search for: nbds

Displaying 17 results from an estimated 17 matches for "nbds".

Did you mean: nbd
2015 Nov 07
2
mkfs.ext2 succeeds despite nbd write errors?
...50 shot of fallocate() working correctly. I'm checking the return code of fallocate(), and my chunks_pwrite() returns -1 if it fails. No problems there. When I run mkfs.ext2 /dev/nbd0 on the client, I see this on the nbd-server: nbdkit: chunks[1]: error: Unable to fallocate '/home/cell/nbds/default/chunks/00000000000000030723' nbdkit: chunks[1]: error: Unable to fallocate '/home/cell/nbds/default/chunks/00000000000000030724' nbdkit: chunks[1]: error: Unable to fallocate '/home/cell/nbds/default/chunks/00000000000000030725' nbdkit: chunks[1]: error: Unable to falloc...
2015 Nov 07
0
Re: mkfs.ext2 succeeds despite nbd write errors?
...; > I'm checking the return code of fallocate(), and my chunks_pwrite() > returns -1 if it fails. No problems there. > > When I run mkfs.ext2 /dev/nbd0 on the client, I see this on the nbd-server: > > > nbdkit: chunks[1]: error: Unable to fallocate > '/home/cell/nbds/default/chunks/00000000000000030723' > nbdkit: chunks[1]: error: Unable to fallocate > '/home/cell/nbds/default/chunks/00000000000000030724' > nbdkit: chunks[1]: error: Unable to fallocate > '/home/cell/nbds/default/chunks/00000000000000030725' > nbdkit: chunks[1]...
2019 Nov 04
1
Re: [PATCH libnbd] api: Allow NBD URIs to be restricted.
...; +Set which TLS settings are allowed to appear in NBD URIs. The > +default is to allow either non-TLS or TLS URIs. > + > +The C<tls> parameter can be: > + > +=over 4 > + > +=item C<LIBNBD_TLS_DISABLE> > + > +TLS URIs are not permitted, ie. a URI such as C<nbds://...> > +will be rejected. > + > +=item C<LIBNBD_TLS_ALLOW> > + > +This is the default. TLS may be used or not, depending on > +whether the URI uses C<nbds> or C<nbd>. > + > +=item C<LIBNBD_TLS_REQUIRE> > + > +TLS URIs are required. All UR...
2019 Oct 20
2
[PATCH libnbd] api: Allow NBD URIs to be restricted.
Previous discussion: https://www.redhat.com/archives/libguestfs/2019-August/msg00102.html Last night I experimentally added support for URIs that contain the query parameter tls-psk-file, as part of rewriting the tests to cover more of the URI code. So you can now have a URI like: nbds://alice@localhost/?tls-psk-file=keys.psk However there's an obvious security problem here because now any libnbd program which takes URIs from less trusted sources will open a local file under the user's control. So it's time to restrict what can appear in URIs. I've added three...
2020 Nov 05
1
[PATCH libnbd] copy: Allowing copying from NBD server to NBD server.
This patch is a straightforward refactoring of libnbd?s nbdcopy program, and not very interesting. However I have plans for nbdcopy (see full todo below). I would like to use this utility for virt-v2v as a replacement for ?qemu-img convert?. qemu-img has caused us a series of problems: - change in zeroing behaviour caused a big performance regression - qemu-img reads extents up-front which
2019 Aug 10
2
Re: [PATCH libnbd 9/9] FOR DISCUSSION ONLY: api: Add ‘allow’ parameter to nbd_connect_uri to control permitted URIs.
...gt; + set_error (EPERM, "TLS encrypted URIs are not allowed"); > + goto cleanup; > + } > + if (!tls && (allow & LIBNBD_CONNECT_URI_REQUIRE_TLS)) { > + set_error (EPERM, "URI must specify an encrypted connection " > + "(use nbds: or nbds+unix:)"); > + goto cleanup; > + } > + Are there any other flags we might want to support, such as permitting or forbidding an authority section that specifies a username? > /* Insist on the scheme://[authority][/absname][?queries] form. */ > if (strncmp (raw...
2022 Nov 04
3
[libnbd PATCH v2 0/3] Improve nbdsh -u handling
...nce then, I've incorporated changes based on Rich's feedback: swap order of patches 2 and 3 less change in patch 1 (including no unsafe eval(%s) for --uri) in patch 2, include -c in list of snippets to store, and use dict of lambdas to map back to the desired action Eric Blake (3): nbdsh: Refactor handling of -c nbdsh: Allow -u interleaved with -c nbdsh: Improve --help and initial banner contents. python/nbdsh.py | 142 +++++++++++++++++++++++++++------------------ sh/test-context.sh | 26 ++++----- sh/test-error.sh | 37 +++++++----- 3 files changed, 119 insertions(+...
2019 Aug 11
0
Re: [PATCH libnbd 9/9] FOR DISCUSSION ONLY: api: Add ‘allow’ parameter to nbd_connect_uri to control permitted URIs.
..., "TLS encrypted URIs are not allowed"); > > + goto cleanup; > > + } > > + if (!tls && (allow & LIBNBD_CONNECT_URI_REQUIRE_TLS)) { > > + set_error (EPERM, "URI must specify an encrypted connection " > > + "(use nbds: or nbds+unix:)"); > > + goto cleanup; > > + } > > + > > Are there any other flags we might want to support, such as permitting > or forbidding an authority section that specifies a username? Yes this was just an initial set of ideas for flags. I also thought...
2019 Oct 20
0
[PATCH libnbd] api: Allow NBD URIs to be restricted.
...ngs in NBD URIs"; + longdesc = "\ +Set which TLS settings are allowed to appear in NBD URIs. The +default is to allow either non-TLS or TLS URIs. + +The C<tls> parameter can be: + +=over 4 + +=item C<LIBNBD_TLS_DISABLE> + +TLS URIs are not permitted, ie. a URI such as C<nbds://...> +will be rejected. + +=item C<LIBNBD_TLS_ALLOW> + +This is the default. TLS may be used or not, depending on +whether the URI uses C<nbds> or C<nbd>. + +=item C<LIBNBD_TLS_REQUIRE> + +TLS URIs are required. All URIs must use C<nbs>. + +=back"; + see...
2019 Aug 10
0
[PATCH libnbd 9/9] FOR DISCUSSION ONLY: api: Add ‘allow’ parameter to nbd_connect_uri to control permitted URIs.
...BD_CONNECT_URI_ALLOW_TLS)) { + set_error (EPERM, "TLS encrypted URIs are not allowed"); + goto cleanup; + } + if (!tls && (allow & LIBNBD_CONNECT_URI_REQUIRE_TLS)) { + set_error (EPERM, "URI must specify an encrypted connection " + "(use nbds: or nbds+unix:)"); + goto cleanup; + } + /* Insist on the scheme://[authority][/absname][?queries] form. */ if (strncmp (raw_uri + strlen (uri->scheme), "://", 3)) { set_error (EINVAL, "URI must begin with '%s://'", uri->scheme); diff --git a/te...
2005 May 11
5
Xen reboots on dom-U disk stress...
Hi all I tried to run bonnie++ disk stresser in dom-U, who''s disk is backed with non-local (on nfs) loop-back file. The machine rebooted pretty quickly. So, how do I tell what''s barfing? Is it Xen? Is it dom-0 (nfs or loop-back)? I looked in dom-0''s /var/log/messages and didn''t see any obvious record of a dom-0 whoopsie (but is that the right place to look
2003 Feb 11
0
Vmware and samba
...DNS servers to use. Up to three may be specified #nameserver1 = 208.23.14.2 #nameserver2 = 63.93.12.3 #nameserver3 = 208.23.14.4 [netbios] # This section applies only to Windows. # Timeout for NBNS queries. nbnsTimeout = 2 # Number of retries for each NBNS query. nbnsRetries = 3 # Timeout for NBDS queries. nbdsTimeout = 3 [incomingtcp] # Use these with care - anyone can enter into your virtual machine through these... # FTP (both active and passive FTP is always enabled) # ftp localhost 8887 #8887 = 192.168.27.128:21 # WEB (make sure that if you are using named webhosting, names poin...
2019 Aug 10
17
[PATCH libnbd 0/9] Add Enum and Flags types.
This largish series adds several new features to the generator. Enum maps to enumerated types (like enum in C). The only current use for this is replacing the nbd_set_tls (nbd, 0/1/2) parameter with LIBNBD_TLS_DISABLE, LIBNBD_TLS_ALLOW, LIBNBD_TLS_REQUIRE (and natural equivalents in other programming languages). Flags maps to any uint32_t bitmask. It is basically a non-optional, generalized
2020 Jun 30
0
[PATCH nbdkit 1/5] nbd: Rework the documentation.
...S handshake, but will continue running unencrypted if the server does not support -encryption. If set to C<require> or if the C<uri> parameter is used +encryption. If set to C<require> or if the C<uri> parameter is used with a scheme that requires encryption (such as C<nbds://host>), then this requires an encrypted connection to the server. -The B<tls> parameter is only available when the plugin was compiled +The C<tls> parameter is only available when the plugin was compiled against libnbd with TLS support; C<nbdkit --dump-plugin nbd> will c...
2020 Jul 01
0
[PATCH nbdkit 1/9] nbd: Rework the documentation.
...S handshake, but will continue running unencrypted if the server does not support -encryption. If set to C<require> or if the C<uri> parameter is used +encryption. If set to C<require> or if the C<uri> parameter is used with a scheme that requires encryption (such as C<nbds://host>), then this requires an encrypted connection to the server. -The B<tls> parameter is only available when the plugin was compiled +The C<tls> parameter is only available when the plugin was compiled against libnbd with TLS support; C<nbdkit --dump-plugin nbd> will c...
2020 Jun 30
5
[PATCH nbdkit 0/5 NOT WORKING] nbd: Implement command= and socket-fd= parameters.
The first four patches are fairly routine clean up and can be reviewed/applied on their own. The fifth patch is problematic as described below. At the moment if you want to proxy through to qemu-nbd (eg. for handling qcow2 files) it's rather complicated and you end up having to manage the sockets and clean up yourself. However the library we use for the proxying supports a perfectly good
2020 Jul 01
15
[PATCH nbdkit 0/9] nbd: Implement command= and socket-fd= parameters.
I fixed the deadlock - turned out to be an actual bug in the nbd plugin (see patch 8). I changed the command syntax so it's now: nbdkit nbd command=qemu arg=-f arg=qcow2 arg=/path/to/disk.qcow2 Nir wrote: 18:08 < nsoffer> rwmjones: regarding the nbd proxy patches, did you have specific flow that help us? 18:08 < nsoffer> rwmjones: or this is just a way to support qcow2 in the