParameters): After parsing string, modify
rather than replacing existing table.
* tools/virsh.pod (blkiotune): Tweak wording.
Support virsh command blkdeviotune. Can set or query a block disk
I/O throttle setting.
Signed-off-by: Lei Li <lilei@linux.vnet.ibm.com>
Signed-off-by: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
This adds per-device weights to <blkiotune>. Note that the
cgroups implementation only supports weights per block device,
and not per-file within the device; hence this option must be
global to the domain definition rather than tied to individual
<devices>/<disk> entries:
<domain ...>
<blkiotune>
<device>
<path>/path/to/block</path>
<weight>1000</weight>
</device>
</blkiotune>
..
This patch also adds a parameter --device-weights to virsh command
blkiotune for setting/getting blkiotune.weight_device for any
hypervisor that supports it. All <device> entries under
<blkiotune> are concatenated into a single string attribute under
virDomain{Get,Set}BlkioParameters, named "device_weight".
Signed-off-by: Hu Tao <hutao@cn.fujitsu.com>
Signed-off-by: Eric Blake <eblake@redhat.com>