2016-01-11 04:35:36 +08:00
|
|
|
## Copyright (C) 2005-2016 Red Hat, Inc.
|
|
|
|
## Copyright (C) 2013 Yuto KAWAMURA(kawamuray) <kawamuray.dadada@gmail.com>
|
2013-05-15 07:42:12 +08:00
|
|
|
##
|
|
|
|
## This library is free software; you can redistribute it and/or
|
|
|
|
## modify it under the terms of the GNU Lesser General Public
|
|
|
|
## License as published by the Free Software Foundation; either
|
|
|
|
## version 2.1 of the License, or (at your option) any later version.
|
|
|
|
##
|
|
|
|
## This library is distributed in the hope that it will be useful,
|
|
|
|
## but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
## Lesser General Public License for more details.
|
|
|
|
##
|
|
|
|
## You should have received a copy of the GNU Lesser General Public
|
|
|
|
## License along with this library. If not, see
|
|
|
|
## <http://www.gnu.org/licenses/>.
|
2009-04-19 23:10:45 +08:00
|
|
|
|
2019-01-05 03:47:44 +08:00
|
|
|
AM_CPPFLAGS = \
|
2017-11-03 20:09:47 +08:00
|
|
|
-I$(top_builddir)/include -I$(top_srcdir)/include \
|
|
|
|
-I$(top_builddir)/src -I$(top_srcdir)/src \
|
|
|
|
-I$(top_srcdir)/src/util \
|
|
|
|
-I$(top_srcdir) \
|
2019-01-05 03:42:52 +08:00
|
|
|
$(NULL)
|
2011-07-28 20:55:21 +08:00
|
|
|
|
2020-01-18 00:00:27 +08:00
|
|
|
# We do not want to accidentally include stuff from src/
|
|
|
|
# dir or public API dir. Specific files can
|
2019-08-08 17:23:26 +08:00
|
|
|
# still be included via their path relative to the root if
|
|
|
|
# needed
|
|
|
|
STANDALONE_CPPFLAGS = -I$(top_srcdir)
|
|
|
|
|
2017-11-16 21:35:12 +08:00
|
|
|
AM_CFLAGS = \
|
|
|
|
$(WARN_CFLAGS) \
|
2019-08-02 19:05:37 +08:00
|
|
|
$(COVERAGE_CFLAGS) \
|
2017-11-16 21:35:12 +08:00
|
|
|
$(PIE_CFLAGS) \
|
|
|
|
$(LIBXML_CFLAGS) \
|
build: link to glib library
Add the main glib.h to internal.h so that all common code can use it.
Historically glib allowed applications to register an alternative
memory allocator, so mixing g_malloc/g_free with malloc/free was not
safe.
This was feature was dropped in 2.46.0 with:
commit 3be6ed60aa58095691bd697344765e715a327fc1
Author: Alexander Larsson <alexl@redhat.com>
Date: Sat Jun 27 18:38:42 2015 +0200
Deprecate and drop support for memory vtables
Applications are still encourged to match g_malloc/g_free, but it is no
longer a mandatory requirement for correctness, just stylistic. This is
explicitly clarified in
commit 1f24b36607bf708f037396014b2cdbc08d67b275
Author: Daniel P. Berrangé <berrange@redhat.com>
Date: Thu Sep 5 14:37:54 2019 +0100
gmem: clarify that g_malloc always uses the system allocator
Applications can still use custom allocators in general, but they must
do this by linking to a library that replaces the core malloc/free
implemenentation entirely, instead of via a glib specific call.
This means that libvirt does not need to be concerned about use of
g_malloc/g_free causing an ABI change in the public libary, and can
avoid memory copying when talking to external libraries.
This patch probes for glib, which provides the foundation layer with
a collection of data structures, helper APIs, and platform portability
logic.
Later patches will introduce linkage to gobject which provides the
object type system, built on glib, and gio which providing objects
for various interesting tasks, most notably including DBus client
and server support and portable sockets APIs, but much more too.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-29 23:12:24 +08:00
|
|
|
$(GLIB_CFLAGS) \
|
2017-11-16 21:35:12 +08:00
|
|
|
$(NULL)
|
|
|
|
|
2013-08-20 17:20:46 +08:00
|
|
|
AM_LDFLAGS = \
|
2017-11-03 20:09:47 +08:00
|
|
|
$(RELRO_LDFLAGS) \
|
|
|
|
$(NO_INDIRECT_LDFLAGS) \
|
2018-01-25 17:35:58 +08:00
|
|
|
$(NO_UNDEFINED_LDFLAGS) \
|
2013-08-20 17:20:46 +08:00
|
|
|
$(NULL)
|
|
|
|
|
2009-09-16 19:01:53 +08:00
|
|
|
ICON_FILES = \
|
|
|
|
libvirt_win_icon_16x16.ico \
|
|
|
|
libvirt_win_icon_32x32.ico \
|
|
|
|
libvirt_win_icon_48x48.ico \
|
|
|
|
libvirt_win_icon_64x64.ico \
|
|
|
|
virsh_win_icon.rc
|
|
|
|
|
2010-08-25 20:07:26 +08:00
|
|
|
EXTRA_DIST = \
|
2017-11-03 20:09:47 +08:00
|
|
|
$(ICON_FILES) \
|
|
|
|
$(conf_DATA) \
|
|
|
|
virt-xml-validate.in \
|
|
|
|
virt-pki-validate.in \
|
|
|
|
virt-sanlock-cleanup.in \
|
|
|
|
libvirt-guests.sysconf \
|
|
|
|
virt-login-shell.conf \
|
|
|
|
virsh-edit.c \
|
2017-11-02 21:41:53 +08:00
|
|
|
bash-completion/vsh \
|
2018-09-25 20:15:24 +08:00
|
|
|
libvirt_recover_xattrs.sh \
|
2016-04-13 23:09:14 +08:00
|
|
|
$(NULL)
|
2012-07-31 11:52:13 +08:00
|
|
|
|
|
|
|
|
2016-01-11 04:35:36 +08:00
|
|
|
CLEANFILES =
|
2011-10-12 05:10:17 +08:00
|
|
|
DISTCLEANFILES =
|
2016-04-13 23:12:24 +08:00
|
|
|
MAINTAINERCLEANFILES =
|
2011-10-12 05:10:17 +08:00
|
|
|
|
2013-08-08 23:36:31 +08:00
|
|
|
confdir = $(sysconfdir)/libvirt
|
2013-08-31 03:58:59 +08:00
|
|
|
conf_DATA =
|
2013-08-08 23:36:31 +08:00
|
|
|
|
2009-09-16 21:42:57 +08:00
|
|
|
bin_SCRIPTS = virt-xml-validate virt-pki-validate
|
2016-04-08 23:14:13 +08:00
|
|
|
bin_PROGRAMS = virsh virt-admin
|
2012-10-21 10:29:51 +08:00
|
|
|
libexec_SCRIPTS = libvirt-guests.sh
|
2009-09-16 19:01:53 +08:00
|
|
|
|
2012-09-20 19:58:07 +08:00
|
|
|
if WITH_SANLOCK
|
2011-06-14 16:29:00 +08:00
|
|
|
sbin_SCRIPTS = virt-sanlock-cleanup
|
2011-10-12 05:10:17 +08:00
|
|
|
DISTCLEANFILES += virt-sanlock-cleanup
|
2013-09-04 10:39:16 +08:00
|
|
|
endif WITH_SANLOCK
|
2009-09-16 19:01:53 +08:00
|
|
|
|
2015-11-10 06:36:40 +08:00
|
|
|
if WITH_LOGIN_SHELL
|
2013-08-31 03:58:59 +08:00
|
|
|
conf_DATA += virt-login-shell.conf
|
|
|
|
bin_PROGRAMS += virt-login-shell
|
tools: split virt-login-shell into two binaries
The virt-login-shell binary is a setuid program that takes
no arguments. When invoked it looks at the invoking uid,
resolves it to a username, and finds an LXC guest with the
same name. It then starts the guest and runs the shell in
side the namespaces of the container.
Given this set of tasks the virt-login-shell binary needs
to connect to libvirtd, make various other libvirt API calls.
This is a problem for setuid binaries as various libraries
that libvirt.so links to are not safe. For example, they have
constructor functions which execute an unknown amount of code
that can be influenced by env variables.
For this reason virt-login-shell doesn't use libvirt.so,
but instead links to a custom, cut down, set of source files
sufficient to be a local client only.
This introduces a problem for integrating glib2 into libvirt
though, as once integrated, there would be no way to build
virt-login-shell without an external dependancy on glib2 and
this is definitely not setuid safe.
To resolve this problem, we split the virt-login-shell binary
into two parts. The first part is setuid and does almost
nothing. It simply records the original uid+gid, and then
invokes the virt-login-shell-helper binary. Crucially when
it does this it completes scrubs all environment variables.
It is thus safe for virt-login-shell-helper to link to the
normal libvirt.so. Any things that constructor functions
do cannot be influenced by user control env vars or cli
args.
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-01 17:58:31 +08:00
|
|
|
libexec_PROGRAMS = virt-login-shell-helper
|
2016-04-14 01:24:51 +08:00
|
|
|
endif WITH_LOGIN_SHELL
|
2009-04-19 23:10:45 +08:00
|
|
|
|
2016-04-08 23:14:13 +08:00
|
|
|
if WITH_HOST_VALIDATE
|
|
|
|
bin_PROGRAMS += virt-host-validate
|
2016-04-13 04:05:15 +08:00
|
|
|
endif WITH_HOST_VALIDATE
|
2016-04-08 23:14:13 +08:00
|
|
|
|
2009-04-19 23:10:45 +08:00
|
|
|
virt-xml-validate: virt-xml-validate.in Makefile
|
2013-08-20 06:26:41 +08:00
|
|
|
$(AM_V_GEN)sed -e 's|[@]schemadir@|$(pkgdatadir)/schemas|g' \
|
|
|
|
-e 's|[@]VERSION@|$(VERSION)|g' \
|
|
|
|
< $< > $@ || (rm $@ && exit 1) && chmod +x $@
|
2009-04-19 23:10:45 +08:00
|
|
|
|
2009-09-16 21:42:57 +08:00
|
|
|
virt-pki-validate: virt-pki-validate.in Makefile
|
2013-08-20 06:38:57 +08:00
|
|
|
$(AM_V_GEN)sed -e 's|[@]sysconfdir@|$(sysconfdir)|g' \
|
|
|
|
-e 's|[@]VERSION@|$(VERSION)|g' \
|
|
|
|
< $< > $@ || (rm $@ && exit 1) && chmod +x $@
|
2009-09-16 19:01:53 +08:00
|
|
|
|
2011-06-14 16:29:00 +08:00
|
|
|
virt-sanlock-cleanup: virt-sanlock-cleanup.in Makefile
|
build: use common .in replacement mechanism
We had several different styles of .in conversion in our Makefiles:
ALLCAPS, @ALLCAPS@, @lower@, ::lower::
Canonicalize on one form, to make it easier to copy and paste
between .in files.
Also, we were using some non-portable sed constructs: \@ is an
undefined escape sequence (it happens to be @ itself in GNU sed,
but POSIX allows it to mean something else), as well as risky
behavior (failure to consistently quote things means a space
in $(sysconfdir) could throw things off; also, Autoconf recommends
using | rather than , or ! in the s||| operator, because | has to
be quoted in shell and is therefore less likely to appear in file
names than , or !).
Fix all of these uses to follow the same syntax.
* daemon/libvirtd.8.in: Switch to @var@.
* tools/virt-xml-validate.in: Likewise.
* tools/virt-pki-validate.in: Likewise.
* src/locking/virtlockd.init.in: Likewise.
* daemon/Makefile.am: Prefer | over ! in sed.
(libvirtd.8): Prefer consistent substitution.
(libvirtd.init, libvirtd.service): Avoid non-portable sed.
* tools/Makefile.am (libvirt-guests.sh, libvirt-guests.init)
(libvirt-guests.service): Likewise.
(virt-xml-validate, virt-pki-validate, virt-sanlock-cleanup):
Prefer consistent capitalization.
* src/Makefile.am (virtlockd.init, virtlockd.service)
(virtlockd.socket): Prefer consistent substitution.
2013-01-05 04:35:04 +08:00
|
|
|
$(AM_V_GEN)sed -e 's|[@]sysconfdir@|$(sysconfdir)|' \
|
|
|
|
-e 's|[@]localstatedir@|$(localstatedir)|' < $< > $@ \
|
2011-06-14 16:29:00 +08:00
|
|
|
|| (rm $@ && exit 1) && chmod +x $@
|
|
|
|
|
2015-09-23 21:17:35 +08:00
|
|
|
noinst_LTLIBRARIES = libvirt_shell.la
|
|
|
|
libvirt_shell_la_CFLAGS = \
|
2017-11-03 20:09:47 +08:00
|
|
|
$(AM_CFLAGS) \
|
|
|
|
$(READLINE_CFLAGS) \
|
2015-09-23 21:17:35 +08:00
|
|
|
$(NULL)
|
|
|
|
libvirt_shell_la_LDFLAGS = \
|
2017-11-03 20:09:47 +08:00
|
|
|
$(AM_LDFLAGS) \
|
|
|
|
$(PIE_LDFLAGS) \
|
2019-08-02 19:05:37 +08:00
|
|
|
$(COVERAGE_LDFLAGS) \
|
2015-09-23 21:17:35 +08:00
|
|
|
$(NULL)
|
|
|
|
libvirt_shell_la_LIBADD = \
|
2018-03-05 23:39:48 +08:00
|
|
|
../src/libvirt.la \
|
2017-11-03 20:09:47 +08:00
|
|
|
$(LIBXML_LIBS) \
|
|
|
|
$(READLINE_LIBS) \
|
build: link to glib library
Add the main glib.h to internal.h so that all common code can use it.
Historically glib allowed applications to register an alternative
memory allocator, so mixing g_malloc/g_free with malloc/free was not
safe.
This was feature was dropped in 2.46.0 with:
commit 3be6ed60aa58095691bd697344765e715a327fc1
Author: Alexander Larsson <alexl@redhat.com>
Date: Sat Jun 27 18:38:42 2015 +0200
Deprecate and drop support for memory vtables
Applications are still encourged to match g_malloc/g_free, but it is no
longer a mandatory requirement for correctness, just stylistic. This is
explicitly clarified in
commit 1f24b36607bf708f037396014b2cdbc08d67b275
Author: Daniel P. Berrangé <berrange@redhat.com>
Date: Thu Sep 5 14:37:54 2019 +0100
gmem: clarify that g_malloc always uses the system allocator
Applications can still use custom allocators in general, but they must
do this by linking to a library that replaces the core malloc/free
implemenentation entirely, instead of via a glib specific call.
This means that libvirt does not need to be concerned about use of
g_malloc/g_free causing an ABI change in the public libary, and can
avoid memory copying when talking to external libraries.
This patch probes for glib, which provides the foundation layer with
a collection of data structures, helper APIs, and platform portability
logic.
Later patches will introduce linkage to gobject which provides the
object type system, built on glib, and gio which providing objects
for various interesting tasks, most notably including DBus client
and server support and portable sockets APIs, but much more too.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-29 23:12:24 +08:00
|
|
|
$(GLIB_LIBS) \
|
2015-09-23 21:17:35 +08:00
|
|
|
$(NULL)
|
2018-08-23 23:53:41 +08:00
|
|
|
libvirt_shell_la_SOURCES = \
|
|
|
|
vsh.c vsh.h \
|
|
|
|
vsh-table.c vsh-table.h
|
2015-09-23 21:17:35 +08:00
|
|
|
|
2012-01-11 01:31:21 +08:00
|
|
|
virt_host_validate_SOURCES = \
|
|
|
|
virt-host-validate.c \
|
2017-02-25 00:27:56 +08:00
|
|
|
virt-host-validate-common.c virt-host-validate-common.h
|
|
|
|
|
|
|
|
VIRT_HOST_VALIDATE_QEMU = \
|
|
|
|
virt-host-validate-qemu.c \
|
|
|
|
virt-host-validate-qemu.h
|
|
|
|
VIRT_HOST_VALIDATE_LXC = \
|
|
|
|
virt-host-validate-lxc.c \
|
|
|
|
virt-host-validate-lxc.h
|
|
|
|
VIRT_HOST_VALIDATE_BHYVE = \
|
|
|
|
virt-host-validate-bhyve.c \
|
|
|
|
virt-host-validate-bhyve.h
|
|
|
|
if WITH_QEMU
|
|
|
|
virt_host_validate_SOURCES += $(VIRT_HOST_VALIDATE_QEMU)
|
|
|
|
else ! WITH_QEMU
|
|
|
|
EXTRA_DIST += $(VIRT_HOST_VALIDATE_QEMU)
|
|
|
|
endif ! WITH_QEMU
|
|
|
|
|
|
|
|
if WITH_LXC
|
|
|
|
virt_host_validate_SOURCES += $(VIRT_HOST_VALIDATE_LXC)
|
|
|
|
else ! WITH_LXC
|
|
|
|
EXTRA_DIST += $(VIRT_HOST_VALIDATE_LXC)
|
|
|
|
endif ! WITH_LXC
|
|
|
|
|
|
|
|
if WITH_BHYVE
|
|
|
|
virt_host_validate_SOURCES += $(VIRT_HOST_VALIDATE_BHYVE)
|
|
|
|
else ! WITH_BHYVE
|
|
|
|
EXTRA_DIST += $(VIRT_HOST_VALIDATE_BHYVE)
|
|
|
|
endif ! WITH_BHYVE
|
2012-01-11 01:31:21 +08:00
|
|
|
|
|
|
|
virt_host_validate_LDFLAGS = \
|
2013-08-20 17:20:46 +08:00
|
|
|
$(AM_LDFLAGS) \
|
2013-04-03 18:32:15 +08:00
|
|
|
$(PIE_LDFLAGS) \
|
2019-08-02 19:05:37 +08:00
|
|
|
$(COVERAGE_LDFLAGS) \
|
2012-01-11 01:31:21 +08:00
|
|
|
$(NULL)
|
|
|
|
|
|
|
|
virt_host_validate_LDADD = \
|
2017-11-03 20:09:47 +08:00
|
|
|
../src/libvirt.la \
|
build: link to glib library
Add the main glib.h to internal.h so that all common code can use it.
Historically glib allowed applications to register an alternative
memory allocator, so mixing g_malloc/g_free with malloc/free was not
safe.
This was feature was dropped in 2.46.0 with:
commit 3be6ed60aa58095691bd697344765e715a327fc1
Author: Alexander Larsson <alexl@redhat.com>
Date: Sat Jun 27 18:38:42 2015 +0200
Deprecate and drop support for memory vtables
Applications are still encourged to match g_malloc/g_free, but it is no
longer a mandatory requirement for correctness, just stylistic. This is
explicitly clarified in
commit 1f24b36607bf708f037396014b2cdbc08d67b275
Author: Daniel P. Berrangé <berrange@redhat.com>
Date: Thu Sep 5 14:37:54 2019 +0100
gmem: clarify that g_malloc always uses the system allocator
Applications can still use custom allocators in general, but they must
do this by linking to a library that replaces the core malloc/free
implemenentation entirely, instead of via a glib specific call.
This means that libvirt does not need to be concerned about use of
g_malloc/g_free causing an ABI change in the public libary, and can
avoid memory copying when talking to external libraries.
This patch probes for glib, which provides the foundation layer with
a collection of data structures, helper APIs, and platform portability
logic.
Later patches will introduce linkage to gobject which provides the
object type system, built on glib, and gio which providing objects
for various interesting tasks, most notably including DBus client
and server support and portable sockets APIs, but much more too.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-29 23:12:24 +08:00
|
|
|
$(GLIB_LIBS) \
|
2012-01-11 01:31:21 +08:00
|
|
|
$(NULL)
|
|
|
|
|
|
|
|
virt_host_validate_CFLAGS = \
|
2017-11-16 21:35:12 +08:00
|
|
|
$(AM_CFLAGS) \
|
2012-01-11 01:31:21 +08:00
|
|
|
$(NULL)
|
|
|
|
|
tools: split virt-login-shell into two binaries
The virt-login-shell binary is a setuid program that takes
no arguments. When invoked it looks at the invoking uid,
resolves it to a username, and finds an LXC guest with the
same name. It then starts the guest and runs the shell in
side the namespaces of the container.
Given this set of tasks the virt-login-shell binary needs
to connect to libvirtd, make various other libvirt API calls.
This is a problem for setuid binaries as various libraries
that libvirt.so links to are not safe. For example, they have
constructor functions which execute an unknown amount of code
that can be influenced by env variables.
For this reason virt-login-shell doesn't use libvirt.so,
but instead links to a custom, cut down, set of source files
sufficient to be a local client only.
This introduces a problem for integrating glib2 into libvirt
though, as once integrated, there would be no way to build
virt-login-shell without an external dependancy on glib2 and
this is definitely not setuid safe.
To resolve this problem, we split the virt-login-shell binary
into two parts. The first part is setuid and does almost
nothing. It simply records the original uid+gid, and then
invokes the virt-login-shell-helper binary. Crucially when
it does this it completes scrubs all environment variables.
It is thus safe for virt-login-shell-helper to link to the
normal libvirt.so. Any things that constructor functions
do cannot be influenced by user control env vars or cli
args.
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-01 17:58:31 +08:00
|
|
|
# virt-login-shell will be setuid, and must not link to anything
|
|
|
|
# except glibc. It wil scrub the environment and then invoke the
|
|
|
|
# real virt-login-shell-helper binary.
|
2017-11-03 20:09:47 +08:00
|
|
|
virt_login_shell_SOURCES = \
|
tools: split virt-login-shell into two binaries
The virt-login-shell binary is a setuid program that takes
no arguments. When invoked it looks at the invoking uid,
resolves it to a username, and finds an LXC guest with the
same name. It then starts the guest and runs the shell in
side the namespaces of the container.
Given this set of tasks the virt-login-shell binary needs
to connect to libvirtd, make various other libvirt API calls.
This is a problem for setuid binaries as various libraries
that libvirt.so links to are not safe. For example, they have
constructor functions which execute an unknown amount of code
that can be influenced by env variables.
For this reason virt-login-shell doesn't use libvirt.so,
but instead links to a custom, cut down, set of source files
sufficient to be a local client only.
This introduces a problem for integrating glib2 into libvirt
though, as once integrated, there would be no way to build
virt-login-shell without an external dependancy on glib2 and
this is definitely not setuid safe.
To resolve this problem, we split the virt-login-shell binary
into two parts. The first part is setuid and does almost
nothing. It simply records the original uid+gid, and then
invokes the virt-login-shell-helper binary. Crucially when
it does this it completes scrubs all environment variables.
It is thus safe for virt-login-shell-helper to link to the
normal libvirt.so. Any things that constructor functions
do cannot be influenced by user control env vars or cli
args.
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-01 17:58:31 +08:00
|
|
|
virt-login-shell.c
|
|
|
|
|
2019-08-08 17:23:26 +08:00
|
|
|
virt_login_shell_CPPFLAGS = $(STANDALONE_CPPFLAGS)
|
|
|
|
|
tools: split virt-login-shell into two binaries
The virt-login-shell binary is a setuid program that takes
no arguments. When invoked it looks at the invoking uid,
resolves it to a username, and finds an LXC guest with the
same name. It then starts the guest and runs the shell in
side the namespaces of the container.
Given this set of tasks the virt-login-shell binary needs
to connect to libvirtd, make various other libvirt API calls.
This is a problem for setuid binaries as various libraries
that libvirt.so links to are not safe. For example, they have
constructor functions which execute an unknown amount of code
that can be influenced by env variables.
For this reason virt-login-shell doesn't use libvirt.so,
but instead links to a custom, cut down, set of source files
sufficient to be a local client only.
This introduces a problem for integrating glib2 into libvirt
though, as once integrated, there would be no way to build
virt-login-shell without an external dependancy on glib2 and
this is definitely not setuid safe.
To resolve this problem, we split the virt-login-shell binary
into two parts. The first part is setuid and does almost
nothing. It simply records the original uid+gid, and then
invokes the virt-login-shell-helper binary. Crucially when
it does this it completes scrubs all environment variables.
It is thus safe for virt-login-shell-helper to link to the
normal libvirt.so. Any things that constructor functions
do cannot be influenced by user control env vars or cli
args.
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-01 17:58:31 +08:00
|
|
|
virt_login_shell_helper_SOURCES = \
|
2019-08-01 17:57:39 +08:00
|
|
|
virt-login-shell-helper.c
|
2013-08-08 23:36:31 +08:00
|
|
|
|
tools: split virt-login-shell into two binaries
The virt-login-shell binary is a setuid program that takes
no arguments. When invoked it looks at the invoking uid,
resolves it to a username, and finds an LXC guest with the
same name. It then starts the guest and runs the shell in
side the namespaces of the container.
Given this set of tasks the virt-login-shell binary needs
to connect to libvirtd, make various other libvirt API calls.
This is a problem for setuid binaries as various libraries
that libvirt.so links to are not safe. For example, they have
constructor functions which execute an unknown amount of code
that can be influenced by env variables.
For this reason virt-login-shell doesn't use libvirt.so,
but instead links to a custom, cut down, set of source files
sufficient to be a local client only.
This introduces a problem for integrating glib2 into libvirt
though, as once integrated, there would be no way to build
virt-login-shell without an external dependancy on glib2 and
this is definitely not setuid safe.
To resolve this problem, we split the virt-login-shell binary
into two parts. The first part is setuid and does almost
nothing. It simply records the original uid+gid, and then
invokes the virt-login-shell-helper binary. Crucially when
it does this it completes scrubs all environment variables.
It is thus safe for virt-login-shell-helper to link to the
normal libvirt.so. Any things that constructor functions
do cannot be influenced by user control env vars or cli
args.
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-01 17:58:31 +08:00
|
|
|
virt_login_shell_helper_LDFLAGS = \
|
2017-11-03 20:09:47 +08:00
|
|
|
$(AM_LDFLAGS) \
|
|
|
|
$(PIE_LDFLAGS) \
|
2019-08-02 19:05:37 +08:00
|
|
|
$(COVERAGE_LDFLAGS) \
|
2013-08-20 17:20:46 +08:00
|
|
|
$(NULL)
|
tools: split virt-login-shell into two binaries
The virt-login-shell binary is a setuid program that takes
no arguments. When invoked it looks at the invoking uid,
resolves it to a username, and finds an LXC guest with the
same name. It then starts the guest and runs the shell in
side the namespaces of the container.
Given this set of tasks the virt-login-shell binary needs
to connect to libvirtd, make various other libvirt API calls.
This is a problem for setuid binaries as various libraries
that libvirt.so links to are not safe. For example, they have
constructor functions which execute an unknown amount of code
that can be influenced by env variables.
For this reason virt-login-shell doesn't use libvirt.so,
but instead links to a custom, cut down, set of source files
sufficient to be a local client only.
This introduces a problem for integrating glib2 into libvirt
though, as once integrated, there would be no way to build
virt-login-shell without an external dependancy on glib2 and
this is definitely not setuid safe.
To resolve this problem, we split the virt-login-shell binary
into two parts. The first part is setuid and does almost
nothing. It simply records the original uid+gid, and then
invokes the virt-login-shell-helper binary. Crucially when
it does this it completes scrubs all environment variables.
It is thus safe for virt-login-shell-helper to link to the
normal libvirt.so. Any things that constructor functions
do cannot be influenced by user control env vars or cli
args.
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-01 17:58:31 +08:00
|
|
|
virt_login_shell_helper_LDADD = \
|
|
|
|
../src/libvirt.la \
|
|
|
|
../src/libvirt-lxc.la \
|
build: link to glib library
Add the main glib.h to internal.h so that all common code can use it.
Historically glib allowed applications to register an alternative
memory allocator, so mixing g_malloc/g_free with malloc/free was not
safe.
This was feature was dropped in 2.46.0 with:
commit 3be6ed60aa58095691bd697344765e715a327fc1
Author: Alexander Larsson <alexl@redhat.com>
Date: Sat Jun 27 18:38:42 2015 +0200
Deprecate and drop support for memory vtables
Applications are still encourged to match g_malloc/g_free, but it is no
longer a mandatory requirement for correctness, just stylistic. This is
explicitly clarified in
commit 1f24b36607bf708f037396014b2cdbc08d67b275
Author: Daniel P. Berrangé <berrange@redhat.com>
Date: Thu Sep 5 14:37:54 2019 +0100
gmem: clarify that g_malloc always uses the system allocator
Applications can still use custom allocators in general, but they must
do this by linking to a library that replaces the core malloc/free
implemenentation entirely, instead of via a glib specific call.
This means that libvirt does not need to be concerned about use of
g_malloc/g_free causing an ABI change in the public libary, and can
avoid memory copying when talking to external libraries.
This patch probes for glib, which provides the foundation layer with
a collection of data structures, helper APIs, and platform portability
logic.
Later patches will introduce linkage to gobject which provides the
object type system, built on glib, and gio which providing objects
for various interesting tasks, most notably including DBus client
and server support and portable sockets APIs, but much more too.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-29 23:12:24 +08:00
|
|
|
$(GLIB_LIBS) \
|
2020-01-18 00:00:27 +08:00
|
|
|
$(NULL)
|
2013-08-08 23:36:31 +08:00
|
|
|
|
tools: split virt-login-shell into two binaries
The virt-login-shell binary is a setuid program that takes
no arguments. When invoked it looks at the invoking uid,
resolves it to a username, and finds an LXC guest with the
same name. It then starts the guest and runs the shell in
side the namespaces of the container.
Given this set of tasks the virt-login-shell binary needs
to connect to libvirtd, make various other libvirt API calls.
This is a problem for setuid binaries as various libraries
that libvirt.so links to are not safe. For example, they have
constructor functions which execute an unknown amount of code
that can be influenced by env variables.
For this reason virt-login-shell doesn't use libvirt.so,
but instead links to a custom, cut down, set of source files
sufficient to be a local client only.
This introduces a problem for integrating glib2 into libvirt
though, as once integrated, there would be no way to build
virt-login-shell without an external dependancy on glib2 and
this is definitely not setuid safe.
To resolve this problem, we split the virt-login-shell binary
into two parts. The first part is setuid and does almost
nothing. It simply records the original uid+gid, and then
invokes the virt-login-shell-helper binary. Crucially when
it does this it completes scrubs all environment variables.
It is thus safe for virt-login-shell-helper to link to the
normal libvirt.so. Any things that constructor functions
do cannot be influenced by user control env vars or cli
args.
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-08-01 17:58:31 +08:00
|
|
|
virt_login_shell_helper_CFLAGS = \
|
2017-11-16 21:35:12 +08:00
|
|
|
$(AM_CFLAGS) \
|
|
|
|
$(NULL)
|
2013-08-08 23:36:31 +08:00
|
|
|
|
2017-11-03 20:09:47 +08:00
|
|
|
virsh_SOURCES = \
|
|
|
|
virsh.c virsh.h \
|
2019-08-22 09:42:45 +08:00
|
|
|
virsh-backup.c virsh-backup.h \
|
2019-03-14 05:04:51 +08:00
|
|
|
virsh-checkpoint.c virsh-checkpoint.h \
|
2018-01-14 18:51:44 +08:00
|
|
|
virsh-completer.c virsh-completer.h \
|
2019-07-14 00:00:35 +08:00
|
|
|
virsh-completer-domain.c virsh-completer-domain.h \
|
2019-08-07 15:44:55 +08:00
|
|
|
virsh-completer-checkpoint.c virsh-completer-checkpoint.h \
|
2019-07-14 18:24:38 +08:00
|
|
|
virsh-completer-host.c virsh-completer-host.h \
|
2019-07-14 00:45:48 +08:00
|
|
|
virsh-completer-interface.c virsh-completer-interface.h \
|
2019-07-14 00:51:56 +08:00
|
|
|
virsh-completer-network.c virsh-completer-network.h \
|
2019-07-14 00:57:17 +08:00
|
|
|
virsh-completer-nodedev.c virsh-completer-nodedev.h \
|
2019-07-14 01:02:24 +08:00
|
|
|
virsh-completer-nwfilter.c virsh-completer-nwfilter.h \
|
2019-07-14 00:27:12 +08:00
|
|
|
virsh-completer-pool.c virsh-completer-pool.h \
|
2019-07-14 01:17:42 +08:00
|
|
|
virsh-completer-secret.c virsh-completer-secret.h \
|
2019-07-14 01:24:01 +08:00
|
|
|
virsh-completer-snapshot.c virsh-completer-snapshot.h \
|
2019-07-14 00:36:26 +08:00
|
|
|
virsh-completer-volume.c virsh-completer-volume.h \
|
2017-11-03 20:09:47 +08:00
|
|
|
virsh-console.c virsh-console.h \
|
|
|
|
virsh-domain.c virsh-domain.h \
|
|
|
|
virsh-domain-monitor.c virsh-domain-monitor.h \
|
|
|
|
virsh-host.c virsh-host.h \
|
|
|
|
virsh-interface.c virsh-interface.h \
|
|
|
|
virsh-network.c virsh-network.h \
|
|
|
|
virsh-nodedev.c virsh-nodedev.h \
|
|
|
|
virsh-nwfilter.c virsh-nwfilter.h \
|
|
|
|
virsh-pool.c virsh-pool.h \
|
|
|
|
virsh-secret.c virsh-secret.h \
|
|
|
|
virsh-snapshot.c virsh-snapshot.h \
|
|
|
|
virsh-util.c virsh-util.h \
|
|
|
|
virsh-volume.c virsh-volume.h \
|
2012-08-18 11:16:04 +08:00
|
|
|
$(NULL)
|
2009-09-16 19:01:53 +08:00
|
|
|
|
2013-08-20 17:20:46 +08:00
|
|
|
virsh_LDFLAGS = \
|
2017-11-03 20:09:47 +08:00
|
|
|
$(AM_LDFLAGS) \
|
|
|
|
$(PIE_LDFLAGS) \
|
2019-08-02 19:05:37 +08:00
|
|
|
$(COVERAGE_LDFLAGS) \
|
2013-08-20 17:20:46 +08:00
|
|
|
$(NULL)
|
2017-11-03 20:09:47 +08:00
|
|
|
virsh_LDADD = \
|
|
|
|
$(STATIC_BINARIES) \
|
|
|
|
../src/libvirt-lxc.la \
|
|
|
|
../src/libvirt-qemu.la \
|
2015-09-25 19:20:38 +08:00
|
|
|
libvirt_shell.la
|
2017-11-03 20:09:47 +08:00
|
|
|
virsh_CFLAGS = \
|
2017-11-16 21:35:12 +08:00
|
|
|
$(AM_CFLAGS) \
|
2017-05-27 01:43:42 +08:00
|
|
|
$(READLINE_CFLAGS)
|
2015-10-12 23:07:21 +08:00
|
|
|
|
2017-11-03 20:09:47 +08:00
|
|
|
virt_admin_SOURCES = \
|
|
|
|
virt-admin.c virt-admin.h \
|
2018-01-14 18:51:44 +08:00
|
|
|
virt-admin-completer.c virt-admin-completer.h \
|
2015-10-12 23:07:21 +08:00
|
|
|
$(NULL)
|
|
|
|
|
2017-11-03 20:09:47 +08:00
|
|
|
virt_admin_LDFLAGS = \
|
|
|
|
$(AM_LDFLAGS) \
|
2019-08-02 19:05:37 +08:00
|
|
|
$(COVERAGE_LDFLAGS) \
|
2017-11-03 20:09:47 +08:00
|
|
|
$(STATIC_BINARIES) \
|
|
|
|
$(PIE_LDFLAGS) \
|
2015-10-12 23:07:21 +08:00
|
|
|
$(NULL)
|
2017-11-03 20:09:47 +08:00
|
|
|
virt_admin_LDADD = \
|
|
|
|
../src/libvirt-admin.la \
|
|
|
|
libvirt_shell.la \
|
|
|
|
$(LIBXML_LIBS) \
|
2015-10-12 23:07:21 +08:00
|
|
|
$(NULL)
|
2017-11-03 20:09:47 +08:00
|
|
|
virt_admin_CFLAGS = \
|
2017-11-16 21:35:12 +08:00
|
|
|
$(AM_CFLAGS) \
|
2015-10-12 23:07:21 +08:00
|
|
|
$(READLINE_CFLAGS)
|
2012-05-17 23:08:53 +08:00
|
|
|
BUILT_SOURCES =
|
2009-09-16 19:01:53 +08:00
|
|
|
|
|
|
|
if WITH_WIN_ICON
|
|
|
|
virsh_LDADD += virsh_win_icon.$(OBJEXT)
|
|
|
|
|
|
|
|
# Before you edit virsh_win_icon.rc, please note the following
|
|
|
|
# limitations of the resource file format:
|
|
|
|
#
|
|
|
|
# (1) '..' is not permitted in the icon filename field.
|
|
|
|
# (2) '-' is not permitted in the icon filename field.
|
|
|
|
# (3) Comments are not permitted in the file.
|
|
|
|
#
|
|
|
|
# Windows appears to choose the first <= 32x32 icon it finds
|
|
|
|
# in the resource file. Therefore you should list the available
|
|
|
|
# icons from largest to smallest, and make sure that the 32x32
|
|
|
|
# icon is the most legible.
|
|
|
|
#
|
|
|
|
# Windows .ICO is a special MS-only format. GIMP and other
|
|
|
|
# tools can write it. However there are several variations,
|
|
|
|
# and Windows seems to do its own colour quantization. More
|
|
|
|
# information is needed in this area.
|
|
|
|
|
|
|
|
virsh_win_icon.$(OBJEXT): virsh_win_icon.rc
|
2010-03-31 20:10:08 +08:00
|
|
|
$(AM_V_GEN)$(WINDRES) \
|
2009-09-16 19:01:53 +08:00
|
|
|
--input-format rc --input $< \
|
|
|
|
--output-format coff --output $@
|
2013-09-04 10:39:16 +08:00
|
|
|
endif WITH_WIN_ICON
|
2009-09-16 19:01:53 +08:00
|
|
|
|
2019-03-15 23:47:27 +08:00
|
|
|
install-data-local: install-systemd install-nss \
|
2017-11-02 21:41:53 +08:00
|
|
|
install-bash-completion
|
2010-08-25 20:07:26 +08:00
|
|
|
|
2019-03-15 23:47:27 +08:00
|
|
|
uninstall-local: uninstall-systemd uninstall-nss \
|
2017-11-02 21:41:53 +08:00
|
|
|
uninstall-bash-completion
|
2010-08-25 20:07:26 +08:00
|
|
|
|
2011-07-07 21:45:07 +08:00
|
|
|
install-sysconfig:
|
build: follow directory install conventions
Commit 4d9e51f6 fixed a 'make uninstall' failure, but failed
to follow other conventions already present in src/Makefile.am.
In particular, we prefer MKDIR_P over mkdir -p, and should
have a matching rmdir during uninstall for every directory
created during install (the idea being that uninstall in a
DESTDIR should be clean, while installation in the final
system should not fail with non-empty directories left behind).
* tools/Makefile.am (install-sysconfig, install-initscript)
(install-systemd): Use MKDIR_P.
(uninstall-sysconfig, uninstall-initscript, uninstall-systemd):
Also remove directories.
* daemon/Makefile.am (install-data-local, install-data-polkit)
(install-logrotate, install-sysconfig, install-sysctl)
(install-init-redhat, install-init-upstart, install-init-systemd)
(install-data-sasl): Use MKDIR_P.
(uninstall-data-polkit, uninstall-sysconfig, uninstall-sysctl)
(uninstall-init-redhat, uninstall-init-upstart)
(uninstall-init-systemd): Also remove directory.
(uninstall-logrotate): New rule.
(uninstall-local): Add uninstall-logrotate.
2011-12-10 02:06:19 +08:00
|
|
|
$(MKDIR_P) $(DESTDIR)$(sysconfdir)/sysconfig
|
2011-07-07 21:45:07 +08:00
|
|
|
$(INSTALL_DATA) $(srcdir)/libvirt-guests.sysconf \
|
|
|
|
$(DESTDIR)$(sysconfdir)/sysconfig/libvirt-guests
|
|
|
|
|
|
|
|
uninstall-sysconfig:
|
|
|
|
rm -f $(DESTDIR)$(sysconfdir)/sysconfig/libvirt-guests
|
build: follow directory install conventions
Commit 4d9e51f6 fixed a 'make uninstall' failure, but failed
to follow other conventions already present in src/Makefile.am.
In particular, we prefer MKDIR_P over mkdir -p, and should
have a matching rmdir during uninstall for every directory
created during install (the idea being that uninstall in a
DESTDIR should be clean, while installation in the final
system should not fail with non-empty directories left behind).
* tools/Makefile.am (install-sysconfig, install-initscript)
(install-systemd): Use MKDIR_P.
(uninstall-sysconfig, uninstall-initscript, uninstall-systemd):
Also remove directories.
* daemon/Makefile.am (install-data-local, install-data-polkit)
(install-logrotate, install-sysconfig, install-sysctl)
(install-init-redhat, install-init-upstart, install-init-systemd)
(install-data-sasl): Use MKDIR_P.
(uninstall-data-polkit, uninstall-sysconfig, uninstall-sysctl)
(uninstall-init-redhat, uninstall-init-upstart)
(uninstall-init-systemd): Also remove directory.
(uninstall-logrotate): New rule.
(uninstall-local): Add uninstall-logrotate.
2011-12-10 02:06:19 +08:00
|
|
|
rmdir $(DESTDIR)$(sysconfdir)/sysconfig ||:
|
2011-07-07 21:45:07 +08:00
|
|
|
|
2019-03-15 23:47:27 +08:00
|
|
|
EXTRA_DIST += libvirt-guests.sh.in
|
2011-07-07 21:45:07 +08:00
|
|
|
|
2012-10-21 10:29:51 +08:00
|
|
|
libvirt-guests.sh: libvirt-guests.sh.in $(top_builddir)/config.status
|
2017-11-03 20:09:47 +08:00
|
|
|
$(AM_V_GEN)sed \
|
|
|
|
-e 's|[@]PACKAGE[@]|$(PACKAGE)|g' \
|
|
|
|
-e 's|[@]bindir[@]|$(bindir)|g' \
|
|
|
|
-e 's|[@]localedir[@]|$(localedir)|g' \
|
|
|
|
-e 's|[@]localstatedir[@]|$(localstatedir)|g' \
|
|
|
|
-e 's|[@]sbindir[@]|$(sbindir)|g' \
|
|
|
|
-e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \
|
|
|
|
< $< > $@-t && \
|
|
|
|
chmod a+x $@-t && \
|
2010-08-25 20:07:26 +08:00
|
|
|
mv $@-t $@
|
2012-10-21 10:29:51 +08:00
|
|
|
BUILT_SOURCES += libvirt-guests.sh
|
2011-07-07 21:45:07 +08:00
|
|
|
|
|
|
|
EXTRA_DIST += libvirt-guests.service.in
|
2014-01-17 20:11:58 +08:00
|
|
|
SYSTEMD_UNIT_DIR = $(prefix)/lib/systemd/system
|
2011-12-08 21:30:24 +08:00
|
|
|
|
2011-07-07 21:45:07 +08:00
|
|
|
if LIBVIRT_INIT_SCRIPT_SYSTEMD
|
2012-10-21 10:29:51 +08:00
|
|
|
install-systemd: libvirt-guests.service install-sysconfig libvirt-guests.sh
|
build: follow directory install conventions
Commit 4d9e51f6 fixed a 'make uninstall' failure, but failed
to follow other conventions already present in src/Makefile.am.
In particular, we prefer MKDIR_P over mkdir -p, and should
have a matching rmdir during uninstall for every directory
created during install (the idea being that uninstall in a
DESTDIR should be clean, while installation in the final
system should not fail with non-empty directories left behind).
* tools/Makefile.am (install-sysconfig, install-initscript)
(install-systemd): Use MKDIR_P.
(uninstall-sysconfig, uninstall-initscript, uninstall-systemd):
Also remove directories.
* daemon/Makefile.am (install-data-local, install-data-polkit)
(install-logrotate, install-sysconfig, install-sysctl)
(install-init-redhat, install-init-upstart, install-init-systemd)
(install-data-sasl): Use MKDIR_P.
(uninstall-data-polkit, uninstall-sysconfig, uninstall-sysctl)
(uninstall-init-redhat, uninstall-init-upstart)
(uninstall-init-systemd): Also remove directory.
(uninstall-logrotate): New rule.
(uninstall-local): Add uninstall-logrotate.
2011-12-10 02:06:19 +08:00
|
|
|
$(MKDIR_P) $(DESTDIR)$(SYSTEMD_UNIT_DIR)
|
2012-06-26 15:53:33 +08:00
|
|
|
$(INSTALL_DATA) libvirt-guests.service \
|
2011-12-08 21:30:24 +08:00
|
|
|
$(DESTDIR)$(SYSTEMD_UNIT_DIR)/libvirt-guests.service
|
2011-07-07 21:45:07 +08:00
|
|
|
|
2012-10-21 10:29:51 +08:00
|
|
|
uninstall-systemd: uninstall-sysconfig
|
2011-12-08 21:30:24 +08:00
|
|
|
rm -f $(DESTDIR)$(SYSTEMD_UNIT_DIR)/libvirt-guests.service
|
build: follow directory install conventions
Commit 4d9e51f6 fixed a 'make uninstall' failure, but failed
to follow other conventions already present in src/Makefile.am.
In particular, we prefer MKDIR_P over mkdir -p, and should
have a matching rmdir during uninstall for every directory
created during install (the idea being that uninstall in a
DESTDIR should be clean, while installation in the final
system should not fail with non-empty directories left behind).
* tools/Makefile.am (install-sysconfig, install-initscript)
(install-systemd): Use MKDIR_P.
(uninstall-sysconfig, uninstall-initscript, uninstall-systemd):
Also remove directories.
* daemon/Makefile.am (install-data-local, install-data-polkit)
(install-logrotate, install-sysconfig, install-sysctl)
(install-init-redhat, install-init-upstart, install-init-systemd)
(install-data-sasl): Use MKDIR_P.
(uninstall-data-polkit, uninstall-sysconfig, uninstall-sysctl)
(uninstall-init-redhat, uninstall-init-upstart)
(uninstall-init-systemd): Also remove directory.
(uninstall-logrotate): New rule.
(uninstall-local): Add uninstall-logrotate.
2011-12-10 02:06:19 +08:00
|
|
|
rmdir $(DESTDIR)$(SYSTEMD_UNIT_DIR) ||:
|
2011-07-07 21:45:07 +08:00
|
|
|
|
|
|
|
BUILT_SOURCES += libvirt-guests.service
|
|
|
|
|
2013-09-04 10:39:16 +08:00
|
|
|
else ! LIBVIRT_INIT_SCRIPT_SYSTEMD
|
2011-07-07 21:45:07 +08:00
|
|
|
install-systemd:
|
|
|
|
uninstall-systemd:
|
2013-09-04 10:39:16 +08:00
|
|
|
endif ! LIBVIRT_INIT_SCRIPT_SYSTEMD
|
2011-07-07 21:45:07 +08:00
|
|
|
|
|
|
|
libvirt-guests.service: libvirt-guests.service.in $(top_builddir)/config.status
|
2017-11-03 20:09:47 +08:00
|
|
|
$(AM_V_GEN)sed \
|
|
|
|
-e 's|[@]PACKAGE[@]|$(PACKAGE)|g' \
|
|
|
|
-e 's|[@]bindir[@]|$(bindir)|g' \
|
|
|
|
-e 's|[@]localedir[@]|$(localedir)|g' \
|
|
|
|
-e 's|[@]localstatedir[@]|$(localstatedir)|g' \
|
|
|
|
-e 's|[@]sbindir[@]|$(sbindir)|g' \
|
|
|
|
-e 's|[@]sysconfdir[@]|$(sysconfdir)|g' \
|
|
|
|
-e 's|[@]libexecdir[@]|$(libexecdir)|g' \
|
|
|
|
< $< > $@-t && \
|
2011-07-07 21:45:07 +08:00
|
|
|
mv $@-t $@
|
2010-08-25 20:07:26 +08:00
|
|
|
|
2009-04-19 23:10:45 +08:00
|
|
|
|
2017-11-02 21:41:53 +08:00
|
|
|
if WITH_BASH_COMPLETION
|
|
|
|
install-bash-completion:
|
|
|
|
$(MKDIR_P) "$(DESTDIR)$(BASH_COMPLETIONS_DIR)"
|
2020-01-31 02:29:41 +08:00
|
|
|
$(INSTALL_DATA) $(srcdir)/bash-completion/vsh \
|
2017-11-02 21:41:53 +08:00
|
|
|
"$(DESTDIR)$(BASH_COMPLETIONS_DIR)/vsh"
|
2018-01-24 23:42:00 +08:00
|
|
|
( cd $(DESTDIR)$(BASH_COMPLETIONS_DIR) && \
|
2018-02-01 01:30:55 +08:00
|
|
|
rm -f virsh virt-admin && \
|
2018-01-24 23:42:00 +08:00
|
|
|
$(LN_S) vsh virsh && \
|
|
|
|
$(LN_S) vsh virt-admin )
|
2017-11-02 21:41:53 +08:00
|
|
|
|
|
|
|
uninstall-bash-completion:
|
2018-01-24 23:42:00 +08:00
|
|
|
rm -f $(DESTDIR)$(BASH_COMPLETIONS_DIR)/vsh \
|
|
|
|
$(DESTDIR)$(BASH_COMPLETIONS_DIR)/virsh \
|
|
|
|
$(DESTDIR)$(BASH_COMPLETIONS_DIR)/virt-admin
|
2017-11-02 21:41:53 +08:00
|
|
|
rmdir $(DESTDIR)$(BASH_COMPLETIONS_DIR) ||:
|
|
|
|
else ! WITH_BASH_COMPLETION
|
|
|
|
install-bash-completion:
|
|
|
|
uninstall-bash-completion:
|
|
|
|
endif ! WITH_BASH_COMPLETION
|
|
|
|
|
|
|
|
|
2019-02-08 16:10:24 +08:00
|
|
|
EXTRA_DIST += wireshark/util/genxdrstub.pl
|
2016-01-11 04:35:36 +08:00
|
|
|
|
|
|
|
if WITH_WIRESHARK_DISSECTOR
|
|
|
|
|
|
|
|
ws_plugin_LTLIBRARIES = wireshark/src/libvirt.la
|
2017-11-16 21:34:31 +08:00
|
|
|
wireshark_src_libvirt_la_CFLAGS = \
|
2017-11-16 21:24:45 +08:00
|
|
|
-I wireshark/src $(WIRESHARK_DISSECTOR_CFLAGS) $(XDR_CFLAGS)
|
2016-01-11 04:35:36 +08:00
|
|
|
wireshark_src_libvirt_la_LDFLAGS = -avoid-version -module
|
|
|
|
wireshark_src_libvirt_la_SOURCES = \
|
|
|
|
wireshark/src/packet-libvirt.h \
|
2019-02-08 16:10:24 +08:00
|
|
|
wireshark/src/packet-libvirt.c \
|
|
|
|
wireshark/src/plugin.c
|
2016-01-11 04:35:36 +08:00
|
|
|
|
|
|
|
wireshark/src/packet-libvirt.c: wireshark/src/packet-libvirt.h \
|
|
|
|
wireshark/src/libvirt/protocol.h
|
|
|
|
|
|
|
|
WS_DISSECTOR_PROTO_FILES = \
|
|
|
|
$(abs_top_srcdir)/src/remote/remote_protocol.x \
|
|
|
|
$(abs_top_srcdir)/src/remote/qemu_protocol.x \
|
|
|
|
$(abs_top_srcdir)/src/remote/lxc_protocol.x \
|
|
|
|
$(abs_top_srcdir)/src/rpc/virkeepaliveprotocol.x
|
|
|
|
|
|
|
|
wireshark/src/libvirt/protocol.h: wireshark/util/genxdrstub.pl \
|
|
|
|
$(WS_DISSECTOR_PROTO_FILES)
|
2017-08-05 01:12:13 +08:00
|
|
|
$(AM_V_GEN)$(MKDIR_P) wireshark/src/libvirt && \
|
2016-01-11 04:35:36 +08:00
|
|
|
cd wireshark/src && \
|
|
|
|
LIBVIRT_VERSION=$(LIBVIRT_VERSION) \
|
|
|
|
$(PERL) $(abs_top_srcdir)/tools/wireshark/util/genxdrstub.pl \
|
|
|
|
$(WS_DISSECTOR_PROTO_FILES)
|
|
|
|
|
|
|
|
endif WITH_WIRESHARK_DISSECTOR
|
|
|
|
|
2016-03-28 02:07:10 +08:00
|
|
|
if WITH_BSD_NSS
|
|
|
|
LIBVIRT_NSS_SYMBOL_FILE = \
|
|
|
|
$(srcdir)/nss/libvirt_nss_bsd.syms
|
2016-11-29 20:48:53 +08:00
|
|
|
LIBVIRT_GUEST_NSS_SYMBOL_FILE = \
|
|
|
|
$(LIBVIRT_NSS_SYMBOL_FILE)
|
2016-03-28 02:07:10 +08:00
|
|
|
NSS_SO_VER = 1
|
|
|
|
|
2016-04-20 16:14:23 +08:00
|
|
|
install-nss:
|
2016-04-21 01:24:22 +08:00
|
|
|
( cd $(DESTDIR)$(libdir) && \
|
2016-04-21 19:16:56 +08:00
|
|
|
rm -f nss_libvirt.so.$(NSS_SO_VER) && \
|
2016-11-29 20:48:53 +08:00
|
|
|
$(LN_S) libnss_libvirt.so.$(NSS_SO_VER) nss_libvirt.so.$(NSS_SO_VER) && \
|
|
|
|
rm -f nss_libvirt_guest.so.$(NSS_SO_VER) && \
|
|
|
|
$(LN_S) libnss_libvirt_guest.so.$(NSS_SO_VER) \
|
|
|
|
nss_libvirt_guest.so.$(NSS_SO_VER))
|
2016-03-28 02:07:10 +08:00
|
|
|
|
2016-04-20 16:14:23 +08:00
|
|
|
uninstall-nss:
|
2016-04-19 17:08:48 +08:00
|
|
|
-rm -f $(DESTDIR)$(libdir)/nss_libvirt.so.$(NSS_SO_VER)
|
2016-11-29 20:48:53 +08:00
|
|
|
-rm -f $(DESTDIR)$(libdir)/nss_libvirt_guest.so.$(NSS_SO_VER)
|
2016-03-28 02:07:10 +08:00
|
|
|
else ! WITH_BSD_NSS
|
2016-02-13 16:27:50 +08:00
|
|
|
LIBVIRT_NSS_SYMBOL_FILE = \
|
|
|
|
$(srcdir)/nss/libvirt_nss.syms
|
2016-11-29 20:48:53 +08:00
|
|
|
LIBVIRT_GUEST_NSS_SYMBOL_FILE = \
|
|
|
|
$(srcdir)/nss/libvirt_guest_nss.syms
|
2016-03-28 02:07:10 +08:00
|
|
|
NSS_SO_VER = 2
|
2016-04-20 16:14:23 +08:00
|
|
|
|
|
|
|
install-nss:
|
|
|
|
uninstall-nss:
|
2016-03-28 02:07:10 +08:00
|
|
|
endif ! WITH_BSD_NSS
|
2016-02-13 16:27:50 +08:00
|
|
|
|
|
|
|
LIBVIRT_NSS_SOURCES = \
|
2017-11-03 20:09:47 +08:00
|
|
|
nss/libvirt_nss.c \
|
2019-07-31 17:40:39 +08:00
|
|
|
nss/libvirt_nss.h \
|
|
|
|
nss/libvirt_nss_leases.c \
|
|
|
|
nss/libvirt_nss_leases.h \
|
|
|
|
$(NULL)
|
2016-02-13 16:27:50 +08:00
|
|
|
|
2016-03-20 00:56:02 +08:00
|
|
|
if WITH_NSS
|
2016-02-13 16:27:50 +08:00
|
|
|
noinst_LTLIBRARIES += nss/libnss_libvirt_impl.la
|
|
|
|
nss_libnss_libvirt_impl_la_SOURCES = \
|
|
|
|
$(LIBVIRT_NSS_SOURCES)
|
|
|
|
|
2019-08-08 17:23:26 +08:00
|
|
|
nss_libnss_libvirt_impl_la_CPPFLAGS = $(STANDALONE_CPPFLAGS)
|
2016-02-13 16:27:50 +08:00
|
|
|
nss_libnss_libvirt_impl_la_CFLAGS = \
|
2017-11-03 20:09:47 +08:00
|
|
|
-DLIBVIRT_NSS \
|
2019-07-31 17:40:39 +08:00
|
|
|
$(YAJL_CFLAGS) \
|
2017-11-03 20:09:47 +08:00
|
|
|
$(AM_CFLAGS) \
|
2017-11-16 21:35:12 +08:00
|
|
|
$(NULL)
|
2016-02-14 18:38:37 +08:00
|
|
|
|
|
|
|
nss_libnss_libvirt_impl_la_LIBADD = \
|
2019-07-31 21:48:50 +08:00
|
|
|
$(YAJL_LIBS) \
|
|
|
|
$(NULL)
|
2016-02-13 16:27:50 +08:00
|
|
|
|
|
|
|
nss_libnss_libvirt_la_SOURCES =
|
|
|
|
nss_libnss_libvirt_la_LDFLAGS = \
|
2017-11-03 20:09:47 +08:00
|
|
|
$(VERSION_SCRIPT_FLAGS)$(LIBVIRT_NSS_SYMBOL_FILE) \
|
2016-02-13 16:27:50 +08:00
|
|
|
$(AM_LDFLAGS) \
|
|
|
|
-module \
|
|
|
|
-export-dynamic \
|
|
|
|
-avoid-version \
|
|
|
|
-shared \
|
2016-03-28 02:07:10 +08:00
|
|
|
-shrext .so.$(NSS_SO_VER)
|
2016-02-13 16:27:50 +08:00
|
|
|
|
2017-11-03 20:09:47 +08:00
|
|
|
nss_libnss_libvirt_la_LIBADD = \
|
2016-02-13 16:27:50 +08:00
|
|
|
nss/libnss_libvirt_impl.la
|
|
|
|
|
2019-07-16 18:06:20 +08:00
|
|
|
nss_libnss_libvirt_la_DEPENDENCIES = \
|
|
|
|
$(nss_libnss_libvirt_la_LIBADD) \
|
|
|
|
$(LIBVIRT_NSS_SYMBOL_FILE)
|
|
|
|
|
2016-11-29 20:48:53 +08:00
|
|
|
noinst_LTLIBRARIES += nss/libnss_libvirt_guest_impl.la
|
|
|
|
nss_libnss_libvirt_guest_impl_la_SOURCES = \
|
2019-07-31 17:40:39 +08:00
|
|
|
$(LIBVIRT_NSS_SOURCES) \
|
|
|
|
nss/libvirt_nss_macs.h \
|
|
|
|
nss/libvirt_nss_macs.c \
|
|
|
|
$(NULL)
|
2016-11-29 20:48:53 +08:00
|
|
|
|
2019-08-08 17:23:26 +08:00
|
|
|
nss_libnss_libvirt_guest_impl_la_CPPFLAGS = $(STANDALONE_CPPFLAGS)
|
2016-11-29 20:48:53 +08:00
|
|
|
nss_libnss_libvirt_guest_impl_la_CFLAGS = \
|
2017-11-03 20:09:47 +08:00
|
|
|
-DLIBVIRT_NSS \
|
|
|
|
-DLIBVIRT_NSS_GUEST \
|
2019-07-31 17:40:39 +08:00
|
|
|
$(YAJL_CFLAGS) \
|
2017-11-03 20:09:47 +08:00
|
|
|
$(AM_CFLAGS) \
|
2017-11-16 21:35:12 +08:00
|
|
|
$(NULL)
|
2016-11-29 20:48:53 +08:00
|
|
|
|
|
|
|
nss_libnss_libvirt_guest_impl_la_LIBADD = \
|
2019-07-31 21:48:50 +08:00
|
|
|
$(YAJL_LIBS) \
|
|
|
|
$(NULL)
|
2016-11-29 20:48:53 +08:00
|
|
|
|
|
|
|
nss_libnss_libvirt_guest_la_SOURCES =
|
|
|
|
nss_libnss_libvirt_guest_la_LDFLAGS = \
|
2017-11-03 20:09:47 +08:00
|
|
|
$(VERSION_SCRIPT_FLAGS)$(LIBVIRT_GUEST_NSS_SYMBOL_FILE) \
|
2016-11-29 20:48:53 +08:00
|
|
|
$(AM_LDFLAGS) \
|
|
|
|
-module \
|
|
|
|
-export-dynamic \
|
|
|
|
-avoid-version \
|
|
|
|
-shared \
|
|
|
|
-shrext .so.$(NSS_SO_VER)
|
|
|
|
|
2017-11-03 20:09:47 +08:00
|
|
|
nss_libnss_libvirt_guest_la_LIBADD = \
|
2016-11-29 20:48:53 +08:00
|
|
|
nss/libnss_libvirt_guest_impl.la
|
|
|
|
|
2019-07-16 18:06:20 +08:00
|
|
|
nss_libnss_libvirt_guest_la_DEPENDENCIES = \
|
|
|
|
$(nss_libnss_libvirt_guest_la_LIBADD) \
|
|
|
|
$(LIBVIRT_GUEST_NSS_SYMBOL_FILE)
|
|
|
|
|
2016-02-13 16:27:50 +08:00
|
|
|
lib_LTLIBRARIES = \
|
2016-11-29 20:48:53 +08:00
|
|
|
nss/libnss_libvirt.la \
|
|
|
|
nss/libnss_libvirt_guest.la
|
2016-02-13 16:27:50 +08:00
|
|
|
|
|
|
|
endif WITH_NSS
|
|
|
|
|
2016-04-09 13:17:14 +08:00
|
|
|
EXTRA_DIST += $(LIBVIRT_NSS_SOURCES) \
|
|
|
|
$(srcdir)/nss/libvirt_nss.syms \
|
2017-11-03 20:09:47 +08:00
|
|
|
$(srcdir)/nss/libvirt_nss_bsd.syms \
|
2016-11-29 20:48:53 +08:00
|
|
|
$(srcdir)/nss/libvirt_guest_nss.syms
|
2016-01-11 04:35:36 +08:00
|
|
|
|
|
|
|
clean-local:
|
|
|
|
-rm -rf wireshark/src/libvirt
|
|
|
|
|
|
|
|
CLEANFILES += $(bin_SCRIPTS)
|
2010-11-18 01:38:59 +08:00
|
|
|
CLEANFILES += *.gcov .libs/*.gcda .libs/*.gcno *.gcno *.gcda *.i *.s
|
2009-04-19 23:10:45 +08:00
|
|
|
|
2011-10-12 05:10:17 +08:00
|
|
|
DISTCLEANFILES += $(BUILT_SOURCES)
|