Rebased to version 1.3.3
This commit is contained in:
parent
d6cc78be66
commit
0debbff964
@ -1,46 +0,0 @@
|
|||||||
From: Martin Kletzander <mkletzan@redhat.com>
|
|
||||||
Date: Tue, 1 Mar 2016 15:42:32 +0100
|
|
||||||
Subject: [PATCH] daemon: Properly check for clients
|
|
||||||
|
|
||||||
virHashForEach() returns 0 if everything went nice, so our session
|
|
||||||
daemon was timing out even when there was a client connected.
|
|
||||||
|
|
||||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1315606
|
|
||||||
|
|
||||||
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
|
|
||||||
(cherry picked from commit 6541a2b4acd453ebbf10a4427f9ec4e794d3ba6d)
|
|
||||||
---
|
|
||||||
src/rpc/virnetdaemon.c | 14 +++++++++++---
|
|
||||||
1 file changed, 11 insertions(+), 3 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/rpc/virnetdaemon.c b/src/rpc/virnetdaemon.c
|
|
||||||
index 298fbf4..b05ba99 100644
|
|
||||||
--- a/src/rpc/virnetdaemon.c
|
|
||||||
+++ b/src/rpc/virnetdaemon.c
|
|
||||||
@@ -843,15 +843,23 @@ virNetDaemonClose(virNetDaemonPtr dmn)
|
|
||||||
static int
|
|
||||||
daemonServerHasClients(void *payload,
|
|
||||||
const void *key ATTRIBUTE_UNUSED,
|
|
||||||
- void *opaque ATTRIBUTE_UNUSED)
|
|
||||||
+ void *opaque)
|
|
||||||
{
|
|
||||||
+ bool *clients = opaque;
|
|
||||||
virNetServerPtr srv = payload;
|
|
||||||
|
|
||||||
- return virNetServerHasClients(srv);
|
|
||||||
+ if (virNetServerHasClients(srv))
|
|
||||||
+ *clients = true;
|
|
||||||
+
|
|
||||||
+ return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
bool
|
|
||||||
virNetDaemonHasClients(virNetDaemonPtr dmn)
|
|
||||||
{
|
|
||||||
- return virHashForEach(dmn->servers, daemonServerHasClients, NULL) > 0;
|
|
||||||
+ bool ret = false;
|
|
||||||
+
|
|
||||||
+ virHashForEach(dmn->servers, daemonServerHasClients, &ret);
|
|
||||||
+
|
|
||||||
+ return ret;
|
|
||||||
}
|
|
@ -1,63 +0,0 @@
|
|||||||
From: Cole Robinson <crobinso@redhat.com>
|
|
||||||
Date: Wed, 9 Mar 2016 10:53:54 -0500
|
|
||||||
Subject: [PATCH] util: virfile: Clarify setuid usage for virFileRemove
|
|
||||||
|
|
||||||
Break these checks out into their own function, and clearly document
|
|
||||||
each one. This shouldn't change behavior
|
|
||||||
|
|
||||||
(cherry picked from commit 7cf5343709935694b76af7b134447a2c555400b6)
|
|
||||||
---
|
|
||||||
src/util/virfile.c | 33 +++++++++++++++++++++++++++------
|
|
||||||
1 file changed, 27 insertions(+), 6 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/util/virfile.c b/src/util/virfile.c
|
|
||||||
index f45e18f..a913903 100644
|
|
||||||
--- a/src/util/virfile.c
|
|
||||||
+++ b/src/util/virfile.c
|
|
||||||
@@ -2314,6 +2314,32 @@ virFileOpenAs(const char *path, int openflags, mode_t mode,
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
+/* virFileRemoveNeedsSetuid:
|
|
||||||
+ * @uid: file uid to check
|
|
||||||
+ * @gid: file gid to check
|
|
||||||
+ *
|
|
||||||
+ * Return true if we should use setuid/setgid before deleting a file
|
|
||||||
+ * owned by the passed uid/gid pair. Needed for NFS with root-squash
|
|
||||||
+ */
|
|
||||||
+static bool
|
|
||||||
+virFileRemoveNeedsSetuid(uid_t uid, gid_t gid)
|
|
||||||
+{
|
|
||||||
+ /* If running unprivileged, setuid isn't going to work */
|
|
||||||
+ if (geteuid() != 0)
|
|
||||||
+ return false;
|
|
||||||
+
|
|
||||||
+ /* uid/gid weren't specified */
|
|
||||||
+ if ((uid == (uid_t) -1) && (gid == (gid_t) -1))
|
|
||||||
+ return false;
|
|
||||||
+
|
|
||||||
+ /* already running as proper uid/gid */
|
|
||||||
+ if (uid == geteuid() && gid == getegid())
|
|
||||||
+ return false;
|
|
||||||
+
|
|
||||||
+ return true;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+
|
|
||||||
/* virFileRemove:
|
|
||||||
* @path: file to unlink or directory to remove
|
|
||||||
* @uid: uid that was used to create the file (not required)
|
|
||||||
@@ -2335,12 +2361,7 @@ virFileRemove(const char *path,
|
|
||||||
gid_t *groups;
|
|
||||||
int ngroups;
|
|
||||||
|
|
||||||
- /* If not running as root or if a non explicit uid/gid was being used for
|
|
||||||
- * the file/volume or the explicit uid/gid matches, then use unlink directly
|
|
||||||
- */
|
|
||||||
- if ((geteuid() != 0) ||
|
|
||||||
- ((uid == (uid_t) -1) && (gid == (gid_t) -1)) ||
|
|
||||||
- (uid == geteuid() && gid == getegid())) {
|
|
||||||
+ if (!virFileRemoveNeedsSetuid(uid, gid)) {
|
|
||||||
if (virFileIsDir(path))
|
|
||||||
return rmdir(path);
|
|
||||||
else
|
|
@ -1,55 +0,0 @@
|
|||||||
From: Cole Robinson <crobinso@redhat.com>
|
|
||||||
Date: Wed, 9 Mar 2016 12:20:37 -0500
|
|
||||||
Subject: [PATCH] util: virfile: Only setuid for virFileRemove if on NFS
|
|
||||||
|
|
||||||
NFS with root-squash is the only reason we need to do setuid/setgid
|
|
||||||
crazyness in virFileRemove, so limit that behavior to the NFS case.
|
|
||||||
|
|
||||||
(cherry picked from commit adefc561cc4c6a007529769c3df286f2ed461684)
|
|
||||||
---
|
|
||||||
src/util/virfile.c | 11 +++++++++--
|
|
||||||
1 file changed, 9 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/util/virfile.c b/src/util/virfile.c
|
|
||||||
index a913903..0bba850 100644
|
|
||||||
--- a/src/util/virfile.c
|
|
||||||
+++ b/src/util/virfile.c
|
|
||||||
@@ -2315,6 +2315,7 @@ virFileOpenAs(const char *path, int openflags, mode_t mode,
|
|
||||||
|
|
||||||
|
|
||||||
/* virFileRemoveNeedsSetuid:
|
|
||||||
+ * @path: file we plan to remove
|
|
||||||
* @uid: file uid to check
|
|
||||||
* @gid: file gid to check
|
|
||||||
*
|
|
||||||
@@ -2322,7 +2323,7 @@ virFileOpenAs(const char *path, int openflags, mode_t mode,
|
|
||||||
* owned by the passed uid/gid pair. Needed for NFS with root-squash
|
|
||||||
*/
|
|
||||||
static bool
|
|
||||||
-virFileRemoveNeedsSetuid(uid_t uid, gid_t gid)
|
|
||||||
+virFileRemoveNeedsSetuid(const char *path, uid_t uid, gid_t gid)
|
|
||||||
{
|
|
||||||
/* If running unprivileged, setuid isn't going to work */
|
|
||||||
if (geteuid() != 0)
|
|
||||||
@@ -2336,6 +2337,12 @@ virFileRemoveNeedsSetuid(uid_t uid, gid_t gid)
|
|
||||||
if (uid == geteuid() && gid == getegid())
|
|
||||||
return false;
|
|
||||||
|
|
||||||
+ /* Only perform the setuid stuff for NFS, which is the only case
|
|
||||||
+ that may actually need it. This can error, but just be safe and
|
|
||||||
+ only check for a clear negative result. */
|
|
||||||
+ if (virFileIsSharedFSType(path, VIR_FILE_SHFS_NFS) == 0)
|
|
||||||
+ return false;
|
|
||||||
+
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -2361,7 +2368,7 @@ virFileRemove(const char *path,
|
|
||||||
gid_t *groups;
|
|
||||||
int ngroups;
|
|
||||||
|
|
||||||
- if (!virFileRemoveNeedsSetuid(uid, gid)) {
|
|
||||||
+ if (!virFileRemoveNeedsSetuid(path, uid, gid)) {
|
|
||||||
if (virFileIsDir(path))
|
|
||||||
return rmdir(path);
|
|
||||||
else
|
|
@ -1,37 +0,0 @@
|
|||||||
From: Cole Robinson <crobinso@redhat.com>
|
|
||||||
Date: Tue, 15 Mar 2016 17:04:32 -0400
|
|
||||||
Subject: [PATCH] rpc: wait longer for session daemon to start up
|
|
||||||
|
|
||||||
https://bugzilla.redhat.com/show_bug.cgi?id=1271183
|
|
||||||
|
|
||||||
We only wait 0.5 seconds for the session daemon to start up and present
|
|
||||||
its socket, which isn't sufficient for many users. Bump up the sleep
|
|
||||||
interval and retry amount so we wait for a total of 5.0 seconds.
|
|
||||||
|
|
||||||
(cherry picked from commit ca0c06f4008154de55e0b3109885facd0bf02d32)
|
|
||||||
---
|
|
||||||
src/rpc/virnetsocket.c | 4 ++--
|
|
||||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
|
|
||||||
index b0d5b1c..d909b94 100644
|
|
||||||
--- a/src/rpc/virnetsocket.c
|
|
||||||
+++ b/src/rpc/virnetsocket.c
|
|
||||||
@@ -614,7 +614,7 @@ int virNetSocketNewConnectUNIX(const char *path,
|
|
||||||
char *lockpath = NULL;
|
|
||||||
int lockfd = -1;
|
|
||||||
int fd = -1;
|
|
||||||
- int retries = 100;
|
|
||||||
+ int retries = 500;
|
|
||||||
virSocketAddr localAddr;
|
|
||||||
virSocketAddr remoteAddr;
|
|
||||||
char *rundir = NULL;
|
|
||||||
@@ -707,7 +707,7 @@ int virNetSocketNewConnectUNIX(const char *path,
|
|
||||||
daemonLaunched = true;
|
|
||||||
}
|
|
||||||
|
|
||||||
- usleep(5000);
|
|
||||||
+ usleep(10000);
|
|
||||||
}
|
|
||||||
|
|
||||||
localAddr.len = sizeof(localAddr.data);
|
|
@ -1,27 +0,0 @@
|
|||||||
From: Jovanka Gulicoska <jovanka.gulicoska@gmail.com>
|
|
||||||
Date: Thu, 17 Mar 2016 20:02:20 +0100
|
|
||||||
Subject: [PATCH] driver: log missing modules as INFO, not WARN
|
|
||||||
|
|
||||||
Missing modules is a common expected scenario for most libvirt usage on
|
|
||||||
RPM distributions like Fedora, so it doesn't really warrant logging at
|
|
||||||
WARN level. Use INFO instead
|
|
||||||
|
|
||||||
https://bugzilla.redhat.com/show_bug.cgi?id=1274849
|
|
||||||
(cherry picked from commit 9a0c7f5f834185db9017c34aabc03ad99cf37bed)
|
|
||||||
---
|
|
||||||
src/driver.c | 2 +-
|
|
||||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/src/driver.c b/src/driver.c
|
|
||||||
index 2985538..1514a3b 100644
|
|
||||||
--- a/src/driver.c
|
|
||||||
+++ b/src/driver.c
|
|
||||||
@@ -62,7 +62,7 @@ virDriverLoadModule(const char *name)
|
|
||||||
return NULL;
|
|
||||||
|
|
||||||
if (access(modfile, R_OK) < 0) {
|
|
||||||
- VIR_WARN("Module %s not accessible", modfile);
|
|
||||||
+ VIR_INFO("Module %s not accessible", modfile);
|
|
||||||
goto cleanup;
|
|
||||||
}
|
|
||||||
|
|
38
libvirt.spec
38
libvirt.spec
@ -155,6 +155,7 @@
|
|||||||
# Non-server/HV driver defaults which are always enabled
|
# Non-server/HV driver defaults which are always enabled
|
||||||
%define with_sasl 0%{!?_without_sasl:1}
|
%define with_sasl 0%{!?_without_sasl:1}
|
||||||
%define with_audit 0%{!?_without_audit:1}
|
%define with_audit 0%{!?_without_audit:1}
|
||||||
|
%define with_nss_plugin 0%{!?_without_nss_plugin:1}
|
||||||
|
|
||||||
|
|
||||||
# Finally set the OS / architecture specific special cases
|
# Finally set the OS / architecture specific special cases
|
||||||
@ -377,8 +378,8 @@
|
|||||||
|
|
||||||
Summary: Library providing a simple virtualization API
|
Summary: Library providing a simple virtualization API
|
||||||
Name: libvirt
|
Name: libvirt
|
||||||
Version: 1.3.2
|
Version: 1.3.3
|
||||||
Release: 3%{?dist}%{?extra_release}
|
Release: 1%{?dist}%{?extra_release}
|
||||||
License: LGPLv2+
|
License: LGPLv2+
|
||||||
Group: Development/Libraries
|
Group: Development/Libraries
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
|
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
|
||||||
@ -389,16 +390,6 @@ URL: http://libvirt.org/
|
|||||||
%endif
|
%endif
|
||||||
Source: http://libvirt.org/sources/%{?mainturl}libvirt-%{version}.tar.gz
|
Source: http://libvirt.org/sources/%{?mainturl}libvirt-%{version}.tar.gz
|
||||||
|
|
||||||
# Fix qemu:///session disconnect after 30 seconds
|
|
||||||
Patch0001: 0001-daemon-Properly-check-for-clients.patch
|
|
||||||
# Fix 'permission denied' errors trying to unlink disk images (bz #1289327)
|
|
||||||
Patch0002: 0002-util-virfile-Clarify-setuid-usage-for-virFileRemove.patch
|
|
||||||
Patch0003: 0003-util-virfile-Only-setuid-for-virFileRemove-if-on-NFS.patch
|
|
||||||
# Fix qemu:///session connect race failures (bz #1271183)
|
|
||||||
Patch0004: 0004-rpc-wait-longer-for-session-daemon-to-start-up.patch
|
|
||||||
# driver: log missing modules as INFO, not WARN (bz #1274849)
|
|
||||||
Patch0005: 0005-driver-log-missing-modules-as-INFO-not-WARN.patch
|
|
||||||
|
|
||||||
%if %{with_libvirtd}
|
%if %{with_libvirtd}
|
||||||
Requires: libvirt-daemon = %{version}-%{release}
|
Requires: libvirt-daemon = %{version}-%{release}
|
||||||
%if %{with_network}
|
%if %{with_network}
|
||||||
@ -1228,6 +1219,16 @@ Includes the Sanlock lock manager plugin for the QEMU
|
|||||||
driver
|
driver
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
%if %{with_nss_plugin}
|
||||||
|
%package nss
|
||||||
|
Summary: Libvirt plugin for Name Service Switch
|
||||||
|
Group: Development/Libraries
|
||||||
|
Requires: libvirt-daemon-driver-network = %{version}-%{release}
|
||||||
|
|
||||||
|
%description nss
|
||||||
|
Libvirt plugin for NSS for translating domain names into IP addresses.
|
||||||
|
%endif
|
||||||
|
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
@ -1461,6 +1462,10 @@ rm -rf .git
|
|||||||
%define _without_pm_utils --without-pm-utils
|
%define _without_pm_utils --without-pm-utils
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
%if ! %{with_nss_plugin}
|
||||||
|
%define _without_nss_plugin --without-nss-plugin
|
||||||
|
%endif
|
||||||
|
|
||||||
%define when %(date +"%%F-%%T")
|
%define when %(date +"%%F-%%T")
|
||||||
%define where %(hostname)
|
%define where %(hostname)
|
||||||
%define who %{?packager}%{!?packager:Unknown}
|
%define who %{?packager}%{!?packager:Unknown}
|
||||||
@ -1538,6 +1543,7 @@ rm -f po/stamp-po
|
|||||||
%{?_without_wireshark} \
|
%{?_without_wireshark} \
|
||||||
%{?_without_systemd_daemon} \
|
%{?_without_systemd_daemon} \
|
||||||
%{?_without_pm_utils} \
|
%{?_without_pm_utils} \
|
||||||
|
%{?_without_nss_plugin} \
|
||||||
%{with_packager} \
|
%{with_packager} \
|
||||||
%{with_packager_version} \
|
%{with_packager_version} \
|
||||||
--with-qemu-user=%{qemu_user} \
|
--with-qemu-user=%{qemu_user} \
|
||||||
@ -2334,6 +2340,11 @@ exit 0
|
|||||||
%{_libdir}/wireshark/plugins/libvirt.so
|
%{_libdir}/wireshark/plugins/libvirt.so
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
%if %{with_nss_plugin}
|
||||||
|
%files nss
|
||||||
|
%{_libdir}/libnss_libvirt.so.2
|
||||||
|
%endif
|
||||||
|
|
||||||
%if %{with_lxc}
|
%if %{with_lxc}
|
||||||
%files login-shell
|
%files login-shell
|
||||||
%attr(4750, root, virtlogin) %{_bindir}/virt-login-shell
|
%attr(4750, root, virtlogin) %{_bindir}/virt-login-shell
|
||||||
@ -2387,6 +2398,9 @@ exit 0
|
|||||||
%doc examples/systemtap
|
%doc examples/systemtap
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Apr 07 2016 Cole Robinson <crobinso@redhat.com> - 1.3.3-1
|
||||||
|
- Rebased to version 1.3.3
|
||||||
|
|
||||||
* Thu Mar 17 2016 Cole Robinson <crobinso@redhat.com> - 1.3.2-3
|
* Thu Mar 17 2016 Cole Robinson <crobinso@redhat.com> - 1.3.2-3
|
||||||
- Fix qemu:///session disconnect after 30 seconds
|
- Fix qemu:///session disconnect after 30 seconds
|
||||||
- Fix 'permission denied' errors trying to unlink disk images (bz #1289327)
|
- Fix 'permission denied' errors trying to unlink disk images (bz #1289327)
|
||||||
|
Loading…
Reference in New Issue
Block a user