On Thu, Oct 16, 2008 at 12:34:05PM -0700, Ian Main wrote:
> On Mon, 13 Oct 2008 15:56:21 +0200
> Daniel Veillard <[EMAIL PROTECTED]> wrote:
>
> > On Wed, Sep 24, 2008 at 10:55:36AM -0700, Ian Main wrote:
> > I'm a little bit worried by the following:
> >
> > PID USER PR NI VIRT RES S
Hello,
I have a simple question raised yesterday.
CIM(Common Information Model) is a kind of good I/F
(to support VMware, Hyper-V and other platform).
As a CIM Provider, libvirt-cim is going on.
But for CIM Client, Is not going on.
Is there any reason for not supporting CIM on libvirt driver la
DB> So if that source code comment is correct, all we need todo is set
DB> a deny-all rule in that intermediate 'lxc' cgroup, and then
DB> containers will not be able to get access back, even if they have
DB> CAP_SYS_ADMIN
Even if I make the per-driver group have a deny-all policy, I can
still add
Without this, our container child doesn't actually end up in the cgroup,
and thus runs unrestricted. Note that this does not address the container's
ability to mount cgroup and move itself into the parent namespace.
While making this change, it became clear that we need to allow access to
the ent
This interface provides a way to allow an entire major device type
diff -r 388beff59a32 -r 48a9209668ab src/cgroup.c
--- a/src/cgroup.c Wed Oct 15 10:33:01 2008 +
+++ b/src/cgroup.c Thu Oct 16 14:01:13 2008 -0700
@@ -761,6 +761,36 @@
return rc;
}
+/**
+ * virCgroupAllowDevice
This set moves the cgroup creation before that of the container process,
thus ensuring that it is put in the cgroup as well. As a result, I noticed
that we need to allow device access to /dev/pts/*, and thus added a cgroup
mechanism to allow a whole major device type. The LXC driver is made to
al
On Mon, 13 Oct 2008 15:56:21 +0200
Daniel Veillard <[EMAIL PROTECTED]> wrote:
> On Wed, Sep 24, 2008 at 10:55:36AM -0700, Ian Main wrote:
> > Once you have that set up, 'yum install libvirt-qpid python-qpid', and then
> > run (each in their own terminals):
> >
> > qpidd --auth no
> > libvirt-qpid
On Thu, Oct 16, 2008 at 10:41:02PM +0900, Atsushi SAKAI wrote:
> Hi, Daniel
>
> This proposal seems approved.
> Does this proposal message goes to somewhere in libvirt document?
Jim pointed out I completely misunderstood your comment :-)
Yes you're right, it should be generally documented. I s
This implements support for bridge configs in openvz following the rules
set out in
http://wiki.openvz.org/Virtual_Ethernet_device#Making_a_bridged_veth-device_persistent
This simply requires that the admin has created /etc/vz/vznetctl.conf
containing
#!/bin/bash
EXTERNAL_SCRIPT="/usr/sbin/
On Thu, Oct 16, 2008 at 02:07:20PM +0100, Daniel P. Berrange wrote:
> On Fri, Oct 03, 2008 at 08:40:24AM -0700, Dan Smith wrote:
> > This patch adds code to the controller to set up a cgroup named after the
> > domain name, set the memory limit, and restrict devices. It also
> > adds bits to lxc_d
DB> The device whitelisting is all very nice, but we completely forgot
DB> / ignored the fact that there's nothing stopping a container
DB> mounting the cgroups device controller and giving itself the
DB> device access we just took away :-)
Ah, interesting.
DB> So, looks like we need to explicitl
On Tue, Oct 14, 2008 at 09:29:38AM -0400, Cole Robinson wrote:
> Guido Günther wrote:
> > On Fri, Oct 10, 2008 at 06:05:37PM +0100, Daniel P. Berrange wrote:
> >> Sorry to mess up your patch, but I just committed the code to turn
> >> all linked lists into arrays. So you'll need to tweak this to do
On Thu, Oct 16, 2008 at 04:59:24PM +0200, Daniel Veillard wrote:
> On Thu, Oct 16, 2008 at 12:42:17PM +0100, Daniel P. Berrange wrote:
> [...]
> > Like QEMU, UML has an admin monitor console. It is a little different
> > though, using a UNIX domain socket, in datagram mode, sending command
> > stri
The output of a failed po-check rule (part of "make syntax-check)
was unnecessarily cryptic. Here's the fix that I've already applied
in upstream coreutils:
build: when po-check fails, say why and suggest a fix
* Makefile.maint (po-check): Before, when this check failed, it just
Daniel P. Berrange wrote:
>> enum {
>> -VIR_STORAGE_POOL_NETFS_AUTO = 0,
>> +VIR_STORAGE_POOL_NETFS_UNKNOWN = 0,
>> +VIR_STORAGE_POOL_NETFS_AUTO = 1,
>> VIR_STORAGE_POOL_NETFS_NFS,
>> +VIR_STORAGE_POOL_NETFS_LAST,
>> };
>
> I missed that one last time around - no need for "u
On Thu, Oct 16, 2008 at 12:42:17PM +0100, Daniel P. Berrange wrote:
[...]
> Like QEMU, UML has an admin monitor console. It is a little different
> though, using a UNIX domain socket, in datagram mode, sending command
> strings back & forth. This actaully makes it a little easier to deal
> with in
Chris Lalancette <[EMAIL PROTECTED]> wrote:
> Daniel P. Berrange wrote:
>>> diff -u -r1.15 storage_backend_fs.c
>>> --- a/src/storage_backend_fs.c 13 Oct 2008 16:46:29 - 1.15
>>> +++ b/src/storage_backend_fs.c 16 Oct 2008 12:31:23 -
>>> @@ -48,7 +48,8 @@
>>> #include "xml.h"
On Thu, Oct 16, 2008 at 03:47:26PM +0200, Chris Lalancette wrote:
> Daniel P. Berrange wrote:
> >> diff -u -r1.15 storage_backend_fs.c
> >> --- a/src/storage_backend_fs.c 13 Oct 2008 16:46:29 - 1.15
> >> +++ b/src/storage_backend_fs.c 16 Oct 2008 12:31:23 -
> >> @@ -48,7 +48,8
On Thu, Oct 16, 2008 at 10:41:02PM +0900, Atsushi SAKAI wrote:
> Hi, Daniel
>
> This proposal seems approved.
> Does this proposal message goes to somewhere in libvirt document?
Well typos fixes for documentation and code comments could be managed
in the same way. It doesn't break builds, and
Daniel P. Berrange wrote:
>> diff -u -r1.15 storage_backend_fs.c
>> --- a/src/storage_backend_fs.c 13 Oct 2008 16:46:29 - 1.15
>> +++ b/src/storage_backend_fs.c 16 Oct 2008 12:31:23 -
>> @@ -48,7 +48,8 @@
>> #include "xml.h"
>>
>> enum {
>> -VIR_STORAGE_POOL_FS_AUTO
I just committed this:
+Thu Oct 16 15:41:00 CEST 2008 Chris Lalancette <[EMAIL PROTECTED]>
+ * Compiling with -Werror showed a possible use before initialization
+ in src/qemu_driver.c. Make sure to initialize the olddisk ptr to
+ NULL.
+
Index: src/qemu_driver.c
==
Hi, Daniel
This proposal seems approved.
Does this proposal message goes to somewhere in libvirt document?
Thanks
Atsushi SAKAI
Daniel Veillard <[EMAIL PROTECTED]> wrote:
> As the number of compilation options and platform grows, it gets
> more difficult for a commiter to always ensure one
Daniel Berrange <[EMAIL PROTECTED]> wrote:
> On Thu, Oct 16, 2008 at 03:15:08PM +0200, Daniel Veillard wrote:
...
>> I guess it makes sense to minimize disruption for those working on
>> head and lower the time needed to get those fix in for those who catch
>> and fix them ;-)
>> Opinions ?
>
>
On Thu, Oct 16, 2008 at 03:15:08PM +0200, Daniel Veillard wrote:
> As the number of compilation options and platform grows, it gets
> more difficult for a commiter to always ensure one chunk of code
> won't give a problem in a different situation. To try to lower the
> cost of maintaining the pro
On Thu, Oct 16, 2008 at 03:15:08PM +0200, Daniel Veillard wrote:
> As the number of compilation options and platform grows, it gets
> more difficult for a commiter to always ensure one chunk of code
> won't give a problem in a different situation. To try to lower the
> cost of maintaining the pro
On Thu, Oct 16, 2008 at 03:08:47PM +0200, Jim Meyering wrote:
> One of the new (binary) .ico files has a TAB just before a newline,
> and that triggers a "make syntax-check" failure.
> This gives all *.ico files a free pass.
I would not venture trying to guess if TAB could/should be converted
in
As the number of compilation options and platform grows, it gets
more difficult for a commiter to always ensure one chunk of code
won't give a problem in a different situation. To try to lower the
cost of maintaining the protability I would suggest the following
rule for commit:
- if a recently
Chris Lalancette <[EMAIL PROTECTED]> wrote:
> Daniel P. Berrange wrote:
>> I know you're just replicating the existing code, but both these functions
>> can
>> be killed off and replaced with auto-generated code from our enum support
>> macros
>>
>> VIR_ENUM_IMPL(virStorageBackendDiskLabel,
>>
One of the new (binary) .ico files has a TAB just before a newline,
and that triggers a "make syntax-check" failure.
This gives all *.ico files a free pass.
(also sorted the file)
>From 11096480dfb54fc179b3854d3f81739f2d2ef273 Mon Sep 17 00:00:00 2001
From: Jim Meyering <[EMAIL PROTECTED]>
Date: T
On Fri, Oct 03, 2008 at 08:40:24AM -0700, Dan Smith wrote:
> This patch adds code to the controller to set up a cgroup named after the
> domain name, set the memory limit, and restrict devices. It also
> adds bits to lxc_driver to properly clean up the cgroup on domain death.
The device whitelist
On Thu, Oct 16, 2008 at 02:35:21PM +0200, Chris Lalancette wrote:
> Daniel P. Berrange wrote:
> > I know you're just replicating the existing code, but both these functions
> > can
> > be killed off and replaced with auto-generated code from our enum support
> > macros
> >
> > VIR_ENUM_IMPL(v
Daniel P. Berrange wrote:
> I know you're just replicating the existing code, but both these functions can
> be killed off and replaced with auto-generated code from our enum support
> macros
>
> VIR_ENUM_IMPL(virStorageBackendDiskLabel,
> VIR_STORAGE_POOL_DISK_LAST,
>
Hi,
Please read following message.
https://www.redhat.com/archives/libvir-list/2008-September/msg00011.html
Thanks
Atsushi SAKAI
"Shanmuga Rajan" <[EMAIL PROTECTED]> wrote:
> Hi
>
> I have tested migration function VirDomain object by migrating with in
> localhost(for testing purpose).
I just committed this change:
Wed Oct 16 14:03:00 CEST 2008 Chris Lalancette <[EMAIL PROTECTED]>
* "make syntax-check" was complaining that network_driver.c was
missing from POTFILES.in. Add it, and then fix up one warning about
included c-ctypes.h that wasn't being used.
Hi
I have tested migration function VirDomain object by migrating with in
localhost(for testing purpose).
System details are
KVM hypervisor.
Intel VT 64 bit centos.
libvirt 0.4.6. (compiled from source)
vs i am running is Win 2003 64 bit...
Host is also 64 bit
but when i tried to use the mi
"Daniel P. Berrange" <[EMAIL PROTECTED]> wrote:
>> +struct diskType disk_types[] = {
>
> This can be const const - surprised Jim didn't catch this :-)
> +struct diskType disk_types[] = {
Had to leave some for you. :-P
Now that you mention it, though, that should be "static", too.
>> +enum partT
On Thu, Oct 16, 2008 at 10:02:10AM +0200, Guido G?nther wrote:
> On Wed, Oct 15, 2008 at 09:59:12PM +0100, Daniel P. Berrange wrote:
> > When you get to that level of cleverness, it seems to me that it is verging
> > on a complete re-implementation of DLM (distributed lock manager), which
> > rea
Daniel P. Berrange wrote:
>
> I don't understand why it has to be 1-billion ? For the enum support to
> work correctly, we need this to be contiguous, starting from zero, and
> and as the last element have
>
> VIR_STORAGE_POOL_DISK_LAST
>
> This perhaps suggests that DISK_UNKNOWN should
"Daniel P. Berrange" <[EMAIL PROTECTED]> wrote:
> This patch improves the MAC address handling.
>
> Currently our XML parser auto-generates a MAC addres using the KVM vendor
> prefix. This isn't much use for other drivers. This patch addresses this:
>
> - Stores each driver's vendor prefix in the
On Thu, Oct 16, 2008 at 11:52:48AM +0200, Chris Lalancette wrote:
> Chris Lalancette wrote:
> > To support LVM partitioning in oVirt, one of the things we need is the
> > ability
> > to tell what kind of label is currently on a block device. Here, a 'label'
> > is
> > used in the same sense that
On Thu, Oct 16, 2008 at 09:43:58AM +0200, Chris Lalancette wrote:
> To keep code duplication down, I moved some of the enum's from
> storage_backend_disk.c into a common place. Note, however, that there is a
> slight semantic change because of this. Previously, if no label was found on
> a
> dis
Chris Lalancette wrote:
> To support LVM partitioning in oVirt, one of the things we need is the ability
> to tell what kind of label is currently on a block device. Here, a 'label' is
> used in the same sense that it is used in parted; namely, it defines which
> kind
> of partition table is on t
Daniel Veillard wrote:
>
> Patch looks fine to me +1
> I wonder what happens when you hit a block device which had no label
> or partition table, and has a raw file system on it directly. I
> sometimes do that by mistake on USB devices but the kernel still manage
> to handle them ... sometime
"Daniel P. Berrange" <[EMAIL PROTECTED]> wrote:
> The root filesystem for an openvz guest is defined from a template name.
> We support this when creating a new guest, but never include this info
> when dumping the XML. Thsi patch addresses this problem by reading the
> OSTEMPLATE config parameter
Jim Meyering wrote:
>> diff -u -r1.21 storage_backend.c
>> --- src/storage_backend.c5 Sep 2008 12:03:45 - 1.21
>> +++ src/storage_backend.c16 Oct 2008 07:29:46 -
>> @@ -192,6 +192,30 @@
>> return ret;
>> }
>>
>> +struct diskType disk_types[] = {
>> +{ "lvm2", VIR_STO
On Thu, Oct 16, 2008 at 09:43:58AM +0200, Chris Lalancette wrote:
> To support LVM partitioning in oVirt, one of the things we need is the ability
> to tell what kind of label is currently on a block device. Here, a 'label' is
> used in the same sense that it is used in parted; namely, it defines
Chris Lalancette <[EMAIL PROTECTED]> wrote:
> To support LVM partitioning in oVirt, one of the things we need is the ability
> to tell what kind of label is currently on a block device. Here, a 'label' is
> used in the same sense that it is used in parted; namely, it defines which
> kind
> of par
On Wed, Oct 15, 2008 at 09:59:12PM +0100, Daniel P. Berrange wrote:
> When you get to that level of cleverness, it seems to me that it is verging
> on a complete re-implementation of DLM (distributed lock manager), which
> really, AFAIK, needs a proper cluster setup so it can safely fence
> mis-
To support LVM partitioning in oVirt, one of the things we need is the ability
to tell what kind of label is currently on a block device. Here, a 'label' is
used in the same sense that it is used in parted; namely, it defines which kind
of partition table is on the disk, whether it be DOS, LVM2, S
49 matches
Mail list logo
