diff --git a/0001-Always-set-earlyprintk-kernel-arg.patch b/0001-Always-set-earlyprintk-kernel-arg.patch deleted file mode 100644 index 90fb2b5..0000000 --- a/0001-Always-set-earlyprintk-kernel-arg.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 3f8e0892b012f6f94296d99ed5ac3340d53c7e4b Mon Sep 17 00:00:00 2001 -From: "Daniel P. Berrange" -Date: Mon, 30 Sep 2013 15:13:06 +0100 -Subject: [PATCH] Always set earlyprintk kernel arg - -If the initrd fails and prints to stderr, this goes to /dev/null -unless earlyprintk is enabled. We always want to see initrd -errors, so we should always have earlyprintk set. - -Signed-off-by: Daniel P. Berrange -(cherry picked from commit b14ce17bb357d5b7f99562c91dafb521f6985b40) ---- - libvirt-sandbox/libvirt-sandbox-builder-machine.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/libvirt-sandbox/libvirt-sandbox-builder-machine.c b/libvirt-sandbox/libvirt-sandbox-builder-machine.c -index 6b9b506..fd945c7 100644 ---- a/libvirt-sandbox/libvirt-sandbox-builder-machine.c -+++ b/libvirt-sandbox/libvirt-sandbox-builder-machine.c -@@ -204,10 +204,10 @@ static gchar *gvir_sandbox_builder_machine_cmdline(GVirSandboxConfig *config G_G - gchar *tmp; - - /* Now kernel args */ -- g_string_append(str, " console=ttyS0"); -+ g_string_append(str, " console=ttyS0 earlyprintk=ttyS0"); - if (getenv("LIBVIRT_SANDBOX_DEBUG") && - g_str_equal(getenv("LIBVIRT_SANDBOX_DEBUG"), "2")) -- g_string_append(str, " debug loglevel=10 earlyprintk=ttyS0"); -+ g_string_append(str, " debug loglevel=10"); - else - g_string_append(str, " quiet loglevel=0"); - diff --git a/0002-Don-t-overmount-root-in-QEMU-sandboxes.patch b/0002-Don-t-overmount-root-in-QEMU-sandboxes.patch deleted file mode 100644 index be9ff8b..0000000 --- a/0002-Don-t-overmount-root-in-QEMU-sandboxes.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 03f5a7eca1dd77a00cf51c9675ebfb6d5d2a1164 Mon Sep 17 00:00:00 2001 -From: "Daniel P. Berrange" -Date: Tue, 1 Oct 2013 13:51:34 +0100 -Subject: [PATCH] Don't overmount '/root' in QEMU sandboxes - -If the user wants to replace '/root' they can do that -explicitly. Don't overmount it ourselves. This fixes -an inconsistency between LXC & QEMU setups. - -Signed-off-by: Daniel P. Berrange -(cherry picked from commit 6ae67143e69f435b564164bfa67a174be7bc9702) ---- - libvirt-sandbox/libvirt-sandbox-init-qemu.c | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/libvirt-sandbox/libvirt-sandbox-init-qemu.c b/libvirt-sandbox/libvirt-sandbox-init-qemu.c -index f09c6d9..079f83f 100644 ---- a/libvirt-sandbox/libvirt-sandbox-init-qemu.c -+++ b/libvirt-sandbox/libvirt-sandbox-init-qemu.c -@@ -284,7 +284,6 @@ main(int argc ATTR_UNUSED, char **argv ATTR_UNUSED) - /* Main special filesystems */ - mount_other("/dev", "tmpfs", 0755); - mount_other_opts("/dev/pts", "devpts", "gid=5,mode=620,ptmxmode=000", 0755); -- mount_other("/root", "tmpfs", 0755); - mount_other("/sys", "sysfs", 0755); - mount_other("/proc", "proc", 0755); - //mount_other("/selinux", "selinuxfs", 0755); diff --git a/0003-Fix-inverted-strcmp-test-in-mount-options-for-QEMU.patch b/0003-Fix-inverted-strcmp-test-in-mount-options-for-QEMU.patch deleted file mode 100644 index 4858976..0000000 --- a/0003-Fix-inverted-strcmp-test-in-mount-options-for-QEMU.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 031ffd3124ece5e14e210bde5b437032f5bf2913 Mon Sep 17 00:00:00 2001 -From: "Daniel P. Berrange" -Date: Tue, 1 Oct 2013 13:52:36 +0100 -Subject: [PATCH] Fix inverted strcmp test in mount options for QEMU - -The QEMU init binary intended to set nosuid & nodev on any -tmpfs filesystem. Due to a backwards strcmp test, it set -those flaws on everything except tmpfs. - -Signed-off-by: Daniel P. Berrange -(cherry picked from commit 8234b949106190f7df4c5b500c1520611eb8a603) ---- - libvirt-sandbox/libvirt-sandbox-init-qemu.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/libvirt-sandbox/libvirt-sandbox-init-qemu.c b/libvirt-sandbox/libvirt-sandbox-init-qemu.c -index 079f83f..b7e4c6f 100644 ---- a/libvirt-sandbox/libvirt-sandbox-init-qemu.c -+++ b/libvirt-sandbox/libvirt-sandbox-init-qemu.c -@@ -382,7 +382,7 @@ main(int argc ATTR_UNUSED, char **argv ATTR_UNUSED) - else - mount_mkfile(target, 644); - } else { -- if (strcmp(type, "tmpfs")) -+ if (strcmp(type, "tmpfs") == 0) - flags |= MS_NOSUID | MS_NODEV; - - mount_mkdir(target, 0755); diff --git a/0004-Force-9p-version-to-version-9p2000.u.patch b/0004-Force-9p-version-to-version-9p2000.u.patch deleted file mode 100644 index 41a3455..0000000 --- a/0004-Force-9p-version-to-version-9p2000.u.patch +++ /dev/null @@ -1,48 +0,0 @@ -From b20c8945af5a5ce248c2acd895be2812965fd6bd Mon Sep 17 00:00:00 2001 -From: "Daniel P. Berrange" -Date: Tue, 1 Oct 2013 13:54:10 +0100 -Subject: [PATCH] Force 9p version to version=9p2000.u - -With 9p version=9p2000.L, we tickle two bugs in QEMU's code. - -One breaks most calls with ENODEV on FS_IOC_GETVERSION ioctls. - -The other breaks xattr checks due to inverted errno. - -In addition with 9p2000.L we see extra permission checks -on dirs, which prevents the guest from over-mounting dirs -like /root that are restricted on the user running QEMU. - -Signed-off-by: Daniel P. Berrange -(cherry picked from commit f4087aa0e993f59772d3bda53038888af7f43b5e) ---- - libvirt-sandbox/libvirt-sandbox-builder-machine.c | 2 +- - libvirt-sandbox/libvirt-sandbox-init-qemu.c | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/libvirt-sandbox/libvirt-sandbox-builder-machine.c b/libvirt-sandbox/libvirt-sandbox-builder-machine.c -index fd945c7..db5ceaa 100644 ---- a/libvirt-sandbox/libvirt-sandbox-builder-machine.c -+++ b/libvirt-sandbox/libvirt-sandbox-builder-machine.c -@@ -274,7 +274,7 @@ static gboolean gvir_sandbox_builder_machine_write_mount_cfg(GVirSandboxConfig * - if (GVIR_SANDBOX_IS_CONFIG_MOUNT_HOST_BIND(mconfig)) { - source = g_strdup_printf("sandbox:mount%zu", nHostBind++); - fstype = "9p"; -- options = g_strdup("trans=virtio"); -+ options = g_strdup("trans=virtio,version=9p2000.u"); - } else if (GVIR_SANDBOX_IS_CONFIG_MOUNT_HOST_IMAGE(mconfig)) { - source = g_strdup_printf("vd%c", (char)('a' + nHostImage++)); - fstype = "ext3"; -diff --git a/libvirt-sandbox/libvirt-sandbox-init-qemu.c b/libvirt-sandbox/libvirt-sandbox-init-qemu.c -index b7e4c6f..f72148a 100644 ---- a/libvirt-sandbox/libvirt-sandbox-init-qemu.c -+++ b/libvirt-sandbox/libvirt-sandbox-init-qemu.c -@@ -165,7 +165,7 @@ mount_9pfs(const char *src, const char *dst, int mode, int readonly) - if (readonly) - flags |= MS_RDONLY; - -- if (mount(src, dst, "9p", flags, "trans=virtio") < 0) { -+ if (mount(src, dst, "9p", flags, "trans=virtio,version=9p2000.u") < 0) { - fprintf(stderr, "libvirt-sandbox-init-qemu: %s: cannot mount %s on %s (9p): %s\n", - __func__, src, dst, strerror(errno)); - exit_poweroff(); diff --git a/0005-S-is-not-supported-by-virt-sandbox.patch b/0005-S-is-not-supported-by-virt-sandbox.patch deleted file mode 100644 index b6c46b2..0000000 --- a/0005-S-is-not-supported-by-virt-sandbox.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 2844b51b153cd326246a1ba155be1df743034f2d Mon Sep 17 00:00:00 2001 -From: Dan Walsh -Date: Thu, 15 Aug 2013 07:56:46 -0400 -Subject: [PATCH] -S is not supported by virt-sandbox - --S option has been removed from virt-sandbox, should be removed from man page. - -(cherry picked from commit 43f348a9a8d96dfa145a7883bed9fc6b1deca683) ---- - bin/virt-sandbox.c | 2 -- - 1 file changed, 2 deletions(-) - -diff --git a/bin/virt-sandbox.c b/bin/virt-sandbox.c -index b51465d..f6c011b 100644 ---- a/bin/virt-sandbox.c -+++ b/bin/virt-sandbox.c -@@ -263,8 +263,6 @@ virt-sandbox - Run cmd under a virtual machine sandbox - - virt-sandbox [OPTIONS...] COMMAND [CMDARG1 [CMDARG2 [...]]] - --virt-sandbox [OPTIONS...] -S -- - =head1 DESCRIPTION - - Run the C application within a tightly confined virtual machine. The diff --git a/libvirt-sandbox.spec b/libvirt-sandbox.spec index 9878271..5327778 100644 --- a/libvirt-sandbox.spec +++ b/libvirt-sandbox.spec @@ -1,37 +1,31 @@ # -*- rpm-spec -*- -%define with_tcg 1 -%define with_kvm 1 +%define with_qemu 1 # RHEL does not provide the 9p.ko kernel module # nor the virtio-9p KVM backend driver. %if 0%{?rhel} -%define with_tcg 0 -%define with_kvm 0 +%define with_qemu 0 %endif %define libvirt_version 1.0.2 Name: libvirt-sandbox -Version: 0.5.0 -Release: 3%{?dist}%{?extra_release} +Version: 0.5.1 +Release: 1%{?dist}%{?extra_release} Summary: libvirt application sandbox framework Group: Development/Tools License: LGPLv2+ URL: http://libvirt.org/ Source0: ftp://libvirt.org/libvirt/sandbox/%{name}-%{version}.tar.gz -Patch1: 0001-Always-set-earlyprintk-kernel-arg.patch -Patch2: 0002-Don-t-overmount-root-in-QEMU-sandboxes.patch -Patch3: 0003-Fix-inverted-strcmp-test-in-mount-options-for-QEMU.patch -Patch4: 0004-Force-9p-version-to-version-9p2000.u.patch -Patch5: 0005-S-is-not-supported-by-virt-sandbox.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: libvirt-gobject-devel >= 0.1.7 BuildRequires: gobject-introspection-devel BuildRequires: glibc-static BuildRequires: /usr/bin/pod2man BuildRequires: intltool +BuildRequires: libselinux-devel BuildRequires: glib2-devel >= 2.32.0 Requires: rpm-python # For virsh lxc-enter-namespace command @@ -45,13 +39,12 @@ Requires: %{name}-libs = %{version}-%{release} Group: Development/Libraries Summary: libvirt application sandbox framework libraries # So we get the full libvirtd daemon, not just client libs -%ifarch %{ix86} x86_64 -%if %{with_kvm} +%if %{with_qemu} + %ifarch %{ix86} x86_64 Requires: libvirt-daemon-kvm >= %{libvirt_version} -%endif -%endif -%if %{with_tcg} + %else Requires: libvirt-daemon-qemu >= %{libvirt_version} + %endif %endif Requires: libvirt-daemon-lxc >= %{libvirt_version} @@ -74,11 +67,6 @@ the libvirt sandbox %prep %setup -q -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 %build @@ -141,6 +129,9 @@ rm -rf $RPM_BUILD_ROOT %{_datadir}/gtk-doc/html/Libvirt-sandbox %changelog +* Mon Nov 18 2013 Daniel P. Berrange - 0.5.1-1 +- Update to 0.5.0 release + * Thu Oct 3 2013 Daniel P. Berrange - 0.5.0-3 - Add fully versioned dep between libvirt-sandbox & libvirt-sandbox-libs