From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Thu, 29 Aug 2019 12:04:43 +0100
Subject: [PATCH] remote: forbid the --listen arg when systemd socket
 activation
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

When using systemd socket activation the --listen arg has no
effect. This is confusing to users upgrading from previous versions of
libvirt as their config is silently ignored. Turn use of --listen into a
fatal error when sockets are passed from systemd.

This helps the admin discover the change in behaviour and thus decide
whether to stick with socket activation or revert to previous behaviour.

Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit 3a6a725b8f575890ee6c151ad1f46ea0ceea1f3b)

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1741403
Message-Id: <20190829110444.12163-4-berrange@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Cole Robinson <crobinso@redhat.com>
---
 src/remote/libvirtd.pod    | 33 ++++++++++++++++++++++++++++++++-
 src/remote/remote_daemon.c |  8 ++++++++
 2 files changed, 40 insertions(+), 1 deletion(-)

diff --git a/src/remote/libvirtd.pod b/src/remote/libvirtd.pod
index 4721e0f4ec..fa30d6a37a 100644
--- a/src/remote/libvirtd.pod
+++ b/src/remote/libvirtd.pod
@@ -30,6 +30,35 @@ and will be picked up automatically if their XML configuration has been
 defined.  Any guests whose XML configuration has not been defined will be lost
 from the configuration.
 
+=head1 SYSTEM SOCKET ACTIVATION
+
+The B<libvirtd> daemon is capable of starting in two modes.
+
+In the traditional mode, it will create and listen on UNIX sockets itself.
+If the B<--listen> parameter is given, it will also listen on TCP/IP socket(s),
+according to the B<listen_tcp> and B<listen_tls> options in
+B</etc/libvirt/libvirtd.conf>
+
+In socket activation mode, it will rely on systemd to create and listen
+on the UNIX, and optionally TCP/IP, sockets and pass them as pre-opened
+file descriptors. In this mode, it is not permitted to pass the B<--listen>
+parameter, and most of the socket related config options in
+B</etc/libvirt/libvirtd.conf> will no longer have any effect. To enable
+TCP or TLS sockets use either
+
+B<$ systemctl start libvirtd-tls.socket>
+
+Or
+
+B<$ systemctl start libvirtd-tcp.socket>
+
+Socket activation mode is generally the default when running on a host
+OS that uses systemd. To revert to the traditional mode, all the socket
+unit files must be masked:
+
+B<$ systemctl mask libvirtd.socket libvirtd-ro.socket \
+      libvirtd-admin.socket libvirtd-tls.socket libvirtd-tcp.socket>
+
 =head1 OPTIONS
 
 =over
@@ -48,7 +77,9 @@ Use this configuration file, overriding the default value.
 
 =item B<-l, --listen>
 
-Listen for TCP/IP connections.
+Listen for TCP/IP connections. This should not be set if using systemd
+socket activation. Instead activate the libvirtd-tls.socket or
+libvirtd-tcp.socket unit files.
 
 =item B<-p, --pid-file> I<FILE>
 
diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c
index d887b7abfb..b7ee1cf49b 100644
--- a/src/remote/remote_daemon.c
+++ b/src/remote/remote_daemon.c
@@ -391,6 +391,14 @@ daemonSetupNetworking(virNetServerPtr srv,
     if (virSystemdGetActivation(actmap, ARRAY_CARDINALITY(actmap), &act) < 0)
         return -1;
 
+#ifdef WITH_IP
+    if (act && ipsock) {
+        VIR_ERROR(_("--listen parameter not permitted with systemd activation "
+                    "sockets, see 'man libvirtd' for further guidance"));
+        return -1;
+    }
+#endif /* ! WITH_IP */
+
     if (config->unix_sock_group) {
         if (virGetGroupID(config->unix_sock_group, &unix_sock_gid) < 0)
             return ret;