[Pkg-libvirt-commits] [SCM] Libvirt Debian packaging branch, experimental, updated. debian/0.9.0_rc1-1
Guido Günther
agx at sigxcpu.org
Tue Mar 29 08:42:22 UTC 2011
The following commit has been merged in the experimental branch:
commit b4a05a1f23720dcc420ec7e96249555427ee7202
Author: Guido Günther <agx at sigxcpu.org>
Date: Mon Mar 28 22:03:18 2011 +0200
Update patches
diff --git a/debian/patches/Autodetect-if-the-remote-nc-command-supports-the-q-o.patch b/debian/patches/Autodetect-if-the-remote-nc-command-supports-the-q-o.patch
index eb00494..aafef0f 100644
--- a/debian/patches/Autodetect-if-the-remote-nc-command-supports-the-q-o.patch
+++ b/debian/patches/Autodetect-if-the-remote-nc-command-supports-the-q-o.patch
@@ -16,10 +16,10 @@ Bug: https://bugzilla.redhat.com/show_bug.cgi?id=614420
1 files changed, 40 insertions(+), 7 deletions(-)
diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
-index 4ca0d3b..27757ce 100644
+index 71dd68f..d2da193 100644
--- a/src/remote/remote_driver.c
+++ b/src/remote/remote_driver.c
-@@ -738,7 +738,8 @@ doRemoteOpen (virConnectPtr conn,
+@@ -744,7 +744,8 @@ doRemoteOpen (virConnectPtr conn,
}
case trans_ssh: {
@@ -29,7 +29,7 @@ index 4ca0d3b..27757ce 100644
if (username) nr_args += 2; /* For -l username */
if (no_tty) nr_args += 5; /* For -T -o BatchMode=yes -e none */
-@@ -771,12 +772,44 @@ doRemoteOpen (virConnectPtr conn,
+@@ -777,12 +778,44 @@ doRemoteOpen (virConnectPtr conn,
cmd_argv[j++] = strdup ("none");
}
cmd_argv[j++] = strdup (priv->hostname);
diff --git a/debian/patches/Debianize-libvirt-guests.patch b/debian/patches/Debianize-libvirt-guests.patch
index 0e8519c..a035ba9 100644
--- a/debian/patches/Debianize-libvirt-guests.patch
+++ b/debian/patches/Debianize-libvirt-guests.patch
@@ -9,7 +9,7 @@ Origin: vendor
2 files changed, 17 insertions(+), 32 deletions(-)
diff --git a/tools/libvirt-guests.init.sh b/tools/libvirt-guests.init.sh
-index 8823d06..7480c32 100644
+index f247e5e..e69570c 100644
--- a/tools/libvirt-guests.init.sh
+++ b/tools/libvirt-guests.init.sh
@@ -4,8 +4,8 @@
@@ -75,7 +75,7 @@ index 8823d06..7480c32 100644
RETVAL=0
-@@ -296,8 +282,7 @@ gueststatus() {
+@@ -303,8 +289,7 @@ gueststatus() {
# rh_status
# Display current status: whether saved state exists, and whether start
diff --git a/debian/patches/Do-not-add-drive-boot-on-param-when-a-kernel-is-spec.patch b/debian/patches/Do-not-add-drive-boot-on-param-when-a-kernel-is-spec.patch
deleted file mode 100644
index 290266b..0000000
--- a/debian/patches/Do-not-add-drive-boot-on-param-when-a-kernel-is-spec.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From: Jim Fehlig <jfehlig at novell.com>
-Date: Thu, 17 Feb 2011 14:22:55 -0700
-Subject: Do not add drive 'boot=on' param when a kernel is specified
-
-libvirt-tck was failing several domain tests [1] with qemu 0.14, which
-is now less tolerable of specifying 2 bootroms with the same boot index [2].
-
-Drop the 'boot=on' param if kernel has been specfied.
-
-[1] https://www.redhat.com/archives/libvir-list/2011-February/msg00559.html
-[2] http://lists.nongnu.org/archive/html/qemu-devel/2011-02/msg01892.html
----
- src/qemu/qemu_command.c | 2 +-
- 1 files changed, 1 insertions(+), 1 deletions(-)
-
-diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
-index 05f427c..35e54b4 100644
---- a/src/qemu/qemu_command.c
-+++ b/src/qemu/qemu_command.c
-@@ -3116,7 +3116,7 @@ qemuBuildCommandLine(virConnectPtr conn,
- int bootCD = 0, bootFloppy = 0, bootDisk = 0;
-
- /* If QEMU supports boot=on for -drive param... */
-- if (qemuCmdFlags & QEMUD_CMD_FLAG_DRIVE_BOOT) {
-+ if (qemuCmdFlags & QEMUD_CMD_FLAG_DRIVE_BOOT && !def->os.kernel) {
- for (i = 0 ; i < def->os.nBootDevs ; i++) {
- switch (def->os.bootDevs[i]) {
- case VIR_DOMAIN_BOOT_CDROM:
---
diff --git a/debian/patches/Don-t-pass-empty-arguments-to-dnsmasq.patch b/debian/patches/Don-t-pass-empty-arguments-to-dnsmasq.patch
deleted file mode 100644
index f6b2f3c..0000000
--- a/debian/patches/Don-t-pass-empty-arguments-to-dnsmasq.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx at sigxcpu.org>
-Date: Fri, 18 Feb 2011 15:47:48 +0100
-Subject: Don't pass empty arguments to dnsmasq
-
-unbreaks dnsmasq >= 2.56
----
- src/network/bridge_driver.c | 2 +-
- 1 files changed, 1 insertions(+), 1 deletions(-)
-
-diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
-index c4ee1e8..c8b1e12 100644
---- a/src/network/bridge_driver.c
-+++ b/src/network/bridge_driver.c
-@@ -468,7 +468,7 @@ networkBuildDnsmasqArgv(virNetworkObjPtr network,
- virCommandAddArgPair(cmd, "--pid-file", pidfile);
-
- /* *no* conf file */
-- virCommandAddArgList(cmd, "--conf-file=", "", NULL);
-+ virCommandAddArgList(cmd, "--conf-file=", NULL);
-
- virCommandAddArgList(cmd,
- "--except-interface", "lo",
---
diff --git a/debian/patches/Make-sure-the-rundir-is-accessible-by-the-user.patch b/debian/patches/Make-sure-the-rundir-is-accessible-by-the-user.patch
deleted file mode 100644
index dc30167..0000000
--- a/debian/patches/Make-sure-the-rundir-is-accessible-by-the-user.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx at sigxcpu.org>
-Date: Wed, 9 Mar 2011 14:15:48 +0100
-Subject: Make sure the rundir is accessible by the user
-
-otherwise the user might not have enough permissions to access the
-socket if root's umask is 077.
-
-http://bugs.debian.org/614210
----
- daemon/libvirtd.c | 4 ++++
- 1 files changed, 4 insertions(+), 0 deletions(-)
-
-diff --git a/daemon/libvirtd.c b/daemon/libvirtd.c
-index f4b3327..7ce75f4 100644
---- a/daemon/libvirtd.c
-+++ b/daemon/libvirtd.c
-@@ -3225,16 +3225,20 @@ int main(int argc, char **argv) {
- /* Ensure the rundir exists (on tmpfs on some systems) */
- if (geteuid() == 0) {
- const char *rundir = LOCALSTATEDIR "/run/libvirt";
-+ mode_t old_umask;
-
-+ old_umask = umask(022);
- if (mkdir (rundir, 0755)) {
- if (errno != EEXIST) {
- char ebuf[1024];
- VIR_ERROR(_("unable to create rundir %s: %s"), rundir,
- virStrerror(errno, ebuf, sizeof(ebuf)));
- ret = VIR_DAEMON_ERR_RUNDIR;
-+ umask(old_umask);
- goto error;
- }
- }
-+ umask(old_umask);
- }
-
- /* Beyond this point, nothing should rely on using
---
diff --git a/debian/patches/allow-libvirt-group-to-access-the-socket.patch b/debian/patches/allow-libvirt-group-to-access-the-socket.patch
index 391343f..250a6c6 100644
--- a/debian/patches/allow-libvirt-group-to-access-the-socket.patch
+++ b/debian/patches/allow-libvirt-group-to-access-the-socket.patch
@@ -7,7 +7,7 @@ Subject: allow libvirt group to access the socket
1 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/daemon/libvirtd.conf b/daemon/libvirtd.conf
-index 163a80f..93b010d 100644
+index 3a071b0..36dab4c 100644
--- a/daemon/libvirtd.conf
+++ b/daemon/libvirtd.conf
@@ -78,7 +78,7 @@
diff --git a/debian/patches/fix-Debian-specific-path-to-hvm-loader.patch b/debian/patches/fix-Debian-specific-path-to-hvm-loader.patch
index 7ab6cb0..84323b2 100644
--- a/debian/patches/fix-Debian-specific-path-to-hvm-loader.patch
+++ b/debian/patches/fix-Debian-specific-path-to-hvm-loader.patch
@@ -12,10 +12,10 @@ Closes: #517059
5 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/src/xen/xen_hypervisor.c b/src/xen/xen_hypervisor.c
-index 4a0924f..4d27d92 100644
+index 47355ce..049e2b8 100644
--- a/src/xen/xen_hypervisor.c
+++ b/src/xen/xen_hypervisor.c
-@@ -2269,7 +2269,7 @@ xenHypervisorBuildCapabilities(virConnectPtr conn,
+@@ -2330,7 +2330,7 @@ xenHypervisorBuildCapabilities(virConnectPtr conn,
"/usr/lib64/xen/bin/qemu-dm" :
"/usr/lib/xen/bin/qemu-dm"),
(guest_archs[i].hvm ?
diff --git a/debian/patches/patch-qemuMonitorTextGetMigrationStatus-to-intercept.patch b/debian/patches/patch-qemuMonitorTextGetMigrationStatus-to-intercept.patch
index f167620..3888864 100644
--- a/debian/patches/patch-qemuMonitorTextGetMigrationStatus-to-intercept.patch
+++ b/debian/patches/patch-qemuMonitorTextGetMigrationStatus-to-intercept.patch
@@ -41,10 +41,10 @@ to savely detect that the command 'info migrate' is not implemented.
1 files changed, 9 insertions(+), 1 deletions(-)
diff --git a/src/qemu/qemu_monitor_text.c b/src/qemu/qemu_monitor_text.c
-index 6d0ba4c..72455ac 100644
+index 75b2995..4a2e4ab 100644
--- a/src/qemu/qemu_monitor_text.c
+++ b/src/qemu/qemu_monitor_text.c
-@@ -1194,7 +1194,15 @@ int qemuMonitorTextGetMigrationStatus(qemuMonitorPtr mon,
+@@ -1190,7 +1190,15 @@ int qemuMonitorTextGetMigrationStatus(qemuMonitorPtr mon,
*total *= 1024;
}
diff --git a/debian/patches/qemu-disable-network.diff.patch b/debian/patches/qemu-disable-network.diff.patch
index eaaae3e..7556dcf 100644
--- a/debian/patches/qemu-disable-network.diff.patch
+++ b/debian/patches/qemu-disable-network.diff.patch
@@ -8,10 +8,10 @@ Subject: qemu-disable-network.diff
2 files changed, 0 insertions(+), 6 deletions(-)
diff --git a/src/Makefile.am b/src/Makefile.am
-index 2f94efd..8f85aab 100644
+index c3729a6..017ea32 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
-@@ -1244,9 +1244,6 @@ if WITH_NETWORK
+@@ -1305,9 +1305,6 @@ if WITH_NETWORK
cp $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/default.xml.t \
$(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/default.xml && \
rm $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/default.xml.t; }
@@ -22,10 +22,10 @@ index 2f94efd..8f85aab 100644
uninstall-local::
diff --git a/src/Makefile.in b/src/Makefile.in
-index bff8403..f146183 100644
+index 952f50f..bafbeb2 100644
--- a/src/Makefile.in
+++ b/src/Makefile.in
-@@ -5548,9 +5548,6 @@ install-data-local:
+@@ -5746,9 +5746,6 @@ install-data-local:
@WITH_NETWORK_TRUE@ cp $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/default.xml.t \
@WITH_NETWORK_TRUE@ $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/default.xml && \
@WITH_NETWORK_TRUE@ rm $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/default.xml.t; }
diff --git a/debian/patches/remove-RHism.diff.patch b/debian/patches/remove-RHism.diff.patch
index 2aa230b..64c6384 100644
--- a/debian/patches/remove-RHism.diff.patch
+++ b/debian/patches/remove-RHism.diff.patch
@@ -7,7 +7,7 @@ Subject: remove-RHism.diff
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/tools/virsh.pod b/tools/virsh.pod
-index a2ca384..2086adb 100644
+index d332676..ca43498 100644
--- a/tools/virsh.pod
+++ b/tools/virsh.pod
@@ -97,7 +97,7 @@ Output elapsed time information for each command.
diff --git a/debian/patches/series b/debian/patches/series
index 51fdbbd..466bf3f 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -6,7 +6,3 @@ Autodetect-if-the-remote-nc-command-supports-the-q-o.patch
patch-qemuMonitorTextGetMigrationStatus-to-intercept.patch
Disable-CHECKSUM-rule.patch
Debianize-libvirt-guests.patch
-Don-t-pass-empty-arguments-to-dnsmasq.patch
-Do-not-add-drive-boot-on-param-when-a-kernel-is-spec.patch
-Make-sure-the-rundir-is-accessible-by-the-user.patch
-upstream/Add-missing-checks-for-read-only-connections.patch
diff --git a/debian/patches/upstream/Add-missing-checks-for-read-only-connections.patch b/debian/patches/upstream/Add-missing-checks-for-read-only-connections.patch
deleted file mode 100644
index 8cb2546..0000000
--- a/debian/patches/upstream/Add-missing-checks-for-read-only-connections.patch
+++ /dev/null
@@ -1,97 +0,0 @@
-From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx at sigxcpu.org>
-Date: Mon, 14 Mar 2011 10:56:28 +0800
-Subject: Add missing checks for read only connections
-
-As pointed on CVE-2011-1146, some API forgot to check the read-only
-status of the connection for entry point which modify the state
-of the system or may lead to a remote execution using user data.
-The entry points concerned are:
- - virConnectDomainXMLToNative
- - virNodeDeviceDettach
- - virNodeDeviceReAttach
- - virNodeDeviceReset
- - virDomainRevertToSnapshot
- - virDomainSnapshotDelete
-
-* src/libvirt.c: fix the above set of entry points to error on read-only
- connections
-
-Closes: #617773
----
- src/libvirt.c | 27 +++++++++++++++++++++++++++
- 1 files changed, 27 insertions(+), 0 deletions(-)
-
-diff --git a/src/libvirt.c b/src/libvirt.c
-index f65cc24..8c70a1f 100644
---- a/src/libvirt.c
-+++ b/src/libvirt.c
-@@ -3152,6 +3152,10 @@ char *virConnectDomainXMLToNative(virConnectPtr conn,
- virDispatchError(NULL);
- return NULL;
- }
-+ if (conn->flags & VIR_CONNECT_RO) {
-+ virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
-+ goto error;
-+ }
-
- if (nativeFormat == NULL || domainXml == NULL) {
- virLibConnError(VIR_ERR_INVALID_ARG, __FUNCTION__);
-@@ -9579,6 +9583,11 @@ virNodeDeviceDettach(virNodeDevicePtr dev)
- return -1;
- }
-
-+ if (dev->conn->flags & VIR_CONNECT_RO) {
-+ virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
-+ goto error;
-+ }
-+
- if (dev->conn->driver->nodeDeviceDettach) {
- int ret;
- ret = dev->conn->driver->nodeDeviceDettach (dev);
-@@ -9622,6 +9631,11 @@ virNodeDeviceReAttach(virNodeDevicePtr dev)
- return -1;
- }
-
-+ if (dev->conn->flags & VIR_CONNECT_RO) {
-+ virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
-+ goto error;
-+ }
-+
- if (dev->conn->driver->nodeDeviceReAttach) {
- int ret;
- ret = dev->conn->driver->nodeDeviceReAttach (dev);
-@@ -9667,6 +9681,11 @@ virNodeDeviceReset(virNodeDevicePtr dev)
- return -1;
- }
-
-+ if (dev->conn->flags & VIR_CONNECT_RO) {
-+ virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
-+ goto error;
-+ }
-+
- if (dev->conn->driver->nodeDeviceReset) {
- int ret;
- ret = dev->conn->driver->nodeDeviceReset (dev);
-@@ -12962,6 +12981,10 @@ virDomainRevertToSnapshot(virDomainSnapshotPtr snapshot,
- }
-
- conn = snapshot->domain->conn;
-+ if (conn->flags & VIR_CONNECT_RO) {
-+ virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
-+ goto error;
-+ }
-
- if (conn->driver->domainRevertToSnapshot) {
- int ret = conn->driver->domainRevertToSnapshot(snapshot, flags);
-@@ -13008,6 +13031,10 @@ virDomainSnapshotDelete(virDomainSnapshotPtr snapshot,
- }
-
- conn = snapshot->domain->conn;
-+ if (conn->flags & VIR_CONNECT_RO) {
-+ virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
-+ goto error;
-+ }
-
- if (conn->driver->domainSnapshotDelete) {
- int ret = conn->driver->domainSnapshotDelete(snapshot, flags);
---
--
Libvirt Debian packaging
More information about the Pkg-libvirt-commits
mailing list