Rebased to version 1.3.3.3

schema: don't validate paths (bz #1353296)

0001-schema-interleave-domain-name-and-uuid-with-other-el.patch

@@ -1,38 +0,0 @@
-From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
-Date: Thu, 17 Dec 2015 13:43:58 +0100
-Subject: [PATCH] schema: interleave domain name and uuid with other elements
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Allow <name> and <uuid> anywhere under <domain>, not just at the top:
-
-error:XML document failed to validate against schema: Unable to validate
-doc against /usr/share/libvirt/schemas/domain.rng
-Expecting an element name, got nothing
-Invalid sequence in interleave
-Element domain failed to validate content
-
-Introduced with the first RelaxNG schema in commit c642103.
-
-https://bugzilla.redhat.com/show_bug.cgi?id=1292131
-(cherry picked from commit b4e0549febe416ffefc16f389423740d6d65fa74)
-Signed-off-by: Ján Tomko <jtomko@redhat.com>
----
- docs/schemas/domaincommon.rng | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
-index b252a17..48610ce 100644
---- a/docs/schemas/domaincommon.rng
-+++ b/docs/schemas/domaincommon.rng
-@@ -30,8 +30,8 @@
-   <define name="domain">
-     <element name="domain">
-       <ref name="hvs"/>
--      <ref name="ids"/>
-       <interleave>
-+        <ref name="ids"/>
-         <optional>
-           <ref name="title"/>
-         </optional>

0002-leaseshelper-fix-crash-when-no-mac-is-specified.patch

@@ -1,32 +0,0 @@
-From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
-Date: Thu, 14 Jan 2016 14:31:17 +0100
-Subject: [PATCH] leaseshelper: fix crash when no mac is specified
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-If dnsmasq specified DNSMASQ_IAID (so we're dealing with an IPv6
-lease) but no DNSMASQ_MAC, we skip creation of the new lease object.
-
-Also skip adding it to the leases array.
-
-https://bugzilla.redhat.com/show_bug.cgi?id=1202350
-(cherry picked from commit df9fe124d650bc438c531673492569da87523d20)
-Signed-off-by: Ján Tomko <jtomko@redhat.com>
----
- src/network/leaseshelper.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/network/leaseshelper.c b/src/network/leaseshelper.c
-index 2d528f7..6930310 100644
---- a/src/network/leaseshelper.c
-+++ b/src/network/leaseshelper.c
-@@ -439,7 +439,7 @@ main(int argc, char **argv)
- 
-     case VIR_LEASE_ACTION_OLD:
-     case VIR_LEASE_ACTION_ADD:
--        if (virJSONValueArrayAppend(leases_array_new, lease_new) < 0) {
-+        if (lease_new && virJSONValueArrayAppend(leases_array_new, lease_new) < 0) {
-             virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
-                            _("failed to create json"));
-             goto cleanup;

0003-build-predictably-generate-systemtap-tapsets-bz-1173.patch

@@ -1,63 +0,0 @@
-From: Cole Robinson <crobinso@redhat.com>
-Date: Tue, 19 Jan 2016 22:19:56 -0500
-Subject: [PATCH] build: predictably generate systemtap tapsets (bz 1173641)
-
-The generated output is dependent on perl hashtable ordering, which
-gives different results for i686 and x86_64. Fix this by sorting
-the hash keys before iterating over them
-
-https://bugzilla.redhat.com/show_bug.cgi?id=1173641
-(cherry picked from commit a1edb05c6028470aa24b74aa0f8d5fb5a181128a)
----
- src/rpc/gensystemtap.pl | 10 +++++-----
- 1 file changed, 5 insertions(+), 5 deletions(-)
-
-diff --git a/src/rpc/gensystemtap.pl b/src/rpc/gensystemtap.pl
-index 2467300..7b80fbf 100755
---- a/src/rpc/gensystemtap.pl
-+++ b/src/rpc/gensystemtap.pl
-@@ -72,7 +72,7 @@ function libvirt_rpc_auth_name(type, verbose)
- {
- EOF
- my $first = 1;
--foreach my $type (keys %auth) {
-+foreach my $type (sort(keys %auth)) {
-     my $cond = $first ? "if" : "} else if";
-     $first = 0;
-     print "  $cond (type == ", $type, ") {\n";
-@@ -95,7 +95,7 @@ function libvirt_rpc_type_name(type, verbose)
- {
- EOF
- $first = 1;
--foreach my $type (keys %type) {
-+foreach my $type (sort(keys %type)) {
-     my $cond = $first ? "if" : "} else if";
-     $first = 0;
-     print "  $cond (type == ", $type, ") {\n";
-@@ -118,7 +118,7 @@ function libvirt_rpc_status_name(status, verbose)
- {
- EOF
- $first = 1;
--foreach my $status (keys %status) {
-+foreach my $status (sort(keys %status)) {
-     my $cond = $first ? "if" : "} else if";
-     $first = 0;
-     print "  $cond (status == ", $status, ") {\n";
-@@ -141,7 +141,7 @@ function libvirt_rpc_program_name(program, verbose)
- {
- EOF
- $first = 1;
--foreach my $prog (keys %funcs) {
-+foreach my $prog (sort(keys %funcs)) {
-     my $cond = $first ? "if" : "} else if";
-     $first = 0;
-     print "  $cond (program == ", $funcs{$prog}->{id}, ") {\n";
-@@ -165,7 +165,7 @@ function libvirt_rpc_procedure_name(program, version, proc, verbose)
- {
- EOF
- $first = 1;
--foreach my $prog (keys %funcs) {
-+foreach my $prog (sort(keys %funcs)) {
-     my $cond = $first ? "if" : "} else if";
-     $first = 0;
-     print "  $cond (program == ", $funcs{$prog}->{id}, " && version == ", $funcs{$prog}->{version}, ") {\n";

0004-rpc-ensure-daemon-is-spawn-even-if-dead-socket-exist.patch

@@ -1,30 +0,0 @@
-From: "Daniel P. Berrange" <berrange@redhat.com>
-Date: Fri, 3 Jul 2015 16:51:56 +0100
-Subject: [PATCH] rpc: ensure daemon is spawn even if dead socket exists
-
-The auto-spawn code would originally attempt to spawn the
-daemon for both ENOENT and ECONNREFUSED errors from connect().
-The various refactorings eventually lost this so we only
-spawn the daemon on ENOENT. The result is if the daemon exits
-uncleanly, so that the socket is left in the filesystem, we
-will never be able to auto-spawn the daemon again.
-
-(cherry picked from commit 406ee8c226d2197ba1aaecb9cf3ad2b6df31ae44)
----
- src/rpc/virnetsocket.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
-index 51f94d4..6153e0e 100644
---- a/src/rpc/virnetsocket.c
-+++ b/src/rpc/virnetsocket.c
-@@ -610,7 +610,8 @@ int virNetSocketNewConnectUNIX(const char *path,
- 
-     while (retries &&
-            connect(fd, &remoteAddr.data.sa, remoteAddr.len) < 0) {
--        if (!(spawnDaemon && errno == ENOENT)) {
-+        if (!(spawnDaemon && (errno == ENOENT ||
-+                              errno == ECONNREFUSED))) {
-             virReportSystemError(errno, _("Failed to connect socket to '%s'"),
-                                  path);
-             goto cleanup;

0005-rpc-socket-Minor-cleanups.patch

@@ -1,48 +0,0 @@
-From: Cole Robinson <crobinso@redhat.com>
-Date: Mon, 11 Jan 2016 20:01:24 -0500
-Subject: [PATCH] rpc: socket: Minor cleanups
-
-- Add some debugging
-- Make the loop dependent only on retries
-- Make it explicit that connect(2) success exits the loop
-- Invert the error checking logic
-
-(cherry picked from commit f102c7146ed7f6e04af0ad3bce302476239f2502)
----
- src/rpc/virnetsocket.c | 16 ++++++++++++----
- 1 file changed, 12 insertions(+), 4 deletions(-)
-
-diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
-index 6153e0e..dcff69e 100644
---- a/src/rpc/virnetsocket.c
-+++ b/src/rpc/virnetsocket.c
-@@ -548,6 +548,9 @@ int virNetSocketNewConnectUNIX(const char *path,
-     char *rundir = NULL;
-     int ret = -1;
- 
-+    VIR_DEBUG("path=%s spawnDaemon=%d binary=%s", path, spawnDaemon,
-+        NULLSTR(binary));
-+
-     memset(&localAddr, 0, sizeof(localAddr));
-     memset(&remoteAddr, 0, sizeof(remoteAddr));
- 
-@@ -608,10 +611,15 @@ int virNetSocketNewConnectUNIX(const char *path,
-     if (remoteAddr.data.un.sun_path[0] == '@')
-         remoteAddr.data.un.sun_path[0] = '\0';
- 
--    while (retries &&
--           connect(fd, &remoteAddr.data.sa, remoteAddr.len) < 0) {
--        if (!(spawnDaemon && (errno == ENOENT ||
--                              errno == ECONNREFUSED))) {
-+    while (retries) {
-+        if (connect(fd, &remoteAddr.data.sa, remoteAddr.len) == 0) {
-+            VIR_DEBUG("connect() succeeded");
-+            break;
-+        }
-+        VIR_DEBUG("connect() failed: retries=%d errno=%d", retries, errno);
-+
-+        if (!spawnDaemon ||
-+            (errno != ENOENT && errno != ECONNREFUSED)) {
-             virReportSystemError(errno, _("Failed to connect socket to '%s'"),
-                                  path);
-             goto cleanup;

0006-rpc-socket-Explicitly-error-if-we-exceed-retry-count.patch

@@ -1,40 +0,0 @@
-From: Cole Robinson <crobinso@redhat.com>
-Date: Mon, 11 Jan 2016 20:08:45 -0500
-Subject: [PATCH] rpc: socket: Explicitly error if we exceed retry count
-
-When we autolaunch libvirtd for session URIs, we spin in a retry
-loop waiting for the daemon to start and the connect(2) to succeed.
-
-However if we exceed the retry count, we don't explicitly raise an
-error, which can yield a slew of different error messages elsewhere
-in the code.
-
-Explicitly raise the last connect(2) failure if we run out of retries.
-
-(cherry picked from commit 8da02d528068942303923fc4f935e77cccac9c7c)
----
- src/rpc/virnetsocket.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
-index dcff69e..90951be 100644
---- a/src/rpc/virnetsocket.c
-+++ b/src/rpc/virnetsocket.c
-@@ -618,7 +618,9 @@ int virNetSocketNewConnectUNIX(const char *path,
-         }
-         VIR_DEBUG("connect() failed: retries=%d errno=%d", retries, errno);
- 
-+        retries--;
-         if (!spawnDaemon ||
-+            retries == 0 ||
-             (errno != ENOENT && errno != ECONNREFUSED)) {
-             virReportSystemError(errno, _("Failed to connect socket to '%s'"),
-                                  path);
-@@ -628,7 +630,6 @@ int virNetSocketNewConnectUNIX(const char *path,
-         if (virNetSocketForkDaemon(binary) < 0)
-             goto cleanup;
- 
--        retries--;
-         usleep(5000);
-     }
- 

0007-rpc-socket-Don-t-repeatedly-attempt-to-launch-daemon.patch

@@ -1,43 +0,0 @@
-From: Cole Robinson <crobinso@redhat.com>
-Date: Mon, 11 Jan 2016 20:13:38 -0500
-Subject: [PATCH] rpc: socket: Don't repeatedly attempt to launch daemon
-
-On every socket connect(2) attempt we were re-launching session
-libvirtd, up to 100 times in 5 seconds.
-
-This understandably caused some weird load races and intermittent
-qemu:///session startup failures
-
-https://bugzilla.redhat.com/show_bug.cgi?id=1271183
-(cherry picked from commit 2eb7a975756d05a5b54ab4acf60083beb6161ac6)
----
- src/rpc/virnetsocket.c | 9 +++++++--
- 1 file changed, 7 insertions(+), 2 deletions(-)
-
-diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
-index 90951be..2ee4b6e 100644
---- a/src/rpc/virnetsocket.c
-+++ b/src/rpc/virnetsocket.c
-@@ -547,6 +547,7 @@ int virNetSocketNewConnectUNIX(const char *path,
-     virSocketAddr remoteAddr;
-     char *rundir = NULL;
-     int ret = -1;
-+    bool daemonLaunched = false;
- 
-     VIR_DEBUG("path=%s spawnDaemon=%d binary=%s", path, spawnDaemon,
-         NULLSTR(binary));
-@@ -627,8 +628,12 @@ int virNetSocketNewConnectUNIX(const char *path,
-             goto cleanup;
-         }
- 
--        if (virNetSocketForkDaemon(binary) < 0)
--            goto cleanup;
-+        if (!daemonLaunched) {
-+            if (virNetSocketForkDaemon(binary) < 0)
-+                goto cleanup;
-+
-+            daemonLaunched = true;
-+        }
- 
-         usleep(5000);
-     }

0008-security-Do-not-restore-kernel-and-initrd-labels.patch

@@ -1,57 +0,0 @@
-From: Jiri Denemark <jdenemar@redhat.com>
-Date: Fri, 15 Jan 2016 10:55:58 +0100
-Subject: [PATCH] security: Do not restore kernel and initrd labels
-
-Kernel/initrd files are essentially read-only shareable images and thus
-should be handled in the same way. We already use the appropriate label
-for kernel/initrd files when starting a domain, but when a domain gets
-destroyed we would remove the labels which would make other running
-domains using the same files very unhappy.
-
-https://bugzilla.redhat.com/show_bug.cgi?id=921135
-
-Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
-(cherry picked from commit 68acc701bd449481e3206723c25b18fcd3d261b7)
----
- src/security/security_dac.c     | 8 --------
- src/security/security_selinux.c | 8 --------
- 2 files changed, 16 deletions(-)
-
-diff --git a/src/security/security_dac.c b/src/security/security_dac.c
-index deb6980..d01215f 100644
---- a/src/security/security_dac.c
-+++ b/src/security/security_dac.c
-@@ -971,14 +971,6 @@ virSecurityDACRestoreSecurityAllLabel(virSecurityManagerPtr mgr,
-         virSecurityDACRestoreSecurityFileLabel(def->os.loader->nvram) < 0)
-         rc = -1;
- 
--    if (def->os.kernel &&
--        virSecurityDACRestoreSecurityFileLabel(def->os.kernel) < 0)
--        rc = -1;
--
--    if (def->os.initrd &&
--        virSecurityDACRestoreSecurityFileLabel(def->os.initrd) < 0)
--        rc = -1;
--
-     if (def->os.dtb &&
-         virSecurityDACRestoreSecurityFileLabel(def->os.dtb) < 0)
-         rc = -1;
-diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
-index 6e67a86..2475a80 100644
---- a/src/security/security_selinux.c
-+++ b/src/security/security_selinux.c
-@@ -1953,14 +1953,6 @@ virSecuritySELinuxRestoreSecurityAllLabel(virSecurityManagerPtr mgr,
-         virSecuritySELinuxRestoreSecurityFileLabel(mgr, def->os.loader->nvram) < 0)
-         rc = -1;
- 
--    if (def->os.kernel &&
--        virSecuritySELinuxRestoreSecurityFileLabel(mgr, def->os.kernel) < 0)
--        rc = -1;
--
--    if (def->os.initrd &&
--        virSecuritySELinuxRestoreSecurityFileLabel(mgr, def->os.initrd) < 0)
--        rc = -1;
--
-     if (def->os.dtb &&
-         virSecuritySELinuxRestoreSecurityFileLabel(mgr, def->os.dtb) < 0)
-         rc = -1;

0009-rpc-wait-longer-for-session-daemon-to-start-up.patch

@@ -1,37 +0,0 @@
-From: Cole Robinson <crobinso@redhat.com>
-Date: Tue, 15 Mar 2016 17:04:32 -0400
-Subject: [PATCH] rpc: wait longer for session daemon to start up
-
-https://bugzilla.redhat.com/show_bug.cgi?id=1271183
-
-We only wait 0.5 seconds for the session daemon to start up and present
-its socket, which isn't sufficient for many users. Bump up the sleep
-interval and retry amount so we wait for a total of 5.0 seconds.
-
-(cherry picked from commit ca0c06f4008154de55e0b3109885facd0bf02d32)
----
- src/rpc/virnetsocket.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
-index 2ee4b6e..275f1f5 100644
---- a/src/rpc/virnetsocket.c
-+++ b/src/rpc/virnetsocket.c
-@@ -542,7 +542,7 @@ int virNetSocketNewConnectUNIX(const char *path,
-     char *lockpath = NULL;
-     int lockfd = -1;
-     int fd = -1;
--    int retries = 100;
-+    int retries = 500;
-     virSocketAddr localAddr;
-     virSocketAddr remoteAddr;
-     char *rundir = NULL;
-@@ -635,7 +635,7 @@ int virNetSocketNewConnectUNIX(const char *path,
-             daemonLaunched = true;
-         }
- 
--        usleep(5000);
-+        usleep(10000);
-     }
- 
-     localAddr.len = sizeof(localAddr.data);

0010-driver-log-missing-modules-as-INFO-not-WARN.patch

@@ -1,27 +0,0 @@
-From: Jovanka Gulicoska <jovanka.gulicoska@gmail.com>
-Date: Thu, 17 Mar 2016 20:02:20 +0100
-Subject: [PATCH] driver: log missing modules as INFO, not WARN
-
-Missing modules is a common expected scenario for most libvirt usage on
-RPM distributions like Fedora, so it doesn't really warrant logging at
-WARN level. Use INFO instead
-
-https://bugzilla.redhat.com/show_bug.cgi?id=1274849
-(cherry picked from commit 9a0c7f5f834185db9017c34aabc03ad99cf37bed)
----
- src/driver.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/driver.c b/src/driver.c
-index db03438..f926fe4 100644
---- a/src/driver.c
-+++ b/src/driver.c
-@@ -62,7 +62,7 @@ virDriverLoadModule(const char *name)
-         return NULL;
- 
-     if (access(modfile, R_OK) < 0) {
--        VIR_WARN("Module %s not accessible", modfile);
-+        VIR_INFO("Module %s not accessible", modfile);
-         goto cleanup;
-     }
- 

0011-polkit-Allow-password-less-access-for-libvirt-group.patch

@@ -1,126 +0,0 @@
-From: Cole Robinson <crobinso@redhat.com>
-Date: Tue, 28 Apr 2015 17:38:00 -0400
-Subject: [PATCH] polkit: Allow password-less access for 'libvirt' group
-
-Many users, who admin their own machines, want to be able to access
-system libvirtd via tools like virt-manager without having to enter
-a root password. Just google 'virt-manager without password' and
-you'll find many hits. I've read at least 5 blog posts over the years
-describing slightly different ways of achieving this goal.
-
-Let's finally add official support for this.
-
-Install a polkit-1 rules file granting password-less auth for any user
-in the new 'libvirt' group. Create the group on RPM install
-
-https://bugzilla.redhat.com/show_bug.cgi?id=957300
-(cherry picked from commit e94979e901517af9fdde358d7b7c92cc055dd50c)
----
- daemon/Makefile.am   | 13 +++++++++++++
- daemon/libvirt.rules |  9 +++++++++
- libvirt.spec.in      | 15 +++++++++++++--
- 3 files changed, 35 insertions(+), 2 deletions(-)
- create mode 100644 daemon/libvirt.rules
-
-diff --git a/daemon/Makefile.am b/daemon/Makefile.am
-index b95a79d..9c5ea37 100644
---- a/daemon/Makefile.am
-+++ b/daemon/Makefile.am
-@@ -53,6 +53,7 @@ EXTRA_DIST =						\
- 	libvirtd.init.in				\
- 	libvirtd.upstart				\
- 	libvirtd.policy.in				\
-+	libvirt.rules					\
- 	libvirtd.sasl					\
- 	libvirtd.service.in				\
- 	libvirtd.socket.in				\
-@@ -233,6 +234,8 @@ policyauth = auth_admin_keep_session
- else ! WITH_POLKIT0
- policydir = $(datadir)/polkit-1/actions
- policyauth = auth_admin_keep
-+rulesdir = $(datadir)/polkit-1/rules.d
-+rulesfile = libvirt.rules
- endif ! WITH_POLKIT0
- endif WITH_POLKIT
- 
-@@ -263,9 +266,19 @@ if WITH_POLKIT
- install-data-polkit::
- 	$(MKDIR_P) $(DESTDIR)$(policydir)
- 	$(INSTALL_DATA) libvirtd.policy $(DESTDIR)$(policydir)/org.libvirt.unix.policy
-+if ! WITH_POLKIT0
-+	$(MKDIR_P) $(DESTDIR)$(rulesdir)
-+	$(INSTALL_DATA) $(srcdir)/$(rulesfile) $(DESTDIR)$(rulesdir)/50-libvirt.rules
-+endif ! WITH_POLKIT0
-+
- uninstall-data-polkit::
- 	rm -f $(DESTDIR)$(policydir)/org.libvirt.unix.policy
- 	rmdir $(DESTDIR)$(policydir) || :
-+if ! WITH_POLKIT0
-+	rm -f $(DESTDIR)$(rulesdir)/50-libvirt.rules
-+	rmdir $(DESTDIR)$(rulesdir) || :
-+endif ! WITH_POLKIT0
-+
- else ! WITH_POLKIT
- install-data-polkit::
- uninstall-data-polkit::
-diff --git a/daemon/libvirt.rules b/daemon/libvirt.rules
-new file mode 100644
-index 0000000..01a15fa
---- /dev/null
-+++ b/daemon/libvirt.rules
-@@ -0,0 +1,9 @@
-+// Allow any user in the 'libvirt' group to connect to system libvirtd
-+// without entering a password.
-+
-+polkit.addRule(function(action, subject) {
-+    if (action.id == "org.libvirt.unix.manage" &&
-+        subject.isInGroup("libvirt")) {
-+        return polkit.Result.YES;
-+    }
-+});
-diff --git a/libvirt.spec.in b/libvirt.spec.in
-index dc327a2..a23629d 100644
---- a/libvirt.spec.in
-+++ b/libvirt.spec.in
-@@ -1631,9 +1631,9 @@ then
- fi
- 
- %if %{with_libvirtd}
-+%pre daemon
-     %if ! %{with_driver_modules}
-         %if %{with_qemu}
--%pre daemon
-             %if 0%{?fedora} || 0%{?rhel} >= 6
- # We want soft static allocation of well-known ids, as disk images
- # are commonly shared across NFS mounts by id rather than name; see
-@@ -1647,11 +1647,21 @@ if ! getent passwd qemu >/dev/null; then
-     useradd -r -g qemu -G kvm -d / -s /sbin/nologin -c "qemu user" qemu
-   fi
- fi
--exit 0
-             %endif
-         %endif
-     %endif
- 
-+    %if %{with_polkit}
-+        %if 0%{?fedora} || 0%{?rhel} >= 6
-+# 'libvirt' group is just to allow password-less polkit access to
-+# libvirtd. The uid number is irrelevant, so we use dynamic allocation
-+# described at the above link.
-+getent group libvirt >/dev/null || groupadd -r libvirt
-+        %endif
-+    %endif
-+
-+exit 0
-+
- %post daemon
- 
-     %if %{with_systemd}
-@@ -1925,6 +1935,7 @@ exit 0
-         %if 0%{?fedora} || 0%{?rhel} >= 6
- %{_datadir}/polkit-1/actions/org.libvirt.unix.policy
- %{_datadir}/polkit-1/actions/org.libvirt.api.policy
-+%{_datadir}/polkit-1/rules.d/50-libvirt.rules
-         %else
- %{_datadir}/PolicyKit/policy/org.libvirt.unix.policy
-         %endif

libvirt.spec

@@ -2,7 +2,7 @@
 
 # This spec file assumes you are building for Fedora 13 or newer,
 # or for RHEL 5 or newer. It may need some tweaks for other distros.
-# If neither fedora nor rhel was defined, try to guess them from %{dist}
+# If neither fedora nor rhel was defined, try to guess them from dist
 %if !0%{?rhel} && !0%{?fedora}
 %{expand:%(echo "%{?dist}" | \
   sed -ne 's/^\.el\([0-9]\+\).*/%%define rhel \1/p')}
@@ -13,13 +13,13 @@
 # Default to skipping autoreconf.  Distros can change just this one line
 # (or provide a command-line override) if they backport any patches that
 # touch configure.ac or Makefile.am.
-%{!?enable_autotools:%define enable_autotools 1}
+%{!?enable_autotools:%global enable_autotools 0}
 
 # A client only build will create a libvirt.so only containing
 # the generic RPC driver, and test driver and no libvirtd
 # Default to a full server + client build, but with the possibility
 # of a command-line or ~/.rpmmacros override for client-only.
-%{!?client_only:%define client_only 0}
+%{!?client_only:%global client_only 0}
 
 # Now turn off server build in certain cases
 
@@ -97,7 +97,7 @@
 %define with_esx           0%{!?_without_esx:1}
 %define with_hyperv        0%{!?_without_hyperv:1}
 %define with_xenapi        0%{!?_without_xenapi:1}
-%define with_parallels     0%{!?_without_parallels:1}
+%define with_vz            0%{!?_without_vz:1}
 # No test for bhyve, because it does not build on Linux
 
 # Then the secondary host drivers, which run inside libvirtd
@@ -108,7 +108,7 @@
 %define with_storage_iscsi    0%{!?_without_storage_iscsi:%{server_drivers}}
 %define with_storage_disk     0%{!?_without_storage_disk:%{server_drivers}}
 %define with_storage_mpath    0%{!?_without_storage_mpath:%{server_drivers}}
-%if 0%{?fedora} >= 16
+%if 0%{?fedora} >= 16 || 0%{?rhel} >= 7
     %define with_storage_rbd      0%{!?_without_storage_rbd:%{server_drivers}}
 %else
     %define with_storage_rbd      0
@@ -155,6 +155,7 @@
 # Non-server/HV driver defaults which are always enabled
 %define with_sasl          0%{!?_without_sasl:1}
 %define with_audit         0%{!?_without_audit:1}
+%define with_nss_plugin    0%{!?_without_nss_plugin:1}
 
 
 # Finally set the OS / architecture specific special cases
@@ -182,8 +183,15 @@
     %endif
 %endif
 
+# librados and librbd are built only on x86_64 on rhel
+%ifnarch x86_64
+    %if 0%{?rhel} >= 7
+        %define with_storage_rbd 0
+    %endif
+%endif
+
 # RHEL doesn't ship OpenVZ, VBox, UML, PowerHypervisor,
-# VMWare, libxenserver (xenapi), libxenlight (Xen 4.1 and newer),
+# VMware, libxenserver (xenapi), libxenlight (Xen 4.1 and newer),
 # or HyperV.
 %if 0%{?rhel}
     %define with_openvz 0
@@ -194,7 +202,7 @@
     %define with_xenapi 0
     %define with_libxl 0
     %define with_hyperv 0
-    %define with_parallels 0
+    %define with_vz 0
 %endif
 
 # Fedora 17 / RHEL-7 are first where we use systemd. Although earlier
@@ -337,12 +345,6 @@
 %endif
 
 
-# Advertise OVMF and AAVMF from nightly firmware repo
-%if 0%{?fedora}
-    %define with_loader_nvram --with-loader-nvram="/usr/share/edk2.git/ovmf-x64/OVMF_CODE-pure-efi.fd:/usr/share/edk2.git/ovmf-x64/OVMF_VARS-pure-efi.fd:/usr/share/edk2.git/aarch64/QEMU_EFI-pflash.raw:/usr/share/edk2.git/aarch64/vars-template-pflash.raw"
-%endif
-
-
 # The RHEL-5 Xen package has some feature backports. This
 # flag is set to enable use of those special bits on RHEL-5
 %if 0%{?rhel} == 5
@@ -370,8 +372,8 @@
 
 Summary: Library providing a simple virtualization API
 Name: libvirt
-Version: 1.2.13.2
-Release: 3%{?dist}%{?extra_release}
+Version: 1.3.3.3
+Release: 1%{?dist}%{?extra_release}
 License: LGPLv2+
 Group: Development/Libraries
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
@@ -382,28 +384,6 @@ URL: http://libvirt.org/
 %endif
 Source: http://libvirt.org/sources/%{?mainturl}libvirt-%{version}.tar.gz
 
-# Fix XML validation with qemu commandline passthrough (bz #1292131)
-Patch0001: 0001-schema-interleave-domain-name-and-uuid-with-other-el.patch
-# Fix crash in libvirt_leasehelper (bz #1202350)
-Patch0002: 0002-leaseshelper-fix-crash-when-no-mac-is-specified.patch
-# Generate consistent systemtap tapsets regardless of host arch (bz
-# #1173641)
-Patch0003: 0003-build-predictably-generate-systemtap-tapsets-bz-1173.patch
-# Fix qemu:///session error 'Transport endpoint is not connected' (bz
-# #1271183)
-Patch0004: 0004-rpc-ensure-daemon-is-spawn-even-if-dead-socket-exist.patch
-Patch0005: 0005-rpc-socket-Minor-cleanups.patch
-Patch0006: 0006-rpc-socket-Explicitly-error-if-we-exceed-retry-count.patch
-Patch0007: 0007-rpc-socket-Don-t-repeatedly-attempt-to-launch-daemon.patch
-# Fix parallel VM start/top svirt errors on kernel/initrd (bz #1269975)
-Patch0008: 0008-security-Do-not-restore-kernel-and-initrd-labels.patch
-# Fix qemu:///session connect race failures (bz #1271183)
-Patch0009: 0009-rpc-wait-longer-for-session-daemon-to-start-up.patch
-# driver: log missing modules as INFO, not WARN (bz #1274849)
-Patch0010: 0010-driver-log-missing-modules-as-INFO-not-WARN.patch
-# polkit: Allow password-less access for 'libvirt' group (bz #957300)
-Patch0011: 0011-polkit-Allow-password-less-access-for-libvirt-group.patch
-
 %if %{with_libvirtd}
 Requires: libvirt-daemon = %{version}-%{release}
     %if %{with_network}
@@ -596,7 +576,12 @@ BuildRequires: device-mapper-devel
     %endif
 %endif
 %if %{with_storage_rbd}
+    %if 0%{?rhel} >= 7
+BuildRequires: librados2-devel
+BuildRequires: librbd1-devel
+    %else
 BuildRequires: ceph-devel
+    %endif
 %endif
 %if %{with_storage_gluster}
     %if 0%{?rhel} >= 6
@@ -657,8 +642,8 @@ BuildRequires: util-linux
 BuildRequires: nfs-utils
 %endif
 
-%if %{with_firewalld}
-# Communication with the firewall daemon uses DBus
+%if %{with_firewalld} || %{with_polkit}
+# Communication with the firewall and polkit daemons use DBus
 BuildRequires: dbus-devel
 %endif
 
@@ -932,6 +917,9 @@ Requires: gzip
 Requires: bzip2
 Requires: lzop
 Requires: xz
+            %if 0%{?fedora} >= 24
+Requires: systemd-container
+            %endif
 
 %description daemon-driver-qemu
 The qemu driver plugin for the libvirtd daemon, providing
@@ -947,6 +935,9 @@ Group: Development/Libraries
 Requires: libvirt-daemon = %{version}-%{release}
 # There really is a hard cross-driver dependency here
 Requires: libvirt-daemon-driver-network = %{version}-%{release}
+            %if 0%{?fedora} >= 24
+Requires: systemd-container
+            %endif
 
 %description daemon-driver-lxc
 The LXC driver plugin for the libvirtd daemon, providing
@@ -1180,7 +1171,7 @@ virtualization capabilities of recent versions of Linux (and other OSes).
 %package wireshark
 Summary: Wireshark dissector plugin for libvirt RPC transactions
 Group: Development/Libraries
-Requires: wireshark
+Requires: wireshark >= 1.12.6-4
 Requires: %{name}-client = %{version}-%{release}
 
 %description wireshark
@@ -1203,7 +1194,6 @@ namespaces.
 Summary: Libraries, includes, etc. to compile with the libvirt library
 Group: Development/Libraries
 Requires: %{name}-client = %{version}-%{release}
-Requires: %{name}-docs = %{version}-%{release}
 Requires: pkgconfig
 
 %description devel
@@ -1228,6 +1218,17 @@ Includes the Sanlock lock manager plugin for the QEMU
 driver
 %endif
 
+%if %{with_nss_plugin}
+%package nss
+Summary: Libvirt plugin for Name Service Switch
+Group: Development/Libraries
+Requires: libvirt-daemon-driver-network = %{version}-%{release}
+
+%description nss
+Libvirt plugin for NSS for translating domain names into IP addresses.
+%endif
+
+
 %prep
 %setup -q
 
@@ -1320,8 +1321,8 @@ rm -rf .git
     %define _without_vmware --without-vmware
 %endif
 
-%if ! %{with_parallels}
-    %define _without_parallels --without-parallels
+%if ! %{with_vz}
+    %define _without_vz --without-vz
 %endif
 
 %if ! %{with_polkit}
@@ -1460,6 +1461,10 @@ rm -rf .git
     %define _without_pm_utils --without-pm-utils
 %endif
 
+%if ! %{with_nss_plugin}
+    %define _without_nss_plugin --without-nss-plugin
+%endif
+
 %define when  %(date +"%%F-%%T")
 %define where %(hostname)
 %define who   %{?packager}%{!?packager:Unknown}
@@ -1480,6 +1485,18 @@ rm -rf .git
     %endif
 %endif
 
+%if 0%{?fedora}
+    # Nightly firmware repo x86/OVMF
+    LOADERS="/usr/share/edk2.git/ovmf-x64/OVMF_CODE-pure-efi.fd:/usr/share/edk2.git/ovmf-x64/OVMF_VARS-pure-efi.fd"
+    # Nightly firmware repo aarch64/AAVMF
+    LOADERS="$LOADERS:/usr/share/edk2.git/aarch64/QEMU_EFI-pflash.raw:/usr/share/edk2.git/aarch64/vars-template-pflash.raw"
+    # Fedora official x86/OVMF
+    LOADERS="$LOADERS:/usr/share/edk2/ovmf/OVMF_CODE.fd:/usr/share/edk2/ovmf/OVMF_VARS.fd"
+    # Fedora official aarch64/AAVMF
+    LOADERS="$LOADERS:/usr/share/edk2/aarch64/QEMU_EFI-pflash.raw:/usr/share/edk2/aarch64/vars-template-pflash.raw"
+    %define with_loader_nvram --with-loader-nvram="$LOADERS"
+%endif
+
 # place macros above and build commands below this comment
 
 %if 0%{?enable_autotools}
@@ -1503,7 +1520,7 @@ rm -f po/stamp-po
            %{?_without_esx} \
            %{?_without_hyperv} \
            %{?_without_vmware} \
-           %{?_without_parallels} \
+           %{?_without_vz} \
            --without-bhyve \
            %{?_without_interface} \
            %{?_without_network} \
@@ -1537,6 +1554,7 @@ rm -f po/stamp-po
            %{?_without_wireshark} \
            %{?_without_systemd_daemon} \
            %{?_without_pm_utils} \
+           %{?_without_nss_plugin} \
            %{with_packager} \
            %{with_packager_version} \
            --with-qemu-user=%{qemu_user} \
@@ -1556,10 +1574,8 @@ rm -fr %{buildroot}
 # on RHEL 5, thus we need to expand it here.
 make install DESTDIR=%{?buildroot} SYSTEMD_UNIT_DIR=%{_unitdir}
 
-for i in object-events dominfo domsuspend hellolibvirt openauth xml/nwfilter systemtap dommigrate domtop
-do
-  (cd examples/$i ; make clean ; rm -rf .deps .libs Makefile Makefile.in)
-done
+make -C examples distclean
+
 rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
 rm -f $RPM_BUILD_ROOT%{_libdir}/*.a
 rm -f $RPM_BUILD_ROOT%{_libdir}/libvirt/lock-driver/*.la
@@ -1570,8 +1586,16 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/libvirt/connection-driver/*.a
 %endif
 %if %{with_wireshark}
 rm -f $RPM_BUILD_ROOT%{_libdir}/wireshark/plugins/*/libvirt.la
+mv $RPM_BUILD_ROOT%{_libdir}/wireshark/plugins/*/libvirt.so \
+   $RPM_BUILD_ROOT%{_libdir}/wireshark/plugins/libvirt.so
 %endif
 
+# Temporarily get rid of not-installed admin-related files
+rm -f $RPM_BUILD_ROOT%{_libdir}/libvirt-admin.so
+rm -f $RPM_BUILD_ROOT%{_bindir}/virt-admin
+rm -f $RPM_BUILD_ROOT%{_mandir}/man1/virt-admin.1*
+rm -f $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/libvirt-admin.conf
+
 %if %{with_network}
 install -d -m 0755 $RPM_BUILD_ROOT%{_datadir}/lib/libvirt/dnsmasq/
 # We don't want to install /etc/libvirt/qemu/networks in the main %files list
@@ -1612,6 +1636,12 @@ rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/libvirtd.qemu
 rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/lxc.conf
 rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/libvirtd.lxc
 %endif
+%if ! %{with_libxl}
+rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/libxl.conf
+rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/libvirtd.libxl
+rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/libvirtd_libxl.aug
+rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/tests/test_libvirtd_libxl.aug
+%endif
 %if ! %{with_uml}
 rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/libvirtd.uml
 %endif
@@ -1629,7 +1659,7 @@ mv $RPM_BUILD_ROOT%{_datadir}/systemtap/tapset/libvirt_qemu_probes.stp \
 %endif
 
 %if 0%{?rhel} == 5
-rm -f $RPM_BUILD_ROOT%{_prefix}/lib/sysctl.d/libvirtd.conf
+rm -f $RPM_BUILD_ROOT%{_prefix}/lib/sysctl.d/60-libvirtd.conf
 %endif
 
 %clean
@@ -1688,12 +1718,13 @@ exit 0
 
     %if %{with_systemd}
         %if %{with_systemd_macros}
-            %systemd_post virtlockd.socket libvirtd.service libvirtd.socket
+            %systemd_post virtlockd.socket virtlogd.socket libvirtd.service
         %else
 if [ $1 -eq 1 ] ; then
     # Initial installation
     /bin/systemctl enable \
         virtlockd.socket \
+        virtlogd.socket \
         libvirtd.service >/dev/null 2>&1 || :
 fi
         %endif
@@ -1709,24 +1740,27 @@ fi
         %endif
 
 /sbin/chkconfig --add libvirtd
+/sbin/chkconfig --add virtlogd
 /sbin/chkconfig --add virtlockd
     %endif
 
 %preun daemon
     %if %{with_systemd}
         %if %{with_systemd_macros}
-            %systemd_preun libvirtd.socket libvirtd.service virtlockd.socket virtlockd.service
+            %systemd_preun libvirtd.service virtlogd.socket virtlogd.service virtlockd.socket virtlockd.service
         %else
 if [ $1 -eq 0 ] ; then
     # Package removal, not upgrade
     /bin/systemctl --no-reload disable \
-        libvirtd.socket \
         libvirtd.service \
+        virtlogd.socket \
+        virtlogd.service \
         virtlockd.socket \
         virtlockd.service > /dev/null 2>&1 || :
     /bin/systemctl stop \
-        libvirtd.socket \
         libvirtd.service \
+        virtlogd.socket \
+        virtlogd.service \
         virtlockd.socket \
         virtlockd.service > /dev/null 2>&1 || :
 fi
@@ -1735,6 +1769,8 @@ fi
 if [ $1 = 0 ]; then
     /sbin/service libvirtd stop 1>/dev/null 2>&1
     /sbin/chkconfig --del libvirtd
+    /sbin/service virtlogd stop 1>/dev/null 2>&1
+    /sbin/chkconfig --del virtlogd
     /sbin/service virtlockd stop 1>/dev/null 2>&1
     /sbin/chkconfig --del virtlockd
 fi
@@ -1745,11 +1781,13 @@ fi
 /bin/systemctl daemon-reload >/dev/null 2>&1 || :
 if [ $1 -ge 1 ] ; then
     /bin/systemctl reload-or-try-restart virtlockd.service >/dev/null 2>&1 || :
+    /bin/systemctl reload-or-try-restart virtlogd.service >/dev/null 2>&1 || :
     /bin/systemctl try-restart libvirtd.service >/dev/null 2>&1 || :
 fi
     %else
 if [ $1 -ge 1 ]; then
     /sbin/service virtlockd reload > /dev/null 2>&1 || :
+    /sbin/service virtlogd reload > /dev/null 2>&1 || :
     /sbin/service libvirtd condrestart > /dev/null 2>&1
 fi
     %endif
@@ -1759,10 +1797,30 @@ fi
 %triggerpostun daemon -- libvirt-daemon < 1.2.1
 if [ "$1" -ge "1" ]; then
     /sbin/service virtlockd reload > /dev/null 2>&1 || :
+    /sbin/service virtlogd reload > /dev/null 2>&1 || :
     /sbin/service libvirtd condrestart > /dev/null 2>&1
 fi
     %endif
 
+# In upgrade scenario we must explicitly enable virtlockd/virtlogd
+# sockets, if libvirtd is already enabled and start them if
+# libvirtd is running, otherwise you'll get failures to start
+# guests
+%triggerpostun daemon -- libvirt-daemon < 1.3.0
+if [ $1 -ge 1 ] ; then
+    %if %{with_systemd}
+        /bin/systemctl is-enabled libvirtd.service 1>/dev/null 2>&1 &&
+            /bin/systemctl enable virtlogd.socket || :
+        /bin/systemctl is-active libvirtd.service 1>/dev/null 2>&1 &&
+            /bin/systemctl start virtlogd.socket || :
+    %else
+        /sbin/chkconfig libvirtd 1>/dev/null 2>&1 &&
+            /sbin/chkconfig virtlogd on || :
+        /sbin/service libvirtd status 1>/dev/null 2>&1 &&
+            /sbin/service virtlogd start || :
+    %endif
+fi
+
     %if %{with_network}
 %post daemon-config-network
 if test $1 -eq 1 && test ! -f %{_sysconfdir}/libvirt/qemu/networks/default.xml ; then
@@ -1800,6 +1858,14 @@ if test $1 -eq 1 && test ! -f %{_sysconfdir}/libvirt/qemu/networks/default.xml ;
          < %{_datadir}/libvirt/networks/default.xml \
          > %{_sysconfdir}/libvirt/qemu/networks/default.xml
     ln -s ../default.xml %{_sysconfdir}/libvirt/qemu/networks/autostart/default.xml
+
+    # Make sure libvirt picks up the new network defininiton
+        %if %{with_systemd}
+    /bin/systemctl try-restart libvirtd.service >/dev/null 2>&1 ||:
+        %else
+    /sbin/service libvirtd condrestart > /dev/null 2>&1 || :
+        %endif
+
 fi
     %endif
 
@@ -1897,7 +1963,8 @@ exit 0
 
 %files docs
 %defattr(-, root, root)
-%doc AUTHORS ChangeLog.gz NEWS README TODO libvirt-docs/*
+%doc AUTHORS ChangeLog.gz NEWS README TODO
+%doc libvirt-docs/*
 
 # API docs
 %dir %{_datadir}/gtk-doc/html/libvirt/
@@ -1905,6 +1972,16 @@ exit 0
 %doc %{_datadir}/gtk-doc/html/libvirt/*.html
 %doc %{_datadir}/gtk-doc/html/libvirt/*.png
 %doc %{_datadir}/gtk-doc/html/libvirt/*.css
+%doc examples/hellolibvirt
+%doc examples/object-events
+%doc examples/dominfo
+%doc examples/domsuspend
+%doc examples/dommigrate
+%doc examples/openauth
+%doc examples/xml
+%doc examples/rename
+%doc examples/systemtap
+
 
 %if %{with_libvirtd}
 %files daemon
@@ -1914,20 +1991,24 @@ exit 0
 
     %if %{with_systemd}
 %{_unitdir}/libvirtd.service
-%{_unitdir}/libvirtd.socket
+%{_unitdir}/virtlogd.service
+%{_unitdir}/virtlogd.socket
 %{_unitdir}/virtlockd.service
 %{_unitdir}/virtlockd.socket
     %else
 %{_sysconfdir}/rc.d/init.d/libvirtd
+%{_sysconfdir}/rc.d/init.d/virtlogd
 %{_sysconfdir}/rc.d/init.d/virtlockd
     %endif
 %doc daemon/libvirtd.upstart
 %config(noreplace) %{_sysconfdir}/sysconfig/libvirtd
+%config(noreplace) %{_sysconfdir}/sysconfig/virtlogd
 %config(noreplace) %{_sysconfdir}/sysconfig/virtlockd
 %config(noreplace) %{_sysconfdir}/libvirt/libvirtd.conf
+%config(noreplace) %{_sysconfdir}/libvirt/virtlogd.conf
 %config(noreplace) %{_sysconfdir}/libvirt/virtlockd.conf
     %if 0%{?fedora} || 0%{?rhel} >= 6
-%config(noreplace) %{_prefix}/lib/sysctl.d/libvirtd.conf
+%config(noreplace) %{_prefix}/lib/sysctl.d/60-libvirtd.conf
     %endif
 
 %config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd
@@ -1946,6 +2027,8 @@ exit 0
 
 %{_datadir}/augeas/lenses/libvirtd.aug
 %{_datadir}/augeas/lenses/tests/test_libvirtd.aug
+%{_datadir}/augeas/lenses/virtlogd.aug
+%{_datadir}/augeas/lenses/tests/test_virtlogd.aug
 %{_datadir}/augeas/lenses/virtlockd.aug
 %{_datadir}/augeas/lenses/tests/test_virtlockd.aug
 %{_datadir}/augeas/lenses/libvirt_lockd.aug
@@ -1972,9 +2055,11 @@ exit 0
     %endif
 
 %attr(0755, root, root) %{_sbindir}/libvirtd
+%attr(0755, root, root) %{_sbindir}/virtlogd
 %attr(0755, root, root) %{_sbindir}/virtlockd
 
 %{_mandir}/man8/libvirtd.8*
+%{_mandir}/man8/virtlogd.8*
 %{_mandir}/man8/virtlockd.8*
 
     %if ! %{with_driver_modules}
@@ -2003,7 +2088,7 @@ exit 0
 %config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd.qemu
 %dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/qemu/
 %ghost %dir %attr(0700, root, root) %{_localstatedir}/run/libvirt/qemu/
-%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/
+%dir %attr(0751, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/
 %dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/cache/libvirt/qemu/
 %{_datadir}/augeas/lenses/libvirtd_qemu.aug
 %{_datadir}/augeas/lenses/tests/test_libvirtd_qemu.aug
@@ -2025,15 +2110,22 @@ exit 0
 %dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/uml/
         %endif
         %if %{with_libxl}
+%config(noreplace) %{_sysconfdir}/libvirt/libxl.conf
+%config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd.libxl
+%config(noreplace) %{_sysconfdir}/libvirt/libxl-lockd.conf
 %dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/libxl/
 %ghost %dir %{_localstatedir}/run/libvirt/libxl/
 %dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/libxl/
+%{_datadir}/augeas/lenses/libvirtd_libxl.aug
+%{_datadir}/augeas/lenses/tests/test_libvirtd_libxl.aug
         %endif
         %if %{with_xen}
 %dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/xen/
         %endif
     %endif # ! %{with_driver_modules}
 
+%doc examples/polkit/*.rules
+
     %if %{with_network}
 %files daemon-config-network
 %defattr(-, root, root)
@@ -2103,7 +2195,7 @@ exit 0
 %config(noreplace) %{_sysconfdir}/libvirt/qemu-lockd.conf
 %config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd.qemu
 %ghost %dir %attr(0700, root, root) %{_localstatedir}/run/libvirt/qemu/
-%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/
+%dir %attr(0751, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/
 %dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/cache/libvirt/qemu/
 %{_datadir}/augeas/lenses/libvirtd_qemu.aug
 %{_datadir}/augeas/lenses/tests/test_libvirtd_qemu.aug
@@ -2144,6 +2236,11 @@ exit 0
         %if %{with_libxl}
 %files daemon-driver-libxl
 %defattr(-, root, root)
+%config(noreplace) %{_sysconfdir}/libvirt/libxl.conf
+%config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd.libxl
+%config(noreplace) %{_sysconfdir}/libvirt/libxl-lockd.conf
+%{_datadir}/augeas/lenses/libvirtd_libxl.aug
+%{_datadir}/augeas/lenses/tests/test_libvirtd_libxl.aug
 %dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/libxl/
 %ghost %dir %{_localstatedir}/run/libvirt/libxl/
 %dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/libxl/
@@ -2194,6 +2291,9 @@ exit 0
     %if %{with_qemu}
 %config(noreplace) %{_sysconfdir}/libvirt/qemu-sanlock.conf
     %endif
+    %if %{with_libxl}
+%config(noreplace) %{_sysconfdir}/libvirt/libxl-sanlock.conf
+    %endif
 %attr(0755, root, root) %{_libdir}/libvirt/lock-driver/sanlock.so
 %{_datadir}/augeas/lenses/libvirt_sanlock.aug
 %{_datadir}/augeas/lenses/tests/test_libvirt_sanlock.aug
@@ -2219,6 +2319,7 @@ exit 0
 %{_libdir}/libvirt.so.*
 %{_libdir}/libvirt-qemu.so.*
 %{_libdir}/libvirt-lxc.so.*
+%{_libdir}/libvirt-admin.so.*
 
 %if %{with_dtrace}
 %{_datadir}/systemtap/tapset/libvirt_probes*.stp
@@ -2263,7 +2364,12 @@ exit 0
 
 %if %{with_wireshark}
 %files wireshark
-%{_libdir}/wireshark/plugins/*/libvirt.so
+%{_libdir}/wireshark/plugins/libvirt.so
+%endif
+
+%if %{with_nss_plugin}
+%files nss
+%{_libdir}/libnss_libvirt.so.2
 %endif
 
 %if %{with_lxc}
@@ -2282,6 +2388,7 @@ exit 0
 %dir %{_includedir}/libvirt
 %{_includedir}/libvirt/virterror.h
 %{_includedir}/libvirt/libvirt.h
+%{_includedir}/libvirt/libvirt-common.h
 %{_includedir}/libvirt/libvirt-domain.h
 %{_includedir}/libvirt/libvirt-domain-snapshot.h
 %{_includedir}/libvirt/libvirt-event.h
@@ -2303,70 +2410,118 @@ exit 0
 %{_datadir}/libvirt/api/libvirt-api.xml
 %{_datadir}/libvirt/api/libvirt-qemu-api.xml
 %{_datadir}/libvirt/api/libvirt-lxc-api.xml
-
-%doc docs/*.html docs/html docs/*.gif
+# Needed building python bindings
 %doc docs/libvirt-api.xml
-%doc examples/hellolibvirt
-%doc examples/object-events
-%doc examples/dominfo
-%doc examples/domsuspend
-%doc examples/dommigrate
-%doc examples/openauth
-%doc examples/xml
-%doc examples/systemtap
+
 
 %changelog
-* Thu Mar 17 2016 Cole Robinson <crobinso@redhat.com> - 1.2.13.2-3
+* Wed May 10 2017 Cole Robinson <crobinso@redhat.com> - 1.3.3.3-1
+- Rebased to version 1.3.3.3
+- schema: don't validate paths (bz #1353296)
+
+* Mon Jul 18 2016 Cole Robinson <crobinso@redhat.com> - 1.3.3.2-1
+- Rebased to version 1.3.3.2
+- Fix xen default video device config (bz #1336629)
+- Don't reject duplicate disk serials (bz #1349895)
+- Fix LXC cgroup name mismatch (bz #1350139)
+- Fix managed save/restore with VM USB Keyboard (bz #1353222)
+- Missing dep on systemd-container (bz #1355784)
+- CVE-2016-5008: Setting empty VNC password allows access to unauthorized
+  users (bz #1351516)
+
+* Thu Jun 23 2016 Cole Robinson <crobinso@redhat.com> - 1.3.3.1-4
+- Don't disable auto_login of non-libvirt-managed iscsi (bz #1331552)
+- Fix floppy media change (bz #1341998)
+
+* Wed Jun 08 2016 Cole Robinson <crobinso@redhat.com> - 1.3.3.1-3
+- Fix advertising fedora edk2 firmware builds
+
+* Fri May 20 2016 Cole Robinson <crobinso@redhat.com> - 1.3.3.1-2
+- Fix libxl video config via virt-install (bz #1334557)
+- Advertise fedora edk2 firmware builds to apps (bz #1335395)
+
+* Wed May 04 2016 Cole Robinson <crobinso@redhat.com> - 1.3.3.1-1
+- Rebased to version 1.3.3.1
+- Fix default video device primary= setting (bz #1332701)
+- Drop libvirtd.socket (bz #1279348)
+- Start network after config-network RPM install (bz #867546)
+
+* Thu Apr 14 2016 Cole Robinson <crobinso@redhat.com> - 1.3.3-2
+- libvirt assigns same address to two PCI devices (bz #1325085)
+- Fix build with -Werror
+
+* Thu Apr 07 2016 Cole Robinson <crobinso@redhat.com> - 1.3.3-1
+- Rebased to version 1.3.3
+
+* Thu Mar 17 2016 Cole Robinson <crobinso@redhat.com> - 1.3.2-3
+- Fix qemu:///session disconnect after 30 seconds
+- Fix 'permission denied' errors trying to unlink disk images (bz #1289327)
 - Fix qemu:///session connect race failures (bz #1271183)
 - driver: log missing modules as INFO, not WARN (bz #1274849)
 
-* Wed Jan 20 2016 Cole Robinson <crobinso@redhat.com> - 1.2.13.2-2
-- Fix XML validation with qemu commandline passthrough (bz #1292131)
-- Fix crash in libvirt_leasehelper (bz #1202350)
-- Generate consistent systemtap tapsets regardless of host arch (bz
-  #1173641)
-- Fix qemu:///session error 'Transport endpoint is not connected' (bz
-  #1271183)
-- Fix parallel VM start/top svirt errors on kernel/initrd (bz #1269975)
+* Wed Mar  9 2016 Richard W.M. Jones <rjones@redhat.com> - 1.3.2-2
+- Add fix for RHBZ#1315606.
 
-* Wed Dec 23 2015 Cole Robinson <crobinso@redhat.com> - 1.2.13.2-1
-- Rebased to version 1.2.13.2
-- disk backend is not removed properly when disk frontent hotplug fails (bz
-  #1265968)
-- Fix TPM cancel path on newer kernels (bz #1244895)
-- Remove timeout for libvirt-guests.service (bz #1195544)
-- CVE-2015-5313 libvirt: filesystem storage volume names path traversal flaw
-  (bz #1291433)
-- Fix VM names with non-ascii (bz #1062943)
-- Fix backwards migration with graphics listen address (bz #1276883)
+* Tue Mar  1 2016 Daniel Berrange <berrange@redhat.com> - 1.3.2-1
+- Update to 1.3.2 release
 
-* Mon Sep 21 2015 Cole Robinson <crobinso@redhat.com> - 1.2.13.1-3
-- Add sanity checks for drive mirroring (bz #1263438)
+* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
 
-* Fri Jun 05 2015 Cole Robinson <crobinso@redhat.com> - 1.2.13.1-2
-- lxc network fixes (bz #1225591, bz #1225593, bz #1225594)
-- polkit: Allow password-less access for 'libvirt' group (bz #957300)
+* Tue Jan 19 2016 Daniel Berrange <berrange@redhat.com> - 1.3.1-1
+- Update to 1.3.1 release
 
-* Tue Apr 28 2015 Cole Robinson <crobinso@redhat.com> - 1.2.13.1-1
-- Rebased to version 1.2.13.1
-- Fix getVersion() after installing qemu (bz #1000116)
-- Fix autosocket setup with qemu:///session (bz #1044561, bz #1105274)
-- Ignore storage volumes with non-ascii in names (bz #1066564)
-- Don't generate invalid system nodedev XML (bz #1184131)
-- Fix crash via race when unrefing rpc identity object (bz #1203030)
-- Fix domcapabilities failure with ppc64le (bz #1209948)
-- Fix regression with 'virsh event ' (bz #1212620)
-- Add {Haswell,Broadwell}-noTSX CPU models (bz #1182650)
-- Don't lose VMs on libvirtd restart if qemu is uninstalled (bz #1099847)
-- Ignore storage volumes that libvirt can't open (bz #1103308)
+* Wed Dec  9 2015 Daniel Berrange <berrange@redhat.com> - 1.3.0-1
+- Update to 1.3.0 release
 
-* Wed Apr 15 2015 Cole Robinson <crobinso@redhat.com> - 1.2.13-3
+* Wed Nov 11 2015 Cole Robinson <crobinso@redhat.com> - 1.2.21-1
+- Update to 1.2.21 release
+
+* Sun Oct 11 2015 Cole Robinson <crobinso@redhat.com> - 1.2.20-2
+- Rebuild for xen 4.6
+
+* Fri Oct  2 2015 Daniel P. Berrange <berrange@redhat.com> - 1.2.20-1
+- Update to 1.2.20 release
+
+* Wed Sep  2 2015 Daniel P. Berrange <berrange@redhat.com> - 1.2.19-1
+- Update to 1.2.19 release
+
+* Tue Aug  4 2015 Daniel P. Berrange <berrange@redhat.com> - 1.2.18-1
+- Update to 1.2.18 release
+
+* Wed Jul 29 2015 Richard W.M. Jones <rjones@redhat.com> - 1.2.17-2
+- Fix 'Cannot write data: Broken pipe [code=38 domain=7]' (RHBZ#1247746).
+
+* Tue Jul 14 2015 Cole Robinson <crobinso@redhat.com> - 1.2.17-1
+- numerous improvements and refactoring of the parallels driver
+- hardening of vcpu code
+- hardening of migration code
+- a lot of improvement and bug fixes
+
+* Sun Jul 12 2015 Peter Robinson <pbrobinson@fedoraproject.org> 1.2.16-3
+- Rebuild (aarch64)
+
+* Tue Jun 16 2015 Daniel P. Berrange <berrange@redhat.com> - 1.2.16-2
+- Rebuild for libwsman soname bump
+
+* Mon Jun 01 2015 Daniel P. Berrange <berrange@redhat.com> - 1.2.16-1
+- Update to 1.2.16 release
+
+* Thu May 07 2015 Richard W.M. Jones <rjones@redhat.com> - 1.2.15-2
+- Add Cole Robinson's patch to fix arch selection (bz# 1219198, bz#1219191)
+
+* Mon May 04 2015 Cole Robinson <crobinso@redhat.com> - 1.2.15-1
+- Rebased to version 1.2.15
+
+* Wed Apr 15 2015 Cole Robinson <crobinso@redhat.com> - 1.2.14-2
 - Fix LXC domain startup (bz #1210397)
-- Fix crash via identify object cleanup race (bz #1203030)
 - Fix race starting multiple session daemons (bz #1200149)
 - Fix change-media success messages
 - Strip invalid control codes from XML (bz #1066564, bz #1184131)
 
+* Thu Apr 02 2015 Cole Robinson <crobinso@redhat.com> - 1.2.14-1
+- Rebased to version 1.2.14
+
 * Tue Mar 10 2015 Cole Robinson <crobinso@redhat.com> - 1.2.13-2
 - Fix connecting to qemu:///session (bz #1198244)
 

sources

@@ -1 +1 @@
-05f461cd499c628ef07822dd607c340a  libvirt-1.2.13.2.tar.gz
+SHA512 (libvirt-1.3.3.3.tar.gz) = 63f68b100ee73cd44ec983c24cc441f6b0361ebbf0c05b8ab4638f4819d6ec372823e5b66c65ddfac0539717a202253d9ee23456235aff963acb83d2e64f8ae2