Release of libvirt-8.10.0

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
qemu: Pass vm to qemuMigrationCookieParse if it exists
2025-08-23 05:50:03 +03:00 · 2022-12-01 10:55:15 +01:00 · 2022-12-01 10:30:21 +01:00 · 2022-12-01 08:38:01 +01:00 · 2022-11-30 12:18:11 +01:00 · 2022-11-29 15:24:43 +01:00
963 changed files with 169109 additions and 47347 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -20,15 +20,12 @@ include:
  - '/ci/integration.yml'

 .native_build_job:
-  extends: .gitlab_native_build_job
  cache:
    paths:
      - ccache/
    key: "$CI_JOB_NAME"
-  before_script:
-    - *script_variables
-    - cat /packages.txt
  script:
+    - *script_variables
    - meson setup build --werror $MESON_ARGS || (cat build/meson-logs/meson-log.txt && exit 1)
    - meson dist -C build --no-tests
    - if test -x /usr/bin/rpmbuild && test "$RPM" != "skip";
@ -40,33 +37,44 @@ include:
        meson test -C build --no-suite syntax-check --print-errorlogs;
      fi

+.native_build_job_prebuilt_env:
+  extends:
+    - .native_build_job
+    - .gitlab_native_build_job_prebuilt_env
+
+.native_build_job_local_env:
+  extends:
+    - .native_build_job
+    - .gitlab_native_build_job_local_env
+
 .cross_build_job:
-  extends: .gitlab_cross_build_job
  cache:
    paths:
      - ccache/
    key: "$CI_JOB_NAME"
-  before_script:
-    - *script_variables
-    - cat /packages.txt
  script:
+    - *script_variables
    - meson setup build --werror $MESON_OPTS || (cat build/meson-logs/meson-log.txt && exit 1)
    - meson compile -C build
    - if test "$CROSS" = "i686" ; then meson test -C build --no-suite syntax-check --print-errorlogs ; fi

+.cross_build_job_prebuilt_env:
+  extends:
+    - .cross_build_job
+    - .gitlab_cross_build_job_prebuilt_env
+
+.cross_build_job_local_env:
+  extends:
+    - .cross_build_job
+    - .gitlab_cross_build_job_local_env
+

 # This artifact published by this job is downloaded by libvirt.org to
 # be deployed to the web root:
 #    https://gitlab.com/libvirt/libvirt/-/jobs/artifacts/master/download?job=website
-website:
-  stage: builds
-  image: $CI_REGISTRY_IMAGE/ci-almalinux-8:latest
-  needs:
-    - job: x86_64-almalinux-8-container
-      optional: true
-  before_script:
-    - *script_variables
+.website_job:
  script:
+    - *script_variables
    - meson setup build --werror -Dsystem=true || (cat build/meson-logs/meson-log.txt && exit 1)
    - DESTDIR=$(pwd)/install ninja -C build install-web
    - mv install/usr/share/doc/libvirt/html/ website
@ -78,32 +86,69 @@ website:
    paths:
      - website

-
-codestyle:
-  stage: sanity_checks
-  image: $CI_REGISTRY_IMAGE/ci-opensuse-leap-153:latest
+website_prebuilt_env:
+  extends:
+    - .website_job
+    - .gitlab_native_build_job_prebuilt_env
  needs:
-    - job: x86_64-opensuse-leap-153-container
+    - job: x86_64-almalinux-8-container
      optional: true
-  before_script:
-    - *script_variables
+  variables:
+    NAME: almalinux-8
+
+website_local_env:
+  extends:
+    - .website_job
+    - .gitlab_native_build_job_local_env
+  variables:
+    IMAGE: docker.io/library/almalinux:8
+    NAME: almalinux-8
+
+
+.codestyle_job:
+  stage: sanity_checks
  script:
+    - *script_variables
    - meson setup build --werror || (cat build/meson-logs/meson-log.txt && exit 1)
    - ninja -C build libvirt-pot-dep
    - meson test -C build --suite syntax-check --no-rebuild --print-errorlogs

+codestyle_prebuilt_env:
+  extends:
+    - .codestyle_job
+    - .gitlab_native_build_job_prebuilt_env
+  needs:
+    - job: x86_64-opensuse-leap-153-container
+      optional: true
+  variables:
+    NAME: opensuse-leap-153
+
+codestyle_local_env:
+  extends:
+    - .codestyle_job
+    - .gitlab_native_build_job_local_env
+  variables:
+    IMAGE: registry.opensuse.org/opensuse/leap:15.3
+    NAME: opensuse-leap-153
+

 # This artifact published by this job is downloaded to push to Weblate
 # for translation usage:
 #    https://gitlab.com/libvirt/libvirt/-/jobs/artifacts/master/download?job=potfile
 potfile:
+  image: $CI_REGISTRY/$RUN_UPSTREAM_NAMESPACE/libvirt/ci-$NAME:latest
  stage: builds
-  image: $CI_REGISTRY_IMAGE/ci-almalinux-8:latest
+  variables:
+    NAME: almalinux-8
+  before_script:
+    - cat /packages.txt
  needs:
    - job: x86_64-almalinux-8-container
      optional: true
  rules:
-    - if: "$CI_COMMIT_BRANCH == 'master'"
+    - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
+      when: on_success
+    - when: never
  before_script:
    - *script_variables
  script:
@ -121,11 +166,13 @@ potfile:

 # Coverity job that is run only by schedules
 coverity:
-  image: $CI_REGISTRY_IMAGE/ci-almalinux-8:latest
+  image: $CI_REGISTRY/$RUN_UPSTREAM_NAMESPACE/libvirt/ci-$NAME:latest
+  stage: builds
  needs:
    - job: x86_64-almalinux-8-container
      optional: true
-  stage: builds
+  before_script:
+    - cat /packages.txt
  script:
    - curl https://scan.coverity.com/download/linux64 --form project=$COVERITY_SCAN_PROJECT_NAME --form token=$COVERITY_SCAN_TOKEN -o /tmp/cov-analysis-linux64.tgz
    - tar xfz /tmp/cov-analysis-linux64.tgz
@ -133,5 +180,11 @@ coverity:
    - cov-analysis-linux64-*/bin/cov-build --dir cov-int meson compile -C build
    - tar cfz cov-int.tar.gz cov-int
    - curl https://scan.coverity.com/builds?project=$COVERITY_SCAN_PROJECT_NAME --form token=$COVERITY_SCAN_TOKEN --form email=$GITLAB_USER_EMAIL --form file=@cov-int.tar.gz --form version="$(git describe --tags)" --form description="$(git describe --tags) / $CI_COMMIT_TITLE / $CI_COMMIT_REF_NAME:$CI_PIPELINE_ID"
+  variables:
+    NAME: almalinux-8
  rules:
-    - if: "$CI_PIPELINE_SOURCE == 'schedule' && $COVERITY_SCAN_PROJECT_NAME && $COVERITY_SCAN_TOKEN"
+    - if: '$COVERITY_SCAN_PROJECT_NAME == null || $COVERITY_SCAN_TOKEN == null'
+      when: never
+    - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "schedule" && $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH'
+      when: on_success
+    - when: never
--- a/NEWS.rst
+++ b/NEWS.rst
@ -8,6 +8,225 @@ the changes introduced by each of them.
 For a more fine-grained view, use the `git log`_.


+v8.10.0 (2022-12-01)
+====================
+
+* **New features**
+
+  * Tool for validating SEV firmware boot measurement of QEMU VMs
+
+    The ``virt-qemu-sev-validate`` program will compare a reported SEV/SEV-ES
+    domain launch measurement, to a computed launch measurement. This
+    determines whether the domain has been tampered with during launch.
+
+  * Support for SGX EPC (enclave page cache)
+
+    Users can add a ``<memory model='sgx-epc'>`` device to lauch a VM with
+    ``Intel Software Guard Extensions``.
+
+  * Support migration of vTPM state of QEMU vms on shared storage
+
+    Pass ``--migration`` option if appropriate in order for ``swtpm`` to
+    properly migrate on shared storage.
+
+* **Improvements**
+
+  * Mark close callback (un-)register API as high priority
+
+    High priority APIs use a separate thread pool thus can help in eliminating
+    problems with stuck VMs. Marking the close callback API as high priority
+    allows ``virsh`` to properly connect to the daemon in case the normal
+    priority workers are stuck allowing other high priority API usage.
+
+  * Updated x86 CPU features
+
+    The following features for the x86 platform were added:
+    ``v-vmsave-vmload``, ``vgif``, ``avx512-vp2intersect``, ``avx512-fp16``,
+    ``serialize``, ``tsx-ldtrk``, ``arch-lbr``, ``xfd``, ``intel-pt-lip``,
+    ``avic``, ``sgx``, ``sgxlc``, ``sgx-exinfo``, ``sgx1``, ``sgx2``,
+    ``sgx-debug``, ``sgx-mode64``, ``sgx-provisionkey``, ``sgx-tokenkey``,
+    ``sgx-kss``, ``bus-lock-detect``, ``pks``, ``amx``.
+
+  * Add support for ``hv-avic`` Hyper-V enlightenment
+
+    ``qemu-6.2`` introduced support for the ``hv-avic`` enlightenment which
+    allows to use Hyper-V SynIC with hardware APICv/AVIC enabled.
+
+  * qemu: Run memory preallocation with numa-pinned threads
+
+    Run the thread allocating memory in the proper NUMA node to reduce overhead.
+
+  * RPM packaging changes
+
+    - add optional dependancy of ``libvirt-daemon`` on ``libvirt-client``
+
+      The ``libvirt-guests.`` tool requires the ``virsh`` client to work
+      properly, but we don't want to require the installation of the daemon
+      if the tool is not used.
+
+    - relax required ``python3-libvirt`` version for ``libvirt-client-qemu``
+
+      The ``virt-qemu-qmp-proxy`` tool requires python but doesn't strictly
+      need the newest version. Remove the strict versioning requirement in
+      order to prevent cyclic dependency when building.
+
+* **Bug fixes**
+
+  * Skip initialization of ``cache`` capabilities if host doesn't support them
+
+    Hypervisor drivers would fail to initialize on ``aarch64`` hosts with
+    following error ::
+
+      virStateInitialize:657 : Initialisation of cloud-hypervisor state driver failed: no error
+
+    which prevented the startup of the daemon.
+
+  * Allow incoming connections to guests on routed networks w/firewalld
+
+    A change in handling of implicit rules in ``firewalld 1.0.0`` broke
+    incomming connections to VMs when using ``routed`` network. This is fixed
+    by adding a new ``libvirt-routed`` zone configured to once again allow
+    incoming sessions to guests on routed networks.
+
+  * Fix infinite loop in nodedev driver
+
+    Certain udev entries might be of a size that makes libudev emit EINVAL
+    which caused a busy loop burning CPU. Fix it by ignoring the return code.
+
+v8.9.0 (2022-11-01)
+===================
+
+* **New features**
+
+  * Add ``virt-qemu-qmp-proxy`` for emulating a QMP socket for libvirt managed VMs
+
+    ``virt-qemu-qmp-proxy`` tool provides a way to expose an emulated QMP server
+    socket for a VM managed by libvirt. This allows existing QMP-only clients
+    to work with libvirt managed VMs.
+
+    **Note:** libvirt is not interpreting the communication between the tool
+    using the proxy and qemu itself, so any state-changing commands may
+    desynchronize libvirt. Use at your own risk.
+
+  * qemu: Core Scheduling support
+
+    To avoid side channel attacks, the Linux kernel allows creating groups of
+    processes that trust each other and thus can be scheduled to run on
+    hyperthreads of a CPU core at the same time. This is now implemented for
+    QEMU domains too (see ``sched_core`` knob in qemu.conf), although not
+    enabled by default, just yet.
+
+* **Improvements**
+
+  * qemu: Add hypervisor-specific statistics to ``virConnectGetAllDomainStats``
+
+    The new stats group ``VIR_DOMAIN_STATS_VM`` of
+    ``virConnectGetAllDomainStats``, also exposed as ``virsh domstats --vm``,
+    returns hypervisor-specific stats fields for given VM.
+
+  * Add ``vendor`` attribute for CPU models in domain capabilities
+
+    Users can now see the vendor of each CPU model in domain capabilities and
+    use it, e.g., for filtering usable CPU models based on host CPU vendor.
+
+  * virsh: Add ``--model`` option for ``hypervisor-cpu-baseline``
+
+    This is a shortcut for calling ``hypervisor-cpu-baseline`` with a single
+    CPU model and no additional features. It can be used for determining which
+    features block a particular CPU model from being usable.
+
+  * Improved documentation of CPU ``usable`` attribute in domain capabilities
+
+  * Report ``channel`` and ``redirdev`` devices in domain capabilities
+
+    The channel and redirect devices supported by the hypervisor are now
+    reported in domain capabilities.
+
+  * meson: Bump minimal required meson version
+
+    Newer meson versions deprecate some functions used. These were replaced
+    with their newer counterparts and the minimal required mesion version was
+    bumped to 0.56.0.
+
+  * qemu: Add flags to keep or remove TPM state for ``virDomainUndefineFlags``
+
+    ``VIR_DOMAIN_UNDEFINE_TPM`` and ``VIR_DOMAIN_UNDEFINE_KEEP_TPM`` specify
+    accordingly to delete or keep a TPM's persistent state directory structure
+    and files when undefining a domain. In virsh the flags are exposed as
+    ``--tpm`` and ``--keep-tpm`` for the sub-command ``undefine``.
+
+* **Bug fixes**
+
+  * qemu: Disable all blocker features in CPU baseline
+
+    Three years ago QEMU renamed some CPU features (mostly those containing
+    an underscore). When such renamed feature was reported by QEMU as blocking
+    usability of a CPU model, we would fail to explicitly disable it when
+    creating a baseline CPU definition using this model. This bug did not have
+    any functional impact when the default ``check='partial'`` attribute was
+    used for guest CPU definition in domain XML, but it could have caused
+    failures to start a domain with ``check='full'`` in some cases.
+
+  * qemu: Do not crash after restart with active migration
+
+    In 8.8.0 release libvirt daemon would crash after it was restarted during
+    an active outgoing migration.
+
+  * qemu: Refresh state after restore from a save image
+
+    When a domain is restored from a saved image, libvirt now queries QEMU for
+    those parts of runtime information that were not part of the save image.
+    For instance: MAC address of a macvtap NICs, tray state of CD-ROMs,
+    allocated size of virtio-mem, and others.
+
+
+v8.8.0 (2022-10-03)
+===================
+
+* **Removed features**
+
+  * storage: Remove 'sheepdog' storage driver backend
+
+    The 'sheepdog' project is no longer maintained and upstream bug reports
+    are unaddressed. Libvirt thus removed the support for the sheepdog storage
+    driver backend, following qemu's removal of sheepdog support in qemu-6.1.
+
+* **Improvements**
+
+  * qemu: Implement VIR_DOMAIN_STATS_CPU_TOTAL for qemu:///session
+
+    Users can now query VIR_DOMAIN_STATS_CPU_TOTAL (also known as cpu.time)
+    statistics for session domains.
+
+* **Bug fixes**
+
+  * qemu: Fix non-shared storage migration setup
+
+    This release fixes a bug in setup of a migration with non-shared storage
+    ( ``virsh migrate --copy-storage-all``) which was broken by a refactor of
+    the code in libvirt-8.7.
+
+  * selinux: Don't ignore NVMe disks when setting image label
+
+    Libvirt did not set any SELinux label on NVMe disks and relied only on the
+    default SELinux policy. This turned out to cause problem when using
+    namespace or altered policy and thus is fixed now.
+
+  * qemu: Fix a deadlock when setting up namespace
+
+    When starting a domain, libvirt creates a mount namespace and manages
+    private /dev with only a handful nodes exposed. But when creating those a
+    deadlock inside glib might have occurred. The code was changed so that
+    libvirt does not tickle the glib bug.
+
+  * qemu: Don't build memory paths on daemon restart
+
+    When the daemon is restarted it tried to create domain private paths for
+    each mounted hugetlbfs. When this failed, the corresponding domain was
+    killed. This operation is now performed during domain startup and memory
+    hotplug and no longer leads to sudden kill of the domain.
+
+
 v8.7.0 (2022-09-01)
 ===================

@ -70,7 +289,7 @@ v8.5.0 (2022-07-01)
  * qemu: Add support for zero-copy migration

    With QEMU 7.1.0, libvirt can enable zerocopy for parallel migration. This
-    is implmented by adding a new ``VIR_MIGRATE_ZEROCOPY`` flag(``virsh migrate
+    is implemented by adding a new ``VIR_MIGRATE_ZEROCOPY`` flag(``virsh migrate
    --zerocopy``).

  * Introduce thread_pool_min and thread_pool_max attributes to IOThread
--- a/build-aux/meson.build
+++ b/build-aux/meson.build
@ -1,6 +1,6 @@
 flake8_path = ''
 if flake8_prog.found()
-  flake8_path = flake8_prog.path()
+  flake8_path = flake8_prog.full_path()
 endif

 if host_machine.system() == 'freebsd' or host_machine.system() == 'darwin'
@ -29,14 +29,14 @@ endif
 awk_prog = find_program('awk')

 syntax_check_conf = configuration_data({
-  'top_srcdir': meson.source_root(),
-  'top_builddir': meson.build_root(),
+  'top_srcdir': meson.project_source_root(),
+  'top_builddir': meson.project_build_root(),
  'flake8_path': flake8_path,
  'runutf8': ' '.join(runutf8),
-  'PYTHON3': python3_prog.path(),
-  'GREP': grep_prog.path(),
-  'SED': sed_prog.path(),
-  'AWK': awk_prog.path(),
+  'PYTHON3': python3_prog.full_path(),
+  'GREP': grep_prog.full_path(),
+  'SED': sed_prog.full_path(),
+  'AWK': awk_prog.full_path(),
 })

 configure_file(
--- a/build-aux/syntax-check.mk
+++ b/build-aux/syntax-check.mk
@ -203,6 +203,7 @@ sc_prohibit_readlink:

 sc_prohibit_gethostname:
 	@prohibit='gethostname *\(' \
+	in_vc_files='\.[ch]$$' \
 	halt='use virGetHostname, not gethostname' \
 	  $(_sc_search_regexp)

@ -1257,14 +1258,6 @@ sc_po_check:
 	  rm -f $@-1 $@-2; \
 	fi

-linguas_file = $(top_srcdir)/po/LINGUAS
-
-sc_linguas_sorting:
-	@sort -u $(linguas_file) > $@-1; \
-	diff -u -L $(linguas_file) -L $(linguas_file) $(linguas_file) $@-1 \
-	  || { echo "$(linguas_file) is not sorted correctly" 1>&2; exit 1; }; \
-	rm -f $@-1
-
 # #if WITH_... will evaluate to false for any non numeric string.
 # That would be flagged by using -Wundef, however gnulib currently
 # tests many undefined macros, and so we can't enable that option.
@ -1363,7 +1356,7 @@ exclude_file_name_regexp--sc_prohibit_strdup = \
  ^(docs/|examples/|tests/virnetserverclientmock.c|tests/commandhelper.c|tools/nss/libvirt_nss_(leases|macs)\.c$$)

 exclude_file_name_regexp--sc_prohibit_close = \
-  (\.p[yl]$$|\.spec\.in$$|^docs/|^(src/util/vir(file|event)\.c|src/libvirt-stream\.c|tests/(vir.+mock\.c|commandhelper\.c|qemusecuritymock\.c)|tools/nss/libvirt_nss_(leases|macs)\.c)$$)
+  (\.p[yl]$$|\.spec\.in$$|^docs/|^(src/util/vir(file|event)\.c|src/libvirt-stream\.c|tests/(vir.+mock\.c|commandhelper\.c|qemusecuritymock\.c)|tools/nss/libvirt_nss_(leases|macs)\.c)|tools/virt-qemu-qmp-proxy$$)

 exclude_file_name_regexp--sc_prohibit_empty_lines_at_EOF = \
  (^tests/(nodedevmdevctl|virhostcpu|virpcitest|virstoragetest)data/|docs/js/.*\.js|docs/fonts/.*\.woff|\.diff|tests/virconfdata/no-newline\.conf$$)
--- a/ci/README.rst
+++ b/ci/README.rst
@ -6,6 +6,13 @@ This document provides some information related to the CI capabilities for the
 libvirt project.


+GitLab CI tuning
+================
+
+The behaviour of GitLab CI can be tuned through a number of variables
+which can be set at push time, or through the UI. See ``ci/gitlab.yml``
+for further details.
+
 Cirrus CI integration
 =====================

--- a/ci/buildenv/almalinux-8.sh
+++ b/ci/buildenv/almalinux-8.sh
@ -0,0 +1,98 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    dnf update -y
+    dnf install 'dnf-command(config-manager)' -y
+    dnf config-manager --set-enabled -y powertools
+    dnf install -y centos-release-advanced-virtualization
+    dnf install -y epel-release
+    dnf install -y \
+        audit-libs-devel \
+        augeas \
+        bash-completion \
+        ca-certificates \
+        ccache \
+        clang \
+        cpp \
+        cyrus-sasl-devel \
+        device-mapper-devel \
+        diffutils \
+        dwarves \
+        ebtables \
+        firewalld-filesystem \
+        fuse-devel \
+        gcc \
+        gettext \
+        git \
+        glib2-devel \
+        glibc-devel \
+        glibc-langpack-en \
+        glusterfs-api-devel \
+        gnutls-devel \
+        grep \
+        iproute \
+        iproute-tc \
+        iptables \
+        iscsi-initiator-utils \
+        kmod \
+        libacl-devel \
+        libattr-devel \
+        libblkid-devel \
+        libcap-ng-devel \
+        libcurl-devel \
+        libiscsi-devel \
+        libnl3-devel \
+        libpcap-devel \
+        libpciaccess-devel \
+        librbd-devel \
+        libselinux-devel \
+        libssh-devel \
+        libssh2-devel \
+        libtirpc-devel \
+        libwsman-devel \
+        libxml2 \
+        libxml2-devel \
+        libxslt \
+        lvm2 \
+        make \
+        meson \
+        netcf-devel \
+        nfs-utils \
+        ninja-build \
+        numactl-devel \
+        numad \
+        parted-devel \
+        perl \
+        pkgconfig \
+        polkit \
+        python3 \
+        python3-docutils \
+        python3-flake8 \
+        qemu-img \
+        readline-devel \
+        rpcgen \
+        rpm-build \
+        sanlock-devel \
+        scrub \
+        sed \
+        systemd-devel \
+        systemd-rpm-macros \
+        systemtap-sdt-devel \
+        wireshark-devel \
+        yajl-devel
+    rpm -qa | sort > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
--- a/ci/buildenv/alpine-315.sh
+++ b/ci/buildenv/alpine-315.sh
@ -0,0 +1,80 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    apk update
+    apk upgrade
+    apk add \
+        acl-dev \
+        attr-dev \
+        audit-dev \
+        augeas \
+        bash-completion \
+        ca-certificates \
+        ccache \
+        ceph-dev \
+        clang \
+        curl-dev \
+        cyrus-sasl-dev \
+        diffutils \
+        eudev-dev \
+        fuse-dev \
+        gcc \
+        gettext \
+        git \
+        glib-dev \
+        gnutls-dev \
+        grep \
+        iproute2 \
+        iptables \
+        kmod \
+        libcap-ng-dev \
+        libnl3-dev \
+        libpcap-dev \
+        libpciaccess-dev \
+        libselinux-dev \
+        libssh-dev \
+        libssh2-dev \
+        libtirpc-dev \
+        libxml2-dev \
+        libxml2-utils \
+        libxslt \
+        lvm2 \
+        lvm2-dev \
+        make \
+        meson \
+        musl-dev \
+        netcf-dev \
+        nfs-utils \
+        numactl-dev \
+        open-iscsi \
+        parted-dev \
+        perl \
+        pkgconf \
+        polkit \
+        py3-docutils \
+        py3-flake8 \
+        python3 \
+        qemu-img \
+        readline-dev \
+        samurai \
+        sed \
+        util-linux-dev \
+        wireshark-dev \
+        xen-dev \
+        yajl-dev
+    apk list | sort > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
--- a/ci/buildenv/alpine-edge.sh
+++ b/ci/buildenv/alpine-edge.sh
@ -0,0 +1,81 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    apk update
+    apk upgrade
+    apk add \
+        acl-dev \
+        attr-dev \
+        audit-dev \
+        augeas \
+        bash-completion \
+        ca-certificates \
+        ccache \
+        ceph-dev \
+        clang \
+        curl-dev \
+        cyrus-sasl-dev \
+        diffutils \
+        eudev-dev \
+        fuse-dev \
+        gcc \
+        gettext \
+        git \
+        glib-dev \
+        gnutls-dev \
+        grep \
+        iproute2 \
+        iptables \
+        kmod \
+        libcap-ng-dev \
+        libnl3-dev \
+        libpcap-dev \
+        libpciaccess-dev \
+        libselinux-dev \
+        libssh-dev \
+        libssh2-dev \
+        libtirpc-dev \
+        libxml2-dev \
+        libxml2-utils \
+        libxslt \
+        lvm2 \
+        lvm2-dev \
+        make \
+        meson \
+        musl-dev \
+        netcf-dev \
+        nfs-utils \
+        numactl-dev \
+        open-iscsi \
+        parted-dev \
+        perl \
+        pkgconf \
+        polkit \
+        py3-docutils \
+        py3-flake8 \
+        python3 \
+        qemu-img \
+        readline-dev \
+        rpcgen \
+        samurai \
+        sed \
+        util-linux-dev \
+        wireshark-dev \
+        xen-dev \
+        yajl-dev
+    apk list | sort > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
--- a/ci/buildenv/centos-stream-8.sh
+++ b/ci/buildenv/centos-stream-8.sh
@ -0,0 +1,99 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    dnf distro-sync -y
+    dnf install 'dnf-command(config-manager)' -y
+    dnf config-manager --set-enabled -y powertools
+    dnf install -y centos-release-advanced-virtualization
+    dnf install -y epel-release
+    dnf install -y epel-next-release
+    dnf install -y \
+        audit-libs-devel \
+        augeas \
+        bash-completion \
+        ca-certificates \
+        ccache \
+        clang \
+        cpp \
+        cyrus-sasl-devel \
+        device-mapper-devel \
+        diffutils \
+        dwarves \
+        ebtables \
+        firewalld-filesystem \
+        fuse-devel \
+        gcc \
+        gettext \
+        git \
+        glib2-devel \
+        glibc-devel \
+        glibc-langpack-en \
+        glusterfs-api-devel \
+        gnutls-devel \
+        grep \
+        iproute \
+        iproute-tc \
+        iptables \
+        iscsi-initiator-utils \
+        kmod \
+        libacl-devel \
+        libattr-devel \
+        libblkid-devel \
+        libcap-ng-devel \
+        libcurl-devel \
+        libiscsi-devel \
+        libnl3-devel \
+        libpcap-devel \
+        libpciaccess-devel \
+        librbd-devel \
+        libselinux-devel \
+        libssh-devel \
+        libssh2-devel \
+        libtirpc-devel \
+        libwsman-devel \
+        libxml2 \
+        libxml2-devel \
+        libxslt \
+        lvm2 \
+        make \
+        meson \
+        netcf-devel \
+        nfs-utils \
+        ninja-build \
+        numactl-devel \
+        numad \
+        parted-devel \
+        perl \
+        pkgconfig \
+        polkit \
+        python3 \
+        python3-docutils \
+        python3-flake8 \
+        qemu-img \
+        readline-devel \
+        rpcgen \
+        rpm-build \
+        sanlock-devel \
+        scrub \
+        sed \
+        systemd-devel \
+        systemd-rpm-macros \
+        systemtap-sdt-devel \
+        wireshark-devel \
+        yajl-devel
+    rpm -qa | sort > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
--- a/ci/buildenv/centos-stream-9.sh
+++ b/ci/buildenv/centos-stream-9.sh
@ -0,0 +1,98 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    dnf distro-sync -y
+    dnf install 'dnf-command(config-manager)' -y
+    dnf config-manager --set-enabled -y crb
+    dnf install -y epel-release
+    dnf install -y epel-next-release
+    dnf install -y \
+        audit-libs-devel \
+        augeas \
+        bash-completion \
+        ca-certificates \
+        ccache \
+        clang \
+        cpp \
+        cyrus-sasl-devel \
+        device-mapper-devel \
+        diffutils \
+        dwarves \
+        ebtables \
+        firewalld-filesystem \
+        fuse-devel \
+        gcc \
+        gettext \
+        git \
+        glib2-devel \
+        glibc-devel \
+        glibc-langpack-en \
+        gnutls-devel \
+        grep \
+        iproute \
+        iproute-tc \
+        iptables \
+        iscsi-initiator-utils \
+        kmod \
+        libacl-devel \
+        libattr-devel \
+        libblkid-devel \
+        libcap-ng-devel \
+        libcurl-devel \
+        libnl3-devel \
+        libpcap-devel \
+        libpciaccess-devel \
+        librbd-devel \
+        libselinux-devel \
+        libssh-devel \
+        libssh2-devel \
+        libtirpc-devel \
+        libwsman-devel \
+        libxml2 \
+        libxml2-devel \
+        libxslt \
+        lvm2 \
+        make \
+        meson \
+        nfs-utils \
+        ninja-build \
+        numactl-devel \
+        numad \
+        parted-devel \
+        perl-base \
+        pkgconfig \
+        polkit \
+        python3 \
+        python3-docutils \
+        python3-pip \
+        python3-setuptools \
+        python3-wheel \
+        qemu-img \
+        readline-devel \
+        rpcgen \
+        rpm-build \
+        sanlock-devel \
+        scrub \
+        sed \
+        systemd-devel \
+        systemd-rpm-macros \
+        systemtap-sdt-devel \
+        wireshark-devel \
+        yajl-devel
+    rpm -qa | sort > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc
+    /usr/bin/pip3 install flake8
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
--- a/ci/buildenv/debian-11-cross-aarch64.sh
+++ b/ci/buildenv/debian-11-cross-aarch64.sh
@ -0,0 +1,115 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    export DEBIAN_FRONTEND=noninteractive
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y \
+            augeas-lenses \
+            augeas-tools \
+            bash-completion \
+            ca-certificates \
+            ccache \
+            codespell \
+            cpp \
+            diffutils \
+            dwarves \
+            ebtables \
+            flake8 \
+            gettext \
+            git \
+            grep \
+            iproute2 \
+            iptables \
+            kmod \
+            libc-dev-bin \
+            libxml2-utils \
+            locales \
+            lvm2 \
+            make \
+            meson \
+            nfs-common \
+            ninja-build \
+            numad \
+            open-iscsi \
+            perl-base \
+            pkgconf \
+            policykit-1 \
+            python3 \
+            python3-docutils \
+            qemu-utils \
+            scrub \
+            sed \
+            xsltproc
+    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen
+    dpkg-reconfigure locales
+    export DEBIAN_FRONTEND=noninteractive
+    dpkg --add-architecture arm64
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y dpkg-dev
+    apt-get install --no-install-recommends -y \
+            gcc-aarch64-linux-gnu \
+            libacl1-dev:arm64 \
+            libapparmor-dev:arm64 \
+            libattr1-dev:arm64 \
+            libaudit-dev:arm64 \
+            libblkid-dev:arm64 \
+            libc6-dev:arm64 \
+            libcap-ng-dev:arm64 \
+            libcurl4-gnutls-dev:arm64 \
+            libdevmapper-dev:arm64 \
+            libfuse-dev:arm64 \
+            libglib2.0-dev:arm64 \
+            libglusterfs-dev:arm64 \
+            libgnutls28-dev:arm64 \
+            libiscsi-dev:arm64 \
+            libnl-3-dev:arm64 \
+            libnl-route-3-dev:arm64 \
+            libnuma-dev:arm64 \
+            libparted-dev:arm64 \
+            libpcap0.8-dev:arm64 \
+            libpciaccess-dev:arm64 \
+            librbd-dev:arm64 \
+            libreadline-dev:arm64 \
+            libsanlock-dev:arm64 \
+            libsasl2-dev:arm64 \
+            libselinux1-dev:arm64 \
+            libssh-gcrypt-dev:arm64 \
+            libssh2-1-dev:arm64 \
+            libtirpc-dev:arm64 \
+            libudev-dev:arm64 \
+            libxen-dev:arm64 \
+            libxml2-dev:arm64 \
+            libyajl-dev:arm64 \
+            systemtap-sdt-dev:arm64
+    mkdir -p /usr/local/share/meson/cross
+    echo "[binaries]\n\
+c = '/usr/bin/aarch64-linux-gnu-gcc'\n\
+ar = '/usr/bin/aarch64-linux-gnu-gcc-ar'\n\
+strip = '/usr/bin/aarch64-linux-gnu-strip'\n\
+pkgconfig = '/usr/bin/aarch64-linux-gnu-pkg-config'\n\
+\n\
+[host_machine]\n\
+system = 'linux'\n\
+cpu_family = 'aarch64'\n\
+cpu = 'aarch64'\n\
+endian = 'little'" > /usr/local/share/meson/cross/aarch64-linux-gnu
+    dpkg-query --showformat '${Package}_${Version}_${Architecture}\n' --show > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/aarch64-linux-gnu-cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/aarch64-linux-gnu-gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
+
+export ABI="aarch64-linux-gnu"
+export MESON_OPTS="--cross-file=aarch64-linux-gnu"
--- a/ci/buildenv/debian-11-cross-armv6l.sh
+++ b/ci/buildenv/debian-11-cross-armv6l.sh
@ -0,0 +1,114 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    export DEBIAN_FRONTEND=noninteractive
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y \
+            augeas-lenses \
+            augeas-tools \
+            bash-completion \
+            ca-certificates \
+            ccache \
+            codespell \
+            cpp \
+            diffutils \
+            dwarves \
+            ebtables \
+            flake8 \
+            gettext \
+            git \
+            grep \
+            iproute2 \
+            iptables \
+            kmod \
+            libc-dev-bin \
+            libxml2-utils \
+            locales \
+            lvm2 \
+            make \
+            meson \
+            nfs-common \
+            ninja-build \
+            numad \
+            open-iscsi \
+            perl-base \
+            pkgconf \
+            policykit-1 \
+            python3 \
+            python3-docutils \
+            qemu-utils \
+            scrub \
+            sed \
+            xsltproc
+    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen
+    dpkg-reconfigure locales
+    export DEBIAN_FRONTEND=noninteractive
+    dpkg --add-architecture armel
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y dpkg-dev
+    apt-get install --no-install-recommends -y \
+            gcc-arm-linux-gnueabi \
+            libacl1-dev:armel \
+            libapparmor-dev:armel \
+            libattr1-dev:armel \
+            libaudit-dev:armel \
+            libblkid-dev:armel \
+            libc6-dev:armel \
+            libcap-ng-dev:armel \
+            libcurl4-gnutls-dev:armel \
+            libdevmapper-dev:armel \
+            libfuse-dev:armel \
+            libglib2.0-dev:armel \
+            libglusterfs-dev:armel \
+            libgnutls28-dev:armel \
+            libiscsi-dev:armel \
+            libnl-3-dev:armel \
+            libnl-route-3-dev:armel \
+            libnuma-dev:armel \
+            libparted-dev:armel \
+            libpcap0.8-dev:armel \
+            libpciaccess-dev:armel \
+            librbd-dev:armel \
+            libreadline-dev:armel \
+            libsanlock-dev:armel \
+            libsasl2-dev:armel \
+            libselinux1-dev:armel \
+            libssh-gcrypt-dev:armel \
+            libssh2-1-dev:armel \
+            libtirpc-dev:armel \
+            libudev-dev:armel \
+            libxml2-dev:armel \
+            libyajl-dev:armel \
+            systemtap-sdt-dev:armel
+    mkdir -p /usr/local/share/meson/cross
+    echo "[binaries]\n\
+c = '/usr/bin/arm-linux-gnueabi-gcc'\n\
+ar = '/usr/bin/arm-linux-gnueabi-gcc-ar'\n\
+strip = '/usr/bin/arm-linux-gnueabi-strip'\n\
+pkgconfig = '/usr/bin/arm-linux-gnueabi-pkg-config'\n\
+\n\
+[host_machine]\n\
+system = 'linux'\n\
+cpu_family = 'arm'\n\
+cpu = 'arm'\n\
+endian = 'little'" > /usr/local/share/meson/cross/arm-linux-gnueabi
+    dpkg-query --showformat '${Package}_${Version}_${Architecture}\n' --show > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/arm-linux-gnueabi-cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/arm-linux-gnueabi-gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
+
+export ABI="arm-linux-gnueabi"
+export MESON_OPTS="--cross-file=arm-linux-gnueabi"
--- a/ci/buildenv/debian-11-cross-armv7l.sh
+++ b/ci/buildenv/debian-11-cross-armv7l.sh
@ -0,0 +1,115 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    export DEBIAN_FRONTEND=noninteractive
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y \
+            augeas-lenses \
+            augeas-tools \
+            bash-completion \
+            ca-certificates \
+            ccache \
+            codespell \
+            cpp \
+            diffutils \
+            dwarves \
+            ebtables \
+            flake8 \
+            gettext \
+            git \
+            grep \
+            iproute2 \
+            iptables \
+            kmod \
+            libc-dev-bin \
+            libxml2-utils \
+            locales \
+            lvm2 \
+            make \
+            meson \
+            nfs-common \
+            ninja-build \
+            numad \
+            open-iscsi \
+            perl-base \
+            pkgconf \
+            policykit-1 \
+            python3 \
+            python3-docutils \
+            qemu-utils \
+            scrub \
+            sed \
+            xsltproc
+    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen
+    dpkg-reconfigure locales
+    export DEBIAN_FRONTEND=noninteractive
+    dpkg --add-architecture armhf
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y dpkg-dev
+    apt-get install --no-install-recommends -y \
+            gcc-arm-linux-gnueabihf \
+            libacl1-dev:armhf \
+            libapparmor-dev:armhf \
+            libattr1-dev:armhf \
+            libaudit-dev:armhf \
+            libblkid-dev:armhf \
+            libc6-dev:armhf \
+            libcap-ng-dev:armhf \
+            libcurl4-gnutls-dev:armhf \
+            libdevmapper-dev:armhf \
+            libfuse-dev:armhf \
+            libglib2.0-dev:armhf \
+            libglusterfs-dev:armhf \
+            libgnutls28-dev:armhf \
+            libiscsi-dev:armhf \
+            libnl-3-dev:armhf \
+            libnl-route-3-dev:armhf \
+            libnuma-dev:armhf \
+            libparted-dev:armhf \
+            libpcap0.8-dev:armhf \
+            libpciaccess-dev:armhf \
+            librbd-dev:armhf \
+            libreadline-dev:armhf \
+            libsanlock-dev:armhf \
+            libsasl2-dev:armhf \
+            libselinux1-dev:armhf \
+            libssh-gcrypt-dev:armhf \
+            libssh2-1-dev:armhf \
+            libtirpc-dev:armhf \
+            libudev-dev:armhf \
+            libxen-dev:armhf \
+            libxml2-dev:armhf \
+            libyajl-dev:armhf \
+            systemtap-sdt-dev:armhf
+    mkdir -p /usr/local/share/meson/cross
+    echo "[binaries]\n\
+c = '/usr/bin/arm-linux-gnueabihf-gcc'\n\
+ar = '/usr/bin/arm-linux-gnueabihf-gcc-ar'\n\
+strip = '/usr/bin/arm-linux-gnueabihf-strip'\n\
+pkgconfig = '/usr/bin/arm-linux-gnueabihf-pkg-config'\n\
+\n\
+[host_machine]\n\
+system = 'linux'\n\
+cpu_family = 'arm'\n\
+cpu = 'armhf'\n\
+endian = 'little'" > /usr/local/share/meson/cross/arm-linux-gnueabihf
+    dpkg-query --showformat '${Package}_${Version}_${Architecture}\n' --show > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/arm-linux-gnueabihf-cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/arm-linux-gnueabihf-gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
+
+export ABI="arm-linux-gnueabihf"
+export MESON_OPTS="--cross-file=arm-linux-gnueabihf"
--- a/ci/buildenv/debian-11-cross-i686.sh
+++ b/ci/buildenv/debian-11-cross-i686.sh
@ -0,0 +1,114 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    export DEBIAN_FRONTEND=noninteractive
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y \
+            augeas-lenses \
+            augeas-tools \
+            bash-completion \
+            ca-certificates \
+            ccache \
+            codespell \
+            cpp \
+            diffutils \
+            dwarves \
+            ebtables \
+            flake8 \
+            gettext \
+            git \
+            grep \
+            iproute2 \
+            iptables \
+            kmod \
+            libc-dev-bin \
+            libxml2-utils \
+            locales \
+            lvm2 \
+            make \
+            meson \
+            nfs-common \
+            ninja-build \
+            numad \
+            open-iscsi \
+            perl-base \
+            pkgconf \
+            policykit-1 \
+            python3 \
+            python3-docutils \
+            qemu-utils \
+            scrub \
+            sed \
+            xsltproc
+    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen
+    dpkg-reconfigure locales
+    export DEBIAN_FRONTEND=noninteractive
+    dpkg --add-architecture i386
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y dpkg-dev
+    apt-get install --no-install-recommends -y \
+            gcc-i686-linux-gnu \
+            libacl1-dev:i386 \
+            libapparmor-dev:i386 \
+            libattr1-dev:i386 \
+            libaudit-dev:i386 \
+            libblkid-dev:i386 \
+            libc6-dev:i386 \
+            libcap-ng-dev:i386 \
+            libcurl4-gnutls-dev:i386 \
+            libdevmapper-dev:i386 \
+            libfuse-dev:i386 \
+            libglib2.0-dev:i386 \
+            libglusterfs-dev:i386 \
+            libgnutls28-dev:i386 \
+            libiscsi-dev:i386 \
+            libnl-3-dev:i386 \
+            libnl-route-3-dev:i386 \
+            libnuma-dev:i386 \
+            libparted-dev:i386 \
+            libpcap0.8-dev:i386 \
+            libpciaccess-dev:i386 \
+            librbd-dev:i386 \
+            libreadline-dev:i386 \
+            libsanlock-dev:i386 \
+            libsasl2-dev:i386 \
+            libselinux1-dev:i386 \
+            libssh-gcrypt-dev:i386 \
+            libssh2-1-dev:i386 \
+            libtirpc-dev:i386 \
+            libudev-dev:i386 \
+            libxml2-dev:i386 \
+            libyajl-dev:i386 \
+            systemtap-sdt-dev:i386
+    mkdir -p /usr/local/share/meson/cross
+    echo "[binaries]\n\
+c = '/usr/bin/i686-linux-gnu-gcc'\n\
+ar = '/usr/bin/i686-linux-gnu-gcc-ar'\n\
+strip = '/usr/bin/i686-linux-gnu-strip'\n\
+pkgconfig = '/usr/bin/i686-linux-gnu-pkg-config'\n\
+\n\
+[host_machine]\n\
+system = 'linux'\n\
+cpu_family = 'x86'\n\
+cpu = 'i686'\n\
+endian = 'little'" > /usr/local/share/meson/cross/i686-linux-gnu
+    dpkg-query --showformat '${Package}_${Version}_${Architecture}\n' --show > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/i686-linux-gnu-cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/i686-linux-gnu-gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
+
+export ABI="i686-linux-gnu"
+export MESON_OPTS="--cross-file=i686-linux-gnu"
--- a/ci/buildenv/debian-11-cross-mips64el.sh
+++ b/ci/buildenv/debian-11-cross-mips64el.sh
@ -0,0 +1,114 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    export DEBIAN_FRONTEND=noninteractive
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y \
+            augeas-lenses \
+            augeas-tools \
+            bash-completion \
+            ca-certificates \
+            ccache \
+            codespell \
+            cpp \
+            diffutils \
+            dwarves \
+            ebtables \
+            flake8 \
+            gettext \
+            git \
+            grep \
+            iproute2 \
+            iptables \
+            kmod \
+            libc-dev-bin \
+            libxml2-utils \
+            locales \
+            lvm2 \
+            make \
+            meson \
+            nfs-common \
+            ninja-build \
+            numad \
+            open-iscsi \
+            perl-base \
+            pkgconf \
+            policykit-1 \
+            python3 \
+            python3-docutils \
+            qemu-utils \
+            scrub \
+            sed \
+            xsltproc
+    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen
+    dpkg-reconfigure locales
+    export DEBIAN_FRONTEND=noninteractive
+    dpkg --add-architecture mips64el
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y dpkg-dev
+    apt-get install --no-install-recommends -y \
+            gcc-mips64el-linux-gnuabi64 \
+            libacl1-dev:mips64el \
+            libapparmor-dev:mips64el \
+            libattr1-dev:mips64el \
+            libaudit-dev:mips64el \
+            libblkid-dev:mips64el \
+            libc6-dev:mips64el \
+            libcap-ng-dev:mips64el \
+            libcurl4-gnutls-dev:mips64el \
+            libdevmapper-dev:mips64el \
+            libfuse-dev:mips64el \
+            libglib2.0-dev:mips64el \
+            libglusterfs-dev:mips64el \
+            libgnutls28-dev:mips64el \
+            libiscsi-dev:mips64el \
+            libnl-3-dev:mips64el \
+            libnl-route-3-dev:mips64el \
+            libnuma-dev:mips64el \
+            libparted-dev:mips64el \
+            libpcap0.8-dev:mips64el \
+            libpciaccess-dev:mips64el \
+            librbd-dev:mips64el \
+            libreadline-dev:mips64el \
+            libsanlock-dev:mips64el \
+            libsasl2-dev:mips64el \
+            libselinux1-dev:mips64el \
+            libssh-gcrypt-dev:mips64el \
+            libssh2-1-dev:mips64el \
+            libtirpc-dev:mips64el \
+            libudev-dev:mips64el \
+            libxml2-dev:mips64el \
+            libyajl-dev:mips64el \
+            systemtap-sdt-dev:mips64el
+    mkdir -p /usr/local/share/meson/cross
+    echo "[binaries]\n\
+c = '/usr/bin/mips64el-linux-gnuabi64-gcc'\n\
+ar = '/usr/bin/mips64el-linux-gnuabi64-gcc-ar'\n\
+strip = '/usr/bin/mips64el-linux-gnuabi64-strip'\n\
+pkgconfig = '/usr/bin/mips64el-linux-gnuabi64-pkg-config'\n\
+\n\
+[host_machine]\n\
+system = 'linux'\n\
+cpu_family = 'mips64'\n\
+cpu = 'mips64el'\n\
+endian = 'little'" > /usr/local/share/meson/cross/mips64el-linux-gnuabi64
+    dpkg-query --showformat '${Package}_${Version}_${Architecture}\n' --show > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/mips64el-linux-gnuabi64-cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/mips64el-linux-gnuabi64-gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
+
+export ABI="mips64el-linux-gnuabi64"
+export MESON_OPTS="--cross-file=mips64el-linux-gnuabi64"
--- a/ci/buildenv/debian-11-cross-mipsel.sh
+++ b/ci/buildenv/debian-11-cross-mipsel.sh
@ -0,0 +1,114 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    export DEBIAN_FRONTEND=noninteractive
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y \
+            augeas-lenses \
+            augeas-tools \
+            bash-completion \
+            ca-certificates \
+            ccache \
+            codespell \
+            cpp \
+            diffutils \
+            dwarves \
+            ebtables \
+            flake8 \
+            gettext \
+            git \
+            grep \
+            iproute2 \
+            iptables \
+            kmod \
+            libc-dev-bin \
+            libxml2-utils \
+            locales \
+            lvm2 \
+            make \
+            meson \
+            nfs-common \
+            ninja-build \
+            numad \
+            open-iscsi \
+            perl-base \
+            pkgconf \
+            policykit-1 \
+            python3 \
+            python3-docutils \
+            qemu-utils \
+            scrub \
+            sed \
+            xsltproc
+    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen
+    dpkg-reconfigure locales
+    export DEBIAN_FRONTEND=noninteractive
+    dpkg --add-architecture mipsel
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y dpkg-dev
+    apt-get install --no-install-recommends -y \
+            gcc-mipsel-linux-gnu \
+            libacl1-dev:mipsel \
+            libapparmor-dev:mipsel \
+            libattr1-dev:mipsel \
+            libaudit-dev:mipsel \
+            libblkid-dev:mipsel \
+            libc6-dev:mipsel \
+            libcap-ng-dev:mipsel \
+            libcurl4-gnutls-dev:mipsel \
+            libdevmapper-dev:mipsel \
+            libfuse-dev:mipsel \
+            libglib2.0-dev:mipsel \
+            libglusterfs-dev:mipsel \
+            libgnutls28-dev:mipsel \
+            libiscsi-dev:mipsel \
+            libnl-3-dev:mipsel \
+            libnl-route-3-dev:mipsel \
+            libnuma-dev:mipsel \
+            libparted-dev:mipsel \
+            libpcap0.8-dev:mipsel \
+            libpciaccess-dev:mipsel \
+            librbd-dev:mipsel \
+            libreadline-dev:mipsel \
+            libsanlock-dev:mipsel \
+            libsasl2-dev:mipsel \
+            libselinux1-dev:mipsel \
+            libssh-gcrypt-dev:mipsel \
+            libssh2-1-dev:mipsel \
+            libtirpc-dev:mipsel \
+            libudev-dev:mipsel \
+            libxml2-dev:mipsel \
+            libyajl-dev:mipsel \
+            systemtap-sdt-dev:mipsel
+    mkdir -p /usr/local/share/meson/cross
+    echo "[binaries]\n\
+c = '/usr/bin/mipsel-linux-gnu-gcc'\n\
+ar = '/usr/bin/mipsel-linux-gnu-gcc-ar'\n\
+strip = '/usr/bin/mipsel-linux-gnu-strip'\n\
+pkgconfig = '/usr/bin/mipsel-linux-gnu-pkg-config'\n\
+\n\
+[host_machine]\n\
+system = 'linux'\n\
+cpu_family = 'mips'\n\
+cpu = 'mipsel'\n\
+endian = 'little'" > /usr/local/share/meson/cross/mipsel-linux-gnu
+    dpkg-query --showformat '${Package}_${Version}_${Architecture}\n' --show > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/mipsel-linux-gnu-cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/mipsel-linux-gnu-gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
+
+export ABI="mipsel-linux-gnu"
+export MESON_OPTS="--cross-file=mipsel-linux-gnu"
--- a/ci/buildenv/debian-11-cross-ppc64le.sh
+++ b/ci/buildenv/debian-11-cross-ppc64le.sh
@ -0,0 +1,114 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    export DEBIAN_FRONTEND=noninteractive
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y \
+            augeas-lenses \
+            augeas-tools \
+            bash-completion \
+            ca-certificates \
+            ccache \
+            codespell \
+            cpp \
+            diffutils \
+            dwarves \
+            ebtables \
+            flake8 \
+            gettext \
+            git \
+            grep \
+            iproute2 \
+            iptables \
+            kmod \
+            libc-dev-bin \
+            libxml2-utils \
+            locales \
+            lvm2 \
+            make \
+            meson \
+            nfs-common \
+            ninja-build \
+            numad \
+            open-iscsi \
+            perl-base \
+            pkgconf \
+            policykit-1 \
+            python3 \
+            python3-docutils \
+            qemu-utils \
+            scrub \
+            sed \
+            xsltproc
+    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen
+    dpkg-reconfigure locales
+    export DEBIAN_FRONTEND=noninteractive
+    dpkg --add-architecture ppc64el
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y dpkg-dev
+    apt-get install --no-install-recommends -y \
+            gcc-powerpc64le-linux-gnu \
+            libacl1-dev:ppc64el \
+            libapparmor-dev:ppc64el \
+            libattr1-dev:ppc64el \
+            libaudit-dev:ppc64el \
+            libblkid-dev:ppc64el \
+            libc6-dev:ppc64el \
+            libcap-ng-dev:ppc64el \
+            libcurl4-gnutls-dev:ppc64el \
+            libdevmapper-dev:ppc64el \
+            libfuse-dev:ppc64el \
+            libglib2.0-dev:ppc64el \
+            libglusterfs-dev:ppc64el \
+            libgnutls28-dev:ppc64el \
+            libiscsi-dev:ppc64el \
+            libnl-3-dev:ppc64el \
+            libnl-route-3-dev:ppc64el \
+            libnuma-dev:ppc64el \
+            libparted-dev:ppc64el \
+            libpcap0.8-dev:ppc64el \
+            libpciaccess-dev:ppc64el \
+            librbd-dev:ppc64el \
+            libreadline-dev:ppc64el \
+            libsanlock-dev:ppc64el \
+            libsasl2-dev:ppc64el \
+            libselinux1-dev:ppc64el \
+            libssh-gcrypt-dev:ppc64el \
+            libssh2-1-dev:ppc64el \
+            libtirpc-dev:ppc64el \
+            libudev-dev:ppc64el \
+            libxml2-dev:ppc64el \
+            libyajl-dev:ppc64el \
+            systemtap-sdt-dev:ppc64el
+    mkdir -p /usr/local/share/meson/cross
+    echo "[binaries]\n\
+c = '/usr/bin/powerpc64le-linux-gnu-gcc'\n\
+ar = '/usr/bin/powerpc64le-linux-gnu-gcc-ar'\n\
+strip = '/usr/bin/powerpc64le-linux-gnu-strip'\n\
+pkgconfig = '/usr/bin/powerpc64le-linux-gnu-pkg-config'\n\
+\n\
+[host_machine]\n\
+system = 'linux'\n\
+cpu_family = 'ppc64'\n\
+cpu = 'powerpc64le'\n\
+endian = 'little'" > /usr/local/share/meson/cross/powerpc64le-linux-gnu
+    dpkg-query --showformat '${Package}_${Version}_${Architecture}\n' --show > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/powerpc64le-linux-gnu-cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/powerpc64le-linux-gnu-gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
+
+export ABI="powerpc64le-linux-gnu"
+export MESON_OPTS="--cross-file=powerpc64le-linux-gnu"
--- a/ci/buildenv/debian-11-cross-s390x.sh
+++ b/ci/buildenv/debian-11-cross-s390x.sh
@ -0,0 +1,114 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    export DEBIAN_FRONTEND=noninteractive
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y \
+            augeas-lenses \
+            augeas-tools \
+            bash-completion \
+            ca-certificates \
+            ccache \
+            codespell \
+            cpp \
+            diffutils \
+            dwarves \
+            ebtables \
+            flake8 \
+            gettext \
+            git \
+            grep \
+            iproute2 \
+            iptables \
+            kmod \
+            libc-dev-bin \
+            libxml2-utils \
+            locales \
+            lvm2 \
+            make \
+            meson \
+            nfs-common \
+            ninja-build \
+            numad \
+            open-iscsi \
+            perl-base \
+            pkgconf \
+            policykit-1 \
+            python3 \
+            python3-docutils \
+            qemu-utils \
+            scrub \
+            sed \
+            xsltproc
+    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen
+    dpkg-reconfigure locales
+    export DEBIAN_FRONTEND=noninteractive
+    dpkg --add-architecture s390x
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y dpkg-dev
+    apt-get install --no-install-recommends -y \
+            gcc-s390x-linux-gnu \
+            libacl1-dev:s390x \
+            libapparmor-dev:s390x \
+            libattr1-dev:s390x \
+            libaudit-dev:s390x \
+            libblkid-dev:s390x \
+            libc6-dev:s390x \
+            libcap-ng-dev:s390x \
+            libcurl4-gnutls-dev:s390x \
+            libdevmapper-dev:s390x \
+            libfuse-dev:s390x \
+            libglib2.0-dev:s390x \
+            libglusterfs-dev:s390x \
+            libgnutls28-dev:s390x \
+            libiscsi-dev:s390x \
+            libnl-3-dev:s390x \
+            libnl-route-3-dev:s390x \
+            libnuma-dev:s390x \
+            libparted-dev:s390x \
+            libpcap0.8-dev:s390x \
+            libpciaccess-dev:s390x \
+            librbd-dev:s390x \
+            libreadline-dev:s390x \
+            libsanlock-dev:s390x \
+            libsasl2-dev:s390x \
+            libselinux1-dev:s390x \
+            libssh-gcrypt-dev:s390x \
+            libssh2-1-dev:s390x \
+            libtirpc-dev:s390x \
+            libudev-dev:s390x \
+            libxml2-dev:s390x \
+            libyajl-dev:s390x \
+            systemtap-sdt-dev:s390x
+    mkdir -p /usr/local/share/meson/cross
+    echo "[binaries]\n\
+c = '/usr/bin/s390x-linux-gnu-gcc'\n\
+ar = '/usr/bin/s390x-linux-gnu-gcc-ar'\n\
+strip = '/usr/bin/s390x-linux-gnu-strip'\n\
+pkgconfig = '/usr/bin/s390x-linux-gnu-pkg-config'\n\
+\n\
+[host_machine]\n\
+system = 'linux'\n\
+cpu_family = 's390x'\n\
+cpu = 's390x'\n\
+endian = 'big'" > /usr/local/share/meson/cross/s390x-linux-gnu
+    dpkg-query --showformat '${Package}_${Version}_${Architecture}\n' --show > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/s390x-linux-gnu-cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/s390x-linux-gnu-gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
+
+export ABI="s390x-linux-gnu"
+export MESON_OPTS="--cross-file=s390x-linux-gnu"
--- a/ci/buildenv/debian-11.sh
+++ b/ci/buildenv/debian-11.sh
@ -0,0 +1,98 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    export DEBIAN_FRONTEND=noninteractive
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y \
+            augeas-lenses \
+            augeas-tools \
+            bash-completion \
+            ca-certificates \
+            ccache \
+            clang \
+            codespell \
+            cpp \
+            diffutils \
+            dwarves \
+            ebtables \
+            flake8 \
+            gcc \
+            gettext \
+            git \
+            grep \
+            iproute2 \
+            iptables \
+            kmod \
+            libacl1-dev \
+            libapparmor-dev \
+            libattr1-dev \
+            libaudit-dev \
+            libblkid-dev \
+            libc-dev-bin \
+            libc6-dev \
+            libcap-ng-dev \
+            libcurl4-gnutls-dev \
+            libdevmapper-dev \
+            libfuse-dev \
+            libglib2.0-dev \
+            libglusterfs-dev \
+            libgnutls28-dev \
+            libiscsi-dev \
+            libnetcf-dev \
+            libnl-3-dev \
+            libnl-route-3-dev \
+            libnuma-dev \
+            libparted-dev \
+            libpcap0.8-dev \
+            libpciaccess-dev \
+            librbd-dev \
+            libreadline-dev \
+            libsanlock-dev \
+            libsasl2-dev \
+            libselinux1-dev \
+            libssh-gcrypt-dev \
+            libssh2-1-dev \
+            libtirpc-dev \
+            libudev-dev \
+            libxen-dev \
+            libxml2-dev \
+            libxml2-utils \
+            libyajl-dev \
+            locales \
+            lvm2 \
+            make \
+            meson \
+            nfs-common \
+            ninja-build \
+            numad \
+            open-iscsi \
+            perl-base \
+            pkgconf \
+            policykit-1 \
+            python3 \
+            python3-docutils \
+            qemu-utils \
+            scrub \
+            sed \
+            systemtap-sdt-dev \
+            wireshark-dev \
+            xsltproc
+    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen
+    dpkg-reconfigure locales
+    dpkg-query --showformat '${Package}_${Version}_${Architecture}\n' --show > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
--- a/ci/buildenv/debian-sid-cross-aarch64.sh
+++ b/ci/buildenv/debian-sid-cross-aarch64.sh
@ -0,0 +1,115 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    export DEBIAN_FRONTEND=noninteractive
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y \
+            augeas-lenses \
+            augeas-tools \
+            bash-completion \
+            ca-certificates \
+            ccache \
+            codespell \
+            cpp \
+            diffutils \
+            dwarves \
+            ebtables \
+            flake8 \
+            gettext \
+            git \
+            grep \
+            iproute2 \
+            iptables \
+            kmod \
+            libc-dev-bin \
+            libxml2-utils \
+            locales \
+            lvm2 \
+            make \
+            meson \
+            nfs-common \
+            ninja-build \
+            numad \
+            open-iscsi \
+            perl-base \
+            pkgconf \
+            policykit-1 \
+            python3 \
+            python3-docutils \
+            qemu-utils \
+            scrub \
+            sed \
+            xsltproc
+    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen
+    dpkg-reconfigure locales
+    export DEBIAN_FRONTEND=noninteractive
+    dpkg --add-architecture arm64
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y dpkg-dev
+    apt-get install --no-install-recommends -y \
+            gcc-aarch64-linux-gnu \
+            libacl1-dev:arm64 \
+            libapparmor-dev:arm64 \
+            libattr1-dev:arm64 \
+            libaudit-dev:arm64 \
+            libblkid-dev:arm64 \
+            libc6-dev:arm64 \
+            libcap-ng-dev:arm64 \
+            libcurl4-gnutls-dev:arm64 \
+            libdevmapper-dev:arm64 \
+            libfuse-dev:arm64 \
+            libglib2.0-dev:arm64 \
+            libglusterfs-dev:arm64 \
+            libgnutls28-dev:arm64 \
+            libiscsi-dev:arm64 \
+            libnl-3-dev:arm64 \
+            libnl-route-3-dev:arm64 \
+            libnuma-dev:arm64 \
+            libparted-dev:arm64 \
+            libpcap0.8-dev:arm64 \
+            libpciaccess-dev:arm64 \
+            librbd-dev:arm64 \
+            libreadline-dev:arm64 \
+            libsanlock-dev:arm64 \
+            libsasl2-dev:arm64 \
+            libselinux1-dev:arm64 \
+            libssh-gcrypt-dev:arm64 \
+            libssh2-1-dev:arm64 \
+            libtirpc-dev:arm64 \
+            libudev-dev:arm64 \
+            libxen-dev:arm64 \
+            libxml2-dev:arm64 \
+            libyajl-dev:arm64 \
+            systemtap-sdt-dev:arm64
+    mkdir -p /usr/local/share/meson/cross
+    echo "[binaries]\n\
+c = '/usr/bin/aarch64-linux-gnu-gcc'\n\
+ar = '/usr/bin/aarch64-linux-gnu-gcc-ar'\n\
+strip = '/usr/bin/aarch64-linux-gnu-strip'\n\
+pkgconfig = '/usr/bin/aarch64-linux-gnu-pkg-config'\n\
+\n\
+[host_machine]\n\
+system = 'linux'\n\
+cpu_family = 'aarch64'\n\
+cpu = 'aarch64'\n\
+endian = 'little'" > /usr/local/share/meson/cross/aarch64-linux-gnu
+    dpkg-query --showformat '${Package}_${Version}_${Architecture}\n' --show > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/aarch64-linux-gnu-cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/aarch64-linux-gnu-gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
+
+export ABI="aarch64-linux-gnu"
+export MESON_OPTS="--cross-file=aarch64-linux-gnu"
--- a/ci/buildenv/debian-sid-cross-armv6l.sh
+++ b/ci/buildenv/debian-sid-cross-armv6l.sh
@ -0,0 +1,114 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    export DEBIAN_FRONTEND=noninteractive
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y \
+            augeas-lenses \
+            augeas-tools \
+            bash-completion \
+            ca-certificates \
+            ccache \
+            codespell \
+            cpp \
+            diffutils \
+            dwarves \
+            ebtables \
+            flake8 \
+            gettext \
+            git \
+            grep \
+            iproute2 \
+            iptables \
+            kmod \
+            libc-dev-bin \
+            libxml2-utils \
+            locales \
+            lvm2 \
+            make \
+            meson \
+            nfs-common \
+            ninja-build \
+            numad \
+            open-iscsi \
+            perl-base \
+            pkgconf \
+            policykit-1 \
+            python3 \
+            python3-docutils \
+            qemu-utils \
+            scrub \
+            sed \
+            xsltproc
+    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen
+    dpkg-reconfigure locales
+    export DEBIAN_FRONTEND=noninteractive
+    dpkg --add-architecture armel
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y dpkg-dev
+    apt-get install --no-install-recommends -y \
+            gcc-arm-linux-gnueabi \
+            libacl1-dev:armel \
+            libapparmor-dev:armel \
+            libattr1-dev:armel \
+            libaudit-dev:armel \
+            libblkid-dev:armel \
+            libc6-dev:armel \
+            libcap-ng-dev:armel \
+            libcurl4-gnutls-dev:armel \
+            libdevmapper-dev:armel \
+            libfuse-dev:armel \
+            libglib2.0-dev:armel \
+            libglusterfs-dev:armel \
+            libgnutls28-dev:armel \
+            libiscsi-dev:armel \
+            libnl-3-dev:armel \
+            libnl-route-3-dev:armel \
+            libnuma-dev:armel \
+            libparted-dev:armel \
+            libpcap0.8-dev:armel \
+            libpciaccess-dev:armel \
+            librbd-dev:armel \
+            libreadline-dev:armel \
+            libsanlock-dev:armel \
+            libsasl2-dev:armel \
+            libselinux1-dev:armel \
+            libssh-gcrypt-dev:armel \
+            libssh2-1-dev:armel \
+            libtirpc-dev:armel \
+            libudev-dev:armel \
+            libxml2-dev:armel \
+            libyajl-dev:armel \
+            systemtap-sdt-dev:armel
+    mkdir -p /usr/local/share/meson/cross
+    echo "[binaries]\n\
+c = '/usr/bin/arm-linux-gnueabi-gcc'\n\
+ar = '/usr/bin/arm-linux-gnueabi-gcc-ar'\n\
+strip = '/usr/bin/arm-linux-gnueabi-strip'\n\
+pkgconfig = '/usr/bin/arm-linux-gnueabi-pkg-config'\n\
+\n\
+[host_machine]\n\
+system = 'linux'\n\
+cpu_family = 'arm'\n\
+cpu = 'arm'\n\
+endian = 'little'" > /usr/local/share/meson/cross/arm-linux-gnueabi
+    dpkg-query --showformat '${Package}_${Version}_${Architecture}\n' --show > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/arm-linux-gnueabi-cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/arm-linux-gnueabi-gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
+
+export ABI="arm-linux-gnueabi"
+export MESON_OPTS="--cross-file=arm-linux-gnueabi"
--- a/ci/buildenv/debian-sid-cross-armv7l.sh
+++ b/ci/buildenv/debian-sid-cross-armv7l.sh
@ -0,0 +1,115 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    export DEBIAN_FRONTEND=noninteractive
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y \
+            augeas-lenses \
+            augeas-tools \
+            bash-completion \
+            ca-certificates \
+            ccache \
+            codespell \
+            cpp \
+            diffutils \
+            dwarves \
+            ebtables \
+            flake8 \
+            gettext \
+            git \
+            grep \
+            iproute2 \
+            iptables \
+            kmod \
+            libc-dev-bin \
+            libxml2-utils \
+            locales \
+            lvm2 \
+            make \
+            meson \
+            nfs-common \
+            ninja-build \
+            numad \
+            open-iscsi \
+            perl-base \
+            pkgconf \
+            policykit-1 \
+            python3 \
+            python3-docutils \
+            qemu-utils \
+            scrub \
+            sed \
+            xsltproc
+    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen
+    dpkg-reconfigure locales
+    export DEBIAN_FRONTEND=noninteractive
+    dpkg --add-architecture armhf
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y dpkg-dev
+    apt-get install --no-install-recommends -y \
+            gcc-arm-linux-gnueabihf \
+            libacl1-dev:armhf \
+            libapparmor-dev:armhf \
+            libattr1-dev:armhf \
+            libaudit-dev:armhf \
+            libblkid-dev:armhf \
+            libc6-dev:armhf \
+            libcap-ng-dev:armhf \
+            libcurl4-gnutls-dev:armhf \
+            libdevmapper-dev:armhf \
+            libfuse-dev:armhf \
+            libglib2.0-dev:armhf \
+            libglusterfs-dev:armhf \
+            libgnutls28-dev:armhf \
+            libiscsi-dev:armhf \
+            libnl-3-dev:armhf \
+            libnl-route-3-dev:armhf \
+            libnuma-dev:armhf \
+            libparted-dev:armhf \
+            libpcap0.8-dev:armhf \
+            libpciaccess-dev:armhf \
+            librbd-dev:armhf \
+            libreadline-dev:armhf \
+            libsanlock-dev:armhf \
+            libsasl2-dev:armhf \
+            libselinux1-dev:armhf \
+            libssh-gcrypt-dev:armhf \
+            libssh2-1-dev:armhf \
+            libtirpc-dev:armhf \
+            libudev-dev:armhf \
+            libxen-dev:armhf \
+            libxml2-dev:armhf \
+            libyajl-dev:armhf \
+            systemtap-sdt-dev:armhf
+    mkdir -p /usr/local/share/meson/cross
+    echo "[binaries]\n\
+c = '/usr/bin/arm-linux-gnueabihf-gcc'\n\
+ar = '/usr/bin/arm-linux-gnueabihf-gcc-ar'\n\
+strip = '/usr/bin/arm-linux-gnueabihf-strip'\n\
+pkgconfig = '/usr/bin/arm-linux-gnueabihf-pkg-config'\n\
+\n\
+[host_machine]\n\
+system = 'linux'\n\
+cpu_family = 'arm'\n\
+cpu = 'armhf'\n\
+endian = 'little'" > /usr/local/share/meson/cross/arm-linux-gnueabihf
+    dpkg-query --showformat '${Package}_${Version}_${Architecture}\n' --show > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/arm-linux-gnueabihf-cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/arm-linux-gnueabihf-gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
+
+export ABI="arm-linux-gnueabihf"
+export MESON_OPTS="--cross-file=arm-linux-gnueabihf"
--- a/ci/buildenv/debian-sid-cross-i686.sh
+++ b/ci/buildenv/debian-sid-cross-i686.sh
@ -0,0 +1,114 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    export DEBIAN_FRONTEND=noninteractive
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y \
+            augeas-lenses \
+            augeas-tools \
+            bash-completion \
+            ca-certificates \
+            ccache \
+            codespell \
+            cpp \
+            diffutils \
+            dwarves \
+            ebtables \
+            flake8 \
+            gettext \
+            git \
+            grep \
+            iproute2 \
+            iptables \
+            kmod \
+            libc-dev-bin \
+            libxml2-utils \
+            locales \
+            lvm2 \
+            make \
+            meson \
+            nfs-common \
+            ninja-build \
+            numad \
+            open-iscsi \
+            perl-base \
+            pkgconf \
+            policykit-1 \
+            python3 \
+            python3-docutils \
+            qemu-utils \
+            scrub \
+            sed \
+            xsltproc
+    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen
+    dpkg-reconfigure locales
+    export DEBIAN_FRONTEND=noninteractive
+    dpkg --add-architecture i386
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y dpkg-dev
+    apt-get install --no-install-recommends -y \
+            gcc-i686-linux-gnu \
+            libacl1-dev:i386 \
+            libapparmor-dev:i386 \
+            libattr1-dev:i386 \
+            libaudit-dev:i386 \
+            libblkid-dev:i386 \
+            libc6-dev:i386 \
+            libcap-ng-dev:i386 \
+            libcurl4-gnutls-dev:i386 \
+            libdevmapper-dev:i386 \
+            libfuse-dev:i386 \
+            libglib2.0-dev:i386 \
+            libglusterfs-dev:i386 \
+            libgnutls28-dev:i386 \
+            libiscsi-dev:i386 \
+            libnl-3-dev:i386 \
+            libnl-route-3-dev:i386 \
+            libnuma-dev:i386 \
+            libparted-dev:i386 \
+            libpcap0.8-dev:i386 \
+            libpciaccess-dev:i386 \
+            librbd-dev:i386 \
+            libreadline-dev:i386 \
+            libsanlock-dev:i386 \
+            libsasl2-dev:i386 \
+            libselinux1-dev:i386 \
+            libssh-gcrypt-dev:i386 \
+            libssh2-1-dev:i386 \
+            libtirpc-dev:i386 \
+            libudev-dev:i386 \
+            libxml2-dev:i386 \
+            libyajl-dev:i386 \
+            systemtap-sdt-dev:i386
+    mkdir -p /usr/local/share/meson/cross
+    echo "[binaries]\n\
+c = '/usr/bin/i686-linux-gnu-gcc'\n\
+ar = '/usr/bin/i686-linux-gnu-gcc-ar'\n\
+strip = '/usr/bin/i686-linux-gnu-strip'\n\
+pkgconfig = '/usr/bin/i686-linux-gnu-pkg-config'\n\
+\n\
+[host_machine]\n\
+system = 'linux'\n\
+cpu_family = 'x86'\n\
+cpu = 'i686'\n\
+endian = 'little'" > /usr/local/share/meson/cross/i686-linux-gnu
+    dpkg-query --showformat '${Package}_${Version}_${Architecture}\n' --show > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/i686-linux-gnu-cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/i686-linux-gnu-gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
+
+export ABI="i686-linux-gnu"
+export MESON_OPTS="--cross-file=i686-linux-gnu"
--- a/ci/buildenv/debian-sid-cross-mips64el.sh
+++ b/ci/buildenv/debian-sid-cross-mips64el.sh
@ -0,0 +1,114 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    export DEBIAN_FRONTEND=noninteractive
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y \
+            augeas-lenses \
+            augeas-tools \
+            bash-completion \
+            ca-certificates \
+            ccache \
+            codespell \
+            cpp \
+            diffutils \
+            dwarves \
+            ebtables \
+            flake8 \
+            gettext \
+            git \
+            grep \
+            iproute2 \
+            iptables \
+            kmod \
+            libc-dev-bin \
+            libxml2-utils \
+            locales \
+            lvm2 \
+            make \
+            meson \
+            nfs-common \
+            ninja-build \
+            numad \
+            open-iscsi \
+            perl-base \
+            pkgconf \
+            policykit-1 \
+            python3 \
+            python3-docutils \
+            qemu-utils \
+            scrub \
+            sed \
+            xsltproc
+    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen
+    dpkg-reconfigure locales
+    export DEBIAN_FRONTEND=noninteractive
+    dpkg --add-architecture mips64el
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y dpkg-dev
+    apt-get install --no-install-recommends -y \
+            gcc-mips64el-linux-gnuabi64 \
+            libacl1-dev:mips64el \
+            libapparmor-dev:mips64el \
+            libattr1-dev:mips64el \
+            libaudit-dev:mips64el \
+            libblkid-dev:mips64el \
+            libc6-dev:mips64el \
+            libcap-ng-dev:mips64el \
+            libcurl4-gnutls-dev:mips64el \
+            libdevmapper-dev:mips64el \
+            libfuse-dev:mips64el \
+            libglib2.0-dev:mips64el \
+            libglusterfs-dev:mips64el \
+            libgnutls28-dev:mips64el \
+            libiscsi-dev:mips64el \
+            libnl-3-dev:mips64el \
+            libnl-route-3-dev:mips64el \
+            libnuma-dev:mips64el \
+            libparted-dev:mips64el \
+            libpcap0.8-dev:mips64el \
+            libpciaccess-dev:mips64el \
+            librbd-dev:mips64el \
+            libreadline-dev:mips64el \
+            libsanlock-dev:mips64el \
+            libsasl2-dev:mips64el \
+            libselinux1-dev:mips64el \
+            libssh-gcrypt-dev:mips64el \
+            libssh2-1-dev:mips64el \
+            libtirpc-dev:mips64el \
+            libudev-dev:mips64el \
+            libxml2-dev:mips64el \
+            libyajl-dev:mips64el \
+            systemtap-sdt-dev:mips64el
+    mkdir -p /usr/local/share/meson/cross
+    echo "[binaries]\n\
+c = '/usr/bin/mips64el-linux-gnuabi64-gcc'\n\
+ar = '/usr/bin/mips64el-linux-gnuabi64-gcc-ar'\n\
+strip = '/usr/bin/mips64el-linux-gnuabi64-strip'\n\
+pkgconfig = '/usr/bin/mips64el-linux-gnuabi64-pkg-config'\n\
+\n\
+[host_machine]\n\
+system = 'linux'\n\
+cpu_family = 'mips64'\n\
+cpu = 'mips64el'\n\
+endian = 'little'" > /usr/local/share/meson/cross/mips64el-linux-gnuabi64
+    dpkg-query --showformat '${Package}_${Version}_${Architecture}\n' --show > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/mips64el-linux-gnuabi64-cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/mips64el-linux-gnuabi64-gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
+
+export ABI="mips64el-linux-gnuabi64"
+export MESON_OPTS="--cross-file=mips64el-linux-gnuabi64"
--- a/ci/buildenv/debian-sid-cross-mipsel.sh
+++ b/ci/buildenv/debian-sid-cross-mipsel.sh
@ -0,0 +1,114 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    export DEBIAN_FRONTEND=noninteractive
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y \
+            augeas-lenses \
+            augeas-tools \
+            bash-completion \
+            ca-certificates \
+            ccache \
+            codespell \
+            cpp \
+            diffutils \
+            dwarves \
+            ebtables \
+            flake8 \
+            gettext \
+            git \
+            grep \
+            iproute2 \
+            iptables \
+            kmod \
+            libc-dev-bin \
+            libxml2-utils \
+            locales \
+            lvm2 \
+            make \
+            meson \
+            nfs-common \
+            ninja-build \
+            numad \
+            open-iscsi \
+            perl-base \
+            pkgconf \
+            policykit-1 \
+            python3 \
+            python3-docutils \
+            qemu-utils \
+            scrub \
+            sed \
+            xsltproc
+    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen
+    dpkg-reconfigure locales
+    export DEBIAN_FRONTEND=noninteractive
+    dpkg --add-architecture mipsel
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y dpkg-dev
+    apt-get install --no-install-recommends -y \
+            gcc-mipsel-linux-gnu \
+            libacl1-dev:mipsel \
+            libapparmor-dev:mipsel \
+            libattr1-dev:mipsel \
+            libaudit-dev:mipsel \
+            libblkid-dev:mipsel \
+            libc6-dev:mipsel \
+            libcap-ng-dev:mipsel \
+            libcurl4-gnutls-dev:mipsel \
+            libdevmapper-dev:mipsel \
+            libfuse-dev:mipsel \
+            libglib2.0-dev:mipsel \
+            libglusterfs-dev:mipsel \
+            libgnutls28-dev:mipsel \
+            libiscsi-dev:mipsel \
+            libnl-3-dev:mipsel \
+            libnl-route-3-dev:mipsel \
+            libnuma-dev:mipsel \
+            libparted-dev:mipsel \
+            libpcap0.8-dev:mipsel \
+            libpciaccess-dev:mipsel \
+            librbd-dev:mipsel \
+            libreadline-dev:mipsel \
+            libsanlock-dev:mipsel \
+            libsasl2-dev:mipsel \
+            libselinux1-dev:mipsel \
+            libssh-gcrypt-dev:mipsel \
+            libssh2-1-dev:mipsel \
+            libtirpc-dev:mipsel \
+            libudev-dev:mipsel \
+            libxml2-dev:mipsel \
+            libyajl-dev:mipsel \
+            systemtap-sdt-dev:mipsel
+    mkdir -p /usr/local/share/meson/cross
+    echo "[binaries]\n\
+c = '/usr/bin/mipsel-linux-gnu-gcc'\n\
+ar = '/usr/bin/mipsel-linux-gnu-gcc-ar'\n\
+strip = '/usr/bin/mipsel-linux-gnu-strip'\n\
+pkgconfig = '/usr/bin/mipsel-linux-gnu-pkg-config'\n\
+\n\
+[host_machine]\n\
+system = 'linux'\n\
+cpu_family = 'mips'\n\
+cpu = 'mipsel'\n\
+endian = 'little'" > /usr/local/share/meson/cross/mipsel-linux-gnu
+    dpkg-query --showformat '${Package}_${Version}_${Architecture}\n' --show > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/mipsel-linux-gnu-cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/mipsel-linux-gnu-gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
+
+export ABI="mipsel-linux-gnu"
+export MESON_OPTS="--cross-file=mipsel-linux-gnu"
--- a/ci/buildenv/debian-sid-cross-ppc64le.sh
+++ b/ci/buildenv/debian-sid-cross-ppc64le.sh
@ -0,0 +1,114 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    export DEBIAN_FRONTEND=noninteractive
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y \
+            augeas-lenses \
+            augeas-tools \
+            bash-completion \
+            ca-certificates \
+            ccache \
+            codespell \
+            cpp \
+            diffutils \
+            dwarves \
+            ebtables \
+            flake8 \
+            gettext \
+            git \
+            grep \
+            iproute2 \
+            iptables \
+            kmod \
+            libc-dev-bin \
+            libxml2-utils \
+            locales \
+            lvm2 \
+            make \
+            meson \
+            nfs-common \
+            ninja-build \
+            numad \
+            open-iscsi \
+            perl-base \
+            pkgconf \
+            policykit-1 \
+            python3 \
+            python3-docutils \
+            qemu-utils \
+            scrub \
+            sed \
+            xsltproc
+    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen
+    dpkg-reconfigure locales
+    export DEBIAN_FRONTEND=noninteractive
+    dpkg --add-architecture ppc64el
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y dpkg-dev
+    apt-get install --no-install-recommends -y \
+            gcc-powerpc64le-linux-gnu \
+            libacl1-dev:ppc64el \
+            libapparmor-dev:ppc64el \
+            libattr1-dev:ppc64el \
+            libaudit-dev:ppc64el \
+            libblkid-dev:ppc64el \
+            libc6-dev:ppc64el \
+            libcap-ng-dev:ppc64el \
+            libcurl4-gnutls-dev:ppc64el \
+            libdevmapper-dev:ppc64el \
+            libfuse-dev:ppc64el \
+            libglib2.0-dev:ppc64el \
+            libglusterfs-dev:ppc64el \
+            libgnutls28-dev:ppc64el \
+            libiscsi-dev:ppc64el \
+            libnl-3-dev:ppc64el \
+            libnl-route-3-dev:ppc64el \
+            libnuma-dev:ppc64el \
+            libparted-dev:ppc64el \
+            libpcap0.8-dev:ppc64el \
+            libpciaccess-dev:ppc64el \
+            librbd-dev:ppc64el \
+            libreadline-dev:ppc64el \
+            libsanlock-dev:ppc64el \
+            libsasl2-dev:ppc64el \
+            libselinux1-dev:ppc64el \
+            libssh-gcrypt-dev:ppc64el \
+            libssh2-1-dev:ppc64el \
+            libtirpc-dev:ppc64el \
+            libudev-dev:ppc64el \
+            libxml2-dev:ppc64el \
+            libyajl-dev:ppc64el \
+            systemtap-sdt-dev:ppc64el
+    mkdir -p /usr/local/share/meson/cross
+    echo "[binaries]\n\
+c = '/usr/bin/powerpc64le-linux-gnu-gcc'\n\
+ar = '/usr/bin/powerpc64le-linux-gnu-gcc-ar'\n\
+strip = '/usr/bin/powerpc64le-linux-gnu-strip'\n\
+pkgconfig = '/usr/bin/powerpc64le-linux-gnu-pkg-config'\n\
+\n\
+[host_machine]\n\
+system = 'linux'\n\
+cpu_family = 'ppc64'\n\
+cpu = 'powerpc64le'\n\
+endian = 'little'" > /usr/local/share/meson/cross/powerpc64le-linux-gnu
+    dpkg-query --showformat '${Package}_${Version}_${Architecture}\n' --show > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/powerpc64le-linux-gnu-cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/powerpc64le-linux-gnu-gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
+
+export ABI="powerpc64le-linux-gnu"
+export MESON_OPTS="--cross-file=powerpc64le-linux-gnu"
--- a/ci/buildenv/debian-sid-cross-s390x.sh
+++ b/ci/buildenv/debian-sid-cross-s390x.sh
@ -0,0 +1,114 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    export DEBIAN_FRONTEND=noninteractive
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y \
+            augeas-lenses \
+            augeas-tools \
+            bash-completion \
+            ca-certificates \
+            ccache \
+            codespell \
+            cpp \
+            diffutils \
+            dwarves \
+            ebtables \
+            flake8 \
+            gettext \
+            git \
+            grep \
+            iproute2 \
+            iptables \
+            kmod \
+            libc-dev-bin \
+            libxml2-utils \
+            locales \
+            lvm2 \
+            make \
+            meson \
+            nfs-common \
+            ninja-build \
+            numad \
+            open-iscsi \
+            perl-base \
+            pkgconf \
+            policykit-1 \
+            python3 \
+            python3-docutils \
+            qemu-utils \
+            scrub \
+            sed \
+            xsltproc
+    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen
+    dpkg-reconfigure locales
+    export DEBIAN_FRONTEND=noninteractive
+    dpkg --add-architecture s390x
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y dpkg-dev
+    apt-get install --no-install-recommends -y \
+            gcc-s390x-linux-gnu \
+            libacl1-dev:s390x \
+            libapparmor-dev:s390x \
+            libattr1-dev:s390x \
+            libaudit-dev:s390x \
+            libblkid-dev:s390x \
+            libc6-dev:s390x \
+            libcap-ng-dev:s390x \
+            libcurl4-gnutls-dev:s390x \
+            libdevmapper-dev:s390x \
+            libfuse-dev:s390x \
+            libglib2.0-dev:s390x \
+            libglusterfs-dev:s390x \
+            libgnutls28-dev:s390x \
+            libiscsi-dev:s390x \
+            libnl-3-dev:s390x \
+            libnl-route-3-dev:s390x \
+            libnuma-dev:s390x \
+            libparted-dev:s390x \
+            libpcap0.8-dev:s390x \
+            libpciaccess-dev:s390x \
+            librbd-dev:s390x \
+            libreadline-dev:s390x \
+            libsanlock-dev:s390x \
+            libsasl2-dev:s390x \
+            libselinux1-dev:s390x \
+            libssh-gcrypt-dev:s390x \
+            libssh2-1-dev:s390x \
+            libtirpc-dev:s390x \
+            libudev-dev:s390x \
+            libxml2-dev:s390x \
+            libyajl-dev:s390x \
+            systemtap-sdt-dev:s390x
+    mkdir -p /usr/local/share/meson/cross
+    echo "[binaries]\n\
+c = '/usr/bin/s390x-linux-gnu-gcc'\n\
+ar = '/usr/bin/s390x-linux-gnu-gcc-ar'\n\
+strip = '/usr/bin/s390x-linux-gnu-strip'\n\
+pkgconfig = '/usr/bin/s390x-linux-gnu-pkg-config'\n\
+\n\
+[host_machine]\n\
+system = 'linux'\n\
+cpu_family = 's390x'\n\
+cpu = 's390x'\n\
+endian = 'big'" > /usr/local/share/meson/cross/s390x-linux-gnu
+    dpkg-query --showformat '${Package}_${Version}_${Architecture}\n' --show > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/s390x-linux-gnu-cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/s390x-linux-gnu-gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
+
+export ABI="s390x-linux-gnu"
+export MESON_OPTS="--cross-file=s390x-linux-gnu"
--- a/ci/buildenv/debian-sid.sh
+++ b/ci/buildenv/debian-sid.sh
@ -0,0 +1,97 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    export DEBIAN_FRONTEND=noninteractive
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y \
+            augeas-lenses \
+            augeas-tools \
+            bash-completion \
+            ca-certificates \
+            ccache \
+            clang \
+            codespell \
+            cpp \
+            diffutils \
+            dwarves \
+            ebtables \
+            flake8 \
+            gcc \
+            gettext \
+            git \
+            grep \
+            iproute2 \
+            iptables \
+            kmod \
+            libacl1-dev \
+            libapparmor-dev \
+            libattr1-dev \
+            libaudit-dev \
+            libblkid-dev \
+            libc-dev-bin \
+            libc6-dev \
+            libcap-ng-dev \
+            libcurl4-gnutls-dev \
+            libdevmapper-dev \
+            libfuse-dev \
+            libglib2.0-dev \
+            libglusterfs-dev \
+            libgnutls28-dev \
+            libiscsi-dev \
+            libnl-3-dev \
+            libnl-route-3-dev \
+            libnuma-dev \
+            libparted-dev \
+            libpcap0.8-dev \
+            libpciaccess-dev \
+            librbd-dev \
+            libreadline-dev \
+            libsanlock-dev \
+            libsasl2-dev \
+            libselinux1-dev \
+            libssh-gcrypt-dev \
+            libssh2-1-dev \
+            libtirpc-dev \
+            libudev-dev \
+            libxen-dev \
+            libxml2-dev \
+            libxml2-utils \
+            libyajl-dev \
+            locales \
+            lvm2 \
+            make \
+            meson \
+            nfs-common \
+            ninja-build \
+            numad \
+            open-iscsi \
+            perl-base \
+            pkgconf \
+            policykit-1 \
+            python3 \
+            python3-docutils \
+            qemu-utils \
+            scrub \
+            sed \
+            systemtap-sdt-dev \
+            wireshark-dev \
+            xsltproc
+    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen
+    dpkg-reconfigure locales
+    dpkg-query --showformat '${Package}_${Version}_${Architecture}\n' --show > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
--- a/ci/buildenv/fedora-35.sh
+++ b/ci/buildenv/fedora-35.sh
@ -0,0 +1,97 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    dnf update -y
+    dnf install -y \
+        audit-libs-devel \
+        augeas \
+        bash-completion \
+        ca-certificates \
+        ccache \
+        clang \
+        codespell \
+        cpp \
+        cppi \
+        cyrus-sasl-devel \
+        device-mapper-devel \
+        diffutils \
+        dwarves \
+        ebtables \
+        firewalld-filesystem \
+        fuse-devel \
+        gcc \
+        gettext \
+        git \
+        glib2-devel \
+        glibc-devel \
+        glibc-langpack-en \
+        glusterfs-api-devel \
+        gnutls-devel \
+        grep \
+        iproute \
+        iproute-tc \
+        iptables \
+        iscsi-initiator-utils \
+        kmod \
+        libacl-devel \
+        libattr-devel \
+        libblkid-devel \
+        libcap-ng-devel \
+        libcurl-devel \
+        libiscsi-devel \
+        libnl3-devel \
+        libpcap-devel \
+        libpciaccess-devel \
+        librbd-devel \
+        libselinux-devel \
+        libssh-devel \
+        libssh2-devel \
+        libtirpc-devel \
+        libwsman-devel \
+        libxml2 \
+        libxml2-devel \
+        libxslt \
+        lvm2 \
+        make \
+        meson \
+        netcf-devel \
+        nfs-utils \
+        ninja-build \
+        numactl-devel \
+        numad \
+        parted-devel \
+        perl-base \
+        pkgconfig \
+        polkit \
+        python3 \
+        python3-docutils \
+        python3-flake8 \
+        qemu-img \
+        readline-devel \
+        rpcgen \
+        rpm-build \
+        sanlock-devel \
+        scrub \
+        sed \
+        systemd-devel \
+        systemd-rpm-macros \
+        systemtap-sdt-devel \
+        wireshark-devel \
+        xen-devel \
+        yajl-devel
+    rpm -qa | sort > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
--- a/ci/buildenv/fedora-36-cross-mingw32.sh
+++ b/ci/buildenv/fedora-36-cross-mingw32.sh
@ -0,0 +1,74 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    dnf update -y
+    dnf install -y \
+        augeas \
+        bash-completion \
+        ca-certificates \
+        ccache \
+        codespell \
+        cpp \
+        cppi \
+        diffutils \
+        dwarves \
+        ebtables \
+        firewalld-filesystem \
+        git \
+        glibc-langpack-en \
+        grep \
+        iproute \
+        iproute-tc \
+        iptables \
+        iscsi-initiator-utils \
+        kmod \
+        libxml2 \
+        libxslt \
+        lvm2 \
+        make \
+        meson \
+        nfs-utils \
+        ninja-build \
+        numad \
+        perl-base \
+        polkit \
+        python3 \
+        python3-docutils \
+        python3-flake8 \
+        qemu-img \
+        rpcgen \
+        rpm-build \
+        scrub \
+        sed \
+        systemd-rpm-macros
+    dnf install -y \
+        mingw32-curl \
+        mingw32-dlfcn \
+        mingw32-gcc \
+        mingw32-gettext \
+        mingw32-glib2 \
+        mingw32-gnutls \
+        mingw32-headers \
+        mingw32-libssh2 \
+        mingw32-libxml2 \
+        mingw32-pkg-config \
+        mingw32-portablexdr \
+        mingw32-readline
+    rpm -qa | sort > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/i686-w64-mingw32-cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/i686-w64-mingw32-gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
+
+export ABI="i686-w64-mingw32"
+export MESON_OPTS="--cross-file=/usr/share/mingw/toolchain-mingw32.meson"
--- a/ci/buildenv/fedora-36-cross-mingw64.sh
+++ b/ci/buildenv/fedora-36-cross-mingw64.sh
@ -0,0 +1,74 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    dnf update -y
+    dnf install -y \
+        augeas \
+        bash-completion \
+        ca-certificates \
+        ccache \
+        codespell \
+        cpp \
+        cppi \
+        diffutils \
+        dwarves \
+        ebtables \
+        firewalld-filesystem \
+        git \
+        glibc-langpack-en \
+        grep \
+        iproute \
+        iproute-tc \
+        iptables \
+        iscsi-initiator-utils \
+        kmod \
+        libxml2 \
+        libxslt \
+        lvm2 \
+        make \
+        meson \
+        nfs-utils \
+        ninja-build \
+        numad \
+        perl-base \
+        polkit \
+        python3 \
+        python3-docutils \
+        python3-flake8 \
+        qemu-img \
+        rpcgen \
+        rpm-build \
+        scrub \
+        sed \
+        systemd-rpm-macros
+    dnf install -y \
+        mingw64-curl \
+        mingw64-dlfcn \
+        mingw64-gcc \
+        mingw64-gettext \
+        mingw64-glib2 \
+        mingw64-gnutls \
+        mingw64-headers \
+        mingw64-libssh2 \
+        mingw64-libxml2 \
+        mingw64-pkg-config \
+        mingw64-portablexdr \
+        mingw64-readline
+    rpm -qa | sort > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/x86_64-w64-mingw32-cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/x86_64-w64-mingw32-gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
+
+export ABI="x86_64-w64-mingw32"
+export MESON_OPTS="--cross-file=/usr/share/mingw/toolchain-mingw64.meson"
--- a/ci/buildenv/fedora-36.sh
+++ b/ci/buildenv/fedora-36.sh
@ -0,0 +1,96 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    dnf update -y
+    dnf install -y \
+        audit-libs-devel \
+        augeas \
+        bash-completion \
+        ca-certificates \
+        ccache \
+        clang \
+        codespell \
+        cpp \
+        cppi \
+        cyrus-sasl-devel \
+        device-mapper-devel \
+        diffutils \
+        dwarves \
+        ebtables \
+        firewalld-filesystem \
+        fuse-devel \
+        gcc \
+        gettext \
+        git \
+        glib2-devel \
+        glibc-devel \
+        glibc-langpack-en \
+        glusterfs-api-devel \
+        gnutls-devel \
+        grep \
+        iproute \
+        iproute-tc \
+        iptables \
+        iscsi-initiator-utils \
+        kmod \
+        libacl-devel \
+        libattr-devel \
+        libblkid-devel \
+        libcap-ng-devel \
+        libcurl-devel \
+        libiscsi-devel \
+        libnl3-devel \
+        libpcap-devel \
+        libpciaccess-devel \
+        librbd-devel \
+        libselinux-devel \
+        libssh-devel \
+        libssh2-devel \
+        libtirpc-devel \
+        libwsman-devel \
+        libxml2 \
+        libxml2-devel \
+        libxslt \
+        lvm2 \
+        make \
+        meson \
+        nfs-utils \
+        ninja-build \
+        numactl-devel \
+        numad \
+        parted-devel \
+        perl-base \
+        pkgconfig \
+        polkit \
+        python3 \
+        python3-docutils \
+        python3-flake8 \
+        qemu-img \
+        readline-devel \
+        rpcgen \
+        rpm-build \
+        sanlock-devel \
+        scrub \
+        sed \
+        systemd-devel \
+        systemd-rpm-macros \
+        systemtap-sdt-devel \
+        wireshark-devel \
+        xen-devel \
+        yajl-devel
+    rpm -qa | sort > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
--- a/ci/buildenv/fedora-rawhide-cross-mingw32.sh
+++ b/ci/buildenv/fedora-rawhide-cross-mingw32.sh
@ -0,0 +1,75 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    dnf update -y --nogpgcheck fedora-gpg-keys
+    dnf distro-sync -y
+    dnf install -y \
+        augeas \
+        bash-completion \
+        ca-certificates \
+        ccache \
+        codespell \
+        cpp \
+        cppi \
+        diffutils \
+        dwarves \
+        ebtables \
+        firewalld-filesystem \
+        git \
+        glibc-langpack-en \
+        grep \
+        iproute \
+        iproute-tc \
+        iptables \
+        iscsi-initiator-utils \
+        kmod \
+        libxml2 \
+        libxslt \
+        lvm2 \
+        make \
+        meson \
+        nfs-utils \
+        ninja-build \
+        numad \
+        perl-base \
+        polkit \
+        python3 \
+        python3-docutils \
+        python3-flake8 \
+        qemu-img \
+        rpcgen \
+        rpm-build \
+        scrub \
+        sed \
+        systemd-rpm-macros
+    dnf install -y \
+        mingw32-curl \
+        mingw32-dlfcn \
+        mingw32-gcc \
+        mingw32-gettext \
+        mingw32-glib2 \
+        mingw32-gnutls \
+        mingw32-headers \
+        mingw32-libssh2 \
+        mingw32-libxml2 \
+        mingw32-pkg-config \
+        mingw32-portablexdr \
+        mingw32-readline
+    rpm -qa | sort > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/i686-w64-mingw32-cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/i686-w64-mingw32-gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
+
+export ABI="i686-w64-mingw32"
+export MESON_OPTS="--cross-file=/usr/share/mingw/toolchain-mingw32.meson"
--- a/ci/buildenv/fedora-rawhide-cross-mingw64.sh
+++ b/ci/buildenv/fedora-rawhide-cross-mingw64.sh
@ -0,0 +1,75 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    dnf update -y --nogpgcheck fedora-gpg-keys
+    dnf distro-sync -y
+    dnf install -y \
+        augeas \
+        bash-completion \
+        ca-certificates \
+        ccache \
+        codespell \
+        cpp \
+        cppi \
+        diffutils \
+        dwarves \
+        ebtables \
+        firewalld-filesystem \
+        git \
+        glibc-langpack-en \
+        grep \
+        iproute \
+        iproute-tc \
+        iptables \
+        iscsi-initiator-utils \
+        kmod \
+        libxml2 \
+        libxslt \
+        lvm2 \
+        make \
+        meson \
+        nfs-utils \
+        ninja-build \
+        numad \
+        perl-base \
+        polkit \
+        python3 \
+        python3-docutils \
+        python3-flake8 \
+        qemu-img \
+        rpcgen \
+        rpm-build \
+        scrub \
+        sed \
+        systemd-rpm-macros
+    dnf install -y \
+        mingw64-curl \
+        mingw64-dlfcn \
+        mingw64-gcc \
+        mingw64-gettext \
+        mingw64-glib2 \
+        mingw64-gnutls \
+        mingw64-headers \
+        mingw64-libssh2 \
+        mingw64-libxml2 \
+        mingw64-pkg-config \
+        mingw64-portablexdr \
+        mingw64-readline
+    rpm -qa | sort > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/x86_64-w64-mingw32-cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/x86_64-w64-mingw32-gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
+
+export ABI="x86_64-w64-mingw32"
+export MESON_OPTS="--cross-file=/usr/share/mingw/toolchain-mingw64.meson"
--- a/ci/buildenv/fedora-rawhide.sh
+++ b/ci/buildenv/fedora-rawhide.sh
@ -0,0 +1,97 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    dnf update -y --nogpgcheck fedora-gpg-keys
+    dnf distro-sync -y
+    dnf install -y \
+        audit-libs-devel \
+        augeas \
+        bash-completion \
+        ca-certificates \
+        ccache \
+        clang \
+        codespell \
+        cpp \
+        cppi \
+        cyrus-sasl-devel \
+        device-mapper-devel \
+        diffutils \
+        dwarves \
+        ebtables \
+        firewalld-filesystem \
+        fuse-devel \
+        gcc \
+        gettext \
+        git \
+        glib2-devel \
+        glibc-devel \
+        glibc-langpack-en \
+        glusterfs-api-devel \
+        gnutls-devel \
+        grep \
+        iproute \
+        iproute-tc \
+        iptables \
+        iscsi-initiator-utils \
+        kmod \
+        libacl-devel \
+        libattr-devel \
+        libblkid-devel \
+        libcap-ng-devel \
+        libcurl-devel \
+        libiscsi-devel \
+        libnl3-devel \
+        libpcap-devel \
+        libpciaccess-devel \
+        librbd-devel \
+        libselinux-devel \
+        libssh-devel \
+        libssh2-devel \
+        libtirpc-devel \
+        libwsman-devel \
+        libxml2 \
+        libxml2-devel \
+        libxslt \
+        lvm2 \
+        make \
+        meson \
+        nfs-utils \
+        ninja-build \
+        numactl-devel \
+        numad \
+        parted-devel \
+        perl-base \
+        pkgconfig \
+        polkit \
+        python3 \
+        python3-docutils \
+        python3-flake8 \
+        qemu-img \
+        readline-devel \
+        rpcgen \
+        rpm-build \
+        sanlock-devel \
+        scrub \
+        sed \
+        systemd-devel \
+        systemd-rpm-macros \
+        systemtap-sdt-devel \
+        wireshark-devel \
+        xen-devel \
+        yajl-devel
+    rpm -qa | sort > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
--- a/ci/buildenv/opensuse-leap-153.sh
+++ b/ci/buildenv/opensuse-leap-153.sh
@ -0,0 +1,99 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    zypper update -y
+    zypper install -y \
+           audit-devel \
+           augeas \
+           augeas-lenses \
+           bash-completion \
+           ca-certificates \
+           ccache \
+           clang \
+           codespell \
+           cpp \
+           cppi \
+           cyrus-sasl-devel \
+           device-mapper-devel \
+           diffutils \
+           dwarves \
+           ebtables \
+           fuse-devel \
+           gcc \
+           gettext-runtime \
+           git \
+           glib2-devel \
+           glibc-devel \
+           glibc-locale \
+           glusterfs-devel \
+           grep \
+           iproute2 \
+           iptables \
+           kmod \
+           libacl-devel \
+           libapparmor-devel \
+           libattr-devel \
+           libblkid-devel \
+           libcap-ng-devel \
+           libcurl-devel \
+           libgnutls-devel \
+           libiscsi-devel \
+           libnl3-devel \
+           libnuma-devel \
+           libpcap-devel \
+           libpciaccess-devel \
+           librbd-devel \
+           libselinux-devel \
+           libssh-devel \
+           libssh2-devel \
+           libtirpc-devel \
+           libudev-devel \
+           libwsman-devel \
+           libxml2 \
+           libxml2-devel \
+           libxslt \
+           libyajl-devel \
+           lvm2 \
+           make \
+           nfs-utils \
+           ninja \
+           numad \
+           open-iscsi \
+           parted-devel \
+           perl-base \
+           pkgconfig \
+           polkit \
+           python3-base \
+           python3-docutils \
+           python3-flake8 \
+           python3-pip \
+           python3-setuptools \
+           python3-wheel \
+           qemu-tools \
+           readline-devel \
+           rpcgen \
+           rpm-build \
+           sanlock-devel \
+           scrub \
+           sed \
+           systemd-rpm-macros \
+           systemtap-sdt-devel \
+           wireshark-devel \
+           xen-devel
+    rpm -qa | sort > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc
+    /usr/bin/pip3 install meson==0.56.0
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
--- a/ci/buildenv/opensuse-tumbleweed.sh
+++ b/ci/buildenv/opensuse-tumbleweed.sh
@ -0,0 +1,96 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    zypper dist-upgrade -y
+    zypper install -y \
+           audit-devel \
+           augeas \
+           augeas-lenses \
+           bash-completion \
+           ca-certificates \
+           ccache \
+           clang \
+           codespell \
+           cpp \
+           cppi \
+           cyrus-sasl-devel \
+           device-mapper-devel \
+           diffutils \
+           dwarves \
+           ebtables \
+           fuse-devel \
+           gcc \
+           gettext-runtime \
+           git \
+           glib2-devel \
+           glibc-devel \
+           glibc-locale \
+           glusterfs-devel \
+           grep \
+           iproute2 \
+           iptables \
+           kmod \
+           libacl-devel \
+           libapparmor-devel \
+           libattr-devel \
+           libblkid-devel \
+           libcap-ng-devel \
+           libcurl-devel \
+           libgnutls-devel \
+           libiscsi-devel \
+           libnl3-devel \
+           libnuma-devel \
+           libpcap-devel \
+           libpciaccess-devel \
+           librbd-devel \
+           libselinux-devel \
+           libssh-devel \
+           libssh2-devel \
+           libtirpc-devel \
+           libudev-devel \
+           libwsman-devel \
+           libxml2 \
+           libxml2-devel \
+           libxslt \
+           libyajl-devel \
+           lvm2 \
+           make \
+           meson \
+           nfs-utils \
+           ninja \
+           numad \
+           open-iscsi \
+           parted-devel \
+           perl-base \
+           pkgconfig \
+           polkit \
+           python3-base \
+           python3-docutils \
+           python39-flake8 \
+           qemu-tools \
+           readline-devel \
+           rpcgen \
+           rpm-build \
+           sanlock-devel \
+           scrub \
+           sed \
+           systemd-rpm-macros \
+           systemtap-sdt-devel \
+           wireshark-devel \
+           xen-devel
+    rpm -qa | sort > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
--- a/ci/buildenv/ubuntu-2004.sh
+++ b/ci/buildenv/ubuntu-2004.sh
@ -0,0 +1,102 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    export DEBIAN_FRONTEND=noninteractive
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y \
+            augeas-lenses \
+            augeas-tools \
+            bash-completion \
+            ca-certificates \
+            ccache \
+            clang \
+            codespell \
+            cpp \
+            diffutils \
+            dwarves \
+            ebtables \
+            flake8 \
+            gcc \
+            gettext \
+            git \
+            grep \
+            iproute2 \
+            iptables \
+            kmod \
+            libacl1-dev \
+            libapparmor-dev \
+            libattr1-dev \
+            libaudit-dev \
+            libblkid-dev \
+            libc-dev-bin \
+            libc6-dev \
+            libcap-ng-dev \
+            libcurl4-gnutls-dev \
+            libdevmapper-dev \
+            libfuse-dev \
+            libglib2.0-dev \
+            libglusterfs-dev \
+            libgnutls28-dev \
+            libiscsi-dev \
+            libnetcf-dev \
+            libnl-3-dev \
+            libnl-route-3-dev \
+            libnuma-dev \
+            libopenwsman-dev \
+            libparted-dev \
+            libpcap0.8-dev \
+            libpciaccess-dev \
+            librbd-dev \
+            libreadline-dev \
+            libsanlock-dev \
+            libsasl2-dev \
+            libselinux1-dev \
+            libssh-dev \
+            libssh2-1-dev \
+            libtirpc-dev \
+            libudev-dev \
+            libxen-dev \
+            libxml2-dev \
+            libxml2-utils \
+            libyajl-dev \
+            locales \
+            lvm2 \
+            make \
+            nfs-common \
+            ninja-build \
+            numad \
+            open-iscsi \
+            perl-base \
+            pkgconf \
+            policykit-1 \
+            python3 \
+            python3-docutils \
+            python3-pip \
+            python3-setuptools \
+            python3-wheel \
+            qemu-utils \
+            scrub \
+            sed \
+            systemtap-sdt-dev \
+            wireshark-dev \
+            xsltproc
+    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen
+    dpkg-reconfigure locales
+    dpkg-query --showformat '${Package}_${Version}_${Architecture}\n' --show > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc
+    /usr/bin/pip3 install meson==0.56.0
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
--- a/ci/buildenv/ubuntu-2204.sh
+++ b/ci/buildenv/ubuntu-2204.sh
@ -0,0 +1,98 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+#  $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+    export DEBIAN_FRONTEND=noninteractive
+    apt-get update
+    apt-get dist-upgrade -y
+    apt-get install --no-install-recommends -y \
+            augeas-lenses \
+            augeas-tools \
+            bash-completion \
+            ca-certificates \
+            ccache \
+            clang \
+            codespell \
+            cpp \
+            diffutils \
+            dwarves \
+            ebtables \
+            flake8 \
+            gcc \
+            gettext \
+            git \
+            grep \
+            iproute2 \
+            iptables \
+            kmod \
+            libacl1-dev \
+            libapparmor-dev \
+            libattr1-dev \
+            libaudit-dev \
+            libblkid-dev \
+            libc-dev-bin \
+            libc6-dev \
+            libcap-ng-dev \
+            libcurl4-gnutls-dev \
+            libdevmapper-dev \
+            libfuse-dev \
+            libglib2.0-dev \
+            libglusterfs-dev \
+            libgnutls28-dev \
+            libiscsi-dev \
+            libnl-3-dev \
+            libnl-route-3-dev \
+            libnuma-dev \
+            libopenwsman-dev \
+            libparted-dev \
+            libpcap0.8-dev \
+            libpciaccess-dev \
+            librbd-dev \
+            libreadline-dev \
+            libsanlock-dev \
+            libsasl2-dev \
+            libselinux1-dev \
+            libssh-dev \
+            libssh2-1-dev \
+            libtirpc-dev \
+            libudev-dev \
+            libxen-dev \
+            libxml2-dev \
+            libxml2-utils \
+            libyajl-dev \
+            locales \
+            lvm2 \
+            make \
+            meson \
+            nfs-common \
+            ninja-build \
+            numad \
+            open-iscsi \
+            perl-base \
+            pkgconf \
+            policykit-1 \
+            python3 \
+            python3-docutils \
+            qemu-utils \
+            scrub \
+            sed \
+            systemtap-sdt-dev \
+            wireshark-dev \
+            xsltproc
+    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen
+    dpkg-reconfigure locales
+    dpkg-query --showformat '${Package}_${Version}_${Architecture}\n' --show > /packages.txt
+    mkdir -p /usr/libexec/ccache-wrappers
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/cc
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang
+    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
--- a/ci/containers/almalinux-8.Dockerfile
+++ b/ci/containers/almalinux-8.Dockerfile
@ -81,6 +81,7 @@ RUN dnf update -y && \
        scrub \
        sed \
        systemd-devel \
+        systemd-rpm-macros \
        systemtap-sdt-devel \
        wireshark-devel \
        yajl-devel && \
@ -92,8 +93,8 @@ RUN dnf update -y && \
    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang && \
    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
--- a/ci/containers/alpine-315.Dockerfile
+++ b/ci/containers/alpine-315.Dockerfile
@ -73,8 +73,8 @@ RUN apk update && \
    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang && \
    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
--- a/ci/containers/alpine-edge.Dockerfile
+++ b/ci/containers/alpine-edge.Dockerfile
@ -74,8 +74,8 @@ RUN apk update && \
    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang && \
    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
--- a/ci/containers/centos-stream-8.Dockerfile
+++ b/ci/containers/centos-stream-8.Dockerfile
@ -82,6 +82,7 @@ RUN dnf distro-sync -y && \
        scrub \
        sed \
        systemd-devel \
+        systemd-rpm-macros \
        systemtap-sdt-devel \
        wireshark-devel \
        yajl-devel && \
@ -93,8 +94,8 @@ RUN dnf distro-sync -y && \
    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang && \
    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
--- a/ci/containers/centos-stream-9.Dockerfile
+++ b/ci/containers/centos-stream-9.Dockerfile
@ -80,6 +80,7 @@ RUN dnf distro-sync -y && \
        scrub \
        sed \
        systemd-devel \
+        systemd-rpm-macros \
        systemtap-sdt-devel \
        wireshark-devel \
        yajl-devel && \
@ -93,8 +94,8 @@ RUN dnf distro-sync -y && \

 RUN /usr/bin/pip3 install flake8

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
--- a/ci/containers/debian-11-cross-aarch64.Dockerfile
+++ b/ci/containers/debian-11-cross-aarch64.Dockerfile
@ -11,52 +11,52 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    apt-get install -y eatmydata && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y \
-            augeas-lenses \
-            augeas-tools \
-            bash-completion \
-            ca-certificates \
-            ccache \
-            codespell \
-            cpp \
-            diffutils \
-            dwarves \
-            ebtables \
-            flake8 \
-            gettext \
-            git \
-            grep \
-            iproute2 \
-            iptables \
-            kmod \
-            libc-dev-bin \
-            libxml2-utils \
-            locales \
-            lvm2 \
-            make \
-            meson \
-            nfs-common \
-            ninja-build \
-            numad \
-            open-iscsi \
-            perl-base \
-            pkgconf \
-            policykit-1 \
-            python3 \
-            python3-docutils \
-            qemu-utils \
-            scrub \
-            sed \
-            xsltproc && \
+                      augeas-lenses \
+                      augeas-tools \
+                      bash-completion \
+                      ca-certificates \
+                      ccache \
+                      codespell \
+                      cpp \
+                      diffutils \
+                      dwarves \
+                      ebtables \
+                      flake8 \
+                      gettext \
+                      git \
+                      grep \
+                      iproute2 \
+                      iptables \
+                      kmod \
+                      libc-dev-bin \
+                      libxml2-utils \
+                      locales \
+                      lvm2 \
+                      make \
+                      meson \
+                      nfs-common \
+                      ninja-build \
+                      numad \
+                      open-iscsi \
+                      perl-base \
+                      pkgconf \
+                      policykit-1 \
+                      python3 \
+                      python3-docutils \
+                      qemu-utils \
+                      scrub \
+                      sed \
+                      xsltproc && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen && \
    dpkg-reconfigure locales

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"

 RUN export DEBIAN_FRONTEND=noninteractive && \
    dpkg --add-architecture arm64 && \
@ -64,40 +64,40 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y dpkg-dev && \
    eatmydata apt-get install --no-install-recommends -y \
-            gcc-aarch64-linux-gnu \
-            libacl1-dev:arm64 \
-            libapparmor-dev:arm64 \
-            libattr1-dev:arm64 \
-            libaudit-dev:arm64 \
-            libblkid-dev:arm64 \
-            libc6-dev:arm64 \
-            libcap-ng-dev:arm64 \
-            libcurl4-gnutls-dev:arm64 \
-            libdevmapper-dev:arm64 \
-            libfuse-dev:arm64 \
-            libglib2.0-dev:arm64 \
-            libglusterfs-dev:arm64 \
-            libgnutls28-dev:arm64 \
-            libiscsi-dev:arm64 \
-            libnl-3-dev:arm64 \
-            libnl-route-3-dev:arm64 \
-            libnuma-dev:arm64 \
-            libparted-dev:arm64 \
-            libpcap0.8-dev:arm64 \
-            libpciaccess-dev:arm64 \
-            librbd-dev:arm64 \
-            libreadline-dev:arm64 \
-            libsanlock-dev:arm64 \
-            libsasl2-dev:arm64 \
-            libselinux1-dev:arm64 \
-            libssh-gcrypt-dev:arm64 \
-            libssh2-1-dev:arm64 \
-            libtirpc-dev:arm64 \
-            libudev-dev:arm64 \
-            libxen-dev:arm64 \
-            libxml2-dev:arm64 \
-            libyajl-dev:arm64 \
-            systemtap-sdt-dev:arm64 && \
+                      gcc-aarch64-linux-gnu \
+                      libacl1-dev:arm64 \
+                      libapparmor-dev:arm64 \
+                      libattr1-dev:arm64 \
+                      libaudit-dev:arm64 \
+                      libblkid-dev:arm64 \
+                      libc6-dev:arm64 \
+                      libcap-ng-dev:arm64 \
+                      libcurl4-gnutls-dev:arm64 \
+                      libdevmapper-dev:arm64 \
+                      libfuse-dev:arm64 \
+                      libglib2.0-dev:arm64 \
+                      libglusterfs-dev:arm64 \
+                      libgnutls28-dev:arm64 \
+                      libiscsi-dev:arm64 \
+                      libnl-3-dev:arm64 \
+                      libnl-route-3-dev:arm64 \
+                      libnuma-dev:arm64 \
+                      libparted-dev:arm64 \
+                      libpcap0.8-dev:arm64 \
+                      libpciaccess-dev:arm64 \
+                      librbd-dev:arm64 \
+                      libreadline-dev:arm64 \
+                      libsanlock-dev:arm64 \
+                      libsasl2-dev:arm64 \
+                      libselinux1-dev:arm64 \
+                      libssh-gcrypt-dev:arm64 \
+                      libssh2-1-dev:arm64 \
+                      libtirpc-dev:arm64 \
+                      libudev-dev:arm64 \
+                      libxen-dev:arm64 \
+                      libxml2-dev:arm64 \
+                      libyajl-dev:arm64 \
+                      systemtap-sdt-dev:arm64 && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    mkdir -p /usr/local/share/meson/cross && \
--- a/ci/containers/debian-11-cross-armv6l.Dockerfile
+++ b/ci/containers/debian-11-cross-armv6l.Dockerfile
@ -11,52 +11,52 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    apt-get install -y eatmydata && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y \
-            augeas-lenses \
-            augeas-tools \
-            bash-completion \
-            ca-certificates \
-            ccache \
-            codespell \
-            cpp \
-            diffutils \
-            dwarves \
-            ebtables \
-            flake8 \
-            gettext \
-            git \
-            grep \
-            iproute2 \
-            iptables \
-            kmod \
-            libc-dev-bin \
-            libxml2-utils \
-            locales \
-            lvm2 \
-            make \
-            meson \
-            nfs-common \
-            ninja-build \
-            numad \
-            open-iscsi \
-            perl-base \
-            pkgconf \
-            policykit-1 \
-            python3 \
-            python3-docutils \
-            qemu-utils \
-            scrub \
-            sed \
-            xsltproc && \
+                      augeas-lenses \
+                      augeas-tools \
+                      bash-completion \
+                      ca-certificates \
+                      ccache \
+                      codespell \
+                      cpp \
+                      diffutils \
+                      dwarves \
+                      ebtables \
+                      flake8 \
+                      gettext \
+                      git \
+                      grep \
+                      iproute2 \
+                      iptables \
+                      kmod \
+                      libc-dev-bin \
+                      libxml2-utils \
+                      locales \
+                      lvm2 \
+                      make \
+                      meson \
+                      nfs-common \
+                      ninja-build \
+                      numad \
+                      open-iscsi \
+                      perl-base \
+                      pkgconf \
+                      policykit-1 \
+                      python3 \
+                      python3-docutils \
+                      qemu-utils \
+                      scrub \
+                      sed \
+                      xsltproc && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen && \
    dpkg-reconfigure locales

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"

 RUN export DEBIAN_FRONTEND=noninteractive && \
    dpkg --add-architecture armel && \
@ -64,39 +64,39 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y dpkg-dev && \
    eatmydata apt-get install --no-install-recommends -y \
-            gcc-arm-linux-gnueabi \
-            libacl1-dev:armel \
-            libapparmor-dev:armel \
-            libattr1-dev:armel \
-            libaudit-dev:armel \
-            libblkid-dev:armel \
-            libc6-dev:armel \
-            libcap-ng-dev:armel \
-            libcurl4-gnutls-dev:armel \
-            libdevmapper-dev:armel \
-            libfuse-dev:armel \
-            libglib2.0-dev:armel \
-            libglusterfs-dev:armel \
-            libgnutls28-dev:armel \
-            libiscsi-dev:armel \
-            libnl-3-dev:armel \
-            libnl-route-3-dev:armel \
-            libnuma-dev:armel \
-            libparted-dev:armel \
-            libpcap0.8-dev:armel \
-            libpciaccess-dev:armel \
-            librbd-dev:armel \
-            libreadline-dev:armel \
-            libsanlock-dev:armel \
-            libsasl2-dev:armel \
-            libselinux1-dev:armel \
-            libssh-gcrypt-dev:armel \
-            libssh2-1-dev:armel \
-            libtirpc-dev:armel \
-            libudev-dev:armel \
-            libxml2-dev:armel \
-            libyajl-dev:armel \
-            systemtap-sdt-dev:armel && \
+                      gcc-arm-linux-gnueabi \
+                      libacl1-dev:armel \
+                      libapparmor-dev:armel \
+                      libattr1-dev:armel \
+                      libaudit-dev:armel \
+                      libblkid-dev:armel \
+                      libc6-dev:armel \
+                      libcap-ng-dev:armel \
+                      libcurl4-gnutls-dev:armel \
+                      libdevmapper-dev:armel \
+                      libfuse-dev:armel \
+                      libglib2.0-dev:armel \
+                      libglusterfs-dev:armel \
+                      libgnutls28-dev:armel \
+                      libiscsi-dev:armel \
+                      libnl-3-dev:armel \
+                      libnl-route-3-dev:armel \
+                      libnuma-dev:armel \
+                      libparted-dev:armel \
+                      libpcap0.8-dev:armel \
+                      libpciaccess-dev:armel \
+                      librbd-dev:armel \
+                      libreadline-dev:armel \
+                      libsanlock-dev:armel \
+                      libsasl2-dev:armel \
+                      libselinux1-dev:armel \
+                      libssh-gcrypt-dev:armel \
+                      libssh2-1-dev:armel \
+                      libtirpc-dev:armel \
+                      libudev-dev:armel \
+                      libxml2-dev:armel \
+                      libyajl-dev:armel \
+                      systemtap-sdt-dev:armel && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    mkdir -p /usr/local/share/meson/cross && \
--- a/ci/containers/debian-11-cross-armv7l.Dockerfile
+++ b/ci/containers/debian-11-cross-armv7l.Dockerfile
@ -11,52 +11,52 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    apt-get install -y eatmydata && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y \
-            augeas-lenses \
-            augeas-tools \
-            bash-completion \
-            ca-certificates \
-            ccache \
-            codespell \
-            cpp \
-            diffutils \
-            dwarves \
-            ebtables \
-            flake8 \
-            gettext \
-            git \
-            grep \
-            iproute2 \
-            iptables \
-            kmod \
-            libc-dev-bin \
-            libxml2-utils \
-            locales \
-            lvm2 \
-            make \
-            meson \
-            nfs-common \
-            ninja-build \
-            numad \
-            open-iscsi \
-            perl-base \
-            pkgconf \
-            policykit-1 \
-            python3 \
-            python3-docutils \
-            qemu-utils \
-            scrub \
-            sed \
-            xsltproc && \
+                      augeas-lenses \
+                      augeas-tools \
+                      bash-completion \
+                      ca-certificates \
+                      ccache \
+                      codespell \
+                      cpp \
+                      diffutils \
+                      dwarves \
+                      ebtables \
+                      flake8 \
+                      gettext \
+                      git \
+                      grep \
+                      iproute2 \
+                      iptables \
+                      kmod \
+                      libc-dev-bin \
+                      libxml2-utils \
+                      locales \
+                      lvm2 \
+                      make \
+                      meson \
+                      nfs-common \
+                      ninja-build \
+                      numad \
+                      open-iscsi \
+                      perl-base \
+                      pkgconf \
+                      policykit-1 \
+                      python3 \
+                      python3-docutils \
+                      qemu-utils \
+                      scrub \
+                      sed \
+                      xsltproc && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen && \
    dpkg-reconfigure locales

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"

 RUN export DEBIAN_FRONTEND=noninteractive && \
    dpkg --add-architecture armhf && \
@ -64,40 +64,40 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y dpkg-dev && \
    eatmydata apt-get install --no-install-recommends -y \
-            gcc-arm-linux-gnueabihf \
-            libacl1-dev:armhf \
-            libapparmor-dev:armhf \
-            libattr1-dev:armhf \
-            libaudit-dev:armhf \
-            libblkid-dev:armhf \
-            libc6-dev:armhf \
-            libcap-ng-dev:armhf \
-            libcurl4-gnutls-dev:armhf \
-            libdevmapper-dev:armhf \
-            libfuse-dev:armhf \
-            libglib2.0-dev:armhf \
-            libglusterfs-dev:armhf \
-            libgnutls28-dev:armhf \
-            libiscsi-dev:armhf \
-            libnl-3-dev:armhf \
-            libnl-route-3-dev:armhf \
-            libnuma-dev:armhf \
-            libparted-dev:armhf \
-            libpcap0.8-dev:armhf \
-            libpciaccess-dev:armhf \
-            librbd-dev:armhf \
-            libreadline-dev:armhf \
-            libsanlock-dev:armhf \
-            libsasl2-dev:armhf \
-            libselinux1-dev:armhf \
-            libssh-gcrypt-dev:armhf \
-            libssh2-1-dev:armhf \
-            libtirpc-dev:armhf \
-            libudev-dev:armhf \
-            libxen-dev:armhf \
-            libxml2-dev:armhf \
-            libyajl-dev:armhf \
-            systemtap-sdt-dev:armhf && \
+                      gcc-arm-linux-gnueabihf \
+                      libacl1-dev:armhf \
+                      libapparmor-dev:armhf \
+                      libattr1-dev:armhf \
+                      libaudit-dev:armhf \
+                      libblkid-dev:armhf \
+                      libc6-dev:armhf \
+                      libcap-ng-dev:armhf \
+                      libcurl4-gnutls-dev:armhf \
+                      libdevmapper-dev:armhf \
+                      libfuse-dev:armhf \
+                      libglib2.0-dev:armhf \
+                      libglusterfs-dev:armhf \
+                      libgnutls28-dev:armhf \
+                      libiscsi-dev:armhf \
+                      libnl-3-dev:armhf \
+                      libnl-route-3-dev:armhf \
+                      libnuma-dev:armhf \
+                      libparted-dev:armhf \
+                      libpcap0.8-dev:armhf \
+                      libpciaccess-dev:armhf \
+                      librbd-dev:armhf \
+                      libreadline-dev:armhf \
+                      libsanlock-dev:armhf \
+                      libsasl2-dev:armhf \
+                      libselinux1-dev:armhf \
+                      libssh-gcrypt-dev:armhf \
+                      libssh2-1-dev:armhf \
+                      libtirpc-dev:armhf \
+                      libudev-dev:armhf \
+                      libxen-dev:armhf \
+                      libxml2-dev:armhf \
+                      libyajl-dev:armhf \
+                      systemtap-sdt-dev:armhf && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    mkdir -p /usr/local/share/meson/cross && \
--- a/ci/containers/debian-11-cross-i686.Dockerfile
+++ b/ci/containers/debian-11-cross-i686.Dockerfile
@ -11,52 +11,52 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    apt-get install -y eatmydata && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y \
-            augeas-lenses \
-            augeas-tools \
-            bash-completion \
-            ca-certificates \
-            ccache \
-            codespell \
-            cpp \
-            diffutils \
-            dwarves \
-            ebtables \
-            flake8 \
-            gettext \
-            git \
-            grep \
-            iproute2 \
-            iptables \
-            kmod \
-            libc-dev-bin \
-            libxml2-utils \
-            locales \
-            lvm2 \
-            make \
-            meson \
-            nfs-common \
-            ninja-build \
-            numad \
-            open-iscsi \
-            perl-base \
-            pkgconf \
-            policykit-1 \
-            python3 \
-            python3-docutils \
-            qemu-utils \
-            scrub \
-            sed \
-            xsltproc && \
+                      augeas-lenses \
+                      augeas-tools \
+                      bash-completion \
+                      ca-certificates \
+                      ccache \
+                      codespell \
+                      cpp \
+                      diffutils \
+                      dwarves \
+                      ebtables \
+                      flake8 \
+                      gettext \
+                      git \
+                      grep \
+                      iproute2 \
+                      iptables \
+                      kmod \
+                      libc-dev-bin \
+                      libxml2-utils \
+                      locales \
+                      lvm2 \
+                      make \
+                      meson \
+                      nfs-common \
+                      ninja-build \
+                      numad \
+                      open-iscsi \
+                      perl-base \
+                      pkgconf \
+                      policykit-1 \
+                      python3 \
+                      python3-docutils \
+                      qemu-utils \
+                      scrub \
+                      sed \
+                      xsltproc && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen && \
    dpkg-reconfigure locales

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"

 RUN export DEBIAN_FRONTEND=noninteractive && \
    dpkg --add-architecture i386 && \
@ -64,39 +64,39 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y dpkg-dev && \
    eatmydata apt-get install --no-install-recommends -y \
-            gcc-i686-linux-gnu \
-            libacl1-dev:i386 \
-            libapparmor-dev:i386 \
-            libattr1-dev:i386 \
-            libaudit-dev:i386 \
-            libblkid-dev:i386 \
-            libc6-dev:i386 \
-            libcap-ng-dev:i386 \
-            libcurl4-gnutls-dev:i386 \
-            libdevmapper-dev:i386 \
-            libfuse-dev:i386 \
-            libglib2.0-dev:i386 \
-            libglusterfs-dev:i386 \
-            libgnutls28-dev:i386 \
-            libiscsi-dev:i386 \
-            libnl-3-dev:i386 \
-            libnl-route-3-dev:i386 \
-            libnuma-dev:i386 \
-            libparted-dev:i386 \
-            libpcap0.8-dev:i386 \
-            libpciaccess-dev:i386 \
-            librbd-dev:i386 \
-            libreadline-dev:i386 \
-            libsanlock-dev:i386 \
-            libsasl2-dev:i386 \
-            libselinux1-dev:i386 \
-            libssh-gcrypt-dev:i386 \
-            libssh2-1-dev:i386 \
-            libtirpc-dev:i386 \
-            libudev-dev:i386 \
-            libxml2-dev:i386 \
-            libyajl-dev:i386 \
-            systemtap-sdt-dev:i386 && \
+                      gcc-i686-linux-gnu \
+                      libacl1-dev:i386 \
+                      libapparmor-dev:i386 \
+                      libattr1-dev:i386 \
+                      libaudit-dev:i386 \
+                      libblkid-dev:i386 \
+                      libc6-dev:i386 \
+                      libcap-ng-dev:i386 \
+                      libcurl4-gnutls-dev:i386 \
+                      libdevmapper-dev:i386 \
+                      libfuse-dev:i386 \
+                      libglib2.0-dev:i386 \
+                      libglusterfs-dev:i386 \
+                      libgnutls28-dev:i386 \
+                      libiscsi-dev:i386 \
+                      libnl-3-dev:i386 \
+                      libnl-route-3-dev:i386 \
+                      libnuma-dev:i386 \
+                      libparted-dev:i386 \
+                      libpcap0.8-dev:i386 \
+                      libpciaccess-dev:i386 \
+                      librbd-dev:i386 \
+                      libreadline-dev:i386 \
+                      libsanlock-dev:i386 \
+                      libsasl2-dev:i386 \
+                      libselinux1-dev:i386 \
+                      libssh-gcrypt-dev:i386 \
+                      libssh2-1-dev:i386 \
+                      libtirpc-dev:i386 \
+                      libudev-dev:i386 \
+                      libxml2-dev:i386 \
+                      libyajl-dev:i386 \
+                      systemtap-sdt-dev:i386 && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    mkdir -p /usr/local/share/meson/cross && \
--- a/ci/containers/debian-11-cross-mips64el.Dockerfile
+++ b/ci/containers/debian-11-cross-mips64el.Dockerfile
@ -11,52 +11,52 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    apt-get install -y eatmydata && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y \
-            augeas-lenses \
-            augeas-tools \
-            bash-completion \
-            ca-certificates \
-            ccache \
-            codespell \
-            cpp \
-            diffutils \
-            dwarves \
-            ebtables \
-            flake8 \
-            gettext \
-            git \
-            grep \
-            iproute2 \
-            iptables \
-            kmod \
-            libc-dev-bin \
-            libxml2-utils \
-            locales \
-            lvm2 \
-            make \
-            meson \
-            nfs-common \
-            ninja-build \
-            numad \
-            open-iscsi \
-            perl-base \
-            pkgconf \
-            policykit-1 \
-            python3 \
-            python3-docutils \
-            qemu-utils \
-            scrub \
-            sed \
-            xsltproc && \
+                      augeas-lenses \
+                      augeas-tools \
+                      bash-completion \
+                      ca-certificates \
+                      ccache \
+                      codespell \
+                      cpp \
+                      diffutils \
+                      dwarves \
+                      ebtables \
+                      flake8 \
+                      gettext \
+                      git \
+                      grep \
+                      iproute2 \
+                      iptables \
+                      kmod \
+                      libc-dev-bin \
+                      libxml2-utils \
+                      locales \
+                      lvm2 \
+                      make \
+                      meson \
+                      nfs-common \
+                      ninja-build \
+                      numad \
+                      open-iscsi \
+                      perl-base \
+                      pkgconf \
+                      policykit-1 \
+                      python3 \
+                      python3-docutils \
+                      qemu-utils \
+                      scrub \
+                      sed \
+                      xsltproc && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen && \
    dpkg-reconfigure locales

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"

 RUN export DEBIAN_FRONTEND=noninteractive && \
    dpkg --add-architecture mips64el && \
@ -64,39 +64,39 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y dpkg-dev && \
    eatmydata apt-get install --no-install-recommends -y \
-            gcc-mips64el-linux-gnuabi64 \
-            libacl1-dev:mips64el \
-            libapparmor-dev:mips64el \
-            libattr1-dev:mips64el \
-            libaudit-dev:mips64el \
-            libblkid-dev:mips64el \
-            libc6-dev:mips64el \
-            libcap-ng-dev:mips64el \
-            libcurl4-gnutls-dev:mips64el \
-            libdevmapper-dev:mips64el \
-            libfuse-dev:mips64el \
-            libglib2.0-dev:mips64el \
-            libglusterfs-dev:mips64el \
-            libgnutls28-dev:mips64el \
-            libiscsi-dev:mips64el \
-            libnl-3-dev:mips64el \
-            libnl-route-3-dev:mips64el \
-            libnuma-dev:mips64el \
-            libparted-dev:mips64el \
-            libpcap0.8-dev:mips64el \
-            libpciaccess-dev:mips64el \
-            librbd-dev:mips64el \
-            libreadline-dev:mips64el \
-            libsanlock-dev:mips64el \
-            libsasl2-dev:mips64el \
-            libselinux1-dev:mips64el \
-            libssh-gcrypt-dev:mips64el \
-            libssh2-1-dev:mips64el \
-            libtirpc-dev:mips64el \
-            libudev-dev:mips64el \
-            libxml2-dev:mips64el \
-            libyajl-dev:mips64el \
-            systemtap-sdt-dev:mips64el && \
+                      gcc-mips64el-linux-gnuabi64 \
+                      libacl1-dev:mips64el \
+                      libapparmor-dev:mips64el \
+                      libattr1-dev:mips64el \
+                      libaudit-dev:mips64el \
+                      libblkid-dev:mips64el \
+                      libc6-dev:mips64el \
+                      libcap-ng-dev:mips64el \
+                      libcurl4-gnutls-dev:mips64el \
+                      libdevmapper-dev:mips64el \
+                      libfuse-dev:mips64el \
+                      libglib2.0-dev:mips64el \
+                      libglusterfs-dev:mips64el \
+                      libgnutls28-dev:mips64el \
+                      libiscsi-dev:mips64el \
+                      libnl-3-dev:mips64el \
+                      libnl-route-3-dev:mips64el \
+                      libnuma-dev:mips64el \
+                      libparted-dev:mips64el \
+                      libpcap0.8-dev:mips64el \
+                      libpciaccess-dev:mips64el \
+                      librbd-dev:mips64el \
+                      libreadline-dev:mips64el \
+                      libsanlock-dev:mips64el \
+                      libsasl2-dev:mips64el \
+                      libselinux1-dev:mips64el \
+                      libssh-gcrypt-dev:mips64el \
+                      libssh2-1-dev:mips64el \
+                      libtirpc-dev:mips64el \
+                      libudev-dev:mips64el \
+                      libxml2-dev:mips64el \
+                      libyajl-dev:mips64el \
+                      systemtap-sdt-dev:mips64el && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    mkdir -p /usr/local/share/meson/cross && \
--- a/ci/containers/debian-11-cross-mipsel.Dockerfile
+++ b/ci/containers/debian-11-cross-mipsel.Dockerfile
@ -11,52 +11,52 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    apt-get install -y eatmydata && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y \
-            augeas-lenses \
-            augeas-tools \
-            bash-completion \
-            ca-certificates \
-            ccache \
-            codespell \
-            cpp \
-            diffutils \
-            dwarves \
-            ebtables \
-            flake8 \
-            gettext \
-            git \
-            grep \
-            iproute2 \
-            iptables \
-            kmod \
-            libc-dev-bin \
-            libxml2-utils \
-            locales \
-            lvm2 \
-            make \
-            meson \
-            nfs-common \
-            ninja-build \
-            numad \
-            open-iscsi \
-            perl-base \
-            pkgconf \
-            policykit-1 \
-            python3 \
-            python3-docutils \
-            qemu-utils \
-            scrub \
-            sed \
-            xsltproc && \
+                      augeas-lenses \
+                      augeas-tools \
+                      bash-completion \
+                      ca-certificates \
+                      ccache \
+                      codespell \
+                      cpp \
+                      diffutils \
+                      dwarves \
+                      ebtables \
+                      flake8 \
+                      gettext \
+                      git \
+                      grep \
+                      iproute2 \
+                      iptables \
+                      kmod \
+                      libc-dev-bin \
+                      libxml2-utils \
+                      locales \
+                      lvm2 \
+                      make \
+                      meson \
+                      nfs-common \
+                      ninja-build \
+                      numad \
+                      open-iscsi \
+                      perl-base \
+                      pkgconf \
+                      policykit-1 \
+                      python3 \
+                      python3-docutils \
+                      qemu-utils \
+                      scrub \
+                      sed \
+                      xsltproc && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen && \
    dpkg-reconfigure locales

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"

 RUN export DEBIAN_FRONTEND=noninteractive && \
    dpkg --add-architecture mipsel && \
@ -64,39 +64,39 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y dpkg-dev && \
    eatmydata apt-get install --no-install-recommends -y \
-            gcc-mipsel-linux-gnu \
-            libacl1-dev:mipsel \
-            libapparmor-dev:mipsel \
-            libattr1-dev:mipsel \
-            libaudit-dev:mipsel \
-            libblkid-dev:mipsel \
-            libc6-dev:mipsel \
-            libcap-ng-dev:mipsel \
-            libcurl4-gnutls-dev:mipsel \
-            libdevmapper-dev:mipsel \
-            libfuse-dev:mipsel \
-            libglib2.0-dev:mipsel \
-            libglusterfs-dev:mipsel \
-            libgnutls28-dev:mipsel \
-            libiscsi-dev:mipsel \
-            libnl-3-dev:mipsel \
-            libnl-route-3-dev:mipsel \
-            libnuma-dev:mipsel \
-            libparted-dev:mipsel \
-            libpcap0.8-dev:mipsel \
-            libpciaccess-dev:mipsel \
-            librbd-dev:mipsel \
-            libreadline-dev:mipsel \
-            libsanlock-dev:mipsel \
-            libsasl2-dev:mipsel \
-            libselinux1-dev:mipsel \
-            libssh-gcrypt-dev:mipsel \
-            libssh2-1-dev:mipsel \
-            libtirpc-dev:mipsel \
-            libudev-dev:mipsel \
-            libxml2-dev:mipsel \
-            libyajl-dev:mipsel \
-            systemtap-sdt-dev:mipsel && \
+                      gcc-mipsel-linux-gnu \
+                      libacl1-dev:mipsel \
+                      libapparmor-dev:mipsel \
+                      libattr1-dev:mipsel \
+                      libaudit-dev:mipsel \
+                      libblkid-dev:mipsel \
+                      libc6-dev:mipsel \
+                      libcap-ng-dev:mipsel \
+                      libcurl4-gnutls-dev:mipsel \
+                      libdevmapper-dev:mipsel \
+                      libfuse-dev:mipsel \
+                      libglib2.0-dev:mipsel \
+                      libglusterfs-dev:mipsel \
+                      libgnutls28-dev:mipsel \
+                      libiscsi-dev:mipsel \
+                      libnl-3-dev:mipsel \
+                      libnl-route-3-dev:mipsel \
+                      libnuma-dev:mipsel \
+                      libparted-dev:mipsel \
+                      libpcap0.8-dev:mipsel \
+                      libpciaccess-dev:mipsel \
+                      librbd-dev:mipsel \
+                      libreadline-dev:mipsel \
+                      libsanlock-dev:mipsel \
+                      libsasl2-dev:mipsel \
+                      libselinux1-dev:mipsel \
+                      libssh-gcrypt-dev:mipsel \
+                      libssh2-1-dev:mipsel \
+                      libtirpc-dev:mipsel \
+                      libudev-dev:mipsel \
+                      libxml2-dev:mipsel \
+                      libyajl-dev:mipsel \
+                      systemtap-sdt-dev:mipsel && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    mkdir -p /usr/local/share/meson/cross && \
--- a/ci/containers/debian-11-cross-ppc64le.Dockerfile
+++ b/ci/containers/debian-11-cross-ppc64le.Dockerfile
@ -11,52 +11,52 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    apt-get install -y eatmydata && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y \
-            augeas-lenses \
-            augeas-tools \
-            bash-completion \
-            ca-certificates \
-            ccache \
-            codespell \
-            cpp \
-            diffutils \
-            dwarves \
-            ebtables \
-            flake8 \
-            gettext \
-            git \
-            grep \
-            iproute2 \
-            iptables \
-            kmod \
-            libc-dev-bin \
-            libxml2-utils \
-            locales \
-            lvm2 \
-            make \
-            meson \
-            nfs-common \
-            ninja-build \
-            numad \
-            open-iscsi \
-            perl-base \
-            pkgconf \
-            policykit-1 \
-            python3 \
-            python3-docutils \
-            qemu-utils \
-            scrub \
-            sed \
-            xsltproc && \
+                      augeas-lenses \
+                      augeas-tools \
+                      bash-completion \
+                      ca-certificates \
+                      ccache \
+                      codespell \
+                      cpp \
+                      diffutils \
+                      dwarves \
+                      ebtables \
+                      flake8 \
+                      gettext \
+                      git \
+                      grep \
+                      iproute2 \
+                      iptables \
+                      kmod \
+                      libc-dev-bin \
+                      libxml2-utils \
+                      locales \
+                      lvm2 \
+                      make \
+                      meson \
+                      nfs-common \
+                      ninja-build \
+                      numad \
+                      open-iscsi \
+                      perl-base \
+                      pkgconf \
+                      policykit-1 \
+                      python3 \
+                      python3-docutils \
+                      qemu-utils \
+                      scrub \
+                      sed \
+                      xsltproc && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen && \
    dpkg-reconfigure locales

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"

 RUN export DEBIAN_FRONTEND=noninteractive && \
    dpkg --add-architecture ppc64el && \
@ -64,39 +64,39 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y dpkg-dev && \
    eatmydata apt-get install --no-install-recommends -y \
-            gcc-powerpc64le-linux-gnu \
-            libacl1-dev:ppc64el \
-            libapparmor-dev:ppc64el \
-            libattr1-dev:ppc64el \
-            libaudit-dev:ppc64el \
-            libblkid-dev:ppc64el \
-            libc6-dev:ppc64el \
-            libcap-ng-dev:ppc64el \
-            libcurl4-gnutls-dev:ppc64el \
-            libdevmapper-dev:ppc64el \
-            libfuse-dev:ppc64el \
-            libglib2.0-dev:ppc64el \
-            libglusterfs-dev:ppc64el \
-            libgnutls28-dev:ppc64el \
-            libiscsi-dev:ppc64el \
-            libnl-3-dev:ppc64el \
-            libnl-route-3-dev:ppc64el \
-            libnuma-dev:ppc64el \
-            libparted-dev:ppc64el \
-            libpcap0.8-dev:ppc64el \
-            libpciaccess-dev:ppc64el \
-            librbd-dev:ppc64el \
-            libreadline-dev:ppc64el \
-            libsanlock-dev:ppc64el \
-            libsasl2-dev:ppc64el \
-            libselinux1-dev:ppc64el \
-            libssh-gcrypt-dev:ppc64el \
-            libssh2-1-dev:ppc64el \
-            libtirpc-dev:ppc64el \
-            libudev-dev:ppc64el \
-            libxml2-dev:ppc64el \
-            libyajl-dev:ppc64el \
-            systemtap-sdt-dev:ppc64el && \
+                      gcc-powerpc64le-linux-gnu \
+                      libacl1-dev:ppc64el \
+                      libapparmor-dev:ppc64el \
+                      libattr1-dev:ppc64el \
+                      libaudit-dev:ppc64el \
+                      libblkid-dev:ppc64el \
+                      libc6-dev:ppc64el \
+                      libcap-ng-dev:ppc64el \
+                      libcurl4-gnutls-dev:ppc64el \
+                      libdevmapper-dev:ppc64el \
+                      libfuse-dev:ppc64el \
+                      libglib2.0-dev:ppc64el \
+                      libglusterfs-dev:ppc64el \
+                      libgnutls28-dev:ppc64el \
+                      libiscsi-dev:ppc64el \
+                      libnl-3-dev:ppc64el \
+                      libnl-route-3-dev:ppc64el \
+                      libnuma-dev:ppc64el \
+                      libparted-dev:ppc64el \
+                      libpcap0.8-dev:ppc64el \
+                      libpciaccess-dev:ppc64el \
+                      librbd-dev:ppc64el \
+                      libreadline-dev:ppc64el \
+                      libsanlock-dev:ppc64el \
+                      libsasl2-dev:ppc64el \
+                      libselinux1-dev:ppc64el \
+                      libssh-gcrypt-dev:ppc64el \
+                      libssh2-1-dev:ppc64el \
+                      libtirpc-dev:ppc64el \
+                      libudev-dev:ppc64el \
+                      libxml2-dev:ppc64el \
+                      libyajl-dev:ppc64el \
+                      systemtap-sdt-dev:ppc64el && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    mkdir -p /usr/local/share/meson/cross && \
--- a/ci/containers/debian-11-cross-s390x.Dockerfile
+++ b/ci/containers/debian-11-cross-s390x.Dockerfile
@ -11,52 +11,52 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    apt-get install -y eatmydata && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y \
-            augeas-lenses \
-            augeas-tools \
-            bash-completion \
-            ca-certificates \
-            ccache \
-            codespell \
-            cpp \
-            diffutils \
-            dwarves \
-            ebtables \
-            flake8 \
-            gettext \
-            git \
-            grep \
-            iproute2 \
-            iptables \
-            kmod \
-            libc-dev-bin \
-            libxml2-utils \
-            locales \
-            lvm2 \
-            make \
-            meson \
-            nfs-common \
-            ninja-build \
-            numad \
-            open-iscsi \
-            perl-base \
-            pkgconf \
-            policykit-1 \
-            python3 \
-            python3-docutils \
-            qemu-utils \
-            scrub \
-            sed \
-            xsltproc && \
+                      augeas-lenses \
+                      augeas-tools \
+                      bash-completion \
+                      ca-certificates \
+                      ccache \
+                      codespell \
+                      cpp \
+                      diffutils \
+                      dwarves \
+                      ebtables \
+                      flake8 \
+                      gettext \
+                      git \
+                      grep \
+                      iproute2 \
+                      iptables \
+                      kmod \
+                      libc-dev-bin \
+                      libxml2-utils \
+                      locales \
+                      lvm2 \
+                      make \
+                      meson \
+                      nfs-common \
+                      ninja-build \
+                      numad \
+                      open-iscsi \
+                      perl-base \
+                      pkgconf \
+                      policykit-1 \
+                      python3 \
+                      python3-docutils \
+                      qemu-utils \
+                      scrub \
+                      sed \
+                      xsltproc && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen && \
    dpkg-reconfigure locales

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"

 RUN export DEBIAN_FRONTEND=noninteractive && \
    dpkg --add-architecture s390x && \
@ -64,39 +64,39 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y dpkg-dev && \
    eatmydata apt-get install --no-install-recommends -y \
-            gcc-s390x-linux-gnu \
-            libacl1-dev:s390x \
-            libapparmor-dev:s390x \
-            libattr1-dev:s390x \
-            libaudit-dev:s390x \
-            libblkid-dev:s390x \
-            libc6-dev:s390x \
-            libcap-ng-dev:s390x \
-            libcurl4-gnutls-dev:s390x \
-            libdevmapper-dev:s390x \
-            libfuse-dev:s390x \
-            libglib2.0-dev:s390x \
-            libglusterfs-dev:s390x \
-            libgnutls28-dev:s390x \
-            libiscsi-dev:s390x \
-            libnl-3-dev:s390x \
-            libnl-route-3-dev:s390x \
-            libnuma-dev:s390x \
-            libparted-dev:s390x \
-            libpcap0.8-dev:s390x \
-            libpciaccess-dev:s390x \
-            librbd-dev:s390x \
-            libreadline-dev:s390x \
-            libsanlock-dev:s390x \
-            libsasl2-dev:s390x \
-            libselinux1-dev:s390x \
-            libssh-gcrypt-dev:s390x \
-            libssh2-1-dev:s390x \
-            libtirpc-dev:s390x \
-            libudev-dev:s390x \
-            libxml2-dev:s390x \
-            libyajl-dev:s390x \
-            systemtap-sdt-dev:s390x && \
+                      gcc-s390x-linux-gnu \
+                      libacl1-dev:s390x \
+                      libapparmor-dev:s390x \
+                      libattr1-dev:s390x \
+                      libaudit-dev:s390x \
+                      libblkid-dev:s390x \
+                      libc6-dev:s390x \
+                      libcap-ng-dev:s390x \
+                      libcurl4-gnutls-dev:s390x \
+                      libdevmapper-dev:s390x \
+                      libfuse-dev:s390x \
+                      libglib2.0-dev:s390x \
+                      libglusterfs-dev:s390x \
+                      libgnutls28-dev:s390x \
+                      libiscsi-dev:s390x \
+                      libnl-3-dev:s390x \
+                      libnl-route-3-dev:s390x \
+                      libnuma-dev:s390x \
+                      libparted-dev:s390x \
+                      libpcap0.8-dev:s390x \
+                      libpciaccess-dev:s390x \
+                      librbd-dev:s390x \
+                      libreadline-dev:s390x \
+                      libsanlock-dev:s390x \
+                      libsasl2-dev:s390x \
+                      libselinux1-dev:s390x \
+                      libssh-gcrypt-dev:s390x \
+                      libssh2-1-dev:s390x \
+                      libtirpc-dev:s390x \
+                      libudev-dev:s390x \
+                      libxml2-dev:s390x \
+                      libyajl-dev:s390x \
+                      systemtap-sdt-dev:s390x && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    mkdir -p /usr/local/share/meson/cross && \
--- a/ci/containers/debian-11.Dockerfile
+++ b/ci/containers/debian-11.Dockerfile
@ -11,79 +11,79 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    apt-get install -y eatmydata && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y \
-            augeas-lenses \
-            augeas-tools \
-            bash-completion \
-            ca-certificates \
-            ccache \
-            clang \
-            codespell \
-            cpp \
-            diffutils \
-            dwarves \
-            ebtables \
-            flake8 \
-            gcc \
-            gettext \
-            git \
-            grep \
-            iproute2 \
-            iptables \
-            kmod \
-            libacl1-dev \
-            libapparmor-dev \
-            libattr1-dev \
-            libaudit-dev \
-            libblkid-dev \
-            libc-dev-bin \
-            libc6-dev \
-            libcap-ng-dev \
-            libcurl4-gnutls-dev \
-            libdevmapper-dev \
-            libfuse-dev \
-            libglib2.0-dev \
-            libglusterfs-dev \
-            libgnutls28-dev \
-            libiscsi-dev \
-            libnetcf-dev \
-            libnl-3-dev \
-            libnl-route-3-dev \
-            libnuma-dev \
-            libparted-dev \
-            libpcap0.8-dev \
-            libpciaccess-dev \
-            librbd-dev \
-            libreadline-dev \
-            libsanlock-dev \
-            libsasl2-dev \
-            libselinux1-dev \
-            libssh-gcrypt-dev \
-            libssh2-1-dev \
-            libtirpc-dev \
-            libudev-dev \
-            libxen-dev \
-            libxml2-dev \
-            libxml2-utils \
-            libyajl-dev \
-            locales \
-            lvm2 \
-            make \
-            meson \
-            nfs-common \
-            ninja-build \
-            numad \
-            open-iscsi \
-            perl-base \
-            pkgconf \
-            policykit-1 \
-            python3 \
-            python3-docutils \
-            qemu-utils \
-            scrub \
-            sed \
-            systemtap-sdt-dev \
-            wireshark-dev \
-            xsltproc && \
+                      augeas-lenses \
+                      augeas-tools \
+                      bash-completion \
+                      ca-certificates \
+                      ccache \
+                      clang \
+                      codespell \
+                      cpp \
+                      diffutils \
+                      dwarves \
+                      ebtables \
+                      flake8 \
+                      gcc \
+                      gettext \
+                      git \
+                      grep \
+                      iproute2 \
+                      iptables \
+                      kmod \
+                      libacl1-dev \
+                      libapparmor-dev \
+                      libattr1-dev \
+                      libaudit-dev \
+                      libblkid-dev \
+                      libc-dev-bin \
+                      libc6-dev \
+                      libcap-ng-dev \
+                      libcurl4-gnutls-dev \
+                      libdevmapper-dev \
+                      libfuse-dev \
+                      libglib2.0-dev \
+                      libglusterfs-dev \
+                      libgnutls28-dev \
+                      libiscsi-dev \
+                      libnetcf-dev \
+                      libnl-3-dev \
+                      libnl-route-3-dev \
+                      libnuma-dev \
+                      libparted-dev \
+                      libpcap0.8-dev \
+                      libpciaccess-dev \
+                      librbd-dev \
+                      libreadline-dev \
+                      libsanlock-dev \
+                      libsasl2-dev \
+                      libselinux1-dev \
+                      libssh-gcrypt-dev \
+                      libssh2-1-dev \
+                      libtirpc-dev \
+                      libudev-dev \
+                      libxen-dev \
+                      libxml2-dev \
+                      libxml2-utils \
+                      libyajl-dev \
+                      locales \
+                      lvm2 \
+                      make \
+                      meson \
+                      nfs-common \
+                      ninja-build \
+                      numad \
+                      open-iscsi \
+                      perl-base \
+                      pkgconf \
+                      policykit-1 \
+                      python3 \
+                      python3-docutils \
+                      qemu-utils \
+                      scrub \
+                      sed \
+                      systemtap-sdt-dev \
+                      wireshark-dev \
+                      xsltproc && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen && \
@ -94,8 +94,8 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang && \
    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
--- a/ci/containers/debian-sid-cross-aarch64.Dockerfile
+++ b/ci/containers/debian-sid-cross-aarch64.Dockerfile
@ -11,52 +11,52 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    apt-get install -y eatmydata && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y \
-            augeas-lenses \
-            augeas-tools \
-            bash-completion \
-            ca-certificates \
-            ccache \
-            codespell \
-            cpp \
-            diffutils \
-            dwarves \
-            ebtables \
-            flake8 \
-            gettext \
-            git \
-            grep \
-            iproute2 \
-            iptables \
-            kmod \
-            libc-dev-bin \
-            libxml2-utils \
-            locales \
-            lvm2 \
-            make \
-            meson \
-            nfs-common \
-            ninja-build \
-            numad \
-            open-iscsi \
-            perl-base \
-            pkgconf \
-            policykit-1 \
-            python3 \
-            python3-docutils \
-            qemu-utils \
-            scrub \
-            sed \
-            xsltproc && \
+                      augeas-lenses \
+                      augeas-tools \
+                      bash-completion \
+                      ca-certificates \
+                      ccache \
+                      codespell \
+                      cpp \
+                      diffutils \
+                      dwarves \
+                      ebtables \
+                      flake8 \
+                      gettext \
+                      git \
+                      grep \
+                      iproute2 \
+                      iptables \
+                      kmod \
+                      libc-dev-bin \
+                      libxml2-utils \
+                      locales \
+                      lvm2 \
+                      make \
+                      meson \
+                      nfs-common \
+                      ninja-build \
+                      numad \
+                      open-iscsi \
+                      perl-base \
+                      pkgconf \
+                      policykit-1 \
+                      python3 \
+                      python3-docutils \
+                      qemu-utils \
+                      scrub \
+                      sed \
+                      xsltproc && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen && \
    dpkg-reconfigure locales

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"

 RUN export DEBIAN_FRONTEND=noninteractive && \
    dpkg --add-architecture arm64 && \
@ -64,40 +64,40 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y dpkg-dev && \
    eatmydata apt-get install --no-install-recommends -y \
-            gcc-aarch64-linux-gnu \
-            libacl1-dev:arm64 \
-            libapparmor-dev:arm64 \
-            libattr1-dev:arm64 \
-            libaudit-dev:arm64 \
-            libblkid-dev:arm64 \
-            libc6-dev:arm64 \
-            libcap-ng-dev:arm64 \
-            libcurl4-gnutls-dev:arm64 \
-            libdevmapper-dev:arm64 \
-            libfuse-dev:arm64 \
-            libglib2.0-dev:arm64 \
-            libglusterfs-dev:arm64 \
-            libgnutls28-dev:arm64 \
-            libiscsi-dev:arm64 \
-            libnl-3-dev:arm64 \
-            libnl-route-3-dev:arm64 \
-            libnuma-dev:arm64 \
-            libparted-dev:arm64 \
-            libpcap0.8-dev:arm64 \
-            libpciaccess-dev:arm64 \
-            librbd-dev:arm64 \
-            libreadline-dev:arm64 \
-            libsanlock-dev:arm64 \
-            libsasl2-dev:arm64 \
-            libselinux1-dev:arm64 \
-            libssh-gcrypt-dev:arm64 \
-            libssh2-1-dev:arm64 \
-            libtirpc-dev:arm64 \
-            libudev-dev:arm64 \
-            libxen-dev:arm64 \
-            libxml2-dev:arm64 \
-            libyajl-dev:arm64 \
-            systemtap-sdt-dev:arm64 && \
+                      gcc-aarch64-linux-gnu \
+                      libacl1-dev:arm64 \
+                      libapparmor-dev:arm64 \
+                      libattr1-dev:arm64 \
+                      libaudit-dev:arm64 \
+                      libblkid-dev:arm64 \
+                      libc6-dev:arm64 \
+                      libcap-ng-dev:arm64 \
+                      libcurl4-gnutls-dev:arm64 \
+                      libdevmapper-dev:arm64 \
+                      libfuse-dev:arm64 \
+                      libglib2.0-dev:arm64 \
+                      libglusterfs-dev:arm64 \
+                      libgnutls28-dev:arm64 \
+                      libiscsi-dev:arm64 \
+                      libnl-3-dev:arm64 \
+                      libnl-route-3-dev:arm64 \
+                      libnuma-dev:arm64 \
+                      libparted-dev:arm64 \
+                      libpcap0.8-dev:arm64 \
+                      libpciaccess-dev:arm64 \
+                      librbd-dev:arm64 \
+                      libreadline-dev:arm64 \
+                      libsanlock-dev:arm64 \
+                      libsasl2-dev:arm64 \
+                      libselinux1-dev:arm64 \
+                      libssh-gcrypt-dev:arm64 \
+                      libssh2-1-dev:arm64 \
+                      libtirpc-dev:arm64 \
+                      libudev-dev:arm64 \
+                      libxen-dev:arm64 \
+                      libxml2-dev:arm64 \
+                      libyajl-dev:arm64 \
+                      systemtap-sdt-dev:arm64 && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    mkdir -p /usr/local/share/meson/cross && \
--- a/ci/containers/debian-sid-cross-armv6l.Dockerfile
+++ b/ci/containers/debian-sid-cross-armv6l.Dockerfile
@ -11,52 +11,52 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    apt-get install -y eatmydata && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y \
-            augeas-lenses \
-            augeas-tools \
-            bash-completion \
-            ca-certificates \
-            ccache \
-            codespell \
-            cpp \
-            diffutils \
-            dwarves \
-            ebtables \
-            flake8 \
-            gettext \
-            git \
-            grep \
-            iproute2 \
-            iptables \
-            kmod \
-            libc-dev-bin \
-            libxml2-utils \
-            locales \
-            lvm2 \
-            make \
-            meson \
-            nfs-common \
-            ninja-build \
-            numad \
-            open-iscsi \
-            perl-base \
-            pkgconf \
-            policykit-1 \
-            python3 \
-            python3-docutils \
-            qemu-utils \
-            scrub \
-            sed \
-            xsltproc && \
+                      augeas-lenses \
+                      augeas-tools \
+                      bash-completion \
+                      ca-certificates \
+                      ccache \
+                      codespell \
+                      cpp \
+                      diffutils \
+                      dwarves \
+                      ebtables \
+                      flake8 \
+                      gettext \
+                      git \
+                      grep \
+                      iproute2 \
+                      iptables \
+                      kmod \
+                      libc-dev-bin \
+                      libxml2-utils \
+                      locales \
+                      lvm2 \
+                      make \
+                      meson \
+                      nfs-common \
+                      ninja-build \
+                      numad \
+                      open-iscsi \
+                      perl-base \
+                      pkgconf \
+                      policykit-1 \
+                      python3 \
+                      python3-docutils \
+                      qemu-utils \
+                      scrub \
+                      sed \
+                      xsltproc && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen && \
    dpkg-reconfigure locales

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"

 RUN export DEBIAN_FRONTEND=noninteractive && \
    dpkg --add-architecture armel && \
@ -64,39 +64,39 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y dpkg-dev && \
    eatmydata apt-get install --no-install-recommends -y \
-            gcc-arm-linux-gnueabi \
-            libacl1-dev:armel \
-            libapparmor-dev:armel \
-            libattr1-dev:armel \
-            libaudit-dev:armel \
-            libblkid-dev:armel \
-            libc6-dev:armel \
-            libcap-ng-dev:armel \
-            libcurl4-gnutls-dev:armel \
-            libdevmapper-dev:armel \
-            libfuse-dev:armel \
-            libglib2.0-dev:armel \
-            libglusterfs-dev:armel \
-            libgnutls28-dev:armel \
-            libiscsi-dev:armel \
-            libnl-3-dev:armel \
-            libnl-route-3-dev:armel \
-            libnuma-dev:armel \
-            libparted-dev:armel \
-            libpcap0.8-dev:armel \
-            libpciaccess-dev:armel \
-            librbd-dev:armel \
-            libreadline-dev:armel \
-            libsanlock-dev:armel \
-            libsasl2-dev:armel \
-            libselinux1-dev:armel \
-            libssh-gcrypt-dev:armel \
-            libssh2-1-dev:armel \
-            libtirpc-dev:armel \
-            libudev-dev:armel \
-            libxml2-dev:armel \
-            libyajl-dev:armel \
-            systemtap-sdt-dev:armel && \
+                      gcc-arm-linux-gnueabi \
+                      libacl1-dev:armel \
+                      libapparmor-dev:armel \
+                      libattr1-dev:armel \
+                      libaudit-dev:armel \
+                      libblkid-dev:armel \
+                      libc6-dev:armel \
+                      libcap-ng-dev:armel \
+                      libcurl4-gnutls-dev:armel \
+                      libdevmapper-dev:armel \
+                      libfuse-dev:armel \
+                      libglib2.0-dev:armel \
+                      libglusterfs-dev:armel \
+                      libgnutls28-dev:armel \
+                      libiscsi-dev:armel \
+                      libnl-3-dev:armel \
+                      libnl-route-3-dev:armel \
+                      libnuma-dev:armel \
+                      libparted-dev:armel \
+                      libpcap0.8-dev:armel \
+                      libpciaccess-dev:armel \
+                      librbd-dev:armel \
+                      libreadline-dev:armel \
+                      libsanlock-dev:armel \
+                      libsasl2-dev:armel \
+                      libselinux1-dev:armel \
+                      libssh-gcrypt-dev:armel \
+                      libssh2-1-dev:armel \
+                      libtirpc-dev:armel \
+                      libudev-dev:armel \
+                      libxml2-dev:armel \
+                      libyajl-dev:armel \
+                      systemtap-sdt-dev:armel && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    mkdir -p /usr/local/share/meson/cross && \
--- a/ci/containers/debian-sid-cross-armv7l.Dockerfile
+++ b/ci/containers/debian-sid-cross-armv7l.Dockerfile
@ -11,52 +11,52 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    apt-get install -y eatmydata && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y \
-            augeas-lenses \
-            augeas-tools \
-            bash-completion \
-            ca-certificates \
-            ccache \
-            codespell \
-            cpp \
-            diffutils \
-            dwarves \
-            ebtables \
-            flake8 \
-            gettext \
-            git \
-            grep \
-            iproute2 \
-            iptables \
-            kmod \
-            libc-dev-bin \
-            libxml2-utils \
-            locales \
-            lvm2 \
-            make \
-            meson \
-            nfs-common \
-            ninja-build \
-            numad \
-            open-iscsi \
-            perl-base \
-            pkgconf \
-            policykit-1 \
-            python3 \
-            python3-docutils \
-            qemu-utils \
-            scrub \
-            sed \
-            xsltproc && \
+                      augeas-lenses \
+                      augeas-tools \
+                      bash-completion \
+                      ca-certificates \
+                      ccache \
+                      codespell \
+                      cpp \
+                      diffutils \
+                      dwarves \
+                      ebtables \
+                      flake8 \
+                      gettext \
+                      git \
+                      grep \
+                      iproute2 \
+                      iptables \
+                      kmod \
+                      libc-dev-bin \
+                      libxml2-utils \
+                      locales \
+                      lvm2 \
+                      make \
+                      meson \
+                      nfs-common \
+                      ninja-build \
+                      numad \
+                      open-iscsi \
+                      perl-base \
+                      pkgconf \
+                      policykit-1 \
+                      python3 \
+                      python3-docutils \
+                      qemu-utils \
+                      scrub \
+                      sed \
+                      xsltproc && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen && \
    dpkg-reconfigure locales

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"

 RUN export DEBIAN_FRONTEND=noninteractive && \
    dpkg --add-architecture armhf && \
@ -64,40 +64,40 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y dpkg-dev && \
    eatmydata apt-get install --no-install-recommends -y \
-            gcc-arm-linux-gnueabihf \
-            libacl1-dev:armhf \
-            libapparmor-dev:armhf \
-            libattr1-dev:armhf \
-            libaudit-dev:armhf \
-            libblkid-dev:armhf \
-            libc6-dev:armhf \
-            libcap-ng-dev:armhf \
-            libcurl4-gnutls-dev:armhf \
-            libdevmapper-dev:armhf \
-            libfuse-dev:armhf \
-            libglib2.0-dev:armhf \
-            libglusterfs-dev:armhf \
-            libgnutls28-dev:armhf \
-            libiscsi-dev:armhf \
-            libnl-3-dev:armhf \
-            libnl-route-3-dev:armhf \
-            libnuma-dev:armhf \
-            libparted-dev:armhf \
-            libpcap0.8-dev:armhf \
-            libpciaccess-dev:armhf \
-            librbd-dev:armhf \
-            libreadline-dev:armhf \
-            libsanlock-dev:armhf \
-            libsasl2-dev:armhf \
-            libselinux1-dev:armhf \
-            libssh-gcrypt-dev:armhf \
-            libssh2-1-dev:armhf \
-            libtirpc-dev:armhf \
-            libudev-dev:armhf \
-            libxen-dev:armhf \
-            libxml2-dev:armhf \
-            libyajl-dev:armhf \
-            systemtap-sdt-dev:armhf && \
+                      gcc-arm-linux-gnueabihf \
+                      libacl1-dev:armhf \
+                      libapparmor-dev:armhf \
+                      libattr1-dev:armhf \
+                      libaudit-dev:armhf \
+                      libblkid-dev:armhf \
+                      libc6-dev:armhf \
+                      libcap-ng-dev:armhf \
+                      libcurl4-gnutls-dev:armhf \
+                      libdevmapper-dev:armhf \
+                      libfuse-dev:armhf \
+                      libglib2.0-dev:armhf \
+                      libglusterfs-dev:armhf \
+                      libgnutls28-dev:armhf \
+                      libiscsi-dev:armhf \
+                      libnl-3-dev:armhf \
+                      libnl-route-3-dev:armhf \
+                      libnuma-dev:armhf \
+                      libparted-dev:armhf \
+                      libpcap0.8-dev:armhf \
+                      libpciaccess-dev:armhf \
+                      librbd-dev:armhf \
+                      libreadline-dev:armhf \
+                      libsanlock-dev:armhf \
+                      libsasl2-dev:armhf \
+                      libselinux1-dev:armhf \
+                      libssh-gcrypt-dev:armhf \
+                      libssh2-1-dev:armhf \
+                      libtirpc-dev:armhf \
+                      libudev-dev:armhf \
+                      libxen-dev:armhf \
+                      libxml2-dev:armhf \
+                      libyajl-dev:armhf \
+                      systemtap-sdt-dev:armhf && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    mkdir -p /usr/local/share/meson/cross && \
--- a/ci/containers/debian-sid-cross-i686.Dockerfile
+++ b/ci/containers/debian-sid-cross-i686.Dockerfile
@ -11,52 +11,52 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    apt-get install -y eatmydata && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y \
-            augeas-lenses \
-            augeas-tools \
-            bash-completion \
-            ca-certificates \
-            ccache \
-            codespell \
-            cpp \
-            diffutils \
-            dwarves \
-            ebtables \
-            flake8 \
-            gettext \
-            git \
-            grep \
-            iproute2 \
-            iptables \
-            kmod \
-            libc-dev-bin \
-            libxml2-utils \
-            locales \
-            lvm2 \
-            make \
-            meson \
-            nfs-common \
-            ninja-build \
-            numad \
-            open-iscsi \
-            perl-base \
-            pkgconf \
-            policykit-1 \
-            python3 \
-            python3-docutils \
-            qemu-utils \
-            scrub \
-            sed \
-            xsltproc && \
+                      augeas-lenses \
+                      augeas-tools \
+                      bash-completion \
+                      ca-certificates \
+                      ccache \
+                      codespell \
+                      cpp \
+                      diffutils \
+                      dwarves \
+                      ebtables \
+                      flake8 \
+                      gettext \
+                      git \
+                      grep \
+                      iproute2 \
+                      iptables \
+                      kmod \
+                      libc-dev-bin \
+                      libxml2-utils \
+                      locales \
+                      lvm2 \
+                      make \
+                      meson \
+                      nfs-common \
+                      ninja-build \
+                      numad \
+                      open-iscsi \
+                      perl-base \
+                      pkgconf \
+                      policykit-1 \
+                      python3 \
+                      python3-docutils \
+                      qemu-utils \
+                      scrub \
+                      sed \
+                      xsltproc && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen && \
    dpkg-reconfigure locales

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"

 RUN export DEBIAN_FRONTEND=noninteractive && \
    dpkg --add-architecture i386 && \
@ -64,39 +64,39 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y dpkg-dev && \
    eatmydata apt-get install --no-install-recommends -y \
-            gcc-i686-linux-gnu \
-            libacl1-dev:i386 \
-            libapparmor-dev:i386 \
-            libattr1-dev:i386 \
-            libaudit-dev:i386 \
-            libblkid-dev:i386 \
-            libc6-dev:i386 \
-            libcap-ng-dev:i386 \
-            libcurl4-gnutls-dev:i386 \
-            libdevmapper-dev:i386 \
-            libfuse-dev:i386 \
-            libglib2.0-dev:i386 \
-            libglusterfs-dev:i386 \
-            libgnutls28-dev:i386 \
-            libiscsi-dev:i386 \
-            libnl-3-dev:i386 \
-            libnl-route-3-dev:i386 \
-            libnuma-dev:i386 \
-            libparted-dev:i386 \
-            libpcap0.8-dev:i386 \
-            libpciaccess-dev:i386 \
-            librbd-dev:i386 \
-            libreadline-dev:i386 \
-            libsanlock-dev:i386 \
-            libsasl2-dev:i386 \
-            libselinux1-dev:i386 \
-            libssh-gcrypt-dev:i386 \
-            libssh2-1-dev:i386 \
-            libtirpc-dev:i386 \
-            libudev-dev:i386 \
-            libxml2-dev:i386 \
-            libyajl-dev:i386 \
-            systemtap-sdt-dev:i386 && \
+                      gcc-i686-linux-gnu \
+                      libacl1-dev:i386 \
+                      libapparmor-dev:i386 \
+                      libattr1-dev:i386 \
+                      libaudit-dev:i386 \
+                      libblkid-dev:i386 \
+                      libc6-dev:i386 \
+                      libcap-ng-dev:i386 \
+                      libcurl4-gnutls-dev:i386 \
+                      libdevmapper-dev:i386 \
+                      libfuse-dev:i386 \
+                      libglib2.0-dev:i386 \
+                      libglusterfs-dev:i386 \
+                      libgnutls28-dev:i386 \
+                      libiscsi-dev:i386 \
+                      libnl-3-dev:i386 \
+                      libnl-route-3-dev:i386 \
+                      libnuma-dev:i386 \
+                      libparted-dev:i386 \
+                      libpcap0.8-dev:i386 \
+                      libpciaccess-dev:i386 \
+                      librbd-dev:i386 \
+                      libreadline-dev:i386 \
+                      libsanlock-dev:i386 \
+                      libsasl2-dev:i386 \
+                      libselinux1-dev:i386 \
+                      libssh-gcrypt-dev:i386 \
+                      libssh2-1-dev:i386 \
+                      libtirpc-dev:i386 \
+                      libudev-dev:i386 \
+                      libxml2-dev:i386 \
+                      libyajl-dev:i386 \
+                      systemtap-sdt-dev:i386 && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    mkdir -p /usr/local/share/meson/cross && \
--- a/ci/containers/debian-sid-cross-mips64el.Dockerfile
+++ b/ci/containers/debian-sid-cross-mips64el.Dockerfile
@ -11,52 +11,52 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    apt-get install -y eatmydata && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y \
-            augeas-lenses \
-            augeas-tools \
-            bash-completion \
-            ca-certificates \
-            ccache \
-            codespell \
-            cpp \
-            diffutils \
-            dwarves \
-            ebtables \
-            flake8 \
-            gettext \
-            git \
-            grep \
-            iproute2 \
-            iptables \
-            kmod \
-            libc-dev-bin \
-            libxml2-utils \
-            locales \
-            lvm2 \
-            make \
-            meson \
-            nfs-common \
-            ninja-build \
-            numad \
-            open-iscsi \
-            perl-base \
-            pkgconf \
-            policykit-1 \
-            python3 \
-            python3-docutils \
-            qemu-utils \
-            scrub \
-            sed \
-            xsltproc && \
+                      augeas-lenses \
+                      augeas-tools \
+                      bash-completion \
+                      ca-certificates \
+                      ccache \
+                      codespell \
+                      cpp \
+                      diffutils \
+                      dwarves \
+                      ebtables \
+                      flake8 \
+                      gettext \
+                      git \
+                      grep \
+                      iproute2 \
+                      iptables \
+                      kmod \
+                      libc-dev-bin \
+                      libxml2-utils \
+                      locales \
+                      lvm2 \
+                      make \
+                      meson \
+                      nfs-common \
+                      ninja-build \
+                      numad \
+                      open-iscsi \
+                      perl-base \
+                      pkgconf \
+                      policykit-1 \
+                      python3 \
+                      python3-docutils \
+                      qemu-utils \
+                      scrub \
+                      sed \
+                      xsltproc && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen && \
    dpkg-reconfigure locales

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"

 RUN export DEBIAN_FRONTEND=noninteractive && \
    dpkg --add-architecture mips64el && \
@ -64,39 +64,39 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y dpkg-dev && \
    eatmydata apt-get install --no-install-recommends -y \
-            gcc-mips64el-linux-gnuabi64 \
-            libacl1-dev:mips64el \
-            libapparmor-dev:mips64el \
-            libattr1-dev:mips64el \
-            libaudit-dev:mips64el \
-            libblkid-dev:mips64el \
-            libc6-dev:mips64el \
-            libcap-ng-dev:mips64el \
-            libcurl4-gnutls-dev:mips64el \
-            libdevmapper-dev:mips64el \
-            libfuse-dev:mips64el \
-            libglib2.0-dev:mips64el \
-            libglusterfs-dev:mips64el \
-            libgnutls28-dev:mips64el \
-            libiscsi-dev:mips64el \
-            libnl-3-dev:mips64el \
-            libnl-route-3-dev:mips64el \
-            libnuma-dev:mips64el \
-            libparted-dev:mips64el \
-            libpcap0.8-dev:mips64el \
-            libpciaccess-dev:mips64el \
-            librbd-dev:mips64el \
-            libreadline-dev:mips64el \
-            libsanlock-dev:mips64el \
-            libsasl2-dev:mips64el \
-            libselinux1-dev:mips64el \
-            libssh-gcrypt-dev:mips64el \
-            libssh2-1-dev:mips64el \
-            libtirpc-dev:mips64el \
-            libudev-dev:mips64el \
-            libxml2-dev:mips64el \
-            libyajl-dev:mips64el \
-            systemtap-sdt-dev:mips64el && \
+                      gcc-mips64el-linux-gnuabi64 \
+                      libacl1-dev:mips64el \
+                      libapparmor-dev:mips64el \
+                      libattr1-dev:mips64el \
+                      libaudit-dev:mips64el \
+                      libblkid-dev:mips64el \
+                      libc6-dev:mips64el \
+                      libcap-ng-dev:mips64el \
+                      libcurl4-gnutls-dev:mips64el \
+                      libdevmapper-dev:mips64el \
+                      libfuse-dev:mips64el \
+                      libglib2.0-dev:mips64el \
+                      libglusterfs-dev:mips64el \
+                      libgnutls28-dev:mips64el \
+                      libiscsi-dev:mips64el \
+                      libnl-3-dev:mips64el \
+                      libnl-route-3-dev:mips64el \
+                      libnuma-dev:mips64el \
+                      libparted-dev:mips64el \
+                      libpcap0.8-dev:mips64el \
+                      libpciaccess-dev:mips64el \
+                      librbd-dev:mips64el \
+                      libreadline-dev:mips64el \
+                      libsanlock-dev:mips64el \
+                      libsasl2-dev:mips64el \
+                      libselinux1-dev:mips64el \
+                      libssh-gcrypt-dev:mips64el \
+                      libssh2-1-dev:mips64el \
+                      libtirpc-dev:mips64el \
+                      libudev-dev:mips64el \
+                      libxml2-dev:mips64el \
+                      libyajl-dev:mips64el \
+                      systemtap-sdt-dev:mips64el && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    mkdir -p /usr/local/share/meson/cross && \
--- a/ci/containers/debian-sid-cross-mipsel.Dockerfile
+++ b/ci/containers/debian-sid-cross-mipsel.Dockerfile
@ -11,52 +11,52 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    apt-get install -y eatmydata && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y \
-            augeas-lenses \
-            augeas-tools \
-            bash-completion \
-            ca-certificates \
-            ccache \
-            codespell \
-            cpp \
-            diffutils \
-            dwarves \
-            ebtables \
-            flake8 \
-            gettext \
-            git \
-            grep \
-            iproute2 \
-            iptables \
-            kmod \
-            libc-dev-bin \
-            libxml2-utils \
-            locales \
-            lvm2 \
-            make \
-            meson \
-            nfs-common \
-            ninja-build \
-            numad \
-            open-iscsi \
-            perl-base \
-            pkgconf \
-            policykit-1 \
-            python3 \
-            python3-docutils \
-            qemu-utils \
-            scrub \
-            sed \
-            xsltproc && \
+                      augeas-lenses \
+                      augeas-tools \
+                      bash-completion \
+                      ca-certificates \
+                      ccache \
+                      codespell \
+                      cpp \
+                      diffutils \
+                      dwarves \
+                      ebtables \
+                      flake8 \
+                      gettext \
+                      git \
+                      grep \
+                      iproute2 \
+                      iptables \
+                      kmod \
+                      libc-dev-bin \
+                      libxml2-utils \
+                      locales \
+                      lvm2 \
+                      make \
+                      meson \
+                      nfs-common \
+                      ninja-build \
+                      numad \
+                      open-iscsi \
+                      perl-base \
+                      pkgconf \
+                      policykit-1 \
+                      python3 \
+                      python3-docutils \
+                      qemu-utils \
+                      scrub \
+                      sed \
+                      xsltproc && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen && \
    dpkg-reconfigure locales

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"

 RUN export DEBIAN_FRONTEND=noninteractive && \
    dpkg --add-architecture mipsel && \
@ -64,39 +64,39 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y dpkg-dev && \
    eatmydata apt-get install --no-install-recommends -y \
-            gcc-mipsel-linux-gnu \
-            libacl1-dev:mipsel \
-            libapparmor-dev:mipsel \
-            libattr1-dev:mipsel \
-            libaudit-dev:mipsel \
-            libblkid-dev:mipsel \
-            libc6-dev:mipsel \
-            libcap-ng-dev:mipsel \
-            libcurl4-gnutls-dev:mipsel \
-            libdevmapper-dev:mipsel \
-            libfuse-dev:mipsel \
-            libglib2.0-dev:mipsel \
-            libglusterfs-dev:mipsel \
-            libgnutls28-dev:mipsel \
-            libiscsi-dev:mipsel \
-            libnl-3-dev:mipsel \
-            libnl-route-3-dev:mipsel \
-            libnuma-dev:mipsel \
-            libparted-dev:mipsel \
-            libpcap0.8-dev:mipsel \
-            libpciaccess-dev:mipsel \
-            librbd-dev:mipsel \
-            libreadline-dev:mipsel \
-            libsanlock-dev:mipsel \
-            libsasl2-dev:mipsel \
-            libselinux1-dev:mipsel \
-            libssh-gcrypt-dev:mipsel \
-            libssh2-1-dev:mipsel \
-            libtirpc-dev:mipsel \
-            libudev-dev:mipsel \
-            libxml2-dev:mipsel \
-            libyajl-dev:mipsel \
-            systemtap-sdt-dev:mipsel && \
+                      gcc-mipsel-linux-gnu \
+                      libacl1-dev:mipsel \
+                      libapparmor-dev:mipsel \
+                      libattr1-dev:mipsel \
+                      libaudit-dev:mipsel \
+                      libblkid-dev:mipsel \
+                      libc6-dev:mipsel \
+                      libcap-ng-dev:mipsel \
+                      libcurl4-gnutls-dev:mipsel \
+                      libdevmapper-dev:mipsel \
+                      libfuse-dev:mipsel \
+                      libglib2.0-dev:mipsel \
+                      libglusterfs-dev:mipsel \
+                      libgnutls28-dev:mipsel \
+                      libiscsi-dev:mipsel \
+                      libnl-3-dev:mipsel \
+                      libnl-route-3-dev:mipsel \
+                      libnuma-dev:mipsel \
+                      libparted-dev:mipsel \
+                      libpcap0.8-dev:mipsel \
+                      libpciaccess-dev:mipsel \
+                      librbd-dev:mipsel \
+                      libreadline-dev:mipsel \
+                      libsanlock-dev:mipsel \
+                      libsasl2-dev:mipsel \
+                      libselinux1-dev:mipsel \
+                      libssh-gcrypt-dev:mipsel \
+                      libssh2-1-dev:mipsel \
+                      libtirpc-dev:mipsel \
+                      libudev-dev:mipsel \
+                      libxml2-dev:mipsel \
+                      libyajl-dev:mipsel \
+                      systemtap-sdt-dev:mipsel && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    mkdir -p /usr/local/share/meson/cross && \
--- a/ci/containers/debian-sid-cross-ppc64le.Dockerfile
+++ b/ci/containers/debian-sid-cross-ppc64le.Dockerfile
@ -11,52 +11,52 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    apt-get install -y eatmydata && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y \
-            augeas-lenses \
-            augeas-tools \
-            bash-completion \
-            ca-certificates \
-            ccache \
-            codespell \
-            cpp \
-            diffutils \
-            dwarves \
-            ebtables \
-            flake8 \
-            gettext \
-            git \
-            grep \
-            iproute2 \
-            iptables \
-            kmod \
-            libc-dev-bin \
-            libxml2-utils \
-            locales \
-            lvm2 \
-            make \
-            meson \
-            nfs-common \
-            ninja-build \
-            numad \
-            open-iscsi \
-            perl-base \
-            pkgconf \
-            policykit-1 \
-            python3 \
-            python3-docutils \
-            qemu-utils \
-            scrub \
-            sed \
-            xsltproc && \
+                      augeas-lenses \
+                      augeas-tools \
+                      bash-completion \
+                      ca-certificates \
+                      ccache \
+                      codespell \
+                      cpp \
+                      diffutils \
+                      dwarves \
+                      ebtables \
+                      flake8 \
+                      gettext \
+                      git \
+                      grep \
+                      iproute2 \
+                      iptables \
+                      kmod \
+                      libc-dev-bin \
+                      libxml2-utils \
+                      locales \
+                      lvm2 \
+                      make \
+                      meson \
+                      nfs-common \
+                      ninja-build \
+                      numad \
+                      open-iscsi \
+                      perl-base \
+                      pkgconf \
+                      policykit-1 \
+                      python3 \
+                      python3-docutils \
+                      qemu-utils \
+                      scrub \
+                      sed \
+                      xsltproc && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen && \
    dpkg-reconfigure locales

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"

 RUN export DEBIAN_FRONTEND=noninteractive && \
    dpkg --add-architecture ppc64el && \
@ -64,39 +64,39 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y dpkg-dev && \
    eatmydata apt-get install --no-install-recommends -y \
-            gcc-powerpc64le-linux-gnu \
-            libacl1-dev:ppc64el \
-            libapparmor-dev:ppc64el \
-            libattr1-dev:ppc64el \
-            libaudit-dev:ppc64el \
-            libblkid-dev:ppc64el \
-            libc6-dev:ppc64el \
-            libcap-ng-dev:ppc64el \
-            libcurl4-gnutls-dev:ppc64el \
-            libdevmapper-dev:ppc64el \
-            libfuse-dev:ppc64el \
-            libglib2.0-dev:ppc64el \
-            libglusterfs-dev:ppc64el \
-            libgnutls28-dev:ppc64el \
-            libiscsi-dev:ppc64el \
-            libnl-3-dev:ppc64el \
-            libnl-route-3-dev:ppc64el \
-            libnuma-dev:ppc64el \
-            libparted-dev:ppc64el \
-            libpcap0.8-dev:ppc64el \
-            libpciaccess-dev:ppc64el \
-            librbd-dev:ppc64el \
-            libreadline-dev:ppc64el \
-            libsanlock-dev:ppc64el \
-            libsasl2-dev:ppc64el \
-            libselinux1-dev:ppc64el \
-            libssh-gcrypt-dev:ppc64el \
-            libssh2-1-dev:ppc64el \
-            libtirpc-dev:ppc64el \
-            libudev-dev:ppc64el \
-            libxml2-dev:ppc64el \
-            libyajl-dev:ppc64el \
-            systemtap-sdt-dev:ppc64el && \
+                      gcc-powerpc64le-linux-gnu \
+                      libacl1-dev:ppc64el \
+                      libapparmor-dev:ppc64el \
+                      libattr1-dev:ppc64el \
+                      libaudit-dev:ppc64el \
+                      libblkid-dev:ppc64el \
+                      libc6-dev:ppc64el \
+                      libcap-ng-dev:ppc64el \
+                      libcurl4-gnutls-dev:ppc64el \
+                      libdevmapper-dev:ppc64el \
+                      libfuse-dev:ppc64el \
+                      libglib2.0-dev:ppc64el \
+                      libglusterfs-dev:ppc64el \
+                      libgnutls28-dev:ppc64el \
+                      libiscsi-dev:ppc64el \
+                      libnl-3-dev:ppc64el \
+                      libnl-route-3-dev:ppc64el \
+                      libnuma-dev:ppc64el \
+                      libparted-dev:ppc64el \
+                      libpcap0.8-dev:ppc64el \
+                      libpciaccess-dev:ppc64el \
+                      librbd-dev:ppc64el \
+                      libreadline-dev:ppc64el \
+                      libsanlock-dev:ppc64el \
+                      libsasl2-dev:ppc64el \
+                      libselinux1-dev:ppc64el \
+                      libssh-gcrypt-dev:ppc64el \
+                      libssh2-1-dev:ppc64el \
+                      libtirpc-dev:ppc64el \
+                      libudev-dev:ppc64el \
+                      libxml2-dev:ppc64el \
+                      libyajl-dev:ppc64el \
+                      systemtap-sdt-dev:ppc64el && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    mkdir -p /usr/local/share/meson/cross && \
--- a/ci/containers/debian-sid-cross-s390x.Dockerfile
+++ b/ci/containers/debian-sid-cross-s390x.Dockerfile
@ -11,52 +11,52 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    apt-get install -y eatmydata && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y \
-            augeas-lenses \
-            augeas-tools \
-            bash-completion \
-            ca-certificates \
-            ccache \
-            codespell \
-            cpp \
-            diffutils \
-            dwarves \
-            ebtables \
-            flake8 \
-            gettext \
-            git \
-            grep \
-            iproute2 \
-            iptables \
-            kmod \
-            libc-dev-bin \
-            libxml2-utils \
-            locales \
-            lvm2 \
-            make \
-            meson \
-            nfs-common \
-            ninja-build \
-            numad \
-            open-iscsi \
-            perl-base \
-            pkgconf \
-            policykit-1 \
-            python3 \
-            python3-docutils \
-            qemu-utils \
-            scrub \
-            sed \
-            xsltproc && \
+                      augeas-lenses \
+                      augeas-tools \
+                      bash-completion \
+                      ca-certificates \
+                      ccache \
+                      codespell \
+                      cpp \
+                      diffutils \
+                      dwarves \
+                      ebtables \
+                      flake8 \
+                      gettext \
+                      git \
+                      grep \
+                      iproute2 \
+                      iptables \
+                      kmod \
+                      libc-dev-bin \
+                      libxml2-utils \
+                      locales \
+                      lvm2 \
+                      make \
+                      meson \
+                      nfs-common \
+                      ninja-build \
+                      numad \
+                      open-iscsi \
+                      perl-base \
+                      pkgconf \
+                      policykit-1 \
+                      python3 \
+                      python3-docutils \
+                      qemu-utils \
+                      scrub \
+                      sed \
+                      xsltproc && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen && \
    dpkg-reconfigure locales

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"

 RUN export DEBIAN_FRONTEND=noninteractive && \
    dpkg --add-architecture s390x && \
@ -64,39 +64,39 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y dpkg-dev && \
    eatmydata apt-get install --no-install-recommends -y \
-            gcc-s390x-linux-gnu \
-            libacl1-dev:s390x \
-            libapparmor-dev:s390x \
-            libattr1-dev:s390x \
-            libaudit-dev:s390x \
-            libblkid-dev:s390x \
-            libc6-dev:s390x \
-            libcap-ng-dev:s390x \
-            libcurl4-gnutls-dev:s390x \
-            libdevmapper-dev:s390x \
-            libfuse-dev:s390x \
-            libglib2.0-dev:s390x \
-            libglusterfs-dev:s390x \
-            libgnutls28-dev:s390x \
-            libiscsi-dev:s390x \
-            libnl-3-dev:s390x \
-            libnl-route-3-dev:s390x \
-            libnuma-dev:s390x \
-            libparted-dev:s390x \
-            libpcap0.8-dev:s390x \
-            libpciaccess-dev:s390x \
-            librbd-dev:s390x \
-            libreadline-dev:s390x \
-            libsanlock-dev:s390x \
-            libsasl2-dev:s390x \
-            libselinux1-dev:s390x \
-            libssh-gcrypt-dev:s390x \
-            libssh2-1-dev:s390x \
-            libtirpc-dev:s390x \
-            libudev-dev:s390x \
-            libxml2-dev:s390x \
-            libyajl-dev:s390x \
-            systemtap-sdt-dev:s390x && \
+                      gcc-s390x-linux-gnu \
+                      libacl1-dev:s390x \
+                      libapparmor-dev:s390x \
+                      libattr1-dev:s390x \
+                      libaudit-dev:s390x \
+                      libblkid-dev:s390x \
+                      libc6-dev:s390x \
+                      libcap-ng-dev:s390x \
+                      libcurl4-gnutls-dev:s390x \
+                      libdevmapper-dev:s390x \
+                      libfuse-dev:s390x \
+                      libglib2.0-dev:s390x \
+                      libglusterfs-dev:s390x \
+                      libgnutls28-dev:s390x \
+                      libiscsi-dev:s390x \
+                      libnl-3-dev:s390x \
+                      libnl-route-3-dev:s390x \
+                      libnuma-dev:s390x \
+                      libparted-dev:s390x \
+                      libpcap0.8-dev:s390x \
+                      libpciaccess-dev:s390x \
+                      librbd-dev:s390x \
+                      libreadline-dev:s390x \
+                      libsanlock-dev:s390x \
+                      libsasl2-dev:s390x \
+                      libselinux1-dev:s390x \
+                      libssh-gcrypt-dev:s390x \
+                      libssh2-1-dev:s390x \
+                      libtirpc-dev:s390x \
+                      libudev-dev:s390x \
+                      libxml2-dev:s390x \
+                      libyajl-dev:s390x \
+                      systemtap-sdt-dev:s390x && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    mkdir -p /usr/local/share/meson/cross && \
--- a/ci/containers/debian-sid.Dockerfile
+++ b/ci/containers/debian-sid.Dockerfile
@ -11,78 +11,78 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    apt-get install -y eatmydata && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y \
-            augeas-lenses \
-            augeas-tools \
-            bash-completion \
-            ca-certificates \
-            ccache \
-            clang \
-            codespell \
-            cpp \
-            diffutils \
-            dwarves \
-            ebtables \
-            flake8 \
-            gcc \
-            gettext \
-            git \
-            grep \
-            iproute2 \
-            iptables \
-            kmod \
-            libacl1-dev \
-            libapparmor-dev \
-            libattr1-dev \
-            libaudit-dev \
-            libblkid-dev \
-            libc-dev-bin \
-            libc6-dev \
-            libcap-ng-dev \
-            libcurl4-gnutls-dev \
-            libdevmapper-dev \
-            libfuse-dev \
-            libglib2.0-dev \
-            libglusterfs-dev \
-            libgnutls28-dev \
-            libiscsi-dev \
-            libnl-3-dev \
-            libnl-route-3-dev \
-            libnuma-dev \
-            libparted-dev \
-            libpcap0.8-dev \
-            libpciaccess-dev \
-            librbd-dev \
-            libreadline-dev \
-            libsanlock-dev \
-            libsasl2-dev \
-            libselinux1-dev \
-            libssh-gcrypt-dev \
-            libssh2-1-dev \
-            libtirpc-dev \
-            libudev-dev \
-            libxen-dev \
-            libxml2-dev \
-            libxml2-utils \
-            libyajl-dev \
-            locales \
-            lvm2 \
-            make \
-            meson \
-            nfs-common \
-            ninja-build \
-            numad \
-            open-iscsi \
-            perl-base \
-            pkgconf \
-            policykit-1 \
-            python3 \
-            python3-docutils \
-            qemu-utils \
-            scrub \
-            sed \
-            systemtap-sdt-dev \
-            wireshark-dev \
-            xsltproc && \
+                      augeas-lenses \
+                      augeas-tools \
+                      bash-completion \
+                      ca-certificates \
+                      ccache \
+                      clang \
+                      codespell \
+                      cpp \
+                      diffutils \
+                      dwarves \
+                      ebtables \
+                      flake8 \
+                      gcc \
+                      gettext \
+                      git \
+                      grep \
+                      iproute2 \
+                      iptables \
+                      kmod \
+                      libacl1-dev \
+                      libapparmor-dev \
+                      libattr1-dev \
+                      libaudit-dev \
+                      libblkid-dev \
+                      libc-dev-bin \
+                      libc6-dev \
+                      libcap-ng-dev \
+                      libcurl4-gnutls-dev \
+                      libdevmapper-dev \
+                      libfuse-dev \
+                      libglib2.0-dev \
+                      libglusterfs-dev \
+                      libgnutls28-dev \
+                      libiscsi-dev \
+                      libnl-3-dev \
+                      libnl-route-3-dev \
+                      libnuma-dev \
+                      libparted-dev \
+                      libpcap0.8-dev \
+                      libpciaccess-dev \
+                      librbd-dev \
+                      libreadline-dev \
+                      libsanlock-dev \
+                      libsasl2-dev \
+                      libselinux1-dev \
+                      libssh-gcrypt-dev \
+                      libssh2-1-dev \
+                      libtirpc-dev \
+                      libudev-dev \
+                      libxen-dev \
+                      libxml2-dev \
+                      libxml2-utils \
+                      libyajl-dev \
+                      locales \
+                      lvm2 \
+                      make \
+                      meson \
+                      nfs-common \
+                      ninja-build \
+                      numad \
+                      open-iscsi \
+                      perl-base \
+                      pkgconf \
+                      policykit-1 \
+                      python3 \
+                      python3-docutils \
+                      qemu-utils \
+                      scrub \
+                      sed \
+                      systemtap-sdt-dev \
+                      wireshark-dev \
+                      xsltproc && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen && \
@ -93,8 +93,8 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang && \
    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
--- a/ci/containers/fedora-35.Dockerfile
+++ b/ci/containers/fedora-35.Dockerfile
@ -18,82 +18,82 @@ exec "$@"' > /usr/bin/nosync && \
    chmod +x /usr/bin/nosync && \
    nosync dnf update -y && \
    nosync dnf install -y \
-        audit-libs-devel \
-        augeas \
-        bash-completion \
-        ca-certificates \
-        ccache \
-        clang \
-        codespell \
-        cpp \
-        cppi \
-        cyrus-sasl-devel \
-        device-mapper-devel \
-        diffutils \
-        dwarves \
-        ebtables \
-        firewalld-filesystem \
-        fuse-devel \
-        gcc \
-        gettext \
-        git \
-        glib2-devel \
-        glibc-devel \
-        glibc-langpack-en \
-        glusterfs-api-devel \
-        gnutls-devel \
-        grep \
-        iproute \
-        iproute-tc \
-        iptables \
-        iscsi-initiator-utils \
-        kmod \
-        libacl-devel \
-        libattr-devel \
-        libblkid-devel \
-        libcap-ng-devel \
-        libcurl-devel \
-        libiscsi-devel \
-        libnl3-devel \
-        libpcap-devel \
-        libpciaccess-devel \
-        librbd-devel \
-        libselinux-devel \
-        libssh-devel \
-        libssh2-devel \
-        libtirpc-devel \
-        libwsman-devel \
-        libxml2 \
-        libxml2-devel \
-        libxslt \
-        lvm2 \
-        make \
-        meson \
-        netcf-devel \
-        nfs-utils \
-        ninja-build \
-        numactl-devel \
-        numad \
-        parted-devel \
-        perl-base \
-        pkgconfig \
-        polkit \
-        python3 \
-        python3-docutils \
-        python3-flake8 \
-        qemu-img \
-        readline-devel \
-        rpcgen \
-        rpm-build \
-        sanlock-devel \
-        scrub \
-        sed \
-        sheepdog \
-        systemd-devel \
-        systemtap-sdt-devel \
-        wireshark-devel \
-        xen-devel \
-        yajl-devel && \
+               audit-libs-devel \
+               augeas \
+               bash-completion \
+               ca-certificates \
+               ccache \
+               clang \
+               codespell \
+               cpp \
+               cppi \
+               cyrus-sasl-devel \
+               device-mapper-devel \
+               diffutils \
+               dwarves \
+               ebtables \
+               firewalld-filesystem \
+               fuse-devel \
+               gcc \
+               gettext \
+               git \
+               glib2-devel \
+               glibc-devel \
+               glibc-langpack-en \
+               glusterfs-api-devel \
+               gnutls-devel \
+               grep \
+               iproute \
+               iproute-tc \
+               iptables \
+               iscsi-initiator-utils \
+               kmod \
+               libacl-devel \
+               libattr-devel \
+               libblkid-devel \
+               libcap-ng-devel \
+               libcurl-devel \
+               libiscsi-devel \
+               libnl3-devel \
+               libpcap-devel \
+               libpciaccess-devel \
+               librbd-devel \
+               libselinux-devel \
+               libssh-devel \
+               libssh2-devel \
+               libtirpc-devel \
+               libwsman-devel \
+               libxml2 \
+               libxml2-devel \
+               libxslt \
+               lvm2 \
+               make \
+               meson \
+               netcf-devel \
+               nfs-utils \
+               ninja-build \
+               numactl-devel \
+               numad \
+               parted-devel \
+               perl-base \
+               pkgconfig \
+               polkit \
+               python3 \
+               python3-docutils \
+               python3-flake8 \
+               qemu-img \
+               readline-devel \
+               rpcgen \
+               rpm-build \
+               sanlock-devel \
+               scrub \
+               sed \
+               systemd-devel \
+               systemd-rpm-macros \
+               systemtap-sdt-devel \
+               wireshark-devel \
+               xen-devel \
+               yajl-devel && \
    nosync dnf autoremove -y && \
    nosync dnf clean all -y && \
    rpm -qa | sort > /packages.txt && \
@ -102,8 +102,8 @@ exec "$@"' > /usr/bin/nosync && \
    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang && \
    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
--- a/ci/containers/fedora-36-cross-mingw32.Dockerfile
+++ b/ci/containers/fedora-36-cross-mingw32.Dockerfile
@ -18,66 +18,66 @@ exec "$@"' > /usr/bin/nosync && \
    chmod +x /usr/bin/nosync && \
    nosync dnf update -y && \
    nosync dnf install -y \
-        augeas \
-        bash-completion \
-        ca-certificates \
-        ccache \
-        codespell \
-        cpp \
-        cppi \
-        diffutils \
-        dwarves \
-        ebtables \
-        firewalld-filesystem \
-        git \
-        glibc-langpack-en \
-        grep \
-        iproute \
-        iproute-tc \
-        iptables \
-        iscsi-initiator-utils \
-        kmod \
-        libxml2 \
-        libxslt \
-        lvm2 \
-        make \
-        meson \
-        nfs-utils \
-        ninja-build \
-        numad \
-        perl-base \
-        polkit \
-        python3 \
-        python3-docutils \
-        python3-flake8 \
-        qemu-img \
-        rpcgen \
-        rpm-build \
-        scrub \
-        sed \
-        sheepdog && \
+               augeas \
+               bash-completion \
+               ca-certificates \
+               ccache \
+               codespell \
+               cpp \
+               cppi \
+               diffutils \
+               dwarves \
+               ebtables \
+               firewalld-filesystem \
+               git \
+               glibc-langpack-en \
+               grep \
+               iproute \
+               iproute-tc \
+               iptables \
+               iscsi-initiator-utils \
+               kmod \
+               libxml2 \
+               libxslt \
+               lvm2 \
+               make \
+               meson \
+               nfs-utils \
+               ninja-build \
+               numad \
+               perl-base \
+               polkit \
+               python3 \
+               python3-docutils \
+               python3-flake8 \
+               qemu-img \
+               rpcgen \
+               rpm-build \
+               scrub \
+               sed \
+               systemd-rpm-macros && \
    nosync dnf autoremove -y && \
    nosync dnf clean all -y

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"

 RUN nosync dnf install -y \
-        mingw32-curl \
-        mingw32-dlfcn \
-        mingw32-gcc \
-        mingw32-gettext \
-        mingw32-glib2 \
-        mingw32-gnutls \
-        mingw32-headers \
-        mingw32-libssh2 \
-        mingw32-libxml2 \
-        mingw32-pkg-config \
-        mingw32-portablexdr \
-        mingw32-readline && \
+               mingw32-curl \
+               mingw32-dlfcn \
+               mingw32-gcc \
+               mingw32-gettext \
+               mingw32-glib2 \
+               mingw32-gnutls \
+               mingw32-headers \
+               mingw32-libssh2 \
+               mingw32-libxml2 \
+               mingw32-pkg-config \
+               mingw32-portablexdr \
+               mingw32-readline && \
    nosync dnf clean all -y && \
    rpm -qa | sort > /packages.txt && \
    mkdir -p /usr/libexec/ccache-wrappers && \
--- a/ci/containers/fedora-36-cross-mingw64.Dockerfile
+++ b/ci/containers/fedora-36-cross-mingw64.Dockerfile
@ -18,66 +18,66 @@ exec "$@"' > /usr/bin/nosync && \
    chmod +x /usr/bin/nosync && \
    nosync dnf update -y && \
    nosync dnf install -y \
-        augeas \
-        bash-completion \
-        ca-certificates \
-        ccache \
-        codespell \
-        cpp \
-        cppi \
-        diffutils \
-        dwarves \
-        ebtables \
-        firewalld-filesystem \
-        git \
-        glibc-langpack-en \
-        grep \
-        iproute \
-        iproute-tc \
-        iptables \
-        iscsi-initiator-utils \
-        kmod \
-        libxml2 \
-        libxslt \
-        lvm2 \
-        make \
-        meson \
-        nfs-utils \
-        ninja-build \
-        numad \
-        perl-base \
-        polkit \
-        python3 \
-        python3-docutils \
-        python3-flake8 \
-        qemu-img \
-        rpcgen \
-        rpm-build \
-        scrub \
-        sed \
-        sheepdog && \
+               augeas \
+               bash-completion \
+               ca-certificates \
+               ccache \
+               codespell \
+               cpp \
+               cppi \
+               diffutils \
+               dwarves \
+               ebtables \
+               firewalld-filesystem \
+               git \
+               glibc-langpack-en \
+               grep \
+               iproute \
+               iproute-tc \
+               iptables \
+               iscsi-initiator-utils \
+               kmod \
+               libxml2 \
+               libxslt \
+               lvm2 \
+               make \
+               meson \
+               nfs-utils \
+               ninja-build \
+               numad \
+               perl-base \
+               polkit \
+               python3 \
+               python3-docutils \
+               python3-flake8 \
+               qemu-img \
+               rpcgen \
+               rpm-build \
+               scrub \
+               sed \
+               systemd-rpm-macros && \
    nosync dnf autoremove -y && \
    nosync dnf clean all -y

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"

 RUN nosync dnf install -y \
-        mingw64-curl \
-        mingw64-dlfcn \
-        mingw64-gcc \
-        mingw64-gettext \
-        mingw64-glib2 \
-        mingw64-gnutls \
-        mingw64-headers \
-        mingw64-libssh2 \
-        mingw64-libxml2 \
-        mingw64-pkg-config \
-        mingw64-portablexdr \
-        mingw64-readline && \
+               mingw64-curl \
+               mingw64-dlfcn \
+               mingw64-gcc \
+               mingw64-gettext \
+               mingw64-glib2 \
+               mingw64-gnutls \
+               mingw64-headers \
+               mingw64-libssh2 \
+               mingw64-libxml2 \
+               mingw64-pkg-config \
+               mingw64-portablexdr \
+               mingw64-readline && \
    nosync dnf clean all -y && \
    rpm -qa | sort > /packages.txt && \
    mkdir -p /usr/libexec/ccache-wrappers && \
--- a/ci/containers/fedora-36.Dockerfile
+++ b/ci/containers/fedora-36.Dockerfile
@ -18,81 +18,81 @@ exec "$@"' > /usr/bin/nosync && \
    chmod +x /usr/bin/nosync && \
    nosync dnf update -y && \
    nosync dnf install -y \
-        audit-libs-devel \
-        augeas \
-        bash-completion \
-        ca-certificates \
-        ccache \
-        clang \
-        codespell \
-        cpp \
-        cppi \
-        cyrus-sasl-devel \
-        device-mapper-devel \
-        diffutils \
-        dwarves \
-        ebtables \
-        firewalld-filesystem \
-        fuse-devel \
-        gcc \
-        gettext \
-        git \
-        glib2-devel \
-        glibc-devel \
-        glibc-langpack-en \
-        glusterfs-api-devel \
-        gnutls-devel \
-        grep \
-        iproute \
-        iproute-tc \
-        iptables \
-        iscsi-initiator-utils \
-        kmod \
-        libacl-devel \
-        libattr-devel \
-        libblkid-devel \
-        libcap-ng-devel \
-        libcurl-devel \
-        libiscsi-devel \
-        libnl3-devel \
-        libpcap-devel \
-        libpciaccess-devel \
-        librbd-devel \
-        libselinux-devel \
-        libssh-devel \
-        libssh2-devel \
-        libtirpc-devel \
-        libwsman-devel \
-        libxml2 \
-        libxml2-devel \
-        libxslt \
-        lvm2 \
-        make \
-        meson \
-        nfs-utils \
-        ninja-build \
-        numactl-devel \
-        numad \
-        parted-devel \
-        perl-base \
-        pkgconfig \
-        polkit \
-        python3 \
-        python3-docutils \
-        python3-flake8 \
-        qemu-img \
-        readline-devel \
-        rpcgen \
-        rpm-build \
-        sanlock-devel \
-        scrub \
-        sed \
-        sheepdog \
-        systemd-devel \
-        systemtap-sdt-devel \
-        wireshark-devel \
-        xen-devel \
-        yajl-devel && \
+               audit-libs-devel \
+               augeas \
+               bash-completion \
+               ca-certificates \
+               ccache \
+               clang \
+               codespell \
+               cpp \
+               cppi \
+               cyrus-sasl-devel \
+               device-mapper-devel \
+               diffutils \
+               dwarves \
+               ebtables \
+               firewalld-filesystem \
+               fuse-devel \
+               gcc \
+               gettext \
+               git \
+               glib2-devel \
+               glibc-devel \
+               glibc-langpack-en \
+               glusterfs-api-devel \
+               gnutls-devel \
+               grep \
+               iproute \
+               iproute-tc \
+               iptables \
+               iscsi-initiator-utils \
+               kmod \
+               libacl-devel \
+               libattr-devel \
+               libblkid-devel \
+               libcap-ng-devel \
+               libcurl-devel \
+               libiscsi-devel \
+               libnl3-devel \
+               libpcap-devel \
+               libpciaccess-devel \
+               librbd-devel \
+               libselinux-devel \
+               libssh-devel \
+               libssh2-devel \
+               libtirpc-devel \
+               libwsman-devel \
+               libxml2 \
+               libxml2-devel \
+               libxslt \
+               lvm2 \
+               make \
+               meson \
+               nfs-utils \
+               ninja-build \
+               numactl-devel \
+               numad \
+               parted-devel \
+               perl-base \
+               pkgconfig \
+               polkit \
+               python3 \
+               python3-docutils \
+               python3-flake8 \
+               qemu-img \
+               readline-devel \
+               rpcgen \
+               rpm-build \
+               sanlock-devel \
+               scrub \
+               sed \
+               systemd-devel \
+               systemd-rpm-macros \
+               systemtap-sdt-devel \
+               wireshark-devel \
+               xen-devel \
+               yajl-devel && \
    nosync dnf autoremove -y && \
    nosync dnf clean all -y && \
    rpm -qa | sort > /packages.txt && \
@ -101,8 +101,8 @@ exec "$@"' > /usr/bin/nosync && \
    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang && \
    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
--- a/ci/containers/fedora-rawhide-cross-mingw32.Dockerfile
+++ b/ci/containers/fedora-rawhide-cross-mingw32.Dockerfile
@ -19,66 +19,66 @@ exec "$@"' > /usr/bin/nosync && \
    chmod +x /usr/bin/nosync && \
    nosync dnf distro-sync -y && \
    nosync dnf install -y \
-        augeas \
-        bash-completion \
-        ca-certificates \
-        ccache \
-        codespell \
-        cpp \
-        cppi \
-        diffutils \
-        dwarves \
-        ebtables \
-        firewalld-filesystem \
-        git \
-        glibc-langpack-en \
-        grep \
-        iproute \
-        iproute-tc \
-        iptables \
-        iscsi-initiator-utils \
-        kmod \
-        libxml2 \
-        libxslt \
-        lvm2 \
-        make \
-        meson \
-        nfs-utils \
-        ninja-build \
-        numad \
-        perl-base \
-        polkit \
-        python3 \
-        python3-docutils \
-        python3-flake8 \
-        qemu-img \
-        rpcgen \
-        rpm-build \
-        scrub \
-        sed \
-        sheepdog && \
+               augeas \
+               bash-completion \
+               ca-certificates \
+               ccache \
+               codespell \
+               cpp \
+               cppi \
+               diffutils \
+               dwarves \
+               ebtables \
+               firewalld-filesystem \
+               git \
+               glibc-langpack-en \
+               grep \
+               iproute \
+               iproute-tc \
+               iptables \
+               iscsi-initiator-utils \
+               kmod \
+               libxml2 \
+               libxslt \
+               lvm2 \
+               make \
+               meson \
+               nfs-utils \
+               ninja-build \
+               numad \
+               perl-base \
+               polkit \
+               python3 \
+               python3-docutils \
+               python3-flake8 \
+               qemu-img \
+               rpcgen \
+               rpm-build \
+               scrub \
+               sed \
+               systemd-rpm-macros && \
    nosync dnf autoremove -y && \
    nosync dnf clean all -y

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"

 RUN nosync dnf install -y \
-        mingw32-curl \
-        mingw32-dlfcn \
-        mingw32-gcc \
-        mingw32-gettext \
-        mingw32-glib2 \
-        mingw32-gnutls \
-        mingw32-headers \
-        mingw32-libssh2 \
-        mingw32-libxml2 \
-        mingw32-pkg-config \
-        mingw32-portablexdr \
-        mingw32-readline && \
+               mingw32-curl \
+               mingw32-dlfcn \
+               mingw32-gcc \
+               mingw32-gettext \
+               mingw32-glib2 \
+               mingw32-gnutls \
+               mingw32-headers \
+               mingw32-libssh2 \
+               mingw32-libxml2 \
+               mingw32-pkg-config \
+               mingw32-portablexdr \
+               mingw32-readline && \
    nosync dnf clean all -y && \
    rpm -qa | sort > /packages.txt && \
    mkdir -p /usr/libexec/ccache-wrappers && \
--- a/ci/containers/fedora-rawhide-cross-mingw64.Dockerfile
+++ b/ci/containers/fedora-rawhide-cross-mingw64.Dockerfile
@ -19,66 +19,66 @@ exec "$@"' > /usr/bin/nosync && \
    chmod +x /usr/bin/nosync && \
    nosync dnf distro-sync -y && \
    nosync dnf install -y \
-        augeas \
-        bash-completion \
-        ca-certificates \
-        ccache \
-        codespell \
-        cpp \
-        cppi \
-        diffutils \
-        dwarves \
-        ebtables \
-        firewalld-filesystem \
-        git \
-        glibc-langpack-en \
-        grep \
-        iproute \
-        iproute-tc \
-        iptables \
-        iscsi-initiator-utils \
-        kmod \
-        libxml2 \
-        libxslt \
-        lvm2 \
-        make \
-        meson \
-        nfs-utils \
-        ninja-build \
-        numad \
-        perl-base \
-        polkit \
-        python3 \
-        python3-docutils \
-        python3-flake8 \
-        qemu-img \
-        rpcgen \
-        rpm-build \
-        scrub \
-        sed \
-        sheepdog && \
+               augeas \
+               bash-completion \
+               ca-certificates \
+               ccache \
+               codespell \
+               cpp \
+               cppi \
+               diffutils \
+               dwarves \
+               ebtables \
+               firewalld-filesystem \
+               git \
+               glibc-langpack-en \
+               grep \
+               iproute \
+               iproute-tc \
+               iptables \
+               iscsi-initiator-utils \
+               kmod \
+               libxml2 \
+               libxslt \
+               lvm2 \
+               make \
+               meson \
+               nfs-utils \
+               ninja-build \
+               numad \
+               perl-base \
+               polkit \
+               python3 \
+               python3-docutils \
+               python3-flake8 \
+               qemu-img \
+               rpcgen \
+               rpm-build \
+               scrub \
+               sed \
+               systemd-rpm-macros && \
    nosync dnf autoremove -y && \
    nosync dnf clean all -y

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"

 RUN nosync dnf install -y \
-        mingw64-curl \
-        mingw64-dlfcn \
-        mingw64-gcc \
-        mingw64-gettext \
-        mingw64-glib2 \
-        mingw64-gnutls \
-        mingw64-headers \
-        mingw64-libssh2 \
-        mingw64-libxml2 \
-        mingw64-pkg-config \
-        mingw64-portablexdr \
-        mingw64-readline && \
+               mingw64-curl \
+               mingw64-dlfcn \
+               mingw64-gcc \
+               mingw64-gettext \
+               mingw64-glib2 \
+               mingw64-gnutls \
+               mingw64-headers \
+               mingw64-libssh2 \
+               mingw64-libxml2 \
+               mingw64-pkg-config \
+               mingw64-portablexdr \
+               mingw64-readline && \
    nosync dnf clean all -y && \
    rpm -qa | sort > /packages.txt && \
    mkdir -p /usr/libexec/ccache-wrappers && \
--- a/ci/containers/fedora-rawhide.Dockerfile
+++ b/ci/containers/fedora-rawhide.Dockerfile
@ -19,81 +19,81 @@ exec "$@"' > /usr/bin/nosync && \
    chmod +x /usr/bin/nosync && \
    nosync dnf distro-sync -y && \
    nosync dnf install -y \
-        audit-libs-devel \
-        augeas \
-        bash-completion \
-        ca-certificates \
-        ccache \
-        clang \
-        codespell \
-        cpp \
-        cppi \
-        cyrus-sasl-devel \
-        device-mapper-devel \
-        diffutils \
-        dwarves \
-        ebtables \
-        firewalld-filesystem \
-        fuse-devel \
-        gcc \
-        gettext \
-        git \
-        glib2-devel \
-        glibc-devel \
-        glibc-langpack-en \
-        glusterfs-api-devel \
-        gnutls-devel \
-        grep \
-        iproute \
-        iproute-tc \
-        iptables \
-        iscsi-initiator-utils \
-        kmod \
-        libacl-devel \
-        libattr-devel \
-        libblkid-devel \
-        libcap-ng-devel \
-        libcurl-devel \
-        libiscsi-devel \
-        libnl3-devel \
-        libpcap-devel \
-        libpciaccess-devel \
-        librbd-devel \
-        libselinux-devel \
-        libssh-devel \
-        libssh2-devel \
-        libtirpc-devel \
-        libwsman-devel \
-        libxml2 \
-        libxml2-devel \
-        libxslt \
-        lvm2 \
-        make \
-        meson \
-        nfs-utils \
-        ninja-build \
-        numactl-devel \
-        numad \
-        parted-devel \
-        perl-base \
-        pkgconfig \
-        polkit \
-        python3 \
-        python3-docutils \
-        python3-flake8 \
-        qemu-img \
-        readline-devel \
-        rpcgen \
-        rpm-build \
-        sanlock-devel \
-        scrub \
-        sed \
-        sheepdog \
-        systemd-devel \
-        systemtap-sdt-devel \
-        wireshark-devel \
-        xen-devel \
-        yajl-devel && \
+               audit-libs-devel \
+               augeas \
+               bash-completion \
+               ca-certificates \
+               ccache \
+               clang \
+               codespell \
+               cpp \
+               cppi \
+               cyrus-sasl-devel \
+               device-mapper-devel \
+               diffutils \
+               dwarves \
+               ebtables \
+               firewalld-filesystem \
+               fuse-devel \
+               gcc \
+               gettext \
+               git \
+               glib2-devel \
+               glibc-devel \
+               glibc-langpack-en \
+               glusterfs-api-devel \
+               gnutls-devel \
+               grep \
+               iproute \
+               iproute-tc \
+               iptables \
+               iscsi-initiator-utils \
+               kmod \
+               libacl-devel \
+               libattr-devel \
+               libblkid-devel \
+               libcap-ng-devel \
+               libcurl-devel \
+               libiscsi-devel \
+               libnl3-devel \
+               libpcap-devel \
+               libpciaccess-devel \
+               librbd-devel \
+               libselinux-devel \
+               libssh-devel \
+               libssh2-devel \
+               libtirpc-devel \
+               libwsman-devel \
+               libxml2 \
+               libxml2-devel \
+               libxslt \
+               lvm2 \
+               make \
+               meson \
+               nfs-utils \
+               ninja-build \
+               numactl-devel \
+               numad \
+               parted-devel \
+               perl-base \
+               pkgconfig \
+               polkit \
+               python3 \
+               python3-docutils \
+               python3-flake8 \
+               qemu-img \
+               readline-devel \
+               rpcgen \
+               rpm-build \
+               sanlock-devel \
+               scrub \
+               sed \
+               systemd-devel \
+               systemd-rpm-macros \
+               systemtap-sdt-devel \
+               wireshark-devel \
+               xen-devel \
+               yajl-devel && \
    nosync dnf autoremove -y && \
    nosync dnf clean all -y && \
    rpm -qa | sort > /packages.txt && \
@ -102,8 +102,8 @@ exec "$@"' > /usr/bin/nosync && \
    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang && \
    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
--- a/ci/containers/opensuse-leap-153.Dockerfile
+++ b/ci/containers/opensuse-leap-153.Dockerfile
@ -81,6 +81,7 @@ RUN zypper update -y && \
           sanlock-devel \
           scrub \
           sed \
+           systemd-rpm-macros \
           systemtap-sdt-devel \
           wireshark-devel \
           xen-devel && \
@ -93,8 +94,8 @@ RUN zypper update -y && \

 RUN /usr/bin/pip3 install meson==0.56.0

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
--- a/ci/containers/opensuse-tumbleweed.Dockerfile
+++ b/ci/containers/opensuse-tumbleweed.Dockerfile
@ -71,7 +71,7 @@ RUN zypper dist-upgrade -y && \
           polkit \
           python3-base \
           python3-docutils \
-           python3-flake8 \
+           python39-flake8 \
           qemu-tools \
           readline-devel \
           rpcgen \
@ -79,6 +79,7 @@ RUN zypper dist-upgrade -y && \
           sanlock-devel \
           scrub \
           sed \
+           systemd-rpm-macros \
           systemtap-sdt-devel \
           wireshark-devel \
           xen-devel && \
@ -89,8 +90,8 @@ RUN zypper dist-upgrade -y && \
    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang && \
    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
--- a/ci/containers/ubuntu-2004.Dockerfile
+++ b/ci/containers/ubuntu-2004.Dockerfile
@ -11,82 +11,82 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    apt-get install -y eatmydata && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y \
-            augeas-lenses \
-            augeas-tools \
-            bash-completion \
-            ca-certificates \
-            ccache \
-            clang \
-            codespell \
-            cpp \
-            diffutils \
-            dwarves \
-            ebtables \
-            flake8 \
-            gcc \
-            gettext \
-            git \
-            grep \
-            iproute2 \
-            iptables \
-            kmod \
-            libacl1-dev \
-            libapparmor-dev \
-            libattr1-dev \
-            libaudit-dev \
-            libblkid-dev \
-            libc-dev-bin \
-            libc6-dev \
-            libcap-ng-dev \
-            libcurl4-gnutls-dev \
-            libdevmapper-dev \
-            libfuse-dev \
-            libglib2.0-dev \
-            libglusterfs-dev \
-            libgnutls28-dev \
-            libiscsi-dev \
-            libnetcf-dev \
-            libnl-3-dev \
-            libnl-route-3-dev \
-            libnuma-dev \
-            libopenwsman-dev \
-            libparted-dev \
-            libpcap0.8-dev \
-            libpciaccess-dev \
-            librbd-dev \
-            libreadline-dev \
-            libsanlock-dev \
-            libsasl2-dev \
-            libselinux1-dev \
-            libssh-dev \
-            libssh2-1-dev \
-            libtirpc-dev \
-            libudev-dev \
-            libxen-dev \
-            libxml2-dev \
-            libxml2-utils \
-            libyajl-dev \
-            locales \
-            lvm2 \
-            make \
-            nfs-common \
-            ninja-build \
-            numad \
-            open-iscsi \
-            perl-base \
-            pkgconf \
-            policykit-1 \
-            python3 \
-            python3-docutils \
-            python3-pip \
-            python3-setuptools \
-            python3-wheel \
-            qemu-utils \
-            scrub \
-            sed \
-            systemtap-sdt-dev \
-            wireshark-dev \
-            xsltproc && \
+                      augeas-lenses \
+                      augeas-tools \
+                      bash-completion \
+                      ca-certificates \
+                      ccache \
+                      clang \
+                      codespell \
+                      cpp \
+                      diffutils \
+                      dwarves \
+                      ebtables \
+                      flake8 \
+                      gcc \
+                      gettext \
+                      git \
+                      grep \
+                      iproute2 \
+                      iptables \
+                      kmod \
+                      libacl1-dev \
+                      libapparmor-dev \
+                      libattr1-dev \
+                      libaudit-dev \
+                      libblkid-dev \
+                      libc-dev-bin \
+                      libc6-dev \
+                      libcap-ng-dev \
+                      libcurl4-gnutls-dev \
+                      libdevmapper-dev \
+                      libfuse-dev \
+                      libglib2.0-dev \
+                      libglusterfs-dev \
+                      libgnutls28-dev \
+                      libiscsi-dev \
+                      libnetcf-dev \
+                      libnl-3-dev \
+                      libnl-route-3-dev \
+                      libnuma-dev \
+                      libopenwsman-dev \
+                      libparted-dev \
+                      libpcap0.8-dev \
+                      libpciaccess-dev \
+                      librbd-dev \
+                      libreadline-dev \
+                      libsanlock-dev \
+                      libsasl2-dev \
+                      libselinux1-dev \
+                      libssh-dev \
+                      libssh2-1-dev \
+                      libtirpc-dev \
+                      libudev-dev \
+                      libxen-dev \
+                      libxml2-dev \
+                      libxml2-utils \
+                      libyajl-dev \
+                      locales \
+                      lvm2 \
+                      make \
+                      nfs-common \
+                      ninja-build \
+                      numad \
+                      open-iscsi \
+                      perl-base \
+                      pkgconf \
+                      policykit-1 \
+                      python3 \
+                      python3-docutils \
+                      python3-pip \
+                      python3-setuptools \
+                      python3-wheel \
+                      qemu-utils \
+                      scrub \
+                      sed \
+                      systemtap-sdt-dev \
+                      wireshark-dev \
+                      xsltproc && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen && \
@ -99,8 +99,8 @@ RUN export DEBIAN_FRONTEND=noninteractive && \

 RUN /usr/bin/pip3 install meson==0.56.0

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
--- a/ci/containers/ubuntu-2204.Dockerfile
+++ b/ci/containers/ubuntu-2204.Dockerfile
@ -11,79 +11,79 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    apt-get install -y eatmydata && \
    eatmydata apt-get dist-upgrade -y && \
    eatmydata apt-get install --no-install-recommends -y \
-            augeas-lenses \
-            augeas-tools \
-            bash-completion \
-            ca-certificates \
-            ccache \
-            clang \
-            codespell \
-            cpp \
-            diffutils \
-            dwarves \
-            ebtables \
-            flake8 \
-            gcc \
-            gettext \
-            git \
-            grep \
-            iproute2 \
-            iptables \
-            kmod \
-            libacl1-dev \
-            libapparmor-dev \
-            libattr1-dev \
-            libaudit-dev \
-            libblkid-dev \
-            libc-dev-bin \
-            libc6-dev \
-            libcap-ng-dev \
-            libcurl4-gnutls-dev \
-            libdevmapper-dev \
-            libfuse-dev \
-            libglib2.0-dev \
-            libglusterfs-dev \
-            libgnutls28-dev \
-            libiscsi-dev \
-            libnl-3-dev \
-            libnl-route-3-dev \
-            libnuma-dev \
-            libopenwsman-dev \
-            libparted-dev \
-            libpcap0.8-dev \
-            libpciaccess-dev \
-            librbd-dev \
-            libreadline-dev \
-            libsanlock-dev \
-            libsasl2-dev \
-            libselinux1-dev \
-            libssh-dev \
-            libssh2-1-dev \
-            libtirpc-dev \
-            libudev-dev \
-            libxen-dev \
-            libxml2-dev \
-            libxml2-utils \
-            libyajl-dev \
-            locales \
-            lvm2 \
-            make \
-            meson \
-            nfs-common \
-            ninja-build \
-            numad \
-            open-iscsi \
-            perl-base \
-            pkgconf \
-            policykit-1 \
-            python3 \
-            python3-docutils \
-            qemu-utils \
-            scrub \
-            sed \
-            systemtap-sdt-dev \
-            wireshark-dev \
-            xsltproc && \
+                      augeas-lenses \
+                      augeas-tools \
+                      bash-completion \
+                      ca-certificates \
+                      ccache \
+                      clang \
+                      codespell \
+                      cpp \
+                      diffutils \
+                      dwarves \
+                      ebtables \
+                      flake8 \
+                      gcc \
+                      gettext \
+                      git \
+                      grep \
+                      iproute2 \
+                      iptables \
+                      kmod \
+                      libacl1-dev \
+                      libapparmor-dev \
+                      libattr1-dev \
+                      libaudit-dev \
+                      libblkid-dev \
+                      libc-dev-bin \
+                      libc6-dev \
+                      libcap-ng-dev \
+                      libcurl4-gnutls-dev \
+                      libdevmapper-dev \
+                      libfuse-dev \
+                      libglib2.0-dev \
+                      libglusterfs-dev \
+                      libgnutls28-dev \
+                      libiscsi-dev \
+                      libnl-3-dev \
+                      libnl-route-3-dev \
+                      libnuma-dev \
+                      libopenwsman-dev \
+                      libparted-dev \
+                      libpcap0.8-dev \
+                      libpciaccess-dev \
+                      librbd-dev \
+                      libreadline-dev \
+                      libsanlock-dev \
+                      libsasl2-dev \
+                      libselinux1-dev \
+                      libssh-dev \
+                      libssh2-1-dev \
+                      libtirpc-dev \
+                      libudev-dev \
+                      libxen-dev \
+                      libxml2-dev \
+                      libxml2-utils \
+                      libyajl-dev \
+                      locales \
+                      lvm2 \
+                      make \
+                      meson \
+                      nfs-common \
+                      ninja-build \
+                      numad \
+                      open-iscsi \
+                      perl-base \
+                      pkgconf \
+                      policykit-1 \
+                      python3 \
+                      python3-docutils \
+                      qemu-utils \
+                      scrub \
+                      sed \
+                      systemtap-sdt-dev \
+                      wireshark-dev \
+                      xsltproc && \
    eatmydata apt-get autoremove -y && \
    eatmydata apt-get autoclean -y && \
    sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen && \
@ -94,8 +94,8 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang && \
    ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc

+ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
 ENV LANG "en_US.UTF-8"
 ENV MAKE "/usr/bin/make"
 ENV NINJA "/usr/bin/ninja"
 ENV PYTHON "/usr/bin/python3"
-ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
--- a/ci/gitlab.yml
+++ b/ci/gitlab.yml
@ -8,24 +8,73 @@
 # Variables that can be set to control the behaviour of
 # pipelines that are run
 #
-#  - RUN_ALL_CONTAINERS - build all containers
-#    even if they don't have any changes detected
+#  - RUN_PIPELINE - force creation of a CI pipeline when
+#    pushing to a branch in a forked repository. Official
+#    CI pipelines are triggered when merge requests are
+#    created/updated. Setting this variable to a non-empty
+#    value allows CI testing prior to opening a merge request.
+#
+#  - RUN_CONTAINER_BUILDS - CI pipelines in upstream only
+#    publish containers if CI file changes are detected.
+#    Setting this variable to a non-empty value will force
+#    re-publishing, even when no file changes are detected.
+#    Typically to use from a scheduled job once a month.
+#
+#  - RUN_UPSTREAM_NAMESPACE - the upstream namespace is
+#    configured to default to 'libvirt'. When testing
+#    changes to CI it might be useful to use a different
+#    upstream. Setting this variable will override the
+#    namespace considered to be upstream.
 #
 # These can be set as git push options
 #
-#  $ git push -o ci.variable=RUN_ALL_CONTAINERS=1
+#  $ git push -o ci.variable=RUN_PIPELINE=1
 #
 # Aliases can be set for common usage
 #
-#  $ git config --local alias.push-all-ctr "push -o ci.variable=RUN_ALL_CONTAINERS=1"
+#  $ git config --local alias.push-ci "push -o ci.variable=RUN_PIPELINE=1"
 #
 # Allowing the less verbose invocation
 #
-#  $ git push-all-ctr
+#  $ git push-ci
 #
 # Pipeline variables can also be set in the repository
 # pipeline config globally, or set against scheduled pipelines

+
+variables:
+  RUN_UPSTREAM_NAMESPACE: libvirt
+
+
+workflow:
+  rules:
+    # upstream+forks: Avoid duplicate pipelines on pushes, if a MR is open
+    - if: '$CI_PIPELINE_SOURCE == "push" && $CI_OPEN_MERGE_REQUESTS'
+      when: never
+
+    # upstream+forks: Avoid pipelines on tag pushes
+    - if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_TAG'
+      when: never
+
+    # upstream+forks: Allow pipelines in scenarios we've figured out job rules
+    - if: '$CI_PIPELINE_SOURCE =~ /^(push|merge_request_event|api|web|schedule)$/'
+      when: always
+
+    # upstream+forks: Avoid all other pipelines
+    - when: never
+
+
+debug:
+  image: docker.io/library/alpine:3
+  stage: sanity_checks
+  interruptible: true
+  needs: []
+  script:
+    - printenv | sort
+  rules:
+    - if: '$RUN_DEBUG'
+      when: always
+
 include:
  - local: '/ci/gitlab/container-templates.yml'
  - local: '/ci/gitlab/build-templates.yml'
--- a/ci/gitlab/build-templates.yml
+++ b/ci/gitlab/build-templates.yml
@ -5,33 +5,238 @@
 # https://gitlab.com/libvirt/libvirt-ci


-.gitlab_native_build_job:
-  image: $CI_REGISTRY_IMAGE/ci-$NAME:latest
+#
+# We use pre-built containers for any pipelines that are:
+#
+#  - Validating code committed on default upstream branch
+#  - Validating patches targeting default upstream branch
+#    which do not have CI changes
+#
+# We use a local build env for any pipelines that are:
+#
+#  - Validating code committed to a non-default upstream branch
+#  - Validating patches targeting a non-default upstream branch
+#  - Validating patches targeting default upstream branch which
+#    include CI changes
+#  - Validating code committed to a fork branch
+#
+# Note: the rules across the prebuilt_env and local_env templates
+# should be logical inverses, such that jobs are mutually exclusive
+#
+.gitlab_native_build_job_prebuilt_env:
+  image: $CI_REGISTRY/$RUN_UPSTREAM_NAMESPACE/libvirt/ci-$NAME:latest
  stage: builds
+  interruptible: true
+  before_script:
+    - cat /packages.txt
  rules:
-    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
-      when: never
-    - if: '$JOB_OPTIONAL'
+    # upstream: pushes to the default branch
+    - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $JOB_OPTIONAL'
      when: manual
      allow_failure: true
-    - when: on_success
+    - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
+      when: on_success

-
-.gitlab_cross_build_job:
-  image: $CI_REGISTRY_IMAGE/ci-$NAME-cross-$CROSS:latest
-  stage: builds
-  rules:
-    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
-      when: never
-    - if: '$JOB_OPTIONAL'
+    # upstream: other web/api/scheduled pipelines targeting the default branch
+    - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE =~ /(web|api|schedule)/ && $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH && $JOB_OPTIONAL'
      when: manual
      allow_failure: true
-    - when: on_success
+    - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE =~ /(web|api|schedule)/ && $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH'
+      when: on_success
+
+    # upstream+forks: merge requests targeting the default branch, without CI changes
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == $CI_DEFAULT_BRANCH'
+      changes:
+        - ci/gitlab/container-templates.yml
+        - ci/containers/$NAME.Dockerfile
+      when: never
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == $CI_DEFAULT_BRANCH && $JOB_OPTIONAL'
+      when: manual
+      allow_failure: true
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == $CI_DEFAULT_BRANCH'
+      when: on_success
+
+    # upstream+forks: that's all folks
+    - when: never
+
+.gitlab_native_build_job_local_env:
+  image: $IMAGE
+  stage: builds
+  interruptible: true
+  before_script:
+    - source ci/buildenv/$NAME.sh
+    - install_buildenv
+    - cat /packages.txt
+  rules:
+    # upstream: pushes to a non-default branch
+    - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH && $JOB_OPTIONAL'
+      when: manual
+      allow_failure: true
+    - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH'
+      when: on_success
+
+    - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE && $JOB_OPTIONAL'
+      when: manual
+      allow_failure: true
+    - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE'
+      when: on_success
+
+    # upstream: other web/api/scheduled pipelines targeting non-default branches
+    - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE =~ /(web|api|schedule)/ && $CI_COMMIT_REF_NAME != $CI_DEFAULT_BRANCH && $JOB_OPTIONAL'
+      when: manual
+      allow_failure: true
+    - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE =~ /(web|api|schedule)/ && $CI_COMMIT_REF_NAME != $CI_DEFAULT_BRANCH'
+      when: on_success
+
+    # forks: other web/api/scheduled pipelines
+    - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE =~ /(web|api|schedule)/ && $JOB_OPTIONAL'
+      when: manual
+      allow_failure: true
+    - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE =~ /(web|api|schedule)/'
+      when: on_success
+
+    # upstream+forks: merge requests targeting the default branch, with CI changes
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == $CI_DEFAULT_BRANCH && $JOB_OPTIONAL'
+      changes:
+        - ci/gitlab/container-templates.yml
+        - ci/containers/$NAME.Dockerfile
+      when: manual
+      allow_failure: true
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == $CI_DEFAULT_BRANCH'
+      changes:
+        - ci/gitlab/container-templates.yml
+        - ci/containers/$NAME.Dockerfile
+      when: on_success
+
+    # upstream+forks: merge requests targeting non-default branches
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME != $CI_DEFAULT_BRANCH && $JOB_OPTIONAL'
+      when: manual
+      allow_failure: true
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME != $CI_DEFAULT_BRANCH'
+      when: on_success
+
+    # upstream+forks: that's all folks
+    - when: never
+
+
+#
+# We use pre-built containers for any pipelines that are:
+#
+#  - Validating code committed on default upstream branch
+#  - Validating patches targeting default upstream branch
+#    which do not have CI changes
+#
+# We use a local build env for any pipelines that are:
+#
+#  - Validating code committed to a non-default upstream branch
+#  - Validating patches targeting a non-default upstream branch
+#  - Validating patches targeting default upstream branch which
+#    include CI changes
+#  - Validating code committed to a fork branch
+#
+# Note: the rules across the prebuilt_env and local_env templates
+# should be logical inverses, such that jobs are mutually exclusive
+#
+.gitlab_cross_build_job_prebuilt_env:
+  image: $CI_REGISTRY/$RUN_UPSTREAM_NAMESPACE/libvirt/ci-$NAME-cross-$CROSS:latest
+  stage: builds
+  interruptible: true
+  before_script:
+    - cat /packages.txt
+  rules:
+    # upstream: pushes to the default branch
+    - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $JOB_OPTIONAL'
+      when: manual
+      allow_failure: true
+    - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
+      when: on_success
+
+    # upstream: other web/api/scheduled pipelines targeting the default branch
+    - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE =~ /(web|api|schedule)/ && $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH && $JOB_OPTIONAL'
+      when: manual
+      allow_failure: true
+    - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE =~ /(web|api|schedule)/ && $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH'
+      when: on_success
+
+    # upstream+forks: merge requests targeting the default branch, without CI changes
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == $CI_DEFAULT_BRANCH'
+      changes:
+        - ci/gitlab/container-templates.yml
+        - ci/containers/$NAME.Dockerfile
+      when: never
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == $CI_DEFAULT_BRANCH && $JOB_OPTIONAL'
+      when: manual
+      allow_failure: true
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == $CI_DEFAULT_BRANCH'
+      when: on_success
+
+    # upstream+forks: that's all folks
+    - when: never
+
+.gitlab_cross_build_job_local_env:
+  image: $IMAGE
+  stage: builds
+  interruptible: true
+  before_script:
+    - source ci/buildenv/$NAME.sh
+    - install_buildenv
+    - cat /packages.txt
+  rules:
+    # upstream: pushes to a non-default branch
+    - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH && $JOB_OPTIONAL'
+      when: manual
+      allow_failure: true
+    - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH'
+      when: on_success
+
+    - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE && $JOB_OPTIONAL'
+      when: manual
+      allow_failure: true
+    - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE'
+      when: on_success
+
+    # upstream: other web/api/scheduled pipelines targeting non-default branches
+    - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE =~ /(web|api|schedule)/ && $CI_COMMIT_REF_NAME != $CI_DEFAULT_BRANCH && $JOB_OPTIONAL'
+      when: manual
+      allow_failure: true
+    - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE =~ /(web|api|schedule)/ && $CI_COMMIT_REF_NAME != $CI_DEFAULT_BRANCH'
+      when: on_success
+
+    # forks: other web/api/scheduled pipelines
+    - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE =~ /(web|api|schedule)/ && $JOB_OPTIONAL'
+      when: manual
+      allow_failure: true
+    - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE =~ /(web|api|schedule)/'
+      when: on_success
+
+    # upstream+forks: merge requests targeting the default branch, with CI changes
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == $CI_DEFAULT_BRANCH && $JOB_OPTIONAL'
+      changes:
+        - ci/gitlab/container-templates.yml
+        - ci/containers/$NAME.Dockerfile
+      when: manual
+      allow_failure: true
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == $CI_DEFAULT_BRANCH'
+      changes:
+        - ci/gitlab/container-templates.yml
+        - ci/containers/$NAME.Dockerfile
+      when: on_success
+
+    # upstream+forks: merge requests targeting non-default branches
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME != $CI_DEFAULT_BRANCH && $JOB_OPTIONAL'
+      when: manual
+      allow_failure: true
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME != $CI_DEFAULT_BRANCH'
+      when: on_success
+
+    # upstream+forks: that's all folks
+    - when: never


 .cirrus_build_job:
  stage: builds
  image: registry.gitlab.com/libvirt/libvirt-ci/cirrus-run:master
+  interruptible: true
  needs: []
  script:
    - source ci/cirrus/$NAME.vars
@ -56,9 +261,30 @@
    - cat ci/cirrus/$NAME.yml
    - cirrus-run -v --show-build-log always ci/cirrus/$NAME.yml
  rules:
+    # upstream+forks: Can't run unless Cirrus is configured
    - if: '$CIRRUS_GITHUB_REPO == null || $CIRRUS_API_TOKEN == null'
      when: never
-    - if: '$JOB_OPTIONAL'
+
+    # upstream: pushes to branches
+    - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $JOB_OPTIONAL'
      when: manual
      allow_failure: true
-    - when: on_success
+    - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push"'
+      when: on_success
+
+    # forks: pushes to branches with pipeline requested
+    - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE && $JOB_OPTIONAL'
+      when: manual
+      allow_failure: true
+    - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE'
+      when: on_success
+
+    # upstream+forks: Run pipelines on MR, web, api & scheduled
+    - if: '$CI_PIPELINE_SOURCE =~ /(web|api|schedule|merge_request_event)/ && $JOB_OPTIONAL'
+      when: manual
+      allow_failure: true
+    - if: '$CI_PIPELINE_SOURCE =~ /(web|api|schedule|merge_request_event)/'
+      when: on_success
+
+    # upstream+forks: that's all folks
+    - when: never
--- a/ci/gitlab/builds.yml
+++ b/ci/gitlab/builds.yml
@ -7,8 +7,8 @@

 # Native build jobs

-x86_64-almalinux-8:
-  extends: .native_build_job
+x86_64-almalinux-8-prebuilt-env:
+  extends: .native_build_job_prebuilt_env
  needs:
    - job: x86_64-almalinux-8-container
      optional: true
@ -18,9 +18,19 @@ x86_64-almalinux-8:
    NAME: almalinux-8
    RPM: skip

+x86_64-almalinux-8-local-env:
+  extends: .native_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    IMAGE: docker.io/library/almalinux:8
+    JOB_OPTIONAL: 1
+    NAME: almalinux-8
+    RPM: skip

-x86_64-almalinux-8-clang:
-  extends: .native_build_job
+
+x86_64-almalinux-8-clang-prebuilt-env:
+  extends: .native_build_job_prebuilt_env
  needs:
    - job: x86_64-almalinux-8-container
      optional: true
@ -30,9 +40,19 @@ x86_64-almalinux-8-clang:
    NAME: almalinux-8
    RPM: skip

+x86_64-almalinux-8-clang-local-env:
+  extends: .native_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    CC: clang
+    IMAGE: docker.io/library/almalinux:8
+    NAME: almalinux-8
+    RPM: skip

-x86_64-alpine-315:
-  extends: .native_build_job
+
+x86_64-alpine-315-prebuilt-env:
+  extends: .native_build_job_prebuilt_env
  needs:
    - job: x86_64-alpine-315-container
      optional: true
@ -40,9 +60,17 @@ x86_64-alpine-315:
  variables:
    NAME: alpine-315

+x86_64-alpine-315-local-env:
+  extends: .native_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    IMAGE: docker.io/library/alpine:3.15
+    NAME: alpine-315

-x86_64-alpine-edge:
-  extends: .native_build_job
+
+x86_64-alpine-edge-prebuilt-env:
+  extends: .native_build_job_prebuilt_env
  needs:
    - job: x86_64-alpine-edge-container
      optional: true
@ -50,9 +78,17 @@ x86_64-alpine-edge:
  variables:
    NAME: alpine-edge

+x86_64-alpine-edge-local-env:
+  extends: .native_build_job_local_env
+  needs: []
+  allow_failure: true
+  variables:
+    IMAGE: docker.io/library/alpine:edge
+    NAME: alpine-edge

-x86_64-centos-stream-8:
-  extends: .native_build_job
+
+x86_64-centos-stream-8-prebuilt-env:
+  extends: .native_build_job_prebuilt_env
  needs:
    - job: x86_64-centos-stream-8-container
      optional: true
@ -64,9 +100,21 @@ x86_64-centos-stream-8:
    paths:
      - libvirt-rpms

+x86_64-centos-stream-8-local-env:
+  extends: .native_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    IMAGE: quay.io/centos/centos:stream8
+    NAME: centos-stream-8
+  artifacts:
+    expire_in: 1 day
+    paths:
+      - libvirt-rpms

-x86_64-centos-stream-9:
-  extends: .native_build_job
+
+x86_64-centos-stream-9-prebuilt-env:
+  extends: .native_build_job_prebuilt_env
  needs:
    - job: x86_64-centos-stream-9-container
      optional: true
@ -78,9 +126,21 @@ x86_64-centos-stream-9:
    paths:
      - libvirt-rpms

+x86_64-centos-stream-9-local-env:
+  extends: .native_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    IMAGE: quay.io/centos/centos:stream9
+    NAME: centos-stream-9
+  artifacts:
+    expire_in: 1 day
+    paths:
+      - libvirt-rpms

-x86_64-debian-11:
-  extends: .native_build_job
+
+x86_64-debian-11-prebuilt-env:
+  extends: .native_build_job_prebuilt_env
  needs:
    - job: x86_64-debian-11-container
      optional: true
@ -88,9 +148,17 @@ x86_64-debian-11:
  variables:
    NAME: debian-11

+x86_64-debian-11-local-env:
+  extends: .native_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    IMAGE: docker.io/library/debian:11-slim
+    NAME: debian-11

-x86_64-debian-11-clang:
-  extends: .native_build_job
+
+x86_64-debian-11-clang-prebuilt-env:
+  extends: .native_build_job_prebuilt_env
  needs:
    - job: x86_64-debian-11-container
      optional: true
@ -98,9 +166,17 @@ x86_64-debian-11-clang:
  variables:
    NAME: debian-11

+x86_64-debian-11-clang-local-env:
+  extends: .native_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    IMAGE: docker.io/library/debian:11-slim
+    NAME: debian-11

-x86_64-debian-sid:
-  extends: .native_build_job
+
+x86_64-debian-sid-prebuilt-env:
+  extends: .native_build_job_prebuilt_env
  needs:
    - job: x86_64-debian-sid-container
      optional: true
@ -108,9 +184,17 @@ x86_64-debian-sid:
  variables:
    NAME: debian-sid

+x86_64-debian-sid-local-env:
+  extends: .native_build_job_local_env
+  needs: []
+  allow_failure: true
+  variables:
+    IMAGE: docker.io/library/debian:sid-slim
+    NAME: debian-sid

-x86_64-fedora-35:
-  extends: .native_build_job
+
+x86_64-fedora-35-prebuilt-env:
+  extends: .native_build_job_prebuilt_env
  needs:
    - job: x86_64-fedora-35-container
      optional: true
@ -122,9 +206,21 @@ x86_64-fedora-35:
    paths:
      - libvirt-rpms

+x86_64-fedora-35-local-env:
+  extends: .native_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    IMAGE: registry.fedoraproject.org/fedora:35
+    NAME: fedora-35
+  artifacts:
+    expire_in: 1 day
+    paths:
+      - libvirt-rpms

-x86_64-fedora-36:
-  extends: .native_build_job
+
+x86_64-fedora-36-prebuilt-env:
+  extends: .native_build_job_prebuilt_env
  needs:
    - job: x86_64-fedora-36-container
      optional: true
@ -136,9 +232,21 @@ x86_64-fedora-36:
    paths:
      - libvirt-rpms

+x86_64-fedora-36-local-env:
+  extends: .native_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    IMAGE: registry.fedoraproject.org/fedora:36
+    NAME: fedora-36
+  artifacts:
+    expire_in: 1 day
+    paths:
+      - libvirt-rpms

-x86_64-fedora-rawhide:
-  extends: .native_build_job
+
+x86_64-fedora-rawhide-prebuilt-env:
+  extends: .native_build_job_prebuilt_env
  needs:
    - job: x86_64-fedora-rawhide-container
      optional: true
@ -146,9 +254,17 @@ x86_64-fedora-rawhide:
  variables:
    NAME: fedora-rawhide

+x86_64-fedora-rawhide-local-env:
+  extends: .native_build_job_local_env
+  needs: []
+  allow_failure: true
+  variables:
+    IMAGE: registry.fedoraproject.org/fedora:rawhide
+    NAME: fedora-rawhide

-x86_64-fedora-rawhide-clang:
-  extends: .native_build_job
+
+x86_64-fedora-rawhide-clang-prebuilt-env:
+  extends: .native_build_job_prebuilt_env
  needs:
    - job: x86_64-fedora-rawhide-container
      optional: true
@ -158,9 +274,19 @@ x86_64-fedora-rawhide-clang:
    NAME: fedora-rawhide
    RPM: skip

+x86_64-fedora-rawhide-clang-local-env:
+  extends: .native_build_job_local_env
+  needs: []
+  allow_failure: true
+  variables:
+    CC: clang
+    IMAGE: registry.fedoraproject.org/fedora:rawhide
+    NAME: fedora-rawhide
+    RPM: skip

-x86_64-opensuse-leap-153:
-  extends: .native_build_job
+
+x86_64-opensuse-leap-153-prebuilt-env:
+  extends: .native_build_job_prebuilt_env
  needs:
    - job: x86_64-opensuse-leap-153-container
      optional: true
@ -169,9 +295,18 @@ x86_64-opensuse-leap-153:
    NAME: opensuse-leap-153
    RPM: skip

+x86_64-opensuse-leap-153-local-env:
+  extends: .native_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    IMAGE: registry.opensuse.org/opensuse/leap:15.3
+    NAME: opensuse-leap-153
+    RPM: skip

-x86_64-opensuse-tumbleweed:
-  extends: .native_build_job
+
+x86_64-opensuse-tumbleweed-prebuilt-env:
+  extends: .native_build_job_prebuilt_env
  needs:
    - job: x86_64-opensuse-tumbleweed-container
      optional: true
@ -180,9 +315,18 @@ x86_64-opensuse-tumbleweed:
    NAME: opensuse-tumbleweed
    RPM: skip

+x86_64-opensuse-tumbleweed-local-env:
+  extends: .native_build_job_local_env
+  needs: []
+  allow_failure: true
+  variables:
+    IMAGE: registry.opensuse.org/opensuse/tumbleweed:latest
+    NAME: opensuse-tumbleweed
+    RPM: skip

-x86_64-ubuntu-2004:
-  extends: .native_build_job
+
+x86_64-ubuntu-2004-prebuilt-env:
+  extends: .native_build_job_prebuilt_env
  needs:
    - job: x86_64-ubuntu-2004-container
      optional: true
@ -193,9 +337,20 @@ x86_64-ubuntu-2004:
    NAME: ubuntu-2004
    UBSAN_OPTIONS: print_stacktrace=1:halt_on_error=1

+x86_64-ubuntu-2004-local-env:
+  extends: .native_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    ASAN_OPTIONS: verify_asan_link_order=0
+    IMAGE: docker.io/library/ubuntu:20.04
+    MESON_ARGS: -Db_lundef=false -Db_sanitize=address,undefined
+    NAME: ubuntu-2004
+    UBSAN_OPTIONS: print_stacktrace=1:halt_on_error=1

-x86_64-ubuntu-2204:
-  extends: .native_build_job
+
+x86_64-ubuntu-2204-prebuilt-env:
+  extends: .native_build_job_prebuilt_env
  needs:
    - job: x86_64-ubuntu-2204-container
      optional: true
@ -204,9 +359,18 @@ x86_64-ubuntu-2204:
    JOB_OPTIONAL: 1
    NAME: ubuntu-2204

+x86_64-ubuntu-2204-local-env:
+  extends: .native_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    IMAGE: docker.io/library/ubuntu:22.04
+    JOB_OPTIONAL: 1
+    NAME: ubuntu-2204

-x86_64-ubuntu-2204-clang:
-  extends: .native_build_job
+
+x86_64-ubuntu-2204-clang-prebuilt-env:
+  extends: .native_build_job_prebuilt_env
  needs:
    - job: x86_64-ubuntu-2204-container
      optional: true
@ -217,12 +381,23 @@ x86_64-ubuntu-2204-clang:
    NAME: ubuntu-2204
    UBSAN_OPTIONS: print_stacktrace=1:halt_on_error=1

+x86_64-ubuntu-2204-clang-local-env:
+  extends: .native_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    CC: clang
+    IMAGE: docker.io/library/ubuntu:22.04
+    MESON_ARGS: -Db_lundef=false -Db_sanitize=address,undefined
+    NAME: ubuntu-2204
+    UBSAN_OPTIONS: print_stacktrace=1:halt_on_error=1
+


 # Cross build jobs

-aarch64-debian-11:
-  extends: .cross_build_job
+aarch64-debian-11-prebuilt-env:
+  extends: .cross_build_job_prebuilt_env
  needs:
    - job: aarch64-debian-11-container
      optional: true
@ -232,9 +407,19 @@ aarch64-debian-11:
    JOB_OPTIONAL: 1
    NAME: debian-11

+aarch64-debian-11-local-env:
+  extends: .cross_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    CROSS: aarch64
+    IMAGE: docker.io/library/debian:11-slim
+    JOB_OPTIONAL: 1
+    NAME: debian-11

-armv6l-debian-11:
-  extends: .cross_build_job
+
+armv6l-debian-11-prebuilt-env:
+  extends: .cross_build_job_prebuilt_env
  needs:
    - job: armv6l-debian-11-container
      optional: true
@ -244,9 +429,19 @@ armv6l-debian-11:
    JOB_OPTIONAL: 1
    NAME: debian-11

+armv6l-debian-11-local-env:
+  extends: .cross_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    CROSS: armv6l
+    IMAGE: docker.io/library/debian:11-slim
+    JOB_OPTIONAL: 1
+    NAME: debian-11

-armv7l-debian-11:
-  extends: .cross_build_job
+
+armv7l-debian-11-prebuilt-env:
+  extends: .cross_build_job_prebuilt_env
  needs:
    - job: armv7l-debian-11-container
      optional: true
@ -255,9 +450,18 @@ armv7l-debian-11:
    CROSS: armv7l
    NAME: debian-11

+armv7l-debian-11-local-env:
+  extends: .cross_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    CROSS: armv7l
+    IMAGE: docker.io/library/debian:11-slim
+    NAME: debian-11

-i686-debian-11:
-  extends: .cross_build_job
+
+i686-debian-11-prebuilt-env:
+  extends: .cross_build_job_prebuilt_env
  needs:
    - job: i686-debian-11-container
      optional: true
@ -267,9 +471,19 @@ i686-debian-11:
    JOB_OPTIONAL: 1
    NAME: debian-11

+i686-debian-11-local-env:
+  extends: .cross_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    CROSS: i686
+    IMAGE: docker.io/library/debian:11-slim
+    JOB_OPTIONAL: 1
+    NAME: debian-11

-mips64el-debian-11:
-  extends: .cross_build_job
+
+mips64el-debian-11-prebuilt-env:
+  extends: .cross_build_job_prebuilt_env
  needs:
    - job: mips64el-debian-11-container
      optional: true
@ -279,9 +493,19 @@ mips64el-debian-11:
    JOB_OPTIONAL: 1
    NAME: debian-11

+mips64el-debian-11-local-env:
+  extends: .cross_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    CROSS: mips64el
+    IMAGE: docker.io/library/debian:11-slim
+    JOB_OPTIONAL: 1
+    NAME: debian-11

-mipsel-debian-11:
-  extends: .cross_build_job
+
+mipsel-debian-11-prebuilt-env:
+  extends: .cross_build_job_prebuilt_env
  needs:
    - job: mipsel-debian-11-container
      optional: true
@ -291,9 +515,19 @@ mipsel-debian-11:
    JOB_OPTIONAL: 1
    NAME: debian-11

+mipsel-debian-11-local-env:
+  extends: .cross_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    CROSS: mipsel
+    IMAGE: docker.io/library/debian:11-slim
+    JOB_OPTIONAL: 1
+    NAME: debian-11

-ppc64le-debian-11:
-  extends: .cross_build_job
+
+ppc64le-debian-11-prebuilt-env:
+  extends: .cross_build_job_prebuilt_env
  needs:
    - job: ppc64le-debian-11-container
      optional: true
@ -303,9 +537,19 @@ ppc64le-debian-11:
    JOB_OPTIONAL: 1
    NAME: debian-11

+ppc64le-debian-11-local-env:
+  extends: .cross_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    CROSS: ppc64le
+    IMAGE: docker.io/library/debian:11-slim
+    JOB_OPTIONAL: 1
+    NAME: debian-11

-s390x-debian-11:
-  extends: .cross_build_job
+
+s390x-debian-11-prebuilt-env:
+  extends: .cross_build_job_prebuilt_env
  needs:
    - job: s390x-debian-11-container
      optional: true
@ -315,9 +559,19 @@ s390x-debian-11:
    JOB_OPTIONAL: 1
    NAME: debian-11

+s390x-debian-11-local-env:
+  extends: .cross_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    CROSS: s390x
+    IMAGE: docker.io/library/debian:11-slim
+    JOB_OPTIONAL: 1
+    NAME: debian-11

-aarch64-debian-sid:
-  extends: .cross_build_job
+
+aarch64-debian-sid-prebuilt-env:
+  extends: .cross_build_job_prebuilt_env
  needs:
    - job: aarch64-debian-sid-container
      optional: true
@ -327,9 +581,19 @@ aarch64-debian-sid:
    JOB_OPTIONAL: 1
    NAME: debian-sid

+aarch64-debian-sid-local-env:
+  extends: .cross_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    CROSS: aarch64
+    IMAGE: docker.io/library/debian:sid-slim
+    JOB_OPTIONAL: 1
+    NAME: debian-sid

-armv6l-debian-sid:
-  extends: .cross_build_job
+
+armv6l-debian-sid-prebuilt-env:
+  extends: .cross_build_job_prebuilt_env
  needs:
    - job: armv6l-debian-sid-container
      optional: true
@ -339,9 +603,19 @@ armv6l-debian-sid:
    JOB_OPTIONAL: 1
    NAME: debian-sid

+armv6l-debian-sid-local-env:
+  extends: .cross_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    CROSS: armv6l
+    IMAGE: docker.io/library/debian:sid-slim
+    JOB_OPTIONAL: 1
+    NAME: debian-sid

-armv7l-debian-sid:
-  extends: .cross_build_job
+
+armv7l-debian-sid-prebuilt-env:
+  extends: .cross_build_job_prebuilt_env
  needs:
    - job: armv7l-debian-sid-container
      optional: true
@ -351,9 +625,19 @@ armv7l-debian-sid:
    JOB_OPTIONAL: 1
    NAME: debian-sid

+armv7l-debian-sid-local-env:
+  extends: .cross_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    CROSS: armv7l
+    IMAGE: docker.io/library/debian:sid-slim
+    JOB_OPTIONAL: 1
+    NAME: debian-sid

-i686-debian-sid:
-  extends: .cross_build_job
+
+i686-debian-sid-prebuilt-env:
+  extends: .cross_build_job_prebuilt_env
  needs:
    - job: i686-debian-sid-container
      optional: true
@ -363,9 +647,19 @@ i686-debian-sid:
    JOB_OPTIONAL: 1
    NAME: debian-sid

+i686-debian-sid-local-env:
+  extends: .cross_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    CROSS: i686
+    IMAGE: docker.io/library/debian:sid-slim
+    JOB_OPTIONAL: 1
+    NAME: debian-sid

-mips64el-debian-sid:
-  extends: .cross_build_job
+
+mips64el-debian-sid-prebuilt-env:
+  extends: .cross_build_job_prebuilt_env
  needs:
    - job: mips64el-debian-sid-container
      optional: true
@ -375,9 +669,19 @@ mips64el-debian-sid:
    JOB_OPTIONAL: 1
    NAME: debian-sid

+mips64el-debian-sid-local-env:
+  extends: .cross_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    CROSS: mips64el
+    IMAGE: docker.io/library/debian:sid-slim
+    JOB_OPTIONAL: 1
+    NAME: debian-sid

-mipsel-debian-sid:
-  extends: .cross_build_job
+
+mipsel-debian-sid-prebuilt-env:
+  extends: .cross_build_job_prebuilt_env
  needs:
    - job: mipsel-debian-sid-container
      optional: true
@ -387,9 +691,19 @@ mipsel-debian-sid:
    JOB_OPTIONAL: 1
    NAME: debian-sid

+mipsel-debian-sid-local-env:
+  extends: .cross_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    CROSS: mipsel
+    IMAGE: docker.io/library/debian:sid-slim
+    JOB_OPTIONAL: 1
+    NAME: debian-sid

-ppc64le-debian-sid:
-  extends: .cross_build_job
+
+ppc64le-debian-sid-prebuilt-env:
+  extends: .cross_build_job_prebuilt_env
  needs:
    - job: ppc64le-debian-sid-container
      optional: true
@ -399,9 +713,19 @@ ppc64le-debian-sid:
    JOB_OPTIONAL: 1
    NAME: debian-sid

+ppc64le-debian-sid-local-env:
+  extends: .cross_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    CROSS: ppc64le
+    IMAGE: docker.io/library/debian:sid-slim
+    JOB_OPTIONAL: 1
+    NAME: debian-sid

-s390x-debian-sid:
-  extends: .cross_build_job
+
+s390x-debian-sid-prebuilt-env:
+  extends: .cross_build_job_prebuilt_env
  needs:
    - job: s390x-debian-sid-container
      optional: true
@ -411,9 +735,19 @@ s390x-debian-sid:
    JOB_OPTIONAL: 1
    NAME: debian-sid

+s390x-debian-sid-local-env:
+  extends: .cross_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    CROSS: s390x
+    IMAGE: docker.io/library/debian:sid-slim
+    JOB_OPTIONAL: 1
+    NAME: debian-sid

-mingw32-fedora-36:
-  extends: .cross_build_job
+
+mingw32-fedora-36-prebuilt-env:
+  extends: .cross_build_job_prebuilt_env
  needs:
    - job: mingw32-fedora-36-container
      optional: true
@ -423,9 +757,19 @@ mingw32-fedora-36:
    JOB_OPTIONAL: 1
    NAME: fedora-36

+mingw32-fedora-36-local-env:
+  extends: .cross_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    CROSS: mingw32
+    IMAGE: registry.fedoraproject.org/fedora:36
+    JOB_OPTIONAL: 1
+    NAME: fedora-36

-mingw64-fedora-36:
-  extends: .cross_build_job
+
+mingw64-fedora-36-prebuilt-env:
+  extends: .cross_build_job_prebuilt_env
  needs:
    - job: mingw64-fedora-36-container
      optional: true
@ -434,9 +778,18 @@ mingw64-fedora-36:
    CROSS: mingw64
    NAME: fedora-36

+mingw64-fedora-36-local-env:
+  extends: .cross_build_job_local_env
+  needs: []
+  allow_failure: false
+  variables:
+    CROSS: mingw64
+    IMAGE: registry.fedoraproject.org/fedora:36
+    NAME: fedora-36

-mingw32-fedora-rawhide:
-  extends: .cross_build_job
+
+mingw32-fedora-rawhide-prebuilt-env:
+  extends: .cross_build_job_prebuilt_env
  needs:
    - job: mingw32-fedora-rawhide-container
      optional: true
@ -445,9 +798,18 @@ mingw32-fedora-rawhide:
    CROSS: mingw32
    NAME: fedora-rawhide

+mingw32-fedora-rawhide-local-env:
+  extends: .cross_build_job_local_env
+  needs: []
+  allow_failure: true
+  variables:
+    CROSS: mingw32
+    IMAGE: registry.fedoraproject.org/fedora:rawhide
+    NAME: fedora-rawhide

-mingw64-fedora-rawhide:
-  extends: .cross_build_job
+
+mingw64-fedora-rawhide-prebuilt-env:
+  extends: .cross_build_job_prebuilt_env
  needs:
    - job: mingw64-fedora-rawhide-container
      optional: true
@ -457,6 +819,16 @@ mingw64-fedora-rawhide:
    JOB_OPTIONAL: 1
    NAME: fedora-rawhide

+mingw64-fedora-rawhide-local-env:
+  extends: .cross_build_job_local_env
+  needs: []
+  allow_failure: true
+  variables:
+    CROSS: mingw64
+    IMAGE: registry.fedoraproject.org/fedora:rawhide
+    JOB_OPTIONAL: 1
+    NAME: fedora-rawhide
+

 # Native cirrus build jobs

@ -479,7 +851,7 @@ x86_64-freebsd-13:
  needs: []
  allow_failure: false
  variables:
-    CIRRUS_VM_IMAGE_NAME: freebsd-13-0
+    CIRRUS_VM_IMAGE_NAME: freebsd-13-1
    CIRRUS_VM_IMAGE_SELECTOR: image_family
    CIRRUS_VM_INSTANCE_TYPE: freebsd_instance
    INSTALL_COMMAND: pkg install -y
@ -488,14 +860,14 @@ x86_64-freebsd-13:
    UPGRADE_COMMAND: pkg upgrade -y


-x86_64-macos-12:
+aarch64-macos-12:
  extends: .cirrus_build_job
  needs: []
  allow_failure: false
  variables:
-    CIRRUS_VM_IMAGE_NAME: monterey-base
+    CIRRUS_VM_IMAGE_NAME: ghcr.io/cirruslabs/macos-monterey-base:latest
    CIRRUS_VM_IMAGE_SELECTOR: image
-    CIRRUS_VM_INSTANCE_TYPE: osx_instance
+    CIRRUS_VM_INSTANCE_TYPE: macos_instance
    INSTALL_COMMAND: brew install
    NAME: macos-12
    PATH_EXTRA: /usr/local/opt/ccache/libexec:/usr/local/opt/gettext/bin:/usr/local/opt/libpcap/bin:/usr/local/opt/libxslt/bin:/usr/local/opt/rpcgen/bin
--- a/ci/gitlab/container-templates.yml
+++ b/ci/gitlab/container-templates.yml
@ -5,53 +5,41 @@
 # https://gitlab.com/libvirt/libvirt-ci


-# For upstream
+# We want to publish containers with tag 'latest':
 #
-#   - Push to default branch:
-#       -> rebuild if dockerfile changed, no cache
-#   - Otherwise
-#       -> rebuild if RUN_ALL_CONTAINERS=1, no cache,
-#          to pick up new published distro packages or
-#          recover from deleted tag
+#  - In upstream, for push to default branch with CI changes.
+#  - In upstream, on request, for scheduled/manual pipelines
+#    against default branch
 #
-# For forks
-#   - Always rebuild, with cache
+# Note: never publish from merge requests since they have non-committed code
 #
 .container_job:
  image: docker:stable
  stage: containers
+  interruptible: false
  needs: []
  services:
    - docker:dind
  before_script:
    - export TAG="$CI_REGISTRY_IMAGE/ci-$NAME:latest"
-    - export COMMON_TAG="$CI_REGISTRY/libvirt/libvirt/ci-$NAME:latest"
    - docker info
    - docker login "$CI_REGISTRY" -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD"
  script:
-    - if test $CI_PROJECT_NAMESPACE = "libvirt";
-      then
-        docker build --tag "$TAG" -f "ci/containers/$NAME.Dockerfile" ci/containers ;
-      else
-        docker pull "$TAG" || docker pull "$COMMON_TAG" || true ;
-        docker build --cache-from "$TAG" --cache-from "$COMMON_TAG" --tag "$TAG" -f "ci/containers/$NAME.Dockerfile" ci/containers ;
-      fi
+    - docker build --tag "$TAG" -f "ci/containers/$NAME.Dockerfile" ci/containers ;
    - docker push "$TAG"
  after_script:
    - docker logout
  rules:
-    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
-      when: never
-    - if: '$CI_PROJECT_NAMESPACE == "libvirt" && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
+    # upstream: publish containers if there were CI changes on the default branch
+    - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
      when: on_success
      changes:
-       - ci/gitlab/container-templates.yml
-       - ci/containers/$NAME.Dockerfile
-    - if: '$CI_PROJECT_NAMESPACE == "libvirt" && $RUN_ALL_CONTAINERS == "1"'
+        - ci/gitlab/container-templates.yml
+        - ci/containers/$NAME.Dockerfile
+
+    # upstream: allow force re-publishing containers on default branch for web/api/scheduled pipelines
+    - if: '$CI_PROJECT_NAMESPACE == $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE =~ /(web|api|schedule)/ && $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH && $RUN_CONTAINER_BUILDS == "1"'
      when: on_success
-    - if: '$CI_PROJECT_NAMESPACE == "libvirt"'
-      when: never
-    - if: '$JOB_OPTIONAL'
-      when: manual
-      allow_failure: true
-    - when: on_success
+
+    # upstream+forks: that's all folks
+    - when: never
--- a/ci/gitlab/sanity-checks.yml
+++ b/ci/gitlab/sanity-checks.yml
@ -9,10 +9,19 @@ check-dco:
  stage: sanity_checks
  needs: []
  image: registry.gitlab.com/libvirt/libvirt-ci/check-dco:master
+  interruptible: true
  script:
-    - /check-dco libvirt
-  except:
-    variables:
-      - $CI_PROJECT_NAMESPACE == 'libvirt'
+    - /check-dco "$RUN_UPSTREAM_NAMESPACE"
+  rules:
+    # upstream+forks: Run pipelines on MR
+    - if: '$CI_PIPELINE_SOURCE =~ "merge_request_event"'
+      when: on_success
+
+    # forks: pushes to branches with pipeline requested
+    - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH && $RUN_PIPELINE'
+      when: on_success
+
+    # upstream+forks: that's all folks
+    - when: never
  variables:
    GIT_DEPTH: 1000
--- a/ci/integration-template.yml
+++ b/ci/integration-template.yml
@ -25,8 +25,10 @@


 .install-deps: &install-deps
-  - sudo dnf install -y libvirt-rpms/* libvirt-perl-rpms/*
-  - sudo pip3 install --prefix=/usr avocado-framework
+  - sudo dnf install -y libvirt-rpms/* libvirt-perl-rpms/* libvirt-python-rpms/*
+
+  # Avocado >98.0 fails with the nwfilter TCK tests, so stick with 98.0 for now
+  - sudo pip3 install --prefix=/usr avocado-framework==98.0


 .enable-core-dumps: &enable-core-dumps
@ -39,26 +41,33 @@
  - if test "$ID" = "centos" && test "$VERSION_ID" -lt 9 ||
       test "$ID" = "fedora" && test "$VERSION_ID" -lt 35;
    then
-      DAEMONS="libvirtd virtlogd virtlockd";
+      DAEMONS="libvirtd virtlockd virtlogd";
    else
-      DAEMONS="virtproxyd virtqemud virtinterfaced virtsecretd virtstoraged virtnwfilterd virtnodedevd virtlogd virtlockd";
+      DAEMONS="virtinterfaced virtlockd virtlogd virtnetworkd virtnodedevd virtnwfilterd virtproxyd virtqemud virtsecretd virtstoraged";
    fi
  - for daemon in $DAEMONS;
    do
      LOG_OUTPUTS="1:file:/var/log/libvirt/${daemon}.log";
      LOG_FILTERS="3:remote 4:event 3:util.json 3:util.object 3:util.dbus 3:util.netlink 3:node_device 3:rpc 3:access 1:*";
-      sudo augtool set /files/etc/libvirt/${daemon}.conf/log_filters "$LOG_FILTERS" &>/dev/null;
-      sudo augtool set /files/etc/libvirt/${daemon}.conf/log_outputs "$LOG_OUTPUTS" &>/dev/null;
+      sudo augtool set /files/etc/libvirt/${daemon}.conf/log_filters "'$LOG_FILTERS'" &>/dev/null;
+      sudo augtool set /files/etc/libvirt/${daemon}.conf/log_outputs "'$LOG_OUTPUTS'" &>/dev/null;
      sudo systemctl --quiet stop ${daemon}.service;
      sudo systemctl restart ${daemon}.socket;
    done


 .collect-logs: &collect-logs
+  - set +e
+  - shopt -s nullglob
  - mkdir logs
-  - test -e "$SCRATCH_DIR"/avocado && sudo mv "$SCRATCH_DIR"/avocado/latest/test-results logs/avocado;
-  - sudo coredumpctl info --no-pager > logs/coredumpctl.txt
+  - test -d "$SCRATCH_DIR"/avocado && mkdir logs/avocado
+  - sudo coredumpctl &>/dev/null && sudo coredumpctl info --no-pager > logs/coredumpctl.txt
  - sudo mv /var/log/libvirt logs/libvirt
+  # filter only the failed tests, omitting successful job logs
+  - for test_log in "$SCRATCH_DIR"/avocado/latest/test-results/by-status/{ERROR,FAIL}/*;
+    do
+      sudo mv "$(realpath $test_log)" logs/avocado;
+    done;
  - sudo chown -R $(whoami):$(whoami) logs
    # rename all Avocado stderr/stdout logs to *.log so that GitLab's web UI doesn't mangle the MIME type
  - find logs/avocado/ -type f ! -name "*.log" -exec
@ -88,19 +97,38 @@
    paths:
      - logs
    when: on_failure
+
+.integration_tests_prebuilt_env:
+  extends: .integration_tests
  rules:
-    - if: '$LIBVIRT_CI_INTEGRATION'
-      when: on_success
-    - when: never
+    - if: '$LIBVIRT_CI_INTEGRATION == null'
+      when: never
+    - !reference [.gitlab_native_build_job_prebuilt_env, rules]
+
+.integration_tests_local_env:
+  extends: .integration_tests
+  rules:
+    - if: '$LIBVIRT_CI_INTEGRATION == null'
+      when: never
+    - !reference [.gitlab_native_build_job_local_env, rules]


 # YAML anchors don't work with Shell conditions so we can't use a variable
 # to conditionally build+install QEMU from source.
 # Instead, create a new test job template for this scenario.
 .integration_tests_upstream_qemu:
-  extends: .integration_tests
  before_script:
    - !reference [.integration_tests, before_script]
    - cd "$SCRATCH_DIR"
    - *qemu-build-template
    - sudo restorecon -R /usr
+
+.integration_tests_upstream_qemu_prebuilt_env:
+  extends:
+    - .integration_tests_prebuilt_env
+    - .integration_tests_upstream_qemu
+
+.integration_tests_upstream_qemu_local_env:
+  extends:
+    - .integration_tests_local_env
+    - .integration_tests_upstream_qemu
--- a/ci/integration.yml
+++ b/ci/integration.yml
@ -1,14 +1,7 @@
 include:
  - 'ci/integration-template.yml'

-centos-stream-8-tests:
-  extends: .integration_tests
-  needs:
-    - x86_64-centos-stream-8
-    - project: libvirt/libvirt-perl
-      job: x86_64-centos-stream-8
-      ref: master
-      artifacts: true
+.centos-stream-8-tests:
  variables:
    # needed by libvirt-gitlab-executor
    DISTRO: centos-stream-8
@ -17,14 +10,38 @@ centos-stream-8-tests:
  tags:
    - $LIBVIRT_CI_INTEGRATION_RUNNER_TAG

-centos-stream-9-tests:
-  extends: .integration_tests
+centos-stream-8-tests-prebuilt-env:
+  extends:
+    - .integration_tests_prebuilt_env
+    - .centos-stream-8-tests
  needs:
-    - x86_64-centos-stream-9
+    - x86_64-centos-stream-8-prebuilt-env
    - project: libvirt/libvirt-perl
-      job: x86_64-centos-stream-9
+      job: x86_64-centos-stream-8-prebuilt-env
      ref: master
      artifacts: true
+    - project: libvirt/libvirt-python
+      job: x86_64-centos-stream-8-prebuilt-env
+      ref: master
+      artifacts: true
+
+centos-stream-8-tests-local-env:
+  extends:
+    - .integration_tests_local_env
+    - .centos-stream-8-tests
+  needs:
+    - x86_64-centos-stream-8-local-env
+    - project: libvirt/libvirt-perl
+      job: x86_64-centos-stream-8-prebuilt-env
+      ref: master
+      artifacts: true
+    - project: libvirt/libvirt-python
+      job: x86_64-centos-stream-8-prebuilt-env
+      ref: master
+      artifacts: true
+
+
+.centos-stream-9-tests:
  variables:
    # needed by libvirt-gitlab-executor
    DISTRO: centos-stream-9
@ -33,14 +50,38 @@ centos-stream-9-tests:
  tags:
    - $LIBVIRT_CI_INTEGRATION_RUNNER_TAG

-fedora-35-tests:
-  extends: .integration_tests
+centos-stream-9-tests-prebuilt-env:
+  extends:
+    - .integration_tests_prebuilt_env
+    - .centos-stream-9-tests
  needs:
-    - x86_64-fedora-35
+    - x86_64-centos-stream-9-prebuilt-env
    - project: libvirt/libvirt-perl
-      job: x86_64-fedora-35
+      job: x86_64-centos-stream-9-prebuilt-env
      ref: master
      artifacts: true
+    - project: libvirt/libvirt-python
+      job: x86_64-centos-stream-9-prebuilt-env
+      ref: master
+      artifacts: true
+
+centos-stream-9-tests-local-env:
+  extends:
+    - .integration_tests_local_env
+    - .centos-stream-9-tests
+  needs:
+    - x86_64-centos-stream-9-local-env
+    - project: libvirt/libvirt-perl
+      job: x86_64-centos-stream-9-prebuilt-env
+      ref: master
+      artifacts: true
+    - project: libvirt/libvirt-python
+      job: x86_64-centos-stream-9-prebuilt-env
+      ref: master
+      artifacts: true
+
+
+.fedora-35-tests:
  variables:
    # needed by libvirt-gitlab-executor
    DISTRO: fedora-35
@ -49,14 +90,38 @@ fedora-35-tests:
  tags:
    - $LIBVIRT_CI_INTEGRATION_RUNNER_TAG

-fedora-36-tests:
-  extends: .integration_tests
+fedora-35-tests-prebuilt-env:
+  extends:
+    - .integration_tests_prebuilt_env
+    - .fedora-35-tests
  needs:
-    - x86_64-fedora-36
+    - x86_64-fedora-35-prebuilt-env
    - project: libvirt/libvirt-perl
-      job: x86_64-fedora-36
+      job: x86_64-fedora-35-prebuilt-env
      ref: master
      artifacts: true
+    - project: libvirt/libvirt-python
+      job: x86_64-fedora-35-prebuilt-env
+      ref: master
+      artifacts: true
+
+fedora-35-tests-local-env:
+  extends:
+    - .integration_tests_local_env
+    - .fedora-35-tests
+  needs:
+    - x86_64-fedora-35-local-env
+    - project: libvirt/libvirt-perl
+      job: x86_64-fedora-35-prebuilt-env
+      ref: master
+      artifacts: true
+    - project: libvirt/libvirt-python
+      job: x86_64-fedora-35-prebuilt-env
+      ref: master
+      artifacts: true
+
+
+.fedora-36-tests:
  variables:
    # needed by libvirt-gitlab-executor
    DISTRO: fedora-36
@ -65,14 +130,38 @@ fedora-36-tests:
  tags:
    - $LIBVIRT_CI_INTEGRATION_RUNNER_TAG

-fedora-36-upstream-qemu-tests:
-  extends: .integration_tests_upstream_qemu
+fedora-36-tests-prebuilt-env:
+  extends:
+    - .integration_tests_prebuilt_env
+    - .fedora-36-tests
  needs:
-    - x86_64-fedora-36
+    - x86_64-fedora-36-prebuilt-env
    - project: libvirt/libvirt-perl
-      job: x86_64-fedora-36
+      job: x86_64-fedora-36-prebuilt-env
      ref: master
      artifacts: true
+    - project: libvirt/libvirt-python
+      job: x86_64-fedora-36-prebuilt-env
+      ref: master
+      artifacts: true
+
+fedora-36-tests-local-env:
+  extends:
+    - .integration_tests_local_env
+    - .fedora-36-tests
+  needs:
+    - x86_64-fedora-36-local-env
+    - project: libvirt/libvirt-perl
+      job: x86_64-fedora-36-prebuilt-env
+      ref: master
+      artifacts: true
+    - project: libvirt/libvirt-python
+      job: x86_64-fedora-36-prebuilt-env
+      ref: master
+      artifacts: true
+
+
+.fedora-36-upstream-qemu-tests:
  variables:
    # needed by libvirt-gitlab-executor
    DISTRO: fedora-36
@ -80,3 +169,33 @@ fedora-36-upstream-qemu-tests:
    LIBVIRT_CI_INTEGRATION_RUNNER_TAG: redhat-vm-host
  tags:
    - $LIBVIRT_CI_INTEGRATION_RUNNER_TAG
+
+fedora-36-upstream-qemu-tests-prebuilt-env:
+  extends:
+    - .integration_tests_prebuilt_env
+    - .fedora-36-upstream-qemu-tests
+  needs:
+    - x86_64-fedora-36-prebuilt-env
+    - project: libvirt/libvirt-perl
+      job: x86_64-fedora-36-prebuilt-env
+      ref: master
+      artifacts: true
+    - project: libvirt/libvirt-python
+      job: x86_64-fedora-36-prebuilt-env
+      ref: master
+      artifacts: true
+
+fedora-36-upstream-qemu-tests-local-env:
+  extends:
+    - .integration_tests_local_env
+    - .fedora-36-upstream-qemu-tests
+  needs:
+    - x86_64-fedora-36-local-env
+    - project: libvirt/libvirt-perl
+      job: x86_64-fedora-36-prebuilt-env
+      ref: master
+      artifacts: true
+    - project: libvirt/libvirt-python
+      job: x86_64-fedora-36-prebuilt-env
+      ref: master
+      artifacts: true
--- a/ci/manifest.yml
+++ b/ci/manifest.yml
@ -175,7 +175,7 @@ targets:

  macos-12:
    jobs:
-      - arch: x86_64
+      - arch: aarch64
        variables:
          PATH_EXTRA: /usr/local/opt/ccache/libexec:/usr/local/opt/gettext/bin:/usr/local/opt/libpcap/bin:/usr/local/opt/libxslt/bin:/usr/local/opt/rpcgen/bin
          PKG_CONFIG_PATH: /usr/local/opt/curl/lib/pkgconfig:/usr/local/opt/libpcap/lib/pkgconfig:/usr/local/opt/libxml2/lib/pkgconfig:/usr/local/opt/ncurses/lib/pkgconfig:/usr/local/opt/readline/lib/pkgconfig
--- a/docs/apps.rst
+++ b/docs/apps.rst
@ -70,6 +70,9 @@ virsh
   Virt-Lightning uses libvirt, cloud-init and libguestfs to allow
   anyone to quickly start a new VM. Very much like a container CLI, but
   with a virtual machine.
+`vms <https://github.com/cbosdo/vms>`__
+   vms is a tool wrapping around the libvirt API to manage multiple virtual
+   machines at once with name patterns.

 Configuration Management
 ------------------------
--- a/docs/best-practices.rst
+++ b/docs/best-practices.rst
@ -14,12 +14,12 @@ with minimal back-and-forth.
   (60 characters is typical), followed by a blank line, followed
   by any longer description of why your patch makes sense. If the
   patch fixes a regression, and you know what commit introduced
-   the problem, mentioning that is useful. If the patch resolves a
-   upstream bug reported in GitLab, put "Fixes: #NNN" in the commit
-   message. For a downstream bug, mention the URL of the bug instead.
-   In both cases also summarize the issue rather than making all
-   readers follow the link. You can use 'git shortlog -30' to get
-   an idea of typical summary lines.
+   the problem, mentioning that is useful. If the patch resolves
+   an upstream bug reported in GitLab, or downstream bug, put
+   "Resolves: $fullURL" of the bug. In both cases also summarize
+   the issue rather than making all readers follow the link. You
+   can use 'git shortlog -30' to get an idea of typical summary
+   lines.

 -  Split large changes into a series of smaller patches,
   self-contained if possible, with an explanation of each patch
--- a/docs/coding-style.rst
+++ b/docs/coding-style.rst
@ -705,35 +705,59 @@ use one of the following semantically named macros

   ::

-     STREQ(a,b)
-     STRNEQ(a,b)
+     STREQ(a, b)
+     STRNEQ(a, b)

 -  For case insensitive equality:

   ::

-     STRCASEEQ(a,b)
-     STRCASENEQ(a,b)
+     STRCASEEQ(a, b)
+     STRCASENEQ(a, b)

 -  For strict equality of a substring:

   ::

-     STREQLEN(a,b,n)
-     STRNEQLEN(a,b,n)
+     STREQLEN(a, b, n)
+     STRNEQLEN(a, b, n)

 -  For case insensitive equality of a substring:

   ::

-     STRCASEEQLEN(a,b,n)
-     STRCASENEQLEN(a,b,n)
+     STRCASEEQLEN(a, b, n)
+     STRCASENEQLEN(a, b, n)

 -  For strict equality of a prefix:

   ::

-     STRPREFIX(a,b)
+     STRPREFIX(a, b)
+
+-  For case insensitive equality of a prefix:
+
+   ::
+
+     STRCASEPREFIX(a, b)
+
+-  For skipping prefix:
+
+   ::
+
+     /* Instead of:
+      *   STRPREFIX(a, b) ? a + strlen(b) : NULL
+      * use: */
+     STRSKIP(a, b)
+
+-  For skipping prefix case insensitively:
+
+   ::
+
+     /* Instead of:
+      *   STRCASEPREFIX(a, b) ? a + strlen(b) : NULL
+      * use: */
+     STRCASESKIP(a, b)

 -  To avoid having to check if a or b are NULL:

--- a/docs/compiling.rst
+++ b/docs/compiling.rst
@ -4,24 +4,71 @@ libvirt Installation

 .. contents::

-Compiling a release tarball
---------------------------
+Installing from distribution repositories
+-----------------------------------------

-libvirt uses the standard setup/build/install steps and mandates that
-the build directory is different from the source directory:
+This is the recommended option to install libvirt. Libvirt is present in the
+package repositories of all major distributions. Installing a package from the
+package manager ensures that it's properly compiled, installed, started, and
+updated during the lifecycle of the distribution.
+
+For users who wish to use the most recent version, certain distributions also
+allow installing the most recent versions of virtualization packages:
+
+  **Fedora**
+
+    Refer to https://fedoraproject.org/wiki/Virtualization_Preview_Repository
+
+  **Gentoo**
+
+   The ``app-emulation/libvirt`` is regularly updated, but newest versions are
+   usually marked as testing by the ``~*`` keyword.
+
+  **openSUSE**
+
+    Refer to https://build.opensuse.org/package/show/Virtualization/libvirt
+
+Preparing sources
+-----------------
+
+Libvirt can be built both from release tarballs and from a git checkout using
+the same steps once the source code is prepared. Note that the build system
+requires that the build directory is separate from the top level source
+directory.
+
+By default further steps will build libvirt inside a subdirectory of the source
+tree named ``build``.
+
+Refer to the `downloads page <downloads.html>`__ for official tarballs and the
+git repository.
+
+Unpacking a source tarball
+~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Download a source tarball of the version you want to compile and unpack it
+using the following commands:

 ::

   $ xz -dc libvirt-x.x.x.tar.xz | tar xvf -
   $ cd libvirt-x.x.x
-   $ meson build

-The *meson* script can be given options to change its default behaviour.
+Git checkout
+~~~~~~~~~~~~

-**Note:** Please ensure that you have the appropriate minimal ``meson`` version
-installed in your build environment. The minimal version for a specific package
-can be checked in the top level ``meson.build`` file in the ``meson_version``
-field.
+A git checkout/clone is already in correct state for next steps. Just change
+your working directory to the checkout.
+
+Configuring the project
+-----------------------
+
+The libvirt build process uses the **Meson** build system. To configure for a
+build use the following command. Note that the ``build`` argument is the name
+of the build directory which will be created.
+
+::
+
+   $ meson build [options]

 To get the complete list of the options run the following command:

@ -29,59 +76,67 @@ To get the complete list of the options run the following command:

   $ meson configure

-When you have determined which options you want to use (if any),
-continue the process.
-
-Note the use of **sudo** with the *ninja install* command below. Using
-sudo is only required when installing to a location your user does not
-have write access to. Installing to a system location is a good example
-of this.
-
-If you are installing to a location that your user *does* have write
-access to, then you can instead run the *ninja install* command without
-putting **sudo** before it.
-
-::
-
-   $ meson build [possible options]
-   $ ninja -C build
-   $ sudo ninja -C build install
-
-At this point you **may** have to run ldconfig or a similar utility to
-update your list of installed shared libs.
-
-Building from a GIT checkout
----------------------------
-
-The libvirt build process uses Meson build system. By default when the
-``meson`` is run from within a GIT checkout, it will turn on -Werror for
-builds. This can be disabled with --werror=false, but this is not
-recommended.
-
-To build & install libvirt to your home directory the following commands
-can be run:
-
-::
-
-   $ meson build --prefix=$HOME/usr
-   $ ninja -C build
-   $ sudo ninja -C build install
-
-Be aware though, that binaries built with a custom prefix will not
-interoperate with OS vendor provided binaries, since the UNIX socket
-paths will all be different. To produce a build that is compatible with
+Be aware that by default the build is configured with a local ``prefix`` path
+which will not interoperate with OS vendor provided binaries, since the UNIX
+socket paths will all be different. To produce a build that is compatible with
 normal OS vendor prefixes, use

 ::

   $ meson build -Dsystem=true
+
+Explicitly enabling required functionality
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+By default each module of functionality of libvirtd is optionally enabled,
+meaning it will be enabled if the build environment contains the required
+dependencies.
+
+To ensure that your build contains the required functionality it's recommended
+to explicitly enable given modules, in which case the configure step will end
+with an error if dependencies are not present. **Example:** to build the
+libvirt project with support for the **qemu** driver use the following options:
+
+::
+
+   $ meson build -Dsystem=true -Ddriver_qemu=enabled
+
+Notes:
+~~~~~~
+
+By default when the ``meson`` is run from within a GIT checkout, it will turn
+on -Werror for builds. This can be disabled with --werror=false, but this is
+not recommended.
+
+Please ensure that you have the appropriate minimal ``meson`` version installed
+in your build environment. The minimal version for a specific package can be
+checked in the top level ``meson.build`` file in the ``meson_version`` field.
+
+
+Compiling the sources
+---------------------
+
+To build the configured project run (note that ``-C build`` is a path to the
+build directory):
+
+::
+
   $ ninja -C build

+The ``build`` directory now contains the built binaries.

-When doing this for day-to-day development purposes, it is recommended
-not to install over the OS vendor provided binaries. Instead simply run
-libvirt directly from the source tree. For example to run a privileged
-libvirtd instance
+Additionally you can also run the test suite:
+
+::
+
+   $ ninja -C build test
+
+Running compiled binaries from build directory
+----------------------------------------------
+
+For testing or development purposes it's usually not necessary to install the
+built binaries into your system. Instead simply run libvirt directly from the
+source tree. For example to run a privileged libvirtd instance

 ::

@ -98,3 +153,41 @@ It is also possible to run virsh directly from the build tree using the
   $ pwd
   /home/to/your/checkout/build
   $ ./run ./tools/virsh ....
+
+**Note:** The libvirt project provides `multiple daemons <daemons.html>`__ and
+the above steps may replace only some of them with the custom compiled instances.
+In most cases this should work but keep that fact in mind.
+
+Installing compiled binaries
+----------------------------
+
+**Important:** Manual installation of libvirt is generally not recommended and
+you should prefer installation from your operating system's package repository
+or from manually built packages which are then installed using the package
+manager. Overwriting an installation of libvirt from the package manager by a
+manually compiled installation may not work properly.
+
+Installing the compiled binaries into the appropriate location (based on
+how the build was configured) is done by the following command:
+
+::
+
+   $ sudo ninja -C build install
+
+Note the use of **sudo** with the *ninja install* command. Using
+sudo is only required when installing to a location your user does not
+have write access to. Installing to a system location is a good example
+of this.
+
+If you are installing to a location that your user *does* have write
+access to, then you can instead run the *ninja install* command without
+putting **sudo** before it.
+
+After installation you you **may** have to run ``ldconfig`` or a similar
+utility to update your list of installed shared libs, or adjust the paths where
+the system looks for binaries and shared libraries.
+
+The libvirt project provides `multiple daemons <daemons.html>`__ based on your
+configuration. You have to ensure that you start the appropriate processes for
+the freshly installed libvirt to be usable (e.g. even monolithic ``libvirtd``
+requires in most configurations that ``virtlogd`` is started).
--- a/docs/docs.rst
+++ b/docs/docs.rst
@ -72,9 +72,9 @@ Application development
   `secret <html/libvirt-libvirt-secret.html>`__,
   `storage <html/libvirt-libvirt-storage.html>`__,
   `stream <html/libvirt-libvirt-stream.html>`__ and
-   `admin <html/index-admin.html>`__,
-   `QEMU <html/index-qemu.html>`__,
-   `LXC <html/index-lxc.html>`__ libs
+   `admin <html/libvirt-libvirt-admin.html>`__,
+   `QEMU <html/libvirt-libvirt-qemu.html>`__,
+   `LXC <html/libvirt-libvirt-lxc.html>`__ libs

 `Language bindings and API modules <bindings.html>`__
   Bindings of the libvirt API for
--- a/docs/formatdomain.rst
+++ b/docs/formatdomain.rst
@ -2016,6 +2016,7 @@ are:
   tlbflush        Enable PV TLB flush support                                            on, off                                      :since:`4.7.0 (QEMU 3.0)`
   ipi             Enable PV IPI support                                                  on, off                                      :since:`4.10.0 (QEMU 3.1)`
   evmcs           Enable Enlightened VMCS                                                on, off                                      :since:`4.10.0 (QEMU 3.1)`
+   avic            Enable use Hyper-V SynIC with hardware APICv/AVIC                      on, off                                      :since:`8.10.0 (QEMU 6.2)`
   =============== ====================================================================== ============================================ =======================================================

   :since:`Since 8.0.0` , the hypervisor can be configured further by setting
@ -6533,9 +6534,9 @@ with the ``isa-serial`` target type); ``usb-serial`` (usable with the
 target type); ``spapr-vty`` (usable with the ``spapr-vio-serial`` target type);
 ``pl011`` and, :since:`since 4.7.0` , ``16550a`` (usable with the
 ``system-serial`` target type); ``sclpconsole`` and ``sclplmconsole`` (usable
-with the ``sclp-serial`` target type). ``isa-debugcon`` (usable with the
-``isa-debug`` target type); provides a virtual console for receiving debug
-messages from the firmware on x86 platforms. :since:`Since: 8.1.0`.
+with the ``sclp-serial`` target type). :since:`Since: 8.1.0`, ``isa-debugcon``
+(usable with the ``isa-debug`` target type); provides a virtual console for
+receiving debug messages from the firmware on x86 platforms.
 Providing a target model is usually unnecessary: libvirt will automatically
 pick one that's suitable for the chosen target type, and overriding that
 value is generally not recommended.
@ -7784,7 +7785,7 @@ Example: usage of the TPM Emulator
   active PCR banks upon VM start but leave them at their last configuration.
   This attribute requires that swtpm_setup v0.7 or later is installed
   and may not have any effect otherwise. The selection of PCR banks only works
-   with the ``emulator`` backend. since:`Since 7.10.0`
+   with the ``emulator`` backend. :since:`Since 7.10.0`

 ``encryption``
   The ``encryption`` element allows the state of a TPM emulator to be
@ -8001,6 +8002,20 @@ Example: usage of the memory devices
         <current unit='KiB'>524288</current>
       </target>
     </memory>
+     <memory model='sgx-epc'>
+       <source>
+         <nodemask>0-1</nodemask>
+       </source>
+       <target>
+         <size unit='KiB'>16384</size>
+         <node>0</node>
+       </target>
+     </memory>
+     <memory model='sgx-epc'>
+       <target>
+         <size unit='KiB'>16384</size>
+       </target>
+     </memory>
   </devices>
   ...

@ -8009,7 +8024,9 @@ Example: usage of the memory devices
   1.2.14` Provide ``nvdimm`` model that adds a Non-Volatile DIMM module.
   :since:`Since 3.2.0` Provide ``virtio-pmem`` model to add a paravirtualized
   persistent memory device. :since:`Since 7.1.0` Provide ``virtio-mem`` model
-   to add paravirtualized memory device. :since:`Since 7.9.0`
+   to add paravirtualized memory device. :since:`Since 7.9.0` Provide
+   ``sgx-epc`` model to add a SGX enclave page cache (EPC) memory to the guest.
+   :since:`Since 8.10.0 and QEMU 7.0.0`

 ``access``
   An optional attribute ``access`` ( :since:`since 3.2.0` ) that provides
@ -8069,6 +8086,13 @@ Example: usage of the memory devices
     Represents a path in the host that backs the virtio memory module in the
     guest. It is mandatory.

+   For model ``sgx-epc`` this element is optional. The following optional
+   elements may be used:
+
+   ``nodemask``
+      This element can be used to override the default set of NUMA nodes where
+      the memory would be allocated. :since:`Since 8.10.0 and QEMU 7.0.0`
+
 ``target``
   The mandatory ``target`` element configures the placement and sizing of the
   added memory from the perspective of the guest.
--- a/docs/formatdomaincaps.rst
+++ b/docs/formatdomaincaps.rst
@ -191,9 +191,10 @@ CPUs <formatdomain.html#cpu-model-and-topology>`__.
         <feature policy='require' name='vmx'/>
       </mode>
       <mode name='custom' supported='yes'>
-         <model usable='no' deprecated='no'>Broadwell</model>
-         <model usable='yes' deprecated='no'>Broadwell-noTSX</model>
-         <model usable='no' deprecated='yes'>Haswell</model>
+         <model usable='no' deprecated='no' vendor='Intel'>Broadwell</model>
+         <model usable='yes' deprecated='no' vendor='Intel'>Broadwell-noTSX</model>
+         <model usable='no' deprecated='yes' vendor='Intel'>Haswell</model>
+         <model usable='no' deprecated='no' vendor='AMD'>EPYC-Milan</model>
         ...
       </mode>
     </cpu>
@ -221,12 +222,25 @@ more details about it:
 ``custom``
   The ``mode`` element contains a list of supported CPU models, each described
   by a dedicated ``model`` element. The ``usable`` attribute specifies whether
-   the model can be used directly on the host. When usable='no' the
-   corresponding model cannot be used without disabling some features that the
-   CPU of such model is expected to have. A special value ``unknown`` indicates
-   libvirt does not have enough information to provide the usability data. The
+   the model can be used directly on the host. A special value ``unknown``
+   indicates libvirt does not have enough information to provide the usability
+   data. When ``usable='no'`` the corresponding model cannot be used without
+   disabling some features that the CPU of such model is expected to have. The
+   list of features blocking usability of a particular CPU model is returned
+   as disabled features in the result of ``virConnectBaselineHypervisorCPU``
+   API (or ``virsh hypervisor-cpu-baseline``) when called on a CPU definition
+   using the CPU model and no additional feature elements. Models marked as
+   usable (``usable='yes'``) can be safely used in domain XMLs with
+   ``check='none'`` as the hypervisor guarantees the model can be used on the
+   current host and additional checks done by libvirt are redundant. In fact,
+   disabling libvirt checks via ``check='none'`` for such models is recommended
+   to avoid needless issues with starting domains when libvirt's definition of
+   a particular model differs from hypervisor's definition. The
   ``deprecated`` attribute reflects the hypervisor's policy on usage of this
-   model :since:`(since 7.1.0)` .
+   model :since:`(since 7.1.0)`. The ``vendor`` attribute :since:`(since 8.9.0)`
+   contains the vendor of the CPU model for users who want to use CPU models
+   with specific vendors only. CPU models with undefined vendor will be listed
+   with ``vendor='unkwnown'``.

 I/O Threads
 ~~~~~~~~~~~
@ -529,6 +543,52 @@ TPM device capabilities are exposed under the ``tpm`` element. For instance:
 ``backendVersion``
   Options for the ``version`` attribute of the ``<tpm><backend/>`` element.

+USB redirect device
+^^^^^^^^^^^^^^^^^^^
+
+USB redirdev device capabilities are exposed under the ``redirdev`` element. For instance:
+
+::
+
+  <domainCapabilities>
+    ...
+    <devices>
+      <redirdev supported='yes'>
+        <enum name='bus'>
+          <value>usb</value>
+        </enum>
+      </redirdev>
+      ...
+    </devices>
+  </domainCapabilities>
+
+``bus``
+   Options for the ``bus`` attribute of the ``<redirdev/>`` element.
+
+Channel device
+^^^^^^^^^^^^^^
+
+Channel device capabilities are exposed under the ``channel`` element. For instance:
+
+::
+
+  <domainCapabilities>
+    ...
+    <devices>
+      <channel supported='yes'>
+        <enum name='type'>
+          <value>pty</value>
+          <value>unix</value>
+          <value>spicevmc</value>
+        </enum>
+      </channel
+      ...
+    </devices>
+  </domainCapabilities>
+
+``type``
+   Options for the ``type`` attribute of the ``<channel/>`` element.
+
 Features
 ~~~~~~~~

@ -554,6 +614,16 @@ capabilities. All features occur as children of the main ``features`` element.
         <cbitpos>47</cbitpos>
         <reduced-phys-bits>1</reduced-phys-bits>
       </sev>
+       <sgx supported='yes'>
+         <flc>no</flc>
+         <sgx1>yes</sgx1>
+         <sgx2>no</sgx2>
+         <section_size unit='KiB'>524288</section_size>
+         <sections>
+           <section node='0' size='262144' unit='KiB'/>
+           <section node='1' size='262144' unit='KiB'/>
+         </sections>
+       </sgx>
     </features>
   </domainCapabilities>

@ -633,3 +703,33 @@ in domain XML <formatdomain.html#launch-security>`__
 ``maxESGuests``
   The maximum number of SEV-ES guests that can be launched on the host. This
   value may be configurable in the firmware for some hosts.
+
+SGX capabilities
+^^^^^^^^^^^^^^^^
+
+Intel Software Guard Extensions (Intel SGX) capabilities are exposed under the
+``sgx`` element.
+
+Intel SGX helps protect data in use via unique application isolation technology.
+Protect selected code and data from modification using hardened enclaves with
+Intel SGX.
+
+For more details on the SGX feature, please follow resources in the SGX developer's
+document store. In order to use SGX with libvirt have a look at `SGX in domain XML
+<formatdomain.html#memory-devices>`__
+
+``flc``
+   FLC (Flexible Launch Control), not strictly part of SGX2, but was not part of
+   original SGX hardware either.
+
+``sgx1``
+   the sgx version 1.
+
+``sgx2``
+   The sgx version 2.
+
+``section_size``
+   The size of the SGX enclave page cache (called EPC).
+
+``sections``
+   The sections of the SGX enclave page cache (called EPC).
--- a/docs/formatnode.rst
+++ b/docs/formatnode.rst
@ -250,7 +250,7 @@ Describes a SCSI host device. Sub-elements include:
   scsi_host adapter in a `Storage Pool <formatstorage.html>`__.
   :since:`Since 1.2.7`
 ``capability``
-   Current capabilities include "vports_ops" (indicates vport operations
+   Current capabilities include "vport_ops" (indicates vport operations
   are supported) and "fc_host". "vport_ops" could contain two optional
   sub-elements: ``vports``, and ``max_vports``. ``vports`` shows the
   number of vport in use. ``max_vports`` shows the maximum vports the HBA
--- a/docs/formatstorage.rst
+++ b/docs/formatstorage.rst
@ -1,4 +1,5 @@
 .. role:: since
+.. role:: removed

 ==================================
 Storage pool and volume XML format
@ -17,8 +18,9 @@ volume size, or placement.
 The top level tag for a storage pool document is 'pool'. It has a single
 attribute ``type``, which is one of ``dir``, ``fs``, ``netfs``, ``disk``,
 ``iscsi``, ``logical``, ``scsi`` (all :since:`since 0.4.1` ), ``mpath`` (
-:since:`since 0.7.1` ), ``rbd`` ( :since:`since 0.9.13` ), ``sheepdog`` (
-:since:`since 0.10.0` ), ``gluster`` ( :since:`since 1.2.0` ), ``zfs`` (
+:since:`since 0.7.1` ), ``rbd`` ( :since:`since 0.9.13` ),
+``sheepdog`` (:since:`since 0.10.0`, :removed:`removed in 8.8.0` ),
+``gluster`` ( :since:`since 1.2.0` ), ``zfs`` (
 :since:`since 1.2.8` ), ``vstorage`` ( :since:`since 3.1.0` ), or
 ``iscsi-direct`` ( :since:`since 4.7.0` ). This corresponds to the storage
 backend drivers listed further along in this document.
--- a/docs/go/meson.build
+++ b/docs/go/meson.build
@ -31,7 +31,7 @@ foreach data : html_xslt_gen
    command: [
      xsltproc_prog,
      '--stringparam', 'pagesrc', data.get('source', ''),
-      '--stringparam', 'builddir', meson.build_root(),
+      '--stringparam', 'builddir', meson.project_build_root(),
      '--stringparam', 'timestamp', docs_timestamp,
      '--stringparam', 'href_base', data.get('href_base', ''),
      '--nonet',
--- a/docs/html/home.png
+++ b/docs/html/home.png
--- a/docs/html/left.png
+++ b/docs/html/left.png
--- a/docs/html/meson.build
+++ b/docs/html/meson.build
@ -1,16 +1,3 @@
-apipng = [
-  'home.png',
-  'left.png',
-  'right.png',
-  'up.png',
-]
-
-install_data(apipng, install_dir: docs_html_dir / 'html')
-
-foreach file : apipng
-  install_web_files += '@0@:@1@'.format(meson.current_source_dir() / file, docs_html_dir / 'html')
-endforeach
-
 docs_html_gen = []
 docs_html_dep = []

@ -39,8 +26,9 @@ index_api_gen = custom_target(
  ],
  command: [
    xsltproc_prog, '--nonet', '-o', docs_builddir,
-    '--stringparam', 'builddir', meson.build_root(),
+    '--stringparam', 'builddir', meson.project_build_root(),
    '--stringparam', 'timestamp', docs_timestamp,
+    '--stringparam', 'indexfile', 'index.html',
    '@INPUT@',
  ],
  install: true,
@ -61,14 +49,12 @@ foreach name : [ 'admin', 'lxc', 'qemu' ]
      get_variable('docs_@0@_api_xml'.format(name)),
    ],
    output: [
-      'index-@0@.html'.format(name),
      'libvirt-libvirt-@0@.html'.format(name),
    ],
    command: [
      xsltproc_prog, '--nonet', '-o', docs_builddir,
-      '--stringparam', 'builddir', meson.build_root(),
+      '--stringparam', 'builddir', meson.project_build_root(),
      '--stringparam', 'timestamp', docs_timestamp,
-      '--stringparam', 'indexfile', 'index-@0@.html'.format(name),
      '@INPUT@',
    ],
    install: true,
--- a/docs/html/right.png
+++ b/docs/html/right.png
--- a/docs/html/up.png
+++ b/docs/html/up.png
--- a/docs/kbase/internals/meson.build
+++ b/docs/kbase/internals/meson.build
@ -40,7 +40,7 @@ foreach data : html_xslt_gen
    command: [
      xsltproc_prog,
      '--stringparam', 'pagesrc', data.get('source', ''),
-      '--stringparam', 'builddir', meson.build_root(),
+      '--stringparam', 'builddir', meson.project_build_root(),
      '--stringparam', 'timestamp', docs_timestamp,
      '--stringparam', 'href_base', data.get('href_base', ''),
      '--nonet',
--- a/docs/kbase/internals/qemu-threads.rst
+++ b/docs/kbase/internals/qemu-threads.rst
@ -62,7 +62,7 @@ There are a number of locks on various objects

    Agent job condition is then used when thread wishes to talk to qemu
    agent monitor. It is possible to acquire just agent job
-    (``qemuDomainObjBeginAgentJob``), or only normal job (``qemuDomainObjBeginJob``)
+    (``virDomainObjBeginAgentJob``), or only normal job (``virDomainObjBeginJob``)
    but not both at the same time. Holding an agent job and a normal job would
    allow an unresponsive or malicious agent to block normal libvirt API and
    potentially result in a denial of service. Which type of job to grab
@ -114,7 +114,7 @@ To lock the ``virDomainObj``

 To acquire the normal job condition

-  ``qemuDomainObjBeginJob()``
+  ``virDomainObjBeginJob()``
    - Waits until the job is compatible with current async job or no
      async job is running
    - Waits for ``job.cond`` condition ``job.active != 0`` using ``virDomainObj``
@ -123,25 +123,25 @@ To acquire the normal job condition
      isn't
    - Sets ``job.active`` to the job type

-  ``qemuDomainObjEndJob()``
+  ``virDomainObjEndJob()``
    - Sets job.active to 0
    - Signals on job.cond condition


 To acquire the agent job condition

-  ``qemuDomainObjBeginAgentJob()``
+  ``virDomainObjBeginAgentJob()``
    - Waits until there is no other agent job set
    - Sets ``job.agentActive`` to the job type

-  ``qemuDomainObjEndAgentJob()``
+  ``virDomainObjEndAgentJob()``
    - Sets ``job.agentActive`` to 0
    - Signals on ``job.cond`` condition


 To acquire the asynchronous job condition

-  ``qemuDomainObjBeginAsyncJob()``
+  ``virDomainObjBeginAsyncJob()``
    - Waits until no async job is running
    - Waits for ``job.cond`` condition ``job.active != 0`` using ``virDomainObj``
      mutex
@ -149,7 +149,7 @@ To acquire the asynchronous job condition
      and repeats waiting in that case
    - Sets ``job.asyncJob`` to the asynchronous job type

-  ``qemuDomainObjEndAsyncJob()``
+  ``virDomainObjEndAsyncJob()``
    - Sets ``job.asyncJob`` to 0
    - Broadcasts on ``job.asyncCond`` condition

@ -214,11 +214,11 @@ Design patterns

     obj = qemuDomObjFromDomain(dom);

-     qemuDomainObjBeginJob(obj, VIR_JOB_TYPE);
+     virDomainObjBeginJob(obj, VIR_JOB_TYPE);

     ...do work...

-     qemuDomainObjEndJob(obj);
+     virDomainObjEndJob(obj);

     virDomainObjEndAPI(&obj);

@ -230,7 +230,7 @@ Design patterns

     obj = qemuDomObjFromDomain(dom);

-     qemuDomainObjBeginJob(obj, VIR_JOB_TYPE);
+     virDomainObjBeginJob(obj, VIR_JOB_TYPE);

     ...do prep work...

@ -242,7 +242,7 @@ Design patterns

     ...do final work...

-     qemuDomainObjEndJob(obj);
+     virDomainObjEndJob(obj);
     virDomainObjEndAPI(&obj);


@ -253,7 +253,7 @@ Design patterns

     obj = qemuDomObjFromDomain(dom);

-     qemuDomainObjBeginAgentJob(obj, VIR_AGENT_JOB_TYPE);
+     virDomainObjBeginAgentJob(obj, VIR_AGENT_JOB_TYPE);

     ...do prep work...

@ -266,7 +266,7 @@ Design patterns

     ...do final work...

-     qemuDomainObjEndAgentJob(obj);
+     virDomainObjEndAgentJob(obj);
     virDomainObjEndAPI(&obj);


@ -277,7 +277,7 @@ Design patterns

     obj = qemuDomObjFromDomain(dom);

-     qemuDomainObjBeginAsyncJob(obj, VIR_ASYNC_JOB_TYPE);
+     virDomainObjBeginAsyncJob(obj, VIR_ASYNC_JOB_TYPE);
     qemuDomainObjSetAsyncJobMask(obj, allowedJobs);

     ...do prep work...
@ -306,7 +306,7 @@ Design patterns

     ...do final work...

-     qemuDomainObjEndAsyncJob(obj);
+     virDomainObjEndAsyncJob(obj);
     virDomainObjEndAPI(&obj);


@ -317,7 +317,7 @@ Design patterns

     obj = qemuDomObjFromDomain(dom);

-     qemuDomainObjBeginAsyncJob(obj, VIR_ASYNC_JOB_TYPE);
+     virDomainObjBeginAsyncJob(obj, VIR_ASYNC_JOB_TYPE);

     ...do prep work...

@ -334,5 +334,5 @@ Design patterns

     ...do final work...

-     qemuDomainObjEndAsyncJob(obj);
+     virDomainObjEndAsyncJob(obj);
     virDomainObjEndAPI(&obj);
--- a/docs/kbase/launch_security_sev.rst
+++ b/docs/kbase/launch_security_sev.rst
@ -206,6 +206,20 @@ libvirt to the correct OVMF binary.
   </os>
   ...

+If intending to attest the boot measurement, it is required to use a
+firmware binary that is stateless, as persistent NVRAM can undermine
+the trust of the secure guest. This is achieved by telling libvirt
+that a stateless binary is required
+
+::
+
+   ...
+   <os type='efi'>
+     <type arch='x86_64' machine='q35'>hvm</type>
+     <loader stateless='yes'/>
+   </os>
+   ...
+
 Memory
 ------

@ -373,6 +387,97 @@ running:
   # dmesg | grep -i sev
   AMD Secure Encrypted Virtualization (SEV) active

+Guest attestation for SEV/SEV-ES from a trusted host
+====================================================
+
+Before a confidential guest is used, it may be desirable to attest the boot
+measurement. To be trustworthy the attestation process needs to be performed
+from a machine that is already trusted. This would typically be a physical
+machine that the guest owner controls, or could be a previously launched
+confidential guest that has already itself been attested. Most notably, it is
+**not** possible to securely attest a guest from the hypervisor host itself,
+as the goal of the attestation process is to detect whether the hypervisor is
+malicious.
+
+Performing an attestation requires that the ``<launchSecurity>`` element is
+configured with a guest owner Diffie-Hellman (DH) certificate, and a session
+data blob. These must be unique for every guest launch attempt. Any reuse will
+open avenues of attack for the hypervisor to fake the measurement. Unique data
+can be generated using the `sevctl <https://github.com/virtee/sevctl>`_ tool.
+
+First of all the Platform Diffie-Hellman key (PDH) for the hypervisor host
+needs to be obtained. The PDH is used to negotiate a master secret between
+the SEV firmware and external entities.
+
+The admin of the hypervisor can extract the PDH using::
+
+  $ sevctl export --full ${hostname}.pdh
+
+Upon receiving the PDH associated with the hypervisor, the guest owner should
+validate its integrity::
+
+  $ sevctl verify --sev ${hostname}.pdh
+  PDH EP384 D256 008cec87d6bd9df67a35e7d6057a933463cd8a02440f60c5df150821b5662ee0
+   ⬑ PEK EP384 E256 431ba88424378200d58b6fb5db9657268c599b1be25f8047ac2e2981eff667e6
+     •⬑ OCA EP384 E256 b4f1d0a2144186d1aa9c63f19039834e729f508000aa05a76ba044f8e1419765
+      ⬑ CEK EP384 E256 22c27ee3c1c33287db24d3c06869a5ae933eb44148fdb70838019e267077c6b8
+         ⬑ ASK R4096 R384 d8cd9d1798c311c96e009a91552f17b4ddc4886a064ec933697734965b9ab29db803c79604e2725658f0861bfaf09ad4
+           •⬑ ARK R4096 R384 3d2c1157c29ef7bd4207fc0c8b08db080e579ceba267f8c93bec8dce73f5a5e2e60d959ac37ea82176c1a0c61ae203ed
+
+   • = self signed, ⬑ = signs, •̷ = invalid self sign, ⬑̸ = invalid signs
+
+Assuming this is successful, it is now possible to generate a unique launch
+data for the guest boot attempt::
+
+  $ sevctl session --name ${myvmname} ${hostname}.pdh ${policy}
+
+This will generate four files
+
+ * ``${myvmname}_tik.bin``
+ * ``${myvmname}_tek.bin``
+ * ``${myvmname}_godh.bin``
+ * ``${myvmname}_session.bin``
+
+The ``tik.bin`` and ``tek.bin`` files will be needed to perform the boot
+attestation, and must be kept somewhere secure, away from the hypervisor
+host.
+
+The ``godh.bin`` file contents should be copied into the ``<dhCert>`` field
+in the ``<launchSecurity>`` configuration, while the ``session.bin`` file
+contents should be copied into the ``<session>`` field.
+
+When launching the guest, it should be set to remain in the paused state with
+no vCPUs running::
+
+  $ virsh start --paused ${myvmname}
+
+With it launched, it is possible to query the launch measurement::
+
+  $ virsh domlaunchsecinfo ${myvmname}
+  sev-measurement: LMnv8i8N2QejezMPkscShF0cyPYCslgUoCxGWRqQuyt0Q0aUjVkH/T6NcmkwZkWp
+  sev-api-major  : 0
+  sev-api-minor  : 24
+  sev-build-id   : 15
+  sev-policy     : 3
+
+The techiques required to validate the measurement reported are beyond the
+scope of this document. Fortunately, libvirt provides a tool that can be used
+to perform this validation::
+
+  $ virt-qemu-sev-validate \
+      --measurement LMnv8i8N2QejezMPkscShF0cyPYCslgUoCxGWRqQuyt0Q0aUjVkH/T6NcmkwZkWp
+      --api-major 0
+      --api-minor 24
+      --build-id 15
+      --policy 3
+      --tik ${myvmname}_tik.bin
+      --tek ${myvmname}_tek.bin
+  OK: Looks good to me
+
+The `man page <../manpages/virt-qemu-sev-validate.html>`__ for
+``virt-qemu-sev-validate`` outlines a great many other ways to invoke this
+tool.
+
 Limitations
 ===========

--- a/docs/kbase/meson.build
+++ b/docs/kbase/meson.build
@ -50,7 +50,7 @@ foreach data : html_xslt_gen
    command: [
      xsltproc_prog,
      '--stringparam', 'pagesrc', data.get('source', ''),
-      '--stringparam', 'builddir', meson.build_root(),
+      '--stringparam', 'builddir', meson.project_build_root(),
      '--stringparam', 'timestamp', docs_timestamp,
      '--stringparam', 'href_base', data.get('href_base', ''),
      '--nonet',
--- a/Show More
+++ b/Show More