Commit Graph

229 Commits

Author SHA1 Message Date
Felix Geyer dd875fb326 apparmor, virt-aa-helper: Explicit denies for host devices
Add explicit denies for disk devices to avoid cluttering dmesg with
(acceptable) denials.

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
Acked-by: Guido Günther <agx@sigxcpu.org>
2017-05-19 09:48:23 +02:00
Felix Geyer 95740052ea apparmor, virt-aa-helper: Allow access to libnl-3 config files
Allow access to libnl-3 config files

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
Acked-by: Guido Günther <agx@sigxcpu.org>
2017-05-19 09:48:23 +02:00
Michal Privoznik 1a4a4ffa3e lib: Fix c99 style comments
We prefer c89 style of comments.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2017-04-27 14:13:19 +02:00
Peter Krempa 085e794a86 lib: Introduce event for tracking disk backing file write threshold
When using thin provisioning, management tools need to resize the disk
in certain cases. To avoid having them to poll disk usage introduce an
event which will be fired when a given offset of the storage is written
by the hypervisor. Together with the API which will be added later, it
will allow registering thresholds for given storage backing volumes and
this event will then notify management if the threshold is exceeded.
2017-03-27 09:29:57 +02:00
Guido Günther 123cc3e11c apparmor: allow /usr/lib/qemu/qemu-bridge-helper
This is where e.g. Debian puts it.
2017-03-17 09:59:42 +01:00
Daniel P. Berrange 42241208d9 secret: add support for value change events
Emit an event whenever a secret value changes

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-01-09 16:42:04 +00:00
Daniel P. Berrange dabaa05d27 examples: add secret events to event demo program
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-01-09 15:53:49 +00:00
Daniel P. Berrange c50070173d Add domain event for metadata changes
When changing the metadata via virDomainSetMetadata, we now
emit an event to notify the app of changes. This is useful
when co-ordinating different applications read/write of
custom metadata.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-01-09 15:53:00 +00:00
Guido Günther 1a9148fbdf apparmor: pass attach_disconnected
to cure

 + virsh lxc-enter-namespace --noseclabel sl /bin/ls /bin/ls
 libvirt:  error : Expected at least one file descriptor
 error: internal error: Child process (2714) unexpected exit status 125

caused by

 apparmor="DENIED" operation="open" info="Failed name lookup - disconnected path" error=-13 profile="/usr/sbin/libvirtd" name="" pid=1422 comm="libvirtd" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
2016-12-21 06:26:31 +01:00
Michal Privoznik 3b67fc9f9f examples: Resolve sign-compare warnings
For instance:

hellolibvirt/hellolibvirt.c: In function 'showDomains':
hellolibvirt/hellolibvirt.c💯19: warning: comparison between signed and unsigned integer expressions [-Wsign-compare]
     for (i = 0; i < numNames; i++) {
                   ^

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-12-20 13:11:25 +01:00
Erik Skultety 0c169930c0 admin: Add an example demonstrating how to use the logging APIs
Provide a simple C example demonstrating the use of both query APIs as
well as setter APIs.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-12-15 10:36:23 +01:00
intrigeri a73e7037e5 AppArmor: allow QEMU to set_process_name.
https://bugzilla.redhat.com/show_bug.cgi?id=1369281

Acked-by: Christian Ehrhardt <christian.ehrhardt@canonical.co>
2016-12-12 14:08:45 +00:00
intrigeri de79efdeb8 AppArmor policy: support merged-/usr.
Acked-by: Christian Ehrhardt <christian.ehrhardt@canonical.co>
2016-12-12 14:08:35 +00:00
Luyao Huang aafa297044 examples: Distribute all systemtap scripts.
Due to a missing entries in Makefile, we were not distributing
all the systemtap scripts we have.

Signed-off-by: Luyao Huang <lhuang@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-10-10 15:02:38 +08:00
Cédric Bosdonnat f03013c212 apparmor: move qemu-bridge-helper to libvirtd profile
qemu-bridge-helper is only called from libvirtd, it has to be moved
from the qemu domain abstraction to the usr.sbin.libvirtd profile.
2016-09-26 13:23:01 +02:00
Jovanka Gulicoska 43a6b37b24 Introduce node device update event as top level event
This event is emitted when a nodedev XML definition is updated,
like when cdrom media is changed in a cdrom block device.

Also includes node device update event implementation for udev
backend, virsh nodedev-event support, and event-test support
2016-08-15 08:30:56 -04:00
Jovanka Gulicoska f803f5ff34 event-test: support node device lifecycle event APIs 2016-08-02 09:52:00 -04:00
Ján Tomko aa7bb4f36d examples: check asprintf return value in client_info.c
On error, asprintf returns -1 and the contents of the string
pointer is undefined. In the rest of the libvirt code,
the virAsprintf wrapper takes care of that.

Check the return value and report a generic error, since we
purposefully avoid linking to virutil.
2016-07-01 15:39:01 +02:00
Erik Skultety fbb8205de3 examples: admin: Add some examples for the new admin APIs
Some of the examples make use of asprintf and strtol functions (to keep
things simple) which are prohibited to use within our code (enforced by
syntax-check). Therefore besides adding some examples, this patch also updates
cfg.mk to exclude examples directory from asprintf and strtol rules, as well as
updates .gitignore to exclude all the new admin binaries created in the
'examples' dir.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-06-26 00:21:06 +02:00
Daniel P. Berrange 0330848207 Promote storage pool refresh lifecycle event to top level event
The VIR_STORAGE_POOL_EVENT_REFRESHED constant does not
reflect any change in the lifecycle of the storage pool.

It should thus not be part of the storage pool lifecycle
event set, but rather be a top level event in its own
right. Thus we introduce VIR_STORAGE_POOL_EVENT_ID_REFRESH
to replace it.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-06-24 18:26:11 +01:00
Jovanka Gulicoska 028c56631f event-test: support storage lifecycle event APIs 2016-06-16 12:22:11 -04:00
Guido Günther 2e34cb5463 apparmor: Don't scrub environment of virtlogd process
otherwise we drop variables like XDG_RUNTIME_DIR with qemu:///session
and libvirtd faild to find virtlogd's socket.
2016-06-12 13:36:28 +02:00
Jovanka Gulicoska b29e08dbe3 More usage of virGetLastErrorMessage
Convert to virGetLastErrorMessage() in the rest of the code
2016-05-19 15:17:03 -04:00
Michal Privoznik 25866ec6a6 examples: Try harder to uninstall nwfilter
We have this code in our Makefile that tries to remove
/etc/libvirt/nwfilter if directory is left empty after all our
example nwfilters were uninstalled. However, the check for that
is missing quotation marks thus rendering the test useless:

test -z allow-arp.xml allow-dhcp-server.xml .. qemu-announce-self.xml || \
  rmdir "/some/path/libvirt.git/_install/etc/libvirt/nwfilter"
/bin/sh: line 0: test: too many arguments

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-04-20 17:33:55 +02:00
Peter Krempa dc7aeeade1 event-test: Enforce domain event sync
Use verify to force adding new events by means of static assertions.
2016-04-18 16:31:30 +02:00
Peter Krempa 09b28782de event-test: Add VIR_DOMAIN_EVENT_ID_IO_ERROR_REASON
When adding the static check I've noticed that one other event is
missing.
2016-04-18 16:31:29 +02:00
Peter Krempa cecbb0642e event-test: Add VIR_DOMAIN_EVENT_ID_DEVICE_REMOVAL_FAILED 2016-04-18 16:31:29 +02:00
Peter Krempa 9e9a5cf0f4 event-test: Add VIR_DOMAIN_EVENT_ID_JOB_COMPLETED 2016-04-18 16:31:29 +02:00
Peter Krempa bb25001a5b event-test: Add VIR_DOMAIN_EVENT_ID_MIGRATION_ITERATION callback 2016-04-18 16:31:29 +02:00
Peter Krempa 9da32b368e event-test: Add VIR_DOMAIN_EVENT_ID_BLOCK_JOB and VIR_DOMAIN_EVENT_ID_BLOCK_JOB_2 2016-04-18 16:31:29 +02:00
Peter Krempa e55b149169 event-test: make domain event registration declarative
Rather than copying loads of ugly code, let's help out by a few C
tricks.
2016-04-18 16:31:29 +02:00
Peter Krempa 16dfe015f9 event-test: warn on unhandled enum values
Avoid forgetting to add the correct fields to the switches in
event-test.
2016-04-18 16:31:29 +02:00
Peter Krempa ab48005f10 event-test: make few switch statements future proof
Make them return "uknown" for invalid values without breaking compiler
checks to add new values.
2016-04-18 16:31:28 +02:00
Peter Krempa 5ffc742c17 event-test: Use switch instead of if/else if chains for lifecycle event translation 2016-04-18 16:31:28 +02:00
Peter Krempa f3f01f771b event-test: Use typecasted enum to convert graphics event phase 2016-04-18 16:31:28 +02:00
Peter Krempa 09ddd86027 event-test: Force compiler check in switch for connectClose callback 2016-04-18 16:31:28 +02:00
Peter Krempa e1128b3a4c event-test: Use functions with typecasted switch to convert enums
Arrays would induce crash if a new value was introduced without adding
it here. This could happen for
VIR_DOMAIN_EVENT_DISK_DROP_MISSING_ON_START
2016-04-18 16:31:27 +02:00
Peter Krempa 2e0f34530b event-test: touch up coding style
Break long lines and format headers correctly.
2016-04-18 16:31:27 +02:00
Peter Krempa 6e71d1e824 event-test: Remove unnecessary 'usage' function 2016-04-18 16:31:27 +02:00
Peter Krempa e1389f3983 event-test: Get rid of useless and ambiguous VIR_DEBUG macro
The event test does not try to include libvirt internals. Using a macro
named VIR_DEBUG might hint to such usage. Additionally it's useless
since it's used only in the main() function.

Modernize the message strings while touching them.
2016-04-18 16:31:27 +02:00
Peter Krempa fda27347d5 event-test: Remove forward declarations
Most of the functions are no longer in this file. 'usage' does not need
a declaration.
2016-04-18 16:31:27 +02:00
Michal Privoznik cbe289d814 event-test: Check for virConnectRegisterCloseCallback return value
In an unlikely event of virConnectRegisterCloseCallback failing,
the error is ignored. This is an example file and we shouldn't
get a bad example.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-03-24 10:49:39 +01:00
Michal Privoznik bde75a895d event-test: Use goto cleanup instead of if else jungle
Like in the rest of our code we tend to prefer 'goto' and
'cleanup' over 'if else' code structure. Do the same here.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-03-24 10:49:39 +01:00
Jiri Denemark 5a9cbc6265 Add event and state details for post-copy
VIR_DOMAIN_EVENT_SUSPENDED_POSTCOPY and VIR_DOMAIN_PAUSED_POSTCOPY are
used on the source host once migration enters post-copy mode (which
means the domain gets paused on the source. After the destination host
takes over the execution of the domain, its virtual CPUs are resumed and
the domain enters VIR_DOMAIN_RUNNING_POSTCOPY state and
VIR_DOMAIN_EVENT_RESUMED_POSTCOPY event is emitted.

In case migration fails during post-copy mode and none of the hosts have
complete state of the domain, both domains will remain paused with
VIR_DOMAIN_PAUSED_POSTCOPY_FAILED reason and an upper layer may decide
what to do.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-03-21 15:15:46 +01:00
Dmitry Andreev 8047d45704 Introduce new VIR_DOMAIN_EVENT_DEFINED_FROM_SNAPSHOT sub-event
VIR_DOMAIN_EVENT_DEFINED_FROM_SNAPSHOT event should be emitted
when domain configuration was changed on revert to snapshot.
2016-03-15 14:57:26 -04:00
Andrea Bolognani 9a457be18b domsuspend: Fix warning on mingw build
Commit d82170d introduced a workaround for domtop: in that example
program, we define a symbol called ERROR for our own use, but since
a symbol with the same name is already defined in one of mingw's
header files, we get a warning when using that compiler.

domsuspend defines the same problematic symbol, so the workaround
has been copied over.
2016-02-12 16:36:34 +01:00
Michal Privoznik 8c67ab6684 Expand $(wildcard) correctly
So after da176bf6b7 and friend we have switched to $(wildcard
some/path/*.xml) instead of enumerating the files explicitly.
This is nice, however it makes distcheck build from VPATH fail.
The reason is that it's is not obvious to what does the wildcard
refer to: srcdir or builddir?

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-01-12 17:16:33 +01:00
Cole Robinson da176bf6b7 examples: Use one top level makefile
Using one Makefile per example subdirectory essentially serializes 'make'
calls. Convert to one example/Makefile that builds and distributes
all the subdir files. This reduces example/ rebuild time from about 5.8
seconds to 1.5 seconds on my machine.

One slight difference is that we no longer ship Makefile.am with the
examples in the rpm. This was virtually useless anyways since the Makefile
was very specific to libvirt infrastructure, so wasn't generically
reusable anyways.

Tested with 'make distcheck' and 'make rpm'
2016-01-09 21:14:12 -05:00
Guido Günther d8ca0cbd4b apparmor: add missing qemu binaries
This adds the qemu binaries as of 1.2.4 in Debian. It also removes a
duplicate sparc64 entry.
2015-11-25 08:35:06 +01:00
Martin Kletzander e755186c5c Add example that renames domain there and back
And in the middle it prints out its name to demonstrate changes in later
patch(es).

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-09-04 18:55:01 +02:00