* Sun Sep 6 2009 Mark McLoughlin <markmc@redhat.com> - 0.7.1-0.1.gitg3ef2e05

- Update to pre-release git snapshot of 0.7.1
- Drop upstreamed patches

.cvsignore

@@ -1,24 +1,5 @@
-libvirt-0.0.3.tar.gz
-libvirt-0.0.4.tar.gz
-libvirt-0.0.5.tar.gz
-libvirt-0.0.6.tar.gz
-libvirt-0.1.0.tar.gz
-libvirt-0.1.2.tar.gz
-libvirt-0.1.1.tar.gz
-libvirt-0.1.3.tar.gz
-libvirt-0.1.4.tar.gz
-libvirt-0.1.5.tar.gz
-libvirt-0.1.6.tar.gz
-libvirt-0.1.7.tar.gz
-libvirt-0.1.8.tar.gz
-libvirt-0.1.9.tar.gz
-libvirt-0.1.10.tar.gz
-libvirt-0.1.11.tar.gz
-libvirt-0.2.0.tar.gz
-libvirt-0.2.1.tar.gz
-libvirt-0.2.2.tar.gz
-libvirt-0.2.3.tar.gz
-libvirt-0.3.0.tar.gz
-libvirt-0.3.1.tar.gz
-libvirt-0.3.2.tar.gz
-libvirt-0.3.3.tar.gz
+.build*.log
+*.rpm
+i686
+x86_64
+libvirt-*.tar.gz

libvirt-0.3.3-example-config.patch

@@ -1,207 +0,0 @@
-changeset:   1147:7481eafdde8d
-user:        berrange
-date:        Fri Oct 12 18:54:15 2007 +0000
-files:       libvirt.spec.in qemud/Makefile.am qemud/libvirtd.conf src/Makefile.am src/qemu.conf
-description:
-Added default example configs for libvirtd/qemu driver
-
-
-diff -r c48e81e685a3 -r 7481eafdde8d qemud/libvirtd.conf
---- /dev/null	Thu Jan 01 00:00:00 1970 +0000
-+++ b/qemud/libvirtd.conf	Fri Oct 12 18:54:15 2007 +0000
-@@ -0,0 +1,141 @@
-+# Master libvirt daemon configuration file
-+#
-+# For further information consult http://libvirt.org/format.html
-+
-+
-+# Flag listening for secure TLS connections on the public TCP/IP port.
-+# NB, must pass the --listen flag to the libvirtd process for this to
-+# have any effect.
-+#
-+# It is neccessary to setup a CA and issue server certificates before
-+# using this capability.
-+#
-+# This is enabled by default, uncomment this to disable it
-+# listen_tls = 0
-+
-+# Listen for unencrypted TCP connections on the public TCP/IP port.
-+# NB, must pass the --listen flag to the libvirtd process for this to
-+# have any effect.
-+#
-+# NB, this is insecure. Do not use except for development.
-+#
-+# This is disabled by default, uncomment this to enable it.
-+# listen_tcp = 1
-+
-+
-+
-+# Override the port for accepting secure TLS connections
-+# This can be a port number, or service name
-+#
-+# tls_port = "16514"
-+
-+# Override the port for accepting insecure TCP connections
-+# This can be a port number, or service name
-+# 
-+# tcp_port = "16509"
-+
-+
-+
-+# Flag toggling mDNS advertizement of the libvirt service.
-+#
-+# Alternatively can disable for all services on a host by
-+# stopping the Avahi daemon
-+#
-+# This is enabled by default, uncomment this to disable it
-+# mdns_adv = 0
-+
-+# Override the default mDNS advertizement name. This must be
-+# unique on the immediate broadcast network.
-+# 
-+# The default is "Virtualization Host HOSTNAME", where HOSTNAME
-+# is subsituted for the short hostname of the machine (without domain)
-+#
-+# mdns_name "Virtualization Host Joe Demo" 
-+
-+
-+
-+# Set the UNIX domain socket group ownership. This can be used to
-+# allow a 'trusted' set of users access to management capabilities
-+# without becoming root.
-+# 
-+# This is restricted to 'root' by default. 
-+# unix_sock_group "libvirt"
-+
-+# Set the UNIX socket permissions for the R/O socket. This is used
-+# for monitoring VM status only
-+#
-+# Default allows any user. If setting group ownership may want to
-+# restrict this to:
-+# unix_sock_ro_perms "0777"
-+
-+# Set the UNIX socket permissions for the R/W socket. This is used
-+# for full management of VMs
-+#
-+# Default allows only root. If setting group ownership may want to
-+# relax this to:
-+# unix_sock_rw_perms "octal-perms" 	"0770"
-+
-+
-+
-+# Flag to disable verification of client certificates
-+#
-+# Client certificate verification is the primary authentication mechanism.
-+# Any client which does not present a certificate signed by the CA
-+# will be rejected.
-+#
-+# Default is to always verify. Uncommenting this will disable
-+# verification - make sure an IP whitelist is set
-+# tls_no_verify_certificate 1 
-+
-+# Flag to disable verification of client IP address
-+#
-+# Client IP address will be verified against the CommonName field
-+# of the x509 certificate. This has minimal security benefit since
-+# it is easy to spoof source IP.
-+#
-+# Uncommenting this will disable verification
-+# tls_no_verify_address 1
-+
-+# Override the default server key file path
-+#
-+# key_file "/etc/pki/libvirt/private/serverkey.pem"
-+
-+# Override the default server certificate file path
-+#
-+# cert_file "/etc/pki/libvirt/servercert.pem"
-+
-+# Override the default CA certificate path
-+#
-+# ca_file "/etc/pki/CA/cacert.pem"
-+
-+# Specify a certificate revocation list.
-+# 
-+# Defaults to not using a CRL, uncomment to enable it
-+# crl_file "/etc/pki/CA/crl.pem"
-+
-+# A whitelist of allowed x509  Distinguished Names
-+# This list may contain wildcards such as 
-+#
-+#    "C=GB,ST=London,L=London,O=Red Hat,CN=*"
-+#
-+# See the POSIX fnmatch function for the format of the wildcards.
-+#
-+# NB If this is an empty list, no client can connect, so comment out
-+# entirely rather than using empty list to disable these checks
-+#
-+# By default, no DN's are checked
-+# tls_allowed_dn_list ["DN1", "DN2"]
-+
-+
-+# A whitelist of allowed client IP addresses
-+#
-+# This list may contain wildcards such as 192.168.* See the POSIX fnmatch 
-+# function for the format of the wildcards.
-+#
-+# NB If this is an empty list, no client can connect, so comment out
-+# entirely rather than using empty list to disable these checks
-+#
-+# By default, no IP's are checked. This can be IPv4 or IPv6 addresses
-+# tls_allowed_ip_list ["ip1", "ip2", "ip3"]
-+
-+
-diff -r c48e81e685a3 -r 7481eafdde8d src/qemu.conf
---- /dev/null	Thu Jan 01 00:00:00 1970 +0000
-+++ b/src/qemu.conf	Fri Oct 12 18:54:15 2007 +0000
-@@ -0,0 +1,49 @@
-+# Master configuration file for the QEMU driver.
-+# All settings described here are optional - if omitted, sensible
-+# defaults are used.
-+
-+# VNC is configured to listen on 127.0.0.1 by default.
-+# To make it listen on all public interfaces, uncomment
-+# this next option.
-+#
-+# NB, strong recommendation to enable TLS + x509 certificate
-+# verification when allowing public access
-+#
-+# vnc_listen = "0.0.0.0"
-+
-+
-+# Enable use of TLS encryption on the VNC server. This requires
-+# a VNC client which supports the VeNCrypt protocol extension.
-+# Examples include vinagre, virt-viewer, virt-manager and vencrypt
-+# itself. UltraVNC, RealVNC, TightVNC do not support this
-+#
-+# It is neccessary to setup CA and issue a server certificate
-+# before enabling this.
-+#
-+# vnc_tls = 1
-+
-+
-+# Use of TLS requires that x509 certificates be issued. The
-+# default it to keep them in /etc/pki/libvirt-vnc. This directory
-+# must contain
-+#
-+#  ca-cert.pem - the CA master certificate
-+#  server-cert.pem - the server certificate signed with ca-cert.pem
-+#  server-key.pem  - the server private key
-+#
-+# This option allows the certificate directory to be changed
-+#
-+# vnc_tls_x509_cert_dir = "/etc/pki/libvirt-vnc"
-+
-+
-+# The default TLS configuration only uses certificates for the server
-+# allowing the client to verify the server's identity and establish
-+# and encrypted channel. 
-+#
-+# It is possible to use x509 certificates for authentication too, by
-+# issuing a x509 certificate to every client who needs to connect.
-+# 
-+# Enabling this option will reject any client who does not have a
-+# certificate signed by the CA in /etc/pki/libvirt-vnc/ca-cert.pem
-+#
-+# vnc_tls_x509_verify = 1
-

libvirt-0.3.3-qemu-config.patch

@@ -1,230 +0,0 @@
-changeset:   1146:c48e81e685a3
-user:        berrange
-date:        Fri Oct 12 15:05:44 2007 +0000
-files:       ChangeLog src/qemu_conf.c src/qemu_conf.h src/qemu_driver.c
-description:
-Added QEMU driver config file
-
-
-diff -r 522efe7f7e8f -r c48e81e685a3 src/qemu_conf.c
---- a/src/qemu_conf.c	Wed Oct 10 18:46:17 2007 +0000
-+++ b/src/qemu_conf.c	Fri Oct 12 15:05:44 2007 +0000
-@@ -45,6 +45,7 @@
- #include "qemu_conf.h"
- #include "uuid.h"
- #include "buf.h"
-+#include "conf.h"
- 
- #define qemudLog(level, msg...) fprintf(stderr, msg)
- 
-@@ -65,6 +66,68 @@ void qemudReportError(virConnectPtr conn
-     __virRaiseError(conn, dom, net, VIR_FROM_QEMU, code, VIR_ERR_ERROR,
-                     NULL, NULL, NULL, -1, -1, errorMessage);
- }
-+
-+int qemudLoadDriverConfig(struct qemud_driver *driver,
-+                          const char *filename) {
-+    virConfPtr conf;
-+    virConfValuePtr p;
-+
-+    /* Setup 2 critical defaults */
-+    strcpy(driver->vncListen, "127.0.0.1");
-+    if (!(driver->vncTLSx509certdir = strdup(SYSCONF_DIR "/pki/libvirt-vnc"))) {
-+        qemudReportError(NULL, NULL, NULL, VIR_ERR_NO_MEMORY,
-+                         "vncTLSx509certdir");
-+        return -1;
-+    }
-+
-+    /* Just check the file is readable before opening it, otherwise
-+     * libvirt emits an error.
-+     */
-+    if (access (filename, R_OK) == -1) return 0;
-+
-+    conf = virConfReadFile (filename);
-+    if (!conf) return 0;
-+
-+
-+#define CHECK_TYPE(name,typ) if (p && p->type != (typ)) {               \
-+        qemudReportError(NULL, NULL, NULL, VIR_ERR_INTERNAL_ERROR,      \
-+                         "remoteReadConfigFile: %s: %s: expected type " #typ "\n", \
-+                         filename, (name));                             \
-+        virConfFree(conf);                                              \
-+        return -1;                                                      \
-+    }
-+
-+    p = virConfGetValue (conf, "vnc_tls");
-+    CHECK_TYPE ("vnc_tls", VIR_CONF_LONG);
-+    if (p) driver->vncTLS = p->l;
-+
-+    p = virConfGetValue (conf, "vnc_tls_x509_verify");
-+    CHECK_TYPE ("vnc_tls_x509_verify", VIR_CONF_LONG);
-+    if (p) driver->vncTLSx509verify = p->l;
-+
-+    p = virConfGetValue (conf, "vnc_tls_x509_cert_dir");
-+    CHECK_TYPE ("vnc_tls_x509_cert_dir", VIR_CONF_STRING);
-+    if (p && p->str) {
-+        free(driver->vncTLSx509certdir);
-+        if (!(driver->vncTLSx509certdir = strdup(p->str))) {
-+            qemudReportError(NULL, NULL, NULL, VIR_ERR_NO_MEMORY,
-+                             "vncTLSx509certdir");
-+            virConfFree(conf);
-+            return -1;
-+        }
-+    }
-+
-+    p = virConfGetValue (conf, "vnc_listen");
-+    CHECK_TYPE ("vnc_listen", VIR_CONF_STRING);
-+    if (p && p->str) {
-+        strncpy(driver->vncListen, p->str, sizeof(driver->vncListen));
-+        driver->vncListen[sizeof(driver->vncListen)-1] = '\0';
-+    }
-+
-+    virConfFree (conf);
-+    return 0;
-+}
-+
- 
- struct qemud_vm *qemudFindVMByID(const struct qemud_driver *driver, int id) {
-     struct qemud_vm *vm = driver->vms;
-@@ -1234,7 +1297,7 @@ static struct qemud_vm_def *qemudParseXM
-             if (vnclisten && *vnclisten)
-                 strncpy(def->vncListen, (char *)vnclisten, BR_INET_ADDR_MAXLEN-1);
-             else
--                strcpy(def->vncListen, "127.0.0.1");
-+                strcpy(def->vncListen, driver->vncListen);
-             def->vncListen[BR_INET_ADDR_MAXLEN-1] = '\0';
-             xmlFree(vncport);
-             xmlFree(vnclisten);
-@@ -1750,15 +1813,30 @@ int qemudBuildCommandLine(virConnectPtr 
-     }
- 
-     if (vm->def->graphicsType == QEMUD_GRAPHICS_VNC) {
--        char vncdisplay[BR_INET_ADDR_MAXLEN+20];
-+        char vncdisplay[PATH_MAX];
-         int ret;
--        if (vm->qemuCmdFlags & QEMUD_CMD_FLAG_VNC_COLON)
--            ret = snprintf(vncdisplay, sizeof(vncdisplay), "%s:%d",
-+
-+        if (vm->qemuCmdFlags & QEMUD_CMD_FLAG_VNC_COLON) {
-+            char options[PATH_MAX] = "";
-+            if (driver->vncTLS) {
-+                strcat(options, ",tls");
-+                if (driver->vncTLSx509verify) {
-+                    strcat(options, ",x509verify=");
-+                } else {
-+                    strcat(options, ",x509=");
-+                }
-+                strncat(options, driver->vncTLSx509certdir,
-+                        sizeof(options) - (strlen(driver->vncTLSx509certdir)-1));
-+                options[sizeof(options)-1] = '\0';
-+            }
-+            ret = snprintf(vncdisplay, sizeof(vncdisplay), "%s:%d%s",
-                            vm->def->vncListen,
--                           vm->def->vncActivePort - 5900);
--        else
-+                           vm->def->vncActivePort - 5900,
-+                           options);
-+        } else {
-             ret = snprintf(vncdisplay, sizeof(vncdisplay), "%d",
-                            vm->def->vncActivePort - 5900);
-+        }
-         if (ret < 0 || ret >= (int)sizeof(vncdisplay))
-             goto error;
- 
-diff -r 522efe7f7e8f -r c48e81e685a3 src/qemu_conf.h
---- a/src/qemu_conf.h	Wed Oct 10 18:46:17 2007 +0000
-+++ b/src/qemu_conf.h	Fri Oct 12 15:05:44 2007 +0000
-@@ -289,6 +289,10 @@ struct qemud_driver {
-     char *networkConfigDir;
-     char *networkAutostartDir;
-     char logDir[PATH_MAX];
-+    int vncTLS : 1;
-+    int vncTLSx509verify : 1;
-+    char *vncTLSx509certdir;
-+    char vncListen[BR_INET_ADDR_MAXLEN];
- };
- 
- 
-@@ -311,6 +315,8 @@ void qemudReportError(virConnectPtr conn
-     ATTRIBUTE_FORMAT(printf,5,6);
- 
- 
-+int qemudLoadDriverConfig(struct qemud_driver *driver,
-+                          const char *filename);
- 
- struct qemud_vm *qemudFindVMByID(const struct qemud_driver *driver,
-                                  int id);
-diff -r 522efe7f7e8f -r c48e81e685a3 src/qemu_driver.c
---- a/src/qemu_driver.c	Wed Oct 10 18:46:17 2007 +0000
-+++ b/src/qemu_driver.c	Fri Oct 12 15:05:44 2007 +0000
-@@ -155,6 +155,7 @@ qemudStartup(void) {
-     uid_t uid = geteuid();
-     struct passwd *pw;
-     char *base = NULL;
-+    char driverConf[PATH_MAX];
- 
-     if (!(qemu_driver = calloc(1, sizeof(struct qemud_driver)))) {
-         return -1;
-@@ -167,7 +168,7 @@ qemudStartup(void) {
-         if (snprintf(qemu_driver->logDir, PATH_MAX, "%s/log/libvirt/qemu", LOCAL_STATE_DIR) >= PATH_MAX)
-             goto snprintf_error;
- 
--        if ((base = strdup (SYSCONF_DIR "/libvirt/qemu")) == NULL)
-+        if ((base = strdup (SYSCONF_DIR "/libvirt")) == NULL)
-             goto out_of_memory;
-     } else {
-         if (!(pw = getpwuid(uid))) {
-@@ -179,7 +180,7 @@ qemudStartup(void) {
-         if (snprintf(qemu_driver->logDir, PATH_MAX, "%s/.libvirt/qemu/log", pw->pw_dir) >= PATH_MAX)
-             goto snprintf_error;
- 
--        if (asprintf (&base, "%s/.libvirt/qemu", pw->pw_dir) == -1) {
-+        if (asprintf (&base, "%s/.libvirt", pw->pw_dir) == -1) {
-             qemudLog (QEMUD_ERR, "out of memory in asprintf");
-             goto out_of_memory;
-         }
-@@ -188,24 +189,36 @@ qemudStartup(void) {
-     /* Configuration paths are either ~/.libvirt/qemu/... (session) or
-      * /etc/libvirt/qemu/... (system).
-      */
--    if (asprintf (&qemu_driver->configDir, "%s", base) == -1)
-+    if (snprintf (driverConf, sizeof(driverConf), "%s/qemu.conf", base) == -1)
-         goto out_of_memory;
--
--    if (asprintf (&qemu_driver->autostartDir, "%s/autostart", base) == -1)
-+    driverConf[sizeof(driverConf)-1] = '\0';
-+
-+    if (asprintf (&qemu_driver->configDir, "%s/qemu", base) == -1)
-         goto out_of_memory;
- 
--    if (asprintf (&qemu_driver->networkConfigDir, "%s/networks", base) == -1)
-+    if (asprintf (&qemu_driver->autostartDir, "%s/qemu/autostart", base) == -1)
-         goto out_of_memory;
- 
--    if (asprintf (&qemu_driver->networkAutostartDir, "%s/networks/autostart",
-+    if (asprintf (&qemu_driver->networkConfigDir, "%s/qemu/networks", base) == -1)
-+        goto out_of_memory;
-+
-+    if (asprintf (&qemu_driver->networkAutostartDir, "%s/qemu/networks/autostart",
-                   base) == -1)
-         goto out_of_memory;
- 
--    if (qemudScanConfigs(qemu_driver) < 0)
-+    free(base);
-+
-+    if (qemudLoadDriverConfig(qemu_driver, driverConf) < 0) {
-         qemudShutdown();
-+        return -1;
-+    }
-+
-+    if (qemudScanConfigs(qemu_driver) < 0) {
-+        qemudShutdown();
-+        return -1;
-+    }
-     qemudAutostartConfigs(qemu_driver);
- 
--    free(base);
-     return 0;
- 
-  snprintf_error:
-

libvirt-0.6.4-svirt-sound.patch

@@ -0,0 +1,51 @@
+From 5f8d720b5f1393ee333a5fa8375ffe9ac954d48b Mon Sep 17 00:00:00 2001
+From: Daniel P. Berrange <berrange@redhat.com>
+Date: Mon, 17 Aug 2009 08:32:08 +0100
+Subject: [PATCH] Disable sound cards when running sVirt
+
+Temporary hack till PulseAudio autostart problems are sorted out when
+SELinux enforcing (bz 486112)
+
+Fedora-patch: libvirt-0.6.4-svirt-sound.patch
+---
+ src/qemu_conf.c |   17 ++++++++++++++++-
+ 1 files changed, 16 insertions(+), 1 deletions(-)
+
+diff --git a/src/qemu_conf.c b/src/qemu_conf.c
+index 6b0b404..53186e0 100644
+--- a/src/qemu_conf.c
++++ b/src/qemu_conf.c
+@@ -1384,6 +1384,20 @@ int qemudBuildCommandLine(virConnectPtr conn,
+     char uuid[VIR_UUID_STRING_BUFLEN];
+     char domid[50];
+     const char *cpu = NULL;
++    int skipSound = 0;
++
++    if (driver->securityDriver &&
++        driver->securityDriver->name &&
++        STREQ(driver->securityDriver->name, "selinux") &&
++        getuid() == 0) {
++        static int soundWarned = 0;
++        skipSound = 1;
++        if (def->nsounds &&
++            !soundWarned) {
++            soundWarned = 1;
++            VIR_WARN0("Sound cards for VMs are disabled while SELinux security model is active");
++        }
++    }
+ 
+     uname_normalize(&ut);
+ 
+@@ -2015,7 +2029,8 @@ int qemudBuildCommandLine(virConnectPtr conn,
+     }
+ 
+     /* Add sound hardware */
+-    if (def->nsounds) {
++    if (def->nsounds &&
++        !skipSound) {
+         int size = 100;
+         char *modstr;
+         if (VIR_ALLOC_N(modstr, size+1) < 0)
+-- 
+1.6.2.5
+

sources

@@ -1 +1 @@
-583fa13938df63bd404cc1b7cf553874  libvirt-0.3.3.tar.gz
+d47a8065f71e68d60ff020ba9b370801  libvirt-0.7.1-git3ef2e05.tar.gz