On 09/22/2017 04:55 PM, Jim Fehlig wrote:
On 09/22/2017 03:25 PM, Jamie Strandboge wrote:
On Fri, 2017-09-22 at 15:04 -0600, Jim Fehlig wrote:
Using kernel 4.13, apparmor 2.11, and the current libvirt.git profiles,
simply
starting libvirtd results in the following denial
type=AVC
Kernel 4.13 introduced finer-grained ptrace checks
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?h=v4.13.2=290f458a4f16f9cf6cb6562b249e69fe1c3c3a07
With kernel 4.13 and apparmor 2.11, simply starting libvirtd
results in the following apparmor denial
type=AVC
On 09/22/2017 03:25 PM, Jamie Strandboge wrote:
On Fri, 2017-09-22 at 15:04 -0600, Jim Fehlig wrote:
Using kernel 4.13, apparmor 2.11, and the current libvirt.git profiles,
simply
starting libvirtd results in the following denial
type=AVC msg=audit(1506112085.645:954): apparmor="DENIED"
On 09/22/2017 03:15 PM, Jim Fehlig wrote:
Kernel 4.13 introduced finer-grained ptrace checks
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?h=v4.13.2=290f458a4f16f9cf6cb6562b249e69fe1c3c3a07
With kernel 4.13 and apparmor 2.11, simply starting libvirtd
results
On Fri, 2017-09-22 at 15:04 -0600, Jim Fehlig wrote:
>
> Using kernel 4.13, apparmor 2.11, and the current libvirt.git profiles,
> simply
> starting libvirtd results in the following denial
>
> type=AVC msg=audit(1506112085.645:954): apparmor="DENIED" operation="ptrace"
>
Kernel 4.13 introduced finer-grained ptrace checks
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?h=v4.13.2=290f458a4f16f9cf6cb6562b249e69fe1c3c3a07
With kernel 4.13 and apparmor 2.11, simply starting libvirtd
results in the following apparmor denial
type=AVC
On 09/22/2017 06:52 AM, Guido Günther wrote:
Hi Jim,
On Wed, Sep 20, 2017 at 11:17:06AM -0600, Jim Fehlig wrote:
On 09/20/2017 08:57 AM, Jim Fehlig wrote:
On 09/20/2017 12:51 AM, Guido Günther wrote:
Hi Jim,
On Mon, Sep 18, 2017 at 02:06:13PM -0600, Jim Fehlig wrote:
Kernel 4.13 introduced
On Fri, 2017-09-22 at 12:58 -0400, John Ferlan wrote:
> By killing it - I was thinking more along the lines of removing it from
> our CI infrastructure and just letting the repo sit silently without
> updates, but that ship sailed today. We could still remove it from the
> CI mix as if something
On 09/22/2017 12:47 PM, Andrea Bolognani wrote:
> On Fri, 2017-09-22 at 17:17 +0100, Daniel P. Berrange wrote:
>>> libvirt-cim has it's own mailing list (libvirt-...@redhat.com) and
>>> achives: https://www.redhat.com/archives/libvirt-cim/index.html.
>>>
>>> The last email there (april 2015) and
On Fri, 2017-09-22 at 17:17 +0100, Daniel P. Berrange wrote:
> > libvirt-cim has it's own mailing list (libvirt-...@redhat.com) and
> > achives: https://www.redhat.com/archives/libvirt-cim/index.html.
> >
> > The last email there (april 2015) and last patch (aug 2014) - I venture
> > to say
Since 7534c19 it is not possible to register event implementation twice.
Instead, allow for retrieving the current one, should it be needed
afterwards.
Signed-off-by: Wojtek Porczyk
---
libvirtaio.py | 16 ++--
1 file changed, 14 insertions(+), 2
On Fri, Sep 22, 2017 at 10:08:44AM -0400, John Ferlan wrote:
>
>
> On 09/22/2017 09:28 AM, Andrea Bolognani wrote:
> > While the "autoconfiscate" name is very clever and cute, the
> > de-facto standard name for this kind of script is "autogen", and
> > deviating from it means having to
This was a harmless bug, without any impact, but it is wrong to manage
the collection of callbacks from it's members.
Signed-off-by: Wojtek Porczyk
---
libvirtaio.py | 9 -
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/libvirtaio.py
On Fri, 2017-09-22 at 17:46 +0200, Guido Günther wrote:
...
> What I don't understand yet is why we have in libvirt-lxc:
>
> > diff --git a/examples/apparmor/libvirt-lxc b/examples/apparmor/libvirt-lxc
> > index 4bfb503aa..0db137de0 100644
> > --- a/examples/apparmor/libvirt-lxc
> > +++
The intended use is to ensure that the implementation is empty, which is
one way to ensure that all connections were properly closed and file
descriptors reclaimed.
Signed-off-by: Wojtek Porczyk
---
libvirtaio.py | 36 ++--
1 file
- Descriptor.close() was a dead code, never used.
- TimeoutCallback.close(), as a cleanup function, should have called
super() as last statement, not first
Signed-off-by: Wojtek Porczyk
---
libvirtaio.py | 7 +--
1 file changed, 1 insertion(+), 6
This logging is helpful for tracing problems with unclosed connections
and leaking file descriptors.
Signed-off-by: Wojtek Porczyk
---
libvirtaio.py | 33 +
1 file changed, 25 insertions(+), 8 deletions(-)
diff --git a/libvirtaio.py
Hi libvirt-list,
I'd like to submit a second iteration of libvirtaio series for 3.8.0.
There are some improvements to have better control over closing
connections, which are important in test suites which repeatedly open
and close connections. Also there are some minor bugfixes and better
When the callback causes something that results in changes wrt
registered handles, python aborts iteration.
Relevant error message:
Exception in callback None()
handle:
Traceback (most recent call last):
File "/usr/lib64/python3.5/asyncio/events.py", line 126, in _run
On Fri, Sep 22, 2017 at 05:27:33PM +0200, Andrea Bolognani wrote:
> The new name is the more standard autogen.sh. Still not
> enough to switch to autotools-*-job, but it's something.
>
> Signed-off-by: Andrea Bolognani
> ---
> The relevant patch[1] has been ACKed[2] but not
Hi,
On Fri, Sep 22, 2017 at 10:29:22AM -0500, Jamie Strandboge wrote:
> On Fri, 2017-09-22 at 14:52 +0200, Guido Günther wrote:
> > > + ptrace,
> >
> > ^^^
> >
> > This single line is enough to make things work for me on 4.13. AFAIK
> > dbus mediation is not upstream yet and I think unix
On 22.09.2017 14:52, Guido Günther wrote:
> Hi Jim,
> On Wed, Sep 20, 2017 at 11:17:06AM -0600, Jim Fehlig wrote:
>> On 09/20/2017 08:57 AM, Jim Fehlig wrote:
>>> On 09/20/2017 12:51 AM, Guido Günther wrote:
Hi Jim,
On Mon, Sep 18, 2017 at 02:06:13PM -0600, Jim Fehlig wrote:
> Kernel
On Fri, 2017-09-22 at 14:52 +0200, Guido Günther wrote:
> > + ptrace,
>
> ^^^
>
> This single line is enough to make things work for me on 4.13. AFAIK
> dbus mediation is not upstream yet and I think unix socket and signal
> support is neither. Should we drop these for now (the syntax and
>
The new name is the more standard autogen.sh. Still not
enough to switch to autotools-*-job, but it's something.
Signed-off-by: Andrea Bolognani
---
The relevant patch[1] has been ACKed[2] but not pushed yet,
because I figured it's better to have the CI setup updated
first.
On 09/22/2017 05:44 AM, Peter Krempa wrote:
> On Fri, Sep 15, 2017 at 20:30:14 -0400, John Ferlan wrote:
>> Currently when an AES secret object is added to the domain for
>> either a network disk, a LUKS encryption secret, or for a SCSI
>> hostdev there is no way for domain restart to be able to
On 09/21/2017 10:31 AM, Peter Krempa wrote:
> On Fri, Sep 15, 2017 at 20:30:09 -0400, John Ferlan wrote:
>> Since the secret information is really _virStorageSource specific
>> piece of data, let's create a privateData object for _virStorageSource
>> and move the @secinfo from
On Fri, 2017-09-22 at 10:08 -0400, John Ferlan wrote:
> libvirt-cim has it's own mailing list (libvirt-...@redhat.com) and
> achives: https://www.redhat.com/archives/libvirt-cim/index.html.
Fair enough, my bad for not noticing.
> The last email there (april 2015) and last patch (aug 2014) - I
On 09/12/2017 04:23 PM, John Ferlan wrote:
>
>
> On 09/05/2017 07:45 AM, Michal Privoznik wrote:
>> https://bugzilla.redhat.com/show_bug.cgi?id=1447169
>>
>> Once again, since domain can have at most one watchdog it
>> simplifies things a bit. However, since we must be able to set
>> the
On 09/22/2017 09:28 AM, Andrea Bolognani wrote:
> While the "autoconfiscate" name is very clever and cute, the
> de-facto standard name for this kind of script is "autogen", and
> deviating from it means having to special-case the libvirt-cim
> project when, for example, setting up a CI
On 09/22/2017 03:28 PM, Andrea Bolognani wrote:
> The first patch will make it possible to have a nicer CI setup.
>
> The second one is just something that I couldn't help fixing
> while preparing the first one :)
>
> Andrea Bolognani (2):
> maint: Rename autoconfiscate.sh to autogen.sh
>
libvirt reports a fake NUMA topology in virConnectGetCapabilities
even if built without numactl support. The fake NUMA topology consists
of a single cell representing the host's cpu and memory resources.
Currently this is the case for ARM and s390[x] RPM builds.
A client iterating over NUMA cells
The first patch will make it possible to have a nicer CI setup.
The second one is just something that I couldn't help fixing
while preparing the first one :)
Andrea Bolognani (2):
maint: Rename autoconfiscate.sh to autogen.sh
README: Point to git repository
README
Hi Jim,
On Wed, Sep 20, 2017 at 11:17:06AM -0600, Jim Fehlig wrote:
> On 09/20/2017 08:57 AM, Jim Fehlig wrote:
> > On 09/20/2017 12:51 AM, Guido Günther wrote:
> > > Hi Jim,
> > > On Mon, Sep 18, 2017 at 02:06:13PM -0600, Jim Fehlig wrote:
> > > > Kernel 4.13 introduced finer-grained ptrace
The Mercurial repositories are no more, so update the pointer.
Signed-off-by: Andrea Bolognani
---
README | 9 ++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/README b/README
index d3e9172..09e0059 100644
--- a/README
+++ b/README
@@ -9,7 +9,7 @@
While the "autoconfiscate" name is very clever and cute, the
de-facto standard name for this kind of script is "autogen", and
deviating from it means having to special-case the libvirt-cim
project when, for example, setting up a CI environment.
Signed-off-by: Andrea Bolognani
In my previous commit of b1d87f9ad96f I've made a typo breaking
the FreeBSD build. s/ipAaddr/ipAddr/
Signed-off-by: Michal Privoznik
---
Pushed under trivial & build breaker rules.
This time I've even tested it on my FreeBSD machine.
tools/nss/libvirt_nss.c | 4 ++--
1
Hi,
On Tue, Sep 19, 2017 at 10:36:03PM -0600, Jim Fehlig wrote:
> On 09/18/2017 01:24 PM, Guido Günther wrote:
> > instead of only unloading it. This makes sure old profiles don't pile up
> > in /etc/apparmor.d/libvirt and we get updates to modified templates on
> > VM restart.
>
> Makes sense.
On Fri, Sep 15, 2017 at 20:30:17 -0400, John Ferlan wrote:
> https://bugzilla.redhat.com/show_bug.cgi?id=1425757
>
> The blockdev-add code provides a mechanism to sanely provide user
> and password-secret arguments for iscsi without placing them on the
> command line to be viewable by a 'ps -ef'
On Fri, Sep 15, 2017 at 20:30:15 -0400, John Ferlan wrote:
> Add the capability to use the blockdev-add query-qmp-schema option
> to find the 'password-secret' parameter that will allow the iSCSI
> code to use the master secret object (a/k/a AES) to encrypt the
AES is a name of the cipher, not an
On Fri, Sep 15, 2017 at 20:30:16 -0400, John Ferlan wrote:
> Generate the example for the iSCSI auth/password-secret similar to
> what's done for RBD.
>
> Signed-off-by: John Ferlan
> ---
> src/util/virstoragefile.c | 30 ++
>
On Fri, Sep 15, 2017 at 20:30:14 -0400, John Ferlan wrote:
> Currently when an AES secret object is added to the domain for
> either a network disk, a LUKS encryption secret, or for a SCSI
> hostdev there is no way for domain restart to be able to connect
> or determine which secret by secrettype
On 09/21/2017 07:18 PM, Daniel P. Berrange wrote:
> On Thu, Sep 21, 2017 at 06:05:19PM +0200, Peter Krempa wrote:
>> On Thu, Sep 21, 2017 at 16:47:08 +0200, Michal Privoznik wrote:
>>> In the near future the qemuAssignDeviceAliases() function is
>>> going to be called multiple times: once at the
On Fri, Sep 22, 2017 at 10:25:46AM +0200, Peter Krempa wrote:
> On Fri, Sep 22, 2017 at 10:18:02 +0200, Michal Privoznik wrote:
> > On 09/21/2017 07:18 PM, Daniel P. Berrange wrote:
> > > On Thu, Sep 21, 2017 at 06:05:19PM +0200, Peter Krempa wrote:
> > >> On Thu, Sep 21, 2017 at 16:47:08 +0200,
On 22.09.2017 09:46, Jiri Denemark wrote:
> On Thu, Sep 21, 2017 at 16:39:37 +0300, Nikolay Shirokovskiy wrote:
>> First patch is just a refactoring.
>>
>> Nikolay Shirokovskiy (2):
>> qemu: make explicit that formatting migratable imposes secure
>> qemu: don't update cpu unconditionally for
On Fri, Sep 22, 2017 at 10:18:02 +0200, Michal Privoznik wrote:
> On 09/21/2017 07:18 PM, Daniel P. Berrange wrote:
> > On Thu, Sep 21, 2017 at 06:05:19PM +0200, Peter Krempa wrote:
> >> On Thu, Sep 21, 2017 at 16:47:08 +0200, Michal Privoznik wrote:
> >>> In the near future the
On Thu, Sep 21, 2017 at 15:25:37 -0400, John Ferlan wrote:
>
>
> On 09/21/2017 01:57 PM, Laine Stump wrote:
> > After commit 8708ca01c0d libvirtd consistently aborts with "stack
> > smashing detected" when nodedev driver is initialized.
> >
> > This is caused by nlmsg_parse() being told that
On 21.09.2017 17:34, Jiri Denemark wrote:
> On Thu, Sep 21, 2017 at 15:23:06 +0200, Jiri Denemark wrote:
>> Jiri Denemark (2):
>> qemu: Fix error checking in qemuDomainDefFormatXMLInternal
>> qemu: Use qemuDomainDefFormatXML in qemuDomainDefCopy
>>
>> src/qemu/qemu_domain.c | 16
On 21.09.2017 18:50, Peter Krempa wrote:
> On Thu, Sep 21, 2017 at 17:32:33 +0300, Nikolay Shirokovskiy wrote:
>>
>>
>> On 21.09.2017 17:24, Jiri Denemark wrote:
>>> On Thu, Sep 21, 2017 at 16:39:39 +0300, Nikolay Shirokovskiy wrote:
Imagine if we use 'virsh dumpxml --migratable' for
On 09/21/2017 09:35 PM, John Ferlan wrote:
On 09/19/2017 10:06 AM, Boris Fiuczynski wrote:
Adding s390x qemu caps test for qemu version 2.10.0.
Signed-off-by: Boris Fiuczynski
---
.../qemucapabilitiesdata/caps_2.10.0.s390x.replies | 16441 +++
On Thu, Sep 21, 2017 at 16:39:37 +0300, Nikolay Shirokovskiy wrote:
> First patch is just a refactoring.
>
> Nikolay Shirokovskiy (2):
> qemu: make explicit that formatting migratable imposes secure
> qemu: don't update cpu unconditionally for migratable flag
>
> src/qemu/qemu_domain.c
On Thu, Sep 21, 2017 at 16:34:24 +0200, Jiri Denemark wrote:
> On Thu, Sep 21, 2017 at 15:23:06 +0200, Jiri Denemark wrote:
> > Jiri Denemark (2):
> > qemu: Fix error checking in qemuDomainDefFormatXMLInternal
> > qemu: Use qemuDomainDefFormatXML in qemuDomainDefCopy
> >
> >
On 21.09.2017 17:32, Jiri Denemark wrote:
> On Thu, Sep 21, 2017 at 16:39:38 +0300, Nikolay Shirokovskiy wrote:
>> qemu code always set VIR_DOMAIN_XML_SECURE flags when
>> VIR_DOMAIN_XML_MIGRATABLE
>> is set. At the same time qemu code itself does not analyse
>> VIR_DOMAIN_XML_SECURE
>>
52 matches
Mail list logo