Bug 1524399
| Summary: | client-info return incorrect readonly info when connected by tcp/tls in readonly mode | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | yalzhang <yalzhang> |
| Component: | libvirt | Assignee: | Erik Skultety <eskultet> |
| Status: | CLOSED ERRATA | QA Contact: | Lili Zhu <lizhu> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 7.5 | CC: | jdenemar, xuzhang, zpeng |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | libvirt-4.3.0-1.el7 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2018-10-30 09:52:20 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Comment 2
Erik Skultety
2017-12-13 15:49:13 UTC
Fixed upstream by:
commit a8582e3656d626a0728bbbfb4fd715aa51676522
Refs: v3.10.0-76-ga8582e365
Author: Erik Skultety <eskultet>
AuthorDate: Wed Dec 13 14:39:40 2017 +0100
Commit: Erik Skultety <eskultet>
CommitDate: Mon Dec 18 08:42:29 2017 +0100
admin: Use the connection to determine a client is connected readonly
Prior to this change, we relied solely on the inherited readonly
attribute of a service's socket. This only worked for our UNIX sockets
(and only to some degree), but doesn't work for TCP sockets which are RW
by default, but such connections support RO as well. This patch forces
an update on the client object once we have established a connection to
reflect the nature of the connection itself rather than relying on the
underlying socket's attributes.
Clients connected to the admin server have always been connected as RW
only.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1524399
Signed-off-by: Erik Skultety <eskultet>
Verify this bug with
libvirt-4.4.0-2.el7.x86_64
tcp connection:
1. configure in server host in /etc/libvirt/libvirtd.conf
listen_tls = 0
listen_tcp = 1
auth_tcp = "none"
and in /etc/sysconfig/libvirtd uncomment the
LIBVIRTD_ARGS="--listen"
2. on client host, connect to the server by tcp in readonly mode
# virsh -c qemu+tcp://server-hostname/system -r
Welcome to virsh, the virtualization interactive terminal.
Type: 'help' for help with commands
'quit' to quit
virsh >
3. on server host, check the connection info
# virt-admin client-list libvirtd
Id Transport Connected since
--------------------------------------------------
1 tcp 2018-06-21 23:31:42-0400
# virt-admin client-info libvirtd 1
id : 1
connection_time: 2018-06-21 23:31:42-0400
transport : tcp
readonly : **yes**
sock_addr : *client-ip*:33200
tls connection:
1. on client host, connect to the server by tls in readonly mode
# virsh -c qemu+tls://server-hostname/system -r
Welcome to virsh, the virtualization interactive terminal.
Type: 'help' for help with commands
'quit' to quit
virsh >
2. check the connection using virt-admin cmd
# virt-admin client-info libvirtd 2
id : 2
connection_time: 2018-06-22 01:42:02-0400
transport : tls
readonly : **yes**
sock_addr : *client-ip*:38098
tls_x509_dname : CN=10.66.5.24,O=Red Hat,L=London,ST=London,C=GB
As the now the readonly attribute of both tls and tcp connection are correct,
mark this bug as verified.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2018:3113 |