From 9dea1618755891526f708aa335b4136c1302d16e Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Sat, 27 Mar 2021 07:35:02 -0400 Subject: gnu: Use 'gtk-doc/stable' in native-inputs of selected packages. * gnu/packages/calendar.scm (libical), gnu/packages/check.scm (umockdev), gnu/packages/fontutils.scm (libraqm), gnu/packages/freedesktop.scm (appstream, farstream, libglib-testing) (udisks, libfprint, libportal), gnu/packages/geo.scm (memphis, osm-gps-map), gnu/packages/glib.scm (template-glib), gnu/packages/gnome.scm (gupnp-igd, libcloudproviders, libgrss, seed) (gtx, dee, zeitgeist, phodav, gssdp, gupnp, gupnp-dlna, gupnp-av, rygel) (libnma, gdl, libnotify, vte-ng, dconf, libxklavier, libsoup, colord) (geoclue, geocode-glib, amtk, grilo, gvfs, gusb, network-manager) (network-manager-applet, gfbgraph, libunique, cheese, libhandy) (gnome-latex, libgda), gnu/packages/gstreamer.scm (orc), gnu/packages/gtk.scm (at-spi2-core, goocanvas), gnu/packages/language.scm (nimf), gnu/packages/networking.scm (libnice), gnu/packages/video.scm (schroedinger), gnu/packages/virtualization.scm (libosinfo), gnu/packages/webkit.scm (wpewebkit, webkitgtk), gnu/packages/xml.scm (libxmlb)[native-inputs]: Replace 'gtk-doc' with 'gtk-doc/stable'. --- gnu/packages/virtualization.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'gnu/packages/virtualization.scm') diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm index fabac5b984..96347adf7c 100644 --- a/gnu/packages/virtualization.scm +++ b/gnu/packages/virtualization.scm @@ -984,7 +984,7 @@ (define-public libosinfo (native-inputs `(("glib" ,glib "bin") ; glib-mkenums, etc. ("gobject-introspection" ,gobject-introspection) - ("gtk-doc" ,gtk-doc) + ("gtk-doc" ,gtk-doc/stable) ("vala" ,vala) ("intltool" ,intltool) ("pkg-config" ,pkg-config) -- cgit v1.2.3 From ceff850369738888a0b7ce96d71614a57c769e71 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Sun, 28 Mar 2021 22:35:57 +0200 Subject: gnu: skopeo: Update to 1.2.2. * gnu/packages/virtualization.scm (skopeo): Update to 1.2.2. --- gnu/packages/virtualization.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'gnu/packages/virtualization.scm') diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm index 96347adf7c..c6929b9f1a 100644 --- a/gnu/packages/virtualization.scm +++ b/gnu/packages/virtualization.scm @@ -1670,7 +1670,7 @@ (define-public umoci (define-public skopeo (package (name "skopeo") - (version "1.2.1") + (version "1.2.2") (source (origin (method git-fetch) (uri (git-reference @@ -1679,7 +1679,7 @@ (define-public skopeo (file-name (git-file-name name version)) (sha256 (base32 - "1y9pmijazbgxzriymrm7zrifmkd1x1wad9b3zjcj7zwr6c999dhg")))) + "03sznybn3rqjyplc6w4b7mfa6gas8db15p5vnmfm1xqw72ldylgc")))) (build-system go-build-system) (native-inputs `(("pkg-config" ,pkg-config) -- cgit v1.2.3 From 383b02a370252c08eb1d43ac94d659c1d3993a35 Mon Sep 17 00:00:00 2001 From: Pierre Langlois Date: Sat, 20 Mar 2021 21:31:22 +0000 Subject: gnu: libvirt: Update to 7.1.0. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/virtualization.scm (libvirt): Update to 7.1.0. [source]: Remove libvirt-create-machine-cgroup.patch, add libvirt-do-not-create-var-dirs.patch. [build-system]: Switch to meson-build-system. [arguments]: Use meson-0.55. Adapt #:configure-flags for meson, there is no need for --docdir anymore. Remove fix-BOURNE_SHELL-definition phase. Add fix-sysconfdir-and-localstatedir phase. Adapt disable-broken-tests to meson. [native-inputs]: Add python-docutils and rpcsvc-proto. * gnu/packages/patches/libvirt-create-machine-cgroup.patch: Delete. * gnu/packages/patches/libvirt-do-not-create-var-dirs.patch: New patch. * gnu/local.mk (dist_patch_DATA): Add new patch, remove the other. Signed-off-by: Ludovic Courtès --- gnu/local.mk | 2 +- .../patches/libvirt-create-machine-cgroup.patch | 48 ------------- .../patches/libvirt-do-not-create-var-dirs.patch | 30 +++++++++ gnu/packages/virtualization.scm | 78 +++++++++------------- 4 files changed, 64 insertions(+), 94 deletions(-) delete mode 100644 gnu/packages/patches/libvirt-create-machine-cgroup.patch create mode 100644 gnu/packages/patches/libvirt-do-not-create-var-dirs.patch (limited to 'gnu/packages/virtualization.scm') diff --git a/gnu/local.mk b/gnu/local.mk index deb4ddcede..d8c548b0eb 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1262,7 +1262,7 @@ dist_patch_DATA = \ %D%/packages/patches/kdbusaddons-kinit-file-name.patch \ %D%/packages/patches/libffi-3.3-powerpc-fixes.patch \ %D%/packages/patches/libffi-float128-powerpc64le.patch \ - %D%/packages/patches/libvirt-create-machine-cgroup.patch \ + %D%/packages/patches/libvirt-do-not-create-var-dirs.patch \ %D%/packages/patches/libziparchive-add-includes.patch \ %D%/packages/patches/localed-xorg-keyboard.patch \ %D%/packages/patches/kdiagram-Fix-missing-link-libraries.patch \ diff --git a/gnu/packages/patches/libvirt-create-machine-cgroup.patch b/gnu/packages/patches/libvirt-create-machine-cgroup.patch deleted file mode 100644 index 585ac237e1..0000000000 --- a/gnu/packages/patches/libvirt-create-machine-cgroup.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 9ca0b2955edea162b255b428e493cd8ffac52167 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Miguel=20=C3=81ngel=20Arruga=20Vivas?= - -Date: Fri, 1 Nov 2019 17:29:00 +0100 -Subject: [PATCH] vircgroup: Ensure /machine group is associated with its - parent. - -Call first virCgroupNew on the parent group virCgroupNewPartition if -it is available on before the creation of the child group. This -ensures that the creation of a first level group on the unified -architecture, as the check at virCgroupV2ParseControllersFile as the -parent file is there. - -Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1760233 ---- - src/util/vircgroup.c | 8 +++++--- - 1 file changed, 5 insertions(+), 3 deletions(-) - -diff --git a/src/util/vircgroup.c b/src/util/vircgroup.c -index b46f20abfd..33c61f2d45 100644 ---- a/src/util/vircgroup.c -+++ b/src/util/vircgroup.c -@@ -855,9 +855,6 @@ virCgroupNewPartition(const char *path, - if (virCgroupSetPartitionSuffix(path, &newPath) < 0) - goto cleanup; - -- if (virCgroupNew(-1, newPath, NULL, controllers, group) < 0) -- goto cleanup; -- - if (STRNEQ(newPath, "/")) { - char *tmp; - parentPath = g_strdup(newPath); -@@ -868,7 +865,12 @@ virCgroupNewPartition(const char *path, - - if (virCgroupNew(-1, parentPath, NULL, controllers, &parent) < 0) - goto cleanup; -+ } - -+ if (virCgroupNew(-1, newPath, parent, controllers, group) < 0) -+ goto cleanup; -+ -+ if (parent) { - if (virCgroupMakeGroup(parent, *group, create, VIR_CGROUP_NONE) < 0) - goto cleanup; - } --- -2.23.0 - diff --git a/gnu/packages/patches/libvirt-do-not-create-var-dirs.patch b/gnu/packages/patches/libvirt-do-not-create-var-dirs.patch new file mode 100644 index 0000000000..6b89d49fd4 --- /dev/null +++ b/gnu/packages/patches/libvirt-do-not-create-var-dirs.patch @@ -0,0 +1,30 @@ +We define localstatedir as /var, and so we shouldn't be installing empty +directories there. + +diff --git a/src/meson.build b/src/meson.build +index f13b85b74e..58040f2c5d 100644 +--- a/src/meson.build ++++ b/src/meson.build +@@ -893,22 +893,6 @@ if conf.has('WITH_DTRACE_PROBES') + ) + endif + +- +-# Install empty directories +- +-virt_install_dirs += [ +- localstatedir / 'cache' / 'libvirt', +- localstatedir / 'lib' / 'libvirt' / 'images', +- localstatedir / 'lib' / 'libvirt' / 'filesystems', +- localstatedir / 'lib' / 'libvirt' / 'boot', +-] +- +-meson.add_install_script( +- meson_python_prog.path(), python3_prog.path(), meson_install_dirs_prog.path(), +- virt_install_dirs, +-) +- +- + # Check driver files + + if host_machine.system() == 'linux' diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm index c6929b9f1a..7a34f8db1f 100644 --- a/gnu/packages/virtualization.scm +++ b/gnu/packages/virtualization.scm @@ -18,6 +18,7 @@ ;;; Copyright © 2020, 2021 Maxim Cournoyer ;;; Copyright © 2020 Brett Gilio ;;; Copyright © 2021 Leo Famulari +;;; Copyright © 2021 Pierre Langlois ;;; ;;; This file is part of GNU Guix. ;;; @@ -1065,64 +1066,49 @@ (define-public lxc (define-public libvirt (package (name "libvirt") - (version "5.8.0") + (version "7.1.0") (source (origin (method url-fetch) (uri (string-append "https://libvirt.org/sources/libvirt-" version ".tar.xz")) (sha256 - (base32 "0m8cqaqflvys5kaqpvb0qr4k365j09jc5xk6x70yvg8qkcl2hcz2")) + (base32 "0v50ckf56h6jd9bmqwp0lh2cmb7qqjmcb6y3mz2i2r15h06ih3w7")) (patches - (search-patches "libvirt-create-machine-cgroup.patch")))) - (build-system gnu-build-system) + (search-patches "libvirt-do-not-create-var-dirs.patch")))) + (build-system meson-build-system) (arguments - `(#:configure-flags - (list "--with-qemu" - "--with-qemu-user=nobody" - "--with-qemu-group=kvm" - "--with-polkit" - (string-append "--docdir=" (assoc-ref %outputs "out") "/share/doc/" - ,name "-" ,version) - "--sysconfdir=/etc" - "--localstatedir=/var") + `(#:meson ,meson-0.55 ;; libvirt requires meson 0.54 or higher. + #:configure-flags + (list "-Ddriver_qemu=enabled" + "-Dqemu_user=nobody" + "-Dqemu_group=kvm" + "-Dpolkit=enabled") #:phases (modify-phases %standard-phases - (add-before 'configure 'fix-BOURNE_SHELL-definition - ;; BOURNE_SHELL is hard-#defined to ‘/bin/sh’, causing test failures. + (add-after 'unpack 'fix-sysconfdir-and-localstatedir (lambda _ - (substitute* "config.h.in" - (("/bin/sh") (which "sh"))) - #t)) - (add-before 'configure 'patch-libtirpc-file-names - (lambda* (#:key inputs #:allow-other-keys) - ;; libvirt uses an m4 macro instead of pkg-config to determine where - ;; the RPC headers are located. Tell it to look in the right place. - (substitute* "configure" - (("/usr/include/tirpc") ;defined in m4/virt-xdr.m4 - (string-append (assoc-ref inputs "libtirpc") - "/include/tirpc"))) + (substitute* "meson.build" + ;; We set the prefix to be the package output, but we need + ;; localstatedir to be /var. Sadly the build system doesn't + ;; seem to allow that easily. + (("localstatedir = prefix / get_option\\('localstatedir'\\)") + "localstatedir = get_option('localstatedir')") + ;; On the other hand, we keep sysconfdir using the prefix so + ;; that we install configuration files in the package output. + ;; However, we need to make sure the C code refers to /etc via + ;; SYSCONFDIR, and not the read-only configuration in the + ;; package output. + (("set_quoted\\('SYSCONFDIR', sysconfdir\\)") + "set_quoted('SYSCONFDIR', '/etc')")) #t)) (add-before 'configure 'disable-broken-tests (lambda _ - (let ((tests (list "commandtest" ; hangs idly - "qemuxml2argvtest" ; fails - "qemuhotplugtest" ; fails - "virnetsockettest" ; tries to network - "virshtest"))) ; fails - (substitute* "tests/Makefile.in" - (((format #f "(~a)\\$\\(EXEEXT\\)" (string-join tests "|"))) - "")) - #t))) - (replace 'install - ;; Since the sysconfdir and localstatedir should be /etc and /var - ;; at runtime, we must prevent writing to them at installation - ;; time. - (lambda* (#:key make-flags #:allow-other-keys) - (apply invoke "make" "install" - "sysconfdir=/tmp/etc" - "localstatedir=/tmp/var" - make-flags)))))) + (substitute* "tests/meson.build" + (("\\{ 'name': 'commandtest'.*") "") ; hangs idly + (("\\{ 'name': 'qemuxml2argvtest'.*") "") ; fails + (("\\{ 'name': 'virnetsockettest'.*") "")) ; tries to network + #t))))) (inputs `(("libxml2" ,libxml2) ("eudev" ,eudev) @@ -1149,7 +1135,9 @@ (define-public libvirt ("perl" ,perl) ("pkg-config" ,pkg-config) ("polkit" ,polkit) - ("python" ,python-wrapper))) + ("python" ,python-wrapper) + ("python-docutils" ,python-docutils) ;for rst2html + ("rpcsvc-proto" ,rpcsvc-proto))) ;for 'rpcgen' (home-page "https://libvirt.org") (synopsis "Simple API for virtualization") (description "Libvirt is a C toolkit to interact with the virtualization -- cgit v1.2.3 From 52ed12afcb4618f0a9801b10799d8bbdffe87878 Mon Sep 17 00:00:00 2001 From: Pierre Langlois Date: Sat, 20 Mar 2021 21:31:23 +0000 Subject: gnu: python-libvirt: Update to 7.1.0. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/virtualization.scm (python-libvirt): Update to 7.1.0. Signed-off-by: Ludovic Courtès --- gnu/packages/virtualization.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'gnu/packages/virtualization.scm') diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm index 7a34f8db1f..e1b780bbe1 100644 --- a/gnu/packages/virtualization.scm +++ b/gnu/packages/virtualization.scm @@ -1191,14 +1191,14 @@ (define-public libvirt-glib (define-public python-libvirt (package (name "python-libvirt") - (version "5.8.0") + (version "7.1.0") (source (origin (method url-fetch) (uri (string-append "https://libvirt.org/sources/python/libvirt-python-" version ".tar.gz")) (sha256 - (base32 "0kyz3lx49d8p75mvbzinxc1zgs8g7adn77y9bm15b8b4ad9zl5s6")))) + (base32 "0dq0qn0xx5hflaq5apj5pm79ba0wcl3w0j9klx8bg73z80gd7bzs")))) (build-system python-build-system) (arguments `(#:phases -- cgit v1.2.3 From 7573ab22d7400a16d81228c6500331a293887cae Mon Sep 17 00:00:00 2001 From: Pierre Langlois Date: Sat, 20 Mar 2021 21:31:24 +0000 Subject: gnu: libvirt-glib: Update to 4.0.0. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/virtualization.scm (libvirt-glib): Update to 4.0.0. [build-system]: Switch to meson-build-system. Signed-off-by: Ludovic Courtès --- gnu/packages/virtualization.scm | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'gnu/packages/virtualization.scm') diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm index e1b780bbe1..8fcdb660ce 100644 --- a/gnu/packages/virtualization.scm +++ b/gnu/packages/virtualization.scm @@ -1149,15 +1149,15 @@ (define-public libvirt (define-public libvirt-glib (package (name "libvirt-glib") - (version "3.0.0") + (version "4.0.0") (source (origin (method url-fetch) (uri (string-append "ftp://libvirt.org/libvirt/glib/" - "libvirt-glib-" version ".tar.gz")) + "libvirt-glib-" version ".tar.xz")) (sha256 (base32 - "1zpbv4ninc57c9rw4zmmkvvqn7154iv1qfr20kyxn8xplalqrzvz")))) - (build-system gnu-build-system) + "1gdcvqz88qkp402zra9csc6391f2xki1270x683n6ixakl3gf8w4")))) + (build-system meson-build-system) (inputs `(("openssl" ,openssl) ("cyrus-sasl" ,cyrus-sasl) -- cgit v1.2.3 From 5eb05ede0bf0cfe3080a24eea783f0fbc2ed4015 Mon Sep 17 00:00:00 2001 From: Pierre Langlois Date: Sat, 20 Mar 2021 21:31:25 +0000 Subject: gnu: virt-manager: Update to 3.2.0. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/virtualization.scm (virt-manager): Update to 3.2.0. [arguments]: Remove #:test-target. Remove fix-qemu-img-reference phase. Adapt check phase to use pytest, although they still do not run. [native-inputs]: Add python-docutils. Suggest adding python-pytest to enable tests. Signed-off-by: Ludovic Courtès --- gnu/packages/virtualization.scm | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) (limited to 'gnu/packages/virtualization.scm') diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm index 8fcdb660ce..ab7d8deec6 100644 --- a/gnu/packages/virtualization.scm +++ b/gnu/packages/virtualization.scm @@ -1230,7 +1230,7 @@ (define-public python2-libvirt (define-public virt-manager (package (name "virt-manager") - (version "2.2.1") + (version "3.2.0") (source (origin (method url-fetch) (uri (string-append "https://virt-manager.org/download/sources" @@ -1238,11 +1238,10 @@ (define-public virt-manager version ".tar.gz")) (sha256 (base32 - "06ws0agxlip6p6n3n43knsnjyd91gqhh2dadgc33wl9lx1k8vn6g")))) + "11kvpzcmyir91qz0dsnk7748jbb4wr8mrc744w117qc91pcy6vrb")))) (build-system python-build-system) (arguments `(#:use-setuptools? #f ; uses custom distutils 'install' command - #:test-target "test_ui" #:tests? #f ; TODO The tests currently fail ; RuntimeError: Loop condition wasn't ; met @@ -1260,12 +1259,6 @@ (define-public virt-manager (substitute* "virtinst/buildconfig.py" (("/usr") (assoc-ref outputs "out"))) #t)) - (add-after 'unpack 'fix-qemu-img-reference - (lambda* (#:key inputs #:allow-other-keys) - (substitute* "virtconv/formats.py" - (("/usr(/bin/qemu-img)" _ suffix) - (string-append (assoc-ref inputs "qemu") suffix))) - #t)) (add-after 'unpack 'fix-default-uri (lambda* (#:key inputs #:allow-other-keys) ;; Xen is not available for now - so only patch qemu. @@ -1296,11 +1289,12 @@ (define-public virt-manager (lambda* (#:key tests? #:allow-other-keys) (when tests? (setenv "HOME" "/tmp") + (setenv "XDG_CACHE_HOME" "/tmp") (system "Xvfb :1 &") (setenv "DISPLAY" ":1") ;; Dogtail requires that Assistive Technology support be enabled (setenv "GTK_MODULES" "gail:atk-bridge") - (invoke "dbus-run-session" "--" "python" "setup.py" "test_ui")) + (invoke "dbus-run-session" "--" "pytest" "--uitests")) #t)) (add-after 'install 'glib-or-gtk-compile-schemas (assoc-ref glib-or-gtk:%standard-phases 'glib-or-gtk-compile-schemas)) @@ -1330,7 +1324,9 @@ (define-public virt-manager ("gtk+" ,gtk+ "bin") ; gtk-update-icon-cache ("perl" ,perl) ; pod2man ("intltool" ,intltool) + ("rst2man" ,python-docutils) ;; The following are required for running the tests + ;; ("python-pytest" ,python-pytest) ;; ("python-dogtail" ,python-dogtail) ;; ("xvfb" ,xorg-server-for-tests) ;; ("dbus" ,dbus) -- cgit v1.2.3 From d01837ca0d1f2805a119571dfab436726157eeac Mon Sep 17 00:00:00 2001 From: Pierre Langlois Date: Thu, 1 Apr 2021 22:50:43 +0100 Subject: Revert "gnu: virt-manager: Update to 3.2.0." This reverts commit 5eb05ede0bf0cfe3080a24eea783f0fbc2ed4015. --- gnu/packages/virtualization.scm | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) (limited to 'gnu/packages/virtualization.scm') diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm index ab7d8deec6..8fcdb660ce 100644 --- a/gnu/packages/virtualization.scm +++ b/gnu/packages/virtualization.scm @@ -1230,7 +1230,7 @@ (define-public python2-libvirt (define-public virt-manager (package (name "virt-manager") - (version "3.2.0") + (version "2.2.1") (source (origin (method url-fetch) (uri (string-append "https://virt-manager.org/download/sources" @@ -1238,10 +1238,11 @@ (define-public virt-manager version ".tar.gz")) (sha256 (base32 - "11kvpzcmyir91qz0dsnk7748jbb4wr8mrc744w117qc91pcy6vrb")))) + "06ws0agxlip6p6n3n43knsnjyd91gqhh2dadgc33wl9lx1k8vn6g")))) (build-system python-build-system) (arguments `(#:use-setuptools? #f ; uses custom distutils 'install' command + #:test-target "test_ui" #:tests? #f ; TODO The tests currently fail ; RuntimeError: Loop condition wasn't ; met @@ -1259,6 +1260,12 @@ (define-public virt-manager (substitute* "virtinst/buildconfig.py" (("/usr") (assoc-ref outputs "out"))) #t)) + (add-after 'unpack 'fix-qemu-img-reference + (lambda* (#:key inputs #:allow-other-keys) + (substitute* "virtconv/formats.py" + (("/usr(/bin/qemu-img)" _ suffix) + (string-append (assoc-ref inputs "qemu") suffix))) + #t)) (add-after 'unpack 'fix-default-uri (lambda* (#:key inputs #:allow-other-keys) ;; Xen is not available for now - so only patch qemu. @@ -1289,12 +1296,11 @@ (define-public virt-manager (lambda* (#:key tests? #:allow-other-keys) (when tests? (setenv "HOME" "/tmp") - (setenv "XDG_CACHE_HOME" "/tmp") (system "Xvfb :1 &") (setenv "DISPLAY" ":1") ;; Dogtail requires that Assistive Technology support be enabled (setenv "GTK_MODULES" "gail:atk-bridge") - (invoke "dbus-run-session" "--" "pytest" "--uitests")) + (invoke "dbus-run-session" "--" "python" "setup.py" "test_ui")) #t)) (add-after 'install 'glib-or-gtk-compile-schemas (assoc-ref glib-or-gtk:%standard-phases 'glib-or-gtk-compile-schemas)) @@ -1324,9 +1330,7 @@ (define-public virt-manager ("gtk+" ,gtk+ "bin") ; gtk-update-icon-cache ("perl" ,perl) ; pod2man ("intltool" ,intltool) - ("rst2man" ,python-docutils) ;; The following are required for running the tests - ;; ("python-pytest" ,python-pytest) ;; ("python-dogtail" ,python-dogtail) ;; ("xvfb" ,xorg-server-for-tests) ;; ("dbus" ,dbus) -- cgit v1.2.3 From 614e95619b26b48b2973bf9eb63b6184d446983c Mon Sep 17 00:00:00 2001 From: Pierre Langlois Date: Thu, 1 Apr 2021 22:50:49 +0100 Subject: Revert "gnu: libvirt-glib: Update to 4.0.0." This reverts commit 7573ab22d7400a16d81228c6500331a293887cae. --- gnu/packages/virtualization.scm | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'gnu/packages/virtualization.scm') diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm index 8fcdb660ce..e1b780bbe1 100644 --- a/gnu/packages/virtualization.scm +++ b/gnu/packages/virtualization.scm @@ -1149,15 +1149,15 @@ (define-public libvirt (define-public libvirt-glib (package (name "libvirt-glib") - (version "4.0.0") + (version "3.0.0") (source (origin (method url-fetch) (uri (string-append "ftp://libvirt.org/libvirt/glib/" - "libvirt-glib-" version ".tar.xz")) + "libvirt-glib-" version ".tar.gz")) (sha256 (base32 - "1gdcvqz88qkp402zra9csc6391f2xki1270x683n6ixakl3gf8w4")))) - (build-system meson-build-system) + "1zpbv4ninc57c9rw4zmmkvvqn7154iv1qfr20kyxn8xplalqrzvz")))) + (build-system gnu-build-system) (inputs `(("openssl" ,openssl) ("cyrus-sasl" ,cyrus-sasl) -- cgit v1.2.3 From d42f6b091660d1717064b2d75fe0c29a0c24f96a Mon Sep 17 00:00:00 2001 From: Pierre Langlois Date: Thu, 1 Apr 2021 22:50:53 +0100 Subject: Revert "gnu: python-libvirt: Update to 7.1.0." This reverts commit 52ed12afcb4618f0a9801b10799d8bbdffe87878. --- gnu/packages/virtualization.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'gnu/packages/virtualization.scm') diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm index e1b780bbe1..7a34f8db1f 100644 --- a/gnu/packages/virtualization.scm +++ b/gnu/packages/virtualization.scm @@ -1191,14 +1191,14 @@ (define-public libvirt-glib (define-public python-libvirt (package (name "python-libvirt") - (version "7.1.0") + (version "5.8.0") (source (origin (method url-fetch) (uri (string-append "https://libvirt.org/sources/python/libvirt-python-" version ".tar.gz")) (sha256 - (base32 "0dq0qn0xx5hflaq5apj5pm79ba0wcl3w0j9klx8bg73z80gd7bzs")))) + (base32 "0kyz3lx49d8p75mvbzinxc1zgs8g7adn77y9bm15b8b4ad9zl5s6")))) (build-system python-build-system) (arguments `(#:phases -- cgit v1.2.3 From bd9e14085668217b5657e57ca5b13a4a55360d9c Mon Sep 17 00:00:00 2001 From: Pierre Langlois Date: Thu, 1 Apr 2021 22:50:56 +0100 Subject: Revert "gnu: libvirt: Update to 7.1.0." The update causes virsh to fail . This reverts commit 383b02a370252c08eb1d43ac94d659c1d3993a35. --- gnu/local.mk | 2 +- .../patches/libvirt-create-machine-cgroup.patch | 48 +++++++++++++ .../patches/libvirt-do-not-create-var-dirs.patch | 30 --------- gnu/packages/virtualization.scm | 78 +++++++++++++--------- 4 files changed, 94 insertions(+), 64 deletions(-) create mode 100644 gnu/packages/patches/libvirt-create-machine-cgroup.patch delete mode 100644 gnu/packages/patches/libvirt-do-not-create-var-dirs.patch (limited to 'gnu/packages/virtualization.scm') diff --git a/gnu/local.mk b/gnu/local.mk index b037b397c3..f2d595f2cc 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1263,7 +1263,7 @@ dist_patch_DATA = \ %D%/packages/patches/kdbusaddons-kinit-file-name.patch \ %D%/packages/patches/libffi-3.3-powerpc-fixes.patch \ %D%/packages/patches/libffi-float128-powerpc64le.patch \ - %D%/packages/patches/libvirt-do-not-create-var-dirs.patch \ + %D%/packages/patches/libvirt-create-machine-cgroup.patch \ %D%/packages/patches/libziparchive-add-includes.patch \ %D%/packages/patches/localed-xorg-keyboard.patch \ %D%/packages/patches/kdiagram-Fix-missing-link-libraries.patch \ diff --git a/gnu/packages/patches/libvirt-create-machine-cgroup.patch b/gnu/packages/patches/libvirt-create-machine-cgroup.patch new file mode 100644 index 0000000000..585ac237e1 --- /dev/null +++ b/gnu/packages/patches/libvirt-create-machine-cgroup.patch @@ -0,0 +1,48 @@ +From 9ca0b2955edea162b255b428e493cd8ffac52167 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Miguel=20=C3=81ngel=20Arruga=20Vivas?= + +Date: Fri, 1 Nov 2019 17:29:00 +0100 +Subject: [PATCH] vircgroup: Ensure /machine group is associated with its + parent. + +Call first virCgroupNew on the parent group virCgroupNewPartition if +it is available on before the creation of the child group. This +ensures that the creation of a first level group on the unified +architecture, as the check at virCgroupV2ParseControllersFile as the +parent file is there. + +Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1760233 +--- + src/util/vircgroup.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/src/util/vircgroup.c b/src/util/vircgroup.c +index b46f20abfd..33c61f2d45 100644 +--- a/src/util/vircgroup.c ++++ b/src/util/vircgroup.c +@@ -855,9 +855,6 @@ virCgroupNewPartition(const char *path, + if (virCgroupSetPartitionSuffix(path, &newPath) < 0) + goto cleanup; + +- if (virCgroupNew(-1, newPath, NULL, controllers, group) < 0) +- goto cleanup; +- + if (STRNEQ(newPath, "/")) { + char *tmp; + parentPath = g_strdup(newPath); +@@ -868,7 +865,12 @@ virCgroupNewPartition(const char *path, + + if (virCgroupNew(-1, parentPath, NULL, controllers, &parent) < 0) + goto cleanup; ++ } + ++ if (virCgroupNew(-1, newPath, parent, controllers, group) < 0) ++ goto cleanup; ++ ++ if (parent) { + if (virCgroupMakeGroup(parent, *group, create, VIR_CGROUP_NONE) < 0) + goto cleanup; + } +-- +2.23.0 + diff --git a/gnu/packages/patches/libvirt-do-not-create-var-dirs.patch b/gnu/packages/patches/libvirt-do-not-create-var-dirs.patch deleted file mode 100644 index 6b89d49fd4..0000000000 --- a/gnu/packages/patches/libvirt-do-not-create-var-dirs.patch +++ /dev/null @@ -1,30 +0,0 @@ -We define localstatedir as /var, and so we shouldn't be installing empty -directories there. - -diff --git a/src/meson.build b/src/meson.build -index f13b85b74e..58040f2c5d 100644 ---- a/src/meson.build -+++ b/src/meson.build -@@ -893,22 +893,6 @@ if conf.has('WITH_DTRACE_PROBES') - ) - endif - -- --# Install empty directories -- --virt_install_dirs += [ -- localstatedir / 'cache' / 'libvirt', -- localstatedir / 'lib' / 'libvirt' / 'images', -- localstatedir / 'lib' / 'libvirt' / 'filesystems', -- localstatedir / 'lib' / 'libvirt' / 'boot', --] -- --meson.add_install_script( -- meson_python_prog.path(), python3_prog.path(), meson_install_dirs_prog.path(), -- virt_install_dirs, --) -- -- - # Check driver files - - if host_machine.system() == 'linux' diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm index 7a34f8db1f..c6929b9f1a 100644 --- a/gnu/packages/virtualization.scm +++ b/gnu/packages/virtualization.scm @@ -18,7 +18,6 @@ ;;; Copyright © 2020, 2021 Maxim Cournoyer ;;; Copyright © 2020 Brett Gilio ;;; Copyright © 2021 Leo Famulari -;;; Copyright © 2021 Pierre Langlois ;;; ;;; This file is part of GNU Guix. ;;; @@ -1066,49 +1065,64 @@ (define-public lxc (define-public libvirt (package (name "libvirt") - (version "7.1.0") + (version "5.8.0") (source (origin (method url-fetch) (uri (string-append "https://libvirt.org/sources/libvirt-" version ".tar.xz")) (sha256 - (base32 "0v50ckf56h6jd9bmqwp0lh2cmb7qqjmcb6y3mz2i2r15h06ih3w7")) + (base32 "0m8cqaqflvys5kaqpvb0qr4k365j09jc5xk6x70yvg8qkcl2hcz2")) (patches - (search-patches "libvirt-do-not-create-var-dirs.patch")))) - (build-system meson-build-system) + (search-patches "libvirt-create-machine-cgroup.patch")))) + (build-system gnu-build-system) (arguments - `(#:meson ,meson-0.55 ;; libvirt requires meson 0.54 or higher. - #:configure-flags - (list "-Ddriver_qemu=enabled" - "-Dqemu_user=nobody" - "-Dqemu_group=kvm" - "-Dpolkit=enabled") + `(#:configure-flags + (list "--with-qemu" + "--with-qemu-user=nobody" + "--with-qemu-group=kvm" + "--with-polkit" + (string-append "--docdir=" (assoc-ref %outputs "out") "/share/doc/" + ,name "-" ,version) + "--sysconfdir=/etc" + "--localstatedir=/var") #:phases (modify-phases %standard-phases - (add-after 'unpack 'fix-sysconfdir-and-localstatedir + (add-before 'configure 'fix-BOURNE_SHELL-definition + ;; BOURNE_SHELL is hard-#defined to ‘/bin/sh’, causing test failures. (lambda _ - (substitute* "meson.build" - ;; We set the prefix to be the package output, but we need - ;; localstatedir to be /var. Sadly the build system doesn't - ;; seem to allow that easily. - (("localstatedir = prefix / get_option\\('localstatedir'\\)") - "localstatedir = get_option('localstatedir')") - ;; On the other hand, we keep sysconfdir using the prefix so - ;; that we install configuration files in the package output. - ;; However, we need to make sure the C code refers to /etc via - ;; SYSCONFDIR, and not the read-only configuration in the - ;; package output. - (("set_quoted\\('SYSCONFDIR', sysconfdir\\)") - "set_quoted('SYSCONFDIR', '/etc')")) + (substitute* "config.h.in" + (("/bin/sh") (which "sh"))) + #t)) + (add-before 'configure 'patch-libtirpc-file-names + (lambda* (#:key inputs #:allow-other-keys) + ;; libvirt uses an m4 macro instead of pkg-config to determine where + ;; the RPC headers are located. Tell it to look in the right place. + (substitute* "configure" + (("/usr/include/tirpc") ;defined in m4/virt-xdr.m4 + (string-append (assoc-ref inputs "libtirpc") + "/include/tirpc"))) #t)) (add-before 'configure 'disable-broken-tests (lambda _ - (substitute* "tests/meson.build" - (("\\{ 'name': 'commandtest'.*") "") ; hangs idly - (("\\{ 'name': 'qemuxml2argvtest'.*") "") ; fails - (("\\{ 'name': 'virnetsockettest'.*") "")) ; tries to network - #t))))) + (let ((tests (list "commandtest" ; hangs idly + "qemuxml2argvtest" ; fails + "qemuhotplugtest" ; fails + "virnetsockettest" ; tries to network + "virshtest"))) ; fails + (substitute* "tests/Makefile.in" + (((format #f "(~a)\\$\\(EXEEXT\\)" (string-join tests "|"))) + "")) + #t))) + (replace 'install + ;; Since the sysconfdir and localstatedir should be /etc and /var + ;; at runtime, we must prevent writing to them at installation + ;; time. + (lambda* (#:key make-flags #:allow-other-keys) + (apply invoke "make" "install" + "sysconfdir=/tmp/etc" + "localstatedir=/tmp/var" + make-flags)))))) (inputs `(("libxml2" ,libxml2) ("eudev" ,eudev) @@ -1135,9 +1149,7 @@ (define-public libvirt ("perl" ,perl) ("pkg-config" ,pkg-config) ("polkit" ,polkit) - ("python" ,python-wrapper) - ("python-docutils" ,python-docutils) ;for rst2html - ("rpcsvc-proto" ,rpcsvc-proto))) ;for 'rpcgen' + ("python" ,python-wrapper))) (home-page "https://libvirt.org") (synopsis "Simple API for virtualization") (description "Libvirt is a C toolkit to interact with the virtualization -- cgit v1.2.3 From 86c39376cc00ed19758a2861c11f85fa5b94cda4 Mon Sep 17 00:00:00 2001 From: Maxim Cournoyer Date: Tue, 23 Feb 2021 00:03:01 -0500 Subject: gnu: runc: Update to 1.0.0-rc93. * gnu/packages/virtualization.scm (runc): Update to 1.0.0-rc93. [source]: Remove the patches field. [phases]{unpack}: Remove override. {build}: Add the man target. {check}: Make conditional based on TESTS?. {install}: Add the install-man target. [native-inputs]: Add go-github-com-go-md2man. [home-page]: Update. * gnu/packages/patches/runc-CVE-2019-5736.patch: Delete file. * gnu/local.mk: Un-register it. --- gnu/local.mk | 1 - gnu/packages/patches/runc-CVE-2019-5736.patch | 343 -------------------------- gnu/packages/virtualization.scm | 31 +-- 3 files changed, 11 insertions(+), 364 deletions(-) delete mode 100644 gnu/packages/patches/runc-CVE-2019-5736.patch (limited to 'gnu/packages/virtualization.scm') diff --git a/gnu/local.mk b/gnu/local.mk index d5fd714669..a1a08fa911 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1645,7 +1645,6 @@ dist_patch_DATA = \ %D%/packages/patches/rnp-disable-ruby-rnp-tests.patch \ %D%/packages/patches/rnp-unbundle-googletest.patch \ %D%/packages/patches/ruby-sanitize-system-libxml.patch \ - %D%/packages/patches/runc-CVE-2019-5736.patch \ %D%/packages/patches/rust-1.19-mrustc.patch \ %D%/packages/patches/rust-1.25-accept-more-detailed-gdb-lines.patch \ %D%/packages/patches/rust-1.45-linker-locale.patch \ diff --git a/gnu/packages/patches/runc-CVE-2019-5736.patch b/gnu/packages/patches/runc-CVE-2019-5736.patch deleted file mode 100644 index f629fcbfb4..0000000000 --- a/gnu/packages/patches/runc-CVE-2019-5736.patch +++ /dev/null @@ -1,343 +0,0 @@ -Fix CVE-2019-5736: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5736 -https://seclists.org/oss-sec/2019/q1/119 - -Patch copied from upstream source repository: - -https://github.com/opencontainers/runc/commit/0a8e4117e7f715d5fbeef398405813ce8e88558b - -From 0a8e4117e7f715d5fbeef398405813ce8e88558b Mon Sep 17 00:00:00 2001 -From: Aleksa Sarai -Date: Wed, 9 Jan 2019 13:40:01 +1100 -Subject: [PATCH] nsenter: clone /proc/self/exe to avoid exposing host binary - to container - -There are quite a few circumstances where /proc/self/exe pointing to a -pretty important container binary is a _bad_ thing, so to avoid this we -have to make a copy (preferably doing self-clean-up and not being -writeable). - -We require memfd_create(2) -- though there is an O_TMPFILE fallback -- -but we can always extend this to use a scratch MNT_DETACH overlayfs or -tmpfs. The main downside to this approach is no page-cache sharing for -the runc binary (which overlayfs would give us) but this is far less -complicated. - -This is only done during nsenter so that it happens transparently to the -Go code, and any libcontainer users benefit from it. This also makes -ExtraFiles and --preserve-fds handling trivial (because we don't need to -worry about it). - -Fixes: CVE-2019-5736 -Co-developed-by: Christian Brauner -Signed-off-by: Aleksa Sarai ---- - libcontainer/nsenter/cloned_binary.c | 268 +++++++++++++++++++++++++++ - libcontainer/nsenter/nsexec.c | 11 ++ - 2 files changed, 279 insertions(+) - create mode 100644 libcontainer/nsenter/cloned_binary.c - -diff --git a/libcontainer/nsenter/cloned_binary.c b/libcontainer/nsenter/cloned_binary.c -new file mode 100644 -index 000000000..c8a42c23f ---- /dev/null -+++ b/libcontainer/nsenter/cloned_binary.c -@@ -0,0 +1,268 @@ -+/* -+ * Copyright (C) 2019 Aleksa Sarai -+ * Copyright (C) 2019 SUSE LLC -+ * -+ * Licensed under the Apache License, Version 2.0 (the "License"); -+ * you may not use this file except in compliance with the License. -+ * You may obtain a copy of the License at -+ * -+ * http://www.apache.org/licenses/LICENSE-2.0 -+ * -+ * Unless required by applicable law or agreed to in writing, software -+ * distributed under the License is distributed on an "AS IS" BASIS, -+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -+ * See the License for the specific language governing permissions and -+ * limitations under the License. -+ */ -+ -+#define _GNU_SOURCE -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#include -+#include -+#include -+#include -+#include -+#include -+ -+/* Use our own wrapper for memfd_create. */ -+#if !defined(SYS_memfd_create) && defined(__NR_memfd_create) -+# define SYS_memfd_create __NR_memfd_create -+#endif -+#ifdef SYS_memfd_create -+# define HAVE_MEMFD_CREATE -+/* memfd_create(2) flags -- copied from . */ -+# ifndef MFD_CLOEXEC -+# define MFD_CLOEXEC 0x0001U -+# define MFD_ALLOW_SEALING 0x0002U -+# endif -+int memfd_create(const char *name, unsigned int flags) -+{ -+ return syscall(SYS_memfd_create, name, flags); -+} -+#endif -+ -+/* This comes directly from . */ -+#ifndef F_LINUX_SPECIFIC_BASE -+# define F_LINUX_SPECIFIC_BASE 1024 -+#endif -+#ifndef F_ADD_SEALS -+# define F_ADD_SEALS (F_LINUX_SPECIFIC_BASE + 9) -+# define F_GET_SEALS (F_LINUX_SPECIFIC_BASE + 10) -+#endif -+#ifndef F_SEAL_SEAL -+# define F_SEAL_SEAL 0x0001 /* prevent further seals from being set */ -+# define F_SEAL_SHRINK 0x0002 /* prevent file from shrinking */ -+# define F_SEAL_GROW 0x0004 /* prevent file from growing */ -+# define F_SEAL_WRITE 0x0008 /* prevent writes */ -+#endif -+ -+#define RUNC_SENDFILE_MAX 0x7FFFF000 /* sendfile(2) is limited to 2GB. */ -+#ifdef HAVE_MEMFD_CREATE -+# define RUNC_MEMFD_COMMENT "runc_cloned:/proc/self/exe" -+# define RUNC_MEMFD_SEALS \ -+ (F_SEAL_SEAL | F_SEAL_SHRINK | F_SEAL_GROW | F_SEAL_WRITE) -+#endif -+ -+static void *must_realloc(void *ptr, size_t size) -+{ -+ void *old = ptr; -+ do { -+ ptr = realloc(old, size); -+ } while(!ptr); -+ return ptr; -+} -+ -+/* -+ * Verify whether we are currently in a self-cloned program (namely, is -+ * /proc/self/exe a memfd). F_GET_SEALS will only succeed for memfds (or rather -+ * for shmem files), and we want to be sure it's actually sealed. -+ */ -+static int is_self_cloned(void) -+{ -+ int fd, ret, is_cloned = 0; -+ -+ fd = open("/proc/self/exe", O_RDONLY|O_CLOEXEC); -+ if (fd < 0) -+ return -ENOTRECOVERABLE; -+ -+#ifdef HAVE_MEMFD_CREATE -+ ret = fcntl(fd, F_GET_SEALS); -+ is_cloned = (ret == RUNC_MEMFD_SEALS); -+#else -+ struct stat statbuf = {0}; -+ ret = fstat(fd, &statbuf); -+ if (ret >= 0) -+ is_cloned = (statbuf.st_nlink == 0); -+#endif -+ close(fd); -+ return is_cloned; -+} -+ -+/* -+ * Basic wrapper around mmap(2) that gives you the file length so you can -+ * safely treat it as an ordinary buffer. Only gives you read access. -+ */ -+static char *read_file(char *path, size_t *length) -+{ -+ int fd; -+ char buf[4096], *copy = NULL; -+ -+ if (!length) -+ return NULL; -+ -+ fd = open(path, O_RDONLY | O_CLOEXEC); -+ if (fd < 0) -+ return NULL; -+ -+ *length = 0; -+ for (;;) { -+ int n; -+ -+ n = read(fd, buf, sizeof(buf)); -+ if (n < 0) -+ goto error; -+ if (!n) -+ break; -+ -+ copy = must_realloc(copy, (*length + n) * sizeof(*copy)); -+ memcpy(copy + *length, buf, n); -+ *length += n; -+ } -+ close(fd); -+ return copy; -+ -+error: -+ close(fd); -+ free(copy); -+ return NULL; -+} -+ -+/* -+ * A poor-man's version of "xargs -0". Basically parses a given block of -+ * NUL-delimited data, within the given length and adds a pointer to each entry -+ * to the array of pointers. -+ */ -+static int parse_xargs(char *data, int data_length, char ***output) -+{ -+ int num = 0; -+ char *cur = data; -+ -+ if (!data || *output != NULL) -+ return -1; -+ -+ while (cur < data + data_length) { -+ num++; -+ *output = must_realloc(*output, (num + 1) * sizeof(**output)); -+ (*output)[num - 1] = cur; -+ cur += strlen(cur) + 1; -+ } -+ (*output)[num] = NULL; -+ return num; -+} -+ -+/* -+ * "Parse" out argv and envp from /proc/self/cmdline and /proc/self/environ. -+ * This is necessary because we are running in a context where we don't have a -+ * main() that we can just get the arguments from. -+ */ -+static int fetchve(char ***argv, char ***envp) -+{ -+ char *cmdline = NULL, *environ = NULL; -+ size_t cmdline_size, environ_size; -+ -+ cmdline = read_file("/proc/self/cmdline", &cmdline_size); -+ if (!cmdline) -+ goto error; -+ environ = read_file("/proc/self/environ", &environ_size); -+ if (!environ) -+ goto error; -+ -+ if (parse_xargs(cmdline, cmdline_size, argv) <= 0) -+ goto error; -+ if (parse_xargs(environ, environ_size, envp) <= 0) -+ goto error; -+ -+ return 0; -+ -+error: -+ free(environ); -+ free(cmdline); -+ return -EINVAL; -+} -+ -+static int clone_binary(void) -+{ -+ int binfd, memfd; -+ ssize_t sent = 0; -+ -+#ifdef HAVE_MEMFD_CREATE -+ memfd = memfd_create(RUNC_MEMFD_COMMENT, MFD_CLOEXEC | MFD_ALLOW_SEALING); -+#else -+ memfd = open("/tmp", O_TMPFILE | O_EXCL | O_RDWR | O_CLOEXEC, 0711); -+#endif -+ if (memfd < 0) -+ return -ENOTRECOVERABLE; -+ -+ binfd = open("/proc/self/exe", O_RDONLY | O_CLOEXEC); -+ if (binfd < 0) -+ goto error; -+ -+ sent = sendfile(memfd, binfd, NULL, RUNC_SENDFILE_MAX); -+ close(binfd); -+ if (sent < 0) -+ goto error; -+ -+#ifdef HAVE_MEMFD_CREATE -+ int err = fcntl(memfd, F_ADD_SEALS, RUNC_MEMFD_SEALS); -+ if (err < 0) -+ goto error; -+#else -+ /* Need to re-open "memfd" as read-only to avoid execve(2) giving -EXTBUSY. */ -+ int newfd; -+ char *fdpath = NULL; -+ -+ if (asprintf(&fdpath, "/proc/self/fd/%d", memfd) < 0) -+ goto error; -+ newfd = open(fdpath, O_RDONLY | O_CLOEXEC); -+ free(fdpath); -+ if (newfd < 0) -+ goto error; -+ -+ close(memfd); -+ memfd = newfd; -+#endif -+ return memfd; -+ -+error: -+ close(memfd); -+ return -EIO; -+} -+ -+int ensure_cloned_binary(void) -+{ -+ int execfd; -+ char **argv = NULL, **envp = NULL; -+ -+ /* Check that we're not self-cloned, and if we are then bail. */ -+ int cloned = is_self_cloned(); -+ if (cloned > 0 || cloned == -ENOTRECOVERABLE) -+ return cloned; -+ -+ if (fetchve(&argv, &envp) < 0) -+ return -EINVAL; -+ -+ execfd = clone_binary(); -+ if (execfd < 0) -+ return -EIO; -+ -+ fexecve(execfd, argv, envp); -+ return -ENOEXEC; -+} -diff --git a/libcontainer/nsenter/nsexec.c b/libcontainer/nsenter/nsexec.c -index 28269dfc0..7750af35e 100644 ---- a/libcontainer/nsenter/nsexec.c -+++ b/libcontainer/nsenter/nsexec.c -@@ -534,6 +534,9 @@ void join_namespaces(char *nslist) - free(namespaces); - } - -+/* Defined in cloned_binary.c. */ -+extern int ensure_cloned_binary(void); -+ - void nsexec(void) - { - int pipenum; -@@ -549,6 +552,14 @@ void nsexec(void) - if (pipenum == -1) - return; - -+ /* -+ * We need to re-exec if we are not in a cloned binary. This is necessary -+ * to ensure that containers won't be able to access the host binary -+ * through /proc/self/exe. See CVE-2019-5736. -+ */ -+ if (ensure_cloned_binary() < 0) -+ bail("could not ensure we are a cloned binary"); -+ - /* Parse all of the netlink configuration. */ - nl_parse(pipenum, &config); - diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm index c6929b9f1a..b365d722f9 100644 --- a/gnu/packages/virtualization.scm +++ b/gnu/packages/virtualization.scm @@ -1564,17 +1564,16 @@ (define-public looking-glass-client (define-public runc (package (name "runc") - (version "1.0.0-rc6") + (version "1.0.0-rc93") (source (origin (method url-fetch) (uri (string-append "https://github.com/opencontainers/runc/releases/" "download/v" version "/runc.tar.xz")) (file-name (string-append name "-" version ".tar.xz")) - (patches (search-patches "runc-CVE-2019-5736.patch")) (sha256 (base32 - "1c7832dq70slkjh8qp2civ1wxhhdd2hrx84pq7db1mmqc9fdr3cc")))) + "0b90r1bkvlqli53ca1yc1l488dba0isd3i6l7nlhszxi8p7hzvkh")))) (build-system go-build-system) (arguments '(#:import-path "github.com/opencontainers/runc" @@ -1584,35 +1583,27 @@ (define-public runc #:tests? #f #:phases (modify-phases %standard-phases - (replace 'unpack - (lambda* (#:key source import-path #:allow-other-keys) - ;; Unpack the tarball into 'runc' instead of 'runc-1.0.0-rc5'. - (let ((dest (string-append "src/" import-path))) - (mkdir-p dest) - (invoke "tar" "-C" (string-append "src/" import-path) - "--strip-components=1" - "-xvf" source)))) (replace 'build (lambda* (#:key import-path #:allow-other-keys) (with-directory-excursion (string-append "src/" import-path) - ;; XXX: requires 'go-md2man'. - ;; (invoke "make" "man") - (invoke "make")))) - ;; (replace 'check - ;; (lambda _ - ;; (invoke "make" "localunittest"))) + (invoke "make" "all" "man")))) + (replace 'check + (lambda* (#:key tests? #:allow-other-keys) + (when tests? + (invoke "make" "localunittest")))) (replace 'install (lambda* (#:key import-path outputs #:allow-other-keys) (with-directory-excursion (string-append "src/" import-path) (let ((out (assoc-ref outputs "out"))) - (invoke "make" "install" "install-bash" + (invoke "make" "install" "install-bash" "install-man" (string-append "PREFIX=" out))))))))) (native-inputs - `(("pkg-config" ,pkg-config))) + `(("go-md2man" ,go-github-com-go-md2man) + ("pkg-config" ,pkg-config))) (inputs `(("libseccomp" ,libseccomp))) (synopsis "Open container initiative runtime") - (home-page "https://www.opencontainers.org/") + (home-page "https://opencontainers.org/") (description "@command{runc} is a command line client for running applications packaged according to the -- cgit v1.2.3 From ee5c4f70b6bc85cdb63a05c75683587528e89b2b Mon Sep 17 00:00:00 2001 From: Brice Waegeneire Date: Thu, 18 Feb 2021 21:48:09 +0100 Subject: gnu: libvirt: Enable disk and directory storage. * gnu/packages/virtualization.scm (libvirt)[inputs]: Add parted. [arguments]: Add configure flags to support disk and directory storage. --- gnu/packages/virtualization.scm | 3 +++ 1 file changed, 3 insertions(+) (limited to 'gnu/packages/virtualization.scm') diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm index b365d722f9..88313d54a2 100644 --- a/gnu/packages/virtualization.scm +++ b/gnu/packages/virtualization.scm @@ -1081,6 +1081,8 @@ (define-public libvirt (list "--with-qemu" "--with-qemu-user=nobody" "--with-qemu-group=kvm" + "--with-storage-disk" + "--with-storage-dir" "--with-polkit" (string-append "--docdir=" (assoc-ref %outputs "out") "/share/doc/" ,name "-" ,version) @@ -1142,6 +1144,7 @@ (define-public libvirt ("dmidecode" ,dmidecode) ("dnsmasq" ,dnsmasq) ("ebtables" ,ebtables) + ("parted" ,parted) ("iproute" ,iproute) ("iptables" ,iptables))) (native-inputs -- cgit v1.2.3 From 0d4ae86bc2e5c5a87e3d343d2b144ed9afd75314 Mon Sep 17 00:00:00 2001 From: Brice Waegeneire Date: Fri, 2 Apr 2021 11:49:34 +0100 Subject: gnu: libvirt: Update to 7.2.0. * gnu/packages/virtualization.scm (libvirt): Update to 7.2.0. [arguemnts]: Switch to meson, only build system supported by upstream. [inputs]: Add libssh2 and readline. [native-inputs]: Add bash-completion, gettext, python-docutils and rpcsvc-proto. * gnu/packages/patches/libvirt-add-install-prefix.patch: New file... * gnu/local.mk: ...add it. * gnu/packages/patches/libvirt-create-machine-cgroup.patch: Delete file, merged by upstream. Tested-by: Pierre Langlois --- gnu/local.mk | 4 +- .../patches/libvirt-add-install-prefix.patch | 329 +++++++++++++++++++++ gnu/packages/virtualization.scm | 82 +++-- 3 files changed, 367 insertions(+), 48 deletions(-) create mode 100644 gnu/packages/patches/libvirt-add-install-prefix.patch (limited to 'gnu/packages/virtualization.scm') diff --git a/gnu/local.mk b/gnu/local.mk index 1d7133667d..075504e302 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -34,7 +34,7 @@ # Copyright © 2020, 2021 Felix Gruber # Copyright © 2020 Ryan Prior # Copyright © 2020 Jan Wielkiewicz -# Copyright © 2020 Brice Waegeneire +# Copyright © 2020, 2021 Brice Waegeneire # Copyright © 2020 Tanguy Le Carrour # Copyright © 2020 Martin Becze # Copyright © 2020 Malte Frank Gerdes @@ -1264,7 +1264,7 @@ dist_patch_DATA = \ %D%/packages/patches/kdbusaddons-kinit-file-name.patch \ %D%/packages/patches/libffi-3.3-powerpc-fixes.patch \ %D%/packages/patches/libffi-float128-powerpc64le.patch \ - %D%/packages/patches/libvirt-create-machine-cgroup.patch \ + %D%/packages/patches/libvirt-add-install-prefix.patch \ %D%/packages/patches/libziparchive-add-includes.patch \ %D%/packages/patches/localed-xorg-keyboard.patch \ %D%/packages/patches/kdiagram-Fix-missing-link-libraries.patch \ diff --git a/gnu/packages/patches/libvirt-add-install-prefix.patch b/gnu/packages/patches/libvirt-add-install-prefix.patch new file mode 100644 index 0000000000..1331fa9b6f --- /dev/null +++ b/gnu/packages/patches/libvirt-add-install-prefix.patch @@ -0,0 +1,329 @@ +Patch from NixOS: +https://raw.githubusercontent.com/NixOS/nixpkgs/b98031a49c66095dd1eb9185ecdaeeb5e3cd752d/pkgs/development/libraries/libvirt/0001-meson-patch-in-an-install-prefix-for-building-on-nix.patch + +From a896b0be849455edb83a9305dfec9b41447ef3e4 Mon Sep 17 00:00:00 2001 +From: Euan Kemp +Date: Thu, 14 Jan 2021 00:32:00 -0800 +Subject: [PATCH] meson: patch in an install prefix for building on nix + +Used in the nixpkgs version of libvirt so that we can install things in +the nix store, but read them from the root filesystem. +--- + meson.build | 9 +++++++++ + meson_options.txt | 2 ++ + src/libxl/meson.build | 6 +++--- + src/locking/meson.build | 8 ++++---- + src/lxc/meson.build | 6 +++--- + src/meson.build | 18 +++++++++--------- + src/network/meson.build | 12 ++++++------ + src/nwfilter/xml/meson.build | 2 +- + src/qemu/meson.build | 14 +++++++------- + src/remote/meson.build | 6 +++--- + src/security/apparmor/meson.build | 8 ++++---- + tools/meson.build | 4 ++-- + 12 files changed, 53 insertions(+), 42 deletions(-) + +diff --git a/meson.build b/meson.build +index b5164f6..33719f1 100644 +--- a/meson.build ++++ b/meson.build +@@ -39,6 +39,8 @@ if host_machine.system() == 'windows' + conf.set('WINVER', '0x0600') # Win Vista / Server 2008 + endif + ++# patched in for nix ++install_prefix = get_option('install_prefix') + + # set various paths + +@@ -57,6 +59,13 @@ else + sysconfdir = prefix / get_option('sysconfdir') + endif + ++# nix: don't prefix the localstatedir; some things need to write to it, so it ++# can't be in the nix store, and that's what the prefix is. ++# We'll prefix things ourselves where needed ++localstatedir = get_option('localstatedir') ++# Same for sysconfidr ++sysconfdir = get_option('sysconfdir') ++ + # if --prefix is /usr, don't use /usr/var for localstatedir or /usr/etc for + # sysconfdir as this makes a lot of things break in testing situations + if prefix == '/usr' +diff --git a/meson_options.txt b/meson_options.txt +index e5d79c2..081cd32 100644 +--- a/meson_options.txt ++++ b/meson_options.txt +@@ -1,3 +1,5 @@ ++option('install_prefix', type: 'string', value: '', description: 'prefix for nix store installation') ++ + option('no_git', type: 'boolean', value: false, description: 'Disable git submodule update') + option('packager', type: 'string', value: '', description: 'Extra packager name') + option('packager_version', type: 'string', value: '', description: 'Extra packager version') +diff --git a/src/libxl/meson.build b/src/libxl/meson.build +index 3bb6cc5..78d7be0 100644 +--- a/src/libxl/meson.build ++++ b/src/libxl/meson.build +@@ -84,8 +84,8 @@ if conf.has('WITH_LIBXL') + } + + virt_install_dirs += [ +- localstatedir / 'lib' / 'libvirt' / 'libxl', +- runstatedir / 'libvirt' / 'libxl', +- localstatedir / 'log' / 'libvirt' / 'libxl', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'libxl', ++ install_prefix + runstatedir / 'libvirt' / 'libxl', ++ install_prefix + localstatedir / 'log' / 'libvirt' / 'libxl', + ] + endif +diff --git a/src/locking/meson.build b/src/locking/meson.build +index 8a28310..9da81cc 100644 +--- a/src/locking/meson.build ++++ b/src/locking/meson.build +@@ -243,14 +243,14 @@ if conf.has('WITH_LIBVIRTD') + } + + virt_install_dirs += [ +- localstatedir / 'lib' / 'libvirt' / 'lockd', +- localstatedir / 'lib' / 'libvirt' / 'lockd' / 'files', +- runstatedir / 'libvirt' / 'lockd', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'lockd', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'lockd' / 'files', ++ install_prefix + runstatedir / 'libvirt' / 'lockd', + ] + + if conf.has('WITH_SANLOCK') + virt_install_dirs += [ +- localstatedir / 'lib' / 'libvirt' / 'sanlock', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'sanlock', + ] + endif + endif +diff --git a/src/lxc/meson.build b/src/lxc/meson.build +index f8e2a88..96d6687 100644 +--- a/src/lxc/meson.build ++++ b/src/lxc/meson.build +@@ -182,8 +182,8 @@ if conf.has('WITH_LXC') + } + + virt_install_dirs += [ +- localstatedir / 'lib' / 'libvirt' / 'lxc', +- runstatedir / 'libvirt' / 'lxc', +- localstatedir / 'log' / 'libvirt' / 'lxc', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'lxc', ++ install_prefix + runstatedir / 'libvirt' / 'lxc', ++ install_prefix + localstatedir / 'log' / 'libvirt' / 'lxc', + ] + endif +diff --git a/src/meson.build b/src/meson.build +index 7c47821..d33d16a 100644 +--- a/src/meson.build ++++ b/src/meson.build +@@ -669,7 +669,7 @@ endforeach + + virt_conf_files += 'libvirt.conf' + +-install_data(virt_conf_files, install_dir: confdir) ++install_data(virt_conf_files, install_dir: install_prefix + confdir) + install_data(virt_aug_files, install_dir: virt_aug_dir) + + # augeas_test_data: +@@ -729,7 +729,7 @@ foreach data : virt_daemon_confs + output: '@0@.conf'.format(data['name']), + configuration: daemon_conf, + install: true, +- install_dir: confdir, ++ install_dir: install_prefix + confdir, + ) + + if data.get('with_ip', false) +@@ -853,14 +853,14 @@ if conf.has('WITH_LIBVIRTD') + + install_data( + init_file, +- install_dir: sysconfdir / 'init.d', ++ install_dir: install_prefix + sysconfdir / 'init.d', + rename: [ init['name'] ], + ) + + if init.has_key('confd') + install_data( + init['confd'], +- install_dir: sysconfdir / 'conf.d', ++ install_dir: install_prefix + sysconfdir / 'conf.d', + rename: [ init['name'] ], + ) + endif +@@ -872,7 +872,7 @@ if init_script != 'none' + foreach sysconf : sysconf_files + install_data( + sysconf['file'], +- install_dir: sysconfdir / 'sysconfig', ++ install_dir: install_prefix + sysconfdir / 'sysconfig', + rename: [ sysconf['name'] ], + ) + endforeach +@@ -897,10 +897,10 @@ endif + # Install empty directories + + virt_install_dirs += [ +- localstatedir / 'cache' / 'libvirt', +- localstatedir / 'lib' / 'libvirt' / 'images', +- localstatedir / 'lib' / 'libvirt' / 'filesystems', +- localstatedir / 'lib' / 'libvirt' / 'boot', ++ install_prefix + localstatedir / 'cache' / 'libvirt', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'images', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'filesystems', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'boot', + ] + + meson.add_install_script( +diff --git a/src/network/meson.build b/src/network/meson.build +index 3ec598c..b02040b 100644 +--- a/src/network/meson.build ++++ b/src/network/meson.build +@@ -79,9 +79,9 @@ if conf.has('WITH_NETWORK') + } + + virt_install_dirs += [ +- localstatedir / 'lib' / 'libvirt' / 'network', +- localstatedir / 'lib' / 'libvirt' / 'dnsmasq', +- runstatedir / 'libvirt' / 'network', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'network', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'dnsmasq', ++ install_prefix + runstatedir / 'libvirt' / 'network', + ] + + configure_file( +@@ -89,12 +89,12 @@ if conf.has('WITH_NETWORK') + output: '@BASENAME@', + copy: true, + install: true, +- install_dir: confdir / 'qemu' / 'networks', ++ install_dir: install_prefix + confdir / 'qemu' / 'networks', + ) + + meson.add_install_script( + meson_python_prog.path(), python3_prog.path(), meson_install_symlink_prog.path(), +- confdir / 'qemu' / 'networks' / 'autostart', ++ install_prefix + confdir / 'qemu' / 'networks' / 'autostart', + '../default.xml', 'default.xml', + ) + +diff --git a/src/nwfilter/xml/meson.build b/src/nwfilter/xml/meson.build +index 0d96c54..66c92a1 100644 +--- a/src/nwfilter/xml/meson.build ++++ b/src/nwfilter/xml/meson.build +@@ -25,4 +25,4 @@ nwfilter_xml_files = [ + 'qemu-announce-self.xml', + ] + +-install_data(nwfilter_xml_files, install_dir: sysconfdir / 'libvirt' / 'nwfilter') ++install_data(nwfilter_xml_files, install_dir: install_prefix + sysconfdir / 'libvirt' / 'nwfilter') +diff --git a/src/qemu/meson.build b/src/qemu/meson.build +index 90640b0..8802cec 100644 +--- a/src/qemu/meson.build ++++ b/src/qemu/meson.build +@@ -171,12 +171,12 @@ if conf.has('WITH_QEMU') + } + + virt_install_dirs += [ +- localstatedir / 'lib' / 'libvirt' / 'qemu', +- runstatedir / 'libvirt' / 'qemu', +- localstatedir / 'cache' / 'libvirt' / 'qemu', +- localstatedir / 'log' / 'libvirt' / 'qemu', +- localstatedir / 'lib' / 'libvirt' / 'swtpm', +- runstatedir / 'libvirt' / 'qemu' / 'swtpm', +- localstatedir / 'log' / 'swtpm' / 'libvirt' / 'qemu', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'qemu', ++ install_prefix + runstatedir / 'libvirt' / 'qemu', ++ install_prefix + localstatedir / 'cache' / 'libvirt' / 'qemu', ++ install_prefix + localstatedir / 'log' / 'libvirt' / 'qemu', ++ install_prefix + localstatedir / 'lib' / 'libvirt' / 'swtpm', ++ install_prefix + runstatedir / 'libvirt' / 'qemu' / 'swtpm', ++ install_prefix + localstatedir / 'log' / 'swtpm' / 'libvirt' / 'qemu', + ] + endif +diff --git a/src/remote/meson.build b/src/remote/meson.build +index 9ad2f6a..429a15b 100644 +--- a/src/remote/meson.build ++++ b/src/remote/meson.build +@@ -245,7 +245,7 @@ if conf.has('WITH_REMOTE') + } + + virt_install_dirs += [ +- localstatedir / 'log' / 'libvirt', ++ install_prefix + localstatedir / 'log' / 'libvirt', + ] + + logrotate_conf = configuration_data() +@@ -259,7 +259,7 @@ if conf.has('WITH_REMOTE') + ) + install_data( + log_file, +- install_dir: sysconfdir / 'logrotate.d', ++ install_dir: install_prefix + sysconfdir / 'logrotate.d', + rename: [ name ], + ) + endforeach +@@ -309,7 +309,7 @@ endif + if conf.has('WITH_SASL') + install_data( + 'libvirtd.sasl', +- install_dir: sysconfdir / 'sasl2', ++ install_dir: install_prefix + sysconfdir / 'sasl2', + rename: [ 'libvirt.conf' ], + ) + endif +diff --git a/src/security/apparmor/meson.build b/src/security/apparmor/meson.build +index af43780..e2d6c81 100644 +--- a/src/security/apparmor/meson.build ++++ b/src/security/apparmor/meson.build +@@ -17,22 +17,22 @@ foreach name : apparmor_gen_profiles + output: name, + configuration: apparmor_gen_profiles_conf, + install: true, +- install_dir: apparmor_dir, ++ install_dir: install_prefix + apparmor_dir, + ) + endforeach + + install_data( + [ 'libvirt-qemu', 'libvirt-lxc' ], +- install_dir: apparmor_dir / 'abstractions', ++ install_dir: install_prefix + apparmor_dir / 'abstractions', + ) + + install_data( + [ 'TEMPLATE.qemu', 'TEMPLATE.lxc' ], +- install_dir: apparmor_dir / 'libvirt', ++ install_dir: install_prefix + apparmor_dir / 'libvirt', + ) + + install_data( + 'usr.lib.libvirt.virt-aa-helper.local', +- install_dir: apparmor_dir / 'local', ++ install_dir: install_prefix + apparmor_dir / 'local', + rename: 'usr.lib.libvirt.virt-aa-helper', + ) +diff --git a/tools/meson.build b/tools/meson.build +index b8c6802..dacd0ff 100644 +--- a/tools/meson.build ++++ b/tools/meson.build +@@ -115,7 +115,7 @@ if conf.has('WITH_LOGIN_SHELL') + install_rpath: libvirt_rpath, + ) + +- install_data('virt-login-shell.conf', install_dir: sysconfdir / 'libvirt') ++ install_data('virt-login-shell.conf', install_dir: install_prefix + sysconfdir / 'libvirt') + endif + + if host_machine.system() == 'windows' +@@ -274,7 +274,7 @@ configure_file( + if init_script == 'systemd' + install_data( + 'libvirt-guests.sysconf', +- install_dir: sysconfdir / 'sysconfig', ++ install_dir: install_prefix + sysconfdir / 'sysconfig', + rename: 'libvirt-guests', + ) diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm index 88313d54a2..3c6b61499a 100644 --- a/gnu/packages/virtualization.scm +++ b/gnu/packages/virtualization.scm @@ -12,7 +12,7 @@ ;;; Copyright © 2018 Julien Lepiller ;;; Copyright © 2019 Guy Fleury Iteriteka ;;; Copyright © 2020 Jakub Kądziołka -;;; Copyright © 2020 Brice Waegeneire +;;; Copyright © 2020, 2021 Brice Waegeneire ;;; Copyright © 2020 Mathieu Othacehe ;;; Copyright © 2020 Marius Bakke ;;; Copyright © 2020, 2021 Maxim Cournoyer @@ -42,6 +42,7 @@ (define-module (gnu packages virtualization) #:use-module (gnu packages autotools) #:use-module (gnu packages backup) #:use-module (gnu packages base) + #:use-module (gnu packages bash) #:use-module (gnu packages bison) #:use-module (gnu packages build-tools) #:use-module (gnu packages check) @@ -97,6 +98,7 @@ (define-module (gnu packages virtualization) #:use-module (gnu packages python-web) #:use-module (gnu packages python-xyz) #:use-module (gnu packages pulseaudio) + #:use-module (gnu packages readline) #:use-module (gnu packages selinux) #:use-module (gnu packages sdl) #:use-module (gnu packages sphinx) @@ -1065,66 +1067,48 @@ (define-public lxc (define-public libvirt (package (name "libvirt") - (version "5.8.0") + (version "7.2.0") (source (origin (method url-fetch) (uri (string-append "https://libvirt.org/sources/libvirt-" version ".tar.xz")) (sha256 - (base32 "0m8cqaqflvys5kaqpvb0qr4k365j09jc5xk6x70yvg8qkcl2hcz2")) - (patches - (search-patches "libvirt-create-machine-cgroup.patch")))) - (build-system gnu-build-system) + (base32 "1l6i1rz1v9rnp61sgzlrlbsfh03208dbm3b259i0jl5sqz85kx01")) + (patches (search-patches "libvirt-add-install-prefix.patch")))) + (build-system meson-build-system) (arguments `(#:configure-flags - (list "--with-qemu" - "--with-qemu-user=nobody" - "--with-qemu-group=kvm" - "--with-storage-disk" - "--with-storage-dir" - "--with-polkit" - (string-append "--docdir=" (assoc-ref %outputs "out") "/share/doc/" + (list "-Ddriver_qemu=enabled" + "-Dqemu_user=nobody" + "-Dqemu_group=kvm" + "-Dstorage_disk=enabled" + "-Dstorage_dir=enabled" + "-Dpolkit=enabled" + "-Dnls=enabled" ;translations + (string-append "-Ddocdir=" (assoc-ref %outputs "out") "/share/doc/" ,name "-" ,version) + "-Dbash_completion=enabled" + (string-append "-Dinstall_prefix=" (assoc-ref %outputs "out")) "--sysconfdir=/etc" "--localstatedir=/var") + #:meson ,meson-0.55 #:phases (modify-phases %standard-phases - (add-before 'configure 'fix-BOURNE_SHELL-definition - ;; BOURNE_SHELL is hard-#defined to ‘/bin/sh’, causing test failures. - (lambda _ - (substitute* "config.h.in" - (("/bin/sh") (which "sh"))) - #t)) - (add-before 'configure 'patch-libtirpc-file-names - (lambda* (#:key inputs #:allow-other-keys) - ;; libvirt uses an m4 macro instead of pkg-config to determine where - ;; the RPC headers are located. Tell it to look in the right place. - (substitute* "configure" - (("/usr/include/tirpc") ;defined in m4/virt-xdr.m4 - (string-append (assoc-ref inputs "libtirpc") - "/include/tirpc"))) - #t)) (add-before 'configure 'disable-broken-tests (lambda _ - (let ((tests (list "commandtest" ; hangs idly - "qemuxml2argvtest" ; fails - "qemuhotplugtest" ; fails - "virnetsockettest" ; tries to network - "virshtest"))) ; fails - (substitute* "tests/Makefile.in" - (((format #f "(~a)\\$\\(EXEEXT\\)" (string-join tests "|"))) + (let ((tests (list "commandtest" ; hangs idly + "qemuxml2argvtest" ; fails + "virnetsockettest"))) ; tries to network + (substitute* "tests/meson.build" + (((format #f ".*'name': '(~a)'.*" (string-join tests "|"))) "")) #t))) - (replace 'install - ;; Since the sysconfdir and localstatedir should be /etc and /var - ;; at runtime, we must prevent writing to them at installation - ;; time. - (lambda* (#:key make-flags #:allow-other-keys) - (apply invoke "make" "install" - "sysconfdir=/tmp/etc" - "localstatedir=/tmp/var" - make-flags)))))) + (add-before 'install 'no-polkit-magic + ;; Meson ‘magically’ invokes pkexec, which fails (not setuid). + (lambda _ + (setenv "PKEXEC_UID" "something") + #t))))) (inputs `(("libxml2" ,libxml2) ("eudev" ,eudev) @@ -1133,11 +1117,13 @@ (define-public libvirt ("dbus" ,dbus) ("libpcap" ,libpcap) ("libnl" ,libnl) + ("libssh2" ,libssh2) ;optional ("libtirpc" ,libtirpc) ;for ("libuuid" ,util-linux "lib") ("lvm2" ,lvm2) ;for libdevmapper ("curl" ,curl) ("openssl" ,openssl) + ("readline" ,readline) ("cyrus-sasl" ,cyrus-sasl) ("libyajl" ,libyajl) ("audit" ,audit) @@ -1148,11 +1134,15 @@ (define-public libvirt ("iproute" ,iproute) ("iptables" ,iptables))) (native-inputs - `(("xsltproc" ,libxslt) + `(("bash-completion" ,bash-completion) + ("gettext" ,gettext-minimal) + ("xsltproc" ,libxslt) ("perl" ,perl) ("pkg-config" ,pkg-config) ("polkit" ,polkit) - ("python" ,python-wrapper))) + ("python" ,python-wrapper) + ("python-docutils" ,python-docutils) ;for rst2html + ("rpcsvc-proto" ,rpcsvc-proto))) ;for rpcgen (home-page "https://libvirt.org") (synopsis "Simple API for virtualization") (description "Libvirt is a C toolkit to interact with the virtualization -- cgit v1.2.3 From 28cc447fc5bd0a219ad54836a343826cc34d9bd7 Mon Sep 17 00:00:00 2001 From: Pierre Langlois Date: Sat, 20 Mar 2021 21:31:23 +0000 Subject: gnu: python-libvirt: Update to 7.2.0. * gnu/packages/virtualization.scm (python-libvirt): Update to 7.2.0. --- gnu/packages/virtualization.scm | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'gnu/packages/virtualization.scm') diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm index 3c6b61499a..953b09a325 100644 --- a/gnu/packages/virtualization.scm +++ b/gnu/packages/virtualization.scm @@ -18,6 +18,7 @@ ;;; Copyright © 2020, 2021 Maxim Cournoyer ;;; Copyright © 2020 Brett Gilio ;;; Copyright © 2021 Leo Famulari +;;; Copyright © 2021 Pierre Langlois ;;; ;;; This file is part of GNU Guix. ;;; @@ -1196,14 +1197,14 @@ (define-public libvirt-glib (define-public python-libvirt (package (name "python-libvirt") - (version "5.8.0") + (version "7.2.0") (source (origin (method url-fetch) (uri (string-append "https://libvirt.org/sources/python/libvirt-python-" version ".tar.gz")) (sha256 - (base32 "0kyz3lx49d8p75mvbzinxc1zgs8g7adn77y9bm15b8b4ad9zl5s6")))) + (base32 "1ryfimhf47s9k4n0gys233bh15l68fccs2bvj8bjwqjm9k2vmhy0")))) (build-system python-build-system) (arguments `(#:phases -- cgit v1.2.3 From 29383ecc8ccd8d8df77e5c60e59aba42e5ca0fec Mon Sep 17 00:00:00 2001 From: Pierre Langlois Date: Sat, 20 Mar 2021 21:31:24 +0000 Subject: gnu: libvirt-glib: Update to 4.0.0. * gnu/packages/virtualization.scm (libvirt-glib): Update to 4.0.0. [build-system]: Switch to meson-build-system. --- gnu/packages/virtualization.scm | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'gnu/packages/virtualization.scm') diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm index 953b09a325..13f97a1625 100644 --- a/gnu/packages/virtualization.scm +++ b/gnu/packages/virtualization.scm @@ -1155,15 +1155,15 @@ (define-public libvirt (define-public libvirt-glib (package (name "libvirt-glib") - (version "3.0.0") + (version "4.0.0") (source (origin (method url-fetch) (uri (string-append "ftp://libvirt.org/libvirt/glib/" - "libvirt-glib-" version ".tar.gz")) + "libvirt-glib-" version ".tar.xz")) (sha256 (base32 - "1zpbv4ninc57c9rw4zmmkvvqn7154iv1qfr20kyxn8xplalqrzvz")))) - (build-system gnu-build-system) + "1gdcvqz88qkp402zra9csc6391f2xki1270x683n6ixakl3gf8w4")))) + (build-system meson-build-system) (inputs `(("openssl" ,openssl) ("cyrus-sasl" ,cyrus-sasl) -- cgit v1.2.3 From 653faaebd60c407cbd2265c6ee8a72a521f6b116 Mon Sep 17 00:00:00 2001 From: Pierre Langlois Date: Sat, 20 Mar 2021 21:31:25 +0000 Subject: gnu: virt-manager: Update to 3.2.0. * gnu/packages/virtualization.scm (virt-manager): Update to 3.2.0. [arguments]: Remove #:test-target. Remove fix-qemu-img-reference phase. Adapt check phase to use pytest, although they still do not run. [native-inputs]: Add python-docutils. Suggest adding python-pytest to enable tests. --- gnu/packages/virtualization.scm | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) (limited to 'gnu/packages/virtualization.scm') diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm index 13f97a1625..5fc6ff8e4f 100644 --- a/gnu/packages/virtualization.scm +++ b/gnu/packages/virtualization.scm @@ -1236,7 +1236,7 @@ (define-public python2-libvirt (define-public virt-manager (package (name "virt-manager") - (version "2.2.1") + (version "3.2.0") (source (origin (method url-fetch) (uri (string-append "https://virt-manager.org/download/sources" @@ -1244,11 +1244,10 @@ (define-public virt-manager version ".tar.gz")) (sha256 (base32 - "06ws0agxlip6p6n3n43knsnjyd91gqhh2dadgc33wl9lx1k8vn6g")))) + "11kvpzcmyir91qz0dsnk7748jbb4wr8mrc744w117qc91pcy6vrb")))) (build-system python-build-system) (arguments `(#:use-setuptools? #f ; uses custom distutils 'install' command - #:test-target "test_ui" #:tests? #f ; TODO The tests currently fail ; RuntimeError: Loop condition wasn't ; met @@ -1266,12 +1265,6 @@ (define-public virt-manager (substitute* "virtinst/buildconfig.py" (("/usr") (assoc-ref outputs "out"))) #t)) - (add-after 'unpack 'fix-qemu-img-reference - (lambda* (#:key inputs #:allow-other-keys) - (substitute* "virtconv/formats.py" - (("/usr(/bin/qemu-img)" _ suffix) - (string-append (assoc-ref inputs "qemu") suffix))) - #t)) (add-after 'unpack 'fix-default-uri (lambda* (#:key inputs #:allow-other-keys) ;; Xen is not available for now - so only patch qemu. @@ -1302,11 +1295,12 @@ (define-public virt-manager (lambda* (#:key tests? #:allow-other-keys) (when tests? (setenv "HOME" "/tmp") + (setenv "XDG_CACHE_HOME" "/tmp") (system "Xvfb :1 &") (setenv "DISPLAY" ":1") ;; Dogtail requires that Assistive Technology support be enabled (setenv "GTK_MODULES" "gail:atk-bridge") - (invoke "dbus-run-session" "--" "python" "setup.py" "test_ui")) + (invoke "dbus-run-session" "--" "pytest" "--uitests")) #t)) (add-after 'install 'glib-or-gtk-compile-schemas (assoc-ref glib-or-gtk:%standard-phases 'glib-or-gtk-compile-schemas)) @@ -1336,7 +1330,9 @@ (define-public virt-manager ("gtk+" ,gtk+ "bin") ; gtk-update-icon-cache ("perl" ,perl) ; pod2man ("intltool" ,intltool) + ("rst2man" ,python-docutils) ;; The following are required for running the tests + ;; ("python-pytest" ,python-pytest) ;; ("python-dogtail" ,python-dogtail) ;; ("xvfb" ,xorg-server-for-tests) ;; ("dbus" ,dbus) -- cgit v1.2.3 From 41d0b233bac19a2ce0289bf2279a1e7f831b8aee Mon Sep 17 00:00:00 2001 From: Léo Le Bouter Date: Tue, 6 Apr 2021 21:00:16 +0200 Subject: gnu: umoci: Update to 0.4.7 [fixes CVE-2021-29136]. * gnu/packages/virtualization.scm (umoci): Update to 0.4.7. --- gnu/packages/virtualization.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'gnu/packages/virtualization.scm') diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm index 5fc6ff8e4f..64e5c88fd1 100644 --- a/gnu/packages/virtualization.scm +++ b/gnu/packages/virtualization.scm @@ -1605,7 +1605,7 @@ (define-public runc (define-public umoci (package (name "umoci") - (version "0.4.6") + (version "0.4.7") (source (origin (method url-fetch) @@ -1614,7 +1614,7 @@ (define-public umoci version "/umoci.tar.xz")) (file-name (string-append "umoci-" version ".tar.xz")) (sha256 - (base32 "06q7xfwnqysc013hapx31jhlzmyg8qb467qfkynj673qc7p9bd6h")))) + (base32 "0fvljj9k4f83wbqzd8nbijz0p1zaq633f8yxyvl5sy3wjf03ffk9")))) (build-system go-build-system) (arguments '(#:import-path "github.com/opencontainers/umoci" -- cgit v1.2.3