From nobody Fri Apr 19 09:18:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562854074; cv=none; d=zoho.com; s=zohoarc; b=kK5XJDUnRlmonYh5WtefkJDau5SR2RMTMZuezgtgPWev+FMmXjHpeTw9Y51bPPnFG+QIcCKBYPbMQ6APCymYyDYiTD3ccuggerzY/oIkVC4irlF/waf85xH6AY/GwsolvBtYnOJdKBQFkDu2uTc3CK7SUsJ6UOhBvEkb2U+rzaI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562854074; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=GeCatd2MAcquqvQOrNezcPPfpAXXt+OmMBLKUFrA6xI=; b=EePafFPr+kOzgMYER3TIsXBzlwbrMX/Hfhce7P1k3kUGA5V4ogE634uVf4BM9knYl4RNGiq1DYAmCBzkURSZ55Tcd2Jx2RcfOfx+pI2/njlHCAdB+0Pfl5s5021Rk6mb/eTzNR3MD1ycY/aCLG+acI9raVtIKtEDLYfYBrMk3UA= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562854074583830.6246449400708; Thu, 11 Jul 2019 07:07:54 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id F3A665D619; Thu, 11 Jul 2019 14:07:52 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id BB61419729; Thu, 11 Jul 2019 14:07:52 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 78C4441F53; Thu, 11 Jul 2019 14:07:52 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BE7lkA028787 for ; Thu, 11 Jul 2019 10:07:47 -0400 Received: by smtp.corp.redhat.com (Postfix) id 2B62560148; Thu, 11 Jul 2019 14:07:47 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 989C4600CD; Thu, 11 Jul 2019 14:07:46 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 15:07:24 +0100 Message-Id: <20190711140742.31029-2-berrange@redhat.com> In-Reply-To: <20190711140742.31029-1-berrange@redhat.com> References: <20190711140742.31029-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 01/19] rpc: ensure all sockets bind to same port when service is NULL X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Thu, 11 Jul 2019 14:07:53 +0000 (UTC) When the service passed to getaddrinfo is NULL the kernel will choose a free port to bind to. In a dual stack though we will get separate sockets for IPv4 and IPv6 and we need them to bind to the same port number. Thus once the kerel has auto-selected a port for the first socket, we must disable auto-select for subsequent IP sockets and force reuse of the first port. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Michal Privoznik --- src/rpc/virnetsocket.c | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c index 254f39c4ec..fc13b1654a 100644 --- a/src/rpc/virnetsocket.c +++ b/src/rpc/virnetsocket.c @@ -311,6 +311,7 @@ int virNetSocketNewListenTCP(const char *nodename, int socketErrno =3D 0; int bindErrno =3D 0; virSocketAddr tmp_addr; + int port =3D 0; =20 *retsocks =3D NULL; *nretsocks =3D 0; @@ -379,7 +380,24 @@ int virNetSocketNewListenTCP(const char *nodename, } #endif =20 - if (bind(fd, runp->ai_addr, runp->ai_addrlen) < 0) { + addr.len =3D runp->ai_addrlen; + memcpy(&addr.data.sa, runp->ai_addr, runp->ai_addrlen); + + /* When service is NULL, we let the kernel auto-select the + * port. Once we've selected a port for one IP protocol + * though, we want to ensure we pick the same port for the + * other IP protocol + */ + if (port !=3D 0 && service =3D=3D NULL) { + if (runp->ai_addr->sa_family =3D=3D AF_INET) { + addr.data.inet4.sin_port =3D port; + } else if (addr.data.sa.sa_family =3D=3D AF_INET6) { + addr.data.inet6.sin6_port =3D port; + } + VIR_DEBUG("Used saved port %d", port); + } + + if (bind(fd, &addr.data.sa, addr.len) < 0) { if (errno !=3D EADDRINUSE && errno !=3D EADDRNOTAVAIL) { virReportSystemError(errno, "%s", _("Unable to bind to por= t")); goto error; @@ -396,6 +414,14 @@ int virNetSocketNewListenTCP(const char *nodename, goto error; } =20 + if (port =3D=3D 0 && service =3D=3D NULL) { + if (addr.data.sa.sa_family =3D=3D AF_INET) + port =3D addr.data.inet4.sin_port; + else if (addr.data.sa.sa_family =3D=3D AF_INET6) + port =3D addr.data.inet6.sin6_port; + VIR_DEBUG("Saved port %d", port); + } + VIR_DEBUG("%p f=3D%d f=3D%d", &addr, runp->ai_family, addr.data.sa= .sa_family); =20 if (VIR_EXPAND_N(socks, nsocks, 1) < 0) --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri Apr 19 09:18:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562854075; cv=none; d=zoho.com; s=zohoarc; b=PrdSGfuRf6sVorEeI0j6/+Im7TWy53DIWT35w61O6ALeU3je/n7aRyUqoQm1+1e+F9H8Xpwdsystpn2nzD+6k2U6Jl/710FmzV2m4yKEZe4mi5L2mBDz7neqaaElCh3T54FQXxuJfhHg7pZk9G7CCWgdIFo3ZRT6OxXUKPH/Y7k= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562854075; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=+afWBOZ0WrmYZKchrKDuWPQes1XFNhppvZCekXbePCI=; b=jMQ4w12sIl0Mo5n7+rqhUwSgF62b6IridDKx32IIuWBNtrfpwovrq+3m6R4AcIiSg6birFEu513gqGF0VXogGLzT9qUsySQxqypxqecQmb1IBlIMhrLq0vmu6x5WEYFrvchhVzi25Bi3GfJyDNUQ2bbqfsCPsxMAcbih6qznteA= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562854075857546.6934592353999; Thu, 11 Jul 2019 07:07:55 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 11D1285543; Thu, 11 Jul 2019 14:07:54 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id E1CCD60150; Thu, 11 Jul 2019 14:07:53 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id A6608410BB; Thu, 11 Jul 2019 14:07:53 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BE7m0N028795 for ; Thu, 11 Jul 2019 10:07:48 -0400 Received: by smtp.corp.redhat.com (Postfix) id 40A2D6014C; Thu, 11 Jul 2019 14:07:48 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 6D00E60148; Thu, 11 Jul 2019 14:07:47 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 15:07:25 +0100 Message-Id: <20190711140742.31029-3-berrange@redhat.com> In-Reply-To: <20190711140742.31029-1-berrange@redhat.com> References: <20190711140742.31029-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Cc: =?UTF-8?q?J=C3=A1n=20Tomko?= Subject: [libvirt] [PATCH v2 02/19] util: add APIs for facilitating use of systemd activation FDs X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Thu, 11 Jul 2019 14:07:54 +0000 (UTC) When receiving multiple FDs from systemd during service activation it is neccessary to identify which purpose each FD is used for. While this could be inferred by looking for the specific IP ports or UNIX socket paths, this requires the systemd config to always match what is expected by the code. Using systemd FD names we can remove this restriction and simply identify FDs based on an arbitrary name. The FD names are passed by systemd in the LISTEN_FDNAMES env variable which is populated with the socket unit file names, unless overriden by using the FileDescriptorName setting. This is supported since the system 227 release and unfortunately RHEL7 lacks this version. Thus the code has some back compat support whereby we look at the TCP ports or the UNIX socket paths to identify what socket maps to which name. This back compat code is written such that is it easly deleted when we are able to mandate newer systemd. Reviewed-by: J=C3=A1n Tomko Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Michal Privoznik --- src/libvirt_private.syms | 5 + src/util/virsystemd.c | 362 +++++++++++++++++++++++++++++++++++++++ src/util/virsystemd.h | 32 ++++ tests/virsystemdtest.c | 169 ++++++++++++++++++ 4 files changed, 568 insertions(+) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 02d5b7acce..a19ba1d798 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -3086,10 +3086,15 @@ virSysinfoReadS390; =20 =20 # util/virsystemd.h +virSystemdActivationClaimFDs; +virSystemdActivationComplete; +virSystemdActivationFree; +virSystemdActivationHasName; virSystemdCanHibernate; virSystemdCanHybridSleep; virSystemdCanSuspend; virSystemdCreateMachine; +virSystemdGetActivation; virSystemdGetMachineNameByPID; virSystemdHasMachinedResetCachedValue; virSystemdMakeScopeName; diff --git a/src/util/virsystemd.c b/src/util/virsystemd.c index 3f03e3bd63..ae8401343d 100644 --- a/src/util/virsystemd.c +++ b/src/util/virsystemd.c @@ -39,6 +39,8 @@ #include "virlog.h" #include "virerror.h" #include "virfile.h" +#include "virhash.h" +#include "virsocketaddr.h" =20 #define VIR_FROM_THIS VIR_FROM_SYSTEMD =20 @@ -48,6 +50,18 @@ VIR_LOG_INIT("util.systemd"); # define MSG_NOSIGNAL 0 #endif =20 +struct _virSystemdActivation { + virHashTablePtr fds; +}; + +typedef struct _virSystemdActivationEntry virSystemdActivationEntry; +typedef virSystemdActivationEntry *virSystemdActivationEntryPtr; + +struct _virSystemdActivationEntry { + int *fds; + size_t nfds; +}; + static void virSystemdEscapeName(virBufferPtr buf, const char *name) { @@ -561,3 +575,351 @@ int virSystemdCanHybridSleep(bool *result) { return virSystemdPMSupportTarget("CanHybridSleep", result); } + + +static void +virSystemdActivationEntryFree(void *data, const void *name) +{ + virSystemdActivationEntryPtr ent =3D data; + size_t i; + + VIR_DEBUG("Closing activation FDs for %s", (const char *)name); + for (i =3D 0; i < ent->nfds; i++) { + VIR_DEBUG("Closing activation FD %d", ent->fds[i]); + VIR_FORCE_CLOSE(ent->fds[i]); + } + + VIR_FREE(ent->fds); + VIR_FREE(ent); +} + + +static int +virSystemdActivationAddFD(virSystemdActivationPtr act, + const char *name, + int fd) +{ + virSystemdActivationEntryPtr ent =3D virHashLookup(act->fds, name); + + if (!ent) { + if (VIR_ALLOC(ent) < 0) + return -1; + + if (VIR_ALLOC_N(ent->fds, 1) < 0) { + virSystemdActivationEntryFree(ent, name); + return -1; + } + + ent->fds[ent->nfds++] =3D fd; + + VIR_DEBUG("Record first FD %d with name %s", fd, name); + if (virHashAddEntry(act->fds, name, ent) < 0) { + virSystemdActivationEntryFree(ent, name); + return -1; + } + + return 0; + } + + if (VIR_EXPAND_N(ent->fds, ent->nfds, 1) < 0) + return -1; + + VIR_DEBUG("Record extra FD %d with name %s", fd, name); + ent->fds[ent->nfds - 1] =3D fd; + + return 0; +} + + +static int +virSystemdActivationInitFromNames(virSystemdActivationPtr act, + int nfds, + const char *fdnames) +{ + VIR_AUTOSTRINGLIST fdnamelistptr =3D NULL; + char **fdnamelist; + size_t nfdnames; + size_t i; + int nextfd =3D STDERR_FILENO + 1; + + VIR_DEBUG("FD names %s", fdnames); + + if (!(fdnamelistptr =3D virStringSplitCount(fdnames, ":", 0, &nfdnames= ))) + goto error; + + if (nfdnames !=3D nfds) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Expecting %d FD names but got %zu"), + nfds, nfdnames); + goto error; + } + + fdnamelist =3D fdnamelistptr; + while (nfds) { + if (virSystemdActivationAddFD(act, *fdnamelist, nextfd) < 0) + goto error; + + fdnamelist++; + nextfd++; + nfds--; + } + + return 0; + + error: + for (i =3D 0; i < nfds; i++) { + int fd =3D nextfd + i; + VIR_FORCE_CLOSE(fd); + } + return -1; +} + + +/* + * Back compat for systemd < v227 which lacks LISTEN_FDNAMES. + * Delete when min systemd is increased ie RHEL7 dropped + */ +static int +virSystemdActivationInitFromMap(virSystemdActivationPtr act, + int nfds, + virSystemdActivationMap *map, + size_t nmap) +{ + int nextfd =3D STDERR_FILENO + 1; + size_t i; + + while (nfds) { + virSocketAddr addr; + const char *name =3D NULL; + + memset(&addr, 0, sizeof(addr)); + + addr.len =3D sizeof(addr.data); + if (getsockname(nextfd, &addr.data.sa, &addr.len) < 0) { + virReportSystemError(errno, "%s", _("Unable to get local socke= t name")); + goto error; + } + + for (i =3D 0; i < nmap && !name; i++) { + if (map[i].name =3D=3D NULL) + continue; + + if (addr.data.sa.sa_family =3D=3D AF_INET) { + if (map[i].family =3D=3D AF_INET && + addr.data.inet4.sin_port =3D=3D htons(map[i].port)) + name =3D map[i].name; + } else if (addr.data.sa.sa_family =3D=3D AF_INET6) { + /* NB use of AF_INET here is correct. The "map" struct + * only refers to AF_INET. The socket may be AF_INET + * or AF_INET6 + */ + if (map[i].family =3D=3D AF_INET && + addr.data.inet6.sin6_port =3D=3D htons(map[i].port)) + name =3D map[i].name; +#ifndef WIN32 + } else if (addr.data.sa.sa_family =3D=3D AF_UNIX) { + if (map[i].family =3D=3D AF_UNIX && + STREQLEN(map[i].path, + addr.data.un.sun_path, + sizeof(addr.data.un.sun_path))) + name =3D map[i].name; +#endif + } else { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unexpected socket family %d"), + addr.data.sa.sa_family); + goto error; + } + } + + if (!name) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Cannot find name for FD %d socket family %d"= ), + nextfd, addr.data.sa.sa_family); + goto error; + } + + if (virSystemdActivationAddFD(act, name, nextfd) < 0) + goto error; + + nfds--; + nextfd++; + } + + return 0; + + error: + for (i =3D 0; i < nfds; i++) { + int fd =3D nextfd + i; + VIR_FORCE_CLOSE(fd); + } + return -1; +} + + +static virSystemdActivationPtr +virSystemdActivationNew(virSystemdActivationMap *map, + size_t nmap, + int nfds) +{ + virSystemdActivationPtr act; + const char *fdnames; + + VIR_DEBUG("Activated with %d FDs", nfds); + if (VIR_ALLOC(act) < 0) + return NULL; + + if (!(act->fds =3D virHashCreate(10, virSystemdActivationEntryFree))) + goto error; + + fdnames =3D virGetEnvAllowSUID("LISTEN_FDNAMES"); + if (fdnames) { + if (virSystemdActivationInitFromNames(act, nfds, fdnames) < 0) + goto error; + } else { + if (virSystemdActivationInitFromMap(act, nfds, map, nmap) < 0) + goto error; + } + + VIR_DEBUG("Created activation object for %d FDs", nfds); + return act; + + error: + virSystemdActivationFree(&act); + return NULL; +} + + +/** + * virSystemdGetActivation: + * @map: mapping of socket addresses to names + * @nmap: number of entries in @map + * @act: filled with allocated activation object + * + * Acquire an object for handling systemd activation. + * If no activation FDs have been provided the returned object + * will be NULL, indicating normal sevice setup can be performed + * If the returned object is non-NULL then at least one file + * descriptor will be present. No normal service setup should + * be performed. + * + * Returns: 0 on success, -1 on failure + */ +int +virSystemdGetActivation(virSystemdActivationMap *map, + size_t nmap, + virSystemdActivationPtr *act) +{ + int nfds =3D 0; + + if ((nfds =3D virGetListenFDs()) < 0) + return -1; + + if (nfds =3D=3D 0) { + VIR_DEBUG("No activation FDs present"); + *act =3D NULL; + return 0; + } + + *act =3D virSystemdActivationNew(map, nmap, nfds); + return 0; +} + + +/** + * virSystemdActivationHasName: + * @act: the activation object + * @name: the file descriptor name + * + * Check whether there is a file descriptor present + * for the requested name. + * + * Returns: true if a FD is present, false otherwise + */ +bool +virSystemdActivationHasName(virSystemdActivationPtr act, + const char *name) +{ + return virHashLookup(act->fds, name) !=3D NULL; +} + + +/** + * virSystemdActivationComplete: + * @act: the activation object + * + * Indicate that processing of activation has been + * completed. All provided file descriptors should + * have been claimed. If any are unclaimed then + * an error will be reported + * + * Returns: 0 on success, -1 if some FDs are unclaimed + */ +int +virSystemdActivationComplete(virSystemdActivationPtr act) +{ + if (virHashSize(act->fds) !=3D 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("Some activation file descriptors are unclaimed")= ); + return -1; + } + + return 0; +} + + +/** + * virSystemdActivationClaimFDs: + * @act: the activation object + * @name: the file descriptor name + * @fds: to be filled with claimed FDs + * @nfds: to be filled with number of FDs in @fds + * + * Claims the file descriptors associated with + * @name. + * + * The caller is responsible for closing all + * returned file descriptors when they are no + * longer required. The caller must also free + * the array memory in @fds. + */ +void +virSystemdActivationClaimFDs(virSystemdActivationPtr act, + const char *name, + int **fds, + size_t *nfds) +{ + virSystemdActivationEntryPtr ent =3D virHashSteal(act->fds, name); + + if (!ent) { + *fds =3D NULL; + *nfds =3D 0; + VIR_DEBUG("No FD with name %s", name); + return; + } + + VIR_DEBUG("Found %zu FDs with name %s", ent->nfds, name); + *fds =3D ent->fds; + *nfds =3D ent->nfds; + + VIR_FREE(ent); +} + + +/** + * virSystemdActivationFree: + * @act: the activation object + * + * Free memory and close unclaimed file descriptors + * associated with the activation object + */ +void +virSystemdActivationFree(virSystemdActivationPtr *act) +{ + if (!*act) + return; + + virHashFree((*act)->fds); + + VIR_FREE(*act); +} diff --git a/src/util/virsystemd.h b/src/util/virsystemd.h index db4ecbff60..5d56c78835 100644 --- a/src/util/virsystemd.h +++ b/src/util/virsystemd.h @@ -23,6 +23,20 @@ =20 #include "internal.h" =20 +typedef struct _virSystemdActivation virSystemdActivation; +typedef virSystemdActivation *virSystemdActivationPtr; + +/* + * Back compat for systemd < v227 which lacks LISTEN_FDNAMES. + * Delete when min systemd is increased ie RHEL7 dropped + */ +typedef struct _virSystemdActivationMap { + const char *name; + int family; + int port; /* if family =3D=3D AF_INET/AF_INET6 */ + const char *path; /* if family =3D=3D AF_UNIX */ +} virSystemdActivationMap; + char *virSystemdMakeScopeName(const char *name, const char *drivername, bool legacy_behaviour); @@ -49,3 +63,21 @@ int virSystemdCanHibernate(bool *result); int virSystemdCanHybridSleep(bool *result); =20 char *virSystemdGetMachineNameByPID(pid_t pid); + +int virSystemdGetActivation(virSystemdActivationMap *map, + size_t nmap, + virSystemdActivationPtr *act); + +bool virSystemdActivationHasName(virSystemdActivationPtr act, + const char *name); + +int virSystemdActivationComplete(virSystemdActivationPtr act); + +void virSystemdActivationClaimFDs(virSystemdActivationPtr act, + const char *name, + int **fds, + size_t *nfds); + +void virSystemdActivationFree(virSystemdActivationPtr *act); + +#define virSystemdActivationAutoPtrFree virSystemdActivationFree diff --git a/tests/virsystemdtest.c b/tests/virsystemdtest.c index 82c02decd1..586c512fca 100644 --- a/tests/virsystemdtest.c +++ b/tests/virsystemdtest.c @@ -31,6 +31,8 @@ # include "virdbus.h" # include "virlog.h" # include "virmock.h" +# include "rpc/virnetsocket.h" +# include "intprops.h" # define VIR_FROM_THIS VIR_FROM_NONE =20 VIR_LOG_INIT("tests.systemdtest"); @@ -507,6 +509,166 @@ static int testPMSupportSystemdNotRunning(const void = *opaque) return 0; } =20 + +static int +testActivationCreateFDs(virNetSocketPtr *sockUNIX, + virNetSocketPtr **sockIP, + size_t *nsockIP) +{ + *sockUNIX =3D NULL; + *sockIP =3D NULL; + *nsockIP =3D 0; + + if (virNetSocketNewListenUNIX("virsystemdtest.sock", + 0777, + 0, + 0, + sockUNIX) < 0) + return -1; + + if (virNetSocketNewListenTCP("localhost", + NULL, + AF_UNSPEC, + sockIP, + nsockIP) < 0) { + virObjectUnref(*sockUNIX); + return -1; + } + + return 0; +} + + +static int +testActivation(bool useNames) +{ + virNetSocketPtr sockUNIX; + virNetSocketPtr *sockIP; + size_t nsockIP; + int ret =3D -1; + size_t i; + const char *names2 =3D "demo-unix.socket:demo-ip.socket"; + const char *names3 =3D "demo-unix.socket:demo-ip.socket:demo-ip.socket= "; + char nfdstr[INT_BUFSIZE_BOUND(size_t)]; + char pidstr[INT_BUFSIZE_BOUND(pid_t)]; + virSystemdActivationMap map[2]; + int *fds =3D NULL; + size_t nfds =3D 0; + VIR_AUTOPTR(virSystemdActivation) act =3D NULL; + + if (testActivationCreateFDs(&sockUNIX, &sockIP, &nsockIP) < 0) + return -1; + + if (nsockIP !=3D 1 && nsockIP !=3D 2) { + fprintf(stderr, "Got %zu IP sockets but expected only 1 or 2\n", n= sockIP); + goto cleanup; + } + + snprintf(nfdstr, sizeof(nfdstr), "%zu", 1 + nsockIP); + snprintf(pidstr, sizeof(pidstr), "%lld", (long long)getpid()); + + setenv("LISTEN_FDS", nfdstr, 1); + setenv("LISTEN_PID", pidstr, 1); + + if (useNames) + setenv("LISTEN_FDNAMES", nsockIP =3D=3D 1 ? names2 : names3, 1); + else + unsetenv("LISTEN_FDNAMES"); + + map[0].name =3D "demo-unix.socket"; + map[0].family =3D AF_UNIX; + map[0].path =3D virNetSocketGetPath(sockUNIX); + + map[1].name =3D "demo-ip.socket"; + map[1].family =3D AF_INET; + map[1].port =3D virNetSocketGetPort(sockIP[0]); + + if (virSystemdGetActivation(map, ARRAY_CARDINALITY(map), &act) < 0) + goto cleanup; + + if (act =3D=3D NULL) { + fprintf(stderr, "Activation object was not created: %s", virGetLas= tErrorMessage()); + goto cleanup; + } + + if (virSystemdActivationComplete(act) =3D=3D 0) { + fprintf(stderr, "Activation did not report unclaimed FDs"); + goto cleanup; + } + + virSystemdActivationClaimFDs(act, "demo-unix.socket", &fds, &nfds); + + if (nfds !=3D 1) { + fprintf(stderr, "Expected 1 UNIX fd, but got %zu\n", nfds); + goto cleanup; + } + VIR_FREE(fds); + + virSystemdActivationClaimFDs(act, "demo-ip.socket", &fds, &nfds); + + if (nfds !=3D nsockIP) { + fprintf(stderr, "Expected %zu IP fd, but got %zu\n", nsockIP, nfds= ); + goto cleanup; + } + VIR_FREE(fds); + + virSystemdActivationClaimFDs(act, "demo-ip-alt.socket", &fds, &nfds); + + if (nfds !=3D 0) { + fprintf(stderr, "Expected 0 IP fd, but got %zu\n", nfds); + goto cleanup; + } + + if (virSystemdActivationComplete(act) < 0) { + fprintf(stderr, "Action was not complete: %s\n", virGetLastErrorMe= ssage()); + goto cleanup; + } + + ret =3D 0; + cleanup: + virObjectUnref(sockUNIX); + for (i =3D 0; i < nsockIP; i++) + virObjectUnref(sockIP[i]); + VIR_FREE(sockIP); + VIR_FREE(fds); + return ret; +} + + +static int +testActivationEmpty(const void *opaque ATTRIBUTE_UNUSED) +{ + virSystemdActivationPtr act; + + unsetenv("LISTEN_FDS"); + + if (virSystemdGetActivation(NULL, 0, &act) < 0) + return -1; + + if (act !=3D NULL) { + fprintf(stderr, "Unexpectedly got activation object"); + virSystemdActivationFree(&act); + return -1; + } + + return 0; +} + + +static int +testActivationFDNames(const void *opaque ATTRIBUTE_UNUSED) +{ + return testActivation(true); +} + + +static int +testActivationFDAddrs(const void *opaque ATTRIBUTE_UNUSED) +{ + return testActivation(false); +} + + static int mymain(void) { @@ -598,6 +760,13 @@ mymain(void) TESTS_PM_SUPPORT_HELPER("canHibernate", &virSystemdCanHibernate); TESTS_PM_SUPPORT_HELPER("canHybridSleep", &virSystemdCanHybridSleep); =20 + if (virTestRun("Test activation empty", testActivationEmpty, NULL) < 0) + ret =3D -1; + if (virTestRun("Test activation names", testActivationFDNames, NULL) <= 0) + ret =3D -1; + if (virTestRun("Test activation addrs", testActivationFDAddrs, NULL) <= 0) + ret =3D -1; + return ret =3D=3D 0 ? EXIT_SUCCESS : EXIT_FAILURE; } =20 --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri Apr 19 09:18:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562854078; cv=none; d=zoho.com; s=zohoarc; b=olU+0010pV1ze5cJqwWqGLatuppzq7kezFrgr2Lv/Ed/htGqlXGB1QJ+9+QrHNmaBjMFA/0JQ+osokcsz7KnNJ+OB2yzSUUw2bKORAZ7bWxAhsanBzr242FFoB8HuEqZZvP8kSwplepeKZSFEYaCi05Lt07Ncf9K8IeYM1ky0hk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562854078; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=EVxT0leP7TnOPJtuiVq6Y8wW62WLgNahn6YrIOPfAyc=; b=OfjvY+Gk3jPcQAbgv50HFbKlX7YrmqyQrkl8OJ34Sb7a4imv2F6Iuwpi6x0ouuZC+xsKa3fObEhoeeWRsTYBago0DOZLAW+gjZ1OqgE8cuRh5msOJ/S5WJYMx63FIdOdtLDzQ/IDvqPBHQa9adYDQHGoDH4qFzAEfVlMCk1pjsc= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562854078622200.30705542976432; Thu, 11 Jul 2019 07:07:58 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id B5C584E93D; Thu, 11 Jul 2019 14:07:56 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 81B9C5DA65; Thu, 11 Jul 2019 14:07:56 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 448EF18184B7; Thu, 11 Jul 2019 14:07:56 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BE7nEo028802 for ; Thu, 11 Jul 2019 10:07:49 -0400 Received: by smtp.corp.redhat.com (Postfix) id 119CA60148; Thu, 11 Jul 2019 14:07:49 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7FC04600CD; Thu, 11 Jul 2019 14:07:48 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 15:07:26 +0100 Message-Id: <20190711140742.31029-4-berrange@redhat.com> In-Reply-To: <20190711140742.31029-1-berrange@redhat.com> References: <20190711140742.31029-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 03/19] rpc: refactor RPC service constructors to share more code X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Thu, 11 Jul 2019 14:07:57 +0000 (UTC) Introduce a virNetServerServiceNewSocket API that allows the various constructors to share more code. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Michal Privoznik --- src/rpc/virnetserverservice.c | 165 +++++++++++++++------------------- 1 file changed, 74 insertions(+), 91 deletions(-) diff --git a/src/rpc/virnetserverservice.c b/src/rpc/virnetserverservice.c index 97341d1546..69043ccc0e 100644 --- a/src/rpc/virnetserverservice.c +++ b/src/rpc/virnetserverservice.c @@ -128,14 +128,14 @@ virNetServerServiceNewFDOrUNIX(const char *path, } =20 =20 -virNetServerServicePtr virNetServerServiceNewTCP(const char *nodename, - const char *service, - int family, - int auth, - virNetTLSContextPtr tls, - bool readonly, - size_t max_queued_clients, - size_t nrequests_client_m= ax) +static virNetServerServicePtr +virNetServerServiceNewSocket(virNetSocketPtr *socks, + size_t nsocks, + int auth, + virNetTLSContextPtr tls, + bool readonly, + size_t max_queued_clients, + size_t nrequests_client_max) { virNetServerServicePtr svc; size_t i; @@ -146,18 +146,18 @@ virNetServerServicePtr virNetServerServiceNewTCP(cons= t char *nodename, if (!(svc =3D virObjectNew(virNetServerServiceClass))) return NULL; =20 + if (VIR_ALLOC_N(svc->socks, nsocks) < 0) + goto error; + svc->nsocks =3D nsocks; + for (i =3D 0; i < svc->nsocks; i++) { + svc->socks[i] =3D socks[i]; + virObjectRef(svc->socks[i]); + } svc->auth =3D auth; svc->readonly =3D readonly; svc->nrequests_client_max =3D nrequests_client_max; svc->tls =3D virObjectRef(tls); =20 - if (virNetSocketNewListenTCP(nodename, - service, - family, - &svc->socks, - &svc->nsocks) < 0) - goto error; - for (i =3D 0; i < svc->nsocks; i++) { if (virNetSocketListen(svc->socks[i], max_queued_clients) < 0) goto error; @@ -184,6 +184,43 @@ virNetServerServicePtr virNetServerServiceNewTCP(const= char *nodename, } =20 =20 +virNetServerServicePtr virNetServerServiceNewTCP(const char *nodename, + const char *service, + int family, + int auth, + virNetTLSContextPtr tls, + bool readonly, + size_t max_queued_clients, + size_t nrequests_client_m= ax) +{ + virNetServerServicePtr svc; + size_t i; + virNetSocketPtr *socks; + size_t nsocks; + + if (virNetSocketNewListenTCP(nodename, + service, + family, + &socks, + &nsocks) < 0) + return NULL; + + svc =3D virNetServerServiceNewSocket(socks, + nsocks, + auth, + tls, + readonly, + max_queued_clients, + nrequests_client_max); + + for (i =3D 0; i < nsocks; i++) + virObjectUnref(socks[i]); + VIR_FREE(socks); + + return svc; +} + + virNetServerServicePtr virNetServerServiceNewUNIX(const char *path, mode_t mask, gid_t grp, @@ -194,53 +231,26 @@ virNetServerServicePtr virNetServerServiceNewUNIX(con= st char *path, size_t nrequests_client_= max) { virNetServerServicePtr svc; - size_t i; - - if (virNetServerServiceInitialize() < 0) - return NULL; - - if (!(svc =3D virObjectNew(virNetServerServiceClass))) - return NULL; - - svc->auth =3D auth; - svc->readonly =3D readonly; - svc->nrequests_client_max =3D nrequests_client_max; - svc->tls =3D virObjectRef(tls); - - if (VIR_ALLOC_N(svc->socks, 1) < 0) - goto error; - svc->nsocks =3D 1; + virNetSocketPtr sock; =20 if (virNetSocketNewListenUNIX(path, mask, -1, grp, - &svc->socks[0]) < 0) - goto error; - - for (i =3D 0; i < svc->nsocks; i++) { - if (virNetSocketListen(svc->socks[i], max_queued_clients) < 0) - goto error; + &sock) < 0) + return NULL; =20 - /* IO callback is initially disabled, until we're ready - * to deal with incoming clients */ - virObjectRef(svc); - if (virNetSocketAddIOCallback(svc->socks[i], - 0, - virNetServerServiceAccept, - svc, - virObjectFreeCallback) < 0) { - virObjectUnref(svc); - goto error; - } - } + svc =3D virNetServerServiceNewSocket(&sock, + 1, + auth, + tls, + readonly, + max_queued_clients, + nrequests_client_max); =20 + virObjectUnref(sock); =20 return svc; - - error: - virObjectUnref(svc); - return NULL; } =20 virNetServerServicePtr virNetServerServiceNewFD(int fd, @@ -251,50 +261,23 @@ virNetServerServicePtr virNetServerServiceNewFD(int f= d, size_t nrequests_client_ma= x) { virNetServerServicePtr svc; - size_t i; - - if (virNetServerServiceInitialize() < 0) - return NULL; - - if (!(svc =3D virObjectNew(virNetServerServiceClass))) - return NULL; - - svc->auth =3D auth; - svc->readonly =3D readonly; - svc->nrequests_client_max =3D nrequests_client_max; - svc->tls =3D virObjectRef(tls); - - if (VIR_ALLOC_N(svc->socks, 1) < 0) - goto error; - svc->nsocks =3D 1; + virNetSocketPtr sock; =20 if (virNetSocketNewListenFD(fd, - &svc->socks[0]) < 0) - goto error; - - for (i =3D 0; i < svc->nsocks; i++) { - if (virNetSocketListen(svc->socks[i], max_queued_clients) < 0) - goto error; + &sock) < 0) + return NULL; =20 - /* IO callback is initially disabled, until we're ready - * to deal with incoming clients */ - virObjectRef(svc); - if (virNetSocketAddIOCallback(svc->socks[i], - 0, - virNetServerServiceAccept, - svc, - virObjectFreeCallback) < 0) { - virObjectUnref(svc); - goto error; - } - } + svc =3D virNetServerServiceNewSocket(&sock, + 1, + auth, + tls, + readonly, + max_queued_clients, + nrequests_client_max); =20 + virObjectUnref(sock); =20 return svc; - - error: - virObjectUnref(svc); - return NULL; } =20 =20 --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri Apr 19 09:18:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562854082; cv=none; d=zoho.com; s=zohoarc; b=hx0vyl3sx5BoUXWACsA0PNzX2prPF/uO84yicHWs3T8H3hF3hYs/n3EllhXslfy2FpcAHme3ypyUimb7FkYtfokIRgFV6ud6UitRfhlx3AE1fqnrZ3knJhjZYyDF0P2ZGDCMHZ/KSEfwYV6RIkIUrmTPwbdAv7WMpBqHi4Kzxuo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562854082; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=9DgR5JBTMP7zZhiH4/7EUsI6+gl54mdv1Mpwi9r8Wt0=; b=HgnGBcJi7knY6xBShf67Im+iwl6zNroMArKVatayKsR1lyBFdrIAojiII/iCnCq8hXP2ARBPtE9+LiAKimmMAFDT8Y06eY80mvOcPPIFJIwUqtMQp4SC0+5n2qjsiTTcPAh0yUiodeFc/EJ9Qc0bWqLid1dxvh/Nx0AyCxLl63k= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562854082110523.7441413891754; Thu, 11 Jul 2019 07:08:02 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 805E259465; Thu, 11 Jul 2019 14:08:00 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 55DAE60C4E; Thu, 11 Jul 2019 14:08:00 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 0F6841833002; Thu, 11 Jul 2019 14:08:00 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BE7n8V028814 for ; Thu, 11 Jul 2019 10:07:49 -0400 Received: by smtp.corp.redhat.com (Postfix) id DC8A56014C; Thu, 11 Jul 2019 14:07:49 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 5338E600CD; Thu, 11 Jul 2019 14:07:49 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 15:07:27 +0100 Message-Id: <20190711140742.31029-5-berrange@redhat.com> In-Reply-To: <20190711140742.31029-1-berrange@redhat.com> References: <20190711140742.31029-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 04/19] rpc: allow creating RPC service from an array of FDs X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Thu, 11 Jul 2019 14:08:01 +0000 (UTC) The virNetServerServiceNewFD API only accepts a single FD, but it is easily changed to allow for an array of FDs to be passed in. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Michal Privoznik --- src/libvirt_remote.syms | 2 +- src/locking/lock_daemon.c | 9 ++++-- src/logging/log_daemon.c | 9 ++++-- src/rpc/virnetserverservice.c | 53 +++++++++++++++++++++-------------- src/rpc/virnetserverservice.h | 13 +++++---- 5 files changed, 52 insertions(+), 34 deletions(-) diff --git a/src/libvirt_remote.syms b/src/libvirt_remote.syms index 99fe3dd07c..f05f1827f0 100644 --- a/src/libvirt_remote.syms +++ b/src/libvirt_remote.syms @@ -202,8 +202,8 @@ virNetServerServiceGetMaxRequests; virNetServerServiceGetPort; virNetServerServiceGetTLSContext; virNetServerServiceIsReadonly; -virNetServerServiceNewFD; virNetServerServiceNewFDOrUNIX; +virNetServerServiceNewFDs; virNetServerServiceNewPostExecRestart; virNetServerServiceNewTCP; virNetServerServiceNewUNIX; diff --git a/src/locking/lock_daemon.c b/src/locking/lock_daemon.c index bc2fb4a7fb..c10b2d383c 100644 --- a/src/locking/lock_daemon.c +++ b/src/locking/lock_daemon.c @@ -597,6 +597,7 @@ virLockDaemonSetupNetworkingSystemD(virNetServerPtr loc= kSrv, virNetServerPtr adm virNetServerServicePtr svc; char *path =3D virGetUNIXSocketPath(3 + i); virNetServerPtr srv; + int fds[] =3D { 3 + i }; =20 if (!path) return -1; @@ -616,9 +617,11 @@ virLockDaemonSetupNetworkingSystemD(virNetServerPtr lo= ckSrv, virNetServerPtr adm =20 /* Systemd passes FDs, starting immediately after stderr, * so the first FD we'll get is '3'. */ - if (!(svc =3D virNetServerServiceNewFD(3 + i, 0, - NULL, - false, 0, 1))) + if (!(svc =3D virNetServerServiceNewFDs(fds, + ARRAY_CARDINALITY(fds), + 0, + NULL, + false, 0, 1))) return -1; =20 if (virNetServerAddService(srv, svc) < 0) { diff --git a/src/logging/log_daemon.c b/src/logging/log_daemon.c index 014596b280..6531999381 100644 --- a/src/logging/log_daemon.c +++ b/src/logging/log_daemon.c @@ -532,6 +532,7 @@ virLogDaemonSetupNetworkingSystemD(virNetServerPtr logS= rv, virNetServerPtr admin virNetServerServicePtr svc; char *path =3D virGetUNIXSocketPath(3 + i); virNetServerPtr srv; + int fds[] =3D { 3 + i }; =20 if (!path) return -1; @@ -551,9 +552,11 @@ virLogDaemonSetupNetworkingSystemD(virNetServerPtr log= Srv, virNetServerPtr admin =20 /* Systemd passes FDs, starting immediately after stderr, * so the first FD we'll get is '3'. */ - if (!(svc =3D virNetServerServiceNewFD(3 + i, 0, - NULL, - false, 0, 1))) + if (!(svc =3D virNetServerServiceNewFDs(fds, + ARRAY_CARDINALITY(fds), + 0, + NULL, + false, 0, 1))) return -1; =20 if (virNetServerAddService(srv, svc) < 0) { diff --git a/src/rpc/virnetserverservice.c b/src/rpc/virnetserverservice.c index 69043ccc0e..0d2f264696 100644 --- a/src/rpc/virnetserverservice.c +++ b/src/rpc/virnetserverservice.c @@ -112,18 +112,20 @@ virNetServerServiceNewFDOrUNIX(const char *path, nrequests_client_max); =20 } else { + int fds[] =3D {(*cur_fd)++}; /* * There's still enough file descriptors. In this case we'll * use the current one and increment it afterwards. Take care * with order of operation for pointer arithmetic and auto * increment on cur_fd - the parentheses are necessary. */ - return virNetServerServiceNewFD((*cur_fd)++, - auth, - tls, - readonly, - max_queued_clients, - nrequests_client_max); + return virNetServerServiceNewFDs(fds, + ARRAY_CARDINALITY(fds), + auth, + tls, + readonly, + max_queued_clients, + nrequests_client_max); } } =20 @@ -253,30 +255,39 @@ virNetServerServicePtr virNetServerServiceNewUNIX(con= st char *path, return svc; } =20 -virNetServerServicePtr virNetServerServiceNewFD(int fd, - int auth, - virNetTLSContextPtr tls, - bool readonly, - size_t max_queued_clients, - size_t nrequests_client_ma= x) +virNetServerServicePtr virNetServerServiceNewFDs(int *fds, + size_t nfds, + int auth, + virNetTLSContextPtr tls, + bool readonly, + size_t max_queued_clients, + size_t nrequests_client_m= ax) { - virNetServerServicePtr svc; - virNetSocketPtr sock; + virNetServerServicePtr svc =3D NULL; + virNetSocketPtr *socks; + size_t i; =20 - if (virNetSocketNewListenFD(fd, - &sock) < 0) - return NULL; + if (VIR_ALLOC_N(socks, nfds) < 0) + goto cleanup; =20 - svc =3D virNetServerServiceNewSocket(&sock, - 1, + for (i =3D 0; i < nfds; i++) { + if (virNetSocketNewListenFD(fds[i], + &socks[i]) < 0) + goto cleanup; + } + + svc =3D virNetServerServiceNewSocket(socks, + nfds, auth, tls, readonly, max_queued_clients, nrequests_client_max); =20 - virObjectUnref(sock); - + cleanup: + for (i =3D 0; i < nfds && socks; i++) + virObjectUnref(socks[i]); + VIR_FREE(socks); return svc; } =20 diff --git a/src/rpc/virnetserverservice.h b/src/rpc/virnetserverservice.h index 5dd22bd929..59ee51e5ee 100644 --- a/src/rpc/virnetserverservice.h +++ b/src/rpc/virnetserverservice.h @@ -60,12 +60,13 @@ virNetServerServicePtr virNetServerServiceNewUNIX(const= char *path, bool readonly, size_t max_queued_client= s, size_t nrequests_client_= max); -virNetServerServicePtr virNetServerServiceNewFD(int fd, - int auth, - virNetTLSContextPtr tls, - bool readonly, - size_t max_queued_clients, - size_t nrequests_client_ma= x); +virNetServerServicePtr virNetServerServiceNewFDs(int *fd, + size_t nfds, + int auth, + virNetTLSContextPtr tls, + bool readonly, + size_t max_queued_clients, + size_t nrequests_client_m= ax); =20 virNetServerServicePtr virNetServerServiceNewPostExecRestart(virJSONValueP= tr object); =20 --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri Apr 19 09:18:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562854080; cv=none; d=zoho.com; s=zohoarc; b=cJCQDH+5gpOHoDkADgmmDfwxhW7yIw0lBQDpMwi5CepI41TQQGrEsmNvt8Infj6jtrZrmd17g5JRatDcjjiK6d/dU+A6fZ+jONk9aJseUgslFJJzyS5jzQzs5XFciBn7SRzzNsbQd28sNAojm8EHCKV+6p235zmjUcTuFa6hCtI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562854080; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=iAjqnqv0aJ3oDVLGtjKvyQuAtCOtOifed8SH/CxVis4=; b=RCWy6US443rou/Rncdv5WuTApR7AhljYSd/mKlOOX6OmVja8GWyr1AbWWhCHrQ3W2dwYgPqVOx6Wqzx+S0N3Ycr7Kd5h661ERBGBLTkhr0K0xduIO11LpmxKvrJG1hKocWc2byi6/6ezXzJDz9jIRNGu8fPyBdUrbAUqnCKaoQk= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562854080379264.3195498124792; Thu, 11 Jul 2019 07:08:00 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id B6D66C0587F5; Thu, 11 Jul 2019 14:07:57 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8504119729; Thu, 11 Jul 2019 14:07:57 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 36BDF1819AFD; Thu, 11 Jul 2019 14:07:57 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BE7okZ028823 for ; Thu, 11 Jul 2019 10:07:50 -0400 Received: by smtp.corp.redhat.com (Postfix) id CD23D60148; Thu, 11 Jul 2019 14:07:50 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 298B4600CD; Thu, 11 Jul 2019 14:07:50 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 15:07:28 +0100 Message-Id: <20190711140742.31029-6-berrange@redhat.com> In-Reply-To: <20190711140742.31029-1-berrange@redhat.com> References: <20190711140742.31029-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 05/19] rpc: avoid unlinking sockets passed in from systemd X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Thu, 11 Jul 2019 14:07:58 +0000 (UTC) Currently the socket code will unlink any UNIX socket path which is associated with a server socket. This is not fine grained enough, as we need to avoid unlinking server sockets we were passed by systemd. To deal with this we must explicitly track whether each socket needs to be unlinked when closed, separately of the client vs server state. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Michal Privoznik --- src/locking/lock_daemon.c | 1 + src/logging/log_daemon.c | 1 + src/rpc/virnetserverservice.c | 3 + src/rpc/virnetserverservice.h | 1 + src/rpc/virnetsocket.c | 55 ++++++++++++------- src/rpc/virnetsocket.h | 1 + .../input-data-anon-clients.json | 12 ++-- .../output-data-admin-server-names.json | 24 +++++--- tests/virnetdaemondata/output-data-admin.json | 24 +++++--- .../output-data-anon-clients.json | 12 ++-- .../output-data-client-auth-pending.json | 12 ++-- .../output-data-client-ids.json | 12 ++-- .../output-data-client-timestamp.json | 12 ++-- .../virnetdaemondata/output-data-initial.json | 12 ++-- .../output-data-no-keepalive-required.json | 24 +++++--- 15 files changed, 138 insertions(+), 68 deletions(-) diff --git a/src/locking/lock_daemon.c b/src/locking/lock_daemon.c index c10b2d383c..0f90606be6 100644 --- a/src/locking/lock_daemon.c +++ b/src/locking/lock_daemon.c @@ -619,6 +619,7 @@ virLockDaemonSetupNetworkingSystemD(virNetServerPtr loc= kSrv, virNetServerPtr adm * so the first FD we'll get is '3'. */ if (!(svc =3D virNetServerServiceNewFDs(fds, ARRAY_CARDINALITY(fds), + false, 0, NULL, false, 0, 1))) diff --git a/src/logging/log_daemon.c b/src/logging/log_daemon.c index 6531999381..30c70a20dd 100644 --- a/src/logging/log_daemon.c +++ b/src/logging/log_daemon.c @@ -554,6 +554,7 @@ virLogDaemonSetupNetworkingSystemD(virNetServerPtr logS= rv, virNetServerPtr admin * so the first FD we'll get is '3'. */ if (!(svc =3D virNetServerServiceNewFDs(fds, ARRAY_CARDINALITY(fds), + false, 0, NULL, false, 0, 1))) diff --git a/src/rpc/virnetserverservice.c b/src/rpc/virnetserverservice.c index 0d2f264696..315a4950df 100644 --- a/src/rpc/virnetserverservice.c +++ b/src/rpc/virnetserverservice.c @@ -121,6 +121,7 @@ virNetServerServiceNewFDOrUNIX(const char *path, */ return virNetServerServiceNewFDs(fds, ARRAY_CARDINALITY(fds), + false, auth, tls, readonly, @@ -257,6 +258,7 @@ virNetServerServicePtr virNetServerServiceNewUNIX(const= char *path, =20 virNetServerServicePtr virNetServerServiceNewFDs(int *fds, size_t nfds, + bool unlinkUNIX, int auth, virNetTLSContextPtr tls, bool readonly, @@ -272,6 +274,7 @@ virNetServerServicePtr virNetServerServiceNewFDs(int *f= ds, =20 for (i =3D 0; i < nfds; i++) { if (virNetSocketNewListenFD(fds[i], + unlinkUNIX, &socks[i]) < 0) goto cleanup; } diff --git a/src/rpc/virnetserverservice.h b/src/rpc/virnetserverservice.h index 59ee51e5ee..73d61dde99 100644 --- a/src/rpc/virnetserverservice.h +++ b/src/rpc/virnetserverservice.h @@ -62,6 +62,7 @@ virNetServerServicePtr virNetServerServiceNewUNIX(const c= har *path, size_t nrequests_client_= max); virNetServerServicePtr virNetServerServiceNewFDs(int *fd, size_t nfds, + bool unlinkUNIX, int auth, virNetTLSContextPtr tls, bool readonly, diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c index fc13b1654a..e23f6a648c 100644 --- a/src/rpc/virnetsocket.c +++ b/src/rpc/virnetsocket.c @@ -78,9 +78,10 @@ struct _virNetSocket { int watch; pid_t pid; int errfd; - bool client; + bool isClient; bool ownsFd; bool quietEOF; + bool unlinkUNIX; =20 /* Event callback fields */ virNetSocketIOFunc func; @@ -216,10 +217,14 @@ int virNetSocketCheckProtocols(bool *hasIPv4, } =20 =20 -static virNetSocketPtr virNetSocketNew(virSocketAddrPtr localAddr, - virSocketAddrPtr remoteAddr, - bool isClient, - int fd, int errfd, pid_t pid) +static virNetSocketPtr +virNetSocketNew(virSocketAddrPtr localAddr, + virSocketAddrPtr remoteAddr, + bool isClient, + int fd, + int errfd, + pid_t pid, + bool unlinkUNIX) { virNetSocketPtr sock; int no_slow_start =3D 1; @@ -254,6 +259,8 @@ static virNetSocketPtr virNetSocketNew(virSocketAddrPtr= localAddr, sock->pid =3D pid; sock->watch =3D -1; sock->ownsFd =3D true; + sock->isClient =3D isClient; + sock->unlinkUNIX =3D unlinkUNIX; =20 /* Disable nagle for TCP sockets */ if (sock->localAddr.data.sa.sa_family =3D=3D AF_INET || @@ -280,8 +287,6 @@ static virNetSocketPtr virNetSocketNew(virSocketAddrPtr= localAddr, !(sock->remoteAddrStrURI =3D virSocketAddrFormatFull(remoteAddr, t= rue, NULL))) goto error; =20 - sock->client =3D isClient; - PROBE(RPC_SOCKET_NEW, "sock=3D%p fd=3D%d errfd=3D%d pid=3D%lld localAddr=3D%s, remoteA= ddr=3D%s", sock, fd, errfd, (long long)pid, @@ -427,7 +432,7 @@ int virNetSocketNewListenTCP(const char *nodename, if (VIR_EXPAND_N(socks, nsocks, 1) < 0) goto error; =20 - if (!(socks[nsocks-1] =3D virNetSocketNew(&addr, NULL, false, fd, = -1, 0))) + if (!(socks[nsocks-1] =3D virNetSocketNew(&addr, NULL, false, fd, = -1, 0, false))) goto error; runp =3D runp->ai_next; fd =3D -1; @@ -513,7 +518,7 @@ int virNetSocketNewListenUNIX(const char *path, goto error; } =20 - if (!(*retsock =3D virNetSocketNew(&addr, NULL, false, fd, -1, 0))) + if (!(*retsock =3D virNetSocketNew(&addr, NULL, false, fd, -1, 0, true= ))) goto error; =20 return 0; @@ -538,6 +543,7 @@ int virNetSocketNewListenUNIX(const char *path ATTRIBUT= E_UNUSED, #endif =20 int virNetSocketNewListenFD(int fd, + bool unlinkUNIX, virNetSocketPtr *retsock) { virSocketAddr addr; @@ -551,7 +557,7 @@ int virNetSocketNewListenFD(int fd, return -1; } =20 - if (!(*retsock =3D virNetSocketNew(&addr, NULL, false, fd, -1, 0))) + if (!(*retsock =3D virNetSocketNew(&addr, NULL, false, fd, -1, 0, unli= nkUNIX))) return -1; =20 return 0; @@ -627,7 +633,7 @@ int virNetSocketNewConnectTCP(const char *nodename, goto error; } =20 - if (!(*retsock =3D virNetSocketNew(&localAddr, &remoteAddr, true, fd, = -1, 0))) + if (!(*retsock =3D virNetSocketNew(&localAddr, &remoteAddr, true, fd, = -1, 0, false))) goto error; =20 freeaddrinfo(ai); @@ -752,7 +758,7 @@ int virNetSocketNewConnectUNIX(const char *path, goto cleanup; } =20 - if (!(*retsock =3D virNetSocketNew(&localAddr, &remoteAddr, true, fd, = -1, 0))) + if (!(*retsock =3D virNetSocketNew(&localAddr, &remoteAddr, true, fd, = -1, 0, false))) goto cleanup; =20 ret =3D 0; @@ -820,7 +826,7 @@ int virNetSocketNewConnectCommand(virCommandPtr cmd, VIR_FORCE_CLOSE(sv[1]); VIR_FORCE_CLOSE(errfd[1]); =20 - if (!(*retsock =3D virNetSocketNew(NULL, NULL, true, sv[0], errfd[0], = pid))) + if (!(*retsock =3D virNetSocketNew(NULL, NULL, true, sv[0], errfd[0], = pid, false))) goto error; =20 virCommandFree(cmd); @@ -1219,7 +1225,7 @@ int virNetSocketNewConnectSockFD(int sockfd, return -1; } =20 - if (!(*retsock =3D virNetSocketNew(&localAddr, NULL, true, sockfd, -1,= -1))) + if (!(*retsock =3D virNetSocketNew(&localAddr, NULL, true, sockfd, -1,= -1, false))) return -1; =20 return 0; @@ -1232,6 +1238,7 @@ virNetSocketPtr virNetSocketNewPostExecRestart(virJSO= NValuePtr object) virSocketAddr remoteAddr; int fd, thepid, errfd; bool isClient; + bool unlinkUNIX; =20 if (virJSONValueObjectGetNumberInt(object, "fd", &fd) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", @@ -1250,12 +1257,16 @@ virNetSocketPtr virNetSocketNewPostExecRestart(virJ= SONValuePtr object) _("Missing errfd data in JSON document")); return NULL; } + if (virJSONValueObjectGetBoolean(object, "isClient", &isClient) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("Missing isClient data in JSON document")); return NULL; } =20 + if (virJSONValueObjectGetBoolean(object, "unlinkUNIX", &unlinkUNIX) < = 0) + unlinkUNIX =3D !isClient; + memset(&localAddr, 0, sizeof(localAddr)); memset(&remoteAddr, 0, sizeof(remoteAddr)); =20 @@ -1271,8 +1282,8 @@ virNetSocketPtr virNetSocketNewPostExecRestart(virJSO= NValuePtr object) return NULL; } =20 - return virNetSocketNew(&localAddr, &remoteAddr, - isClient, fd, errfd, thepid); + return virNetSocketNew(&localAddr, &remoteAddr, isClient, + fd, errfd, thepid, unlinkUNIX); } =20 =20 @@ -1309,7 +1320,10 @@ virJSONValuePtr virNetSocketPreExecRestart(virNetSoc= ketPtr sock) if (virJSONValueObjectAppendNumberInt(object, "pid", sock->pid) < 0) goto error; =20 - if (virJSONValueObjectAppendBoolean(object, "isClient", sock->client) = < 0) + if (virJSONValueObjectAppendBoolean(object, "isClient", sock->isClient= ) < 0) + goto error; + + if (virJSONValueObjectAppendBoolean(object, "unlinkUNIX", sock->unlink= UNIX) < 0) goto error; =20 if (virSetInherit(sock->fd, true) < 0) { @@ -1350,7 +1364,7 @@ void virNetSocketDispose(void *obj) =20 #ifdef HAVE_SYS_UN_H /* If a server socket, then unlink UNIX path */ - if (!sock->client && + if (sock->unlinkUNIX && sock->localAddr.data.sa.sa_family =3D=3D AF_UNIX && sock->localAddr.data.un.sun_path[0] !=3D '\0') unlink(sock->localAddr.data.un.sun_path); @@ -2141,7 +2155,8 @@ int virNetSocketAccept(virNetSocketPtr sock, virNetSo= cketPtr *clientsock) if (!(*clientsock =3D virNetSocketNew(&localAddr, &remoteAddr, true, - fd, -1, 0))) + fd, -1, 0, + false))) goto cleanup; =20 fd =3D -1; @@ -2272,7 +2287,7 @@ void virNetSocketClose(virNetSocketPtr sock) =20 #ifdef HAVE_SYS_UN_H /* If a server socket, then unlink UNIX path */ - if (!sock->client && + if (sock->unlinkUNIX && sock->localAddr.data.sa.sa_family =3D=3D AF_UNIX && sock->localAddr.data.un.sun_path[0] !=3D '\0') { if (unlink(sock->localAddr.data.un.sun_path) =3D=3D 0) diff --git a/src/rpc/virnetsocket.h b/src/rpc/virnetsocket.h index de5a465cde..2f626cb08f 100644 --- a/src/rpc/virnetsocket.h +++ b/src/rpc/virnetsocket.h @@ -58,6 +58,7 @@ int virNetSocketNewListenUNIX(const char *path, virNetSocketPtr *addr); =20 int virNetSocketNewListenFD(int fd, + bool unlinkUNIX, virNetSocketPtr *addr); =20 int virNetSocketNewConnectTCP(const char *nodename, diff --git a/tests/virnetdaemondata/input-data-anon-clients.json b/tests/vi= rnetdaemondata/input-data-anon-clients.json index 8058fe0a43..3ca2af3899 100644 --- a/tests/virnetdaemondata/input-data-anon-clients.json +++ b/tests/virnetdaemondata/input-data-anon-clients.json @@ -17,7 +17,8 @@ "fd": 100, "errfd": -1, "pid": 0, - "isClient": false + "isClient": false, + "unlinkUNIX": true } ] }, @@ -30,7 +31,8 @@ "fd": 101, "errfd": -1, "pid": 0, - "isClient": false + "isClient": false, + "unlinkUNIX": true } ] } @@ -44,7 +46,8 @@ "fd": 102, "errfd": -1, "pid": -1, - "isClient": true + "isClient": true, + "unlinkUNIX": false }, "privateData": 1729 }, @@ -56,7 +59,8 @@ "fd": 103, "errfd": -1, "pid": -1, - "isClient": true + "isClient": true, + "unlinkUNIX": false }, "privateData": 1729 } diff --git a/tests/virnetdaemondata/output-data-admin-server-names.json b/t= ests/virnetdaemondata/output-data-admin-server-names.json index 04cb5e6bb3..4488a23291 100644 --- a/tests/virnetdaemondata/output-data-admin-server-names.json +++ b/tests/virnetdaemondata/output-data-admin-server-names.json @@ -19,7 +19,8 @@ "fd": 100, "errfd": -1, "pid": 0, - "isClient": false + "isClient": false, + "unlinkUNIX": true } ] }, @@ -32,7 +33,8 @@ "fd": 101, "errfd": -1, "pid": 0, - "isClient": false + "isClient": false, + "unlinkUNIX": true } ] } @@ -48,7 +50,8 @@ "fd": 102, "errfd": -1, "pid": -1, - "isClient": true + "isClient": true, + "unlinkUNIX": false }, "privateData": 1729 }, @@ -62,7 +65,8 @@ "fd": 103, "errfd": -1, "pid": -1, - "isClient": true + "isClient": true, + "unlinkUNIX": false }, "privateData": 1729 } @@ -87,7 +91,8 @@ "fd": 100, "errfd": -1, "pid": 0, - "isClient": false + "isClient": false, + "unlinkUNIX": true } ] }, @@ -100,7 +105,8 @@ "fd": 101, "errfd": -1, "pid": 0, - "isClient": false + "isClient": false, + "unlinkUNIX": true } ] } @@ -116,7 +122,8 @@ "fd": 102, "errfd": -1, "pid": -1, - "isClient": true + "isClient": true, + "unlinkUNIX": false }, "privateData": 1729 }, @@ -130,7 +137,8 @@ "fd": 103, "errfd": -1, "pid": -1, - "isClient": true + "isClient": true, + "unlinkUNIX": false }, "privateData": 1729 } diff --git a/tests/virnetdaemondata/output-data-admin.json b/tests/virnetda= emondata/output-data-admin.json index 04cb5e6bb3..4488a23291 100644 --- a/tests/virnetdaemondata/output-data-admin.json +++ b/tests/virnetdaemondata/output-data-admin.json @@ -19,7 +19,8 @@ "fd": 100, "errfd": -1, "pid": 0, - "isClient": false + "isClient": false, + "unlinkUNIX": true } ] }, @@ -32,7 +33,8 @@ "fd": 101, "errfd": -1, "pid": 0, - "isClient": false + "isClient": false, + "unlinkUNIX": true } ] } @@ -48,7 +50,8 @@ "fd": 102, "errfd": -1, "pid": -1, - "isClient": true + "isClient": true, + "unlinkUNIX": false }, "privateData": 1729 }, @@ -62,7 +65,8 @@ "fd": 103, "errfd": -1, "pid": -1, - "isClient": true + "isClient": true, + "unlinkUNIX": false }, "privateData": 1729 } @@ -87,7 +91,8 @@ "fd": 100, "errfd": -1, "pid": 0, - "isClient": false + "isClient": false, + "unlinkUNIX": true } ] }, @@ -100,7 +105,8 @@ "fd": 101, "errfd": -1, "pid": 0, - "isClient": false + "isClient": false, + "unlinkUNIX": true } ] } @@ -116,7 +122,8 @@ "fd": 102, "errfd": -1, "pid": -1, - "isClient": true + "isClient": true, + "unlinkUNIX": false }, "privateData": 1729 }, @@ -130,7 +137,8 @@ "fd": 103, "errfd": -1, "pid": -1, - "isClient": true + "isClient": true, + "unlinkUNIX": false }, "privateData": 1729 } diff --git a/tests/virnetdaemondata/output-data-anon-clients.json b/tests/v= irnetdaemondata/output-data-anon-clients.json index 49fe89be48..c7090d2ed8 100644 --- a/tests/virnetdaemondata/output-data-anon-clients.json +++ b/tests/virnetdaemondata/output-data-anon-clients.json @@ -19,7 +19,8 @@ "fd": 100, "errfd": -1, "pid": 0, - "isClient": false + "isClient": false, + "unlinkUNIX": true } ] }, @@ -32,7 +33,8 @@ "fd": 101, "errfd": -1, "pid": 0, - "isClient": false + "isClient": false, + "unlinkUNIX": true } ] } @@ -48,7 +50,8 @@ "fd": 102, "errfd": -1, "pid": -1, - "isClient": true + "isClient": true, + "unlinkUNIX": false }, "privateData": 1729 }, @@ -62,7 +65,8 @@ "fd": 103, "errfd": -1, "pid": -1, - "isClient": true + "isClient": true, + "unlinkUNIX": false }, "privateData": 1729 } diff --git a/tests/virnetdaemondata/output-data-client-auth-pending.json b/= tests/virnetdaemondata/output-data-client-auth-pending.json index 0675404e6c..9011588d8d 100644 --- a/tests/virnetdaemondata/output-data-client-auth-pending.json +++ b/tests/virnetdaemondata/output-data-client-auth-pending.json @@ -19,7 +19,8 @@ "fd": 100, "errfd": -1, "pid": 0, - "isClient": false + "isClient": false, + "unlinkUNIX": true } ] }, @@ -32,7 +33,8 @@ "fd": 101, "errfd": -1, "pid": 0, - "isClient": false + "isClient": false, + "unlinkUNIX": true } ] } @@ -48,7 +50,8 @@ "fd": 102, "errfd": -1, "pid": -1, - "isClient": true + "isClient": true, + "unlinkUNIX": false }, "privateData": 1729 }, @@ -62,7 +65,8 @@ "fd": 103, "errfd": -1, "pid": -1, - "isClient": true + "isClient": true, + "unlinkUNIX": false }, "privateData": 1729 } diff --git a/tests/virnetdaemondata/output-data-client-ids.json b/tests/vir= netdaemondata/output-data-client-ids.json index 90c3383a93..5840757614 100644 --- a/tests/virnetdaemondata/output-data-client-ids.json +++ b/tests/virnetdaemondata/output-data-client-ids.json @@ -19,7 +19,8 @@ "fd": 100, "errfd": -1, "pid": 0, - "isClient": false + "isClient": false, + "unlinkUNIX": true } ] }, @@ -32,7 +33,8 @@ "fd": 101, "errfd": -1, "pid": 0, - "isClient": false + "isClient": false, + "unlinkUNIX": true } ] } @@ -48,7 +50,8 @@ "fd": 102, "errfd": -1, "pid": -1, - "isClient": true + "isClient": true, + "unlinkUNIX": false }, "privateData": 1729 }, @@ -62,7 +65,8 @@ "fd": 103, "errfd": -1, "pid": -1, - "isClient": true + "isClient": true, + "unlinkUNIX": false }, "privateData": 1729 } diff --git a/tests/virnetdaemondata/output-data-client-timestamp.json b/tes= ts/virnetdaemondata/output-data-client-timestamp.json index 9cfb069793..e685475c4a 100644 --- a/tests/virnetdaemondata/output-data-client-timestamp.json +++ b/tests/virnetdaemondata/output-data-client-timestamp.json @@ -19,7 +19,8 @@ "fd": 100, "errfd": -1, "pid": 0, - "isClient": false + "isClient": false, + "unlinkUNIX": true } ] }, @@ -32,7 +33,8 @@ "fd": 101, "errfd": -1, "pid": 0, - "isClient": false + "isClient": false, + "unlinkUNIX": true } ] } @@ -49,7 +51,8 @@ "fd": 102, "errfd": -1, "pid": -1, - "isClient": true + "isClient": true, + "unlinkUNIX": false }, "privateData": 1729 }, @@ -64,7 +67,8 @@ "fd": 103, "errfd": -1, "pid": -1, - "isClient": true + "isClient": true, + "unlinkUNIX": false }, "privateData": 1729 } diff --git a/tests/virnetdaemondata/output-data-initial.json b/tests/virnet= daemondata/output-data-initial.json index 916297c59d..f887d37379 100644 --- a/tests/virnetdaemondata/output-data-initial.json +++ b/tests/virnetdaemondata/output-data-initial.json @@ -19,7 +19,8 @@ "fd": 100, "errfd": -1, "pid": 0, - "isClient": false + "isClient": false, + "unlinkUNIX": true } ] }, @@ -32,7 +33,8 @@ "fd": 101, "errfd": -1, "pid": 0, - "isClient": false + "isClient": false, + "unlinkUNIX": true } ] } @@ -48,7 +50,8 @@ "fd": 102, "errfd": -1, "pid": -1, - "isClient": true + "isClient": true, + "unlinkUNIX": false }, "privateData": 1729 }, @@ -62,7 +65,8 @@ "fd": 103, "errfd": -1, "pid": -1, - "isClient": true + "isClient": true, + "unlinkUNIX": false }, "privateData": 1729 } diff --git a/tests/virnetdaemondata/output-data-no-keepalive-required.json = b/tests/virnetdaemondata/output-data-no-keepalive-required.json index 04cb5e6bb3..4488a23291 100644 --- a/tests/virnetdaemondata/output-data-no-keepalive-required.json +++ b/tests/virnetdaemondata/output-data-no-keepalive-required.json @@ -19,7 +19,8 @@ "fd": 100, "errfd": -1, "pid": 0, - "isClient": false + "isClient": false, + "unlinkUNIX": true } ] }, @@ -32,7 +33,8 @@ "fd": 101, "errfd": -1, "pid": 0, - "isClient": false + "isClient": false, + "unlinkUNIX": true } ] } @@ -48,7 +50,8 @@ "fd": 102, "errfd": -1, "pid": -1, - "isClient": true + "isClient": true, + "unlinkUNIX": false }, "privateData": 1729 }, @@ -62,7 +65,8 @@ "fd": 103, "errfd": -1, "pid": -1, - "isClient": true + "isClient": true, + "unlinkUNIX": false }, "privateData": 1729 } @@ -87,7 +91,8 @@ "fd": 100, "errfd": -1, "pid": 0, - "isClient": false + "isClient": false, + "unlinkUNIX": true } ] }, @@ -100,7 +105,8 @@ "fd": 101, "errfd": -1, "pid": 0, - "isClient": false + "isClient": false, + "unlinkUNIX": true } ] } @@ -116,7 +122,8 @@ "fd": 102, "errfd": -1, "pid": -1, - "isClient": true + "isClient": true, + "unlinkUNIX": false }, "privateData": 1729 }, @@ -130,7 +137,8 @@ "fd": 103, "errfd": -1, "pid": -1, - "isClient": true + "isClient": true, + "unlinkUNIX": false }, "privateData": 1729 } --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri Apr 19 09:18:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562854083; cv=none; d=zoho.com; s=zohoarc; b=OqroxlCwBXTr1lK5pHqIiFzms9YL5GR/a75PN9o37YtQwdUFTjH8h78oXebyXXCP5k/DZ8/VUeSgBWUOiQbUWy1Ipi1jai18HzY5ma2QOzcb9CGvuuHy//Pm6T39+rhLSilg1G29M4xB2LMot4WZWIeqqJPIdyogb6vD5x1cvWA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562854083; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=YzlUvT5BaEXPsac4vITeT81jnSqFLc+87vRJyCv5f48=; b=EmStOTwHJPSrnpWjnQj7R+3nXiVHyRqDeg6M2H0ygeF7+b/yByH1fVsygh2kNe/NhhnGqhapsUyzmddAM4r0xa+F56PMUfputsK9/jnh5OMUq/5zKJ1YaChnjWRPjnDXXXcsR+TcHH8uYyb8ukDGhZpfVYU8+jmhkElg4jeopFo= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562854083105520.5129910766834; Thu, 11 Jul 2019 07:08:03 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 46FA1882EF; Thu, 11 Jul 2019 14:08:01 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 1828960603; Thu, 11 Jul 2019 14:08:01 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id C99121833001; Thu, 11 Jul 2019 14:08:00 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BE7pfo028831 for ; Thu, 11 Jul 2019 10:07:51 -0400 Received: by smtp.corp.redhat.com (Postfix) id 9E0A9600CD; Thu, 11 Jul 2019 14:07:51 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1B1436014C; Thu, 11 Jul 2019 14:07:50 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 15:07:29 +0100 Message-Id: <20190711140742.31029-7-berrange@redhat.com> In-Reply-To: <20190711140742.31029-1-berrange@redhat.com> References: <20190711140742.31029-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 06/19] rpc: add helper APIs for adding services with systemd activation X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Thu, 11 Jul 2019 14:08:01 +0000 (UTC) Currently code has to first create the service and then separately register it with the server. If the socket associated with a particular service is not passed from systemd we want to skip creating the service altogether. This means we can't put the systemd activation logic into the constructors for virNetServerService. This patch thus creates some helper methods against virNetServer which combine systemd activation, service creation and service registration into one single operation. This operation is automatically a no-op if systemd activation is present and no sockets were passed in. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Michal Privoznik --- src/libvirt_remote.syms | 2 + src/rpc/virnetserver.c | 145 ++++++++++++++++++++++++++++++++++++++++ src/rpc/virnetserver.h | 23 +++++++ 3 files changed, 170 insertions(+) diff --git a/src/libvirt_remote.syms b/src/libvirt_remote.syms index f05f1827f0..d855078186 100644 --- a/src/libvirt_remote.syms +++ b/src/libvirt_remote.syms @@ -114,6 +114,8 @@ virNetMessageSaveError; virNetServerAddClient; virNetServerAddProgram; virNetServerAddService; +virNetServerAddServiceTCP; +virNetServerAddServiceUNIX; virNetServerClose; virNetServerGetClient; virNetServerGetClients; diff --git a/src/rpc/virnetserver.c b/src/rpc/virnetserver.c index 0f3fa63fbb..894feae406 100644 --- a/src/rpc/virnetserver.c +++ b/src/rpc/virnetserver.c @@ -668,6 +668,151 @@ int virNetServerAddService(virNetServerPtr srv, return -1; } =20 + +static int +virNetServerAddServiceActivation(virNetServerPtr srv, + virSystemdActivationPtr act, + const char *actname, + int auth, + virNetTLSContextPtr tls, + bool readonly, + size_t max_queued_clients, + size_t nrequests_client_max) +{ + int *fds; + size_t nfds; + + if (act =3D=3D NULL) + return 0; + + virSystemdActivationClaimFDs(act, actname, &fds, &nfds); + + if (nfds) { + virNetServerServicePtr svc; + + svc =3D virNetServerServiceNewFDs(fds, + nfds, + false, + auth, + tls, + readonly, + max_queued_clients, + nrequests_client_max); + if (!svc) + return -1; + + if (virNetServerAddService(srv, svc) < 0) { + virObjectUnref(svc); + return -1; + } + } + + /* Intentionally return 1 any time activation is present, + * even if we didn't find any sockets with the matching + * name. The user needs to be free to disable some of the + * services via unit files without causing us to fallback + * to creating the service manually. + */ + return 1; +} + + +int virNetServerAddServiceTCP(virNetServerPtr srv, + virSystemdActivationPtr act, + const char *actname, + const char *nodename, + const char *service, + int family, + int auth, + virNetTLSContextPtr tls, + bool readonly, + size_t max_queued_clients, + size_t nrequests_client_max) +{ + virNetServerServicePtr svc =3D NULL; + int ret; + + ret =3D virNetServerAddServiceActivation(srv, act, actname, + auth, + tls, + readonly, + max_queued_clients, + nrequests_client_max); + if (ret < 0) + return -1; + + if (ret =3D=3D 1) + return 0; + + if (!(svc =3D virNetServerServiceNewTCP(nodename, + service, + family, + auth, + tls, + readonly, + max_queued_clients, + nrequests_client_max))) + return -1; + + if (virNetServerAddService(srv, svc) < 0) { + virObjectUnref(svc); + return -1; + } + + virObjectUnref(svc); + + return 0; +} + + +int virNetServerAddServiceUNIX(virNetServerPtr srv, + virSystemdActivationPtr act, + const char *actname, + const char *path, + mode_t mask, + gid_t grp, + int auth, + virNetTLSContextPtr tls, + bool readonly, + size_t max_queued_clients, + size_t nrequests_client_max) +{ + virNetServerServicePtr svc =3D NULL; + int ret; + + ret =3D virNetServerAddServiceActivation(srv, act, actname, + auth, + tls, + readonly, + max_queued_clients, + nrequests_client_max); + if (ret < 0) + return -1; + + if (ret =3D=3D 1) + return 0; + + if (!(svc =3D virNetServerServiceNewUNIX(path, + mask, + grp, + auth, + tls, + readonly, + max_queued_clients, + nrequests_client_max))) + return -1; + + if (virNetServerAddService(srv, svc) < 0) { + virObjectUnref(svc); + return -1; + } + + virObjectUnref(svc); + + return 0; +} + + int virNetServerAddProgram(virNetServerPtr srv, virNetServerProgramPtr prog) { diff --git a/src/rpc/virnetserver.h b/src/rpc/virnetserver.h index 6b2541588c..1b4184733f 100644 --- a/src/rpc/virnetserver.h +++ b/src/rpc/virnetserver.h @@ -27,6 +27,7 @@ #include "virnetserverservice.h" #include "virobject.h" #include "virjson.h" +#include "virsystemd.h" =20 =20 virNetServerPtr virNetServerNew(const char *name, @@ -60,6 +61,28 @@ virJSONValuePtr virNetServerPreExecRestart(virNetServerP= tr srv); =20 int virNetServerAddService(virNetServerPtr srv, virNetServerServicePtr svc); +int virNetServerAddServiceTCP(virNetServerPtr srv, + virSystemdActivationPtr act, + const char *actname, + const char *nodename, + const char *service, + int family, + int auth, + virNetTLSContextPtr tls, + bool readonly, + size_t max_queued_clients, + size_t nrequests_client_max); +int virNetServerAddServiceUNIX(virNetServerPtr srv, + virSystemdActivationPtr act, + const char *actname, + const char *path, + mode_t mask, + gid_t grp, + int auth, + virNetTLSContextPtr tls, + bool readonly, + size_t max_queued_clients, + size_t nrequests_client_max); =20 int virNetServerAddProgram(virNetServerPtr srv, virNetServerProgramPtr prog); --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri Apr 19 09:18:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562854075; cv=none; d=zoho.com; s=zohoarc; b=Lg830Tty/21iwZ5RH7Zg/mcipZGklP3IVwD+yWo/A9gCJKcTgtXSZ7kRxMuXBtHahfkiDOrx+3mss2EnkZphn+UtzAXpUUWOcxq8lUk3OqwSoVOOBUth9xEZAjPKL5dWi+k7Qqx8ovqI96BQdEvAMwBfThlyjLXKUBGDiv5cVN0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562854075; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=+GmbfifUgGqP8jR5NBaiuM9NGdU9SlvmZ49o55h0uzQ=; b=m6WOZJxg+xXSPB8p9OzC/FShN579mNxebiBadH70SvJK4ssRZ9m1iEqpSFTDNydvqyW2xXWCGn5doY7+7kOXAqKuLCOdW/wosh/bXuGhYf3Lj4yWe9TOwEsCdXQvQkV8qrfFf/cn19EUQBE6mw5Rxu+93KsL+Xp2klt+QT8rA18= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562854075226304.7442731433546; Thu, 11 Jul 2019 07:07:55 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 4CB82C049E23; Thu, 11 Jul 2019 14:07:53 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 26BA160C05; Thu, 11 Jul 2019 14:07:53 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id D616241F66; Thu, 11 Jul 2019 14:07:52 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BE7qYn028843 for ; Thu, 11 Jul 2019 10:07:52 -0400 Received: by smtp.corp.redhat.com (Postfix) id 70FB56014C; Thu, 11 Jul 2019 14:07:52 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id DFE9B600CD; Thu, 11 Jul 2019 14:07:51 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 15:07:30 +0100 Message-Id: <20190711140742.31029-8-berrange@redhat.com> In-Reply-To: <20190711140742.31029-1-berrange@redhat.com> References: <20190711140742.31029-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 07/19] rpc: add API for checking whether an auth scheme is in use on a server X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Thu, 11 Jul 2019 14:07:53 +0000 (UTC) Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Michal Privoznik --- src/libvirt_remote.syms | 1 + src/rpc/virnetserver.c | 17 +++++++++++++++++ src/rpc/virnetserver.h | 3 +++ 3 files changed, 21 insertions(+) diff --git a/src/libvirt_remote.syms b/src/libvirt_remote.syms index d855078186..386137c0d8 100644 --- a/src/libvirt_remote.syms +++ b/src/libvirt_remote.syms @@ -126,6 +126,7 @@ virNetServerGetMaxUnauthClients; virNetServerGetName; virNetServerGetThreadPoolParameters; virNetServerHasClients; +virNetServerNeedsAuth; virNetServerNew; virNetServerNewPostExecRestart; virNetServerNextClientID; diff --git a/src/rpc/virnetserver.c b/src/rpc/virnetserver.c index 894feae406..e229f57bab 100644 --- a/src/rpc/virnetserver.c +++ b/src/rpc/virnetserver.c @@ -1098,6 +1098,23 @@ virNetServerGetCurrentUnauthClients(virNetServerPtr = srv) return ret; } =20 + +bool virNetServerNeedsAuth(virNetServerPtr srv, + int auth) +{ + bool ret =3D false; + size_t i; + + virObjectLock(srv); + for (i =3D 0; i < srv->nservices; i++) { + if (virNetServerServiceGetAuth(srv->services[i]) =3D=3D auth) + ret =3D true; + } + virObjectUnlock(srv); + + return ret; +} + int virNetServerGetClients(virNetServerPtr srv, virNetServerClientPtr **clts) diff --git a/src/rpc/virnetserver.h b/src/rpc/virnetserver.h index 1b4184733f..260c99b22d 100644 --- a/src/rpc/virnetserver.h +++ b/src/rpc/virnetserver.h @@ -119,6 +119,9 @@ unsigned long long virNetServerNextClientID(virNetServe= rPtr srv); virNetServerClientPtr virNetServerGetClient(virNetServerPtr srv, unsigned long long id); =20 +bool virNetServerNeedsAuth(virNetServerPtr srv, + int auth); + int virNetServerGetClients(virNetServerPtr srv, virNetServerClientPtr **clients); =20 --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri Apr 19 09:18:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562854087; cv=none; d=zoho.com; s=zohoarc; b=fyik5tNti7emasv/ZgeYjB5HPCkltpkih913jm27J/gjbXgsjOAm0VeKSVszmy2hEbFCnJqnO6M9YlPIsyjzywiZKpeNJ4s0pe4OZAgF1LIMP3H/1yTgdSxMDBQI6I0d8CcnvKI0ouzNtn8YpUplbUPzza+f7Hw1coVJGYyiAxM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562854087; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=NP6PBuuxBG0qhvj9bKDJmg9Oy0opfZ3rLiXw9ga+EyY=; b=fZ7Pu+Zhm9cPR3VaGRq2jLXFWFGMKrA4PrA4n/wvlPcTA9zgcQCs0KJUNfB177i6968LVTbuanC3NGzxRGeBFy4KYf36GUYmpxSu8ydaWvev3cPNRMCTUo7u4GKhZDnVCNZ5UeOYE9DuW5iFzLDFfele0A2kVS07KzZwcAL64vQ= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562854087958518.0781915964283; Thu, 11 Jul 2019 07:08:07 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 0AE3A30917AB; Thu, 11 Jul 2019 14:08:06 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D4F525D72E; Thu, 11 Jul 2019 14:08:05 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 857161833008; Thu, 11 Jul 2019 14:08:05 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BE7rtL028848 for ; Thu, 11 Jul 2019 10:07:53 -0400 Received: by smtp.corp.redhat.com (Postfix) id 3F81F60150; Thu, 11 Jul 2019 14:07:53 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id B06D4600CD; Thu, 11 Jul 2019 14:07:52 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 15:07:31 +0100 Message-Id: <20190711140742.31029-9-berrange@redhat.com> In-Reply-To: <20190711140742.31029-1-berrange@redhat.com> References: <20190711140742.31029-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 08/19] remote: simplify libvirtd code for deciding if SASL auth is needed X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.41]); Thu, 11 Jul 2019 14:08:06 +0000 (UTC) Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Michal Privoznik --- src/remote/remote_daemon.c | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c index fdc9e4333a..0dabd3dff8 100644 --- a/src/remote/remote_daemon.c +++ b/src/remote/remote_daemon.c @@ -534,15 +534,10 @@ daemonSetupNetworking(virNetServerPtr srv, } =20 #if WITH_SASL - if (config->auth_unix_rw =3D=3D REMOTE_AUTH_SASL || - (sock_path_ro && config->auth_unix_ro =3D=3D REMOTE_AUTH_SASL) || - (ipsock && config->listen_tls && config->auth_tls =3D=3D REMOTE_AU= TH_SASL) || - (ipsock && config->listen_tcp && config->auth_tcp =3D=3D REMOTE_AU= TH_SASL)) { - saslCtxt =3D virNetSASLContextNewServer( - (const char *const*)config->sasl_allowed_username_list); - if (!saslCtxt) + if (virNetServerNeedsAuth(srv, REMOTE_AUTH_SASL) && + !(saslCtxt =3D virNetSASLContextNewServer( + (const char *const*)config->sasl_allowed_username_list))) goto cleanup; - } #endif =20 ret =3D 0; --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri Apr 19 09:18:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562854087; cv=none; d=zoho.com; s=zohoarc; b=fpuYYZGI2ws3xsAgMgR0U3A/b2ygbIE3MumysYYNZq6vtlE/TvEuOz2o6jakF0/gQOjEP3Bo4GDIgTdWHkjY+6kY3tEFVt8MwwT3cIEwQ9xnGBkUeFpffP98EjCUHDKISfL5472/Ng7TJl3YW1CyYl8ofaXP8OxJeLUT7sXCpi4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562854087; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=/9QDRY69zmFpAYAl28CEaQHXQVT8J4vixeEEj0X/dRg=; b=dyyPp1Qqlvq/zckEej+t73oLdyKEkwoAl97tiAWzGe/DJa4I7lV8qBdx/pDBXgqKEXbC/UYbVuVcdWKz3S/1vYAd+cIruvyx9+K2HupnQ+MI6xRlKRYWE5YuBHvsmWHotHYsvOIAXUCXZex2vpZdEB1avvWQf4mlkgAzokyq8Z8= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562854087225405.4329584521936; Thu, 11 Jul 2019 07:08:07 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 4BE9F30917A6; Thu, 11 Jul 2019 14:08:04 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id E899D5D9CC; Thu, 11 Jul 2019 14:08:03 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id AB758206D1; Thu, 11 Jul 2019 14:08:03 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BE7sQ3028861 for ; Thu, 11 Jul 2019 10:07:54 -0400 Received: by smtp.corp.redhat.com (Postfix) id 15CEB60156; Thu, 11 Jul 2019 14:07:54 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 827D5600CD; Thu, 11 Jul 2019 14:07:53 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 15:07:32 +0100 Message-Id: <20190711140742.31029-10-berrange@redhat.com> In-Reply-To: <20190711140742.31029-1-berrange@redhat.com> References: <20190711140742.31029-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 09/19] remote: fix handling of systemd activation wrt socket ordering X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.41]); Thu, 11 Jul 2019 14:08:04 +0000 (UTC) The current libvirtd code for systemd socket activation assumes socket FDs are passed in the order unix-rw, unix-ro, unix-admin. There is in fact no ordering guarantee made by systemd. Applications are expected to check the address or name associated with each FD to figure out its identity. This rewrites libvirtd to make use of the new systemd activation APIs to make it robust wrt socket ordering changes. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Michal Privoznik --- src/remote/remote_daemon.c | 244 ++++++++++++++++------------------ src/rpc/virnetserverservice.c | 7 + 2 files changed, 125 insertions(+), 126 deletions(-) diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c index 0dabd3dff8..b5228e8176 100644 --- a/src/remote/remote_daemon.c +++ b/src/remote/remote_daemon.c @@ -56,6 +56,7 @@ #include "virutil.h" #include "virgettext.h" #include "util/virnetdevopenvswitch.h" +#include "virsystemd.h" =20 #include "driver.h" =20 @@ -367,30 +368,34 @@ daemonSetupNetworking(virNetServerPtr srv, bool ipsock, bool privileged) { - virNetServerServicePtr svc =3D NULL; - virNetServerServicePtr svcAdm =3D NULL; - virNetServerServicePtr svcRO =3D NULL; - virNetServerServicePtr svcTCP =3D NULL; - virNetServerServicePtr svcTLS =3D NULL; gid_t unix_sock_gid =3D 0; int unix_sock_ro_mask =3D 0; int unix_sock_rw_mask =3D 0; int unix_sock_adm_mask =3D 0; int ret =3D -1; + VIR_AUTOPTR(virSystemdActivation) act =3D NULL; + virSystemdActivationMap actmap[] =3D { + { .name =3D "libvirtd.socket", .family =3D AF_UNIX, .path =3D sock= _path }, + { .name =3D "libvirtd-ro.socket", .family =3D AF_UNIX, .path =3D s= ock_path_ro }, + { .name =3D "libvirtd-admin.socket", .family =3D AF_UNIX, .path = =3D sock_path_adm }, + { .name =3D "libvirtd-tcp.socket", .family =3D AF_INET }, + { .name =3D "libvirtd-tls.socket", .family =3D AF_INET }, + }; + + if ((actmap[3].port =3D virSocketAddrResolveService(config->tcp_port))= < 0) + return -1; + + if ((actmap[4].port =3D virSocketAddrResolveService(config->tls_port))= < 0) + return -1; =20 - unsigned int cur_fd =3D STDERR_FILENO + 1; - unsigned int nfds =3D virGetListenFDs(); + if (virSystemdGetActivation(actmap, ARRAY_CARDINALITY(actmap), &act) <= 0) + return -1; =20 if (config->unix_sock_group) { if (virGetGroupID(config->unix_sock_group, &unix_sock_gid) < 0) return ret; } =20 - if (nfds > (sock_path_ro ? 2 : 1)) { - VIR_ERROR(_("Too many (%u) FDs passed from caller"), nfds); - return ret; - } - if (virStrToLong_i(config->unix_sock_ro_perms, NULL, 8, &unix_sock_ro_= mask) !=3D 0) { VIR_ERROR(_("Failed to parse mode '%s'"), config->unix_sock_ro_per= ms); goto cleanup; @@ -406,148 +411,135 @@ daemonSetupNetworking(virNetServerPtr srv, goto cleanup; } =20 - if (!(svc =3D virNetServerServiceNewFDOrUNIX(sock_path, - unix_sock_rw_mask, - unix_sock_gid, - config->auth_unix_rw, - NULL, - false, - config->max_queued_clients, - config->max_client_requests, - nfds, &cur_fd))) + if (virNetServerAddServiceUNIX(srv, + act, + "libvirtd.socket", + sock_path, + unix_sock_rw_mask, + unix_sock_gid, + config->auth_unix_rw, + NULL, + false, + config->max_queued_clients, + config->max_client_requests) < 0) goto cleanup; - if (sock_path_ro) { - if (!(svcRO =3D virNetServerServiceNewFDOrUNIX(sock_path_ro, - unix_sock_ro_mask, - unix_sock_gid, - config->auth_unix_ro, - NULL, - true, - config->max_queued_cl= ients, - config->max_client_re= quests, - nfds, &cur_fd))) - goto cleanup; - } - - if (virNetServerAddService(srv, svc) < 0) + if (sock_path_ro && + virNetServerAddServiceUNIX(srv, + act, + "libvirtd-ro.socket", + sock_path_ro, + unix_sock_ro_mask, + unix_sock_gid, + config->auth_unix_ro, + NULL, + true, + config->max_queued_clients, + config->max_client_requests) < 0) goto cleanup; =20 - if (svcRO && - virNetServerAddService(srv, svcRO) < 0) + if (sock_path_adm && + virNetServerAddServiceUNIX(srvAdm, + act, + "libvirtd-admin.socket", + sock_path_adm, + unix_sock_adm_mask, + unix_sock_gid, + REMOTE_AUTH_NONE, + NULL, + false, + config->admin_max_queued_clients, + config->admin_max_client_requests) < 0) goto cleanup; =20 - if (sock_path_adm) { - VIR_DEBUG("Registering unix socket %s", sock_path_adm); - if (!(svcAdm =3D virNetServerServiceNewUNIX(sock_path_adm, - unix_sock_adm_mask, - unix_sock_gid, - REMOTE_AUTH_NONE, - NULL, - false, - config->admin_max_queued= _clients, - config->admin_max_client= _requests))) - goto cleanup; + if (((ipsock && config->listen_tcp) || act) && + virNetServerAddServiceTCP(srv, + act, + "libvirtd-tcp.socket", + config->listen_addr, + config->tcp_port, + AF_UNSPEC, + config->auth_tcp, + NULL, + false, + config->max_queued_clients, + config->max_client_requests) < 0) + goto cleanup; =20 - if (virNetServerAddService(srvAdm, svcAdm) < 0) - goto cleanup; - } + if (((ipsock && config->listen_tls) || (act && virSystemdActivationHas= Name(act, "ip-tls")))) { + virNetTLSContextPtr ctxt =3D NULL; =20 - if (ipsock) { - if (config->listen_tcp) { - VIR_DEBUG("Registering TCP socket %s:%s", - config->listen_addr, config->tcp_port); - if (!(svcTCP =3D virNetServerServiceNewTCP(config->listen_addr, - config->tcp_port, - AF_UNSPEC, - config->auth_tcp, - NULL, - false, - config->max_queued_cl= ients, - config->max_client_re= quests))) + if (config->ca_file || + config->cert_file || + config->key_file) { + if (!config->ca_file) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("No CA certificate path set to match serv= er key/cert")); goto cleanup; - - if (virNetServerAddService(srv, svcTCP) < 0) + } + if (!config->cert_file) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("No server certificate path set to match = server key")); goto cleanup; - } - - if (config->listen_tls) { - virNetTLSContextPtr ctxt =3D NULL; - - if (config->ca_file || - config->cert_file || - config->key_file) { - if (!config->ca_file) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("No CA certificate path set to match = server key/cert")); - goto cleanup; - } - if (!config->cert_file) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("No server certificate path set to ma= tch server key")); - goto cleanup; - } - if (!config->key_file) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("No server key path set to match serv= er cert")); - goto cleanup; - } - VIR_DEBUG("Using CA=3D'%s' cert=3D'%s' key=3D'%s'", - config->ca_file, config->cert_file, config->key_= file); - if (!(ctxt =3D virNetTLSContextNewServer(config->ca_file, - config->crl_file, - config->cert_file, - config->key_file, + } + if (!config->key_file) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("No server key path set to match server c= ert")); + goto cleanup; + } + VIR_DEBUG("Using CA=3D'%s' cert=3D'%s' key=3D'%s'", + config->ca_file, config->cert_file, config->key_file= ); + if (!(ctxt =3D virNetTLSContextNewServer(config->ca_file, + config->crl_file, + config->cert_file, + config->key_file, + (const char *const*)con= fig->tls_allowed_dn_list, + config->tls_priority, + config->tls_no_sanity_c= ertificate ? false : true, + config->tls_no_verify_c= ertificate ? false : true))) + goto cleanup; + } else { + if (!(ctxt =3D virNetTLSContextNewServerPath(NULL, + !privileged, (const char *const*= )config->tls_allowed_dn_list, config->tls_priorit= y, config->tls_no_sani= ty_certificate ? false : true, config->tls_no_veri= fy_certificate ? false : true))) - goto cleanup; - } else { - if (!(ctxt =3D virNetTLSContextNewServerPath(NULL, - !privileged, - (const char *co= nst*)config->tls_allowed_dn_list, - config->tls_pri= ority, - config->tls_no_= sanity_certificate ? false : true, - config->tls_no_= verify_certificate ? false : true))) - goto cleanup; - } - - VIR_DEBUG("Registering TLS socket %s:%s", - config->listen_addr, config->tls_port); - if (!(svcTLS =3D - virNetServerServiceNewTCP(config->listen_addr, - config->tls_port, - AF_UNSPEC, - config->auth_tls, - ctxt, - false, - config->max_queued_clients, - config->max_client_requests)))= { - virObjectUnref(ctxt); - goto cleanup; - } - if (virNetServerAddService(srv, svcTLS) < 0) goto cleanup; + } =20 + VIR_DEBUG("Registering TLS socket %s:%s", + config->listen_addr, config->tls_port); + if (virNetServerAddServiceTCP(srv, + act, + "libvirtd-tls.socket", + config->listen_addr, + config->tls_port, + AF_UNSPEC, + config->auth_tls, + ctxt, + false, + config->max_queued_clients, + config->max_client_requests) < 0) { virObjectUnref(ctxt); + goto cleanup; } + virObjectUnref(ctxt); } =20 + if (act && + virSystemdActivationComplete(act) < 0) + goto cleanup; + #if WITH_SASL if (virNetServerNeedsAuth(srv, REMOTE_AUTH_SASL) && !(saslCtxt =3D virNetSASLContextNewServer( (const char *const*)config->sasl_allowed_username_list))) - goto cleanup; + goto cleanup; #endif =20 ret =3D 0; =20 cleanup: - virObjectUnref(svcTLS); - virObjectUnref(svcTCP); - virObjectUnref(svcRO); - virObjectUnref(svcAdm); - virObjectUnref(svc); return ret; } =20 diff --git a/src/rpc/virnetserverservice.c b/src/rpc/virnetserverservice.c index 315a4950df..d5df5d5c20 100644 --- a/src/rpc/virnetserverservice.c +++ b/src/rpc/virnetserverservice.c @@ -28,9 +28,12 @@ #include "viralloc.h" #include "virerror.h" #include "virthread.h" +#include "virlog.h" =20 #define VIR_FROM_THIS VIR_FROM_RPC =20 +VIR_LOG_INIT("rpc.netserverservice"); + struct _virNetServerService { virObject parent; =20 @@ -201,6 +204,8 @@ virNetServerServicePtr virNetServerServiceNewTCP(const = char *nodename, virNetSocketPtr *socks; size_t nsocks; =20 + VIR_DEBUG("Creating new TCP server nodename=3D'%s' service=3D'%s'", + NULLSTR(nodename), NULLSTR(service)); if (virNetSocketNewListenTCP(nodename, service, family, @@ -236,6 +241,8 @@ virNetServerServicePtr virNetServerServiceNewUNIX(const= char *path, virNetServerServicePtr svc; virNetSocketPtr sock; =20 + VIR_DEBUG("Creating new UNIX server path=3D'%s' mask=3D%o gid=3D%u", + path, mask, grp); if (virNetSocketNewListenUNIX(path, mask, -1, --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri Apr 19 09:18:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562854078; cv=none; d=zoho.com; s=zohoarc; b=FEorwRykzG12B6psAQE6SYCotNFKS45rS8bQ+x7idxaCcePjsyFfW3ouO2yxp6EEqjH6NThjQ/MI7EvDYCofN5Dtk/YAIFTsnfHbW3x9wAXY98sZaRiaS401ccFEZXgg9Ra3/lzrPjRKR94GDBA0rqD4+dtKKCY0+LUiiKETw6c= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562854078; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=+MwhknUY8HnuFp9DTBD+1arrl9Dx3hoNyaVBuGY985o=; b=WJRyjLGKVYlS5DHSoWiJa21isKMxv+FD+bmhcElO33viralpI8K3mnFl/KRmZ+6K4KwPWgui938KwGxMaYKIUzjkoQa6B5CEfnfIs7X686sNKln5tkY2lsALhJz1mYyCG8sGRDNFQkO7Va3le5z8DNO1qVXAr9qqturu7+J8yC8= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562854078618808.0992023713698; Thu, 11 Jul 2019 07:07:58 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id CDD573083363; Thu, 11 Jul 2019 14:07:56 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 983621001B17; Thu, 11 Jul 2019 14:07:56 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 55440C596; Thu, 11 Jul 2019 14:07:56 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BE7s0L028872 for ; Thu, 11 Jul 2019 10:07:54 -0400 Received: by smtp.corp.redhat.com (Postfix) id D8E7F600CD; Thu, 11 Jul 2019 14:07:54 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 545D46014C; Thu, 11 Jul 2019 14:07:54 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 15:07:33 +0100 Message-Id: <20190711140742.31029-11-berrange@redhat.com> In-Reply-To: <20190711140742.31029-1-berrange@redhat.com> References: <20190711140742.31029-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 10/19] rpc: remove unused API for creating services from FDs X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.44]); Thu, 11 Jul 2019 14:07:57 +0000 (UTC) The virNetServerServiceNewFDOrUNIX method cannot be correctly used when dealing with systemd activation of a service which can receive more than one socket FD as there is not guaranteed ordering of FDs. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Michal Privoznik --- src/libvirt_remote.syms | 1 - src/rpc/virnetserverservice.c | 46 ----------------------------------- src/rpc/virnetserverservice.h | 10 -------- 3 files changed, 57 deletions(-) diff --git a/src/libvirt_remote.syms b/src/libvirt_remote.syms index 386137c0d8..3307d74324 100644 --- a/src/libvirt_remote.syms +++ b/src/libvirt_remote.syms @@ -205,7 +205,6 @@ virNetServerServiceGetMaxRequests; virNetServerServiceGetPort; virNetServerServiceGetTLSContext; virNetServerServiceIsReadonly; -virNetServerServiceNewFDOrUNIX; virNetServerServiceNewFDs; virNetServerServiceNewPostExecRestart; virNetServerServiceNewTCP; diff --git a/src/rpc/virnetserverservice.c b/src/rpc/virnetserverservice.c index d5df5d5c20..66af27d9f7 100644 --- a/src/rpc/virnetserverservice.c +++ b/src/rpc/virnetserverservice.c @@ -88,52 +88,6 @@ static void virNetServerServiceAccept(virNetSocketPtr so= ck, } =20 =20 -virNetServerServicePtr -virNetServerServiceNewFDOrUNIX(const char *path, - mode_t mask, - gid_t grp, - int auth, - virNetTLSContextPtr tls, - bool readonly, - size_t max_queued_clients, - size_t nrequests_client_max, - unsigned int nfds, - unsigned int *cur_fd) -{ - if (*cur_fd - STDERR_FILENO > nfds) { - /* - * There are no more file descriptors to use, so we have to - * fallback to UNIX socket. - */ - return virNetServerServiceNewUNIX(path, - mask, - grp, - auth, - tls, - readonly, - max_queued_clients, - nrequests_client_max); - - } else { - int fds[] =3D {(*cur_fd)++}; - /* - * There's still enough file descriptors. In this case we'll - * use the current one and increment it afterwards. Take care - * with order of operation for pointer arithmetic and auto - * increment on cur_fd - the parentheses are necessary. - */ - return virNetServerServiceNewFDs(fds, - ARRAY_CARDINALITY(fds), - false, - auth, - tls, - readonly, - max_queued_clients, - nrequests_client_max); - } -} - - static virNetServerServicePtr virNetServerServiceNewSocket(virNetSocketPtr *socks, size_t nsocks, diff --git a/src/rpc/virnetserverservice.h b/src/rpc/virnetserverservice.h index 73d61dde99..d58fc43437 100644 --- a/src/rpc/virnetserverservice.h +++ b/src/rpc/virnetserverservice.h @@ -34,16 +34,6 @@ typedef int (*virNetServerServiceDispatchFunc)(virNetSer= verServicePtr svc, virNetSocketPtr sock, void *opaque); =20 -virNetServerServicePtr virNetServerServiceNewFDOrUNIX(const char *path, - mode_t mask, - gid_t grp, - int auth, - virNetTLSContextPtr = tls, - bool readonly, - size_t max_queued_cl= ients, - size_t nrequests_cli= ent_max, - unsigned int nfds, - unsigned int *cur_fd= ); virNetServerServicePtr virNetServerServiceNewTCP(const char *nodename, const char *service, int family, --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri Apr 19 09:18:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562854091; cv=none; d=zoho.com; s=zohoarc; b=TP7vjT1GDdPpFNPEQnENFyLcSkyAYNPbjUaC28t1x9yyei7rdtUlQFTyoah5RTFNTN/7UerBPEp5KNKzPKrmsd/FPPzd7NBKPneMffZXFKnZWsVA0mEkcXYbC8YyyLaTPYjQPykMcMvx69lW3h87IluATKH97F+T7thKpVb2A28= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562854091; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=lvYQtcY7JQItb5BDh3Mf0So0QEv79PQrcC3fwia/nxk=; b=WII57r3hrAR4B3k7+U1w9HbC/aeRAcTZ5ZR4vwsy39mTYR0purqsCE0QmlFilFgc14hWrCJSbDuve5PH83Wm3/x1OEQrkPG+Z1XvdS2+TZRJ/7phSgBx0Cv4trIAULWQAuqDyMJXMCkdFrphAhyyekXflw8FQKdwYLGjnuV2P4E= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562854091834185.32077384210436; Thu, 11 Jul 2019 07:08:11 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id EEFC683F4C; Thu, 11 Jul 2019 14:08:09 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id B518C194B3; Thu, 11 Jul 2019 14:08:09 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 62877206DA; Thu, 11 Jul 2019 14:08:09 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BE7tHC028879 for ; Thu, 11 Jul 2019 10:07:55 -0400 Received: by smtp.corp.redhat.com (Postfix) id BA2D560150; Thu, 11 Jul 2019 14:07:55 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 271C5600CD; Thu, 11 Jul 2019 14:07:55 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 15:07:34 +0100 Message-Id: <20190711140742.31029-12-berrange@redhat.com> In-Reply-To: <20190711140742.31029-1-berrange@redhat.com> References: <20190711140742.31029-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 11/19] remote: add systemd socket units for UNIX/TCP sockets X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Thu, 11 Jul 2019 14:08:10 +0000 (UTC) We don't do socket activation of libvirtd, since we need to unconditionally start libvirtd in order to perform autostart. This doesn't mean we can't have systemd socket units. Some use cases will not need libvirt's autostart & are thus free to use activation. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Michal Privoznik --- libvirt.spec.in | 24 +++++++++++++++++++- src/remote/Makefile.inc.am | 35 +++++++++++++++++++++++++++++ src/remote/libvirtd-admin.socket.in | 13 +++++++++++ src/remote/libvirtd-ro.socket.in | 13 +++++++++++ src/remote/libvirtd-tcp.socket.in | 12 ++++++++++ src/remote/libvirtd-tls.socket.in | 12 ++++++++++ src/remote/libvirtd.service.in | 10 ++++----- src/remote/libvirtd.socket.in | 11 +++++++++ 8 files changed, 124 insertions(+), 6 deletions(-) create mode 100644 src/remote/libvirtd-admin.socket.in create mode 100644 src/remote/libvirtd-ro.socket.in create mode 100644 src/remote/libvirtd-tcp.socket.in create mode 100644 src/remote/libvirtd-tls.socket.in create mode 100644 src/remote/libvirtd.socket.in diff --git a/libvirt.spec.in b/libvirt.spec.in index d54f58f1d4..ec562d5f7a 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1342,6 +1342,8 @@ exit 0 =20 %systemd_post virtlockd.socket virtlockd-admin.socket %systemd_post virtlogd.socket virtlogd-admin.socket +%systemd_post libvirtd.socket libvirtd-ro.socket libvirtd-admin.socket +%systemd_post libvirtd-tcp.socket libvirtd-tls.socket %systemd_post libvirtd.service =20 # request daemon restart in posttrans @@ -1350,6 +1352,8 @@ touch %{_localstatedir}/lib/rpm-state/libvirt/restart= || : =20 %preun daemon %systemd_preun libvirtd.service +%systemd_preun libvirtd-tcp.socket libvirtd-tls.socket +%systemd_preun libvirtd.socket libvirtd-ro.socket libvirtd-admin.socket %systemd_preun virtlogd.socket virtlogd-admin.socket virtlogd.service %systemd_preun virtlockd.socket virtlockd-admin.socket virtlockd.service =20 @@ -1374,7 +1378,20 @@ fi =20 %posttrans daemon if [ -f %{_localstatedir}/lib/rpm-state/libvirt/restart ]; then - /bin/systemctl try-restart libvirtd.service >/dev/null 2>&1 || : + /bin/systemctl is-active libvirtd.service 1>/dev/null 2>&1 + # Old libvirtd owns the sockets and will delete them on + # shutdown. Can't use a try-restart as libvirtd will simply + # own the sockets again when it comes back up. Thus we must + # do this particular ordering + if test $? =3D=3D 0 ; then + /bin/systemctl stop libvirtd.service >/dev/null 2>&1 || : + + /bin/systemctl try-restart libvirtd.socket >/dev/null 2>&1 || : + /bin/systemctl try-restart libvirtd-ro.socket >/dev/null 2>&1 || : + /bin/systemctl try-restart libvirtd-admin.socket >/dev/null 2>&1 |= | : + + /bin/systemctl start libvirtd.service >/dev/null 2>&1 || : + fi fi rm -rf %{_localstatedir}/lib/rpm-state/libvirt || : =20 @@ -1505,6 +1522,11 @@ exit 0 %dir %attr(0700, root, root) %{_sysconfdir}/libvirt/ =20 %{_unitdir}/libvirtd.service +%{_unitdir}/libvirtd.socket +%{_unitdir}/libvirtd-ro.socket +%{_unitdir}/libvirtd-admin.socket +%{_unitdir}/libvirtd-tcp.socket +%{_unitdir}/libvirtd-tls.socket %{_unitdir}/virt-guest-shutdown.target %{_unitdir}/virtlogd.service %{_unitdir}/virtlogd.socket diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index 851ab903fd..0cf00cb902 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -51,6 +51,11 @@ MANINFILES +=3D libvirtd.8.in =20 SYSTEMD_UNIT_FILES_IN +=3D \ remote/libvirtd.service.in \ + remote/libvirtd.socket.in \ + remote/libvirtd-ro.socket.in \ + remote/libvirtd-admin.socket.in \ + remote/libvirtd-tcp.socket.in \ + remote/libvirtd-tls.socket.in \ remote/virt-guest-shutdown.target.in \ $(NULL) =20 @@ -267,6 +272,36 @@ libvirtd.service: remote/libvirtd.service.in $(top_bui= lddir)/config.status < $< > $@-t && \ mv $@-t $@ =20 +libvirtd.socket: remote/libvirtd.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed \ + -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + < $< > $@-t && \ + mv $@-t $@ + +libvirtd-ro.socket: remote/libvirtd-ro.socket.in $(top_builddir)/config.st= atus + $(AM_V_GEN)sed \ + -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + < $< > $@-t && \ + mv $@-t $@ + +libvirtd-admin.socket: remote/libvirtd-admin.socket.in $(top_builddir)/con= fig.status + $(AM_V_GEN)sed \ + -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + < $< > $@-t && \ + mv $@-t $@ + +libvirtd-tcp.socket: remote/libvirtd-tcp.socket.in $(top_builddir)/config.= status + $(AM_V_GEN)sed \ + -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + < $< > $@-t && \ + mv $@-t $@ + +libvirtd-tls.socket: remote/libvirtd-tls.socket.in $(top_builddir)/config.= status + $(AM_V_GEN)sed \ + -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + < $< > $@-t && \ + mv $@-t $@ + virt-guest-shutdown.target: remote/virt-guest-shutdown.target.in \ $(top_builddir)/config.status $(AM_V_GEN)cp $< $@ diff --git a/src/remote/libvirtd-admin.socket.in b/src/remote/libvirtd-admi= n.socket.in new file mode 100644 index 0000000000..b791a2eb1b --- /dev/null +++ b/src/remote/libvirtd-admin.socket.in @@ -0,0 +1,13 @@ +[Unit] +Description=3DLibvirt admin socket +Before=3Dlibvirtd.service +BindsTo=3Dlibvirtd.socket +After=3Dlibvirtd.socket + +[Socket] +ListenStream=3D@localstatedir@/run/libvirt/libvirt-admin-sock +Service=3Dlibvirtd.service +SocketMode=3D0600 + +[Install] +WantedBy=3Dsockets.target diff --git a/src/remote/libvirtd-ro.socket.in b/src/remote/libvirtd-ro.sock= et.in new file mode 100644 index 0000000000..55c44944b4 --- /dev/null +++ b/src/remote/libvirtd-ro.socket.in @@ -0,0 +1,13 @@ +[Unit] +Description=3DLibvirt local read-only socket +Before=3Dlibvirtd.service +BindsTo=3Dlibvirtd.socket +After=3Dlibvirtd.socket + +[Socket] +ListenStream=3D@localstatedir@/run/libvirt/libvirt-sock-ro +Service=3Dlibvirtd.service +SocketMode=3D0666 + +[Install] +WantedBy=3Dsockets.target diff --git a/src/remote/libvirtd-tcp.socket.in b/src/remote/libvirtd-tcp.so= cket.in new file mode 100644 index 0000000000..09d5d3d67a --- /dev/null +++ b/src/remote/libvirtd-tcp.socket.in @@ -0,0 +1,12 @@ +[Unit] +Description=3DLibvirt non-TLS IP socket +Before=3Dlibvirtd.service +BindsTo=3Dlibvirtd.socket +After=3Dlibvirtd.socket + +[Socket] +ListenStream=3D16509 +Service=3Dlibvirtd.service + +[Install] +WantedBy=3Dsockets.target diff --git a/src/remote/libvirtd-tls.socket.in b/src/remote/libvirtd-tls.so= cket.in new file mode 100644 index 0000000000..c60f0c9c77 --- /dev/null +++ b/src/remote/libvirtd-tls.socket.in @@ -0,0 +1,12 @@ +[Unit] +Description=3DLibvirt TLS IP socket +Before=3Dlibvirtd.service +BindsTo=3Dlibvirtd.socket +After=3Dlibvirtd.socket + +[Socket] +ListenStream=3D16514 +Service=3Dlibvirtd.service + +[Install] +WantedBy=3Dsockets.target diff --git a/src/remote/libvirtd.service.in b/src/remote/libvirtd.service.in index 7f689e08a8..047620f79b 100644 --- a/src/remote/libvirtd.service.in +++ b/src/remote/libvirtd.service.in @@ -1,12 +1,10 @@ -# NB we don't use socket activation. When libvirtd starts it will -# spawn any virtual machines registered for autostart. We want this -# to occur on every boot, regardless of whether any client connects -# to a socket. Thus socket activation doesn't have any benefit - [Unit] Description=3DVirtualization daemon Requires=3Dvirtlogd.socket Requires=3Dvirtlockd.socket +Requires=3Dlibvirtd.socket +Requires=3Dlibvirtd-ro.socket +Requires=3Dlibvirtd-admin.socket Wants=3Dsystemd-machined.service Before=3Dlibvirt-guests.service After=3Dnetwork.target @@ -42,3 +40,5 @@ TasksMax=3D32768 WantedBy=3Dmulti-user.target Also=3Dvirtlockd.socket Also=3Dvirtlogd.socket +Also=3Dlibvirtd.socket +Also=3Dlibvirtd-ro.socket diff --git a/src/remote/libvirtd.socket.in b/src/remote/libvirtd.socket.in new file mode 100644 index 0000000000..e194c6e76e --- /dev/null +++ b/src/remote/libvirtd.socket.in @@ -0,0 +1,11 @@ +[Unit] +Description=3DLibvirt local socket +Before=3Dlibvirtd.service + +[Socket] +ListenStream=3D@localstatedir@/run/libvirt/libvirt-sock +Service=3Dlibvirtd.service +SocketMode=3D0666 + +[Install] +WantedBy=3Dsockets.target --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri Apr 19 09:18:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562854095; cv=none; d=zoho.com; s=zohoarc; b=lo5YszQkOkAIkTP9SmgXAuz1Tvvk9nMnEYqiJZtZaSY68Tf8N2ho+7NDfDjbC7WOY9oYWluysOJhRgU3tbMZmrbv878DeBB9kXecRArAf0rVrRexx99S+oXsoJND+F6t91X5YJ4yHDysWOWSrItIR2jWmeu3o+TR3y33zIMRFVs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562854095; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=vR6LsvOOtjikeLp124w6T0Tibv9Kb+d+0XToK3YbaHE=; b=fPynU2KpbY85A7NnhFQL6CtB/R8EknBz9ymQH3ZWnNmPo8gsNcUev3hDBkqKFCnTsHtW8fHm6ejUpbP9t13uTWntMlXru2AjiuGDzN+jmgz0dA91A2fbJn+2t0/v9Fz39Wa/SzJGsxcLcxMbLrsJ5PPP7Tnl8YYpckIblVEYSac= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562854095353946.5284271034775; Thu, 11 Jul 2019 07:08:15 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 9E16136893; Thu, 11 Jul 2019 14:08:13 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 767CB60156; Thu, 11 Jul 2019 14:08:13 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 1E108206DE; Thu, 11 Jul 2019 14:08:13 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BE7utw028892 for ; Thu, 11 Jul 2019 10:07:56 -0400 Received: by smtp.corp.redhat.com (Postfix) id E97616015A; Thu, 11 Jul 2019 14:07:56 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 05CFE60156; Thu, 11 Jul 2019 14:07:55 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 15:07:35 +0100 Message-Id: <20190711140742.31029-13-berrange@redhat.com> In-Reply-To: <20190711140742.31029-1-berrange@redhat.com> References: <20190711140742.31029-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 12/19] remote: make system libvirtd exit when idle via timeout X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Thu, 11 Jul 2019 14:08:14 +0000 (UTC) Since we have socket activation available now, we can let the system libvirtd exit when it is idle. This allows it to still do autostart when the host boots up, but when nothing was started it will quickly exit again until some mgmt app connects to the socket. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Michal Privoznik --- src/remote/libvirtd.service.in | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/remote/libvirtd.service.in b/src/remote/libvirtd.service.in index 047620f79b..2e51429e7a 100644 --- a/src/remote/libvirtd.service.in +++ b/src/remote/libvirtd.service.in @@ -21,7 +21,11 @@ Documentation=3Dhttps://libvirt.org [Service] Type=3Dnotify EnvironmentFile=3D-/etc/sysconfig/libvirtd -ExecStart=3D@sbindir@/libvirtd $LIBVIRTD_ARGS +# libvirtd.service is set to run on boot so that autostart of +# VMs can be performed. We don't want it to stick around if +# unused though, so we set a timeout. The socket activation +# then ensures it gets started again if anything needs it +ExecStart=3D@sbindir@/libvirtd --timeout 30 $LIBVIRTD_ARGS ExecReload=3D/bin/kill -HUP $MAINPID KillMode=3Dprocess Restart=3Don-failure --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri Apr 19 09:18:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562854085; cv=none; d=zoho.com; s=zohoarc; b=N4t2rLk4Jo0tIk6WOKhdXJVQF1jBgLKJtEN9BWsLfM0s6TIRINyUG0y4hESO2uAQF5NOK2rK6yiWb+ecxFGiNctBagKYVBRQhTlZ+fIs1yhvanFGU4Q7WP3EWSK8vjY0Q3N7FPLLY2s3QQ/kEXqdTbsigVNEV+uxeNC5jklpb00= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562854085; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=WR2hZRCVeVbscOkh+zJK0Vivj8E5HRQChsnjUjfd8t0=; b=BfekEOwz5P4aZCiBU4mdHmw4mWh6ZJTGWV7g1A95VAUtTLrAUAcdtb3Hxek4YwYZOX4Fk5Q2nVAGL4PT9nB1s4n6U+KH/YIReiW8TPLqDGPBu0ooLs5j1s+j5MPpysvQtKWHKMXH9R1Vo2ht1VOX5nYntsbs5Lk8oZHSUrQ1zHM= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562854085323911.2817764564446; Thu, 11 Jul 2019 07:08:05 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 7E02944FB1; Thu, 11 Jul 2019 14:08:01 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 53FFC60C18; Thu, 11 Jul 2019 14:08:01 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 159941833005; Thu, 11 Jul 2019 14:08:01 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BE7vMA028904 for ; Thu, 11 Jul 2019 10:07:57 -0400 Received: by smtp.corp.redhat.com (Postfix) id B9B86600CD; Thu, 11 Jul 2019 14:07:57 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 33F1760471; Thu, 11 Jul 2019 14:07:57 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 15:07:36 +0100 Message-Id: <20190711140742.31029-14-berrange@redhat.com> In-Reply-To: <20190711140742.31029-1-berrange@redhat.com> References: <20190711140742.31029-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 13/19] remote: update config files to note usage wrt systemd socket activation X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Thu, 11 Jul 2019 14:08:03 +0000 (UTC) Certain libvirtd.conf settings are not honoured when using systemd socket activation. Certain systemd unit file settings must match those defined in libvirtd.conf for systemd socket activation to work with systemd version < 227, otherwise libvirtd cannot determine which inherited FD to use for which service. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Michal Privoznik --- src/remote/libvirtd-admin.socket.in | 2 ++ src/remote/libvirtd-ro.socket.in | 2 ++ src/remote/libvirtd-tcp.socket.in | 2 ++ src/remote/libvirtd-tls.socket.in | 2 ++ src/remote/libvirtd.conf | 31 +++++++++++++++++++++++++++++ src/remote/libvirtd.socket.in | 2 ++ src/remote/libvirtd.sysconf | 3 ++- 7 files changed, 43 insertions(+), 1 deletion(-) diff --git a/src/remote/libvirtd-admin.socket.in b/src/remote/libvirtd-admi= n.socket.in index b791a2eb1b..307c9ba24b 100644 --- a/src/remote/libvirtd-admin.socket.in +++ b/src/remote/libvirtd-admin.socket.in @@ -5,6 +5,8 @@ BindsTo=3Dlibvirtd.socket After=3Dlibvirtd.socket =20 [Socket] +# The directory must match the /etc/libvirt/libvirtd.conf unix_sock_dir se= tting +# when using systemd version < 227 ListenStream=3D@localstatedir@/run/libvirt/libvirt-admin-sock Service=3Dlibvirtd.service SocketMode=3D0600 diff --git a/src/remote/libvirtd-ro.socket.in b/src/remote/libvirtd-ro.sock= et.in index 55c44944b4..876daf0c9c 100644 --- a/src/remote/libvirtd-ro.socket.in +++ b/src/remote/libvirtd-ro.socket.in @@ -5,6 +5,8 @@ BindsTo=3Dlibvirtd.socket After=3Dlibvirtd.socket =20 [Socket] +# The directory must match the /etc/libvirt/libvirtd.conf unix_sock_dir se= tting +# when using systemd version < 227 ListenStream=3D@localstatedir@/run/libvirt/libvirt-sock-ro Service=3Dlibvirtd.service SocketMode=3D0666 diff --git a/src/remote/libvirtd-tcp.socket.in b/src/remote/libvirtd-tcp.so= cket.in index 09d5d3d67a..16a4764283 100644 --- a/src/remote/libvirtd-tcp.socket.in +++ b/src/remote/libvirtd-tcp.socket.in @@ -5,6 +5,8 @@ BindsTo=3Dlibvirtd.socket After=3Dlibvirtd.socket =20 [Socket] +# This must match the /etc/libvirt/libvirtd.conf tcp_port setting +# when using systemd version < 227 ListenStream=3D16509 Service=3Dlibvirtd.service =20 diff --git a/src/remote/libvirtd-tls.socket.in b/src/remote/libvirtd-tls.so= cket.in index c60f0c9c77..e904583cf9 100644 --- a/src/remote/libvirtd-tls.socket.in +++ b/src/remote/libvirtd-tls.socket.in @@ -5,6 +5,8 @@ BindsTo=3Dlibvirtd.socket After=3Dlibvirtd.socket =20 [Socket] +# This must match the /etc/libvirt/libvirtd.conf tls_port setting +# when using systemd version < 227 ListenStream=3D16514 Service=3Dlibvirtd.service =20 diff --git a/src/remote/libvirtd.conf b/src/remote/libvirtd.conf index bbeb053495..b63b8d61b7 100644 --- a/src/remote/libvirtd.conf +++ b/src/remote/libvirtd.conf @@ -10,6 +10,9 @@ # NB, must pass the --listen flag to the libvirtd process for this to # have any effect. # +# This setting is not required or honoured if using systemd socket +# activation. +# # It is necessary to setup a CA and issue server certificates before # using this capability. # @@ -20,6 +23,9 @@ # NB, must pass the --listen flag to the libvirtd process for this to # have any effect. # +# This setting is not required or honoured if using systemd socket +# activation. +# # Using the TCP socket requires SASL authentication by default. Only # SASL mechanisms which support data encryption are allowed. This is # DIGEST_MD5 and GSSAPI (Kerberos5) @@ -32,17 +38,26 @@ # Override the port for accepting secure TLS connections # This can be a port number, or service name # +# This setting is not required or honoured if using systemd socket +# activation with systemd version >=3D 227 +# #tls_port =3D "16514" =20 # Override the port for accepting insecure TCP connections # This can be a port number, or service name # +# This setting is not required or honoured if using systemd socket +# activation with systemd version >=3D 227 +# #tcp_port =3D "16509" =20 =20 # Override the default configuration which binds to all network # interfaces. This can be a numeric IPv4/6 address, or hostname # +# This setting is not required or honoured if using systemd socket +# activation. +# # If the libvirtd service is started in parallel with network # startup (e.g. with systemd), binding to addresses other than # the wildcards (0.0.0.0/::) might not be available yet. @@ -59,12 +74,18 @@ # allow a 'trusted' set of users access to management capabilities # without becoming root. # +# This setting is not required or honoured if using systemd socket +# activation. +# # This is restricted to 'root' by default. #unix_sock_group =3D "libvirt" =20 # Set the UNIX socket permissions for the R/O socket. This is used # for monitoring VM status only # +# This setting is not required or honoured if using systemd socket +# activation. +# # Default allows any user. If setting group ownership, you may want to # restrict this too. #unix_sock_ro_perms =3D "0777" @@ -72,6 +93,9 @@ # Set the UNIX socket permissions for the R/W socket. This is used # for full management of VMs # +# This setting is not required or honoured if using systemd socket +# activation. +# # Default allows only root. If PolicyKit is enabled on the socket, # the default will change to allow everyone (eg, 0777) # @@ -81,11 +105,18 @@ =20 # Set the UNIX socket permissions for the admin interface socket. # +# This setting is not required or honoured if using systemd socket +# activation. +# # Default allows only owner (root), do not change it unless you are # sure to whom you are exposing the access to. #unix_sock_admin_perms =3D "0700" =20 # Set the name of the directory in which sockets will be found/created. +# +# This setting is not required or honoured if using systemd socket +# activation with systemd version >=3D 227 +# #unix_sock_dir =3D "/var/run/libvirt" =20 =20 diff --git a/src/remote/libvirtd.socket.in b/src/remote/libvirtd.socket.in index e194c6e76e..2ee4d7d7a2 100644 --- a/src/remote/libvirtd.socket.in +++ b/src/remote/libvirtd.socket.in @@ -3,6 +3,8 @@ Description=3DLibvirt local socket Before=3Dlibvirtd.service =20 [Socket] +# The directory must match the /etc/libvirt/libvirtd.conf unix_sock_dir se= tting +# when using systemd version < 227 ListenStream=3D@localstatedir@/run/libvirt/libvirt-sock Service=3Dlibvirtd.service SocketMode=3D0666 diff --git a/src/remote/libvirtd.sysconf b/src/remote/libvirtd.sysconf index 60a47c252f..5969518bf2 100644 --- a/src/remote/libvirtd.sysconf +++ b/src/remote/libvirtd.sysconf @@ -1,6 +1,7 @@ # Customizations for the libvirtd.service systemd unit =20 -# Listen for TCP/IP connections +# Listen for TCP/IP connections. This is not required if using systemd +# socket activation. # NB. must setup TLS/SSL keys prior to using this #LIBVIRTD_ARGS=3D"--listen" =20 --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri Apr 19 09:18:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562854090; cv=none; d=zoho.com; s=zohoarc; b=l8a2U7Ap6vBICBGEA8itVi7pVwKRyReJQHZDl9GUxdc/Tt7kWSttpfgyQmyhAmTc7zXG5/JeYPvMDpsLG5UiLWC4tRoOS+cx6cDu0b7NGid5VciJ4FuB4UKXttaz3TV/M7ddJOe3J3G9aL5eZocfhMTEEke+QVPEbTcKduxwXyU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562854090; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=i50vg6L3Gb5k0Y4cBVBRCP+jMnDwotpBdjWiKncAwKg=; b=BXo1KdBMfA29ZV5OVBV6SLZP+bS6NGkq+Kk0LgOVJXrw9pjsCvlz+BbDbqRDCcOvyiRu1La1WrIjWiSv82XriT8ylaFwKMRC6HFYhMWdH3aF7Jo0iNdLmV/3xrAkotCSGbcS/BYFzqiEn0GtnTj5dWvx9FFcMO8K/OhYE3LHEJo= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 156285409091873.6797778468432; Thu, 11 Jul 2019 07:08:10 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 805CE30821BE; Thu, 11 Jul 2019 14:08:08 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 319D85D9CC; Thu, 11 Jul 2019 14:08:08 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id CB16C206D7; Thu, 11 Jul 2019 14:08:07 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BE7xIr028918 for ; Thu, 11 Jul 2019 10:07:59 -0400 Received: by smtp.corp.redhat.com (Postfix) id 8323460150; Thu, 11 Jul 2019 14:07:59 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 089D9600CD; Thu, 11 Jul 2019 14:07:57 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 15:07:37 +0100 Message-Id: <20190711140742.31029-15-berrange@redhat.com> In-Reply-To: <20190711140742.31029-1-berrange@redhat.com> References: <20190711140742.31029-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 14/19] util: remove code spawning with systemd activation env vars X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.47]); Thu, 11 Jul 2019 14:08:09 +0000 (UTC) Content-Type: text/plain; charset="utf-8" The only use of this code was removed by: commit be78814ae07f092d9c4e71fd82dd1947aba2f029 Author: Michal Privoznik Date: Thu Apr 2 14:41:17 2015 +0200 virNetSocketNewConnectUNIX: Use flocks when spawning a daemon less than a year after it was first introduced in commit 1b807f92dbb617db5b9d551777d3026d8ff0903f Author: Martin Kletzander Date: Wed Jul 16 08:00:19 2014 +0200 rpc: pass listen FD to the daemon being started Reviewed-by: Michal Privoznik --- src/libvirt_private.syms | 1 - src/util/vircommand.c | 99 ------------------------------------ src/util/vircommand.h | 2 - tests/commanddata/test24.log | 8 --- tests/commandtest.c | 58 --------------------- 5 files changed, 168 deletions(-) delete mode 100644 tests/commanddata/test24.log diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index a19ba1d798..1e32dd090e 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -1700,7 +1700,6 @@ virCommandNewVAList; virCommandNonblockingFDs; virCommandPassFD; virCommandPassFDGetFDIndex; -virCommandPassListenFDs; virCommandRawStatus; virCommandRequireHandshake; virCommandRun; diff --git a/src/util/vircommand.c b/src/util/vircommand.c index 8695c98d1b..c81ddfc0d0 100644 --- a/src/util/vircommand.c +++ b/src/util/vircommand.c @@ -66,7 +66,6 @@ enum { VIR_EXEC_CLEAR_CAPS =3D (1 << 2), VIR_EXEC_RUN_SYNC =3D (1 << 3), VIR_EXEC_ASYNC_IO =3D (1 << 4), - VIR_EXEC_LISTEN_FDS =3D (1 << 5), }; =20 typedef struct _virCommandFD virCommandFD; @@ -205,78 +204,6 @@ virCommandFDSet(virCommandPtr cmd, =20 #ifndef WIN32 =20 -static void -virCommandReorderFDs(virCommandPtr cmd) -{ - int maxfd =3D 0; - int openmax =3D 0; - size_t i =3D 0; - - if (!cmd || cmd->has_error || !cmd->npassfd) - return; - - for (i =3D 0; i < cmd->npassfd; i++) - maxfd =3D MAX(cmd->passfd[i].fd, maxfd); - - openmax =3D sysconf(_SC_OPEN_MAX); - if (openmax < 0 || - maxfd + cmd->npassfd > openmax) - goto error; - - /* - * Simple two-pass sort, nothing fancy. This is not designed for - * anything else than passing around 2 FDs into the child. - * - * So first dup2() them somewhere else. - */ - for (i =3D 0; i < cmd->npassfd; i++) { - int newfd =3D maxfd + i + 1; - int oldfd =3D cmd->passfd[i].fd; - if (dup2(oldfd, newfd) !=3D newfd) { - virReportSystemError(errno, - _("Cannot dup2() fd %d before " - "passing it to the child"), - oldfd); - goto error; - } - VIR_FORCE_CLOSE(cmd->passfd[i].fd); - } - - VIR_DEBUG("First reorder pass done"); - - /* - * And then dup2() them in orderly manner. - */ - for (i =3D 0; i < cmd->npassfd; i++) { - int newfd =3D STDERR_FILENO + i + 1; - int oldfd =3D maxfd + i + 1; - if (dup2(oldfd, newfd) !=3D newfd) { - virReportSystemError(errno, - _("Cannot dup2() fd %d before " - "passing it to the child"), - oldfd); - goto error; - } - if (virSetInherit(newfd, true) < 0) { - virReportSystemError(errno, - _("Cannot set O_CLOEXEC on fd %d before " - "passing it to the child"), - newfd); - goto error; - } - VIR_FORCE_CLOSE(oldfd); - cmd->passfd[i].fd =3D newfd; - } - - VIR_DEBUG("Second reorder pass done"); - - return; - - error: - cmd->has_error =3D -1; - return; -} - /** * virFork: * @@ -763,15 +690,6 @@ virExec(virCommandPtr cmd) goto fork_error; } =20 - if (cmd->flags & VIR_EXEC_LISTEN_FDS) { - virCommandReorderFDs(cmd); - virCommandAddEnvFormat(cmd, "LISTEN_PID=3D%u", getpid()); - virCommandAddEnvFormat(cmd, "LISTEN_FDS=3D%zu", cmd->npassfd); - - if (cmd->has_error) - goto fork_error; - } - /* Close logging again to ensure no FDs leak to child */ virLogReset(); =20 @@ -1002,23 +920,6 @@ virCommandPassFD(virCommandPtr cmd, int fd, unsigned = int flags) } } =20 -/** - * virCommandPassListenFDs: - * @cmd: the command to modify - * - * Pass LISTEN_FDS and LISTEN_PID environment variables into the - * child. LISTEN_PID has the value of the child's PID and LISTEN_FDS - * is a number of passed file descriptors starting from 3. - */ -void -virCommandPassListenFDs(virCommandPtr cmd) -{ - if (!cmd || cmd->has_error) - return; - - cmd->flags |=3D VIR_EXEC_LISTEN_FDS; -} - /* * virCommandPassFDGetFDIndex: * @cmd: pointer to virCommand diff --git a/src/util/vircommand.h b/src/util/vircommand.h index c9a8d3c41c..2a9ee5cdc7 100644 --- a/src/util/vircommand.h +++ b/src/util/vircommand.h @@ -60,8 +60,6 @@ void virCommandPassFD(virCommandPtr cmd, int fd, unsigned int flags) ATTRIBUTE_NOINLINE; =20 -void virCommandPassListenFDs(virCommandPtr cmd); - int virCommandPassFDGetFDIndex(virCommandPtr cmd, int fd); =20 diff --git a/tests/commanddata/test24.log b/tests/commanddata/test24.log deleted file mode 100644 index 38cbb5451b..0000000000 --- a/tests/commanddata/test24.log +++ /dev/null @@ -1,8 +0,0 @@ -FD:0 -FD:1 -FD:2 -FD:3 -FD:4 -DAEMON:yes -CWD:/ -UMASK:0022 diff --git a/tests/commandtest.c b/tests/commandtest.c index 146cc4c1bf..ce0832fb0c 100644 --- a/tests/commandtest.c +++ b/tests/commandtest.c @@ -1003,63 +1003,6 @@ test23(const void *unused ATTRIBUTE_UNUSED) return ret; } =20 -static int test24(const void *unused ATTRIBUTE_UNUSED) -{ - char *pidfile =3D virPidFileBuildPath(abs_builddir, "commandhelper"); - char *prefix =3D NULL; - int newfd1 =3D dup(STDERR_FILENO); - int newfd2 =3D dup(STDERR_FILENO); - int newfd3 =3D dup(STDERR_FILENO); - int ret =3D -1; - pid_t pid; - virCommandPtr cmd =3D virCommandNew(abs_builddir "/commandhelper"); - - if (!pidfile) - goto cleanup; - - if (VIR_CLOSE(newfd1) < 0) - printf("Cannot close fd %d\n", newfd1); - - virCommandSetPidFile(cmd, pidfile); - virCommandDaemonize(cmd); - virCommandPassFD(cmd, newfd2, VIR_COMMAND_PASS_FD_CLOSE_PARENT); - virCommandPassFD(cmd, newfd3, VIR_COMMAND_PASS_FD_CLOSE_PARENT); - newfd2 =3D newfd3 =3D -1; - virCommandPassListenFDs(cmd); - - if (virCommandRun(cmd, NULL) < 0) { - printf("Cannot run child %s\n", virGetLastErrorMessage()); - goto cleanup; - } - - if (virPidFileRead(abs_builddir, "commandhelper", &pid) < 0) { - printf("cannot read pidfile\n"); - goto cleanup; - } - - if (virAsprintf(&prefix, - "ENV:LISTEN_FDS=3D2\nENV:LISTEN_PID=3D%u\n", - pid) < 0) - goto cleanup; - - while (kill(pid, 0) !=3D -1) - usleep(100*1000); - - ret =3D checkoutput("test24", prefix); - - cleanup: - if (pidfile) - unlink(pidfile); - VIR_FREE(pidfile); - VIR_FREE(prefix); - virCommandFree(cmd); - VIR_FORCE_CLOSE(newfd1); - VIR_FORCE_CLOSE(newfd2); - VIR_FORCE_CLOSE(newfd3); - return ret; -} - - static int test25(const void *unused ATTRIBUTE_UNUSED) { int ret =3D -1; @@ -1347,7 +1290,6 @@ mymain(void) DO_TEST(test21); DO_TEST(test22); DO_TEST(test23); - DO_TEST(test24); DO_TEST(test25); DO_TEST(test26); =20 --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri Apr 19 09:18:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562854094; cv=none; d=zoho.com; s=zohoarc; b=M/K4yDXQjNVxWABbwVTea3HTb9sOZ6/oNavrKY5EozsY1TIzsGPrlZYoW5gpbQf5Jla79ZR49XgkLPtZeU573BgyXq/XSyCzZCEBc7/CwWyXs8up6+muAeJjBy1TzjmzRjSI4mX3WLjlX9qOuf2BOBgSN8qr7Azc2qIhLhAugyc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562854094; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=1VTQLVZuLFeAOc+5ogmc7bx1NI5EK0WV2jsiEzyMuss=; b=NYZ/GijH+guNKHKFGxUb4+BRPvQ3ssTpw8wETmEbmuKfdo33A9qLk4tT3BpUGGQRft++IR5wv6r1TkyYgrU0CsQYGwKWk/pmeg31JNnrV7ceNl2/vGtAFE2uyYb/qKwNJwI3rXZxy4WJhnYnkngeHmeX8P8yZ3DV0HMQVrKwEyQ= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562854094049994.9691498615321; Thu, 11 Jul 2019 07:08:14 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 7300E882EA; Thu, 11 Jul 2019 14:08:12 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 45A0C60A9F; Thu, 11 Jul 2019 14:08:12 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 045CE183300D; Thu, 11 Jul 2019 14:08:12 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BE80co028926 for ; Thu, 11 Jul 2019 10:08:00 -0400 Received: by smtp.corp.redhat.com (Postfix) id CA36660150; Thu, 11 Jul 2019 14:08:00 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4503B6015A; Thu, 11 Jul 2019 14:07:59 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 15:07:38 +0100 Message-Id: <20190711140742.31029-16-berrange@redhat.com> In-Reply-To: <20190711140742.31029-1-berrange@redhat.com> References: <20190711140742.31029-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 15/19] locking: convert lock daemon to use systemd activation APIs X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Thu, 11 Jul 2019 14:08:12 +0000 (UTC) Using the new system activation APIs allows for simpler code setting up the network services. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Michal Privoznik --- src/locking/lock_daemon.c | 125 +++++++++++--------------------------- 1 file changed, 37 insertions(+), 88 deletions(-) diff --git a/src/locking/lock_daemon.c b/src/locking/lock_daemon.c index 0f90606be6..d2a5fce8dc 100644 --- a/src/locking/lock_daemon.c +++ b/src/locking/lock_daemon.c @@ -582,78 +582,6 @@ virLockDaemonSetupSignals(virNetDaemonPtr dmn) } =20 =20 -static int -virLockDaemonSetupNetworkingSystemD(virNetServerPtr lockSrv, virNetServerP= tr adminSrv) -{ - unsigned int nfds; - size_t i; - - if ((nfds =3D virGetListenFDs()) =3D=3D 0) - return 0; - if (nfds > 2) - VIR_DEBUG("Too many (%d) file descriptors from systemd", nfds); - - for (i =3D 0; i < nfds && i < 2; i++) { - virNetServerServicePtr svc; - char *path =3D virGetUNIXSocketPath(3 + i); - virNetServerPtr srv; - int fds[] =3D { 3 + i }; - - if (!path) - return -1; - - if (strstr(path, "virtlockd-admin-sock")) { - srv =3D adminSrv; - } else if (strstr(path, "virtlockd-sock")) { - srv =3D lockSrv; - } else { - virReportError(VIR_ERR_INTERNAL_ERROR, - _("Unknown UNIX socket %s passed in"), - path); - VIR_FREE(path); - return -1; - } - VIR_FREE(path); - - /* Systemd passes FDs, starting immediately after stderr, - * so the first FD we'll get is '3'. */ - if (!(svc =3D virNetServerServiceNewFDs(fds, - ARRAY_CARDINALITY(fds), - false, - 0, - NULL, - false, 0, 1))) - return -1; - - if (virNetServerAddService(srv, svc) < 0) { - virObjectUnref(svc); - return -1; - } - } - return 1; -} - - -static int -virLockDaemonSetupNetworkingNative(virNetServerPtr srv, const char *sock_p= ath) -{ - virNetServerServicePtr svc; - - VIR_DEBUG("Setting up networking natively"); - - if (!(svc =3D virNetServerServiceNewUNIX(sock_path, 0700, 0, 0, - NULL, - false, 0, 1))) - return -1; - - if (virNetServerAddService(srv, svc) < 0) { - virObjectUnref(svc); - return -1; - } - return 0; -} - - struct virLockDaemonClientReleaseData { virLockDaemonClientPtr client; bool hadSomeLeases; @@ -1356,6 +1284,12 @@ int main(int argc, char **argv) { * (but still need to add @lockProgram into @srv). rv =3D=3D 0 means t= hat no * saved state is present, therefore initialize from scratch here. */ if (rv =3D=3D 0) { + VIR_AUTOPTR(virSystemdActivation) act =3D NULL; + virSystemdActivationMap actmap[] =3D { + { .name =3D "virtlockd.socket", .family =3D AF_UNIX, .path =3D= sock_file }, + { .name =3D "virtlockd-admin.socket", .family =3D AF_UNIX, .pa= th =3D admin_sock_file }, + }; + if (godaemon) { char ebuf[1024]; =20 @@ -1383,31 +1317,46 @@ int main(int argc, char **argv) { goto cleanup; } =20 + if (virSystemdGetActivation(actmap, + ARRAY_CARDINALITY(actmap), + &act) < 0) { + ret =3D VIR_LOCK_DAEMON_ERR_NETWORK; + goto cleanup; + } + lockSrv =3D virNetDaemonGetServer(lockDaemon->dmn, "virtlockd"); adminSrv =3D virNetDaemonGetServer(lockDaemon->dmn, "admin"); - if ((rv =3D virLockDaemonSetupNetworkingSystemD(lockSrv, adminSrv)= ) < 0) { + + if (virNetServerAddServiceUNIX(lockSrv, + act, "virtlockd.socket", + sock_file, 0700, 0, 0, + NULL, + false, 0, 1) < 0) { + ret =3D VIR_LOCK_DAEMON_ERR_NETWORK; + goto cleanup; + } + if (virNetServerAddServiceUNIX(adminSrv, + act, "virtlockd-admin.socket", + admin_sock_file, 0700, 0, 0, + NULL, + false, 0, 1) < 0) { ret =3D VIR_LOCK_DAEMON_ERR_NETWORK; goto cleanup; } =20 - /* Only do this, if systemd did not pass a FD */ - if (rv =3D=3D 0) { - if (virLockDaemonSetupNetworkingNative(lockSrv, sock_file) < 0= || - virLockDaemonSetupNetworkingNative(adminSrv, admin_sock_fi= le) < 0) { - ret =3D VIR_LOCK_DAEMON_ERR_NETWORK; - goto cleanup; - } + if (act && + virSystemdActivationComplete(act) < 0) { + ret =3D VIR_LOCK_DAEMON_ERR_NETWORK; + goto cleanup; } - virObjectUnref(lockSrv); - virObjectUnref(adminSrv); + } else { + lockSrv =3D virNetDaemonGetServer(lockDaemon->dmn, "virtlockd"); + /* If exec-restarting from old virtlockd, we won't have an + * admin server present */ + if (virNetDaemonHasServer(lockDaemon->dmn, "admin")) + adminSrv =3D virNetDaemonGetServer(lockDaemon->dmn, "admin"); } =20 - lockSrv =3D virNetDaemonGetServer(lockDaemon->dmn, "virtlockd"); - /* If exec-restarting from old virtlockd, we won't have an - * admin server present */ - if (virNetDaemonHasServer(lockDaemon->dmn, "admin")) - adminSrv =3D virNetDaemonGetServer(lockDaemon->dmn, "admin"); - if (timeout !=3D -1) { VIR_DEBUG("Registering shutdown timeout %d", timeout); virNetDaemonAutoShutdown(lockDaemon->dmn, --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri Apr 19 09:18:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562854099; cv=none; d=zoho.com; s=zohoarc; b=CdDwEvZ6nNFe7QUT0GgKYwY59PYhz+K5G1doLf4nxhwZX7UMXtJ3UTUqp04JT3J3nmsnfaQMSPKx9b+4SgwUHrYIT5pgKNHsdBbJAkBvQ08ag6N4BqFfOQtgFfFEEDkfRcFHx+zJMoOAgM1cMzzMEqrOeVs7e5PZbXFdzxXdVig= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562854099; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=8PhBuMhFxV2LkcnErdyh95Is3/QXXhOCLb0+alCdLwE=; b=ZnvH7fTTMNHwfwH6s20mofaOkFIPbMq2ormsNeMNgsvH4JuypI6ASAfy6+qykbmPtBT7OgDlHtaodg12Gm5+Vj/TIqFBpYGsYh1NGPxIw+fp/hICGQGtq6WeGT5c3a6aaRcLZA10WbfTp8XAuVTmpQDuIGm3Hsvj+h2z41moITI= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 15628540992081003.4092534428032; Thu, 11 Jul 2019 07:08:19 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 824E1308A951; Thu, 11 Jul 2019 14:08:17 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 577BC60148; Thu, 11 Jul 2019 14:08:17 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id F32751D575; Thu, 11 Jul 2019 14:08:16 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BE84co028948 for ; Thu, 11 Jul 2019 10:08:04 -0400 Received: by smtp.corp.redhat.com (Postfix) id 187B76015E; Thu, 11 Jul 2019 14:08:04 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8760660150; Thu, 11 Jul 2019 14:08:00 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 15:07:39 +0100 Message-Id: <20190711140742.31029-17-berrange@redhat.com> In-Reply-To: <20190711140742.31029-1-berrange@redhat.com> References: <20190711140742.31029-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 16/19] logging: convert log daemon to use systemd activation APIs X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.41]); Thu, 11 Jul 2019 14:08:18 +0000 (UTC) Using the new system activation APIs allows for simpler code setting up the network services. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Michal Privoznik --- src/logging/log_daemon.c | 125 ++++++++++++--------------------------- 1 file changed, 37 insertions(+), 88 deletions(-) diff --git a/src/logging/log_daemon.c b/src/logging/log_daemon.c index 30c70a20dd..8df04dbab1 100644 --- a/src/logging/log_daemon.c +++ b/src/logging/log_daemon.c @@ -517,78 +517,6 @@ virLogDaemonSetupSignals(virNetDaemonPtr dmn) } =20 =20 -static int -virLogDaemonSetupNetworkingSystemD(virNetServerPtr logSrv, virNetServerPtr= adminSrv) -{ - unsigned int nfds; - size_t i; - - if ((nfds =3D virGetListenFDs()) =3D=3D 0) - return 0; - if (nfds > 2) - VIR_DEBUG("Too many (%d) file descriptors from systemd", nfds); - - for (i =3D 0; i < nfds && i < 2; i++) { - virNetServerServicePtr svc; - char *path =3D virGetUNIXSocketPath(3 + i); - virNetServerPtr srv; - int fds[] =3D { 3 + i }; - - if (!path) - return -1; - - if (strstr(path, "virtlogd-admin-sock")) { - srv =3D adminSrv; - } else if (strstr(path, "virtlogd-sock")) { - srv =3D logSrv; - } else { - virReportError(VIR_ERR_INTERNAL_ERROR, - _("Unknown UNIX socket %s passed in"), - path); - VIR_FREE(path); - return -1; - } - VIR_FREE(path); - - /* Systemd passes FDs, starting immediately after stderr, - * so the first FD we'll get is '3'. */ - if (!(svc =3D virNetServerServiceNewFDs(fds, - ARRAY_CARDINALITY(fds), - false, - 0, - NULL, - false, 0, 1))) - return -1; - - if (virNetServerAddService(srv, svc) < 0) { - virObjectUnref(svc); - return -1; - } - } - return 1; -} - - -static int -virLogDaemonSetupNetworkingNative(virNetServerPtr srv, const char *sock_pa= th) -{ - virNetServerServicePtr svc; - - VIR_DEBUG("Setting up networking natively"); - - if (!(svc =3D virNetServerServiceNewUNIX(sock_path, 0700, 0, 0, - NULL, - false, 0, 1))) - return -1; - - if (virNetServerAddService(srv, svc) < 0) { - virObjectUnref(svc); - return -1; - } - return 0; -} - - static void virLogDaemonClientFree(void *opaque) { @@ -1129,6 +1057,12 @@ int main(int argc, char **argv) { * scratch if rv =3D=3D 0 */ if (rv =3D=3D 0) { + VIR_AUTOPTR(virSystemdActivation) act =3D NULL; + virSystemdActivationMap actmap[] =3D { + { .name =3D "virtlogd.socket", .family =3D AF_UNIX, .path =3D = sock_file }, + { .name =3D "virtlogd-admin.socket", .family =3D AF_UNIX, .pat= h =3D admin_sock_file }, + }; + if (godaemon) { char ebuf[1024]; =20 @@ -1156,31 +1090,46 @@ int main(int argc, char **argv) { goto cleanup; } =20 + if (virSystemdGetActivation(actmap, + ARRAY_CARDINALITY(actmap), + &act) < 0) { + ret =3D VIR_LOG_DAEMON_ERR_NETWORK; + goto cleanup; + } + logSrv =3D virNetDaemonGetServer(logDaemon->dmn, "virtlogd"); adminSrv =3D virNetDaemonGetServer(logDaemon->dmn, "admin"); - if ((rv =3D virLogDaemonSetupNetworkingSystemD(logSrv, adminSrv)) = < 0) { + + if (virNetServerAddServiceUNIX(logSrv, + act, "virtlogd.socket", + sock_file, 0700, 0, 0, + NULL, + false, 0, 1) < 0) { + ret =3D VIR_LOG_DAEMON_ERR_NETWORK; + goto cleanup; + } + if (virNetServerAddServiceUNIX(adminSrv, + act, "virtlogd-admin.socket", + admin_sock_file, 0700, 0, 0, + NULL, + false, 0, 1) < 0) { ret =3D VIR_LOG_DAEMON_ERR_NETWORK; goto cleanup; } =20 - /* Only do this, if systemd did not pass a FD */ - if (rv =3D=3D 0) { - if (virLogDaemonSetupNetworkingNative(logSrv, sock_file) < 0 || - virLogDaemonSetupNetworkingNative(adminSrv, admin_sock_fil= e) < 0) { - ret =3D VIR_LOG_DAEMON_ERR_NETWORK; - goto cleanup; - } + if (act && + virSystemdActivationComplete(act) < 0) { + ret =3D VIR_LOG_DAEMON_ERR_NETWORK; + goto cleanup; } - virObjectUnref(logSrv); - virObjectUnref(adminSrv); + } else { + logSrv =3D virNetDaemonGetServer(logDaemon->dmn, "virtlogd"); + /* If exec-restarting from old virtlogd, we won't have an + * admin server present */ + if (virNetDaemonHasServer(logDaemon->dmn, "admin")) + adminSrv =3D virNetDaemonGetServer(logDaemon->dmn, "admin"); } =20 - logSrv =3D virNetDaemonGetServer(logDaemon->dmn, "virtlogd"); - /* If exec-restarting from old virtlogd, we won't have an - * admin server present */ - if (virNetDaemonHasServer(logDaemon->dmn, "admin")) - adminSrv =3D virNetDaemonGetServer(logDaemon->dmn, "admin"); - if (timeout !=3D -1) { VIR_DEBUG("Registering shutdown timeout %d", timeout); virNetDaemonAutoShutdown(logDaemon->dmn, --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri Apr 19 09:18:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562854102; cv=none; d=zoho.com; s=zohoarc; b=j2VbDk8bWya/Z8meNr86Y275liGkVrCrvrhgFAfGB306dzu8iHjMOQ8DOkc3RL/ZX/ajfgz0dppdz2fyQUkR+gpiFUDmrnv9GDEORaZAYb1EF93GZArCYYN4WOzlDhmofCiKRgkyMhIARUx9GDTTuJqAKWk5+bKWph+bh3F1HKA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562854102; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=7VrPpicwJkc8lHjbu5ezkfXur37qHz3rNHasYDcJLQU=; b=hZA4XwmN8IJ5rhVnpLWf/afTKUEAWTrdQGzKppFs+BG1D19nOW8UOhiM+7po/PkAmPajpTc3ve8pp2463s3+bjKeuaC9i7dFB4/ivKmVql3oMDnBFUanWDcXMAngE+QLEclqYQCBJuUkHO2Gaa8x21E9iYRe98I7F+jceqgQHeY= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562854102943533.4832094718093; Thu, 11 Jul 2019 07:08:22 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 28196308338E; Thu, 11 Jul 2019 14:08:21 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 0218D5D72E; Thu, 11 Jul 2019 14:08:21 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id B43BD1833005; Thu, 11 Jul 2019 14:08:20 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BE85h5028959 for ; Thu, 11 Jul 2019 10:08:05 -0400 Received: by smtp.corp.redhat.com (Postfix) id CEF3660156; Thu, 11 Jul 2019 14:08:05 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 58ECB6014C; Thu, 11 Jul 2019 14:08:04 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 15:07:40 +0100 Message-Id: <20190711140742.31029-18-berrange@redhat.com> In-Reply-To: <20190711140742.31029-1-berrange@redhat.com> References: <20190711140742.31029-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 17/19] util: move code for getting listen FDs into systemd module X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.44]); Thu, 11 Jul 2019 14:08:21 +0000 (UTC) The virGetListenFDs method no longer needs to be called directly, so it can be a static function internal to the systemd code. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Michal Privoznik --- src/libvirt_private.syms | 1 - src/util/virsystemd.c | 74 +++++++++++++++++++++++++++++++++++++++- src/util/virutil.c | 72 -------------------------------------- src/util/virutil.h | 1 - 4 files changed, 73 insertions(+), 75 deletions(-) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 1e32dd090e..11134e2e34 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -3231,7 +3231,6 @@ virGetGroupList; virGetGroupName; virGetHostname; virGetHostnameQuiet; -virGetListenFDs; virGetSelfLastChanged; virGetSystemPageSize; virGetSystemPageSizeKB; diff --git a/src/util/virsystemd.c b/src/util/virsystemd.c index ae8401343d..f6c5adc5ef 100644 --- a/src/util/virsystemd.c +++ b/src/util/virsystemd.c @@ -756,6 +756,78 @@ virSystemdActivationInitFromMap(virSystemdActivationPt= r act, return -1; } =20 +#ifndef WIN32 + +/** + * virSystemdGetListenFDs: + * + * Parse LISTEN_PID and LISTEN_FDS passed from caller. + * + * Returns number of passed FDs. + */ +static unsigned int +virSystemdGetListenFDs(void) +{ + const char *pidstr; + const char *fdstr; + size_t i =3D 0; + unsigned long long procid; + unsigned int nfds; + + VIR_DEBUG("Setting up networking from caller"); + + if (!(pidstr =3D virGetEnvAllowSUID("LISTEN_PID"))) { + VIR_DEBUG("No LISTEN_PID from caller"); + return 0; + } + + if (virStrToLong_ull(pidstr, NULL, 10, &procid) < 0) { + VIR_DEBUG("Malformed LISTEN_PID from caller %s", pidstr); + return 0; + } + + if ((pid_t)procid !=3D getpid()) { + VIR_DEBUG("LISTEN_PID %s is not for us %lld", + pidstr, (long long) getpid()); + return 0; + } + + if (!(fdstr =3D virGetEnvAllowSUID("LISTEN_FDS"))) { + VIR_DEBUG("No LISTEN_FDS from caller"); + return 0; + } + + if (virStrToLong_ui(fdstr, NULL, 10, &nfds) < 0) { + VIR_DEBUG("Malformed LISTEN_FDS from caller %s", fdstr); + return 0; + } + + unsetenv("LISTEN_PID"); + unsetenv("LISTEN_FDS"); + + VIR_DEBUG("Got %u file descriptors", nfds); + + for (i =3D 0; i < nfds; i++) { + int fd =3D STDERR_FILENO + i + 1; + + VIR_DEBUG("Disabling inheritance of passed FD %d", fd); + + if (virSetInherit(fd, false) < 0) + VIR_WARN("Couldn't disable inheritance of passed FD %d", fd); + } + + return nfds; +} + +#else /* WIN32 */ + +static unsigned int +virSystemdGetListenFDs(void) +{ + return 0; +} + +#endif /* WIN32 */ =20 static virSystemdActivationPtr virSystemdActivationNew(virSystemdActivationMap *map, @@ -812,7 +884,7 @@ virSystemdGetActivation(virSystemdActivationMap *map, { int nfds =3D 0; =20 - if ((nfds =3D virGetListenFDs()) < 0) + if ((nfds =3D virSystemdGetListenFDs()) < 0) return -1; =20 if (nfds =3D=3D 0) { diff --git a/src/util/virutil.c b/src/util/virutil.c index b85769d936..4bd719127b 100644 --- a/src/util/virutil.c +++ b/src/util/virutil.c @@ -1784,78 +1784,6 @@ void virUpdateSelfLastChanged(const char *path) } } =20 -#ifndef WIN32 - -/** - * virGetListenFDs: - * - * Parse LISTEN_PID and LISTEN_FDS passed from caller. - * - * Returns number of passed FDs. - */ -unsigned int -virGetListenFDs(void) -{ - const char *pidstr; - const char *fdstr; - size_t i =3D 0; - unsigned long long procid; - unsigned int nfds; - - VIR_DEBUG("Setting up networking from caller"); - - if (!(pidstr =3D virGetEnvAllowSUID("LISTEN_PID"))) { - VIR_DEBUG("No LISTEN_PID from caller"); - return 0; - } - - if (virStrToLong_ull(pidstr, NULL, 10, &procid) < 0) { - VIR_DEBUG("Malformed LISTEN_PID from caller %s", pidstr); - return 0; - } - - if ((pid_t)procid !=3D getpid()) { - VIR_DEBUG("LISTEN_PID %s is not for us %lld", - pidstr, (long long) getpid()); - return 0; - } - - if (!(fdstr =3D virGetEnvAllowSUID("LISTEN_FDS"))) { - VIR_DEBUG("No LISTEN_FDS from caller"); - return 0; - } - - if (virStrToLong_ui(fdstr, NULL, 10, &nfds) < 0) { - VIR_DEBUG("Malformed LISTEN_FDS from caller %s", fdstr); - return 0; - } - - unsetenv("LISTEN_PID"); - unsetenv("LISTEN_FDS"); - - VIR_DEBUG("Got %u file descriptors", nfds); - - for (i =3D 0; i < nfds; i++) { - int fd =3D STDERR_FILENO + i + 1; - - VIR_DEBUG("Disabling inheritance of passed FD %d", fd); - - if (virSetInherit(fd, false) < 0) - VIR_WARN("Couldn't disable inheritance of passed FD %d", fd); - } - - return nfds; -} - -#else /* WIN32 */ - -unsigned int -virGetListenFDs(void) -{ - return 0; -} - -#endif /* WIN32 */ =20 #ifdef HAVE_SYS_UN_H char *virGetUNIXSocketPath(int fd) diff --git a/src/util/virutil.h b/src/util/virutil.h index 67a21c86bd..b9715e5e66 100644 --- a/src/util/virutil.h +++ b/src/util/virutil.h @@ -149,7 +149,6 @@ bool virIsSUID(void); time_t virGetSelfLastChanged(void); void virUpdateSelfLastChanged(const char *path); =20 -unsigned int virGetListenFDs(void); char *virGetUNIXSocketPath(int fd); =20 long virGetSystemPageSize(void) ATTRIBUTE_NOINLINE; --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri Apr 19 09:18:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562854106; cv=none; d=zoho.com; s=zohoarc; b=MioTyVeGUIPFvbaAcwYOGbXEX0fobIdqX2FGvY4Lr3bBy+Pa7302fPhMY9WZaQEzfDxrR01J/O/mlz396RONCLsRsKB43eI4QX4lyaJt8baOm6MkJCXs8Z6y1hrM4Lo+FHaNFdBQ97j+VGwYIbIUzM25kbi5RWkDqLlxUN9w8dU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562854106; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=WL4TjkptEXMGnpSU9d2KmqgKJZ8iHJtJh0AKUJDVVcc=; b=bvDaeMlRkeWRzFoNW6VRGmYtCfK5BPFTsX2TsbKVNevs9JrKs53k5WOxAE7rXasPHPhCVgqn0CNGMPj4cGiF1ot+RaTUJtUWWM1mN9zhUeQj92Ljyh4uUgLDz6H6iz8rvzioo7Mdk/6VhMQzRuQBTjTgzWtGxOcn82ViUJ1ZO4o= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562854106245627.5097908413969; Thu, 11 Jul 2019 07:08:26 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id B65494ACDF; Thu, 11 Jul 2019 14:08:24 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8C0076092E; Thu, 11 Jul 2019 14:08:24 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 497531833016; Thu, 11 Jul 2019 14:08:24 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BE865o028966 for ; Thu, 11 Jul 2019 10:08:06 -0400 Received: by smtp.corp.redhat.com (Postfix) id E937B60150; Thu, 11 Jul 2019 14:08:06 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1B7716014C; Thu, 11 Jul 2019 14:08:05 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 15:07:41 +0100 Message-Id: <20190711140742.31029-19-berrange@redhat.com> In-Reply-To: <20190711140742.31029-1-berrange@redhat.com> References: <20190711140742.31029-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 18/19] util: remove unused helper for getting UNIX socket path X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Thu, 11 Jul 2019 14:08:25 +0000 (UTC) The new systemd activation APIs mean there is no longer a need to get the UNIX socket path associated with a plain FD. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Michal Privoznik --- src/libvirt_private.syms | 1 - src/util/virutil.c | 44 ---------------------------------------- src/util/virutil.h | 2 -- 3 files changed, 47 deletions(-) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 11134e2e34..7dfa5af3b3 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -3234,7 +3234,6 @@ virGetHostnameQuiet; virGetSelfLastChanged; virGetSystemPageSize; virGetSystemPageSizeKB; -virGetUNIXSocketPath; virGetUnprivSGIOSysfsPath; virGetUserCacheDirectory; virGetUserConfigDirectory; diff --git a/src/util/virutil.c b/src/util/virutil.c index 4bd719127b..019009be8c 100644 --- a/src/util/virutil.c +++ b/src/util/virutil.c @@ -1785,50 +1785,6 @@ void virUpdateSelfLastChanged(const char *path) } =20 =20 -#ifdef HAVE_SYS_UN_H -char *virGetUNIXSocketPath(int fd) -{ - union { - struct sockaddr sa; - struct sockaddr_storage ss; - struct sockaddr_un un; - } addr =3D { .ss =3D { 0 } }; - socklen_t len =3D sizeof(addr.ss); - char *path; - - if (getsockname(fd, &addr.sa, &len) < 0) { - virReportSystemError(errno, _("Unable to get address of FD %d"), f= d); - return NULL; - } - - if (addr.ss.ss_family !=3D AF_UNIX) { - virReportSystemError(EINVAL, _("FD %d is not a UNIX socket, has af= =3D%d"), - fd, addr.ss.ss_family); - return NULL; - } - - if (addr.un.sun_path[0] =3D=3D '\0') - addr.un.sun_path[0] =3D '@'; - - if (VIR_ALLOC_N(path, sizeof(addr.un.sun_path) + 1) < 0) - return NULL; - - memcpy(path, addr.un.sun_path, sizeof(addr.un.sun_path)); - path[sizeof(addr.un.sun_path)] =3D '\0'; - return path; -} - -#else /* HAVE_SYS_UN_H */ - -char *virGetUNIXSocketPath(int fd ATTRIBUTE_UNUSED) -{ - virReportSystemError(ENOSYS, "%s", - _("UNIX sockets not supported on this platform")); - return NULL; -} - -#endif /* HAVE_SYS_UN_H */ - #ifndef WIN32 long virGetSystemPageSize(void) { diff --git a/src/util/virutil.h b/src/util/virutil.h index b9715e5e66..7ea702f27a 100644 --- a/src/util/virutil.h +++ b/src/util/virutil.h @@ -149,8 +149,6 @@ bool virIsSUID(void); time_t virGetSelfLastChanged(void); void virUpdateSelfLastChanged(const char *path); =20 -char *virGetUNIXSocketPath(int fd); - long virGetSystemPageSize(void) ATTRIBUTE_NOINLINE; long virGetSystemPageSizeKB(void) ATTRIBUTE_NOINLINE; =20 --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri Apr 19 09:18:18 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562854109; cv=none; d=zoho.com; s=zohoarc; b=D1BEoenScqbyCbl3N8ess3+jIGU07BRVRTiT2BsrHnaiSqsmOr0yIUGBdUhajbBjUSqPwnN844wAAoqrSJbKYh75MywVGhyyibtsBAc7FosOxiayw3Qo9CSPyl6BimnPBg/SNcJ3gwtboG+BAq1iVxxpzoM7nN9zcyfXNsy5I5c= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562854109; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=3suJsbkROCPK42YoFBeGMwMzPTiBQkv4/aapwioismM=; b=dQG2dEtZUdC0dHkNudRTIiSwT300FAXgtgP0xdjTfB9nDx+255gna4duVgtdn4r8CIYfvu8kEzYlOo3paw26sjXm/VYTDjivZTicfn6yVXeh1IxEBTtd4MOOSy8rNxTQLg9C2WmzE0kjD3701EBT7zwIGfAx8yVjF8kGE4CejB0= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562854109911703.8721217461651; Thu, 11 Jul 2019 07:08:29 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 5798C30C1AEA; Thu, 11 Jul 2019 14:08:28 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 293AE60619; Thu, 11 Jul 2019 14:08:28 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id DBB961833019; Thu, 11 Jul 2019 14:08:27 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BE87Lj028980 for ; Thu, 11 Jul 2019 10:08:07 -0400 Received: by smtp.corp.redhat.com (Postfix) id BDE0260159; Thu, 11 Jul 2019 14:08:07 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 36A206014C; Thu, 11 Jul 2019 14:08:07 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 15:07:42 +0100 Message-Id: <20190711140742.31029-20-berrange@redhat.com> In-Reply-To: <20190711140742.31029-1-berrange@redhat.com> References: <20190711140742.31029-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 19/19] rpc: remove unused typedef for auto shutdown function callback X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.40]); Thu, 11 Jul 2019 14:08:28 +0000 (UTC) The use of the virNetServerAutoShutdownFunc typedef was removed in commit 79b8a56995e6d9ce47e0b44512f7be440df9ff7d Author: Daniel P. Berrange Date: Wed Oct 31 19:03:55 2012 +0000 Replace polling for active VMs with signalling by drivers This unused typedef was then copied into the virNetDaemon object when that was split off from virNetServer, resulting in a typedef virNetDaemonAutoShutdownFunc that has never been needed. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Michal Privoznik --- src/rpc/virnetdaemon.h | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/rpc/virnetdaemon.h b/src/rpc/virnetdaemon.h index b7511ffd27..5a9842bee6 100644 --- a/src/rpc/virnetdaemon.h +++ b/src/rpc/virnetdaemon.h @@ -47,8 +47,6 @@ virNetDaemonPtr virNetDaemonNewPostExecRestart(virJSONVal= uePtr object, =20 virJSONValuePtr virNetDaemonPreExecRestart(virNetDaemonPtr dmn); =20 -typedef int (*virNetDaemonAutoShutdownFunc)(virNetDaemonPtr dmn, void *opa= que); - bool virNetDaemonIsPrivileged(virNetDaemonPtr dmn); =20 void virNetDaemonAutoShutdown(virNetDaemonPtr dmn, --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list