From nobody Sat Apr 27 00:54:19 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562861132; cv=none; d=zoho.com; s=zohoarc; b=Nw++QdKQHBx5z2XAfqxPSVV9dzud/aCS1hrWZnOtNfz2hdf/RZEfM4HSc3Kj2eVzYwLYQ0mk0hRXq8bfwabl2cEoA+mymO5caAnc6OO0SJ0IkpBKSJsOr41Gn0iTy4aVDweHdfdsF7fBhU8Z6n2uN40YM9e36En5aNz4xePz/gk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562861132; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=E3JWfo8Ddr79P5Loy6x5TW0MSN62pcTHezkElkwNL+U=; b=g9bZwmH0jRCWZeTTGnYhvz1jMgU0EQoKnuyVN9ucH28YLAZj82vclo9vTW0bg2voWRLT1C2kaJE98zUwgKpzDJgzUQ0vdsSB30+DzJT02v/tGGM6c1vIKXCzkMnRIVUHjgH/YP4YcZoC4hO2HGCn9t5QWW/8LoN7m0ya0Z8iFWI= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562861132735804.6397507126205; Thu, 11 Jul 2019 09:05:32 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id F2B5481E0E; Thu, 11 Jul 2019 16:05:30 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C79F35D720; Thu, 11 Jul 2019 16:05:30 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 78698206D5; Thu, 11 Jul 2019 16:05:30 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BG5LM8020305 for ; Thu, 11 Jul 2019 12:05:21 -0400 Received: by smtp.corp.redhat.com (Postfix) id 3062E4FA33; Thu, 11 Jul 2019 16:05:21 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9D7AF5D9CC; Thu, 11 Jul 2019 16:05:20 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 17:04:48 +0100 Message-Id: <20190711160516.2130-2-berrange@redhat.com> In-Reply-To: <20190711160516.2130-1-berrange@redhat.com> References: <20190711160516.2130-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 01/29] rpc: add API for checking whether an auth scheme is in use on a server X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Thu, 11 Jul 2019 16:05:31 +0000 (UTC) Signed-off-by: Daniel P. Berrang=C3=A9 --- src/libvirt_remote.syms | 1 + src/rpc/virnetserver.c | 17 +++++++++++++++++ src/rpc/virnetserver.h | 3 +++ 3 files changed, 21 insertions(+) diff --git a/src/libvirt_remote.syms b/src/libvirt_remote.syms index 99fe3dd07c..17d656fb3f 100644 --- a/src/libvirt_remote.syms +++ b/src/libvirt_remote.syms @@ -124,6 +124,7 @@ virNetServerGetMaxUnauthClients; virNetServerGetName; virNetServerGetThreadPoolParameters; virNetServerHasClients; +virNetServerNeedsAuth; virNetServerNew; virNetServerNewPostExecRestart; virNetServerNextClientID; diff --git a/src/rpc/virnetserver.c b/src/rpc/virnetserver.c index 0f3fa63fbb..19f49ba4c3 100644 --- a/src/rpc/virnetserver.c +++ b/src/rpc/virnetserver.c @@ -953,6 +953,23 @@ virNetServerGetCurrentUnauthClients(virNetServerPtr sr= v) return ret; } =20 + +bool virNetServerNeedsAuth(virNetServerPtr srv, + int auth) +{ + bool ret =3D false; + size_t i; + + virObjectLock(srv); + for (i =3D 0; i < srv->nservices; i++) { + if (virNetServerServiceGetAuth(srv->services[i]) =3D=3D auth) + ret =3D true; + } + virObjectUnlock(srv); + + return ret; +} + int virNetServerGetClients(virNetServerPtr srv, virNetServerClientPtr **clts) diff --git a/src/rpc/virnetserver.h b/src/rpc/virnetserver.h index 6b2541588c..4d4afd51b4 100644 --- a/src/rpc/virnetserver.h +++ b/src/rpc/virnetserver.h @@ -96,6 +96,9 @@ unsigned long long virNetServerNextClientID(virNetServerP= tr srv); virNetServerClientPtr virNetServerGetClient(virNetServerPtr srv, unsigned long long id); =20 +bool virNetServerNeedsAuth(virNetServerPtr srv, + int auth); + int virNetServerGetClients(virNetServerPtr srv, virNetServerClientPtr **clients); =20 --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sat Apr 27 00:54:19 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562861136; cv=none; d=zoho.com; s=zohoarc; b=fpMQYtpDdHA3mvilhbXbMH+5oyWZf4yfL/4OFLD/A8CvwkW53EWNLJWrEiry9unBaS1W+QEWi5eWUuCGf1cIZTqy2XOsD1o/rt7m/tM0PZvG00i4ZU9fmGZLElDpZiDKo1F/WKbWK9XKVtst4dEufmErAVTrNcanYTqt1kY5xMs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562861136; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=NP6PBuuxBG0qhvj9bKDJmg9Oy0opfZ3rLiXw9ga+EyY=; b=Xs6QbMjBA5heN95lv86Bp8/oHMJCCPYWny0fi5Nb/fQ/5IaXEdstBjnSM57pr51ips7wTfg+Qh9GT5GL5j5tuyZ0983QYSbXeyvhgHwz+xLdZISqsBSecXsT5NI7QjmR1ZOOLFvTqRxiHmyFLpkHtM1JV/2Rg+iiZIc/uTg7Zfg= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562861136912107.56694549951476; Thu, 11 Jul 2019 09:05:36 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 318FF75724; Thu, 11 Jul 2019 16:05:35 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D37D31A7D1; Thu, 11 Jul 2019 16:05:34 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 7F1EE1833005; Thu, 11 Jul 2019 16:05:34 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BG5Mo2020317 for ; Thu, 11 Jul 2019 12:05:22 -0400 Received: by smtp.corp.redhat.com (Postfix) id 00A725D973; Thu, 11 Jul 2019 16:05:22 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 706675D9DC; Thu, 11 Jul 2019 16:05:21 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 17:04:49 +0100 Message-Id: <20190711160516.2130-3-berrange@redhat.com> In-Reply-To: <20190711160516.2130-1-berrange@redhat.com> References: <20190711160516.2130-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 02/29] remote: simplify libvirtd code for deciding if SASL auth is needed X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Thu, 11 Jul 2019 16:05:35 +0000 (UTC) Signed-off-by: Daniel P. Berrang=C3=A9 --- src/remote/remote_daemon.c | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c index fdc9e4333a..0dabd3dff8 100644 --- a/src/remote/remote_daemon.c +++ b/src/remote/remote_daemon.c @@ -534,15 +534,10 @@ daemonSetupNetworking(virNetServerPtr srv, } =20 #if WITH_SASL - if (config->auth_unix_rw =3D=3D REMOTE_AUTH_SASL || - (sock_path_ro && config->auth_unix_ro =3D=3D REMOTE_AUTH_SASL) || - (ipsock && config->listen_tls && config->auth_tls =3D=3D REMOTE_AU= TH_SASL) || - (ipsock && config->listen_tcp && config->auth_tcp =3D=3D REMOTE_AU= TH_SASL)) { - saslCtxt =3D virNetSASLContextNewServer( - (const char *const*)config->sasl_allowed_username_list); - if (!saslCtxt) + if (virNetServerNeedsAuth(srv, REMOTE_AUTH_SASL) && + !(saslCtxt =3D virNetSASLContextNewServer( + (const char *const*)config->sasl_allowed_username_list))) goto cleanup; - } #endif =20 ret =3D 0; --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sat Apr 27 00:54:19 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562861126; cv=none; d=zoho.com; s=zohoarc; b=by9ik/dt+fjTO3zL71IF9GdSuroOQ2kqhHe1DisEZSnrpz+BmcsAC9sClqseyBJbMYyNRr49YlPViSQ8UYDziSdIq+U6x30FL0pgfNGj8kIwMIZ20N0m/strghHxGXV5Mze87zaXAwLUGfQsed8CLDcHO5Vx0XohYHLNTiQ4hEk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562861126; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=c2jtWDgh9dgeRrSNqWeRVztnbMj4yLubc/ionnksP4g=; b=IN+ubHi3NOU9H7uizVHe40PZwEJeWVBykoPLYEzFABYxoMnlBbkAjE5QDB/IZei1n+ScQ0twjUBHz2as+bnf9ihzYKaQtvUS2Fmp+LA11AQE4hpIJMNe+/RXxohlSRon70ysVpua96lIPLzvIF3ZLqi3B3r9ppZNhFtToS8Xuyg= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562861126363880.9030461673412; Thu, 11 Jul 2019 09:05:26 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id B1DEDC09AD15; Thu, 11 Jul 2019 16:05:24 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8208A1001B14; Thu, 11 Jul 2019 16:05:24 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 250CE206D3; Thu, 11 Jul 2019 16:05:24 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BG5M6N020324 for ; Thu, 11 Jul 2019 12:05:22 -0400 Received: by smtp.corp.redhat.com (Postfix) id C59A15D973; Thu, 11 Jul 2019 16:05:22 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 40F5F5DC19; Thu, 11 Jul 2019 16:05:22 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 17:04:50 +0100 Message-Id: <20190711160516.2130-4-berrange@redhat.com> In-Reply-To: <20190711160516.2130-1-berrange@redhat.com> References: <20190711160516.2130-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 03/29] logging: pass binary name not logfile name when enabling logging X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Thu, 11 Jul 2019 16:05:25 +0000 (UTC) Instead of having each caller pass in the desired logfile name, pass in the binary name instead. The logging code can then just derive a logfile name by appending ".log". Signed-off-by: Daniel P. Berrang=C3=A9 --- src/locking/lock_daemon.c | 2 +- src/logging/log_daemon.c | 2 +- src/remote/remote_daemon.c | 2 +- src/util/virlog.c | 20 ++++++++++---------- 4 files changed, 13 insertions(+), 13 deletions(-) diff --git a/src/locking/lock_daemon.c b/src/locking/lock_daemon.c index bc2fb4a7fb..7cdcd61722 100644 --- a/src/locking/lock_daemon.c +++ b/src/locking/lock_daemon.c @@ -532,7 +532,7 @@ virLockDaemonSetupLogging(virLockDaemonConfigPtr config, /* Define the default output. This is only applied if there was no set= ting * from either the config or the environment. */ - if (virLogSetDefaultOutput("virtlockd.log", godaemon, privileged) < 0) + if (virLogSetDefaultOutput("virtlockd", godaemon, privileged) < 0) return -1; =20 if (virLogGetNbOutputs() =3D=3D 0) diff --git a/src/logging/log_daemon.c b/src/logging/log_daemon.c index 014596b280..c8de7aa687 100644 --- a/src/logging/log_daemon.c +++ b/src/logging/log_daemon.c @@ -467,7 +467,7 @@ virLogDaemonSetupLogging(virLogDaemonConfigPtr config, /* Define the default output. This is only applied if there was no set= ting * from either the config or the environment. */ - if (virLogSetDefaultOutput("virtlogd.log", godaemon, privileged) < 0) + if (virLogSetDefaultOutput("virtlogd", godaemon, privileged) < 0) return -1; =20 if (virLogGetNbOutputs() =3D=3D 0) diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c index 0dabd3dff8..574c50075f 100644 --- a/src/remote/remote_daemon.c +++ b/src/remote/remote_daemon.c @@ -605,7 +605,7 @@ daemonSetupLogging(struct daemonConfig *config, /* Define the default output. This is only applied if there was no set= ting * from either the config or the environment. */ - if (virLogSetDefaultOutput("libvirtd.log", godaemon, privileged) < 0) + if (virLogSetDefaultOutput("libvirtd", godaemon, privileged) < 0) return -1; =20 if (virLogGetNbOutputs() =3D=3D 0) diff --git a/src/util/virlog.c b/src/util/virlog.c index 248ce19902..da433878df 100644 --- a/src/util/virlog.c +++ b/src/util/virlog.c @@ -175,7 +175,7 @@ virLogSetDefaultOutputToJournald(void) =20 =20 static int -virLogSetDefaultOutputToFile(const char *filename, bool privileged) +virLogSetDefaultOutputToFile(const char *binary, bool privileged) { int ret =3D -1; char *logdir =3D NULL; @@ -183,8 +183,8 @@ virLogSetDefaultOutputToFile(const char *filename, bool= privileged) =20 if (privileged) { if (virAsprintf(&virLogDefaultOutput, - "%d:file:%s/log/libvirt/%s", virLogDefaultPriority, - LOCALSTATEDIR, filename) < 0) + "%d:file:%s/log/libvirt/%s.log", virLogDefaultPrio= rity, + LOCALSTATEDIR, binary) < 0) goto cleanup; } else { if (!(logdir =3D virGetUserCacheDirectory())) @@ -197,8 +197,8 @@ virLogSetDefaultOutputToFile(const char *filename, bool= privileged) } umask(old_umask); =20 - if (virAsprintf(&virLogDefaultOutput, "%d:file:%s/%s", - virLogDefaultPriority, logdir, filename) < 0) + if (virAsprintf(&virLogDefaultOutput, "%d:file:%s/%s.log", + virLogDefaultPriority, logdir, binary) < 0) goto cleanup; } =20 @@ -211,19 +211,19 @@ virLogSetDefaultOutputToFile(const char *filename, bo= ol privileged) =20 /* * virLogSetDefaultOutput: - * @filename: the file that the output should be redirected to (only needed - * when @godaemon equals true + * @binary: the binary for which logging is performed. The log file name + * will be derived from the binary name, with ".log" appended. * @godaemon: whether we're running daemonized * @privileged: whether we're running with root privileges or not (session) * * Decides on what the default output (journald, file, stderr) should be - * according to @filename, @godaemon, @privileged. This function should be= run + * according to @binary, @godaemon, @privileged. This function should be r= un * exactly once at daemon startup, so no locks are used. * * Returns 0 on success, -1 in case of a failure. */ int -virLogSetDefaultOutput(const char *filename, bool godaemon, bool privilege= d) +virLogSetDefaultOutput(const char *binary, bool godaemon, bool privileged) { bool have_journald =3D access("/run/systemd/journal/socket", W_OK) >= =3D 0; =20 @@ -237,7 +237,7 @@ virLogSetDefaultOutput(const char *filename, bool godae= mon, bool privileged) return virLogSetDefaultOutputToStderr(); } =20 - return virLogSetDefaultOutputToFile(filename, privileged); + return virLogSetDefaultOutputToFile(binary, privileged); } =20 =20 --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sat Apr 27 00:54:19 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562861140; cv=none; d=zoho.com; s=zohoarc; b=Tb3t2bOdaTRjx+fHzMrCzWH19x1u/4j2nvWd45fpNV5UFT7H8AKgBj3LvDdCNZrssQJYLD9fTrWnOP2u9HVx292QRRp1P1tmD3kB+20D+TmnoCr0w2Jmtbn/rdXk7VoqaFETC01aeh1nnOiiTGc88NrIMk7B2dVxN3rPPh2E+8U= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562861140; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=MpRp57agdqPcDBgLdQuNMSPlVGGiibqexDHY1UDBcMk=; b=VrVfPhm6Zkst6x3fU0DAdI1KmSc7Ln7EdstFQ3I5GF4czROpreLQdH7iwUSswCYUk90dkhlrRu6Pv4BjQF/tdb5OPOTGJssSMkX6mSgs+c+gY/hn8T0Cj/2901pJusUQM2sOxWQxM8EmRPFDIc6N+qeK8z8O2y7xlF7L6+Pm8QE= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562861140268700.3066691314609; Thu, 11 Jul 2019 09:05:40 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id B404E9D0F7; Thu, 11 Jul 2019 16:05:38 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8CE1219C7F; Thu, 11 Jul 2019 16:05:38 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 4CDBC206D1; Thu, 11 Jul 2019 16:05:38 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BG5NRY020329 for ; Thu, 11 Jul 2019 12:05:23 -0400 Received: by smtp.corp.redhat.com (Postfix) id 965EB5D9DC; Thu, 11 Jul 2019 16:05:23 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 11E4F5D9CC; Thu, 11 Jul 2019 16:05:22 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 17:04:51 +0100 Message-Id: <20190711160516.2130-5-berrange@redhat.com> In-Reply-To: <20190711160516.2130-1-berrange@redhat.com> References: <20190711160516.2130-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 04/29] remote: conditionalize socket names in libvirtd daemon X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Thu, 11 Jul 2019 16:05:39 +0000 (UTC) Prepare for reusing libvirtd source to create other daemons by making the socket names conditionally defined by the make rules. Signed-off-by: Daniel P. Berrang=C3=A9 --- src/remote/Makefile.inc.am | 3 +++ src/remote/remote_daemon.c | 27 ++++++++++++++------------- 2 files changed, 17 insertions(+), 13 deletions(-) diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index 851ab903fd..b41f14222a 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -143,6 +143,9 @@ libvirtd_CFLAGS =3D \ -I$(srcdir)/access \ -I$(srcdir)/conf \ -I$(srcdir)/rpc \ + -DSOCK_NAME=3D"\"libvirt-sock\"" \ + -DSOCK_NAME_RO=3D"\"libvirt-sock-ro\"" \ + -DSOCK_NAME_ADMIN=3D"\"libvirt-admin-sock\"" \ $(NULL) =20 libvirtd_LDFLAGS =3D \ diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c index 574c50075f..8ab3c21ef8 100644 --- a/src/remote/remote_daemon.c +++ b/src/remote/remote_daemon.c @@ -220,19 +220,19 @@ daemonUnixSocketPaths(struct daemonConfig *config, char *rundir =3D NULL; =20 if (config->unix_sock_dir) { - if (virAsprintf(sockfile, "%s/libvirt-sock", config->unix_sock_dir= ) < 0) + if (virAsprintf(sockfile, "%s/" SOCK_NAME, config->unix_sock_dir) = < 0) goto cleanup; =20 if (privileged) { - if (virAsprintf(rosockfile, "%s/libvirt-sock-ro", config->unix= _sock_dir) < 0 || - virAsprintf(admsockfile, "%s/libvirt-admin-sock", config->= unix_sock_dir) < 0) + if (virAsprintf(rosockfile, "%s/" SOCK_NAME_RO, config->unix_s= ock_dir) < 0 || + virAsprintf(admsockfile, "%s/" SOCK_NAME_ADMIN, config->un= ix_sock_dir) < 0) goto cleanup; } } else { if (privileged) { - if (VIR_STRDUP(*sockfile, LOCALSTATEDIR "/run/libvirt/libvirt-= sock") < 0 || - VIR_STRDUP(*rosockfile, LOCALSTATEDIR "/run/libvirt/libvir= t-sock-ro") < 0 || - VIR_STRDUP(*admsockfile, LOCALSTATEDIR "/run/libvirt/libvi= rt-admin-sock") < 0) + if (VIR_STRDUP(*sockfile, LOCALSTATEDIR "/run/libvirt/" SOCK_N= AME) < 0 || + VIR_STRDUP(*rosockfile, LOCALSTATEDIR "/run/libvirt/" SOCK= _NAME_RO) < 0 || + VIR_STRDUP(*admsockfile, LOCALSTATEDIR "/run/libvirt/" SOC= K_NAME_ADMIN) < 0) goto cleanup; } else { mode_t old_umask; @@ -247,8 +247,8 @@ daemonUnixSocketPaths(struct daemonConfig *config, } umask(old_umask); =20 - if (virAsprintf(sockfile, "%s/libvirt-sock", rundir) < 0 || - virAsprintf(admsockfile, "%s/libvirt-admin-sock", rundir) = < 0) + if (virAsprintf(sockfile, "%s/" SOCK_NAME, rundir) < 0 || + virAsprintf(admsockfile, "%s/" SOCK_NAME_ADMIN, rundir) < = 0) goto cleanup; } } @@ -910,14 +910,14 @@ daemonUsage(const char *argv0, bool privileged) " %s/run/libvirtd.pid\n" "\n"), LIBVIRTD_CONFIGURATION_FILE, - LIBVIRTD_PRIV_UNIX_SOCKET, - LIBVIRTD_PRIV_UNIX_SOCKET_RO, + LOCALSTATEDIR "/run/libvirt/" SOCK_NAME, + LOCALSTATEDIR "/run/libvirt/" SOCK_NAME_RO, LIBVIRT_CACERT, LIBVIRT_SERVERCERT, LIBVIRT_SERVERKEY, LOCALSTATEDIR); } else { - fprintf(stderr, "%s", + fprintf(stderr, _("\n" " Default paths:\n" "\n" @@ -925,7 +925,7 @@ daemonUsage(const char *argv0, bool privileged) " $XDG_CONFIG_HOME/libvirt/libvirtd.conf\n" "\n" " Sockets:\n" - " $XDG_RUNTIME_DIR/libvirt/libvirt-sock\n" + " $XDG_RUNTIME_DIR/libvirt/%s\n" "\n" " TLS:\n" " CA certificate: $HOME/.pki/libvirt/cacert.pem= \n" @@ -934,7 +934,8 @@ daemonUsage(const char *argv0, bool privileged) "\n" " PID file:\n" " $XDG_RUNTIME_DIR/libvirt/libvirtd.pid\n" - "\n")); + "\n"), + SOCK_NAME); } } =20 --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sat Apr 27 00:54:19 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562861132; cv=none; d=zoho.com; s=zohoarc; b=KoYYJgMsU+AMjU4VZpHr70Ygfm9Pl1V+C32wXky7u5tCPUMGnYuLA9VzZ46wbK7RikTGhQ+e/2thKvC5fjE1H8TtdvSTumdSd/w0WqVHwZdnnOIhLRqySUuyDGRXKl+DNDf3NARzmxpnLGg+b3Na8huS0mrgbuEi9HWxNIFKqwk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562861132; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=YRXG9XV8iG9+g0j3v50cd8UboW7UjdfFqnXFxmU77f0=; b=cPq17qCLwqJ4bjrwE1bEXns/8MQ47Jjar+h3wa+KjjkBiJK36uD4geVcZ1QpkUTEsoT43iuesgetnkkOVeolO3CN8HfbzQypuEzOTfPhfPrBmcArVWVh5LUmR629SMonNFb746zDq9ShzT1feYvuCWlxG5dmq3z5NwWcwHp762s= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 156286113258535.03329402975612; Thu, 11 Jul 2019 09:05:32 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id E4FD3C055678; Thu, 11 Jul 2019 16:05:30 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id BEBAA60148; Thu, 11 Jul 2019 16:05:30 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 76BD11833006; Thu, 11 Jul 2019 16:05:30 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BG5OhW020337 for ; Thu, 11 Jul 2019 12:05:24 -0400 Received: by smtp.corp.redhat.com (Postfix) id 67D9E4FA33; Thu, 11 Jul 2019 16:05:24 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id D68DD5D9CC; Thu, 11 Jul 2019 16:05:23 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 17:04:52 +0100 Message-Id: <20190711160516.2130-6-berrange@redhat.com> In-Reply-To: <20190711160516.2130-1-berrange@redhat.com> References: <20190711160516.2130-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 05/29] remote: conditionalize daemon name in libvirtd daemon X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Thu, 11 Jul 2019 16:05:31 +0000 (UTC) Prepare for reusing libvirtd source to create other daemons by making the daemon name conditionally defined by the make rules. Signed-off-by: Daniel P. Berrang=C3=A9 --- src/remote/Makefile.inc.am | 1 + src/remote/remote_daemon.c | 34 +++++++++++++++++-------------- src/remote/remote_daemon_config.c | 5 +++-- src/remote/remote_driver.h | 1 - 4 files changed, 23 insertions(+), 18 deletions(-) diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index b41f14222a..ba385aac4d 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -146,6 +146,7 @@ libvirtd_CFLAGS =3D \ -DSOCK_NAME=3D"\"libvirt-sock\"" \ -DSOCK_NAME_RO=3D"\"libvirt-sock-ro\"" \ -DSOCK_NAME_ADMIN=3D"\"libvirt-admin-sock\"" \ + -DDAEMON_NAME=3D"\"libvirtd\"" \ $(NULL) =20 libvirtd_LDFLAGS =3D \ diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c index 8ab3c21ef8..1a301a1e14 100644 --- a/src/remote/remote_daemon.c +++ b/src/remote/remote_daemon.c @@ -63,7 +63,7 @@ =20 #include "virdbus.h" =20 -VIR_LOG_INIT("daemon.libvirtd"); +VIR_LOG_INIT("daemon." DAEMON_NAME); =20 #if WITH_SASL virNetSASLContextPtr saslCtxt =3D NULL; @@ -564,7 +564,7 @@ daemonSetupNetDevOpenvswitch(struct daemonConfig *confi= g) =20 /* * Set up the logging environment - * By default if daemonized all errors go to the logfile libvirtd.log, + * By default if daemonized all errors go to journald/a logfile * but if verbose or error debugging is asked for then also output * informational and debug messages. Default size if 64 kB. */ @@ -577,7 +577,7 @@ daemonSetupLogging(struct daemonConfig *config, virLogReset(); =20 /* - * Libvirtd's order of precedence is: + * Logging setup order of precedence is: * cmdline > environment > config * * Given the precedence, we must process the variables in the opposite @@ -605,7 +605,7 @@ daemonSetupLogging(struct daemonConfig *config, /* Define the default output. This is only applied if there was no set= ting * from either the config or the environment. */ - if (virLogSetDefaultOutput("libvirtd", godaemon, privileged) < 0) + if (virLogSetDefaultOutput(DAEMON_NAME, godaemon, privileged) < 0) return -1; =20 if (virLogGetNbOutputs() =3D=3D 0) @@ -717,7 +717,7 @@ static void daemonStopWorker(void *opaque) =20 VIR_DEBUG("Completed stop dmn=3D%p", dmn); =20 - /* Exit libvirtd cleanly */ + /* Exit daemon cleanly */ virNetDaemonQuit(dmn); } =20 @@ -796,7 +796,7 @@ static void daemonRunStateInit(void *opaque) driversInitialized =3D true; =20 #ifdef WITH_DBUS - /* Tie the non-privileged libvirtd to the session/shutdown lifecycle */ + /* Tie the non-privileged daemons to the session/shutdown lifecycle */ if (!virNetDaemonIsPrivileged(dmn)) { =20 sessionBus =3D virDBusGetSessionBus(); @@ -895,7 +895,7 @@ daemonUsage(const char *argv0, bool privileged) " Default paths:\n" "\n" " Configuration file (unless overridden by -f):\n" - " %s\n" + " %s/libvirt/%s.conf\n" "\n" " Sockets:\n" " %s\n" @@ -907,22 +907,24 @@ daemonUsage(const char *argv0, bool privileged) " Server private key: %s\n" "\n" " PID file (unless overridden by -p):\n" - " %s/run/libvirtd.pid\n" + " %s/run/%s.pid\n" "\n"), - LIBVIRTD_CONFIGURATION_FILE, + SYSCONFDIR, + DAEMON_NAME, LOCALSTATEDIR "/run/libvirt/" SOCK_NAME, LOCALSTATEDIR "/run/libvirt/" SOCK_NAME_RO, LIBVIRT_CACERT, LIBVIRT_SERVERCERT, LIBVIRT_SERVERKEY, - LOCALSTATEDIR); + LOCALSTATEDIR, + DAEMON_NAME); } else { fprintf(stderr, _("\n" " Default paths:\n" "\n" " Configuration file (unless overridden by -f):\n" - " $XDG_CONFIG_HOME/libvirt/libvirtd.conf\n" + " $XDG_CONFIG_HOME/libvirt/%s.conf\n" "\n" " Sockets:\n" " $XDG_RUNTIME_DIR/libvirt/%s\n" @@ -933,9 +935,11 @@ daemonUsage(const char *argv0, bool privileged) " Server private key: $HOME/.pki/libvirt/serverkey.= pem\n" "\n" " PID file:\n" - " $XDG_RUNTIME_DIR/libvirt/libvirtd.pid\n" + " $XDG_RUNTIME_DIR/libvirt/%s.pid\n" "\n"), - SOCK_NAME); + DAEMON_NAME, + SOCK_NAME, + DAEMON_NAME); } } =20 @@ -1099,7 +1103,7 @@ int main(int argc, char **argv) { if (!pid_file && virPidFileConstructPath(privileged, LOCALSTATEDIR, - "libvirtd", + DAEMON_NAME, &pid_file) < 0) { VIR_ERROR(_("Can't determine pid file path.")); exit(EXIT_FAILURE); @@ -1179,7 +1183,7 @@ int main(int argc, char **argv) { goto cleanup; } =20 - if (!(srv =3D virNetServerNew("libvirtd", 1, + if (!(srv =3D virNetServerNew(DAEMON_NAME, 1, config->min_workers, config->max_workers, config->prio_workers, diff --git a/src/remote/remote_daemon_config.c b/src/remote/remote_daemon_c= onfig.c index 537b90a855..3e62b4203f 100644 --- a/src/remote/remote_daemon_config.c +++ b/src/remote/remote_daemon_config.c @@ -77,7 +77,8 @@ int daemonConfigFilePath(bool privileged, char **configfile) { if (privileged) { - if (VIR_STRDUP(*configfile, SYSCONFDIR "/libvirt/libvirtd.conf") <= 0) + if (VIR_STRDUP(*configfile, + SYSCONFDIR "/libvirt/" DAEMON_NAME ".conf") < 0) goto error; } else { char *configdir =3D NULL; @@ -85,7 +86,7 @@ daemonConfigFilePath(bool privileged, char **configfile) if (!(configdir =3D virGetUserConfigDirectory())) goto error; =20 - if (virAsprintf(configfile, "%s/libvirtd.conf", configdir) < 0) { + if (virAsprintf(configfile, "%s/%s.conf", configdir, DAEMON_NAME) = < 0) { VIR_FREE(configdir); goto error; } diff --git a/src/remote/remote_driver.h b/src/remote/remote_driver.h index 8c7da6b000..132e478ef3 100644 --- a/src/remote/remote_driver.h +++ b/src/remote/remote_driver.h @@ -34,7 +34,6 @@ unsigned long remoteVersion(void); #define LIBVIRTD_PRIV_UNIX_SOCKET LOCALSTATEDIR "/run/libvirt/libvirt-sock" #define LIBVIRTD_PRIV_UNIX_SOCKET_RO LOCALSTATEDIR "/run/libvirt/libvirt-s= ock-ro" #define LIBVIRTD_USER_UNIX_SOCKET "libvirt-sock" -#define LIBVIRTD_CONFIGURATION_FILE SYSCONFDIR "/libvirt/libvirtd.conf" =20 /* Defaults for PKI directory. */ #define LIBVIRT_PKI_DIR SYSCONFDIR "/pki" --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sat Apr 27 00:54:19 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562861135; cv=none; d=zoho.com; s=zohoarc; b=XpFt8VEiHPeqx2iHDb6lLw4WlfN3jCuII00SPieg5oe0Xv+17zdVMYFy8Vhdmzj2MvaVIbeJm+BHBMH7UFjKo1QwRtK3/Ns7nApd4sLl3kFG3p3PsOFPwP0BAyyLFhfXb0FxDu05SrYVRb+0VFdu5YZViPqCir5vp/PuBfcdChs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562861135; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=/w4OWTxvQNmGbMLXC2WqJEWyZHP+8Sb15UPmD2NFGuk=; b=DeW4WRt6rCKVCHyZjYf8+H5vDR3riYlLSecnGkr9d9JjZZDvjmvi1peAAUuG7kL5dCu/1XMMrZLU9EfGz8ZEXxlb3ebEIWF1PCR6hQhG+tDnL2+DyjlMT0L2NllM4QiLXNPxmHq75s4b4y+CXHaxaYmRZb8z5F6FY65Q8ambO4E= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562861135237828.593168325004; Thu, 11 Jul 2019 09:05:35 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 542EFC0524FB; Thu, 11 Jul 2019 16:05:33 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 20EB660BFB; Thu, 11 Jul 2019 16:05:33 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id D8DFA206D3; Thu, 11 Jul 2019 16:05:32 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BG5P2Z020347 for ; Thu, 11 Jul 2019 12:05:25 -0400 Received: by smtp.corp.redhat.com (Postfix) id 37FC95DC19; Thu, 11 Jul 2019 16:05:25 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id A703D5D9CC; Thu, 11 Jul 2019 16:05:24 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 17:04:53 +0100 Message-Id: <20190711160516.2130-7-berrange@redhat.com> In-Reply-To: <20190711160516.2130-1-berrange@redhat.com> References: <20190711160516.2130-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 06/29] remote: conditionalize driver loading in libvirtd daemon X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Thu, 11 Jul 2019 16:05:34 +0000 (UTC) Prepare for reusing libvirtd source to create other daemons by making the driver(s) to load conditionally defined by the make rules. If nothing is set, all drivers will be loaded, ignoring any missing ones as historically done. If MODULE_NAME is set only one driver will be loaded and that one must succeed. Signed-off-by: Daniel P. Berrang=C3=A9 --- src/remote/remote_daemon.c | 51 +++++++++++++++++++++----------------- 1 file changed, 28 insertions(+), 23 deletions(-) diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c index 1a301a1e14..e1fb081bfe 100644 --- a/src/remote/remote_daemon.c +++ b/src/remote/remote_daemon.c @@ -298,6 +298,10 @@ static int daemonErrorLogFilter(virErrorPtr err, int p= riority) =20 static int daemonInitialize(void) { +#ifdef MODULE_NAME + if (virDriverLoadModule(MODULE_NAME, MODULE_NAME "Register", true) < 0) + return -1; +#else /* * Note that the order is important: the first ones have a higher * priority when calling virStateInitialize. We must register the @@ -305,53 +309,54 @@ static int daemonInitialize(void) * driver, since their resources must be auto-started before any * domains can be auto-started. */ -#ifdef WITH_NETWORK +# ifdef WITH_NETWORK if (virDriverLoadModule("network", "networkRegister", false) < 0) return -1; -#endif -#ifdef WITH_INTERFACE +# endif +# ifdef WITH_INTERFACE if (virDriverLoadModule("interface", "interfaceRegister", false) < 0) return -1; -#endif -#ifdef WITH_SECRETS +# endif +# ifdef WITH_SECRETS if (virDriverLoadModule("secret", "secretRegister", false) < 0) return -1; -#endif -#ifdef WITH_STORAGE +# endif +# ifdef WITH_STORAGE if (virDriverLoadModule("storage", "storageRegister", false) < 0) return -1; -#endif -#ifdef WITH_NODE_DEVICES +# endif +# ifdef WITH_NODE_DEVICES if (virDriverLoadModule("nodedev", "nodedevRegister", false) < 0) return -1; -#endif -#ifdef WITH_NWFILTER +# endif +# ifdef WITH_NWFILTER if (virDriverLoadModule("nwfilter", "nwfilterRegister", false) < 0) return -1; -#endif -#ifdef WITH_LIBXL +# endif +# ifdef WITH_LIBXL if (virDriverLoadModule("libxl", "libxlRegister", false) < 0) return -1; -#endif -#ifdef WITH_QEMU +# endif +# ifdef WITH_QEMU if (virDriverLoadModule("qemu", "qemuRegister", false) < 0) return -1; -#endif -#ifdef WITH_LXC +# endif +# ifdef WITH_LXC if (virDriverLoadModule("lxc", "lxcRegister", false) < 0) return -1; -#endif -#ifdef WITH_VBOX +# endif +# ifdef WITH_VBOX if (virDriverLoadModule("vbox", "vboxRegister", false) < 0) return -1; -#endif -#ifdef WITH_BHYVE +# endif +# ifdef WITH_BHYVE if (virDriverLoadModule("bhyve", "bhyveRegister", false) < 0) return -1; -#endif -#ifdef WITH_VZ +# endif +# ifdef WITH_VZ if (virDriverLoadModule("vz", "vzRegister", false) < 0) return -1; +# endif #endif return 0; } --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sat Apr 27 00:54:19 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562861144; cv=none; d=zoho.com; s=zohoarc; b=ixHS47BO+k2/P9cWV5EeM6EM+10fmHR9HjXvSlEcgcHti8TXMDv83uTSbx7JlDajK3mBuN/sfFXHQwCXBE55DLmhw3iNmZ3Z/XhINXTByl0axPlo6up+oTIWYZ9nv2o9pO4cW4nsY3tjip42Qhk4GB45jh2xVljygwv8RzZAr6I= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562861144; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=Tqxsy+Ntr05wUSw8P6vdW3nwXApf6+M4YEYpPYJ0RUQ=; b=C5HJn/SnXhQTnGBUL1YRV2iJDymekfBd5yqeYU0suLrLKWPbYQRxt10YtwU/NEYfsWGI7pohpZT7yTihhJCbz8ZU7h/aVpH3esYipdfaYSwG+RnCnHG/L+iXwvkCQt9pxHvfRZHTJOJV6EpsFtrExXsgDMMxrPs9zKKhtajU+Vw= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562861144045302.1347372364594; Thu, 11 Jul 2019 09:05:44 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 5718930A7C65; Thu, 11 Jul 2019 16:05:42 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2650760A97; Thu, 11 Jul 2019 16:05:42 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id CDD39206D9; Thu, 11 Jul 2019 16:05:41 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BG5Qho020359 for ; Thu, 11 Jul 2019 12:05:26 -0400 Received: by smtp.corp.redhat.com (Postfix) id 08FD55D9DC; Thu, 11 Jul 2019 16:05:26 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 78CF55D973; Thu, 11 Jul 2019 16:05:25 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 17:04:54 +0100 Message-Id: <20190711160516.2130-8-berrange@redhat.com> In-Reply-To: <20190711160516.2130-1-berrange@redhat.com> References: <20190711160516.2130-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 07/29] remote: conditionalize IP socket usage in libvirtd daemon X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.42]); Thu, 11 Jul 2019 16:05:43 +0000 (UTC) Prepare for reusing libvirtd source to create other daemons by making the use of IP sockets conditionally defined by the make rules. The main libvirtd daemon will retain IP listen ability, but all the driver specific daemons will be local UNIX sockets only. Apps needing IP connectivity will connect via the libvirtd daemon which will proxy to the driver specfic daemon. Signed-off-by: Daniel P. Berrang=C3=A9 --- src/remote/Makefile.inc.am | 1 + src/remote/remote_daemon.c | 90 ++++++++++++++++++++++++++++--- src/remote/remote_daemon_config.c | 36 +++++++++---- src/remote/remote_daemon_config.h | 9 +++- 4 files changed, 119 insertions(+), 17 deletions(-) diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index ba385aac4d..25921437e2 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -147,6 +147,7 @@ libvirtd_CFLAGS =3D \ -DSOCK_NAME_RO=3D"\"libvirt-sock-ro\"" \ -DSOCK_NAME_ADMIN=3D"\"libvirt-admin-sock\"" \ -DDAEMON_NAME=3D"\"libvirtd\"" \ + -DENABLE_IP \ $(NULL) =20 libvirtd_LDFLAGS =3D \ diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c index e1fb081bfe..d01a303f70 100644 --- a/src/remote/remote_daemon.c +++ b/src/remote/remote_daemon.c @@ -366,11 +366,13 @@ static int ATTRIBUTE_NONNULL(3) daemonSetupNetworking(virNetServerPtr srv, virNetServerPtr srvAdm, struct daemonConfig *config, +#ifdef ENABLE_IP + bool ipsock, + bool privileged, +#endif /* ! ENABLE_IP */ const char *sock_path, const char *sock_path_ro, - const char *sock_path_adm, - bool ipsock, - bool privileged) + const char *sock_path_adm) { virNetServerServicePtr svc =3D NULL; virNetServerServicePtr svcAdm =3D NULL; @@ -457,6 +459,7 @@ daemonSetupNetworking(virNetServerPtr srv, goto cleanup; } =20 +#ifdef ENABLE_IP if (ipsock) { if (config->listen_tcp) { VIR_DEBUG("Registering TCP socket %s:%s", @@ -537,6 +540,7 @@ daemonSetupNetworking(virNetServerPtr srv, virObjectUnref(ctxt); } } +#endif /* ! ENABLE_IP */ =20 #if WITH_SASL if (virNetServerNeedsAuth(srv, REMOTE_AUTH_SASL) && @@ -876,6 +880,7 @@ daemonSetupHostUUID(const struct daemonConfig *config) static void daemonUsage(const char *argv0, bool privileged) { +#ifdef ENABLE_IP fprintf(stderr, _("\n" "Usage:\n" @@ -946,6 +951,64 @@ daemonUsage(const char *argv0, bool privileged) SOCK_NAME, DAEMON_NAME); } +#else + fprintf(stderr, + _("\n" + "Usage:\n" + " %s [options]\n" + "\n" + "Options:\n" + " -h | --help Display program help:\n" + " -v | --verbose Verbose messages.\n" + " -d | --daemon Run as a daemon & write PID file.\= n" + " -t | --timeout Exit after timeout period.\n" + " -f | --config Configuration file.\n" + " -V | --version Display version information.\n" + " -p | --pid-file Change name of PID file.\n" + "\n" + "libvirt management daemon:\n"), + argv0); + + if (privileged) { + fprintf(stderr, + _("\n" + " Default paths:\n" + "\n" + " Configuration file (unless overridden by -f):\n" + " %s/libvirt/%s.conf\n" + "\n" + " Sockets:\n" + " %s\n" + " %s\n" + "\n" + " PID file (unless overridden by -p):\n" + " %s/run/%s.pid\n" + "\n"), + SYSCONFDIR, + DAEMON_NAME, + LOCALSTATEDIR "/run/libvirt/" SOCK_NAME, + LOCALSTATEDIR "/run/libvirt/" SOCK_NAME_RO, + LOCALSTATEDIR, + DAEMON_NAME); + } else { + fprintf(stderr, + _("\n" + " Default paths:\n" + "\n" + " Configuration file (unless overridden by -f):\n" + " $XDG_CONFIG_HOME/libvirt/%s.conf\n" + "\n" + " Sockets:\n" + " $XDG_RUNTIME_DIR/libvirt/%s\n" + "\n" + " PID file:\n" + " $XDG_RUNTIME_DIR/libvirt/%s.pid\n" + "\n"), + DAEMON_NAME, + SOCK_NAME, + DAEMON_NAME); + } +#endif } =20 int main(int argc, char **argv) { @@ -965,7 +1028,9 @@ int main(int argc, char **argv) { int timeout =3D -1; /* -t: Shutdown timeout */ int verbose =3D 0; int godaemon =3D 0; +#ifdef ENABLE_IP int ipsock =3D 0; +#endif /* ! ENABLE_IP */ struct daemonConfig *config; bool privileged =3D geteuid() =3D=3D 0 ? true : false; bool implicit_conf =3D false; @@ -975,7 +1040,9 @@ int main(int argc, char **argv) { struct option opts[] =3D { { "verbose", no_argument, &verbose, 'v'}, { "daemon", no_argument, &godaemon, 'd'}, +#ifdef ENABLE_IP { "listen", no_argument, &ipsock, 'l'}, +#endif /* ! ENABLE_IP */ { "config", required_argument, NULL, 'f'}, { "timeout", required_argument, NULL, 't'}, { "pid-file", required_argument, NULL, 'p'}, @@ -999,7 +1066,13 @@ int main(int argc, char **argv) { int c; char *tmp; =20 - c =3D getopt_long(argc, argv, "ldf:p:t:vVh", opts, &optidx); + c =3D getopt_long(argc, argv, +#ifdef ENABLE_IP + "ldf:p:t:vVh", +#else /* ! ENABLE_IP */ + "df:p:t:vVh", +#endif /* ! ENABLE_IP */ + opts, &optidx); =20 if (c =3D=3D -1) break; @@ -1014,9 +1087,11 @@ int main(int argc, char **argv) { case 'd': godaemon =3D 1; break; +#ifdef ENABLE_IP case 'l': ipsock =3D 1; break; +#endif /* ! ENABLE_IP */ =20 case 't': if (virStrToLong_i(optarg, &tmp, 10, &timeout) !=3D 0 @@ -1330,10 +1405,13 @@ int main(int argc, char **argv) { =20 if (daemonSetupNetworking(srv, srvAdm, config, +#ifdef ENABLE_IP + ipsock, + privileged, +#endif /* !ENABLE_IP */ sock_file, sock_file_ro, - sock_file_adm, - ipsock, privileged) < 0) { + sock_file_adm) < 0) { ret =3D VIR_DAEMON_ERR_NETWORK; goto cleanup; } diff --git a/src/remote/remote_daemon_config.c b/src/remote/remote_daemon_c= onfig.c index 3e62b4203f..3c5ccd5ba8 100644 --- a/src/remote/remote_daemon_config.c +++ b/src/remote/remote_daemon_config.c @@ -107,12 +107,14 @@ daemonConfigNew(bool privileged ATTRIBUTE_UNUSED) if (VIR_ALLOC(data) < 0) return NULL; =20 +#ifdef ENABLE_IP data->listen_tls =3D 1; data->listen_tcp =3D 0; =20 if (VIR_STRDUP(data->tls_port, LIBVIRTD_TLS_PORT) < 0 || VIR_STRDUP(data->tcp_port, LIBVIRTD_TCP_PORT) < 0) goto error; +#endif /* !ENABLE_IP */ =20 /* Only default to PolicyKit if running as root */ #if WITH_POLKIT @@ -133,12 +135,14 @@ daemonConfigNew(bool privileged ATTRIBUTE_UNUSED) VIR_STRDUP(data->unix_sock_admin_perms, "0700") < 0) goto error; =20 -#if WITH_SASL +#ifdef ENABLE_IP +# if WITH_SASL data->auth_tcp =3D REMOTE_AUTH_SASL; -#else +# else data->auth_tcp =3D REMOTE_AUTH_NONE; -#endif +# endif data->auth_tls =3D REMOTE_AUTH_NONE; +#endif /* ! ENABLE_IP */ =20 data->min_workers =3D 5; data->max_workers =3D 20; @@ -182,9 +186,12 @@ daemonConfigFree(struct daemonConfig *data) if (!data) return; =20 +#ifdef ENABLE_IP VIR_FREE(data->listen_addr); VIR_FREE(data->tls_port); VIR_FREE(data->tcp_port); +#endif /* ! ENABLE_IP */ + tmp =3D data->access_drivers; while (tmp && *tmp) { VIR_FREE(*tmp); @@ -198,25 +205,28 @@ daemonConfigFree(struct daemonConfig *data) VIR_FREE(data->unix_sock_group); VIR_FREE(data->unix_sock_dir); =20 - tmp =3D data->tls_allowed_dn_list; + tmp =3D data->sasl_allowed_username_list; while (tmp && *tmp) { VIR_FREE(*tmp); tmp++; } - VIR_FREE(data->tls_allowed_dn_list); + VIR_FREE(data->sasl_allowed_username_list); =20 - tmp =3D data->sasl_allowed_username_list; +#ifdef ENABLE_IP + tmp =3D data->tls_allowed_dn_list; while (tmp && *tmp) { VIR_FREE(*tmp); tmp++; } - VIR_FREE(data->sasl_allowed_username_list); + VIR_FREE(data->tls_allowed_dn_list); + VIR_FREE(data->tls_priority); =20 VIR_FREE(data->key_file); VIR_FREE(data->ca_file); VIR_FREE(data->cert_file); VIR_FREE(data->crl_file); +#endif /* ! ENABLE_IP */ =20 VIR_FREE(data->host_uuid); VIR_FREE(data->host_uuid_source); @@ -231,6 +241,7 @@ daemonConfigLoadOptions(struct daemonConfig *data, const char *filename, virConfPtr conf) { +#ifdef ENABLE_IP if (virConfGetValueBool(conf, "listen_tcp", &data->listen_tcp) < 0) goto error; if (virConfGetValueBool(conf, "listen_tls", &data->listen_tls) < 0) @@ -241,6 +252,7 @@ daemonConfigLoadOptions(struct daemonConfig *data, goto error; if (virConfGetValueString(conf, "listen_addr", &data->listen_addr) < 0) goto error; +#endif /* !ENABLE_IP */ =20 if (remoteConfigGetAuth(conf, filename, "auth_unix_rw", &data->auth_un= ix_rw) < 0) goto error; @@ -256,10 +268,13 @@ daemonConfigLoadOptions(struct daemonConfig *data, #endif if (remoteConfigGetAuth(conf, filename, "auth_unix_ro", &data->auth_un= ix_ro) < 0) goto error; + +#ifdef ENABLE_IP if (remoteConfigGetAuth(conf, filename, "auth_tcp", &data->auth_tcp) <= 0) goto error; if (remoteConfigGetAuth(conf, filename, "auth_tls", &data->auth_tls) <= 0) goto error; +#endif /* ! ENABLE_IP */ =20 if (virConfGetValueStringList(conf, "access_drivers", false, &data->access_drivers) < 0) @@ -277,6 +292,7 @@ daemonConfigLoadOptions(struct daemonConfig *data, if (virConfGetValueString(conf, "unix_sock_dir", &data->unix_sock_dir)= < 0) goto error; =20 +#ifdef ENABLE_IP if (virConfGetValueBool(conf, "tls_no_sanity_certificate", &data->tls_= no_sanity_certificate) < 0) goto error; if (virConfGetValueBool(conf, "tls_no_verify_certificate", &data->tls_= no_verify_certificate) < 0) @@ -295,14 +311,14 @@ daemonConfigLoadOptions(struct daemonConfig *data, &data->tls_allowed_dn_list) < 0) goto error; =20 + if (virConfGetValueString(conf, "tls_priority", &data->tls_priority) <= 0) + goto error; +#endif /* ! ENABLE_IP */ =20 if (virConfGetValueStringList(conf, "sasl_allowed_username_list", fals= e, &data->sasl_allowed_username_list) < 0) goto error; =20 - if (virConfGetValueString(conf, "tls_priority", &data->tls_priority) <= 0) - goto error; - if (virConfGetValueUInt(conf, "min_workers", &data->min_workers) < 0) goto error; if (virConfGetValueUInt(conf, "max_workers", &data->max_workers) < 0) diff --git a/src/remote/remote_daemon_config.h b/src/remote/remote_daemon_c= onfig.h index d580e7d49c..842ce98c60 100644 --- a/src/remote/remote_daemon_config.h +++ b/src/remote/remote_daemon_config.h @@ -27,11 +27,13 @@ struct daemonConfig { char *host_uuid; char *host_uuid_source; =20 +#ifdef ENABLE_IP bool listen_tls; bool listen_tcp; char *listen_addr; char *tls_port; char *tcp_port; +#endif /* ! ENABLE_IP */ =20 char *unix_sock_admin_perms; char *unix_sock_ro_perms; @@ -41,21 +43,26 @@ struct daemonConfig { =20 int auth_unix_rw; int auth_unix_ro; +#ifdef ENABLE_IP int auth_tcp; int auth_tls; +#endif /* ! ENABLE_IP */ =20 char **access_drivers; =20 +#ifdef ENABLE_IP bool tls_no_verify_certificate; bool tls_no_sanity_certificate; char **tls_allowed_dn_list; - char **sasl_allowed_username_list; char *tls_priority; =20 char *key_file; char *cert_file; char *ca_file; char *crl_file; +#endif /* ! ENABLE_IP */ + + char **sasl_allowed_username_list; =20 unsigned int min_workers; unsigned int max_workers; --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sat Apr 27 00:54:19 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562861148; cv=none; d=zoho.com; s=zohoarc; b=m/V2Y4DRSbuKGpkk93+OncfmP9hnicy1RooCysusMUyVYDsAqdx48pxBdFTvnH+TLkSZ5IojmBMh3iZvgDUqWs/TmUlR2eiwW7HO0qtLSpX90bsI3lmue1SfumA4IuqjC/A5xAIOae4DXJCB84PS3AU8EIWmUkBwPFsl0tsZLt4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562861148; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=by7zHJMv7MdYN9jkJRf+zNKO6SIk2Q0te2ZFX3cooqU=; b=dLT0+SsiO6rfcr1ja4AqEyjKESGkhnqjneUyjGYmSBAaUqITH3euN5//Gru3V5rVw/rYp8FZofZuBFdpS3Tvi0Bpf+GsaDCRDwR+3eRF8TLZIPwtMsVwTEFJVyxIjjqL1L6IQomr+iTiGXvyhTukl6hpyeOjMWJ020BDPxNQc88= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562861148342249.41226887289054; Thu, 11 Jul 2019 09:05:48 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 03CF730C34F4; Thu, 11 Jul 2019 16:05:46 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id CB76A600CD; Thu, 11 Jul 2019 16:05:45 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 86590206DB; Thu, 11 Jul 2019 16:05:45 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BG5QTI020364 for ; Thu, 11 Jul 2019 12:05:26 -0400 Received: by smtp.corp.redhat.com (Postfix) id CE6C14FA33; Thu, 11 Jul 2019 16:05:26 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4990A5D9CC; Thu, 11 Jul 2019 16:05:26 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 17:04:55 +0100 Message-Id: <20190711160516.2130-9-berrange@redhat.com> In-Reply-To: <20190711160516.2130-1-berrange@redhat.com> References: <20190711160516.2130-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 08/29] remote: conditionalize IP socket config in libvirtd.conf X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.40]); Thu, 11 Jul 2019 16:05:46 +0000 (UTC) Prepare for reusing libvirtd config to create other daemons by making the config parameters for IP sockets conditionally defined by the make rules. The main libvirtd daemon will retain IP listen ability, but all the driver specific daemons will be local UNIX sockets only. Apps needing IP connectivity will connect via the libvirtd daemon which will proxy to the driver specfic daemon. Signed-off-by: Daniel P. Berrang=C3=A9 --- src/remote/Makefile.inc.am | 12 +++++- .../{libvirtd.conf =3D> libvirtd.conf.in} | 42 +++++++++++-------- src/remote/test_libvirtd.aug.in | 2 +- 3 files changed, 37 insertions(+), 19 deletions(-) rename src/remote/{libvirtd.conf =3D> libvirtd.conf.in} (95%) diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index 25921437e2..4bc71346f2 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -71,7 +71,7 @@ EXTRA_DIST +=3D \ $(LIBVIRTD_SOURCES) \ remote/test_libvirtd.aug.in \ remote/libvirtd.aug \ - remote/libvirtd.conf \ + remote/libvirtd.conf.in \ remote/libvirtd.policy \ remote/libvirtd.rules \ remote/libvirtd.sasl \ @@ -88,6 +88,9 @@ MAINTAINERCLEANFILES +=3D \ $(REMOTE_DRIVER_GENERATED) \ $(LIBVIRTD_GENERATED) \ $(NULL) +CLEANFILES +=3D \ + remote/libvirtd.conf \ + $(NULL) =20 if WITH_REMOTE noinst_LTLIBRARIES +=3D libvirt_driver_remote.la @@ -178,6 +181,13 @@ libvirtd_LDADD +=3D \ $(LIBSOCKET) \ $(NULL) =20 +remote/libvirtd.conf: remote/libvirtd.conf.in + $(AM_V_GEN)sed \ + -e '/:: CUT ENABLE_IP ::/d' \ + -e '/:: END ::/d' \ + -e 's/:: DAEMON_NAME ::/libvirtd/' \ + < $^ > $@ + INSTALL_DATA_DIRS +=3D remote =20 install-data-remote: diff --git a/src/remote/libvirtd.conf b/src/remote/libvirtd.conf.in similarity index 95% rename from src/remote/libvirtd.conf rename to src/remote/libvirtd.conf.in index bbeb053495..39da576e68 100644 --- a/src/remote/libvirtd.conf +++ b/src/remote/libvirtd.conf.in @@ -1,13 +1,14 @@ # Master libvirt daemon configuration file # =20 +:: CUT ENABLE_IP :: ################################################################# # # Network connectivity controls # =20 # Flag listening for secure TLS connections on the public TCP/IP port. -# NB, must pass the --listen flag to the libvirtd process for this to +# NB, must pass the --listen flag to the :: DAEMON_NAME :: process for thi= s to # have any effect. # # It is necessary to setup a CA and issue server certificates before @@ -17,7 +18,7 @@ #listen_tls =3D 0 =20 # Listen for unencrypted TCP connections on the public TCP/IP port. -# NB, must pass the --listen flag to the libvirtd process for this to +# NB, must pass the --listen flag to the :: DAEMON_NAME :: process for thi= s to # have any effect. # # Using the TCP socket requires SASL authentication by default. Only @@ -43,13 +44,14 @@ # Override the default configuration which binds to all network # interfaces. This can be a numeric IPv4/6 address, or hostname # -# If the libvirtd service is started in parallel with network +# If the :: DAEMON_NAME :: service is started in parallel with network # startup (e.g. with systemd), binding to addresses other than # the wildcards (0.0.0.0/::) might not be available yet. # #listen_addr =3D "192.168.0.1" =20 =20 +:: END :: ################################################################# # # UNIX socket access controls @@ -126,6 +128,7 @@ # If the unix_sock_rw_perms are changed you may wish to enable # an authentication mechanism here #auth_unix_rw =3D "none" +:: CUT ENABLE_IP :: =20 # Change the authentication scheme for TCP sockets. # @@ -143,6 +146,7 @@ # It is possible to make use of any SASL authentication # mechanism as well, by using 'sasl' for this option #auth_tls =3D "none" +:: END :: =20 =20 # Change the API access control scheme @@ -151,10 +155,11 @@ # to all APIs. Access drivers can place restrictions # on this. By default the 'nop' driver is enabled, # meaning no access control checks are done once a -# client has authenticated with libvirtd +# client has authenticated with :: DAEMON_NAME :: # #access_drivers =3D [ "polkit" ] =20 +:: CUT ENABLE_IP :: ################################################################# # # TLS x509 certificate configuration @@ -194,15 +199,17 @@ =20 =20 =20 +:: END :: ################################################################# # # Authorization controls # =20 =20 +:: CUT ENABLE_IP :: # Flag to disable verification of our own server certificates # -# When libvirtd starts it performs some sanity checks against +# When :: DAEMON_NAME :: starts it performs some sanity checks against # its own certificates. # # Default is to always run sanity checks. Uncommenting this @@ -234,6 +241,15 @@ #tls_allowed_dn_list =3D ["DN1", "DN2"] =20 =20 +# Override the compile time default TLS priority string. The +# default is usually "NORMAL" unless overridden at build time. +# Only set this is it is desired for libvirt to deviate from +# the global default settings. +# +#tls_priority=3D"NORMAL" + + +:: END :: # A whitelist of allowed SASL usernames. The format for username # depends on the SASL authentication mechanism. Kerberos usernames # look like username@REALM @@ -251,14 +267,6 @@ #sasl_allowed_username_list =3D ["joe@EXAMPLE.COM", "fred@EXAMPLE.COM" ] =20 =20 -# Override the compile time default TLS priority string. The -# default is usually "NORMAL" unless overridden at build time. -# Only set this is it is desired for libvirt to deviate from -# the global default settings. -# -#tls_priority=3D"NORMAL" - - ################################################################# # # Processing controls @@ -386,8 +394,8 @@ # 4: ERROR # # Multiple outputs can be defined, they just need to be separated by space= s. -# e.g. to log all warnings and errors to syslog under the libvirtd ident: -#log_outputs=3D"3:syslog:libvirtd" +# e.g. to log all warnings and errors to syslog under the :: DAEMON_NAME := : ident: +#log_outputs=3D"3:syslog::: DAEMON_NAME ::" =20 =20 ################################################################## @@ -430,7 +438,7 @@ =20 ################################################################### # Keepalive protocol: -# This allows libvirtd to detect broken client connections or even +# This allows :: DAEMON_NAME :: to detect broken client connections or even # dead clients. A keepalive message is sent to a client after # keepalive_interval seconds of inactivity to check if the client is # still responding; keepalive_count is a maximum number of keepalive @@ -439,7 +447,7 @@ # words, the connection is automatically closed approximately after # keepalive_interval * (keepalive_count + 1) seconds since the last # message received from the client. If keepalive_interval is set to -# -1, libvirtd will never send keepalive requests; however clients +# -1, :: DAEMON_NAME :: will never send keepalive requests; however clients # can still send them and the daemon will send responses. When # keepalive_count is set to 0, connections will be automatically # closed after keepalive_interval seconds of inactivity without diff --git a/src/remote/test_libvirtd.aug.in b/src/remote/test_libvirtd.aug= .in index ad6450a569..a4c7b4afe8 100644 --- a/src/remote/test_libvirtd.aug.in +++ b/src/remote/test_libvirtd.aug.in @@ -29,11 +29,11 @@ module Test_libvirtd =3D { "1" =3D "DN1"} { "2" =3D "DN2"} } + { "tls_priority" =3D "NORMAL" } { "sasl_allowed_username_list" { "1" =3D "joe@EXAMPLE.COM" } { "2" =3D "fred@EXAMPLE.COM" } } - { "tls_priority" =3D "NORMAL" } { "max_clients" =3D "5000" } { "max_queued_clients" =3D "1000" } { "max_anonymous_clients" =3D "20" } --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sat Apr 27 00:54:19 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562861136; cv=none; d=zoho.com; s=zohoarc; b=atxp0nz60Qffa/gjoa0lnINZVRZ9x/H5XxrV364Ua/59+LcmVaAwoR9/01zZlb2w1G95unpzpPCljc2+qxPwbdwhMjulKkg448YmjfkdyoM/fGllF6gNJLrKkagN79FcJgt51sHxE/HjfE5+fU4trnPrwZGeSxKTlpfAjnz6qiM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562861136; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=aTqCgDS/OzeiHvkoRD00zfJgp3i8u9po0RtVziIKoik=; b=mpdiigH1jQJjal0FCeGzFsDQdnOOubw8IB/7H7KmXqTrySkqJDQIijCE+fOxd4c43a9Jfvc7r8O+YQk4GrRg8IZ2FLn6ZmusP+oL7o/pw6NZ3w0AhOvI6fq7/KVRvHulTXIcHngY2VhFfThbvy+oBduYVuiwA5I/33r3bo0zPKQ= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562861136681264.520122354249; Thu, 11 Jul 2019 09:05:36 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id F3C832EED1F; Thu, 11 Jul 2019 16:05:34 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C342B60610; Thu, 11 Jul 2019 16:05:34 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 7970B206D6; Thu, 11 Jul 2019 16:05:34 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6BG5R5U020377 for ; Thu, 11 Jul 2019 12:05:27 -0400 Received: by smtp.corp.redhat.com (Postfix) id A074F5DD65; Thu, 11 Jul 2019 16:05:27 +0000 (UTC) Received: from dhcp-17-95.lcy.redhat.com (unknown [10.42.17.95]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1B7595D9CC; Thu, 11 Jul 2019 16:05:26 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 11 Jul 2019 17:04:56 +0100 Message-Id: <20190711160516.2130-10-berrange@redhat.com> In-Reply-To: <20190711160516.2130-1-berrange@redhat.com> References: <20190711160516.2130-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 09/29] remote: conditionalize IP socket config in augeas definitions X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Thu, 11 Jul 2019 16:05:35 +0000 (UTC) Prepare for reusing libvirtd augeas defintions with other daemons by making the config parameters for IP sockets conditionally defined by the make rules. Signed-off-by: Daniel P. Berrang=C3=A9 --- build-aux/augeas-gentest.pl | 2 +- src/remote/Makefile.inc.am | 27 +++++++++++++++----- src/remote/{libvirtd.aug =3D> libvirtd.aug.in} | 24 ++++++++++++----- src/remote/test_libvirtd.aug.in | 14 +++++++--- 4 files changed, 49 insertions(+), 18 deletions(-) rename src/remote/{libvirtd.aug =3D> libvirtd.aug.in} (88%) diff --git a/build-aux/augeas-gentest.pl b/build-aux/augeas-gentest.pl index 567fc651f3..69d94e6a0f 100755 --- a/build-aux/augeas-gentest.pl +++ b/build-aux/augeas-gentest.pl @@ -37,7 +37,7 @@ open TEMPLATE, "<", $template or die "cannot read $templa= te: $!"; =20 my $group =3D 0; while (