From a9e0981673c1a19132b2404547eed468cecc9de1 Mon Sep 17 00:00:00 2001 From: Mark McLoughlin Date: Thu, 16 Apr 2009 17:57:40 +0000 Subject: [PATCH] 0.6.1 has been unpushed from updates-testing Revert to libvirt-0_5_1-2_fc9 tag --- libvirt-0.5.1-read-only-checks.patch | 152 +++++++++++++++++++++++++++ libvirt.spec | 96 ++--------------- sources | 2 +- 3 files changed, 160 insertions(+), 90 deletions(-) create mode 100644 libvirt-0.5.1-read-only-checks.patch diff --git a/libvirt-0.5.1-read-only-checks.patch b/libvirt-0.5.1-read-only-checks.patch new file mode 100644 index 0000000..45bf34f --- /dev/null +++ b/libvirt-0.5.1-read-only-checks.patch @@ -0,0 +1,152 @@ +diff --git a/src/libvirt.c b/src/libvirt.c +--- a/src/libvirt.c ++++ b/src/libvirt.c +@@ -2296,6 +2296,16 @@ virDomainMigrate (virDomainPtr domain, + conn = domain->conn; /* Source connection. */ + if (!VIR_IS_CONNECT (dconn)) { + virLibConnError (conn, VIR_ERR_INVALID_CONN, __FUNCTION__); ++ return NULL; ++ } ++ ++ if (domain->conn->flags & VIR_CONNECT_RO) { ++ virLibDomainError(domain, VIR_ERR_OPERATION_DENIED, __FUNCTION__); ++ return NULL; ++ } ++ if (dconn->flags & VIR_CONNECT_RO) { ++ /* NB, delibrately report error against source object, not dest here */ ++ virLibDomainError(domain, VIR_ERR_OPERATION_DENIED, __FUNCTION__); + return NULL; + } + +@@ -2426,6 +2436,11 @@ virDomainMigratePrepare (virConnectPtr d + return -1; + } + ++ if (dconn->flags & VIR_CONNECT_RO) { ++ virLibConnError(dconn, VIR_ERR_OPERATION_DENIED, __FUNCTION__); ++ return -1; ++ } ++ + if (dconn->driver->domainMigratePrepare) + return dconn->driver->domainMigratePrepare (dconn, cookie, cookielen, + uri_in, uri_out, +@@ -2457,6 +2472,11 @@ virDomainMigratePerform (virDomainPtr do + } + conn = domain->conn; + ++ if (domain->conn->flags & VIR_CONNECT_RO) { ++ virLibDomainError(domain, VIR_ERR_OPERATION_DENIED, __FUNCTION__); ++ return -1; ++ } ++ + if (conn->driver->domainMigratePerform) + return conn->driver->domainMigratePerform (domain, cookie, cookielen, + uri, +@@ -2482,6 +2502,11 @@ virDomainMigrateFinish (virConnectPtr dc + + if (!VIR_IS_CONNECT (dconn)) { + virLibConnError (NULL, VIR_ERR_INVALID_CONN, __FUNCTION__); ++ return NULL; ++ } ++ ++ if (dconn->flags & VIR_CONNECT_RO) { ++ virLibConnError(dconn, VIR_ERR_OPERATION_DENIED, __FUNCTION__); + return NULL; + } + +@@ -2517,6 +2542,11 @@ virDomainMigratePrepare2 (virConnectPtr + return -1; + } + ++ if (dconn->flags & VIR_CONNECT_RO) { ++ virLibConnError(dconn, VIR_ERR_OPERATION_DENIED, __FUNCTION__); ++ return -1; ++ } ++ + if (dconn->driver->domainMigratePrepare2) + return dconn->driver->domainMigratePrepare2 (dconn, cookie, cookielen, + uri_in, uri_out, +@@ -2547,6 +2577,11 @@ virDomainMigrateFinish2 (virConnectPtr d + return NULL; + } + ++ if (dconn->flags & VIR_CONNECT_RO) { ++ virLibConnError(dconn, VIR_ERR_OPERATION_DENIED, __FUNCTION__); ++ return NULL; ++ } ++ + if (dconn->driver->domainMigrateFinish2) + return dconn->driver->domainMigrateFinish2 (dconn, dname, + cookie, cookielen, +@@ -2905,6 +2940,11 @@ virDomainBlockPeek (virDomainPtr dom, + } + conn = dom->conn; + ++ if (dom->conn->flags & VIR_CONNECT_RO) { ++ virLibDomainError(dom, VIR_ERR_OPERATION_DENIED, __FUNCTION__); ++ return (-1); ++ } ++ + if (!path) { + virLibDomainError (dom, VIR_ERR_INVALID_ARG, + _("path is NULL")); +@@ -2980,6 +3020,11 @@ virDomainMemoryPeek (virDomainPtr dom, + } + conn = dom->conn; + ++ if (dom->conn->flags & VIR_CONNECT_RO) { ++ virLibDomainError(dom, VIR_ERR_OPERATION_DENIED, __FUNCTION__); ++ return (-1); ++ } ++ + /* Flags must be VIR_MEMORY_VIRTUAL at the moment. + * + * Note on access to physical memory: A VIR_MEMORY_PHYSICAL flag is +@@ -3246,6 +3291,11 @@ virDomainSetAutostart(virDomainPtr domai + } + + conn = domain->conn; ++ ++ if (domain->conn->flags & VIR_CONNECT_RO) { ++ virLibDomainError(domain, VIR_ERR_OPERATION_DENIED, __FUNCTION__); ++ return (-1); ++ } + + if (conn->driver->domainSetAutostart) + return conn->driver->domainSetAutostart (domain, autostart); +@@ -4197,6 +4247,11 @@ virNetworkSetAutostart(virNetworkPtr net + return (-1); + } + ++ if (network->conn->flags & VIR_CONNECT_RO) { ++ virLibNetworkError(network, VIR_ERR_OPERATION_DENIED, __FUNCTION__); ++ return (-1); ++ } ++ + conn = network->conn; + + if (conn->networkDriver && conn->networkDriver->networkSetAutostart) +@@ -4395,6 +4450,11 @@ virConnectFindStoragePoolSources(virConn + return NULL; + } + ++ if (conn->flags & VIR_CONNECT_RO) { ++ virLibConnError(conn, VIR_ERR_OPERATION_DENIED, __FUNCTION__); ++ return NULL; ++ } ++ + if (conn->storageDriver && conn->storageDriver->findPoolSources) + return conn->storageDriver->findPoolSources(conn, type, srcSpec, flags); + +@@ -5068,6 +5128,11 @@ virStoragePoolSetAutostart(virStoragePoo + return (-1); + } + ++ if (pool->conn->flags & VIR_CONNECT_RO) { ++ virLibStoragePoolError(pool, VIR_ERR_OPERATION_DENIED, __FUNCTION__); ++ return (-1); ++ } ++ + conn = pool->conn; + + if (conn->storageDriver && conn->storageDriver->poolSetAutostart) diff --git a/libvirt.spec b/libvirt.spec index f10c777..749da0d 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -11,7 +11,6 @@ %define with_python 0%{!?_without_python:1} %define with_libvirtd 0%{!?_without_libvirtd:1} %define with_uml 0%{!?_without_uml:1} -%define with_network 0%{!?_without_network:1} # Xen is available only on i386 x86_64 ia64 %ifnarch i386 i686 x86_64 ia64 @@ -33,25 +32,15 @@ %define with_xen_proxy 0 %endif -# -# If building on RHEL switch on the specific support -# for the specific Xen version -# -%if 0%{?fedora} -%define with_rhel5 0 -%else -%define with_rhel5 1 -%endif - - Summary: Library providing a simple API virtualization Name: libvirt -Version: 0.6.1 -Release: 1%{?dist}%{?extra_release} +Version: 0.5.1 +Release: 2%{?dist}%{?extra_release} License: LGPLv2+ Group: Development/Libraries Source: libvirt-%{version}.tar.gz BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root +Patch0: libvirt-0.5.1-read-only-checks.patch URL: http://libvirt.org/ BuildRequires: python python-devel Requires: libxml2 @@ -136,8 +125,6 @@ BuildRequires: lvm2 BuildRequires: iscsi-initiator-utils # For disk driver BuildRequires: parted-devel -# For QEMU/LXC numa info -BuildRequires: numactl-devel Obsoletes: libvir # Fedora build root suckage @@ -177,6 +164,7 @@ of recent versions of Linux (and other OSes). %prep %setup -q +%patch0 -p1 %build %if ! %{with_xen} @@ -219,14 +207,6 @@ of recent versions of Linux (and other OSes). %define _without_uml --without-uml %endif -%if %{with_rhel5} -%define _with_rhel5_api --with-rhel5-api -%endif - -%if ! %{with_network} -%define _without_network --without-network -%endif - %configure %{?_without_xen} \ %{?_without_qemu} \ %{?_without_openvz} \ @@ -237,8 +217,6 @@ of recent versions of Linux (and other OSes). %{?_without_python} \ %{?_without_libvirtd} \ %{?_without_uml} \ - %{?_without_network} \ - %{?_with_rhel5_api} \ --with-init-script=redhat \ --with-qemud-pid-file=%{_localstatedir}/run/libvirt_qemud.pid \ --with-remote-file=%{_localstatedir}/run/libvirtd.pid @@ -249,9 +227,7 @@ rm -fr %{buildroot} %makeinstall (cd docs/examples ; make clean ; rm -rf .deps Makefile Makefile.in) -(cd docs/examples/python ; rm -rf .deps Makefile Makefile.in) -(cd examples/hellolibvirt ; make clean ; rm -rf .deps .libs Makefile Makefile.in) -(cd examples/domain-events/events-c ; make clean ;rm -rf .deps .libs Makefile Makefile.in) +(cd docs/examples/python ; rm -f Makefile Makefile.in) rm -f $RPM_BUILD_ROOT%{_libdir}/*.la rm -f $RPM_BUILD_ROOT%{_libdir}/*.a rm -f $RPM_BUILD_ROOT%{_libdir}/python*/site-packages/*.la @@ -301,7 +277,7 @@ rm -fr %{buildroot} # or on the first upgrade from a non-network aware libvirt only. # We check this by looking to see if the daemon is already installed /sbin/chkconfig --list libvirtd 1>/dev/null 2>&1 -if [ $? != 0 -a ! -f %{_sysconfdir}/libvirt/qemu/networks/default.xml ] +if [ $? != 0 ] then UUID=`/usr/bin/uuidgen` sed -e "s,,\n $UUID," \ @@ -344,7 +320,6 @@ fi %{_sysconfdir}/rc.d/init.d/libvirtd %config(noreplace) %{_sysconfdir}/sysconfig/libvirtd %config(noreplace) %{_sysconfdir}/libvirt/libvirtd.conf -%config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd %endif %if %{with_qemu} @@ -361,42 +336,11 @@ fi %{_datadir}/libvirt/networks/default.xml %endif -%dir %{_datadir}/libvirt/ -%dir %{_datadir}/libvirt/schemas/ - -%{_datadir}/libvirt/schemas/domain.rng -%{_datadir}/libvirt/schemas/network.rng -%{_datadir}/libvirt/schemas/storagepool.rng -%{_datadir}/libvirt/schemas/storagevol.rng -%{_datadir}/libvirt/schemas/nodedev.rng -%{_datadir}/libvirt/schemas/capability.rng - %dir %{_localstatedir}/run/libvirt/ - %dir %{_localstatedir}/lib/libvirt/ %dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/images/ %dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/boot/ -%if %{with_qemu} -%dir %{_localstatedir}/run/libvirt/qemu/ -%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/qemu/ -%endif -%if %{with_lxc} -%dir %{_localstatedir}/run/libvirt/lxc/ -%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/lxc/ -%endif -%if %{with_uml} -%dir %{_localstatedir}/run/libvirt/uml/ -%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/uml/ -%endif -%if %{with_network} -%dir %{_localstatedir}/run/libvirt/network/ -%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/network/ -%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/iptables/ -%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/iptables/filter/ -%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/iptables/nat/ -%endif - %if %{with_qemu} %{_datadir}/augeas/lenses/libvirtd_qemu.aug %{_datadir}/augeas/lenses/tests/test_libvirtd_qemu.aug @@ -411,7 +355,6 @@ fi %{_datadir}/PolicyKit/policy/org.libvirt.unix.policy %endif -%dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/ %if %{with_qemu} %dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/qemu/ %endif @@ -429,6 +372,7 @@ fi %attr(0755, root, root) %{_sbindir}/libvirtd %endif +%doc docs/*.rng %doc docs/*.xml %files devel @@ -446,7 +390,6 @@ fi %doc docs/*.html docs/html docs/*.gif %doc docs/examples %doc docs/libvirt-api.xml -%doc examples %if %{with_python} %files python @@ -462,31 +405,6 @@ fi %endif %changelog -* Wed Mar 4 2009 Daniel Veillard - 0.6.1-1.fc9 -- upstream release 0.6.1 -- support for node device detach reattach and reset -- sVirt mandatory access control support -- many bug fixes and small improvements - -* Wed Feb 18 2009 Daniel P. Berrange - 0.6.0-3.fc9 -- Fix QEMU startup timeout/race (rhbz #484649) -- Setup DBus threading. Don't allow dbus to call _exit / change SIGPIPE (rhbz #484553) -- Fix timeout when autostarting session daemon - -* Fri Feb 6 2009 Daniel P. Berrange - 0.6.0-2.fc9 -- Fix libvirtd --timeout usage -- Fix RPC call problems and QEMU startup handling (rhbz #484414) -- Fix unowned directories (rhbz #483442) - -* Sat Jan 31 2009 Daniel Veillard - 0.6.0-1.fc9 -- upstream release 0.6.0 -- thread safety of API -- allow QEmu/KVM domains to survive daemon restart -- extended logging capabilities -- support copy on write storage volumes for QEmu/KVM -- support of storage cache control options for QEmu/KVM -- a lot of bug fixes - * Wed Dec 17 2008 Daniel Veillard - 0.5.1-2.fc9 - fix missing read-only access checks, fixes CVE-2008-5086 diff --git a/sources b/sources index 12fd240..00a8b04 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -3154ea9d4a0778497dfdf58cb98127c0 libvirt-0.6.1.tar.gz +abc697978e9c66cbc8d8db4fa3f1c1b6 libvirt-0.5.1.tar.gz