diff --git a/9ae4ac7a-PolicyKit.patch b/9ae4ac7a-PolicyKit.patch deleted file mode 100644 index b01b09a..0000000 --- a/9ae4ac7a-PolicyKit.patch +++ /dev/null @@ -1,79 +0,0 @@ -commit 9ae4ac7ac07d872cd32d0a3a1b1b44730b04bda7 -Author: Jim Fehlig -Date: Tue Jan 3 11:35:06 2012 -0700 - - PolicyKit: Check auth before asking client to obtain it - - I previously mentioned [1] a PolicyKit issue where libvirt would - proceed with authentication even though polkit-auth failed: - - testusr xen134:~> virsh list --all - Attempting to obtain authorization for org.libvirt.unix.manage. - polkit-grant-helper: given auth type (8 -> yes) is bogus - Failed to obtain authorization for org.libvirt.unix.manage. - Id Name State - ---------------------------------- - 0 Domain-0 running - - sles11sp1-pv shut off - - AFAICT, libvirt attempts to obtain a privilege it already has, - causing polkit-auth to fail with above message. Instead of calling - obtain and then checking auth, IMO the workflow should be for the - server to check auth first, and if that fails ask the client to - obtain it and check again. This workflow also allows for checking - only successful exit of polkit-auth in virConnectAuthGainPolkit(). - - [1] https://www.redhat.com/archives/libvir-list/2011-December/msg00837.html - -Index: libvirt-0.9.9/src/libvirt.c -=================================================================== ---- libvirt-0.9.9.orig/src/libvirt.c -+++ libvirt-0.9.9/src/libvirt.c -@@ -119,7 +119,7 @@ static int virConnectAuthGainPolkit(cons - - cmd = virCommandNewArgList(POLKIT_AUTH, "--obtain", privilege, NULL); - if (virCommandRun(cmd, &status) < 0 || -- status > 1) -+ status > 0) - goto cleanup; - - ret = 0; -Index: libvirt-0.9.9/src/remote/remote_driver.c -=================================================================== ---- libvirt-0.9.9.orig/src/remote/remote_driver.c -+++ libvirt-0.9.9/src/remote/remote_driver.c -@@ -3121,6 +3121,14 @@ remoteAuthPolkit (virConnectPtr conn, st - }; - VIR_DEBUG("Client initialize PolicyKit-0 authentication"); - -+ /* Check auth first and if it succeeds we are done. */ -+ memset (&ret, 0, sizeof ret); -+ if (call (conn, priv, 0, REMOTE_PROC_AUTH_POLKIT, -+ (xdrproc_t) xdr_void, (char *)NULL, -+ (xdrproc_t) xdr_remote_auth_polkit_ret, (char *) &ret) == 0) -+ goto out; -+ -+ /* Auth failed. Ask client to obtain it and check again. */ - if (auth && auth->cb) { - /* Check if the necessary credential type for PolicyKit is supported */ - for (i = 0 ; i < auth->ncredtype ; i++) { -@@ -3138,9 +3146,11 @@ remoteAuthPolkit (virConnectPtr conn, st - } - } else { - VIR_DEBUG("Client auth callback does not support PolicyKit"); -+ return -1; - } - } else { - VIR_DEBUG("No auth callback provided"); -+ return -1; - } - - memset (&ret, 0, sizeof ret); -@@ -3150,6 +3160,7 @@ remoteAuthPolkit (virConnectPtr conn, st - return -1; /* virError already set by call */ - } - -+out: - VIR_DEBUG("PolicyKit-0 authentication complete"); - return 0; - } diff --git a/AF_PACKET.patch b/AF_PACKET.patch index ec87945..323983d 100644 --- a/AF_PACKET.patch +++ b/AF_PACKET.patch @@ -1,20 +1,20 @@ -Index: libvirt-0.9.9/src/util/virnetdev.c +Index: libvirt-0.9.10/src/util/virnetdev.c =================================================================== ---- libvirt-0.9.9.orig/src/util/virnetdev.c -+++ libvirt-0.9.9/src/util/virnetdev.c -@@ -84,7 +84,7 @@ static int virNetDevSetupControlFull(con - static int virNetDevSetupControl(const char *ifname, - struct ifreq *ifr) - { -- return virNetDevSetupControlFull(ifname, ifr, AF_PACKET, SOCK_DGRAM); -+ return virNetDevSetupControlFull(ifname, ifr, AF_INET, SOCK_STREAM); - } - #endif - -Index: libvirt-0.9.9/src/util/virnetdevbridge.c -=================================================================== ---- libvirt-0.9.9.orig/src/util/virnetdevbridge.c -+++ libvirt-0.9.9/src/util/virnetdevbridge.c +--- libvirt-0.9.10.orig/src/util/virnetdev.c ++++ libvirt-0.9.10/src/util/virnetdev.c +@@ -85,7 +85,7 @@ static int virNetDevSetupControlFull(con + static int virNetDevSetupControl(const char *ifname, + struct ifreq *ifr) + { +- return virNetDevSetupControlFull(ifname, ifr, AF_PACKET, SOCK_DGRAM); ++ return virNetDevSetupControlFull(ifname, ifr, AF_INET, SOCK_STREAM); + } + #endif + +Index: libvirt-0.9.10/src/util/virnetdevbridge.c +=================================================================== +--- libvirt-0.9.10.orig/src/util/virnetdevbridge.c ++++ libvirt-0.9.10/src/util/virnetdevbridge.c @@ -84,7 +84,7 @@ static int virNetDevSetupControlFull(con static int virNetDevSetupControl(const char *ifname, struct ifreq *ifr) diff --git a/a06fab95-polkit0.patch b/a06fab95-polkit0.patch new file mode 100644 index 0000000..2a00446 --- /dev/null +++ b/a06fab95-polkit0.patch @@ -0,0 +1,56 @@ +From a06fab953f99e778883618dd0aeaef8da5d5b32a Mon Sep 17 00:00:00 2001 +From: Jim Fehlig +Date: Wed, 15 Feb 2012 10:01:50 -0700 +Subject: [PATCH] Fix polkit0 authentication + +Commit 7033c5f2 introduced some bugs in polkit0 authentication. + +Fix libvirtd segfault in remoteDispatchAuthPolkit(). + +Fix polkit authentication bypass when caller UID = 0. +--- + daemon/remote.c | 20 +++++++++----------- + 1 files changed, 9 insertions(+), 11 deletions(-) + +diff --git a/daemon/remote.c b/daemon/remote.c +index 1cea942..a57656c 100644 +--- a/daemon/remote.c ++++ b/daemon/remote.c +@@ -2052,16 +2052,16 @@ remoteDispatchAuthList(virNetServerPtr server ATTRIBUTE_UNUSED, + } else if (callerUid == 0) { + char *ident; + if (virAsprintf(&ident, "pid:%lld,uid:%d", +- (long long) callerPid, callerUid) == 0) { +- VIR_INFO("Bypass polkit auth for privileged client %s", +- ident); +- if (virNetServerClientSetIdentity(client, ident) < 0) +- virResetLastError(); +- else +- auth = VIR_NET_SERVER_SERVICE_AUTH_NONE; +- VIR_FREE(ident); ++ (long long) callerPid, callerUid) < 0) { ++ virReportOOMError(); ++ goto cleanup; + } +- rv = -1; ++ VIR_INFO("Bypass polkit auth for privileged client %s", ident); ++ if (virNetServerClientSetIdentity(client, ident) < 0) ++ virResetLastError(); ++ else ++ auth = VIR_NET_SERVER_SERVICE_AUTH_NONE; ++ VIR_FREE(ident); + } + } + +@@ -2593,8 +2593,6 @@ remoteDispatchAuthPolkit(virNetServerPtr server, + struct daemonClientPrivate *priv = + virNetServerClientGetPrivateData(client); + +- memset(ident, 0, sizeof ident); +- + virMutexLock(&priv->lock); + + action = virNetServerClientGetReadonly(client) ? +-- +1.7.7 + diff --git a/clone.patch b/clone.patch index cc4e2f2..c81598c 100644 --- a/clone.patch +++ b/clone.patch @@ -2,7 +2,7 @@ Index: src/lxc/lxc_container.c =================================================================== --- src/lxc/lxc_container.c.orig +++ src/lxc/lxc_container.c -@@ -1345,6 +1345,9 @@ int lxcContainerStart(virDomainDefPtr de +@@ -1439,6 +1439,9 @@ int lxcContainerStart(virDomainDefPtr de ttyPaths, nttyPaths, handshakefd}; /* allocate a stack for the container */ @@ -12,7 +12,7 @@ Index: src/lxc/lxc_container.c if (VIR_ALLOC_N(stack, stacksize) < 0) { virReportOOMError(); return -1; -@@ -1363,7 +1366,11 @@ int lxcContainerStart(virDomainDefPtr de +@@ -1457,7 +1460,11 @@ int lxcContainerStart(virDomainDefPtr de cflags |= CLONE_NEWNET; } @@ -24,7 +24,7 @@ Index: src/lxc/lxc_container.c VIR_FREE(stack); VIR_DEBUG("clone() completed, new container PID is %d", pid); -@@ -1389,6 +1396,7 @@ int lxcContainerAvailable(int features) +@@ -1483,6 +1490,7 @@ int lxcContainerAvailable(int features) int cpid; char *childStack; char *stack; @@ -32,7 +32,7 @@ Index: src/lxc/lxc_container.c if (features & LXC_CONTAINER_FEATURE_USER) flags |= CLONE_NEWUSER; -@@ -1396,14 +1404,21 @@ int lxcContainerAvailable(int features) +@@ -1490,14 +1498,21 @@ int lxcContainerAvailable(int features) if (features & LXC_CONTAINER_FEATURE_NET) flags |= CLONE_NEWNET; diff --git a/install-apparmor-profiles.patch b/install-apparmor-profiles.patch index 00602df..bb4d87f 100644 --- a/install-apparmor-profiles.patch +++ b/install-apparmor-profiles.patch @@ -1,7 +1,7 @@ -Index: libvirt-0.9.9/examples/apparmor/Makefile.am +Index: libvirt-0.9.10/examples/apparmor/Makefile.am =================================================================== ---- libvirt-0.9.9.orig/examples/apparmor/Makefile.am -+++ libvirt-0.9.9/examples/apparmor/Makefile.am +--- libvirt-0.9.10.orig/examples/apparmor/Makefile.am ++++ libvirt-0.9.10/examples/apparmor/Makefile.am @@ -1,8 +1,39 @@ ## Copyright (C) 2005-2011 Red Hat, Inc. ## See COPYING.LIB for the License of this software @@ -47,10 +47,10 @@ Index: libvirt-0.9.9/examples/apparmor/Makefile.am + rm -f $(DESTDIR)$(sysconfdir)/apparmor.d/libvirt/TEMPLATE + +endif -Index: libvirt-0.9.9/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in +Index: libvirt-0.9.10/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in =================================================================== --- /dev/null -+++ libvirt-0.9.9/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in ++++ libvirt-0.9.10/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in @@ -0,0 +1,40 @@ +# Last Modified: Fri Aug 19 11:21:48 2011 +#include @@ -92,9 +92,9 @@ Index: libvirt-0.9.9/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in + /var/lib/kvm/images/ r, + /var/lib/kvm/images/** r, +} -Index: libvirt-0.9.9/examples/apparmor/usr.lib.libvirt.virt-aa-helper +Index: libvirt-0.9.10/examples/apparmor/usr.lib.libvirt.virt-aa-helper =================================================================== ---- libvirt-0.9.9.orig/examples/apparmor/usr.lib.libvirt.virt-aa-helper +--- libvirt-0.9.10.orig/examples/apparmor/usr.lib.libvirt.virt-aa-helper +++ /dev/null @@ -1,38 +0,0 @@ -# Last Modified: Mon Apr 5 15:10:27 2010 @@ -135,9 +135,9 @@ Index: libvirt-0.9.9/examples/apparmor/usr.lib.libvirt.virt-aa-helper - /var/lib/libvirt/images/ r, - /var/lib/libvirt/images/** r, -} -Index: libvirt-0.9.9/examples/apparmor/usr.sbin.libvirtd +Index: libvirt-0.9.10/examples/apparmor/usr.sbin.libvirtd =================================================================== ---- libvirt-0.9.9.orig/examples/apparmor/usr.sbin.libvirtd +--- libvirt-0.9.10.orig/examples/apparmor/usr.sbin.libvirtd +++ /dev/null @@ -1,52 +0,0 @@ -# Last Modified: Mon Apr 5 15:03:58 2010 @@ -192,10 +192,10 @@ Index: libvirt-0.9.9/examples/apparmor/usr.sbin.libvirtd - change_profile -> @{LIBVIRT}-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*, - -} -Index: libvirt-0.9.9/examples/apparmor/usr.sbin.libvirtd.in +Index: libvirt-0.9.10/examples/apparmor/usr.sbin.libvirtd.in =================================================================== --- /dev/null -+++ libvirt-0.9.9/examples/apparmor/usr.sbin.libvirtd.in ++++ libvirt-0.9.10/examples/apparmor/usr.sbin.libvirtd.in @@ -0,0 +1,57 @@ +# Last Modified: Fri Aug 19 11:20:36 2011 +#include @@ -254,10 +254,10 @@ Index: libvirt-0.9.9/examples/apparmor/usr.sbin.libvirtd.in + change_profile -> @{LIBVIRT}-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*, + +} -Index: libvirt-0.9.9/examples/apparmor/libvirt-qemu +Index: libvirt-0.9.10/examples/apparmor/libvirt-qemu =================================================================== ---- libvirt-0.9.9.orig/examples/apparmor/libvirt-qemu -+++ libvirt-0.9.9/examples/apparmor/libvirt-qemu +--- libvirt-0.9.10.orig/examples/apparmor/libvirt-qemu ++++ libvirt-0.9.10/examples/apparmor/libvirt-qemu @@ -52,6 +52,7 @@ # access to firmware's etc /usr/share/kvm/** r, diff --git a/libvirt-0.9.10.tar.bz2 b/libvirt-0.9.10.tar.bz2 new file mode 100644 index 0000000..2cedd35 --- /dev/null +++ b/libvirt-0.9.10.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:7c0b775b679afe373cc39a7b56f0d8f6faece3b85964e5ad906fbc7cff8a1798 +size 13393379 diff --git a/libvirt-0.9.9.tar.bz2 b/libvirt-0.9.9.tar.bz2 deleted file mode 100644 index 5b509b8..0000000 --- a/libvirt-0.9.9.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7de73cb8961b3cdecde265102abb55d8f9f1f81aceb6100cb10692721fba090f -size 13000699 diff --git a/libvirt-suse-netcontrol.patch b/libvirt-suse-netcontrol.patch index 77d26fc..a3ccecf 100644 --- a/libvirt-suse-netcontrol.patch +++ b/libvirt-suse-netcontrol.patch @@ -1,7 +1,7 @@ -Index: libvirt-0.9.9/configure.ac +Index: libvirt-0.9.10/configure.ac =================================================================== ---- libvirt-0.9.9.orig/configure.ac -+++ libvirt-0.9.9/configure.ac +--- libvirt-0.9.10.orig/configure.ac ++++ libvirt-0.9.10/configure.ac @@ -63,6 +63,7 @@ AVAHI_REQUIRED="0.6.0" POLKIT_REQUIRED="0.6" PARTED_REQUIRED="1.8.0" @@ -10,7 +10,7 @@ Index: libvirt-0.9.9/configure.ac UDEV_REQUIRED=145 PCIACCESS_REQUIRED=0.10.0 XMLRPC_REQUIRED=1.14.0 -@@ -1637,6 +1638,38 @@ AM_CONDITIONAL([WITH_NETCF], [test "$wit +@@ -1641,6 +1642,38 @@ AM_CONDITIONAL([WITH_NETCF], [test "$wit AC_SUBST([NETCF_CFLAGS]) AC_SUBST([NETCF_LIBS]) @@ -49,7 +49,7 @@ Index: libvirt-0.9.9/configure.ac AC_ARG_WITH([secrets], AC_HELP_STRING([--with-secrets], [with local secrets management driver @<:@default=yes@:>@]),[],[with_secrets=yes]) -@@ -2565,6 +2598,7 @@ AC_MSG_NOTICE([ Remote: $with_remote]) +@@ -2592,6 +2625,7 @@ AC_MSG_NOTICE([ Remote: $with_remote]) AC_MSG_NOTICE([ Network: $with_network]) AC_MSG_NOTICE([Libvirtd: $with_libvirtd]) AC_MSG_NOTICE([ netcf: $with_netcf]) @@ -57,7 +57,7 @@ Index: libvirt-0.9.9/configure.ac AC_MSG_NOTICE([ macvtap: $with_macvtap]) AC_MSG_NOTICE([virtport: $with_virtualport]) AC_MSG_NOTICE([]) -@@ -2696,6 +2730,11 @@ AC_MSG_NOTICE([ netcf: $NETCF_CFLAGS $ +@@ -2723,6 +2757,11 @@ AC_MSG_NOTICE([ netcf: $NETCF_CFLAGS $ else AC_MSG_NOTICE([ netcf: no]) fi @@ -69,10 +69,10 @@ Index: libvirt-0.9.9/configure.ac if test "$with_qemu" = "yes" && test "$LIBPCAP_FOUND" != "no"; then AC_MSG_NOTICE([ pcap: $LIBPCAP_CFLAGS $LIBPCAP_LIBS]) else -Index: libvirt-0.9.9/daemon/Makefile.am +Index: libvirt-0.9.10/daemon/Makefile.am =================================================================== ---- libvirt-0.9.9.orig/daemon/Makefile.am -+++ libvirt-0.9.9/daemon/Makefile.am +--- libvirt-0.9.10.orig/daemon/Makefile.am ++++ libvirt-0.9.10/daemon/Makefile.am @@ -143,6 +143,10 @@ endif if WITH_NETCF @@ -84,10 +84,10 @@ Index: libvirt-0.9.9/daemon/Makefile.am endif if WITH_NODE_DEVICES -Index: libvirt-0.9.9/daemon/libvirtd.c +Index: libvirt-0.9.10/daemon/libvirtd.c =================================================================== ---- libvirt-0.9.9.orig/daemon/libvirtd.c -+++ libvirt-0.9.9/daemon/libvirtd.c +--- libvirt-0.9.10.orig/daemon/libvirtd.c ++++ libvirt-0.9.10/daemon/libvirtd.c @@ -75,6 +75,10 @@ # endif # ifdef WITH_NETCF @@ -110,11 +110,11 @@ Index: libvirt-0.9.9/daemon/libvirtd.c # endif # ifdef WITH_STORAGE_DIR storageRegister(); -Index: libvirt-0.9.9/src/Makefile.am +Index: libvirt-0.9.10/src/Makefile.am =================================================================== ---- libvirt-0.9.9.orig/src/Makefile.am -+++ libvirt-0.9.9/src/Makefile.am -@@ -955,6 +955,24 @@ libvirt_driver_interface_la_LIBADD += .. +--- libvirt-0.9.10.orig/src/Makefile.am ++++ libvirt-0.9.10/src/Makefile.am +@@ -960,6 +960,24 @@ libvirt_driver_interface_la_LIBADD += .. libvirt_driver_interface_la_LDFLAGS += -module -avoid-version endif libvirt_driver_interface_la_SOURCES = $(INTERFACE_DRIVER_SOURCES) @@ -139,10 +139,10 @@ Index: libvirt-0.9.9/src/Makefile.am endif if WITH_SECRETS -Index: libvirt-0.9.9/src/interface/netcf_driver.c +Index: libvirt-0.9.10/src/interface/netcf_driver.c =================================================================== ---- libvirt-0.9.9.orig/src/interface/netcf_driver.c -+++ libvirt-0.9.9/src/interface/netcf_driver.c +--- libvirt-0.9.10.orig/src/interface/netcf_driver.c ++++ libvirt-0.9.10/src/interface/netcf_driver.c @@ -23,7 +23,13 @@ #include @@ -208,11 +208,11 @@ Index: libvirt-0.9.9/src/interface/netcf_driver.c /* open netcf */ if (ncf_init(&driverState->netcf, NULL) != 0) { -Index: libvirt-0.9.9/tools/virsh.c +Index: libvirt-0.9.10/tools/virsh.c =================================================================== ---- libvirt-0.9.9.orig/tools/virsh.c -+++ libvirt-0.9.9/tools/virsh.c -@@ -18328,6 +18328,10 @@ vshShowVersion(vshControl *ctl ATTRIBUTE +--- libvirt-0.9.10.orig/tools/virsh.c ++++ libvirt-0.9.10/tools/virsh.c +@@ -19067,6 +19067,10 @@ vshShowVersion(vshControl *ctl ATTRIBUTE #endif #ifdef WITH_NETCF vshPrint(ctl, " Netcf"); diff --git a/libvirt.changes b/libvirt.changes index 2e03a2d..6e6e841 100644 --- a/libvirt.changes +++ b/libvirt.changes @@ -1,3 +1,18 @@ +------------------------------------------------------------------- +Wed Feb 15 11:57:25 MST 2012 - jfehlig@suse.com + +- Update to libvirt 0.9.10 + - Add support for sVirt in the LXC driver + - Add new API virDomainBlockRebase + - Add api to set and get domain metadata + - virDomainGetDiskErrors public API + - Add rawio attribute to disk element of domain XML + - Introduce virDomainPMSuspendForDuration API + - Add virStorageVolResize() API + - Add a virt-host-validate command to sanity check HV config + - Add new virDomainShutdownFlags API + - QEMU guest agent support + ------------------------------------------------------------------- Wed Feb 8 11:12:28 MST 2012 - jfehlig@suse.com diff --git a/libvirt.spec b/libvirt.spec index 4ac276a..ae06df3 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -326,7 +326,7 @@ BuildRequires: systemd Name: libvirt Url: http://libvirt.org/ -Version: 0.9.9 +Version: 0.9.10 Release: 0 Summary: A C toolkit to interact with the virtualization capabilities of Linux License: LGPL-2.1+ @@ -390,8 +390,10 @@ Recommends: device-mapper # For multipath support Recommends: device-mapper %endif +#%ifarch i386 i586 i686 x86_64 ia64 # For virConnectGetSysinfo -Requires: dmidecode +#Requires: dmidecode +#%endif # For service management %if %{with_systemd} %{?systemd_requires} @@ -402,7 +404,7 @@ Source1: libvirtd.init Source2: libvirtd-relocation-server.fw Source99: baselibs.conf # Upstream patches -Patch0: 9ae4ac7a-PolicyKit.patch +Patch0: a06fab95-polkit0.patch # Need to go upstream Patch100: xen-name-for-devid.patch Patch101: clone.patch @@ -653,6 +655,9 @@ Authors: %if ! %{with_sasl} %define _without_sasl --without-sasl %endif +%if ! %{with_avahi} +%define _without_avahi --without-avahi +%endif %if ! %{with_python} %define _without_python --without-python %endif @@ -707,6 +712,7 @@ export CFLAGS="$RPM_OPT_FLAGS" %{?_without_dtrace} \ %{?_without_network} \ %{?_without_sasl} \ + %{?_without_avahi} \ %{?_without_python} \ %{?_without_libpcap} \ %{?_without_sanlock} \ @@ -938,10 +944,12 @@ fi %doc %{_mandir}/man1/virsh.1* %doc %{_mandir}/man1/virt-xml-validate.1* %doc %{_mandir}/man1/virt-pki-validate.1* +%doc %{_mandir}/man1/virt-host-validate.1* %config(noreplace) %{_sysconfdir}/libvirt/libvirt.conf %{_bindir}/virsh %{_bindir}/virt-xml-validate %{_bindir}/virt-pki-validate +%{_bindir}/virt-host-validate %dir %{_libdir}/%{name} %{_libdir}/lib*.so.* %{_localstatedir}/adm/fillup-templates/sysconfig.libvirt-guests diff --git a/libvirtd-defaults.patch b/libvirtd-defaults.patch index bd60cef..78ce3ab 100644 --- a/libvirtd-defaults.patch +++ b/libvirtd-defaults.patch @@ -1,7 +1,7 @@ -Index: libvirt-0.9.9/daemon/libvirtd.conf +Index: libvirt-0.9.10/daemon/libvirtd.conf =================================================================== ---- libvirt-0.9.9.orig/daemon/libvirtd.conf -+++ libvirt-0.9.9/daemon/libvirtd.conf +--- libvirt-0.9.10.orig/daemon/libvirtd.conf ++++ libvirt-0.9.10/daemon/libvirtd.conf @@ -18,8 +18,8 @@ # It is necessary to setup a CA and issue server certificates before # using this capability. @@ -28,10 +28,10 @@ Index: libvirt-0.9.9/daemon/libvirtd.conf # Override the default mDNS advertizement name. This must be # unique on the immediate broadcast network. -Index: libvirt-0.9.9/daemon/libvirtd.c +Index: libvirt-0.9.10/daemon/libvirtd.c =================================================================== ---- libvirt-0.9.9.orig/daemon/libvirtd.c -+++ libvirt-0.9.9/daemon/libvirtd.c +--- libvirt-0.9.10.orig/daemon/libvirtd.c ++++ libvirt-0.9.10/daemon/libvirtd.c @@ -871,7 +871,7 @@ daemonConfigNew(bool privileged ATTRIBUT return NULL; } diff --git a/relax-qemu-usergroup-check.patch b/relax-qemu-usergroup-check.patch index 69611c6..4ea7c3a 100644 --- a/relax-qemu-usergroup-check.patch +++ b/relax-qemu-usergroup-check.patch @@ -7,11 +7,11 @@ drivers as loadable modules instead of built-in to the daemon. Then the qemu driver would only be loaded when needed, which would never be the case on a xen-only configuration. -Index: libvirt-0.9.9/src/qemu/qemu_conf.c +Index: libvirt-0.9.10/src/qemu/qemu_conf.c =================================================================== ---- libvirt-0.9.9.orig/src/qemu/qemu_conf.c -+++ libvirt-0.9.9/src/qemu/qemu_conf.c -@@ -255,9 +255,7 @@ int qemudLoadDriverConfig(struct qemud_d +--- libvirt-0.9.10.orig/src/qemu/qemu_conf.c ++++ libvirt-0.9.10/src/qemu/qemu_conf.c +@@ -266,9 +266,7 @@ int qemudLoadDriverConfig(struct qemud_d return -1; } if (virGetUserID(user, &driver->user) < 0) { @@ -22,7 +22,7 @@ Index: libvirt-0.9.9/src/qemu/qemu_conf.c } VIR_FREE(user); -@@ -270,9 +268,7 @@ int qemudLoadDriverConfig(struct qemud_d +@@ -281,9 +279,7 @@ int qemudLoadDriverConfig(struct qemud_d return -1; } if (virGetGroupID(group, &driver->group) < 0) { diff --git a/suse-qemu-conf.patch b/suse-qemu-conf.patch index 5866e29..379ba31 100644 --- a/suse-qemu-conf.patch +++ b/suse-qemu-conf.patch @@ -1,7 +1,7 @@ -Index: libvirt-0.9.9/src/qemu/qemu.conf +Index: libvirt-0.9.10/src/qemu/qemu.conf =================================================================== ---- libvirt-0.9.9.orig/src/qemu/qemu.conf -+++ libvirt-0.9.9/src/qemu/qemu.conf +--- libvirt-0.9.10.orig/src/qemu/qemu.conf ++++ libvirt-0.9.10/src/qemu/qemu.conf @@ -136,7 +136,16 @@ # leaving SELinux enabled for the host in general, then set this # to 'none' instead. @@ -17,5 +17,5 @@ Index: libvirt-0.9.9/src/qemu/qemu.conf +# security_driver = "apparmor" +security_driver = "none" - - # The user ID for QEMU processes run by the system instance. + # If set to non-zero, then the default security labeling + # will make guests confined. If set to zero, then guests diff --git a/use-init-script-redhat.patch b/use-init-script-redhat.patch index 389eced..a4c6b03 100644 --- a/use-init-script-redhat.patch +++ b/use-init-script-redhat.patch @@ -1,8 +1,8 @@ -Index: libvirt-0.9.9/tools/Makefile.am +Index: libvirt-0.9.10/tools/Makefile.am =================================================================== ---- libvirt-0.9.9.orig/tools/Makefile.am -+++ libvirt-0.9.9/tools/Makefile.am -@@ -153,24 +153,22 @@ install-data-local: install-init install +--- libvirt-0.9.10.orig/tools/Makefile.am ++++ libvirt-0.9.10/tools/Makefile.am +@@ -182,24 +182,22 @@ install-data-local: install-init install uninstall-local: uninstall-init uninstall-systemd install-sysconfig: @@ -33,10 +33,10 @@ Index: libvirt-0.9.9/tools/Makefile.am if LIBVIRT_INIT_SCRIPT_RED_HAT -Index: libvirt-0.9.9/tools/libvirt-guests.sysconf +Index: libvirt-0.9.10/tools/libvirt-guests.sysconf =================================================================== ---- libvirt-0.9.9.orig/tools/libvirt-guests.sysconf -+++ libvirt-0.9.9/tools/libvirt-guests.sysconf +--- libvirt-0.9.10.orig/tools/libvirt-guests.sysconf ++++ libvirt-0.9.10/tools/libvirt-guests.sysconf @@ -1,18 +1,28 @@ +## Path: System/Virtualization/libvirt + @@ -87,10 +87,10 @@ Index: libvirt-0.9.9/tools/libvirt-guests.sysconf # If non-zero, try to bypass the file system cache when saving and # restoring guests, even though this may give slower operation for # some file systems. -Index: libvirt-0.9.9/tools/libvirt-guests.init.sh +Index: libvirt-0.9.10/tools/libvirt-guests.init.sh =================================================================== ---- libvirt-0.9.9.orig/tools/libvirt-guests.init.sh -+++ libvirt-0.9.9/tools/libvirt-guests.init.sh +--- libvirt-0.9.10.orig/tools/libvirt-guests.init.sh ++++ libvirt-0.9.10/tools/libvirt-guests.init.sh @@ -4,10 +4,10 @@ # ### BEGIN INIT INFO @@ -233,10 +233,10 @@ Index: libvirt-0.9.9/tools/libvirt-guests.init.sh esac -exit $RETVAL +rc_exit -Index: libvirt-0.9.9/daemon/Makefile.am +Index: libvirt-0.9.10/daemon/Makefile.am =================================================================== ---- libvirt-0.9.9.orig/daemon/Makefile.am -+++ libvirt-0.9.9/daemon/Makefile.am +--- libvirt-0.9.10.orig/daemon/Makefile.am ++++ libvirt-0.9.10/daemon/Makefile.am @@ -249,34 +249,23 @@ uninstall-logrotate: rmdir $(DESTDIR)$(sysconfdir)/logrotate.d || : @@ -275,10 +275,10 @@ Index: libvirt-0.9.9/daemon/Makefile.am else install-init-redhat: uninstall-init-redhat: -Index: libvirt-0.9.9/daemon/libvirtd.sysconf +Index: libvirt-0.9.10/daemon/libvirtd.sysconf =================================================================== ---- libvirt-0.9.9.orig/daemon/libvirtd.sysconf -+++ libvirt-0.9.9/daemon/libvirtd.sysconf +--- libvirt-0.9.10.orig/daemon/libvirtd.sysconf ++++ libvirt-0.9.10/daemon/libvirtd.sysconf @@ -1,16 +1,25 @@ +## Path: System/Virtualization/libvirt + diff --git a/xen-name-for-devid.patch b/xen-name-for-devid.patch index 9b94558..b2d6ff2 100644 --- a/xen-name-for-devid.patch +++ b/xen-name-for-devid.patch @@ -13,10 +13,10 @@ Date: Wed Jan 27 16:11:41 2010 -0700 This approach allows removing a disk when domain is inactive. We obviously can't search xenstore when the domain is inactive. -Index: libvirt-0.9.9/src/xen/xend_internal.c +Index: libvirt-0.9.10/src/xen/xend_internal.c =================================================================== ---- libvirt-0.9.9.orig/src/xen/xend_internal.c -+++ libvirt-0.9.9/src/xen/xend_internal.c +--- libvirt-0.9.10.orig/src/xen/xend_internal.c ++++ libvirt-0.9.10/src/xen/xend_internal.c @@ -60,6 +60,7 @@ static int diff --git a/xen-pv-cdrom.patch b/xen-pv-cdrom.patch index e4de592..89b7bd3 100644 --- a/xen-pv-cdrom.patch +++ b/xen-pv-cdrom.patch @@ -1,8 +1,8 @@ -Index: libvirt-0.9.9/src/xenxs/xen_sxpr.c +Index: libvirt-0.9.10/src/xenxs/xen_sxpr.c =================================================================== ---- libvirt-0.9.9.orig/src/xenxs/xen_sxpr.c -+++ libvirt-0.9.9/src/xenxs/xen_sxpr.c -@@ -329,7 +329,7 @@ error: +--- libvirt-0.9.10.orig/src/xenxs/xen_sxpr.c ++++ libvirt-0.9.10/src/xenxs/xen_sxpr.c +@@ -340,7 +340,7 @@ error: static int xenParseSxprDisks(virDomainDefPtr def, const struct sexpr *root, @@ -11,7 +11,7 @@ Index: libvirt-0.9.9/src/xenxs/xen_sxpr.c int xendConfigVersion) { const struct sexpr *cur, *node; -@@ -380,7 +380,6 @@ xenParseSxprDisks(virDomainDefPtr def, +@@ -391,7 +391,6 @@ xenParseSxprDisks(virDomainDefPtr def, /* There is a case without the uname to the CD-ROM device */ offset = strchr(dst, ':'); if (!offset ||