* [Buildroot] [PATCH v9 1/3] package/libvirt: new package
@ 2021-06-11 14:07 Jared Bents
2021-06-11 14:07 ` [Buildroot] [PATCH v9 2/3] package/libvirt: add daemon libvirtd Jared Bents
` (2 more replies)
0 siblings, 3 replies; 6+ messages in thread
From: Jared Bents @ 2021-06-11 14:07 UTC (permalink / raw
To: buildroot
Libvirt is collection of software that provides a convenient way to
manage virtual machines and other virtualization functionality, such as
storage and network interface management. These software pieces include
an API library, a daemon (libvirtd), and a command line utility (virsh).
http://libvirt.org/
Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
--
History:
v1: primitive package, for experimental purposes only
v1->v2:
- Clarify dependence on !BR2_TOOLCHAIN_USES_MUSL
- Add run-time dependence on dnsmask
- Add dependence on eudev and libpciaccess when eudev is selected
(thus detected by configure).
v2->v3:
- Condition the use of libtirpc to !BR2_TOOLCHAIN_HAS_NATIVE_RPC
- Check for BR2_PACKAGE_HAS_UDEV instead of BR2_PACKAGE_EUDEV
v3->v4:
- Fix version history :-).
- Add optional dependency on several packages (e.g. attr, libpcap),
depending on wether they are selected or not, and explicitly disable
features whose required packages are not selected. This is very
important to prevent selection of features based on leaks from the
host environment (e.g. finding /usr/bin/numad on the host machine).
- Enable the "interface" driver if either udev or netcf is available.
- Disable pm-utils support, since there is no package for Buildroot.
- Use either openssl or gnutls, if available.
- Run qemu as user "qemu", group "kvm", not as root.
- Add a LIBVIRT_USERS variable to create user "qemu" an group "kvm".
- Add a device table file to set the ownership and permissions of the
libvirt directories under /etc, /run and /var.
- If udev is not available, add an init script to set the ownership
and permissions of /dev/kvm to root:kvm and 0660; otherwise create a
corresponding /etc/udev/rules.d/90-kvm.rules file.
- Enable support for systemd, if applicable; otherwise install an init
script to start/stop/restart libvirtd.
- Ensure that a modern netcat is available.
v4->v5:
- Changed SOB, since I don't work for DATACOM anymore.
- Bump to version 5.8.0.
- Add hash for license file.
- Drop OpenSSL options, since it's not supported anymore.
- Use https to access libvirt.org, since http is always redirected to
https.
- Make libvirt daemon optional. If not selected, build only the client
utilities. Reorganize run-time dependencies accordingly.
- Load all vfio modules on startup, if they exist, otherwise virtual
machines that depend on the PCI Passthrough feature fail to load.
vfio-pci is not enough. Other modules, like vfio_iommu_type1, may be
necessary.
- Fix stopping dnsmasq in start/stop script. dnsmasq is not always
started by libvirtd, so we must chech if it is running before
attempting to stop it.
- Move /etc/libvirt/{qemu,secrets,storage} to /var/lib/libvirt. It may
be necessary to create persistent files (e.g. VM definitions) in
these directories. Move them to /var/lib because /etc may be on a
read-only or volatile (initramfs) filesystem. We could tweak the
code to change these paths but the patch would be large and would
break compatibility with ordinary installations and with the
documentation.
- Prevent an error message if pid file dissappears. start-stop-daemon
sends a TERM signal to the process but does not wait for its
termination, so we may reach rm_stale_pidfile while libvirtd.pid
still exists but execute the cat command when the file is already
gone, which leads cat to show an error message. We could use the
'--retry' option to wait for the process termination but it is not
supported by BusyBox. Let's just send the error messages to
/dev/null and attempt to remove the file if any command fails, since
'rm -f' does nothing if the file does not exist.
- Move device table creation to LIBVIRT_DEVICES instead of using the
device_table.txt file.
- Select libseccomp to enable seccomp support in qemu, as required by
libvirt.
- Select hwdata (pci.ids). It is required by libvirt to show device
names when we use virtual machine manager to add hardware via PCI
passthrough, otherwise only the PCI bus information (slot, port,
function) is shown.
- Add systemd support.
- Restrict to libvirt with udev support. Drop netcf usage, which
requires a new package and is hard to test. Support for non-udev
systems will be added later.
- Remove package/libvirt/S30devkvmperms
- Fine-tune the configuration and pass host/target executable paths
in ac_cv_path_* variables via LIBVIRT_CONF_ENV.
- Use LIBVIRT_PERMISSIONS to set directory permissions.
- Drop hook to set user/group in /etc/libvirt/qemu.conf, since it's
not necessary.
- Pull two upstream patches that fix building with musl.
- Do not check for executables existence in the startup script.
- Use separate init scripts for virtlogd and libvirtd. Make them
compliant to the current pattern (as much as possible).
- Do not start/stop virtlockd, since it is controlled by libvirtd.
v5->v6:
- Remove stray '\' in S91virtlogd
Signed-off-by: Carlos Santos <unixmania@gmail.com>
v6->v7:
- Carlos Santos is no longer contributing to buildroot.
- Adjusted handling of bash-completion to add dependency if it is
enabled.
- Bump to version 6.4.0
v7->v8
- Bump to version 7.0.0
- Update to mason package type.
- Split off daemon, qemu, and lxc to separate patches within the
series due to feedback on being a large patch in an effort to
allow the base part of libvirt to get added while providing the
other portions for review.
v8->v9
- Bump to version 7.4.0
- Update to add host-python-docutils as dependency
Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
---
DEVELOPERS | 3 +
package/Config.in | 1 +
package/libvirt/90-kvm.rules | 1 +
package/libvirt/Config.in | 42 +++++++
package/libvirt/libvirt.hash | 3 +
package/libvirt/libvirt.mk | 212 +++++++++++++++++++++++++++++++++++
6 files changed, 262 insertions(+)
create mode 100644 package/libvirt/90-kvm.rules
create mode 100644 package/libvirt/Config.in
create mode 100644 package/libvirt/libvirt.hash
create mode 100644 package/libvirt/libvirt.mk
diff --git a/DEVELOPERS b/DEVELOPERS
index 0ab898d94d..ef4ff17cc4 100644
--- a/DEVELOPERS
+++ b/DEVELOPERS
@@ -1264,6 +1264,9 @@ F: package/python-pexpect/
F: package/python-ptyprocess/
F: package/zynq-boot-bin/
+N: Jared Bents <jared.bents@rockwellcollins.com>
+F: package/libvirt/
+
N: Jarkko Sakkinen <jarkko.sakkinen@intel.com>
F: package/quota/
diff --git a/package/Config.in b/package/Config.in
index e42f579494..70ba782a2f 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -2463,6 +2463,7 @@ menu "System tools"
source "package/kmod/Config.in"
source "package/kvmtool/Config.in"
source "package/libostree/Config.in"
+ source "package/libvirt/Config.in"
source "package/lxc/Config.in"
source "package/makedumpfile/Config.in"
source "package/mender/Config.in"
diff --git a/package/libvirt/90-kvm.rules b/package/libvirt/90-kvm.rules
new file mode 100644
index 0000000000..5145c27e79
--- /dev/null
+++ b/package/libvirt/90-kvm.rules
@@ -0,0 +1 @@
+KERNEL=="kvm", OWNER="root", GROUP="kvm", MODE="0660"
diff --git a/package/libvirt/Config.in b/package/libvirt/Config.in
new file mode 100644
index 0000000000..f7999fea88
--- /dev/null
+++ b/package/libvirt/Config.in
@@ -0,0 +1,42 @@
+config BR2_PACKAGE_LIBVIRT
+ bool "libvirt"
+ depends on BR2_USE_MMU # fork()
+ depends on BR2_aarch64 || BR2_i386 || BR2_x86_64
+ depends on BR2_PACKAGE_HAS_UDEV
+ depends on !BR2_STATIC_LIBS
+ depends on BR2_USE_WCHAR
+ depends on BR2_TOOLCHAIN_HAS_THREADS
+ depends on BR2_USE_WCHAR
+ select BR2_PACKAGE_GNUTLS
+ select BR2_PACKAGE_LIBTIRPC
+ select BR2_PACKAGE_ZLIB
+ # configure: You must install the pciaccess module to build with udev
+ select BR2_PACKAGE_LIBPCIACCESS
+ select BR2_PACKAGE_LIBXML2
+ # run-time dependencies
+ select BR2_PACKAGE_CGROUPFS_MOUNT if !BR2_INIT_SYSTEMD
+ help
+ Libvirt is collection of software that provides a convenient
+ way to manage virtual machines and other virtualization
+ functionality, such as storage and network interface
+ management. These software pieces include an API library, a
+ daemon (libvirtd), and a command line utility (virsh).
+
+ https://libvirt.org/
+
+comment "libvirt needs udev /dev management"
+ depends on BR2_USE_MMU
+ depends on BR2_PACKAGE_LIBVIRT_ARCH_SUPPORTS
+ depends on !BR2_PACKAGE_HAS_UDEV
+
+comment "libvirt needs a toolchain w/ headers >= 3.12"
+ depends on BR2_USE_MMU
+ depends on BR2_PACKAGE_HAS_UDEV
+ depends on !BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_12
+
+comment "libvirt needs a toolchain w/ threads, dynamic library"
+ depends on BR2_USE_MMU
+ depends on BR2_PACKAGE_HAS_UDEV
+ depends on !BR2_PACKAGE_NETCAT
+ depends on BR2_STATIC_LIBS || !BR2_USE_MMU || \
+ !BR2_TOOLCHAIN_HAS_THREADS
diff --git a/package/libvirt/libvirt.hash b/package/libvirt/libvirt.hash
new file mode 100644
index 0000000000..ec96dfc62c
--- /dev/null
+++ b/package/libvirt/libvirt.hash
@@ -0,0 +1,3 @@
+# locally computed
+sha256 b366d73dee6ce77a226bedef592e0620ceb8e22e5998f60768017f79fc4ead26 libvirt-7.4.0.tar.xz
+sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
diff --git a/package/libvirt/libvirt.mk b/package/libvirt/libvirt.mk
new file mode 100644
index 0000000000..b2c9eebbfe
--- /dev/null
+++ b/package/libvirt/libvirt.mk
@@ -0,0 +1,212 @@
+################################################################################
+#
+# libvirt
+#
+################################################################################
+
+LIBVIRT_VERSION = 7.4.0
+LIBVIRT_SITE = https://libvirt.org/sources
+LIBVIRT_SOURCE = libvirt-$(LIBVIRT_VERSION).tar.xz
+LIBVIRT_LICENSE = LGPL-2.1+
+LIBVIRT_LICENSE_FILES = COPYING
+LIBVIRT_DEPENDENCIES = host-nfs-utils host-pkgconf host-python-docutils gnutls libglib2 libpciaccess libtirpc libxml2 udev zlib
+
+LIBVIRT_CONF_ENV += \
+ CFLAGS="$(TARGET_CFLAGS) `$(PKG_CONFIG_HOST_BINARY) --cflags libtirpc`" \
+ LIBS="`$(PKG_CONFIG_HOST_BINARY) --libs libtirpc`"
+
+LIBVIRT_CONF_OPTS = \
+ -Drpath=disabled \
+ -Dapparmor=disabled \
+ -Ddriver_bhyve=disabled \
+ -Ddriver_esx=disabled \
+ -Ddriver_hyperv=disabled \
+ -Ddriver_interface=enabled \
+ -Ddriver_libxl=disabled \
+ -Ddriver_lxc=disabled \
+ -Ddriver_network=disabled \
+ -Ddriver_openvz=disabled \
+ -Ddriver_qemu=disabled \
+ -Ddriver_remote=enabled \
+ -Ddriver_secrets=enabled \
+ -Ddriver_vmware=disabled \
+ -Ddriver_vbox=disabled \
+ -Ddriver_vz=disabled \
+ -Ddtrace=disabled \
+ -Dfirewalld=disabled \
+ -Dfirewalld_zone=disabled \
+ -Dglusterfs=disabled \
+ -Dhost_validate=enabled \
+ -Dinit_script=$(if $(BR2_INIT_SYSTEMD),systemd,none) \
+ -Dlibssh=disabled \
+ -Dlibvirtd=disabled \
+ -Dlogin_shell=disabled \
+ -Dnetcf=disabled \
+ -Dnss=disabled \
+ -Dnumad=disabled \
+ -Dopenwsman=disabled \
+ -Dpciaccess=enabled \
+ -Dpm_utils=disabled \
+ -Dsanlock=disabled \
+ -Dsasl=disabled \
+ -Dsecdriver_apparmor=disabled \
+ -Dssh2=disabled \
+ -Dstorage_mpath=disabled \
+ -Dstorage_iscsi=disabled \
+ -Dstorage_iscsi_direct=disabled \
+ -Dsysctl_config=enabled \
+ -Dtest_coverage=false \
+ -Dudev=enabled \
+ -Dwireshark_dissector=disabled
+
+ifeq ($(BR2_PACKAGE_ATTR),y)
+LIBVIRT_CONF_OPTS += -Dattr=enabled
+LIBVIRT_DEPENDENCIES += attr
+else
+LIBVIRT_CONF_OPTS += -Dattr=disabled
+endif
+
+ifeq ($(BR2_PACKAGE_AUDIT),y)
+LIBVIRT_CONF_OPTS += -Daudit=enabled
+LIBVIRT_DEPENDENCIES += audit
+else
+LIBVIRT_CONF_OPTS += -Daudit=disabled
+endif
+
+ifeq ($(BR2_PACKAGE_BASH_COMPLETION),y)
+LIBVIRT_CONF_OPTS += -Dbash_completion=enabled
+LIBVIRT_DEPENDENCIES += bash-completion
+else
+LIBVIRT_CONF_OPTS += -Dbash_completion=disabled
+endif
+
+ifeq ($(BR2_PACKAGE_UTIL_LINUX_LIBBLKID),y)
+LIBVIRT_CONF_OPTS += -Dblkid=enabled
+LIBVIRT_DEPENDENCIES += util-linux
+else
+LIBVIRT_CONF_OPTS += -Dblkid=disabled
+endif
+
+ifeq ($(BR2_PACKAGE_LIBCAP_NG),y)
+LIBVIRT_CONF_OPTS += -Dcapng=enabled
+LIBVIRT_DEPENDENCIES += libcap-ng
+else
+LIBVIRT_CONF_OPTS += -Dcapng=disabled
+endif
+
+ifeq ($(BR2_PACKAGE_LIBCURL),y)
+LIBVIRT_CONF_OPTS += -Dcurl=enabled
+LIBVIRT_DEPENDENCIES += libcurl
+else
+LIBVIRT_CONF_OPTS += -Dcurl=disabled
+endif
+
+ifeq ($(BR2_PACKAGE_LIBFUSE),y)
+LIBVIRT_CONF_OPTS += -Dfuse=enabled
+LIBVIRT_DEPENDENCIES += libfuse
+else
+LIBVIRT_CONF_OPTS += -Dfuse=disabled
+endif
+
+ifeq ($(BR2_PACKAGE_LIBISCSI),y)
+LIBVIRT_CONF_OPTS += -Dlibiscsi=enabled
+LIBVIRT_DEPENDENCIES += libiscsi
+else
+LIBVIRT_CONF_OPTS += -Dlibiscsi=disabled
+endif
+
+ifeq ($(BR2_PACKAGE_LIBPCAP),y)
+LIBVIRT_CONF_OPTS += -Dlibpcap=enabled
+LIBVIRT_DEPENDENCIES += libpcap
+else
+LIBVIRT_CONF_OPTS += -Dlibpcap=disabled
+endif
+
+ifeq ($(BR2_PACKAGE_NUMACTL),y)
+LIBVIRT_CONF_OPTS += -Dnumactl=enabled
+LIBVIRT_DEPENDENCIES += numactl
+else
+LIBVIRT_CONF_OPTS += -Dnumactl=disabled
+endif
+
+ifeq ($(BR2_PACKAGE_POLKIT),y)
+LIBVIRT_CONF_OPTS += -Dpolkit=enabled
+LIBVIRT_DEPENDENCIES += polkit
+else
+LIBVIRT_CONF_OPTS += -Dpolkit=disabled
+endif
+
+ifeq ($(BR2_PACKAGE_READLINE),y)
+LIBVIRT_CONF_OPTS += -Dreadline=enabled
+LIBVIRT_DEPENDENCIES += readline
+else
+LIBVIRT_CONF_OPTS += -Dreadline=disabled
+endif
+
+ifeq ($(BR2_PACKAGE_LIBSELINUX),y)
+LIBVIRT_CONF_OPTS += -Dselinux=enabled -Dsecdriver_selinux=enabled \
+ -Dselinux_mount=/sys/fs/selinux
+LIBVIRT_DEPENDENCIES += libselinux
+else
+LIBVIRT_CONF_OPTS += -Dselinux=disabled -Dsecdriver_selinux=disabled
+endif
+
+ifeq ($(BR2_PACKAGE_LVM2),y)
+LIBVIRT_CONF_OPTS += -Dstorage_lvm=enabled
+LIBVIRT_DEPENDENCIES += lvm2
+else
+LIBVIRT_CONF_OPTS += -Dstorage_lvm=disabled
+endif
+
+ifeq ($(BR2_PACKAGE_YAJL),y)
+LIBVIRT_CONF_OPTS += -Dyajl=enabled
+LIBVIRT_DEPENDENCIES += yajl
+else
+LIBVIRT_CONF_OPTS += -Dyajl=disabled
+endif
+
+define LIBVIRT_INSTALL_UDEV_RULES
+ $(INSTALL) -D -m 644 package/libvirt/90-kvm.rules \
+ $(TARGET_DIR)/etc/udev/rules.d/90-kvm.rules
+endef
+LIBVIRT_POST_INSTALL_TARGET_HOOKS += LIBVIRT_INSTALL_UDEV_RULES
+
+# Adjust diretory ownerships and permissions. Notice /var/log is a symlink to
+# /tmp in the default sysvinit skeleton, so some directories may disappear at
+# run-time. Set the permissions anyway, since they are valid for the default
+# systemd skeleton.
+define LIBVIRT_PERMISSIONS
+ /etc/libvirt d 700 root root - - - - -
+ /etc/libvirt/nwfilter d 700 root root - - - - -
+ /var/lib/libvirt d 755 root root - - - - -
+ /var/lib/libvirt/boot d 711 root root - - - - -
+ /var/lib/libvirt/dnsmasq d 755 root root - - - - -
+ /var/lib/libvirt/filesystems d 711 root root - - - - -
+ /var/lib/libvirt/images d 711 root root - - - - -
+ /var/lib/libvirt/network d 700 root root - - - - -
+ /var/lib/libvirt/secrets d 700 root root - - - - -
+ /var/lib/libvirt/storage d 755 root root - - - - -
+ /var/lib/libvirt/storage/autostart d 755 root root - - - - -
+ /var/cache/libvirt d 711 root root - - - - -
+ /var/log/libvirt d 700 root root - - - - -
+ /var/log/swtpm d 755 root root - - - - -
+ /var/log/swtpm/libvirt d 755 root root - - - - -
+endef
+
+# libvirt may need to create persistent files (e.g. VM definitions) in these
+# directories. Move them to /var/lib because /etc may be on a read-only or
+# volatile (initramfs) filesystem. We could tweak the code to change these
+# paths but the patch would be large and would break compatibility with
+# ordinary installations and with the documentation.
+define LIBVIRT_CREATE_SYMLINKS
+ $(INSTALL) -m 700 -d $(TARGET_DIR)/etc/libvirt
+ $(INSTALL) -m 755 -d $(TARGET_DIR)/var/lib/libvirt
+ $(INSTALL) -m 700 -d $(TARGET_DIR)/var/lib/libvirt/secrets
+ $(INSTALL) -m 755 -d $(TARGET_DIR)/var/lib/libvirt/storage
+ ln -s -f ../../var/lib/libvirt/secrets $(TARGET_DIR)/etc/libvirt/
+ ln -s -f ../../var/lib/libvirt/storage $(TARGET_DIR)/etc/libvirt/
+endef
+
+LIBVIRT_PRE_INSTALL_TARGET_HOOKS += LIBVIRT_CREATE_SYMLINKS
+
+$(eval $(meson-package))
--
2.17.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [Buildroot] [PATCH v9 2/3] package/libvirt: add daemon libvirtd
2021-06-11 14:07 [Buildroot] [PATCH v9 1/3] package/libvirt: new package Jared Bents
@ 2021-06-11 14:07 ` Jared Bents
2021-07-22 20:59 ` Arnout Vandecappelle
2021-06-11 14:07 ` [Buildroot] [PATCH v9 3/3] package/libvirt: add lxc and qemu options Jared Bents
2021-07-22 20:48 ` [Buildroot] [PATCH v9 1/3] package/libvirt: new package Arnout Vandecappelle
2 siblings, 1 reply; 6+ messages in thread
From: Jared Bents @ 2021-06-11 14:07 UTC (permalink / raw
To: buildroot
Update to add the libvirtd daemon for libvirt
Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
--
History:
v8:
- Split off from patch adding libvirt
v8->v9:
- N/A
---
package/libvirt/Config.in | 20 ++++++
package/libvirt/S91virtlogd | 65 ++++++++++++++++++
package/libvirt/S92libvirtd | 132 ++++++++++++++++++++++++++++++++++++
package/libvirt/libvirt.mk | 49 +++++++++++--
4 files changed, 260 insertions(+), 6 deletions(-)
create mode 100644 package/libvirt/S91virtlogd
create mode 100644 package/libvirt/S92libvirtd
diff --git a/package/libvirt/Config.in b/package/libvirt/Config.in
index f7999fea88..ae5c8aac8a 100644
--- a/package/libvirt/Config.in
+++ b/package/libvirt/Config.in
@@ -24,6 +24,26 @@ config BR2_PACKAGE_LIBVIRT
https://libvirt.org/
+if BR2_PACKAGE_LIBVIRT
+
+config BR2_PACKAGE_LIBVIRT_DAEMON
+ bool "libvirtd"
+ default y
+ select BR2_PACKAGE_BUSYBOX_SHOW_OTHERS
+ select BR2_PACKAGE_DNSMASQ
+ select BR2_PACKAGE_EBTABLES
+ select BR2_PACKAGE_IPTABLES
+ select BR2_PACKAGE_IPROUTE2
+ # These are required because there is no way to unequivocally select a modern netcat
+ select BR2_PACKAGE_NMAP if !BR2_PACKAGE_NETCAT_OPENBSD
+ select BR2_PACKAGE_NMAP_NCAT if !BR2_PACKAGE_NETCAT_OPENBSD
+ select BR2_PACKAGE_RADVD
+ help
+ Build the libvirt daemon (libvirtd) otherwise build only the
+ utility programs.
+
+endif
+
comment "libvirt needs udev /dev management"
depends on BR2_USE_MMU
depends on BR2_PACKAGE_LIBVIRT_ARCH_SUPPORTS
diff --git a/package/libvirt/S91virtlogd b/package/libvirt/S91virtlogd
new file mode 100644
index 0000000000..03d17b5dbd
--- /dev/null
+++ b/package/libvirt/S91virtlogd
@@ -0,0 +1,65 @@
+#!/bin/sh
+
+DAEMON="virtlogd"
+EXECFILE="/usr/sbin/$DAEMON"
+PIDFILE="/var/run/$DAEMON.pid"
+
+VIRTLOGD_ARGS=""
+
+# shellcheck source=/dev/null
+[ -r "/etc/default/$DAEMON" ] && . "/etc/default/$DAEMON"
+
+start() {
+ printf 'Starting %s: ' "$DAEMON"
+ # shellcheck disable=SC2086 # we need the word splitting
+ start-stop-daemon -S -q -p "$PIDFILE" -x "$EXECFILE" \
+ -- -d $VIRTLOGD_ARGS
+ status=$?
+ if [ "$status" -eq 0 ]; then
+ echo "OK"
+ else
+ echo "FAIL"
+ fi
+ return "$status"
+}
+
+stop() {
+ printf 'Stopping %s: ' "$DAEMON"
+ start-stop-daemon -K -q -p "$PIDFILE" -x "$EXECFILE"
+ status=$?
+ if [ "$status" -eq 0 ]; then
+ echo "OK"
+ else
+ echo "FAIL"
+ fi
+ return "$status"
+}
+
+restart() {
+ stop
+ sleep 1
+ start
+}
+
+# On receipt of SIGUSR1 virtlogd will re-exec() its binary, while maintaining
+# all current logs and clients. This allows for live upgrades of the virtlogd
+# service.
+reload() {
+ printf 'Reloading %s: ' "$DAEMON"
+ start-stop-daemon -K -s USR1 -q -p "$PIDFILE" -x "$EXECFILE"
+ status=$?
+ if [ "$status" -eq 0 ]; then
+ echo "OK"
+ else
+ echo "FAIL"
+ fi
+ return "$status"
+}
+
+case "$1" in
+ start|stop|restart|reload)
+ "$1";;
+ *)
+ echo "Usage: $0 {start|stop|restart|reload}"
+ exit 1
+esac
diff --git a/package/libvirt/S92libvirtd b/package/libvirt/S92libvirtd
new file mode 100644
index 0000000000..736519f3d0
--- /dev/null
+++ b/package/libvirt/S92libvirtd
@@ -0,0 +1,132 @@
+#!/bin/sh
+
+DAEMON="libvirtd"
+EXECFILE="/usr/sbin/$DAEMON"
+PIDFILE="/var/run/$DAEMON.pid"
+
+LIBVIRTD_ARGS=""
+
+# shellcheck source=/dev/null
+[ -r "/etc/default/$DAEMON" ] && . "/etc/default/$DAEMON"
+
+trap 'rm -f "$TMP_MODULE_LIST" "$TMP_PIDFILE_LIST"' EXIT
+
+is_alive() {
+ [ -e "$1" ] \
+ && exe="/proc/$(cat "$1" 2>/dev/null)/exe" \
+ && [ -s "$exe" ] \
+ && [ "$(readlink -f "$exe")" = "$2" ]
+}
+
+load_modules() {
+ printf 'Loading kernel modules: '
+ kver="$(uname -r)"
+ TMP_MODULE_LIST="$(mktemp -q)" || {
+ echo 'FAIL creating temporary modules list'
+ exit 1
+ }
+ [ -d "/lib/modules/$kver/kernel/drivers/net" ] && \
+ find "/lib/modules/$kver/kernel/drivers/net" \
+ -name "tun.ko*" >> "$TMP_MODULE_LIST"
+ [ -d "/lib/modules/$kver/kernel/drivers/vhost" ] && \
+ find "/lib/modules/$kver/kernel/drivers/vhost" \
+ -name "vhost?net.ko*" >> "$TMP_MODULE_LIST"
+ [ -d "/lib/modules/$kver/kernel/drivers/net" ] && \
+ find "/lib/modules/$kver/kernel/drivers/vfio" \
+ -name "*.ko*" >> "$TMP_MODULE_LIST"
+ while read -r f; do
+ m="$(basename "${f%.ko*}")"
+ if modprobe -q "$m"; then
+ printf '%s ' "$m"
+ else
+ echo "FAIL on $m"
+ exit 1
+ fi
+ done < "$TMP_MODULE_LIST"
+ echo "OK"
+}
+
+#
+# If libvirtd dies it leves behind one stale dnsmasq per virtual network that
+# must be killed before starting libvirtd again.
+#
+rm_stale_dnsmasq() {
+ [ -d /var/run/libvirt/network ] || return 0
+ TMP_PIDFILE_LIST="$(mktemp -q)" || {
+ echo "Could not create temporary pidfile list"
+ exit 1
+ }
+ find /var/run/libvirt/network -name '*.pid' > "$TMP_PIDFILE_LIST"
+ while read -r pidfile; do
+ if is_alive "$pidfile" /usr/sbin/dnsmasq; then
+ start-stop-daemon -K -q -p "$pidfile" -x /usr/sbin/dnsmasq
+ status=$?
+ if [ "$status" -ne 0 ]; then
+ echo "Could not stop stale dnsmasq daemons"
+ exit 1
+ fi
+ rm -f "$pidfile"
+ fi
+ done < "$TMP_PIDFILE_LIST"
+}
+
+start() {
+ if is_alive "$PIDFILE" "$EXECFILE"; then
+ # libvirtd is already running. Leave it alone.
+ printf 'Starting %s: FAIL\n' "$DAEMON"
+ return 1
+ fi
+ rm_stale_dnsmasq
+ load_modules
+ printf 'Starting %s: ' "$DAEMON"
+ # shellcheck disable=SC2086 # we need the word splitting
+ start-stop-daemon -S -q -p "$PIDFILE" -x "$EXECFILE" \
+ -- -d $LIBVIRTD_ARGS
+ status=$?
+ if [ "$status" -eq 0 ]; then
+ echo "OK"
+ else
+ echo "FAIL"
+ fi
+ return "$status"
+}
+
+stop() {
+ printf 'Stopping %s: ' "$DAEMON"
+ start-stop-daemon -K -q -p "$PIDFILE" -x "$EXECFILE"
+ status=$?
+ if [ "$status" -eq 0 ]; then
+ rm_stale_dnsmasq
+ echo "OK"
+ else
+ echo "FAIL"
+ fi
+ return "$status"
+}
+
+restart() {
+ stop
+ sleep 1
+ start
+}
+
+# On receipt of SIGHUP libvirtd will reload its configuration.
+reload() {
+ printf 'Reloading %s: ' "$DAEMON"
+ start-stop-daemon -K -s HUP -q -p "$PIDFILE" -x "$EXECFILE"
+ status=$?
+ if [ "$status" -eq 0 ]; then
+ echo "OK"
+ else
+ echo "FAIL"
+ fi
+ return "$status"
+}
+
+case "$1" in
+ start|stop|restart|reload)
+ "$1";;
+ *)
+ echo "Usage: $0 {start|stop|restart|reload}"
+ exit 1
+esac
diff --git a/package/libvirt/libvirt.mk b/package/libvirt/libvirt.mk
index b2c9eebbfe..8cc77f3c0e 100644
--- a/package/libvirt/libvirt.mk
+++ b/package/libvirt/libvirt.mk
@@ -24,7 +24,6 @@ LIBVIRT_CONF_OPTS = \
-Ddriver_interface=enabled \
-Ddriver_libxl=disabled \
-Ddriver_lxc=disabled \
- -Ddriver_network=disabled \
-Ddriver_openvz=disabled \
-Ddriver_qemu=disabled \
-Ddriver_remote=enabled \
@@ -38,19 +37,14 @@ LIBVIRT_CONF_OPTS = \
-Dglusterfs=disabled \
-Dhost_validate=enabled \
-Dinit_script=$(if $(BR2_INIT_SYSTEMD),systemd,none) \
- -Dlibssh=disabled \
- -Dlibvirtd=disabled \
-Dlogin_shell=disabled \
-Dnetcf=disabled \
- -Dnss=disabled \
-Dnumad=disabled \
-Dopenwsman=disabled \
-Dpciaccess=enabled \
-Dpm_utils=disabled \
-Dsanlock=disabled \
- -Dsasl=disabled \
-Dsecdriver_apparmor=disabled \
- -Dssh2=disabled \
-Dstorage_mpath=disabled \
-Dstorage_iscsi=disabled \
-Dstorage_iscsi_direct=disabled \
@@ -122,6 +116,28 @@ else
LIBVIRT_CONF_OPTS += -Dlibpcap=disabled
endif
+ifeq ($(BR2_PACKAGE_LIBVIRT_DAEMON)$(BR2_PACKAGE_LIBSSH),yy)
+LIBVIRT_CONF_OPTS += -Dlibssh=enabled
+LIBVIRT_DEPENDENCIES += libssh
+else
+LIBVIRT_CONF_OPTS += -Dlibssh=disabled
+endif
+
+# Network is used by daemon, only
+ifeq ($(BR2_PACKAGE_LIBVIRT_DAEMON),y)
+LIBVIRT_CONF_OPTS += -Dlibvirtd=enabled -Ddriver_network=enabled
+else
+LIBVIRT_CONF_OPTS += -Dlibvirtd=disabled -Ddriver_network=disabled
+endif
+
+# Can't build nss plugin without network
+ifeq ($(BR2_PACKAGE_LIBVIRT_DAEMON)$(BR2_PACKAGE_LIBNSS),yy)
+LIBVIRT_CONF_OPTS += -Dnss=enabled
+LIBVIRT_DEPENDENCIES += libnss
+else
+LIBVIRT_CONF_OPTS += -Dnss=disabled
+endif
+
ifeq ($(BR2_PACKAGE_NUMACTL),y)
LIBVIRT_CONF_OPTS += -Dnumactl=enabled
LIBVIRT_DEPENDENCIES += numactl
@@ -143,6 +159,13 @@ else
LIBVIRT_CONF_OPTS += -Dreadline=disabled
endif
+ifeq ($(BR2_PACKAGE_LIBVIRT_DAEMON)$(BR2_PACKAGE_LIBGSASL),yy)
+LIBVIRT_CONF_OPTS += -Dsasl=enabled
+LIBVIRT_DEPENDENCIES += libgsasl
+else
+LIBVIRT_CONF_OPTS += -Dsasl=disabled
+endif
+
ifeq ($(BR2_PACKAGE_LIBSELINUX),y)
LIBVIRT_CONF_OPTS += -Dselinux=enabled -Dsecdriver_selinux=enabled \
-Dselinux_mount=/sys/fs/selinux
@@ -151,6 +174,13 @@ else
LIBVIRT_CONF_OPTS += -Dselinux=disabled -Dsecdriver_selinux=disabled
endif
+ifeq ($(BR2_PACKAGE_LIBVIRT_DAEMON)$(BR2_PACKAGE_LIBSSH2),yy)
+LIBVIRT_CONF_OPTS += -Dssh2=enabled
+LIBVIRT_DEPENDENCIES += libssh2
+else
+LIBVIRT_CONF_OPTS += -Dssh2=disabled
+endif
+
ifeq ($(BR2_PACKAGE_LVM2),y)
LIBVIRT_CONF_OPTS += -Dstorage_lvm=enabled
LIBVIRT_DEPENDENCIES += lvm2
@@ -209,4 +239,11 @@ endef
LIBVIRT_PRE_INSTALL_TARGET_HOOKS += LIBVIRT_CREATE_SYMLINKS
+ifeq ($(BR2_PACKAGE_LIBVIRT_DAEMON),y)
+define LIBVIRT_INSTALL_INIT_SYSV
+ $(INSTALL) -D -m 0755 package/libvirt/S91virtlogd $(TARGET_DIR)/etc/init.d/S91virtlogd
+ $(INSTALL) -D -m 0755 package/libvirt/S92libvirtd $(TARGET_DIR)/etc/init.d/S92libvirtd
+endef
+endif
+
$(eval $(meson-package))
--
2.17.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [Buildroot] [PATCH v9 3/3] package/libvirt: add lxc and qemu options
2021-06-11 14:07 [Buildroot] [PATCH v9 1/3] package/libvirt: new package Jared Bents
2021-06-11 14:07 ` [Buildroot] [PATCH v9 2/3] package/libvirt: add daemon libvirtd Jared Bents
@ 2021-06-11 14:07 ` Jared Bents
2021-07-22 21:15 ` Arnout Vandecappelle
2021-07-22 20:48 ` [Buildroot] [PATCH v9 1/3] package/libvirt: new package Arnout Vandecappelle
2 siblings, 1 reply; 6+ messages in thread
From: Jared Bents @ 2021-06-11 14:07 UTC (permalink / raw
To: buildroot
Update to add lxc and qemu options for libvirt under the daemon
config option
Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
--
History:
v8:
- Split off from patch adding libvirt
v8->v9:
- N/A
---
package/libvirt/Config.in | 36 +++++++++++++++++++++++++++++++++++
package/libvirt/libvirt.mk | 39 ++++++++++++++++++++++++++++++++++++--
2 files changed, 73 insertions(+), 2 deletions(-)
diff --git a/package/libvirt/Config.in b/package/libvirt/Config.in
index ae5c8aac8a..ef9c10655f 100644
--- a/package/libvirt/Config.in
+++ b/package/libvirt/Config.in
@@ -42,6 +42,42 @@ config BR2_PACKAGE_LIBVIRT_DAEMON
Build the libvirt daemon (libvirtd) otherwise build only the
utility programs.
+# Stateful drivers are useful only when building the daemon.
+if BR2_PACKAGE_LIBVIRT_DAEMON
+
+config BR2_PACKAGE_LIBVIRT_QEMU
+ bool "qemu"
+ depends on BR2_PACKAGE_LIBSECCOMP_ARCH_SUPPORTS # libseccomp
+ depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_12 # libseccomp
+ depends on BR2_PACKAGE_QEMU_ARCH_SUPPORTS_TARGET
+ select BR2_PACKAGE_HWDATA # libpciaccess
+ select BR2_PACKAGE_HWDATA_PCI_IDS # libpciaccess
+ select BR2_PACKAGE_LIBSECCOMP
+ select BR2_PACKAGE_QEMU
+ select BR2_PACKAGE_QEMU_SYSTEM if BR2_PACKAGE_QEMU_CUSTOM_TARGETS = ""
+ select BR2_PACKAGE_YAJL
+ help
+ QEMU/KVM support
+
+comment "qemu support needs a toolchain w/ headers >= 3.12"
+ depends on BR2_PACKAGE_QEMU_ARCH_SUPPORTS_TARGET
+ depends on BR2_PACKAGE_LIBSECCOMP_ARCH_SUPPORTS
+ depends on !BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_12
+
+config BR2_PACKAGE_LIBVIRT_LXC
+ bool "lxc"
+ depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_0 # lxc
+ depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_7 # lxc
+ select BR2_PACKAGE_LXC
+ help
+ Linux Container support
+
+comment "lxc needs a toolchain w/ threads, headers >= 3.0, dynamic library, gcc >= 4.7"
+ depends on !BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_0
+ depends on !BR2_TOOLCHAIN_GCC_AT_LEAST_4_7
+
+endif
+
endif
comment "libvirt needs udev /dev management"
diff --git a/package/libvirt/libvirt.mk b/package/libvirt/libvirt.mk
index 8cc77f3c0e..22b99a4323 100644
--- a/package/libvirt/libvirt.mk
+++ b/package/libvirt/libvirt.mk
@@ -23,9 +23,7 @@ LIBVIRT_CONF_OPTS = \
-Ddriver_hyperv=disabled \
-Ddriver_interface=enabled \
-Ddriver_libxl=disabled \
- -Ddriver_lxc=disabled \
-Ddriver_openvz=disabled \
- -Ddriver_qemu=disabled \
-Ddriver_remote=enabled \
-Ddriver_secrets=enabled \
-Ddriver_vmware=disabled \
@@ -130,6 +128,13 @@ else
LIBVIRT_CONF_OPTS += -Dlibvirtd=disabled -Ddriver_network=disabled
endif
+ifeq ($(BR2_PACKAGE_LIBVIRT_LXC),y)
+LIBVIRT_CONF_OPTS += -Dlogin_shell=enabled -Ddriver_lxc=enabled
+LIBVIRT_DEPENDENCIES += lxc
+else
+LIBVIRT_CONF_OPTS += -Dlogin_shell=disabled -Ddriver_lxc=disabled
+endif
+
# Can't build nss plugin without network
ifeq ($(BR2_PACKAGE_LIBVIRT_DAEMON)$(BR2_PACKAGE_LIBNSS),yy)
LIBVIRT_CONF_OPTS += -Dnss=enabled
@@ -152,6 +157,12 @@ else
LIBVIRT_CONF_OPTS += -Dpolkit=disabled
endif
+ifeq ($(BR2_PACKAGE_LIBVIRT_QEMU),y)
+LIBVIRT_CONF_OPTS += -Ddriver_qemu=enabled -Dqemu_user=qemu -Dqemu_group=kvm
+else
+LIBVIRT_CONF_OPTS += -Ddriver_qemu=disabled -Dqemu_user=no -Dqemu_group=no
+endif
+
ifeq ($(BR2_PACKAGE_READLINE),y)
LIBVIRT_CONF_OPTS += -Dreadline=enabled
LIBVIRT_DEPENDENCIES += readline
@@ -214,13 +225,29 @@ define LIBVIRT_PERMISSIONS
/var/lib/libvirt/filesystems d 711 root root - - - - -
/var/lib/libvirt/images d 711 root root - - - - -
/var/lib/libvirt/network d 700 root root - - - - -
+ /var/lib/libvirt/qemu d 751 qemu kvm - - - - -
+ /var/lib/libvirt/qemu/autostart d 700 root root - - - - -
+ /var/lib/libvirt/qemu/networks d 700 root root - - - - -
+ /var/lib/libvirt/qemu/networks/autostart d 700 root root - - - - -
+ /var/lib/libvirt/qemu/channel d 755 qemu kvm - - - - -
+ /var/lib/libvirt/qemu/channel/target d 755 qemu kvm - - - - -
+ /var/lib/libvirt/qemu/dump d 755 qemu kvm - - - - -
+ /var/lib/libvirt/qemu/nvram d 755 qemu kvm - - - - -
+ /var/lib/libvirt/qemu/save d 755 qemu kvm - - - - -
+ /var/lib/libvirt/qemu/snapshot d 755 qemu kvm - - - - -
/var/lib/libvirt/secrets d 700 root root - - - - -
/var/lib/libvirt/storage d 755 root root - - - - -
/var/lib/libvirt/storage/autostart d 755 root root - - - - -
/var/cache/libvirt d 711 root root - - - - -
+ /var/cache/libvirt/lxc d 750 root root - - - - -
+ /var/cache/libvirt/qemu d 750 qemu kvm - - - - -
+ /var/cache/libvirt/qemu/capabilities d 755 root root - - - - -
/var/log/libvirt d 700 root root - - - - -
+ /var/log/libvirt/lxc d 750 root root - - - - -
+ /var/log/libvirt/qemu d 750 root root - - - - -
/var/log/swtpm d 755 root root - - - - -
/var/log/swtpm/libvirt d 755 root root - - - - -
+ /var/log/swtpm/libvirt/qemu d 711 root root - - - - -
endef
# libvirt may need to create persistent files (e.g. VM definitions) in these
@@ -231,14 +258,22 @@ endef
define LIBVIRT_CREATE_SYMLINKS
$(INSTALL) -m 700 -d $(TARGET_DIR)/etc/libvirt
$(INSTALL) -m 755 -d $(TARGET_DIR)/var/lib/libvirt
+ $(INSTALL) -m 751 -d $(TARGET_DIR)/var/lib/libvirt/qemu
$(INSTALL) -m 700 -d $(TARGET_DIR)/var/lib/libvirt/secrets
$(INSTALL) -m 755 -d $(TARGET_DIR)/var/lib/libvirt/storage
+ ln -s -f ../../var/lib/libvirt/qemu $(TARGET_DIR)/etc/libvirt/
ln -s -f ../../var/lib/libvirt/secrets $(TARGET_DIR)/etc/libvirt/
ln -s -f ../../var/lib/libvirt/storage $(TARGET_DIR)/etc/libvirt/
endef
LIBVIRT_PRE_INSTALL_TARGET_HOOKS += LIBVIRT_CREATE_SYMLINKS
+ifeq ($(BR2_PACKAGE_LIBVIRT_QEMU),y)
+define LIBVIRT_USERS
+ qemu -1 kvm -1 * - - - Libvirt qemu/kvm daemon
+endef
+endif
+
ifeq ($(BR2_PACKAGE_LIBVIRT_DAEMON),y)
define LIBVIRT_INSTALL_INIT_SYSV
$(INSTALL) -D -m 0755 package/libvirt/S91virtlogd $(TARGET_DIR)/etc/init.d/S91virtlogd
--
2.17.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [Buildroot] [PATCH v9 1/3] package/libvirt: new package
2021-06-11 14:07 [Buildroot] [PATCH v9 1/3] package/libvirt: new package Jared Bents
2021-06-11 14:07 ` [Buildroot] [PATCH v9 2/3] package/libvirt: add daemon libvirtd Jared Bents
2021-06-11 14:07 ` [Buildroot] [PATCH v9 3/3] package/libvirt: add lxc and qemu options Jared Bents
@ 2021-07-22 20:48 ` Arnout Vandecappelle
2 siblings, 0 replies; 6+ messages in thread
From: Arnout Vandecappelle @ 2021-07-22 20:48 UTC (permalink / raw
To: Jared Bents, buildroot; +Cc: Carlos Santos, thomas.petazzoni
Still a lot of things needed to be changed in this patch, but since it's
already v9 I applied anyway with modifications. Please review my changed.
On 11/06/2021 16:07, Jared Bents wrote:
> Libvirt is collection of software that provides a convenient way to
> manage virtual machines and other virtualization functionality, such as
> storage and network interface management. These software pieces include
> an API library, a daemon (libvirtd), and a command line utility (virsh).
>
> http://libvirt.org/
>
> Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
>
> --
> History:
> v1: primitive package, for experimental purposes only
> v1->v2:
> - Clarify dependence on !BR2_TOOLCHAIN_USES_MUSL
> - Add run-time dependence on dnsmask
> - Add dependence on eudev and libpciaccess when eudev is selected
> (thus detected by configure).
> v2->v3:
> - Condition the use of libtirpc to !BR2_TOOLCHAIN_HAS_NATIVE_RPC
> - Check for BR2_PACKAGE_HAS_UDEV instead of BR2_PACKAGE_EUDEV
> v3->v4:
> - Fix version history :-).
> - Add optional dependency on several packages (e.g. attr, libpcap),
> depending on wether they are selected or not, and explicitly disable
> features whose required packages are not selected. This is very
> important to prevent selection of features based on leaks from the
> host environment (e.g. finding /usr/bin/numad on the host machine).
> - Enable the "interface" driver if either udev or netcf is available.
> - Disable pm-utils support, since there is no package for Buildroot.
> - Use either openssl or gnutls, if available.
> - Run qemu as user "qemu", group "kvm", not as root.
> - Add a LIBVIRT_USERS variable to create user "qemu" an group "kvm".
> - Add a device table file to set the ownership and permissions of the
> libvirt directories under /etc, /run and /var.
> - If udev is not available, add an init script to set the ownership
> and permissions of /dev/kvm to root:kvm and 0660; otherwise create a
> corresponding /etc/udev/rules.d/90-kvm.rules file> - Enable support for systemd, if applicable; otherwise install an init
> script to start/stop/restart libvirtd.
This bit disappeared, apparently.
> - Ensure that a modern netcat is available.
And this one. I don't know if it's problematic, but I guess we'll fix that when
people complain about it :-)
> v4->v5:
> - Changed SOB, since I don't work for DATACOM anymore.
> - Bump to version 5.8.0.
> - Add hash for license file.
> - Drop OpenSSL options, since it's not supported anymore.
> - Use https to access libvirt.org, since http is always redirected to
> https.
> - Make libvirt daemon optional. If not selected, build only the client
> utilities. Reorganize run-time dependencies accordingly.
> - Load all vfio modules on startup, if they exist, otherwise virtual
> machines that depend on the PCI Passthrough feature fail to load.
> vfio-pci is not enough. Other modules, like vfio_iommu_type1, may be
> necessary.
> - Fix stopping dnsmasq in start/stop script. dnsmasq is not always
> started by libvirtd, so we must chech if it is running before
> attempting to stop it.
> - Move /etc/libvirt/{qemu,secrets,storage} to /var/lib/libvirt. It may
> be necessary to create persistent files (e.g. VM definitions) in
> these directories. Move them to /var/lib because /etc may be on a
> read-only or volatile (initramfs) filesystem. We could tweak the
> code to change these paths but the patch would be large and would
> break compatibility with ordinary installations and with the
> documentation.
> - Prevent an error message if pid file dissappears. start-stop-daemon
> sends a TERM signal to the process but does not wait for its
> termination, so we may reach rm_stale_pidfile while libvirtd.pid
> still exists but execute the cat command when the file is already
> gone, which leads cat to show an error message. We could use the
> '--retry' option to wait for the process termination but it is not
> supported by BusyBox. Let's just send the error messages to
> /dev/null and attempt to remove the file if any command fails, since
> 'rm -f' does nothing if the file does not exist.
> - Move device table creation to LIBVIRT_DEVICES instead of using the
> device_table.txt file.
> - Select libseccomp to enable seccomp support in qemu, as required by
> libvirt.
> - Select hwdata (pci.ids). It is required by libvirt to show device
> names when we use virtual machine manager to add hardware via PCI
> passthrough, otherwise only the PCI bus information (slot, port,
> function) is shown.
> - Add systemd support.
> - Restrict to libvirt with udev support. Drop netcf usage, which
> requires a new package and is hard to test. Support for non-udev
> systems will be added later.
> - Remove package/libvirt/S30devkvmperms
> - Fine-tune the configuration and pass host/target executable paths
> in ac_cv_path_* variables via LIBVIRT_CONF_ENV.
> - Use LIBVIRT_PERMISSIONS to set directory permissions.
> - Drop hook to set user/group in /etc/libvirt/qemu.conf, since it's
> not necessary.
> - Pull two upstream patches that fix building with musl.
> - Do not check for executables existence in the startup script.
> - Use separate init scripts for virtlogd and libvirtd. Make them
> compliant to the current pattern (as much as possible).
> - Do not start/stop virtlockd, since it is controlled by libvirtd.
> v5->v6:
> - Remove stray '\' in S91virtlogd
>
> Signed-off-by: Carlos Santos <unixmania@gmail.com>
>
> v6->v7:
> - Carlos Santos is no longer contributing to buildroot.
> - Adjusted handling of bash-completion to add dependency if it is
> enabled.
> - Bump to version 6.4.0
>
> v7->v8
> - Bump to version 7.0.0
> - Update to mason package type.
> - Split off daemon, qemu, and lxc to separate patches within the
> series due to feedback on being a large patch in an effort to
> allow the base part of libvirt to get added while providing the
> other portions for review.
>
> v8->v9
> - Bump to version 7.4.0
> - Update to add host-python-docutils as dependency
>
> Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
> ---
> DEVELOPERS | 3 +
> package/Config.in | 1 +
> package/libvirt/90-kvm.rules | 1 +
> package/libvirt/Config.in | 42 +++++++
> package/libvirt/libvirt.hash | 3 +
> package/libvirt/libvirt.mk | 212 +++++++++++++++++++++++++++++++++++
> 6 files changed, 262 insertions(+)
> create mode 100644 package/libvirt/90-kvm.rules
> create mode 100644 package/libvirt/Config.in
> create mode 100644 package/libvirt/libvirt.hash
> create mode 100644 package/libvirt/libvirt.mk
>
> diff --git a/DEVELOPERS b/DEVELOPERS
> index 0ab898d94d..ef4ff17cc4 100644
> --- a/DEVELOPERS
> +++ b/DEVELOPERS
> @@ -1264,6 +1264,9 @@ F: package/python-pexpect/
> F: package/python-ptyprocess/
> F: package/zynq-boot-bin/
>
> +N: Jared Bents <jared.bents@rockwellcollins.com>
> +F: package/libvirt/
> +
> N: Jarkko Sakkinen <jarkko.sakkinen@intel.com>
> F: package/quota/
>
> diff --git a/package/Config.in b/package/Config.in
> index e42f579494..70ba782a2f 100644
> --- a/package/Config.in
> +++ b/package/Config.in
> @@ -2463,6 +2463,7 @@ menu "System tools"
> source "package/kmod/Config.in"
> source "package/kvmtool/Config.in"
> source "package/libostree/Config.in"
> + source "package/libvirt/Config.in"
> source "package/lxc/Config.in"
> source "package/makedumpfile/Config.in"
> source "package/mender/Config.in"
> diff --git a/package/libvirt/90-kvm.rules b/package/libvirt/90-kvm.rules
> new file mode 100644
> index 0000000000..5145c27e79
> --- /dev/null
> +++ b/package/libvirt/90-kvm.rules
> @@ -0,0 +1 @@
> +KERNEL=="kvm", OWNER="root", GROUP="kvm", MODE="0660"
> diff --git a/package/libvirt/Config.in b/package/libvirt/Config.in
> new file mode 100644
> index 0000000000..f7999fea88
> --- /dev/null
> +++ b/package/libvirt/Config.in
> @@ -0,0 +1,42 @@
> +config BR2_PACKAGE_LIBVIRT
> + bool "libvirt"
> + depends on BR2_USE_MMU # fork()
> + depends on BR2_aarch64 || BR2_i386 || BR2_x86_64
Below, you use BR2_PACKAGE_LIBVIRT_ARCH_SUPPORTS which is not defined. I've
created that option and moved the arch and the MMU dependency to it (MMU is
considered an arch option).
> + depends on BR2_PACKAGE_HAS_UDEV
> + depends on !BR2_STATIC_LIBS
> + depends on BR2_USE_WCHAR
> + depends on BR2_TOOLCHAIN_HAS_THREADS
> + depends on BR2_USE_WCHAR
> + select BR2_PACKAGE_GNUTLS
> + select BR2_PACKAGE_LIBTIRPC
> + select BR2_PACKAGE_ZLIB
> + # configure: You must install the pciaccess module to build with udev
> + select BR2_PACKAGE_LIBPCIACCESS
> + select BR2_PACKAGE_LIBXML2
I sorted all of the above alphabetically.
> + # run-time dependencies
> + select BR2_PACKAGE_CGROUPFS_MOUNT if !BR2_INIT_SYSTEMD
> + help
> + Libvirt is collection of software that provides a convenient
> + way to manage virtual machines and other virtualization
> + functionality, such as storage and network interface
> + management. These software pieces include an API library, a
> + daemon (libvirtd), and a command line utility (virsh).
> +
> + https://libvirt.org/
> +
> +comment "libvirt needs udev /dev management"
> + depends on BR2_USE_MMU
> + depends on BR2_PACKAGE_LIBVIRT_ARCH_SUPPORTS
> + depends on !BR2_PACKAGE_HAS_UDEV
> +
> +comment "libvirt needs a toolchain w/ headers >= 3.12"
> + depends on BR2_USE_MMU
> + depends on BR2_PACKAGE_HAS_UDEV
> + depends on !BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_12
> +
> +comment "libvirt needs a toolchain w/ threads, dynamic library"
> + depends on BR2_USE_MMU
> + depends on BR2_PACKAGE_HAS_UDEV
> + depends on !BR2_PACKAGE_NETCAT
This netcat thing is a leftover I guess?
> + depends on BR2_STATIC_LIBS || !BR2_USE_MMU || \
> + !BR2_TOOLCHAIN_HAS_THREADS
I merged all of the comments into a single comment. It's a bit long but still
manageable.
> diff --git a/package/libvirt/libvirt.hash b/package/libvirt/libvirt.hash
> new file mode 100644
> index 0000000000..ec96dfc62c
> --- /dev/null
> +++ b/package/libvirt/libvirt.hash
> @@ -0,0 +1,3 @@
> +# locally computed
> +sha256 b366d73dee6ce77a226bedef592e0620ceb8e22e5998f60768017f79fc4ead26 libvirt-7.4.0.tar.xz
> +sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
> diff --git a/package/libvirt/libvirt.mk b/package/libvirt/libvirt.mk
> new file mode 100644
> index 0000000000..b2c9eebbfe
> --- /dev/null
> +++ b/package/libvirt/libvirt.mk
> @@ -0,0 +1,212 @@
> +################################################################################
> +#
> +# libvirt
> +#
> +################################################################################
> +
> +LIBVIRT_VERSION = 7.4.0
> +LIBVIRT_SITE = https://libvirt.org/sources
> +LIBVIRT_SOURCE = libvirt-$(LIBVIRT_VERSION).tar.xz
> +LIBVIRT_LICENSE = LGPL-2.1+
> +LIBVIRT_LICENSE_FILES = COPYING
> +LIBVIRT_DEPENDENCIES = host-nfs-utils host-pkgconf host-python-docutils gnutls libglib2 libpciaccess libtirpc libxml2 udev zlib
I split this in two lines.
libglib2 isn't mentioned in Config.in so I added that.
> +
> +LIBVIRT_CONF_ENV += \
> + CFLAGS="$(TARGET_CFLAGS) `$(PKG_CONFIG_HOST_BINARY) --cflags libtirpc`" \
> + LIBS="`$(PKG_CONFIG_HOST_BINARY) --libs libtirpc`"
> +
> +LIBVIRT_CONF_OPTS = \
> + -Drpath=disabled \
> + -Dapparmor=disabled \
> + -Ddriver_bhyve=disabled \
> + -Ddriver_esx=disabled \
> + -Ddriver_hyperv=disabled \
> + -Ddriver_interface=enabled \
> + -Ddriver_libxl=disabled \
> + -Ddriver_lxc=disabled \
> + -Ddriver_network=disabled \
> + -Ddriver_openvz=disabled \
> + -Ddriver_qemu=disabled \
> + -Ddriver_remote=enabled \
> + -Ddriver_secrets=enabled \
> + -Ddriver_vmware=disabled \
> + -Ddriver_vbox=disabled \
> + -Ddriver_vz=disabled \
> + -Ddtrace=disabled \
> + -Dfirewalld=disabled \
> + -Dfirewalld_zone=disabled \
> + -Dglusterfs=disabled \
> + -Dhost_validate=enabled \
> + -Dinit_script=$(if $(BR2_INIT_SYSTEMD),systemd,none) \
> + -Dlibssh=disabled \
> + -Dlibvirtd=disabled \
> + -Dlogin_shell=disabled \
> + -Dnetcf=disabled \
> + -Dnss=disabled \
> + -Dnumad=disabled \
> + -Dopenwsman=disabled \
> + -Dpciaccess=enabled \
> + -Dpm_utils=disabled \
> + -Dsanlock=disabled \
> + -Dsasl=disabled \
> + -Dsecdriver_apparmor=disabled \
> + -Dssh2=disabled \
> + -Dstorage_mpath=disabled \
> + -Dstorage_iscsi=disabled \
> + -Dstorage_iscsi_direct=disabled \
> + -Dsysctl_config=enabled \
> + -Dtest_coverage=false \
> + -Dudev=enabled \
> + -Dwireshark_dissector=disabled
I sorted all of the above alphabetically (except for the rpath one).
> +
> +ifeq ($(BR2_PACKAGE_ATTR),y)
> +LIBVIRT_CONF_OPTS += -Dattr=enabled
> +LIBVIRT_DEPENDENCIES += attr
> +else
> +LIBVIRT_CONF_OPTS += -Dattr=disabled
> +endif
> +
> +ifeq ($(BR2_PACKAGE_AUDIT),y)
> +LIBVIRT_CONF_OPTS += -Daudit=enabled
> +LIBVIRT_DEPENDENCIES += audit
> +else
> +LIBVIRT_CONF_OPTS += -Daudit=disabled
> +endif
> +
> +ifeq ($(BR2_PACKAGE_BASH_COMPLETION),y)
> +LIBVIRT_CONF_OPTS += -Dbash_completion=enabled
> +LIBVIRT_DEPENDENCIES += bash-completion
bash-completion is just a bunch of bash scripts, so usually it's just a runtime
dependency. Also, I don't think the bash-completion package is actually needed
for the virsh completion scripts to be useful (you just have to source
/etc/bash_completion.d/virsh (or wherever it's installed)).
So, I think this should depend on BR2_PACKAGE_BASH instead of BASH_COMPLETION,
and that the DEPENDENCIES shouldn't be added.
Still, I couldn't be bothered with checking all that so I committed as-is.
Please consider a follow-up patch that fixes it.
> +else
> +LIBVIRT_CONF_OPTS += -Dbash_completion=disabled
> +endif
> +
> +ifeq ($(BR2_PACKAGE_UTIL_LINUX_LIBBLKID),y)
> +LIBVIRT_CONF_OPTS += -Dblkid=enabled
> +LIBVIRT_DEPENDENCIES += util-linux
> +else
> +LIBVIRT_CONF_OPTS += -Dblkid=disabled
> +endif
> +
> +ifeq ($(BR2_PACKAGE_LIBCAP_NG),y)
> +LIBVIRT_CONF_OPTS += -Dcapng=enabled
> +LIBVIRT_DEPENDENCIES += libcap-ng
> +else
> +LIBVIRT_CONF_OPTS += -Dcapng=disabled
> +endif
> +
> +ifeq ($(BR2_PACKAGE_LIBCURL),y)
> +LIBVIRT_CONF_OPTS += -Dcurl=enabled
> +LIBVIRT_DEPENDENCIES += libcurl
> +else
> +LIBVIRT_CONF_OPTS += -Dcurl=disabled
> +endif
> +
> +ifeq ($(BR2_PACKAGE_LIBFUSE),y)
> +LIBVIRT_CONF_OPTS += -Dfuse=enabled
> +LIBVIRT_DEPENDENCIES += libfuse
> +else
> +LIBVIRT_CONF_OPTS += -Dfuse=disabled
> +endif
> +
> +ifeq ($(BR2_PACKAGE_LIBISCSI),y)
> +LIBVIRT_CONF_OPTS += -Dlibiscsi=enabled
> +LIBVIRT_DEPENDENCIES += libiscsi
> +else
> +LIBVIRT_CONF_OPTS += -Dlibiscsi=disabled
> +endif
> +
> +ifeq ($(BR2_PACKAGE_LIBPCAP),y)
> +LIBVIRT_CONF_OPTS += -Dlibpcap=enabled
> +LIBVIRT_DEPENDENCIES += libpcap
> +else
> +LIBVIRT_CONF_OPTS += -Dlibpcap=disabled
> +endif
> +
> +ifeq ($(BR2_PACKAGE_NUMACTL),y)
> +LIBVIRT_CONF_OPTS += -Dnumactl=enabled
> +LIBVIRT_DEPENDENCIES += numactl
> +else
> +LIBVIRT_CONF_OPTS += -Dnumactl=disabled
> +endif
> +
> +ifeq ($(BR2_PACKAGE_POLKIT),y)
> +LIBVIRT_CONF_OPTS += -Dpolkit=enabled
> +LIBVIRT_DEPENDENCIES += polkit
> +else
> +LIBVIRT_CONF_OPTS += -Dpolkit=disabled
> +endif
> +
> +ifeq ($(BR2_PACKAGE_READLINE),y)
> +LIBVIRT_CONF_OPTS += -Dreadline=enabled
> +LIBVIRT_DEPENDENCIES += readline
> +else
> +LIBVIRT_CONF_OPTS += -Dreadline=disabled
> +endif
> +
> +ifeq ($(BR2_PACKAGE_LIBSELINUX),y)
> +LIBVIRT_CONF_OPTS += -Dselinux=enabled -Dsecdriver_selinux=enabled \
> + -Dselinux_mount=/sys/fs/selinux
SELinux support is always a bit tricky... Have you runtime-tested this?
Regards,
Arnout
> +LIBVIRT_DEPENDENCIES += libselinux
> +else
> +LIBVIRT_CONF_OPTS += -Dselinux=disabled -Dsecdriver_selinux=disabled
> +endif
> +
> +ifeq ($(BR2_PACKAGE_LVM2),y)
> +LIBVIRT_CONF_OPTS += -Dstorage_lvm=enabled
> +LIBVIRT_DEPENDENCIES += lvm2
> +else
> +LIBVIRT_CONF_OPTS += -Dstorage_lvm=disabled
> +endif
> +
> +ifeq ($(BR2_PACKAGE_YAJL),y)
> +LIBVIRT_CONF_OPTS += -Dyajl=enabled
> +LIBVIRT_DEPENDENCIES += yajl
> +else
> +LIBVIRT_CONF_OPTS += -Dyajl=disabled
> +endif
> +
> +define LIBVIRT_INSTALL_UDEV_RULES
> + $(INSTALL) -D -m 644 package/libvirt/90-kvm.rules \
> + $(TARGET_DIR)/etc/udev/rules.d/90-kvm.rules
> +endef
> +LIBVIRT_POST_INSTALL_TARGET_HOOKS += LIBVIRT_INSTALL_UDEV_RULES
> +
> +# Adjust diretory ownerships and permissions. Notice /var/log is a symlink to
> +# /tmp in the default sysvinit skeleton, so some directories may disappear at
> +# run-time. Set the permissions anyway, since they are valid for the default
> +# systemd skeleton.
> +define LIBVIRT_PERMISSIONS
> + /etc/libvirt d 700 root root - - - - -
> + /etc/libvirt/nwfilter d 700 root root - - - - -
> + /var/lib/libvirt d 755 root root - - - - -
> + /var/lib/libvirt/boot d 711 root root - - - - -
> + /var/lib/libvirt/dnsmasq d 755 root root - - - - -
> + /var/lib/libvirt/filesystems d 711 root root - - - - -
> + /var/lib/libvirt/images d 711 root root - - - - -
> + /var/lib/libvirt/network d 700 root root - - - - -
> + /var/lib/libvirt/secrets d 700 root root - - - - -
> + /var/lib/libvirt/storage d 755 root root - - - - -
> + /var/lib/libvirt/storage/autostart d 755 root root - - - - -
> + /var/cache/libvirt d 711 root root - - - - -
> + /var/log/libvirt d 700 root root - - - - -
> + /var/log/swtpm d 755 root root - - - - -
> + /var/log/swtpm/libvirt d 755 root root - - - - -
> +endef
> +
> +# libvirt may need to create persistent files (e.g. VM definitions) in these
> +# directories. Move them to /var/lib because /etc may be on a read-only or
> +# volatile (initramfs) filesystem. We could tweak the code to change these
> +# paths but the patch would be large and would break compatibility with
> +# ordinary installations and with the documentation.
> +define LIBVIRT_CREATE_SYMLINKS
> + $(INSTALL) -m 700 -d $(TARGET_DIR)/etc/libvirt
> + $(INSTALL) -m 755 -d $(TARGET_DIR)/var/lib/libvirt
> + $(INSTALL) -m 700 -d $(TARGET_DIR)/var/lib/libvirt/secrets
> + $(INSTALL) -m 755 -d $(TARGET_DIR)/var/lib/libvirt/storage
> + ln -s -f ../../var/lib/libvirt/secrets $(TARGET_DIR)/etc/libvirt/
> + ln -s -f ../../var/lib/libvirt/storage $(TARGET_DIR)/etc/libvirt/
> +endef
> +
> +LIBVIRT_PRE_INSTALL_TARGET_HOOKS += LIBVIRT_CREATE_SYMLINKS
> +
> +$(eval $(meson-package))
>
_______________________________________________
buildroot mailing list
buildroot@busybox.net
http://lists.busybox.net/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [Buildroot] [PATCH v9 2/3] package/libvirt: add daemon libvirtd
2021-06-11 14:07 ` [Buildroot] [PATCH v9 2/3] package/libvirt: add daemon libvirtd Jared Bents
@ 2021-07-22 20:59 ` Arnout Vandecappelle
0 siblings, 0 replies; 6+ messages in thread
From: Arnout Vandecappelle @ 2021-07-22 20:59 UTC (permalink / raw
To: Jared Bents, buildroot; +Cc: thomas.petazzoni
On 11/06/2021 16:07, Jared Bents wrote:
> Update to add the libvirtd daemon for libvirt
>
> Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
>
> --
> History:
> v8:
> - Split off from patch adding libvirt
>
> v8->v9:
> - N/A
> ---
> package/libvirt/Config.in | 20 ++++++
> package/libvirt/S91virtlogd | 65 ++++++++++++++++++
> package/libvirt/S92libvirtd | 132 ++++++++++++++++++++++++++++++++++++
> package/libvirt/libvirt.mk | 49 +++++++++++--
> 4 files changed, 260 insertions(+), 6 deletions(-)
> create mode 100644 package/libvirt/S91virtlogd
> create mode 100644 package/libvirt/S92libvirtd
>
> diff --git a/package/libvirt/Config.in b/package/libvirt/Config.in
> index f7999fea88..ae5c8aac8a 100644
> --- a/package/libvirt/Config.in
> +++ b/package/libvirt/Config.in
> @@ -24,6 +24,26 @@ config BR2_PACKAGE_LIBVIRT
>
> https://libvirt.org/
>
> +if BR2_PACKAGE_LIBVIRT
> +
> +config BR2_PACKAGE_LIBVIRT_DAEMON
> + bool "libvirtd"
> + default y
> + select BR2_PACKAGE_BUSYBOX_SHOW_OTHERS
> + select BR2_PACKAGE_DNSMASQ
> + select BR2_PACKAGE_EBTABLES
> + select BR2_PACKAGE_IPTABLES
> + select BR2_PACKAGE_IPROUTE2
> + # These are required because there is no way to unequivocally select a modern netcat
> + select BR2_PACKAGE_NMAP if !BR2_PACKAGE_NETCAT_OPENBSD
> + select BR2_PACKAGE_NMAP_NCAT if !BR2_PACKAGE_NETCAT_OPENBSD
I believe Carlos' initial patch selected netcat, not netcat-openbsd. Note that
netcat-openbsd has pretty different command-line options, so in any other than
the most trivial cases they're not compatible...
> + select BR2_PACKAGE_RADVD
> + help
> + Build the libvirt daemon (libvirtd) otherwise build only the
> + utility programs.
> +
> +endif
> +
> comment "libvirt needs udev /dev management"
> depends on BR2_USE_MMU
> depends on BR2_PACKAGE_LIBVIRT_ARCH_SUPPORTS
> diff --git a/package/libvirt/S91virtlogd b/package/libvirt/S91virtlogd
> new file mode 100644
> index 0000000000..03d17b5dbd
> --- /dev/null
> +++ b/package/libvirt/S91virtlogd
> @@ -0,0 +1,65 @@
> +#!/bin/sh
> +
> +DAEMON="virtlogd"
> +EXECFILE="/usr/sbin/$DAEMON"
> +PIDFILE="/var/run/$DAEMON.pid"
> +
> +VIRTLOGD_ARGS=""
> +
> +# shellcheck source=/dev/null
> +[ -r "/etc/default/$DAEMON" ] && . "/etc/default/$DAEMON"
> +
> +start() {
> + printf 'Starting %s: ' "$DAEMON"
> + # shellcheck disable=SC2086 # we need the word splitting
> + start-stop-daemon -S -q -p "$PIDFILE" -x "$EXECFILE" \
> + -- -d $VIRTLOGD_ARGS
> + status=$?
> + if [ "$status" -eq 0 ]; then
> + echo "OK"
> + else
> + echo "FAIL"
> + fi
> + return "$status"
> +}
> +
> +stop() {
> + printf 'Stopping %s: ' "$DAEMON"
> + start-stop-daemon -K -q -p "$PIDFILE" -x "$EXECFILE"
> + status=$?
> + if [ "$status" -eq 0 ]; then
> + echo "OK"
> + else
> + echo "FAIL"
> + fi
> + return "$status"
> +}
> +
> +restart() {
> + stop
> + sleep 1
> + start
> +}
> +
> +# On receipt of SIGUSR1 virtlogd will re-exec() its binary, while maintaining
> +# all current logs and clients. This allows for live upgrades of the virtlogd
> +# service.
> +reload() {
> + printf 'Reloading %s: ' "$DAEMON"
> + start-stop-daemon -K -s USR1 -q -p "$PIDFILE" -x "$EXECFILE"
> + status=$?
> + if [ "$status" -eq 0 ]; then
> + echo "OK"
> + else
> + echo "FAIL"
> + fi
> + return "$status"
> +}
> +
> +case "$1" in
> + start|stop|restart|reload)
> + "$1";;
> + *)
> + echo "Usage: $0 {start|stop|restart|reload}"
> + exit 1
> +esac
> diff --git a/package/libvirt/S92libvirtd b/package/libvirt/S92libvirtd
> new file mode 100644
> index 0000000000..736519f3d0
> --- /dev/null
> +++ b/package/libvirt/S92libvirtd
> @@ -0,0 +1,132 @@
> +#!/bin/sh
> +
> +DAEMON="libvirtd"
> +EXECFILE="/usr/sbin/$DAEMON"
> +PIDFILE="/var/run/$DAEMON.pid"
> +
> +LIBVIRTD_ARGS=""
> +
> +# shellcheck source=/dev/null
> +[ -r "/etc/default/$DAEMON" ] && . "/etc/default/$DAEMON"
> +
> +trap 'rm -f "$TMP_MODULE_LIST" "$TMP_PIDFILE_LIST"' EXIT
> +
> +is_alive() {
> + [ -e "$1" ] \
> + && exe="/proc/$(cat "$1" 2>/dev/null)/exe" \
> + && [ -s "$exe" ] \
> + && [ "$(readlink -f "$exe")" = "$2" ]
> +}
> +
> +load_modules() {
> + printf 'Loading kernel modules: '
> + kver="$(uname -r)"
> + TMP_MODULE_LIST="$(mktemp -q)" || {
> + echo 'FAIL creating temporary modules list'
> + exit 1
> + }
> + [ -d "/lib/modules/$kver/kernel/drivers/net" ] && \
> + find "/lib/modules/$kver/kernel/drivers/net" \
> + -name "tun.ko*" >> "$TMP_MODULE_LIST"
> + [ -d "/lib/modules/$kver/kernel/drivers/vhost" ] && \
> + find "/lib/modules/$kver/kernel/drivers/vhost" \
> + -name "vhost?net.ko*" >> "$TMP_MODULE_LIST"
> + [ -d "/lib/modules/$kver/kernel/drivers/net" ] && \
> + find "/lib/modules/$kver/kernel/drivers/vfio" \
> + -name "*.ko*" >> "$TMP_MODULE_LIST"
> + while read -r f; do
> + m="$(basename "${f%.ko*}")"
> + if modprobe -q "$m"; then
> + printf '%s ' "$m"
> + else
> + echo "FAIL on $m"
> + exit 1
> + fi
> + done < "$TMP_MODULE_LIST"
> + echo "OK"
> +}
> +
> +#
> +# If libvirtd dies it leves behind one stale dnsmasq per virtual network that
> +# must be killed before starting libvirtd again.
> +#
> +rm_stale_dnsmasq() {
> + [ -d /var/run/libvirt/network ] || return 0
> + TMP_PIDFILE_LIST="$(mktemp -q)" || {
> + echo "Could not create temporary pidfile list"
> + exit 1
> + }
> + find /var/run/libvirt/network -name '*.pid' > "$TMP_PIDFILE_LIST"
> + while read -r pidfile; do
> + if is_alive "$pidfile" /usr/sbin/dnsmasq; then
It would be better IMHO to use start-stop-daemon itself instead of is_alive.
You would get error messages in case the process doesn't exist, but IMHO that's
fine (if libvirt doesn't stop them, they're expected to still be running...).
That said, I committed as is.
> + start-stop-daemon -K -q -p "$pidfile" -x /usr/sbin/dnsmasq
> + status=$?
> + if [ "$status" -ne 0 ]; then
> + echo "Could not stop stale dnsmasq daemons"
> + exit 1
> + fi
> + rm -f "$pidfile"
> + fi
> + done < "$TMP_PIDFILE_LIST"
> +}
> +
> +start() {
> + if is_alive "$PIDFILE" "$EXECFILE"; then
> + # libvirtd is already running. Leave it alone.
> + printf 'Starting %s: FAIL\n' "$DAEMON"
> + return 1
> + fi
> + rm_stale_dnsmasq
We don't normally do such cleanups in init scripts, we just do the start
assuming the daemon is not yet running.
Again, I left it as is.
> + load_modules
> + printf 'Starting %s: ' "$DAEMON"
> + # shellcheck disable=SC2086 # we need the word splitting
> + start-stop-daemon -S -q -p "$PIDFILE" -x "$EXECFILE" \
> + -- -d $LIBVIRTD_ARGS
> + status=$?
> + if [ "$status" -eq 0 ]; then
> + echo "OK"
> + else
> + echo "FAIL"
> + fi
> + return "$status"
> +}
> +
> +stop() {
> + printf 'Stopping %s: ' "$DAEMON"
> + start-stop-daemon -K -q -p "$PIDFILE" -x "$EXECFILE"
> + status=$?
> + if [ "$status" -eq 0 ]; then
> + rm_stale_dnsmasq
> + echo "OK"
> + else
> + echo "FAIL"
> + fi
> + return "$status"
> +}
> +
> +restart() {
> + stop
> + sleep 1
> + start
> +}
> +
> +# On receipt of SIGHUP libvirtd will reload its configuration.
> +reload() {
> + printf 'Reloading %s: ' "$DAEMON"
> + start-stop-daemon -K -s HUP -q -p "$PIDFILE" -x "$EXECFILE"
> + status=$?
> + if [ "$status" -eq 0 ]; then
> + echo "OK"
> + else
> + echo "FAIL"
> + fi
> + return "$status"
> +}
> +
> +case "$1" in
> + start|stop|restart|reload)
> + "$1";;
> + *)
> + echo "Usage: $0 {start|stop|restart|reload}"
> + exit 1
> +esac
> diff --git a/package/libvirt/libvirt.mk b/package/libvirt/libvirt.mk
> index b2c9eebbfe..8cc77f3c0e 100644
> --- a/package/libvirt/libvirt.mk
> +++ b/package/libvirt/libvirt.mk
> @@ -24,7 +24,6 @@ LIBVIRT_CONF_OPTS = \
> -Ddriver_interface=enabled \
> -Ddriver_libxl=disabled \
> -Ddriver_lxc=disabled \
> - -Ddriver_network=disabled \
> -Ddriver_openvz=disabled \
> -Ddriver_qemu=disabled \
> -Ddriver_remote=enabled \
> @@ -38,19 +37,14 @@ LIBVIRT_CONF_OPTS = \
> -Dglusterfs=disabled \
> -Dhost_validate=enabled \
> -Dinit_script=$(if $(BR2_INIT_SYSTEMD),systemd,none) \
> - -Dlibssh=disabled \
> - -Dlibvirtd=disabled \
> -Dlogin_shell=disabled \
> -Dnetcf=disabled \
> - -Dnss=disabled \
> -Dnumad=disabled \
> -Dopenwsman=disabled \
> -Dpciaccess=enabled \
> -Dpm_utils=disabled \
> -Dsanlock=disabled \
> - -Dsasl=disabled \
> -Dsecdriver_apparmor=disabled \
> - -Dssh2=disabled \
> -Dstorage_mpath=disabled \
> -Dstorage_iscsi=disabled \
> -Dstorage_iscsi_direct=disabled \
> @@ -122,6 +116,28 @@ else
> LIBVIRT_CONF_OPTS += -Dlibpcap=disabled
> endif
>
> +ifeq ($(BR2_PACKAGE_LIBVIRT_DAEMON)$(BR2_PACKAGE_LIBSSH),yy)
> +LIBVIRT_CONF_OPTS += -Dlibssh=enabled
> +LIBVIRT_DEPENDENCIES += libssh
> +else
> +LIBVIRT_CONF_OPTS += -Dlibssh=disabled
> +endif
> +
> +# Network is used by daemon, only
> +ifeq ($(BR2_PACKAGE_LIBVIRT_DAEMON),y)
> +LIBVIRT_CONF_OPTS += -Dlibvirtd=enabled -Ddriver_network=enabled
> +else
> +LIBVIRT_CONF_OPTS += -Dlibvirtd=disabled -Ddriver_network=disabled
> +endif
> +
> +# Can't build nss plugin without network
> +ifeq ($(BR2_PACKAGE_LIBVIRT_DAEMON)$(BR2_PACKAGE_LIBNSS),yy)
Instead of having these yy options, I've put all the options that depend on the
daemon together, after the rest of the options.
Regards,
Arnout
> +LIBVIRT_CONF_OPTS += -Dnss=enabled
> +LIBVIRT_DEPENDENCIES += libnss
> +else
> +LIBVIRT_CONF_OPTS += -Dnss=disabled
> +endif
> +
> ifeq ($(BR2_PACKAGE_NUMACTL),y)
> LIBVIRT_CONF_OPTS += -Dnumactl=enabled
> LIBVIRT_DEPENDENCIES += numactl
> @@ -143,6 +159,13 @@ else
> LIBVIRT_CONF_OPTS += -Dreadline=disabled
> endif
>
> +ifeq ($(BR2_PACKAGE_LIBVIRT_DAEMON)$(BR2_PACKAGE_LIBGSASL),yy)
> +LIBVIRT_CONF_OPTS += -Dsasl=enabled
> +LIBVIRT_DEPENDENCIES += libgsasl
> +else
> +LIBVIRT_CONF_OPTS += -Dsasl=disabled
> +endif
> +
> ifeq ($(BR2_PACKAGE_LIBSELINUX),y)
> LIBVIRT_CONF_OPTS += -Dselinux=enabled -Dsecdriver_selinux=enabled \
> -Dselinux_mount=/sys/fs/selinux
> @@ -151,6 +174,13 @@ else
> LIBVIRT_CONF_OPTS += -Dselinux=disabled -Dsecdriver_selinux=disabled
> endif
>
> +ifeq ($(BR2_PACKAGE_LIBVIRT_DAEMON)$(BR2_PACKAGE_LIBSSH2),yy)
> +LIBVIRT_CONF_OPTS += -Dssh2=enabled
> +LIBVIRT_DEPENDENCIES += libssh2
> +else
> +LIBVIRT_CONF_OPTS += -Dssh2=disabled
> +endif
> +
> ifeq ($(BR2_PACKAGE_LVM2),y)
> LIBVIRT_CONF_OPTS += -Dstorage_lvm=enabled
> LIBVIRT_DEPENDENCIES += lvm2
> @@ -209,4 +239,11 @@ endef
>
> LIBVIRT_PRE_INSTALL_TARGET_HOOKS += LIBVIRT_CREATE_SYMLINKS
>
> +ifeq ($(BR2_PACKAGE_LIBVIRT_DAEMON),y)
> +define LIBVIRT_INSTALL_INIT_SYSV
> + $(INSTALL) -D -m 0755 package/libvirt/S91virtlogd $(TARGET_DIR)/etc/init.d/S91virtlogd
> + $(INSTALL) -D -m 0755 package/libvirt/S92libvirtd $(TARGET_DIR)/etc/init.d/S92libvirtd
> +endef
> +endif
> +
> $(eval $(meson-package))
>
_______________________________________________
buildroot mailing list
buildroot@busybox.net
http://lists.busybox.net/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [Buildroot] [PATCH v9 3/3] package/libvirt: add lxc and qemu options
2021-06-11 14:07 ` [Buildroot] [PATCH v9 3/3] package/libvirt: add lxc and qemu options Jared Bents
@ 2021-07-22 21:15 ` Arnout Vandecappelle
0 siblings, 0 replies; 6+ messages in thread
From: Arnout Vandecappelle @ 2021-07-22 21:15 UTC (permalink / raw
To: Jared Bents, buildroot; +Cc: thomas.petazzoni
On 11/06/2021 16:07, Jared Bents wrote:
> Update to add lxc and qemu options for libvirt under the daemon
> config option
>
> Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
>
> --
> History:
> v8:
> - Split off from patch adding libvirt
>
> v8->v9:
> - N/A
> ---
> package/libvirt/Config.in | 36 +++++++++++++++++++++++++++++++++++
> package/libvirt/libvirt.mk | 39 ++++++++++++++++++++++++++++++++++++--
> 2 files changed, 73 insertions(+), 2 deletions(-)
>
> diff --git a/package/libvirt/Config.in b/package/libvirt/Config.in
> index ae5c8aac8a..ef9c10655f 100644
> --- a/package/libvirt/Config.in
> +++ b/package/libvirt/Config.in
> @@ -42,6 +42,42 @@ config BR2_PACKAGE_LIBVIRT_DAEMON
> Build the libvirt daemon (libvirtd) otherwise build only the
> utility programs.
>
> +# Stateful drivers are useful only when building the daemon.
> +if BR2_PACKAGE_LIBVIRT_DAEMON
> +
> +config BR2_PACKAGE_LIBVIRT_QEMU
> + bool "qemu"
> + depends on BR2_PACKAGE_LIBSECCOMP_ARCH_SUPPORTS # libseccomp
> + depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_12 # libseccomp
> + depends on BR2_PACKAGE_QEMU_ARCH_SUPPORTS_TARGET
> + select BR2_PACKAGE_HWDATA # libpciaccess
> + select BR2_PACKAGE_HWDATA_PCI_IDS # libpciaccess
> + select BR2_PACKAGE_LIBSECCOMP
> + select BR2_PACKAGE_QEMU
> + select BR2_PACKAGE_QEMU_SYSTEM if BR2_PACKAGE_QEMU_CUSTOM_TARGETS = ""
> + select BR2_PACKAGE_YAJL
> + help
> + QEMU/KVM support
> +
> +comment "qemu support needs a toolchain w/ headers >= 3.12"
> + depends on BR2_PACKAGE_QEMU_ARCH_SUPPORTS_TARGET
> + depends on BR2_PACKAGE_LIBSECCOMP_ARCH_SUPPORTS
> + depends on !BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_12
This is redundant since libvirt itself already depends on headers >= 3.12. So I
removed the comment entirely.
> +
> +config BR2_PACKAGE_LIBVIRT_LXC
> + bool "lxc"
> + depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_0 # lxc
This is also implied by headers >= 3.12. I've simplified the comment to just
mention gcc.
> + depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_7 # lxc
> + select BR2_PACKAGE_LXC
> + help
> + Linux Container support
> +
> +comment "lxc needs a toolchain w/ threads, headers >= 3.0, dynamic library, gcc >= 4.7"
> + depends on !BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_0
> + depends on !BR2_TOOLCHAIN_GCC_AT_LEAST_4_7
> +
> +endif
> +
> endif
>
> comment "libvirt needs udev /dev management"
> diff --git a/package/libvirt/libvirt.mk b/package/libvirt/libvirt.mk
> index 8cc77f3c0e..22b99a4323 100644
> --- a/package/libvirt/libvirt.mk
> +++ b/package/libvirt/libvirt.mk
> @@ -23,9 +23,7 @@ LIBVIRT_CONF_OPTS = \
> -Ddriver_hyperv=disabled \
> -Ddriver_interface=enabled \
> -Ddriver_libxl=disabled \
> - -Ddriver_lxc=disabled \
> -Ddriver_openvz=disabled \
> - -Ddriver_qemu=disabled \
> -Ddriver_remote=enabled \
> -Ddriver_secrets=enabled \
> -Ddriver_vmware=disabled \
> @@ -130,6 +128,13 @@ else
> LIBVIRT_CONF_OPTS += -Dlibvirtd=disabled -Ddriver_network=disabled
> endif
>
> +ifeq ($(BR2_PACKAGE_LIBVIRT_LXC),y)
> +LIBVIRT_CONF_OPTS += -Dlogin_shell=enabled -Ddriver_lxc=enabled
> +LIBVIRT_DEPENDENCIES += lxc
Is this really a build time dependency? I've applied it as-is though.
> +else
> +LIBVIRT_CONF_OPTS += -Dlogin_shell=disabled -Ddriver_lxc=disabled
> +endif
> +
> # Can't build nss plugin without network
> ifeq ($(BR2_PACKAGE_LIBVIRT_DAEMON)$(BR2_PACKAGE_LIBNSS),yy)
> LIBVIRT_CONF_OPTS += -Dnss=enabled
> @@ -152,6 +157,12 @@ else
> LIBVIRT_CONF_OPTS += -Dpolkit=disabled
> endif
>
> +ifeq ($(BR2_PACKAGE_LIBVIRT_QEMU),y)
> +LIBVIRT_CONF_OPTS += -Ddriver_qemu=enabled -Dqemu_user=qemu -Dqemu_group=kvm
> +else
> +LIBVIRT_CONF_OPTS += -Ddriver_qemu=disabled -Dqemu_user=no -Dqemu_group=no
> +endif
> +
> ifeq ($(BR2_PACKAGE_READLINE),y)
> LIBVIRT_CONF_OPTS += -Dreadline=enabled
> LIBVIRT_DEPENDENCIES += readline
> @@ -214,13 +225,29 @@ define LIBVIRT_PERMISSIONS
> /var/lib/libvirt/filesystems d 711 root root - - - - -
> /var/lib/libvirt/images d 711 root root - - - - -
> /var/lib/libvirt/network d 700 root root - - - - -
> + /var/lib/libvirt/qemu d 751 qemu kvm - - - - -
> + /var/lib/libvirt/qemu/autostart d 700 root root - - - - -
> + /var/lib/libvirt/qemu/networks d 700 root root - - - - -
> + /var/lib/libvirt/qemu/networks/autostart d 700 root root - - - - -
> + /var/lib/libvirt/qemu/channel d 755 qemu kvm - - - - -
> + /var/lib/libvirt/qemu/channel/target d 755 qemu kvm - - - - -
> + /var/lib/libvirt/qemu/dump d 755 qemu kvm - - - - -
> + /var/lib/libvirt/qemu/nvram d 755 qemu kvm - - - - -
> + /var/lib/libvirt/qemu/save d 755 qemu kvm - - - - -
> + /var/lib/libvirt/qemu/snapshot d 755 qemu kvm - - - - -
> /var/lib/libvirt/secrets d 700 root root - - - - -
> /var/lib/libvirt/storage d 755 root root - - - - -
> /var/lib/libvirt/storage/autostart d 755 root root - - - - -
> /var/cache/libvirt d 711 root root - - - - -
> + /var/cache/libvirt/lxc d 750 root root - - - - -
> + /var/cache/libvirt/qemu d 750 qemu kvm - - - - -
> + /var/cache/libvirt/qemu/capabilities d 755 root root - - - - -
> /var/log/libvirt d 700 root root - - - - -
> + /var/log/libvirt/lxc d 750 root root - - - - -
> + /var/log/libvirt/qemu d 750 root root - - - - -
> /var/log/swtpm d 755 root root - - - - -
> /var/log/swtpm/libvirt d 755 root root - - - - -
> + /var/log/swtpm/libvirt/qemu d 711 root root - - - - -
As noted, var/cache and var/log are tmpfs by default. Therefore, the init
script should create these directories.
I've committed it unchanged, though.
In case it wasn't clear yet: series applied to master, thanks.
Regards,
Arnout
> endef
>
> # libvirt may need to create persistent files (e.g. VM definitions) in these
> @@ -231,14 +258,22 @@ endef
> define LIBVIRT_CREATE_SYMLINKS
> $(INSTALL) -m 700 -d $(TARGET_DIR)/etc/libvirt
> $(INSTALL) -m 755 -d $(TARGET_DIR)/var/lib/libvirt
> + $(INSTALL) -m 751 -d $(TARGET_DIR)/var/lib/libvirt/qemu
> $(INSTALL) -m 700 -d $(TARGET_DIR)/var/lib/libvirt/secrets
> $(INSTALL) -m 755 -d $(TARGET_DIR)/var/lib/libvirt/storage
> + ln -s -f ../../var/lib/libvirt/qemu $(TARGET_DIR)/etc/libvirt/
> ln -s -f ../../var/lib/libvirt/secrets $(TARGET_DIR)/etc/libvirt/
> ln -s -f ../../var/lib/libvirt/storage $(TARGET_DIR)/etc/libvirt/
> endef
>
> LIBVIRT_PRE_INSTALL_TARGET_HOOKS += LIBVIRT_CREATE_SYMLINKS
>
> +ifeq ($(BR2_PACKAGE_LIBVIRT_QEMU),y)
> +define LIBVIRT_USERS
> + qemu -1 kvm -1 * - - - Libvirt qemu/kvm daemon
> +endef
> +endif
> +
> ifeq ($(BR2_PACKAGE_LIBVIRT_DAEMON),y)
> define LIBVIRT_INSTALL_INIT_SYSV
> $(INSTALL) -D -m 0755 package/libvirt/S91virtlogd $(TARGET_DIR)/etc/init.d/S91virtlogd
>
_______________________________________________
buildroot mailing list
buildroot@busybox.net
http://lists.busybox.net/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2021-07-22 21:15 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-06-11 14:07 [Buildroot] [PATCH v9 1/3] package/libvirt: new package Jared Bents
2021-06-11 14:07 ` [Buildroot] [PATCH v9 2/3] package/libvirt: add daemon libvirtd Jared Bents
2021-07-22 20:59 ` Arnout Vandecappelle
2021-06-11 14:07 ` [Buildroot] [PATCH v9 3/3] package/libvirt: add lxc and qemu options Jared Bents
2021-07-22 21:15 ` Arnout Vandecappelle
2021-07-22 20:48 ` [Buildroot] [PATCH v9 1/3] package/libvirt: new package Arnout Vandecappelle
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.