Libvirt provides a portable, long term stable C API for managing the virtualization technologies provided by many operating systems. It includes support for QEMU, KVM, Xen, LXC, bhyve, Virtuozzo, VMware vCenter and ESX, VMware Desktop, Hyper-V, VirtualBox and the POWER Hypervisor.
Go to file
Michal Privoznik 13eb6c1468 qemu: Tell secdrivers which images are top parent
When preparing images for block jobs we modify their seclabels so
that QEMU can open them. However, as mentioned in the previous
commit, secdrivers base some it their decisions whether the image
they are working on is top of of the backing chain. Fortunately,
in places where we call secdrivers we know this and the
information can be passed to secdrivers.

The problem is the following: after the first blockcommit from
the base to one of the parents the XATTRs on the base image are
not cleared and therefore the second attempt to do another
blockcommit fails. This is caused by blockcommit code calling
qemuSecuritySetImageLabel() over the base image, possibly
multiple times (to ensure RW/RO access). A naive fix would be to
call the restore function. But this is not possible, because that
would deny QEMU the access to the base image.  Fortunately, we
can use the fact that seclabels are remembered only for the top
of the backing chain and not for the rest of the backing chain.
And thanks to the previous commit we can tell secdrivers which
images are top of the backing chain.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1803551

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-03-09 14:14:55 +01:00
.ctags.d maint: Add support for .ctags.d 2019-05-31 17:54:28 +02:00
build-aux virclosecallbacks: move to src/hypervisor 2020-02-24 16:47:21 +01:00
ci ci: Drop handling of $PKG_CONFIG_LIBDIR 2020-03-04 11:24:10 +01:00
docs docs: add page describing the libvirt daemons 2020-03-05 15:40:01 +00:00
examples qemu: support Panic Crashloaded event handling 2020-02-07 14:05:25 +00:00
include/libvirt qemu: support Panic Crashloaded event handling 2020-02-07 14:05:25 +00:00
m4 m4: libxl: properly fail when libxl is required 2020-02-20 22:30:45 +01:00
po qemu: add code for handling virtiofsd 2020-03-04 12:08:50 +01:00
scripts virerror: Make it easier to add new error number 2020-01-10 13:53:32 +01:00
src qemu: Tell secdrivers which images are top parent 2020-03-09 14:14:55 +01:00
tests src: fix mixup of stack and heap allocated data in auth callback 2020-03-06 17:02:10 +00:00
tools cmdDomHostname: Fix uninitialized use of 'hostname' by refactoring cleanup 2020-03-05 16:21:47 +01:00
.color_coded.in gnulib: delete all gnulib integration 2020-02-07 15:03:54 +00:00
.ctags ctags: Generate tags for headers, i.e. function prototypes 2018-09-18 14:21:33 +02:00
.dir-locals.el build: avoid tabs that failed syntax-check 2012-09-06 09:43:46 -06:00
.editorconfig Add .editorconfig 2019-09-06 12:47:46 +02:00
.gitignore gnulib: delete all gnulib integration 2020-02-07 15:03:54 +00:00
.gitlab-ci.yml gitlab: Move mips job to Debian 9 2019-12-13 13:12:13 +01:00
.gitmodules gnulib: delete all gnulib integration 2020-02-07 15:03:54 +00:00
.gitpublish gitpublish: add a subject prefix 2020-01-16 13:04:11 +00:00
.mailmap mailmap: Remove some duplicates 2019-06-07 13:18:08 +02:00
.travis.yml travis: Use dedicated images for MinGW builds 2020-02-24 13:41:58 +01:00
.ycm_extra_conf.py.in gnulib: delete all gnulib integration 2020-02-07 15:03:54 +00:00
ABOUT-NLS po: provide custom make rules for po file management 2018-04-19 10:35:58 +01:00
AUTHORS.in AUTHORS: Add Fabiano Fidêncio 2019-12-19 16:42:06 +01:00
autogen.sh build: stop running aclocal manually 2020-02-25 09:22:56 +00:00
ChangeLog maint: Stop generating ChangeLog from git 2019-04-03 09:45:25 +02:00
config-post.h gnulib: delete all gnulib integration 2020-02-07 15:03:54 +00:00
configure.ac maint: Post-release version bump to 6.2.0 2020-03-04 10:32:58 +01:00
COPYING maint: follow recommended practice for using LGPL 2013-05-20 14:15:21 -06:00
COPYING.LESSER maint: Remove control characters from LGPL license file 2015-09-25 09:16:24 +02:00
gitdm.config gitdm: add 'ibm' file 2019-10-18 17:32:52 +02:00
GNUmakefile build: merge all syntax-check logic into one file 2019-10-09 13:36:54 +01:00
libvirt-admin.pc.in Add libvirt-admin library 2015-06-16 13:46:20 +02:00
libvirt-lxc.pc.in Add pkg-config files for libvirt-qemu & libvirt-lxc 2014-06-23 16:17:27 +01:00
libvirt-qemu.pc.in Add pkg-config files for libvirt-qemu & libvirt-lxc 2014-06-23 16:17:27 +01:00
libvirt.pc.in Add pkg-config files for libvirt-qemu & libvirt-lxc 2014-06-23 16:17:27 +01:00
libvirt.spec.in gnulib: delete all gnulib integration 2020-02-07 15:03:54 +00:00
Makefile.am gnulib: delete all gnulib integration 2020-02-07 15:03:54 +00:00
Makefile.nonreentrant Remove backslash alignment attempts 2017-11-03 13:24:12 +01:00
mingw-libvirt.spec.in Remove phyp driver 2019-12-20 12:25:42 -05:00
README Provide a useful README file 2017-05-22 17:01:37 +01:00
README-hacking gnulib: delete all gnulib integration 2020-02-07 15:03:54 +00:00
README.md build: mandate use of a build dir != src dir 2019-11-08 17:07:35 +01:00
run.in run.in: Include tools directory on $PATH. 2020-01-21 13:04:57 +01:00

Build Status CII Best Practices

Libvirt API for virtualization

Libvirt provides a portable, long term stable C API for managing the virtualization technologies provided by many operating systems. It includes support for QEMU, KVM, Xen, LXC, bhyve, Virtuozzo, VMware vCenter and ESX, VMware Desktop, Hyper-V, VirtualBox and the POWER Hypervisor.

For some of these hypervisors, it provides a stateful management daemon which runs on the virtualization host allowing access to the API both by non-privileged local users and remote users.

Layered packages provide bindings of the libvirt C API into other languages including Python, Perl, PHP, Go, Java, OCaml, as well as mappings into object systems such as GObject, CIM and SNMP.

Further information about the libvirt project can be found on the website:

https://libvirt.org

License

The libvirt C API is distributed under the terms of GNU Lesser General Public License, version 2.1 (or later). Some parts of the code that are not part of the C library may have the more restrictive GNU General Public License, version 2.0 (or later). See the files COPYING.LESSER and COPYING for full license terms & conditions.

Installation

Libvirt uses the GNU Autotools build system, so in general can be built and installed with the usual commands, however, we mandate to have the build directory different than the source directory. For example, to build in a manner that is suitable for installing as root, use:

$ mkdir build && cd build
$ ../configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
$ make
$ sudo make install

While to build & install as an unprivileged user

$ mkdir build && cd build
$ ../configure --prefix=$HOME/usr
$ make
$ make install

The libvirt code relies on a large number of 3rd party libraries. These will be detected during execution of the configure script and a summary printed which lists any missing (optional) dependencies.

Contributing

The libvirt project welcomes contributions in many ways. For most components the best way to contribute is to send patches to the primary development mailing list. Further guidance on this can be found on the website:

https://libvirt.org/contribute.html

Contact

The libvirt project has two primary mailing lists:

Further details on contacting the project are available on the website:

https://libvirt.org/contact.html