From nobody Sun May 5 18:54:15 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1566573117; cv=none; d=zoho.com; s=zohoarc; b=PRoreYniIMgItPTFKqR3ZMev3exQ96En3Ald2HG58oEssSiuEWjIkuJ7LZhMrt/JZw9A+Hit5UUBceg34n1gXJPFL7Atk97Fv10K4HAKj04Mbq5dXEdnFM7uKzQpFAqoeXIvs3ZawsrSE9/3aJ64gCyEHv+5mVPTDlQ15AA1GKk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1566573117; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=WCm2nls90ZnLfzfQX72GS9nusXzEwahUvVxDH2Ylwfs=; b=F5gXg3ynXpSDB3exWL2sOHC68WSHdqoD+2xkOLtVRhkuYvWhH1CQas9Zm5NLm3nQ4uQMv4nfbSpoG9Km1GOZTpPMeCecV2kuluYiUxuF6YRIP2rbqmyuGR9eMtLRaLBIBcZVes3gIbVp7LGrLgk342+8KjhsG9tnRf2zeCkRbIM= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1566573117601735.4979000218293; Fri, 23 Aug 2019 08:11:57 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C1A5F368CF; Fri, 23 Aug 2019 15:11:55 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 138685D6B2; Fri, 23 Aug 2019 15:11:55 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id A9A4C3CBF; Fri, 23 Aug 2019 15:11:53 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x7NFBpOq003565 for ; Fri, 23 Aug 2019 11:11:51 -0400 Received: by smtp.corp.redhat.com (Postfix) id B1FFF2632E; Fri, 23 Aug 2019 15:11:51 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-60.ams2.redhat.com [10.36.112.60]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7A0E419C78; Fri, 23 Aug 2019 15:11:50 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Fri, 23 Aug 2019 16:11:40 +0100 Message-Id: <20190823151143.31787-2-berrange@redhat.com> In-Reply-To: <20190823151143.31787-1-berrange@redhat.com> References: <20190823151143.31787-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 1/4] remote: use Wants instead of Requires for libvirtd sockets X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Fri, 23 Aug 2019 15:11:56 +0000 (UTC) To facilitate upgrades from earlier versions of libvirt which did not use socket activation for libvirtd, we want to allow the libvirtd socket units to be disabled (masked). This can only be supported if we use the warker Wants statement instead of Requires. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: J=C3=A1n Tomko --- src/remote/libvirtd.service.in | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/src/remote/libvirtd.service.in b/src/remote/libvirtd.service.in index 4c5b28b478..82892b4f70 100644 --- a/src/remote/libvirtd.service.in +++ b/src/remote/libvirtd.service.in @@ -2,9 +2,12 @@ Description=3DVirtualization daemon Requires=3Dvirtlogd.socket Requires=3Dvirtlockd.socket -Requires=3Dlibvirtd.socket -Requires=3Dlibvirtd-ro.socket -Requires=3Dlibvirtd-admin.socket +# Use Wants instead of Requires so that users +# can disable these three .socket units to revert +# to a traditional non-activation deployment setup +Wants=3Dlibvirtd.socket +Wants=3Dlibvirtd-ro.socket +Wants=3Dlibvirtd-admin.socket Wants=3Dsystemd-machined.service Before=3Dlibvirt-guests.service After=3Dnetwork.target --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sun May 5 18:54:15 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1566573133; cv=none; d=zoho.com; s=zohoarc; b=e9y8eKHqhKq7d2uWQPrNxLcviAP9/iT1SvLEON4BG0k7XCr8BtkQ/t9W8Aw+6VPTOt96jhmeoClpGKkJ16brR0W+90Wsyf/f0k3MecltnNawL5Q0/+Z9jioKxRZgRIdruIrzvbe/p/STbJMYBdiTdebeHKa/uxQqQthXUDvl+6Y= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1566573133; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=KeP2KXNH01MtpGaehBucSjEFYrk7c3QbCru6cNhx5Ek=; b=LgyIZzwWluVyefRxlIMkmd/DbWKiBO66n12ftXS84P9GMFryGSLbX0cjpoZXFyZIDgw7Vh8XUr+ExdS1gNegoliEVc+cQm9fbUyCMp7iNuVTt6AzaVj51EPKwN/y5ya1Y3t5W7e/aFHXC4+cDMUIXc4hsshRExhescSmKNNW+/M= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1566573133854555.1702206957665; Fri, 23 Aug 2019 08:12:13 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 7CD4E18C890F; Fri, 23 Aug 2019 15:12:12 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 57D7A5D6B2; Fri, 23 Aug 2019 15:12:12 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 0EBFA180B536; Fri, 23 Aug 2019 15:12:12 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x7NFBr6u003572 for ; Fri, 23 Aug 2019 11:11:53 -0400 Received: by smtp.corp.redhat.com (Postfix) id 190732632E; Fri, 23 Aug 2019 15:11:53 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-60.ams2.redhat.com [10.36.112.60]) by smtp.corp.redhat.com (Postfix) with ESMTP id 381822632F; Fri, 23 Aug 2019 15:11:51 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Fri, 23 Aug 2019 16:11:41 +0100 Message-Id: <20190823151143.31787-3-berrange@redhat.com> In-Reply-To: <20190823151143.31787-1-berrange@redhat.com> References: <20190823151143.31787-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 2/4] remote: move timeout arg into sysconf file X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.6.2 (mx1.redhat.com [10.5.110.70]); Fri, 23 Aug 2019 15:12:13 +0000 (UTC) We need to give users the ability to customize the length of the shutdown timeout, or even disable timeouts entirely. Thus we must move the timeout arg into the sysconf file, instead of the service unit. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: J=C3=A1n Tomko --- src/remote/libvirtd.service.in | 6 +----- src/remote/libvirtd.sysconf | 12 +++++++++--- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/src/remote/libvirtd.service.in b/src/remote/libvirtd.service.in index 82892b4f70..9c8c54a2ef 100644 --- a/src/remote/libvirtd.service.in +++ b/src/remote/libvirtd.service.in @@ -26,11 +26,7 @@ Documentation=3Dhttps://libvirt.org [Service] Type=3Dnotify EnvironmentFile=3D-@sysconfdir@/sysconfig/libvirtd -# libvirtd.service is set to run on boot so that autostart of -# VMs can be performed. We don't want it to stick around if -# unused though, so we set a timeout. The socket activation -# then ensures it gets started again if anything needs it -ExecStart=3D@sbindir@/libvirtd --timeout 120 $LIBVIRTD_ARGS +ExecStart=3D@sbindir@/libvirtd $LIBVIRTD_ARGS ExecReload=3D/bin/kill -HUP $MAINPID KillMode=3Dprocess Restart=3Don-failure diff --git a/src/remote/libvirtd.sysconf b/src/remote/libvirtd.sysconf index 5969518bf2..2ad1fcf5d5 100644 --- a/src/remote/libvirtd.sysconf +++ b/src/remote/libvirtd.sysconf @@ -1,8 +1,14 @@ # Customizations for the libvirtd.service systemd unit =20 -# Listen for TCP/IP connections. This is not required if using systemd -# socket activation. -# NB. must setup TLS/SSL keys prior to using this +# Default behaviour is for libvirtd.service to start on boot +# so that VM autostart can be performed. We then want it to +# shutdown again if nothing was started and rely on systemd +# socket activation to start it again when some client app +# connects. +LIBVIRT_ARGS=3D"--timeout 120" + +# If systemd socket activation is disabled, then the following +# can be used to listen on TCP/TLS sockets #LIBVIRTD_ARGS=3D"--listen" =20 # Override Kerberos service keytab for SASL/GSSAPI --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sun May 5 18:54:15 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1566573133; cv=none; d=zoho.com; s=zohoarc; b=RKv+1qih39bEAGIfpmA11oqeKQb78JSr0+9uPiDtUlD3XWmFJ1F2OvREOIo29f6KMUS67jbA5SIOKQvx0q9kvjeFw+XwtllvbcapswdefbhSM53dJQKRdvEkPkBsmwVf57OKCmzb4zeENXOLTsoMFo7xzrNRgzBNzneDwzxUO+o= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1566573133; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=+Hyl0OnpzbGHLv75FJVgIrxC2I84ZicjPkQnjmqVteM=; b=NVp771Bw4tr7PrWwxZdgortom+y82fheBSbEaYFTRBO0otNSlzL3+giJPDo6F6UyePrV3NSpOlhk1nTHr0bWOy6a8D/ArcDxb2G5MDiDIyDUToBaMEJrSEcOriDHWn6iCsvGgqDpeKRR9snmxzyg0gW2xmSFefE+L5qrGabcIAg= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1566573133064300.56041519792166; Fri, 23 Aug 2019 08:12:13 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C2F048CF1AB; Fri, 23 Aug 2019 15:12:11 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 99B7F1001B12; Fri, 23 Aug 2019 15:12:11 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 53FD02551C; Fri, 23 Aug 2019 15:12:11 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x7NFBsKk003582 for ; Fri, 23 Aug 2019 11:11:54 -0400 Received: by smtp.corp.redhat.com (Postfix) id 5A6DE2632E; Fri, 23 Aug 2019 15:11:54 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-60.ams2.redhat.com [10.36.112.60]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7214F2632F; Fri, 23 Aug 2019 15:11:53 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Fri, 23 Aug 2019 16:11:42 +0100 Message-Id: <20190823151143.31787-4-berrange@redhat.com> In-Reply-To: <20190823151143.31787-1-berrange@redhat.com> References: <20190823151143.31787-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 3/4] remote: forbid the --listen arg when systemd socket activation X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.6.2 (mx1.redhat.com [10.5.110.69]); Fri, 23 Aug 2019 15:12:12 +0000 (UTC) When using systemd socket activation the --listen arg has no effect. This is confusing to users upgrading from previous versions of libvirt as their config is silently ignored. Turn use of --listen into a fatal error when sockets are passed from systemd. This helps the admin discover the change in behaviour and thus decide whether to stick with socket activation or revert to previous behaviour. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: J=C3=A1n Tomko --- src/remote/libvirtd.pod | 33 ++++++++++++++++++++++++++++++++- src/remote/remote_daemon.c | 7 +++++++ 2 files changed, 39 insertions(+), 1 deletion(-) diff --git a/src/remote/libvirtd.pod b/src/remote/libvirtd.pod index 4721e0f4ec..fa30d6a37a 100644 --- a/src/remote/libvirtd.pod +++ b/src/remote/libvirtd.pod @@ -30,6 +30,35 @@ and will be picked up automatically if their XML configu= ration has been defined. Any guests whose XML configuration has not been defined will be = lost from the configuration. =20 +=3Dhead1 SYSTEM SOCKET ACTIVATION + +The B daemon is capable of starting in two modes. + +In the traditional mode, it will create and listen on UNIX sockets itself. +If the B<--listen> parameter is given, it will also listen on TCP/IP socke= t(s), +according to the B and B options in +B + +In socket activation mode, it will rely on systemd to create and listen +on the UNIX, and optionally TCP/IP, sockets and pass them as pre-opened +file descriptors. In this mode, it is not permitted to pass the B<--listen> +parameter, and most of the socket related config options in +B will no longer have any effect. To enable +TCP or TLS sockets use either + +B<$ systemctl start libvirtd-tls.socket> + +Or + +B<$ systemctl start libvirtd-tcp.socket> + +Socket activation mode is generally the default when running on a host +OS that uses systemd. To revert to the traditional mode, all the socket +unit files must be masked: + +B<$ systemctl mask libvirtd.socket libvirtd-ro.socket \ + libvirtd-admin.socket libvirtd-tls.socket libvirtd-tcp.socket> + =3Dhead1 OPTIONS =20 =3Dover @@ -48,7 +77,9 @@ Use this configuration file, overriding the default value. =20 =3Ditem B<-l, --listen> =20 -Listen for TCP/IP connections. +Listen for TCP/IP connections. This should not be set if using systemd +socket activation. Instead activate the libvirtd-tls.socket or +libvirtd-tcp.socket unit files. =20 =3Ditem B<-p, --pid-file> I =20 diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c index 1138485870..3970db09c0 100644 --- a/src/remote/remote_daemon.c +++ b/src/remote/remote_daemon.c @@ -422,6 +422,13 @@ daemonSetupNetworking(virNetServerPtr srv, if (virSystemdGetActivation(actmap, ARRAY_CARDINALITY(actmap), &act) <= 0) return -1; =20 +#ifdef WITH_IP + if (act && ipsock) { + VIR_ERROR(_("--listen parameter not permitted with systemd activat= ion sockets")); + return -1; + } +#endif /* ! WITH_IP */ + if (config->unix_sock_group) { if (virGetGroupID(config->unix_sock_group, &unix_sock_gid) < 0) return ret; --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Sun May 5 18:54:15 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1566573119; cv=none; d=zoho.com; s=zohoarc; b=YmKKckydYbazrKngStBokABT3hfu2/ccTc3xSOattBg3tvlxKDzup8E2P26GLqKiApNHO8Q3L6dp9j94Httk3usqqJ0VpoOyp1EEUYvceREluny6e4VP5ZITNOUZlDgfO6a/SX+rH3ijZqykAsrmtUoCs4kckaPg9p8ig/Wdjxs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1566573119; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=91irL9DhageRxZoev3DjNlOp00INgpFNY+fbq+ZBOmY=; b=J0WmkR2xXICLEyJaxXMZ3b4ssKPzN2UeNRgHvGykz72pP24IOcTxGO7qiHtVtwX9Vp+Tuk6l2XVBPScQ0HS+qou5h7+G1eGVddrj+l17WbCo9Sq7lUlWHtQuWMuxsArf+LOeyxDBdphYXy7vCvMxzkQltg4i6F9D18/mInoyRMM= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1566573119275966.104617798235; Fri, 23 Aug 2019 08:11:59 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id D3960301662E; Fri, 23 Aug 2019 15:11:57 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id AE2F370582; Fri, 23 Aug 2019 15:11:57 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 69375180B536; Fri, 23 Aug 2019 15:11:57 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x7NFBtd2003594 for ; Fri, 23 Aug 2019 11:11:55 -0400 Received: by smtp.corp.redhat.com (Postfix) id AC12B26329; Fri, 23 Aug 2019 15:11:55 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-60.ams2.redhat.com [10.36.112.60]) by smtp.corp.redhat.com (Postfix) with ESMTP id C384019C78; Fri, 23 Aug 2019 15:11:54 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Fri, 23 Aug 2019 16:11:43 +0100 Message-Id: <20190823151143.31787-5-berrange@redhat.com> In-Reply-To: <20190823151143.31787-1-berrange@redhat.com> References: <20190823151143.31787-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 4/4] rpm: don't enable socket activation in upgrade if --listen present X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.42]); Fri, 23 Aug 2019 15:11:58 +0000 (UTC) Currently during RPM upgrade we restart libvirtd and unconditionally enable use of systemd socket activation for the UNIX sockets. If the user had previously given the --listen arg to libvirtd though, this will no longer be honoured if socket activation is used. We could start libvirtd-tcp.socket or libvirtd-tls.socket for this, but mgmt tools like puppet/ansible might not be expecting this. So for now we silently disable socket activation if we see --listen was previously set on the host. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: J=C3=A1n Tomko --- libvirt.spec.in | 44 +++++++++++++++++++++++++++++++------------- 1 file changed, 31 insertions(+), 13 deletions(-) diff --git a/libvirt.spec.in b/libvirt.spec.in index ee4b408510..e6c85a706b 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1379,19 +1379,37 @@ fi =20 %posttrans daemon if [ -f %{_localstatedir}/lib/rpm-state/libvirt/restart ]; then - # Old libvirtd owns the sockets and will delete them on - # shutdown. Can't use a try-restart as libvirtd will simply - # own the sockets again when it comes back up. Thus we must - # do this particular ordering - /bin/systemctl is-active libvirtd.service 1>/dev/null 2>&1 - if test $? =3D 0 ; then - /bin/systemctl stop libvirtd.service >/dev/null 2>&1 || : - - /bin/systemctl try-restart libvirtd.socket >/dev/null 2>&1 || : - /bin/systemctl try-restart libvirtd-ro.socket >/dev/null 2>&1 || : - /bin/systemctl try-restart libvirtd-admin.socket >/dev/null 2>&1 |= | : - - /bin/systemctl start libvirtd.service >/dev/null 2>&1 || : + # See if user has previously modified their install to + # tell libvirtd to use --listen + grep -E '^LIBVIRTD_ARGS=3D.*--listen' /etc/sysconfig/libvirtd 1>/dev/n= ull 2>&1 + if test $? =3D 0 + then + # Then lets keep honouring --listen and *not* use + # systemd socket activation, because switching things + # might confuse mgmt tool like puppet/ansible that + # expect the old style libvirtd + /bin/systemctl mask libvirtd.socket >/dev/null 2>&1 || : + /bin/systemctl mask libvirtd-ro.socket >/dev/null 2>&1 || : + /bin/systemctl mask libvirtd-admin.socket >/dev/null 2>&1 || : + /bin/systemctl mask libvirtd-tls.socket >/dev/null 2>&1 || : + /bin/systemctl mask libvirtd-tcp.socket >/dev/null 2>&1 || : + else + # Old libvirtd owns the sockets and will delete them on + # shutdown. Can't use a try-restart as libvirtd will simply + # own the sockets again when it comes back up. Thus we must + # do this particular ordering, so that we get libvirtd + # running with socket activation in use + /bin/systemctl is-active libvirtd.service 1>/dev/null 2>&1 + if test $? =3D 0 + then + /bin/systemctl stop libvirtd.service >/dev/null 2>&1 || : + + /bin/systemctl try-restart libvirtd.socket >/dev/null 2>&1 || : + /bin/systemctl try-restart libvirtd-ro.socket >/dev/null 2>&1 = || : + /bin/systemctl try-restart libvirtd-admin.socket >/dev/null 2>= &1 || : + + /bin/systemctl start libvirtd.service >/dev/null 2>&1 || : + fi fi fi rm -rf %{_localstatedir}/lib/rpm-state/libvirt || : --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list