2006-09-21 15:24:37 +00:00
# -*- rpm-spec -*-
2011-03-16 11:50:44 -06:00
# If neither fedora nor rhel was defined, try to guess them from %{dist}
%if !0%{?rhel} && !0%{?fedora}
%{expand:%(echo " %{?dist} " | \
sed -ne 's/^\.el\([0-9]\+\).*/%%define rhel \1/p' )}
%{expand:%(echo " %{?dist} " | \
sed -ne 's/^\.fc\?\([0-9]\+\).*/%%define fedora \1/p' )}
%endif
2011-12-05 10:22:10 -07:00
# Default to skipping autoreconf. Distros can change just this one line
# (or provide a command-line override) if they backport any patches that
# touch configure.ac or Makefile.am.
%{!?enable_autotools:%define enable_autotools 0}
2009-09-16 16:02:38 +01:00
# A client only build will create a libvirt.so only containing
# the generic RPC driver, and test driver and no libvirtd
2013-09-04 14:59:49 -06:00
# Default to a full server + client build, but with the possibility
# of a command-line or ~/.rpmmacros override for client-only.
%{!?client_only:%define client_only 0}
2009-09-16 16:02:38 +01:00
# Now turn off server build in certain cases
# RHEL-5 builds are client-only for s390, ppc
%if 0%{?rhel} == 5
2013-01-09 13:50:03 -07:00
%ifnarch %{ix86} x86_64 ia64
%define client_only 1
%endif
2009-09-16 16:02:38 +01:00
%endif
# Disable all server side drivers if client only build requested
%if %{client_only}
2013-01-09 13:50:03 -07:00
%define server_drivers 0
2009-09-16 16:02:38 +01:00
%else
2013-01-09 13:50:03 -07:00
%define server_drivers 1
2009-09-16 16:02:38 +01:00
%endif
2012-04-02 20:53:43 +01:00
# Always build with dlopen'd modules
%define with_driver_modules 1
2009-09-16 16:02:38 +01:00
2009-09-22 11:42:06 +02:00
# Now set the defaults for all the important features, independent
2009-09-16 16:02:38 +01:00
# of any particular OS
# First the daemon itself
%define with_libvirtd 0%{!?_without_libvirtd:%{server_drivers}}
%define with_avahi 0%{!?_without_avahi:%{server_drivers}}
2012-04-03 12:05:32 +01:00
# Then the hypervisor drivers that run in libvirtd
2009-09-16 16:02:38 +01:00
%define with_xen 0%{!?_without_xen:%{server_drivers}}
%define with_qemu 0%{!?_without_qemu:%{server_drivers}}
%define with_lxc 0%{!?_without_lxc:%{server_drivers}}
%define with_uml 0%{!?_without_uml:%{server_drivers}}
2011-02-10 15:42:34 -07:00
%define with_libxl 0%{!?_without_libxl:%{server_drivers}}
2013-09-03 17:08:25 -06:00
%define with_vbox 0%{!?_without_vbox:%{server_drivers}}
2009-09-16 16:02:38 +01:00
2012-04-03 11:54:27 +01:00
%define with_qemu_tcg %{with_qemu}
# Change if we ever provide qemu-kvm binaries on non-x86 hosts
2012-11-16 18:50:20 +01:00
%if 0%{?fedora} >= 18
2013-06-17 12:19:46 -04:00
%if 0%{?fedora} >= 20
%define qemu_kvm_arches %{ix86} x86_64 ppc64 s390x %{arm}
%else
%define qemu_kvm_arches %{ix86} x86_64 ppc64 s390x
%endif
2012-11-16 18:50:20 +01:00
%else
2013-01-09 13:50:03 -07:00
%define qemu_kvm_arches %{ix86} x86_64
2012-11-16 18:50:20 +01:00
%endif
%ifarch %{qemu_kvm_arches}
2013-01-09 13:50:03 -07:00
%define with_qemu_kvm %{with_qemu}
2012-04-03 11:54:27 +01:00
%else
2013-01-09 13:50:03 -07:00
%define with_qemu_kvm 0
2012-04-03 11:54:27 +01:00
%endif
2012-04-03 12:05:32 +01:00
# Then the hypervisor drivers that run outside libvirtd, in libvirt.so
%define with_openvz 0%{!?_without_openvz:1}
%define with_vmware 0%{!?_without_vmware:1}
2009-09-16 16:02:38 +01:00
%define with_phyp 0%{!?_without_phyp:1}
%define with_esx 0%{!?_without_esx:1}
2011-07-13 16:05:18 +02:00
%define with_hyperv 0%{!?_without_hyperv:1}
2011-06-16 13:46:38 +02:00
%define with_xenapi 0%{!?_without_xenapi:1}
2012-07-31 22:56:05 +04:00
%define with_parallels 0%{!?_without_parallels:1}
2014-02-25 09:51:40 -07:00
# No test for bhyve, because it does not build on Linux
2009-09-16 16:02:38 +01:00
2012-04-03 12:05:32 +01:00
# Then the secondary host drivers, which run inside libvirtd
2012-09-17 20:27:06 -05:00
%define with_interface 0%{!?_without_interface:%{server_drivers}}
2012-07-18 20:06:58 +01:00
%define with_network 0%{!?_without_network:%{server_drivers}}
%define with_storage_fs 0%{!?_without_storage_fs:%{server_drivers}}
%define with_storage_lvm 0%{!?_without_storage_lvm:%{server_drivers}}
%define with_storage_iscsi 0%{!?_without_storage_iscsi:%{server_drivers}}
%define with_storage_disk 0%{!?_without_storage_disk:%{server_drivers}}
%define with_storage_mpath 0%{!?_without_storage_mpath:%{server_drivers}}
2012-05-14 11:06:42 +02:00
%if 0%{?fedora} >= 16
2013-01-09 13:50:03 -07:00
%define with_storage_rbd 0%{!?_without_storage_rbd:%{server_drivers}}
2012-05-22 16:07:02 +08:00
%else
2013-01-09 13:50:03 -07:00
%define with_storage_rbd 0
2012-05-14 11:06:42 +02:00
%endif
2012-07-18 20:06:58 +01:00
%if 0%{?fedora} >= 17
2013-01-09 13:50:03 -07:00
%define with_storage_sheepdog 0%{!?_without_storage_sheepdog:%{server_drivers}}
2012-07-18 20:06:58 +01:00
%else
2013-01-09 13:50:03 -07:00
%define with_storage_sheepdog 0
2012-07-18 20:06:58 +01:00
%endif
2014-02-26 14:17:51 +01:00
%if 0%{?fedora} >= 19 || 0%{?rhel} >= 6
2013-11-19 16:26:05 -07:00
%define with_storage_gluster 0%{!?_without_storage_gluster:%{server_drivers}}
%else
%define with_storage_gluster 0
%endif
2012-07-18 20:06:58 +01:00
%define with_numactl 0%{!?_without_numactl:%{server_drivers}}
%define with_selinux 0%{!?_without_selinux:%{server_drivers}}
2009-09-16 16:02:38 +01:00
2013-07-30 12:04:55 +01:00
# Just hardcode to off, since few people ever have apparmor RPMs installed
%define with_apparmor 0%{!?_without_apparmor:0}
2009-09-16 16:02:38 +01:00
# A few optional bits off by default, we enable later
2009-07-29 10:05:39 +01:00
%define with_polkit 0%{!?_without_polkit:0}
2009-06-29 11:33:13 +00:00
%define with_capng 0%{!?_without_capng:0}
2012-11-12 15:02:23 +08:00
%define with_fuse 0%{!?_without_fuse:0}
2009-07-29 10:05:39 +01:00
%define with_netcf 0%{!?_without_netcf:0}
2009-11-20 16:45:46 +01:00
%define with_udev 0%{!?_without_udev:0}
%define with_hal 0%{!?_without_hal:0}
2009-11-03 13:59:18 -05:00
%define with_yajl 0%{!?_without_yajl:0}
2010-05-05 12:20:28 -04:00
%define with_nwfilter 0%{!?_without_nwfilter:0}
nwfilter: Support for learning a VM's IP address
This patch implements support for learning a VM's IP address. It uses
the pcap library to listen on the VM's backend network interface (tap)
or the physical ethernet device (macvtap) and tries to capture packets
with source or destination MAC address of the VM and learn from DHCP
Offers, ARP traffic, or first-sent IPv4 packet what the IP address of
the VM's interface is. This then allows to instantiate the network
traffic filtering rules without the user having to provide the IP
parameter somewhere in the filter description or in the interface
description as a parameter. This only supports to detect the parameter
IP, which is for the assumed single IPv4 address of a VM. There is not
support for interfaces that may have multiple IP addresses (IP
aliasing) or IPv6 that may then require more than one valid IP address
to be detected. A VM can have multiple independent interfaces that each
uses a different IP address and in that case it will be attempted to
detect each one of the address independently.
So, when for example an interface description in the domain XML has
looked like this up to now:
<interface type='bridge'>
<source bridge='mybridge'/>
<model type='virtio'/>
<filterref filter='clean-traffic'>
<parameter name='IP' value='10.2.3.4'/>
</filterref>
</interface>
you may omit the IP parameter:
<interface type='bridge'>
<source bridge='mybridge'/>
<model type='virtio'/>
<filterref filter='clean-traffic'/>
</interface>
Internally I am walking the 'tree' of a VM's referenced network filters
and determine with the given variables which variables are missing. Now,
the above IP parameter may be missing and this causes a libvirt-internal
thread to be started that uses the pcap library's API to listen to the
backend interface (in case of macvtap to the physical interface) in an
attempt to determine the missing IP parameter. If the backend interface
disappears the thread terminates assuming the VM was brought down. In
case of a macvtap device a timeout is being used to wait for packets
from the given VM (filtering by VM's interface MAC address). If the VM's
macvtap device disappeared the thread also terminates. In all other
cases it tries to determine the IP address of the VM and will then apply
the rules late on the given interface, which would have happened
immediately if the IP parameter had been explicitly given. In case an
error happens while the firewall rules are applied, the VM's backend
interface is 'down'ed preventing it to communicate. Reasons for failure
for applying the network firewall rules may that an ebtables/iptables
command failes or OOM errors. Essentially the same failure reasons may
occur as when the firewall rules are applied immediately on VM start,
except that due to the late application of the filtering rules the VM
now is already running and cannot be hindered anymore from starting.
Bringing down the whole VM would probably be considered too drastic.
While a VM's IP address is attempted to be determined only limited
updates to network filters are allowed. In particular it is prevented
that filters are modified in such a way that they would introduce new
variables.
A caveat: The algorithm does not know which one is the appropriate IP
address of a VM. If the VM spoofs an IP address in its first ARP traffic
or IPv4 packets its filtering rules will be instantiated for this IP
address, thus 'locking' it to the found IP address. So, it's still
'safer' to explicitly provide the IP address of a VM's interface in the
filter description if it is known beforehand.
* configure.ac: detect libpcap
* libvirt.spec.in: require libpcap[-devel] if qemu is built
* src/internal.h: add the new ATTRIBUTE_PACKED define
* src/Makefile.am src/libvirt_private.syms: add the new modules and symbols
* src/nwfilter/nwfilter_learnipaddr.[ch]: new module being added
* src/nwfilter/nwfilter_driver.c src/conf/nwfilter_conf.[ch]
src/nwfilter/nwfilter_ebiptables_driver.[ch]
src/nwfilter/nwfilter_gentech_driver.[ch]: plu the new functionality in
* tests/nwfilterxml2xmltest: extend testing
2010-04-07 23:02:18 +02:00
%define with_libpcap 0%{!?_without_libpcap:0}
2010-05-25 15:31:38 -04:00
%define with_macvtap 0%{!?_without_macvtap:0}
2010-08-25 12:28:02 +02:00
%define with_libnl 0%{!?_without_libnl:0}
2010-09-15 14:44:11 +01:00
%define with_audit 0%{!?_without_audit:0}
Add dtrace static probes in libvirtd
Adds initial support for dtrace static probes in libvirtd
daemon, assuming use of systemtap dtrace compat shim on
Linux. The probes are inserted for network client connect,
disconnect, TLS handshake states and authentication protocol
states.
This can be tested by running the xample program and then
attempting to connect with any libvirt client (virsh,
virt-manager, etc).
# stap examples/systemtap/client.stp
Client fd=44 connected readonly=0
Client fd=44 auth polkit deny pid:24997,uid:500
Client fd=44 disconnected
Client fd=46 connected readonly=1
Client fd=46 auth sasl allow test
Client fd=46 disconnected
The libvirtd.stp file should also really not be required,
since it is duplicated info that is already available in
the main probes.d definition file. A script to autogenerate
the .stp file is needed, either in libvirtd tree, or better
as part of systemtap itself.
* Makefile.am: Add examples/systemtap subdir
* autobuild.sh: Disable dtrace for mingw32
* configure.ac: Add check for dtrace
* daemon/.gitignore: Ignore generated dtrace probe file
* daemon/Makefile.am: Build dtrace probe header & object
files
* daemon/libvirtd.stp: SystemTAP convenience probeset
* daemon/libvirtd.c: Add connect/disconnect & TLS probes
* daemon/remote.c: Add SASL and PolicyKit auth probes
* daemon/probes.d: Master probe definition
* daemon/libvirtd.h: Add convenience macro for probes
so that compilation is a no-op when dtrace is not available
* examples/systemtap/Makefile.am, examples/systemtap/client.stp
Example systemtap script using dtrace probe markers
* libvirt.spec.in: Enable dtrace on F13/RHEL6
* mingw32-libvirt.spec.in: Force disable dtrace
2010-09-14 17:30:32 +01:00
%define with_dtrace 0%{!?_without_dtrace:0}
2010-12-23 09:44:19 +01:00
%define with_cgconfig 0%{!?_without_cgconfig:0}
2011-01-18 18:37:45 +00:00
%define with_sanlock 0%{!?_without_sanlock:0}
2011-07-07 14:45:07 +01:00
%define with_systemd 0%{!?_without_systemd:0}
2012-03-24 09:35:20 +08:00
%define with_numad 0%{!?_without_numad:0}
network: use firewalld instead of iptables, when available
* configure.ac, spec file: firewalld defaults to enabled if dbus is
available, otherwise is disabled. If --with_firewalld is explicitly
requested and dbus is not available, configure will fail.
* bridge_driver: add dbus filters to get the FirewallD1.Reloaded
signal and DBus.NameOwnerChanged on org.fedoraproject.FirewallD1.
When these are encountered, reload all the iptables reuls of all
libvirt's virtual networks (similar to what happens when libvirtd is
restarted).
* iptables, ebtables: use firewall-cmd's direct passthrough interface
when available, otherwise use iptables and ebtables commands. This
decision is made once the first time libvirt calls
iptables/ebtables, and that decision is maintained for the life of
libvirtd.
* Note that the nwfilter part of this patch was separated out into
another patch by Stefan in V2, so that needs to be revised and
re-reviewed as well.
================
All the configure.ac and specfile changes are unchanged from Thomas'
V3.
V3 re-ran "firewall-cmd --state" every time a new rule was added,
which was extremely inefficient. V4 uses VIR_ONCE_GLOBAL_INIT to set
up a one-time initialization function.
The VIR_ONCE_GLOBAL_INIT(x) macro references a static function called
vir(Ip|Eb)OnceInit(), which will then be called the first time that
the static function vir(Ip|Eb)TablesInitialize() is called (that
function is defined for you by the macro). This is
thread-safe, so there is no chance of any race.
IMPORTANT NOTE: I've left the VIR_DEBUG messages in these two init
functions (one for iptables, on for ebtables) as VIR_WARN so that I
don't have to turn on all the other debug message just to see
these. Even if this patch doesn't need any other modification, those
messages need to be changed to VIR_DEBUG before pushing.
This one-time initialization works well. However, I've encountered
problems with testing:
1) Whenever I have enabled the firewalld service, *all* attempts to
call firewall-cmd from within libvirtd end with firewall-cmd hanging
internally somewhere. This is *not* the case if firewall-cmd returns
non-0 in response to "firewall-cmd --state" (i.e. *that* command runs
and returns to libvirt successfully.)
2) If I start libvirtd while firewalld is stopped, then start
firewalld later, this triggers libvirtd to reload its iptables rules,
however it also spits out a *ton* of complaints about deletion failing
(I suppose because firewalld has nuked all of libvirt's rules). I
guess we need to suppress those messages (which is a more annoying
problem to fix than you might think, but that's another story).
3) I noticed a few times during this long line of errors that
firewalld made a complaint about "Resource Temporarily
unavailable. Having libvirtd access iptables commands directly at the
same time as firewalld is doing so is apparently problematic.
4) In general, I'm concerned about the "set it once and never change
it" method - if firewalld is disabled at libvirtd startup, causing
libvirtd to always use iptables/ebtables directly, this won't cause
*terrible* problems, but if libvirtd decides to use firewall-cmd and
firewalld is later disabled, libvirtd will not be able to recover.
2012-08-14 20:59:52 +02:00
%define with_firewalld 0%{!?_without_firewalld:0}
2013-01-08 21:47:55 +00:00
%define with_libssh2 0%{!?_without_libssh2:0}
2014-02-04 12:37:15 -07:00
%define with_wireshark 0%{!?_without_wireshark:0}
2014-02-25 13:12:34 -07:00
%define with_systemd_daemon 0%{!?_without_systemd_daemon:0}
2014-04-11 09:20:48 +02:00
%define with_pm_utils 1
2009-07-29 10:05:39 +01:00
2009-09-16 16:02:38 +01:00
# Non-server/HV driver defaults which are always enabled
%define with_sasl 0%{!?_without_sasl:1}
# Finally set the OS / architecture specific special cases
2008-06-12 16:10:50 +00:00
# Xen is available only on i386 x86_64 ia64
2012-02-20 09:27:11 -07:00
%ifnarch %{ix86} x86_64 ia64
2013-01-09 13:50:03 -07:00
%define with_xen 0
%define with_libxl 0
2008-06-12 16:10:50 +00:00
%endif
2013-05-24 15:44:19 +02:00
# vbox is available only on i386 x86_64
%ifnarch %{ix86} x86_64
%define with_vbox 0
%endif
2011-11-10 11:33:17 +00:00
# Numactl is not available on s390[x] and ARM
%ifarch s390 s390x %{arm}
2013-01-09 13:50:03 -07:00
%define with_numactl 0
2009-11-11 18:07:34 +00:00
%endif
2009-09-16 16:02:38 +01:00
2014-02-17 13:47:32 +01:00
# libgfapi is built only on x86_64 on rhel
%ifnarch x86_64
2014-02-26 14:17:51 +01:00
%if 0%{?rhel} >= 6
2014-02-17 13:47:32 +01:00
%define with_storage_gluster 0
%endif
%endif
Remove the Open Nebula driver
The Open Nebula driver has been unmaintained since it was first
introduced. The only commits have been for tree-wide cleanups.
It also has a major design flaw, in that it only knows about guests
that it has created itself, which makes it of very limited use.
Discussions wrt evolution of the VMWare ESX driver, concluded that
it should limit itself to single-node ESX operation and not try to
manage the multi-node architecture of VirtualCenter. Open Nebula
is a cluster like Virtual Center, not a single node system, so
the same reasoning applies.
The DeltaCloud project includes an Open Nebula driver and is a much
better fit architecturally, since it is explicitly targetting the
distributed multihost cluster scenario.
Thus this patch deletes the libvirt Open Nebula driver with the
recommendation that people use DeltaCloud for managing it instead.
* configure.ac: Remove probe for xmlrpc & --with-one arg
* daemon/Makefile.am, daemon/libvirtd.c, src/Makefile.am: Remove
ONE driver build
* src/opennebula/one_client.c, src/opennebula/one_client.h,
src/opennebula/one_conf.c, src/opennebula/one_conf.h,
src/opennebula/one_driver.c, src/opennebula/one_driver.c: Delete
files
* autobuild.sh, libvirt.spec.in, mingw32-libvirt.spec.in: Remove
build rules for Open Nebula
* docs/drivers.html.in, docs/sitemap.html.in: Remove reference
to OpenNebula
* docs/drvone.html.in: Delete file
2011-03-22 16:12:34 +00:00
# RHEL doesn't ship OpenVZ, VBox, UML, PowerHypervisor,
2011-09-26 14:28:47 -06:00
# VMWare, libxenserver (xenapi), libxenlight (Xen 4.1 and newer),
# or HyperV.
2009-09-16 16:02:38 +01:00
%if 0%{?rhel}
2013-01-09 13:50:03 -07:00
%define with_openvz 0
%define with_vbox 0
%define with_uml 0
%define with_phyp 0
%define with_vmware 0
%define with_xenapi 0
%define with_libxl 0
%define with_hyperv 0
%define with_parallels 0
2009-09-16 16:02:38 +01:00
%endif
2012-06-11 17:57:38 +01:00
# Fedora 17 / RHEL-7 are first where we use systemd. Although earlier
# Fedora has systemd, libvirt still used sysvinit there.
2012-06-12 15:54:56 +01:00
%if 0%{?fedora} >= 17 || 0%{?rhel} >= 7
2013-01-09 13:50:03 -07:00
%define with_systemd 1
2014-02-25 13:12:34 -07:00
%define with_systemd_daemon 1
2014-04-11 09:20:48 +02:00
%define with_pm_utils 0
2011-07-07 14:45:07 +01:00
%endif
network: use firewalld instead of iptables, when available
* configure.ac, spec file: firewalld defaults to enabled if dbus is
available, otherwise is disabled. If --with_firewalld is explicitly
requested and dbus is not available, configure will fail.
* bridge_driver: add dbus filters to get the FirewallD1.Reloaded
signal and DBus.NameOwnerChanged on org.fedoraproject.FirewallD1.
When these are encountered, reload all the iptables reuls of all
libvirt's virtual networks (similar to what happens when libvirtd is
restarted).
* iptables, ebtables: use firewall-cmd's direct passthrough interface
when available, otherwise use iptables and ebtables commands. This
decision is made once the first time libvirt calls
iptables/ebtables, and that decision is maintained for the life of
libvirtd.
* Note that the nwfilter part of this patch was separated out into
another patch by Stefan in V2, so that needs to be revised and
re-reviewed as well.
================
All the configure.ac and specfile changes are unchanged from Thomas'
V3.
V3 re-ran "firewall-cmd --state" every time a new rule was added,
which was extremely inefficient. V4 uses VIR_ONCE_GLOBAL_INIT to set
up a one-time initialization function.
The VIR_ONCE_GLOBAL_INIT(x) macro references a static function called
vir(Ip|Eb)OnceInit(), which will then be called the first time that
the static function vir(Ip|Eb)TablesInitialize() is called (that
function is defined for you by the macro). This is
thread-safe, so there is no chance of any race.
IMPORTANT NOTE: I've left the VIR_DEBUG messages in these two init
functions (one for iptables, on for ebtables) as VIR_WARN so that I
don't have to turn on all the other debug message just to see
these. Even if this patch doesn't need any other modification, those
messages need to be changed to VIR_DEBUG before pushing.
This one-time initialization works well. However, I've encountered
problems with testing:
1) Whenever I have enabled the firewalld service, *all* attempts to
call firewall-cmd from within libvirtd end with firewall-cmd hanging
internally somewhere. This is *not* the case if firewall-cmd returns
non-0 in response to "firewall-cmd --state" (i.e. *that* command runs
and returns to libvirt successfully.)
2) If I start libvirtd while firewalld is stopped, then start
firewalld later, this triggers libvirtd to reload its iptables rules,
however it also spits out a *ton* of complaints about deletion failing
(I suppose because firewalld has nuked all of libvirt's rules). I
guess we need to suppress those messages (which is a more annoying
problem to fix than you might think, but that's another story).
3) I noticed a few times during this long line of errors that
firewalld made a complaint about "Resource Temporarily
unavailable. Having libvirtd access iptables commands directly at the
same time as firewalld is doing so is apparently problematic.
4) In general, I'm concerned about the "set it once and never change
it" method - if firewalld is disabled at libvirtd startup, causing
libvirtd to always use iptables/ebtables directly, this won't cause
*terrible* problems, but if libvirtd decides to use firewall-cmd and
firewalld is later disabled, libvirtd will not be able to recover.
2012-08-14 20:59:52 +02:00
# Fedora 18 / RHEL-7 are first where firewalld support is enabled
%if 0%{?fedora} >= 17 || 0%{?rhel} >= 7
2013-01-09 13:50:03 -07:00
%define with_firewalld 1
network: use firewalld instead of iptables, when available
* configure.ac, spec file: firewalld defaults to enabled if dbus is
available, otherwise is disabled. If --with_firewalld is explicitly
requested and dbus is not available, configure will fail.
* bridge_driver: add dbus filters to get the FirewallD1.Reloaded
signal and DBus.NameOwnerChanged on org.fedoraproject.FirewallD1.
When these are encountered, reload all the iptables reuls of all
libvirt's virtual networks (similar to what happens when libvirtd is
restarted).
* iptables, ebtables: use firewall-cmd's direct passthrough interface
when available, otherwise use iptables and ebtables commands. This
decision is made once the first time libvirt calls
iptables/ebtables, and that decision is maintained for the life of
libvirtd.
* Note that the nwfilter part of this patch was separated out into
another patch by Stefan in V2, so that needs to be revised and
re-reviewed as well.
================
All the configure.ac and specfile changes are unchanged from Thomas'
V3.
V3 re-ran "firewall-cmd --state" every time a new rule was added,
which was extremely inefficient. V4 uses VIR_ONCE_GLOBAL_INIT to set
up a one-time initialization function.
The VIR_ONCE_GLOBAL_INIT(x) macro references a static function called
vir(Ip|Eb)OnceInit(), which will then be called the first time that
the static function vir(Ip|Eb)TablesInitialize() is called (that
function is defined for you by the macro). This is
thread-safe, so there is no chance of any race.
IMPORTANT NOTE: I've left the VIR_DEBUG messages in these two init
functions (one for iptables, on for ebtables) as VIR_WARN so that I
don't have to turn on all the other debug message just to see
these. Even if this patch doesn't need any other modification, those
messages need to be changed to VIR_DEBUG before pushing.
This one-time initialization works well. However, I've encountered
problems with testing:
1) Whenever I have enabled the firewalld service, *all* attempts to
call firewall-cmd from within libvirtd end with firewall-cmd hanging
internally somewhere. This is *not* the case if firewall-cmd returns
non-0 in response to "firewall-cmd --state" (i.e. *that* command runs
and returns to libvirt successfully.)
2) If I start libvirtd while firewalld is stopped, then start
firewalld later, this triggers libvirtd to reload its iptables rules,
however it also spits out a *ton* of complaints about deletion failing
(I suppose because firewalld has nuked all of libvirt's rules). I
guess we need to suppress those messages (which is a more annoying
problem to fix than you might think, but that's another story).
3) I noticed a few times during this long line of errors that
firewalld made a complaint about "Resource Temporarily
unavailable. Having libvirtd access iptables commands directly at the
same time as firewalld is doing so is apparently problematic.
4) In general, I'm concerned about the "set it once and never change
it" method - if firewalld is disabled at libvirtd startup, causing
libvirtd to always use iptables/ebtables directly, this won't cause
*terrible* problems, but if libvirtd decides to use firewall-cmd and
firewalld is later disabled, libvirtd will not be able to recover.
2012-08-14 20:59:52 +02:00
%endif
2009-09-16 16:02:38 +01:00
# RHEL-5 has restricted QEMU to x86_64 only and is too old for LXC
%if 0%{?rhel} == 5
2013-01-09 13:50:03 -07:00
%define with_qemu_tcg 0
%ifnarch x86_64
%define with_qemu 0
%define with_qemu_kvm 0
%endif
%define with_lxc 0
2009-09-16 16:02:38 +01:00
%endif
2009-09-16 16:02:38 +01:00
# RHEL-6 has restricted QEMU to x86_64 only, stopped including Xen
# on all archs. Other archs all have LXC available though
2009-09-16 16:02:38 +01:00
%if 0%{?rhel} >= 6
2013-01-09 13:50:03 -07:00
%define with_qemu_tcg 0
%ifnarch x86_64
%define with_qemu 0
%define with_qemu_kvm 0
%endif
%define with_xen 0
2009-09-16 16:02:38 +01:00
%endif
2012-03-23 12:29:00 +08:00
# Fedora doesn't have any QEMU on ppc64 until FC16 - only ppc
%if 0%{?fedora} && 0%{?fedora} < 16
2013-01-09 13:50:03 -07:00
%ifarch ppc64
%define with_qemu 0
%endif
2008-06-12 16:10:50 +00:00
%endif
2012-11-26 09:28:56 -07:00
# Fedora doesn't have new enough Xen for libxl until F18
%if 0%{?fedora} && 0%{?fedora} < 18
2013-01-09 13:50:03 -07:00
%define with_libxl 0
2011-03-18 16:45:18 +00:00
%endif
2010-11-08 17:32:02 +01:00
# PolicyKit was introduced in Fedora 8 / RHEL-6 or newer
2009-09-16 16:02:38 +01:00
%if 0%{?fedora} >= 8 || 0%{?rhel} >= 6
2013-01-09 13:50:03 -07:00
%define with_polkit 0%{!?_without_polkit:1}
2008-06-12 16:10:50 +00:00
%endif
2008-02-20 15:42:30 +00:00
2009-09-16 16:02:38 +01:00
# libcapng is used to manage capabilities in Fedora 12 / RHEL-6 or newer
%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
2013-01-09 13:50:03 -07:00
%define with_capng 0%{!?_without_capng:1}
2009-06-29 11:33:13 +00:00
%endif
2012-11-12 15:02:23 +08:00
# fuse is used to provide virtualized /proc for LXC
%if 0%{?fedora} >= 17 || 0%{?rhel} >= 7
2013-01-09 13:50:03 -07:00
%define with_fuse 0%{!?_without_fuse:1}
2012-11-12 15:02:23 +08:00
%endif
2009-09-16 16:02:38 +01:00
# netcf is used to manage network interfaces in Fedora 12 / RHEL-6 or newer
%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
2013-01-09 13:50:03 -07:00
%define with_netcf 0%{!?_without_netcf:%{server_drivers}}
2009-07-28 17:30:48 +01:00
%endif
2009-11-20 16:45:46 +01:00
# udev is used to manage host devices in Fedora 12 / RHEL-6 or newer
%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
2013-01-09 13:50:03 -07:00
%define with_udev 0%{!?_without_udev:%{server_drivers}}
2009-11-20 16:45:46 +01:00
%else
2013-01-09 13:50:03 -07:00
%define with_hal 0%{!?_without_hal:%{server_drivers}}
2009-11-20 16:45:46 +01:00
%endif
2012-09-17 20:27:06 -05:00
# interface requires netcf
%if ! 0%{?with_netcf}
2013-01-09 13:50:03 -07:00
%define with_interface 0
2012-09-17 20:27:06 -05:00
%endif
2009-11-03 13:59:18 -05:00
# Enable yajl library for JSON mode with QEMU
%if 0%{?fedora} >= 13 || 0%{?rhel} >= 6
2013-01-09 13:50:03 -07:00
%define with_yajl 0%{!?_without_yajl:%{server_drivers}}
2009-11-03 13:59:18 -05:00
%endif
2011-01-18 18:37:45 +00:00
# Enable sanlock library for lock management with QEMU
2014-05-06 09:39:18 +02:00
# Sanlock is available only on x86_64 for RHEL
2011-12-05 10:37:33 -07:00
%if 0%{?fedora} >= 16
2013-01-09 13:50:03 -07:00
%define with_sanlock 0%{!?_without_sanlock:%{server_drivers}}
2011-12-05 10:37:33 -07:00
%endif
2014-05-06 09:39:18 +02:00
%if 0%{?rhel} >= 6
2013-07-30 13:45:04 +02:00
%ifarch x86_64
%define with_sanlock 0%{!?_without_sanlock:%{server_drivers}}
2013-01-09 13:50:03 -07:00
%endif
2011-01-18 18:37:45 +00:00
%endif
2012-10-12 16:50:42 +02:00
# Enable libssh2 transport for new enough distros
2013-01-28 20:17:31 +01:00
%if 0%{?fedora} >= 17
2013-01-09 13:50:03 -07:00
%define with_libssh2 0%{!?_without_libssh2:1}
2012-10-12 16:50:42 +02:00
%endif
2014-02-04 12:37:15 -07:00
# Enable wireshark plugins for all distros shipping libvirt 1.2.2 or newer
%if 0%{?fedora} >= 21
%define with_wireshark 0%{!?_without_wireshark:1}
%endif
2011-07-14 13:20:19 +08:00
# Disable some drivers when building without libvirt daemon.
# The logic is the same as in configure.ac
%if ! %{with_libvirtd}
2013-01-09 13:50:03 -07:00
%define with_interface 0
%define with_network 0
%define with_qemu 0
%define with_lxc 0
%define with_uml 0
%define with_hal 0
%define with_udev 0
%define with_storage_fs 0
%define with_storage_lvm 0
%define with_storage_iscsi 0
%define with_storage_mpath 0
%define with_storage_rbd 0
%define with_storage_sheepdog 0
2013-11-19 16:26:05 -07:00
%define with_storage_gluster 0
2013-01-09 13:50:03 -07:00
%define with_storage_disk 0
2011-07-14 13:20:19 +08:00
%endif
2012-04-03 11:54:27 +01:00
%if %{with_qemu} || %{with_lxc} || %{with_uml}
2013-01-09 13:50:03 -07:00
%define with_nwfilter 0%{!?_without_nwfilter:%{server_drivers}}
2012-03-24 09:35:20 +08:00
# Enable libpcap library
2013-01-09 13:50:03 -07:00
%define with_libpcap 0%{!?_without_libpcap:%{server_drivers}}
%define with_macvtap 0%{!?_without_macvtap:%{server_drivers}}
2012-03-24 09:35:20 +08:00
2012-05-09 12:26:36 +08:00
# numad is used to manage the CPU and memory placement dynamically,
2012-03-24 09:35:20 +08:00
# it's not available on s390[x] and ARM.
2013-01-09 13:50:03 -07:00
%if 0%{?fedora} >= 17 || 0%{?rhel} >= 6
%ifnarch s390 s390x %{arm}
%define with_numad 0%{!?_without_numad:%{server_drivers}}
%endif
%endif
2010-05-25 15:31:38 -04:00
%endif
%if %{with_macvtap}
2013-01-09 13:50:03 -07:00
%define with_libnl 1
nwfilter: Support for learning a VM's IP address
This patch implements support for learning a VM's IP address. It uses
the pcap library to listen on the VM's backend network interface (tap)
or the physical ethernet device (macvtap) and tries to capture packets
with source or destination MAC address of the VM and learn from DHCP
Offers, ARP traffic, or first-sent IPv4 packet what the IP address of
the VM's interface is. This then allows to instantiate the network
traffic filtering rules without the user having to provide the IP
parameter somewhere in the filter description or in the interface
description as a parameter. This only supports to detect the parameter
IP, which is for the assumed single IPv4 address of a VM. There is not
support for interfaces that may have multiple IP addresses (IP
aliasing) or IPv6 that may then require more than one valid IP address
to be detected. A VM can have multiple independent interfaces that each
uses a different IP address and in that case it will be attempted to
detect each one of the address independently.
So, when for example an interface description in the domain XML has
looked like this up to now:
<interface type='bridge'>
<source bridge='mybridge'/>
<model type='virtio'/>
<filterref filter='clean-traffic'>
<parameter name='IP' value='10.2.3.4'/>
</filterref>
</interface>
you may omit the IP parameter:
<interface type='bridge'>
<source bridge='mybridge'/>
<model type='virtio'/>
<filterref filter='clean-traffic'/>
</interface>
Internally I am walking the 'tree' of a VM's referenced network filters
and determine with the given variables which variables are missing. Now,
the above IP parameter may be missing and this causes a libvirt-internal
thread to be started that uses the pcap library's API to listen to the
backend interface (in case of macvtap to the physical interface) in an
attempt to determine the missing IP parameter. If the backend interface
disappears the thread terminates assuming the VM was brought down. In
case of a macvtap device a timeout is being used to wait for packets
from the given VM (filtering by VM's interface MAC address). If the VM's
macvtap device disappeared the thread also terminates. In all other
cases it tries to determine the IP address of the VM and will then apply
the rules late on the given interface, which would have happened
immediately if the IP parameter had been explicitly given. In case an
error happens while the firewall rules are applied, the VM's backend
interface is 'down'ed preventing it to communicate. Reasons for failure
for applying the network firewall rules may that an ebtables/iptables
command failes or OOM errors. Essentially the same failure reasons may
occur as when the firewall rules are applied immediately on VM start,
except that due to the late application of the filtering rules the VM
now is already running and cannot be hindered anymore from starting.
Bringing down the whole VM would probably be considered too drastic.
While a VM's IP address is attempted to be determined only limited
updates to network filters are allowed. In particular it is prevented
that filters are modified in such a way that they would introduce new
variables.
A caveat: The algorithm does not know which one is the appropriate IP
address of a VM. If the VM spoofs an IP address in its first ARP traffic
or IPv4 packets its filtering rules will be instantiated for this IP
address, thus 'locking' it to the found IP address. So, it's still
'safer' to explicitly provide the IP address of a VM's interface in the
filter description if it is known beforehand.
* configure.ac: detect libpcap
* libvirt.spec.in: require libpcap[-devel] if qemu is built
* src/internal.h: add the new ATTRIBUTE_PACKED define
* src/Makefile.am src/libvirt_private.syms: add the new modules and symbols
* src/nwfilter/nwfilter_learnipaddr.[ch]: new module being added
* src/nwfilter/nwfilter_driver.c src/conf/nwfilter_conf.[ch]
src/nwfilter/nwfilter_ebiptables_driver.[ch]
src/nwfilter/nwfilter_gentech_driver.[ch]: plu the new functionality in
* tests/nwfilterxml2xmltest: extend testing
2010-04-07 23:02:18 +02:00
%endif
2010-09-15 14:44:11 +01:00
%if 0%{?fedora} >= 11 || 0%{?rhel} >= 5
2013-01-09 13:50:03 -07:00
%define with_audit 0%{!?_without_audit:1}
2010-09-15 14:44:11 +01:00
%endif
Add dtrace static probes in libvirtd
Adds initial support for dtrace static probes in libvirtd
daemon, assuming use of systemtap dtrace compat shim on
Linux. The probes are inserted for network client connect,
disconnect, TLS handshake states and authentication protocol
states.
This can be tested by running the xample program and then
attempting to connect with any libvirt client (virsh,
virt-manager, etc).
# stap examples/systemtap/client.stp
Client fd=44 connected readonly=0
Client fd=44 auth polkit deny pid:24997,uid:500
Client fd=44 disconnected
Client fd=46 connected readonly=1
Client fd=46 auth sasl allow test
Client fd=46 disconnected
The libvirtd.stp file should also really not be required,
since it is duplicated info that is already available in
the main probes.d definition file. A script to autogenerate
the .stp file is needed, either in libvirtd tree, or better
as part of systemtap itself.
* Makefile.am: Add examples/systemtap subdir
* autobuild.sh: Disable dtrace for mingw32
* configure.ac: Add check for dtrace
* daemon/.gitignore: Ignore generated dtrace probe file
* daemon/Makefile.am: Build dtrace probe header & object
files
* daemon/libvirtd.stp: SystemTAP convenience probeset
* daemon/libvirtd.c: Add connect/disconnect & TLS probes
* daemon/remote.c: Add SASL and PolicyKit auth probes
* daemon/probes.d: Master probe definition
* daemon/libvirtd.h: Add convenience macro for probes
so that compilation is a no-op when dtrace is not available
* examples/systemtap/Makefile.am, examples/systemtap/client.stp
Example systemtap script using dtrace probe markers
* libvirt.spec.in: Enable dtrace on F13/RHEL6
* mingw32-libvirt.spec.in: Force disable dtrace
2010-09-14 17:30:32 +01:00
%if 0%{?fedora} >= 13 || 0%{?rhel} >= 6
2013-01-09 13:50:03 -07:00
%define with_dtrace 1
Add dtrace static probes in libvirtd
Adds initial support for dtrace static probes in libvirtd
daemon, assuming use of systemtap dtrace compat shim on
Linux. The probes are inserted for network client connect,
disconnect, TLS handshake states and authentication protocol
states.
This can be tested by running the xample program and then
attempting to connect with any libvirt client (virsh,
virt-manager, etc).
# stap examples/systemtap/client.stp
Client fd=44 connected readonly=0
Client fd=44 auth polkit deny pid:24997,uid:500
Client fd=44 disconnected
Client fd=46 connected readonly=1
Client fd=46 auth sasl allow test
Client fd=46 disconnected
The libvirtd.stp file should also really not be required,
since it is duplicated info that is already available in
the main probes.d definition file. A script to autogenerate
the .stp file is needed, either in libvirtd tree, or better
as part of systemtap itself.
* Makefile.am: Add examples/systemtap subdir
* autobuild.sh: Disable dtrace for mingw32
* configure.ac: Add check for dtrace
* daemon/.gitignore: Ignore generated dtrace probe file
* daemon/Makefile.am: Build dtrace probe header & object
files
* daemon/libvirtd.stp: SystemTAP convenience probeset
* daemon/libvirtd.c: Add connect/disconnect & TLS probes
* daemon/remote.c: Add SASL and PolicyKit auth probes
* daemon/probes.d: Master probe definition
* daemon/libvirtd.h: Add convenience macro for probes
so that compilation is a no-op when dtrace is not available
* examples/systemtap/Makefile.am, examples/systemtap/client.stp
Example systemtap script using dtrace probe markers
* libvirt.spec.in: Enable dtrace on F13/RHEL6
* mingw32-libvirt.spec.in: Force disable dtrace
2010-09-14 17:30:32 +01:00
%endif
2010-12-23 09:44:19 +01:00
# Pull in cgroups config system
%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
2013-01-09 13:50:03 -07:00
%if %{with_qemu} || %{with_lxc}
%define with_cgconfig 0%{!?_without_cgconfig:1}
%endif
2010-12-23 09:44:19 +01:00
%endif
2012-04-02 20:53:43 +01:00
%if %{with_udev} || %{with_hal}
2013-01-09 13:50:03 -07:00
%define with_nodedev 1
2012-04-02 20:53:43 +01:00
%else
2013-01-09 13:50:03 -07:00
%define with_nodedev 0
2012-04-02 20:53:43 +01:00
%endif
%if %{with_storage_fs} || %{with_storage_mpath} || %{with_storage_iscsi} || %{with_storage_lvm} || %{with_storage_disk}
2013-01-09 13:50:03 -07:00
%define with_storage 1
2012-04-02 20:53:43 +01:00
%else
2013-01-09 13:50:03 -07:00
%define with_storage 0
2012-04-02 20:53:43 +01:00
%endif
2009-09-16 16:02:38 +01:00
# Force QEMU to run as non-root
%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
2013-01-09 13:50:03 -07:00
%define qemu_user qemu
%define qemu_group qemu
2009-07-15 22:25:01 +01:00
%else
2013-01-09 13:50:03 -07:00
%define qemu_user root
%define qemu_group root
2009-07-15 22:25:01 +01:00
%endif
2009-09-16 16:02:38 +01:00
# The RHEL-5 Xen package has some feature backports. This
# flag is set to enable use of those special bits on RHEL-5
%if 0%{?rhel} == 5
2013-01-09 13:50:03 -07:00
%define with_rhel5 1
2009-09-16 16:02:38 +01:00
%else
2013-01-09 13:50:03 -07:00
%define with_rhel5 0
2009-01-20 17:27:34 +00:00
%endif
2012-10-25 12:10:55 +02:00
%if 0%{?fedora} >= 18 || 0%{?rhel} >= 7
2013-01-09 13:50:03 -07:00
%define with_systemd_macros 1
2012-10-25 12:10:55 +02:00
%else
2013-01-09 13:50:03 -07:00
%define with_systemd_macros 0
2012-10-25 12:10:55 +02:00
%endif
2013-07-30 16:01:11 +02:00
# RHEL releases provide stable tool chains and so it is safe to turn
# compiler warning into errors without being worried about frequent
# changes in reported warnings
%if 0%{?rhel}
%define enable_werror --enable-werror
%endif
2010-11-11 12:21:28 -05:00
Summary : Library providing a simple virtualization API
2006-02-09 17:45:11 +00:00
Name : libvirt
2005-11-02 15:37:34 +00:00
Version : @VERSION@
2008-06-12 16:10:50 +00:00
Release : 1%{?dist} %{?extra_release}
2008-08-08 14:27:05 +00:00
License : LGPLv2+
2005-11-02 15:37:34 +00:00
Group : Development/Libraries
2008-07-07 10:00:30 +00:00
BuildRoot : %{_tmppath} /%{name} -%{version} -%{release} -root
2006-09-21 15:24:37 +00:00
URL : http://libvirt.org/
2011-03-23 10:20:14 -06:00
2012-05-06 14:09:22 -04:00
%if %(echo %{version} | grep -o \\. | wc -l) == 3
2013-01-09 13:50:03 -07:00
%define mainturl stable_updates/
2012-05-06 14:09:22 -04:00
%endif
Source : http://libvirt.org/sources/%{?mainturl} libvirt-%{version} .tar.gz
2009-09-16 16:02:38 +01:00
%if %{with_libvirtd}
2012-04-03 11:44:59 +01:00
Requires : libvirt-daemon = %{version} -%{release}
2013-01-09 13:50:03 -07:00
%if %{with_network}
2012-04-03 11:44:59 +01:00
Requires : libvirt-daemon-config-network = %{version} -%{release}
2013-01-09 13:50:03 -07:00
%endif
%if %{with_nwfilter}
2012-04-03 11:44:59 +01:00
Requires : libvirt-daemon-config-nwfilter = %{version} -%{release}
2013-01-09 13:50:03 -07:00
%endif
%if %{with_driver_modules}
%if %{with_libxl}
2012-07-18 17:27:03 +01:00
Requires : libvirt-daemon-driver-libxl = %{version} -%{release}
2013-01-09 13:50:03 -07:00
%endif
%if %{with_lxc}
2012-07-18 17:27:03 +01:00
Requires : libvirt-daemon-driver-lxc = %{version} -%{release}
2013-01-09 13:50:03 -07:00
%endif
%if %{with_qemu}
2012-07-18 17:27:03 +01:00
Requires : libvirt-daemon-driver-qemu = %{version} -%{release}
2013-01-09 13:50:03 -07:00
%endif
%if %{with_uml}
2012-07-18 17:27:03 +01:00
Requires : libvirt-daemon-driver-uml = %{version} -%{release}
2013-01-09 13:50:03 -07:00
%endif
%if %{with_xen}
2012-07-18 17:27:03 +01:00
Requires : libvirt-daemon-driver-xen = %{version} -%{release}
2013-01-09 13:50:03 -07:00
%endif
2013-05-17 13:31:59 +01:00
%if %{with_vbox}
Requires : libvirt-daemon-driver-vbox = %{version} -%{release}
%endif
2013-12-05 14:43:28 -07:00
%if %{with_nwfilter}
Requires : libvirt-daemon-driver-nwfilter = %{version} -%{release}
%endif
2012-07-18 17:27:03 +01:00
2014-02-10 10:54:30 +01:00
%if %{with_interface}
2012-07-18 17:27:03 +01:00
Requires : libvirt-daemon-driver-interface = %{version} -%{release}
2014-02-10 10:54:30 +01:00
%endif
2012-07-18 17:27:03 +01:00
Requires : libvirt-daemon-driver-secret = %{version} -%{release}
Requires : libvirt-daemon-driver-storage = %{version} -%{release}
Requires : libvirt-daemon-driver-network = %{version} -%{release}
Requires : libvirt-daemon-driver-nodedev = %{version} -%{release}
2013-01-09 13:50:03 -07:00
%endif
2012-07-23 17:58:28 +08:00
%endif
2012-04-03 11:44:59 +01:00
Requires : libvirt-client = %{version} -%{release}
2011-03-23 10:20:14 -06:00
2012-04-03 11:44:59 +01:00
# All build-time requirements. Run-time requirements are
# listed against each sub-RPM
2011-12-05 10:22:10 -07:00
%if 0%{?enable_autotools}
BuildRequires : autoconf
BuildRequires : automake
BuildRequires : gettext-devel
BuildRequires : libtool
2013-04-08 14:48:18 +02:00
BuildRequires : /usr/bin/pod2man
2011-12-05 10:22:10 -07:00
%endif
2013-11-22 16:42:22 +00:00
BuildRequires : python
2011-07-07 14:45:07 +01:00
%if %{with_systemd}
BuildRequires : systemd-units
%endif
2014-02-25 13:12:34 -07:00
%if %{with_systemd_daemon}
BuildRequires : systemd-devel
%endif
2013-06-29 14:50:14 -06:00
%if %{with_xen} || %{with_libxl}
2006-07-24 14:32:03 +00:00
BuildRequires : xen-devel
2008-06-12 16:10:50 +00:00
%endif
2006-02-23 11:35:37 +00:00
BuildRequires : libxml2-devel
2008-08-20 13:16:29 +00:00
BuildRequires : xhtml1-dtds
2011-03-23 10:30:49 -06:00
BuildRequires : libxslt
2006-03-04 08:57:22 +00:00
BuildRequires : readline-devel
2006-07-13 22:27:31 +00:00
BuildRequires : ncurses-devel
2006-09-21 15:24:37 +00:00
BuildRequires : gettext
2011-07-25 18:17:57 +01:00
BuildRequires : libtasn1-devel
build: avoid -lgcrypt with newer gnutls
https://bugzilla.redhat.com/show_bug.cgi?id=951637
Newer gnutls uses nettle, rather than gcrypt, which is a lot nicer
regarding initialization. Yet we were unconditionally initializing
gcrypt even when gnutls wouldn't be using it, and having two crypto
libraries linked into libvirt.so is pointless, but mostly harmless
(it doesn't crash, but does interfere with certification efforts).
There are three distinct version ranges to worry about when
determining which crypto lib gnutls uses, per these gnutls mails:
2.12: http://lists.gnu.org/archive/html/gnutls-devel/2011-03/msg00034.html
3.0: http://lists.gnu.org/archive/html/gnutls-devel/2011-07/msg00035.html
If pkg-config can prove version numbers and/or list the crypto
library used for static linking, we have our proof; if not, it
is safer (even if pointless) to continue to use gcrypt ourselves.
* configure.ac (WITH_GNUTLS): Probe whether to add -lgcrypt, and
define a witness WITH_GNUTLS_GCRYPT.
* src/libvirt.c (virTLSMutexInit, virTLSMutexDestroy)
(virTLSMutexLock, virTLSMutexUnlock, virTLSThreadImpl)
(virGlobalInit): Honor the witness.
* libvirt.spec.in (BuildRequires): Make gcrypt usage conditional,
no longer needed in Fedora 19.
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-07-25 16:03:17 -06:00
%if (0%{?rhel} && 0%{?rhel} < 7) || (0%{?fedora} && 0%{?fedora} < 19)
2013-06-03 14:57:29 +02:00
BuildRequires : libgcrypt-devel
build: avoid -lgcrypt with newer gnutls
https://bugzilla.redhat.com/show_bug.cgi?id=951637
Newer gnutls uses nettle, rather than gcrypt, which is a lot nicer
regarding initialization. Yet we were unconditionally initializing
gcrypt even when gnutls wouldn't be using it, and having two crypto
libraries linked into libvirt.so is pointless, but mostly harmless
(it doesn't crash, but does interfere with certification efforts).
There are three distinct version ranges to worry about when
determining which crypto lib gnutls uses, per these gnutls mails:
2.12: http://lists.gnu.org/archive/html/gnutls-devel/2011-03/msg00034.html
3.0: http://lists.gnu.org/archive/html/gnutls-devel/2011-07/msg00035.html
If pkg-config can prove version numbers and/or list the crypto
library used for static linking, we have our proof; if not, it
is safer (even if pointless) to continue to use gcrypt ourselves.
* configure.ac (WITH_GNUTLS): Probe whether to add -lgcrypt, and
define a witness WITH_GNUTLS_GCRYPT.
* src/libvirt.c (virTLSMutexInit, virTLSMutexDestroy)
(virTLSMutexLock, virTLSMutexUnlock, virTLSThreadImpl)
(virGlobalInit): Honor the witness.
* libvirt.spec.in (BuildRequires): Make gcrypt usage conditional,
no longer needed in Fedora 19.
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-07-25 16:03:17 -06:00
%endif
2007-06-11 13:24:45 +00:00
BuildRequires : gnutls-devel
2012-09-19 14:00:34 +01:00
BuildRequires : libattr-devel
2013-05-01 14:16:10 -06:00
%if %{with_libvirtd}
# For pool-build probing for existing pools
BuildRequires : libblkid-devel >= 2.17
%endif
2011-03-23 10:30:49 -06:00
%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
# for augparse, optionally used in testing
BuildRequires : augeas
%endif
2009-09-16 16:02:38 +01:00
%if %{with_hal}
2008-11-26 14:46:49 +00:00
BuildRequires : hal-devel
2009-09-16 16:02:38 +01:00
%endif
2009-11-20 16:45:46 +01:00
%if %{with_udev}
2013-01-09 13:50:03 -07:00
%if 0%{?fedora} >= 18 || 0%{?rhel} >= 7
2012-06-06 14:03:47 -04:00
BuildRequires : systemd-devel >= 185
2013-01-09 13:50:03 -07:00
%else
2009-11-20 16:45:46 +01:00
BuildRequires : libudev-devel >= 145
2013-01-09 13:50:03 -07:00
%endif
2009-11-20 16:45:46 +01:00
BuildRequires : libpciaccess-devel >= 0.10.9
%endif
2009-11-03 13:59:18 -05:00
%if %{with_yajl}
BuildRequires : yajl-devel
%endif
2011-01-18 18:37:45 +00:00
%if %{with_sanlock}
2012-10-16 12:45:27 +02:00
# make sure libvirt is built with new enough sanlock on
# distros that have it; required for on_lockfailure
2013-01-09 13:50:03 -07:00
%if 0%{?fedora} >= 17 || 0%{?rhel} >= 6
2012-10-16 12:45:27 +02:00
BuildRequires : sanlock-devel >= 2.4
2013-01-09 13:50:03 -07:00
%else
2011-09-19 11:04:59 +01:00
BuildRequires : sanlock-devel >= 1.8
2013-01-09 13:50:03 -07:00
%endif
2012-10-16 12:45:27 +02:00
%endif
nwfilter: Support for learning a VM's IP address
This patch implements support for learning a VM's IP address. It uses
the pcap library to listen on the VM's backend network interface (tap)
or the physical ethernet device (macvtap) and tries to capture packets
with source or destination MAC address of the VM and learn from DHCP
Offers, ARP traffic, or first-sent IPv4 packet what the IP address of
the VM's interface is. This then allows to instantiate the network
traffic filtering rules without the user having to provide the IP
parameter somewhere in the filter description or in the interface
description as a parameter. This only supports to detect the parameter
IP, which is for the assumed single IPv4 address of a VM. There is not
support for interfaces that may have multiple IP addresses (IP
aliasing) or IPv6 that may then require more than one valid IP address
to be detected. A VM can have multiple independent interfaces that each
uses a different IP address and in that case it will be attempted to
detect each one of the address independently.
So, when for example an interface description in the domain XML has
looked like this up to now:
<interface type='bridge'>
<source bridge='mybridge'/>
<model type='virtio'/>
<filterref filter='clean-traffic'>
<parameter name='IP' value='10.2.3.4'/>
</filterref>
</interface>
you may omit the IP parameter:
<interface type='bridge'>
<source bridge='mybridge'/>
<model type='virtio'/>
<filterref filter='clean-traffic'/>
</interface>
Internally I am walking the 'tree' of a VM's referenced network filters
and determine with the given variables which variables are missing. Now,
the above IP parameter may be missing and this causes a libvirt-internal
thread to be started that uses the pcap library's API to listen to the
backend interface (in case of macvtap to the physical interface) in an
attempt to determine the missing IP parameter. If the backend interface
disappears the thread terminates assuming the VM was brought down. In
case of a macvtap device a timeout is being used to wait for packets
from the given VM (filtering by VM's interface MAC address). If the VM's
macvtap device disappeared the thread also terminates. In all other
cases it tries to determine the IP address of the VM and will then apply
the rules late on the given interface, which would have happened
immediately if the IP parameter had been explicitly given. In case an
error happens while the firewall rules are applied, the VM's backend
interface is 'down'ed preventing it to communicate. Reasons for failure
for applying the network firewall rules may that an ebtables/iptables
command failes or OOM errors. Essentially the same failure reasons may
occur as when the firewall rules are applied immediately on VM start,
except that due to the late application of the filtering rules the VM
now is already running and cannot be hindered anymore from starting.
Bringing down the whole VM would probably be considered too drastic.
While a VM's IP address is attempted to be determined only limited
updates to network filters are allowed. In particular it is prevented
that filters are modified in such a way that they would introduce new
variables.
A caveat: The algorithm does not know which one is the appropriate IP
address of a VM. If the VM spoofs an IP address in its first ARP traffic
or IPv4 packets its filtering rules will be instantiated for this IP
address, thus 'locking' it to the found IP address. So, it's still
'safer' to explicitly provide the IP address of a VM's interface in the
filter description if it is known beforehand.
* configure.ac: detect libpcap
* libvirt.spec.in: require libpcap[-devel] if qemu is built
* src/internal.h: add the new ATTRIBUTE_PACKED define
* src/Makefile.am src/libvirt_private.syms: add the new modules and symbols
* src/nwfilter/nwfilter_learnipaddr.[ch]: new module being added
* src/nwfilter/nwfilter_driver.c src/conf/nwfilter_conf.[ch]
src/nwfilter/nwfilter_ebiptables_driver.[ch]
src/nwfilter/nwfilter_gentech_driver.[ch]: plu the new functionality in
* tests/nwfilterxml2xmltest: extend testing
2010-04-07 23:02:18 +02:00
%if %{with_libpcap}
BuildRequires : libpcap-devel
%endif
2010-05-25 15:31:38 -04:00
%if %{with_libnl}
2013-01-09 13:50:03 -07:00
%if 0%{?fedora} >= 18 || 0%{?rhel} >= 7
2012-08-24 17:57:42 -04:00
BuildRequires : libnl3-devel
2013-01-09 13:50:03 -07:00
%else
2010-05-25 15:31:38 -04:00
BuildRequires : libnl-devel
2013-01-09 13:50:03 -07:00
%endif
2012-08-24 17:57:42 -04:00
%endif
2008-09-17 14:09:13 +00:00
%if %{with_avahi}
2007-09-19 01:56:55 +00:00
BuildRequires : avahi-devel
2008-09-17 14:09:13 +00:00
%endif
2009-09-16 16:02:38 +01:00
%if %{with_selinux}
2008-02-20 15:38:29 +00:00
BuildRequires : libselinux-devel
2009-09-16 16:02:38 +01:00
%endif
2013-07-30 12:04:55 +01:00
%if %{with_apparmor}
BuildRequires : libapparmor-devel
%endif
2009-09-16 16:02:38 +01:00
%if %{with_network}
2010-08-11 20:25:09 +02:00
BuildRequires : dnsmasq >= 2.41
2011-03-23 10:30:49 -06:00
BuildRequires : iptables
2014-07-08 16:33:58 +02:00
%if (0%{?fedora} && 0%{?fedora} < 17) || (0%{?rhel} && 0%{?rhel} < 7)
2011-03-23 10:30:49 -06:00
BuildRequires : iptables-ipv6
2014-07-08 12:56:59 +02:00
%endif
2011-03-23 10:30:49 -06:00
BuildRequires : radvd
%endif
%if %{with_nwfilter}
BuildRequires : ebtables
2009-09-16 16:02:38 +01:00
%endif
2011-03-23 10:30:49 -06:00
BuildRequires : module-init-tools
2008-09-17 14:09:13 +00:00
%if %{with_sasl}
2008-06-12 16:10:50 +00:00
BuildRequires : cyrus-sasl-devel
2008-09-17 14:09:13 +00:00
%endif
2007-12-05 18:21:27 +00:00
%if %{with_polkit}
2013-01-09 13:50:03 -07:00
%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
2013-08-28 15:25:40 +01:00
BuildRequires : polkit-devel >= 0.93
2013-01-09 13:50:03 -07:00
%else
2007-12-05 18:21:27 +00:00
BuildRequires : PolicyKit-devel >= 0.6
2013-01-09 13:50:03 -07:00
%endif
2009-08-06 13:54:08 +01:00
%endif
2009-03-31 12:45:07 +00:00
%if %{with_storage_fs}
2008-02-20 15:42:30 +00:00
# For mount/umount in FS driver
BuildRequires : util-linux
2009-03-31 12:45:07 +00:00
%endif
2008-02-20 15:42:30 +00:00
%if %{with_qemu}
# From QEMU RPMs
BuildRequires : /usr/bin/qemu-img
%else
2013-01-09 13:50:03 -07:00
%if %{with_xen}
2008-02-20 15:42:30 +00:00
# From Xen RPMs
BuildRequires : /usr/sbin/qcow-create
2013-01-09 13:50:03 -07:00
%endif
2008-06-12 16:10:50 +00:00
%endif
2009-03-31 12:45:07 +00:00
%if %{with_storage_lvm}
2008-02-20 15:45:33 +00:00
# For LVM drivers
BuildRequires : lvm2
2009-03-31 12:45:07 +00:00
%endif
%if %{with_storage_iscsi}
2008-02-20 15:49:25 +00:00
# For ISCSI driver
BuildRequires : iscsi-initiator-utils
2009-03-31 12:45:07 +00:00
%endif
%if %{with_storage_disk}
2008-02-20 15:52:17 +00:00
# For disk driver
BuildRequires : parted-devel
2013-01-09 13:50:03 -07:00
%if 0%{?rhel} == 5
2009-09-16 16:02:38 +01:00
# Broken RHEL-5 parted RPM is missing a dep
BuildRequires : e2fsprogs-devel
2013-01-09 13:50:03 -07:00
%endif
2009-03-31 12:45:07 +00:00
%endif
2014-02-25 12:28:53 -07:00
%if %{with_storage_mpath} || %{with_storage_disk}
2009-09-08 16:07:54 +02:00
# For Multipath support
2013-01-09 13:50:03 -07:00
%if 0%{?rhel} == 5
2009-09-16 16:02:38 +01:00
# Broken RHEL-5 packaging has header files in main RPM :-(
BuildRequires : device-mapper
2013-01-09 13:50:03 -07:00
%else
2009-09-08 16:07:54 +02:00
BuildRequires : device-mapper-devel
2013-01-09 13:50:03 -07:00
%endif
2014-02-25 12:28:53 -07:00
%endif
%if %{with_storage_rbd}
2012-05-14 11:06:42 +02:00
BuildRequires : ceph-devel
2009-09-16 16:02:38 +01:00
%endif
2013-11-19 16:26:05 -07:00
%if %{with_storage_gluster}
2014-02-17 13:47:32 +01:00
%if 0%{?rhel} >= 6
BuildRequires : glusterfs-api-devel >= 3.4.0
BuildRequires : glusterfs-devel >= 3.4.0
%else
2013-11-19 16:26:05 -07:00
BuildRequires : glusterfs-api-devel >= 3.4.1
BuildRequires : glusterfs-devel >= 3.4.1
2014-02-17 13:47:32 +01:00
%endif
2013-11-19 16:26:05 -07:00
%endif
2009-03-31 12:45:07 +00:00
%if %{with_numactl}
2008-11-28 11:20:27 +00:00
# For QEMU/LXC numa info
BuildRequires : numactl-devel
2009-03-31 12:45:07 +00:00
%endif
2009-06-29 11:33:13 +00:00
%if %{with_capng}
2009-07-28 18:30:20 +01:00
BuildRequires : libcap-ng-devel >= 0.5.0
2009-06-29 11:33:13 +00:00
%endif
2012-11-12 15:02:23 +08:00
%if %{with_fuse}
BuildRequires : fuse-devel >= 2.8.6
%endif
2013-01-08 21:47:55 +00:00
%if %{with_phyp} || %{with_libssh2}
2012-10-12 16:50:42 +02:00
BuildRequires : libssh2-devel >= 1.3.0
%endif
2012-08-24 17:57:42 -04:00
2009-07-28 17:30:48 +01:00
%if %{with_netcf}
2013-01-09 13:50:03 -07:00
%if 0%{?fedora} >= 18 || 0%{?rhel} >= 7
2012-08-24 17:57:42 -04:00
BuildRequires : netcf-devel >= 0.2.2
2013-01-09 13:50:03 -07:00
%else
%if 0%{?fedora} >= 16 || 0%{?rhel} >= 6
2011-06-20 09:41:49 -06:00
BuildRequires : netcf-devel >= 0.1.8
2013-01-09 13:50:03 -07:00
%else
2009-11-20 19:43:59 +01:00
BuildRequires : netcf-devel >= 0.1.4
2013-01-09 13:50:03 -07:00
%endif
%endif
2012-08-24 17:57:42 -04:00
%endif
2010-05-04 16:13:55 +02:00
%if %{with_esx}
2013-01-09 13:50:03 -07:00
%if 0%{?fedora} >= 9 || 0%{?rhel} >= 6
2010-05-04 16:13:55 +02:00
BuildRequires : libcurl-devel
2013-01-09 13:50:03 -07:00
%else
2011-03-23 10:30:49 -06:00
BuildRequires : curl-devel
2013-01-09 13:50:03 -07:00
%endif
2010-05-04 16:13:55 +02:00
%endif
2011-07-13 16:05:18 +02:00
%if %{with_hyperv}
BuildRequires : libwsman-devel >= 2.2.3
%endif
2010-09-15 14:44:11 +01:00
%if %{with_audit}
BuildRequires : audit-libs-devel
%endif
2010-11-30 19:52:25 +01:00
%if %{with_dtrace}
# we need /usr/sbin/dtrace
BuildRequires : systemtap-sdt-devel
%endif
2011-03-23 10:20:14 -06:00
%if %{with_storage_fs}
# For mount/umount in FS driver
BuildRequires : util-linux
# For showmount in FS driver (netfs discovery)
BuildRequires : nfs-utils
%endif
2008-06-12 16:10:50 +00:00
2012-08-23 17:44:08 +08:00
%if %{with_firewalld}
# Communication with the firewall daemon uses DBus
BuildRequires : dbus-devel
%endif
2008-06-12 16:10:50 +00:00
# Fedora build root suckage
BuildRequires : gawk
2005-11-02 15:37:34 +00:00
2012-02-14 11:09:42 +01:00
# For storage wiping with different algorithms
BuildRequires : scrub
2012-03-24 09:35:20 +08:00
%if %{with_numad}
BuildRequires : numad
%endif
2014-02-04 12:37:15 -07:00
%if %{with_wireshark}
BuildRequires : wireshark-devel
%endif
2012-05-15 16:03:14 +01:00
Provides : bundled(gnulib)
2005-11-02 15:37:34 +00:00
%description
2008-01-24 10:15:13 +00:00
Libvirt is a C toolkit to interact with the virtualization capabilities
2009-07-21 11:16:15 +02:00
of recent versions of Linux (and other OSes). The main package includes
the libvirtd server exporting the virtualization support.
2012-04-03 10:52:12 +01:00
%package docs
Summary : API reference and website documentation
Group : Development/Libraries
%description docs
Includes the API reference for the libvirt C library, and a complete
copy of the libvirt.org website documentation.
2012-04-03 11:44:59 +01:00
%if %{with_libvirtd}
%package daemon
Summary : Server side daemon and supporting files for libvirt library
Group : Development/Libraries
# All runtime requirements for the libvirt package (runtime requrements
# for subpackages are listed later in those subpackages)
# The client side, i.e. shared libs and virsh are in a subpackage
Requires : %{name} -client = %{version} -%{release}
# for modprobe of pci devices
Requires : module-init-tools
# for /sbin/ip & /sbin/tc
Requires : iproute
2013-01-09 13:50:03 -07:00
%if %{with_avahi}
%if 0%{?rhel} == 5
2013-01-10 20:44:01 +08:00
Requires : avahi
2013-01-09 13:50:03 -07:00
%else
2012-04-03 11:44:59 +01:00
Requires : avahi-libs
2013-01-09 13:50:03 -07:00
%endif
%endif
%if %{with_polkit}
%if 0%{?fedora} >= 12 || 0%{?rhel} >=6
2012-04-03 11:44:59 +01:00
Requires : polkit >= 0.93
2013-01-09 13:50:03 -07:00
%else
2012-04-03 11:44:59 +01:00
Requires : PolicyKit >= 0.6
2013-01-09 13:50:03 -07:00
%endif
%endif
%if %{with_cgconfig}
2012-04-03 11:44:59 +01:00
Requires : libcgroup
2013-01-09 13:50:03 -07:00
%endif
%ifarch %{ix86} x86_64 ia64
2012-04-03 11:44:59 +01:00
# For virConnectGetSysinfo
Requires : dmidecode
2013-01-09 13:50:03 -07:00
%endif
2012-04-03 11:44:59 +01:00
# For service management
2013-01-09 13:50:03 -07:00
%if %{with_systemd}
2012-04-03 11:44:59 +01:00
Requires(post) : systemd-units
Requires(post) : systemd-sysv
Requires(preun) : systemd-units
Requires(postun) : systemd-units
2013-01-09 13:50:03 -07:00
%endif
%if %{with_numad}
2012-04-03 11:44:59 +01:00
Requires : numad
2013-01-09 13:50:03 -07:00
%endif
2012-12-04 20:43:05 -07:00
# libvirtd depends on 'messagebus' service
Requires : dbus
2013-05-01 14:28:43 -06:00
# For uid creation during pre
Requires(pre) : shadow-utils
2012-04-03 11:44:59 +01:00
%description daemon
Server side daemon required to manage the virtualization capabilities
of recent versions of Linux. Requires a hypervisor specific sub-RPM
for specific drivers.
2013-01-09 13:50:03 -07:00
%if %{with_network}
2012-04-03 11:44:59 +01:00
%package daemon-config-network
Summary : Default configuration files for the libvirtd daemon
Group : Development/Libraries
Requires : libvirt-daemon = %{version} -%{release}
2014-02-11 11:35:20 +01:00
%if %{with_driver_modules}
Requires : libvirt-daemon-driver-network = %{version} -%{release}
%endif
2012-04-03 11:44:59 +01:00
%description daemon-config-network
Default configuration files for setting up NAT based networking
2013-01-09 13:50:03 -07:00
%endif
2012-04-03 11:44:59 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_nwfilter}
2012-04-03 11:44:59 +01:00
%package daemon-config-nwfilter
Summary : Network filter configuration files for the libvirtd daemon
Group : Development/Libraries
Requires : libvirt-daemon = %{version} -%{release}
2014-02-12 14:33:16 -07:00
%if %{with_driver_modules}
Requires : libvirt-daemon-driver-nwfilter = %{version} -%{release}
%endif
2012-04-03 11:44:59 +01:00
%description daemon-config-nwfilter
Network filter configuration files for cleaning guest traffic
2013-01-09 13:50:03 -07:00
%endif
2012-04-03 11:54:27 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_driver_modules}
%if %{with_network}
2012-04-02 20:53:43 +01:00
%package daemon-driver-network
Summary : Network driver plugin for the libvirtd daemon
Group : Development/Libraries
Requires : libvirt-daemon = %{version} -%{release}
2013-10-29 11:27:45 +00:00
Requires : dnsmasq >= 2.41
Requires : radvd
Requires : iptables
2014-07-08 16:33:58 +02:00
%if (0%{?fedora} && 0%{?fedora} < 17) || (0%{?rhel} && 0%{?rhel} < 7)
2013-10-29 11:27:45 +00:00
Requires : iptables-ipv6
2014-07-08 15:53:54 +02:00
%endif
2012-04-02 20:53:43 +01:00
%description daemon-driver-network
The network driver plugin for the libvirtd daemon, providing
an implementation of the virtual network APIs using the Linux
bridge capabilities.
2013-01-09 13:50:03 -07:00
%endif
2012-04-02 20:53:43 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_nwfilter}
2012-04-02 20:53:43 +01:00
%package daemon-driver-nwfilter
Summary : Nwfilter driver plugin for the libvirtd daemon
Group : Development/Libraries
Requires : libvirt-daemon = %{version} -%{release}
2013-10-29 11:27:45 +00:00
Requires : iptables
2014-07-08 16:33:58 +02:00
%if (0%{?fedora} && 0%{?fedora} < 17) || (0%{?rhel} && 0%{?rhel} < 7)
2013-10-29 11:27:45 +00:00
Requires : iptables-ipv6
2014-07-08 15:53:54 +02:00
%endif
2013-10-29 11:27:45 +00:00
Requires : ebtables
2012-04-02 20:53:43 +01:00
%description daemon-driver-nwfilter
The nwfilter driver plugin for the libvirtd daemon, providing
an implementation of the firewall APIs using the ebtables,
iptables and ip6tables capabilities
2013-01-09 13:50:03 -07:00
%endif
2012-04-02 20:53:43 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_nodedev}
2012-04-02 20:53:43 +01:00
%package daemon-driver-nodedev
Summary : Nodedev driver plugin for the libvirtd daemon
Group : Development/Libraries
Requires : libvirt-daemon = %{version} -%{release}
2013-10-29 11:27:45 +00:00
# needed for device enumeration
%if %{with_hal}
Requires : hal
%endif
%if %{with_udev}
%if 0%{?fedora} >= 18 || 0%{?rhel} >= 7
Requires : systemd >= 185
%else
Requires : udev >= 145
%endif
%endif
2012-04-02 20:53:43 +01:00
%description daemon-driver-nodedev
The nodedev driver plugin for the libvirtd daemon, providing
an implementation of the node device APIs using the udev
capabilities.
2013-01-09 13:50:03 -07:00
%endif
2012-04-02 20:53:43 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_interface}
2012-04-02 20:53:43 +01:00
%package daemon-driver-interface
Summary : Interface driver plugin for the libvirtd daemon
Group : Development/Libraries
Requires : libvirt-daemon = %{version} -%{release}
2013-10-29 11:27:45 +00:00
%if %{with_netcf} && (0%{?fedora} >= 18 || 0%{?rhel} >= 7)
Requires : netcf-libs >= 0.2.2
%endif
2012-04-02 20:53:43 +01:00
%description daemon-driver-interface
The interface driver plugin for the libvirtd daemon, providing
an implementation of the network interface APIs using the
netcf library
2013-01-09 13:50:03 -07:00
%endif
2012-04-02 20:53:43 +01:00
%package daemon-driver-secret
Summary : Secret driver plugin for the libvirtd daemon
Group : Development/Libraries
Requires : libvirt-daemon = %{version} -%{release}
%description daemon-driver-secret
The secret driver plugin for the libvirtd daemon, providing
an implementation of the secret key APIs.
2013-01-09 13:50:03 -07:00
%if %{with_storage}
2012-04-02 20:53:43 +01:00
%package daemon-driver-storage
Summary : Storage driver plugin for the libvirtd daemon
Group : Development/Libraries
Requires : libvirt-daemon = %{version} -%{release}
2013-10-29 11:27:45 +00:00
%if %{with_storage_fs}
Requires : nfs-utils
# For mkfs
Requires : util-linux
# For glusterfs
%if 0%{?fedora} >= 11
Requires : glusterfs-client >= 2.0.1
%endif
%endif
%if %{with_storage_lvm}
# For LVM drivers
Requires : lvm2
%endif
%if %{with_storage_iscsi}
# For ISCSI driver
Requires : iscsi-initiator-utils
%endif
%if %{with_storage_disk}
# For disk driver
Requires : parted
Requires : device-mapper
%endif
%if %{with_storage_mpath}
# For multipath support
Requires : device-mapper
%endif
%if %{with_storage_sheepdog}
# For Sheepdog support
Requires : sheepdog
%endif
%if %{with_qemu}
# From QEMU RPMs
Requires : /usr/bin/qemu-img
%else
%if %{with_xen}
# From Xen RPMs
Requires : /usr/sbin/qcow-create
%endif
%endif
2012-04-02 20:53:43 +01:00
%description daemon-driver-storage
The storage driver plugin for the libvirtd daemon, providing
an implementation of the storage APIs using LVM, iSCSI,
parted and more.
2013-01-09 13:50:03 -07:00
%endif
2012-04-02 20:53:43 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_qemu}
2012-04-02 20:53:43 +01:00
%package daemon-driver-qemu
Summary : Qemu driver plugin for the libvirtd daemon
Group : Development/Libraries
Requires : libvirt-daemon = %{version} -%{release}
# There really is a hard cross-driver dependency here
2012-05-25 08:10:56 +01:00
Requires : libvirt-daemon-driver-network = %{version} -%{release}
2013-10-29 11:27:45 +00:00
Requires : /usr/bin/qemu-img
# For image compression
Requires : gzip
Requires : bzip2
Requires : lzop
Requires : xz
2012-04-02 20:53:43 +01:00
%description daemon-driver-qemu
The qemu driver plugin for the libvirtd daemon, providing
an implementation of the hypervisor driver APIs using
QEMU
2013-01-09 13:50:03 -07:00
%endif
2012-04-02 20:53:43 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_lxc}
2012-04-02 20:53:43 +01:00
%package daemon-driver-lxc
Summary : LXC driver plugin for the libvirtd daemon
Group : Development/Libraries
Requires : libvirt-daemon = %{version} -%{release}
# There really is a hard cross-driver dependency here
2012-05-25 08:10:56 +01:00
Requires : libvirt-daemon-driver-network = %{version} -%{release}
2012-04-02 20:53:43 +01:00
%description daemon-driver-lxc
The LXC driver plugin for the libvirtd daemon, providing
an implementation of the hypervisor driver APIs using
the Linux kernel
2013-01-09 13:50:03 -07:00
%endif
2012-04-02 20:53:43 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_uml}
2012-04-02 20:53:43 +01:00
%package daemon-driver-uml
Summary : Uml driver plugin for the libvirtd daemon
Group : Development/Libraries
Requires : libvirt-daemon = %{version} -%{release}
%description daemon-driver-uml
The UML driver plugin for the libvirtd daemon, providing
an implementation of the hypervisor driver APIs using
User Mode Linux
2013-01-09 13:50:03 -07:00
%endif
2012-04-02 20:53:43 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_xen}
2012-04-02 20:53:43 +01:00
%package daemon-driver-xen
Summary : Xen driver plugin for the libvirtd daemon
Group : Development/Libraries
Requires : libvirt-daemon = %{version} -%{release}
%description daemon-driver-xen
The Xen driver plugin for the libvirtd daemon, providing
an implementation of the hypervisor driver APIs using
Xen
2013-01-09 13:50:03 -07:00
%endif
2012-04-02 20:53:43 +01:00
2013-05-17 13:31:59 +01:00
%if %{with_vbox}
%package daemon-driver-vbox
Summary : VirtualBox driver plugin for the libvirtd daemon
Group : Development/Libraries
Requires : libvirt-daemon = %{version} -%{release}
%description daemon-driver-vbox
The vbox driver plugin for the libvirtd daemon, providing
an implementation of the hypervisor driver APIs using
VirtualBox
%endif
2013-01-09 13:50:03 -07:00
%if %{with_libxl}
2012-04-02 20:53:43 +01:00
%package daemon-driver-libxl
Summary : Libxl driver plugin for the libvirtd daemon
Group : Development/Libraries
Requires : libvirt-daemon = %{version} -%{release}
%description daemon-driver-libxl
The Libxl driver plugin for the libvirtd daemon, providing
an implementation of the hypervisor driver APIs using
Libxl
2013-01-09 13:50:03 -07:00
%endif
%endif # %{with_driver_modules}
2012-04-02 20:53:43 +01:00
2012-04-03 11:54:27 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_qemu_tcg}
2012-04-03 11:54:27 +01:00
%package daemon-qemu
Summary : Server side daemon & driver required to run QEMU guests
Group : Development/Libraries
Requires : libvirt-daemon = %{version} -%{release}
2013-01-09 13:50:03 -07:00
%if %{with_driver_modules}
2012-04-02 20:53:43 +01:00
Requires : libvirt-daemon-driver-qemu = %{version} -%{release}
Requires : libvirt-daemon-driver-interface = %{version} -%{release}
Requires : libvirt-daemon-driver-network = %{version} -%{release}
Requires : libvirt-daemon-driver-nodedev = %{version} -%{release}
2012-05-25 08:10:56 +01:00
Requires : libvirt-daemon-driver-nwfilter = %{version} -%{release}
2012-04-02 20:53:43 +01:00
Requires : libvirt-daemon-driver-secret = %{version} -%{release}
Requires : libvirt-daemon-driver-storage = %{version} -%{release}
2013-01-09 13:50:03 -07:00
%endif
2012-04-03 11:54:27 +01:00
Requires : qemu
%description daemon-qemu
Server side daemon and driver required to manage the virtualization
capabilities of the QEMU TCG emulators
2013-01-09 13:50:03 -07:00
%endif
2012-04-03 11:54:27 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_qemu_kvm}
2012-04-03 11:54:27 +01:00
%package daemon-kvm
Summary : Server side daemon & driver required to run KVM guests
Group : Development/Libraries
Requires : libvirt-daemon = %{version} -%{release}
2013-01-09 13:50:03 -07:00
%if %{with_driver_modules}
2012-04-02 20:53:43 +01:00
Requires : libvirt-daemon-driver-qemu = %{version} -%{release}
Requires : libvirt-daemon-driver-interface = %{version} -%{release}
Requires : libvirt-daemon-driver-network = %{version} -%{release}
Requires : libvirt-daemon-driver-nodedev = %{version} -%{release}
2012-05-25 08:10:56 +01:00
Requires : libvirt-daemon-driver-nwfilter = %{version} -%{release}
2012-04-02 20:53:43 +01:00
Requires : libvirt-daemon-driver-secret = %{version} -%{release}
Requires : libvirt-daemon-driver-storage = %{version} -%{release}
2013-01-09 13:50:03 -07:00
%endif
2012-04-03 11:54:27 +01:00
Requires : qemu-kvm
%description daemon-kvm
Server side daemon and driver required to manage the virtualization
capabilities of the KVM hypervisor
2013-01-09 13:50:03 -07:00
%endif
2012-04-03 11:54:27 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_lxc}
2012-04-03 11:54:27 +01:00
%package daemon-lxc
Summary : Server side daemon & driver required to run LXC guests
Group : Development/Libraries
Requires : libvirt-daemon = %{version} -%{release}
2013-01-09 13:50:03 -07:00
%if %{with_driver_modules}
2012-04-02 20:53:43 +01:00
Requires : libvirt-daemon-driver-lxc = %{version} -%{release}
Requires : libvirt-daemon-driver-interface = %{version} -%{release}
Requires : libvirt-daemon-driver-network = %{version} -%{release}
Requires : libvirt-daemon-driver-nodedev = %{version} -%{release}
2012-05-25 08:10:56 +01:00
Requires : libvirt-daemon-driver-nwfilter = %{version} -%{release}
2012-04-02 20:53:43 +01:00
Requires : libvirt-daemon-driver-secret = %{version} -%{release}
Requires : libvirt-daemon-driver-storage = %{version} -%{release}
2013-01-09 13:50:03 -07:00
%endif
2012-04-03 11:54:27 +01:00
%description daemon-lxc
Server side daemon and driver required to manage the virtualization
capabilities of LXC
2013-01-09 13:50:03 -07:00
%endif
2012-04-03 11:54:27 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_uml}
2012-04-03 11:54:27 +01:00
%package daemon-uml
Summary : Server side daemon & driver required to run UML guests
Group : Development/Libraries
Requires : libvirt-daemon = %{version} -%{release}
2013-01-09 13:50:03 -07:00
%if %{with_driver_modules}
2012-04-02 20:53:43 +01:00
Requires : libvirt-daemon-driver-uml = %{version} -%{release}
Requires : libvirt-daemon-driver-interface = %{version} -%{release}
Requires : libvirt-daemon-driver-network = %{version} -%{release}
Requires : libvirt-daemon-driver-nodedev = %{version} -%{release}
2012-05-25 08:10:56 +01:00
Requires : libvirt-daemon-driver-nwfilter = %{version} -%{release}
2012-04-02 20:53:43 +01:00
Requires : libvirt-daemon-driver-secret = %{version} -%{release}
Requires : libvirt-daemon-driver-storage = %{version} -%{release}
2013-01-09 13:50:03 -07:00
%endif
2012-04-03 11:54:27 +01:00
# There are no UML kernel RPMs in Fedora/RHEL to depend on.
%description daemon-uml
Server side daemon and driver required to manage the virtualization
capabilities of UML
2013-01-09 13:50:03 -07:00
%endif
2012-04-03 11:54:27 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_xen} || %{with_libxl}
2012-04-03 11:54:27 +01:00
%package daemon-xen
Summary : Server side daemon & driver required to run XEN guests
Group : Development/Libraries
Requires : libvirt-daemon = %{version} -%{release}
2013-01-09 13:50:03 -07:00
%if %{with_driver_modules}
%if %{with_xen}
2012-04-02 20:53:43 +01:00
Requires : libvirt-daemon-driver-xen = %{version} -%{release}
2013-01-09 13:50:03 -07:00
%endif
%if %{with_libxl}
2012-04-02 20:53:43 +01:00
Requires : libvirt-daemon-driver-libxl = %{version} -%{release}
2013-01-09 13:50:03 -07:00
%endif
2012-04-02 20:53:43 +01:00
Requires : libvirt-daemon-driver-interface = %{version} -%{release}
Requires : libvirt-daemon-driver-network = %{version} -%{release}
Requires : libvirt-daemon-driver-nodedev = %{version} -%{release}
2012-05-25 08:10:56 +01:00
Requires : libvirt-daemon-driver-nwfilter = %{version} -%{release}
2012-04-02 20:53:43 +01:00
Requires : libvirt-daemon-driver-secret = %{version} -%{release}
Requires : libvirt-daemon-driver-storage = %{version} -%{release}
2013-01-09 13:50:03 -07:00
%endif
2012-04-03 11:54:27 +01:00
Requires : xen
%description daemon-xen
Server side daemon and driver required to manage the virtualization
capabilities of XEN
2013-01-09 13:50:03 -07:00
%endif
2013-05-17 13:31:59 +01:00
%if %{with_vbox}
%package daemon-vbox
Summary : Server side daemon & driver required to run VirtualBox guests
Group : Development/Libraries
Requires : libvirt-daemon = %{version} -%{release}
%if %{with_driver_modules}
Requires : libvirt-daemon-driver-vbox = %{version} -%{release}
Requires : libvirt-daemon-driver-interface = %{version} -%{release}
Requires : libvirt-daemon-driver-network = %{version} -%{release}
Requires : libvirt-daemon-driver-nodedev = %{version} -%{release}
Requires : libvirt-daemon-driver-nwfilter = %{version} -%{release}
Requires : libvirt-daemon-driver-secret = %{version} -%{release}
Requires : libvirt-daemon-driver-storage = %{version} -%{release}
%endif
%description daemon-vbox
Server side daemon and driver required to manage the virtualization
capabilities of VirtualBox
%endif
2013-01-09 13:50:03 -07:00
%endif # %{with_libvirtd}
2012-04-03 11:44:59 +01:00
2009-07-21 11:16:15 +02:00
%package client
2009-07-29 09:57:24 +01:00
Summary : Client side library and utilities of the libvirt library
2009-07-21 11:16:15 +02:00
Group : Development/Libraries
Requires : readline
Requires : ncurses
# So remote clients can access libvirt over SSH tunnel
# (client invokes 'nc' against the UNIX socket on the server)
Requires : nc
2013-05-14 20:14:34 -06:00
# Needed by /usr/libexec/libvirt-guests.sh script.
2011-02-18 13:45:13 +08:00
Requires : gettext
2011-02-21 10:43:29 -07:00
# Needed by virt-pki-validate script.
Requires : gnutls-utils
2014-04-11 09:20:48 +02:00
%if %{with_pm_utils}
2011-11-22 11:31:22 +08:00
# Needed for probing the power management features of the host.
Requires : pm-utils
2014-04-11 09:20:48 +02:00
%endif
2009-07-21 11:16:15 +02:00
%if %{with_sasl}
Requires : cyrus-sasl
# Not technically required, but makes 'out-of-box' config
# work correctly & doesn't have onerous dependencies
Requires : cyrus-sasl-md5
%endif
%description client
Shared libraries and client binaries needed to access to the
virtualization capabilities of recent versions of Linux (and other OSes).
2005-11-02 15:37:34 +00:00
2014-02-04 12:37:15 -07:00
%if %{with_wireshark}
%package wireshark
Summary : Wireshark dissector plugin for libvirt RPC transactions
Group : Development/Libraries
Requires : wireshark
Requires : %{name} -client = %{version} -%{release}
%description wireshark
Wireshark dissector plugin for better analysis of libvirt RPC traffic.
%endif
2013-10-17 14:18:18 +01:00
%if %{with_lxc}
%package login-shell
Summary : Login shell for connecting users to an LXC container
Group : Development/Libraries
Requires : %{name} -client = %{version} -%{release}
%description login-shell
Provides the set-uid virt-login-shell binary that is used to
connect a user to an LXC container when they login, by switching
namespaces.
%endif
2005-11-02 15:37:34 +00:00
%package devel
2006-02-09 17:45:11 +00:00
Summary : Libraries, includes, etc. to compile with the libvirt library
2005-11-02 15:37:34 +00:00
Group : Development/Libraries
2010-05-04 16:13:55 +02:00
Requires : %{name} -client = %{version} -%{release}
2012-04-03 10:52:12 +01:00
Requires : %{name} -docs = %{version} -%{release}
2006-11-07 16:28:16 +00:00
Requires : pkgconfig
2005-11-02 15:37:34 +00:00
%description devel
2012-04-03 10:52:12 +01:00
Include header files & development libraries for the libvirt C library.
2005-11-02 15:37:34 +00:00
2011-01-18 18:37:45 +00:00
%if %{with_sanlock}
%package lock-sanlock
Summary : Sanlock lock manager plugin for QEMU driver
Group : Development/Libraries
2013-01-09 13:50:03 -07:00
%if 0%{?fedora} >= 17 || 0%{?rhel} >= 6
2012-10-16 23:54:18 +02:00
Requires : sanlock >= 2.4
2013-01-09 13:50:03 -07:00
%else
2011-09-19 11:04:59 +01:00
Requires : sanlock >= 1.8
2013-01-09 13:50:03 -07:00
%endif
2011-09-15 16:55:36 +02:00
#for virt-sanlock-cleanup require augeas
Requires : augeas
2012-05-21 19:36:30 +01:00
Requires : %{name} -daemon = %{version} -%{release}
2012-10-18 13:03:26 +02:00
Requires : %{name} -client = %{version} -%{release}
2011-01-18 18:37:45 +00:00
%description lock-sanlock
Includes the Sanlock lock manager plugin for the QEMU
driver
%endif
2005-11-02 15:37:34 +00:00
%prep
%setup -q
%build
2008-06-12 16:10:50 +00:00
%if ! %{with_xen}
2013-01-09 13:50:03 -07:00
%define _without_xen --without-xen
2008-06-12 16:10:50 +00:00
%endif
%if ! %{with_qemu}
2013-01-09 13:50:03 -07:00
%define _without_qemu --without-qemu
2008-06-12 16:10:50 +00:00
%endif
2008-08-21 09:28:54 +00:00
%if ! %{with_openvz}
2013-01-09 13:50:03 -07:00
%define _without_openvz --without-openvz
2008-08-21 09:28:54 +00:00
%endif
%if ! %{with_lxc}
2013-01-09 13:50:03 -07:00
%define _without_lxc --without-lxc
2008-08-21 09:28:54 +00:00
%endif
2009-07-28 17:59:34 +01:00
%if ! %{with_vbox}
2013-01-09 13:50:03 -07:00
%define _without_vbox --without-vbox
2009-07-28 17:59:34 +01:00
%endif
2010-10-14 11:46:41 -06:00
%if ! %{with_xenapi}
2013-01-09 13:50:03 -07:00
%define _without_xenapi --without-xenapi
2010-10-14 11:46:41 -06:00
%endif
2011-02-10 15:42:34 -07:00
%if ! %{with_libxl}
2013-01-09 13:50:03 -07:00
%define _without_libxl --without-libxl
2011-02-10 15:42:34 -07:00
%endif
2008-09-17 14:09:13 +00:00
%if ! %{with_sasl}
2013-01-09 13:50:03 -07:00
%define _without_sasl --without-sasl
2008-09-17 14:09:13 +00:00
%endif
%if ! %{with_avahi}
2013-01-09 13:50:03 -07:00
%define _without_avahi --without-avahi
2008-09-17 14:09:13 +00:00
%endif
2009-07-24 16:26:54 +02:00
%if ! %{with_phyp}
2013-01-09 13:50:03 -07:00
%define _without_phyp --without-phyp
2009-07-24 16:26:54 +02:00
%endif
2009-09-16 16:02:38 +01:00
%if ! %{with_esx}
2013-01-09 13:50:03 -07:00
%define _without_esx --without-esx
2009-09-16 16:02:38 +01:00
%endif
2011-07-13 16:05:18 +02:00
%if ! %{with_hyperv}
2013-01-09 13:50:03 -07:00
%define _without_hyperv --without-hyperv
2011-07-13 16:05:18 +02:00
%endif
2010-12-21 10:13:50 -07:00
%if ! %{with_vmware}
2013-01-09 13:50:03 -07:00
%define _without_vmware --without-vmware
2010-12-21 10:13:50 -07:00
%endif
2012-07-31 22:56:05 +04:00
%if ! %{with_parallels}
2013-01-09 13:50:03 -07:00
%define _without_parallels --without-parallels
2012-07-31 22:56:05 +04:00
%endif
2008-09-17 14:09:13 +00:00
%if ! %{with_polkit}
2013-01-09 13:50:03 -07:00
%define _without_polkit --without-polkit
2008-09-17 14:09:13 +00:00
%endif
%if ! %{with_libvirtd}
2013-01-09 13:50:03 -07:00
%define _without_libvirtd --without-libvirtd
2008-09-17 14:09:13 +00:00
%endif
2008-11-21 10:09:08 +00:00
%if ! %{with_uml}
2013-01-09 13:50:03 -07:00
%define _without_uml --without-uml
2008-11-21 10:09:08 +00:00
%endif
2009-01-20 17:27:34 +00:00
%if %{with_rhel5}
2013-01-09 13:50:03 -07:00
%define _with_rhel5_api --with-rhel5-api
2009-01-20 17:27:34 +00:00
%endif
2012-09-17 20:27:06 -05:00
%if ! %{with_interface}
2013-01-09 13:50:03 -07:00
%define _without_interface --without-interface
2012-09-17 20:27:06 -05:00
%endif
2009-01-20 22:36:10 +00:00
%if ! %{with_network}
2013-01-09 13:50:03 -07:00
%define _without_network --without-network
2009-01-20 22:36:10 +00:00
%endif
2009-03-31 12:45:07 +00:00
%if ! %{with_storage_fs}
2013-01-09 13:50:03 -07:00
%define _without_storage_fs --without-storage-fs
2009-03-31 12:45:07 +00:00
%endif
%if ! %{with_storage_lvm}
2013-01-09 13:50:03 -07:00
%define _without_storage_lvm --without-storage-lvm
2009-03-31 12:45:07 +00:00
%endif
%if ! %{with_storage_iscsi}
2013-01-09 13:50:03 -07:00
%define _without_storage_iscsi --without-storage-iscsi
2009-03-31 12:45:07 +00:00
%endif
%if ! %{with_storage_disk}
2013-01-09 13:50:03 -07:00
%define _without_storage_disk --without-storage-disk
2009-03-31 12:45:07 +00:00
%endif
2009-09-08 16:07:54 +02:00
%if ! %{with_storage_mpath}
2013-01-09 13:50:03 -07:00
%define _without_storage_mpath --without-storage-mpath
2009-09-08 16:07:54 +02:00
%endif
2012-05-14 11:06:42 +02:00
%if ! %{with_storage_rbd}
2013-01-09 13:50:03 -07:00
%define _without_storage_rbd --without-storage-rbd
2012-05-14 11:06:42 +02:00
%endif
2012-07-18 20:06:58 +01:00
%if ! %{with_storage_sheepdog}
2013-01-09 13:50:03 -07:00
%define _without_storage_sheepdog --without-storage-sheepdog
2012-07-18 20:06:58 +01:00
%endif
2013-11-19 16:26:05 -07:00
%if ! %{with_storage_gluster}
%define _without_storage_gluster --without-storage-gluster
%endif
2009-03-31 12:45:07 +00:00
%if ! %{with_numactl}
2013-01-09 13:50:03 -07:00
%define _without_numactl --without-numactl
2009-03-31 12:45:07 +00:00
%endif
2012-03-24 09:35:20 +08:00
%if ! %{with_numad}
2013-01-09 13:50:03 -07:00
%define _without_numad --without-numad
2012-03-24 09:35:20 +08:00
%endif
2009-07-28 17:35:32 +01:00
%if ! %{with_capng}
2013-01-09 13:50:03 -07:00
%define _without_capng --without-capng
2009-07-28 17:35:32 +01:00
%endif
2012-11-12 15:02:23 +08:00
%if ! %{with_fuse}
2013-01-09 13:50:03 -07:00
%define _without_fuse --without-fuse
2012-11-12 15:02:23 +08:00
%endif
2009-07-28 17:30:48 +01:00
%if ! %{with_netcf}
2013-01-09 13:50:03 -07:00
%define _without_netcf --without-netcf
2009-07-28 17:30:48 +01:00
%endif
2009-09-16 16:02:38 +01:00
%if ! %{with_selinux}
2013-01-09 13:50:03 -07:00
%define _without_selinux --without-selinux
2009-09-16 16:02:38 +01:00
%endif
2013-07-30 12:04:55 +01:00
%if ! %{with_apparmor}
%define _without_apparmor --without-apparmor
%endif
2009-09-16 16:02:38 +01:00
%if ! %{with_hal}
2013-01-09 13:50:03 -07:00
%define _without_hal --without-hal
2009-09-16 16:02:38 +01:00
%endif
2009-11-20 16:45:46 +01:00
%if ! %{with_udev}
2013-01-09 13:50:03 -07:00
%define _without_udev --without-udev
2009-11-20 16:45:46 +01:00
%endif
2009-11-03 13:59:18 -05:00
%if ! %{with_yajl}
2013-01-09 13:50:03 -07:00
%define _without_yajl --without-yajl
2009-11-03 13:59:18 -05:00
%endif
2011-01-18 18:37:45 +00:00
%if ! %{with_sanlock}
2013-01-09 13:50:03 -07:00
%define _without_sanlock --without-sanlock
2011-01-18 18:37:45 +00:00
%endif
2010-05-05 12:20:28 -04:00
%if ! %{with_libpcap}
2013-01-09 13:50:03 -07:00
%define _without_libpcap --without-libpcap
2010-05-05 12:20:28 -04:00
%endif
2010-05-25 15:31:38 -04:00
%if ! %{with_macvtap}
2013-01-09 13:50:03 -07:00
%define _without_macvtap --without-macvtap
2010-05-25 15:31:38 -04:00
%endif
2010-09-15 14:44:11 +01:00
%if ! %{with_audit}
2013-01-09 13:50:03 -07:00
%define _without_audit --without-audit
2010-09-15 14:44:11 +01:00
%endif
Add dtrace static probes in libvirtd
Adds initial support for dtrace static probes in libvirtd
daemon, assuming use of systemtap dtrace compat shim on
Linux. The probes are inserted for network client connect,
disconnect, TLS handshake states and authentication protocol
states.
This can be tested by running the xample program and then
attempting to connect with any libvirt client (virsh,
virt-manager, etc).
# stap examples/systemtap/client.stp
Client fd=44 connected readonly=0
Client fd=44 auth polkit deny pid:24997,uid:500
Client fd=44 disconnected
Client fd=46 connected readonly=1
Client fd=46 auth sasl allow test
Client fd=46 disconnected
The libvirtd.stp file should also really not be required,
since it is duplicated info that is already available in
the main probes.d definition file. A script to autogenerate
the .stp file is needed, either in libvirtd tree, or better
as part of systemtap itself.
* Makefile.am: Add examples/systemtap subdir
* autobuild.sh: Disable dtrace for mingw32
* configure.ac: Add check for dtrace
* daemon/.gitignore: Ignore generated dtrace probe file
* daemon/Makefile.am: Build dtrace probe header & object
files
* daemon/libvirtd.stp: SystemTAP convenience probeset
* daemon/libvirtd.c: Add connect/disconnect & TLS probes
* daemon/remote.c: Add SASL and PolicyKit auth probes
* daemon/probes.d: Master probe definition
* daemon/libvirtd.h: Add convenience macro for probes
so that compilation is a no-op when dtrace is not available
* examples/systemtap/Makefile.am, examples/systemtap/client.stp
Example systemtap script using dtrace probe markers
* libvirt.spec.in: Enable dtrace on F13/RHEL6
* mingw32-libvirt.spec.in: Force disable dtrace
2010-09-14 17:30:32 +01:00
%if ! %{with_dtrace}
2013-01-09 13:50:03 -07:00
%define _without_dtrace --without-dtrace
Add dtrace static probes in libvirtd
Adds initial support for dtrace static probes in libvirtd
daemon, assuming use of systemtap dtrace compat shim on
Linux. The probes are inserted for network client connect,
disconnect, TLS handshake states and authentication protocol
states.
This can be tested by running the xample program and then
attempting to connect with any libvirt client (virsh,
virt-manager, etc).
# stap examples/systemtap/client.stp
Client fd=44 connected readonly=0
Client fd=44 auth polkit deny pid:24997,uid:500
Client fd=44 disconnected
Client fd=46 connected readonly=1
Client fd=46 auth sasl allow test
Client fd=46 disconnected
The libvirtd.stp file should also really not be required,
since it is duplicated info that is already available in
the main probes.d definition file. A script to autogenerate
the .stp file is needed, either in libvirtd tree, or better
as part of systemtap itself.
* Makefile.am: Add examples/systemtap subdir
* autobuild.sh: Disable dtrace for mingw32
* configure.ac: Add check for dtrace
* daemon/.gitignore: Ignore generated dtrace probe file
* daemon/Makefile.am: Build dtrace probe header & object
files
* daemon/libvirtd.stp: SystemTAP convenience probeset
* daemon/libvirtd.c: Add connect/disconnect & TLS probes
* daemon/remote.c: Add SASL and PolicyKit auth probes
* daemon/probes.d: Master probe definition
* daemon/libvirtd.h: Add convenience macro for probes
so that compilation is a no-op when dtrace is not available
* examples/systemtap/Makefile.am, examples/systemtap/client.stp
Example systemtap script using dtrace probe markers
* libvirt.spec.in: Enable dtrace on F13/RHEL6
* mingw32-libvirt.spec.in: Force disable dtrace
2010-09-14 17:30:32 +01:00
%endif
2012-04-02 20:53:43 +01:00
%if ! %{with_driver_modules}
2013-01-09 13:50:03 -07:00
%define _without_driver_modules --without-driver-modules
2012-04-02 20:53:43 +01:00
%endif
network: use firewalld instead of iptables, when available
* configure.ac, spec file: firewalld defaults to enabled if dbus is
available, otherwise is disabled. If --with_firewalld is explicitly
requested and dbus is not available, configure will fail.
* bridge_driver: add dbus filters to get the FirewallD1.Reloaded
signal and DBus.NameOwnerChanged on org.fedoraproject.FirewallD1.
When these are encountered, reload all the iptables reuls of all
libvirt's virtual networks (similar to what happens when libvirtd is
restarted).
* iptables, ebtables: use firewall-cmd's direct passthrough interface
when available, otherwise use iptables and ebtables commands. This
decision is made once the first time libvirt calls
iptables/ebtables, and that decision is maintained for the life of
libvirtd.
* Note that the nwfilter part of this patch was separated out into
another patch by Stefan in V2, so that needs to be revised and
re-reviewed as well.
================
All the configure.ac and specfile changes are unchanged from Thomas'
V3.
V3 re-ran "firewall-cmd --state" every time a new rule was added,
which was extremely inefficient. V4 uses VIR_ONCE_GLOBAL_INIT to set
up a one-time initialization function.
The VIR_ONCE_GLOBAL_INIT(x) macro references a static function called
vir(Ip|Eb)OnceInit(), which will then be called the first time that
the static function vir(Ip|Eb)TablesInitialize() is called (that
function is defined for you by the macro). This is
thread-safe, so there is no chance of any race.
IMPORTANT NOTE: I've left the VIR_DEBUG messages in these two init
functions (one for iptables, on for ebtables) as VIR_WARN so that I
don't have to turn on all the other debug message just to see
these. Even if this patch doesn't need any other modification, those
messages need to be changed to VIR_DEBUG before pushing.
This one-time initialization works well. However, I've encountered
problems with testing:
1) Whenever I have enabled the firewalld service, *all* attempts to
call firewall-cmd from within libvirtd end with firewall-cmd hanging
internally somewhere. This is *not* the case if firewall-cmd returns
non-0 in response to "firewall-cmd --state" (i.e. *that* command runs
and returns to libvirt successfully.)
2) If I start libvirtd while firewalld is stopped, then start
firewalld later, this triggers libvirtd to reload its iptables rules,
however it also spits out a *ton* of complaints about deletion failing
(I suppose because firewalld has nuked all of libvirt's rules). I
guess we need to suppress those messages (which is a more annoying
problem to fix than you might think, but that's another story).
3) I noticed a few times during this long line of errors that
firewalld made a complaint about "Resource Temporarily
unavailable. Having libvirtd access iptables commands directly at the
same time as firewalld is doing so is apparently problematic.
4) In general, I'm concerned about the "set it once and never change
it" method - if firewalld is disabled at libvirtd startup, causing
libvirtd to always use iptables/ebtables directly, this won't cause
*terrible* problems, but if libvirtd decides to use firewall-cmd and
firewalld is later disabled, libvirtd will not be able to recover.
2012-08-14 20:59:52 +02:00
%if %{with_firewalld}
2013-01-09 13:50:03 -07:00
%define _with_firewalld --with-firewalld
network: use firewalld instead of iptables, when available
* configure.ac, spec file: firewalld defaults to enabled if dbus is
available, otherwise is disabled. If --with_firewalld is explicitly
requested and dbus is not available, configure will fail.
* bridge_driver: add dbus filters to get the FirewallD1.Reloaded
signal and DBus.NameOwnerChanged on org.fedoraproject.FirewallD1.
When these are encountered, reload all the iptables reuls of all
libvirt's virtual networks (similar to what happens when libvirtd is
restarted).
* iptables, ebtables: use firewall-cmd's direct passthrough interface
when available, otherwise use iptables and ebtables commands. This
decision is made once the first time libvirt calls
iptables/ebtables, and that decision is maintained for the life of
libvirtd.
* Note that the nwfilter part of this patch was separated out into
another patch by Stefan in V2, so that needs to be revised and
re-reviewed as well.
================
All the configure.ac and specfile changes are unchanged from Thomas'
V3.
V3 re-ran "firewall-cmd --state" every time a new rule was added,
which was extremely inefficient. V4 uses VIR_ONCE_GLOBAL_INIT to set
up a one-time initialization function.
The VIR_ONCE_GLOBAL_INIT(x) macro references a static function called
vir(Ip|Eb)OnceInit(), which will then be called the first time that
the static function vir(Ip|Eb)TablesInitialize() is called (that
function is defined for you by the macro). This is
thread-safe, so there is no chance of any race.
IMPORTANT NOTE: I've left the VIR_DEBUG messages in these two init
functions (one for iptables, on for ebtables) as VIR_WARN so that I
don't have to turn on all the other debug message just to see
these. Even if this patch doesn't need any other modification, those
messages need to be changed to VIR_DEBUG before pushing.
This one-time initialization works well. However, I've encountered
problems with testing:
1) Whenever I have enabled the firewalld service, *all* attempts to
call firewall-cmd from within libvirtd end with firewall-cmd hanging
internally somewhere. This is *not* the case if firewall-cmd returns
non-0 in response to "firewall-cmd --state" (i.e. *that* command runs
and returns to libvirt successfully.)
2) If I start libvirtd while firewalld is stopped, then start
firewalld later, this triggers libvirtd to reload its iptables rules,
however it also spits out a *ton* of complaints about deletion failing
(I suppose because firewalld has nuked all of libvirt's rules). I
guess we need to suppress those messages (which is a more annoying
problem to fix than you might think, but that's another story).
3) I noticed a few times during this long line of errors that
firewalld made a complaint about "Resource Temporarily
unavailable. Having libvirtd access iptables commands directly at the
same time as firewalld is doing so is apparently problematic.
4) In general, I'm concerned about the "set it once and never change
it" method - if firewalld is disabled at libvirtd startup, causing
libvirtd to always use iptables/ebtables directly, this won't cause
*terrible* problems, but if libvirtd decides to use firewall-cmd and
firewalld is later disabled, libvirtd will not be able to recover.
2012-08-14 20:59:52 +02:00
%endif
2014-02-04 12:37:15 -07:00
%if ! %{with_wireshark}
%define _without_wireshark --without-wireshark-dissector
%endif
2014-02-25 13:12:34 -07:00
%if ! %{with_systemd_daemon}
%define _without_systemd_daemon --without-systemd-daemon
%endif
2014-04-11 09:20:48 +02:00
%if ! %{with_pm_utils}
%define _without_pm_utils --without-pm-utils
%endif
Imprint all logs with version + package build information
The logging functions are enhanced so that immediately prior to
the first log message being printed to any output channel, the
libvirt package version will be printed.
eg
$ LIBVIRT_DEBUG=1 virsh
18:13:28.013: 17536: info : libvirt version: 0.8.7
18:13:28.013: 17536: debug : virInitialize:361 : register drivers
...
The 'configure' script gains two new arguments which can be
used as
--with-packager="Fedora Project, x86-01.phx2.fedoraproject.org, 01-27-2011-18:00:10"
--with-packager-version="1.fc14"
to allow distros to append a custom string with package specific
data.
The RPM specfile is modified so that it appends the RPM version,
the build host, the build date and the packager name.
eg
$ LIBVIRT_DEBUG=1 virsh
18:14:52.086: 17551: info : libvirt version: 0.8.7, package: 1.fc13 (Fedora Project, x86-01.phx2.fedoraproject.org, 01-27-2011-18:00:10)
18:14:52.086: 17551: debug : virInitialize:361 : register drivers
Thus when distro packagers receive bug reports they can clearly
see what version was in use, even if the bug reporter mistakenly
or intentionally lies about version/builds
* src/util/logging.c: Output version data prior to first log message
* libvirt.spec.in: Include RPM release, date, hostname & packager
* configure.ac: Add --with-packager & --with-packager-version args
2011-01-27 18:11:16 +00:00
%define when %(date +"%%F-%%T")
%define where %(hostname)
%define who %{?packager}%{!?packager:Unknown}
%define with_packager --with-packager="%{who}, %{when}, %{where}"
%define with_packager_version --with-packager-version="%{release}"
2011-07-07 14:45:07 +01:00
%if %{with_systemd}
2013-01-09 13:50:03 -07:00
%define init_scripts --with-init_script=systemd
2011-07-07 14:45:07 +01:00
%else
2013-01-09 13:50:03 -07:00
%define init_scripts --with-init_script=redhat
2011-07-07 14:45:07 +01:00
%endif
Imprint all logs with version + package build information
The logging functions are enhanced so that immediately prior to
the first log message being printed to any output channel, the
libvirt package version will be printed.
eg
$ LIBVIRT_DEBUG=1 virsh
18:13:28.013: 17536: info : libvirt version: 0.8.7
18:13:28.013: 17536: debug : virInitialize:361 : register drivers
...
The 'configure' script gains two new arguments which can be
used as
--with-packager="Fedora Project, x86-01.phx2.fedoraproject.org, 01-27-2011-18:00:10"
--with-packager-version="1.fc14"
to allow distros to append a custom string with package specific
data.
The RPM specfile is modified so that it appends the RPM version,
the build host, the build date and the packager name.
eg
$ LIBVIRT_DEBUG=1 virsh
18:14:52.086: 17551: info : libvirt version: 0.8.7, package: 1.fc13 (Fedora Project, x86-01.phx2.fedoraproject.org, 01-27-2011-18:00:10)
18:14:52.086: 17551: debug : virInitialize:361 : register drivers
Thus when distro packagers receive bug reports they can clearly
see what version was in use, even if the bug reporter mistakenly
or intentionally lies about version/builds
* src/util/logging.c: Output version data prior to first log message
* libvirt.spec.in: Include RPM release, date, hostname & packager
* configure.ac: Add --with-packager & --with-packager-version args
2011-01-27 18:11:16 +00:00
2012-09-06 15:22:27 +01:00
%if %{with_selinux}
2013-01-09 13:50:03 -07:00
%if 0%{?fedora} >= 17 || 0%{?rhel} >= 7
%define with_selinux_mount --with-selinux-mount="/sys/fs/selinux"
%else
%define with_selinux_mount --with-selinux-mount="/selinux"
%endif
2012-09-06 15:22:27 +01:00
%endif
2013-07-30 16:04:48 +02:00
# place macros above and build commands below this comment
%if 0%{?enable_autotools}
autoreconf -if
%endif
2014-03-06 11:52:25 +01:00
rm -f po/stamp-po
2008-06-12 16:10:50 +00:00
%configure %{?_without_xen} \
%{?_without_qemu} \
2008-08-21 09:28:54 +00:00
%{?_without_openvz} \
%{?_without_lxc} \
2009-07-28 17:59:34 +01:00
%{?_without_vbox} \
2012-03-31 12:55:41 +01:00
%{?_without_libxl} \
2010-10-14 11:46:41 -06:00
%{?_without_xenapi} \
2008-09-17 14:09:13 +00:00
%{?_without_sasl} \
%{?_without_avahi} \
%{?_without_polkit} \
%{?_without_libvirtd} \
2008-11-21 10:09:08 +00:00
%{?_without_uml} \
2009-07-24 16:26:54 +02:00
%{?_without_phyp} \
2009-09-16 16:02:38 +01:00
%{?_without_esx} \
2011-07-13 16:05:18 +02:00
%{?_without_hyperv} \
2010-12-21 10:13:50 -07:00
%{?_without_vmware} \
2012-07-31 22:56:05 +04:00
%{?_without_parallels} \
2014-02-25 09:51:40 -07:00
--without-bhyve \
2012-09-17 20:27:06 -05:00
%{?_without_interface} \
2009-01-20 22:36:10 +00:00
%{?_without_network} \
2009-01-20 17:27:34 +00:00
%{?_with_rhel5_api} \
2009-03-31 12:45:07 +00:00
%{?_without_storage_fs} \
%{?_without_storage_lvm} \
%{?_without_storage_iscsi} \
%{?_without_storage_disk} \
2009-09-08 16:07:54 +02:00
%{?_without_storage_mpath} \
2012-05-14 11:06:42 +02:00
%{?_without_storage_rbd} \
2012-07-18 20:06:58 +01:00
%{?_without_storage_sheepdog} \
2013-11-19 16:26:05 -07:00
%{?_without_storage_gluster} \
2009-03-31 12:45:07 +00:00
%{?_without_numactl} \
2012-03-24 09:35:20 +08:00
%{?_without_numad} \
2009-07-28 17:35:32 +01:00
%{?_without_capng} \
2012-11-12 15:02:23 +08:00
%{?_without_fuse} \
2009-07-28 17:30:48 +01:00
%{?_without_netcf} \
2009-09-16 16:02:38 +01:00
%{?_without_selinux} \
2012-09-06 15:22:27 +01:00
%{?_with_selinux_mount} \
2013-07-30 12:04:55 +01:00
%{?_without_apparmor} \
2009-09-16 16:02:38 +01:00
%{?_without_hal} \
2009-11-20 16:45:46 +01:00
%{?_without_udev} \
2009-11-03 13:59:18 -05:00
%{?_without_yajl} \
2011-01-18 18:37:45 +00:00
%{?_without_sanlock} \
2010-05-05 12:20:28 -04:00
%{?_without_libpcap} \
2010-05-25 15:31:38 -04:00
%{?_without_macvtap} \
2010-09-15 14:44:11 +01:00
%{?_without_audit} \
Add dtrace static probes in libvirtd
Adds initial support for dtrace static probes in libvirtd
daemon, assuming use of systemtap dtrace compat shim on
Linux. The probes are inserted for network client connect,
disconnect, TLS handshake states and authentication protocol
states.
This can be tested by running the xample program and then
attempting to connect with any libvirt client (virsh,
virt-manager, etc).
# stap examples/systemtap/client.stp
Client fd=44 connected readonly=0
Client fd=44 auth polkit deny pid:24997,uid:500
Client fd=44 disconnected
Client fd=46 connected readonly=1
Client fd=46 auth sasl allow test
Client fd=46 disconnected
The libvirtd.stp file should also really not be required,
since it is duplicated info that is already available in
the main probes.d definition file. A script to autogenerate
the .stp file is needed, either in libvirtd tree, or better
as part of systemtap itself.
* Makefile.am: Add examples/systemtap subdir
* autobuild.sh: Disable dtrace for mingw32
* configure.ac: Add check for dtrace
* daemon/.gitignore: Ignore generated dtrace probe file
* daemon/Makefile.am: Build dtrace probe header & object
files
* daemon/libvirtd.stp: SystemTAP convenience probeset
* daemon/libvirtd.c: Add connect/disconnect & TLS probes
* daemon/remote.c: Add SASL and PolicyKit auth probes
* daemon/probes.d: Master probe definition
* daemon/libvirtd.h: Add convenience macro for probes
so that compilation is a no-op when dtrace is not available
* examples/systemtap/Makefile.am, examples/systemtap/client.stp
Example systemtap script using dtrace probe markers
* libvirt.spec.in: Enable dtrace on F13/RHEL6
* mingw32-libvirt.spec.in: Force disable dtrace
2010-09-14 17:30:32 +01:00
%{?_without_dtrace} \
2012-04-02 20:53:43 +01:00
%{?_without_driver_modules} \
network: use firewalld instead of iptables, when available
* configure.ac, spec file: firewalld defaults to enabled if dbus is
available, otherwise is disabled. If --with_firewalld is explicitly
requested and dbus is not available, configure will fail.
* bridge_driver: add dbus filters to get the FirewallD1.Reloaded
signal and DBus.NameOwnerChanged on org.fedoraproject.FirewallD1.
When these are encountered, reload all the iptables reuls of all
libvirt's virtual networks (similar to what happens when libvirtd is
restarted).
* iptables, ebtables: use firewall-cmd's direct passthrough interface
when available, otherwise use iptables and ebtables commands. This
decision is made once the first time libvirt calls
iptables/ebtables, and that decision is maintained for the life of
libvirtd.
* Note that the nwfilter part of this patch was separated out into
another patch by Stefan in V2, so that needs to be revised and
re-reviewed as well.
================
All the configure.ac and specfile changes are unchanged from Thomas'
V3.
V3 re-ran "firewall-cmd --state" every time a new rule was added,
which was extremely inefficient. V4 uses VIR_ONCE_GLOBAL_INIT to set
up a one-time initialization function.
The VIR_ONCE_GLOBAL_INIT(x) macro references a static function called
vir(Ip|Eb)OnceInit(), which will then be called the first time that
the static function vir(Ip|Eb)TablesInitialize() is called (that
function is defined for you by the macro). This is
thread-safe, so there is no chance of any race.
IMPORTANT NOTE: I've left the VIR_DEBUG messages in these two init
functions (one for iptables, on for ebtables) as VIR_WARN so that I
don't have to turn on all the other debug message just to see
these. Even if this patch doesn't need any other modification, those
messages need to be changed to VIR_DEBUG before pushing.
This one-time initialization works well. However, I've encountered
problems with testing:
1) Whenever I have enabled the firewalld service, *all* attempts to
call firewall-cmd from within libvirtd end with firewall-cmd hanging
internally somewhere. This is *not* the case if firewall-cmd returns
non-0 in response to "firewall-cmd --state" (i.e. *that* command runs
and returns to libvirt successfully.)
2) If I start libvirtd while firewalld is stopped, then start
firewalld later, this triggers libvirtd to reload its iptables rules,
however it also spits out a *ton* of complaints about deletion failing
(I suppose because firewalld has nuked all of libvirt's rules). I
guess we need to suppress those messages (which is a more annoying
problem to fix than you might think, but that's another story).
3) I noticed a few times during this long line of errors that
firewalld made a complaint about "Resource Temporarily
unavailable. Having libvirtd access iptables commands directly at the
same time as firewalld is doing so is apparently problematic.
4) In general, I'm concerned about the "set it once and never change
it" method - if firewalld is disabled at libvirtd startup, causing
libvirtd to always use iptables/ebtables directly, this won't cause
*terrible* problems, but if libvirtd decides to use firewall-cmd and
firewalld is later disabled, libvirtd will not be able to recover.
2012-08-14 20:59:52 +02:00
%{?_with_firewalld} \
2014-02-04 12:37:15 -07:00
%{?_without_wireshark} \
2014-02-25 13:12:34 -07:00
%{?_without_systemd_daemon} \
2014-04-11 09:20:48 +02:00
%{?_without_pm_utils} \
Imprint all logs with version + package build information
The logging functions are enhanced so that immediately prior to
the first log message being printed to any output channel, the
libvirt package version will be printed.
eg
$ LIBVIRT_DEBUG=1 virsh
18:13:28.013: 17536: info : libvirt version: 0.8.7
18:13:28.013: 17536: debug : virInitialize:361 : register drivers
...
The 'configure' script gains two new arguments which can be
used as
--with-packager="Fedora Project, x86-01.phx2.fedoraproject.org, 01-27-2011-18:00:10"
--with-packager-version="1.fc14"
to allow distros to append a custom string with package specific
data.
The RPM specfile is modified so that it appends the RPM version,
the build host, the build date and the packager name.
eg
$ LIBVIRT_DEBUG=1 virsh
18:14:52.086: 17551: info : libvirt version: 0.8.7, package: 1.fc13 (Fedora Project, x86-01.phx2.fedoraproject.org, 01-27-2011-18:00:10)
18:14:52.086: 17551: debug : virInitialize:361 : register drivers
Thus when distro packagers receive bug reports they can clearly
see what version was in use, even if the bug reporter mistakenly
or intentionally lies about version/builds
* src/util/logging.c: Output version data prior to first log message
* libvirt.spec.in: Include RPM release, date, hostname & packager
* configure.ac: Add --with-packager & --with-packager-version args
2011-01-27 18:11:16 +00:00
%{with_packager} \
%{with_packager_version} \
2009-07-15 22:25:01 +01:00
--with-qemu-user=%{qemu_user} \
--with-qemu-group=%{qemu_group} \
2013-07-30 16:01:11 +02:00
%{?enable_werror} \
build: add configure option to disable gnulib tests
The gnulib testsuite is relatively stable - the only times it is
likely to have a test change from pass to fail is on a gnulib
submodule update or a major system change (such as moving from
Fedora 18 to 19, or other large change to libc). While it is an
important test for end users on arbitrary machines (to make sure
that the portability glue works for their machine), it mostly
wastes time for development testing (as most developers aren't
making any of the major changes that would cause gnulib tests
to alter behavior). Thus, it pays to make the tests optional
at configure time, defaulting to off for development, on for
tarballs, with autobuilders requesting it to be on. It also
helps to allow a make-time override, via VIR_TEST_EXPENSIVE=[01]
(much the way automake sets up V=[01] for overriding the configure
time default of how verbose to be).
Automake has some pretty hard-coded magic with regards to the
TESTS variable; I had quite a job figuring out how to keep
'make distcheck' passing regardless of the configure option
setting in use, while still disabling the tests at runtime
when I did not configure them on and did not use the override
variable. Thankfully, we require GNU make, which lets me
hide some information from Automake's magic handling of TESTS.
* bootstrap.conf (bootstrap_epilogue): Munge gnulib test variable.
* configure.ac (--enable-expensive-tests): Add new enable switch.
(VIR_TEST_EXPENSIVE_DEFAULT, WITH_EXPENSIVE_TESTS): Set new
witnesses.
* gnulib/tests/Makefile.am (TESTS): Make tests conditional on
configure settings and the VIR_TEST_EXPENSIVE variable.
* tests/Makefile.am (TESTS_ENVIRONMENT): Expose VIR_TEST_EXPENSIVE
to all tests.
* autobuild.sh: Enable all tests during autobuilds.
* libvirt.spec.in (%configure): Likewise.
* mingw-libvirt.spec.in (%mingw_configure): Likewise.
* docs/hacking.html.in: Document the option.
* HACKING: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-07-31 07:18:58 -06:00
--enable-expensive-tests \
2012-03-31 12:55:41 +01:00
%{init_scripts}
2008-08-28 09:08:44 +00:00
make %{?_smp_mflags}
2009-07-21 11:16:15 +02:00
gzip -9 ChangeLog
2005-11-02 15:37:34 +00:00
%install
rm -fr %{buildroot}
2013-01-31 15:31:37 +01:00
# Avoid using makeinstall macro as it changes prefixes rather than setting
# DESTDIR. Newer make_install macro would be better but it's not available
# on RHEL 5, thus we need to expand it here.
make install DESTDIR=%{?buildroot} SYSTEMD_UNIT_DIR=%{_unitdir}
2014-04-11 18:44:32 +00:00
for i in object-events dominfo domsuspend hellolibvirt openauth xml/nwfilter systemtap dommigrate
2009-09-16 13:07:48 +01:00
do
(cd examples/$i ; make clean ; rm -rf .deps .libs Makefile Makefile.in)
done
2005-11-02 15:37:34 +00:00
rm -f $RPM_BUILD_ROOT %{_libdir} /*.la
2005-12-16 13:27:23 +00:00
rm -f $RPM_BUILD_ROOT %{_libdir} /*.a
2011-01-18 18:37:45 +00:00
rm -f $RPM_BUILD_ROOT %{_libdir} /libvirt/lock-driver/*.la
rm -f $RPM_BUILD_ROOT %{_libdir} /libvirt/lock-driver/*.a
2012-04-02 20:53:43 +01:00
%if %{with_driver_modules}
rm -f $RPM_BUILD_ROOT %{_libdir} /libvirt/connection-driver/*.la
rm -f $RPM_BUILD_ROOT %{_libdir} /libvirt/connection-driver/*.a
%endif
2014-02-04 12:37:15 -07:00
%if %{with_wireshark}
rm -f $RPM_BUILD_ROOT %{_libdir} /wireshark/plugins/*/libvirt.la
%endif
2007-03-15 17:51:11 +00:00
2009-09-16 16:02:38 +01:00
%if %{with_network}
2010-04-28 15:38:47 +02:00
install -d -m 0755 $RPM_BUILD_ROOT %{_datadir} /lib/libvirt/dnsmasq/
2007-03-15 17:51:11 +00:00
# We don't want to install /etc/libvirt/qemu/networks in the main %files list
# because if the admin wants to delete the default network completely, we don't
# want to end up re-incarnating it on every RPM upgrade.
install -d -m 0755 $RPM_BUILD_ROOT %{_datadir} /libvirt/networks/
cp $RPM_BUILD_ROOT %{_sysconfdir} /libvirt/qemu/networks/default.xml \
$RPM_BUILD_ROOT %{_datadir} /libvirt/networks/default.xml
rm -f $RPM_BUILD_ROOT %{_sysconfdir} /libvirt/qemu/networks/default.xml
rm -f $RPM_BUILD_ROOT %{_sysconfdir} /libvirt/qemu/networks/autostart/default.xml
2007-03-12 16:32:43 +00:00
# Strip auto-generated UUID - we need it generated per-install
2007-03-15 17:51:11 +00:00
sed -i -e " / < u u i d > / d " $RPM_BUILD_ROOT %{_datadir} /libvirt/networks/default.xml
2008-11-26 14:46:49 +00:00
%else
rm -f $RPM_BUILD_ROOT %{_sysconfdir} /libvirt/qemu/networks/default.xml
rm -f $RPM_BUILD_ROOT %{_sysconfdir} /libvirt/qemu/networks/autostart/default.xml
2009-09-16 16:02:38 +01:00
%endif
%if ! %{with_qemu}
2008-11-26 14:46:49 +00:00
rm -f $RPM_BUILD_ROOT %{_datadir} /augeas/lenses/libvirtd_qemu.aug
rm -f $RPM_BUILD_ROOT %{_datadir} /augeas/lenses/tests/test_libvirtd_qemu.aug
2008-09-17 14:09:13 +00:00
%endif
2006-09-21 15:24:37 +00:00
%find_lang %{name}
2005-11-02 15:37:34 +00:00
2012-05-30 17:15:22 +02:00
%if ! %{with_sanlock}
rm -f $RPM_BUILD_ROOT %{_datadir} /augeas/lenses/libvirt_sanlock.aug
rm -f $RPM_BUILD_ROOT %{_datadir} /augeas/lenses/tests/test_libvirt_sanlock.aug
%endif
2009-10-08 18:06:40 +02:00
%if ! %{with_lxc}
rm -f $RPM_BUILD_ROOT %{_datadir} /augeas/lenses/libvirtd_lxc.aug
rm -f $RPM_BUILD_ROOT %{_datadir} /augeas/lenses/tests/test_libvirtd_lxc.aug
2009-10-13 16:18:45 +02:00
%endif
2009-10-08 18:06:40 +02:00
2008-09-17 14:09:13 +00:00
%if ! %{with_qemu}
rm -rf $RPM_BUILD_ROOT %{_sysconfdir} /libvirt/qemu.conf
2010-03-18 13:50:08 +01:00
rm -rf $RPM_BUILD_ROOT %{_sysconfdir} /logrotate.d/libvirtd.qemu
2008-09-17 14:09:13 +00:00
%endif
2009-10-08 17:40:14 +02:00
%if ! %{with_lxc}
rm -rf $RPM_BUILD_ROOT %{_sysconfdir} /libvirt/lxc.conf
2010-04-13 10:40:21 +02:00
rm -rf $RPM_BUILD_ROOT %{_sysconfdir} /logrotate.d/libvirtd.lxc
2010-03-18 13:50:08 +01:00
%endif
%if ! %{with_uml}
rm -rf $RPM_BUILD_ROOT %{_sysconfdir} /logrotate.d/libvirtd.uml
2009-10-08 17:40:14 +02:00
%endif
2008-09-17 14:09:13 +00:00
2013-11-20 12:58:24 +00:00
# Copied into libvirt-docs subpackage eventually
mv $RPM_BUILD_ROOT %{_datadir} /doc/libvirt-%{version} libvirt-docs
2012-04-03 10:52:12 +01:00
2012-10-20 22:46:58 -04:00
%if %{with_dtrace}
2013-01-09 13:50:03 -07:00
%ifarch %{power64} s390x x86_64 ia64 alpha sparc64
2012-10-20 22:46:58 -04:00
mv $RPM_BUILD_ROOT %{_datadir} /systemtap/tapset/libvirt_probes.stp \
$RPM_BUILD_ROOT %{_datadir} /systemtap/tapset/libvirt_probes-64.stp
mv $RPM_BUILD_ROOT %{_datadir} /systemtap/tapset/libvirt_qemu_probes.stp \
$RPM_BUILD_ROOT %{_datadir} /systemtap/tapset/libvirt_qemu_probes-64.stp
2013-01-09 13:50:03 -07:00
%endif
2012-10-20 22:46:58 -04:00
%endif
2013-01-09 20:18:35 +08:00
%if 0%{?fedora} < 14 && 0%{?rhel} < 6
rm -f $RPM_BUILD_ROOT %{_prefix} /lib/sysctl.d/libvirtd.conf
%endif
2005-11-02 15:37:34 +00:00
%clean
rm -fr %{buildroot}
2010-04-12 19:39:00 +01:00
%check
cd tests
2012-08-01 16:10:36 +08:00
make
# These tests don't current work in a mock build root
for i in nodeinfotest seclabeltest
2010-04-12 19:39:00 +01:00
do
rm -f $i
2012-08-01 13:09:57 +02:00
printf 'int main(void) { return 0; }' > $i.c
2012-08-01 16:10:36 +08:00
printf '#!/bin/sh\nexit 0\n' > $i
2010-04-12 19:39:00 +01:00
chmod +x $i
done
2013-07-29 17:36:20 +02:00
if ! make check VIR_TEST_DEBUG=1
then
cat test-suite.log || true
exit 1
fi
2010-04-12 19:39:00 +01:00
2012-04-03 11:44:59 +01:00
%if %{with_libvirtd}
2013-12-05 16:15:55 -07:00
%if ! %{with_driver_modules}
%if %{with_qemu}
2012-04-03 11:44:59 +01:00
%pre daemon
2013-12-05 16:15:55 -07:00
%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
2013-05-01 14:28:43 -06:00
# We want soft static allocation of well-known ids, as disk images
# are commonly shared across NFS mounts by id rather than name; see
# https://fedoraproject.org/wiki/Packaging:UsersAndGroups
getent group kvm >/dev/null || groupadd -f -g 36 -r kvm
getent group qemu >/dev/null || groupadd -f -g 107 -r qemu
if ! getent passwd qemu >/dev/null; then
if ! getent passwd 107 >/dev/null; then
useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin -c " q e m u u s e r " qemu
else
useradd -r -g qemu -G kvm -d / -s /sbin/nologin -c " q e m u u s e r " qemu
fi
fi
exit 0
2013-12-05 16:15:55 -07:00
%endif
2013-12-05 14:49:48 -07:00
%endif
2013-01-09 13:50:03 -07:00
%endif
2009-07-30 12:26:58 +01:00
2012-04-03 11:44:59 +01:00
%post daemon
2007-03-15 17:51:11 +00:00
2013-01-09 13:50:03 -07:00
%if %{with_network}
Give each virtual network bridge its own fixed MAC address
This fixes https://bugzilla.redhat.com/show_bug.cgi?id=609463
The problem was that, since a bridge always acquires the MAC address
of the connected interface with the numerically lowest MAC, as guests
are started and stopped, it was possible for the MAC address to change
over time, and this change in the network was being detected by
Windows 7 (it sees the MAC of the default route change), so on each
reboot it would bring up a dialog box asking about this "new network".
The solution is to create a dummy tap interface with a MAC guaranteed
to be lower than any guest interface's MAC, and attach that tap to the
bridge as soon as it's created. Since all guest MAC addresses start
with 0xFE, we can just generate a MAC with the standard "0x52, 0x54,
0" prefix, and it's guaranteed to always win (physical interfaces are
never connected to these bridges, so we don't need to worry about
competing numerically with them).
Note that the dummy tap is never set to IFF_UP state - that's not
necessary in order for the bridge to take its MAC, and not setting it
to UP eliminates the clutter of having an (eg) "virbr0-nic" displayed
in the output of the ifconfig command.
I chose to not auto-generate the MAC address in the network XML
parser, as there are likely to be consumers of that API that don't
need or want to have a MAC address associated with the
bridge.
Instead, in bridge_driver.c when the network is being defined, if
there is no MAC, one is generated. To account for virtual network
configs that already exist when upgrading from an older version of
libvirt, I've added a %post script to the specfile that searches for
all network definitions in both the config directory
(/etc/libvirt/qemu/networks) and the state directory
(/var/lib/libvirt/network) that are missing a mac address, generates a
random address, and adds it to the config (and a matching address to
the state file, if there is one).
docs/formatnetwork.html.in: document <mac address.../>
docs/schemas/network.rng: add nac address to schema
libvirt.spec.in: %post script to update existing networks
src/conf/network_conf.[ch]: parse and format <mac address.../>
src/libvirt_private.syms: export a couple private symbols we need
src/network/bridge_driver.c:
auto-generate mac address when needed,
create dummy interface if mac address is present.
tests/networkxml2xmlin/isolated-network.xml
tests/networkxml2xmlin/routed-network.xml
tests/networkxml2xmlout/isolated-network.xml
tests/networkxml2xmlout/routed-network.xml: add mac address to some tests
2011-02-09 03:28:12 -05:00
# All newly defined networks will have a mac address for the bridge
# auto-generated, but networks already existing at the time of upgrade
# will not. We need to go through all the network configs, look for
# those that don't have a mac address, and add one.
network_files=$( (cd %{_localstatedir} /lib/libvirt/network && \
grep -L " m a c a d d r e s s " *.xml; \
cd %{_sysconfdir} /libvirt/qemu/networks && \
grep -L " m a c a d d r e s s " *.xml) 2>/dev/null \
| sort -u)
for file in $network_files
do
# each file exists in either the config or state directory (or both) and
# does not have a mac address specified in either. We add the same mac
# address to both files (or just one, if the other isn't there)
mac4=`printf '%X' $(($RANDOM % 256))`
mac5=`printf '%X' $(($RANDOM % 256))`
mac6=`printf '%X' $(($RANDOM % 256))`
for dir in %{_localstatedir} /lib/libvirt/network \
%{_sysconfdir} /libvirt/qemu/networks
do
if test -f $dir/$file
then
sed -i.orig -e \
" s | \ ( < b r i d g e . * $ \ ) | \0 \n < m a c a d d r e s s = ' 5 2 : 5 4 : 0 0 : $ m a c 4 : $ m a c 5 : $ m a c 6 ' / > | " \
$dir/$file
if test $? != 0
then
echo " f a i l e d t o a d d < m a c a d d r e s s = ' 5 2 : 5 4 : 0 0 : $ m a c 4 : $ m a c 5 : $ m a c 6 ' / > " \
" t o $ d i r / $ f i l e "
mv -f $dir/$file.orig $dir/$file
else
rm -f $dir/$file.orig
fi
fi
done
done
2013-01-09 13:50:03 -07:00
%endif
2007-02-23 15:53:56 +00:00
2013-01-09 13:50:03 -07:00
%if %{with_systemd}
%if %{with_systemd_macros}
2013-12-09 17:23:30 +11:00
%systemd_post virtlockd.socket libvirtd.service
2013-01-09 13:50:03 -07:00
%else
2011-07-07 14:45:07 +01:00
if [ $1 -eq 1 ] ; then
# Initial installation
2013-12-09 17:23:30 +11:00
/bin/systemctl enable virtlockd.socket libvirtd.service >/dev/null 2>&1 || :
2011-07-07 14:45:07 +01:00
fi
2013-01-09 13:50:03 -07:00
%endif
%else
%if %{with_cgconfig}
2012-06-11 17:57:38 +01:00
# Starting with Fedora 16/RHEL-7, systemd automounts all cgroups,
# and cgconfig is no longer a necessary service.
2013-01-09 13:50:03 -07:00
%if (0%{?rhel} && 0%{?rhel} < 7) || (0%{?fedora} && 0%{?fedora} < 16)
2010-12-23 09:44:19 +01:00
if [ " $ 1 " -eq " 1 " ]; then
/sbin/chkconfig cgconfig on
fi
2013-01-09 13:50:03 -07:00
%endif
%endif
2010-12-23 09:44:19 +01:00
2007-03-15 17:51:11 +00:00
/sbin/chkconfig --add libvirtd
2013-12-09 17:23:30 +11:00
/sbin/chkconfig --add virtlockd
2013-01-09 13:50:03 -07:00
%endif
2007-03-15 17:51:11 +00:00
2012-04-03 11:44:59 +01:00
%preun daemon
2013-01-09 13:50:03 -07:00
%if %{with_systemd}
%if %{with_systemd_macros}
2013-12-09 17:23:30 +11:00
%systemd_preun libvirtd.service virtlockd.socket virtlockd.service
2013-01-09 13:50:03 -07:00
%else
2011-07-07 14:45:07 +01:00
if [ $1 -eq 0 ] ; then
# Package removal, not upgrade
2013-12-09 17:23:30 +11:00
/bin/systemctl --no-reload disable libvirtd.service virtlockd.socket virtlockd.service > /dev/null 2>&1 || :
/bin/systemctl stop libvirtd.service virtlockd.socket virtlockd.service > /dev/null 2>&1 || :
2011-07-07 14:45:07 +01:00
fi
2013-01-09 13:50:03 -07:00
%endif
%else
2007-02-23 15:53:56 +00:00
if [ $1 = 0 ]; then
/sbin/service libvirtd stop 1>/dev/null 2>&1
/sbin/chkconfig --del libvirtd
2013-12-09 17:23:30 +11:00
/sbin/service virtlockd stop 1>/dev/null 2>&1
/sbin/chkconfig --del virtlockd
2007-02-23 15:53:56 +00:00
fi
2013-01-09 13:50:03 -07:00
%endif
2011-07-07 14:45:07 +01:00
2012-04-03 11:44:59 +01:00
%postun daemon
2013-01-09 13:50:03 -07:00
%if %{with_systemd}
2011-07-07 14:45:07 +01:00
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
if [ $1 -ge 1 ] ; then
2013-12-09 17:23:30 +11:00
/bin/systemctl reload-or-try-restart virtlockd.service >/dev/null 2>&1 || :
2011-07-07 14:45:07 +01:00
/bin/systemctl try-restart libvirtd.service >/dev/null 2>&1 || :
fi
2013-12-09 17:23:30 +11:00
%else
if [ $1 -ge 1 ]; then
/sbin/service virtlockd reload > /dev/null 2>&1 || :
/sbin/service libvirtd condrestart > /dev/null 2>&1
fi
%endif
%if %{with_systemd}
%else
%triggerpostun daemon -- libvirt-daemon < 1.2.1
if [ " $ 1 " -ge " 1 " ]; then
/sbin/service virtlockd reload > /dev/null 2>&1 || :
/sbin/service libvirtd condrestart > /dev/null 2>&1
fi
2013-01-09 13:50:03 -07:00
%endif
2012-04-03 11:44:59 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_network}
2012-04-03 11:44:59 +01:00
%post daemon-config-network
if test $1 -eq 1 && test ! -f %{_sysconfdir} /libvirt/qemu/networks/default.xml ; then
UUID=`/usr/bin/uuidgen`
sed -e " s , < / n a m e > , < / n a m e > \n < u u i d > $ U U I D < / u u i d > , " \
< %{_datadir} /libvirt/networks/default.xml \
> %{_sysconfdir} /libvirt/qemu/networks/default.xml
ln -s ../default.xml %{_sysconfdir} /libvirt/qemu/networks/autostart/default.xml
fi
2013-01-09 13:50:03 -07:00
%endif
2011-07-07 14:45:07 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_systemd}
2011-07-07 14:45:07 +01:00
%triggerun -- libvirt < 0.9.4
%{_bindir} /systemd-sysv-convert --save libvirtd >/dev/null 2>&1 ||:
# If the package is allowed to autostart:
/bin/systemctl --no-reload enable libvirtd.service >/dev/null 2>&1 ||:
# Run these because the SysV package being removed won't do them
/sbin/chkconfig --del libvirtd >/dev/null 2>&1 || :
/bin/systemctl try-restart libvirtd.service >/dev/null 2>&1 || :
2013-01-09 13:50:03 -07:00
%endif
2013-12-05 16:15:55 -07:00
%if %{with_driver_modules}
%if %{with_qemu}
%pre daemon-driver-qemu
%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
# We want soft static allocation of well-known ids, as disk images
# are commonly shared across NFS mounts by id rather than name; see
# https://fedoraproject.org/wiki/Packaging:UsersAndGroups
getent group kvm >/dev/null || groupadd -f -g 36 -r kvm
getent group qemu >/dev/null || groupadd -f -g 107 -r qemu
if ! getent passwd qemu >/dev/null; then
if ! getent passwd 107 >/dev/null; then
useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin -c " q e m u u s e r " qemu
else
useradd -r -g qemu -G kvm -d / -s /sbin/nologin -c " q e m u u s e r " qemu
fi
fi
exit 0
%endif
%endif
%endif
2013-01-09 13:50:03 -07:00
%endif # %{with_libvirtd}
2005-11-02 15:37:34 +00:00
2010-05-27 14:47:11 +02:00
%preun client
2011-07-07 14:45:07 +01:00
%if %{with_systemd}
2013-01-09 13:50:03 -07:00
%if %{with_systemd_macros}
%systemd_preun libvirt-guests.service
%endif
2011-07-07 14:45:07 +01:00
%else
2010-05-27 14:47:11 +02:00
if [ $1 = 0 ]; then
/sbin/chkconfig --del libvirt-guests
rm -f /var/lib/libvirt/libvirt-guests
fi
2011-07-07 14:45:07 +01:00
%endif
2010-05-27 14:47:11 +02:00
%post client
/sbin/ldconfig
2011-07-07 14:45:07 +01:00
%if %{with_systemd}
2013-01-09 13:50:03 -07:00
%if %{with_systemd_macros}
%systemd_post libvirt-guests.service
%endif
2011-07-07 14:45:07 +01:00
%else
2010-05-27 14:47:11 +02:00
/sbin/chkconfig --add libvirt-guests
2011-07-07 14:45:07 +01:00
%endif
2009-07-29 09:55:43 +01:00
2012-12-17 18:34:25 -05:00
%postun client
2005-11-02 15:37:34 +00:00
2012-12-17 18:34:25 -05:00
/sbin/ldconfig
2011-07-07 14:45:07 +01:00
%if %{with_systemd}
2013-01-09 13:50:03 -07:00
%if %{with_systemd_macros}
2013-11-25 16:37:32 +01:00
%systemd_postun libvirt-guests.service
2013-01-09 13:50:03 -07:00
%endif
2011-07-07 14:45:07 +01:00
%triggerun client -- libvirt < 0.9.4
%{_bindir} /systemd-sysv-convert --save libvirt-guests >/dev/null 2>&1 ||:
# If the package is allowed to autostart:
/bin/systemctl --no-reload enable libvirt-guests.service >/dev/null 2>&1 ||:
2013-11-21 15:04:35 -05:00
# Run this because the SysV package being removed won't do them
2011-07-07 14:45:07 +01:00
/sbin/chkconfig --del libvirt-guests >/dev/null 2>&1 || :
%endif
2012-10-31 22:21:06 +01:00
%if %{with_sanlock}
2012-10-23 16:34:21 +02:00
%post lock-sanlock
if getent group sanlock > /dev/null ; then
chmod 0770 %{_localstatedir} /lib/libvirt/sanlock
chown root:sanlock %{_localstatedir} /lib/libvirt/sanlock
fi
2012-10-31 22:21:06 +01:00
%endif
2012-10-23 16:34:21 +02:00
2013-11-22 12:13:03 +01:00
%if %{with_lxc}
%pre login-shell
getent group virtlogin >/dev/null || groupadd -r virtlogin
exit 0
%endif
2012-04-03 14:26:41 +08:00
%files
2012-03-30 14:14:00 +01:00
%defattr (-, root, root)
2012-04-03 11:44:59 +01:00
%files docs
%defattr (-, root, root)
2013-11-20 12:58:24 +00:00
%doc AUTHORS ChangeLog.gz NEWS README TODO libvirt-docs/*
2012-04-03 11:44:59 +01:00
# API docs
%dir %{_datadir} /gtk-doc/html/libvirt/
%doc %{_datadir} /gtk-doc/html/libvirt/*.devhelp
%doc %{_datadir} /gtk-doc/html/libvirt/*.html
%doc %{_datadir} /gtk-doc/html/libvirt/*.png
%doc %{_datadir} /gtk-doc/html/libvirt/*.css
%if %{with_libvirtd}
%files daemon
%defattr (-, root, root)
2007-03-12 16:32:43 +00:00
%dir %attr (0700, root, root) %{_sysconfdir} /libvirt/
2008-09-17 14:09:13 +00:00
2013-01-09 13:50:03 -07:00
%if %{with_systemd}
2011-07-07 14:45:07 +01:00
%{_unitdir} /libvirtd.service
2011-07-07 15:02:32 +01:00
%{_unitdir} /virtlockd.service
%{_unitdir} /virtlockd.socket
2013-01-09 13:50:03 -07:00
%else
2012-09-24 12:41:56 +08:00
%{_sysconfdir} /rc.d/init.d/libvirtd
2012-08-02 20:06:50 +01:00
%{_sysconfdir} /rc.d/init.d/virtlockd
2013-01-09 13:50:03 -07:00
%endif
2011-02-18 19:45:49 +01:00
%doc daemon/libvirtd.upstart
2007-06-26 23:48:46 +00:00
%config (noreplace) %{_sysconfdir} /sysconfig/libvirtd
2012-08-02 20:06:50 +01:00
%config (noreplace) %{_sysconfdir} /sysconfig/virtlockd
2007-10-12 19:54:15 +00:00
%config (noreplace) %{_sysconfdir} /libvirt/libvirtd.conf
2013-08-08 16:06:31 +01:00
%config (noreplace) %{_sysconfdir} /libvirt/virtlockd.conf
2013-01-09 13:50:03 -07:00
%if 0%{?fedora} >= 14 || 0%{?rhel} >= 6
2013-01-04 14:21:59 -07:00
%config (noreplace) %{_prefix} /lib/sysctl.d/libvirtd.conf
2013-01-09 13:50:03 -07:00
%endif
2008-09-17 14:09:13 +00:00
2011-03-03 15:26:22 +08:00
%config (noreplace) %{_sysconfdir} /logrotate.d/libvirtd
2007-03-15 17:51:11 +00:00
%dir %{_datadir} /libvirt/
2009-09-16 16:02:38 +01:00
spec: mark directories in /var/run as ghosts
We have several directories that are created on the fly, and which
only contain state relevant to a running libvirtd process (all
located in /var/run). Since the directories are created as needed,
and make no sense without a running libvirtd, we want them deleted
if libvirt is uninstalled. And in F15 and newer, /var/run is on
tmpfs (forcing us to recreate on the fly); which means that someone
trying to verify a complete rpm will fail if the directory does not
currently exist because libvirtd has not been started since boot.
The solution, then, is to mark the directories as %ghost, so that
rpm knows that we own them and will clean it up if libvirt is
uninstalled, but will no longer create the directory for us at
install, nor complain at verify time if the directory does not exist.
See https://bugzilla.redhat.com/show_bug.cgi?id=656611.
* libvirt.spec.in (%files): Add %ghost to temporary directories
that we don't install, but want cleaned up on libvirt removal.
2011-11-30 15:34:42 -07:00
%ghost %dir %{_localstatedir} /run/libvirt/
2009-01-20 22:36:10 +00:00
2009-07-31 09:49:08 +01:00
%dir %attr (0711, root, root) %{_localstatedir} /lib/libvirt/images/
2011-11-01 11:21:21 +00:00
%dir %attr (0711, root, root) %{_localstatedir} /lib/libvirt/filesystems/
2009-08-06 15:20:36 +01:00
%dir %attr (0711, root, root) %{_localstatedir} /lib/libvirt/boot/
2011-05-20 16:18:11 +01:00
%dir %attr (0711, root, root) %{_localstatedir} /cache/libvirt/
2008-09-17 14:09:13 +00:00
2009-01-20 22:36:10 +00:00
2012-08-02 20:06:50 +01:00
%dir %attr (0755, root, root) %{_libdir} /libvirt/lock-driver
2012-12-14 11:57:27 +01:00
%attr (0755, root, root) %{_libdir} /libvirt/lock-driver/lockd.so
2012-08-02 20:06:50 +01:00
2008-09-17 14:09:13 +00:00
%{_datadir} /augeas/lenses/libvirtd.aug
%{_datadir} /augeas/lenses/tests/test_libvirtd.aug
2013-08-08 16:06:31 +01:00
%{_datadir} /augeas/lenses/virtlockd.aug
%{_datadir} /augeas/lenses/tests/test_virtlockd.aug
2012-12-14 11:57:27 +01:00
%{_datadir} /augeas/lenses/libvirt_lockd.aug
2014-05-06 09:40:49 +02:00
%if %{with_qemu}
2012-12-14 11:57:27 +01:00
%{_datadir} /augeas/lenses/tests/test_libvirt_lockd.aug
2014-05-06 09:40:49 +02:00
%endif
2008-09-17 14:09:13 +00:00
2013-01-09 13:50:03 -07:00
%if %{with_polkit}
%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
2009-08-06 13:54:08 +01:00
%{_datadir} /polkit-1/actions/org.libvirt.unix.policy
2013-06-25 13:44:47 +02:00
%{_datadir} /polkit-1/actions/org.libvirt.api.policy
2013-01-09 13:50:03 -07:00
%else
2008-07-11 09:51:25 +00:00
%{_datadir} /PolicyKit/policy/org.libvirt.unix.policy
2013-01-09 13:50:03 -07:00
%endif
%endif
2008-09-17 14:09:13 +00:00
2009-07-28 19:07:51 +01:00
%dir %attr (0700, root, root) %{_localstatedir} /log/libvirt/
2008-09-17 14:09:13 +00:00
2011-03-30 08:54:23 +08:00
%attr (0755, root, root) %{_libexecdir} /libvirt_iohelper
2013-07-30 12:04:55 +01:00
%if %{with_apparmor}
%attr (0755, root, root) %{_libexecdir} /virt-aa-helper
%endif
2007-06-26 23:04:49 +00:00
%attr (0755, root, root) %{_sbindir} /libvirtd
2012-08-02 20:06:50 +01:00
%attr (0755, root, root) %{_sbindir} /virtlockd
2008-09-17 14:09:13 +00:00
2010-07-13 05:33:35 +10:00
%{_mandir} /man8/libvirtd.8*
2013-08-08 15:10:38 +01:00
%{_mandir} /man8/virtlockd.8*
2005-11-02 15:37:34 +00:00
2013-12-05 16:15:55 -07:00
%if ! %{with_driver_modules}
2014-03-06 13:46:45 +11:00
%if %{with_network} || %{with_qemu}
2013-12-05 15:18:57 -07:00
%dir %attr (0700, root, root) %{_sysconfdir} /libvirt/qemu/
2014-03-06 13:46:45 +11:00
%endif
%if %{with_network} || %{with_nwfilter}
%ghost %dir %{_localstatedir} /run/libvirt/network/
%endif
%if %{with_network}
2013-12-05 15:18:57 -07:00
%dir %attr (0700, root, root) %{_sysconfdir} /libvirt/qemu/networks/
%dir %attr (0700, root, root) %{_sysconfdir} /libvirt/qemu/networks/autostart
%dir %attr (0700, root, root) %{_localstatedir} /lib/libvirt/network/
%dir %attr (0755, root, root) %{_localstatedir} /lib/libvirt/dnsmasq/
Add helper program to create custom leases
Introduce helper program to catch events from dnsmasq and maintain a custom
lease file per network. It supports dhcpv4 and dhcpv6. The file is saved as
"<interface-name>.status".
Each lease contains the following info:
<expiry-time (epoch time)> <mac> <iaid> <ip-address> <hostname> <clientid>
Example of custom leases file content:
[
{
"iaid": "1221229",
"ip-address": "2001:db8:ca2:2:1::95",
"mac-address": "52:54:00:12:a2:6d",
"hostname": "Fedora20",
"client-id": "00:04:1a:c1:d9:6b:5a:0a:e2:bc:f8:4b:1e:37:2e:38:22:55",
"expiry-time": 1393244216
},
{
"ip-address": "192.168.150.208",
"mac-address": "52:54:00:11:56:b3",
"hostname": "Wani-PC",
"client-id": "01:52:54:00:11:56:b3",
"expiry-time": 1393244248
}
]
src/Makefile.am:
* Add options to compile the helper program
src/network/bridge_driver.c:
* Introduce networkDnsmasqLeaseFileNameCustom()
* Invoke helper program along with dnsmasq
* Delete the .status file when corresponding n/w is destroyed.
src/network/leaseshelper.c
* Helper program to create the custom lease file
2014-06-02 11:19:26 +01:00
%attr (0755, root, root) %{_libexecdir} /libvirt_leaseshelper
2014-03-06 13:46:45 +11:00
%endif
%if %{with_nwfilter}
%dir %attr (0700, root, root) %{_sysconfdir} /libvirt/nwfilter/
2013-12-05 16:15:55 -07:00
%endif
%if %{with_storage_disk}
2013-12-05 15:18:57 -07:00
%attr (0755, root, root) %{_libexecdir} /libvirt_parthelper
2013-12-05 16:15:55 -07:00
%endif
%if %{with_qemu}
2013-12-05 15:18:57 -07:00
%config (noreplace) %{_sysconfdir} /libvirt/qemu.conf
%config (noreplace) %{_sysconfdir} /libvirt/qemu-lockd.conf
%config (noreplace) %{_sysconfdir} /logrotate.d/libvirtd.qemu
%dir %attr (0700, root, root) %{_localstatedir} /log/libvirt/qemu/
%ghost %dir %attr (0700, root, root) %{_localstatedir} /run/libvirt/qemu/
%dir %attr (0750, %{qemu_user} , %{qemu_group} ) %{_localstatedir} /lib/libvirt/qemu/
%dir %attr (0750, %{qemu_user} , %{qemu_group} ) %{_localstatedir} /lib/libvirt/qemu/channel/
%dir %attr (0750, %{qemu_user} , %{qemu_group} ) %{_localstatedir} /lib/libvirt/qemu/channel/target/
%dir %attr (0750, %{qemu_user} , %{qemu_group} ) %{_localstatedir} /cache/libvirt/qemu/
%{_datadir} /augeas/lenses/libvirtd_qemu.aug
%{_datadir} /augeas/lenses/tests/test_libvirtd_qemu.aug
2013-12-05 16:15:55 -07:00
%endif
%if %{with_lxc}
2013-12-05 15:18:57 -07:00
%config (noreplace) %{_sysconfdir} /libvirt/lxc.conf
%config (noreplace) %{_sysconfdir} /logrotate.d/libvirtd.lxc
%dir %attr (0700, root, root) %{_localstatedir} /log/libvirt/lxc/
%ghost %dir %{_localstatedir} /run/libvirt/lxc/
%dir %attr (0700, root, root) %{_localstatedir} /lib/libvirt/lxc/
%{_datadir} /augeas/lenses/libvirtd_lxc.aug
%{_datadir} /augeas/lenses/tests/test_libvirtd_lxc.aug
%attr (0755, root, root) %{_libexecdir} /libvirt_lxc
2013-12-05 16:15:55 -07:00
%endif
%if %{with_uml}
2013-12-05 15:18:57 -07:00
%config (noreplace) %{_sysconfdir} /logrotate.d/libvirtd.uml
%dir %attr (0700, root, root) %{_localstatedir} /log/libvirt/uml/
%ghost %dir %{_localstatedir} /run/libvirt/uml/
%dir %attr (0700, root, root) %{_localstatedir} /lib/libvirt/uml/
2013-12-05 16:15:55 -07:00
%endif
%if %{with_libxl}
2013-12-05 15:18:57 -07:00
%dir %attr (0700, root, root) %{_localstatedir} /log/libvirt/libxl/
%ghost %dir %{_localstatedir} /run/libvirt/libxl/
%dir %attr (0700, root, root) %{_localstatedir} /lib/libvirt/libxl/
2013-12-05 16:15:55 -07:00
%endif
%if %{with_xen}
2013-12-05 15:18:57 -07:00
%dir %attr (0700, root, root) %{_localstatedir} /lib/libvirt/xen/
2013-12-05 16:15:55 -07:00
%endif
%endif # ! %{with_driver_modules}
2013-12-05 15:18:57 -07:00
2013-12-05 14:56:06 -07:00
%if %{with_network}
2012-04-03 11:44:59 +01:00
%files daemon-config-network
2012-04-03 10:52:12 +01:00
%defattr (-, root, root)
2014-03-06 13:46:45 +11:00
%dir %{_datadir} /libvirt/networks/
%{_datadir} /libvirt/networks/default.xml
2013-12-05 14:56:06 -07:00
%endif
2012-04-03 10:52:12 +01:00
2013-12-05 14:56:06 -07:00
%if %{with_nwfilter}
2012-04-03 11:44:59 +01:00
%files daemon-config-nwfilter
%defattr (-, root, root)
%{_sysconfdir} /libvirt/nwfilter/*.xml
2013-12-05 14:56:06 -07:00
%endif
2012-04-03 11:54:27 +01:00
2013-12-05 14:56:06 -07:00
%if %{with_driver_modules}
2013-01-09 13:50:03 -07:00
%if %{with_interface}
2012-04-02 20:53:43 +01:00
%files daemon-driver-interface
%defattr (-, root, root)
%{_libdir} /%{name} /connection-driver/libvirt_driver_interface.so
2013-01-09 13:50:03 -07:00
%endif
2012-04-02 20:53:43 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_network}
2012-04-02 20:53:43 +01:00
%files daemon-driver-network
%defattr (-, root, root)
2013-12-13 17:03:26 +02:00
%dir %attr (0700, root, root) %{_sysconfdir} /libvirt/qemu/
%dir %attr (0700, root, root) %{_sysconfdir} /libvirt/qemu/networks/
%dir %attr (0700, root, root) %{_sysconfdir} /libvirt/qemu/networks/autostart
%ghost %dir %{_localstatedir} /run/libvirt/network/
%dir %attr (0700, root, root) %{_localstatedir} /lib/libvirt/network/
%dir %attr (0755, root, root) %{_localstatedir} /lib/libvirt/dnsmasq/
Add helper program to create custom leases
Introduce helper program to catch events from dnsmasq and maintain a custom
lease file per network. It supports dhcpv4 and dhcpv6. The file is saved as
"<interface-name>.status".
Each lease contains the following info:
<expiry-time (epoch time)> <mac> <iaid> <ip-address> <hostname> <clientid>
Example of custom leases file content:
[
{
"iaid": "1221229",
"ip-address": "2001:db8:ca2:2:1::95",
"mac-address": "52:54:00:12:a2:6d",
"hostname": "Fedora20",
"client-id": "00:04:1a:c1:d9:6b:5a:0a:e2:bc:f8:4b:1e:37:2e:38:22:55",
"expiry-time": 1393244216
},
{
"ip-address": "192.168.150.208",
"mac-address": "52:54:00:11:56:b3",
"hostname": "Wani-PC",
"client-id": "01:52:54:00:11:56:b3",
"expiry-time": 1393244248
}
]
src/Makefile.am:
* Add options to compile the helper program
src/network/bridge_driver.c:
* Introduce networkDnsmasqLeaseFileNameCustom()
* Invoke helper program along with dnsmasq
* Delete the .status file when corresponding n/w is destroyed.
src/network/leaseshelper.c
* Helper program to create the custom lease file
2014-06-02 11:19:26 +01:00
%attr (0755, root, root) %{_libexecdir} /libvirt_leaseshelper
2012-04-02 20:53:43 +01:00
%{_libdir} /%{name} /connection-driver/libvirt_driver_network.so
2013-01-09 13:50:03 -07:00
%endif
2012-04-02 20:53:43 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_nodedev}
2012-04-02 20:53:43 +01:00
%files daemon-driver-nodedev
%defattr (-, root, root)
%{_libdir} /%{name} /connection-driver/libvirt_driver_nodedev.so
2013-01-09 13:50:03 -07:00
%endif
2012-04-02 20:53:43 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_nwfilter}
2012-04-02 20:53:43 +01:00
%files daemon-driver-nwfilter
%defattr (-, root, root)
2014-03-06 13:46:45 +11:00
%dir %attr (0700, root, root) %{_sysconfdir} /libvirt/nwfilter/
%ghost %dir %{_localstatedir} /run/libvirt/network/
2012-04-02 20:53:43 +01:00
%{_libdir} /%{name} /connection-driver/libvirt_driver_nwfilter.so
2013-01-09 13:50:03 -07:00
%endif
2012-04-02 20:53:43 +01:00
%files daemon-driver-secret
%defattr (-, root, root)
%{_libdir} /%{name} /connection-driver/libvirt_driver_secret.so
2013-01-09 13:50:03 -07:00
%if %{with_storage}
2012-04-02 20:53:43 +01:00
%files daemon-driver-storage
%defattr (-, root, root)
2013-12-05 16:15:55 -07:00
%if %{with_storage_disk}
%attr (0755, root, root) %{_libexecdir} /libvirt_parthelper
%endif
2012-04-02 20:53:43 +01:00
%{_libdir} /%{name} /connection-driver/libvirt_driver_storage.so
2013-01-09 13:50:03 -07:00
%endif
2012-04-02 20:53:43 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_qemu}
2012-04-02 20:53:43 +01:00
%files daemon-driver-qemu
%defattr (-, root, root)
2014-03-06 13:46:45 +11:00
%dir %attr (0700, root, root) %{_sysconfdir} /libvirt/qemu/
2013-12-05 16:15:55 -07:00
%dir %attr (0700, root, root) %{_localstatedir} /log/libvirt/qemu/
%config (noreplace) %{_sysconfdir} /libvirt/qemu.conf
%config (noreplace) %{_sysconfdir} /libvirt/qemu-lockd.conf
%config (noreplace) %{_sysconfdir} /logrotate.d/libvirtd.qemu
%ghost %dir %attr (0700, root, root) %{_localstatedir} /run/libvirt/qemu/
%dir %attr (0750, %{qemu_user} , %{qemu_group} ) %{_localstatedir} /lib/libvirt/qemu/
%dir %attr (0750, %{qemu_user} , %{qemu_group} ) %{_localstatedir} /lib/libvirt/qemu/channel/
%dir %attr (0750, %{qemu_user} , %{qemu_group} ) %{_localstatedir} /lib/libvirt/qemu/channel/target/
%dir %attr (0750, %{qemu_user} , %{qemu_group} ) %{_localstatedir} /cache/libvirt/qemu/
%{_datadir} /augeas/lenses/libvirtd_qemu.aug
%{_datadir} /augeas/lenses/tests/test_libvirtd_qemu.aug
2013-12-12 13:35:40 +00:00
%{_libdir} /%{name} /connection-driver/libvirt_driver_qemu.so
2013-01-09 13:50:03 -07:00
%endif
2012-04-02 20:53:43 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_lxc}
2012-04-02 20:53:43 +01:00
%files daemon-driver-lxc
%defattr (-, root, root)
2013-12-05 16:15:55 -07:00
%dir %attr (0700, root, root) %{_localstatedir} /log/libvirt/lxc/
%config (noreplace) %{_sysconfdir} /libvirt/lxc.conf
%config (noreplace) %{_sysconfdir} /logrotate.d/libvirtd.lxc
%ghost %dir %{_localstatedir} /run/libvirt/lxc/
%dir %attr (0700, root, root) %{_localstatedir} /lib/libvirt/lxc/
%{_datadir} /augeas/lenses/libvirtd_lxc.aug
%{_datadir} /augeas/lenses/tests/test_libvirtd_lxc.aug
%attr (0755, root, root) %{_libexecdir} /libvirt_lxc
2012-04-02 20:53:43 +01:00
%{_libdir} /%{name} /connection-driver/libvirt_driver_lxc.so
2013-01-09 13:50:03 -07:00
%endif
2012-04-02 20:53:43 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_uml}
2012-04-02 20:53:43 +01:00
%files daemon-driver-uml
%defattr (-, root, root)
2013-12-05 16:15:55 -07:00
%dir %attr (0700, root, root) %{_localstatedir} /log/libvirt/uml/
%config (noreplace) %{_sysconfdir} /logrotate.d/libvirtd.uml
%ghost %dir %{_localstatedir} /run/libvirt/uml/
%dir %attr (0700, root, root) %{_localstatedir} /lib/libvirt/uml/
2013-12-12 15:49:19 +02:00
%{_libdir} /%{name} /connection-driver/libvirt_driver_uml.so
2013-01-09 13:50:03 -07:00
%endif
2012-04-02 20:53:43 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_xen}
2012-04-02 20:53:43 +01:00
%files daemon-driver-xen
%defattr (-, root, root)
2013-12-05 16:15:55 -07:00
%dir %attr (0700, root, root) %{_localstatedir} /lib/libvirt/xen/
2012-04-02 20:53:43 +01:00
%{_libdir} /%{name} /connection-driver/libvirt_driver_xen.so
2013-01-09 13:50:03 -07:00
%endif
2012-04-02 20:53:43 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_libxl}
2012-04-02 20:53:43 +01:00
%files daemon-driver-libxl
%defattr (-, root, root)
2013-12-05 16:15:55 -07:00
%dir %attr (0700, root, root) %{_localstatedir} /log/libvirt/libxl/
%ghost %dir %{_localstatedir} /run/libvirt/libxl/
%dir %attr (0700, root, root) %{_localstatedir} /lib/libvirt/libxl/
2012-04-02 20:53:43 +01:00
%{_libdir} /%{name} /connection-driver/libvirt_driver_libxl.so
2013-01-09 13:50:03 -07:00
%endif
2013-05-17 13:31:59 +01:00
%if %{with_vbox}
%files daemon-driver-vbox
%defattr (-, root, root)
%{_libdir} /%{name} /connection-driver/libvirt_driver_vbox.so
%endif
2013-01-09 13:50:03 -07:00
%endif # %{with_driver_modules}
2012-04-02 20:53:43 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_qemu_tcg}
2012-04-03 11:54:27 +01:00
%files daemon-qemu
%defattr (-, root, root)
2013-01-09 13:50:03 -07:00
%endif
2012-04-03 11:54:27 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_qemu_kvm}
2012-04-03 11:54:27 +01:00
%files daemon-kvm
%defattr (-, root, root)
2013-01-09 13:50:03 -07:00
%endif
2012-04-03 11:54:27 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_lxc}
2012-04-03 11:54:27 +01:00
%files daemon-lxc
%defattr (-, root, root)
2013-01-09 13:50:03 -07:00
%endif
2012-04-03 11:54:27 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_uml}
2012-04-03 11:54:27 +01:00
%files daemon-uml
%defattr (-, root, root)
2013-01-09 13:50:03 -07:00
%endif
2012-04-03 11:54:27 +01:00
2013-01-09 13:50:03 -07:00
%if %{with_xen} || %{with_libxl}
2012-04-03 11:54:27 +01:00
%files daemon-xen
2013-05-17 13:31:59 +01:00
%defattr (-, root, root)
%endif
%if %{with_vbox}
%files daemon-vbox
2012-04-03 11:54:27 +01:00
%defattr (-, root, root)
2013-01-09 13:50:03 -07:00
%endif
%endif # %{with_libvirtd}
2012-04-03 10:52:12 +01:00
2011-01-18 18:37:45 +00:00
%if %{with_sanlock}
%files lock-sanlock
%defattr (-, root, root)
2013-01-09 13:50:03 -07:00
%if %{with_qemu}
2011-06-14 09:20:49 +01:00
%config (noreplace) %{_sysconfdir} /libvirt/qemu-sanlock.conf
2013-01-09 13:50:03 -07:00
%endif
2011-01-18 18:37:45 +00:00
%attr (0755, root, root) %{_libdir} /libvirt/lock-driver/sanlock.so
2011-06-14 09:20:49 +01:00
%{_datadir} /augeas/lenses/libvirt_sanlock.aug
%{_datadir} /augeas/lenses/tests/test_libvirt_sanlock.aug
2011-07-22 09:38:46 +01:00
%dir %attr (0700, root, root) %{_localstatedir} /lib/libvirt/sanlock
2011-06-14 09:29:00 +01:00
%{_sbindir} /virt-sanlock-cleanup
%{_mandir} /man8/virt-sanlock-cleanup.8*
2012-09-18 13:41:26 +02:00
%attr (0755, root, root) %{_libexecdir} /libvirt_sanlock_helper
2011-01-18 18:37:45 +00:00
%endif
2009-07-21 11:16:15 +02:00
%files client -f %{name}.lang
%defattr (-, root, root)
2013-09-25 13:20:40 -04:00
%doc COPYING COPYING.LESSER
2009-07-21 11:16:15 +02:00
2011-10-13 11:49:45 +01:00
%config (noreplace) %{_sysconfdir} /libvirt/libvirt.conf
2009-07-21 11:16:15 +02:00
%{_mandir} /man1/virsh.1*
%{_mandir} /man1/virt-xml-validate.1*
2009-09-16 14:42:57 +01:00
%{_mandir} /man1/virt-pki-validate.1*
2012-01-10 17:31:21 +00:00
%{_mandir} /man1/virt-host-validate.1*
2009-07-21 11:16:15 +02:00
%{_bindir} /virsh
%{_bindir} /virt-xml-validate
2009-09-16 14:42:57 +01:00
%{_bindir} /virt-pki-validate
2012-01-10 17:31:21 +00:00
%{_bindir} /virt-host-validate
2014-06-20 17:47:15 +01:00
%{_libdir} /libvirt.so.*
%{_libdir} /libvirt-qemu.so.*
%{_libdir} /libvirt-lxc.so.*
2009-07-21 11:16:15 +02:00
2012-03-31 12:55:41 +01:00
%if %{with_dtrace}
2012-10-20 22:46:58 -04:00
%{_datadir} /systemtap/tapset/libvirt_probes*.stp
%{_datadir} /systemtap/tapset/libvirt_qemu_probes*.stp
2012-03-31 12:55:41 +01:00
%{_datadir} /systemtap/tapset/libvirt_functions.stp
%endif
2009-07-21 11:16:15 +02:00
%dir %{_datadir} /libvirt/
%dir %{_datadir} /libvirt/schemas/
2011-08-12 19:33:15 -06:00
%{_datadir} /libvirt/schemas/basictypes.rng
%{_datadir} /libvirt/schemas/capability.rng
2009-07-21 11:16:15 +02:00
%{_datadir} /libvirt/schemas/domain.rng
2014-06-25 13:24:53 +02:00
%{_datadir} /libvirt/schemas/domaincaps.rng
2011-08-12 19:33:15 -06:00
%{_datadir} /libvirt/schemas/domaincommon.rng
2010-05-26 23:03:47 +02:00
%{_datadir} /libvirt/schemas/domainsnapshot.rng
2011-08-12 19:33:15 -06:00
%{_datadir} /libvirt/schemas/interface.rng
2009-07-21 11:16:15 +02:00
%{_datadir} /libvirt/schemas/network.rng
2011-08-12 19:33:15 -06:00
%{_datadir} /libvirt/schemas/networkcommon.rng
2009-07-21 11:16:15 +02:00
%{_datadir} /libvirt/schemas/nodedev.rng
2011-08-12 19:33:15 -06:00
%{_datadir} /libvirt/schemas/nwfilter.rng
2009-07-28 02:39:48 +02:00
%{_datadir} /libvirt/schemas/secret.rng
2014-04-11 19:33:45 -06:00
%{_datadir} /libvirt/schemas/storagecommon.rng
2011-08-12 19:33:15 -06:00
%{_datadir} /libvirt/schemas/storagepool.rng
%{_datadir} /libvirt/schemas/storagevol.rng
2009-07-21 11:16:15 +02:00
2009-12-23 14:28:42 +01:00
%{_datadir} /libvirt/cpu_map.xml
2013-03-29 22:25:13 +01:00
%{_datadir} /libvirt/libvirtLogo.png
2009-12-23 14:28:42 +01:00
2011-07-07 14:45:07 +01:00
%if %{with_systemd}
%{_unitdir} /libvirt-guests.service
2013-01-08 17:18:13 +01:00
%else
%{_sysconfdir} /rc.d/init.d/libvirt-guests
2011-07-07 14:45:07 +01:00
%endif
2010-05-14 15:37:55 +02:00
%config (noreplace) %{_sysconfdir} /sysconfig/libvirt-guests
2013-01-08 17:18:13 +01:00
%attr (0755, root, root) %{_libexecdir} /libvirt-guests.sh
2010-11-03 15:20:24 -06:00
%dir %attr (0755, root, root) %{_localstatedir} /lib/libvirt/
2010-05-14 15:37:55 +02:00
2009-07-21 11:16:15 +02:00
%if %{with_sasl}
%config (noreplace) %{_sysconfdir} /sasl2/libvirt.conf
%endif
2014-02-04 12:37:15 -07:00
%if %{with_wireshark}
%files wireshark
%{_libdir} /wireshark/plugins/*/libvirt.so
%endif
2013-10-17 14:18:18 +01:00
%if %{with_lxc}
%files login-shell
2013-11-22 12:13:03 +01:00
%attr (4750, root, virtlogin) %{_bindir} /virt-login-shell
2013-10-17 14:18:18 +01:00
%config (noreplace) %{_sysconfdir} /libvirt/virt-login-shell.conf
%{_mandir} /man1/virt-login-shell.1*
%endif
2005-11-02 15:37:34 +00:00
%files devel
%defattr (-, root, root)
2014-06-20 17:47:15 +01:00
%{_libdir} /libvirt.so
%{_libdir} /libvirt-qemu.so
%{_libdir} /libvirt-lxc.so
2007-03-28 08:48:52 +00:00
%dir %{_includedir} /libvirt
2014-06-20 17:47:15 +01:00
%{_includedir} /libvirt/virterror.h
%{_includedir} /libvirt/libvirt.h
%{_includedir} /libvirt/libvirt-qemu.h
%{_includedir} /libvirt/libvirt-lxc.h
2006-02-09 17:45:11 +00:00
%{_libdir} /pkgconfig/libvirt.pc
2014-06-20 17:47:15 +01:00
%{_libdir} /pkgconfig/libvirt-qemu.pc
%{_libdir} /pkgconfig/libvirt-lxc.pc
2005-11-02 15:37:34 +00:00
2012-02-15 11:29:38 +00:00
%dir %{_datadir} /libvirt/api/
%{_datadir} /libvirt/api/libvirt-api.xml
%{_datadir} /libvirt/api/libvirt-qemu-api.xml
Introduce an LXC specific public API & library
This patch introduces support for LXC specific public APIs. In
common with what was done for QEMU, this creates a libvirt_lxc.so
library and libvirt/libvirt-lxc.h header file.
The actual APIs are
int virDomainLxcOpenNamespace(virDomainPtr domain,
int **fdlist,
unsigned int flags);
int virDomainLxcEnterNamespace(virDomainPtr domain,
unsigned int nfdlist,
int *fdlist,
unsigned int *noldfdlist,
int **oldfdlist,
unsigned int flags);
which provide a way to use the setns() system call to move the
calling process into the container's namespace. It is not
practical to write in a generically applicable manner. The
nearest that we could get to such an API would be an API which
allows to pass a command + argv to be executed inside a
container. Even if we had such a generic API, this LXC specific
API is still useful, because it allows the caller to maintain
the current process context, in particular any I/O streams they
have open.
NB the virDomainLxcEnterNamespace() API is special in that it
runs client side, so does not involve the internal driver API.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-12-21 13:15:19 +00:00
%{_datadir} /libvirt/api/libvirt-lxc-api.xml
2012-02-13 16:46:29 +00:00
2005-12-07 13:45:20 +00:00
%doc docs/*.html docs/html docs/*.gif
2006-02-09 17:45:11 +00:00
%doc docs/libvirt-api.xml
2009-09-16 13:07:48 +01:00
%doc examples/hellolibvirt
2013-12-11 15:11:18 +00:00
%doc examples/object-events
2009-09-16 13:07:48 +01:00
%doc examples/dominfo
2013-12-13 12:54:10 +01:00
%doc examples/domsuspend
2014-04-11 18:44:32 +00:00
%doc examples/dommigrate
2010-07-06 14:59:50 +02:00
%doc examples/openauth
2009-09-16 19:02:59 +01:00
%doc examples/xml
Add dtrace static probes in libvirtd
Adds initial support for dtrace static probes in libvirtd
daemon, assuming use of systemtap dtrace compat shim on
Linux. The probes are inserted for network client connect,
disconnect, TLS handshake states and authentication protocol
states.
This can be tested by running the xample program and then
attempting to connect with any libvirt client (virsh,
virt-manager, etc).
# stap examples/systemtap/client.stp
Client fd=44 connected readonly=0
Client fd=44 auth polkit deny pid:24997,uid:500
Client fd=44 disconnected
Client fd=46 connected readonly=1
Client fd=46 auth sasl allow test
Client fd=46 disconnected
The libvirtd.stp file should also really not be required,
since it is duplicated info that is already available in
the main probes.d definition file. A script to autogenerate
the .stp file is needed, either in libvirtd tree, or better
as part of systemtap itself.
* Makefile.am: Add examples/systemtap subdir
* autobuild.sh: Disable dtrace for mingw32
* configure.ac: Add check for dtrace
* daemon/.gitignore: Ignore generated dtrace probe file
* daemon/Makefile.am: Build dtrace probe header & object
files
* daemon/libvirtd.stp: SystemTAP convenience probeset
* daemon/libvirtd.c: Add connect/disconnect & TLS probes
* daemon/remote.c: Add SASL and PolicyKit auth probes
* daemon/probes.d: Master probe definition
* daemon/libvirtd.h: Add convenience macro for probes
so that compilation is a no-op when dtrace is not available
* examples/systemtap/Makefile.am, examples/systemtap/client.stp
Example systemtap script using dtrace probe markers
* libvirt.spec.in: Enable dtrace on F13/RHEL6
* mingw32-libvirt.spec.in: Force disable dtrace
2010-09-14 17:30:32 +01:00
%doc examples/systemtap
2005-12-07 13:45:20 +00:00
2005-11-02 15:37:34 +00:00
%changelog
2014-07-02 13:50:18 +08:00
* Wed Jul 2 2014 Daniel Veillard <veillard@redhat.com> - 1.2.6-1
- libxl: add migration support and fixes
- various improvements and fixes for NUMA
- many improvements and bug fixes
2014-06-02 09:52:44 +08:00
* Mon Jun 2 2014 Daniel Veillard <veillard@redhat.com> - 1.2.5-1
- LSN-2014-0003: Don't expand entities when parsing XML (security)
- Introduce virDomain{Get,Set}Time APIs
- Introduce virDomainFSFreeze() and virDomainFSThaw() public API
- various improvements and bug fixes
2014-05-04 14:41:29 +08:00
* Sun May 4 2014 Daniel Veillard <veillard@redhat.com> - 1.2.4-1
- various improvements and bug fixes
- lot of internal code refactoring
2014-04-01 15:29:53 +08:00
* Tue Apr 1 2014 Daniel Veillard <veillard@redhat.com> - 1.2.3-1
2014-05-04 14:41:29 +08:00
- add new virDomainCoreDumpWithFormat API
- conf: Introduce virDomainDeviceGetInfo API
- more features and fixes on bhyve driver
- lot of cleanups and improvement on the Xen driver
2014-04-01 15:29:53 +08:00
- a lot of various improvements and bug fixes
2014-03-02 23:09:45 +08:00
* Sun Mar 2 2014 Daniel Veillard <veillard@redhat.com> - 1.2.2-1
- add LXC from native conversion tool
- vbox: add support for v4.2.20+ and v4.3.4+
- Introduce Libvirt Wireshark dissector
- Fix CVE-2013-6456: Avoid unsafe use of /proc/$PID/root in LXC
- a lot of various improvements and bug fixes
2014-01-16 17:25:58 +08:00
* Thu Jan 16 2014 Daniel Veillard <veillard@redhat.com> - 1.2.1-1
- Fix s CVE-2014-0028 event: filter global events by domain:getattr ACL
- Fix CVE-2014-1447 Don't crash if a connection closes early
- Fix CVE-2013-6458-1 qemu: Do not access stale data in virDomainBlockStats
- Fix CVE-2013-6457 libxl: avoid crashing if calling `virsh numatune' on inactive domain
- Fix CVE-2013-6436: fix crash in lxcDomainGetMemoryParameters
- many doc and bug fixes and improvements
2013-12-02 12:17:51 +08:00
* Mon Dec 2 2013 Daniel Veillard <veillard@redhat.com> - 1.2.0-1
- Separation of python binding as libvirt-python srpm
- Add support for gluster pool
- vbox: add support for 4.3 APIs
- a number of doc, bug fixes and various improvements
2013-11-04 12:30:41 +08:00
* Mon Nov 4 2013 Daniel Veillard <veillard@redhat.com> - 1.1.4-1
- Add support for AArch64 architecture
- Various improvements on test code and test driver
- 4 security bug fixes
- a lot of bug fixes and various improvements
2013-10-01 15:04:14 +08:00
* Tue Oct 1 2013 Daniel Veillard <veillard@redhat.com> - 1.1.3-1
- VMware: Initial VMware Fusion support and various improvements
- libvirt: add new public API virConnectGetCPUModelNames
- various libxl driver improvements
- LXC many container driver improvement
- ARM cpu improvements
- 3 security bug fixes
- a lot of bug and leak fixes and various improvements
2013-09-02 09:47:37 +08:00
* Mon Sep 2 2013 Daniel Veillard <veillard@redhat.com> - 1.1.2-1
- various improvements to libxl driver
- systemd integration improvements
- Add flag to BaselineCPU API to return detailed CPU features
- Introduce a virt-login-shell binary
- conf: add startupPolicy attribute for harddisk
- various bug fixes and improvements including localizations
* Tue Jul 30 2013 Daniel Veillard <veillard@redhat.com> - 1.1.1-1
- Adding device removal or deletion events
- Introduce new domain create APIs to pass pre-opened FDs to LXC
- Add interface versions for Xen 4.3
- Add new public API virDomainSetMemoryStatsPeriod
- Various LXC improvements
- various bug fixes and improvements including localizations
2013-07-01 17:22:49 +08:00
* Mon Jul 1 2013 Daniel Veillard <veillard@redhat.com> - 1.1.0-1
- CVE-2013-2218: Fix crash listing network interfaces with filters
- Fine grained ACL support for the API
- Extensible migration APIs
- various improvements in the Xen driver
- agent based vCPU hotplug support
- various bug fixes and improvements including localizations
2013-06-03 12:09:56 +02:00
* Mon Jun 3 2013 Daniel Veillard <veillard@redhat.com> - 1.0.6-1
- Move VirtualBox driver into libvirtd
- Support for static routes on a virtual bridge
- Various improvement for hostdev SCSI support
- Switch to VIR_STRDUP and VIR_STRNDUP
- Various cleanups and improvement in Xen and LXC drivers
- various bug fixes and improvements including localizations
2013-05-02 14:58:48 +08:00
* Thu May 2 2013 Daniel Veillard <veillard@redhat.com> - 1.0.5-1
- add support for NVRAM device
- Add XML config for resource partitions
- Add support for TPM
- NPIV storage migration support
- various bug fixes and improvements including localizations
2013-04-01 10:57:04 +08:00
* Mon Apr 1 2013 Daniel Veillard <veillard@redhat.com> - 1.0.4-1
- qemu: support passthrough for iscsi disks
- various S390 improvements
- various LXC bugs fixes and improvements
- Add API for thread cancellation
- various bug fixes and improvements
2013-03-05 12:00:53 +08:00
* Tue Mar 5 2013 Daniel Veillard <veillard@redhat.com> - 1.0.3-1
- Introduce virDomainMigrate*CompressionCache APIs
- Introduce virDomainGetJobStats API
- Add basic support for VDI images
- Introduce API virNodeDeviceLookupSCSIHostByWWN
- Various locking improvements
- a lot of bug fixes and overall improvements
2013-01-30 10:42:05 +01:00
* Wed Jan 30 2013 Daniel Veillard <veillard@redhat.com> - 1.0.2-1
- LXC improvements
- S390 architecture improvement
- Power architecture improvement
- large Coverity report cleanups and associated bug fixes
- virTypedParams* APIs to helps with those data structures
- a lot of bug fixes and overall improvements
2012-11-02 12:08:11 +08:00
* Fri Nov 2 2012 Daniel Veillard <veillard@redhat.com> - 1.0.0-1
- virNodeGetCPUMap: Define public API
- Add systemd journal support
- Add a qemu capabilities cache manager
- USB migration support
- various improvement and fixes when using QMP QEmu interface
- Support for Xen 4.2
- Lot of localization enhancements
- a lot of bug fixes, improvements and portability work
2012-09-24 12:06:05 +08:00
* Mon Sep 24 2012 Daniel Veillard <veillard@redhat.com> - 0.10.2-1
- network: define new API virNetworkUpdate
- add support for QEmu sandbox support
- blockjob: add virDomainBlockCommit
- New APIs to get/set Node memory parameters
- new API virConnectListAllSecrets
- new API virConnectListAllNWFilters
- new API virConnectListAllNodeDevices
- parallels: add support of containers to the driver
- new API virConnectListAllInterfaces
- new API virConnectListAllNetworks
- new API virStoragePoolListAllVolumes
- Add PMSUSPENDED life cycle event
- new API virStorageListAllStoragePools
- Add per-guest S3/S4 state configuration
- qemu: Support for Block Device IO Limits
- a lot of bug fixes, improvements and portability work
2012-08-31 20:39:36 +08:00
* Fri Aug 31 2012 Daniel Veillard <veillard@redhat.com> - 0.10.1-1
- bugfixes and a brown paper bag
2012-08-29 11:57:02 +08:00
* Wed Aug 29 2012 Daniel Veillard <veillard@redhat.com> - 0.10.0-1
- agent: add qemuAgentArbitraryCommand() for general qemu agent command
- Introduce virDomainPinEmulator and virDomainGetEmulatorPinInfo functions
- network: use firewalld instead of iptables, when available
- network: make network driver vlan-aware
- esx: Implement network driver
- driver for parallels hypervisor
- Various LXC improvements
- Add virDomainGetHostname
- a lot of bug fixes, improvements and portability work
2012-07-02 11:15:43 +08:00
* Mon Jul 2 2012 Daniel Veillard <veillard@redhat.com> - 0.9.13-1
- S390: support for s390(x)
- snapshot: implement new APIs for esx and vbox
- snapshot: new query APIs and many improvements
- virsh: Allow users to reedit rejected XML
- nwfilter: add DHCP snooping
- Enable driver modules in libvirt RPM
- Default to enable driver modules for libvirtd
- storage backend: Add RBD (RADOS Block Device) support
- sVirt support for LXC domains inprovement
- a lot of bug fixes, improvements and portability work
2012-05-14 10:52:04 +08:00
* Mon May 14 2012 Daniel Veillard <veillard@redhat.com> - 0.9.12-1
- qemu: allow snapshotting of sheepdog and rbd disks
- blockjob: add new APIs
- a lot of bug fixes, improvements and portability work
2012-04-03 15:06:37 +08:00
* Tue Apr 3 2012 Daniel Veillard <veillard@redhat.com> - 0.9.11-1
- Add support for the suspend event
- Add support for event tray moved of removable disks
- qemu: Support numad
- cpustats: API, improvements and qemu support
- qemu: support type='hostdev' network devices at domain start
- Introduce virDomainPMWakeup API
- network: support Open vSwitch
- a number of snapshot improvements
- many improvements and bug fixes
2012-02-13 22:31:31 +08:00
* Mon Feb 13 2012 Daniel Veillard <veillard@redhat.com> - 0.9.10-1
- Add support for sVirt in the LXC driver
- block rebase: add new API virDomainBlockRebase
- API: Add api to set and get domain metadata
- virDomainGetDiskErrors public API
- conf: add rawio attribute to disk element of domain XML
- Add new public API virDomainGetCPUStats()
- Introduce virDomainPMSuspendForDuration API
- resize: add virStorageVolResize() API
- Add a virt-host-validate command to sanity check HV config
- Add new virDomainShutdownFlags API
- QEMU guest agent support
- many improvements and bug fixes
2012-01-07 12:18:06 +08:00
* Sat Jan 7 2012 Daniel Veillard <veillard@redhat.com> - 0.9.9-1
- Add API virDomain{S,G}etInterfaceParameters
- Add API virDomain{G, S}etNumaParameters
- Add support for ppc64 qemu
- Support Xen domctl v8
- many improvements and bug fixes
2011-12-08 15:13:50 +08:00
* Thu Dec 8 2011 Daniel Veillard <veillard@redhat.com> - 0.9.8-1
- Add support for QEMU 1.0
- Add preliminary PPC cpu driver
- Add new API virDomain{Set, Get}BlockIoTune
- block_resize: Define the new API
- Add a public API to invoke suspend/resume on the host
- various improvements for LXC containers
- Define keepalive protocol and add virConnectIsAlive API
- Add support for STP and VLAN filtering
- many improvements and bug fixes
2011-11-08 14:55:25 +08:00
* Tue Nov 8 2011 Daniel Veillard <veillard@redhat.com> - 0.9.7-1
- esx: support vSphere 5.x
- vbox: support for VirtualBox 4.1
- Introduce the virDomainOpenGraphics API
- Add AHCI support to qemu driver
- snapshot: many improvements and 2 new APIs
- api: Add public api for 'reset'
- many improvements and bug fixes
2011-09-22 14:53:23 +08:00
* Thu Sep 22 2011 Daniel Veillard <veillard@redhat.com> - 0.9.6-1
- Fix the qemu reboot bug and a few others bug fixes
2011-09-20 14:17:47 +08:00
* Tue Sep 20 2011 Daniel Veillard <veillard@redhat.com> - 0.9.5-1
- many snapshot improvements (Eric Blake)
- latency: Define new public API and structure (Osier Yang)
- USB2 and various USB improvements (Marc-André Lureau)
- storage: Add fs pool formatting (Osier Yang)
- Add public API for getting migration speed (Jim Fehlig)
- Add basic driver for Microsoft Hyper-V (Matthias Bolte)
- many improvements and bug fixes
2011-08-03 11:02:42 +08:00
* Wed Aug 3 2011 Daniel Veillard <veillard@redhat.com> - 0.9.4-1
- network bandwidth QoS control
- Add new API virDomainBlockPull*
- save: new API to manipulate save file images
- CPU bandwidth limits support
- allow to send NMI and key event to guests
- new API virDomainUndefineFlags
- Implement code to attach to external QEMU instances
- bios: Add support for SGA
- various missing python binding
- many improvements and bug fixes
2011-07-04 15:54:36 +08:00
* Mon Jul 4 2011 Daniel Veillard <veillard@redhat.com> - 0.9.3-1
- new API virDomainGetVcpupinInfo
- Add TXT record support for virtual DNS service
- Support reboots with the QEMU driver
- New API virDomainGetControlInfo API
- New API virNodeGetMemoryStats
- New API virNodeGetCPUTime
- New API for send-key
- New API virDomainPinVcpuFlags
- support multifunction PCI device
- lxc: various improvements
- many improvements and bug fixes
2011-06-06 11:46:37 +08:00
* Mon Jun 6 2011 Daniel Veillard <veillard@redhat.com> - 0.9.2-1
- Framework for lock manager plugins
- API for network config change transactions
- flags for setting memory parameters
- virDomainGetState public API
- qemu: allow blkstat/blkinfo calls during migration
- Introduce migration v3 API
- Defining the Screenshot public API
- public API for NMI injection
- Various improvements and bug fixes
2011-05-05 11:25:13 +08:00
* Thu May 5 2011 Daniel Veillard <veillard@redhat.com> - 0.9.1-1
- support various persistent domain updates
- improvements on memory APIs
- Add virDomainEventRebootNew
- various improvements to libxl driver
- Spice: support audio, images and stream compression
- Various improvements and bug fixes
2011-04-04 20:15:45 +08:00
* Mon Apr 4 2011 Daniel Veillard <veillard@redhat.com> - 0.9.0-1
- Support cputune cpu usage tuning
- Add public APIs for storage volume upload/download
- Add public API for setting migration speed on the fly
- Add libxenlight driver
- qemu: support migration to fd
- libvirt: add virDomain{Get,Set}BlkioParameters
- setmem: introduce a new libvirt API (virDomainSetMemoryFlags)
- Expose event loop implementation as a public API
- Dump the debug buffer to libvirtd.log on fatal signal
- Audit support
- Various improvements and bug fixes
2011-02-17 12:11:03 +08:00
* Thu Feb 17 2011 Daniel Veillard <veillard@redhat.com> - 0.8.8-1
- expose new API for sysinfo extraction
- cgroup blkio weight support
- smartcard device support
- qemu: Support per-device boot ordering
- Various improvements and bug fixes
2011-01-04 03:37:17 +01:00
* Tue Jan 4 2011 Daniel Veillard <veillard@redhat.com> - 0.8.7-1
- Preliminary support for VirtualBox 4.0
- IPv6 support
- Add VMware Workstation and Player driver driver
- Add network disk support
- Various improvements and bug fixes
2010-11-30 19:52:25 +01:00
* Tue Nov 30 2010 Daniel Veillard <veillard@redhat.com> - 0.8.6-1
- Add support for iSCSI target auto-discovery
- QED: Basic support for QED images
- remote console support
- support for SPICE graphics
- sysinfo and VMBIOS support
- virsh qemu-monitor-command
- various improvements and bug fixes
2010-10-29 16:50:33 +02:00
* Fri Oct 29 2010 Daniel Veillard <veillard@redhat.com> - 0.8.5-1
- Enable JSON and netdev features in QEMU >= 0.13
- framework for auditing integration
- framework DTrace/SystemTap integration
- Setting the number of vcpu at boot
- Enable support for nested SVM
- Virtio plan9fs filesystem QEMU
- Memory parameter controls
- various improvements and bug fixes
2010-09-10 17:19:28 +02:00
* Fri Sep 10 2010 Daniel Veillard <veillard@redhat.com> - 0.8.4-1
- big improvements to UML driver
- various improvements and bug fixes
2010-08-04 15:03:25 +02:00
* Wed Aug 4 2010 Daniel Veillard <veillard@redhat.com> - 0.8.3-1
2010-09-10 17:19:28 +02:00
- esx: Support vSphere 4.1
- Qemu arbitrary monitor commands
- Qemu Monitor API entry point
- various improvements and bug fixes
2010-07-05 17:29:25 +02:00
* Mon Jul 5 2010 Daniel Veillard <veillard@redhat.com> - 0.8.2-1
- phyp: adding support for IVM
- libvirt: introduce domainCreateWithFlags API
- add 802.1Qbh and 802.1Qbg switches handling
- Support for VirtualBox version 3.2
- Init script for handling guests on shutdown/boot
- qemu: live migration with non-shared storage for kvm
2010-04-30 18:55:08 +02:00
* Fri Apr 30 2010 Daniel Veillard <veillard@redhat.com> - 0.8.1-1
- Starts dnsmasq from libvirtd with --dhcp-hostsfile
- Add virDomainGetBlockInfo API to query disk sizing
- a lot of bug fixes and cleanups
2010-04-12 19:39:20 +02:00
* Mon Apr 12 2010 Daniel Veillard <veillard@redhat.com> - 0.8.0-1
- Snapshotting support (QEmu/VBox/ESX)
- Network filtering API
- XenAPI driver
- new APIs for domain events
- Libvirt managed save API
- timer subselection for domain clock
- synchronous hooks
- API to update guest CPU to host CPU
- virDomainUpdateDeviceFlags new API
- migrate max downtime API
- volume wiping API
- and many bug fixes
2010-03-05 17:10:21 +01:00
* Fri Mar 5 2010 Daniel Veillard <veillard@redhat.com> - 0.7.7-1
- macvtap support
- async job handling
- virtio channel
- computing baseline CPU
- virDomain{Attach,Detach}DeviceFlags
- assorted bug fixes and lots of cleanups
2010-02-03 18:16:25 +01:00
* Wed Feb 3 2010 Daniel Veillard <veillard@redhat.com> - 0.7.6-1
2009-12-23 17:00:22 +01:00
* Wed Dec 23 2009 Daniel Veillard <veillard@redhat.com> - 0.7.5-1
- Add new API virDomainMemoryStats
- Public API and domain extension for CPU flags
- vbox: Add support for version 3.1
- Support QEMU's virtual FAT block device driver
- a lot of fixes
2009-11-20 17:31:13 +01:00
* Fri Nov 20 2009 Daniel Veillard <veillard@redhat.com> - 0.7.3-1
- udev node device backend
- API to check object properties
- better QEmu monitor processing
- MAC address based port filtering for qemu
- support IPv6 and multiple addresses per interfaces
- a lot of fixes
2009-09-15 14:24:51 +02:00
* Tue Sep 15 2009 Daniel Veillard <veillard@redhat.com> - 0.7.1-1
- ESX, VBox driver updates
- mutipath support
- support for encrypted (qcow) volume
- compressed save image format for Qemu/KVM
- QEmu host PCI device hotplug support
- configuration of huge pages in guests
- a lot of fixes
2009-08-05 16:00:41 +02:00
* Wed Aug 5 2009 Daniel Veillard <veillard@redhat.com> - 0.7.0-1
- ESX, VBox3, Power Hypervisor drivers
- new net filesystem glusterfs
- Storage cloning for LVM and Disk backends
- interface implementation based on netcf
- Support cgroups in QEMU driver
- QEmu hotplug NIC support
- a lot of fixes
2009-07-03 14:32:17 +00:00
* Fri Jul 3 2009 Daniel Veillard <veillard@redhat.com> - 0.6.5-1
- release of 0.6.5
2009-05-29 16:51:15 +00:00
* Fri May 29 2009 Daniel Veillard <veillard@redhat.com> - 0.6.4-1
- release of 0.6.4
- various new APIs
2009-04-24 14:04:54 +00:00
* Fri Apr 24 2009 Daniel Veillard <veillard@redhat.com> - 0.6.3-1
- release of 0.6.3
- VirtualBox driver
2009-04-03 15:25:38 +00:00
* Fri Apr 3 2009 Daniel Veillard <veillard@redhat.com> - 0.6.2-1
- release of 0.6.2
2013-02-01 09:00:16 +01:00
* Wed Mar 4 2009 Daniel Veillard <veillard@redhat.com> - 0.6.1-1
2009-04-03 15:25:38 +00:00
- release of 0.6.1
* Sat Jan 31 2009 Daniel Veillard <veillard@redhat.com> - 0.6.0-1
- release of 0.6.0
2008-11-25 15:48:11 +00:00
* Tue Nov 25 2008 Daniel Veillard <veillard@redhat.com> - 0.5.0-1
- release of 0.5.0
2008-09-23 20:48:49 +00:00
* Tue Sep 23 2008 Daniel Veillard <veillard@redhat.com> - 0.4.6-1
- release of 0.4.6
2008-09-08 14:32:18 +00:00
* Mon Sep 8 2008 Daniel Veillard <veillard@redhat.com> - 0.4.5-1
- release of 0.4.5
* Wed Jun 25 2008 Daniel Veillard <veillard@redhat.com> - 0.4.4-1
- release of 0.4.4
- mostly a few bug fixes from 0.4.3
2008-06-12 16:10:50 +00:00
* Thu Jun 12 2008 Daniel Veillard <veillard@redhat.com> - 0.4.3-1
- release of 0.4.3
- lots of bug fixes and small improvements
2008-04-08 16:45:57 +00:00
* Tue Apr 8 2008 Daniel Veillard <veillard@redhat.com> - 0.4.2-1
- release of 0.4.2
- lots of bug fixes and small improvements
2008-03-03 14:42:37 +00:00
* Mon Mar 3 2008 Daniel Veillard <veillard@redhat.com> - 0.4.1-1
- Release of 0.4.1
- Storage APIs
- xenner support
- lots of assorted improvements, bugfixes and cleanups
- documentation and localization improvements
2007-12-17 23:51:07 +00:00
* Tue Dec 18 2007 Daniel Veillard <veillard@redhat.com> - 0.4.0-1
- Release of 0.4.0
- SASL based authentication
- PolicyKit authentication
- improved NUMA and statistics support
- lots of assorted improvements, bugfixes and cleanups
- documentation and localization improvements
2007-09-30 21:09:29 +00:00
* Sun Sep 30 2007 Daniel Veillard <veillard@redhat.com> - 0.3.3-1
- Release of 0.3.3
- Avahi support
- NUMA support
- lots of assorted improvements, bugfixes and cleanups
- documentation and localization improvements
2007-08-21 15:04:46 +00:00
* Tue Aug 21 2007 Daniel Veillard <veillard@redhat.com> - 0.3.2-1
- Release of 0.3.2
- API for domains migration
- APIs for collecting statistics on disks and interfaces
- lots of assorted bugfixes and cleanups
- documentation and localization improvements
2007-07-24 15:32:55 +00:00
* Tue Jul 24 2007 Daniel Veillard <veillard@redhat.com> - 0.3.1-1
- Release of 0.3.1
- localtime clock support
- PS/2 and USB input devices
- lots of assorted bugfixes and cleanups
- documentation and localization improvements
2007-07-09 12:41:29 +00:00
* Mon Jul 9 2007 Daniel Veillard <veillard@redhat.com> - 0.3.0-1
- Release of 0.3.0
- Secure remote access support
- unification of daemons
- lots of assorted bugfixes and cleanups
- documentation and localization improvements
* Fri Jun 8 2007 Daniel Veillard <veillard@redhat.com> - 0.2.3-1
2007-06-08 11:11:56 +00:00
- Release of 0.2.3
- lot of assorted bugfixes and cleanups
- support for Xen-3.1
- new scheduler API
2007-04-17 09:33:51 +00:00
* Tue Apr 17 2007 Daniel Veillard <veillard@redhat.com> - 0.2.2-1
- Release of 0.2.2
- lot of assorted bugfixes and cleanups
- preparing for Xen-3.0.5
2007-03-28 08:48:52 +00:00
* Thu Mar 22 2007 Jeremy Katz <katzj@redhat.com> - 0.2.1-2.fc7
- don't require xen; we don' t need the daemon and can control non-xen now
- fix scriptlet error (need to own more directories)
- update description text
2007-04-17 09:33:51 +00:00
* Fri Mar 16 2007 Daniel Veillard <veillard@redhat.com> - 0.2.1-1
2007-03-16 19:31:14 +00:00
- Release of 0.2.1
- lot of bug and portability fixes
- Add support for network autostart and init scripts
- New API to detect the virtualization capabilities of a host
- Documentation updates
2007-03-05 10:56:02 +00:00
* Fri Feb 23 2007 Daniel P. Berrange <berrange@redhat.com> - 0.2.0-4.fc7
- Fix loading of guest & network configs
* Fri Feb 16 2007 Daniel P. Berrange <berrange@redhat.com> - 0.2.0-3.fc7
- Disable kqemu support since its not in Fedora qemu binary
- Fix for -vnc arg syntax change in 0.9.0 QEMU
* Thu Feb 15 2007 Daniel P. Berrange <berrange@redhat.com> - 0.2.0-2.fc7
- Fixed path to qemu daemon for autostart
- Fixed generation of <features> block in XML
- Pre-create config directory at startup
* Wed Feb 14 2007 Daniel Veillard <veillard@redhat.com> 0.2.0-1.fc7
2007-02-14 18:54:26 +00:00
- support for KVM and QEmu
- support for network configuration
- assorted fixes
2007-03-05 10:56:02 +00:00
* Mon Jan 22 2007 Daniel Veillard <veillard@redhat.com> 0.1.11-1.fc7
2007-01-22 15:31:00 +00:00
- finish inactive Xen domains support
- memory leak fix
- RelaxNG schemas for XML configs
2007-03-05 10:56:02 +00:00
* Wed Dec 20 2006 Daniel Veillard <veillard@redhat.com> 0.1.10-1.fc7
2006-12-20 14:54:25 +00:00
- support for inactive Xen domains
- improved support for Xen display and vnc
- a few bug fixes
- localization updates
2007-03-05 10:56:02 +00:00
* Thu Dec 7 2006 Jeremy Katz <katzj@redhat.com> - 0.1.9-2
- rebuild against python 2.5
2006-11-29 13:03:24 +00:00
* Wed Nov 29 2006 Daniel Veillard <veillard@redhat.com> 0.1.9-1
- better error reporting
- python bindings fixes and extensions
- add support for shareable drives
- add support for non-bridge style networking
- hot plug device support
- added support for inactive domains
- API to dump core of domains
- various bug fixes, cleanups and improvements
- updated the localization
2007-03-05 10:56:02 +00:00
* Tue Nov 7 2006 Daniel Veillard <veillard@redhat.com> 0.1.8-3
- it's pkgconfig not pgkconfig !
* Mon Nov 6 2006 Daniel Veillard <veillard@redhat.com> 0.1.8-2
2013-02-01 09:00:16 +01:00
- fixing spec file, added %%dist, -devel requires pkgconfig and xen-devel
2007-03-05 10:56:02 +00:00
- Resolves: rhbz#202320
2006-10-16 16:04:55 +00:00
* Mon Oct 16 2006 Daniel Veillard <veillard@redhat.com> 0.1.8-1
- fix missing page size detection code for ia64
- fix mlock size when getting domain info list from hypervisor
- vcpu number initialization
- don't label crashed domains as shut off
- fix virsh man page
- blktapdd support for alternate drivers like blktap
- memory leak fixes (xend interface and XML parsing)
- compile fix
- mlock/munlock size fixes
* Fri Sep 22 2006 Daniel Veillard <veillard@redhat.com> 0.1.7-1
2006-09-29 10:25:21 +00:00
- Fix bug when running against xen-3.0.3 hypercalls
- Fix memory bug when getting vcpus info from xend
2006-09-22 09:58:17 +00:00
* Fri Sep 22 2006 Daniel Veillard <veillard@redhat.com> 0.1.6-1
- Support for localization
- Support for new Xen-3.0.3 cdrom and disk configuration
- Support for setting VNC port
- Fix bug when running against xen-3.0.2 hypercalls
- Fix reconnection problem when talking directly to http xend
* Tue Sep 5 2006 Jeremy Katz <katzj@redhat.com> - 0.1.5-3
- patch from danpb to support new-format cd devices for HVM guests
* Tue Sep 5 2006 Daniel Veillard <veillard@redhat.com> 0.1.5-2
- reactivating ia64 support
2006-09-05 06:48:44 +00:00
* Tue Sep 5 2006 Daniel Veillard <veillard@redhat.com> 0.1.5-1
- new release
- bug fixes
- support for new hypervisor calls
- early code for config files and defined domains
* Mon Sep 4 2006 Daniel Berrange <berrange@redhat.com> - 0.1.4-5
- add patch to address dom0_ops API breakage in Xen 3.0.3 tree
* Mon Aug 28 2006 Jeremy Katz <katzj@redhat.com> - 0.1.4-4
2008-02-05 19:27:37 +00:00
- add patch to support paravirt framebuffer in Xen
2006-09-05 06:48:44 +00:00
* Mon Aug 21 2006 Daniel Veillard <veillard@redhat.com> 0.1.4-3
- another patch to fix network handling in non-HVM guests
* Thu Aug 17 2006 Daniel Veillard <veillard@redhat.com> 0.1.4-2
- patch to fix virParseUUID()
2006-08-29 22:27:07 +00:00
* Wed Aug 16 2006 Daniel Veillard <veillard@redhat.com> 0.1.4-1
- vCPUs and affinity support
- more complete XML, console and boot options
- specific features support
- enforced read-only connections
- various improvements, bug fixes
* Wed Aug 2 2006 Jeremy Katz <katzj@redhat.com> - 0.1.3-6
- add patch from pvetere to allow getting uuid from libvirt
* Wed Aug 2 2006 Jeremy Katz <katzj@redhat.com> - 0.1.3-5
- build on ia64 now
* Thu Jul 27 2006 Jeremy Katz <katzj@redhat.com> - 0.1.3-4
- don't BR xen, we just need xen-devel
* Thu Jul 27 2006 Daniel Veillard <veillard@redhat.com> 0.1.3-3
- need rebuild since libxenstore is now versionned
2006-07-24 14:32:03 +00:00
* Mon Jul 24 2006 Mark McLoughlin <markmc@redhat.com> - 0.1.3-2
- Add BuildRequires: xen-devel
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 0.1.3-1.1
- rebuild
2006-07-11 16:57:03 +00:00
* Tue Jul 11 2006 Daniel Veillard <veillard@redhat.com> 0.1.3-1
- support for HVM Xen guests
- various bugfixes
2006-07-03 15:48:49 +00:00
* Mon Jul 3 2006 Daniel Veillard <veillard@redhat.com> 0.1.2-1
- added a proxy mechanism for read only access using httpu
- fixed header includes paths
2006-06-21 13:36:07 +00:00
* Wed Jun 21 2006 Daniel Veillard <veillard@redhat.com> 0.1.1-1
- extend and cleanup the driver infrastructure and code
- python examples
- extend uuid support
- bug fixes, buffer handling cleanups
- support for new Xen hypervisor API
- test driver for unit testing
- virsh --conect argument
2006-04-10 14:15:33 +00:00
* Mon Apr 10 2006 Daniel Veillard <veillard@redhat.com> 0.1.0-1
- various fixes
- new APIs: for Node information and Reboot
- virsh improvements and extensions
- documentation updates and man page
- enhancement and fixes of the XML description format
2006-02-28 14:22:33 +00:00
* Tue Feb 28 2006 Daniel Veillard <veillard@redhat.com> 0.0.6-1
- added error handling APIs
- small bug fixes
- improve python bindings
- augment documentation and regression tests
2006-02-23 11:35:37 +00:00
* Thu Feb 23 2006 Daniel Veillard <veillard@redhat.com> 0.0.5-1
- new domain creation API
- new UUID based APIs
- more tests, documentation, devhelp
- bug fixes
2006-02-10 10:28:59 +00:00
* Fri Feb 10 2006 Daniel Veillard <veillard@redhat.com> 0.0.4-1
- fixes some problems in 0.0.3 due to the change of names
2006-02-09 17:45:11 +00:00
* Wed Feb 8 2006 Daniel Veillard <veillard@redhat.com> 0.0.3-1
2008-02-05 19:27:37 +00:00
- changed library name to libvirt from libvir, complete and test the python
2006-02-09 17:45:11 +00:00
bindings
2006-01-31 10:21:10 +00:00
* Sun Jan 29 2006 Daniel Veillard <veillard@redhat.com> 0.0.2-1
- upstream release of 0.0.2, use xend, save and restore added, python bindings
fixed
2005-11-02 15:37:34 +00:00
* Wed Nov 2 2005 Daniel Veillard <veillard@redhat.com> 0.0.1-1
- created