https://bugzilla.redhat.com/show_bug.cgi?id=872166
When the login session doesn't have an ssh -X type display agent in
order for libvirtd to run the polkit session authentication, attempts
to run 'virsh -c qemu:///system list' from an unauthorized user (or one
that isn't part of the libvirt /etc/group) will fail with the following
error from libvirtd:
error: authentication unavailable: no polkit agent available to
authenticate action 'org.libvirt.unix.manage'
In order to handle the local authentication, we will use the new
virPolkitAgentCreate API in order to create a text based authentication
agent for our non readonly session to authenticate with.
The new code will execute in a loop allowing 5 failures to authenticate
before failing out.
With this patch in place, the following occurs:
$ virsh -c qemu:///system list
==== AUTHENTICATING FOR org.libvirt.unix.manage ===
System policy prevents management of local virtualized systems
Authenticating as: Some User (SUser)
Password:
==== AUTHENTICATION COMPLETE ===
Id Name State
----------------------------------------------------
1 somedomain running
$
Since we have the macro there's no need for us to unwind it by
hand and check for mutually exclusive flags ourselves.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
We have macros that check and reject mutually exclusive
parameters to our commands. Use those instead of if-else tree.
At the same time, the variable @current becomes useless therefore
it is dropped.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Rather than setting flags to -1 if none were specified, move the logic
to use the old API to the place where we need to decide. It simplifies
the logic a bit.
Since the code is changing the source image path by modifying the
existing XML snippet the <backingStore> stays in place.
As <backingStore> is relevant to the <source> part of the image, the
update of that part makes the element invalid.
CD/floppy images usually don't have a backing chain and the element is
currently ignored though but it might start being used in the future so
let's start behaving correctly.
Drop the <backingStore> subtree once we want to update the XML.
Before this patch, you'd get:
$ virsh change-media --eject --print-xml 10 hdc
<disk type="file" device="cdrom">
<driver name="qemu" type="qcow2"/>
<backingStore type="file" index="1">
<format type="qcow2"/>
<source file="/var/lib/libvirt/images/vm.1436949097"/>
<backingStore/>
</backingStore>
<target dev="hdc" bus="ide"/>
...
</disk>
After:
$ virsh change-media --eject --print-xml 10 hdc
<disk type="file" device="cdrom">
<driver name="qemu" type="qcow2"/>
<target dev="hdc" bus="ide"/>
...
</disk>
Since we introduced listing API earlier in these series, it's time
to wire up the API to the virt-admin client.
Signed-off-by: Erik Skultety <eskultet@redhat.com>
The macro would eat the first parameter. In some cases the format string
for vshPrint was eaten. In other cases the calls referenced variables
which did not exist in the given context. Avoid errors by doing compile
time checking.
When we hit OOM it doesn't really make sense to format the error message
by attempting to allocate it. Introduce a simple helper that prints a
static message and terminates the execution.
We have the same argument to many other commands that produce an
XML based on what user typed. But unfortunately vol-create-as
was missing it. Maybe nobody had needed it yet. Well, I did
just now.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
The way we usually write functions is that we start the work and
if something goes bad we goto cleanup and roll back there. Or
just free resources that are no longer needed. Do the same here.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
After a block job hits 100%, we only need to apply a timeout waiting for
a block job event if exactly one of the BLOCK_JOB or BLOCK_JOB_2
callbacks were able to be registered.
If neither callback could be registered, there's clearly no need for a
timeout.
If both callbacks were registered, then we're guaranteed to eventually
get one of the events. The path being used by virsh must be exactly the
source path or target device in the domain's disk definition, and these
are the respective strings sent back in these two events.
Signed-off-by: Michael Chapman <mike@very.puzzling.org>
When waiting for a block job, the various statuses (COMPLETED, READY,
CANCELED, etc.) should all be treated consistently by having the loop be
exited with "break". Use "goto cleanup" for the error cases only, when
no block job status is available.
Signed-off-by: Michael Chapman <mike@very.puzzling.org>
There is no need to call virshPrintJobProgress() unless the block job's
cur or end cursors have changed since the last iteration.
Signed-off-by: Michael Chapman <mike@very.puzzling.org>
This new algorithm adds support for wiping volumes using TRIM.
It does not overwrite all the data in a volume, but it tells the
backing storage pool/driver that all bytes in a volume can be
discarded.
It depends on the backing storage pool how this is handled.
A SCSI backend might send UNMAP commands to remove all data present
on a LUN.
A Ceph backend might use rbd_discard() to instruct the Ceph cluster
that all data on that RBD volume can be discarded.
Signed-off-by: Wido den Hollander <wido@widodh.nl>
After commit 57177f1, the cpu-stats command format change to:
CPU0:
cpu_time 14401.507878990 seconds
vcpu_time 14378732785511
vcpu_time is not user friendly. After this patch, it will
change back:
CPU0:
cpu_time 14401.507878990 seconds
vcpu_time 14378.732785511 seconds
https://bugzilla.redhat.com/show_bug.cgi?id=1301807
Signed-off-by: Luyao Huang <lhuang@redhat.com>
virDomainGetCPUStats doesn't support flags so there's no need to carry
the 'flags' variable around. Additionally since the API is poorly
designed I doubt that it will be extended.
From the code it seems to me that we need user namespace if
configured in domain XML. Otherwise we don't use it at all.
However our tool is more strict about that. Fix this discrepancy.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Since the introduction of virt-host-validate tool the set of
cgroup controllers we use has changed so the tool is checking for
some cgroups that we don't need (e.g. net_cls, although I doubt
we have ever used that one) and is not checking for those we
actually use (e.g. cpuset).
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
https://bugzilla.redhat.com/show_bug.cgi?id=1250331
It all works like this. The change-media command dumps domain
XML, finds the corresponding cdrom device we want to change media
in and returns it in the xmlNodePtr form. This way we don't have
to bother with keeping all the subelements or attributes that we
don't care about in the XML that is fed back to libvirt for the
update API.
Now, the problem is we try to be clever here and detect if disk
already has a source (indicated by <source/> subelement).
However, bare fact that the element is there does not mean disk
has source. Make our clever check better.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
The VIR_DOMAIN_EVENT_ID_MIGRATION_ITERATION event will be triggered
whenever VIR_DOMAIN_JOB_MEMORY_ITERATION changes its value, i.e.,
whenever a new iteration over guest memory pages is started during
migration.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
We are getting the list of domains and after that we iterate over
the list and try to get status for each domain hoping it will
skip over domains that disappeared meanwhile. However, this
solution to race is bogus - domain may disappear right after we
have checked its state and before we exec another API over it
(e.g. virDomainHasManagedSaveImage()). Also, when printing just
names or uuids (list --name / --uuid) we issue APIs to obtain the
values, however these require no RPC call as all requested info
is in virDomain object that client already has.
Therefore move the status obtaining only to the place that really
needs it.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
In 50078cfbcb I've tried to fix distcheck but accidentally
broke rpm build. The problem is that rpm build not only sets
DESTDIR but also passes plugindir path. This results in double
DESTDIR being in the plugin path, Drop one.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Even though the Makefile has WITH_WIRESHARK guards, the _SOURCES
variables are still processed when adding bits to the dist archive.
plugin.c is a generated file that is only built when wireshark is
enabled and it shouldn't be distributed, so use 'nodist'
Rather than continually cut-n-paste the strings into each command,
create a common macro to be used generically. Note that not all
'{.name = "interface",' entries are replaced, just those that have the
common .help string of "interface name or MAC address".
Signed-off-by: John Ferlan <jferlan@redhat.com>
Rather than continually cut-n-paste the strings into each command,
create a common macro to be used generically. Note that not all
'{.name = "network",' entries are replaced, just those that have the
common .help string of "network name or uuid".
Signed-off-by: John Ferlan <jferlan@redhat.com>
Rather than continually cut-n-paste the strings into each command,
create common macros to be used generically. Replace the more commonly
used "vol" option with a macro. This also adjusts 2 commands that
didn't have the correct helpstr - 'vol-create-from' and 'vol-clone'.
Both are described in the man page as taking vol, path, or key and
the code uses the virshCommandOptVol instead of virshCommandOptVolBy.
Signed-off-by: John Ferlan <jferlan@redhat.com>
Rather than continually cut-n-paste the strings into each command,
create a common macro to be used generically. The macro will take a
single argument _helpstr for the less common help string for each
command option. Note that only file options using "OT_DATA" and
"OFLAG_REQ" will be replace - others are left as is.
Signed-off-by: John Ferlan <jferlan@redhat.com>
Rather than continually cut-n-paste the strings into each command,
create a common macro to be used generically. The macro will take a
single argument _helpstr which for many options in virsh-domain.c
is simply "affect current domain". So, create a second macro within that
file in order to define the more common use as a revector to the
common macro with the common _helpstr.
Signed-off-by: John Ferlan <jferlan@redhat.com>
Rather than continually cut-n-paste the strings into each command,
create a common macro to be used generically. The macro will take a
single argument _helpstr which for many options in virsh-domain.c
is simply "affect running domain". So, create a second macro within that
file in order to define the more common use as a revector to the
common macro with the common _helpstr.
Signed-off-by: John Ferlan <jferlan@redhat.com>
Rather than continually cut-n-paste the strings into each command,
create a common macro to be used generically. The macro will take a
single argument _helpstr which for many options in virsh-domain.c
is simply "affect next boot". So, create a second macro within that
file in order to define the more common use as a revector to the
common macro with the common _helpstr.
Signed-off-by: John Ferlan <jferlan@redhat.com>
Rather than continually cut-n-paste the strings into each command,
create a common macro to be used generically. Note that not all
'{.name = "persistent",' entries are replaced, just those that have the
common .help string of "make live change persistent".
Non replaced instances are unique to the command.
Signed-off-by: John Ferlan <jferlan@redhat.com>
Rather than continually cut-n-paste the strings into each command,
create a common macro to be used generically. The macro will take a
single argument _helpstr which will be used to pass the translatable
helpstr since not all domain options can take the same string.
The majority of the options take 'N_("domain name, id or uuid")', so
create a separate macro with a _FULL suffix while those that do not
take the same string will use the VIRSH_COMMON_OPT_DOMAIN macro.
Signed-off-by: John Ferlan <jferlan@redhat.com>
The macro is slightly adjusted to add an argument "_helpstr". This
will be passed as a translation macro string since other uses of the
option may not have the same exact help string (such as is the case
when the uuid is not suppliable for create commands).
In virsh-pool.c - we'll create a singular VIRSH_COMMON_OPT_POOL_FULL
in order to pass along the 'N_("pool name or uuid")'
In virsh-volume.c there will be a VIRSH_COMMON_OPT_POOL_FULL and a
VIRSH_COMMON_OPT_POOL_NAME, which passes 'N_("pool name")' for
the commands that can only pass a name. There will also be a
VIRSH_COMMON_OPT_POOL_OPTIONAL which is used for the command
options which use OT_STRING and don't require the --pool argument.
Signed-off-by: John Ferlan <jferlan@redhat.com>
Commit id's 'cf793b00', 'e178688f', 'f9a6110f', '5372d49', and 'e193735'
added new VSH_POOL_ macros; however, it was pointed out after push that
commit id '834c5720' preferred use of VIRSH_ for the prefix over VSH_.
So this patch just changes the VSH_ to VIRSH_ and it changes the naming
format from VIRSH_<opt>_OPT_COMMON to VIRSH_COMMON_OPT_<opt>.
Signed-off-by: John Ferlan <jferlan@redhat.com>
In wireshark commit ceb8d954 (v1.99.2) they have changed the
signature of a function that determines how long a libvirt packet
is. Now it accepts a void pointer for passing data into the
function. Well, this is nice, but we don't need it right now.
Anyway, we have to change our code.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
In the upcoming patch we will need yet another #ifdef code block
depending on wireshark version. Instead of defining
WIRESHARK_COMPAT2 or something lets just compare the version
right at the place so that we can clearly see what version broke
API.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
In wireshak commit 22149c55 (v.1.11.3) the API was renamed.
Follow the change in our code too. Since the wireshark change was
made in the very same version that we require at least we are
good to go.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
In wireshark, they have introduced their own memory allocator
wmem. This means that we need to adapt our code to that change
too. Notably 0ad15f88ccf434e8210ca is the wireshark commit you
want to look at. It's the one where they dropped the old API. The
new allocator has been introduced in 84cc3daa (v1.10.0), however,
was not exposed until 5c05c9e0 (v1.10.0). Since we already are
requiring 1.11.3 or higher no other change is needed.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
In the wireshark commit e2735ecfdd7a96c they dropped
proto_tree_add_text in favor of proto_tree_add_item. Adapt to
this change.
Moreover, the proto_tree_add_item API is around for ages and we
are already using it anyway. Therefore we don't need to change
required version of wireshark.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Commit b22344f328 mistakenly reordered
Default-* lines. Thanks to that I noticed that we are very inconsistent
with our init scripts, so I took the liberty of synchronizing them,
updating them and making them all look shiny and new. So apart from
fixing the LSB requirements, I also fixed the ordering, specified
runlevels and fix the link to the reference specification.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Implement a --timestamp option for 'virsh net-event', similar to the
one for 'virsh event'.
When the option is used, the human-readable timestamp will be printed
before the message.
Implement a --timestamp option for 'virsh qemu-monitor-event', similar
to the one for 'virsh event'.
When the option is used, the human-readable timestamp will be printed
before the message, and the timing information provided by QEMU will
not be displayed.
No only coverity warns about this, but it kind of makes sense
too. We have a test whether host supports IOMMU. Some platforms
don't have it, I know. But in that case we should print a message
that it's unknown whether platform has it or not.
Before:
(no output)
After:
QEMU: Checking for device assignment IOMMU support : WARN (Unknown if this platform has IOMMU support)
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
memory_dirty_rate corresponds to dirty-pages-rate in QEMU and
memory_iteration is what QEMU reports in dirty-sync-count.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
The *event --loop commands would keep running even though a connection
to libvirtd is lost. This doesn't make a lot of sense since clearly we
won't get any new events from the closed connection.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
This is no functional change, but I find it disturbing that
something_LDADD contains PIE_LDFLAGS while something_LDFLAGS
doesn't.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
The manpage for sysconf() suggest including unistd.h as the
function is declared there. Even though we are not hitting any
compile issues currently, let's include the correct header file
instead of relying on some hidden include chain.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Commmit df8192aa introduced admin related rename and some minor
(caused by automated approach, aka sed) and some more severe isues along with
it. First reason to revert is the inconsistency with libvirt library.
Although we deal with the daemon directly rather than with a specific
hypervisor, we still do have a connection. That being said, contributors might
get under the impression that AdmDaemonNew would spawn/start a new daemon
(since it's admin API, why not...), or AdmDaemonClose would do the exact
opposite or they might expect DaemonIsAlive report overall status of the daemon
which definitely isn't the case.
The second reason to revert this patch is renaming virt-admin client. The
client tool does not necessarily have to reflect the names of the API's it's
using in his internals. An example would be 's/vshAdmConnect/vshAdmDaemon'
where noone can be certain of what the latter function really does. The former
is quite expressive about some connection magic it performs, but the latter does
not say anything, especially when vshAdmReconnect and vshAdmDisconnect were
left untouched.
https://bugzilla.redhat.com/show_bug.cgi?id=1281710
Commit id '3c7590e0a' added the flag to the rbd backend, but provided
no means via virsh to use the flag. This patch adds a '--delete-snapshots'
option to both the "undefine" and "vol-delete" commands.
For "undefine", the flag is combined with the "--remove-all-storage" flag
in order to add the appropriate flag for the virStorageVolDelete call;
whereas, for the "vol-delete" command, just the flag is sufficient since
it's only operating on one volume.
Currently only supported for rbd backends.
https://bugzilla.redhat.com/show_bug.cgi?id=830056
Utilize recently added VIR_STORAGE_POOL_CREATE_WITH_BUILD* flags in
order to pass the flags along to the virStoragePoolCreateXML and
virStoragePoolCreate API's.
This affects the 'virsh pool-create', 'virsh pool-create-as', and
'virsh pool-start' commands. While it could be argued that pool-start
doesn't need the flags, they could prove useful for someone trying to
do one command build --overwrite and start command processing or
essentially starting with a clean slate.
NB:
This patch is loosely based upon code originally authored by Osier
Yang that were not reviewed and pushed, see:
https://www.redhat.com/archives/libvir-list/2012-July/msg00497.html
Although they both are the same now, a future patch will add new options
to pool-create-as. So create a common macro to capture commonality, then
use that in the command specific structure.
Although not currently used in more than one command, it soon will be
so create a common macro to be used in the new command location.
Additionally, add the ".flags = 0," for both to match the expections
of the structure being predefined.
Rather than continually cut/paste the "file" option for pool command
option structures, generate a macro which will commonly define it for
any command. Then of course use that macro.
Rather than continually cut/paste the "pool" option for pool command
option structures, generate a macro which will commonly define it for
any command. Then of course use that macro.
Instead of the custom error:
error: iothreadpin: invalid cpulist.
use vshCommandOptStringReq and let it report a more specific error:
error: Failed to get option 'cpulist': Option argument is empty
virAdmConnect was named after virConnect, but after some discussions,
most of the APIs called will be working with remote daemon and starting
them virAdmDaemon will make more sense. Only possibly controversal name
is CloseCallback (de)registration, and connecting to the daemon (which
will still be Open/Close), but even this makes sense if one thinks about
the daemon being opened and closed, e.g. as file, etc.
This way all the APIs working with the daemon will start with
virAdmDaemon prefix, they will accept virAdmDaemonPtr as first parameter
and that will better suit with other namings as well (virDomain*,
virAdmServer*, etc.).
Because in virt-admin, the connection name does not refer to a struct
that would have a connect in its name, also adjust 'connname' in
clients. And because it is not used anywhere in the vsh code, move it
from there into each client.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Due to the default of flags is VIR_CONNECT_LIST_DOMAINS_ACTIVE,
It doesn't show the domains that have been shutdown when we use
'virsh list' with only --state-shutoff.
Signed-off-by: Wei Jiangang <weijg.fnst@cn.fujitsu.com>
Our domain_conf.* files are big enough. Not only they contain XML
parsing code, but they served as a storage of all functions whose
name is virDomain prefixed. This is just wrong as it gathers not
related functions (and modules) into one big file which is then
harder to maintain. Split virDomainObjList module into a separate
file called virdomainobjlist.[ch].
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Introduce a new API to get libvirt version. It is worth noting, that
libvirt-admin and libvirt share the same version number. Unfortunately,
our existing API isn't generic enough to be used with virAdmConnectPtr
as well. Also this patch wires up this API to the virt-admin client
as a generic cmdVersion command.
As we need a client disconnect handler, we also need a mechanism to register
such handlers for a client. This patch introduced both the close callbacks and
also the client vshAdmCatchDisconnect handler to be registered with it. By
registering the handler we still need to make sure the client can react to
daemon's events like disconnect or keepalive, so asynchronous I/O event polling
is necessary to be enabled too.
Since most of our APIs rely on an acive functional connection to a daemon and
we have such a mechanism in libvirt already, there's need to have such a way in
libvirt-admin as well. By introducing a new public API, this patch provides
support to check for an active connection.
This patch introduces virt-admin client which is based on virsh client,
but had to reimplement several methods to meet virt-admin specific needs
or remove unnecessary virsh specific logic.
Adding this feature will allow users to easily attach a hostdev network
interface using PCI passthrough.
The interface can be attached using --type=hostdev and PCI address or
as --source. This command also allows you to tell, whether the interface
should be managed.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=997561
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
While parsing device addresses we should use correct base and don't
count on auto-detect. For example, PCI address uses hex numbers, but
each number starting with 0 will be auto-detected as octal number and
that's wrong. Another wrong use-case is for PCI address if for example
bus is 10, than it's incorrectly parsed as decimal number.
PCI and CCW addresses have all values as hex numbers, IDE and SCSI
addresses are in decimal numbers.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
The number of vCPUs for a guest must be between 1 and the
maximum value configured in the domain XML. This commit
introduces checks to make sure that passing count <= 0
results in an error.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1248277
Signed-off-by: Luyao Huang <lhuang@redhat.com>
The condition checking whether --format was specified was incorrect.
virsh crashed if the following format was used:
virsh dump VM dump --format '' --memory-only
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1272301
This looks for existance of DMAR (Intel) and IVRS (AMD)
files under /sys/firmware/acpi/tables/, as a sign that
the platform has IOMMU present & enabled in the BIOS.
If these are present and /sys/kernel/iommu_groups does
not contain any entries this is taken as a sign that
the kernel has not enabled the IOMMU currently.
If no ACPI tables are found we can't distinguish between
disabled in BIOS and not present in the hardware, so we
have to give the user a generic hint.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Win32 does not have support for mntent.h header, so the
method which uses this must be stubbed out.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Extend the virt-host-validate checks to see if the required
cgroups are compiled into the kernel and that they are
mounted on the system. The cgroups are all optional except
for 3 that LXC mandates
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Currently we just check that various devices are accessible.
This leads to inaccurate errors reported for /dev/kvm and
/dev/vhost-net if they exist but an unprivileged user lacks
access. Switch existing checks to look for file existance,
and add a separate check for accessibility of /dev/kvm
since some distros don't grant users access by default.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
The LXC driver requires the uts, mnt, pid & ipc
namespaces, while net & user namespaces are
optional. Validate all these are present.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
https://bugzilla.redhat.com/show_bug.cgi?id=1250331
Even after my rework of startupPolicy handling, one command
slipped my attention. The change-media command has a very unique
approach to constructing disk XML. However, it will not preserve
startupPolicy attribute.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
So, our mingw build is broken. It's because while libvirt_shell
library is using some of our internal APIs, e.g. virStrndup, and
readline API but it's not being linked with nor libvirt.la nor
libreadline. Only subsequent users of the library, like virsh,
do link to the needed libraries. In fact, I'm surprised Linux
linker doesn't care, because how can it make a static library
with missing symbols is mystery to me.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Although 0 length block jobs aren't entirely useful, the output of virsh
blockjob is empty due to the condition that suppresses the output for
migration jobs that did not start. Since the only place that actually
uses the condition that suppresses the output is in migration, let's
move the check there and thus add support for 0 of 0 equaling to 100%.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1196711