~ubuntu-virt/libvirt/+git/libvirt-lp-import:v1.2.13-maint

Branch merges

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related charm recipes

35c2bd7... by Jiri Denemark <email address hidden> on 2016-06-28

qemu: Let empty default VNC password work as documented

CVE-2016-5008

Setting an empty graphics password is documented as a way to disable
VNC/SPICE access, but QEMU does not always behaves like that. VNC would
happily accept the empty password. Let's enforce the behavior by setting
password expiration to "now".

https://bugzilla.redhat.com/show_bug.cgi?id=1180092

Signed-off-by: Jiri Denemark <email address hidden>
(cherry picked from commit bb848feec0f3f10e92dd8e5231ae7aa89b5598f3)

d888390... by Jovanka Gulicoska <email address hidden> on 2016-03-17

driver: log missing modules as INFO, not WARN

Missing modules is a common expected scenario for most libvirt usage on
RPM distributions like Fedora, so it doesn't really warrant logging at
WARN level. Use INFO instead

https://bugzilla.redhat.com/show_bug.cgi?id=1274849
(cherry picked from commit 9a0c7f5f834185db9017c34aabc03ad99cf37bed)

7434df6... by Cole Robinson on 2016-03-15

rpc: wait longer for session daemon to start up

https://bugzilla.redhat.com/show_bug.cgi?id=1271183

We only wait 0.5 seconds for the session daemon to start up and present
its socket, which isn't sufficient for many users. Bump up the sleep
interval and retry amount so we wait for a total of 5.0 seconds.

(cherry picked from commit ca0c06f4008154de55e0b3109885facd0bf02d32)

1f6d360... by Jiri Denemark <email address hidden> on 2016-01-15

security: Do not restore kernel and initrd labels

Kernel/initrd files are essentially read-only shareable images and thus
should be handled in the same way. We already use the appropriate label
for kernel/initrd files when starting a domain, but when a domain gets
destroyed we would remove the labels which would make other running
domains using the same files very unhappy.

https://bugzilla.redhat.com/show_bug.cgi?id=921135

Signed-off-by: Jiri Denemark <email address hidden>
(cherry picked from commit 68acc701bd449481e3206723c25b18fcd3d261b7)

2625613... by Cole Robinson on 2016-01-12

rpc: socket: Don't repeatedly attempt to launch daemon

On every socket connect(2) attempt we were re-launching session
libvirtd, up to 100 times in 5 seconds.

This understandably caused some weird load races and intermittent
qemu:///session startup failures

https://bugzilla.redhat.com/show_bug.cgi?id=1271183
(cherry picked from commit 2eb7a975756d05a5b54ab4acf60083beb6161ac6)

3192efa... by Cole Robinson on 2016-01-12

rpc: socket: Explicitly error if we exceed retry count

When we autolaunch libvirtd for session URIs, we spin in a retry
loop waiting for the daemon to start and the connect(2) to succeed.

However if we exceed the retry count, we don't explicitly raise an
error, which can yield a slew of different error messages elsewhere
in the code.

Explicitly raise the last connect(2) failure if we run out of retries.

(cherry picked from commit 8da02d528068942303923fc4f935e77cccac9c7c)

4cfc14c... by Cole Robinson on 2016-01-12

rpc: socket: Minor cleanups

- Add some debugging
- Make the loop dependent only on retries
- Make it explicit that connect(2) success exits the loop
- Invert the error checking logic

(cherry picked from commit f102c7146ed7f6e04af0ad3bce302476239f2502)

fe40b1d... by Daniel Berrange on 2015-07-03

rpc: ensure daemon is spawn even if dead socket exists

The auto-spawn code would originally attempt to spawn the
daemon for both ENOENT and ECONNREFUSED errors from connect().
The various refactorings eventually lost this so we only
spawn the daemon on ENOENT. The result is if the daemon exits
uncleanly, so that the socket is left in the filesystem, we
will never be able to auto-spawn the daemon again.

(cherry picked from commit 406ee8c226d2197ba1aaecb9cf3ad2b6df31ae44)

d7addd6... by Cole Robinson on 2016-01-20

build: predictably generate systemtap tapsets (bz 1173641)

The generated output is dependent on perl hashtable ordering, which
gives different results for i686 and x86_64. Fix this by sorting
the hash keys before iterating over them

https://bugzilla.redhat.com/show_bug.cgi?id=1173641
(cherry picked from commit a1edb05c6028470aa24b74aa0f8d5fb5a181128a)

931888e... by =?utf-8?q?J=C3=A1n_Tomko?= <email address hidden> on 2016-01-14

leaseshelper: fix crash when no mac is specified

If dnsmasq specified DNSMASQ_IAID (so we're dealing with an IPv6
lease) but no DNSMASQ_MAC, we skip creation of the new lease object.

Also skip adding it to the leases array.

https://bugzilla.redhat.com/show_bug.cgi?id=1202350
(cherry picked from commit df9fe124d650bc438c531673492569da87523d20)
Signed-off-by: Ján Tomko <email address hidden>