use waitpid with WNO_HANG to check if the ssh tunnel child process
is still running and collect at the same time if it exited.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
With systemd-run qemu's --daemonize forks often happen
before systemd finishes setting up the scopes, which means
the limits we apply often don't work.
We now use enter_systemd_scope() to create the scope before
running qemu directly without systemd-run.
Note that vm_start() runs in a forked-worker or qm cli
command, so entering the scope in such a process should not
affect the rest of the pve daemon.
moved numa\d+ persmission to VM.Config.CPU
and serial/parallel to root since it accesses the host hardware
also renamed remainingoptions to generaloptions to
reduce confusion, since the real remaining options
(those that we do not specify) require root
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
instead of defaulting to VM.Config.Options for
all options not checked seperately, we
now have lists for the different config permissions
and check them accordingly.
for everything not given, we require root access
this is important especially for usbN and hostpciN
since they can change the host configuration
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
if we got an option which was not valid, we still
wrote it to the config, and subsequently returned
it on every api call
instead, now we die instead of warn and do not accept
invalid options
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
otherwise, long kvm commands lead to systemd unit files with
very long lines, with confuses the systemd unit file parser.
apparently systemd has a length limit for unit file lines and
(line-)breaks the description string at that point. since
the rest of the description is probably not a valid key/value
pair, this leads to warnings. the default semantics of systemd-run
is to use the executed command as description unless a description
is specified explicitly.
note that this behaviour of systemd could allow an attacker
with access to the VM configuration to craft a kvm commandline
that starts or stops arbitrary systemd units.
instead, just print a warning if the connection check fails.
as long as the storage is online on the target node, the VM
will start fine after migration.
previously, we did not check the file parameter of a disk,
allowing passthrough of a block device (by design)
with the change to the json parser for the disks, the format
became 'pve-volume-id' which is only valid for our volume ids
(and later we also allowed the value 'none')
this patch alternatively checks if the parameter is a path
or 'cdrom'
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
The volume_size_info() call was what actually failed, but
the error reported to the gui came from afterwards trying to
resize the disk to a garabge size.
Otherwise some move operations will fail to delete the old
disk (eg. when moving from ceph to local storage).
Note that in order for the deactivation to succeed we need
to make sure qemu has closed its file descriptors, so we
need to wait for the job to disappear the same way we do in
$cancel_job().
Factored the waiting out into $finish_job().
previously, when shutting down a suspended vm,
we successfully send the shutdown command to it,
but it will not shutdown (because it is suspended)
there we will run into the timeout and either
bail out with an error, or kill the process
when we not kill the process and resume the vm,
it will instantly shutdown, because of the previous
command
this patch checks the status of the vm beforehand,
and either bails out with an error that you cannot
shutdown a suspended vm, or stops the vm with the
correct qmp command (depending of forceStop)
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
