Merge ~paelzer/ubuntu/+source/libvirt:merge-6.6.0-groovy into ~paelzer/ubuntu/+source/libvirt:merge-6.6.0-mergebase
- Git
- lp:~paelzer/ubuntu/+source/libvirt
- merge-6.6.0-groovy
- Merge into merge-6.6.0-mergebase
Status: | Merged | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Approved by: | Christian Ehrhardt | ||||||||||||
Approved revision: | 139d00982a7117772220aea95675dfa522fd29da | ||||||||||||
Merge reported by: | Christian Ehrhardt | ||||||||||||
Merged at revision: | 139d00982a7117772220aea95675dfa522fd29da | ||||||||||||
Proposed branch: | ~paelzer/ubuntu/+source/libvirt:merge-6.6.0-groovy | ||||||||||||
Merge into: | ~paelzer/ubuntu/+source/libvirt:merge-6.6.0-mergebase | ||||||||||||
Diff against target: |
10108 lines (+9168/-74) 46 files modified
debian/changelog (+7070/-25) debian/control (+16/-16) debian/libvirt-clients.install (+1/-0) debian/libvirt-clients.lintian-overrides (+1/-0) debian/libvirt-daemon-system.dirs (+2/-0) debian/libvirt-daemon-system.install (+1/-1) debian/libvirt-daemon-system.postinst (+128/-0) debian/libvirt-daemon-system.postrm (+26/-1) debian/libvirt-daemon.README.Debian (+82/-22) debian/libvirt-daemon.apport (+22/-0) debian/libvirt-daemon.dnsmasq (+2/-0) debian/libvirt-daemon.install (+1/-0) debian/libvirt-uri.sh (+27/-0) debian/patches/series (+30/-0) debian/patches/ubuntu-aa/0003-apparmor-libvirt-qemu-Allow-read-access-to-overcommi.patch (+30/-0) debian/patches/ubuntu-aa/0007-apparmor-libvirt-qemu-Allow-owner-read-access-to-PRO.patch (+28/-0) debian/patches/ubuntu-aa/0020-virt-aa-helper-ubuntu-storage-paths.patch (+37/-0) debian/patches/ubuntu-aa/0029-appmor-libvirt-qemu-Add-9p-support.patch (+34/-0) debian/patches/ubuntu-aa/0030-virt-aa-helper-Complete-9p-support.patch (+36/-0) debian/patches/ubuntu-aa/0031-virt-aa-helper-Ask-for-no-deny-rule-for-readonly-dis.patch (+43/-0) debian/patches/ubuntu-aa/0032-apparmor-libvirt-qemu-Allow-reading-charm-specific-c.patch (+34/-0) debian/patches/ubuntu-aa/0033-UBUNTU-only-apparmor-for-kvm.powerpc-LP-1680384.patch (+41/-0) debian/patches/ubuntu-aa/0034-apparmor-virt-aa-helper-access-for-snapped-nova.patch (+33/-0) debian/patches/ubuntu-aa/0050-local-include-for-libvirt-qemu.patch (+19/-0) debian/patches/ubuntu-aa/apparmor-allow-unmounting-.dev-entries.patch (+41/-0) debian/patches/ubuntu-aa/apparmor-profiles-are-meant-to-allow-adding-permanen.patch (+65/-0) debian/patches/ubuntu-aa/lp-1815910-allow-vhost-hotplug.patch (+57/-0) debian/patches/ubuntu-aa/lp-1847361-load-versioned-module.patch (+44/-0) debian/patches/ubuntu/Allow-libvirt-group-to-access-the-socket.patch (+49/-0) debian/patches/ubuntu/daemon-augeas-fix-expected.patch (+20/-0) debian/patches/ubuntu/dnsmasq-as-priv-user (+290/-0) debian/patches/ubuntu/lp-1861125-ubuntu-models.patch (+21/-0) debian/patches/ubuntu/ovmf_paths.patch (+60/-0) debian/patches/ubuntu/parallel-shutdown.patch (+25/-0) debian/patches/ubuntu/set-default-machine-to-ubuntu.patch (+45/-0) debian/patches/ubuntu/tools-fix-libvirt-guests.sh-text-assignments.patch (+405/-0) debian/patches/ubuntu/ubuntu_machine_type.patch (+14/-0) debian/patches/ubuntu/wait-for-qemu-kvm.patch (+23/-0) debian/patches/virdevmapper-Don-t-cache-device-mapper-major.patch (+88/-0) debian/patches/virdevmapper-Handle-kernel-without-device-mapper-support.patch (+76/-0) debian/patches/virdevmapper-Ignore-all-errors-when-opening-dev-mapper-co.patch (+76/-0) debian/rules (+14/-4) debian/tests/control (+2/-1) debian/tests/smoke-lxc (+2/-2) debian/tests/smoke-qemu-session (+5/-0) debian/tests/smoke-qemu-session.xml (+2/-2) |
||||||||||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Rafael David Tinoco (community) | Approve | ||
Canonical Server | Pending | ||
Christian Ehrhardt | Pending | ||
Review via email: mp+389531@code.launchpad.net |
Commit message
Description of the change
Christian Ehrhardt (paelzer) wrote : | # |
Rafael David Tinoco (rafaeldtinoco) wrote : | # |
I'll try to finish the review tomorrow morning (my morning).
- 9b99315... by Christian Ehrhardt
-
fix device mapper issues
As reported on:
https://www.redhat. com/archives/ libvir- list/2020- August/ msg00236. html
https://www.redhat. com/archives/ libvir- list/2020- August/ msg00592. html
- virdevmapper-Don-t-cache- device- mapper- major.patch
- virdevmapper-Ignore- all-errors- when-opening- dev-mapper- co.patch
- virdevmapper-Handle- kernel- without- device- mapper- support. patch - 39a09a6... by Christian Ehrhardt
-
M CL - if Disable rbd and zfs is no more needed
Signed-off-by: Christian Ehrhardt <email address hidden>
- 0e20e39... by Christian Ehrhardt
-
d/control: drop mdevctl to a suggest until (LP 1889248) is ready
Signed-off-by: Christian Ehrhardt <email address hidden>
- 139d009... by Christian Ehrhardt
-
changelog: drop mdevctl to a suggest until (LP 1889248) is ready
Signed-off-by: Christian Ehrhardt <email address hidden>
Christian Ehrhardt (paelzer) wrote : | # |
Updated a few patches to the latest state as of upstream/debian acceptance
Also rebased on the latest Debian experimental that this will eventually be.
That allowed me to drop a few more of the changes already.
The old merge state is in tag "merge-
The new merge is the branch "merge-
I moved "merge-
Further experiments with ZFS/RBD on Risc also showed that we can now build them allowing to drop one more change.
Also I started another round of tests (except ppc which has no machine free atm) on the latest build.
Rafael David Tinoco (rafaeldtinoco) wrote : | # |
Overall changelog looks good and no major changes should be made. I have taken
note of some typos and/or missing entries that could, or could not, make sense
for you to change.
Note: - search for TODO keyword to find actionable items
--------
TODO: missing changelog entries:
ad8c54a76d - d/control: make libvirt-
03604151e5 * SECURITY UPDATE: privilege escalation via incorrect socket permissi
875cb82db4 d/p/ubuntu/
0e20e39ae3 d/control: drop mdevctl to a suggest until (LP 1889248) is ready
libvirt (6.6.0-2ubuntu1) groovy; urgency=medium
* Merge with Debian 6.6.0-1 from experimental
Among many other new features and fixes this includes fixes for:
(LP: #1874647) - Stale libvirt cache leads to VM startup failures
(LP: #1869796) - bad ordering and dependent restarts of services/sockets
Remaining changes:
- d/control, d/rules: Disable rbd and zfs on riscv64 where they are unavailable (LP 1872952)
67901169b6 d/p/ubuntu-
- d/p/ubuntu-
0ceb2041a2 libvirt-uri.sh: default libvirt URI on Xen dom0
- libvirt-uri.sh: Automatically switch default libvirt URI for users via user profile (xen URI on dom0, qemu:///system otherwise)
04b0e75a32 disable libssh2 support (universe dependency)
- Disable libssh2 support (universe dependency)
7298283fce disable firewalld support (universe dependency)
- Disable firewalld support (universe dependency)
2f287795eb set qemu-group to kvm (for compat with older ubuntu)
- Set qemu-group to kvm (for compat with older ubuntu)
a1fdd55e08 Add apport package-hook
- Additional apport package-hook
acd80701a8 Create autostart default network.
- Autostart default bridged network (As upstream does, but not Debian).
In addition to just enabling it our solution provides:
+ do not autostart if subnet is already taken (e.g. in guests).
+ iterate some alternative subnets before giving up
01482fc398 Allow-libvirt-
c8bff4a40c - d/libvirt-
- d/p/ubuntu/
+ d/p/ubuntu/
+ d/libvirt-
3bc9fc096d - d/p/ubuntu/
- ubuntu/
302eb29c1f Update README.Debian with Ubuntu changes
- Update README.Debian with Ubuntu changes
- Enable some additional features on ppc64el and s390x (for arch parity)
+ systemtap, zfs, numa and numad on s390x.
+ systemtap on ppc64el.
0d6a03a7b0 - d/p/ubuntu/
- d/p/ubuntu...
Rafael David Tinoco (rafaeldtinoco) wrote : | # |
Related to some patches highlighted as actionable items in previous comment.. here are some comments:
# OBS 01:
The commit:
commit fd2c9ec380
Author: Christian Ehrhardt <email address hidden>
Date: Thu Aug 10 06:56:04 2017
apparmor, libvirt-qemu: Allow read access to
Note: accepted upstream will be in 6.7
Signed-off-by: Christian Ehrhardt <email address hidden>
has an incomplete git log and a note saying that it is accepted upstream.
it includes:
+ubuntu-
saying:
+Forwarded: no (part of continuous upstreaming effort)
Could be replaced by upstream patch:
commit e16967fd6e
Author: Jamie Strandboge <email address hidden>
Date: Mon Aug 3 08:41:33 2020
apparmor: read only access to overcommit_memory
Allow qemu to read @{PROC}
This is read on guest start-up and (as read-only) not a
critical secret that has to stay hidden.
Signed-off-by: Christian Ehrhardt <email address hidden>
Signed-off-by: Stefan Bader <email address hidden>
Signed-off-by: Jamie Strandboge <email address hidden>
Reviewed-by: Andrea Bolognani <email address hidden>
With no DEP3/changes needed.
Rafael David Tinoco (rafaeldtinoco) wrote : | # |
# OBS 02:
The same thing applies to commit:
commit 91c39e7fba
Author: Christian Ehrhardt <email address hidden>
Date: Thu Aug 10 06:57:59 2017
apparmor, libvirt-qemu: Allow owner read access to
Note: accepted upstream will be in 6.7
Signed-off-by: Christian Ehrhardt <email address hidden>
also with an incomplete git log and a note.
it includes:
+ubuntu-
saying:
+Forwarded: no (part of continuous upstreaming effort)
Could be replace by upstream patch:
commit 7c5ef98c00
Author: Stefan Bader <email address hidden>
Date: Mon Aug 3 08:44:27 2020
apparmor: qemu access to @{PROC}/*/auxv for hw_cap
On some architectures (ppc, s390x, sparc, arm) qemu will read auxv
to detect hardware capabilities via qemu_getauxval.
Allow that access read-only for the entry owned by the current
qemu process.
Signed-off-by: Christian Ehrhardt <email address hidden>
Signed-off-by: Stefan Bader <email address hidden>
Reviewed-by: Andrea Bolognani <email address hidden>
Acked-by: Jamie Strandboge <email address hidden>
With no DEP3/changes needed.
Rafael David Tinoco (rafaeldtinoco) wrote : | # |
# OBS 03:
In the same line... the commit:
commit 67901169b6
Author: Christian Ehrhardt <email address hidden>
Date: Tue Mar 10 04:58:01 2020
d/p/
Note: accepted upstream will be in 6.7
Signed-off-by: Christian Ehrhardt <email address hidden>
including:
+ubuntu-
Could be replaced by:
commit 3ef2af8ed3
Author: Christian Ehrhardt <email address hidden>
Date: Mon Aug 3 09:03:19 2020
apparmor: let qemu load old shared objects after upgrades
Since [1] qemu can after upgrade fall back to pre-upgrade modules
to still be able to dynamically load qemu-module based features.
The paths for these modules are pre-defined by the code and should
be allowed to be mapped and loaded from which will allow packagers
avoiding the inability of late feature load [2] after package upgrades.
[1]: https:/
[2]: https:/
Signed-off-by: Christian Ehrhardt <email address hidden>
Acked-by: Jamie Strandboge <email address hidden>
Reviewed-by: Andrea Bolognani <email address hidden>
Reviewed-by: Daniel P. Berrangé <berrange redhat com>
Rafael David Tinoco (rafaeldtinoco) wrote : | # |
# OBS 04:
In changelog, we have:
libvirt (6.6.0-1) UNRELEASED; urgency=medium
Is this okay ? I used:
open-iscsi (2.1.1-1) experimental; urgency=medium
for unreleased (but merged) version, in my case.
Rafael David Tinoco (rafaeldtinoco) wrote : | # |
Lintian is good for source and binaries. I'll let you handle the functional tests. All looks good and feel free to merge after deciding to address, or not, the items I have brought to your attention (definitely not blockers for anything).
Christian Ehrhardt (paelzer) wrote : | # |
Regression tests completed with the latest build, this time all works without errors.
Thanks for the review, I need to go through this review feedback to complete - thanks!
Christian Ehrhardt (paelzer) wrote : | # |
In 03604151e5 I mentioned why this doesn't get an extra CL entry.
It is essentially just a fixup an a logical change that is in the changelog (commit will also be squashed on next merge).
For 875cb82db4:
This was formerly part of
137 - d/p/ubuntu/
138 types (LP 1861125)
We only retained the minor bit that is for Ubuntu downstream only.
I added a line for it.
0e20e39ae3 has a CL entry in the "Added section already"
ad8c54a76d is a great catch, I've forgotten about it. This actually will be dropped now.
Added to CL and reverted the change.
Patches fd2c9ec380 and 91c39e7fba will be gone on the next merge anyway and the commit message holds the details. You are right I could add the "origin" statement here, but that would actually be wrong - the "origin" is this patch in ubuntu, just now it got applied and that I forward it is in "Forwarded: no (part of continuous upstreaming effort)".
Well I guess an Applied-Upstream tag would match best.
There were actually three more of that kind which I marked as well - and two more of Debian which I didn't touch.
The 9p typo OTOH isn't important IMHO.
The typo in d8e3efc690 isn't important either as it will be gone next merge (I upstreamed this).
And finally - I'm waiting for Debian to upload 6.6 - then I'll rebase to that and due to that I'll get the UNRELEASED out of the changelog.
Ok- thanks a lot - now tests and review are good.
Just waiting on the Debian upload to happen.
Christian Ehrhardt (paelzer) wrote : | # |
In Debian we now have put everything together, I'll do a last rebase, rebuild retest.
If nothing interesting comes up I'll upload otherwise I'll speak up here for a re-review of the changes I needed.
Christian Ehrhardt (paelzer) wrote : | # |
FYI - rebase and build without any unexpected u-turns.
Tests are running atm
Christian Ehrhardt (paelzer) wrote : | # |
Ok, all tests look good, uploading.
To ssh://git.
* [new tag] upload/
Uploading to ubuntu (via ftp to upload.ubuntu.com):
Uploading libvirt_
Uploading libvirt_
Uploading libvirt_
Uploading libvirt_
Uploading libvirt_
Uploading libvirt_
Successfully uploaded packages.
Christian Ehrhardt (paelzer) wrote : | # |
Lovely - I built this 13 times in Launchpad the last two weeks.
Now on the actual upload I see FTBFS :-/
But it seems to be build-infra and not libvirt that breaks.
Never the less - merged from the MP POV
Preview Diff
1 | diff --git a/debian/changelog b/debian/changelog |
2 | index 7d60533..acb36b9 100644 |
3 | --- a/debian/changelog |
4 | +++ b/debian/changelog |
5 | @@ -1,3 +1,183 @@ |
6 | +libvirt (6.6.0-2ubuntu1) groovy; urgency=medium |
7 | + |
8 | + * Merge with Debian 6.6.0-1 from experimental |
9 | + Among many other new features and fixes this includes fixes for: |
10 | + (LP: #1874647) - Stale libvirt cache leads to VM startup failures |
11 | + (LP: #1869796) - bad ordering and dependent restarts of services/sockets |
12 | + Remaining changes: |
13 | + - d/p/ubuntu-aa/lp-1847361-load-versioned-module.patch: allow loading |
14 | + versioned modules after qemu package upgrades (LP 1847361) |
15 | + - libvirt-uri.sh: Automatically switch default libvirt URI for users |
16 | + via user profile (xen URI on dom0, qemu:///system otherwise) |
17 | + - Disable libssh2 support (universe dependency) |
18 | + - Disable firewalld support (universe dependency) |
19 | + - Set qemu-group to kvm (for compat with older ubuntu) |
20 | + - Additional apport package-hook |
21 | + - Autostart default bridged network (As upstream does, but not Debian). |
22 | + In addition to just enabling it our solution provides: |
23 | + + do not autostart if subnet is already taken (e.g. in guests). |
24 | + + iterate some alternative subnets before giving up |
25 | + - d/p/ubuntu/Allow-libvirt-group-to-access-the-socket.patch: This is |
26 | + the group based access to libvirt functions as it was used in Ubuntu |
27 | + for quite long. |
28 | + + d/p/ubuntu/daemon-augeas-fix-expected.patch fix some related tests |
29 | + due to the group access change. |
30 | + + d/libvirt-daemon-system.postinst: add users in sudo to the libvirt |
31 | + group. |
32 | + - ubuntu/parallel-shutdown.patch: set parallel shutdown by default. |
33 | + - Update README.Debian with Ubuntu changes |
34 | + - d/p/ubuntu/ubuntu_machine_type.patch: accept ubuntu types as pci440fx |
35 | + - fix autopkgtests |
36 | + + d/t/control, d/t/smoke-qemu-session: fixup smoke-qemu-session by making |
37 | + vmlinuz available and accessible (Debian bug 848314) |
38 | + + d/t/control: fix smoke-qemu-session by ensuring the service will run |
39 | + installing libvirt-daemon-system |
40 | + + d/t/smoke-lxc: fix smoke-lxc by ignoring potential issues on destroy as |
41 | + long as the following undefine succeeds |
42 | + + d/t/smoke-lxc: use systemd instead of sysV to restart the service |
43 | + - dnsmasq related enhancements |
44 | + + run dnsmasq as libvirt-dnsmasq (LP: 1743718) |
45 | + + d/libvirt-daemon-system.postinst: add libvirt-dnsmasq user and group |
46 | + + d/libvirt-daemon-system.postrm: remove libvirt-dnsmasq user and group |
47 | + on purge |
48 | + + d/p/ubuntu/dnsmasq-as-priv-user: write dnsmasq config with user |
49 | + libvirt-dnsmasq and adapt the self tests to expect that config |
50 | + + d/libvirt-daemon-system.postinst: fix old libvirt-dnsmasq users group |
51 | + + Add dnsmasq configuration to work with system wide dnsmasq-base |
52 | + - debian/rules: disable the netcf backend. (LP: 1764314) |
53 | + - debian/patches/ubuntu/ovmf_paths.patch: adjust paths to secboot.fd UEFI |
54 | + Secure Boot enabled variants of the OVMF firmware and variable store for |
55 | + the paths where we ship these files in Ubuntu. |
56 | + - d/p/ubuntu/set-default-machine-to-ubuntu.patch: to select default |
57 | + machine type correctly with newer qemu/libvirt |
58 | + - d/control: add libzfslinux-dev to build-deps |
59 | + - d/control: drop libvirt-lxc, vbox and xen drivers to suggest |
60 | + - Apparmor Delta that is Ubuntu specific or yet to be upstreamed |
61 | + split into logical pieces. File names in debian/patches/ubuntu-aa/: |
62 | + + 0003-apparmor-libvirt-qemu-Allow-read-access-to-overcommi.patch: |
63 | + apparmor, libvirt-qemu: Allow read access to overcommit_memory |
64 | + + 0007-apparmor-libvirt-qemu-Allow-owner-read-access-to-PRO.patch: |
65 | + apparmor, libvirt-qemu: Allow owner read access to @{PROC}/*/auxv |
66 | + + 0020-virt-aa-helper-ubuntu-storage-paths.patch: |
67 | + apparmor, virt-aa-helper: Allow various storage pools and image |
68 | + locations |
69 | + + 0029-appmor-libvirt-qemu-Add-9p-support.patch: appmor, |
70 | + libvirt-qemu: Add 9p support |
71 | + + 0030-virt-aa-helper-Complete-9p-support.patch: virt-aa-helper: |
72 | + add l to 9p file options. |
73 | + + 0031-virt-aa-helper-Ask-for-no-deny-rule-for-readonly-dis.patch: |
74 | + virt-aa-helper: Ask for no deny rule for readonly disk (renamed and |
75 | + reworded, was virt-aa-helper-no-explicity-deny-for-basefiles.patch) |
76 | + + 0032-apparmor-libvirt-qemu-Allow-reading-charm-specific-c.patch: |
77 | + apparmor, libvirt-qemu: Allow reading charm-specific ceph config |
78 | + + 0033-UBUNTU-only-apparmor-for-kvm.powerpc-LP-1680384.patch: allow |
79 | + commands executed by ubuntu only kvm wrapper on ppc64el |
80 | + (LP 1686621 LP 1680384 LP 1784023) |
81 | + + 0034-apparmor-virt-aa-helper-access-for-snapped-nova.patch: |
82 | + apparmor, virt-aa-helper: access for snapped nova |
83 | + + 0050-local-include-for-libvirt-qemu.patch, |
84 | + d/libvirt-daemon-system.postinst: provide a local apparmor include |
85 | + for abstraction/libvirt-qemu (LP: 1786019) |
86 | + + lp-1815910-allow-vhost-net.patch: avoid apparmor issues |
87 | + with vhost-net/vhost-vsock/vhost-scsi hotplug (LP: 1815910) |
88 | + * Dropped changes (in Debian now): |
89 | + - Enable some additional features on ppc64el and s390x (for arch parity) |
90 | + + systemtap, zfs, numa and numad on s390x. |
91 | + + systemtap on ppc64el. |
92 | + - enable attr support to store XATTR labels. Among other things |
93 | + this allows to properly restore file ownership (LP 691590) |
94 | + - d/control: build depend to libattr1-dev |
95 | + - d/rules: configure --with-attr |
96 | + - Install virt-login-shell-helper |
97 | + - Install augeas lenses for all drivers |
98 | + - Remove all mentions of Devhelp |
99 | + - not-installed: Remove obsolete entries |
100 | + - not-installed: List all split daemons files |
101 | + - d/control: bump build dep to python3 |
102 | + - d/control: add python3-docutils as build dependency |
103 | + - d/rules: set enable-dependency-tracking to avoid FTBFS |
104 | + - d/rules: drop the no more existing phyp option |
105 | + - d/rules: drop the no more existing xen configure option |
106 | + - minimize patches generated by autoreconf |
107 | + - fix build on Debian/Ubuntu in qemuhotplugtest |
108 | + - d/libvirt-doc.doc: install rendered docs |
109 | + - d/libvirt-daemon-system.examples: drop old examples that are now active |
110 | + - d/libvirt-doc.doc-base.libvirt-doc: adapt doc base to new file placement |
111 | + - d/libvirt-daemon-system-sysv.lintian-overrides: not shipiing systemd files |
112 | + - d/libnss-libvirt.lintian-overrides: accept having two nss so files |
113 | + - d/rules: don't ship split daemons just yet |
114 | + - d/rules: install /etc/default/* files that are shared between sysv and |
115 | + systemd packages |
116 | + - d/rules: add libvirt-guests.default to libvirt-daemon-system instead of |
117 | + libvirt-daemon-system-sysv |
118 | + - d/rules: install virtlockd correctly with defaults file (LP: 1729516) |
119 | + - d/rules: also check build time self test results on all architectures |
120 | + - d/rules: add --no-restart-after-upgrade to services that are supposed to |
121 | + stay up through upgrades - this also applies to related sockets. |
122 | + * Dropped changes (part of upstream now): |
123 | + - d/p/ubuntu/lp-1879325-*: avoid issues with apparmor metadata labeling |
124 | + (LP 1879325) |
125 | + - d/p/ubuntu-aa/lp-1871354*: fix apparmor denials on libpmem init |
126 | + (LP 1871354) |
127 | + - d/p/ubuntu/CVE-CVE-2020-10701-api-disallow-virDomainAgentSetResponseTimeout |
128 | + -on-rea.patch: avoid DOS through read only connections |
129 | + CVE-2020-10701 |
130 | + - d/p/ubuntu/lp-1867460-*: fix domcapabilities before capabilities |
131 | + and binary autodetection in general (LP 1867460) |
132 | + - d/p/stable/lp-1868539-*: stabilize libvirt by backporting upstream |
133 | + fixes (LP 1868539) |
134 | + - d/p/ubuntu/lp-1853200*: add cpu models without hle/rtm features to have |
135 | + modern types on kernels with recent security fixes (LP 1853200) |
136 | + - d/p/ubuntu/lp-1868528-*: Fail when fetching CPU Status for invalid CPU |
137 | + (LP 1868528) |
138 | + - d/p/ubuntu/lp-1865425-*: avoid killing the monitor job in |
139 | + qemuDomainSetTimeAgent (LP 1865425) |
140 | + - d/p/ubuntu-aa/virt-aa-helper-Add-support-for-smartcard-host-certif.patch: |
141 | + allow emulation of smartcard via host certificates |
142 | + - d/p/ubuntu/lp-1861125-*: fix non host-model migrations from old machine |
143 | + types (LP 1861125) |
144 | + - d/p/ubuntu-aa/apparmor-allow-to-call-vhost-user-gpu.patch: do not apparmor |
145 | + block vhost-user-gpu usage |
146 | + - d/p/ubuntu/lp-1655111*: fix qemu_bridge_helper to work with named |
147 | + profiles (LP 1655111) |
148 | + * Dropped changes (no more needed): |
149 | + - Update Vcs-Git and Vcs-Browser fields to point to launchpad |
150 | + - d/control: VCS links to use generic Ubuntu launchpad git URLs |
151 | + - refreshed patches for libvirt v6.0.0 |
152 | + - d/libvirt-daemon-system.postrm: change order of libvirt-qemu removal to |
153 | + avoid error messages on purge [deluser/delgroup no more report warnings] |
154 | + - "Additional apport package-hook": due to context auto updates |
155 | + d/libvirt-daemon.install had bad entries which are no more required. |
156 | + - d/control, d/rules: Disable rbd and zfs on riscv64 where they are |
157 | + unavailable (LP 1872952) |
158 | + * Added Changes: |
159 | + - d/control: breaks replaces for augeas lenses move in 6.0.0-1 |
160 | + (follows Debian, droppable >22.04) |
161 | + - refresh ubuntu patches for 6.6 |
162 | + - d/p/ubuntu-aa/0050-local-include-for-libvirt-qemu.patch |
163 | + - d/p/ubuntu-aa/0034-apparmor-virt-aa-helper-access-for-snapped-nova.patch |
164 | + - d/p/ubuntu-aa/0020-virt-aa-helper-ubuntu-storage-paths.patch |
165 | + - d/p/ubuntu/dnsmasq-as-priv-user |
166 | + - d/p/ubuntu/Allow-libvirt-group-to-access-the-socket.patch |
167 | + - d/p/ubuntu/daemon-augeas-fix-expected.patch |
168 | + - d/libvirt-daemon-system.postinst: fix bashism in dnsmasq related |
169 | + enhancements |
170 | + - d/p/ubuntu/wait-for-qemu-kvm.patch - avoid hangs on startup (LP: #1887592) |
171 | + - d/libvirt-clients.lintian-overrides: profile scripts are non executable |
172 | + - d/p/ubuntu-aa/apparmor-allow-unmounting-.dev-entries.patch: avoid |
173 | + triggering denials in devmapper error path |
174 | + - d/p/ubuntu-aa/pparmor-profiles-are-meant-to-allow-adding-permanen.patch: |
175 | + (again) allow permanent per guest overrides (LP: #1745114) |
176 | + - fix device mapper issues |
177 | + - d/p/virdevmapper-Don-t-cache-device-mapper-major.patch |
178 | + - d/p/virdevmapper-Handle-kernel-without-device-mapper-sup.patch |
179 | + - d/p/ubuntu/virdevmapper-Ignore-all-errors-when-opening-dev-mapp.patch |
180 | + - fix libvirt-guests.sh that was breaking when multiple guests were active |
181 | + - d/p/ubuntu/tools-fix-libvirt-guests.sh-text-assignments.patch |
182 | + - d/control: drop mdevctl to a suggest until (LP 1889248) is ready |
183 | + |
184 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 06 Aug 2020 08:04:09 +0200 |
185 | + |
186 | libvirt (6.6.0-1) UNRELEASED; urgency=medium |
187 | |
188 | * [ecdcc72] New upstream version 6.6.0 |
189 | @@ -215,6 +395,287 @@ libvirt (6.0.0~rc1-1) experimental; urgency=medium |
190 | |
191 | -- Guido Günther <agx@sigxcpu.org> Sat, 18 Jan 2020 18:16:20 +0100 |
192 | |
193 | +libvirt (6.0.0-0ubuntu11) groovy; urgency=medium |
194 | + |
195 | + * SECURITY UPDATE: privilege escalation via incorrect socket permissions |
196 | + - debian/patches/ubuntu/Allow-libvirt-group-to-access-the-socket.patch: |
197 | + updated patch to also set appropriate permissions on socket created |
198 | + by systemd. |
199 | + - CVE-2020-15708 |
200 | + |
201 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 05 Aug 2020 09:08:34 -0400 |
202 | + |
203 | +libvirt (6.0.0-0ubuntu10) groovy; urgency=medium |
204 | + |
205 | + * enable attr support to store XATTR labels. Among other things |
206 | + this allows to properly restore file ownership (LP: #691590) |
207 | + - d/control: build depend to libattr1-dev |
208 | + - d/rules: configure --with-attr |
209 | + |
210 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 22 Jun 2020 21:30:50 +0200 |
211 | + |
212 | +libvirt (6.0.0-0ubuntu9) groovy; urgency=medium |
213 | + |
214 | + * d/p/ubuntu/lp-1879325-*: avoid issues with apparmor metadata labeling |
215 | + (LP: #1879325) |
216 | + |
217 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 20 May 2020 06:59:57 +0200 |
218 | + |
219 | +libvirt (6.0.0-0ubuntu8) focal; urgency=medium |
220 | + |
221 | + * d/control, d/rules: Disable rbd and zfs on riscv64 where they are |
222 | + unavailable (LP: #1872952) |
223 | + |
224 | + -- William Grant <wgrant@ubuntu.com> Sat, 18 Apr 2020 13:59:21 +1000 |
225 | + |
226 | +libvirt (6.0.0-0ubuntu7) focal; urgency=medium |
227 | + |
228 | + * d/p/ubuntu-aa/lp-1871354*: fix apparmor denials on libpmem init |
229 | + (LP: #1871354) |
230 | + * d/p/ubuntu/CVE-CVE-2020-10701-api-disallow-virDomainAgentSetResponseTimeout |
231 | + -on-rea.patch: avoid DOS through read only connections |
232 | + CVE-2020-10701 |
233 | + |
234 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 15 Apr 2020 12:29:12 +0200 |
235 | + |
236 | +libvirt (6.0.0-0ubuntu6) focal; urgency=medium |
237 | + |
238 | + * d/p/ubuntu/lp-1867460-*: fix domcapabilities before capabilities |
239 | + and binary autodetection in general (LP: #1867460) |
240 | + * d/p/stable/lp-1868539-*: stabilize libvirt by backporting upstream |
241 | + fixes (LP: #1868539) |
242 | + * d/p/ubuntu/lp-1853200*: add cpu models without hle/rtm features to have |
243 | + modern types on kernels with recent security fixes (LP: #1853200) |
244 | + * d/p/ubuntu/lp-1868528-*: Fail when fetching CPU Status for invalid CPU |
245 | + (LP: #1868528) |
246 | + |
247 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 20 Mar 2020 10:34:19 +0100 |
248 | + |
249 | +libvirt (6.0.0-0ubuntu5) focal; urgency=medium |
250 | + |
251 | + * d/p/ubuntu-aa/lp-1847361-load-versioned-module.patch: allow loading |
252 | + versioned modules after qemu package upgrades (LP: #1847361) |
253 | + |
254 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 10 Mar 2020 08:58:04 +0100 |
255 | + |
256 | +libvirt (6.0.0-0ubuntu4) focal; urgency=medium |
257 | + |
258 | + * d/p/ubuntu/lp-1865425-*: avoid killing the monitor job in |
259 | + qemuDomainSetTimeAgent (LP: #1865425) |
260 | + |
261 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 02 Mar 2020 10:44:22 +0100 |
262 | + |
263 | +libvirt (6.0.0-0ubuntu3) focal; urgency=medium |
264 | + |
265 | + * rebuild against libxen-dev 4.11.3 (no change needed) |
266 | + * d/p/ubuntu-aa/virt-aa-helper-Add-support-for-smartcard-host-certif.patch: |
267 | + allow emulation of smartcard via host certificates |
268 | + * d/p/ubuntu/lp-1861125-*: fix non host-model migrations from old machine |
269 | + types (LP: #1861125) |
270 | + * d/p/ubuntu-aa/apparmor-allow-to-call-vhost-user-gpu.patch: do not apparmor |
271 | + block vhost-user-gpu usage |
272 | + |
273 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 12 Feb 2020 14:20:08 +0100 |
274 | + |
275 | +libvirt (6.0.0-0ubuntu2) focal; urgency=medium |
276 | + |
277 | + [ Christian Ehrhardt ] |
278 | + * Bring back the ubuntu default URI handling. While no more needed for xen |
279 | + its removal made libvirt fallback further to the upstream default |
280 | + qemu:///session while Ubuntu forever had and for now wants to keep |
281 | + qemu:///system (LP: #1861693) |
282 | + - revert 'd/libvirt-clients.maintscript: rm_conffile libvirt-uri.sh that |
283 | + was optional for use on xen hosts' |
284 | + - libvirt-uri.sh: Automatically switch default libvirt URI for users on |
285 | + Xen dom0 via user profile |
286 | + [added back former delta] |
287 | + |
288 | + [ Andrea Bolognani ] |
289 | + * Merge further fixes from debian/experimental |
290 | + - Install virt-login-shell-helper |
291 | + - Install augeas lenses for all drivers |
292 | + - Remove all mentions of Devhelp |
293 | + - not-installed: Remove obsolete entries |
294 | + - not-installed: List all split daemons files |
295 | + |
296 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 04 Feb 2020 13:08:49 +0100 |
297 | + |
298 | +libvirt (6.0.0-0ubuntu1) focal; urgency=medium |
299 | + |
300 | + * Merged with Debian 5.6.0-4 from experimental and v6.0.0 from upstream |
301 | + Among many other new features and fixes this includes fixes for: |
302 | + - LP: #1859253 - rbd driver fails to create a new volume |
303 | + - LP: #1858341 - rbd driver does not list all volumes in pool |
304 | + - LP: #1845506 - Libvirt snapshot doesn't update apparmor profile |
305 | + - LP: #1854653 - slow libvirt-guests.sh during shutdown if service is off |
306 | + - LP: #1848229 - enable ppc64el to use ccf-assist feature |
307 | + - LP: #1853315 - Enable CPU Model Comparison and Baselining on s390x |
308 | + - LP: #1853317 - CCW IPL support to boot from ECKD DASDs |
309 | + - LP: #1859506 - security: AppArmor profile fixes for swtpm |
310 | + Remaining changes: |
311 | + - Disable libssh2 support (universe dependency) |
312 | + - Disable firewalld support (universe dependency) |
313 | + - Set qemu-group to kvm (for compat with older ubuntu) |
314 | + - Additional apport package-hook |
315 | + - Autostart default bridged network (As upstream does, but not Debian). |
316 | + In addition to just enabling it our solution provides: |
317 | + + do not autostart if subnet is already taken (e.g. in guests). |
318 | + + iterate some alternative subnets before giving up |
319 | + - d/p/ubuntu/Allow-libvirt-group-to-access-the-socket.patch: This is |
320 | + the group based access to libvirt functions as it was used in Ubuntu |
321 | + for quite long. |
322 | + + d/p/ubuntu/daemon-augeas-fix-expected.patch fix some related tests |
323 | + due to the group access change. |
324 | + + d/libvirt-daemon-system.postinst: add users in sudo to the libvirt |
325 | + group. |
326 | + - ubuntu/parallel-shutdown.patch: set parallel shutdown by default. |
327 | + - Update Vcs-Git and Vcs-Browser fields to point to launchpad |
328 | + - Update README.Debian with Ubuntu changes |
329 | + - Enable some additional features on ppc64el and s390x (for arch parity) |
330 | + + systemtap, zfs, numa and numad on s390x. |
331 | + + systemtap on ppc64el. |
332 | + - d/p/ubuntu/ubuntu_machine_type.patch: accept ubuntu types as pci440fx |
333 | + - Further upstreamed apparmor Delta, especially any new one |
334 | + Our former delta is split into logical pieces and is either Ubuntu only |
335 | + or is part of a continuous upstreaming effort. |
336 | + Listing related remaining changes in debian/patches/ubuntu-aa/: |
337 | + - fix autopkgtests |
338 | + + d/t/control, d/t/smoke-qemu-session: fixup smoke-qemu-session by making |
339 | + vmlinuz available and accessible (Debian bug 848314) |
340 | + + d/t/control: fix smoke-qemu-session by ensuring the service will run |
341 | + installing libvirt-daemon-system |
342 | + + d/t/smoke-lxc: fix smoke-lxc by ignoring potential issues on destroy as |
343 | + long as the following undefine succeeds |
344 | + + d/t/smoke-lxc: use systemd instead of sysV to restart the service |
345 | + - dnsmasq related enhancements |
346 | + + run dnsmasq as libvirt-dnsmasq (LP: 1743718) |
347 | + + d/libvirt-daemon-system.postinst: add libvirt-dnsmasq user and group |
348 | + + d/libvirt-daemon-system.postrm: remove libvirt-dnsmasq user and group |
349 | + on purge |
350 | + + d/p/ubuntu/dnsmasq-as-priv-user: write dnsmasq config with user |
351 | + libvirt-dnsmasq and adapt the self tests to expect that config |
352 | + + d/libvirt-daemon-system.postinst: fix old libvirt-dnsmasq users group |
353 | + + Add dnsmasq configuration to work with system wide dnsmasq-base |
354 | + - debian/rules: disable the netcf backend. (LP: 1764314) |
355 | + - debian/patches/ubuntu/ovmf_paths.patch: adjust paths to secboot.fd UEFI |
356 | + Secure Boot enabled variants of the OVMF firmware and variable store for |
357 | + the paths where we ship these files in Ubuntu. |
358 | + - d/rules: install virtlockd correctly with defaults file (LP: 1729516) |
359 | + - d/rules: also check build time self test results on all architectures |
360 | + - d/p/ubuntu/set-default-machine-to-ubuntu.patch: to select default |
361 | + machine type correctly with newer qemu/libvirt |
362 | + - d/rules: add --no-restart-after-upgrade to services that are supposed to |
363 | + stay up through upgrades - this also applies to related sockets. |
364 | + - Apparmor Delta that is Ubuntu specific or yet to be upstreamed |
365 | + split into logical pieces. File names in debian/patches/ubuntu-aa/: |
366 | + + 0003-apparmor-libvirt-qemu-Allow-read-access-to-overcommi.patch: |
367 | + apparmor, libvirt-qemu: Allow read access to overcommit_memory |
368 | + + 0007-apparmor-libvirt-qemu-Allow-owner-read-access-to-PRO.patch: |
369 | + apparmor, libvirt-qemu: Allow owner read access to @{PROC}/*/auxv |
370 | + + 0017-apparmor-virt-aa-helper-Allow-access-to-tmp-director.patch: |
371 | + apparmor, virt-aa-helper: Allow access to tmp directories |
372 | + + 0020-virt-aa-helper-ubuntu-storage-paths.patch: |
373 | + apparmor, virt-aa-helper: Allow various storage pools and image |
374 | + locations |
375 | + + 0021-apparmor-virt-aa-helper-Add-openvswitch-support.patch: |
376 | + apparmor, virt-aa-helper: Add openvswitch support |
377 | + + 0029-appmor-libvirt-qemu-Add-9p-support.patch: appmor, |
378 | + libvirt-qemu: Add 9p support |
379 | + + 0030-virt-aa-helper-Complete-9p-support.patch: virt-aa-helper: |
380 | + add l to 9p file options. |
381 | + + 0031-virt-aa-helper-Ask-for-no-deny-rule-for-readonly-dis.patch: |
382 | + virt-aa-helper: Ask for no deny rule for readonly disk (renamed and |
383 | + reworded, was virt-aa-helper-no-explicity-deny-for-basefiles.patch) |
384 | + + 0032-apparmor-libvirt-qemu-Allow-reading-charm-specific-c.patch: |
385 | + apparmor, libvirt-qemu: Allow reading charm-specific ceph config |
386 | + + 0033-UBUNTU-only-apparmor-for-kvm.powerpc-LP-1680384.patch: allow |
387 | + commands executed by ubuntu only kvm wrapper on ppc64el |
388 | + (LP 1686621 LP 1680384 LP 1784023) |
389 | + + 0034-apparmor-virt-aa-helper-access-for-snapped-nova.patch: |
390 | + apparmor, virt-aa-helper: access for snapped nova |
391 | + + 0050-local-include-for-libvirt-qemu.patch, |
392 | + d/libvirt-daemon-system.postinst: provide a local apparmor include |
393 | + for abstraction/libvirt-qemu (LP: 1786019) |
394 | + + lp-1815910-allow-vhost-net.patch: avoid apparmor issues |
395 | + with vhost-net/vhost-vsock/vhost-scsi hotplug (LP: 1815910) |
396 | + * Dropped changes (in Debian) |
397 | + - d/libvirt0.symbols: bump symbol versions for 5.4.0 |
398 | + - avoid service dependency issues on upgrade (LP: 1786179) |
399 | + This will in the long term be resolved in dh_* tools, but to let an |
400 | + upgrade work for now we need to drop the sysV scripts (which we don't |
401 | + use anyway) and slightly modify the systemd service to work with todays |
402 | + dh_systemd_start properly. Can be dropped once Debian bug 905772 is |
403 | + resolved in dh_* tools and libvirt uses those new code. |
404 | + + d/libvirt-daemon-system.virtlogd.init: removed sysV init file |
405 | + + d/libvirt-daemon-system.libvirtd.init: removed sysV init file |
406 | + + debian/libvirt-daemon-system.maintscript: rm_conffile for virtlogd |
407 | + and lbivirtd sysV init file |
408 | + + d/p/ubuntu/avoid-restarting-virtlog-socket.patch: drop Also references |
409 | + to virtlogd/virtlockd sockets as they would imply a restart of |
410 | + virtlogd breaking it. |
411 | + [ we now have split packages for sysv and systemd support ] |
412 | + - d/t/control, d/t/smoke-lxc: fix up lxc smoke test isolation |
413 | + - Refreshed to match new upstream |
414 | + + d/p/Reduce-udevadm-settle-timeout-to-10-seconds.patch |
415 | + * Dropped changes (now upstream) |
416 | + - d/p/ubuntu/lp-1828495-*: make libvirt able to handle arch_capabilities |
417 | + cpu features for the Host. (LP: 1828495 - not closing yet as guest caps |
418 | + are still need fixups to work well LP: 1841066) |
419 | + - SECURITY UPDATEs: CVE-2019-10161, CVE-2019-10166, |
420 | + CVE-2019-10167 and CVE-2019-10168 |
421 | + - d/p/ubuntu-aa/lp-1833040-Add-openGraphicsFD-rule-for-named-profile.patch: |
422 | + avoid issues with remote screen connections like virt-manager due to |
423 | + apparmor changes in libvirt 5.1 (LP 1833040) |
424 | + - 0001-apparmor-Allow-pygrub-to-run-on-Debian-Ubuntu.patch: apparmor: |
425 | + Allow pygrub to run on Debian/Ubuntu |
426 | + - update to v5.4.0 |
427 | + * Dropped changes (Xen demoted to universe) |
428 | + - d/p/ubuntu/ubuntu-libxl-qemu-path.patch: this change was split. The |
429 | + section that adapts the path of the emulator to the Debian/Ubuntu |
430 | + packaging is kept. |
431 | + - d/p/ubuntu/ubuntu-libxl-Fix-up-VRAM-to-minimum-requirements.patch: auto |
432 | + set VRAM to minimum requirements |
433 | + - d/p/ubuntu/xen-default-uri.patch: set default URI on xen hosts |
434 | + - Add libxl log directory |
435 | + - libvirt-uri.sh: Automatically switch default libvirt URI for users on |
436 | + Xen dom0 via user profile (was missing on changelogs before) |
437 | + * Dropped changes (no more needed) |
438 | + - d/p/ubuntu/apibuild-skip-libvirt-common.h: drop libvirt-common.h from |
439 | + included_files to avoid build failures due to duplicate definitions. |
440 | + [ finally works in v6.0.0 ] |
441 | + - d/control: Revert iptables/ebtables dependency as Eoan still is on 1.6.x |
442 | + [ focal has iptables 1.8.3 ] |
443 | + - d/rules: adapt iptables binary paths present in Eoan (LP 1832297) |
444 | + [ focal has iptables 1.8.3 ] |
445 | + * Added Changes: |
446 | + - refreshed patches for libvirt v6.0.0 |
447 | + - d/control: bump build dep to python3 |
448 | + - d/control: VCS links to use generic Ubuntu launchpad git URLs |
449 | + - d/control: add python3-docutils as build dependency |
450 | + - d/control: add libzfslinux-dev to build-deps |
451 | + - d/rules: set enable-dependency-tracking to avoid FTBFS |
452 | + - d/rules: drop the no more existing phyp option |
453 | + - d/rules: drop the no more existing xen configure option |
454 | + - d/libvirt-clients.maintscript: rm_conffile libvirt-uri.sh that was |
455 | + optional for use on xen hosts |
456 | + - d/control: drop libvirt-lxc, vbox and xen drivers to suggest |
457 | + - minimize patches generated by autoreconf |
458 | + - fix build on Debian/Ubuntu in qemuhotplugtest |
459 | + - d/libvirt-doc.doc: install rendered docs |
460 | + - d/libvirt-daemon-system.examples: drop old examples that are now active |
461 | + - d/libvirt-doc.doc-base.libvirt-doc: adapt doc base to new file placement |
462 | + - d/libvirt-daemon-system-sysv.lintian-overrides: not shipiing systemd files |
463 | + - d/libnss-libvirt.lintian-overrides: accept having two nss so files |
464 | + - d/rules: don't ship split daemons just yet |
465 | + - d/rules: install /etc/default/* files that are shared between sysv and |
466 | + systemd packages |
467 | + - d/rules: add libvirt-guests.default to libvirt-daemon-system instead of |
468 | + libvirt-daemon-system-sysv |
469 | + - d/p/ubuntu/lp-1655111*: fix qemu_bridge_helper to work with named |
470 | + profiles (LP: #1655111) |
471 | + |
472 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 13 Jan 2020 13:14:14 +0100 |
473 | + |
474 | libvirt (5.6.0-4) experimental; urgency=medium |
475 | |
476 | * [d88536d] Introduce libvirt-daemon-system-{systemd,sysv} Move init scripts |
477 | @@ -300,6 +761,237 @@ libvirt (5.6.0-1) unstable; urgency=medium |
478 | |
479 | -- Andrea Bolognani <eof@kiyuko.org> Sun, 25 Aug 2019 16:32:31 +0200 |
480 | |
481 | +libvirt (5.4.0-0ubuntu5) eoan; urgency=medium |
482 | + |
483 | + * No-change upload with strops.h and sys/strops.h removed in glibc. |
484 | + |
485 | + -- Matthias Klose <doko@ubuntu.com> Thu, 05 Sep 2019 11:00:53 +0000 |
486 | + |
487 | +libvirt (5.4.0-0ubuntu4) eoan; urgency=medium |
488 | + |
489 | + * d/p/ubuntu/lp-1828495-*: make libvirt able to handle arch_capabilities |
490 | + cpu features for the Host. (LP: 1828495 - not closing yet as guest caps |
491 | + are still need fixups to work well LP: 1841066) |
492 | + |
493 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 20 Aug 2019 10:50:08 +0200 |
494 | + |
495 | +libvirt (5.4.0-0ubuntu3) eoan; urgency=medium |
496 | + |
497 | + * SECURITY UPDATE: virDomainSaveImageGetXMLDesc does not check for |
498 | + read-only connection |
499 | + - debian/patches/CVE-2019-10161.patch: add check to |
500 | + src/libvirt-domain.c, src/qemu/qemu_driver.c, |
501 | + src/remote/remote_protocol.x. |
502 | + - CVE-2019-10161 |
503 | + * SECURITY UPDATE: virDomainManagedSaveDefineXML does not check for |
504 | + read-only connection |
505 | + - debian/patches/CVE-2019-10166.patch: add check to |
506 | + src/libvirt-domain.c. |
507 | + - CVE-2019-10166 |
508 | + * SECURITY UPDATE: virConnectGetDomainCapabilities does not check for |
509 | + read-only connection |
510 | + - debian/patches/CVE-2019-10167.patch: add check to |
511 | + src/libvirt-domain.c. |
512 | + - CVE-2019-10167 |
513 | + * SECURITY UPDATE: virConnect*HypervisorCPU do not check for read-only |
514 | + connection |
515 | + - debian/patches/CVE-2019-10168.patch: add checks to |
516 | + src/libvirt-host.c. |
517 | + - CVE-2019-10168 |
518 | + |
519 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 02 Jul 2019 08:08:33 -0400 |
520 | + |
521 | +libvirt (5.4.0-0ubuntu2) eoan; urgency=medium |
522 | + |
523 | + * d/p/ubuntu-aa/lp-1833040-Add-openGraphicsFD-rule-for-named-profile.patch: |
524 | + avoid issues with remote screen connections like virt-manager due to |
525 | + apparmor changes in libvirt 5.1 (LP: #1833040) |
526 | + |
527 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 19 Jun 2019 14:34:54 +0200 |
528 | + |
529 | +libvirt (5.4.0-0ubuntu1) eoan; urgency=medium |
530 | + |
531 | + * Merged with Debian git 5.3.0-1~1.gbp7b1637 and upstreams 5.4 release |
532 | + Among many other new features and fixes this includes fixes for: |
533 | + LP: #1759509 - virsh dompmwakeup fails to wake VM from dompmsuspend state |
534 | + Remaining changes: |
535 | + - Disable libssh2 support (universe dependency) |
536 | + - Disable firewalld support (universe dependency) |
537 | + - Set qemu-group to kvm (for compat with older ubuntu) |
538 | + - Additional apport package-hook |
539 | + - Autostart default bridged network (As upstream does, but not Debian). |
540 | + In addition to just enabling it our solution provides: |
541 | + + do not autostart if subnet is already taken (e.g. in guests). |
542 | + + iterate some alternative subnets before giving up |
543 | + - d/p/ubuntu/Allow-libvirt-group-to-access-the-socket.patch: This is |
544 | + the group based access to libvirt functions as it was used in Ubuntu |
545 | + for quite long. |
546 | + + d/p/ubuntu/daemon-augeas-fix-expected.patch fix some related tests |
547 | + due to the group access change. |
548 | + + d/libvirt-daemon-system.postinst: add users in sudo to the libvirt |
549 | + group. |
550 | + - ubuntu/parallel-shutdown.patch: set parallel shutdown by default. |
551 | + - Update Vcs-Git and Vcs-Browser fields to point to launchpad |
552 | + - Xen related |
553 | + - d/p/ubuntu/ubuntu-libxl-qemu-path.patch: this change was split. The |
554 | + section that adapts the path of the emulator to the Debian/Ubuntu |
555 | + packaging is kept. |
556 | + - d/p/ubuntu/ubuntu-libxl-Fix-up-VRAM-to-minimum-requirements.patch: auto |
557 | + set VRAM to minimum requirements |
558 | + - d/p/ubuntu/xen-default-uri.patch: set default URI on xen hosts |
559 | + - Add libxl log directory |
560 | + - libvirt-uri.sh: Automatically switch default libvirt URI for users on |
561 | + Xen dom0 via user profile (was missing on changelogs before) |
562 | + - d/p/ubuntu/apibuild-skip-libvirt-common.h: drop libvirt-common.h from |
563 | + included_files to avoid build failures due to duplicate definitions. |
564 | + - Update README.Debian with Ubuntu changes |
565 | + - Enable some additional features on ppc64el and s390x (for arch parity) |
566 | + + systemtap, zfs, numa and numad on s390x. |
567 | + + systemtap on ppc64el. |
568 | + - d/t/control, d/t/smoke-qemu-session: fixup smoke-qemu-session by making |
569 | + vmlinuz available and accessible (Debian bug 848314) |
570 | + - d/t/control, d/t/smoke-lxc: fix up lxc smoke test isolation |
571 | + - d/p/ubuntu/ubuntu_machine_type.patch: accept ubuntu types as pci440fx |
572 | + - Further upstreamed apparmor Delta, especially any new one |
573 | + Our former delta is split into logical pieces and is either Ubuntu only |
574 | + or is part of a continuous upstreaming effort. |
575 | + Listing related remaining changes in debian/patches/ubuntu-aa/: |
576 | + + 0001-apparmor-Allow-pygrub-to-run-on-Debian-Ubuntu.patch: apparmor: |
577 | + Allow pygrub to run on Debian/Ubuntu |
578 | + + 0003-apparmor-libvirt-qemu-Allow-read-access-to-overcommi.patch: |
579 | + apparmor, libvirt-qemu: Allow read access to overcommit_memory |
580 | + + 0007-apparmor-libvirt-qemu-Allow-owner-read-access-to-PRO.patch: |
581 | + apparmor, libvirt-qemu: Allow owner read access to @{PROC}/*/auxv |
582 | + + 0017-apparmor-virt-aa-helper-Allow-access-to-tmp-director.patch: |
583 | + apparmor, virt-aa-helper: Allow access to tmp directories |
584 | + + ubuntu-aa/0020-virt-aa-helper-ubuntu-storage-paths.patch: |
585 | + apparmor, virt-aa-helper: Allow various storage pools and image |
586 | + locations |
587 | + + 0021-apparmor-virt-aa-helper-Add-openvswitch-support.patch: |
588 | + apparmor, virt-aa-helper: Add openvswitch support |
589 | + + 0029-appmor-libvirt-qemu-Add-9p-support.patch: appmor, |
590 | + libvirt-qemu: Add 9p support |
591 | + + 0030-virt-aa-helper-Complete-9p-support.patch: virt-aa-helper: |
592 | + add l to 9p file options. |
593 | + + 0031-virt-aa-helper-Ask-for-no-deny-rule-for-readonly-dis.patch: |
594 | + virt-aa-helper: Ask for no deny rule for readonly disk (renamed and |
595 | + reworded, was virt-aa-helper-no-explicity-deny-for-basefiles.patch) |
596 | + + 0032-apparmor-libvirt-qemu-Allow-reading-charm-specific-c.patch: |
597 | + apparmor, libvirt-qemu: Allow reading charm-specific ceph config |
598 | + + 0033-UBUNTU-only-apparmor-for-kvm.powerpc-LP-1680384.patch: allow |
599 | + commands executed by ubuntu only kvm wrapper on ppc64el |
600 | + (LP 1686621 LP 1680384 LP 1784023) |
601 | + + 0034-apparmor-virt-aa-helper-access-for-snapped-nova.patch: |
602 | + apparmor, virt-aa-helper: access for snapped nova |
603 | + + d/p/ubuntu-aa/0050-local-include-for-libvirt-qemu.patch, |
604 | + d/libvirt-daemon-system.postinst: provide a local apparmor include |
605 | + for abstraction/libvirt-qemu (LP: 1786019) |
606 | + + d/p/ubuntu-aa/lp-1815910-allow-vhost-net.patch: avoid apparmor issues |
607 | + with vhost-net/vhost-vsock/vhost-scsi hotplug (LP: 1815910) |
608 | + - d/rules: enable build time self tests on all architectures |
609 | + - dnsmasq related enhancements |
610 | + + run dnsmasq as libvirt-dnsmasq (LP: 1743718) |
611 | + + d/libvirt-daemon-system.postinst: add libvirt-dnsmasq user and group |
612 | + + d/libvirt-daemon-system.postrm: remove libvirt-dnsmasq user and group |
613 | + on purge |
614 | + + d/p/ubuntu/dnsmasq-as-priv-user: write dnsmasq config with user |
615 | + libvirt-dnsmasq and adapt the self tests to expect that config |
616 | + + d/libvirt-daemon-system.postinst: fix old libvirt-dnsmasq users group |
617 | + + Add dnsmasq configuration to work with system wide dnsmasq-base |
618 | + - debian/rules: disable the netcf backend. (LP: 1764314) |
619 | + - debian/control: drop libnetcf from Build-Depends. |
620 | + - debian/patches/ubuntu/ovmf_paths.patch: adjust paths to secboot.fd UEFI |
621 | + Secure Boot enabled variants of the OVMF firmware and variable store for |
622 | + the paths where we ship these files in Ubuntu. |
623 | + - d/rules: install virtlockd correctly with defaults file (LP: 1729516) |
624 | + - d/rules: also check build time self test results on all architectures |
625 | + - d/p/ubuntu/set-default-machine-to-ubuntu.patch: to select default |
626 | + machine type correctly with newer qemu/libvirt |
627 | + - d/t/control: fix smoke-qemu-session by ensuring the service will run |
628 | + installing libvirt-daemon-system |
629 | + - d/t/smoke-lxc: fix smoke-lxc by ignoring potential issues on destroy as |
630 | + long as the following undefine succeeds |
631 | + - avoid service dependency issues on upgrade (LP: 1786179) |
632 | + This will in the long term be resolved in dh_* tools, but to let an |
633 | + upgrade work for now we need to drop the sysV scripts (which we don't |
634 | + use anyway) and slightly modify the systemd service to work with todays |
635 | + dh_systemd_start properly. Can be dropped once Debian bug 905772 is |
636 | + resolved in dh_* tools and libvirt uses those new code. |
637 | + - d/libvirt-daemon-system.virtlogd.init: removed sysV init file |
638 | + - d/libvirt-daemon-system.libvirtd.init: removed sysV init file |
639 | + - debian/libvirt-daemon-system.maintscript: rm_conffile for virtlogd |
640 | + and lbivirtd sysV init file |
641 | + - d/p/ubuntu/avoid-restarting-virtlog-socket.patch: drop Also references |
642 | + to virtlogd/virtlockd sockets as they would imply a restart of |
643 | + virtlogd breaking it. |
644 | + - d/t/smoke-lxc: use systemd instead of sysV to restart the service |
645 | + * Added Changes: |
646 | + - Refreshed patches to match new upstream |
647 | + - d/p/Reduce-udevadm-settle-timeout-to-10-seconds.patch |
648 | + - d/p/ubuntu/ubuntu_machine_type.patch |
649 | + - d/control: Revert iptables/ebtables dependency as Eoan still is on 1.6.x |
650 | + This can be dropped once >=1.8.1 |
651 | + - d/rules: adapt iptables binary paths present in Eoan (LP: #1832297) |
652 | + This can be dropped once >=1.8.1 |
653 | + - d/p/ubuntu/dnsmasq-as-priv-user: update to include the new test |
654 | + nat-network-mtu |
655 | + - revert [c3c4cd4] drop in helper for firewalld as it is disabled on |
656 | + Ubuntu [can be squashed with the disabling of firewalld on next merge] |
657 | + - d/libvirt0.symbols: bump symbol versions for 5.4.0 |
658 | + - d/rules: add --no-restart-after-upgrade to services that are supposed to |
659 | + stay up through upgrades - this also applies to related sockets. |
660 | + * Dropped Changes (upstream) |
661 | + - d/p/ubuntu-aa/lp-1804766-*: Allow rendering node access as needed |
662 | + for the ease use of mdev and gl devices (LP: 1804766) |
663 | + - d/p/ubuntu/lp-1771662-*: fix handling of VFs without associated PF |
664 | + (LP: 1771662) |
665 | + - d/p/ubuntu/lp-1825195-*.patch: fix issues with old guests that defined |
666 | + the never functional osxsave and ospke features (LP: 1825195). |
667 | + - d/p/ubuntu-aa/lp-1829223-virt-aa-helper-allow-vhost-scsi.patch fix |
668 | + vhost-scsi hotplug in virt-aa-helper (LP: 1829223) |
669 | + - SECURITY UPDATE: Add support for md-clear functionality |
670 | + + debian/patches/ubuntu/md-clear.patch: Define md-clear CPUID bit in |
671 | + src/cpu_map/x86_features.xml. |
672 | + + CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 |
673 | + - Implement further apparmor rules for usage of gl enabled |
674 | + graphics (LP: 1815452) |
675 | + + d/p/ubuntu-aa/lp-1815452-more-gl-rules.patch |
676 | + + d/p/ubuntu-aa/lp-1815452-virt-aa-helper-rule.patch |
677 | + - Implement further apparmor rules for usage of gl enabled |
678 | + graphics with nvidia cards (LP: 1817943) |
679 | + + d/p/ubuntu-aa/lp-1817943-nvidia-gl-rules.patch |
680 | + + d/p/ubuntu-aa/lp-1817943-devices-in-sysfs.patch |
681 | + * Dropped Changes (in Debian) |
682 | + - d/rules: strip -Bsymbolic-functions from linker flags as it breaks |
683 | + libvirt tests |
684 | + |
685 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 07 Jun 2019 11:55:52 +0200 |
686 | + |
687 | +libvirt (5.3.0-1~1.gbp7b1637) UNRELEASED; urgency=medium |
688 | + |
689 | + ** SNAPSHOT build @7b1637605da9224c46ebf3a243fa725d643e7556 ** |
690 | + |
691 | + [ Guido Günther ] |
692 | + * [fb43676] d/control: Drop dh-autoreconf build-dep. |
693 | + Not needed for dh compat > 10. |
694 | + * [81d21d5] d/not-installed: Use multi-arch dirs. |
695 | + Files moved during the dh12 switch. |
696 | + * [428ad14] New upstream version 5.3.0~rc2 |
697 | + * [641e532] New upstream version 5.3.0 |
698 | + |
699 | + [ Christian Ehrhardt ] |
700 | + * [c28c3b3] d/libvirt0.install: install translations |
701 | + * [c3c4cd4] d/libvirt-daemon-system.install: drop in helper for firewalld |
702 | + * [3e8b43c] d/not-installed: ignore default files /etc/sysconfig |
703 | + * [c223d7f] d/libvirt-daemon-system.examples: ship sysctl config as example |
704 | + * [f19acf6] d/libvirt-daemon-system.install: ship libxl-sanlock.conf |
705 | + (Closes: #919484) |
706 | + |
707 | + [ Andrea Bolognani ] |
708 | + * [6a2eae3] Simplify and improve watch file. |
709 | + |
710 | + -- Guido Günther <agx@sigxcpu.org> Mon, 06 May 2019 13:06:27 +0200 |
711 | + |
712 | libvirt (5.2.0-2) experimental; urgency=medium |
713 | |
714 | [ Guido Günther ] |
715 | @@ -467,6 +1159,199 @@ libvirt (5.0.0-2) unstable; urgency=medium |
716 | |
717 | -- Guido Günther <agx@sigxcpu.org> Sun, 07 Apr 2019 12:36:21 +0200 |
718 | |
719 | +libvirt (5.0.0-1ubuntu4) eoan; urgency=medium |
720 | + |
721 | + * d/p/ubuntu/lp-1825195-*.patch: fix issues with old guests that defined |
722 | + the never functional osxsave and ospke features (LP: #1825195). |
723 | + * d/p/series: reorder ubuntu Delta |
724 | + * d/p/ubuntu-aa/lp-1815910-allow-vhost-net.patch: avoid apparmor issues |
725 | + with vhost-net/vhost-vsock/vhost-scsi hotplug (LP: #1815910) |
726 | + * d/p/ubuntu-aa/lp-1829223-virt-aa-helper-allow-vhost-scsi.patch fix |
727 | + vhost-scsi hotplug in virt-aa-helper (LP: #1829223) |
728 | + |
729 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 16 May 2019 10:42:09 +0200 |
730 | + |
731 | +libvirt (5.0.0-1ubuntu3) eoan; urgency=medium |
732 | + |
733 | + * SECURITY UPDATE: Add support for md-clear functionality |
734 | + - debian/patches/ubuntu/md-clear.patch: Define md-clear CPUID bit in |
735 | + src/cpu_map/x86_features.xml. |
736 | + - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 |
737 | + |
738 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 14 May 2019 14:48:05 -0400 |
739 | + |
740 | +libvirt (5.0.0-1ubuntu2) disco; urgency=medium |
741 | + |
742 | + * Implement further apparmor rules for usage of gl enabled |
743 | + graphics (LP: #1815452) |
744 | + - d/p/ubuntu-aa/lp-1815452-more-gl-rules.patch |
745 | + - d/p/ubuntu-aa/lp-1815452-virt-aa-helper-rule.patch |
746 | + * Implement further apparmor rules for usage of gl enabled |
747 | + graphics with nvidia cards (LP: #1817943) |
748 | + - d/p/ubuntu-aa/lp-1817943-nvidia-gl-rules.patch |
749 | + - d/p/ubuntu-aa/lp-1817943-devices-in-sysfs.patch |
750 | + * d/p/ubuntu-aa/lp-1804766-*: updated to the upstream accepted |
751 | + version (no functional change, LP: 1804766) |
752 | + |
753 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 12 Feb 2019 11:27:14 +0100 |
754 | + |
755 | +libvirt (5.0.0-1ubuntu1) disco; urgency=medium |
756 | + |
757 | + * Merged with Debian unstable |
758 | + Among many other new features and fixes this includes fixes for: |
759 | + LP: #1754871 - 1799446 zPCI passthrough support for KVM |
760 | + LP: #1811198 - remove arbitrary limit on socket_id/core_id |
761 | + Remaining changes: |
762 | + - Disable libssh2 support (universe dependency) |
763 | + - Disable firewalld support (universe dependency) |
764 | + - Set qemu-group to kvm (for compat with older ubuntu) |
765 | + - Additional apport package-hook |
766 | + - Autostart default bridged network (As upstream does, but not Debian). |
767 | + In addition to just enabling it our solution provides: |
768 | + + do not autostart if subnet is already taken (e.g. in guests). |
769 | + + iterate some alternative subnets before giving up |
770 | + - d/p/ubuntu/Allow-libvirt-group-to-access-the-socket.patch: This is |
771 | + the group based access to libvirt functions as it was used in Ubuntu |
772 | + for quite long. |
773 | + + d/p/ubuntu/daemon-augeas-fix-expected.patch fix some related tests |
774 | + due to the group access change. |
775 | + + d/libvirt-daemon-system.postinst: add users in sudo to the libvirt |
776 | + group. |
777 | + - ubuntu/parallel-shutdown.patch: set parallel shutdown by default. |
778 | + - Update Vcs-Git and Vcs-Browser fields to point to launchpad |
779 | + - Xen related |
780 | + - d/p/ubuntu/ubuntu-libxl-qemu-path.patch: this change was split. The |
781 | + section that adapts the path of the emulator to the Debian/Ubuntu |
782 | + packaging is kept. |
783 | + - d/p/ubuntu/ubuntu-libxl-Fix-up-VRAM-to-minimum-requirements.patch: auto |
784 | + set VRAM to minimum requirements |
785 | + - d/p/ubuntu/xen-default-uri.patch: set default URI on xen hosts |
786 | + - Add libxl log directory |
787 | + - libvirt-uri.sh: Automatically switch default libvirt URI for users on |
788 | + Xen dom0 via user profile (was missing on changelogs before) |
789 | + - d/p/ubuntu/apibuild-skip-libvirt-common.h: drop libvirt-common.h from |
790 | + included_files to avoid build failures due to duplicate definitions. |
791 | + - Update README.Debian with Ubuntu changes |
792 | + - Enable some additional features on ppc64el and s390x (for arch parity) |
793 | + + systemtap, zfs, numa and numad on s390x. |
794 | + + systemtap on ppc64el. |
795 | + - d/t/control, d/t/smoke-qemu-session: fixup smoke-qemu-session by making |
796 | + vmlinuz available and accessible (Debian bug 848314) |
797 | + - d/t/control, d/t/smoke-lxc: fix up lxc smoke test isolation |
798 | + - d/p/ubuntu/ubuntu_machine_type.patch: accept ubuntu types as pci440fx |
799 | + - Further upstreamed apparmor Delta, especially any new one |
800 | + Our former delta is split into logical pieces and is either Ubuntu only |
801 | + or is part of a continuous upstreaming effort. |
802 | + Listing related remaining changes in debian/patches/ubuntu-aa/: |
803 | + + 0001-apparmor-Allow-pygrub-to-run-on-Debian-Ubuntu.patch: apparmor: |
804 | + Allow pygrub to run on Debian/Ubuntu |
805 | + + 0003-apparmor-libvirt-qemu-Allow-read-access-to-overcommi.patch: |
806 | + apparmor, libvirt-qemu: Allow read access to overcommit_memory |
807 | + + 0007-apparmor-libvirt-qemu-Allow-owner-read-access-to-PRO.patch: |
808 | + apparmor, libvirt-qemu: Allow owner read access to @{PROC}/*/auxv |
809 | + + 0017-apparmor-virt-aa-helper-Allow-access-to-tmp-director.patch: |
810 | + apparmor, virt-aa-helper: Allow access to tmp directories |
811 | + + ubuntu-aa/0020-virt-aa-helper-ubuntu-storage-paths.patch: |
812 | + apparmor, virt-aa-helper: Allow various storage pools and image |
813 | + locations |
814 | + + 0021-apparmor-virt-aa-helper-Add-openvswitch-support.patch: |
815 | + apparmor, virt-aa-helper: Add openvswitch support |
816 | + + 0029-appmor-libvirt-qemu-Add-9p-support.patch: appmor, |
817 | + libvirt-qemu: Add 9p support |
818 | + + 0030-virt-aa-helper-Complete-9p-support.patch: virt-aa-helper: |
819 | + add l to 9p file options. |
820 | + + 0031-virt-aa-helper-Ask-for-no-deny-rule-for-readonly-dis.patch: |
821 | + virt-aa-helper: Ask for no deny rule for readonly disk (renamed and |
822 | + reworded, was virt-aa-helper-no-explicity-deny-for-basefiles.patch) |
823 | + + 0032-apparmor-libvirt-qemu-Allow-reading-charm-specific-c.patch: |
824 | + apparmor, libvirt-qemu: Allow reading charm-specific ceph config |
825 | + + 0033-UBUNTU-only-apparmor-for-kvm.powerpc-LP-1680384.patch: allow |
826 | + commands executed by ubuntu only kvm wrapper on ppc64el |
827 | + (LP 1686621 LP 1680384 LP 1784023) |
828 | + + 0034-apparmor-virt-aa-helper-access-for-snapped-nova.patch: |
829 | + apparmor, virt-aa-helper: access for snapped nova |
830 | + + d/p/ubuntu-aa/0050-local-include-for-libvirt-qemu.patch, |
831 | + d/libvirt-daemon-system.postinst: provide a local apparmor include |
832 | + for abstraction/libvirt-qemu (LP: 1786019) |
833 | + - d/rules: enable build time self tests on all architectures |
834 | + - dnsmasq related enhancements |
835 | + + run dnsmasq as libvirt-dnsmasq (LP: 1743718) |
836 | + + d/libvirt-daemon-system.postinst: add libvirt-dnsmasq user and group |
837 | + + d/libvirt-daemon-system.postrm: remove libvirt-dnsmasq user and group on |
838 | + purge |
839 | + + d/p/ubuntu/dnsmasq-as-priv-user: write dnsmasq config with user |
840 | + libvirt-dnsmasq and adapt the self tests to expect that config |
841 | + + d/libvirt-daemon-system.postinst: fix old libvirt-dnsmasq users group |
842 | + + Add dnsmasq configuration to work with system wide dnsmasq-base |
843 | + - debian/rules: disable the netcf backend. (LP: 1764314) |
844 | + - debian/control: drop libnetcf from Build-Depends. |
845 | + - debian/patches/ubuntu/ovmf_paths.patch: adjust paths to secboot.fd UEFI |
846 | + Secure Boot enabled variants of the OVMF firmware and variable store for |
847 | + the paths where we ship these files in Ubuntu. |
848 | + - d/rules: install virtlockd correctly with defaults file (LP: 1729516) |
849 | + - avoid service dependency issues on upgrade (LP: 1786179) |
850 | + This will in the long term be resolved in dh_* tools, but to let an |
851 | + upgrade work for now we need to drop the sysV scripts (which we don't |
852 | + use anyway) and slightly modify the systemd service to work with todays |
853 | + dh_systemd_start properly. Can be dropped once Debian bug 905772 is |
854 | + resolved in dh_* tools and libvirt uses those new code. |
855 | + - d/libvirt-daemon-system.virtlogd.init: removed sysV init file |
856 | + - d/libvirt-daemon-system.libvirtd.init: removed sysV init file |
857 | + - debian/libvirt-daemon-system.maintscript: rm_conffile for virtlogd |
858 | + and lbivirtd sysV init file |
859 | + - d/p/ubuntu/avoid-restarting-virtlog-socket.patch: drop Also references |
860 | + to virtlogd/virtlockd sockets as they would imply a restart of |
861 | + virtlogd breaking it. |
862 | + - d/t/smoke-lxc: use systemd instead of sysV to restart the service |
863 | + * Added Changes: |
864 | + - Refresh d/p/ubuntu/ubuntu-libxl-qemu-path.patch for new context |
865 | + - d/rules: also check build time self test results on all architectures |
866 | + - d/rules: strip -Bsymbolic-functions from linker flags as it breaks |
867 | + libvirt tests |
868 | + - d/p/ubuntu/set-default-machine-to-ubuntu.patch: to select default |
869 | + machine type correctly with newer qemu/libvirt |
870 | + - d/p/ubuntu-aa/lp-1804766-*: Allow rendering node access as needed |
871 | + for the ease use of mdev and gl devices (LP: #1804766) |
872 | + - refreshed d/p/ubuntu-aa for updated paths in libvirt 5.0 |
873 | + - d/t/control: fix smoke-qemu-session by ensuring the service will run |
874 | + installing libvirt-daemon-system |
875 | + - d/t/smoke-lxc: fix smoke-lxc by ignoring potential issues on destroy as |
876 | + long as the following undefine succeeds |
877 | + - d/p/ubuntu/lp-1771662-*: fix handling of VFs without associated PF |
878 | + (LP: #1771662) |
879 | + * Dropped Changes (upstream) |
880 | + - debian/patches/ubuntu/lp1787405-*: Support guest dedicated Crypto |
881 | + Adapters on s390x (LP: 1787405) |
882 | + - d/p/ubuntu/lp-1802727-netdevbridge-fall-back-to-ioctl-from-sysfs.patch: |
883 | + fix libvirt bridge handling in unprivileged containers (LP: 1802906) |
884 | + - d/p/ubuntu-aa/lp-1788603-fix-ptrace-rules-with-kernel-4.18.patch: |
885 | + avoid issues with newer kernels >=4.18 (LP: 1788603) |
886 | + - Fix an issue where guests with plenty of hostdevs attached where detected |
887 | + as not shut down due to the kernel needing more time to free up |
888 | + resources (LP: 1788226) |
889 | + - d/p/ubuntu/lp-1788226-wait-longer-5-30s-on-hard-shutdown.patch |
890 | + - d/p/ubuntu/lp-1788226-wait-longer-on-kill-per-assigned-Hostdev.patch |
891 | + - 0025-apparmor-fix-newer-virt-manager-1.4.0.patch: Add Apparmor |
892 | + permissions so virt-manager 1.4.0 viewing works (LP 1668681 1747442). |
893 | + - 0040-apparmor-add-mediation-rules-for-unconfined.patch: |
894 | + apparmor: add mediation rules for unconfined guests |
895 | + - d/p/ubuntu-aa/0051-allow-user-tmp.patch: some features need tmp, but we |
896 | + don't want blanket access. We only allow enumerating the base dir and |
897 | + reading owned files. Further features needing /tmp have to add local |
898 | + overrides, examples are qemu-smb and some modes of local snapshots. |
899 | + (LP: 1365261) Can be dropped >=libvirt 4.7 |
900 | + - d/p/ubuntu-aa/0052-allow-to-preserve-dev-mountpoints.patch: Allow to |
901 | + preserve /dev mountpoints in qemu namespaces (LP: 1786168) |
902 | + Can be dropped >=libvirt 4.7 |
903 | + - d/p/ubuntu/enable-kvm-spice.patch: compat with older Ubuntu qemu/kvm |
904 | + which provided a separate kvm-spice. Upstream completely dropped |
905 | + alternative types and kvm-spice is a symlink for quite some time. |
906 | + Builtin expected binaries work, so drop this delta. |
907 | + * Dropped Changes (in Debian) |
908 | + - Convert libvirt0, libnss_libvirt and libvirt-dev to multi-arch. |
909 | + |
910 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 08 Jan 2019 13:09:31 +0100 |
911 | + |
912 | libvirt (5.0.0-1) unstable; urgency=medium |
913 | |
914 | * [7346f30] New upstream version 5.0.0 |
915 | @@ -526,6 +1411,297 @@ libvirt (4.7.0-1) unstable; urgency=medium |
916 | |
917 | -- Guido Günther <agx@sigxcpu.org> Sun, 09 Sep 2018 21:42:33 +0200 |
918 | |
919 | +libvirt (4.6.0-2ubuntu6) disco; urgency=medium |
920 | + |
921 | + * No-change rebuild for readline soname change. |
922 | + |
923 | + -- Matthias Klose <doko@ubuntu.com> Tue, 15 Jan 2019 10:26:04 +0000 |
924 | + |
925 | +libvirt (4.6.0-2ubuntu5) disco; urgency=medium |
926 | + |
927 | + * d/p/ubuntu/lp1787405-0008-qemu-mdev-Use-vfio-pci-display-property-only |
928 | + -with-vf.patch: fix handling of non PCI vfio display propery (part |
929 | + of LP: #1787405) |
930 | + |
931 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 06 Dec 2018 09:20:39 +0100 |
932 | + |
933 | +libvirt (4.6.0-2ubuntu4) disco; urgency=medium |
934 | + |
935 | + * debian/patches/ubuntu/lp1787405-*: Support guest dedicated Crypto |
936 | + Adapters on s390x (LP: #1787405) |
937 | + * d/p/ubuntu/lp-1802727-netdevbridge-fall-back-to-ioctl-from-sysfs.patch: |
938 | + fix libvirt bridge handling in unprivileged containers (LP: #1802906) |
939 | + |
940 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 09 Nov 2018 07:42:01 +0100 |
941 | + |
942 | +libvirt (4.6.0-2ubuntu3) cosmic; urgency=medium |
943 | + |
944 | + * d/p/ubuntu-aa/lp-1788603-fix-ptrace-rules-with-kernel-4.18.patch: |
945 | + avoid issues with newer kernels >=4.18 (LP: #1788603) |
946 | + |
947 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 27 Aug 2018 10:57:57 +0200 |
948 | + |
949 | +libvirt (4.6.0-2ubuntu2) cosmic; urgency=medium |
950 | + |
951 | + * Fix an issue where guests with plenty of hostdevs attached where detected |
952 | + as not shut down due to the kernel needing more time to free up |
953 | + resources (LP: #1788226) |
954 | + - d/p/ubuntu/lp-1788226-wait-longer-5-30s-on-hard-shutdown.patch |
955 | + - d/p/ubuntu/lp-1788226-wait-longer-on-kill-per-assigned-Hostdev.patch |
956 | + |
957 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 21 Aug 2018 17:51:43 +0200 |
958 | + |
959 | +libvirt (4.6.0-2ubuntu1) cosmic; urgency=medium |
960 | + |
961 | + * Merged with Debian unstable (LP: #1786957). |
962 | + Among many other new features and fixes this includes fixes |
963 | + for (LP: #1754871), Remaining changes: |
964 | + - Disable libssh2 support (universe dependency) |
965 | + - Disable firewalld support (universe dependency) |
966 | + - Set qemu-group to kvm (for compat with older ubuntu) |
967 | + - Additional apport package-hook |
968 | + - Autostart default bridged network (As upstream does, but not Debian). |
969 | + In addition to just enabling it our solution provides: |
970 | + + do not autostart if subnet is already taken (e.g. in guests). |
971 | + + iterate some alternative subnets before giving up |
972 | + - d/p/ubuntu/Allow-libvirt-group-to-access-the-socket.patch: This is |
973 | + the group based access to libvirt functions as it was used in Ubuntu |
974 | + for quite long. |
975 | + + d/p/ubuntu/daemon-augeas-fix-expected.patch fix some related tests |
976 | + due to the group access change. |
977 | + + d/libvirt-daemon-system.postinst: add users in sudo to the libvirt |
978 | + group. |
979 | + - ubuntu/parallel-shutdown.patch: set parallel shutdown by default. |
980 | + - d/p/ubuntu/enable-kvm-spice.patch: compat with older Ubuntu qemu/kvm |
981 | + which provided a separate kvm-spice. |
982 | + - Xen related |
983 | + - d/p/ubuntu/ubuntu-libxl-qemu-path.patch: this change was split. The |
984 | + section that adapts the path of the emulator to the Debian/Ubuntu |
985 | + packaging is kept. |
986 | + - d/p/ubuntu/ubuntu-libxl-Fix-up-VRAM-to-minimum-requirements.patch: auto |
987 | + set VRAM to minimum requirements |
988 | + - d/p/ubuntu/xen-default-uri.patch: set default URI on xen hosts |
989 | + - Add libxl log directory |
990 | + - libvirt-uri.sh: Automatically switch default libvirt URI for users on |
991 | + Xen dom0 via user profile (was missing on changelogs before) |
992 | + - d/p/ubuntu/apibuild-skip-libvirt-common.h: drop libvirt-common.h from |
993 | + included_files to avoid build failures due to duplicate definitions. |
994 | + - Update README.Debian with Ubuntu changes |
995 | + - Convert libvirt0, libnss_libvirt and libvirt-dev to multi-arch. |
996 | + - Enable some additional features on ppc64el and s390x (for arch parity) |
997 | + + systemtap, zfs, numa and numad on s390x. |
998 | + + systemtap on ppc64el. |
999 | + - d/t/control, d/t/smoke-qemu-session: fixup smoke-qemu-session by making |
1000 | + vmlinuz available and accessible (Debian bug 848314) |
1001 | + - d/t/control, d/t/smoke-lxc: fix up lxc smoke test isolation |
1002 | + - Add dnsmasq configuration to work with system wide dnsmasq (drop >18.04, |
1003 | + no more UCA onto Xenial then which has global dnsmasq by default). |
1004 | + - d/p/ubuntu/ubuntu_machine_type.patch: accept ubuntu types as pci440fx |
1005 | + - Further upstreamed apparmor Delta, especially any new one |
1006 | + Our former delta is split into logical pieces and is either Ubuntu only |
1007 | + or is part of a continuous upstreaming effort. |
1008 | + Listing related remaining changes in debian/patches/ubuntu-aa/: |
1009 | + + 0001-apparmor-Allow-pygrub-to-run-on-Debian-Ubuntu.patch: apparmor: |
1010 | + Allow pygrub to run on Debian/Ubuntu |
1011 | + + 0003-apparmor-libvirt-qemu-Allow-read-access-to-overcommi.patch: |
1012 | + apparmor, libvirt-qemu: Allow read access to overcommit_memory |
1013 | + + 0007-apparmor-libvirt-qemu-Allow-owner-read-access-to-PRO.patch: |
1014 | + apparmor, libvirt-qemu: Allow owner read access to @{PROC}/*/auxv |
1015 | + + 0017-apparmor-virt-aa-helper-Allow-access-to-tmp-director.patch: |
1016 | + apparmor, virt-aa-helper: Allow access to tmp directories |
1017 | + + ubuntu-aa/0020-virt-aa-helper-ubuntu-storage-paths.patch: |
1018 | + apparmor, virt-aa-helper: Allow various storage pools and image |
1019 | + locations |
1020 | + + 0021-apparmor-virt-aa-helper-Add-openvswitch-support.patch: |
1021 | + apparmor, virt-aa-helper: Add openvswitch support |
1022 | + + 0025-apparmor-fix-newer-virt-manager-1.4.0.patch: Add Apparmor |
1023 | + permissions so virt-manager 1.4.0 viewing works (LP 1668681 1747442). |
1024 | + Can be dropped >=libvirt 4.7 |
1025 | + + 0029-appmor-libvirt-qemu-Add-9p-support.patch: appmor, |
1026 | + libvirt-qemu: Add 9p support |
1027 | + + 0030-virt-aa-helper-Complete-9p-support.patch: virt-aa-helper: |
1028 | + add l to 9p file options. |
1029 | + + 0031-virt-aa-helper-Ask-for-no-deny-rule-for-readonly-dis.patch: |
1030 | + virt-aa-helper: Ask for no deny rule for readonly disk (renamed and |
1031 | + reworded, was virt-aa-helper-no-explicity-deny-for-basefiles.patch) |
1032 | + + 0032-apparmor-libvirt-qemu-Allow-reading-charm-specific-c.patch: |
1033 | + apparmor, libvirt-qemu: Allow reading charm-specific ceph config |
1034 | + + 0033-UBUNTU-only-apparmor-for-kvm.powerpc-LP-1680384.patch: allow |
1035 | + commands executed by ubuntu only kvm wrapper on ppc64el |
1036 | + (LP 1686621 & LP 1680384). |
1037 | + + 0034-apparmor-virt-aa-helper-access-for-snapped-nova.patch: |
1038 | + apparmor, virt-aa-helper: access for snapped nova |
1039 | + + 0040-apparmor-add-mediation-rules-for-unconfined.patch: |
1040 | + apparmor: add mediation rules for unconfined guests |
1041 | + Can be dropped >=libvirt 4.7 |
1042 | + - d/rules: enable build time self tests on all architectures |
1043 | + - run dnsmasq as libvirt-dnsmasq (LP: 1743718) |
1044 | + + d/libvirt-daemon-system.postinst: add libvirt-dnsmasq user and group |
1045 | + + d/libvirt-daemon-system.postrm: remove libvirt-dnsmasq user and group on |
1046 | + purge |
1047 | + + d/p/ubuntu/dnsmasq-as-priv-user: write dnsmas config with user |
1048 | + libvirt-dnsmasq and adapt the self tests to expect that config |
1049 | + + d/libvirt-daemon-system.postinst: fix old libvirt-dnsmasq users |
1050 | + - debian/rules: disable the netcf backend. (LP: 1764314) |
1051 | + - debian/control: drop libnetcf from Build-Depends. |
1052 | + - ddebian/patches/ubuntu/ovmf_paths.patch: adjust paths to secboot.fd UEFI |
1053 | + Secure Boot enabled variants of the OVMF firmware and variable store for |
1054 | + the paths where we ship these files in Ubuntu. |
1055 | + - d/rules: install virtlockd correctly with defaults file (LP: 1729516) |
1056 | + * Added Changes |
1057 | + - 0032-apparmor-libvirt-qemu-Allow-reading-charm-specific-c.patch: |
1058 | + updated to take care of no more silencing and thereby hiding denials |
1059 | + (LP 1719579 is an example) |
1060 | + - 0032-apparmor-libvirt-qemu-Allow-reading-charm-specific-c.patch: |
1061 | + updated to also allow the optionally placed ceph asok file (LP: #1779674) |
1062 | + - 0033-UBUNTU-only-apparmor-for-kvm.powerpc-LP-1680384.patch: prepare |
1063 | + profile for usrmerge (LP: #1784023) |
1064 | + - Finalize the libvirt-bin -> libvirt-* transition in the apport |
1065 | + package-hook. |
1066 | + - d/p/ubuntu-aa/0050-local-include-for-libvirt-qemu.patch, |
1067 | + d/libvirt-daemon-system.postinst: provide a local apparmor include |
1068 | + for abstraction/libvirt-qemu (LP: #1786019) |
1069 | + - d/p/ubuntu-aa/0051-allow-user-tmp.patch: some features need tmp, but we |
1070 | + don't want blanket access. We only allow enumerating the base dir and |
1071 | + reading owned files. Further features needing /tmp have to add local |
1072 | + overrides, examples are qemu-smb and some modes of local snapshots. |
1073 | + (LP: #1365261) Can be dropped >=libvirt 4.7 |
1074 | + - d/p/ubuntu-aa/0052-allow-to-preserve-dev-mountpoints.patch: Allow to |
1075 | + preserve /dev mountpoints in qemu namespaces (LP: #1786168) |
1076 | + Can be dropped >=libvirt 4.7 |
1077 | + - avoid service dependency issues on upgrade (LP: #1786179) |
1078 | + This will in the long term be resolved in dh_* tools, but to let an |
1079 | + upgrade work for now we need to drop the sysV scripts (which we don't |
1080 | + use anyway) and slightly modify the systemd service to work with todays |
1081 | + dh_systemd_start properly. Can be dropped once Debian bug 905772 is |
1082 | + resolved in dh_* tools and libvirt uses those new code. |
1083 | + - d/libvirt-daemon-system.virtlogd.init: removed sysV init file |
1084 | + - d/libvirt-daemon-system.libvirtd.init: removed sysV init file |
1085 | + - debian/libvirt-daemon-system.maintscript: rm_conffile for virtlogd |
1086 | + and lbivirtd sysV init file |
1087 | + - d/p/ubuntu/avoid-restarting-virtlog-socket.patch: drop Also references |
1088 | + to virtlogd/virtlockd sockets as they would imply a restart of |
1089 | + virtlogd breaking it. |
1090 | + - d/t/smoke-lxc: use systemd instead of sysV to restart the service |
1091 | + * Dropped Changes (upstream) |
1092 | + - d/p/ubuntu/virt-aa-helper-Set-the-supported-features.patch: allow parsing |
1093 | + of memory slots and other extended features without breaking |
1094 | + virt-aa-helper (LP: 1746431). |
1095 | + - d/p/stable/0001-Revert-qemu-monitor-do-not-report-error-on-shutdown.patch |
1096 | + - d/p/stable/0002-nodedev-Fix-failing-to-parse-PCI-address-for-non-PCI.patch |
1097 | + - d/p/stable/0003-qemu-assign-correct-type-of-PCI-address-for-vhost-sc.patch |
1098 | + - d/p/stable/0004-qemu-Refresh-caps-cache-after-booting-a-different-ke.patch |
1099 | + - d/p/stable/0005-qemu-auto-add-generic-xhci-rather-than-NEC-xhci-to-Q.patch |
1100 | + - d/p/stable/0006-libvirtd-Explicit-dependency-on-systemd-machined.patch |
1101 | + - d/p/stable/0007-rpc-fix-race-sending-and-encoding-sasl-data.patch |
1102 | + - d/p/stable/0008-vhost-user-add-support-reconnect-for-vhost-user-port.patch |
1103 | + - d/p/stable/0009-qemu-Fix-memory-leak-in-processGuestPanicEvent.patch |
1104 | + - d/p/stable/0010-storage-util-Properly-ignore-errors-when-backing-vol.patch |
1105 | + - d/p/stable/0011-conf-Use-correct-attribute-name-in-error-message.patch |
1106 | + - d/p/stable/0012-util-json-Add-helper-to-return-string-or-number-prop.patch |
1107 | + - d/p/stable/0013-util-storage-Parse-lun-for-iSCSI-protocol-from-JSON-.patch |
1108 | + - d/p/stable/0014-virsh-Offer-only-persistent-domains-for-autostart.patch |
1109 | + - d/p/stable/0015-blockjob-Fix-a-error-checking-of-blockjob-status-in-.patch |
1110 | + - d/p/stable/0016-qemu-Expose-rx-tx_queue_size-in-qemu.conf-too.patch |
1111 | + - d/p/stable/0017-qemu-migration-Refresh-device-information-after-tran.patch |
1112 | + - d/p/stable/0018-qemuDomainRemoveMemoryDevice-unlink-memory-backing-f.patch |
1113 | + - d/p/stable/0019-vbox-fix-SEGV-during-dumpxml-of-a-serial-port.patch |
1114 | + - d/p/stable/0020-qemu-Initialize-priv-in-qemuDomainCoreDumpWithFormat.patch |
1115 | + - d/p/stable/0021-fix-regex-to-check-CN-from-server-certificate.patch |
1116 | + - d/p/stable/0022-storage-Fix-formatting-and-parsing-of-qemu-type-Unix.patch |
1117 | + - d/p/stable/0023-util-storage-Remove-detected-authentication-data-for.patch |
1118 | + - d/p/stable/0024-qemu-blockcopy-Add-check-for-bandwidth.patch |
1119 | + - d/p/stable/0025-conf-move-generated-member-from-virMacAddr-to-virDom.patch |
1120 | + - d/p/stable/0026-lxc-Drop-useless-check-in-live-device-update.patch |
1121 | + - d/p/stable/0027-Pass-oldDev-to-virDomainDefCompatibleDevice-on-devic.patch |
1122 | + - d/p/stable/0028-qemu-Fix-updating-device-with-boot-order.patch |
1123 | + - d/p/stable/0030-daemon-fix-rpc-event-leak-on-error-path-in-remoteDis.patch |
1124 | + - d/p/stable/0029-lxc-fix-rpc-event-leak-on-error-path-in-virLXCContro.patch |
1125 | + - d/p/stable/0031-qemu-fix-memory-leak-of-vporttype-during-migration.patch |
1126 | + - d/p/stable/0032-virsh-fixing-segfault-by-pool-autocompleter-function.patch |
1127 | + - d/p/stable/0033-qemu-Fix-comparison-assignment-in-qemuDomainUpdateDe.patch |
1128 | + - d/p/stable/0034-qemu-Fix-memory-leak-in-qemuConnectGetAllDomainStats.patch |
1129 | + - d/p/stable/0035-libvirtd-fix-potential-deadlock-when-reloading.patch |
1130 | + - d/p/stable/0036-qemu-Use-correct-bus-type-for-input-devices.patch |
1131 | + - d/p/stable/0037-qemu-hostdev-Fix-the-error-on-VM-start-with-an-mdev-.patch |
1132 | + - d/p/stable/0038-conf-Fix-crash-in-virDomainDefCompatibleDevice.patch |
1133 | + - d/p/ubuntu/lp1688508-tools-avoid-text-spilling-into-variables.patch: |
1134 | + avoid hanging on shutdown (LP: 1688508) |
1135 | + - d/p/ubuntu-aa/0041-apparmor-add-ro-rule-for-sasl-GSSAPI- |
1136 | + plugin-on-etc-g.patch fix issues if sasl is configured (LP: 1696471) |
1137 | + - d/p/ubuntu-aa/0042-virt-aa-helper-resolve-yet-to-be-created-paths.patch |
1138 | + ensure symlinks are resolved to get valid rules if interim parts of a path |
1139 | + are a symlink (LP: 1752361) |
1140 | + - d/p/ubuntu/lp1688508-tools-fix-variable-scope-in-in-check_guests_shutdown: |
1141 | + avoid issues shutting down more guests than configured for parallel |
1142 | + shutdown (LP: 1688508) |
1143 | + - d/p/ubuntu-aa/lp1756394-virt-aa-helper-resolve-file-symlinks.patch: fix |
1144 | + using devices that are symlinks (LP: 1756394) |
1145 | + - Fix nvdimm memory and passthrough input devices for hotplug via |
1146 | + domain security callbacks backporting upstream commits (LP: 1755153). |
1147 | + + d/p/ubuntu-aa/lp1755153-apparmor-add-Set-Restore-InputLabel.patch |
1148 | + + d/p/ubuntu-aa/lp1755153-apparmor-add-Set-Restore-MemoryLabel.patch |
1149 | + - Fix nvdimm memory and passthrough input devices in initial guest |
1150 | + description via virt-aa-helper (LP: 1757085). |
1151 | + + d/p/ubuntu-aa/lp1757085-virt-aa-helper-nvdimm-memory.patch |
1152 | + + d/p/ubuntu-aa/lp1757085-virt-aa-helper-passthrough-input.patch |
1153 | + - Fix clean shut down of guests on system shutdown (LP: 1764668) |
1154 | + + d/p/ubuntu/lp-1764668-do-not-report-unknown-guests.patch |
1155 | + + d/p/ubuntu/lp-1764668-fix-check_guests_shutdown-loop.patch |
1156 | + - SECURITY UPDATE: QEMU monitor DoS |
1157 | + + debian/patches/CVE-2018-1064.patch: add size limit to |
1158 | + src/qemu/qemu_agent.c. |
1159 | + + CVE-2018-1064 |
1160 | + - SECURITY UPDATE: Speculative Store Bypass |
1161 | + + debian/patches/CVE-2018-3639-1.patch: define the 'ssbd' CPUID feature |
1162 | + bit in src/cpu/cpu_map.xml. |
1163 | + + debian/patches/CVE-2018-3639-2.patch: define the 'virt-ssbd' CPUID |
1164 | + feature bit in src/cpu/cpu_map.xml. |
1165 | + + CVE-2018-3639 |
1166 | + - d/p/ubuntu-aa/lp1775777-vfio-usage-without-initial-hostdev.patch: fix |
1167 | + hotplug use cases where the initial guest had no hostdev at all and |
1168 | + therefore vrit-aa-helper did not allow /dev/vfio/vfio (LP: 1775777) |
1169 | + - debian/patches/ubuntu/lp-1758037-nwfilter-increase-pcap-buffer-size.patch: |
1170 | + Fix nwfilters that set CTRL_IP_LEARNING set to dhcp failing with "An error |
1171 | + occurred, but the cause is unknown" due to a buffer being too small |
1172 | + for pcap with TPACKET_V3 enabled (LP: 1758037) |
1173 | + - SECURITY UPDATE: code injection via libnss_dns.so |
1174 | + + debian/patches/CVE-2018-6764-1.patch: determine the hostname on |
1175 | + startup in src/util/virlog.c. |
1176 | + + debian/patches/CVE-2018-6764-2.patch: fix syntax-check in |
1177 | + src/util/virlog.c. |
1178 | + + debian/patches/CVE-2018-6764-3.patch: fix deadlock obtaining hostname |
1179 | + in cfg.mk, src/util/virlog.c. |
1180 | + + CVE-2018-6764 |
1181 | + * Dropped Changes (no upgrade path left that needs those) |
1182 | + - Backwards compatible handling of group rename (can be dropped >18.04). |
1183 | + - Modifications to adapt for our delayed switch away from libvirt-bin (can |
1184 | + be dropped >18.04). |
1185 | + + d/p/ubuntu/libvirtd-service-add-bin-alias.patch: systemd: define alias |
1186 | + to old service name so that old references work |
1187 | + + d/p/ubuntu/libvirtd-init-add-bin-alias.patch: sysv init: define alias |
1188 | + to old service name so that old references work |
1189 | + + d/control: transitional package with the old name and maintainer |
1190 | + scripts to handle the transition |
1191 | + - fix conffile upgrade handling to avoid obsolete files |
1192 | + and inactive duplicates (LP 1694159) |
1193 | + - conffile handling of files dropped in 3.5 (can be dropped >18.04) |
1194 | + + /etc/init.d/virtlockd was sysv init only |
1195 | + + /etc/apparmor.d/local/usr.sbin.libvirtd and |
1196 | + /etc/apparmor.d/local/usr.lib.libvirt.virt-aa-helper are now generated |
1197 | + by dh_apparmor as needed |
1198 | + - d/libvirt-daemon-system.maintscript: remove the now dropped conffile |
1199 | + /etc/cron.daily/libvirt-daemon-system |
1200 | + * Dropped Changes (cleanups) |
1201 | + - d/test/smoke-lxc workaround for debbug 848317/867379 (systemd has fixed |
1202 | + one issue and the other is solved in libvirt by ensuring to move to the |
1203 | + right cgroups.) |
1204 | + - remove no more used libvirt-dnsmasq user (this was redundant since |
1205 | + 4.0.0-1ubuntu5 reintroduced a libvirt-dnsmasq user) |
1206 | + - Disable selinux (now in main) |
1207 | + |
1208 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Sat, 18 Aug 2018 14:40:58 +0200 |
1209 | + |
1210 | libvirt (4.6.0-2) unstable; urgency=medium |
1211 | |
1212 | * [c33faee] Drop dwarves dependency. |
1213 | @@ -643,6 +1819,399 @@ libvirt (4.0.0-2) unstable; urgency=medium |
1214 | |
1215 | -- Guido Günther <agx@sigxcpu.org> Thu, 08 Feb 2018 19:29:59 +0100 |
1216 | |
1217 | +libvirt (4.0.0-1ubuntu13) cosmic; urgency=medium |
1218 | + |
1219 | + * ddebian/patches/ubuntu/ovmf_paths.patch: adjust paths to secboot.fd UEFI |
1220 | + Secure Boot enabled variants of the OVMF firmware and variable store for |
1221 | + the paths where we ship these files in Ubuntu. |
1222 | + |
1223 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Wed, 27 Jun 2018 11:16:23 -0400 |
1224 | + |
1225 | +libvirt (4.0.0-1ubuntu12) cosmic; urgency=medium |
1226 | + |
1227 | + * d/p/ubuntu-aa/lp1775777-vfio-usage-without-initial-hostdev.patch: fix |
1228 | + hotplug use cases where the initial guest had no hostdev at all and |
1229 | + therefore vrit-aa-helper did not allow /dev/vfio/vfio (LP: #1775777) |
1230 | + |
1231 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 12 Jun 2018 16:24:01 +0200 |
1232 | + |
1233 | +libvirt (4.0.0-1ubuntu11) cosmic; urgency=medium |
1234 | + |
1235 | + * SECURITY UPDATE: QEMU monitor DoS |
1236 | + - debian/patches/CVE-2018-1064.patch: add size limit to |
1237 | + src/qemu/qemu_agent.c. |
1238 | + - CVE-2018-1064 |
1239 | + * SECURITY UPDATE: Speculative Store Bypass |
1240 | + - debian/patches/CVE-2018-3639-1.patch: define the 'ssbd' CPUID feature |
1241 | + bit in src/cpu/cpu_map.xml. |
1242 | + - debian/patches/CVE-2018-3639-2.patch: define the 'virt-ssbd' CPUID |
1243 | + feature bit in src/cpu/cpu_map.xml. |
1244 | + - CVE-2018-3639 |
1245 | + |
1246 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 22 May 2018 10:55:56 -0400 |
1247 | + |
1248 | +libvirt (4.0.0-1ubuntu10) cosmic; urgency=medium |
1249 | + |
1250 | + * Fix nwfilters that set CTRL_IP_LEARNING set to dhcp failing with "An error |
1251 | + occurred, but the cause is unknown" due to a buffer being too small |
1252 | + for pcap with TPACKET_V3 enabled (LP: #1758037) |
1253 | + - debian/patches/ubuntu/lp-1758037-nwfilter-increase-pcap-buffer-size.patch |
1254 | + |
1255 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 09 May 2018 17:07:59 +0200 |
1256 | + |
1257 | +libvirt (4.0.0-1ubuntu9) cosmic; urgency=medium |
1258 | + |
1259 | + * debian/rules: disable the netcf backend. (LP: #1764314) |
1260 | + * debian/control: drop libnetcf from Build-Depends. |
1261 | + |
1262 | + -- Mathieu Trudel-Lapierre <cyphermox@ubuntu.com> Wed, 09 May 2018 10:06:15 -0400 |
1263 | + |
1264 | +libvirt (4.0.0-1ubuntu8) bionic; urgency=medium |
1265 | + |
1266 | + * Fix clean shut down of guests on system shutdown (LP: #1764668) |
1267 | + - d/p/ubuntu/lp-1764668-do-not-report-unknown-guests.patch |
1268 | + - d/p/ubuntu/lp-1764668-fix-check_guests_shutdown-loop.patch |
1269 | + |
1270 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 24 Apr 2018 11:09:48 +0200 |
1271 | + |
1272 | +libvirt (4.0.0-1ubuntu7) bionic; urgency=medium |
1273 | + |
1274 | + * Fix nvdimm memory and passthrough input devices for hotplug via |
1275 | + domain security callbacks backporting upstream commits (LP: #1755153). |
1276 | + - d/p/ubuntu-aa/lp1755153-apparmor-add-Set-Restore-InputLabel.patch |
1277 | + - d/p/ubuntu-aa/lp1755153-apparmor-add-Set-Restore-MemoryLabel.patch |
1278 | + * Fix nvdimm memory and passthrough input devices in initial guest |
1279 | + description via virt-aa-helper (LP: #1757085). |
1280 | + - d/p/ubuntu-aa/lp1757085-virt-aa-helper-nvdimm-memory.patch |
1281 | + - d/p/ubuntu-aa/lp1757085-virt-aa-helper-passthrough-input.patch |
1282 | + |
1283 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 21 Mar 2018 08:30:47 +0100 |
1284 | + |
1285 | +libvirt (4.0.0-1ubuntu6) bionic; urgency=medium |
1286 | + |
1287 | + * Backport from recent upstream to stabilize libvirt (LP: #1756915) |
1288 | + - d/p/stable/0033-qemu-Fix-comparison-assignment-in-qemuDomainUpdateDe.patch |
1289 | + - d/p/stable/0034-qemu-Fix-memory-leak-in-qemuConnectGetAllDomainStats.patch |
1290 | + - d/p/stable/0035-libvirtd-fix-potential-deadlock-when-reloading.patch |
1291 | + - d/p/stable/0036-qemu-Use-correct-bus-type-for-input-devices.patch |
1292 | + - d/p/stable/0037-qemu-hostdev-Fix-the-error-on-VM-start-with-an-mdev-.patch |
1293 | + - d/p/stable/0038-conf-Fix-crash-in-virDomainDefCompatibleDevice.patch |
1294 | + * d/p/ubuntu/lp1688508-tools-fix-variable-scope-in-in-check_guests_shutdown: |
1295 | + avoid issues shutting down more guests than configured for parallel |
1296 | + shutdown (LP: #1688508) |
1297 | + * d/p/ubuntu-aa/lp1756394-virt-aa-helper-resolve-file-symlinks.patch: fix |
1298 | + using devices that are symlinks (LP: #1756394) |
1299 | + |
1300 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 19 Mar 2018 14:57:08 +0100 |
1301 | + |
1302 | +libvirt (4.0.0-1ubuntu5) bionic; urgency=medium |
1303 | + |
1304 | + * run dnsmasq as libvirt-dnsmasq (LP: #1743718) |
1305 | + - d/libvirt-daemon-system.postinst: add libvirt-dnsmasq user and group |
1306 | + - d/libvirt-daemon-system.postrm: remove libvirt-dnsmasq user and group on |
1307 | + purge |
1308 | + - d/p/ubuntu/dnsmasq-as-priv-user: write dnsmas config with user |
1309 | + libvirt-dnsmasq and adapt the self tests to expect that config |
1310 | + - d/libvirt-daemon-system.postinst: fix old libvirt-dnsmasq users |
1311 | + * Backport from recent upstream to stabilize libvirt (LP: #1754352) |
1312 | + - d/p/stable/0024-qemu-blockcopy-Add-check-for-bandwidth.patch |
1313 | + - d/p/stable/0025-conf-move-generated-member-from-virMacAddr-to-virDom.patch |
1314 | + - d/p/stable/0026-lxc-Drop-useless-check-in-live-device-update.patch |
1315 | + - d/p/stable/0027-Pass-oldDev-to-virDomainDefCompatibleDevice-on-devic.patch |
1316 | + - d/p/stable/0028-qemu-Fix-updating-device-with-boot-order.patch |
1317 | + - d/p/stable/0030-daemon-fix-rpc-event-leak-on-error-path-in-remoteDis.patch |
1318 | + - d/p/stable/0029-lxc-fix-rpc-event-leak-on-error-path-in-virLXCContro.patch |
1319 | + - d/p/stable/0031-qemu-fix-memory-leak-of-vporttype-during-migration.patch |
1320 | + - d/p/stable/0032-virsh-fixing-segfault-by-pool-autocompleter-function.patch |
1321 | + * d/p/ubuntu-aa/0041-apparmor-add-ro-rule-for-sasl-GSSAPI- |
1322 | + plugin-on-etc-g.patch fix issues if sasl is configured (LP: #1696471) |
1323 | + * d/p/ubuntu-aa/0042-virt-aa-helper-resolve-yet-to-be-created-paths.patch |
1324 | + ensure symlinks are resolved to get valid rules if interim parts of a path |
1325 | + are a symlink (LP: #1752361) |
1326 | + |
1327 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 27 Feb 2018 12:04:02 +0100 |
1328 | + |
1329 | +libvirt (4.0.0-1ubuntu4) bionic; urgency=medium |
1330 | + |
1331 | + * d/p/ubuntu/lp1688508-tools-avoid-text-spilling-into-variables.patch: |
1332 | + avoid hanging on shutdown (LP: #1688508) |
1333 | + |
1334 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 23 Feb 2018 16:43:19 +0100 |
1335 | + |
1336 | +libvirt (4.0.0-1ubuntu3) bionic; urgency=medium |
1337 | + |
1338 | + [ Christian Ehrhardt ] |
1339 | + * Backport of 23 bug fixes from recent upstream to stabilize libvirt on 18.04 |
1340 | + - d/p/stable/0001-Revert-qemu-monitor-do-not-report-error-on-shutdown.patch |
1341 | + - d/p/stable/0002-nodedev-Fix-failing-to-parse-PCI-address-for-non-PCI.patch |
1342 | + - d/p/stable/0003-qemu-assign-correct-type-of-PCI-address-for-vhost-sc.patch |
1343 | + - d/p/stable/0004-qemu-Refresh-caps-cache-after-booting-a-different-ke.patch |
1344 | + - d/p/stable/0005-qemu-auto-add-generic-xhci-rather-than-NEC-xhci-to-Q.patch |
1345 | + - d/p/stable/0006-libvirtd-Explicit-dependency-on-systemd-machined.patch |
1346 | + - d/p/stable/0007-rpc-fix-race-sending-and-encoding-sasl-data.patch |
1347 | + - d/p/stable/0008-vhost-user-add-support-reconnect-for-vhost-user-port.patch |
1348 | + - d/p/stable/0009-qemu-Fix-memory-leak-in-processGuestPanicEvent.patch |
1349 | + - d/p/stable/0010-storage-util-Properly-ignore-errors-when-backing-vol.patch |
1350 | + - d/p/stable/0011-conf-Use-correct-attribute-name-in-error-message.patch |
1351 | + - d/p/stable/0012-util-json-Add-helper-to-return-string-or-number-prop.patch |
1352 | + - d/p/stable/0013-util-storage-Parse-lun-for-iSCSI-protocol-from-JSON-.patch |
1353 | + - d/p/stable/0014-virsh-Offer-only-persistent-domains-for-autostart.patch |
1354 | + - d/p/stable/0015-blockjob-Fix-a-error-checking-of-blockjob-status-in-.patch |
1355 | + - d/p/stable/0016-qemu-Expose-rx-tx_queue_size-in-qemu.conf-too.patch |
1356 | + - d/p/stable/0017-qemu-migration-Refresh-device-information-after-tran.patch |
1357 | + - d/p/stable/0018-qemuDomainRemoveMemoryDevice-unlink-memory-backing-f.patch |
1358 | + - d/p/stable/0019-vbox-fix-SEGV-during-dumpxml-of-a-serial-port.patch |
1359 | + - d/p/stable/0020-qemu-Initialize-priv-in-qemuDomainCoreDumpWithFormat.patch |
1360 | + - d/p/stable/0021-fix-regex-to-check-CN-from-server-certificate.patch |
1361 | + - d/p/stable/0022-storage-Fix-formatting-and-parsing-of-qemu-type-Unix.patch |
1362 | + - d/p/stable/0023-util-storage-Remove-detected-authentication-data-for.patch |
1363 | + * d/rules: enable build time self tests on all architectures |
1364 | + |
1365 | + [ Marc Deslauriers ] |
1366 | + * SECURITY UPDATE: code injection via libnss_dns.so |
1367 | + - debian/patches/CVE-2018-6764-1.patch: determine the hostname on |
1368 | + startup in src/util/virlog.c. |
1369 | + - debian/patches/CVE-2018-6764-2.patch: fix syntax-check in |
1370 | + src/util/virlog.c. |
1371 | + - debian/patches/CVE-2018-6764-3.patch: fix deadlock obtaining hostname |
1372 | + in cfg.mk, src/util/virlog.c. |
1373 | + - CVE-2018-6764 |
1374 | + |
1375 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 19 Feb 2018 14:18:44 +0100 |
1376 | + |
1377 | +libvirt (4.0.0-1ubuntu2) bionic; urgency=medium |
1378 | + |
1379 | + * d/p/ubuntu-aa/0025-apparmor-fix-newer-virt-manager-1.4.0.patch: refreshed |
1380 | + as libvirt 4.0 needs a reversed rule for openGraphicsFD (LP: #1747442) |
1381 | + - refreshed 0032 and 0040 to match the new context. |
1382 | + * d/p/ubuntu/virt-aa-helper-Set-the-supported-features.patch: allow parsing |
1383 | + of memory slots and other extended features without breaking |
1384 | + virt-aa-helper (LP: #1746431). |
1385 | + |
1386 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 02 Feb 2018 07:31:17 +0100 |
1387 | + |
1388 | +libvirt (4.0.0-1ubuntu1) bionic; urgency=medium |
1389 | + |
1390 | + * Merged with Debian unstable (4.0) |
1391 | + This closes several bugs: |
1392 | + - Error generating apparmor profile when hostname contains spaces |
1393 | + (LP: #799997) |
1394 | + - qemu 2.10 locks files, libvirt shared now sets share-rw=on (LP: #1716028) |
1395 | + - libvirt usb passthrough throws apparmor denials related to |
1396 | + /run/udev/data/+usb (LP: #1727311) |
1397 | + - AppArmor denies access to /sys/block/*/queue/max_segments (LP: #1729626) |
1398 | + - iohelper improvements to let bypass-cache work without opening up the |
1399 | + apparmor isolation (LP: #1719579) |
1400 | + - nodeinfo on s390x to contain more CPU info (LP: #1733688) |
1401 | + - Upgrade libvirt >= 4.0 (LP: #1745934) |
1402 | + * Remaining changes: |
1403 | + - Disable libssh2 support (universe dependency) |
1404 | + - Disable firewalld support (universe dependency) |
1405 | + - Disable selinux |
1406 | + - Set qemu-group to kvm (for compat with older ubuntu) |
1407 | + - Additional apport package-hook |
1408 | + - Modifications to adapt for our delayed switch away from libvirt-bin (can |
1409 | + be dropped >18.04). |
1410 | + + d/p/ubuntu/libvirtd-service-add-bin-alias.patch: systemd: define alias |
1411 | + to old service name so that old references work |
1412 | + + d/p/ubuntu/libvirtd-init-add-bin-alias.patch: sysv init: define alias |
1413 | + to old service name so that old references work |
1414 | + + d/control: transitional package with the old name and maintainer |
1415 | + scripts to handle the transition |
1416 | + - Backwards compatible handling of group rename (can be dropped >18.04). |
1417 | + - config details and autostart of default bridged network. Creating that is |
1418 | + now the default in general, yet our solution provides the following on |
1419 | + top as of today: |
1420 | + + autostart the default network by default |
1421 | + + do not autostart if subnet is already taken (e.g. in guests). |
1422 | + - d/p/ubuntu/Allow-libvirt-group-to-access-the-socket.patch: This is |
1423 | + the group based access to libvirt functions as it was used in Ubuntu |
1424 | + for quite long. |
1425 | + + d/p/ubuntu/daemon-augeas-fix-expected.patch fix some related tests |
1426 | + due to the group access change. |
1427 | + - ubuntu/parallel-shutdown.patch: set parallel shutdown by default. |
1428 | + - d/p/ubuntu/enable-kvm-spice.patch: compat with older Ubuntu qemu/kvm |
1429 | + which provided a separate kvm-spice. |
1430 | + - d/p/ubuntu/ubuntu-libxl-qemu-path.patch: this change was split. The |
1431 | + section that adapts the path of the emulator to the Debian/Ubuntu |
1432 | + packaging is kept. |
1433 | + - d/p/ubuntu/ubuntu-libxl-Fix-up-VRAM-to-minimum-requirements.patch: auto |
1434 | + set VRAM to minimum requirements |
1435 | + - d/p/ubuntu/xen-default-uri.patch: set default URI on xen hosts |
1436 | + - Add libxl log directory |
1437 | + - libvirt-uri.sh: Automatically switch default libvirt URI for users on |
1438 | + Xen dom0 via user profile (was missing on changelogs before) |
1439 | + - d/p/ubuntu/apibuild-skip-libvirt-common.h: drop libvirt-common.h from |
1440 | + included_files to avoid build failures due to duplicate definitions. |
1441 | + - Update README.Debian with Ubuntu changes |
1442 | + - Convert libvirt0, libnss_libvirt and libvirt-dev to multi-arch. |
1443 | + - Enable some additional features on ppc64el and s390x (for arch parity) |
1444 | + + systemtap, zfs, numa and numad on s390x. |
1445 | + + systemtap on ppc64el. |
1446 | + - fix conffile upgrade handling to avoid obsolete files |
1447 | + and inactive duplicates (LP 1694159) |
1448 | + - d/t/control, d/t/smoke-qemu-session: fixup smoke-qemu-session by making |
1449 | + vmlinuz available and accessible (Debian bug 848314) |
1450 | + - d/test/smoke-lxc workaround for debbug 848317/867379 |
1451 | + - d/t/control, d/t/smoke-lxc: fix up lxc smoke test (Debian bug 848317) |
1452 | + - Add dnsmasq configuration to work with system wide dnsmasq (drop >18.04, |
1453 | + no more UCA onto Xenial then which has global dnsmasq by default). |
1454 | + - d/p/ubuntu/ubuntu_machine_type.patch: accept ubuntu types as pci440fx |
1455 | + - conffile handling of files dropped in 3.5 (can be dropped >18.04) |
1456 | + + /etc/init.d/virtlockd was sysv init only |
1457 | + + /etc/apparmor.d/local/usr.sbin.libvirtd and |
1458 | + /etc/apparmor.d/local/usr.lib.libvirt.virt-aa-helper are now generated |
1459 | + by dh_apparmor as needed |
1460 | + - Reworked apparmor Delta, especially the more complex delta is dropped |
1461 | + now, also our former delta is now split into logical pieces, has |
1462 | + improved comments and is part of a continuous upstreaming effort. |
1463 | + Listing related remaining changes: |
1464 | + + d/p/0001-apparmor-Allow-pygrub-to-run-on-Debian-Ubuntu.patch: apparmor: |
1465 | + Allow pygrub to run on Debian/Ubuntu |
1466 | + + d/p/0003-apparmor-libvirt-qemu-Allow-read-access-to-overcommi.patch: |
1467 | + apparmor, libvirt-qemu: Allow read access to overcommit_memory |
1468 | + + d/p/0007-apparmor-libvirt-qemu-Allow-owner-read-access-to-PRO.patch: |
1469 | + apparmor, libvirt-qemu: Allow owner read access to @{PROC}/*/auxv |
1470 | + + d/p/0017-apparmor-virt-aa-helper-Allow-access-to-tmp-director.patch: |
1471 | + apparmor, virt-aa-helper: Allow access to tmp directories |
1472 | + + d/p/ubuntu-aa/0020-virt-aa-helper-ubuntu-storage-paths.patch: |
1473 | + apparmor, virt-aa-helper: Allow various storage pools and image |
1474 | + locations |
1475 | + + d/p/0021-apparmor-virt-aa-helper-Add-openvswitch-support.patch: |
1476 | + apparmor, virt-aa-helper: Add openvswitch support |
1477 | + + d/p/0025-apparmor-fix-newer-virt-manager-1.4.0.patch: Add Apparmor |
1478 | + permissions so virt-manager 1.4.0 viewing works (LP 1668681). |
1479 | + + d/p/0029-appmor-libvirt-qemu-Add-9p-support.patch: appmor, |
1480 | + libvirt-qemu: Add 9p support |
1481 | + + d/p/0030-virt-aa-helper-Complete-9p-support.patch: virt-aa-helper: |
1482 | + add l to 9p file options. |
1483 | + + d/p/0031-virt-aa-helper-Ask-for-no-deny-rule-for-readonly-dis.patch: |
1484 | + virt-aa-helper: Ask for no deny rule for readonly disk (renamed and |
1485 | + reworded, was virt-aa-helper-no-explicity-deny-for-basefiles.patch) |
1486 | + + d/p/0032-apparmor-libvirt-qemu-Allow-reading-charm-specific-c.patch: |
1487 | + apparmor, libvirt-qemu: Allow reading charm-specific ceph config |
1488 | + + d/p/0033-UBUNTU-only-apparmor-for-kvm.powerpc-LP-1680384.patch: allow |
1489 | + commands executed by ubuntu only kvm wrapper on ppc64el (LP 1686621). |
1490 | + + d/p/0034-apparmor-virt-aa-helper-access-for-snapped-nova.patch: |
1491 | + apparmor, virt-aa-helper: access for snapped nova |
1492 | + * Dropped Changes (Upstream): |
1493 | + - d/p/0005-apparmor-libvirt-qemu-Allow-use-of-sgabios.patch: apparmor, |
1494 | + libvirt-qemu: Allow use of sgabios |
1495 | + - d/p/0006-apparmor-libvirt-qemu-Silence-lttng-related-deny-mes.patch: |
1496 | + apparmor, libvirt-qemu: Silence lttng related deny messages |
1497 | + - d/p/0008-apparmor-libvirt-qemu-Allow-read-access-to-sysfs-sys.patch: |
1498 | + apparmor, libvirt-qemu: Allow read access to sysfs system info |
1499 | + - d/p/0009-apparmor-libvirt-qemu-Allow-read-access-to-max_mem_r.patch: |
1500 | + apparmor, libvirt-qemu: Allow read access to max_mem_regions |
1501 | + - d/p/0010-apparmor-libvirt-qemu-Allow-qemu-block-extra-librari.patch: |
1502 | + apparmor, libvirt-qemu: Allow qemu-block-extra libraries |
1503 | + - d/p/0012-apparmor-libvirtd-Allow-access-to-netlink-sockets.patch: |
1504 | + apparmor, libvirtd: Allow access to netlink sockets |
1505 | + - d/p/0013-apparmor-Add-rules-for-mediation-support.patch: |
1506 | + apparmor: Add rules for mediation support |
1507 | + - d/p/0015-apparmor-virt-aa-helper-Allow-access-to-ecryptfs-fil.patch: |
1508 | + apparmor, virt-aa-helper: Allow access to ecryptfs files |
1509 | + - d/p/0016-apparmor-libvirtd-Allow-ixr-to-var-lib-libvirt-virtd.patch: |
1510 | + apparmor, libvirtd: Allow ixr to /var/lib/libvirt/virtd* |
1511 | + - d/p/0018-apparmor-virt-aa-helper-Add-ipv6-network-policy.patch: |
1512 | + apparmor, virt-aa-helper: Add ipv6 network policy |
1513 | + - d/p/0019-apparmor-virt-aa-helper-Allow-access-to-sys-bus-usb-.patch: |
1514 | + apparmor, virt-aa-helper: Allow access to /sys/bus/usb/devices |
1515 | + - d/p/0023-apparmor-qemu-won-t-call-qemu-nbd.patch: apparmor: qemu |
1516 | + won't call qemu-nbd |
1517 | + - d/p/0027-apparmor-allow-reading-cmdline-of-shutdown-signal.patch: |
1518 | + apparmor: allow to parse cmdline of the pid that send the shutdown |
1519 | + signal (LP 1680384). |
1520 | + - d/p/0028-apparmor-add-default-pki-path-of-lbvirt-spice.patch: |
1521 | + apparmor: add default pki path of lbvirt-spice (LP 1690140) |
1522 | + - d/p/ubuntu-aa/0035-virt-aa-helper-locking-disk-files-for-qemu-2.10.patch: |
1523 | + for compatibility with the behavior of qemu 2.10 this adds locking |
1524 | + permission to rules generated for disk files (LP 1709818) |
1525 | + - d/p/ubuntu-aa/0036-virt-aa-helper-locking-loader-nvram-for-qemu-2.10.patch: |
1526 | + for compatibility with the behavior of qemu 2.10 this adds locking |
1527 | + permission to rules generated for loader/nvram (LP 1710960) |
1528 | + - d/p/ubuntu-aa/0037-virt-aa-helper...: grant locking permission on append |
1529 | + files (LP 1726804) |
1530 | + - d/p/ubuntu-aa/0038-virt-aa-helper-fix-paths-for-usb-hostdevs.patch: |
1531 | + fix path generation for USB host devices (LP 1552241) |
1532 | + - d/p/ubuntu-aa/0039-virt-aa-helper-fix-libusb-access-to-udev-usb-data.patch: |
1533 | + generate valid rules on usb passthrough (LP 1686324) |
1534 | + - d/p/avoid-double-locking.patch: fix a deadlock that could occur when |
1535 | + libvirtd interactions raced with dbus causing a deadlock (LP 1714254). |
1536 | + - d/p/u/gnulib-getopt-posix-Fix-build-failure-when-using-ac_cv_head.patch: |
1537 | + fix FTBFS with glibc 2.26 (LP 1718668) |
1538 | + - Extended handling of apparmor profiles - clear lost profiles via cron |
1539 | + (now cleared by virt-aa-helper on domain stop) |
1540 | + - nat only on some ports <port start='1024' end='65535'/> (upstream |
1541 | + default now if nothing is specified, actually dropped last cycle) |
1542 | + * Dropped Changes (In Debian or no more important): |
1543 | + - d/p/0002-apparmor-libvirt-qemu-Allow-macvtap-access.patch: apparmor, |
1544 | + libvirt-qemu: Allow macvtap access |
1545 | + - d/p/0004-apparmor-Explicit-deny-for-setpcap.patch: apparmor: Explicit |
1546 | + deny for setpcap (LP 522845). |
1547 | + - d/p/0014-apparmor-virt-aa-helper-Improve-comment-about-backin.patch: |
1548 | + apparmor, virt-aa-helper: Improve comment about backing store |
1549 | + - d/p/0022-apparmor-drop-references-to-qemu-kvm.patch: apparmor: drop |
1550 | + references to qemu-kvm |
1551 | + - d/p/0024-apparmor-virt-aa-helper-Allow-access-to-name-service.patch: |
1552 | + apparmor, virt-aa-helper: Allow access to name services |
1553 | + - d/p/0026-apparmor-add-generic-base-vfio-device.patch: apparmor: add |
1554 | + /dev/vfio for vf (hot) attach (LP 1680384) (added by virt-aa-helper per |
1555 | + guest if needed). |
1556 | + - d/p/0011-apparmor-libvirt-qemu-Allow-access-to-hugepage-mount.patch: |
1557 | + apparmor, libvirt-qemu: Allow access to hugepage mounts |
1558 | + - Disable sheepdog (was for universe dependency, but is now only a suggest) |
1559 | + - d/p/ubuntu/storage-disable-gluster-test: gluster not enabled, skip test |
1560 | + * Dropped Changes (In Debian/Upstream now based on interim 3.10 work) some of |
1561 | + these were never released, but important to mention for the bug references: |
1562 | + - libnss-libvirt once enabled causes apt to call getdents |
1563 | + avoid this being an issue by dropping a apt conf that allows |
1564 | + this in seccomp (LP: #1732030). |
1565 | + - d/libvirt-daemon-system.postrm: clean up more libvirt directories on |
1566 | + purge |
1567 | + - d/p/ubuntu-aa/0041-apparmor-allow-unix-stream-for-p2p-migrations.patch: |
1568 | + apparmor: allow unix stream for p2p migrations |
1569 | + - d/p/ubuntu-aa/0043-security-apparmor-implement-domainSetPathLabel.patch: |
1570 | + this replaces the hugepage rules and fixes many more formerly missing |
1571 | + - d/p/ubuntu-aa/0044-security-full-path-option-for-DomainSetPathLabel.patch: |
1572 | + allowing to have path wildcards on labels set by domain callbacks |
1573 | + - d/p/ubuntu-aa/0045-security-apparmor-add-Set-Restore-ChardevLabel.patch: |
1574 | + apparmor implementation of security callback |
1575 | + - d/p/ubuntu-aa/0046-apparmor-virt-aa-helper-drop-static-channel-rule.patch: |
1576 | + this is now covered by chardev label callbacks |
1577 | + * Added Changes: |
1578 | + - Revert Debian change "Drop libvirt-bin upgrade handling" |
1579 | + This is needed in Ubuntu one last time (drop >18.04) |
1580 | + - Revert Debian change "Drop maintscript helpers for versions predating |
1581 | + jessie and wheezy-backports". This is needed in Ubuntu one last |
1582 | + time (drop >18.04) |
1583 | + - Refreshed d/p/* to match new version (only fuzz, no semantic change) |
1584 | + - d/libvirt-daemon-system.postrm: change order of libvirt-qemu removal |
1585 | + to avoid error messages on purge |
1586 | + - remove no more used libvirt-dnsmasq user (drop >18.04) |
1587 | + - d/p/ubuntu-aa/0040-apparmor-add-mediation-rules-for-unconfined.patch: |
1588 | + apparmor: add mediation rules for unconfined guests |
1589 | + - d/p/ubuntu-aa/0042-security-introduce-virSecurityManager-Set-Restore-Ch |
1590 | + .patch: backport upstream cahnge to expose already used chardev calls. |
1591 | + - d/libvirt-daemon-system.postrm: Remove the default.xml network link |
1592 | + set up by postinst. |
1593 | + - d/libvirt-daemon-system.maintscript: remove the now dropped conffile |
1594 | + /etc/cron.daily/libvirt-daemon-system |
1595 | + - d/libvirt-daemon-system.postinst: fixups for autostart default network |
1596 | + - use modern shell syntax |
1597 | + - try more default networks before giving up to enable by default |
1598 | + - d/p/ubuntu-aa/0020-virt-aa-helper-ubuntu-storage-paths.patch: |
1599 | + add multipass image path and mark as ubuntu only change. |
1600 | + - d/rules: install virtlockd correctly with defaults file (LP: #1729516) |
1601 | + - extended d/p/0025-apparmor-fix-newer-virt-manager-1.4.0.patch to cover |
1602 | + the slightly changed behavior of libvirt 4.0 (LP: #1741617) |
1603 | + - d/control: make libvirt-daemon-driver-storage-rbd a recommend instead of |
1604 | + just a suggest to have 3rd party relying on rbd out of the box working. |
1605 | + This is deprecated and users of rbd backend should start depending on |
1606 | + this package for it will be dropped to a suggest in future releases. |
1607 | + |
1608 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 14 Dec 2017 14:15:55 +0100 |
1609 | + |
1610 | libvirt (4.0.0-1) unstable; urgency=medium |
1611 | |
1612 | * [5936904] New upstream version 4.0.0 |
1613 | @@ -800,6 +2369,206 @@ libvirt (3.7.0-1) unstable; urgency=medium |
1614 | |
1615 | -- Guido Günther <agx@sigxcpu.org> Fri, 08 Sep 2017 14:52:38 +0200 |
1616 | |
1617 | +libvirt (3.6.0-1ubuntu6) artful; urgency=medium |
1618 | + |
1619 | + * d/p/ubuntu-aa/0037-virt-aa-helper...: grant locking permission on append |
1620 | + files (LP: #1726804) |
1621 | + * d/p/ubuntu-aa/0038-virt-aa-helper-fix-paths-for-usb-hostdevs.patch: |
1622 | + fix path generation for USB host devices (LP: #1552241) |
1623 | + * d/p/ubuntu-aa/0039-virt-aa-helper-fix-libusb-access-to-udev-usb-data.patch: |
1624 | + generate valid rules on usb passthrough (LP: #1686324) |
1625 | + |
1626 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 24 Oct 2017 14:30:34 +0200 |
1627 | + |
1628 | +libvirt (3.6.0-1ubuntu5) artful; urgency=medium |
1629 | + |
1630 | + * d/p/u/gnulib-getopt-posix-Fix-build-failure-when-using-ac_cv_head.patch: |
1631 | + fix FTBFS with glibc 2.26 (LP: #1718668) |
1632 | + |
1633 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 28 Sep 2017 08:18:10 -0400 |
1634 | + |
1635 | +libvirt (3.6.0-1ubuntu4) artful; urgency=medium |
1636 | + |
1637 | + * d/p/avoid-double-locking.patch: fix a deadlock that could occur when |
1638 | + libvirtd interactions raced with dbus causing a deadlock (LP: #1714254). |
1639 | + |
1640 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 01 Sep 2017 10:29:35 +0200 |
1641 | + |
1642 | +libvirt (3.6.0-1ubuntu3) artful; urgency=medium |
1643 | + |
1644 | + * No change rebuild for Qemu 2.10 and Xen 4.9 |
1645 | + |
1646 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 21 Aug 2017 10:34:13 +0200 |
1647 | + |
1648 | +libvirt (3.6.0-1ubuntu2) artful; urgency=medium |
1649 | + |
1650 | + * d/p/ubuntu-aa/0036-virt-aa-helper-locking-loader-nvram-for-qemu-2.10.patch: |
1651 | + for compatibility with the behavior of qemu 2.10 this adds locking |
1652 | + permission to rules generated for loader/nvram (LP: #1710960) |
1653 | + |
1654 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 17 Aug 2017 10:00:19 +0200 |
1655 | + |
1656 | +libvirt (3.6.0-1ubuntu1) artful; urgency=medium |
1657 | + |
1658 | + * Merged with Debian unstable (3.6) |
1659 | + This closes several bugs: |
1660 | + - aarch64: improved chardev handling (LP: #1697610) |
1661 | + - Forbid locking memory without memtune (LP: #1708305) |
1662 | + * Remaining changes: |
1663 | + - Disable sheepdog (universe dependency) |
1664 | + - Disable libssh2 support (universe dependency) |
1665 | + - Disable firewalld support (universe dependency) |
1666 | + - Disable selinux |
1667 | + - Set qemu-group to kvm (for compat with older ubuntu) |
1668 | + - Regularly clear AppArmor profiles for vms that no longer exist |
1669 | + - Additional apport package-hook |
1670 | + - Modifications to adapt for our delayed switch away from libvirt-bin (can |
1671 | + be dropped >18.04). |
1672 | + + d/p/ubuntu/libvirtd-service-add-bin-alias.patch: systemd: define alias |
1673 | + to old service name so that old references work |
1674 | + + d/p/ubuntu/libvirtd-init-add-bin-alias.patch: sysv init: define alias |
1675 | + to old service name so that old references work |
1676 | + + d/control: transitional package with the old name and maintainer |
1677 | + scripts to handle the transition |
1678 | + - Backwards compatible handling of group rename (can be dropped >18.04). |
1679 | + - config details and autostart of default bridged network. Creating that is |
1680 | + now the default in general, yet our solution provides the following on |
1681 | + top as of today: |
1682 | + + nat only on some ports <port start='1024' end='65535'/> |
1683 | + + autostart the default network by default |
1684 | + + do not autostart if 192.168.122.0 is already taken (e.g. in containers) |
1685 | + - d/p/ubuntu/Allow-libvirt-group-to-access-the-socket.patch: This is |
1686 | + the group based access to libvirt functions as it was used in Ubuntu |
1687 | + for quite long. |
1688 | + + d/p/ubuntu/daemon-augeas-fix-expected.patch fix some related tests |
1689 | + due to the group access change. |
1690 | + - ubuntu/parallel-shutdown.patch: set parallel shutdown by default. |
1691 | + - d/p/ubuntu/enable-kvm-spice.patch: compat with older Ubuntu qemu/kvm |
1692 | + which provided a separate kvm-spice. |
1693 | + - d/p/ubuntu/storage-disable-gluster-test: gluster not enabled, skip test |
1694 | + - d/p/ubuntu/ubuntu-libxl-qemu-path.patch: this change was split. The |
1695 | + section that adapts the path of the emulator to the Debian/Ubuntu |
1696 | + packaging is kept. |
1697 | + - d/p/ubuntu/ubuntu-libxl-Fix-up-VRAM-to-minimum-requirements.patch: auto |
1698 | + set VRAM to minimum requirements |
1699 | + - d/p/ubuntu/xen-default-uri.patch: set default URI on xen hosts |
1700 | + - Add libxl log directory |
1701 | + - libvirt-uri.sh: Automatically switch default libvirt URI for users on |
1702 | + Xen dom0 via user profile (was missing on changelogs before) |
1703 | + - d/p/ubuntu/apibuild-skip-libvirt-common.h: drop libvirt-common.h from |
1704 | + included_files to avoid build failures due to duplicate definitions. |
1705 | + - Update README.Debian with Ubuntu changes |
1706 | + - Convert libvirt0, libnss_libvirt and libvirt-dev to multi-arch. |
1707 | + - Enable some additional features on ppc64el and s390x (for arch parity) |
1708 | + + systemtap, zfs, numa and numad on s390x. |
1709 | + + systemtap on ppc64el. |
1710 | + - fix conffile upgrade handling to avoid obsolete files |
1711 | + and inactive duplicates (LP 1694159) |
1712 | + - d/t/control, d/t/smoke-qemu-session: fixup smoke-qemu-session by making |
1713 | + vmlinuz available and accessible (Debian bug 848314) |
1714 | + - d/test/smoke-lxc workaround for debbug 848317/867379 |
1715 | + - d/t/control, d/t/smoke-lxc: fix up lxc smoke test (Debian bug 848317) |
1716 | + - Extended handling of apparmor profiles - clear lost profiles via cron |
1717 | + - Add dnsmasq configuration to work with system wide dnsmasq (drop >18.04, |
1718 | + no more UCA onto Xenial then which has global dnsmasq by default). |
1719 | + - d/p/ubuntu/ubuntu_machine_type.patch: accept ubuntu types as pci440fx |
1720 | + - conffile handling of files dropped in 3.5 (can be dropped >18.04) |
1721 | + + /etc/init.d/virtlockd was sysv init only |
1722 | + + /etc/apparmor.d/local/usr.sbin.libvirtd and |
1723 | + /etc/apparmor.d/local/usr.lib.libvirt.virt-aa-helper are now generated |
1724 | + by dh_apparmor as needed |
1725 | + - Reworked apparmor Delta, especially the more complex delta is dropped |
1726 | + now, also our former delta is now split into logical pieces, has |
1727 | + improved comments and is part of a continuous upstreaming effort. |
1728 | + Listing related remaining changes: |
1729 | + + d/p/0001-apparmor-Allow-pygrub-to-run-on-Debian-Ubuntu.patch: apparmor: |
1730 | + Allow pygrub to run on Debian/Ubuntu |
1731 | + + d/p/0002-apparmor-libvirt-qemu-Allow-macvtap-access.patch: apparmor, |
1732 | + libvirt-qemu: Allow macvtap access |
1733 | + + d/p/0003-apparmor-libvirt-qemu-Allow-read-access-to-overcommi.patch: |
1734 | + apparmor, libvirt-qemu: Allow read access to overcommit_memory |
1735 | + + d/p/0004-apparmor-Explicit-deny-for-setpcap.patch: apparmor: Explicit |
1736 | + deny for setpcap |
1737 | + + d/p/0005-apparmor-libvirt-qemu-Allow-use-of-sgabios.patch: apparmor, |
1738 | + libvirt-qemu: Allow use of sgabios |
1739 | + + d/p/0006-apparmor-libvirt-qemu-Silence-lttng-related-deny-mes.patch: |
1740 | + apparmor, libvirt-qemu: Silence lttng related deny messages |
1741 | + + d/p/0007-apparmor-libvirt-qemu-Allow-owner-read-access-to-PRO.patch: |
1742 | + apparmor, libvirt-qemu: Allow owner read access to @{PROC}/*/auxv |
1743 | + + d/p/0008-apparmor-libvirt-qemu-Allow-read-access-to-sysfs-sys.patch: |
1744 | + apparmor, libvirt-qemu: Allow read access to sysfs system info |
1745 | + + d/p/0009-apparmor-libvirt-qemu-Allow-read-access-to-max_mem_r.patch: |
1746 | + apparmor, libvirt-qemu: Allow read access to max_mem_regions |
1747 | + + d/p/0010-apparmor-libvirt-qemu-Allow-qemu-block-extra-librari.patch: |
1748 | + apparmor, libvirt-qemu: Allow qemu-block-extra libraries |
1749 | + + d/p/0011-apparmor-libvirt-qemu-Allow-access-to-hugepage-mount.patch: |
1750 | + apparmor, libvirt-qemu: Allow access to hugepage mounts |
1751 | + + d/p/0012-apparmor-libvirtd-Allow-access-to-netlink-sockets.patch: |
1752 | + apparmor, libvirtd: Allow access to netlink sockets |
1753 | + + d/p/0013-apparmor-Add-rules-for-mediation-support.patch: |
1754 | + apparmor: Add rules for mediation support |
1755 | + + d/p/0014-apparmor-virt-aa-helper-Improve-comment-about-backin.patch: |
1756 | + apparmor, virt-aa-helper: Improve comment about backing store |
1757 | + + d/p/0015-apparmor-virt-aa-helper-Allow-access-to-ecryptfs-fil.patch: |
1758 | + apparmor, virt-aa-helper: Allow access to ecryptfs files |
1759 | + + d/p/0016-apparmor-libvirtd-Allow-ixr-to-var-lib-libvirt-virtd.patch: |
1760 | + apparmor, libvirtd: Allow ixr to /var/lib/libvirt/virtd* |
1761 | + + d/p/0017-apparmor-virt-aa-helper-Allow-access-to-tmp-director.patch: |
1762 | + apparmor, virt-aa-helper: Allow access to tmp directories |
1763 | + + d/p/0018-apparmor-virt-aa-helper-Add-ipv6-network-policy.patch: |
1764 | + apparmor, virt-aa-helper: Add ipv6 network policy |
1765 | + + d/p/0019-apparmor-virt-aa-helper-Allow-access-to-sys-bus-usb-.patch: |
1766 | + apparmor, virt-aa-helper: Allow access to /sys/bus/usb/devices |
1767 | + + d/p/0020-apparmor-virt-aa-helper-Allow-various-storage-pools-.patch: |
1768 | + apparmor, virt-aa-helper: Allow various storage pools and image |
1769 | + locations |
1770 | + + d/p/0021-apparmor-virt-aa-helper-Add-openvswitch-support.patch: |
1771 | + apparmor, virt-aa-helper: Add openvswitch support |
1772 | + + d/p/0022-apparmor-drop-references-to-qemu-kvm.patch: apparmor: drop |
1773 | + references to qemu-kvm |
1774 | + + d/p/0023-apparmor-qemu-won-t-call-qemu-nbd.patch: apparmor: qemu |
1775 | + won't call qemu-nbd |
1776 | + + d/p/0024-apparmor-virt-aa-helper-Allow-access-to-name-service.patch: |
1777 | + apparmor, virt-aa-helper: Allow access to name services |
1778 | + + d/p/0025-apparmor-fix-newer-virt-manager-1.4.0.patch: Add Apparmor |
1779 | + permissions so virt-manager 1.4.0 viewing works (LP 1668681). |
1780 | + + d/p/0026-apparmor-add-generic-base-vfio-device.patch: apparmor: add |
1781 | + /dev/vfio for vf (hot) attach (LP 1680384). |
1782 | + + d/p/0027-apparmor-allow-reading-cmdline-of-shutdown-signal.patch: |
1783 | + apparmor: allow to parse cmdline of the pid that send the shutdown |
1784 | + signal (LP 1680384). |
1785 | + + d/p/0028-apparmor-add-default-pki-path-of-lbvirt-spice.patch: |
1786 | + apparmor: add default pki path of lbvirt-spice (LP 1690140) |
1787 | + + d/p/0029-appmor-libvirt-qemu-Add-9p-support.patch: appmor, |
1788 | + libvirt-qemu: Add 9p support |
1789 | + + d/p/0030-virt-aa-helper-Complete-9p-support.patch: virt-aa-helper: |
1790 | + add l to 9p file options. |
1791 | + + d/p/0031-virt-aa-helper-Ask-for-no-deny-rule-for-readonly-dis.patch: |
1792 | + virt-aa-helper: Ask for no deny rule for readonly disk (renamed and |
1793 | + reworded, was virt-aa-helper-no-explicity-deny-for-basefiles.patch) |
1794 | + + d/p/0032-apparmor-libvirt-qemu-Allow-reading-charm-specific-c.patch: |
1795 | + apparmor, libvirt-qemu: Allow reading charm-specific ceph config |
1796 | + + d/p/0033-UBUNTU-only-apparmor-for-kvm.powerpc-LP-1680384.patch: allow |
1797 | + commands executed by ubuntu only kvm wrapper on ppc64el (LP 1686621). |
1798 | + + d/p/0034-apparmor-virt-aa-helper-access-for-snapped-nova.patch: |
1799 | + apparmor, virt-aa-helper: access for snapped nova |
1800 | + * Dropped Changes (Upstream): |
1801 | + - d/p/ubuntu/fix-libxl-default-driver-name.patch: avoid an issue with |
1802 | + default driver entries missing name='qemu'. |
1803 | + - d/p/u/aa-helper-Properly-link-with-storage-driver.patch (LP 1704782) |
1804 | + Fix to be able to follow BackinStorage chains when creating per |
1805 | + guest apparmor rules. |
1806 | + * Dropped Changes (In Debian): |
1807 | + - Enable esx support |
1808 | + + Add build-dep to libcurl4-gnutls-dev (required for esx) |
1809 | + * Added Changes: |
1810 | + - d/p/ubuntu-aa/0035-virt-aa-helper-locking-disk-files-for-qemu-2.10.patch: |
1811 | + for compatibility with the behavior of qemu 2.10 this adds locking |
1812 | + permission to rules generated for disk files (LP: #1709818) |
1813 | + |
1814 | + |
1815 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 10 Aug 2017 12:44:47 +0200 |
1816 | + |
1817 | libvirt (3.6.0-1) unstable; urgency=medium |
1818 | |
1819 | * [ece8d56] New upstream version 3.6.0 (Closes: #870626) |
1820 | @@ -816,6 +2585,264 @@ libvirt (3.6.0-1) unstable; urgency=medium |
1821 | |
1822 | -- Guido Günther <agx@sigxcpu.org> Fri, 04 Aug 2017 00:05:47 -0300 |
1823 | |
1824 | +libvirt (3.5.0-1ubuntu3) artful; urgency=medium |
1825 | + |
1826 | + * Refresh changes to match they way they were accepted upstream |
1827 | + - d/p/u/aa-helper-Properly-link-with-storage-driver.patch add commit |
1828 | + reference now that it is in git. |
1829 | + - d/p/u/fix-libxl-default-driver-name.patch: instead of addin the |
1830 | + name this is now fixed by relaxing the schema. |
1831 | + |
1832 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 19 Jul 2017 12:48:39 +0200 |
1833 | + |
1834 | +libvirt (3.5.0-1ubuntu2) artful; urgency=medium |
1835 | + |
1836 | + * d/p/u/aa-helper-Properly-link-with-storage-driver.patch (LP: #1704782) |
1837 | + Fix to be able to follow BackinStorage chains when creating per |
1838 | + guest apparmor rules. |
1839 | + |
1840 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 18 Jul 2017 16:34:57 +0200 |
1841 | + |
1842 | +libvirt (3.5.0-1ubuntu1) artful; urgency=medium |
1843 | + |
1844 | + * Merged with Debian unstable (3.5) |
1845 | + This closes several bugs: |
1846 | + - improved handling of host-model since libvirt 3.2 (LP: #1673467) |
1847 | + - Adding POWER9 cpu model to cpu_map.xml (LP: #1690209) |
1848 | + * Remaining changes: |
1849 | + - Disable sheepdog (universe dependency) |
1850 | + - Disable libssh2 support (universe dependency) |
1851 | + - Disable firewalld support (universe dependency) |
1852 | + - Disable selinux |
1853 | + - Enable esx support |
1854 | + + Add build-dep to libcurl4-gnutls-dev (required for esx) |
1855 | + - Set qemu-group to kvm (for compat with older ubuntu) |
1856 | + - Regularly clear AppArmor profiles for vms that no longer exist |
1857 | + - Additional apport package-hook |
1858 | + - Modifications to adapt for our delayed switch away from libvirt-bin (can |
1859 | + be dropped >18.04). |
1860 | + + d/p/ubuntu/libvirtd-service-add-bin-alias.patch: systemd: define alias |
1861 | + to old service name so that old references work |
1862 | + + d/p/ubuntu/libvirtd-init-add-bin-alias.patch: sysv init: define alias |
1863 | + to old service name so that old references work |
1864 | + + d/control: transitional package with the old name and maintainer |
1865 | + scripts to handle the transition |
1866 | + - Backwards compatible handling of group rename (can be dropped >18.04). |
1867 | + - config details and autostart of default bridged network. Creating that is |
1868 | + now the default in general, yet our solution provides the following on |
1869 | + top as of today: |
1870 | + + nat only on some ports <port start='1024' end='65535'/> |
1871 | + + autostart the default network by default |
1872 | + + do not autostart if 192.168.122.0 is already taken (e.g. in containers) |
1873 | + - d/p/ubuntu/Allow-libvirt-group-to-access-the-socket.patch: This is |
1874 | + the group based access to libvirt functions as it was used in Ubuntu |
1875 | + for quite long. |
1876 | + + d/p/ubuntu/daemon-augeas-fix-expected.patch fix some related tests |
1877 | + due to the group access change. |
1878 | + - ubuntu/parallel-shutdown.patch: set parallel shutdown by default. |
1879 | + - d/p/ubuntu/enable-kvm-spice.patch: compat with older Ubuntu qemu/kvm |
1880 | + which provided a separate kvm-spice. |
1881 | + - d/p/ubuntu/storage-disable-gluster-test: gluster not enabled, skip test |
1882 | + - d/p/ubuntu/ubuntu-libxl-qemu-path.patch: this change was split. The |
1883 | + section that adapts the path of the emulator to the Debian/Ubuntu |
1884 | + packaging is kept. |
1885 | + - d/p/ubuntu/ubuntu-libxl-Fix-up-VRAM-to-minimum-requirements.patch: auto |
1886 | + set VRAM to minimum requirements |
1887 | + - d/p/ubuntu/xen-default-uri.patch: set default URI on xen hosts |
1888 | + - Add libxl log directory |
1889 | + - libvirt-uri.sh: Automatically switch default libvirt URI for users on |
1890 | + Xen dom0 via user profile (was missing on changelogs before) |
1891 | + - d/p/ubuntu/apibuild-skip-libvirt-common.h: drop libvirt-common.h from |
1892 | + included_files to avoid build failures due to duplicate definitions. |
1893 | + - Update README.Debian with Ubuntu changes |
1894 | + - Convert libvirt0, libnss_libvirt and libvirt-dev to multi-arch. |
1895 | + - Enable some additional features on ppc64el and s390x (for arch parity) |
1896 | + + systemtap, zfs, numa and numad on s390x. |
1897 | + + systemtap on ppc64el. |
1898 | + - fix conffile upgrade handling to avoid obsolete files |
1899 | + and inactive duplicates (LP 1694159) |
1900 | + - d/t/control, d/t/smoke-qemu-session: fixup smoke-qemu-session by making |
1901 | + vmlinuz available and accessible (Debian bug 848314) |
1902 | + - d/t/control, d/t/smoke-lxc: fix up lxc smoke test (Debian bug 848317) |
1903 | + - Extended handling of apparmor profiles - clear lost profiles via cron |
1904 | + - Add dnsmasq configuration to work with system wide dnsmasq (drop >18.04, |
1905 | + no more UCA onto Xenial then which has global dnsmasq by default). |
1906 | + - Reworked apparmor Delta, especially the more complex delta is dropped |
1907 | + now, also our former delta is now split into logical pieces, has |
1908 | + improved comments and is part of a continuous upstreaming effort. |
1909 | + Listing related remaining changes: |
1910 | + + d/p/0001-apparmor-Allow-pygrub-to-run-on-Debian-Ubuntu.patch: apparmor: |
1911 | + Allow pygrub to run on Debian/Ubuntu |
1912 | + + d/p/0002-apparmor-libvirt-qemu-Allow-macvtap-access.patch: apparmor, |
1913 | + libvirt-qemu: Allow macvtap access |
1914 | + + d/p/0003-apparmor-libvirt-qemu-Allow-read-access-to-overcommi.patch: |
1915 | + apparmor, libvirt-qemu: Allow read access to overcommit_memory |
1916 | + + d/p/0004-apparmor-Explicit-deny-for-setpcap.patch: apparmor: Explicit |
1917 | + deny for setpcap |
1918 | + + d/p/0005-apparmor-libvirt-qemu-Allow-use-of-sgabios.patch: apparmor, |
1919 | + libvirt-qemu: Allow use of sgabios |
1920 | + + d/p/0006-apparmor-libvirt-qemu-Silence-lttng-related-deny-mes.patch: |
1921 | + apparmor, libvirt-qemu: Silence lttng related deny messages |
1922 | + + d/p/0007-apparmor-libvirt-qemu-Allow-owner-read-access-to-PRO.patch: |
1923 | + apparmor, libvirt-qemu: Allow owner read access to @{PROC}/*/auxv |
1924 | + + d/p/0008-apparmor-libvirt-qemu-Allow-read-access-to-sysfs-sys.patch: |
1925 | + apparmor, libvirt-qemu: Allow read access to sysfs system info |
1926 | + + d/p/0009-apparmor-libvirt-qemu-Allow-read-access-to-max_mem_r.patch: |
1927 | + apparmor, libvirt-qemu: Allow read access to max_mem_regions |
1928 | + + d/p/0010-apparmor-libvirt-qemu-Allow-qemu-block-extra-librari.patch: |
1929 | + apparmor, libvirt-qemu: Allow qemu-block-extra libraries |
1930 | + + d/p/0011-apparmor-libvirt-qemu-Allow-access-to-hugepage-mount.patch: |
1931 | + apparmor, libvirt-qemu: Allow access to hugepage mounts |
1932 | + + d/p/0012-apparmor-libvirtd-Allow-access-to-netlink-sockets.patch: |
1933 | + apparmor, libvirtd: Allow access to netlink sockets |
1934 | + + d/p/0013-apparmor-Add-rules-for-mediation-support.patch: |
1935 | + apparmor: Add rules for mediation support |
1936 | + + d/p/0014-apparmor-virt-aa-helper-Improve-comment-about-backin.patch: |
1937 | + apparmor, virt-aa-helper: Improve comment about backing store |
1938 | + + d/p/0015-apparmor-virt-aa-helper-Allow-access-to-ecryptfs-fil.patch: |
1939 | + apparmor, virt-aa-helper: Allow access to ecryptfs files |
1940 | + + d/p/0016-apparmor-libvirtd-Allow-ixr-to-var-lib-libvirt-virtd.patch: |
1941 | + apparmor, libvirtd: Allow ixr to /var/lib/libvirt/virtd* |
1942 | + + d/p/0017-apparmor-virt-aa-helper-Allow-access-to-tmp-director.patch: |
1943 | + apparmor, virt-aa-helper: Allow access to tmp directories |
1944 | + + d/p/0018-apparmor-virt-aa-helper-Add-ipv6-network-policy.patch: |
1945 | + apparmor, virt-aa-helper: Add ipv6 network policy |
1946 | + + d/p/0019-apparmor-virt-aa-helper-Allow-access-to-sys-bus-usb-.patch: |
1947 | + apparmor, virt-aa-helper: Allow access to /sys/bus/usb/devices |
1948 | + + d/p/0020-apparmor-virt-aa-helper-Allow-various-storage-pools-.patch: |
1949 | + apparmor, virt-aa-helper: Allow various storage pools and image |
1950 | + locations |
1951 | + + d/p/0021-apparmor-virt-aa-helper-Add-openvswitch-support.patch: |
1952 | + apparmor, virt-aa-helper: Add openvswitch support |
1953 | + + d/p/0022-apparmor-drop-references-to-qemu-kvm.patch: apparmor: drop |
1954 | + references to qemu-kvm |
1955 | + + d/p/0023-apparmor-qemu-won-t-call-qemu-nbd.patch: apparmor: qemu |
1956 | + won't call qemu-nbd |
1957 | + + d/p/0024-apparmor-virt-aa-helper-Allow-access-to-name-service.patch: |
1958 | + apparmor, virt-aa-helper: Allow access to name services |
1959 | + + d/p/0025-apparmor-fix-newer-virt-manager-1.4.0.patch: Add Apparmor |
1960 | + permissions so virt-manager 1.4.0 viewing works (LP 1668681). |
1961 | + + d/p/0026-apparmor-add-generic-base-vfio-device.patch: apparmor: add |
1962 | + /dev/vfio for vf (hot) attach (LP 1680384). |
1963 | + + d/p/0027-apparmor-allow-reading-cmdline-of-shutdown-signal.patch: |
1964 | + apparmor: allow to parse cmdline of the pid that send the shutdown |
1965 | + signal (LP 1680384). |
1966 | + + (28 is a new patch, listed in added changes) |
1967 | + + d/p/0029-appmor-libvirt-qemu-Add-9p-support.patch: appmor, |
1968 | + libvirt-qemu: Add 9p support |
1969 | + + d/p/0030-virt-aa-helper-Complete-9p-support.patch: virt-aa-helper: |
1970 | + add l to 9p file options. |
1971 | + + d/p/0031-virt-aa-helper-Ask-for-no-deny-rule-for-readonly-dis.patch: |
1972 | + virt-aa-helper: Ask for no deny rule for readonly disk (renamed and |
1973 | + reworded, was virt-aa-helper-no-explicity-deny-for-basefiles.patch) |
1974 | + + d/p/0032-apparmor-libvirt-qemu-Allow-reading-charm-specific-c.patch: |
1975 | + apparmor, libvirt-qemu: Allow reading charm-specific ceph config |
1976 | + + d/p/0033-UBUNTU-only-apparmor-for-kvm.powerpc-LP-1680384.patch: allow |
1977 | + commands executed by ubuntu only kvm wrapper on ppc64el (LP 1686621). |
1978 | + + d/p/0034-apparmor-virt-aa-helper-access-for-snapped-nova.patch: |
1979 | + apparmor, virt-aa-helper: access for snapped nova |
1980 | + - remaining but updated to match the latest release |
1981 | + + d/p/Disable-use-of-namespaces-by-default.patch (Debian change) |
1982 | + + d/p/Reduce-udevadm-settle-timeout-to-10-seconds.patch (Debian change) |
1983 | + + d/p/debian/apparmor_profiles_local_include.patch Include local |
1984 | + apparmor profile (Debian change) |
1985 | + + d/p/ubuntu/ubuntu_machine_type.patch: accept ubuntu types as pci440fx |
1986 | + + d/test/smoke-lxc workaround for debbug 848317/867379 |
1987 | + * Dropped Changes (Upstream): |
1988 | + - Add missing apparmor rule for debug-threads feature (LP 1615550). |
1989 | + - Add new block device types to virt-aa-helpers profile (LP 1641618) |
1990 | + - d/p/ubuntu/storage-default-permission-mode-to-0711: safer default perms |
1991 | + for storage dirs like /var/lib/libvirt/images. |
1992 | + - d/p/ubuntu/libvirtd-service-nolimit.patch: remove proc/file/task limits |
1993 | + to support huge systems. |
1994 | + - d/p/ubuntu/libvirtd-service-set-notifyaccess.patch: set NotifyAccess=all |
1995 | + in libvirtd.service (-d not allowed to be specified, everything else |
1996 | + upstream so drop delta; LP 1574566). |
1997 | + - d/p/ubuntu/qemu_process-spice-don-t-release-used-port.patch: qemu_process |
1998 | + spice: don't release used port (LP 1697729). |
1999 | + - d/p/ubuntu/virsh-maxvcpu-fall-back-to-old-command.patch: virsh: maxvcpus: |
2000 | + Always fall back to the old command if domain caps fail (LP 1674298) |
2001 | + - d/p/ubuntu/qemu-Allow-empty-script-path-to-interface.patch: in the past |
2002 | + it was possible to have <script path=''/> which now fails - fix to match |
2003 | + the old behavior (LP 1665698) |
2004 | + - Reworked apparmor Delta and started upstreaming, listing related |
2005 | + changes dropped: |
2006 | + + Apparmor feature parsing to depend on new apparmor features which |
2007 | + appear in different versions across distributions (no more needed |
2008 | + >=Xenial, allows to now separate changes and upstream more easily). |
2009 | + + d/p/ubuntu/Ensure-disk-names-follow-the-disk-name-regex.patch: |
2010 | + guarantee disk spec is following the defined regex (LP 1665410). |
2011 | + + d/p/ubuntu/virt-aa-helper-add-guest-agent-rule.patch: add |
2012 | + virt-aa-helper rule allowing all private channel access. |
2013 | + + d/p/ubuntu/virt-aa-helper-apparmor-allow-usr-share-AAVMF-too.patch: |
2014 | + virt-aa-helper to allow access to aarch64 UEFI images. |
2015 | + + d/rules, apparmor: include and install local apparmor profiles (This |
2016 | + is now done by dh_apparmor automatically) |
2017 | + + add local apparmor override templates (provided by dh_apparmor now) |
2018 | + + Fix name resolution calls from virt-aa-helper profile (LP 1546674). |
2019 | + + virt-aa-helper, apparmor: allow /usr/share/OVMF/ too |
2020 | + + virt-aa-helper: Generalize test for firmware paths |
2021 | + + apparmor, virt-aa-helper: Allow aarch64 UEFI. |
2022 | + + apparmor, libvirt-qemu: Add ppc64el related changes |
2023 | + + apparmor, libvirtd: Allow libxl-save-helper to run on Debian/Ubuntu |
2024 | + + apparmor, libvirt-qemu: Allow access to ceph config |
2025 | + + apparmor, libvirt-qemu: Allow access to certificates used by libvirt-vnc |
2026 | + + apparmor, virt-aa-helper: Explicit denies for host devices |
2027 | + + apparmor, virt-aa-helper: Allow access to libnl-3 config files |
2028 | + + apparmor, libvirt-qemu: allow access to pt_chown for pty consoles |
2029 | + * Dropped Changes (In Debian): |
2030 | + - d/rules: debhelper start virtlogd.socket |
2031 | + - d/p/ubuntu/Debianize-virtlogd-service.patch: Adapt config file location |
2032 | + for Debian based systems. |
2033 | + - Additional debian/bug-presubj |
2034 | + - Extended handling of apparmor profiles - reload and remove in maintainer |
2035 | + scripts (dh_apparmor* now generate these snippets) |
2036 | + * Dropped Changes (no SysV anymore): |
2037 | + - Add sysvinit script for virtlockd |
2038 | + - Wait on socket in sysvinit script |
2039 | + - d/rules: dh_installinit virtlockd (was part of "Cleanup systemd |
2040 | + debhelper" |
2041 | + - d/p/ubuntu/Debianize-virtlockd-init.patch: Fix default config path in |
2042 | + virtlockd.init for Debian based systems. |
2043 | + * Dropped Changes (other reasons): |
2044 | + - d/p/ubuntu/dnsmasq-as-priv-user: configuration to run as extra user |
2045 | + This used group libvirt instead of nobody which makes it worse; Needs |
2046 | + to be fixed upstream (LP: #1690729). |
2047 | + + d/p/ubuntu/disable-network-test.patch: disable test failing due to |
2048 | + dnsmasq changes. |
2049 | + - Add .gitignore for .pc |
2050 | + - we keep lxc support as Debian does, but stop adding delta. It feels |
2051 | + somewhat less maintained than e.g. libvirt for qemu. Also for secure |
2052 | + and comfortable container management lxd is clearly preferred. The |
2053 | + delta caused more issues than it solved so deliver libvirt-lxc as-is |
2054 | + and drop the related delta. |
2055 | + + d/p/ubuntu/9031-enable-lxc-apparmor: enable apparmor confinement of |
2056 | + containers by default. |
2057 | + + d/p/ubuntu/9032-lxc-allow-no-security-driver: allow empty sec driver |
2058 | + for libvirt-lxc. |
2059 | + - The following xen changes are no more required with current versions |
2060 | + + d/p/ubuntu/ubuntu-libxl-hvmloader-path.patch: Fallback for libxl |
2061 | + xen paths (LP 1459603) |
2062 | + + d/p/ubuntu/ubuntu-libxl-qemu-path.patch: this change was split. The |
2063 | + section about compat to the very old qemu-dm name is no more needed. |
2064 | + + d/p/ubuntu/libxl-fix-test-data.patch and |
2065 | + d/p/ubuntu/fix-xen-xml-in-tests.patch: updated and unified into the |
2066 | + former one + also updated the maintainer notes to ease updating. |
2067 | + + d/p/ubuntu/libxl-no-dm-check.patch: Stop calling emulator to identify |
2068 | + device-model |
2069 | + * Added Changes: |
2070 | + - d/p/0028-apparmor-add-default-pki-path-of-lbvirt-spice.patch: |
2071 | + apparmor: add default pki path of lbvirt-spice (LP: #1690140) |
2072 | + - conffile handling of files dropped in 3.5 (can be dropped >18.04) |
2073 | + + /etc/init.d/virtlockd was sysv init only |
2074 | + + /etc/apparmor.d/local/usr.sbin.libvirtd and |
2075 | + /etc/apparmor.d/local/usr.lib.libvirt.virt-aa-helper are now generated |
2076 | + by dh_apparmor as needed |
2077 | + - d/p/ubuntu/fix-libxl-default-driver-name.patch: avoid an issue with |
2078 | + default driver entries missing name='qemu'. |
2079 | + |
2080 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 06 Jul 2017 15:43:17 +0200 |
2081 | + |
2082 | libvirt (3.5.0-1) unstable; urgency=medium |
2083 | |
2084 | [ Guido Günther ] |
2085 | @@ -909,6 +2936,233 @@ libvirt (3.0.0-1) experimental; urgency=medium |
2086 | |
2087 | -- Guido Günther <agx@sigxcpu.org> Thu, 19 Jan 2017 18:51:18 +0100 |
2088 | |
2089 | +libvirt (2.5.0-3ubuntu10) artful; urgency=medium |
2090 | + |
2091 | + * d/p/ubuntu/0004-apparmor-apply-ubuntu-delta.patch: Allow access to base |
2092 | + images and snapshots stored in nova-hypervisor snap's $SNAP_COMMON |
2093 | + directory, enabling use of the libvirt deb from the nova-hypervisor |
2094 | + snap (LP: #1644507). |
2095 | + |
2096 | + -- Corey Bryant <corey.bryant@canonical.com> Thu, 22 Jun 2017 14:29:39 -0400 |
2097 | + |
2098 | +libvirt (2.5.0-3ubuntu9) artful; urgency=medium |
2099 | + |
2100 | + * d/p/ubuntu/qemu_process-spice-don-t-release-used-port.patch: qemu_process |
2101 | + spice: don't release used port (LP: #1697729) - upstream in libvirt 3.1. |
2102 | + |
2103 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 14 Jun 2017 14:49:16 +0200 |
2104 | + |
2105 | +libvirt (2.5.0-3ubuntu8) artful; urgency=medium |
2106 | + |
2107 | + * fix conffile upgrade handling to avoid obsolete files |
2108 | + and inactive duplicates (LP: #1694159) |
2109 | + - d/libvirt-daemon-system.maintscript: revert to Debian content |
2110 | + - d/libvirt-bin.maintscript: add missing rm_conffile related to |
2111 | + dropping upstart. |
2112 | + - d/libvirt-bin.maintscript: add missing rm of conffiles due |
2113 | + to re-aligning with debian package names since yakkety. |
2114 | + - d/libvirt-bin.maintscript: for LTS->LTS upgraders try to move and retain |
2115 | + custom changes. |
2116 | + - d/libvirt-bin.maintscript: for upgraders from yakkety or later remove |
2117 | + the (now duplicate) conffiles, but retain custom changes in backups if |
2118 | + they exist |
2119 | + - d/libvirt-bin.preinst: drop manual mv of conffiles which lacked |
2120 | + retaining changes and upgrade-abort handling. |
2121 | + - d/libvirt-bin.preinst: handle upgrades up to the latest predecessor |
2122 | + possible before yakkety. |
2123 | + - d/libvirt-bin.preinst: fixup the combination of rm+mv conffile in case |
2124 | + the package is upgrading from pre yakkety. |
2125 | + - d/libvirt-daemon-system.postinst: clean up old dnsmasq enablement symlink |
2126 | + if unmodified. |
2127 | + |
2128 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 31 May 2017 14:29:51 +0200 |
2129 | + |
2130 | +libvirt (2.5.0-3ubuntu7) artful; urgency=medium |
2131 | + |
2132 | + * debian/patches/ubuntu/apparmor-ppcwrapper.patch: update to add missing |
2133 | + colon (LP: #1686621). |
2134 | + |
2135 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 27 Apr 2017 13:16:05 +0200 |
2136 | + |
2137 | +libvirt (2.5.0-3ubuntu6) artful; urgency=medium |
2138 | + |
2139 | + * Add missing apparmor profile entries (LP: #1680384) |
2140 | + - debian/patches/ubuntu/apparmor-vfio.patch: apparmor: add /dev/vfio |
2141 | + for vf (hot) attach |
2142 | + - debian/patches/ubuntu/apparmor-ppcwrapper.patch: apparmor: allow |
2143 | + extra tools executed by kvm.powerpc |
2144 | + - debian/patches/ubuntu/apparmor-shutdown.patch: apparmor: allow to |
2145 | + parse cmdline of the pid that send the shutdown signal |
2146 | + |
2147 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 25 Apr 2017 14:10:06 +0200 |
2148 | + |
2149 | +libvirt (2.5.0-3ubuntu5) zesty; urgency=medium |
2150 | + |
2151 | + * d/p/ubuntu/virsh-maxvcpu-fall-back-to-old-command.patch: virsh: maxvcpus: |
2152 | + Always fall back to the old command if domain caps fail (LP: #1674298) |
2153 | + |
2154 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 21 Mar 2017 08:02:37 +0100 |
2155 | + |
2156 | +libvirt (2.5.0-3ubuntu4) zesty; urgency=medium |
2157 | + |
2158 | + * d/p/ubuntu/qemu-Allow-empty-script-path-to-interface.patch: in the past |
2159 | + it was possible to have <script path=''/> which now fails - fix to match |
2160 | + the old behavior (LP: #1665698) |
2161 | + |
2162 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 10 Mar 2017 08:57:18 +0100 |
2163 | + |
2164 | +libvirt (2.5.0-3ubuntu3) zesty; urgency=medium |
2165 | + |
2166 | + [ Christian Ehrhardt ] |
2167 | + * d/p/ubuntu/Ensure-disk-names-follow-the-disk-name-regex.patch: |
2168 | + guarantee disk spec is following the defined regex (LP: #1665410). |
2169 | + |
2170 | + [ Bryan Quigley ] |
2171 | + * d/p/ubuntu/0007-apparmor-fix-for-new-virt-manager.patch: Add Apparmor |
2172 | + permissions so virt-manager 1.4.0 viewing works (LP: #1668681). |
2173 | + |
2174 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 06 Mar 2017 08:24:06 +0100 |
2175 | + |
2176 | +libvirt (2.5.0-3ubuntu2) zesty; urgency=medium |
2177 | + |
2178 | + * No-change rebuild to build against Xen-4.8 libs. |
2179 | + |
2180 | + -- Stefan Bader <stefan.bader@canonical.com> Thu, 26 Jan 2017 14:19:03 +0100 |
2181 | + |
2182 | +libvirt (2.5.0-3ubuntu1) zesty; urgency=medium |
2183 | + |
2184 | + * Merged with Debian unstable |
2185 | + - this picks up a fix for migrations using NFS mounts (LP: #1637601). |
2186 | + * Remaining changes: |
2187 | + - Disable sheepdog (universe dependency) |
2188 | + - Disable libssh2 support (universe dependency) |
2189 | + - Disable firewalld support (universe dependency) |
2190 | + - Disable selinux |
2191 | + - Enable esx support |
2192 | + - Add build-dep to libcurl4-gnutls-dev (required for esx) |
2193 | + - Set qemu-group to kvm (for compat with older ubuntu) |
2194 | + - Added changes to use the upstream apparmor profiles with added |
2195 | + delta (configurable via apparmor profiles version). |
2196 | + * d/p/u/000[1-6]-apparmor-* |
2197 | + - Regularly clear AppArmor profiles for vms that no longer exist |
2198 | + - Fix name resolution calls from virt-aa-helper profile (LP 1546674). |
2199 | + - Add missing apparmor rule for debug-threads feature (LP 1615550). |
2200 | + - Add new block device types to virt-aa-helpers profile (LP 1641618) |
2201 | + - Additional apport package-hook |
2202 | + - d/rules: debhelper start virtlogd.socket |
2203 | + - Add sysvinit script for virtlockd |
2204 | + - Additional debian/bug-presubj |
2205 | + - Modifications to adapt for our delayed switch away from libvirt-bin (can |
2206 | + be dropped after 18.04). |
2207 | + - d/p/ubuntu/libvirtd-service-add-bin-alias.patch: alias to old |
2208 | + libvirt-bin name. |
2209 | + - d/p/ubuntu/libvirtd-init-add-bin-alias.patch: provides for the old |
2210 | + libvirt-bin name. |
2211 | + - Wait on socket in sysvinit script |
2212 | + - Backwards compatible handling of groups (can be dropped after 18.04). |
2213 | + - config details and autostart of default bridged network. Creating that is |
2214 | + now the default in general, yet our solution provides the following on |
2215 | + top as of today: |
2216 | + - nat only on some ports <port start='1024' end='65535'/> |
2217 | + - autostart the default network by default |
2218 | + - do not autostart if 192.168.122.0 is already taken (e.g. in containers) |
2219 | + - d/p/ubuntu/Allow-libvirt-group-to-access-the-socket.patch: This is |
2220 | + the group based access to libvirt functions as it was used in Ubuntu |
2221 | + for quite long. |
2222 | + - d/p/ubuntu/daemon-augeas-fix-expected.patch fix some related tests |
2223 | + due to the group access change. |
2224 | + - d/p/ubuntu/dnsmasq-as-priv-user: configuration to run as extra user |
2225 | + - d/p/ubuntu/disable-network-test.patch: disable test failing due to |
2226 | + dnsmasq changes. |
2227 | + - ubuntu/parallel-shutdown.patch: set parallel shutdown by default. |
2228 | + - d/p/ubuntu/enable-kvm-spice.patch: compat with older Ubuntu qemu/kvm |
2229 | + which provided a separate kvm-spice. |
2230 | + - d/p/ubuntu/storage-default-permission-mode-to-0711: safer default perms |
2231 | + for storage dirs like /var/lib/libvirt/images. |
2232 | + - d/p/ubuntu/storage-disable-gluster-test: gluster not enabled, skip test |
2233 | + - d/p/ubuntu/9031-enable-lxc-apparmor: enable apparmor confinement of |
2234 | + containers by default. |
2235 | + - d/p/ubuntu/9032-lxc-allow-no-security-driver: allow empty sec driver for |
2236 | + libvirt-lxc. |
2237 | + - d/p/ubuntu/ubuntu_machine_type.patch: accept ubuntu types as pci440fx |
2238 | + - d/p/ubuntu/ubuntu-libxl-qemu-path.patch: Set common qemu path to match |
2239 | + Debian/Ubuntu Xen packaging. |
2240 | + - d/p/ubuntu/ubuntu-libxl-hvmloader-path.patch: Fallback for libxl |
2241 | + xen paths (LP 1459603) |
2242 | + - d/p/ubuntu/ubuntu-libxl-Fix-up-VRAM-to-minimum-requirements.patch: auto |
2243 | + set VRAM to minimum requirements |
2244 | + - d/p/ubuntu/libxl-no-dm-check.patch: Stop calling emulator to identify |
2245 | + device-model |
2246 | + - d/p/ubuntu/xen-default-uri.patch: set default URI on xen hosts |
2247 | + - fixup tests to match packaging of Xen (mostly different paths) |
2248 | + - d/p/ubuntu/libxl-fix-test-data.patch |
2249 | + - d/p/ubuntu/fix-xen-xml-in-tests.patch |
2250 | + - d/p/ubuntu/Debianize-virtlogd-service.patch: Adapt config file location |
2251 | + for Debian based systems. |
2252 | + - d/p/ubuntu/Debianize-virtlockd-init.patch: Fix default config path in |
2253 | + virtlockd.init for Debian based systems. |
2254 | + - d/p/ubuntu/9034-complete-9p-support: virt-aa-helper: add l to 9p file |
2255 | + options. |
2256 | + - d/p/ubuntu/parallel-shutdown.patch: shut guests down in parallel |
2257 | + - d/p/ubuntu/virt-aa-helper-no-explicity-deny-for-basefiles.patch: ask for |
2258 | + no deny rule for readonly disk elements. |
2259 | + - d/p/ubuntu/virt-aa-helper-add-guest-agent-rule.patch: add virt-aa-helper |
2260 | + rule allowing all private channel access |
2261 | + - d/p/ubuntu/libvirtd-service-nolimit.patch: remove proc/file/task limits |
2262 | + to support huge systems. |
2263 | + - d/p/ubuntu/virt-aa-helper-apparmor-allow-usr-share-AAVMF-too.patch: |
2264 | + virt-aa-helper to allow access to aarch64 UEFI images. |
2265 | + - d/p/ubuntu/libvirtd-service-set-notifyaccess.patch: set NotifyAccess=all |
2266 | + in libvirtd.service (LP 1574566). |
2267 | + - d/p/ubuntu/apibuild-skip-libvirt-common.h: drop libvirt-common.h from |
2268 | + included_files to avoid build failures due to duplicate definitions. |
2269 | + - Update README.Debian with Ubuntu changes |
2270 | + - Convert libvirt0, libnss_libvirt and libvirt-dev to multi-arch. |
2271 | + - Add libxl log directory |
2272 | + - Enable some additional features on ppc64el and s390x (for arch parity) |
2273 | + - systemtap, zfs, numa and numad on s390x. |
2274 | + - systemtap on ppc64el. |
2275 | + * Dropped Changes: |
2276 | + - Build depend on gnutls >= 3.5.6-4ubuntu2 (no > 3.5.6 && < 3.5.6-4ubuntu2 |
2277 | + in any release left) |
2278 | + - Fix parsing non apparmor labels LP:#1633207 (upstream in libvirt 2.5) |
2279 | + - Ignore newlines in guest list (upstream in libvirt 2.4) |
2280 | + - Avoid migration postcopy issues by ensuring valid commands (upstream in |
2281 | + libvirt 2.5) |
2282 | + - Enable numa for arm64 (in Debian) |
2283 | + - Fix libvirt start failure when security_driver set (upstream in libvirt |
2284 | + 2.2) |
2285 | + - virt-aa-helper: Fix upstream implementation of no explicit deny rule |
2286 | + (upstream in libvirt 2.3) |
2287 | + - Some useless whitespace damage and no more applicable comments |
2288 | + - The following patches were part of the Delta but not the series file. |
2289 | + So they had no effect and can be dropped now: |
2290 | + - ubuntu/9036-util-prepare-uri-for-libxml2-2.9.2.patch |
2291 | + - ubuntu/Disable-failing-virnetsockettest.patch |
2292 | + - ubuntu/dont-include-non-migrateable-features-in-host-model |
2293 | + - ubuntu/upstream-libxl-Allow-libxl-to-find-pygrub-binary.patch |
2294 | + - See the 2.1.0-1ubuntu15 and 2.1.0-1ubuntu16 changelogs for related |
2295 | + pre-merge drops |
2296 | + - Add build-dep to libxml-libxml-perl (no more needed) |
2297 | + - apparmor double add /usr/bin/qemu-sparc64 rmix (no function anymore) |
2298 | + - apparmor /usr/{lib,lib64}/qemu/block-*.so (in Debian) |
2299 | + - apparmor moving /bin/bash rmix in profile (drop non functional delta) |
2300 | + - follow Debians style of block-*.so rules for block-extra (drop our |
2301 | + functionally equivalent adding/moving of rules) |
2302 | + - follow Debians style of lib/lib64 rules (drop a lot of our functional |
2303 | + functionally equivalent adding/moving of rules) |
2304 | + - accept Upstream style to handle libvirt_iohelper and libvirt_parthelper |
2305 | + (stop removing the two rules without an associated bug to reduce delta) |
2306 | + - Disabling dep8 smoke tests |
2307 | + * Added Changes: |
2308 | + - d/t/control, d/t/smoke-qemu-session: fixup smoke-qemu-session by making |
2309 | + vmlinuz available and accessible (in discussed with Debian in debbug |
2310 | + 848314) |
2311 | + - d/t/control, d/t/smoke-lxc: fix up lxc smoke test (in discussed with |
2312 | + Debian in debbug 848317) |
2313 | + |
2314 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 03 Jan 2017 13:58:30 +0100 |
2315 | + |
2316 | libvirt (2.5.0-3) unstable; urgency=medium |
2317 | |
2318 | * [ba9fcb8] Invoke db_stop. |
2319 | @@ -1057,6 +3311,192 @@ libvirt (2.1.0-2) unstable; urgency=medium |
2320 | |
2321 | -- Guido Günther <agx@sigxcpu.org> Fri, 19 Aug 2016 10:22:22 +0200 |
2322 | |
2323 | +libvirt (2.1.0-1ubuntu16) zesty; urgency=medium |
2324 | + |
2325 | + * Ensure d/p/ubuntu/9002-default_uri_virsh_to_system.patch is |
2326 | + dropped as intended. |
2327 | + * Re-Add d/p/ubuntu/apibuild-skip-libvirt-common.h for an issue that |
2328 | + transiently occurs on LP builds (real trigger not yet identified, so it |
2329 | + can't be upstreamed). |
2330 | + |
2331 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 14 Dec 2016 09:30:58 +0100 |
2332 | + |
2333 | +libvirt (2.1.0-1ubuntu15) zesty; urgency=medium |
2334 | + |
2335 | + * Cleanup Ubuntu Delta prior to next libvirt merge |
2336 | + - drop obsolte patches: |
2337 | + d/p/ubuntu/cgroups-ignore-systemd-failure, |
2338 | + d/p/ubuntu/ubuntu-skip-virstoragetest, |
2339 | + d/p/ubuntu/9021-fix-uint64_t.patch, |
2340 | + ubuntu/Disable-failing-virnetsockettest.patch (was only comment), |
2341 | + d/p/ubuntu/9002-default_uri_virsh_to_system.patch, |
2342 | + d/p/ubuntu/ubuntu-xend-probe.patch |
2343 | + - clarify dep3 headers to be more useful: |
2344 | + d/p/ubuntu/Allow-libvirt-group-to-access-the-socket.patch, |
2345 | + d/p/ubuntu/daemon-augeas-fix-expected.patch, |
2346 | + d/p/ubuntu/enable-kvm-spice.patch, |
2347 | + d/p/ubuntu/dnsmasq-as-priv-user, |
2348 | + d/p/ubuntu/disable-network-test.patch |
2349 | + - split patch containing unrelated changes into two patches, so parts of |
2350 | + d/p/ubuntu/storage-default-permission-mode-to-0711 moved into |
2351 | + d/p/ubuntu/storage-disable-gluster-test |
2352 | + |
2353 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 12 Dec 2016 11:59:59 +0100 |
2354 | + |
2355 | +libvirt (2.1.0-1ubuntu14) zesty; urgency=medium |
2356 | + |
2357 | + * d/p/u/apparmor-fix-name-resolution.patch rework the fix to base |
2358 | + on the apparmor nameservice abstraction to be future proof (LP: #1546674). |
2359 | + * d/p/ubuntu/apparmor-fix-new-devicetypes.patch add new block device types to |
2360 | + virt-aa-helpers profile (LP: #1641618) |
2361 | + * d/p/u/apparmor-fix-other-seclabels.patch refresh to the now upstream |
2362 | + accepted solution (LP: #1633207). |
2363 | + |
2364 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 24 Nov 2016 08:06:38 +0100 |
2365 | + |
2366 | +libvirt (2.1.0-1ubuntu13) zesty; urgency=medium |
2367 | + |
2368 | + * drop d/p/ubuntu/fix-ftbfs-for-gnutls-3-5-6.patch as the offending change |
2369 | + in gnutls has been reverted (LP: #1641615) |
2370 | + * Build depend on gnutls >= 3.5.6-4ubuntu2 to build after the gnutls fix |
2371 | + migrated |
2372 | + |
2373 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 17 Nov 2016 08:43:10 +0100 |
2374 | + |
2375 | +libvirt (2.1.0-1ubuntu12) zesty; urgency=medium |
2376 | + |
2377 | + * d/p/ubuntu/fix-ftbfs-for-gnutls-3-5-6.patch fix FTBFS due to changes in |
2378 | + gnutls that affected the ordering on certificate DN entries (LP: #1641615) |
2379 | + * Revert "Fix FTBFS on zesty due to issues with concurrent make check" as it |
2380 | + was not the right solution. |
2381 | + |
2382 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 16 Nov 2016 14:52:17 +0100 |
2383 | + |
2384 | +libvirt (2.1.0-1ubuntu11) zesty; urgency=medium |
2385 | + |
2386 | + * Fix FTBFS on zesty due to issues with concurrent make check (LP: #1641615) |
2387 | + |
2388 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 15 Nov 2016 14:45:52 +0100 |
2389 | + |
2390 | +libvirt (2.1.0-1ubuntu10) zesty; urgency=medium |
2391 | + |
2392 | + [Simon Déziel] |
2393 | + * d/p/u/apparmor-fix-name-resolution.patch adds missing rules for name |
2394 | + resolution to virt-aa-helper Apparmor profile (LP: #1546674). |
2395 | + * d/p/u/apparmor-fix-debug-threads.patch adds missing rule for debug-threads |
2396 | + feature that is now default enabled to Apparmor profile (LP: #1615550). |
2397 | + |
2398 | + [Christian Ehrhardt] |
2399 | + * d/p/u/apparmor-fix-other-seclabels.patch fixes an issue parsing non |
2400 | + apparmor security labels (LP: #1633207). |
2401 | + |
2402 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 24 Oct 2016 14:21:36 +0200 |
2403 | + |
2404 | +libvirt (2.1.0-1ubuntu9) yakkety; urgency=medium |
2405 | + |
2406 | + * Fix libvirt-guest.sh to handle multiple guests (LP: #1591695). |
2407 | + |
2408 | + -- Stefan Bader <stefan.bader@canonical.com> Thu, 06 Oct 2016 12:14:05 +0200 |
2409 | + |
2410 | +libvirt (2.1.0-1ubuntu8) yakkety; urgency=medium |
2411 | + |
2412 | + [ Christian Ehrhardt ] |
2413 | + |
2414 | + * avoid migration postcopy issues by ensuring valid commands (LP: #1620906) |
2415 | + - d/p/ubuntu/check-live-for-postcopy.patch Check for --live flag for |
2416 | + postcopy-after-precopy migration. |
2417 | + - d/p/ubuntu/make-postcopy-mandatory-for-postcopy-after-precopy.patch to |
2418 | + |
2419 | + [ Stefan Bader ] |
2420 | + |
2421 | + * Fix Xenial to Yakkety migration from libvirt-bin.service to |
2422 | + libvirtd.service (LP: #1627969). |
2423 | + * Update Vcs-Git and Vcs-Browser fields to point to launchpad |
2424 | + (LP: #1629210) |
2425 | + |
2426 | + [ Dann Frazier ] |
2427 | + |
2428 | + * Fix FTBS in Yakkety due to missing python dependency (LP: #1629041) |
2429 | + |
2430 | + -- Stefan Bader <stefan.bader@canonical.com> Fri, 30 Sep 2016 10:11:30 +0200 |
2431 | + |
2432 | +libvirt (2.1.0-1ubuntu7) yakkety; urgency=medium |
2433 | + |
2434 | + * Enable NUMA support in arm64 builds (LP: #1627926). |
2435 | + |
2436 | + -- dann frazier <dannf@ubuntu.com> Mon, 26 Sep 2016 23:36:24 -0600 |
2437 | + |
2438 | +libvirt (2.1.0-1ubuntu6) yakkety; urgency=medium |
2439 | + |
2440 | + * No-change rebuild for readline soname change. |
2441 | + |
2442 | + -- Matthias Klose <doko@ubuntu.com> Sat, 17 Sep 2016 12:05:33 +0000 |
2443 | + |
2444 | +libvirt (2.1.0-1ubuntu5) yakkety; urgency=medium |
2445 | + |
2446 | + [ Jon Grimm ] |
2447 | + |
2448 | + * Fix libvirt start failure when security_driver set (LP: #1618592) |
2449 | + - qemu: fix qemu.conf security_driver |
2450 | + |
2451 | + -- Stefan Bader <stefan.bader@canonical.com> Thu, 08 Sep 2016 14:11:47 +0200 |
2452 | + |
2453 | +libvirt (2.1.0-1ubuntu4) yakkety; urgency=medium |
2454 | + |
2455 | + * Enable systemtap, zfs, numa on s390x. |
2456 | + * Enable systemtap on ppc64el. |
2457 | + |
2458 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Wed, 24 Aug 2016 13:21:29 +0100 |
2459 | + |
2460 | +libvirt (2.1.0-1ubuntu3) yakkety; urgency=low |
2461 | + |
2462 | + * Really fix the ADT regression and not only the changelog due |
2463 | + to somehow ending up on the wrong git branch. |
2464 | + |
2465 | + -- Stefan Bader <stefan.bader@canonical.com> Wed, 17 Aug 2016 18:31:01 +0200 |
2466 | + |
2467 | +libvirt (2.1.0-1ubuntu2) yakkety; urgency=low |
2468 | + |
2469 | + * Fix ADT build-test regression(s) |
2470 | + |
2471 | + -- Stefan Bader <stefan.bader@canonical.com> Wed, 17 Aug 2016 15:18:38 +0200 |
2472 | + |
2473 | +libvirt (2.1.0-1ubuntu1) yakkety; urgency=low |
2474 | + |
2475 | + * Merged with Debian testing. Remaining changes: |
2476 | + - Added changes to use the upstream apparmor profiles with added |
2477 | + delta (configurable via apparmor profiles version). |
2478 | + * d/p/u/0001-apparmor-add-feature-parsing.patch |
2479 | + * d/p/u/0002-apparmor-apply-ubuntu-delta.patch |
2480 | + * d/p/u/0003-apparmor-debian-ubuntu-delta.patch |
2481 | + * d/p/u/0004-apparmor-ubuntu-delta.patch |
2482 | + - Avoiding dependency on sheepdog |
2483 | + - Additional apport package-hook |
2484 | + - Additional dnsmasq configuration |
2485 | + - Additional profile.d script to set default URI |
2486 | + - Additional debian/bug-presubj |
2487 | + - d/rules: debhelper start virtlogd.socket not virtlockd.service |
2488 | + - Modifications to adapt for our delayed switch away from libvirt-bin. |
2489 | + - Wait on socket in sysvinit script |
2490 | + - Backwards compatible handling of groups and default bridged network |
2491 | + creation. |
2492 | + - Extended handling of apparmor profiles |
2493 | + - Convert libvirt0 and libvirt-dev to multi-arch. |
2494 | + - Added a fix for the upstream version of adding better write denials |
2495 | + handling to virt-aa-helper. |
2496 | + - Convert libnss_libvirt to multi-arch and fix up source location that |
2497 | + changed when making libvirt0 multi-arch. |
2498 | + - Dropped |
2499 | + * upstart script for libvirtd |
2500 | + * d/p/lp1588841-000[123]-* (upstream) |
2501 | + * d/p/u/qemu-Add-virQEMUCapsSupportsGICVersion.patch (upstream) |
2502 | + * d/p/u/qemu-Automatically-choose-usable-GIC-version.patch (upstream) |
2503 | + * d/p/u/docs-remove-xpath.patch (xpath removed upstream) |
2504 | + * d/p/u/preup-virt-aa-helper-better-write-denials-handling.patch (upstr.) |
2505 | + * d/p/u/ubuntu/virt-aa-helper-helpfix.patch (upstream) |
2506 | + |
2507 | + -- Stefan Bader <stefan.bader@canonical.com> Wed, 13 Jul 2016 13:12:36 +0200 |
2508 | + |
2509 | libvirt (2.1.0-1) unstable; urgency=medium |
2510 | |
2511 | * Upload to unstable |
2512 | @@ -1126,6 +3566,103 @@ libvirt (1.3.5~rc1-1) experimental; urgency=medium |
2513 | |
2514 | -- Guido Günther <agx@sigxcpu.org> Mon, 30 May 2016 22:00:33 +0200 |
2515 | |
2516 | +libvirt (1.3.4-1ubuntu6) yakkety; urgency=low |
2517 | + |
2518 | + * Fix libvirtd crashing on libxl domain restore (LP: #1588841). |
2519 | + Patches cherry-picked from upsream libvirt git tree. |
2520 | + - libxl: switch to using libxl_domain_create_restore from v4.4 API |
2521 | + - libxl: support Xen migration stream V2 in save/restore |
2522 | + - libxl: support migration stream V2 in migration |
2523 | + |
2524 | + -- Stefan Bader <stefan.bader@canonical.com> Wed, 08 Jun 2016 14:17:23 +0200 |
2525 | + |
2526 | +libvirt (1.3.4-1ubuntu5) yakkety; urgency=low |
2527 | + |
2528 | + * Update the correct apparmor profiles to allow AAVMF and qemu-efi |
2529 | + firmware for aarch64 (1538882) |
2530 | + * Clean up / refresh various patches to finalize switch from libvirt-bin |
2531 | + to libvirtd as service name. |
2532 | + Drop: d/p/ubuntu/libvirt-bin-service-libvirtd-alias.patch |
2533 | + Refresh+Rename: d/p/ubuntu/libvirt-bin-service-set-notifyaccess.patch -> |
2534 | + d/p/ubuntu/libvirtd-service-nolimit.patch |
2535 | + Rename: d/p/ubuntu/libvirt-bin-service-set-notifyaccess.patch -> |
2536 | + d/p/ubuntu/libvirtd-service-set-notifyaccess.patch |
2537 | + Refresh: d/p/ubuntu/libvirtd-service-add-bin-alias.patch |
2538 | + Add: d/p/ubuntu/libvirtd-init-add-bin-alias.patch |
2539 | + * Change default profile used by libvirtd.service to /etc/default/libvirtd. |
2540 | + Drop: d/p/ubuntu/switch-service-files-to-libvirt-bin.patch |
2541 | + * Drop virtlockd.service from dh_systemd_start in debian/rules as |
2542 | + the service is socket activated (LP: #1588006). |
2543 | + * Fix failure to enable libvirtd.service due to lingering libvirt-bin |
2544 | + alias. This could happen when the upgrade from a version prior 1.3.3-2 |
2545 | + happened before 1.3.4-1ubuntu3 (LP: #1588004). |
2546 | + |
2547 | + -- Stefan Bader <stefan.bader@canonical.com> Thu, 02 Jun 2016 14:50:27 +0200 |
2548 | + |
2549 | +libvirt (1.3.4-1ubuntu4) yakkety; urgency=medium |
2550 | + |
2551 | + * Re-enable the upstart job by renaming the file. |
2552 | + * Include patchby @guessi to continally wait for libvirtd to start when |
2553 | + using sysvinit or upstart. (LP: #1571209) |
2554 | + |
2555 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 23 May 2016 13:50:22 -0500 |
2556 | + |
2557 | +libvirt (1.3.4-1ubuntu3) yakkety; urgency=medium |
2558 | + |
2559 | + [ dann frazier ] |
2560 | + * d/p/u/qemu-Add-virQEMUCapsSupportsGICVersion.patch, |
2561 | + d/p/u/qemu-Automatically-choose-usable-GIC-version.patch: If no GIC |
2562 | + was specified for an ARM virt guest, choose a GIC version supported |
2563 | + by the host. (LP: #1566564) |
2564 | + |
2565 | + [ Serge Hallyn ] |
2566 | + * libvirt-bin.preinst: on upgrades from prior to 1.3.3-2, also remove the |
2567 | + service file for the Alias - /etc/systemd/system/libvirtd.service. |
2568 | + (LP: #1579922) |
2569 | + |
2570 | + -- dann frazier <dannf@ubuntu.com> Thu, 19 May 2016 08:57:33 -0600 |
2571 | + |
2572 | +libvirt (1.3.4-1ubuntu2) yakkety; urgency=medium |
2573 | + |
2574 | + * Include installing virtlogd.socket. (LP: #1583009) |
2575 | + |
2576 | + -- Chris J Arges <chris.j.arges@canonical.com> Wed, 18 May 2016 13:56:08 -0500 |
2577 | + |
2578 | +libvirt (1.3.4-1ubuntu1) yakkety; urgency=medium |
2579 | + |
2580 | + * Merge 1.3.4-1 from Debian unstable |
2581 | + * Drop upstream-applied patches: |
2582 | + - conf-also-mark-implicit-video-as-primary.patch |
2583 | + - libvirt-socket-fix-group |
2584 | + * Remaining changes |
2585 | + - keep libvirt-bin transitional package - until 18.10 (for lts-to-lts |
2586 | + upgrades) |
2587 | + - keep (redundant) libvirtd group if it existed on upgrade - until 18.10 |
2588 | + (for lts-to-lts upgrades) |
2589 | + - keep ubuntu-specific patches |
2590 | + - ship apport and dnsmasq files |
2591 | + - enable virbr0 |
2592 | + - ship apparmor from debian/*. We should push changes upstrema, but |
2593 | + cannot sync with debian as apparmor profiles must be processed in |
2594 | + debian/rules for cloud archive. |
2595 | + - debian/control |
2596 | + - enable zfs |
2597 | + - disable libssh2 and sheepdog |
2598 | + - add libxml-libxml-perl and libcurl4-gnutls-dev |
2599 | + - enable libnuma-dev on ppc64el (pushed to Debian) |
2600 | + - update release for conflicts/replaces on libvirt-bin to << 1.3.3-2 |
2601 | + - debian/libvirt-daemon-system.preinst: stop libvirt-bin on certain |
2602 | + upgrades. |
2603 | + - Multi-arch-ify. |
2604 | + - debian/rules: disable selinux and firewalld; use 'kvm' group; disable |
2605 | + ssh2, enable zfs and esx; process apparmor files for older releases; |
2606 | + copy dnsmasq configuration. |
2607 | + - debian/tests/control: add extra depends |
2608 | + * d/p/ubuntu/apibuild-skip-libvirt-common.h: libvirt-common.h is being |
2609 | + included twice leading to build failures - drop it temporarily. |
2610 | + |
2611 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 12 May 2016 12:50:02 -0500 |
2612 | + |
2613 | libvirt (1.3.4-1) unstable; urgency=medium |
2614 | |
2615 | * Upload to unstable |
2616 | @@ -1155,6 +3692,65 @@ libvirt (1.3.4~rc1-1) experimental; urgency=medium |
2617 | |
2618 | -- Guido Günther <agx@sigxcpu.org> Wed, 27 Apr 2016 16:51:55 +0200 |
2619 | |
2620 | +libvirt (1.3.3-2ubuntu2) yakkety; urgency=medium |
2621 | + |
2622 | + * debian/rules: fix paths when removing files which should not end up |
2623 | + in libvirt-daemon package. |
2624 | + |
2625 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 12 May 2016 13:14:17 -0500 |
2626 | + |
2627 | +libvirt (1.3.3-2ubuntu1) yakkety; urgency=medium |
2628 | + |
2629 | + * Merge 1.3.3-2 from Debian unstable |
2630 | + * Merge new packaging layout |
2631 | + - debian/control |
2632 | + * add libsanlock-dev, dtrace, systemtap-sdt-dev, librados-dev, |
2633 | + libfuse-dev, augeas-tools to Build-Depends. |
2634 | + * Drop libcgmanager-dev from Build-Depends. |
2635 | + * Add libvirt-clients, libvirt-daemon, and libvirt-daemon-system |
2636 | + packages which replace the now-virtual libvirt-bin package. |
2637 | + * Drop libvirt0-dbg (is this intential in Debian?) |
2638 | + * Add libvirt-sanlock package (this should be in universe) |
2639 | + * Switch to 'libvirt' group, keeping the same gid as 'libvirtd' |
2640 | + on upgrade. Keep libvirtd group name on upgrade in case any |
2641 | + site scripts use it. |
2642 | + * Enable dtrace |
2643 | + * Add Debian policy-kit configuration |
2644 | + * drop ubuntu/9004-libvirtd-group-name.patch as we are switching to group |
2645 | + 'libvirt' |
2646 | + * Drop obsolete migration scripts: |
2647 | + - libvirt-migrate-xend-managed-domains |
2648 | + - libvirt-migrate-qemu-disks |
2649 | + - libvirt-migrate-qemu-machinetype |
2650 | + * Remaining changes: |
2651 | + - keep libvirt-bin transitional package - until 18.10 (for lts-to-lts |
2652 | + upgrades) |
2653 | + - keep (redundant) libvirtd group if it existed on upgrade - until 18.10 |
2654 | + (for lts-to-lts upgrades) |
2655 | + - keep ubuntu-specific patches |
2656 | + - ship apport and dnsmasq files |
2657 | + - enable virbr0 |
2658 | + - ship apparmor from debian/*. We should push changes upstrema, but |
2659 | + cannot sync with debian as apparmor profiles must be processed in |
2660 | + debian/rules for cloud archive. |
2661 | + - debian/control |
2662 | + - enable zfs |
2663 | + - disable libssh2 and sheepdog |
2664 | + - add libxml-libxml-perl and libcurl4-gnutls-dev |
2665 | + - enable libnuma-dev on ppc64el (pushed to Debian) |
2666 | + - update release for conflicts/replaces on libvirt-bin to << 1.3.3-2 |
2667 | + - debian/libvirt-daemon-system.preinst: stop libvirt-bin on certain |
2668 | + upgrades. |
2669 | + - Multi-arch-ify. |
2670 | + - debian/rules: disable selinux and firewalld; use 'kvm' group; disable |
2671 | + ssh2, enable zfs and esx; process apparmor files for older releases; |
2672 | + copy dnsmasq configuration. |
2673 | + - debian/tests/control: add depends |
2674 | + * d/p/ubuntu/conf-also-mark-implicit-video-as-primary.patch: upstream patch |
2675 | + to fix failure to start vms with video not explicitly marked as 'primary' |
2676 | + |
2677 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 29 Apr 2016 20:51:48 -0500 |
2678 | + |
2679 | libvirt (1.3.3-2) unstable; urgency=medium |
2680 | |
2681 | * Upload to unstable |
2682 | @@ -1206,6 +3802,239 @@ libvirt (1.3.1-2) unstable; urgency=medium |
2683 | |
2684 | -- Guido Günther <agx@sigxcpu.org> Fri, 19 Feb 2016 17:29:27 +0100 |
2685 | |
2686 | +libvirt (1.3.1-1ubuntu11) yakkety; urgency=medium |
2687 | + |
2688 | + [ Stefan Bader ] |
2689 | + * Add alias for libvirtd.service into libvirt-bin.service |
2690 | + |
2691 | + [ Serge Hallyn ] |
2692 | + * d/p/u/libvirt-bin-service-set-notifyaccess.patch: Set NotifyAccess=all in |
2693 | + libvirt-bin systemd service file. (LP: #1574566) |
2694 | + |
2695 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 18 Apr 2016 13:44:15 -0500 |
2696 | + |
2697 | +libvirt (1.3.1-1ubuntu10) xenial; urgency=medium |
2698 | + |
2699 | + * d/p/u/virt-aa-helper-apparmor-allow-usr-share-AAVMF-too.patch: Allow |
2700 | + access to /usr/share/AAVMF/** and /usr/share/qemu-efi/** for aarch64 UEFI. |
2701 | + (LP: #1538882) |
2702 | + |
2703 | + -- William Grant <wgrant@ubuntu.com> Fri, 15 Apr 2016 12:08:21 +1000 |
2704 | + |
2705 | +libvirt (1.3.1-1ubuntu9) xenial; urgency=medium |
2706 | + |
2707 | + * Remove the tasks limit on libvirt-bin service (LP: #1567381) |
2708 | + This should be un-done when it is properly fixed in the code so |
2709 | + that virtual machines are started in their own pids cgroup. |
2710 | + |
2711 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 07 Apr 2016 10:05:01 -0500 |
2712 | + |
2713 | +libvirt (1.3.1-1ubuntu8) xenial; urgency=medium |
2714 | + |
2715 | + * d/p/u/virt-aa-helper-add-guest-agent-rule.patch: this actually solves |
2716 | + the qemu guest agent problem for rhel7 vms for me. (LP: #1393842) |
2717 | + Also drop the mknod rule which isn't needed. |
2718 | + * d/apparmor/usr.lib.libvirt.virt-aa-helper: add permission to read under |
2719 | + /var/run. This is needed for some openvswitch info. (LP: #1513367) |
2720 | + |
2721 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 11 Mar 2016 15:01:25 -0800 |
2722 | + |
2723 | +libvirt (1.3.1-1ubuntu7) xenial; urgency=medium |
2724 | + |
2725 | + * zfs support (LP: #1553023) |
2726 | + - Cherrypick upstream patches to support zfs |
2727 | + - debian/rules: build with zfs support |
2728 | + - debian/control: add zfs as build-dep |
2729 | + * d/p/u/virt-aa-helper-no-explicity-deny-for-basefiles.patch: don't mark |
2730 | + readonly files with an explicity deny only because the xml marks it |
2731 | + as reasonly. (LP: #1554031) |
2732 | + * fix typo in virt-aa-helper helptext |
2733 | + * fix d/p/u/preup-virt-aa-helper-better-write-denials-handling.patch to |
2734 | + not overwrite const memory. |
2735 | + |
2736 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 10 Mar 2016 19:25:54 -0800 |
2737 | + |
2738 | +libvirt (1.3.1-1ubuntu6) xenial; urgency=medium |
2739 | + |
2740 | + * d/apparmor/libvirt-qemu: generalize the qemu-block-extra libs line. |
2741 | + (LP: #1554761) |
2742 | + * d/p/ubuntu/virt-aa-helper-add-mknod-for-guest-agent.patch: add mknod |
2743 | + capability if there is a qemu guest agent. (LP: #1393842) |
2744 | + |
2745 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 09 Mar 2016 18:45:08 -0800 |
2746 | + |
2747 | +libvirt (1.3.1-1ubuntu5) xenial; urgency=low |
2748 | + |
2749 | + * Added d/p/ubuntu/preup-virt-aa-helper-better-write-denials-handling.patch |
2750 | + and refreshed d/p/ubuntu/9034-complete-9p-support accordingly. |
2751 | + * Added d/p/ubuntu/additional-libvirt-guest-tweaks.patch to fix default |
2752 | + URI detection when running in a Xen control domain. Also change the |
2753 | + default config to do parallel shutdown requests (max. 10) and reduce the |
2754 | + timeout to 2 minutes. |
2755 | + |
2756 | + -- Stefan Bader <stefan.bader@canonical.com> Wed, 09 Mar 2016 09:13:09 +0100 |
2757 | + |
2758 | +libvirt (1.3.1-1ubuntu4) xenial; urgency=low |
2759 | + |
2760 | + * d/libvirt-bin.virtlockd.init: Replace by the version I had already |
2761 | + prepared and was tested (LP: #1547208). |
2762 | + * d/libvirt-bin.virtlogd.init: Fix up some left-over references to |
2763 | + libvirtd. |
2764 | + * d/control: Add provides libvirt-daemon for libvirt-bin (LP: #1551643) |
2765 | + |
2766 | + -- Stefan Bader <stefan.bader@canonical.com> Tue, 01 Mar 2016 10:58:23 +0100 |
2767 | + |
2768 | +libvirt (1.3.1-1ubuntu3) xenial; urgency=medium |
2769 | + |
2770 | + * d/libvirt-bin.virtlockd.init: Re-write based on virtlogd init script |
2771 | + as upstream provided version is not compatible with Ubuntu/Debian. |
2772 | + |
2773 | + -- James Page <james.page@ubuntu.com> Mon, 29 Feb 2016 22:24:49 +0000 |
2774 | + |
2775 | +libvirt (1.3.1-1ubuntu2) xenial; urgency=medium |
2776 | + |
2777 | + * No-change rebuild for gnutls transition. |
2778 | + |
2779 | + -- Matthias Klose <doko@ubuntu.com> Wed, 17 Feb 2016 22:41:20 +0000 |
2780 | + |
2781 | +libvirt (1.3.1-1ubuntu1) xenial; urgency=low |
2782 | + |
2783 | + * Merge from Debian unstable. Remaining changes: |
2784 | + - debian/apparmor/{libvirt-lxc,libvirt-qemu,local-usr.sbin.libvirtd, |
2785 | + TEMPLATE.lxc,TEMPLATE.qemu,usr.lib.libvirt.virt-aa-helper, |
2786 | + usr.sbin.libvirtd} Add apparmor profiles. |
2787 | + - Add debian/libvirt-bin.virtlockd.init based on the upstream version |
2788 | + src/locking/virtlockd.init.in. This does not seem to get processed |
2789 | + by the build. |
2790 | + - debian/control: |
2791 | + * Add libcurl4-gnutls-dev, libxml-libxml-perl, libcgmanager-dev |
2792 | + * Add ppc64el to libnuma-dev arches |
2793 | + * Remove libsanlock-dev, libselinux1-dev, systemtap-sdt-dev |
2794 | + * Remove python, sheepdog, librados-dev, libfuse-dev |
2795 | + * Remove libssh2-1-dev, qemu-system-common, augeas-tools |
2796 | + * Don't build libvirt-clients, libvirt-daemon, libvirt-sanlock packages |
2797 | + * Keep multiarch changes. |
2798 | + - Keep debian/{libvirt-bin.apport,libvirt-bin.cron.daily} |
2799 | + - Keep change d/libvirt0.install and d/libvirt-dev.install that |
2800 | + adds multi-arch wildcard. |
2801 | + - d/libvirt-daemon-system.libvirtd.default -> |
2802 | + d/libvirt-bin.libvirt-bin.default |
2803 | + - d/libvirt-daemon-system.dirs -> d/libvirt-bin.dirs |
2804 | + * Add /etc/apparmor.d/{abstractions,disable,force-complain,local} |
2805 | + * Add /etc/cron.daily |
2806 | + * Add /usr/share/apport/package-hooks |
2807 | + * Add /var/log/libvirt/libxl |
2808 | + * Add /etc/dnsmasq.d-available |
2809 | + * Remove /usr/share/polkit-1/rules.d/ |
2810 | + * Remove /var/lib/polkit-1/localauthority/10-vendor.d/ |
2811 | + - Keep debian/libvirt-bin.dnsmasq |
2812 | + - d/libvirt-daemon-system.examples -> d/libvirt-bin.examples |
2813 | + * Remove debian/build/daemon/libvirtd.policy |
2814 | + * Drop debian/libvirt-suspendonreboot |
2815 | + - d/libvirt-daemon-system.libvirtd.init -> d/libvirt-bin.libvirt-bin.init |
2816 | + * Add provides libvirt-bin |
2817 | + * Change /etc/default/libvirtd into /etc/default/libvirt-bin |
2818 | + * Add wait_on_sockfile() and call it during start |
2819 | + - d/libvirt-daemon-system.install -> d/libvirt-bin.install |
2820 | + * Add usr/bin/* |
2821 | + * Add usr/sbin/* |
2822 | + * Add etc/apparmor.d/* |
2823 | + * Replace etc/libvirt/{libvirtd,virtlockd,virtlogd}.conf -> etc/libvirt/* |
2824 | + (since with the clients included there are many more config files) |
2825 | + * Add usr/share/polkit-1 |
2826 | + * Add usr/lib/libvirt/* |
2827 | + * Add usr/share/augeas/* |
2828 | + * Add usr/share/libvirt/* |
2829 | + * Add usr/share/man/man8/* |
2830 | + * Add usr/share/apport/package-hooks/source_libvirt.py |
2831 | + * Add etc/dnsmasq.d-available/libvirt-bin |
2832 | + * Add etc/profile.d/libvirt-uri.sh |
2833 | + * Add usr/lib/libvirt |
2834 | + - d/libvirt-daemon-system.links -> d/libvirt-bin.links |
2835 | + * Replace libvirt-daemon-system with libvirt-bin for libvirt0 |
2836 | + * Remove libvirt-daemon line |
2837 | + - Remove d/libvirt-bin.maintscript |
2838 | + - d/libvirt-clients.manpages -> d/libvirt-bin.manpages |
2839 | + * Add debian/libvirt-migrate-qemu-disks.1 |
2840 | + * Add debian/libvirt-migrate-qemu-machinetype.1 |
2841 | + * Add debian/libvirt-migrate-xend-managed-domains.1 |
2842 | + - Combined d/libvirt-daemon-system.NEWS and d/libvirt-daemon.NEWS into |
2843 | + d/libvirt-bin.NEWS |
2844 | + - Keep d/libvirt-bin.{postinst,postrm,preinst} though they probably could |
2845 | + be freshly derived from libvirt-daemon counterparts. |
2846 | + * Added removal of qemu capability cache (found in Debian) to postinst |
2847 | + * Added reload of virtlogd in postinst (following example of virtlockd) |
2848 | + - Replace d/libvirt-bin.preinst |
2849 | + - Add d/libvirt-bin.upstart |
2850 | + - d/libvirt-daemon-system.virtlogd.init -> d/libvirt-bin.virtlogd.init |
2851 | + - Remove d/libvirt-clients.install |
2852 | + - Remove d/libvirt-clients.links |
2853 | + - Remove d/libvirt-daemon.install |
2854 | + - Remove d/libvirt-daemon.links |
2855 | + - d/libvirt-daemon.README.Debian -> d/libvirt-bin.README.Debian |
2856 | + * Replaced access control section |
2857 | + * Appended apparmor profile section |
2858 | + * Appended disk migration section |
2859 | + * Appended qemu/kvm machine type migration section |
2860 | + - Remove d/libvirt-daemon-system.{maintscript,postinst,postrm,preinst} |
2861 | + - Keep libvirt-migrate-qemu-disks (and manpage) |
2862 | + - Keep libvirt-migrate-qemu-machinetype (and manpage) |
2863 | + - Keep libvirt-migrate-xend-managed-domains (and manpage) |
2864 | + - Remove d/libvirt-sanlock.{cron.weekly,links,install} |
2865 | + - Drop d/libvirt-stop-guests |
2866 | + - Drop d/libvirt-suspendonreboot (replaced by upstream libvirt-guests) |
2867 | + - Keep d/libvirt-uri.sh |
2868 | + - Remove d/polkit/60-libvirt.pkla (and polkit directory) |
2869 | + - d/tests/control |
2870 | + - Add build-essential and pkg-config dependencies to build-test |
2871 | + - debian/rules: |
2872 | + * Add autoconf stuff (not sure what still really gets used). |
2873 | + * Use qemu-group kvm instead of libvirt-qemu |
2874 | + * Add SHEEPDOGCLI environment variable to dh_auto_configure |
2875 | + override (instead of an DEB_DH_... make variable which no |
2876 | + longer takes effect). |
2877 | + * Drop --with-secdriver-apparmor --with-apparmor-profiles from |
2878 | + WITH_APPARMOR config. |
2879 | + * Change WITH_FIREWALLD and WITH_SELINUX settings to disabled. |
2880 | + * Change WITH_DTRACE setting to disabled. |
2881 | + * Drop DEB_DH_SYSTEMD_START_ARGS_libvirt-bin as it is no longer |
2882 | + needed after dropping cdbs. |
2883 | + * Add to override_dh_install section |
2884 | + - Install apparmor files (and post-processing) |
2885 | + - Install apport hooks. |
2886 | + - Install migration tools. |
2887 | + - Install profile script to autoset URI. |
2888 | + - Replace package name libvirt-daemon-system with libvirt-bin. |
2889 | + - Debian now copies libvirt-guests.{init,default} and |
2890 | + virtlogd.default from upstream source. Copy virtlockd.default |
2891 | + as well. |
2892 | + - Rename libvirtd.{socket,service} to libvirt-bin.{socket,service} |
2893 | + - Change dh_systemd_start to use virtlo{g,ck}d.socket only (the |
2894 | + services are supposed to be started by using the sockets. |
2895 | + - Move libs and pkgconfig under multiarch directory. |
2896 | + * Modify override_dh_auto_clean |
2897 | + - Replace package name libvirt-daemon-system with libvirt-bin |
2898 | + - Delete upstream files which were copied into debian/. |
2899 | + * Add override_dh_gencontrol section which conditionally adds |
2900 | + conflicts on apparmor. |
2901 | + * Add override_dh_makeshlibs section to pass version info for |
2902 | + libvirt0. |
2903 | + * Dropped patches: |
2904 | + - ubuntu/virt-aa-helper-handle-ovmf (upstream added ovmf paths to |
2905 | + restricted_rw) |
2906 | + * Refreshed patches: |
2907 | + - refreshed d/p/ubuntu/9034-complete-9p-support |
2908 | + * New patches |
2909 | + - d/ubuntu/libvirt-guests-exclude-dom0.patch |
2910 | + - d/ubuntu/libxl-no-dm-check.patch |
2911 | + - d/ubuntu/libxl-fix-test-data.patch |
2912 | + - d/ubuntu/Debianize-virtlogd-service.patch |
2913 | + - d/ubuntu/Debianize-virtlockd-init.patch |
2914 | + - d/ubuntu/switch-service-files-to-libvirt-bin.patch |
2915 | + - d/ubuntu/libvirt-socket-fix-group.patch |
2916 | + |
2917 | + -- Stefan Bader <stefan.bader@canonical.com> Fri, 12 Feb 2016 14:46:21 +0100 |
2918 | + |
2919 | libvirt (1.3.1-1) unstable; urgency=medium |
2920 | |
2921 | [ Guido Günther ] |
2922 | @@ -1275,6 +4104,151 @@ libvirt (1.3.0~rc1-1) experimental; urgency=medium |
2923 | |
2924 | -- Guido Günther <agx@sigxcpu.org> Fri, 04 Dec 2015 17:12:53 +0100 |
2925 | |
2926 | +libvirt (1.2.21-2ubuntu10) xenial; urgency=medium |
2927 | + |
2928 | + * Multiarchify the library packages. |
2929 | + |
2930 | + -- Matthias Klose <doko@ubuntu.com> Thu, 28 Jan 2016 16:33:15 +0100 |
2931 | + |
2932 | +libvirt (1.2.21-2ubuntu9) xenial; urgency=medium |
2933 | + |
2934 | + * debian/rules: Disable cdbs' implicitly generated dh_systemd_start calls. |
2935 | + We already call it explicitly with the right options, calling it again |
2936 | + with the default options stops libvirt-guests during upgrades. |
2937 | + (LP: #1533839) |
2938 | + |
2939 | + -- Martin Pitt <martin.pitt@ubuntu.com> Mon, 18 Jan 2016 09:10:21 +0100 |
2940 | + |
2941 | +libvirt (1.2.21-2ubuntu8) xenial; urgency=low |
2942 | + |
2943 | + * d/libvirt-stop-guests: Skip Domain-0 on guest shutdown. Newer |
2944 | + versions of libvirt will include dom0 in the list of running domains |
2945 | + (with libxl). This special domain must be ignored. |
2946 | + |
2947 | + -- Stefan Bader <stefan.bader@canonical.com> Thu, 14 Jan 2016 11:35:39 +0100 |
2948 | + |
2949 | +libvirt (1.2.21-2ubuntu7) xenial; urgency=medium |
2950 | + |
2951 | + * d/apparmor/libvirt-qemu: silence denial to shm/lttng file since shm |
2952 | + mountpoint has moved (LP: #1529319) |
2953 | + |
2954 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 11 Jan 2016 11:55:28 -0800 |
2955 | + |
2956 | +libvirt (1.2.21-2ubuntu6) xenial; urgency=medium |
2957 | + |
2958 | + * d/apparmor/libvirt-qemu: add r access to max_mem_regions vhost module |
2959 | + paramater (LP: #1531564) |
2960 | + |
2961 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 11 Jan 2016 11:33:02 -0800 |
2962 | + |
2963 | +libvirt (1.2.21-2ubuntu5) xenial; urgency=medium |
2964 | + |
2965 | + * SECURITY UPDATE: ACL bypass using storage pool directory traversal |
2966 | + - debian/patches/CVE-2015-5313.patch: filter filesystem volume names in |
2967 | + src/storage/storage_backend_fs.c. |
2968 | + - CVE-2015-5313 |
2969 | + |
2970 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Fri, 08 Jan 2016 10:32:17 -0500 |
2971 | + |
2972 | +libvirt (1.2.21-2ubuntu4) xenial; urgency=medium |
2973 | + |
2974 | + * Revert Ubuntu-specific patch to build-depend on libsystemd-daemon-dev |
2975 | + instead of libsystemd-dev; libsystemd-daemon-dev is no longer built from |
2976 | + systemd source so we want libsystemd-dev. |
2977 | + |
2978 | + -- Colin Watson <cjwatson@ubuntu.com> Tue, 29 Dec 2015 00:31:16 +0000 |
2979 | + |
2980 | +libvirt (1.2.21-2ubuntu3) xenial; urgency=medium |
2981 | + |
2982 | + * Fix build-test autopkgtest: it now expects to run with the current |
2983 | + directory set to the root of the unpacked source package, writes to |
2984 | + $ADTTMP rather than to the source package, and declares dependencies on |
2985 | + build-essential and pkg-config. |
2986 | + |
2987 | + -- Colin Watson <cjwatson@ubuntu.com> Mon, 28 Dec 2015 05:25:54 +0000 |
2988 | + |
2989 | +libvirt (1.2.21-2ubuntu2) xenial; urgency=medium |
2990 | + |
2991 | + * d/apparmor/libvirt-qemu: add permission to the systemd-mounted hugepages |
2992 | + path. (LP: #1524737) |
2993 | + |
2994 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 17 Dec 2015 10:49:18 -0800 |
2995 | + |
2996 | +libvirt (1.2.21-2ubuntu1) xenial; urgency=medium |
2997 | + |
2998 | + * Merge from Debian unstable. Remaining changes: |
2999 | + - debian/apparmor/{libvirt-lxc,libvirt-qemu,local-usr.sbin.libvirtd, |
3000 | + TEMPLATE.lxc,TEMPLATE.qemu,usr.lib.libvirt.virt-aa-helper, |
3001 | + usr.sbin.libvirtd} Add apparmor profiles. |
3002 | + - debian/bug-presubj: removed |
3003 | + - debian/control: |
3004 | + - add cdbs, dh-autoreconf, libcurl4-gnutls-dev |
3005 | + - add libxml-libxml-perl, libhal-dev |
3006 | + - swap open-iscsi to open-iscsi-utils |
3007 | + - Enable numa support on ppc64el. |
3008 | + - remove libsanlock-dev, libselinux1-dev |
3009 | + - use libsystemd-daemon-dev instead of libsystemd-dev |
3010 | + - remove systemtap-sdt-dev, python, sheepdog, librados-dev, libfuse-dev |
3011 | + - remove libssh2-1, augeas-tools |
3012 | + - add libcgmanager-dev, xsltproc |
3013 | + - remove Vcs-Git |
3014 | + - adjust X-Python-Version > 2.7 |
3015 | + - don't build libvirt-clients, libvirt-daemon, libvirt-sanlock packages |
3016 | + - keep debian/{libvirt-bin.apport,libvirt-bin.cron.daily} |
3017 | + - debian/libvirt-daemon.* has been mostly renamed to debian/libvirt-bin.* |
3018 | + - add upstart script for libvirt-bin |
3019 | + - debian/*.{links,maintscript} files not added |
3020 | + - keep ubuntu maintscript modifications |
3021 | + - debian/libvirt-sanlock* not merged |
3022 | + - debian/libvirt-clients* not merged |
3023 | + - keep debian/{libvirt-migrate-qemu-disks.*, |
3024 | + libvirt-migrate-qemu-machinetype.*, |
3025 | + libvirt-migrate-xend-managed-domains.*} |
3026 | + - keep debian/libvirt-suspendonreboot |
3027 | + - keep debian/libvirt-uri.sh |
3028 | + - debian/polkit/* not added |
3029 | + - debian/README.Debian: |
3030 | + - add 'Apparmor Profile' section |
3031 | + - add 'Disk migration' section |
3032 | + - debian/rules: |
3033 | + - add cdbs and autoconf stuff |
3034 | + - don't build WITH_SANLOCK, WITH_INIT_SCRIPT, WITH_SYSTEMD, WITH_FIREWALLD |
3035 | + WITH_SELINUX |
3036 | + - use qemu-group kvm instead of libvirt-qemu |
3037 | + - set DEB_DH_INSTALLINIT_ARGS to '--upstart-only' |
3038 | + - remove auto_test section |
3039 | + - add build/libvirt-bin:: section to install |
3040 | + - apparmor files |
3041 | + - apport hooks |
3042 | + - libvirt-migrate-qemu-disks |
3043 | + - use clean:: instead of dh_*clean |
3044 | + - Move ubuntu specific patches to 'debian/patches/ubuntu' |
3045 | + * Dropped patches: |
3046 | + - drop 9033-apparmor-use-TEMPLATE.qemu-for-kvm.patch (upstream 16d2bc8b) |
3047 | + - drop 9036-util-prepare-uri-for-libxml2-2.9.2.patch (upstream 8f17d0ea) |
3048 | + - drop 9040-virt-aa-helper-add-unix-channels (upstream 03d7462d) |
3049 | + - drop CVE-2014-3633.patch (upstream 3e745e8f) |
3050 | + - drop CVE-2014-3657.patch (upstream fc22b2e7) |
3051 | + - drop CVE-2014-7823.patch (upstream b1674ad5) |
3052 | + - drop Don-t-fail-if-we-can-t-setup-avahi.patch (dropped in debian) |
3053 | + - drop add-ppc64le-support.patch (upstream 9265fd19, addce06c, 1e911742, |
3054 | + bdbe723f, 5e4f49ab) |
3055 | + - drop blockdev-migration patches (upstream 1049a8d8, 9c5efd1a, cb7297c1, |
3056 | + a5250449, e9ef8565, 952907f5, 5eb03b6e, 93a19e28, a4e92f9e, de0aeafe) |
3057 | + - storage-allow-zero-capacity-with-non-backing-file-to.patch, |
3058 | + tests-add-vol-qcow2-zerocapacity-test-to-storagevolx.patch |
3059 | + (upstream 0bcda653, b8cc0cc5) |
3060 | + - ubuntu/fix-ubuntu-xen-qemu-dm-path.patch dropped in favor of |
3061 | + Allow-xen-toolstack-to-find-it-s-binaries.patch |
3062 | + - drop ubuntu-libxl-Implement-basic-video-device-selection.patch |
3063 | + (upstream 1298daca) |
3064 | + - remove dont-include-non-migrateable-features-in-host-model |
3065 | + (upstream and not included in series) |
3066 | + - remove upstream-libxl-Allow-libxl-to-find-pygrub-binary.patch |
3067 | + (upstream and not included in series) |
3068 | + |
3069 | + -- Chris J Arges <chris.j.arges@canonical.com> Wed, 02 Dec 2015 12:06:09 -0600 |
3070 | + |
3071 | libvirt (1.2.21-2) unstable; urgency=medium |
3072 | |
3073 | * [014a0c7] Add a build test to verify that the we can link against libvirt |
3074 | @@ -1387,6 +4361,163 @@ libvirt (1.2.18-1) experimental; urgency=medium |
3075 | |
3076 | -- Guido Günther <agx@sigxcpu.org> Tue, 11 Aug 2015 21:19:43 +0200 |
3077 | |
3078 | +libvirt (1.2.16-2ubuntu14) xenial; urgency=medium |
3079 | + |
3080 | + * debian/apparmor/libvirt-qemu: add a bunch of newly available qemu-* |
3081 | + architecture binaries. (LP: #1519030) |
3082 | + |
3083 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Mon, 23 Nov 2015 17:42:52 +0000 |
3084 | + |
3085 | +libvirt (1.2.16-2ubuntu13) xenial; urgency=medium |
3086 | + |
3087 | + * debian/control: switch ebtables from Recommends to Depends or default |
3088 | + configuration network doesn't get created. (LP: #1505576) |
3089 | + |
3090 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 05 Nov 2015 15:14:04 -0600 |
3091 | + |
3092 | +libvirt (1.2.16-2ubuntu12) xenial; urgency=medium |
3093 | + |
3094 | + * virt-aa-helper apparmor policy: add 'network inet6' (LP: #1511830) |
3095 | + |
3096 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 02 Nov 2015 11:49:56 -0600 |
3097 | + |
3098 | +libvirt (1.2.16-2ubuntu11) wily; urgency=medium |
3099 | + |
3100 | + * Fix the preinst and postinst: the check for whether libvirt-bin was |
3101 | + running was wrong for upstart systems, but we don't need to do that |
3102 | + anyway - just stop libvirt-bin unconditionally. (LP: #1499199) |
3103 | + * libvirt-guests.service: fix libvirtd.service -> libvirt-bin.service |
3104 | + |
3105 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Sun, 27 Sep 2015 15:47:08 +0000 |
3106 | + |
3107 | +libvirt (1.2.16-2ubuntu10) wily; urgency=medium |
3108 | + |
3109 | + * Add qemu-block-extra libraries to libvirt apparmor profile (LP: #1495895) |
3110 | + |
3111 | + -- Ryan Harper <ryan.harper@canonical.com> Wed, 16 Sep 2015 13:20:48 -0500 |
3112 | + |
3113 | +libvirt (1.2.16-2ubuntu9) wily; urgency=medium |
3114 | + |
3115 | + * Add upstream patches implementing a '--migrate-disks' option to virsh |
3116 | + migrate to specify block devices to migrate. (LP: #1398999) |
3117 | + |
3118 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 04 Sep 2015 09:29:52 -0500 |
3119 | + |
3120 | +libvirt (1.2.16-2ubuntu8) wily; urgency=medium |
3121 | + |
3122 | + * Support OVMF images in virt-aa-helper. (LP: #1483071) |
3123 | + * Fix the libvirt-bin.preinst to not stop libvirt-bin on upgrade |
3124 | + from 1.2.16-2ubuntu7. |
3125 | + |
3126 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 14 Aug 2015 07:34:30 -0500 |
3127 | + |
3128 | +libvirt (1.2.16-2ubuntu7) wily; urgency=medium |
3129 | + |
3130 | + * Stop libvirt-bin at pre-inst if upgrading from a non-systemd version, |
3131 | + restart at postinst. (This can be removed after 16.04 release) |
3132 | + * Commonize stopping of vms in upstart/systemd. |
3133 | + |
3134 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 11 Aug 2015 17:40:36 -0500 |
3135 | + |
3136 | +libvirt (1.2.16-2ubuntu6) wily; urgency=medium |
3137 | + |
3138 | + * Add systemd units and libvirt-stop-guests script to stop VMs before |
3139 | + a host completes shutdown (LP: #1480440) |
3140 | + |
3141 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 11 Aug 2015 15:42:29 -0500 |
3142 | + |
3143 | +libvirt (1.2.16-2ubuntu5) wily; urgency=medium |
3144 | + |
3145 | + * debian/control changes: |
3146 | + - Replace module-init-tools with kmod |
3147 | + * debian/tests: |
3148 | + - add autopkgtests from Debian |
3149 | + |
3150 | + -- Chris J Arges <chris.j.arges@canonical.com> Fri, 10 Jul 2015 14:15:48 -0500 |
3151 | + |
3152 | +libvirt (1.2.16-2ubuntu4) wily; urgency=medium |
3153 | + |
3154 | + * d/p/{storage-allow-zero-capacity-with-non-backing-file-to.patch, |
3155 | + tests-add-vol-qcow2-zerocapacity-test-to-storagevolx.patch} added to address |
3156 | + (LP: #1459748). Allow zero capacity storage creation with non-backing file. |
3157 | + |
3158 | + -- Chris J Arges <chris.j.arges@canonical.com> Fri, 10 Jul 2015 12:50:50 -0500 |
3159 | + |
3160 | +libvirt (1.2.16-2ubuntu3) wily; urgency=medium |
3161 | + |
3162 | + * debian/apparmor/libvirt-qemu: |
3163 | + allow serial console backed by pts chardev (LP: #1342083) |
3164 | + |
3165 | + -- Chris J Arges <chris.j.arges@canonical.com> Tue, 07 Jul 2015 16:38:17 -0500 |
3166 | + |
3167 | +libvirt (1.2.16-2ubuntu2) wily; urgency=low |
3168 | + |
3169 | + [ Chris J Arges ] |
3170 | + * Merge from Debian unstable. Remaining changes: |
3171 | + - debian/apparmor/{libvirt-lxc,libvirt-qemu,local-usr.sbin.libvirtd, |
3172 | + TEMPLATE.lxc,TEMPLATE.qemu,usr.lib.libvirt.virt-aa-helper, |
3173 | + usr.sbin.libvirtd} Add apparmor profiles. |
3174 | + - debian/bug-presubj: removed |
3175 | + - debian/control: |
3176 | + - add cdbs, dh-autoreconf, libcurl4-gnutls-dev |
3177 | + - add libxml-libxml-perl, libhal-dev |
3178 | + - swap open-iscsi to open-iscsi-utils |
3179 | + - Enable numa support on ppc64 and ppc64el. |
3180 | + - remove libsanlock-dev, libselinux1-dev, libsystemd-daemon-dev |
3181 | + - remove systemtap-sdt-dev, python, sheepdog, librados-dev, libfuse-dev |
3182 | + - remove libssh2-1, augeas-tools |
3183 | + - add libcgmanager-dev, xsltproc |
3184 | + - remove Vcs-Git |
3185 | + - adjust X-Python-Version > 2.7 |
3186 | + - don't build libvirt-clients, libvirt-daemon, libvirt-sanlock packages |
3187 | + * keep debian/{libvirt-bin.apport,libvirt-bin.cron.daily} |
3188 | + * debian/libvirt-daemon.* has been mostly renamed to debian/libvirt-bin.* |
3189 | + * add upstart script for libvirt-bin |
3190 | + * debian/*.links files not added |
3191 | + * debian/libvirt-sanlock* not merged |
3192 | + * debian/libvirt-clients* not merged |
3193 | + * debian smoke tests not merged |
3194 | + * keep debian/{libvirt-migrate-qemu-disks.*, |
3195 | + libvirt-migrate-qemu-machinetype.*, |
3196 | + libvirt-migrate-xend-managed-domains.*} |
3197 | + * keep debian/libvirt-suspendonreboot |
3198 | + * keep debian/libvirt-uri.sh |
3199 | + * Don't apply the following patches: |
3200 | + - d/p/Debianize-libvirt-guests.patch |
3201 | + - d/p/Debianize-systemd-service-files.patch |
3202 | + - d/p/debian/Debianize-virtlockd.patch |
3203 | + - d/p/fix-Debian-specific-path-to-hvm-loader.patch |
3204 | + - d/p/Disable-gnulib-s-test-nonplocking-pipe.sh.patch |
3205 | + - d/p/patch-qemuMonitorTextGetMigrationStatus-to-intercept.patch |
3206 | + * debian/polkit/* not added |
3207 | + * debian/README.Debian: |
3208 | + - add 'Apparmor Profile' section |
3209 | + - add 'Disk migration' section |
3210 | + * debian/rules: |
3211 | + - add cdbs and autoconf stuff |
3212 | + - don't build WITH_SANLOCK, WITH_INIT_SCRIPT, WITH_SYSTEMD, WITH_FIREWALLD |
3213 | + WITH_SELINUX |
3214 | + - use qemu-group kvm instead of libvirt-qemu |
3215 | + - set DEB_DH_INSTALLINIT_ARGS to '--upstart-only' |
3216 | + - remove auto_test section |
3217 | + - add build/libvirt-bin:: section to install |
3218 | + - apparmor files |
3219 | + - apport hooks |
3220 | + - libvirt-migrate-qemu-disks |
3221 | + - use clean:: instead of dh_*clean |
3222 | + |
3223 | + [ Chuck Short ] |
3224 | + + Rediffed: |
3225 | + - debian/patches/storage-default-permission-mode-to-0711 |
3226 | + - debian/patches/ubuntu_machine_type.patch |
3227 | + * debian/libvirt-bin.init: Adjust avahi to avahi-daemon (LP: #1453572) |
3228 | + |
3229 | + [ Serge Hallyn ] |
3230 | + * 9040-virt-aa-helper-add-unix-channels.patch: add support for unix |
3231 | + sockets for serials. (LP: #1015154) |
3232 | + |
3233 | + -- Chris J Arges <chris.j.arges@canonical.com> Wed, 01 Jul 2015 13:33:40 -0500 |
3234 | + |
3235 | libvirt (1.2.16-2) unstable; urgency=medium |
3236 | |
3237 | * [0266267] Build-Depend and suggest nfs-common |
3238 | @@ -1452,6 +4583,49 @@ libvirt (1.2.15-1) experimental; urgency=medium |
3239 | |
3240 | -- Guido Günther <agx@sigxcpu.org> Tue, 05 May 2015 19:26:21 +0200 |
3241 | |
3242 | +libvirt (1.2.15-0ubuntu4) wily; urgency=medium |
3243 | + |
3244 | + * Add post-start to upstart (/etc/init/libvirt-bin.conf) and |
3245 | + sysv (/etc/init.d/libvirt-bin) jobs to ensure libvirt-sock |
3246 | + created before up (LP: #1455608) |
3247 | + |
3248 | + -- Edward Hope-Morley <edward.hope-morley@canonical.com> Thu, 28 May 2015 16:06:44 +0100 |
3249 | + |
3250 | +libvirt (1.2.15-0ubuntu3) wily; urgency=low |
3251 | + |
3252 | + * d/p/ubuntu-libxl-qemu-path.patch: Set correct path for qemu binary |
3253 | + for new configs and convert old configs using qemu-dm. |
3254 | + (LP: #1459600) |
3255 | + * d/p/ubuntu-libxl-hvmloader-path.patch: Get Xen version from dpkg-query |
3256 | + at compile time and set LIBXL_FIRMWARE_DIR as long as libxen-dev does |
3257 | + not provide a xenlight.pc file. Use that directory to update existing |
3258 | + configs. |
3259 | + (LP: #1459603) |
3260 | + |
3261 | + -- Stefan Bader <stefan.bader@canonical.com> Thu, 28 May 2015 12:21:23 +0200 |
3262 | + |
3263 | +libvirt (1.2.15-0ubuntu2) wily; urgency=medium |
3264 | + |
3265 | + * debian/apparmor/libvirt-qemu: add /sys read accesses needed by newer |
3266 | + qemu: /sys/devices/system/node/, /sys/devices/system/cpu/ and |
3267 | + /sys/devices/system/node/node[0-9]*/meminfo |
3268 | + |
3269 | + -- Jamie Strandboge <jamie@ubuntu.com> Wed, 13 May 2015 16:41:54 -0500 |
3270 | + |
3271 | +libvirt (1.2.15-0ubuntu1) wily; urgency=medium |
3272 | + |
3273 | + * New upstream release: |
3274 | + + Dropped patches: |
3275 | + - d/p/add-cgmanager-support.patch |
3276 | + - d/p/cgmanager-mutex |
3277 | + - d/p/cgm-ignore-machined-failure |
3278 | + - d/p/9020-lp545795.patch |
3279 | + - d/pa/ubuntu-libxl-qemu-nopath.patch |
3280 | + - d/p/ubuntu-libxl-migrate-dm.patch |
3281 | + - d/p9037-virt-aa-helper-add-unix-channels-esp-for-qemu-guest-.patch |
3282 | + |
3283 | + -- Chuck Short <zulcss@ubuntu.com> Thu, 07 May 2015 10:27:49 -0400 |
3284 | + |
3285 | libvirt (1.2.15~rc2-1) experimental; urgency=medium |
3286 | |
3287 | * [852e3c3] New upstream version 1.2.15~rc2 |
3288 | @@ -1510,37 +4684,141 @@ libvirt (1.2.12-1) experimental; urgency=medium |
3289 | |
3290 | -- Guido Günther <agx@sigxcpu.org> Thu, 29 Jan 2015 11:02:21 +0100 |
3291 | |
3292 | -libvirt (1.2.12~rc2-1) experimental; urgency=medium |
3293 | +libvirt (1.2.12-0ubuntu12) vivid; urgency=low |
3294 | |
3295 | - * [67f2b22] New upstream version 1.2.12~rc2 |
3296 | - (Closes: #776065) |
3297 | + * Add profile script to automatically set the default URI based on |
3298 | + the currently running hyperisor (Xen or KVM/Qemu). |
3299 | + (LP: #1334749) |
3300 | |
3301 | - -- Guido Günther <agx@sigxcpu.org> Sun, 25 Jan 2015 13:02:59 +0100 |
3302 | + -- Stefan Bader <stefan.bader@canonical.com> Tue, 14 Apr 2015 09:02:52 -0500 |
3303 | |
3304 | -libvirt (1.2.12~rc1-1) experimental; urgency=medium |
3305 | +libvirt (1.2.12-0ubuntu11) vivid; urgency=medium |
3306 | |
3307 | - * [994d31d] Bump standards version to 3.9.6 |
3308 | - no changes required |
3309 | - * [7b59a26] New upstream version 1.2.12~rc1 |
3310 | - * [0a755e3] Dropped patches applied upstram. |
3311 | - lxc-Don-t-crash-on-NULL-ifname_guest_actual.patch |
3312 | - lxc-Move-setting-ifname_guest_actual-to-virLXCSetupI.patch |
3313 | - Rediff remaining patches. |
3314 | - * [9511acf] Document surprises on CPU microcode updates (Closes: #773706) |
3315 | - * [3e325df] Install lock drivers (Closes: #773706) |
3316 | - * [970de51] Bump symbol versions |
3317 | + * create /var/lib/libvirt/qemu/channel/target (LP: #1393842) |
3318 | + - libvirt-bin.dirs: add /var/lib/libvirt/qemu/channel/target |
3319 | + - libvirt-bin.postinst: chown target directory to libvirt-qemu:kvm so |
3320 | + qemu can create the unix sockets. |
3321 | |
3322 | - -- Guido Günther <agx@sigxcpu.org> Thu, 22 Jan 2015 12:26:54 +0100 |
3323 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 09 Apr 2015 10:40:05 -0500 |
3324 | |
3325 | -libvirt (1.2.11-1) experimental; urgency=medium |
3326 | +libvirt (1.2.12-0ubuntu10) vivid; urgency=medium |
3327 | |
3328 | - * [1377d56] lxc: Fix crash when using interface type 'direct' |
3329 | - (Closes: #769600) Thanks to Bastian Blank for the patch |
3330 | - * [88f9426] Adjust gbp.conf for experimental |
3331 | - * [0b196d9] New upstream version 1.2.11 |
3332 | - * [113b58b] Rediff patches |
3333 | + * Fix previous patch to ignore any abstract unix domain sockets |
3334 | + * Update the cgmanager patch so that container start and stop work under |
3335 | + systemd. (LP: #1438730) In 15.10 we will drop the cgmanager patch(es). |
3336 | |
3337 | - -- Guido Günther <agx@sigxcpu.org> Thu, 22 Jan 2015 10:29:41 +0100 |
3338 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 08 Apr 2015 10:58:04 -0500 |
3339 | + |
3340 | +libvirt (1.2.12-0ubuntu9) vivid; urgency=medium |
3341 | + |
3342 | + * 9037-virt-aa-helper-add-unix-channels-esp-for-qemu-guest-.patch: Allow |
3343 | + libvirt domains to start when using qemu guest agent. (LP: #1393842) |
3344 | + |
3345 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 06 Apr 2015 11:14:03 -0500 |
3346 | + |
3347 | +libvirt (1.2.12-0ubuntu8) vivid; urgency=medium |
3348 | + |
3349 | + * silence denial of attempted reads of lttng files (LP: #1432644) |
3350 | + |
3351 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 27 Mar 2015 21:36:27 -0500 |
3352 | + |
3353 | +libvirt (1.2.12-0ubuntu7) vivid; urgency=low |
3354 | + |
3355 | + * No-change rebuild to pull in libxen-dev 4.5 |
3356 | + |
3357 | + -- Stefan Bader <stefan.bader@canonical.com> Wed, 25 Feb 2015 18:31:16 +0100 |
3358 | + |
3359 | +libvirt (1.2.12-0ubuntu6) vivid; urgency=low |
3360 | + |
3361 | + * Fix xml validation for Xen by allowing non-absolute path values |
3362 | + in loader and bootloader elements (LP: #1425497). |
3363 | + * Fix up Xen emulator in old configurations and for new definitions to |
3364 | + point to /usr/bin/qemu-system-i386 (LP: #1425497). |
3365 | + |
3366 | + -- Stefan Bader <stefan.bader@canonical.com> Fri, 13 Feb 2015 17:57:27 +0100 |
3367 | + |
3368 | +libvirt (1.2.12-0ubuntu5) vivid; urgency=medium |
3369 | + |
3370 | + * Remove smoser-ppc64le-is-ppc64.patch - the problem will be solved by the |
3371 | + qemu-system-ppcle symlink in qemu-system-ppc package. |
3372 | + |
3373 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 12 Feb 2015 15:38:39 -0600 |
3374 | + |
3375 | +libvirt (1.2.12-0ubuntu4) vivid; urgency=medium |
3376 | + |
3377 | + * libvirt-qemu: allow kvm script on ppc to execute uname |
3378 | + |
3379 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 12 Feb 2015 14:05:14 -0600 |
3380 | + |
3381 | +libvirt (1.2.12-0ubuntu3) vivid; urgency=medium |
3382 | + |
3383 | + * Apply patch from smoser to make libvirt on ppc64le functional. |
3384 | + (LP: #1418221) |
3385 | + |
3386 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 09 Feb 2015 12:09:49 -0600 |
3387 | + |
3388 | +libvirt (1.2.12-0ubuntu2) vivid; urgency=medium |
3389 | + |
3390 | + * debian/control: Use libxml-libxml-perl instead of libxml-xpath-perl. |
3391 | + * debian/patches/docs-remove-xpath.patch: Use libxml instead of XPath. |
3392 | + |
3393 | + -- Chuck Short <zulcss@ubuntu.com> Fri, 06 Feb 2015 11:28:15 -0500 |
3394 | + |
3395 | +libvirt (1.2.12-0ubuntu1) vivid; urgency=medium |
3396 | + |
3397 | + * New upstream release |
3398 | + * Rediffed patches: |
3399 | + - debian/patches/9030-create-socket-dir |
3400 | + - debian/patches/add-cgmanager-support.patch |
3401 | + - debian/patches/cgroups-ignore-systemd-failure |
3402 | + * Dropped patches: |
3403 | + - debian/patches/ubuntu-libxl-Implement-basic-video-device-selection.patch |
3404 | + - debian/patches/ubuntu-libxl-Fix-up-VRAM-to-minimum-requirements.patch |
3405 | + - debian/patches/9033-apparmor-use-TEMPLATE.qemu-for-kvm.patch |
3406 | + - debian/patches/-CVE-2014-3633.patch |
3407 | + - debian/patches/dont-include-non-migrateable-features-in-host-model |
3408 | + - debian/patches/9036-util-prepare-uri-for-libxml2-2.9.2.patch |
3409 | + - debian/patches/CVE-2014-3657.patch |
3410 | + - debian/patches/CVE-2014-7823.patch |
3411 | + - debian/patches/add-ppc64le-support.patch |
3412 | + - debian/patches/upstream-libxl-Allow-libxl-to-find-pygrub-binary.patch |
3413 | + * debian/control: Add libxml-xpath-perl and xsltproc to dependencies |
3414 | + * debian/patches/skip-vircgrouptest.patch: Skip cgroup tests. |
3415 | + * debian/patches/disable-network-test.patch: Skip network tests |
3416 | + |
3417 | + -- Chuck Short <zulcss@ubuntu.com> Tue, 03 Feb 2015 13:12:36 -0500 |
3418 | + |
3419 | +libvirt (1.2.12~rc2-1) experimental; urgency=medium |
3420 | + |
3421 | + * [67f2b22] New upstream version 1.2.12~rc2 |
3422 | + (Closes: #776065) |
3423 | + |
3424 | + -- Guido Günther <agx@sigxcpu.org> Sun, 25 Jan 2015 13:02:59 +0100 |
3425 | + |
3426 | +libvirt (1.2.12~rc1-1) experimental; urgency=medium |
3427 | + |
3428 | + * [994d31d] Bump standards version to 3.9.6 |
3429 | + no changes required |
3430 | + * [7b59a26] New upstream version 1.2.12~rc1 |
3431 | + * [0a755e3] Dropped patches applied upstram. |
3432 | + lxc-Don-t-crash-on-NULL-ifname_guest_actual.patch |
3433 | + lxc-Move-setting-ifname_guest_actual-to-virLXCSetupI.patch |
3434 | + Rediff remaining patches. |
3435 | + * [9511acf] Document surprises on CPU microcode updates (Closes: #773706) |
3436 | + * [3e325df] Install lock drivers (Closes: #773706) |
3437 | + * [970de51] Bump symbol versions |
3438 | + |
3439 | + -- Guido Günther <agx@sigxcpu.org> Thu, 22 Jan 2015 12:26:54 +0100 |
3440 | + |
3441 | +libvirt (1.2.11-1) experimental; urgency=medium |
3442 | + |
3443 | + * [1377d56] lxc: Fix crash when using interface type 'direct' |
3444 | + (Closes: #769600) Thanks to Bastian Blank for the patch |
3445 | + * [88f9426] Adjust gbp.conf for experimental |
3446 | + * [0b196d9] New upstream version 1.2.11 |
3447 | + * [113b58b] Rediff patches |
3448 | + |
3449 | + -- Guido Günther <agx@sigxcpu.org> Thu, 22 Jan 2015 10:29:41 +0100 |
3450 | |
3451 | libvirt (1.2.11~rc1-1) experimental; urgency=medium |
3452 | |
3453 | @@ -1751,6 +5029,212 @@ libvirt (1.2.8-1) experimental; urgency=medium |
3454 | |
3455 | -- Guido Günther <agx@sigxcpu.org> Fri, 05 Sep 2014 19:56:50 +0200 |
3456 | |
3457 | +libvirt (1.2.8-0ubuntu21) vivid; urgency=medium |
3458 | + |
3459 | + * d/apparmor/libvirt-qemu: Update the ceph.conf allow rule (LP: #1403648) |
3460 | + |
3461 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 30 Jan 2015 10:02:20 +0100 |
3462 | + |
3463 | +libvirt (1.2.8-0ubuntu20) vivid; urgency=medium |
3464 | + |
3465 | + * debian/rules: |
3466 | + - use --with-esx (LP: #565771) |
3467 | + - specify restart-after-upgrade (LP: #1215617) |
3468 | + * debian/control: add libcurl4-gnutls-dev for esx support |
3469 | + |
3470 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 21 Jan 2015 13:01:59 -0600 |
3471 | + |
3472 | +libvirt (1.2.8-0ubuntu19) vivid; urgency=medium |
3473 | + |
3474 | + * apparmor libvirt-qemu template: allow reading charm-specific ceph config |
3475 | + and silence denials for /tmp/**. (LP: #1403648) |
3476 | + |
3477 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 06 Jan 2015 10:27:33 -0600 |
3478 | + |
3479 | +libvirt (1.2.8-0ubuntu18) vivid; urgency=medium |
3480 | + |
3481 | + * mutex cgmanager actions (Thanks to Don Bowman for finding the cause) |
3482 | + (LP: #1397130) (LP: #1367702) |
3483 | + |
3484 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 18 Dec 2014 13:28:03 -0600 |
3485 | + |
3486 | +libvirt (1.2.8-0ubuntu17) vivid; urgency=low |
3487 | + |
3488 | + * d/p/upstream-libxl-Allow-libxl-to-find-pygrub-binary.patch: |
3489 | + Allow libxl to figure out the path to pygrub. (LP: #1396942) |
3490 | + |
3491 | + -- Stefan Bader <stefan.bader@canonical.com> Thu, 11 Dec 2014 09:51:20 +0100 |
3492 | + |
3493 | +libvirt (1.2.8-0ubuntu16) vivid; urgency=medium |
3494 | + |
3495 | + * debian/patches/add-ppc64le-support.patch: Added patches needed |
3496 | + for ppc64le support. (LP: #1396070) |
3497 | + |
3498 | + -- Chuck Short <zulcss@ubuntu.com> Thu, 27 Nov 2014 08:57:35 -0500 |
3499 | + |
3500 | +libvirt (1.2.8-0ubuntu15) vivid; urgency=medium |
3501 | + |
3502 | + * libvirt-qemu: add r to sgabios.bin (LP: #1393548) |
3503 | + |
3504 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 17 Nov 2014 15:05:22 -0600 |
3505 | + |
3506 | +libvirt (1.2.8-0ubuntu14) vivid; urgency=medium |
3507 | + |
3508 | + [ Serge Hallyn ] |
3509 | + * 9036-util-prepare-uri-for-libxml2-2.9.2.patch: fix FTBFS against new |
3510 | + libxml 2.9.2 (LP: #1390637) |
3511 | + |
3512 | + [ Marc Deslauriers ] |
3513 | + * SECURITY UPDATE: denial of service via virConnectListAllDomains |
3514 | + - debian/patches/CVE-2014-3657.patch: fix domain deadlock in |
3515 | + src/conf/domain_conf.c. |
3516 | + - CVE-2014-3657 |
3517 | + * SECURITY UPDATE: xml information leak with read-only connections |
3518 | + - debian/patches/CVE-2014-7823.patch: check for migratable flag in |
3519 | + src/libvirt.c, src/remote/remote_protocol.x. |
3520 | + - CVE-2014-7823 |
3521 | + |
3522 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 11 Nov 2014 13:14:00 -0500 |
3523 | + |
3524 | +libvirt (1.2.8-0ubuntu13) vivid; urgency=medium |
3525 | + |
3526 | + * cull too-new apparmor rules depending on target host (LP: #1387251) |
3527 | + * add mising apparmor permissions for slof (LP: #1374554) |
3528 | + |
3529 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 07 Nov 2014 20:32:23 +0000 |
3530 | + |
3531 | +libvirt (1.2.8-0ubuntu12) vivid; urgency=medium |
3532 | + |
3533 | + * complete the 9p support: (LP: #1378434) |
3534 | + - libvirt-qemu: add fowner and fsetid |
3535 | + - virt-aa-helper: add 'l' to 9p file options |
3536 | + * dont-include-non-migrateable-features-in-host-model (LP: #1386503) |
3537 | + |
3538 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 29 Oct 2014 15:07:21 -0500 |
3539 | + |
3540 | +libvirt (1.2.8-0ubuntu11) utopic; urgency=medium |
3541 | + |
3542 | + [ Felix Geyer ] |
3543 | + * d/p/ubuntu_machine_type.patch: Fix No PCI buses available. (LP: #1379346). |
3544 | + |
3545 | + -- Chris J Arges <chris.j.arges@canonical.com> Thu, 09 Oct 2014 08:57:27 -0500 |
3546 | + |
3547 | +libvirt (1.2.8-0ubuntu10) utopic; urgency=medium |
3548 | + |
3549 | + * libvirt-bin.upstart: delay start until rc finished |
3550 | + This give hypervisors more time to finish their setup (LP: #1377900). |
3551 | + * libvirt-bin.upstart: add xen:/// uri to the list (LP: #1377960) |
3552 | + |
3553 | + -- Stefan Bader <stefan.bader@canonical.com> Mon, 06 Oct 2014 16:23:06 +0200 |
3554 | + |
3555 | +libvirt (1.2.8-0ubuntu9) utopic; urgency=medium |
3556 | + |
3557 | + * libvirt-qemu apparmor template: add /sys/firmware/devicetree/** r |
3558 | + (LP: #1374554) |
3559 | + |
3560 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 01 Oct 2014 17:09:05 -0500 |
3561 | + |
3562 | +libvirt (1.2.8-0ubuntu8) utopic; urgency=medium |
3563 | + |
3564 | + * libvirt-bin.postinst: fix syntax error (s/if/fi/) |
3565 | + |
3566 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 30 Sep 2014 13:07:19 -0500 |
3567 | + |
3568 | +libvirt (1.2.8-0ubuntu7) utopic; urgency=medium |
3569 | + |
3570 | + * libvirt-bin.postinst: check for confiles whichhave been removed rather |
3571 | + than fail package install (LP: #1375910) |
3572 | + |
3573 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 30 Sep 2014 12:37:16 -0500 |
3574 | + |
3575 | +libvirt (1.2.8-0ubuntu6) utopic; urgency=medium |
3576 | + |
3577 | + * SECURITY UPDATE: denial of service or information disclosure via |
3578 | + virDomainGetBlockIoTune |
3579 | + - debian/patches/CVE-2014-3633.patch: use correct definition when |
3580 | + looking up disk in src/qemu/qemu_driver.c. |
3581 | + - CVE-2014-3633 |
3582 | + |
3583 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 29 Sep 2014 15:23:37 -0400 |
3584 | + |
3585 | +libvirt (1.2.8-0ubuntu5) utopic; urgency=medium |
3586 | + |
3587 | + * debian/apparmor/libvirt-lxc (sync with container-base with lxc): |
3588 | + - remove bare 'signal' and 'ptrace' rules (base abstraction covers most |
3589 | + of what we need) |
3590 | + - allow signal (receive) peer=/usr/sbin/libvirtd |
3591 | + - allow ptrace peer=@{profile_name} |
3592 | + - deny mount options=(ro, remount, silent) -> / |
3593 | + - allow mount fstype=hugetlbfs |
3594 | + - shuffle a couple of rules around to make it easier to diff with lxc |
3595 | + policy |
3596 | + * debian/apparmor/TEMPLATE.lxc (sync with lxc-default): |
3597 | + - use attach_disconnected and mediate_deleted |
3598 | + - deny mount fstype=devpts, |
3599 | + |
3600 | + -- Jamie Strandboge <jamie@ubuntu.com> Thu, 25 Sep 2014 16:24:21 -0500 |
3601 | + |
3602 | +libvirt (1.2.8-0ubuntu4) utopic; urgency=medium |
3603 | + |
3604 | + * debian/apparmor/usr.sbin.libvirtd: allow 'network netlink' |
3605 | + |
3606 | + -- Jamie Strandboge <jamie@ubuntu.com> Thu, 18 Sep 2014 15:15:13 -0500 |
3607 | + |
3608 | +libvirt (1.2.8-0ubuntu3) utopic; urgency=medium |
3609 | + |
3610 | + * 9033-apparmor-use-TEMPLATE.qemu-for-kvm.patch - fix failure to start |
3611 | + KVM vms. |
3612 | + |
3613 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 18 Sep 2014 14:08:04 -0500 |
3614 | + |
3615 | +libvirt (1.2.8-0ubuntu2) utopic; urgency=low |
3616 | + |
3617 | + * d/p/ubuntu-xend-probe.patch: |
3618 | + Update patch correctly and re-enable it. It seems like it only was |
3619 | + half updated and then disabled without reasons. |
3620 | + * d/p/ubuntu-libxl-Implement-basic-video-device-selection.patch: |
3621 | + Re-activate adapted patch. Some pieces made it into upstream as a |
3622 | + bug fix. The rest is still needed to allow selecing an alternate |
3623 | + graphics device for Xen HVM guests. |
3624 | + * d/p/ubuntu-libxl-Fix-up-VRAM-to-minimum-requirements.patch: |
3625 | + Re-activate unchanged patch (for some reason dropped when moving |
3626 | + to 1.2.6). |
3627 | + This one is a bit of a work-around mainly for virt-manager which sets |
3628 | + gfx memory to values below the minimum requirement for Xen. And the |
3629 | + UI does not allow to change that. This patch just goes for the minimum |
3630 | + in that case. |
3631 | + |
3632 | + -- Stefan Bader <stefan.bader@canonical.com> Thu, 18 Sep 2014 10:00:36 +0200 |
3633 | + |
3634 | +libvirt (1.2.8-0ubuntu1) utopic; urgency=medium |
3635 | + |
3636 | + [ Chuck Short ] |
3637 | + * New upstream release: (LP: #1367422) |
3638 | + + Dropped: |
3639 | + - debian/patches/ovs-delete-port-if-exists-while-adding-new-one |
3640 | + + Refreshed: |
3641 | + - debian/patches/add-cgmanager-support.patch |
3642 | + - debian/patches/storage-default-permission-mode-to-0711 |
3643 | + |
3644 | + [ Serge Hallyn ] |
3645 | + * d/apparmor |
3646 | + - install TEMPLATE.qemu and TEMPLATE.lxc |
3647 | + - add libvirt-lxc abstraction, add permissions to it needed for |
3648 | + a ubuntu container to start. |
3649 | + - libvirt-qemu - add qemu-bridge-helper policy from upstream |
3650 | + - libvirt-qemu - add qemu-microblaze allows from upstream |
3651 | + - edit lxc.conf to enable apparmor by default (LP: #914716) |
3652 | + (LP: #1008393) (LP: #1088295) |
3653 | + * d/apparmor/libvirt-qemu: add /dev/shm as path to spice.* nodes |
3654 | + for systemd case. (LP: #1365163) |
3655 | + * d/p/9030-create-socket-dir - create session socket dir if |
3656 | + needed (Should be replaced eventually by the upstream fix) |
3657 | + * d/p/9032-lxc-allow-no-security-driver: don't fail if apparmor |
3658 | + driver is not available (else the qa-regression-tests fail with |
3659 | + skip_apparmor) |
3660 | + |
3661 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 15 Sep 2014 18:30:06 -0500 |
3662 | + |
3663 | libvirt (1.2.7-11) unstable; urgency=medium |
3664 | |
3665 | * [6534478] Check status in a systemd 208 compatible way |
3666 | @@ -1910,6 +5394,119 @@ libvirt (1.2.6-1) experimental; urgency=medium |
3667 | |
3668 | -- Guido Günther <agx@sigxcpu.org> Tue, 22 Jul 2014 22:33:51 +0200 |
3669 | |
3670 | +libvirt (1.2.6-0ubuntu6) utopic; urgency=medium |
3671 | + |
3672 | + * debian/apparmor/usr.sbin.libvirtd: update for abstract socket mediation |
3673 | + (LP: #1362199) |
3674 | + * debian/apparmor/libvirt-qemu: allow 'r' on @{PROC}/sys/kernel/cap_last_cap |
3675 | + * debian/control: Suggests apparmor >= 2.8.96~2541-0ubuntu4~ |
3676 | + |
3677 | + -- Jamie Strandboge <jamie@ubuntu.com> Fri, 05 Sep 2014 17:32:16 -0500 |
3678 | + |
3679 | +libvirt (1.2.6-0ubuntu5) utopic; urgency=medium |
3680 | + |
3681 | + * cgroups-ignore-systemd-failure - fix incoming migration failures when |
3682 | + systemd-shim is installed. |
3683 | + * ovs-delete-port-if-exists-while-adding-new-one - cherrypick commit 33445ce |
3684 | + from upstream (LP: #1343262) |
3685 | + |
3686 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 08 Aug 2014 09:56:43 -0500 |
3687 | + |
3688 | +libvirt (1.2.6-0ubuntu4) utopic; urgency=high |
3689 | + |
3690 | + * No change rebuild against gnutls28. |
3691 | + |
3692 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Fri, 08 Aug 2014 13:28:03 +0100 |
3693 | + |
3694 | +libvirt (1.2.6-0ubuntu3) utopic; urgency=medium |
3695 | + |
3696 | + * debian/apparmor/usr.sbin.libvirtd - add cap-sys-resource to fully |
3697 | + fix (LP: #1276719) |
3698 | + |
3699 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 07 Aug 2014 12:43:20 -0500 |
3700 | + |
3701 | +libvirt (1.2.6-0ubuntu2) utopic; urgency=medium |
3702 | + |
3703 | + * Rebuild against libparted2. |
3704 | + |
3705 | + -- Colin Watson <cjwatson@ubuntu.com> Mon, 21 Jul 2014 21:27:18 +0100 |
3706 | + |
3707 | +libvirt (1.2.6-0ubuntu1) utopic; urgency=medium |
3708 | + |
3709 | + * New upstream release: |
3710 | + + Dropped: |
3711 | + - debian/patches/virt-aa-helper-vhost.patch |
3712 | + - debian/patches/libxl-Implement-basic-video-device-selection.patch |
3713 | + - debian/patches/libxl-Fix-up-VRAM-to-minimum-requirements.patch |
3714 | + + debian/rules: Include packaging version in the log file. (LP: #1335221) |
3715 | + |
3716 | + -- Chuck Short <zulcss@ubuntu.com> Fri, 04 Jul 2014 08:40:24 -0400 |
3717 | + |
3718 | +libvirt (1.2.5-0ubuntu6) utopic; urgency=low |
3719 | + |
3720 | + * libxl: Refresh patch(es) to allow the choice between Cirrus and |
3721 | + VGA for Xen HVM guests. |
3722 | + - d/p/libxl-Implement-basic-video-device-selection.patch [v4] |
3723 | + - d/p/libxl-Fix-up-VRAM-to-minimum-requirements.patch |
3724 | + |
3725 | + -- Stefan Bader <stefan.bader@canonical.com> Mon, 30 Jun 2014 16:08:56 +0200 |
3726 | + |
3727 | +libvirt (1.2.5-0ubuntu5) utopic; urgency=low |
3728 | + |
3729 | + * debian/apparmor/usr.sbin.libvirtd: allow libvirtd to run |
3730 | + libxl-save-helper (required for save restore through libxl). |
3731 | + (LP: #1334195) |
3732 | + |
3733 | + -- Stefan Bader <stefan.bader@canonical.com> Thu, 26 Jun 2014 15:53:05 +0200 |
3734 | + |
3735 | +libvirt (1.2.5-0ubuntu4) utopic; urgency=low |
3736 | + |
3737 | + * debian/apparmor/usr.sbin.libvirtd: allow pygrub to be run |
3738 | + (LP: #1326003) |
3739 | + |
3740 | + -- Stefan Bader <stefan.bader@canonical.com> Wed, 18 Jun 2014 11:04:15 +0200 |
3741 | + |
3742 | +libvirt (1.2.5-0ubuntu3) utopic; urgency=medium |
3743 | + |
3744 | + * d/p/virt-aa-helper-vhost.patch: allow access to /dev/vhost-net if domain |
3745 | + needs it (LP: #1322568) |
3746 | + |
3747 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 17 Jun 2014 22:01:49 -0500 |
3748 | + |
3749 | +libvirt (1.2.5-0ubuntu2) utopic; urgency=medium |
3750 | + |
3751 | + * implement cgmanager support (LP: #1322677) |
3752 | + - debian/control: build-dep on libcgmanager-dev, depend on cgmanager |
3753 | + - d/p/add-cgmanager-support.patch |
3754 | + |
3755 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 17 Jun 2014 16:40:20 -0500 |
3756 | + |
3757 | +libvirt (1.2.5-0ubuntu1) utopic; urgency=medium |
3758 | + |
3759 | + [ Chuck Short ] |
3760 | + * New upstream version: |
3761 | + + Rediffed: |
3762 | + - d/p/ubuntu-xend-probe.patch |
3763 | + + Dropped: |
3764 | + - d/p/libxl-Check-for-control_d-string-to-decide-about-dom.patch |
3765 | + - d/p/libxl-do-not-use-virdomain-id.patch |
3766 | + - d/p/libxl-set-disk-format-for-cdrom.patch |
3767 | + - d/p/libxl-set-vfb0-data-in-build-config.patch |
3768 | + - d/p/libxl-support-sexpr-in-native-to-XML-conversion.patch |
3769 | + - d/p/patch-qemuMonitorTextGetMigrationStatus-to-intercept.patch |
3770 | + - d/p/accomodate-new-qemu-migration-status-setup.patch |
3771 | + - d/p/9025-apparmor-allow-access-to-filesystem-mounts |
3772 | + - d/p/add-a-mutex-to-serialize-updates-to-fw.patch |
3773 | + - d/p/arm-cpu-baseline.patch |
3774 | + + debian/control: Add ebtables, iptables, and qemu-utils as a build dependency. |
3775 | + |
3776 | + [ Serge Hallyn ] |
3777 | + * d/p/ubuntu-skip-virstoragetest: skip a test that hangs in buildds. |
3778 | + * d/apparmor/TEMPLATE: replace libvirt-qemu with libvirt-driver to match |
3779 | + upstream commit 43c030f. |
3780 | + |
3781 | + -- Chuck Short <zulcss@ubuntu.com> Mon, 02 Jun 2014 09:35:18 -0400 |
3782 | + |
3783 | libvirt (1.2.4-3) unstable; urgency=medium |
3784 | |
3785 | * [b0b7359] Don't pretend kFreeBSD supports linux only features. So far we |
3786 | @@ -1988,6 +5585,147 @@ libvirt (1.2.3-1) experimental; urgency=medium |
3787 | |
3788 | -- Guido Günther <agx@sigxcpu.org> Mon, 07 Apr 2014 12:15:02 +0200 |
3789 | |
3790 | +libvirt (1.2.2-0ubuntu13.2) utopic; urgency=medium |
3791 | + |
3792 | + * debian/apparmor/libvirt-qemu: add device-tree access for ppc |
3793 | + (LP: #1321365) |
3794 | + |
3795 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 05 Jun 2014 12:06:17 -0500 |
3796 | + |
3797 | +libvirt (1.2.2-0ubuntu13.1) trusty-proposed; urgency=medium |
3798 | + |
3799 | + * debian/control: change apparmor dependency into an inverse conflicts, |
3800 | + so that libvirt can continue to be used without apparmor. (LP: #1304167) |
3801 | + |
3802 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 17 Apr 2014 10:42:08 -0500 |
3803 | + |
3804 | +libvirt (1.2.2-0ubuntu13) trusty; urgency=medium |
3805 | + |
3806 | + * Add a dependency on the new apparmor to make sure we have the new |
3807 | + parser around before we attempt to load a profile requiring the new |
3808 | + stanza support. (LP: #1304167) |
3809 | + |
3810 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 14 Apr 2014 11:03:37 -0500 |
3811 | + |
3812 | +libvirt (1.2.2-0ubuntu12) trusty; urgency=low |
3813 | + |
3814 | + * d/p/libxl-support-sexpr-in-native-to-XML-conversion.patch: |
3815 | + Allow to use libvirt to convert xend guest configurations into |
3816 | + xml format. |
3817 | + * Add libvirt-migrate-xend-managed-domains migration script. |
3818 | + (LP: #1303886) |
3819 | + * Added breaks for xen-utils-4.(1|3) to ensure postinst order. |
3820 | + |
3821 | + -- Stefan Bader <stefan.bader@canonical.com> Tue, 08 Apr 2014 19:55:29 +0200 |
3822 | + |
3823 | +libvirt (1.2.2-0ubuntu11) trusty; urgency=medium |
3824 | + |
3825 | + * debian/patches/recognize-trusty-machine-type.patch: Revert patch |
3826 | + since it was causing issues with virtio deivces. (LP: #1304107) |
3827 | + |
3828 | + -- Chuck Short <zulcss@ubuntu.com> Tue, 08 Apr 2014 12:51:55 -0400 |
3829 | + |
3830 | +libvirt (1.2.2-0ubuntu10) trusty; urgency=medium |
3831 | + |
3832 | + * d/p/recognize-trusty-machine-type.patch: handle "trusty" qemu machine type |
3833 | + (LP: #1294823) |
3834 | + |
3835 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 04 Apr 2014 09:29:22 -0500 |
3836 | + |
3837 | +libvirt (1.2.2-0ubuntu9) trusty; urgency=medium |
3838 | + |
3839 | + [ Jamie Strandboge ] |
3840 | + * updates for AppArmor signals and ptrace mediation (LP: #1298611) |
3841 | + - debian/apparmor/libvirt-qemu: allow guests to receive signals from and |
3842 | + be tracedby libvirtd (additional signal and ptrace rules come from the |
3843 | + AppArmor base abstraction) |
3844 | + - debian/apparmor/usr.sbin.libvirtd: |
3845 | + + grant bare signal and ptrace rule |
3846 | + + grant dbus on the system bus (should have been added in 13.10) |
3847 | + |
3848 | + -- Tyler Hicks <tyhicks@canonical.com> Thu, 03 Apr 2014 02:09:53 -0500 |
3849 | + |
3850 | +libvirt (1.2.2-0ubuntu8) trusty; urgency=medium |
3851 | + |
3852 | + * debian/apparmor/libvirt-qemu: Allow qemu-system-aarch64 to be used. |
3853 | + (LP: #1301516) |
3854 | + |
3855 | + -- Chuck Short <zulcss@ubuntu.com> Wed, 02 Apr 2014 14:20:39 -0400 |
3856 | + |
3857 | +libvirt (1.2.2-0ubuntu7) trusty; urgency=low |
3858 | + |
3859 | + * d/p/libxl-Create-log-directory-earlier.patch: |
3860 | + Move creation of log directory inside function that tries to create |
3861 | + a log file inside of it. Fixes startup when the libxl log directory |
3862 | + has not been created, yet. |
3863 | + * d/p/libxl-do-not-use-virdomain-id.patch: |
3864 | + Replace usage of dom->id with vm->def-id inside the driver (as that |
3865 | + is not getting stale). Fixes guest creation and reboot through |
3866 | + virt-manager (apart from possibly other things). |
3867 | + * d/p/libxl-set-disk-format-for-cdrom.patch: |
3868 | + Set disk format, otherwise an empty virtual CDROM makes the guest |
3869 | + unstartable. |
3870 | + * d/p/libxl-set-vfb0-data-in-build-config.patch: |
3871 | + Actually set video and display data in the domain build info. Beside |
3872 | + of preventing disagreement about VNC ports, this allows to select |
3873 | + standard VGA graphics and more VRAM trhough libvirt. |
3874 | + |
3875 | + -- Stefan Bader <stefan.bader@canonical.com> Thu, 27 Mar 2014 16:46:31 +0100 |
3876 | + |
3877 | +libvirt (1.2.2-0ubuntu6) trusty; urgency=medium |
3878 | + |
3879 | + * debian/libvirt-bin.dirs: Add /var/log/libvirt/libxl. |
3880 | + |
3881 | + -- Chuck Short <zulcss@ubuntu.com> Mon, 24 Mar 2014 14:32:54 -0400 |
3882 | + |
3883 | +libvirt (1.2.2-0ubuntu5) trusty; urgency=low |
3884 | + |
3885 | + * Refreshed d/p/libxl-Check-for-control_d-string-to-decide-about-dom.patch |
3886 | + to avoid logging an error when file is not present. |
3887 | + |
3888 | + -- Stefan Bader <stefan.bader@canonical.com> Fri, 21 Mar 2014 09:49:36 +0100 |
3889 | + |
3890 | +libvirt (1.2.2-0ubuntu4) trusty; urgency=medium |
3891 | + |
3892 | + * debian/patches/arm-cpu-baseline.patch: Implement a stub cpuArchDriver.baseline() |
3893 | + handler for arm. |
3894 | + |
3895 | + -- Chuck Short <zulcss@ubuntu.com> Mon, 17 Mar 2014 10:59:49 -0400 |
3896 | + |
3897 | +libvirt (1.2.2-0ubuntu3) trusty; urgency=low |
3898 | + |
3899 | + * d/p/libxl-Check-for-control_d-string-to-decide-about-dom.patch: Prevent |
3900 | + using the libxl driver when not running in dom0 but having xenfs mounted. |
3901 | + (LP: #1248025) |
3902 | + |
3903 | + -- Stefan Bader <stefan.bader@canonical.com> Wed, 12 Mar 2014 14:16:14 +0100 |
3904 | + |
3905 | +libvirt (1.2.2-0ubuntu2) trusty; urgency=medium |
3906 | + |
3907 | + * d/p/add-a-mutex-to-serialize-updates-to-fw.patch: fix another deadlock |
3908 | + when starting a large number of VMs. (LP: #1228977) |
3909 | + |
3910 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 11 Mar 2014 14:08:02 -0500 |
3911 | + |
3912 | +libvirt (1.2.2-0ubuntu1) trusty; urgency=medium |
3913 | + |
3914 | + * New upstream release: |
3915 | + - Rediffed patches: |
3916 | + - debian/patches/Allow-libvirt-group-to-access-the-socket.patch |
3917 | + - debian/patches/9004-libvirtd-group-name.patch |
3918 | + - debian/patches/dnsmasq-as-priv-user |
3919 | + - Dropped patches: |
3920 | + - debian/patches/9005-increase-unix-socket-timeout.patch: No longer |
3921 | + needed. |
3922 | + - debian/patches/rbd-storage-format.patch: No longer needed. |
3923 | + - debian/patches/9022-qemu-enable-host-passthrough-mode-for-aarch64: |
3924 | + No longer needed. |
3925 | + - debian/patches/9023-xen-fix-parsing-xend-http-response.patch: |
3926 | + No longer needed. |
3927 | + - debian/patches/ |
3928 | + |
3929 | + -- Chuck Short <zulcss@ubuntu.com> Mon, 03 Mar 2014 13:30:36 -0500 |
3930 | + |
3931 | libvirt (1.2.1-2) unstable; urgency=medium |
3932 | |
3933 | * [e936a7e] Document libvirt user capabilities |
3934 | @@ -2007,6 +5745,79 @@ libvirt (1.2.1-1) unstable; urgency=medium |
3935 | |
3936 | -- Guido Günther <agx@sigxcpu.org> Fri, 17 Jan 2014 06:16:29 +0100 |
3937 | |
3938 | +libvirt (1.2.1-0ubuntu10) trusty; urgency=medium |
3939 | + |
3940 | + * Pull patch from mailing list (merged with separate patch posted to the |
3941 | + bug) to fix 9p mounts. (LP: #1285995) |
3942 | + |
3943 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 28 Feb 2014 09:34:54 -0600 |
3944 | + |
3945 | +libvirt (1.2.1-0ubuntu9) trusty; urgency=medium |
3946 | + |
3947 | + * Cherrypick 9024-qemu-implement-a-stub-baseline-handler-for-aarch64 from |
3948 | + upstream git. |
3949 | + |
3950 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 14 Feb 2014 18:20:03 -0600 |
3951 | + |
3952 | +libvirt (1.2.1-0ubuntu8) trusty; urgency=medium |
3953 | + |
3954 | + * Add uvtool image path to virt-aa-helper AppArmor profile. |
3955 | + |
3956 | + -- Robie Basak <robie.basak@ubuntu.com> Fri, 14 Feb 2014 17:54:58 +0000 |
3957 | + |
3958 | +libvirt (1.2.1-0ubuntu7) trusty; urgency=low |
3959 | + |
3960 | + * debian/patches/nwfilter-locking.patch: Dropped causes ftbfs. |
3961 | + |
3962 | + -- Chuck Short <zulcss@ubuntu.com> Thu, 13 Feb 2014 10:07:56 -0700 |
3963 | + |
3964 | +libvirt (1.2.1-0ubuntu6) trusty; urgency=medium |
3965 | + |
3966 | + * debian/control: Move pm-utils from suggests to Recommends. |
3967 | + (LP: #1274772) |
3968 | + * debian/patches/patches/nwfilter-locking.patch: Fix nwfilter locking |
3969 | + causing libvirt to crash. (LP: #1228977) |
3970 | + |
3971 | + -- Chuck Short <zulcss@ubuntu.com> Thu, 06 Feb 2014 14:27:40 -0500 |
3972 | + |
3973 | +libvirt (1.2.1-0ubuntu5) trusty; urgency=low |
3974 | + |
3975 | + * cherry-pick "xen: fix parsing xend http response" from upstream |
3976 | + git to fix connecting to xex in xm/xend mode (LP: #915954) |
3977 | + |
3978 | + -- Stefan Bader <stefan.bader@canonical.com> Thu, 30 Jan 2014 10:05:31 +0000 |
3979 | + |
3980 | +libvirt (1.2.1-0ubuntu4) trusty; urgency=medium |
3981 | + |
3982 | + * cherrypick d/p/9022-qemu-enable-host-passthrough-mode-for-aarch64 from |
3983 | + upstream git. |
3984 | + |
3985 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 28 Jan 2014 10:28:09 +0000 |
3986 | + |
3987 | +libvirt (1.2.1-0ubuntu3) trusty; urgency=medium |
3988 | + |
3989 | + * d/control: add nfs-common to build-deps (LP: #1264955) |
3990 | + |
3991 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 22 Jan 2014 08:56:01 -0600 |
3992 | + |
3993 | +libvirt (1.2.1-0ubuntu2) trusty; urgency=medium |
3994 | + |
3995 | + * debian/patches/rbd-storage-format.patch: Make image format 2 the default |
3996 | + for RBD. |
3997 | + |
3998 | + -- Chuck Short <zulcss@ubuntu.com> Fri, 17 Jan 2014 10:31:37 -0500 |
3999 | + |
4000 | +libvirt (1.2.1-0ubuntu1) trusty; urgency=medium |
4001 | + |
4002 | + * New upstream release: |
4003 | + - Dropped patches: |
4004 | + + debian/patches/0001-libxl-Fix-devid-init-in-libxlMakeNicList.patch: |
4005 | + No longer needed |
4006 | + + debian/patches/0001-libxl-Fix-initialization-of-nictype-in-libxl_device_.patch: |
4007 | + No longer needed. |
4008 | + |
4009 | + -- Chuck Short <zulcss@ubuntu.com> Thu, 16 Jan 2014 09:17:20 -0500 |
4010 | + |
4011 | libvirt (1.2.1~rc2-1) experimental; urgency=medium |
4012 | |
4013 | * [e559e92] libvirt-bin.init: Fix typo in path when checking for systemd |
4014 | @@ -2069,6 +5880,41 @@ libvirt (1.2.0-1) unstable; urgency=medium |
4015 | |
4016 | -- Guido Günther <agx@sigxcpu.org> Wed, 18 Dec 2013 08:18:48 +0100 |
4017 | |
4018 | +libvirt (1.2.0-0ubuntu3) trusty; urgency=medium |
4019 | + |
4020 | + * debian/apparmor/usr.lib.libvirt.virt-aa-helper: add |
4021 | + /var/lib/nova/instances/snapshots/** r to allow virt-aa-helper to read |
4022 | + the snapshot directory to find images which VMs should be granted access |
4023 | + to. (LP: #1244694) |
4024 | + |
4025 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 09 Jan 2014 16:39:13 -0600 |
4026 | + |
4027 | +libvirt (1.2.0-0ubuntu2) trusty; urgency=low |
4028 | + |
4029 | + * Refresh/fix detection of xm/xl toolstack in use. The previous port |
4030 | + had two glitches, one of them causing the daemon to segfault. |
4031 | + * Cherry-pick "libxl: Fix initialization of nictype in libxl_device_nic" |
4032 | + from upstream to have the same default NIC choice with the libxl driver |
4033 | + as we had with the xen(d) driver (HVM guest uses a emulated rtl8139). |
4034 | + * Cherry-pick "libxl: Fix devid init in libxlMakeNicList" from upstream |
4035 | + to allow HVM guests to be brought up from the libxl driver. |
4036 | + |
4037 | + -- Stefan Bader <stefan.bader@canonical.com> Thu, 09 Jan 2014 11:19:07 +0100 |
4038 | + |
4039 | +libvirt (1.2.0-0ubuntu1) trusty; urgency=low |
4040 | + |
4041 | + * New upstream release: |
4042 | + - Refreshed patches: |
4043 | + + debian/patches/storage-default-permission-mode-to-0711 |
4044 | + - Dropped patches: |
4045 | + + debian/patches/util_use_w_flag_when_calling_iptables.patch |
4046 | + * debian/control, debian/rules, debian/python.mk, |
4047 | + debian/python-libvirt.install: python libvirt bindings have been |
4048 | + split out into its own source called libvirt-python. |
4049 | + * debian/libvirt-dev.install: Install API files into dev package |
4050 | + |
4051 | + -- Chuck Short <zulcss@ubuntu.com> Mon, 02 Dec 2013 09:56:17 -0500 |
4052 | + |
4053 | libvirt (1.2.0~rc2-1) experimental; urgency=low |
4054 | |
4055 | * [8bfdc7f] New upstream version 1.2.0~rc2 |
4056 | @@ -2109,6 +5955,78 @@ libvirt (1.1.4-1) unstable; urgency=low |
4057 | |
4058 | -- Guido Günther <agx@sigxcpu.org> Mon, 04 Nov 2013 07:05:45 +0100 |
4059 | |
4060 | +libvirt (1.1.4-0ubuntu5) trusty; urgency=medium |
4061 | + |
4062 | + * Build using dh-autoreconf. |
4063 | + * Enable numa support on ppc64 and ppc64el. |
4064 | + |
4065 | + -- Matthias Klose <doko@ubuntu.com> Sun, 22 Dec 2013 15:55:04 +0100 |
4066 | + |
4067 | +libvirt (1.1.4-0ubuntu4) trusty; urgency=low |
4068 | + |
4069 | + * debian/libvirt-dev.install: Add missing libvirt-lxc.so. |
4070 | + |
4071 | + -- Chuck Short <zulcss@ubuntu.com> Thu, 21 Nov 2013 13:10:58 -0500 |
4072 | + |
4073 | +libvirt (1.1.4-0ubuntu3) trusty; urgency=low |
4074 | + |
4075 | + * d/p/accomodate-new-qemu-migration-status-setup.patch: work around |
4076 | + libvirt's not yet knowing of qemu's new migration state, 'setup'. |
4077 | + This can be removed when upstream libvirt has a proper patch. QRT |
4078 | + fails without this. |
4079 | + |
4080 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 14 Nov 2013 08:41:07 -0600 |
4081 | + |
4082 | +libvirt (1.1.4-0ubuntu2) trusty; urgency=low |
4083 | + |
4084 | + * debian/patches/9002-better_default_uri_virsh.patch: Update to fix the |
4085 | + FTBFS. |
4086 | + |
4087 | + -- Chuck Short <zulcss@ubuntu.com> Wed, 13 Nov 2013 11:04:29 -0500 |
4088 | + |
4089 | +libvirt (1.1.4-0ubuntu1) trusty; urgency=low |
4090 | + |
4091 | + [ Chuck Short ] |
4092 | + * New upstream version: |
4093 | + - Rediffed patches: |
4094 | + + d/p/Don-t-enable-default-network-on-boot.patch |
4095 | + + d/p/ubuntu-xend-probe.patch |
4096 | + + d/p/Don-t-fail-if-we-can-t-setup-avahi.patch |
4097 | + + d/p/Disable-failing-virnetsockettest.patch |
4098 | + + d/p/Don-t-enable-default-network-on-boot.patch |
4099 | + - Dropped patches: |
4100 | + + d/p/v1.1.1-maint/0001-xen-fix-memory-corruption-in-legacy-driver.patch |
4101 | + + d/p/v1.1.1-maint/0002-qemu_migration-Don-t-error-on-tunelled-migration-wit.patch |
4102 | + + d/p/v1.1.1-maint/0003-build-fix-configure-detection-of-if_bridge.h-on-RHEL.patch |
4103 | + + d/p/v1.1.1-maint/0004-remote-Fix-a-segfault-in-remoteDomainCreateWithFlags.patch |
4104 | + + d/p/v1.1.1-maint/0005-Revert-build-fix-configure-detection-of-if_bridge.h-.patch |
4105 | + + d/p/v1.1.1-maint/0006-build-more-workarounds-for-if_bridge.h.patch |
4106 | + + d/p/v1.1.1-maint/0007-Fix-qemuProcessReadLog-with-non-zero-offset.patch |
4107 | + + d/p/v1.1.1-maint/0008-Reverse-logic-allowing-partial-DHCP-host-XML.patch |
4108 | + + d/p/v1.1.1-maint/0009-virsh-domain-Fix-memleak-in-cmdUndefine-with-storage.patch |
4109 | + + d/p/v1.1.1-maint/0010-virsh-domain-Fix-memleak-in-cmdCPUBaseline.patch |
4110 | + + d/p/v1.1.1-maint/0011-virbitmap-Refactor-virBitmapParse-to-avoid-access-be.patch |
4111 | + + d/p/CVE-2013-4296.patch |
4112 | + + d/p/CVE-2013-4311.patch |
4113 | + + d/p/CVE-2013-4297.patch |
4114 | + + d/p/fix-crash-in-libvirtd-when-events |
4115 | + + d/p/security-provide-supplemental-groups |
4116 | + + d/p/add-bounds-checking-on-virdomainmigrate |
4117 | + + d/p/xen-use-internal-interfaces-in-xendomainusedcpus |
4118 | + + d/p/fix-remote-client-segfault.patch |
4119 | + + d/p/ubuntu-xend-xmlcreate-double-free.patch |
4120 | + + d/p/9002-better_default_uri_virsh.patch |
4121 | + |
4122 | + [ Serge Hallyn ] |
4123 | + * update and re-add d/p/9002-better_default_uri_virsh.patch. Also patch |
4124 | + new uri-precedence test, as we break it with this patch. |
4125 | + * add d/p/util_use_w_flag_when_calling_iptables.patch (LP: #1245322) |
4126 | + * debian/apparmor/libvirt-qemu: allow access to hugepages mounts |
4127 | + (LP: #1250216) |
4128 | + * debian/apparmor/libvirt-qemu: allow access to usb info (LP: #1245251) |
4129 | + |
4130 | + -- Chuck Short <zulcss@ubuntu.com> Mon, 11 Nov 2013 11:03:06 -0500 |
4131 | + |
4132 | libvirt (1.1.4~rc2-1) experimental; urgency=low |
4133 | |
4134 | * [b56f727] Add option to mount cgroups during daemon start. The init |
4135 | @@ -2236,6 +6154,99 @@ libvirt (1.1.1-1) unstable; urgency=low |
4136 | |
4137 | -- Guido Günther <agx@sigxcpu.org> Mon, 05 Aug 2013 11:31:05 +0200 |
4138 | |
4139 | +libvirt (1.1.1-0ubuntu9) trusty; urgency=low |
4140 | + |
4141 | + * debian/apparmor/usr.sbin.libvirtd: add audit_write capability |
4142 | + (LP: #1204616) |
4143 | + |
4144 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 23 Oct 2013 14:09:04 -0500 |
4145 | + |
4146 | +libvirt (1.1.1-0ubuntu8) saucy; urgency=low |
4147 | + |
4148 | + * SECURITY UPDATE: denial of service via invalid free in |
4149 | + virFileNBDDeviceAssociate. |
4150 | + - debian/patches/CVE-2013-4297.patch: properly initialize qemunbd in |
4151 | + src/util/virfile.c. |
4152 | + - CVE-2013-4297 |
4153 | + |
4154 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 02 Oct 2013 13:35:14 -0400 |
4155 | + |
4156 | +libvirt (1.1.1-0ubuntu7) saucy; urgency=low |
4157 | + |
4158 | + * fix-crash-in-libvirtd-when-events: make sure to remove all event |
4159 | + callbacks when a client disconnects from libvirtd. |
4160 | + |
4161 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 02 Oct 2013 08:14:53 -0500 |
4162 | + |
4163 | +libvirt (1.1.1-0ubuntu6) saucy; urgency=low |
4164 | + |
4165 | + * SECURITY UPDATE: possible privilege escalation via pkcheck race. |
4166 | + - debian/patches/CVE-2013-4311.patch: add uid to pkcheck call in |
4167 | + configure.ac, daemon/remote.c, src/access/viraccessdriverpolkit.c, |
4168 | + src/rpc/virnetserverclient.c, src/util/viridentity.*. |
4169 | + - debian/rules: use DEB_AUTO_UPDATE_AUTOCONF and |
4170 | + DEB_AUTO_UPDATE_AUTOHEADER. |
4171 | + - debian/control: specify version of policykit-1 security update, add |
4172 | + libpolkit-gobject-1-dev to Build-Depends. |
4173 | + - CVE-2013-4311 |
4174 | + * SECURITY UPDATE: denial of service in remoteDispatchDomainMemoryStats |
4175 | + - debian/patches/CVE-2013-4296.patch: properly initialize stats in |
4176 | + daemon/remote.c. |
4177 | + - CVE-2013-4296 |
4178 | + |
4179 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 24 Sep 2013 19:25:55 -0400 |
4180 | + |
4181 | +libvirt (1.1.1-0ubuntu5) saucy; urgency=low |
4182 | + |
4183 | + * add-bounds-checking-on-virdomainmigrate: upstream patch for CVE-2013-4292 |
4184 | + * security-provide-supplemental-groups: upstream patch for CVE-2013-4291 |
4185 | + |
4186 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 09 Sep 2013 13:16:43 -0500 |
4187 | + |
4188 | +libvirt (1.1.1-0ubuntu4) saucy; urgency=low |
4189 | + |
4190 | + * apply all patches from v1.1.1-maint |
4191 | + * cherrypick xen-use-internal-interfaces-in-xendomainusedcpus from upstream |
4192 | + git. |
4193 | + |
4194 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 22 Aug 2013 10:57:20 -0500 |
4195 | + |
4196 | +libvirt (1.1.1-0ubuntu3) saucy; urgency=low |
4197 | + |
4198 | + * debian/apparmor/usr.sbin.libvirtd: Include the system bus abstraction in |
4199 | + the libvirtd AppArmor profile as libvirtd connects to the D-Bus system bus |
4200 | + |
4201 | + -- Tyler Hicks <tyhicks@canonical.com> Tue, 20 Aug 2013 09:07:17 -0700 |
4202 | + |
4203 | +libvirt (1.1.1-0ubuntu2) saucy; urgency=low |
4204 | + |
4205 | + * debian/patches/fix-remote-client-segfault.patch: Fix segfault when |
4206 | + using a remote client. |
4207 | + |
4208 | + -- Chuck Short <zulcss@ubuntu.com> Mon, 19 Aug 2013 10:33:08 -0400 |
4209 | + |
4210 | +libvirt (1.1.1-0ubuntu1) saucy; urgency=low |
4211 | + |
4212 | + [ Chuck Short ] |
4213 | + * New usptream version: |
4214 | + - Dropped: |
4215 | + + debian/patches/CVE-2013-2218-fix-crash-listing-network-interfaces-with-filters: |
4216 | + no longer needed. |
4217 | + + debian/patches/ubuntu-xen-hypervisor-4.3.patch: no longer needed. |
4218 | + + debian/patches/ubuntu-xen-fix-api-deadlocks.patch: no longer needed. |
4219 | + - Rediffed: |
4220 | + + debian/patches/Don-t-enable-default-network-on-boot.patch |
4221 | + + debian/patches/9005-increase-unix-socket-timeout.patch |
4222 | + |
4223 | + [ Stefan Bader ] |
4224 | + * Add apparmor rights to call into /usr/lib/xen-common/bin/xen-toolstack |
4225 | + to figure out which one is active. |
4226 | + * debian/patches/ubuntu-xend-probe.patch: Fix failure to detect |
4227 | + whether Xen uses xm/xend toolstack or xl/libxl. Avoid running |
4228 | + "xend status" as we do not package that in a pbublic path. |
4229 | + |
4230 | + -- Chuck Short <zulcss@ubuntu.com> Thu, 15 Aug 2013 17:23:21 +0000 |
4231 | + |
4232 | libvirt (1.1.0-4) unstable; urgency=low |
4233 | |
4234 | * [22913a0] Skip tests on all architectures except for i386 and amd64 as we |
4235 | @@ -2305,6 +6316,48 @@ libvirt (1.0.6-1) unstable; urgency=low |
4236 | |
4237 | -- Guido Günther <agx@sigxcpu.org> Thu, 06 Jun 2013 15:27:52 +0200 |
4238 | |
4239 | +libvirt (1.0.6-0ubuntu4) saucy; urgency=low |
4240 | + |
4241 | + * ubuntu-xen-fix-api-deadlocks.patch (LP: #1191782) |
4242 | + Fix the deadlocks in the xen driver when doing a dumpxml for active |
4243 | + domains. |
4244 | + * ubuntu-libxl-qemu-nopath.patch |
4245 | + Create libxl configurations without paths for qemu-dm and hvmloader. |
4246 | + The Xen toolstack can figure this out. |
4247 | + * ubuntu-xen-hypervisor-4.3.patch |
4248 | + Update the xen driver to handle the new sysctl and domctl versions |
4249 | + in Xen-4.3. |
4250 | + * Add apparmor definitions to execute scripts in /etc/xen/scrips as |
4251 | + the libxl driver calls out to them (with the xen/xm driver this was |
4252 | + done by the xen toolstack and communication with that was through |
4253 | + a socket). |
4254 | + |
4255 | + -- Stefan Bader <stefan.bader@canonical.com> Tue, 16 Jul 2013 10:59:11 +0200 |
4256 | + |
4257 | +libvirt (1.0.6-0ubuntu3) saucy; urgency=low |
4258 | + |
4259 | + * debian/apparmor/usr.lib.libvirt.virt-aa-helper: allow owner read of |
4260 | + @{PROC}/[0-9]*/status |
4261 | + |
4262 | + -- Jamie Strandboge <jamie@ubuntu.com> Mon, 15 Jul 2013 10:28:42 -0500 |
4263 | + |
4264 | +libvirt (1.0.6-0ubuntu2) saucy; urgency=low |
4265 | + |
4266 | + * Apply CVE-2013-2218-fix-crash-listing-network-interfaces-with-filters. |
4267 | + |
4268 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 28 Jun 2013 13:13:20 -0500 |
4269 | + |
4270 | +libvirt (1.0.6-0ubuntu1) saucy; urgency=low |
4271 | + |
4272 | + * New upstream relase. |
4273 | + + Dropped patches: |
4274 | + - debian/patches/vnc-socket.patch: Dropped no longer needed. |
4275 | + - debian/patches/Add-sanitytest.py.patch: Dropped no longer needed. |
4276 | + * debian/libvirt-bin.postinst: Make sure qemu.conf isn't world readable |
4277 | + by default. |
4278 | + |
4279 | + -- Chuck Short <zulcss@ubuntu.com> Mon, 03 Jun 2013 11:27:02 -0500 |
4280 | + |
4281 | libvirt (1.0.5-3) unstable; urgency=low |
4282 | |
4283 | * Upload to unstable (Closes: #709216, #705205) |
4284 | @@ -2334,6 +6387,25 @@ libvirt (1.0.5-1) experimental; urgency=low |
4285 | |
4286 | -- Guido Günther <agx@sigxcpu.org> Thu, 02 May 2013 21:34:32 +0200 |
4287 | |
4288 | +libvirt (1.0.5-0ubuntu1) saucy; urgency=low |
4289 | + |
4290 | + * New upstream release: |
4291 | + + Dropped patches: |
4292 | + - debian/patches/fix-virterror-namechange |
4293 | + - debian/patches/apparmor-use-apparmor-setfdlabel |
4294 | + - debian/patches/prevent-lxc-shutdown-host.patch |
4295 | + - debian/patches/apparmor-no-need-to-check-security-model |
4296 | + - debian/patches/nonblock-fix.patch |
4297 | + + Refreshed patches: |
4298 | + - debian/patches/9002-better_default_uri_virsh.patch |
4299 | + - debian/patches/enable-kvm-spice.patch |
4300 | + - debian/patches/patch-qemuMonitorTextGetMigrationStatus-to-intercept.patch |
4301 | + * debian/patches/Add-sanitytest.py.patch: Add patch to fix missing sanitytest.py |
4302 | + when building the testsuite. |
4303 | + * debian/libvirt-dev.install: dont't ship files for static linking. |
4304 | + |
4305 | + -- Chuck Short <zulcss@ubuntu.com> Thu, 02 May 2013 10:21:49 -0500 |
4306 | + |
4307 | libvirt (1.0.5~rc1-1) experimental; urgency=low |
4308 | |
4309 | * [c2302f5] Dont' fail with aug-tools installed. |
4310 | @@ -2409,6 +6481,122 @@ libvirt (1.0.2-1) experimental; urgency=low |
4311 | |
4312 | -- Guido Günther <agx@sigxcpu.org> Wed, 30 Jan 2013 21:06:02 +0100 |
4313 | |
4314 | +libvirt (1.0.2-0ubuntu12) saucy; urgency=low |
4315 | + |
4316 | + * debian/libvirt-bin.{dirs,install}: install dnsmasq.d-available/libvirt-bin |
4317 | + (LP: #1113821) |
4318 | + |
4319 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 29 Apr 2013 07:38:07 -0500 |
4320 | + |
4321 | +libvirt (1.0.2-0ubuntu11) raring; urgency=low |
4322 | + |
4323 | + * debian/patches/nonblock-fix.patch: cherrypicked upstream patch to |
4324 | + not mark qemu migration fd non-blocking. This fixes tcp live |
4325 | + migration. (LP: #1157626) |
4326 | + |
4327 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 18 Apr 2013 10:43:26 -0500 |
4328 | + |
4329 | +libvirt (1.0.2-0ubuntu10) raring; urgency=low |
4330 | + |
4331 | + * Add code to postinst to fix any double-migration of /etc/dnsmasq. |
4332 | + (LP: #1157332) |
4333 | + |
4334 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 28 Mar 2013 09:11:04 -0500 |
4335 | + |
4336 | +libvirt (1.0.2-0ubuntu9) raring; urgency=low |
4337 | + |
4338 | + * debian/patches/prevent-lxc-shutdown-host.patch: Backport fix |
4339 | + from upstream to prevent lxc-containets shutting down the host. |
4340 | + |
4341 | + -- Chuck Short <zulcss@ubuntu.com> Mon, 25 Mar 2013 09:28:47 -0500 |
4342 | + |
4343 | +libvirt (1.0.2-0ubuntu8b1) raring; urgency=low |
4344 | + |
4345 | + * No-change rebuild against libudev1 |
4346 | + |
4347 | + -- Martin Pitt <martin.pitt@ubuntu.com> Wed, 13 Mar 2013 07:02:03 +0000 |
4348 | + |
4349 | +libvirt (1.0.2-0ubuntu8) raring; urgency=low |
4350 | + |
4351 | + * put libvirt-bin dnsmasq file into /etc/dnsmasq.d-available, and |
4352 | + create a symlink in /etc/dnsmasq.d, to avoid problems when removing |
4353 | + and re-installing libvirt-bin. (LP: #1113821) |
4354 | + |
4355 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 26 Feb 2013 12:09:37 -0600 |
4356 | + |
4357 | +libvirt (1.0.2-0ubuntu7) raring; urgency=low |
4358 | + |
4359 | + * libvirt-bin.postinst: also put admin group members into the libvirtd |
4360 | + group, to support systems installed before precise. (LP: #1124127) |
4361 | + * libvirt-bin.postinst: use getent group instead of grep /etc/group |
4362 | + * rules: pass path to collie to enable sheepdog backend (LP: #1129107) |
4363 | + * control, rules: enable building against libaudit, which is in main. |
4364 | + |
4365 | + -- Adam Conrad <adconrad@ubuntu.com> Wed, 20 Feb 2013 15:50:47 -0700 |
4366 | + |
4367 | +libvirt (1.0.2-0ubuntu6) raring; urgency=low |
4368 | + |
4369 | + * Really refresh debian/patches/fix-ubuntu-xen-qemu-dm-path.patch and |
4370 | + not only claim to and disable it. |
4371 | + |
4372 | + -- Stefan Bader <stefan.bader@canonical.com> Tue, 19 Feb 2013 15:00:27 +0100 |
4373 | + |
4374 | +libvirt (1.0.2-0ubuntu5) raring; urgency=low |
4375 | + |
4376 | + * debian/apparmor/libvirt-qemu: allow qemu read access to |
4377 | + @{PROC}/sys/vm/overcommit_memory |
4378 | + |
4379 | + -- Jamie Strandboge <jamie@ubuntu.com> Thu, 14 Feb 2013 10:12:40 -0600 |
4380 | + |
4381 | +libvirt (1.0.2-0ubuntu4) raring; urgency=low |
4382 | + |
4383 | + * Update Readme.Debian |
4384 | + - we use libvirtd, not libvirt group (LP: #1095140) |
4385 | + - we add users from sudo, not admin group, to libvirtd. |
4386 | + * libvirt-bin.postinst: put users from sudo, not admin group, into group |
4387 | + libvirtd. (LP: #1124127) |
4388 | + |
4389 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 13 Feb 2013 09:47:58 -0600 |
4390 | + |
4391 | +libvirt (1.0.2-0ubuntu3) raring; urgency=low |
4392 | + |
4393 | + * libvirt-bin.postrm: only remove /etc/dnsmasq.d/libvirt-bin during |
4394 | + remove. (LP: #1113821) |
4395 | + |
4396 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 04 Feb 2013 10:35:47 -0600 |
4397 | + |
4398 | +libvirt (1.0.2-0ubuntu2) raring; urgency=low |
4399 | + |
4400 | + * debian/patches/fix-virterror-namechange: Include virterror otherwise |
4401 | + python-libvirt wont be able to find any error codes. |
4402 | + |
4403 | + -- Chuck Short <zulcss@ubuntu.com> Fri, 01 Feb 2013 13:10:58 -0600 |
4404 | + |
4405 | +libvirt (1.0.2-0ubuntu1) raring; urgency=low |
4406 | + |
4407 | + [ Chuck Short ] |
4408 | + * New upstream release: |
4409 | + + Dropped patches: |
4410 | + - debian/patches/Add_RESUME_event_listener_to_qemu_monitor.patch |
4411 | + - debian/patches/build-work-around-broken-kernel-header.patch |
4412 | + - debian/patches/bridge-fix-persistent-networks.patch |
4413 | + - debian/patches/CVE-2013-0170.patch |
4414 | + - debian/patches/qemu-relax-hard-rss-limit.patch |
4415 | + - debian/patches/9003-better-default-arch.patch |
4416 | + + Refreshed patches: |
4417 | + - debian/patches/fix-ubuntu-xen-qemu-dm-path.patch |
4418 | + - debian/patches/Reduce-udevadm-settle-timeout-to-10-seconds.patch |
4419 | + - debian/patches/9021-fix-uint64_t.patch |
4420 | + - debian/patches/9020-lp545795.patch |
4421 | + - debian/patches/Don-t-fail-if-we-can-t-setup-avahi.patch |
4422 | + + debian/libvirt0.install: Add libvirt-lxc.so.* |
4423 | + |
4424 | + [ Serge Hallyn ] |
4425 | + * debian/patches/fix-virterror-namechange: fix unfinished name change |
4426 | + causing errors in generated libvirt.py. |
4427 | + |
4428 | + -- Chuck Short <zulcss@ubuntu.com> Wed, 30 Jan 2013 09:04:38 -0600 |
4429 | + |
4430 | libvirt (1.0.2~rc1-1) experimental; urgency=low |
4431 | |
4432 | * [5ce607c] Make python-libvirt depend on the exact same libvirt0 version |
4433 | @@ -2452,6 +6640,42 @@ libvirt (1.0.1-1) experimental; urgency=low |
4434 | |
4435 | -- Guido Günther <agx@sigxcpu.org> Sun, 23 Dec 2012 12:28:01 +0100 |
4436 | |
4437 | +libvirt (1.0.1-0ubuntu4) raring; urgency=low |
4438 | + |
4439 | + * SECURITY UPDATE: denial of service and possible code execution via |
4440 | + uninitialized pointer |
4441 | + - debian/patches/CVE-2013-0170.patch: remove message from queue before |
4442 | + freeing in src/rpc/virnetserverclient.c. |
4443 | + - CVE-2013-0170 |
4444 | + |
4445 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 29 Jan 2013 15:19:54 -0500 |
4446 | + |
4447 | +libvirt (1.0.1-0ubuntu3) raring; urgency=low |
4448 | + |
4449 | + * debian/apparmor/libvirt-qemu: add /usr/share/ovmf/** r (LP: #1074207) |
4450 | + |
4451 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 29 Jan 2013 11:55:19 -0600 |
4452 | + |
4453 | +libvirt (1.0.1-0ubuntu2) raring; urgency=low |
4454 | + |
4455 | + * add qemu-relax-hard-rss-limit.rss to avoid OOM kills (LP: #1102290) |
4456 | + * debian/rules: replace --without-vbox with --with-vbox (LP: #1103721) |
4457 | + |
4458 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 24 Jan 2013 13:00:48 -0600 |
4459 | + |
4460 | +libvirt (1.0.1-0ubuntu1) raring; urgency=low |
4461 | + |
4462 | + * New upstream version. (LP: #1102487) |
4463 | + + Dropped apparmor-allow-hugepages |
4464 | + + update dnsmasq-as-priv-user, upstream now uses a configuration file. |
4465 | + + swap Add_RESUME_event_listener_to_qemu_monitor.patch from git tree for |
4466 | + the backported handle_resume_1.0.0-0ubuntu4.patch. |
4467 | + + rebuild debian/patches/build-work-around-broken-kernel-header |
4468 | + + add bridge-fix-persistent-networks.patch from upstream to fix bug |
4469 | + where new networks are not marked persistent. |
4470 | + |
4471 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 23 Jan 2013 13:24:30 -0600 |
4472 | + |
4473 | libvirt (1.0.1~rc1-1) experimental; urgency=low |
4474 | |
4475 | * [dca42fb] Rely on DBus activation for hal (Closes: #694020) |
4476 | @@ -2471,6 +6695,70 @@ libvirt (1.0.0-1) experimental; urgency=low |
4477 | |
4478 | -- Guido Günther <agx@sigxcpu.org> Tue, 06 Nov 2012 20:59:48 +0100 |
4479 | |
4480 | +libvirt (1.0.0-0ubuntu5) raring; urgency=low |
4481 | + |
4482 | + * handle_resume_1.0.0-0ubuntu4.patch: Add RESUME event listener to qemu |
4483 | + monitor (LP: #1097824) |
4484 | + * build-work-around-broken-kernel-header: work around FTBFS due to a |
4485 | + broken linux/if_bridge.h. |
4486 | + |
4487 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 16 Jan 2013 09:15:20 -0600 |
4488 | + |
4489 | +libvirt (1.0.0-0ubuntu4) raring; urgency=low |
4490 | + |
4491 | + * debian/patches/apparmor-allow-hugepages: update apparmor policies to |
4492 | + allow use of hugepages. (LP: #646468) |
4493 | + * debian/patches/vnc-socket.patch: If a vnc socket is in use, add it's |
4494 | + path to the apparmor policy. (LP: #1069534) |
4495 | + |
4496 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 05 Dec 2012 16:43:04 -0600 |
4497 | + |
4498 | +libvirt (1.0.0-0ubuntu3) raring; urgency=low |
4499 | + |
4500 | + * libvirt-bin.postinst: on first install, don't autostart virbr0 if |
4501 | + 192.168.122.0 already is in use. On upgrade, always autostart |
4502 | + virbr0 if and only if it was autostarted before the upgrade. |
4503 | + |
4504 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 27 Nov 2012 00:25:11 -0600 |
4505 | + |
4506 | +libvirt (1.0.0-0ubuntu2) raring; urgency=low |
4507 | + |
4508 | + * debian/patches/add-armhf-sysinfo-infomration.patch: Disable |
4509 | + to fix FTBFS on arm. |
4510 | + |
4511 | + -- Chuck Short <zulcss@ubuntu.com> Mon, 19 Nov 2012 10:41:02 -0600 |
4512 | + |
4513 | +libvirt (1.0.0-0ubuntu1) raring; urgency=low |
4514 | + |
4515 | + [ Chuck Short ] |
4516 | + * New upstream version: |
4517 | + + droppped: |
4518 | + - debian/patches/CVE-2012-3445.patch |
4519 | + - debian/patches/fix-cve-2012-4423 |
4520 | + - debian/patches/lp1039678.patch |
4521 | + - debian/patches/add-libvirt-highbank-support.patch |
4522 | + - debian/patches/add-armhf-cpuinfo-parser.patch |
4523 | + - debian/patches/fix-lxc-container-unmounting.patch |
4524 | + - debian/patches/libnl3-build-fix.patch |
4525 | + - debian/patches/Don-t-require-gawk-for-a-simple-print-expression.patch |
4526 | + - debian/patches/virsh-Initialize-library-before-calling-virResetLast.patch |
4527 | + - debian/patches/qemu-warn-on-pc-0.12.patch |
4528 | + - debian/patches/storage-default-pool-permission-mode-to-0755 |
4529 | + - debian/patches/netcf-daemon-fix-wrong-macro-name |
4530 | + - debian/patches/xen_hypervisor-treat-missing-privcmd-file-as-temporary.patch |
4531 | + + Re-diffed: |
4532 | + - debian/patches/9002-better_default_uri_virsh.patch |
4533 | + - debian/patches/dnsmasq-as-priv-user |
4534 | + - debian/patches/enable-kvm-spice.patch |
4535 | + + debian/control, debian/rules: Turn on rbd pool storage. |
4536 | + |
4537 | + [ Serge Hallyn ] |
4538 | + * Add patches to fix apparmor labeling issue at VM start: |
4539 | + - apparmor-no-need-to-check-security-model |
4540 | + - apparmor-use-apparmor-setfdlabel |
4541 | + |
4542 | + -- Chuck Short <zulcss@ubuntu.com> Mon, 12 Nov 2012 07:50:44 -0600 |
4543 | + |
4544 | libvirt (1.0.0~rc3-1) experimental; urgency=low |
4545 | |
4546 | * [d3d06ad] New upstream version 1.0.0~rc3 |
4547 | @@ -2596,6 +6884,119 @@ libvirt (0.9.13-1) experimental; urgency=low |
4548 | |
4549 | -- Guido Günther <agx@sigxcpu.org> Wed, 01 Aug 2012 13:14:30 +0200 |
4550 | |
4551 | +libvirt (0.9.13-0ubuntu12) quantal; urgency=low |
4552 | + |
4553 | + * Refresh fix-ubuntu-xen-qemu-dm-path.patch to only use executable |
4554 | + names and let the toolchain find out the right paths (LP: #914788). |
4555 | + Thanks George Dunlap. |
4556 | + * Refresh and re-activate xen_hypervisor-treat-missing-privcmd-file- |
4557 | + as-temporary.patch (LP: #922486) |
4558 | + |
4559 | + -- Stefan Bader <stefan.bader@canonical.com> Fri, 05 Oct 2012 11:35:43 +0200 |
4560 | + |
4561 | +libvirt (0.9.13-0ubuntu11) quantal-proposed; urgency=low |
4562 | + |
4563 | + * SECURITY UPDATE: denial of service via invalid RPC command |
4564 | + - debian/patches/CVE-2012-3445.patch: make sure nparams isn't set to |
4565 | + zero in daemon/remote.c. |
4566 | + - CVE-2012-3445 |
4567 | + |
4568 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 26 Sep 2012 11:49:45 -0400 |
4569 | + |
4570 | +libvirt (0.9.13-0ubuntu10) quantal; urgency=high |
4571 | + |
4572 | + * apply fix-cve-2012-4423 from upstream to prevent potential daemon |
4573 | + segfaults with newer virsh. |
4574 | + - Fixes: CVE-2012-4423. |
4575 | + |
4576 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 14 Sep 2012 11:05:40 -0500 |
4577 | + |
4578 | +libvirt (0.9.13-0ubuntu9) quantal; urgency=low |
4579 | + |
4580 | + * debian/patches/lp1039678.patch: fix segfault in 'snapshot-list' |
4581 | + - LP: #1039678 |
4582 | + |
4583 | + -- Jamie Strandboge <jamie@ubuntu.com> Tue, 21 Aug 2012 13:59:34 -0500 |
4584 | + |
4585 | +libvirt (0.9.13-0ubuntu8) quantal-proposed; urgency=low |
4586 | + |
4587 | + * debian/libvirt-bin.apport: add filter on AppArmor profile names to |
4588 | + prevent false positives from denials originating in other packages. |
4589 | + |
4590 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 20 Aug 2012 10:49:17 -0400 |
4591 | + |
4592 | +libvirt (0.9.13-0ubuntu7) quantal; urgency=low |
4593 | + |
4594 | + * debian/apparmor/libvirt-qemu: allow owner read access to @{PROC}/*/auxv |
4595 | + |
4596 | + -- Jamie Strandboge <jamie@ubuntu.com> Tue, 14 Aug 2012 16:44:30 -0500 |
4597 | + |
4598 | +libvirt (0.9.13-0ubuntu6) quantal; urgency=low |
4599 | + |
4600 | + * enable netcf support (LP: #520386) |
4601 | + - debian/control: build-dep on libnetcf-dev |
4602 | + - debian/rules: add --with-netcf to configure args |
4603 | + * add patch netcf-daemon-fix-wrong-macro-name from upstream so netcf support |
4604 | + can actually work. |
4605 | + |
4606 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 08 Aug 2012 07:54:16 -0500 |
4607 | + |
4608 | +libvirt (0.9.13-0ubuntu5) quantal; urgency=low |
4609 | + |
4610 | + * add patch Reduce-udevadm-settle-timeout-to-10-seconds.patch (copied from |
4611 | + Debian tree) to fix 3 minute hang during pool-refresh when using LVM |
4612 | + backed pools. (LP: #1027987) |
4613 | + * debian/control: add pm-utils to libvirt-bin Suggests. (LP: #994476) |
4614 | + |
4615 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 26 Jul 2012 11:05:18 -0500 |
4616 | + |
4617 | +libvirt (0.9.13-0ubuntu4) quantal; urgency=low |
4618 | + |
4619 | + * debian/patches/add-armhf-sysinfo-infomration.patch: |
4620 | + Provides cpuinfo for armhf cpus. |
4621 | + * debian/patches/add-armhf-cpuinfo-parser.patch: |
4622 | + Fixes compile time warning about armhf cpus. |
4623 | + |
4624 | + -- Chuck Short <zulcss@ubuntu.com> Thu, 19 Jul 2012 14:54:47 -0500 |
4625 | + |
4626 | +libvirt (0.9.13-0ubuntu3) quantal; urgency=low |
4627 | + |
4628 | + * debian/apparmor/libvirt-qemu: add ceph.conf (LP: #1026404) |
4629 | + * debian/patches: re-add 9002-better_default_uri_virsh.patch (LP: #1026515) |
4630 | + |
4631 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 19 Jul 2012 07:58:39 -0500 |
4632 | + |
4633 | +libvirt (0.9.13-0ubuntu2) quantal; urgency=low |
4634 | + |
4635 | + * Apply upstream patch to switch default storage pool dir perms from 0700 |
4636 | + to 0755. Then push our own patch to change that to 0711. We'll get the |
4637 | + upstream patch on 0.9.14 merge, but we'll want to keep our patch on top |
4638 | + of that. |
4639 | + |
4640 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 16 Jul 2012 18:06:43 +0000 |
4641 | + |
4642 | +libvirt (0.9.13-0ubuntu1) quantal; urgency=low |
4643 | + |
4644 | + * New upstream version: |
4645 | + * debian/rules: Remove .la files |
4646 | + * debian/control: Dropped debian vcs info. |
4647 | + * Dropped: |
4648 | + - debian/paches/9022-pass-the-virt-driver-name-into-security-drivers: |
4649 | + Already applied upstream. |
4650 | + - debian/patches/9023-dont-enable-apparmor-driver-with-lxc |
4651 | + Already applied upstream. |
4652 | + - debian/patches/9024-initialize-random-generator-in-lxc: |
4653 | + Already applied upstream. |
4654 | + * Re-diffed: |
4655 | + - debian/patches/9002-better_default_uri_virsh.patch |
4656 | + * Added: |
4657 | + - debian/patches/add-libvirt-highbank-support.patch: Add highbank |
4658 | + CPU detection support. |
4659 | + - debian/patches/fix-lxc-container-unmounting.patch: Fix container |
4660 | + mounting. |
4661 | + |
4662 | + -- Chuck Short <zulcss@ubuntu.com> Wed, 11 Jul 2012 12:37:49 -0500 |
4663 | + |
4664 | libvirt (0.9.13~rc2-1) experimental; urgency=low |
4665 | |
4666 | * [505f873] New upstream version 0.9.13~rc2 |
4667 | @@ -2643,7 +7044,6 @@ libvirt (0.9.12-4) unstable; urgency=low |
4668 | |
4669 | -- Guido Günther <agx@sigxcpu.org> Wed, 01 Aug 2012 21:12:13 +0200 |
4670 | |
4671 | - |
4672 | libvirt (0.9.12-3) unstable; urgency=low |
4673 | |
4674 | * [6b610b6] Include stdint.h for uint32_t to fix the build on kFreeBSD |
4675 | @@ -2667,6 +7067,83 @@ libvirt (0.9.12-1) experimental; urgency=low |
4676 | |
4677 | -- Guido Günther <agx@sigxcpu.org> Tue, 15 May 2012 14:31:26 +0200 |
4678 | |
4679 | +libvirt (0.9.12-0ubuntu5) quantal; urgency=low |
4680 | + |
4681 | + * 9024-initialize-random-generator-in-lxc: invoke virRandomInitialize() |
4682 | + to prevent segfaults when lxc uses virRandomBits(). (LP: #1023205) |
4683 | + |
4684 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 11 Jul 2012 07:59:03 -0500 |
4685 | + |
4686 | +libvirt (0.9.12-0ubuntu4) quantal; urgency=low |
4687 | + |
4688 | + * 9022-pass-the-virt-driver-name-into-security-drivers and |
4689 | + 9023-dont-enable-apparmor-driver-with-lxc: fix libvirt-lxc breakages |
4690 | + due to incomplete apparmor security driver for lxc. |
4691 | + |
4692 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 29 Jun 2012 18:15:04 -0500 |
4693 | + |
4694 | +libvirt (0.9.12-0ubuntu3) quantal; urgency=low |
4695 | + |
4696 | + * install apport hook as right name - libvirt-bin is the binary package, |
4697 | + the source package name is libvirt. (LP: #1007405) |
4698 | + * install /etc/dnsmasq.d/libvirt to configure system wide dnsmasq to not |
4699 | + listen on the libvirt bridge. (Following Stéphane's lxc example) |
4700 | + (LP: #928524) (LP: #231060) |
4701 | + - postinst: restart dnsmasq; postrm: remove dnsmasq.d/libvirt file and |
4702 | + restart dnsmasq; rules, libvirt-bin.dirs and libvirt-bin.install: |
4703 | + install new debian/libvirt-bin.dnsmasq file. |
4704 | + |
4705 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 01 Jun 2012 09:36:58 -0500 |
4706 | + |
4707 | +libvirt (0.9.12-0ubuntu2) quantal; urgency=low |
4708 | + |
4709 | + * Warn user about bad pc-0.12 machine type, and help user transition. |
4710 | + (LP: #1001625) |
4711 | + - qemu-warn-on-pc-0.12.patch: When defining or starting a VM which uses the |
4712 | + pc-0.12 machine type, warn in libvirtd.log. |
4713 | + - debian/libvirt-migrate-qemu-machinetype: automatically migrate QEMU VMs |
4714 | + to newest machine type. This is not done automatically as there will |
4715 | + be some users who have good reason to stay with pc-0.12. |
4716 | + |
4717 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 28 May 2012 17:48:50 +0000 |
4718 | + |
4719 | +libvirt (0.9.12-0ubuntu1) quantal; urgency=low |
4720 | + |
4721 | + * New upstream version: |
4722 | + * Synchronize with debian packaging: |
4723 | + - debian/control: Update build depends. |
4724 | + - debian/libvirt-bin.postrm: Cleanup /var/log/libvirt |
4725 | + on purge. |
4726 | + - Bump standards verson (no changes). |
4727 | + - debian/patches/Don-t-fail-if-we-can-t-setup-avahi.patch: Added |
4728 | + * Dropped patches: |
4729 | + - debian/patches/Debianize-libvirt-guests.patch |
4730 | + - debian/patches/rewrite-lxc-controller-eof-handling-yet-again |
4731 | + - debian/patches/ubuntu/libnl13.patch |
4732 | + - debian/patches/ubuntu/fix-lxc-startup-error.patch |
4733 | + - debian/patches/ubuntu/fix-bridge-fd.patch |
4734 | + - debian/patches/ubuntu/skip-labelling-network-disks.patch |
4735 | + - debian/patches/ubuntu/xen-xend-shutdown-detection.patch |
4736 | + - debian/patches/ubuntu/xen-config-no-vfb-for-hvm.patch |
4737 | + - debian/patches/debian/Disable-daemon-start-test.patch |
4738 | + - debian/patches/debian/Disable-gnulib-s-test-nonplocking-pipe.sh.patch |
4739 | + - debian/patches/ubuntu/9006-default-config-test-case.patch |
4740 | + - debian/patches/fix-block-migration.patch |
4741 | + - debian/patches/ubuntu/9022-qemu-unescape-HMP-commands-before-converting-them-to.patch |
4742 | + - debian/patches/ubuntu/9023-qemu-change-rbd-auth_supported-separation-character-.patch |
4743 | + - debian/patches/ubuntu/9024-qemu-allow-snapshotting-of-sheepdog-and-rbd-disks.patch |
4744 | + - debian/patches/9025-qemu-change-rbd-auth_supported-separation-character-.patch |
4745 | + - debian/patches/ubuntu/arm-gcc-workaround.patch |
4746 | + * Rediffed: |
4747 | + - debian/patches/Allow-libvirt-group-to-access-the-socket.patch |
4748 | + - debian/patches/Disable-failing-virnetsockettest.patch |
4749 | + - debian/patches/dnsmasq-as-priv-user |
4750 | + - debian/patches/9002-better_default_uri_virsh.patch |
4751 | + * debian/control: Add libnl-route-3-dev ass a build depends. |
4752 | + * debian/patches/libnl3-build-fix.patch: Fix build with libnl3. |
4753 | + |
4754 | + -- Chuck Short <zulcss@ubuntu.com> Sun, 13 May 2012 15:44:12 -0400 |
4755 | + |
4756 | libvirt (0.9.12~rc2-1) experimental; urgency=low |
4757 | |
4758 | * [721a2d8] New upstream version 0.9.12~rc2 |
4759 | @@ -2767,6 +7244,259 @@ libvirt (0.9.9-1) experimental; urgency=low |
4760 | |
4761 | -- Guido Günther <agx@sigxcpu.org> Tue, 10 Jan 2012 13:40:41 +0100 |
4762 | |
4763 | +libvirt (0.9.8-2ubuntu18) quantal; urgency=low |
4764 | + |
4765 | + * debian/apparmor/usr.sbin.libvirtd: allow execution of /lib/udev/scsi_id |
4766 | + (LP: #992378) |
4767 | + |
4768 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 02 May 2012 14:02:32 -0500 |
4769 | + |
4770 | +libvirt (0.9.8-2ubuntu17) precise; urgency=low |
4771 | + |
4772 | + * debian/apparmor/usr.lib.libvirt.virt-aa-helper: add /**.qed r so qed |
4773 | + drives in non-standard locations can be used. (LP: #981571) |
4774 | + |
4775 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 16 Apr 2012 11:30:47 -0500 |
4776 | + |
4777 | +libvirt (0.9.8-2ubuntu16) precise; urgency=low |
4778 | + |
4779 | + [ Serge Hallyn ] |
4780 | + * Apply patches from Josh Durgin <josh.durgin@dreamhost.com> to make |
4781 | + attaching rbd volumes and taking snapshots of them work. |
4782 | + - ubuntu/9022-qemu-unescape-HMP-commands-before-converting-them-to.patch |
4783 | + - ubuntu/9023-qemu-change-rbd-auth_supported-separation-character-.patch |
4784 | + - ubuntu/9024-qemu-allow-snapshotting-of-sheepdog-and-rbd-disks.patch |
4785 | + - ubuntu/9025-qemu-change-rbd-auth_supported-separation-character-.patch |
4786 | + |
4787 | + [ Stefan Bader ] |
4788 | + * Do not use vfb sections in HVM graphics definitions (side- |
4789 | + effect will create a vkbd device as well which causes error |
4790 | + messages in the HVM guest). (LP: #973529) |
4791 | + |
4792 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 05 Apr 2012 11:43:15 -0500 |
4793 | + |
4794 | +libvirt (0.9.8-2ubuntu15) precise; urgency=low |
4795 | + |
4796 | + [ Stefan Bader ] |
4797 | + * Use domain/status to check for inactive domains in the xend sub- |
4798 | + driver. (LP: #929626) |
4799 | + * Prevent the hypervisor sub-driver from logging an internal error |
4800 | + just because it cannot find a certain domain when looking for |
4801 | + the number of vcpus. (LP: #963006) |
4802 | + |
4803 | + -- Stefan Bader <stefan.bader@canonical.com> Fri, 23 Mar 2012 11:38:24 +0100 |
4804 | + |
4805 | +libvirt (0.9.8-2ubuntu14) precise; urgency=low |
4806 | + |
4807 | + * re-enable numa (undo delta against debian) (LP: #614322): |
4808 | + - debian/control: remove from dependencies |
4809 | + - debian/rules: turn it off |
4810 | + |
4811 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 13 Mar 2012 11:25:53 -0500 |
4812 | + |
4813 | +libvirt (0.9.8-2ubuntu13) precise; urgency=low |
4814 | + |
4815 | + * ubuntu/skip-labelling-network-disks.patch: don't try to label network |
4816 | + drives with apparmor. It fails. (LP: #949428) |
4817 | + |
4818 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 12 Mar 2012 14:20:05 -0500 |
4819 | + |
4820 | +libvirt (0.9.8-2ubuntu12) precise; urgency=low |
4821 | + |
4822 | + [ Stefan Bader ] |
4823 | + * Never use type=ioemu for NIC definitions. It is not needed |
4824 | + and actually breaks the paravirt interface which always gets |
4825 | + created in parallel. |
4826 | + |
4827 | + -- Stefan Bader <stefan.bader@canonical.com> Wed, 07 Mar 2012 15:08:55 +0100 |
4828 | + |
4829 | +libvirt (0.9.8-2ubuntu11) precise; urgency=low |
4830 | + |
4831 | + [ Serge Hallyn ] |
4832 | + * run dnsmasq as a new libvirt-dnsmasq user (LP: #938255) |
4833 | + - ubuntu/dnsmasq-as-priv-user: add '-u libvirt-dnsmasq' to dnsmasq args |
4834 | + - debian/libvirt-bin.postinst: create libvirt-dnsmasq user |
4835 | + - tests/networkxml2argvdata/*.argv: update expected dnsmasq command lines |
4836 | + to include '-u libvirt-dnsmasq'. |
4837 | + |
4838 | + [ Chuck Short ] |
4839 | + * cherry-pick rewrite-lxc-controller-eof-handling-yet-again (commit |
4840 | + 9130396214975ba2251082f943c9717281039050) from upstream. |
4841 | + |
4842 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Fri, 02 Mar 2012 08:49:41 -0600 |
4843 | + |
4844 | +libvirt (0.9.8-2ubuntu10) precise; urgency=low |
4845 | + |
4846 | + * debian/control: add libgcrypt11-dev to build-depends (LP: #932889) |
4847 | + |
4848 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 15 Feb 2012 13:13:09 -0600 |
4849 | + |
4850 | +libvirt (0.9.8-2ubuntu9) precise; urgency=low |
4851 | + |
4852 | + [ Stefan Bader ] |
4853 | + * xen_hypervisor: libvirtd can be started before xenfs has been loaded |
4854 | + as a module. A missing privcmd file is not necessarily a permanent |
4855 | + error. (LP: #922486) |
4856 | + |
4857 | + [ Serge Hallyn ] |
4858 | + * debian/libvirt-bin.upstart: start on just 'runlevel [2345]' |
4859 | + |
4860 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 08 Feb 2012 11:20:35 -0600 |
4861 | + |
4862 | +libvirt (0.9.8-2ubuntu8) precise; urgency=low |
4863 | + |
4864 | + * ubuntu/fix-bridge-fd.patch: cherrypick commit |
4865 | + 2d5046d31f4f5c961fc4aa6b415a00bb9eadae2b from upstream to write the |
4866 | + bridge delay to the right file. (LP: #924446) |
4867 | + |
4868 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Wed, 01 Feb 2012 11:13:23 -0600 |
4869 | + |
4870 | +libvirt (0.9.8-2ubuntu7) precise; urgency=low |
4871 | + |
4872 | + [ David weber ] |
4873 | + * debian/patches/fix-block-migration.patch: Fix block-migration for large images. |
4874 | + |
4875 | + [ Guilhem Lettron ] |
4876 | + * debian/apparmor/libvirt-qemu: add apparmor rule for mavtap (LP: #921870) |
4877 | + |
4878 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 26 Jan 2012 11:22:04 -0600 |
4879 | + |
4880 | +libvirt (0.9.8-2ubuntu6) precise; urgency=low |
4881 | + |
4882 | + * debian/patches/fix-lxc-startup-error.patch: Fix lxc start up error. |
4883 | + (LP: #921004) |
4884 | + |
4885 | + -- Chuck Short <zulcss@ubuntu.com> Tue, 24 Jan 2012 10:05:29 -0500 |
4886 | + |
4887 | +libvirt (0.9.8-2ubuntu5) precise; urgency=low |
4888 | + |
4889 | + * debian/libvirt-bin.postinst: even if we think it's a new install, don't |
4890 | + assume that /etc/libvirt/qemu/networks/autostart/default.xml doesn't |
4891 | + exist. |
4892 | + |
4893 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Mon, 23 Jan 2012 12:43:02 -0600 |
4894 | + |
4895 | +libvirt (0.9.8-2ubuntu4) precise; urgency=low |
4896 | + |
4897 | + * debian/patches/fix-ubuntu-xen-qemu-dm-patch.patch: |
4898 | + Update patch due to failing tests. |
4899 | + |
4900 | + -- Chuck Short <zulcss@ubuntu.com> Fri, 20 Jan 2012 16:05:45 -0500 |
4901 | + |
4902 | +libvirt (0.9.8-2ubuntu3) precise; urgency=low |
4903 | + |
4904 | + * debian/control: add dbus to libvirt-bin depends. It fails to start |
4905 | + otherwise. (LP: #918343) |
4906 | + |
4907 | + -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 19 Jan 2012 16:11:44 -0600 |
4908 | + |
4909 | +libvirt (0.9.8-2ubuntu2) precise; urgency=low |
4910 | + |
4911 | + * debian/patches/fix-ubuntu-xen-qemu-dm-path.patch: |
4912 | + Fix qemu-dm paths so Xen can be used with libvirt. |
4913 | + (LP: #914788) |
4914 | + |
4915 | + -- Chuck Short <zulcss@ubuntu.com> Wed, 18 Jan 2012 14:31:27 -0500 |
4916 | + |
4917 | +libvirt (0.9.8-2ubuntu1) precise; urgency=low |
4918 | + |
4919 | + * Merge from Debian Unstable, remaining changes are: |
4920 | + - debian/control: |
4921 | + * set X-Python-Version to 2.7, as 2.6 is not in oneiric. |
4922 | + * set ubuntu maintainer |
4923 | + * Build-Depends: |
4924 | + - swap open-iscsi to open-iscsi-utils |
4925 | + - remove virtualbox-ose |
4926 | + - add libapparmor-dev |
4927 | + - swap libnl-dev for libnl3-dev |
4928 | + * convert Vcs-Git to Xs-Debian-Vcs-Git |
4929 | + * libvirt-bin Depends: move netcat-openbsd, bridge-utils, dnsmasq-base |
4930 | + (>= 2.46-1), and iptables from Recommends to Depends |
4931 | + * libvirt-bin Recommends: move qemu to Suggests |
4932 | + * libvirt-bin Suggests: add apparmor |
4933 | + * libvirt0 Recommends: move lvm2 to Suggests |
4934 | + * Install cgroup-lite |
4935 | + - keep debian/libvirt-bin.apport |
4936 | + - keep debian/libvirt-bin.cron.daily |
4937 | + - debian/libvirt-bin.dirs: |
4938 | + * add apparmor, cron.daily, and apport dirs |
4939 | + - debian/libvirt-bin.examples: |
4940 | + * add debian/libvirt-suspendonreboot |
4941 | + - debian/libvirt-bin.install: |
4942 | + * add /etc/apparmor.d files |
4943 | + * add apport hook |
4944 | + - debian/libvirt-bin.postinst: |
4945 | + * replace libvirt groupname with libvirtd |
4946 | + * add each admin user to libvirtd group |
4947 | + * call apparmor_parser on usr.sbin.libvirtd and |
4948 | + usr.lib.libvirt.virt-aa-helper |
4949 | + * call 'libvirt-migrate-qemu-disks -a' after |
4950 | + libvirt-bin has started if migrating from |
4951 | + older than 0.8.3-1ubuntu1 |
4952 | + - debian/libvirt-bin.postrm: |
4953 | + * replace libvirt groupname with libvirtd |
4954 | + * remove usr.sbin.libvirtd and |
4955 | + usr.lib.libvirt.virt-aa-helper |
4956 | + - keep added files under debian/: |
4957 | + * libvirt-bin.upstart |
4958 | + * libvirt-migrate-qemu-disks |
4959 | + * libvirt-migrate-qemu-disks.1 |
4960 | + * libvirt-suspendonreboot |
4961 | + * apparmor profiles |
4962 | + - debian/README.Debian: |
4963 | + * add 'Apparmor Profile' section |
4964 | + * add 'Disk migration' section |
4965 | + - debian/rules: |
4966 | + * don't build with vbox since virtualbox-ose is in universe |
4967 | + - remove WITH_VBOX, add explicit --without-vbox |
4968 | + * add --with-apparmor to DEB_CONFIGURE_EXTRA_FLAGS |
4969 | + * set DEB_DH_INSTALLINIT_ARGS to '--upstart-only' |
4970 | + * remove unneeded clean:: section (they only deal with sysvinit stuff) |
4971 | + * comment out binary-install/libvirt-bin:: part dealing with sysvinit |
4972 | + * dont ship libvirt-guests init script for now. |
4973 | + * add build/libvirt-bin:: section to install |
4974 | + - apparmor files |
4975 | + - apport hooks |
4976 | + - libvirt-migrate-qemu-disks |
4977 | + * debian/patches/series: |
4978 | + - don't apply Debian-specific Debianize-libvirt-guests.patch (sysvinit only) |
4979 | + - don't apply Disable qemu-disable-network.diff.patch |
4980 | + * debian/patches(/ubuntu): |
4981 | + - Disable-gnulib-s-test-nonplocking-pipe.sh.patch is in sid's debian/patches |
4982 | + - drop patches: |
4983 | + * 9000-delayed_iff_up_bridge.patch |
4984 | + * 9011-move-ebtables-script.patch |
4985 | + * apparmor-allow-tunnelled-migration.patch |
4986 | + * apparmor-allow-tunnelled-migration-2.patch |
4987 | + * fix-qemu-1.0.patch |
4988 | + * conf-dont-drop-console-def-ondomain-restart.patch |
4989 | + - keep (and refreshed) patches: |
4990 | + * 9002-better_default_uri_virsh.patch |
4991 | + * 9003-better-default-arch.patch |
4992 | + * 9004-libvirtd-group-name.patch |
4993 | + * 9005-increase-unix-socket-timeout.patch |
4994 | + * 9006-default-config-test-case.patch |
4995 | + * 9020-lp545795.patch |
4996 | + * 9021-fix-uint64_t.patch |
4997 | + * libnl3.patch |
4998 | + * arm-gcc-workaround.patch |
4999 | + * disable numa - until the MIR for numa is done |
5000 | + - debian/control: remove from dependencies |
Tags to help review the merge: 6.0-groovy/ split/6. 0.0-0ubuntu10 6.0-groovy/ logical/ 6.0.0-0ubuntu10 6.0-mergebase
- merge-6.
- merge-6.
Branch:
- merge-6.
use this as the base for the review (ignore LP please)
We work in Debian to get more things in there, so it will slightly
change. But for the review use this as the base to review.
- merge-6.6.0-groovy
The proposed branch
range-diff will be very noisy as there was a lot of wrap-and-sort going on.
That makes everything appear changed, but mostly are no-ops.
I've had regression tests running and found further issues.
All fixed or soon-to-be-fixed by now.
Overall 7 apparmor changes upstreamed and 4 new upstream fixes IIRC.
The Debian unstable upload for 6.6 is planned soon which will give further
test exposure.
One Debian uploaded I'll do a final re-base and edit this MP to match things.
But given how many changes this has it might be worth to start review now.