Any source file which calls the logging APIs now needs
to have a VIR_LOG_INIT("source.name") declaration at
the start of the file. This provides a static variable
of the virLogSource type.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
We allow translation from no_bandwidth to has_bandwidth for a vnic.
However, going in the opposite direction is not implemented. It's not
limitation of the API rather than internal implementation. The problem
is, we correctly detect that user hasn't specified any outbound (say
he wants to clear out outbound). However, this gets overwritten by
current vnic outbound settings. Then, virNetDevBandwidthSet doesn't
change anything. We need to stop overwriting the outbound if users
don't want us to. Same applies for inbound.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Commit a1cbe4b5 added a check for spaces around assignments and this
patch extends it to checks for spaces around '=='. One exception is
virAssertCmpInt where comma after '==' is acceptable (since it is a
macro and '==' is its argument).
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Introducing keepalive similarly to Guannan around 2 years ago. Since
we want to introduce keepalive for every connection, it makes sense to
wrap the connecting function into new virsh one that can deal
keepalive as well.
Function vshConnect() is now used for connecting and keepalive added
in that function (if possible) helps preventing long waits e.g. while
nework goes down during migration.
This patch also adds the options for keepalive tuning into virsh and
fails connecting only when keepalives are explicitly requested and
cannot be set (whether it is due to missing support in connected
driver or remote server). If not explicitely requested, a debug
message is printed (hence the addition to virsh-optparse test).
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1073506
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=822839
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
vshRunConsole() uses virCondWait() which is a wrapper around
pthread_cond_wait(). On FreeBSD, pthread_cond_wait needs mutex to be
locked, otherwise it immediately fails with EPERM. On Linux, the
behaviour in this case is undefined.
So lock the mutex before calling virCondWait().
Coverity spotted that 'nfdlist' (ssize_t) could be -1, but that we
were using 'i' (size_t) to iterate over the list at cleanup, with
crashing results because it promotes to a really big unsigned number.
* tools/virt-login-shell.c (main): Avoid treating -1 as unsigned.
Signed-off-by: Eric Blake <eblake@redhat.com>
If a user specifies the pool explicitly, we should make sure to point
out that it's inactive instead of falling back to lookup by key/path and
failing at the end. Also if the pool isn't found there's no use in
continuing the lookup.
This changes the error in case the user-selected pool is inactive from:
$ virsh vol-upload --pool inactivepool --vol somevolname volcontents
error: failed to get vol 'somevolname'
error: Storage volume not found: no storage vol with matching path
somevolname
To a more descriptive:
$ virsh vol-upload --pool inactivepool --vol somevolname volcontents
error: pool 'inactivepool' is not active
And in case a user specifies an invalid pool from:
$ virsh vol-upload --pool invalidpool --vol somevolname volcontents
error: failed to get pool 'invalidpool'
error: failed to get vol 'somevolname', specifying --pool might help
error: Storage volume not found: no storage vol with matching path somevolname
To something less confusing:
$ virsh vol-upload --pool invalidpool --vol somevolname volcontents
error: failed to get pool 'invalidpool'
error: Storage pool not found: no storage pool with matching name 'invalidpool'
'virsh lxc-enter-namespace' does not have a way to reflect exit
status to the caller in single-command mode, but we might as well
at least report the exit status. Prior to this patch,
$ virsh -c lxc:/// lxc-enter-namespace shell /bin/sh 'exit 3'; echo $?
1
now it gives some details:
$ virsh -c lxc:/// lxc-enter-namespace shell /bin/sh -c 'exit 3'; echo $?
error: internal error: Child process (31557) unexpected exit status 3
1
Also useful:
$ virsh -c lxc:/// lxc-enter-namespace shell /bin/sh -c 'kill $$'; echo $?
error: internal error: Child process (31585) unexpected fatal signal 15
1
* tools/virsh-domain.c (cmdLxcEnterNamespace): Avoid magic numbers.
Dispatch any error.
* tools/virsh.pod: Document that non-zero exit status is collapsed.
Signed-off-by: Eric Blake <eblake@redhat.com>
virt-login-shell was exiting with status 0, regardless of what the
wrapped shell returned. This is unkind to users; we should behave
more like env(1), nice(1), su(1), and other wrapper programs, by
preserving the invoked application's status (which includes the
distinction between death due to signal vs. normal death).
* tools/virt-login-shell.c (main): Pass through child exit status.
* tools/virt-login-shell.pod: Document exit status.
Signed-off-by: Eric Blake <eblake@redhat.com>
Note that 'virsh lxc-enter-namespace' must double-fork, for two
reasons: some namespaces can only be done from a single thread,
while virsh is multithreaded; and because virsh can be run in
batch mode where we must not corrupt the namespace of that
execution upon return from the subsidiary command.
When virt-login-shell was first written, it blindly copied from
'virsh lxc-enter-namespace', including the double-fork. But
neither of the reasons for double forking apply to
virt-login-shell (we are single-threaded, and we have nothing to
do after the child completes that would require us to preserve a
namespace), so we can simplify life by using a single fork.
In turn, this will make it easier for a future patch to pass the
child's exit status on to the invoking shell.
In flattening to a single fork, note that closing the fds must
be done after fork, because the parent process still needs to
use fds to control the virConnectPtr; meanwhile, chdir can be
done prior to forking (in fact, it's easier to report errors
on anything attempted before forking).
* tools/virt-login-shell.c (main): Single rather than double fork.
(virLoginShellFini): Delete, by inlining actions instead.
Signed-off-by: Eric Blake <eblake@redhat.com>
The old semantics of virFork() violates the priciple of good
usability: it requires the caller to check the pid argument
after use, *even when virFork returned -1*, in order to properly
abort a child process that failed setup done immediately after
fork() - that is, the caller must call _exit() in the child.
While uses in virfile.c did this correctly, uses in 'virsh
lxc-enter-namespace' and 'virt-login-shell' would happily return
from the calling function in both the child and the parent,
leading to very confusing results. [Thankfully, I found the
problem by inspection, and can't actually trigger the double
return on error without an LD_PRELOAD library.]
It is much better if the semantics of virFork are impossible
to abuse. Looking at virFork(), the parent could only ever
return -1 with a non-negative pid if it misused pthread_sigmask,
but this never happens. Up until this patch series, the child
could return -1 with non-negative pid if it fails to set up
signals correctly, but we recently fixed that to make the child
call _exit() at that point instead of forcing the caller to do
it. Thus, the return value and contents of the pid argument are
now redundant (a -1 return now happens only for failure to fork,
a child 0 return only happens for a successful 0 pid, and a
parent 0 return only happens for a successful non-zero pid),
so we might as well return the pid directly rather than an
integer of whether it succeeded or failed; this is also good
from the interface design perspective as users are already
familiar with fork() semantics.
One last change in this patch: before returning the pid directly,
I found cases where using virProcessWait unconditionally on a
cleanup path of a virFork's -1 pid return would be nicer if there
were a way to avoid it overwriting an earlier message. While
such paths are a bit harder to come by with my change to a direct
pid return, I decided to keep the virProcessWait change in this
patch.
* src/util/vircommand.h (virFork): Change signature.
* src/util/vircommand.c (virFork): Guarantee that child will only
return on success, to simplify callers. Return pid rather than
status, now that the situations are always the same.
(virExec): Adjust caller, also avoid open-coding process death.
* src/util/virprocess.c (virProcessWait): Tweak semantics when pid
is -1.
(virProcessRunInMountNamespace): Adjust caller.
* src/util/virfile.c (virFileAccessibleAs, virFileOpenForked)
(virDirCreate): Likewise.
* tools/virt-login-shell.c (main): Likewise.
* tools/virsh-domain.c (cmdLxcEnterNamespace): Likewise.
* tests/commandtest.c (test23): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
Right now, a caller waiting for a child process either requires
the child to have status 0, or must use WIFEXITED() and friends
itself. But in many cases, we want the middle ground of treating
fatal signals as an error, and directly accessing the normal exit
value without having to use WEXITSTATUS(), in order to easily
detect an expected non-zero exit status. This adds the middle
ground to the low-level virProcessWait; the next patch will add
it to virCommand.
* src/util/virprocess.h (virProcessWait): Alter signature.
* src/util/virprocess.c (virProcessWait): Add parameter.
(virProcessRunInMountNamespace): Adjust caller.
* src/util/vircommand.c (virCommandWait): Likewise.
* src/util/virfile.c (virFileAccessibleAs): Likewise.
* src/lxc/lxc_container.c (lxcContainerHasReboot)
(lxcContainerAvailable): Likewise.
* daemon/libvirtd.c (daemonForkIntoBackground): Likewise.
* tools/virt-login-shell.c (main): Likewise.
* tools/virsh-domain.c (cmdLxcEnterNamespace): Likewise.
* tests/testutils.c (virtTestCaptureProgramOutput): Likewise.
* tests/commandtest.c (test23): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
Similar to our event-test demo program, it's nice to be able to
have a mode where we can sniff all events at once, rather than
having to spawn multiple virsh in parallel with one for each
event type.
(Can I just say our RegisterAny design is lousy? The fact that
the majority of our callback pointers have a function signature
with the opaque data in a different position, and that we have
to cast the function signature before registering it, makes it
hard to write a generic callback function; we have to write one
for every type of event id. Life would have been easier if we
had designed the callback as a fixed signature with a void*
and size parameter, and then allowed the caller to downcast
the void* to a particular struct for data specific to their
callback id, where we could have then had a single function
with a switch statement for each event id, and register that
one function for all types of events. It would also be nicer
if the callback functions knew which callbackID was being used
when invoking that callback, so that I could use a common data
structure among all registrations instead of having to create
an array of one data per callback. But I really don't want to
go add yet another event API design.)
* tools/virsh-domain.c (cmdEvent): Add --all parameter; convert
all callbacks to support shared counter.
* tools/virsh.pod (event): Document it.
Signed-off-by: Eric Blake <eblake@redhat.com>
Earlier, I added 'virsh event' for lifecycle events, to get the
concept approved; this patch finishes the support for all other
events, although the user still has to register for one event
type at a time. A future patch may add an --all parameter to
make it possible to register for all events through a single
call.
* tools/virsh-domain.c (vshDomainEventWatchdogToString)
(vshDomainEventIOErrorToString, vshGraphicsPhaseToString)
(vshGraphicsAddressToString, vshDomainBlockJobStatusToString)
(vshDomainEventDiskChangeToString)
(vshDomainEventTrayChangeToString, vshEventGenericPrint)
(vshEventRTCChangePrint, vshEventWatchdogPrint)
(vshEventIOErrorPrint, vshEventGraphicsPrint)
(vshEventIOErrorReasonPrint, vshEventBlockJobPrint)
(vshEventDiskChangePrint, vshEventTrayChangePrint)
(vshEventPMChangePrint, vshEventBalloonChangePrint)
(vshEventDeviceRemovedPrint): New helper routines.
(cmdEvent): Support full array of event callbacks.
Signed-off-by: Eric Blake <eblake@redhat.com>
If user wants to grep some info from domain, e.g. disk paths:
# virsh -q domblklist win7 | awk '{print $2}'
Source
/var/lib/libvirt/images/windows.qcow2
/home/zippy/work/tmp/en_windows_7_professional_x64_dvd_X15-65805.iso
while with my change:
# virsh -q domblklist win7 | awk '{print $2}'
/var/lib/libvirt/images/windows.qcow2
/home/zippy/work/tmp/en_windows_7_professional_x64_dvd_X15-65805.iso
We don't print table header in other commands, like list.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
I noticed this while shortening switch statements via VIR_ENUM.
Basically, the only ways virAsprintf can fail are if we pass a
bogus format string (but we're not THAT bad) or if we run out
of memory (but it already warns on our behalf in that case).
Throw away the cruft that tries too hard to diagnose a printf
failure.
* tools/virsh-volume.c (cmdVolList): Simplify.
* tools/virsh-pool.c (cmdPoolList): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
Dan Berrange suggested that using VIR_ENUM_IMPL is more compact
than open-coding switch statements, and still just as forceful
at making us remember to update lists if we add enum values
in the future. Make this change throughout virsh.
Sure enough, doing this change caught that we missed at least
VIR_STORAGE_VOL_NETDIR.
* tools/virsh-domain-monitor.c (vshDomainIOErrorToString)
(vshDomainControlStateToString, vshDomainStateToString)
(vshDomainStateReasonToString): Change switch to enum lookup.
(cmdDomControl, cmdDominfo): Update caller.
* tools/virsh-domain.c (vshDomainVcpuStateToString)
(vshDomainEventToString, vshDomainEventDetailToString): Change
switch to enum lookup.
(vshDomainBlockJobToString, vshDomainJobToString): New functions.
(cmdVcpuinfo, cmdBlockJob, cmdDomjobinfo, cmdEvent): Update
callers.
* tools/virsh-network.c (vshNetworkEventToString): Change switch
to enum lookup.
* tools/virsh-pool.c (vshStoragePoolStateToString): New function.
(cmdPoolList, cmdPoolInfo): Update callers.
* tools/virsh-volume.c (vshVolumeTypeToString): Change switch to
enum lookup.
(cmdVolInfo, cmdVolList): Update callers.
Signed-off-by: Eric Blake <eblake@redhat.com>
I've noticed that in some cases systemd was quick enough and even
if libvirt-guests.service is marked to be started after the
libvirtd.service my guests were not resumed as
libvirt-guests.sh failed to connect. This is because of a
simple fact: systemd correctly starts libvirt-guests after it
execs libvirtd. However, the daemon is not able to accept
connections right from the start. It's doing some
initialization which may take ages. This problem is not limited
to systemd only, indeed. Any init system that is able to startup
services in parallel (e.g. OpenRC) may run into this situation.
The fix is to try connecting not only once, but continuously a few
times with a small sleep in between tries.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Add 'virsh net-event --list' and 'virsh net-event [net] --event=name
[--loop] [--timeout]'. Very similar to 'virsh event'.
* tools/virsh.pod (net-event): Document new command.
* tools/virsh-network.c (vshNetworkEventToString, vshNetEventData)
(vshEventLifecyclePrint, cmdNetworkEvent): New struct and
functions.
Signed-off-by: Eric Blake <eblake@redhat.com>
Add 'virsh event --list' and 'virsh event [dom] --event=name
[--loop] [--timeout]'. Borrows somewhat from event-test.c,
but defaults to a one-shot notification, and takes advantage
of the event loop integration to allow Ctrl-C to interrupt the
wait for an event. For now, this just does lifecycle events.
* tools/virsh.pod (event): Document new command.
* tools/virsh-domain.c (vshDomainEventToString)
(vshDomainEventDetailToString, vshDomEventData)
(vshEventLifecyclePrint, cmdEvent): New struct and functions.
Signed-off-by: Eric Blake <eblake@redhat.com>
I plan to add 'virsh event' to virsh-domain.c and 'virsh
net-event' to virsh-network.c; but as they will share quite
a bit of common boilerplate, it's better to set that up now
in virsh.c.
* tools/virsh.h (_vshControl): Add fields.
(vshEventStart, vshEventWait, vshEventDone, vshEventCleanup): New
prototypes.
* tools/virsh.c (vshEventFd, vshEventOldAction, vshEventInt)
(vshEventTimeout): New helper variables and functions.
(vshEventStart, vshEventWait, vshEventDone, vshEventCleanup):
Implement new functions.
(vshInit, vshDeinit, main): Manage event timeout.
Signed-off-by: Eric Blake <eblake@redhat.com>
Several virsh commands ask for a --timeout parameter in
seconds, then use it to control interfaces that operate on
millisecond limits; I also plan on adding a 'virsh event'
command that also does this. Factor this into a common
function.
* tools/virsh.h (vshCommandOptTimeoutToMs): New prototype.
* tools/virsh.c (vshCommandOptTimeoutToMs): New function.
* tools/virsh-domain.c (cmdBlockCommit, cmdBlockCopy)
(cmdBlockPull, cmdMigrate): Use it.
(vshWatchJob): Adjust timeout scale.
Signed-off-by: Eric Blake <eblake@redhat.com>
Recent autotest/virt-test testing on f20 discovered an anomaly in how
the bandwidth options are documented and used. This was discovered due
to a bug fix in the /sbin/tc utility found in iproute-3.11.0.1 (on f20)
in which overflow was actually caught and returned as an error. The fix
was first introduced in iproute-3.10 (search on iproute2 commit 'a303853e').
The autotest/virt-test test for virsh domiftune was attempting to send
the largest unsigned integer value (4294967295) for maximum value
testing. The libvirt xml implementation was designed to manage values
in kilobytes thus when this value was passed to /sbin/tc, it (now)
properly rejected the 4294967295kbps value.
Investigation of the problem discovered that formatdomain.html.in and
formatnetwork.html.in described the elements and property types slightly
differently, although they use the same code - virNetDevBandwidthParseRate()
(shared by portgroups, domains, and networks xml parsers). Rather than
have the descriptions in two places, this patch will combine and reword
the description under formatnetwork.html.in and have formatdomain.html.in
link to that description.
This documentation faux pas was continued into the virsh man page where
the bandwidth description for both 'attach-interface' and 'domiftune'
did not indicate the format of each value, thus leading to the test using
largest unsigned integer value assuming "bps" rather than "kbps", which
ultimately was wrong.
And provide domain summary stat in that case, for lxc backend.
Use case is a container inheriting all devices from the host,
e.g. when doing application containerization.
When start a guest with --pass-fd, if the argument of --pass-fd is invalid,
virsh will exit, but doesn't free the variable 'dom'.
The valgrind said:
...
==24569== 63 (56 direct, 7 indirect) bytes in 1 blocks are definitely lost in loss record 130 of 234
==24569== at 0x4C2A1D4: calloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==24569== by 0x4E879A4: virAllocVar (viralloc.c:544)
==24569== by 0x4EBD625: virObjectNew (virobject.c:190)
==24569== by 0x4F3A18A: virGetDomain (datatypes.c:226)
==24569== by 0x4F9311F: remoteDomainLookupByName (remote_driver.c:6636)
==24569== by 0x4F44F20: virDomainLookupByName (libvirt.c:2277)
==24569== by 0x12F616: vshCommandOptDomainBy (virsh-domain.c:105)
==24569== by 0x131C79: cmdStart (virsh-domain.c:3330)
==24569== by 0x12C4AB: vshCommandRun (virsh.c:1752)
==24569== by 0x127001: main (virsh.c:3218)
https://bugzilla.redhat.com/show_bug.cgi?id=1067338
Signed-off-by: Jincheng Miao <jmiao@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
For pool which relies on remote resources, such as a "iscsi" type
pool, since how long it takes to export the corresponding devices
to host's sysfs is really depended, it could depend on the network
connection, it also could depend on the host's udev procedures. So
it's likely that the volumes are not able to be detected during pool
starting process, polling the sysfs doesn't work, since we don't
know how much time is best for the polling, and even worse, the
volumes could still be not detected or partly not detected even after
the polling. So we end up with a documentation to prompt the fact,
in virsh manual.
And as a small improvement, let's explicitly say no LUNs found in
the debug log in that case.
Explicitly lists the possible values for "--target" option;
Gets rid of the confused strings like "Suspend-to-RAM";
Emphasises the node *has to* be suspended in the time duration
specified by "--duration". And rewords the entire document a
bit according to the API's implementation and document.
I noticed this problem when adding systemd support to netcf, because I
setup the configure.ac to automatically prefer using systemd over
initscripts when possible - although I had copied the
install-data-local target from the example of libvirt's
"libvirt-guests" service more or less verbatim, "make distcheck" would
fail because it was trying to install the service file directly into
/lib/systemd/system rather than into
/home/user/some/unimportant/name/lib/systemd/system.
This is caused by the install/uninstall rules for the systemd unit
files relying on $(DESTDIR) pointing the installed files to the right
place, but in reality $(DESTDIR) is empty during this part of make
distcheck - it instead sets $(prefix) with the toplevel directory used
for its test build/install/uninstall cycle.
(This problem hasn't been seen when running "make distcheck" in
libvirt because libvirt will never build/install systemd support
unless explicitly told to do so on the configure commandline, and
"make distcheck" doesn't put the "--with-initscript=..." option on the
configure commandline.)
I verified that the same problem does exist in libvirt by modifying
libvirt's configure.ac to set:
init_systemd=yes
with_init_script=systemd+redhat
This forces a build/install of the systemd unit files during
distcheck, which yields an error like this:
/usr/bin/install -c -m 644 virtlockd.service \
/lib/systemd/system/
libtool: install: warning: relinking `libvirt-qemu.la'
/usr/bin/install: cannot remove '/lib/systemd/system/virtlockd.service': Permission denied
make[4]: *** [install-systemd] Error 1
After adding $(prefix) to all the definitions of SYSTEMD_UNIT_DIR,
make distcheck now completes successfully with the modified
configure.ac, and the above lines change to something like this:
/usr/bin/install -c -m 644 virtlockd.service \
/home/laine/devel/libvirt/libvirt-1.2.1/_inst/lib/systemd/system/
Introduce Wireshark dissector plugin which adds support to Wireshark
for dissecting libvirt RPC protocol.
Added following files to build Wireshark dissector from libvirt source
tree.
* tools/wireshark/*: Source tree of Wireshark dissector plugin.
Added followings to configure.ac or Makefile.am.
configure.ac
* --with-wireshark-dissector: Enable support for building Wireshark
dissector.
* --with-ws-plugindir: Specify wireshark plugin directory that dissector
will installed.
* Added tools/wireshark/{Makefile,src/Makefile} to AC_CONFIG_FILES.
Makefile.am
* Added tools/wireshark/ to SUBDIR.
With this patch, user can setup the throttle blkio cgorup
for domain through the virsh cmd, such as:
virsh blkiotune domain1 --device-read-bytes-sec /dev/sda1,1000000,/dev/sda2,2000000
--device-write-bytes-sec /dev/sda1,1000000 --device-read-iops-sec /dev/sda1,10000
--device-write-iops-sec /dev/sda1,10000,/dev/sda2,0
This patch also add manpage for these new options.
Signed-off-by: Guan Qiang <hzguanqiang@corp.netease.com>
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
In a "for" loop there are created two new strings and they may not
be freed if a "target" string cannot be obtained. We have to free
the two created strings to prevent the memory leak.
This has been found by coverity.
John also pointed out that we should somehow care about the "type"
and "device" and Osier agreed to exit with error message if one of
them is set to NULL.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Our fixes for CVE-2013-4400 were so effective at "fixing" bugs
in virt-login-shell that we ended up fixing it into a useless
do-nothing program.
Commit 3e2f27e1 picked the name LIBVIRT_SETUID_RPC_CLIENT for
the witness macro when we are doing secure compilation. But
commit 9cd6a57d checked whether the name IN_VIRT_LOGIN_SHELL,
from an earlier version of the patch series, was defined; with
the net result that virt-login-shell invariably detected that
it was setuid and failed virInitialize.
Commit b7fcc799 closed all fds larger than stderr, but in the
wrong place. Looking at the larger context, we mistakenly did
the close in between obtaining the set of namespace fds, then
actually using those fds to switch namespace, which means that
virt-login-shell will ALWAYS fail.
This is the minimal patch to fix the regressions, although
further patches are also worth having to clean up poor
semantics of the resulting program (for example, it is rude to
not pass on the exit status of the wrapped program back to the
invoking shell).
* tools/virt-login-shell.c (main): Don't close fds until after
namespace swap.
* src/libvirt.c (virGlobalInit): Use correct macro.
Signed-off-by: Eric Blake <eblake@redhat.com>
https://bugzilla.redhat.com/show_bug.cgi?id=1049529
The 'detach-disk' command in virsh used the active XML definition of a
domain even when attempting to remove a disk from the config only. If
the disk was only in the inactive definition the operation failed. Fix
this by using the inactive XML in case that only the config is affected.
https://bugzilla.redhat.com/show_bug.cgi?id=1049529
The legacy virDomainAttachDevice and virDomainDetachDevice operate only
on active domains. When a user specified --current flag with an inactive
domain the old API was used and reported an error. Fix it by calling the
new API if --current is specified explicitly.
https://bugzilla.redhat.com/show_bug.cgi?id=1044806
Currently, sending the ANSI_A keycode from os_x codepage doesn't work as
it has a special value of 0x0. Our internal code handles that no
different to other not defined keycodes. Hence, in order to allow it we
must change all the undefined keycodes from 0 to -1 and adapt some code
too.
# virsh send-key guestname --codeset os_x ANSI_A
error: invalid keycode: 'ANSI_A'
# virsh send-key guestname --codeset os_x ANSI_B
# virsh send-key guestname --codeset os_x ANSI_C
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
I noticed a few odd things in 'virt-login-shell --help' output.
* tools/virt-login-shell.c (usage): At most one option accepted,
drop trailing colon.
Signed-off-by: Eric Blake <eblake@redhat.com>
Recent addition of the gluster pool type omitted fixing the virsh and
virConnectListAllStoragePool filters. A typecast of the converting
function in virsh showed that also the sheepdog pool was omitted in the
command parser.
This patch adds gluster pool filtering support and fixes virsh to
properly convert all supported storage pool types. The added typecast
should avoid doing such mistakes in the future.
https://bugzilla.redhat.com/show_bug.cgi?id=1044445
When undefining a VM with storage the man page doesn't explicitly
mention that the volumes need to be a part of the storage pool otherwise
it won't work.
Adding output to 'virsh --version=long' makes it easier to
tell if a distro built with particular libraries (it doesn't
tell you what a remote libvirtd is built with, but is still
better than nothing). But we forgot to mention gluster.
* tools/virsh.c (vshShowVersion): Add gluster witness.
Signed-off-by: Eric Blake <eblake@redhat.com>
Though trying to destroy a physical HBA doesn't make sense at all,
it's still a bit misleading with saying "only works for HBA".
Signed-off-by: Osier Yang <jyang@redhat.com>
Based on a suggestion from Mauricio Tavares.
* tools/virsh-domain.c (cmdDetachInterface, vshFindDisk): Improve
wording.
Signed-off-by: Eric Blake <eblake@redhat.com>
In the 'directory' and 'netfs' storage pools, a user can see
both 'file' and 'dir' storage volume types, to know when they
can descend into a subdirectory. But in a network-based storage
pool, such as the upcoming 'gluster' pool, we use 'network'
instead of 'file', and did not have any counterpart for a
directory until this patch. Adding a new volume type
'network-dir' is better than reusing 'dir', because it makes
it clear that the only way to access 'network' volumes within
that container is through the network mounting (leaving 'dir'
for something accessible in the local file system).
* include/libvirt/libvirt.h.in (virStorageVolType): Expand enum.
* docs/formatstorage.html.in: Document it.
* docs/schemasa/storagevol.rng (vol): Allow new value.
* src/conf/storage_conf.c (virStorageVol): Use new value.
* src/qemu/qemu_command.c (qemuBuildVolumeString): Fix client.
* src/qemu/qemu_conf.c (qemuTranslateDiskSourcePool): Likewise.
* tools/virsh-volume.c (vshVolumeTypeToString): Likewise.
* src/storage/storage_backend_fs.c
(virStorageBackendFileSystemVolDelete): Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
Most of our code base uses space after comma but not before;
fix the remaining uses before adding a syntax check.
* tests/sysinfotest.c: Consistently use commas.
* tests/viratomictest.c: Likewise.
* tests/vircgroupmock.c: Likewise.
* tools/virsh-domain.c: Likewise.
* tools/virsh-volume.c: Likewise.
Signed-off-by: Eric Blake <eblake@redhat.com>
All *-info virsh commands output a list of colon-seperated key-val pairs.
But virsh net-info command misses this colon for key "Name" and "UUID".
Signed-off-by: Hao Liu <hliu@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
This patch shuts up the following warning of clang
on Mac OS X:
virsh.c:2761:22: error: assigning to 'char *' from 'const char [6]' discards qualifiers
[-Werror,-Wincompatible-pointer-types-discards-qualifiers]
rl_readline_name = "virsh";
^ ~~~~~~~
The warning happens because rl_readline_name on Mac OS X comes
from an old readline header that still uses 'char *', while it
is 'const char *' in readline 4.2 (April 2001) and newer.
Tested on Mac OS X 10.8.5 (clang-500.2.75) and Fedora 19 (gcc 4.8.1).
Signed-off-by: Ryota Ozaki <ozaki.ryota@gmail.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Before:
$ virsh iface-list
Name State MAC Address
--------------------------------------------
br0 active f0🇩🇪f1:dc:b8:b0
virbr2 active 52:54:00:61:78:0c
After:
$ virsh iface-list
Name State MAC Address
---------------------------------------------------
br0 active f0🇩🇪f1:dc:b8:b0
virbr2 active 52:54:00:61:78:0c
Change the alignment to match the domain listing function.
Before:
$ virsh pool-list
Name State Autostart
-----------------------------------------
boot-scratch active no
default active no
glusterpool active no
$ virsh pool-list --details
Name State Autostart Persistent Capacity Allocation Available
-------------------------------------------------------------------------------
boot-scratch running no yes 117.99 GiB 101.40 GiB 16.60 GiB
default running no yes 117.99 GiB 101.40 GiB 16.60 GiB
glusterpool running no yes 29.40 GiB 44.23 MiB 29.36 GiB
After:
$ virsh pool-list
Name State Autostart
-------------------------------------------
boot-scratch active no
default active no
glusterpool active no
$ virsh pool-list --details
Name State Autostart Persistent Capacity Allocation Available
---------------------------------------------------------------------------------
boot-scratch running no yes 117.99 GiB 101.40 GiB 16.60 GiB
default running no yes 117.99 GiB 101.40 GiB 16.60 GiB
glusterpool running no yes 29.40 GiB 44.23 MiB 29.36 GiB
There were two separate places with that were stringifying type of a
volume. One of the places was out of sync with types implemented
upstream.
To avoid such problems in the future, this patch adds a common function
to convert the type to string and reuses it across the two said places.
Add an extra space before the first column as we have when listing
domains.
Previous output:
$ virsh vol-list glusterpool
Name Path
-----------------------------------------
asdf gluster://gluster-node-1/gv0/asdf
c gluster://gluster-node-1/gv0/c
cd gluster://gluster-node-1/gv0/cd
$ virsh vol-list glusterpool --details
Name Path Type Capacity Allocation
----------------------------------------------------------------------
asdf gluster://gluster-node-1/gv0/asdf unknown 0.00 B 0.00 B
c gluster://gluster-node-1/gv0/c unknown 16.00 B 16.00 B
cd gluster://gluster-node-1/gv0/cd unknown 0.00 B 0.00 B
New output:
$ virsh vol-list glusterpool
Name Path
------------------------------------------------------------------------------
asdf gluster://gluster-node-1/gv0/asdf
c gluster://gluster-node-1/gv0/c
cd gluster://gluster-node-1/gv0/cd
$ virsh vol-list glusterpool --details
Name Path Type Capacity Allocation
------------------------------------------------------------------------
asdf gluster://gluster-node-1/gv0/asdf unknown 0.00 B 0.00 B
c gluster://gluster-node-1/gv0/c unknown 16.00 B 16.00 B
cd gluster://gluster-node-1/gv0/cd unknown 0.00 B 0.00 B
The 'vcpucount' command is a getter command for the vCPUu count. When
one or more of the filtering flags are specified the command returns the
value only for the selected combination. In this case the --live and
--config combination isn't valid. This however didn't cause errors as
the combination of flags was rejected by the libvirt API but then the
fallback code kicked in and requested the count in a way where the clash
of the flags didn't matter.
Mark the flag combination mutually exclusive so that users aren't
confused.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1024245
Allow adjust the number of commands to remember in the command
history.
* tools/virsh.c (vshReadlineInit): Read and sanity the
VIRSH_HISTSIZE variable.
(VIRSH_HISTSIZE_MAX): New constant.
* tools/virsh.pod: Document VIRSH_HISTSIZE variable.
Signed-off-by: Eric Blake <eblake@redhat.com>
Commit e962a57 added 'attach-disk --shareable', even though we
already had 'attach-disk --mode=shareable'. Worse, if the user
types 'attach-disk --mode=readonly --shareable', we create
non-sensical XML. The best solution is just to undocument the
duplicate spelling, by having it fall back to the preferred
spelling.
* tools/virsh-domain.c (cmdAttachDisk): Let alias handling fix our
mistake in exposing a second spelling for an existing option.
* tools/virsh.pod: Fix documentation.
Signed-off-by: Eric Blake <eblake@redhat.com>
We want to treat 'attach-disk --shareable' as an undocumented
alias for 'attach-disk --mode=shareable'. By improving our
alias handling, we can allow all such --bool -> --opt=value
replacements, and guarantee up front that the alias is not
mixed with its replacement.
* tools/virsh.c (vshCmddefOptParse, vshCmddefGetOption): Add
support for expanding bool alias to --opt=value.
(opts_echo): Add another alias to test it.
* tests/virshtest.c (mymain): Test it.
Signed-off-by: Eric Blake <eblake@redhat.com>
In commit b46c4787dd I changed the code to
watch long running jobs in virsh. Unfortunately I didn't take into
account that poll may get a hangup if the terminal is not a TTY and will
be closed.
This patch avoids polling the STDIN fd when there's no TTY.
Unconditional use of getenv is not secure in setuid env.
While not all libvirt code runs in a setuid env (since
much of it only exists inside libvirtd) this is not always
clear to developers. So make all the code paranoid, even
if it only ever runs inside libvirtd.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
The virt-login-shell binary shouldn't need to execute programs
relying on $PATH, but just in case set a fixed $PATH value
of /bin:/usr/bin
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
The libvirt.so library has far too many library deps to allow
linking against it from setuid programs. Those libraries can
do stuff in __attribute__((constructor) functions which is
not setuid safe.
The virt-login-shell needs to link directly against individual
files that it uses, with all library deps turned off except
for libxml2 and libselinux.
Create a libvirt-setuid-rpc-client.la library which is linked
to by virt-login-shell. A config-post.h file allows this library
to disable all external deps except libselinux and libxml2.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
We don't want to inherit any FDs in the new namespace
except for the stdio FDs. Explicitly close them all,
just in case some do not have the close-on-exec flag
set.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
'--print-xml' option is very useful for doing some test.
But we had to specify a real domain for it.
This patch could enable us to specify a fake domain
when using --print-xml option.
Signed-off-by: Chen Hanxiao <chenhanxiao@cn.fujitsu.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
The parameter allows overriding default listen address for '-incoming'
cmd line argument on destination.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Make it much easier to test a configuration built without readline
support, by reusing our existing library probe machinery. It gets
a bit tricky with readline, which does not provide a pkg-config
snippet, and which on some platforms requires one of several
terminal libraries as a prerequiste, but the end result should be
the same default behavior but now with the option to disable things.
* m4/virt-readline.m4 (LIBVIRT_CHECK_READLINE): Simplify by using
LIBVIRT_CHECK_LIB.
* tools/virsh.c: Convert USE_READLINE to WITH_READLINE.
Signed-off-by: Eric Blake <eblake@redhat.com>
'make distcheck' fails from a directory configured --without-lxc:
GEN virt-login-shell.1
Can't write-open ../../tools/virt-login-shell.1: Permission denied at /usr/bin/pod2man line 69.
* tools/Makefile.am (EXTRA_DIST): Ship pre-built man page.
Signed-off-by: Eric Blake <eblake@redhat.com>
It's possible to create a domain which will only use a TLS port
and will not have a non-TLS port set by using:
<graphics type='spice' autoport='yes' defaultMode='secure'/>
In such a setup, the 'graphics' node for the running domain will be:
<graphics type='spice' tlsPort='5900'
autoport='yes' listen='127.0.0.1'
defaultMode='secure'>
However, cmdDomDisplay loops over all the 'graphics' node, and it
ignores nodes which don't have a 'port' attribute. This means
'virsh domdisplay' will only return an empty string for domains
as the one above.
This commit looks for both 'port' and 'tlsPort' before deciding
to ignore a graphics node. It also makes sure 'port' is not printed
when it's not set.
This makes 'virsh domdisplay' return
'spice://127.0.0.1?tls-port=5900' for domains using only a TLS
port.
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
After commit 8aecd35126 it'll detect
that a required option is not defined and it will assert and exit with:
virsh.c:1364: vshCommandOpt: Assertion `valid->name' failed.
Problem has been latent since commit ed23b106.
Signed-off-by: Eric Blake <eblake@redhat.com>
completer and completer_flags added to the _vshCmdOptDef
structure so it will be possible for completion generators to
conveniently call option completer functions with desired flags.
Signed-off-by: Eric Blake <eblake@redhat.com>
Some systems apparently have a global variable/function called remove
and thus break compilation of virsh-domain.c. Rename the variable to
avoid this.
Reported by GuanQiang.