Rebased to version 0.10.2.8

CVE-2013-4311: Insecure polkit usage (bz #1009539, bz #1005332)
CVE-2013-4296: Invalid free memory stats (bz #1006173, bz #1009667)
CVE-2013-4291: Supplementary groups handling (bz #1006509, bz #1006511)
Fix LXC container creation if selinux disabled (bz #977114)
Fix virsh change-media with block disk type (bz #951192)

0001-Use-qemu-system-i386-as-binary-instead-of-qemu.patch

@@ -0,0 +1,27 @@
+From 37865f1dead1fac2ee34af48f96d19d686296e04 Mon Sep 17 00:00:00 2001
+From: "Richard W.M. Jones" <rjones@redhat.com>
+Date: Thu, 13 Sep 2012 14:37:22 +0100
+Subject: [PATCH] Use 'qemu-system-i386' as binary instead of 'qemu'.
+
+---
+ src/qemu/qemu_capabilities.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
+index af3b0b2..179b3d2 100644
+--- a/src/qemu/qemu_capabilities.c
++++ b/src/qemu/qemu_capabilities.c
+@@ -244,8 +244,8 @@ static const struct qemu_feature_flags const arch_info_x86_64_flags [] = {
+ 
+ /* The archicture tables for supported QEMU archs */
+ static const struct qemu_arch_info const arch_info_hvm[] = {
+-    {  "i686",   32, NULL, "qemu",
+-       "qemu-system-x86_64", arch_info_i686_flags, 4 },
++    {  "i686",   32, NULL, "qemu-system-i386",
++       NULL, arch_info_i686_flags, 4 },
+     {  "x86_64", 64, NULL, "qemu-system-x86_64",
+        NULL, arch_info_x86_64_flags, 2 },
+     {  "arm",    32, NULL, "qemu-system-arm",    NULL, NULL, 0 },
+-- 
+1.7.11.4
+

Makefile

@@ -4,7 +4,7 @@ NAME := libvirt
 SPECFILE = $(firstword $(wildcard *.spec))
 
 define find-makefile-common
-for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
+for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
 endef
 
 MAKEFILE_COMMON := $(shell $(find-makefile-common))

libvirt-0.4.1-daemon-startup.patch

@@ -1,48 +0,0 @@
-diff -rup libvirt-0.4.1.orig/qemud/qemud.c libvirt-0.4.1.new/qemud/qemud.c
---- libvirt-0.4.1.orig/qemud/qemud.c	2008-03-10 17:31:09.000000000 -0400
-+++ libvirt-0.4.1.new/qemud/qemud.c	2008-03-10 17:31:36.000000000 -0400
-@@ -393,7 +393,7 @@ static int qemudGoDaemon(void) {
-             case -1:
-                 return -1;
-             default:
--                return nextpid;
-+                _exit(0);
-             }
- 
-         cleanup:
-@@ -418,8 +418,7 @@ static int qemudGoDaemon(void) {
-                 status != 0) {
-                 return -1;
-             }
--
--            return pid;
-+            _exit(0);
-         }
-     }
- }
-@@ -2116,16 +2115,12 @@ int main(int argc, char **argv) {
-         goto error1;
- 
-     if (godaemon) {
--        int pid;
-         openlog("libvirtd", 0, 0);
--        pid = qemudGoDaemon();
--        if (pid < 0) {
-+        if (qemudGoDaemon() < 0) {
-             qemudLog(QEMUD_ERR, _("Failed to fork as daemon: %s"),
-                      strerror(errno));
-             goto error1;
-         }
--        if (pid > 0)
--            goto out;
- 
-         /* Choose the name of the PID file. */
-         if (!pid_file) {
-@@ -2172,7 +2167,6 @@ int main(int argc, char **argv) {
-     if (godaemon)
-         closelog();
- 
-- out:
-     ret = 0;
- 
-  error2:

libvirt-0.4.1-polkit.patch

@@ -1,400 +0,0 @@
-diff -rup libvirt-0.4.1.orig/configure.in libvirt-0.4.1.new/configure.in
---- libvirt-0.4.1.orig/configure.in	2008-03-03 09:14:19.000000000 -0500
-+++ libvirt-0.4.1.new/configure.in	2008-04-03 15:37:49.000000000 -0400
-@@ -450,10 +450,6 @@ if test "x$with_polkit" = "xyes" -o "x$w
-     CFLAGS="$old_CFLAGS"
-     LDFLAGS="$old_LDFLAGS"
- 
--    AC_PATH_PROG(POLKIT_GRANT, polkit-grant)
--    if test "x$POLKIT_GRANT" != "x"; then
--      AC_DEFINE_UNQUOTED([POLKIT_GRANT],["$POLKIT_GRANT"],[Location of polkit-grant program])
--    fi
-     AC_PATH_PROG(POLKIT_AUTH, polkit-auth)
-     if test "x$POLKIT_AUTH" != "x"; then
-       AC_DEFINE_UNQUOTED([POLKIT_AUTH],["$POLKIT_AUTH"],[Location of polkit-auth program])
-diff -rup libvirt-0.4.1.orig/qemud/internal.h libvirt-0.4.1.new/qemud/internal.h
---- libvirt-0.4.1.orig/qemud/internal.h	2008-01-24 12:07:43.000000000 -0500
-+++ libvirt-0.4.1.new/qemud/internal.h	2008-04-03 15:38:03.000000000 -0400
-@@ -179,6 +179,9 @@ void qemudLog(int priority, const char *
- void remoteDispatchClientRequest (struct qemud_server *server,
-                                   struct qemud_client *client);
- 
-+#if HAVE_POLKIT
-+int qemudGetSocketIdentity(int fd, uid_t *uid, pid_t *pid);
-+#endif
- 
- #endif
- 
-diff -rup libvirt-0.4.1.orig/qemud/qemud.c libvirt-0.4.1.new/qemud/qemud.c
---- libvirt-0.4.1.orig/qemud/qemud.c	2008-04-03 15:39:15.000000000 -0400
-+++ libvirt-0.4.1.new/qemud/qemud.c	2008-04-03 15:38:03.000000000 -0400
-@@ -1040,6 +1040,28 @@ remoteCheckAccess (struct qemud_client *
-     return 0;
- }
- 
-+#if HAVE_POLKIT
-+int qemudGetSocketIdentity(int fd, uid_t *uid, pid_t *pid) {
-+#ifdef SO_PEERCRED
-+    struct ucred cr;
-+    unsigned int cr_len = sizeof (cr);
-+
-+    if (getsockopt (fd, SOL_SOCKET, SO_PEERCRED, &cr, &cr_len) < 0) {
-+        qemudLog(QEMUD_ERR, _("Failed to verify client credentials: %s"),
-+                 strerror(errno));
-+        return -1;
-+    }
-+
-+    *pid = cr.pid;
-+    *uid = cr.uid;
-+#else
-+    /* XXX Many more OS support UNIX socket credentials we could port to. See dbus ....*/
-+#error "UNIX socket credentials not supported/implemented on this platform yet..."
-+#endif
-+    return 0;
-+}
-+#endif
-+
- static int qemudDispatchServer(struct qemud_server *server, struct qemud_socket *sock) {
-     int fd;
-     struct sockaddr_storage addr;
-@@ -1075,6 +1097,26 @@ static int qemudDispatchServer(struct qe
-     memcpy (&client->addr, &addr, sizeof addr);
-     client->addrlen = addrlen;
- 
-+#if HAVE_POLKIT
-+    /* Only do policy checks for non-root - allow root user
-+       through with no checks, as a fail-safe - root can easily
-+       change policykit policy anyway, so its pointless trying
-+       to restrict root */
-+    if (client->auth == REMOTE_AUTH_POLKIT) {
-+        uid_t uid;
-+        pid_t pid;
-+
-+        if (qemudGetSocketIdentity(client->fd, &uid, &pid) < 0)
-+            goto cleanup;
-+
-+        /* Cient is running as root, so disable auth */
-+        if (uid == 0) {
-+            qemudLog(QEMUD_INFO, _("Turn off polkit auth for privileged client %d"), pid);
-+            client->auth = REMOTE_AUTH_NONE;
-+        }
-+    }
-+#endif
-+
-     if (client->type != QEMUD_SOCK_TYPE_TLS) {
-         client->mode = QEMUD_MODE_RX_HEADER;
-         client->bufferLength = REMOTE_MESSAGE_HEADER_XDR_LEN;
-diff -rup libvirt-0.4.1.orig/qemud/remote.c libvirt-0.4.1.new/qemud/remote.c
---- libvirt-0.4.1.orig/qemud/remote.c	2008-02-29 11:23:17.000000000 -0500
-+++ libvirt-0.4.1.new/qemud/remote.c	2008-04-03 15:38:03.000000000 -0400
-@@ -2564,27 +2564,6 @@ remoteDispatchAuthSaslStep (struct qemud
- 
- 
- #if HAVE_POLKIT
--static int qemudGetSocketIdentity(int fd, uid_t *uid, pid_t *pid) {
--#ifdef SO_PEERCRED
--    struct ucred cr;
--    unsigned int cr_len = sizeof (cr);
--
--    if (getsockopt (fd, SOL_SOCKET, SO_PEERCRED, &cr, &cr_len) < 0) {
--        qemudLog(QEMUD_ERR, _("Failed to verify client credentials: %s"),
--                 strerror(errno));
--        return -1;
--    }
--
--    *pid = cr.pid;
--    *uid = cr.uid;
--#else
--    /* XXX Many more OS support UNIX socket credentials we could port to. See dbus ....*/
--#error "UNIX socket credentials not supported/implemented on this platform yet..."
--#endif
--    return 0;
--}
--
--
- static int
- remoteDispatchAuthPolkit (struct qemud_server *server ATTRIBUTE_UNUSED,
-                           struct qemud_client *client,
-@@ -2594,6 +2573,15 @@ remoteDispatchAuthPolkit (struct qemud_s
- {
-     pid_t callerPid;
-     uid_t callerUid;
-+    PolKitCaller *pkcaller = NULL;
-+    PolKitAction *pkaction = NULL;
-+    PolKitContext *pkcontext = NULL;
-+    PolKitError *pkerr = NULL;
-+    PolKitResult pkresult;
-+    DBusError err;
-+    const char *action = client->readonly ?
-+        "org.libvirt.unix.monitor" :
-+        "org.libvirt.unix.manage";
- 
-     REMOTE_DEBUG("Start PolicyKit auth %d", client->fd);
-     if (client->auth != REMOTE_AUTH_POLKIT) {
-@@ -2609,98 +2597,78 @@ remoteDispatchAuthPolkit (struct qemud_s
-         return -2;
-     }
- 
--    /* Only do policy checks for non-root - allow root user
--       through with no checks, as a fail-safe - root can easily
--       change policykit policy anyway, so its pointless trying
--       to restrict root */
--    if (callerUid == 0) {
--        qemudLog(QEMUD_INFO, _("Allowing PID %d running as root"), callerPid);
--        ret->complete = 1;
--        client->auth = REMOTE_AUTH_NONE;
--    } else {
--        PolKitCaller *pkcaller = NULL;
--        PolKitAction *pkaction = NULL;
--        PolKitContext *pkcontext = NULL;
--        PolKitError *pkerr = NULL;
--        PolKitResult pkresult;
--        DBusError err;
--        const char *action = client->readonly ?
--            "org.libvirt.unix.monitor" :
--            "org.libvirt.unix.manage";
--
--        qemudLog(QEMUD_INFO, _("Checking PID %d running as %d"),
--                 callerPid, callerUid);
--        dbus_error_init(&err);
--        if (!(pkcaller = polkit_caller_new_from_pid(server->sysbus,
--                                                    callerPid, &err))) {
--            qemudLog(QEMUD_ERR, _("Failed to lookup policy kit caller: %s"),
--                     err.message);
--            dbus_error_free(&err);
--            remoteDispatchFailAuth(client, req);
--            return -2;
--        }
--
--        if (!(pkaction = polkit_action_new())) {
--            qemudLog(QEMUD_ERR, _("Failed to create polkit action %s\n"),
--                                  strerror(errno));
--            polkit_caller_unref(pkcaller);
--            remoteDispatchFailAuth(client, req);
--            return -2;
--        }
--        polkit_action_set_action_id(pkaction, action);
--
--        if (!(pkcontext = polkit_context_new()) ||
--            !polkit_context_init(pkcontext, &pkerr)) {
--            qemudLog(QEMUD_ERR, _("Failed to create polkit context %s\n"),
--                     (pkerr ? polkit_error_get_error_message(pkerr)
--                      : strerror(errno)));
--            if (pkerr)
--                polkit_error_free(pkerr);
--            polkit_caller_unref(pkcaller);
--            polkit_action_unref(pkaction);
--            dbus_error_free(&err);
--            remoteDispatchFailAuth(client, req);
--            return -2;
--        }
-+    qemudLog(QEMUD_INFO, _("Checking PID %d running as %d"),
-+             callerPid, callerUid);
-+    dbus_error_init(&err);
-+    if (!(pkcaller = polkit_caller_new_from_pid(server->sysbus,
-+                                                callerPid, &err))) {
-+        qemudLog(QEMUD_ERR, _("Failed to lookup policy kit caller: %s"),
-+                 err.message);
-+        dbus_error_free(&err);
-+        remoteDispatchFailAuth(client, req);
-+        return -2;
-+    }
-+
-+    if (!(pkaction = polkit_action_new())) {
-+        qemudLog(QEMUD_ERR, _("Failed to create polkit action %s\n"),
-+                 strerror(errno));
-+        polkit_caller_unref(pkcaller);
-+        remoteDispatchFailAuth(client, req);
-+        return -2;
-+    }
-+    polkit_action_set_action_id(pkaction, action);
-+
-+    if (!(pkcontext = polkit_context_new()) ||
-+        !polkit_context_init(pkcontext, &pkerr)) {
-+        qemudLog(QEMUD_ERR, _("Failed to create polkit context %s\n"),
-+                 (pkerr ? polkit_error_get_error_message(pkerr)
-+                  : strerror(errno)));
-+        if (pkerr)
-+            polkit_error_free(pkerr);
-+        polkit_caller_unref(pkcaller);
-+        polkit_action_unref(pkaction);
-+        dbus_error_free(&err);
-+        remoteDispatchFailAuth(client, req);
-+        return -2;
-+    }
- 
- #if HAVE_POLKIT_CONTEXT_IS_CALLER_AUTHORIZED
--        pkresult = polkit_context_is_caller_authorized(pkcontext,
--                                                       pkaction,
--                                                       pkcaller,
--                                                       0,
--                                                       &pkerr);
--        if (pkerr && polkit_error_is_set(pkerr)) {
--            qemudLog(QEMUD_ERR,
--                     _("Policy kit failed to check authorization %d %s"),
--                     polkit_error_get_error_code(pkerr),
--                     polkit_error_get_error_message(pkerr));
--            remoteDispatchFailAuth(client, req);
--            return -2;
--        }
-+    pkresult = polkit_context_is_caller_authorized(pkcontext,
-+                                                   pkaction,
-+                                                   pkcaller,
-+                                                   0,
-+                                                   &pkerr);
-+    if (pkerr && polkit_error_is_set(pkerr)) {
-+        qemudLog(QEMUD_ERR,
-+                 _("Policy kit failed to check authorization %d %s"),
-+                 polkit_error_get_error_code(pkerr),
-+                 polkit_error_get_error_message(pkerr));
-+        remoteDispatchFailAuth(client, req);
-+        return -2;
-+    }
- #else
--        pkresult = polkit_context_can_caller_do_action(pkcontext,
--                                                       pkaction,
--                                                       pkcaller);
-+    pkresult = polkit_context_can_caller_do_action(pkcontext,
-+                                                   pkaction,
-+                                                   pkcaller);
- #endif
--        polkit_context_unref(pkcontext);
--        polkit_caller_unref(pkcaller);
--        polkit_action_unref(pkaction);
--        if (pkresult != POLKIT_RESULT_YES) {
--            qemudLog(QEMUD_ERR,
--                     _("Policy kit denied action %s from pid %d, uid %d,"
--                       " result: %s\n"),
--                     action, callerPid, callerUid,
--                     polkit_result_to_string_representation(pkresult));
--            remoteDispatchFailAuth(client, req);
--            return -2;
--        }
--        qemudLog(QEMUD_INFO,
--                 _("Policy allowed action %s from pid %d, uid %d, result %s"),
-+    polkit_context_unref(pkcontext);
-+    polkit_caller_unref(pkcaller);
-+    polkit_action_unref(pkaction);
-+    if (pkresult != POLKIT_RESULT_YES) {
-+        qemudLog(QEMUD_ERR,
-+                 _("Policy kit denied action %s from pid %d, uid %d,"
-+                   " result: %s\n"),
-                  action, callerPid, callerUid,
-                  polkit_result_to_string_representation(pkresult));
--        ret->complete = 1;
--        client->auth = REMOTE_AUTH_NONE;
-+        remoteDispatchFailAuth(client, req);
-+        return -2;
-     }
-+    qemudLog(QEMUD_INFO,
-+             _("Policy allowed action %s from pid %d, uid %d, result %s"),
-+             action, callerPid, callerUid,
-+             polkit_result_to_string_representation(pkresult));
-+    ret->complete = 1;
-+    client->auth = REMOTE_AUTH_NONE;
- 
-     return 0;
- }
-diff -rup libvirt-0.4.1.orig/src/libvirt.c libvirt-0.4.1.new/src/libvirt.c
---- libvirt-0.4.1.orig/src/libvirt.c	2008-02-26 10:37:43.000000000 -0500
-+++ libvirt-0.4.1.new/src/libvirt.c	2008-04-03 15:38:47.000000000 -0400
-@@ -19,6 +19,9 @@
- #include <sys/stat.h>
- #include <unistd.h>
- #include <assert.h>
-+#ifdef HAVE_SYS_WAIT_H
-+#include <sys/wait.h>
-+#endif
- 
- #include <libxml/parser.h>
- #include <libxml/xpath.h>
-@@ -66,6 +69,39 @@ static int initialized = 0;
- int debugFlag = 0;
- #endif
- 
-+#if defined(POLKIT_AUTH)
-+static int virConnectAuthGainPolkit(const char *privilege) {
-+    const char *const args[] = {
-+        POLKIT_AUTH, "--obtain", privilege, NULL
-+    };
-+    int childpid, status, ret;
-+
-+    /* Root has all rights */
-+    if (getuid() == 0)
-+        return 0;
-+
-+    if ((childpid = fork()) < 0)
-+        return -1;
-+
-+    if (!childpid) {
-+        execvp(args[0], (char **)args);
-+        _exit(-1);
-+    }
-+
-+    while ((ret = waitpid(childpid, &status, 0) == -1) && errno == EINTR);
-+    if (ret == -1) {
-+        return -1;
-+    }
-+
-+    if (!WIFEXITED(status) ||
-+        (WEXITSTATUS(status) != 0 && WEXITSTATUS(status) != 1)) {
-+        return -1;
-+    }
-+
-+    return 0;
-+}
-+#endif
-+
- static int virConnectAuthCallbackDefault(virConnectCredentialPtr cred,
-                                          unsigned int ncred,
-                                          void *cbdata ATTRIBUTE_UNUSED) {
-@@ -77,28 +113,25 @@ static int virConnectAuthCallbackDefault
-         size_t len;
- 
-         switch (cred[i].type) {
--#if defined(POLKIT_GRANT) || defined(POLKIT_AUTH)
-         case VIR_CRED_EXTERNAL: {
-             int ret;
--            const char *const args[] = {
--#if defined(POLKIT_GRANT)
--                POLKIT_GRANT, "--gain", cred[i].prompt, NULL
--#else
--                POLKIT_AUTH, "--obtain", cred[i].prompt, NULL
--#endif
--            };
--
-             if (STRNEQ(cred[i].challenge, "PolicyKit"))
-                 return -1;
--            if (virRun(NULL, (char **) args, &ret) < 0)
--                return -1;
- 
--            if (!WIFEXITED(ret) ||
--                (WEXITSTATUS(ret) != 0 && WEXITSTATUS(ret) != 1))
-+#if defined(POLKIT_AUTH)
-+            if (virConnectAuthGainPolkit(cred[i].prompt) < 0)
-                 return -1;
-+#else
-+            /*
-+             * Ignore & carry on. Although we can't auth
-+             * directly, the user may have authenticated
-+             * themselves already outside context of libvirt
-+             */
-+#endif
-+
-             break;
-         }
--#endif
-+
-         case VIR_CRED_USERNAME:
-         case VIR_CRED_AUTHNAME:
-         case VIR_CRED_ECHOPROMPT:
-@@ -158,9 +191,7 @@ static int virConnectCredTypeDefault[] =
-     VIR_CRED_REALM,
-     VIR_CRED_PASSPHRASE,
-     VIR_CRED_NOECHOPROMPT,
--#if defined(POLKIT_AUTH) || defined(POLKIT_GRANT)
-     VIR_CRED_EXTERNAL,
--#endif
- };
- 
- static virConnectAuth virConnectAuthDefault = {

libvirt-0.4.1-qemu-media-change.patch

@@ -1,128 +0,0 @@
-commit 570fd656d1b67e5d02f52e107946930257e811a7
-Author: Daniel Veillard <veillard@redhat.com>
-Date:   Thu Mar 13 09:17:45 2008 +0000
-
-    * src/qemu_conf.c src/qemu_driver.c: patch from Cole Robinson
-      fixing CD Rom change on live QEmu/KVM domains.
-    Daniel
-
-diff --git a/src/qemu_conf.c b/src/qemu_conf.c
-index e54da5b..ebbd251 100644
---- a/src/qemu_conf.c
-+++ b/src/qemu_conf.c
-@@ -594,9 +594,16 @@ static int qemudParseDiskXML(virConnectPtr conn,
-     }
- 
-     if (source == NULL) {
--        qemudReportError(conn, NULL, NULL, VIR_ERR_NO_SOURCE, target ? "%s" : NULL, target);
--        goto error;
-+        /* There is a case without the source
-+         * to the CD-ROM device
-+         */
-+        if (!device || STRNEQ((const char *) device, "cdrom")) {
-+            qemudReportError(conn, NULL, NULL, VIR_ERR_NO_SOURCE,
-+                             target ? "%s" : NULL, target);
-+            goto error;
-+        }
-     }
-+
-     if (target == NULL) {
-         qemudReportError(conn, NULL, NULL, VIR_ERR_NO_TARGET, source ? "%s" : NULL, source);
-         goto error;
-@@ -630,7 +637,7 @@ static int qemudParseDiskXML(virConnectPtr conn,
-         goto error;
-     }
- 
--    strncpy(disk->src, (const char *)source, NAME_MAX-1);
-+    strncpy(disk->src, (source ? (const char *) source : "\0"), NAME_MAX-1);
-     disk->src[NAME_MAX-1] = '\0';
- 
-     strncpy(disk->dst, (const char *)target, NAME_MAX-1);
-@@ -1747,9 +1754,15 @@ int qemudBuildCommandLine(virConnectPtr conn,
-         char dev[NAME_MAX];
-         char file[PATH_MAX];
-         if (!strcmp(disk->dst, "hdc") &&
--            disk->device == QEMUD_DISK_CDROM)
--            snprintf(dev, NAME_MAX, "-%s", "cdrom");
--        else
-+            disk->device == QEMUD_DISK_CDROM) {
-+            if (disk->src[0])
-+                snprintf(dev, NAME_MAX, "-%s", "cdrom");
-+            else {
-+                /* Don't put anything on the cmdline for an empty cdrom*/
-+                disk = disk->next;
-+                continue;
-+            }
-+        } else
-             snprintf(dev, NAME_MAX, "-%s", disk->dst);
-         snprintf(file, PATH_MAX, "%s", disk->src);
- 
-@@ -2906,8 +2919,10 @@ char *qemudGenerateXML(virConnectPtr conn,
-                               types[disk->type], devices[disk->device]) < 0)
-             goto no_memory;
- 
--        if (virBufferVSprintf(buf, "      <source %s='%s'/>\n", typeAttrs[disk->type], disk->src) < 0)
--            goto no_memory;
-+        if (disk->src[0])
-+            if (virBufferVSprintf(buf, "      <source %s='%s'/>\n",
-+                                  typeAttrs[disk->type], disk->src) < 0)
-+                goto no_memory;
- 
-         if (virBufferVSprintf(buf, "      <target dev='%s'/>\n", disk->dst) < 0)
-             goto no_memory;
-diff --git a/src/qemu_driver.c b/src/qemu_driver.c
-index 21f0fed..2b4c2a6 100644
---- a/src/qemu_driver.c
-+++ b/src/qemu_driver.c
-@@ -2223,23 +2223,29 @@ static int qemudDomainChangeCDROM(virDomainPtr dom,
-     struct qemud_driver *driver = (struct qemud_driver *)dom->conn->privateData;
-     char *cmd, *reply, *safe_path;
- 
--    /* Migrate to file */
--    safe_path = qemudEscapeMonitorArg(newdisk->src);
--    if (!safe_path) {
--        qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED,
--                         "out of memory");
--        return -1;
--    }
--    if (asprintf (&cmd, "change %s \"%s\"",
--                  /* XXX qemu may support multiple CDROM in future */
--                  /* olddisk->dst */ "cdrom",
--                  safe_path) == -1) {
-+    if (newdisk->src[0]) {
-+        safe_path = qemudEscapeMonitorArg(newdisk->src);
-+        if (!safe_path) {
-+            qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED,
-+                             "out of memory");
-+            return -1;
-+        }
-+        if (asprintf (&cmd, "change %s \"%s\"",
-+                      /* XXX qemu may support multiple CDROM in future */
-+                      /* olddisk->dst */ "cdrom",
-+                      safe_path) == -1) {
-+            qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED,
-+                             "out of memory");
-+            free(safe_path);
-+            return -1;
-+        }
-+        free(safe_path);
-+
-+    } else if (asprintf(&cmd, "eject cdrom") == -1) {
-         qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED,
-                          "out of memory");
--        free(safe_path);
-         return -1;
-     }
--    free(safe_path);
- 
-     if (qemudMonitorCommand(driver, vm, cmd, &reply) < 0) {
-         qemudReportError(dom->conn, dom, NULL, VIR_ERR_OPERATION_FAILED, "cannot change cdrom media");
-@@ -2248,7 +2254,7 @@ static int qemudDomainChangeCDROM(virDomainPtr dom,
-     }
-     free(reply);
-     free(cmd);
--    strcpy(olddisk->dst, newdisk->dst);
-+    strcpy(olddisk->src, newdisk->src);
-     olddisk->type = newdisk->type;
-     return 0;
- }

libvirt-0.4.1-qemud1.patch

@@ -1,38 +0,0 @@
-
-	Avoid segfault upon early libvirtd failure.
-	* qemud/qemud.c (main): Don't call qemudCleanup on an
-	uninitialized pointer.
-
-By the way, even though this evoked a warning from gcc,
-"make distcheck" passes.  Obviously, that means the distcheck
-rule is inadequate.  I'll fix it so that it turns on -Werror
-for the final build.
-
-Signed-off-by: Jim Meyering <meyering@redhat.com>
----
- qemud/qemud.c |    5 +++--
- 1 files changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/qemud/qemud.c b/qemud/qemud.c
-index 96fdf32..b6b82ed 100644
---- a/qemud/qemud.c
-+++ b/qemud/qemud.c
-@@ -2025,7 +2025,7 @@ libvirt management daemon:\n\
-
- #define MAX_LISTEN 5
- int main(int argc, char **argv) {
--    struct qemud_server *server;
-+    struct qemud_server *server = NULL;
-     struct sigaction sig_action;
-     int sigpipe[2];
-     const char *pid_file = NULL;
-@@ -2180,7 +2180,8 @@ int main(int argc, char **argv) {
-         unlink (pid_file);
-
-  error1:
--    qemudCleanup(server);
-+    if (server)
-+        qemudCleanup(server);
-     return ret;
- }
-

libvirt-0.4.1-qemud2.patch

@@ -1,23 +0,0 @@
-
-	Don't use first byte of string as a pointer.
-	* src/qemu_conf.c (qemudReportError): Use the pointer, errorMessage,
-	not its first byte, errorMessage[0].
-
-Signed-off-by: Jim Meyering <meyering@redhat.com>
----
- src/qemu_conf.c |    2 +-
- 1 files changed, 1 insertions(+), 1 deletions(-)
-
-diff --git a/src/qemu_conf.c b/src/qemu_conf.c
-index eead0bc..e54da5b 100644
---- a/src/qemu_conf.c
-+++ b/src/qemu_conf.c
-@@ -68,7 +68,7 @@ void qemudReportError(virConnectPtr conn,
-         errorMessage[0] = '\0';
-     }
-
--    virerr = __virErrorMsg(code, (errorMessage[0] ? errorMessage[0] : NULL));
-+    virerr = __virErrorMsg(code, (errorMessage[0] ? errorMessage : NULL));
-     __virRaiseError(conn, dom, net, VIR_FROM_QEMU, code, VIR_ERR_ERROR,
-                     virerr, errorMessage, NULL, -1, -1, virerr, errorMessage);
- }

libvirt-0.4.1-tap-ifname.patch

@@ -1,63 +0,0 @@
-diff -rupN libvirt-0.4.1.orig/src/bridge.c libvirt-0.4.1.new/src/bridge.c
---- libvirt-0.4.1.orig/src/bridge.c	2008-02-28 06:16:21.000000000 -0500
-+++ libvirt-0.4.1.new/src/bridge.c	2008-03-13 11:25:12.000000000 -0400
-@@ -313,7 +313,6 @@ brDeleteInterface(brControl *ctl ATTRIBU
- int
- brAddTap(brControl *ctl,
-          const char *bridge,
--         unsigned char *macaddr,
-          char *ifname,
-          int maxlen,
-          int *tapfd)
-@@ -357,18 +356,6 @@ brAddTap(brControl *ctl,
-         }
- 
-         if (ioctl(fd, TUNSETIFF, &try) == 0) {
--            struct ifreq addr;
--            memset(&addr, 0, sizeof(addr));
--            memcpy(addr.ifr_hwaddr.sa_data, macaddr, 6);
--            addr.ifr_hwaddr.sa_family = ARPHRD_ETHER;
--
--            /* Device actually starts in 'UP' state, but it
--             * needs to be down to set the MAC addr
--             */
--            if ((errno = brSetInterfaceUp(ctl, try.ifr_name, 0)))
--                goto error;
--            if (ioctl(fd, SIOCSIFHWADDR, &addr) != 0)
--                goto error;
-             if ((errno = brAddInterface(ctl, bridge, try.ifr_name)))
-                 goto error;
-             if ((errno = brSetInterfaceUp(ctl, try.ifr_name, 1)))
-diff -rupN libvirt-0.4.1.orig/src/bridge.h libvirt-0.4.1.new/src/bridge.h
---- libvirt-0.4.1.orig/src/bridge.h	2008-02-28 06:16:21.000000000 -0500
-+++ libvirt-0.4.1.new/src/bridge.h	2008-03-13 11:25:12.000000000 -0400
-@@ -62,7 +62,6 @@ int     brDeleteInterface       (brContr
- 
- int     brAddTap                (brControl *ctl,
-                                  const char *bridge,
--                                 unsigned char *mac,
-                                  char *ifname,
-                                  int maxlen,
-                                  int *tapfd);
-diff -rupN libvirt-0.4.1.orig/src/qemu_conf.c libvirt-0.4.1.new/src/qemu_conf.c
---- libvirt-0.4.1.orig/src/qemu_conf.c	2008-03-13 11:24:39.000000000 -0400
-+++ libvirt-0.4.1.new/src/qemu_conf.c	2008-03-13 11:25:12.000000000 -0400
-@@ -1540,7 +1540,6 @@ qemudNetworkIfaceConnect(virConnectPtr c
-     }
- 
-     if ((err = brAddTap(driver->brctl, brname,
--                        net->mac,
-                         ifname, BR_IFNAME_MAXLEN, &tapfd))) {
-         qemudReportError(conn, NULL, NULL, VIR_ERR_INTERNAL_ERROR,
-                          "Failed to add tap interface '%s' to bridge '%s' : %s",
-@@ -1548,7 +1547,9 @@ qemudNetworkIfaceConnect(virConnectPtr c
-         goto error;
-     }
- 
--    snprintf(tapfdstr, sizeof(tapfdstr), "tap,fd=%d,script=,vlan=%d", tapfd, vlan);
-+    snprintf(tapfdstr, sizeof(tapfdstr),
-+             "tap,fd=%d,script=,vlan=%d,ifname=%s",
-+             tapfd, vlan, ifname);
- 
-     if (!(retval = strdup(tapfdstr)))
-         goto no_memory;

libvirt-0.4.1-xen-boot-device.patch

@@ -1,21 +0,0 @@
-commit 2bcf35336cd649e58c08d7cf3452a8d4353bcf85
-Author: Daniel Veillard <veillard@redhat.com>
-Date:   Fri Mar 7 09:23:30 2008 +0000
-
-    * src/xend_internal.c: applied patch from Cole Robinson to not
-      loose the boot tag when defining a fully virtualized xen domain
-    Daniel
-
-diff --git a/src/xend_internal.c b/src/xend_internal.c
-index 8bbc28f..fef54f8 100644
---- a/src/xend_internal.c
-+++ b/src/xend_internal.c
-@@ -1323,7 +1323,7 @@ xend_parse_sexp_desc_os(virConnectPtr xend, struct sexpr *node, virBufferPtr buf
-     if (hvm)
-         virBufferVSprintf(buf, "    <loader>%s</loader>\n", loader);
- 
--    if (kernel) {
-+    if ((kernel) && ((!loader) || (STRNEQ(kernel, loader)))) {
-         virBufferVSprintf(buf, "    <kernel>%s</kernel>\n", kernel);
-         if (initrd && initrd[0])
-             virBufferVSprintf(buf, "    <initrd>%s</initrd>\n", initrd);

libvirt-dbus.patch

@@ -0,0 +1,225 @@
+Return-Path: alexl@redhat.com
+Received: from zmta04.collab.prod.int.phx2.redhat.com (LHLO
+ zmta04.collab.prod.int.phx2.redhat.com) (10.5.81.11) by
+ zmail20.collab.prod.int.phx2.redhat.com with LMTP; Tue, 9 Oct 2012 11:26:38
+ -0400 (EDT)
+Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23])
+	by zmta04.collab.prod.int.phx2.redhat.com (Postfix) with ESMTP id D4096D0927
+	for <alexl@mail.corp.redhat.com>; Tue,  9 Oct 2012 11:26:38 -0400 (EDT)
+Received: from localhost.localdomain (ovpn01.gateway.prod.ext.phx2.redhat.com [10.5.9.1])
+	by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id q99FQV93016417;
+	Tue, 9 Oct 2012 11:26:33 -0400
+From: Alexander Larsson <alexl@redhat.com>
+To: libvir-list@redhat.com
+Cc: Alexander Larsson <alexl@redhat.com>
+Subject: [PATCH 1/2] virdbus: Add virDBusGetSessionBus helper
+Date: Tue,  9 Oct 2012 17:26:28 +0200
+Message-Id: <1349796389-6122-2-git-send-email-alexl@redhat.com>
+In-Reply-To: <1349796389-6122-1-git-send-email-alexl@redhat.com>
+References: <1349796389-6122-1-git-send-email-alexl@redhat.com>
+X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23
+
+This splits out some common code from virDBusGetSystemBus and
+uses it to implement a new virDBusGetSessionBus helper.
+---
+ src/libvirt_private.syms |  1 +
+ src/util/virdbus.c       | 84 ++++++++++++++++++++++++++++++++++++------------
+ src/util/virdbus.h       |  1 +
+ 3 files changed, 66 insertions(+), 20 deletions(-)
+
+diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
+index a8c81e7..88f1b2f 100644
+--- a/src/libvirt_private.syms
++++ b/src/libvirt_private.syms
+@@ -1310,6 +1310,7 @@ virConsoleOpen;
+ 
+ # virdbus.h
+ virDBusGetSystemBus;
++virDBusGetSessionBus;
+ 
+ 
+ # virdomainlist.h
+diff --git a/src/util/virdbus.c b/src/util/virdbus.c
+index 4acce12..2dc7265 100644
+--- a/src/util/virdbus.c
++++ b/src/util/virdbus.c
+@@ -32,40 +32,49 @@
+ #ifdef HAVE_DBUS
+ 
+ static DBusConnection *systembus = NULL;
+-static virOnceControl once = VIR_ONCE_CONTROL_INITIALIZER;
+-static DBusError dbuserr;
++static DBusConnection *sessionbus = NULL;
++static virOnceControl systemonce = VIR_ONCE_CONTROL_INITIALIZER;
++static virOnceControl sessiononce = VIR_ONCE_CONTROL_INITIALIZER;
++static DBusError systemdbuserr;
++static DBusError sessiondbuserr;
+ 
+ static dbus_bool_t virDBusAddWatch(DBusWatch *watch, void *data);
+ static void virDBusRemoveWatch(DBusWatch *watch, void *data);
+ static void virDBusToggleWatch(DBusWatch *watch, void *data);
+ 
+-static void virDBusSystemBusInit(void)
++static DBusConnection *virDBusBusInit(DBusBusType type, DBusError *dbuserr)
+ {
++    DBusConnection *bus;
++
+     /* Allocate and initialize a new HAL context */
+     dbus_connection_set_change_sigpipe(FALSE);
+     dbus_threads_init_default();
+ 
+-    dbus_error_init(&dbuserr);
+-    if (!(systembus = dbus_bus_get(DBUS_BUS_SYSTEM, &dbuserr)))
+-        return;
++    dbus_error_init(dbuserr);
++    if (!(bus = dbus_bus_get(type, dbuserr)))
++        return NULL;
+ 
+-    dbus_connection_set_exit_on_disconnect(systembus, FALSE);
++    dbus_connection_set_exit_on_disconnect(bus, FALSE);
+ 
+     /* Register dbus watch callbacks */
+-    if (!dbus_connection_set_watch_functions(systembus,
++    if (!dbus_connection_set_watch_functions(bus,
+                                              virDBusAddWatch,
+                                              virDBusRemoveWatch,
+                                              virDBusToggleWatch,
+-                                             NULL, NULL)) {
+-        systembus = NULL;
+-        return;
++                                             bus, NULL)) {
++        return NULL;
+     }
++    return bus;
+ }
+ 
++static void virDBusSystemBusInit(void)
++{
++    systembus = virDBusBusInit (DBUS_BUS_SYSTEM, &systemdbuserr);
++}
+ 
+ DBusConnection *virDBusGetSystemBus(void)
+ {
+-    if (virOnce(&once, virDBusSystemBusInit) < 0) {
++    if (virOnce(&systemonce, virDBusSystemBusInit) < 0) {
+         virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+                        _("Unable to run one time DBus initializer"));
+         return NULL;
+@@ -74,7 +83,7 @@ DBusConnection *virDBusGetSystemBus(void)
+     if (!systembus) {
+         virReportError(VIR_ERR_INTERNAL_ERROR,
+                        _("Unable to get DBus system bus connection: %s"),
+-                       dbuserr.message ? dbuserr.message : "watch setup failed");
++                       systemdbuserr.message ? systemdbuserr.message : "watch setup failed");
+         return NULL;
+     }
+ 
+@@ -82,13 +91,45 @@ DBusConnection *virDBusGetSystemBus(void)
+ }
+ 
+ 
++static void virDBusSessionBusInit(void)
++{
++    sessionbus = virDBusBusInit (DBUS_BUS_SESSION, &sessiondbuserr);
++}
++
++DBusConnection *virDBusGetSessionBus(void)
++{
++    if (virOnce(&sessiononce, virDBusSessionBusInit) < 0) {
++        virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
++                       _("Unable to run one time DBus initializer"));
++        return NULL;
++    }
++
++    if (!sessionbus) {
++        virReportError(VIR_ERR_INTERNAL_ERROR,
++                       _("Unable to get DBus session bus connection: %s"),
++                       sessiondbuserr.message ? sessiondbuserr.message : "watch setup failed");
++        return NULL;
++    }
++
++    return sessionbus;
++}
++
++struct virDBusWatch
++{
++    int watch;
++    DBusConnection *bus;
++};
++
+ static void virDBusWatchCallback(int fdatch ATTRIBUTE_UNUSED,
+                                  int fd ATTRIBUTE_UNUSED,
+                                  int events, void *opaque)
+ {
+     DBusWatch *watch = opaque;
++    struct virDBusWatch *info;
+     int dbus_flags = 0;
+ 
++    info = dbus_watch_get_data(watch);
++
+     if (events & VIR_EVENT_HANDLE_READABLE)
+         dbus_flags |= DBUS_WATCH_READABLE;
+     if (events & VIR_EVENT_HANDLE_WRITABLE)
+@@ -100,7 +141,7 @@ static void virDBusWatchCallback(int fdatch ATTRIBUTE_UNUSED,
+ 
+     (void)dbus_watch_handle(watch, dbus_flags);
+ 
+-    while (dbus_connection_dispatch(systembus) == DBUS_DISPATCH_DATA_REMAINS)
++    while (dbus_connection_dispatch(info->bus) == DBUS_DISPATCH_DATA_REMAINS)
+         /* keep dispatching while data remains */;
+ }
+ 
+@@ -120,18 +161,13 @@ static int virDBusTranslateWatchFlags(int dbus_flags)
+ }
+ 
+ 
+-struct virDBusWatch
+-{
+-    int watch;
+-};
+-
+ static void virDBusWatchFree(void *data) {
+     struct virDBusWatch *info = data;
+     VIR_FREE(info);
+ }
+ 
+ static dbus_bool_t virDBusAddWatch(DBusWatch *watch,
+-                                  void *data ATTRIBUTE_UNUSED)
++                                   void *data)
+ {
+     int flags = 0;
+     int fd;
+@@ -148,6 +184,7 @@ static dbus_bool_t virDBusAddWatch(DBusWatch *watch,
+ # else
+     fd = dbus_watch_get_fd(watch);
+ # endif
++    info->bus = (DBusConnection *)data;
+     info->watch = virEventAddHandle(fd, flags,
+                                     virDBusWatchCallback,
+                                     watch, NULL);
+@@ -194,4 +231,11 @@ DBusConnection *virDBusGetSystemBus(void)
+     return NULL;
+ }
+ 
++DBusConnection *virDBusGetSessionBus(void)
++{
++    virReportError(VIR_ERR_INTERNAL_ERROR,
++                   "%s", _("DBus support not compiled into this binary"));
++    return NULL;
++}
++
+ #endif /* ! HAVE_DBUS */
+diff --git a/src/util/virdbus.h b/src/util/virdbus.h
+index 27dca00..e443fbe 100644
+--- a/src/util/virdbus.h
++++ b/src/util/virdbus.h
+@@ -30,5 +30,6 @@
+ # include "internal.h"
+ 
+ DBusConnection *virDBusGetSystemBus(void);
++DBusConnection *virDBusGetSessionBus(void);
+ 
+ #endif /* __VIR_DBUS_H__ */
+-- 
+1.7.12.1
+

libvirt-iscsi-sysfs4.patch

@@ -1,146 +0,0 @@
---- a/src/storage_backend_iscsi.c	4 Mar 2008 20:02:34 -0000	1.3
-+++ b/src/storage_backend_iscsi.c	26 Mar 2008 22:07:05 -0000
-@@ -170,20 +170,91 @@
- virStorageBackendISCSIMakeLUN(virConnectPtr conn,
-                               virStoragePoolObjPtr pool,
-                               char **const groups,
--                              void *data ATTRIBUTE_UNUSED)
-+                              void *data)
- {
-     virStorageVolDefPtr vol;
-     int fd = -1;
-+    unsigned int target, channel, id, lun;
-     char lunid[100];
--    char *dev = groups[4];
-     int opentries = 0;
-     char *devpath = NULL;
-+    char *session = data;
-+    char sysfs_path[PATH_MAX];
-+    char *dev = NULL;
-+    DIR *sysdir;
-+    struct dirent *block_dirent;
-+    struct stat sbuf;
-+    int len;
-+
-+    if ((virStrToLong_ui(groups[0], NULL, 10, &target) < 0) ||
-+        (virStrToLong_ui(groups[1], NULL, 10, &channel) < 0) ||
-+        (virStrToLong_ui(groups[2], NULL, 10, &id) < 0) ||
-+        (virStrToLong_ui(groups[3], NULL, 10, &lun) < 0)) {
-+        virStorageReportError(conn, VIR_ERR_INTERNAL_ERROR, "%s",
-+                              _("Failed parsing iscsiadm commands"));
-+        return -1;
-+    }
-+
-+    if (lun == 0) {
-+        /* the 0'th LUN isn't a real LUN, it's just a control LUN; skip it */
-+        return 0;
-+    }
-+
-+    snprintf(sysfs_path, PATH_MAX,
-+             "/sys/class/iscsi_session/session%s/device/"
-+             "target%d:%d:%d/%d:%d:%d:%d/block",
-+             session, target, channel, id, target, channel, id, lun);
-+
-+    if (stat(sysfs_path, &sbuf) < 0) {
-+        /* block path in subdir didn't exist; this is unexpected, so fail */
-+        virStorageReportError(conn, VIR_ERR_INTERNAL_ERROR,
-+                              _("Failed to find the sysfs path for %d:%d:%d:%d: %s"),
-+                              target, channel, id, lun, strerror(errno));
-+        return -1;
-+    }
-+
-+    sysdir = opendir(sysfs_path);
-+    if (sysdir == NULL) {
-+        /* we failed for some reason; return an error */
-+        virStorageReportError(conn, VIR_ERR_INTERNAL_ERROR,
-+                              _("Failed to opendir sysfs path %s: %s"),
-+                              sysfs_path, strerror(errno));
-+        return -1;
-+    }
-+
-+    while ((block_dirent = readdir(sysdir)) != NULL) {
-+        len = strlen(block_dirent->d_name);
-+        if ((len == 1 && block_dirent->d_name[0] == '.') ||
-+            (len == 2 && block_dirent->d_name[0] == '.' && block_dirent->d_name[1] == '.')) {
-+            /* the . and .. directories; just skip them */
-+            continue;
-+        }
-+
-+        /* OK, not . or ..; let's see if it is a SCSI device */
-+        if (len > 2 &&
-+            block_dirent->d_name[0] == 's' &&
-+            block_dirent->d_name[1] == 'd') {
-+            /* looks like a scsi device, smells like scsi device; it must be
-+               a scsi device */
-+            dev = strdup(block_dirent->d_name);
-+            break;
-+        }
-+    }
-+    closedir(sysdir);
-+
-+    if (dev == NULL) {
-+        /* we didn't find the sd? device we were looking for; fail */
-+        virStorageReportError(conn, VIR_ERR_INTERNAL_ERROR,
-+                              _("Failed to find SCSI device for %d:%d:%d:%d: %s"),
-+                              target, channel, id, lun, strerror(errno));
-+        return -1;
-+    }
- 
-     snprintf(lunid, sizeof(lunid)-1, "lun-%s", groups[3]);
- 
-     if ((vol = calloc(1, sizeof(virStorageVolDef))) == NULL) {
-         virStorageReportError(conn, VIR_ERR_NO_MEMORY, "%s", _("volume"));
--        return -1;
-+        goto cleanup;
-     }
- 
-     if ((vol->name = strdup(lunid)) == NULL) {
-@@ -197,6 +268,8 @@
-     }
-     strcpy(devpath, "/dev/");
-     strcat(devpath, dev);
-+    free(dev);
-+    dev = NULL;
-     /* It can take a little while between logging into the ISCSI
-      * server and udev creating the /dev nodes, so if we get ENOENT
-      * we must retry a few times - they should eventually appear.
-@@ -258,6 +331,7 @@
-     if (fd != -1) close(fd);
-     free(devpath);
-     virStorageVolDefFree(vol);
-+    free(dev);
-     return -1;
- }
- 
-@@ -281,14 +355,13 @@
-      *           scsi1 Channel 00 Id 0 Lun: 5
-      *                   Attached scsi disk sdg          State: running
-      *
--     * Need 2 regex to match alternating lines
-+     * Need a regex to match the Channel:Id:Lun lines
-      */
-     const char *regexes[] = {
--        "^\\s*scsi(\\S+)\\s+Channel\\s+(\\S+)\\s+Id\\s+(\\S+)\\s+Lun:\\s+(\\S+)\\s*$",
--        "^\\s*Attached\\s+scsi\\s+disk\\s+(\\S+)\\s+State:\\s+running\\s*$"
-+        "^\\s*scsi(\\S+)\\s+Channel\\s+(\\S+)\\s+Id\\s+(\\S+)\\s+Lun:\\s+(\\S+)\\s*$"
-     };
-     int vars[] = {
--        4, 1
-+        4
-     };
-     const char *prog[] = {
-         ISCSIADM, "--mode", "session", "-r", session, "-P", "3", NULL,
-@@ -296,11 +369,11 @@
- 
-     return virStorageBackendRunProgRegex(conn, pool,
-                                          prog,
--                                         2,
-+                                         1,
-                                          regexes,
-                                          vars,
-                                          virStorageBackendISCSIMakeLUN,
--                                         NULL);
-+                                         (void *)session);
- }
- 
- 

libvirt-save-with-session.patch

@@ -0,0 +1,303 @@
+Return-Path: alexl@redhat.com
+Received: from zmta06.collab.prod.int.phx2.redhat.com (LHLO
+ zmta06.collab.prod.int.phx2.redhat.com) (10.5.81.13) by
+ zmail20.collab.prod.int.phx2.redhat.com with LMTP; Tue, 9 Oct 2012 11:26:39
+ -0400 (EDT)
+Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23])
+	by zmta06.collab.prod.int.phx2.redhat.com (Postfix) with ESMTP id D4A8516044F
+	for <alexl@mail.corp.redhat.com>; Tue,  9 Oct 2012 11:26:39 -0400 (EDT)
+Received: from localhost.localdomain (ovpn01.gateway.prod.ext.phx2.redhat.com [10.5.9.1])
+	by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id q99FQV94016417;
+	Tue, 9 Oct 2012 11:26:34 -0400
+From: Alexander Larsson <alexl@redhat.com>
+To: libvir-list@redhat.com
+Cc: Alexander Larsson <alexl@redhat.com>
+Subject: [PATCH 2/2] Shut down session libvirtd cleanly
+Date: Tue,  9 Oct 2012 17:26:29 +0200
+Message-Id: <1349796389-6122-3-git-send-email-alexl@redhat.com>
+In-Reply-To: <1349796389-6122-1-git-send-email-alexl@redhat.com>
+References: <1349796389-6122-1-git-send-email-alexl@redhat.com>
+X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23
+
+When the session dies or when the system is going to be shut down
+we save all active VMs and exit libvirtd.
+
+Additionally whenever there is an active domain we hold a
+shutdown inhibitor to avoid shutting down before all the
+VMs are saved.
+---
+ daemon/libvirtd.c | 244 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 244 insertions(+)
+
+diff --git a/daemon/libvirtd.c b/daemon/libvirtd.c
+index b49acc5..c3bf2ce 100644
+--- a/daemon/libvirtd.c
++++ b/daemon/libvirtd.c
+@@ -98,6 +98,11 @@
+ 
+ #include "configmake.h"
+ 
++#ifdef HAVE_DBUS
++# include <dbus/dbus.h>
++# include "virdbus.h"
++#endif
++
+ #if HAVE_SASL
+ virNetSASLContextPtr saslCtxt = NULL;
+ #endif
+@@ -769,6 +774,212 @@ static int daemonSetupSignals(virNetServerPtr srv)
+     return 0;
+ }
+ 
++#ifdef HAVE_DBUS
++
++static DBusConnection *sessionBus;
++static DBusConnection *systemBus;
++static virConnectPtr sessionConnection;
++static int numActiveDomains;
++static bool hasInhibit;
++static bool callingInhibit;
++static int inhibitFd = -1;
++
++static void runSaveAllDomains(void *opaque)
++{
++    virNetServerPtr srv = opaque;
++    int numDomains, i;
++    int state;
++    virDomainPtr *domains = NULL;
++    unsigned int *flags = NULL;
++
++    numDomains = virConnectListAllDomains(sessionConnection, &domains,  VIR_CONNECT_LIST_DOMAINS_ACTIVE);
++    if (numDomains < 0)
++        goto cleanup;
++
++    if (VIR_ALLOC_N(flags, numDomains) < 0) {
++        virReportOOMError();
++        goto cleanup;
++    }
++
++    /* First we pause all VMs to make them stop dirtying
++       pages, etc. We remember if any VMs were paused so
++       we can restore that on resume. */
++    for (i = 0 ; i < numDomains ; i++) {
++        flags[i] = VIR_DOMAIN_SAVE_RUNNING;
++        if (virDomainGetState (domains[i], &state, NULL, 0) == 0) {
++            if (state == VIR_DOMAIN_PAUSED) {
++                flags[i] = VIR_DOMAIN_SAVE_PAUSED;
++            }
++        }
++        virDomainSuspend (domains[i]);
++    }
++
++    /* Then we save the VMs to disk */
++    for (i = 0 ; i < numDomains ; i++)
++        virDomainManagedSave (domains[i], flags[i]);
++
++    VIR_FREE (domains);
++    VIR_FREE (flags);
++
++ cleanup:
++    if (domains != NULL) {
++        for (i = 0 ; i < numDomains ; i++)
++            virDomainFree (domains[i]);
++        VIR_FREE (domains);
++    }
++    if (flags != NULL)
++        VIR_FREE (flags);
++
++    /* We don't need any shutdown inhibit lock anymore now */
++    if (inhibitFd != -1) {
++        if (VIR_CLOSE (inhibitFd) < 0)
++            virReportSystemError(errno, "%s", _("failed to close file"));
++        inhibitFd = -1;
++    }
++
++    /* Exit libvirtd cleanly */
++    virNetServerQuit (srv);
++}
++
++/* We do this in a thread to not block the main loop */
++static void saveAllDomains(virNetServerPtr srv)
++{
++    virThread thr;
++    virObjectRef(srv);
++    if (virThreadCreate(&thr, false, runSaveAllDomains, srv) < 0) {
++        virObjectUnref(srv);
++    }
++}
++
++static void gotInhibitReply (DBusPendingCall *pending,
++                             void            *opaque ATTRIBUTE_UNUSED)
++{
++    DBusMessage *reply;
++    int fd;
++
++    callingInhibit = false;
++
++    reply = dbus_pending_call_steal_reply (pending);
++    if (reply == NULL)
++        return;
++
++    if (dbus_message_get_args (reply, NULL,
++                                DBUS_TYPE_UNIX_FD, &fd,
++                                DBUS_TYPE_INVALID)) {
++        if (hasInhibit)
++            inhibitFd = fd;
++        else {
++            /* We stopped the last VM since we made the inhibit call */
++            if (VIR_CLOSE (fd) < 0) {
++                virReportSystemError(errno, "%s", _("failed to close file"));
++            }
++        }
++    }
++    dbus_message_unref (reply);
++}
++
++/* As per: http://www.freedesktop.org/wiki/Software/systemd/inhibit */
++static void callInhibit(const char *what,
++                        const char *who,
++                        const char *why,
++                        const char *mode)
++{
++    DBusMessage *message;
++    DBusPendingCall *pendingReply;
++
++    if (systemBus == NULL)
++        return;
++
++    /* Only one outstanding call at a time */
++    if (callingInhibit)
++        return;
++
++    message = dbus_message_new_method_call ("org.freedesktop.login1",
++                                            "/org/freedesktop/login1",
++                                            "org.freedesktop.login1.Manager",
++                                            "Inhibit");
++    if (message == NULL)
++        return;
++
++    dbus_message_append_args (message,
++                              DBUS_TYPE_STRING, &what,
++                              DBUS_TYPE_STRING, &who,
++                              DBUS_TYPE_STRING, &why,
++                              DBUS_TYPE_STRING, &mode,
++                              DBUS_TYPE_INVALID);
++
++    pendingReply = NULL;
++    if (dbus_connection_send_with_reply (systemBus, message,
++                                         &pendingReply,
++                                         25*1000)) {
++        dbus_pending_call_set_notify (pendingReply,
++                                      gotInhibitReply,
++                                      NULL, NULL);
++        callingInhibit = true;
++    }
++    dbus_message_unref (message);
++}
++
++
++static void numActiveDomainsChanged(void)
++{
++    if (numActiveDomains > 0 && !hasInhibit) {
++        callInhibit("shutdown", _("Libvirt"), _("Virtual machines need to be saved"), "delay");
++        hasInhibit = true;
++    } else if (numActiveDomains == 0 && hasInhibit) {
++        if (inhibitFd != -1) {
++            if (VIR_CLOSE (inhibitFd) < 0) {
++                virReportSystemError(errno, "%s", _("failed to close file"));
++            }
++            inhibitFd = -1;
++        }
++        hasInhibit = false;
++    }
++}
++
++static int lifecycleEventCallback(virConnectPtr conn ATTRIBUTE_UNUSED,
++                                  virDomainPtr dom ATTRIBUTE_UNUSED,
++                                  int event,
++                                  int detail ATTRIBUTE_UNUSED,
++                                  void *opaque ATTRIBUTE_UNUSED)
++{
++    if (event == VIR_DOMAIN_EVENT_STOPPED)
++        numActiveDomains--;
++    else if (event == VIR_DOMAIN_EVENT_STARTED)
++        numActiveDomains++;
++
++    numActiveDomainsChanged();
++
++    return 0;
++}
++
++static DBusHandlerResult handleSessionMessageFunc(DBusConnection  *connection ATTRIBUTE_UNUSED,
++                                                  DBusMessage     *message,
++                                                  void            *userData)
++{
++    virNetServerPtr srv = userData;
++
++    if (dbus_message_is_signal(message, DBUS_INTERFACE_LOCAL, "Disconnected")) {
++        saveAllDomains (srv);
++    }
++
++    return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
++}
++
++static DBusHandlerResult handleSystemMessageFunc(DBusConnection  *connection ATTRIBUTE_UNUSED,
++                                                 DBusMessage     *message,
++                                                 void            *userData)
++{
++    virNetServerPtr srv = userData;
++
++    if (dbus_message_is_signal(message, "org.freedesktop.login1.Manager", "PrepareForShutdown")) {
++        saveAllDomains (srv);
++    }
++
++    return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
++}
++#endif
++
+ static void daemonRunStateInit(void *opaque)
+ {
+     virNetServerPtr srv = opaque;
+@@ -785,6 +996,39 @@ static void daemonRunStateInit(void *opaque)
+         return;
+     }
+ 
++#ifdef HAVE_DBUS
++    /* Tie the non-priviledged libvirtd to the session/shutdown lifecycle */
++    if (!virNetServerIsPrivileged(srv)) {
++
++        sessionBus = virDBusGetSessionBus ();
++        if (sessionBus != NULL) {
++            dbus_connection_add_filter(sessionBus,
++                                       handleSessionMessageFunc, srv, NULL);
++        }
++
++        systemBus = virDBusGetSystemBus ();
++        if (systemBus != NULL) {
++            dbus_connection_add_filter(systemBus,
++                                       handleSystemMessageFunc, srv, NULL);
++            dbus_bus_add_match(systemBus,
++                               "type='signal',sender='org.freedesktop.login1', interface='org.freedesktop.login1.Manager'",
++                               NULL);
++        }
++
++        sessionConnection = virConnectOpen("qemu:///session");
++        if (sessionConnection != NULL) {
++            numActiveDomains = virConnectNumOfDomains(sessionConnection);
++            virConnectDomainEventRegisterAny(sessionConnection,
++                                             NULL,
++                                             VIR_DOMAIN_EVENT_ID_LIFECYCLE,
++                                             VIR_DOMAIN_EVENT_CALLBACK (lifecycleEventCallback),
++                                             NULL, NULL);
++            numActiveDomainsChanged();
++        }
++
++    }
++#endif
++
+     /* Only now accept clients from network */
+     virNetServerUpdateServices(srv, true);
+     virObjectUnref(srv);
+-- 
+1.7.12.1
+

libvirt-source-dir-fix.patch

@@ -1,17 +0,0 @@
-Index: src/storage_conf.c
-===================================================================
-RCS file: /data/cvs/libvirt/src/storage_conf.c,v
-retrieving revision 1.3
-retrieving revision 1.4
-diff -u -r1.3 -r1.4
---- a/src/storage_conf.c	27 Feb 2008 10:37:19 -0000	1.3
-+++ b/src/storage_conf.c	28 Mar 2008 17:56:44 -0000	1.4
-@@ -479,7 +479,7 @@
-     }
-     if ((options->flags & VIR_STORAGE_BACKEND_POOL_SOURCE_DIR) &&
-         def->source.dir &&
--        virBufferVSprintf(buf,"    <directory path='%s'/>\n", def->source.dir) < 0)
-+        virBufferVSprintf(buf,"    <dir path='%s'/>\n", def->source.dir) < 0)
-         goto no_memory;
-     if ((options->flags & VIR_STORAGE_BACKEND_POOL_SOURCE_ADAPTER) &&
-         def->source.adapter &&

libvirt-storage-api-iscsi-sendtarget.patch

@@ -1,17 +0,0 @@
---- /home/boston/clalance/devel/libvirt--devel/src/storage_backend_iscsi.c	2008-02-13 13:48:32.497466000 -0500
-+++ libvirt-0.4.0/src/storage_backend_iscsi.c	2008-02-11 17:19:35.000000000 -0500
-@@ -143,6 +143,14 @@ static int virStorageBackendISCSIConnect
-         "--targetname", pool->def->source.devices[0].path, action, NULL
-     };
- 
-+    const char *cmdsendtarget[] = {
-+        ISCSIADM, "--mode", "discovery", "--type", "sendtargets",
-+        "--portal", portal, NULL
-+    };
-+
-+    if (virRun(conn, (char **)cmdsendtarget, NULL) < 0)
-+        return -1;
-+
-     if (virRun(conn, (char **)cmdargv, NULL) < 0)
-         return -1;
- 

sources

@@ -1 +1 @@
-4dfe45869f082393cfd09f4690454c12  libvirt-0.4.1.tar.gz
+56078401a10162674dbd98846d0f607d  libvirt-0.10.2.8.tar.gz