Added utterly crazy build dep on CVS for stupid autopoint tool

- Don't fail to start network if ipv6 modules is not loaded

.cvsignore

@@ -7,3 +7,8 @@ libvirt-0.6.0.tar.gz
 libvirt-0.6.1.tar.gz
 libvirt-0.6.2.tar.gz
 libvirt-0.6.3.tar.gz
+libvirt-0.6.4.tar.gz
+libvirt-0.6.5.tar.gz
+libvirt-0.7.0-0.1.gitf055724.tar.gz
+libvirt-0.7.0-0.6.gite195b43.tar.gz
+libvirt-0.7.0.tar.gz

libvirt-0.6.2-fix-nosource-label.patch

@@ -1,13 +0,0 @@
-diff -rup libvirt-0.6.2/src/security_selinux.c new/src/security_selinux.c
---- libvirt-0.6.2/src/security_selinux.c	2009-05-10 22:04:25.000000000 -0400
-+++ new/src/security_selinux.c	2009-05-10 22:06:09.000000000 -0400
-@@ -338,6 +338,9 @@ SELinuxSetSecurityImageLabel(virConnectP
- {
-     const virSecurityLabelDefPtr secdef = &vm->def->seclabel;
- 
-+    if (!disk->src)
-+        return 0;
-+
-     if (disk->shared) {
-         return SELinuxSetFilecon(conn, disk->src, default_image_context);
-     } else if (disk->readonly) {

libvirt-0.6.3-enable-qemu-0-10-migration.patch

@@ -1,45 +0,0 @@
-From: "Daniel P. Berrange" <berrange@redhat.com>
-To: libvir-list@redhat.com
-Date: Thu, 30 Apr 2009 15:09:05 +0100
-Subject: [libvirt] PATCH: Enable migration with QEMU >= 0.10.0
-
-The KVM migration code was added to QEMU for the 0.10.0 release, so we 
-should enable this in libvirt now.
-
-Daniel
-
-diff -r be7993675e07 src/qemu_conf.c
---- a/src/qemu_conf.c	Thu Apr 30 14:49:27 2009 +0100
-+++ b/src/qemu_conf.c	Thu Apr 30 15:08:45 2009 +0100
-@@ -473,16 +473,13 @@ int qemudExtractVersionInfo(const char *
- 
-     /*
-      * Handling of -incoming arg with varying features
--     *  -incoming tcp    (kvm >= 79)
--     *  -incoming exec   (kvm >= 80)
-+     *  -incoming tcp    (kvm >= 79, qemu >= 0.10.0)
-+     *  -incoming exec   (kvm >= 80, qemu >= 0.10.0)
-      *  -incoming stdio  (all earlier kvm)
-      *
-      * NB, there was a pre-kvm-79 'tcp' support, but it
-      * was broken, because it blocked the monitor console
-      * while waiting for data, so pretend it doesn't exist
--     *
--     * XXX when next QEMU release after 0.9.1 arrives,
--     * we'll need to add MIGRATE_QEMU_TCP/EXEC here too
-      */
-     if (kvm_version >= 79) {
-         flags |= QEMUD_CMD_FLAG_MIGRATE_QEMU_TCP;
-@@ -490,6 +487,9 @@ int qemudExtractVersionInfo(const char *
-             flags |= QEMUD_CMD_FLAG_MIGRATE_QEMU_EXEC;
-     } else if (kvm_version > 0) {
-         flags |= QEMUD_CMD_FLAG_MIGRATE_KVM_STDIO;
-+    } else if (version >= 10000) {
-+        flags |= QEMUD_CMD_FLAG_MIGRATE_QEMU_TCP;
-+        flags |= QEMUD_CMD_FLAG_MIGRATE_QEMU_EXEC;
-     }
- 
-     if (retversion)
-
-
--- 

libvirt-0.6.3-event-handling-1.patch

@@ -1,144 +0,0 @@
-From e7be6cc841a5652b73ddd2ccd3769c7f8bbad13d Mon Sep 17 00:00:00 2001
-From: Daniel P. Berrange <berrange@redhat.com>
-Date: Tue, 12 May 2009 16:41:49 +0000
-Subject: [PATCH 1/2] Fix interrupting of main event thread & protect against accidental uniniitalized variables
-
----
- qemud/event.c |   42 +++++++++++++++++++++++++++++++++++-------
- 1 files changed, 35 insertions(+), 7 deletions(-)
-
-diff --git a/qemud/event.c b/qemud/event.c
-index 65f548e..754f2b1 100644
---- a/qemud/event.c
-+++ b/qemud/event.c
-@@ -84,10 +84,10 @@ struct virEventLoop {
- static struct virEventLoop eventLoop;
- 
- /* Unique ID for the next FD watch to be registered */
--static int nextWatch = 0;
-+static int nextWatch = 1;
- 
- /* Unique ID for the next timer to be registered */
--static int nextTimer = 0;
-+static int nextTimer = 1;
- 
- static void virEventLock(void)
- {
-@@ -143,15 +143,22 @@ int virEventAddHandleImpl(int fd, int events,
- 
- void virEventUpdateHandleImpl(int watch, int events) {
-     int i;
-+    EVENT_DEBUG("Update handle w=%d e=%d", watch, events);
-+
-+    if (watch <= 0) {
-+        VIR_WARN("Ignoring invalid update watch %d", watch);
-+        return;
-+    }
-+
-     virEventLock();
-     for (i = 0 ; i < eventLoop.handlesCount ; i++) {
-         if (eventLoop.handles[i].watch == watch) {
-             eventLoop.handles[i].events =
-                     virEventHandleTypeToPollEvent(events);
-+            virEventInterruptLocked();
-             break;
-         }
-     }
--    virEventInterruptLocked();
-     virEventUnlock();
- }
- 
-@@ -164,6 +171,12 @@ void virEventUpdateHandleImpl(int watch, int events) {
- int virEventRemoveHandleImpl(int watch) {
-     int i;
-     EVENT_DEBUG("Remove handle %d", watch);
-+
-+    if (watch <= 0) {
-+        VIR_WARN("Ignoring invalid remove watch %d", watch);
-+        return -1;
-+    }
-+
-     virEventLock();
-     for (i = 0 ; i < eventLoop.handlesCount ; i++) {
-         if (eventLoop.handles[i].deleted)
-@@ -172,11 +185,11 @@ int virEventRemoveHandleImpl(int watch) {
-         if (eventLoop.handles[i].watch == watch) {
-             EVENT_DEBUG("mark delete %d %d", i, eventLoop.handles[i].fd);
-             eventLoop.handles[i].deleted = 1;
-+            virEventInterruptLocked();
-             virEventUnlock();
-             return 0;
-         }
-     }
--    virEventInterruptLocked();
-     virEventUnlock();
-     return -1;
- }
-@@ -232,6 +245,12 @@ void virEventUpdateTimeoutImpl(int timer, int frequency) {
-     struct timeval tv;
-     int i;
-     EVENT_DEBUG("Updating timer %d timeout with %d ms freq", timer, frequency);
-+
-+    if (timer <= 0) {
-+        VIR_WARN("Ignoring invalid update timer %d", timer);
-+        return;
-+    }
-+
-     if (gettimeofday(&tv, NULL) < 0) {
-         return;
-     }
-@@ -244,10 +263,10 @@ void virEventUpdateTimeoutImpl(int timer, int frequency) {
-                 frequency >= 0 ? frequency +
-                 (((unsigned long long)tv.tv_sec)*1000) +
-                 (((unsigned long long)tv.tv_usec)/1000) : 0;
-+            virEventInterruptLocked();
-             break;
-         }
-     }
--    virEventInterruptLocked();
-     virEventUnlock();
- }
- 
-@@ -260,6 +279,12 @@ void virEventUpdateTimeoutImpl(int timer, int frequency) {
- int virEventRemoveTimeoutImpl(int timer) {
-     int i;
-     EVENT_DEBUG("Remove timer %d", timer);
-+
-+    if (timer <= 0) {
-+        VIR_WARN("Ignoring invalid remove timer %d", timer);
-+        return -1;
-+    }
-+
-     virEventLock();
-     for (i = 0 ; i < eventLoop.timeoutsCount ; i++) {
-         if (eventLoop.timeouts[i].deleted)
-@@ -267,11 +292,11 @@ int virEventRemoveTimeoutImpl(int timer) {
- 
-         if (eventLoop.timeouts[i].timer == timer) {
-             eventLoop.timeouts[i].deleted = 1;
-+            virEventInterruptLocked();
-             virEventUnlock();
-             return 0;
-         }
-     }
--    virEventInterruptLocked();
-     virEventUnlock();
-     return -1;
- }
-@@ -617,9 +642,12 @@ static int virEventInterruptLocked(void)
-     char c = '\0';
- 
-     if (!eventLoop.running ||
--        pthread_self() == eventLoop.leader)
-+        pthread_self() == eventLoop.leader) {
-+        VIR_DEBUG("Skip interrupt, %d %d", eventLoop.running, (int)eventLoop.leader);
-         return 0;
-+    }
- 
-+    VIR_DEBUG0("Interrupting");
-     if (safewrite(eventLoop.wakeupfd[1], &c, sizeof(c)) != sizeof(c))
-         return -1;
-     return 0;
--- 
-1.6.0.6
-

libvirt-0.6.3-event-handling-2.patch

@@ -1,197 +0,0 @@
-From 6483ee77ed12f037d68a6adc690624fa1b508dc0 Mon Sep 17 00:00:00 2001
-From: Daniel P. Berrange <berrange@redhat.com>
-Date: Tue, 12 May 2009 16:43:04 +0000
-Subject: [PATCH 2/2] Fix watch/timer event deletion
-
----
- qemud/event.c |  112 ++++++++++++++++++++++++++-------------------------------
- 1 files changed, 51 insertions(+), 61 deletions(-)
-
-diff --git a/qemud/event.c b/qemud/event.c
-index 754f2b1..a57d967 100644
---- a/qemud/event.c
-+++ b/qemud/event.c
-@@ -313,7 +313,7 @@ static int virEventCalculateTimeout(int *timeout) {
-     EVENT_DEBUG("Calculate expiry of %d timers", eventLoop.timeoutsCount);
-     /* Figure out if we need a timeout */
-     for (i = 0 ; i < eventLoop.timeoutsCount ; i++) {
--        if (eventLoop.timeouts[i].deleted || eventLoop.timeouts[i].frequency < 0)
-+        if (eventLoop.timeouts[i].frequency < 0)
-             continue;
- 
-         EVENT_DEBUG("Got a timeout scheduled for %llu", eventLoop.timeouts[i].expiresAt);
-@@ -350,32 +350,26 @@ static int virEventCalculateTimeout(int *timeout) {
-  * file handles. The caller must free the returned data struct
-  * returns: the pollfd array, or NULL on error
-  */
--static int virEventMakePollFDs(struct pollfd **retfds) {
-+static struct pollfd *virEventMakePollFDs(void) {
-     struct pollfd *fds;
--    int i, nfds = 0;
-+    int i;
- 
--    for (i = 0 ; i < eventLoop.handlesCount ; i++) {
--        if (eventLoop.handles[i].deleted)
--            continue;
--        nfds++;
--    }
--    *retfds = NULL;
-     /* Setup the poll file handle data structs */
--    if (VIR_ALLOC_N(fds, nfds) < 0)
--        return -1;
-+    if (VIR_ALLOC_N(fds, eventLoop.handlesCount) < 0)
-+        return NULL;
- 
--    for (i = 0, nfds = 0 ; i < eventLoop.handlesCount ; i++) {
--        if (eventLoop.handles[i].deleted)
--            continue;
--        fds[nfds].fd = eventLoop.handles[i].fd;
--        fds[nfds].events = eventLoop.handles[i].events;
--        fds[nfds].revents = 0;
-+    for (i = 0 ; i < eventLoop.handlesCount ; i++) {
-+        EVENT_DEBUG("Prepare n=%d w=%d, f=%d e=%d", i,
-+                    eventLoop.handles[i].watch,
-+                    eventLoop.handles[i].fd,
-+                    eventLoop.handles[i].events);
-+        fds[i].fd = eventLoop.handles[i].fd;
-+        fds[i].events = eventLoop.handles[i].events;
-+        fds[i].revents = 0;
-         //EVENT_DEBUG("Wait for %d %d", eventLoop.handles[i].fd, eventLoop.handles[i].events);
--        nfds++;
-     }
- 
--    *retfds = fds;
--    return nfds;
-+    return fds;
- }
- 
- 
-@@ -435,26 +429,30 @@ static int virEventDispatchTimeouts(void) {
-  * Returns 0 upon success, -1 if an error occurred
-  */
- static int virEventDispatchHandles(int nfds, struct pollfd *fds) {
--    int i, n;
-+    int i;
- 
--    for (i = 0, n = 0 ; i < eventLoop.handlesCount && n < nfds ; i++) {
-+    /* NB, use nfds not eventLoop.handlesCount, because new
-+     * fds might be added on end of list, and they're not
-+     * in the fds array we've got */
-+    for (i = 0 ; i < nfds ; i++) {
-         if (eventLoop.handles[i].deleted) {
--            EVENT_DEBUG("Skip deleted %d", eventLoop.handles[i].fd);
-+            EVENT_DEBUG("Skip deleted n=%d w=%d f=%d", i,
-+                        eventLoop.handles[i].watch, eventLoop.handles[i].fd);
-             continue;
-         }
- 
--        if (fds[n].revents) {
-+        if (fds[i].revents) {
-             virEventHandleCallback cb = eventLoop.handles[i].cb;
-             void *opaque = eventLoop.handles[i].opaque;
--            int hEvents = virPollEventToEventHandleType(fds[n].revents);
--            EVENT_DEBUG("Dispatch %d %d %p", fds[n].fd,
--                        fds[n].revents, eventLoop.handles[i].opaque);
-+            int hEvents = virPollEventToEventHandleType(fds[i].revents);
-+            EVENT_DEBUG("Dispatch n=%d f=%d w=%d e=%d %p", i,
-+                        fds[i].fd, eventLoop.handles[i].watch,
-+                        fds[i].revents, eventLoop.handles[i].opaque);
-             virEventUnlock();
-             (cb)(eventLoop.handles[i].watch,
--                 fds[n].fd, hEvents, opaque);
-+                 fds[i].fd, hEvents, opaque);
-             virEventLock();
-         }
--        n++;
-     }
- 
-     return 0;
-@@ -545,22 +543,21 @@ static int virEventCleanupHandles(void) {
-  * at least one file handle has an event, or a timer expires
-  */
- int virEventRunOnce(void) {
--    struct pollfd *fds;
-+    struct pollfd *fds = NULL;
-     int ret, timeout, nfds;
- 
-     virEventLock();
-     eventLoop.running = 1;
-     eventLoop.leader = pthread_self();
--    if ((nfds = virEventMakePollFDs(&fds)) < 0) {
--        virEventUnlock();
--        return -1;
--    }
- 
--    if (virEventCalculateTimeout(&timeout) < 0) {
--        VIR_FREE(fds);
--        virEventUnlock();
--        return -1;
--    }
-+    if (virEventCleanupTimeouts() < 0 ||
-+        virEventCleanupHandles() < 0)
-+        goto error;
-+
-+    if (!(fds = virEventMakePollFDs()) ||
-+        virEventCalculateTimeout(&timeout) < 0)
-+        goto error;
-+    nfds = eventLoop.handlesCount;
- 
-     virEventUnlock();
- 
-@@ -572,38 +569,31 @@ int virEventRunOnce(void) {
-         if (errno == EINTR) {
-             goto retry;
-         }
--        VIR_FREE(fds);
--        return -1;
-+        goto error_unlocked;
-     }
- 
-     virEventLock();
--    if (virEventDispatchTimeouts() < 0) {
--        VIR_FREE(fds);
--        virEventUnlock();
--        return -1;
--    }
-+    if (virEventDispatchTimeouts() < 0)
-+        goto error;
- 
-     if (ret > 0 &&
--        virEventDispatchHandles(nfds, fds) < 0) {
--        VIR_FREE(fds);
--        virEventUnlock();
--        return -1;
--    }
--    VIR_FREE(fds);
--
--    if (virEventCleanupTimeouts() < 0) {
--        virEventUnlock();
--        return -1;
--    }
-+        virEventDispatchHandles(nfds, fds) < 0)
-+        goto error;
- 
--    if (virEventCleanupHandles() < 0) {
--        virEventUnlock();
--        return -1;
--    }
-+    if (virEventCleanupTimeouts() < 0 ||
-+        virEventCleanupHandles() < 0)
-+        goto error;
- 
-     eventLoop.running = 0;
-     virEventUnlock();
-+    VIR_FREE(fds);
-     return 0;
-+
-+error:
-+    virEventUnlock();
-+error_unlocked:
-+    VIR_FREE(fds);
-+    return -1;
- }
- 
- static void virEventHandleWakeup(int watch ATTRIBUTE_UNUSED,
--- 
-1.6.0.6
-

libvirt-0.6.3-fix-qemu-argv-detection-with-kvm-85.patch

@@ -1,82 +0,0 @@
-From 2b3fcdc378e7bec5c1a78b81632756e92930fd24 Mon Sep 17 00:00:00 2001
-From: Daniel P. Berrange <berrange@redhat.com>
-Date: Mon, 11 May 2009 15:14:24 +0000
-Subject: [PATCH 1/1] Fix QEMU ARGV detection with kvm >= 85
-
----
- src/qemu_conf.c   |   18 ++++++++++++++----
- src/qemu_driver.c |   12 ++----------
- 2 files changed, 16 insertions(+), 14 deletions(-)
-
-diff --git a/src/qemu_conf.c b/src/qemu_conf.c
-index 9cb71eb..a57d3ab 100644
---- a/src/qemu_conf.c
-+++ b/src/qemu_conf.c
-@@ -431,18 +431,28 @@ int qemudExtractVersionInfo(const char *qemu,
-         return -1;
- 
-     char *help = NULL;
--    enum { MAX_HELP_OUTPUT_SIZE = 8192 };
-+    enum { MAX_HELP_OUTPUT_SIZE = 1024*64 };
-     int len = virFileReadLimFD(newstdout, MAX_HELP_OUTPUT_SIZE, &help);
--    if (len < 0)
-+    if (len < 0) {
-+        virReportSystemError(NULL, errno, "%s",
-+                             _("Unable to read QEMU help output"));
-         goto cleanup2;
-+    }
- 
-     if (sscanf(help, "QEMU PC emulator version %u.%u.%u (kvm-%u)",
-                &major, &minor, &micro, &kvm_version) != 4)
-         kvm_version = 0;
- 
--    if (!kvm_version && sscanf(help, "QEMU PC emulator version %u.%u.%u",
--               &major, &minor, &micro) != 3)
-+    if (!kvm_version &&
-+        sscanf(help, "QEMU PC emulator version %u.%u.%u",
-+               &major, &minor, &micro) != 3) {
-+        char *eol = strchr(help, '\n');
-+        if (eol) *eol = '\0';
-+        qemudReportError(NULL, NULL, NULL, VIR_ERR_INTERNAL_ERROR,
-+                         _("cannot parse QEMU version number in '%s'"),
-+                         help);
-         goto cleanup2;
-+    }
- 
-     version = (major * 1000 * 1000) + (minor * 1000) + micro;
- 
-diff --git a/src/qemu_driver.c b/src/qemu_driver.c
-index 30642d5..bd60b29 100644
---- a/src/qemu_driver.c
-+++ b/src/qemu_driver.c
-@@ -1391,12 +1391,8 @@ static int qemudStartVMDaemon(virConnectPtr conn,
- 
-     if (qemudExtractVersionInfo(emulator,
-                                 NULL,
--                                &qemuCmdFlags) < 0) {
--        qemudReportError(conn, NULL, NULL, VIR_ERR_INTERNAL_ERROR,
--                         _("Cannot determine QEMU argv syntax %s"),
--                         emulator);
-+                                &qemuCmdFlags) < 0)
-         goto cleanup;
--    }
- 
-     if (qemuPrepareHostDevices(conn, vm->def) < 0)
-         goto cleanup;
-@@ -3715,12 +3711,8 @@ static int qemudDomainChangeEjectableMedia(virConnectPtr conn,
- 
-     if (qemudExtractVersionInfo(vm->def->emulator,
-                                 NULL,
--                                &qemuCmdFlags) < 0) {
--        qemudReportError(conn, dom, NULL, VIR_ERR_INTERNAL_ERROR,
--                         _("Cannot determine QEMU argv syntax %s"),
--                         vm->def->emulator);
-+                                &qemuCmdFlags) < 0)
-         return -1;
--    }
- 
-     if (qemuCmdFlags & QEMUD_CMD_FLAG_DRIVE) {
-         if (!(devname = qemudDiskDeviceName(conn, newdisk)))
--- 
-1.6.0.6
-

libvirt-0.6.3-hostdev-managed.patch

@@ -1,45 +0,0 @@
-From 3d7771e0570e09096ad9391a857dad48b150bc0c Mon Sep 17 00:00:00 2001
-From: Mark McLoughlin <markmc@redhat.com>
-Date: Wed, 6 May 2009 16:33:28 +0100
-Subject: [PATCH] Fix qemu driver's interpretation of <hostdev managed='yes'/>
-
-This change:
-
-  Tue Mar  3 08:55:13 GMT 2009 Daniel P. Berrange <berrange@redhat.com>
-
-       Don't try to detach & reset PCI devices while running test
-       suite for XML-> ARGV conversion.
-       * src/qemu_driver.c: Add qemuPrepareHostDevices() helper to
-       detach and reset PCI devices.
-       * src/qemu_conf.c: Don't detach & reset PCI devices while
-       building the command line argv
-
-accidentally did this:
-
--            if (hostdev->managed) {
-+        if (!hostdev->managed) {
-
-Which results in managed='yes' not causing the device to be
-detached when the guest is starting.
-
-Signed-off-by: Mark McLoughlin <markmc@redhat.com>
----
- src/qemu_driver.c |    2 +-
- 1 files changed, 1 insertions(+), 1 deletions(-)
-
-diff --git a/src/qemu_driver.c b/src/qemu_driver.c
-index 5898026..59312c0 100644
---- a/src/qemu_driver.c
-+++ b/src/qemu_driver.c
-@@ -1215,7 +1215,7 @@ static int qemuPrepareHostDevices(virConnectPtr conn,
-         if (hostdev->source.subsys.type != VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI)
-             continue;
- 
--        if (!hostdev->managed) {
-+        if (hostdev->managed) {
-             pciDevice *dev = pciGetDevice(conn,
-                                           hostdev->source.subsys.u.pci.domain,
-                                           hostdev->source.subsys.u.pci.bus,
--- 
-1.6.0.6
-

libvirt-0.6.3-refresh-qemu-caps.patch

@@ -1,76 +0,0 @@
-commit 0e51348cb9aeafe5e2fd6469a4bde0baa1eb8720
-Author: Cole Robinson <crobinso@redhat.com>
-Date:   Mon May 4 15:06:03 2009 -0400
-
-    Refresh QEMU driver capabilities for each getCapabilities call.
-    
-    Also fix up a couple issues where caps are accessed without locking
-    the driver structure.
-
-diff --git a/src/qemu_driver.c b/src/qemu_driver.c
-index 23ea961..790dac6 100644
---- a/src/qemu_driver.c
-+++ b/src/qemu_driver.c
-@@ -1885,10 +1885,12 @@ static int qemudGetNodeInfo(virConnectPtr conn,
- 
- static char *qemudGetCapabilities(virConnectPtr conn) {
-     struct qemud_driver *driver = conn->privateData;
--    char *xml;
-+    char *xml = NULL;
- 
-     qemuDriverLock(driver);
--    if ((xml = virCapabilitiesFormatXML(driver->caps)) == NULL)
-+    virCapabilitiesFree(qemu_driver->caps);
-+    if ((qemu_driver->caps = qemudCapsInit()) == NULL ||
-+        (xml = virCapabilitiesFormatXML(driver->caps)) == NULL)
-         virReportOOMError(conn);
-     qemuDriverUnlock(driver);
- 
-@@ -3169,20 +3171,26 @@ cleanup:
-     return ret;
- }
- 
--static int qemudNodeGetSecurityModel(virConnectPtr conn, virSecurityModelPtr secmodel)
-+static int qemudNodeGetSecurityModel(virConnectPtr conn,
-+                                     virSecurityModelPtr secmodel)
- {
-     struct qemud_driver *driver = (struct qemud_driver *)conn->privateData;
-     char *p;
-+    int ret = 0;
- 
--    if (!driver->securityDriver)
--        return -2;
-+    qemuDriverLock(driver);
-+    if (!driver->securityDriver) {
-+        ret = -2;
-+        goto cleanup;
-+    }
- 
-     p = driver->caps->host.secModel.model;
-     if (strlen(p) >= VIR_SECURITY_MODEL_BUFLEN-1) {
-         qemudReportError(conn, NULL, NULL, VIR_ERR_INTERNAL_ERROR,
-                          _("security model string exceeds max %d bytes"),
-                          VIR_SECURITY_MODEL_BUFLEN-1);
--        return -1;
-+        ret = -1;
-+        goto cleanup;
-     }
-     strcpy(secmodel->model, p);
- 
-@@ -3191,10 +3199,14 @@ static int qemudNodeGetSecurityModel(virConnectPtr conn, virSecurityModelPtr sec
-         qemudReportError(conn, NULL, NULL, VIR_ERR_INTERNAL_ERROR,
-                          _("security DOI string exceeds max %d bytes"),
-                          VIR_SECURITY_DOI_BUFLEN-1);
--        return -1;
-+        ret = -1;
-+        goto cleanup;
-     }
-     strcpy(secmodel->doi, p);
--    return 0;
-+
-+cleanup:
-+    qemuDriverUnlock(driver);
-+    return ret;
- }
- 
- /* TODO: check seclabel restore */

libvirt-0.6.3-shared-readonly-label.patch

@@ -1,76 +0,0 @@
-diff -rup libvirt-0.6.2/src/security_selinux.c libvirt-0.6.2.new/src/security_selinux.c
---- libvirt-0.6.2/src/security_selinux.c	2009-04-03 15:36:56.000000000 +0100
-+++ libvirt-0.6.2.new/src/security_selinux.c	2009-05-05 13:39:42.000000000 +0100
-@@ -24,11 +24,12 @@
- #include "virterror_internal.h"
- #include "util.h"
- #include "memory.h"
--
-+#include "logging.h"
- 
- #define VIR_FROM_THIS VIR_FROM_SECURITY
- 
- static char default_domain_context[1024];
-+static char default_content_context[1024];
- static char default_image_context[1024];
- #define SECURITY_SELINUX_VOID_DOI       "0"
- #define SECURITY_SELINUX_NAME "selinux"
-@@ -148,8 +149,13 @@ SELinuxInitialize(virConnectPtr conn)
-     close(fd);
- 
-     ptr = strchrnul(default_image_context, '\n');
--    *ptr = '\0';
--
-+    if (*ptr == '\n') {
-+        *ptr = '\0';
-+        strcpy(default_content_context, ptr+1);
-+        ptr = strchrnul(default_content_context, '\n');
-+        if (*ptr == '\n')
-+            *ptr = '\0';
-+    }
-     return 0;
- }
- 
-@@ -275,6 +281,8 @@ SELinuxSetFilecon(virConnectPtr conn, co
- {
-     char ebuf[1024];
- 
-+    VIR_INFO("Setting SELinux context on '%s' to '%s'", path, tcon);
-+
-     if(setfilecon(path, tcon) < 0) {
-         virSecurityReportError(conn, VIR_ERR_ERROR,
-                                _("%s: unable to set security context "
-@@ -299,6 +307,8 @@ SELinuxRestoreSecurityImageLabel(virConn
-     char *newpath = NULL;
-     const char *path = disk->src;
- 
-+    /* Don't restore labels on readoly/shared disks, because
-+     * other VMs may still be accessing these */
-     if (disk->readonly || disk->shared)
-         return 0;
- 
-@@ -328,8 +338,13 @@ SELinuxSetSecurityImageLabel(virConnectP
- {
-     const virSecurityLabelDefPtr secdef = &vm->def->seclabel;
- 
--    if (secdef->imagelabel)
-+    if (disk->shared) {
-+        return SELinuxSetFilecon(conn, disk->src, default_image_context);
-+    } else if (disk->readonly) {
-+        return SELinuxSetFilecon(conn, disk->src, default_content_context);
-+    } else if (secdef->imagelabel) {
-         return SELinuxSetFilecon(conn, disk->src, secdef->imagelabel);
-+    }
- 
-     return 0;
- }
-@@ -403,9 +418,6 @@ SELinuxSetSecurityLabel(virConnectPtr co
- 
-     if (secdef->imagelabel) {
-         for (i = 0 ; i < vm->def->ndisks ; i++) {
--            if (vm->def->disks[i]->readonly ||
--                vm->def->disks[i]->shared) continue;
--
-             if (SELinuxSetSecurityImageLabel(conn, vm, vm->def->disks[i]) < 0)
-                 return -1;
-         }

libvirt-0.6.3-xml-attribute-escaping.patch

@@ -1,47 +0,0 @@
-From 7f7a4403860f56d5a1ad65bfd16f5bf97a971d45 Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <veillard@redhat.com>
-Date: Wed, 13 May 2009 16:19:59 +0000
-Subject: [PATCH 1/1] * src/buf.c: avoid an XML attribute escaping bug #499791
- daniel
-
----
- src/buf.c |   16 +++++++++++++++-
- 1 files changed, 15 insertions(+), 1 deletions(-)
-
-diff --git a/src/buf.c b/src/buf.c
-index cdcdac9..259175d 100644
---- a/src/buf.c
-+++ b/src/buf.c
-@@ -266,7 +266,7 @@ virBufferEscapeString(const virBufferPtr buf, const char *format, const char *st
-         return;
- 
-     len = strlen(str);
--    if (VIR_ALLOC_N(escaped, 5 * len + 1) < 0) {
-+    if (VIR_ALLOC_N(escaped, 6 * len + 1) < 0) {
-         virBufferNoMemory(buf);
-         return;
-     }
-@@ -290,6 +290,20 @@ virBufferEscapeString(const virBufferPtr buf, const char *format, const char *st
-             *out++ = 'm';
-             *out++ = 'p';
-             *out++ = ';';
-+        } else if (*cur == '"') {
-+            *out++ = '&';
-+            *out++ = 'q';
-+            *out++ = 'u';
-+            *out++ = 'o';
-+            *out++ = 't';
-+            *out++ = ';';
-+        } else if (*cur == '\'') {
-+            *out++ = '&';
-+            *out++ = 'a';
-+            *out++ = 'p';
-+            *out++ = 'o';
-+            *out++ = 's';
-+            *out++ = ';';
-         } else if ((*cur >= 0x20) || (*cur == '\n') || (*cur == '\t') ||
-                    (*cur == '\r')) {
-             /*
--- 
-1.6.0.6
-

libvirt-0.6.4-svirt-sound.patch

@@ -1,8 +1,8 @@
---- src/qemu_conf.c.orig	2009-04-02 11:50:10.000000000 +0200
-+++ src/qemu_conf.c	2009-04-03 17:46:59.000000000 +0200
-@@ -779,6 +779,20 @@ int qemudBuildCommandLine(virConnectPtr 
+--- src/qemu_conf.c.orig	2009-05-29 19:24:59.000000000 +0200
++++ src/qemu_conf.c	2009-05-29 19:19:39.000000000 +0200
+@@ -792,6 +792,20 @@ int qemudBuildCommandLine(virConnectPtr 
+     char uuid[VIR_UUID_STRING_BUFLEN];
      char domid[50];
-     char *pidfile;
      const char *cpu = NULL;
 +    int skipSound = 0;
 +
@@ -21,7 +21,7 @@
  
      uname_normalize(&ut);
  
-@@ -1425,7 +1439,8 @@ int qemudBuildCommandLine(virConnectPtr 
+@@ -1429,7 +1443,8 @@ int qemudBuildCommandLine(virConnectPtr 
      }
  
      /* Add sound hardware */

libvirt-0.7.0-chown-kernel-initrd-before-spawning-qemu.patch

@@ -0,0 +1,73 @@
+From: Mark McLoughlin <markmc@redhat.com>
+Subject: [PATCH] chown kernel/initrd before spawning qemu
+
+If we're running qemu unprivileged, we need to chown any supplied kernel
+or initrd before spawning it.
+
+* src/qemu_driver.c: rename qemuDomainSetDiskOwnership() to
+  qemuDomainSetFileOwnership(), pass it a path string instead of a disk
+  definition and use it for chowning the kernel/initrd in
+  qemuDomainSetAllDeviceOwnership()
+---
+ src/qemu_driver.c |   20 ++++++++++++--------
+ 1 files changed, 12 insertions(+), 8 deletions(-)
+
+diff --git a/src/qemu_driver.c b/src/qemu_driver.c
+index 412b68d..bd58435 100644
+--- a/src/qemu_driver.c
++++ b/src/qemu_driver.c
+@@ -1684,18 +1684,18 @@ static int qemuDomainSetHostdevOwnership(virConnectPtr conn,
+ 
+ }
+ 
+-static int qemuDomainSetDiskOwnership(virConnectPtr conn,
+-                                      virDomainDiskDefPtr def,
++static int qemuDomainSetFileOwnership(virConnectPtr conn,
++                                      const char *path,
+                                       uid_t uid, gid_t gid)
+ {
+ 
+-    if (!def->src)
++    if (!path)
+         return 0;
+ 
+-    VIR_DEBUG("Setting ownership on %s to %d:%d", def->src, uid, gid);
+-    if (chown(def->src, uid, gid) < 0) {
++    VIR_DEBUG("Setting ownership on %s to %d:%d", path, uid, gid);
++    if (chown(path, uid, gid) < 0) {
+         virReportSystemError(conn, errno, _("cannot set ownership on %s"),
+-                             def->src);
++                             path);
+         return -1;
+     }
+     return 0;
+@@ -1725,7 +1725,7 @@ static int qemuDomainSetDeviceOwnership(virConnectPtr conn,
+             (def->data.disk->readonly || def->data.disk->shared))
+             return 0;
+ 
+-        return qemuDomainSetDiskOwnership(conn, def->data.disk, uid, gid);
++        return qemuDomainSetFileOwnership(conn, def->data.disk->src, uid, gid);
+ 
+     case VIR_DOMAIN_DEVICE_HOSTDEV:
+         return qemuDomainSetHostdevOwnership(conn, def->data.hostdev, uid, gid);
+@@ -1753,12 +1753,16 @@ static int qemuDomainSetAllDeviceOwnership(virConnectPtr conn,
+     uid = restore ? 0 : driver->user;
+     gid = restore ? 0 : driver->group;
+ 
++    if (qemuDomainSetFileOwnership(conn, def->os.kernel, uid, gid) < 0 ||
++        qemuDomainSetFileOwnership(conn, def->os.initrd, uid, gid) < 0)
++        return -1;
++
+     for (i = 0 ; i < def->ndisks ; i++) {
+         if (restore &&
+             (def->disks[i]->readonly || def->disks[i]->shared))
+             continue;
+ 
+-        if (qemuDomainSetDiskOwnership(conn, def->disks[i], uid, gid) < 0)
++        if (qemuDomainSetFileOwnership(conn, def->disks[i]->src, uid, gid) < 0)
+             return -1;
+     }
+ 
+-- 
+1.6.2.5
+

libvirt-0.7.0-handle-kernels-with-no-ipv6-support.patch

@@ -0,0 +1,39 @@
+From: Mark McLoughlin <markmc@redhat.com>
+Subject: [PATCH] Handle kernels with no ipv6 support
+
+If the ipv6 kernel module is not loaded, then we get this when starting
+a virtual network:
+
+  libvir: Network Config error :
+  cannot enable /proc/sys/net/ipv6/conf/virbr0/disable_ipv6:
+  No such file or directory
+
+If disable_ipv6 is not present, we should just merrily continue on our
+way.
+
+* src/network_driver.c: make networkDisableIPV6() not fail if the kernel
+  has no ipv6 support
+---
+ src/network_driver.c |    6 ++++++
+ 1 files changed, 6 insertions(+), 0 deletions(-)
+
+diff --git a/src/network_driver.c b/src/network_driver.c
+index eaea454..84910ab 100644
+--- a/src/network_driver.c
++++ b/src/network_driver.c
+@@ -801,6 +801,12 @@ static int networkDisableIPV6(virConnectPtr conn,
+         goto cleanup;
+     }
+ 
++    if (access(field, W_OK) < 0 && errno == ENOENT) {
++        VIR_DEBUG("ipv6 appears to already be disabled on %s", network->def->bridge);
++        ret = 0;
++        goto cleanup;
++    }
++
+     if (virFileWriteStr(field, "1") < 0) {
+         virReportSystemError(conn, errno,
+                              _("cannot enable %s"), field);
+-- 
+1.6.2.5
+

libvirt-0.7.0-numa-ignore-fail.patch

@@ -0,0 +1,85 @@
+commit 19bac57b26c2d46ac8a7601158f210f34acdceac
+Author: Daniel P. Berrange <berrange@redhat.com>
+Date:   Thu Aug 13 11:56:31 2009 +0100
+
+    Make LXC / UML drivers robust against NUMA topology brokenness
+    
+    Some kernel versions expose broken NUMA topology for some machines.
+    This causes the LXC/UML drivers to fail to start. QEMU driver was
+    already fixed for this problem
+    
+    * src/lxc_conf.c: Log and ignore failure to populate NUMA info
+    * src/uml_conf.c: Log and ignore failure to populate NUMA info
+    * src/capabilities.c: Reset nnumaCell to 0 after freeing
+
+diff --git a/src/capabilities.c b/src/capabilities.c
+index c6766b6..193a9fe 100644
+--- a/src/capabilities.c
++++ b/src/capabilities.c
+@@ -139,6 +139,7 @@ virCapabilitiesFreeNUMAInfo(virCapsPtr caps)
+     for (i = 0 ; i < caps->host.nnumaCell ; i++)
+         virCapabilitiesFreeHostNUMACell(caps->host.numaCell[i]);
+     VIR_FREE(caps->host.numaCell);
++    caps->host.nnumaCell = 0;
+ }
+ 
+ /**
+diff --git a/src/lxc_conf.c b/src/lxc_conf.c
+index d06a024..fef60ba 100644
+--- a/src/lxc_conf.c
++++ b/src/lxc_conf.c
+@@ -30,6 +30,8 @@
+ #include "lxc_conf.h"
+ #include "nodeinfo.h"
+ #include "virterror_internal.h"
++#include "logging.h"
++
+ 
+ #define VIR_FROM_THIS VIR_FROM_LXC
+ 
+@@ -46,8 +48,14 @@ virCapsPtr lxcCapsInit(void)
+                                    0, 0)) == NULL)
+         goto no_memory;
+ 
+-    if (nodeCapsInitNUMA(caps) < 0)
+-        goto no_memory;
++    /* Some machines have problematic NUMA toplogy causing
++     * unexpected failures. We don't want to break the QEMU
++     * driver in this scenario, so log errors & carry on
++     */
++    if (nodeCapsInitNUMA(caps) < 0) {
++        virCapabilitiesFreeNUMAInfo(caps);
++        VIR_WARN0("Failed to query host NUMA topology, disabling NUMA capabilities");
++    }
+ 
+     /* XXX shouldn't 'borrow' KVM's prefix */
+     virCapabilitiesSetMacPrefix(caps, (unsigned char []){ 0x52, 0x54, 0x00 });
+diff --git a/src/uml_conf.c b/src/uml_conf.c
+index 48e05a8..4f756d4 100644
+--- a/src/uml_conf.c
++++ b/src/uml_conf.c
+@@ -45,6 +45,7 @@
+ #include "nodeinfo.h"
+ #include "verify.h"
+ #include "bridge.h"
++#include "logging.h"
+ 
+ #define VIR_FROM_THIS VIR_FROM_UML
+ 
+@@ -63,8 +64,14 @@ virCapsPtr umlCapsInit(void) {
+                                    0, 0)) == NULL)
+         goto no_memory;
+ 
+-    if (nodeCapsInitNUMA(caps) < 0)
+-        goto no_memory;
++    /* Some machines have problematic NUMA toplogy causing
++     * unexpected failures. We don't want to break the QEMU
++     * driver in this scenario, so log errors & carry on
++     */
++    if (nodeCapsInitNUMA(caps) < 0) {
++        virCapabilitiesFreeNUMAInfo(caps);
++        VIR_WARN0("Failed to query host NUMA topology, disabling NUMA capabilities");
++    }
+ 
+     if ((guest = virCapabilitiesAddGuest(caps,
+                                          "uml",

libvirt-0.7.0-policy-kit-rewrite.patch

@@ -0,0 +1,469 @@
+diff -rupN libvirt-0.7.0/configure.in libvirt-0.7.0.new/configure.in
+--- libvirt-0.7.0/configure.in	2009-08-05 08:53:49.000000000 -0400
++++ libvirt-0.7.0.new/configure.in	2009-08-13 08:37:22.393897620 -0400
+@@ -641,40 +641,61 @@ AC_SUBST([SASL_LIBS])
+ dnl PolicyKit library
+ POLKIT_CFLAGS=
+ POLKIT_LIBS=
++PKCHECK_PATH=
+ AC_ARG_WITH([polkit],
+   [  --with-polkit         use PolicyKit for UNIX socket access checks],
+   [],
+   [with_polkit=check])
+ 
++with_polkit0=no
++with_polkit1=no
+ if test "x$with_polkit" = "xyes" -o "x$with_polkit" = "xcheck"; then
+-  PKG_CHECK_MODULES(POLKIT, polkit-dbus >= $POLKIT_REQUIRED,
+-    [with_polkit=yes], [
+-    if test "x$with_polkit" = "xcheck" ; then
+-       with_polkit=no
+-    else
+-       AC_MSG_ERROR(
+-         [You must install PolicyKit >= $POLKIT_REQUIRED to compile libvirt])
+-    fi
+-  ])
+-  if test "x$with_polkit" = "xyes" ; then
++  dnl Check for new polkit first - just a binary
++  AC_PATH_PROG([PKCHECK_PATH],[pkcheck], [], [/usr/sbin:$PATH])
++  if test "x$PKCHECK_PATH" != "x" ; then
++    AC_DEFINE_UNQUOTED([PKCHECK_PATH],["$PKCHECK_PATH"],[Location of pkcheck program])
+     AC_DEFINE_UNQUOTED([HAVE_POLKIT], 1,
+-      [use PolicyKit for UNIX socket access checks])
+-
+-    old_CFLAGS=$CFLAGS
+-    old_LDFLAGS=$LDFLAGS
+-    CFLAGS="$CFLAGS $POLKIT_CFLAGS"
+-    LDFLAGS="$LDFLAGS $POLKIT_LIBS"
+-    AC_CHECK_FUNCS([polkit_context_is_caller_authorized])
+-    CFLAGS="$old_CFLAGS"
+-    LDFLAGS="$old_LDFLAGS"
+-
+-    AC_PATH_PROG([POLKIT_AUTH], [polkit-auth])
+-    if test "x$POLKIT_AUTH" != "x"; then
+-      AC_DEFINE_UNQUOTED([POLKIT_AUTH],["$POLKIT_AUTH"],[Location of polkit-auth program])
++        [use PolicyKit for UNIX socket access checks])
++    AC_DEFINE_UNQUOTED([HAVE_POLKIT1], 1,
++        [use PolicyKit for UNIX socket access checks])
++    with_polkit="yes"
++    with_polkit1="yes"
++  else
++    dnl Check for old polkit second - library + binary
++    PKG_CHECK_MODULES(POLKIT, polkit-dbus >= $POLKIT_REQUIRED,
++      [with_polkit=yes], [
++      if test "x$with_polkit" = "xcheck" ; then
++         with_polkit=no
++      else
++         AC_MSG_ERROR(
++           [You must install PolicyKit >= $POLKIT_REQUIRED to compile libvirt])
++      fi
++    ])
++    if test "x$with_polkit" = "xyes" ; then
++      AC_DEFINE_UNQUOTED([HAVE_POLKIT], 1,
++        [use PolicyKit for UNIX socket access checks])
++      AC_DEFINE_UNQUOTED([HAVE_POLKIT0], 1,
++        [use PolicyKit for UNIX socket access checks])
++
++      old_CFLAGS=$CFLAGS
++      old_LDFLAGS=$LDFLAGS
++      CFLAGS="$CFLAGS $POLKIT_CFLAGS"
++      LDFLAGS="$LDFLAGS $POLKIT_LIBS"
++      AC_CHECK_FUNCS([polkit_context_is_caller_authorized])
++      CFLAGS="$old_CFLAGS"
++      LDFLAGS="$old_LDFLAGS"
++
++      AC_PATH_PROG([POLKIT_AUTH], [polkit-auth])
++      if test "x$POLKIT_AUTH" != "x"; then
++        AC_DEFINE_UNQUOTED([POLKIT_AUTH],["$POLKIT_AUTH"],[Location of polkit-auth program])
++      fi
++      with_polkit0="yes"
+     fi
+   fi
+ fi
+ AM_CONDITIONAL([HAVE_POLKIT], [test "x$with_polkit" = "xyes"])
++AM_CONDITIONAL([HAVE_POLKIT0], [test "x$with_polkit0" = "xyes"])
++AM_CONDITIONAL([HAVE_POLKIT1], [test "x$with_polkit1" = "xyes"])
+ AC_SUBST([POLKIT_CFLAGS])
+ AC_SUBST([POLKIT_LIBS])
+ 
+@@ -1695,7 +1716,11 @@ else
+ AC_MSG_NOTICE([   avahi: no])
+ fi
+ if test "$with_polkit" = "yes" ; then
+-AC_MSG_NOTICE([  polkit: $POLKIT_CFLAGS $POLKIT_LIBS])
++if test "$with_polkit0" = "yes" ; then
++AC_MSG_NOTICE([  polkit: $POLKIT_CFLAGS $POLKIT_LIBS (version 0)])
++else
++AC_MSG_NOTICE([  polkit: $PKCHECK_PATH (version 1)])
++fi
+ else
+ AC_MSG_NOTICE([  polkit: no])
+ fi
+diff -rupN libvirt-0.7.0/qemud/libvirtd.policy libvirt-0.7.0.new/qemud/libvirtd.policy
+--- libvirt-0.7.0/qemud/libvirtd.policy	2009-07-22 09:37:32.000000000 -0400
++++ libvirt-0.7.0.new/qemud/libvirtd.policy	1969-12-31 19:00:00.000000000 -0500
+@@ -1,42 +0,0 @@
+-<!DOCTYPE policyconfig PUBLIC
+- "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
+- "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
+-
+-<!--
+-Policy definitions for libvirt daemon
+-
+-Copyright (c) 2007 Daniel P. Berrange <berrange redhat com>
+-
+-libvirt is licensed to you under the GNU Lesser General Public License
+-version 2. See COPYING for details.
+-
+-NOTE: If you make changes to this file, make sure to validate the file
+-using the polkit-policy-file-validate(1) tool. Changes made to this
+-file are instantly applied.
+--->
+-
+-<policyconfig>
+-    <action id="org.libvirt.unix.monitor">
+-      <description>Monitor local virtualized systems</description>
+-      <message>System policy prevents monitoring of local virtualized systems</message>
+-      <defaults>
+-        <!-- Any program can use libvirt in read-only mode for monitoring,
+-             even if not part of a session -->
+-        <allow_any>yes</allow_any>
+-        <allow_inactive>yes</allow_inactive>
+-        <allow_active>yes</allow_active>
+-      </defaults>
+-    </action>
+-
+-    <action id="org.libvirt.unix.manage">
+-      <description>Manage local virtualized systems</description>
+-      <message>System policy prevents management of local virtualized systems</message>
+-      <defaults>
+-        <!-- Only a program in the active host session can use libvirt in
+-             read-write mode for management, and we require user password -->
+-        <allow_any>no</allow_any>
+-        <allow_inactive>no</allow_inactive>
+-        <allow_active>auth_admin_keep_session</allow_active>
+-      </defaults>
+-    </action>
+-</policyconfig>
+diff -rupN libvirt-0.7.0/qemud/libvirtd.policy-0 libvirt-0.7.0.new/qemud/libvirtd.policy-0
+--- libvirt-0.7.0/qemud/libvirtd.policy-0	1969-12-31 19:00:00.000000000 -0500
++++ libvirt-0.7.0.new/qemud/libvirtd.policy-0	2009-08-13 08:37:22.408883879 -0400
+@@ -0,0 +1,42 @@
++<!DOCTYPE policyconfig PUBLIC
++ "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
++ "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
++
++<!--
++Policy definitions for libvirt daemon
++
++Copyright (c) 2007 Daniel P. Berrange <berrange redhat com>
++
++libvirt is licensed to you under the GNU Lesser General Public License
++version 2. See COPYING for details.
++
++NOTE: If you make changes to this file, make sure to validate the file
++using the polkit-policy-file-validate(1) tool. Changes made to this
++file are instantly applied.
++-->
++
++<policyconfig>
++    <action id="org.libvirt.unix.monitor">
++      <description>Monitor local virtualized systems</description>
++      <message>System policy prevents monitoring of local virtualized systems</message>
++      <defaults>
++        <!-- Any program can use libvirt in read-only mode for monitoring,
++             even if not part of a session -->
++        <allow_any>yes</allow_any>
++        <allow_inactive>yes</allow_inactive>
++        <allow_active>yes</allow_active>
++      </defaults>
++    </action>
++
++    <action id="org.libvirt.unix.manage">
++      <description>Manage local virtualized systems</description>
++      <message>System policy prevents management of local virtualized systems</message>
++      <defaults>
++        <!-- Only a program in the active host session can use libvirt in
++             read-write mode for management, and we require user password -->
++        <allow_any>no</allow_any>
++        <allow_inactive>no</allow_inactive>
++        <allow_active>auth_admin_keep_session</allow_active>
++      </defaults>
++    </action>
++</policyconfig>
+diff -rupN libvirt-0.7.0/qemud/libvirtd.policy-1 libvirt-0.7.0.new/qemud/libvirtd.policy-1
+--- libvirt-0.7.0/qemud/libvirtd.policy-1	1969-12-31 19:00:00.000000000 -0500
++++ libvirt-0.7.0.new/qemud/libvirtd.policy-1	2009-08-13 08:37:22.412905763 -0400
+@@ -0,0 +1,42 @@
++<!DOCTYPE policyconfig PUBLIC
++ "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
++ "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
++
++<!--
++Policy definitions for libvirt daemon
++
++Copyright (c) 2007 Daniel P. Berrange <berrange redhat com>
++
++libvirt is licensed to you under the GNU Lesser General Public License
++version 2. See COPYING for details.
++
++NOTE: If you make changes to this file, make sure to validate the file
++using the polkit-policy-file-validate(1) tool. Changes made to this
++file are instantly applied.
++-->
++
++<policyconfig>
++    <action id="org.libvirt.unix.monitor">
++      <description>Monitor local virtualized systems</description>
++      <message>System policy prevents monitoring of local virtualized systems</message>
++      <defaults>
++        <!-- Any program can use libvirt in read-only mode for monitoring,
++             even if not part of a session -->
++        <allow_any>yes</allow_any>
++        <allow_inactive>yes</allow_inactive>
++        <allow_active>yes</allow_active>
++      </defaults>
++    </action>
++
++    <action id="org.libvirt.unix.manage">
++      <description>Manage local virtualized systems</description>
++      <message>System policy prevents management of local virtualized systems</message>
++      <defaults>
++        <!-- Only a program in the active host session can use libvirt in
++             read-write mode for management, and we require user password -->
++        <allow_any>no</allow_any>
++        <allow_inactive>no</allow_inactive>
++        <allow_active>auth_admin_keep</allow_active>
++      </defaults>
++    </action>
++</policyconfig>
+diff -rupN libvirt-0.7.0/qemud/Makefile.am libvirt-0.7.0.new/qemud/Makefile.am
+--- libvirt-0.7.0/qemud/Makefile.am	2009-07-22 09:37:32.000000000 -0400
++++ libvirt-0.7.0.new/qemud/Makefile.am	2009-08-13 08:37:22.398915449 -0400
+@@ -21,7 +21,8 @@ EXTRA_DIST =						\
+ 	remote_protocol.x				\
+ 	libvirtd.conf					\
+ 	libvirtd.init.in				\
+-	libvirtd.policy					\
++	libvirtd.policy-0				\
++	libvirtd.policy-1				\
+ 	libvirtd.sasl					\
+ 	libvirtd.sysconf				\
+ 	libvirtd.aug                                    \
+@@ -147,7 +148,13 @@ endif
+ libvirtd_LDADD += ../src/libvirt.la
+ 
+ if HAVE_POLKIT
++if HAVE_POLKIT0
+ policydir = $(datadir)/PolicyKit/policy
++policyfile = libvirtd.policy-0
++else
++policydir = $(datadir)/polkit-1/actions
++policyfile = libvirtd.policy-1
++endif
+ endif
+ 
+ if HAVE_AVAHI
+@@ -197,7 +204,7 @@ endif
+ if HAVE_POLKIT
+ install-data-polkit:: install-init
+ 	mkdir -p $(DESTDIR)$(policydir)
+-	$(INSTALL_DATA) $(srcdir)/libvirtd.policy $(DESTDIR)$(policydir)/org.libvirt.unix.policy
++	$(INSTALL_DATA) $(srcdir)/$(policyfile) $(DESTDIR)$(policydir)/org.libvirt.unix.policy
+ uninstall-data-polkit:: install-init
+ 	rm -f $(DESTDIR)$(policydir)/org.libvirt.unix.policy
+ else
+diff -rupN libvirt-0.7.0/qemud/qemud.c libvirt-0.7.0.new/qemud/qemud.c
+--- libvirt-0.7.0/qemud/qemud.c	2009-07-22 09:37:32.000000000 -0400
++++ libvirt-0.7.0.new/qemud/qemud.c	2009-08-13 08:37:22.419878018 -0400
+@@ -895,7 +895,7 @@ static struct qemud_server *qemudNetwork
+     }
+ #endif
+ 
+-#ifdef HAVE_POLKIT
++#if HAVE_POLKIT0
+     if (auth_unix_rw == REMOTE_AUTH_POLKIT ||
+         auth_unix_ro == REMOTE_AUTH_POLKIT) {
+         DBusError derr;
+@@ -982,7 +982,7 @@ static struct qemud_server *qemudNetwork
+             sock = sock->next;
+         }
+ 
+-#ifdef HAVE_POLKIT
++#if HAVE_POLKIT0
+         if (server->sysbus)
+             dbus_connection_unref(server->sysbus);
+ #endif
+diff -rupN libvirt-0.7.0/qemud/qemud.h libvirt-0.7.0.new/qemud/qemud.h
+--- libvirt-0.7.0/qemud/qemud.h	2009-07-23 12:33:02.000000000 -0400
++++ libvirt-0.7.0.new/qemud/qemud.h	2009-08-13 08:37:22.425909852 -0400
+@@ -34,7 +34,7 @@
+ #include <sasl/sasl.h>
+ #endif
+ 
+-#ifdef HAVE_POLKIT
++#if HAVE_POLKIT0
+ #include <dbus/dbus.h>
+ #endif
+ 
+@@ -253,7 +253,7 @@ struct qemud_server {
+ #if HAVE_SASL
+     char **saslUsernameWhitelist;
+ #endif
+-#if HAVE_POLKIT
++#if HAVE_POLKIT0
+     DBusConnection *sysbus;
+ #endif
+ };
+diff -rupN libvirt-0.7.0/qemud/remote.c libvirt-0.7.0.new/qemud/remote.c
+--- libvirt-0.7.0/qemud/remote.c	2009-07-23 12:33:02.000000000 -0400
++++ libvirt-0.7.0.new/qemud/remote.c	2009-08-13 08:37:22.431865087 -0400
+@@ -43,7 +43,7 @@
+ #include <fnmatch.h>
+ #include "virterror_internal.h"
+ 
+-#ifdef HAVE_POLKIT
++#if HAVE_POLKIT0
+ #include <polkit/polkit.h>
+ #include <polkit-dbus/polkit-dbus.h>
+ #endif
+@@ -3106,7 +3106,80 @@ remoteDispatchAuthSaslStep (struct qemud
+ #endif /* HAVE_SASL */
+ 
+ 
+-#if HAVE_POLKIT
++#if HAVE_POLKIT1
++static int
++remoteDispatchAuthPolkit (struct qemud_server *server,
++                          struct qemud_client *client,
++                          virConnectPtr conn ATTRIBUTE_UNUSED,
++                          remote_error *rerr,
++                          void *args ATTRIBUTE_UNUSED,
++                          remote_auth_polkit_ret *ret)
++{
++    pid_t callerPid;
++    uid_t callerUid;
++    const char *action;
++    int status = -1;
++    char pidbuf[50];
++    int rv;
++
++    virMutexLock(&server->lock);
++    virMutexLock(&client->lock);
++    virMutexUnlock(&server->lock);
++
++    action = client->readonly ?
++        "org.libvirt.unix.monitor" :
++        "org.libvirt.unix.manage";
++
++    const char * const pkcheck [] = {
++      PKCHECK_PATH,
++      "--action-id", action,
++      "--process", pidbuf,
++      "--allow-user-interaction",
++      NULL
++    };
++
++    REMOTE_DEBUG("Start PolicyKit auth %d", client->fd);
++    if (client->auth != REMOTE_AUTH_POLKIT) {
++        VIR_ERROR0(_("client tried invalid PolicyKit init request"));
++        goto authfail;
++    }
++
++    if (qemudGetSocketIdentity(client->fd, &callerUid, &callerPid) < 0) {
++        VIR_ERROR0(_("cannot get peer socket identity"));
++        goto authfail;
++    }
++
++    VIR_INFO(_("Checking PID %d running as %d"), callerPid, callerUid);
++
++    rv = snprintf(pidbuf, sizeof pidbuf, "%d", callerPid);
++    if (rv < 0 || rv >= sizeof pidbuf) {
++        VIR_ERROR(_("Caller PID was too large %d"), callerPid);
++	goto authfail;
++    }
++
++    if (virRun(NULL, pkcheck, &status) < 0) {
++        VIR_ERROR(_("Cannot invoke %s"), PKCHECK_PATH);
++	goto authfail;
++    }
++    if (status != 0) {
++        VIR_ERROR(_("Policy kit denied action %s from pid %d, uid %d, result: %d\n"),
++                  action, callerPid, callerUid, status);
++        goto authfail;
++    }
++    VIR_INFO(_("Policy allowed action %s from pid %d, uid %d"),
++             action, callerPid, callerUid);
++    ret->complete = 1;
++    client->auth = REMOTE_AUTH_NONE;
++
++    virMutexUnlock(&client->lock);
++    return 0;
++
++authfail:
++    remoteDispatchAuthError(rerr);
++    virMutexUnlock(&client->lock);
++    return -1;
++}
++#elif HAVE_POLKIT0
+ static int
+ remoteDispatchAuthPolkit (struct qemud_server *server,
+                           struct qemud_client *client,
+@@ -3217,7 +3290,7 @@ authfail:
+     return -1;
+ }
+ 
+-#else /* HAVE_POLKIT */
++#else /* !HAVE_POLKIT0 & !HAVE_POLKIT1*/
+ 
+ static int
+ remoteDispatchAuthPolkit (struct qemud_server *server ATTRIBUTE_UNUSED,
+@@ -3231,7 +3304,7 @@ remoteDispatchAuthPolkit (struct qemud_s
+     remoteDispatchAuthError(rerr);
+     return -1;
+ }
+-#endif /* HAVE_POLKIT */
++#endif /* HAVE_POLKIT1 */
+ 
+ 
+ /***************************************************************
+diff -rupN libvirt-0.7.0/src/remote_internal.c libvirt-0.7.0.new/src/remote_internal.c
+--- libvirt-0.7.0/src/remote_internal.c	2009-07-29 10:42:15.000000000 -0400
++++ libvirt-0.7.0.new/src/remote_internal.c	2009-08-13 10:55:57.607899170 -0400
+@@ -6201,6 +6201,7 @@ remoteAuthPolkit (virConnectPtr conn, st
+                   virConnectAuthPtr auth)
+ {
+     remote_auth_polkit_ret ret;
++#if HAVE_POLKIT0
+     int i, allowcb = 0;
+     virConnectCredential cred = {
+         VIR_CRED_EXTERNAL,
+@@ -6210,8 +6211,10 @@ remoteAuthPolkit (virConnectPtr conn, st
+         NULL,
+         0,
+     };
++#endif
+     DEBUG0("Client initialize PolicyKit authentication");
+ 
++#if HAVE_POLKIT0
+     if (auth && auth->cb) {
+         /* Check if the necessary credential type for PolicyKit is supported */
+         for (i = 0 ; i < auth->ncredtype ; i++) {
+@@ -6220,6 +6223,7 @@ remoteAuthPolkit (virConnectPtr conn, st
+         }
+ 
+         if (allowcb) {
++            DEBUG0("Client run callback for PolicyKit authentication");
+             /* Run the authentication callback */
+             if ((*(auth->cb))(&cred, 1, auth->cbdata) < 0) {
+                 virRaiseError (in_open ? NULL : conn, NULL, NULL, VIR_FROM_REMOTE,
+@@ -6233,6 +6237,9 @@ remoteAuthPolkit (virConnectPtr conn, st
+     } else {
+         DEBUG0("No auth callback provided");
+     }
++#else
++    DEBUG0("No auth callback required for PolicyKit-1");
++#endif
+ 
+     memset (&ret, 0, sizeof ret);
+     if (call (conn, priv, in_open, REMOTE_PROC_AUTH_POLKIT,

libvirt.spec

@@ -8,10 +8,10 @@
 %define with_vbox          0%{!?_without_vbox:1}
 %define with_sasl          0%{!?_without_sasl:1}
 %define with_avahi         0%{!?_without_avahi:1}
-%define with_polkit        0%{!?_without_polkit:1}
 %define with_python        0%{!?_without_python:1}
 %define with_libvirtd      0%{!?_without_libvirtd:1}
 %define with_uml           0%{!?_without_uml:1}
+%define with_one           0%{!?_without_one:1}
 %define with_network       0%{!?_without_network:1}
 %define with_storage_fs    0%{!?_without_storage_fs:1}
 %define with_storage_lvm   0%{!?_without_storage_lvm:1}
@@ -19,6 +19,13 @@
 %define with_storage_disk  0%{!?_without_storage_disk:1}
 %define with_numactl       0%{!?_without_numactl:1}
 
+# default to off - selectively enabled below
+%define with_polkit        0%{!?_without_polkit:0}
+%define with_capng         0%{!?_without_capng:0}
+%define with_netcf         0%{!?_without_netcf:0}
+
+# default to off
+%define with_phyp          0%{!?_without_phyp:0}
 
 # Xen is available only on i386 x86_64 ia64
 %ifnarch i386 i586 i686 x86_64 ia64
@@ -40,80 +47,86 @@
 %define with_xen_proxy 0
 %endif
 
+%if 0%{?fedora} >= 12
+%define with_capng     0%{!?_without_capng:1}
+%endif
+
+%if 0%{?fedora} >= 12
+%define with_netcf     0%{!?_without_netcf:1}
+%endif
+
+%if 0%{?fedora} >= 12
+%define qemu_user  qemu
+%define qemu_group  qemu
+%else
+%define qemu_user  root
+%define qemu_group  root
+%endif
+
 #
 # If building on RHEL switch on the specific support
-# for the specific Xen version
 #
 %if 0%{?fedora}
-%define with_rhel5 0
+%define with_rhel5  0
 %else
-%define with_rhel5 1
+%define with_rhel5  1
 %define with_polkit 0
+%define with_one    0
 %endif
 
 
 Summary: Library providing a simple API virtualization
 Name: libvirt
-Version: 0.6.3
-Release: 10%{?dist}%{?extra_release}
+Version: 0.7.0
+Release: 4%{?dist}%{?extra_release}
 License: LGPLv2+
 Group: Development/Libraries
 Source: libvirt-%{version}.tar.gz
 
-# Patches cherry-picked from upstream
+# Make sure qemu can access kernel/initrd (bug #516034)
+Patch01: libvirt-0.7.0-chown-kernel-initrd-before-spawning-qemu.patch
 
-# Handle shared/readonly image labelling (bz 493692)
-Patch1: libvirt-0.6.3-shared-readonly-label.patch
-# Handle <hostdev managed='yes'> correctly (bz 499386)
-Patch2: libvirt-0.6.3-hostdev-managed.patch
-# Refresh qemu caps when getCapabilities is called (bz 460649)
-Patch3: libvirt-0.6.3-refresh-qemu-caps.patch
-# Enable migration with qemu 0.10 Enable (bz 499704)
-Patch4: libvirt-0.6.3-enable-qemu-0-10-migration.patch
-# Don't try to label a disk with no path (e.g. empty cdrom) (bz 499569)
-Patch5: libvirt-0.6.2-fix-nosource-label.patch
-# Fix qemu argv detection with latest qemu (bz 501923)
-Patch6: libvirt-0.6.3-fix-qemu-argv-detection-with-kvm-85.patch
-# Fix XML attribute escaping (bz 499791)
-Patch7: libvirt-0.6.3-xml-attribute-escaping.patch
-# Fix serious event handling issues causing guests to be destroyed (bz 499698)
-Patch8: libvirt-0.6.3-event-handling-1.patch
-Patch9: libvirt-0.6.3-event-handling-2.patch
+# Don't fail to start network if ipv6 modules is not loaded (bug #516497)
+Patch02: libvirt-0.7.0-handle-kernels-with-no-ipv6-support.patch
 
-# Patches not for upstream.
+# Policykit rewrite (bug #499970)
+# NB remove autoreconf hack & extra BRs when this goes away
+Patch03: libvirt-0.7.0-policy-kit-rewrite.patch
+
+# Log and ignore NUMA topology problems (rhbz #506590)
+Patch04: libvirt-0.7.0-numa-ignore-fail.patch
 
 # Temporary hack till PulseAudio autostart problems are sorted
 # out when SELinux enforcing (bz 486112)
-Patch200: libvirt-0.6.3-svirt-sound.patch
+Patch200: libvirt-0.6.4-svirt-sound.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
 URL: http://libvirt.org/
-BuildRequires: python python-devel
-Requires: readline
-Requires: ncurses
+BuildRequires: python-devel
+
+# The client side, i.e. shared libs and virsh are in a subpackage
+Requires: libvirt-client = %{version}-%{release}
+
 Requires: dnsmasq
 Requires: bridge-utils
 Requires: iptables
 # needed for device enumeration
 Requires: hal
-# So remote clients can access libvirt over SSH tunnel
-# (client invokes 'nc' against the UNIX socket on the server)
-Requires: nc
-%if %{with_sasl}
-Requires: cyrus-sasl
-# Not technically required, but makes 'out-of-box' config
-# work correctly & doesn't have onerous dependencies
-Requires: cyrus-sasl-md5
-%endif
 %if %{with_polkit}
+%if 0%{?fedora} >= 12
+Requires: polkit >= 0.93
+%else
 Requires: PolicyKit >= 0.6
 %endif
+%endif
 %if %{with_storage_fs}
 # For mount/umount in FS driver
 BuildRequires: util-linux
 # For showmount in FS driver (netfs discovery)
 BuildRequires: nfs-utils
 Requires: nfs-utils
+# For glusterfs
+Requires: glusterfs-client >= 2.0.1
 %endif
 %if %{with_qemu}
 # From QEMU RPMs
@@ -136,11 +149,12 @@ Requires: iscsi-initiator-utils
 # For disk driver
 Requires: parted
 %endif
-# For svirt support
-Requires: libselinux
 %if %{with_xen}
 BuildRequires: xen-devel
 %endif
+%if %{with_one}
+BuildRequires: xmlrpc-c-devel >= 1.14.0
+%endif
 BuildRequires: libxml2-devel
 BuildRequires: xhtml1-dtds
 BuildRequires: readline-devel
@@ -154,15 +168,17 @@ BuildRequires: avahi-devel
 BuildRequires: libselinux-devel
 BuildRequires: dnsmasq
 BuildRequires: bridge-utils
-%if %{with_qemu}
-BuildRequires: qemu
-%endif
 %if %{with_sasl}
 BuildRequires: cyrus-sasl-devel
 %endif
 %if %{with_polkit}
+%if 0%{?fedora} >= 12
+# Only need the binary, not -devel
+BuildRequires: polkit >= 0.93
+%else
 BuildRequires: PolicyKit-devel >= 0.6
 %endif
+%endif
 %if %{with_storage_fs}
 # For mount/umount in FS driver
 BuildRequires: util-linux
@@ -192,15 +208,45 @@ BuildRequires: parted-devel
 # For QEMU/LXC numa info
 BuildRequires: numactl-devel
 %endif
-Obsoletes: libvir <= 0.2
-Provides: libvir = %{version}-%{release}
+%if %{with_capng}
+BuildRequires: libcap-ng-devel >= 0.5.0
+%endif
+%if %{with_phyp}
+BuildRequires: libssh-devel >= 0.3.1
+%endif
+%if %{with_netcf}
+BuildRequires: netcf-devel
+%endif
 
 # Fedora build root suckage
 BuildRequires: gawk
 
+# Temp hack for patch 3
+BuildRequires: libtool autoconf automake gettext cvs
+
 %description
 Libvirt is a C toolkit to interact with the virtualization capabilities
-of recent versions of Linux (and other OSes).
+of recent versions of Linux (and other OSes). The main package includes
+the libvirtd server exporting the virtualization support.
+
+%package client
+Summary: Client side library and utilities of the libvirt library
+Group: Development/Libraries
+Requires: readline
+Requires: ncurses
+# So remote clients can access libvirt over SSH tunnel
+# (client invokes 'nc' against the UNIX socket on the server)
+Requires: nc
+%if %{with_sasl}
+Requires: cyrus-sasl
+# Not technically required, but makes 'out-of-box' config
+# work correctly & doesn't have onerous dependencies
+Requires: cyrus-sasl-md5
+%endif
+
+%description client
+Shared libraries and client binaries needed to access to the
+virtualization capabilities of recent versions of Linux (and other OSes).
 
 %package devel
 Summary: Libraries, includes, etc. to compile with the libvirt library
@@ -210,8 +256,6 @@ Requires: pkgconfig
 %if %{with_xen}
 Requires: xen-devel
 %endif
-Obsoletes: libvir-devel <= 0.2
-Provides: libvir-devel = %{version}-%{release}
 
 %description devel
 Includes and documentations for the C library providing an API to use
@@ -222,8 +266,6 @@ the virtualization capabilities of recent versions of Linux (and other OSes).
 Summary: Python bindings for the libvirt library
 Group: Development/Libraries
 Requires: libvirt = %{version}-%{release}
-Obsoletes: libvir-python <= 0.2
-Provides: libvir-python = %{version}-%{release}
 
 %description python
 The libvirt-python package contains a module that permits applications
@@ -234,21 +276,14 @@ of recent versions of Linux (and other OSes).
 
 %prep
 %setup -q
-%patch1 -p1
-%patch2 -p1
-%patch3 -p1
-%patch4 -p1
-%patch5 -p1
-%patch6 -p1
-%patch7 -p1
-%patch8 -p1
-%patch9 -p1
+
+%patch01 -p1
+%patch02 -p1
+%patch03 -p1
+%patch04 -p1
 
 %patch200 -p0
 
-mv NEWS NEWS.old
-iconv -f ISO-8859-1 -t UTF-8 < NEWS.old > NEWS
-
 %build
 %if ! %{with_xen}
 %define _without_xen --without-xen
@@ -278,6 +313,10 @@ iconv -f ISO-8859-1 -t UTF-8 < NEWS.old > NEWS
 %define _without_avahi --without-avahi
 %endif
 
+%if ! %{with_phyp}
+%define _without_phyp --without-phyp
+%endif
+
 %if ! %{with_polkit}
 %define _without_polkit --without-polkit
 %endif
@@ -294,6 +333,10 @@ iconv -f ISO-8859-1 -t UTF-8 < NEWS.old > NEWS
 %define _without_uml --without-uml
 %endif
 
+%if ! %{with_one}
+%define _without_one --without-one
+%endif
+
 %if %{with_rhel5}
 %define _with_rhel5_api --with-rhel5-api
 %endif
@@ -322,6 +365,17 @@ iconv -f ISO-8859-1 -t UTF-8 < NEWS.old > NEWS
 %define _without_numactl --without-numactl
 %endif
 
+%if ! %{with_capng}
+%define _without_capng --without-capng
+%endif
+
+%if ! %{with_netcf}
+%define _without_netcf --without-netcf
+%endif
+
+# Temp hack for patch 3
+autoreconf -if
+
 %configure %{?_without_xen} \
            %{?_without_qemu} \
            %{?_without_openvz} \
@@ -333,6 +387,8 @@ iconv -f ISO-8859-1 -t UTF-8 < NEWS.old > NEWS
            %{?_without_python} \
            %{?_without_libvirtd} \
            %{?_without_uml} \
+           %{?_without_one} \
+           %{?_without_phyp} \
            %{?_without_network} \
            %{?_with_rhel5_api} \
            %{?_without_storage_fs} \
@@ -340,31 +396,27 @@ iconv -f ISO-8859-1 -t UTF-8 < NEWS.old > NEWS
            %{?_without_storage_iscsi} \
            %{?_without_storage_disk} \
            %{?_without_numactl} \
+           %{?_without_capng} \
+           %{?_without_netcf} \
+           --with-qemu-user=%{qemu_user} \
+           --with-qemu-group=%{qemu_group} \
            --with-init-script=redhat \
-           --with-qemud-pid-file=%{_localstatedir}/run/libvirt_qemud.pid \
-           --with-remote-file=%{_localstatedir}/run/libvirtd.pid
+           --with-remote-pid-file=%{_localstatedir}/run/libvirtd.pid
 make %{?_smp_mflags}
+gzip -9 ChangeLog
 
 %install
-rm -rf %{buildroot}
+rm -fr %{buildroot}
 
 %makeinstall
 (cd docs/examples ; make clean ; rm -rf .deps Makefile Makefile.in)
 (cd docs/examples/python ; rm -rf .deps Makefile Makefile.in)
 (cd examples/hellolibvirt ; make clean ; rm -rf .deps .libs Makefile Makefile.in)
 (cd examples/domain-events/events-c ;  make clean ;rm -rf .deps .libs Makefile Makefile.in)
-
 rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
 rm -f $RPM_BUILD_ROOT%{_libdir}/*.a
 rm -f $RPM_BUILD_ROOT%{_libdir}/python*/site-packages/*.la
 rm -f $RPM_BUILD_ROOT%{_libdir}/python*/site-packages/*.a
-install -d -m 0755 $RPM_BUILD_ROOT%{_localstatedir}/run/libvirt/
-# Default dir for disk images defined in SELinux policy
-install -d -m 0755 $RPM_BUILD_ROOT%{_localstatedir}/lib/libvirt/images/
-# Default dir for kernel+initrd images defined in SELinux policy
-install -d -m 0755 $RPM_BUILD_ROOT%{_localstatedir}/lib/libvirt/boot/
-# used for virDomainMemoryPeek
-install -d -m 0700 $RPM_BUILD_ROOT%{_localstatedir}/cache/libvirt/
 
 %if %{with_qemu}
 # We don't want to install /etc/libvirt/qemu/networks in the main %files list
@@ -400,8 +452,19 @@ chmod 0644 $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/libvirtd
 %clean
 rm -fr %{buildroot}
 
+%pre
+%if 0%{?fedora} >= 12
+# Normally 'setup' adds this in /etc/passwd, but this is
+# here for case of upgrades from earlier Fedora. This
+# UID/GID pair is reserved for qemu:qemu
+getent group kvm >/dev/null || groupadd -g 36 -r kvm
+getent group qemu >/dev/null || groupadd -g 107 -r qemu
+getent passwd qemu >/dev/null || \
+  useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \
+    -c "qemu user" qemu
+%endif
+
 %post
-/sbin/ldconfig
 
 %if %{with_libvirtd}
 %if %{with_qemu}
@@ -430,17 +493,14 @@ if [ $1 = 0 ]; then
 fi
 %endif
 
-%postun -p /sbin/ldconfig
+%post client -p /sbin/ldconfig
 
-%files -f %{name}.lang
+%postun client -p /sbin/ldconfig
+
+%files
 %defattr(-, root, root)
 
-%doc AUTHORS ChangeLog NEWS README COPYING.LIB TODO
-%{_mandir}/man1/virsh.1*
-%{_mandir}/man1/virt-xml-validate.1*
-%{_bindir}/virsh
-%{_bindir}/virt-xml-validate
-%{_libdir}/lib*.so.*
+%doc AUTHORS ChangeLog.gz NEWS README COPYING.LIB TODO
 %dir %attr(0700, root, root) %{_sysconfdir}/libvirt/
 
 %if %{with_qemu}
@@ -460,36 +520,23 @@ fi
 %config(noreplace) %{_sysconfdir}/libvirt/qemu.conf
 %endif
 
-%if %{with_sasl}
-%config(noreplace) %{_sysconfdir}/sasl2/libvirt.conf
-%endif
-
 %if %{with_qemu}
 %dir %{_datadir}/libvirt/
 %dir %{_datadir}/libvirt/networks/
 %{_datadir}/libvirt/networks/default.xml
 %endif
 
-%dir %{_datadir}/libvirt/
-%dir %{_datadir}/libvirt/schemas/
-
-%{_datadir}/libvirt/schemas/domain.rng
-%{_datadir}/libvirt/schemas/network.rng
-%{_datadir}/libvirt/schemas/storagepool.rng
-%{_datadir}/libvirt/schemas/storagevol.rng
-%{_datadir}/libvirt/schemas/nodedev.rng
-%{_datadir}/libvirt/schemas/capability.rng
-
 %dir %{_localstatedir}/run/libvirt/
 
 %dir %{_localstatedir}/lib/libvirt/
-%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/images/
-%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/boot/
+%dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/images/
+%dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/boot/
 %dir %attr(0700, root, root) %{_localstatedir}/cache/libvirt/
 
 %if %{with_qemu}
-%dir %{_localstatedir}/run/libvirt/qemu/
-%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/qemu/
+%dir %attr(0700, %{qemu_user}, %{qemu_group}) %{_localstatedir}/run/libvirt/qemu/
+%dir %attr(0700, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/
+%dir %attr(0700, %{qemu_user}, %{qemu_group}) %{_localstatedir}/cache/libvirt/qemu/
 %endif
 %if %{with_lxc}
 %dir %{_localstatedir}/run/libvirt/lxc/
@@ -518,8 +565,12 @@ fi
 %endif
 
 %if %{with_polkit}
+%if 0%{?fedora} >= 12
+%{_datadir}/polkit-1/actions/org.libvirt.unix.policy
+%else
 %{_datadir}/PolicyKit/policy/org.libvirt.unix.policy
 %endif
+%endif
 
 %dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/
 %if %{with_qemu}
@@ -541,6 +592,31 @@ fi
 
 %doc docs/*.xml
 
+%files client -f %{name}.lang
+%defattr(-, root, root)
+%doc AUTHORS ChangeLog.gz NEWS README COPYING.LIB TODO
+
+%{_mandir}/man1/virsh.1*
+%{_mandir}/man1/virt-xml-validate.1*
+%{_bindir}/virsh
+%{_bindir}/virt-xml-validate
+%{_libdir}/lib*.so.*
+
+%dir %{_datadir}/libvirt/
+%dir %{_datadir}/libvirt/schemas/
+
+%{_datadir}/libvirt/schemas/domain.rng
+%{_datadir}/libvirt/schemas/network.rng
+%{_datadir}/libvirt/schemas/storagepool.rng
+%{_datadir}/libvirt/schemas/storagevol.rng
+%{_datadir}/libvirt/schemas/nodedev.rng
+%{_datadir}/libvirt/schemas/capability.rng
+%{_datadir}/libvirt/schemas/interface.rng
+
+%if %{with_sasl}
+%config(noreplace) %{_sysconfdir}/sasl2/libvirt.conf
+%endif
+
 %files devel
 %defattr(-, root, root)
 
@@ -548,7 +624,7 @@ fi
 %dir %{_includedir}/libvirt
 %{_includedir}/libvirt/*.h
 %{_libdir}/pkgconfig/libvirt.pc
-%dir %{_datadir}/gtk-doc/html/libvirt
+%dir %{_datadir}/gtk-doc/html/libvirt/
 %doc %{_datadir}/gtk-doc/html/libvirt/*.devhelp
 %doc %{_datadir}/gtk-doc/html/libvirt/*.html
 %doc %{_datadir}/gtk-doc/html/libvirt/*.png
@@ -573,6 +649,98 @@ fi
 %endif
 
 %changelog
+* Thu Aug 13 2009 Daniel P. Berrange <berrange@redhat.com> - 0.7.0-4
+- Rewrite policykit support (rhbz #499970)
+- Log and ignore NUMA topology problems (rhbz #506590)
+
+* Mon Aug 10 2009 Mark McLoughlin <markmc@redhat.com> - 0.7.0-3
+- Don't fail to start network if ipv6 modules is not loaded (#516497)
+
+* Thu Aug  6 2009 Mark McLoughlin <markmc@redhat.com> - 0.7.0-2
+- Make sure qemu can access kernel/initrd (bug #516034)
+- Set perms on /var/lib/libvirt/boot to 0711 (bug #516034)
+
+* Wed Aug  5 2009 Daniel Veillard <veillard@redhat.com> - 0.7.0-1
+- Upstream release of 0.7.0
+- ESX, VBox3, Power Hypervisor drivers
+- new net filesystem glusterfs
+- Storage cloning for LVM and Disk backends
+- interface implementation based on netcf
+- Support cgroups in QEMU driver
+- QEmu hotplug NIC support
+- a lot of fixes
+
+* Fri Jul 31 2009 Mark McLoughlin <markmc@redhat.com> - 0.7.0-0.9.gite195b43
+- Set perms on /var/lib/libvirt/images to 0711
+
+* Thu Jul 30 2009 Mark McLoughlin <markmc@redhat.com> - 0.7.0-0.8.gite195b43
+- Add patch from upstream to fix qemu pidfile perms problem
+
+* Thu Jul 30 2009 Daniel P. Berrange <berrange@redhat.com> - 0.7.0-0.7.gite195b43
+- Create qemu/kvm user & group to fix upgrades
+
+* Wed Jul 29 2009 Daniel Veillard <veillard@redhat.com> - 0.7.0-0.6.gite195b43
+- another prerelease with qemu, uml and remote patches
+- drop the news patch as it's now UTF8 upstream
+
+* Wed Jul 29 2009 Mark McLoughlin <markmc@redhat.com> - 0.7.0-0.5.gitf055724
+- Move ldconfig call to libvirt-client %post/%postun
+- Fix rpmlint warning about libvirt-client summary
+- Fix disabling polkit and netcf on older fedoras
+
+* Wed Jul 29 2009 Mark McLoughlin <markmc@redhat.com> - 0.7.0-0.4.gitf055724
+- Drop explicit libselinux requires, it is autorequired
+- Drop cleanup of python/tests, apparently not needed
+- Cherry-pick upstream patch to convert NEWS to UTF-8, drop iconv
+- Drop python BR; python-devel requires it
+
+* Tue Jul 28 2009 Mark McLoughlin <markmc@redhat.com> - 0.7.0-0.3.gitf055724
+- Enable netcf support
+- Pass --with-qemu-user=qemu etc. to configure
+- Move various requires to the libvirt-client sub-package
+- Sync some trivial cleanups from upstream spec file
+- Remove explicit libxml2 requires, again
+- Build with --without-capng if capng support is disabled
+- Remove explicit dir creating in makeinstall, replaced by attr in files
+- Set perms on /var/{run,lib,cache}/libvirt/qemu
+
+* Tue Jul 28 2009 Mark McLoughlin <markmc@redhat.com> - 0.7.0-0.2.gitf055724
+- Drop glusterfs dep to 2.0.1 (bug #514191)
+
+* Mon Jul 27 2009 Daniel Veillard <veillard@redhat.com> - 0.7.0-0.1.gitf055724
+- prerelease of 0.7.0
+
+* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6.5-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Fri Jul 10 2009 Richard W.M. Jones <rjones@redhat.com> - 0.6.5-2.fc12
+- Bump release number to rebuild against new libparted.
+
+* Fri Jul  3 2009 Daniel Veillard <veillard@redhat.com> - 0.6.5-1.fc12
+- Upstream release of 0.6.5
+- OpenNebula driver
+- many bug fixes
+
+* Fri Jul  3 2009 Mark McLoughlin <markmc@redhat.com> - 0.6.4-4.fc12
+- Fix libvirtd crash with bad capabilities data (bug #505635)
+
+* Fri Jul  3 2009 Mark McLoughlin <markmc@redhat.com> - 0.6.4-3.fc12
+- Handle shared/readonly image labelling (bug #493692)
+- Don't unnecessarily try to change a file context (bug #507555)
+- Don't try to label a disk with no path (e.g. empty cdrom) (bug #499569)
+
+* Fri Jun  5 2009 Mark McLoughlin <markmc@redhat.com> - 0.6.4-2.fc12
+- Remove the qemu BuildRequires
+
+* Fri May 29 2009 Daniel Veillard <veillard@redhat.com> - 0.6.4-1.fc12
+- Upstream release of 0.6.4
+- new APIs
+- fixes for latests QEmu/KVM versions
+- various assorted fixes
+
+* Mon May 25 2009 Mark McLoughlin <markmc@redhat.com> - 0.6.3-11.fc12
+- Bring up the bridge, even if it doesn't have an IP address (bug #501912)
+
 * Thu May 21 2009 Mark McLoughlin <markmc@redhat.com> - 0.6.3-10.fc12
 - Fix XML attribute escaping (bug #499791)
 - Fix serious event handling issues causing guests to be destroyed (bug #499698)

sources

@@ -1 +1 @@
-dd618bf0943a0be853ccc08308c7f427  libvirt-0.6.3.tar.gz
+8c2c14a7695c9c661004bcfc6468d62d  libvirt-0.7.0.tar.gz