[Libvir] [PATCH] Add the check of the device source
Masayuki Sunou
fj1826dm at aa.jp.fujitsu.com
Thu Jul 12 08:20:19 UTC 2007
Hi Dan
Thank you for a reviewing.
I understand your suggestion.
- Libvirt should not check the device source path.
- The device source path should be checked by the Xen hotplug scripts.
I consider a fixing of Xen.
Thefore, I decline applying this patch.
Thanks,
Masayuki Sunou.
In message <20070712025025.GA18778 at redhat.com>
"Re: [Libvir] [PATCH] Add the check of the device source"
""Daniel P. Berrange" <berrange at redhat.com>" wrote:
> On Thu, Jul 12, 2007 at 09:34:18AM +0900, Masayuki Sunou wrote:
> > Hi
> >
> > If specified device source does not exist,
> > Not appropriate error is displayed.
> > ----------------------------------------------------------------------
> > # virsh attach-disk PV_FC7_14 NOT_EXIST_PATH xvdd
> > libvir: Xen Daemon error : POST operation failed: (xend.err 'Device
> > 51760 (vbd) could not be connected. Hotplug scripts not working.')
> > ----------------------------------------------------------------------
>
> This is a bug in the Xen hotplug scripts.
>
> > This patch checks the existence of the device source path,
> > and correct message is displayed in case of error.
>
> Checking the device path in libvirt does not work because libvirt is not
> running under the same security context as XenD or the hotplug scripts.
> So while libvirt make check & successfully be able to access the device,
> XenD / hotplug script may still fail due to SELinux policy constraints.
> The only place you can correctly check for this is in the hotplug scripts
> themelves.
>
> As an example to deal with the scenario you describe, it is possible to
> add the following to /etc/xen/scripts/block:
>
> --- /etc/xen/scripts/block.orig 2006-11-28 16:04:50.000000000 -0500
> +++ /etc/xen/scripts/block 2007-07-11 23:10:31.000000000 -0400
> @@ -252,6 +252,12 @@
> FRONTEND_UUID=$(xenstore_read_default \
> "/local/domain/$FRONTEND_ID/vm" 'unknown')
> claim_lock "block"
> + if [ ! -e "$dev" ] ; then
> + fatal "Path $dev does not exist"
> + fi
> + if [ ! -b "$dev" ]; then
> + fatal "Path $dev is not a block device"
> + fi
> check_device_sharing "$dev" "$mode"
> write_dev "$dev"
> release_lock "block"
>
>
> This will mean that a real message gets sent back:
>
> # virsh attach-disk f7pv bogus xvdd
> libvir: Xen Daemon error : POST operation failed: (xend.err
> 'Device 51760 (vbd) could not be connected. Path /dev/bogus does not exist')
>
> This also means that other Xen tools also benefit from the error checking.
>
>
> There's probably other checks that can be done in the hotplug scripts for
> various conditions - basically any time you see ever see the message
> 'Hotplug scripts not working' from Xen is a bug in the hotplug scripts
> themselves which needs fixing.
>
> Regards,
> Dan.
> --
> |=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=|
> |=- Perl modules: http://search.cpan.org/~danberr/ -=|
> |=- Projects: http://freshmeat.net/~danielpb/ -=|
> |=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|
>
More information about the libvir-list
mailing list