Author: baggins Date: Thu Apr 28 09:48:27 2011 GMT Module: packages Tag: HEAD ---- Log message: - fix SASL paths
---- Files affected: packages/libvirt: libvirt.spec (1.27 -> 1.28) , libvirt-sasl.patch (NONE -> 1.1) (NEW) ---- Diffs: ================================================================ Index: packages/libvirt/libvirt.spec diff -u packages/libvirt/libvirt.spec:1.27 packages/libvirt/libvirt.spec:1.28 --- packages/libvirt/libvirt.spec:1.27 Tue Mar 29 11:53:00 2011 +++ packages/libvirt/libvirt.spec Thu Apr 28 11:48:22 2011 @@ -26,7 +26,7 @@ Summary: Toolkit to interact with virtualization capabilities Name: libvirt Version: 0.8.8 -Release: 3 +Release: 3.1 License: LGPL Group: Base/Kernel URL: http://www.libvirt.org/ @@ -34,6 +34,7 @@ # Source0-md5: ac9235576352b84b8cb17df7456bbdfc Source1: %{name}.init Patch0: gcrypt.patch +Patch1: %{name}-sasl.patch %{?with_lokkit:BuildRequires: /usr/sbin/lokkit} %{?with_polkit:BuildRequires: PolicyKit >= 0.6} %{?with_polkit:BuildRequires: PolicyKit-devel >= 0.6} @@ -147,6 +148,8 @@ %prep %setup -q #%patch0 -p1 +%patch1 -p1 + # weird translations rm -f po/{my,eu_ES}.{po,gmo} @@ -250,7 +253,7 @@ %files utils %defattr(644,root,root,755) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/libvirt -%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/sasl2/libvirt.conf +%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/sasl/libvirt.conf %attr(755,root,root) %{_bindir}/virsh %attr(755,root,root) %{_sbindir}/libvirtd %attr(754,root,root) /etc/rc.d/init.d/libvirtd @@ -280,6 +283,9 @@ All persons listed below can be reached at <cvs_login>@pld-linux.org $Log$ +Revision 1.28 2011/04/28 09:48:22 baggins +- fix SASL paths + Revision 1.27 2011/03/29 09:53:00 baggins - rel 3 - fix gtkdoc packaging ================================================================ Index: packages/libvirt/libvirt-sasl.patch diff -u /dev/null packages/libvirt/libvirt-sasl.patch:1.1 --- /dev/null Thu Apr 28 11:48:27 2011 +++ packages/libvirt/libvirt-sasl.patch Thu Apr 28 11:48:22 2011 @@ -0,0 +1,286 @@ +diff -ru libvirt-0.8.8/daemon/libvirtd.conf libvirt-0.8.8-sasl/daemon/libvirtd.conf +--- libvirt-0.8.8/daemon/libvirtd.conf 2010-12-20 14:35:22.000000000 +0100 ++++ libvirt-0.8.8-sasl/daemon/libvirtd.conf 2011-04-28 11:45:47.727741165 +0200 +@@ -111,7 +111,7 @@ + # the network providing auth (eg, TLS/x509 certificates) + # + # - sasl: use SASL infrastructure. The actual auth scheme is then +-# controlled from /etc/sasl2/libvirt.conf. For the TCP ++# controlled from /etc/sasl/libvirt.conf. For the TCP + # socket only GSSAPI & DIGEST-MD5 mechanisms will be used. + # For non-TCP or TLS sockets, any scheme is allowed. + # +@@ -142,7 +142,7 @@ + # If you don't enable SASL, then all TCP traffic is cleartext. + # Don't do this outside of a dev/test scenario. For real world + # use, always enable SASL and use the GSSAPI or DIGEST-MD5 +-# mechanism in /etc/sasl2/libvirt.conf ++# mechanism in /etc/sasl/libvirt.conf + #auth_tcp = "sasl" + + # Change the authentication scheme for TLS sockets. +diff -ru libvirt-0.8.8/daemon/Makefile.am libvirt-0.8.8-sasl/daemon/Makefile.am +--- libvirt-0.8.8/daemon/Makefile.am 2011-01-31 02:30:59.000000000 +0100 ++++ libvirt-0.8.8-sasl/daemon/Makefile.am 2011-04-28 11:45:47.703741165 +0200 +@@ -326,12 +326,12 @@ + # the WITH_LIBVIRTD conditional + if HAVE_SASL + install-data-sasl: +- mkdir -p $(DESTDIR)$(sysconfdir)/sasl2/ +- $(INSTALL_DATA) $(srcdir)/libvirtd.sasl $(DESTDIR)$(sysconfdir)/sasl2/libvirt.conf ++ mkdir -p $(DESTDIR)$(sysconfdir)/sasl/ ++ $(INSTALL_DATA) $(srcdir)/libvirtd.sasl $(DESTDIR)$(sysconfdir)/sasl/libvirt.conf + + uninstall-data-sasl: +- rm -f $(DESTDIR)$(sysconfdir)/sasl2/libvirt.conf +- rmdir $(DESTDIR)$(sysconfdir)/sasl2/ ++ rm -f $(DESTDIR)$(sysconfdir)/sasl/libvirt.conf ++ rmdir $(DESTDIR)$(sysconfdir)/sasl/ + else + install-data-sasl: + uninstall-data-sasl: +diff -ru libvirt-0.8.8/daemon/test_libvirtd.aug libvirt-0.8.8-sasl/daemon/test_libvirtd.aug +--- libvirt-0.8.8/daemon/test_libvirtd.aug 2011-01-31 02:30:59.000000000 +0100 ++++ libvirt-0.8.8-sasl/daemon/test_libvirtd.aug 2011-04-28 11:45:47.697741165 +0200 +@@ -108,7 +108,7 @@ + # the network providing auth (eg, TLS/x509 certificates) + # + # - sasl: use SASL infrastructure. The actual auth scheme is then +-# controlled from /etc/sasl2/libvirt.conf. For the TCP ++# controlled from /etc/sasl/libvirt.conf. For the TCP + # socket only GSSAPI & DIGEST-MD5 mechanisms will be used. + # For non-TCP or TLS sockets, any scheme is allowed. + # +@@ -139,7 +139,7 @@ + # If you don't enable SASL, then all TCP traffic is cleartext. + # Don't do this outside of a dev/test scenario. For real world + # use, always enable SASL and use the GSSAPI or DIGEST-MD5 +-# mechanism in /etc/sasl2/libvirt.conf ++# mechanism in /etc/sasl/libvirt.conf + auth_tcp = \"sasl\" + + # Change the authentication scheme for TLS sockets. +@@ -383,7 +383,7 @@ + { "#comment" = "the network providing auth (eg, TLS/x509 certificates)" } + { "#comment" = "" } + { "#comment" = "- sasl: use SASL infrastructure. The actual auth scheme is then" } +- { "#comment" = "controlled from /etc/sasl2/libvirt.conf. For the TCP" } ++ { "#comment" = "controlled from /etc/sasl/libvirt.conf. For the TCP" } + { "#comment" = "socket only GSSAPI & DIGEST-MD5 mechanisms will be used." } + { "#comment" = "For non-TCP or TLS sockets, any scheme is allowed." } + { "#comment" = "" } +@@ -414,7 +414,7 @@ + { "#comment" = "If you don't enable SASL, then all TCP traffic is cleartext." } + { "#comment" = "Don't do this outside of a dev/test scenario. For real world" } + { "#comment" = "use, always enable SASL and use the GSSAPI or DIGEST-MD5" } +- { "#comment" = "mechanism in /etc/sasl2/libvirt.conf" } ++ { "#comment" = "mechanism in /etc/sasl/libvirt.conf" } + { "auth_tcp" = "sasl" } + { "#empty" } + { "#comment" = "Change the authentication scheme for TLS sockets." } +diff -ru libvirt-0.8.8/docs/auth.html libvirt-0.8.8-sasl/docs/auth.html +--- libvirt-0.8.8/docs/auth.html 2011-02-17 05:13:12.000000000 +0100 ++++ libvirt-0.8.8-sasl/docs/auth.html 2011-04-28 11:45:43.429741167 +0200 +@@ -273,7 +273,7 @@ + The plain TCP socket of the libvirt daemon defaults to using SASL for authentication. + The SASL mechanism configured by default is DIGEST-MD5, which provides a basic + username+password style authentication. To enable Kerberos single-sign-on instead, +-the libvirt SASL configuration file must be changed. This is <code>/etc/sasl2/libvirt.conf</code>. ++the libvirt SASL configuration file must be changed. This is <code>/etc/sasl/libvirt.conf</code>. + The <code>mech_list</code> parameter must first be changed to <code>gssapi</code> + instead of the default <code>digest-md5</code>. If SASL is enabled on the UNIX + and/or TLS sockets, Kerberos will also be used for them. Like DIGEST-MD5, the Kerberos +diff -ru libvirt-0.8.8/docs/auth.html.in libvirt-0.8.8-sasl/docs/auth.html.in +--- libvirt-0.8.8/docs/auth.html.in 2010-12-20 14:35:22.000000000 +0100 ++++ libvirt-0.8.8-sasl/docs/auth.html.in 2011-04-28 11:45:43.586741167 +0200 +@@ -115,7 +115,7 @@ + The plain TCP socket of the libvirt daemon defaults to using SASL for authentication. + The SASL mechanism configured by default is DIGEST-MD5, which provides a basic + username+password style authentication. To enable Kerberos single-sign-on instead, +-the libvirt SASL configuration file must be changed. This is <code>/etc/sasl2/libvirt.conf</code>. ++the libvirt SASL configuration file must be changed. This is <code>/etc/sasl/libvirt.conf</code>. + The <code>mech_list</code> parameter must first be changed to <code>gssapi</code> + instead of the default <code>digest-md5</code>. If SASL is enabled on the UNIX + and/or TLS sockets, Kerberos will also be used for them. Like DIGEST-MD5, the Kerberos +diff -ru libvirt-0.8.8/libvirt.spec libvirt-0.8.8-sasl/libvirt.spec +--- libvirt-0.8.8/libvirt.spec 2011-02-17 05:13:09.000000000 +0100 ++++ libvirt-0.8.8-sasl/libvirt.spec 2011-04-28 11:45:43.675741167 +0200 +@@ -933,7 +933,7 @@ + %dir %attr(0755, root, root) %{_localstatedir}/lib/libvirt/ + + %if %{with_sasl} +-%config(noreplace) %{_sysconfdir}/sasl2/libvirt.conf ++%config(noreplace) %{_sysconfdir}/sasl/libvirt.conf + %endif + + %files devel +diff -ru libvirt-0.8.8/libvirt.spec.in libvirt-0.8.8-sasl/libvirt.spec.in +--- libvirt-0.8.8/libvirt.spec.in 2011-02-17 05:10:58.000000000 +0100 ++++ libvirt-0.8.8-sasl/libvirt.spec.in 2011-04-28 11:45:43.672741167 +0200 +@@ -933,7 +933,7 @@ + %dir %attr(0755, root, root) %{_localstatedir}/lib/libvirt/ + + %if %{with_sasl} +-%config(noreplace) %{_sysconfdir}/sasl2/libvirt.conf ++%config(noreplace) %{_sysconfdir}/sasl/libvirt.conf + %endif + + %files devel +diff -ru libvirt-0.8.8/src/qemu/qemu.conf libvirt-0.8.8-sasl/src/qemu/qemu.conf +--- libvirt-0.8.8/src/qemu/qemu.conf 2011-02-16 07:36:53.000000000 +0100 ++++ libvirt-0.8.8-sasl/src/qemu/qemu.conf 2011-04-28 11:45:47.091741165 +0200 +@@ -74,18 +74,18 @@ + # Examples include vinagre, virt-viewer and virt-manager + # itself. UltraVNC, RealVNC, TightVNC do not support this + # +-# It is necessary to configure /etc/sasl2/qemu.conf to choose ++# It is necessary to configure /etc/sasl/qemu.conf to choose + # the desired SASL plugin (eg, GSSPI for Kerberos) + # + # vnc_sasl = 1 + + +-# The default SASL configuration file is located in /etc/sasl2/ ++# The default SASL configuration file is located in /etc/sasl/ + # When running libvirtd unprivileged, it may be desirable to + # override the configs in this location. Set this parameter to + # point to the directory, and create a qemu.conf in that location + # +-# vnc_sasl_dir = "/some/directory/sasl2" ++# vnc_sasl_dir = "/some/directory/sasl" + + + +diff -ru libvirt-0.8.8/src/qemu/test_libvirtd_qemu.aug libvirt-0.8.8-sasl/src/qemu/test_libvirtd_qemu.aug +--- libvirt-0.8.8/src/qemu/test_libvirtd_qemu.aug 2011-01-31 02:30:59.000000000 +0100 ++++ libvirt-0.8.8-sasl/src/qemu/test_libvirtd_qemu.aug 2011-04-28 11:45:47.103741165 +0200 +@@ -67,18 +67,18 @@ + # Examples include vinagre, virt-viewer and virt-manager + # itself. UltraVNC, RealVNC, TightVNC do not support this + # +-# It is necessary to configure /etc/sasl2/qemu.conf to choose ++# It is necessary to configure /etc/sasl/qemu.conf to choose + # the desired SASL plugin (eg, GSSPI for Kerberos) + # + vnc_sasl = 1 + + +-# The default SASL configuration file is located in /etc/sasl2/ ++# The default SASL configuration file is located in /etc/sasl/ + # When running libvirtd unprivileged, it may be desirable to + # override the configs in this location. Set this parameter to + # point to the directory, and create a qemu.conf in that location + # +-vnc_sasl_dir = \"/some/directory/sasl2\" ++vnc_sasl_dir = \"/some/directory/sasl\" + + security_driver = \"selinux\" + +@@ -181,18 +181,18 @@ + { "#comment" = "Examples include vinagre, virt-viewer and virt-manager" } + { "#comment" = "itself. UltraVNC, RealVNC, TightVNC do not support this" } + { "#comment" = "" } +-{ "#comment" = "It is necessary to configure /etc/sasl2/qemu.conf to choose" } ++{ "#comment" = "It is necessary to configure /etc/sasl/qemu.conf to choose" } + { "#comment" = "the desired SASL plugin (eg, GSSPI for Kerberos)" } + { "#comment" = "" } + { "vnc_sasl" = "1" } + { "#empty" } + { "#empty" } +-{ "#comment" = "The default SASL configuration file is located in /etc/sasl2/" } ++{ "#comment" = "The default SASL configuration file is located in /etc/sasl/" } + { "#comment" = "When running libvirtd unprivileged, it may be desirable to" } + { "#comment" = "override the configs in this location. Set this parameter to" } + { "#comment" = "point to the directory, and create a qemu.conf in that location" } + { "#comment" = "" } +-{ "vnc_sasl_dir" = "/some/directory/sasl2" } ++{ "vnc_sasl_dir" = "/some/directory/sasl" } + { "#empty" } + { "security_driver" = "selinux" } + { "#empty" } +diff -ru libvirt-0.8.8/tests/confdata/libvirtd.conf libvirt-0.8.8-sasl/tests/confdata/libvirtd.conf +--- libvirt-0.8.8/tests/confdata/libvirtd.conf 2010-05-27 14:03:22.000000000 +0200 ++++ libvirt-0.8.8-sasl/tests/confdata/libvirtd.conf 2011-04-28 11:45:46.878741165 +0200 +@@ -102,7 +102,7 @@ + # the network providing auth (eg, TLS/x509 certificates) + # + # - sasl: use SASL infrastructure. The actual auth scheme is then +-# controlled from /etc/sasl2/libvirt.conf. For the TCP ++# controlled from /etc/sasl/libvirt.conf. For the TCP + # socket only GSSAPI & DIGEST-MD5 mechanisms will be used. + # For non-TCP or TLS sockets, any scheme is allowed. + # +@@ -133,7 +133,7 @@ + # If you don't enable SASL, then all TCP traffic is cleartext. + # Don't do this outside of a dev/test scenario. For real world + # use, always enable SASL and use the GSSAPI or DIGEST-MD5 +-# mechanism in /etc/sasl2/libvirt.conf ++# mechanism in /etc/sasl/libvirt.conf + auth_tcp = "sasl" + + # Change the authentication scheme for TLS sockets. +diff -ru libvirt-0.8.8/tests/confdata/libvirtd.out libvirt-0.8.8-sasl/tests/confdata/libvirtd.out +--- libvirt-0.8.8/tests/confdata/libvirtd.out 2010-05-27 14:03:22.000000000 +0200 ++++ libvirt-0.8.8-sasl/tests/confdata/libvirtd.out 2011-04-28 11:45:46.875741165 +0200 +@@ -82,7 +82,7 @@ + # the network providing auth (eg, TLS/x509 certificates) + # + # - sasl: use SASL infrastructure. The actual auth scheme is then +-# controlled from /etc/sasl2/libvirt.conf. For the TCP ++# controlled from /etc/sasl/libvirt.conf. For the TCP + # socket only GSSAPI & DIGEST-MD5 mechanisms will be used. + # For non-TCP or TLS sockets, any scheme is allowed. + # +@@ -111,7 +111,7 @@ + # If you don't enable SASL, then all TCP traffic is cleartext. + # Don't do this outside of a dev/test scenario. For real world + # use, always enable SASL and use the GSSAPI or DIGEST-MD5 +-# mechanism in /etc/sasl2/libvirt.conf ++# mechanism in /etc/sasl/libvirt.conf + auth_tcp = "sasl" + # Change the authentication scheme for TLS sockets. + # +diff -ru libvirt-0.8.8/tests/qemuargv2xmltest.c libvirt-0.8.8-sasl/tests/qemuargv2xmltest.c +--- libvirt-0.8.8/tests/qemuargv2xmltest.c 2011-01-24 03:59:21.000000000 +0100 ++++ libvirt-0.8.8-sasl/tests/qemuargv2xmltest.c 2011-04-28 11:45:46.964741165 +0200 +@@ -181,7 +181,7 @@ + DO_TEST("graphics-vnc-socket"); + + driver.vncSASL = 1; +- driver.vncSASLdir = strdup("/root/.sasl2"); ++ driver.vncSASLdir = strdup("/root/.sasl"); + DO_TEST("graphics-vnc-sasl"); + driver.vncTLS = 1; + driver.vncTLSx509verify = 1; +diff -ru libvirt-0.8.8/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args libvirt-0.8.8-sasl/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args +--- libvirt-0.8.8/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args 2011-02-03 15:05:31.000000000 +0100 ++++ libvirt-0.8.8-sasl/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args 2011-04-28 11:45:46.860741165 +0200 +@@ -1,5 +1,5 @@ + LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test \ +-SASL_CONF_DIR=/root/.sasl2 QEMU_AUDIO_DRV=none /usr/bin/qemu -S -M pc -m 214 \ ++SASL_CONF_DIR=/root/.sasl QEMU_AUDIO_DRV=none /usr/bin/qemu -S -M pc -m 214 \ + -smp 1 -monitor unix:/tmp/test-monitor,server,nowait -no-acpi -boot c -hda \ + /dev/HostVG/QEMUGuest1 -net none -serial none -parallel none -usb -vnc \ + 127.0.0.1:3,sasl -vga cirrus +diff -ru libvirt-0.8.8/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args libvirt-0.8.8-sasl/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args +--- libvirt-0.8.8/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args 2011-02-03 15:05:31.000000000 +0100 ++++ libvirt-0.8.8-sasl/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args 2011-04-28 11:45:46.864741165 +0200 +@@ -1,5 +1,5 @@ + LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test \ +-SASL_CONF_DIR=/root/.sasl2 QEMU_AUDIO_DRV=none /usr/bin/qemu -S -M pc -m 214 \ ++SASL_CONF_DIR=/root/.sasl QEMU_AUDIO_DRV=none /usr/bin/qemu -S -M pc -m 214 \ + -smp 1 -monitor unix:/tmp/test-monitor,server,nowait -no-acpi -boot c -hda \ + /dev/HostVG/QEMUGuest1 -net none -serial none -parallel none -usb -vnc \ + 127.0.0.1:3,tls,x509verify=/etc/pki/tls/qemu,sasl +diff -ru libvirt-0.8.8/tests/qemuxml2argvtest.c libvirt-0.8.8-sasl/tests/qemuxml2argvtest.c +--- libvirt-0.8.8/tests/qemuxml2argvtest.c 2011-02-11 10:46:59.000000000 +0100 ++++ libvirt-0.8.8-sasl/tests/qemuxml2argvtest.c 2011-04-28 11:45:46.767741165 +0200 +@@ -335,7 +335,7 @@ + DO_TEST("graphics-vnc-socket", 0, false); + + driver.vncSASL = 1; +- driver.vncSASLdir = strdup("/root/.sasl2"); ++ driver.vncSASLdir = strdup("/root/.sasl"); + DO_TEST("graphics-vnc-sasl", QEMUD_CMD_FLAG_VGA, false); + driver.vncTLS = 1; + driver.vncTLSx509verify = 1; ================================================================ ---- CVS-web: http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/libvirt/libvirt.spec?r1=1.27&r2=1.28&f=u _______________________________________________ pld-cvs-commit mailing list pld-cvs-commit@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit