- Have systemd terminate the machine as a workaround of fdo#68370

bd773e74-lxc-terminate-machine.patch bnc#842834 OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=318
2013-10-22 21:27:53 +00:00 · 2013-10-22 21:27:53 +00:00 · 65c4cfdc02
commit 65c4cfdc02
parent 8296f9e96d
3 changed files with 256 additions and 0 deletions
--- a/bd773e74-lxc-terminate-machine.patch
+++ b/bd773e74-lxc-terminate-machine.patch
@ -0,0 +1,247 @@
+commit bd773e74f0d1d1b9ebbfcaa645178316b4f2265c
+Author: Cédric Bosdonnat <cbosdonnat@suse.com>
+Date:   Mon Sep 30 16:46:29 2013 +0200
+
+    LXC: workaround machined uncleaned data with containers running systemd.
+    
+    The problem is described by [0] but its effect on libvirt is that
+    starting a container with a full distro running systemd after having
+    stopped it simply fails.
+    
+    The container cleanup now calls the machined Terminate function to make
+    sure that everything is in order for the next run.
+    
+     [0]: https://bugs.freedesktop.org/show_bug.cgi?id=68370
+
+Index: libvirt-1.1.2/src/libvirt_private.syms
+===================================================================
+--- libvirt-1.1.2.orig/src/libvirt_private.syms
+++ libvirt-1.1.2/src/libvirt_private.syms
+@@ -1940,8 +1940,10 @@ virSysinfoSetup;
+ 
+ # util/virsystemd.h
+ virSystemdCreateMachine;
+virSystemdMakeMachineName;
+ virSystemdMakeScopeName;
+ virSystemdMakeSliceName;
+virSystemdTerminateMachine;
+ 
+ 
+ # util/virthread.h
+Index: libvirt-1.1.2/src/lxc/lxc_process.c
+===================================================================
+--- libvirt-1.1.2.orig/src/lxc/lxc_process.c
+++ libvirt-1.1.2/src/lxc/lxc_process.c
+@@ -50,6 +50,7 @@
+ #include "virstring.h"
+ #include "viratomic.h"
+ #include "virprocess.h"
+#include "virsystemd.h"
+ 
+ #define VIR_FROM_THIS VIR_FROM_LXC
+ 
+@@ -210,6 +211,13 @@ static void virLXCProcessCleanup(virLXCD
+         virCgroupFree(&priv->cgroup);
+     }
+ 
+    /* Get machined to terminate the machine as it may not have cleaned it
+     * properly. See https://bugs.freedesktop.org/show_bug.cgi?id=68370 for
+     * the bug we are working around here.
+     */
+    virSystemdTerminateMachine(vm->def->name, "lxc", true);
+
+
+     /* now that we know it's stopped call the hook if present */
+     if (virHookPresent(VIR_HOOK_DRIVER_LXC)) {
+         char *xml = virDomainDefFormat(vm->def, 0);
+Index: libvirt-1.1.2/src/util/virsystemd.c
+===================================================================
+--- libvirt-1.1.2.orig/src/util/virsystemd.c
+++ libvirt-1.1.2/src/util/virsystemd.c
+@@ -116,6 +116,27 @@ char *virSystemdMakeSliceName(const char
+     return virBufferContentAndReset(&buf);
+ }
+ 
+char *virSystemdMakeMachineName(const char *name,
+                                const char *drivername,
+                                bool privileged)
+{
+    char *machinename = NULL;
+    char *username = NULL;
+    if (privileged) {
+        if (virAsprintf(&machinename, "%s-%s", drivername, name) < 0)
+            goto cleanup;
+    } else {
+        if (!(username = virGetUserName(geteuid())))
+            goto cleanup;
+        if (virAsprintf(&machinename, "%s-%s-%s", username, drivername, name) < 0)
+            goto cleanup;
+    }
+
+cleanup:
+    VIR_FREE(username);
+
+    return machinename;
+}
+ 
+ /**
+  * virSystemdCreateMachine:
+@@ -142,7 +163,6 @@ int virSystemdCreateMachine(const char *
+     DBusConnection *conn;
+     char *machinename = NULL;
+     char *creatorname = NULL;
+-    char *username = NULL;
+     char *slicename = NULL;
+ 
+     if (!virDBusHasSystemBus())
+@@ -150,15 +170,8 @@ int virSystemdCreateMachine(const char *
+ 
+     conn = virDBusGetSystemBus();
+ 
+-    if (privileged) {
+-        if (virAsprintf(&machinename, "%s-%s", drivername, name) < 0)
+-            goto cleanup;
+-    } else {
+-        if (!(username = virGetUserName(geteuid())))
+-            goto cleanup;
+-        if (virAsprintf(&machinename, "%s-%s-%s", username, drivername, name) < 0)
+-            goto cleanup;
+-    }
+    if (!(machinename = virSystemdMakeMachineName(name, drivername, privileged)))
+        goto cleanup;
+ 
+     if (virAsprintf(&creatorname, "libvirt-%s", drivername) < 0)
+         goto cleanup;
+@@ -241,8 +254,52 @@ int virSystemdCreateMachine(const char *
+     ret = 0;
+ 
+ cleanup:
+-    VIR_FREE(username);
+     VIR_FREE(creatorname);
+     VIR_FREE(machinename);
+     return ret;
+ }
+
+int virSystemdTerminateMachine(const char *name,
+                               const char *drivername,
+                               bool privileged)
+{
+    int ret;
+    DBusConnection *conn;
+    char *machinename = NULL;
+
+    if(!virDBusHasSystemBus())
+        return -2;
+
+    conn = virDBusGetSystemBus();
+
+    ret = -1;
+    if (!(machinename = virSystemdMakeMachineName(name, drivername, privileged)))
+        goto cleanup;
+
+    /*
+     * The systemd DBus API we're invoking has the
+     * following signature
+     *
+     * TerminateMachine(in  s name);
+    *
+     * @name a host unique name for the machine. shows up
+     * in 'ps' listing & similar
+     */
+
+    VIR_DEBUG("Attempting to terminate machine via systemd");
+    if (virDBusCallMethod(conn,
+                          NULL,
+                          "org.freedesktop.machine1",
+                          "/org/freedesktop/machine1",
+                          "org.freedesktop.machine1.Manager",
+                          "TerminateMachine",
+                          "s",
+                          machinename) < 0)
+        goto cleanup;
+
+    ret = 0;
+
+cleanup:
+    VIR_FREE(machinename);
+    return ret;
+}
+Index: libvirt-1.1.2/src/util/virsystemd.h
+===================================================================
+--- libvirt-1.1.2.orig/src/util/virsystemd.h
+++ libvirt-1.1.2/src/util/virsystemd.h
+@@ -29,6 +29,10 @@ char *virSystemdMakeScopeName(const char
+                               const char *slicename);
+ char *virSystemdMakeSliceName(const char *partition);
+ 
+char *virSystemdMakeMachineName(const char *name,
+                                const char *drivername,
+                                bool privileged);
+
+ int virSystemdCreateMachine(const char *name,
+                             const char *drivername,
+                             bool privileged,
+@@ -38,4 +42,8 @@ int virSystemdCreateMachine(const char *
+                             bool iscontainer,
+                             const char *partition);
+ 
+int virSystemdTerminateMachine(const char *name,
+                               const char *drivername,
+                               bool privileged);
+
+ #endif /* __VIR_SYSTEMD_H__ */
+Index: libvirt-1.1.2/tests/virsystemdtest.c
+===================================================================
+--- libvirt-1.1.2.orig/tests/virsystemdtest.c
+++ libvirt-1.1.2/tests/virsystemdtest.c
+@@ -51,6 +51,18 @@ static int testCreateContainer(const voi
+     return 0;
+ }
+ 
+static int testTerminateContainer(const void *opaque ATTRIBUTE_UNUSED)
+{
+    if (virSystemdTerminateMachine("demo",
+                                   "lxc",
+                                   true) < 0) {
+        fprintf(stderr, "%s", "Failed to terminate LXC machine\n");
+        return -1;
+    }
+
+    return 0;
+}
+
+ static int testCreateMachine(const void *opaque ATTRIBUTE_UNUSED)
+ {
+     unsigned char uuid[VIR_UUID_BUFLEN] = {
+@@ -74,6 +86,18 @@ static int testCreateMachine(const void
+     return 0;
+ }
+ 
+static int testTerminateMachine(const void *opaque ATTRIBUTE_UNUSED)
+{
+    if (virSystemdTerminateMachine("demo",
+                                   "qemu",
+                                   false) < 0) {
+        fprintf(stderr, "%s", "Failed to terminate KVM machine\n");
+        return -1;
+    }
+
+    return 0;
+}
+
+ static int testCreateNoSystemd(const void *opaque ATTRIBUTE_UNUSED)
+ {
+     unsigned char uuid[VIR_UUID_BUFLEN] = {
+@@ -177,8 +201,12 @@ mymain(void)
+ 
+     if (virtTestRun("Test create container ", 1, testCreateContainer, NULL) < 0)
+         ret = -1;
+    if (virtTestRun("Test terminate container ", 1, testTerminateContainer, NULL) < 0)
+        ret = -1;
+     if (virtTestRun("Test create machine ", 1, testCreateMachine, NULL) < 0)
+         ret = -1;
+    if (virtTestRun("Test terminate machine ", 1, testTerminateMachine, NULL) < 0)
+        ret = -1;
+     if (virtTestRun("Test create no systemd ", 1, testCreateNoSystemd, NULL) < 0)
+         ret = -1;
+     if (virtTestRun("Test create bad systemd ", 1, testCreateBadSystemd, NULL) < 0)
--- a/libvirt.changes
+++ b/libvirt.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Tue Oct 22 14:37:08 MDT 2013 - cbosdonnat@suse.com
+
+- Have systemd terminate the machine as a workaround of fdo#68370
+  bd773e74-lxc-terminate-machine.patch
+  bnc#842834
+
 -------------------------------------------------------------------
 Tue Oct 22 12:28:03 MDT 2013 - jfehlig@suse.com

--- a/libvirt.spec
+++ b/libvirt.spec
@ -419,6 +419,7 @@ Patch12:        b7fcc799a-CVE-2013-4400.patch
 Patch13:        3e2f27e1-CVE-2013-4400.patch
 Patch14:        5a0ea4b7-CVE-2013-4400.patch
 Patch15:        843bdb2f-CVE-2013-4400.patch
+Patch16:        bd773e74-lxc-terminate-machine.patch
 # Need to go upstream
 Patch100:       xen-name-for-devid.patch
 Patch101:       clone.patch
@ -946,6 +947,7 @@ of recent versions of Linux (and other OSes).
 %patch13 -p1
 %patch14 -p1
 %patch15 -p1
+%patch16 -p1
 %patch100 -p1
 %patch101
 %patch102 -p1