[libvirt PATCH v2 00/33] systemd: Improve units for services and sockets

A grab bag of changes, ranging from very much functional ones to purely aesthetical ones. Changes from [v1] * patches 01-11 from the original series have been pushed; * patch 40 from the original series has been dropped; * patches 02 (cosmetic) and 31 (bug fix) have been added; * the templating mechanism has been completely overhauled, and now uses a Python script for performing service-specific unit customizations instead of meson's built-in templating capabilities; * as a result of the above, service-specific customizations are now stored in specific foo.{service,socket}.extra.in files instead of meson.build; * various other tweaks in response to review feedback. [v1] https://listman.redhat.com/archives/libvir-list/2023-September/242288.html Andrea Bolognani (33): systemd: Drop Conflicts from virtproxyd sockets systemd: Introduce service_in/service_out variables systemd: Make @service_in@ optional systemd: Introduce temporary libvirtd_socket*_in values systemd: Provide all input files explicitly systemd: Introduce common templates systemd: Use common templates by default systemd: Switch virtnodedevd to common templates systemd: Switch virtinterfaced to common templates systemd: Switch virtnwfilterd to common templates systemd: Switch virtsecretd to common templates systemd: Switch virtnetworkd to common templates systemd: Switch virtstoraged to common templates systemd: Switch virtvboxd to common templates systemd: Switch virtvzd to common templates systemd: Switch virtchd to common templates systemd: Switch virtxend to common templates systemd: Switch virtlxcd to common templates systemd: Switch virtqemud to common templates systemd: Switch virtproxyd to common templates systemd: Drop libvirtd_socket*_in values systemd: Drop @deps@ systemd: Drop parametrization from libvirtd sockets systemd: Make modular daemons conflict with libvirtd systemd: Replace Requires with BindTo+After for main socket systemd: Downgrade read-only/admin sockets to Wants systemd: Augment Requires/Wants with After systemd: Drop Before=libvirtd from virtlogd/virtlockd systemd: Drop Before=foo.service from sockets systemd: Add Also between sockets systemd: Add RemoveOnStop=yes to all sockets systemd: Improve and unify unit descriptions systemd: Move Documentation lines scripts/merge-systemd-units.py | 91 +++++++++++++++++++ scripts/meson.build | 1 + src/ch/meson.build | 4 +- src/ch/virtchd.service.extra.in | 22 +++++ src/ch/virtchd.service.in | 44 --------- src/interface/meson.build | 3 +- src/interface/virtinterfaced.service.in | 25 ----- src/libxl/meson.build | 6 +- src/libxl/virtxend.service.extra.in | 13 +++ src/libxl/virtxend.service.in | 32 ------- src/libxl/virtxend.socket.extra.in | 2 + src/locking/meson.build | 2 +- src/locking/virtlockd-admin.socket.in | 5 +- src/locking/virtlockd.service.in | 11 ++- src/locking/virtlockd.socket.in | 5 +- src/logging/meson.build | 2 +- src/logging/virtlogd-admin.socket.in | 5 +- src/logging/virtlogd.service.in | 11 ++- src/logging/virtlogd.socket.in | 5 +- src/lxc/meson.build | 4 +- src/lxc/virtlxcd.service.extra.in | 22 +++++ src/lxc/virtlxcd.service.in | 44 --------- src/meson.build | 41 +++++++-- src/network/meson.build | 4 +- src/network/virtnetworkd.service.extra.in | 2 + src/network/virtnetworkd.service.in | 26 ------ src/node_device/meson.build | 3 +- src/node_device/virtnodedevd.service.in | 25 ----- src/nwfilter/meson.build | 3 +- src/nwfilter/virtnwfilterd.service.in | 25 ----- src/qemu/meson.build | 4 +- src/qemu/virtqemud.service.extra.in | 30 ++++++ src/qemu/virtqemud.service.in | 48 ---------- src/remote/libvirtd-admin.socket.in | 15 +-- src/remote/libvirtd-ro.socket.in | 15 +-- src/remote/libvirtd-tcp.socket.in | 10 +- src/remote/libvirtd-tls.socket.in | 10 +- src/remote/libvirtd.service.in | 13 ++- src/remote/libvirtd.socket.in | 10 +- src/remote/meson.build | 13 +-- src/remote/virtproxyd.service.in | 25 ----- src/secret/meson.build | 3 +- src/secret/virtsecretd.service.in | 25 ----- src/storage/meson.build | 4 +- src/storage/virtstoraged.service.extra.in | 3 + src/storage/virtstoraged.service.in | 27 ------ src/vbox/meson.build | 4 +- src/vbox/virtvboxd.service.extra.in | 2 + src/vbox/virtvboxd.service.in | 26 ------ ...-admin.socket.in => virtd-admin.socket.in} | 9 +- ...bvirtd-ro.socket.in => virtd-ro.socket.in} | 9 +- ...irtd-tcp.socket.in => virtd-tcp.socket.in} | 6 +- ...irtd-tls.socket.in => virtd-tls.socket.in} | 6 +- src/virtd.service.in | 29 ++++++ .../libvirtd.socket.in => virtd.socket.in} | 8 +- src/vz/meson.build | 4 +- src/vz/virtvzd.service.extra.in | 2 + src/vz/virtvzd.service.in | 26 ------ 58 files changed, 367 insertions(+), 507 deletions(-) create mode 100755 scripts/merge-systemd-units.py create mode 100644 src/ch/virtchd.service.extra.in delete mode 100644 src/ch/virtchd.service.in delete mode 100644 src/interface/virtinterfaced.service.in create mode 100644 src/libxl/virtxend.service.extra.in delete mode 100644 src/libxl/virtxend.service.in create mode 100644 src/libxl/virtxend.socket.extra.in create mode 100644 src/lxc/virtlxcd.service.extra.in delete mode 100644 src/lxc/virtlxcd.service.in create mode 100644 src/network/virtnetworkd.service.extra.in delete mode 100644 src/network/virtnetworkd.service.in delete mode 100644 src/node_device/virtnodedevd.service.in delete mode 100644 src/nwfilter/virtnwfilterd.service.in create mode 100644 src/qemu/virtqemud.service.extra.in delete mode 100644 src/qemu/virtqemud.service.in delete mode 100644 src/remote/virtproxyd.service.in delete mode 100644 src/secret/virtsecretd.service.in create mode 100644 src/storage/virtstoraged.service.extra.in delete mode 100644 src/storage/virtstoraged.service.in create mode 100644 src/vbox/virtvboxd.service.extra.in delete mode 100644 src/vbox/virtvboxd.service.in copy src/{remote/libvirtd-admin.socket.in => virtd-admin.socket.in} (54%) copy src/{remote/libvirtd-ro.socket.in => virtd-ro.socket.in} (53%) copy src/{remote/libvirtd-tcp.socket.in => virtd-tcp.socket.in} (57%) copy src/{remote/libvirtd-tls.socket.in => virtd-tls.socket.in} (58%) create mode 100644 src/virtd.service.in copy src/{remote/libvirtd.socket.in => virtd.socket.in} (54%) create mode 100644 src/vz/virtvzd.service.extra.in delete mode 100644 src/vz/virtvzd.service.in -- 2.41.0

The idea behind these is to prevent running both modular daemons and monolithic daemon at the same time. We will implement a more effective solution for that shortly. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/remote/meson.build | 3 --- 1 file changed, 3 deletions(-) diff --git a/src/remote/meson.build b/src/remote/meson.build index eb4f7a0068..dc2f528d0b 100644 --- a/src/remote/meson.build +++ b/src/remote/meson.build @@ -128,8 +128,6 @@ libvirtd_socket_unit_files = [ 'libvirtd-tls.socket', ] -libvirtd_socket_conflicts = ' '.join(libvirtd_socket_unit_files) - logrotate_files = [ 'libvirtd.qemu', 'libvirtd.lxc', @@ -225,7 +223,6 @@ if conf.has('WITH_REMOTE') 'name': 'Libvirt proxy', 'sockprefix': 'libvirt', 'sockets': [ 'main', 'ro', 'admin', 'tcp', 'tls' ], - 'deps': 'Conflicts=' + libvirtd_socket_conflicts, } openrc_init_files += { -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:02PM +0200, Andrea Bolognani wrote:
The idea behind these is to prevent running both modular daemons and monolithic daemon at the same time. We will implement a more effective solution for that shortly.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/remote/meson.build | 3 --- 1 file changed, 3 deletions(-)
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

They're similar to the existing socket_in/socket_out variables and will make future changes nicer. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/meson.build | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/meson.build b/src/meson.build index 6c85cc9b9b..c6728cc8f8 100644 --- a/src/meson.build +++ b/src/meson.build @@ -816,9 +816,12 @@ if conf.has('WITH_LIBVIRTD') 'sockmode': sockmode, }) + service_in = unit['service_in'] + service_out = '@0@.service'.format(unit['service']) + configure_file( - input: unit['service_in'], - output: '@0@.service'.format(unit['service']), + input: service_in, + output: service_out, configuration: unit_conf, install: true, install_dir: systemd_unit_dir, -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:03PM +0200, Andrea Bolognani wrote:
They're similar to the existing socket_in/socket_out variables and will make future changes nicer.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/meson.build | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-)
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

It is currently considered required, but we're soon going to provide a default that will be suitable for most services. Since all services currently provide a value explicitly, we can implement a default without breaking anything. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/meson.build | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/meson.build b/src/meson.build index c6728cc8f8..b7c2076c04 100644 --- a/src/meson.build +++ b/src/meson.build @@ -194,10 +194,10 @@ guest_unit_files = [] # virt_daemon_units: # generate libvirt daemon systemd unit files # * service - name of the service (required) -# * service_in - service source file (required) # * name - socket description (required) # * sockprefix - socket prefix name (optional, default unit['service']) # * sockets - array of additional sockets (optional, default [ 'main', 'ro', 'admin' ]) +# * service_in - service source file (optional, default remote/libvirtd.service.in) # * socket_$name_in - additional socket source files (optional, default remote/libvirtd.socket.in ) # * deps - socket dependencies (optional, default '') virt_daemon_units = [] @@ -803,6 +803,8 @@ if conf.has('WITH_LIBVIRTD') sockmode = '0600' endif + service_in_default = 'remote' / 'libvirtd.service.in' + foreach unit : virt_daemon_units unit_conf = configuration_data({ 'runstatedir': runstatedir, @@ -816,7 +818,7 @@ if conf.has('WITH_LIBVIRTD') 'sockmode': sockmode, }) - service_in = unit['service_in'] + service_in = unit.get('service_in', service_in_default) service_out = '@0@.service'.format(unit['service']) configure_file( -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:04PM +0200, Andrea Bolognani wrote:
It is currently considered required, but we're soon going to provide a default that will be suitable for most services.
Since all services currently provide a value explicitly, we can implement a default without breaking anything.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/meson.build | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-)
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

These will be useful during the upcoming migration to common templates for systemd units and will be dropped as soon as all services have been converted. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/meson.build | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/meson.build b/src/meson.build index b7c2076c04..2fbf98b9fe 100644 --- a/src/meson.build +++ b/src/meson.build @@ -191,6 +191,10 @@ virt_test_aug_dir = datadir / 'augeas' / 'lenses' / 'tests' # guest unit files to install guest_unit_files = [] +libvirtd_socket_in = files('remote' / 'libvirtd.socket.in') +libvirtd_socket_ro_in = files('remote' / 'libvirtd-ro.socket.in') +libvirtd_socket_admin_in = files('remote' / 'libvirtd-admin.socket.in') + # virt_daemon_units: # generate libvirt daemon systemd unit files # * service - name of the service (required) -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:05PM +0200, Andrea Bolognani wrote:
These will be useful during the upcoming migration to common templates for systemd units and will be dropped as soon as all services have been converted.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/meson.build | 4 ++++ 1 file changed, 4 insertions(+)
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

We're about to change the defaults and start migrating to common templates: in order to be able to switch units over one at a time, make the input files that are currently used explicit rather than implicit. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/ch/meson.build | 3 +++ src/interface/meson.build | 3 +++ src/libxl/meson.build | 3 +++ src/lxc/meson.build | 3 +++ src/network/meson.build | 3 +++ src/node_device/meson.build | 3 +++ src/nwfilter/meson.build | 3 +++ src/qemu/meson.build | 3 +++ src/remote/meson.build | 10 ++++++++++ src/secret/meson.build | 3 +++ src/storage/meson.build | 3 +++ src/vbox/meson.build | 3 +++ src/vz/meson.build | 3 +++ 13 files changed, 46 insertions(+) diff --git a/src/ch/meson.build b/src/ch/meson.build index 936b9bc95a..dc08069dcd 100644 --- a/src/ch/meson.build +++ b/src/ch/meson.build @@ -59,6 +59,9 @@ if conf.has('WITH_CH') 'service': 'virtchd', 'service_in': files('virtchd.service.in'), 'name': 'Libvirt ch', + 'socket_in': libvirtd_socket_in, + 'socket_ro_in': libvirtd_socket_ro_in, + 'socket_admin_in': libvirtd_socket_admin_in, } virt_install_dirs += [ diff --git a/src/interface/meson.build b/src/interface/meson.build index 06c5241fa3..6fa65117c3 100644 --- a/src/interface/meson.build +++ b/src/interface/meson.build @@ -46,6 +46,9 @@ if conf.has('WITH_INTERFACE') 'service': 'virtinterfaced', 'service_in': files('virtinterfaced.service.in'), 'name': 'Libvirt interface', + 'socket_in': libvirtd_socket_in, + 'socket_ro_in': libvirtd_socket_ro_in, + 'socket_admin_in': libvirtd_socket_admin_in, } openrc_init_files += { diff --git a/src/libxl/meson.build b/src/libxl/meson.build index db8ccde38e..a1553dbe27 100644 --- a/src/libxl/meson.build +++ b/src/libxl/meson.build @@ -68,6 +68,9 @@ if conf.has('WITH_LIBXL') 'service': 'virtxend', 'service_in': files('virtxend.service.in'), 'name': 'Libvirt libxl', + 'socket_in': libvirtd_socket_in, + 'socket_ro_in': libvirtd_socket_ro_in, + 'socket_admin_in': libvirtd_socket_admin_in, 'deps': 'ConditionPathExists=/proc/xen/capabilities', } diff --git a/src/lxc/meson.build b/src/lxc/meson.build index a8773f64a5..531078448c 100644 --- a/src/lxc/meson.build +++ b/src/lxc/meson.build @@ -166,6 +166,9 @@ if conf.has('WITH_LXC') 'service': 'virtlxcd', 'service_in': files('virtlxcd.service.in'), 'name': 'Libvirt lxc', + 'socket_in': libvirtd_socket_in, + 'socket_ro_in': libvirtd_socket_ro_in, + 'socket_admin_in': libvirtd_socket_admin_in, } openrc_init_files += { diff --git a/src/network/meson.build b/src/network/meson.build index 40abfaef7e..2e51d5d47b 100644 --- a/src/network/meson.build +++ b/src/network/meson.build @@ -64,6 +64,9 @@ if conf.has('WITH_NETWORK') 'service': 'virtnetworkd', 'service_in': files('virtnetworkd.service.in'), 'name': 'Libvirt network', + 'socket_in': libvirtd_socket_in, + 'socket_ro_in': libvirtd_socket_ro_in, + 'socket_admin_in': libvirtd_socket_admin_in, } openrc_init_files += { diff --git a/src/node_device/meson.build b/src/node_device/meson.build index 47d9f63600..dd60b1f819 100644 --- a/src/node_device/meson.build +++ b/src/node_device/meson.build @@ -54,6 +54,9 @@ if conf.has('WITH_NODE_DEVICES') 'service': 'virtnodedevd', 'service_in': files('virtnodedevd.service.in'), 'name': 'Libvirt nodedev', + 'socket_in': libvirtd_socket_in, + 'socket_ro_in': libvirtd_socket_ro_in, + 'socket_admin_in': libvirtd_socket_admin_in, } openrc_init_files += { diff --git a/src/nwfilter/meson.build b/src/nwfilter/meson.build index 5efdee7189..de672bb827 100644 --- a/src/nwfilter/meson.build +++ b/src/nwfilter/meson.build @@ -52,6 +52,9 @@ if conf.has('WITH_NWFILTER') 'service': 'virtnwfilterd', 'service_in': files('virtnwfilterd.service.in'), 'name': 'Libvirt nwfilter', + 'socket_in': libvirtd_socket_in, + 'socket_ro_in': libvirtd_socket_ro_in, + 'socket_admin_in': libvirtd_socket_admin_in, } openrc_init_files += { diff --git a/src/qemu/meson.build b/src/qemu/meson.build index afa9139d9a..b52497bdf0 100644 --- a/src/qemu/meson.build +++ b/src/qemu/meson.build @@ -185,6 +185,9 @@ if conf.has('WITH_QEMU') 'service': 'virtqemud', 'service_in': files('virtqemud.service.in'), 'name': 'Libvirt qemu', + 'socket_in': libvirtd_socket_in, + 'socket_ro_in': libvirtd_socket_ro_in, + 'socket_admin_in': libvirtd_socket_admin_in, } openrc_init_files += { diff --git a/src/remote/meson.build b/src/remote/meson.build index dc2f528d0b..78c08bf5ad 100644 --- a/src/remote/meson.build +++ b/src/remote/meson.build @@ -194,6 +194,11 @@ if conf.has('WITH_REMOTE') 'name': 'Libvirt', 'sockprefix': 'libvirt', 'sockets': [ 'main', 'ro', 'admin', 'tcp', 'tls' ], + 'socket_in': files('libvirtd.socket.in'), + 'socket_ro_in': files('libvirtd-ro.socket.in'), + 'socket_admin_in': files('libvirtd-admin.socket.in'), + 'socket_tcp_in': files('libvirtd-tcp.socket.in'), + 'socket_tls_in': files('libvirtd-tls.socket.in'), } openrc_init_files += { @@ -223,6 +228,11 @@ if conf.has('WITH_REMOTE') 'name': 'Libvirt proxy', 'sockprefix': 'libvirt', 'sockets': [ 'main', 'ro', 'admin', 'tcp', 'tls' ], + 'socket_in': files('libvirtd.socket.in'), + 'socket_ro_in': files('libvirtd-ro.socket.in'), + 'socket_admin_in': files('libvirtd-admin.socket.in'), + 'socket_tcp_in': files('libvirtd-tcp.socket.in'), + 'socket_tls_in': files('libvirtd-tls.socket.in'), } openrc_init_files += { diff --git a/src/secret/meson.build b/src/secret/meson.build index 49f6972f36..58e47c22e8 100644 --- a/src/secret/meson.build +++ b/src/secret/meson.build @@ -35,6 +35,9 @@ if conf.has('WITH_SECRETS') 'service': 'virtsecretd', 'service_in': files('virtsecretd.service.in'), 'name': 'Libvirt secret', + 'socket_in': libvirtd_socket_in, + 'socket_ro_in': libvirtd_socket_ro_in, + 'socket_admin_in': libvirtd_socket_admin_in, } openrc_init_files += { diff --git a/src/storage/meson.build b/src/storage/meson.build index d0d0b72228..e0a1e9f4de 100644 --- a/src/storage/meson.build +++ b/src/storage/meson.build @@ -113,6 +113,9 @@ if conf.has('WITH_STORAGE') 'service': 'virtstoraged', 'service_in': files('virtstoraged.service.in'), 'name': 'Libvirt storage', + 'socket_in': libvirtd_socket_in, + 'socket_ro_in': libvirtd_socket_ro_in, + 'socket_admin_in': libvirtd_socket_admin_in, } openrc_init_files += { diff --git a/src/vbox/meson.build b/src/vbox/meson.build index 9f2fb0f938..2d6b71ab8f 100644 --- a/src/vbox/meson.build +++ b/src/vbox/meson.build @@ -59,6 +59,9 @@ if conf.has('WITH_VBOX') 'service': 'virtvboxd', 'service_in': files('virtvboxd.service.in'), 'name': 'Libvirt vbox', + 'socket_in': libvirtd_socket_in, + 'socket_ro_in': libvirtd_socket_ro_in, + 'socket_admin_in': libvirtd_socket_admin_in, } openrc_init_files += { diff --git a/src/vz/meson.build b/src/vz/meson.build index 4c8747e3eb..9c2eb90463 100644 --- a/src/vz/meson.build +++ b/src/vz/meson.build @@ -50,6 +50,9 @@ if conf.has('WITH_VZ') 'service': 'virtvzd', 'service_in': files('virtvzd.service.in'), 'name': 'Libvirt vz', + 'socket_in': libvirtd_socket_in, + 'socket_ro_in': libvirtd_socket_ro_in, + 'socket_admin_in': libvirtd_socket_admin_in, } openrc_init_files += { -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:06PM +0200, Andrea Bolognani wrote:
We're about to change the defaults and start migrating to common templates: in order to be able to switch units over one at a time, make the input files that are currently used explicit rather than implicit.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/ch/meson.build | 3 +++ src/interface/meson.build | 3 +++ src/libxl/meson.build | 3 +++ src/lxc/meson.build | 3 +++ src/network/meson.build | 3 +++ src/node_device/meson.build | 3 +++ src/nwfilter/meson.build | 3 +++ src/qemu/meson.build | 3 +++ src/remote/meson.build | 10 ++++++++++ src/secret/meson.build | 3 +++ src/storage/meson.build | 3 +++ src/vbox/meson.build | 3 +++ src/vz/meson.build | 3 +++ 13 files changed, 46 insertions(+)
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

We already use templating to generate sockets, which are all based off libvirtd's. Push the idea further, and extend it to cover services as well. This is more challenging, as the various modular daemons each have their own needs in terms of what system services needs to be available before they can be started, which other components of libvirt they depend on, and so on. In order to make this sort of per-service tweaks possible, we introduce a Python script that can merge two systemd units together. The script is aware of the semantics of systemd's unit definition format, so it can intelligently merge sections together. This generic systemd unit merging mechanism will also supersede the extremely ad-hoc @deps@ variable, which is currently used in a single scenario. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- scripts/merge-systemd-units.py | 91 ++++++++++++++++++++++++++++++++++ scripts/meson.build | 1 + src/meson.build | 22 ++++++++ src/virtd-admin.socket.in | 13 +++++ src/virtd-ro.socket.in | 13 +++++ src/virtd-tcp.socket.in | 12 +++++ src/virtd-tls.socket.in | 12 +++++ src/virtd.service.in | 25 ++++++++++ src/virtd.socket.in | 12 +++++ 9 files changed, 201 insertions(+) create mode 100755 scripts/merge-systemd-units.py create mode 100644 src/virtd-admin.socket.in create mode 100644 src/virtd-ro.socket.in create mode 100644 src/virtd-tcp.socket.in create mode 100644 src/virtd-tls.socket.in create mode 100644 src/virtd.service.in create mode 100644 src/virtd.socket.in diff --git a/scripts/merge-systemd-units.py b/scripts/merge-systemd-units.py new file mode 100755 index 0000000000..136bc8d416 --- /dev/null +++ b/scripts/merge-systemd-units.py @@ -0,0 +1,91 @@ +#!/usr/bin/env python3 + +import sys + +SECTIONS = [ + '[Unit]', + '[Service]', + '[Socket]', + '[Install]', +] + + +def parse_unit(unit_path): + unit = {} + current_section = '[Invalid]' + + with open(unit_path) as f: + for line in f: + line = line.strip() + + if line == '': + continue + + if line[0] == '[' and line[-1] == ']': + if line not in SECTIONS: + print('Unknown section {}'.format(line)) + sys.exit(1) + + current_section = line + continue + + if current_section not in unit: + unit[current_section] = [] + + unit[current_section].append(line) + + if '[Invalid]' in unit: + print('Contents found outside of any section') + sys.exit(1) + + return unit + + +def format_unit(unit): + lines = [] + + for section in SECTIONS: + if section not in unit: + continue + + lines.append(section) + + for line in unit[section]: + lines.append(line) + + lines.append('') + + return '\n'.join(lines) + + +def merge_units(base, extra): + merged = {} + + for section in SECTIONS: + if section in extra and section not in base: + print('Section {} in extra but not in base'.format(section)) + sys.exit(1) + + if section not in base: + continue + + merged[section] = base[section] + + if section not in extra: + continue + + merged[section].extend(extra[section]) + + return merged + + +if len(sys.argv) < 2: + print('usage: {} BASE EXTRA'.format(sys.argv[0])) + sys.exit(1) + +base = parse_unit(sys.argv[1]) +extra = parse_unit(sys.argv[2]) + +merged = merge_units(base, extra) + +sys.stdout.write(format_unit(merged)) diff --git a/scripts/meson.build b/scripts/meson.build index 05b71184f1..65fd1e21c5 100644 --- a/scripts/meson.build +++ b/scripts/meson.build @@ -19,6 +19,7 @@ scripts = [ 'header-ifdef.py', 'hvsupport.py', 'hyperv_wmi_generator.py', + 'merge-systemd-units.py', 'meson-dist.py', 'meson-gen-authors.py', 'meson-gen-def.py', diff --git a/src/meson.build b/src/meson.build index 2fbf98b9fe..02c92621ba 100644 --- a/src/meson.build +++ b/src/meson.build @@ -203,6 +203,8 @@ libvirtd_socket_admin_in = files('remote' / 'libvirtd-admin.socket.in') # * sockets - array of additional sockets (optional, default [ 'main', 'ro', 'admin' ]) # * service_in - service source file (optional, default remote/libvirtd.service.in) # * socket_$name_in - additional socket source files (optional, default remote/libvirtd.socket.in ) +# * service_extra_in - unit to merge with service_in (optional, default None) +# * socket_extra_in - unit to merge with socket_$name_in (optional, default None) # * deps - socket dependencies (optional, default '') virt_daemon_units = [] @@ -817,6 +819,7 @@ if conf.has('WITH_LIBVIRTD') 'initconfdir': initconfdir, 'name': unit['name'], 'service': unit['service'], + 'SERVICE': unit['service'].to_upper(), 'sockprefix': unit.get('sockprefix', unit['service']), 'deps': unit.get('deps', ''), 'sockmode': sockmode, @@ -825,6 +828,15 @@ if conf.has('WITH_LIBVIRTD') service_in = unit.get('service_in', service_in_default) service_out = '@0@.service'.format(unit['service']) + if 'service_extra_in' in unit + service_in = configure_file( + input: [ service_in, unit['service_extra_in'] ], + output: '@0@.in'.format(service_out), + command: [ merge_systemd_units_prog, '@INPUT0@', '@INPUT1@' ], + capture: true, + ) + endif + configure_file( input: service_in, output: service_out, @@ -843,6 +855,16 @@ if conf.has('WITH_LIBVIRTD') socket_in = unit.get('socket_@0@_in'.format(socket), socket_in_default) socket_out = '@0@-@1@.socket'.format(unit['service'], socket) endif + + if 'socket_extra_in' in unit + socket_in = configure_file( + input: [ socket_in, unit['socket_extra_in'] ], + output: '@0@.in'.format(socket_out), + command: [ merge_systemd_units_prog, '@INPUT0@', '@INPUT1@' ], + capture: true, + ) + endif + configure_file( input: socket_in, output: socket_out, diff --git a/src/virtd-admin.socket.in b/src/virtd-admin.socket.in new file mode 100644 index 0000000000..39bb0badea --- /dev/null +++ b/src/virtd-admin.socket.in @@ -0,0 +1,13 @@ +[Unit] +Description=@name@ admin socket +Before=@service@.service +BindsTo=@service@.socket +After=@service@.socket + +[Socket] +ListenStream=@runstatedir@/libvirt/@sockprefix@-admin-sock +Service=@service@.service +SocketMode=0600 + +[Install] +WantedBy=sockets.target diff --git a/src/virtd-ro.socket.in b/src/virtd-ro.socket.in new file mode 100644 index 0000000000..b7b7ae0dd8 --- /dev/null +++ b/src/virtd-ro.socket.in @@ -0,0 +1,13 @@ +[Unit] +Description=@name@ local read-only socket +Before=@service@.service +BindsTo=@service@.socket +After=@service@.socket + +[Socket] +ListenStream=@runstatedir@/libvirt/@sockprefix@-sock-ro +Service=@service@.service +SocketMode=0666 + +[Install] +WantedBy=sockets.target diff --git a/src/virtd-tcp.socket.in b/src/virtd-tcp.socket.in new file mode 100644 index 0000000000..7c8bcdb525 --- /dev/null +++ b/src/virtd-tcp.socket.in @@ -0,0 +1,12 @@ +[Unit] +Description=@name@ non-TLS IP socket +Before=@service@.service +BindsTo=@service@.socket +After=@service@.socket + +[Socket] +ListenStream=16509 +Service=@service@.service + +[Install] +WantedBy=sockets.target diff --git a/src/virtd-tls.socket.in b/src/virtd-tls.socket.in new file mode 100644 index 0000000000..c6dceb2d4e --- /dev/null +++ b/src/virtd-tls.socket.in @@ -0,0 +1,12 @@ +[Unit] +Description=@name@ TLS IP socket +Before=@service@.service +BindsTo=@service@.socket +After=@service@.socket + +[Socket] +ListenStream=16514 +Service=@service@.service + +[Install] +WantedBy=sockets.target diff --git a/src/virtd.service.in b/src/virtd.service.in new file mode 100644 index 0000000000..76f9c60351 --- /dev/null +++ b/src/virtd.service.in @@ -0,0 +1,25 @@ +[Unit] +Description=@name@ daemon +Conflicts=libvirtd.service +Requires=@service@.socket +Requires=@service@-ro.socket +Requires=@service@-admin.socket +After=network.target +After=dbus.service +After=apparmor.service +Documentation=man:@service@(8) +Documentation=https://libvirt.org + +[Service] +Type=notify +Environment=@SERVICE@_ARGS="--timeout 120" +EnvironmentFile=-@initconfdir@/@service@ +ExecStart=@sbindir@/@service@ $@SERVICE@_ARGS +ExecReload=/bin/kill -HUP $MAINPID +Restart=on-failure + +[Install] +WantedBy=multi-user.target +Also=@service@.socket +Also=@service@-ro.socket +Also=@service@-admin.socket diff --git a/src/virtd.socket.in b/src/virtd.socket.in new file mode 100644 index 0000000000..aec0708fd4 --- /dev/null +++ b/src/virtd.socket.in @@ -0,0 +1,12 @@ +[Unit] +Description=@name@ local socket +Before=@service@.service + +[Socket] +ListenStream=@runstatedir@/libvirt/@sockprefix@-sock +Service=@service@.service +SocketMode=@sockmode@ +RemoveOnStop=yes + +[Install] +WantedBy=sockets.target -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:07PM +0200, Andrea Bolognani wrote:
We already use templating to generate sockets, which are all based off libvirtd's. Push the idea further, and extend it to cover services as well.
This is more challenging, as the various modular daemons each have their own needs in terms of what system services needs to be available before they can be started, which other components of libvirt they depend on, and so on.
In order to make this sort of per-service tweaks possible, we introduce a Python script that can merge two systemd units together. The script is aware of the semantics of systemd's unit definition format, so it can intelligently merge sections together.
This generic systemd unit merging mechanism will also supersede the extremely ad-hoc @deps@ variable, which is currently used in a single scenario.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- scripts/merge-systemd-units.py | 91 ++++++++++++++++++++++++++++++++++ scripts/meson.build | 1 + src/meson.build | 22 ++++++++ src/virtd-admin.socket.in | 13 +++++ src/virtd-ro.socket.in | 13 +++++ src/virtd-tcp.socket.in | 12 +++++ src/virtd-tls.socket.in | 12 +++++ src/virtd.service.in | 25 ++++++++++ src/virtd.socket.in | 12 +++++ 9 files changed, 201 insertions(+) create mode 100755 scripts/merge-systemd-units.py create mode 100644 src/virtd-admin.socket.in create mode 100644 src/virtd-ro.socket.in create mode 100644 src/virtd-tcp.socket.in create mode 100644 src/virtd-tls.socket.in create mode 100644 src/virtd.service.in create mode 100644 src/virtd.socket.in
diff --git a/scripts/merge-systemd-units.py b/scripts/merge-systemd-units.py new file mode 100755 index 0000000000..136bc8d416 --- /dev/null +++ b/scripts/merge-systemd-units.py @@ -0,0 +1,91 @@ +#!/usr/bin/env python3
Stick a license header of SPDX tag on this. Also if you didn't already do it, run the file through 'black' and let it do whatever it wants todo to formatting. ...reminds me we really ought to get around to running 'black' on the rest of our existing python.
+ +import sys + +SECTIONS = [ + '[Unit]', + '[Service]', + '[Socket]', + '[Install]', +] + + +def parse_unit(unit_path): + unit = {} + current_section = '[Invalid]' + + with open(unit_path) as f: + for line in f: + line = line.strip() + + if line == '': + continue + + if line[0] == '[' and line[-1] == ']': + if line not in SECTIONS: + print('Unknown section {}'.format(line)) + sys.exit(1) + + current_section = line + continue + + if current_section not in unit: + unit[current_section] = [] + + unit[current_section].append(line) + + if '[Invalid]' in unit: + print('Contents found outside of any section') + sys.exit(1) + + return unit + + +def format_unit(unit): + lines = [] + + for section in SECTIONS: + if section not in unit: + continue + + lines.append(section) + + for line in unit[section]: + lines.append(line) + + lines.append('') + + return '\n'.join(lines) + + +def merge_units(base, extra): + merged = {} + + for section in SECTIONS: + if section in extra and section not in base: + print('Section {} in extra but not in base'.format(section)) + sys.exit(1) + + if section not in base: + continue + + merged[section] = base[section] + + if section not in extra: + continue + + merged[section].extend(extra[section]) + + return merged + + +if len(sys.argv) < 2: + print('usage: {} BASE EXTRA'.format(sys.argv[0])) + sys.exit(1) + +base = parse_unit(sys.argv[1]) +extra = parse_unit(sys.argv[2]) + +merged = merge_units(base, extra) + +sys.stdout.write(format_unit(merged)) diff --git a/scripts/meson.build b/scripts/meson.build index 05b71184f1..65fd1e21c5 100644 --- a/scripts/meson.build +++ b/scripts/meson.build @@ -19,6 +19,7 @@ scripts = [ 'header-ifdef.py', 'hvsupport.py', 'hyperv_wmi_generator.py', + 'merge-systemd-units.py', 'meson-dist.py', 'meson-gen-authors.py', 'meson-gen-def.py', diff --git a/src/meson.build b/src/meson.build index 2fbf98b9fe..02c92621ba 100644 --- a/src/meson.build +++ b/src/meson.build @@ -203,6 +203,8 @@ libvirtd_socket_admin_in = files('remote' / 'libvirtd-admin.socket.in') # * sockets - array of additional sockets (optional, default [ 'main', 'ro', 'admin' ]) # * service_in - service source file (optional, default remote/libvirtd.service.in) # * socket_$name_in - additional socket source files (optional, default remote/libvirtd.socket.in ) +# * service_extra_in - unit to merge with service_in (optional, default None) +# * socket_extra_in - unit to merge with socket_$name_in (optional, default None) # * deps - socket dependencies (optional, default '') virt_daemon_units = []
@@ -817,6 +819,7 @@ if conf.has('WITH_LIBVIRTD') 'initconfdir': initconfdir, 'name': unit['name'], 'service': unit['service'], + 'SERVICE': unit['service'].to_upper(), 'sockprefix': unit.get('sockprefix', unit['service']), 'deps': unit.get('deps', ''), 'sockmode': sockmode, @@ -825,6 +828,15 @@ if conf.has('WITH_LIBVIRTD') service_in = unit.get('service_in', service_in_default) service_out = '@0@.service'.format(unit['service'])
+ if 'service_extra_in' in unit + service_in = configure_file( + input: [ service_in, unit['service_extra_in'] ], + output: '@0@.in'.format(service_out), + command: [ merge_systemd_units_prog, '@INPUT0@', '@INPUT1@' ], + capture: true, + ) + endif + configure_file( input: service_in, output: service_out, @@ -843,6 +855,16 @@ if conf.has('WITH_LIBVIRTD') socket_in = unit.get('socket_@0@_in'.format(socket), socket_in_default) socket_out = '@0@-@1@.socket'.format(unit['service'], socket) endif + + if 'socket_extra_in' in unit + socket_in = configure_file( + input: [ socket_in, unit['socket_extra_in'] ], + output: '@0@.in'.format(socket_out), + command: [ merge_systemd_units_prog, '@INPUT0@', '@INPUT1@' ], + capture: true, + ) + endif + configure_file( input: socket_in, output: socket_out, diff --git a/src/virtd-admin.socket.in b/src/virtd-admin.socket.in new file mode 100644 index 0000000000..39bb0badea --- /dev/null +++ b/src/virtd-admin.socket.in @@ -0,0 +1,13 @@ +[Unit] +Description=@name@ admin socket +Before=@service@.service +BindsTo=@service@.socket +After=@service@.socket + +[Socket] +ListenStream=@runstatedir@/libvirt/@sockprefix@-admin-sock +Service=@service@.service +SocketMode=0600 + +[Install] +WantedBy=sockets.target diff --git a/src/virtd-ro.socket.in b/src/virtd-ro.socket.in new file mode 100644 index 0000000000..b7b7ae0dd8 --- /dev/null +++ b/src/virtd-ro.socket.in @@ -0,0 +1,13 @@ +[Unit] +Description=@name@ local read-only socket +Before=@service@.service +BindsTo=@service@.socket +After=@service@.socket + +[Socket] +ListenStream=@runstatedir@/libvirt/@sockprefix@-sock-ro +Service=@service@.service +SocketMode=0666 + +[Install] +WantedBy=sockets.target diff --git a/src/virtd-tcp.socket.in b/src/virtd-tcp.socket.in new file mode 100644 index 0000000000..7c8bcdb525 --- /dev/null +++ b/src/virtd-tcp.socket.in @@ -0,0 +1,12 @@ +[Unit] +Description=@name@ non-TLS IP socket +Before=@service@.service +BindsTo=@service@.socket +After=@service@.socket + +[Socket] +ListenStream=16509 +Service=@service@.service + +[Install] +WantedBy=sockets.target diff --git a/src/virtd-tls.socket.in b/src/virtd-tls.socket.in new file mode 100644 index 0000000000..c6dceb2d4e --- /dev/null +++ b/src/virtd-tls.socket.in @@ -0,0 +1,12 @@ +[Unit] +Description=@name@ TLS IP socket +Before=@service@.service +BindsTo=@service@.socket +After=@service@.socket + +[Socket] +ListenStream=16514 +Service=@service@.service + +[Install] +WantedBy=sockets.target diff --git a/src/virtd.service.in b/src/virtd.service.in new file mode 100644 index 0000000000..76f9c60351 --- /dev/null +++ b/src/virtd.service.in @@ -0,0 +1,25 @@ +[Unit] +Description=@name@ daemon +Conflicts=libvirtd.service +Requires=@service@.socket +Requires=@service@-ro.socket +Requires=@service@-admin.socket +After=network.target +After=dbus.service +After=apparmor.service +Documentation=man:@service@(8) +Documentation=https://libvirt.org + +[Service] +Type=notify +Environment=@SERVICE@_ARGS="--timeout 120" +EnvironmentFile=-@initconfdir@/@service@ +ExecStart=@sbindir@/@service@ $@SERVICE@_ARGS +ExecReload=/bin/kill -HUP $MAINPID +Restart=on-failure + +[Install] +WantedBy=multi-user.target +Also=@service@.socket +Also=@service@-ro.socket +Also=@service@-admin.socket diff --git a/src/virtd.socket.in b/src/virtd.socket.in new file mode 100644 index 0000000000..aec0708fd4 --- /dev/null +++ b/src/virtd.socket.in @@ -0,0 +1,12 @@ +[Unit] +Description=@name@ local socket +Before=@service@.service + +[Socket] +ListenStream=@runstatedir@/libvirt/@sockprefix@-sock +Service=@service@.service +SocketMode=@sockmode@ +RemoveOnStop=yes + +[Install] +WantedBy=sockets.target -- 2.41.0
With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

On Thu, Sep 28, 2023 at 09:24:11AM +0100, Daniel P. Berrangé wrote:
On Wed, Sep 27, 2023 at 06:19:07PM +0200, Andrea Bolognani wrote:
+++ b/scripts/merge-systemd-units.py @@ -0,0 +1,91 @@ +#!/usr/bin/env python3
Stick a license header of SPDX tag on this.
Done (patch below).
Also if you didn't already do it, run the file through 'black' and let it do whatever it wants todo to formatting.
It just changed all single quotes into double quotes :) ----- 8< ----- 8< ----- 8< ----- 8< ----- 8< ----- 8< ----- 8< ----- 8< ----- diff --git a/scripts/merge-systemd-units.py b/scripts/merge-systemd-units.py index f54c9556c9..bc3321230d 100755 --- a/scripts/merge-systemd-units.py +++ b/scripts/merge-systemd-units.py @@ -1,5 +1,8 @@ #!/usr/bin/env python3 +# Copyright (C) 2023 Red Hat, Inc. +# SPDX-License-Identifier: LGPL-2.1-or-later + import sys SECTIONS = [ ----- >8 ----- >8 ----- >8 ----- >8 ----- >8 ----- >8 ----- >8 ----- >8 ----- -- Andrea Bolognani / Red Hat / Virtualization

On Thu, Sep 28, 2023 at 04:30:03AM -0500, Andrea Bolognani wrote:
On Thu, Sep 28, 2023 at 09:24:11AM +0100, Daniel P. Berrangé wrote:
On Wed, Sep 27, 2023 at 06:19:07PM +0200, Andrea Bolognani wrote:
+++ b/scripts/merge-systemd-units.py @@ -0,0 +1,91 @@ +#!/usr/bin/env python3
Stick a license header of SPDX tag on this.
Done (patch below).
Also if you didn't already do it, run the file through 'black' and let it do whatever it wants todo to formatting.
It just changed all single quotes into double quotes :)
----- 8< ----- 8< ----- 8< ----- 8< ----- 8< ----- 8< ----- 8< ----- 8< ----- diff --git a/scripts/merge-systemd-units.py b/scripts/merge-systemd-units.py index f54c9556c9..bc3321230d 100755 --- a/scripts/merge-systemd-units.py +++ b/scripts/merge-systemd-units.py @@ -1,5 +1,8 @@ #!/usr/bin/env python3
+# Copyright (C) 2023 Red Hat, Inc. +# SPDX-License-Identifier: LGPL-2.1-or-later + import sys
SECTIONS = [ ----- >8 ----- >8 ----- >8 ----- >8 ----- >8 ----- >8 ----- >8 ----- >8 -----
Can I consider the patch Reviewed-by: you with the above (and the trivial changes to quotess applied by black) squashed in, or do you want me to send a v3 for that? Everything else is ACKed at this point, but I'm not going to push until 9.9.0 is open for business anyway. By the way, thank you for the review! And thanks to both you and Pavel for pushing me in the direction of having most of the processing performed by an external Python script instead of directly by meson! It ended up looking *a lot* nicer than what I had :) -- Andrea Bolognani / Red Hat / Virtualization

On Thu, Sep 28, 2023 at 06:52:35AM -0500, Andrea Bolognani wrote:
On Thu, Sep 28, 2023 at 04:30:03AM -0500, Andrea Bolognani wrote:
On Thu, Sep 28, 2023 at 09:24:11AM +0100, Daniel P. Berrangé wrote:
On Wed, Sep 27, 2023 at 06:19:07PM +0200, Andrea Bolognani wrote:
+++ b/scripts/merge-systemd-units.py @@ -0,0 +1,91 @@ +#!/usr/bin/env python3
Stick a license header of SPDX tag on this.
Done (patch below).
Also if you didn't already do it, run the file through 'black' and let it do whatever it wants todo to formatting.
It just changed all single quotes into double quotes :)
----- 8< ----- 8< ----- 8< ----- 8< ----- 8< ----- 8< ----- 8< ----- 8< ----- diff --git a/scripts/merge-systemd-units.py b/scripts/merge-systemd-units.py index f54c9556c9..bc3321230d 100755 --- a/scripts/merge-systemd-units.py +++ b/scripts/merge-systemd-units.py @@ -1,5 +1,8 @@ #!/usr/bin/env python3
+# Copyright (C) 2023 Red Hat, Inc. +# SPDX-License-Identifier: LGPL-2.1-or-later + import sys
SECTIONS = [ ----- >8 ----- >8 ----- >8 ----- >8 ----- >8 ----- >8 ----- >8 ----- >8 -----
Can I consider the patch Reviewed-by: you with the above (and the trivial changes to quotess applied by black) squashed in, or do you want me to send a v3 for that? Everything else is ACKed at this point, but I'm not going to push until 9.9.0 is open for business anyway.
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

All services are still listing their input files explicitly, so no changes to the output files will occur yet. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/meson.build | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/meson.build b/src/meson.build index 02c92621ba..0fbefe37d5 100644 --- a/src/meson.build +++ b/src/meson.build @@ -201,8 +201,8 @@ libvirtd_socket_admin_in = files('remote' / 'libvirtd-admin.socket.in') # * name - socket description (required) # * sockprefix - socket prefix name (optional, default unit['service']) # * sockets - array of additional sockets (optional, default [ 'main', 'ro', 'admin' ]) -# * service_in - service source file (optional, default remote/libvirtd.service.in) -# * socket_$name_in - additional socket source files (optional, default remote/libvirtd.socket.in ) +# * service_in - service source file (optional, default virtd.service.in) +# * socket_$name_in - additional socket source files (optional, default virtd.socket.in or virtd-$name.socket.in) # * service_extra_in - unit to merge with service_in (optional, default None) # * socket_extra_in - unit to merge with socket_$name_in (optional, default None) # * deps - socket dependencies (optional, default '') @@ -809,7 +809,7 @@ if conf.has('WITH_LIBVIRTD') sockmode = '0600' endif - service_in_default = 'remote' / 'libvirtd.service.in' + service_in_default = 'virtd.service.in' foreach unit : virt_daemon_units unit_conf = configuration_data({ @@ -847,11 +847,11 @@ if conf.has('WITH_LIBVIRTD') foreach socket : unit.get('sockets', [ 'main', 'ro', 'admin' ]) if socket == 'main' - socket_in_default = 'remote' / 'libvirtd.socket.in' + socket_in_default = 'virtd.socket.in' socket_in = unit.get('socket_in', socket_in_default) socket_out = '@0@.socket'.format(unit['service']) else - socket_in_default = 'remote' / 'libvirtd-@0@.socket.in'.format(socket) + socket_in_default = 'virtd-@0@.socket.in'.format(socket) socket_in = unit.get('socket_@0@_in'.format(socket), socket_in_default) socket_out = '@0@-@1@.socket'.format(unit['service'], socket) endif -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:08PM +0200, Andrea Bolognani wrote:
All services are still listing their input files explicitly, so no changes to the output files will occur yet.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/meson.build | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-)
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/node_device/meson.build | 4 ---- src/node_device/virtnodedevd.service.in | 25 ------------------------- 2 files changed, 29 deletions(-) delete mode 100644 src/node_device/virtnodedevd.service.in diff --git a/src/node_device/meson.build b/src/node_device/meson.build index dd60b1f819..2614ff8b9c 100644 --- a/src/node_device/meson.build +++ b/src/node_device/meson.build @@ -52,11 +52,7 @@ if conf.has('WITH_NODE_DEVICES') virt_daemon_units += { 'service': 'virtnodedevd', - 'service_in': files('virtnodedevd.service.in'), 'name': 'Libvirt nodedev', - 'socket_in': libvirtd_socket_in, - 'socket_ro_in': libvirtd_socket_ro_in, - 'socket_admin_in': libvirtd_socket_admin_in, } openrc_init_files += { diff --git a/src/node_device/virtnodedevd.service.in b/src/node_device/virtnodedevd.service.in deleted file mode 100644 index 2ac41db32e..0000000000 --- a/src/node_device/virtnodedevd.service.in +++ /dev/null @@ -1,25 +0,0 @@ -[Unit] -Description=Virtualization nodedev daemon -Conflicts=libvirtd.service -Requires=virtnodedevd.socket -Requires=virtnodedevd-ro.socket -Requires=virtnodedevd-admin.socket -After=network.target -After=dbus.service -After=apparmor.service -Documentation=man:virtnodedevd(8) -Documentation=https://libvirt.org - -[Service] -Type=notify -Environment=VIRTNODEDEVD_ARGS="--timeout 120" -EnvironmentFile=-@initconfdir@/virtnodedevd -ExecStart=@sbindir@/virtnodedevd $VIRTNODEDEVD_ARGS -ExecReload=/bin/kill -HUP $MAINPID -Restart=on-failure - -[Install] -WantedBy=multi-user.target -Also=virtnodedevd.socket -Also=virtnodedevd-ro.socket -Also=virtnodedevd-admin.socket -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:09PM +0200, Andrea Bolognani wrote:
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/node_device/meson.build | 4 ---- src/node_device/virtnodedevd.service.in | 25 -------------------------
2 files changed, 29 deletions(-) delete mode 100644 src/node_device/virtnodedevd.service.in
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Though I wonder if its worth just keeping an empty stub here, with the section headings. It'd be a little confusing to see the stubs present for some daemons but not others. With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

On Thu, Sep 28, 2023 at 11:16:53AM +0100, Daniel P. Berrangé wrote:
On Wed, Sep 27, 2023 at 06:19:09PM +0200, Andrea Bolognani wrote:
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/node_device/meson.build | 4 ---- src/node_device/virtnodedevd.service.in | 25 -------------------------
2 files changed, 29 deletions(-) delete mode 100644 src/node_device/virtnodedevd.service.in
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Though I wonder if its worth just keeping an empty stub here, with the section headings. It'd be a little confusing to see the stubs present for some daemons but not others.
We'd have to do the same for sockets then, on account of virtxend using an override for them. Maybe we could change the merge script so that contents before the start of the first section are simply ignored, and then have $ cat src/node_device/virtnodedevd.service.in # Merged into src/virtd.service.in $ cat src/node_device/virtnodedevd.socket.in # Merged into src/virtd*.socket.in for services that don't need any overrides, and $ cat src/libxl/virtxend.service.extra.in # Merged into src/virtd.service.in [Unit] Wants=virtlockd.socket After=virtlockd.socket ... $ cat src/libxl/virtxend.socket.extra.in # Merged into src/virtd*.socket.in [Unit] ConditionPathExists=/proc/xen/capabilities for services that do. It would mean introducing quite a number of additional files, but maybe the advantages in terms of discoverability make up for that downside? If we allow empty overrides, we might be even able to simplify the way the various services are defined in their meson.build files, by somehow deriving the path of the file instead of requiring it to be provided explicitly. That part could be tricky though. Overall I'm not opposed to the idea, but let's consider it for a follow-up instead of stalling this further, okay? -- Andrea Bolognani / Red Hat / Virtualization

On Thu, Sep 28, 2023 at 05:38:45AM -0500, Andrea Bolognani wrote:
On Thu, Sep 28, 2023 at 11:16:53AM +0100, Daniel P. Berrangé wrote:
On Wed, Sep 27, 2023 at 06:19:09PM +0200, Andrea Bolognani wrote:
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/node_device/meson.build | 4 ---- src/node_device/virtnodedevd.service.in | 25 -------------------------
2 files changed, 29 deletions(-) delete mode 100644 src/node_device/virtnodedevd.service.in
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Though I wonder if its worth just keeping an empty stub here, with the section headings. It'd be a little confusing to see the stubs present for some daemons but not others.
We'd have to do the same for sockets then, on account of virtxend using an override for them.
Maybe we could change the merge script so that contents before the start of the first section are simply ignored, and then have
$ cat src/node_device/virtnodedevd.service.in # Merged into src/virtd.service.in $ cat src/node_device/virtnodedevd.socket.in # Merged into src/virtd*.socket.in
for services that don't need any overrides, and
$ cat src/libxl/virtxend.service.extra.in # Merged into src/virtd.service.in
[Unit] Wants=virtlockd.socket After=virtlockd.socket ... $ cat src/libxl/virtxend.socket.extra.in # Merged into src/virtd*.socket.in
[Unit] ConditionPathExists=/proc/xen/capabilities
for services that do. It would mean introducing quite a number of additional files, but maybe the advantages in terms of discoverability make up for that downside?
Yeah, I think that's a nice idea.
If we allow empty overrides, we might be even able to simplify the way the various services are defined in their meson.build files, by somehow deriving the path of the file instead of requiring it to be provided explicitly. That part could be tricky though.
Overall I'm not opposed to the idea, but let's consider it for a follow-up instead of stalling this further, okay?
Sure With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/interface/meson.build | 4 ---- src/interface/virtinterfaced.service.in | 25 ------------------------- 2 files changed, 29 deletions(-) delete mode 100644 src/interface/virtinterfaced.service.in diff --git a/src/interface/meson.build b/src/interface/meson.build index 6fa65117c3..54c0b1a935 100644 --- a/src/interface/meson.build +++ b/src/interface/meson.build @@ -44,11 +44,7 @@ if conf.has('WITH_INTERFACE') virt_daemon_units += { 'service': 'virtinterfaced', - 'service_in': files('virtinterfaced.service.in'), 'name': 'Libvirt interface', - 'socket_in': libvirtd_socket_in, - 'socket_ro_in': libvirtd_socket_ro_in, - 'socket_admin_in': libvirtd_socket_admin_in, } openrc_init_files += { diff --git a/src/interface/virtinterfaced.service.in b/src/interface/virtinterfaced.service.in deleted file mode 100644 index 5cb2cd19dc..0000000000 --- a/src/interface/virtinterfaced.service.in +++ /dev/null @@ -1,25 +0,0 @@ -[Unit] -Description=Virtualization interface daemon -Conflicts=libvirtd.service -Requires=virtinterfaced.socket -Requires=virtinterfaced-ro.socket -Requires=virtinterfaced-admin.socket -After=network.target -After=dbus.service -After=apparmor.service -Documentation=man:virtinterfaced(8) -Documentation=https://libvirt.org - -[Service] -Type=notify -Environment=VIRTINTERFACED_ARGS="--timeout 120" -EnvironmentFile=-@initconfdir@/virtinterfaced -ExecStart=@sbindir@/virtinterfaced $VIRTINTERFACED_ARGS -ExecReload=/bin/kill -HUP $MAINPID -Restart=on-failure - -[Install] -WantedBy=multi-user.target -Also=virtinterfaced.socket -Also=virtinterfaced-ro.socket -Also=virtinterfaced-admin.socket -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:10PM +0200, Andrea Bolognani wrote:
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/interface/meson.build | 4 ---- src/interface/virtinterfaced.service.in | 25 ------------------------- 2 files changed, 29 deletions(-) delete mode 100644 src/interface/virtinterfaced.service.in
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/nwfilter/meson.build | 4 ---- src/nwfilter/virtnwfilterd.service.in | 25 ------------------------- 2 files changed, 29 deletions(-) delete mode 100644 src/nwfilter/virtnwfilterd.service.in diff --git a/src/nwfilter/meson.build b/src/nwfilter/meson.build index de672bb827..c091bc3f1b 100644 --- a/src/nwfilter/meson.build +++ b/src/nwfilter/meson.build @@ -50,11 +50,7 @@ if conf.has('WITH_NWFILTER') virt_daemon_units += { 'service': 'virtnwfilterd', - 'service_in': files('virtnwfilterd.service.in'), 'name': 'Libvirt nwfilter', - 'socket_in': libvirtd_socket_in, - 'socket_ro_in': libvirtd_socket_ro_in, - 'socket_admin_in': libvirtd_socket_admin_in, } openrc_init_files += { diff --git a/src/nwfilter/virtnwfilterd.service.in b/src/nwfilter/virtnwfilterd.service.in deleted file mode 100644 index d6e98240a8..0000000000 --- a/src/nwfilter/virtnwfilterd.service.in +++ /dev/null @@ -1,25 +0,0 @@ -[Unit] -Description=Virtualization nwfilter daemon -Conflicts=libvirtd.service -Requires=virtnwfilterd.socket -Requires=virtnwfilterd-ro.socket -Requires=virtnwfilterd-admin.socket -After=network.target -After=dbus.service -After=apparmor.service -Documentation=man:virtnwfilterd(8) -Documentation=https://libvirt.org - -[Service] -Type=notify -Environment=VIRTNWFILTERD_ARGS="--timeout 120" -EnvironmentFile=-@initconfdir@/virtnwfilterd -ExecStart=@sbindir@/virtnwfilterd $VIRTNWFILTERD_ARGS -ExecReload=/bin/kill -HUP $MAINPID -Restart=on-failure - -[Install] -WantedBy=multi-user.target -Also=virtnwfilterd.socket -Also=virtnwfilterd-ro.socket -Also=virtnwfilterd-admin.socket -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:11PM +0200, Andrea Bolognani wrote:
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/nwfilter/meson.build | 4 ---- src/nwfilter/virtnwfilterd.service.in | 25 ------------------------- 2 files changed, 29 deletions(-) delete mode 100644 src/nwfilter/virtnwfilterd.service.in
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/secret/meson.build | 4 ---- src/secret/virtsecretd.service.in | 25 ------------------------- 2 files changed, 29 deletions(-) delete mode 100644 src/secret/virtsecretd.service.in diff --git a/src/secret/meson.build b/src/secret/meson.build index 58e47c22e8..e05b46abea 100644 --- a/src/secret/meson.build +++ b/src/secret/meson.build @@ -33,11 +33,7 @@ if conf.has('WITH_SECRETS') virt_daemon_units += { 'service': 'virtsecretd', - 'service_in': files('virtsecretd.service.in'), 'name': 'Libvirt secret', - 'socket_in': libvirtd_socket_in, - 'socket_ro_in': libvirtd_socket_ro_in, - 'socket_admin_in': libvirtd_socket_admin_in, } openrc_init_files += { diff --git a/src/secret/virtsecretd.service.in b/src/secret/virtsecretd.service.in deleted file mode 100644 index 3804fe553b..0000000000 --- a/src/secret/virtsecretd.service.in +++ /dev/null @@ -1,25 +0,0 @@ -[Unit] -Description=Virtualization secret daemon -Conflicts=libvirtd.service -Requires=virtsecretd.socket -Requires=virtsecretd-ro.socket -Requires=virtsecretd-admin.socket -After=network.target -After=dbus.service -After=apparmor.service -Documentation=man:virtsecretd(8) -Documentation=https://libvirt.org - -[Service] -Type=notify -Environment=VIRTSECRETD_ARGS="--timeout 120" -EnvironmentFile=-@initconfdir@/virtsecretd -ExecStart=@sbindir@/virtsecretd $VIRTSECRETD_ARGS -ExecReload=/bin/kill -HUP $MAINPID -Restart=on-failure - -[Install] -WantedBy=multi-user.target -Also=virtsecretd.socket -Also=virtsecretd-ro.socket -Also=virtsecretd-admin.socket -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:12PM +0200, Andrea Bolognani wrote:
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/secret/meson.build | 4 ---- src/secret/virtsecretd.service.in | 25 ------------------------- 2 files changed, 29 deletions(-) delete mode 100644 src/secret/virtsecretd.service.in
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/network/meson.build | 5 +---- src/network/virtnetworkd.service.extra.in | 2 ++ src/network/virtnetworkd.service.in | 26 ----------------------- 3 files changed, 3 insertions(+), 30 deletions(-) create mode 100644 src/network/virtnetworkd.service.extra.in delete mode 100644 src/network/virtnetworkd.service.in diff --git a/src/network/meson.build b/src/network/meson.build index 2e51d5d47b..ed7707c714 100644 --- a/src/network/meson.build +++ b/src/network/meson.build @@ -62,11 +62,8 @@ if conf.has('WITH_NETWORK') virt_daemon_units += { 'service': 'virtnetworkd', - 'service_in': files('virtnetworkd.service.in'), 'name': 'Libvirt network', - 'socket_in': libvirtd_socket_in, - 'socket_ro_in': libvirtd_socket_ro_in, - 'socket_admin_in': libvirtd_socket_admin_in, + 'service_extra_in': files('virtnetworkd.service.extra.in'), } openrc_init_files += { diff --git a/src/network/virtnetworkd.service.extra.in b/src/network/virtnetworkd.service.extra.in new file mode 100644 index 0000000000..9fcabf652d --- /dev/null +++ b/src/network/virtnetworkd.service.extra.in @@ -0,0 +1,2 @@ +[Service] +KillMode=process diff --git a/src/network/virtnetworkd.service.in b/src/network/virtnetworkd.service.in deleted file mode 100644 index 3d7374715d..0000000000 --- a/src/network/virtnetworkd.service.in +++ /dev/null @@ -1,26 +0,0 @@ -[Unit] -Description=Virtualization network daemon -Conflicts=libvirtd.service -Requires=virtnetworkd.socket -Requires=virtnetworkd-ro.socket -Requires=virtnetworkd-admin.socket -After=network.target -After=dbus.service -After=apparmor.service -Documentation=man:virtnetworkd(8) -Documentation=https://libvirt.org - -[Service] -Type=notify -Environment=VIRTNETWORKD_ARGS="--timeout 120" -EnvironmentFile=-@initconfdir@/virtnetworkd -ExecStart=@sbindir@/virtnetworkd $VIRTNETWORKD_ARGS -ExecReload=/bin/kill -HUP $MAINPID -Restart=on-failure -KillMode=process - -[Install] -WantedBy=multi-user.target -Also=virtnetworkd.socket -Also=virtnetworkd-ro.socket -Also=virtnetworkd-admin.socket -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:13PM +0200, Andrea Bolognani wrote:
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/network/meson.build | 5 +---- src/network/virtnetworkd.service.extra.in | 2 ++ src/network/virtnetworkd.service.in | 26 ----------------------- 3 files changed, 3 insertions(+), 30 deletions(-) create mode 100644 src/network/virtnetworkd.service.extra.in delete mode 100644 src/network/virtnetworkd.service.in
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/storage/meson.build | 5 +---- src/storage/virtstoraged.service.extra.in | 3 +++ src/storage/virtstoraged.service.in | 27 ----------------------- 3 files changed, 4 insertions(+), 31 deletions(-) create mode 100644 src/storage/virtstoraged.service.extra.in delete mode 100644 src/storage/virtstoraged.service.in diff --git a/src/storage/meson.build b/src/storage/meson.build index e0a1e9f4de..fb7feea81d 100644 --- a/src/storage/meson.build +++ b/src/storage/meson.build @@ -111,11 +111,8 @@ if conf.has('WITH_STORAGE') virt_daemon_units += { 'service': 'virtstoraged', - 'service_in': files('virtstoraged.service.in'), 'name': 'Libvirt storage', - 'socket_in': libvirtd_socket_in, - 'socket_ro_in': libvirtd_socket_ro_in, - 'socket_admin_in': libvirtd_socket_admin_in, + 'service_extra_in': files('virtstoraged.service.extra.in'), } openrc_init_files += { diff --git a/src/storage/virtstoraged.service.extra.in b/src/storage/virtstoraged.service.extra.in new file mode 100644 index 0000000000..d134ae18da --- /dev/null +++ b/src/storage/virtstoraged.service.extra.in @@ -0,0 +1,3 @@ +[Unit] +After=iscsid.service +After=remote-fs.target diff --git a/src/storage/virtstoraged.service.in b/src/storage/virtstoraged.service.in deleted file mode 100644 index 235fbc6798..0000000000 --- a/src/storage/virtstoraged.service.in +++ /dev/null @@ -1,27 +0,0 @@ -[Unit] -Description=Virtualization storage daemon -Conflicts=libvirtd.service -Requires=virtstoraged.socket -Requires=virtstoraged-ro.socket -Requires=virtstoraged-admin.socket -After=network.target -After=dbus.service -After=iscsid.service -After=apparmor.service -After=remote-fs.target -Documentation=man:virtstoraged(8) -Documentation=https://libvirt.org - -[Service] -Type=notify -Environment=VIRTSTORAGED_ARGS="--timeout 120" -EnvironmentFile=-@initconfdir@/virtstoraged -ExecStart=@sbindir@/virtstoraged $VIRTSTORAGED_ARGS -ExecReload=/bin/kill -HUP $MAINPID -Restart=on-failure - -[Install] -WantedBy=multi-user.target -Also=virtstoraged.socket -Also=virtstoraged-ro.socket -Also=virtstoraged-admin.socket -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:14PM +0200, Andrea Bolognani wrote:
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/storage/meson.build | 5 +---- src/storage/virtstoraged.service.extra.in | 3 +++ src/storage/virtstoraged.service.in | 27 ----------------------- 3 files changed, 4 insertions(+), 31 deletions(-) create mode 100644 src/storage/virtstoraged.service.extra.in delete mode 100644 src/storage/virtstoraged.service.in
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/vbox/meson.build | 5 +---- src/vbox/virtvboxd.service.extra.in | 2 ++ src/vbox/virtvboxd.service.in | 26 -------------------------- 3 files changed, 3 insertions(+), 30 deletions(-) create mode 100644 src/vbox/virtvboxd.service.extra.in delete mode 100644 src/vbox/virtvboxd.service.in diff --git a/src/vbox/meson.build b/src/vbox/meson.build index 2d6b71ab8f..ee6efbdb42 100644 --- a/src/vbox/meson.build +++ b/src/vbox/meson.build @@ -57,11 +57,8 @@ if conf.has('WITH_VBOX') virt_daemon_units += { 'service': 'virtvboxd', - 'service_in': files('virtvboxd.service.in'), 'name': 'Libvirt vbox', - 'socket_in': libvirtd_socket_in, - 'socket_ro_in': libvirtd_socket_ro_in, - 'socket_admin_in': libvirtd_socket_admin_in, + 'service_extra_in': files('virtvboxd.service.extra.in'), } openrc_init_files += { diff --git a/src/vbox/virtvboxd.service.extra.in b/src/vbox/virtvboxd.service.extra.in new file mode 100644 index 0000000000..ba3ad13ace --- /dev/null +++ b/src/vbox/virtvboxd.service.extra.in @@ -0,0 +1,2 @@ +[Unit] +After=remote-fs.target diff --git a/src/vbox/virtvboxd.service.in b/src/vbox/virtvboxd.service.in deleted file mode 100644 index a567ed2443..0000000000 --- a/src/vbox/virtvboxd.service.in +++ /dev/null @@ -1,26 +0,0 @@ -[Unit] -Description=Virtualization vbox daemon -Conflicts=libvirtd.service -Requires=virtvboxd.socket -Requires=virtvboxd-ro.socket -Requires=virtvboxd-admin.socket -After=network.target -After=dbus.service -After=apparmor.service -After=remote-fs.target -Documentation=man:virtvboxd(8) -Documentation=https://libvirt.org - -[Service] -Type=notify -Environment=VIRTVBOXD_ARGS="--timeout 120" -EnvironmentFile=-@initconfdir@/virtvboxd -ExecStart=@sbindir@/virtvboxd $VIRTVBOXD_ARGS -ExecReload=/bin/kill -HUP $MAINPID -Restart=on-failure - -[Install] -WantedBy=multi-user.target -Also=virtvboxd.socket -Also=virtvboxd-ro.socket -Also=virtvboxd-admin.socket -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:15PM +0200, Andrea Bolognani wrote:
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/vbox/meson.build | 5 +---- src/vbox/virtvboxd.service.extra.in | 2 ++ src/vbox/virtvboxd.service.in | 26 -------------------------- 3 files changed, 3 insertions(+), 30 deletions(-) create mode 100644 src/vbox/virtvboxd.service.extra.in delete mode 100644 src/vbox/virtvboxd.service.in
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/vz/meson.build | 5 +---- src/vz/virtvzd.service.extra.in | 2 ++ src/vz/virtvzd.service.in | 26 -------------------------- 3 files changed, 3 insertions(+), 30 deletions(-) create mode 100644 src/vz/virtvzd.service.extra.in delete mode 100644 src/vz/virtvzd.service.in diff --git a/src/vz/meson.build b/src/vz/meson.build index 9c2eb90463..842cdb6136 100644 --- a/src/vz/meson.build +++ b/src/vz/meson.build @@ -48,11 +48,8 @@ if conf.has('WITH_VZ') virt_daemon_units += { 'service': 'virtvzd', - 'service_in': files('virtvzd.service.in'), 'name': 'Libvirt vz', - 'socket_in': libvirtd_socket_in, - 'socket_ro_in': libvirtd_socket_ro_in, - 'socket_admin_in': libvirtd_socket_admin_in, + 'service_extra_in': files('virtvzd.service.extra.in'), } openrc_init_files += { diff --git a/src/vz/virtvzd.service.extra.in b/src/vz/virtvzd.service.extra.in new file mode 100644 index 0000000000..ba3ad13ace --- /dev/null +++ b/src/vz/virtvzd.service.extra.in @@ -0,0 +1,2 @@ +[Unit] +After=remote-fs.target diff --git a/src/vz/virtvzd.service.in b/src/vz/virtvzd.service.in deleted file mode 100644 index 5521e89e10..0000000000 --- a/src/vz/virtvzd.service.in +++ /dev/null @@ -1,26 +0,0 @@ -[Unit] -Description=Virtualization vz daemon -Conflicts=libvirtd.service -Requires=virtvzd.socket -Requires=virtvzd-ro.socket -Requires=virtvzd-admin.socket -After=network.target -After=dbus.service -After=apparmor.service -After=remote-fs.target -Documentation=man:virtvzd(8) -Documentation=https://libvirt.org - -[Service] -Type=notify -Environment=VIRTVZD_ARGS="--timeout 120" -EnvironmentFile=-@initconfdir@/virtvzd -ExecStart=@sbindir@/virtvzd $VIRTVZD_ARGS -ExecReload=/bin/kill -HUP $MAINPID -Restart=on-failure - -[Install] -WantedBy=multi-user.target -Also=virtvzd.socket -Also=virtvzd-ro.socket -Also=virtvzd-admin.socket -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:16PM +0200, Andrea Bolognani wrote:
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/vz/meson.build | 5 +---- src/vz/virtvzd.service.extra.in | 2 ++ src/vz/virtvzd.service.in | 26 -------------------------- 3 files changed, 3 insertions(+), 30 deletions(-) create mode 100644 src/vz/virtvzd.service.extra.in delete mode 100644 src/vz/virtvzd.service.in
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/ch/meson.build | 5 +--- src/ch/virtchd.service.extra.in | 22 +++++++++++++++++ src/ch/virtchd.service.in | 44 --------------------------------- 3 files changed, 23 insertions(+), 48 deletions(-) create mode 100644 src/ch/virtchd.service.extra.in delete mode 100644 src/ch/virtchd.service.in diff --git a/src/ch/meson.build b/src/ch/meson.build index dc08069dcd..0ef7288257 100644 --- a/src/ch/meson.build +++ b/src/ch/meson.build @@ -57,11 +57,8 @@ if conf.has('WITH_CH') virt_daemon_units += { 'service': 'virtchd', - 'service_in': files('virtchd.service.in'), 'name': 'Libvirt ch', - 'socket_in': libvirtd_socket_in, - 'socket_ro_in': libvirtd_socket_ro_in, - 'socket_admin_in': libvirtd_socket_admin_in, + 'service_extra_in': files('virtchd.service.extra.in'), } virt_install_dirs += [ diff --git a/src/ch/virtchd.service.extra.in b/src/ch/virtchd.service.extra.in new file mode 100644 index 0000000000..bc2fef57cc --- /dev/null +++ b/src/ch/virtchd.service.extra.in @@ -0,0 +1,22 @@ +[Unit] +Wants=systemd-machined.service +After=systemd-machined.service +After=remote-fs.target + +[Service] +KillMode=process +# Raise hard limits to match behaviour of systemd >= 240. +# During startup, daemon will set soft limit to match hard limit +# per systemd recommendations +LimitNOFILE=1024:524288 +# The cgroups pids controller can limit the number of tasks started by +# the daemon, which can limit the number of domains for some hypervisors. +# A conservative default of 8 tasks per guest results in a TasksMax of +# 32k to support 4096 guests. +TasksMax=32768 +# With cgroups v2 there is no devices controller anymore, we have to use +# eBPF to control access to devices. In order to do that we create a eBPF +# hash MAP which locks memory. The default map size for 64 devices together +# with program takes 12k per guest. After rounding up we will get 64M to +# support 4096 guests. +LimitMEMLOCK=64M diff --git a/src/ch/virtchd.service.in b/src/ch/virtchd.service.in deleted file mode 100644 index 351eee312b..0000000000 --- a/src/ch/virtchd.service.in +++ /dev/null @@ -1,44 +0,0 @@ -[Unit] -Description=Virtualization Cloud-Hypervisor daemon -Conflicts=libvirtd.service -Requires=virtchd.socket -Requires=virtchd-ro.socket -Requires=virtchd-admin.socket -Wants=systemd-machined.service -After=network.target -After=dbus.service -After=apparmor.service -After=remote-fs.target -After=systemd-machined.service -Documentation=man:virtchd(8) -Documentation=https://libvirt.org - -[Service] -Type=notify -Environment=VIRTCHD_ARGS="--timeout 120" -EnvironmentFile=-@initconfdir@/virtchd -ExecStart=@sbindir@/virtchd $VIRTCHD_ARGS -ExecReload=/bin/kill -HUP $MAINPID -KillMode=process -Restart=on-failure -# Raise hard limits to match behaviour of systemd >= 240. -# During startup, daemon will set soft limit to match hard limit -# per systemd recommendations -LimitNOFILE=1024:524288 -# The cgroups pids controller can limit the number of tasks started by -# the daemon, which can limit the number of domains for some hypervisors. -# A conservative default of 8 tasks per guest results in a TasksMax of -# 32k to support 4096 guests. -TasksMax=32768 -# With cgroups v2 there is no devices controller anymore, we have to use -# eBPF to control access to devices. In order to do that we create a eBPF -# hash MAP which locks memory. The default map size for 64 devices together -# with program takes 12k per guest. After rounding up we will get 64M to -# support 4096 guests. -LimitMEMLOCK=64M - -[Install] -WantedBy=multi-user.target -Also=virtchd.socket -Also=virtchd-ro.socket -Also=virtchd-admin.socket -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:17PM +0200, Andrea Bolognani wrote:
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/ch/meson.build | 5 +--- src/ch/virtchd.service.extra.in | 22 +++++++++++++++++ src/ch/virtchd.service.in | 44 --------------------------------- 3 files changed, 23 insertions(+), 48 deletions(-) create mode 100644 src/ch/virtchd.service.extra.in delete mode 100644 src/ch/virtchd.service.in
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/libxl/meson.build | 7 ++----- src/libxl/virtxend.service.extra.in | 12 +++++++++++ src/libxl/virtxend.service.in | 32 ----------------------------- src/libxl/virtxend.socket.extra.in | 2 ++ 4 files changed, 16 insertions(+), 37 deletions(-) create mode 100644 src/libxl/virtxend.service.extra.in delete mode 100644 src/libxl/virtxend.service.in create mode 100644 src/libxl/virtxend.socket.extra.in diff --git a/src/libxl/meson.build b/src/libxl/meson.build index a1553dbe27..171d6ca005 100644 --- a/src/libxl/meson.build +++ b/src/libxl/meson.build @@ -66,12 +66,9 @@ if conf.has('WITH_LIBXL') virt_daemon_units += { 'service': 'virtxend', - 'service_in': files('virtxend.service.in'), 'name': 'Libvirt libxl', - 'socket_in': libvirtd_socket_in, - 'socket_ro_in': libvirtd_socket_ro_in, - 'socket_admin_in': libvirtd_socket_admin_in, - 'deps': 'ConditionPathExists=/proc/xen/capabilities', + 'service_extra_in': files('virtxend.service.extra.in'), + 'socket_extra_in': files('virtxend.socket.extra.in'), } openrc_init_files += { diff --git a/src/libxl/virtxend.service.extra.in b/src/libxl/virtxend.service.extra.in new file mode 100644 index 0000000000..ba38ba9160 --- /dev/null +++ b/src/libxl/virtxend.service.extra.in @@ -0,0 +1,12 @@ +[Unit] +Wants=virtlockd.socket +After=remote-fs.target +After=xencommons.service +Conflicts=xendomains.service +ConditionPathExists=/proc/xen/capabilities + +[Service] +KillMode=process + +[Install] +Also=virtlockd.socket diff --git a/src/libxl/virtxend.service.in b/src/libxl/virtxend.service.in deleted file mode 100644 index c6a88f7fe9..0000000000 --- a/src/libxl/virtxend.service.in +++ /dev/null @@ -1,32 +0,0 @@ -[Unit] -Description=Virtualization xen daemon -Conflicts=libvirtd.service -Requires=virtxend.socket -Requires=virtxend-ro.socket -Requires=virtxend-admin.socket -Wants=virtlockd.socket -After=network.target -After=dbus.service -After=apparmor.service -After=remote-fs.target -After=xencommons.service -Conflicts=xendomains.service -Documentation=man:virtxend(8) -Documentation=https://libvirt.org -ConditionPathExists=/proc/xen/capabilities - -[Service] -Type=notify -Environment=VIRTXEND_ARGS="--timeout 120" -EnvironmentFile=-@initconfdir@/virtxend -ExecStart=@sbindir@/virtxend $VIRTXEND_ARGS -ExecReload=/bin/kill -HUP $MAINPID -Restart=on-failure -KillMode=process - -[Install] -WantedBy=multi-user.target -Also=virtlockd.socket -Also=virtxend.socket -Also=virtxend-ro.socket -Also=virtxend-admin.socket diff --git a/src/libxl/virtxend.socket.extra.in b/src/libxl/virtxend.socket.extra.in new file mode 100644 index 0000000000..c8322efbbc --- /dev/null +++ b/src/libxl/virtxend.socket.extra.in @@ -0,0 +1,2 @@ +[Unit] +ConditionPathExists=/proc/xen/capabilities -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:18PM +0200, Andrea Bolognani wrote:
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/libxl/meson.build | 7 ++----- src/libxl/virtxend.service.extra.in | 12 +++++++++++ src/libxl/virtxend.service.in | 32 ----------------------------- src/libxl/virtxend.socket.extra.in | 2 ++ 4 files changed, 16 insertions(+), 37 deletions(-) create mode 100644 src/libxl/virtxend.service.extra.in delete mode 100644 src/libxl/virtxend.service.in create mode 100644 src/libxl/virtxend.socket.extra.in
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/lxc/meson.build | 5 +--- src/lxc/virtlxcd.service.extra.in | 22 ++++++++++++++++ src/lxc/virtlxcd.service.in | 44 ------------------------------- 3 files changed, 23 insertions(+), 48 deletions(-) create mode 100644 src/lxc/virtlxcd.service.extra.in delete mode 100644 src/lxc/virtlxcd.service.in diff --git a/src/lxc/meson.build b/src/lxc/meson.build index 531078448c..84e6c313ea 100644 --- a/src/lxc/meson.build +++ b/src/lxc/meson.build @@ -164,11 +164,8 @@ if conf.has('WITH_LXC') virt_daemon_units += { 'service': 'virtlxcd', - 'service_in': files('virtlxcd.service.in'), 'name': 'Libvirt lxc', - 'socket_in': libvirtd_socket_in, - 'socket_ro_in': libvirtd_socket_ro_in, - 'socket_admin_in': libvirtd_socket_admin_in, + 'service_extra_in': files('virtlxcd.service.extra.in'), } openrc_init_files += { diff --git a/src/lxc/virtlxcd.service.extra.in b/src/lxc/virtlxcd.service.extra.in new file mode 100644 index 0000000000..bc2fef57cc --- /dev/null +++ b/src/lxc/virtlxcd.service.extra.in @@ -0,0 +1,22 @@ +[Unit] +Wants=systemd-machined.service +After=systemd-machined.service +After=remote-fs.target + +[Service] +KillMode=process +# Raise hard limits to match behaviour of systemd >= 240. +# During startup, daemon will set soft limit to match hard limit +# per systemd recommendations +LimitNOFILE=1024:524288 +# The cgroups pids controller can limit the number of tasks started by +# the daemon, which can limit the number of domains for some hypervisors. +# A conservative default of 8 tasks per guest results in a TasksMax of +# 32k to support 4096 guests. +TasksMax=32768 +# With cgroups v2 there is no devices controller anymore, we have to use +# eBPF to control access to devices. In order to do that we create a eBPF +# hash MAP which locks memory. The default map size for 64 devices together +# with program takes 12k per guest. After rounding up we will get 64M to +# support 4096 guests. +LimitMEMLOCK=64M diff --git a/src/lxc/virtlxcd.service.in b/src/lxc/virtlxcd.service.in deleted file mode 100644 index ee3a7f1083..0000000000 --- a/src/lxc/virtlxcd.service.in +++ /dev/null @@ -1,44 +0,0 @@ -[Unit] -Description=Virtualization lxc daemon -Conflicts=libvirtd.service -Requires=virtlxcd.socket -Requires=virtlxcd-ro.socket -Requires=virtlxcd-admin.socket -Wants=systemd-machined.service -After=network.target -After=dbus.service -After=apparmor.service -After=remote-fs.target -After=systemd-machined.service -Documentation=man:virtlxcd(8) -Documentation=https://libvirt.org - -[Service] -Type=notify -Environment=VIRTLXCD_ARGS="--timeout 120" -EnvironmentFile=-@initconfdir@/virtlxcd -ExecStart=@sbindir@/virtlxcd $VIRTLXCD_ARGS -ExecReload=/bin/kill -HUP $MAINPID -KillMode=process -Restart=on-failure -# Raise hard limits to match behaviour of systemd >= 240. -# During startup, daemon will set soft limit to match hard limit -# per systemd recommendations -LimitNOFILE=1024:524288 -# The cgroups pids controller can limit the number of tasks started by -# the daemon, which can limit the number of domains for some hypervisors. -# A conservative default of 8 tasks per guest results in a TasksMax of -# 32k to support 4096 guests. -TasksMax=32768 -# With cgroups v2 there is no devices controller anymore, we have to use -# eBPF to control access to devices. In order to do that we create a eBPF -# hash MAP which locks memory. The default map size for 64 devices together -# with program takes 12k per guest. After rounding up we will get 64M to -# support 4096 guests. -LimitMEMLOCK=64M - -[Install] -WantedBy=multi-user.target -Also=virtlxcd.socket -Also=virtlxcd-ro.socket -Also=virtlxcd-admin.socket -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:19PM +0200, Andrea Bolognani wrote:
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/lxc/meson.build | 5 +--- src/lxc/virtlxcd.service.extra.in | 22 ++++++++++++++++ src/lxc/virtlxcd.service.in | 44 ------------------------------- 3 files changed, 23 insertions(+), 48 deletions(-) create mode 100644 src/lxc/virtlxcd.service.extra.in delete mode 100644 src/lxc/virtlxcd.service.in
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/qemu/meson.build | 5 +-- src/qemu/virtqemud.service.extra.in | 28 +++++++++++++++++ src/qemu/virtqemud.service.in | 48 ----------------------------- 3 files changed, 29 insertions(+), 52 deletions(-) create mode 100644 src/qemu/virtqemud.service.extra.in delete mode 100644 src/qemu/virtqemud.service.in diff --git a/src/qemu/meson.build b/src/qemu/meson.build index b52497bdf0..1afc301a6d 100644 --- a/src/qemu/meson.build +++ b/src/qemu/meson.build @@ -183,11 +183,8 @@ if conf.has('WITH_QEMU') virt_daemon_units += { 'service': 'virtqemud', - 'service_in': files('virtqemud.service.in'), 'name': 'Libvirt qemu', - 'socket_in': libvirtd_socket_in, - 'socket_ro_in': libvirtd_socket_ro_in, - 'socket_admin_in': libvirtd_socket_admin_in, + 'service_extra_in': files('virtqemud.service.extra.in'), } openrc_init_files += { diff --git a/src/qemu/virtqemud.service.extra.in b/src/qemu/virtqemud.service.extra.in new file mode 100644 index 0000000000..eaf616f575 --- /dev/null +++ b/src/qemu/virtqemud.service.extra.in @@ -0,0 +1,28 @@ +[Unit] +Requires=virtlogd.socket +Wants=virtlockd.socket +Wants=systemd-machined.service +After=systemd-machined.service +After=remote-fs.target + +[Service] +KillMode=process +# Raise hard limits to match behaviour of systemd >= 240. +# During startup, daemon will set soft limit to match hard limit +# per systemd recommendations +LimitNOFILE=1024:524288 +# The cgroups pids controller can limit the number of tasks started by +# the daemon, which can limit the number of domains for some hypervisors. +# A conservative default of 8 tasks per guest results in a TasksMax of +# 32k to support 4096 guests. +TasksMax=32768 +# With cgroups v2 there is no devices controller anymore, we have to use +# eBPF to control access to devices. In order to do that we create a eBPF +# hash MAP which locks memory. The default map size for 64 devices together +# with program takes 12k per guest. After rounding up we will get 64M to +# support 4096 guests. +LimitMEMLOCK=64M + +[Install] +Also=virtlogd.socket +Also=virtlockd.socket diff --git a/src/qemu/virtqemud.service.in b/src/qemu/virtqemud.service.in deleted file mode 100644 index e79670ca95..0000000000 --- a/src/qemu/virtqemud.service.in +++ /dev/null @@ -1,48 +0,0 @@ -[Unit] -Description=Virtualization qemu daemon -Conflicts=libvirtd.service -Requires=virtlogd.socket -Requires=virtqemud.socket -Requires=virtqemud-ro.socket -Requires=virtqemud-admin.socket -Wants=virtlockd.socket -Wants=systemd-machined.service -After=network.target -After=dbus.service -After=apparmor.service -After=remote-fs.target -After=systemd-machined.service -Documentation=man:virtqemud(8) -Documentation=https://libvirt.org - -[Service] -Type=notify -Environment=VIRTQEMUD_ARGS="--timeout 120" -EnvironmentFile=-@initconfdir@/virtqemud -ExecStart=@sbindir@/virtqemud $VIRTQEMUD_ARGS -ExecReload=/bin/kill -HUP $MAINPID -KillMode=process -Restart=on-failure -# Raise hard limits to match behaviour of systemd >= 240. -# During startup, daemon will set soft limit to match hard limit -# per systemd recommendations -LimitNOFILE=1024:524288 -# The cgroups pids controller can limit the number of tasks started by -# the daemon, which can limit the number of domains for some hypervisors. -# A conservative default of 8 tasks per guest results in a TasksMax of -# 32k to support 4096 guests. -TasksMax=32768 -# With cgroups v2 there is no devices controller anymore, we have to use -# eBPF to control access to devices. In order to do that we create a eBPF -# hash MAP which locks memory. The default map size for 64 devices together -# with program takes 12k per guest. After rounding up we will get 64M to -# support 4096 guests. -LimitMEMLOCK=64M - -[Install] -WantedBy=multi-user.target -Also=virtlogd.socket -Also=virtlockd.socket -Also=virtqemud.socket -Also=virtqemud-ro.socket -Also=virtqemud-admin.socket -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:20PM +0200, Andrea Bolognani wrote:
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/qemu/meson.build | 5 +-- src/qemu/virtqemud.service.extra.in | 28 +++++++++++++++++ src/qemu/virtqemud.service.in | 48 ----------------------------- 3 files changed, 29 insertions(+), 52 deletions(-) create mode 100644 src/qemu/virtqemud.service.extra.in delete mode 100644 src/qemu/virtqemud.service.in
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/remote/meson.build | 6 ------ src/remote/virtproxyd.service.in | 25 ------------------------- 2 files changed, 31 deletions(-) delete mode 100644 src/remote/virtproxyd.service.in diff --git a/src/remote/meson.build b/src/remote/meson.build index 78c08bf5ad..5ee6d4e61c 100644 --- a/src/remote/meson.build +++ b/src/remote/meson.build @@ -224,15 +224,9 @@ if conf.has('WITH_REMOTE') virt_daemon_units += { 'service': 'virtproxyd', - 'service_in': files('virtproxyd.service.in'), 'name': 'Libvirt proxy', 'sockprefix': 'libvirt', 'sockets': [ 'main', 'ro', 'admin', 'tcp', 'tls' ], - 'socket_in': files('libvirtd.socket.in'), - 'socket_ro_in': files('libvirtd-ro.socket.in'), - 'socket_admin_in': files('libvirtd-admin.socket.in'), - 'socket_tcp_in': files('libvirtd-tcp.socket.in'), - 'socket_tls_in': files('libvirtd-tls.socket.in'), } openrc_init_files += { diff --git a/src/remote/virtproxyd.service.in b/src/remote/virtproxyd.service.in deleted file mode 100644 index 9b829641f7..0000000000 --- a/src/remote/virtproxyd.service.in +++ /dev/null @@ -1,25 +0,0 @@ -[Unit] -Description=Virtualization daemon -Conflicts=libvirtd.service -Requires=virtproxyd.socket -Requires=virtproxyd-ro.socket -Requires=virtproxyd-admin.socket -After=network.target -After=dbus.service -After=apparmor.service -Documentation=man:virtproxyd(8) -Documentation=https://libvirt.org - -[Service] -Type=notify -Environment=VIRTPROXYD_ARGS="--timeout 120" -EnvironmentFile=-@initconfdir@/virtproxyd -ExecStart=@sbindir@/virtproxyd $VIRTPROXYD_ARGS -ExecReload=/bin/kill -HUP $MAINPID -Restart=on-failure - -[Install] -WantedBy=multi-user.target -Also=virtproxyd.socket -Also=virtproxyd-ro.socket -Also=virtproxyd-admin.socket -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:21PM +0200, Andrea Bolognani wrote:
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/remote/meson.build | 6 ------ src/remote/virtproxyd.service.in | 25 ------------------------- 2 files changed, 31 deletions(-) delete mode 100644 src/remote/virtproxyd.service.in
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Now that the migration to common templates has been completed, we no longer need these. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/meson.build | 4 ---- 1 file changed, 4 deletions(-) diff --git a/src/meson.build b/src/meson.build index 0fbefe37d5..541ca61101 100644 --- a/src/meson.build +++ b/src/meson.build @@ -191,10 +191,6 @@ virt_test_aug_dir = datadir / 'augeas' / 'lenses' / 'tests' # guest unit files to install guest_unit_files = [] -libvirtd_socket_in = files('remote' / 'libvirtd.socket.in') -libvirtd_socket_ro_in = files('remote' / 'libvirtd-ro.socket.in') -libvirtd_socket_admin_in = files('remote' / 'libvirtd-admin.socket.in') - # virt_daemon_units: # generate libvirt daemon systemd unit files # * service - name of the service (required) -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:22PM +0200, Andrea Bolognani wrote:
Now that the migration to common templates has been completed, we no longer need these.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/meson.build | 4 ---- 1 file changed, 4 deletions(-)
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

It's no longer used anywhere. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/meson.build | 2 -- src/remote/libvirtd-admin.socket.in | 1 - src/remote/libvirtd-ro.socket.in | 1 - src/remote/libvirtd-tcp.socket.in | 1 - src/remote/libvirtd-tls.socket.in | 1 - src/remote/libvirtd.socket.in | 1 - 6 files changed, 7 deletions(-) diff --git a/src/meson.build b/src/meson.build index 541ca61101..144f24e526 100644 --- a/src/meson.build +++ b/src/meson.build @@ -201,7 +201,6 @@ guest_unit_files = [] # * socket_$name_in - additional socket source files (optional, default virtd.socket.in or virtd-$name.socket.in) # * service_extra_in - unit to merge with service_in (optional, default None) # * socket_extra_in - unit to merge with socket_$name_in (optional, default None) -# * deps - socket dependencies (optional, default '') virt_daemon_units = [] # openrc_init_files @@ -817,7 +816,6 @@ if conf.has('WITH_LIBVIRTD') 'service': unit['service'], 'SERVICE': unit['service'].to_upper(), 'sockprefix': unit.get('sockprefix', unit['service']), - 'deps': unit.get('deps', ''), 'sockmode': sockmode, }) diff --git a/src/remote/libvirtd-admin.socket.in b/src/remote/libvirtd-admin.socket.in index 01e1a08939..39bb0badea 100644 --- a/src/remote/libvirtd-admin.socket.in +++ b/src/remote/libvirtd-admin.socket.in @@ -3,7 +3,6 @@ Description=@name@ admin socket Before=@service@.service BindsTo=@service@.socket After=@service@.socket -@deps@ [Socket] ListenStream=@runstatedir@/libvirt/@sockprefix@-admin-sock diff --git a/src/remote/libvirtd-ro.socket.in b/src/remote/libvirtd-ro.socket.in index 58ae1beb95..b7b7ae0dd8 100644 --- a/src/remote/libvirtd-ro.socket.in +++ b/src/remote/libvirtd-ro.socket.in @@ -3,7 +3,6 @@ Description=@name@ local read-only socket Before=@service@.service BindsTo=@service@.socket After=@service@.socket -@deps@ [Socket] ListenStream=@runstatedir@/libvirt/@sockprefix@-sock-ro diff --git a/src/remote/libvirtd-tcp.socket.in b/src/remote/libvirtd-tcp.socket.in index 6949df315e..7c8bcdb525 100644 --- a/src/remote/libvirtd-tcp.socket.in +++ b/src/remote/libvirtd-tcp.socket.in @@ -3,7 +3,6 @@ Description=@name@ non-TLS IP socket Before=@service@.service BindsTo=@service@.socket After=@service@.socket -@deps@ [Socket] ListenStream=16509 diff --git a/src/remote/libvirtd-tls.socket.in b/src/remote/libvirtd-tls.socket.in index ada2b871f0..c6dceb2d4e 100644 --- a/src/remote/libvirtd-tls.socket.in +++ b/src/remote/libvirtd-tls.socket.in @@ -3,7 +3,6 @@ Description=@name@ TLS IP socket Before=@service@.service BindsTo=@service@.socket After=@service@.socket -@deps@ [Socket] ListenStream=16514 diff --git a/src/remote/libvirtd.socket.in b/src/remote/libvirtd.socket.in index e6e903a8ce..aec0708fd4 100644 --- a/src/remote/libvirtd.socket.in +++ b/src/remote/libvirtd.socket.in @@ -1,7 +1,6 @@ [Unit] Description=@name@ local socket Before=@service@.service -@deps@ [Socket] ListenStream=@runstatedir@/libvirt/@sockprefix@-sock -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:23PM +0200, Andrea Bolognani wrote:
It's no longer used anywhere.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/meson.build | 2 -- src/remote/libvirtd-admin.socket.in | 1 - src/remote/libvirtd-ro.socket.in | 1 - src/remote/libvirtd-tcp.socket.in | 1 - src/remote/libvirtd-tls.socket.in | 1 - src/remote/libvirtd.socket.in | 1 - 6 files changed, 7 deletions(-)
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Up until now the files have been used as template for most services, but now that those have been converted to common templates we can drop parametrization and make it clear that these files are for libvirtd only. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/remote/libvirtd-admin.socket.in | 10 +++++----- src/remote/libvirtd-ro.socket.in | 10 +++++----- src/remote/libvirtd-tcp.socket.in | 8 ++++---- src/remote/libvirtd-tls.socket.in | 8 ++++---- src/remote/libvirtd.socket.in | 6 +++--- 5 files changed, 21 insertions(+), 21 deletions(-) diff --git a/src/remote/libvirtd-admin.socket.in b/src/remote/libvirtd-admin.socket.in index 39bb0badea..8d927db63b 100644 --- a/src/remote/libvirtd-admin.socket.in +++ b/src/remote/libvirtd-admin.socket.in @@ -1,12 +1,12 @@ [Unit] Description=@name@ admin socket -Before=@service@.service -BindsTo=@service@.socket -After=@service@.socket +Before=libvirtd.service +BindsTo=libvirtd.socket +After=libvirtd.socket [Socket] -ListenStream=@runstatedir@/libvirt/@sockprefix@-admin-sock -Service=@service@.service +ListenStream=@runstatedir@/libvirt/libvirt-admin-sock +Service=libvirtd.service SocketMode=0600 [Install] diff --git a/src/remote/libvirtd-ro.socket.in b/src/remote/libvirtd-ro.socket.in index b7b7ae0dd8..cc10190ab4 100644 --- a/src/remote/libvirtd-ro.socket.in +++ b/src/remote/libvirtd-ro.socket.in @@ -1,12 +1,12 @@ [Unit] Description=@name@ local read-only socket -Before=@service@.service -BindsTo=@service@.socket -After=@service@.socket +Before=libvirtd.service +BindsTo=libvirtd.socket +After=libvirtd.socket [Socket] -ListenStream=@runstatedir@/libvirt/@sockprefix@-sock-ro -Service=@service@.service +ListenStream=@runstatedir@/libvirt/libvirt-sock-ro +Service=libvirtd.service SocketMode=0666 [Install] diff --git a/src/remote/libvirtd-tcp.socket.in b/src/remote/libvirtd-tcp.socket.in index 7c8bcdb525..bc35f19c06 100644 --- a/src/remote/libvirtd-tcp.socket.in +++ b/src/remote/libvirtd-tcp.socket.in @@ -1,12 +1,12 @@ [Unit] Description=@name@ non-TLS IP socket -Before=@service@.service -BindsTo=@service@.socket -After=@service@.socket +Before=libvirtd.service +BindsTo=libvirtd.socket +After=libvirtd.socket [Socket] ListenStream=16509 -Service=@service@.service +Service=libvirtd.service [Install] WantedBy=sockets.target diff --git a/src/remote/libvirtd-tls.socket.in b/src/remote/libvirtd-tls.socket.in index c6dceb2d4e..868a0be318 100644 --- a/src/remote/libvirtd-tls.socket.in +++ b/src/remote/libvirtd-tls.socket.in @@ -1,12 +1,12 @@ [Unit] Description=@name@ TLS IP socket -Before=@service@.service -BindsTo=@service@.socket -After=@service@.socket +Before=libvirtd.service +BindsTo=libvirtd.socket +After=libvirtd.socket [Socket] ListenStream=16514 -Service=@service@.service +Service=libvirtd.service [Install] WantedBy=sockets.target diff --git a/src/remote/libvirtd.socket.in b/src/remote/libvirtd.socket.in index aec0708fd4..ea0554546a 100644 --- a/src/remote/libvirtd.socket.in +++ b/src/remote/libvirtd.socket.in @@ -1,10 +1,10 @@ [Unit] Description=@name@ local socket -Before=@service@.service +Before=libvirtd.service [Socket] -ListenStream=@runstatedir@/libvirt/@sockprefix@-sock -Service=@service@.service +ListenStream=@runstatedir@/libvirt/libvirt-sock +Service=libvirtd.service SocketMode=@sockmode@ RemoveOnStop=yes -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:24PM +0200, Andrea Bolognani wrote:
Up until now the files have been used as template for most services, but now that those have been converted to common templates we can drop parametrization and make it clear that these files are for libvirtd only.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/remote/libvirtd-admin.socket.in | 10 +++++----- src/remote/libvirtd-ro.socket.in | 10 +++++----- src/remote/libvirtd-tcp.socket.in | 8 ++++---- src/remote/libvirtd-tls.socket.in | 8 ++++---- src/remote/libvirtd.socket.in | 6 +++--- 5 files changed, 21 insertions(+), 21 deletions(-)
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

We want to make sure that, at any given time, we have either the modular daemons or the monolithic one running, never both. In order to achieve that, make every single modular unit conflict with the corresponding libvirtd unit. We set both Conflicts=libvirtd.unit and After=libvirtd.unit: this tells systemd that, whenever virtfood.unit and libvirtd.unit are part of the same transaction, the former should win out. Thanks to this, if both the modular daemons and the monolithic one have been enabled because of outdated automation or a simple mistake of the administrator, the request to start libvirtd at boot will be ignored and the result will be a regular modular deployment. If the request to start libvirtd is made when the modular daemons are already running, we have no way to prevent systemd from complying with that request; however, thanks to the way the conflict relationship has been declared, they will be shut down cleanly before libvirtd is started. From the user's point of view, the transition from modular to monolithic will be completely transparent: it's basically the same scenario as a regular package upgrade, just with an extra twist. Note that, while switching from modular to monolithic at runtime happens automatically, going back requires manual intervention, i.e. starting all the necessary sockets one by one. That's okay: the goal here is to prevent misconfiguration and force of habit to accidentally disrupt a working setup, not to encourage the scenario. In a correctly configured and managed host, it should never occur. Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> --- src/virtd-admin.socket.in | 2 ++ src/virtd-ro.socket.in | 2 ++ src/virtd-tcp.socket.in | 2 ++ src/virtd-tls.socket.in | 2 ++ src/virtd.service.in | 3 ++- src/virtd.socket.in | 2 ++ 6 files changed, 12 insertions(+), 1 deletion(-) diff --git a/src/virtd-admin.socket.in b/src/virtd-admin.socket.in index 39bb0badea..42cc1f670f 100644 --- a/src/virtd-admin.socket.in +++ b/src/virtd-admin.socket.in @@ -3,6 +3,8 @@ Description=@name@ admin socket Before=@service@.service BindsTo=@service@.socket After=@service@.socket +Conflicts=libvirtd-admin.socket +After=libvirtd-admin.socket [Socket] ListenStream=@runstatedir@/libvirt/@sockprefix@-admin-sock diff --git a/src/virtd-ro.socket.in b/src/virtd-ro.socket.in index b7b7ae0dd8..7b8cbdba20 100644 --- a/src/virtd-ro.socket.in +++ b/src/virtd-ro.socket.in @@ -3,6 +3,8 @@ Description=@name@ local read-only socket Before=@service@.service BindsTo=@service@.socket After=@service@.socket +Conflicts=libvirtd-ro.socket +After=libvirtd-ro.socket [Socket] ListenStream=@runstatedir@/libvirt/@sockprefix@-sock-ro diff --git a/src/virtd-tcp.socket.in b/src/virtd-tcp.socket.in index 7c8bcdb525..9fe90ed0a0 100644 --- a/src/virtd-tcp.socket.in +++ b/src/virtd-tcp.socket.in @@ -3,6 +3,8 @@ Description=@name@ non-TLS IP socket Before=@service@.service BindsTo=@service@.socket After=@service@.socket +Conflicts=libvirtd-tcp.socket +After=libvirtd-tcp.socket [Socket] ListenStream=16509 diff --git a/src/virtd-tls.socket.in b/src/virtd-tls.socket.in index c6dceb2d4e..bb89daddb5 100644 --- a/src/virtd-tls.socket.in +++ b/src/virtd-tls.socket.in @@ -3,6 +3,8 @@ Description=@name@ TLS IP socket Before=@service@.service BindsTo=@service@.socket After=@service@.socket +Conflicts=libvirtd-tls.socket +After=libvirtd-tls.socket [Socket] ListenStream=16514 diff --git a/src/virtd.service.in b/src/virtd.service.in index 76f9c60351..60ab122cbc 100644 --- a/src/virtd.service.in +++ b/src/virtd.service.in @@ -1,9 +1,10 @@ [Unit] Description=@name@ daemon -Conflicts=libvirtd.service Requires=@service@.socket Requires=@service@-ro.socket Requires=@service@-admin.socket +Conflicts=libvirtd.service +After=libvirtd.service After=network.target After=dbus.service After=apparmor.service diff --git a/src/virtd.socket.in b/src/virtd.socket.in index aec0708fd4..053dc1c782 100644 --- a/src/virtd.socket.in +++ b/src/virtd.socket.in @@ -1,6 +1,8 @@ [Unit] Description=@name@ local socket Before=@service@.service +Conflicts=libvirtd.socket +After=libvirtd.socket [Socket] ListenStream=@runstatedir@/libvirt/@sockprefix@-sock -- 2.41.0

This is the strongest relationship that can be declared between two units, and causes the service to be terminated immediately if its main socket disappears. This is the behavior we want. Note that we don't do the same for the read-only/admin sockets, because those are not as critical for the core functionality of services as the main socket it. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/locking/virtlockd.service.in | 3 ++- src/logging/virtlogd.service.in | 3 ++- src/virtd.service.in | 3 ++- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/src/locking/virtlockd.service.in b/src/locking/virtlockd.service.in index 9e91fa3261..35924a2ad7 100644 --- a/src/locking/virtlockd.service.in +++ b/src/locking/virtlockd.service.in @@ -1,7 +1,8 @@ [Unit] Description=Virtual machine lock manager -Requires=virtlockd.socket +BindsTo=virtlockd.socket Requires=virtlockd-admin.socket +After=virtlockd.socket Before=libvirtd.service Documentation=man:virtlockd(8) Documentation=https://libvirt.org diff --git a/src/logging/virtlogd.service.in b/src/logging/virtlogd.service.in index 97c942ffb0..79d34bc73e 100644 --- a/src/logging/virtlogd.service.in +++ b/src/logging/virtlogd.service.in @@ -1,7 +1,8 @@ [Unit] Description=Virtual machine log manager -Requires=virtlogd.socket +BindsTo=virtlogd.socket Requires=virtlogd-admin.socket +After=virtlogd.socket Before=libvirtd.service Documentation=man:virtlogd(8) Documentation=https://libvirt.org diff --git a/src/virtd.service.in b/src/virtd.service.in index 60ab122cbc..e7f08b4da9 100644 --- a/src/virtd.service.in +++ b/src/virtd.service.in @@ -1,8 +1,9 @@ [Unit] Description=@name@ daemon -Requires=@service@.socket +BindsTo=@service@.socket Requires=@service@-ro.socket Requires=@service@-admin.socket +After=@service@.socket Conflicts=libvirtd.service After=libvirtd.service After=network.target -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:26PM +0200, Andrea Bolognani wrote:
This is the strongest relationship that can be declared between two units, and causes the service to be terminated immediately if its main socket disappears. This is the behavior we want.
Note that we don't do the same for the read-only/admin sockets, because those are not as critical for the core functionality of services as the main socket it.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/locking/virtlockd.service.in | 3 ++- src/logging/virtlogd.service.in | 3 ++- src/virtd.service.in | 3 ++- 3 files changed, 6 insertions(+), 3 deletions(-)
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Only the main socket is actually necessary for the service to be usable. In the past, we've had security issues that could be exploited via access to the read-only socket, so a security-minded administrator might consider disabling all optional sockets. This change makes such a setup possible. Note that the services will still try to activate all their sockets on startup, even if they have been disabled. To make sure that the optional sockets are never started, they will have to be masked. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/locking/virtlockd.service.in | 2 +- src/logging/virtlogd.service.in | 2 +- src/virtd.service.in | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/locking/virtlockd.service.in b/src/locking/virtlockd.service.in index 35924a2ad7..fcf479c3c6 100644 --- a/src/locking/virtlockd.service.in +++ b/src/locking/virtlockd.service.in @@ -1,7 +1,7 @@ [Unit] Description=Virtual machine lock manager BindsTo=virtlockd.socket -Requires=virtlockd-admin.socket +Wants=virtlockd-admin.socket After=virtlockd.socket Before=libvirtd.service Documentation=man:virtlockd(8) diff --git a/src/logging/virtlogd.service.in b/src/logging/virtlogd.service.in index 79d34bc73e..3265ecd6af 100644 --- a/src/logging/virtlogd.service.in +++ b/src/logging/virtlogd.service.in @@ -1,7 +1,7 @@ [Unit] Description=Virtual machine log manager BindsTo=virtlogd.socket -Requires=virtlogd-admin.socket +Wants=virtlogd-admin.socket After=virtlogd.socket Before=libvirtd.service Documentation=man:virtlogd(8) diff --git a/src/virtd.service.in b/src/virtd.service.in index e7f08b4da9..f4f1bc217d 100644 --- a/src/virtd.service.in +++ b/src/virtd.service.in @@ -1,8 +1,8 @@ [Unit] Description=@name@ daemon BindsTo=@service@.socket -Requires=@service@-ro.socket -Requires=@service@-admin.socket +Wants=@service@-ro.socket +Wants=@service@-admin.socket After=@service@.socket Conflicts=libvirtd.service After=libvirtd.service -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:27PM +0200, Andrea Bolognani wrote:
Only the main socket is actually necessary for the service to be usable.
In the past, we've had security issues that could be exploited via access to the read-only socket, so a security-minded administrator might consider disabling all optional sockets. This change makes such a setup possible.
Note that the services will still try to activate all their sockets on startup, even if they have been disabled. To make sure that the optional sockets are never started, they will have to be masked.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/locking/virtlockd.service.in | 2 +- src/logging/virtlogd.service.in | 2 +- src/virtd.service.in | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-)
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Requires/Wants only tells systemd that the corresponding unit should be started when the current one is, but that could very well happen in parallel. For virtlogd/virtlockd, we want the socket to be already active when the hypervisor driver is started. Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> --- src/libxl/virtxend.service.extra.in | 1 + src/locking/virtlockd.service.in | 1 + src/logging/virtlogd.service.in | 1 + src/qemu/virtqemud.service.extra.in | 2 ++ src/remote/libvirtd.service.in | 7 ++++++- src/virtd.service.in | 2 ++ 6 files changed, 13 insertions(+), 1 deletion(-) diff --git a/src/libxl/virtxend.service.extra.in b/src/libxl/virtxend.service.extra.in index ba38ba9160..55783aa3d5 100644 --- a/src/libxl/virtxend.service.extra.in +++ b/src/libxl/virtxend.service.extra.in @@ -1,5 +1,6 @@ [Unit] Wants=virtlockd.socket +After=virtlockd.socket After=remote-fs.target After=xencommons.service Conflicts=xendomains.service diff --git a/src/locking/virtlockd.service.in b/src/locking/virtlockd.service.in index fcf479c3c6..e0a7040ad3 100644 --- a/src/locking/virtlockd.service.in +++ b/src/locking/virtlockd.service.in @@ -3,6 +3,7 @@ Description=Virtual machine lock manager BindsTo=virtlockd.socket Wants=virtlockd-admin.socket After=virtlockd.socket +After=virtlockd-admin.socket Before=libvirtd.service Documentation=man:virtlockd(8) Documentation=https://libvirt.org diff --git a/src/logging/virtlogd.service.in b/src/logging/virtlogd.service.in index 3265ecd6af..eab0d2c27c 100644 --- a/src/logging/virtlogd.service.in +++ b/src/logging/virtlogd.service.in @@ -3,6 +3,7 @@ Description=Virtual machine log manager BindsTo=virtlogd.socket Wants=virtlogd-admin.socket After=virtlogd.socket +After=virtlogd-admin.socket Before=libvirtd.service Documentation=man:virtlogd(8) Documentation=https://libvirt.org diff --git a/src/qemu/virtqemud.service.extra.in b/src/qemu/virtqemud.service.extra.in index eaf616f575..585e1e82eb 100644 --- a/src/qemu/virtqemud.service.extra.in +++ b/src/qemu/virtqemud.service.extra.in @@ -1,6 +1,8 @@ [Unit] Requires=virtlogd.socket Wants=virtlockd.socket +After=virtlogd.socket +After=virtlockd.socket Wants=systemd-machined.service After=systemd-machined.service After=remote-fs.target diff --git a/src/remote/libvirtd.service.in b/src/remote/libvirtd.service.in index 8839c00a15..a2c3c8f8fa 100644 --- a/src/remote/libvirtd.service.in +++ b/src/remote/libvirtd.service.in @@ -1,13 +1,18 @@ [Unit] Description=Virtualization daemon -Requires=virtlogd.socket # Use Wants instead of Requires so that users # can disable these three .socket units to revert # to a traditional non-activation deployment setup Wants=libvirtd.socket Wants=libvirtd-ro.socket Wants=libvirtd-admin.socket +After=libvirtd.socket +After=libvirtd-ro.socket +After=libvirtd-admin.socket +Requires=virtlogd.socket Wants=virtlockd.socket +After=virtlogd.socket +After=virtlockd.socket Wants=systemd-machined.service After=network.target After=dbus.service diff --git a/src/virtd.service.in b/src/virtd.service.in index f4f1bc217d..e1a5814b13 100644 --- a/src/virtd.service.in +++ b/src/virtd.service.in @@ -4,6 +4,8 @@ BindsTo=@service@.socket Wants=@service@-ro.socket Wants=@service@-admin.socket After=@service@.socket +After=@service@-ro.socket +After=@service@-admin.socket Conflicts=libvirtd.service After=libvirtd.service After=network.target -- 2.41.0

We have already declared the mirror relationship, so this one is now redundant. Moreover, this version was incomplete: it only ever worked for the monolithic daemon, but the modular daemons for QEMU and Xen also want the sockets to be active. Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> --- src/locking/virtlockd-admin.socket.in | 1 - src/locking/virtlockd.service.in | 1 - src/locking/virtlockd.socket.in | 1 - src/logging/virtlogd-admin.socket.in | 1 - src/logging/virtlogd.service.in | 1 - src/logging/virtlogd.socket.in | 1 - 6 files changed, 6 deletions(-) diff --git a/src/locking/virtlockd-admin.socket.in b/src/locking/virtlockd-admin.socket.in index c66e0f9693..d5ebd7f60b 100644 --- a/src/locking/virtlockd-admin.socket.in +++ b/src/locking/virtlockd-admin.socket.in @@ -1,6 +1,5 @@ [Unit] Description=Virtual machine lock manager admin socket -Before=libvirtd.service BindsTo=virtlockd.socket After=virtlockd.socket diff --git a/src/locking/virtlockd.service.in b/src/locking/virtlockd.service.in index e0a7040ad3..20b4b26f35 100644 --- a/src/locking/virtlockd.service.in +++ b/src/locking/virtlockd.service.in @@ -4,7 +4,6 @@ BindsTo=virtlockd.socket Wants=virtlockd-admin.socket After=virtlockd.socket After=virtlockd-admin.socket -Before=libvirtd.service Documentation=man:virtlockd(8) Documentation=https://libvirt.org diff --git a/src/locking/virtlockd.socket.in b/src/locking/virtlockd.socket.in index 4ce75391ae..d2cc2a06a3 100644 --- a/src/locking/virtlockd.socket.in +++ b/src/locking/virtlockd.socket.in @@ -1,6 +1,5 @@ [Unit] Description=Virtual machine lock manager socket -Before=libvirtd.service [Socket] ListenStream=@runstatedir@/libvirt/virtlockd-sock diff --git a/src/logging/virtlogd-admin.socket.in b/src/logging/virtlogd-admin.socket.in index 5c0fb1880e..67259803ca 100644 --- a/src/logging/virtlogd-admin.socket.in +++ b/src/logging/virtlogd-admin.socket.in @@ -1,6 +1,5 @@ [Unit] Description=Virtual machine log manager socket -Before=libvirtd.service BindsTo=virtlogd.socket After=virtlogd.socket diff --git a/src/logging/virtlogd.service.in b/src/logging/virtlogd.service.in index eab0d2c27c..776d753e9a 100644 --- a/src/logging/virtlogd.service.in +++ b/src/logging/virtlogd.service.in @@ -4,7 +4,6 @@ BindsTo=virtlogd.socket Wants=virtlogd-admin.socket After=virtlogd.socket After=virtlogd-admin.socket -Before=libvirtd.service Documentation=man:virtlogd(8) Documentation=https://libvirt.org diff --git a/src/logging/virtlogd.socket.in b/src/logging/virtlogd.socket.in index ff3e66e09b..7b3fc73773 100644 --- a/src/logging/virtlogd.socket.in +++ b/src/logging/virtlogd.socket.in @@ -1,6 +1,5 @@ [Unit] Description=Virtual machine log manager socket -Before=libvirtd.service [Socket] ListenStream=@runstatedir@/libvirt/virtlogd-sock -- 2.41.0

systemd will automatically infer this dependency based on the socket's Service=foo.service setting. Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> --- src/remote/libvirtd-admin.socket.in | 1 - src/remote/libvirtd-ro.socket.in | 1 - src/remote/libvirtd-tcp.socket.in | 1 - src/remote/libvirtd-tls.socket.in | 1 - src/remote/libvirtd.socket.in | 1 - src/virtd-admin.socket.in | 1 - src/virtd-ro.socket.in | 1 - src/virtd-tcp.socket.in | 1 - src/virtd-tls.socket.in | 1 - src/virtd.socket.in | 1 - 10 files changed, 10 deletions(-) diff --git a/src/remote/libvirtd-admin.socket.in b/src/remote/libvirtd-admin.socket.in index 8d927db63b..098e372971 100644 --- a/src/remote/libvirtd-admin.socket.in +++ b/src/remote/libvirtd-admin.socket.in @@ -1,6 +1,5 @@ [Unit] Description=@name@ admin socket -Before=libvirtd.service BindsTo=libvirtd.socket After=libvirtd.socket diff --git a/src/remote/libvirtd-ro.socket.in b/src/remote/libvirtd-ro.socket.in index cc10190ab4..101555e8a0 100644 --- a/src/remote/libvirtd-ro.socket.in +++ b/src/remote/libvirtd-ro.socket.in @@ -1,6 +1,5 @@ [Unit] Description=@name@ local read-only socket -Before=libvirtd.service BindsTo=libvirtd.socket After=libvirtd.socket diff --git a/src/remote/libvirtd-tcp.socket.in b/src/remote/libvirtd-tcp.socket.in index bc35f19c06..8b8fbcd01a 100644 --- a/src/remote/libvirtd-tcp.socket.in +++ b/src/remote/libvirtd-tcp.socket.in @@ -1,6 +1,5 @@ [Unit] Description=@name@ non-TLS IP socket -Before=libvirtd.service BindsTo=libvirtd.socket After=libvirtd.socket diff --git a/src/remote/libvirtd-tls.socket.in b/src/remote/libvirtd-tls.socket.in index 868a0be318..fefda22c6b 100644 --- a/src/remote/libvirtd-tls.socket.in +++ b/src/remote/libvirtd-tls.socket.in @@ -1,6 +1,5 @@ [Unit] Description=@name@ TLS IP socket -Before=libvirtd.service BindsTo=libvirtd.socket After=libvirtd.socket diff --git a/src/remote/libvirtd.socket.in b/src/remote/libvirtd.socket.in index ea0554546a..3019821df3 100644 --- a/src/remote/libvirtd.socket.in +++ b/src/remote/libvirtd.socket.in @@ -1,6 +1,5 @@ [Unit] Description=@name@ local socket -Before=libvirtd.service [Socket] ListenStream=@runstatedir@/libvirt/libvirt-sock diff --git a/src/virtd-admin.socket.in b/src/virtd-admin.socket.in index 42cc1f670f..63db2be5fe 100644 --- a/src/virtd-admin.socket.in +++ b/src/virtd-admin.socket.in @@ -1,6 +1,5 @@ [Unit] Description=@name@ admin socket -Before=@service@.service BindsTo=@service@.socket After=@service@.socket Conflicts=libvirtd-admin.socket diff --git a/src/virtd-ro.socket.in b/src/virtd-ro.socket.in index 7b8cbdba20..32e4789b8b 100644 --- a/src/virtd-ro.socket.in +++ b/src/virtd-ro.socket.in @@ -1,6 +1,5 @@ [Unit] Description=@name@ local read-only socket -Before=@service@.service BindsTo=@service@.socket After=@service@.socket Conflicts=libvirtd-ro.socket diff --git a/src/virtd-tcp.socket.in b/src/virtd-tcp.socket.in index 9fe90ed0a0..10480d64e3 100644 --- a/src/virtd-tcp.socket.in +++ b/src/virtd-tcp.socket.in @@ -1,6 +1,5 @@ [Unit] Description=@name@ non-TLS IP socket -Before=@service@.service BindsTo=@service@.socket After=@service@.socket Conflicts=libvirtd-tcp.socket diff --git a/src/virtd-tls.socket.in b/src/virtd-tls.socket.in index bb89daddb5..83a1e343bc 100644 --- a/src/virtd-tls.socket.in +++ b/src/virtd-tls.socket.in @@ -1,6 +1,5 @@ [Unit] Description=@name@ TLS IP socket -Before=@service@.service BindsTo=@service@.socket After=@service@.socket Conflicts=libvirtd-tls.socket diff --git a/src/virtd.socket.in b/src/virtd.socket.in index 053dc1c782..d0a0bb3b1c 100644 --- a/src/virtd.socket.in +++ b/src/virtd.socket.in @@ -1,6 +1,5 @@ [Unit] Description=@name@ local socket -Before=@service@.service Conflicts=libvirtd.socket After=libvirtd.socket -- 2.41.0

This results in all sockets for a service being enabled when a single one of them is. The -tcp and -tls sockets are intentionally excluded, because enabling them should require explicit action on the administrator's part; moreover, disabling them should not result in the local sockets being disabled too. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/locking/virtlockd-admin.socket.in | 1 + src/locking/virtlockd.socket.in | 1 + src/logging/virtlogd-admin.socket.in | 1 + src/logging/virtlogd.socket.in | 1 + src/remote/libvirtd-admin.socket.in | 2 ++ src/remote/libvirtd-ro.socket.in | 2 ++ src/remote/libvirtd.socket.in | 2 ++ src/virtd-admin.socket.in | 2 ++ src/virtd-ro.socket.in | 2 ++ src/virtd.socket.in | 2 ++ 10 files changed, 16 insertions(+) diff --git a/src/locking/virtlockd-admin.socket.in b/src/locking/virtlockd-admin.socket.in index d5ebd7f60b..d05ba982d9 100644 --- a/src/locking/virtlockd-admin.socket.in +++ b/src/locking/virtlockd-admin.socket.in @@ -10,3 +10,4 @@ SocketMode=0600 [Install] WantedBy=sockets.target +Also=virtlockd.socket diff --git a/src/locking/virtlockd.socket.in b/src/locking/virtlockd.socket.in index d2cc2a06a3..98aabb2511 100644 --- a/src/locking/virtlockd.socket.in +++ b/src/locking/virtlockd.socket.in @@ -8,3 +8,4 @@ SocketMode=0600 [Install] WantedBy=sockets.target +Also=virtlockd-admin.socket diff --git a/src/logging/virtlogd-admin.socket.in b/src/logging/virtlogd-admin.socket.in index 67259803ca..75ec7bd5fa 100644 --- a/src/logging/virtlogd-admin.socket.in +++ b/src/logging/virtlogd-admin.socket.in @@ -10,3 +10,4 @@ SocketMode=0600 [Install] WantedBy=sockets.target +Also=virtlogd.socket diff --git a/src/logging/virtlogd.socket.in b/src/logging/virtlogd.socket.in index 7b3fc73773..b044d62e7c 100644 --- a/src/logging/virtlogd.socket.in +++ b/src/logging/virtlogd.socket.in @@ -8,3 +8,4 @@ SocketMode=0600 [Install] WantedBy=sockets.target +Also=virtlogd-admin.socket diff --git a/src/remote/libvirtd-admin.socket.in b/src/remote/libvirtd-admin.socket.in index 098e372971..6df038d95a 100644 --- a/src/remote/libvirtd-admin.socket.in +++ b/src/remote/libvirtd-admin.socket.in @@ -10,3 +10,5 @@ SocketMode=0600 [Install] WantedBy=sockets.target +Also=libvirtd.socket +Also=libvirtd-ro.socket diff --git a/src/remote/libvirtd-ro.socket.in b/src/remote/libvirtd-ro.socket.in index 101555e8a0..6797517c50 100644 --- a/src/remote/libvirtd-ro.socket.in +++ b/src/remote/libvirtd-ro.socket.in @@ -10,3 +10,5 @@ SocketMode=0666 [Install] WantedBy=sockets.target +Also=libvirtd.socket +Also=libvirtd-admin.socket diff --git a/src/remote/libvirtd.socket.in b/src/remote/libvirtd.socket.in index 3019821df3..f483facdf3 100644 --- a/src/remote/libvirtd.socket.in +++ b/src/remote/libvirtd.socket.in @@ -9,3 +9,5 @@ RemoveOnStop=yes [Install] WantedBy=sockets.target +Also=libvirtd-ro.socket +Also=libvirtd-admin.socket diff --git a/src/virtd-admin.socket.in b/src/virtd-admin.socket.in index 63db2be5fe..5a5f577041 100644 --- a/src/virtd-admin.socket.in +++ b/src/virtd-admin.socket.in @@ -12,3 +12,5 @@ SocketMode=0600 [Install] WantedBy=sockets.target +Also=@service@.socket +Also=@service@-ro.socket diff --git a/src/virtd-ro.socket.in b/src/virtd-ro.socket.in index 32e4789b8b..692279665d 100644 --- a/src/virtd-ro.socket.in +++ b/src/virtd-ro.socket.in @@ -12,3 +12,5 @@ SocketMode=0666 [Install] WantedBy=sockets.target +Also=@service@.socket +Also=@service@-admin.socket diff --git a/src/virtd.socket.in b/src/virtd.socket.in index d0a0bb3b1c..7a8c4bf0c2 100644 --- a/src/virtd.socket.in +++ b/src/virtd.socket.in @@ -11,3 +11,5 @@ RemoveOnStop=yes [Install] WantedBy=sockets.target +Also=@service@-ro.socket +Also=@service@-admin.socket -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:31PM +0200, Andrea Bolognani wrote:
This results in all sockets for a service being enabled when a single one of them is.
The -tcp and -tls sockets are intentionally excluded, because enabling them should require explicit action on the administrator's part; moreover, disabling them should not result in the local sockets being disabled too.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/locking/virtlockd-admin.socket.in | 1 + src/locking/virtlockd.socket.in | 1 + src/logging/virtlogd-admin.socket.in | 1 + src/logging/virtlogd.socket.in | 1 + src/remote/libvirtd-admin.socket.in | 2 ++ src/remote/libvirtd-ro.socket.in | 2 ++ src/remote/libvirtd.socket.in | 2 ++ src/virtd-admin.socket.in | 2 ++ src/virtd-ro.socket.in | 2 ++ src/virtd.socket.in | 2 ++ 10 files changed, 16 insertions(+)
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Currently we only set this for the main sockets, which means that $ systemctl stop virtqemud.socket will make the socket disappear from the filesystem while $ systemctl stop virtqemud-ro.socket won't. Get rid of this inconsistency. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/locking/virtlockd-admin.socket.in | 1 + src/locking/virtlockd.socket.in | 1 + src/logging/virtlogd-admin.socket.in | 1 + src/logging/virtlogd.socket.in | 1 + src/remote/libvirtd-admin.socket.in | 1 + src/remote/libvirtd-ro.socket.in | 1 + src/virtd-admin.socket.in | 1 + src/virtd-ro.socket.in | 1 + 8 files changed, 8 insertions(+) diff --git a/src/locking/virtlockd-admin.socket.in b/src/locking/virtlockd-admin.socket.in index d05ba982d9..0452a0cfdb 100644 --- a/src/locking/virtlockd-admin.socket.in +++ b/src/locking/virtlockd-admin.socket.in @@ -7,6 +7,7 @@ After=virtlockd.socket ListenStream=@runstatedir@/libvirt/virtlockd-admin-sock Service=virtlockd.service SocketMode=0600 +RemoveOnStop=yes [Install] WantedBy=sockets.target diff --git a/src/locking/virtlockd.socket.in b/src/locking/virtlockd.socket.in index 98aabb2511..31a576aa16 100644 --- a/src/locking/virtlockd.socket.in +++ b/src/locking/virtlockd.socket.in @@ -5,6 +5,7 @@ Description=Virtual machine lock manager socket ListenStream=@runstatedir@/libvirt/virtlockd-sock Service=virtlockd.service SocketMode=0600 +RemoveOnStop=yes [Install] WantedBy=sockets.target diff --git a/src/logging/virtlogd-admin.socket.in b/src/logging/virtlogd-admin.socket.in index 75ec7bd5fa..ddb9a1393b 100644 --- a/src/logging/virtlogd-admin.socket.in +++ b/src/logging/virtlogd-admin.socket.in @@ -7,6 +7,7 @@ After=virtlogd.socket ListenStream=@runstatedir@/libvirt/virtlogd-admin-sock Service=virtlogd.service SocketMode=0600 +RemoveOnStop=yes [Install] WantedBy=sockets.target diff --git a/src/logging/virtlogd.socket.in b/src/logging/virtlogd.socket.in index b044d62e7c..084cbe179d 100644 --- a/src/logging/virtlogd.socket.in +++ b/src/logging/virtlogd.socket.in @@ -5,6 +5,7 @@ Description=Virtual machine log manager socket ListenStream=@runstatedir@/libvirt/virtlogd-sock Service=virtlogd.service SocketMode=0600 +RemoveOnStop=yes [Install] WantedBy=sockets.target diff --git a/src/remote/libvirtd-admin.socket.in b/src/remote/libvirtd-admin.socket.in index 6df038d95a..e0bbf9b1ac 100644 --- a/src/remote/libvirtd-admin.socket.in +++ b/src/remote/libvirtd-admin.socket.in @@ -7,6 +7,7 @@ After=libvirtd.socket ListenStream=@runstatedir@/libvirt/libvirt-admin-sock Service=libvirtd.service SocketMode=0600 +RemoveOnStop=yes [Install] WantedBy=sockets.target diff --git a/src/remote/libvirtd-ro.socket.in b/src/remote/libvirtd-ro.socket.in index 6797517c50..c8adc8109b 100644 --- a/src/remote/libvirtd-ro.socket.in +++ b/src/remote/libvirtd-ro.socket.in @@ -7,6 +7,7 @@ After=libvirtd.socket ListenStream=@runstatedir@/libvirt/libvirt-sock-ro Service=libvirtd.service SocketMode=0666 +RemoveOnStop=yes [Install] WantedBy=sockets.target diff --git a/src/virtd-admin.socket.in b/src/virtd-admin.socket.in index 5a5f577041..818d4ab84f 100644 --- a/src/virtd-admin.socket.in +++ b/src/virtd-admin.socket.in @@ -9,6 +9,7 @@ After=libvirtd-admin.socket ListenStream=@runstatedir@/libvirt/@sockprefix@-admin-sock Service=@service@.service SocketMode=0600 +RemoveOnStop=yes [Install] WantedBy=sockets.target diff --git a/src/virtd-ro.socket.in b/src/virtd-ro.socket.in index 692279665d..57b313e016 100644 --- a/src/virtd-ro.socket.in +++ b/src/virtd-ro.socket.in @@ -9,6 +9,7 @@ After=libvirtd-ro.socket ListenStream=@runstatedir@/libvirt/@sockprefix@-sock-ro Service=@service@.service SocketMode=0666 +RemoveOnStop=yes [Install] WantedBy=sockets.target -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:32PM +0200, Andrea Bolognani wrote:
Currently we only set this for the main sockets, which means that
$ systemctl stop virtqemud.socket
will make the socket disappear from the filesystem while
$ systemctl stop virtqemud-ro.socket
won't. Get rid of this inconsistency.
systemd recommands against using RemoveOnStop, on the basis that it is valid to keep the service running but stop the socket. We've used deps to ensure thats not possible though, so adding RemoveOnStop isn't creating problems we don't already have.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/locking/virtlockd-admin.socket.in | 1 + src/locking/virtlockd.socket.in | 1 + src/logging/virtlogd-admin.socket.in | 1 + src/logging/virtlogd.socket.in | 1 + src/remote/libvirtd-admin.socket.in | 1 + src/remote/libvirtd-ro.socket.in | 1 + src/virtd-admin.socket.in | 1 + src/virtd-ro.socket.in | 1 + 8 files changed, 8 insertions(+)
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Hypervisors are referred to by their user-facing name rather than the name of their libvirt driver, the monolithic daemon is explicitly referred to as legacy, and a consistent format is used throughout. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/ch/meson.build | 2 +- src/interface/meson.build | 2 +- src/libxl/meson.build | 2 +- src/locking/meson.build | 2 +- src/locking/virtlockd-admin.socket.in | 2 +- src/locking/virtlockd.service.in | 2 +- src/locking/virtlockd.socket.in | 2 +- src/logging/meson.build | 2 +- src/logging/virtlogd-admin.socket.in | 2 +- src/logging/virtlogd.service.in | 2 +- src/logging/virtlogd.socket.in | 2 +- src/lxc/meson.build | 2 +- src/network/meson.build | 2 +- src/node_device/meson.build | 2 +- src/nwfilter/meson.build | 2 +- src/qemu/meson.build | 2 +- src/remote/libvirtd-admin.socket.in | 2 +- src/remote/libvirtd-ro.socket.in | 2 +- src/remote/libvirtd-tcp.socket.in | 2 +- src/remote/libvirtd-tls.socket.in | 2 +- src/remote/libvirtd.service.in | 2 +- src/remote/libvirtd.socket.in | 2 +- src/remote/meson.build | 4 ++-- src/secret/meson.build | 2 +- src/storage/meson.build | 2 +- src/vbox/meson.build | 2 +- src/virtd-admin.socket.in | 2 +- src/virtd-ro.socket.in | 2 +- src/virtd-tcp.socket.in | 2 +- src/virtd-tls.socket.in | 2 +- src/virtd.service.in | 2 +- src/virtd.socket.in | 2 +- src/vz/meson.build | 2 +- 33 files changed, 34 insertions(+), 34 deletions(-) diff --git a/src/ch/meson.build b/src/ch/meson.build index 0ef7288257..df246ef9b0 100644 --- a/src/ch/meson.build +++ b/src/ch/meson.build @@ -57,7 +57,7 @@ if conf.has('WITH_CH') virt_daemon_units += { 'service': 'virtchd', - 'name': 'Libvirt ch', + 'name': 'Cloud Hypervisor', 'service_extra_in': files('virtchd.service.extra.in'), } diff --git a/src/interface/meson.build b/src/interface/meson.build index 54c0b1a935..b1617d83e6 100644 --- a/src/interface/meson.build +++ b/src/interface/meson.build @@ -44,7 +44,7 @@ if conf.has('WITH_INTERFACE') virt_daemon_units += { 'service': 'virtinterfaced', - 'name': 'Libvirt interface', + 'name': 'interface', } openrc_init_files += { diff --git a/src/libxl/meson.build b/src/libxl/meson.build index 171d6ca005..8e6f455139 100644 --- a/src/libxl/meson.build +++ b/src/libxl/meson.build @@ -66,7 +66,7 @@ if conf.has('WITH_LIBXL') virt_daemon_units += { 'service': 'virtxend', - 'name': 'Libvirt libxl', + 'name': 'Xen', 'service_extra_in': files('virtxend.service.extra.in'), 'socket_extra_in': files('virtxend.socket.extra.in'), } diff --git a/src/locking/meson.build b/src/locking/meson.build index 2ccc822ed3..6b3cd781d1 100644 --- a/src/locking/meson.build +++ b/src/locking/meson.build @@ -144,7 +144,7 @@ if conf.has('WITH_LIBVIRTD') virt_daemon_units += { 'service': 'virtlockd', 'service_in': files('virtlockd.service.in'), - 'name': 'Libvirt locking', + 'name': 'locking', 'sockets': [ 'main', 'admin' ], 'socket_in': files('virtlockd.socket.in'), 'socket_admin_in': files('virtlockd-admin.socket.in'), diff --git a/src/locking/virtlockd-admin.socket.in b/src/locking/virtlockd-admin.socket.in index 0452a0cfdb..ed5b94edba 100644 --- a/src/locking/virtlockd-admin.socket.in +++ b/src/locking/virtlockd-admin.socket.in @@ -1,5 +1,5 @@ [Unit] -Description=Virtual machine lock manager admin socket +Description=libvirt locking daemon admin socket BindsTo=virtlockd.socket After=virtlockd.socket diff --git a/src/locking/virtlockd.service.in b/src/locking/virtlockd.service.in index 20b4b26f35..290a2887a5 100644 --- a/src/locking/virtlockd.service.in +++ b/src/locking/virtlockd.service.in @@ -1,5 +1,5 @@ [Unit] -Description=Virtual machine lock manager +Description=libvirt locking daemon BindsTo=virtlockd.socket Wants=virtlockd-admin.socket After=virtlockd.socket diff --git a/src/locking/virtlockd.socket.in b/src/locking/virtlockd.socket.in index 31a576aa16..4eec90a95e 100644 --- a/src/locking/virtlockd.socket.in +++ b/src/locking/virtlockd.socket.in @@ -1,5 +1,5 @@ [Unit] -Description=Virtual machine lock manager socket +Description=libvirt locking daemon socket [Socket] ListenStream=@runstatedir@/libvirt/virtlockd-sock diff --git a/src/logging/meson.build b/src/logging/meson.build index 95d2ef2a3f..1527f91faf 100644 --- a/src/logging/meson.build +++ b/src/logging/meson.build @@ -91,7 +91,7 @@ if conf.has('WITH_LIBVIRTD') virt_daemon_units += { 'service': 'virtlogd', 'service_in': files('virtlogd.service.in'), - 'name': 'Libvirt logging', + 'name': 'logging', 'sockets': [ 'main', 'admin' ], 'socket_in': files('virtlogd.socket.in'), 'socket_admin_in': files('virtlogd-admin.socket.in'), diff --git a/src/logging/virtlogd-admin.socket.in b/src/logging/virtlogd-admin.socket.in index ddb9a1393b..7207878008 100644 --- a/src/logging/virtlogd-admin.socket.in +++ b/src/logging/virtlogd-admin.socket.in @@ -1,5 +1,5 @@ [Unit] -Description=Virtual machine log manager socket +Description=libvirt logging daemon admin socket BindsTo=virtlogd.socket After=virtlogd.socket diff --git a/src/logging/virtlogd.service.in b/src/logging/virtlogd.service.in index 776d753e9a..4289ef1cb4 100644 --- a/src/logging/virtlogd.service.in +++ b/src/logging/virtlogd.service.in @@ -1,5 +1,5 @@ [Unit] -Description=Virtual machine log manager +Description=libvirt logging daemon BindsTo=virtlogd.socket Wants=virtlogd-admin.socket After=virtlogd.socket diff --git a/src/logging/virtlogd.socket.in b/src/logging/virtlogd.socket.in index 084cbe179d..e1d6e30e4d 100644 --- a/src/logging/virtlogd.socket.in +++ b/src/logging/virtlogd.socket.in @@ -1,5 +1,5 @@ [Unit] -Description=Virtual machine log manager socket +Description=libvirt logging daemon socket [Socket] ListenStream=@runstatedir@/libvirt/virtlogd-sock diff --git a/src/lxc/meson.build b/src/lxc/meson.build index 84e6c313ea..5eb23fbbbf 100644 --- a/src/lxc/meson.build +++ b/src/lxc/meson.build @@ -164,7 +164,7 @@ if conf.has('WITH_LXC') virt_daemon_units += { 'service': 'virtlxcd', - 'name': 'Libvirt lxc', + 'name': 'LXC', 'service_extra_in': files('virtlxcd.service.extra.in'), } diff --git a/src/network/meson.build b/src/network/meson.build index ed7707c714..d0383cca1c 100644 --- a/src/network/meson.build +++ b/src/network/meson.build @@ -62,7 +62,7 @@ if conf.has('WITH_NETWORK') virt_daemon_units += { 'service': 'virtnetworkd', - 'name': 'Libvirt network', + 'name': 'network', 'service_extra_in': files('virtnetworkd.service.extra.in'), } diff --git a/src/node_device/meson.build b/src/node_device/meson.build index 2614ff8b9c..d1e349bc5e 100644 --- a/src/node_device/meson.build +++ b/src/node_device/meson.build @@ -52,7 +52,7 @@ if conf.has('WITH_NODE_DEVICES') virt_daemon_units += { 'service': 'virtnodedevd', - 'name': 'Libvirt nodedev', + 'name': 'nodedev', } openrc_init_files += { diff --git a/src/nwfilter/meson.build b/src/nwfilter/meson.build index c091bc3f1b..1b914f2360 100644 --- a/src/nwfilter/meson.build +++ b/src/nwfilter/meson.build @@ -50,7 +50,7 @@ if conf.has('WITH_NWFILTER') virt_daemon_units += { 'service': 'virtnwfilterd', - 'name': 'Libvirt nwfilter', + 'name': 'nwfilter', } openrc_init_files += { diff --git a/src/qemu/meson.build b/src/qemu/meson.build index 1afc301a6d..64c62e584f 100644 --- a/src/qemu/meson.build +++ b/src/qemu/meson.build @@ -183,7 +183,7 @@ if conf.has('WITH_QEMU') virt_daemon_units += { 'service': 'virtqemud', - 'name': 'Libvirt qemu', + 'name': 'QEMU', 'service_extra_in': files('virtqemud.service.extra.in'), } diff --git a/src/remote/libvirtd-admin.socket.in b/src/remote/libvirtd-admin.socket.in index e0bbf9b1ac..37efc11357 100644 --- a/src/remote/libvirtd-admin.socket.in +++ b/src/remote/libvirtd-admin.socket.in @@ -1,5 +1,5 @@ [Unit] -Description=@name@ admin socket +Description=libvirt legacy monolithic daemon admin socket BindsTo=libvirtd.socket After=libvirtd.socket diff --git a/src/remote/libvirtd-ro.socket.in b/src/remote/libvirtd-ro.socket.in index c8adc8109b..6e1fad2272 100644 --- a/src/remote/libvirtd-ro.socket.in +++ b/src/remote/libvirtd-ro.socket.in @@ -1,5 +1,5 @@ [Unit] -Description=@name@ local read-only socket +Description=libvirt legacy monolithic daemon read-only socket BindsTo=libvirtd.socket After=libvirtd.socket diff --git a/src/remote/libvirtd-tcp.socket.in b/src/remote/libvirtd-tcp.socket.in index 8b8fbcd01a..9bdb47285e 100644 --- a/src/remote/libvirtd-tcp.socket.in +++ b/src/remote/libvirtd-tcp.socket.in @@ -1,5 +1,5 @@ [Unit] -Description=@name@ non-TLS IP socket +Description=libvirt legacy monolithic daemon non-TLS IP socket BindsTo=libvirtd.socket After=libvirtd.socket diff --git a/src/remote/libvirtd-tls.socket.in b/src/remote/libvirtd-tls.socket.in index fefda22c6b..3b10c3e4c2 100644 --- a/src/remote/libvirtd-tls.socket.in +++ b/src/remote/libvirtd-tls.socket.in @@ -1,5 +1,5 @@ [Unit] -Description=@name@ TLS IP socket +Description=libvirt legacy monolithic daemon TLS IP socket BindsTo=libvirtd.socket After=libvirtd.socket diff --git a/src/remote/libvirtd.service.in b/src/remote/libvirtd.service.in index a2c3c8f8fa..9e303f29c8 100644 --- a/src/remote/libvirtd.service.in +++ b/src/remote/libvirtd.service.in @@ -1,5 +1,5 @@ [Unit] -Description=Virtualization daemon +Description=libvirt legacy monolithic daemon # Use Wants instead of Requires so that users # can disable these three .socket units to revert # to a traditional non-activation deployment setup diff --git a/src/remote/libvirtd.socket.in b/src/remote/libvirtd.socket.in index f483facdf3..9cd37dc766 100644 --- a/src/remote/libvirtd.socket.in +++ b/src/remote/libvirtd.socket.in @@ -1,5 +1,5 @@ [Unit] -Description=@name@ local socket +Description=libvirt legacy monolithic daemon socket [Socket] ListenStream=@runstatedir@/libvirt/libvirt-sock diff --git a/src/remote/meson.build b/src/remote/meson.build index 5ee6d4e61c..e14541f09e 100644 --- a/src/remote/meson.build +++ b/src/remote/meson.build @@ -191,7 +191,7 @@ if conf.has('WITH_REMOTE') virt_daemon_units += { 'service': 'libvirtd', 'service_in': files('libvirtd.service.in'), - 'name': 'Libvirt', + 'name': 'legacy monolithic', 'sockprefix': 'libvirt', 'sockets': [ 'main', 'ro', 'admin', 'tcp', 'tls' ], 'socket_in': files('libvirtd.socket.in'), @@ -224,7 +224,7 @@ if conf.has('WITH_REMOTE') virt_daemon_units += { 'service': 'virtproxyd', - 'name': 'Libvirt proxy', + 'name': 'proxy', 'sockprefix': 'libvirt', 'sockets': [ 'main', 'ro', 'admin', 'tcp', 'tls' ], } diff --git a/src/secret/meson.build b/src/secret/meson.build index e05b46abea..791ce1a024 100644 --- a/src/secret/meson.build +++ b/src/secret/meson.build @@ -33,7 +33,7 @@ if conf.has('WITH_SECRETS') virt_daemon_units += { 'service': 'virtsecretd', - 'name': 'Libvirt secret', + 'name': 'secret', } openrc_init_files += { diff --git a/src/storage/meson.build b/src/storage/meson.build index fb7feea81d..023353c1d6 100644 --- a/src/storage/meson.build +++ b/src/storage/meson.build @@ -111,7 +111,7 @@ if conf.has('WITH_STORAGE') virt_daemon_units += { 'service': 'virtstoraged', - 'name': 'Libvirt storage', + 'name': 'storage', 'service_extra_in': files('virtstoraged.service.extra.in'), } diff --git a/src/vbox/meson.build b/src/vbox/meson.build index ee6efbdb42..a72c1833f1 100644 --- a/src/vbox/meson.build +++ b/src/vbox/meson.build @@ -57,7 +57,7 @@ if conf.has('WITH_VBOX') virt_daemon_units += { 'service': 'virtvboxd', - 'name': 'Libvirt vbox', + 'name': 'VirtualBox', 'service_extra_in': files('virtvboxd.service.extra.in'), } diff --git a/src/virtd-admin.socket.in b/src/virtd-admin.socket.in index 818d4ab84f..63eabd70f8 100644 --- a/src/virtd-admin.socket.in +++ b/src/virtd-admin.socket.in @@ -1,5 +1,5 @@ [Unit] -Description=@name@ admin socket +Description=libvirt @name@ daemon admin socket BindsTo=@service@.socket After=@service@.socket Conflicts=libvirtd-admin.socket diff --git a/src/virtd-ro.socket.in b/src/virtd-ro.socket.in index 57b313e016..3284af5a4a 100644 --- a/src/virtd-ro.socket.in +++ b/src/virtd-ro.socket.in @@ -1,5 +1,5 @@ [Unit] -Description=@name@ local read-only socket +Description=libvirt @name@ daemon read-only socket BindsTo=@service@.socket After=@service@.socket Conflicts=libvirtd-ro.socket diff --git a/src/virtd-tcp.socket.in b/src/virtd-tcp.socket.in index 10480d64e3..f58cb0b358 100644 --- a/src/virtd-tcp.socket.in +++ b/src/virtd-tcp.socket.in @@ -1,5 +1,5 @@ [Unit] -Description=@name@ non-TLS IP socket +Description=libvirt @name@ daemon non-TLS IP socket BindsTo=@service@.socket After=@service@.socket Conflicts=libvirtd-tcp.socket diff --git a/src/virtd-tls.socket.in b/src/virtd-tls.socket.in index 83a1e343bc..135bf6e137 100644 --- a/src/virtd-tls.socket.in +++ b/src/virtd-tls.socket.in @@ -1,5 +1,5 @@ [Unit] -Description=@name@ TLS IP socket +Description=libvirt @name@ daemon TLS IP socket BindsTo=@service@.socket After=@service@.socket Conflicts=libvirtd-tls.socket diff --git a/src/virtd.service.in b/src/virtd.service.in index e1a5814b13..91ac4478bd 100644 --- a/src/virtd.service.in +++ b/src/virtd.service.in @@ -1,5 +1,5 @@ [Unit] -Description=@name@ daemon +Description=libvirt @name@ daemon BindsTo=@service@.socket Wants=@service@-ro.socket Wants=@service@-admin.socket diff --git a/src/virtd.socket.in b/src/virtd.socket.in index 7a8c4bf0c2..502c792e7d 100644 --- a/src/virtd.socket.in +++ b/src/virtd.socket.in @@ -1,5 +1,5 @@ [Unit] -Description=@name@ local socket +Description=libvirt @name@ daemon socket Conflicts=libvirtd.socket After=libvirtd.socket diff --git a/src/vz/meson.build b/src/vz/meson.build index 842cdb6136..ce2cbae454 100644 --- a/src/vz/meson.build +++ b/src/vz/meson.build @@ -48,7 +48,7 @@ if conf.has('WITH_VZ') virt_daemon_units += { 'service': 'virtvzd', - 'name': 'Libvirt vz', + 'name': 'vz', 'service_extra_in': files('virtvzd.service.extra.in'), } -- 2.41.0

On Wed, Sep 27, 2023 at 06:19:33PM +0200, Andrea Bolognani wrote:
Hypervisors are referred to by their user-facing name rather than the name of their libvirt driver, the monolithic daemon is explicitly referred to as legacy, and a consistent format is used throughout.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/ch/meson.build | 2 +- src/interface/meson.build | 2 +- src/libxl/meson.build | 2 +- src/locking/meson.build | 2 +- src/locking/virtlockd-admin.socket.in | 2 +- src/locking/virtlockd.service.in | 2 +- src/locking/virtlockd.socket.in | 2 +- src/logging/meson.build | 2 +- src/logging/virtlogd-admin.socket.in | 2 +- src/logging/virtlogd.service.in | 2 +- src/logging/virtlogd.socket.in | 2 +- src/lxc/meson.build | 2 +- src/network/meson.build | 2 +- src/node_device/meson.build | 2 +- src/nwfilter/meson.build | 2 +- src/qemu/meson.build | 2 +- src/remote/libvirtd-admin.socket.in | 2 +- src/remote/libvirtd-ro.socket.in | 2 +- src/remote/libvirtd-tcp.socket.in | 2 +- src/remote/libvirtd-tls.socket.in | 2 +- src/remote/libvirtd.service.in | 2 +- src/remote/libvirtd.socket.in | 2 +- src/remote/meson.build | 4 ++-- src/secret/meson.build | 2 +- src/storage/meson.build | 2 +- src/vbox/meson.build | 2 +- src/virtd-admin.socket.in | 2 +- src/virtd-ro.socket.in | 2 +- src/virtd-tcp.socket.in | 2 +- src/virtd-tls.socket.in | 2 +- src/virtd.service.in | 2 +- src/virtd.socket.in | 2 +- src/vz/meson.build | 2 +- 33 files changed, 34 insertions(+), 34 deletions(-)
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

Like the Description, these are intended to be displayed to the user, so it makes sense to have them towards the top of the file before all the information that systemd will parse to calculate dependencies. Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> --- src/locking/virtlockd.service.in | 4 ++-- src/logging/virtlogd.service.in | 4 ++-- src/remote/libvirtd.service.in | 4 ++-- src/virtd.service.in | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/src/locking/virtlockd.service.in b/src/locking/virtlockd.service.in index 290a2887a5..ce00b6def9 100644 --- a/src/locking/virtlockd.service.in +++ b/src/locking/virtlockd.service.in @@ -1,11 +1,11 @@ [Unit] Description=libvirt locking daemon +Documentation=man:virtlockd(8) +Documentation=https://libvirt.org/ BindsTo=virtlockd.socket Wants=virtlockd-admin.socket After=virtlockd.socket After=virtlockd-admin.socket -Documentation=man:virtlockd(8) -Documentation=https://libvirt.org [Service] Type=notify diff --git a/src/logging/virtlogd.service.in b/src/logging/virtlogd.service.in index 4289ef1cb4..52c9e5bb9e 100644 --- a/src/logging/virtlogd.service.in +++ b/src/logging/virtlogd.service.in @@ -1,11 +1,11 @@ [Unit] Description=libvirt logging daemon +Documentation=man:virtlogd(8) +Documentation=https://libvirt.org/ BindsTo=virtlogd.socket Wants=virtlogd-admin.socket After=virtlogd.socket After=virtlogd-admin.socket -Documentation=man:virtlogd(8) -Documentation=https://libvirt.org [Service] Type=notify diff --git a/src/remote/libvirtd.service.in b/src/remote/libvirtd.service.in index 9e303f29c8..24a6712b75 100644 --- a/src/remote/libvirtd.service.in +++ b/src/remote/libvirtd.service.in @@ -1,5 +1,7 @@ [Unit] Description=libvirt legacy monolithic daemon +Documentation=man:libvirtd(8) +Documentation=https://libvirt.org/ # Use Wants instead of Requires so that users # can disable these three .socket units to revert # to a traditional non-activation deployment setup @@ -22,8 +24,6 @@ After=remote-fs.target After=systemd-machined.service After=xencommons.service Conflicts=xendomains.service -Documentation=man:libvirtd(8) -Documentation=https://libvirt.org [Service] Type=notify diff --git a/src/virtd.service.in b/src/virtd.service.in index 91ac4478bd..651a8d82d7 100644 --- a/src/virtd.service.in +++ b/src/virtd.service.in @@ -1,5 +1,7 @@ [Unit] Description=libvirt @name@ daemon +Documentation=man:@service@(8) +Documentation=https://libvirt.org/ BindsTo=@service@.socket Wants=@service@-ro.socket Wants=@service@-admin.socket @@ -11,8 +13,6 @@ After=libvirtd.service After=network.target After=dbus.service After=apparmor.service -Documentation=man:@service@(8) -Documentation=https://libvirt.org [Service] Type=notify -- 2.41.0
participants (2)
-
Andrea Bolognani
-
Daniel P. Berrangé