Currently we have stdout + stderr of QEMU guests setup to write to a log file (eg /var/log/libvirt/qemu/$GUEST.log). This is nice and simple, but it in fact opens the possibility of a malicious or accidental denial of service, whereby QEMU can write logs of data to stdio and thus fill up the host filesystem holding the log. Although we have logrotate policy in place, this is only processed once a day, so there is still a window where disk usage is not constrained. The only way to solve this is to not let QEMU directly write to the log file, instead connect its stdio to a pipe and copy data from the pipe to the real log file, performing file rollover when it reaches a certain size. If we do this, we need something to keep open the pipe for as long as QEMU is running. This can't be libvirtd since we expect libvirtd to be able to be stopped while QEMU is running. Thus we introduce a new single-purpose daemon virtlogd whose job is exclusively to deal with log file writing. This daemon has support for SIGUSR1 to tell it to re-exec itself while keeping open the pipe to QEMU so it can be safely upgraded while QEMU is running. This series switches QEMU to use virtlogd by default, but in case of problems we can revert back to the old direct file access by setting 'stdio_handler = "file"' in /etc/libvirt/qemu.conf This series is only the first step. The same problem exists when character devices are told to use the file backend. There is a further use case from OpenStack which that they want to allow the use of both a TCP backend and a file backend at the same time. The idea is that the serial port is to be used for an interactive console, so needs the TCP backend support, but we also want to be able to record all output on that serial port to a file for logging purposes. Thus, in a followup I will work on creating a new character device backend "logd" that will use virtlogd to provide this combined tcp+logfile facility for QEMU guests. Daniel P. Berrange (5): util: add API for writing to rotating files Import stripped down virtlockd code as basis of virtlogd logging: introduce log handling protocol logging: add client for virtlogd daemon qemu: add support for sending QEMU stdout/stderr to virtlogd .gitignore | 7 + cfg.mk | 6 +- include/libvirt/virterror.h | 1 + libvirt.spec.in | 24 +- po/POTFILES.in | 5 + src/Makefile.am | 176 +++++- src/libvirt_private.syms | 12 + src/logging/log_daemon.c | 1207 ++++++++++++++++++++++++++++++++++++ src/logging/log_daemon.h | 45 ++ src/logging/log_daemon_config.c | 203 ++++++ src/logging/log_daemon_config.h | 50 ++ src/logging/log_daemon_dispatch.c | 67 ++ src/logging/log_daemon_dispatch.h | 31 + src/logging/log_handler.c | 429 +++++++++++++ src/logging/log_handler.h | 46 ++ src/logging/log_manager.c | 197 ++++++ src/logging/log_manager.h | 42 ++ src/logging/log_protocol.x | 71 +++ src/logging/test_virtlogd.aug.in | 12 + src/logging/virtlogd.aug | 45 ++ src/logging/virtlogd.conf | 67 ++ src/logging/virtlogd.init.in | 94 +++ src/logging/virtlogd.pod.in | 162 +++++ src/logging/virtlogd.service.in | 17 + src/logging/virtlogd.socket.in | 8 + src/logging/virtlogd.sysconf | 3 + src/qemu/libvirtd_qemu.aug | 1 + src/qemu/qemu.conf | 15 + src/qemu/qemu_conf.c | 18 + src/qemu/qemu_conf.h | 1 + src/qemu/qemu_domain.c | 43 +- src/qemu/qemu_process.c | 42 +- src/qemu/test_libvirtd_qemu.aug.in | 1 + src/util/virerror.c | 1 + src/util/virrotatingfile.c | 237 +++++++ src/util/virrotatingfile.h | 44 ++ tests/Makefile.am | 6 + tests/virrotatingfiletest.c | 415 +++++++++++++ 38 files changed, 3802 insertions(+), 49 deletions(-) create mode 100644 src/logging/log_daemon.c create mode 100644 src/logging/log_daemon.h create mode 100644 src/logging/log_daemon_config.c create mode 100644 src/logging/log_daemon_config.h create mode 100644 src/logging/log_daemon_dispatch.c create mode 100644 src/logging/log_daemon_dispatch.h create mode 100644 src/logging/log_handler.c create mode 100644 src/logging/log_handler.h create mode 100644 src/logging/log_manager.c create mode 100644 src/logging/log_manager.h create mode 100644 src/logging/log_protocol.x create mode 100644 src/logging/test_virtlogd.aug.in create mode 100644 src/logging/virtlogd.aug create mode 100644 src/logging/virtlogd.conf create mode 100644 src/logging/virtlogd.init.in create mode 100644 src/logging/virtlogd.pod.in create mode 100644 src/logging/virtlogd.service.in create mode 100644 src/logging/virtlogd.socket.in create mode 100644 src/logging/virtlogd.sysconf create mode 100644 src/util/virrotatingfile.c create mode 100644 src/util/virrotatingfile.h create mode 100644 tests/virrotatingfiletest.c -- 2.5.0 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list