Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Doug Goldstein (cardoe)" <cardoe@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo-x86 commit in app-emulation/libvirt: libvirt-1.2.0-r1.ebuild ChangeLog
Date: Sun, 29 Dec 2013 01:11:40
Message-Id: 20131229011136.CC6522004C@flycatcher.gentoo.org
1 cardoe 13/12/29 01:11:36
2
3 Modified: ChangeLog
4 Added: libvirt-1.2.0-r1.ebuild
5 Log:
6 Bump for CVE-2013-6436 and CVE-2013-6457
7
8 (Portage version: 2.2.7/cvs/Linux x86_64, signed Manifest commit with key D7DFA8D318FA9AEF!)
9
10 Revision Changes Path
11 1.345 app-emulation/libvirt/ChangeLog
12
13 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/libvirt/ChangeLog?rev=1.345&view=markup
14 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/libvirt/ChangeLog?rev=1.345&content-type=text/plain
15 diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/libvirt/ChangeLog?r1=1.344&r2=1.345
16
17 Index: ChangeLog
18 ===================================================================
19 RCS file: /var/cvsroot/gentoo-x86/app-emulation/libvirt/ChangeLog,v
20 retrieving revision 1.344
21 retrieving revision 1.345
22 diff -u -r1.344 -r1.345
23 --- ChangeLog 7 Dec 2013 18:08:29 -0000 1.344
24 +++ ChangeLog 29 Dec 2013 01:11:36 -0000 1.345
25 @@ -1,6 +1,11 @@
26 # ChangeLog for app-emulation/libvirt
27 # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2
28 -# $Header: /var/cvsroot/gentoo-x86/app-emulation/libvirt/ChangeLog,v 1.344 2013/12/07 18:08:29 nimiux Exp $
29 +# $Header: /var/cvsroot/gentoo-x86/app-emulation/libvirt/ChangeLog,v 1.345 2013/12/29 01:11:36 cardoe Exp $
30 +
31 +*libvirt-1.2.0-r1 (29 Dec 2013)
32 +
33 + 29 Dec 2013; Doug Goldstein <cardoe@g.o> +libvirt-1.2.0-r1.ebuild:
34 + Bump for CVE-2013-6436 and CVE-2013-6457
35
36 07 Dec 2013; Chema Alonso <nimiux@g.o> libvirt-1.1.3.1.ebuild:
37 Stable for amd64 wrt bug #491458
38
39
40
41 1.1 app-emulation/libvirt/libvirt-1.2.0-r1.ebuild
42
43 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/libvirt/libvirt-1.2.0-r1.ebuild?rev=1.1&view=markup
44 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/libvirt/libvirt-1.2.0-r1.ebuild?rev=1.1&content-type=text/plain
45
46 Index: libvirt-1.2.0-r1.ebuild
47 ===================================================================
48 # Copyright 1999-2013 Gentoo Foundation
49 # Distributed under the terms of the GNU General Public License v2
50 # $Header: /var/cvsroot/gentoo-x86/app-emulation/libvirt/libvirt-1.2.0-r1.ebuild,v 1.1 2013/12/29 01:11:36 cardoe Exp $
51
52 EAPI=5
53
54 BACKPORTS=36378d1a
55 AUTOTOOLIZE=yes
56
57 MY_P="${P/_rc/-rc}"
58
59 inherit eutils user autotools linux-info systemd readme.gentoo
60
61 if [[ ${PV} = *9999* ]]; then
62 inherit git-2
63 EGIT_REPO_URI="git://libvirt.org/libvirt.git"
64 AUTOTOOLIZE=yes
65 SRC_URI=""
66 KEYWORDS=""
67 else
68 SRC_URI="http://libvirt.org/sources/${MY_P}.tar.gz
69 ftp://libvirt.org/libvirt/${MY_P}.tar.gz
70 ${BACKPORTS:+
71 http://dev.gentoo.org/~cardoe/distfiles/${MY_P}-${BACKPORTS}.tar.xz}"
72 KEYWORDS="~amd64 ~x86"
73 fi
74 S="${WORKDIR}/${P%_rc*}"
75
76 DESCRIPTION="C toolkit to manipulate virtual machines"
77 HOMEPAGE="http://www.libvirt.org/"
78 LICENSE="LGPL-2.1"
79 SLOT="0/${PV}"
80 IUSE="audit avahi +caps firewalld fuse iscsi +libvirtd lvm lxc +macvtap nfs \
81 nls numa openvz parted pcap phyp policykit +qemu rbd sasl \
82 selinux +udev uml +vepa virtualbox virt-network xen elibc_glibc \
83 systemd"
84 REQUIRED_USE="libvirtd? ( || ( lxc openvz qemu uml virtualbox xen ) )
85 lxc? ( caps libvirtd )
86 openvz? ( libvirtd )
87 qemu? ( libvirtd )
88 uml? ( libvirtd )
89 vepa? ( macvtap )
90 virtualbox? ( libvirtd )
91 xen? ( libvirtd )
92 virt-network? ( libvirtd )
93 firewalld? ( virt-network )"
94
95 # gettext.sh command is used by the libvirt command wrappers, and it's
96 # non-optional, so put it into RDEPEND.
97 # We can use both libnl:1.1 and libnl:3, but if you have both installed, the
98 # package will use 3 by default. Since we don't have slot pinning in an API,
99 # we must go with the most recent
100 RDEPEND="sys-libs/readline
101 sys-libs/ncurses
102 >=net-misc/curl-7.18.0
103 dev-libs/libgcrypt
104 >=dev-libs/libxml2-2.7.6
105 dev-libs/libnl:3
106 >=net-libs/gnutls-1.0.25
107 net-libs/libssh2
108 sys-apps/dmidecode
109 >=sys-apps/util-linux-2.17
110 sys-devel/gettext
111 >=net-analyzer/netcat6-1.0-r2
112 app-misc/scrub
113 audit? ( sys-process/audit )
114 avahi? ( >=net-dns/avahi-0.6[dbus] )
115 caps? ( sys-libs/libcap-ng )
116 fuse? ( >=sys-fs/fuse-2.8.6 )
117 iscsi? ( sys-block/open-iscsi )
118 lxc? ( sys-power/pm-utils )
119 lvm? ( >=sys-fs/lvm2-2.02.48-r2 )
120 nfs? ( net-fs/nfs-utils )
121 numa? (
122 >sys-process/numactl-2.0.2
123 sys-process/numad
124 )
125 openvz? ( sys-kernel/openvz-sources )
126 parted? (
127 >=sys-block/parted-1.8[device-mapper]
128 sys-fs/lvm2
129 )
130 pcap? ( >=net-libs/libpcap-1.0.0 )
131 policykit? ( >=sys-auth/polkit-0.9 )
132 qemu? (
133 >=app-emulation/qemu-0.13.0
134 dev-libs/yajl
135 sys-power/pm-utils
136 )
137 rbd? ( sys-cluster/ceph )
138 sasl? ( dev-libs/cyrus-sasl )
139 selinux? ( >=sys-libs/libselinux-2.0.85 )
140 virtualbox? ( || ( app-emulation/virtualbox >=app-emulation/virtualbox-bin-2.2.0 ) )
141 xen? ( app-emulation/xen-tools app-emulation/xen )
142 udev? ( virtual/udev >=x11-libs/libpciaccess-0.10.9 )
143 virt-network? ( net-dns/dnsmasq
144 >=net-firewall/iptables-1.4.10
145 net-misc/radvd
146 net-firewall/ebtables
147 sys-apps/iproute2[-minimal]
148 firewalld? ( net-firewall/firewalld )
149 )
150 elibc_glibc? ( || ( >=net-libs/libtirpc-0.2.2-r1 <sys-libs/glibc-2.14 ) )"
151 # one? ( dev-libs/xmlrpc-c )
152 DEPEND="${RDEPEND}
153 virtual/pkgconfig
154 app-text/xhtml1
155 dev-lang/perl
156 dev-libs/libxslt"
157
158 DOC_CONTENTS="For the basic networking support (bridged and routed networks)
159 you don't need any extra software. For more complex network modes
160 including but not limited to NATed network, you can enable the
161 'virt-network' USE flag.\n\n
162 If you are using dnsmasq on your system, you will have
163 to configure /etc/dnsmasq.conf to enable the following settings:\n\n
164 bind-interfaces\n
165 interface or except-interface\n\n
166 Otherwise you might have issues with your existing DNS server."
167
168 LXC_CONFIG_CHECK="
169 ~CGROUPS
170 ~CGROUP_FREEZER
171 ~CGROUP_DEVICE
172 ~CGROUP_CPUACCT
173 ~CGROUP_SCHED
174 ~CGROUP_PERF
175 ~BLK_CGROUP
176 ~NET_CLS_CGROUP
177 ~NETPRIO_CGROUP
178 ~CPUSETS
179 ~RESOURCE_COUNTERS
180 ~NAMESPACES
181 ~UTS_NS
182 ~IPC_NS
183 ~PID_NS
184 ~NET_NS
185 ~USER_NS
186 ~DEVPTS_MULTIPLE_INSTANCES
187 ~VETH
188 ~MACVLAN
189 ~POSIX_MQUEUE
190 ~SECURITYFS
191 ~!GRKERNSEC_CHROOT_MOUNT
192 ~!GRKERNSEC_CHROOT_DOUBLE
193 ~!GRKERNSEC_CHROOT_PIVOT
194 ~!GRKERNSEC_CHROOT_CHMOD
195 ~!GRKERNSEC_CHROOT_CAPS
196 "
197
198 VIRTNET_CONFIG_CHECK="
199 ~BRIDGE_NF_EBTABLES
200 ~BRIDGE_EBT_MARK_T
201 ~NETFILTER_ADVANCED
202 ~NETFILTER_XT_TARGET_CHECKSUM
203 ~NETFILTER_XT_CONNMARK
204 ~NETFILTER_XT_MARK
205 "
206
207 MACVTAP_CONFIG_CHECK=" ~MACVTAP"
208
209 LVM_CONFIG_CHECK=" ~BLK_DEV_DM ~DM_SNAPSHOT ~DM_MULTIPATH"
210
211 ERROR_USER_NS="Optional depending on LXC configuration."
212
213 pkg_setup() {
214 enewgroup qemu 77
215 enewuser qemu 77 -1 -1 qemu kvm
216
217 # Some people used the masked ebuild which was not adding the qemu
218 # user to the kvm group originally. This results in VMs failing to
219 # start for some users. bug #430808
220 egetent group kvm | grep -q qemu
221 if [[ $? -ne 0 ]]; then
222 gpasswd -a qemu kvm
223 fi
224
225 # Handle specific kernel versions for different features
226 kernel_is lt 3 6 && LXC_CONFIG_CHECK+=" ~CGROUP_MEM_RES_CTLR"
227 kernel_is ge 3 6 && LXC_CONFIG_CHECK+=" ~MEMCG ~MEMCG_SWAP ~MEMCG_KMEM"
228
229 CONFIG_CHECK=""
230 use fuse && CONFIG_CHECK+=" ~FUSE_FS"
231 use lvm && CONFIG_CHECK+="${LVM_CONFIG_CHECK}"
232 use lxc && CONFIG_CHECK+="${LXC_CONFIG_CHECK}"
233 use macvtap && CONFIG_CHECK+="${MACVTAP_CONFIG_CHECK}"
234 use virt-network && CONFIG_CHECK+="${VIRTNET_CONFIG_CHECK}"
235 if [[ -n ${CONFIG_CHECK} ]]; then
236 linux-info_pkg_setup
237 fi
238 }
239
240 src_prepare() {
241 touch "${S}/.mailmap"
242 [[ -n ${BACKPORTS} ]] && \
243 EPATCH_FORCE=yes EPATCH_SUFFIX="patch" EPATCH_SOURCE="${S}/patches" \
244 epatch
245
246 if [[ ${PV} = *9999* ]]; then
247
248 # git checkouts require bootstrapping to create the configure script.
249 # Additionally the submodules must be cloned to the right locations
250 # bug #377279
251 ./bootstrap || die "bootstrap failed"
252 (
253 git submodule status | sed 's/^[ +-]//;s/ .*//'
254 git hash-object bootstrap.conf
255 ) >.git-module-status
256 fi
257
258 epatch_user
259
260 [[ -n ${AUTOTOOLIZE} ]] && eautoreconf
261
262 # Tweak the init script
263 local avahi_init=
264 local iscsi_init=
265 local rbd_init=
266 local firewalld_init=
267 cp "${FILESDIR}/libvirtd.init-r13" "${S}/libvirtd.init"
268 use avahi && avahi_init='avahi-daemon'
269 use iscsi && iscsi_init='iscsid'
270 use rbd && rbd_init='ceph'
271 use firewalld && firewalld_init='need firewalld'
272
273 sed -e "s/USE_FLAG_FIREWALLD/${firewalld_init}/" -i "${S}/libvirtd.init"
274 sed -e "s/USE_FLAG_AVAHI/${avahi_init}/" -i "${S}/libvirtd.init"
275 sed -e "s/USE_FLAG_ISCSI/${iscsi_init}/" -i "${S}/libvirtd.init"
276 sed -e "s/USE_FLAG_RBD/${rbd_init}/" -i "${S}/libvirtd.init"
277 }
278
279 src_configure() {
280 local myconf=""
281
282 ## enable/disable daemon, otherwise client only utils
283 myconf="${myconf} $(use_with libvirtd)"
284
285 ## enable/disable the daemon using avahi to find VMs
286 myconf="${myconf} $(use_with avahi)"
287
288 ## hypervisors on the local host
289 myconf="${myconf} $(use_with xen) $(use_with xen xen-inotify)"
290 myconf+=" --without-xenapi"
291 if use xen && has_version ">=app-emulation/xen-tools-4.2.0"; then
292 myconf+=" --with-libxl"
293 else
294 myconf+=" --without-libxl"
295 fi
296 myconf="${myconf} $(use_with openvz)"
297 myconf="${myconf} $(use_with lxc)"
298 if use virtualbox && has_version app-emulation/virtualbox-ose; then
299 myconf="${myconf} --with-vbox=/usr/lib/virtualbox-ose/"
300 else
301 myconf="${myconf} $(use_with virtualbox vbox)"
302 fi
303 myconf="${myconf} $(use_with uml)"
304 myconf="${myconf} $(use_with qemu)"
305 myconf="${myconf} $(use_with qemu yajl)" # Use QMP over HMP
306 myconf="${myconf} $(use_with phyp)"
307 myconf="${myconf} --with-esx"
308 myconf="${myconf} --with-vmware"
309
310 ## additional host drivers
311 myconf="${myconf} $(use_with virt-network network)"
312 myconf="${myconf} --with-storage-fs"
313 myconf="${myconf} $(use_with lvm storage-lvm)"
314 myconf="${myconf} $(use_with iscsi storage-iscsi)"
315 myconf="${myconf} $(use_with parted storage-disk)"
316 myconf="${myconf} $(use_with lvm storage-mpath)"
317 myconf="${myconf} $(use_with rbd storage-rbd)"
318 myconf="${myconf} $(use_with numa numactl)"
319 myconf="${myconf} $(use_with numa numad)"
320 myconf="${myconf} $(use_with selinux)"
321 myconf="${myconf} $(use_with fuse)"
322
323 # udev for device support details
324 myconf="${myconf} $(use_with udev)"
325
326 # linux capability support so we don't need privileged accounts
327 myconf="${myconf} $(use_with caps capng)"
328
329 ## auth stuff
330 myconf="${myconf} $(use_with policykit polkit)"
331 myconf="${myconf} $(use_with sasl)"
332
333 # network bits
334 myconf="${myconf} $(use_with macvtap)"
335 myconf="${myconf} $(use_with pcap libpcap)"
336 myconf="${myconf} $(use_with vepa virtualport)"
337 myconf="${myconf} $(use_with firewalld)"
338
339 ## other
340 myconf="${myconf} $(use_enable nls)"
341
342 # user privilege bits fir qemu/kvm
343 if use caps; then
344 myconf="${myconf} --with-qemu-user=qemu"
345 myconf="${myconf} --with-qemu-group=qemu"
346 else
347 myconf="${myconf} --with-qemu-user=root"
348 myconf="${myconf} --with-qemu-group=root"
349 fi
350
351 # audit support
352 myconf="${myconf} $(use_with audit)"
353
354 ## stuff we don't yet support
355 myconf="${myconf} --without-netcf"
356
357 # we use udev over hal
358 myconf="${myconf} --without-hal"
359
360 # locking support
361 myconf="${myconf} --without-sanlock"
362
363 # systemd unit files
364 use systemd && myconf="${myconf} --with-init-script=systemd"
365
366 # this is a nasty trick to work around the problem in bug
367 # #275073. The reason why we don't solve this properly is that
368 # it'll require us to rebuild autotools (and we don't really want
369 # to do that right now). The proper solution has been sent
370 # upstream and should hopefully land in 0.7.7, in the mean time,
371 # mime the same functionality with this.
372 case ${CHOST} in
373 *cygwin* | *mingw* )
374 ;;
375 *)
376 ac_cv_prog_WINDRES=no
377 ;;
378 esac
379
380 econf \
381 ${myconf} \
382 --disable-static \
383 --docdir=/usr/share/doc/${PF} \
384 --with-remote \
385 --localstatedir=/var
386
387 if [[ ${PV} = *9999* ]]; then
388 # Restore gnulib's config.sub and config.guess
389 # bug #377279
390 (cd .gnulib && git reset --hard > /dev/null)
391 fi
392 }
393
394 src_test() {
395 # Explicitly allow parallel build of tests
396 export VIR_TEST_DEBUG=1
397 HOME="${T}" emake check || die "tests failed"
398 }
399
400 src_install() {
401 emake install \
402 DESTDIR="${D}" \
403 HTML_DIR=/usr/share/doc/${PF}/html \
404 DOCS_DIR=/usr/share/doc/${PF} \
405 EXAMPLE_DIR=/usr/share/doc/${PF}/examples \
406 SYSTEMD_UNIT_DIR="$(systemd_get_unitdir)" \
407 || die "emake install failed"
408
409 find "${D}" -name '*.la' -delete || die
410
411 use libvirtd || return 0
412 # From here, only libvirtd-related instructions, be warned!
413
414 newinitd "${S}/libvirtd.init" libvirtd || die
415 newconfd "${FILESDIR}/libvirtd.confd-r4" libvirtd || die
416 newinitd "${FILESDIR}/virtlockd.init" virtlockd || die
417
418 keepdir /var/lib/libvirt/images
419
420 readme.gentoo_create_doc
421 }
422
423 pkg_preinst() {
424 # we only ever want to generate this once
425 if [[ -e "${ROOT}"/etc/libvirt/qemu/networks/default.xml ]]; then
426 rm -rf "${D}"/etc/libvirt/qemu/networks/default.xml
427 fi
428
429 # We really don't want to use or support old PolicyKit cause it
430 # screws with the new polkit integration
431 if has_version sys-auth/policykit; then
432 rm -rf "${D}"/usr/share/PolicyKit/policy/org.libvirt.unix.policy
433 fi
434
435 # Only sysctl files ending in .conf work
436 dodir /etc/sysctl.d
437 mv "${D}"/usr/lib/sysctl.d/libvirtd.conf "${D}"/etc/sysctl.d/libvirtd.conf
438 }
439
440 pkg_postinst() {
441 if [[ -e "${ROOT}"/etc/libvirt/qemu/networks/default.xml ]]; then
442 touch "${ROOT}"/etc/libvirt/qemu/networks/default.xml
443 fi
444
445 # support for dropped privileges
446 if use qemu; then
447 fperms 0750 "${EROOT}/var/lib/libvirt/qemu"
448 fperms 0750 "${EROOT}/var/cache/libvirt/qemu"
449 fi
450
451 if use caps && use qemu; then
452 fowners -R qemu:qemu "${EROOT}/var/lib/libvirt/qemu"
453 fowners -R qemu:qemu "${EROOT}/var/cache/libvirt/qemu"
454 elif use qemu; then
455 fowners -R root:root "${EROOT}/var/lib/libvirt/qemu"
456 fowners -R root:root "${EROOT}/var/cache/libvirt/qemu"
457 fi
458
459 if ! use policykit; then
460 elog "To allow normal users to connect to libvirtd you must change the"
461 elog "unix sock group and/or perms in /etc/libvirt/libvirtd.conf"
462 fi
463
464 use libvirtd || return 0
465 # From here, only libvirtd-related instructions, be warned!
466
467 readme.gentoo_print_elog
468
469 if use caps && use qemu; then
470 elog "libvirt will now start qemu/kvm VMs with non-root privileges."
471 elog "Ensure any resources your VMs use are accessible by qemu:qemu"
472 fi
473 }
Report Message
Find on MARC Find on Google Groups