From 58225ed584d98fc824e33fd5f28ef6a619fe7255800185685c948e0f10bc3a54 Mon Sep 17 00:00:00 2001 From: James Fehlig Date: Wed, 18 Jan 2012 23:03:47 +0000 Subject: [PATCH 1/9] - Enable libvirt integration with sanlock OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=190 --- libvirt.changes | 5 +++++ libvirt.spec | 14 ++++++++++---- 2 files changed, 15 insertions(+), 4 deletions(-) diff --git a/libvirt.changes b/libvirt.changes index dbb2a95..e496c71 100644 --- a/libvirt.changes +++ b/libvirt.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Wed Jan 18 15:58:57 MST 2012 - jfehlig@suse.com + +- Enable libvirt integration with sanlock + ------------------------------------------------------------------- Wed Jan 11 09:32:28 MST 2012 - jfehlig@suse.com diff --git a/libvirt.spec b/libvirt.spec index 424236d..663c3ac 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -156,6 +156,11 @@ %define with_systemd 0%{!?_without_systemd:1} %endif +# Enable sanlock on openSUSE > 12.1 +%if 0%{?suse_version} > 1210 +%define with_sanlock 0%{!?_without_sanlock:%{server_drivers}} +%endif + # Disable some drivers when building without libvirt daemon. # The logic is the same as in configure.ac %if ! %{with_libvirtd} @@ -983,15 +988,16 @@ fi %files lock-sanlock %defattr(-, root, root) +%doc %{_mandir}/man8/virt-sanlock-cleanup.8* %if %{with_qemu} -%config(noreplace) %{_sysconfdir}/libvirt/qemu-sanlock.conf +%config(noreplace) %{_sysconfdir}/%{name}/qemu-sanlock.conf %endif -%attr(0755, root, root) %{_libdir}/libvirt/lock-driver/sanlock.so +%dir %{_libdir}/%{name}/lock-driver/ +%attr(0755, root, root) %{_libdir}/%{name}/lock-driver/sanlock.so %{_datadir}/augeas/lenses/libvirt_sanlock.aug %{_datadir}/augeas/lenses/tests/test_libvirt_sanlock.aug -%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/sanlock +%dir %attr(0700, root, root) %{_localstatedir}/lib/%{name}/sanlock %{_sbindir}/virt-sanlock-cleanup -%{_mandir}/man8/virt-sanlock-cleanup.8* %endif %if %{with_python} From 460b02d301216b444dcb29c8fd64403416f60c17a4d3c95e9b639abfeccfe8f1 Mon Sep 17 00:00:00 2001 From: James Fehlig Date: Thu, 19 Jan 2012 23:02:47 +0000 Subject: [PATCH 2/9] spec file cleanup OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=193 --- libvirt.spec | 44 +++++++++++++++++++++----------------------- 1 file changed, 21 insertions(+), 23 deletions(-) diff --git a/libvirt.spec b/libvirt.spec index 663c3ac..2493a66 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -15,8 +15,6 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # -# norootforbuild - # For now, default to a full server + client build %define client_only 0 @@ -198,20 +196,21 @@ %define _fwdefdir /etc/sysconfig/SuSEfirewall2.d/services -BuildRequires: python-devel -BuildRequires: libxml2-devel -BuildRequires: xhtml-dtd -BuildRequires: libxslt -BuildRequires: readline-devel -BuildRequires: ncurses-devel -BuildRequires: gettext -BuildRequires: libtasn1-devel -BuildRequires: libgnutls-devel -BuildRequires: libgcrypt-devel BuildRequires: bridge-utils BuildRequires: fdupes -BuildRequires: libtool pkg-config +BuildRequires: gettext +BuildRequires: libgcrypt-devel +BuildRequires: libgnutls-devel +BuildRequires: libtasn1-devel +BuildRequires: libtool +BuildRequires: libxml2-devel +BuildRequires: libxslt +BuildRequires: ncurses-devel +BuildRequires: pkg-config +BuildRequires: python-devel BuildRequires: python-xml +BuildRequires: readline-devel +BuildRequires: xhtml-dtd # Only for directory ownership: BuildRequires: gtk-doc %if %{with_xen} || %{with_libxl} @@ -326,12 +325,11 @@ BuildRequires: systemd Name: libvirt Url: http://libvirt.org/ +Version: 0.9.9 +Release: 0 +Summary: A C toolkit to interact with the virtualization capabilities of Linux License: LGPL-2.1+ Group: Development/Libraries/C and C++ -AutoReqProv: yes -Version: 0.9.9 -Release: 1 -Summary: A C toolkit to interact with the virtualization capabilities of Linux Conflicts: kvm < 0.14.1 # The client side, i.e. shared libs and virsh are in a subpackage @@ -438,7 +436,6 @@ Authors: Karel Zak %package client -License: LGPL-2.1+ Summary: Client side library and utilities of the libvirt library Group: Development/Libraries/C and C++ Requires: readline @@ -465,7 +462,6 @@ Authors: Karel Zak %package devel -License: LGPL-2.1+ Summary: A C toolkit to interact with the virtualization capabilities of Linux Group: Development/Libraries/C and C++ Requires: %{name}-client = %{version}-%{release} libxml2-devel @@ -487,7 +483,6 @@ Authors: Karel Zak %package doc -License: LGPL-2.1+ Summary: A C toolkit to interact with the virtualization capabilities of Linux Group: Development/Libraries/C and C++ Requires: %{name}-client = %{version}-%{release} @@ -507,7 +502,6 @@ Authors: %if %{with_sanlock} %package lock-sanlock -License: LGPL-2.1+ Summary: Sanlock lock manager plugin for QEMU driver Group: Development/Libraries/C and C++ Requires: sanlock >= 1.8 @@ -522,7 +516,6 @@ Includes the Sanlock lock manager plugin for the QEMU driver %if %{with_python} %package python -License: LGPL-2.1+ Summary: A C toolkit to interact with the virtualization capabilities of Linux Group: Development/Libraries/C and C++ Requires: %{name}-client = %{version}-%{release} @@ -729,13 +722,18 @@ make V=1 %{?jobs:-j%jobs} DOCS_DIR=%{_docdir}/%{name}-python EXAMPLE_DIR=%{_docd %makeinstall SYSTEMD_UNIT_DIR=%{_unitdir} DOCS_DIR=%{_docdir}/%{name}-python EXAMPLE_DIR=%{_docdir}/%{name}-python/examples HTML_DIR=%{_docdir}/%{name} cp -a AUTHORS ChangeLog COPYING NEWS README TODO $RPM_BUILD_ROOT%{_docdir}/%{name}/ cd docs ; cp -a *.html $RPM_BUILD_ROOT%{_docdir}/%{name} ; cp -a *.png $RPM_BUILD_ROOT%{_docdir}/%{name} ; cd .. +rm -f $RPM_BUILD_ROOT%{_libdir}/*.la +rm -f $RPM_BUILD_ROOT%{_libdir}/*.a +rm -f $RPM_BUILD_ROOT%{py_sitedir}/*.la +rm -f $RPM_BUILD_ROOT%{py_sitedir}/*.a +rm -f $RPM_BUILD_ROOT%{_libdir}/%{name}/lock-driver/*.la +rm -f $RPM_BUILD_ROOT%{_libdir}/%{name}/lock-driver/*.a # remove currently unsupported locale(s) rm -rf $RPM_BUILD_ROOT/usr/share/locale/sr@latin %if 0%{?suse_version} < 1130 rm -rf $RPM_BUILD_ROOT/usr/share/locale/vi_VN %endif mkdir -p $RPM_BUILD_ROOT/%{_localstatedir}/lib/libvirt -rm $RPM_BUILD_ROOT%{_libdir}/*.*a $RPM_BUILD_ROOT%{py_sitedir}/*.*a %find_lang %{name} %if %{with_network} install -d -m 0755 $RPM_BUILD_ROOT%{_localstatedir}/lib/libvirt/dnsmasq/ From cac6daf6b823d51dc42e774f998a9e80575b589f9eca902d32d62a365fb8ab56 Mon Sep 17 00:00:00 2001 From: James Fehlig Date: Tue, 24 Jan 2012 21:28:41 +0000 Subject: [PATCH 3/9] - Fix %files after enabling sanlock support OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=194 --- libvirt.changes | 5 +++++ libvirt.spec | 14 +++++++++++++- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/libvirt.changes b/libvirt.changes index e496c71..b0276dd 100644 --- a/libvirt.changes +++ b/libvirt.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Tue Jan 24 14:26:47 MST 2012 - jfehlig@suse.com + +- Fix %files after enabling sanlock support + ------------------------------------------------------------------- Wed Jan 18 15:58:57 MST 2012 - jfehlig@suse.com diff --git a/libvirt.spec b/libvirt.spec index 2493a66..af24e6c 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -15,6 +15,7 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # + # For now, default to a full server + client build %define client_only 0 @@ -866,6 +867,11 @@ fi %endif %config(noreplace) %{_sysconfdir}/libvirt/libvirtd.conf %config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd +%dir %{_datadir}/augeas/ +%dir %{_datadir}/augeas/lenses +%dir %{_datadir}/augeas/lenses/tests +%{_datadir}/augeas/lenses/libvirtd.aug +%{_datadir}/augeas/lenses/tests/test_libvirtd.aug %if %{with_dtrace} %{_datadir}/systemtap/tapset/libvirt_probes.stp %{_datadir}/systemtap/tapset/libvirt_functions.stp @@ -882,13 +888,14 @@ fi %{_datadir}/PolicyKit/policy/org.libvirt.unix.policy %endif %endif -%{_datadir}/augeas %if %{with_qemu} %config(noreplace) %{_sysconfdir}/libvirt/qemu.conf %config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd.qemu %dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/ %dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/cache/libvirt/qemu/ %dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/qemu/ +%{_datadir}/augeas/lenses/libvirtd_qemu.aug +%{_datadir}/augeas/lenses/tests/test_libvirtd_qemu.aug %endif %if %{with_lxc} %config(noreplace) %{_sysconfdir}/libvirt/lxc.conf @@ -896,6 +903,8 @@ fi %dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/lxc/ %dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/lxc/ %attr(0755, root, root) %{_libdir}/%{name}/libvirt_lxc +%{_datadir}/augeas/lenses/libvirtd_lxc.aug +%{_datadir}/augeas/lenses/tests/test_libvirtd_lxc.aug %endif %if %{with_uml} %config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd.uml @@ -992,6 +1001,9 @@ fi %endif %dir %{_libdir}/%{name}/lock-driver/ %attr(0755, root, root) %{_libdir}/%{name}/lock-driver/sanlock.so +%dir %{_datadir}/augeas/ +%dir %{_datadir}/augeas/lenses +%dir %{_datadir}/augeas/lenses/tests %{_datadir}/augeas/lenses/libvirt_sanlock.aug %{_datadir}/augeas/lenses/tests/test_libvirt_sanlock.aug %dir %attr(0700, root, root) %{_localstatedir}/lib/%{name}/sanlock From b4b10fd1885e12a342231c2346597649757caf3694c49424323308f626fdeabe Mon Sep 17 00:00:00 2001 From: James Fehlig Date: Wed, 25 Jan 2012 21:42:04 +0000 Subject: [PATCH 4/9] - Fix init script packaging after enabling systemd support OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=195 --- libvirt.changes | 5 +++++ libvirt.spec | 9 +++------ 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/libvirt.changes b/libvirt.changes index b0276dd..da60b02 100644 --- a/libvirt.changes +++ b/libvirt.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Wed Jan 25 14:40:32 MST 2012 - jfehlig@suse.com + +- Fix init script packaging after enabling systemd support + ------------------------------------------------------------------- Tue Jan 24 14:26:47 MST 2012 - jfehlig@suse.com diff --git a/libvirt.spec b/libvirt.spec index af24e6c..4ac276a 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -807,7 +807,7 @@ fi %endif %if %{with_systemd} %service_add_post libvirtd.service libvirt-guests.service -%else +%endif %if 0%{?sles_version} %{fillup_and_insserv -y libvirtd} %else # ! sles @@ -815,15 +815,13 @@ fi %endif %{fillup_only -n libvirt-guests} %endif -%endif %preun %if %{with_libvirtd} %if %{with_systemd} %service_del_preun libvirtd.service libvirt-guests.service -%else -%stop_on_removal libvirtd %endif +%stop_on_removal libvirtd %endif %postun @@ -831,9 +829,8 @@ fi %if %{with_libvirtd} %if %{with_systemd} %service_del_postun libvirtd.service libvirt-guests.service -%else -%restart_on_update libvirtd %endif +%restart_on_update libvirtd %endif %insserv_cleanup From afbe7ed7f9397c9cabf682321b4a21903c2953eb12d33886e8a15e1a05c191b5 Mon Sep 17 00:00:00 2001 From: James Fehlig Date: Wed, 8 Feb 2012 18:38:09 +0000 Subject: [PATCH 5/9] - Fix libvirtd apparmor profile to work with libxenlight toolstack Updated install-apparmor-profiles.patch bnc#745890 OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=196 --- install-apparmor-profiles.patch | 5 ++++- libvirt.changes | 7 +++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/install-apparmor-profiles.patch b/install-apparmor-profiles.patch index 0591162..00602df 100644 --- a/install-apparmor-profiles.patch +++ b/install-apparmor-profiles.patch @@ -196,7 +196,7 @@ Index: libvirt-0.9.9/examples/apparmor/usr.sbin.libvirtd.in =================================================================== --- /dev/null +++ libvirt-0.9.9/examples/apparmor/usr.sbin.libvirtd.in -@@ -0,0 +1,54 @@ +@@ -0,0 +1,57 @@ +# Last Modified: Fri Aug 19 11:20:36 2011 +#include +@{LIBVIRT}="libvirt" @@ -221,6 +221,7 @@ Index: libvirt-0.9.9/examples/apparmor/usr.sbin.libvirtd.in + capability setpcap, + capability mknod, + capability fsetid, ++ capability ipc_lock, + + network inet stream, + network inet dgram, @@ -235,6 +236,8 @@ Index: libvirt-0.9.9/examples/apparmor/usr.sbin.libvirtd.in + /sbin/* Ux, + /usr/bin/* Ux, + /usr/sbin/* Ux, ++ /usr/lib/xen/bin/qemu-dm Ux, ++ /usr/lib/PolicyKit/polkit-read-auth-helper Px, + + # force the use of virt-aa-helper + audit deny /sbin/apparmor_parser rwxl, diff --git a/libvirt.changes b/libvirt.changes index da60b02..2e03a2d 100644 --- a/libvirt.changes +++ b/libvirt.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Wed Feb 8 11:12:28 MST 2012 - jfehlig@suse.com + +- Fix libvirtd apparmor profile to work with libxenlight toolstack + Updated install-apparmor-profiles.patch + bnc#745890 + ------------------------------------------------------------------- Wed Jan 25 14:40:32 MST 2012 - jfehlig@suse.com From cde45b0d9569eddcb1ea31caacc1f3c8c88d52db9e3ea96f72404af7658680a5 Mon Sep 17 00:00:00 2001 From: James Fehlig Date: Wed, 15 Feb 2012 19:01:07 +0000 Subject: [PATCH 6/9] - Update to libvirt 0.9.10 - Add support for sVirt in the LXC driver - Add new API virDomainBlockRebase - Add api to set and get domain metadata - virDomainGetDiskErrors public API - Add rawio attribute to disk element of domain XML - Introduce virDomainPMSuspendForDuration API - Add virStorageVolResize() API - Add a virt-host-validate command to sanity check HV config - Add new virDomainShutdownFlags API - QEMU guest agent support OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=197 --- 9ae4ac7a-PolicyKit.patch | 79 -------------------------------- AF_PACKET.patch | 32 ++++++------- a06fab95-polkit0.patch | 56 ++++++++++++++++++++++ clone.patch | 8 ++-- install-apparmor-profiles.patch | 28 +++++------ libvirt-0.9.10.tar.bz2 | 3 ++ libvirt-0.9.9.tar.bz2 | 3 -- libvirt-suse-netcontrol.patch | 46 +++++++++---------- libvirt.changes | 15 ++++++ libvirt.spec | 14 ++++-- libvirtd-defaults.patch | 12 ++--- relax-qemu-usergroup-check.patch | 10 ++-- suse-qemu-conf.patch | 10 ++-- use-init-script-redhat.patch | 32 ++++++------- xen-name-for-devid.patch | 6 +-- xen-pv-cdrom.patch | 10 ++-- 16 files changed, 182 insertions(+), 182 deletions(-) delete mode 100644 9ae4ac7a-PolicyKit.patch create mode 100644 a06fab95-polkit0.patch create mode 100644 libvirt-0.9.10.tar.bz2 delete mode 100644 libvirt-0.9.9.tar.bz2 diff --git a/9ae4ac7a-PolicyKit.patch b/9ae4ac7a-PolicyKit.patch deleted file mode 100644 index b01b09a..0000000 --- a/9ae4ac7a-PolicyKit.patch +++ /dev/null @@ -1,79 +0,0 @@ -commit 9ae4ac7ac07d872cd32d0a3a1b1b44730b04bda7 -Author: Jim Fehlig -Date: Tue Jan 3 11:35:06 2012 -0700 - - PolicyKit: Check auth before asking client to obtain it - - I previously mentioned [1] a PolicyKit issue where libvirt would - proceed with authentication even though polkit-auth failed: - - testusr xen134:~> virsh list --all - Attempting to obtain authorization for org.libvirt.unix.manage. - polkit-grant-helper: given auth type (8 -> yes) is bogus - Failed to obtain authorization for org.libvirt.unix.manage. - Id Name State - ---------------------------------- - 0 Domain-0 running - - sles11sp1-pv shut off - - AFAICT, libvirt attempts to obtain a privilege it already has, - causing polkit-auth to fail with above message. Instead of calling - obtain and then checking auth, IMO the workflow should be for the - server to check auth first, and if that fails ask the client to - obtain it and check again. This workflow also allows for checking - only successful exit of polkit-auth in virConnectAuthGainPolkit(). - - [1] https://www.redhat.com/archives/libvir-list/2011-December/msg00837.html - -Index: libvirt-0.9.9/src/libvirt.c -=================================================================== ---- libvirt-0.9.9.orig/src/libvirt.c -+++ libvirt-0.9.9/src/libvirt.c -@@ -119,7 +119,7 @@ static int virConnectAuthGainPolkit(cons - - cmd = virCommandNewArgList(POLKIT_AUTH, "--obtain", privilege, NULL); - if (virCommandRun(cmd, &status) < 0 || -- status > 1) -+ status > 0) - goto cleanup; - - ret = 0; -Index: libvirt-0.9.9/src/remote/remote_driver.c -=================================================================== ---- libvirt-0.9.9.orig/src/remote/remote_driver.c -+++ libvirt-0.9.9/src/remote/remote_driver.c -@@ -3121,6 +3121,14 @@ remoteAuthPolkit (virConnectPtr conn, st - }; - VIR_DEBUG("Client initialize PolicyKit-0 authentication"); - -+ /* Check auth first and if it succeeds we are done. */ -+ memset (&ret, 0, sizeof ret); -+ if (call (conn, priv, 0, REMOTE_PROC_AUTH_POLKIT, -+ (xdrproc_t) xdr_void, (char *)NULL, -+ (xdrproc_t) xdr_remote_auth_polkit_ret, (char *) &ret) == 0) -+ goto out; -+ -+ /* Auth failed. Ask client to obtain it and check again. */ - if (auth && auth->cb) { - /* Check if the necessary credential type for PolicyKit is supported */ - for (i = 0 ; i < auth->ncredtype ; i++) { -@@ -3138,9 +3146,11 @@ remoteAuthPolkit (virConnectPtr conn, st - } - } else { - VIR_DEBUG("Client auth callback does not support PolicyKit"); -+ return -1; - } - } else { - VIR_DEBUG("No auth callback provided"); -+ return -1; - } - - memset (&ret, 0, sizeof ret); -@@ -3150,6 +3160,7 @@ remoteAuthPolkit (virConnectPtr conn, st - return -1; /* virError already set by call */ - } - -+out: - VIR_DEBUG("PolicyKit-0 authentication complete"); - return 0; - } diff --git a/AF_PACKET.patch b/AF_PACKET.patch index ec87945..323983d 100644 --- a/AF_PACKET.patch +++ b/AF_PACKET.patch @@ -1,20 +1,20 @@ -Index: libvirt-0.9.9/src/util/virnetdev.c +Index: libvirt-0.9.10/src/util/virnetdev.c =================================================================== ---- libvirt-0.9.9.orig/src/util/virnetdev.c -+++ libvirt-0.9.9/src/util/virnetdev.c -@@ -84,7 +84,7 @@ static int virNetDevSetupControlFull(con - static int virNetDevSetupControl(const char *ifname, - struct ifreq *ifr) - { -- return virNetDevSetupControlFull(ifname, ifr, AF_PACKET, SOCK_DGRAM); -+ return virNetDevSetupControlFull(ifname, ifr, AF_INET, SOCK_STREAM); - } - #endif - -Index: libvirt-0.9.9/src/util/virnetdevbridge.c -=================================================================== ---- libvirt-0.9.9.orig/src/util/virnetdevbridge.c -+++ libvirt-0.9.9/src/util/virnetdevbridge.c +--- libvirt-0.9.10.orig/src/util/virnetdev.c ++++ libvirt-0.9.10/src/util/virnetdev.c +@@ -85,7 +85,7 @@ static int virNetDevSetupControlFull(con + static int virNetDevSetupControl(const char *ifname, + struct ifreq *ifr) + { +- return virNetDevSetupControlFull(ifname, ifr, AF_PACKET, SOCK_DGRAM); ++ return virNetDevSetupControlFull(ifname, ifr, AF_INET, SOCK_STREAM); + } + #endif + +Index: libvirt-0.9.10/src/util/virnetdevbridge.c +=================================================================== +--- libvirt-0.9.10.orig/src/util/virnetdevbridge.c ++++ libvirt-0.9.10/src/util/virnetdevbridge.c @@ -84,7 +84,7 @@ static int virNetDevSetupControlFull(con static int virNetDevSetupControl(const char *ifname, struct ifreq *ifr) diff --git a/a06fab95-polkit0.patch b/a06fab95-polkit0.patch new file mode 100644 index 0000000..2a00446 --- /dev/null +++ b/a06fab95-polkit0.patch @@ -0,0 +1,56 @@ +From a06fab953f99e778883618dd0aeaef8da5d5b32a Mon Sep 17 00:00:00 2001 +From: Jim Fehlig +Date: Wed, 15 Feb 2012 10:01:50 -0700 +Subject: [PATCH] Fix polkit0 authentication + +Commit 7033c5f2 introduced some bugs in polkit0 authentication. + +Fix libvirtd segfault in remoteDispatchAuthPolkit(). + +Fix polkit authentication bypass when caller UID = 0. +--- + daemon/remote.c | 20 +++++++++----------- + 1 files changed, 9 insertions(+), 11 deletions(-) + +diff --git a/daemon/remote.c b/daemon/remote.c +index 1cea942..a57656c 100644 +--- a/daemon/remote.c ++++ b/daemon/remote.c +@@ -2052,16 +2052,16 @@ remoteDispatchAuthList(virNetServerPtr server ATTRIBUTE_UNUSED, + } else if (callerUid == 0) { + char *ident; + if (virAsprintf(&ident, "pid:%lld,uid:%d", +- (long long) callerPid, callerUid) == 0) { +- VIR_INFO("Bypass polkit auth for privileged client %s", +- ident); +- if (virNetServerClientSetIdentity(client, ident) < 0) +- virResetLastError(); +- else +- auth = VIR_NET_SERVER_SERVICE_AUTH_NONE; +- VIR_FREE(ident); ++ (long long) callerPid, callerUid) < 0) { ++ virReportOOMError(); ++ goto cleanup; + } +- rv = -1; ++ VIR_INFO("Bypass polkit auth for privileged client %s", ident); ++ if (virNetServerClientSetIdentity(client, ident) < 0) ++ virResetLastError(); ++ else ++ auth = VIR_NET_SERVER_SERVICE_AUTH_NONE; ++ VIR_FREE(ident); + } + } + +@@ -2593,8 +2593,6 @@ remoteDispatchAuthPolkit(virNetServerPtr server, + struct daemonClientPrivate *priv = + virNetServerClientGetPrivateData(client); + +- memset(ident, 0, sizeof ident); +- + virMutexLock(&priv->lock); + + action = virNetServerClientGetReadonly(client) ? +-- +1.7.7 + diff --git a/clone.patch b/clone.patch index cc4e2f2..c81598c 100644 --- a/clone.patch +++ b/clone.patch @@ -2,7 +2,7 @@ Index: src/lxc/lxc_container.c =================================================================== --- src/lxc/lxc_container.c.orig +++ src/lxc/lxc_container.c -@@ -1345,6 +1345,9 @@ int lxcContainerStart(virDomainDefPtr de +@@ -1439,6 +1439,9 @@ int lxcContainerStart(virDomainDefPtr de ttyPaths, nttyPaths, handshakefd}; /* allocate a stack for the container */ @@ -12,7 +12,7 @@ Index: src/lxc/lxc_container.c if (VIR_ALLOC_N(stack, stacksize) < 0) { virReportOOMError(); return -1; -@@ -1363,7 +1366,11 @@ int lxcContainerStart(virDomainDefPtr de +@@ -1457,7 +1460,11 @@ int lxcContainerStart(virDomainDefPtr de cflags |= CLONE_NEWNET; } @@ -24,7 +24,7 @@ Index: src/lxc/lxc_container.c VIR_FREE(stack); VIR_DEBUG("clone() completed, new container PID is %d", pid); -@@ -1389,6 +1396,7 @@ int lxcContainerAvailable(int features) +@@ -1483,6 +1490,7 @@ int lxcContainerAvailable(int features) int cpid; char *childStack; char *stack; @@ -32,7 +32,7 @@ Index: src/lxc/lxc_container.c if (features & LXC_CONTAINER_FEATURE_USER) flags |= CLONE_NEWUSER; -@@ -1396,14 +1404,21 @@ int lxcContainerAvailable(int features) +@@ -1490,14 +1498,21 @@ int lxcContainerAvailable(int features) if (features & LXC_CONTAINER_FEATURE_NET) flags |= CLONE_NEWNET; diff --git a/install-apparmor-profiles.patch b/install-apparmor-profiles.patch index 00602df..bb4d87f 100644 --- a/install-apparmor-profiles.patch +++ b/install-apparmor-profiles.patch @@ -1,7 +1,7 @@ -Index: libvirt-0.9.9/examples/apparmor/Makefile.am +Index: libvirt-0.9.10/examples/apparmor/Makefile.am =================================================================== ---- libvirt-0.9.9.orig/examples/apparmor/Makefile.am -+++ libvirt-0.9.9/examples/apparmor/Makefile.am +--- libvirt-0.9.10.orig/examples/apparmor/Makefile.am ++++ libvirt-0.9.10/examples/apparmor/Makefile.am @@ -1,8 +1,39 @@ ## Copyright (C) 2005-2011 Red Hat, Inc. ## See COPYING.LIB for the License of this software @@ -47,10 +47,10 @@ Index: libvirt-0.9.9/examples/apparmor/Makefile.am + rm -f $(DESTDIR)$(sysconfdir)/apparmor.d/libvirt/TEMPLATE + +endif -Index: libvirt-0.9.9/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in +Index: libvirt-0.9.10/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in =================================================================== --- /dev/null -+++ libvirt-0.9.9/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in ++++ libvirt-0.9.10/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in @@ -0,0 +1,40 @@ +# Last Modified: Fri Aug 19 11:21:48 2011 +#include @@ -92,9 +92,9 @@ Index: libvirt-0.9.9/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in + /var/lib/kvm/images/ r, + /var/lib/kvm/images/** r, +} -Index: libvirt-0.9.9/examples/apparmor/usr.lib.libvirt.virt-aa-helper +Index: libvirt-0.9.10/examples/apparmor/usr.lib.libvirt.virt-aa-helper =================================================================== ---- libvirt-0.9.9.orig/examples/apparmor/usr.lib.libvirt.virt-aa-helper +--- libvirt-0.9.10.orig/examples/apparmor/usr.lib.libvirt.virt-aa-helper +++ /dev/null @@ -1,38 +0,0 @@ -# Last Modified: Mon Apr 5 15:10:27 2010 @@ -135,9 +135,9 @@ Index: libvirt-0.9.9/examples/apparmor/usr.lib.libvirt.virt-aa-helper - /var/lib/libvirt/images/ r, - /var/lib/libvirt/images/** r, -} -Index: libvirt-0.9.9/examples/apparmor/usr.sbin.libvirtd +Index: libvirt-0.9.10/examples/apparmor/usr.sbin.libvirtd =================================================================== ---- libvirt-0.9.9.orig/examples/apparmor/usr.sbin.libvirtd +--- libvirt-0.9.10.orig/examples/apparmor/usr.sbin.libvirtd +++ /dev/null @@ -1,52 +0,0 @@ -# Last Modified: Mon Apr 5 15:03:58 2010 @@ -192,10 +192,10 @@ Index: libvirt-0.9.9/examples/apparmor/usr.sbin.libvirtd - change_profile -> @{LIBVIRT}-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*, - -} -Index: libvirt-0.9.9/examples/apparmor/usr.sbin.libvirtd.in +Index: libvirt-0.9.10/examples/apparmor/usr.sbin.libvirtd.in =================================================================== --- /dev/null -+++ libvirt-0.9.9/examples/apparmor/usr.sbin.libvirtd.in ++++ libvirt-0.9.10/examples/apparmor/usr.sbin.libvirtd.in @@ -0,0 +1,57 @@ +# Last Modified: Fri Aug 19 11:20:36 2011 +#include @@ -254,10 +254,10 @@ Index: libvirt-0.9.9/examples/apparmor/usr.sbin.libvirtd.in + change_profile -> @{LIBVIRT}-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*, + +} -Index: libvirt-0.9.9/examples/apparmor/libvirt-qemu +Index: libvirt-0.9.10/examples/apparmor/libvirt-qemu =================================================================== ---- libvirt-0.9.9.orig/examples/apparmor/libvirt-qemu -+++ libvirt-0.9.9/examples/apparmor/libvirt-qemu +--- libvirt-0.9.10.orig/examples/apparmor/libvirt-qemu ++++ libvirt-0.9.10/examples/apparmor/libvirt-qemu @@ -52,6 +52,7 @@ # access to firmware's etc /usr/share/kvm/** r, diff --git a/libvirt-0.9.10.tar.bz2 b/libvirt-0.9.10.tar.bz2 new file mode 100644 index 0000000..2cedd35 --- /dev/null +++ b/libvirt-0.9.10.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:7c0b775b679afe373cc39a7b56f0d8f6faece3b85964e5ad906fbc7cff8a1798 +size 13393379 diff --git a/libvirt-0.9.9.tar.bz2 b/libvirt-0.9.9.tar.bz2 deleted file mode 100644 index 5b509b8..0000000 --- a/libvirt-0.9.9.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7de73cb8961b3cdecde265102abb55d8f9f1f81aceb6100cb10692721fba090f -size 13000699 diff --git a/libvirt-suse-netcontrol.patch b/libvirt-suse-netcontrol.patch index 77d26fc..a3ccecf 100644 --- a/libvirt-suse-netcontrol.patch +++ b/libvirt-suse-netcontrol.patch @@ -1,7 +1,7 @@ -Index: libvirt-0.9.9/configure.ac +Index: libvirt-0.9.10/configure.ac =================================================================== ---- libvirt-0.9.9.orig/configure.ac -+++ libvirt-0.9.9/configure.ac +--- libvirt-0.9.10.orig/configure.ac ++++ libvirt-0.9.10/configure.ac @@ -63,6 +63,7 @@ AVAHI_REQUIRED="0.6.0" POLKIT_REQUIRED="0.6" PARTED_REQUIRED="1.8.0" @@ -10,7 +10,7 @@ Index: libvirt-0.9.9/configure.ac UDEV_REQUIRED=145 PCIACCESS_REQUIRED=0.10.0 XMLRPC_REQUIRED=1.14.0 -@@ -1637,6 +1638,38 @@ AM_CONDITIONAL([WITH_NETCF], [test "$wit +@@ -1641,6 +1642,38 @@ AM_CONDITIONAL([WITH_NETCF], [test "$wit AC_SUBST([NETCF_CFLAGS]) AC_SUBST([NETCF_LIBS]) @@ -49,7 +49,7 @@ Index: libvirt-0.9.9/configure.ac AC_ARG_WITH([secrets], AC_HELP_STRING([--with-secrets], [with local secrets management driver @<:@default=yes@:>@]),[],[with_secrets=yes]) -@@ -2565,6 +2598,7 @@ AC_MSG_NOTICE([ Remote: $with_remote]) +@@ -2592,6 +2625,7 @@ AC_MSG_NOTICE([ Remote: $with_remote]) AC_MSG_NOTICE([ Network: $with_network]) AC_MSG_NOTICE([Libvirtd: $with_libvirtd]) AC_MSG_NOTICE([ netcf: $with_netcf]) @@ -57,7 +57,7 @@ Index: libvirt-0.9.9/configure.ac AC_MSG_NOTICE([ macvtap: $with_macvtap]) AC_MSG_NOTICE([virtport: $with_virtualport]) AC_MSG_NOTICE([]) -@@ -2696,6 +2730,11 @@ AC_MSG_NOTICE([ netcf: $NETCF_CFLAGS $ +@@ -2723,6 +2757,11 @@ AC_MSG_NOTICE([ netcf: $NETCF_CFLAGS $ else AC_MSG_NOTICE([ netcf: no]) fi @@ -69,10 +69,10 @@ Index: libvirt-0.9.9/configure.ac if test "$with_qemu" = "yes" && test "$LIBPCAP_FOUND" != "no"; then AC_MSG_NOTICE([ pcap: $LIBPCAP_CFLAGS $LIBPCAP_LIBS]) else -Index: libvirt-0.9.9/daemon/Makefile.am +Index: libvirt-0.9.10/daemon/Makefile.am =================================================================== ---- libvirt-0.9.9.orig/daemon/Makefile.am -+++ libvirt-0.9.9/daemon/Makefile.am +--- libvirt-0.9.10.orig/daemon/Makefile.am ++++ libvirt-0.9.10/daemon/Makefile.am @@ -143,6 +143,10 @@ endif if WITH_NETCF @@ -84,10 +84,10 @@ Index: libvirt-0.9.9/daemon/Makefile.am endif if WITH_NODE_DEVICES -Index: libvirt-0.9.9/daemon/libvirtd.c +Index: libvirt-0.9.10/daemon/libvirtd.c =================================================================== ---- libvirt-0.9.9.orig/daemon/libvirtd.c -+++ libvirt-0.9.9/daemon/libvirtd.c +--- libvirt-0.9.10.orig/daemon/libvirtd.c ++++ libvirt-0.9.10/daemon/libvirtd.c @@ -75,6 +75,10 @@ # endif # ifdef WITH_NETCF @@ -110,11 +110,11 @@ Index: libvirt-0.9.9/daemon/libvirtd.c # endif # ifdef WITH_STORAGE_DIR storageRegister(); -Index: libvirt-0.9.9/src/Makefile.am +Index: libvirt-0.9.10/src/Makefile.am =================================================================== ---- libvirt-0.9.9.orig/src/Makefile.am -+++ libvirt-0.9.9/src/Makefile.am -@@ -955,6 +955,24 @@ libvirt_driver_interface_la_LIBADD += .. +--- libvirt-0.9.10.orig/src/Makefile.am ++++ libvirt-0.9.10/src/Makefile.am +@@ -960,6 +960,24 @@ libvirt_driver_interface_la_LIBADD += .. libvirt_driver_interface_la_LDFLAGS += -module -avoid-version endif libvirt_driver_interface_la_SOURCES = $(INTERFACE_DRIVER_SOURCES) @@ -139,10 +139,10 @@ Index: libvirt-0.9.9/src/Makefile.am endif if WITH_SECRETS -Index: libvirt-0.9.9/src/interface/netcf_driver.c +Index: libvirt-0.9.10/src/interface/netcf_driver.c =================================================================== ---- libvirt-0.9.9.orig/src/interface/netcf_driver.c -+++ libvirt-0.9.9/src/interface/netcf_driver.c +--- libvirt-0.9.10.orig/src/interface/netcf_driver.c ++++ libvirt-0.9.10/src/interface/netcf_driver.c @@ -23,7 +23,13 @@ #include @@ -208,11 +208,11 @@ Index: libvirt-0.9.9/src/interface/netcf_driver.c /* open netcf */ if (ncf_init(&driverState->netcf, NULL) != 0) { -Index: libvirt-0.9.9/tools/virsh.c +Index: libvirt-0.9.10/tools/virsh.c =================================================================== ---- libvirt-0.9.9.orig/tools/virsh.c -+++ libvirt-0.9.9/tools/virsh.c -@@ -18328,6 +18328,10 @@ vshShowVersion(vshControl *ctl ATTRIBUTE +--- libvirt-0.9.10.orig/tools/virsh.c ++++ libvirt-0.9.10/tools/virsh.c +@@ -19067,6 +19067,10 @@ vshShowVersion(vshControl *ctl ATTRIBUTE #endif #ifdef WITH_NETCF vshPrint(ctl, " Netcf"); diff --git a/libvirt.changes b/libvirt.changes index 2e03a2d..6e6e841 100644 --- a/libvirt.changes +++ b/libvirt.changes @@ -1,3 +1,18 @@ +------------------------------------------------------------------- +Wed Feb 15 11:57:25 MST 2012 - jfehlig@suse.com + +- Update to libvirt 0.9.10 + - Add support for sVirt in the LXC driver + - Add new API virDomainBlockRebase + - Add api to set and get domain metadata + - virDomainGetDiskErrors public API + - Add rawio attribute to disk element of domain XML + - Introduce virDomainPMSuspendForDuration API + - Add virStorageVolResize() API + - Add a virt-host-validate command to sanity check HV config + - Add new virDomainShutdownFlags API + - QEMU guest agent support + ------------------------------------------------------------------- Wed Feb 8 11:12:28 MST 2012 - jfehlig@suse.com diff --git a/libvirt.spec b/libvirt.spec index 4ac276a..ae06df3 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -326,7 +326,7 @@ BuildRequires: systemd Name: libvirt Url: http://libvirt.org/ -Version: 0.9.9 +Version: 0.9.10 Release: 0 Summary: A C toolkit to interact with the virtualization capabilities of Linux License: LGPL-2.1+ @@ -390,8 +390,10 @@ Recommends: device-mapper # For multipath support Recommends: device-mapper %endif +#%ifarch i386 i586 i686 x86_64 ia64 # For virConnectGetSysinfo -Requires: dmidecode +#Requires: dmidecode +#%endif # For service management %if %{with_systemd} %{?systemd_requires} @@ -402,7 +404,7 @@ Source1: libvirtd.init Source2: libvirtd-relocation-server.fw Source99: baselibs.conf # Upstream patches -Patch0: 9ae4ac7a-PolicyKit.patch +Patch0: a06fab95-polkit0.patch # Need to go upstream Patch100: xen-name-for-devid.patch Patch101: clone.patch @@ -653,6 +655,9 @@ Authors: %if ! %{with_sasl} %define _without_sasl --without-sasl %endif +%if ! %{with_avahi} +%define _without_avahi --without-avahi +%endif %if ! %{with_python} %define _without_python --without-python %endif @@ -707,6 +712,7 @@ export CFLAGS="$RPM_OPT_FLAGS" %{?_without_dtrace} \ %{?_without_network} \ %{?_without_sasl} \ + %{?_without_avahi} \ %{?_without_python} \ %{?_without_libpcap} \ %{?_without_sanlock} \ @@ -938,10 +944,12 @@ fi %doc %{_mandir}/man1/virsh.1* %doc %{_mandir}/man1/virt-xml-validate.1* %doc %{_mandir}/man1/virt-pki-validate.1* +%doc %{_mandir}/man1/virt-host-validate.1* %config(noreplace) %{_sysconfdir}/libvirt/libvirt.conf %{_bindir}/virsh %{_bindir}/virt-xml-validate %{_bindir}/virt-pki-validate +%{_bindir}/virt-host-validate %dir %{_libdir}/%{name} %{_libdir}/lib*.so.* %{_localstatedir}/adm/fillup-templates/sysconfig.libvirt-guests diff --git a/libvirtd-defaults.patch b/libvirtd-defaults.patch index bd60cef..78ce3ab 100644 --- a/libvirtd-defaults.patch +++ b/libvirtd-defaults.patch @@ -1,7 +1,7 @@ -Index: libvirt-0.9.9/daemon/libvirtd.conf +Index: libvirt-0.9.10/daemon/libvirtd.conf =================================================================== ---- libvirt-0.9.9.orig/daemon/libvirtd.conf -+++ libvirt-0.9.9/daemon/libvirtd.conf +--- libvirt-0.9.10.orig/daemon/libvirtd.conf ++++ libvirt-0.9.10/daemon/libvirtd.conf @@ -18,8 +18,8 @@ # It is necessary to setup a CA and issue server certificates before # using this capability. @@ -28,10 +28,10 @@ Index: libvirt-0.9.9/daemon/libvirtd.conf # Override the default mDNS advertizement name. This must be # unique on the immediate broadcast network. -Index: libvirt-0.9.9/daemon/libvirtd.c +Index: libvirt-0.9.10/daemon/libvirtd.c =================================================================== ---- libvirt-0.9.9.orig/daemon/libvirtd.c -+++ libvirt-0.9.9/daemon/libvirtd.c +--- libvirt-0.9.10.orig/daemon/libvirtd.c ++++ libvirt-0.9.10/daemon/libvirtd.c @@ -871,7 +871,7 @@ daemonConfigNew(bool privileged ATTRIBUT return NULL; } diff --git a/relax-qemu-usergroup-check.patch b/relax-qemu-usergroup-check.patch index 69611c6..4ea7c3a 100644 --- a/relax-qemu-usergroup-check.patch +++ b/relax-qemu-usergroup-check.patch @@ -7,11 +7,11 @@ drivers as loadable modules instead of built-in to the daemon. Then the qemu driver would only be loaded when needed, which would never be the case on a xen-only configuration. -Index: libvirt-0.9.9/src/qemu/qemu_conf.c +Index: libvirt-0.9.10/src/qemu/qemu_conf.c =================================================================== ---- libvirt-0.9.9.orig/src/qemu/qemu_conf.c -+++ libvirt-0.9.9/src/qemu/qemu_conf.c -@@ -255,9 +255,7 @@ int qemudLoadDriverConfig(struct qemud_d +--- libvirt-0.9.10.orig/src/qemu/qemu_conf.c ++++ libvirt-0.9.10/src/qemu/qemu_conf.c +@@ -266,9 +266,7 @@ int qemudLoadDriverConfig(struct qemud_d return -1; } if (virGetUserID(user, &driver->user) < 0) { @@ -22,7 +22,7 @@ Index: libvirt-0.9.9/src/qemu/qemu_conf.c } VIR_FREE(user); -@@ -270,9 +268,7 @@ int qemudLoadDriverConfig(struct qemud_d +@@ -281,9 +279,7 @@ int qemudLoadDriverConfig(struct qemud_d return -1; } if (virGetGroupID(group, &driver->group) < 0) { diff --git a/suse-qemu-conf.patch b/suse-qemu-conf.patch index 5866e29..379ba31 100644 --- a/suse-qemu-conf.patch +++ b/suse-qemu-conf.patch @@ -1,7 +1,7 @@ -Index: libvirt-0.9.9/src/qemu/qemu.conf +Index: libvirt-0.9.10/src/qemu/qemu.conf =================================================================== ---- libvirt-0.9.9.orig/src/qemu/qemu.conf -+++ libvirt-0.9.9/src/qemu/qemu.conf +--- libvirt-0.9.10.orig/src/qemu/qemu.conf ++++ libvirt-0.9.10/src/qemu/qemu.conf @@ -136,7 +136,16 @@ # leaving SELinux enabled for the host in general, then set this # to 'none' instead. @@ -17,5 +17,5 @@ Index: libvirt-0.9.9/src/qemu/qemu.conf +# security_driver = "apparmor" +security_driver = "none" - - # The user ID for QEMU processes run by the system instance. + # If set to non-zero, then the default security labeling + # will make guests confined. If set to zero, then guests diff --git a/use-init-script-redhat.patch b/use-init-script-redhat.patch index 389eced..a4c6b03 100644 --- a/use-init-script-redhat.patch +++ b/use-init-script-redhat.patch @@ -1,8 +1,8 @@ -Index: libvirt-0.9.9/tools/Makefile.am +Index: libvirt-0.9.10/tools/Makefile.am =================================================================== ---- libvirt-0.9.9.orig/tools/Makefile.am -+++ libvirt-0.9.9/tools/Makefile.am -@@ -153,24 +153,22 @@ install-data-local: install-init install +--- libvirt-0.9.10.orig/tools/Makefile.am ++++ libvirt-0.9.10/tools/Makefile.am +@@ -182,24 +182,22 @@ install-data-local: install-init install uninstall-local: uninstall-init uninstall-systemd install-sysconfig: @@ -33,10 +33,10 @@ Index: libvirt-0.9.9/tools/Makefile.am if LIBVIRT_INIT_SCRIPT_RED_HAT -Index: libvirt-0.9.9/tools/libvirt-guests.sysconf +Index: libvirt-0.9.10/tools/libvirt-guests.sysconf =================================================================== ---- libvirt-0.9.9.orig/tools/libvirt-guests.sysconf -+++ libvirt-0.9.9/tools/libvirt-guests.sysconf +--- libvirt-0.9.10.orig/tools/libvirt-guests.sysconf ++++ libvirt-0.9.10/tools/libvirt-guests.sysconf @@ -1,18 +1,28 @@ +## Path: System/Virtualization/libvirt + @@ -87,10 +87,10 @@ Index: libvirt-0.9.9/tools/libvirt-guests.sysconf # If non-zero, try to bypass the file system cache when saving and # restoring guests, even though this may give slower operation for # some file systems. -Index: libvirt-0.9.9/tools/libvirt-guests.init.sh +Index: libvirt-0.9.10/tools/libvirt-guests.init.sh =================================================================== ---- libvirt-0.9.9.orig/tools/libvirt-guests.init.sh -+++ libvirt-0.9.9/tools/libvirt-guests.init.sh +--- libvirt-0.9.10.orig/tools/libvirt-guests.init.sh ++++ libvirt-0.9.10/tools/libvirt-guests.init.sh @@ -4,10 +4,10 @@ # ### BEGIN INIT INFO @@ -233,10 +233,10 @@ Index: libvirt-0.9.9/tools/libvirt-guests.init.sh esac -exit $RETVAL +rc_exit -Index: libvirt-0.9.9/daemon/Makefile.am +Index: libvirt-0.9.10/daemon/Makefile.am =================================================================== ---- libvirt-0.9.9.orig/daemon/Makefile.am -+++ libvirt-0.9.9/daemon/Makefile.am +--- libvirt-0.9.10.orig/daemon/Makefile.am ++++ libvirt-0.9.10/daemon/Makefile.am @@ -249,34 +249,23 @@ uninstall-logrotate: rmdir $(DESTDIR)$(sysconfdir)/logrotate.d || : @@ -275,10 +275,10 @@ Index: libvirt-0.9.9/daemon/Makefile.am else install-init-redhat: uninstall-init-redhat: -Index: libvirt-0.9.9/daemon/libvirtd.sysconf +Index: libvirt-0.9.10/daemon/libvirtd.sysconf =================================================================== ---- libvirt-0.9.9.orig/daemon/libvirtd.sysconf -+++ libvirt-0.9.9/daemon/libvirtd.sysconf +--- libvirt-0.9.10.orig/daemon/libvirtd.sysconf ++++ libvirt-0.9.10/daemon/libvirtd.sysconf @@ -1,16 +1,25 @@ +## Path: System/Virtualization/libvirt + diff --git a/xen-name-for-devid.patch b/xen-name-for-devid.patch index 9b94558..b2d6ff2 100644 --- a/xen-name-for-devid.patch +++ b/xen-name-for-devid.patch @@ -13,10 +13,10 @@ Date: Wed Jan 27 16:11:41 2010 -0700 This approach allows removing a disk when domain is inactive. We obviously can't search xenstore when the domain is inactive. -Index: libvirt-0.9.9/src/xen/xend_internal.c +Index: libvirt-0.9.10/src/xen/xend_internal.c =================================================================== ---- libvirt-0.9.9.orig/src/xen/xend_internal.c -+++ libvirt-0.9.9/src/xen/xend_internal.c +--- libvirt-0.9.10.orig/src/xen/xend_internal.c ++++ libvirt-0.9.10/src/xen/xend_internal.c @@ -60,6 +60,7 @@ static int diff --git a/xen-pv-cdrom.patch b/xen-pv-cdrom.patch index e4de592..89b7bd3 100644 --- a/xen-pv-cdrom.patch +++ b/xen-pv-cdrom.patch @@ -1,8 +1,8 @@ -Index: libvirt-0.9.9/src/xenxs/xen_sxpr.c +Index: libvirt-0.9.10/src/xenxs/xen_sxpr.c =================================================================== ---- libvirt-0.9.9.orig/src/xenxs/xen_sxpr.c -+++ libvirt-0.9.9/src/xenxs/xen_sxpr.c -@@ -329,7 +329,7 @@ error: +--- libvirt-0.9.10.orig/src/xenxs/xen_sxpr.c ++++ libvirt-0.9.10/src/xenxs/xen_sxpr.c +@@ -340,7 +340,7 @@ error: static int xenParseSxprDisks(virDomainDefPtr def, const struct sexpr *root, @@ -11,7 +11,7 @@ Index: libvirt-0.9.9/src/xenxs/xen_sxpr.c int xendConfigVersion) { const struct sexpr *cur, *node; -@@ -380,7 +380,6 @@ xenParseSxprDisks(virDomainDefPtr def, +@@ -391,7 +391,6 @@ xenParseSxprDisks(virDomainDefPtr def, /* There is a case without the uname to the CD-ROM device */ offset = strchr(dst, ':'); if (!offset || From a78854eae92f5f34e506b507689d83c23978db0ddfea3d59cdb3d21d5cb3fb5f Mon Sep 17 00:00:00 2001 From: James Fehlig Date: Thu, 16 Feb 2012 05:03:57 +0000 Subject: [PATCH 7/9] - Add upstream patches to fix issues with older PolicyKit c05ec920-polkit0-build.patch fcdfa31f-polkit0-auth.patch OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=198 --- c05ec920-polkit0-build.patch | 24 +++++++++++++++++++ ...lkit0.patch => fcdfa31f-polkit0-auth.patch | 15 +++++------- libvirt.changes | 7 ++++++ libvirt.spec | 5 ++-- 4 files changed, 40 insertions(+), 11 deletions(-) create mode 100644 c05ec920-polkit0-build.patch rename a06fab95-polkit0.patch => fcdfa31f-polkit0-auth.patch (87%) diff --git a/c05ec920-polkit0-build.patch b/c05ec920-polkit0-build.patch new file mode 100644 index 0000000..74d9341 --- /dev/null +++ b/c05ec920-polkit0-build.patch @@ -0,0 +1,24 @@ +commit c05ec920219dc9fad9230c3cea7c1fb17d29ddc3 +Author: Jim Fehlig +Date: Wed Feb 15 21:34:13 2012 -0700 + + Fix build with polkit0 + + Commit 8dd623b9 introduced a build error with --enable-compile-warnings=error + + remote.c:2593: error: unused variable 'rv' [-Wunused-variable] + + Pushing under build-breaker rule. + +Index: libvirt-0.9.10/daemon/remote.c +=================================================================== +--- libvirt-0.9.10.orig/daemon/remote.c ++++ libvirt-0.9.10/daemon/remote.c +@@ -2589,7 +2589,6 @@ remoteDispatchAuthPolkit(virNetServerPtr + DBusError err; + const char *action; + char *ident = NULL; +- int rv = -1; + struct daemonClientPrivate *priv = + virNetServerClientGetPrivateData(client); + diff --git a/a06fab95-polkit0.patch b/fcdfa31f-polkit0-auth.patch similarity index 87% rename from a06fab95-polkit0.patch rename to fcdfa31f-polkit0-auth.patch index 2a00446..6eb1f97 100644 --- a/a06fab95-polkit0.patch +++ b/fcdfa31f-polkit0-auth.patch @@ -12,11 +12,11 @@ Fix polkit authentication bypass when caller UID = 0. daemon/remote.c | 20 +++++++++----------- 1 files changed, 9 insertions(+), 11 deletions(-) -diff --git a/daemon/remote.c b/daemon/remote.c -index 1cea942..a57656c 100644 ---- a/daemon/remote.c -+++ b/daemon/remote.c -@@ -2052,16 +2052,16 @@ remoteDispatchAuthList(virNetServerPtr server ATTRIBUTE_UNUSED, +Index: libvirt-0.9.10/daemon/remote.c +=================================================================== +--- libvirt-0.9.10.orig/daemon/remote.c ++++ libvirt-0.9.10/daemon/remote.c +@@ -2052,16 +2052,16 @@ remoteDispatchAuthList(virNetServerPtr s } else if (callerUid == 0) { char *ident; if (virAsprintf(&ident, "pid:%lld,uid:%d", @@ -42,7 +42,7 @@ index 1cea942..a57656c 100644 } } -@@ -2593,8 +2593,6 @@ remoteDispatchAuthPolkit(virNetServerPtr server, +@@ -2592,8 +2592,6 @@ remoteDispatchAuthPolkit(virNetServerPtr struct daemonClientPrivate *priv = virNetServerClientGetPrivateData(client); @@ -51,6 +51,3 @@ index 1cea942..a57656c 100644 virMutexLock(&priv->lock); action = virNetServerClientGetReadonly(client) ? --- -1.7.7 - diff --git a/libvirt.changes b/libvirt.changes index 6e6e841..33fc3f7 100644 --- a/libvirt.changes +++ b/libvirt.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Wed Feb 15 22:00:42 MST 2012 - jfehlig@suse.com + +- Add upstream patches to fix issues with older PolicyKit + c05ec920-polkit0-build.patch + fcdfa31f-polkit0-auth.patch + ------------------------------------------------------------------- Wed Feb 15 11:57:25 MST 2012 - jfehlig@suse.com diff --git a/libvirt.spec b/libvirt.spec index ae06df3..b6e462f 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -15,7 +15,6 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # - # For now, default to a full server + client build %define client_only 0 @@ -404,7 +403,8 @@ Source1: libvirtd.init Source2: libvirtd-relocation-server.fw Source99: baselibs.conf # Upstream patches -Patch0: a06fab95-polkit0.patch +Patch0: c05ec920-polkit0-build.patch +Patch1: fcdfa31f-polkit0-auth.patch # Need to go upstream Patch100: xen-name-for-devid.patch Patch101: clone.patch @@ -540,6 +540,7 @@ Authors: %prep %setup -q %patch0 -p1 +%patch1 -p1 %patch100 -p1 %patch101 %patch102 -p1 From afbbb9540609e44cdbb9c1d661dc4dcb322cc233e57a011fe35541fb4f25cc9b Mon Sep 17 00:00:00 2001 From: James Fehlig Date: Thu, 16 Feb 2012 16:05:20 +0000 Subject: [PATCH 8/9] - Recommend dmidecode if suse_version > 1110. dmidecode is used by virConnectGetSysinfo. OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=199 --- libvirt.changes | 6 ++++++ libvirt.spec | 9 ++++++--- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/libvirt.changes b/libvirt.changes index 33fc3f7..08f6281 100644 --- a/libvirt.changes +++ b/libvirt.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Thu Feb 16 09:01:58 MST 2012 - jfehlig@suse.com + +- Recommend dmidecode if suse_version > 1110. dmidecode is used + by virConnectGetSysinfo. + ------------------------------------------------------------------- Wed Feb 15 22:00:42 MST 2012 - jfehlig@suse.com diff --git a/libvirt.spec b/libvirt.spec index b6e462f..e9d5d3f 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -15,6 +15,7 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # + # For now, default to a full server + client build %define client_only 0 @@ -389,10 +390,12 @@ Recommends: device-mapper # For multipath support Recommends: device-mapper %endif -#%ifarch i386 i586 i686 x86_64 ia64 +%if 0%{?suse_version} > 1110 +%ifarch i386 i586 i686 x86_64 ia64 # For virConnectGetSysinfo -#Requires: dmidecode -#%endif +Recommends: dmidecode +%endif +%endif # For service management %if %{with_systemd} %{?systemd_requires} From 61bad01df30b60625a8f3a1b71813d22c54ed2e6dd470411352ef0c95183ab6f Mon Sep 17 00:00:00 2001 From: James Fehlig Date: Thu, 16 Feb 2012 17:05:01 +0000 Subject: [PATCH 9/9] - Add a note in /etc/libvirt/qemu.conf describing administrator vigilance required when enabling a lock manager such as sanlock OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=200 --- libvirt.changes | 6 ++++++ libvirt.spec | 1 - suse-qemu-conf.patch | 16 ++++++++++++++++ 3 files changed, 22 insertions(+), 1 deletion(-) diff --git a/libvirt.changes b/libvirt.changes index 08f6281..a68b849 100644 --- a/libvirt.changes +++ b/libvirt.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Thu Feb 16 09:59:52 MST 2012 - jfehlig@suse.com + +- Add a note in /etc/libvirt/qemu.conf describing administrator + vigilance required when enabling a lock manager such as sanlock + ------------------------------------------------------------------- Thu Feb 16 09:01:58 MST 2012 - jfehlig@suse.com diff --git a/libvirt.spec b/libvirt.spec index e9d5d3f..be4ea77 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -15,7 +15,6 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # - # For now, default to a full server + client build %define client_only 0 diff --git a/suse-qemu-conf.patch b/suse-qemu-conf.patch index 379ba31..57a1591 100644 --- a/suse-qemu-conf.patch +++ b/suse-qemu-conf.patch @@ -19,3 +19,19 @@ Index: libvirt-0.9.10/src/qemu/qemu.conf # If set to non-zero, then the default security labeling # will make guests confined. If set to zero, then guests +@@ -316,6 +325,15 @@ + # max_processes = 0 + # max_files = 0 + ++# SUSE note: ++# Many lock managers, sanlock included, will kill the resources ++# they protect when terminated. E.g. the sanlock daemon will kill ++# any virtual machines for which it holds disk leases when the ++# daemon is stopped or restarted. Administrators must be vigilant ++# when enabling a lock manager since simply updating the manager ++# may cause it to be restarted, potentially killing the resources ++# it protects. ++# + # To enable 'Sanlock' project based locking of the file + # content (to prevent two VMs writing to the same + # disk), uncomment this