Hello community,
here is the log from the commit of package libvirt for openSUSE:Factory checked
in at 2018-01-06 18:46:31
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libvirt (Old)
and /work/SRC/openSUSE:Factory/.libvirt.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libvirt"
Sat Jan 6 18:46:31 2018 rev:246 rq:561423 version:3.10.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/libvirt/libvirt.changes 2017-12-29
18:47:27.916249769 +0100
+++ /work/SRC/openSUSE:Factory/.libvirt.new/libvirt.changes 2018-01-06
18:46:35.094533013 +0100
@@ -1,0 +2,14 @@
+Wed Jan 3 10:46:26 UTC 2018 - cbosdon...@suse.com
+
+- Fix apparmor rules for virt-aa-helper (bsc#1074265)
+ fix-virt-aa-helper-profile.patch
+- Lift VirtualBox dependency version to include 5.2.x
+- Update upstreamed patches
+ Removed patches:
+ * daemon-close-crasher.patch
+ * lxc-hostname.patch
+ Added patches:
+ * 2089ab21-netserver-close-clients-before-stopping-all-drivers.patch
+ * b475a91b-add-virStringFilterChars-string-utility.patch
+ * faec1958-lxc-set-hostname-based-on-container-name.patch
+-------------------------------------------------------------------
Old:
----
daemon-close-crasher.patch
lxc-hostname.patch
New:
----
2089ab21-netserver-close-clients-before-stopping-all-drivers.patch
b475a91b-add-virStringFilterChars-string-utility.patch
faec1958-lxc-set-hostname-based-on-container-name.patch
fix-virt-aa-helper-profile.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libvirt.spec ++++++
--- /var/tmp/diff_new_pack.33fvV5/_old 2018-01-06 18:46:37.406424988 +0100
+++ /var/tmp/diff_new_pack.33fvV5/_new 2018-01-06 18:46:37.414424614 +0100
@@ -1,7 +1,7 @@
#
# spec file for package libvirt
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -312,9 +312,13 @@
Patch1: 69ed99c7-dom0-persistent.patch
Patch2: 8599aedd-libvirt-guests-dom0-filter.patch
Patch3: 0f33025a-virt-aa-helper-handle-more-disk-images.patch
+Patch4: b475a91b-add-virStringFilterChars-string-utility.patch
+Patch5: faec1958-lxc-set-hostname-based-on-container-name.patch
+Patch6:
2089ab21-netserver-close-clients-before-stopping-all-drivers.patch
# Patches pending upstream review
Patch100: libxl-dom-reset.patch
Patch101: network-don-t-use-dhcp-authoritative-on-static-netwo.patch
+Patch102: fix-virt-aa-helper-profile.patch
# Need to go upstream
Patch150: xen-pv-cdrom.patch
Patch151: blockcopy-check-dst-identical-device.patch
@@ -322,8 +326,6 @@
Patch153: ppc64le-canonical-name.patch
Patch154: libxl-set-migration-constraints.patch
Patch155: libxl-set-cach-mode.patch
-Patch156: lxc-hostname.patch
-Patch157: daemon-close-crasher.patch
# Our patches
Patch200: suse-libvirtd-disable-tls.patch
Patch201: suse-libvirtd-sysconfig-settings.patch
@@ -796,7 +798,7 @@
Requires: %{name}-daemon-driver-vbox = %{version}-%{release}
# Specify supported virtualbox API explicitly. See ./src/vbox
# Reference bsc#1017189
-Requires: virtualbox < 5.2
+Requires: virtualbox < 5.3
%description daemon-vbox
Server side daemon and driver required to manage the virtualization
@@ -893,16 +895,18 @@
%patch1 -p1
%patch2 -p1
%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
%patch100 -p1
%patch101 -p1
+%patch102 -p1
%patch150 -p1
%patch151 -p1
%patch152 -p1
%patch153 -p1
%patch154 -p1
%patch155 -p1
-%patch156 -p1
-%patch157 -p1
%patch200 -p1
%patch201 -p1
%patch202 -p1
++++++ 2089ab21-netserver-close-clients-before-stopping-all-drivers.patch ++++++
>From 2089ab2112e763d6de5888e498afc4fbdc3376db Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <cbosdon...@suse.com>
Date: Wed, 20 Dec 2017 17:36:10 +0100
Subject: [PATCH] netserver: close clients before stopping all drivers
So far clients were closed when disposing the daemon, after the state
driver cleanup. This was leading to libvirtd crashing at shutdown due
to missing driver.
Moving the client close in virNetServerClose() fixes the problem.
Reviewed-by: Erik Skultety <eskul...@redhat.com>
---
src/rpc/virnetserver.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/rpc/virnetserver.c b/src/rpc/virnetserver.c
index 2b76daab5..43f889e2a 100644
--- a/src/rpc/virnetserver.c
+++ b/src/rpc/virnetserver.c
@@ -774,10 +774,8 @@ void virNetServerDispose(void *obj)
virObjectUnref(srv->programs[i]);
VIR_FREE(srv->programs);
- for (i = 0; i < srv->nclients; i++) {
- virNetServerClientClose(srv->clients[i]);
+ for (i = 0; i < srv->nclients; i++)
virObjectUnref(srv->clients[i]);
- }
VIR_FREE(srv->clients);
VIR_FREE(srv->mdnsGroupName);
@@ -796,6 +794,9 @@ void virNetServerClose(virNetServerPtr srv)
for (i = 0; i < srv->nservices; i++)
virNetServerServiceClose(srv->services[i]);
+ for (i = 0; i < srv->nclients; i++)
+ virNetServerClientClose(srv->clients[i]);
+
virObjectUnlock(srv);
}
--
2.15.1
++++++ b475a91b-add-virStringFilterChars-string-utility.patch ++++++
>From b475a91b7753281eb60b87f75b0055fe3c139276 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <cbosdon...@suse.com>
Date: Mon, 18 Dec 2017 15:46:53 +0100
Subject: [PATCH 1/2] Add virStringFilterChars() string utility
Add a function to filter a string based on a list of valid characters.
---
src/libvirt_private.syms | 1 +
src/util/virstring.c | 24 ++++++++++++++++++++++++
src/util/virstring.h | 1 +
tests/virstringtest.c | 46 ++++++++++++++++++++++++++++++++++++++++++++++
4 files changed, 72 insertions(+)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 18d0f2adf..6662c8dac 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -2755,6 +2755,7 @@ virStrcpy;
virStrdup;
virStringBufferIsPrintable;
virStringEncodeBase64;
+virStringFilterChars;
virStringHasChars;
virStringHasControlChars;
virStringIsEmpty;
diff --git a/src/util/virstring.c b/src/util/virstring.c
index 0cb06bdc9..1c58df915 100644
--- a/src/util/virstring.c
+++ b/src/util/virstring.c
@@ -1293,6 +1293,30 @@ virStringStripControlChars(char *str)
str[j] = '\0';
}
+/**
+ * virStringFilterChars:
+ * @str: the string to strip
+ * @valid: the valid characters for the string
+ *
+ * Modify the string in-place to remove the characters that aren't
+ * in the list of valid ones.
+ */
+void
+virStringFilterChars(char *str, const char *valid)
+{
+ size_t len, i, j;
+
+ if (!str)
+ return;
+
+ len = strlen(str);
+ for (i = 0, j = 0; i < len; i++) {
+ if (strchr(valid, str[i]))
+ str[j++] = str[i];
+ }
+ str[j] = '\0';
+}
+
/**
* virStringToUpper:
* @str: string to capitalize
diff --git a/src/util/virstring.h b/src/util/virstring.h
index b19abaf9f..8af054bce 100644
--- a/src/util/virstring.h
+++ b/src/util/virstring.h
@@ -293,6 +293,7 @@ bool virStringHasChars(const char *str,
const char *chars);
bool virStringHasControlChars(const char *str);
void virStringStripControlChars(char *str);
+void virStringFilterChars(char *str, const char *valid);
bool virStringIsPrintable(const char *str);
bool virStringBufferIsPrintable(const uint8_t *buf, size_t buflen);
diff --git a/tests/virstringtest.c b/tests/virstringtest.c
index 320f7a398..e8518ede1 100644
--- a/tests/virstringtest.c
+++ b/tests/virstringtest.c
@@ -767,6 +767,36 @@ static int testStripControlChars(const void *args)
return ret;
}
+struct testFilterData {
+ const char *string;
+ const char *valid;
+ const char *result;
+};
+
+static int testFilterChars(const void *args)
+{
+ const struct testFilterData *data = args;
+ int ret = -1;
+ char *res = NULL;
+
+ if (VIR_STRDUP(res, data->string) < 0)
+ goto cleanup;
+
+ virStringFilterChars(res, data->valid);
+
+ if (STRNEQ_NULLABLE(res, data->result)) {
+ fprintf(stderr, "Returned '%s', expected '%s'\n",
+ NULLSTR(res), NULLSTR(data->result));
+ goto cleanup;
+ }
+
+ ret = 0;
+
+ cleanup:
+ VIR_FREE(res);
+ return ret;
+}
+
static int
mymain(void)
{
@@ -1085,6 +1115,22 @@ mymain(void)
TEST_STRIP_CONTROL_CHARS("\x01H\x02" "E\x03L\x04L\x05O", "HELLO");
TEST_STRIP_CONTROL_CHARS("\x01\x02\x03\x04HELL\x05O", "HELLO");
TEST_STRIP_CONTROL_CHARS("\nhello \x01\x07hello\t", "\nhello hello\t");
+
+#define TEST_FILTER_CHARS(str, filter, res) \
+ do { \
+ struct testFilterData filterData = { \
+ .string = str, \
+ .valid = filter, \
+ .result = res, \
+ }; \
+ if (virTestRun("Filter chars from " #str, \
+ testFilterChars, &filterData) < 0) \
+ ret = -1; \
+ } while (0)
+
+ TEST_FILTER_CHARS(NULL, NULL, NULL);
+ TEST_FILTER_CHARS("hello 123 hello", "helo", "hellohello");
+
return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE;
}
--
2.15.1
++++++ faec1958-lxc-set-hostname-based-on-container-name.patch ++++++
>From faec1958614bfcdb535b1bcc0ddac8cde4516e1a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <cbosdon...@suse.com>
Date: Mon, 18 Dec 2017 15:48:33 +0100
Subject: [PATCH 2/2] lxc: set a hostname based on the container name
Set a transient hostname on containers. The hostname is computed from
the container name, only keeping the valid characters [a-zA-Z0-9-] in it.
This filtering is based on RFC 1123 and allows a digit to start the
hostname.
---
src/lxc/lxc_container.c | 35 +++++++++++++++++++++++++++++++++++
1 file changed, 35 insertions(+)
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index b7216d6ee..96fceaf1b 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -2159,6 +2159,37 @@ static int lxcContainerSetUserGroup(virCommandPtr cmd,
return 0;
}
+static const char hostname_validchars[] =
+ "abcdefghijklmnopqrstuvwxyz"
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+ "0123456789-";
+
+static int lxcContainerSetHostname(virDomainDefPtr def)
+{
+ int ret = -1;
+ char *name = NULL;
+ char *hostname = NULL;
+
+ /* Filter the VM name to get a valid hostname */
+ if (VIR_STRDUP(name, def->name) < 0)
+ goto cleanup;
+
+ /* RFC 1123 allows 0-9 digits as a first character in hostname */
+ virStringFilterChars(name, hostname_validchars);
+ hostname = name;
+ if (strlen(name) > 0 && name[0] == '-')
+ hostname = name + 1;
+
+ if (sethostname(hostname, strlen(hostname)) < 0) {
+ virReportSystemError(errno, "%s", _("Failed to set hostname"));
+ goto cleanup;
+ }
+ ret = 0;
+
+ cleanup:
+ VIR_FREE(name);
+ return ret;
+}
/**
* lxcContainerChild:
@@ -2269,6 +2300,10 @@ static int lxcContainerChild(void *data)
goto cleanup;
}
+ if (lxcContainerSetHostname(vmDef) < 0)
+ goto cleanup;
+
+
/* drop a set of root capabilities */
if (lxcContainerDropCapabilities(vmDef, !!hasReboot) < 0)
goto cleanup;
--
2.15.1
++++++ fix-virt-aa-helper-profile.patch ++++++
>From 29eed5ffb8776f4e4ecf6dc6b3ee7f320f679e7e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <cbosdon...@suse.com>
Date: Tue, 2 Jan 2018 09:54:46 +0100
Subject: [PATCH] apparmor: fix virt-aa-helper profile
Fix rule introduced by commit 0f33025a:
* to handle /var/run not being a symlink to /run
* to be properly parsed: missing comma at the end.
---
examples/apparmor/usr.lib.libvirt.virt-aa-helper | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/examples/apparmor/usr.lib.libvirt.virt-aa-helper
b/examples/apparmor/usr.lib.libvirt.virt-aa-helper
index 9c822b644..105f09e43 100644
--- a/examples/apparmor/usr.lib.libvirt.virt-aa-helper
+++ b/examples/apparmor/usr.lib.libvirt.virt-aa-helper
@@ -51,7 +51,7 @@ profile virt-aa-helper
/usr/{lib,lib64}/libvirt/virt-aa-helper {
/var/lib/libvirt/images/** r,
/{media,mnt,opt,srv}/** r,
# For virt-sandbox
- /run/libvirt/**/[sv]d[a-z] r
+ /{,var/}run/libvirt/**/[sv]d[a-z] r,
/**.img r,
/**.raw r,
--
2.15.1
