On Thu, Apr 05, 2018 at 10:09:40 +0200, Michal Privoznik wrote:
https://bugzilla.redhat.com/show_bug.cgi?id=1557769
Problem with device mapper targets is that there can be several other devices 'hidden' behind them. For instance, /dev/dm-1 can consist of /dev/sda, /dev/sdb and /dev/sdc. Therefore, when setting up devices CGroup and namespaces we have to take this into account.
This bug was exposed after Linux kernel was fixed. Initially, kernel used different functions for getting block device in open() and ioctl(). While CGroup permissions were checked in the former case, due to a bug in kernel they were not checked in the latter case. This changed with the upstream commit of 519049afead4f7c3e6446028c41e99fde958cc04 (v4.16-rc5~11^2~4).
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> --- libvirt.spec.in | 2 ++ src/qemu/qemu_cgroup.c | 46 +++++++++++++++++++++++++++++++++++++++++++--- 2 files changed, 45 insertions(+), 3 deletions(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in index 97143c68ae..7dd63c0762 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -801,6 +801,8 @@ Requires: gzip Requires: bzip2 Requires: lzop Requires: xz +# For mpath devices +Requires: device-mapper
AFAIK if you link with a library, RPM picks the dependency up automatically, so this should not be required. It's required only for packages which provide binaries we use. Also the comment would not be entirely true, since it's required for all device mapper devices.
%if 0%{?fedora} || 0%{?rhel} > 7 Requires: systemd-container %endif
ACK to the rest of the patch.