Accepting request 295136 from home:cbosdonnat:branches:Virtualization

- boo#926153: make sure /var/run/libvirt/lxc folder exists when starting the driver. da33a1ac-lxc-init-statedir.patch - Fix lxc-enter-namespace for 3.19+ kernels. open-ns-files-readonly.patch OBS-URL: https://build.opensuse.org/request/show/295136 OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=451
2015-04-09 10:08:11 +00:00 · 2015-04-09 10:08:11 +00:00 · 5d8a863e03
commit 5d8a863e03
parent 563e94d4f8
4 changed files with 81 additions and 1 deletions
--- a/da33a1ac-lxc-init-statedir.patch
+++ b/da33a1ac-lxc-init-statedir.patch
@ -0,0 +1,38 @@
+From da33a1ac1f6c0ae2ebe72bc385bbc7c407026956 Mon Sep 17 00:00:00 2001
+From: Lubomir Rintel <lkundrak@v3.sk>
+Date: Wed, 8 Apr 2015 19:16:52 +0200
+Subject: [PATCH] lxc: create the required directories upon driver start
+
+/var/run may reside on a tmpfs and we fail to create the PID file if
+/var/run/lxc does not exist.
+
+Since commit 0a8addc1, the lxc driver's state directory isn't
+automatically created before starting a domain. Now, the lxc driver
+makes sure the state directory exists when it initializes.
+
+Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
+---
+ src/lxc/lxc_driver.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
+index 245000d..8dfa686 100644
+--- a/src/lxc/lxc_driver.c
+++ b/src/lxc/lxc_driver.c
+@@ -1648,6 +1648,13 @@ static int lxcStateInitialize(bool privileged,
+     if (!(caps = virLXCDriverGetCapabilities(lxc_driver, false)))
+         goto cleanup;
+ 
+    if (virFileMakePath(cfg->stateDir) < 0) {
+        virReportSystemError(errno,
+                             _("Failed to mkdir %s"),
+                             cfg->stateDir);
+        goto cleanup;
+    }
+
+     /* Get all the running persistent or transient configs first */
+     if (virDomainObjListLoadAllConfigs(lxc_driver->domains,
+                                        cfg->stateDir,
+-- 
+2.1.4
+
--- a/libvirt.changes
+++ b/libvirt.changes
@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Thu Apr  9 09:35:26 UTC 2015 - cbosdonnat@suse.com
+
+- boo#926153: make sure /var/run/libvirt/lxc folder exists when
+  starting the driver. da33a1ac-lxc-init-statedir.patch
+- Fix lxc-enter-namespace for 3.19+ kernels.
+  open-ns-files-readonly.patch
+
+
 -------------------------------------------------------------------
 Thu Apr  2 08:38:03 MDT 2015 - jfehlig@suse.com

--- a/libvirt.spec
+++ b/libvirt.spec
@ -1,7 +1,7 @@
 #
 # spec file for package libvirt
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -449,7 +449,9 @@ Source4:        libvirtd-relocation-server.fw
 Source5:        polkit-10-virt.rules
 Source99:       baselibs.conf
 # Upstream patches
+Patch0:         da33a1ac-lxc-init-statedir.patch
 # Patches pending upstream review
+Patch100:       open-ns-files-readonly.patch
 # Need to go upstream
 Patch150:       xen-pv-cdrom.patch
 Patch151:       blockcopy-check-dst-identical-device.patch
@ -978,6 +980,8 @@ Provides a dissector for the libvirt RPC protocol to help debugging it.

 %prep
 %setup -q
+%patch0 -p1
+%patch100 -p1
 %patch150 -p1
 %patch151 -p1
 %patch152 -p1
--- a/open-ns-files-readonly.patch
+++ b/open-ns-files-readonly.patch
@ -0,0 +1,29 @@
+From cc21badc5c30ddeeb89abfa9ecdfbacd512f33c2 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <cbosdonnat@suse.com>
+Date: Thu, 9 Apr 2015 09:22:43 +0200
+Subject: [PATCH] Open /proc/PID/ns/* read-only to avoid getting permission
+ denied
+
+lxc-enter-namespace stopped working on recent kernels (at least 3.19+)
+due to /proc/PID/ns/* file descriptors being opened RW. From outside
+the namespace these can only be opened RO.
+---
+ src/util/virprocess.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/util/virprocess.c b/src/util/virprocess.c
+index ab1e039..7a79970 100644
+--- a/src/util/virprocess.c
+++ b/src/util/virprocess.c
+@@ -628,7 +628,7 @@ int virProcessGetNamespaces(pid_t pid,
+                         ns[i]) < 0)
+             goto cleanup;
+ 
+-        if ((fd = open(nsfile, O_RDWR)) >= 0) {
+        if ((fd = open(nsfile, O_RDONLY)) >= 0) {
+             if (VIR_EXPAND_N(*fdlist, *nfdlist, 1) < 0) {
+                 VIR_FORCE_CLOSE(fd);
+                 goto cleanup;
+-- 
+2.1.4
+