Accepting request 214742 from Virtualization

Updated libvirt package for Factory.  The update to 1.2.1 fixes
several CVE's noted below.

- Add CAP_SYS_PACCT capability to libvirtd AppArmor profile
  Modified install-apparmor-profiles.patch
  bnc#817407

- Fix build on code 11
- Fix rpmlint warning

- Following the upstream pattern, introduce the
  daemon-config-network subpackage to handle defining the default
  network
  bnc#859041

- Update to libvirt 1.2.1
  - CVE-2014-0028, CVE-2014-1447, CVE-2013-6458, CVE-2013-6457,
    CVE-2013-6436
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Dropped upstream patches: 5e397d9c-test-fix-dbus-crash.patch,
    78af457e-fix-virnettlscontexttest.patch,
    9faf3f29-LXC-memtune.patch, f8c1cb90-CVE-2013-6436.patch,
    libxl-hvm-nic.patch

OBS-URL: https://build.opensuse.org/request/show/214742
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvirt?expand=0&rev=137
This commit is contained in:
Stephan Kulow 2014-01-23 13:03:21 +00:00 committed by Git OBS Bridge
commit 55a81c7bf3
23 changed files with 198 additions and 596 deletions

View File

@ -1,31 +0,0 @@
From 5e397d9c0f2ce7d464f8e7e6a598d1c955dfc04a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <cbosdonnat@suse.com>
Date: Wed, 18 Dec 2013 17:33:44 +0000
Subject: [PATCH] Fix crash in virsystemdtest with dbus 1.7.6
D-bus introduced some changes in its locking code. Overriding the init
function skips the new locking init and thus crashes later in libvirt
test. Removing the function makes the test pass again.
---
tests/virsystemdmock.c | 5 -----
1 file changed, 5 deletions(-)
diff --git a/tests/virsystemdmock.c b/tests/virsystemdmock.c
index b8fc031..b3b82b4 100644
--- a/tests/virsystemdmock.c
+++ b/tests/virsystemdmock.c
@@ -31,11 +31,6 @@ void dbus_connection_set_change_sigpipe(dbus_bool_t will_modify_sigpipe ATTRIBUT
{
}
-dbus_bool_t dbus_threads_init_default(void)
-{
- return 1;
-}
-
DBusConnection *dbus_bus_get(DBusBusType type ATTRIBUTE_UNUSED,
DBusError *error ATTRIBUTE_UNUSED)
{
--
1.8.4.4

View File

@ -1,43 +0,0 @@
From 78af457eefaf40e66a28b00446c03f8ee9a7f30f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <cbosdonnat@suse.com>
Date: Mon, 23 Dec 2013 09:01:42 +0100
Subject: [PATCH] virnettlscontexttest fails with GNUTLS 3.0.28
On openSUSE 12.x with GNUTLS 3.0.28, virnettlscontexttest fails. It has
been reported to work from GNUTLS 3.1.11 on Fedora 19. Changed the
constraints on gnutls to 3.1+ for unit test cacert4req.
Signed-off-by: Eric Blake <eblake@redhat.com>
---
tests/virnettlscontexttest.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/tests/virnettlscontexttest.c b/tests/virnettlscontexttest.c
index fc512fc..1cc9946 100644
--- a/tests/virnettlscontexttest.c
+++ b/tests/virnettlscontexttest.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2011-2012 Red Hat, Inc.
+ * Copyright (C) 2011-2013 Red Hat, Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
@@ -265,10 +265,12 @@ mymain(void)
/* Technically a CA cert with basic constraints
* key purpose == key signing + non-critical should
- * be rejected. GNUTLS < 3 does not reject it and
+ * be rejected. GNUTLS < 3.1 does not reject it and
* we don't anticipate them changing this behaviour
*/
- DO_CTX_TEST(true, cacert4req.filename, servercert4req.filename, GNUTLS_VERSION_MAJOR >= 3);
+ DO_CTX_TEST(true, cacert4req.filename, servercert4req.filename,
+ (GNUTLS_VERSION_MAJOR == 3 && GNUTLS_VERSION_MINOR >= 1) ||
+ GNUTLS_VERSION_MAJOR > 3);
DO_CTX_TEST(true, cacert5req.filename, servercert5req.filename, true);
DO_CTX_TEST(true, cacert6req.filename, servercert6req.filename, true);
--
1.8.4.4

View File

@ -1,199 +0,0 @@
commit 9faf3f2950aed1643ab7564afcb4c693c77f71b5
Author: Martin Kletzander <mkletzan@redhat.com>
Date: Mon Dec 9 11:15:12 2013 +0100
Fix crash in lxcDomainSetMemoryParameters
The function doesn't check whether the request is made for active or
inactive domain. Thus when the domain is not running it still tries
accessing non-existing cgroups (priv->cgroup, which is NULL).
I re-made the function in order for it to work the same way it's qemu
counterpart does.
Reproducer:
1) Define an LXC domain
2) Do 'virsh memtune <domain> --hard-limit 133T'
Backtrace:
Thread 6 (Thread 0x7fffec8c0700 (LWP 26826)):
#0 0x00007ffff70edcc4 in virCgroupPathOfController (group=0x0, controller=3,
key=0x7ffff75734bd "memory.limit_in_bytes", path=0x7fffec8bf718) at util/vircgroup.c:1764
#1 0x00007ffff70e9206 in virCgroupSetValueStr (group=0x0, controller=3,
key=0x7ffff75734bd "memory.limit_in_bytes", value=0x7fffe409f360 "1073741824")
at util/vircgroup.c:669
#2 0x00007ffff70e98b4 in virCgroupSetValueU64 (group=0x0, controller=3,
key=0x7ffff75734bd "memory.limit_in_bytes", value=1073741824) at util/vircgroup.c:740
#3 0x00007ffff70ee518 in virCgroupSetMemory (group=0x0, kb=1048576) at util/vircgroup.c:1904
#4 0x00007ffff70ee675 in virCgroupSetMemoryHardLimit (group=0x0, kb=1048576)
at util/vircgroup.c:1944
#5 0x00005555557d54c8 in lxcDomainSetMemoryParameters (dom=0x7fffe40cc420,
params=0x7fffe409f100, nparams=1, flags=0) at lxc/lxc_driver.c:774
#6 0x00007ffff72c20f9 in virDomainSetMemoryParameters (domain=0x7fffe40cc420,
params=0x7fffe409f100, nparams=1, flags=0) at libvirt.c:4051
#7 0x000055555561365f in remoteDispatchDomainSetMemoryParameters (server=0x555555eb7e00,
client=0x555555ec4b10, msg=0x555555eb94e0, rerr=0x7fffec8bfb70, args=0x7fffe40b8510)
at remote_dispatch.h:7621
#8 0x00005555556133fd in remoteDispatchDomainSetMemoryParametersHelper (server=0x555555eb7e00,
client=0x555555ec4b10, msg=0x555555eb94e0, rerr=0x7fffec8bfb70, args=0x7fffe40b8510,
ret=0x7fffe40b84f0) at remote_dispatch.h:7591
#9 0x00007ffff73b293f in virNetServerProgramDispatchCall (prog=0x555555ec3ae0,
server=0x555555eb7e00, client=0x555555ec4b10, msg=0x555555eb94e0)
at rpc/virnetserverprogram.c:435
#10 0x00007ffff73b207f in virNetServerProgramDispatch (prog=0x555555ec3ae0,
server=0x555555eb7e00, client=0x555555ec4b10, msg=0x555555eb94e0)
at rpc/virnetserverprogram.c:305
#11 0x00007ffff73a4d2c in virNetServerProcessMsg (srv=0x555555eb7e00, client=0x555555ec4b10,
prog=0x555555ec3ae0, msg=0x555555eb94e0) at rpc/virnetserver.c:165
#12 0x00007ffff73a4e8d in virNetServerHandleJob (jobOpaque=0x555555ec3e30, opaque=0x555555eb7e00)
at rpc/virnetserver.c:186
#13 0x00007ffff7187f3f in virThreadPoolWorker (opaque=0x555555eb7ac0) at util/virthreadpool.c:144
#14 0x00007ffff718733a in virThreadHelper (data=0x555555eb7890) at util/virthreadpthread.c:161
#15 0x00007ffff468ed89 in start_thread (arg=0x7fffec8c0700) at pthread_create.c:308
#16 0x00007ffff3da26bd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Index: libvirt-1.2.0/src/lxc/lxc_driver.c
===================================================================
--- libvirt-1.2.0.orig/src/lxc/lxc_driver.c
+++ libvirt-1.2.0/src/lxc/lxc_driver.c
@@ -742,12 +742,24 @@ lxcDomainSetMemoryParameters(virDomainPt
int nparams,
unsigned int flags)
{
- size_t i;
+ virCapsPtr caps = NULL;
+ virDomainDefPtr vmdef = NULL;
virDomainObjPtr vm = NULL;
+ virLXCDomainObjPrivatePtr priv = NULL;
+ virLXCDriverConfigPtr cfg = NULL;
+ virLXCDriverPtr driver = dom->conn->privateData;
+ unsigned long long hard_limit;
+ unsigned long long soft_limit;
+ unsigned long long swap_hard_limit;
+ bool set_hard_limit = false;
+ bool set_soft_limit = false;
+ bool set_swap_hard_limit = false;
+ int rc;
int ret = -1;
- virLXCDomainObjPrivatePtr priv;
- virCheckFlags(0, -1);
+ virCheckFlags(VIR_DOMAIN_AFFECT_LIVE |
+ VIR_DOMAIN_AFFECT_CONFIG, -1);
+
if (virTypedParamsValidate(params, nparams,
VIR_DOMAIN_MEMORY_HARD_LIMIT,
VIR_TYPED_PARAM_ULLONG,
@@ -762,29 +774,97 @@ lxcDomainSetMemoryParameters(virDomainPt
goto cleanup;
priv = vm->privateData;
+ cfg = virLXCDriverGetConfig(driver);
- if (virDomainSetMemoryParametersEnsureACL(dom->conn, vm->def, flags) < 0)
+ if (virDomainSetMemoryParametersEnsureACL(dom->conn, vm->def, flags) < 0 ||
+ !(caps = virLXCDriverGetCapabilities(driver, false)) ||
+ virDomainLiveConfigHelperMethod(caps, driver->xmlopt,
+ vm, &flags, &vmdef) < 0)
goto cleanup;
- ret = 0;
- for (i = 0; i < nparams; i++) {
- virTypedParameterPtr param = &params[i];
+ if (flags & VIR_DOMAIN_AFFECT_LIVE &&
+ !virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_MEMORY)) {
+ virReportError(VIR_ERR_OPERATION_INVALID,
+ "%s", _("cgroup memory controller is not mounted"));
+ goto cleanup;
+ }
- if (STREQ(param->field, VIR_DOMAIN_MEMORY_HARD_LIMIT)) {
- if (virCgroupSetMemoryHardLimit(priv->cgroup, params[i].value.ul) < 0)
- ret = -1;
- } else if (STREQ(param->field, VIR_DOMAIN_MEMORY_SOFT_LIMIT)) {
- if (virCgroupSetMemorySoftLimit(priv->cgroup, params[i].value.ul) < 0)
- ret = -1;
- } else if (STREQ(param->field, VIR_DOMAIN_MEMORY_SWAP_HARD_LIMIT)) {
- if (virCgroupSetMemSwapHardLimit(priv->cgroup, params[i].value.ul) < 0)
- ret = -1;
+#define VIR_GET_LIMIT_PARAMETER(PARAM, VALUE) \
+ if ((rc = virTypedParamsGetULLong(params, nparams, PARAM, &VALUE)) < 0) \
+ goto cleanup; \
+ \
+ if (rc == 1) \
+ set_ ## VALUE = true;
+
+ VIR_GET_LIMIT_PARAMETER(VIR_DOMAIN_MEMORY_SWAP_HARD_LIMIT, swap_hard_limit)
+ VIR_GET_LIMIT_PARAMETER(VIR_DOMAIN_MEMORY_HARD_LIMIT, hard_limit)
+ VIR_GET_LIMIT_PARAMETER(VIR_DOMAIN_MEMORY_SOFT_LIMIT, soft_limit)
+
+#undef VIR_GET_LIMIT_PARAMETER
+
+ /* Swap hard limit must be greater than hard limit.
+ * Note that limit of 0 denotes unlimited */
+ if (set_swap_hard_limit || set_hard_limit) {
+ unsigned long long mem_limit = vm->def->mem.hard_limit;
+ unsigned long long swap_limit = vm->def->mem.swap_hard_limit;
+
+ if (set_swap_hard_limit)
+ swap_limit = swap_hard_limit;
+
+ if (set_hard_limit)
+ mem_limit = hard_limit;
+
+ if (virCompareLimitUlong(mem_limit, swap_limit) > 0) {
+ virReportError(VIR_ERR_INVALID_ARG, "%s",
+ _("memory hard_limit tunable value must be lower "
+ "than or equal to swap_hard_limit"));
+ goto cleanup;
}
}
+#define LXC_SET_MEM_PARAMETER(FUNC, VALUE) \
+ if (set_ ## VALUE) { \
+ if (flags & VIR_DOMAIN_AFFECT_LIVE) { \
+ if ((rc = FUNC(priv->cgroup, VALUE)) < 0) { \
+ virReportSystemError(-rc, _("unable to set memory %s tunable"), \
+ #VALUE); \
+ \
+ goto cleanup; \
+ } \
+ vm->def->mem.VALUE = VALUE; \
+ } \
+ \
+ if (flags & VIR_DOMAIN_AFFECT_CONFIG) \
+ vmdef->mem.VALUE = VALUE; \
+ }
+
+ /* Soft limit doesn't clash with the others */
+ LXC_SET_MEM_PARAMETER(virCgroupSetMemorySoftLimit, soft_limit);
+
+ /* set hard limit before swap hard limit if decreasing it */
+ if (virCompareLimitUlong(vm->def->mem.hard_limit, hard_limit) > 0) {
+ LXC_SET_MEM_PARAMETER(virCgroupSetMemoryHardLimit, hard_limit);
+ /* inhibit changing the limit a second time */
+ set_hard_limit = false;
+ }
+
+ LXC_SET_MEM_PARAMETER(virCgroupSetMemSwapHardLimit, swap_hard_limit);
+
+ /* otherwise increase it after swap hard limit */
+ LXC_SET_MEM_PARAMETER(virCgroupSetMemoryHardLimit, hard_limit);
+
+#undef LXC_SET_MEM_PARAMETER
+
+ if (flags & VIR_DOMAIN_AFFECT_CONFIG &&
+ virDomainSaveConfig(cfg->configDir, vmdef) < 0)
+ goto cleanup;
+
+ ret = 0;
cleanup:
if (vm)
virObjectUnlock(vm);
+ virObjectUnref(caps);
+ virObjectUnref(cfg);
return ret;
}

View File

@ -1,145 +0,0 @@
commit f8c1cb90213508c4f32549023b0572ed774e48aa
Author: Martin Kletzander <mkletzan@redhat.com>
Date: Mon Dec 9 11:15:11 2013 +0100
CVE-2013-6436: fix crash in lxcDomainGetMemoryParameters
The function doesn't check whether the request is made for active or
inactive domain. Thus when the domain is not running it still tries
accessing non-existing cgroups (priv->cgroup, which is NULL).
I re-made the function in order for it to work the same way it's qemu
counterpart does.
Reproducer:
1) Define an LXC domain
2) Do 'virsh memtune <domain>'
Backtrace:
Thread 6 (Thread 0x7fffec8c0700 (LWP 13387)):
#0 0x00007ffff70edcc4 in virCgroupPathOfController (group=0x0, controller=3,
key=0x7ffff75734bd "memory.limit_in_bytes", path=0x7fffec8bf750) at util/vircgroup.c:1764
#1 0x00007ffff70e958c in virCgroupGetValueStr (group=0x0, controller=3,
key=0x7ffff75734bd "memory.limit_in_bytes", value=0x7fffec8bf7c0) at util/vircgroup.c:705
#2 0x00007ffff70e9d29 in virCgroupGetValueU64 (group=0x0, controller=3,
key=0x7ffff75734bd "memory.limit_in_bytes", value=0x7fffec8bf810) at util/vircgroup.c:804
#3 0x00007ffff70ee706 in virCgroupGetMemoryHardLimit (group=0x0, kb=0x7fffec8bf8a8)
at util/vircgroup.c:1962
#4 0x00005555557d590f in lxcDomainGetMemoryParameters (dom=0x7fffd40024a0,
params=0x7fffd40027a0, nparams=0x7fffec8bfa24, flags=0) at lxc/lxc_driver.c:826
#5 0x00007ffff72c28d3 in virDomainGetMemoryParameters (domain=0x7fffd40024a0,
params=0x7fffd40027a0, nparams=0x7fffec8bfa24, flags=0) at libvirt.c:4137
#6 0x000055555563714d in remoteDispatchDomainGetMemoryParameters (server=0x555555eb7e00,
client=0x555555ebaef0, msg=0x555555ebb3e0, rerr=0x7fffec8bfb70, args=0x7fffd40024e0,
ret=0x7fffd4002420) at remote.c:1895
#7 0x00005555556052c4 in remoteDispatchDomainGetMemoryParametersHelper (server=0x555555eb7e00,
client=0x555555ebaef0, msg=0x555555ebb3e0, rerr=0x7fffec8bfb70, args=0x7fffd40024e0,
ret=0x7fffd4002420) at remote_dispatch.h:4050
#8 0x00007ffff73b293f in virNetServerProgramDispatchCall (prog=0x555555ec3ae0,
server=0x555555eb7e00, client=0x555555ebaef0, msg=0x555555ebb3e0)
at rpc/virnetserverprogram.c:435
#9 0x00007ffff73b207f in virNetServerProgramDispatch (prog=0x555555ec3ae0,
server=0x555555eb7e00, client=0x555555ebaef0, msg=0x555555ebb3e0)
at rpc/virnetserverprogram.c:305
#10 0x00007ffff73a4d2c in virNetServerProcessMsg (srv=0x555555eb7e00, client=0x555555ebaef0,
prog=0x555555ec3ae0, msg=0x555555ebb3e0) at rpc/virnetserver.c:165
#11 0x00007ffff73a4e8d in virNetServerHandleJob (jobOpaque=0x555555ebc7e0, opaque=0x555555eb7e00)
at rpc/virnetserver.c:186
#12 0x00007ffff7187f3f in virThreadPoolWorker (opaque=0x555555eb7ac0) at util/virthreadpool.c:144
#13 0x00007ffff718733a in virThreadHelper (data=0x555555eb7890) at util/virthreadpthread.c:161
#14 0x00007ffff468ed89 in start_thread (arg=0x7fffec8c0700) at pthread_create.c:308
#15 0x00007ffff3da26bd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Index: libvirt-1.2.0/src/lxc/lxc_driver.c
===================================================================
--- libvirt-1.2.0.orig/src/lxc/lxc_driver.c
+++ libvirt-1.2.0/src/lxc/lxc_driver.c
@@ -794,22 +794,36 @@ lxcDomainGetMemoryParameters(virDomainPt
int *nparams,
unsigned int flags)
{
- size_t i;
+ virCapsPtr caps = NULL;
+ virDomainDefPtr vmdef = NULL;
virDomainObjPtr vm = NULL;
+ virLXCDomainObjPrivatePtr priv = NULL;
+ virLXCDriverPtr driver = dom->conn->privateData;
unsigned long long val;
int ret = -1;
- virLXCDomainObjPrivatePtr priv;
+ size_t i;
- virCheckFlags(0, -1);
+ virCheckFlags(VIR_DOMAIN_AFFECT_LIVE |
+ VIR_DOMAIN_AFFECT_CONFIG, -1);
if (!(vm = lxcDomObjFromDomain(dom)))
goto cleanup;
priv = vm->privateData;
- if (virDomainGetMemoryParametersEnsureACL(dom->conn, vm->def) < 0)
+ if (virDomainGetMemoryParametersEnsureACL(dom->conn, vm->def) < 0 ||
+ !(caps = virLXCDriverGetCapabilities(driver, false)) ||
+ virDomainLiveConfigHelperMethod(caps, driver->xmlopt,
+ vm, &flags, &vmdef) < 0)
goto cleanup;
+ if (flags & VIR_DOMAIN_AFFECT_LIVE &&
+ !virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_MEMORY)) {
+ virReportError(VIR_ERR_OPERATION_INVALID,
+ "%s", _("cgroup memory controller is not mounted"));
+ goto cleanup;
+ }
+
if ((*nparams) == 0) {
/* Current number of memory parameters supported by cgroups */
*nparams = LXC_NB_MEM_PARAM;
@@ -823,22 +837,34 @@ lxcDomainGetMemoryParameters(virDomainPt
switch (i) {
case 0: /* fill memory hard limit here */
- if (virCgroupGetMemoryHardLimit(priv->cgroup, &val) < 0)
+ if (flags & VIR_DOMAIN_AFFECT_CONFIG) {
+ val = vmdef->mem.hard_limit;
+ val = val ? val : VIR_DOMAIN_MEMORY_PARAM_UNLIMITED;
+ } else if (virCgroupGetMemoryHardLimit(priv->cgroup, &val) < 0) {
goto cleanup;
+ }
if (virTypedParameterAssign(param, VIR_DOMAIN_MEMORY_HARD_LIMIT,
VIR_TYPED_PARAM_ULLONG, val) < 0)
goto cleanup;
break;
case 1: /* fill memory soft limit here */
- if (virCgroupGetMemorySoftLimit(priv->cgroup, &val) < 0)
+ if (flags & VIR_DOMAIN_AFFECT_CONFIG) {
+ val = vmdef->mem.soft_limit;
+ val = val ? val : VIR_DOMAIN_MEMORY_PARAM_UNLIMITED;
+ } else if (virCgroupGetMemorySoftLimit(priv->cgroup, &val) < 0) {
goto cleanup;
+ }
if (virTypedParameterAssign(param, VIR_DOMAIN_MEMORY_SOFT_LIMIT,
VIR_TYPED_PARAM_ULLONG, val) < 0)
goto cleanup;
break;
case 2: /* fill swap hard limit here */
- if (virCgroupGetMemSwapHardLimit(priv->cgroup, &val) < 0)
+ if (flags & VIR_DOMAIN_AFFECT_CONFIG) {
+ val = vmdef->mem.swap_hard_limit;
+ val = val ? val : VIR_DOMAIN_MEMORY_PARAM_UNLIMITED;
+ } else if (virCgroupGetMemSwapHardLimit(priv->cgroup, &val) < 0) {
goto cleanup;
+ }
if (virTypedParameterAssign(param,
VIR_DOMAIN_MEMORY_SWAP_HARD_LIMIT,
VIR_TYPED_PARAM_ULLONG, val) < 0)
@@ -859,6 +885,7 @@ lxcDomainGetMemoryParameters(virDomainPt
cleanup:
if (vm)
virObjectUnlock(vm);
+ virObjectUnref(caps);
return ret;
}

View File

@ -8,11 +8,11 @@ uses the 'device_configure' RPC.
This patch changes the xend driver to always call 'device_configure' for
PCI devices to be consistent with the usage in the xen tools.
Index: libvirt-1.2.0/src/xen/xend_internal.c
Index: libvirt-1.2.1/src/xen/xend_internal.c
===================================================================
--- libvirt-1.2.0.orig/src/xen/xend_internal.c
+++ libvirt-1.2.0/src/xen/xend_internal.c
@@ -2207,6 +2207,7 @@ xenDaemonAttachDeviceFlags(virConnectPtr
--- libvirt-1.2.1.orig/src/xen/xend_internal.c
+++ libvirt-1.2.1/src/xen/xend_internal.c
@@ -2216,6 +2216,7 @@ xenDaemonAttachDeviceFlags(virConnectPtr
virBuffer buf = VIR_BUFFER_INITIALIZER;
char class[8], ref[80];
char *target = NULL;
@ -20,7 +20,7 @@ Index: libvirt-1.2.0/src/xen/xend_internal.c
virCheckFlags(VIR_DOMAIN_AFFECT_LIVE | VIR_DOMAIN_AFFECT_CONFIG, -1);
@@ -2305,8 +2306,18 @@ xenDaemonAttachDeviceFlags(virConnectPtr
@@ -2314,8 +2315,18 @@ xenDaemonAttachDeviceFlags(virConnectPtr
}
sexpr = virBufferContentAndReset(&buf);

View File

@ -1,7 +1,7 @@
Index: libvirt-1.2.0/src/lxc/lxc_container.c
Index: libvirt-1.2.1/src/lxc/lxc_container.c
===================================================================
--- libvirt-1.2.0.orig/src/lxc/lxc_container.c
+++ libvirt-1.2.0/src/lxc/lxc_container.c
--- libvirt-1.2.1.orig/src/lxc/lxc_container.c
+++ libvirt-1.2.1/src/lxc/lxc_container.c
@@ -162,12 +162,19 @@ int lxcContainerHasReboot(void)
VIR_FREE(buf);
cmd = v ? LINUX_REBOOT_CMD_CAD_ON : LINUX_REBOOT_CMD_CAD_OFF;
@ -22,7 +22,7 @@ Index: libvirt-1.2.0/src/lxc/lxc_container.c
VIR_FREE(stack);
if (cpid < 0) {
virReportSystemError(errno, "%s",
@@ -1985,6 +1992,9 @@ int lxcContainerStart(virDomainDefPtr de
@@ -2004,6 +2011,9 @@ int lxcContainerStart(virDomainDefPtr de
.handshakefd = handshakefd
};
@ -32,7 +32,7 @@ Index: libvirt-1.2.0/src/lxc/lxc_container.c
/* allocate a stack for the container */
if (VIR_ALLOC_N(stack, stacksize) < 0)
return -1;
@@ -2010,7 +2020,11 @@ int lxcContainerStart(virDomainDefPtr de
@@ -2029,7 +2039,11 @@ int lxcContainerStart(virDomainDefPtr de
cflags |= CLONE_NEWNET;
}
@ -44,7 +44,7 @@ Index: libvirt-1.2.0/src/lxc/lxc_container.c
VIR_FREE(stack);
VIR_DEBUG("clone() completed, new container PID is %d", pid);
@@ -2044,12 +2058,19 @@ int lxcContainerAvailable(int features)
@@ -2063,12 +2077,19 @@ int lxcContainerAvailable(int features)
if (features & LXC_CONTAINER_FEATURE_NET)
flags |= CLONE_NEWNET;

View File

@ -1,8 +1,8 @@
Index: libvirt-1.2.0/examples/apparmor/Makefile.am
Index: libvirt-1.2.1/examples/apparmor/Makefile.am
===================================================================
--- libvirt-1.2.0.orig/examples/apparmor/Makefile.am
+++ libvirt-1.2.0/examples/apparmor/Makefile.am
@@ -14,8 +14,45 @@
--- libvirt-1.2.1.orig/examples/apparmor/Makefile.am
+++ libvirt-1.2.1/examples/apparmor/Makefile.am
@@ -14,13 +14,32 @@
## License along with this library. If not, see
## <http://www.gnu.org/licenses/>.
@ -16,8 +16,8 @@ Index: libvirt-1.2.0/examples/apparmor/Makefile.am
+ libvirt-qemu.in \
+ usr.lib.libvirt.virt-aa-helper.in \
+ usr.sbin.libvirtd.in
+
+if WITH_SECDRIVER_APPARMOR
if WITH_APPARMOR_PROFILES
+
+libvirt-qemu: libvirt-qemu.in
+ sed \
@ -37,26 +37,13 @@ Index: libvirt-1.2.0/examples/apparmor/Makefile.am
+ < $< > $@-t
+ mv $@-t $@
+
+install-data-local: libvirt-qemu usr.sbin.libvirtd usr.lib.libvirt.virt-aa-helper
+ mkdir -p $(DESTDIR)$(sysconfdir)/apparmor.d/
+ $(INSTALL_DATA) usr.lib.libvirt.virt-aa-helper $(DESTDIR)$(sysconfdir)/apparmor.d/usr.lib.libvirt.virt-aa-helper
+ $(INSTALL_DATA) usr.sbin.libvirtd $(DESTDIR)$(sysconfdir)/apparmor.d/usr.sbin.libvirtd
+ mkdir -p $(DESTDIR)$(sysconfdir)/apparmor.d/libvirt
+ $(INSTALL_DATA) TEMPLATE $(DESTDIR)$(sysconfdir)/apparmor.d/libvirt/TEMPLATE
+ mkdir -p $(DESTDIR)$(sysconfdir)/apparmor.d/abstractions
+ $(INSTALL_DATA) libvirt-qemu $(DESTDIR)$(sysconfdir)/apparmor.d/abstractions/libvirt-qemu
+
+uninstall-local::
+ rm -f $(DESTDIR)$(sysconfdir)/apparmor.d/usr.lib.libvirt.virt-aa-helper
+ rm -f $(DESTDIR)$(sysconfdir)/apparmor.d/usr.sbin.libvirtd
+ rm -f $(DESTDIR)$(sysconfdir)/apparmor.d/abstractions/libvirt-qemu
+ rm -f $(DESTDIR)$(sysconfdir)/apparmor.d/libvirt/TEMPLATE
+
+endif
Index: libvirt-1.2.0/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
apparmordir = $(sysconfdir)/apparmor.d/
apparmor_DATA = \
usr.lib.libvirt.virt-aa-helper \
Index: libvirt-1.2.1/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
===================================================================
--- /dev/null
+++ libvirt-1.2.0/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
+++ libvirt-1.2.1/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
@@ -0,0 +1,41 @@
+# Last Modified: Fri Aug 19 11:21:48 2011
+#include <tunables/global>
@ -99,9 +86,9 @@ Index: libvirt-1.2.0/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
+ /var/lib/kvm/images/ r,
+ /var/lib/kvm/images/** r,
+}
Index: libvirt-1.2.0/examples/apparmor/usr.lib.libvirt.virt-aa-helper
Index: libvirt-1.2.1/examples/apparmor/usr.lib.libvirt.virt-aa-helper
===================================================================
--- libvirt-1.2.0.orig/examples/apparmor/usr.lib.libvirt.virt-aa-helper
--- libvirt-1.2.1.orig/examples/apparmor/usr.lib.libvirt.virt-aa-helper
+++ /dev/null
@@ -1,38 +0,0 @@
-# Last Modified: Mon Apr 5 15:10:27 2010
@ -142,9 +129,9 @@ Index: libvirt-1.2.0/examples/apparmor/usr.lib.libvirt.virt-aa-helper
- /var/lib/libvirt/images/ r,
- /var/lib/libvirt/images/** r,
-}
Index: libvirt-1.2.0/examples/apparmor/usr.sbin.libvirtd
Index: libvirt-1.2.1/examples/apparmor/usr.sbin.libvirtd
===================================================================
--- libvirt-1.2.0.orig/examples/apparmor/usr.sbin.libvirtd
--- libvirt-1.2.1.orig/examples/apparmor/usr.sbin.libvirtd
+++ /dev/null
@@ -1,52 +0,0 @@
-# Last Modified: Mon Apr 5 15:03:58 2010
@ -199,11 +186,11 @@ Index: libvirt-1.2.0/examples/apparmor/usr.sbin.libvirtd
- change_profile -> @{LIBVIRT}-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*,
-
-}
Index: libvirt-1.2.0/examples/apparmor/usr.sbin.libvirtd.in
Index: libvirt-1.2.1/examples/apparmor/usr.sbin.libvirtd.in
===================================================================
--- /dev/null
+++ libvirt-1.2.0/examples/apparmor/usr.sbin.libvirtd.in
@@ -0,0 +1,61 @@
+++ libvirt-1.2.1/examples/apparmor/usr.sbin.libvirtd.in
@@ -0,0 +1,62 @@
+# Last Modified: Fri Aug 19 11:20:36 2011
+#include <tunables/global>
+@{LIBVIRT}="libvirt"
@ -218,6 +205,7 @@ Index: libvirt-1.2.0/examples/apparmor/usr.sbin.libvirtd.in
+ capability sys_admin,
+ capability sys_module,
+ capability sys_ptrace,
+ capability sys_pacct,
+ capability sys_nice,
+ capability sys_chroot,
+ capability setuid,
@ -265,9 +253,9 @@ Index: libvirt-1.2.0/examples/apparmor/usr.sbin.libvirtd.in
+ change_profile -> @{LIBVIRT}-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*,
+
+}
Index: libvirt-1.2.0/examples/apparmor/libvirt-qemu
Index: libvirt-1.2.1/examples/apparmor/libvirt-qemu
===================================================================
--- libvirt-1.2.0.orig/examples/apparmor/libvirt-qemu
--- libvirt-1.2.1.orig/examples/apparmor/libvirt-qemu
+++ /dev/null
@@ -1,129 +0,0 @@
-# Last Modified: Fri Mar 9 14:43:22 2012
@ -399,10 +387,10 @@ Index: libvirt-1.2.0/examples/apparmor/libvirt-qemu
-
- /usr/libexec/qemu-bridge-helper rmix,
- }
Index: libvirt-1.2.0/examples/apparmor/libvirt-qemu.in
Index: libvirt-1.2.1/examples/apparmor/libvirt-qemu.in
===================================================================
--- /dev/null
+++ libvirt-1.2.0/examples/apparmor/libvirt-qemu.in
+++ libvirt-1.2.1/examples/apparmor/libvirt-qemu.in
@@ -0,0 +1,132 @@
+# Last Modified: Fri Mar 9 14:43:22 2012
+

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:fbfe494beed93925f3f74ecc51775299218127ce9b6f747852701afa120b7eda
size 19390046

3
libvirt-1.2.1.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:8234f08f12d77e5172f9f8430e9a5bb3370266bc46c9b7f5cad85c3ef2c6293b
size 19585562

View File

@ -1,9 +1,9 @@
Adjust libvirt-guests init files to conform to SUSE standards
Index: libvirt-1.2.0/tools/libvirt-guests.init.in
Index: libvirt-1.2.1/tools/libvirt-guests.init.in
===================================================================
--- libvirt-1.2.0.orig/tools/libvirt-guests.init.in
+++ libvirt-1.2.0/tools/libvirt-guests.init.in
--- libvirt-1.2.1.orig/tools/libvirt-guests.init.in
+++ libvirt-1.2.1/tools/libvirt-guests.init.in
@@ -3,15 +3,15 @@
# the following is the LSB init header
#
@ -28,10 +28,10 @@ Index: libvirt-1.2.0/tools/libvirt-guests.init.in
### END INIT INFO
# the following is chkconfig init header
Index: libvirt-1.2.0/tools/libvirt-guests.sh.in
Index: libvirt-1.2.1/tools/libvirt-guests.sh.in
===================================================================
--- libvirt-1.2.0.orig/tools/libvirt-guests.sh.in
+++ libvirt-1.2.0/tools/libvirt-guests.sh.in
--- libvirt-1.2.1.orig/tools/libvirt-guests.sh.in
+++ libvirt-1.2.1/tools/libvirt-guests.sh.in
@@ -16,14 +16,13 @@
# License along with this library. If not, see
# <http://www.gnu.org/licenses/>.
@ -189,10 +189,10 @@ Index: libvirt-1.2.0/tools/libvirt-guests.sh.in
esac
-exit $RETVAL
+rc_exit
Index: libvirt-1.2.0/tools/libvirt-guests.sysconf
Index: libvirt-1.2.1/tools/libvirt-guests.sysconf
===================================================================
--- libvirt-1.2.0.orig/tools/libvirt-guests.sysconf
+++ libvirt-1.2.0/tools/libvirt-guests.sysconf
--- libvirt-1.2.1.orig/tools/libvirt-guests.sysconf
+++ libvirt-1.2.1/tools/libvirt-guests.sysconf
@@ -1,19 +1,29 @@
+## Path: System/Virtualization/libvirt-guests
+

View File

@ -1,7 +1,7 @@
Index: libvirt-1.2.0/configure.ac
Index: libvirt-1.2.1/configure.ac
===================================================================
--- libvirt-1.2.0.orig/configure.ac
+++ libvirt-1.2.0/configure.ac
--- libvirt-1.2.1.orig/configure.ac
+++ libvirt-1.2.1/configure.ac
@@ -231,6 +231,7 @@ LIBVIRT_CHECK_FUSE
LIBVIRT_CHECK_GLUSTER
LIBVIRT_CHECK_HAL
@ -10,7 +10,7 @@ Index: libvirt-1.2.0/configure.ac
LIBVIRT_CHECK_NUMACTL
LIBVIRT_CHECK_OPENWSMAN
LIBVIRT_CHECK_PCIACCESS
@@ -2312,11 +2313,12 @@ if test "$with_libvirtd" = "no" ; then
@@ -2337,11 +2338,12 @@ if test "$with_libvirtd" = "no" ; then
with_interface=no
fi
@ -26,7 +26,7 @@ Index: libvirt-1.2.0/configure.ac
esac
if test "$with_interface" = "yes" ; then
@@ -2631,6 +2633,7 @@ LIBVIRT_RESULT_FUSE
@@ -2656,6 +2658,7 @@ LIBVIRT_RESULT_FUSE
LIBVIRT_RESULT_GLUSTER
LIBVIRT_RESULT_HAL
LIBVIRT_RESULT_NETCF
@ -34,11 +34,11 @@ Index: libvirt-1.2.0/configure.ac
LIBVIRT_RESULT_NUMACTL
LIBVIRT_RESULT_OPENWSMAN
LIBVIRT_RESULT_PCIACCESS
Index: libvirt-1.2.0/src/Makefile.am
Index: libvirt-1.2.1/src/Makefile.am
===================================================================
--- libvirt-1.2.0.orig/src/Makefile.am
+++ libvirt-1.2.0/src/Makefile.am
@@ -781,6 +781,10 @@ if WITH_NETCF
--- libvirt-1.2.1.orig/src/Makefile.am
+++ libvirt-1.2.1/src/Makefile.am
@@ -790,6 +790,10 @@ if WITH_NETCF
INTERFACE_DRIVER_SOURCES += \
interface/interface_backend_netcf.c
endif WITH_NETCF
@ -49,7 +49,7 @@ Index: libvirt-1.2.0/src/Makefile.am
if WITH_UDEV
INTERFACE_DRIVER_SOURCES += \
interface/interface_backend_udev.c
@@ -1346,10 +1350,15 @@ if WITH_NETCF
@@ -1355,10 +1359,15 @@ if WITH_NETCF
libvirt_driver_interface_la_CFLAGS += $(NETCF_CFLAGS)
libvirt_driver_interface_la_LIBADD += $(NETCF_LIBS)
else ! WITH_NETCF
@ -65,10 +65,10 @@ Index: libvirt-1.2.0/src/Makefile.am
endif ! WITH_NETCF
if WITH_DRIVER_MODULES
libvirt_driver_interface_la_LIBADD += ../gnulib/lib/libgnu.la
Index: libvirt-1.2.0/tools/virsh.c
Index: libvirt-1.2.1/tools/virsh.c
===================================================================
--- libvirt-1.2.0.orig/tools/virsh.c
+++ libvirt-1.2.0/tools/virsh.c
--- libvirt-1.2.1.orig/tools/virsh.c
+++ libvirt-1.2.1/tools/virsh.c
@@ -3029,6 +3029,8 @@ vshShowVersion(vshControl *ctl ATTRIBUTE
vshPrint(ctl, " Interface");
# if defined(WITH_NETCF)
@ -78,10 +78,10 @@ Index: libvirt-1.2.0/tools/virsh.c
# elif defined(WITH_UDEV)
vshPrint(ctl, " udev");
# endif
Index: libvirt-1.2.0/src/interface/interface_backend_netcf.c
Index: libvirt-1.2.1/src/interface/interface_backend_netcf.c
===================================================================
--- libvirt-1.2.0.orig/src/interface/interface_backend_netcf.c
+++ libvirt-1.2.0/src/interface/interface_backend_netcf.c
--- libvirt-1.2.1.orig/src/interface/interface_backend_netcf.c
+++ libvirt-1.2.1/src/interface/interface_backend_netcf.c
@@ -23,7 +23,12 @@
#include <config.h>
@ -165,10 +165,10 @@ Index: libvirt-1.2.0/src/interface/interface_backend_netcf.c
return 0;
}
Index: libvirt-1.2.0/src/interface/interface_driver.c
Index: libvirt-1.2.1/src/interface/interface_driver.c
===================================================================
--- libvirt-1.2.0.orig/src/interface/interface_driver.c
+++ libvirt-1.2.0/src/interface/interface_driver.c
--- libvirt-1.2.1.orig/src/interface/interface_driver.c
+++ libvirt-1.2.1/src/interface/interface_driver.c
@@ -28,8 +28,15 @@ interfaceRegister(void) {
if (netcfIfaceRegister() == 0)
return 0;
@ -186,10 +186,10 @@ Index: libvirt-1.2.0/src/interface/interface_driver.c
if (udevIfaceRegister() == 0)
return 0;
#endif /* WITH_UDEV */
Index: libvirt-1.2.0/m4/virt-netcontrol.m4
Index: libvirt-1.2.1/m4/virt-netcontrol.m4
===================================================================
--- /dev/null
+++ libvirt-1.2.0/m4/virt-netcontrol.m4
+++ libvirt-1.2.1/m4/virt-netcontrol.m4
@@ -0,0 +1,35 @@
+dnl The libnetcontrol library
+dnl

View File

@ -1,3 +1,37 @@
-------------------------------------------------------------------
Wed Jan 22 10:02:06 MST 2014 - jfehlig@suse.com
- Add CAP_SYS_PACCT capability to libvirtd AppArmor profile
Modified install-apparmor-profiles.patch
bnc#817407
-------------------------------------------------------------------
Mon Jan 20 18:22:59 MST 2014 - jfehlig@suse.com
- Fix build on code 11
- Fix rpmlint warning
-------------------------------------------------------------------
Mon Jan 20 17:40:10 MST 2014 - jfehlig@suse.com
- Following the upstream pattern, introduce the
daemon-config-network subpackage to handle defining the default
network
bnc#859041
-------------------------------------------------------------------
Fri Jan 17 12:30:48 MST 2014 - jfehlig@suse.com
- Update to libvirt 1.2.1
- CVE-2014-0028, CVE-2014-1447, CVE-2013-6458, CVE-2013-6457,
CVE-2013-6436
- Many incremental improvements and bug fixes, see
http://libvirt.org/news.html
- Dropped upstream patches: 5e397d9c-test-fix-dbus-crash.patch,
78af457e-fix-virnettlscontexttest.patch,
9faf3f29-LXC-memtune.patch, f8c1cb90-CVE-2013-6436.patch,
libxl-hvm-nic.patch
-------------------------------------------------------------------
Thu Dec 26 17:01:48 MST 2013 - jfehlig@suse.com

View File

@ -1,7 +1,7 @@
#
# spec file for package libvirt
#
# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -233,7 +233,7 @@
Name: libvirt
Url: http://libvirt.org/
Version: 1.2.0
Version: 1.2.1
Release: 0
Summary: Library providing a simple virtualization API
License: LGPL-2.1+
@ -241,6 +241,9 @@ Group: Development/Libraries/C and C++
%if %{with_libvirtd}
Requires: libvirt-daemon = %{version}-%{release}
%if %{with_network}
Requires: libvirt-daemon-config-network = %{version}-%{release}
%endif
%if %{with_nwfilter}
Requires: libvirt-daemon-config-nwfilter = %{version}-%{release}
%endif
@ -418,16 +421,11 @@ Source1: libvirtd.init
Source2: libvirtd-relocation-server.fw
Source99: baselibs.conf
# Upstream patches
Patch0: f8c1cb90-CVE-2013-6436.patch
Patch1: 9faf3f29-LXC-memtune.patch
Patch2: 5e397d9c-test-fix-dbus-crash.patch
Patch3: 78af457e-fix-virnettlscontexttest.patch
# Need to go upstream
Patch100: xen-name-for-devid.patch
Patch101: ia64-clone.patch
Patch102: xen-pv-cdrom.patch
Patch103: libxl-hvm-vnc.patch
Patch104: libxl-hvm-nic.patch
# Our patches
Patch200: libvirtd-defaults.patch
Patch201: libvirtd-init-script.patch
@ -518,6 +516,17 @@ Server side daemon required to manage the virtualization capabilities
of recent versions of Linux. Requires a hypervisor specific sub-RPM
for specific drivers.
%if %{with_network}
%package daemon-config-network
Summary: Default configuration files for the libvirtd daemon
Group: Development/Libraries/C and C++
Requires: libvirt-daemon = %{version}-%{release}
%description daemon-config-network
Default configuration files for setting up NAT based networking
%endif
%if %{with_nwfilter}
%package daemon-config-nwfilter
@ -919,15 +928,10 @@ namespaces.
%prep
%setup -q
%patch0 -p1
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch100 -p1
%patch101 -p1
%patch102 -p1
%patch103 -p1
%patch104 -p1
%patch200 -p1
%patch201 -p1
%patch202 -p1
@ -1021,6 +1025,8 @@ namespaces.
%endif
%if ! %{with_apparmor}
%define _without_apparmor --without-apparmor
%else
%define _with_apparmor_profiles --with-apparmor-profiles
%endif
%if ! %{with_capng}
%define _without_capng --without-capng
@ -1125,6 +1131,7 @@ export CFLAGS="$RPM_OPT_FLAGS"
%{?_without_selinux} \
%{?_with_selinux_mount} \
%{?_without_apparmor} \
%{?_with_apparmor_profiles} \
%{?_without_udev} \
%{?_without_yajl} \
%{?_without_sanlock} \
@ -1146,7 +1153,7 @@ gzip -9 ChangeLog
%install
%makeinstall SYSTEMD_UNIT_DIR=%{_unitdir} DOCS_DIR=%{_docdir}/%{name}-python EXAMPLE_DIR=%{_docdir}/%{name}-python/examples HTML_DIR=%{_docdir}/%{name}
for i in domain-events/events-c dominfo domsuspend hellolibvirt openauth xml/nwfilter systemtap
for i in object-events dominfo domsuspend hellolibvirt openauth xml/nwfilter systemtap
do
(cd examples/$i ; make clean ; rm -rf .deps .libs Makefile Makefile.in)
done
@ -1182,6 +1189,10 @@ rm -f $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/qemu/networks/default.xml
rm -f $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/qemu/networks/autostart/default.xml
# Strip auto-generated UUID - we need it generated per-install
sed -i -e "/<uuid>/d" $RPM_BUILD_ROOT%{_datadir}/libvirt/networks/default.xml
cat > $RPM_BUILD_ROOT%{_docdir}/libvirt/libvirt-daemon-config-network.README << 'EOF'
Any empty package containing only a post install scriptlet that ensures
a default network is defined.
EOF
%else
rm -f $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/qemu/networks/default.xml
rm -f $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/qemu/networks/autostart/default.xml
@ -1298,16 +1309,6 @@ fi
%post daemon
/sbin/ldconfig
%if %{with_network}
# Install the default network if one doesn't exist
if test ! -f %{_sysconfdir}/libvirt/qemu/networks/default.xml
then
UUID=`/usr/bin/uuidgen`
sed -e "s,</name>,</name>\n <uuid>$UUID</uuid>," \
< %{_datadir}/libvirt/networks/default.xml \
> %{_sysconfdir}/libvirt/qemu/networks/default.xml
fi
%endif
%if %{with_systemd}
%service_add_post libvirtd.service
%service_add_post virtlockd.service virtlockd.socket
@ -1336,6 +1337,17 @@ fi
%restart_on_update libvirtd
%restart_on_update virtlockd
%insserv_cleanup
%if %{with_network}
%post daemon-config-network
# Install the default network if one doesn't exist
if test $1 -eq 1 && test ! -f %{_sysconfdir}/libvirt/qemu/networks/default.xml ; then
UUID=`/usr/bin/uuidgen`
sed -e "s,</name>,</name>\n <uuid>$UUID</uuid>," \
< %{_datadir}/libvirt/networks/default.xml \
> %{_sysconfdir}/libvirt/qemu/networks/default.xml
fi
%endif
%endif # with_libvirtd
%post client
@ -1421,11 +1433,11 @@ fi
%if %{with_apparmor}
%dir %{_sysconfdir}/apparmor.d
%dir %{_sysconfdir}/apparmor.d/abstractions
%dir %{_sysconfdir}/apparmor.d/libvirt
%dir %{_sysconfdir}/apparmor.d/libvirtd
%config(noreplace) %{_sysconfdir}/apparmor.d/usr.sbin.libvirtd
%config(noreplace) %{_sysconfdir}/apparmor.d/usr.lib.libvirt.virt-aa-helper
%config(noreplace) %{_sysconfdir}/apparmor.d/abstractions/libvirt-qemu
%config(noreplace) %{_sysconfdir}/apparmor.d/libvirt/TEMPLATE
%config(noreplace) %{_sysconfdir}/apparmor.d/libvirtd/TEMPLATE
%{_libdir}/%{name}/virt-aa-helper
%endif
%config %{_fwdefdir}/libvirtd-relocation-server
@ -1475,6 +1487,12 @@ fi
%endif
%endif # ! %{with_driver_modules}
%if %{with_network}
%files daemon-config-network
%defattr(-, root, root)
%doc %{_docdir}/%{name}/libvirt-daemon-config-network.README
%endif
%if %{with_nwfilter}
%files daemon-config-nwfilter

View File

@ -1,7 +1,7 @@
Index: libvirt-1.2.0/daemon/libvirtd.conf
Index: libvirt-1.2.1/daemon/libvirtd.conf
===================================================================
--- libvirt-1.2.0.orig/daemon/libvirtd.conf
+++ libvirt-1.2.0/daemon/libvirtd.conf
--- libvirt-1.2.1.orig/daemon/libvirtd.conf
+++ libvirt-1.2.1/daemon/libvirtd.conf
@@ -18,8 +18,8 @@
# It is necessary to setup a CA and issue server certificates before
# using this capability.
@ -13,10 +13,10 @@ Index: libvirt-1.2.0/daemon/libvirtd.conf
# Listen for unencrypted TCP connections on the public TCP/IP port.
# NB, must pass the --listen flag to the libvirtd process for this to
Index: libvirt-1.2.0/daemon/libvirtd-config.c
Index: libvirt-1.2.1/daemon/libvirtd-config.c
===================================================================
--- libvirt-1.2.0.orig/daemon/libvirtd-config.c
+++ libvirt-1.2.0/daemon/libvirtd-config.c
--- libvirt-1.2.1.orig/daemon/libvirtd-config.c
+++ libvirt-1.2.1/daemon/libvirtd-config.c
@@ -222,7 +222,7 @@ daemonConfigNew(bool privileged ATTRIBUT
if (VIR_ALLOC(data) < 0)
return NULL;

View File

@ -1,9 +1,9 @@
Adjust libvirtd sysconfig file to conform to SUSE standards
Index: libvirt-1.2.0/daemon/libvirtd.sysconf
Index: libvirt-1.2.1/daemon/libvirtd.sysconf
===================================================================
--- libvirt-1.2.0.orig/daemon/libvirtd.sysconf
+++ libvirt-1.2.0/daemon/libvirtd.sysconf
--- libvirt-1.2.1.orig/daemon/libvirtd.sysconf
+++ libvirt-1.2.1/daemon/libvirtd.sysconf
@@ -1,16 +1,25 @@
+## Path: System/Virtualization/libvirt
+

View File

@ -1,22 +0,0 @@
Index: libvirt-1.2.0/src/libxl/libxl_conf.c
===================================================================
--- libvirt-1.2.0.orig/src/libxl/libxl_conf.c
+++ libvirt-1.2.0/src/libxl/libxl_conf.c
@@ -886,8 +886,6 @@ libxlMakeNic(virDomainNetDefPtr l_nic, l
* x_nics[i].mtu = 1492;
*/
- libxl_device_nic_init(x_nic);
-
virMacAddrGetRaw(&l_nic->mac, x_nic->mac);
if (l_nic->model && !STREQ(l_nic->model, "netfront")) {
@@ -932,6 +930,8 @@ libxlMakeNicList(virDomainDefPtr def, l
return -1;
for (i = 0; i < nnics; i++) {
+ libxl_device_nic_init(&x_nics[i]);
+ x_nics[i].devid = i;
if (libxlMakeNic(l_nics[i], &x_nics[i]))
goto error;
}

View File

@ -1,7 +1,7 @@
Index: libvirt-1.2.0/src/libxl/libxl_conf.c
Index: libvirt-1.2.1/src/libxl/libxl_conf.c
===================================================================
--- libvirt-1.2.0.orig/src/libxl/libxl_conf.c
+++ libvirt-1.2.0/src/libxl/libxl_conf.c
--- libvirt-1.2.1.orig/src/libxl/libxl_conf.c
+++ libvirt-1.2.1/src/libxl/libxl_conf.c
@@ -561,6 +561,30 @@ libxlMakeChrdevStr(virDomainChrDefPtr de
}
@ -33,7 +33,7 @@ Index: libvirt-1.2.0/src/libxl/libxl_conf.c
libxlMakeDomBuildInfo(virDomainObjPtr vm, libxl_domain_config *d_config)
{
virDomainDefPtr def = vm->def;
@@ -1174,6 +1198,9 @@ libxlBuildDomainConfig(libxlDriverPrivat
@@ -1189,6 +1213,9 @@ libxlBuildDomainConfig(libxlDriverPrivat
if (libxlMakeVfbList(driver, def, d_config) < 0)
return -1;

View File

@ -8,10 +8,10 @@ Subject: [PATCH] support managed pci devices in xen driver
src/xenxs/xen_xm.c | 28 +++++++++++++++++++++++++++-
2 files changed, 35 insertions(+), 15 deletions(-)
Index: libvirt-1.2.0/src/xenxs/xen_sxpr.c
Index: libvirt-1.2.1/src/xenxs/xen_sxpr.c
===================================================================
--- libvirt-1.2.0.orig/src/xenxs/xen_sxpr.c
+++ libvirt-1.2.0/src/xenxs/xen_sxpr.c
--- libvirt-1.2.1.orig/src/xenxs/xen_sxpr.c
+++ libvirt-1.2.1/src/xenxs/xen_sxpr.c
@@ -996,6 +996,7 @@ xenParseSxprPCI(virDomainDefPtr def,
int busID;
int slotID;
@ -78,10 +78,10 @@ Index: libvirt-1.2.0/src/xenxs/xen_sxpr.c
xenFormatSxprPCI(def->hostdevs[i], buf);
}
}
Index: libvirt-1.2.0/src/xenxs/xen_xm.c
Index: libvirt-1.2.1/src/xenxs/xen_xm.c
===================================================================
--- libvirt-1.2.0.orig/src/xenxs/xen_xm.c
+++ libvirt-1.2.0/src/xenxs/xen_xm.c
--- libvirt-1.2.1.orig/src/xenxs/xen_xm.c
+++ libvirt-1.2.1/src/xenxs/xen_xm.c
@@ -802,6 +802,8 @@ xenParseXM(virConfPtr conf, int xendConf
int busID;
int slotID;

View File

@ -1,7 +1,7 @@
Index: libvirt-1.2.0/src/qemu/qemu.conf
Index: libvirt-1.2.1/src/qemu/qemu.conf
===================================================================
--- libvirt-1.2.0.orig/src/qemu/qemu.conf
+++ libvirt-1.2.0/src/qemu/qemu.conf
--- libvirt-1.2.1.orig/src/qemu/qemu.conf
+++ libvirt-1.2.1/src/qemu/qemu.conf
@@ -200,7 +200,16 @@
# a special value; security_driver can be set to that value in
# isolation, but it cannot appear in a list of drivers.

View File

@ -1,13 +1,13 @@
Index: libvirt-1.2.0/daemon/libvirtd.service.in
Index: libvirt-1.2.1/daemon/libvirtd.service.in
===================================================================
--- libvirt-1.2.0.orig/daemon/libvirtd.service.in
+++ libvirt-1.2.0/daemon/libvirtd.service.in
--- libvirt-1.2.1.orig/daemon/libvirtd.service.in
+++ libvirt-1.2.1/daemon/libvirtd.service.in
@@ -9,6 +9,8 @@ Before=libvirt-guests.service
After=network.target
After=dbus.service
After=iscsid.service
+Wants=xencommons.service
+After=xencommons.service
Documentation=man:libvirtd(8)
Documentation=http://libvirt.org
[Service]
EnvironmentFile=-/etc/sysconfig/libvirtd

View File

@ -1,9 +1,9 @@
Adjust virtlockd init files to conform to SUSE standards
Index: libvirt-1.2.0/src/locking/virtlockd.sysconf
Index: libvirt-1.2.1/src/locking/virtlockd.sysconf
===================================================================
--- libvirt-1.2.0.orig/src/locking/virtlockd.sysconf
+++ libvirt-1.2.0/src/locking/virtlockd.sysconf
--- libvirt-1.2.1.orig/src/locking/virtlockd.sysconf
+++ libvirt-1.2.1/src/locking/virtlockd.sysconf
@@ -1,3 +1,7 @@
+## Path: System/Virtualization/virtlockd
+
@ -12,20 +12,22 @@ Index: libvirt-1.2.0/src/locking/virtlockd.sysconf
#
# Pass extra arguments to virtlockd
#VIRTLOCKD_ARGS=
Index: libvirt-1.2.0/src/locking/virtlockd.init.in
Index: libvirt-1.2.1/src/locking/virtlockd.init.in
===================================================================
--- libvirt-1.2.0.orig/src/locking/virtlockd.init.in
+++ libvirt-1.2.0/src/locking/virtlockd.init.in
@@ -4,11 +4,13 @@
--- libvirt-1.2.1.orig/src/locking/virtlockd.init.in
+++ libvirt-1.2.1/src/locking/virtlockd.init.in
@@ -4,12 +4,14 @@
# http://www.linux-foundation.org/spec//booksets/LSB-Core-generic/LSB-Core-generic.html#INITSCRCOMCONV
#
### BEGIN INIT INFO
-# Provides: virtlockd
-# Default-Start: 3 4 5
-# Default-Start:
-# Default-Stop: 0 1 2 3 4 5 6
+# Provides: virtlockd
+# Required-Start: $network $remote_fs
+# Default-Start: 3 4 5
+# Default-Start: 3 5
+# Required-Stop: $network $remote_fs
+# Default-Stop: 0 1 2 4 6
# Short-Description: virtual machine lock manager
-# Description: This is a daemon for managing locks
-# on virtual machine disk images
@ -34,8 +36,8 @@ Index: libvirt-1.2.0/src/locking/virtlockd.init.in
### END INIT INFO
# the following is chkconfig init header
@@ -23,35 +25,33 @@
# pidfile: @localstatedir@/run/libvirt/virtlockd.pid
@@ -24,35 +26,33 @@
# pidfile: @localstatedir@/run/virtlockd.pid
#
-# Source function library.
@ -45,7 +47,7 @@ Index: libvirt-1.2.0/src/locking/virtlockd.init.in
SERVICE=virtlockd
-PROCESS=virtlockd
-PIDFILE=@localstatedir@/run/libvirt/lockd/$SERVICE.pid
-PIDFILE=@localstatedir@/run/$SERVICE.pid
+PROCESS=@sbindir@/virtlockd
+PIDDIR=@localstatedir@/run/libvirt/lockd/
+PIDFILE=$PIDDIR/$SERVICE.pid
@ -82,10 +84,10 @@ Index: libvirt-1.2.0/src/locking/virtlockd.init.in
rm -f $PIDFILE
fi
}
@@ -65,9 +65,7 @@ reload() {
@@ -66,9 +66,7 @@ reload() {
echo -n $"Reloading $SERVICE configuration: "
killproc -p $PIDFILE $PROCESS -HUP
killproc -p $PIDFILE $PROCESS -USR1
- RETVAL=$?
- echo
- return $RETVAL
@ -93,7 +95,7 @@ Index: libvirt-1.2.0/src/locking/virtlockd.init.in
}
# See how we were called.
@@ -76,18 +74,20 @@ case "$1" in
@@ -77,18 +75,20 @@ case "$1" in
$1
;;
status)

View File

@ -14,10 +14,10 @@
is inactive. We obviously can't search xenstore when the domain is
inactive.
Index: libvirt-1.2.0/src/xen/xend_internal.c
Index: libvirt-1.2.1/src/xen/xend_internal.c
===================================================================
--- libvirt-1.2.0.orig/src/xen/xend_internal.c
+++ libvirt-1.2.0/src/xen/xend_internal.c
--- libvirt-1.2.1.orig/src/xen/xend_internal.c
+++ libvirt-1.2.1/src/xen/xend_internal.c
@@ -70,7 +70,7 @@
#define XEND_RCV_BUF_MAX_LEN (256 * 1024)
@ -27,7 +27,7 @@ Index: libvirt-1.2.0/src/xen/xend_internal.c
virDomainDeviceDefPtr dev, char *class,
char *ref, int ref_len);
@@ -3316,18 +3316,18 @@ xenDaemonDomainBlockPeek(virConnectPtr c
@@ -3325,18 +3325,18 @@ xenDaemonDomainBlockPeek(virConnectPtr c
* Returns 0 in case of success, -1 in case of failure.
*/
static int
@ -50,7 +50,7 @@ Index: libvirt-1.2.0/src/xen/xend_internal.c
if (dev->data.disk->driverName &&
STREQ(dev->data.disk->driverName, "tap"))
strcpy(class, "tap");
@@ -3337,19 +3337,17 @@ virDomainXMLDevID(virConnectPtr conn,
@@ -3346,19 +3346,17 @@ virDomainXMLDevID(virConnectPtr conn,
else
strcpy(class, "vbd");
@ -81,7 +81,7 @@ Index: libvirt-1.2.0/src/xen/xend_internal.c
} else if (dev->type == VIR_DOMAIN_DEVICE_NET) {
char mac[VIR_MAC_STRING_BUFLEN];
virDomainNetDefPtr netdef = dev->data.net;
@@ -3357,16 +3355,22 @@ virDomainXMLDevID(virConnectPtr conn,
@@ -3366,16 +3364,22 @@ virDomainXMLDevID(virConnectPtr conn,
strcpy(class, "vif");
@ -114,7 +114,7 @@ Index: libvirt-1.2.0/src/xen/xend_internal.c
} else if (dev->type == VIR_DOMAIN_DEVICE_HOSTDEV &&
dev->data.hostdev->mode == VIR_DOMAIN_HOSTDEV_MODE_SUBSYS &&
dev->data.hostdev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI) {
@@ -3382,17 +3386,44 @@ virDomainXMLDevID(virConnectPtr conn,
@@ -3391,17 +3395,44 @@ virDomainXMLDevID(virConnectPtr conn,
strcpy(class, "pci");

View File

@ -1,7 +1,7 @@
Index: libvirt-1.2.0/src/xenxs/xen_sxpr.c
Index: libvirt-1.2.1/src/xenxs/xen_sxpr.c
===================================================================
--- libvirt-1.2.0.orig/src/xenxs/xen_sxpr.c
+++ libvirt-1.2.0/src/xenxs/xen_sxpr.c
--- libvirt-1.2.1.orig/src/xenxs/xen_sxpr.c
+++ libvirt-1.2.1/src/xenxs/xen_sxpr.c
@@ -330,7 +330,7 @@ error:
static int
xenParseSxprDisks(virDomainDefPtr def,