Commit Graph

420 Commits

Author SHA1 Message Date
Dan Walsh 54d69f540c Introduce a virt-login-shell binary
Add a virt-login-shell binary that can be set as a user's
shell, such that when they login, it causes them to enter
the LXC container with a name matching their user name.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-08 16:36:31 +01:00
Jiri Denemark 010065d702 spec: Explicitly claim ownership of channel subdir
As both /var/lib/libvirt/qemu and /var/lib/libvirt/qemu/channel/target
are owned by us, the intermediate /var/lib/libvirt/qemu/channel should
be owned by us too.
2013-08-02 17:22:33 +02:00
Daniel P. Berrange 311eae8257 Remove reference to python/tests from RPM %doc
The python/tests files were recently deleted, but a reference was
left in the RPM %doc entry

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-08-02 16:29:43 +02:00
Jiri Denemark 462863a3ee spec: Don't mix commands with macro definitions
%build section should first define all required macros and then run
commands. Interleaving them makes it harder to spot what commands are
run.
2013-07-30 17:13:40 +02:00
Jiri Denemark d5cd5bf031 spec: Use --enable-werror on RHEL
As RHEL provides a stable tool chain, we don't have to worry about
frequent changes in reported compiler warnings (which prevents us from
enabling -Werror unconditionally).
2013-07-30 17:05:44 +02:00
Jiri Denemark a718d28279 spec: RHEL-7 does not have sanlock on i686 2013-07-30 17:05:44 +02:00
Peter Krempa 9c7de20a2b spec: Disable libssh2 support for RHEL
https://bugzilla.redhat.com/show_bug.cgi?id=905513

Libssh2 isn't reliable enough to support the libvirt transport using it.
The problems include mishandling of "known_hosts" files that may confuse
users.
2013-07-30 17:05:43 +02:00
Daniel P. Berrange 6aa5ebbecd Support apparmor in RPM spec
If libapparmor-devel happens to be installed when building the
RPM, it will failed due to unlisted virt-aa-helper in %files.
Add support for apparmor in the spec, so that we can explicitly
turn it on/off, defaulting to off in all distros. This causes
--without-apparmor to be given to configure, preventing the
build failures if the user happens to have libapparmor-devel
present.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-30 14:13:58 +01:00
Jiri Denemark 095ba43903 spec: Cat test-suite.log if make check fails
Current automake enables parallel test by default, which means test
details are only logged in test-suite.log and not printed to stderr.
This patch makes test failures directly visible in RPM build logs even
when parallel tests are turned on.
2013-07-29 18:14:02 +02:00
Cole Robinson 3347a42032 python: Drop TODO
File hasn't been really touched for 7 years. And with recent rawhide
changes it contributed to an RPM build failure. Let's drop it.

This also removes installation of a libvirt-python doc dir, so drop
handling of it from the RPM spec.
2013-07-29 07:54:18 -04:00
Daniel Veillard 034d322978 Release of libvirt-1.1.0
* configure.ac docs/news.html.in libvirt.spec.in: updated for the release
* po/*.po*: updated localizations and regenerated
2013-07-01 17:22:49 +08:00
Eric Blake 3a214482ec spec: require xen-devel for libxl driver
When using 'rpmbuild --define "_without_xen 1"', but on a new enough
Fedora where %{with_libxl} still gets set to 1 by default, the
build dependencies were incomplete, which could result in 'make rpm'
failing because ./configure failed to build the libxl driver.

* libvirt.spec.in (BuildRequires): Fix xen-devel condition.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-06-29 14:56:05 -06:00
Daniel Veillard 0c737dfb44 Add polkit policy for API checks to rpm spec 2013-06-25 13:44:47 +02:00
Ján Tomko 31d42506fb conf: add features to volume target XML
Add <features> and <compat> elements to volume target XML.

<compat> is a string which for qcow2 represents the QEMU version
it should be compatible with. Valid values are 0.10 and 1.1.
1.1 is implicit if the <features> element is present, otherwise
qemu-img default is used. 0.10 can be specified to explicitly
create older images after the qemu-img default changes.

<features> contains optional features, so far
<lazy_refcounts/> is available, which enables caching of reference
counters, improving performance for snapshots.
2013-06-21 13:25:30 +02:00
Cole Robinson ce672cde62 spec: Enable KVM support on ARM
F20/rawhide has support for this.

From: Peter Robinson <pbrobinson@gmail.com>
2013-06-18 07:33:23 -04:00
Cole Robinson db459dbdb9 spec: Drop Requires: vbox
Since this package isn't provided by any stock RH based distro. The
upstream RPMs are called VirtualBox anyways.
2013-06-08 18:32:59 -04:00
Jiri Denemark 3b50a711f0 spec: Explicitly require libgcrypt-devel
Our configure.ac says:

    Not all versions of gnutls include -lgcrypt, and so we add
    it explicitly for the calls to gcry_control/check_version

Thus we cannot rely on gnutls-devel to bring grcypt-devel as a
dependency.
2013-06-03 15:15:44 +02:00
Daniel Veillard 4497ef50dc Release of libvirt 1.0.6
* configure.ac docs/news.html.in libvirt.spec.in: update for the release
* po/*.po*: pull localization updates and regenerate the po
2013-06-03 12:09:56 +02:00
Viktor Mihajlovski 831909a94e spec: Build vbox packages only for x86 architectures
Commit 6ab6bc19f0 has introduced separate
daemon/driver packages for vbox. These should only be built for x86
architectures which is done hereby.

Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
2013-05-24 10:11:00 -06:00
Eric Blake de483052a2 maint: follow recommended practice for using LGPL
https://www.gnu.org/licenses/gpl-howto.html states:

You should also include a copy of the license itself somewhere in the
distribution of your program. All programs, whether they are released
under the GPL or LGPL, should include the text version of the GPL. In
GNU programs the license is usually in a file called COPYING.

If you are releasing your program under the LGPL, you should also
include the text version of the LGPL, usually in a file called
COPYING.LESSER. Please note that, since the LGPL is a set of
additional permissions on top of the GPL, it's important to include
both licenses so users have all the materials they need to understand
their rights.

* configure.ac (COPYING): No more games with non-git file.
* COPYING: New file, copied from gnulib.
* COPYING.LIB: Rename...
* COPYING.LESSER: ...to this.
* .gitignore: Track licenses in git.
* cfg.mk (exclude_file_name_regexp--sc_copyright_address): Tweak
rule.
* libvirt.spec.in (daemon, client, python): Reflect rename.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-05-20 14:15:21 -06:00
Daniel P. Berrange 6ab6bc19f0 Add libvirt-daemon-vbox & libvirt-daemon-driver-vbox RPMs
Now the VirtualBox driver is a loadable module, it needs
to live in its own sub-RPM

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-05-17 17:09:29 +01:00
Eric Blake 9615ca59c6 spec: fix outdated comment
https://bugzilla.redhat.com/show_bug.cgi?id=963016 points out that
we don't use initscripts by default on Fedora any more.

* libvirt.spec.in (Requires): Better explanation of gettext.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-05-14 21:07:40 -06:00
Eric Blake a2584d58f6 spec: proper soft static allocation of qemu uid
https://bugzilla.redhat.com/show_bug.cgi?id=924501 tracks a
problem that occurs if uid 107 is already in use at the time
libvirt is first installed.  In response that problem, Fedora
packaging guidelines were recently updated.  This fixes the
spec file to comply with the new guidelines:
https://fedoraproject.org/wiki/Packaging:UsersAndGroups

* libvirt.spec.in (daemon): Follow updated Fedora guidelines.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-05-06 14:05:05 -06:00
Laine Stump 9eafa25116 build: fix make rpm failure
Commit 297c99a accidentally put a { where a ( belonged, causing make
rpm to fail.
2013-05-03 07:52:22 -04:00
Michal Privoznik 297c99a567 qemu: Generate agent socket path if missing
It's not desired to force users imagine path for a socket they
are not even supposed to connect to. On the other hand, we
already have a release where the qemu agent socket path is
exposed to XML, so we cannot silently drop it from there.
The new path is generated in form:

$LOCALSTATEDIR/lib/libvirt/qemu/channel/target/$domain.$name

for qemu system mode, and

$XDG_CONFIG_HOME/qemu/lib/channel/target/$domain.$name

for qemu session mode.
2013-05-02 16:40:24 +02:00
Daniel Veillard 8e20a23fb6 Release of libvirt-1.0.5
* configure.ac docs/news.html.in libvirt.spec.in: updated for the release
* po/*.po*: pulled and merged a number of new localization updates
2013-05-02 15:04:50 +08:00
Eric Blake e2472e6957 spec: collect all BuildRequires into one area
Conditional BuildRequires: should be at the top level, rather
than appearing in conditional sub-package sections.  This
appears to be the only offender.

* libvirt.spec.in (BuildRequires): Move libblkid-devel into
correct area.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-05-01 20:55:59 -06:00
Jiri Denemark 6f1b9c8d2a spec: Require pod2man when running autoreconf
Since commit b8a32e0e94, all man pages
depend on configure.ac so that they are properly regenerated whenever
libvirt version changes. Thus libvirt.spec needs to have a build
dependency on pod2man when %{enable_autotools} is set.
2013-04-08 16:11:16 +02:00
Michal Privoznik 5e5ca84e31 test: Return Libvirt logo as domain screenshot
This is just a bare Easter Egg. Whenever a user runs virDomainScreenshot
over a domain in test driver, he'll get the Libvirt PNG logo in return.
2013-04-02 14:38:56 +02:00
Daniel Veillard 89d730201f Release of libvirt-1.0.4
- configure.ac docs/news.html.in libvirt.spec.in: updates for the release
- po/*.po*: fetch translation updates from Transifex and regenerate
2013-04-01 10:57:04 +08:00
Daniel Veillard be1c364d89 Release of libvirt 1.0.3
- configure.ac docs/news.html.in libvirt.spec.in: update for the release
- po/*.po*: merged in transifex updates for fr,hi,pl,ja,uk,it and
  regenerated
2013-03-05 12:00:53 +08:00
Jiri Denemark 53657a0abe spec: Fix minor changelog issues
When a changelog entry references an RPM macro, % needs to be escaped so
that it does not appear expanded in package changelog.

Fri Mar  4 2009 is incorrect since Mar 4 was Wednesday. Since
libvirt-0.6.1 was released on Mar 4 2009, we should change Fri to Wed.
2013-02-05 10:00:32 +01:00
Jiri Denemark d45066a55f spec: Avoid using makeinstall relic
The macro was made to help installing broken packages that did not use
DESTDIR correctly by overriding individual path variables (prefix,
sysconfdir, ...). Newer rpm provides fixed make_install macro that calls
make install with just the correct DESTDIR, however it is not available
everywhere (e.g., RHEL 5 does not have it). On the other hand the
make_install macro is simple and straightforward enough for us to use
its expansion directly.
2013-01-31 16:53:19 +01:00
Daniel Veillard 4a824cdbc4 Release of libvirt-1.0.2
* configure.ac docs/news.html.in libvirt.spec.in: update for the release
* po/*.po*: updated localizations
2013-01-30 10:42:05 +01:00
Eric Blake c8f79c9b29 spec: indent %if to make it easier to see conditions
Nested conditionals are hard to read if they are not indented.
We can't add arbitrary whitespace to everything in spec files,
but we CAN add spaces before %if and %define.  Use this trick,
plus a fancy sed script that rewrites a spec file into a C
file, so we can use cppi to keep our spec file nice.

For reference, the sed script converts code like:

|# RHEL-5 builds are client-only for s390, ppc
|%if 0%{?rhel} == 5
|    %ifnarch %{ix86} x86_64 ia64
|        %define client_only        1
|    %endif
|%endif

into the following for cppi:

|// # RHEL-5 builds are client-only for s390, ppc
|#if a // 0%{?rhel} == 5
|# if a // %{ix86} x86_64 ia64
|#  define client_only        1
|# endif
|#endif

and errors from 'make syntax-check' look like:
spec_indentation
cppi: mingw-libvirt.spec.in: line 130: not properly indented
maint.mk: incorrect preprocessor indentation

* libvirt.spec.in: Add some indentation to make it easier to follow
various conditionals.
* mingw-libvirt-spec.in: Likewise.
* cfg.mk (sc_spec_indentation): New syntax check to enforce it.
2013-01-21 10:36:14 -07:00
Viktor Mihajlovski 8691551070 build: Fix RPM build errors related to libvirt-lxc API
Added missing entries to makefile and spec.

Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
2013-01-18 09:48:17 -07:00
Daniel P. Berrange 3d1596b048 Introduce an LXC specific public API & library
This patch introduces support for LXC specific public APIs. In
common with what was done for QEMU, this creates a libvirt_lxc.so
library and libvirt/libvirt-lxc.h header file.

The actual APIs are

  int virDomainLxcOpenNamespace(virDomainPtr domain,
                                int **fdlist,
                                unsigned int flags);

  int virDomainLxcEnterNamespace(virDomainPtr domain,
                                 unsigned int nfdlist,
                                 int *fdlist,
                                 unsigned int *noldfdlist,
                                 int **oldfdlist,
                                 unsigned int flags);

which provide a way to use the setns() system call to move the
calling process into the container's namespace. It is not
practical to write in a generically applicable manner. The
nearest that we could get to such an API would be an API which
allows to pass a command + argv to be executed inside a
container. Even if we had such a generic API, this LXC specific
API is still useful, because it allows the caller to maintain
the current process context, in particular any I/O streams they
have open.

NB the virDomainLxcEnterNamespace() API is special in that it
runs client side, so does not involve the internal driver API.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-01-14 13:58:34 +00:00
Daniel P. Berrange 907a39e735 Add a test suite for validating SELinux labelling
There are many aspects of the guest XML which result in the
SELinux driver applying file labelling. With the increasing
configuration options it is desirable to test this behaviour.
It is not possible to assume that the test suite has the
ability to set SELinux labels. Most filesystems though will
support extended attributes. Thus for the purpose of testing,
it is possible to extend the existing LD_PRELOAD hack to
override setfilecon() and getfilecon() to simply use the
'user.libvirt.selinux' attribute for the sake of testing.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-01-14 13:40:04 +00:00
Daniel P. Berrange 0eec69729d Convert ssh2 check to use LIBVIRT_CHECK_PKG
This converts the libssh2 configure check to use LIBVIRT_CHECK_PKG.
Previously it would check version 1.0 and 1.3, but this simplifies
things to just require version 1.3
2013-01-14 13:29:44 +00:00
Yufang Zhang 8a883b0c1e build: require avahi instead of avahi-libs on rhel5.
On rhel5, libs of avahi are packaged into avahi instead of avahi-libs.
Actually, there is no avahi-libs package shipped with rhel5. This patch
fixes this by requiring avahi on rhel5.
2013-01-10 17:16:21 -07:00
Eric Blake 86007cba4c spec: remove redundant %if
The daemon-driver-{qemu,lxc} packages are only built if
%{with_driver_modules} is specified, so they do not need to
further test this condition.  Likewise, the daemon package
is only built if %{with_libvirtd} is specified, so it does
not need to further test this condition.

* libvirt.spec.in (daemon-driver-qemu, daemon-driver-lxc):
Unconditionally require libvirt-daemon-driver-network.
(daemon): Unconditionally include lock-driver files.
2013-01-10 14:07:30 -07:00
Yufang Zhang daef7c9e9c build: move file deleting action from %files list to %install
When building libvirt rpms on rhel5, I got the following error:

    File must begin with "/": rm
    File must begin with "/": -f
    File must begin with "/": $RPM_BUILD_ROOT/etc/sysctl.d/libvirtd
    Installed (but unpackaged) file(s) found:
   /etc/sysctl.d/libvirtd

It is triggerd by the %files list of libvirt daemon:

    %if 0%{?fedora} >= 14 || 0%{?rhel} >= 6
    %config(noreplace) %{_prefix}/lib/sysctl.d/libvirtd.conf
    %else
    rm -f $RPM_BUILD_ROOT%{_prefix}/lib/sysctl.d/libvirtd.conf
    %endif

After checking document of rpm spec file, I think it would be better
to move the file deleting line from %files list to %install script.

Bug introduced in commit a1fd56c.
2013-01-09 17:16:42 -07:00
Viktor Mihajlovski b7159dca8b build: libvirt-guests files misplaced in specfile
In a non-systemd environment the post and preun scripts of libvirt-client
fail, since the required files are in libvirt-daemon. Moved them to client.
Doing that I noticed %{_unitdir}/libvirt-guests.service was contained in
both libvirt-client and libvirt-daemon, which I don't think was intended.
Removed the extra copy from daemon.

Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
2013-01-08 09:53:42 -07:00
Eric Blake a1fd56cb30 build: install libvirt sysctl file correctly
https://bugzilla.redhat.com/show_bug.cgi?id=887017 reports that
even though libvirt attempts to set fs.aio-max-nr via sysctl,
the file was installed with the wrong name and gets ignored by
sysctl.  Furthermore, 'man systcl.d' recommends that packages
install into hard-coded /usr/lib/sysctl.d (even when libdir is
/usr/lib64), so that sysadmins can use /etc/sysctl.d for overrides.

* daemon/Makefile.am (install-sysctl, uninstall-sysctl): Use
correct location.
* libvirt.spec.in (network_files): Reflect this.
2013-01-07 08:56:37 -07:00
Jiri Denemark 5cce9d28b0 spec: Do not install *.py[co] in python examples
Unfortunately, rpm is stupid enough to bytycompile python scripts even
though they are located in /usr/share/doc/libvirt-python-*/examples and
it does so after %install phase is finished. Thus there's no way we
could remove those files from BUILDROOT. As a workaround, we may safely
remove the examples subdirectory completely without losing anything. The
python scripts that were installed there are also copied directly into
/usr/share/doc/libvirt-python-*/ by

    %doc python/tests/*.py

rule. And yes, the files are actually tests, not examples.
2012-12-18 18:03:31 +01:00
Cole Robinson d60c7f75c2 spec: Fix script warning when uninstalling libvirt-client
https://bugzilla.redhat.com/show_bug.cgi?id=888071
2012-12-18 10:21:17 -05:00
Jiri Denemark b4f20d07e2 spec: Include lockd files in libvirt-daemon package 2012-12-14 11:59:37 +01:00
Daniel P. Berrange f234dc9366 Add support for re-exec() of virtlockd upon SIGUSR1
The virtlockd daemon maintains file locks on behalf of libvirtd
and any VMs it is running. These file locks must be held for as
long as any VM is running. If virtlockd itself ever quits, then
it is expected that a node would be fenced/rebooted. Thus to
allow for software upgrads on live systemd, virtlockd needs the
ability to re-exec() itself.

Upon receipt of SIGUSR1, virtlockd will save its current live
state out to a file /var/run/virtlockd-restart-exec.json
It then re-exec()'s itself with exactly the same argv as it
originally had, and loads the state file, reconstructing any
objects as appropriate.

The state file contains information about all locks held and
all network services and clients currently active. An example
state document is

 {
    "server": {
        "min_workers": 1,
        "max_workers": 20,
        "priority_workers": 0,
        "max_clients": 20,
        "keepaliveInterval": 4294967295,
        "keepaliveCount": 0,
        "keepaliveRequired": false,
        "services": [
            {
                "auth": 0,
                "readonly": false,
                "nrequests_client_max": 1,
                "socks": [
                    {
                        "fd": 6,
                        "errfd": -1,
                        "pid": 0,
                        "isClient": false
                    }
                ]
            }
        ],
        "clients": [
            {
                "auth": 0,
                "readonly": false,
                "nrequests_max": 1,
                "sock": {
                    "fd": 9,
                    "errfd": -1,
                    "pid": 0,
                    "isClient": true
                },
                "privateData": {
                    "restricted": true,
                    "ownerPid": 1722,
                    "ownerId": 6,
                    "ownerName": "f18x86_64",
                    "ownerUUID": "97586ba9-df27-9459-c806-f016c8bbd224"
                }
            },
            {
                "auth": 0,
                "readonly": false,
                "nrequests_max": 1,
                "sock": {
                    "fd": 10,
                    "errfd": -1,
                    "pid": 0,
                    "isClient": true
                },
                "privateData": {
                    "restricted": true,
                    "ownerPid": 1784,
                    "ownerId": 7,
                    "ownerName": "f16x86_64",
                    "ownerUUID": "7b8e5e42-b875-61e9-b981-91ad8fa46979"
                }
            }
        ]
    },
    "defaultLockspace": {
        "resources": [
            {
                "name": "/var/lib/libvirt/images/f16x86_64.raw",
                "path": "/var/lib/libvirt/images/f16x86_64.raw",
                "fd": 14,
                "lockHeld": true,
                "flags": 0,
                "owners": [
                    1784
                ]
            },
            {
                "name": "/var/lib/libvirt/images/shared.img",
                "path": "/var/lib/libvirt/images/shared.img",
                "fd": 12,
                "lockHeld": true,
                "flags": 1,
                "owners": [
                    1722,
                    1784
                ]
            },
            {
                "name": "/var/lib/libvirt/images/f18x86_64.img",
                "path": "/var/lib/libvirt/images/f18x86_64.img",
                "fd": 11,
                "lockHeld": true,
                "flags": 0,
                "owners": [
                    1722
                ]
            }
        ]
    },
    "lockspaces": [

    ],
    "magic": "30199"
 }

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-12-13 15:26:57 +00:00
Daniel P. Berrange 74c0353e4f Enable systemd socket activation with virtlockd
This enhancement virtlockd so that it can receive a pre-opened
UNIX domain socket from systemd at launch time, and adds the
systemd service/socket unit files

* daemon/libvirtd.service.in: Require virtlockd to be running
* libvirt.spec.in: Add virtlockd systemd files
* src/Makefile.am: Install systemd files
* src/locking/lock_daemon.c: Support socket activation
* src/locking/virtlockd.service.in, src/locking/virtlockd.socket.in:
  systemd unit files
* src/rpc/virnetserverservice.c, src/rpc/virnetserverservice.h:
  Add virNetServerServiceNewFD() method
* src/rpc/virnetsocket.c, src/rpc/virnetsocket.h: Add virNetSocketNewListenFD
  method

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-12-13 15:26:57 +00:00
Daniel P. Berrange c57e3d8994 Introduce basic infrastructure for virtlockd daemon
The virtlockd daemon will maintain locks on behalf of libvirtd.
There are two reasons for it to be separate

 - Avoid risk of other libvirtd threads accidentally
   releasing fcntl() locks by opening + closing a file
   that is locked
 - Ensure locks can be preserved across libvirtd restarts.
   virtlockd will need to be able to re-exec itself while
   maintaining locks. This is simpler to achieve if its
   sole job is maintaining locks

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-12-13 15:26:57 +00:00