From 190c7758c3465ccc4699c9eabba9b775e8713493 Mon Sep 17 00:00:00 2001
From: Daniel Clavijo Coca <dclavijo@opennebula.systems>
Date: Fri, 30 Nov 2018 11:59:58 -0600
Subject: [PATCH 1/5] F #1684: Added cat wrapper for fstab

---
 src/vmm_mad/remotes/lib/lxd/catfstab | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100755 src/vmm_mad/remotes/lib/lxd/catfstab

diff --git a/src/vmm_mad/remotes/lib/lxd/catfstab b/src/vmm_mad/remotes/lib/lxd/catfstab
new file mode 100755
index 00000000000..3ac3ebfd5c0
--- /dev/null
+++ b/src/vmm_mad/remotes/lib/lxd/catfstab
@@ -0,0 +1,7 @@
+#!/bin/bash
+
+# Sanitize cat arguments to run safely under sudo
+# Access container fstab for OpenNebula containers. Example:
+# /var/lib/lxd/storage-pools/default/containers/one-34/rootfs/etc/fstab
+
+echo $1 | grep -q '/[^[:space:]]\+/one-[0-9]\+/rootfs/etc/fstab$' && [ -f $1 ] && cat $1
\ No newline at end of file

From 2aa8bae00ee58664dd83d02b438d6981a56f1d02 Mon Sep 17 00:00:00 2001
From: Daniel Clavijo Coca <dclavijo@opennebula.systems>
Date: Fri, 30 Nov 2018 19:53:19 -0600
Subject: [PATCH 2/5] F #1684: Fixed chmod requirement for NFS  datastore

---
 src/vmm_mad/remotes/lib/lxd/container.rb     | 2 --
 src/vmm_mad/remotes/lib/lxd/mapper/mapper.rb | 3 +--
 src/vmm_mad/remotes/lib/lxd/opennebula-lxd   | 2 +-
 3 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/src/vmm_mad/remotes/lib/lxd/container.rb b/src/vmm_mad/remotes/lib/lxd/container.rb
index 2f3f8d2b7f9..b38b7337695 100644
--- a/src/vmm_mad/remotes/lib/lxd/container.rb
+++ b/src/vmm_mad/remotes/lib/lxd/container.rb
@@ -392,8 +392,6 @@ def new_disk_mapper(disk)
 
             ds = "#{ds_path}/#{ds_id}/#{vm_id}/disk.#{disk_id}"
 
-            Command.execute("#{Mapper::COMMANDS[:chmod_nfs]} #{ds}", false)
-
             _rc, out, _err = Command.execute("#{Mapper::COMMANDS[:file]} #{ds}", false)
 
             case out
diff --git a/src/vmm_mad/remotes/lib/lxd/mapper/mapper.rb b/src/vmm_mad/remotes/lib/lxd/mapper/mapper.rb
index 0814e3c6c13..b2a6c0b8a56 100644
--- a/src/vmm_mad/remotes/lib/lxd/mapper/mapper.rb
+++ b/src/vmm_mad/remotes/lib/lxd/mapper/mapper.rb
@@ -57,7 +57,7 @@ class Mapper
         :mount      => 'sudo mount',
         :umount     => 'sudo umount',
         :kpartx     => 'sudo kpartx',
-        :nbd        => 'sudo qemu-nbd',
+        :nbd        => 'sudo -u root -g oneadmin qemu-nbd',
         :su_mkdir   => 'sudo mkdir -p',
         :mkdir      => 'mkdir -p',
         :cat        => 'sudo cat',
@@ -66,7 +66,6 @@ class Mapper
         :e2fsck     => 'sudo e2fsck',
         :resize2fs  => 'sudo resize2fs',
         :xfs_growfs => 'sudo xfs_growfs',
-        :chmod_nfs  => 'chmod o+w',
         :rbd        => 'sudo rbd --id'
     }
 
diff --git a/src/vmm_mad/remotes/lib/lxd/opennebula-lxd b/src/vmm_mad/remotes/lib/lxd/opennebula-lxd
index b79a9cee333..6a0d281a052 100644
--- a/src/vmm_mad/remotes/lib/lxd/opennebula-lxd
+++ b/src/vmm_mad/remotes/lib/lxd/opennebula-lxd
@@ -19,4 +19,4 @@
 #
 
 Cmnd_Alias ONE_MAPPER = /bin/lsblk, /sbin/losetup, /bin/mount, /bin/umount, /sbin/kpartx, /usr/bin/qemu-nbd, /bin/mkdir, /usr/bin/catfstab, /sbin/e2fsck, /sbin/resize2fs, /usr/sbin/xfs_growfs, /usr/bin/rbd
-oneadmin ALL=(ALL) NOPASSWD: ONE_MAPPER
\ No newline at end of file
+oneadmin ALL=(ALL:ALL) NOPASSWD: ONE_MAPPER
\ No newline at end of file

From 1df6d714eb3726c94c8c09e3b8a433099fe3c7bf Mon Sep 17 00:00:00 2001
From: Daniel Clavijo Coca <dclavijo@opennebula.systems>
Date: Tue, 4 Dec 2018 18:46:48 -0600
Subject: [PATCH 3/5] F #1684: Updated svncterm as optional build argument

---
 SConstruct | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/SConstruct b/SConstruct
index 4e4b34e2528..f868cec5142 100755
--- a/SConstruct
+++ b/SConstruct
@@ -221,6 +221,7 @@ else:
 # libxml2
 main_env.ParseConfig('xml2-config --libs --cflags')
 
+svncterm_path = 'src/vmm_mad/remotes/lib/lxd/svncterm_server/SConstruct'
 
 # SCONS scripts to build
 build_scripts=[
@@ -269,9 +270,16 @@ build_scripts=[
     'src/im_mad/collectd/SConstruct',
     'src/client/SConstruct',
     'src/docker_machine/SConstruct',
-    'src/vmm_mad/remotes/lib/lxd/svncterm_server/SConstruct'
+    svncterm_path
 ]
 
+# disable svncterm
+svncterm = ARGUMENTS.get('svncterm', 'yes')
+if svncterm == 'no':
+    build_scripts.remove(svncterm_path)
+else:
+    pass
+
 for script in build_scripts:
     env = main_env.Clone()
     SConscript(script, exports='env')

From 291493b891b924322107a3b0de2e092824da19a8 Mon Sep 17 00:00:00 2001
From: Daniel Clavijo Coca <dclavijo@opennebula.systems>
Date: Wed, 5 Dec 2018 00:05:59 -0600
Subject: [PATCH 4/5] F #1684: Fixed poweroff issue with non simlink
 mountpoints

---
 src/vmm_mad/remotes/lib/lxd/mapper/mapper.rb | 27 +++++++++++---------
 1 file changed, 15 insertions(+), 12 deletions(-)

diff --git a/src/vmm_mad/remotes/lib/lxd/mapper/mapper.rb b/src/vmm_mad/remotes/lib/lxd/mapper/mapper.rb
index b2a6c0b8a56..2d972ad08c9 100644
--- a/src/vmm_mad/remotes/lib/lxd/mapper/mapper.rb
+++ b/src/vmm_mad/remotes/lib/lxd/mapper/mapper.rb
@@ -181,18 +181,19 @@ def map(one_vm, disk, directory)
     def unmap(one_vm, disk, directory)
         OpenNebula.log_info "Unmapping disk at #{directory}"
 
-        sys_parts  = lsblk('')
-
-        return false if !sys_parts
+        sys_parts = lsblk('')
 
+        return false unless sys_parts
+ 
         partitions = []
         device = ''
+        real_path = directory
 
         ds = one_vm.lxdrc[:datastore_location] + "/#{one_vm.sysds_id}"
-        real_ds = File.readlink(ds) if File.symlink?(ds)
-
-        real_path = directory
-        real_path = real_ds + directory.split(ds)[-1] if directory.include?(ds)
+        if File.symlink?(ds)
+            real_ds = File.readlink(ds)
+            real_path = real_ds + directory.split(ds)[-1] if directory.include?(ds)
+        end
 
         sys_parts.each { |d|
             if d['mountpoint'] == real_path
@@ -212,13 +213,15 @@ def unmap(one_vm, disk, directory)
                 break if !partitions.empty?
             }
 
-        partitions.delete_if { |p| !p['mountpoint'] }
+            partitions.delete_if { |p| !p['mountpoint'] }
+            
+            partitions.sort! { |a,b|  
+                b['mountpoint'].length <=> a['mountpoint'].length 
+            }
+            
+        umount(partitions)
 
-        partitions.sort! { |a,b|  
-            b['mountpoint'].length <=> a['mountpoint'].length 
-        }
 
-        umount(partitions)
 
         do_unmap(device, one_vm, disk, real_path)
 

From 053a4ec5f18e10fb58860972f3ddd5a04794172a Mon Sep 17 00:00:00 2001
From: Daniel Clavijo Coca <dclavijo@opennebula.systems>
Date: Wed, 5 Dec 2018 01:11:15 -0600
Subject: [PATCH 5/5] F #1684: Added chmod rquirement for qcow2 on shared
 datastore

---
 src/vmm_mad/remotes/lib/lxd/mapper/qcow2.rb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/vmm_mad/remotes/lib/lxd/mapper/qcow2.rb b/src/vmm_mad/remotes/lib/lxd/mapper/qcow2.rb
index 985d265ad7b..064f8d5116c 100644
--- a/src/vmm_mad/remotes/lib/lxd/mapper/qcow2.rb
+++ b/src/vmm_mad/remotes/lib/lxd/mapper/qcow2.rb
@@ -33,6 +33,9 @@ def do_map(one_vm, disk, directory)
         dsrc = disk_source(one_vm, disk)
         cmd  = "#{COMMANDS[:nbd]} -c #{device} #{dsrc}"
 
+        ds = one_vm.lxdrc[:datastore_location] + "/#{one_vm.sysds_id}"
+        File.chmod(0664, dsrc) if File.symlink?(ds)
+        
         rc, _out, err = Command.execute(cmd, true)
         
         if rc != 0