In libssh 0.9.0 functions ssh_is_server_known and ssh_write_knownhost
are marked as deprecated.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1722735
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
We provide default values for both MODPROBE and RMMOD and thus
there is no way that their paths can be empty strings.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
https://bugzilla.redhat.com/show_bug.cgi?id=1710575
It may happen that the system where libvirt is built at doesn't
have udevadm binary but the one where it runs does have it.
If we change how udevadm is run in virWaitForDevices() then we
can safely pass a default value in m4 macro.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
The udevsettle binary is no longer used anywhere as it was
replaced by 'udevadm settle'. There's no reason for us to even
check for it in configure.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
It has been exported by systemd commit
commit a571c23e954cb88cdd5faa28593b19bd7c340130
libudev: export udev_monitor_set_receive_buffer_size()
released in v183.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
This is the version of systemd RHEL/CentOS 7 uses:
https://repology.org/project/systemd/versions
Oldest tracked openSUSE distros have 228,
Ubuntu 16.04 has 229 and Gentoo's alternative eudev
has bumped the version to 219 back in 2015.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
The function was deprecated in udev 219 and all the supported OSes
don't have older version of udev or systemd.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Commit 105756660f was too eager and did
not consider SLES 12 which still has 2.0.1 that does not ship
a pkg-config file.
Similar to how we check for readline, prefer pkg-config if available
and fall back to the old detection code if not found.
NB: this is not a clean revert because we're not reintroducing support
for YAJL 1.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reported-by: Olaf Hering <olaf@aepfle.de>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Though it used to be called "Mac OS X" and "OS X" in the past,
it was never "MacOS X" nor "OS-X", and it's just "macOS" now.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Unfortunately the data reported by pkg-config is not completely
accurate, so until the issue has been fixed in readline we need
to work around it in libvirt.
The good news is that we only need the fix to land in FreeBSD
ports and macOS homebrew before we can drop the kludge, so
we're talking months rather than years.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
With the 7.0 release, readline has finally started shipping
pkg-config support in the form of a readline.pc file.
Unfortunately, most downstreams have yet to catch up with this
change: among Linux distributions in particular, Fedora Rawhide
seems to be the only one installing it at the moment.
Non-Linux operating systems have been faring much better in
this regard: both FreeBSD (through ports) and macOS (through
homebrew) include pkg-config support in their readline package.
This is great news for us, since those are the platforms where
pkg-config is more useful on account of them installing headers
and libraries outside of the respective default search paths.
Our implementation checks whether readline is registered as a
pkg-config package, and if so obtains CFLAGS and LIBS using the
tool; if not, we just keep using the existing logic.
This commit is best viewed with 'git show -w'.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
The first implementation of this logic was introduced with
commit 2ec759fc58 all the way back in 2007; looking at the
build logs from our CI environment, however, it's apparent
that none of the platforms we currently target are actually
using it, so we can assume whatever issue it was working
around has been fixed at some point in the last 12 years.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
The current code is a bit awkward, and we're going to need
to share it later anyway. We can drop the call to AC_SUBST()
while we're at it, since LIBVIRT_CHECK_LIB() already marks
READLINE_CFLAGS for substitution.
The new code goes to some extra length to avoid setting
-D_FUNCTION_DEF twice: this is mostly for cosmetic reasons,
and it's necessary because LIBVIRT_CHECK_READLINE() is called
twice: once on its own, and then once more as part of
LIBVIRT_CHECK_BASH_COMPLETION().
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
The check was added in 74416b1d48 without offering any
explanation outside of the commit message. Introduce a comment
to make digging through the git history unnecessary.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Since commit 4e75b0a00f we support SASL 2.1.26 and newer
releases only, all of which ship a .pc file. Using pkg-config
allows FreeBSD builds to pick up the dependency automatically.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
The pkg-config file was introduced by commit b729ded which was released
in yajl 2.0.3.
Since all our supported platforms include at least yajl 2.0.4,
use pkg-config to detect the library and set the minimum to 2.0.3.
https://repology.org/project/yajl/versions
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Even Debian 8 which we no longer support has 2.1.26.
https://repology.org/project/cyrus-sasl/versions
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Running QEMU as root is a pretty bad idea, so try to make the
user aware of that as part of the configure summary.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Our current defaults are root:wheel on FreeBSD and macOS, root:root
everywhere else.
Looking at what downstream distributions actually do, we can see that
these defaults are overriden the vast majority of the time, with a
number of variations showing up in the wild:
* qemu:qemu -> Used by CentOS, Fedora, Gentoo, OpenSUSE, RHEL
and... As it turns out, our very own spec file :)
* libvirt-qemu:libvirt-qemu -> Used by Debian.
* libvirt-qemu:kvm -> Used by Ubuntu.
* nobody:nobody -> Used by Arch Linux.
Based on this information, we can do a better job at integrating with
downstream packages: if the distro-specific user and group already
exist on the system then we use them, and if not (or we're building
on an unknown OS) we just use root:root as we would have before.
This change makes it less likely that people building from source
will end up running their guests as root, which is a very desiderable
outcome from the security point of view.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
The rbd_list method has been deprecated in Ceph >= 14.0.0
in favour of the new rbd_list2 method which populates an
array of structs.
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Now that we no longer support the weird "redhat+systemd"
configuration, we can make our code slightly simpler.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Despite the misleading name, these were supposed to be used
with a System V style init; however, none of the platforms we
target is using that kind of init anymore: almost all Linux
distributions have switched to systemd, those that haven't
(such as Gentoo and Alpine) are mostly using OpenRC with
custom init scripts, and the BSDs have been doing their own
thing all along.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Not a single one of the platforms we target still uses Upstart, and
the Upstart project itself has been abandoned for several years now.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
There is no way that qemu driver can work without being able to
format/parse JSON.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
The basic idea of our configure script is to probe for things
rather than have them enabled by default. This is even more
visible in the next commit where configure fails if qemu driver
is enabled but no yajl is found.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
The code tries to detect installed version of qemu to learn if it
uses HMP or QMP and enable YAJL based on that. Well, we support
only QMP and also minimal required version of qemu is 1.5.0 so
the check would have enabled yajl anyway.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
The wireshark-2.4.0 is almost 2 years old now. Assuming anybody
interested in running latest libvirt doesn't run old wireshark,
it is safe to do this. It also simplifies the code.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Since wirshark-2.5.0 toplevel plugins are no longer loaded. Only
plugins from epan/, wiretap/ or codecs/ subdirs are. Update the
plugin dir we generate. This is safe to do even for older
wiresharks, since they load plugins from there too.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
In the past (when both libvirt and firewalld used iptables), if either
libvirt's rules *OR* firewalld's rules accepted a packet, it would
be accepted. This was because libvirt and firewalld rules were
processed during the same kernel hook, and a single ACCEPT result
would terminate the rule traversal and cause the packet to be
accepted.
But now firewalld can use nftables for its backend, while libvirt's
firewall rules are still using iptables; iptables rules are still
processed, but at a different time during packet processing
(i.e. during a different hook) than the firewalld nftables rules. The
result is that a packet must be accepted by *BOTH* the libvirt
iptables rules *AND* the firewalld nftable rules in order to be
accepted.
This causes pain because
1) libvirt always adds rules to permit DNS and DHCP (and sometimes
TFTP) from guests to the host network's bridge interface. But
libvirt's bridges are in firewalld's "default" zone (which is usually
the zone called "public"). The public zone allows ssh, but doesn't
allow DNS, DHCP, or TFTP. So even though libvirt's rules allow the
DHCP and DNS traffic, the firewalld rules (now processed during a
different hook) dont, thus guests connected to libvirt's bridges can't
acquire an IP address from DHCP, nor can they make DNS queries to the
DNS server libvirt has setup on the host. (This could be solved by
modifying the default firewalld zone to allow DNS and DHCP, but that
would open *all* interfaces in the default zone to those services,
which is most likely not what the host's admin wants.)
2) Even though libvirt adds iptables rules to allow forwarded traffic
to pass the iptables hook, firewalld's higher level "rich rules" don't
yet have the ability to configure the acceptance of forwarded traffic
(traffic that is going somewhere beyond the host), so any traffic that
needs to be forwarded from guests to the network beyond the host is
rejected during the nftables hook by the default zone's "default
reject" policy (which rejects all traffic in the zone not specifically
allowed by the rules in the zone, whether that traffic is destined to
be forwarded or locally received by the host).
libvirt can't send "direct" nftables rules (firewalld only supports
direct/passthrough rules for iptables), so we can't solve this problem
by just sending explicit nftables rules instead of explicit iptables
rules (which, if it could be done, would place libvirt's rules in the
same hook as firewalld's native rules, and thus eliminate the need for
packets to be accepted by both libvirt's and firewalld's own rules).
However, we can take advantage of a quirk in firewalld zones that have
a default policy of "accept" (meaning any packet that doesn't match a
specific rule in the zone will be *accepted*) - this default accept will
also accept forwarded traffic (not just traffic destined for the host).
Of course we don't want to modify firewalld's default zone in that
way, because that would affect the filtering of traffic coming into
the host from other interfaces using that zone. Instead, we will
create a new zone called "libvirt". The libvirt zone will have a
default policy of accept so that forwarded traffic can pass and list
specific services that will be allowed into the host from guests (DNS,
DHCP, SSH, and TFTP).
But the same default accept policy that fixes forwarded traffic also
causes *all* traffic from guest to host to be accepted. To close this
new hole, the libvirt zone can take advantage of a new feature in
firewalld (currently slated for firewalld-0.7.0) - priorities for rich
rules - to add a low priority rule that rejects all local traffic (but
leaves alone all forwarded traffic).
So, our new zone will start with a list of services that are allowed
(dhcp, dns, tftp, and ssh to start, but configurable via any firewalld
management application, or direct editing of the zone file in
/etc/firewalld/zones/libvirt.xml), followed by a low priority
<reject/> rule (to reject all other traffic from guest to host), and
finally with a default policy of accept (to allow forwarded traffic).
This patch only creates the zonefile for the new zone, and implements
a configure.ac option to selectively enable/disable installation of
the new zone. A separate patch contains the necessary code to actually
place bridge interfaces in the libvirt zone.
Why do we need a configure option to disable installation of the new
libvirt zone? It uses a new firewalld attribute that sets the priority
of a rich rule; this feature first appears in firewalld-0.7.0 (unless
it has been backported to am earlier firewalld by a downstream
maintainer). If the file were installed on a system with firewalld
that didn't support rule priorities, firewalld would log an error
every time it restarted, causing confusion and lots of extra bug
reports.
So we add two new configure.ac switches to avoid polluting the system
logs with this error on systems that don't support rule priorities -
"--with-firewalld-zone" and "--without-firewalld-zone". A package
builder can use these to include/exclude the libvirt zone file in the
installation. If firewalld is enabled (--with-firewalld), the default
is --with-firewalld-zone, but it can be disabled during configure
(using --without-firewalld-zone). Targets that are using a firewalld
version too old to support the rule priority setting in the libvirt
zone file can simply add --without-firewalld-zone to their configure
commandline.
These switches only affect whether or not the libvirt zone file is
*installed* in /usr/lib/firewalld/zones, but have no effect on whether
or not libvirt looks for a zone called libvirt and tries to use it.
NB: firewalld zones can only be added to the permanent config of
firewalld, and won't be loaded/enabled until firewalld is restarted,
so at package install/upgrade time we have to restart firewalld. For
rpm-based distros, this is done in the libvirt.spec file by calling
the %firewalld_restart rpm macro, which is a part of the
firewalld-filesystem package. (For distros that don't use rpm
packages, the command "firewalld-cmd --reload" will have the same
effect).
Signed-off-by: Laine Stump <laine@laine.org>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Support for firewalld is a feature that can be selectively enabled or
disabled (using --with-firewalld/--without-firewalld), not merely
something that must be accounted for in the code if it is present with
no exceptions. It is more consistent with other usage in libvirt to
use WITH_FIREWALLD rather than HAVE_FIREWALLD.
Signed-off-by: Laine Stump <laine@laine.org>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
The driver is unmaintained, untested and severely broken for
quite some time now. Since nobody even reported any issue with it
let us drop it.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Since this is something between PV and HVM, it makes sense to put the
setting in place where domain type is specified.
To enable it, use <os><type machine="xenpvh">xenpvh</type></os>. It is
also included in capabilities.xml, for every supported HVM guest type - it
doesn't seems to be any other requirement (besides new enough Xen).
Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
With the assumption that all Xen >= 4.6 contains a pkgconfig file for
libxenlight, commit 5bdcef13 dropped the fallback check to probe
libxenlight with LIBVIRT_CHECK_LIB. At the time it was not known that
the various Xen pkgconfig files are in the -runtime package in Fedora,
instead of the traditional -devel package. This bug [1] was fixed in
Fedora > 28, but until Fedora 28 reaches EOL we'll need to re-introduce
the fallback check.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1629643
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
The libxl_domain_config_from_json API appeared in Xen 4.5, hence
there is no need to check for its existence after changing the
minimum supported Xen version to 4.6. Remove the check and its
use in the tests.
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Currently the libxl driver claims support for Xen >= 4.4, but
Xen 4.4 and 4.5 are no longer supported upstream. Let's increase
the minimum supported Xen version to 4.6 and change the defined
LIBXL_API_VERSION to 0x040500, which is the API version defined
when Xen 4.6 was released.
Since Xen 4.6 contains a pkgconfig file, drop the now unused code
that falls back to using LIBVIRT_CHECK_LIB in the absence of
pkgconfig file. In addition, bumping the LIBXL_API_VERSION
required adjusting the calls to libxl_set_vcpuaffinity to account
for the extra parameter in the 0x040500 version of the API.
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
This reverts commit 9cf38263d0.
Jansson cannot parse QEMU's quirky JSON.
Revert back to yajl.
https://bugzilla.redhat.com/show_bug.cgi?id=1614569
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
This reverts commit c5ae8e0c2b.
Jansson cannot parse QEMU's quirky JSON.
Revert back to yajl.
https://bugzilla.redhat.com/show_bug.cgi?id=1614569
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
This reverts commit 01ce04375c.
Jansson cannot parse QEMU's quirky JSON.
Revert back to yajl.
https://bugzilla.redhat.com/show_bug.cgi?id=1614569
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
This reverts commit 4dd6054000.
Jansson cannot parse QEMU's quirky JSON.
Revert back to yajl.
https://bugzilla.redhat.com/show_bug.cgi?id=1614569
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Fix saving CFLAGS in LIBVIRT_DRIVER_CHECK_LIBXL - LIBVIRT_CHECK_LIB will
override old_CFLAGS, so use a different name.
Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
We need here libiscsi for the storgae pool backend.
For the iscsi-direct storage pool, only checkPool and refreshPool should
be necessary for basic support.
The pool is state-less and just need the informations within the volume
to work.
Signed-off-by: Clementine Hayat <clem@lse.epita.fr>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Introducing the pool as a noop. Integration inside the build
system. Implementation will be in the following commits.
Signed-off-by: Clementine Hayat <clem@lse.epita.fr>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
The minimal required version is 1.18.0 because the synchrounous function
needed were introduced here.
Signed-off-by: Clementine Hayat <clem@lse.epita.fr>
The proper file that should be included is `sys/xattr.h` as that comes from
`glibc` and not `attr/xattr.h` which ships with the `attr` utility.
We're most probably not the only ones because `attr/xattr.h` added a #warning to
their include resulting in the following compilation errors:
In file included from securityselinuxlabeltest.c:31:0:
/usr/include/attr/xattr.h:5:2: error: #warning "Please change your <attr/xattr.h> includes to <sys/xattr.h>" [-Werror=cpp]
#warning "Please change your <attr/xattr.h> includes to <sys/xattr.h>"
^~~~~~~
In file included from securityselinuxhelper.c:37:0:
/usr/include/attr/xattr.h:5:2: error: #warning "Please change your <attr/xattr.h> includes to <sys/xattr.h>" [-Werror=cpp]
#warning "Please change your <attr/xattr.h> includes to <sys/xattr.h>"
^~~~~~~
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Add a second check for Jansson >= 2.8, which includes
fixes to preserve ordering of object keys.
Use this constant to guard tests that depend on stable ordering.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
If the QEMU driver was requested, require Jansson, since we need to use
the JSON monitor to probe capabilities for all QEMU version supported
by libvirt.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Yajl has not seen much activity upstream recently.
Switch to using Jansson >= 2.5.
All the platforms we target on https://libvirt.org/platforms.html
have a version >= 2.7 listed on the sites below:
https://repology.org/metapackage/jansson/versionshttps://build.opensuse.org/package/show/devel:libraries:c_c++/libjansson
Additionally, Ubuntu 14.04 on Travis-CI has 2.5. Set the requirement
to 2.5 since we don't use anything from newer versions.
Implement virJSONValue{From,To}String using Jansson, delete the yajl
code (and the related virJSONParser structure) and report an error
if someone explicitly specifies --with-yajl.
Also adjust the test data to account for Jansson's different whitespace
usage for empty arrays and tune up the specfile to keep 'make rpm'
working when bisecting.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
With --disable-nls is given we turn off use of gettext in the source
code, but mistakenly still installed the gmo files.
Reported-by: Olaf Hering <olaf@aepfle.de>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
We are building with GnuTLS everywhere because GnuTLS is widely
available. Also, it is desirable to prefer cryptographically
strong PRNG over "/dev/urandom" which is just a fallback.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Ubuntu 14.04 which is not targetted as a supported platform [0]
already has 3.2.11
[0] https://libvirt.org/platforms.html
Signed-off-by: Ján Tomko <jtomko@redhat.com>
This commit adds some checks inside libssh m4 checking to verify if
ssh_get_server_publickey is available. This new function scope replaces
the old ssh_get_publickey() from libssh 0.7.5 and below. Assuming that
some distros are not showing the right version of libssh. This is a
simple way to check which function is available.
Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Just like we allow users overriding path to bridge-helper
detected at compile time we can allow them to override path to
qemu-pr-helper.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
Historically we have relied on autopoint/gettextize to install a
standard po/Makefile.in.in. There is very limited scope for customizing
this and it also causes a bunch of extra stuff to be pulled into
configure.ac which potentially clashes with gnulib. Writing make rules
for po file management is no more difficult than any other rules libvirt
has, so stop using autopoint/gettextize.
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
xend was deprecated in Xen 4.2 and removed from the Xen sources
before the Xen 4.5 release. The last Xen release to contain xend
was Xen 4.4, which was retired upstream in March 2017.
Remove xend support from libvirt since it is unrealistic to use
modern libvirt with ancient Xen.
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Commit 2499d1a0 was too eager and possibly enabled polkit
on all platforms with D-Bus, regardless of whether they use polkit.
Reintroduce the usage of pkcheck as a witness for --with-polkit=check,
but do not require it for --with-polkit=yes.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reported-by: Jiří Denemark <jdenemar@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
After validation against XHTML 1.0 was dropped in f802c9de0,
the XML_CATALOG_FILE is not in use anymore. Therefore the checks in
configure can be removed.
Signed-off-by: Rainer Müller <raimue@codingfarm.de>
Commit 596fc3e389 introduced the ability to detect xenstore
using pkg-config for systems with Xen 4.9, but accidentally broke
detection for all other systems. Fix the logic so that it works
in all cases.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Policy-Kit has been replaced by polkit (referred to, respectively,
as POLKIT0 and POLKIT1 in our Makefiles).
The last build fix with old Policy-Kit was in May 2013:
commit <442eb2ba> and build with -Wunused-label was broken
since April 2016: commit <8437130>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Since Xen 4.9 a pkgconfig file exists to gather info about building
against libxenstore.so. Use it if available.
Signed-off-by: Olaf Hering <olaf@aepfle.de>
As a general rule any time we switch() on something that is an enum, we
want to have a case for every enum constant. The -Wswitch warning will
report any switch where we've violated this rule, except if that switch
has a default case.
Unfortunately it is reasonable to want to list all enum constants *and*
also have a default case. To get a warning in that scenario requires
that we turn on -Wswitch-enum.
In a few cases where we explicitly don't want to list all enum cases, we
can discard the enum type checking by casting the value to a plain int.
Reviewed-by: John Ferlan <jferlan@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
The -Wextra flag bundle gained a new warning -Wcast-function-type.
This complains if you cast between two function prototypes where
the number of parameters or their data types are not compatible.
Unfortunately we need such "bad" function casts for our event
callbacks. It is possible to silence the warning by first casting
to the generic "void (*)(void)" function prototype, but that is
rather ugly to add throughout libvirt code.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Undefined symbols are a bad thing in general because they can get
resolved in unexpected ways at runtime if multiple sources provide the
same symbol name. For example both glibc and libtirpc may provide XDR
symbols and we want to ensure that we resolve to libtirpc if that's what
we originally built against.
The toolchain maintainers thus strongly recommend that all applications
use the '-z defs' linker flag to prevent undefined symbols. This is
shortly becoming part of the default linker flags for RPMs. As an added
benefit this aligns Linux builds with Windows builds, where the linker
has never permitted undefined symbols.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Since
commit eee7bd4ecb
Author: Joao Martins <joao.m.martins@oracle.com>
Date: Tue Jul 26 00:45:14 2016 +0100
libxl: implement virDomainBlockStats
Introduce initial support for domainBlockStats API
the libxl driver calls a couple of xenstore APIs, so it must explicitly
link to this library rather than rely on indirect linkage via libxl or
other xen libraries.
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
After the latest CPU additions, the build fails with clang:
cputest.c:905:1: error: stack frame size of 26136 bytes
in function 'mymain' [-Werror,-Wframe-larger-than=]
Raise the relaxed limit which is used for tests.
Apparently we can't assume that people run readline recent enough
to have rl_completion_quote_character (added in readline-5.0
released in 2011). However, we can't compile without it. So if
not present, disable readline.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Due to the way that check logic was written we basically enabled
bash completion whenever readline was enabled. This is not right
because it made bash-completion pkg-config module required.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
The only purpose of this file is to be sourced. After that one
can use completion even for their bash:
# virsh list --<TAB><TAB>
--all --inactive ...
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
After b4f7793ce2, qemuxml2xmltest has apparently become big enough
to trigger a compilation error when using --enable-test-coverage on
aarch64:
CC qemuxml2xmltest.o
qemuxml2xmltest.c: In function 'mymain':
qemuxml2xmltest.c:1216:1: error: const/copy propagation disabled: 4361 basic blocks and 99285 registers [-Werror=disabled-optimization]
}
^
qemuxml2xmltest.c:1216:1: error: PRE disabled: 4361 basic blocks and 99285 registers [-Werror=disabled-optimization]
qemuxml2xmltest.c:1216:1: error: const/copy propagation disabled: 4361 basic blocks and 99285 registers [-Werror=disabled-optimization]
qemuxml2xmltest.c:1216:1: error: const/copy propagation disabled: 4361 basic blocks and 99285 registers [-Werror=disabled-optimization]
However, as the GCC documentation states, this warning is not really
caused by issues in our code, so it makes sense to disable it.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
3 out of 4 uses of gl_WARN_ADD() were incorrectly adding "" around
the argument, which in turn resulted in the argument being used
unquoted (configure had gl_positive=""-fstack-protector-all"",
rather than the intended gl_positive="-fstack-protector-all").
Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
When building libvirt with clang we get bogus warnings about
'double' being promoted to 'long double' when calling isnan().
https://bugzilla.redhat.com/show_bug.cgi?id=1472437
Detect this broken isnan() / compiler combination and disable
the -Wdouble-promotion flag.
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
The libxl library allows a libxl_domain_config object to be serialized
from/to a JSON string. Use this to allow testing of the XML to
libxl_domain_config conversion process. Test XML is converted to
libxl_domain_config, which is then serialized to json. A json template
corresponding to the test XML is converted to a libxl_domain_config
object using libxl_domain_config_from_json(), and then serialized
back to json using libxl_domain_config_to_json(). The two json
docs are then compared.
Using libxl to convert the json template to a libxl_domain_config
object and then back to json provides a simple way to account for
any changes or additions to the json representation across Xen
releases.
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
[update to v3.5.0-rc1, improve error reporting, use /bin/true emulator]
Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
We already require libxml to be installed, so it is not unreasonable
to require xmllint and xsltproc to be installed too - any platform
with the former will have the latter too.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
The HTML pages are currently validated against an XHTML 1.0 DTD.
This makes it impossible to take advantage of features that are
introduced in HTML 5, because they'll fail validation.
There is intentionally no DTD defined for HTML 5, so there's no
alternative to XHTML 1.0 DTD that we could switch to. The only
options are to stick with XHTML 1.0 forever, or drop the DTD
validation, and we pick the latter.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Driver modules proved to be reliable for a long time. Since support for
not building modules complicates the code and makefiles drop it.
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
GCC 7.1 introduces a new -Wformat-truncation warning
flag that reports if it thinks the maximum possible
size of the formatted output will exceed the provided
fixed buffer. This is enabled automatically by the
-Wformat warning flag. There are quite a few places
hit by this in libvirt which need rewriting. This is
non-trivial work in some places, so temporarily
disable the new warning until those fixes can be
implemented.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Depending on the platform/architecture, a number of conditionals
in libvirt code expand the same on both branches. This is expected
behaviour and harmless, so disable the warning to avoid creating
unexpected build failures
Two examples, mingw32:
../../src/util/vircommand.c: In function 'virCommandWait':
../../src/util/vircommand.c:2562:51: error: this condition has identical branches [-Werror=duplicated-branches]
*exitstatus = cmd->rawStatus ? status : WEXITSTATUS(status);
^
and gcc7.1
In file included from util/virobject.c:28:0:
util/virobject.c: In function 'virClassNew':
util/viratomic.h:176:46: error: this condition has identical branches [-Werror=duplicated-branches]
(void)(0 ? *(atomic) ^ *(atomic) : 0); \
^
util/virobject.c:144:20: note: in expansion of macro 'virAtomicIntInc'
klass->magic = virAtomicIntInc(&magicCounter);
^~~~~~~~~~~~~~~
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
When building with clang 4.0.0, virsh build fails like this:
gmake[3]: Entering directory '/usr/home/novel/code/libvirt/tools'
CC virsh-virsh.o
In file included from virsh.c:45:
In file included from /usr/local/include/readline/readline.h:31:
/usr/local/include/readline/rltypedefs.h:35:22: error: this function declaration is not a prototype [-Werror,-Wstrict-prototypes]
typedef int Function () __attribute__ ((deprecated));
^
void
/usr/local/include/readline/rltypedefs.h:36:24: error: this function declaration is not a prototype [-Werror,-Wstrict-prototypes]
typedef void VFunction () __attribute__ ((deprecated));
^
void
/usr/local/include/readline/rltypedefs.h:37:26: error: this function declaration is not a prototype [-Werror,-Wstrict-prototypes]
typedef char *CPFunction () __attribute__ ((deprecated));
^
void
/usr/local/include/readline/rltypedefs.h:38:28: error: this function declaration is not a prototype [-Werror,-Wstrict-prototypes]
typedef char **CPPFunction () __attribute__ ((deprecated));
^
void
In file included from virsh.c:45:
/usr/local/include/readline/readline.h:385:23: error: this function declaration is not a prototype [-Werror,-Wstrict-prototypes]
extern int rl_message ();
^
void
5 errors generated.
gmake[3]: *** [Makefile:2823: virsh-virsh.o] Error 1
Fix that by adding -D_FUNCTION_DEF to READLINE_CFLAGS to fix *Function
related warnings and add a check for stdarg.h so we have HAVE_STDARG_H
defined that's needed by the readline headers to use proper rl_message
declaration.
Bug report on the readline mailing list:
http://lists.gnu.org/archive/html/bug-readline/2017-05/msg00004.html
This commit fixes an acl missing variable. The virt-acl.m4 inside the
macro directory does not contain the variable 'with_acl'. So, it is
being set as an empty string "with_acl=''". This is causing a missing
option during the configuration, even if you have acl libs installed.
Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
The recently added sanlock_strerror function can be used to translate
sanlock's numeric errors into human readable strings.
https://bugzilla.redhat.com/show_bug.cgi?id=1409511
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
If building libvirt against Ubuntu precise, the librbd.h is lacking
many functions that libvirt expects. We have no version check, so
we were enabling RBD even though it cannot compile. This configure
check uses existance of 'rbd_get_features' as an identifier for the
min required version.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Introduce STRICT_FRAME_LIMIT_CFLAGS that will be used for
production code and RELAXED_FRAME_LIMIT_CFLAGS for tests.
Raising the limit for tests allows building them with clang
with optimizations disabled.
The 'fs' backend m4 code was copied, but one of the condition were not
changed which resulted into:
configure: Gluster: yes
configure: ZFS: yes
configure: Virtuozzo storage: check
Make the code turn on the virtuozzo driver automatically if the tools
are found.
Added general definitions for vstorage pool backend including
the build options to add --with-storage-vstorage checking.
In order to use vstorage as a backend for a storage pool
vstorage tools (vstorage and vstorage-mount) need to be installed.
Signed-off-by: Olga Krishtal <okrishtal@virtuozzo.com>
The plugin depends on more modules than we currently check for,
i.e. network driver and yajl library.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
LIBVIRT_ARG_WITH_ALT is more generic than LIBVIRT_ARG_WITH, which
is tailored at switching features on and off.
Rename the macros according to their intended purpose, and add
some documentation to help developers pick between the two.
Commit 943ddcb712 partially fixed this bug in gnutls configure code.
However we also need to backup and modify CFLAGS and do if for
AC_CHECK_HEADERS as well.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Sigh, autoconf has AC_CHECK_FUNC and AC_CHECK_FUNCS and both check
whether some function exists or not. However in addition to the obvious
difference that the later is able to check multiple functions it also
defines HAVE_FUNCTION_NAME for each function.
Commit 680d2f49da moved the code to separate file, but also blindly
changed the macro to AC_CHECK_FUNC without confronting the
documentation.
Reported-by: John Ferlan <jferlan@redhat.com>
<https://www.redhat.com/archives/libvir-list/2016-December/msg01086.html>
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Introduced by commit 25034b3c40 and reused by commit 4519e94b74.
This patch silences warning printed by configure:
configure: WARNING: unrecognized options: --with-qemu-user
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
The bug was introduced by commit 08c2d1480b. The string must be quoted
because it is used as function argument.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Pkg-config file libxml-2.0.pc was introduced in libxml2-2.2.4 and we
require at least 2.6.0 so the crazy xml2-config check can be dropped.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
This allows to use two or more LIBVIRT_CHECK_(LIB|LIB_ALT|PKG) macros
for one library. For example, when we check for existence of
pgk-config file of some library and we know that not all versions of
that library that libvirt requires provides this file, we can fallback
to use library check.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Usage of AC_REQUIRE will mess with order how LIBVIRT_CHECK_* macros
are composed into configure.ac. This ensures that the output of
configure --help is properly ordered and grouped into sections.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Following patch will update LIBVIRT_CHECK_(LIB|LIB_ALT|PKG) macros in
a way that you will be able to call a another macro as a fallback if
the first one fails. To allow that, we need to move the
LIBVIRT_ARG_WITH out of those macro to not have two or more same lines
in output of "configure --help".
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
All checks that prints result at the end of configure uses
LIBVIRT_RESULT_${CHECK_NAME}. Create those macros for remaining check.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
The *header_name* cannot be quoted, otherwise it is not translated to
the passed argument. Without this fix the generated configure contains
*ac_cv_header_header_name*, but there should be for example
*ac_cv_header_sals_sasl_h* for "sasl/sasl.h".
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Implement a new libssh transport, which uses libssh to communicate with
remote hosts, and add all the build system stuff (search of libssh,
private symbols, etc) to built it.
This new transport supports all the common ssh authentication methods,
making use of libvirt's auth callbacks for interaction with the user.
${exec_prefix} and ${prefix} point to the same directory in
most setups, but when that's not the case the former should
be used for architecture-dependent data such as shared objects,
which makes it the best fit for our Wireshark dissector.
While at it, change all uses of $(var) to ${var}: they are
absolutely identicaly as far as make's concerned, but autoconf
itself seems to prefer the latter form so we might as well
follow suit.
We only need to strip $ws_prefix from $ws_plugindir if we've
retrieved it from pkg-config: if we're building it ourselves
from $libdir, we can just use it without further processing.
This fixes a build issue with old gnutls.
Broken by commit 680d2f49da.
Reported-by: Olga Krishtal <okrishtal@virtuozzo.com>
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Commit d8a8af3492 changed the minimal required version of gnutls
so it's safe to remove the code for older versions.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Since we're using autoconf to substitute the right value in
Makefile.am now, we can use a less generic name without running
into circular dependencies.