From 5f449aea199fc06bbfe9138507530c2a55331daf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Fri, 21 Jun 2019 17:19:11 +0100
Subject: [PATCH] remote: conditionalize IP socket config in augeas definitions
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Prepare for reusing libvirtd augeas defintions with other daemons by
making the config parameters for IP sockets conditionally defined by
the make rules.

Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
 .gitignore                                   |  1 +
 src/remote/Makefile.inc.am                   | 21 ++++++++++++++--
 src/remote/{libvirtd.aug => libvirtd.aug.in} | 26 +++++++++++++-------
 src/remote/test_libvirtd.aug.in              | 12 ++++++---
 4 files changed, 46 insertions(+), 14 deletions(-)
 rename src/remote/{libvirtd.aug => libvirtd.aug.in} (89%)

diff --git a/.gitignore b/.gitignore
index 7d24dc3f5a..35dc2c8bec 100644
--- a/.gitignore
+++ b/.gitignore
@@ -158,6 +158,7 @@
 /src/remote/*_client_bodies.h
 /src/remote/*_protocol.[ch]
 /src/remote/*_stubs.h
+/src/remote/libvirtd.aug
 /src/remote/libvirtd.conf
 /src/remote/test_libvirtd.aug
 /src/rpc/virkeepaliveprotocol.[ch]
diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am
index d7e614c476..314b90885f 100644
--- a/src/remote/Makefile.inc.am
+++ b/src/remote/Makefile.inc.am
@@ -75,7 +75,7 @@ EXTRA_DIST += \
 	$(REMOTE_DRIVER_SOURCES) \
 	$(LIBVIRTD_SOURCES) \
 	remote/test_libvirtd.aug.in \
-	remote/libvirtd.aug \
+	remote/libvirtd.aug.in \
 	remote/libvirtd.conf.in \
 	remote/libvirtd.policy \
 	remote/libvirtd.rules \
@@ -133,6 +133,8 @@ augeastest_DATA += remote/test_libvirtd.aug
 
 nodist_conf_DATA += remote/libvirtd.conf
 
+CLEANFILES += remote/libvirtd.aug
+
 man8_MANS += libvirtd.8
 
 libvirtd_SOURCES = $(LIBVIRTD_SOURCES)
@@ -197,9 +199,24 @@ install-data-remote:
 uninstall-data-remote:
 	rmdir "$(DESTDIR)$(localstatedir)/log/libvirt" ||:
 
+remote/libvirtd.aug: remote/libvirtd.aug.in
+	$(AM_V_GEN)$(SED) \
+		-e '/[@]CUT_ENABLE_IP[@]/d' \
+		-e '/[@]END[@]/d' \
+		-e 's|[@]DAEMON_NAME[@]|libvirtd|' \
+		-e 's|[@]DAEMON_NAME_UC[@]|Libvirtd|' \
+		$< > $@
+
 remote/test_libvirtd.aug: remote/test_libvirtd.aug.in \
 		remote/libvirtd.conf $(AUG_GENTEST)
-	$(AM_V_GEN)$(AUG_GENTEST) remote/libvirtd.conf $< > $@
+	$(AM_V_GEN)$(AUG_GENTEST) remote/libvirtd.conf \
+		$(srcdir)/remote/test_libvirtd.aug.in | \
+		$(SED) \
+		-e '/[@]CUT_ENABLE_IP[@]/d' \
+		-e '/[@]END[@]/d' \
+		-e 's|[@]DAEMON_NAME[@]|libvirtd|' \
+		-e 's|[@]DAEMON_NAME_UC[@]|Libvirtd|' \
+		> $@ || rm -f $@
 
 if WITH_SYSCTL
 # Use $(prefix)/lib rather than $(libdir), since man sysctl.d insists on
diff --git a/src/remote/libvirtd.aug b/src/remote/libvirtd.aug.in
similarity index 89%
rename from src/remote/libvirtd.aug
rename to src/remote/libvirtd.aug.in
index 0188c23dd7..eec3433f29 100644
--- a/src/remote/libvirtd.aug
+++ b/src/remote/libvirtd.aug.in
@@ -1,6 +1,6 @@
-(* /etc/libvirt/libvirtd.conf *)
+(* /etc/libvirt/@DAEMON_NAME@.conf *)
 
-module Libvirtd =
+module @DAEMON_NAME_UC@ =
    autoload xfm
 
    let eol   = del /[ \t]*\n/ "\n"
@@ -24,11 +24,13 @@ module Libvirtd =
 
 
    (* Config entry grouped by function - same order as example config *)
+@CUT_ENABLE_IP@
    let network_entry = bool_entry "listen_tls"
                      | bool_entry "listen_tcp"
                      | str_entry "tls_port"
                      | str_entry "tcp_port"
                      | str_entry "listen_addr"
+@END@
 
    let sock_acl_entry = str_entry "unix_sock_group"
                       | str_entry "unix_sock_ro_perms"
@@ -38,6 +40,7 @@ module Libvirtd =
 
    let authentication_entry = str_entry "auth_unix_ro"
                             | str_entry "auth_unix_rw"
+@CUT_ENABLE_IP@
                             | str_entry "auth_tcp"
                             | str_entry "auth_tls"
 
@@ -46,12 +49,14 @@ module Libvirtd =
                          | str_entry "ca_file"
                          | str_entry "crl_file"
 
-   let authorization_entry = bool_entry "tls_no_verify_certificate"
+   let tls_authorization_entry = bool_entry "tls_no_verify_certificate"
                            | bool_entry "tls_no_sanity_certificate"
                            | str_array_entry "tls_allowed_dn_list"
-                           | str_array_entry "sasl_allowed_username_list"
-                           | str_array_entry "access_drivers"
                            | str_entry "tls_priority"
+@END@
+
+   let misc_authorization_entry = str_array_entry "sasl_allowed_username_list"
+                           | str_array_entry "access_drivers"
 
    let processing_entry = int_entry "min_workers"
                         | int_entry "max_workers"
@@ -87,11 +92,14 @@ module Libvirtd =
                   | int_entry "ovs_timeout"
 
    (* Each enty in the config is one of the following three ... *)
-   let entry = network_entry
-             | sock_acl_entry
+   let entry = sock_acl_entry
              | authentication_entry
+@CUT_ENABLE_IP@
+             | network_entry
              | certificate_entry
-             | authorization_entry
+             | tls_authorization_entry
+@END@
+             | misc_authorization_entry
              | processing_entry
              | admin_processing_entry
              | logging_entry
@@ -106,7 +114,7 @@ module Libvirtd =
 
    let lns = ( record | comment | empty ) *
 
-   let filter = incl "/etc/libvirt/libvirtd.conf"
+   let filter = incl "/etc/libvirt/@DAEMON_NAME@.conf"
               . Util.stdexcl
 
    let xfm = transform lns filter
diff --git a/src/remote/test_libvirtd.aug.in b/src/remote/test_libvirtd.aug.in
index d768b30b55..2fd809af4a 100644
--- a/src/remote/test_libvirtd.aug.in
+++ b/src/remote/test_libvirtd.aug.in
@@ -1,12 +1,14 @@
-module Test_libvirtd =
+module Test_@DAEMON_NAME@ =
    @CONFIG@
 
-   test Libvirtd.lns get conf =
+   test @DAEMON_NAME_UC@.lns get conf =
+@CUT_ENABLE_IP@
         { "listen_tls" = "0" }
         { "listen_tcp" = "1" }
         { "tls_port" = "16514" }
         { "tcp_port" = "16509" }
         { "listen_addr" = "192.168.0.1" }
+@END@
         { "unix_sock_group" = "libvirt" }
         { "unix_sock_ro_perms" = "0777" }
         { "unix_sock_rw_perms" = "0770" }
@@ -14,11 +16,14 @@ module Test_libvirtd =
         { "unix_sock_dir" = "/var/run/libvirt" }
         { "auth_unix_ro" = "none" }
         { "auth_unix_rw" = "none" }
+@CUT_ENABLE_IP@
         { "auth_tcp" = "sasl" }
         { "auth_tls" = "none" }
+@END@
         { "access_drivers"
              { "1" = "polkit" }
         }
+@CUT_ENABLE_IP@
         { "key_file" = "/etc/pki/libvirt/private/serverkey.pem" }
         { "cert_file" = "/etc/pki/libvirt/servercert.pem" }
         { "ca_file" = "/etc/pki/CA/cacert.pem" }
@@ -30,6 +35,7 @@ module Test_libvirtd =
              { "2" = "DN2"}
         }
         { "tls_priority" = "NORMAL" }
+@END@
         { "sasl_allowed_username_list"
              { "1" = "joe@EXAMPLE.COM" }
              { "2" = "fred@EXAMPLE.COM" }
@@ -48,7 +54,7 @@ module Test_libvirtd =
         { "admin_max_client_requests" = "5" }
         { "log_level" = "3" }
         { "log_filters" = "1:qemu 1:libvirt 4:object 4:json 4:event 1:util" }
-        { "log_outputs" = "3:syslog:libvirtd" }
+        { "log_outputs" = "3:syslog:@DAEMON_NAME@" }
         { "audit_level" = "2" }
         { "audit_logging" = "1" }
         { "host_uuid" = "00000000-0000-0000-0000-000000000000" }