mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-07-06 09:55:46 +00:00
secret: introduce virtsecretd daemon
The virtsecretd daemon will be responsible for providing the secret API driver functionality. The secret driver is still loaded by the main libvirtd daemon at this stage, so virtsecretd must not be running at the same time. Reviewed-by: Christophe de Dinechin <dinechin@redhat.com> Reviewed-by: Andrea Bolognani <abologna@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
parent
b7ed8ce981
commit
d353d57fcd
4
.gitignore
vendored
4
.gitignore
vendored
@ -166,6 +166,9 @@
|
|||||||
/src/remote/virtproxyd.conf
|
/src/remote/virtproxyd.conf
|
||||||
/src/rpc/virkeepaliveprotocol.[ch]
|
/src/rpc/virkeepaliveprotocol.[ch]
|
||||||
/src/rpc/virnetprotocol.[ch]
|
/src/rpc/virnetprotocol.[ch]
|
||||||
|
/src/secret/test_virtsecretd.aug
|
||||||
|
/src/secret/virtsecretd.aug
|
||||||
|
/src/secret/virtsecretd.conf
|
||||||
/src/test*.aug
|
/src/test*.aug
|
||||||
/src/util/virkeycodetable*.h
|
/src/util/virkeycodetable*.h
|
||||||
/src/util/virkeynametable*.h
|
/src/util/virkeynametable*.h
|
||||||
@ -173,6 +176,7 @@
|
|||||||
/src/virtlockd
|
/src/virtlockd
|
||||||
/src/virtlogd
|
/src/virtlogd
|
||||||
/src/virtproxyd
|
/src/virtproxyd
|
||||||
|
/src/virtsecretd
|
||||||
/src/virt-guest-shutdown.target
|
/src/virt-guest-shutdown.target
|
||||||
/tests/*.log
|
/tests/*.log
|
||||||
/tests/*.pid
|
/tests/*.pid
|
||||||
|
@ -1634,6 +1634,14 @@ exit 0
|
|||||||
%{_libdir}/%{name}/connection-driver/libvirt_driver_nwfilter.so
|
%{_libdir}/%{name}/connection-driver/libvirt_driver_nwfilter.so
|
||||||
|
|
||||||
%files daemon-driver-secret
|
%files daemon-driver-secret
|
||||||
|
%config(noreplace) %{_sysconfdir}/libvirt/virtsecretd.conf
|
||||||
|
%{_datadir}/augeas/lenses/virtsecretd.aug
|
||||||
|
%{_datadir}/augeas/lenses/tests/test_virtsecretd.aug
|
||||||
|
%{_unitdir}/virtsecretd.service
|
||||||
|
%{_unitdir}/virtsecretd.socket
|
||||||
|
%{_unitdir}/virtsecretd-ro.socket
|
||||||
|
%{_unitdir}/virtsecretd-admin.socket
|
||||||
|
%attr(0755, root, root) %{_sbindir}/virtsecretd
|
||||||
%{_libdir}/%{name}/connection-driver/libvirt_driver_secret.so
|
%{_libdir}/%{name}/connection-driver/libvirt_driver_secret.so
|
||||||
|
|
||||||
%files daemon-driver-storage
|
%files daemon-driver-storage
|
||||||
|
@ -37,4 +37,67 @@ libvirt_driver_secret_la_LIBADD = \
|
|||||||
$(NULL)
|
$(NULL)
|
||||||
libvirt_driver_secret_la_LDFLAGS = $(AM_LDFLAGS_MOD_NOUNDEF)
|
libvirt_driver_secret_la_LDFLAGS = $(AM_LDFLAGS_MOD_NOUNDEF)
|
||||||
libvirt_driver_secret_la_SOURCES = $(SECRET_DRIVER_SOURCES)
|
libvirt_driver_secret_la_SOURCES = $(SECRET_DRIVER_SOURCES)
|
||||||
|
|
||||||
|
sbin_PROGRAMS += virtsecretd
|
||||||
|
|
||||||
|
nodist_conf_DATA += secret/virtsecretd.conf
|
||||||
|
augeas_DATA += secret/virtsecretd.aug
|
||||||
|
augeastest_DATA += secret/test_virtsecretd.aug
|
||||||
|
CLEANFILES += secret/virtsecretd.aug
|
||||||
|
|
||||||
|
virtsecretd_SOURCES = $(REMOTE_DAEMON_SOURCES)
|
||||||
|
virtsecretd_CFLAGS = \
|
||||||
|
$(REMOTE_DAEMON_CFLAGS) \
|
||||||
|
-DDAEMON_NAME="\"virtsecretd\"" \
|
||||||
|
-DMODULE_NAME="\"secret\"" \
|
||||||
|
$(NULL)
|
||||||
|
virtsecretd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS)
|
||||||
|
virtsecretd_LDADD = $(REMOTE_DAEMON_LD_ADD)
|
||||||
|
|
||||||
|
SYSTEMD_UNIT_FILES += \
|
||||||
|
virtsecretd.service \
|
||||||
|
virtsecretd.socket \
|
||||||
|
virtsecretd-ro.socket \
|
||||||
|
virtsecretd-admin.socket \
|
||||||
|
$(NULL)
|
||||||
|
SYSTEMD_UNIT_FILES_IN += \
|
||||||
|
secret/virtsecretd.service.in \
|
||||||
|
$(NULL)
|
||||||
|
|
||||||
|
VIRTSECRETD_UNIT_VARS = \
|
||||||
|
$(VIRTD_UNIT_VARS) \
|
||||||
|
-e 's|[@]name[@]|Libvirt secret|g' \
|
||||||
|
-e 's|[@]service[@]|virtsecretd|g' \
|
||||||
|
-e 's|[@]sockprefix[@]|virtsecretd|g' \
|
||||||
|
$(NULL)
|
||||||
|
|
||||||
|
virtsecretd.service: secret/virtsecretd.service.in $(top_builddir)/config.status
|
||||||
|
$(AM_V_GEN)$(SED) $(VIRTSECRETD_UNIT_VARS) $< > $@-t && mv $@-t $@
|
||||||
|
|
||||||
|
virtsecret%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status
|
||||||
|
$(AM_V_GEN)$(SED) $(VIRTSECRETD_UNIT_VARS) $< > $@-t && mv $@-t $@
|
||||||
|
|
||||||
|
secret/virtsecretd.conf: remote/libvirtd.conf.in
|
||||||
|
$(AM_V_GEN)$(SED) \
|
||||||
|
-e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \
|
||||||
|
-e 's/[@]DAEMON_NAME[@]/virtsecretd/' \
|
||||||
|
$< > $@
|
||||||
|
|
||||||
|
secret/virtsecretd.aug: remote/libvirtd.aug.in
|
||||||
|
$(AM_V_GEN)$(SED) \
|
||||||
|
-e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \
|
||||||
|
-e 's/[@]DAEMON_NAME[@]/virtsecretd/' \
|
||||||
|
-e 's/[@]DAEMON_NAME_UC[@]/Virtsecretd/' \
|
||||||
|
$< > $@
|
||||||
|
|
||||||
|
secret/test_virtsecretd.aug: remote/test_libvirtd.aug.in \
|
||||||
|
secret/virtsecretd.conf $(AUG_GENTEST)
|
||||||
|
$(AM_V_GEN)$(AUG_GENTEST) secret/virtsecretd.conf \
|
||||||
|
$(srcdir)/remote/test_libvirtd.aug.in | \
|
||||||
|
$(SED) \
|
||||||
|
-e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \
|
||||||
|
-e 's/[@]DAEMON_NAME[@]/virtsecretd/' \
|
||||||
|
-e 's/[@]DAEMON_NAME_UC[@]/Virtsecretd/' \
|
||||||
|
> $@ || rm -f $@
|
||||||
|
|
||||||
endif WITH_SECRETS
|
endif WITH_SECRETS
|
||||||
|
24
src/secret/virtsecretd.service.in
Normal file
24
src/secret/virtsecretd.service.in
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=Virtualization secret daemon
|
||||||
|
Conflicts=libvirtd.service
|
||||||
|
Requires=virtsecretd.socket
|
||||||
|
Requires=virtsecretd-ro.socket
|
||||||
|
Requires=virtsecretd-admin.socket
|
||||||
|
After=network.target
|
||||||
|
After=dbus.service
|
||||||
|
After=apparmor.service
|
||||||
|
After=local-fs.target
|
||||||
|
Documentation=man:libvirtd(8)
|
||||||
|
Documentation=https://libvirt.org
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=notify
|
||||||
|
ExecStart=@sbindir@/virtsecretd --timeout 120
|
||||||
|
ExecReload=/bin/kill -HUP $MAINPID
|
||||||
|
Restart=on-failure
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
||||||
|
Also=virtsecretd.socket
|
||||||
|
Also=virtsecretd-ro.socket
|
||||||
|
Also=virtsecretd-admin.socket
|
Loading…
Reference in New Issue
Block a user