Eric Blake wrote on 09/24/2010 06:16:35 PM:
> On 09/24/2010 02:22 PM, Stefan Berger wrote:
> > I just tried the TCK test without and with double-escaping in libvirtd
> > and double-escaping does seem to be necessary otherwise `ls` and $(ls)
> > do get executed and their results end up in the com
On 09/24/2010 02:22 PM, Stefan Berger wrote:
I just tried the TCK test without and with double-escaping in libvirtd
and double-escaping does seem to be necessary otherwise `ls` and $(ls)
do get executed and their results end up in the comment. The spaces
are preserved, though, so I can revert the
On 09/23/2010 04:38 PM, Eric Blake wrote:
At the library API layer, I plan on adding:
virDomainSetMaxVcpus - alter the xml aspect of a domain for next
boot; only affects persistent state
As I start to code this, it seems a bit redundant. I can avoid
virDomainSetMaxVcpus by
virDomainSet
Eric Blake wrote on 09/24/2010 04:01:55 PM:
> libvir-list
>
> On 09/24/2010 01:38 PM, Stefan Berger wrote:
>
> > To prevent consecutive spaces in comments from becoming a single space
> > (by bash), the IFS variable is now set to an empty string. Also,
commands
> > are now executed using bash
This patch adds data for a test case for the comment attribute in the
nwfilter XML.
Signed-off-by: Stefan Berger
---
scripts/nwfilter/nwfilterxml2fwallout/comment-test.fwall | 71
+++
scripts/nwfilter/nwfilterxml2xmlin/comment-test.xml | 68
++
2 files cha
On 09/24/2010 01:38 PM, Stefan Berger wrote:
To prevent consecutive spaces in comments from becoming a single space
(by bash), the IFS variable is now set to an empty string. Also, commands
are now executed using bash's 'eval' command.
-#define CMD_EXEC "res=`${cmd}`" CMD_SEPARATOR
+#define
The following patch series adds support for a comment node to the XML
attributes of all protocols. If possible, as for example in case of iptables,
the comments are instantiated (iptables ... -m comment --comment ...).
The patches do the following:
- extend the parser and XML generator to parse an
The patch below extends the XML parser and generator so that every protocol
now can have a comment node. Comments are limited to 256 characters and are
tested to only contain printable characters or spaces.
Signed-off-by: Stefan Berger
---
src/conf/nwfilter_conf.c | 101 +++
This patch adds a test case for testing the XML parser's and instantiator's
support of the comment attribute.
Signed-off-by: Stefan Berger
---
tests/nwfilterxml2xmlin/comment-test.xml | 68 ++
tests/nwfilterxml2xmlout/comment-test.xml | 24 ++
tests/nwfi
I am adding a row with information about the newly supported comment
attribute to each of the tables describing supported attributes of protocols.
Signed-off-by: Stefan Berger
---
docs/formatnwfilter.html.in | 51 +++-
1 file changed, 50 insertions(+),
In this patch I am extending the rule instantiator to create the comment
node where supported, which is the case for iptables and ip6tables.
Since commands are written in the format
cmd="iptables ...-m comment --comment \"\" "
certain characters ("$`\) in the comment need to be escaped (twice) t
Extend the nwfilter.rng schema to accept comment attributes for all protocol
types.
Signed-off-by: Stefan Berger
---
docs/schemas/nwfilter.rng | 38 ++
1 file changed, 38 insertions(+)
Index: libvirt-acl/docs/schemas/nwfilter.rng
==
This patch introduces new attribute to filesystem element
to support customizable security_model for mount type.
Valid security_model are: passthrough, mapped and none.
Usage:
Note: This patch is based on Daniel's patch to support 9pfs.
It shall be applied afte
On 09/24/2010 12:01 PM, Eric Blake wrote:
On 09/23/2010 09:53 AM, Stefan Berger wrote:
The patch below reports a warning in the log if the generated
ip(6)tables rules would not be effective due to the proc filesystem
entries
/proc/sys/net/bridge/bridge-nf-call-iptables
/proc/sys/net/bridge/b
Well,
I have used git a little but never under windows :) I think I will be able
to use it.
Yes, I know I have to clean up the code, I'm on it, and I am also making a
file to see the gap of thing to do to fully bind libvirt v0.8.4.
I'm OK to use git on libvirt, but I must keep my SVN, becaus
On 09/23/2010 09:53 AM, Stefan Berger wrote:
The patch below reports a warning in the log if the generated
ip(6)tables rules would not be effective due to the proc filesystem entries
/proc/sys/net/bridge/bridge-nf-call-iptables
/proc/sys/net/bridge/bridge-nf-call-ip6tables
containing a '0'. The
Mistake, shall repost *only* my changes on top of Dan's changes soon.
Regards,
Harsh
On 09/24/2010 08:21 PM, Venkateswararao Jujjuri (JV) wrote:
On 9/24/2010 6:23 AM, Harsh Prateek Bora wrote:
This patch introduces a new attribute security_model to
tag, which can have any of the following thre
On Fri, Sep 24, 2010 at 03:51:17PM +0200, arnaud.champ...@devatom.fr wrote:
> Hi Jaromír,
>
> It's right I haven't used your classes which envelops libvirt function, I
> have written my own wrapper which I use in my tool DAVIM. Anyway, thanks for
> the updated bindings I will take a look becaus
On 9/24/2010 6:23 AM, Harsh Prateek Bora wrote:
This patch introduces a new attribute security_model to
tag, which can have any of the following three values: passthrough,
mapped or none. This patch is based on Daniel's patch to support 9pfs
qemu commandline options.
Harsh, looks like this patc
Hi Jaromír,
It's right I haven't used your classes which envelops libvirt function, I have
written my own wrapper which I use in my tool DAVIM. Anyway, thanks for the
updated bindings I will take a look because I have taken theses sources there's
four or five month, I'm working on DAVIM (my li
On Thu, 2010-09-23 at 15:02 -0500, Jamie Strandboge wrote:
> > Hmm, that's a libvirt error rather than a QEMU error. Is the restricted
> > AppArmour policy taking effect *before* the actual QEMU binary is exec()d ?
>
> This is related to the stacked security driver implementation.
> Specifically,
This patch introduces a new attribute security_model to
tag, which can have any of the following three values: passthrough,
mapped or none. This patch is based on Daniel's patch to support 9pfs
qemu commandline options.
Usage:
---
docs/schemas/domain.rng |
22 matches
Mail list logo