| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
(cherry picked from commit 3905cc7ab496549b6ca0a0f67ec61d1d16968c33)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We split the library code into these separate files:
- guestfs.c: creating handles, closing handles, handle-related variables
- actions.c: generated library-side stubs for each action
- bindtests.c: generated code to test bindings
- launch.c: launching the appliance
- proto.c: the library side of the daemon communications protocol
This is just code movement.
Cherry picked from commit 41f25ab3df5f306ac717fa7a6efd58328d30c1ae
and rebased for stable branch.
|
| |
|
|
|
|
| |
Rename these two generated files, in preparation for splitting
up the main src/guestfs.c file.
(cherry picked from commit a617f521a4f695a63ced1c734128dc6c05b7024f)
|
| |
|
|
| |
(cherry picked from commit 2fd8c259d3daa88b0cdf98090bb57f3dbd178432)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adding the readonly=on option is not so clever. This causes
qemu to present the disk as read-only to the guest. (The
expected behaviour of snapshots=on,readonly=on was that it
would open the disk O_RDONLY but present a writable disk to
the guest).
Since the guest sees a read-only disk, we are unable to do any
recovery if a filesystem on the disk is inconsistent. This basically
prevents most accesses to live disk images.
What we really want is a qemu option which presents a writable
disk to the guest, but only opens the disk on the host side with
O_RDONLY, to alleviate the udev bug RHBZ#571714.
This reverts commit 676462684e05dd8341dd695762dd99a87d8ec022.
(cherry picked from commit 799d52be4f08f6c70c0e8ba1aa7367ba4cdd78c4)
|
| |
|
|
| |
Read the note in the man page before using this feature.
|
| | |
|
| |
|
|
|
|
|
| |
Move the config state check first in the guestfs_launch function,
so that we don't reset g->launch_t or calculate the temporary
directory in the case where the launch function will immediately
return with an error.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Change the network configuration so everything is set using
some macros at the top of src/guestfs.c.
Also, rename the macros used in the daemon so they are not the
same. It was a very long time since these sets of macros had to
match the ones defined in src/guestfs.c, despite what the comment
said.
Note that this commit should not change the semantics of the
program at all.
|
| |
|
|
|
|
| |
Detect if qemu dies during launch by wait(2)-ing for it, and
then getting EOF on the qemu pipe. This was broken in null
vmchannel mode, causing a hang.
|
| |
|
|
|
|
| |
Always check that pid > 0 before calling kill (pid, 9). The
issue was that sometimes pid == 0, and this ends up killing
ourselves.
|
| |
|
|
|
|
|
|
| |
This warning is currently a fatal error. The code attempts
to retry the accept call, but because we don't reset sock = -1
the retry doesn't happen and it dies anyway.
Set sock = -1 so the retry attempt can happen.
|
| |
|
|
|
| |
We set it on the kernel command line, then get it out from
there when the rescue appliance boots.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
As far as I can tell, Darwin has no way to check the peer euid
of a _loopback_ TCP socket. This is required for the "null vmchannel"
implementation to work securely.
Therefore disable this - Darwin will use one of the other supported
vmchannel implementations instead.
|
| | |
|
| | |
|
| |
|
|
|
| |
Really this should be turned into a configure-time test.
Perhaps one exists already?
|
| | |
|
| | |
|
| |
|
|
|
| |
On Mac OS X this prevents a short "flash" as qemu opens a
toplevel window.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change the add_drive_ro call so it adds the readonly=on option
if qemu supports that.
This just means that qemu will not try to open the drive with
O_RDWR, and should not otherwise change the behaviour of qemu or
libguestfs. (In particular, writes to the read-only drive are
still permitted, and are just discarded when the handle is closed).
However it should alleviate RHBZ#571714 where udev was deciding
to incorrectly relabel a device because we had opened the device
for writing (even though we didn't actually write to it).
|
| |
|
|
|
|
|
| |
Reimplement qemu_supports() internal function. Allow it to run
before launch so we can test qemu features. Document that you
should run guestfs_set_qemu as early as possible to make sure
these tests are reliable.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
libguestfs-supermin-helper was previously a shell script. Although
we had steadily optimized it, there were a number of intractable
hot spots:
(1) cpio still reads input files in 512 byte chunks; this is *very*
pessimal behaviour, particularly when SELinux is enabled.
(2) the hostfiles globbing was done very inefficiently by the shell,
with the shell rereading the same directory over and over again.
This is a rewrite of this shell script in C. It is approximately
3 times faster without SELinux, and has an even greater speed difference
with SELinux.
The main features are:
(a) It never frees memory, making it simpler. The program is designed
to run and exit in sub-second times, so this is acceptable.
(b) It caches directory reads, making the globbing of host files much
faster (measured this as ~ 4 x speed up).
(c) It doesn't use external cpio, but instead contains code to write
newc format cpio files, which is all that the kernel can read. Unlike
cpio, this code uses large buffers for reads and writes.
(d) Ignores missing or unreadable hostfiles, whereas cpio gave a
warning.
(e) Checks all return values from system calls.
(f) With --verbose flag, it will print messages timing itself.
This passes all tests.
Updated with feedback from Jim Meyering.
|
| |
|
|
|
|
| |
Since we have to compile with -Wno-unused-variables, we don't
spot unused variables in code. I found these by compiling the
code in Ubuntu.
|
| |
|
|
|
|
|
|
|
|
|
| |
The default if=... comes from configure time (currently it
defaults to if=virtio).
This change allows you to set the QEMU block emulation.
We don't think this will be used very often, but virt-v2v
requires it in order to work around a subtle problem with
running 'mkinitrd' in an appliance attached to a guest.
|
| |
|
|
|
|
|
|
| |
If the version of qemu being used supports -enable-kvm option,
then check if /dev/kvm is openable and add this option.
I have found this option makes no difference, although it is
*supposed* to enable KVM (hardware virtualization) support.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On some combination of installing, upgrading and removing the base
libguestfs package on x86_64, multilib can corrupt libguestfs by
leaving a copy of /usr/bin/libguestfs-supermin-helper around which
references the wrong architecture (usually, contains links to the
i386-based appliance, when the x86_64 appliance should be constructed).
This commit changes libguestfs-supermin-helper so that the script is
the same on all architectures. Instead, the library passes the
differences to the script (eg. $host_cpu). Because the i386 and
x86_64 libraries should be at different locations (/usr/lib vs
/usr/lib64) this should prevent multilib from screwing things up.
Related links:
https://bugzilla.redhat.com/show_bug.cgi?id=558593
http://rwmj.wordpress.com/2009/11/16/please-someone-shoot-multilib/#content
https://bugzilla.redhat.com/show_bug.cgi?id=235752
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Best explained by the comment in the code:
/* Newer versions of qemu (from around 2009/12) changed the
* behaviour of monitors so that an implicit '-monitor stdio' is
* assumed if we are in -nographic mode and there is no other
* -monitor option. Only a single stdio device is allowed, so
* this broke the '-serial stdio' option. There is a new flag
* called -nodefaults which gets rid of all this default crud, so
* let's use that to avoid this and any future surprises.
*/
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit uses the Gnulib 'lock' module to implement a mutex on
the global list of handles which is stored by the library.
Note that Gnulib nicely avoids explicitly linking with -lpthread
unless the application program itself links to -lpthread. Locks
are only enabled in multithreaded applications.
$ ldd src/.libs/libguestfs.so.0.217.0
linux-vdso.so.1 => (0x00007fffcb7ff000)
libc.so.6 => /lib64/libc.so.6 (0x00007f96a4e6c000)
/lib64/ld-linux-x86-64.so.2 (0x00007f96a544d000)
Please enter the commit message for your changes. Lines starting
|
| |
|
|
|
| |
Move these to private header file(s) and other places as required
since these aren't part of the public API.
|
| | |
|
| |
|
|
|
| |
In verbose mode, print timestamped messages during guestfs_launch
so we can see how long each step takes.
|
| |
|
|
|
|
|
|
|
|
| |
The guest handle field start_t was previously used (when we
had the wait_ready call), but had fallen into disuse. Note
that it could never be accessed through the API.
Rename this field as launch_t, convert it to a timeval, and
use it to measure the time since guestfs_launch was called
so that we can start profiling guest launch.
|
| | |
|
| |
|
|
|
| |
git grep -l 'strcmp *([^=]*== *0'|xargs \
perl -pi -e 's/\bstrcmp( *\(.*?\)) *== *0/STREQ$1/g'
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cfg.mk (disable_temporarily): Don't disable sc_avoid_ctype_macros.
* fish/tilde.c: Remove unnecessary inclusion of ctype.h.
* bootstrap: Add gnulib's c-ctype module to the list.
* daemon/m4/gnulib-cache.m4: Likewise.
* daemon/ext2.c: Include "c-ctype.h", not <ctype.h>.
Use c_isspace, etc, rather than isspace.
* daemon/guestfsd.c: Likewise.
* daemon/lvm.c: Likewise.
* daemon/proto.c: Likewise.
* fish/fish.c: Likewise.
* fish/tilde.c: Likewise.
* src/generator.ml: Likewise.
* src/guestfs.c: Likewise.
* examples/to-xml.c: Likewise.
* examples/Makefile.am (to_xml_CPPFLAGS): Add -I$(top_srcdir)/gnulib/lib
so inclusion of "c-ctype.h" works.
(to_xml_CPPFLAGS): Rename from to_xml_CFLAGS.
|
| |
|
|
|
|
|
|
| |
When the g->direct flag is set, the appliance stdin/stdout
are not connected to the library. Instead they inherit the
stdin/stdout of the caller.
This is used to implement virt-rescue.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit removes the requirement for vmchannel, although retaining
support for it.
In this configuration, known as "null vmchannel", the library
listens on a random loopback port. It passes the number of this
port to the appliance (guestfs_vmchannel=tcp:10.0.2.2:12345), and
the daemon then connects back. The library, instead of connecting,
listens and accepts the connection during guestfs_launch.
QEMU SLIRP (user mode networking) is still required to make this
work: SLIRP forwards the TCP connection transparently (instead of
explicitly as with guestfwd) to 127.0.0.1:<port>
There is a window in which any other local process on the machine
could see the port number in the qemu command line and try to
connect to it. This would be a devastating security hole, because
any local process could pretend to be the daemon and feed back
malicious replies to our remote procedure calls. To prevent this,
we check the UID of the other side of the TCP connection. If
the UID is different from the library's EUID, then we reject the
connection. To do this we have to parse /proc/net/tcp. (On Solaris
we could use getsockopt (SO_PEERCRED), but this doesn't work on
Linux TCP sockets).
Other vmchannel(s) are still supported. This is important, because
we can't in general be sure the qemu will always support SLIRP.
In particular, in recent versions of qemu it is possible to compile
out SLIRP.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reimplements parts of commit da0a4f8d1f6ddd302ceba028d87c6e009589e503
in a different, but compatible way.
We pass guestfs_vmchannel=tcp:<ip>:<port> on the command line. This
is intended to be used as follows (now and in future versions):
tcp:10.0.2.4:6666 for guestfwd vmchannel
tcp:10.0.2.2:<port> for future "no vmchannel" implementation
/dev/vcon4 for future virtio-console vmchannel*
It also accepts the old-style guestfs=10.0.2.4:6666 parameter which
is sent by older libraries, and turns this transparently into the
correct format above.
If no guestfs_vmchannel is passed, then this defaults to the guestfwd
vmchannel which older libraries would expect.
* Maybe this last one should be dev:/dev/vcon4 or file:/dev/vcon4, but
we don't need to decide that now.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit changes guestfs_launch so that it both launches
the appliance and waits until it is ready (ie. the daemon communicates
back to us).
Since we removed the pretence that we could implement a low-level
asynchronous API, the need to call launch() followed by wait_ready()
has looked a bit silly.
Now guestfs_wait_ready() is basically a no-op. It is left in the
API for backwards compatibility. Any calls to guestfs_wait_ready()
can be removed from client code.
|
| |
|
|
|
|
|
| |
buf[], append[] and memsize_str[] were all temporary buffers
used in non-overlapping code.
Combine them to use a single buffer (buf[]).
|
| | |
|
