Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package lxd for openSUSE:Factory checked in at 2021-04-21 21:00:10 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/lxd (Old) and /work/SRC/openSUSE:Factory/.lxd.new.12324 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "lxd" Wed Apr 21 21:00:10 2021 rev:29 rq:887110 version:4.13 Changes: -------- --- /work/SRC/openSUSE:Factory/lxd/lxd.changes 2021-04-12 12:40:24.649581749 +0200 +++ /work/SRC/openSUSE:Factory/.lxd.new.12324/lxd.changes 2021-04-21 21:00:49.718336411 +0200 @@ -1,0 +2,8 @@ +Wed Apr 21 00:19:11 UTC 2021 - Aleksa Sarai <asa...@suse.com> + +- Don't use SecureBoot OVMF blobs, they don't work with LXD. +- Add backport of <https://github.com/lxc/lxd/pull/8700> to fix LXD VMs on + openSUSE. boo#1181549 + + boo1181549-0001-vm-qemu-configure-spice-using-spice-parameter.patch + +------------------------------------------------------------------- New: ---- boo1181549-0001-vm-qemu-configure-spice-using-spice-parameter.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ lxd.spec ++++++ --- /var/tmp/diff_new_pack.ZVI5Hy/_old 2021-04-21 21:00:50.434337538 +0200 +++ /var/tmp/diff_new_pack.ZVI5Hy/_new 2021-04-21 21:00:50.434337538 +0200 @@ -43,6 +43,8 @@ # Additional runtime configuration. Source200: %{name}.sysctl Source201: %{name}.dnsmasq +# Backport of <https://github.com/lxc/lxd/pull/8700>. boo#1181549 +Patch1: boo1181549-0001-vm-qemu-configure-spice-using-spice-parameter.patch BuildRequires: fdupes BuildRequires: golang-packaging BuildRequires: libacl-devel @@ -106,6 +108,8 @@ %prep %setup -q +# boo#1181549 +%patch1 -p1 # Create fake "go mod"-like import paths. This is going to be really fun to # maintain but it's unfortunately necessary because openSUSE doesn't have nice @@ -313,9 +317,9 @@ # in the way it expects. In particular, LXD depends on specific filenames for # the firmware files so we create fake ones with symlinks. mkdir -p %{buildroot}%{lxd_ovmfdir} -ln -s %{_datarootdir}/qemu/ovmf-x86_64-ms-code.bin %{buildroot}%{lxd_ovmfdir}/OVMF_CODE.fd -ln -s %{_datarootdir}/qemu/ovmf-x86_64-ms-vars.bin %{buildroot}%{lxd_ovmfdir}/OVMF_VARS.ms.fd +ln -s %{_datarootdir}/qemu/ovmf-x86_64-code.bin %{buildroot}%{lxd_ovmfdir}/OVMF_CODE.fd ln -s %{_datarootdir}/qemu/ovmf-x86_64-vars.bin %{buildroot}%{lxd_ovmfdir}/OVMF_VARS.fd +ln -s OVMF_VARS.fd %{buildroot}%{lxd_ovmfdir}/OVMF_VARS.ms.fd %fdupes %{buildroot} ++++++ boo1181549-0001-vm-qemu-configure-spice-using-spice-parameter.patch ++++++ >From f86eaf85c38cda988589e64b643670189d22923f Mon Sep 17 00:00:00 2001 From: Aleksa Sarai <cyp...@cyphar.com> Date: Wed, 21 Apr 2021 10:11:21 +1000 Subject: [PATCH] vm/qemu: configure spice using -spice parameter Since QEMU 5.2, if QEMU has its modules compiled as dynamic objects to be dlopen(2)'d rather than statically compiled into the QEMU binary, QEMU will not accept [spice] directives through -readconfig. This is a known issue with QEMU but has been effectively marked as WONTFIX because -readconfig has sort-of been soft-deprecated[1,2,3]. In the meantime, just switch to the -spice commandline since this appears to only affect modules rather than core QEMU options. [1]: https://bugs.launchpad.net/qemu/+bug/1910696 [2]: https://lists.gnu.org/archive/html/qemu-devel/2020-11/msg02934.html [3]: https://bugzilla.suse.com/show_bug.cgi?id=1181549#c11 SUSE-Bugs: bsc#1181549 Signed-off-by: Aleksa Sarai <cyp...@cyphar.com> --- lxd/instance/drivers/driver_qemu.go | 6 +++++- lxd/instance/drivers/driver_qemu_templates.go | 6 ------ 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/lxd/instance/drivers/driver_qemu.go b/lxd/instance/drivers/driver_qemu.go index 13211f1c651f..d14267bdbb87 100644 --- a/lxd/instance/drivers/driver_qemu.go +++ b/lxd/instance/drivers/driver_qemu.go @@ -1043,6 +1043,7 @@ func (d *qemu) Start(stateful bool) error { "-no-user-config", "-sandbox", "on,obsolete=deny,elevateprivileges=allow,spawn=deny,resourcecontrol=deny", "-readconfig", confFile, + "-spice", d.spiceCmdlineConfig(), "-pidfile", d.pidFilePath(), "-D", d.LogFilePath(), } @@ -1572,6 +1573,10 @@ func (d *qemu) spicePath() string { return filepath.Join(d.LogPath(), "qemu.spice") } +func (d *qemu) spiceCmdlineConfig() string { + return fmt.Sprintf("unix=on,disable-ticketing=on,addr=%s", d.spicePath()) +} + // generateConfigShare generates the config share directory that will be exported to the VM via // a 9P share. Due to the unknown size of templates inside the images this directory is created // inside the VM's config volume so that it can be restricted by quota. @@ -2004,7 +2009,6 @@ func (d *qemu) generateQemuConfigFile(mountInfo *storagePools.MountInfo, busName err := qemuBase.Execute(sb, map[string]interface{}{ "architecture": d.architectureName, - "spicePath": d.spicePath(), }) if err != nil { return "", err diff --git a/lxd/instance/drivers/driver_qemu_templates.go b/lxd/instance/drivers/driver_qemu_templates.go index aa51f45c1426..3999c2bfbb9c 100644 --- a/lxd/instance/drivers/driver_qemu_templates.go +++ b/lxd/instance/drivers/driver_qemu_templates.go @@ -44,12 +44,6 @@ strict = "on" # Console [chardev "console"] backend = "pty" - -# Graphical console -[spice] -unix = "on" -addr = "{{.spicePath}}" -disable-ticketing = "on" `)) var qemuMemory = template.Must(template.New("qemuMemory").Parse(` -- 2.30.2
