packages: libvirt/libvirt.spec, libvirt/libvirt-sasl.patch (NEW) - fix SASL...
baggins
baggins at pld-linux.org
Thu Apr 28 11:48:27 CEST 2011
Author: baggins Date: Thu Apr 28 09:48:27 2011 GMT
Module: packages Tag: HEAD
---- Log message:
- fix SASL paths
---- Files affected:
packages/libvirt:
libvirt.spec (1.27 -> 1.28) , libvirt-sasl.patch (NONE -> 1.1) (NEW)
---- Diffs:
================================================================
Index: packages/libvirt/libvirt.spec
diff -u packages/libvirt/libvirt.spec:1.27 packages/libvirt/libvirt.spec:1.28
--- packages/libvirt/libvirt.spec:1.27 Tue Mar 29 11:53:00 2011
+++ packages/libvirt/libvirt.spec Thu Apr 28 11:48:22 2011
@@ -26,7 +26,7 @@
Summary: Toolkit to interact with virtualization capabilities
Name: libvirt
Version: 0.8.8
-Release: 3
+Release: 3.1
License: LGPL
Group: Base/Kernel
URL: http://www.libvirt.org/
@@ -34,6 +34,7 @@
# Source0-md5: ac9235576352b84b8cb17df7456bbdfc
Source1: %{name}.init
Patch0: gcrypt.patch
+Patch1: %{name}-sasl.patch
%{?with_lokkit:BuildRequires: /usr/sbin/lokkit}
%{?with_polkit:BuildRequires: PolicyKit >= 0.6}
%{?with_polkit:BuildRequires: PolicyKit-devel >= 0.6}
@@ -147,6 +148,8 @@
%prep
%setup -q
#%patch0 -p1
+%patch1 -p1
+
# weird translations
rm -f po/{my,eu_ES}.{po,gmo}
@@ -250,7 +253,7 @@
%files utils
%defattr(644,root,root,755)
%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/libvirt
-%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/sasl2/libvirt.conf
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/sasl/libvirt.conf
%attr(755,root,root) %{_bindir}/virsh
%attr(755,root,root) %{_sbindir}/libvirtd
%attr(754,root,root) /etc/rc.d/init.d/libvirtd
@@ -280,6 +283,9 @@
All persons listed below can be reached at <cvs_login>@pld-linux.org
$Log$
+Revision 1.28 2011/04/28 09:48:22 baggins
+- fix SASL paths
+
Revision 1.27 2011/03/29 09:53:00 baggins
- rel 3
- fix gtkdoc packaging
================================================================
Index: packages/libvirt/libvirt-sasl.patch
diff -u /dev/null packages/libvirt/libvirt-sasl.patch:1.1
--- /dev/null Thu Apr 28 11:48:27 2011
+++ packages/libvirt/libvirt-sasl.patch Thu Apr 28 11:48:22 2011
@@ -0,0 +1,286 @@
+diff -ru libvirt-0.8.8/daemon/libvirtd.conf libvirt-0.8.8-sasl/daemon/libvirtd.conf
+--- libvirt-0.8.8/daemon/libvirtd.conf 2010-12-20 14:35:22.000000000 +0100
++++ libvirt-0.8.8-sasl/daemon/libvirtd.conf 2011-04-28 11:45:47.727741165 +0200
+@@ -111,7 +111,7 @@
+ # the network providing auth (eg, TLS/x509 certificates)
+ #
+ # - sasl: use SASL infrastructure. The actual auth scheme is then
+-# controlled from /etc/sasl2/libvirt.conf. For the TCP
++# controlled from /etc/sasl/libvirt.conf. For the TCP
+ # socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
+ # For non-TCP or TLS sockets, any scheme is allowed.
+ #
+@@ -142,7 +142,7 @@
+ # If you don't enable SASL, then all TCP traffic is cleartext.
+ # Don't do this outside of a dev/test scenario. For real world
+ # use, always enable SASL and use the GSSAPI or DIGEST-MD5
+-# mechanism in /etc/sasl2/libvirt.conf
++# mechanism in /etc/sasl/libvirt.conf
+ #auth_tcp = "sasl"
+
+ # Change the authentication scheme for TLS sockets.
+diff -ru libvirt-0.8.8/daemon/Makefile.am libvirt-0.8.8-sasl/daemon/Makefile.am
+--- libvirt-0.8.8/daemon/Makefile.am 2011-01-31 02:30:59.000000000 +0100
++++ libvirt-0.8.8-sasl/daemon/Makefile.am 2011-04-28 11:45:47.703741165 +0200
+@@ -326,12 +326,12 @@
+ # the WITH_LIBVIRTD conditional
+ if HAVE_SASL
+ install-data-sasl:
+- mkdir -p $(DESTDIR)$(sysconfdir)/sasl2/
+- $(INSTALL_DATA) $(srcdir)/libvirtd.sasl $(DESTDIR)$(sysconfdir)/sasl2/libvirt.conf
++ mkdir -p $(DESTDIR)$(sysconfdir)/sasl/
++ $(INSTALL_DATA) $(srcdir)/libvirtd.sasl $(DESTDIR)$(sysconfdir)/sasl/libvirt.conf
+
+ uninstall-data-sasl:
+- rm -f $(DESTDIR)$(sysconfdir)/sasl2/libvirt.conf
+- rmdir $(DESTDIR)$(sysconfdir)/sasl2/
++ rm -f $(DESTDIR)$(sysconfdir)/sasl/libvirt.conf
++ rmdir $(DESTDIR)$(sysconfdir)/sasl/
+ else
+ install-data-sasl:
+ uninstall-data-sasl:
+diff -ru libvirt-0.8.8/daemon/test_libvirtd.aug libvirt-0.8.8-sasl/daemon/test_libvirtd.aug
+--- libvirt-0.8.8/daemon/test_libvirtd.aug 2011-01-31 02:30:59.000000000 +0100
++++ libvirt-0.8.8-sasl/daemon/test_libvirtd.aug 2011-04-28 11:45:47.697741165 +0200
+@@ -108,7 +108,7 @@
+ # the network providing auth (eg, TLS/x509 certificates)
+ #
+ # - sasl: use SASL infrastructure. The actual auth scheme is then
+-# controlled from /etc/sasl2/libvirt.conf. For the TCP
++# controlled from /etc/sasl/libvirt.conf. For the TCP
+ # socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
+ # For non-TCP or TLS sockets, any scheme is allowed.
+ #
+@@ -139,7 +139,7 @@
+ # If you don't enable SASL, then all TCP traffic is cleartext.
+ # Don't do this outside of a dev/test scenario. For real world
+ # use, always enable SASL and use the GSSAPI or DIGEST-MD5
+-# mechanism in /etc/sasl2/libvirt.conf
++# mechanism in /etc/sasl/libvirt.conf
+ auth_tcp = \"sasl\"
+
+ # Change the authentication scheme for TLS sockets.
+@@ -383,7 +383,7 @@
+ { "#comment" = "the network providing auth (eg, TLS/x509 certificates)" }
+ { "#comment" = "" }
+ { "#comment" = "- sasl: use SASL infrastructure. The actual auth scheme is then" }
+- { "#comment" = "controlled from /etc/sasl2/libvirt.conf. For the TCP" }
++ { "#comment" = "controlled from /etc/sasl/libvirt.conf. For the TCP" }
+ { "#comment" = "socket only GSSAPI & DIGEST-MD5 mechanisms will be used." }
+ { "#comment" = "For non-TCP or TLS sockets, any scheme is allowed." }
+ { "#comment" = "" }
+@@ -414,7 +414,7 @@
+ { "#comment" = "If you don't enable SASL, then all TCP traffic is cleartext." }
+ { "#comment" = "Don't do this outside of a dev/test scenario. For real world" }
+ { "#comment" = "use, always enable SASL and use the GSSAPI or DIGEST-MD5" }
+- { "#comment" = "mechanism in /etc/sasl2/libvirt.conf" }
++ { "#comment" = "mechanism in /etc/sasl/libvirt.conf" }
+ { "auth_tcp" = "sasl" }
+ { "#empty" }
+ { "#comment" = "Change the authentication scheme for TLS sockets." }
+diff -ru libvirt-0.8.8/docs/auth.html libvirt-0.8.8-sasl/docs/auth.html
+--- libvirt-0.8.8/docs/auth.html 2011-02-17 05:13:12.000000000 +0100
++++ libvirt-0.8.8-sasl/docs/auth.html 2011-04-28 11:45:43.429741167 +0200
+@@ -273,7 +273,7 @@
+ The plain TCP socket of the libvirt daemon defaults to using SASL for authentication.
+ The SASL mechanism configured by default is DIGEST-MD5, which provides a basic
+ username+password style authentication. To enable Kerberos single-sign-on instead,
+-the libvirt SASL configuration file must be changed. This is <code>/etc/sasl2/libvirt.conf</code>.
++the libvirt SASL configuration file must be changed. This is <code>/etc/sasl/libvirt.conf</code>.
+ The <code>mech_list</code> parameter must first be changed to <code>gssapi</code>
+ instead of the default <code>digest-md5</code>. If SASL is enabled on the UNIX
+ and/or TLS sockets, Kerberos will also be used for them. Like DIGEST-MD5, the Kerberos
+diff -ru libvirt-0.8.8/docs/auth.html.in libvirt-0.8.8-sasl/docs/auth.html.in
+--- libvirt-0.8.8/docs/auth.html.in 2010-12-20 14:35:22.000000000 +0100
++++ libvirt-0.8.8-sasl/docs/auth.html.in 2011-04-28 11:45:43.586741167 +0200
+@@ -115,7 +115,7 @@
+ The plain TCP socket of the libvirt daemon defaults to using SASL for authentication.
+ The SASL mechanism configured by default is DIGEST-MD5, which provides a basic
+ username+password style authentication. To enable Kerberos single-sign-on instead,
+-the libvirt SASL configuration file must be changed. This is <code>/etc/sasl2/libvirt.conf</code>.
++the libvirt SASL configuration file must be changed. This is <code>/etc/sasl/libvirt.conf</code>.
+ The <code>mech_list</code> parameter must first be changed to <code>gssapi</code>
+ instead of the default <code>digest-md5</code>. If SASL is enabled on the UNIX
+ and/or TLS sockets, Kerberos will also be used for them. Like DIGEST-MD5, the Kerberos
+diff -ru libvirt-0.8.8/libvirt.spec libvirt-0.8.8-sasl/libvirt.spec
+--- libvirt-0.8.8/libvirt.spec 2011-02-17 05:13:09.000000000 +0100
++++ libvirt-0.8.8-sasl/libvirt.spec 2011-04-28 11:45:43.675741167 +0200
+@@ -933,7 +933,7 @@
+ %dir %attr(0755, root, root) %{_localstatedir}/lib/libvirt/
+
+ %if %{with_sasl}
+-%config(noreplace) %{_sysconfdir}/sasl2/libvirt.conf
++%config(noreplace) %{_sysconfdir}/sasl/libvirt.conf
+ %endif
+
+ %files devel
+diff -ru libvirt-0.8.8/libvirt.spec.in libvirt-0.8.8-sasl/libvirt.spec.in
+--- libvirt-0.8.8/libvirt.spec.in 2011-02-17 05:10:58.000000000 +0100
++++ libvirt-0.8.8-sasl/libvirt.spec.in 2011-04-28 11:45:43.672741167 +0200
+@@ -933,7 +933,7 @@
+ %dir %attr(0755, root, root) %{_localstatedir}/lib/libvirt/
+
+ %if %{with_sasl}
+-%config(noreplace) %{_sysconfdir}/sasl2/libvirt.conf
++%config(noreplace) %{_sysconfdir}/sasl/libvirt.conf
+ %endif
+
+ %files devel
+diff -ru libvirt-0.8.8/src/qemu/qemu.conf libvirt-0.8.8-sasl/src/qemu/qemu.conf
+--- libvirt-0.8.8/src/qemu/qemu.conf 2011-02-16 07:36:53.000000000 +0100
++++ libvirt-0.8.8-sasl/src/qemu/qemu.conf 2011-04-28 11:45:47.091741165 +0200
+@@ -74,18 +74,18 @@
+ # Examples include vinagre, virt-viewer and virt-manager
+ # itself. UltraVNC, RealVNC, TightVNC do not support this
+ #
+-# It is necessary to configure /etc/sasl2/qemu.conf to choose
++# It is necessary to configure /etc/sasl/qemu.conf to choose
+ # the desired SASL plugin (eg, GSSPI for Kerberos)
+ #
+ # vnc_sasl = 1
+
+
+-# The default SASL configuration file is located in /etc/sasl2/
++# The default SASL configuration file is located in /etc/sasl/
+ # When running libvirtd unprivileged, it may be desirable to
+ # override the configs in this location. Set this parameter to
+ # point to the directory, and create a qemu.conf in that location
+ #
+-# vnc_sasl_dir = "/some/directory/sasl2"
++# vnc_sasl_dir = "/some/directory/sasl"
+
+
+
+diff -ru libvirt-0.8.8/src/qemu/test_libvirtd_qemu.aug libvirt-0.8.8-sasl/src/qemu/test_libvirtd_qemu.aug
+--- libvirt-0.8.8/src/qemu/test_libvirtd_qemu.aug 2011-01-31 02:30:59.000000000 +0100
++++ libvirt-0.8.8-sasl/src/qemu/test_libvirtd_qemu.aug 2011-04-28 11:45:47.103741165 +0200
+@@ -67,18 +67,18 @@
+ # Examples include vinagre, virt-viewer and virt-manager
+ # itself. UltraVNC, RealVNC, TightVNC do not support this
+ #
+-# It is necessary to configure /etc/sasl2/qemu.conf to choose
++# It is necessary to configure /etc/sasl/qemu.conf to choose
+ # the desired SASL plugin (eg, GSSPI for Kerberos)
+ #
+ vnc_sasl = 1
+
+
+-# The default SASL configuration file is located in /etc/sasl2/
++# The default SASL configuration file is located in /etc/sasl/
+ # When running libvirtd unprivileged, it may be desirable to
+ # override the configs in this location. Set this parameter to
+ # point to the directory, and create a qemu.conf in that location
+ #
+-vnc_sasl_dir = \"/some/directory/sasl2\"
++vnc_sasl_dir = \"/some/directory/sasl\"
+
+ security_driver = \"selinux\"
+
+@@ -181,18 +181,18 @@
+ { "#comment" = "Examples include vinagre, virt-viewer and virt-manager" }
+ { "#comment" = "itself. UltraVNC, RealVNC, TightVNC do not support this" }
+ { "#comment" = "" }
+-{ "#comment" = "It is necessary to configure /etc/sasl2/qemu.conf to choose" }
++{ "#comment" = "It is necessary to configure /etc/sasl/qemu.conf to choose" }
+ { "#comment" = "the desired SASL plugin (eg, GSSPI for Kerberos)" }
+ { "#comment" = "" }
+ { "vnc_sasl" = "1" }
+ { "#empty" }
+ { "#empty" }
+-{ "#comment" = "The default SASL configuration file is located in /etc/sasl2/" }
++{ "#comment" = "The default SASL configuration file is located in /etc/sasl/" }
+ { "#comment" = "When running libvirtd unprivileged, it may be desirable to" }
+ { "#comment" = "override the configs in this location. Set this parameter to" }
+ { "#comment" = "point to the directory, and create a qemu.conf in that location" }
+ { "#comment" = "" }
+-{ "vnc_sasl_dir" = "/some/directory/sasl2" }
++{ "vnc_sasl_dir" = "/some/directory/sasl" }
+ { "#empty" }
+ { "security_driver" = "selinux" }
+ { "#empty" }
+diff -ru libvirt-0.8.8/tests/confdata/libvirtd.conf libvirt-0.8.8-sasl/tests/confdata/libvirtd.conf
+--- libvirt-0.8.8/tests/confdata/libvirtd.conf 2010-05-27 14:03:22.000000000 +0200
++++ libvirt-0.8.8-sasl/tests/confdata/libvirtd.conf 2011-04-28 11:45:46.878741165 +0200
+@@ -102,7 +102,7 @@
+ # the network providing auth (eg, TLS/x509 certificates)
+ #
+ # - sasl: use SASL infrastructure. The actual auth scheme is then
+-# controlled from /etc/sasl2/libvirt.conf. For the TCP
++# controlled from /etc/sasl/libvirt.conf. For the TCP
+ # socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
+ # For non-TCP or TLS sockets, any scheme is allowed.
+ #
+@@ -133,7 +133,7 @@
+ # If you don't enable SASL, then all TCP traffic is cleartext.
+ # Don't do this outside of a dev/test scenario. For real world
+ # use, always enable SASL and use the GSSAPI or DIGEST-MD5
+-# mechanism in /etc/sasl2/libvirt.conf
++# mechanism in /etc/sasl/libvirt.conf
+ auth_tcp = "sasl"
+
+ # Change the authentication scheme for TLS sockets.
+diff -ru libvirt-0.8.8/tests/confdata/libvirtd.out libvirt-0.8.8-sasl/tests/confdata/libvirtd.out
+--- libvirt-0.8.8/tests/confdata/libvirtd.out 2010-05-27 14:03:22.000000000 +0200
++++ libvirt-0.8.8-sasl/tests/confdata/libvirtd.out 2011-04-28 11:45:46.875741165 +0200
+@@ -82,7 +82,7 @@
+ # the network providing auth (eg, TLS/x509 certificates)
+ #
+ # - sasl: use SASL infrastructure. The actual auth scheme is then
+-# controlled from /etc/sasl2/libvirt.conf. For the TCP
++# controlled from /etc/sasl/libvirt.conf. For the TCP
+ # socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
+ # For non-TCP or TLS sockets, any scheme is allowed.
+ #
+@@ -111,7 +111,7 @@
+ # If you don't enable SASL, then all TCP traffic is cleartext.
+ # Don't do this outside of a dev/test scenario. For real world
+ # use, always enable SASL and use the GSSAPI or DIGEST-MD5
+-# mechanism in /etc/sasl2/libvirt.conf
++# mechanism in /etc/sasl/libvirt.conf
+ auth_tcp = "sasl"
+ # Change the authentication scheme for TLS sockets.
+ #
+diff -ru libvirt-0.8.8/tests/qemuargv2xmltest.c libvirt-0.8.8-sasl/tests/qemuargv2xmltest.c
+--- libvirt-0.8.8/tests/qemuargv2xmltest.c 2011-01-24 03:59:21.000000000 +0100
++++ libvirt-0.8.8-sasl/tests/qemuargv2xmltest.c 2011-04-28 11:45:46.964741165 +0200
+@@ -181,7 +181,7 @@
+ DO_TEST("graphics-vnc-socket");
+
+ driver.vncSASL = 1;
+- driver.vncSASLdir = strdup("/root/.sasl2");
++ driver.vncSASLdir = strdup("/root/.sasl");
+ DO_TEST("graphics-vnc-sasl");
+ driver.vncTLS = 1;
+ driver.vncTLSx509verify = 1;
+diff -ru libvirt-0.8.8/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args libvirt-0.8.8-sasl/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args
+--- libvirt-0.8.8/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args 2011-02-03 15:05:31.000000000 +0100
++++ libvirt-0.8.8-sasl/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-sasl.args 2011-04-28 11:45:46.860741165 +0200
+@@ -1,5 +1,5 @@
+ LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test \
+-SASL_CONF_DIR=/root/.sasl2 QEMU_AUDIO_DRV=none /usr/bin/qemu -S -M pc -m 214 \
++SASL_CONF_DIR=/root/.sasl QEMU_AUDIO_DRV=none /usr/bin/qemu -S -M pc -m 214 \
+ -smp 1 -monitor unix:/tmp/test-monitor,server,nowait -no-acpi -boot c -hda \
+ /dev/HostVG/QEMUGuest1 -net none -serial none -parallel none -usb -vnc \
+ 127.0.0.1:3,sasl -vga cirrus
+diff -ru libvirt-0.8.8/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args libvirt-0.8.8-sasl/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args
+--- libvirt-0.8.8/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args 2011-02-03 15:05:31.000000000 +0100
++++ libvirt-0.8.8-sasl/tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc-tls.args 2011-04-28 11:45:46.864741165 +0200
+@@ -1,5 +1,5 @@
+ LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test \
+-SASL_CONF_DIR=/root/.sasl2 QEMU_AUDIO_DRV=none /usr/bin/qemu -S -M pc -m 214 \
++SASL_CONF_DIR=/root/.sasl QEMU_AUDIO_DRV=none /usr/bin/qemu -S -M pc -m 214 \
+ -smp 1 -monitor unix:/tmp/test-monitor,server,nowait -no-acpi -boot c -hda \
+ /dev/HostVG/QEMUGuest1 -net none -serial none -parallel none -usb -vnc \
+ 127.0.0.1:3,tls,x509verify=/etc/pki/tls/qemu,sasl
+diff -ru libvirt-0.8.8/tests/qemuxml2argvtest.c libvirt-0.8.8-sasl/tests/qemuxml2argvtest.c
+--- libvirt-0.8.8/tests/qemuxml2argvtest.c 2011-02-11 10:46:59.000000000 +0100
++++ libvirt-0.8.8-sasl/tests/qemuxml2argvtest.c 2011-04-28 11:45:46.767741165 +0200
+@@ -335,7 +335,7 @@
+ DO_TEST("graphics-vnc-socket", 0, false);
+
+ driver.vncSASL = 1;
+- driver.vncSASLdir = strdup("/root/.sasl2");
++ driver.vncSASLdir = strdup("/root/.sasl");
+ DO_TEST("graphics-vnc-sasl", QEMUD_CMD_FLAG_VGA, false);
+ driver.vncTLS = 1;
+ driver.vncTLSx509verify = 1;
================================================================
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/libvirt/libvirt.spec?r1=1.27&r2=1.28&f=u
More information about the pld-cvs-commit
mailing list