Commit Graph

24 Commits

Author SHA1 Message Date
Daniel P. Berrange 3e2f27e13b Don't link virt-login-shell against libvirt.so (CVE-2013-4400)
The libvirt.so library has far too many library deps to allow
linking against it from setuid programs. Those libraries can
do stuff in __attribute__((constructor) functions which is
not setuid safe.

The virt-login-shell needs to link directly against individual
files that it uses, with all library deps turned off except
for libxml2 and libselinux.

Create a libvirt-setuid-rpc-client.la library which is linked
to by virt-login-shell. A config-post.h file allows this library
to disable all external deps except libselinux and libxml2.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-10-21 14:03:52 +01:00
Eric Blake d7f53c7b97 maint: use LGPL correctly
Several files called out COPYING or COPYING.LIB instead of using
the normal boilerplate.  It's especially important that we don't
call out COPYING from an LGPL file, since COPYING is traditionally
used for the GPL.  A few files were lacking copyright altogether.

* src/rpc/gendispatch.pl: Add missing copyright.
* Makefile.nonreentrant: Likewise.
* src/check-symfile.pl: Likewise.
* src/check-symsorting.pl: Likewise.
* src/driver.h: Likewise.
* src/internal.h: Likewise.
* tools/libvirt-guests.sh.in: Likewise.
* tools/virt-pki-validate.in: Mention copyright in comment, not just code.
* tools/virt-sanlock-cleanup.in: Likewise.
* src/rpc/genprotocol.pl: Spell out license terms.
* src/xen/xend_internal.h: Likewise.
* src/xen/xend_internal.c: Likewise.
* Makefile.am: Likewise.
* daemon/Makefile.am: Likewise.
* docs/Makefile.am: Likewise.
* docs/schemas/Makefile.am: Likewise.
* examples/apparmor/Makefile.am: Likewise.
* examples/domain-events/events-c/Makefile.am: Likewise.
* examples/dominfo/Makefile.am: Likewise.
* examples/domsuspend/Makefile.am: Likewise.
* examples/hellolibvirt/Makefile.am: Likewise.
* examples/openauth/Makefile.am: Likewise.
* examples/python/Makefile.am: Likewise.
* examples/systemtap/Makefile.am: Likewise.
* examples/xml/nwfilter/Makefile.am: Likewise.
* gnulib/lib/Makefile.am: Likewise.
* gnulib/tests/Makefile.am: Likewise.
* include/Makefile.am: Likewise.
* include/libvirt/Makefile.am: Likewise.
* python/Makefile.am: Likewise.
* python/tests/Makefile.am: Likewise.
* src/Makefile.am: Likewise.
* tests/Makefile.am: Likewise.
* tools/Makefile.am: Likewise.
* configure.ac: Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-05-20 14:03:48 -06:00
Eric Blake 29db7a0072 build: update to latest gnulib
Pick up recent gnulib improvements.

* .gnulib: Update to latest.
* bootstrap: Resync.
* bootstrap.conf (gnulib_tool_option_extras): Adjust to bootstrap
changes.
* gnulib/lib/Makefile.am: Likewise.
2012-01-12 15:47:54 -07:00
Matthias Bolte b590866bdb freebsd: Fix build problem due to picking up the wrong libvirt.h
Gettext annoyingly modifies CPPFLAGS in-place, putting
-I/usr/local/include into the search patch if libintl headers
must be used from that location.  But since we must support
automake 1.9.6 which lacks AM_CPPFLAGS, and since CPPFLAGS is used
prior to INCLUDES, this means that the build picks up the _old_
installed libvirt.h in priority to the in-tree version, leading
to all sorts of weird build failures on FreeBSD.

Fix this by teaching configure to undo gettext's actions, but
to keep any changes required by gettext at the end of INCLUDES
after all in-tree locations are used first.  Also requires
adding a wrapper Makefile.am and making gnulib-tool create
just gnulib.mk files during the bootstrap process.

Signed-off-by: Eric Blake <eblake@redhat.com>
2011-07-29 07:35:54 -06:00
Jim Meyering 7bb22f58b8 make .gnulib a submodule
This makes it so we record (via a git submodule)
a snapshot of whatever version of gnulib we're using,
and none of gnulib sources are in the libvirt repository.
The result is that we have as much reproducibility as when
we version-controlled imported copies of the gnulib sources,
but without the hassle of the manual process we used when
syncing with upstream.

Note that when you clone libvirt, you get only the libvirt
repository, but when you first run ./bootstrap, it clones
gnulib (at the SHA1 recorded via the submodule), creating
the .gnulib/ hierarchy.  Then, the bootstrap script runs
gnulib-tool to populate gnulib/ with the files that make
up the selected modules.

Put the following in your ~/.gitconfig file.
[alias]
  syncsub = submodule foreach git pull origin master

The update procedure is simple:
  git syncsub
  ...build & test...
  git commit -m 'gnulib: sync submodule to latest' .gnulib

* .gitmodules: New file.
* .gnulib: Initialize.
* bootstrap: Set up to use the new submodule.
Stop using --no-vc-files.
Don't remove .gitignore files.
Don't use or create .cvsignore.
Diagnose an invalid --gnulib-srcdir=DIR argument.
* build-aux/vc-list-files: Delete file, now pulled from gnulib.
* build-aux/useless-if-before-free: Likewise.
* po/POTFILES.in: Remove gnulib/lib/gai_strerror.c, since
it no longer contains translatable strings.
* gnulib/*: Remove gnulib/ hierarchy.
2009-07-08 16:17:51 +02:00
Jim Meyering 4e8f63fdaa use gnulib's stpcpy module
* bootstrap (modules): Add stpcpy, and pull in gnulib bits:
* gnulib/lib/stpcpy.c: New file.
* gnulib/m4/stpcpy.m4: New file.
* gnulib/lib/Makefile.am: Update.
* gnulib/m4/gnulib-cache.m4: Update.
* gnulib/m4/gnulib-comp.m4: Update.
2009-01-27 10:30:30 +00:00
Jim Meyering aa7c4102aa update from gnulib 2009-01-27 10:29:55 +00:00
Daniel P. Berrange 89408fd3a0 Refresh GNULIB, also pulling in random_r module 2009-01-20 21:05:33 +00:00
Jim Meyering 55d0a68596 bootstrap: pull in gnulib's ioctl module
* bootstrap: Invoke gnulib-tool with its --no-vc-files
option, since we version-control the files it imports.
This tells it not to mark imported files as cvs-ignored.
(modules): Add ioctl.
* gnulib/lib/ioctl.c: New file.
* gnulib/lib/sys_ioctl.in.h: New file.
* gnulib/tests/sys_ioctl.in.h: Removed.
* gnulib/tests/ioctl.c: Removed.
* gnulib/lib/Makefile.am: Update.
* gnulib/m4/gnulib-cache.m4: Likewise.
* gnulib/m4/gnulib-comp.m4: Likewise.
* gnulib/tests/Makefile.am: Likewise.
* gnulib/lib/.cvsignore: Ignore sys_ioctl.h.
* gnulib/lib/.gitignore: Regenerate.
2009-01-07 17:10:00 +00:00
Jim Meyering 6c996bfc8f update from gnulib; use its time_r module for localtime_r on mingw
* bootstrap (modules): Add time_r.
* gnulib/m4/time_h.m4: New file.
* gnulib/m4/time_r.m4: New file.
* gnulib/lib/time_r.c: New file.
* gnulib/tests/test-time.c: New file.
* gnulib/lib/time.in.h: New file.
* gnulib/lib/Makefile.am: Update.
* gnulib/lib/fseeko.c: Likewise.
* gnulib/lib/lstat.c: Likewise.
* gnulib/lib/netdb.in.h: Likewise.
* gnulib/lib/stdint.in.h: Likewise.
* gnulib/lib/stdlib.in.h: Likewise.
* gnulib/lib/sys_select.in.h: Likewise.
* gnulib/lib/sys_stat.in.h: Likewise.
* gnulib/lib/sys_time.in.h: Likewise.
* gnulib/lib/unistd.in.h: Likewise.
* gnulib/lib/wchar.in.h: Likewise.
* gnulib/m4/codeset.m4: Likewise.
* gnulib/m4/errno_h.m4: Likewise.
* gnulib/m4/extensions.m4: Likewise.
* gnulib/m4/getaddrinfo.m4: Likewise.
* gnulib/m4/gettext.m4: Likewise.
* gnulib/m4/glibc2.m4: Likewise.
* gnulib/m4/glibc21.m4: Likewise.
* gnulib/m4/gnulib-cache.m4: Likewise.
* gnulib/m4/gnulib-comp.m4: Likewise.
* gnulib/m4/iconv.m4: Likewise.
* gnulib/m4/include_next.m4: Likewise.
* gnulib/m4/intdiv0.m4: Likewise.
* gnulib/m4/intlmacosx.m4: Likewise.
* gnulib/m4/intmax.m4: Likewise.
* gnulib/m4/inttypes-pri.m4: Likewise.
* gnulib/m4/inttypes_h.m4: Likewise.
* gnulib/m4/lcmessage.m4: Likewise.
* gnulib/m4/lib-link.m4: Likewise.
* gnulib/m4/lstat.m4: Likewise.
* gnulib/m4/netdb_h.m4: Likewise.
* gnulib/m4/nls.m4: Likewise.
* gnulib/m4/po.m4: Likewise.
* gnulib/m4/printf-posix.m4: Likewise.
* gnulib/m4/printf.m4: Likewise.
* gnulib/m4/progtest.m4: Likewise.
* gnulib/m4/size_max.m4: Likewise.
* gnulib/m4/sockets.m4: Likewise.
* gnulib/m4/stdint.m4: Likewise.
* gnulib/m4/stdint_h.m4: Likewise.
* gnulib/m4/sys_ioctl_h.m4: Likewise.
* gnulib/m4/threadlib.m4: Likewise.
* gnulib/m4/uintmax_t.m4: Likewise.
* gnulib/m4/visibility.m4: Likewise.
* gnulib/m4/wchar.m4: Likewise.
* gnulib/m4/wchar_t.m4: Likewise.
* gnulib/m4/wint_t.m4: Likewise.
* gnulib/m4/xsize.m4: Likewise.
* gnulib/tests/Makefile.am: Likewise.
* gnulib/tests/sockets.h: Likewise.
* gnulib/tests/.cvsignore: Likewise.
* gnulib/tests/.gitignore: Likewise.
* tests/.gitignore: Likewise.
* docs/examples/.gitignore: Likewise.
* gnulib/lib/.cvsignore: Likewise.
* gnulib/lib/.gitignore: Likewise.

remove files associated with obsolete strpbrk module
* gnulib/lib/strpbrk.c: Remove file.
* gnulib/m4/strpbrk.m4: Remove file.
2009-01-06 20:12:50 +00:00
Jim Meyering 75e69df956 updates from gnulib 2008-10-28 17:47:12 +00:00
Jim Meyering 7846f71fb3 add the mkstemp module from gnulib
* bootstrap (modules): Add mkstemp.
The remainder of these changes are the result of running
./bootstrap, adding new files, and committing the result.
* gnulib/lib/gettimeofday.c: New file.
* gnulib/lib/mkstemp.c: New file.
* gnulib/lib/tempname.c: New file.
* gnulib/lib/tempname.h: New file.
* gnulib/m4/gettimeofday.m4: New file.
* gnulib/m4/mkstemp.m4: New file.
* gnulib/m4/tempname.m4: New file.
* gnulib/tests/test-gettimeofday.c: New file.
* gnulib/lib/Makefile.am: Update.
* gnulib/m4/gnulib-cache.m4: Likewise.
* gnulib/m4/gnulib-comp.m4: Likewise.
* gnulib/m4/inet_pton.m4: Likewise.
* gnulib/tests/Makefile.am: Likewise.
2008-08-07 13:02:45 +00:00
Jim Meyering 57f15f779f update from gnulib
* build-aux/mktempd (rand_bytes, mktempd):
* build-aux/useless-if-before-free (FILE):
* build-aux/vc-list-files:
* gnulib/lib/.cvsignore:
* gnulib/lib/Makefile.am:
* gnulib/lib/poll.c (poll):
* gnulib/lib/stdbool.in.h (_GL_STDBOOL_H, true):
* gnulib/lib/stdio-impl.h (fp_, fp_ub):
* gnulib/lib/stdio.in.h (vasprintf, obstack_printf)
(obstack_vprintf):
* gnulib/lib/vasnprintf.c (_GNU_SOURCE, sprintf, IF_LINT, exp)
(remainder, scale10_round_decimal_long_double)
(scale10_round_decimal_double, pad_ourselves):
* gnulib/m4/gnulib-cache.m4:
* gnulib/m4/gnulib-common.m4 (gl_MODULE_INDICATOR):
* gnulib/m4/gnulib-tool.m4 (gl_LOCAL_DIR, gl_M4_BASE, gl_PO_BASE)
(gl_DOC_BASE, gl_TESTS_BASE, gl_WITH_TESTS, gl_LIB, gl_LGPL)
(gl_MAKEFILE_NAME, gl_MACRO_PREFIX, gl_PO_DOMAIN, gl_VC_FILES):
* gnulib/m4/lock.m4 (gl_LOCK_EARLY_BODY, gl_PREREQ_LOCK)
(gl_DISABLE_THREADS):
* gnulib/m4/onceonly.m4:
* gnulib/m4/posix-shell.m4 (gl_POSIX_SHELL):
* gnulib/m4/stdio_h.m4 (gl_STDIO_H_DEFAULTS):
* gnulib/tests/test-getaddrinfo.c (ENABLE_DEBUGGING, dbgprintf)
(simple):
* gnulib/tests/test-stdint.c (UINTMAX_MAX, or):
* gnulib/tests/test-vc-list-files-cvs.sh (compare):
* gnulib/tests/test-vc-list-files-git.sh (compare):
2008-08-07 09:42:29 +00:00
Daniel P. Berrange 098ba1a433 Add support for -drive QEMU syntax, and virtio bus / disk type 2008-05-09 16:41:19 +00:00
Jim Meyering 82892f131b Prepare to use gnulib's c-type module.
* bootstrap: Move module list into separate variable w/less syntax.
(modules): Add c-ctype.
Update the following from gnulib:
* build-aux/useless-if-before-free:
* build-aux/vc-list-files:
* gnulib/lib/Makefile.am:
* gnulib/lib/getaddrinfo.h:
* gnulib/m4/gnulib-cache.m4:
* gnulib/m4/gnulib-comp.m4:
* gnulib/m4/inet_ntop.m4:
* gnulib/tests/Makefile.am:
* gnulib/tests/test-getaddrinfo.c:
2008-05-09 13:46:09 +00:00
Jim Meyering 130426c659 update from gnulib
* gnulib/lib/inet_ntop.h: Remove file.
* gnulib/m4/onceonly_2_57.m4: Remove file.
* build-aux/useless-if-before-free: Update.
* build-aux/vc-list-files: Update.
* gnulib/lib/.cvsignore: Update.
* gnulib/lib/Makefile.am: Update.
* gnulib/lib/fseeko.c: Update.
* gnulib/lib/getaddrinfo.c: Update.
* gnulib/lib/getdelim.c: Update.
* gnulib/lib/inet_ntop.c: Update.
* gnulib/lib/inet_ntop.h: Update.
* gnulib/lib/poll.c: Update.
* gnulib/lib/snprintf.c: Update.
* gnulib/lib/stdlib.in.h: Update.
* gnulib/lib/string.in.h: Update.
* gnulib/lib/sys_socket.in.h: Update.
* gnulib/lib/sys_stat.in.h: Update.
* gnulib/lib/vasnprintf.c: Update.
* gnulib/lib/vasprintf.c: Update.
* gnulib/lib/wchar.in.h: Update.
* gnulib/m4/arpa_inet_h.m4: Update.
* gnulib/m4/extensions.m4: Update.
* gnulib/m4/gnulib-common.m4: Update.
* gnulib/m4/gnulib-comp.m4: Update.
* gnulib/m4/include_next.m4: Update.
* gnulib/m4/inet_ntop.m4: Update.
* gnulib/m4/netinet_in_h.m4: Update.
* gnulib/m4/onceonly_2_57.m4: Update.
* gnulib/m4/physmem.m4: Update.
* gnulib/m4/snprintf.m4: Update.
* gnulib/m4/stdint.m4: Update.
* gnulib/m4/stdio_h.m4: Update.
* gnulib/m4/stdlib_h.m4: Update.
* gnulib/m4/string_h.m4: Update.
* gnulib/m4/strndup.m4: Update.
* gnulib/m4/sys_select_h.m4: Update.
* gnulib/m4/sys_socket_h.m4: Update.
* gnulib/m4/sys_stat_h.m4: Update.
* gnulib/m4/vasnprintf.m4: Update.
* gnulib/tests/Makefile.am: Update.
* gnulib/tests/test-fseeko.c: Update.
* gnulib/tests/test-getaddrinfo.c: Update.
* gnulib/tests/test-getdelim.c: Update.
* gnulib/tests/test-getline.c: Update.
* gnulib/tests/test-lseek.c: Update.
* gnulib/tests/test-snprintf.c: Update.
* gnulib/tests/test-sys_stat.c: Update.
* gnulib/tests/test-vasnprintf.c: Update.
* gnulib/tests/test-vasprintf.c: Update.
2008-04-29 19:52:26 +00:00
Jim Meyering f15efcdf27 Add new testing framework and the first test to use it.
* tests/Makefile.am (test_scripts): Add vcpupin.
(EXTRA_DIST): Add test-lib.sh.
* tests/test-lib.sh: Testing framework, from coreutils.
* tests/vcpupin: New file.
* build-aux/mktempd: New file, from gnulib.
* bootstrap: Add posix-shell and mktempd to the list of imported modules.
* gnulib/m4/posix-shell.m4: New file, from gnulib.
2008-03-24 10:19:36 +00:00
Jim Meyering 26709f561f Pull useless-if-before-free from gnulib, and update.
* bootstrap (gnulib_tool): Add useless-if-before-free to
the list of modules.
* build-aux/useless-if-before-free: Update from gnulib.
* gnulib/lib/vasnprintf.c: Work around a bug in HPUX 10.20.
* gnulib/m4/vasnprintf.m4: Likewise.
2008-02-13 21:52:19 +00:00
Jim Meyering aa290a3ece Pull vc-list-files from gnulib, and update.
* bootstrap (gnulib_tool): Add the vc-list-files module.
2008-02-01 19:47:07 +00:00
Jim Meyering bc48db5758 Update from gnulib
* lib/poll.c: Update.
* lib/string.in.h: Update.
* m4/string_h.m4: Update.
* tests/test-getaddrinfo.c: Update.
* lib/Makefile.am: Regenerate.
2008-01-29 18:17:47 +00:00
Jim Meyering 32d4aeb162 Update from gnulib. 2008-01-14 14:07:25 +00:00
Jim Meyering ac6bb7e131 Add gnulib-tool unit tests.
* bootstrap: Re-add --with-tests, now that gnulib-tool
arranges to use separate libraries for lib/ and tests/.
* configure.in (AC_OUTPUT): Add gnulib/tests/Makefile.in.
* Makefile.am (SUBDIRS): Add gnulib/tests.
* gnulib/tests/Makefile.am: New file.
* gnulib/lib/.cvsignore: Sort.
* gnulib/lib/Makefile.am, gnulib/m4/getdelim.m4, gnulib/m4/getline.m4:
* gnulib/m4/gnulib-cache.m4, gnulib/m4/gnulib-comp.m4: Regenerate.
* gnulib/tests/test-alloca-opt.c: New file, from gnulib.
* gnulib/tests/test-arpa_inet.c: Likewise.
* gnulib/tests/test-fseeko.c: Likewise.
* gnulib/tests/test-fseeko.sh: Likewise.
* gnulib/tests/test-getaddrinfo.c: Likewise.
* gnulib/tests/test-getdelim.c: Likewise.
* gnulib/tests/test-getline.c: Likewise.
* gnulib/tests/test-lseek.c: Likewise.
* gnulib/tests/test-lseek.sh: Likewise.
* gnulib/tests/test-netinet_in.c: Likewise.
* gnulib/tests/test-snprintf.c: Likewise.
* gnulib/tests/test-stdbool.c: Likewise.
* gnulib/tests/test-stdint.c: Likewise.
* gnulib/tests/test-stdio.c: Likewise.
* gnulib/tests/test-stdlib.c: Likewise.
* gnulib/tests/test-string.c: Likewise.
* gnulib/tests/test-sys_select.c: Likewise.
* gnulib/tests/test-sys_socket.c: Likewise.
* gnulib/tests/test-sys_stat.c: Likewise.
* gnulib/tests/test-sys_time.c: Likewise.
* gnulib/tests/test-unistd.c: Likewise.
* gnulib/tests/test-vasnprintf.c: Likewise.
* gnulib/tests/test-vasprintf.c: Likewise.
* gnulib/tests/test-wchar.c: Likewise.
* gnulib/tests/dummy.c: Likewise.
* gnulib/tests/intprops.h: Likewise.
* gnulib/tests/verify.h: Likewise.
2007-12-10 18:26:56 +00:00
Richard W.M. Jones 532759a593 Fri Dec 7 14:27:00 UTC 2007 Richard W.M. Jones <rjones@redhat.com>
* bootstrap, Makefile.am, gnulib/*: Import more gnulib
	  modules for use by MinGW Windows port.
2007-12-07 14:32:35 +00:00
Jim Meyering 4c6bef2a6c Add all of the files pulled in by running ./bootstrap.
Adjust .cvsignore files.


Author: Jim Meyering <meyering@redhat.com>
2007-12-05 21:35:32 +00:00