From xiawenc at linux.vnet.ibm.com Fri Aug 3 07:36:59 2012 From: xiawenc at linux.vnet.ibm.com (Wenchao Xia) Date: Fri, 3 Aug 2012 15:36:59 +0800 Subject: [Libvirt-cim] [PATCH] fix id parsing with white space Message-ID: <1343979419-30227-1-git-send-email-xiawenc@linux.vnet.ibm.com> When device id string contains white space, parse is not correct. This patch fix it Signed-off-by: Wenchao Xia --- libxkutil/device_parsing.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/libxkutil/device_parsing.c b/libxkutil/device_parsing.c index 5393290..ceb4552 100644 --- a/libxkutil/device_parsing.c +++ b/libxkutil/device_parsing.c @@ -1033,7 +1033,7 @@ int parse_fq_devid(const char *devid, char **host, char **device) { int ret; - ret = sscanf(devid, "%a[^/]/%as", host, device); + ret = sscanf(devid, "%a[^/]/%a[^\n]", host, device); if (ret != 2) { free(*host); free(*device); -- 1.7.1 From snmishra at linux.vnet.ibm.com Fri Aug 3 20:25:37 2012 From: snmishra at linux.vnet.ibm.com (snmishra at linux.vnet.ibm.com) Date: Fri, 03 Aug 2012 13:25:37 -0700 Subject: [Libvirt-cim] [PATCH] fix id parsing with white space In-Reply-To: <1343979419-30227-1-git-send-email-xiawenc@linux.vnet.ibm.com> References: <1343979419-30227-1-git-send-email-xiawenc@linux.vnet.ibm.com> Message-ID: <20120803132537.Horde.aQfllpir309QHDPBgxihrQA@imap.linux.ibm.com> +1 Quoting Wenchao Xia : > When device id string contains white space, parse is not correct. > This patch fix it > > Signed-off-by: Wenchao Xia > --- > libxkutil/device_parsing.c | 2 +- > 1 files changed, 1 insertions(+), 1 deletions(-) > > diff --git a/libxkutil/device_parsing.c b/libxkutil/device_parsing.c > index 5393290..ceb4552 100644 > --- a/libxkutil/device_parsing.c > +++ b/libxkutil/device_parsing.c > @@ -1033,7 +1033,7 @@ int parse_fq_devid(const char *devid, char > **host, char **device) > { > int ret; > > - ret = sscanf(devid, "%a[^/]/%as", host, device); > + ret = sscanf(devid, "%a[^/]/%a[^\n]", host, device); > if (ret != 2) { > free(*host); > free(*device); > -- > 1.7.1 From ydu at redhat.com Thu Aug 16 06:24:55 2012 From: ydu at redhat.com (Yanbing Du) Date: Thu, 16 Aug 2012 02:24:55 -0400 (EDT) Subject: [Libvirt-cim] libvirt-cim dependency question and test result In-Reply-To: <523975730.45495091.1345096404528.JavaMail.root@redhat.com> Message-ID: <1905710869.45519220.1345098295506.JavaMail.root@redhat.com> Hi, Recently i'm doing libvirt-cim testing, and there's a question about cim-server dependency. When i yum install libvirt-cim, the dependency of cim-server will install sblim-sfcb, but what we want use is tog-pegasus, so i install tog-pegasus manually after installed libvirt-cim. then test it by wbemcli: #wbemcli ein http://root:redhat at localhost/root/virt:KVM_VirtualSystemManagementService * * wbemcli: Cim: (3) CIM_ERR_INVALID_NAMESPACE: root/virt * and there's no provider module about libvirt-cim #cimprovider -l OperatingSystemModule ComputerSystemModule ProcessModule SLPProviderModule So i reinstall libvirt-cim and it works well. There are 2 bugs about the dependency problem, and all fixed. https://bugzilla.redhat.com/show_bug.cgi?id=694749 https://bugzilla.redhat.com/show_bug.cgi?id=799037 I wonder if this behavior is excepted? BTW, i run the cimtest suit and 30 tests failed. Please check the attachment for detail info. Related packages version: # rpm -q libvirt libvirt-0.10.0-0rc0.el6.x86_64 # rpm -q libvirt-cim libvirt-cim-0.6.1-3.el6.x86_64 # rpm -q qemu-kvm qemu-kvm-0.12.1.2-2.303.el6.x86_64 ================================================= Test Run Summary (Aug 14 2012): KVM on Red Hat Enterprise Linux Server release 6.3 (Santiago) with Pegasus ================================================= Distro: Red Hat Enterprise Linux Server release 6.3 (Santiago) Kernel: 2.6.32-289.el6.x86_64 libvirt: 0.10.0 Hypervisor: QEMU 0.12.1 CIMOM: Pegasus 2.11.0 Libvirt-cim revision: 1192 Libvirt-cim changeset: 0c468a8 Cimtest revision: Cimtest changeset: 93f0e6e Total test execution: Unknown ================================================= FAIL : 30 XFAIL : 2 SKIP : 14 PASS : 146 ----------------- Total : 192 ================================================= Thanks! Best Regards! Yanbing Du -------------- next part -------------- A non-text attachment was scrubbed... Name: run_report.log Type: text/x-log Size: 33131 bytes Desc: not available URL: From eblima at gmail.com Thu Aug 16 12:12:47 2012 From: eblima at gmail.com (Eduardo Lima (Etrunko)) Date: Thu, 16 Aug 2012 09:12:47 -0300 Subject: [Libvirt-cim] libvirt-cim dependency question and test result In-Reply-To: <1905710869.45519220.1345098295506.JavaMail.root@redhat.com> References: <523975730.45495091.1345096404528.JavaMail.root@redhat.com> <1905710869.45519220.1345098295506.JavaMail.root@redhat.com> Message-ID: On Thu, Aug 16, 2012 at 3:24 AM, Yanbing Du wrote: > Hi, > Recently i'm doing libvirt-cim testing, and there's a question about cim-server dependency. > When i yum install libvirt-cim, the dependency of cim-server will install sblim-sfcb, but what we want use is tog-pegasus, so i install tog-pegasus manually after installed libvirt-cim. then test it by wbemcli: > #wbemcli ein http://root:redhat at localhost/root/virt:KVM_VirtualSystemManagementService > * > * wbemcli: Cim: (3) CIM_ERR_INVALID_NAMESPACE: root/virt > * > and there's no provider module about libvirt-cim > #cimprovider -l > OperatingSystemModule > ComputerSystemModule > ProcessModule > SLPProviderModule > > So i reinstall libvirt-cim and it works well. > There are 2 bugs about the dependency problem, and all fixed. > https://bugzilla.redhat.com/show_bug.cgi?id=694749 > https://bugzilla.redhat.com/show_bug.cgi?id=799037 > I wonder if this behavior is excepted? > Yes, the registration of libvirt-cim providers is done at install time. See the .spec file for more information. It will check which server is installed and then register the providers accordingly. Best regards, Etrunko > BTW, i run the cimtest suit and 30 tests failed. Please check the attachment for detail info. > Related packages version: > # rpm -q libvirt > libvirt-0.10.0-0rc0.el6.x86_64 > # rpm -q libvirt-cim > libvirt-cim-0.6.1-3.el6.x86_64 > # rpm -q qemu-kvm > qemu-kvm-0.12.1.2-2.303.el6.x86_64 > > ================================================= > Test Run Summary (Aug 14 2012): KVM on Red Hat Enterprise Linux Server release 6.3 (Santiago) with Pegasus > ================================================= > Distro: Red Hat Enterprise Linux Server release 6.3 (Santiago) > Kernel: 2.6.32-289.el6.x86_64 > libvirt: 0.10.0 > Hypervisor: QEMU 0.12.1 > CIMOM: Pegasus 2.11.0 > Libvirt-cim revision: 1192 > Libvirt-cim changeset: 0c468a8 > Cimtest revision: > Cimtest changeset: 93f0e6e > Total test execution: Unknown > ================================================= > FAIL : 30 > XFAIL : 2 > SKIP : 14 > PASS : 146 > ----------------- > Total : 192 > ================================================= > > > Thanks! > Best Regards! > Yanbing Du > _______________________________________________ > Libvirt-cim mailing list > Libvirt-cim at redhat.com > https://www.redhat.com/mailman/listinfo/libvirt-cim -- Eduardo de Barros Lima ??? eblima at gmail.com From snmishra at linux.vnet.ibm.com Thu Aug 16 14:42:05 2012 From: snmishra at linux.vnet.ibm.com (snmishra at linux.vnet.ibm.com) Date: Thu, 16 Aug 2012 07:42:05 -0700 Subject: [Libvirt-cim] libvirt-cim dependency question and test result In-Reply-To: References: <523975730.45495091.1345096404528.JavaMail.root@redhat.com> <1905710869.45519220.1345098295506.JavaMail.root@redhat.com> Message-ID: <20120816074205.Horde.LMfYXpir309QLQa95Fkn2VA@imap.linux.ibm.com> Eduardo, Good to see that you are still active in libvirt-cim community. -Sharad Quoting "Eduardo Lima (Etrunko)" : > On Thu, Aug 16, 2012 at 3:24 AM, Yanbing Du wrote: >> Hi, >> Recently i'm doing libvirt-cim testing, and there's a question >> about cim-server dependency. >> When i yum install libvirt-cim, the dependency of cim-server >> will install sblim-sfcb, but what we want use is tog-pegasus, so i >> install tog-pegasus manually after installed libvirt-cim. then test >> it by wbemcli: >> #wbemcli ein >> http://root:redhat at localhost/root/virt:KVM_VirtualSystemManagementService >> * >> * wbemcli: Cim: (3) CIM_ERR_INVALID_NAMESPACE: root/virt >> * >> and there's no provider module about libvirt-cim >> #cimprovider -l >> OperatingSystemModule >> ComputerSystemModule >> ProcessModule >> SLPProviderModule >> >> So i reinstall libvirt-cim and it works well. >> There are 2 bugs about the dependency problem, and all fixed. >> https://bugzilla.redhat.com/show_bug.cgi?id=694749 >> https://bugzilla.redhat.com/show_bug.cgi?id=799037 >> I wonder if this behavior is excepted? >> > > Yes, the registration of libvirt-cim providers is done at install > time. See the .spec file for more information. It will check which > server is installed and then register the providers accordingly. > > Best regards, Etrunko > >> BTW, i run the cimtest suit and 30 tests failed. Please check the >> attachment for detail info. >> Related packages version: >> # rpm -q libvirt >> libvirt-0.10.0-0rc0.el6.x86_64 >> # rpm -q libvirt-cim >> libvirt-cim-0.6.1-3.el6.x86_64 >> # rpm -q qemu-kvm >> qemu-kvm-0.12.1.2-2.303.el6.x86_64 >> >> ================================================= >> Test Run Summary (Aug 14 2012): KVM on Red Hat Enterprise Linux >> Server release 6.3 (Santiago) with Pegasus >> ================================================= >> Distro: Red Hat Enterprise Linux Server release 6.3 (Santiago) >> Kernel: 2.6.32-289.el6.x86_64 >> libvirt: 0.10.0 >> Hypervisor: QEMU 0.12.1 >> CIMOM: Pegasus 2.11.0 >> Libvirt-cim revision: 1192 >> Libvirt-cim changeset: 0c468a8 >> Cimtest revision: >> Cimtest changeset: 93f0e6e >> Total test execution: Unknown >> ================================================= >> FAIL : 30 >> XFAIL : 2 >> SKIP : 14 >> PASS : 146 >> ----------------- >> Total : 192 >> ================================================= >> >> >> Thanks! >> Best Regards! >> Yanbing Du >> _______________________________________________ >> Libvirt-cim mailing list >> Libvirt-cim at redhat.com >> https://www.redhat.com/mailman/listinfo/libvirt-cim > > > > -- > Eduardo de Barros Lima ??? > eblima at gmail.com > > _______________________________________________ > Libvirt-cim mailing list > Libvirt-cim at redhat.com > https://www.redhat.com/mailman/listinfo/libvirt-cim From ydu at redhat.com Wed Aug 22 08:56:20 2012 From: ydu at redhat.com (Yanbing Du) Date: Wed, 22 Aug 2012 04:56:20 -0400 (EDT) Subject: [Libvirt-cim] SELinux problem about libvirt-cim In-Reply-To: <1905710869.45519220.1345098295506.JavaMail.root@redhat.com> Message-ID: <549115274.55371016.1345625780008.JavaMail.root@redhat.com> Hi, I'm doing libvirt-cim test, and the result of enforcing SELinux is different with permissive. And there's some AVC deny messages during running cimtest, so i'm wonder if there's any bugs about this problem, thanks ! Diff test results: getenforce=Permissive: -------------------------------------------------------------------- Profile - 02_profile_to_elec.py: FAIL ERROR - KVM_ComputerSystem with domguest was not returned -------------------------------------------------------------------- getenforce=Enforcing: -------------------------------------------------------------------- ElementConforms - 04_ectp_rev_errs.py: FAIL ERROR - Got CIM error CIM_ERR_FAILED: Lost connection with cimprovagt "libvirt-cim". with return code 1 ERROR - Unable to define domain domU InvokeMethod(DefineSystem): CIM_ERR_FAILED: Lost connection with cimprovagt "libvirt-cim". -------------------------------------------------------------------- Profile - 02_profile_to_elec.py: FAIL 246 ERROR - KVM_ComputerSystem with domguest was not returned -------------------------------------------------------------------- VirtualSystemSnapshotService - 03_create_snapshot.py: FAIL ERROR - Exception: CreateSnapshot failed to return a CIM job inst ERROR - Failed to remove snapshot file for snapshot_vm -------------------------------------------------------------------- RASDIndications - 01_guest_states_rasd_ind.py: FAIL ERROR - Exception: Poll for indication Failed -------------------------------------------------------------------- RASDIndications - 02_guest_add_mod_rem_rasd_ind.py: FAIL ERROR - Exception: Poll for indication Failed -------------------------------------------------------------------- And the AVC deny messages in the attachment. Best Regards! Yanbing Du -------------- next part -------------- A non-text attachment was scrubbed... Name: audit-avc.log Type: text/x-log Size: 8912 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: run_report.log Type: text/x-log Size: 33131 bytes Desc: not available URL: From snmishra at linux.vnet.ibm.com Wed Aug 22 20:44:17 2012 From: snmishra at linux.vnet.ibm.com (snmishra at linux.vnet.ibm.com) Date: Wed, 22 Aug 2012 13:44:17 -0700 Subject: [Libvirt-cim] SELinux problem about libvirt-cim In-Reply-To: <549115274.55371016.1345625780008.JavaMail.root@redhat.com> References: <549115274.55371016.1345625780008.JavaMail.root@redhat.com> Message-ID: <20120822134417.Horde.Rjkkc5ir309QNUShdVeR8iA@imap.linux.ibm.com> Quoting Yanbing Du : > Hi, > I'm doing libvirt-cim test, and the result of enforcing SELinux > is different with permissive. And there's some AVC deny messages > during running cimtest, so i'm wonder if there's any bugs about this > problem, thanks ! Are you seeing any core dumps? Usually, "Lost connection with cimprovagt" is seen when there is a seg fault/core dump. -Sharad > > Diff test results: > getenforce=Permissive: > -------------------------------------------------------------------- > Profile - 02_profile_to_elec.py: FAIL > ERROR - KVM_ComputerSystem with domguest was not returned > -------------------------------------------------------------------- > > getenforce=Enforcing: > -------------------------------------------------------------------- > ElementConforms - 04_ectp_rev_errs.py: FAIL > ERROR - Got CIM error CIM_ERR_FAILED: Lost connection with > cimprovagt "libvirt-cim". with return code 1 > ERROR - Unable to define domain domU > InvokeMethod(DefineSystem): CIM_ERR_FAILED: Lost connection with > cimprovagt "libvirt-cim". > -------------------------------------------------------------------- > Profile - 02_profile_to_elec.py: FAIL > 246 > ERROR - KVM_ComputerSystem with domguest was not returned > -------------------------------------------------------------------- > VirtualSystemSnapshotService - 03_create_snapshot.py: FAIL > ERROR - Exception: CreateSnapshot failed to return a CIM job inst > ERROR - Failed to remove snapshot file for snapshot_vm > -------------------------------------------------------------------- > RASDIndications - 01_guest_states_rasd_ind.py: FAIL > ERROR - Exception: Poll for indication Failed > -------------------------------------------------------------------- > RASDIndications - 02_guest_add_mod_rem_rasd_ind.py: FAIL > ERROR - Exception: Poll for indication Failed > -------------------------------------------------------------------- > > And the AVC deny messages in the attachment. > > > Best Regards! > Yanbing Du From ydu at redhat.com Thu Aug 23 02:55:09 2012 From: ydu at redhat.com (Yanbing Du) Date: Wed, 22 Aug 2012 22:55:09 -0400 (EDT) Subject: [Libvirt-cim] SELinux problem about libvirt-cim In-Reply-To: <20120822134417.Horde.Rjkkc5ir309QNUShdVeR8iA@imap.linux.ibm.com> Message-ID: <1212523732.57616387.1345690509705.JavaMail.root@redhat.com> ----- Original Message ----- > From: snmishra at linux.vnet.ibm.com > To: libvirt-cim at redhat.com > Sent: Thursday, August 23, 2012 4:44:17 AM > Subject: Re: [Libvirt-cim] SELinux problem about libvirt-cim > > > Quoting Yanbing Du : > > > Hi, > > I'm doing libvirt-cim test, and the result of enforcing SELinux > > is different with permissive. And there's some AVC deny messages > > during running cimtest, so i'm wonder if there's any bugs about > > this > > problem, thanks ! > > Are you seeing any core dumps? Usually, "Lost connection with > cimprovagt" is seen when there is a seg fault/core dump. > Yes, there's core dump: ------ Aug 20 13:32:19 intel-w3520-8-2 kernel: cimprovagt[13698] general protection ip:7f4e9d264eea sp:7f4e9ef20dd0 error:0 in libpegcommon.so.1[7f4e9d1ca000+1d8000] Aug 20 13:32:19 intel-w3520-8-2 abrtd: Directory 'ccpp-2012-08-20-13:32:19-13480' creation detected Aug 20 13:32:19 intel-w3520-8-2 abrt[16366]: Saved core dump of pid 13480 (/usr/sbin/cimprovagt) to /var/spool/abrt/ccpp-2012-08-20-13:32:19-13480 (41832448 bytes) ------ FYI, attached the core dump file. > -Sharad > > > > Diff test results: > > getenforce=Permissive: > > -------------------------------------------------------------------- > > Profile - 02_profile_to_elec.py: FAIL > > ERROR - KVM_ComputerSystem with domguest was not returned > > -------------------------------------------------------------------- > > > > getenforce=Enforcing: > > -------------------------------------------------------------------- > > ElementConforms - 04_ectp_rev_errs.py: FAIL > > ERROR - Got CIM error CIM_ERR_FAILED: Lost connection with > > cimprovagt "libvirt-cim". with return code 1 > > ERROR - Unable to define domain domU > > InvokeMethod(DefineSystem): CIM_ERR_FAILED: Lost connection with > > cimprovagt "libvirt-cim". > > -------------------------------------------------------------------- > > Profile - 02_profile_to_elec.py: FAIL > > 246 > > ERROR - KVM_ComputerSystem with domguest was not returned > > -------------------------------------------------------------------- > > VirtualSystemSnapshotService - 03_create_snapshot.py: FAIL > > ERROR - Exception: CreateSnapshot failed to return a CIM job inst > > ERROR - Failed to remove snapshot file for snapshot_vm > > -------------------------------------------------------------------- > > RASDIndications - 01_guest_states_rasd_ind.py: FAIL > > ERROR - Exception: Poll for indication Failed > > -------------------------------------------------------------------- > > RASDIndications - 02_guest_add_mod_rem_rasd_ind.py: FAIL > > ERROR - Exception: Poll for indication Failed > > -------------------------------------------------------------------- > > > > And the AVC deny messages in the attachment. > > > > > > Best Regards! > > Yanbing Du > > > > _______________________________________________ > Libvirt-cim mailing list > Libvirt-cim at redhat.com > https://www.redhat.com/mailman/listinfo/libvirt-cim > -------------- next part -------------- A non-text attachment was scrubbed... Name: ccpp-coredump.tar.gz Type: application/x-compressed-tar Size: 2708863 bytes Desc: not available URL: From eblima at gmail.com Thu Aug 23 11:38:13 2012 From: eblima at gmail.com (Eduardo Lima (Etrunko)) Date: Thu, 23 Aug 2012 08:38:13 -0300 Subject: [Libvirt-cim] SELinux problem about libvirt-cim In-Reply-To: <1212523732.57616387.1345690509705.JavaMail.root@redhat.com> References: <20120822134417.Horde.Rjkkc5ir309QNUShdVeR8iA@imap.linux.ibm.com> <1212523732.57616387.1345690509705.JavaMail.root@redhat.com> Message-ID: On Wed, Aug 22, 2012 at 11:55 PM, Yanbing Du wrote: > > > ----- Original Message ----- >> From: snmishra at linux.vnet.ibm.com >> To: libvirt-cim at redhat.com >> Sent: Thursday, August 23, 2012 4:44:17 AM >> Subject: Re: [Libvirt-cim] SELinux problem about libvirt-cim >> >> >> Quoting Yanbing Du : >> >> > Hi, >> > I'm doing libvirt-cim test, and the result of enforcing SELinux >> > is different with permissive. And there's some AVC deny messages >> > during running cimtest, so i'm wonder if there's any bugs about >> > this >> > problem, thanks ! >> >> Are you seeing any core dumps? Usually, "Lost connection with >> cimprovagt" is seen when there is a seg fault/core dump. >> > > Yes, there's core dump: > ------ > Aug 20 13:32:19 intel-w3520-8-2 kernel: cimprovagt[13698] general protection ip:7f4e9d264eea sp:7f4e9ef20dd0 error:0 in libpegcommon.so.1[7f4e9d1ca000+1d8000] > Aug 20 13:32:19 intel-w3520-8-2 abrtd: Directory 'ccpp-2012-08-20-13:32:19-13480' creation detected > Aug 20 13:32:19 intel-w3520-8-2 abrt[16366]: Saved core dump of pid 13480 (/usr/sbin/cimprovagt) to /var/spool/abrt/ccpp-2012-08-20-13:32:19-13480 (41832448 bytes) > ------ > FYI, attached the core dump file. > I had reported this issue with libvirt-cim/SELinux when I started implementing reboot/shutdown events as jobs. Now the reason why it crashes when SELinux is enabled is the 1 million dollar question. :/ https://www.redhat.com/archives/libvirt-cim/2012-June/msg00021.html Best regards, Etrunko -- Eduardo de Barros Lima ??? eblima at gmail.com From xiawenc at linux.vnet.ibm.com Fri Aug 24 10:18:29 2012 From: xiawenc at linux.vnet.ibm.com (Wenchao Xia) Date: Fri, 24 Aug 2012 18:18:29 +0800 Subject: [Libvirt-cim] [PATCH] provide a hack to borrow non-root ssh keys in migration Message-ID: <1345803509-13036-1-git-send-email-xiawenc@linux.vnet.ibm.com> This patch allow libvirt-cim to use non-root's ssh key, avoid using root's key to avoid exposing root's ssh login. Because libvirt-cim runs in root mode so it is hard to satisfy some server security rules especially about root's ssh key exposing. This is a walk around to improve it. Signed-off-by: Wenchao Xia --- src/Virt_VSMigrationService.c | 96 +++++++++++++++++++++++++++++++++++++++-- 1 files changed, 92 insertions(+), 4 deletions(-) diff --git a/src/Virt_VSMigrationService.c b/src/Virt_VSMigrationService.c index 76e3d25..55442ee 100644 --- a/src/Virt_VSMigrationService.c +++ b/src/Virt_VSMigrationService.c @@ -150,6 +150,7 @@ static CMPIStatus get_migration_uri(CMPIInstance *msd, static char *dest_uri(const char *cn, const char *dest, + const char *dest_params, uint16_t transport) { const char *prefix; @@ -157,6 +158,7 @@ static char *dest_uri(const char *cn, const char *param = ""; char *uri = NULL; int rc; + int param_labeled = 0; if (STARTS_WITH(cn, "Xen")) prefix = "xen"; @@ -197,16 +199,75 @@ static char *dest_uri(const char *cn, goto out; } - if (!STREQC(param, "")) + if (!STREQC(param, "")) { rc = asprintf(&uri, "%s/%s", uri, param); + param_labeled = 1; + } - if (rc == -1) + if (rc == -1) { uri = NULL; + goto out; + } + if (dest_params) { + if (param_labeled == 0) { + rc = asprintf(&uri, "%s?%s", uri, dest_params); + } else { + rc = asprintf(&uri, "%s%s", uri, dest_params); + } + if (rc == -1) { + uri = NULL; + goto out; + } + } out: return uri; } +/* libvirt need private key specified must be placed in a directory owned by + root, because libvirt-cim now runs as root. So here the key would be copied, + up layer need to delete that key after migration. This method could allow + libvirt-cim borrow a non-root ssh private key, instead of using root's private + key, avoid security risk. */ +static int ssh_key_cp(const char *src, const char *dest) +{ + char *cmd = NULL; + int rc; + int ret = 0; + FILE *stream = NULL; + char buf[256]; + + rc = asprintf(&cmd, "cp -f %s %s", src, dest); + if (rc == -1) { + cmd = NULL; + ret = -1; + goto out; + } + + CU_DEBUG("excuting system cmd [%s].", cmd); + stream = popen(cmd, "r"); + if (stream == NULL) { + CU_DEBUG("Failed to open pipe to run command"); + ret = -2; + goto out; + } + usleep(10000); + + buf[255] = 0; + while (fgets(buf, sizeof(buf), stream) != NULL) { + CU_DEBUG("Exception got: %s.", buf); + ret = -3; + goto out; + } + + out: + if (stream != NULL) { + pclose(stream); + } + free(cmd); + return ret; +} + static CMPIStatus get_msd_values(const CMPIObjectPath *ref, const char *destination, const CMPIArgs *argsin, @@ -217,6 +278,14 @@ static CMPIStatus get_msd_values(const CMPIObjectPath *ref, CMPIInstance *msd; uint16_t uri_type; char *uri = NULL; + const char *dest_params = NULL; + const char *ssh_hack_src = NULL; + const char *ssh_hack_dest = NULL; + int ret; + + cu_get_str_arg(argsin, "DestinationHostParams", &dest_params); + cu_get_str_arg(argsin, "SSH_Key_Src", &ssh_hack_src); + cu_get_str_arg(argsin, "SSH_Key_Dest", &ssh_hack_dest); s = get_msd(ref, argsin, &msd); if (s.rc != CMPI_RC_OK) @@ -230,7 +299,7 @@ static CMPIStatus get_msd_values(const CMPIObjectPath *ref, if (s.rc != CMPI_RC_OK) goto out; - uri = dest_uri(CLASSNAME(ref), destination, uri_type); + uri = dest_uri(CLASSNAME(ref), destination, dest_params, uri_type); if (uri == NULL) { cu_statusf(_BROKER, &s, CMPI_RC_ERR_FAILED, @@ -238,6 +307,19 @@ static CMPIStatus get_msd_values(const CMPIObjectPath *ref, goto out; } + if ((ssh_hack_src) && (ssh_hack_dest)) { + CU_DEBUG("hacking ssh keys src %s, dest %s.", + ssh_hack_src, ssh_hack_dest); + ret = ssh_key_cp(ssh_hack_src, ssh_hack_dest); + if (ret < 0) { + cu_statusf(_BROKER, &s, + CMPI_RC_ERR_FAILED, + "Failed to copy ssh key files"); + goto out; + } + } + + CU_DEBUG("Migrate tring to connect remote host with uri %s.", uri); *conn = virConnectOpen(uri); if (*conn == NULL) { CU_DEBUG("Failed to connect to remote host (%s)", uri); @@ -1537,7 +1619,7 @@ static CMPIStatus migrate_vs_host(CMPIMethodMI *self, const char *dhost = NULL; CMPIObjectPath *system; const char *name = NULL; - + cu_get_str_arg(argsin, "DestinationHost", &dhost); cu_get_ref_arg(argsin, "ComputerSystem", &system); @@ -1608,6 +1690,9 @@ static struct method_handler vsimth = { .handler = vs_migratable_host, .args = {{"ComputerSystem", CMPI_ref, false}, {"DestinationHost", CMPI_string, false}, + {"DestinationHostParams", CMPI_string, true}, + {"SSH_Key_Src", CMPI_string, true}, + {"SSH_Key_Dest", CMPI_string, true}, {"MigrationSettingData", CMPI_instance, true}, {"NewSystemSettingData", CMPI_instance, true}, {"NewResourceSettingData", CMPI_instanceA, true}, @@ -1632,6 +1717,9 @@ static struct method_handler mvsth = { .handler = migrate_vs_host, .args = {{"ComputerSystem", CMPI_ref, false}, {"DestinationHost", CMPI_string, false}, + {"DestinationHostParams", CMPI_string, true}, + {"SSH_Key_Src", CMPI_string, true}, + {"SSH_Key_Dest", CMPI_string, true}, {"MigrationSettingData", CMPI_instance, true}, {"NewSystemSettingData", CMPI_instance, true}, {"NewResourceSettingData", CMPI_instanceA, true}, -- 1.7.1 From tyreld at us.ibm.com Fri Aug 24 14:04:40 2012 From: tyreld at us.ibm.com (Tyrel Datwyler) Date: Fri, 24 Aug 2012 08:04:40 -0600 Subject: [Libvirt-cim] Tyrel Datwyler is out of the office. Message-ID: I will be out of the office starting 08/24/2012 and will not return until 08/28/2012. During this time I will not have access to email. In the case of any urgent issues please contact my back up David Heller. -------------- next part -------------- An HTML attachment was scrubbed... URL: