rpms/libguestfs
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Temporary patch (not upstream) to disable sVirt.

Browse Source
This commit is contained in:
Richard W.M. Jones 2012-09-16 13:20:53 +01:00
parent 366f5c0d4f
commit a11c35cb78
2 changed files with 66 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
0001-Revert-launch-libvirt-Enable-sVirt.patch Normal file
View File

@ -0,0 +1,59 @@
From 3479b9b37f95ec37e1203d3c7bce15df7c2a20e8 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Sun, 16 Sep 2012 13:16:59 +0100
Subject: [PATCH] Revert "launch: libvirt: Enable sVirt."
This reverts commit 6575ac4c61cc41a2e3c662b58fd0e0cee2b6a2e3.
---
src/launch-libvirt.c | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
diff --git a/src/launch-libvirt.c b/src/launch-libvirt.c
index c4ca817..9b082a4 100644
--- a/src/launch-libvirt.c
+++ b/src/launch-libvirt.c
@@ -418,6 +418,7 @@ launch_libvirt (guestfs_h *g, const char *libvirt_uri)
static int construct_libvirt_xml_name (guestfs_h *g, xmlTextWriterPtr xo);
static int construct_libvirt_xml_cpu (guestfs_h *g, xmlTextWriterPtr xo);
static int construct_libvirt_xml_boot (guestfs_h *g, xmlTextWriterPtr xo, const char *kernel, const char *initrd, size_t appliance_index);
+static int construct_libvirt_xml_seclabel (guestfs_h *g, xmlTextWriterPtr xo);
static int construct_libvirt_xml_lifecycle (guestfs_h *g, xmlTextWriterPtr xo);
static int construct_libvirt_xml_devices (guestfs_h *g, xmlTextWriterPtr xo, const char *appliance, size_t appliance_index, const char *guestfsd_sock, const char *console_sock);
static int construct_libvirt_xml_qemu_cmdline (guestfs_h *g, xmlTextWriterPtr xo);
@@ -481,6 +482,8 @@ construct_libvirt_xml (guestfs_h *g, const char *capabilities_xml,
goto err;
if (construct_libvirt_xml_boot (g, xo, kernel, initrd, appliance_index) == -1)
goto err;
+ if (construct_libvirt_xml_seclabel (g, xo) == -1)
+ goto err;
if (construct_libvirt_xml_lifecycle (g, xo) == -1)
goto err;
if (construct_libvirt_xml_devices (g, xo, appliance, appliance_index,
@@ -635,6 +638,24 @@ construct_libvirt_xml_boot (guestfs_h *g, xmlTextWriterPtr xo,
return -1;
}
+static int
+construct_libvirt_xml_seclabel (guestfs_h *g, xmlTextWriterPtr xo)
+{
+ XMLERROR (-1, xmlTextWriterStartElement (xo, BAD_CAST "seclabel"));
+ /* XXX This disables SELinux/sVirt confinement. Remove this
+ * once we've worked out how to label guestfsd_sock.
+ */
+ XMLERROR (-1,
+ xmlTextWriterWriteAttribute (xo, BAD_CAST "type",
+ BAD_CAST "none"));
+ XMLERROR (-1, xmlTextWriterEndElement (xo));
+
+ return 0;
+
+ err:
+ return -1;
+}
+
/* qemu -no-reboot */
static int
construct_libvirt_xml_lifecycle (guestfs_h *g, xmlTextWriterPtr xo)
--
1.7.10.4

7
libguestfs.spec
View File

@ -43,6 +43,12 @@ Patch2: libguestfs-1.19.2-remove-udev-from-packagelist.patch
# on i386 only. This works around a bug in 32-bit qemu (RHBZ#857026).
Patch3: 0001-i386-Add-noapic-flag-to-work-around-a-qemu-or-kernel.patch
# Temporary patch (not upstream) to disable sVirt. Before we can
# enable sVirt we must fix libvirt (at a minimum: RHBZ#853393, but
# also RHBZ#857659 would be good) and SELinux policy (required:
# RHBZ#857453; nice to have: RHBZ#856634).
Patch4: 0001-Revert-launch-libvirt-Enable-sVirt.patch
%if 0%{?rhel} >= 7
ExclusiveArch: x86_64
%endif
@ -688,6 +694,7 @@ autoreconf -i
%endif
%patch2 -p1
%patch3 -p1
%patch4 -p1
mkdir -p daemon/m4