The libvirt.so library has far too many library deps to allow
linking against it from setuid programs. Those libraries can
do stuff in __attribute__((constructor) functions which is
not setuid safe.
The virt-login-shell needs to link directly against individual
files that it uses, with all library deps turned off except
for libxml2 and libselinux.
Create a libvirt-setuid-rpc-client.la library which is linked
to by virt-login-shell. A config-post.h file allows this library
to disable all external deps except libselinux and libxml2.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit 3e2f27e13b)
The gnulib testsuite is relatively stable - the only times it is
likely to have a test change from pass to fail is on a gnulib
submodule update or a major system change (such as moving from
Fedora 18 to 19, or other large change to libc). While it is an
important test for end users on arbitrary machines (to make sure
that the portability glue works for their machine), it mostly
wastes time for development testing (as most developers aren't
making any of the major changes that would cause gnulib tests
to alter behavior). Thus, it pays to make the tests optional
at configure time, defaulting to off for development, on for
tarballs, with autobuilders requesting it to be on. It also
helps to allow a make-time override, via VIR_TEST_EXPENSIVE=[01]
(much the way automake sets up V=[01] for overriding the configure
time default of how verbose to be).
Automake has some pretty hard-coded magic with regards to the
TESTS variable; I had quite a job figuring out how to keep
'make distcheck' passing regardless of the configure option
setting in use, while still disabling the tests at runtime
when I did not configure them on and did not use the override
variable. Thankfully, we require GNU make, which lets me
hide some information from Automake's magic handling of TESTS.
* bootstrap.conf (bootstrap_epilogue): Munge gnulib test variable.
* configure.ac (--enable-expensive-tests): Add new enable switch.
(VIR_TEST_EXPENSIVE_DEFAULT, WITH_EXPENSIVE_TESTS): Set new
witnesses.
* gnulib/tests/Makefile.am (TESTS): Make tests conditional on
configure settings and the VIR_TEST_EXPENSIVE variable.
* tests/Makefile.am (TESTS_ENVIRONMENT): Expose VIR_TEST_EXPENSIVE
to all tests.
* autobuild.sh: Enable all tests during autobuilds.
* libvirt.spec.in (%configure): Likewise.
* mingw-libvirt.spec.in (%mingw_configure): Likewise.
* docs/hacking.html.in: Document the option.
* HACKING: Regenerate.
Signed-off-by: Eric Blake <eblake@redhat.com>
'make syntax-check' warned that gnulib's copyright is now out of date.
* .gnulib: Update to latest, for copyright year bump.
* gnulib/local/m4/ssize_t.m4.diff: Regenerate.
* bootstrap: Synchronize from upstream.
Building a fresh checkout on RHEL 5 has been broken since commit
29db7a00, due to a gnulib regression in the bootstrap script
(incremental builds from a checkout earlier than that point were
okay, though).
* .gnulib: Update to latest, for bootstrap fixes.
* bootstrap: Resync from gnulib.
* gnulib/local/top/maint.mk.diff: Drop patch that was added
upstream in the meantime.
We are so close to a release that we don't want to pull in a
gnulib submodule update and risk regressions, since there has
been a lot of other gnulib churn upstream. However, there are
a couple of gnulib issues that are worth fixing in isolation,
by applying local patches to gnulib.
There was an upstream gnulib bug in maint.mk that rendered most
of our syntax checks ineffective (and fixing it flushed out a
minor bug in our code):
https://lists.gnu.org/archive/html/bug-gnulib/2012-03/msg00194.html
There is still an upstream bug where gnulib uses the wrong type
for ssize_t on mingw; we need the fix now even though it has not
yet been accepted into gnulib:
https://lists.gnu.org/archive/html/bug-gnulib/2012-03/msg00188.html
* gnulib/local/top/maint.mk.diff: Pick up upstream gnulib
maint.mk.
* gnulib/local/m4/ssize_t.m4.diff: Work around gnulib bug.
* src/libvirt.c: Remove unused header.
* cfg.mk
(exclude_file_name_regexp--sc_prohibit_empty_lines_at_EOF): Exempt
gnulib local files.
* .gnulib: Update to latest, for improved 'make syntax-check' and
compiler warnings.
* m4/virt-compile-warnings.m4 (LIBVIRT_COMPILE_WARNINGS):
Re-silence -Wformat-nonliteral.
* cfg.mk (_test_script_regex): Recognize our test scripts.
* gnulib/local/lib/*.diff: Drop, now that gnulib has this.
* tests/virsh-optparse: Fix use of compare.
* tests/virsh-schedinfo: Likewise.
Commit f7bd00c12 pulled in a gnulib module that fails to compile
on mingw. Work around it while waiting for an upstream gnulib fix.
* gnulib/local/lib/pty.in.h (openpty): Provide forward
declarations of opaque structs not present on mingw.
* gnulib/local/lib/openpty.c (openpty): Provide stub for mingw.
Gettext annoyingly modifies CPPFLAGS in-place, putting
-I/usr/local/include into the search patch if libintl headers
must be used from that location. But since we must support
automake 1.9.6 which lacks AM_CPPFLAGS, and since CPPFLAGS is used
prior to INCLUDES, this means that the build picks up the _old_
installed libvirt.h in priority to the in-tree version, leading
to all sorts of weird build failures on FreeBSD.
Fix this by teaching configure to undo gettext's actions, but
to keep any changes required by gettext at the end of INCLUDES
after all in-tree locations are used first. Also requires
adding a wrapper Makefile.am and making gnulib-tool create
just gnulib.mk files during the bootstrap process.
Signed-off-by: Eric Blake <eblake@redhat.com>
This makes it so we record (via a git submodule)
a snapshot of whatever version of gnulib we're using,
and none of gnulib sources are in the libvirt repository.
The result is that we have as much reproducibility as when
we version-controlled imported copies of the gnulib sources,
but without the hassle of the manual process we used when
syncing with upstream.
Note that when you clone libvirt, you get only the libvirt
repository, but when you first run ./bootstrap, it clones
gnulib (at the SHA1 recorded via the submodule), creating
the .gnulib/ hierarchy. Then, the bootstrap script runs
gnulib-tool to populate gnulib/ with the files that make
up the selected modules.
Put the following in your ~/.gitconfig file.
[alias]
syncsub = submodule foreach git pull origin master
The update procedure is simple:
git syncsub
...build & test...
git commit -m 'gnulib: sync submodule to latest' .gnulib
* .gitmodules: New file.
* .gnulib: Initialize.
* bootstrap: Set up to use the new submodule.
Stop using --no-vc-files.
Don't remove .gitignore files.
Don't use or create .cvsignore.
Diagnose an invalid --gnulib-srcdir=DIR argument.
* build-aux/vc-list-files: Delete file, now pulled from gnulib.
* build-aux/useless-if-before-free: Likewise.
* po/POTFILES.in: Remove gnulib/lib/gai_strerror.c, since
it no longer contains translatable strings.
* gnulib/*: Remove gnulib/ hierarchy.
* .cvsignore: Don't ignore *.orig or *.rej. They're not build products.
Don't ignore the entire m4 directory.
* Makefile.maint (sync-vcs-ignore-files): Correct quoting.
Use sed rather than a for loop.
Search only version-controled files (for reproducibility)
* gnulib/lib/netinet/.cvsignore: Append missing newline-at-EOF,
so that the use of sed doesn't mistakenly concatenate lines.
* gnulib/lib/sys/.cvsignore: Likewise.
* m4/.cvsignore: Ignore acinclude.m4 and aclocal.m4, not *.m4.
* .hgignore: Regenerate.
* all .gitignore files: Regenerate.
* gnulib/m4/multiarch.m4: New file.
* gnulib/m4/hostent.m4: New file.
* gnulib/m4/servent.m4: New file.
* .x-sc_prohibit_gethostby: Exempt all gnulib/m4/* files, so
hostent.m4's uses of gethostbyname and gethostbyaddr do not
trigger a "make syntax-check" failure.
* bootstrap: Invoke gnulib-tool with its --no-vc-files
option, since we version-control the files it imports.
This tells it not to mark imported files as cvs-ignored.
(modules): Add ioctl.
* gnulib/lib/ioctl.c: New file.
* gnulib/lib/sys_ioctl.in.h: New file.
* gnulib/tests/sys_ioctl.in.h: Removed.
* gnulib/tests/ioctl.c: Removed.
* gnulib/lib/Makefile.am: Update.
* gnulib/m4/gnulib-cache.m4: Likewise.
* gnulib/m4/gnulib-comp.m4: Likewise.
* gnulib/tests/Makefile.am: Likewise.
* gnulib/lib/.cvsignore: Ignore sys_ioctl.h.
* gnulib/lib/.gitignore: Regenerate.
* gnulib/lib/lstat.c: Include <sys/stat.h> *before* the use of stat in
orig_stat. Otherwise, on mingw (which lacks lstat), any program using
the lstat module would not get the redefinition-to-stat provided by
gnulib's sys/stat.h. Reported by Daniel P. Berrange.
* Makefile.maint (sync-vcs-ignore-files): New target.
Prompted by a patch from James Morris.
http://thread.gmane.org/gmane.comp.emulators.libvirt/8619/focus=8773
Add all (now-generated) .gitignore files.
* .gitignore: New file.
* build-aux/.gitignore: New file.
* docs/.gitignore: New file.
* docs/devhelp/.gitignore: New file.
* docs/examples/.gitignore: New file.
* docs/examples/python/.gitignore: New file.
* gnulib/lib/.gitignore: New file.
* gnulib/lib/arpa/.gitignore: New file.
* gnulib/lib/netinet/.gitignore: New file.
* gnulib/lib/sys/.gitignore: New file.
* gnulib/tests/.gitignore: New file.
* include/.gitignore: New file.
* include/libvirt/.gitignore: New file.
* po/.gitignore: New file.
* proxy/.gitignore: New file.
* python/.gitignore: New file.
* python/tests/.gitignore: New file.
* qemud/.gitignore: New file.
* src/.gitignore: New file.
* tests/.gitignore: New file.
* tests/confdata/.gitignore: New file.
* tests/sexpr2xmldata/.gitignore: New file.
* tests/virshdata/.gitignore: New file.
* tests/xencapsdata/.gitignore: New file.
* tests/xmconfigdata/.gitignore: New file.
* tests/xml2sexprdata/.gitignore: New file.
* bootstrap (modules): Add mkstemp.
The remainder of these changes are the result of running
./bootstrap, adding new files, and committing the result.
* gnulib/lib/gettimeofday.c: New file.
* gnulib/lib/mkstemp.c: New file.
* gnulib/lib/tempname.c: New file.
* gnulib/lib/tempname.h: New file.
* gnulib/m4/gettimeofday.m4: New file.
* gnulib/m4/mkstemp.m4: New file.
* gnulib/m4/tempname.m4: New file.
* gnulib/tests/test-gettimeofday.c: New file.
* gnulib/lib/Makefile.am: Update.
* gnulib/m4/gnulib-cache.m4: Likewise.
* gnulib/m4/gnulib-comp.m4: Likewise.
* gnulib/m4/inet_pton.m4: Likewise.
* gnulib/tests/Makefile.am: Likewise.
Use inet_pton instead; pull in gnulib's module by the same name.
* src/network_conf.c (virNetworkDefParseXML): Use inet_pton,
rather than inet_aton.
* bootstrap (modules): Add inet_pton.
* gnulib/lib/inet_pton.c: New file, from gnulib.
* tests/Makefile.am (test_scripts): Add vcpupin.
(EXTRA_DIST): Add test-lib.sh.
* tests/test-lib.sh: Testing framework, from coreutils.
* tests/vcpupin: New file.
* build-aux/mktempd: New file, from gnulib.
* bootstrap: Add posix-shell and mktempd to the list of imported modules.
* gnulib/m4/posix-shell.m4: New file, from gnulib.
* bootstrap (gnulib_tool): Add useless-if-before-free to
the list of modules.
* build-aux/useless-if-before-free: Update from gnulib.
* gnulib/lib/vasnprintf.c: Work around a bug in HPUX 10.20.
* gnulib/m4/vasnprintf.m4: Likewise.
* configure.in: xdr functions may require -lxdr.
* configure.in, src/Makefile.am: Extra linking flags for
building libvirt DLL.
* src/socketcompat.h: Hide Windows Winsock incompatibilities
in a separate header file.
* src/remote_internal.c: Switch to using socketcompat.h /
socket_errno().
* src/test.c: Switch to using socketcompat.h.
* gnulib/lib/arpa/.cvsignore: Ignore another generated file.
* src/qparams.c: Include <config.h>.