Libvirt provides a portable, long term stable C API for managing the virtualization technologies provided by many operating systems. It includes support for QEMU, KVM, Xen, LXC, bhyve, Virtuozzo, VMware vCenter and ESX, VMware Desktop, Hyper-V, VirtualBox and the POWER Hypervisor.
Go to file
Ján Tomko d47a396e99 api: disallow virConnectGetDomainCapabilities on read-only connections
This API can be used to execute arbitrary emulators.
Forbid it on read-only connections.

Fixes: CVE-2019-10167
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit 8afa68bac0)
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2019-06-24 10:00:21 +02:00
.gnulib@8d116e3f65 maint: Update to latest gnulib 2017-08-28 12:12:51 +02:00
build-aux Revert "Prevent more compiler optimization of mockable functions" 2017-07-13 13:07:06 +01:00
daemon daemon: logging: Fix --verbose option being ignored by the daemon 2017-08-28 16:42:13 +02:00
docs Release of libvirt-3.7.0 2017-09-04 12:14:11 +02:00
examples apparmor, libvirt-qemu: Allow QEMU to gather information about available host resources. 2017-08-11 16:57:59 -03:00
gnulib build: drop hack for old mingw ssize_t 2016-07-12 08:57:13 -06:00
include/libvirt lib: Add API to edit domain's managed save state xml configuration 2017-08-29 13:40:13 +02:00
m4 maint: correct quoting for gl_WARN_ADD 2017-08-28 10:15:05 -05:00
po Release of libvirt-3.7.0 2017-09-04 12:14:11 +02:00
src api: disallow virConnectGetDomainCapabilities on read-only connections 2019-06-24 10:00:21 +02:00
tests qemu: ensure TLS clients always verify the server certificate 2017-10-16 13:17:20 +01:00
tools virsh: Implement managedsave-edit command 2017-08-29 13:40:13 +02:00
.color_coded.in Add color_coded support 2017-05-09 09:51:11 +02:00
.ctags maint: Make ctags work out of the box 2013-07-18 08:47:21 +02:00
.dir-locals.el build: avoid tabs that failed syntax-check 2012-09-06 09:43:46 -06:00
.gitignore Add YouCompleteMe support 2017-05-09 09:51:11 +02:00
.gitmodules util: switch over to use keycodemapdb GIT submodule 2017-04-25 21:14:18 +01:00
.mailmap maint: update .mailmap for recent contributions 2015-03-20 06:17:55 -06:00
.travis.yml docs: drop XHTML 1.0 validation of website 2017-08-02 17:00:11 +01:00
.ycm_extra_conf.py.in Add YouCompleteMe support 2017-05-09 09:51:11 +02:00
AUTHORS.in Change maintainers list 2016-02-12 13:10:05 +03:00
autogen.sh autogen.sh: Improve and generalize 2017-04-25 09:52:37 +02:00
bootstrap maint: update to latest gnulib 2017-01-10 12:54:54 -06:00
bootstrap.conf hvsupport: use a regex instead of XML::XPath 2016-07-19 18:42:44 +02:00
cfg.mk log: fix deadlock obtaining hostname (related CVE-2018-6764) 2018-02-13 14:14:33 -05:00
ChangeLog-old Fix typos in src/* 2014-04-21 16:49:08 -06:00
config-post.h Require use of GCC 4.4 or CLang compilers 2017-07-11 13:57:11 +01:00
configure.ac Post-release version bump to 3.7.0 2017-08-02 09:27:22 +02:00
COPYING maint: follow recommended practice for using LGPL 2013-05-20 14:15:21 -06:00
COPYING.LESSER maint: Remove control characters from LGPL license file 2015-09-25 09:16:24 +02:00
libvirt-admin.pc.in Add libvirt-admin library 2015-06-16 13:46:20 +02:00
libvirt-lxc.pc.in Add pkg-config files for libvirt-qemu & libvirt-lxc 2014-06-23 16:17:27 +01:00
libvirt-qemu.pc.in Add pkg-config files for libvirt-qemu & libvirt-lxc 2014-06-23 16:17:27 +01:00
libvirt.pc.in Add pkg-config files for libvirt-qemu & libvirt-lxc 2014-06-23 16:17:27 +01:00
libvirt.spec.in rpm: conditionalize dep on perl for perl-interpretor split in F27 2017-08-04 16:20:12 +01:00
Makefile.am HACKING: Drop from the git repository 2017-06-26 14:25:54 +02:00
Makefile.nonreentrant cfg.mk: use a single regex for all non-reentrant functions 2016-06-15 15:00:56 +02:00
mingw-libvirt.spec.in rpm: conditionalize dep on perl for perl-interpretor split in F27 2017-08-04 16:20:12 +01:00
README Provide a useful README file 2017-05-22 17:01:37 +01:00
README-hacking HACKING: Drop from the git repository 2017-06-26 14:25:54 +02:00
README.md HACKING: Drop from the git repository 2017-06-26 14:25:54 +02:00
run.in Add PKG_CONFIG_PATH to run.in script. 2014-06-26 14:32:35 +01:00
TODO Update todo list file to point at bugzilla/website 2010-10-13 16:45:26 +01:00

Build Status

Libvirt API for virtualization

Libvirt provides a portable, long term stable C API for managing the virtualization technologies provided by many operating systems. It includes support for QEMU, KVM, Xen, LXC, bhyve, Virtuozzo, VMware vCenter and ESX, VMware Desktop, Hyper-V, VirtualBox and the POWER Hypervisor.

For some of these hypervisors, it provides a stateful management daemon which runs on the virtualization host allowing access to the API both by non-privileged local users and remote users.

Layered packages provide bindings of the libvirt C API into other languages including Python, Perl, PHP, Go, Java, OCaml, as well as mappings into object systems such as GObject, CIM and SNMP.

Further information about the libvirt project can be found on the website:

https://libvirt.org

License

The libvirt C API is distributed under the terms of GNU Lesser General Public License, version 2.1 (or later). Some parts of the code that are not part of the C library may have the more restrictive GNU General Public License, version 2.1 (or later). See the files COPYING.LESSER and COPYING for full license terms & conditions.

Installation

Libvirt uses the GNU Autotools build system, so in general can be built and installed with the usual commands. For example, to build in a manner that is suitable for installing as root, use:

$ ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
$ make
$ sudo make install

While to build & install as an unprivileged user

$ ./configure --prefix=$HOME/usr
$ make
$ make install

The libvirt code relies on a large number of 3rd party libraries. These will be detected during execution of the configure script and a summary printed which lists any missing (optional) dependencies.

Contributing

The libvirt project welcomes contributions in many ways. For most components the best way to contribute is to send patches to the primary development mailing list. Further guidance on this can be found on the website:

https://libvirt.org/contribute.html

Contact

The libvirt project has two primary mailing lists:

Further details on contacting the project are available on the website:

https://libvirt.org/contact.html