Thanks to our smart option parser which automatically assigns positional
parameters the following (previously working) command fails:
virsh migrate test qemu+ssh://1.2.3.4/system tcp://1.2.3.4/
error: invalid argument: Unsupported compression method
'tcp://1.2.3.4/'
We need to make sure new options are added at the end of the list rather
than where they logically belong.
Reported by Brian Rak.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
A new hidden command for virsh that will iterate over
all command groups and commands and print help for every single one.
This involves running vshCmddefOptParse so we can get an error if
one of the command's option structure is invalid.
Crash dump in a old kvmdump format is being obsolete and cannot be loaded and
processed by crash utility since its version 6.1.0. A --memory-only option is
required in order to produce valid ELF file which can be later processed by the
crash utility. A new note is added to the dump command description.
Building with clang 3.8 triggers the following error:
CC virt_host_validate-virt-host-validate-qemu.o
virt-host-validate-qemu.c:36:11: error: initializing 'char *' with an expression of type 'const char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
char *kvmhint = _("Check that CPU and firmware supports virtualization "
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
virt-host-validate-qemu.c:46:17: error: assigning to 'char *' from 'const char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
kvmhint = _("Check that the 'kvm-intel' or 'kvm-amd' modules are "
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2 errors generated.
Fix by using 'const' for kvmhint declaration.
ARM/Aarch64 /proc/cpuinfo has no virtualization related flags.
Refactor the Qemu/KVM test a bit:
1) run the "for hardware virtualization" test only on plaforms with known
cpuinfo flags (x86, s390)
2) test for /dev/kvm also on platforms where no cpu flags are set
Finally Add a more generic error hint message for non-x86 plaforms
when /dev/kvm is missing.
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Prior to joining the namespaces of the container, move the
process into the containers' cgroups, so that the shell that
is subsequently launched is under the container resource
constraints.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Currently the shell must be looked up from the config setting in
/etc/libvirt/virt-login-shell.conf. This is inflexible if there
are containers where different users need different shells. Add
add a new 'auto-shell' config parameter which instructs us to
query the containers' /etc/passwd for the shell to be exec'd.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
The virt-login-shell environment will be initialized with
an arbitrary number of environment variables determined
by the SSH daemon and PAM configuration. Most of these are
not relevant inside the container, and at best they are
noise and at worst they'll break apps. For example if
XDG_RUNTIME_DIR is leaked to the container, it'll break
any apps using it, since the directory it points to is
only visible to the host OS filesystem, not the container
FS.
Use clearenv() to blank out everything and then set known
good values for PATH, SHELL, USER, LOGNAME HOME and TERM.
Everything else is left up to the login shell to initialize.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
The virDomainFree / virConnectClose methods will reset the
last error handle, so we must save the error during cleanup
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Currently the shell config file parameter must be a list
giving the shell path and args. Allow it to be a plain
string argument as well.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Currently we request a login shell by passing the -l argument
to the shell. This is either hardcoded, or required to be
specified by the user in the virt-login-shell.conf file.
The standard way for login programs to request a shell run
as a login shell is to modify the argv passed to execve()
so that argv[0] contains the relative shell filename
prefixed with a zero. eg instead of doing
const char **shellargs = ["/bin/bash", "-l", NULL];
execve(shellargs[0], shellargs, env);
We should be doing
const char **shellargs = ["-bash", NULL];
execve("/bin/bash", shellargs, env);
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
The virt-login-shell program is supposed to look like a
regular shell to clients. Login services like sshd
expect the shell to accept a '-c cmdstring' argument to
specify a command to launch instead of presenting an
interactive prompt.
We can implement this by simply passing the '-c cmdstring'
data straight through to the real shell we use. This does
not open any security holes, since the command is not run
until we're inside the container namespaces. This allows
scp to work for users with virt-login-shell.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Extend the lxc-enter-namespace command so that it joins the
containers' cgroups before starting new namespaces. This
ensures that the commands run have the normal resource
limits applied
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Problem is, localtime_r() returns a pointer to converted time or
NULL in case of an error. But checking the glibc sources, error
will occur iff a NULL has been passed as an either of arguments
the function takes. But GCC fails to see that:
../../tools/virsh-network.c: In function 'cmdNetworkDHCPLeases':
../../tools/virsh-network.c:1370:12: error: potential null pointer dereference [-Werror=null-dereference]
ts = *localtime_r(&expirytime_tmp, &ts);
~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Currently if a guest has listen address 0.0.0.0 or [::] and you run
"virsh domdisplay $domain" you always get "spice://localhost:$port".
We want to print better address if someone is connected from a different
computer using "virsh -c qemu+ssh://some.host/system". This patch fixes the
behavior of virsh to print in this case "spice://some.host:$port".
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1332446
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Finally wire-up virAdmServer{Get,Set}ClientLimits APIs into virt-admin client.
Update the virt-admin's man page accordingly.
Signed-off-by: Erik Skultety <eskultet@redhat.com>
Usage of this keyword in front of function declaration that is exported via a
header file is unnecessary, since internally, this has been the default for most
compilers for quite some time.
Signed-off-by: Erik Skultety <eskultet@redhat.com>
https://bugzilla.redhat.com/show_bug.cgi?id=885380
Use vshCommandOptScaledInt instead of vshCommandOptULongLong so that
values with suffixes can be passed when bytes are being passed along.
Values for the iops parameters still need to be given in the absolute
form as they are not bytes but numbers.
Signed-off-by: Nishith Shah <nishithshah.2211@gmail.com>
cmdDetachInterface function checks for live config
flags and then passes the live/config domain xml
to virshDomainDetachInterface accordingly.
Signed-off-by: Nitesh Konkar <nitkon12@linux.vnet.ibm.com>
When virHostValidateCPUFlag returns NULL, that's more an unexpected
error than the sign of missing CPU flags. Let's react to this
appropriately.
Signed-off-by: Bjoern Walk <bwalk@linux.vnet.ibm.com>
Wire-up the public client listing API. Along with this change, a private time
simple conversion method to interpret client's timestamp obtained from server
has been added as well. Format used to for time output is as follows:
YYYY-mm-DD HH:MM:SS+ZZZZ.
Although libvirt exposes methods time-related methods through virtime.h
internally, it utilizes millisecond precision which we don't need in this case,
especially when connection timestamps use precision to seconds only.
This is just a convenience int to string conversion method.
To reflect the new API, man page has been adjusted accordingly.
Signed-off-by: Erik Skultety <eskultet@redhat.com>
The man page says: "(Re)-Connect to the hypervisor. When the shell is
first started, this is automatically run with the URI parameter
requested by the "-c" option on the command line." However, if you run:
virsh -c 'test://default' 'connect; uri'
the output will not be 'test://default'. That's because the 'connect'
command does not care about any virsh-only related settings and if it is
run without parameters, it connects with @uri == NULL. Not only that
doesn't comply to what the man page describes, but it also doesn't make
sense. It also means you aren't able to reconnect to whatever you are
connected currently.
So let's fix that in both virsh and virt-admin add a test case for it.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Add ULL suffix to all related operands of << or shift will give
all zeros instead of correct mask.
Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
We do have something similar for installing init system files.
Basically I'm trying to avoid the following warning produced by
automake:
tools/Makefile.am:429: warning: uninstall-local was already defined in condition TRUE, which includes condition WITH_BSD_NSS ...
tools/Makefile.am:292: ... 'uninstall-local' previously defined here
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
No need to special-case this one: we can add it to EXTRA_DIST so
that it will be shipped in any case, and if WITH_LOGIN_SHELL
happens to be enabled we mark it for installation as well.
We can't use eg. @sysconfdir@ directly in the .pod file, because
pod2man(1) will interpret that as a variable name and format it
accordingly.
Instead, we use eg. SYSCONFDIR and use a subsequent sed(1) call
to turn it into the expected @sysconfdir@.
The generated man pages may contain information that depend on
the build configuration, so they should not be shipped but
rather always built on the user's machine.
