[Pkg-libvirt-commits] [Git][libvirt-team/libvirt][debian/master] 2 commits: rules: Rework installation of AppArmor-related files

Guido Günther (@agx) gitlab at salsa.debian.org
Tue Aug 17 22:30:57 BST 2021 


Guido Günther pushed to branch debian/master at Libvirt Packaging Team / libvirt


Commits:
0eb61c5f by Andrea Bolognani at 2021-08-14T16:59:02+02:00
rules: Rework installation of AppArmor-related files

Instead of grabbing the entire directory, pick up abstractions,
templates and services separately. This gives us more control
over what ends up in the package, and specifically allows us to
skip files that are only relevant for modular daemons until we
start actually shipping the corresponding binaries.

Gbp-Dch: Ignore

- - - - -
4a967934 by Andrea Bolognani at 2021-08-17T21:18:11+02:00
rules: Disable netcf support

As of 7.1.0, the spec file included upstream disables this.

While the Meson configuration will still enable the feature if
the necessary header files are found, overall netcf support (and
the netcf project itself) is basically considered a failed
experiment at this point, and the expectation is that usage will
naturally disappear over time.

https://listman.redhat.com/archives/libvir-list/2020-December/msg00183.html

- - - - -


4 changed files:

- debian/control
- debian/libvirt-daemon.NEWS
- debian/not-installed
- debian/rules


Changes:

=====================================
debian/control
=====================================
@@ -24,7 +24,6 @@ Build-Depends:
  libglusterfs-dev [linux-any],
  libgnutls28-dev,
  libiscsi-dev [linux-any],
- libnetcf-dev (>= 1:0.2.3-3~) [linux-any],
  libnl-3-dev [linux-any],
  libnl-route-3-dev [linux-any],
  libnuma-dev [linux-any],


=====================================
debian/libvirt-daemon.NEWS
=====================================
@@ -1,3 +1,13 @@
+libvirt (7.6.0-1) UNRELEASED; urgency=medium
+
+  netcf support is now disabled in libvirt.
+
+  This results in most virInterface* APIs, as well as the
+  corresponding iface-* virsh commands, becoming non-functional,
+  and mirrors upstream's decision to deprecate the feature.
+
+ -- Andrea Bolognani <eof at kiyuko.org>  Tue, 17 Aug 2021 20:56:14 +0200
+
 libvirt (5.6.0-3) unstable; urgency=medium
 
   Just as version 3.7.0-3 separated the storage drivers into individual


=====================================
debian/not-installed
=====================================
@@ -1,4 +1,6 @@
 # Drop these once we start shipping split daemons
+etc/apparmor.d/usr.sbin.virtqemud
+etc/apparmor.d/usr.sbin.virtxend
 etc/default/virtinterfaced
 etc/default/virtlxcd
 etc/default/virtnetworkd


=====================================
debian/rules
=====================================
@@ -41,7 +41,6 @@ ifneq (,$(findstring $(DEB_HOST_ARCH_OS), linux))
     WITH_LIBNL                = -Dlibnl=enabled
     WITH_NETWORK              = -Ddriver_network=enabled
     WITH_OPENVZ               = -Ddriver_openvz=enabled
-    WITH_NETCF                = -Dnetcf=enabled
     WITH_POLKIT               = -Dpolkit=enabled
     WITH_SANLOCK              = -Dsanlock=enabled
     WITH_INIT_SCRIPT          = -Dinit_script=systemd
@@ -74,7 +73,6 @@ else
     WITH_LIBNL                = -Dlibnl=disabled
     WITH_NETWORK              = -Ddriver_network=disabled
     WITH_OPENVZ               = -Ddriver_openvz=disabled
-    WITH_NETCF                = -Dnetcf=disabled
     WITH_POLKIT               = -Dpolkit=disabled
     WITH_SANLOCK              = -Dsanlock=disabled
     WITH_INIT_SCRIPT          = -Dinit_script=none
@@ -132,7 +130,7 @@ DEB_CONFIGURE_EXTRA_ARGS := \
     $(WITH_CAPNG) \
     $(WITH_LIBNL) \
     $(WITH_NETWORK) \
-    $(WITH_NETCF) \
+    -Dnetcf=disabled \
     $(WITH_LIBXL) \
     $(WITH_VBOX) \
     $(WITH_LXC) \
@@ -162,6 +160,21 @@ LIBVIRT_SOCKETS = \
     virtlockd-admin.socket \
     $(NULL)
 
+APPARMOR_ABSTRACTIONS = \
+    libvirt-lxc \
+    libvirt-qemu \
+    $(NULL)
+
+APPARMOR_TEMPLATES = \
+    TEMPLATE.lxc \
+    TEMPLATE.qemu \
+    $(NULL)
+
+APPARMOR_SERVICES = \
+    usr.lib.libvirt.virt-aa-helper \
+    usr.sbin.libvirtd \
+    $(NULL)
+
 DEB_BUILDDIR := $(CURDIR)/debian/build
 DEB_DESTDIR := $(CURDIR)/debian/tmp
 SRV_MONOLITHIC = libvirt-guests virtlogd virtlockd libvirtd libvirtd-tcp libvirtd-tls virt-guest-shutdown
@@ -238,9 +251,16 @@ ifneq (,$(findstring $(DEB_HOST_ARCH_OS), linux))
 	               lib/systemd/system/; \
 	done
 	dh_install -p libvirt-daemon usr/lib/libvirt/virt-aa-helper
-	dh_install -p libvirt-daemon-system etc/apparmor.d
-	dh_apparmor -p libvirt-daemon-system --profile-name=usr.lib.libvirt.virt-aa-helper
-	dh_apparmor -p libvirt-daemon-system --profile-name=usr.sbin.libvirtd
+	for f in $(APPARMOR_ABSTRACTIONS); do \
+	    dh_install -p libvirt-daemon-system etc/apparmor.d/abstractions/$${f}; \
+	done
+	for f in $(APPARMOR_TEMPLATES); do \
+	    dh_install -p libvirt-daemon-system etc/apparmor.d/libvirt/$${f}; \
+	done
+	for f in $(APPARMOR_SERVICES); do \
+	    dh_install -p libvirt-daemon-system etc/apparmor.d/$${f}; \
+	    dh_apparmor -p libvirt-daemon-system --profile-name=$${f}; \
+	done
 	# Not all linux arches have systemtap yet
 	mkdir -p $(DEB_DESTDIR)/usr/share/systemtap
 	dh_install -p libvirt-daemon-system usr/share/systemtap



View it on GitLab: https://salsa.debian.org/libvirt-team/libvirt/-/compare/fbc728f8e4a2bcaa356eaf0570887904578d3da5...4a967934cc8e73e3566bfe8bb17a1c8f6af1c3d9

-- 
View it on GitLab: https://salsa.debian.org/libvirt-team/libvirt/-/compare/fbc728f8e4a2bcaa356eaf0570887904578d3da5...4a967934cc8e73e3566bfe8bb17a1c8f6af1c3d9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-libvirt-commits/attachments/20210817/a440047a/attachment-0001.htm>

More information about the Pkg-libvirt-commits mailing list