Hello community,
here is the log from the commit of package libvirt for openSUSE:13.1 checked in
at 2013-10-29 09:26:42
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:13.1/libvirt (Old)
and /work/SRC/openSUSE:13.1/.libvirt.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libvirt"
Changes:
--------
--- /work/SRC/openSUSE:13.1/libvirt/libvirt.changes 2013-10-15
10:42:33.000000000 +0200
+++ /work/SRC/openSUSE:13.1/.libvirt.new/libvirt.changes 2013-10-29
09:26:44.000000000 +0100
@@ -1,0 +2,58 @@
+Fri Oct 25 13:10:27 MDT 2013 - jfeh...@suse.com
+
+- libxl driver: fix initialization of VNC and SDL info for
+ HVM domains
+ libxl-hvm-vnc.patch
+ bnc#847566
+- Allow libvirtd apparmor profile to access /etc/xen/scripts/*
+
+-------------------------------------------------------------------
+Tue Oct 22 21:37:08 MDT 2013 - jfeh...@suse.com
+
+- Fix file descriptor passing in python bindings
+ e350826c-python-fix-fd-passing.patch
+ rhb#1021434
+
+-------------------------------------------------------------------
+Tue Oct 22 14:37:08 MDT 2013 - cbosdon...@suse.com
+
+- Have systemd terminate the machine as a workaround of fdo#68370
+ bd773e74-lxc-terminate-machine.patch
+ bnc#842834
+
+-------------------------------------------------------------------
+Tue Oct 22 12:28:03 MDT 2013 - jfeh...@suse.com
+
+- Spec file fixes to only package libvirt-login-shell when
+ building the LXC driver
+
+-------------------------------------------------------------------
+Mon Oct 21 11:33:03 MDT 2013 - jfeh...@suse.com
+
+- CVE-2013-4400: Unsantized use of env variables allows privilege
+ escalation via virt-login-shell
+ ae53e5d1-CVE-2013-4400.patch, 8c3586ea-CVE-2013-4400.patch,
+ b7fcc799a-CVE-2013-4400.patch, 3e2f27e1-CVE-2013-4400.patch,
+ 5a0ea4b7-CVE-2013-4400.patch, 843bdb2f-CVE-2013-4400.patch
+ bnc#837609
+- CVE-2013-4401: Fix perms for virConnectDomainXML{To,From}Native
+ 57687fd6-CVE-2013-4401.patch
+ bnc#845704
+
+-------------------------------------------------------------------
+Fri Oct 18 14:42:39 MDT 2013 - jfeh...@suse.com
+
+- Move hypervisor-specific files out of libvirt-daemon package
+ and into libvirt-daemon-<hypervisor> subpackage
+ bnc#845851
+- conf: Don't crash on invalid chardev source definition
+ 79552754-libvirtd-chardev-crash.patch
+ bnc#845704, rhb#1012196
+
+-------------------------------------------------------------------
+Thu Oct 17 14:14:46 MDT 2013 - jfeh...@suse.com
+
+- Use newer libnl3 instead of libnl-1_1
+ bnc#845540
+
+-------------------------------------------------------------------
New:
----
3e2f27e1-CVE-2013-4400.patch
57687fd6-CVE-2013-4401.patch
5a0ea4b7-CVE-2013-4400.patch
79552754-libvirtd-chardev-crash.patch
843bdb2f-CVE-2013-4400.patch
8c3586ea-CVE-2013-4400.patch
ae53e5d1-CVE-2013-4400.patch
b7fcc799a-CVE-2013-4400.patch
bd773e74-lxc-terminate-machine.patch
e350826c-python-fix-fd-passing.patch
libxl-hvm-vnc.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libvirt.spec ++++++
--- /var/tmp/diff_new_pack.YlQxdQ/_old 2013-10-29 09:26:44.000000000 +0100
+++ /var/tmp/diff_new_pack.YlQxdQ/_new 2013-10-29 09:26:44.000000000 +0100
@@ -314,7 +314,7 @@
%if 0%{?suse_version} < 1210
BuildRequires: libnl-devel
%else
-BuildRequires: libnl-1_1-devel
+BuildRequires: libnl3-devel
%endif
%endif
%if %{with_avahi}
@@ -411,10 +411,21 @@
Patch5: e4697b92-CVE-2013-4311.patch
Patch6: 8294aa0c-CVE-2013-4399.patch
Patch7: 484cc321-fix-spice-migration.patch
+Patch8: 79552754-libvirtd-chardev-crash.patch
+Patch9: 57687fd6-CVE-2013-4401.patch
+Patch10: ae53e5d1-CVE-2013-4400.patch
+Patch11: 8c3586ea-CVE-2013-4400.patch
+Patch12: b7fcc799a-CVE-2013-4400.patch
+Patch13: 3e2f27e1-CVE-2013-4400.patch
+Patch14: 5a0ea4b7-CVE-2013-4400.patch
+Patch15: 843bdb2f-CVE-2013-4400.patch
+Patch16: bd773e74-lxc-terminate-machine.patch
+Patch17: e350826c-python-fix-fd-passing.patch
# Need to go upstream
Patch100: xen-name-for-devid.patch
Patch101: clone.patch
Patch102: xen-pv-cdrom.patch
+Patch103: libxl-hvm-vnc.patch
# Our patches
Patch200: libvirtd-defaults.patch
Patch201: libvirtd-init-script.patch
@@ -892,14 +903,18 @@
Includes the Sanlock lock manager plugin for the QEMU driver
%endif
+%if %{with_lxc}
+
%package login-shell
-Summary: Login shell for containers
+Summary: Login shell for connecting users to an LXC container
Group: Development/Libraries/C and C++
Requires: %{name}-client = %{version}-%{release}
%description login-shell
-Povides virt-login-shell, a tool to execute a shell within a container
-matching the users name
+Provides the set-uid virt-login-shell binary that is used to
+connect a user to an LXC container when they login, by switching
+namespaces.
+%endif
%if %{with_python}
@@ -926,9 +941,20 @@
%patch5 -p1
%patch6 -p1
%patch7 -p1
+%patch8 -p1
+%patch9 -p1
+%patch10 -p1
+%patch11 -p1
+%patch12 -p1
+%patch13 -p1
+%patch14 -p1
+%patch15 -p1
+%patch16 -p1
+%patch17 -p1
%patch100 -p1
%patch101
%patch102 -p1
+%patch103 -p1
%patch200 -p1
%patch201 -p1
%patch202 -p1
@@ -1193,34 +1219,19 @@
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/nwfilter
rm -rf
$RPM_BUILD_ROOT%{_libdir}/%{name}/connection-driver/libvirt_driver_nwfilter.so
%endif
-%if %{with_lxc}
-cat > $RPM_BUILD_ROOT%{_docdir}/libvirt/libvirt-daemon-lxc.README << 'EOF'
-Any empty package encapsulating requirements for a libvirtd capable
-of managing LXC.
-EOF
-%else
+%if ! %{with_lxc}
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/lxc.conf
rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/libvirtd_lxc.aug
rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/tests/test_libvirtd_lxc.aug
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/libvirtd.lxc
%endif
-%if %{with_qemu}
-cat > $RPM_BUILD_ROOT%{_docdir}/libvirt/libvirt-daemon-qemu.README << 'EOF'
-Any empty package encapsulating requirements for a libvirtd capable
-of managing QEMU/KVM.
-EOF
-%else
+%if ! %{with_qemu}
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/qemu.conf
rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/libvirtd_qemu.aug
rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/tests/test_libvirtd_qemu.aug
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/libvirtd.qemu
%endif
-%if %{with_uml}
-cat > $RPM_BUILD_ROOT%{_docdir}/libvirt/libvirt-daemon-uml.README << 'EOF'
-Any empty package encapsulating requirements for a libvirtd capable
-of managing UML.
-EOF
-%else
+%if ! %{with_uml}
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/libvirtd.uml
%endif
%if %{with_vbox}
@@ -1414,36 +1425,6 @@
%{_datadir}/PolicyKit/policy/org.libvirt.unix.policy
%endif
%endif
-%if %{with_qemu}
-%config(noreplace) %{_sysconfdir}/libvirt/qemu.conf
-%config(noreplace) %{_sysconfdir}/libvirt/qemu-lockd.conf
-%config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd.qemu
-%dir %attr(0750, %{qemu_user}, %{qemu_group})
%{_localstatedir}/lib/libvirt/qemu/
-%dir %attr(0750, %{qemu_user}, %{qemu_group})
%{_localstatedir}/cache/libvirt/qemu/
-%dir %attr(0750, %{qemu_user}, %{qemu_group})
%{_localstatedir}/lib/libvirt/qemu/channel/
-%dir %attr(0750, %{qemu_user}, %{qemu_group})
%{_localstatedir}/lib/libvirt/qemu/channel/target/
-%dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/qemu/
-%{_datadir}/augeas/lenses/libvirtd_qemu.aug
-%{_datadir}/augeas/lenses/tests/test_libvirtd_qemu.aug
-%endif
-%if %{with_lxc}
-%config(noreplace) %{_sysconfdir}/libvirt/lxc.conf
-%config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd.lxc
-%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/lxc/
-%dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/lxc/
-%attr(0755, root, root) %{_libdir}/%{name}/libvirt_lxc
-%{_datadir}/augeas/lenses/libvirtd_lxc.aug
-%{_datadir}/augeas/lenses/tests/test_libvirtd_lxc.aug
-%endif
-%if %{with_uml}
-%config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd.uml
-%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/uml/
-%dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/uml/
-%endif
-%if %{with_libxl}
-%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/libxl/
-%dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/libxl/
-%endif
%if %{with_storage_disk}
%attr(0755, root, root) %{_libdir}/%{name}/libvirt_parthelper
%endif
@@ -1553,6 +1534,8 @@
%defattr(-, root, root)
%dir %{_libdir}/%{name}/connection-driver
%{_libdir}/%{name}/connection-driver/libvirt_driver_libxl.so
+%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/libxl/
+%dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/libxl/
%endif
%if %{with_vbox}
@@ -1567,21 +1550,38 @@
%files daemon-qemu
%defattr(-, root, root)
-%doc %{_docdir}/%{name}/libvirt-daemon-qemu.README
+%config(noreplace) %{_sysconfdir}/libvirt/qemu.conf
+%config(noreplace) %{_sysconfdir}/libvirt/qemu-lockd.conf
+%config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd.qemu
+%dir %attr(0750, %{qemu_user}, %{qemu_group})
%{_localstatedir}/lib/libvirt/qemu/
+%dir %attr(0750, %{qemu_user}, %{qemu_group})
%{_localstatedir}/cache/libvirt/qemu/
+%dir %attr(0750, %{qemu_user}, %{qemu_group})
%{_localstatedir}/lib/libvirt/qemu/channel/
+%dir %attr(0750, %{qemu_user}, %{qemu_group})
%{_localstatedir}/lib/libvirt/qemu/channel/target/
+%dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/qemu/
+%{_datadir}/augeas/lenses/libvirtd_qemu.aug
+%{_datadir}/augeas/lenses/tests/test_libvirtd_qemu.aug
%endif
%if %{with_lxc}
%files daemon-lxc
%defattr(-, root, root)
-%doc %{_docdir}/%{name}/libvirt-daemon-lxc.README
+%config(noreplace) %{_sysconfdir}/libvirt/lxc.conf
+%config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd.lxc
+%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/lxc/
+%dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/lxc/
+%attr(0755, root, root) %{_libdir}/%{name}/libvirt_lxc
+%{_datadir}/augeas/lenses/libvirtd_lxc.aug
+%{_datadir}/augeas/lenses/tests/test_libvirtd_lxc.aug
%endif
%if %{with_uml}
%files daemon-uml
%defattr(-, root, root)
-%doc %{_docdir}/%{name}/libvirt-daemon-uml.README
+%config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd.uml
+%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/uml/
+%dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/uml/
%endif
%if %{with_xen} || %{with_libxl}
@@ -1690,6 +1690,8 @@
%attr(0755, root, root) %{_libdir}/%{name}/libvirt_sanlock_helper
%endif
+%if %{with_lxc}
+
%files login-shell
%defattr(-, root, root)
%config(noreplace) %{_sysconfdir}/libvirt/virt-login-shell.conf
@@ -1698,6 +1700,7 @@
# In the meantime, don't install setuid
#%attr(4755, root, root) %{_bindir}/virt-login-shell
%{_bindir}/virt-login-shell
+%endif
%if %{with_python}
++++++ 3e2f27e1-CVE-2013-4400.patch ++++++
commit 3e2f27e13b94f7302ad948bcacb5e02c859a25fc
Author: Daniel P. Berrange <berra...@redhat.com>
Date: Thu Oct 10 13:09:08 2013 +0100
Don't link virt-login-shell against libvirt.so (CVE-2013-4400)
The libvirt.so library has far too many library deps to allow
linking against it from setuid programs. Those libraries can
do stuff in __attribute__((constructor) functions which is
not setuid safe.
The virt-login-shell needs to link directly against individual
files that it uses, with all library deps turned off except
for libxml2 and libselinux.
Create a libvirt-setuid-rpc-client.la library which is linked
to by virt-login-shell. A config-post.h file allows this library
to disable all external deps except libselinux and libxml2.
Signed-off-by: Daniel P. Berrange <berra...@redhat.com>
Index: libvirt-1.1.2/Makefile.am
===================================================================
--- libvirt-1.1.2.orig/Makefile.am
+++ libvirt-1.1.2/Makefile.am
@@ -31,6 +31,7 @@ XML_EXAMPLES = \
test/*.xml storage/*.xml)))
EXTRA_DIST = \
+ config-post.h \
ChangeLog-old \
libvirt.spec libvirt.spec.in \
mingw-libvirt.spec.in \
Index: libvirt-1.1.2/config-post.h
===================================================================
--- /dev/null
+++ libvirt-1.1.2/config-post.h
@@ -0,0 +1,44 @@
+/*
+ * Copyright (C) 2013 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library. If not, see
+ * <http://www.gnu.org/licenses/>.
+ */
+
+/*
+ * Since virt-login-shell will be setuid, we must do everything
+ * we can to avoid linking to other libraries. Many of them do
+ * unsafe things in functions marked __atttribute__((constructor)).
+ * The only way avoid to avoid such deps is to re-compile the
+ * functions with the code in question disabled, and for that we
+ * must override the main config.h rules. Hence this file :-(
+ */
+
+#ifdef LIBVIRT_SETUID_RPC_CLIENT
+# undef HAVE_LIBDEVMAPPER_H
+# undef HAVE_LIBNL
+# undef HAVE_LIBNL3
+# undef HAVE_LIBSASL2
+# undef WITH_CAPNG
+# undef WITH_CURL
+# undef WITH_DTRACE_PROBES
+# undef WITH_GNUTLS
+# undef WITH_MACVTAP
+# undef WITH_NUMACTL
+# undef WITH_SASL
+# undef WITH_SSH2
+# undef WITH_VIRTUALPORT
+# undef WITH_YAJL
+# undef WITH_YAJL2
+#endif
Index: libvirt-1.1.2/configure.ac
===================================================================
--- libvirt-1.1.2.orig/configure.ac
+++ libvirt-1.1.2/configure.ac
@@ -20,6 +20,7 @@ AC_INIT([libvirt], [1.1.2], [libvir-list
AC_CONFIG_SRCDIR([src/libvirt.c])
AC_CONFIG_AUX_DIR([build-aux])
AC_CONFIG_HEADERS([config.h])
+AH_BOTTOM([#include <config-post.h>])
AC_CONFIG_MACRO_DIR([m4])
dnl Make automake keep quiet about wildcards & other GNUmake-isms
AM_INIT_AUTOMAKE([-Wno-portability tar-ustar])
Index: libvirt-1.1.2/daemon/Makefile.am
===================================================================
--- libvirt-1.1.2.orig/daemon/Makefile.am
+++ libvirt-1.1.2/daemon/Makefile.am
@@ -18,6 +18,7 @@
INCLUDES = \
-I$(top_builddir)/gnulib/lib -I$(top_srcdir)/gnulib/lib \
+ -I$(top_srcdir) \
-I$(top_builddir)/include -I$(top_srcdir)/include \
-I$(top_builddir)/src -I$(top_srcdir)/src \
-I$(top_srcdir)/src/util \
Index: libvirt-1.1.2/examples/domain-events/events-c/Makefile.am
===================================================================
--- libvirt-1.1.2.orig/examples/domain-events/events-c/Makefile.am
+++ libvirt-1.1.2/examples/domain-events/events-c/Makefile.am
@@ -15,7 +15,8 @@
## <http://www.gnu.org/licenses/>.
INCLUDES = -I$(top_builddir)/include -I$(top_srcdir)/include \
- -I$(top_builddir)/gnulib/lib -I$(top_srcdir)/gnulib/lib
+ -I$(top_builddir)/gnulib/lib -I$(top_srcdir)/gnulib/lib \
+ -I$(top_srcdir)
noinst_PROGRAMS = event-test
event_test_CFLAGS = $(WARN_CFLAGS)
event_test_SOURCES = event-test.c
Index: libvirt-1.1.2/examples/hellolibvirt/Makefile.am
===================================================================
--- libvirt-1.1.2.orig/examples/hellolibvirt/Makefile.am
+++ libvirt-1.1.2/examples/hellolibvirt/Makefile.am
@@ -14,7 +14,7 @@
## License along with this library. If not, see
## <http://www.gnu.org/licenses/>.
-INCLUDES = -I$(top_builddir)/include -I$(top_srcdir)/include
+INCLUDES = -I$(top_builddir)/include -I$(top_srcdir)/include -I$(top_srcdir)
noinst_PROGRAMS = hellolibvirt
hellolibvirt_CFLAGS = $(WARN_CFLAGS)
hellolibvirt_SOURCES = hellolibvirt.c
Index: libvirt-1.1.2/examples/openauth/Makefile.am
===================================================================
--- libvirt-1.1.2.orig/examples/openauth/Makefile.am
+++ libvirt-1.1.2/examples/openauth/Makefile.am
@@ -14,7 +14,7 @@
## License along with this library. If not, see
## <http://www.gnu.org/licenses/>.
-INCLUDES = -I$(top_builddir)/include -I$(top_srcdir)/include
+INCLUDES = -I$(top_builddir)/include -I$(top_srcdir)/include -I$(top_srcdir)
noinst_PROGRAMS = openauth
openauth_CFLAGS = $(WARN_CFLAGS)
openauth_SOURCES = openauth.c
Index: libvirt-1.1.2/gnulib/lib/Makefile.am
===================================================================
--- libvirt-1.1.2.orig/gnulib/lib/Makefile.am
+++ libvirt-1.1.2/gnulib/lib/Makefile.am
@@ -27,4 +27,4 @@ noinst_LTLIBRARIES =
include gnulib.mk
-INCLUDES = $(GETTEXT_CPPFLAGS)
+INCLUDES = -I$(top_srcdir) $(GETTEXT_CPPFLAGS)
Index: libvirt-1.1.2/python/Makefile.am
===================================================================
--- libvirt-1.1.2.orig/python/Makefile.am
+++ libvirt-1.1.2/python/Makefile.am
@@ -20,6 +20,7 @@ INCLUDES = \
$(PYTHON_INCLUDES) \
-I$(top_builddir)/gnulib/lib \
-I$(top_srcdir)/gnulib/lib \
+ -I$(top_srcdir) \
-I$(top_builddir)/src \
-I$(top_srcdir)/src \
-I$(top_srcdir)/src/util \
Index: libvirt-1.1.2/src/Makefile.am
===================================================================
--- libvirt-1.1.2.orig/src/Makefile.am
+++ libvirt-1.1.2/src/Makefile.am
@@ -21,6 +21,7 @@
# that actually use them. Also keep GETTEXT_CPPFLAGS at the end.
INCLUDES = -I../gnulib/lib \
-I$(top_srcdir)/gnulib/lib \
+ -I$(top_srcdir) \
-I../include \
-I$(top_srcdir)/include \
-I$(top_srcdir)/src/util \
@@ -1917,6 +1918,77 @@ libvirt_lxc_la_LDFLAGS = \
libvirt_lxc_la_CFLAGS = $(AM_CFLAGS)
libvirt_lxc_la_LIBADD = libvirt.la $(CYGWIN_EXTRA_LIBADD)
+# Since virt-login-shell will be setuid, we must do everything
+# we can to avoid linking to other libraries. Many of them do
+# unsafe things in functions marked __atttribute__((constructor)).
+# This library is built to include the bare minimum required to
+# have a RPC client for local UNIX socket access only. We use
+# the ../config-post.h header to disable all external deps that
+# we don't want
+if WITH_LXC
+noinst_LTLIBRARIES += libvirt-setuid-rpc-client.la
+
+libvirt_setuid_rpc_client_la_SOURCES = \
+ util/viralloc.c \
+ util/virbitmap.c \
+ util/virbuffer.c \
+ util/vircommand.c \
+ util/virconf.c \
+ util/virerror.c \
+ util/virevent.c \
+ util/vireventpoll.c \
+ util/virfile.c \
+ util/virhash.c \
+ util/virhashcode.c \
+ util/virjson.c \
+ util/virlog.c \
+ util/virobject.c \
+ util/virpidfile.c \
+ util/virprocess.c \
+ util/virrandom.c \
+ util/virsocketaddr.c \
+ util/virstoragefile.c \
+ util/virstring.c \
+ util/virtime.c \
+ util/virthread.c \
+ util/virtypedparam.c \
+ util/viruri.c \
+ util/virutil.c \
+ util/viruuid.c \
+ conf/domain_event.c \
+ rpc/virnetsocket.c \
+ rpc/virnetsocket.h \
+ rpc/virnetmessage.h \
+ rpc/virnetmessage.c \
+ rpc/virkeepalive.c \
+ rpc/virkeepalive.h \
+ rpc/virnetclient.c \
+ rpc/virnetclientprogram.c \
+ rpc/virnetclientstream.c \
+ rpc/virnetprotocol.c \
+ remote/remote_driver.c \
+ remote/remote_protocol.c \
+ remote/qemu_protocol.c \
+ remote/lxc_protocol.c \
+ datatypes.c \
+ libvirt.c \
+ libvirt-lxc.c \
+ $(NULL)
+
+libvirt_setuid_rpc_client_la_LDFLAGS = \
+ $(AM_LDFLAGS) \
+ $(LIBXML_LIBS) \
+ $(SELINUX_LIBS) \
+ $(NULL)
+libvirt_setuid_rpc_client_la_CFLAGS = \
+ -DLIBVIRT_SETUID_RPC_CLIENT \
+ -I$(top_srcdir)/src/conf \
+ -I$(top_srcdir)/src/rpc \
+ $(AM_CFLAGS) \
+ $(SELINUX_CFLAGS) \
+ $(NULL)
+endif WITH_LXC
+
lockdriverdir = $(libdir)/libvirt/lock-driver
lockdriver_LTLIBRARIES =
Index: libvirt-1.1.2/src/libvirt.c
===================================================================
--- libvirt-1.1.2.orig/src/libvirt.c
+++ libvirt-1.1.2/src/libvirt.c
@@ -446,40 +446,46 @@ virGlobalInit(void)
goto error;
/*
+ * Note we must avoid everything except 'remote' driver
+ * for virt-login-shell usage
+ */
+#ifndef LIBVIRT_SETUID_RPC_CLIENT
+ /*
* Note that the order is important: the first ones have a higher
* priority when calling virConnectOpen.
*/
-#ifdef WITH_TEST
+# ifdef WITH_TEST
if (testRegister() == -1)
goto error;
-#endif
-#ifdef WITH_OPENVZ
+# endif
+# ifdef WITH_OPENVZ
if (openvzRegister() == -1)
goto error;
-#endif
-#ifdef WITH_VMWARE
+# endif
+# ifdef WITH_VMWARE
if (vmwareRegister() == -1)
goto error;
-#endif
-#ifdef WITH_PHYP
+# endif
+# ifdef WITH_PHYP
if (phypRegister() == -1)
goto error;
-#endif
-#ifdef WITH_ESX
+# endif
+# ifdef WITH_ESX
if (esxRegister() == -1)
goto error;
-#endif
-#ifdef WITH_HYPERV
+# endif
+# ifdef WITH_HYPERV
if (hypervRegister() == -1)
goto error;
-#endif
-#ifdef WITH_XENAPI
+# endif
+# ifdef WITH_XENAPI
if (xenapiRegister() == -1)
goto error;
-#endif
-#ifdef WITH_PARALLELS
+# endif
+# ifdef WITH_PARALLELS
if (parallelsRegister() == -1)
goto error;
+# endif
#endif
#ifdef WITH_REMOTE
if (remoteRegister() == -1)
Index: libvirt-1.1.2/tools/Makefile.am
===================================================================
--- libvirt-1.1.2.orig/tools/Makefile.am
+++ libvirt-1.1.2/tools/Makefile.am
@@ -149,6 +149,11 @@ virt_host_validate_CFLAGS = \
$(COVERAGE_CFLAGS) \
$(NULL)
+# Since virt-login-shell will be setuid, we must do everything
+# we can to avoid linking to other libraries. Many of them do
+# unsafe things in functions marked __atttribute__((constructor)).
+# This we statically link to a library containing only the minimal
+# libvirt client code, not libvirt.so itself.
virt_login_shell_SOURCES = \
virt-login-shell.c
@@ -159,11 +164,11 @@ virt_login_shell_LDFLAGS = \
virt_login_shell_LDADD = \
$(STATIC_BINARIES) \
$(PIE_LDFLAGS) \
- ../src/libvirt.la \
- ../src/libvirt-lxc.la \
+ ../src/libvirt-setuid-rpc-client.la \
../gnulib/lib/libgnu.la
virt_login_shell_CFLAGS = \
+ -DLIBVIRT_SETUID_RPC_CLIENT \
$(WARN_CFLAGS) \
$(PIE_CFLAGS) \
$(COVERAGE_CFLAGS)
++++++ 57687fd6-CVE-2013-4401.patch ++++++
commit 57687fd6bf7f6e1b3662c52f3f26c06ab19dc96c
Author: Daniel P. Berrange <berra...@redhat.com>
Date: Thu Oct 3 16:37:57 2013 +0100
Fix perms for virConnectDomainXML{To,From}Native (CVE-2013-4401)
The virConnectDomainXMLToNative API should require 'connect:write'
not 'connect:read', since it will trigger execution of the QEMU
binaries listed in the XML.
Also make virConnectDomainXMLFromNative API require a full
read-write connection and 'connect:write' permission. Although the
current impl doesn't trigger execution of QEMU, we should not
rely on that impl detail from an API permissioning POV.
Signed-off-by: Daniel P. Berrange <berra...@redhat.com>
Index: libvirt-1.1.2/src/libvirt.c
===================================================================
--- libvirt-1.1.2.orig/src/libvirt.c
+++ libvirt-1.1.2/src/libvirt.c
@@ -4606,6 +4606,10 @@ char *virConnectDomainXMLFromNative(virC
virDispatchError(NULL);
return NULL;
}
+ if (conn->flags & VIR_CONNECT_RO) {
+ virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+ goto error;
+ }
virCheckNonNullArgGoto(nativeFormat, error);
virCheckNonNullArgGoto(nativeConfig, error);
Index: libvirt-1.1.2/src/remote/remote_protocol.x
===================================================================
--- libvirt-1.1.2.orig/src/remote/remote_protocol.x
+++ libvirt-1.1.2/src/remote/remote_protocol.x
@@ -3812,13 +3812,13 @@ enum remote_procedure {
/**
* @generate: both
- * @acl: connect:read
+ * @acl: connect:write
*/
REMOTE_PROC_CONNECT_DOMAIN_XML_FROM_NATIVE = 135,
/**
* @generate: both
- * @acl: connect:read
+ * @acl: connect:write
*/
REMOTE_PROC_CONNECT_DOMAIN_XML_TO_NATIVE = 136,
++++++ 5a0ea4b7-CVE-2013-4400.patch ++++++
commit 5a0ea4b7b9af2231ed161b94f9af65375c6ee9c2
Author: Jim Fehlig <jfeh...@suse.com>
Date: Mon Oct 21 15:36:11 2013 -0600
build: fix linking virt-login-shell
After commit 3e2f27e1, I've noticed build failures of virt-login-shell
when libapparmor-devel is installed on the build host
CCLD virt-login-shell
../src/.libs/libvirt-setuid-rpc-client.a(libvirt_setuid_rpc_client_la-vircommand.o):
In function `virExec':
/home/jfehlig/virt/upstream/libvirt/src/util/vircommand.c:653: undefined
reference to `aa_change_profile'
collect2: error: ld returned 1 exit status
I was about to commit an easy fix under the build-breaker rule
(build-fix-1.patch), but thought to extend the notion of SECDRIVER_LIBS
to SECDRIVER_CFLAGS, and use both throughout src/Makefile.am where it
makes sense (build-fix-2.patch).
Should I just stick with the simple fix, or is something along the lines
of patch 2 preferred?
Regards,
Jim
>From a0f35945f3127ab70d051101037e821b1759b4bb Mon Sep 17 00:00:00 2001
From: Jim Fehlig <jfeh...@suse.com>
Date: Mon, 21 Oct 2013 15:30:02 -0600
Subject: [PATCH] build: fix virt-login-shell build with apparmor
With libapparmor-devel installed, virt-login-shell fails to link
CCLD virt-login-shell
../src/.libs/libvirt-setuid-rpc-client.a(libvirt_setuid_rpc_client_la-vircommand.o):
In function `virExec':
/home/jfehlig/virt/upstream/libvirt/src/util/vircommand.c:653: undefined
reference to `aa_change_profile'
collect2: error: ld returned 1 exit status
Fix by linking libvirt_setuid_rpc_client with previously determined
SECDRIVER_LIBS in src/Makefile.am. While at it, introduce SECDRIVER_CFLAGS
and use both throughout src/Makefile.am where it makes sense.
Signed-off-by: Jim Fehlig <jfeh...@suse.com>
Index: libvirt-1.1.2/src/Makefile.am
===================================================================
--- libvirt-1.1.2.orig/src/Makefile.am
+++ libvirt-1.1.2/src/Makefile.am
@@ -49,11 +49,14 @@ nodist_conf_DATA =
THREAD_LIBS = $(LIB_PTHREAD) $(LTLIBMULTITHREAD)
+SECDRIVER_CFLAGS =
SECDRIVER_LIBS =
if WITH_SECDRIVER_SELINUX
+SECDRIVER_CFLAGS += $(SELINUX_CFLAGS)
SECDRIVER_LIBS += $(SELINUX_LIBS)
endif
if WITH_SECDRIVER_APPARMOR
+SECDRIVER_CFLAGS += $(APPARMOR_CFLAGS)
SECDRIVER_LIBS += $(APPARMOR_LIBS)
endif
@@ -1978,14 +1981,14 @@ libvirt_setuid_rpc_client_la_SOURCES =
libvirt_setuid_rpc_client_la_LDFLAGS = \
$(AM_LDFLAGS) \
$(LIBXML_LIBS) \
- $(SELINUX_LIBS) \
+ $(SECDRIVER_LIBS) \
$(NULL)
libvirt_setuid_rpc_client_la_CFLAGS = \
-DLIBVIRT_SETUID_RPC_CLIENT \
-I$(top_srcdir)/src/conf \
-I$(top_srcdir)/src/rpc \
$(AM_CFLAGS) \
- $(SELINUX_CFLAGS) \
+ $(SECDRIVER_CFLAGS) \
$(NULL)
endif WITH_LXC
@@ -2268,6 +2271,7 @@ libvirt_net_rpc_la_LDFLAGS = \
$(GNUTLS_LIBS) \
$(SASL_LIBS) \
$(SSH2_LIBS)\
+ $(SECDRIVER_LIBS) \
$(AM_LDFLAGS) \
$(CYGWIN_EXTRA_LDFLAGS) \
$(MINGW_EXTRA_LDFLAGS)
@@ -2410,12 +2414,7 @@ if WITH_BLKID
libvirt_lxc_CFLAGS += $(BLKID_CFLAGS)
libvirt_lxc_LDADD += $(BLKID_LIBS)
endif
-if WITH_SECDRIVER_SELINUX
-libvirt_lxc_CFLAGS += $(SELINUX_CFLAGS)
-endif
-if WITH_SECDRIVER_APPARMOR
-libvirt_lxc_CFLAGS += $(APPARMOR_CFLAGS)
-endif
+libvirt_lxc_CFLAGS += $(SECDRIVER_CFLAGS)
endif
endif
EXTRA_DIST += $(LXC_CONTROLLER_SOURCES)
++++++ 79552754-libvirtd-chardev-crash.patch ++++++
commit 795527548fea79902ea4ce32747e069944cf3e61
Author: Peter Krempa <pkre...@redhat.com>
Date: Thu Sep 26 08:12:39 2013 +0200
conf: Don't crash on invalid chardev source definition of RNGs and other
Since commit 297c99a5 an invalid source definition XML of a character
device that is used as backend for RNG devices, smartcards and redirdevs
causes crash of the daemon when parsing such a definition.
The device types mentioned above are not a part of a regular character
device but are backends for other types. Thus when parsing such device
NULL is passed as the argument @chr_def. Later when checking the
validity of the definition @chr_def was dereferenced when parsing a UNIX
socket backend with missing path of the socket and crashed the daemon.
Sample offending configuration:
<devices>
...
<rng model='virtio'>
<backend model='egd' type='unix'>
<source mode='bind' service='1024'/>
</backend>
</rng>
</devices>
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1012196
Index: libvirt-1.1.2/src/conf/domain_conf.c
===================================================================
--- libvirt-1.1.2.orig/src/conf/domain_conf.c
+++ libvirt-1.1.2/src/conf/domain_conf.c
@@ -7026,7 +7026,8 @@ virDomainChrSourceDefParseXML(virDomainC
case VIR_DOMAIN_CHR_TYPE_UNIX:
/* path can be auto generated */
if (!path &&
- chr_def->targetType != VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_VIRTIO) {
+ (!chr_def ||
+ chr_def->targetType !=
VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_VIRTIO)) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("Missing source path attribute for char device"));
goto error;
Index:
libvirt-1.1.2/tests/qemuxml2argvdata/qemuxml2argv-virtio-rng-egd-crash.xml
===================================================================
--- /dev/null
+++ libvirt-1.1.2/tests/qemuxml2argvdata/qemuxml2argv-virtio-rng-egd-crash.xml
@@ -0,0 +1,27 @@
+<domain type='qemu'>
+ <name>QEMUGuest1</name>
+ <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+ <memory unit='KiB'>219100</memory>
+ <currentMemory unit='KiB'>219100</currentMemory>
+ <vcpu placement='static' cpuset='1-4,8-20,525'>1</vcpu>
+ <os>
+ <type arch='i686' machine='pc'>hvm</type>
+ <boot dev='hd'/>
+ </os>
+ <clock offset='utc'/>
+ <on_poweroff>destroy</on_poweroff>
+ <on_reboot>restart</on_reboot>
+ <on_crash>destroy</on_crash>
+ <devices>
+ <emulator>/usr/bin/qemu</emulator>
+ <controller type='usb' index='0'/>
+ <controller type='pci' index='0' model='pci-root'/>
+ <memballoon model='virtio'/>
+ <rng model='virtio'>
+ <backend model='egd' type='unix'>
+ <!-- https://bugzilla.redhat.com/show_bug.cgi?id=1012196 -->
+ <source mode='connect' host='1.2.3.4' service='1234'/>
+ </backend>
+ </rng>
+ </devices>
+</domain>
Index: libvirt-1.1.2/tests/qemuxml2argvtest.c
===================================================================
--- libvirt-1.1.2.orig/tests/qemuxml2argvtest.c
+++ libvirt-1.1.2/tests/qemuxml2argvtest.c
@@ -973,6 +973,8 @@ mymain(void)
QEMU_CAPS_OBJECT_RNG_RANDOM);
DO_TEST("virtio-rng-egd", QEMU_CAPS_DEVICE, QEMU_CAPS_DEVICE_VIRTIO_RNG,
QEMU_CAPS_OBJECT_RNG_EGD);
+ DO_TEST_PARSE_ERROR("virtio-rng-egd-crash", QEMU_CAPS_DEVICE,
+ QEMU_CAPS_DEVICE_VIRTIO_RNG, QEMU_CAPS_OBJECT_RNG_EGD);
DO_TEST("virtio-rng-ccw",
QEMU_CAPS_DEVICE, QEMU_CAPS_CHARDEV, QEMU_CAPS_NODEFCONFIG,
QEMU_CAPS_DRIVE, QEMU_CAPS_BOOTINDEX, QEMU_CAPS_VIRTIO_CCW,
++++++ 843bdb2f-CVE-2013-4400.patch ++++++
commit 843bdb2f8a3364637cda2911624149525188843f
Author: Jim Fehlig <jfeh...@suse.com>
Date: Mon Oct 21 23:12:22 2013 -0600
build: fix build of virt-login-shell on systems with older gnutls
On systems where gnutls uses libgcrypt, I'm seeing the following
build failure
libvirt.c:314: error: variable 'virTLSThreadImpl' has initializer but
incomplete type
libvirt.c:319: error: 'GCRY_THREAD_OPTION_PTHREAD' undeclared here (not in
a function)
...
Fix by undefining WITH_GNUTLS_GCRYPT in config-post.h
Index: libvirt-1.1.2/config-post.h
===================================================================
--- libvirt-1.1.2.orig/config-post.h
+++ libvirt-1.1.2/config-post.h
@@ -34,6 +34,7 @@
# undef WITH_CURL
# undef WITH_DTRACE_PROBES
# undef WITH_GNUTLS
+# undef WITH_GNUTLS_GCRYPT
# undef WITH_MACVTAP
# undef WITH_NUMACTL
# undef WITH_SASL
++++++ 8c3586ea-CVE-2013-4400.patch ++++++
commit 8c3586ea755c40d5e01b22cb7b5c1e668cdec994
Author: Daniel P. Berrange <berra...@redhat.com>
Date: Wed Oct 9 10:59:36 2013 +0100
Only allow 'stderr' log output when running setuid (CVE-2013-4400)
We must not allow file/syslog/journald log outputs when running
setuid since they can be abused to do bad things. In particular
the 'file' output can be used to overwrite files.
Signed-off-by: Daniel P. Berrange <berra...@redhat.com>
Index: libvirt-1.1.2/src/util/virlog.c
===================================================================
--- libvirt-1.1.2.orig/src/util/virlog.c
+++ libvirt-1.1.2/src/util/virlog.c
@@ -1318,6 +1318,9 @@ int virLogPriorityFromSyslog(int priorit
* Multiple output can be defined in a single @output, they just need to be
* separated by spaces.
*
+ * If running in setuid mode, then only the 'stderr' output will
+ * be allowed
+ *
* Returns the number of output parsed and installed or -1 in case of error
*/
int
@@ -1329,6 +1332,7 @@ virLogParseOutputs(const char *outputs)
virLogPriority prio;
int ret = -1;
int count = 0;
+ bool isSUID = virIsSUID();
if (cur == NULL)
return -1;
@@ -1348,6 +1352,8 @@ virLogParseOutputs(const char *outputs)
if (virLogAddOutputToStderr(prio) == 0)
count++;
} else if (STREQLEN(cur, "syslog", 6)) {
+ if (isSUID)
+ goto cleanup;
cur += 6;
if (*cur != ':')
goto cleanup;
@@ -1365,6 +1371,8 @@ virLogParseOutputs(const char *outputs)
VIR_FREE(name);
#endif /* HAVE_SYSLOG_H */
} else if (STREQLEN(cur, "file", 4)) {
+ if (isSUID)
+ goto cleanup;
cur += 4;
if (*cur != ':')
goto cleanup;
@@ -1385,6 +1393,8 @@ virLogParseOutputs(const char *outputs)
VIR_FREE(name);
VIR_FREE(abspath);
} else if (STREQLEN(cur, "journald", 8)) {
+ if (isSUID)
+ goto cleanup;
cur += 8;
#if USE_JOURNALD
if (virLogAddOutputToJournald(prio) == 0)
++++++ ae53e5d1-CVE-2013-4400.patch ++++++
commit ae53e5d10e434e07079d7e3ba11ec654ba6a256e
Author: Daniel P. Berrange <berra...@redhat.com>
Date: Wed Oct 9 10:52:39 2013 +0100
Add helpers for getting env vars in a setuid environment
Care must be taken accessing env variables when running
setuid. Introduce a virGetEnvAllowSUID for env vars which
are safe to use in a setuid environment, and another
virGetEnvBlockSUID for vars which are not safe. Also add
a virIsSUID helper method for any other non-env var code
to use.
Signed-off-by: Daniel P. Berrange <berra...@redhat.com>
Index: libvirt-1.1.2/src/libvirt_private.syms
===================================================================
--- libvirt-1.1.2.orig/src/libvirt_private.syms
+++ libvirt-1.1.2/src/libvirt_private.syms
@@ -2042,6 +2042,8 @@ virFindFCHostCapableVport;
virFormatIntDecimal;
virGetDeviceID;
virGetDeviceUnprivSGIO;
+virGetEnvAllowSUID;
+virGetEnvBlockSUID;
virGetFCHostNameByWWN;
virGetGroupID;
virGetGroupList;
@@ -2060,6 +2062,7 @@ virIndexToDiskName;
virIsCapableFCHost;
virIsCapableVport;
virIsDevMapperDevice;
+virIsSUID;
virManageVport;
virParseNumber;
virParseOwnershipIds;
Index: libvirt-1.1.2/src/util/virutil.c
===================================================================
--- libvirt-1.1.2.orig/src/util/virutil.c
+++ libvirt-1.1.2/src/util/virutil.c
@@ -2116,3 +2116,42 @@ cleanup:
return rc;
}
+
+
+/**
+ * virGetEnvBlockSUID:
+ * @name: the environment variable name
+ *
+ * Obtain an environment variable which is unsafe to
+ * use when running setuid. If running setuid, a NULL
+ * value will be returned
+ */
+const char *virGetEnvBlockSUID(const char *name)
+{
+ return secure_getenv(name);
+}
+
+
+/**
+ * virGetEnvBlockSUID:
+ * @name: the environment variable name
+ *
+ * Obtain an environment variable which is safe to
+ * use when running setuid. The value will be returned
+ * even when running setuid
+ */
+const char *virGetEnvAllowSUID(const char *name)
+{
+ return getenv(name);
+}
+
+
+/**
+ * virIsSUID:
+ * Return a true value if running setuid. Does not
+ * check for elevated capabilities bits.
+ */
+bool virIsSUID(void)
+{
+ return getuid() != geteuid();
+}
Index: libvirt-1.1.2/src/util/virutil.h
===================================================================
--- libvirt-1.1.2.orig/src/util/virutil.h
+++ libvirt-1.1.2/src/util/virutil.h
@@ -172,4 +172,8 @@ int virCompareLimitUlong(unsigned long l
int virParseOwnershipIds(const char *label, uid_t *uidPtr, gid_t *gidPtr);
+const char *virGetEnvBlockSUID(const char *name);
+const char *virGetEnvAllowSUID(const char *name);
+bool virIsSUID(void);
+
#endif /* __VIR_UTIL_H__ */
++++++ b7fcc799a-CVE-2013-4400.patch ++++++
commit b7fcc799ad5d8f3e55b89b94e599903e3c092467
Author: Daniel P. Berrange <berra...@redhat.com>
Date: Wed Oct 9 15:14:34 2013 +0100
Close all non-stdio FDs in virt-login-shell (CVE-2013-4400)
We don't want to inherit any FDs in the new namespace
except for the stdio FDs. Explicitly close them all,
just in case some do not have the close-on-exec flag
set.
Signed-off-by: Daniel P. Berrange <berra...@redhat.com>
Index: libvirt-1.1.2/tools/virt-login-shell.c
===================================================================
--- libvirt-1.1.2.orig/tools/virt-login-shell.c
+++ libvirt-1.1.2/tools/virt-login-shell.c
@@ -313,6 +313,18 @@ main(int argc, char **argv)
if (cpid == 0) {
pid_t ccpid;
+ int openmax = sysconf(_SC_OPEN_MAX);
+ int fd;
+ if (openmax < 0) {
+ virReportSystemError(errno, "%s",
+ _("sysconf(_SC_OPEN_MAX) failed"));
+ return EXIT_FAILURE;
+ }
+ for (fd = 3; fd < openmax; fd++) {
+ int tmpfd = fd;
+ VIR_MASS_CLOSE(tmpfd);
+ }
+
/* Fork once because we don't want to affect
* virt-login-shell's namespace itself
*/
++++++ bd773e74-lxc-terminate-machine.patch ++++++
commit bd773e74f0d1d1b9ebbfcaa645178316b4f2265c
Author: Cédric Bosdonnat <cbosdon...@suse.com>
Date: Mon Sep 30 16:46:29 2013 +0200
LXC: workaround machined uncleaned data with containers running systemd.
The problem is described by [0] but its effect on libvirt is that
starting a container with a full distro running systemd after having
stopped it simply fails.
The container cleanup now calls the machined Terminate function to make
sure that everything is in order for the next run.
[0]: https://bugs.freedesktop.org/show_bug.cgi?id=68370
Index: libvirt-1.1.2/src/libvirt_private.syms
===================================================================
--- libvirt-1.1.2.orig/src/libvirt_private.syms
+++ libvirt-1.1.2/src/libvirt_private.syms
@@ -1940,8 +1940,10 @@ virSysinfoSetup;
# util/virsystemd.h
virSystemdCreateMachine;
+virSystemdMakeMachineName;
virSystemdMakeScopeName;
virSystemdMakeSliceName;
+virSystemdTerminateMachine;
# util/virthread.h
Index: libvirt-1.1.2/src/lxc/lxc_process.c
===================================================================
--- libvirt-1.1.2.orig/src/lxc/lxc_process.c
+++ libvirt-1.1.2/src/lxc/lxc_process.c
@@ -50,6 +50,7 @@
#include "virstring.h"
#include "viratomic.h"
#include "virprocess.h"
+#include "virsystemd.h"
#define VIR_FROM_THIS VIR_FROM_LXC
@@ -210,6 +211,13 @@ static void virLXCProcessCleanup(virLXCD
virCgroupFree(&priv->cgroup);
}
+ /* Get machined to terminate the machine as it may not have cleaned it
+ * properly. See https://bugs.freedesktop.org/show_bug.cgi?id=68370 for
+ * the bug we are working around here.
+ */
+ virSystemdTerminateMachine(vm->def->name, "lxc", true);
+
+
/* now that we know it's stopped call the hook if present */
if (virHookPresent(VIR_HOOK_DRIVER_LXC)) {
char *xml = virDomainDefFormat(vm->def, 0);
Index: libvirt-1.1.2/src/util/virsystemd.c
===================================================================
--- libvirt-1.1.2.orig/src/util/virsystemd.c
+++ libvirt-1.1.2/src/util/virsystemd.c
@@ -116,6 +116,27 @@ char *virSystemdMakeSliceName(const char
return virBufferContentAndReset(&buf);
}
+char *virSystemdMakeMachineName(const char *name,
+ const char *drivername,
+ bool privileged)
+{
+ char *machinename = NULL;
+ char *username = NULL;
+ if (privileged) {
+ if (virAsprintf(&machinename, "%s-%s", drivername, name) < 0)
+ goto cleanup;
+ } else {
+ if (!(username = virGetUserName(geteuid())))
+ goto cleanup;
+ if (virAsprintf(&machinename, "%s-%s-%s", username, drivername, name)
< 0)
+ goto cleanup;
+ }
+
+cleanup:
+ VIR_FREE(username);
+
+ return machinename;
+}
/**
* virSystemdCreateMachine:
@@ -142,7 +163,6 @@ int virSystemdCreateMachine(const char *
DBusConnection *conn;
char *machinename = NULL;
char *creatorname = NULL;
- char *username = NULL;
char *slicename = NULL;
if (!virDBusHasSystemBus())
@@ -150,15 +170,8 @@ int virSystemdCreateMachine(const char *
conn = virDBusGetSystemBus();
- if (privileged) {
- if (virAsprintf(&machinename, "%s-%s", drivername, name) < 0)
- goto cleanup;
- } else {
- if (!(username = virGetUserName(geteuid())))
- goto cleanup;
- if (virAsprintf(&machinename, "%s-%s-%s", username, drivername, name)
< 0)
- goto cleanup;
- }
+ if (!(machinename = virSystemdMakeMachineName(name, drivername,
privileged)))
+ goto cleanup;
if (virAsprintf(&creatorname, "libvirt-%s", drivername) < 0)
goto cleanup;
@@ -241,8 +254,52 @@ int virSystemdCreateMachine(const char *
ret = 0;
cleanup:
- VIR_FREE(username);
VIR_FREE(creatorname);
VIR_FREE(machinename);
return ret;
}
+
+int virSystemdTerminateMachine(const char *name,
+ const char *drivername,
+ bool privileged)
+{
+ int ret;
+ DBusConnection *conn;
+ char *machinename = NULL;
+
+ if(!virDBusHasSystemBus())
+ return -2;
+
+ conn = virDBusGetSystemBus();
+
+ ret = -1;
+ if (!(machinename = virSystemdMakeMachineName(name, drivername,
privileged)))
+ goto cleanup;
+
+ /*
+ * The systemd DBus API we're invoking has the
+ * following signature
+ *
+ * TerminateMachine(in s name);
+ *
+ * @name a host unique name for the machine. shows up
+ * in 'ps' listing & similar
+ */
+
+ VIR_DEBUG("Attempting to terminate machine via systemd");
+ if (virDBusCallMethod(conn,
+ NULL,
+ "org.freedesktop.machine1",
+ "/org/freedesktop/machine1",
+ "org.freedesktop.machine1.Manager",
+ "TerminateMachine",
+ "s",
+ machinename) < 0)
+ goto cleanup;
+
+ ret = 0;
+
+cleanup:
+ VIR_FREE(machinename);
+ return ret;
+}
Index: libvirt-1.1.2/src/util/virsystemd.h
===================================================================
--- libvirt-1.1.2.orig/src/util/virsystemd.h
+++ libvirt-1.1.2/src/util/virsystemd.h
@@ -29,6 +29,10 @@ char *virSystemdMakeScopeName(const char
const char *slicename);
char *virSystemdMakeSliceName(const char *partition);
+char *virSystemdMakeMachineName(const char *name,
+ const char *drivername,
+ bool privileged);
+
int virSystemdCreateMachine(const char *name,
const char *drivername,
bool privileged,
@@ -38,4 +42,8 @@ int virSystemdCreateMachine(const char *
bool iscontainer,
const char *partition);
+int virSystemdTerminateMachine(const char *name,
+ const char *drivername,
+ bool privileged);
+
#endif /* __VIR_SYSTEMD_H__ */
Index: libvirt-1.1.2/tests/virsystemdtest.c
===================================================================
--- libvirt-1.1.2.orig/tests/virsystemdtest.c
+++ libvirt-1.1.2/tests/virsystemdtest.c
@@ -51,6 +51,18 @@ static int testCreateContainer(const voi
return 0;
}
+static int testTerminateContainer(const void *opaque ATTRIBUTE_UNUSED)
+{
+ if (virSystemdTerminateMachine("demo",
+ "lxc",
+ true) < 0) {
+ fprintf(stderr, "%s", "Failed to terminate LXC machine\n");
+ return -1;
+ }
+
+ return 0;
+}
+
static int testCreateMachine(const void *opaque ATTRIBUTE_UNUSED)
{
unsigned char uuid[VIR_UUID_BUFLEN] = {
@@ -74,6 +86,18 @@ static int testCreateMachine(const void
return 0;
}
+static int testTerminateMachine(const void *opaque ATTRIBUTE_UNUSED)
+{
+ if (virSystemdTerminateMachine("demo",
+ "qemu",
+ false) < 0) {
+ fprintf(stderr, "%s", "Failed to terminate KVM machine\n");
+ return -1;
+ }
+
+ return 0;
+}
+
static int testCreateNoSystemd(const void *opaque ATTRIBUTE_UNUSED)
{
unsigned char uuid[VIR_UUID_BUFLEN] = {
@@ -177,8 +201,12 @@ mymain(void)
if (virtTestRun("Test create container ", 1, testCreateContainer, NULL) <
0)
ret = -1;
+ if (virtTestRun("Test terminate container ", 1, testTerminateContainer,
NULL) < 0)
+ ret = -1;
if (virtTestRun("Test create machine ", 1, testCreateMachine, NULL) < 0)
ret = -1;
+ if (virtTestRun("Test terminate machine ", 1, testTerminateMachine, NULL)
< 0)
+ ret = -1;
if (virtTestRun("Test create no systemd ", 1, testCreateNoSystemd, NULL) <
0)
ret = -1;
if (virtTestRun("Test create bad systemd ", 1, testCreateBadSystemd, NULL)
< 0)
++++++ e350826c-python-fix-fd-passing.patch ++++++
commit e350826c653b20dd271ab99075d2f224c7451356
Author: Marian Neagul <mar...@info.uvt.ro>
Date: Tue Oct 22 16:03:39 2013 +0100
python: Fix Create*WithFiles filefd passing
Commit d76227be added functions virDomainCreateWithFiles and
virDomainCreateXMLWithFiles, but there was a little piece missing in
python bindings. This patch fixes proper passing of file descriptors
in the overwrites of these functions.
Index: libvirt-1.1.2/python/libvirt-override.c
===================================================================
--- libvirt-1.1.2.orig/python/libvirt-override.c
+++ libvirt-1.1.2/python/libvirt-override.c
@@ -7149,6 +7149,10 @@ libvirt_virDomainCreateXMLWithFiles(PyOb
if (libvirt_intUnwrap(pyfd, &fd) < 0)
goto cleanup;
+
+ files[i] = fd;
+
+ files[i] = fd;
}
LIBVIRT_BEGIN_ALLOW_THREADS;
++++++ install-apparmor-profiles.patch ++++++
--- /var/tmp/diff_new_pack.YlQxdQ/_old 2013-10-29 09:26:45.000000000 +0100
+++ /var/tmp/diff_new_pack.YlQxdQ/_new 2013-10-29 09:26:45.000000000 +0100
@@ -203,7 +203,7 @@
===================================================================
--- /dev/null
+++ libvirt-1.1.2/examples/apparmor/usr.sbin.libvirtd.in
-@@ -0,0 +1,59 @@
+@@ -0,0 +1,60 @@
+# Last Modified: Fri Aug 19 11:20:36 2011
+#include <tunables/global>
+@{LIBVIRT}="libvirt"
@@ -255,6 +255,7 @@
+ audit deny /sys/kernel/security/apparmor/matching rwxl,
+ audit deny /sys/kernel/security/apparmor/.* rwxl,
+ /sys/kernel/security/apparmor/profiles r,
++ /etc/xen/scripts/* rx,
+ @libdir@/libvirt/* Pxr,
+ @libdir@/libvirt/libvirt_parthelper Ux,
+ @libdir@/libvirt/libvirt_iohelper Ux,
++++++ libvirt-suse-netcontrol.patch ++++++
--- /var/tmp/diff_new_pack.YlQxdQ/_old 2013-10-29 09:26:45.000000000 +0100
+++ /var/tmp/diff_new_pack.YlQxdQ/_new 2013-10-29 09:26:45.000000000 +0100
@@ -2,7 +2,7 @@
===================================================================
--- libvirt-1.1.2.orig/configure.ac
+++ libvirt-1.1.2/configure.ac
-@@ -173,6 +173,7 @@ LIBVIRT_CHECK_DBUS
+@@ -174,6 +174,7 @@ LIBVIRT_CHECK_DBUS
LIBVIRT_CHECK_FUSE
LIBVIRT_CHECK_HAL
LIBVIRT_CHECK_NETCF
@@ -10,7 +10,7 @@
LIBVIRT_CHECK_NUMACTL
LIBVIRT_CHECK_OPENWSMAN
LIBVIRT_CHECK_PCIACCESS
-@@ -2296,11 +2297,12 @@ if test "$with_libvirtd" = "no" ; then
+@@ -2297,11 +2298,12 @@ if test "$with_libvirtd" = "no" ; then
with_interface=no
fi
@@ -26,7 +26,7 @@
esac
if test "$with_interface" = "yes" ; then
-@@ -2608,6 +2610,7 @@ LIBVIRT_RESULT_DBUS
+@@ -2609,6 +2611,7 @@ LIBVIRT_RESULT_DBUS
LIBVIRT_RESULT_FUSE
LIBVIRT_RESULT_HAL
LIBVIRT_RESULT_NETCF
@@ -38,7 +38,7 @@
===================================================================
--- libvirt-1.1.2.orig/src/Makefile.am
+++ libvirt-1.1.2/src/Makefile.am
-@@ -750,6 +750,10 @@ if WITH_NETCF
+@@ -754,6 +754,10 @@ if WITH_NETCF
INTERFACE_DRIVER_SOURCES += \
interface/interface_backend_netcf.c
endif
@@ -49,7 +49,7 @@
if WITH_UDEV
INTERFACE_DRIVER_SOURCES += \
interface/interface_backend_udev.c
-@@ -1310,11 +1314,16 @@ if WITH_NETCF
+@@ -1314,11 +1318,16 @@ if WITH_NETCF
libvirt_driver_interface_la_CFLAGS += $(NETCF_CFLAGS)
libvirt_driver_interface_la_LIBADD += $(NETCF_LIBS)
else
++++++ libxl-hvm-vnc.patch ++++++
Index: libvirt-1.1.2/src/libxl/libxl_conf.c
===================================================================
--- libvirt-1.1.2.orig/src/libxl/libxl_conf.c
+++ libvirt-1.1.2/src/libxl/libxl_conf.c
@@ -524,6 +524,30 @@ libxlMakeChrdevStr(virDomainChrDefPtr de
}
static int
+libxlFixupDomBuildInfo(virDomainDefPtr def, libxl_domain_config *d_config)
+{
+ libxl_domain_build_info *b_info = &d_config->b_info;
+ int hvm = STREQ(def->os.type, "hvm");
+ libxl_device_vfb vfb;
+
+ if (!hvm)
+ return 0;
+
+ if (d_config->num_vfbs) {
+ vfb = d_config->vfbs[0];
+ if (libxl_defbool_val(vfb.vnc.enable))
+ memcpy(&b_info->u.hvm.vnc, &vfb.vnc, sizeof(libxl_vnc_info));
+ else if (libxl_defbool_val(vfb.sdl.enable))
+ memcpy(&b_info->u.hvm.sdl, &vfb.sdl, sizeof(libxl_sdl_info));
+ else
+ return -1;
+ }
+
+ return 0;
+}
+
+
+static int
libxlMakeDomBuildInfo(virDomainObjPtr vm, libxl_domain_config *d_config)
{
virDomainDefPtr def = vm->def;
@@ -1025,6 +1049,9 @@ libxlBuildDomainConfig(libxlDriverPrivat
if (libxlMakeVfbList(driver, def, d_config) < 0)
return -1;
+ if (libxlFixupDomBuildInfo(def, d_config) < 0)
+ return -1;
+
d_config->on_reboot = def->onReboot;
d_config->on_poweroff = def->onPoweroff;
d_config->on_crash = def->onCrash;
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
