2006-09-21 23:24:37 +08:00
|
|
|
# -*- rpm-spec -*-
|
|
|
|
|
2011-03-17 01:50:44 +08:00
|
|
|
# If neither fedora nor rhel was defined, try to guess them from %{dist}
|
|
|
|
%if !0%{?rhel} && !0%{?fedora}
|
|
|
|
%{expand:%(echo "%{?dist}" | \
|
|
|
|
sed -ne 's/^\.el\([0-9]\+\).*/%%define rhel \1/p')}
|
|
|
|
%{expand:%(echo "%{?dist}" | \
|
|
|
|
sed -ne 's/^\.fc\?\([0-9]\+\).*/%%define fedora \1/p')}
|
|
|
|
%endif
|
|
|
|
|
2011-12-06 01:22:10 +08:00
|
|
|
# Default to skipping autoreconf. Distros can change just this one line
|
|
|
|
# (or provide a command-line override) if they backport any patches that
|
|
|
|
# touch configure.ac or Makefile.am.
|
|
|
|
%{!?enable_autotools:%define enable_autotools 0}
|
|
|
|
|
2009-09-16 23:02:38 +08:00
|
|
|
# A client only build will create a libvirt.so only containing
|
|
|
|
# the generic RPC driver, and test driver and no libvirtd
|
|
|
|
# Default to a full server + client build
|
|
|
|
%define client_only 0
|
|
|
|
|
|
|
|
# Now turn off server build in certain cases
|
|
|
|
|
|
|
|
# RHEL-5 builds are client-only for s390, ppc
|
|
|
|
%if 0%{?rhel} == 5
|
|
|
|
%ifnarch i386 i586 i686 x86_64 ia64
|
|
|
|
%define client_only 1
|
|
|
|
%endif
|
|
|
|
%endif
|
|
|
|
|
|
|
|
# Disable all server side drivers if client only build requested
|
|
|
|
%if %{client_only}
|
|
|
|
%define server_drivers 0
|
|
|
|
%else
|
|
|
|
%define server_drivers 1
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
2009-09-22 17:42:06 +08:00
|
|
|
# Now set the defaults for all the important features, independent
|
2009-09-16 23:02:38 +08:00
|
|
|
# of any particular OS
|
|
|
|
|
|
|
|
# First the daemon itself
|
|
|
|
%define with_libvirtd 0%{!?_without_libvirtd:%{server_drivers}}
|
|
|
|
%define with_avahi 0%{!?_without_avahi:%{server_drivers}}
|
|
|
|
|
2009-09-16 23:02:38 +08:00
|
|
|
# Then the hypervisor drivers that run on local host
|
2009-09-16 23:02:38 +08:00
|
|
|
%define with_xen 0%{!?_without_xen:%{server_drivers}}
|
|
|
|
%define with_qemu 0%{!?_without_qemu:%{server_drivers}}
|
|
|
|
%define with_openvz 0%{!?_without_openvz:%{server_drivers}}
|
|
|
|
%define with_lxc 0%{!?_without_lxc:%{server_drivers}}
|
|
|
|
%define with_vbox 0%{!?_without_vbox:%{server_drivers}}
|
|
|
|
%define with_uml 0%{!?_without_uml:%{server_drivers}}
|
2011-02-11 06:42:34 +08:00
|
|
|
%define with_libxl 0%{!?_without_libxl:%{server_drivers}}
|
2011-06-10 02:28:18 +08:00
|
|
|
%define with_vmware 0%{!?_without_vmware:%{server_drivers}}
|
2009-09-16 23:02:38 +08:00
|
|
|
|
2011-09-27 22:52:47 +08:00
|
|
|
# Then the hypervisor drivers that talk via a native remote protocol
|
2009-09-16 23:02:38 +08:00
|
|
|
%define with_phyp 0%{!?_without_phyp:1}
|
|
|
|
%define with_esx 0%{!?_without_esx:1}
|
2011-07-13 22:05:18 +08:00
|
|
|
%define with_hyperv 0%{!?_without_hyperv:1}
|
2011-06-16 19:46:38 +08:00
|
|
|
%define with_xenapi 0%{!?_without_xenapi:1}
|
2009-09-16 23:02:38 +08:00
|
|
|
|
|
|
|
# Then the secondary host drivers
|
|
|
|
%define with_network 0%{!?_without_network:%{server_drivers}}
|
|
|
|
%define with_storage_fs 0%{!?_without_storage_fs:%{server_drivers}}
|
|
|
|
%define with_storage_lvm 0%{!?_without_storage_lvm:%{server_drivers}}
|
|
|
|
%define with_storage_iscsi 0%{!?_without_storage_iscsi:%{server_drivers}}
|
|
|
|
%define with_storage_disk 0%{!?_without_storage_disk:%{server_drivers}}
|
|
|
|
%define with_storage_mpath 0%{!?_without_storage_mpath:%{server_drivers}}
|
|
|
|
%define with_numactl 0%{!?_without_numactl:%{server_drivers}}
|
|
|
|
%define with_selinux 0%{!?_without_selinux:%{server_drivers}}
|
|
|
|
|
|
|
|
# A few optional bits off by default, we enable later
|
2009-07-29 17:05:39 +08:00
|
|
|
%define with_polkit 0%{!?_without_polkit:0}
|
2009-06-29 19:33:13 +08:00
|
|
|
%define with_capng 0%{!?_without_capng:0}
|
2009-07-29 17:05:39 +08:00
|
|
|
%define with_netcf 0%{!?_without_netcf:0}
|
2009-11-20 23:45:46 +08:00
|
|
|
%define with_udev 0%{!?_without_udev:0}
|
|
|
|
%define with_hal 0%{!?_without_hal:0}
|
2009-11-04 02:59:18 +08:00
|
|
|
%define with_yajl 0%{!?_without_yajl:0}
|
2010-05-06 00:20:28 +08:00
|
|
|
%define with_nwfilter 0%{!?_without_nwfilter:0}
|
nwfilter: Support for learning a VM's IP address
This patch implements support for learning a VM's IP address. It uses
the pcap library to listen on the VM's backend network interface (tap)
or the physical ethernet device (macvtap) and tries to capture packets
with source or destination MAC address of the VM and learn from DHCP
Offers, ARP traffic, or first-sent IPv4 packet what the IP address of
the VM's interface is. This then allows to instantiate the network
traffic filtering rules without the user having to provide the IP
parameter somewhere in the filter description or in the interface
description as a parameter. This only supports to detect the parameter
IP, which is for the assumed single IPv4 address of a VM. There is not
support for interfaces that may have multiple IP addresses (IP
aliasing) or IPv6 that may then require more than one valid IP address
to be detected. A VM can have multiple independent interfaces that each
uses a different IP address and in that case it will be attempted to
detect each one of the address independently.
So, when for example an interface description in the domain XML has
looked like this up to now:
<interface type='bridge'>
<source bridge='mybridge'/>
<model type='virtio'/>
<filterref filter='clean-traffic'>
<parameter name='IP' value='10.2.3.4'/>
</filterref>
</interface>
you may omit the IP parameter:
<interface type='bridge'>
<source bridge='mybridge'/>
<model type='virtio'/>
<filterref filter='clean-traffic'/>
</interface>
Internally I am walking the 'tree' of a VM's referenced network filters
and determine with the given variables which variables are missing. Now,
the above IP parameter may be missing and this causes a libvirt-internal
thread to be started that uses the pcap library's API to listen to the
backend interface (in case of macvtap to the physical interface) in an
attempt to determine the missing IP parameter. If the backend interface
disappears the thread terminates assuming the VM was brought down. In
case of a macvtap device a timeout is being used to wait for packets
from the given VM (filtering by VM's interface MAC address). If the VM's
macvtap device disappeared the thread also terminates. In all other
cases it tries to determine the IP address of the VM and will then apply
the rules late on the given interface, which would have happened
immediately if the IP parameter had been explicitly given. In case an
error happens while the firewall rules are applied, the VM's backend
interface is 'down'ed preventing it to communicate. Reasons for failure
for applying the network firewall rules may that an ebtables/iptables
command failes or OOM errors. Essentially the same failure reasons may
occur as when the firewall rules are applied immediately on VM start,
except that due to the late application of the filtering rules the VM
now is already running and cannot be hindered anymore from starting.
Bringing down the whole VM would probably be considered too drastic.
While a VM's IP address is attempted to be determined only limited
updates to network filters are allowed. In particular it is prevented
that filters are modified in such a way that they would introduce new
variables.
A caveat: The algorithm does not know which one is the appropriate IP
address of a VM. If the VM spoofs an IP address in its first ARP traffic
or IPv4 packets its filtering rules will be instantiated for this IP
address, thus 'locking' it to the found IP address. So, it's still
'safer' to explicitly provide the IP address of a VM's interface in the
filter description if it is known beforehand.
* configure.ac: detect libpcap
* libvirt.spec.in: require libpcap[-devel] if qemu is built
* src/internal.h: add the new ATTRIBUTE_PACKED define
* src/Makefile.am src/libvirt_private.syms: add the new modules and symbols
* src/nwfilter/nwfilter_learnipaddr.[ch]: new module being added
* src/nwfilter/nwfilter_driver.c src/conf/nwfilter_conf.[ch]
src/nwfilter/nwfilter_ebiptables_driver.[ch]
src/nwfilter/nwfilter_gentech_driver.[ch]: plu the new functionality in
* tests/nwfilterxml2xmltest: extend testing
2010-04-08 05:02:18 +08:00
|
|
|
%define with_libpcap 0%{!?_without_libpcap:0}
|
2010-05-26 03:31:38 +08:00
|
|
|
%define with_macvtap 0%{!?_without_macvtap:0}
|
2010-08-25 18:28:02 +08:00
|
|
|
%define with_libnl 0%{!?_without_libnl:0}
|
2010-09-15 21:44:11 +08:00
|
|
|
%define with_audit 0%{!?_without_audit:0}
|
Add dtrace static probes in libvirtd
Adds initial support for dtrace static probes in libvirtd
daemon, assuming use of systemtap dtrace compat shim on
Linux. The probes are inserted for network client connect,
disconnect, TLS handshake states and authentication protocol
states.
This can be tested by running the xample program and then
attempting to connect with any libvirt client (virsh,
virt-manager, etc).
# stap examples/systemtap/client.stp
Client fd=44 connected readonly=0
Client fd=44 auth polkit deny pid:24997,uid:500
Client fd=44 disconnected
Client fd=46 connected readonly=1
Client fd=46 auth sasl allow test
Client fd=46 disconnected
The libvirtd.stp file should also really not be required,
since it is duplicated info that is already available in
the main probes.d definition file. A script to autogenerate
the .stp file is needed, either in libvirtd tree, or better
as part of systemtap itself.
* Makefile.am: Add examples/systemtap subdir
* autobuild.sh: Disable dtrace for mingw32
* configure.ac: Add check for dtrace
* daemon/.gitignore: Ignore generated dtrace probe file
* daemon/Makefile.am: Build dtrace probe header & object
files
* daemon/libvirtd.stp: SystemTAP convenience probeset
* daemon/libvirtd.c: Add connect/disconnect & TLS probes
* daemon/remote.c: Add SASL and PolicyKit auth probes
* daemon/probes.d: Master probe definition
* daemon/libvirtd.h: Add convenience macro for probes
so that compilation is a no-op when dtrace is not available
* examples/systemtap/Makefile.am, examples/systemtap/client.stp
Example systemtap script using dtrace probe markers
* libvirt.spec.in: Enable dtrace on F13/RHEL6
* mingw32-libvirt.spec.in: Force disable dtrace
2010-09-15 00:30:32 +08:00
|
|
|
%define with_dtrace 0%{!?_without_dtrace:0}
|
2010-12-23 16:44:19 +08:00
|
|
|
%define with_cgconfig 0%{!?_without_cgconfig:0}
|
2011-01-19 02:37:45 +08:00
|
|
|
%define with_sanlock 0%{!?_without_sanlock:0}
|
2011-07-07 21:45:07 +08:00
|
|
|
%define with_systemd 0%{!?_without_systemd:0}
|
2009-07-29 17:05:39 +08:00
|
|
|
|
2009-09-16 23:02:38 +08:00
|
|
|
# Non-server/HV driver defaults which are always enabled
|
|
|
|
%define with_python 0%{!?_without_python:1}
|
|
|
|
%define with_sasl 0%{!?_without_sasl:1}
|
|
|
|
|
|
|
|
|
|
|
|
# Finally set the OS / architecture specific special cases
|
|
|
|
|
2008-06-13 00:10:50 +08:00
|
|
|
# Xen is available only on i386 x86_64 ia64
|
2009-03-04 21:17:44 +08:00
|
|
|
%ifnarch i386 i586 i686 x86_64 ia64
|
2008-06-13 00:10:50 +08:00
|
|
|
%define with_xen 0
|
2011-10-11 23:30:50 +08:00
|
|
|
%define with_libxl 0
|
2008-06-13 00:10:50 +08:00
|
|
|
%endif
|
|
|
|
|
2011-11-10 19:33:17 +08:00
|
|
|
# Numactl is not available on s390[x] and ARM
|
|
|
|
%ifarch s390 s390x %{arm}
|
2009-11-12 02:07:34 +08:00
|
|
|
%define with_numactl 0
|
|
|
|
%endif
|
2009-09-16 23:02:38 +08:00
|
|
|
|
Remove the Open Nebula driver
The Open Nebula driver has been unmaintained since it was first
introduced. The only commits have been for tree-wide cleanups.
It also has a major design flaw, in that it only knows about guests
that it has created itself, which makes it of very limited use.
Discussions wrt evolution of the VMWare ESX driver, concluded that
it should limit itself to single-node ESX operation and not try to
manage the multi-node architecture of VirtualCenter. Open Nebula
is a cluster like Virtual Center, not a single node system, so
the same reasoning applies.
The DeltaCloud project includes an Open Nebula driver and is a much
better fit architecturally, since it is explicitly targetting the
distributed multihost cluster scenario.
Thus this patch deletes the libvirt Open Nebula driver with the
recommendation that people use DeltaCloud for managing it instead.
* configure.ac: Remove probe for xmlrpc & --with-one arg
* daemon/Makefile.am, daemon/libvirtd.c, src/Makefile.am: Remove
ONE driver build
* src/opennebula/one_client.c, src/opennebula/one_client.h,
src/opennebula/one_conf.c, src/opennebula/one_conf.h,
src/opennebula/one_driver.c, src/opennebula/one_driver.c: Delete
files
* autobuild.sh, libvirt.spec.in, mingw32-libvirt.spec.in: Remove
build rules for Open Nebula
* docs/drivers.html.in, docs/sitemap.html.in: Remove reference
to OpenNebula
* docs/drvone.html.in: Delete file
2011-03-23 00:12:34 +08:00
|
|
|
# RHEL doesn't ship OpenVZ, VBox, UML, PowerHypervisor,
|
2011-09-27 04:28:47 +08:00
|
|
|
# VMWare, libxenserver (xenapi), libxenlight (Xen 4.1 and newer),
|
|
|
|
# or HyperV.
|
2009-09-16 23:02:38 +08:00
|
|
|
%if 0%{?rhel}
|
|
|
|
%define with_openvz 0
|
|
|
|
%define with_vbox 0
|
|
|
|
%define with_uml 0
|
|
|
|
%define with_phyp 0
|
2010-12-22 01:13:50 +08:00
|
|
|
%define with_vmware 0
|
2010-10-15 01:46:41 +08:00
|
|
|
%define with_xenapi 0
|
2011-02-11 06:42:34 +08:00
|
|
|
%define with_libxl 0
|
2011-09-27 04:28:47 +08:00
|
|
|
%define with_hyperv 0
|
2009-09-16 23:02:38 +08:00
|
|
|
%endif
|
|
|
|
|
2011-07-07 21:45:07 +08:00
|
|
|
# Although earlier Fedora has systemd, libvirt still used sysvinit
|
|
|
|
%if 0%{?fedora} >= 17
|
|
|
|
%define with_systemd 1
|
|
|
|
%endif
|
|
|
|
|
2009-09-16 23:02:38 +08:00
|
|
|
# RHEL-5 has restricted QEMU to x86_64 only and is too old for LXC
|
|
|
|
%if 0%{?rhel} == 5
|
|
|
|
%ifnarch x86_64
|
|
|
|
%define with_qemu 0
|
|
|
|
%endif
|
|
|
|
%define with_lxc 0
|
|
|
|
%endif
|
|
|
|
|
2009-09-16 23:02:38 +08:00
|
|
|
# RHEL-6 has restricted QEMU to x86_64 only, stopped including Xen
|
|
|
|
# on all archs. Other archs all have LXC available though
|
2009-09-16 23:02:38 +08:00
|
|
|
%if 0%{?rhel} >= 6
|
2009-09-16 23:02:38 +08:00
|
|
|
%ifnarch x86_64
|
|
|
|
%define with_qemu 0
|
|
|
|
%endif
|
2009-09-16 23:02:38 +08:00
|
|
|
%define with_xen 0
|
|
|
|
%endif
|
|
|
|
|
|
|
|
# Fedora doesn't have any QEMU on ppc64 - only ppc
|
2008-12-12 15:36:20 +08:00
|
|
|
%if 0%{?fedora}
|
2008-06-13 00:10:50 +08:00
|
|
|
%ifarch ppc64
|
2008-02-20 23:42:30 +08:00
|
|
|
%define with_qemu 0
|
|
|
|
%endif
|
2008-06-13 00:10:50 +08:00
|
|
|
%endif
|
|
|
|
|
2011-03-19 00:45:18 +08:00
|
|
|
# Fedora doesn't have new enough Xen for libxl until F16
|
2011-12-09 04:32:37 +08:00
|
|
|
%if 0%{?fedora} && 0%{?fedora} < 16
|
2011-03-19 00:45:18 +08:00
|
|
|
%define with_libxl 0
|
|
|
|
%endif
|
|
|
|
|
2010-11-09 00:32:02 +08:00
|
|
|
# PolicyKit was introduced in Fedora 8 / RHEL-6 or newer
|
2009-09-16 23:02:38 +08:00
|
|
|
%if 0%{?fedora} >= 8 || 0%{?rhel} >= 6
|
2008-09-17 22:09:13 +08:00
|
|
|
%define with_polkit 0%{!?_without_polkit:1}
|
2008-06-13 00:10:50 +08:00
|
|
|
%endif
|
2008-02-20 23:42:30 +08:00
|
|
|
|
2009-09-16 23:02:38 +08:00
|
|
|
# libcapng is used to manage capabilities in Fedora 12 / RHEL-6 or newer
|
|
|
|
%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
|
2009-06-29 19:33:13 +08:00
|
|
|
%define with_capng 0%{!?_without_capng:1}
|
|
|
|
%endif
|
|
|
|
|
2009-09-16 23:02:38 +08:00
|
|
|
# netcf is used to manage network interfaces in Fedora 12 / RHEL-6 or newer
|
|
|
|
%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
|
|
|
|
%define with_netcf 0%{!?_without_netcf:%{server_drivers}}
|
2009-07-29 00:30:48 +08:00
|
|
|
%endif
|
|
|
|
|
2009-11-20 23:45:46 +08:00
|
|
|
# udev is used to manage host devices in Fedora 12 / RHEL-6 or newer
|
|
|
|
%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
|
|
|
|
%define with_udev 0%{!?_without_udev:%{server_drivers}}
|
|
|
|
%else
|
|
|
|
%define with_hal 0%{!?_without_hal:%{server_drivers}}
|
|
|
|
%endif
|
|
|
|
|
2009-11-04 02:59:18 +08:00
|
|
|
# Enable yajl library for JSON mode with QEMU
|
|
|
|
%if 0%{?fedora} >= 13 || 0%{?rhel} >= 6
|
|
|
|
%define with_yajl 0%{!?_without_yajl:%{server_drivers}}
|
|
|
|
%endif
|
|
|
|
|
2011-01-19 02:37:45 +08:00
|
|
|
# Enable sanlock library for lock management with QEMU
|
2011-12-06 01:37:33 +08:00
|
|
|
# Sanlock is available only on i686 x86_64 for RHEL
|
|
|
|
%if 0%{?fedora} >= 16
|
|
|
|
%define with_sanlock 0%{!?_without_sanlock:%{server_drivers}}
|
|
|
|
%endif
|
|
|
|
%if 0%{?rhel} >= 6
|
2011-12-15 01:31:30 +08:00
|
|
|
%ifarch i386 i586 i686 x86_64
|
2011-12-06 01:37:33 +08:00
|
|
|
%define with_sanlock 0%{!?_without_sanlock:%{server_drivers}}
|
|
|
|
%endif
|
2011-01-19 02:37:45 +08:00
|
|
|
%endif
|
|
|
|
|
2011-07-14 13:20:19 +08:00
|
|
|
# Disable some drivers when building without libvirt daemon.
|
|
|
|
# The logic is the same as in configure.ac
|
|
|
|
%if ! %{with_libvirtd}
|
|
|
|
%define with_network 0
|
|
|
|
%define with_qemu 0
|
|
|
|
%define with_lxc 0
|
|
|
|
%define with_uml 0
|
|
|
|
%define with_hal 0
|
|
|
|
%define with_udev 0
|
|
|
|
%define with_storage_fs 0
|
|
|
|
%define with_storage_lvm 0
|
|
|
|
%define with_storage_iscsi 0
|
|
|
|
%define with_storage_mpath 0
|
|
|
|
%define with_storage_disk 0
|
|
|
|
%endif
|
|
|
|
|
nwfilter: Support for learning a VM's IP address
This patch implements support for learning a VM's IP address. It uses
the pcap library to listen on the VM's backend network interface (tap)
or the physical ethernet device (macvtap) and tries to capture packets
with source or destination MAC address of the VM and learn from DHCP
Offers, ARP traffic, or first-sent IPv4 packet what the IP address of
the VM's interface is. This then allows to instantiate the network
traffic filtering rules without the user having to provide the IP
parameter somewhere in the filter description or in the interface
description as a parameter. This only supports to detect the parameter
IP, which is for the assumed single IPv4 address of a VM. There is not
support for interfaces that may have multiple IP addresses (IP
aliasing) or IPv6 that may then require more than one valid IP address
to be detected. A VM can have multiple independent interfaces that each
uses a different IP address and in that case it will be attempted to
detect each one of the address independently.
So, when for example an interface description in the domain XML has
looked like this up to now:
<interface type='bridge'>
<source bridge='mybridge'/>
<model type='virtio'/>
<filterref filter='clean-traffic'>
<parameter name='IP' value='10.2.3.4'/>
</filterref>
</interface>
you may omit the IP parameter:
<interface type='bridge'>
<source bridge='mybridge'/>
<model type='virtio'/>
<filterref filter='clean-traffic'/>
</interface>
Internally I am walking the 'tree' of a VM's referenced network filters
and determine with the given variables which variables are missing. Now,
the above IP parameter may be missing and this causes a libvirt-internal
thread to be started that uses the pcap library's API to listen to the
backend interface (in case of macvtap to the physical interface) in an
attempt to determine the missing IP parameter. If the backend interface
disappears the thread terminates assuming the VM was brought down. In
case of a macvtap device a timeout is being used to wait for packets
from the given VM (filtering by VM's interface MAC address). If the VM's
macvtap device disappeared the thread also terminates. In all other
cases it tries to determine the IP address of the VM and will then apply
the rules late on the given interface, which would have happened
immediately if the IP parameter had been explicitly given. In case an
error happens while the firewall rules are applied, the VM's backend
interface is 'down'ed preventing it to communicate. Reasons for failure
for applying the network firewall rules may that an ebtables/iptables
command failes or OOM errors. Essentially the same failure reasons may
occur as when the firewall rules are applied immediately on VM start,
except that due to the late application of the filtering rules the VM
now is already running and cannot be hindered anymore from starting.
Bringing down the whole VM would probably be considered too drastic.
While a VM's IP address is attempted to be determined only limited
updates to network filters are allowed. In particular it is prevented
that filters are modified in such a way that they would introduce new
variables.
A caveat: The algorithm does not know which one is the appropriate IP
address of a VM. If the VM spoofs an IP address in its first ARP traffic
or IPv4 packets its filtering rules will be instantiated for this IP
address, thus 'locking' it to the found IP address. So, it's still
'safer' to explicitly provide the IP address of a VM's interface in the
filter description if it is known beforehand.
* configure.ac: detect libpcap
* libvirt.spec.in: require libpcap[-devel] if qemu is built
* src/internal.h: add the new ATTRIBUTE_PACKED define
* src/Makefile.am src/libvirt_private.syms: add the new modules and symbols
* src/nwfilter/nwfilter_learnipaddr.[ch]: new module being added
* src/nwfilter/nwfilter_driver.c src/conf/nwfilter_conf.[ch]
src/nwfilter/nwfilter_ebiptables_driver.[ch]
src/nwfilter/nwfilter_gentech_driver.[ch]: plu the new functionality in
* tests/nwfilterxml2xmltest: extend testing
2010-04-08 05:02:18 +08:00
|
|
|
# Enable libpcap library
|
|
|
|
%if %{with_qemu}
|
2010-05-06 00:20:28 +08:00
|
|
|
%define with_nwfilter 0%{!?_without_nwfilter:%{server_drivers}}
|
nwfilter: Support for learning a VM's IP address
This patch implements support for learning a VM's IP address. It uses
the pcap library to listen on the VM's backend network interface (tap)
or the physical ethernet device (macvtap) and tries to capture packets
with source or destination MAC address of the VM and learn from DHCP
Offers, ARP traffic, or first-sent IPv4 packet what the IP address of
the VM's interface is. This then allows to instantiate the network
traffic filtering rules without the user having to provide the IP
parameter somewhere in the filter description or in the interface
description as a parameter. This only supports to detect the parameter
IP, which is for the assumed single IPv4 address of a VM. There is not
support for interfaces that may have multiple IP addresses (IP
aliasing) or IPv6 that may then require more than one valid IP address
to be detected. A VM can have multiple independent interfaces that each
uses a different IP address and in that case it will be attempted to
detect each one of the address independently.
So, when for example an interface description in the domain XML has
looked like this up to now:
<interface type='bridge'>
<source bridge='mybridge'/>
<model type='virtio'/>
<filterref filter='clean-traffic'>
<parameter name='IP' value='10.2.3.4'/>
</filterref>
</interface>
you may omit the IP parameter:
<interface type='bridge'>
<source bridge='mybridge'/>
<model type='virtio'/>
<filterref filter='clean-traffic'/>
</interface>
Internally I am walking the 'tree' of a VM's referenced network filters
and determine with the given variables which variables are missing. Now,
the above IP parameter may be missing and this causes a libvirt-internal
thread to be started that uses the pcap library's API to listen to the
backend interface (in case of macvtap to the physical interface) in an
attempt to determine the missing IP parameter. If the backend interface
disappears the thread terminates assuming the VM was brought down. In
case of a macvtap device a timeout is being used to wait for packets
from the given VM (filtering by VM's interface MAC address). If the VM's
macvtap device disappeared the thread also terminates. In all other
cases it tries to determine the IP address of the VM and will then apply
the rules late on the given interface, which would have happened
immediately if the IP parameter had been explicitly given. In case an
error happens while the firewall rules are applied, the VM's backend
interface is 'down'ed preventing it to communicate. Reasons for failure
for applying the network firewall rules may that an ebtables/iptables
command failes or OOM errors. Essentially the same failure reasons may
occur as when the firewall rules are applied immediately on VM start,
except that due to the late application of the filtering rules the VM
now is already running and cannot be hindered anymore from starting.
Bringing down the whole VM would probably be considered too drastic.
While a VM's IP address is attempted to be determined only limited
updates to network filters are allowed. In particular it is prevented
that filters are modified in such a way that they would introduce new
variables.
A caveat: The algorithm does not know which one is the appropriate IP
address of a VM. If the VM spoofs an IP address in its first ARP traffic
or IPv4 packets its filtering rules will be instantiated for this IP
address, thus 'locking' it to the found IP address. So, it's still
'safer' to explicitly provide the IP address of a VM's interface in the
filter description if it is known beforehand.
* configure.ac: detect libpcap
* libvirt.spec.in: require libpcap[-devel] if qemu is built
* src/internal.h: add the new ATTRIBUTE_PACKED define
* src/Makefile.am src/libvirt_private.syms: add the new modules and symbols
* src/nwfilter/nwfilter_learnipaddr.[ch]: new module being added
* src/nwfilter/nwfilter_driver.c src/conf/nwfilter_conf.[ch]
src/nwfilter/nwfilter_ebiptables_driver.[ch]
src/nwfilter/nwfilter_gentech_driver.[ch]: plu the new functionality in
* tests/nwfilterxml2xmltest: extend testing
2010-04-08 05:02:18 +08:00
|
|
|
%define with_libpcap 0%{!?_without_libpcap:%{server_drivers}}
|
2010-05-26 03:31:38 +08:00
|
|
|
%define with_macvtap 0%{!?_without_macvtap:%{server_drivers}}
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%if %{with_macvtap}
|
|
|
|
%define with_libnl 1
|
nwfilter: Support for learning a VM's IP address
This patch implements support for learning a VM's IP address. It uses
the pcap library to listen on the VM's backend network interface (tap)
or the physical ethernet device (macvtap) and tries to capture packets
with source or destination MAC address of the VM and learn from DHCP
Offers, ARP traffic, or first-sent IPv4 packet what the IP address of
the VM's interface is. This then allows to instantiate the network
traffic filtering rules without the user having to provide the IP
parameter somewhere in the filter description or in the interface
description as a parameter. This only supports to detect the parameter
IP, which is for the assumed single IPv4 address of a VM. There is not
support for interfaces that may have multiple IP addresses (IP
aliasing) or IPv6 that may then require more than one valid IP address
to be detected. A VM can have multiple independent interfaces that each
uses a different IP address and in that case it will be attempted to
detect each one of the address independently.
So, when for example an interface description in the domain XML has
looked like this up to now:
<interface type='bridge'>
<source bridge='mybridge'/>
<model type='virtio'/>
<filterref filter='clean-traffic'>
<parameter name='IP' value='10.2.3.4'/>
</filterref>
</interface>
you may omit the IP parameter:
<interface type='bridge'>
<source bridge='mybridge'/>
<model type='virtio'/>
<filterref filter='clean-traffic'/>
</interface>
Internally I am walking the 'tree' of a VM's referenced network filters
and determine with the given variables which variables are missing. Now,
the above IP parameter may be missing and this causes a libvirt-internal
thread to be started that uses the pcap library's API to listen to the
backend interface (in case of macvtap to the physical interface) in an
attempt to determine the missing IP parameter. If the backend interface
disappears the thread terminates assuming the VM was brought down. In
case of a macvtap device a timeout is being used to wait for packets
from the given VM (filtering by VM's interface MAC address). If the VM's
macvtap device disappeared the thread also terminates. In all other
cases it tries to determine the IP address of the VM and will then apply
the rules late on the given interface, which would have happened
immediately if the IP parameter had been explicitly given. In case an
error happens while the firewall rules are applied, the VM's backend
interface is 'down'ed preventing it to communicate. Reasons for failure
for applying the network firewall rules may that an ebtables/iptables
command failes or OOM errors. Essentially the same failure reasons may
occur as when the firewall rules are applied immediately on VM start,
except that due to the late application of the filtering rules the VM
now is already running and cannot be hindered anymore from starting.
Bringing down the whole VM would probably be considered too drastic.
While a VM's IP address is attempted to be determined only limited
updates to network filters are allowed. In particular it is prevented
that filters are modified in such a way that they would introduce new
variables.
A caveat: The algorithm does not know which one is the appropriate IP
address of a VM. If the VM spoofs an IP address in its first ARP traffic
or IPv4 packets its filtering rules will be instantiated for this IP
address, thus 'locking' it to the found IP address. So, it's still
'safer' to explicitly provide the IP address of a VM's interface in the
filter description if it is known beforehand.
* configure.ac: detect libpcap
* libvirt.spec.in: require libpcap[-devel] if qemu is built
* src/internal.h: add the new ATTRIBUTE_PACKED define
* src/Makefile.am src/libvirt_private.syms: add the new modules and symbols
* src/nwfilter/nwfilter_learnipaddr.[ch]: new module being added
* src/nwfilter/nwfilter_driver.c src/conf/nwfilter_conf.[ch]
src/nwfilter/nwfilter_ebiptables_driver.[ch]
src/nwfilter/nwfilter_gentech_driver.[ch]: plu the new functionality in
* tests/nwfilterxml2xmltest: extend testing
2010-04-08 05:02:18 +08:00
|
|
|
%endif
|
|
|
|
|
2010-09-15 21:44:11 +08:00
|
|
|
%if 0%{?fedora} >= 11 || 0%{?rhel} >= 5
|
|
|
|
%define with_audit 0%{!?_without_audit:1}
|
|
|
|
%endif
|
|
|
|
|
Add dtrace static probes in libvirtd
Adds initial support for dtrace static probes in libvirtd
daemon, assuming use of systemtap dtrace compat shim on
Linux. The probes are inserted for network client connect,
disconnect, TLS handshake states and authentication protocol
states.
This can be tested by running the xample program and then
attempting to connect with any libvirt client (virsh,
virt-manager, etc).
# stap examples/systemtap/client.stp
Client fd=44 connected readonly=0
Client fd=44 auth polkit deny pid:24997,uid:500
Client fd=44 disconnected
Client fd=46 connected readonly=1
Client fd=46 auth sasl allow test
Client fd=46 disconnected
The libvirtd.stp file should also really not be required,
since it is duplicated info that is already available in
the main probes.d definition file. A script to autogenerate
the .stp file is needed, either in libvirtd tree, or better
as part of systemtap itself.
* Makefile.am: Add examples/systemtap subdir
* autobuild.sh: Disable dtrace for mingw32
* configure.ac: Add check for dtrace
* daemon/.gitignore: Ignore generated dtrace probe file
* daemon/Makefile.am: Build dtrace probe header & object
files
* daemon/libvirtd.stp: SystemTAP convenience probeset
* daemon/libvirtd.c: Add connect/disconnect & TLS probes
* daemon/remote.c: Add SASL and PolicyKit auth probes
* daemon/probes.d: Master probe definition
* daemon/libvirtd.h: Add convenience macro for probes
so that compilation is a no-op when dtrace is not available
* examples/systemtap/Makefile.am, examples/systemtap/client.stp
Example systemtap script using dtrace probe markers
* libvirt.spec.in: Enable dtrace on F13/RHEL6
* mingw32-libvirt.spec.in: Force disable dtrace
2010-09-15 00:30:32 +08:00
|
|
|
%if 0%{?fedora} >= 13 || 0%{?rhel} >= 6
|
|
|
|
%define with_dtrace 1
|
|
|
|
%endif
|
|
|
|
|
2010-12-23 16:44:19 +08:00
|
|
|
# Pull in cgroups config system
|
|
|
|
%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
|
|
|
|
%if %{with_qemu} || %{with_lxc}
|
|
|
|
%define with_cgconfig 0%{!?_without_cgconfig:1}
|
|
|
|
%endif
|
|
|
|
%endif
|
|
|
|
|
2009-09-16 23:02:38 +08:00
|
|
|
# Force QEMU to run as non-root
|
|
|
|
%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
|
2009-07-16 05:25:01 +08:00
|
|
|
%define qemu_user qemu
|
|
|
|
%define qemu_group qemu
|
|
|
|
%else
|
|
|
|
%define qemu_user root
|
|
|
|
%define qemu_group root
|
|
|
|
%endif
|
|
|
|
|
2009-09-16 23:02:38 +08:00
|
|
|
|
|
|
|
# The RHEL-5 Xen package has some feature backports. This
|
|
|
|
# flag is set to enable use of those special bits on RHEL-5
|
|
|
|
%if 0%{?rhel} == 5
|
2009-06-25 01:32:56 +08:00
|
|
|
%define with_rhel5 1
|
2009-09-16 23:02:38 +08:00
|
|
|
%else
|
|
|
|
%define with_rhel5 0
|
2009-01-21 01:27:34 +08:00
|
|
|
%endif
|
|
|
|
|
2010-11-12 01:21:28 +08:00
|
|
|
Summary: Library providing a simple virtualization API
|
2006-02-10 01:45:11 +08:00
|
|
|
Name: libvirt
|
2005-11-02 23:37:34 +08:00
|
|
|
Version: @VERSION@
|
2008-06-13 00:10:50 +08:00
|
|
|
Release: 1%{?dist}%{?extra_release}
|
2008-08-08 22:27:05 +08:00
|
|
|
License: LGPLv2+
|
2005-11-02 23:37:34 +08:00
|
|
|
Group: Development/Libraries
|
2009-08-21 18:10:37 +08:00
|
|
|
Source: http://libvirt.org/sources/libvirt-%{version}.tar.gz
|
2008-07-07 18:00:30 +08:00
|
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
|
2006-09-21 23:24:37 +08:00
|
|
|
URL: http://libvirt.org/
|
2011-03-24 00:20:14 +08:00
|
|
|
|
|
|
|
# All runtime requirements for the libvirt package (runtime requrements
|
|
|
|
# for subpackages are listed later in those subpackages)
|
2009-07-21 17:16:15 +08:00
|
|
|
|
|
|
|
# The client side, i.e. shared libs and virsh are in a subpackage
|
2010-05-04 22:13:55 +08:00
|
|
|
Requires: %{name}-client = %{version}-%{release}
|
2009-07-21 17:16:15 +08:00
|
|
|
|
2009-09-16 23:02:38 +08:00
|
|
|
# Used by many of the drivers, so turn it on whenever the
|
|
|
|
# daemon is present
|
|
|
|
%if %{with_libvirtd}
|
2011-03-24 00:30:49 +08:00
|
|
|
# for modprobe of pci devices
|
|
|
|
Requires: module-init-tools
|
2011-07-22 22:07:27 +08:00
|
|
|
# for /sbin/ip & /sbin/tc
|
2011-03-24 00:30:49 +08:00
|
|
|
Requires: iproute
|
2011-12-29 21:13:22 +08:00
|
|
|
%if %{with_avahi}
|
|
|
|
Requires: avahi
|
|
|
|
%endif
|
2009-09-16 23:02:38 +08:00
|
|
|
%endif
|
|
|
|
%if %{with_network}
|
2010-08-12 02:25:09 +08:00
|
|
|
Requires: dnsmasq >= 2.41
|
2011-03-24 00:30:49 +08:00
|
|
|
Requires: radvd
|
|
|
|
%endif
|
|
|
|
%if %{with_network} || %{with_nwfilter}
|
2007-06-27 07:01:54 +08:00
|
|
|
Requires: iptables
|
2011-03-24 00:30:49 +08:00
|
|
|
Requires: iptables-ipv6
|
2009-09-16 23:02:38 +08:00
|
|
|
%endif
|
2010-05-06 00:20:28 +08:00
|
|
|
%if %{with_nwfilter}
|
|
|
|
Requires: ebtables
|
|
|
|
%endif
|
2008-11-26 22:46:49 +08:00
|
|
|
# needed for device enumeration
|
2009-09-16 23:02:38 +08:00
|
|
|
%if %{with_hal}
|
2008-11-26 22:46:49 +08:00
|
|
|
Requires: hal
|
2009-09-16 23:02:38 +08:00
|
|
|
%endif
|
2009-11-20 23:45:46 +08:00
|
|
|
%if %{with_udev}
|
|
|
|
Requires: udev >= 145
|
|
|
|
%endif
|
2007-12-06 02:21:27 +08:00
|
|
|
%if %{with_polkit}
|
2009-09-16 23:02:38 +08:00
|
|
|
%if 0%{?fedora} >= 12 || 0%{?rhel} >=6
|
2009-08-06 20:54:08 +08:00
|
|
|
Requires: polkit >= 0.93
|
|
|
|
%else
|
2007-12-06 02:21:27 +08:00
|
|
|
Requires: PolicyKit >= 0.6
|
|
|
|
%endif
|
2009-08-06 20:54:08 +08:00
|
|
|
%endif
|
2009-03-31 20:45:07 +08:00
|
|
|
%if %{with_storage_fs}
|
2008-08-28 04:05:58 +08:00
|
|
|
Requires: nfs-utils
|
2011-06-14 16:16:39 +08:00
|
|
|
# For mkfs
|
|
|
|
Requires: util-linux-ng
|
|
|
|
# For pool-build probing for existing pools
|
|
|
|
BuildRequires: libblkid-devel >= 2.17
|
2009-07-08 17:46:25 +08:00
|
|
|
# For glusterfs
|
2009-09-02 04:19:38 +08:00
|
|
|
%if 0%{?fedora} >= 11
|
2009-07-28 18:00:31 +08:00
|
|
|
Requires: glusterfs-client >= 2.0.1
|
2009-03-31 20:45:07 +08:00
|
|
|
%endif
|
2009-09-02 04:19:38 +08:00
|
|
|
%endif
|
2008-02-20 23:42:30 +08:00
|
|
|
%if %{with_qemu}
|
|
|
|
# From QEMU RPMs
|
|
|
|
Requires: /usr/bin/qemu-img
|
2009-09-09 22:44:44 +08:00
|
|
|
# For image compression
|
|
|
|
Requires: gzip
|
|
|
|
Requires: bzip2
|
2009-09-10 17:13:33 +08:00
|
|
|
Requires: lzop
|
2009-09-09 22:44:44 +08:00
|
|
|
Requires: xz
|
2008-02-20 23:42:30 +08:00
|
|
|
%else
|
2008-06-13 00:10:50 +08:00
|
|
|
%if %{with_xen}
|
2008-02-20 23:42:30 +08:00
|
|
|
# From Xen RPMs
|
|
|
|
Requires: /usr/sbin/qcow-create
|
|
|
|
%endif
|
2008-06-13 00:10:50 +08:00
|
|
|
%endif
|
2009-03-31 20:45:07 +08:00
|
|
|
%if %{with_storage_lvm}
|
2008-02-20 23:45:33 +08:00
|
|
|
# For LVM drivers
|
|
|
|
Requires: lvm2
|
2009-03-31 20:45:07 +08:00
|
|
|
%endif
|
|
|
|
%if %{with_storage_iscsi}
|
2008-02-20 23:49:25 +08:00
|
|
|
# For ISCSI driver
|
|
|
|
Requires: iscsi-initiator-utils
|
2009-03-31 20:45:07 +08:00
|
|
|
%endif
|
|
|
|
%if %{with_storage_disk}
|
2008-02-20 23:52:17 +08:00
|
|
|
# For disk driver
|
|
|
|
Requires: parted
|
2011-02-17 15:29:07 +08:00
|
|
|
Requires: device-mapper
|
2009-03-31 20:45:07 +08:00
|
|
|
%endif
|
2009-09-08 22:07:54 +08:00
|
|
|
%if %{with_storage_mpath}
|
|
|
|
# For multipath support
|
|
|
|
Requires: device-mapper
|
|
|
|
%endif
|
2010-12-23 16:44:19 +08:00
|
|
|
%if %{with_cgconfig}
|
|
|
|
Requires: libcgroup
|
|
|
|
%endif
|
2012-01-17 23:41:28 +08:00
|
|
|
%ifarch i386 i586 i686 x86_64 ia64
|
2011-12-06 01:32:41 +08:00
|
|
|
# For virConnectGetSysinfo
|
|
|
|
Requires: dmidecode
|
2012-01-17 23:41:28 +08:00
|
|
|
%endif
|
2011-12-06 01:32:41 +08:00
|
|
|
# For service management
|
|
|
|
%if %{with_systemd}
|
|
|
|
Requires(post): systemd-units
|
|
|
|
Requires(post): systemd-sysv
|
|
|
|
Requires(preun): systemd-units
|
|
|
|
Requires(postun): systemd-units
|
|
|
|
%endif
|
2011-03-24 00:20:14 +08:00
|
|
|
|
|
|
|
# All build-time requirements
|
2011-12-06 01:22:10 +08:00
|
|
|
%if 0%{?enable_autotools}
|
|
|
|
BuildRequires: autoconf
|
|
|
|
BuildRequires: automake
|
|
|
|
BuildRequires: gettext-devel
|
|
|
|
BuildRequires: libtool
|
|
|
|
%endif
|
2011-03-24 00:20:14 +08:00
|
|
|
BuildRequires: python-devel
|
2011-07-07 21:45:07 +08:00
|
|
|
%if %{with_systemd}
|
|
|
|
BuildRequires: systemd-units
|
|
|
|
%endif
|
2008-06-13 00:10:50 +08:00
|
|
|
%if %{with_xen}
|
2006-07-24 22:32:03 +08:00
|
|
|
BuildRequires: xen-devel
|
2008-06-13 00:10:50 +08:00
|
|
|
%endif
|
2006-02-23 19:35:37 +08:00
|
|
|
BuildRequires: libxml2-devel
|
2008-08-20 21:16:29 +08:00
|
|
|
BuildRequires: xhtml1-dtds
|
2011-03-24 00:30:49 +08:00
|
|
|
BuildRequires: libxslt
|
2006-03-04 16:57:22 +08:00
|
|
|
BuildRequires: readline-devel
|
2006-07-14 06:27:31 +08:00
|
|
|
BuildRequires: ncurses-devel
|
2006-09-21 23:24:37 +08:00
|
|
|
BuildRequires: gettext
|
2011-07-26 01:17:57 +08:00
|
|
|
BuildRequires: libtasn1-devel
|
2007-06-11 21:24:45 +08:00
|
|
|
BuildRequires: gnutls-devel
|
2011-03-24 00:30:49 +08:00
|
|
|
%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
|
|
|
|
# for augparse, optionally used in testing
|
|
|
|
BuildRequires: augeas
|
|
|
|
%endif
|
2009-09-16 23:02:38 +08:00
|
|
|
%if %{with_hal}
|
2008-11-26 22:46:49 +08:00
|
|
|
BuildRequires: hal-devel
|
2009-09-16 23:02:38 +08:00
|
|
|
%endif
|
2009-11-20 23:45:46 +08:00
|
|
|
%if %{with_udev}
|
|
|
|
BuildRequires: libudev-devel >= 145
|
|
|
|
BuildRequires: libpciaccess-devel >= 0.10.9
|
|
|
|
%endif
|
2009-11-04 02:59:18 +08:00
|
|
|
%if %{with_yajl}
|
|
|
|
BuildRequires: yajl-devel
|
|
|
|
%endif
|
2011-01-19 02:37:45 +08:00
|
|
|
%if %{with_sanlock}
|
2011-09-19 18:04:59 +08:00
|
|
|
BuildRequires: sanlock-devel >= 1.8
|
2011-01-19 02:37:45 +08:00
|
|
|
%endif
|
nwfilter: Support for learning a VM's IP address
This patch implements support for learning a VM's IP address. It uses
the pcap library to listen on the VM's backend network interface (tap)
or the physical ethernet device (macvtap) and tries to capture packets
with source or destination MAC address of the VM and learn from DHCP
Offers, ARP traffic, or first-sent IPv4 packet what the IP address of
the VM's interface is. This then allows to instantiate the network
traffic filtering rules without the user having to provide the IP
parameter somewhere in the filter description or in the interface
description as a parameter. This only supports to detect the parameter
IP, which is for the assumed single IPv4 address of a VM. There is not
support for interfaces that may have multiple IP addresses (IP
aliasing) or IPv6 that may then require more than one valid IP address
to be detected. A VM can have multiple independent interfaces that each
uses a different IP address and in that case it will be attempted to
detect each one of the address independently.
So, when for example an interface description in the domain XML has
looked like this up to now:
<interface type='bridge'>
<source bridge='mybridge'/>
<model type='virtio'/>
<filterref filter='clean-traffic'>
<parameter name='IP' value='10.2.3.4'/>
</filterref>
</interface>
you may omit the IP parameter:
<interface type='bridge'>
<source bridge='mybridge'/>
<model type='virtio'/>
<filterref filter='clean-traffic'/>
</interface>
Internally I am walking the 'tree' of a VM's referenced network filters
and determine with the given variables which variables are missing. Now,
the above IP parameter may be missing and this causes a libvirt-internal
thread to be started that uses the pcap library's API to listen to the
backend interface (in case of macvtap to the physical interface) in an
attempt to determine the missing IP parameter. If the backend interface
disappears the thread terminates assuming the VM was brought down. In
case of a macvtap device a timeout is being used to wait for packets
from the given VM (filtering by VM's interface MAC address). If the VM's
macvtap device disappeared the thread also terminates. In all other
cases it tries to determine the IP address of the VM and will then apply
the rules late on the given interface, which would have happened
immediately if the IP parameter had been explicitly given. In case an
error happens while the firewall rules are applied, the VM's backend
interface is 'down'ed preventing it to communicate. Reasons for failure
for applying the network firewall rules may that an ebtables/iptables
command failes or OOM errors. Essentially the same failure reasons may
occur as when the firewall rules are applied immediately on VM start,
except that due to the late application of the filtering rules the VM
now is already running and cannot be hindered anymore from starting.
Bringing down the whole VM would probably be considered too drastic.
While a VM's IP address is attempted to be determined only limited
updates to network filters are allowed. In particular it is prevented
that filters are modified in such a way that they would introduce new
variables.
A caveat: The algorithm does not know which one is the appropriate IP
address of a VM. If the VM spoofs an IP address in its first ARP traffic
or IPv4 packets its filtering rules will be instantiated for this IP
address, thus 'locking' it to the found IP address. So, it's still
'safer' to explicitly provide the IP address of a VM's interface in the
filter description if it is known beforehand.
* configure.ac: detect libpcap
* libvirt.spec.in: require libpcap[-devel] if qemu is built
* src/internal.h: add the new ATTRIBUTE_PACKED define
* src/Makefile.am src/libvirt_private.syms: add the new modules and symbols
* src/nwfilter/nwfilter_learnipaddr.[ch]: new module being added
* src/nwfilter/nwfilter_driver.c src/conf/nwfilter_conf.[ch]
src/nwfilter/nwfilter_ebiptables_driver.[ch]
src/nwfilter/nwfilter_gentech_driver.[ch]: plu the new functionality in
* tests/nwfilterxml2xmltest: extend testing
2010-04-08 05:02:18 +08:00
|
|
|
%if %{with_libpcap}
|
|
|
|
BuildRequires: libpcap-devel
|
|
|
|
%endif
|
2010-05-26 03:31:38 +08:00
|
|
|
%if %{with_libnl}
|
|
|
|
BuildRequires: libnl-devel
|
|
|
|
%endif
|
2008-09-17 22:09:13 +08:00
|
|
|
%if %{with_avahi}
|
2007-09-19 09:56:55 +08:00
|
|
|
BuildRequires: avahi-devel
|
2008-09-17 22:09:13 +08:00
|
|
|
%endif
|
2009-09-16 23:02:38 +08:00
|
|
|
%if %{with_selinux}
|
2008-02-20 23:38:29 +08:00
|
|
|
BuildRequires: libselinux-devel
|
2009-09-16 23:02:38 +08:00
|
|
|
%endif
|
|
|
|
%if %{with_network}
|
2010-08-12 02:25:09 +08:00
|
|
|
BuildRequires: dnsmasq >= 2.41
|
2011-03-24 00:30:49 +08:00
|
|
|
BuildRequires: iptables
|
|
|
|
BuildRequires: iptables-ipv6
|
|
|
|
BuildRequires: radvd
|
|
|
|
%endif
|
|
|
|
%if %{with_nwfilter}
|
|
|
|
BuildRequires: ebtables
|
2009-09-16 23:02:38 +08:00
|
|
|
%endif
|
2011-03-24 00:30:49 +08:00
|
|
|
BuildRequires: module-init-tools
|
2008-09-17 22:09:13 +08:00
|
|
|
%if %{with_sasl}
|
2008-06-13 00:10:50 +08:00
|
|
|
BuildRequires: cyrus-sasl-devel
|
2008-09-17 22:09:13 +08:00
|
|
|
%endif
|
2007-12-06 02:21:27 +08:00
|
|
|
%if %{with_polkit}
|
2009-09-16 23:02:38 +08:00
|
|
|
%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
|
2009-08-06 20:54:08 +08:00
|
|
|
# Only need the binary, not -devel
|
|
|
|
BuildRequires: polkit >= 0.93
|
|
|
|
%else
|
2007-12-06 02:21:27 +08:00
|
|
|
BuildRequires: PolicyKit-devel >= 0.6
|
|
|
|
%endif
|
2009-08-06 20:54:08 +08:00
|
|
|
%endif
|
2009-03-31 20:45:07 +08:00
|
|
|
%if %{with_storage_fs}
|
2008-02-20 23:42:30 +08:00
|
|
|
# For mount/umount in FS driver
|
|
|
|
BuildRequires: util-linux
|
2009-03-31 20:45:07 +08:00
|
|
|
%endif
|
2008-02-20 23:42:30 +08:00
|
|
|
%if %{with_qemu}
|
|
|
|
# From QEMU RPMs
|
|
|
|
BuildRequires: /usr/bin/qemu-img
|
|
|
|
%else
|
2008-06-13 00:10:50 +08:00
|
|
|
%if %{with_xen}
|
2008-02-20 23:42:30 +08:00
|
|
|
# From Xen RPMs
|
|
|
|
BuildRequires: /usr/sbin/qcow-create
|
|
|
|
%endif
|
2008-06-13 00:10:50 +08:00
|
|
|
%endif
|
2009-03-31 20:45:07 +08:00
|
|
|
%if %{with_storage_lvm}
|
2008-02-20 23:45:33 +08:00
|
|
|
# For LVM drivers
|
|
|
|
BuildRequires: lvm2
|
2009-03-31 20:45:07 +08:00
|
|
|
%endif
|
|
|
|
%if %{with_storage_iscsi}
|
2008-02-20 23:49:25 +08:00
|
|
|
# For ISCSI driver
|
|
|
|
BuildRequires: iscsi-initiator-utils
|
2009-03-31 20:45:07 +08:00
|
|
|
%endif
|
|
|
|
%if %{with_storage_disk}
|
2008-02-20 23:52:17 +08:00
|
|
|
# For disk driver
|
|
|
|
BuildRequires: parted-devel
|
2009-09-16 23:02:38 +08:00
|
|
|
%if 0%{?rhel} == 5
|
|
|
|
# Broken RHEL-5 parted RPM is missing a dep
|
|
|
|
BuildRequires: e2fsprogs-devel
|
|
|
|
%endif
|
2009-03-31 20:45:07 +08:00
|
|
|
%endif
|
2009-09-08 22:07:54 +08:00
|
|
|
%if %{with_storage_mpath}
|
|
|
|
# For Multipath support
|
2009-09-16 23:02:38 +08:00
|
|
|
%if 0%{?rhel} == 5
|
|
|
|
# Broken RHEL-5 packaging has header files in main RPM :-(
|
|
|
|
BuildRequires: device-mapper
|
|
|
|
%else
|
2009-09-08 22:07:54 +08:00
|
|
|
BuildRequires: device-mapper-devel
|
|
|
|
%endif
|
2009-09-16 23:02:38 +08:00
|
|
|
%endif
|
2009-03-31 20:45:07 +08:00
|
|
|
%if %{with_numactl}
|
2008-11-28 19:20:27 +08:00
|
|
|
# For QEMU/LXC numa info
|
|
|
|
BuildRequires: numactl-devel
|
2009-03-31 20:45:07 +08:00
|
|
|
%endif
|
2009-06-29 19:33:13 +08:00
|
|
|
%if %{with_capng}
|
2009-07-29 01:30:20 +08:00
|
|
|
BuildRequires: libcap-ng-devel >= 0.5.0
|
2009-06-29 19:33:13 +08:00
|
|
|
%endif
|
2009-07-24 22:26:54 +08:00
|
|
|
%if %{with_phyp}
|
2009-09-04 20:03:45 +08:00
|
|
|
BuildRequires: libssh2-devel
|
2009-07-24 22:26:54 +08:00
|
|
|
%endif
|
2009-07-29 00:30:48 +08:00
|
|
|
%if %{with_netcf}
|
2011-06-20 23:41:49 +08:00
|
|
|
%if 0%{?fedora} >= 16 || 0%{?rhel} >= 6
|
|
|
|
BuildRequires: netcf-devel >= 0.1.8
|
|
|
|
%else
|
2009-11-21 02:43:59 +08:00
|
|
|
BuildRequires: netcf-devel >= 0.1.4
|
2009-07-29 00:30:48 +08:00
|
|
|
%endif
|
2011-06-20 23:41:49 +08:00
|
|
|
%endif
|
2010-05-04 22:13:55 +08:00
|
|
|
%if %{with_esx}
|
2011-03-24 00:30:49 +08:00
|
|
|
%if 0%{?fedora} >= 9 || 0%{?rhel} >= 6
|
2010-05-04 22:13:55 +08:00
|
|
|
BuildRequires: libcurl-devel
|
2011-03-24 00:30:49 +08:00
|
|
|
%else
|
|
|
|
BuildRequires: curl-devel
|
|
|
|
%endif
|
2010-05-04 22:13:55 +08:00
|
|
|
%endif
|
2011-07-13 22:05:18 +08:00
|
|
|
%if %{with_hyperv}
|
|
|
|
BuildRequires: libwsman-devel >= 2.2.3
|
|
|
|
%endif
|
2010-09-15 21:44:11 +08:00
|
|
|
%if %{with_audit}
|
|
|
|
BuildRequires: audit-libs-devel
|
|
|
|
%endif
|
2010-12-01 02:52:25 +08:00
|
|
|
%if %{with_dtrace}
|
|
|
|
# we need /usr/sbin/dtrace
|
|
|
|
BuildRequires: systemtap-sdt-devel
|
|
|
|
%endif
|
|
|
|
|
2011-03-24 00:20:14 +08:00
|
|
|
%if %{with_storage_fs}
|
|
|
|
# For mount/umount in FS driver
|
|
|
|
BuildRequires: util-linux
|
|
|
|
# For showmount in FS driver (netfs discovery)
|
|
|
|
BuildRequires: nfs-utils
|
|
|
|
%endif
|
2008-06-13 00:10:50 +08:00
|
|
|
|
|
|
|
# Fedora build root suckage
|
|
|
|
BuildRequires: gawk
|
2005-11-02 23:37:34 +08:00
|
|
|
|
|
|
|
%description
|
2008-01-24 18:15:13 +08:00
|
|
|
Libvirt is a C toolkit to interact with the virtualization capabilities
|
2009-07-21 17:16:15 +08:00
|
|
|
of recent versions of Linux (and other OSes). The main package includes
|
|
|
|
the libvirtd server exporting the virtualization support.
|
|
|
|
|
|
|
|
%package client
|
2009-07-29 16:57:24 +08:00
|
|
|
Summary: Client side library and utilities of the libvirt library
|
2009-07-21 17:16:15 +08:00
|
|
|
Group: Development/Libraries
|
|
|
|
Requires: readline
|
|
|
|
Requires: ncurses
|
|
|
|
# So remote clients can access libvirt over SSH tunnel
|
|
|
|
# (client invokes 'nc' against the UNIX socket on the server)
|
|
|
|
Requires: nc
|
2011-02-18 13:45:13 +08:00
|
|
|
# Needed by libvirt-guests init script.
|
|
|
|
Requires: gettext
|
2011-02-22 01:43:29 +08:00
|
|
|
# Needed by virt-pki-validate script.
|
|
|
|
Requires: gnutls-utils
|
2011-11-22 11:31:22 +08:00
|
|
|
# Needed for probing the power management features of the host.
|
|
|
|
Requires: pm-utils
|
2009-07-21 17:16:15 +08:00
|
|
|
%if %{with_sasl}
|
|
|
|
Requires: cyrus-sasl
|
|
|
|
# Not technically required, but makes 'out-of-box' config
|
|
|
|
# work correctly & doesn't have onerous dependencies
|
|
|
|
Requires: cyrus-sasl-md5
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%description client
|
|
|
|
Shared libraries and client binaries needed to access to the
|
|
|
|
virtualization capabilities of recent versions of Linux (and other OSes).
|
2005-11-02 23:37:34 +08:00
|
|
|
|
|
|
|
%package devel
|
2006-02-10 01:45:11 +08:00
|
|
|
Summary: Libraries, includes, etc. to compile with the libvirt library
|
2005-11-02 23:37:34 +08:00
|
|
|
Group: Development/Libraries
|
2010-05-04 22:13:55 +08:00
|
|
|
Requires: %{name}-client = %{version}-%{release}
|
2006-11-08 00:28:16 +08:00
|
|
|
Requires: pkgconfig
|
2008-06-13 00:10:50 +08:00
|
|
|
%if %{with_xen}
|
|
|
|
Requires: xen-devel
|
|
|
|
%endif
|
2005-11-02 23:37:34 +08:00
|
|
|
|
|
|
|
%description devel
|
2006-02-10 01:45:11 +08:00
|
|
|
Includes and documentations for the C library providing an API to use
|
2007-03-28 16:48:52 +08:00
|
|
|
the virtualization capabilities of recent versions of Linux (and other OSes).
|
2005-11-02 23:37:34 +08:00
|
|
|
|
2011-01-19 02:37:45 +08:00
|
|
|
%if %{with_sanlock}
|
|
|
|
%package lock-sanlock
|
|
|
|
Summary: Sanlock lock manager plugin for QEMU driver
|
|
|
|
Group: Development/Libraries
|
2011-09-19 18:04:59 +08:00
|
|
|
Requires: sanlock >= 1.8
|
2011-09-15 22:55:36 +08:00
|
|
|
#for virt-sanlock-cleanup require augeas
|
|
|
|
Requires: augeas
|
2011-01-19 02:37:45 +08:00
|
|
|
Requires: %{name} = %{version}-%{release}
|
|
|
|
|
|
|
|
%description lock-sanlock
|
|
|
|
Includes the Sanlock lock manager plugin for the QEMU
|
|
|
|
driver
|
|
|
|
%endif
|
|
|
|
|
2008-09-17 22:09:13 +08:00
|
|
|
%if %{with_python}
|
2005-12-20 00:34:11 +08:00
|
|
|
%package python
|
2006-02-10 01:45:11 +08:00
|
|
|
Summary: Python bindings for the libvirt library
|
2005-12-20 00:34:11 +08:00
|
|
|
Group: Development/Libraries
|
2010-05-04 22:13:55 +08:00
|
|
|
Requires: %{name}-client = %{version}-%{release}
|
2005-12-20 00:34:11 +08:00
|
|
|
|
|
|
|
%description python
|
2006-02-10 01:45:11 +08:00
|
|
|
The libvirt-python package contains a module that permits applications
|
2005-12-20 00:34:11 +08:00
|
|
|
written in the Python programming language to use the interface
|
2008-02-06 03:27:37 +08:00
|
|
|
supplied by the libvirt library to use the virtualization capabilities
|
2007-03-28 16:48:52 +08:00
|
|
|
of recent versions of Linux (and other OSes).
|
2008-09-17 22:09:13 +08:00
|
|
|
%endif
|
2005-12-20 00:34:11 +08:00
|
|
|
|
2005-11-02 23:37:34 +08:00
|
|
|
%prep
|
|
|
|
%setup -q
|
|
|
|
|
|
|
|
%build
|
2008-06-13 00:10:50 +08:00
|
|
|
%if ! %{with_xen}
|
|
|
|
%define _without_xen --without-xen
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%if ! %{with_qemu}
|
|
|
|
%define _without_qemu --without-qemu
|
|
|
|
%endif
|
|
|
|
|
2008-08-21 17:28:54 +08:00
|
|
|
%if ! %{with_openvz}
|
|
|
|
%define _without_openvz --without-openvz
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%if ! %{with_lxc}
|
|
|
|
%define _without_lxc --without-lxc
|
|
|
|
%endif
|
|
|
|
|
2009-07-29 00:59:34 +08:00
|
|
|
%if ! %{with_vbox}
|
|
|
|
%define _without_vbox --without-vbox
|
|
|
|
%endif
|
|
|
|
|
2010-10-15 01:46:41 +08:00
|
|
|
%if ! %{with_xenapi}
|
|
|
|
%define _without_xenapi --without-xenapi
|
|
|
|
%endif
|
|
|
|
|
2011-02-11 06:42:34 +08:00
|
|
|
%if ! %{with_libxl}
|
|
|
|
%define _without_libxl --without-libxl
|
|
|
|
%endif
|
|
|
|
|
2008-09-17 22:09:13 +08:00
|
|
|
%if ! %{with_sasl}
|
|
|
|
%define _without_sasl --without-sasl
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%if ! %{with_avahi}
|
|
|
|
%define _without_avahi --without-avahi
|
|
|
|
%endif
|
|
|
|
|
2009-07-24 22:26:54 +08:00
|
|
|
%if ! %{with_phyp}
|
|
|
|
%define _without_phyp --without-phyp
|
|
|
|
%endif
|
|
|
|
|
2009-09-16 23:02:38 +08:00
|
|
|
%if ! %{with_esx}
|
|
|
|
%define _without_esx --without-esx
|
|
|
|
%endif
|
|
|
|
|
2011-07-13 22:05:18 +08:00
|
|
|
%if ! %{with_hyperv}
|
|
|
|
%define _without_hyperv --without-hyperv
|
|
|
|
%endif
|
|
|
|
|
2010-12-22 01:13:50 +08:00
|
|
|
%if ! %{with_vmware}
|
|
|
|
%define _without_vmware --without-vmware
|
|
|
|
%endif
|
|
|
|
|
2008-09-17 22:09:13 +08:00
|
|
|
%if ! %{with_polkit}
|
|
|
|
%define _without_polkit --without-polkit
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%if ! %{with_python}
|
|
|
|
%define _without_python --without-python
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%if ! %{with_libvirtd}
|
|
|
|
%define _without_libvirtd --without-libvirtd
|
|
|
|
%endif
|
|
|
|
|
2008-11-21 18:09:08 +08:00
|
|
|
%if ! %{with_uml}
|
|
|
|
%define _without_uml --without-uml
|
|
|
|
%endif
|
|
|
|
|
2009-01-21 01:27:34 +08:00
|
|
|
%if %{with_rhel5}
|
|
|
|
%define _with_rhel5_api --with-rhel5-api
|
|
|
|
%endif
|
|
|
|
|
2009-01-21 06:36:10 +08:00
|
|
|
%if ! %{with_network}
|
|
|
|
%define _without_network --without-network
|
|
|
|
%endif
|
|
|
|
|
2009-03-31 20:45:07 +08:00
|
|
|
%if ! %{with_storage_fs}
|
|
|
|
%define _without_storage_fs --without-storage-fs
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%if ! %{with_storage_lvm}
|
|
|
|
%define _without_storage_lvm --without-storage-lvm
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%if ! %{with_storage_iscsi}
|
|
|
|
%define _without_storage_iscsi --without-storage-iscsi
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%if ! %{with_storage_disk}
|
|
|
|
%define _without_storage_disk --without-storage-disk
|
|
|
|
%endif
|
|
|
|
|
2009-09-08 22:07:54 +08:00
|
|
|
%if ! %{with_storage_mpath}
|
|
|
|
%define _without_storage_mpath --without-storage-mpath
|
|
|
|
%endif
|
|
|
|
|
2009-03-31 20:45:07 +08:00
|
|
|
%if ! %{with_numactl}
|
|
|
|
%define _without_numactl --without-numactl
|
|
|
|
%endif
|
|
|
|
|
2009-07-29 00:35:32 +08:00
|
|
|
%if ! %{with_capng}
|
|
|
|
%define _without_capng --without-capng
|
|
|
|
%endif
|
|
|
|
|
2009-07-29 00:30:48 +08:00
|
|
|
%if ! %{with_netcf}
|
|
|
|
%define _without_netcf --without-netcf
|
|
|
|
%endif
|
|
|
|
|
2009-09-16 23:02:38 +08:00
|
|
|
%if ! %{with_selinux}
|
|
|
|
%define _without_selinux --without-selinux
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%if ! %{with_hal}
|
|
|
|
%define _without_hal --without-hal
|
|
|
|
%endif
|
|
|
|
|
2009-11-20 23:45:46 +08:00
|
|
|
%if ! %{with_udev}
|
|
|
|
%define _without_udev --without-udev
|
|
|
|
%endif
|
|
|
|
|
2009-11-04 02:59:18 +08:00
|
|
|
%if ! %{with_yajl}
|
|
|
|
%define _without_yajl --without-yajl
|
|
|
|
%endif
|
|
|
|
|
2011-01-19 02:37:45 +08:00
|
|
|
%if ! %{with_sanlock}
|
|
|
|
%define _without_sanlock --without-sanlock
|
|
|
|
%endif
|
|
|
|
|
2010-05-06 00:20:28 +08:00
|
|
|
%if ! %{with_libpcap}
|
|
|
|
%define _without_libpcap --without-libpcap
|
|
|
|
%endif
|
|
|
|
|
2010-05-26 03:31:38 +08:00
|
|
|
%if ! %{with_macvtap}
|
|
|
|
%define _without_macvtap --without-macvtap
|
|
|
|
%endif
|
|
|
|
|
2010-09-15 21:44:11 +08:00
|
|
|
%if ! %{with_audit}
|
|
|
|
%define _without_audit --without-audit
|
|
|
|
%endif
|
|
|
|
|
Add dtrace static probes in libvirtd
Adds initial support for dtrace static probes in libvirtd
daemon, assuming use of systemtap dtrace compat shim on
Linux. The probes are inserted for network client connect,
disconnect, TLS handshake states and authentication protocol
states.
This can be tested by running the xample program and then
attempting to connect with any libvirt client (virsh,
virt-manager, etc).
# stap examples/systemtap/client.stp
Client fd=44 connected readonly=0
Client fd=44 auth polkit deny pid:24997,uid:500
Client fd=44 disconnected
Client fd=46 connected readonly=1
Client fd=46 auth sasl allow test
Client fd=46 disconnected
The libvirtd.stp file should also really not be required,
since it is duplicated info that is already available in
the main probes.d definition file. A script to autogenerate
the .stp file is needed, either in libvirtd tree, or better
as part of systemtap itself.
* Makefile.am: Add examples/systemtap subdir
* autobuild.sh: Disable dtrace for mingw32
* configure.ac: Add check for dtrace
* daemon/.gitignore: Ignore generated dtrace probe file
* daemon/Makefile.am: Build dtrace probe header & object
files
* daemon/libvirtd.stp: SystemTAP convenience probeset
* daemon/libvirtd.c: Add connect/disconnect & TLS probes
* daemon/remote.c: Add SASL and PolicyKit auth probes
* daemon/probes.d: Master probe definition
* daemon/libvirtd.h: Add convenience macro for probes
so that compilation is a no-op when dtrace is not available
* examples/systemtap/Makefile.am, examples/systemtap/client.stp
Example systemtap script using dtrace probe markers
* libvirt.spec.in: Enable dtrace on F13/RHEL6
* mingw32-libvirt.spec.in: Force disable dtrace
2010-09-15 00:30:32 +08:00
|
|
|
%if ! %{with_dtrace}
|
|
|
|
%define _without_dtrace --without-dtrace
|
|
|
|
%endif
|
|
|
|
|
Imprint all logs with version + package build information
The logging functions are enhanced so that immediately prior to
the first log message being printed to any output channel, the
libvirt package version will be printed.
eg
$ LIBVIRT_DEBUG=1 virsh
18:13:28.013: 17536: info : libvirt version: 0.8.7
18:13:28.013: 17536: debug : virInitialize:361 : register drivers
...
The 'configure' script gains two new arguments which can be
used as
--with-packager="Fedora Project, x86-01.phx2.fedoraproject.org, 01-27-2011-18:00:10"
--with-packager-version="1.fc14"
to allow distros to append a custom string with package specific
data.
The RPM specfile is modified so that it appends the RPM version,
the build host, the build date and the packager name.
eg
$ LIBVIRT_DEBUG=1 virsh
18:14:52.086: 17551: info : libvirt version: 0.8.7, package: 1.fc13 (Fedora Project, x86-01.phx2.fedoraproject.org, 01-27-2011-18:00:10)
18:14:52.086: 17551: debug : virInitialize:361 : register drivers
Thus when distro packagers receive bug reports they can clearly
see what version was in use, even if the bug reporter mistakenly
or intentionally lies about version/builds
* src/util/logging.c: Output version data prior to first log message
* libvirt.spec.in: Include RPM release, date, hostname & packager
* configure.ac: Add --with-packager & --with-packager-version args
2011-01-28 02:11:16 +08:00
|
|
|
%define when %(date +"%%F-%%T")
|
|
|
|
%define where %(hostname)
|
|
|
|
%define who %{?packager}%{!?packager:Unknown}
|
|
|
|
%define with_packager --with-packager="%{who}, %{when}, %{where}"
|
|
|
|
%define with_packager_version --with-packager-version="%{release}"
|
|
|
|
|
2011-07-07 21:45:07 +08:00
|
|
|
%if %{with_systemd}
|
|
|
|
# We use 'systemd+redhat', so if someone installs upstart or
|
|
|
|
# legacy init scripts, they can still start libvirtd, etc
|
|
|
|
%define init_scripts --with-init_script=systemd+redhat
|
|
|
|
%else
|
|
|
|
%define init_scripts --with-init_script=redhat
|
|
|
|
%endif
|
Imprint all logs with version + package build information
The logging functions are enhanced so that immediately prior to
the first log message being printed to any output channel, the
libvirt package version will be printed.
eg
$ LIBVIRT_DEBUG=1 virsh
18:13:28.013: 17536: info : libvirt version: 0.8.7
18:13:28.013: 17536: debug : virInitialize:361 : register drivers
...
The 'configure' script gains two new arguments which can be
used as
--with-packager="Fedora Project, x86-01.phx2.fedoraproject.org, 01-27-2011-18:00:10"
--with-packager-version="1.fc14"
to allow distros to append a custom string with package specific
data.
The RPM specfile is modified so that it appends the RPM version,
the build host, the build date and the packager name.
eg
$ LIBVIRT_DEBUG=1 virsh
18:14:52.086: 17551: info : libvirt version: 0.8.7, package: 1.fc13 (Fedora Project, x86-01.phx2.fedoraproject.org, 01-27-2011-18:00:10)
18:14:52.086: 17551: debug : virInitialize:361 : register drivers
Thus when distro packagers receive bug reports they can clearly
see what version was in use, even if the bug reporter mistakenly
or intentionally lies about version/builds
* src/util/logging.c: Output version data prior to first log message
* libvirt.spec.in: Include RPM release, date, hostname & packager
* configure.ac: Add --with-packager & --with-packager-version args
2011-01-28 02:11:16 +08:00
|
|
|
|
2011-12-06 01:22:10 +08:00
|
|
|
%if 0%{?enable_autotools}
|
|
|
|
autoreconf -if
|
|
|
|
%endif
|
2008-06-13 00:10:50 +08:00
|
|
|
%configure %{?_without_xen} \
|
|
|
|
%{?_without_qemu} \
|
2008-08-21 17:28:54 +08:00
|
|
|
%{?_without_openvz} \
|
|
|
|
%{?_without_lxc} \
|
2009-07-29 00:59:34 +08:00
|
|
|
%{?_without_vbox} \
|
2010-10-15 01:46:41 +08:00
|
|
|
%{?_without_xenapi} \
|
2008-09-17 22:09:13 +08:00
|
|
|
%{?_without_sasl} \
|
|
|
|
%{?_without_avahi} \
|
|
|
|
%{?_without_polkit} \
|
|
|
|
%{?_without_python} \
|
|
|
|
%{?_without_libvirtd} \
|
2008-11-21 18:09:08 +08:00
|
|
|
%{?_without_uml} \
|
2009-07-24 22:26:54 +08:00
|
|
|
%{?_without_phyp} \
|
2009-09-16 23:02:38 +08:00
|
|
|
%{?_without_esx} \
|
2011-07-13 22:05:18 +08:00
|
|
|
%{?_without_hyperv} \
|
2010-12-22 01:13:50 +08:00
|
|
|
%{?_without_vmware} \
|
2009-01-21 06:36:10 +08:00
|
|
|
%{?_without_network} \
|
2009-01-21 01:27:34 +08:00
|
|
|
%{?_with_rhel5_api} \
|
2009-03-31 20:45:07 +08:00
|
|
|
%{?_without_storage_fs} \
|
|
|
|
%{?_without_storage_lvm} \
|
|
|
|
%{?_without_storage_iscsi} \
|
|
|
|
%{?_without_storage_disk} \
|
2009-09-08 22:07:54 +08:00
|
|
|
%{?_without_storage_mpath} \
|
2009-03-31 20:45:07 +08:00
|
|
|
%{?_without_numactl} \
|
2009-07-29 00:35:32 +08:00
|
|
|
%{?_without_capng} \
|
2009-07-29 00:30:48 +08:00
|
|
|
%{?_without_netcf} \
|
2009-09-16 23:02:38 +08:00
|
|
|
%{?_without_selinux} \
|
|
|
|
%{?_without_hal} \
|
2009-11-20 23:45:46 +08:00
|
|
|
%{?_without_udev} \
|
2009-11-04 02:59:18 +08:00
|
|
|
%{?_without_yajl} \
|
2011-01-19 02:37:45 +08:00
|
|
|
%{?_without_sanlock} \
|
2010-05-06 00:20:28 +08:00
|
|
|
%{?_without_libpcap} \
|
2010-05-26 03:31:38 +08:00
|
|
|
%{?_without_macvtap} \
|
2010-09-15 21:44:11 +08:00
|
|
|
%{?_without_audit} \
|
Add dtrace static probes in libvirtd
Adds initial support for dtrace static probes in libvirtd
daemon, assuming use of systemtap dtrace compat shim on
Linux. The probes are inserted for network client connect,
disconnect, TLS handshake states and authentication protocol
states.
This can be tested by running the xample program and then
attempting to connect with any libvirt client (virsh,
virt-manager, etc).
# stap examples/systemtap/client.stp
Client fd=44 connected readonly=0
Client fd=44 auth polkit deny pid:24997,uid:500
Client fd=44 disconnected
Client fd=46 connected readonly=1
Client fd=46 auth sasl allow test
Client fd=46 disconnected
The libvirtd.stp file should also really not be required,
since it is duplicated info that is already available in
the main probes.d definition file. A script to autogenerate
the .stp file is needed, either in libvirtd tree, or better
as part of systemtap itself.
* Makefile.am: Add examples/systemtap subdir
* autobuild.sh: Disable dtrace for mingw32
* configure.ac: Add check for dtrace
* daemon/.gitignore: Ignore generated dtrace probe file
* daemon/Makefile.am: Build dtrace probe header & object
files
* daemon/libvirtd.stp: SystemTAP convenience probeset
* daemon/libvirtd.c: Add connect/disconnect & TLS probes
* daemon/remote.c: Add SASL and PolicyKit auth probes
* daemon/probes.d: Master probe definition
* daemon/libvirtd.h: Add convenience macro for probes
so that compilation is a no-op when dtrace is not available
* examples/systemtap/Makefile.am, examples/systemtap/client.stp
Example systemtap script using dtrace probe markers
* libvirt.spec.in: Enable dtrace on F13/RHEL6
* mingw32-libvirt.spec.in: Force disable dtrace
2010-09-15 00:30:32 +08:00
|
|
|
%{?_without_dtrace} \
|
Imprint all logs with version + package build information
The logging functions are enhanced so that immediately prior to
the first log message being printed to any output channel, the
libvirt package version will be printed.
eg
$ LIBVIRT_DEBUG=1 virsh
18:13:28.013: 17536: info : libvirt version: 0.8.7
18:13:28.013: 17536: debug : virInitialize:361 : register drivers
...
The 'configure' script gains two new arguments which can be
used as
--with-packager="Fedora Project, x86-01.phx2.fedoraproject.org, 01-27-2011-18:00:10"
--with-packager-version="1.fc14"
to allow distros to append a custom string with package specific
data.
The RPM specfile is modified so that it appends the RPM version,
the build host, the build date and the packager name.
eg
$ LIBVIRT_DEBUG=1 virsh
18:14:52.086: 17551: info : libvirt version: 0.8.7, package: 1.fc13 (Fedora Project, x86-01.phx2.fedoraproject.org, 01-27-2011-18:00:10)
18:14:52.086: 17551: debug : virInitialize:361 : register drivers
Thus when distro packagers receive bug reports they can clearly
see what version was in use, even if the bug reporter mistakenly
or intentionally lies about version/builds
* src/util/logging.c: Output version data prior to first log message
* libvirt.spec.in: Include RPM release, date, hostname & packager
* configure.ac: Add --with-packager & --with-packager-version args
2011-01-28 02:11:16 +08:00
|
|
|
%{with_packager} \
|
|
|
|
%{with_packager_version} \
|
2009-07-16 05:25:01 +08:00
|
|
|
--with-qemu-user=%{qemu_user} \
|
|
|
|
--with-qemu-group=%{qemu_group} \
|
2011-07-07 21:45:07 +08:00
|
|
|
%{init_scripts} \
|
2009-07-16 23:28:41 +08:00
|
|
|
--with-remote-pid-file=%{_localstatedir}/run/libvirtd.pid
|
2008-08-28 17:08:44 +08:00
|
|
|
make %{?_smp_mflags}
|
2009-07-21 17:16:15 +08:00
|
|
|
gzip -9 ChangeLog
|
2005-11-02 23:37:34 +08:00
|
|
|
|
|
|
|
%install
|
|
|
|
rm -fr %{buildroot}
|
|
|
|
|
2011-12-08 21:29:22 +08:00
|
|
|
%makeinstall SYSTEMD_UNIT_DIR=%{buildroot}%{_unitdir}
|
Add dtrace static probes in libvirtd
Adds initial support for dtrace static probes in libvirtd
daemon, assuming use of systemtap dtrace compat shim on
Linux. The probes are inserted for network client connect,
disconnect, TLS handshake states and authentication protocol
states.
This can be tested by running the xample program and then
attempting to connect with any libvirt client (virsh,
virt-manager, etc).
# stap examples/systemtap/client.stp
Client fd=44 connected readonly=0
Client fd=44 auth polkit deny pid:24997,uid:500
Client fd=44 disconnected
Client fd=46 connected readonly=1
Client fd=46 auth sasl allow test
Client fd=46 disconnected
The libvirtd.stp file should also really not be required,
since it is duplicated info that is already available in
the main probes.d definition file. A script to autogenerate
the .stp file is needed, either in libvirtd tree, or better
as part of systemtap itself.
* Makefile.am: Add examples/systemtap subdir
* autobuild.sh: Disable dtrace for mingw32
* configure.ac: Add check for dtrace
* daemon/.gitignore: Ignore generated dtrace probe file
* daemon/Makefile.am: Build dtrace probe header & object
files
* daemon/libvirtd.stp: SystemTAP convenience probeset
* daemon/libvirtd.c: Add connect/disconnect & TLS probes
* daemon/remote.c: Add SASL and PolicyKit auth probes
* daemon/probes.d: Master probe definition
* daemon/libvirtd.h: Add convenience macro for probes
so that compilation is a no-op when dtrace is not available
* examples/systemtap/Makefile.am, examples/systemtap/client.stp
Example systemtap script using dtrace probe markers
* libvirt.spec.in: Enable dtrace on F13/RHEL6
* mingw32-libvirt.spec.in: Force disable dtrace
2010-09-15 00:30:32 +08:00
|
|
|
for i in domain-events/events-c dominfo domsuspend hellolibvirt openauth python xml/nwfilter systemtap
|
2009-09-16 20:07:48 +08:00
|
|
|
do
|
|
|
|
(cd examples/$i ; make clean ; rm -rf .deps .libs Makefile Makefile.in)
|
|
|
|
done
|
2005-11-02 23:37:34 +08:00
|
|
|
rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
|
2005-12-16 21:27:23 +08:00
|
|
|
rm -f $RPM_BUILD_ROOT%{_libdir}/*.a
|
2005-12-20 00:34:11 +08:00
|
|
|
rm -f $RPM_BUILD_ROOT%{_libdir}/python*/site-packages/*.la
|
|
|
|
rm -f $RPM_BUILD_ROOT%{_libdir}/python*/site-packages/*.a
|
2011-01-19 02:37:45 +08:00
|
|
|
rm -f $RPM_BUILD_ROOT%{_libdir}/libvirt/lock-driver/*.la
|
|
|
|
rm -f $RPM_BUILD_ROOT%{_libdir}/libvirt/lock-driver/*.a
|
2007-03-16 01:51:11 +08:00
|
|
|
|
2009-09-16 23:02:38 +08:00
|
|
|
%if %{with_network}
|
2010-04-28 21:38:47 +08:00
|
|
|
install -d -m 0755 $RPM_BUILD_ROOT%{_datadir}/lib/libvirt/dnsmasq/
|
2007-03-16 01:51:11 +08:00
|
|
|
# We don't want to install /etc/libvirt/qemu/networks in the main %files list
|
|
|
|
# because if the admin wants to delete the default network completely, we don't
|
|
|
|
# want to end up re-incarnating it on every RPM upgrade.
|
|
|
|
install -d -m 0755 $RPM_BUILD_ROOT%{_datadir}/libvirt/networks/
|
|
|
|
cp $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/qemu/networks/default.xml \
|
|
|
|
$RPM_BUILD_ROOT%{_datadir}/libvirt/networks/default.xml
|
|
|
|
rm -f $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/qemu/networks/default.xml
|
|
|
|
rm -f $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/qemu/networks/autostart/default.xml
|
2007-03-13 00:32:43 +08:00
|
|
|
# Strip auto-generated UUID - we need it generated per-install
|
2007-03-16 01:51:11 +08:00
|
|
|
sed -i -e "/<uuid>/d" $RPM_BUILD_ROOT%{_datadir}/libvirt/networks/default.xml
|
2008-11-26 22:46:49 +08:00
|
|
|
%else
|
|
|
|
rm -f $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/qemu/networks/default.xml
|
|
|
|
rm -f $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/qemu/networks/autostart/default.xml
|
2009-09-16 23:02:38 +08:00
|
|
|
%endif
|
|
|
|
%if ! %{with_qemu}
|
2008-11-26 22:46:49 +08:00
|
|
|
rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/libvirtd_qemu.aug
|
|
|
|
rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/tests/test_libvirtd_qemu.aug
|
2008-09-17 22:09:13 +08:00
|
|
|
%endif
|
2006-09-21 23:24:37 +08:00
|
|
|
%find_lang %{name}
|
2005-11-02 23:37:34 +08:00
|
|
|
|
2009-10-09 00:06:40 +08:00
|
|
|
%if ! %{with_lxc}
|
|
|
|
rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/libvirtd_lxc.aug
|
|
|
|
rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/tests/test_libvirtd_lxc.aug
|
2009-10-13 22:18:45 +08:00
|
|
|
%endif
|
2009-10-09 00:06:40 +08:00
|
|
|
|
2008-09-17 22:09:13 +08:00
|
|
|
%if ! %{with_python}
|
|
|
|
rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/libvirt-python-%{version}
|
|
|
|
%endif
|
|
|
|
|
2009-09-16 23:02:38 +08:00
|
|
|
%if %{client_only}
|
|
|
|
rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/libvirt-%{version}
|
|
|
|
%endif
|
|
|
|
|
2010-05-04 22:13:55 +08:00
|
|
|
%if ! %{with_libvirtd}
|
|
|
|
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/nwfilter
|
2010-12-24 14:21:48 +08:00
|
|
|
mv $RPM_BUILD_ROOT%{_datadir}/doc/libvirt-%{version}/html \
|
|
|
|
$RPM_BUILD_ROOT%{_datadir}/doc/libvirt-devel-%{version}/
|
2010-05-04 22:13:55 +08:00
|
|
|
%endif
|
|
|
|
|
2008-09-17 22:09:13 +08:00
|
|
|
%if ! %{with_qemu}
|
|
|
|
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/qemu.conf
|
2010-03-18 20:50:08 +08:00
|
|
|
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/libvirtd.qemu
|
2008-09-17 22:09:13 +08:00
|
|
|
%endif
|
2009-10-08 23:40:14 +08:00
|
|
|
%if ! %{with_lxc}
|
|
|
|
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/lxc.conf
|
2010-04-13 16:40:21 +08:00
|
|
|
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/libvirtd.lxc
|
2010-03-18 20:50:08 +08:00
|
|
|
%endif
|
|
|
|
%if ! %{with_uml}
|
|
|
|
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/libvirtd.uml
|
2009-10-08 23:40:14 +08:00
|
|
|
%endif
|
2008-09-17 22:09:13 +08:00
|
|
|
|
2005-11-02 23:37:34 +08:00
|
|
|
%clean
|
|
|
|
rm -fr %{buildroot}
|
|
|
|
|
2010-04-13 02:39:00 +08:00
|
|
|
%check
|
|
|
|
cd tests
|
|
|
|
# These 3 tests don't current work in a mock build root
|
|
|
|
for i in nodeinfotest daemon-conf seclabeltest
|
|
|
|
do
|
|
|
|
rm -f $i
|
2010-05-27 05:06:09 +08:00
|
|
|
printf "#!/bin/sh\nexit 0\n" > $i
|
2010-04-13 02:39:00 +08:00
|
|
|
chmod +x $i
|
|
|
|
done
|
|
|
|
make check
|
|
|
|
|
2009-07-30 19:26:58 +08:00
|
|
|
%pre
|
2009-09-16 23:02:38 +08:00
|
|
|
%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
|
2009-07-30 19:26:58 +08:00
|
|
|
# Normally 'setup' adds this in /etc/passwd, but this is
|
2009-09-16 23:02:38 +08:00
|
|
|
# here for case of upgrades from earlier Fedora/RHEL. This
|
2009-07-30 19:26:58 +08:00
|
|
|
# UID/GID pair is reserved for qemu:qemu
|
|
|
|
getent group kvm >/dev/null || groupadd -g 36 -r kvm
|
|
|
|
getent group qemu >/dev/null || groupadd -g 107 -r qemu
|
|
|
|
getent passwd qemu >/dev/null || \
|
|
|
|
useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \
|
|
|
|
-c "qemu user" qemu
|
|
|
|
%endif
|
|
|
|
|
2005-11-02 23:37:34 +08:00
|
|
|
%post
|
2007-03-16 01:51:11 +08:00
|
|
|
|
2008-09-17 22:09:13 +08:00
|
|
|
%if %{with_libvirtd}
|
2009-09-16 23:02:38 +08:00
|
|
|
%if %{with_network}
|
2007-03-16 01:51:11 +08:00
|
|
|
# We want to install the default network for initial RPM installs
|
|
|
|
# or on the first upgrade from a non-network aware libvirt only.
|
|
|
|
# We check this by looking to see if the daemon is already installed
|
2011-12-07 07:16:34 +08:00
|
|
|
if ! /sbin/chkconfig libvirtd && test ! -f %{_sysconfdir}/libvirt/qemu/networks/default.xml
|
2007-03-16 01:51:11 +08:00
|
|
|
then
|
2007-03-13 00:32:43 +08:00
|
|
|
UUID=`/usr/bin/uuidgen`
|
2007-03-16 01:51:11 +08:00
|
|
|
sed -e "s,</name>,</name>\n <uuid>$UUID</uuid>," \
|
|
|
|
< %{_datadir}/libvirt/networks/default.xml \
|
|
|
|
> %{_sysconfdir}/libvirt/qemu/networks/default.xml
|
|
|
|
ln -s ../default.xml %{_sysconfdir}/libvirt/qemu/networks/autostart/default.xml
|
2007-03-13 00:32:43 +08:00
|
|
|
fi
|
Give each virtual network bridge its own fixed MAC address
This fixes https://bugzilla.redhat.com/show_bug.cgi?id=609463
The problem was that, since a bridge always acquires the MAC address
of the connected interface with the numerically lowest MAC, as guests
are started and stopped, it was possible for the MAC address to change
over time, and this change in the network was being detected by
Windows 7 (it sees the MAC of the default route change), so on each
reboot it would bring up a dialog box asking about this "new network".
The solution is to create a dummy tap interface with a MAC guaranteed
to be lower than any guest interface's MAC, and attach that tap to the
bridge as soon as it's created. Since all guest MAC addresses start
with 0xFE, we can just generate a MAC with the standard "0x52, 0x54,
0" prefix, and it's guaranteed to always win (physical interfaces are
never connected to these bridges, so we don't need to worry about
competing numerically with them).
Note that the dummy tap is never set to IFF_UP state - that's not
necessary in order for the bridge to take its MAC, and not setting it
to UP eliminates the clutter of having an (eg) "virbr0-nic" displayed
in the output of the ifconfig command.
I chose to not auto-generate the MAC address in the network XML
parser, as there are likely to be consumers of that API that don't
need or want to have a MAC address associated with the
bridge.
Instead, in bridge_driver.c when the network is being defined, if
there is no MAC, one is generated. To account for virtual network
configs that already exist when upgrading from an older version of
libvirt, I've added a %post script to the specfile that searches for
all network definitions in both the config directory
(/etc/libvirt/qemu/networks) and the state directory
(/var/lib/libvirt/network) that are missing a mac address, generates a
random address, and adds it to the config (and a matching address to
the state file, if there is one).
docs/formatnetwork.html.in: document <mac address.../>
docs/schemas/network.rng: add nac address to schema
libvirt.spec.in: %post script to update existing networks
src/conf/network_conf.[ch]: parse and format <mac address.../>
src/libvirt_private.syms: export a couple private symbols we need
src/network/bridge_driver.c:
auto-generate mac address when needed,
create dummy interface if mac address is present.
tests/networkxml2xmlin/isolated-network.xml
tests/networkxml2xmlin/routed-network.xml
tests/networkxml2xmlout/isolated-network.xml
tests/networkxml2xmlout/routed-network.xml: add mac address to some tests
2011-02-09 16:28:12 +08:00
|
|
|
|
|
|
|
# All newly defined networks will have a mac address for the bridge
|
|
|
|
# auto-generated, but networks already existing at the time of upgrade
|
|
|
|
# will not. We need to go through all the network configs, look for
|
|
|
|
# those that don't have a mac address, and add one.
|
|
|
|
|
|
|
|
network_files=$( (cd %{_localstatedir}/lib/libvirt/network && \
|
|
|
|
grep -L "mac address" *.xml; \
|
|
|
|
cd %{_sysconfdir}/libvirt/qemu/networks && \
|
|
|
|
grep -L "mac address" *.xml) 2>/dev/null \
|
|
|
|
| sort -u)
|
|
|
|
|
|
|
|
for file in $network_files
|
|
|
|
do
|
|
|
|
# each file exists in either the config or state directory (or both) and
|
|
|
|
# does not have a mac address specified in either. We add the same mac
|
|
|
|
# address to both files (or just one, if the other isn't there)
|
|
|
|
|
|
|
|
mac4=`printf '%X' $(($RANDOM % 256))`
|
|
|
|
mac5=`printf '%X' $(($RANDOM % 256))`
|
|
|
|
mac6=`printf '%X' $(($RANDOM % 256))`
|
|
|
|
for dir in %{_localstatedir}/lib/libvirt/network \
|
|
|
|
%{_sysconfdir}/libvirt/qemu/networks
|
|
|
|
do
|
|
|
|
if test -f $dir/$file
|
|
|
|
then
|
|
|
|
sed -i.orig -e \
|
|
|
|
"s|\(<bridge.*$\)|\0\n <mac address='52:54:00:$mac4:$mac5:$mac6'/>|" \
|
|
|
|
$dir/$file
|
|
|
|
if test $? != 0
|
|
|
|
then
|
|
|
|
echo "failed to add <mac address='52:54:00:$mac4:$mac5:$mac6'/>" \
|
|
|
|
"to $dir/$file"
|
|
|
|
mv -f $dir/$file.orig $dir/$file
|
|
|
|
else
|
|
|
|
rm -f $dir/$file.orig
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
done
|
2008-11-26 22:46:49 +08:00
|
|
|
%endif
|
2007-02-23 23:53:56 +08:00
|
|
|
|
2011-07-07 21:45:07 +08:00
|
|
|
%if %{with_systemd}
|
|
|
|
if [ $1 -eq 1 ] ; then
|
|
|
|
# Initial installation
|
|
|
|
/bin/systemctl enable libvirtd.service >/dev/null 2>&1 || :
|
|
|
|
/bin/systemctl enable cgconfig.service >/dev/null 2>&1 || :
|
|
|
|
fi
|
|
|
|
%else
|
2010-12-23 16:44:19 +08:00
|
|
|
%if %{with_cgconfig}
|
2011-09-27 04:28:47 +08:00
|
|
|
# Starting with Fedora 16, systemd automounts all cgroups, and cgconfig is
|
2011-09-17 06:40:25 +08:00
|
|
|
# no longer a necessary service.
|
2011-12-09 04:32:37 +08:00
|
|
|
%if 0%{?rhel} || (0%{?fedora} && 0%{?fedora} < 16)
|
2010-12-23 16:44:19 +08:00
|
|
|
if [ "$1" -eq "1" ]; then
|
|
|
|
/sbin/chkconfig cgconfig on
|
|
|
|
fi
|
|
|
|
%endif
|
2011-09-17 06:40:25 +08:00
|
|
|
%endif
|
2010-12-23 16:44:19 +08:00
|
|
|
|
2007-03-16 01:51:11 +08:00
|
|
|
/sbin/chkconfig --add libvirtd
|
2009-09-11 21:05:20 +08:00
|
|
|
if [ "$1" -ge "1" ]; then
|
|
|
|
/sbin/service libvirtd condrestart > /dev/null 2>&1
|
|
|
|
fi
|
2008-09-17 22:09:13 +08:00
|
|
|
%endif
|
2011-07-07 21:45:07 +08:00
|
|
|
%endif
|
2007-03-16 01:51:11 +08:00
|
|
|
|
2007-02-23 23:53:56 +08:00
|
|
|
%preun
|
2008-09-17 22:09:13 +08:00
|
|
|
%if %{with_libvirtd}
|
2011-07-07 21:45:07 +08:00
|
|
|
%if %{with_systemd}
|
|
|
|
if [ $1 -eq 0 ] ; then
|
|
|
|
# Package removal, not upgrade
|
|
|
|
/bin/systemctl --no-reload disable libvirtd.service > /dev/null 2>&1 || :
|
|
|
|
/bin/systemctl stop libvirtd.service > /dev/null 2>&1 || :
|
|
|
|
fi
|
|
|
|
%else
|
2007-02-23 23:53:56 +08:00
|
|
|
if [ $1 = 0 ]; then
|
|
|
|
/sbin/service libvirtd stop 1>/dev/null 2>&1
|
|
|
|
/sbin/chkconfig --del libvirtd
|
|
|
|
fi
|
2008-09-17 22:09:13 +08:00
|
|
|
%endif
|
2011-07-07 21:45:07 +08:00
|
|
|
%endif
|
|
|
|
|
|
|
|
%postun
|
|
|
|
%if %{with_libvirtd}
|
|
|
|
%if %{with_systemd}
|
|
|
|
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
|
|
|
|
if [ $1 -ge 1 ] ; then
|
|
|
|
# Package upgrade, not uninstall
|
|
|
|
/bin/systemctl try-restart libvirtd.service >/dev/null 2>&1 || :
|
|
|
|
fi
|
|
|
|
%endif
|
|
|
|
%endif
|
|
|
|
|
|
|
|
%if %{with_libvirtd}
|
|
|
|
%if %{with_systemd}
|
|
|
|
%triggerun -- libvirt < 0.9.4
|
|
|
|
%{_bindir}/systemd-sysv-convert --save libvirtd >/dev/null 2>&1 ||:
|
|
|
|
|
|
|
|
# If the package is allowed to autostart:
|
|
|
|
/bin/systemctl --no-reload enable libvirtd.service >/dev/null 2>&1 ||:
|
|
|
|
|
|
|
|
# Run these because the SysV package being removed won't do them
|
|
|
|
/sbin/chkconfig --del libvirtd >/dev/null 2>&1 || :
|
|
|
|
/bin/systemctl try-restart libvirtd.service >/dev/null 2>&1 || :
|
|
|
|
%endif
|
|
|
|
%endif
|
2005-11-02 23:37:34 +08:00
|
|
|
|
2010-05-27 20:47:11 +08:00
|
|
|
%preun client
|
|
|
|
|
2011-07-07 21:45:07 +08:00
|
|
|
%if %{with_systemd}
|
|
|
|
%else
|
2010-05-27 20:47:11 +08:00
|
|
|
if [ $1 = 0 ]; then
|
|
|
|
/sbin/chkconfig --del libvirt-guests
|
|
|
|
rm -f /var/lib/libvirt/libvirt-guests
|
|
|
|
fi
|
2011-07-07 21:45:07 +08:00
|
|
|
%endif
|
2010-05-27 20:47:11 +08:00
|
|
|
|
|
|
|
%post client
|
|
|
|
|
|
|
|
/sbin/ldconfig
|
2011-07-07 21:45:07 +08:00
|
|
|
%if %{with_systemd}
|
|
|
|
%else
|
2010-05-27 20:47:11 +08:00
|
|
|
/sbin/chkconfig --add libvirt-guests
|
|
|
|
if [ $1 -ge 1 ]; then
|
2011-01-18 16:49:10 +08:00
|
|
|
level=$(/sbin/runlevel | /bin/cut -d ' ' -f 2)
|
2011-12-07 07:16:34 +08:00
|
|
|
if /sbin/chkconfig --levels $level libvirt-guests; then
|
2010-12-08 00:05:44 +08:00
|
|
|
# this doesn't do anything but allowing for libvirt-guests to be
|
|
|
|
# stopped on the first shutdown
|
|
|
|
/sbin/service libvirt-guests start > /dev/null 2>&1 || true
|
|
|
|
fi
|
2010-05-27 20:47:11 +08:00
|
|
|
fi
|
2011-07-07 21:45:07 +08:00
|
|
|
%endif
|
2009-07-29 16:55:43 +08:00
|
|
|
|
|
|
|
%postun client -p /sbin/ldconfig
|
2005-11-02 23:37:34 +08:00
|
|
|
|
2011-07-07 21:45:07 +08:00
|
|
|
%if %{with_systemd}
|
|
|
|
%triggerun client -- libvirt < 0.9.4
|
|
|
|
%{_bindir}/systemd-sysv-convert --save libvirt-guests >/dev/null 2>&1 ||:
|
|
|
|
|
|
|
|
# If the package is allowed to autostart:
|
|
|
|
/bin/systemctl --no-reload enable libvirt-guests.service >/dev/null 2>&1 ||:
|
|
|
|
|
|
|
|
# Run these because the SysV package being removed won't do them
|
|
|
|
/sbin/chkconfig --del libvirt-guests >/dev/null 2>&1 || :
|
|
|
|
/bin/systemctl try-restart libvirt-guests.service >/dev/null 2>&1 || :
|
|
|
|
%endif
|
|
|
|
|
2009-09-16 23:02:38 +08:00
|
|
|
%if %{with_libvirtd}
|
2009-07-21 17:16:15 +08:00
|
|
|
%files
|
2005-11-02 23:37:34 +08:00
|
|
|
%defattr(-, root, root)
|
|
|
|
|
2009-07-21 17:16:15 +08:00
|
|
|
%doc AUTHORS ChangeLog.gz NEWS README COPYING.LIB TODO
|
2007-03-13 00:32:43 +08:00
|
|
|
%dir %attr(0700, root, root) %{_sysconfdir}/libvirt/
|
2008-09-17 22:09:13 +08:00
|
|
|
|
2009-09-16 23:02:38 +08:00
|
|
|
%if %{with_network}
|
2007-03-13 00:32:43 +08:00
|
|
|
%dir %attr(0700, root, root) %{_sysconfdir}/libvirt/qemu/
|
|
|
|
%dir %attr(0700, root, root) %{_sysconfdir}/libvirt/qemu/networks/
|
2007-03-20 22:49:43 +08:00
|
|
|
%dir %attr(0700, root, root) %{_sysconfdir}/libvirt/qemu/networks/autostart
|
2008-09-17 22:09:13 +08:00
|
|
|
%endif
|
|
|
|
|
2010-03-31 16:20:22 +08:00
|
|
|
%dir %attr(0700, root, root) %{_sysconfdir}/libvirt/nwfilter/
|
|
|
|
%{_sysconfdir}/libvirt/nwfilter/*.xml
|
|
|
|
|
2007-02-23 23:53:56 +08:00
|
|
|
%{_sysconfdir}/rc.d/init.d/libvirtd
|
2011-07-07 21:45:07 +08:00
|
|
|
%if %{with_systemd}
|
|
|
|
%{_unitdir}/libvirtd.service
|
|
|
|
%endif
|
2011-02-19 02:45:49 +08:00
|
|
|
%doc daemon/libvirtd.upstart
|
2007-06-27 07:48:46 +08:00
|
|
|
%config(noreplace) %{_sysconfdir}/sysconfig/libvirtd
|
2007-10-13 03:54:15 +08:00
|
|
|
%config(noreplace) %{_sysconfdir}/libvirt/libvirtd.conf
|
2011-10-04 23:44:25 +08:00
|
|
|
%if 0%{?fedora} >= 14 || 0%{?rhel} >= 6
|
|
|
|
%config(noreplace) %{_sysconfdir}/sysctl.d/libvirtd
|
|
|
|
%else
|
|
|
|
rm -f $RPM_BUILD_ROOT%{_sysconfdir}/sysctl.d/libvirtd
|
|
|
|
%endif
|
Add dtrace static probes in libvirtd
Adds initial support for dtrace static probes in libvirtd
daemon, assuming use of systemtap dtrace compat shim on
Linux. The probes are inserted for network client connect,
disconnect, TLS handshake states and authentication protocol
states.
This can be tested by running the xample program and then
attempting to connect with any libvirt client (virsh,
virt-manager, etc).
# stap examples/systemtap/client.stp
Client fd=44 connected readonly=0
Client fd=44 auth polkit deny pid:24997,uid:500
Client fd=44 disconnected
Client fd=46 connected readonly=1
Client fd=46 auth sasl allow test
Client fd=46 disconnected
The libvirtd.stp file should also really not be required,
since it is duplicated info that is already available in
the main probes.d definition file. A script to autogenerate
the .stp file is needed, either in libvirtd tree, or better
as part of systemtap itself.
* Makefile.am: Add examples/systemtap subdir
* autobuild.sh: Disable dtrace for mingw32
* configure.ac: Add check for dtrace
* daemon/.gitignore: Ignore generated dtrace probe file
* daemon/Makefile.am: Build dtrace probe header & object
files
* daemon/libvirtd.stp: SystemTAP convenience probeset
* daemon/libvirtd.c: Add connect/disconnect & TLS probes
* daemon/remote.c: Add SASL and PolicyKit auth probes
* daemon/probes.d: Master probe definition
* daemon/libvirtd.h: Add convenience macro for probes
so that compilation is a no-op when dtrace is not available
* examples/systemtap/Makefile.am, examples/systemtap/client.stp
Example systemtap script using dtrace probe markers
* libvirt.spec.in: Enable dtrace on F13/RHEL6
* mingw32-libvirt.spec.in: Force disable dtrace
2010-09-15 00:30:32 +08:00
|
|
|
%if %{with_dtrace}
|
2011-10-12 05:44:55 +08:00
|
|
|
%{_datadir}/systemtap/tapset/libvirt_probes.stp
|
|
|
|
%{_datadir}/systemtap/tapset/libvirt_functions.stp
|
Add dtrace static probes in libvirtd
Adds initial support for dtrace static probes in libvirtd
daemon, assuming use of systemtap dtrace compat shim on
Linux. The probes are inserted for network client connect,
disconnect, TLS handshake states and authentication protocol
states.
This can be tested by running the xample program and then
attempting to connect with any libvirt client (virsh,
virt-manager, etc).
# stap examples/systemtap/client.stp
Client fd=44 connected readonly=0
Client fd=44 auth polkit deny pid:24997,uid:500
Client fd=44 disconnected
Client fd=46 connected readonly=1
Client fd=46 auth sasl allow test
Client fd=46 disconnected
The libvirtd.stp file should also really not be required,
since it is duplicated info that is already available in
the main probes.d definition file. A script to autogenerate
the .stp file is needed, either in libvirtd tree, or better
as part of systemtap itself.
* Makefile.am: Add examples/systemtap subdir
* autobuild.sh: Disable dtrace for mingw32
* configure.ac: Add check for dtrace
* daemon/.gitignore: Ignore generated dtrace probe file
* daemon/Makefile.am: Build dtrace probe header & object
files
* daemon/libvirtd.stp: SystemTAP convenience probeset
* daemon/libvirtd.c: Add connect/disconnect & TLS probes
* daemon/remote.c: Add SASL and PolicyKit auth probes
* daemon/probes.d: Master probe definition
* daemon/libvirtd.h: Add convenience macro for probes
so that compilation is a no-op when dtrace is not available
* examples/systemtap/Makefile.am, examples/systemtap/client.stp
Example systemtap script using dtrace probe markers
* libvirt.spec.in: Enable dtrace on F13/RHEL6
* mingw32-libvirt.spec.in: Force disable dtrace
2010-09-15 00:30:32 +08:00
|
|
|
%endif
|
2009-10-06 19:33:17 +08:00
|
|
|
%dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/qemu/
|
|
|
|
%dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/lxc/
|
|
|
|
%dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/uml/
|
2011-02-11 06:42:34 +08:00
|
|
|
%if %{with_libxl}
|
|
|
|
%dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/libxl/
|
|
|
|
%endif
|
2008-09-17 22:09:13 +08:00
|
|
|
|
2011-03-03 15:26:22 +08:00
|
|
|
%config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd
|
2008-09-17 22:09:13 +08:00
|
|
|
%if %{with_qemu}
|
2007-10-13 03:54:15 +08:00
|
|
|
%config(noreplace) %{_sysconfdir}/libvirt/qemu.conf
|
2010-03-04 22:17:08 +08:00
|
|
|
%config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd.qemu
|
2008-09-17 22:09:13 +08:00
|
|
|
%endif
|
2009-10-08 23:40:14 +08:00
|
|
|
%if %{with_lxc}
|
|
|
|
%config(noreplace) %{_sysconfdir}/libvirt/lxc.conf
|
2010-03-04 22:17:08 +08:00
|
|
|
%config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd.lxc
|
|
|
|
%endif
|
|
|
|
%if %{with_uml}
|
|
|
|
%config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd.uml
|
2009-10-08 23:40:14 +08:00
|
|
|
%endif
|
2008-09-17 22:09:13 +08:00
|
|
|
|
2007-03-16 01:51:11 +08:00
|
|
|
%dir %{_datadir}/libvirt/
|
2009-09-16 23:02:38 +08:00
|
|
|
|
|
|
|
%if %{with_network}
|
2007-03-16 01:51:11 +08:00
|
|
|
%dir %{_datadir}/libvirt/networks/
|
|
|
|
%{_datadir}/libvirt/networks/default.xml
|
2008-09-17 22:09:13 +08:00
|
|
|
%endif
|
|
|
|
|
spec: mark directories in /var/run as ghosts
We have several directories that are created on the fly, and which
only contain state relevant to a running libvirtd process (all
located in /var/run). Since the directories are created as needed,
and make no sense without a running libvirtd, we want them deleted
if libvirt is uninstalled. And in F15 and newer, /var/run is on
tmpfs (forcing us to recreate on the fly); which means that someone
trying to verify a complete rpm will fail if the directory does not
currently exist because libvirtd has not been started since boot.
The solution, then, is to mark the directories as %ghost, so that
rpm knows that we own them and will clean it up if libvirt is
uninstalled, but will no longer create the directory for us at
install, nor complain at verify time if the directory does not exist.
See https://bugzilla.redhat.com/show_bug.cgi?id=656611.
* libvirt.spec.in (%files): Add %ghost to temporary directories
that we don't install, but want cleaned up on libvirt removal.
2011-12-01 06:34:42 +08:00
|
|
|
%ghost %dir %{_localstatedir}/run/libvirt/
|
2009-01-21 06:36:10 +08:00
|
|
|
|
2009-07-31 16:49:08 +08:00
|
|
|
%dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/images/
|
2011-11-01 19:21:21 +08:00
|
|
|
%dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/filesystems/
|
2009-08-06 22:20:36 +08:00
|
|
|
%dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/boot/
|
2011-05-20 23:18:11 +08:00
|
|
|
%dir %attr(0711, root, root) %{_localstatedir}/cache/libvirt/
|
2008-09-17 22:09:13 +08:00
|
|
|
|
|
|
|
%if %{with_qemu}
|
spec: mark directories in /var/run as ghosts
We have several directories that are created on the fly, and which
only contain state relevant to a running libvirtd process (all
located in /var/run). Since the directories are created as needed,
and make no sense without a running libvirtd, we want them deleted
if libvirt is uninstalled. And in F15 and newer, /var/run is on
tmpfs (forcing us to recreate on the fly); which means that someone
trying to verify a complete rpm will fail if the directory does not
currently exist because libvirtd has not been started since boot.
The solution, then, is to mark the directories as %ghost, so that
rpm knows that we own them and will clean it up if libvirt is
uninstalled, but will no longer create the directory for us at
install, nor complain at verify time if the directory does not exist.
See https://bugzilla.redhat.com/show_bug.cgi?id=656611.
* libvirt.spec.in (%files): Add %ghost to temporary directories
that we don't install, but want cleaned up on libvirt removal.
2011-12-01 06:34:42 +08:00
|
|
|
%ghost %dir %attr(0700, root, root) %{_localstatedir}/run/libvirt/qemu/
|
2010-10-19 00:21:15 +08:00
|
|
|
%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/
|
|
|
|
%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/cache/libvirt/qemu/
|
2009-01-21 06:36:10 +08:00
|
|
|
%endif
|
|
|
|
%if %{with_lxc}
|
spec: mark directories in /var/run as ghosts
We have several directories that are created on the fly, and which
only contain state relevant to a running libvirtd process (all
located in /var/run). Since the directories are created as needed,
and make no sense without a running libvirtd, we want them deleted
if libvirt is uninstalled. And in F15 and newer, /var/run is on
tmpfs (forcing us to recreate on the fly); which means that someone
trying to verify a complete rpm will fail if the directory does not
currently exist because libvirtd has not been started since boot.
The solution, then, is to mark the directories as %ghost, so that
rpm knows that we own them and will clean it up if libvirt is
uninstalled, but will no longer create the directory for us at
install, nor complain at verify time if the directory does not exist.
See https://bugzilla.redhat.com/show_bug.cgi?id=656611.
* libvirt.spec.in (%files): Add %ghost to temporary directories
that we don't install, but want cleaned up on libvirt removal.
2011-12-01 06:34:42 +08:00
|
|
|
%ghost %dir %{_localstatedir}/run/libvirt/lxc/
|
2009-01-21 06:36:10 +08:00
|
|
|
%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/lxc/
|
|
|
|
%endif
|
|
|
|
%if %{with_uml}
|
spec: mark directories in /var/run as ghosts
We have several directories that are created on the fly, and which
only contain state relevant to a running libvirtd process (all
located in /var/run). Since the directories are created as needed,
and make no sense without a running libvirtd, we want them deleted
if libvirt is uninstalled. And in F15 and newer, /var/run is on
tmpfs (forcing us to recreate on the fly); which means that someone
trying to verify a complete rpm will fail if the directory does not
currently exist because libvirtd has not been started since boot.
The solution, then, is to mark the directories as %ghost, so that
rpm knows that we own them and will clean it up if libvirt is
uninstalled, but will no longer create the directory for us at
install, nor complain at verify time if the directory does not exist.
See https://bugzilla.redhat.com/show_bug.cgi?id=656611.
* libvirt.spec.in (%files): Add %ghost to temporary directories
that we don't install, but want cleaned up on libvirt removal.
2011-12-01 06:34:42 +08:00
|
|
|
%ghost %dir %{_localstatedir}/run/libvirt/uml/
|
2009-01-21 06:36:10 +08:00
|
|
|
%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/uml/
|
|
|
|
%endif
|
2011-02-11 06:42:34 +08:00
|
|
|
%if %{with_libxl}
|
spec: mark directories in /var/run as ghosts
We have several directories that are created on the fly, and which
only contain state relevant to a running libvirtd process (all
located in /var/run). Since the directories are created as needed,
and make no sense without a running libvirtd, we want them deleted
if libvirt is uninstalled. And in F15 and newer, /var/run is on
tmpfs (forcing us to recreate on the fly); which means that someone
trying to verify a complete rpm will fail if the directory does not
currently exist because libvirtd has not been started since boot.
The solution, then, is to mark the directories as %ghost, so that
rpm knows that we own them and will clean it up if libvirt is
uninstalled, but will no longer create the directory for us at
install, nor complain at verify time if the directory does not exist.
See https://bugzilla.redhat.com/show_bug.cgi?id=656611.
* libvirt.spec.in (%files): Add %ghost to temporary directories
that we don't install, but want cleaned up on libvirt removal.
2011-12-01 06:34:42 +08:00
|
|
|
%ghost %dir %{_localstatedir}/run/libvirt/libxl/
|
2011-02-11 06:42:34 +08:00
|
|
|
%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/libxl/
|
|
|
|
%endif
|
2009-01-21 06:36:10 +08:00
|
|
|
%if %{with_network}
|
spec: mark directories in /var/run as ghosts
We have several directories that are created on the fly, and which
only contain state relevant to a running libvirtd process (all
located in /var/run). Since the directories are created as needed,
and make no sense without a running libvirtd, we want them deleted
if libvirt is uninstalled. And in F15 and newer, /var/run is on
tmpfs (forcing us to recreate on the fly); which means that someone
trying to verify a complete rpm will fail if the directory does not
currently exist because libvirtd has not been started since boot.
The solution, then, is to mark the directories as %ghost, so that
rpm knows that we own them and will clean it up if libvirt is
uninstalled, but will no longer create the directory for us at
install, nor complain at verify time if the directory does not exist.
See https://bugzilla.redhat.com/show_bug.cgi?id=656611.
* libvirt.spec.in (%files): Add %ghost to temporary directories
that we don't install, but want cleaned up on libvirt removal.
2011-12-01 06:34:42 +08:00
|
|
|
%ghost %dir %{_localstatedir}/run/libvirt/network/
|
2009-01-21 06:36:10 +08:00
|
|
|
%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/network/
|
2010-04-28 21:38:47 +08:00
|
|
|
%dir %attr(0755, root, root) %{_localstatedir}/lib/libvirt/dnsmasq/
|
2009-01-21 06:36:10 +08:00
|
|
|
%endif
|
|
|
|
|
|
|
|
%if %{with_qemu}
|
2008-09-04 18:44:23 +08:00
|
|
|
%{_datadir}/augeas/lenses/libvirtd_qemu.aug
|
|
|
|
%{_datadir}/augeas/lenses/tests/test_libvirtd_qemu.aug
|
2008-09-17 22:09:13 +08:00
|
|
|
%endif
|
|
|
|
|
2009-10-09 00:06:40 +08:00
|
|
|
%if %{with_lxc}
|
|
|
|
%{_datadir}/augeas/lenses/libvirtd_lxc.aug
|
|
|
|
%{_datadir}/augeas/lenses/tests/test_libvirtd_lxc.aug
|
|
|
|
%endif
|
|
|
|
|
2008-09-17 22:09:13 +08:00
|
|
|
%{_datadir}/augeas/lenses/libvirtd.aug
|
|
|
|
%{_datadir}/augeas/lenses/tests/test_libvirtd.aug
|
|
|
|
|
2007-12-06 23:35:54 +08:00
|
|
|
%if %{with_polkit}
|
2009-09-16 23:02:38 +08:00
|
|
|
%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
|
2009-08-06 20:54:08 +08:00
|
|
|
%{_datadir}/polkit-1/actions/org.libvirt.unix.policy
|
|
|
|
%else
|
2008-07-11 17:51:25 +08:00
|
|
|
%{_datadir}/PolicyKit/policy/org.libvirt.unix.policy
|
2007-12-06 23:35:54 +08:00
|
|
|
%endif
|
2009-08-06 20:54:08 +08:00
|
|
|
%endif
|
2008-09-17 22:09:13 +08:00
|
|
|
|
2009-07-29 02:07:51 +08:00
|
|
|
%dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/
|
2008-09-17 22:09:13 +08:00
|
|
|
|
2008-08-21 17:28:54 +08:00
|
|
|
%if %{with_lxc}
|
|
|
|
%attr(0755, root, root) %{_libexecdir}/libvirt_lxc
|
|
|
|
%endif
|
2008-09-17 22:09:13 +08:00
|
|
|
|
2011-06-26 17:39:14 +08:00
|
|
|
%if %{with_storage_disk}
|
2008-09-17 22:09:13 +08:00
|
|
|
%attr(0755, root, root) %{_libexecdir}/libvirt_parthelper
|
2011-06-26 17:39:14 +08:00
|
|
|
%endif
|
|
|
|
|
2011-03-30 08:54:23 +08:00
|
|
|
%attr(0755, root, root) %{_libexecdir}/libvirt_iohelper
|
2007-06-27 07:04:49 +08:00
|
|
|
%attr(0755, root, root) %{_sbindir}/libvirtd
|
2008-09-17 22:09:13 +08:00
|
|
|
|
2010-07-13 03:33:35 +08:00
|
|
|
%{_mandir}/man8/libvirtd.8*
|
|
|
|
|
2007-08-21 22:59:47 +08:00
|
|
|
%doc docs/*.xml
|
2009-09-16 23:02:38 +08:00
|
|
|
%endif
|
2005-11-02 23:37:34 +08:00
|
|
|
|
2011-01-19 02:37:45 +08:00
|
|
|
%if %{with_sanlock}
|
|
|
|
%files lock-sanlock
|
|
|
|
%defattr(-, root, root)
|
2011-07-11 15:57:01 +08:00
|
|
|
%if %{with_qemu}
|
2011-06-14 16:20:49 +08:00
|
|
|
%config(noreplace) %{_sysconfdir}/libvirt/qemu-sanlock.conf
|
2011-07-11 15:57:01 +08:00
|
|
|
%endif
|
2011-01-19 02:37:45 +08:00
|
|
|
%attr(0755, root, root) %{_libdir}/libvirt/lock-driver/sanlock.so
|
2011-06-14 16:20:49 +08:00
|
|
|
%{_datadir}/augeas/lenses/libvirt_sanlock.aug
|
|
|
|
%{_datadir}/augeas/lenses/tests/test_libvirt_sanlock.aug
|
2011-07-22 16:38:46 +08:00
|
|
|
%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/sanlock
|
2011-06-14 16:29:00 +08:00
|
|
|
%{_sbindir}/virt-sanlock-cleanup
|
|
|
|
%{_mandir}/man8/virt-sanlock-cleanup.8*
|
2011-01-19 02:37:45 +08:00
|
|
|
%endif
|
|
|
|
|
2009-07-21 17:16:15 +08:00
|
|
|
%files client -f %{name}.lang
|
|
|
|
%defattr(-, root, root)
|
|
|
|
%doc AUTHORS ChangeLog.gz NEWS README COPYING.LIB TODO
|
|
|
|
|
2011-10-13 18:49:45 +08:00
|
|
|
%config(noreplace) %{_sysconfdir}/libvirt/libvirt.conf
|
2009-07-21 17:16:15 +08:00
|
|
|
%{_mandir}/man1/virsh.1*
|
|
|
|
%{_mandir}/man1/virt-xml-validate.1*
|
2009-09-16 21:42:57 +08:00
|
|
|
%{_mandir}/man1/virt-pki-validate.1*
|
2012-01-11 01:31:21 +08:00
|
|
|
%{_mandir}/man1/virt-host-validate.1*
|
2009-07-21 17:16:15 +08:00
|
|
|
%{_bindir}/virsh
|
|
|
|
%{_bindir}/virt-xml-validate
|
2009-09-16 21:42:57 +08:00
|
|
|
%{_bindir}/virt-pki-validate
|
2012-01-11 01:31:21 +08:00
|
|
|
%{_bindir}/virt-host-validate
|
2009-07-21 17:16:15 +08:00
|
|
|
%{_libdir}/lib*.so.*
|
|
|
|
|
|
|
|
%dir %{_datadir}/libvirt/
|
|
|
|
%dir %{_datadir}/libvirt/schemas/
|
|
|
|
|
2011-08-13 09:33:15 +08:00
|
|
|
%{_datadir}/libvirt/schemas/basictypes.rng
|
|
|
|
%{_datadir}/libvirt/schemas/capability.rng
|
2009-07-21 17:16:15 +08:00
|
|
|
%{_datadir}/libvirt/schemas/domain.rng
|
2011-08-13 09:33:15 +08:00
|
|
|
%{_datadir}/libvirt/schemas/domaincommon.rng
|
2010-05-27 05:03:47 +08:00
|
|
|
%{_datadir}/libvirt/schemas/domainsnapshot.rng
|
2011-08-13 09:33:15 +08:00
|
|
|
%{_datadir}/libvirt/schemas/interface.rng
|
2009-07-21 17:16:15 +08:00
|
|
|
%{_datadir}/libvirt/schemas/network.rng
|
2011-08-13 09:33:15 +08:00
|
|
|
%{_datadir}/libvirt/schemas/networkcommon.rng
|
2009-07-21 17:16:15 +08:00
|
|
|
%{_datadir}/libvirt/schemas/nodedev.rng
|
2011-08-13 09:33:15 +08:00
|
|
|
%{_datadir}/libvirt/schemas/nwfilter.rng
|
2009-07-28 08:39:48 +08:00
|
|
|
%{_datadir}/libvirt/schemas/secret.rng
|
2009-08-20 03:50:10 +08:00
|
|
|
%{_datadir}/libvirt/schemas/storageencryption.rng
|
2011-08-13 09:33:15 +08:00
|
|
|
%{_datadir}/libvirt/schemas/storagepool.rng
|
|
|
|
%{_datadir}/libvirt/schemas/storagevol.rng
|
2009-07-21 17:16:15 +08:00
|
|
|
|
2009-12-23 21:28:42 +08:00
|
|
|
%{_datadir}/libvirt/cpu_map.xml
|
|
|
|
|
2010-05-14 21:37:55 +08:00
|
|
|
%{_sysconfdir}/rc.d/init.d/libvirt-guests
|
2011-07-07 21:45:07 +08:00
|
|
|
%if %{with_systemd}
|
|
|
|
%{_unitdir}/libvirt-guests.service
|
|
|
|
%endif
|
2010-05-14 21:37:55 +08:00
|
|
|
%config(noreplace) %{_sysconfdir}/sysconfig/libvirt-guests
|
2010-11-04 05:20:24 +08:00
|
|
|
%dir %attr(0755, root, root) %{_localstatedir}/lib/libvirt/
|
2010-05-14 21:37:55 +08:00
|
|
|
|
2009-07-21 17:16:15 +08:00
|
|
|
%if %{with_sasl}
|
|
|
|
%config(noreplace) %{_sysconfdir}/sasl2/libvirt.conf
|
|
|
|
%endif
|
|
|
|
|
2005-11-02 23:37:34 +08:00
|
|
|
%files devel
|
|
|
|
%defattr(-, root, root)
|
|
|
|
|
|
|
|
%{_libdir}/lib*.so
|
2007-03-28 16:48:52 +08:00
|
|
|
%dir %{_includedir}/libvirt
|
2006-02-10 01:45:11 +08:00
|
|
|
%{_includedir}/libvirt/*.h
|
|
|
|
%{_libdir}/pkgconfig/libvirt.pc
|
2009-05-06 21:27:54 +08:00
|
|
|
%dir %{_datadir}/gtk-doc/html/libvirt/
|
2006-02-22 18:54:54 +08:00
|
|
|
%doc %{_datadir}/gtk-doc/html/libvirt/*.devhelp
|
|
|
|
%doc %{_datadir}/gtk-doc/html/libvirt/*.html
|
|
|
|
%doc %{_datadir}/gtk-doc/html/libvirt/*.png
|
|
|
|
%doc %{_datadir}/gtk-doc/html/libvirt/*.css
|
2005-11-02 23:37:34 +08:00
|
|
|
|
2005-12-07 21:45:20 +08:00
|
|
|
%doc docs/*.html docs/html docs/*.gif
|
2006-02-10 01:45:11 +08:00
|
|
|
%doc docs/libvirt-api.xml
|
2009-09-16 20:07:48 +08:00
|
|
|
%doc examples/hellolibvirt
|
|
|
|
%doc examples/domain-events/events-c
|
|
|
|
%doc examples/dominfo
|
|
|
|
%doc examples/domsuspend
|
2010-07-06 20:59:50 +08:00
|
|
|
%doc examples/openauth
|
2009-09-17 02:02:59 +08:00
|
|
|
%doc examples/xml
|
Add dtrace static probes in libvirtd
Adds initial support for dtrace static probes in libvirtd
daemon, assuming use of systemtap dtrace compat shim on
Linux. The probes are inserted for network client connect,
disconnect, TLS handshake states and authentication protocol
states.
This can be tested by running the xample program and then
attempting to connect with any libvirt client (virsh,
virt-manager, etc).
# stap examples/systemtap/client.stp
Client fd=44 connected readonly=0
Client fd=44 auth polkit deny pid:24997,uid:500
Client fd=44 disconnected
Client fd=46 connected readonly=1
Client fd=46 auth sasl allow test
Client fd=46 disconnected
The libvirtd.stp file should also really not be required,
since it is duplicated info that is already available in
the main probes.d definition file. A script to autogenerate
the .stp file is needed, either in libvirtd tree, or better
as part of systemtap itself.
* Makefile.am: Add examples/systemtap subdir
* autobuild.sh: Disable dtrace for mingw32
* configure.ac: Add check for dtrace
* daemon/.gitignore: Ignore generated dtrace probe file
* daemon/Makefile.am: Build dtrace probe header & object
files
* daemon/libvirtd.stp: SystemTAP convenience probeset
* daemon/libvirtd.c: Add connect/disconnect & TLS probes
* daemon/remote.c: Add SASL and PolicyKit auth probes
* daemon/probes.d: Master probe definition
* daemon/libvirtd.h: Add convenience macro for probes
so that compilation is a no-op when dtrace is not available
* examples/systemtap/Makefile.am, examples/systemtap/client.stp
Example systemtap script using dtrace probe markers
* libvirt.spec.in: Enable dtrace on F13/RHEL6
* mingw32-libvirt.spec.in: Force disable dtrace
2010-09-15 00:30:32 +08:00
|
|
|
%doc examples/systemtap
|
2005-12-07 21:45:20 +08:00
|
|
|
|
2008-09-17 22:09:13 +08:00
|
|
|
%if %{with_python}
|
2005-12-20 00:34:11 +08:00
|
|
|
%files python
|
|
|
|
%defattr(-, root, root)
|
|
|
|
|
|
|
|
%doc AUTHORS NEWS README COPYING.LIB
|
2006-02-10 01:45:11 +08:00
|
|
|
%{_libdir}/python*/site-packages/libvirt.py*
|
2011-09-09 19:11:36 +08:00
|
|
|
%{_libdir}/python*/site-packages/libvirt_qemu.py*
|
2006-02-10 01:45:11 +08:00
|
|
|
%{_libdir}/python*/site-packages/libvirtmod*
|
2006-02-15 21:21:17 +08:00
|
|
|
%doc python/tests/*.py
|
2005-12-20 00:34:11 +08:00
|
|
|
%doc python/TODO
|
2009-09-16 20:07:48 +08:00
|
|
|
%doc examples/python
|
|
|
|
%doc examples/domain-events/events-python
|
2008-09-17 22:09:13 +08:00
|
|
|
%endif
|
2005-12-20 00:34:11 +08:00
|
|
|
|
2005-11-02 23:37:34 +08:00
|
|
|
%changelog
|
2012-01-07 12:18:06 +08:00
|
|
|
* Sat Jan 7 2012 Daniel Veillard <veillard@redhat.com> - 0.9.9-1
|
|
|
|
- Add API virDomain{S,G}etInterfaceParameters
|
|
|
|
- Add API virDomain{G, S}etNumaParameters
|
|
|
|
- Add support for ppc64 qemu
|
|
|
|
- Support Xen domctl v8
|
|
|
|
- many improvements and bug fixes
|
|
|
|
|
2011-12-08 15:13:50 +08:00
|
|
|
* Thu Dec 8 2011 Daniel Veillard <veillard@redhat.com> - 0.9.8-1
|
|
|
|
- Add support for QEMU 1.0
|
|
|
|
- Add preliminary PPC cpu driver
|
|
|
|
- Add new API virDomain{Set, Get}BlockIoTune
|
|
|
|
- block_resize: Define the new API
|
|
|
|
- Add a public API to invoke suspend/resume on the host
|
|
|
|
- various improvements for LXC containers
|
|
|
|
- Define keepalive protocol and add virConnectIsAlive API
|
|
|
|
- Add support for STP and VLAN filtering
|
|
|
|
- many improvements and bug fixes
|
|
|
|
|
2011-11-08 14:55:25 +08:00
|
|
|
* Tue Nov 8 2011 Daniel Veillard <veillard@redhat.com> - 0.9.7-1
|
|
|
|
- esx: support vSphere 5.x
|
|
|
|
- vbox: support for VirtualBox 4.1
|
|
|
|
- Introduce the virDomainOpenGraphics API
|
|
|
|
- Add AHCI support to qemu driver
|
|
|
|
- snapshot: many improvements and 2 new APIs
|
|
|
|
- api: Add public api for 'reset'
|
|
|
|
- many improvements and bug fixes
|
|
|
|
|
2011-09-22 14:53:23 +08:00
|
|
|
* Thu Sep 22 2011 Daniel Veillard <veillard@redhat.com> - 0.9.6-1
|
|
|
|
- Fix the qemu reboot bug and a few others bug fixes
|
|
|
|
|
2011-09-20 14:17:47 +08:00
|
|
|
* Tue Sep 20 2011 Daniel Veillard <veillard@redhat.com> - 0.9.5-1
|
|
|
|
- many snapshot improvements (Eric Blake)
|
|
|
|
- latency: Define new public API and structure (Osier Yang)
|
|
|
|
- USB2 and various USB improvements (Marc-André Lureau)
|
|
|
|
- storage: Add fs pool formatting (Osier Yang)
|
|
|
|
- Add public API for getting migration speed (Jim Fehlig)
|
|
|
|
- Add basic driver for Microsoft Hyper-V (Matthias Bolte)
|
|
|
|
- many improvements and bug fixes
|
|
|
|
|
2011-08-03 11:02:42 +08:00
|
|
|
* Wed Aug 3 2011 Daniel Veillard <veillard@redhat.com> - 0.9.4-1
|
|
|
|
- network bandwidth QoS control
|
|
|
|
- Add new API virDomainBlockPull*
|
|
|
|
- save: new API to manipulate save file images
|
|
|
|
- CPU bandwidth limits support
|
|
|
|
- allow to send NMI and key event to guests
|
|
|
|
- new API virDomainUndefineFlags
|
|
|
|
- Implement code to attach to external QEMU instances
|
|
|
|
- bios: Add support for SGA
|
|
|
|
- various missing python binding
|
|
|
|
- many improvements and bug fixes
|
|
|
|
|
2011-07-04 15:54:36 +08:00
|
|
|
* Mon Jul 4 2011 Daniel Veillard <veillard@redhat.com> - 0.9.3-1
|
|
|
|
- new API virDomainGetVcpupinInfo
|
|
|
|
- Add TXT record support for virtual DNS service
|
|
|
|
- Support reboots with the QEMU driver
|
|
|
|
- New API virDomainGetControlInfo API
|
|
|
|
- New API virNodeGetMemoryStats
|
|
|
|
- New API virNodeGetCPUTime
|
|
|
|
- New API for send-key
|
|
|
|
- New API virDomainPinVcpuFlags
|
|
|
|
- support multifunction PCI device
|
|
|
|
- lxc: various improvements
|
|
|
|
- many improvements and bug fixes
|
|
|
|
|
2011-06-06 11:46:37 +08:00
|
|
|
* Mon Jun 6 2011 Daniel Veillard <veillard@redhat.com> - 0.9.2-1
|
|
|
|
- Framework for lock manager plugins
|
|
|
|
- API for network config change transactions
|
|
|
|
- flags for setting memory parameters
|
|
|
|
- virDomainGetState public API
|
|
|
|
- qemu: allow blkstat/blkinfo calls during migration
|
|
|
|
- Introduce migration v3 API
|
|
|
|
- Defining the Screenshot public API
|
|
|
|
- public API for NMI injection
|
|
|
|
- Various improvements and bug fixes
|
|
|
|
|
2011-05-05 11:25:13 +08:00
|
|
|
* Thu May 5 2011 Daniel Veillard <veillard@redhat.com> - 0.9.1-1
|
|
|
|
- support various persistent domain updates
|
|
|
|
- improvements on memory APIs
|
|
|
|
- Add virDomainEventRebootNew
|
|
|
|
- various improvements to libxl driver
|
|
|
|
- Spice: support audio, images and stream compression
|
|
|
|
- Various improvements and bug fixes
|
|
|
|
|
2011-04-04 20:15:45 +08:00
|
|
|
* Mon Apr 4 2011 Daniel Veillard <veillard@redhat.com> - 0.9.0-1
|
|
|
|
- Support cputune cpu usage tuning
|
|
|
|
- Add public APIs for storage volume upload/download
|
|
|
|
- Add public API for setting migration speed on the fly
|
|
|
|
- Add libxenlight driver
|
|
|
|
- qemu: support migration to fd
|
|
|
|
- libvirt: add virDomain{Get,Set}BlkioParameters
|
|
|
|
- setmem: introduce a new libvirt API (virDomainSetMemoryFlags)
|
|
|
|
- Expose event loop implementation as a public API
|
|
|
|
- Dump the debug buffer to libvirtd.log on fatal signal
|
|
|
|
- Audit support
|
|
|
|
- Various improvements and bug fixes
|
|
|
|
|
2011-02-17 12:11:03 +08:00
|
|
|
* Thu Feb 17 2011 Daniel Veillard <veillard@redhat.com> - 0.8.8-1
|
|
|
|
- expose new API for sysinfo extraction
|
|
|
|
- cgroup blkio weight support
|
|
|
|
- smartcard device support
|
|
|
|
- qemu: Support per-device boot ordering
|
|
|
|
- Various improvements and bug fixes
|
|
|
|
|
2011-01-04 10:37:17 +08:00
|
|
|
* Tue Jan 4 2011 Daniel Veillard <veillard@redhat.com> - 0.8.7-1
|
|
|
|
- Preliminary support for VirtualBox 4.0
|
|
|
|
- IPv6 support
|
|
|
|
- Add VMware Workstation and Player driver driver
|
|
|
|
- Add network disk support
|
|
|
|
- Various improvements and bug fixes
|
|
|
|
|
2010-12-01 02:52:25 +08:00
|
|
|
* Tue Nov 30 2010 Daniel Veillard <veillard@redhat.com> - 0.8.6-1
|
|
|
|
- Add support for iSCSI target auto-discovery
|
|
|
|
- QED: Basic support for QED images
|
|
|
|
- remote console support
|
|
|
|
- support for SPICE graphics
|
|
|
|
- sysinfo and VMBIOS support
|
|
|
|
- virsh qemu-monitor-command
|
|
|
|
- various improvements and bug fixes
|
|
|
|
|
2010-10-29 22:50:33 +08:00
|
|
|
* Fri Oct 29 2010 Daniel Veillard <veillard@redhat.com> - 0.8.5-1
|
|
|
|
- Enable JSON and netdev features in QEMU >= 0.13
|
|
|
|
- framework for auditing integration
|
|
|
|
- framework DTrace/SystemTap integration
|
|
|
|
- Setting the number of vcpu at boot
|
|
|
|
- Enable support for nested SVM
|
|
|
|
- Virtio plan9fs filesystem QEMU
|
|
|
|
- Memory parameter controls
|
|
|
|
- various improvements and bug fixes
|
|
|
|
|
2010-09-10 23:19:28 +08:00
|
|
|
* Fri Sep 10 2010 Daniel Veillard <veillard@redhat.com> - 0.8.4-1
|
|
|
|
- big improvements to UML driver
|
|
|
|
- various improvements and bug fixes
|
|
|
|
|
2010-08-04 21:03:25 +08:00
|
|
|
* Wed Aug 4 2010 Daniel Veillard <veillard@redhat.com> - 0.8.3-1
|
2010-09-10 23:19:28 +08:00
|
|
|
- esx: Support vSphere 4.1
|
|
|
|
- Qemu arbitrary monitor commands
|
|
|
|
- Qemu Monitor API entry point
|
|
|
|
- various improvements and bug fixes
|
|
|
|
|
2010-07-05 23:29:25 +08:00
|
|
|
* Mon Jul 5 2010 Daniel Veillard <veillard@redhat.com> - 0.8.2-1
|
|
|
|
- phyp: adding support for IVM
|
|
|
|
- libvirt: introduce domainCreateWithFlags API
|
|
|
|
- add 802.1Qbh and 802.1Qbg switches handling
|
|
|
|
- Support for VirtualBox version 3.2
|
|
|
|
- Init script for handling guests on shutdown/boot
|
|
|
|
- qemu: live migration with non-shared storage for kvm
|
|
|
|
|
2010-05-01 00:55:08 +08:00
|
|
|
* Fri Apr 30 2010 Daniel Veillard <veillard@redhat.com> - 0.8.1-1
|
|
|
|
- Starts dnsmasq from libvirtd with --dhcp-hostsfile
|
|
|
|
- Add virDomainGetBlockInfo API to query disk sizing
|
|
|
|
- a lot of bug fixes and cleanups
|
|
|
|
|
2010-04-13 01:39:20 +08:00
|
|
|
* Mon Apr 12 2010 Daniel Veillard <veillard@redhat.com> - 0.8.0-1
|
|
|
|
- Snapshotting support (QEmu/VBox/ESX)
|
|
|
|
- Network filtering API
|
|
|
|
- XenAPI driver
|
|
|
|
- new APIs for domain events
|
|
|
|
- Libvirt managed save API
|
|
|
|
- timer subselection for domain clock
|
|
|
|
- synchronous hooks
|
|
|
|
- API to update guest CPU to host CPU
|
|
|
|
- virDomainUpdateDeviceFlags new API
|
|
|
|
- migrate max downtime API
|
|
|
|
- volume wiping API
|
|
|
|
- and many bug fixes
|
|
|
|
|
2010-03-06 00:10:21 +08:00
|
|
|
* Fri Mar 5 2010 Daniel Veillard <veillard@redhat.com> - 0.7.7-1
|
|
|
|
- macvtap support
|
|
|
|
- async job handling
|
|
|
|
- virtio channel
|
|
|
|
- computing baseline CPU
|
|
|
|
- virDomain{Attach,Detach}DeviceFlags
|
|
|
|
- assorted bug fixes and lots of cleanups
|
|
|
|
|
2010-02-04 01:16:25 +08:00
|
|
|
* Wed Feb 3 2010 Daniel Veillard <veillard@redhat.com> - 0.7.6-1
|
|
|
|
|
2009-12-24 00:00:22 +08:00
|
|
|
* Wed Dec 23 2009 Daniel Veillard <veillard@redhat.com> - 0.7.5-1
|
|
|
|
- Add new API virDomainMemoryStats
|
|
|
|
- Public API and domain extension for CPU flags
|
|
|
|
- vbox: Add support for version 3.1
|
|
|
|
- Support QEMU's virtual FAT block device driver
|
|
|
|
- a lot of fixes
|
|
|
|
|
2009-11-21 00:31:13 +08:00
|
|
|
* Fri Nov 20 2009 Daniel Veillard <veillard@redhat.com> - 0.7.3-1
|
|
|
|
- udev node device backend
|
|
|
|
- API to check object properties
|
|
|
|
- better QEmu monitor processing
|
|
|
|
- MAC address based port filtering for qemu
|
|
|
|
- support IPv6 and multiple addresses per interfaces
|
|
|
|
- a lot of fixes
|
|
|
|
|
2009-09-15 20:24:51 +08:00
|
|
|
* Tue Sep 15 2009 Daniel Veillard <veillard@redhat.com> - 0.7.1-1
|
|
|
|
- ESX, VBox driver updates
|
|
|
|
- mutipath support
|
|
|
|
- support for encrypted (qcow) volume
|
|
|
|
- compressed save image format for Qemu/KVM
|
|
|
|
- QEmu host PCI device hotplug support
|
|
|
|
- configuration of huge pages in guests
|
|
|
|
- a lot of fixes
|
|
|
|
|
2009-08-05 22:00:41 +08:00
|
|
|
* Wed Aug 5 2009 Daniel Veillard <veillard@redhat.com> - 0.7.0-1
|
|
|
|
- ESX, VBox3, Power Hypervisor drivers
|
|
|
|
- new net filesystem glusterfs
|
|
|
|
- Storage cloning for LVM and Disk backends
|
|
|
|
- interface implementation based on netcf
|
|
|
|
- Support cgroups in QEMU driver
|
|
|
|
- QEmu hotplug NIC support
|
|
|
|
- a lot of fixes
|
|
|
|
|
2009-07-03 22:32:17 +08:00
|
|
|
* Fri Jul 3 2009 Daniel Veillard <veillard@redhat.com> - 0.6.5-1
|
|
|
|
- release of 0.6.5
|
|
|
|
|
2009-05-30 00:51:15 +08:00
|
|
|
* Fri May 29 2009 Daniel Veillard <veillard@redhat.com> - 0.6.4-1
|
|
|
|
- release of 0.6.4
|
|
|
|
- various new APIs
|
|
|
|
|
2009-04-24 22:04:54 +08:00
|
|
|
* Fri Apr 24 2009 Daniel Veillard <veillard@redhat.com> - 0.6.3-1
|
|
|
|
- release of 0.6.3
|
|
|
|
- VirtualBox driver
|
|
|
|
|
2009-04-03 23:25:38 +08:00
|
|
|
* Fri Apr 3 2009 Daniel Veillard <veillard@redhat.com> - 0.6.2-1
|
|
|
|
- release of 0.6.2
|
|
|
|
|
|
|
|
* Fri Mar 4 2009 Daniel Veillard <veillard@redhat.com> - 0.6.1-1
|
|
|
|
- release of 0.6.1
|
|
|
|
|
|
|
|
* Sat Jan 31 2009 Daniel Veillard <veillard@redhat.com> - 0.6.0-1
|
|
|
|
- release of 0.6.0
|
|
|
|
|
2008-11-25 23:48:11 +08:00
|
|
|
* Tue Nov 25 2008 Daniel Veillard <veillard@redhat.com> - 0.5.0-1
|
|
|
|
- release of 0.5.0
|
|
|
|
|
2008-09-24 04:48:49 +08:00
|
|
|
* Tue Sep 23 2008 Daniel Veillard <veillard@redhat.com> - 0.4.6-1
|
|
|
|
- release of 0.4.6
|
|
|
|
|
2008-09-08 22:32:18 +08:00
|
|
|
* Mon Sep 8 2008 Daniel Veillard <veillard@redhat.com> - 0.4.5-1
|
|
|
|
- release of 0.4.5
|
|
|
|
|
|
|
|
* Wed Jun 25 2008 Daniel Veillard <veillard@redhat.com> - 0.4.4-1
|
|
|
|
- release of 0.4.4
|
|
|
|
- mostly a few bug fixes from 0.4.3
|
|
|
|
|
2008-06-13 00:10:50 +08:00
|
|
|
* Thu Jun 12 2008 Daniel Veillard <veillard@redhat.com> - 0.4.3-1
|
|
|
|
- release of 0.4.3
|
|
|
|
- lots of bug fixes and small improvements
|
|
|
|
|
2008-04-09 00:45:57 +08:00
|
|
|
* Tue Apr 8 2008 Daniel Veillard <veillard@redhat.com> - 0.4.2-1
|
|
|
|
- release of 0.4.2
|
|
|
|
- lots of bug fixes and small improvements
|
|
|
|
|
2008-03-03 22:42:37 +08:00
|
|
|
* Mon Mar 3 2008 Daniel Veillard <veillard@redhat.com> - 0.4.1-1
|
|
|
|
- Release of 0.4.1
|
|
|
|
- Storage APIs
|
|
|
|
- xenner support
|
|
|
|
- lots of assorted improvements, bugfixes and cleanups
|
|
|
|
- documentation and localization improvements
|
|
|
|
|
2007-12-18 07:51:07 +08:00
|
|
|
* Tue Dec 18 2007 Daniel Veillard <veillard@redhat.com> - 0.4.0-1
|
|
|
|
- Release of 0.4.0
|
|
|
|
- SASL based authentication
|
|
|
|
- PolicyKit authentication
|
|
|
|
- improved NUMA and statistics support
|
|
|
|
- lots of assorted improvements, bugfixes and cleanups
|
|
|
|
- documentation and localization improvements
|
|
|
|
|
2007-10-01 05:09:29 +08:00
|
|
|
* Sun Sep 30 2007 Daniel Veillard <veillard@redhat.com> - 0.3.3-1
|
|
|
|
- Release of 0.3.3
|
|
|
|
- Avahi support
|
|
|
|
- NUMA support
|
|
|
|
- lots of assorted improvements, bugfixes and cleanups
|
|
|
|
- documentation and localization improvements
|
|
|
|
|
2007-08-21 23:04:46 +08:00
|
|
|
* Tue Aug 21 2007 Daniel Veillard <veillard@redhat.com> - 0.3.2-1
|
|
|
|
- Release of 0.3.2
|
|
|
|
- API for domains migration
|
|
|
|
- APIs for collecting statistics on disks and interfaces
|
|
|
|
- lots of assorted bugfixes and cleanups
|
|
|
|
- documentation and localization improvements
|
|
|
|
|
2007-07-24 23:32:55 +08:00
|
|
|
* Tue Jul 24 2007 Daniel Veillard <veillard@redhat.com> - 0.3.1-1
|
|
|
|
- Release of 0.3.1
|
|
|
|
- localtime clock support
|
|
|
|
- PS/2 and USB input devices
|
|
|
|
- lots of assorted bugfixes and cleanups
|
|
|
|
- documentation and localization improvements
|
|
|
|
|
2007-07-09 20:41:29 +08:00
|
|
|
* Mon Jul 9 2007 Daniel Veillard <veillard@redhat.com> - 0.3.0-1
|
|
|
|
- Release of 0.3.0
|
|
|
|
- Secure remote access support
|
|
|
|
- unification of daemons
|
|
|
|
- lots of assorted bugfixes and cleanups
|
|
|
|
- documentation and localization improvements
|
|
|
|
|
|
|
|
* Fri Jun 8 2007 Daniel Veillard <veillard@redhat.com> - 0.2.3-1
|
2007-06-08 19:11:56 +08:00
|
|
|
- Release of 0.2.3
|
|
|
|
- lot of assorted bugfixes and cleanups
|
|
|
|
- support for Xen-3.1
|
|
|
|
- new scheduler API
|
|
|
|
|
2007-04-17 17:33:51 +08:00
|
|
|
* Tue Apr 17 2007 Daniel Veillard <veillard@redhat.com> - 0.2.2-1
|
|
|
|
- Release of 0.2.2
|
|
|
|
- lot of assorted bugfixes and cleanups
|
|
|
|
- preparing for Xen-3.0.5
|
|
|
|
|
2007-03-28 16:48:52 +08:00
|
|
|
* Thu Mar 22 2007 Jeremy Katz <katzj@redhat.com> - 0.2.1-2.fc7
|
|
|
|
- don't require xen; we don't need the daemon and can control non-xen now
|
|
|
|
- fix scriptlet error (need to own more directories)
|
|
|
|
- update description text
|
|
|
|
|
2007-04-17 17:33:51 +08:00
|
|
|
* Fri Mar 16 2007 Daniel Veillard <veillard@redhat.com> - 0.2.1-1
|
2007-03-17 03:31:14 +08:00
|
|
|
- Release of 0.2.1
|
|
|
|
- lot of bug and portability fixes
|
|
|
|
- Add support for network autostart and init scripts
|
|
|
|
- New API to detect the virtualization capabilities of a host
|
|
|
|
- Documentation updates
|
|
|
|
|
2007-03-05 18:56:02 +08:00
|
|
|
* Fri Feb 23 2007 Daniel P. Berrange <berrange@redhat.com> - 0.2.0-4.fc7
|
|
|
|
- Fix loading of guest & network configs
|
|
|
|
|
|
|
|
* Fri Feb 16 2007 Daniel P. Berrange <berrange@redhat.com> - 0.2.0-3.fc7
|
|
|
|
- Disable kqemu support since its not in Fedora qemu binary
|
|
|
|
- Fix for -vnc arg syntax change in 0.9.0 QEMU
|
|
|
|
|
|
|
|
* Thu Feb 15 2007 Daniel P. Berrange <berrange@redhat.com> - 0.2.0-2.fc7
|
|
|
|
- Fixed path to qemu daemon for autostart
|
|
|
|
- Fixed generation of <features> block in XML
|
|
|
|
- Pre-create config directory at startup
|
|
|
|
|
|
|
|
* Wed Feb 14 2007 Daniel Veillard <veillard@redhat.com> 0.2.0-1.fc7
|
2007-02-15 02:54:26 +08:00
|
|
|
- support for KVM and QEmu
|
|
|
|
- support for network configuration
|
|
|
|
- assorted fixes
|
|
|
|
|
2007-03-05 18:56:02 +08:00
|
|
|
* Mon Jan 22 2007 Daniel Veillard <veillard@redhat.com> 0.1.11-1.fc7
|
2007-01-22 23:31:00 +08:00
|
|
|
- finish inactive Xen domains support
|
|
|
|
- memory leak fix
|
|
|
|
- RelaxNG schemas for XML configs
|
|
|
|
|
2007-03-05 18:56:02 +08:00
|
|
|
* Wed Dec 20 2006 Daniel Veillard <veillard@redhat.com> 0.1.10-1.fc7
|
2006-12-20 22:54:25 +08:00
|
|
|
- support for inactive Xen domains
|
|
|
|
- improved support for Xen display and vnc
|
|
|
|
- a few bug fixes
|
|
|
|
- localization updates
|
|
|
|
|
2007-03-05 18:56:02 +08:00
|
|
|
* Thu Dec 7 2006 Jeremy Katz <katzj@redhat.com> - 0.1.9-2
|
|
|
|
- rebuild against python 2.5
|
|
|
|
|
2006-11-29 21:03:24 +08:00
|
|
|
* Wed Nov 29 2006 Daniel Veillard <veillard@redhat.com> 0.1.9-1
|
|
|
|
- better error reporting
|
|
|
|
- python bindings fixes and extensions
|
|
|
|
- add support for shareable drives
|
|
|
|
- add support for non-bridge style networking
|
|
|
|
- hot plug device support
|
|
|
|
- added support for inactive domains
|
|
|
|
- API to dump core of domains
|
|
|
|
- various bug fixes, cleanups and improvements
|
|
|
|
- updated the localization
|
|
|
|
|
2007-03-05 18:56:02 +08:00
|
|
|
* Tue Nov 7 2006 Daniel Veillard <veillard@redhat.com> 0.1.8-3
|
|
|
|
- it's pkgconfig not pgkconfig !
|
|
|
|
|
|
|
|
* Mon Nov 6 2006 Daniel Veillard <veillard@redhat.com> 0.1.8-2
|
|
|
|
- fixing spec file, added %dist, -devel requires pkgconfig and xen-devel
|
|
|
|
- Resolves: rhbz#202320
|
|
|
|
|
2006-10-17 00:04:55 +08:00
|
|
|
* Mon Oct 16 2006 Daniel Veillard <veillard@redhat.com> 0.1.8-1
|
|
|
|
- fix missing page size detection code for ia64
|
|
|
|
- fix mlock size when getting domain info list from hypervisor
|
|
|
|
- vcpu number initialization
|
|
|
|
- don't label crashed domains as shut off
|
|
|
|
- fix virsh man page
|
|
|
|
- blktapdd support for alternate drivers like blktap
|
|
|
|
- memory leak fixes (xend interface and XML parsing)
|
|
|
|
- compile fix
|
|
|
|
- mlock/munlock size fixes
|
|
|
|
|
|
|
|
* Fri Sep 22 2006 Daniel Veillard <veillard@redhat.com> 0.1.7-1
|
2006-09-29 18:25:21 +08:00
|
|
|
- Fix bug when running against xen-3.0.3 hypercalls
|
|
|
|
- Fix memory bug when getting vcpus info from xend
|
|
|
|
|
2006-09-22 17:58:17 +08:00
|
|
|
* Fri Sep 22 2006 Daniel Veillard <veillard@redhat.com> 0.1.6-1
|
|
|
|
- Support for localization
|
|
|
|
- Support for new Xen-3.0.3 cdrom and disk configuration
|
|
|
|
- Support for setting VNC port
|
|
|
|
- Fix bug when running against xen-3.0.2 hypercalls
|
|
|
|
- Fix reconnection problem when talking directly to http xend
|
|
|
|
|
|
|
|
* Tue Sep 5 2006 Jeremy Katz <katzj@redhat.com> - 0.1.5-3
|
|
|
|
- patch from danpb to support new-format cd devices for HVM guests
|
|
|
|
|
|
|
|
* Tue Sep 5 2006 Daniel Veillard <veillard@redhat.com> 0.1.5-2
|
|
|
|
- reactivating ia64 support
|
|
|
|
|
2006-09-05 14:48:44 +08:00
|
|
|
* Tue Sep 5 2006 Daniel Veillard <veillard@redhat.com> 0.1.5-1
|
|
|
|
- new release
|
|
|
|
- bug fixes
|
|
|
|
- support for new hypervisor calls
|
|
|
|
- early code for config files and defined domains
|
|
|
|
|
|
|
|
* Mon Sep 4 2006 Daniel Berrange <berrange@redhat.com> - 0.1.4-5
|
|
|
|
- add patch to address dom0_ops API breakage in Xen 3.0.3 tree
|
|
|
|
|
|
|
|
* Mon Aug 28 2006 Jeremy Katz <katzj@redhat.com> - 0.1.4-4
|
2008-02-06 03:27:37 +08:00
|
|
|
- add patch to support paravirt framebuffer in Xen
|
2006-09-05 14:48:44 +08:00
|
|
|
|
|
|
|
* Mon Aug 21 2006 Daniel Veillard <veillard@redhat.com> 0.1.4-3
|
|
|
|
- another patch to fix network handling in non-HVM guests
|
|
|
|
|
|
|
|
* Thu Aug 17 2006 Daniel Veillard <veillard@redhat.com> 0.1.4-2
|
|
|
|
- patch to fix virParseUUID()
|
|
|
|
|
2006-08-30 06:27:07 +08:00
|
|
|
* Wed Aug 16 2006 Daniel Veillard <veillard@redhat.com> 0.1.4-1
|
|
|
|
- vCPUs and affinity support
|
|
|
|
- more complete XML, console and boot options
|
|
|
|
- specific features support
|
|
|
|
- enforced read-only connections
|
|
|
|
- various improvements, bug fixes
|
|
|
|
|
|
|
|
* Wed Aug 2 2006 Jeremy Katz <katzj@redhat.com> - 0.1.3-6
|
|
|
|
- add patch from pvetere to allow getting uuid from libvirt
|
|
|
|
|
|
|
|
* Wed Aug 2 2006 Jeremy Katz <katzj@redhat.com> - 0.1.3-5
|
|
|
|
- build on ia64 now
|
|
|
|
|
|
|
|
* Thu Jul 27 2006 Jeremy Katz <katzj@redhat.com> - 0.1.3-4
|
|
|
|
- don't BR xen, we just need xen-devel
|
|
|
|
|
|
|
|
* Thu Jul 27 2006 Daniel Veillard <veillard@redhat.com> 0.1.3-3
|
|
|
|
- need rebuild since libxenstore is now versionned
|
|
|
|
|
2006-07-24 22:32:03 +08:00
|
|
|
* Mon Jul 24 2006 Mark McLoughlin <markmc@redhat.com> - 0.1.3-2
|
|
|
|
- Add BuildRequires: xen-devel
|
|
|
|
|
|
|
|
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 0.1.3-1.1
|
|
|
|
- rebuild
|
|
|
|
|
2006-07-12 00:57:03 +08:00
|
|
|
* Tue Jul 11 2006 Daniel Veillard <veillard@redhat.com> 0.1.3-1
|
|
|
|
- support for HVM Xen guests
|
|
|
|
- various bugfixes
|
|
|
|
|
2006-07-03 23:48:49 +08:00
|
|
|
* Mon Jul 3 2006 Daniel Veillard <veillard@redhat.com> 0.1.2-1
|
|
|
|
- added a proxy mechanism for read only access using httpu
|
|
|
|
- fixed header includes paths
|
|
|
|
|
2006-06-21 21:36:07 +08:00
|
|
|
* Wed Jun 21 2006 Daniel Veillard <veillard@redhat.com> 0.1.1-1
|
|
|
|
- extend and cleanup the driver infrastructure and code
|
|
|
|
- python examples
|
|
|
|
- extend uuid support
|
|
|
|
- bug fixes, buffer handling cleanups
|
|
|
|
- support for new Xen hypervisor API
|
|
|
|
- test driver for unit testing
|
|
|
|
- virsh --conect argument
|
|
|
|
|
2006-04-10 22:15:33 +08:00
|
|
|
* Mon Apr 10 2006 Daniel Veillard <veillard@redhat.com> 0.1.0-1
|
|
|
|
- various fixes
|
|
|
|
- new APIs: for Node information and Reboot
|
|
|
|
- virsh improvements and extensions
|
|
|
|
- documentation updates and man page
|
|
|
|
- enhancement and fixes of the XML description format
|
|
|
|
|
2006-02-28 22:22:33 +08:00
|
|
|
* Tue Feb 28 2006 Daniel Veillard <veillard@redhat.com> 0.0.6-1
|
|
|
|
- added error handling APIs
|
|
|
|
- small bug fixes
|
|
|
|
- improve python bindings
|
|
|
|
- augment documentation and regression tests
|
|
|
|
|
2006-02-23 19:35:37 +08:00
|
|
|
* Thu Feb 23 2006 Daniel Veillard <veillard@redhat.com> 0.0.5-1
|
|
|
|
- new domain creation API
|
|
|
|
- new UUID based APIs
|
|
|
|
- more tests, documentation, devhelp
|
|
|
|
- bug fixes
|
|
|
|
|
2006-02-10 18:28:59 +08:00
|
|
|
* Fri Feb 10 2006 Daniel Veillard <veillard@redhat.com> 0.0.4-1
|
|
|
|
- fixes some problems in 0.0.3 due to the change of names
|
|
|
|
|
2006-02-10 01:45:11 +08:00
|
|
|
* Wed Feb 8 2006 Daniel Veillard <veillard@redhat.com> 0.0.3-1
|
2008-02-06 03:27:37 +08:00
|
|
|
- changed library name to libvirt from libvir, complete and test the python
|
2006-02-10 01:45:11 +08:00
|
|
|
bindings
|
|
|
|
|
2006-01-31 18:21:10 +08:00
|
|
|
* Sun Jan 29 2006 Daniel Veillard <veillard@redhat.com> 0.0.2-1
|
|
|
|
- upstream release of 0.0.2, use xend, save and restore added, python bindings
|
|
|
|
fixed
|
|
|
|
|
2005-11-02 23:37:34 +08:00
|
|
|
* Wed Nov 2 2005 Daniel Veillard <veillard@redhat.com> 0.0.1-1
|
|
|
|
- created
|