RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1369850 - RFE: retrieve OS uptime via qemu guest-agent
Summary: RFE: retrieve OS uptime via qemu guest-agent
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: qemu-kvm-rhev
Version: 7.2
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Marc-Andre Lureau
QA Contact: FuXiangChun
URL:
Whiteboard:
Depends On:
Blocks: 1369853
TreeView+ depends on / blocked
 
Reported: 2016-08-24 14:30 UTC by Ademar Reis
Modified: 2019-11-14 08:59 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1369853 (view as bug list)
Environment:
Last Closed: 2016-12-27 17:51:15 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Ademar Reis 2016-08-24 14:30:49 UTC 
The idea is simple: request the OS uptime via qemu-guest agent.

Some patches were submitted to upstream QEMU back in 2015, but never merged (nor reviewed, apparently):

https://lists.nongnu.org/archive/html/qemu-devel/2015-03/msg06125.html
Comment 1 Daniel Berrangé 2016-08-24 15:10:41 UTC 
IMHO this should really be out of scope for QEMU guest agent / libvirt. The guest agent scope is really aimed at providing functions necessary for managing the operation of virtual machine. This is things like CPU hotplug, disk quiesce for snapshotting, and similar things.   Reporting guest OS uptime is getting into the area of managing the guest operating system. That area is absolutely enormous in scope and there are countless existing tools that fill that can role. As such IMHO it doesn't make sense to add uptime reporting into QEMU guest agent, nor libvirt.
Comment 2 Marc-Andre Lureau 2016-08-24 15:17:29 UTC 
(In reply to Daniel Berrange from comment #1)
> IMHO this should really be out of scope for QEMU guest agent / libvirt. The
> guest agent scope is really aimed at providing functions necessary for
> managing the operation of virtual machine. This is things like CPU hotplug,
> disk quiesce for snapshotting, and similar things.   Reporting guest OS
> uptime is getting into the area of managing the guest operating system. That
> area is absolutely enormous in scope and there are countless existing tools
> that fill that can role. As such IMHO it doesn't make sense to add uptime
> reporting into QEMU guest agent, nor libvirt.

I agree with you, and I sometime wonder why the guest-agent already has support for guest-exec, or file read/write etc. At least, those fairly low-level commands can let people build others on top without the need to modify qga. I guess it's the case for uptime too.
Comment 3 Marc-Andre Lureau 2016-08-24 15:19:34 UTC 
nevertheless the line is sometime blurry, and qga also has get-time/set-time, so why not uptime (as a get-time flag?)...
Comment 4 Daniel Berrangé 2016-08-24 15:20:37 UTC 
(In reply to Marc-Andre Lureau from comment #2)
> (In reply to Daniel Berrange from comment #1)
> > IMHO this should really be out of scope for QEMU guest agent / libvirt. The
> > guest agent scope is really aimed at providing functions necessary for
> > managing the operation of virtual machine. This is things like CPU hotplug,
> > disk quiesce for snapshotting, and similar things.   Reporting guest OS
> > uptime is getting into the area of managing the guest operating system. That
> > area is absolutely enormous in scope and there are countless existing tools
> > that fill that can role. As such IMHO it doesn't make sense to add uptime
> > reporting into QEMU guest agent, nor libvirt.
> 
> I agree with you, and I sometime wonder why the guest-agent already has
> support for guest-exec, or file read/write etc. At least, those fairly
> low-level commands can let people build others on top without the need to
> modify qga. I guess it's the case for uptime too.

From a libvirt POV, we certainly don't intend to ever expose guest-exec, or the file read/write functions in the libvirt API as they are far too low level. These particular commands have the added major downside that they make it impossible to provide any meaningful SELinux security policy for the guest agent, because they essentially imply the guest agent can run any command or write any file. I'm not sure Fedora selinux policy even allows these commands to be used.
Comment 5 Daniel Berrangé 2016-08-24 15:21:20 UTC 
(In reply to Marc-Andre Lureau from comment #3)
> nevertheless the line is sometime blurry, and qga also has
> get-time/set-time, so why not uptime (as a get-time flag?)...

The ability to set time is needed as part of the virtual machine management, so that we can fix the guest time after restoring from a saved state image, hence is in scope.
Comment 6 Ademar Reis 2016-08-25 18:51:00 UTC 
I like the idea of restricting qemu-ga to virtualization-only features, but it might be too late:

# @guest-set-user-password
#
# @username: the user account whose password to change
# @password: the new password entry string, base64 encoded
# @crypted: true if password is already crypt()d, false if raw
Comment 7 Daniel Berrangé 2016-08-25 19:08:32 UTC 
(In reply to Ademar Reis from comment #6)
> I like the idea of restricting qemu-ga to virtualization-only features, but
> it might be too late:
> 
> # @guest-set-user-password
> #
> # @username: the user account whose password to change
> # @password: the new password entry string, base64 encoded
> # @crypted: true if password is already crypt()d, false if raw

That's providing a mechanism for host admin to get back into a running guest. There's not really any alternative mechanism for that that exists, unless you want a public network service with no auth that lets you reset the root password ;-) IOW, I think guest-set-user-password is in scope for virt, as there's no general alternative.
Comment 8 Ademar Reis 2016-08-25 20:39:14 UTC 
If there's consensus we don't want qemu-ga to enter the area of non-virt system info or features, then feel free to close this BZ.
Comment 9 Marc-Andre Lureau 2016-12-27 17:51:15 UTC 
closing, per comment #8
Note You need to log in before you can comment on or make changes to this bug.