From 65c4cfdc025dd83cb579ab7ddc91eecb725da5ba632a84ee162d0d409a4fc6fd Mon Sep 17 00:00:00 2001 From: James Fehlig Date: Tue, 22 Oct 2013 21:27:53 +0000 Subject: [PATCH] - Have systemd terminate the machine as a workaround of fdo#68370 bd773e74-lxc-terminate-machine.patch bnc#842834 OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=318 --- bd773e74-lxc-terminate-machine.patch | 247 +++++++++++++++++++++++++++ libvirt.changes | 7 + libvirt.spec | 2 + 3 files changed, 256 insertions(+) create mode 100644 bd773e74-lxc-terminate-machine.patch diff --git a/bd773e74-lxc-terminate-machine.patch b/bd773e74-lxc-terminate-machine.patch new file mode 100644 index 0000000..4417f6d --- /dev/null +++ b/bd773e74-lxc-terminate-machine.patch @@ -0,0 +1,247 @@ +commit bd773e74f0d1d1b9ebbfcaa645178316b4f2265c +Author: Cédric Bosdonnat +Date: Mon Sep 30 16:46:29 2013 +0200 + + LXC: workaround machined uncleaned data with containers running systemd. + + The problem is described by [0] but its effect on libvirt is that + starting a container with a full distro running systemd after having + stopped it simply fails. + + The container cleanup now calls the machined Terminate function to make + sure that everything is in order for the next run. + + [0]: https://bugs.freedesktop.org/show_bug.cgi?id=68370 + +Index: libvirt-1.1.2/src/libvirt_private.syms +=================================================================== +--- libvirt-1.1.2.orig/src/libvirt_private.syms ++++ libvirt-1.1.2/src/libvirt_private.syms +@@ -1940,8 +1940,10 @@ virSysinfoSetup; + + # util/virsystemd.h + virSystemdCreateMachine; ++virSystemdMakeMachineName; + virSystemdMakeScopeName; + virSystemdMakeSliceName; ++virSystemdTerminateMachine; + + + # util/virthread.h +Index: libvirt-1.1.2/src/lxc/lxc_process.c +=================================================================== +--- libvirt-1.1.2.orig/src/lxc/lxc_process.c ++++ libvirt-1.1.2/src/lxc/lxc_process.c +@@ -50,6 +50,7 @@ + #include "virstring.h" + #include "viratomic.h" + #include "virprocess.h" ++#include "virsystemd.h" + + #define VIR_FROM_THIS VIR_FROM_LXC + +@@ -210,6 +211,13 @@ static void virLXCProcessCleanup(virLXCD + virCgroupFree(&priv->cgroup); + } + ++ /* Get machined to terminate the machine as it may not have cleaned it ++ * properly. See https://bugs.freedesktop.org/show_bug.cgi?id=68370 for ++ * the bug we are working around here. ++ */ ++ virSystemdTerminateMachine(vm->def->name, "lxc", true); ++ ++ + /* now that we know it's stopped call the hook if present */ + if (virHookPresent(VIR_HOOK_DRIVER_LXC)) { + char *xml = virDomainDefFormat(vm->def, 0); +Index: libvirt-1.1.2/src/util/virsystemd.c +=================================================================== +--- libvirt-1.1.2.orig/src/util/virsystemd.c ++++ libvirt-1.1.2/src/util/virsystemd.c +@@ -116,6 +116,27 @@ char *virSystemdMakeSliceName(const char + return virBufferContentAndReset(&buf); + } + ++char *virSystemdMakeMachineName(const char *name, ++ const char *drivername, ++ bool privileged) ++{ ++ char *machinename = NULL; ++ char *username = NULL; ++ if (privileged) { ++ if (virAsprintf(&machinename, "%s-%s", drivername, name) < 0) ++ goto cleanup; ++ } else { ++ if (!(username = virGetUserName(geteuid()))) ++ goto cleanup; ++ if (virAsprintf(&machinename, "%s-%s-%s", username, drivername, name) < 0) ++ goto cleanup; ++ } ++ ++cleanup: ++ VIR_FREE(username); ++ ++ return machinename; ++} + + /** + * virSystemdCreateMachine: +@@ -142,7 +163,6 @@ int virSystemdCreateMachine(const char * + DBusConnection *conn; + char *machinename = NULL; + char *creatorname = NULL; +- char *username = NULL; + char *slicename = NULL; + + if (!virDBusHasSystemBus()) +@@ -150,15 +170,8 @@ int virSystemdCreateMachine(const char * + + conn = virDBusGetSystemBus(); + +- if (privileged) { +- if (virAsprintf(&machinename, "%s-%s", drivername, name) < 0) +- goto cleanup; +- } else { +- if (!(username = virGetUserName(geteuid()))) +- goto cleanup; +- if (virAsprintf(&machinename, "%s-%s-%s", username, drivername, name) < 0) +- goto cleanup; +- } ++ if (!(machinename = virSystemdMakeMachineName(name, drivername, privileged))) ++ goto cleanup; + + if (virAsprintf(&creatorname, "libvirt-%s", drivername) < 0) + goto cleanup; +@@ -241,8 +254,52 @@ int virSystemdCreateMachine(const char * + ret = 0; + + cleanup: +- VIR_FREE(username); + VIR_FREE(creatorname); + VIR_FREE(machinename); + return ret; + } ++ ++int virSystemdTerminateMachine(const char *name, ++ const char *drivername, ++ bool privileged) ++{ ++ int ret; ++ DBusConnection *conn; ++ char *machinename = NULL; ++ ++ if(!virDBusHasSystemBus()) ++ return -2; ++ ++ conn = virDBusGetSystemBus(); ++ ++ ret = -1; ++ if (!(machinename = virSystemdMakeMachineName(name, drivername, privileged))) ++ goto cleanup; ++ ++ /* ++ * The systemd DBus API we're invoking has the ++ * following signature ++ * ++ * TerminateMachine(in s name); ++ * ++ * @name a host unique name for the machine. shows up ++ * in 'ps' listing & similar ++ */ ++ ++ VIR_DEBUG("Attempting to terminate machine via systemd"); ++ if (virDBusCallMethod(conn, ++ NULL, ++ "org.freedesktop.machine1", ++ "/org/freedesktop/machine1", ++ "org.freedesktop.machine1.Manager", ++ "TerminateMachine", ++ "s", ++ machinename) < 0) ++ goto cleanup; ++ ++ ret = 0; ++ ++cleanup: ++ VIR_FREE(machinename); ++ return ret; ++} +Index: libvirt-1.1.2/src/util/virsystemd.h +=================================================================== +--- libvirt-1.1.2.orig/src/util/virsystemd.h ++++ libvirt-1.1.2/src/util/virsystemd.h +@@ -29,6 +29,10 @@ char *virSystemdMakeScopeName(const char + const char *slicename); + char *virSystemdMakeSliceName(const char *partition); + ++char *virSystemdMakeMachineName(const char *name, ++ const char *drivername, ++ bool privileged); ++ + int virSystemdCreateMachine(const char *name, + const char *drivername, + bool privileged, +@@ -38,4 +42,8 @@ int virSystemdCreateMachine(const char * + bool iscontainer, + const char *partition); + ++int virSystemdTerminateMachine(const char *name, ++ const char *drivername, ++ bool privileged); ++ + #endif /* __VIR_SYSTEMD_H__ */ +Index: libvirt-1.1.2/tests/virsystemdtest.c +=================================================================== +--- libvirt-1.1.2.orig/tests/virsystemdtest.c ++++ libvirt-1.1.2/tests/virsystemdtest.c +@@ -51,6 +51,18 @@ static int testCreateContainer(const voi + return 0; + } + ++static int testTerminateContainer(const void *opaque ATTRIBUTE_UNUSED) ++{ ++ if (virSystemdTerminateMachine("demo", ++ "lxc", ++ true) < 0) { ++ fprintf(stderr, "%s", "Failed to terminate LXC machine\n"); ++ return -1; ++ } ++ ++ return 0; ++} ++ + static int testCreateMachine(const void *opaque ATTRIBUTE_UNUSED) + { + unsigned char uuid[VIR_UUID_BUFLEN] = { +@@ -74,6 +86,18 @@ static int testCreateMachine(const void + return 0; + } + ++static int testTerminateMachine(const void *opaque ATTRIBUTE_UNUSED) ++{ ++ if (virSystemdTerminateMachine("demo", ++ "qemu", ++ false) < 0) { ++ fprintf(stderr, "%s", "Failed to terminate KVM machine\n"); ++ return -1; ++ } ++ ++ return 0; ++} ++ + static int testCreateNoSystemd(const void *opaque ATTRIBUTE_UNUSED) + { + unsigned char uuid[VIR_UUID_BUFLEN] = { +@@ -177,8 +201,12 @@ mymain(void) + + if (virtTestRun("Test create container ", 1, testCreateContainer, NULL) < 0) + ret = -1; ++ if (virtTestRun("Test terminate container ", 1, testTerminateContainer, NULL) < 0) ++ ret = -1; + if (virtTestRun("Test create machine ", 1, testCreateMachine, NULL) < 0) + ret = -1; ++ if (virtTestRun("Test terminate machine ", 1, testTerminateMachine, NULL) < 0) ++ ret = -1; + if (virtTestRun("Test create no systemd ", 1, testCreateNoSystemd, NULL) < 0) + ret = -1; + if (virtTestRun("Test create bad systemd ", 1, testCreateBadSystemd, NULL) < 0) diff --git a/libvirt.changes b/libvirt.changes index f87efc8..af34c24 100644 --- a/libvirt.changes +++ b/libvirt.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Tue Oct 22 14:37:08 MDT 2013 - cbosdonnat@suse.com + +- Have systemd terminate the machine as a workaround of fdo#68370 + bd773e74-lxc-terminate-machine.patch + bnc#842834 + ------------------------------------------------------------------- Tue Oct 22 12:28:03 MDT 2013 - jfehlig@suse.com diff --git a/libvirt.spec b/libvirt.spec index 7b6610f..71ede12 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -419,6 +419,7 @@ Patch12: b7fcc799a-CVE-2013-4400.patch Patch13: 3e2f27e1-CVE-2013-4400.patch Patch14: 5a0ea4b7-CVE-2013-4400.patch Patch15: 843bdb2f-CVE-2013-4400.patch +Patch16: bd773e74-lxc-terminate-machine.patch # Need to go upstream Patch100: xen-name-for-devid.patch Patch101: clone.patch @@ -946,6 +947,7 @@ of recent versions of Linux (and other OSes). %patch13 -p1 %patch14 -p1 %patch15 -p1 +%patch16 -p1 %patch100 -p1 %patch101 %patch102 -p1