forked from pool/libvirt
- Have systemd terminate the machine as a workaround of fdo#68370
bd773e74-lxc-terminate-machine.patch bnc#842834 OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=318
This commit is contained in:
parent
8296f9e96d
commit
65c4cfdc02
247
bd773e74-lxc-terminate-machine.patch
Normal file
247
bd773e74-lxc-terminate-machine.patch
Normal file
@ -0,0 +1,247 @@
|
||||
commit bd773e74f0d1d1b9ebbfcaa645178316b4f2265c
|
||||
Author: Cédric Bosdonnat <cbosdonnat@suse.com>
|
||||
Date: Mon Sep 30 16:46:29 2013 +0200
|
||||
|
||||
LXC: workaround machined uncleaned data with containers running systemd.
|
||||
|
||||
The problem is described by [0] but its effect on libvirt is that
|
||||
starting a container with a full distro running systemd after having
|
||||
stopped it simply fails.
|
||||
|
||||
The container cleanup now calls the machined Terminate function to make
|
||||
sure that everything is in order for the next run.
|
||||
|
||||
[0]: https://bugs.freedesktop.org/show_bug.cgi?id=68370
|
||||
|
||||
Index: libvirt-1.1.2/src/libvirt_private.syms
|
||||
===================================================================
|
||||
--- libvirt-1.1.2.orig/src/libvirt_private.syms
|
||||
+++ libvirt-1.1.2/src/libvirt_private.syms
|
||||
@@ -1940,8 +1940,10 @@ virSysinfoSetup;
|
||||
|
||||
# util/virsystemd.h
|
||||
virSystemdCreateMachine;
|
||||
+virSystemdMakeMachineName;
|
||||
virSystemdMakeScopeName;
|
||||
virSystemdMakeSliceName;
|
||||
+virSystemdTerminateMachine;
|
||||
|
||||
|
||||
# util/virthread.h
|
||||
Index: libvirt-1.1.2/src/lxc/lxc_process.c
|
||||
===================================================================
|
||||
--- libvirt-1.1.2.orig/src/lxc/lxc_process.c
|
||||
+++ libvirt-1.1.2/src/lxc/lxc_process.c
|
||||
@@ -50,6 +50,7 @@
|
||||
#include "virstring.h"
|
||||
#include "viratomic.h"
|
||||
#include "virprocess.h"
|
||||
+#include "virsystemd.h"
|
||||
|
||||
#define VIR_FROM_THIS VIR_FROM_LXC
|
||||
|
||||
@@ -210,6 +211,13 @@ static void virLXCProcessCleanup(virLXCD
|
||||
virCgroupFree(&priv->cgroup);
|
||||
}
|
||||
|
||||
+ /* Get machined to terminate the machine as it may not have cleaned it
|
||||
+ * properly. See https://bugs.freedesktop.org/show_bug.cgi?id=68370 for
|
||||
+ * the bug we are working around here.
|
||||
+ */
|
||||
+ virSystemdTerminateMachine(vm->def->name, "lxc", true);
|
||||
+
|
||||
+
|
||||
/* now that we know it's stopped call the hook if present */
|
||||
if (virHookPresent(VIR_HOOK_DRIVER_LXC)) {
|
||||
char *xml = virDomainDefFormat(vm->def, 0);
|
||||
Index: libvirt-1.1.2/src/util/virsystemd.c
|
||||
===================================================================
|
||||
--- libvirt-1.1.2.orig/src/util/virsystemd.c
|
||||
+++ libvirt-1.1.2/src/util/virsystemd.c
|
||||
@@ -116,6 +116,27 @@ char *virSystemdMakeSliceName(const char
|
||||
return virBufferContentAndReset(&buf);
|
||||
}
|
||||
|
||||
+char *virSystemdMakeMachineName(const char *name,
|
||||
+ const char *drivername,
|
||||
+ bool privileged)
|
||||
+{
|
||||
+ char *machinename = NULL;
|
||||
+ char *username = NULL;
|
||||
+ if (privileged) {
|
||||
+ if (virAsprintf(&machinename, "%s-%s", drivername, name) < 0)
|
||||
+ goto cleanup;
|
||||
+ } else {
|
||||
+ if (!(username = virGetUserName(geteuid())))
|
||||
+ goto cleanup;
|
||||
+ if (virAsprintf(&machinename, "%s-%s-%s", username, drivername, name) < 0)
|
||||
+ goto cleanup;
|
||||
+ }
|
||||
+
|
||||
+cleanup:
|
||||
+ VIR_FREE(username);
|
||||
+
|
||||
+ return machinename;
|
||||
+}
|
||||
|
||||
/**
|
||||
* virSystemdCreateMachine:
|
||||
@@ -142,7 +163,6 @@ int virSystemdCreateMachine(const char *
|
||||
DBusConnection *conn;
|
||||
char *machinename = NULL;
|
||||
char *creatorname = NULL;
|
||||
- char *username = NULL;
|
||||
char *slicename = NULL;
|
||||
|
||||
if (!virDBusHasSystemBus())
|
||||
@@ -150,15 +170,8 @@ int virSystemdCreateMachine(const char *
|
||||
|
||||
conn = virDBusGetSystemBus();
|
||||
|
||||
- if (privileged) {
|
||||
- if (virAsprintf(&machinename, "%s-%s", drivername, name) < 0)
|
||||
- goto cleanup;
|
||||
- } else {
|
||||
- if (!(username = virGetUserName(geteuid())))
|
||||
- goto cleanup;
|
||||
- if (virAsprintf(&machinename, "%s-%s-%s", username, drivername, name) < 0)
|
||||
- goto cleanup;
|
||||
- }
|
||||
+ if (!(machinename = virSystemdMakeMachineName(name, drivername, privileged)))
|
||||
+ goto cleanup;
|
||||
|
||||
if (virAsprintf(&creatorname, "libvirt-%s", drivername) < 0)
|
||||
goto cleanup;
|
||||
@@ -241,8 +254,52 @@ int virSystemdCreateMachine(const char *
|
||||
ret = 0;
|
||||
|
||||
cleanup:
|
||||
- VIR_FREE(username);
|
||||
VIR_FREE(creatorname);
|
||||
VIR_FREE(machinename);
|
||||
return ret;
|
||||
}
|
||||
+
|
||||
+int virSystemdTerminateMachine(const char *name,
|
||||
+ const char *drivername,
|
||||
+ bool privileged)
|
||||
+{
|
||||
+ int ret;
|
||||
+ DBusConnection *conn;
|
||||
+ char *machinename = NULL;
|
||||
+
|
||||
+ if(!virDBusHasSystemBus())
|
||||
+ return -2;
|
||||
+
|
||||
+ conn = virDBusGetSystemBus();
|
||||
+
|
||||
+ ret = -1;
|
||||
+ if (!(machinename = virSystemdMakeMachineName(name, drivername, privileged)))
|
||||
+ goto cleanup;
|
||||
+
|
||||
+ /*
|
||||
+ * The systemd DBus API we're invoking has the
|
||||
+ * following signature
|
||||
+ *
|
||||
+ * TerminateMachine(in s name);
|
||||
+ *
|
||||
+ * @name a host unique name for the machine. shows up
|
||||
+ * in 'ps' listing & similar
|
||||
+ */
|
||||
+
|
||||
+ VIR_DEBUG("Attempting to terminate machine via systemd");
|
||||
+ if (virDBusCallMethod(conn,
|
||||
+ NULL,
|
||||
+ "org.freedesktop.machine1",
|
||||
+ "/org/freedesktop/machine1",
|
||||
+ "org.freedesktop.machine1.Manager",
|
||||
+ "TerminateMachine",
|
||||
+ "s",
|
||||
+ machinename) < 0)
|
||||
+ goto cleanup;
|
||||
+
|
||||
+ ret = 0;
|
||||
+
|
||||
+cleanup:
|
||||
+ VIR_FREE(machinename);
|
||||
+ return ret;
|
||||
+}
|
||||
Index: libvirt-1.1.2/src/util/virsystemd.h
|
||||
===================================================================
|
||||
--- libvirt-1.1.2.orig/src/util/virsystemd.h
|
||||
+++ libvirt-1.1.2/src/util/virsystemd.h
|
||||
@@ -29,6 +29,10 @@ char *virSystemdMakeScopeName(const char
|
||||
const char *slicename);
|
||||
char *virSystemdMakeSliceName(const char *partition);
|
||||
|
||||
+char *virSystemdMakeMachineName(const char *name,
|
||||
+ const char *drivername,
|
||||
+ bool privileged);
|
||||
+
|
||||
int virSystemdCreateMachine(const char *name,
|
||||
const char *drivername,
|
||||
bool privileged,
|
||||
@@ -38,4 +42,8 @@ int virSystemdCreateMachine(const char *
|
||||
bool iscontainer,
|
||||
const char *partition);
|
||||
|
||||
+int virSystemdTerminateMachine(const char *name,
|
||||
+ const char *drivername,
|
||||
+ bool privileged);
|
||||
+
|
||||
#endif /* __VIR_SYSTEMD_H__ */
|
||||
Index: libvirt-1.1.2/tests/virsystemdtest.c
|
||||
===================================================================
|
||||
--- libvirt-1.1.2.orig/tests/virsystemdtest.c
|
||||
+++ libvirt-1.1.2/tests/virsystemdtest.c
|
||||
@@ -51,6 +51,18 @@ static int testCreateContainer(const voi
|
||||
return 0;
|
||||
}
|
||||
|
||||
+static int testTerminateContainer(const void *opaque ATTRIBUTE_UNUSED)
|
||||
+{
|
||||
+ if (virSystemdTerminateMachine("demo",
|
||||
+ "lxc",
|
||||
+ true) < 0) {
|
||||
+ fprintf(stderr, "%s", "Failed to terminate LXC machine\n");
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
static int testCreateMachine(const void *opaque ATTRIBUTE_UNUSED)
|
||||
{
|
||||
unsigned char uuid[VIR_UUID_BUFLEN] = {
|
||||
@@ -74,6 +86,18 @@ static int testCreateMachine(const void
|
||||
return 0;
|
||||
}
|
||||
|
||||
+static int testTerminateMachine(const void *opaque ATTRIBUTE_UNUSED)
|
||||
+{
|
||||
+ if (virSystemdTerminateMachine("demo",
|
||||
+ "qemu",
|
||||
+ false) < 0) {
|
||||
+ fprintf(stderr, "%s", "Failed to terminate KVM machine\n");
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
static int testCreateNoSystemd(const void *opaque ATTRIBUTE_UNUSED)
|
||||
{
|
||||
unsigned char uuid[VIR_UUID_BUFLEN] = {
|
||||
@@ -177,8 +201,12 @@ mymain(void)
|
||||
|
||||
if (virtTestRun("Test create container ", 1, testCreateContainer, NULL) < 0)
|
||||
ret = -1;
|
||||
+ if (virtTestRun("Test terminate container ", 1, testTerminateContainer, NULL) < 0)
|
||||
+ ret = -1;
|
||||
if (virtTestRun("Test create machine ", 1, testCreateMachine, NULL) < 0)
|
||||
ret = -1;
|
||||
+ if (virtTestRun("Test terminate machine ", 1, testTerminateMachine, NULL) < 0)
|
||||
+ ret = -1;
|
||||
if (virtTestRun("Test create no systemd ", 1, testCreateNoSystemd, NULL) < 0)
|
||||
ret = -1;
|
||||
if (virtTestRun("Test create bad systemd ", 1, testCreateBadSystemd, NULL) < 0)
|
@ -1,3 +1,10 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Oct 22 14:37:08 MDT 2013 - cbosdonnat@suse.com
|
||||
|
||||
- Have systemd terminate the machine as a workaround of fdo#68370
|
||||
bd773e74-lxc-terminate-machine.patch
|
||||
bnc#842834
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Oct 22 12:28:03 MDT 2013 - jfehlig@suse.com
|
||||
|
||||
|
@ -419,6 +419,7 @@ Patch12: b7fcc799a-CVE-2013-4400.patch
|
||||
Patch13: 3e2f27e1-CVE-2013-4400.patch
|
||||
Patch14: 5a0ea4b7-CVE-2013-4400.patch
|
||||
Patch15: 843bdb2f-CVE-2013-4400.patch
|
||||
Patch16: bd773e74-lxc-terminate-machine.patch
|
||||
# Need to go upstream
|
||||
Patch100: xen-name-for-devid.patch
|
||||
Patch101: clone.patch
|
||||
@ -946,6 +947,7 @@ of recent versions of Linux (and other OSes).
|
||||
%patch13 -p1
|
||||
%patch14 -p1
|
||||
%patch15 -p1
|
||||
%patch16 -p1
|
||||
%patch100 -p1
|
||||
%patch101
|
||||
%patch102 -p1
|
||||
|
Loading…
Reference in New Issue
Block a user