2453501fc8
https://bugzilla.redhat.com/show_bug.cgi?id=1374126 Due to how the processing for authentication using polkit works, the virshConnect code must first "attempt" an virConnectOpenAuth and then check for a "special" return error code VIR_ERR_AUTH_UNAVAILABLE in order to attempt to "retry" the authentication after performing a creation of a pkttyagent to handle the challenge/response for the client. However, if pkttyagent creation is not possible for the authentication being attempted (such as perhaps a "qemu+ssh://someuser@localhost/system"), then the same failure pattern would be returned and another attempt to create a pkttyagent would be done. This would continue "forever" until someone forced quit (e.g. ctrl-c) from virsh as the 'authfail' was not incremented when creating the pkttyagent. So add a 'agentCreated' boolean to track if we've attempted to create the agent at least once and force a failure if that creation returned the same error pattern. This resolves a possible never ending loop and will generate an error: error: failed to connect to the hypervisor error: authentication unavailable: no polkit agent available to authenticate action 'org.libvirt.unix.manage' NB: If the authentication was for a sufficiently privileged client, such as qemu+ssh://root@localhost/system, then the remoteDispatchAuthList "allows" the authentication to use libvirt since @callerUid would be 0. |
||
---|---|---|
.gnulib@da830b5146 | ||
build-aux | ||
daemon | ||
docs | ||
examples | ||
gnulib | ||
include/libvirt | ||
m4 | ||
po | ||
src | ||
tests | ||
tools | ||
.color_coded.in | ||
.ctags | ||
.dir-locals.el | ||
.gitignore | ||
.gitmodules | ||
.mailmap | ||
.travis.yml | ||
.ycm_extra_conf.py.in | ||
AUTHORS.in | ||
COPYING | ||
COPYING.LESSER | ||
ChangeLog-old | ||
HACKING | ||
Makefile.am | ||
Makefile.nonreentrant | ||
README | ||
README-hacking | ||
README.md | ||
TODO | ||
autogen.sh | ||
bootstrap | ||
bootstrap.conf | ||
cfg.mk | ||
config-post.h | ||
configure.ac | ||
libvirt-admin.pc.in | ||
libvirt-lxc.pc.in | ||
libvirt-qemu.pc.in | ||
libvirt.pc.in | ||
libvirt.spec.in | ||
mingw-libvirt.spec.in | ||
run.in |
README.md
Libvirt API for virtualization
Libvirt provides a portable, long term stable C API for managing the virtualization technologies provided by many operating systems. It includes support for QEMU, KVM, Xen, LXC, bhyve, Virtuozzo, VMware vCenter and ESX, VMware Desktop, Hyper-V, VirtualBox and the POWER Hypervisor.
For some of these hypervisors, it provides a stateful management daemon which runs on the virtualization host allowing access to the API both by non-privileged local users and remote users.
Layered packages provide bindings of the libvirt C API into other languages including Python, Perl, PHP, Go, Java, OCaml, as well as mappings into object systems such as GObject, CIM and SNMP.
Further information about the libvirt project can be found on the website:
License
The libvirt C API is distributed under the terms of GNU Lesser General Public License, version 2.1 (or later). Some parts of the code that are not part of the C library may have the more restrictive GNU General Public License, version 2.1 (or later). See the files COPYING.LESSER and COPYING for full license terms & conditions.
Installation
Libvirt uses the GNU Autotools build system, so in general can be built and installed with the usual commands. For example, to build in a manner that is suitable for installing as root, use:
$ ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
$ make
$ sudo make install
While to build & install as an unprivileged user
$ ./configure --prefix=$HOME/usr
$ make
$ make install
The libvirt code relies on a large number of 3rd party libraries. These will be detected during execution of the configure script and a summary printed which lists any missing (optional) dependencies.
Contributing
The libvirt project welcomes contributions in many ways. For most components
the best way to contribute is to send patches to the primary development
mailing list, using the git send-email
command. Further guidance on this
can be found in the HACKING
file, or the project website
Contact
The libvirt project has two primary mailing lists:
- libvirt-users@redhat.com (for user discussions)
- libvir-list@redhat.com (for development only)
Further details on contacting the project are available on the website