[PATCH 0/8] conf: Don't lose <active_pcr_banks/> when no TPM version is provided
by Michal Privoznik
*** BLURB HERE ***
Michal Prívozník (8):
conf: Report an error when default TPM model is provided
conf: Report error when default TPM version is provided
conf: Drop needless setting of VIR_DOMAIN_TPM_VERSION_DEFAULT
conf: Move _virDomainTPMDef::version into
_virDomainTPMDef::data::emulator
conf: Use virXMLPropEnum more when parsing TPM
qemu_domain: Move TPM post parse code into qemuDomainTPMDefPostParse()
qemu: Move TPMs validation out of PostParse
conf: Don't lose <active_pcr_banks/> when no TPM version is provided
src/conf/domain_conf.c | 81 +++++++++++++-------------------
src/conf/domain_conf.h | 10 ++--
src/conf/domain_validate.c | 28 ++++++++++-
src/qemu/qemu_command.c | 2 +-
src/qemu/qemu_domain.c | 63 ++++++-------------------
src/qemu/qemu_tpm.c | 10 ++--
src/qemu/qemu_validate.c | 87 ++++++++++++++++++++++++-----------
src/security/virt-aa-helper.c | 2 +-
8 files changed, 147 insertions(+), 136 deletions(-)
--
2.35.1
2 years, 4 months
Can RHEL7 VM run remote libvirt commands to Fedora36 host?
by Carol Bouchard
I have a test environment that use to work but no longer does. My
laptop is Fedora36 (libvirt version 8.1.0.2) while the VMs it spawns are
RHEL7 (max libvirt version is 4.5.0). The source of my problem
seems to be that RHEL7 libvirt needs rw socket /var/run/libvirt/libvirt-sock
which no longer exists in fedora36.
The following is successful from RHEL7 VM to laptop:
virsh -d0 --connect
'qemu+ssh://192.168.120.1/system?*socket*=/var/run/libvirt/libvirt-sock-ro'
domstate beaker-test-vm1.beaker
If I change the action from domstate to start, it fails on
error: Failed to start domain beaker-test-vm1.beaker
error: operation forbidden: read only access prevents virDomainCreate
which made me realize ro stands for read-only; however, there is no
libvirt-sock. I tried some of the other socket files without success.
Is there a work-around?
Carol
2 years, 4 months
[PATCH] spec: Remove duplicate check of libvirtd status
by Jim Fehlig
The %posttrans scriptlet checks if libvirtd is active within a
condition that is only executed if libvirtd is active. Remove the
duplicate check.
Signed-off-by: Jim Fehlig <jfehlig(a)suse.com>
---
This patch contains an improvement Martin suggested while reviewing
another patch to the posttrans scriptlet
https://listman.redhat.com/archives/libvir-list/2022-July/232947.html
The problem of not restarting socket units if libvird is inactive persists,
but it is not clear if socket units need restarted on package update.
libvirt.spec.in | 18 ++++++------------
1 file changed, 6 insertions(+), 12 deletions(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index 9d788b790f..a238edf2aa 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -1365,18 +1365,12 @@ then
# own the sockets again when it comes back up. Thus we must
# do this particular ordering, so that we get libvirtd
# running with socket activation in use
- /bin/systemctl is-active libvirtd.service 1>/dev/null 2>&1
- if test $? = 0
- then
- /bin/systemctl stop libvirtd.service >/dev/null 2>&1 || :
-
- /bin/systemctl try-restart \
- libvirtd.socket \
- libvirtd-ro.socket \
- libvirtd-admin.socket >/dev/null 2>&1 || :
-
- /bin/systemctl start libvirtd.service >/dev/null 2>&1 || :
- fi
+ /bin/systemctl stop libvirtd.service >/dev/null 2>&1 || :
+ /bin/systemctl try-restart \
+ libvirtd.socket \
+ libvirtd-ro.socket \
+ libvirtd-admin.socket >/dev/null 2>&1 || :
+ /bin/systemctl start libvirtd.service >/dev/null 2>&1 || :
fi
fi
--
2.36.1
2 years, 4 months
Release of libvirt-8.6.0
by Jiri Denemark
The 8.6.0 release of both libvirt and libvirt-python is tagged and
signed tarballs and source RPMs are available at
https://libvirt.org/sources/
https://libvirt.org/sources/python/
Thanks everybody who helped with this release by sending patches,
reviewing, testing, or providing feedback. Your work is greatly
appreciated.
* Improvements
* conf: Improved firmware autoselection
The firmware autoselection feature now behaves more intuitively, reports
better error messages on failure and comes with high-level documentation.
Enjoy.
Jirka
2 years, 4 months