From db48d83b5eb17eb262f133ab4442989f699d33bd Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Mon, 29 Jul 2013 16:54:43 +0100 Subject: [PATCH] Completely disable Xen. APIs seem to have changed incompatibly. Add commits from upstream since 0.5. Remove pagerate.pl when building on RHEL. Modernize the spec file. --- ...plemental-groups-correctly-when-drop.patch | 40 +++++++++++++++ ...n-error-indication-up-through-get_me.patch | 29 +++++++++++ 0003-Make-Xen-Libraries-really-optional.patch | 51 +++++++++++++++++++ vhostmd.spec | 43 +++++++++------- 4 files changed, 145 insertions(+), 18 deletions(-) create mode 100644 0001-Security-Set-supplemental-groups-correctly-when-drop.patch create mode 100644 0002-libmetrics-Return-error-indication-up-through-get_me.patch create mode 100644 0003-Make-Xen-Libraries-really-optional.patch diff --git a/0001-Security-Set-supplemental-groups-correctly-when-drop.patch b/0001-Security-Set-supplemental-groups-correctly-when-drop.patch new file mode 100644 index 0000000..9b68102 --- /dev/null +++ b/0001-Security-Set-supplemental-groups-correctly-when-drop.patch @@ -0,0 +1,40 @@ +From 8684995d87e08fadd44e1814e810c770a1f60273 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Mon, 5 Mar 2012 14:48:08 +0000 +Subject: [PATCH 1/3] Security: Set supplemental groups correctly when dropping + privileges. + +https://bugzilla.redhat.com/show_bug.cgi?id=741289 + +(Thanks to Steve Grubb for finding the bug and suggesting a fix) +--- + vhostmd/vhostmd.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/vhostmd/vhostmd.c b/vhostmd/vhostmd.c +index 21763af..90ba76d 100644 +--- a/vhostmd/vhostmd.c ++++ b/vhostmd/vhostmd.c +@@ -34,6 +34,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -1115,6 +1116,11 @@ int main(int argc, char *argv[]) + goto out; + } + ++ if (initgroups (user, pw->pw_gid) == -1) { ++ vu_log (VHOSTMD_ERR, "initgroups: %m"); ++ goto out; ++ } ++ + if (setuid (pw->pw_uid) == -1) { + vu_log (VHOSTMD_ERR, "setuid: %d: %m", pw->pw_uid); + goto out; +-- +1.8.3.1 + diff --git a/0002-libmetrics-Return-error-indication-up-through-get_me.patch b/0002-libmetrics-Return-error-indication-up-through-get_me.patch new file mode 100644 index 0000000..bd9e5eb --- /dev/null +++ b/0002-libmetrics-Return-error-indication-up-through-get_me.patch @@ -0,0 +1,29 @@ +From efba4feaef25ea7efc9e35cfa6e92b69784aa88f Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 10 May 2012 10:14:50 +0100 +Subject: [PATCH 2/3] libmetrics: Return error indication up through + get_metric. + +If private function 'get_mdef' returns an error, then the error is not +propagated back to the user because it gets lost in 'get_metric'. Fix +this by initializing 'ret' correctly. +--- + libmetrics/libmetrics.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libmetrics/libmetrics.c b/libmetrics/libmetrics.c +index d049458..6d5c26f 100644 +--- a/libmetrics/libmetrics.c ++++ b/libmetrics/libmetrics.c +@@ -571,7 +571,7 @@ int get_metric(const char *metric_name, metric **mdef, metric_context context) + metric *lmdef; + uint32_t sum; + int extra_len = 0; +- int ret = 0; ++ int ret = -1; + + *mdef = NULL; + +-- +1.8.3.1 + diff --git a/0003-Make-Xen-Libraries-really-optional.patch b/0003-Make-Xen-Libraries-really-optional.patch new file mode 100644 index 0000000..0a97add --- /dev/null +++ b/0003-Make-Xen-Libraries-really-optional.patch @@ -0,0 +1,51 @@ +From 8fd4d847277bb9a7e53f8bb3f3f935004d8e5cc4 Mon Sep 17 00:00:00 2001 +From: Eduardo Otubo +Date: Thu, 2 Aug 2012 19:42:00 -0300 +Subject: [PATCH 3/3] Make Xen Libraries really optional + +The default behavior in the configure script was to make with_xenstore +set to 'true', which caused the compilation to break in my case because +I don't have xen libraries, therefore, xs.h + +Now the default behavior is set according to its existence or not. Same +thing for xenstat and xenctrl. + +Signed-off-by: Eduardo Otubo +--- + configure.ac | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/configure.ac b/configure.ac +index ee9c446..fb4309b 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -48,7 +48,7 @@ AC_ARG_ENABLE([libxenstat], + ;; + no) libxenstat=false ;; + *) AC_MSG_ERROR(bad value ${enableval} for --enable-libxenstat) ;; +- esac],[libxenstat=false]) ++ esac],[AC_CHECK_HEADER(xenstat.h, libxenstat=true, libxenstat=false)]) + AM_CONDITIONAL(LIBXENSTAT, test x$libxenstat = xtrue) + + # Configure argument to support using xenctrl library for vm enumeration +@@ -60,7 +60,7 @@ AC_ARG_ENABLE([xenctrl], + ;; + no) xenctrl=false ;; + *) AC_MSG_ERROR(bad value ${enableval} for --enable-xenctrl) ;; +- esac],[xenctrl=false]) ++ esac],[AC_CHECK_HEADER(xenctrl.h, xenctrl=true, xenctrl=false,)]) + AM_CONDITIONAL(XENCTRL, test x$xenctrl = xtrue) + + libvirt=false +@@ -79,7 +79,7 @@ AC_ARG_WITH([xenstore], + yes) with_xenstore=true;; + no) with_xenstore=false;; + *) AC_MSG_ERROR(bad value ${withval} for --with-xenstore) ;; +- esac],[with_xenstore=true]) ++ esac],[AC_CHECK_HEADER(xs.h, with_xenstore=true)]) + AM_CONDITIONAL(WITH_XENSTORE, test x$with_xenstore = xtrue) + + AC_OUTPUT(vhostmd/Makefile +-- +1.8.3.1 + diff --git a/vhostmd.spec b/vhostmd.spec index ca23b65..216e672 100644 --- a/vhostmd.spec +++ b/vhostmd.spec @@ -1,22 +1,10 @@ -# Xen is only available on a limited number of architectures -# and is not in RHEL at all. -%ifarch %{ix86} x86_64 ia64 -%if 0%{?rhel} >= 6 %global have_xen 0 -%else -%global have_xen 1 -%endif -%else -%global have_xen 0 -%endif Summary: Virtualization host metrics daemon Name: vhostmd Version: 0.5 -Release: 5%{?dist} +Release: 6%{?dist} License: GPLv2+ -Group: System Environment/Daemons -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root URL: http://gitorious.org/vhostmd @@ -27,6 +15,12 @@ Source1: vhostmd.init Source2: vhostmd.sysconfig Source3: vhostmd.conf +# These commits have been added upstream since vhostmd 0.5 was +# released. +Patch1: 0001-Security-Set-supplemental-groups-correctly-when-drop.patch +Patch2: 0002-libmetrics-Return-error-indication-up-through-get_me.patch +Patch3: 0003-Make-Xen-Libraries-really-optional.patch + BuildRequires: chrpath BuildRequires: pkgconfig BuildRequires: libxml2-devel @@ -51,7 +45,6 @@ resource usage from within virtual machines. %package -n vm-dump-metrics Summary: Virtualization host metrics dump -Group: Applications/System %description -n vm-dump-metrics @@ -61,7 +54,6 @@ or a file. %package -n vm-dump-metrics-devel Summary: Virtualization host metrics dump development -Group: Development/Libraries Requires: vm-dump-metrics = %{version}-%{release} Requires: pkgconfig @@ -73,6 +65,10 @@ Header and libraries necessary for metrics gathering development %prep %setup -q +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 + %build %configure \ @@ -108,10 +104,14 @@ rm $RPM_BUILD_ROOT%{_sysconfdir}/vhostmd/metric.dtd # The default configuration file is great for Xen, not so great # for anyone else. Replace it with one which is better for libvirt # users. -mv $RPM_BUILD_ROOT%{_sysconfdir}/vhostmd/vhostmd.conf \ - $RPM_BUILD_ROOT%{_sysconfdir}/vhostmd/vhostmd.conf.for.xen +rm $RPM_BUILD_ROOT%{_sysconfdir}/vhostmd/vhostmd.conf cp %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/vhostmd/vhostmd.conf +%if 0%{?rhel} +# Remove Perl script (https://bugzilla.redhat.com/show_bug.cgi?id=749875) +rm $RPM_BUILD_ROOT%{_datadir}/vhostmd/scripts/pagerate.pl +%endif + %clean rm -rf $RPM_BUILD_ROOT @@ -158,14 +158,15 @@ exit 0 %dir %{_sysconfdir}/vhostmd %config(noreplace) %{_sysconfdir}/vhostmd/vhostmd.conf -%config(noreplace) %{_sysconfdir}/vhostmd/vhostmd.conf.for.xen %config %{_sysconfdir}/vhostmd/vhostmd.dtd %{_sysconfdir}/init.d/%{name} %config(noreplace) %{_sysconfdir}/sysconfig/%{name} %dir %{_datadir}/vhostmd %dir %{_datadir}/vhostmd/scripts +%if !0%{?rhel} %{_datadir}/vhostmd/scripts/pagerate.pl +%endif %{_mandir}/man8/vhostmd.8.gz @@ -188,6 +189,12 @@ exit 0 %changelog +* Mon Jul 29 2013 Richard W.M. Jones - 0.5-6 +- Completely disable Xen. APIs seem to have changed incompatibly. +- Add commits from upstream since 0.5. +- Remove pagerate.pl when building on RHEL. +- Modernize the spec file. + * Wed Jul 17 2013 Petr Pisar - 0.5-5 - Perl 5.18 rebuild