This patch adds a set of functions used in creating console streams for
domains using PTYs and ensures mutually exclusive access to the PTYs.
If mutualy exclusive access is not used, two clients may open the same
console, which results in corruption on both clients as both of them
race to read data from the PTY.
Two approaches are used to ensure this:
1) Internal data structure holding open PTYs.
This is used internally and enables the user to forcibly
terminate another console connection eg. when somebody leaves
the console open on another host.
2) UUCP style lock files:
This uses UUCP lock files according to the FHS
( http://www.pathname.com/fhs/pub/fhs-2.3.html#VARLOCKLOCKFILES )
to check if other programs (like minicom) are not using the pty
device of the console.
This feature is disabled by default and may be enabled using
configure parameter
--with-console-lock-files=/path/to/lock/file/directory
or --with-console-lock-files=auto (which tries to infer the
location from OS used (currently only linux).
On usual linux systems, normal users may not write to the
/var/lock directory containing the locks. This poses problems
while in session mode. If the current user has no access to the
lockfile directory, check for presence of the file is still
done, but no lock file is created. This does NOT result in an
error.
---
Diff to v4:
- fixed typos (traditionally)
- fixed configure.ac to work with automaticaly used values
- tweaked configure output line to line up with others without
moving them
- using STRSKIP to skip the start of the string instead of
possibly skipping in the middle of a string
- fixed whitespace problems
- changed data type for pids to pid_t and tweaked printing formatters
- On failure to initialise mutex in virConsoleAlloc don't skip
to virConsoleFree
- added comment to clarify why it's needed to unregister the callback
handler
- Added OOM error reporting on some error paths.
Note to v4 review:
I changed the default value for the path of the lock files to "auto" so it will
get built with "/var/lock" on linux machines, so no change to the spec file is
needed.
configure.ac | 25 +++
po/POTFILES.in |1 +
src/Makefile.am |6 +-
src/conf/virconsole.c| 408 ++
src/conf/virconsole.h| 36
src/libvirt_private.syms |6 +
6 files changed, 481 insertions(+), 1 deletions(-)
create mode 100644 src/conf/virconsole.c
create mode 100644 src/conf/virconsole.h
diff --git a/configure.ac b/configure.ac
index 732f4fe..a5f9105 100644
--- a/configure.ac
+++ b/configure.ac
@@ -336,6 +336,12 @@ AC_ARG_WITH([remote],
AC_HELP_STRING([--with-remote], [add remote driver support
@<:@default=yes@:>@]),[],[with_remote=yes])
AC_ARG_WITH([libvirtd],
AC_HELP_STRING([--with-libvirtd], [add libvirtd support
@<:@default=yes@:>@]),[],[with_libvirtd=yes])
+AC_ARG_WITH([console-lock-files],
+ AC_HELP_STRING([--with-console-lock-files],
+ [location for UUCP style lock files for console PTYs
+ (use auto for default paths on some platforms)
+ @<:@default=auto@:>@]),
+ [],[with_console_lock_files=auto])
dnl
dnl in case someone want to build static binaries
@@ -1206,6 +1212,24 @@ AM_CONDITIONAL([HAVE_AUDIT], [test "$with_audit" =
"yes"])
AC_SUBST([AUDIT_CFLAGS])
AC_SUBST([AUDIT_LIBS])
+dnl UUCP style file locks for PTY consoles
+if test "$with_console_lock_files" != "no"; then
+ if test "$with_console_lock_files" = "yes"; then
+AC_MSG_ERROR([console lock files requested, but no path given])
+ elif test "$with_console_lock_files" = "auto"; then
+dnl Default locations for platforms
+if test "$with_linux" = "yes"; then
+ with_console_lock_files=/var/lock
+fi
+ fi
+ if test "$with_console_lock_files" = "auto"; then
+AC_MSG_ERROR([You must specify path for the lock files on this platform])
+ fi
+ AC_DEFINE_UNQUOTED([VIR_PTY_LOCK_FILE_PATH], "$with_console_lock_files",
+ [path to directory containing UUCP pty lock files])
+fi
+AM_CONDITIONAL([VIR_PTY_LOCK_FILE_PATH], [test "$with_console_lock_files" !=
"no"])
+
dnl SELinux
AC_ARG_WITH([selinux],
@@ -2742,6 +2766,7 @@ AC_MSG_NOTICE([ Python: $with_python])
AC_MSG_NOTICE([ DTrace: $with_dtrace])
AC_MSG_NOTICE([ XML Catalog: $XML_CATALOG_FILE])
AC_MSG_NOTICE([ Init script: $with_init_script])
+AC_MSG_NOTICE([Console locks: $with_console_lock_files])
AC_MSG_NOTICE([])
AC_MSG_NOTICE([Privileges])
AC_MSG_NOTICE([])
diff --git a/po/POTFILES.in b/po/POTFILES.in
index 0eff13b..16a3f9e 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -17,6 +17,7 @@ src/conf/nwfilter_params.c
src/conf/secret_conf.c
src/conf/storage_conf.c
src/conf/storage_encryption_conf.c
+src/conf/virconsole.c
src/cpu/cpu.c