struct daemonConfig*
daemonConfigNew(bool privileged ATTRIBUTE_UNUSED)
{
struct daemonConfig *data;
char *localhost;
int ret;
if (VIR_ALLOC(data) < 0)
return NULL;
data->listen_tls = 1;
data->listen_tcp = 0;
if (VIR_STRDUP(data->tls_port, LIBVIRTD_TLS_PORT) < 0 ||
VIR_STRDUP(data->tcp_port, LIBVIRTD_TCP_PORT) < 0)
goto error;
/* Only default to PolicyKit if running as root */
#if WITH_POLKIT
if (privileged) {
data->auth_unix_rw = REMOTE_AUTH_POLKIT;
data->auth_unix_ro = REMOTE_AUTH_POLKIT;
} else {
#endif
data->auth_unix_rw = REMOTE_AUTH_NONE;
data->auth_unix_ro = REMOTE_AUTH_NONE;
#if WITH_POLKIT
}
#endif
if (VIR_STRDUP(data->unix_sock_rw_perms,
data->auth_unix_rw == REMOTE_AUTH_POLKIT ? "0777" : "0700") < 0 ||
VIR_STRDUP(data->unix_sock_ro_perms, "0777") < 0 ||
VIR_STRDUP(data->unix_sock_admin_perms, "0700") < 0)
goto error;
#if WITH_SASL
data->auth_tcp = REMOTE_AUTH_SASL;
#else
data->auth_tcp = REMOTE_AUTH_NONE;
#endif
data->auth_tls = REMOTE_AUTH_NONE;
data->mdns_adv = 0;
data->min_workers = 5;
data->max_workers = 20;
data->max_clients = 5000;
data->max_queued_clients = 1000;
data->max_anonymous_clients = 20;
data->prio_workers = 5;
data->max_requests = 20;
data->max_client_requests = 5;
data->audit_level = 1;
data->audit_logging = 0;
data->keepalive_interval = 5;
data->keepalive_count = 5;
data->admin_min_workers = 5;
data->admin_max_workers = 20;
data->admin_max_clients = 5000;
data->admin_max_queued_clients = 20;
data->admin_max_client_requests = 5;
data->admin_keepalive_interval = 5;
data->admin_keepalive_count = 5;
localhost = virGetHostname();
if (localhost == NULL) {
/* we couldn't resolve the hostname; assume that we are
* running in disconnected operation, and report a less
* useful Avahi string
*/
ret = VIR_STRDUP(data->mdns_name, "Virtualization Host");
} else {
char *tmp;
/* Extract the host part of the potentially FQDN */
if ((tmp = strchr(localhost, '.')))
*tmp = '\0';
ret = virAsprintf(&data->mdns_name, "Virtualization Host %s",
localhost);
}
VIR_FREE(localhost);
if (ret < 0)
goto error;
return data;
error:
daemonConfigFree(data);
return NULL;
}
struct daemonConfig*
daemonConfigNew(bool privileged ATTRIBUTE_UNUSED)
{
struct daemonConfig *data;
char *localhost;
int ret;
if (VIR_ALLOC(data) < 0) {
virReportOOMError();
return NULL;
}
data->listen_tls = 1;
data->listen_tcp = 0;
if (!(data->tls_port = strdup(LIBVIRTD_TLS_PORT)))
goto no_memory;
if (!(data->tcp_port = strdup(LIBVIRTD_TCP_PORT)))
goto no_memory;
/* Only default to PolicyKit if running as root */
#if HAVE_POLKIT
if (privileged) {
data->auth_unix_rw = REMOTE_AUTH_POLKIT;
data->auth_unix_ro = REMOTE_AUTH_POLKIT;
} else {
#endif
data->auth_unix_rw = REMOTE_AUTH_NONE;
data->auth_unix_ro = REMOTE_AUTH_NONE;
#if HAVE_POLKIT
}
#endif
if (data->auth_unix_rw == REMOTE_AUTH_POLKIT)
data->unix_sock_rw_perms = strdup("0777"); /* Allow world */
else
data->unix_sock_rw_perms = strdup("0700"); /* Allow user only */
data->unix_sock_ro_perms = strdup("0777"); /* Always allow world */
if (!data->unix_sock_ro_perms ||
!data->unix_sock_rw_perms)
goto no_memory;
#if HAVE_SASL
data->auth_tcp = REMOTE_AUTH_SASL;
#else
data->auth_tcp = REMOTE_AUTH_NONE;
#endif
data->auth_tls = REMOTE_AUTH_NONE;
data->mdns_adv = 0;
data->min_workers = 5;
data->max_workers = 20;
data->max_clients = 20;
data->prio_workers = 5;
data->max_requests = 20;
data->max_client_requests = 5;
data->log_buffer_size = 64;
data->audit_level = 1;
data->audit_logging = 0;
data->keepalive_interval = 5;
data->keepalive_count = 5;
data->keepalive_required = 0;
localhost = virGetHostname(NULL);
if (localhost == NULL) {
/* we couldn't resolve the hostname; assume that we are
* running in disconnected operation, and report a less
* useful Avahi string
*/
ret = virAsprintf(&data->mdns_name, "Virtualization Host");
} else {
char *tmp;
/* Extract the host part of the potentially FQDN */
if ((tmp = strchr(localhost, '.')))
*tmp = '\0';
ret = virAsprintf(&data->mdns_name, "Virtualization Host %s",
localhost);
}
VIR_FREE(localhost);
if (ret < 0)
goto no_memory;
return data;
no_memory:
virReportOOMError();
daemonConfigFree(data);
return NULL;
}
static int
testCorrupt(const void *opaque)
{
const struct testCorruptData *data = opaque;
struct daemonConfig *conf = daemonConfigNew(false);
int ret = 0;
int type = VIR_CONF_NONE;
char *newdata = munge_param(data->filedata,
data->params,
data->paramnum,
&type);
virErrorPtr err = NULL;
if (!newdata)
return -1;
//VIR_DEBUG("New config [%s]", newdata);
if (daemonConfigLoadData(conf, data->filename, newdata) != -1) {
VIR_DEBUG("Did not see a failure");
ret = -1;
goto cleanup;
}
err = virGetLastError();
if (!err || !err->message) {
VIR_DEBUG("No error or message %p", err);
ret = -1;
goto cleanup;
}
#if !HAVE_SASL
if (strstr(err->message, "unsupported auth sasl")) {
VIR_DEBUG("sasl unsupported, skipping this config");
goto cleanup;
}
#endif
switch (type) {
case VIR_CONF_LONG:
if (!strstr(err->message, "invalid type: got string; expected long")) {
VIR_DEBUG("Wrong error for long: '%s'",
err->message);
ret = -1;
}
break;
case VIR_CONF_STRING:
if (!strstr(err->message, "invalid type: got long; expected string")) {
VIR_DEBUG("Wrong error for string: '%s'",
err->message);
ret = -1;
}
break;
case VIR_CONF_LIST:
if (!strstr(err->message, "must be a string or list of strings")) {
VIR_DEBUG("Wrong error for list: '%s'",
err->message);
ret = -1;
}
break;
}
cleanup:
VIR_FREE(newdata);
daemonConfigFree(conf);
return ret;
}
