Date: Sun, 20 Dec 2015 02:08:38 +0000 (UTC) From: Roman Bogorodskiy <novel@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r404037 - in head/devel/libvirt: . files Message-ID: <201512200208.tBK28cWK039800@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: novel Date: Sun Dec 20 02:08:38 2015 New Revision: 404037 URL: https://svnweb.freebsd.org/changeset/ports/404037 Log: devel/libvirt: version update and security fix - update to 1.3.0 - add fix for CVE-2015-5313 - improve sample file renaming to do that by moving files in post-install rather than patching Makefiles - add an rc script for the new virtlogd daemon. It is required for the qemu driver if you have stdio_handler = "logd" in qemu.conf (default) Security: CVE-2015-5313 Added: head/devel/libvirt/files/patch-CVE-2015-5313 (contents, props changed) head/devel/libvirt/files/virtlogd.in (contents, props changed) Modified: head/devel/libvirt/Makefile head/devel/libvirt/distinfo head/devel/libvirt/files/libvirtd.in head/devel/libvirt/pkg-plist Modified: head/devel/libvirt/Makefile ============================================================================== --- head/devel/libvirt/Makefile Sat Dec 19 23:53:41 2015 (r404036) +++ head/devel/libvirt/Makefile Sun Dec 20 02:08:38 2015 (r404037) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= libvirt -PORTVERSION= 1.2.21 +PORTVERSION= 1.3.0 CATEGORIES= devel MASTER_SITES= http://libvirt.org/sources/ \ ftp://libvirt.org/libvirt/ @@ -58,7 +58,7 @@ XEN_LIB_DEPENDS= libxenlight.so:${PORTSD VARDIR= /var -USE_RC_SUBR= libvirtd +USE_RC_SUBR= libvirtd virtlogd GNU_CONFIGURE= yes CONFIGURE_ARGS+= --without-avahi \ @@ -86,7 +86,7 @@ CPE_VENDOR= redhat USE_PERL5= build USE_LDCONFIG= yes INSTALL_TARGET= install-strip -SHLIB_VER= 0.1002.${PORTVERSION:E} +SHLIB_VER= 0.1003.${PORTVERSION:E} PLIST_SUB+= PORTVERSION="-${PORTVERSION}" \ SHLIB_VER=${SHLIB_VER} PORTDOCS= * @@ -99,36 +99,20 @@ SUB_FILES= pkg-message PLIST_SUB+= XEN="@comment " .endif -post-patch: - @${MV} ${WRKSRC}/daemon/libvirtd.conf ${WRKSRC}/daemon/libvirtd.conf.sample - @${REINPLACE_CMD} -e 's|libvirtd\.conf|libvirtd.conf.sample|' \ - ${WRKSRC}/daemon/Makefile.in +CONF_FILES= \ + libvirt-admin.conf \ + libvirt.conf \ + libvirtd.conf \ + libxl.conf \ + qemu.conf \ + virtlockd.conf \ + virtlogd.conf +post-patch: @${REINPLACE_CMD} -e 's|ln -s ../default.xml|true|' \ -e 's|$$(DESTDIR)$$(confdir)/qemu/networks|${STAGEDIR}${EXAMPLESDIR}/networks|' \ ${WRKSRC}/src/Makefile.in - @${MV} ${WRKSRC}/src/libvirt.conf ${WRKSRC}/src/libvirt.conf.sample - @${REINPLACE_CMD} -e 's|conf_DATA = libvirt.conf|conf_DATA = libvirt.conf.sample|' \ - ${WRKSRC}/src/Makefile.in - - @${MV} ${WRKSRC}/src/locking/virtlockd.conf ${WRKSRC}/src/locking/virtlockd.conf.sample - @${REINPLACE_CMD} -e 's|virtlockd.conf |virtlockd.conf.sample |' \ - -e 's|virtlockd.conf$$|virtlockd.conf.sample|' \ - ${WRKSRC}/src/Makefile.in - - @${MV} ${WRKSRC}/src/qemu/qemu.conf ${WRKSRC}/src/qemu/qemu.conf.sample - @${REINPLACE_CMD} -e 's|qemu.conf |qemu.conf.sample |' \ - ${WRKSRC}/src/Makefile.in - @${REINPLACE_CMD} -e 's|qemu.conf$$|qemu.conf.sample|' \ - ${WRKSRC}/src/Makefile.in - - @${MV} ${WRKSRC}/src/libxl/libxl.conf ${WRKSRC}/src/libxl/libxl.conf.sample - @${REINPLACE_CMD} -e 's|libxl.conf |libxl.conf.sample |' \ - ${WRKSRC}/src/Makefile.in - @${REINPLACE_CMD} -e 's|libxl.conf$$|libxl.conf.sample|' \ - ${WRKSRC}/src/Makefile.in - @${REINPLACE_CMD} -e 's|cp $$(DESTDIR)|cp -f $$(DESTDIR)|' \ ${WRKSRC}/src/Makefile.in @@ -157,6 +141,12 @@ post-install: @${MKDIR} "${STAGEDIR}/${VARDIR}/${dir}" .endfor +.for file in ${CONF_FILES} + @if test -f ${STAGEDIR}${ETCDIR}/${file}; then \ + ${MV} ${STAGEDIR}${ETCDIR}/${file} \ + ${STAGEDIR}${ETCDIR}/${file}.sample; fi +.endfor + regression-test: build @cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} ${MAKE_CMD} check Modified: head/devel/libvirt/distinfo ============================================================================== --- head/devel/libvirt/distinfo Sat Dec 19 23:53:41 2015 (r404036) +++ head/devel/libvirt/distinfo Sun Dec 20 02:08:38 2015 (r404037) @@ -1,2 +1,2 @@ -SHA256 (libvirt-1.2.21.tar.gz) = 8d406582f5fe88d739d1d83e0ba7ac7f91f5a8da4be82162ab85631744d8925b -SIZE (libvirt-1.2.21.tar.gz) = 29848954 +SHA256 (libvirt-1.3.0.tar.gz) = ebcf5645fa565e3fe2fe94a86e841db9b768cf0e0a7e6cf395c6327f9a23bd64 +SIZE (libvirt-1.3.0.tar.gz) = 30114683 Modified: head/devel/libvirt/files/libvirtd.in ============================================================================== --- head/devel/libvirt/files/libvirtd.in Sat Dec 19 23:53:41 2015 (r404036) +++ head/devel/libvirt/files/libvirtd.in Sun Dec 20 02:08:38 2015 (r404037) @@ -3,7 +3,7 @@ # $FreeBSD$ # # PROVIDE: libvirtd -# REQUIRE: LOGIN +# REQUIRE: LOGIN virtlogd # KEYWORD: shutdown # # Add the following line to /etc/rc.conf[.local] to enable libvirtd. Added: head/devel/libvirt/files/patch-CVE-2015-5313 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/devel/libvirt/files/patch-CVE-2015-5313 Sun Dec 20 02:08:38 2015 (r404037) @@ -0,0 +1,26 @@ +--- src/storage/storage_backend_fs.c ++++ src/storage/storage_backend_fs.c +@@ -1,7 +1,7 @@ + /* + * storage_backend_fs.c: storage backend for FS and directory handling + * +- * Copyright (C) 2007-2014 Red Hat, Inc. ++ * Copyright (C) 2007-2015 Red Hat, Inc. + * Copyright (C) 2007-2008 Daniel P. Berrange + * + * This library is free software; you can redistribute it and/or +@@ -1057,6 +1057,14 @@ virStorageBackendFileSystemVolCreate(virConnectPtr conn ATTRIBUTE_UNUSED, + else + vol->type = VIR_STORAGE_VOL_FILE; + ++ /* Volumes within a directory pools are not recursive; do not ++ * allow escape to ../ or a subdir */ ++ if (strchr(vol->name, '/')) { ++ virReportError(VIR_ERR_OPERATION_INVALID, ++ _("volume name '%s' cannot contain '/'"), vol->name); ++ return -1; ++ } ++ + VIR_FREE(vol->target.path); + if (virAsprintf(&vol->target.path, "%s/%s", + pool->def->target.path, Added: head/devel/libvirt/files/virtlogd.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/devel/libvirt/files/virtlogd.in Sun Dec 20 02:08:38 2015 (r404037) @@ -0,0 +1,31 @@ +#!/bin/sh + +# $FreeBSD$ +# +# PROVIDE: virlogd +# REQUIRE: LOGIN +# KEYWORD: shutdown +# +# Add the following line to /etc/rc.conf[.local] to enable virtlogd. +# +# virtlogd_enable (bool): Set to 'YES' to enable +# Default: NO +# + +. /etc/rc.subr + +name=virtlogd +rcvar=virtlogd_enable + +load_rc_config $name + +command=%%PREFIX%%/sbin/virtlogd +pidfile=/var/run/${name}.pid + +command_args="--daemon --pid-file=${pidfile}" + +: ${virtlogd_enable:="NO"} + +PATH="${PATH}:/usr/local/sbin:/usr/local/bin" + +run_rc_command "$1" Modified: head/devel/libvirt/pkg-plist ============================================================================== --- head/devel/libvirt/pkg-plist Sat Dec 19 23:53:41 2015 (r404036) +++ head/devel/libvirt/pkg-plist Sun Dec 20 02:08:38 2015 (r404037) @@ -1,16 +1,21 @@ bin/virsh +bin/virt-admin bin/virt-host-validate bin/virt-pki-validate bin/virt-xml-validate man/man1/virsh.1.gz +man/man1/virt-admin.1.gz +man/man1/virt-host-validate.1.gz man/man1/virt-pki-validate.1.gz man/man1/virt-xml-validate.1.gz -man/man1/virt-host-validate.1.gz man/man8/libvirtd.8.gz man/man8/virtlockd.8.gz +man/man8/virtlogd.8.gz +@sample %%ETCDIR%%/libvirt-admin.conf.sample @sample %%ETCDIR%%/libvirt.conf.sample @sample %%ETCDIR%%/libvirtd.conf.sample @sample %%ETCDIR%%/virtlockd.conf.sample +@sample %%ETCDIR%%/virtlogd.conf.sample %%EXAMPLESDIR%%/networks/default.xml %%QEMU%%@sample %%ETCDIR%%/qemu.conf.sample %%XEN%%@sample %%ETCDIR%%/libxl.conf.sample @@ -21,20 +26,21 @@ etc/logrotate.d/libvirtd.lxc etc/logrotate.d/libvirtd.qemu etc/logrotate.d/libvirtd.uml etc/logrotate.d/libvirtd.libxl -include/libvirt/libvirt-lxc.h -include/libvirt/libvirt-qemu.h -include/libvirt/libvirt-host.h -include/libvirt/libvirt.h +include/libvirt/libvirt-common.h include/libvirt/libvirt-domain-snapshot.h include/libvirt/libvirt-domain.h include/libvirt/libvirt-event.h +include/libvirt/libvirt-host.h include/libvirt/libvirt-interface.h +include/libvirt/libvirt-lxc.h include/libvirt/libvirt-network.h include/libvirt/libvirt-nodedev.h include/libvirt/libvirt-nwfilter.h +include/libvirt/libvirt-qemu.h include/libvirt/libvirt-secret.h include/libvirt/libvirt-storage.h include/libvirt/libvirt-stream.h +include/libvirt/libvirt.h include/libvirt/virterror.h lib/libvirt/lock-driver/lockd.so lib/libvirt-admin.so @@ -57,13 +63,16 @@ libexec/libvirt_iohelper libexec/libvirt_leaseshelper sbin/libvirtd sbin/virtlockd +sbin/virtlogd share/augeas/lenses/libvirt_lockd.aug share/augeas/lenses/libvirtd.aug share/augeas/lenses/virtlockd.aug +share/augeas/lenses/virtlogd.aug %%QEMU%%share/augeas/lenses/libvirtd_qemu.aug %%QEMU%%share/augeas/lenses/tests/test_libvirt_lockd.aug share/augeas/lenses/tests/test_libvirtd.aug share/augeas/lenses/tests/test_virtlockd.aug +share/augeas/lenses/tests/test_virtlogd.aug %%QEMU%%share/augeas/lenses/tests/test_libvirtd_qemu.aug %%XEN%%share/augeas/lenses/libvirtd_libxl.aug %%XEN%%share/augeas/lenses/tests/test_libvirtd_libxl.aug
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201512200208.tBK28cWK039800>