Accepting request 351143 from Virtualization

Automatic submission by obs-autosubmit OBS-URL: https://build.opensuse.org/request/show/351143 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvirt?expand=0&rev=196
2016-01-01 18:48:12 +00:00 · 2016-01-01 18:48:12 +00:00 · 1a9e29cc70
commit 1a9e29cc70
parent 24299e9466 7d7161c99c
30 changed files with 458 additions and 178 deletions
--- a/034e47c3-CVE-2015-5313.patch
+++ b/034e47c3-CVE-2015-5313.patch
@ -0,0 +1,68 @@
+commit 034e47c338b13a95cf02106a3af912c1c5f818d7
+Author: Eric Blake <eblake@redhat.com>
+Date:   Tue Dec 8 17:46:31 2015 -0700
+
+    CVE-2015-5313: storage: don't allow '/' in filesystem volume names
+    
+    The libvirt file system storage driver determines what file to
+    act on by concatenating the pool location with the volume name.
+    If a user is able to pick names like "../../../etc/passwd", then
+    they can escape the bounds of the pool.  For that matter,
+    virStoragePoolListVolumes() doesn't descend into subdirectories,
+    so a user really shouldn't use a name with a slash.
+    
+    Normally, only privileged users can coerce libvirt into creating
+    or opening existing files using the virStorageVol APIs; and such
+    users already have full privilege to create any domain XML (so it
+    is not an escalation of privilege).  But in the case of
+    fine-grained ACLs, it is feasible that a user can be granted
+    storage_vol:create but not domain:write, and it violates
+    assumptions if such a user can abuse libvirt to access files
+    outside of the storage pool.
+    
+    Therefore, prevent all use of volume names that contain "/",
+    whether or not such a name is actually attempting to escape the
+    pool.
+    
+    This changes things from:
+    
+    $ virsh vol-create-as default ../../../../../../etc/haha --capacity 128
+    Vol ../../../../../../etc/haha created
+    $ rm /etc/haha
+    
+    to:
+    
+    $ virsh vol-create-as default ../../../../../../etc/haha --capacity 128
+    error: Failed to create vol ../../../../../../etc/haha
+    error: Requested operation is not valid: volume name '../../../../../../etc/haha' cannot contain '/'
+    
+    Signed-off-by: Eric Blake <eblake@redhat.com>
+
+Index: libvirt-1.3.0/src/storage/storage_backend_fs.c
+===================================================================
+--- libvirt-1.3.0.orig/src/storage/storage_backend_fs.c
+++ libvirt-1.3.0/src/storage/storage_backend_fs.c
+@@ -1,7 +1,7 @@
+ /*
+  * storage_backend_fs.c: storage backend for FS and directory handling
+  *
+- * Copyright (C) 2007-2014 Red Hat, Inc.
+ * Copyright (C) 2007-2015 Red Hat, Inc.
+  * Copyright (C) 2007-2008 Daniel P. Berrange
+  *
+  * This library is free software; you can redistribute it and/or
+@@ -1057,6 +1057,14 @@ virStorageBackendFileSystemVolCreate(vir
+     else
+         vol->type = VIR_STORAGE_VOL_FILE;
+ 
+    /* Volumes within a directory pools are not recursive; do not
+     * allow escape to ../ or a subdir */
+    if (strchr(vol->name, '/')) {
+        virReportError(VIR_ERR_OPERATION_INVALID,
+                       _("volume name '%s' cannot contain '/'"), vol->name);
+        return -1;
+    }
+
+     VIR_FREE(vol->target.path);
+     if (virAsprintf(&vol->target.path, "%s/%s",
+                     pool->def->target.path,
--- a/703ec1b7-qemu-bridge-helper-fix.patch
+++ b/703ec1b7-qemu-bridge-helper-fix.patch
@ -1,24 +0,0 @@
-commit 703ec1b73da3560374cba65017d9eaf58f92c695
-Author: Michel Normand <normand@linux.vnet.ibm.com>
-Date:   Wed Nov 4 10:01:24 2015 +0100
-
-    qemu: add /usr/lib to AC_PATH_PROG for qemu-bridge-helper
-    
-    For openSUSE the qemu-bridge-helper is installed in /usr/lib
-    So libvirt has to search it in this directory.
-    
-    Signed-off-by: Michel Normand <normand@linux.vnet.ibm.com>
-
-diff --git a/configure.ac b/configure.ac
-index f01bb40..f481c50 100644
--- a/configure.ac
-+++ b/configure.ac
-@@ -2520,7 +2520,7 @@ AC_DEFINE_UNQUOTED([QEMU_USER], ["$QEMU_USER"], [QEMU user account])
- AC_DEFINE_UNQUOTED([QEMU_GROUP], ["$QEMU_GROUP"], [QEMU group account])
- 
- AC_PATH_PROG([QEMU_BRIDGE_HELPER], [qemu-bridge-helper], [/usr/libexec/qemu-bridge-helper],
-                  [/usr/libexec:/usr/lib/qemu])
-+                  [/usr/libexec:/usr/lib/qemu:/usr/lib])
- AC_DEFINE_UNQUOTED([QEMU_BRIDGE_HELPER], ["$QEMU_BRIDGE_HELPER"], [QEMU bridge helper])
- 
- AC_ARG_WITH([macvtap],
--- a/ace1ee22-qemuxml2argv-test.patch
+++ b/ace1ee22-qemuxml2argv-test.patch
@ -0,0 +1,45 @@
+commit ace1ee225f5cd87fb095054a6a19bdcd0fa57518
+Author: Peter Krempa <pkrempa@redhat.com>
+Date:   Thu Dec 10 14:36:51 2015 +0100
+
+    test: qemuxml2argv: Mock virMemoryMaxValue to remove 32/64 bit difference
+    
+    Always return LLONG_MAX even on 32 bit systems. The limitation
+    originates from our use of "unsigned long" in several APIs. The internal
+    data type is unsigned long long. Make the test suite deterministic by
+    removing the architecture difference.
+    
+    Flaw was introduced in 645881139b3d2c86acf9d644c3a1471520bc9e57 where
+    I've added a test that uses too large numbers.
+
+Index: libvirt-1.3.0/src/util/virutil.c
+===================================================================
+--- libvirt-1.3.0.orig/src/util/virutil.c
+++ libvirt-1.3.0/src/util/virutil.c
+@@ -2639,6 +2639,8 @@ virMemoryLimitIsSet(unsigned long long v
+  * @capped: whether the value must fit into unsigned long
+  *   (long long is assumed otherwise)
+  *
+ * Note: This function is mocked in tests/qemuxml2argvmock.c for test stability
+ *
+  * Returns the maximum possible memory value in bytes.
+  */
+ unsigned long long
+Index: libvirt-1.3.0/tests/qemuxml2argvmock.c
+===================================================================
+--- libvirt-1.3.0.orig/tests/qemuxml2argvmock.c
+++ libvirt-1.3.0/tests/qemuxml2argvmock.c
+@@ -74,3 +74,13 @@ virTPMCreateCancelPath(const char *devpa
+ 
+     return path;
+ }
+
+/**
+ * Large values for memory would fail on 32 bit systems, despite having
+ * variables that support it.
+ */
+unsigned long long
+virMemoryMaxValue(bool capped ATTRIBUTE_UNUSED)
+{
+    return LLONG_MAX;
+}
--- a/add-with-login-shell.patch
+++ b/add-with-login-shell.patch
@ -10,10 +10,10 @@ enabled.
 tools/Makefile.am | 12 ++++++------
 2 files changed, 20 insertions(+), 6 deletions(-)

-diff --git a/configure.ac b/configure.ac
-index 75e95b7..d054ba6 100644
--- a/configure.ac
-+++ b/configure.ac
+Index: libvirt-1.3.0/configure.ac
+===================================================================
+--- libvirt-1.3.0.orig/configure.ac
+++ libvirt-1.3.0/configure.ac
@@ -1074,6 +1074,19 @@ if test "$with_lxc" = "yes" ; then
 fi
 AM_CONDITIONAL([WITH_LXC], [test "$with_lxc" = "yes"])
@ -34,7 +34,7 @@ index 75e95b7..d054ba6 100644
 dnl
 dnl Checks for the Parallels driver
 dnl
-@@ -2974,6 +2987,7 @@ AC_MSG_NOTICE([      Init script: $with_init_script])
+@@ -2974,6 +2987,7 @@ AC_MSG_NOTICE([      Init script: $with_
 AC_MSG_NOTICE([Char device locks: $with_chrdev_lock_files])
 AC_MSG_NOTICE([   Default Editor: $DEFAULT_EDITOR])
 AC_MSG_NOTICE([     Loader/NVRAM: $with_loader_nvram])
@ -42,10 +42,10 @@ index 75e95b7..d054ba6 100644
 AC_MSG_NOTICE([])
 AC_MSG_NOTICE([Developer Tools])
 AC_MSG_NOTICE([])
-diff --git a/tools/Makefile.am b/tools/Makefile.am
-index d5638d9..d005035 100644
--- a/tools/Makefile.am
-+++ b/tools/Makefile.am
+Index: libvirt-1.3.0/tools/Makefile.am
+===================================================================
+--- libvirt-1.3.0.orig/tools/Makefile.am
+++ libvirt-1.3.0/tools/Makefile.am
@@ -71,12 +71,12 @@ sbin_SCRIPTS = virt-sanlock-cleanup
 DISTCLEANFILES += virt-sanlock-cleanup
 endif WITH_SANLOCK
@ -62,10 +62,10 @@ index d5638d9..d005035 100644
 
 
 dist_man1_MANS = \
-@@ -84,11 +84,11 @@ dist_man1_MANS = \
- 		virt-pki-validate.1 \
+@@ -85,11 +85,11 @@ dist_man1_MANS = \
 		virt-xml-validate.1 \
- 		virsh.1
+ 		virsh.1 \
+ 		virt-admin.1
 -if WITH_LXC
 +if WITH_LOGIN_SHELL
 dist_man1_MANS += virt-login-shell.1
@ -77,6 +77,3 @@ index d5638d9..d005035 100644
 if WITH_SANLOCK
 dist_man8_MANS = virt-sanlock-cleanup.8
 endif WITH_SANLOCK
-- 
-2.1.4
-
--- a/apparmor-fixes.patch
+++ b/apparmor-fixes.patch
@ -1,8 +1,8 @@
-Index: libvirt-1.2.21/examples/apparmor/libvirt-qemu
+Index: libvirt-1.3.0/examples/apparmor/libvirt-qemu
 ===================================================================
--- libvirt-1.2.21.orig/examples/apparmor/libvirt-qemu
-+++ libvirt-1.2.21/examples/apparmor/libvirt-qemu
-@@ -124,6 +124,9 @@
+--- libvirt-1.3.0.orig/examples/apparmor/libvirt-qemu
+++ libvirt-1.3.0/examples/apparmor/libvirt-qemu
+@@ -143,6 +143,9 @@
   # for restore
   /bin/bash rmix,
 
--- a/apparmor-no-mount.patch
+++ b/apparmor-no-mount.patch
@ -1,7 +1,7 @@
-Index: libvirt-1.2.21/examples/apparmor/libvirt-lxc
+Index: libvirt-1.3.0/examples/apparmor/libvirt-lxc
 ===================================================================
--- libvirt-1.2.21.orig/examples/apparmor/libvirt-lxc
-+++ libvirt-1.2.21/examples/apparmor/libvirt-lxc
+--- libvirt-1.3.0.orig/examples/apparmor/libvirt-lxc
+++ libvirt-1.3.0/examples/apparmor/libvirt-lxc
@@ -2,39 +2,15 @@
 
   #include <abstractions/base>
--- a/blockcopy-check-dst-identical-device.patch
+++ b/blockcopy-check-dst-identical-device.patch
@ -11,11 +11,11 @@ Signed-off-by: Chunyan Liu <cyliu@suse.com>
 src/qemu/qemu_driver.c | 7 +++++++
 1 file changed, 7 insertions(+)

-Index: libvirt-1.2.21/src/qemu/qemu_driver.c
+Index: libvirt-1.3.0/src/qemu/qemu_driver.c
 ===================================================================
--- libvirt-1.2.21.orig/src/qemu/qemu_driver.c
-+++ libvirt-1.2.21/src/qemu/qemu_driver.c
-@@ -16720,6 +16720,15 @@ qemuDomainBlockCopyCommon(virDomainObjPt
+--- libvirt-1.3.0.orig/src/qemu/qemu_driver.c
+++ libvirt-1.3.0/src/qemu/qemu_driver.c
+@@ -16728,6 +16728,15 @@ qemuDomainBlockCopyCommon(virDomainObjPt
                        _("non-file destination not supported yet"));
         goto endjob;
     }
--- a/libvirt-1.2.21.tar.gz
+++ b/libvirt-1.2.21.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:8d406582f5fe88d739d1d83e0ba7ac7f91f5a8da4be82162ab85631744d8925b
-size 29848954
--- a/libvirt-1.2.21.tar.gz.asc
+++ b/libvirt-1.2.21.tar.gz.asc
@ -1,7 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-Version: GnuPG v1
-
-iEYEABECAAYFAlY5cxIACgkQRga4pd6VvB+57ACggaUKRQGC2f4SjR7yjRHl0xwF
-QooAnjkqwZET0DNHixm+FA71UQ+mCn+1
-=sIXv
-----END PGP SIGNATURE-----
--- a/libvirt-1.3.0.tar.gz
+++ b/libvirt-1.3.0.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:ebcf5645fa565e3fe2fe94a86e841db9b768cf0e0a7e6cf395c6327f9a23bd64
+size 30114683
--- a/libvirt-1.3.0.tar.gz.asc
+++ b/libvirt-1.3.0.tar.gz.asc
@ -0,0 +1,7 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1
+
+iEYEABECAAYFAlZn8jcACgkQRga4pd6VvB/RIQCgkbUJElaR8UblnEcphnlFUaZt
+YooAn32VWCOwuu/LanKnpQU5Ud0Fckx8
+=+X0a
+-----END PGP SIGNATURE-----
--- a/libvirt-guests-init-script.patch
+++ b/libvirt-guests-init-script.patch
@ -1,9 +1,9 @@
 Adjust libvirt-guests init files to conform to SUSE standards

-Index: libvirt-1.2.21/tools/libvirt-guests.init.in
+Index: libvirt-1.3.0/tools/libvirt-guests.init.in
 ===================================================================
--- libvirt-1.2.21.orig/tools/libvirt-guests.init.in
-+++ libvirt-1.2.21/tools/libvirt-guests.init.in
+--- libvirt-1.3.0.orig/tools/libvirt-guests.init.in
+++ libvirt-1.3.0/tools/libvirt-guests.init.in
@@ -3,15 +3,15 @@
 # the following is the LSB init header
 #
@ -28,10 +28,10 @@ Index: libvirt-1.2.21/tools/libvirt-guests.init.in
 ### END INIT INFO
 
 # the following is chkconfig init header
-Index: libvirt-1.2.21/tools/libvirt-guests.sh.in
+Index: libvirt-1.3.0/tools/libvirt-guests.sh.in
 ===================================================================
--- libvirt-1.2.21.orig/tools/libvirt-guests.sh.in
-+++ libvirt-1.2.21/tools/libvirt-guests.sh.in
+--- libvirt-1.3.0.orig/tools/libvirt-guests.sh.in
+++ libvirt-1.3.0/tools/libvirt-guests.sh.in
@@ -16,14 +16,13 @@
 # License along with this library.  If not, see
 # <http://www.gnu.org/licenses/>.
@ -191,10 +191,10 @@ Index: libvirt-1.2.21/tools/libvirt-guests.sh.in
 esac
 -exit $RETVAL
 +rc_exit
-Index: libvirt-1.2.21/tools/libvirt-guests.sysconf
+Index: libvirt-1.3.0/tools/libvirt-guests.sysconf
 ===================================================================
--- libvirt-1.2.21.orig/tools/libvirt-guests.sysconf
-+++ libvirt-1.2.21/tools/libvirt-guests.sysconf
+--- libvirt-1.3.0.orig/tools/libvirt-guests.sysconf
+++ libvirt-1.3.0/tools/libvirt-guests.sysconf
@@ -1,19 +1,29 @@
 +## Path: System/Virtualization/libvirt-guests
 +
--- a/libvirt-power8-models.patch
+++ b/libvirt-power8-models.patch
@ -1,7 +1,7 @@
-Index: libvirt-1.2.21/src/cpu/cpu_map.xml
+Index: libvirt-1.3.0/src/cpu/cpu_map.xml
 ===================================================================
--- libvirt-1.2.21.orig/src/cpu/cpu_map.xml
-+++ libvirt-1.2.21/src/cpu/cpu_map.xml
+--- libvirt-1.3.0.orig/src/cpu/cpu_map.xml
+++ libvirt-1.3.0/src/cpu/cpu_map.xml
@@ -1424,6 +1424,16 @@
       <pvr value='0x004d0000' mask='0xffff0000'/>
     </model>
--- a/libvirt-suse-netcontrol.patch
+++ b/libvirt-suse-netcontrol.patch
@ -1,7 +1,7 @@
-Index: libvirt-1.2.21/configure.ac
+Index: libvirt-1.3.0/configure.ac
 ===================================================================
--- libvirt-1.2.21.orig/configure.ac
-+++ libvirt-1.2.21/configure.ac
+--- libvirt-1.3.0.orig/configure.ac
+++ libvirt-1.3.0/configure.ac
@@ -242,6 +242,7 @@ LIBVIRT_CHECK_FUSE
 LIBVIRT_CHECK_GLUSTER
 LIBVIRT_CHECK_HAL
@ -10,7 +10,7 @@ Index: libvirt-1.2.21/configure.ac
 LIBVIRT_CHECK_NUMACTL
 LIBVIRT_CHECK_OPENWSMAN
 LIBVIRT_CHECK_PCIACCESS
-@@ -2482,11 +2483,12 @@ if test "$with_libvirtd" = "no" ; then
+@@ -2495,11 +2496,12 @@ if test "$with_libvirtd" = "no" ; then
   with_interface=no
 fi
 
@ -26,7 +26,7 @@ Index: libvirt-1.2.21/configure.ac
 esac
 
 if test "$with_interface" = "yes" ; then
-@@ -2880,6 +2882,7 @@ LIBVIRT_RESULT_FUSE
+@@ -2893,6 +2895,7 @@ LIBVIRT_RESULT_FUSE
 LIBVIRT_RESULT_GLUSTER
 LIBVIRT_RESULT_HAL
 LIBVIRT_RESULT_NETCF
@ -34,11 +34,11 @@ Index: libvirt-1.2.21/configure.ac
 LIBVIRT_RESULT_NUMACTL
 LIBVIRT_RESULT_OPENWSMAN
 LIBVIRT_RESULT_PCIACCESS
-Index: libvirt-1.2.21/src/Makefile.am
+Index: libvirt-1.3.0/src/Makefile.am
 ===================================================================
--- libvirt-1.2.21.orig/src/Makefile.am
-+++ libvirt-1.2.21/src/Makefile.am
-@@ -878,6 +878,10 @@ if WITH_NETCF
+--- libvirt-1.3.0.orig/src/Makefile.am
+++ libvirt-1.3.0/src/Makefile.am
+@@ -922,6 +922,10 @@ if WITH_NETCF
 INTERFACE_DRIVER_SOURCES +=					\
 		interface/interface_backend_netcf.c
 endif WITH_NETCF
@ -49,7 +49,7 @@ Index: libvirt-1.2.21/src/Makefile.am
 if WITH_UDEV
 INTERFACE_DRIVER_SOURCES +=					\
 		interface/interface_backend_udev.c
-@@ -1503,6 +1507,10 @@ if WITH_NETCF
+@@ -1547,6 +1551,10 @@ if WITH_NETCF
 libvirt_driver_interface_la_CFLAGS += $(NETCF_CFLAGS)
 libvirt_driver_interface_la_LIBADD += $(NETCF_LIBS)
 endif WITH_NETCF
@ -60,10 +60,10 @@ Index: libvirt-1.2.21/src/Makefile.am
 if WITH_UDEV
 libvirt_driver_interface_la_CFLAGS += $(UDEV_CFLAGS)
 libvirt_driver_interface_la_LIBADD += $(UDEV_LIBS)
-Index: libvirt-1.2.21/tools/virsh.c
+Index: libvirt-1.3.0/tools/virsh.c
 ===================================================================
--- libvirt-1.2.21.orig/tools/virsh.c
-+++ libvirt-1.2.21/tools/virsh.c
+--- libvirt-1.3.0.orig/tools/virsh.c
+++ libvirt-1.3.0/tools/virsh.c
@@ -588,6 +588,8 @@ virshShowVersion(vshControl *ctl ATTRIBU
     vshPrint(ctl, " Interface");
 # if defined(WITH_NETCF)
@ -73,10 +73,10 @@ Index: libvirt-1.2.21/tools/virsh.c
 # elif defined(WITH_UDEV)
     vshPrint(ctl, " udev");
 # endif
-Index: libvirt-1.2.21/src/interface/interface_backend_netcf.c
+Index: libvirt-1.3.0/src/interface/interface_backend_netcf.c
 ===================================================================
--- libvirt-1.2.21.orig/src/interface/interface_backend_netcf.c
-+++ libvirt-1.2.21/src/interface/interface_backend_netcf.c
+--- libvirt-1.3.0.orig/src/interface/interface_backend_netcf.c
+++ libvirt-1.3.0/src/interface/interface_backend_netcf.c
@@ -23,7 +23,12 @@
 
 #include <config.h>
@ -160,10 +160,10 @@ Index: libvirt-1.2.21/src/interface/interface_backend_netcf.c
     if (virSetSharedInterfaceDriver(&interfaceDriver) < 0)
         return -1;
     if (virRegisterStateDriver(&interfaceStateDriver) < 0)
-Index: libvirt-1.2.21/src/interface/interface_driver.c
+Index: libvirt-1.3.0/src/interface/interface_driver.c
 ===================================================================
--- libvirt-1.2.21.orig/src/interface/interface_driver.c
-+++ libvirt-1.2.21/src/interface/interface_driver.c
+--- libvirt-1.3.0.orig/src/interface/interface_driver.c
+++ libvirt-1.3.0/src/interface/interface_driver.c
@@ -30,8 +30,15 @@ interfaceRegister(void)
     if (netcfIfaceRegister() == 0)
         return 0;
@ -181,10 +181,10 @@ Index: libvirt-1.2.21/src/interface/interface_driver.c
     if (udevIfaceRegister() == 0)
         return 0;
 #endif /* WITH_UDEV */
-Index: libvirt-1.2.21/m4/virt-netcontrol.m4
+Index: libvirt-1.3.0/m4/virt-netcontrol.m4
 ===================================================================
 --- /dev/null
-+++ libvirt-1.2.21/m4/virt-netcontrol.m4
+++ libvirt-1.3.0/m4/virt-netcontrol.m4
@@ -0,0 +1,35 @@
 +dnl The libnetcontrol library
 +dnl
--- a/libvirt.changes
+++ b/libvirt.changes
@ -1,3 +1,29 @@
+-------------------------------------------------------------------
+Tue Dec 22 02:21:44 UTC 2015 - jfehlig@suse.com
+
+- spec: perform one-time enable and start of virtlogd.socket when
+  upgrading from libvirt < 1.3.0. Inspired by upstream libvirt.git
+  commit da054f35.
+
+-------------------------------------------------------------------
+Fri Dec 18 16:08:37 UTC 2015 - jfehlig@suse.com
+
+- CVE-2015-5313: don't allow '/' in filesystem volume names
+  034e47c3-CVE-2015-5313.patch
+  bsc#953110
+- Fix failing qemuxml2argv test on 32-bit platforms
+  ace1ee22-qemuxml2argv-test.patch
+
+-------------------------------------------------------------------
+Thu Dec 17 22:57:56 UTC 2015 - jfehlig@suse.com
+
+- Update to libvirt 1.3.0
+  - New virtlogd log daemon
+  - Many incremental improvements and bug fixes, see
+    http://libvirt.org/news.html
+  - Dropped patch: 703ec1b7-qemu-bridge-helper-fix.patch
+  - Added patch: virtlogd-init-script.patch
+
 -------------------------------------------------------------------
 Thu Dec  3 10:16:34 UTC 2015 - cbosdonnat@suse.com

--- a/libvirt.spec
+++ b/libvirt.spec
@ -1,7 +1,7 @@
 #
 # spec file for package libvirt
 #
-# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -240,7 +240,7 @@

 Name:           libvirt
 Url:            http://libvirt.org/
-Version:        1.2.21
+Version:        1.3.0
 Release:        0
 Summary:        Library providing a simple virtualization API
 License:        LGPL-2.1+
@ -453,7 +453,8 @@ Source3:        libvirtd.init
 Source4:        libvirtd-relocation-server.fw
 Source99:       baselibs.conf
 # Upstream patches
-Patch0:         703ec1b7-qemu-bridge-helper-fix.patch
+Patch0:         034e47c3-CVE-2015-5313.patch
+Patch1:         ace1ee22-qemuxml2argv-test.patch
 # Patches pending upstream review
 Patch100:       add-with-login-shell.patch
 Patch101:       virt-aa-helper-rw-mounts.patch
@ -468,14 +469,15 @@ Patch200:       libvirtd-defaults.patch
 Patch201:       libvirtd-init-script.patch
 Patch202:       libvirt-guests-init-script.patch
 Patch203:       virtlockd-init-script.patch
-Patch204:       suse-qemu-conf.patch
-Patch205:       support-managed-pci-xen-driver.patch
-Patch206:       systemd-service-xen.patch
-Patch207:       xen-sxpr-disk-type.patch
-Patch208:       apparmor-no-mount.patch
-Patch209:       qemu-apparmor-screenshot.patch
-Patch210:       libvirt-suse-netcontrol.patch
-Patch211:       lxc-wait-after-eth-del.patch
+Patch204:       virtlogd-init-script.patch
+Patch205:       suse-qemu-conf.patch
+Patch206:       support-managed-pci-xen-driver.patch
+Patch207:       systemd-service-xen.patch
+Patch208:       xen-sxpr-disk-type.patch
+Patch209:       apparmor-no-mount.patch
+Patch210:       qemu-apparmor-screenshot.patch
+Patch211:       libvirt-suse-netcontrol.patch
+Patch212:       lxc-wait-after-eth-del.patch
 # SocketUser and SocketGroup settings were added to systemd.socket in
 # version 214.  Patch the setting away in earlier systemd
 %if 0%{systemd_version} < 214
@ -972,6 +974,7 @@ Wireshark dissector plugin for better analysis of libvirt RPC traffic.
 %prep
 %setup -q
 %patch0 -p1
+%patch1 -p1
 %patch100 -p1
 %patch101 -p1
 %patch150 -p1
@ -991,6 +994,7 @@ Wireshark dissector plugin for better analysis of libvirt RPC traffic.
 %patch209 -p1
 %patch210 -p1
 %patch211 -p1
+%patch212 -p1
 %if 0%{systemd_version} < 214
 %patch300 -p1
 %endif
@ -1236,8 +1240,11 @@ rm -rf $RPM_BUILD_ROOT/usr/share/locale/vi_VN
 # temporarily remove polkit ACL policiy configuration - bnc#827644
 rm -f $RPM_BUILD_ROOT/%{_datadir}/polkit-1/actions/org.libvirt.api.policy

-# Until libvirt 1.3.0, follow upstream and remove libvirt-admin.so
+# Similar to upstream, temporarily remove admin-related files
 rm -f $RPM_BUILD_ROOT%{_libdir}/libvirt-admin.so
+rm -f $RPM_BUILD_ROOT%{_bindir}/virt-admin
+rm -f $RPM_BUILD_ROOT%{_mandir}/man1/virt-admin.1*
+rm -f $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/libvirt-admin.conf

 mkdir -p $RPM_BUILD_ROOT/%{_localstatedir}/lib/libvirt
 mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/libvirt/hooks
@ -1334,12 +1341,17 @@ mv $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/libvirtd $RPM_BUILD_ROOT%{_localstate
 rm -f $RPM_BUILD_ROOT/usr/lib/sysctl.d/60-libvirtd.conf
 # For other services, use the in-tree scripts
    %if %{with_systemd}
+rm -f $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/virtlogd
+ln -s %{_sbindir}/service $RPM_BUILD_ROOT%{_sbindir}/rcvirtlogd
 rm -f $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/virtlockd
 ln -s %{_sbindir}/service $RPM_BUILD_ROOT%{_sbindir}/rcvirtlockd
    %else
+mv $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/virtlogd $RPM_BUILD_ROOT%{_sysconfdir}/init.d/virtlogd
+ln -s /etc/init.d/virtlogd $RPM_BUILD_ROOT%{_sbindir}/rcvirtlogd
 mv $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/virtlockd $RPM_BUILD_ROOT%{_sysconfdir}/init.d/virtlockd
 ln -s /etc/init.d/virtlockd $RPM_BUILD_ROOT%{_sbindir}/rcvirtlockd
    %endif
+mv $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/virtlogd $RPM_BUILD_ROOT%{_localstatedir}/adm/fillup-templates/sysconfig.virtlogd
 mv $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/virtlockd $RPM_BUILD_ROOT%{_localstatedir}/adm/fillup-templates/sysconfig.virtlockd
 #install firewall definitions format is described here:
 #/usr/share/SuSEfirewall2/services/TEMPLATE
@ -1393,6 +1405,7 @@ fi
    %if %{with_systemd}
 %service_add_pre libvirtd.service libvirtd.socket
 %service_add_pre virtlockd.service virtlockd.socket
+%service_add_pre virtlogd.service virtlogd.socket
    %endif
 %{_bindir}/getent group libvirt >/dev/null || \
  %{_sbindir}/groupadd -r libvirt 2>/dev/null
@ -1402,17 +1415,21 @@ fi
    %if %{with_systemd}
 %service_add_post libvirtd.service libvirtd.socket
 %service_add_post virtlockd.service virtlockd.socket
+%service_add_post virtlogd.service virtlogd.socket
    %endif
 %{fillup_only -n libvirtd}
 %{fillup_only -n virtlockd}
+%{fillup_only -n virtlogd}

 %preun daemon
    %if %{with_systemd}
 %service_del_preun libvirtd.service libvirtd.socket
 %service_del_preun virtlockd.service virtlockd.socket
+%service_del_preun virtlogd.service virtlogd.socket
    %else
 %stop_on_removal libvirtd
 %stop_on_removal virtlockd
+%stop_on_removal virtlogd
    %endif

 %postun daemon
@ -1420,12 +1437,33 @@ fi
    %if %{with_systemd}
 %service_del_postun libvirtd.service libvirtd.socket
 %service_del_postun virtlockd.service virtlockd.socket
+%service_del_postun virtlogd.service virtlogd.socket
    %else
 %restart_on_update libvirtd
 %restart_on_update virtlockd
+%restart_on_update virtlogd
    %endif
 %insserv_cleanup

+# In upgrade scenario we must explicitly enable virtlockd/virtlogd
+# sockets, if libvirtd is already enabled and start them if
+# libvirtd is running, otherwise you'll get failures to start
+# guests
+%triggerpostun daemon -- libvirt-daemon < 1.3.0
+if [ $1 -ge 1 ] ; then
+    %if %{with_systemd}
+        /usr/bin/systemctl is-enabled libvirtd.service 1>/dev/null 2>&1 &&
+            /usr/bin/systemctl enable virtlogd.socket || :
+        /usr/bin/systemctl is-active libvirtd.service 1>/dev/null 2>&1 &&
+            /usr/bin/systemctl start virtlogd.socket || :
+    %else
+        /sbin/chkconfig libvirtd 1>/dev/null 2>&1 &&
+            /sbin/chkconfig virtlogd on || :
+        /sbin/service libvirtd status 1>/dev/null 2>&1 &&
+            /sbin/service virtlogd start || :
+    %endif
+fi
+
    %if %{with_network}

 %post daemon-config-network
@ -1439,6 +1477,11 @@ fi
    %endif
 %endif # with_libvirtd

+%pre client
+    %if %{with_systemd}
+%service_add_pre libvirt-guests.service
+    %endif
+
 %post client
 /sbin/ldconfig
 %if %{with_systemd}
@ -1472,31 +1515,40 @@ fi
 %files daemon
 %defattr(-, root, root)
 %{_sbindir}/libvirtd
+%{_sbindir}/virtlogd
 %{_sbindir}/virtlockd
 %dir %{_libdir}/%{name}
 %dir %attr(0700, root, root) %{_sysconfdir}/libvirt/
 %dir %attr(0700, root, root) %{_sysconfdir}/libvirt/hooks
 %{_localstatedir}/adm/fillup-templates/sysconfig.libvirtd
+%{_localstatedir}/adm/fillup-templates/sysconfig.virtlogd
 %{_localstatedir}/adm/fillup-templates/sysconfig.virtlockd
    %if %{with_systemd}
 %{_unitdir}/libvirtd.service
 %{_unitdir}/libvirtd.socket
+%{_unitdir}/virtlogd.service
+%{_unitdir}/virtlogd.socket
 %{_unitdir}/virtlockd.service
 %{_unitdir}/virtlockd.socket
    %else
 %config /etc/init.d/libvirtd
+%config /etc/init.d/virtlogd
 %config /etc/init.d/virtlockd
    %endif
 %{_sbindir}/rclibvirtd
+%{_sbindir}/rcvirtlogd
 %{_sbindir}/rcvirtlockd
 %config(noreplace) %{_sysconfdir}/libvirt/libvirtd.conf
 %config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd
+%config(noreplace) %{_sysconfdir}/libvirt/virtlogd.conf
 %config(noreplace) %{_sysconfdir}/libvirt/virtlockd.conf
 %dir %{_datadir}/augeas/
 %dir %{_datadir}/augeas/lenses
 %dir %{_datadir}/augeas/lenses/tests
 %{_datadir}/augeas/lenses/libvirtd.aug
 %{_datadir}/augeas/lenses/tests/test_libvirtd.aug
+%{_datadir}/augeas/lenses/virtlogd.aug
+%{_datadir}/augeas/lenses/tests/test_virtlogd.aug
 %{_datadir}/augeas/lenses/virtlockd.aug
 %{_datadir}/augeas/lenses/tests/test_virtlockd.aug
 %{_datadir}/augeas/lenses/libvirt_lockd.aug
@ -1525,7 +1577,8 @@ fi
    %endif
 %attr(0755, root, root) %{_libdir}/%{name}/libvirt_iohelper
 %doc %{_mandir}/man8/libvirtd.8*
-%{_mandir}/man8/virtlockd.8*
+%doc %{_mandir}/man8/virtlogd.8*
+%doc %{_mandir}/man8/virtlockd.8*
    %if %{with_apparmor}
 %dir %{_sysconfdir}/apparmor.d
 %dir %{_sysconfdir}/apparmor.d/abstractions
--- a/libvirtd-defaults.patch
+++ b/libvirtd-defaults.patch
@ -1,7 +1,7 @@
-Index: libvirt-1.2.21/daemon/libvirtd.conf
+Index: libvirt-1.3.0/daemon/libvirtd.conf
 ===================================================================
--- libvirt-1.2.21.orig/daemon/libvirtd.conf
-+++ libvirt-1.2.21/daemon/libvirtd.conf
+--- libvirt-1.3.0.orig/daemon/libvirtd.conf
+++ libvirt-1.3.0/daemon/libvirtd.conf
@@ -18,8 +18,8 @@
 # It is necessary to setup a CA and issue server certificates before
 # using this capability.
@ -13,10 +13,10 @@ Index: libvirt-1.2.21/daemon/libvirtd.conf
 
 # Listen for unencrypted TCP connections on the public TCP/IP port.
 # NB, must pass the --listen flag to the libvirtd process for this to
-Index: libvirt-1.2.21/daemon/libvirtd-config.c
+Index: libvirt-1.3.0/daemon/libvirtd-config.c
 ===================================================================
--- libvirt-1.2.21.orig/daemon/libvirtd-config.c
-+++ libvirt-1.2.21/daemon/libvirtd-config.c
+--- libvirt-1.3.0.orig/daemon/libvirtd-config.c
+++ libvirt-1.3.0/daemon/libvirtd-config.c
@@ -242,7 +242,7 @@ daemonConfigNew(bool privileged ATTRIBUT
     if (VIR_ALLOC(data) < 0)
         return NULL;
@ -26,10 +26,10 @@ Index: libvirt-1.2.21/daemon/libvirtd-config.c
     data->listen_tcp = 0;
 
     if (VIR_STRDUP(data->tls_port, LIBVIRTD_TLS_PORT) < 0 ||
-Index: libvirt-1.2.21/daemon/test_libvirtd.aug.in
+Index: libvirt-1.3.0/daemon/test_libvirtd.aug.in
 ===================================================================
--- libvirt-1.2.21.orig/daemon/test_libvirtd.aug.in
-+++ libvirt-1.2.21/daemon/test_libvirtd.aug.in
+--- libvirt-1.3.0.orig/daemon/test_libvirtd.aug.in
+++ libvirt-1.3.0/daemon/test_libvirtd.aug.in
@@ -2,7 +2,7 @@ module Test_libvirtd =
    ::CONFIG::
 
--- a/libvirtd-init-script.patch
+++ b/libvirtd-init-script.patch
@ -1,9 +1,9 @@
 Adjust libvirtd sysconfig file to conform to SUSE standards

-Index: libvirt-1.2.21/daemon/libvirtd.sysconf
+Index: libvirt-1.3.0/daemon/libvirtd.sysconf
 ===================================================================
--- libvirt-1.2.21.orig/daemon/libvirtd.sysconf
-+++ libvirt-1.2.21/daemon/libvirtd.sysconf
+--- libvirt-1.3.0.orig/daemon/libvirtd.sysconf
+++ libvirt-1.3.0/daemon/libvirtd.sysconf
@@ -1,16 +1,25 @@
 +## Path: System/Virtualization/libvirt
 +
--- a/libvirtd-systemd-socket.patch
+++ b/libvirtd-systemd-socket.patch
@ -9,10 +9,10 @@ as

 See bsc#933043

-Index: libvirt-1.2.21/daemon/libvirtd.socket.in
+Index: libvirt-1.3.0/daemon/libvirtd.socket.in
 ===================================================================
--- libvirt-1.2.21.orig/daemon/libvirtd.socket.in
-+++ libvirt-1.2.21/daemon/libvirtd.socket.in
+--- libvirt-1.3.0.orig/daemon/libvirtd.socket.in
+++ libvirt-1.3.0/daemon/libvirtd.socket.in
@@ -2,10 +2,8 @@
 ListenStream=@runstatedir@/libvirt/libvirt-sock
 ListenStream=@runstatedir@/libvirt/libvirt-sock-ro
--- a/lxc-wait-after-eth-del.patch
+++ b/lxc-wait-after-eth-del.patch
@ -13,11 +13,11 @@ device with the same name that is being created.
 src/lxc/lxc_process.c    | 1 +
 3 files changed, 4 insertions(+)

-diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
-index 3e5d2b4..02ef04f 100644
--- a/src/lxc/lxc_controller.c
-+++ b/src/lxc/lxc_controller.c
-@@ -2002,6 +2002,7 @@ static int virLXCControllerDeleteInterfaces(virLXCControllerPtr ctrl)
+Index: libvirt-1.3.0/src/lxc/lxc_controller.c
+===================================================================
+--- libvirt-1.3.0.orig/src/lxc/lxc_controller.c
+++ libvirt-1.3.0/src/lxc/lxc_controller.c
+@@ -2002,6 +2002,7 @@ static int virLXCControllerDeleteInterfa
         if (virNetDevVethDelete(ctrl->veths[i]) < 0)
             ret = -1;
     }
@ -25,11 +25,11 @@ index 3e5d2b4..02ef04f 100644
 
     return ret;
 }
-diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
-index 1a9550e..4c7c28f 100644
--- a/src/lxc/lxc_driver.c
-+++ b/src/lxc/lxc_driver.c
-@@ -4254,6 +4254,7 @@ lxcDomainAttachDeviceNetLive(virConnectPtr conn,
+Index: libvirt-1.3.0/src/lxc/lxc_driver.c
+===================================================================
+--- libvirt-1.3.0.orig/src/lxc/lxc_driver.c
+++ libvirt-1.3.0/src/lxc/lxc_driver.c
+@@ -4254,6 +4254,7 @@ lxcDomainAttachDeviceNetLive(virConnectP
         case VIR_DOMAIN_NET_TYPE_BRIDGE:
         case VIR_DOMAIN_NET_TYPE_NETWORK:
             ignore_value(virNetDevVethDelete(veth));
@ -37,7 +37,7 @@ index 1a9550e..4c7c28f 100644
             break;
 
         case VIR_DOMAIN_NET_TYPE_DIRECT:
-@@ -4681,6 +4682,7 @@ lxcDomainDetachDeviceNetLive(virDomainObjPtr vm,
+@@ -4681,6 +4682,7 @@ lxcDomainDetachDeviceNetLive(virDomainOb
             virDomainAuditNet(vm, detach, NULL, "detach", false);
             goto cleanup;
         }
@ -45,11 +45,11 @@ index 1a9550e..4c7c28f 100644
         break;
 
         /* It'd be nice to support this, but with macvlan
-diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c
-index 57e3880..8967de8 100644
--- a/src/lxc/lxc_process.c
-+++ b/src/lxc/lxc_process.c
-@@ -221,6 +221,7 @@ static void virLXCProcessCleanup(virLXCDriverPtr driver,
+Index: libvirt-1.3.0/src/lxc/lxc_process.c
+===================================================================
+--- libvirt-1.3.0.orig/src/lxc/lxc_process.c
+++ libvirt-1.3.0/src/lxc/lxc_process.c
+@@ -221,6 +221,7 @@ static void virLXCProcessCleanup(virLXCD
         }
         networkReleaseActualDevice(vm->def, iface);
     }
@ -57,6 +57,3 @@ index 57e3880..8967de8 100644
 
     virDomainConfVMNWFilterTeardown(vm);
 
-- 
-2.1.4
-
--- a/ppc64le-canonical-name.patch
+++ b/ppc64le-canonical-name.patch
@ -2,10 +2,10 @@ Canonicalize hostarch name ppc64le to ppc64

 See bnc#894956

-Index: libvirt-1.2.21/src/util/virarch.c
+Index: libvirt-1.3.0/src/util/virarch.c
 ===================================================================
--- libvirt-1.2.21.orig/src/util/virarch.c
-+++ libvirt-1.2.21/src/util/virarch.c
+--- libvirt-1.3.0.orig/src/util/virarch.c
+++ libvirt-1.3.0/src/util/virarch.c
@@ -169,6 +169,8 @@ virArch virArchFromHost(void)
         arch = VIR_ARCH_I686;
     } else if (STREQ(ut.machine, "amd64")) {
--- a/qemu-apparmor-screenshot.patch
+++ b/qemu-apparmor-screenshot.patch
@ -1,8 +1,8 @@
-Index: libvirt-1.2.21/examples/apparmor/libvirt-qemu
+Index: libvirt-1.3.0/examples/apparmor/libvirt-qemu
 ===================================================================
--- libvirt-1.2.21.orig/examples/apparmor/libvirt-qemu
-+++ libvirt-1.2.21/examples/apparmor/libvirt-qemu
-@@ -133,6 +133,9 @@
+--- libvirt-1.3.0.orig/examples/apparmor/libvirt-qemu
+++ libvirt-1.3.0/examples/apparmor/libvirt-qemu
+@@ -152,6 +152,9 @@
   /sys/bus/ r,
   /sys/class/ r,
 
--- a/support-managed-pci-xen-driver.patch
+++ b/support-managed-pci-xen-driver.patch
@ -8,10 +8,10 @@ Subject: [PATCH] support managed pci devices in xen driver
 src/xenxs/xen_xm.c   |   28 +++++++++++++++++++++++++++-
 2 files changed, 35 insertions(+), 15 deletions(-)

-Index: libvirt-1.2.21/src/xenconfig/xen_common.c
+Index: libvirt-1.3.0/src/xenconfig/xen_common.c
 ===================================================================
--- libvirt-1.2.21.orig/src/xenconfig/xen_common.c
-+++ libvirt-1.2.21/src/xenconfig/xen_common.c
+--- libvirt-1.3.0.orig/src/xenconfig/xen_common.c
+++ libvirt-1.3.0/src/xenconfig/xen_common.c
@@ -403,6 +403,8 @@ xenParsePCI(virConfPtr conf, virDomainDe
 {
     virConfValuePtr list = virConfGetValue(conf, "pci");
@ -66,10 +66,10 @@ Index: libvirt-1.2.21/src/xenconfig/xen_common.c
             hostdev->source.subsys.type = VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI;
             hostdev->source.subsys.u.pci.addr.domain = domainID;
             hostdev->source.subsys.u.pci.addr.bus = busID;
-Index: libvirt-1.2.21/src/xenconfig/xen_sxpr.c
+Index: libvirt-1.3.0/src/xenconfig/xen_sxpr.c
 ===================================================================
--- libvirt-1.2.21.orig/src/xenconfig/xen_sxpr.c
-+++ libvirt-1.2.21/src/xenconfig/xen_sxpr.c
+--- libvirt-1.3.0.orig/src/xenconfig/xen_sxpr.c
+++ libvirt-1.3.0/src/xenconfig/xen_sxpr.c
@@ -999,6 +999,7 @@ xenParseSxprPCI(virDomainDefPtr def,
         int busID;
         int slotID;
--- a/suse-qemu-conf.patch
+++ b/suse-qemu-conf.patch
@ -1,7 +1,7 @@
-Index: libvirt-1.2.21/src/qemu/qemu.conf
+Index: libvirt-1.3.0/src/qemu/qemu.conf
 ===================================================================
--- libvirt-1.2.21.orig/src/qemu/qemu.conf
-+++ libvirt-1.2.21/src/qemu/qemu.conf
+--- libvirt-1.3.0.orig/src/qemu/qemu.conf
+++ libvirt-1.3.0/src/qemu/qemu.conf
@@ -201,11 +201,20 @@
 # isolation, but it cannot appear in a list of drivers.
 #
--- a/systemd-service-xen.patch
+++ b/systemd-service-xen.patch
@ -1,7 +1,7 @@
-Index: libvirt-1.2.21/daemon/libvirtd.service.in
+Index: libvirt-1.3.0/daemon/libvirtd.service.in
 ===================================================================
--- libvirt-1.2.21.orig/daemon/libvirtd.service.in
-+++ libvirt-1.2.21/daemon/libvirtd.service.in
+--- libvirt-1.3.0.orig/daemon/libvirtd.service.in
+++ libvirt-1.3.0/daemon/libvirtd.service.in
@@ -7,6 +7,7 @@ After=iscsid.service
 After=apparmor.service
 After=local-fs.target
--- a/virt-aa-helper-rw-mounts.patch
+++ b/virt-aa-helper-rw-mounts.patch
@ -15,10 +15,10 @@ denials, making it harder to debug.
 src/security/virt-aa-helper.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

-diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
-index 5de56e5..a2d7226 100644
--- a/src/security/virt-aa-helper.c
-+++ b/src/security/virt-aa-helper.c
+Index: libvirt-1.3.0/src/security/virt-aa-helper.c
+===================================================================
+--- libvirt-1.3.0.orig/src/security/virt-aa-helper.c
+++ libvirt-1.3.0/src/security/virt-aa-helper.c
@@ -1127,7 +1127,10 @@ get_files(vahControl * ctl)
                 ctl->def->fss[i]->src) {
             virDomainFSDefPtr fs = ctl->def->fss[i];
@ -31,6 +31,3 @@ index 5de56e5..a2d7226 100644
                 goto cleanup;
         }
     }
-- 
-2.1.4
-
--- a/virtlockd-init-script.patch
+++ b/virtlockd-init-script.patch
@ -1,9 +1,9 @@
 Adjust virtlockd init files to conform to SUSE standards

-Index: libvirt-1.2.21/src/locking/virtlockd.sysconf
+Index: libvirt-1.3.0/src/locking/virtlockd.sysconf
 ===================================================================
--- libvirt-1.2.21.orig/src/locking/virtlockd.sysconf
-+++ libvirt-1.2.21/src/locking/virtlockd.sysconf
+--- libvirt-1.3.0.orig/src/locking/virtlockd.sysconf
+++ libvirt-1.3.0/src/locking/virtlockd.sysconf
@@ -1,3 +1,7 @@
 +## Path: System/Virtualization/virtlockd
 +
@ -12,10 +12,10 @@ Index: libvirt-1.2.21/src/locking/virtlockd.sysconf
 #
 # Pass extra arguments to virtlockd
 #VIRTLOCKD_ARGS=
-Index: libvirt-1.2.21/src/locking/virtlockd.init.in
+Index: libvirt-1.3.0/src/locking/virtlockd.init.in
 ===================================================================
--- libvirt-1.2.21.orig/src/locking/virtlockd.init.in
-+++ libvirt-1.2.21/src/locking/virtlockd.init.in
+--- libvirt-1.3.0.orig/src/locking/virtlockd.init.in
+++ libvirt-1.3.0/src/locking/virtlockd.init.in
@@ -4,12 +4,14 @@
 # http://www.linux-foundation.org/spec//booksets/LSB-Core-generic/LSB-Core-generic.html#INITSCRCOMCONV
 #
--- a/virtlogd-init-script.patch
+++ b/virtlogd-init-script.patch
@ -0,0 +1,121 @@
+Adjust virtlogd init files to conform to SUSE standards
+
+Index: libvirt-1.3.0/src/logging/virtlogd.init.in
+===================================================================
+--- libvirt-1.3.0.orig/src/logging/virtlogd.init.in
+++ libvirt-1.3.0/src/logging/virtlogd.init.in
+@@ -4,12 +4,14 @@
+ # http://www.linux-foundation.org/spec//booksets/LSB-Core-generic/LSB-Core-generic.html#INITSCRCOMCONV
+ #
+ ### BEGIN INIT INFO
+-# Provides: virtlogd
+-# Default-Start:
+-# Default-Stop: 0 1 2 3 4 5 6
+# Provides:          virtlogd
+# Required-Start:    $network $remote_fs
+# Default-Start:     3 5
+# Required-Stop:     $network $remote_fs
+# Default-Stop:      0 1 2 4 6
+ # Short-Description: virtual machine log manager
+-# Description: This is a daemon for managing logs
+-#              of virtual machine consoles
+# Description:       This is a daemon for managing logs
+#                    of virtual machine consoles
+ ### END INIT INFO
+ 
+ # the following is chkconfig init header
+@@ -24,35 +26,32 @@
+ # pidfile: @localstatedir@/run/virtlogd.pid
+ #
+ 
+-# Source function library.
+-. @sysconfdir@/rc.d/init.d/functions
+. @sysconfdir@/rc.status
+rc_reset
+ 
+ SERVICE=virtlogd
+-PROCESS=virtlogd
+PROCESS=@sbindir@/virtlogd
+ PIDFILE=@localstatedir@/run/$SERVICE.pid
+ 
+ VIRTLOGD_ARGS=
+ 
+ test -f @sysconfdir@/sysconfig/virtlogd && . @sysconfdir@/sysconfig/virtlogd
+ 
+-RETVAL=0
+ 
+ start() {
+-    echo -n $"Starting $SERVICE daemon: "
+-    daemon --pidfile $PIDFILE --check $SERVICE $PROCESS --daemon $VIRTLOGD_ARGS
+-    RETVAL=$?
+-    echo
+-    [ $RETVAL -eq 0 ] && touch @localstatedir@/log/subsys/$SERVICE
+    echo -n $"Starting $SERVICE "
+    test -d $PIDDIR || mkdir -p $PIDDIR
+    startproc -p $PIDFILE $PROCESS --pid-file $PIDFILE --daemon $VIRTLOGD_ARGS
+    rc_status -v
+ }
+ 
+ stop() {
+-    echo -n $"Stopping $SERVICE daemon: "
+    echo -n $"Stopping $SERVICE "
+ 
+-    killproc -p $PIDFILE $PROCESS
+    killproc -p $PIDFILE $PROCESS > /dev/null 2>&1
+     RETVAL=$?
+-    echo
+    rc_status -v
+     if [ $RETVAL -eq 0 ]; then
+-        rm -f @localstatedir@/log/subsys/$SERVICE
+         rm -f $PIDFILE
+     fi
+ }
+@@ -66,9 +65,7 @@ reload() {
+     echo -n $"Reloading $SERVICE configuration: "
+ 
+     killproc -p $PIDFILE $PROCESS -USR1
+-    RETVAL=$?
+-    echo
+-    return $RETVAL
+    rc_status
+ }
+ 
+ # See how we were called.
+@@ -77,18 +74,20 @@ case "$1" in
+         $1
+         ;;
+     status)
+-        status -p $PIDFILE $PROCESS
+-        RETVAL=$?
+        echo -n "Checking status of $SERVICE "
+        checkproc $PROCESS
+        rc_status -v
+         ;;
+     force-reload)
+         reload
+         ;;
+     condrestart|try-restart)
+-        [ -f @localstatedir@/log/subsys/$SERVICE ] && restart || :
+        $0 status >/dev/null && restart || :
+         ;;
+     *)
+         echo $"Usage: $0 {start|stop|status|restart|condrestart|reload|force-reload|try-restart}"
+-        exit 2
+        rc_failed 2
+        rc_exit
+         ;;
+ esac
+-exit $RETVAL
+rc_exit
+Index: libvirt-1.3.0/src/logging/virtlogd.sysconf
+===================================================================
+--- libvirt-1.3.0.orig/src/logging/virtlogd.sysconf
+++ libvirt-1.3.0/src/logging/virtlogd.sysconf
+@@ -1,3 +1,7 @@
+## Path: System/Virtualization/virtlogd
+
+## Type: string
+## Default: ""
+ #
+ # Pass extra arguments to virtlogd
+ #VIRTLOGD_ARGS=
--- a/xen-pv-cdrom.patch
+++ b/xen-pv-cdrom.patch
@ -1,7 +1,7 @@
-Index: libvirt-1.2.21/src/xenconfig/xen_sxpr.c
+Index: libvirt-1.3.0/src/xenconfig/xen_sxpr.c
 ===================================================================
--- libvirt-1.2.21.orig/src/xenconfig/xen_sxpr.c
-+++ libvirt-1.2.21/src/xenconfig/xen_sxpr.c
+--- libvirt-1.3.0.orig/src/xenconfig/xen_sxpr.c
+++ libvirt-1.3.0/src/xenconfig/xen_sxpr.c
@@ -334,7 +334,7 @@ xenParseSxprChar(const char *value,
 static int
 xenParseSxprDisks(virDomainDefPtr def,
--- a/xen-sxpr-disk-type.patch
+++ b/xen-sxpr-disk-type.patch
@ -6,10 +6,10 @@ and 'file'. This was implicitly done prior to commit 9673418c.

 https://bugzilla.suse.com/show_bug.cgi?id=938228

-Index: libvirt-1.2.21/src/xenconfig/xen_sxpr.c
+Index: libvirt-1.3.0/src/xenconfig/xen_sxpr.c
 ===================================================================
--- libvirt-1.2.21.orig/src/xenconfig/xen_sxpr.c
-+++ libvirt-1.2.21/src/xenconfig/xen_sxpr.c
+--- libvirt-1.3.0.orig/src/xenconfig/xen_sxpr.c
+++ libvirt-1.3.0/src/xenconfig/xen_sxpr.c
@@ -449,10 +449,11 @@ xenParseSxprDisks(virDomainDefPtr def,
                        omnipotent, we can revisit this, perhaps stat()'ing
                        the src file in question */