As previously discussed, it is desirable to move libvirt to a model
where we abort-on-OOM, possibly making use of glib2.
This would be good for libvirt in general, but it is bad for a
couple of libvirt addons.
The virt-login-shell setuid program would be ok with abort-on-OOM,
but absolutely can never link to glib2 in a setuid setup.
The NSS module cannot tolerate abort-on-OOM as it is dyn loaded in
to every process on the host, some of which wish to be robust on
OOM.
It is not practical to restrict abort-on-OOM to only the pieces of
code not used by NSS, nor is it practical to conditionally build
with & without abort-on-OOM.
The solution to both these problems is to refactor the code such
that it does not use any common libvirt code. Only direct libc
APIs are permitted, and for the NSS module the yajl library.
For virt-login-shell this refactoring actually makes the entire
solution more pleasant to deal with, so is a win regardless.
For the NSS module, the code is a little less attractive by
using the lower level libc APIs. The need to use the yajl APIs
directly also makes parsing MACs/leases much more verbose. This
is still tolerable though, given the benefit of switching the
other libvirt code to abort-on-OOM.
Daniel P. Berrangé (17):
tools: fix crash in virt-login-shell if config doesn't exist
tools: fix double error reporting in virt-login-shell
tools: rename source for virt-login-shell
tools: split virt-login-shell into two binaries
build: drop libvirt setuid library build
util: get rid of virIsSUID method
util: simplify virCommand APIs for env passthrough.
util: get rid of virGetEnv{Allow,Block}SUID functions
nss: remove use for virDir helper APIs
nss: remove use for virString helper APIs
nss: remove use for virFile helper APIs
nss: refactor code for processing mac addresses
nss: custom parser for loading .macs file
nss: custom parser for loading .leases file
nss: directly use getnameinfo/getaddrinfo
nss: remove last usages of libvirt headers
nss: only link to yajl library and nothing else
.gitignore | 1 +
cfg.mk | 25 +-
config-post.h | 54 ----
configure.ac | 3 -
libvirt.spec.in | 1 +
src/Makefile.am | 174 -------------
src/libvirt-admin.c | 2 +-
src/libvirt.c | 47 ++--
src/libvirt_private.syms | 6 +-
src/lxc/lxc_process.c | 2 +-
src/network/leaseshelper.c | 14 +-
src/qemu/qemu_command.c | 8 +-
src/qemu/qemu_firmware.c | 2 +-
src/remote/remote_driver.c | 25 +-
src/rpc/virnetlibsshsession.c | 2 +-
src/rpc/virnetsocket.c | 16 +-
src/rpc/virnettlscontext.c | 2 +-
src/util/virauth.c | 2 +-
src/util/vircommand.c | 48 +---
src/util/vircommand.h | 8 +-
src/util/virfile.c | 7 +-
src/util/virlease.c | 4 +-
src/util/virlog.c | 15 +-
src/util/virsystemd.c | 8 +-
src/util/virutil.c | 48 +---
src/util/virutil.h | 4 -
src/vbox/vbox_XPCOMCGlue.c | 2 +-
src/vbox/vbox_common.c | 2 +-
tests/commandtest.c | 8 +-
tools/Makefile.am | 43 ++--
tools/nss/libvirt_nss.c | 343 ++++++++-----------------
tools/nss/libvirt_nss.h | 24 ++
tools/nss/libvirt_nss_leases.c | 429 +++++++++++++++++++++++++++++++
tools/nss/libvirt_nss_leases.h | 40 +++
tools/nss/libvirt_nss_macs.c | 287 +++++++++++++++++++++
tools/nss/libvirt_nss_macs.h | 29 +++
tools/virsh.c | 2 +-
tools/virt-login-shell-helper.c | 439 ++++++++++++++++++++++++++++++++
tools/virt-login-shell.c | 421 ++++--------------------------
tools/vsh.c | 12 +-
40 files changed, 1521 insertions(+), 1088 deletions(-)
create mode 100644 tools/nss/libvirt_nss_leases.c
create mode 100644 tools/nss/libvirt_nss_leases.h
create mode 100644 tools/nss/libvirt_nss_macs.c
create mode 100644 tools/nss/libvirt_nss_macs.h
create mode 100644 tools/virt-login-shell-helper.c
--
2.21.0
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
