Ping.
On Fri, Aug 07, 2020 at 06:40:48PM +0100, Daniel P. Berrangé wrote:
> We have long had a problem with use of netcat for ssh tunnelling because
> there's no guarantee the UNIX socket path the client builds will match
> the UNIX socket path the remote host uses. We don't even allow session
> mode SSH tunnelling for this reason. We also can't easily auto-spawn
> libvirtd in session mode.
>
> With the introduction of modular daemons we also have potential for two
> completely different UNIX socket paths even for system mode, and the
> client can't know which to use.
>
> The solution to all these problems is to introduce a custom netcat impl.
> Instead passing the UNIX socket path, we pass the libvirt driver URI.
> The custom netcat then decides which socket path to use based on the
> remote build host environment.
>
> We still have to support netcat for interoperability with legacy libvirt
> versions, but we can default to the new virt-nc.
>
> v4: Now with many fixed bugs to make it actually work
> v3: Now with more meson and less autotools !
>
> Daniel P. Berrangé (11):
> rpc: merge logic for generating remote SSH shell script
> remote: push logic for default netcat binary into common helper
> remote: split off enums into separate source file
> remote: split out function for parsing URI scheme
> remote: parse the remote transport string earlier
> remote: split out function for constructing socket path
> remote: extract logic for determining daemon to connect to
> remote: introduce virt-ssh-helper binary
> rpc: switch order of args in virNetClientNewSSH
> rpc: use new virt-ssh-helper binary for remote tunnelling
> remote: fix error reporting for invalid daemon mode
>
> build-aux/syntax-check.mk | 2 +-
> docs/uri.html.in | 24 +-
> libvirt.spec.in | 2 +
> po/POTFILES.in | 2 +
> src/libvirt_remote.syms | 1 +
> src/remote/meson.build | 18 ++
> src/remote/remote_driver.c | 331 +++++--------------------
> src/remote/remote_sockets.c | 277 +++++++++++++++++++++
> src/remote/remote_sockets.h | 70 ++++++
> src/remote/remote_ssh_helper.c | 425 +++++++++++++++++++++++++++++++++
> src/rpc/virnetclient.c | 167 +++++++++----
> src/rpc/virnetclient.h | 29 ++-
> src/rpc/virnetsocket.c | 37 +--
> src/rpc/virnetsocket.h | 4 +-
> tests/virnetsockettest.c | 12 +-
> 15 files changed, 1030 insertions(+), 371 deletions(-)
> create mode 100644 src/remote/remote_sockets.c
> create mode 100644 src/remote/remote_sockets.h
> create mode 100644 src/remote/remote_ssh_helper.c
>
> --
> 2.26.2
>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|