Matthias Bolte [Sat, 14 Nov 2009 18:51:05 +0000 (19:51 +0100)]
esx: Fix MAC address formatting
VMware uses two MAC address prefixes: 00:0c:29 and 00:50:56. The 00:0c:29
prefix is used for ESX server generated addresses. The 00:50:56 prefix is
split into two parts. MAC addresses above 00:50:56:3f:ff:ff are generated
by a vCenter. The rest of the 00:50:56 prefix can be assigned manually.
Any MAC address within the 00:0c:29 and 00:50:56 prefix can be specified
in a domain XML config and the driver will handle the details internally.
* src/esx/esx_vmx.c: fix MAC address formatting
* tests/xml2vmxdata/*: update test files accordingly
Matthias Bolte [Fri, 13 Nov 2009 21:55:25 +0000 (22:55 +0100)]
esx: Handle 'vmxnet3' in esxVMX_FormatEthernet()
In commit 3c80fac2588cbc9e5ee7e7069e1ca4468f2359d3 'vmxnet3' handling
was added to esxVMX_ParseEthernet(), but not to the inverse function
esxVMX_FormatEthernet().
Matthias Bolte [Fri, 13 Nov 2009 21:43:10 +0000 (22:43 +0100)]
esx: Add documentation to the website
* docs/drivers.html.in: list the ESX driver
* docs/drvesx.html.in: the new ESX driver documentation
* docs/hvsupport.html.in: add the ESX driver to the matrix
* docs/index.html.in, docs/sitemap.html.in: list the ESX driver
* src/esx/esx_driver.c: fix and cleanup some comments
Jim Fehlig [Sun, 15 Nov 2009 08:40:36 +0000 (09:40 +0100)]
Fix compilation of libvirt against xen-unstable
* src/xen/xen_hypervisor.c: xen-unstable changeset 19788 removed
MAX_VIRT_CPUS from public headers, breaking compilation of libvirt
on -unstable. Its semanitc was retained with XEN_LEGACY_MAX_VCPUS.
Ensure MAX_VIRT_CPUS is defined accordingly.
Device kit support was removed, but the configure.ac checks were
left in place. A number of the XXX_REQUIRED=X.Y.Z variables were
not declared in the correct location (ie top of the file)
Fix incorrect reference counting logic in qemu monitor open
The QEMU monitor open method would not take a reference on
the virDomainObjPtr until it had successfully opened the
monitor. The cleanup code upon failure to open though would
call qemuMonitorClose() which would in turn decrement the
reference count. This caused the virDoaminObjPtr to be mistakenly
freed and then the whole driver crashes
* src/qemu/qemu_monitor.c: Fix reference counting in
qemuMonitorOpen
Don't return fatal error in HAL driver init if HAL isn't running
The HAL driver returns a fatal error code in the case where HAL
is not running. This causes the entire libvirtd daemon to quit
which isn't desirable. Instead it should simply disable the HAL
driver
* src/node_device/node_device_hal.c: Quietly disable HAL if it is
not running
Jamie Strandboge [Fri, 13 Nov 2009 14:25:30 +0000 (15:25 +0100)]
AppArmor handling of accesses to readonly files
Fixes https://launchpad.net/bugs/453335
* src/security/virt-aa-helper.c: suppress confusing and misleading
apparmor denied message when kvm/qemu tries to open a libvirt specified
readonly file (such as a cdrom) with write permissions. libvirt uses
the readonly attribute for the security driver only, and has no way
of telling kvm/qemu that the device should be opened readonly
Jamie Strandboge [Fri, 13 Nov 2009 14:22:20 +0000 (15:22 +0100)]
AppArmor require absolute paths
Fixes https://launchpad.net/bugs/460271
* src/security/virt-aa-helper.c: require absolute path for dynamic added
files. This is required by AppArmor and conveniently prevents adding
tcp consoles to the profile
Jamie Strandboge [Fri, 13 Nov 2009 14:19:05 +0000 (15:19 +0100)]
AppArmor updates of examples
* examples/apparmor/libvirt-qemu: adds pulseaudio, alsa and preliminary
save/restore to the example apparmor abstraction
* examples/apparmor/usr.sbin.libvirtd: allows libvirtd access to inet
dgram, inet6 dgram, inet6 stream and /usr/lib/libvirt/*
Check that domain is running when starting console
The 'virsh console' command did not check if the domain was
already running before attempting to fetch the XML and extract
the console PTY path. This caused a slightly unhelpful / misleading
error message for the user. The explicit check ensures the user
gets an explicit 'domain is not running' message.
* tools/virsh.c: Validate that state != VIR_DOMAIN_SHUTOFF in
virsh console command
In the scenario where the cgroups were mounted but the
particular group did not exist, and the caller had not
requested auto-creation, the code would fail to return
an error condition. This caused the lxc_controller to
think the cgroup existed, and it then later failed when
attempting to use it
* src/util/cgroup.c: Raise an error if the cgroup path does not
exist
There is a race condition in HAL driver startup where the callback
can get triggered before we have finished startup. This then causes
a deadlock in the driver.
* src/node_device/node_device_hal.c: RElease driver lock before
registering DBus callbacks
If the virDomainDefPtr object has an 'id' of -1, then forcably
set the VIR_DOMAIN_XML_INACTIVE flag to ensure generated XML
does not include any cruft from the previously running guest
such as console PTY path, or VNC port.
* src/conf/domain_conf.c: Set VIR_DOMAIN_XML_INACTIVE if
def->id is -1. Replace checks for def->id == -1 with
check against flags & VIR_DOMAIN_XML_INACTIVE.
Remove capng_lock() call when spawning LXC container init process
The capng_lock() call sets the SECURE_NO_SETUID_FIXUP and SECURE_NOROOT
bits on the process. This prevents the kernel granting capabilities to
processes with an effective UID of 0, or with setuid programs. This is
not actually what we want in the container init process. It should be
allowed to run setuid processes & keep capabilities when root. All that
is required is masking a handful of dangerous capabilities from the
bounding set.
The libvirtd initscript could get confused between the system and
session instances of the daemon. To avoid this it is neccessary
to check the pidfile explicitly.
* daemon/libvirtd.init.in: Always check the pidfile of the system
daemon to avoid confusion with the session daemons
Jamie Strandboge [Fri, 13 Nov 2009 10:04:23 +0000 (11:04 +0100)]
Fix virt-aa-helper when host and os.type arch differ
* src/security/virt-aa-helper.c: get_definition() now calls the new
caps_mockup() function which will parse the XML for os.type,
os.type.arch and then sets the wordsize. These attributes are needed
only to get a valid virCapsPtr for virDomainDefParseString(). The -H
and -b options are now removed from virt-aa-helper (they weren't used
yet anyway).
* tests/virt-aa-helper-test: extend and fixes tests, chmod'ed 755
David Allan [Thu, 12 Nov 2009 22:22:00 +0000 (23:22 +0100)]
Add translation of PCI vendor and product IDs
uses libpciaccess to provide human readable names for PCI vendor and
device IDs
* configure.in: add a requirement for libpciaccess >= 0.10.0
* src/Makefile.am: add the associated compilation flags and link
* src/node_device/node_device_udev.c: lookup the libpciaccess for
vendor name and product name based on their ids
David Allan [Thu, 12 Nov 2009 22:09:24 +0000 (23:09 +0100)]
Remove DevKit node device backend
* configure.in src/Makefile.am: remove the configuration check and
build instructions
* src/node_device/node_device_devkit.c: removed the module
* src/node_device/node_device_driver.c src/node_device/node_device_driver.h:
removed references to the old backend
David Allan [Thu, 12 Nov 2009 22:03:47 +0000 (23:03 +0100)]
Add scsi_target device type
* src/conf/node_device_conf.h src/conf/node_device_conf.c: add specific
support for SCSI target in node device capabilities
* src/node_device/node_device_udev.c: add some extra detection code
when handling udev output
David Allan [Thu, 12 Nov 2009 21:48:24 +0000 (22:48 +0100)]
Implement a node device backend using libudev
* configure.in: add new --with-udev, disabled by default, and requiring
libudev > 145
* src/node_device/node_device_udev.c src/node_device/node_device_udev.h:
the new node device backend
* src/node_device/node_device_linux_sysfs.c: moved node_device_hal_linux.c
to a better file name
* src/conf/node_device_conf.c src/conf/node_device_conf.h: add a couple
of fields in node device definitions, and an API to look them up,
remove a couple of unused fields from previous patch.
* src/node_device/node_device_driver.c src/node_device/node_device_driver.h:
plug the new driver
* po/POTFILES.in src/Makefile.am src/libvirt_private.syms: add the new
files and symbols
* src/util/util.h src/util/util.c: add a new convenience macro
virBuildPath and virBuildPathInternal() function
Cole Robinson [Thu, 12 Nov 2009 15:53:26 +0000 (10:53 -0500)]
Add virConnectGetLibvirtVersion API
There is currently no way to determine the libvirt version of a remote
libvirtd we are connected to. This is a useful piece of data to enable
feature detection.
* src/xen/xen_driver.c: Add support for VIR_MIGRATE_PERSIST_DEST flag
* src/xen/xend_internal.c: Add support for VIR_MIGRATE_UNDEFINE_SOURCE flag
* include/libvirt/virterror.h, src/util/virterror.c: Add new errorcode
VIR_ERR_MIGRATE_PERSIST_FAILED
pritesh [Thu, 12 Nov 2009 14:45:18 +0000 (15:45 +0100)]
Support for SATA Disks in virDomainDiskBus
* src/conf/domain_conf.h src/conf/domain_conf.c: add the new entry in
the enum and lists of virDomainDiskBus
* src/qemu/qemu_conf.c: same for virDomainDiskQEMUBus
The xenstore database sometimes has stale domain IDs which are not
present in the hypervisor anymore. Filter these out to avoid causing
confusion
* src/xen/xs_internal.c: Filter domain IDs against HV's list
* src/xen/xen_hypervisor.h, src/xen/xen_hypervisor.c: Add new
xenHypervisorHasDomain() method for checking ID validity
Jonas Eriksson [Fri, 9 Oct 2009 09:23:23 +0000 (10:23 +0100)]
Fix logic in xenUnifiedNumOfDomains to match xenUnifiedListDomains
The xenUnifiedNumOfDomains and xenUnifiedListDomains methods work
together as a pair, so it is critical they both apply the same
logic. With the current mis-matched logic it is possible to sometimes
get into a state when you miss certain active guests.
* src/xen/xen_driver.c: Change xenUnifiedNumOfDomains ordering to
match xenUnifiedListDomains.
Sometimes getaddrinfo returns IPv4 addresses before IPv6 addresses.
IPv6 sockets default to attempting to bind to IPv4 addresses too.
So if the IPv4 address is activated first, then binding to IPv6
will unneccessarily fail.
* daemon/libvirtd.c: Bind to IPv6 and IPv4 addresses separately
Fix save and restore with non-privileged guests and SELinux
When running qemu:///system instance, libvirtd runs as root,
but QEMU may optionally be configured to run non-root. When
then saving a guest to a state file, the file is initially
created as root, and thus QEMU cannot write to it. It is also
missing labelling required to allow access via SELinux.
* src/qemu/qemu_driver.c: Set ownership on save image before
running migrate command in virDomainSave impl. Call out to
security driver to set save image labelling
* src/security/security_driver.h: Add driver APIs for setting
and restoring saved state file labelling
* src/security/security_selinux.c: Implement saved state file
labelling for SELinux
Implmentation of new APIs to checking state/persistence of objects
This implements the virConnectIsSecure, virConnectIsEncrypted,
virDomainIsPersistent, virDomainIsActive, virNetworkIsActive,
virNetworkIsPersistent, virStoragePoolIsActive,
virStoragePoolIsPersistent, virInterfaceIsActive APIs in
(nearly) all drivers. Exceptions are:
* src/remote/remote_protocol.x: Define remote wire ABI for newly
added APIs.
* daemon/remote_dispatch*.h: Re-generated from remote_protocol.x
* src/esx/esx_driver.c, src/lxc/lxc_driver.c, src/network/bridge_driver.c,
src/opennebula/one_driver.c, src/openvz/openvz_conf.c,
src/openvz/openvz_driver.c, src/phyp/phyp_driver.c,
src/remote/remote_driver.c, src/storage/storage_driver.c,
src/test/test_driver.c, src/uml/uml_driver.c, src/vbox/vbox_tmpl.c,
src/xen/xen_driver.c, src/xen/xen_driver.h, src/xen/xen_inotify.c,
src/xen/xen_inotify.h: Implement all the new APIs where possible
Introduce a number of new APIs to expose some boolean properties
of objects, which cannot otherwise reliably determined, nor are
aspects of the XML configuration.
* virDomainIsActive: Checking virDomainGetID is not reliable
since it is not possible to distinguish between error condition
and inactive domain for ID of -1.
* virDomainIsPersistent: Check whether a persistent config exists
for the domain
* virNetworkIsActive: Check whether the network is active
* virNetworkIsPersistent: Check whether a persistent config exists
for the network
* virStoragePoolIsActive: Check whether the storage pool is active
* virStoragePoolIsPersistent: Check whether a persistent config exists
for the storage pool
* virInterfaceIsActive: Check whether the host interface is active
* virConnectIsSecure: whether the communication channel to the
hypervisor is secure
* virConnectIsEncrypted: whether any network based commnunication
channels are encrypted
NB, a channel can be secure, even if not encrypted, eg if it does
not involve the network, like a UNIX socket, or pipe.
* include/libvirt/libvirt.h.in: Define public API
* src/driver.h: Define internal driver API
* src/libvirt.c: Implement public API entry point
* src/libvirt_public.syms: Export API symbols
* src/esx/esx_driver.c, src/lxc/lxc_driver.c,
src/interface/netcf_driver.c, src/network/bridge_driver.c,
src/opennebula/one_driver.c, src/openvz/openvz_driver.c,
src/phyp/phyp_driver.c, src/qemu/qemu_driver.c,
src/remote/remote_driver.c, src/test/test_driver.c,
src/uml/uml_driver.c, src/vbox/vbox_tmpl.c,
src/xen/xen_driver.c: Stub out driver tables
Daniel Veillard [Tue, 10 Nov 2009 11:56:11 +0000 (12:56 +0100)]
Various fixes following a code review
* src/libvirt.c src/lxc/lxc_conf.c src/lxc/lxc_container.c
src/lxc/lxc_controller.c src/node_device/node_device_hal.c
src/openvz/openvz_conf.c src/qemu/qemu_driver.c
src/qemu/qemu_monitor_text.c src/remote/remote_driver.c
src/storage/storage_backend_disk.c src/storage/storage_driver.c
src/util/logging.c src/xen/sexpr.c src/xen/xend_internal.c
src/xen/xm_internal.c: Steve Grubb <sgrubb@redhat.com> sent a code
review and those are the fixes correcting the problems
Some monitor commands may take a very long time to complete. It is
not desirable to block other incoming API calls forever. With this
change, if an existing API call is holding the job lock, additional
API calls will not wait forever. They will time out after a short
period of time, allowing application to retry later.
* include/libvirt/virterror.h, src/util/virterror.c: Add new
VIR_ERR_OPERATION_TIMEOUT error code
* src/qemu/qemu_driver.c: Change to a timed condition variable
wait for acquiring the monitor job lock
Release driver and domain lock when running monitor commands
QEMU monitor commands may sleep for a prolonged period of time.
If the virDomainObjPtr or qemu driver lock is held this will
needlessly block execution of many other API calls. it also
prevents asynchronous monitor events from being dispatched
while a monitor command is executing, because deadlock will
ensure.
To resolve this, it is neccessary to release all locks while
executing a monitor command. This change introduces a flag
indicating that a monitor job is active, and a condition
variable to synchronize access to this flag. This ensures that
only a single thread can be making a state change or executing
a monitor command at a time, while still allowing other API
calls to be completed without blocking
* src/qemu/qemu_driver.c: Release driver and domain lock when
running monitor commands. Re-add locking to disk passphrase
callback
* src/qemu/THREADS.txt: Document threading rules
Change the QEMU monitor file handle watch to poll for both
read & write events, as well as EOF. All I/O to/from the
QEMU monitor FD is now done in the event callback thread.
When the QEMU driver needs to send a command, it puts the
data to be sent into a qemuMonitorMessagePtr object instance,
queues it for dispatch, and then goes to sleep on a condition
variable. The event thread sends all the data, and then waits
for the reply to arrive, putting the response / error data
back into the qemuMonitorMessagePtr and notifying the condition
variable.
There is a temporary hack in the disk passphrase callback to
avoid acquiring the domain lock. This avoids a deadlock in
the command processing, since the domain lock is still held
when running monitor commands. The next commit will remove
the locking when running commands & thus allow re-introduction
of locking the disk passphrase callback
* src/qemu/qemu_driver.c: Temporarily don't acquire lock in
disk passphrase callback. To be reverted in next commit
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h: Remove
raw I/O functions, and a generic qemuMonitorSend() for
invoking a command
* src/qemu/qemu_monitor_text.c, src/qemu/qemu_monitor_text.h:
Remove all low level I/O, and use the new qemuMonitorSend()
API. Provide a qemuMonitorTextIOProcess() method for detecting
command/reply/prompt boundaries in the monitor data stream
Eduardo Otubo [Tue, 10 Nov 2009 12:15:34 +0000 (13:15 +0100)]
phyp: ssh authentication with public key fixed
Use ssh keyfiles from the current user's home directory instead of trying
to use keyfiles from a hardcoded /home/user directory. Fallback to
username/password authentication if keyfiles are not available or keyfile
authentication failed.
Add reference counting on the virDomainObjPtr objects. With the
forthcoming asynchronous QEMU monitor, it will be neccessary to
release the lock on virDomainObjPtr while waiting for a monitor
command response. It is neccessary to ensure one thread can't
delete a virDomainObjPtr while another is waiting. By introducing
reference counting threads can make sure objects they are using
are not accidentally deleted while unlocked.
* src/conf/domain_conf.h, src/conf/domain_conf.c: Add
virDomainObjRef/Unref APIs, remove virDomainObjFree
* src/openvz/openvz_conf.c: replace call to virDomainObjFree
with virDomainObjUnref
In preparation of the monitor I/O process becoming fully asynchronous,
it is neccessary to ensure all access to internals of the qemuMonitorPtr
object is protected by a mutex lock.
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h: Add mutex for locking
monitor.
* src/qemu/qemu_driver.c: Add locking around all monitor commands
Wrap text mode monitor APIs, pass qemuMonitorPtr directly to APIs
Change the QEMU driver to not directly invoke the text mode monitor
APIs. Instead add a generic wrapper layer, which will eventually
invoke either the text or JSON protocol code as needed. Pass an
qemuMonitorPtr object into the monitor APIs instead of virDomainObjPtr
to complete the de-coupling of the monitor impl from virDomainObj
data structures
* src/qemu/qemu_conf.h: Remove qemuDomainObjPrivate definition
* src/qemu/qemu_driver.c: Add qemuDomainObjPrivate definition.
Pass qemuMonitorPtr into all monitor APIs instead of the
virDomainObjPtr instance.
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h: Add thin
wrappers for all qemuMonitorXXX command APIs, calling into
qemu_monitor_text.c/h
* src/qemu/qemu_monitor_text.c, src/qemu/qemu_monitor_text.h:
Rename qemuMonitor -> qemuMonitorText & update to accept
qemuMonitorPtr instead of virDomainObjPtr
Decouple the monitor code from the virDomainDefPtr structure
by moving the disk encryption lookup code back into the
qemu_driver.c file. Instead provide a function callback to
the monitor code which can be invoked to retrieve encryption
data as required.
* src/qemu/qemu_driver.c: Add findDomainDiskEncryption,
and findVolumeQcowPassphrase. Pass address of the method
findVolumeQcowPassphrase into qemuMonitorOpen()
* src/qemu/qemu_monitor.c: Associate a disk
encryption function callback with the qemuMonitorPtr
object.
* src/qemu/qemu_monitor_text.c: Remove findDomainDiskEncryption
and findVolumeQcowPassphrase.
Make use of private data structure for monitor state
Introduce a new qemuDomainObjPrivate object which is used to store
the private QEMU specific data associated with each virDomainObjPtr
instance. This contains a single member, an instance of the new
qemuMonitorPtr object which encapsulates the QEMU monitor state.
The internals of the latter are private to the qemu_monitor* files,
not to be shown to qemu_driver.c
* src/qemu/qemu_conf.h: Definition of qemuDomainObjPrivate.
* src/qemu/qemu_driver.c: Register a functions for creating
and freeing qemuDomainObjPrivate instances with the domain
capabilities. Remove the qemudDispatchVMEvent() watch since
I/O watches are now handled by the monitor code itself. Pass
a new qemuHandleMonitorEOF() callback into qemuMonitorOpen
to allow notification when the monitor quits.
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h: Introduce
the 'qemuMonitor' object. Temporarily add new APIs
qemuMonitorWrite, qemuMonitorRead, qemuMonitorWaitForInput
to allow text based monitor impl to perform I/O.
* src/qemu/qemu_monitor_text.c: Call APIs for reading/writing
to monitor instead of accessing the file handle directly.
Move code for low level QEMU monitor interaction into separate file
The qemu_driver.c code should not contain any code that interacts
with the QEMU monitor at a low level. A previous commit moved all
the command invocations out. This change moves out the code which
actually opens the monitor device.
* src/qemu/qemu_driver.c: Remove qemudOpenMonitor & methods called
from it.
* src/Makefile.am: Add qemu_monitor.{c,h}
* src/qemu/qemu_monitor.h: Add qemuMonitorOpen()
* src/qemu/qemu_monitor.c: All code for opening the monitor
* src/util/threads-pthread.c: pthreads APIs do not set errno, instead
the return value is the positive errno. Set errno based on the return
value in the wrappers
* src/util/pci.c, src/util/pci.h: Make the pciDeviceList struct
opaque to callers of the API. Add accessor methods for managing
devices in the list
* src/qemu/qemu_driver.c: Update to use APIs instead of directly
accessing pciDeviceList fields
Matthew Booth [Mon, 9 Nov 2009 14:35:21 +0000 (15:35 +0100)]
Separate character device doc guest and host parts
* docs/formatdomain.html.in: refactors the existing character device
documentation to make it explicit which directives configure the guest
interface, and which configure the host interface.
Gerhard Stenzel [Mon, 9 Nov 2009 14:30:15 +0000 (15:30 +0100)]
Removes the ebtablesSaveRules() function
As it was basically unimplemented and more confusing than useful
at the moment.
* src/libvirt_private.syms: remove from internal symbols list
* src/qemu/qemu_bridge_filter.c src/util/ebtables.c: remove code and
one use of the unimplemented function
Matthias Bolte [Sat, 7 Nov 2009 23:42:19 +0000 (00:42 +0100)]
Add a Python example that lists active ESX domains
It also demonstrates how to use the libvirt.openAuth() method.
* examples/python/Makefile.am: add esxlist.py to EXTRA_DIST
* examples/python/README: add some notes about esxlist.py
* examples/python/esxlist.py: the new example
Matthias Bolte [Fri, 6 Nov 2009 01:59:35 +0000 (02:59 +0100)]
phyp: Fix several UUID table related problems
- Make reading ID from file working for IDs > 127
- Fix inverse error check for writing ID to file
- Use feof() to distinguish EOF from real error of fread()
- Don't interpret libssh2 error codes as number of bytes
Matthias Bolte [Fri, 6 Nov 2009 01:15:19 +0000 (02:15 +0100)]
phyp: Make generic domain listing functions return -1 in case of error
phypNumDomainsGeneric() and phypListDomainsGeneric() return 0 in case
of an error. This makes it impossible to distinguish between an actual
error and no domains being defined on the hypervisor. It also turn the
no domains situation into an error. Return -1 in case of an error to
fix this problem.
Daniel Veillard [Fri, 6 Nov 2009 16:53:45 +0000 (17:53 +0100)]
524280 pass max lease option to dnsmasq
* src/network/bridge_driver.c: when exec'ing dnsmaq, if there are
DHCP ranges defined, then compute and pass the --dhcp-lease-max
deriving the maximum number of leases
Daniel Veillard [Fri, 6 Nov 2009 16:50:54 +0000 (17:50 +0100)]
Store the range size when adding a DHCP range
* src/conf/network_conf.h: extend the structure to store the range
* src/conf/network_conf.c: before adding a range parse the IP addresses
do some checking and keep the size
Paolo Bonzini [Fri, 6 Nov 2009 09:39:13 +0000 (10:39 +0100)]
Add sentinel attribute for NULL terminated arg lists
* src/internal.h (ATTRIBUTE_SENTINEL): New, it's a ggc feature and
protected as such
* src/util/buf.c (virBufferStrcat): Use it.
* src/util/ebtables.c (ebtablesAddRemoveRule): Use it.
* src/util/iptables.c (iptableAddRemoveRule: Use it.
* src/util/qparams.h (new_qparam_set, append_qparams): Use it.
* docs/apibuild.py: avoid breaking the API generator with that new
internal keyword macro
Matthew Booth [Thu, 5 Nov 2009 15:04:34 +0000 (16:04 +0100)]
Ensure guestfwd address is IPv4 and various cleanups
* include/libvirt/virterror.h src/util/virterror.c: add a new error
VIR_ERR_CONFIG_UNSUPPORTED for valid but unsupported configuration options
* src/conf/domain_conf.c: Throw an error if guestfwd address isn't IPv4
and cleanup a number of parsing return error values.
Matthew Booth [Thu, 5 Nov 2009 14:31:03 +0000 (15:31 +0100)]
Support for <channel> in domain and QEmu backend
allows the following to be specified in a domain:
<channel type='pipe'>
<source path='/tmp/guestfwd'/>
<target type='guestfwd' address='10.0.2.1' port='4600'/>
</channel>
* proxy/Makefile.am: add network.c as dep of domain_conf.c
* docs/schemas/domain.rng src/conf/domain_conf.[ch]: extend the domain
schemas and the parsing/serialization side for the new construct
QEmu support will add the following on the qemu command line:
-chardev pipe,id=channel0,path=/tmp/guestfwd
-net user,guestfwd=tcp:10.0.2.1:4600-chardev:channel0
* src/qemu/qemu_conf.c: Add argument output for channel
* tests/qemuxml2(argv|xml)test.c: Add test for <channel> domain syntax
Matthew Booth [Thu, 5 Nov 2009 13:19:14 +0000 (14:19 +0100)]
Allow character devices to have different target types
A character device's target (it's interface in the guest) had only a
single property: port. This patch is in preparation for adding targets
which require other properties.
Since this changes the conf type for character devices this affects
a number of drivers:
* src/conf/domain_conf.[ch] src/esx/esx_vmx.c src/qemu/qemu_conf.c
src/qemu/qemu_driver.c src/uml/uml_conf.c src/uml/uml_driver.c
src/vbox/vbox_tmpl.c src/xen/xend_internal.c src/xen/xm_internal.c:
target properties are moved into a union in virDomainChrDef, and a
targetType field is added to identify which union member should be
used. All current code which touches a virDomainChrDef is updated both
to use the new union field, and to populate targetType if necessary.
Ryota Ozaki [Thu, 5 Nov 2009 13:11:30 +0000 (14:11 +0100)]
LXC allow container to have ethN interfaces
Current implementation of lxc driver creates vethN named
interface(s) in the host and passes as it is to a container.
The reason why it doesn't use ethN is due to the limitation
that one namespace cannot have multiple iterfaces that have
an identical name so that we give up creating ethN named
interface in the host for the container.
However, we should be able to allow the container to have
ethN by changing the name after clone(CLONE_NEWNET).
* src/lxc/lxc_container.c src/lxc/veth.c src/lxc/veth.h: do the clone
and then renames interfaces eth0 ... ethN to keep the interface names
familiar in the domain
Ryota Ozaki [Thu, 5 Nov 2009 12:39:09 +0000 (13:39 +0100)]
LXC messages cleanup and fix lxcError
* src/lxc/lxc_container.c src/lxc/lxc_controller.c src/lxc/lxc_driver.c
src/lxc/veth.c: most of cleanups are just capitalizing their messages
though, some fixes wrong error messages and awkward indentations, and
improves error messages.
projects / libvirt.git / log