Accepting request 540061 from Virtualization
OBS-URL: https://build.opensuse.org/request/show/540061 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvirt?expand=0&rev=239
This commit is contained in:
commit
c916283269
@ -1,67 +0,0 @@
|
||||
commit 441d3eb6d1be940a67ce45a286602a967601b157
|
||||
Author: Daniel P. Berrange <berrange@redhat.com>
|
||||
Date: Thu Oct 5 17:54:28 2017 +0100
|
||||
|
||||
qemu: ensure TLS clients always verify the server certificate
|
||||
|
||||
The default_tls_x509_verify (and related) parameters in qemu.conf
|
||||
control whether the QEMU TLS servers request & verify certificates
|
||||
from clients. This works as a simple access control system for
|
||||
servers by requiring the CA to issue certs to permitted clients.
|
||||
This use of client certificates is disabled by default, since it
|
||||
requires extra work to issue client certificates.
|
||||
|
||||
Unfortunately the code was using this configuration parameter when
|
||||
setting up both TLS clients and servers in QEMU. The result was that
|
||||
TLS clients for character devices and disk devices had verification
|
||||
turned off, meaning they would ignore errors while validating the
|
||||
server certificate.
|
||||
|
||||
This allows for trivial MITM attacks between client and server,
|
||||
as any certificate returned by the attacker will be accepted by
|
||||
the client.
|
||||
|
||||
This is assigned CVE-2017-1000256 / LSN-2017-0002
|
||||
|
||||
Reviewed-by: Eric Blake <eblake@redhat.com>
|
||||
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
|
||||
|
||||
Index: libvirt-3.8.0/src/qemu/qemu_command.c
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/qemu/qemu_command.c
|
||||
+++ libvirt-3.8.0/src/qemu/qemu_command.c
|
||||
@@ -721,7 +721,7 @@ qemuBuildTLSx509BackendProps(const char
|
||||
if (virJSONValueObjectCreate(propsret,
|
||||
"s:dir", path,
|
||||
"s:endpoint", (isListen ? "server": "client"),
|
||||
- "b:verify-peer", verifypeer,
|
||||
+ "b:verify-peer", (isListen ? verifypeer : true),
|
||||
NULL) < 0)
|
||||
goto cleanup;
|
||||
|
||||
Index: libvirt-3.8.0/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev.args
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev.args
|
||||
+++ libvirt-3.8.0/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev.args
|
||||
@@ -26,7 +26,7 @@ server,nowait \
|
||||
localport=1111 \
|
||||
-device isa-serial,chardev=charserial0,id=serial0 \
|
||||
-object tls-creds-x509,id=objcharserial1_tls0,dir=/etc/pki/libvirt-chardev,\
|
||||
-endpoint=client,verify-peer=no \
|
||||
+endpoint=client,verify-peer=yes \
|
||||
-chardev socket,id=charserial1,host=127.0.0.1,port=5555,\
|
||||
tls-creds=objcharserial1_tls0 \
|
||||
-device isa-serial,chardev=charserial1,id=serial1 \
|
||||
Index: libvirt-3.8.0/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-secret-chardev.args
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-secret-chardev.args
|
||||
+++ libvirt-3.8.0/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-secret-chardev.args
|
||||
@@ -31,7 +31,7 @@ localport=1111 \
|
||||
data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
|
||||
keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
|
||||
-object tls-creds-x509,id=objcharserial1_tls0,dir=/etc/pki/libvirt-chardev,\
|
||||
-endpoint=client,verify-peer=no,passwordid=charserial1-secret0 \
|
||||
+endpoint=client,verify-peer=yes,passwordid=charserial1-secret0 \
|
||||
-chardev socket,id=charserial1,host=127.0.0.1,port=5555,\
|
||||
tls-creds=objcharserial1_tls0 \
|
||||
-device isa-serial,chardev=charserial1,id=serial1 \
|
35
apparmor-fine-grained-mount-rules.patch
Normal file
35
apparmor-fine-grained-mount-rules.patch
Normal file
@ -0,0 +1,35 @@
|
||||
commit 97853972e6e5a92b56e1ec0841aa27043ac1301b
|
||||
Author: intrigeri <intrigeri+libvirt@boum.org>
|
||||
Date: Sun Nov 5 15:29:58 2017 +0000
|
||||
|
||||
AppArmor: use fine-grained mount rules instead of a blanket catch-all one
|
||||
|
||||
This set of rules was proposed by Christian Boltz <apparmor@cboltz.de>
|
||||
on https://bugzilla.opensuse.org/show_bug.cgi?id=1065123.
|
||||
|
||||
Index: libvirt-3.9.0/examples/apparmor/usr.sbin.libvirtd
|
||||
===================================================================
|
||||
--- libvirt-3.9.0.orig/examples/apparmor/usr.sbin.libvirtd
|
||||
+++ libvirt-3.9.0/examples/apparmor/usr.sbin.libvirtd
|
||||
@@ -30,7 +30,20 @@
|
||||
# Needed for vfio
|
||||
capability sys_resource,
|
||||
|
||||
- mount,
|
||||
+ mount options=(rw,rslave) -> /,
|
||||
+ mount options=(rw, nosuid) -> /{var/,}run/libvirt/qemu/*.dev/,
|
||||
+
|
||||
+ mount options=(rw, move) /dev/ -> /{var/,}run/libvirt/qemu/*.dev/,
|
||||
+ mount options=(rw, move) /dev/hugepages/ -> /{var/,}run/libvirt/qemu/*.hugepages/,
|
||||
+ mount options=(rw, move) /dev/mqueue/ -> /{var/,}run/libvirt/qemu/*.mqueue/,
|
||||
+ mount options=(rw, move) /dev/pts/ -> /{var/,}run/libvirt/qemu/*.pts/,
|
||||
+ mount options=(rw, move) /dev/shm/ -> /{var/,}run/libvirt/qemu/*.shm/,
|
||||
+
|
||||
+ mount options=(rw, move) /{var/,}run/libvirt/qemu/*.dev/ -> /dev/,
|
||||
+ mount options=(rw, move) /{var/,}run/libvirt/qemu/*.hugepages/ -> /dev/hugepages/,
|
||||
+ mount options=(rw, move) /{var/,}run/libvirt/qemu/*.mqueue/ -> /dev/mqueue/,
|
||||
+ mount options=(rw, move) /{var/,}run/libvirt/qemu/*.pts/ -> /dev/pts/,
|
||||
+ mount options=(rw, move) /{var/,}run/libvirt/qemu/*.shm/ -> /dev/shm/,
|
||||
|
||||
network inet stream,
|
||||
network inet dgram,
|
@ -1,7 +1,7 @@
|
||||
Index: libvirt-3.8.0/examples/apparmor/libvirt-lxc
|
||||
Index: libvirt-3.9.0/examples/apparmor/libvirt-lxc
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/examples/apparmor/libvirt-lxc
|
||||
+++ libvirt-3.8.0/examples/apparmor/libvirt-lxc
|
||||
--- libvirt-3.9.0.orig/examples/apparmor/libvirt-lxc
|
||||
+++ libvirt-3.9.0/examples/apparmor/libvirt-lxc
|
||||
@@ -2,39 +2,15 @@
|
||||
|
||||
#include <abstractions/base>
|
||||
|
49
apparmor-rules-for-new-mediation-features.patch
Normal file
49
apparmor-rules-for-new-mediation-features.patch
Normal file
@ -0,0 +1,49 @@
|
||||
commit 141103378a74c68cbd775a306cdfd641119debbd
|
||||
Author: intrigeri <intrigeri+libvirt@boum.org>
|
||||
Date: Sun Nov 5 15:29:57 2017 +0000
|
||||
|
||||
AppArmor: add rules needed with additional mediation features brought by Linux 4.14.
|
||||
|
||||
Index: libvirt-3.9.0/examples/apparmor/libvirt-qemu
|
||||
===================================================================
|
||||
--- libvirt-3.9.0.orig/examples/apparmor/libvirt-qemu
|
||||
+++ libvirt-3.9.0/examples/apparmor/libvirt-qemu
|
||||
@@ -16,6 +16,10 @@
|
||||
network inet stream,
|
||||
network inet6 stream,
|
||||
|
||||
+ ptrace (readby, tracedby) peer=/usr/sbin/libvirtd,
|
||||
+
|
||||
+ signal (receive) peer=/usr/sbin/libvirtd,
|
||||
+
|
||||
/dev/net/tun rw,
|
||||
/dev/kvm rw,
|
||||
/dev/ptmx rw,
|
||||
Index: libvirt-3.9.0/examples/apparmor/usr.sbin.libvirtd
|
||||
===================================================================
|
||||
--- libvirt-3.9.0.orig/examples/apparmor/usr.sbin.libvirtd
|
||||
+++ libvirt-3.9.0/examples/apparmor/usr.sbin.libvirtd
|
||||
@@ -30,10 +30,13 @@
|
||||
# Needed for vfio
|
||||
capability sys_resource,
|
||||
|
||||
+ mount,
|
||||
+
|
||||
network inet stream,
|
||||
network inet dgram,
|
||||
network inet6 stream,
|
||||
network inet6 dgram,
|
||||
+ network netlink raw,
|
||||
network packet dgram,
|
||||
network packet raw,
|
||||
|
||||
@@ -42,6 +45,9 @@
|
||||
ptrace (trace) peer=/usr/sbin/dnsmasq,
|
||||
ptrace (trace) peer=libvirt-*,
|
||||
|
||||
+ signal (send) peer=/usr/sbin/dnsmasq,
|
||||
+ signal (read, send) peer=libvirt-*,
|
||||
+
|
||||
# Very lenient profile for libvirtd since we want to first focus on confining
|
||||
# the guests. Guests will have a very restricted profile.
|
||||
/ r,
|
@ -11,11 +11,11 @@ Signed-off-by: Chunyan Liu <cyliu@suse.com>
|
||||
src/qemu/qemu_driver.c | 7 +++++++
|
||||
1 file changed, 7 insertions(+)
|
||||
|
||||
Index: libvirt-3.8.0/src/qemu/qemu_driver.c
|
||||
Index: libvirt-3.9.0/src/qemu/qemu_driver.c
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/qemu/qemu_driver.c
|
||||
+++ libvirt-3.8.0/src/qemu/qemu_driver.c
|
||||
@@ -17046,6 +17046,14 @@ qemuDomainBlockCopyCommon(virDomainObjPt
|
||||
--- libvirt-3.9.0.orig/src/qemu/qemu_driver.c
|
||||
+++ libvirt-3.9.0/src/qemu/qemu_driver.c
|
||||
@@ -17112,6 +17112,14 @@ qemuDomainBlockCopyCommon(virDomainObjPt
|
||||
goto endjob;
|
||||
}
|
||||
|
||||
|
@ -1,60 +0,0 @@
|
||||
commit c44b29aacb6a3f445ab06d61899a0308b9d6d0d3
|
||||
Author: Jim Fehlig <jfehlig@suse.com>
|
||||
Date: Fri Oct 6 14:20:36 2017 -0600
|
||||
|
||||
apparmor: add dnsmasq ptrace rule to libvirtd profile
|
||||
|
||||
Commit b482925c added ptrace rule for the apparmor profiles,
|
||||
but one was missed in the libvirtd profile for dnsmasq. It was
|
||||
overlooked since the test machine did not have an active libvirt
|
||||
network requiring dnsmasq that was also set to autostart. With
|
||||
one active and set to autostart, the following denial is observed
|
||||
in audit.log when restarting libvirtd
|
||||
|
||||
type=AVC msg=audit(1507320136.306:298): apparmor="DENIED" \
|
||||
operation="ptrace" profile="/usr/sbin/libvirtd" pid=5472 \
|
||||
comm="libvirtd" requested_mask="trace" denied_mask="trace" \
|
||||
peer="/usr/sbin/dnsmasq"
|
||||
|
||||
With an active network, I suspect a libvirtd restart causes access
|
||||
to /proc/<dnsmasq-pid>/*, hence the resulting denial. As a nasty
|
||||
side affect of the denial, libvirtd thinks it needs to spawn a
|
||||
dnsmasq process even though one is already running for the network.
|
||||
E.g. after two libvirtd restarts
|
||||
|
||||
dnsmasq 1683 0.0 0.0 51188 2612 ? S 12:03 0:00 \
|
||||
/usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf \
|
||||
--leasefile-ro --dhcp-script=/usr/lib64/libvirt/libvirt_leaseshelper
|
||||
root 1684 0.0 0.0 51160 576 ? S 12:03 0:00 \
|
||||
/usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf \
|
||||
--leasefile-ro --dhcp-script=/usr/lib64/libvirt/libvirt_leaseshelper
|
||||
dnsmasq 4706 0.0 0.0 51188 2572 ? S 13:54 0:00 \
|
||||
/usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf \
|
||||
--leasefile-ro --dhcp-script=/usr/lib64/libvirt/libvirt_leaseshelper
|
||||
root 4707 0.0 0.0 51160 572 ? S 13:54 0:00 \
|
||||
/usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf \
|
||||
--leasefile-ro --dhcp-script=/usr/lib64/libvirt/libvirt_leaseshelper
|
||||
dnsmasq 4791 0.0 0.0 51188 2580 ? S 13:56 0:00 \
|
||||
/usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf \
|
||||
--leasefile-ro --dhcp-script=/usr/lib64/libvirt/libvirt_leaseshelper
|
||||
root 4792 0.0 0.0 51160 572 ? S 13:56 0:00 \
|
||||
/usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf \
|
||||
--leasefile-ro --dhcp-script=/usr/lib64/libvirt/libvirt_leaseshelper
|
||||
|
||||
A simple fix is to add a ptrace rule for dnsmasq.
|
||||
|
||||
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
|
||||
Reviewed-By: Guido Günther <agx@sigxcpu.org>
|
||||
|
||||
Index: libvirt-3.8.0/examples/apparmor/usr.sbin.libvirtd
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/examples/apparmor/usr.sbin.libvirtd
|
||||
+++ libvirt-3.8.0/examples/apparmor/usr.sbin.libvirtd
|
||||
@@ -39,6 +39,7 @@
|
||||
|
||||
ptrace (trace) peer=unconfined,
|
||||
ptrace (trace) peer=/usr/sbin/libvirtd,
|
||||
+ ptrace (trace) peer=/usr/sbin/dnsmasq,
|
||||
ptrace (trace) peer=libvirt-*,
|
||||
|
||||
# Very lenient profile for libvirtd since we want to first focus on confining
|
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:73eba834089ed0ce74e3183a7f12cf0c6f7de08e9a700b5456c62fb124f903f9
|
||||
size 14868712
|
@ -1,10 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQEcBAABAgAGBQJZ1JrdAAoJEBVYiyZZa+pdmBcIAMQQTuvHXX0T4A5CJrgyj4c+
|
||||
iiYyOubSk5v4QGrbIcVtEt4TF1CyYTB65EM5ZCuB47KeiVzbkSl+6a3AQshWmn2V
|
||||
7rLjXwJpM64xNc+ErEN+JrXD2ADA0lSZ50J4Eq7bE5GLxVSOuRn4QicAs5kG7bSn
|
||||
h+AE3iRg45ImmE7wLC9Blu0ecQrR5yi4ensdYegLzbAumhZqrlDhWGZ9KfS7UDlE
|
||||
ZN+PQipLhzv9fbRaZzRFbn194SBZQbMEcwkdrgLiXZ91U7/KjvcnnFPrVNh/xe6x
|
||||
P/07JdTRBh/mwSFjEtGaYDBU9+sy8My1lRZL16YRqRIYX3OIuuXZyMiJj8+oGgE=
|
||||
=2t5y
|
||||
-----END PGP SIGNATURE-----
|
3
libvirt-3.9.0.tar.xz
Normal file
3
libvirt-3.9.0.tar.xz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:89fc63213291d329d537ea96e363fd609160da080322973bd1126d431ff63424
|
||||
size 15010344
|
10
libvirt-3.9.0.tar.xz.asc
Normal file
10
libvirt-3.9.0.tar.xz.asc
Normal file
@ -0,0 +1,10 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQEcBAABAgAGBQJZ+1FGAAoJEBVYiyZZa+pdIt0H/j6P8c3DObAleafFE9BOev03
|
||||
24GQzGP8/Fh5Yr8mRPITg1nhFQ7MQdznDh80zhhExC8iBIG8/Ne4yuM27R+yVEZ7
|
||||
YEyxOCe0lwyGkzWe7jaRwBnr4iweYRI2wY+i49TJUxSGOD12j7eCAiv/OdsGCVVg
|
||||
+FlfxqXNMy6c49i49NNoECS/rP8q854hEjT0WjFFtnYSs32AtfN31vKbLBbuMCQz
|
||||
uaXYTtmtCbe+ugNkzkhfUZlJ8sn2LdJo4NrjRS0VVlooDM/QDaWKpnj+uf0GrZtr
|
||||
oO872FrdsVRqw19HTJyu+SL6xbZoMGXGfqVfWCIuk5bRbVVPHfhbUPkySSbY5oA=
|
||||
=1FsG
|
||||
-----END PGP SIGNATURE-----
|
@ -2,10 +2,10 @@ Add POWER8 v2.0 and v2.1 to cpu map XML
|
||||
|
||||
From: <ro@suse.de>
|
||||
|
||||
Index: libvirt-3.8.0/src/cpu/cpu_map.xml
|
||||
Index: libvirt-3.9.0/src/cpu/cpu_map.xml
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/cpu/cpu_map.xml
|
||||
+++ libvirt-3.8.0/src/cpu/cpu_map.xml
|
||||
--- libvirt-3.9.0.orig/src/cpu/cpu_map.xml
|
||||
+++ libvirt-3.9.0/src/cpu/cpu_map.xml
|
||||
@@ -1724,6 +1724,8 @@
|
||||
<pvr value='0x004b0000' mask='0xffff0000'/>
|
||||
<pvr value='0x004c0000' mask='0xffff0000'/>
|
||||
|
@ -1,7 +1,7 @@
|
||||
Index: libvirt-3.8.0/configure.ac
|
||||
Index: libvirt-3.9.0/configure.ac
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/configure.ac
|
||||
+++ libvirt-3.8.0/configure.ac
|
||||
--- libvirt-3.9.0.orig/configure.ac
|
||||
+++ libvirt-3.9.0/configure.ac
|
||||
@@ -256,6 +256,7 @@ LIBVIRT_ARG_LIBSSH
|
||||
LIBVIRT_ARG_LIBXML
|
||||
LIBVIRT_ARG_MACVTAP
|
||||
@ -26,10 +26,10 @@ Index: libvirt-3.8.0/configure.ac
|
||||
LIBVIRT_RESULT_NSS
|
||||
LIBVIRT_RESULT_NUMACTL
|
||||
LIBVIRT_RESULT_OPENWSMAN
|
||||
Index: libvirt-3.8.0/src/Makefile.am
|
||||
Index: libvirt-3.9.0/src/Makefile.am
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/Makefile.am
|
||||
+++ libvirt-3.8.0/src/Makefile.am
|
||||
--- libvirt-3.9.0.orig/src/Makefile.am
|
||||
+++ libvirt-3.9.0/src/Makefile.am
|
||||
@@ -1037,6 +1037,10 @@ if WITH_NETCF
|
||||
INTERFACE_DRIVER_SOURCES += \
|
||||
interface/interface_backend_netcf.c
|
||||
@ -41,7 +41,7 @@ Index: libvirt-3.8.0/src/Makefile.am
|
||||
if WITH_UDEV
|
||||
INTERFACE_DRIVER_SOURCES += \
|
||||
interface/interface_backend_udev.c
|
||||
@@ -1649,6 +1653,10 @@ if WITH_NETCF
|
||||
@@ -1657,6 +1661,10 @@ if WITH_NETCF
|
||||
libvirt_driver_interface_la_CFLAGS += $(NETCF_CFLAGS)
|
||||
libvirt_driver_interface_la_LIBADD += $(NETCF_LIBS)
|
||||
endif WITH_NETCF
|
||||
@ -52,10 +52,10 @@ Index: libvirt-3.8.0/src/Makefile.am
|
||||
if WITH_UDEV
|
||||
libvirt_driver_interface_la_CFLAGS += $(UDEV_CFLAGS)
|
||||
libvirt_driver_interface_la_LIBADD += $(UDEV_LIBS)
|
||||
Index: libvirt-3.8.0/tools/virsh.c
|
||||
Index: libvirt-3.9.0/tools/virsh.c
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/tools/virsh.c
|
||||
+++ libvirt-3.8.0/tools/virsh.c
|
||||
--- libvirt-3.9.0.orig/tools/virsh.c
|
||||
+++ libvirt-3.9.0/tools/virsh.c
|
||||
@@ -576,6 +576,8 @@ virshShowVersion(vshControl *ctl ATTRIBU
|
||||
vshPrint(ctl, " Interface");
|
||||
# if defined(WITH_NETCF)
|
||||
@ -65,10 +65,10 @@ Index: libvirt-3.8.0/tools/virsh.c
|
||||
# elif defined(WITH_UDEV)
|
||||
vshPrint(ctl, " udev");
|
||||
# endif
|
||||
Index: libvirt-3.8.0/src/interface/interface_backend_netcf.c
|
||||
Index: libvirt-3.9.0/src/interface/interface_backend_netcf.c
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/interface/interface_backend_netcf.c
|
||||
+++ libvirt-3.8.0/src/interface/interface_backend_netcf.c
|
||||
--- libvirt-3.9.0.orig/src/interface/interface_backend_netcf.c
|
||||
+++ libvirt-3.9.0/src/interface/interface_backend_netcf.c
|
||||
@@ -23,7 +23,12 @@
|
||||
|
||||
#include <config.h>
|
||||
@ -152,10 +152,10 @@ Index: libvirt-3.8.0/src/interface/interface_backend_netcf.c
|
||||
if (virSetSharedInterfaceDriver(&interfaceDriver) < 0)
|
||||
return -1;
|
||||
if (virRegisterStateDriver(&interfaceStateDriver) < 0)
|
||||
Index: libvirt-3.8.0/src/interface/interface_driver.c
|
||||
Index: libvirt-3.9.0/src/interface/interface_driver.c
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/interface/interface_driver.c
|
||||
+++ libvirt-3.8.0/src/interface/interface_driver.c
|
||||
--- libvirt-3.9.0.orig/src/interface/interface_driver.c
|
||||
+++ libvirt-3.9.0/src/interface/interface_driver.c
|
||||
@@ -30,8 +30,15 @@ interfaceRegister(void)
|
||||
if (netcfIfaceRegister() == 0)
|
||||
return 0;
|
||||
@ -173,10 +173,10 @@ Index: libvirt-3.8.0/src/interface/interface_driver.c
|
||||
if (udevIfaceRegister() == 0)
|
||||
return 0;
|
||||
#endif /* WITH_UDEV */
|
||||
Index: libvirt-3.8.0/m4/virt-netcontrol.m4
|
||||
Index: libvirt-3.9.0/m4/virt-netcontrol.m4
|
||||
===================================================================
|
||||
--- /dev/null
|
||||
+++ libvirt-3.8.0/m4/virt-netcontrol.m4
|
||||
+++ libvirt-3.9.0/m4/virt-netcontrol.m4
|
||||
@@ -0,0 +1,39 @@
|
||||
+dnl The libnetcontrol library
|
||||
+dnl
|
||||
|
@ -1,3 +1,28 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed Nov 8 21:10:34 UTC 2017 - jfehlig@suse.com
|
||||
|
||||
- apparmor: add rules for new mediation features
|
||||
apparmor-rules-for-new-mediation-features.patch,
|
||||
apparmor-fine-grained-mount-rules.patch
|
||||
bsc#1066124, boo#1065123
|
||||
- spec: unconditionally enable the wireshark dissector
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Nov 8 11:04:04 UTC 2017 - cbosdonnat@suse.com
|
||||
|
||||
- Replace %{with_sle_build} by ! 0%{?is_opensuse}
|
||||
bsc#940315
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Nov 2 20:44:57 UTC 2017 - jfehlig@suse.com
|
||||
|
||||
- Update to libvirt 3.9.0
|
||||
- Many incremental improvements and bug fixes, see
|
||||
http://libvirt.org/news.html
|
||||
- Dropped patches:
|
||||
c44b29aa-apparmor-dnsmasq-ptrace.patch,
|
||||
441d3eb6-qemu-tls-client-verify-server-cert.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Oct 16 22:02:16 UTC 2017 - jfehlig@suse.com
|
||||
|
||||
@ -312,7 +337,6 @@ Wed Mar 22 08:30:55 UTC 2017 - cbosdonnat@suse.com
|
||||
5dd607059-add-virNetDevGetName.patch
|
||||
754515b7d-add-virNetlinkDumpCommand.patch
|
||||
d68cb4f55-extract-the-request-sending-code-from-virNetlin.patch
|
||||
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Mar 16 14:23:16 UTC 2017 - jfehlig@suse.com
|
||||
|
40
libvirt.spec
40
libvirt.spec
@ -16,9 +16,6 @@
|
||||
#
|
||||
|
||||
|
||||
# The configuration of libvirt is modified slightly for SLE
|
||||
%define with_sle_build %{?is_opensuse:0}%{!?is_opensuse:1}
|
||||
|
||||
# The hypervisor drivers that run in libvirtd
|
||||
%define with_xen 0%{!?_without_xen:1}
|
||||
%define with_qemu 0%{!?_without_qemu:1}
|
||||
@ -43,13 +40,13 @@
|
||||
# Optional bits on by default
|
||||
%define with_sanlock 0%{!?_without_sanlock:1}
|
||||
%define with_polkit_rules 1
|
||||
%define with_wireshark 0%{!?_without_wireshark:1}
|
||||
|
||||
# A few optional bits off by default, we enable later
|
||||
%define with_cgconfig 0%{!?_without_cgconfig:0}
|
||||
%define with_numactl 0%{!?_without_numactl:0}
|
||||
%define with_numad 0%{!?_without_numad:0}
|
||||
%define with_firewalld 0%{!?_without_firewalld:0}
|
||||
%define with_wireshark 0%{!?_without_wireshark:0}
|
||||
%define with_libssh 0%{!?_without_libssh:0}
|
||||
|
||||
# Xen no longer contains xm/xend so disable building the legacy Xen driver
|
||||
@ -64,7 +61,7 @@
|
||||
%endif
|
||||
|
||||
# For SLE, further restrict Xen support to x86_64 only
|
||||
%if %{with_sle_build}
|
||||
%if ! 0%{?is_opensuse}
|
||||
%ifarch %arm aarch64
|
||||
%define with_xen 0
|
||||
%define with_libxl 0
|
||||
@ -90,7 +87,7 @@
|
||||
%endif
|
||||
|
||||
# Disable hypervisor drivers not supported in SLE
|
||||
%if %{with_sle_build}
|
||||
%if ! 0%{?is_opensuse}
|
||||
%define with_openvz 0
|
||||
%define with_vbox 0
|
||||
%define with_uml 0
|
||||
@ -134,13 +131,6 @@
|
||||
%endif
|
||||
%endif
|
||||
|
||||
# libvirt commit 37397320 changed the configure check for wireshark to use
|
||||
# pkgconfig. Currently only the Leap 42.2 and Factory wireshark-devel packages
|
||||
# provide wireshark.pc. Disable the dissector for SLE and Leap <= 42.1
|
||||
%if 0%{?sle_version} < 120200 && %{with_sle_build}
|
||||
%define with_wireshark 0
|
||||
%endif
|
||||
|
||||
# numad is used to manage the CPU and memory placement dynamically for
|
||||
# qemu, lxc, and uml drivers
|
||||
%if %{with_qemu} || %{with_lxc} || %{with_uml}
|
||||
@ -170,7 +160,7 @@
|
||||
|
||||
Name: libvirt
|
||||
Url: http://libvirt.org/
|
||||
Version: 3.8.0
|
||||
Version: 3.9.0
|
||||
Release: 0
|
||||
Summary: Library providing a simple virtualization API
|
||||
License: LGPL-2.1+
|
||||
@ -296,7 +286,7 @@ BuildRequires: systemtap-sdt-devel
|
||||
BuildRequires: numad
|
||||
%endif
|
||||
%if %{with_wireshark}
|
||||
BuildRequires: wireshark-devel >= 1.12.1
|
||||
BuildRequires: wireshark-devel >= 2.1.0
|
||||
%endif
|
||||
%if %{with_libssh}
|
||||
BuildRequires: libssh-devel >= 0.7.0
|
||||
@ -310,11 +300,11 @@ Source4: libvirt-supportconfig
|
||||
Source99: baselibs.conf
|
||||
Source100: %{name}-rpmlintrc
|
||||
# Upstream patches
|
||||
Patch0: c44b29aa-apparmor-dnsmasq-ptrace.patch
|
||||
Patch1: 441d3eb6-qemu-tls-client-verify-server-cert.patch
|
||||
# Patches pending upstream review
|
||||
Patch100: libxl-dom-reset.patch
|
||||
Patch101: network-don-t-use-dhcp-authoritative-on-static-netwo.patch
|
||||
Patch102: apparmor-rules-for-new-mediation-features.patch
|
||||
Patch103: apparmor-fine-grained-mount-rules.patch
|
||||
# Need to go upstream
|
||||
Patch150: xen-pv-cdrom.patch
|
||||
Patch151: blockcopy-check-dst-identical-device.patch
|
||||
@ -341,7 +331,7 @@ Patch214: libvirt-suse-netcontrol.patch
|
||||
Patch215: lxc-wait-after-eth-del.patch
|
||||
Patch216: libxl-qemu-emulator-caps.patch
|
||||
# SLES-Only patches
|
||||
%if %{with_sle_build}
|
||||
%if ! 0%{?is_opensuse}
|
||||
Patch400: virt-create-rootfs.patch
|
||||
%endif
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
@ -886,10 +876,10 @@ libvirt plugin for NSS for translating domain names into IP addresses.
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch0 -p1
|
||||
%patch1 -p1
|
||||
%patch100 -p1
|
||||
%patch101 -p1
|
||||
%patch102 -p1
|
||||
%patch103 -p1
|
||||
%patch150 -p1
|
||||
%patch151 -p1
|
||||
%patch152 -p1
|
||||
@ -913,7 +903,7 @@ libvirt plugin for NSS for translating domain names into IP addresses.
|
||||
%patch214 -p1
|
||||
%patch215 -p1
|
||||
%patch216 -p1
|
||||
%if %{with_sle_build}
|
||||
%if ! 0%{?is_opensuse}
|
||||
%patch400 -p1
|
||||
%endif
|
||||
|
||||
@ -1112,7 +1102,7 @@ make %{?_smp_mflags} -C examples distclean
|
||||
cp examples/lxcconvert/virt-lxc-convert %{buildroot}/%{_bindir}
|
||||
rm -f %{buildroot}/%{_libdir}/*.la
|
||||
%if %{with_wireshark}
|
||||
rm -f %{buildroot}/%{_libdir}/wireshark/plugins/libvirt.la
|
||||
rm -f %{buildroot}/%{_libdir}/wireshark/plugins/*/libvirt.la
|
||||
%endif
|
||||
rm -f %{buildroot}/%{_libdir}/*.a
|
||||
rm -f %{buildroot}/%{_libdir}/%{name}/lock-driver/*.la
|
||||
@ -1518,7 +1508,7 @@ fi
|
||||
%dir %{_libdir}/%{name}/connection-driver
|
||||
%{_libdir}/%{name}/connection-driver/libvirt_driver_lxc.so
|
||||
%attr(0755, root, root) %{_bindir}/virt-lxc-convert
|
||||
%if %{with_sle_build}
|
||||
%if ! 0%{?is_opensuse}
|
||||
%{_bindir}/virt-create-rootfs
|
||||
%doc %{_mandir}/man1/virt-create-rootfs.1*
|
||||
%endif
|
||||
@ -1607,7 +1597,7 @@ fi
|
||||
%{_sbindir}/rclibvirt-guests
|
||||
|
||||
%files libs -f %{name}.lang
|
||||
%doc AUTHORS ChangeLog.gz NEWS README COPYING COPYING.LESSER TODO
|
||||
%doc AUTHORS ChangeLog.gz NEWS README README.md COPYING COPYING.LESSER
|
||||
%config(noreplace) %{_sysconfdir}/%{name}/libvirt.conf
|
||||
%config(noreplace) %{_sysconfdir}/%{name}/libvirt-admin.conf
|
||||
%{_libdir}/libvirt.so.*
|
||||
@ -1701,7 +1691,7 @@ fi
|
||||
%if %{with_wireshark}
|
||||
|
||||
%files -n wireshark-plugin-libvirt
|
||||
%{_libdir}/wireshark/plugins/libvirt.so
|
||||
%{_libdir}/wireshark/plugins/*/libvirt.so
|
||||
%endif
|
||||
|
||||
%files nss
|
||||
|
@ -8,10 +8,10 @@ Date: Mon Jun 23 15:51:20 2014 -0600
|
||||
option, but domainReset can be implemented in the libxl driver by
|
||||
forcibly destroying the domain and starting it again.
|
||||
|
||||
Index: libvirt-3.8.0/src/libxl/libxl_driver.c
|
||||
Index: libvirt-3.9.0/src/libxl/libxl_driver.c
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/libxl/libxl_driver.c
|
||||
+++ libvirt-3.8.0/src/libxl/libxl_driver.c
|
||||
--- libvirt-3.9.0.orig/src/libxl/libxl_driver.c
|
||||
+++ libvirt-3.9.0/src/libxl/libxl_driver.c
|
||||
@@ -1381,6 +1381,61 @@ libxlDomainReboot(virDomainPtr dom, unsi
|
||||
}
|
||||
|
||||
@ -74,7 +74,7 @@ Index: libvirt-3.8.0/src/libxl/libxl_driver.c
|
||||
libxlDomainDestroyFlags(virDomainPtr dom,
|
||||
unsigned int flags)
|
||||
{
|
||||
@@ -6503,6 +6558,7 @@ static virHypervisorDriver libxlHypervis
|
||||
@@ -6497,6 +6552,7 @@ static virHypervisorDriver libxlHypervis
|
||||
.domainShutdown = libxlDomainShutdown, /* 0.9.0 */
|
||||
.domainShutdownFlags = libxlDomainShutdownFlags, /* 0.9.10 */
|
||||
.domainReboot = libxlDomainReboot, /* 0.9.0 */
|
||||
|
@ -8,10 +8,10 @@ as the default <emulator>, instead of the qemu-xen one.
|
||||
|
||||
See FATE#320638 for details.
|
||||
|
||||
Index: libvirt-3.8.0/src/libxl/libxl_capabilities.c
|
||||
Index: libvirt-3.9.0/src/libxl/libxl_capabilities.c
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/libxl/libxl_capabilities.c
|
||||
+++ libvirt-3.8.0/src/libxl/libxl_capabilities.c
|
||||
--- libvirt-3.9.0.orig/src/libxl/libxl_capabilities.c
|
||||
+++ libvirt-3.9.0/src/libxl/libxl_capabilities.c
|
||||
@@ -38,6 +38,7 @@
|
||||
#include "libxl_capabilities.h"
|
||||
#include "cpu/cpu_x86.h"
|
||||
|
@ -3,11 +3,11 @@ https://bugzilla.novell.com/show_bug.cgi?id=879425
|
||||
src/libxl/libxl_conf.c | 25 +++++++++++++++++++++++++
|
||||
1 file changed, 25 insertions(+)
|
||||
|
||||
Index: libvirt-3.8.0/src/libxl/libxl_conf.c
|
||||
Index: libvirt-3.9.0/src/libxl/libxl_conf.c
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/libxl/libxl_conf.c
|
||||
+++ libvirt-3.8.0/src/libxl/libxl_conf.c
|
||||
@@ -646,6 +646,30 @@ libxlDiskSetDiscard(libxl_device_disk *x
|
||||
--- libvirt-3.9.0.orig/src/libxl/libxl_conf.c
|
||||
+++ libvirt-3.9.0/src/libxl/libxl_conf.c
|
||||
@@ -621,6 +621,30 @@ libxlDiskSetDiscard(libxl_device_disk *x
|
||||
#endif
|
||||
}
|
||||
|
||||
@ -38,7 +38,7 @@ Index: libvirt-3.8.0/src/libxl/libxl_conf.c
|
||||
static char *
|
||||
libxlMakeNetworkDiskSrcStr(virStorageSourcePtr src,
|
||||
const char *username,
|
||||
@@ -894,6 +918,7 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk
|
||||
@@ -869,6 +893,7 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk
|
||||
x_disk->is_cdrom = l_disk->device == VIR_DOMAIN_DISK_DEVICE_CDROM ? 1 : 0;
|
||||
if (libxlDiskSetDiscard(x_disk, l_disk->discard) < 0)
|
||||
return -1;
|
||||
|
@ -16,10 +16,10 @@ Signed-off-by: Jim Fehlig <jfehlig@suse.com>
|
||||
tools/virsh.pod | 8 ++++++++
|
||||
6 files changed, 125 insertions(+), 6 deletions(-)
|
||||
|
||||
Index: libvirt-3.8.0/include/libvirt/libvirt-domain.h
|
||||
Index: libvirt-3.9.0/include/libvirt/libvirt-domain.h
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/include/libvirt/libvirt-domain.h
|
||||
+++ libvirt-3.8.0/include/libvirt/libvirt-domain.h
|
||||
--- libvirt-3.9.0.orig/include/libvirt/libvirt-domain.h
|
||||
+++ libvirt-3.9.0/include/libvirt/libvirt-domain.h
|
||||
@@ -1008,6 +1008,31 @@ typedef enum {
|
||||
*/
|
||||
# define VIR_MIGRATE_PARAM_AUTO_CONVERGE_INCREMENT "auto_converge.increment"
|
||||
@ -52,11 +52,11 @@ Index: libvirt-3.8.0/include/libvirt/libvirt-domain.h
|
||||
/* Domain migration. */
|
||||
virDomainPtr virDomainMigrate (virDomainPtr domain, virConnectPtr dconn,
|
||||
unsigned long flags, const char *dname,
|
||||
Index: libvirt-3.8.0/src/libxl/libxl_driver.c
|
||||
Index: libvirt-3.9.0/src/libxl/libxl_driver.c
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/libxl/libxl_driver.c
|
||||
+++ libvirt-3.8.0/src/libxl/libxl_driver.c
|
||||
@@ -6105,6 +6105,9 @@ libxlDomainMigratePerform3Params(virDoma
|
||||
--- libvirt-3.9.0.orig/src/libxl/libxl_driver.c
|
||||
+++ libvirt-3.9.0/src/libxl/libxl_driver.c
|
||||
@@ -6099,6 +6099,9 @@ libxlDomainMigratePerform3Params(virDoma
|
||||
const char *dname = NULL;
|
||||
const char *uri = NULL;
|
||||
int ret = -1;
|
||||
@ -66,7 +66,7 @@ Index: libvirt-3.8.0/src/libxl/libxl_driver.c
|
||||
|
||||
#ifdef LIBXL_HAVE_NO_SUSPEND_RESUME
|
||||
virReportUnsupportedError();
|
||||
@@ -6121,6 +6124,18 @@ libxlDomainMigratePerform3Params(virDoma
|
||||
@@ -6115,6 +6118,18 @@ libxlDomainMigratePerform3Params(virDoma
|
||||
virTypedParamsGetString(params, nparams,
|
||||
VIR_MIGRATE_PARAM_DEST_NAME,
|
||||
&dname) < 0 ||
|
||||
@ -85,7 +85,7 @@ Index: libvirt-3.8.0/src/libxl/libxl_driver.c
|
||||
virTypedParamsGetString(params, nparams,
|
||||
VIR_MIGRATE_PARAM_URI,
|
||||
&uri) < 0)
|
||||
@@ -6135,11 +6150,11 @@ libxlDomainMigratePerform3Params(virDoma
|
||||
@@ -6129,11 +6144,11 @@ libxlDomainMigratePerform3Params(virDoma
|
||||
|
||||
if ((flags & (VIR_MIGRATE_TUNNELLED | VIR_MIGRATE_PEER2PEER))) {
|
||||
if (libxlDomainMigrationPerformP2P(driver, vm, dom->conn, dom_xml,
|
||||
@ -99,10 +99,10 @@ Index: libvirt-3.8.0/src/libxl/libxl_driver.c
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
Index: libvirt-3.8.0/src/libxl/libxl_migration.c
|
||||
Index: libvirt-3.9.0/src/libxl/libxl_migration.c
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/libxl/libxl_migration.c
|
||||
+++ libvirt-3.8.0/src/libxl/libxl_migration.c
|
||||
--- libvirt-3.9.0.orig/src/libxl/libxl_migration.c
|
||||
+++ libvirt-3.9.0/src/libxl/libxl_migration.c
|
||||
@@ -359,18 +359,39 @@ libxlMigrateReceive(virNetSocketPtr sock
|
||||
static int
|
||||
libxlDoMigrateSend(libxlDriverPrivatePtr driver,
|
||||
@ -263,10 +263,10 @@ Index: libvirt-3.8.0/src/libxl/libxl_migration.c
|
||||
virObjectLock(vm);
|
||||
|
||||
cleanup:
|
||||
Index: libvirt-3.8.0/src/libxl/libxl_migration.h
|
||||
Index: libvirt-3.9.0/src/libxl/libxl_migration.h
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/libxl/libxl_migration.h
|
||||
+++ libvirt-3.8.0/src/libxl/libxl_migration.h
|
||||
--- libvirt-3.9.0.orig/src/libxl/libxl_migration.h
|
||||
+++ libvirt-3.9.0/src/libxl/libxl_migration.h
|
||||
@@ -39,6 +39,10 @@
|
||||
VIR_MIGRATE_PARAM_URI, VIR_TYPED_PARAM_STRING, \
|
||||
VIR_MIGRATE_PARAM_DEST_NAME, VIR_TYPED_PARAM_STRING, \
|
||||
@ -311,11 +311,11 @@ Index: libvirt-3.8.0/src/libxl/libxl_migration.h
|
||||
|
||||
virDomainPtr
|
||||
libxlDomainMigrationFinish(virConnectPtr dconn,
|
||||
Index: libvirt-3.8.0/tools/virsh-domain.c
|
||||
Index: libvirt-3.9.0/tools/virsh-domain.c
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/tools/virsh-domain.c
|
||||
+++ libvirt-3.8.0/tools/virsh-domain.c
|
||||
@@ -10432,6 +10432,22 @@ static const vshCmdOptDef opts_migrate[]
|
||||
--- libvirt-3.9.0.orig/tools/virsh-domain.c
|
||||
+++ libvirt-3.9.0/tools/virsh-domain.c
|
||||
@@ -10536,6 +10536,22 @@ static const vshCmdOptDef opts_migrate[]
|
||||
.type = VSH_OT_BOOL,
|
||||
.help = N_("use TLS for migration")
|
||||
},
|
||||
@ -338,7 +338,7 @@ Index: libvirt-3.8.0/tools/virsh-domain.c
|
||||
{.name = NULL}
|
||||
};
|
||||
|
||||
@@ -10455,6 +10471,7 @@ doMigrate(void *opaque)
|
||||
@@ -10559,6 +10575,7 @@ doMigrate(void *opaque)
|
||||
unsigned long long ullOpt = 0;
|
||||
int rv;
|
||||
virConnectPtr dconn = data->dconn;
|
||||
@ -346,7 +346,7 @@ Index: libvirt-3.8.0/tools/virsh-domain.c
|
||||
|
||||
sigemptyset(&sigmask);
|
||||
sigaddset(&sigmask, SIGINT);
|
||||
@@ -10574,6 +10591,27 @@ doMigrate(void *opaque)
|
||||
@@ -10678,6 +10695,27 @@ doMigrate(void *opaque)
|
||||
goto save_error;
|
||||
}
|
||||
|
||||
@ -374,11 +374,11 @@ Index: libvirt-3.8.0/tools/virsh-domain.c
|
||||
if (vshCommandOptStringReq(ctl, cmd, "xml", &opt) < 0)
|
||||
goto out;
|
||||
if (opt) {
|
||||
Index: libvirt-3.8.0/tools/virsh.pod
|
||||
Index: libvirt-3.9.0/tools/virsh.pod
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/tools/virsh.pod
|
||||
+++ libvirt-3.8.0/tools/virsh.pod
|
||||
@@ -1840,6 +1840,14 @@ Providing I<--tls> causes the migration
|
||||
--- libvirt-3.9.0.orig/tools/virsh.pod
|
||||
+++ libvirt-3.9.0/tools/virsh.pod
|
||||
@@ -1849,6 +1849,14 @@ Providing I<--tls> causes the migration
|
||||
the migration of the domain. Usage requires proper TLS setup for both source
|
||||
and target.
|
||||
|
||||
|
@ -7,11 +7,11 @@ and npiv.
|
||||
|
||||
For more details, see bsc#954872 and FATE#319810
|
||||
|
||||
Index: libvirt-3.8.0/src/libxl/libxl_conf.c
|
||||
Index: libvirt-3.9.0/src/libxl/libxl_conf.c
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/libxl/libxl_conf.c
|
||||
+++ libvirt-3.8.0/src/libxl/libxl_conf.c
|
||||
@@ -646,6 +646,25 @@ libxlDiskSetDiscard(libxl_device_disk *x
|
||||
--- libvirt-3.9.0.orig/src/libxl/libxl_conf.c
|
||||
+++ libvirt-3.9.0/src/libxl/libxl_conf.c
|
||||
@@ -621,6 +621,25 @@ libxlDiskSetDiscard(libxl_device_disk *x
|
||||
#endif
|
||||
}
|
||||
|
||||
@ -37,7 +37,7 @@ Index: libvirt-3.8.0/src/libxl/libxl_conf.c
|
||||
static void
|
||||
libxlDiskSetCacheMode(libxl_device_disk *x_disk, int cachemode)
|
||||
{
|
||||
@@ -791,6 +810,7 @@ libxlMakeNetworkDiskSrc(virStorageSource
|
||||
@@ -766,6 +785,7 @@ libxlMakeNetworkDiskSrc(virStorageSource
|
||||
int
|
||||
libxlMakeDisk(virDomainDiskDefPtr l_disk, libxl_device_disk *x_disk)
|
||||
{
|
||||
@ -45,7 +45,7 @@ Index: libvirt-3.8.0/src/libxl/libxl_conf.c
|
||||
const char *driver = virDomainDiskGetDriver(l_disk);
|
||||
int format = virDomainDiskGetFormat(l_disk);
|
||||
int actual_type = virStorageSourceGetActualType(l_disk->src);
|
||||
@@ -806,7 +826,7 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk
|
||||
@@ -781,7 +801,7 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk
|
||||
if (libxlMakeNetworkDiskSrc(l_disk->src, &x_disk->pdev_path) < 0)
|
||||
return -1;
|
||||
} else {
|
||||
@ -54,7 +54,7 @@ Index: libvirt-3.8.0/src/libxl/libxl_conf.c
|
||||
return -1;
|
||||
}
|
||||
|
||||
@@ -919,6 +939,9 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk
|
||||
@@ -894,6 +914,9 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk
|
||||
if (libxlDiskSetDiscard(x_disk, l_disk->discard) < 0)
|
||||
return -1;
|
||||
libxlDiskSetCacheMode(x_disk, l_disk->cachemode);
|
||||
|
@ -13,10 +13,10 @@ device with the same name that is being created.
|
||||
src/lxc/lxc_process.c | 1 +
|
||||
3 files changed, 4 insertions(+)
|
||||
|
||||
Index: libvirt-3.8.0/src/lxc/lxc_controller.c
|
||||
Index: libvirt-3.9.0/src/lxc/lxc_controller.c
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/lxc/lxc_controller.c
|
||||
+++ libvirt-3.8.0/src/lxc/lxc_controller.c
|
||||
--- libvirt-3.9.0.orig/src/lxc/lxc_controller.c
|
||||
+++ libvirt-3.9.0/src/lxc/lxc_controller.c
|
||||
@@ -73,6 +73,7 @@
|
||||
#include "rpc/virnetdaemon.h"
|
||||
#include "virstring.h"
|
||||
@ -33,10 +33,10 @@ Index: libvirt-3.8.0/src/lxc/lxc_controller.c
|
||||
|
||||
return ret;
|
||||
}
|
||||
Index: libvirt-3.8.0/src/lxc/lxc_driver.c
|
||||
Index: libvirt-3.9.0/src/lxc/lxc_driver.c
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/lxc/lxc_driver.c
|
||||
+++ libvirt-3.8.0/src/lxc/lxc_driver.c
|
||||
--- libvirt-3.9.0.orig/src/lxc/lxc_driver.c
|
||||
+++ libvirt-3.9.0/src/lxc/lxc_driver.c
|
||||
@@ -76,6 +76,7 @@
|
||||
#include "virtime.h"
|
||||
#include "virtypedparam.h"
|
||||
@ -45,7 +45,7 @@ Index: libvirt-3.8.0/src/lxc/lxc_driver.c
|
||||
#include "virstring.h"
|
||||
#include "viraccessapicheck.h"
|
||||
#include "viraccessapichecklxc.h"
|
||||
@@ -4021,6 +4022,7 @@ lxcDomainAttachDeviceNetLive(virConnectP
|
||||
@@ -4006,6 +4007,7 @@ lxcDomainAttachDeviceNetLive(virConnectP
|
||||
case VIR_DOMAIN_NET_TYPE_NETWORK:
|
||||
case VIR_DOMAIN_NET_TYPE_ETHERNET:
|
||||
ignore_value(virNetDevVethDelete(veth));
|
||||
@ -53,7 +53,7 @@ Index: libvirt-3.8.0/src/lxc/lxc_driver.c
|
||||
break;
|
||||
|
||||
case VIR_DOMAIN_NET_TYPE_DIRECT:
|
||||
@@ -4455,6 +4457,7 @@ lxcDomainDetachDeviceNetLive(virDomainOb
|
||||
@@ -4440,6 +4442,7 @@ lxcDomainDetachDeviceNetLive(virDomainOb
|
||||
virDomainAuditNet(vm, detach, NULL, "detach", false);
|
||||
goto cleanup;
|
||||
}
|
||||
@ -61,10 +61,10 @@ Index: libvirt-3.8.0/src/lxc/lxc_driver.c
|
||||
break;
|
||||
|
||||
/* It'd be nice to support this, but with macvlan
|
||||
Index: libvirt-3.8.0/src/lxc/lxc_process.c
|
||||
Index: libvirt-3.9.0/src/lxc/lxc_process.c
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/lxc/lxc_process.c
|
||||
+++ libvirt-3.8.0/src/lxc/lxc_process.c
|
||||
--- libvirt-3.9.0.orig/src/lxc/lxc_process.c
|
||||
+++ libvirt-3.9.0/src/lxc/lxc_process.c
|
||||
@@ -52,6 +52,7 @@
|
||||
#include "viratomic.h"
|
||||
#include "virprocess.h"
|
||||
|
@ -17,10 +17,10 @@ Signed-off-by: Martin Wilck <mwilck@suse.com>
|
||||
tests/networkxml2confdata/dhcp6host-routed-network.conf | 1 -
|
||||
2 files changed, 8 insertions(+), 2 deletions(-)
|
||||
|
||||
Index: libvirt-3.8.0/src/network/bridge_driver.c
|
||||
Index: libvirt-3.9.0/src/network/bridge_driver.c
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/network/bridge_driver.c
|
||||
+++ libvirt-3.8.0/src/network/bridge_driver.c
|
||||
--- libvirt-3.9.0.orig/src/network/bridge_driver.c
|
||||
+++ libvirt-3.9.0/src/network/bridge_driver.c
|
||||
@@ -1393,7 +1393,14 @@ networkDnsmasqConfContents(virNetworkObj
|
||||
if (VIR_SOCKET_ADDR_IS_FAMILY(&ipdef->address, AF_INET)) {
|
||||
if (ipdef->nranges || ipdef->nhosts) {
|
||||
@ -37,10 +37,10 @@ Index: libvirt-3.8.0/src/network/bridge_driver.c
|
||||
}
|
||||
|
||||
if (ipdef->tftproot) {
|
||||
Index: libvirt-3.8.0/tests/networkxml2confdata/dhcp6host-routed-network.conf
|
||||
Index: libvirt-3.9.0/tests/networkxml2confdata/dhcp6host-routed-network.conf
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/tests/networkxml2confdata/dhcp6host-routed-network.conf
|
||||
+++ libvirt-3.8.0/tests/networkxml2confdata/dhcp6host-routed-network.conf
|
||||
--- libvirt-3.9.0.orig/tests/networkxml2confdata/dhcp6host-routed-network.conf
|
||||
+++ libvirt-3.9.0/tests/networkxml2confdata/dhcp6host-routed-network.conf
|
||||
@@ -10,7 +10,6 @@ bind-dynamic
|
||||
interface=virbr1
|
||||
dhcp-range=192.168.122.1,static
|
||||
|
@ -2,10 +2,10 @@ Canonicalize hostarch name ppc64le to ppc64
|
||||
|
||||
See bnc#894956
|
||||
|
||||
Index: libvirt-3.8.0/src/util/virarch.c
|
||||
Index: libvirt-3.9.0/src/util/virarch.c
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/util/virarch.c
|
||||
+++ libvirt-3.8.0/src/util/virarch.c
|
||||
--- libvirt-3.9.0.orig/src/util/virarch.c
|
||||
+++ libvirt-3.9.0/src/util/virarch.c
|
||||
@@ -169,6 +169,8 @@ virArch virArchFromHost(void)
|
||||
arch = VIR_ARCH_I686;
|
||||
} else if (STREQ(ut.machine, "amd64")) {
|
||||
|
@ -1,8 +1,8 @@
|
||||
Index: libvirt-3.8.0/examples/apparmor/libvirt-qemu
|
||||
Index: libvirt-3.9.0/examples/apparmor/libvirt-qemu
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/examples/apparmor/libvirt-qemu
|
||||
+++ libvirt-3.8.0/examples/apparmor/libvirt-qemu
|
||||
@@ -176,3 +176,6 @@
|
||||
--- libvirt-3.9.0.orig/examples/apparmor/libvirt-qemu
|
||||
+++ libvirt-3.9.0/examples/apparmor/libvirt-qemu
|
||||
@@ -184,3 +184,6 @@
|
||||
/sys/devices/system/node/ r,
|
||||
/sys/devices/system/node/node[0-9]*/meminfo r,
|
||||
/sys/module/vhost/parameters/max_mem_regions r,
|
||||
|
@ -8,10 +8,10 @@ Subject: [PATCH] support managed pci devices in xen driver
|
||||
src/xenxs/xen_xm.c | 28 +++++++++++++++++++++++++++-
|
||||
2 files changed, 35 insertions(+), 15 deletions(-)
|
||||
|
||||
Index: libvirt-3.8.0/src/xenconfig/xen_common.c
|
||||
Index: libvirt-3.9.0/src/xenconfig/xen_common.c
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/xenconfig/xen_common.c
|
||||
+++ libvirt-3.8.0/src/xenconfig/xen_common.c
|
||||
--- libvirt-3.9.0.orig/src/xenconfig/xen_common.c
|
||||
+++ libvirt-3.9.0/src/xenconfig/xen_common.c
|
||||
@@ -394,6 +394,8 @@ xenParsePCI(virConfPtr conf, virDomainDe
|
||||
{
|
||||
virConfValuePtr list = virConfGetValue(conf, "pci");
|
||||
@ -66,11 +66,11 @@ Index: libvirt-3.8.0/src/xenconfig/xen_common.c
|
||||
hostdev->source.subsys.type = VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI;
|
||||
hostdev->source.subsys.u.pci.addr.domain = domainID;
|
||||
hostdev->source.subsys.u.pci.addr.bus = busID;
|
||||
Index: libvirt-3.8.0/src/xenconfig/xen_sxpr.c
|
||||
Index: libvirt-3.9.0/src/xenconfig/xen_sxpr.c
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/xenconfig/xen_sxpr.c
|
||||
+++ libvirt-3.8.0/src/xenconfig/xen_sxpr.c
|
||||
@@ -1062,6 +1062,7 @@ xenParseSxprPCI(virDomainDefPtr def,
|
||||
--- libvirt-3.9.0.orig/src/xenconfig/xen_sxpr.c
|
||||
+++ libvirt-3.9.0/src/xenconfig/xen_sxpr.c
|
||||
@@ -1057,6 +1057,7 @@ xenParseSxprPCI(virDomainDefPtr def,
|
||||
int busID;
|
||||
int slotID;
|
||||
int funcID;
|
||||
@ -78,7 +78,7 @@ Index: libvirt-3.8.0/src/xenconfig/xen_sxpr.c
|
||||
|
||||
node = cur->u.s.car;
|
||||
if (!sexpr_lookup(node, "dev"))
|
||||
@@ -1109,11 +1110,13 @@ xenParseSxprPCI(virDomainDefPtr def,
|
||||
@@ -1104,11 +1105,13 @@ xenParseSxprPCI(virDomainDefPtr def,
|
||||
goto error;
|
||||
}
|
||||
|
||||
@ -93,7 +93,7 @@ Index: libvirt-3.8.0/src/xenconfig/xen_sxpr.c
|
||||
dev->source.subsys.type = VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI;
|
||||
dev->source.subsys.u.pci.addr.domain = domainID;
|
||||
dev->source.subsys.u.pci.addr.bus = busID;
|
||||
@@ -1977,11 +1980,15 @@ static void
|
||||
@@ -1972,11 +1975,15 @@ static void
|
||||
xenFormatSxprPCI(virDomainHostdevDefPtr def,
|
||||
virBufferPtr buf)
|
||||
{
|
||||
@ -110,7 +110,7 @@ Index: libvirt-3.8.0/src/xenconfig/xen_sxpr.c
|
||||
}
|
||||
|
||||
|
||||
@@ -2000,12 +2007,6 @@ xenFormatSxprOnePCI(virDomainHostdevDefP
|
||||
@@ -1995,12 +2002,6 @@ xenFormatSxprOnePCI(virDomainHostdevDefP
|
||||
virBufferPtr buf,
|
||||
int detach)
|
||||
{
|
||||
@ -123,7 +123,7 @@ Index: libvirt-3.8.0/src/xenconfig/xen_sxpr.c
|
||||
virBufferAddLit(buf, "(pci ");
|
||||
xenFormatSxprPCI(def, buf);
|
||||
if (detach)
|
||||
@@ -2060,12 +2061,6 @@ xenFormatSxprAllPCI(virDomainDefPtr def,
|
||||
@@ -2055,12 +2056,6 @@ xenFormatSxprAllPCI(virDomainDefPtr def,
|
||||
for (i = 0; i < def->nhostdevs; i++) {
|
||||
if (def->hostdevs[i]->mode == VIR_DOMAIN_HOSTDEV_MODE_SUBSYS &&
|
||||
def->hostdevs[i]->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI) {
|
||||
|
@ -8,10 +8,10 @@ It was also noticed that the per-domain profiles need a libnl rule
|
||||
to squelch a denial when starting confined domains.
|
||||
|
||||
Found while investigating bsc#1058847
|
||||
Index: libvirt-3.8.0/examples/apparmor/usr.lib.libvirt.virt-aa-helper
|
||||
Index: libvirt-3.9.0/examples/apparmor/usr.lib.libvirt.virt-aa-helper
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/examples/apparmor/usr.lib.libvirt.virt-aa-helper
|
||||
+++ libvirt-3.8.0/examples/apparmor/usr.lib.libvirt.virt-aa-helper
|
||||
--- libvirt-3.9.0.orig/examples/apparmor/usr.lib.libvirt.virt-aa-helper
|
||||
+++ libvirt-3.9.0/examples/apparmor/usr.lib.libvirt.virt-aa-helper
|
||||
@@ -16,7 +16,7 @@ profile virt-aa-helper /usr/{lib,lib64}/
|
||||
owner @{PROC}/[0-9]*/status r,
|
||||
@{PROC}/filesystems r,
|
||||
@ -21,11 +21,11 @@ Index: libvirt-3.8.0/examples/apparmor/usr.lib.libvirt.virt-aa-helper
|
||||
|
||||
# for hostdev
|
||||
/sys/devices/ r,
|
||||
Index: libvirt-3.8.0/examples/apparmor/libvirt-qemu
|
||||
Index: libvirt-3.9.0/examples/apparmor/libvirt-qemu
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/examples/apparmor/libvirt-qemu
|
||||
+++ libvirt-3.8.0/examples/apparmor/libvirt-qemu
|
||||
@@ -50,6 +50,7 @@
|
||||
--- libvirt-3.9.0.orig/examples/apparmor/libvirt-qemu
|
||||
+++ libvirt-3.9.0/examples/apparmor/libvirt-qemu
|
||||
@@ -58,6 +58,7 @@
|
||||
#/dev/fb* rw,
|
||||
|
||||
/etc/pulse/client.conf r,
|
||||
|
@ -1,9 +1,9 @@
|
||||
Adjust libvirt-guests service to conform to SUSE standards
|
||||
|
||||
Index: libvirt-3.8.0/tools/libvirt-guests.init.in
|
||||
Index: libvirt-3.9.0/tools/libvirt-guests.init.in
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/tools/libvirt-guests.init.in
|
||||
+++ libvirt-3.8.0/tools/libvirt-guests.init.in
|
||||
--- libvirt-3.9.0.orig/tools/libvirt-guests.init.in
|
||||
+++ libvirt-3.9.0/tools/libvirt-guests.init.in
|
||||
@@ -4,27 +4,27 @@
|
||||
# http://refspecs.linuxfoundation.org/LSB_5.0.0/LSB-Core-generic/LSB-Core-generic/initscrcomconv.html
|
||||
#
|
||||
@ -23,32 +23,33 @@ Index: libvirt-3.8.0/tools/libvirt-guests.init.in
|
||||
# Short-Description: suspend/resume libvirt guests on shutdown/boot
|
||||
-# Description: This is a script for suspending active libvirt guests
|
||||
-# on shutdown and resuming them on next boot
|
||||
-# See http://libvirt.org
|
||||
-# See https://libvirt.org
|
||||
+# Description: This is a script for suspending active libvirt guests
|
||||
+# on shutdown and resuming them on next boot
|
||||
+# See http://libvirt.org
|
||||
+# See https://libvirt.org
|
||||
### END INIT INFO
|
||||
|
||||
# the following is chkconfig init header
|
||||
#
|
||||
-# libvirt-guests: suspend/resume libvirt guests on shutdown/boot
|
||||
+# libvirt-guests: suspend/resume libvirt guests on shutdown/boot
|
||||
#
|
||||
-#
|
||||
-# chkconfig: 345 99 01
|
||||
-# description: This is a script for suspending active libvirt guests \
|
||||
-# on shutdown and resuming them on next boot \
|
||||
-# See http://libvirt.org
|
||||
-# See https://libvirt.org
|
||||
+# libvirt-guests: suspend/resume libvirt guests on shutdown/boot
|
||||
#
|
||||
+# chkconfig: 345 99 01
|
||||
+# description: This is a script for suspending active libvirt guests \
|
||||
+# on shutdown and resuming them on next boot \
|
||||
+# See http://libvirt.org
|
||||
#
|
||||
+# See https://libvirt.org
|
||||
+
|
||||
|
||||
exec @libexecdir@/libvirt-guests.sh "$@"
|
||||
Index: libvirt-3.8.0/tools/libvirt-guests.sh.in
|
||||
Index: libvirt-3.9.0/tools/libvirt-guests.sh.in
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/tools/libvirt-guests.sh.in
|
||||
+++ libvirt-3.8.0/tools/libvirt-guests.sh.in
|
||||
--- libvirt-3.9.0.orig/tools/libvirt-guests.sh.in
|
||||
+++ libvirt-3.9.0/tools/libvirt-guests.sh.in
|
||||
@@ -16,14 +16,13 @@
|
||||
# License along with this library. If not, see
|
||||
# <http://www.gnu.org/licenses/>.
|
||||
@ -208,10 +209,10 @@ Index: libvirt-3.8.0/tools/libvirt-guests.sh.in
|
||||
esac
|
||||
-exit $RETVAL
|
||||
+rc_exit
|
||||
Index: libvirt-3.8.0/tools/libvirt-guests.sysconf
|
||||
Index: libvirt-3.9.0/tools/libvirt-guests.sysconf
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/tools/libvirt-guests.sysconf
|
||||
+++ libvirt-3.8.0/tools/libvirt-guests.sysconf
|
||||
--- libvirt-3.9.0.orig/tools/libvirt-guests.sysconf
|
||||
+++ libvirt-3.9.0/tools/libvirt-guests.sysconf
|
||||
@@ -1,19 +1,29 @@
|
||||
+## Path: System/Virtualization/libvirt-guests
|
||||
+
|
||||
|
@ -3,10 +3,10 @@ Disable TLS by default
|
||||
On SUSE distros, the default is for libvirtd to listen only on the
|
||||
Unix Domain Socket. The libvirt client still provides remote access
|
||||
via a SSH tunnel.
|
||||
Index: libvirt-3.8.0/daemon/libvirtd.conf
|
||||
Index: libvirt-3.9.0/daemon/libvirtd.conf
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/daemon/libvirtd.conf
|
||||
+++ libvirt-3.8.0/daemon/libvirtd.conf
|
||||
--- libvirt-3.9.0.orig/daemon/libvirtd.conf
|
||||
+++ libvirt-3.9.0/daemon/libvirtd.conf
|
||||
@@ -18,8 +18,8 @@
|
||||
# It is necessary to setup a CA and issue server certificates before
|
||||
# using this capability.
|
||||
@ -18,10 +18,10 @@ Index: libvirt-3.8.0/daemon/libvirtd.conf
|
||||
|
||||
# Listen for unencrypted TCP connections on the public TCP/IP port.
|
||||
# NB, must pass the --listen flag to the libvirtd process for this to
|
||||
Index: libvirt-3.8.0/daemon/libvirtd-config.c
|
||||
Index: libvirt-3.9.0/daemon/libvirtd-config.c
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/daemon/libvirtd-config.c
|
||||
+++ libvirt-3.8.0/daemon/libvirtd-config.c
|
||||
--- libvirt-3.9.0.orig/daemon/libvirtd-config.c
|
||||
+++ libvirt-3.9.0/daemon/libvirtd-config.c
|
||||
@@ -110,7 +110,7 @@ daemonConfigNew(bool privileged ATTRIBUT
|
||||
if (VIR_ALLOC(data) < 0)
|
||||
return NULL;
|
||||
@ -31,10 +31,10 @@ Index: libvirt-3.8.0/daemon/libvirtd-config.c
|
||||
data->listen_tcp = 0;
|
||||
|
||||
if (VIR_STRDUP(data->tls_port, LIBVIRTD_TLS_PORT) < 0 ||
|
||||
Index: libvirt-3.8.0/daemon/test_libvirtd.aug.in
|
||||
Index: libvirt-3.9.0/daemon/test_libvirtd.aug.in
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/daemon/test_libvirtd.aug.in
|
||||
+++ libvirt-3.8.0/daemon/test_libvirtd.aug.in
|
||||
--- libvirt-3.9.0.orig/daemon/test_libvirtd.aug.in
|
||||
+++ libvirt-3.9.0/daemon/test_libvirtd.aug.in
|
||||
@@ -2,7 +2,7 @@ module Test_libvirtd =
|
||||
::CONFIG::
|
||||
|
||||
|
@ -7,10 +7,10 @@ On SUSE distros, we promote libvirt and all the libvirt-based
|
||||
tools. If a user installs libvirt on their SUSE Xen host, then
|
||||
libvirt should be king and override xendomains. See bsc#1015348
|
||||
|
||||
Index: libvirt-3.8.0/daemon/libvirtd.service.in
|
||||
Index: libvirt-3.9.0/daemon/libvirtd.service.in
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/daemon/libvirtd.service.in
|
||||
+++ libvirt-3.8.0/daemon/libvirtd.service.in
|
||||
--- libvirt-3.9.0.orig/daemon/libvirtd.service.in
|
||||
+++ libvirt-3.9.0/daemon/libvirtd.service.in
|
||||
@@ -14,6 +14,8 @@ After=iscsid.service
|
||||
After=apparmor.service
|
||||
After=local-fs.target
|
||||
@ -18,5 +18,5 @@ Index: libvirt-3.8.0/daemon/libvirtd.service.in
|
||||
+After=xencommons.service
|
||||
+Conflicts=xendomains.service
|
||||
Documentation=man:libvirtd(8)
|
||||
Documentation=http://libvirt.org
|
||||
Documentation=https://libvirt.org
|
||||
|
||||
|
@ -1,9 +1,9 @@
|
||||
Adjust libvirtd sysconfig file to conform to SUSE standards
|
||||
|
||||
Index: libvirt-3.8.0/daemon/libvirtd.sysconf
|
||||
Index: libvirt-3.9.0/daemon/libvirtd.sysconf
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/daemon/libvirtd.sysconf
|
||||
+++ libvirt-3.8.0/daemon/libvirtd.sysconf
|
||||
--- libvirt-3.9.0.orig/daemon/libvirtd.sysconf
|
||||
+++ libvirt-3.9.0/daemon/libvirtd.sysconf
|
||||
@@ -1,16 +1,25 @@
|
||||
+## Path: System/Virtualization/libvirt
|
||||
+
|
||||
|
@ -1,10 +1,10 @@
|
||||
Adjust paths of OVMF firmwares on SUSE distros
|
||||
|
||||
Index: libvirt-3.8.0/src/qemu/qemu.conf
|
||||
Index: libvirt-3.9.0/src/qemu/qemu.conf
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/qemu/qemu.conf
|
||||
+++ libvirt-3.8.0/src/qemu/qemu.conf
|
||||
@@ -737,10 +737,9 @@ security_default_confined = 0
|
||||
--- libvirt-3.9.0.orig/src/qemu/qemu.conf
|
||||
+++ libvirt-3.9.0/src/qemu/qemu.conf
|
||||
@@ -743,10 +743,9 @@ security_default_confined = 0
|
||||
# for x86_64 and i686, but it's AAVMF for aarch64. The libvirt default
|
||||
# follows this scheme.
|
||||
#nvram = [
|
||||
@ -18,10 +18,10 @@ Index: libvirt-3.8.0/src/qemu/qemu.conf
|
||||
#]
|
||||
|
||||
# The backend to use for handling stdout/stderr output from
|
||||
Index: libvirt-3.8.0/src/qemu/qemu_conf.c
|
||||
Index: libvirt-3.9.0/src/qemu/qemu_conf.c
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/qemu/qemu_conf.c
|
||||
+++ libvirt-3.8.0/src/qemu/qemu_conf.c
|
||||
--- libvirt-3.9.0.orig/src/qemu/qemu_conf.c
|
||||
+++ libvirt-3.9.0/src/qemu/qemu_conf.c
|
||||
@@ -127,10 +127,9 @@ void qemuDomainCmdlineDefFree(qemuDomain
|
||||
|
||||
#ifndef DEFAULT_LOADER_NVRAM
|
||||
|
@ -7,11 +7,11 @@ suse-qemu-conf-secdriver.patch, suse-qemu-conf-lockmgr.patch,
|
||||
etc.), but for now they are all lumped together in this
|
||||
single patch.
|
||||
|
||||
Index: libvirt-3.8.0/src/qemu/qemu.conf
|
||||
Index: libvirt-3.9.0/src/qemu/qemu.conf
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/qemu/qemu.conf
|
||||
+++ libvirt-3.8.0/src/qemu/qemu.conf
|
||||
@@ -374,11 +374,20 @@
|
||||
--- libvirt-3.9.0.orig/src/qemu/qemu.conf
|
||||
+++ libvirt-3.9.0/src/qemu/qemu.conf
|
||||
@@ -380,11 +380,20 @@
|
||||
# isolation, but it cannot appear in a list of drivers.
|
||||
#
|
||||
#security_driver = "selinux"
|
||||
@ -34,7 +34,7 @@ Index: libvirt-3.8.0/src/qemu/qemu.conf
|
||||
|
||||
# If set to non-zero, then attempts to create unconfined
|
||||
# guests will be blocked. Defaults to 0.
|
||||
@@ -622,11 +631,22 @@
|
||||
@@ -628,11 +637,22 @@
|
||||
#allow_disk_format_probing = 1
|
||||
|
||||
|
||||
|
@ -1,9 +1,9 @@
|
||||
Adjust virtlockd sysconfig file to conform to SUSE standards
|
||||
|
||||
Index: libvirt-3.8.0/src/locking/virtlockd.sysconf
|
||||
Index: libvirt-3.9.0/src/locking/virtlockd.sysconf
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/locking/virtlockd.sysconf
|
||||
+++ libvirt-3.8.0/src/locking/virtlockd.sysconf
|
||||
--- libvirt-3.9.0.orig/src/locking/virtlockd.sysconf
|
||||
+++ libvirt-3.9.0/src/locking/virtlockd.sysconf
|
||||
@@ -1,3 +1,7 @@
|
||||
+## Path: System/Virtualization/virtlockd
|
||||
+
|
||||
|
@ -1,9 +1,9 @@
|
||||
Adjust virtlogd sysconfig file to conform to SUSE standards
|
||||
|
||||
Index: libvirt-3.8.0/src/logging/virtlogd.sysconf
|
||||
Index: libvirt-3.9.0/src/logging/virtlogd.sysconf
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/logging/virtlogd.sysconf
|
||||
+++ libvirt-3.8.0/src/logging/virtlogd.sysconf
|
||||
--- libvirt-3.9.0.orig/src/logging/virtlogd.sysconf
|
||||
+++ libvirt-3.9.0/src/logging/virtlogd.sysconf
|
||||
@@ -1,3 +1,7 @@
|
||||
+## Path: System/Virtualization/virtlogd
|
||||
+
|
||||
|
@ -1,8 +1,8 @@
|
||||
Index: libvirt-3.8.0/src/xenconfig/xen_sxpr.c
|
||||
Index: libvirt-3.9.0/src/xenconfig/xen_sxpr.c
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/xenconfig/xen_sxpr.c
|
||||
+++ libvirt-3.8.0/src/xenconfig/xen_sxpr.c
|
||||
@@ -392,7 +392,7 @@ xenParseSxprVifRate(const char *rate, un
|
||||
--- libvirt-3.9.0.orig/src/xenconfig/xen_sxpr.c
|
||||
+++ libvirt-3.9.0/src/xenconfig/xen_sxpr.c
|
||||
@@ -387,7 +387,7 @@ xenParseSxprVifRate(const char *rate, un
|
||||
static int
|
||||
xenParseSxprDisks(virDomainDefPtr def,
|
||||
const struct sexpr *root,
|
||||
@ -11,7 +11,7 @@ Index: libvirt-3.8.0/src/xenconfig/xen_sxpr.c
|
||||
{
|
||||
const struct sexpr *cur, *node;
|
||||
virDomainDiskDefPtr disk = NULL;
|
||||
@@ -442,7 +442,6 @@ xenParseSxprDisks(virDomainDefPtr def,
|
||||
@@ -437,7 +437,6 @@ xenParseSxprDisks(virDomainDefPtr def,
|
||||
/* There is a case without the uname to the CD-ROM device */
|
||||
offset = strchr(dst, ':');
|
||||
if (!offset ||
|
||||
|
@ -6,11 +6,11 @@ and 'file'. This was implicitly done prior to commit 9673418c.
|
||||
|
||||
https://bugzilla.suse.com/show_bug.cgi?id=938228
|
||||
|
||||
Index: libvirt-3.8.0/src/xenconfig/xen_sxpr.c
|
||||
Index: libvirt-3.9.0/src/xenconfig/xen_sxpr.c
|
||||
===================================================================
|
||||
--- libvirt-3.8.0.orig/src/xenconfig/xen_sxpr.c
|
||||
+++ libvirt-3.8.0/src/xenconfig/xen_sxpr.c
|
||||
@@ -506,10 +506,11 @@ xenParseSxprDisks(virDomainDefPtr def,
|
||||
--- libvirt-3.9.0.orig/src/xenconfig/xen_sxpr.c
|
||||
+++ libvirt-3.9.0/src/xenconfig/xen_sxpr.c
|
||||
@@ -501,10 +501,11 @@ xenParseSxprDisks(virDomainDefPtr def,
|
||||
omnipotent, we can revisit this, perhaps stat()'ing
|
||||
the src file in question */
|
||||
virDomainDiskSetType(disk, VIR_STORAGE_TYPE_FILE);
|
||||
|
Loading…
Reference in New Issue
Block a user