remote: conditionalize IP socket config in augeas definitions

Prepare for reusing libvirtd augeas defintions with other daemons by making the config parameters for IP sockets conditionally defined by the make rules. Reviewed-by: Andrea Bolognani <abologna@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2024-07-01 15:42:39 +00:00 · 2019-06-21 17:19:11 +01:00 · 2019-06-21 17:19:11 +01:00 · 5f449aea19
commit 5f449aea19
parent 6d9e520db6
4 changed files with 46 additions and 14 deletions
--- a/.gitignore
+++ b/.gitignore
@ -158,6 +158,7 @@
 /src/remote/*_client_bodies.h
 /src/remote/*_protocol.[ch]
 /src/remote/*_stubs.h
+/src/remote/libvirtd.aug
 /src/remote/libvirtd.conf
 /src/remote/test_libvirtd.aug
 /src/rpc/virkeepaliveprotocol.[ch]
--- a/src/remote/Makefile.inc.am
+++ b/src/remote/Makefile.inc.am
@ -75,7 +75,7 @@ EXTRA_DIST += \
 	$(REMOTE_DRIVER_SOURCES) \
 	$(LIBVIRTD_SOURCES) \
 	remote/test_libvirtd.aug.in \
-	remote/libvirtd.aug \
+	remote/libvirtd.aug.in \
 	remote/libvirtd.conf.in \
 	remote/libvirtd.policy \
 	remote/libvirtd.rules \
@ -133,6 +133,8 @@ augeastest_DATA += remote/test_libvirtd.aug

 nodist_conf_DATA += remote/libvirtd.conf

+CLEANFILES += remote/libvirtd.aug
+
 man8_MANS += libvirtd.8

 libvirtd_SOURCES = $(LIBVIRTD_SOURCES)
@ -197,9 +199,24 @@ install-data-remote:
 uninstall-data-remote:
 	rmdir "$(DESTDIR)$(localstatedir)/log/libvirt" ||:

+remote/libvirtd.aug: remote/libvirtd.aug.in
+	$(AM_V_GEN)$(SED) \
+		-e '/[@]CUT_ENABLE_IP[@]/d' \
+		-e '/[@]END[@]/d' \
+		-e 's|[@]DAEMON_NAME[@]|libvirtd|' \
+		-e 's|[@]DAEMON_NAME_UC[@]|Libvirtd|' \
+		$< > $@
+
 remote/test_libvirtd.aug: remote/test_libvirtd.aug.in \
 		remote/libvirtd.conf $(AUG_GENTEST)
-	$(AM_V_GEN)$(AUG_GENTEST) remote/libvirtd.conf $< > $@
+	$(AM_V_GEN)$(AUG_GENTEST) remote/libvirtd.conf \
+		$(srcdir)/remote/test_libvirtd.aug.in | \
+		$(SED) \
+		-e '/[@]CUT_ENABLE_IP[@]/d' \
+		-e '/[@]END[@]/d' \
+		-e 's|[@]DAEMON_NAME[@]|libvirtd|' \
+		-e 's|[@]DAEMON_NAME_UC[@]|Libvirtd|' \
+		> $@ || rm -f $@

 if WITH_SYSCTL
 # Use $(prefix)/lib rather than $(libdir), since man sysctl.d insists on
--- a/src/remote/libvirtd.aug.in
+++ b/src/remote/libvirtd.aug.in
@ -1,6 +1,6 @@
-(* /etc/libvirt/libvirtd.conf *)
+(* /etc/libvirt/@DAEMON_NAME@.conf *)

-module Libvirtd =
+module @DAEMON_NAME_UC@ =
   autoload xfm

   let eol   = del /[ \t]*\n/ "\n"
@ -24,11 +24,13 @@ module Libvirtd =


   (* Config entry grouped by function - same order as example config *)
+@CUT_ENABLE_IP@
   let network_entry = bool_entry "listen_tls"
                     | bool_entry "listen_tcp"
                     | str_entry "tls_port"
                     | str_entry "tcp_port"
                     | str_entry "listen_addr"
+@END@

   let sock_acl_entry = str_entry "unix_sock_group"
                      | str_entry "unix_sock_ro_perms"
@ -38,6 +40,7 @@ module Libvirtd =

   let authentication_entry = str_entry "auth_unix_ro"
                            | str_entry "auth_unix_rw"
+@CUT_ENABLE_IP@
                            | str_entry "auth_tcp"
                            | str_entry "auth_tls"

@ -46,12 +49,14 @@ module Libvirtd =
                         | str_entry "ca_file"
                         | str_entry "crl_file"

-   let authorization_entry = bool_entry "tls_no_verify_certificate"
+   let tls_authorization_entry = bool_entry "tls_no_verify_certificate"
                           | bool_entry "tls_no_sanity_certificate"
                           | str_array_entry "tls_allowed_dn_list"
-                           | str_array_entry "sasl_allowed_username_list"
-                           | str_array_entry "access_drivers"
                           | str_entry "tls_priority"
+@END@
+
+   let misc_authorization_entry = str_array_entry "sasl_allowed_username_list"
+                           | str_array_entry "access_drivers"

   let processing_entry = int_entry "min_workers"
                        | int_entry "max_workers"
@ -87,11 +92,14 @@ module Libvirtd =
                  | int_entry "ovs_timeout"

   (* Each enty in the config is one of the following three ... *)
-   let entry = network_entry
-             | sock_acl_entry
+   let entry = sock_acl_entry
             | authentication_entry
+@CUT_ENABLE_IP@
+             | network_entry
             | certificate_entry
-             | authorization_entry
+             | tls_authorization_entry
+@END@
+             | misc_authorization_entry
             | processing_entry
             | admin_processing_entry
             | logging_entry
@ -106,7 +114,7 @@ module Libvirtd =

   let lns = ( record | comment | empty ) *

-   let filter = incl "/etc/libvirt/libvirtd.conf"
+   let filter = incl "/etc/libvirt/@DAEMON_NAME@.conf"
              . Util.stdexcl

   let xfm = transform lns filter
--- a/src/remote/test_libvirtd.aug.in
+++ b/src/remote/test_libvirtd.aug.in
@ -1,12 +1,14 @@
-module Test_libvirtd =
+module Test_@DAEMON_NAME@ =
   @CONFIG@

-   test Libvirtd.lns get conf =
+   test @DAEMON_NAME_UC@.lns get conf =
+@CUT_ENABLE_IP@
        { "listen_tls" = "0" }
        { "listen_tcp" = "1" }
        { "tls_port" = "16514" }
        { "tcp_port" = "16509" }
        { "listen_addr" = "192.168.0.1" }
+@END@
        { "unix_sock_group" = "libvirt" }
        { "unix_sock_ro_perms" = "0777" }
        { "unix_sock_rw_perms" = "0770" }
@ -14,11 +16,14 @@ module Test_libvirtd =
        { "unix_sock_dir" = "/var/run/libvirt" }
        { "auth_unix_ro" = "none" }
        { "auth_unix_rw" = "none" }
+@CUT_ENABLE_IP@
        { "auth_tcp" = "sasl" }
        { "auth_tls" = "none" }
+@END@
        { "access_drivers"
             { "1" = "polkit" }
        }
+@CUT_ENABLE_IP@
        { "key_file" = "/etc/pki/libvirt/private/serverkey.pem" }
        { "cert_file" = "/etc/pki/libvirt/servercert.pem" }
        { "ca_file" = "/etc/pki/CA/cacert.pem" }
@ -30,6 +35,7 @@ module Test_libvirtd =
             { "2" = "DN2"}
        }
        { "tls_priority" = "NORMAL" }
+@END@
        { "sasl_allowed_username_list"
             { "1" = "joe@EXAMPLE.COM" }
             { "2" = "fred@EXAMPLE.COM" }
@ -48,7 +54,7 @@ module Test_libvirtd =
        { "admin_max_client_requests" = "5" }
        { "log_level" = "3" }
        { "log_filters" = "1:qemu 1:libvirt 4:object 4:json 4:event 1:util" }
-        { "log_outputs" = "3:syslog:libvirtd" }
+        { "log_outputs" = "3:syslog:@DAEMON_NAME@" }
        { "audit_level" = "2" }
        { "audit_logging" = "1" }
        { "host_uuid" = "00000000-0000-0000-0000-000000000000" }