search for: current_proc_is_root

...* - * (1) Permissions of the socket. - * - * (2) Permissions of the parent directory(-ies). Remember this if - * $TMPDIR is located in your home directory. - * - * (3) SELinux/sVirt will prevent access. libvirt ought to label - * the socket. - * - * Note that the 'current_proc_is_root' flag here just means that we - * are root. It's also possible for non-root user to try to use the - * system libvirtd by specifying a qemu:///system URI (RHBZ#913774) - * but there's no sane way to test for that. - */ - if (params.current_proc_is_root) { - /* Current proce...

libvirt doesn't have a concept of "session qemu" for root: https://bugzilla.redhat.com/show_bug.cgi?id=890291 When a libguestfs-using process runs as root, and libvirt runs a qemu subprocess, the qemu subprocess is run as a non-root user (typically qemu.qemu). This causes various problems, for example if we try to open a file which is readable by root but unreadable by qemu.qemu

...@@ -216,6 +216,16 @@ launch_libvirt (guestfs_h *g, void *datav, const char *libvirt_uri) if (g->verbose) guestfs___print_timestamped_message (g, "connect to libvirt"); + /* Decode the URI string. */ + if (!libvirt_uri) { /* "libvirt" */ + if (!params.current_proc_is_root) + libvirt_uri = "qemu:///session"; + else + libvirt_uri = "qemu:///system"; + } else if (STREQ (libvirt_uri, "null")) { /* libvirt:null */ + libvirt_uri = NULL; + } /* else nothing */ + /* Connect to libvirt, get capabilities. */ conn = guestfs...

In case you configure libguestfs with a custom QEMU, e.g.: $ ./configure [...] QEMU=/path/to/qemu then the libvirt backend did not use to override it, launching the appliance with the default QEMU for libvirt. This does not change the manual emulator overriding using set-hv. Pino Toscano (2): launch: libvirt: get default QEMU from domcapabilities launch: libvirt: fix custom hypervisor

...list of secrets */ size_t nr_secrets; char *uefi_code; /* UEFI (firmware) code and variables. */ @@ -253,6 +253,7 @@ launch_libvirt (guestfs_h *g, void *datav, const char *libvirt_uri) int r; uint32_t size; CLEANUP_FREE void *buf = NULL; + unsigned long version_number; params.current_proc_is_root = geteuid () == 0; @@ -262,13 +263,16 @@ launch_libvirt (guestfs_h *g, void *datav, const char *libvirt_uri) return -1; } - virGetVersion (&data->libvirt_version, NULL, NULL); - debug (g, "libvirt version = %lu (%lu.%lu.%lu)", - data->libvirt_version, -...

By passing root=UUID=... to supermin, we make the appliance boot process less sensitive to the non-deterministic process of scanning SCSI disks (of which much more to come). This patch should be tested alongside the supermin patch posted here: https://www.redhat.com/archives/libguestfs/2017-April/msg00174.html which in turn requires this supermin patch series:

These patches contain the beginnings of discard (a.k.a. trim or unmap) support. This will allow us to change virt-sparsify to work on disk images in-place (instead of using slow & inefficient copying). The approach used is to add an optional 'discard' parameter to add-drive. It has 3 possible settings: - 'disable' : the default, no discard is done - 'besteffort' :

This is only lightly tested. In particularly I only tested that the non-secure-boot path still works. I didn't test it on RHEL 7.3 yet because I haven't got enough free disk space for these giant source *.ova files :-( Will try to give that a go later. Rich.

Error out early if the path to the socket will not fit into sockaddr_un::sun_path, as we will not be able to connect to it. --- src/launch-unix.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/launch-unix.c b/src/launch-unix.c index 740c554..973e14b 100644 --- a/src/launch-unix.c +++ b/src/launch-unix.c @@ -47,6 +47,12 @@ launch_unix (guestfs_h *g, void *datav, const char

First version was posted here: https://www.redhat.com/archives/libguestfs/2016-August/thread.html#00100 This is semantically the same as the first version. However I've split the patch up into two parts. In the first part, I factor out the UEFI paths so now they are created by the generator and written in the library and v2v/ directory directly, instead of the complex business of having a C

Hi, this adds an helper version struct, and uses it in the backends (for the libvirt and qemu versions) and inspection code. This also moves common code to that, so it is not repeated in many places. This should help with the small refactoring proposed with https://www.redhat.com/archives/libguestfs/2016-May/msg00070.html Thanks, Pino Toscano (2): src: start unifying version handling

Hi, this adds an helper version struct, and uses it in the backends (for the libvirt and qemu versions) and inspection code. This also moves common code to that, so it is not repeated in many places. This should help with the small refactoring proposed with https://www.redhat.com/archives/libguestfs/2016-May/msg00070.html Thanks, Pino Toscano (2): src: start unifying version handling

QEMU upstream has broken snapshot=on ... again. These two patches stop using it entirely. Instead we run 'qemu-img create' to create overlay disks as required. Note that the libvirt and UML backends were already doing this: The libvirt backend because <transient/> has never worked, and the UML backend was running uml_mkcow because the UML-equivalent syntax of snapshot=on was

I've been taking a long hard look at the protocol layer. It has evolved over a long time without any particular direction, and the result is, to say the least, not very organized. These patches take a first step at cleaning up the mess by abstracting out socket operations from the rest of the code. The purpose of this is to allow us to slot in a different connection layer under the

This still isn't working at the moment. See: http://marc.info/?t=139457409300003&r=1&w=2 This set of patches: - Adds new APIs to support discard in libguestfs. - Adds discard support to virt-format. - Adds discard support to virt-sysprep. - Implements virt-sparsify --in-place. Rich.