4355 Commits

Author SHA1 Message Date
Jamie Strandboge
624a7927f0 Documentation and examples for SVirt Apparmor driver
* docs/drvqemu.html.in: include documentation for AppArmor sVirt
  confinement
* examples/apparmor/TEMPLATE examples/apparmor/libvirt-qemu
  examples/apparmor/usr.lib.libvirt.virt-aa-helper
  examples/apparmor/usr.sbin.libvirtd: example templates and
  configuration files for SVirt Apparmor when using KVM/QEmu
2009-10-08 16:42:05 +02:00
Jamie Strandboge
bbaecd6a8f sVirt AppArmor security driver
* configure.in: look for AppArmor and devel
* src/security/security_apparmor.[ch] src/security/security_driver.c
  src/Makefile.am: add and plug the new driver
* src/security/virt-aa-helper.c: new binary which is used exclusively by
  the AppArmor security driver to manipulate AppArmor.
* po/POTFILES.in: registers the new files
* tests/Makefile.am tests/secaatest.c tests/virt-aa-helper-test:
  tests for virt-aa-helper and the security driver, secaatest.c is
  identical to seclabeltest.c except it initializes the 'apparmor'
  driver instead of 'selinux'
2009-10-08 16:34:22 +02:00
Cole Robinson
f5c65fa192 cgroup: Fix -Werror breakage 2009-10-08 10:26:42 -04:00
Daniel P. Berrange
7b1fe89a5c Misc win32 build fixes
* daemon/Makefile.am: Fix missing sasl rule
* src/datatypes.c: Add unistd.h to avoid gnulib bug
* src/util/cgroup.c: Disable mntent if not available
2009-10-08 11:56:06 +01:00
Ryota Ozaki
e1f5f8516f Fix handling return value of qemuMonitorSetBalloon
* src/qemu/qemu_driver.c: The positive return value of
  qemuMonitorSetBalloon should be handled as a success
2009-10-07 15:33:36 +02:00
Ryota Ozaki
3a05dc09ec LXC implement memory control APIs
The patch implements the missing memory control APIs for lxc, i.e.,
domainGetMaxMemory, domainSetMaxMemory, domainSetMemory, and improves
domainGetInfo to return proper amount of used memory via cgroup.

* src/libvirt_private.syms: Export virCgroupGetMemoryUsage
  and add missing virCgroupSetMemory
* src/lxc/lxc_driver.c: Implement missing memory functions
* src/util/cgroup.c, src/util/cgroup.h: Add the function
  to get used memory
2009-10-07 15:26:23 +02:00
Jamie Strandboge
709c37e932 Add a domain argument to SVirt *RestoreImageLabel
When James Morris originally submitted his sVirt patches (as seen in
libvirt 0.6.1), he did not require on disk labelling for
virSecurityDomainRestoreImageLabel. A later commit[2] changed this
behavior to assume on disk labelling, which halts implementations for
path-based MAC systems such as AppArmor and TOMOYO where
vm->def->seclabel is required to obtain the label.

* src/security/security_driver.h src/qemu/qemu_driver.c
  src/security/security_selinux.c: adds the 'virDomainObjPtr vm'
  argument back to *RestoreImageLabel
2009-10-07 12:40:01 +02:00
Chris Lalancette
db68d6b164 Fix up "make check"
While running make check, I noticed that it was actually using
the virsh binary from my system, in /usr/bin/virsh, and not the
one that was just compiled.  This is actually caused by a bug
in Makefile.am, where we didn't update the PATH to include tools.

While here, I also updated all of the scripts to properly define
the srcdir, abs_top_srcdir, and abs_top_builddir environment
variables.  This is required if you want to be able to run the
tests standalone (i.e. ./test instead of from make check).  I've
tested this on both RHEL-5 and Fedora-10 machines, and make check
works on both, as does running the individual tests by hand.

Signed-off-by: Chris Lalancette <clalance@redhat.com>
2009-10-07 12:18:13 +02:00
Mark McLoughlin
d285084b12 Create /var/log/libvirt/{lxc,uml} dirs
Otherwise logrotate barfs:

  error: error accessing /var/log/libvirt/uml: No such file or directory
  error: libvirtd:1 glob failed for /var/log/libvirt/uml/*.log
  error: found error in /var/log/libvirt/qemu/*.log /var/log/libvirt/uml/*.log /var/log/libvirt/lxc/*.log , skipping

* qemud/Makefile.am: always create /var/log/libvirt/{lxc,uml} when
  installing the logrotate conf; not ideal, but easier than making
  the logrotate conf depend on which drivers are enabled
2009-10-06 13:49:35 +01:00
Daniel P. Berrange
e46f6309d5 Fix rebuilding of devhelp files
The devhelp/ directory files depend on libvirt-api.xml being
uptodate, but automake always processes SUBDIRS before the
current directory. So devhelp would be built and then the
libvirt-api.xml re-build, invalidating the devhelp data again.

To fix this all the rules for devhelp are moved directly
into the docs/Makefile.am allowing make to see the global
dependancy chain and thus build things in the correct order

* docs/Makefile.am: Add rules for devhelp rebuild
* docs/devhelp/Makefile.am: Remove devhelp rebuild
* configure.in: Remove docs/devhelp/Makefile.am
2009-10-06 11:12:53 +01:00
Daniel P. Berrange
e2b8f981c4 Fix ordering of <exports> in API description file
* docs/apibuild.py: Make uniq() function sort keys before returning
  them to ensure consitent ordering of <exports> in XML file
2009-10-06 11:12:53 +01:00
Cole Robinson
e22f2f5c9c test: Support loading node device info from file/XML
Also add some XML examples.

Signed-off-by: Cole Robinson <crobinso@redhat.com>
2009-10-05 14:07:17 -04:00
Cole Robinson
7165bef132 node conf: Make parsing routines consistent with other drivers
Add virNodeDeviceParseFile, and make virNodeDeviceParseNode non-static. These
will be used by the test driver.

Signed-off-by: Cole Robinson <crobinso@redhat.com>
2009-10-05 14:07:16 -04:00
Cole Robinson
2eb9301ba5 test: Implement node device driver.
Add a simple 'computer' device for the default driver. Only implement
the basic calls, no creation or destroy happening.

Signed-off-by: Cole Robinson <crobinso@redhat.com>
2009-10-05 14:07:16 -04:00
Cole Robinson
6e24ccb266 nodedev: Break out virNodeDeviceHasCap to node_conf
Will be used by test driver node device implementation.

Signed-off-by: Cole Robinson <crobinso@redhat.com>
2009-10-05 14:07:16 -04:00
Cole Robinson
112746cdc5 nodedev: Add locking in nodeNumOfDevices
Signed-off-by: Cole Robinson <crobinso@redhat.com>
2009-10-05 14:07:15 -04:00
Cole Robinson
3c4b8a7706 test: Throw a proper error in GetBridgeName
Throw error in GetBridgeName if net has no bridge.

Signed-off-by: Cole Robinson <crobinso@redhat.com>
2009-10-05 13:31:38 -04:00
Cole Robinson
ee8240b295 python: Add a newline after custom classes
In the generated bindings, custom classes are squashed against the following
class, which hurts readability.
2009-10-05 13:31:38 -04:00
Cole Robinson
1e87ecd12e python: Fix generated virInterface method names
A mistake in the generator was causing virInterface methods to be generated
with unpredicatable names ('ceUndefine', instead of just 'undefine'). This
fixes the method names to match existing convention.

Does anyone care if we are breaking API compat? My guess is that no one is
using the python interface bindings yet.

Signed-off-by: Cole Robinson <crobinso@redhat.com>
2009-10-05 13:31:38 -04:00
Cole Robinson
9e09f313d1 python: Use a pure python implementation of 'vir*GetConnect'
The API docs explictly warn that we shouldn't use the C vir*GetConnect calls
in bindings: doing so can close the internal connection pointer and cause
things to get screwy. Implement these calls in python.

Signed-off-by: Cole Robinson <crobinso@redhat.com>
2009-10-05 13:31:38 -04:00
Cole Robinson
97648a9751 python: Don't generate bindings for vir*Ref
They are only for use in implementing the bindings, so shouldn't be
exposed to regular API users.

Signed-off-by: Cole Robinson <crobinso@redhat.com>
2009-10-05 13:31:37 -04:00
Cole Robinson
3f935df0af python: Don't generate conflicting conn.createXML functions.
A special case in the generator wasn't doing its job, and duplicate
conn.createXML functions were being generated. The bindings diff is:

@@ -1079,14 +1079,6 @@ class virConnect:
         return __tmp

     def createXML(self, xmlDesc, flags):
-        """Create a new device on the VM host machine, for example,
-           virtual HBAs created using vport_create. """
-        ret = libvirtmod.virNodeDeviceCreateXML(self._o, xmlDesc, flags)
-        if ret is None:raise libvirtError('virNodeDeviceCreateXML() failed', conn=self)
-        __tmp = virNodeDevice(self, _obj=ret)
-        return __tmp
-
-    def createXML(self, xmlDesc, flags):
         """Launch a new guest domain, based on an XML description
           similar to the one returned by virDomainGetXMLDesc() This
           function may requires privileged access to the hypervisor.
@@ -1327,6 +1319,14 @@ class virConnect:
         __tmp = virNetwork(self, _obj=ret)
         return __tmp

+    def nodeDeviceCreateXML(self, xmlDesc, flags):
+        """Create a new device on the VM host machine, for example,
+           virtual HBAs created using vport_create. """
+        ret = libvirtmod.virNodeDeviceCreateXML(self._o, xmlDesc, flags)
+        if ret is None:raise libvirtError('virNodeDeviceCreateXML() failed', conn=self)
+        __tmp = virNodeDevice(self, _obj=ret)
+        return __tmp
+
     def nodeDeviceLookupByName(self, name):
         """Lookup a node device by its name. """
         ret = libvirtmod.virNodeDeviceLookupByName(self._o, name)

Signed-off-by: Cole Robinson <crobinso@redhat.com>
2009-10-05 13:31:37 -04:00
Cole Robinson
fca27ca2bb python: Remove use of xmllib in generator.py
xmllib has been deprecated since python 2.0, and running the generator throws
a warning. Move to using xml.sax

Signed-off-by: Cole Robinson <crobinso@redhat.com>
2009-10-05 13:31:37 -04:00
Cole Robinson
547d8e3a86 python: Remove FastParser from generator.
FastParser uses sgmlop, a non-standard python module meant as a replacement
for xmllib (which is deprecated since python 2.0). Fedora doesn't even carry
this module, and the generator doesn't have high performance requirements, so
just rip the code out.

Signed-off-by: Cole Robinson <crobinso@redhat.com>
2009-10-05 13:31:37 -04:00
Cole Robinson
79cfda0013 configure: Add explict --with-python option.
--with-python currently already works for enabling/disabling the python
bindings, but doesn't show up in the help output.

Signed-off-by: Cole Robinson <crobinso@redhat.com>
2009-10-05 13:31:37 -04:00
Daniel Veillard
529325bbdd 526769 change logrotate config default to weekly
* daemon/libvirtd.logrotate.in: change to weekly rotation of logs,
  keep a month worth of data and also extend to cover LXC and UML
  domain logs
2009-10-05 17:03:14 +02:00
Daniel P. Berrange
ea6bc1e8c6 Fix typo in Makefile.am breaking NEWS file generation
* docs/Makefile.am: Fix syntax error in NEWS rule, '$' should be '$$'
  to escape correctly
2009-10-02 12:02:36 +01:00
Daniel P. Berrange
398d01b8a9 Fix emission of domain events messages
The code which updated the message length after writing the
payload wrote the updated length word in the wrong place since
the XDR object was given a buffer pointing to the start of the
header payload, rather than message start.

* daemon/remote.c: Fix updating of event message length so that
  we actually send the payload, not just the header
2009-10-02 12:02:35 +01:00
Paolo Bonzini
96ad9ed33b unbreak `make rpcgen'
Fix "make rpcgen", broken by the directory reorganization.

* src/Makefile.am (rpcgen): Fix path to rpcgen_fix.pl.
2009-10-02 11:58:42 +02:00
Paolo Bonzini
1a09553e52 unbreak migration
Fix migration, broken in two different ways by the QEMU monitor
abstraction.  Note that the QEMU console emits a "\r\n" as the
line-ending.

* src/qemu/qemu_monitor_text.c (qemuMonitorGetMigrationStatus):
Fix "info migrate" command and its output's parsing.
2009-10-02 11:57:31 +02:00
Chris Lalancette
6e16575a37 Tunnelled migration.
Implementation of tunnelled migration, using a Unix Domain Socket
on the qemu backend.  Note that this requires very new versions of
qemu (0.10.7 at least) in order to get the appropriate bugfixes.

Signed-off-by: Chris Lalancette <clalance@redhat.com>
2009-10-02 11:43:26 +02:00
Jiri Denemark
3bd4c7ba16 Fix build in separate build directory
* cfg.mk: use $(srcdir)/ prefix for Makefile.nonreentrant include
* examples/domain-events/events-c/Makefile.am tools/Makefile.am
  examples/hellolibvirt/Makefile.am: extend the include paths to
  use $(top_srcdir)/include too.
2009-10-01 16:55:09 +02:00
Paolo Bonzini
36e0372986 Fix documentation and comment typos
Fix a few mispellings :-) of "successfully" and regenerate
docs/libvirt-*.xml.
* src/libvirt.c: Fix typos.
* src/secret/secret_driver.c: Fix typos.
* docs/libvirt-api.xml: Regenerate.
* docs/libvirt-refs.xml: Regenerate.
2009-10-01 16:42:40 +02:00
Chris Lalancette
7cc1491d10 Various monitor improvements for migration.
The upcoming tunnelled migration needs to be able to set
a migration in progress in the background, as well as
be able to cancel a migration when a problem has happened.
This patch allows for both of these to properly work.

Signed-off-by: Chris Lalancette <clalance@redhat.com>
2009-10-01 13:24:22 +02:00
Mark McLoughlin
1daea0c59d Fix USB device re-labelling
A simple misplaced break out of a switch results in:

  libvir: error : Failed to open file '/sys/bus/pci/devices/0000:00:54c./vendor': No such file or directory
  libvir: error : Failed to open file '/sys/bus/pci/devices/0000:00:54c./device': No such file or directory
  libvir: error : this function is not supported by the hypervisor: Failed to read product/vendor ID for 0000:00:54c.

when trying to passthrough a USB host device to qemu.

* src/security_selinux.c: fix a switch/break thinko
2009-10-01 11:56:09 +01:00
Daniel Veillard
79d233b5ca Avoid a libvirtd crash on broken input 523418
* src/conf/domain_conf.c: a simple typo in an XML domain file could lead
  to a crash, because we called STRPREFIX() on the looked up value without
  checking it was non-null.
2009-10-01 11:54:38 +02:00
Florian Vichot
b37979023d Incorrect error message in virDomainNetDefParseXML
* src/conf/domain_conf.c: when declaring a <interface type="bridge">
  tag, <source> needs a "bridge" attribute, but the parser complains
  about a missing "dev" attribute.
2009-09-30 18:51:30 +02:00
Daniel Veillard
553f31c579 Fix a few 'make rpm' breakages
* Makefile.am: examples/domain-events/events-python should be added
  to dist tarball
* libvirt.spec.in: there is no makefile in domain-events but in
  domain-events/events-c and python/libvirtclass.txt has vanished
2009-09-30 16:20:25 +02:00
Daniel Veillard
8fc469b3d5 523639 Allows a <description> tag for domains
* docs/schemas/domain.rng: allow one <description> tag in the top level
  of the <domain> to store user information as text
* src/conf/domain_conf.c src/conf/domain_conf.h: extend the structure
  to store this text, grab it at parse time and save it back when
  present after <uuid>
2009-09-30 16:10:16 +02:00
Chris Lalancette
9d162096ca Add src/util/storage_file.c to the POTFILES.in.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
2009-09-30 14:12:03 +02:00
Chris Lalancette
b013ebc3b2 Add a qemu feature flag for unix socket migration.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
2009-09-30 14:06:12 +02:00
Chris Lalancette
c1a45b5107 Pass remote_message_header to the dispatch functions.
This is necessary for the dispatch functions to be able to use
streams in the future.

Signed-off-by: Chris Lalancette <clalance@redhat.com>
2009-09-30 14:05:57 +02:00
Chris Lalancette
15bfedcbbd Let remoteClientStream only do RX if requested.
Right now, the stream stuff assumes that a stream is always
going to be used for transmit.  This is not the case, and in
fact doesn't work with the tunnelled migration stuff.  Add
a flag to remoteClientStream() to allow it to do RX only.

Signed-off-by: Chris Lalancette <clalance@redhat.com>
2009-09-30 14:05:41 +02:00
Chris Lalancette
47c8709564 Fix up a few typos in the tree.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
2009-09-30 14:05:24 +02:00
Chris Lalancette
f4e74cf63c Fix up some warnings from stream DEBUG statements.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
2009-09-30 14:05:14 +02:00
Matthias Bolte
14bf7270aa Fix apibuild.py warnings
Function comments for virStreamEvent{Add,Update,Remove}Callback() are
missing a trailing ':'. Therefore apibuild.py fails to parse the comment
and warns about the missing ':'.

* docs/libvirt-api.xml, docs/libvirt-refs.xml: updated by apibuild.py
* src/libvirt.c: add missing ':' in function comments
2009-09-30 13:41:28 +02:00
Matthias Bolte
d710d60c31 Change signature of remoteSendStreamData() to fix compile warning
The actual type of size_t is architecture dependent. Because the len
parameter is used as unsigned int in remoteSendStreamData(), change its
type to unsigned int.

* daemon/dispatch.[ch]: change size_t to unsigned int for
  remoteSendStreamData()
2009-09-30 12:37:10 +02:00
Mark McLoughlin
fe627697a3 Re-label image file backing stores
Use virStorageFileGetMetadata() to find any backing stores for images
and re-label them

Without this, qemu cannot access qcow2 backing files, see:

  https://bugzilla.redhat.com/497131

* src/security/security_selinux.c: re-label backing store files in
  SELinuxSetSecurityImageLabel()
2009-09-30 10:37:00 +01:00
Mark McLoughlin
295fd6e833 Add virStorageFileGetMetadata() helper
* src/util/storage_file.c: add virStorageFileGetMetadata() so that
  the caller does not need to open the file
2009-09-30 10:37:00 +01:00
Mark McLoughlin
a010fb58d6 Move virStorageGetMetadataFromFD() to libvirt_util
Finally, we get to the point of all this.

Move virStorageGetMetadataFromFD() to virStorageFileGetMetadataFromFD()
and move to src/util/storage_file.[ch]

There's no functional changes in this patch, just code movement

* src/storage/storage_backend_fs.c: move code from here ...

* src/util/storage_file.[ch]: ... to here

* src/libvirt_private.syms: export virStorageFileGetMetadataFromFD()
2009-09-30 10:36:59 +01:00