[Pkg-libvirt-commits] [libvirt] 02/09: Bug#844339: [PATCH v3 2/4] libvirt-daemon-system.{config, templates, postinst, NEWS}: warn if allocated uid/gid is taken

Guido Guenther agx at moszumanska.debian.org
Thu Dec 22 14:07:45 UTC 2016 

This is an automated email from the git hooks/post-receive script.

agx pushed a commit to annotated tag debian/2.5.0-2
in repository libvirt.

commit 48c6049c77b521866af5d02dc27122a209203f4a
Author: Mauricio Faria de Oliveira <mauricfo at linux.vnet.ibm.com>
Date:   Fri Nov 18 15:07:08 2016 -0200

    Bug#844339: [PATCH v3 2/4] libvirt-daemon-system.{config,templates,postinst,NEWS}: warn if allocated uid/gid is taken
    
    If the uid/gid that is allocated for libvirt-qemu (64055)
    is already in use by another user/group, stop/ask user if
    it is OK to continue (e.g., no plans with guest migration
    over NFS) or abort to go fix the problem.
    
    This warning is only displayed on new installations.  The
    default value is 'yes'/continue/do not abort, thus not to
    disrupt automated installations.
    
    On existing installations, no warning is displayed - just
    a NEWS file is provided.
    
    Signed-off-by: Mauricio Faria de Oliveira <mauricfo at linux.vnet.ibm.com>
    Signed-off-by: Guido Günther <agx at sigxcpu.org>
---
 debian/libvirt-daemon-system.NEWS      | 22 ++++++++++++++++++++++
 debian/libvirt-daemon-system.config    | 26 ++++++++++++++++++++++++++
 debian/libvirt-daemon-system.postinst  |  3 +++
 debian/libvirt-daemon-system.templates | 18 ++++++++++++++++++
 4 files changed, 69 insertions(+)

diff --git a/debian/libvirt-daemon-system.NEWS b/debian/libvirt-daemon-system.NEWS
index 977abdb..94367e5 100644
--- a/debian/libvirt-daemon-system.NEWS
+++ b/debian/libvirt-daemon-system.NEWS
@@ -1,3 +1,25 @@
+libvirt (2.4.0-2uidgid3) UNRELEASED; urgency=medium
+
+  libvirt-daemon-system now uses the allocated uid and gid 64055
+  for the libvirt-qemu user and group on new installations, when
+  the uid/gid is available (otherwise a debconf warning is shown).
+
+  On existing installations, which have different uid/gid values
+  assigned, the recommended procedure is to reassign the uid/gid
+  (might require considerations for ownership/permission changes).
+  No debconf warning is shown in this case; only this NEWS entry.
+
+  This change is in order to prevent I/O errors during migration
+  of guests with disk image files shared over NFS, caused by the
+  different uid/gid ownership between the source and destination
+  host systems, which leads to access/permission errors with NFS.
+
+  If guest migration over NFS is not a requirement in the system,
+  there should not be any impact to the guests for not using the
+  allocated uid/gid.
+
+ -- Mauricio Faria de Oliveira <mauricfo at linux.vnet.ibm.com>  Thu, 18 Nov 2016 13:56:38 -0200
+
 libvirt (1.2.9~rc1-1) experimental; urgency=medium
 
   libvirtd now uses PolicyKit instead of unix socket domain permissions for r/w
diff --git a/debian/libvirt-daemon-system.config b/debian/libvirt-daemon-system.config
new file mode 100755
index 0000000..caf0ac2
--- /dev/null
+++ b/debian/libvirt-daemon-system.config
@@ -0,0 +1,26 @@
+#!/bin/sh -e
+
+# Source debconf library.
+. /usr/share/debconf/confmodule
+
+# Allocated UID and GID for libvirt-qemu
+LIBVIRT_QEMU_UID=64055
+LIBVIRT_QEMU_GID=64055
+
+# Check if allocated UID/GID are assigned to a different user/group.
+UID_TO_NAME="$(getent passwd $LIBVIRT_QEMU_UID | cut -d: -f1)"
+GID_TO_NAME="$(getent group  $LIBVIRT_QEMU_GID | cut -d: -f1)"
+
+if ( [ -n "$UID_TO_NAME" ] && [ "$UID_TO_NAME" != 'libvirt-qemu' ] ) \
+|| ( [ -n "$GID_TO_NAME" ] && [ "$GID_TO_NAME" != 'libvirt-qemu' ] ) \
+then
+	# Ask if the user would like to continue or abort installation.
+	db_input high libvirt-daemon-system/id_warning || true
+	db_go
+	db_get libvirt-daemon-system/id_warning
+	if [ "$RET" = "false" ]; then
+		exit 1
+	fi
+fi
+
+exit 0
diff --git a/debian/libvirt-daemon-system.postinst b/debian/libvirt-daemon-system.postinst
index 99e9fec..f36b806 100644
--- a/debian/libvirt-daemon-system.postinst
+++ b/debian/libvirt-daemon-system.postinst
@@ -17,6 +17,9 @@ set -e
 # for details, see http://www.debian.org/doc/debian-policy/ or
 # the debian-policy package
 
+# Source debconf library.
+. /usr/share/debconf/confmodule
+
 add_users_groups()
 {
     if ! getent group libvirt >/dev/null; then
diff --git a/debian/libvirt-daemon-system.templates b/debian/libvirt-daemon-system.templates
new file mode 100644
index 0000000..7e1594b
--- /dev/null
+++ b/debian/libvirt-daemon-system.templates
@@ -0,0 +1,18 @@
+Template: libvirt-daemon-system/id_warning
+Type: boolean
+Default: true
+Description: Continue with incorrect libvirt-qemu user/group ID(s)?
+  The user/group ID (uid/gid) allocated for libvirt-qemu (64055)
+  seems to be taken by another user/group, thus it is not possible
+  to create the user/group with this numeric ID.
+ .
+  The migration of guests with disk image files shared over NFS
+  requires a static libvirt-qemu user and group ID (uid and gid)
+  between the source and destination host systems.
+ .
+  If guest migration over NFS is not required, you can continue
+  the installation.
+ .
+  In order to resolve this problem, do not continue the installation,
+  release the 64055 uid/gid (which might involve permission changes),
+  then install this package again.

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-libvirt/libvirt.git

More information about the Pkg-libvirt-commits mailing list