From: Frank Brehm Date: Thu, 10 Mar 2016 20:43:31 +0000 (+0100) Subject: saving uncommitted changes in /etc prior to emerge run X-Git-Url: https://git.uhu-banane.net/?a=commitdiff_plain;h=e76f5e12ebe5acfc5211884e851487c591be33df;p=config%2Fsamara%2Fetc.git saving uncommitted changes in /etc prior to emerge run --- diff --git a/init.d/libvirtd b/init.d/libvirtd index 97184e3..790161e 100755 --- a/init.d/libvirtd +++ b/init.d/libvirtd @@ -15,24 +15,21 @@ pidfile="/var/run/libvirtd.pid" retry="${LIBVIRTD_TERMTIMEOUT}" depend() { - - use avahi-daemon dbus virtlockd + need virtlogd + use dbus virtlockd after ntp-client ntpd nfs nfsmount portmap rpc.statd iptables ip6tables ebtables corosync sanlock cgconfig xenconsoled + + use avahi-daemon + + } start_pre() { # Test configuration directories in /etc/libvirt/ to be either not # present or a directory, i.e. not a regular file, bug #532892 - local has_errors=0 - ebegin "Checking for suitable directories in \"/etc/libvirt\"" - - for dir in lxc nwfilter qemu storage; do - if [ -f /etc/libvirt/$dir ]; then - has_errors=1 - eerror "/etc/libvirt/$dir was created as a regular file. It must be either" - eerror "a directory or not present for libvirtd to start up successfully." - fi - done - eend ${has_errors} "Please correct the error(s) above" + checkpath --directory /etc/libvirt/lxc || return 1 + checkpath --directory /etc/libvirt/nwfilter || return 1 + checkpath --directory /etc/libvirt/qemu || return 1 + checkpath --directory /etc/libvirt/storage || return 1 } diff --git a/init.d/virtlogd b/init.d/virtlogd new file mode 100755 index 0000000..fac51d9 --- /dev/null +++ b/init.d/virtlogd @@ -0,0 +1,24 @@ +#!/sbin/runscript +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +description="libvirt virtual machine logging manager" +command="/usr/sbin/virtlogd" +command_args="-d" +pidfile="/var/run/virtlogd.pid" + +extra_started_commands="reload" +description_reload="re-exec the daemon, while maintaining open connections" + + +depend() { + after ntp-client ntpd nfs nfsmount corosync +} + +reload() { + ebegin "re-exec() virtlogd" + + start-stop-daemon --signal SIGUSR1 \ + --exec "${command}" --pidfile "${pidfile}" +} diff --git a/libvirt/libvirt-admin.conf b/libvirt/libvirt-admin.conf new file mode 100644 index 0000000..d7cf12a --- /dev/null +++ b/libvirt/libvirt-admin.conf @@ -0,0 +1,16 @@ +# +# This can be used to setup URI aliases for frequently +# used connection URIs. Aliases may contain only the +# characters a-Z, 0-9, _, -. +# +# Following the '=' may be any valid libvirt admin connection +# URI, including arbitrary parameters + +#uri_aliases = [ +# "admin=libvirtd:///system", +#] + +# This specifies the default location the client tries to connect to if no other +# URI is provided by the application + +#uri_default = "libvirtd:///system" diff --git a/libvirt/libvirt.conf b/libvirt/libvirt.conf index 016cd24..da4dfbe 100644 --- a/libvirt/libvirt.conf +++ b/libvirt/libvirt.conf @@ -12,7 +12,7 @@ #] # -# This can be used to prevent probing of the hypervisor -# driver when no URI is supplied by the application. - +# These can be used in cases when no URI is supplied by the application +# (@uri_default also prevents probing of the hypervisor driver). +# #uri_default = "qemu:///system" diff --git a/libvirt/libvirtd.conf b/libvirt/libvirtd.conf index 514e6e4..5485f98 100644 --- a/libvirt/libvirtd.conf +++ b/libvirt/libvirtd.conf @@ -344,10 +344,16 @@ # The format for a filter is one of: # x:name # x:+name -# where name is a string which is matched against source file name, -# e.g., "remote", "qemu", or "util/json", the optional "+" prefix -# tells libvirt to log stack trace for each message matching name, -# and x is the minimal level where matching messages should be logged: + +# where name is a string which is matched against the category +# given in the VIR_LOG_INIT() at the top of each libvirt source +# file, e.g., "remote", "qemu", or "util.json" (the name in the +# filter can be a substring of the full category name, in order +# to match multiple similar categories), the optional "+" prefix +# tells libvirt to log stack trace for each message matching +# name, and x is the minimal level where matching messages should +# be logged: + # 1: DEBUG # 2: INFO # 3: WARNING diff --git a/libvirt/qemu.conf b/libvirt/qemu.conf index 1c589a2..4fa5e8a 100644 --- a/libvirt/qemu.conf +++ b/libvirt/qemu.conf @@ -515,3 +515,18 @@ # "/usr/share/OVMF/OVMF_CODE.fd:/usr/share/OVMF/OVMF_VARS.fd", # "/usr/share/AAVMF/AAVMF_CODE.fd:/usr/share/AAVMF/AAVMF_VARS.fd" #] + +# The backend to use for handling stdout/stderr output from +# QEMU processes. +# +# 'file': QEMU writes directly to a plain file. This is the +# historical default, but allows QEMU to inflict a +# denial of service attack on the host by exhausting +# filesystem space +# +# 'logd': QEMU writes to a pipe provided by virtlogd daemon. +# This is the current default, providing protection +# against denial of service by performing log file +# rollover when a size limit is hit. +# +#stdio_handler = "logd" diff --git a/libvirt/virt-login-shell.conf b/libvirt/virt-login-shell.conf new file mode 100644 index 0000000..835fd3f --- /dev/null +++ b/libvirt/virt-login-shell.conf @@ -0,0 +1,26 @@ +# Master configuration file for the virt-login-shell program. +# All settings described here are optional - if omitted, sensible +# defaults are used. + +# By default, virt-login-shell will connect you to a container running +# with the /bin/sh program. Modify the shell variable if you want your +# users to run a different shell or a setup container when joining a +# container. Shell commands must be a list of commands/options separated by +# comma and delimited by square brackets. Defaults to: /bin/sh -l. +# Modify and uncomment the following to modify the login shell. +# shell = [ "/bin/sh", "-l" ] + +# allowed_users specifies the user names of all users that are allowed to +# execute virt-login-shell. You can specify the users as a comma +# separated list of usernames or user groups. +# The list of names support glob syntax. +# To disallow all users (default) +# allowed_users = [] +# If you do not specify any names (default) then no one is allowed +# to use this executable. +# To allow fred and joe only +# allowed_users = ["fred", "joe"] +# To allow all users within a specific group prefix the group name with %. +# allowed_users = ["%engineers"] +# To allow all users specify the following +# allowed_users = [ "*" ] diff --git a/libvirt/virtlogd.conf b/libvirt/virtlogd.conf new file mode 100644 index 0000000..abb3633 --- /dev/null +++ b/libvirt/virtlogd.conf @@ -0,0 +1,59 @@ +# Master virtlogd daemon configuration file +# + +################################################################# +# +# Logging controls +# + +# Logging level: 4 errors, 3 warnings, 2 information, 1 debug +# basically 1 will log everything possible +#log_level = 3 + +# Logging filters: +# A filter allows to select a different logging level for a given category +# of logs +# The format for a filter is one of: +# x:name +# x:+name +# where name is a string which is matched against source file name, +# e.g., "remote", "qemu", or "util/json", the optional "+" prefix +# tells libvirt to log stack trace for each message matching name, +# and x is the minimal level where matching messages should be logged: +# 1: DEBUG +# 2: INFO +# 3: WARNING +# 4: ERROR +# +# Multiple filter can be defined in a single @filters, they just need to be +# separated by spaces. +# +# e.g. to only get warning or errors from the remote layer and only errors +# from the event layer: +#log_filters="3:remote 4:event" + +# Logging outputs: +# An output is one of the places to save logging information +# The format for an output can be: +# x:stderr +# output goes to stderr +# x:syslog:name +# use syslog for the output and use the given name as the ident +# x:file:file_path +# output to a file, with the given filepath +# x:journald +# ouput to the systemd journal +# In all case the x prefix is the minimal level, acting as a filter +# 1: DEBUG +# 2: INFO +# 3: WARNING +# 4: ERROR +# +# Multiple output can be defined, they just need to be separated by spaces. +# e.g. to log all warnings and errors to syslog under the virtlogd ident: +#log_outputs="3:syslog:virtlogd" +# + +# The maximum number of concurrent client connections to allow +# over all sockets combined. +#max_clients = 1024