diff --git a/libvirt.spec.in b/libvirt.spec.in index d54f58f1d4..b13b863928 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1342,6 +1342,8 @@ exit 0 %systemd_post virtlockd.socket virtlockd-admin.socket %systemd_post virtlogd.socket virtlogd-admin.socket +%systemd_post libvirtd.socket libvirtd-ro.socket libvirtd-admin.socket +%systemd_post libvirtd-tcp.socket libvirtd-tls.socket %systemd_post libvirtd.service # request daemon restart in posttrans @@ -1350,6 +1352,8 @@ touch %{_localstatedir}/lib/rpm-state/libvirt/restart || : %preun daemon %systemd_preun libvirtd.service +%systemd_preun libvirtd-tcp.socket libvirtd-tls.socket +%systemd_preun libvirtd.socket libvirtd-ro.socket libvirtd-admin.socket %systemd_preun virtlogd.socket virtlogd-admin.socket virtlogd.service %systemd_preun virtlockd.socket virtlockd-admin.socket virtlockd.service @@ -1374,7 +1378,20 @@ fi %posttrans daemon if [ -f %{_localstatedir}/lib/rpm-state/libvirt/restart ]; then - /bin/systemctl try-restart libvirtd.service >/dev/null 2>&1 || : + # Old libvirtd owns the sockets and will delete them on + # shutdown. Can't use a try-restart as libvirtd will simply + # own the sockets again when it comes back up. Thus we must + # do this particular ordering + /bin/systemctl is-active libvirtd.service 1>/dev/null 2>&1 + if test $? = 0 ; then + /bin/systemctl stop libvirtd.service >/dev/null 2>&1 || : + + /bin/systemctl try-restart libvirtd.socket >/dev/null 2>&1 || : + /bin/systemctl try-restart libvirtd-ro.socket >/dev/null 2>&1 || : + /bin/systemctl try-restart libvirtd-admin.socket >/dev/null 2>&1 || : + + /bin/systemctl start libvirtd.service >/dev/null 2>&1 || : + fi fi rm -rf %{_localstatedir}/lib/rpm-state/libvirt || : @@ -1505,6 +1522,11 @@ exit 0 %dir %attr(0700, root, root) %{_sysconfdir}/libvirt/ %{_unitdir}/libvirtd.service +%{_unitdir}/libvirtd.socket +%{_unitdir}/libvirtd-ro.socket +%{_unitdir}/libvirtd-admin.socket +%{_unitdir}/libvirtd-tcp.socket +%{_unitdir}/libvirtd-tls.socket %{_unitdir}/virt-guest-shutdown.target %{_unitdir}/virtlogd.service %{_unitdir}/virtlogd.socket diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am index 851ab903fd..0cf00cb902 100644 --- a/src/remote/Makefile.inc.am +++ b/src/remote/Makefile.inc.am @@ -51,6 +51,11 @@ MANINFILES += libvirtd.8.in SYSTEMD_UNIT_FILES_IN += \ remote/libvirtd.service.in \ + remote/libvirtd.socket.in \ + remote/libvirtd-ro.socket.in \ + remote/libvirtd-admin.socket.in \ + remote/libvirtd-tcp.socket.in \ + remote/libvirtd-tls.socket.in \ remote/virt-guest-shutdown.target.in \ $(NULL) @@ -267,6 +272,36 @@ libvirtd.service: remote/libvirtd.service.in $(top_builddir)/config.status < $< > $@-t && \ mv $@-t $@ +libvirtd.socket: remote/libvirtd.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed \ + -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + < $< > $@-t && \ + mv $@-t $@ + +libvirtd-ro.socket: remote/libvirtd-ro.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed \ + -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + < $< > $@-t && \ + mv $@-t $@ + +libvirtd-admin.socket: remote/libvirtd-admin.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed \ + -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + < $< > $@-t && \ + mv $@-t $@ + +libvirtd-tcp.socket: remote/libvirtd-tcp.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed \ + -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + < $< > $@-t && \ + mv $@-t $@ + +libvirtd-tls.socket: remote/libvirtd-tls.socket.in $(top_builddir)/config.status + $(AM_V_GEN)sed \ + -e 's|[@]localstatedir[@]|$(localstatedir)|g' \ + < $< > $@-t && \ + mv $@-t $@ + virt-guest-shutdown.target: remote/virt-guest-shutdown.target.in \ $(top_builddir)/config.status $(AM_V_GEN)cp $< $@ diff --git a/src/remote/libvirtd-admin.socket.in b/src/remote/libvirtd-admin.socket.in new file mode 100644 index 0000000000..b791a2eb1b --- /dev/null +++ b/src/remote/libvirtd-admin.socket.in @@ -0,0 +1,13 @@ +[Unit] +Description=Libvirt admin socket +Before=libvirtd.service +BindsTo=libvirtd.socket +After=libvirtd.socket + +[Socket] +ListenStream=@localstatedir@/run/libvirt/libvirt-admin-sock +Service=libvirtd.service +SocketMode=0600 + +[Install] +WantedBy=sockets.target diff --git a/src/remote/libvirtd-ro.socket.in b/src/remote/libvirtd-ro.socket.in new file mode 100644 index 0000000000..55c44944b4 --- /dev/null +++ b/src/remote/libvirtd-ro.socket.in @@ -0,0 +1,13 @@ +[Unit] +Description=Libvirt local read-only socket +Before=libvirtd.service +BindsTo=libvirtd.socket +After=libvirtd.socket + +[Socket] +ListenStream=@localstatedir@/run/libvirt/libvirt-sock-ro +Service=libvirtd.service +SocketMode=0666 + +[Install] +WantedBy=sockets.target diff --git a/src/remote/libvirtd-tcp.socket.in b/src/remote/libvirtd-tcp.socket.in new file mode 100644 index 0000000000..09d5d3d67a --- /dev/null +++ b/src/remote/libvirtd-tcp.socket.in @@ -0,0 +1,12 @@ +[Unit] +Description=Libvirt non-TLS IP socket +Before=libvirtd.service +BindsTo=libvirtd.socket +After=libvirtd.socket + +[Socket] +ListenStream=16509 +Service=libvirtd.service + +[Install] +WantedBy=sockets.target diff --git a/src/remote/libvirtd-tls.socket.in b/src/remote/libvirtd-tls.socket.in new file mode 100644 index 0000000000..c60f0c9c77 --- /dev/null +++ b/src/remote/libvirtd-tls.socket.in @@ -0,0 +1,12 @@ +[Unit] +Description=Libvirt TLS IP socket +Before=libvirtd.service +BindsTo=libvirtd.socket +After=libvirtd.socket + +[Socket] +ListenStream=16514 +Service=libvirtd.service + +[Install] +WantedBy=sockets.target diff --git a/src/remote/libvirtd.service.in b/src/remote/libvirtd.service.in index 7f689e08a8..047620f79b 100644 --- a/src/remote/libvirtd.service.in +++ b/src/remote/libvirtd.service.in @@ -1,12 +1,10 @@ -# NB we don't use socket activation. When libvirtd starts it will -# spawn any virtual machines registered for autostart. We want this -# to occur on every boot, regardless of whether any client connects -# to a socket. Thus socket activation doesn't have any benefit - [Unit] Description=Virtualization daemon Requires=virtlogd.socket Requires=virtlockd.socket +Requires=libvirtd.socket +Requires=libvirtd-ro.socket +Requires=libvirtd-admin.socket Wants=systemd-machined.service Before=libvirt-guests.service After=network.target @@ -42,3 +40,5 @@ TasksMax=32768 WantedBy=multi-user.target Also=virtlockd.socket Also=virtlogd.socket +Also=libvirtd.socket +Also=libvirtd-ro.socket diff --git a/src/remote/libvirtd.socket.in b/src/remote/libvirtd.socket.in new file mode 100644 index 0000000000..e194c6e76e --- /dev/null +++ b/src/remote/libvirtd.socket.in @@ -0,0 +1,11 @@ +[Unit] +Description=Libvirt local socket +Before=libvirtd.service + +[Socket] +ListenStream=@localstatedir@/run/libvirt/libvirt-sock +Service=libvirtd.service +SocketMode=0666 + +[Install] +WantedBy=sockets.target