similar to: [nbdkit PATCH 0/2] stdin/out cleanups

In v2: - use int instead of bool in the public header - split the tests from the code - don't overload test-layers; instead, add new tests - add a missing fflush exposed by the new tests - other minor cleanups Eric Blake (3): server: Add nbdkit_stdio_safe server: Sanitize stdin/out before running plugin code server: More tests of stdin/out handling docs/nbdkit-plugin.pod |

As shown in the previous patch, plugins may choose to use stdin or stdout during .config. But from .get_ready onwards, well-written plugins shouldn't be needing any further use of stdin/out. We already swapped stdin/out to /dev/null while daemonizing, but did not do do during -f or --run, which leads to some surprising inconsistency when trying to debug a plugin that works in the foreground

As shown in the previous patch, plugins may choose to use stdin or stdout during .config. But from .get_ready onwards, well-written plugins shouldn't be needing any further use of stdin/out. We already swapped stdin/out to /dev/null while daemonizing, but did not do do during -f or --run, which leads to some surprising inconsistency when trying to debug a plugin that works in the foreground

https://bugzilla.redhat.com/show_bug.cgi?id=1842440 Patches 1 and 2 address fairly obvious bugs in how we handle reading passwords from stdin. There are other ways we may consider fixing these bugs: - Should password=- always open /dev/tty and ignore stdin entirely? - Should we make password=-0/-1/-2 work by skipping the close? Or perhaps reopen the file descriptors on /dev/null after

V3 was here: <http://mid.mail-archive.com/20230215141158.2426855-1-lersek at redhat.com>. See the Notes section on each patch for the v4 updates. The series is nearly ready for merging: every patch has at least one R-b tag, except "socket activation: avoid manipulating the sign bit". The series builds, and passes "make check" and "make check-valgrind", at

- add a flag to request chroot for the process, which is done only as very last (before chdir) operation before exec'ing the process in the child: this avoids using CHROOT_IN & CHROOT_OUT around command* invocations, and reduces the code spent in chroot mode - add failure checks for dup2 and open done in child, not proceeding to executing the process if they fail - open /dev/null

Il 19/06/2013 10:24, Michael S. Tsirkin ha scritto: >> > 2) We introduce VIRTIO_NET_F_ANY_LAYOUT and VIRTIO_BLK_F_ANY_LAYOUT >> > specifically for net and block (note the new names). So why not a transport feature? Is it just because the SCSI commands for virtio-blk also require a config space field? Sorry if I missed this upthread. Paolo >> > 3) I note the

Il 19/06/2013 10:24, Michael S. Tsirkin ha scritto: >> > 2) We introduce VIRTIO_NET_F_ANY_LAYOUT and VIRTIO_BLK_F_ANY_LAYOUT >> > specifically for net and block (note the new names). So why not a transport feature? Is it just because the SCSI commands for virtio-blk also require a config space field? Sorry if I missed this upthread. Paolo >> > 3) I note the

Hello all, My scripts, which read stdout from ssh, weren't seeing EOF from the remote session.? It was being sent, but lost.? I tracked it down to the following code, in ssh.c, at ssh_session2_open: ??????? if (stdin_null_flag) { ??????????????? in = open(_PATH_DEVNULL, O_RDONLY); ??????? } else { ??????????????? in = dup(STDIN_FILENO); ??????? } ??????? out = dup(STDOUT_FILENO);

https://www.redhat.com/archives/libguestfs/2019-August/thread.html#00347 Thanks: Eric Blake and Daniel P. Berrangé --- common/utils/utils.h | 1 + server/connections.c | 4 ++-- server/crypto.c | 5 +++-- server/main.c | 23 +++++++++++++++++++++++ common/utils/utils.c | 29 +++++++++++++++++++++++++++++ 5 files changed, 58 insertions(+), 4 deletions(-) diff --git

At least it appears that way on my FreeBSD 8.1 system. This is probably unnoticeable in regular use but I happen to use CFengine(v2) for system configuration & monitoring. If it notices dovecot not running it tries to start it and hangs. I believe cfengine (cfagent) has created a pipe to monitor the start commmand's stderr and is waiting for this pipe to close. This never happens

The patches following do indeed allow you to compile nbdkit.exe, but it does not actually work yet. I'm posting this experimental series more as a work in progress and to get feedback. Note this does not require Windows itself to build or test. You can cross-compile it using mingw64-* packages on Fedora or Debian, and test it [spoiler alert: it fails] using Wine. Rich.

On Mon, Apr 13, 2020 at 07:28:59PM -0500, Eric Blake wrote: [...] This patch is fine and can be pushed if you want, but I've got some small comments. > +If C<nbdkit_stdio_safe> returns true, the value of the configuration > +parameter may be used to trigger reading additional data through stdin > +(such as a password or inline script). I wonder if we want to say "returns

Improve readability of commandrvf() by replacing bare int values for file descriptors with their symbolic names STD{IN,OUT,ERR}_FILENO. Also add PIPE_READ and PIPE_WRITE for referencing relevant ends of a pipe. --- daemon/guestfsd.c | 79 +++++++++++++++++++++++++++++-------------------------- 1 file changed, 42 insertions(+), 37 deletions(-) diff --git a/daemon/guestfsd.c b/daemon/guestfsd.c

Thinking about Sasha's patches, we can reduce ring usage for virtio net small packets dramatically if we put virtio net header inline with the data. This can be done for free in case guest net stack allocated extra head room for the packet, and I don't see why would this have any downsides. Even though with my recent patches qemu no longer requires header to be the first s/g element, we

Thinking about Sasha's patches, we can reduce ring usage for virtio net small packets dramatically if we put virtio net header inline with the data. This can be done for free in case guest net stack allocated extra head room for the packet, and I don't see why would this have any downsides. Even though with my recent patches qemu no longer requires header to be the first s/g element, we

Following mail advice from maximilian attems (thanks). The following patch changes 2 parts of kinit's command line parameter handling. 1) Parse command line parameters passed to kinit *before* /proc/cmdline, in order to allow overrides 2) Pass this resultant command line to the init program, rather than forcing the kinit caller to pass all /proc/cmdline parameters to the kinit call.

Please review the function below, forkoff(), meant to be used in clientloop.c instead of daemon() and the code in process_escapes(). The intention is to make ~D ( like ~& but also detach) possible and to make it possible for ssh -f (or ssh -f -f - see other thread on this) to detach, not just forkoff(). I also intend to use the same detach technique in a feature patch for the hang-on-exit

hi, Ran into a problem which I thought was an AIXism, but have since found that it can be reproduced on Linux and MacOS. It can NOT be reproduced on OpenBSD. Reproduced on: AIXv7.1 OpenSSH v6.0p1 RedHat 6.8 OpenSSH 5.4p1 Redhat 7.2 OpenSSH 6.6.1p1 MacOS 10.11 (sorry, forgot to grab the OpenSSH version) Could not reproduce on: OpenBSD 5.9-current, march snapshot, OpenSSH_7.2 OpenBSD

There were a few unchecked syscalls in fish.c >From ba8b8b0684a03b6e6fbb939ed7e1cbf5e1000092 Mon Sep 17 00:00:00 2001 From: Jim Meyering <meyering at redhat.com> Date: Wed, 19 Aug 2009 10:01:07 +0200 Subject: [PATCH libguestfs] guestfish: detect a few more failed syscalls * fish/fish.c (issue_command): Detect/diagnose more failed syscalls. --- fish/fish.c | 26