rpm/libvirt
SHA256
1
0
Fork 0
forked from pool/libvirt
Code Pull Requests Activity

Fix some relevant bugs found in SLE11 SP2

Browse Source 
OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=176
This commit is contained in:
James Fehlig 2011-11-28 22:00:45 +00:00 committed by Git OBS Bridge
parent 82f0de3595
commit a05f801ae3
4 changed files with 76 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
a495365d-sexpr-empty-str.patch Normal file
View File

@ -0,0 +1,46 @@
commit a495365d09138bf0f07504cfe9b6ea2de858e18e
Author: Jim Fehlig <jfehlig@suse.com>
Date: Fri Nov 18 14:54:38 2011 -0700
Don't copy sexpr node value that is an empty string
Xen4.1 initializes some unspecified sexpr config items to an empty
string, unlike previous Xen versions that would leave the item unset.
E.g. the kernel item for an HVM guest (non-direct kernel boot):
Xen4.0 and earlier
...
(image
(hvm
(kernel )
...
Xen4.1
...
(image
(hvm
(kernel '')
...
The empty string for kernel causes some grief in subsequent parsing
where existence of specified kernel is checked, e.g.
if (!def->os.kernel)
...
This patch solves the problem in sexpr_node_copy() by not copying
a node containing an empty string.
Index: libvirt-0.9.7/src/util/sexpr.c
===================================================================
--- libvirt-0.9.7.orig/src/util/sexpr.c
+++ libvirt-0.9.7/src/util/sexpr.c
@@ -519,7 +519,7 @@ int sexpr_node_copy(const struct sexpr *
{
const char *val = sexpr_node(sexpr, node);
- if (val) {
+ if (val && *val) {
*dst = strdup(val);
if (!(*dst))
return -1;

32
install-apparmor-profiles.patch
View File

@ -1,7 +1,7 @@
Index: libvirt-0.9.4/examples/apparmor/Makefile.am Index: libvirt-0.9.7/examples/apparmor/Makefile.am
=================================================================== ===================================================================
--- libvirt-0.9.4.orig/examples/apparmor/Makefile.am --- libvirt-0.9.7.orig/examples/apparmor/Makefile.am
+++ libvirt-0.9.4/examples/apparmor/Makefile.am +++ libvirt-0.9.7/examples/apparmor/Makefile.am
@@ -1,8 +1,39 @@ @@ -1,8 +1,39 @@
## Copyright (C) 2005-2011 Red Hat, Inc. ## Copyright (C) 2005-2011 Red Hat, Inc.
## See COPYING.LIB for the License of this software ## See COPYING.LIB for the License of this software
@ -47,10 +47,10 @@ Index: libvirt-0.9.4/examples/apparmor/Makefile.am
+ rm -f $(DESTDIR)$(sysconfdir)/apparmor.d/libvirt/TEMPLATE + rm -f $(DESTDIR)$(sysconfdir)/apparmor.d/libvirt/TEMPLATE
+ +
+endif +endif
Index: libvirt-0.9.4/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in Index: libvirt-0.9.7/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
=================================================================== ===================================================================
--- /dev/null --- /dev/null
+++ libvirt-0.9.4/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in +++ libvirt-0.9.7/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
@@ -0,0 +1,40 @@ @@ -0,0 +1,40 @@
+# Last Modified: Fri Aug 19 11:21:48 2011 +# Last Modified: Fri Aug 19 11:21:48 2011
+#include <tunables/global> +#include <tunables/global>
@ -92,9 +92,9 @@ Index: libvirt-0.9.4/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
+ /var/lib/kvm/images/ r, + /var/lib/kvm/images/ r,
+ /var/lib/kvm/images/** r, + /var/lib/kvm/images/** r,
+} +}
Index: libvirt-0.9.4/examples/apparmor/usr.lib.libvirt.virt-aa-helper Index: libvirt-0.9.7/examples/apparmor/usr.lib.libvirt.virt-aa-helper
=================================================================== ===================================================================
--- libvirt-0.9.4.orig/examples/apparmor/usr.lib.libvirt.virt-aa-helper --- libvirt-0.9.7.orig/examples/apparmor/usr.lib.libvirt.virt-aa-helper
+++ /dev/null +++ /dev/null
@@ -1,38 +0,0 @@ @@ -1,38 +0,0 @@
-# Last Modified: Mon Apr 5 15:10:27 2010 -# Last Modified: Mon Apr 5 15:10:27 2010
@ -135,9 +135,9 @@ Index: libvirt-0.9.4/examples/apparmor/usr.lib.libvirt.virt-aa-helper
- /var/lib/libvirt/images/ r, - /var/lib/libvirt/images/ r,
- /var/lib/libvirt/images/** r, - /var/lib/libvirt/images/** r,
-} -}
Index: libvirt-0.9.4/examples/apparmor/usr.sbin.libvirtd Index: libvirt-0.9.7/examples/apparmor/usr.sbin.libvirtd
=================================================================== ===================================================================
--- libvirt-0.9.4.orig/examples/apparmor/usr.sbin.libvirtd --- libvirt-0.9.7.orig/examples/apparmor/usr.sbin.libvirtd
+++ /dev/null +++ /dev/null
@@ -1,52 +0,0 @@ @@ -1,52 +0,0 @@
-# Last Modified: Mon Apr 5 15:03:58 2010 -# Last Modified: Mon Apr 5 15:03:58 2010
@ -192,11 +192,11 @@ Index: libvirt-0.9.4/examples/apparmor/usr.sbin.libvirtd
- change_profile -> @{LIBVIRT}-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*, - change_profile -> @{LIBVIRT}-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*,
- -
-} -}
Index: libvirt-0.9.4/examples/apparmor/usr.sbin.libvirtd.in Index: libvirt-0.9.7/examples/apparmor/usr.sbin.libvirtd.in
=================================================================== ===================================================================
--- /dev/null --- /dev/null
+++ libvirt-0.9.4/examples/apparmor/usr.sbin.libvirtd.in +++ libvirt-0.9.7/examples/apparmor/usr.sbin.libvirtd.in
@@ -0,0 +1,52 @@ @@ -0,0 +1,54 @@
+# Last Modified: Fri Aug 19 11:20:36 2011 +# Last Modified: Fri Aug 19 11:20:36 2011
+#include <tunables/global> +#include <tunables/global>
+@{LIBVIRT}="libvirt" +@{LIBVIRT}="libvirt"
@ -244,15 +244,17 @@ Index: libvirt-0.9.4/examples/apparmor/usr.sbin.libvirtd.in
+ audit deny /sys/kernel/security/apparmor/.* rwxl, + audit deny /sys/kernel/security/apparmor/.* rwxl,
+ /sys/kernel/security/apparmor/profiles r, + /sys/kernel/security/apparmor/profiles r,
+ @libdir@/libvirt/* Pxr, + @libdir@/libvirt/* Pxr,
+ @libdir@/libvirt/libvirt_parthelper Ux,
+ @libdir@/libvirt/libvirt_iohelper Ux,
+ +
+ # allow changing to our UUID-based named profiles + # allow changing to our UUID-based named profiles
+ change_profile -> @{LIBVIRT}-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*, + change_profile -> @{LIBVIRT}-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*,
+ +
+} +}
Index: libvirt-0.9.4/examples/apparmor/libvirt-qemu Index: libvirt-0.9.7/examples/apparmor/libvirt-qemu
=================================================================== ===================================================================
--- libvirt-0.9.4.orig/examples/apparmor/libvirt-qemu --- libvirt-0.9.7.orig/examples/apparmor/libvirt-qemu
+++ libvirt-0.9.4/examples/apparmor/libvirt-qemu +++ libvirt-0.9.7/examples/apparmor/libvirt-qemu
@@ -52,6 +52,7 @@ @@ -52,6 +52,7 @@
# access to firmware's etc # access to firmware's etc
/usr/share/kvm/** r, /usr/share/kvm/** r,

11
libvirt.changes
View File

@ -1,3 +1,14 @@
-------------------------------------------------------------------
Mon Nov 28 14:57:04 MST 2011 - jfehlig@suse.com
- Handle empty strings in s-expression returned by xend
a495365d-sexpr-empty-str.patch
bnc#731344
- Allow libvirtd to access libvirt_{io,part}helper when confined
by apparmor
Update install-apparmor-profiles.patch
bnc#730435
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Nov 21 12:34:55 MST 2011 - jfehlig@suse.com Mon Nov 21 12:34:55 MST 2011 - jfehlig@suse.com

2
libvirt.spec
View File

@ -381,6 +381,7 @@ Source2: libvirtd-relocation-server.fw
Source99: baselibs.conf Source99: baselibs.conf
# Upstream patches # Upstream patches
Patch0: d47ab3fe-polkit0.patch Patch0: d47ab3fe-polkit0.patch
Patch1: a495365d-sexpr-empty-str.patch
# Need to go upstream # Need to go upstream
Patch100: xen-name-for-devid.patch Patch100: xen-name-for-devid.patch
Patch101: clone.patch Patch101: clone.patch
@ -505,6 +506,7 @@ Authors:
%prep %prep
%setup -q %setup -q
%patch0 -p1 %patch0 -p1
%patch1 -p1
%patch100 -p1 %patch100 -p1
%patch101 %patch101
%patch102 -p1 %patch102 -p1