Accepting request 561313 from home:cbosdonnat:branches:Virtualization
- Fix apparmor rules for virt-aa-helper (bsc#1074265) fix-virt-aa-helper-profile.patch - Update upstreamed patches Removed patches: * daemon-close-crasher.patch * lxc-hostname.patch Added patches: * 2089ab21-netserver-close-clients-before-stopping-all-drivers.patch * b475a91b-add-virStringFilterChars-string-utility.patch * faec1958-lxc-set-hostname-based-on-container-name.patch OBS-URL: https://build.opensuse.org/request/show/561313 OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=655
This commit is contained in:
parent
21a15fa2f7
commit
d3c3ef874c
@ -0,0 +1,45 @@
|
|||||||
|
From 2089ab2112e763d6de5888e498afc4fbdc3376db Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <cbosdonnat@suse.com>
|
||||||
|
Date: Wed, 20 Dec 2017 17:36:10 +0100
|
||||||
|
Subject: [PATCH] netserver: close clients before stopping all drivers
|
||||||
|
|
||||||
|
So far clients were closed when disposing the daemon, after the state
|
||||||
|
driver cleanup. This was leading to libvirtd crashing at shutdown due
|
||||||
|
to missing driver.
|
||||||
|
|
||||||
|
Moving the client close in virNetServerClose() fixes the problem.
|
||||||
|
|
||||||
|
Reviewed-by: Erik Skultety <eskultet@redhat.com>
|
||||||
|
---
|
||||||
|
src/rpc/virnetserver.c | 7 ++++---
|
||||||
|
1 file changed, 4 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/rpc/virnetserver.c b/src/rpc/virnetserver.c
|
||||||
|
index 2b76daab5..43f889e2a 100644
|
||||||
|
--- a/src/rpc/virnetserver.c
|
||||||
|
+++ b/src/rpc/virnetserver.c
|
||||||
|
@@ -774,10 +774,8 @@ void virNetServerDispose(void *obj)
|
||||||
|
virObjectUnref(srv->programs[i]);
|
||||||
|
VIR_FREE(srv->programs);
|
||||||
|
|
||||||
|
- for (i = 0; i < srv->nclients; i++) {
|
||||||
|
- virNetServerClientClose(srv->clients[i]);
|
||||||
|
+ for (i = 0; i < srv->nclients; i++)
|
||||||
|
virObjectUnref(srv->clients[i]);
|
||||||
|
- }
|
||||||
|
VIR_FREE(srv->clients);
|
||||||
|
|
||||||
|
VIR_FREE(srv->mdnsGroupName);
|
||||||
|
@@ -796,6 +794,9 @@ void virNetServerClose(virNetServerPtr srv)
|
||||||
|
for (i = 0; i < srv->nservices; i++)
|
||||||
|
virNetServerServiceClose(srv->services[i]);
|
||||||
|
|
||||||
|
+ for (i = 0; i < srv->nclients; i++)
|
||||||
|
+ virNetServerClientClose(srv->clients[i]);
|
||||||
|
+
|
||||||
|
virObjectUnlock(srv);
|
||||||
|
}
|
||||||
|
|
||||||
|
--
|
||||||
|
2.15.1
|
||||||
|
|
@ -1,8 +1,21 @@
|
|||||||
|
From b475a91b7753281eb60b87f75b0055fe3c139276 Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <cbosdonnat@suse.com>
|
||||||
|
Date: Mon, 18 Dec 2017 15:46:53 +0100
|
||||||
|
Subject: [PATCH 1/2] Add virStringFilterChars() string utility
|
||||||
|
|
||||||
|
Add a function to filter a string based on a list of valid characters.
|
||||||
|
---
|
||||||
|
src/libvirt_private.syms | 1 +
|
||||||
|
src/util/virstring.c | 24 ++++++++++++++++++++++++
|
||||||
|
src/util/virstring.h | 1 +
|
||||||
|
tests/virstringtest.c | 46 ++++++++++++++++++++++++++++++++++++++++++++++
|
||||||
|
4 files changed, 72 insertions(+)
|
||||||
|
|
||||||
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
|
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
|
||||||
index de4ec4d44..43971db67 100644
|
index 18d0f2adf..6662c8dac 100644
|
||||||
--- a/src/libvirt_private.syms
|
--- a/src/libvirt_private.syms
|
||||||
+++ b/src/libvirt_private.syms
|
+++ b/src/libvirt_private.syms
|
||||||
@@ -2751,6 +2751,7 @@ virStrcpy;
|
@@ -2755,6 +2755,7 @@ virStrcpy;
|
||||||
virStrdup;
|
virStrdup;
|
||||||
virStringBufferIsPrintable;
|
virStringBufferIsPrintable;
|
||||||
virStringEncodeBase64;
|
virStringEncodeBase64;
|
||||||
@ -10,61 +23,8 @@ index de4ec4d44..43971db67 100644
|
|||||||
virStringHasChars;
|
virStringHasChars;
|
||||||
virStringHasControlChars;
|
virStringHasControlChars;
|
||||||
virStringIsEmpty;
|
virStringIsEmpty;
|
||||||
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
|
|
||||||
index b7216d6ee..246145fcd 100644
|
|
||||||
--- a/src/lxc/lxc_container.c
|
|
||||||
+++ b/src/lxc/lxc_container.c
|
|
||||||
@@ -2159,6 +2159,37 @@ static int lxcContainerSetUserGroup(virCommandPtr cmd,
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
+static const char hostname_validchars[] =
|
|
||||||
+ "abcdefghijklmnopqrstuvwxyz"
|
|
||||||
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
|
|
||||||
+ "0123456789-";
|
|
||||||
+
|
|
||||||
+static int lxcContainerSetHostname(virDomainDefPtr def)
|
|
||||||
+{
|
|
||||||
+ int ret = -1;
|
|
||||||
+ char *name = NULL;
|
|
||||||
+ char *hostname = NULL;
|
|
||||||
+
|
|
||||||
+ /* Filter the VM name to get a valid hostname */
|
|
||||||
+ if (VIR_STRDUP(name, def->name) < 0)
|
|
||||||
+ goto cleanup;
|
|
||||||
+
|
|
||||||
+ /* RFC 1123 allows 0-9 digits as a first character in hostname */
|
|
||||||
+ virStringFilterChars(name, hostname_validchars);
|
|
||||||
+ hostname = name;
|
|
||||||
+ if (strlen(name) > 0 && name[0] == '-')
|
|
||||||
+ hostname = name + 1;
|
|
||||||
+
|
|
||||||
+ if (sethostname(hostname, strlen(hostname)) < 0) {
|
|
||||||
+ virReportSystemError(errno, "%s", _("Failed to set hostname"));
|
|
||||||
+ goto cleanup;
|
|
||||||
+ }
|
|
||||||
+ ret = 0;
|
|
||||||
+
|
|
||||||
+ cleanup:
|
|
||||||
+ VIR_FREE(name);
|
|
||||||
+ return ret;
|
|
||||||
+}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* lxcContainerChild:
|
|
||||||
@@ -2269,6 +2300,10 @@ static int lxcContainerChild(void *data)
|
|
||||||
goto cleanup;
|
|
||||||
}
|
|
||||||
|
|
||||||
+ if (lxcContainerSetHostname(vmDef) < 0)
|
|
||||||
+ goto cleanup;
|
|
||||||
+
|
|
||||||
+
|
|
||||||
/* drop a set of root capabilities */
|
|
||||||
if (lxcContainerDropCapabilities(vmDef, !!hasReboot) < 0)
|
|
||||||
goto cleanup;
|
|
||||||
diff --git a/src/util/virstring.c b/src/util/virstring.c
|
diff --git a/src/util/virstring.c b/src/util/virstring.c
|
||||||
index b2ebce27f..b808aff2c 100644
|
index 0cb06bdc9..1c58df915 100644
|
||||||
--- a/src/util/virstring.c
|
--- a/src/util/virstring.c
|
||||||
+++ b/src/util/virstring.c
|
+++ b/src/util/virstring.c
|
||||||
@@ -1293,6 +1293,30 @@ virStringStripControlChars(char *str)
|
@@ -1293,6 +1293,30 @@ virStringStripControlChars(char *str)
|
||||||
@ -174,3 +134,6 @@ index 320f7a398..e8518ede1 100644
|
|||||||
return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE;
|
return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
--
|
||||||
|
2.15.1
|
||||||
|
|
@ -1,22 +0,0 @@
|
|||||||
Index: libvirt-3.10.0/src/rpc/virnetserver.c
|
|
||||||
===================================================================
|
|
||||||
--- libvirt-3.10.0.orig/src/rpc/virnetserver.c
|
|
||||||
+++ libvirt-3.10.0/src/rpc/virnetserver.c
|
|
||||||
@@ -775,7 +775,6 @@ void virNetServerDispose(void *obj)
|
|
||||||
VIR_FREE(srv->programs);
|
|
||||||
|
|
||||||
for (i = 0; i < srv->nclients; i++) {
|
|
||||||
- virNetServerClientClose(srv->clients[i]);
|
|
||||||
virObjectUnref(srv->clients[i]);
|
|
||||||
}
|
|
||||||
VIR_FREE(srv->clients);
|
|
||||||
@@ -796,6 +795,9 @@ void virNetServerClose(virNetServerPtr s
|
|
||||||
for (i = 0; i < srv->nservices; i++)
|
|
||||||
virNetServerServiceClose(srv->services[i]);
|
|
||||||
|
|
||||||
+ for (i = 0; i < srv->nclients; i++)
|
|
||||||
+ virNetServerClientClose(srv->clients[i]);
|
|
||||||
+
|
|
||||||
virObjectUnlock(srv);
|
|
||||||
}
|
|
||||||
|
|
69
faec1958-lxc-set-hostname-based-on-container-name.patch
Normal file
69
faec1958-lxc-set-hostname-based-on-container-name.patch
Normal file
@ -0,0 +1,69 @@
|
|||||||
|
From faec1958614bfcdb535b1bcc0ddac8cde4516e1a Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <cbosdonnat@suse.com>
|
||||||
|
Date: Mon, 18 Dec 2017 15:48:33 +0100
|
||||||
|
Subject: [PATCH 2/2] lxc: set a hostname based on the container name
|
||||||
|
|
||||||
|
Set a transient hostname on containers. The hostname is computed from
|
||||||
|
the container name, only keeping the valid characters [a-zA-Z0-9-] in it.
|
||||||
|
This filtering is based on RFC 1123 and allows a digit to start the
|
||||||
|
hostname.
|
||||||
|
---
|
||||||
|
src/lxc/lxc_container.c | 35 +++++++++++++++++++++++++++++++++++
|
||||||
|
1 file changed, 35 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
|
||||||
|
index b7216d6ee..96fceaf1b 100644
|
||||||
|
--- a/src/lxc/lxc_container.c
|
||||||
|
+++ b/src/lxc/lxc_container.c
|
||||||
|
@@ -2159,6 +2159,37 @@ static int lxcContainerSetUserGroup(virCommandPtr cmd,
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
+static const char hostname_validchars[] =
|
||||||
|
+ "abcdefghijklmnopqrstuvwxyz"
|
||||||
|
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
|
||||||
|
+ "0123456789-";
|
||||||
|
+
|
||||||
|
+static int lxcContainerSetHostname(virDomainDefPtr def)
|
||||||
|
+{
|
||||||
|
+ int ret = -1;
|
||||||
|
+ char *name = NULL;
|
||||||
|
+ char *hostname = NULL;
|
||||||
|
+
|
||||||
|
+ /* Filter the VM name to get a valid hostname */
|
||||||
|
+ if (VIR_STRDUP(name, def->name) < 0)
|
||||||
|
+ goto cleanup;
|
||||||
|
+
|
||||||
|
+ /* RFC 1123 allows 0-9 digits as a first character in hostname */
|
||||||
|
+ virStringFilterChars(name, hostname_validchars);
|
||||||
|
+ hostname = name;
|
||||||
|
+ if (strlen(name) > 0 && name[0] == '-')
|
||||||
|
+ hostname = name + 1;
|
||||||
|
+
|
||||||
|
+ if (sethostname(hostname, strlen(hostname)) < 0) {
|
||||||
|
+ virReportSystemError(errno, "%s", _("Failed to set hostname"));
|
||||||
|
+ goto cleanup;
|
||||||
|
+ }
|
||||||
|
+ ret = 0;
|
||||||
|
+
|
||||||
|
+ cleanup:
|
||||||
|
+ VIR_FREE(name);
|
||||||
|
+ return ret;
|
||||||
|
+}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* lxcContainerChild:
|
||||||
|
@@ -2269,6 +2300,10 @@ static int lxcContainerChild(void *data)
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if (lxcContainerSetHostname(vmDef) < 0)
|
||||||
|
+ goto cleanup;
|
||||||
|
+
|
||||||
|
+
|
||||||
|
/* drop a set of root capabilities */
|
||||||
|
if (lxcContainerDropCapabilities(vmDef, !!hasReboot) < 0)
|
||||||
|
goto cleanup;
|
||||||
|
--
|
||||||
|
2.15.1
|
||||||
|
|
28
fix-virt-aa-helper-profile.patch
Normal file
28
fix-virt-aa-helper-profile.patch
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
From 29eed5ffb8776f4e4ecf6dc6b3ee7f320f679e7e Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <cbosdonnat@suse.com>
|
||||||
|
Date: Tue, 2 Jan 2018 09:54:46 +0100
|
||||||
|
Subject: [PATCH] apparmor: fix virt-aa-helper profile
|
||||||
|
|
||||||
|
Fix rule introduced by commit 0f33025a:
|
||||||
|
* to handle /var/run not being a symlink to /run
|
||||||
|
* to be properly parsed: missing comma at the end.
|
||||||
|
---
|
||||||
|
examples/apparmor/usr.lib.libvirt.virt-aa-helper | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/examples/apparmor/usr.lib.libvirt.virt-aa-helper b/examples/apparmor/usr.lib.libvirt.virt-aa-helper
|
||||||
|
index 9c822b644..105f09e43 100644
|
||||||
|
--- a/examples/apparmor/usr.lib.libvirt.virt-aa-helper
|
||||||
|
+++ b/examples/apparmor/usr.lib.libvirt.virt-aa-helper
|
||||||
|
@@ -51,7 +51,7 @@ profile virt-aa-helper /usr/{lib,lib64}/libvirt/virt-aa-helper {
|
||||||
|
/var/lib/libvirt/images/** r,
|
||||||
|
/{media,mnt,opt,srv}/** r,
|
||||||
|
# For virt-sandbox
|
||||||
|
- /run/libvirt/**/[sv]d[a-z] r
|
||||||
|
+ /{,var/}run/libvirt/**/[sv]d[a-z] r,
|
||||||
|
|
||||||
|
/**.img r,
|
||||||
|
/**.raw r,
|
||||||
|
--
|
||||||
|
2.15.1
|
||||||
|
|
@ -1,4 +1,17 @@
|
|||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
|
Wed Jan 3 10:46:26 UTC 2018 - cbosdonnat@suse.com
|
||||||
|
|
||||||
|
- Fix apparmor rules for virt-aa-helper (bsc#1074265)
|
||||||
|
fix-virt-aa-helper-profile.patch
|
||||||
|
- Update upstreamed patches
|
||||||
|
Removed patches:
|
||||||
|
* daemon-close-crasher.patch
|
||||||
|
* lxc-hostname.patch
|
||||||
|
Added patches:
|
||||||
|
* 2089ab21-netserver-close-clients-before-stopping-all-drivers.patch
|
||||||
|
* b475a91b-add-virStringFilterChars-string-utility.patch
|
||||||
|
* faec1958-lxc-set-hostname-based-on-container-name.patch
|
||||||
|
-------------------------------------------------------------------
|
||||||
Wed Dec 20 16:58:50 UTC 2017 - cbosdonnat@suse.com
|
Wed Dec 20 16:58:50 UTC 2017 - cbosdonnat@suse.com
|
||||||
|
|
||||||
- Close clients before drivers are cleaned up to avoid crash at
|
- Close clients before drivers are cleaned up to avoid crash at
|
||||||
|
14
libvirt.spec
14
libvirt.spec
@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# spec file for package libvirt
|
# spec file for package libvirt
|
||||||
#
|
#
|
||||||
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
|
# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||||
#
|
#
|
||||||
# All modifications and additions to the file contributed by third parties
|
# All modifications and additions to the file contributed by third parties
|
||||||
# remain the property of their copyright owners, unless otherwise agreed
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
@ -312,9 +312,13 @@ Patch0: 2d07f1f0-fix-storage-crash.patch
|
|||||||
Patch1: 69ed99c7-dom0-persistent.patch
|
Patch1: 69ed99c7-dom0-persistent.patch
|
||||||
Patch2: 8599aedd-libvirt-guests-dom0-filter.patch
|
Patch2: 8599aedd-libvirt-guests-dom0-filter.patch
|
||||||
Patch3: 0f33025a-virt-aa-helper-handle-more-disk-images.patch
|
Patch3: 0f33025a-virt-aa-helper-handle-more-disk-images.patch
|
||||||
|
Patch4: b475a91b-add-virStringFilterChars-string-utility.patch
|
||||||
|
Patch5: faec1958-lxc-set-hostname-based-on-container-name.patch
|
||||||
|
Patch6: 2089ab21-netserver-close-clients-before-stopping-all-drivers.patch
|
||||||
# Patches pending upstream review
|
# Patches pending upstream review
|
||||||
Patch100: libxl-dom-reset.patch
|
Patch100: libxl-dom-reset.patch
|
||||||
Patch101: network-don-t-use-dhcp-authoritative-on-static-netwo.patch
|
Patch101: network-don-t-use-dhcp-authoritative-on-static-netwo.patch
|
||||||
|
Patch102: fix-virt-aa-helper-profile.patch
|
||||||
# Need to go upstream
|
# Need to go upstream
|
||||||
Patch150: xen-pv-cdrom.patch
|
Patch150: xen-pv-cdrom.patch
|
||||||
Patch151: blockcopy-check-dst-identical-device.patch
|
Patch151: blockcopy-check-dst-identical-device.patch
|
||||||
@ -322,8 +326,6 @@ Patch152: libvirt-power8-models.patch
|
|||||||
Patch153: ppc64le-canonical-name.patch
|
Patch153: ppc64le-canonical-name.patch
|
||||||
Patch154: libxl-set-migration-constraints.patch
|
Patch154: libxl-set-migration-constraints.patch
|
||||||
Patch155: libxl-set-cach-mode.patch
|
Patch155: libxl-set-cach-mode.patch
|
||||||
Patch156: lxc-hostname.patch
|
|
||||||
Patch157: daemon-close-crasher.patch
|
|
||||||
# Our patches
|
# Our patches
|
||||||
Patch200: suse-libvirtd-disable-tls.patch
|
Patch200: suse-libvirtd-disable-tls.patch
|
||||||
Patch201: suse-libvirtd-sysconfig-settings.patch
|
Patch201: suse-libvirtd-sysconfig-settings.patch
|
||||||
@ -893,16 +895,18 @@ libvirt plugin for NSS for translating domain names into IP addresses.
|
|||||||
%patch1 -p1
|
%patch1 -p1
|
||||||
%patch2 -p1
|
%patch2 -p1
|
||||||
%patch3 -p1
|
%patch3 -p1
|
||||||
|
%patch4 -p1
|
||||||
|
%patch5 -p1
|
||||||
|
%patch6 -p1
|
||||||
%patch100 -p1
|
%patch100 -p1
|
||||||
%patch101 -p1
|
%patch101 -p1
|
||||||
|
%patch102 -p1
|
||||||
%patch150 -p1
|
%patch150 -p1
|
||||||
%patch151 -p1
|
%patch151 -p1
|
||||||
%patch152 -p1
|
%patch152 -p1
|
||||||
%patch153 -p1
|
%patch153 -p1
|
||||||
%patch154 -p1
|
%patch154 -p1
|
||||||
%patch155 -p1
|
%patch155 -p1
|
||||||
%patch156 -p1
|
|
||||||
%patch157 -p1
|
|
||||||
%patch200 -p1
|
%patch200 -p1
|
||||||
%patch201 -p1
|
%patch201 -p1
|
||||||
%patch202 -p1
|
%patch202 -p1
|
||||||
|
Loading…
Reference in New Issue
Block a user