0bb796bda3
When VIR_EXEC_DAEMON is true and cmd->pidfile exists, the parent will expect the pidfile to be written before exiting, sitting tight in a saferead() call waiting. The child then does process tuning (via virProcessSet* functions) before writing the pidfile. Problem is that these tunings can fail, and trigger a 'fork_error' jump, before cmd->pidfile is written. The result is that the process was aborted in the child, but the parent is still hang in the saferead() call. This behavior can be reproduced by trying to create and execute a QEMU guest in user mode (e.g. using qemu:///session as non-root). virProcessSetMaxMemLock() will fail if the spawned libvirtd user process does not have CAP_SYS_RESOURCE capability. setrlimit() will fail, and a 'fork_error' jump is triggered before cmd->pidfile is written. The parent will hung in saferead() indefinitely. From the user perspective, 'virsh start <guest>' will hang up indefinitely. CTRL+C can be used to retrieve the terminal, but any subsequent 'virsh' call will also hang because the previous libvirtd user process is still there. We can fix this by moving all virProcessSet*() tuning functions to be executed after cmd->pidfile is taken care of. In the case mentioned above, this would be the result of 'virsh start' after this patch: error: Failed to start domain vm1 error: internal error: Process exited prior to exec: libvirt: error : cannot limit locked memory to 79691776: Operation not permitted Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1882093 Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com> |
||
|---|---|---|
| .ctags.d | ||
| .github | ||
| build-aux | ||
| ci | ||
| docs | ||
| examples | ||
| include | ||
| po | ||
| scripts | ||
| src | ||
| tests | ||
| tools | ||
| .color_coded.in | ||
| .ctags | ||
| .dir-locals.el | ||
| .editorconfig | ||
| .gitignore | ||
| .gitlab-ci.yml | ||
| .gitmodules | ||
| .gitpublish | ||
| .mailmap | ||
| .ycm_extra_conf.py.in | ||
| AUTHORS.rst.in | ||
| config.h | ||
| configmake.h.in | ||
| CONTRIBUTING.rst | ||
| COPYING | ||
| COPYING.LESSER | ||
| gitdm.config | ||
| libvirt-admin.pc.in | ||
| libvirt-lxc.pc.in | ||
| libvirt-qemu.pc.in | ||
| libvirt.pc.in | ||
| libvirt.spec.in | ||
| meson_options.txt | ||
| meson.build | ||
| mingw-libvirt.spec.in | ||
| NEWS.rst | ||
| README.rst | ||
| run.in | ||
Libvirt API for virtualization
Libvirt provides a portable, long term stable C API for managing the virtualization technologies provided by many operating systems. It includes support for QEMU, KVM, Xen, LXC, bhyve, Virtuozzo, VMware vCenter and ESX, VMware Desktop, Hyper-V, VirtualBox and the POWER Hypervisor.
For some of these hypervisors, it provides a stateful management daemon which runs on the virtualization host allowing access to the API both by non-privileged local users and remote users.
Layered packages provide bindings of the libvirt C API into other languages including Python, Perl, PHP, Go, Java, OCaml, as well as mappings into object systems such as GObject, CIM and SNMP.
Further information about the libvirt project can be found on the website:
License
The libvirt C API is distributed under the terms of GNU Lesser General Public License, version 2.1 (or later). Some parts of the code that are not part of the C library may have the more restrictive GNU General Public License, version 2.0 (or later). See the files COPYING.LESSER and COPYING for full license terms & conditions.
Installation
Instructions on building and installing libvirt can be found on the website:
https://libvirt.org/compiling.html
Contributing
The libvirt project welcomes contributions in many ways. For most components the best way to contribute is to send patches to the primary development mailing list. Further guidance on this can be found on the website:
https://libvirt.org/contribute.html
Contact
The libvirt project has two primary mailing lists:
- libvirt-users@redhat.com (for user discussions)
- libvir-list@redhat.com (for development only)
Further details on contacting the project are available on the website: