[Pkg-libvirt-commits] [Git][libvirt-team/libvirt][debian/latest] 4 commits: not-installed: Clean up
Andrea Bolognani (@abologna)
gitlab at salsa.debian.org
Fri Dec 6 20:57:13 GMT 2024
Andrea Bolognani pushed to branch debian/latest at Libvirt Packaging Team / libvirt
Commits:
da95b4a6 by Andrea Bolognani at 2024-12-05T22:06:43+01:00
not-installed: Clean up
The comment is duplicated and not particularly informative;
some of the listed files no longer exist upstream.
Gbp-Dch: Ignore
- - - - -
4a7c66d5 by Andrea Bolognani at 2024-12-05T23:38:49+01:00
control: Prefer nftables for the network driver
Now that the remaining known issues with the nftables backend
have been resolved, it's time to switch away from iptables.
There are a couple of remaining caveats, which are listed in
the NEWS file. Most deployment will realistically end up using
iptables even after this change on account of the nwfilter
driver, which hasn't been converted to nftables yet, being
installed as a (weak) dependency, but at least it's now
possible, with some care, to create a deployment with a
working network driver and no iptables installed.
Note that, even though it's configured at build time to prefer
nftables, libvirt will transparently fall back to iptables if
the former is not available at runtime.
Closes: #938929
- - - - -
065cbe99 by Andrea Bolognani at 2024-12-05T23:38:53+01:00
control: Introduce ssh-proxy package
- - - - -
bc2f2ebf by Andrea Bolognani at 2024-12-05T23:39:49+01:00
Document changes and release 10.10.0-2
- - - - -
8 changed files:
- debian/NEWS
- debian/changelog
- debian/control
- debian/control.in
- + debian/libvirt-ssh-proxy.install.in
- + debian/libvirt-ssh-proxy.links
- debian/not-installed
- debian/rules
Changes:
=====================================
debian/NEWS
=====================================
@@ -1,3 +1,27 @@
+libvirt (10.10.0-2) experimental; urgency=medium
+
+ nftables is now used by default in the network driver.
+
+ This makes it finally possible to use libvirt without having
+ iptables installed on the system, but there are still a couple
+ of caveats:
+
+ * the nwfilter driver hasn't been converted to nftables yet,
+ so if that's installed iptables will be dragged in;
+
+ * the libvirt-daemon-system package, now a convenient way to
+ quickly bring up a reasonably featured QEMU-based hypervisor,
+ depends on both the network and nwfilter drivers, which means
+ that going that route will cause iptables to be installed and
+ used for both.
+
+ If not having iptables present on the system is a hard
+ requirement, individual libvirt components (obviously excluding
+ the nwfilter driver) will have to be selected and installed
+ manually.
+
+ -- Andrea Bolognani <eof at kiyuko.org> Thu, 05 Dec 2024 23:38:13 +0100
+
libvirt (10.6.0-2) experimental; urgency=medium
The package has been reworked significantly.
=====================================
debian/changelog
=====================================
@@ -1,3 +1,15 @@
+libvirt (10.10.0-2) experimental; urgency=medium
+
+ [ Carles Pina i Estany ]
+ * [571578c] debconf: Add Catalan translation
+
+ [ Andrea Bolognani ]
+ * [4a7c66d] control: Prefer nftables for the network driver
+ - Closes: #938929
+ * [065cbe9] control: Introduce ssh-proxy package
+
+ -- Andrea Bolognani <eof at kiyuko.org> Thu, 05 Dec 2024 23:39:07 +0100
+
libvirt (10.10.0-1) unstable; urgency=medium
* [24c4515] New upstream version 10.10.0
=====================================
debian/control
=====================================
@@ -612,10 +612,10 @@ Architecture: linux-any
Multi-arch: no
Depends:
dnsmasq-base,
- iptables,
libvirt-common (= ${binary:Version}),
libvirt-daemon (= ${binary:Version}),
libvirt0 (= ${binary:Version}),
+ nftables | iptables,
${misc:Depends},
${shlibs:Depends},
Breaks:
@@ -1009,6 +1009,26 @@ Description: nss plugins providing IP address resolution for virtual machines
managed virtual machines: the 'libvirt_guest' plugin uses libvirt's domain
names while the 'libvirt' plugin looks at the guest's hostname.
+Package: libvirt-ssh-proxy
+Section: admin
+Architecture: linux-any
+Multi-Arch: no
+Depends:
+ libvirt-common (= ${binary:Version}),
+ libvirt0 (= ${binary:Version}),
+ ${misc:Depends},
+ ${shlibs:Depends},
+Description: ssh proxy for connecting to virtual machines via VSOCK
+ Libvirt is a C toolkit to interact with the virtualization capabilities
+ of recent versions of Linux (and other OSes). The library aims at providing
+ a long term stable C API for different virtualization mechanisms. It currently
+ supports QEMU, KVM, XEN, OpenVZ, LXC, and VirtualBox.
+ .
+ When this package is installed, ssh will be able to connect to locally
+ running libvirt domains via VSOCK.
+ .
+ See https://libvirt.org/ssh-proxy.html for information.
+
Package: libvirt-wireshark
Section: admin
Architecture: linux-any
=====================================
debian/control.in
=====================================
@@ -612,10 +612,10 @@ Architecture: linux-any
Multi-arch: no
Depends:
dnsmasq-base,
- iptables,
libvirt-common (= ${binary:Version}),
libvirt-daemon (= ${binary:Version}),
libvirt0 (= ${binary:Version}),
+ nftables | iptables,
${misc:Depends},
${shlibs:Depends},
Breaks:
@@ -1009,6 +1009,26 @@ Description: nss plugins providing IP address resolution for virtual machines
managed virtual machines: the 'libvirt_guest' plugin uses libvirt's domain
names while the 'libvirt' plugin looks at the guest's hostname.
+Package: libvirt-ssh-proxy
+Section: admin
+Architecture: linux-any
+Multi-Arch: no
+Depends:
+ libvirt-common (= ${binary:Version}),
+ libvirt0 (= ${binary:Version}),
+ ${misc:Depends},
+ ${shlibs:Depends},
+Description: ssh proxy for connecting to virtual machines via VSOCK
+ Libvirt is a C toolkit to interact with the virtualization capabilities
+ of recent versions of Linux (and other OSes). The library aims at providing
+ a long term stable C API for different virtualization mechanisms. It currently
+ supports QEMU, KVM, XEN, OpenVZ, LXC, and VirtualBox.
+ .
+ When this package is installed, ssh will be able to connect to locally
+ running libvirt domains via VSOCK.
+ .
+ See https://libvirt.org/ssh-proxy.html for information.
+
Package: libvirt-wireshark
Section: admin
Architecture: linux-any
=====================================
debian/libvirt-ssh-proxy.install.in
=====================================
@@ -0,0 +1,2 @@
+/etc/ssh/ssh_config.d/30-libvirt-ssh-proxy.conf
+/usr/lib/libvirt/libvirt-ssh-proxy
=====================================
debian/libvirt-ssh-proxy.links
=====================================
@@ -0,0 +1 @@
+usr/share/doc/libvirt-common usr/share/doc/libvirt-ssh-proxy
=====================================
debian/not-installed
=====================================
@@ -1,18 +1,5 @@
-# Drop these once we start shipping split daemons
etc/apparmor.d/usr.sbin.virtqemud
etc/apparmor.d/usr.sbin.virtxend
-etc/default/virtinterfaced
-etc/default/virtlxcd
-etc/default/virtnetworkd
-etc/default/virtnodedevd
-etc/default/virtnwfilterd
-etc/default/virtproxyd
-etc/default/virtqemud
-etc/default/virtsecretd
-etc/default/virtstoraged
-etc/default/virtvboxd
-etc/default/virtxend
-# Drop these once we start shipping split daemons
etc/libvirt/virtinterfaced.conf
etc/libvirt/virtlxcd.conf
etc/libvirt/virtnetworkd.conf
=====================================
debian/rules
=====================================
@@ -19,7 +19,7 @@ export DPKG_GENSYMBOLS_CHECK_LEVEL
include debian/arches.mk
ifeq ($(DEB_HOST_ARCH_OS), linux)
- WITH_DAEMONS = -Ddriver_libvirtd=enabled -Dhost_validate=enabled
+ WITH_DAEMONS = -Ddriver_libvirtd=enabled -Dhost_validate=enabled -Dssh_proxy=enabled
WITH_ESX = -Ddriver_esx=enabled -Dcurl=enabled
WITH_VMWARE = -Ddriver_vmware=enabled
WITH_STORAGE_FS = -Dstorage_fs=enabled
@@ -36,7 +36,7 @@ ifeq ($(DEB_HOST_ARCH_OS), linux)
WITH_UDEV = -Dudev=enabled -Dpciaccess=enabled
WITH_CAPNG = -Dcapng=enabled
WITH_LIBNL = -Dlibnl=enabled
- WITH_NETWORK = -Ddriver_network=enabled -Dfirewall_backend_priority=iptables,nftables
+ WITH_NETWORK = -Ddriver_network=enabled -Dfirewall_backend_priority=nftables,iptables
WITH_INTERFACE = -Ddriver_interface=enabled
WITH_SECRETS = -Ddriver_secrets=enabled
WITH_OPENVZ = -Ddriver_openvz=enabled
@@ -56,7 +56,7 @@ ifeq ($(DEB_HOST_ARCH_OS), linux)
WITH_SYSCTL = -Dsysctl_config=enabled -Duserfaultfd_sysctl=enabled
WITH_WIRESHARK = -Dwireshark_dissector=enabled
else
- WITH_DAEMONS = -Ddriver_libvirtd=disabled -Dhost_validate=disabled
+ WITH_DAEMONS = -Ddriver_libvirtd=disabled -Dhost_validate=disabled -Dssh_proxy=disabled
WITH_ESX = -Ddriver_esx=disabled -Dcurl=disabled
WITH_VMWARE = -Ddriver_vmware=disabled
WITH_STORAGE_FS = -Dstorage_fs=disabled
@@ -73,7 +73,7 @@ else
WITH_UDEV = -Dudev=disabled -Dpciaccess=disabled
WITH_CAPNG = -Dcapng=disabled
WITH_LIBNL = -Dlibnl=disabled
- WITH_NETWORK = -Ddriver_network=disabled -Dfirewall_backend_priority=iptables,nftables
+ WITH_NETWORK = -Ddriver_network=disabled -Dfirewall_backend_priority=nftables,iptables
WITH_INTERFACE = -Ddriver_interface=disabled
WITH_SECRETS = -Ddriver_secrets=disabled
WITH_OPENVZ = -Ddriver_openvz=disabled
@@ -146,7 +146,6 @@ DEB_CONFIGURE_EXTRA_ARGS := \
$(WITH_QEMU) \
-Ddriver_remote=enabled \
-Dremote_default_mode=legacy \
- -Dssh_proxy=disabled \
-Ddriver_test=enabled \
-Ddriver_ch=disabled \
-Ddriver_bhyve=disabled \
View it on GitLab: https://salsa.debian.org/libvirt-team/libvirt/-/compare/571578cd5f1f376ca36ccc83045b1f40752902c6...bc2f2ebfc2d6cb34c1c38438a939b14b3d30fbc5
--
View it on GitLab: https://salsa.debian.org/libvirt-team/libvirt/-/compare/571578cd5f1f376ca36ccc83045b1f40752902c6...bc2f2ebfc2d6cb34c1c38438a939b14b3d30fbc5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-libvirt-commits/attachments/20241206/5c90d90c/attachment-0001.htm>
More information about the Pkg-libvirt-commits
mailing list