Commit Graph

1038 Commits

Author SHA1 Message Date
Daniel P. Berrangé
a62486b95f build: switch over to new rpc generator code
This replaces use of 'rpcgen' with our new python impl of
the RPC code generator. Since the new impl generates code
that matches our style/coding rules, and does not contain
long standing bugs, we no longer need to post-process the
output.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2023-11-03 14:06:35 -04:00
Daniel P. Berrangé
8c8b97685b rpcgen: add an XDR protocol lexer
This adds a lexer capable of handling the XDR protocol files.

The lexical rquirements are detailed in

  https://www.rfc-editor.org/rfc/rfc4506#section-6.2

pytest is introduced as a build dependancy for testing python
code.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2023-11-03 14:06:35 -04:00
Laine Stump
1622012cc4 specfile: use correct option for nbdkit in mingw build
commit v9.8.0-40-g7cbd8c4230 changed the name of the option that
enables/disables nbdkit support in the build from "libnbd" to
"nbdkit", but one use of "libnbd=disabled" was missed in
libvirt.specfile.in - the meson commandline for mingw.

This patch changes that line to "-Dnbdkit=disabled", thus unbreaking
the rpm build.

Resolves: https://gitlab.com/libvirt/libvirt/-/issues/550
Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2023-10-23 07:52:12 -04:00
Andrea Bolognani
7cbd8c4230 meson: Improve nbdkit configurability
Currently, nbdkit support will automatically be enabled as long as
the pidfd_open(2) syscall is available. Optionally, libnbd is used
to generate more user-friendly error messages.

In theory this is all good, since use of nbdkit is supposed to be
transparent to the user. In practice, however, there is a problem:
if support for it is enabled at build time and the necessary
runtime components are installed, nbdkit will always be preferred,
with no way for the user to opt out.

This will arguably be fine in the long run, but right now none of
the platforms that we target ships with a SELinux policy that
allows libvirt to launch nbdkit, and the AppArmor policy that we
maintain ourselves hasn't been updated either.

So, in practice, as of today having nbdkit installed on the host
makes network disks completely unusable unless you're willing to
compromise the overall security of the system by disabling
SELinux/AppArmor.

In order to make the transition smoother, provide a convenient
way for users and distro packagers to disable nbdkit support at
compile time until SELinux and AppArmor are ready.

In the process, detection is completely overhauled. libnbd is
made mandatory when nbdkit support is enabled, since availability
across operating systems is comparable and offering users the
option to make error messages worse doesn't make a lot of sense;
we also make sure that an explicit request from the user to
enable/disable nbdkit support is either complied with, or results
in a build failure when that's not possible. Last but not least,
we avoid linking against libnbd when nbdkit support is disabled.

At the RPM level, we disable the feature when building against
anything older than Fedora 40, which still doesn't have the
necessary SELinux bits but will hopefully gain them by the time
it's released. We also allow nbdkit support to be disabled at
build time the same way as other optional features, that is, by
passing "--define '_without_nbdkit 1'" to rpmbuild. Finally, if
nbdkit support has been disabled, installing libvirt will no
longer drag it in as a (weak) dependency.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Jonathon Jongsma <jjongsma@redhat.com>
2023-10-05 22:49:14 +02:00
Andrea Bolognani
52d1872e65 rpm: Drop with_vz define
Commit 56edf2fefe removed the last use.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2023-09-28 17:58:51 +02:00
Jonathon Jongsma
b37e7b0811 rpm: update spec file for for nbdkit support
Require libnbd-devel when building the qemu driver, recommend nbdkit
packages.

Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2023-09-19 14:28:50 -05:00
Andrea Bolognani
65c5c4db3d rpm: Install client-qemu with main package
The libvirt package is a sort of catch-all that brings in all
daemon drivers as well as the client package, so it makes sense
for it do drag in the QEMU-specific clients as well.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2023-09-06 15:03:47 +02:00
Andrea Bolognani
aa5895cbc7 rpm: Recommend libvirt-daemon for with_modular_daemons distros
A default deployment on modern distros uses modular daemons but
switching back to the monolithic daemon, while not recommended,
is still considered a perfectly valid option.

For a monolithic daemon deployment, the upgrade to libvirt 9.2.0
or newer works as expected; a subsequent call to dnf autoremove,
however, results in the libvirt-daemon package being removed and
the deployment no longer working.

In order to avoid that situation, mark the libvirt-daemon as
recommended.

This will unfortunately result in it being included in most
installations despite not being necessary, but considering that
the alternative is breaking existing setups on upgrade it feels
like a reasonable tradeoff.

Moreover, since the dependency on libvirt-daemon is just a weak
one, it's still possible for people looking to minimize the
footprint of their installation to manually remove the package
after installation, mitigating the drawbacks of this approach.

https://bugzilla.redhat.com/show_bug.cgi?id=2232805

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2023-08-31 13:57:07 +02:00
Andrea Bolognani
e7d26c5dcd rpm: Fix typo in daemon name
The name of the virtsecretd daemon was misspelled, resulting
in multiple errors during installation:

  Running scriptlet: libvirt-daemon-driver-secret-9.5.0-6.el9.x86_64
  Failed to preset unit: Unit file virsecretd.socket does not exist.
  Failed to preset unit: Unit file virsecretd-ro.socket does not exist.
  Failed to preset unit: Unit file virsecretd-admin.socket does not exist.
  Failed to preset unit: Unit file virsecretd.service does not exist.

Spell the name correctly.

https://bugzilla.redhat.com/show_bug.cgi?id=2236057

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2023-08-30 17:59:03 +02:00
Michal Privoznik
8abc979bb0 qemu: Move channelTargetDir into stateDir
For historical reasons (i.e. unknown reason) we put channel
sockets into a path derived from cfg->libDir which is a path that
survives host reboots (e.g. /var/lib/libvirt/...). This is not
necessary and in fact for session daemon creates a longer prefix:

  XDG_CONFIG_HOME -> /home/user/.config
  XDG_RUNTIME_DIR -> /run/user/1000

Worse, if host is rebooted suddenly (e.g. due to power loss) then
we leave files behind and nobody will ever remove them.

Therefore, place the channel target dir into state dir.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2173980
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
2023-08-17 17:22:09 +02:00
Michal Privoznik
d3759d3674 qemu: Generate shorter channel target paths
A <channel/> device is basically an UNIX socket into guest.
Whatever is sent from the host, appears in the guest and vice
versa. But because of that, the length of the path to the socket
is important (underscored by fact that we derive the path from
domain short name). But there are still cases where we might not
fit into UNIX_PATH_MAX limit (usually 108 characters), because
the path is derived also from other variables, e.g.
XDG_CONFIG_HOME for session domains.

There are two components though, that are needless: "/target/"
and "domain-" prefix. Drop them. This is safe to do, because
running domains have their path saved in status XML and even
though paths are dropped on migration, they are not part of guest
ABI and thus we are free to change them.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
2023-08-17 17:19:01 +02:00
Andrea Bolognani
e33054b72c rpm: Delete unused macros
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-07-27 18:03:00 +02:00
Andrea Bolognani
a7bc8d1606 rpm: Switch to new macros for handling of systemd units
In most cases the replacement is straightforward, with the
biggest difference being that we now schedule restarts during
%pre instead of %post. This also means that we can get rid of
%post for most packages, reducing the number of scriptlets that
need to run during install/upgrade.

Notable exceptions are libvirt-guests.service, where we stop
using the standard systemd macros to adopt our custom ones, as
well as the virtlogd and virtlockd services, where the reload
operation is moved from %postun to %posttrans.

https://bugzilla.redhat.com/show_bug.cgi?id=2210058

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-07-27 18:02:58 +02:00
Andrea Bolognani
3bfc76a953 rpm: Introduce new macros for handling of systemd units
systemd provides a number of standard RPM macros but they don't
quite satisfy our requirements, as evidenced by the fact that we
have already built some custom tooling around them.

Scenarios that the standard macros don't cover and that we're
already addressing with our custom ones:

  * for some services (libvirtd, virtnetworkd, virtnwfilterd)
    there are multiple conditions that might lead to a restart,
    and we want to make sure that they're not needlessly
    restarted several times per transaction;

  * some services (virtlogd, virtlockd) must not be restarted
    during upgrade, so we have to reload them instead.

Issues that neither the standard macros nor our custom ones
address:

  * presets for units should be applied when the unit is first
    installed, not when the package that contains it is.

The package split that happened in 9.1.0 highlighted why this
last point is so important: when virtproxyd and its sockets
were moved from libvirt-daemon to the new libvirt-daemon-proxy
package, upgrades from 9.0.0 caused presets for them to be
applied.

On a platform such as Fedora, where modular daemons are the
default, this has resulted in breaking existing deployments in
at least two scenarios.

The first one is machines that were configured to use the
monolithic daemon, either because the local admin had manually
changed the configuration or because the installation dated
back to before modular daemons had become the default. In this
case, virtproxyd.socket being enabled resulted in a silent
conflict with libvirtd.socket, which by design shares the same
path, and thus a completely broken setup.

The second one is machines where virtproxy-tls.socket, which is
disabled by default, had manually been enabled: in this case,
applying the presets resulted in it being disabled and thus a
loss of remote availability.

Note that these are just two concrete scenarios, but the problem
is more generic. For example, if we were to add more units to an
existing package, per the current approach they wouldn't have
their presets applied.

The new macros are designed to avoid all of the pitfalls
mentioned above. As a bonus, they're also simpler to use: where
the current approach requires restarts and other operations to
be handled separately, the new one integrates the two so that,
for each scriptlet, a single macro call is needed.

https://bugzilla.redhat.com/show_bug.cgi?id=2210058

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-07-27 18:02:57 +02:00
Andrea Bolognani
df1e4e34cc rpm: Remove custom libvirtd restart logic
This logic was necessary when socket activation was introduced
in libvirt 5.6.0/5.7.0 in order to guarantee smooth upgrades.

These days, even the oldest platform that we target ships a
version of libvirtd that implements socket activation, so the
additional code is no longer useful and we can treat libvirtd
the same as all other services.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-07-27 18:02:56 +02:00
Andrea Bolognani
ea45933d35 rpm: Reduce use of with_modular_daemons
The current implementation pretty much assumes that targets
where modular daemons are the default will stick with that
configuration, as will targets where they're not, or that
changes to these defaults will be performed by the admin after
the packages have been installed.

This is unnecessarily limiting: for example, on a target that
defaults to using the monolithic daemon, it's entirely possible
to create a local preset such as

  # /etc/systemd/system-preset/00-virt.preset
  disable libvirtd.service
  disable libvirtd*.socket
  enable virtqemud.service

to opt into a modular daemon deployment. The opposite is of
course also true. We shouldn't get in the way of these
reasonable use cases.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-07-27 18:02:55 +02:00
Andrea Bolognani
1f3065a552 rpm: Reorder scriptlets
To make things more readable, use the same order (%pre, %post,
%posttrans, %preun, %postun) everywhere.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-07-27 18:02:53 +02:00
Andrea Bolognani
05ef4da4d7 rpm: Style/alignment tweaks
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-07-27 18:02:51 +02:00
Andrea Bolognani
bdb10f9de8 rpm: Bump min_fedora
According to our platform support policy, now that Fedora 38 is
out we no longer target Fedora 36 and older. This allows us to
simplify a few conditionals.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-07-27 18:02:41 +02:00
Andrea Bolognani
4850a9a39b rpm: Explain BuildRequires on qemu-img
It's not used as part of the build process or searched for at
build time, and the QEMU driver detects its path at runtime,
so one could think that the BuildRequires is unnecessary. But
we actually need it to be present at build time in order to
run the full test suite.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2023-05-22 15:12:29 +02:00
Andrea Bolognani
e54a419693 rpm: Set initconfdir explicitly
The default would already work fine for Fedora and RHEL, but
it's better to be explicit.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-05-05 15:08:28 +02:00
Andrea Bolognani
50023cb5c6 rpm: Recommend passt-selinux
Now that we have SELinux support for passt, we want things to
work out of the box and that requires having the passt-specific
SELinux bits installed.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2023-03-14 16:14:34 +01:00
Peter Krempa
7c4a136acd spec: Use 'download.libvirt.org' as source server
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2023-03-14 15:42:36 +01:00
Daniel P. Berrangé
a020a2541a rpm: add missing deps for the virt-qemu-sev-validate
The RPM automatic deps generator for python does not pick these up

Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2023-02-22 13:48:48 +00:00
Jim Fehlig
5358618b1c spec: Remove libvirt-daemon dependency from hypervisor subpackages
Remove the libvirt-daemon dependency from the various
libvirt-daemon-<hypervisor> subpackages, replacing it with a set of the
new sub subpackages providing similar functionality. When libvirt is build
with modular daemons, the hypervisor subpackages no longer include the
traditional, monolithic libvirt daemon.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2023-01-18 11:06:13 -07:00
Jim Fehlig
b617d8f29e spec: Remove libvirt-daemon dependency from primary drivers
To avoid needlessly installing the monolithic daemon, replace the
libvirt-daemon dependency with libvirt-daemon-common in the primary
drivers.

The qemu driver also needs a dependency on libvirt-daemon-log since
the virtqemud systemd service file has a hard dependency on
virtlogd.socket.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2023-01-18 11:06:13 -07:00
Jim Fehlig
d8dcaffd4e spec: Remove libvirt-daemon dependency from secondary drivers
To avoid needlessly installing the monolithic daemon, replace the
libvirt-daemon dependency with libvirt-daemon-common in the secondary
drivers. The common subpackage contains all the utilities and files
needed by the secondary drivers.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2023-01-18 11:06:13 -07:00
Jim Fehlig
02baad4b93 spec: Add numad dependency to qemu and lxc drivers
Both drivers use numad via virNumaGetAutoPlacementAdvice. Drop the numad
dependency from libvirt-daemon-common to avoid enforcing it all users of
the subpackage.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2023-01-18 11:06:13 -07:00
Jim Fehlig
a291701c87 spec: Add module-init-tools dependency to nodedev and lxc drivers
Only the nodedev and lxc drivers require module-init-tools. Remove the
dependency from libvirt-daemon-common and add it to the nodedev and lxc
drivers. This avoids enforcing the dependency on all users of
libvirt-daemon-common.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2023-01-18 11:06:13 -07:00
Jim Fehlig
017e828785 spec: Move common files and dependencies to libvirt-daemon-common
Introduce a new subpackage libvirt-daemon-common and move virt-admin,
virt-host-validate, virt-ssh-helper, libvirt-guests and miscellaneous
files/directories to it. Also move common dependencies to the new
subpackage. These files, utilities, and dependecies are used by other
core libvirt daemons

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2023-01-18 11:06:13 -07:00
Jim Fehlig
33772e1fcc spec: Rename the libvirt-lock-sanlock subpackage
The new name "libvirt-daemon-plugin-sanlock" provides consistency with the
newly introduced "libvirt-daemon-plugin-lockd" subpackage.

It's also a good opportunity to taking ownership of
%{_libdir}/libvirt/lock-driver/, removing the need for a dependency on the
libvirt-daemon package.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2023-01-18 11:06:13 -07:00
Jim Fehlig
4b9f13eb51 spec: Move lockd plugin to a new subpackage
Introduce the libvirt-daemon-plugin-lockd subpackage to provide the
client-side lockd plugin for virtlockd.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2023-01-18 11:06:13 -07:00
Jim Fehlig
b1da03b5b3 spec: Move virtproxyd to a new subpackage libvirt-daemon-proxy
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2023-01-18 11:06:13 -07:00
Jim Fehlig
b19b817f5a spec: Move virtlogd to a new subpackage libvirt-daemon-log
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2023-01-18 11:06:13 -07:00
Jim Fehlig
19df5ec352 spec: Move virtlockd to a new subpackage libvirt-daemon-lock
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2023-01-18 11:06:13 -07:00
Daniel P. Berrangé
57ecc37f15 rpm: convert license to SPDX format
Note that with the introduction of SPDX, Fedora no longer wants
maintainers to do effective license analysis, hence we now list
all the licenses that are applicable to the binary package
contents

  https://docs.fedoraproject.org/en-US/legal/license-field/#_no_effective_license_analysis

Note, we can still omit licenses that are only applicable to
the build system.

Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2023-01-16 09:24:39 -05:00
Martin Kletzander
8f93d546d1 spec: Restart libvirtd on upgrade without socket activation
The %posttrans phase has a special case for upgrading libvirt daemon
with --listen, but it forgot to also restart the daemon in order to
run the new installed version.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1820437

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2023-01-10 15:47:39 +01:00
Laine Stump
b6e72716c9 specfile: require passt for the build if fedora >= 36 or rhel >= 9
The only reason we need it at build time is to find its location in
$PATH so it can be hardcoded into the libvirt binary (and avoid the
possibility of someone adding in a malicious binary somewhere earlier
in the path, I guess).

Only 'recommend' passt during installation though, since it is not
needed unless someone is actually using it.

There is no need to add in a build-time "WITH_PASST" option (IMO),
since it adds very little to the size of the code - "PASST" (the path
to the binary) will just be set to "passt", so if someone does manage
to build and install passt on an older version of Fedora or RHEL, it
will still work (as long as it's installed somewhere in the path).

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2023-01-10 01:19:27 -05:00
Andrea Bolognani
8908615ef3 spec: List more directories
The storage-backend/ and storage-file/ directories are currently
considered unowned by RPM. Have the libvirt-daemon package take
ownership of them, just as it already owns the connection-driver/
and lock-driver/ directories.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
2022-12-14 19:24:01 +01:00
Andrea Bolognani
7aafa2fff4 spec: Add trailing backslash
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
2022-12-14 19:23:57 +01:00
Daniel P. Berrangé
e9767876fb rpm: switch to using %mingw_find_lang
We currently list the locale file paths via a wildcard in %files, but the
normal pattern for mingw RPMs in Fedora is to use %mingw_find_lang.

Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2022-12-12 12:01:07 +00:00
Jim Fehlig
7edea0d27b spec: Remove extra blank lines
The spec file contains inconsistent use of blank lines. While trying to
make significant changes to the file, I found it hurts both readability
and maintainability. Remove blank lines that interrupt the overall flow
and consistency.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-12-06 14:39:04 -07:00
Jim Fehlig
35e36f9e29 spec: Remove use of %{name} macro
The spec file uses both "libvirt" and "%{name}", but in reality the
expanded value of %{name} will never change. Drop the macro in favor
of the explicit and more readable "libvirt".

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2022-12-02 08:09:15 -07:00
Jim Fehlig
522ffd2e96 spec: Remove daemon postun trigger
Remove %triggerpostun for the daemon package. Upgrades from
libvirt < 1.3.0 are now unlikely.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-12-01 17:01:16 -07:00
Jim Fehlig
b5936c62e5 spec: Remove redundant with_libxl
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-12-01 16:56:15 -07:00
Daniel P. Berrangé
ececdbdfc0 tools: support validating SEV firmware boot measurements
The virt-qemu-sev-validate program will compare a reported SEV/SEV-ES
domain launch measurement, to a computed launch measurement. This
determines whether the domain has been tampered with during launch.

This initial implementation requires all inputs to be provided
explicitly, and as such can run completely offline, without any
connection to libvirt.

The tool is placed in the libvirt-client-qemu sub-RPM since it is
specific to the QEMU driver.

Reviewed-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2022-11-15 11:09:30 +00:00
Jiri Denemark
9995ff1352 spec: libvirt-daemon: Add optional dependency on *-client
The libvirt-daemon subpackage contains libvirt-guests.sh script (used by
libvirt-guests service), which requires virsh to actually work. But
since dynamic libraries were separated from libvirt-client to
libvirt-libs more than 6 years ago, libvirt-daemon no longer requires
virsh to be installed. So unless libvirt-client is explicitly installed
(either manually or by installing the libvirt meta package),
libvirt-guests will not work.

Just adding libvirt-client as a dependency of libvirt-daemon would go
against the original idea behind splitting libvirt-client: users may not
want to install or use any client binaries on the host where the daemon
runs (either they just use various language bindings or access the
daemon remotely). To solve this we could possibly turn libvirt-daemon
into an empty package and separate the daemons and libvirt-guests into
subpackages to make sure we support both use cases, but marking
libvirt-client as Recommended for libvirt-daemon does the same job in a
much simpler way.

https://bugzilla.redhat.com/show_bug.cgi?id=2136591

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2022-11-08 10:35:18 +01:00
Eric Garver
2a461957b1 network: firewalld: add policies for routed networks
Signed-off-by: Eric Garver <eric@garver.life>
Reviewed-by: Laine Stump <laine@redhat.com>
2022-11-05 14:40:26 -04:00
Eric Garver
722b012166 network: firewalld: add zone for routed networks
This zone will be used for the routed network by default.

Note that this zone definition omits "forward" aka intra-zone
forwarding, because it requires firewalld >= 0.9.0.

Signed-off-by: Eric Garver <eric@garver.life>
Reviewed-by: Laine Stump <laine@redhat.com>
2022-11-05 14:34:47 -04:00
Jiri Denemark
0e23ef8222 spec: Fix python3-libvirt requirement in client-qemu package
The %{release} part of the requirement is just wrong as python bindings
are not rebuilt anytime libvirt release is increased, which means the
client-qemu package may require nonexistent release of python bindings.

The %{version} part is not wrong, but it's too strict for no reason as
the virt-qemu-qmp-proxy script will work happily even with ancient
python bindings. And since all distros supported by libvirt.spec already
contain python3-libvirt, we can depend on the first package called this
way.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-11-02 13:47:15 +01:00
Jens Petersen
2fb71217f9 spec: change gettext requires to gettext-runtime for F37
See https://fedoraproject.org/wiki/Changes/GettextRuntimeSubpackage

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Cole Robinson <crobinso@redhat.com>
2022-10-12 10:08:25 -04:00
Michal Privoznik
14573868ea meson: Bump minimal required meson version
Bump the minimal required version to 0.56.0. Looking into our CI
this is the oldest version we install.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-10 15:06:09 +02:00
Daniel P. Berrangé
83c6d80abc tools: add virt-qemu-qmp-proxy for proxying QMP via libvirt QEMU guests
Libvirt provides QMP passthrough APIs for the QEMU driver and these are
exposed in virsh. It is not especially pleasant, however, using the raw
QMP JSON syntax. QEMU has a tool 'qmp-shell' which can speak QMP and
exposes a human friendly interactive shell. It is not possible to use
this with libvirt managed guest, however, since only one client can
attach to the QMP socket at any point in time. While it would be
possible to configure a second QMP socket for a VM, it may not be
an known requirement at the time the guest is provisioned.

The virt-qmp-proxy tool aims to solve this problem. It opens a UNIX
socket and listens for incoming client connections, speaking QMP on
the connected socket. It will forward any QMP commands received onto
the running libvirt QEMU guest, and forward any replies back to the
QMP client. It will also forward back events.

  $ virsh start demo
  $ virt-qmp-proxy demo demo.qmp &
  $ qmp-shell demo.qmp
  Welcome to the QMP low-level shell!
  Connected to QEMU 6.2.0

  (QEMU) query-kvm
  {
      "return": {
          "enabled": true,
          "present": true
      }
  }

Note this tool of course has the same risks as the raw libvirt
QMP passthrough. It is safe to run query commands to fetch information
but commands which change the QEMU state risk disrupting libvirt's
management of QEMU, potentially resulting in data loss/corruption in
the worst case. Any use of this tool will cause the guest to be marked
as tainted as an warning that it could be in an unexpected state.

Since this tool introduces a python dependency it is not desirable
to include it in any of the existing RPMs in libvirt. This tool is
also QEMU specific, so isn't appropriate to bundle with the generic
tools. Thus a new RPM is introduced 'libvirt-clients-qemu', to
contain additional QEMU specific tools, with extra external deps.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2022-10-07 14:32:36 +01:00
Pavel Hrdina
69045df5c4 spec: add systemd-rpm-macros build dependency
We should explicitly depend on this package as we use some macros
defined by files that are installed from systemd-rpm-macros.

Currently the build works only because some of our other build
dependencies pull in systemd which will install systemd-rpm-macros if
rpm-build is installed as well.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-03 12:05:06 +02:00
Jiri Denemark
9dfa7132f2 spec: Use consistent versioning for Obsoletes
rpmbuild is complaining it's not recommended to have unversioned
Obsoletes. On the other hand using dynamic version/release is a bit too
much as we know in which release a particular subpackage was removed.
Let's just use the corresponding version in both cases to be consistent
with all other Obsoletes in our spec file.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-09-27 11:27:06 +02:00
Michal Privoznik
7c35778126 meson: Require libssh-0.8.1 or newer
According to repology.org:

              RHEL-8: 0.9.4
              RHEL-9: 0.9.6
           Debian 11: 0.9.5
  openSUSE Leap 15.3: 0.8.7
        Ubuntu 20.04: 0.9.3

And the rest of distros has something newer anyways. Requiring
0.8.1 or newer allows us to drop the terrible hack where we
rename functions at meson level using #define. Note, 0.8.0 is
the version of libssh where the rename happened. It also allows
us to stick with SHA-256 hash algorithm for public keys.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-09-20 09:34:52 +02:00
Peter Krempa
d4f7850d5b Remove support for building the sheepdog storage driver backend
The sheepdog project is unmaintained, with last commit in 2018 and
numerous unanswered issues reported.

Remove the libvirt storage driver support for it to follow the removal
of the client support in qemu.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Claudio Fontana <cfontana@suse.de>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-09-01 13:11:09 +02:00
Peter Krempa
c8ee79346a spec: Drop libvirt-daemon-driver-storage-sheepdog package
Upstream will be dropping the sheepdog storage backend, so we need to
stop building the package and obsolete it.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Claudio Fontana <cfontana@suse.de>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-09-01 13:11:09 +02:00
Daniel P. Berrangé
684fa309ae rpm: merge mingw sub-packages into native spec
One specfile containing both native and mingw builds is the
new best practice for Fedora. This reduces the maint burden
and ensures the mingw packages don't fall behind.

Note this adds many more BuildRequires for anyone building
on Fedora, which will now need installing.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2022-08-09 09:10:00 -04:00
Jim Fehlig
ebf84b2b36 spec: Remove duplicate check of libvirtd status
The %posttrans scriptlet checks if libvirtd is active within a
condition that is only executed if libvirtd is active. Remove the
duplicate check.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-08-01 11:26:35 -06:00
Cole Robinson
aabace2aa5 spec: Fix indentation
Signed-off-by: Cole Robinson <crobinso@redhat.com>
2022-06-13 09:09:35 -04:00
Cole Robinson
b7eca90cd4 spec: Xen arches have changed on Fedora 36+
Latest fedora 36+ xen builds have dropped i686 and armv7hl builds.

Reviewed-by: Erik Skultety <eskultet@redhat.com>
Signed-off-by: Cole Robinson <crobinso@redhat.com>
2022-06-13 08:11:31 -04:00
Andrea Bolognani
ab10207c3b spec: Move virkey* manual pages from -daemon to -client
The documentation included in these manual pages is mostly useful
to users of the 'send-key' virsh command, and the virsh manual
page refers to them, so it makes more sense to install them along
with virsh instead of libvirtd.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
2022-03-17 14:45:51 +01:00
Andrea Bolognani
f2da2f173d rpm: List one more directory
Commit 4b43da0bff missed it.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-02-02 16:26:29 +01:00
Andrea Bolognani
4b43da0bff rpm: List more directories
This has two advantages: it makes it possible for the admin to
ask rpm what package they belong to, and results in them ending
up with stricter permissions than they would have if we let
libvirt create them at runtime.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-02-02 10:59:50 +01:00
Andrea Bolognani
3a22ba2e84 rpm: Move /var/lib/libvirt from -libs to -daemon
The server, not the client, uses local storage.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-02-02 10:59:48 +01:00
Andrea Bolognani
4098c68ec8 rpm: Move /etc/libvirt from -daemon to -libs
Files like libvirt.conf influence the behavior of the library
itself. The daemon depends on the library, so the directory is
guaranteed to be present both on the client side and on the
server side.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-02-02 10:59:33 +01:00
Andrea Bolognani
0f97f9860c spec: Don't clean up *.la and *.a files
autotools used to produce those, but meson doesn't.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-01-26 11:57:32 +01:00
Peter Krempa
aaec8c91ae spec: Run pre/post-install stuff on 'daemon-driver-storage-core'
'daemon-driver-storage' is just a meta-package, the actual daemon is in
the 'daemon-driver-storage-core' package, so without installing the meta
package the storage daemon is not being enabled.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2025644
Fixes: 50eae3f885, b8ef625544
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2022-01-19 17:00:27 +01:00
Andrea Bolognani
cef015e325 spec: Drop BuildRequires on dnsmasq
It's been an optional build time dependency for a long time, so
if Meson couldn't find it the only consequence was that libvirt
would look for it at runtime instead, which is what we are doing
for most of our non-library dependencies anyway.

Since 5c98d1cee0 we've stopped even looking for it at build
time, so there's no point in having it installed in the build
environment.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-18 16:50:15 +01:00
Olaf Hering
8eb4461645 remove sysconfig files
sysconfig files are owned by the admin of the host. They have the
liberty to put anything they want into these files. This makes it
difficult to provide different built-in defaults.

Remove the sysconfig file and place the current desired default into
the service file.

Local customizations can now go either into /etc/sysconfig/name
or /etc/systemd/system/name.service.d/my-knobs.conf

Attempt to handle upgrades in libvirt.spec.
Dirty files which are marked as %config will be renamed to file.rpmsave.
To restore them automatically, move stale .rpmsave files away, and
catch any new rpmsave files in %posttrans.

Signed-off-by: Olaf Hering <olaf@aepfle.de>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2022-01-17 18:20:59 +01:00
Jim Fehlig
161727417a docs: Add man page for libvirt-guests
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2022-01-17 18:20:55 +01:00
Andrea Bolognani
55a248d354 virt-ssh-helper: Move manual page to section 8
While sections are somewhat loosely defined and thus the choice
is not quite a clear-cut one, section 8 might be a slightly
better fit in this case.

Suggested-by: Olaf Hering <olaf@aepfle.de>
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-13 16:07:56 +01:00
Andrea Bolognani
82d514084a virt-ssh-helper: Add manual page
We don't usually provide manual pages for internal tools,
but in the case of virt-ssh-helper the command is installed
inside the default $PATH and so it's likely that the user
will stumble upon it by using the shell's completion feature
when invoking another virt-* command, which makes it a good
idea to provide at least a minimal manual page.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-07 17:02:17 +01:00
Andrea Bolognani
f58533b367 spec: Drop BuildRequires on xfsprogs-devel
We no longer need its contents.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-04 15:46:11 +01:00
Andrea Bolognani
868df2a768 spec: Drop BuildRequires on ZFS
We're no longer performing build time detection.

Fixes: 506c3a39d6
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2022-01-03 11:39:19 +01:00
Andrea Bolognani
cac854e4d4 spec: Demote netcat to Recommends
It is only needed if compatibility with clients that have
libvirt < 6.9.0 is required, and can be uninstalled otherwise.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2022-01-03 09:37:50 +01:00
Olaf Hering
4ed8f5b67d spec: relocate pre script of daemon-driver-qemu
Reduce the delta in an upcoming change.
No change in behavior intended.

Signed-off-by: Olaf Hering <olaf@aepfle.de>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
2021-12-23 16:51:37 +01:00
Olaf Hering
42cbffd715 spec: fix %preun of virtnetworkd
Fixes: 50eae3f885
Signed-off-by: Olaf Hering <olaf@aepfle.de>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
2021-12-23 16:51:27 +01:00
Daniel P. Berrangé
883f643d70 rpm: don't start/stop -ro.socket units for virtlockd/virtlogd
These daemons do not have any support for unprivileged readonly
access, so we must not reference -ro.socket units in scripts.

Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-12-16 10:02:56 +00:00
Daniel P. Berrangé
25a6e49668 rpm: fix typo in daemon name in %post/%preun scripts
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-12-16 10:02:46 +00:00
Ján Tomko
5e0c3e0a33 spec: do not require radvd
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2021-12-15 15:28:17 +01:00
Ján Tomko
4a6b246d39 Revert "virt-ssh-helper: Add manual page"
This was pushed by mistake with incorrect claim of my R-b.

This reverts commit dadcd35260.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
2021-12-10 23:08:31 +01:00
Andrea Bolognani
9402db25f8 virt-pki-query-dn: Add manual page
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-12-10 18:40:10 +01:00
Andrea Bolognani
dadcd35260 virt-ssh-helper: Add manual page
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-12-10 18:39:31 +01:00
Jiri Denemark
d804408ef9 qemu: Enable unprivileged userfaultfd for post-copy migration
Userfaultfd is by default allowed only for privileged processes. Since
libvirt runs QEMU unprivileged, we need to enable unprivileged access to
userfaultfd to enable post-copy migration.

https://bugzilla.redhat.com/show_bug.cgi?id=1945420

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-12-10 17:53:11 +01:00
Andrea Bolognani
c5dc658ea8 spec: Explicitly provide locations for QEMU data
These are the defaults, but we prefer to be explicit.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-11-18 15:49:02 +01:00
Andrea Bolognani
47c439ce44 spec: Don't create unnecessary directory
The directory is already created by the build system, so we
don't need to create it explicitly in the spec file; moreover,
the path was incorrect, because it used datadir instead of
localstatedir.

Fixes: 4e041189f8
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-11-18 15:47:57 +01:00
Martin Kletzander
9715043544 tools: Add virt-pki-query-dn binary
With this program we do not have to depend on the output of `certtool -i`, which
changed the order of the fields at some point and the newest version is
incompatible with what libvirt expects in tls_allowed_dn_list configuration
option.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-11-12 12:37:29 +01:00
Peng Liang
4c0cf7c4dc spec: change the ownership of cache directory
In a50c473ad6 ("qemu: move temp file of screenshot and memorypeek to
per-domain dir") and c4f3c955d5 ("qemu: don't change ownership of
cache directory"), I move the temporary files of screenshot and
memorypeek from the cache directory to per-domain directory, and the
only user of the cache directory is the domain capabilities currently.
Since the domain capabilities are used by libvirtd, no need to set the
ownership of the cache directory to qemu_user and qemu_group.

Signed-off-by: Peng Liang <liangpeng10@huawei.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-10-12 16:54:49 +02:00
Erik Skultety
40f5c8679a libvirt.spec.in: Replace %global with %define
Commit b5e8db8f14 tuned the SPEC file so that libvirt daemons restart
on package upgrade. In order to do that it added a bunch of
parametrized macros using the %global directive. This caused a problem
when running RPM builds on CentOS Stream 8 resulting in:

error: Too many levels of recursion in macro expansion. It is likely
       caused by recursive macro declaration.
error: Macro %libvirt_daemon_perform_restart failed to expand
error: line 1275: %global libvirt_daemon_perform_restart() \
       if test %libvirt_daemon_needs_restart %1 \
       then \
           /bin/systemctl try-restart %1.service >/dev/null 2>&1 || : \
       fi \
       %libvirt_daemon_finish_restart %1

There are 2 important differences between %global and %define
directives:
1) %define is local-only and does have scope - in reality though, its
   scope is apparently not really enforced because it behaves exactly
   the same way as %global
2) %define is evaluated at the time of use while %global is evaluated
   at the time of definition

The latter and the fact the macro is parametrized is the reason why the
RPM builds fails on CentOS. Strangely enough this only happens on
CentOS Stream, but not Fedora (which is also the main proponent of
replacing %define with %global). Anyhow, replacing %global with %define
makes the rpmbuild to pass on both and along with package upgrades.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-09-24 11:01:07 +02:00
Daniel P. Berrangé
3315bc3ba8 rpm: fix typo in post transaction scriptlet name
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-08-31 13:40:55 +01:00
Michal Privoznik
c71a986e9a rpm: Enable numactl on s390x
While s390x doesn't have NUMA nodes it has libnuma which is still
helpful as it parses sysfs for us and kernel emulates NUMA#0.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2021-08-23 14:00:24 +02:00
Daniel P. Berrangé
821414f0cd rpm: add conditionals around post scripts
The hypervisor drivers can be disabled in certain build scenarios, so
their corresponding post scripts need to match.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-08-06 12:00:53 +01:00
Daniel P. Berrangé
5998497d5f rpm: use direct remote connection for Fedora >= 35 / RHEL >= 9
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-08-04 16:06:11 +01:00
Daniel P. Berrangé
50eae3f885 rpm: handle enabling/disabling modular daemons post/postun-install
We need to enable or disable the modular daemons with systemd after the
RPM install/uninstall.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-08-04 15:59:15 +01:00
Daniel P. Berrangé
a97c2b14b2 rpm: macroize logic for enabling/disabling daemons post/postun-install
The patterns for enabling/disabling daemons post/postun-install has a
bit of duplication across the different part of the spec, due to the
number of socket units involved. This is going to get much worse with
the need to enable/disalbe modular daemons, so benefits from macroization.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-08-04 15:59:11 +01:00
Daniel P. Berrangé
b8ef625544 rpm: restart modular daemons on upgrade
The daemons all need restarting to ensure they pick up the newly
installed code.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-08-04 15:58:28 +01:00
Daniel P. Berrangé
c2eafaf7a3 rpm: restart virtnwfilter/virnetworkd if configs change
Currently we restart libvirtd if the nwfilter/network configs have
changed. We need to take account of possibility that the modular
daemons are in use instead though.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-08-04 15:57:45 +01:00
Daniel P. Berrangé
b5e8db8f14 rpm: macroize logic for restarting daemons post-transaction
The patterns for restarting daemons post-transaction has a bit of
duplication across the different part of the spec. This is going to
get much worse with the need to restart modular daemons, so benefits
from macroization.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-08-04 15:56:35 +01:00