Blob Blame History Raw
# -*- rpm-spec -*-

# This spec file assumes you are building on a Fedora or RHEL version
# that's still supported by the vendor. It may work on other distros
# or versions, but no effort will be made to ensure that going forward.
%define min_rhel 6
%define min_fedora 26

%if (0%{?fedora} && 0%{?fedora} >= %{min_fedora}) || (0%{?rhel} && 0%{?rhel} >= %{min_rhel})
    %define supported_platform 1
%else
    %define supported_platform 0
%endif

# Default to skipping autoreconf.  Distros can change just this one line
# (or provide a command-line override) if they backport any patches that
# touch configure.ac or Makefile.am.
# Always run autoreconf
%{!?enable_autotools:%global enable_autotools 1}

# The hypervisor drivers that run in libvirtd
%define with_qemu          0%{!?_without_qemu:1}
%define with_lxc           0%{!?_without_lxc:1}
%define with_uml           0%{!?_without_uml:1}
%define with_libxl         0%{!?_without_libxl:1}
%define with_vbox          0%{!?_without_vbox:1}

%define with_qemu_tcg      %{with_qemu}

%define qemu_kvm_arches %{ix86} x86_64

%if 0%{?fedora}
    %define qemu_kvm_arches %{ix86} x86_64 %{power64} s390x %{arm} aarch64
%endif

%if 0%{?rhel}
    %define with_qemu_tcg 0
    %define qemu_kvm_arches x86_64
    %if 0%{?rhel} >= 7
        %define qemu_kvm_arches x86_64 %{power64} aarch64 s390x
    %endif
%endif

%ifarch %{qemu_kvm_arches}
    %define with_qemu_kvm      %{with_qemu}
%else
    %define with_qemu_kvm      0
%endif

%if ! %{with_qemu_tcg} && ! %{with_qemu_kvm}
    %define with_qemu 0
%endif

# Then the hypervisor drivers that run outside libvirtd, in libvirt.so
%define with_openvz        0%{!?_without_openvz:1}
%define with_vmware        0%{!?_without_vmware:1}
%define with_phyp          0%{!?_without_phyp:1}
%define with_esx           0%{!?_without_esx:1}
%define with_hyperv        0%{!?_without_hyperv:1}

# Then the secondary host drivers, which run inside libvirtd
%if 0%{?fedora} || 0%{?rhel} >= 7
    %define with_storage_rbd      0%{!?_without_storage_rbd:1}
%else
    %define with_storage_rbd      0
%endif
%if 0%{?fedora}
    %define with_storage_sheepdog 0%{!?_without_storage_sheepdog:1}
%else
    %define with_storage_sheepdog 0
%endif
%define with_storage_gluster 0%{!?_without_storage_gluster:1}
%define with_numactl          0%{!?_without_numactl:1}

# F25+ has zfs-fuse
%if 0%{?fedora}
    %define with_storage_zfs      0%{!?_without_storage_zfs:1}
%else
    %define with_storage_zfs      0
%endif

# A few optional bits off by default, we enable later
%define with_fuse          0%{!?_without_fuse:0}
%define with_sanlock       0%{!?_without_sanlock:0}
%define with_systemd       0%{!?_without_systemd:0}
%define with_numad         0%{!?_without_numad:0}
%define with_firewalld     0%{!?_without_firewalld:0}
%define with_firewalld_zone 0%{!?_without_firewalld_zone:0}
%define with_libssh2       0%{!?_without_libssh2:0}
%define with_wireshark     0%{!?_without_wireshark:0}
%define with_libssh        0%{!?_without_libssh:0}
%define with_bash_completion  0%{!?_without_bash_completion:0}
%define with_pm_utils      1

# Finally set the OS / architecture specific special cases

# Xen is available only on i386 x86_64 ia64
%ifnarch %{ix86} x86_64 ia64
    %define with_libxl 0
%endif

# vbox is available only on i386 x86_64
%ifnarch %{ix86} x86_64
    %define with_vbox 0
%endif

# Numactl is not available on s390[x] and ARM
%ifarch s390 s390x %{arm}
    %define with_numactl 0
%endif

# zfs-fuse is not available on some architectures
%ifarch s390 s390x aarch64
    %define with_storage_zfs 0
%endif


# RHEL doesn't ship OpenVZ, VBox, UML, PowerHypervisor,
# VMware, libxenserver (xenapi), libxenlight (Xen 4.1 and newer),
# or HyperV.
%if 0%{?rhel}
    %define with_openvz 0
    %define with_vbox 0
    %define with_uml 0
    %define with_phyp 0
    %define with_vmware 0
    %define with_xenapi 0
    %define with_libxl 0
    %define with_hyperv 0
    %define with_vz 0

    %if 0%{?rhel} > 7
        %define with_lxc 0
    %endif
%endif

# Fedora 17 / RHEL-7 are first where we use systemd. Although earlier
# Fedora has systemd, libvirt still used sysvinit there.
%if 0%{?fedora} || 0%{?rhel} >= 7
    %define with_systemd 1
    %define with_pm_utils 0
%endif

# Fedora 18 / RHEL-7 are first where firewalld support is enabled
%if 0%{?fedora} || 0%{?rhel} >= 7
    %define with_firewalld 1
%endif

%if 0%{?fedora} >= 30 || 0%{?rhel} > 7
    %define with_firewalld_zone 0%{!?_without_firewalld_zone:1}
%endif


# fuse is used to provide virtualized /proc for LXC
%if %{with_lxc} && 0%{?rhel} != 6
    %define with_fuse      0%{!?_without_fuse:1}
%endif

# Enable sanlock library for lock management with QEMU
# Sanlock is available only on arches where kvm is available for RHEL
%if 0%{?fedora}
    %define with_sanlock 0%{!?_without_sanlock:1}
%endif
%if 0%{?rhel}
    %ifarch %{qemu_kvm_arches}
        %define with_sanlock 0%{!?_without_sanlock:1}
    %endif
%endif

# Enable libssh2 transport for new enough distros
%if 0%{?fedora}
    %define with_libssh2 0%{!?_without_libssh2:1}
%endif

# Enable wireshark plugins for all distros shipping libvirt 1.2.2 or newer
%if 0%{?fedora}
    %define with_wireshark 0%{!?_without_wireshark:1}
%endif
%if 0%{?fedora} || 0%{?rhel} > 7
    %define wireshark_plugindir %(pkg-config --variable plugindir wireshark)
%else
    %define wireshark_plugindir %{_libdir}/wireshark/plugins
%endif

# Enable libssh transport for new enough distros
%if 0%{?fedora} || 0%{?rhel} > 7
    %define with_libssh 0%{!?_without_libssh:1}
%endif

# Enable bash-completion for new enough distros
%if 0%{?fedora} || 0%{?rhel} >= 7
    %define with_bash_completion  0%{!?_without_bash_completion:1}
%endif

# Use Python 3 when possible, Python 2 otherwise
%if 0%{?fedora}
    %define python python3
%else
    %if 0%{?rhel} > 7
        %define python python3-devel
    %else
        %define python python2
    %endif
%endif


%if %{with_qemu} || %{with_lxc} || %{with_uml}
# numad is used to manage the CPU and memory placement dynamically,
# it's not available on s390[x] and ARM.
    %ifnarch s390 s390x %{arm}
        %define with_numad    0%{!?_without_numad:1}
    %endif
%endif

# Force QEMU to run as non-root
%define qemu_user  qemu
%define qemu_group  qemu


%if 0%{?fedora} || 0%{?rhel} >= 7
    %define with_systemd_macros 1
%else
    %define with_systemd_macros 0
%endif


# RHEL releases provide stable tool chains and so it is safe to turn
# compiler warning into errors without being worried about frequent
# changes in reported warnings
%if 0%{?rhel}
    %define enable_werror --enable-werror
%else
    %define enable_werror --disable-werror
%endif

%if 0%{?rhel} == 7
    %define tls_priority "NORMAL"
%else
    %define tls_priority "@LIBVIRT,SYSTEM"
%endif


Summary: Library providing a simple virtualization API
Name: libvirt
Version: 4.5.0
Release: 23.2%{?dist}%{?extra_release}
License: LGPLv2+
URL: https://libvirt.org/

%if %(echo %{version} | grep -q "\.0$"; echo $?) == 1
    %define mainturl stable_updates/
%endif
Source: https://libvirt.org/sources/%{?mainturl}libvirt-%{version}.tar.xz
Source1: symlinks

Patch1: libvirt-RHEL-Hack-around-changed-Broadwell-Haswell-CPUs.patch
Patch2: libvirt-RHEL-Add-rhel-machine-types-to-qemuDomainMachineNeedsFDC.patch
Patch3: libvirt-qemu-Add-capability-for-the-HTM-pSeries-feature.patch
Patch4: libvirt-conf-Parse-and-format-the-HTM-pSeries-feature.patch
Patch5: libvirt-qemu-Format-the-HTM-pSeries-feature.patch
Patch6: libvirt-qemu-hotplug-Don-t-access-srcPriv-when-it-s-not-allocated.patch
Patch7: libvirt-qemuDomainNestedJobAllowed-Allow-QEMU_JOB_NONE.patch
Patch8: libvirt-src-Mention-DEVICE_REMOVAL_FAILED-event-in-virDomainDetachDeviceAlias-docs.patch
Patch9: libvirt-virsh.pod-Drop-persistent-for-detach-device-alias.patch
Patch10: libvirt-qemu-don-t-use-chardev-FD-passing-with-standalone-args.patch
Patch11: libvirt-qemu-remove-chardevStdioLogd-param-from-vhostuser-code-path.patch
Patch12: libvirt-qemu-consolidate-parameters-of-qemuBuildChrChardevStr-into-flags.patch
Patch13: libvirt-qemu-don-t-use-chardev-FD-passing-for-vhostuser-backend.patch
Patch14: libvirt-qemu-fix-UNIX-socket-chardevs-operating-in-client-mode.patch
Patch15: libvirt-qemuDomainDeviceDefValidateNetwork-Check-for-range-only-if-IP-prefix-set.patch
Patch16: libvirt-qemu-hotplug-Do-not-try-to-add-secret-object-for-TLS-if-it-does-not-exist.patch
Patch17: libvirt-qemu-monitor-Make-qemuMonitorAddObject-more-robust-against-programming-errors.patch
Patch18: libvirt-virDomainConfNWFilterInstantiate-initialize-xml-to-avoid-random-crash.patch
Patch19: libvirt-qemuProcessStartPRDaemonHook-Try-to-set-NS-iff-domain-was-started-with-one.patch
Patch20: libvirt-qemuDomainValidateStorageSource-Relax-PR-validation.patch
Patch21: libvirt-virStoragePRDefFormat-Suppress-path-formatting-for-migratable-XML.patch
Patch22: libvirt-qemu-Wire-up-PR_MANAGER_STATUS_CHANGED-event.patch
Patch23: libvirt-qemu_monitor-Introduce-qemuMonitorJSONGetPRManagerInfo.patch
Patch24: libvirt-qemu-Fetch-pr-helper-process-info-on-reconnect.patch
Patch25: libvirt-qemu-Fix-ATTRIBUTE_NONNULL-for-qemuMonitorAddObject.patch
Patch26: libvirt-virsh.pod-Fix-a-command-name-typo-in-nwfilter-binding-undefine.patch
Patch27: libvirt-docs-schema-Add-missing-alias-to-vsock-device.patch
Patch28: libvirt-virnetdevtap-Don-t-crash-on-ifname-in-virNetDevTapInterfaceStats.patch
Patch29: libvirt-tests-fix-TLS-handshake-failure-with-TLS-1.3.patch
Patch30: libvirt-qemu-hotplug-don-t-overwrite-error-message-in-qemuDomainAttachNetDevice.patch
Patch31: libvirt-qemu-hotplug-report-error-when-changing-rom-enabled-attr-for-net-iface.patch
Patch32: libvirt-qemu-Fix-setting-global_period-cputune-element.patch
Patch33: libvirt-tests-qemucaps-Add-test-data-for-upcoming-qemu-3.0.0.patch
Patch34: libvirt-qemu-capabilities-Add-capability-for-werror-rerror-for-usb-device-frontend.patch
Patch35: libvirt-qemu-command-Move-graphics-iteration-to-its-own-function.patch
Patch36: libvirt-qemu-address-Handle-all-the-video-devices-within-a-single-loop.patch
Patch37: libvirt-conf-Introduce-virDomainVideoDefClear-helper.patch
Patch38: libvirt-conf-Introduce-virDomainDefPostParseVideo-helper.patch
Patch39: libvirt-qemu-validate-Enforce-compile-time-switch-type-checking-for-videos.patch
Patch40: libvirt-tests-Add-capabilities-data-for-QEMU-2.11-x86_64.patch
Patch41: libvirt-tests-Update-capabilities-data-for-QEMU-3.0.0-x86_64.patch
Patch42: libvirt-qemu-qemuBuildHostdevCommandLine-Use-a-helper-variable-mdevsrc.patch
Patch43: libvirt-qemu-caps-Introduce-a-capability-for-egl-headless.patch
Patch44: libvirt-qemu-Introduce-a-new-graphics-display-type-headless.patch
Patch45: libvirt-qemu-caps-Add-vfio-pci.display-capability.patch
Patch46: libvirt-conf-Introduce-virDomainGraphicsDefHasOpenGL-helper.patch
Patch47: libvirt-conf-Replace-error-with-cleanup-in-virDomainHostdevDefParseXMLSubsys.patch
Patch48: libvirt-conf-Introduce-new-hostdev-attribute-display.patch
Patch49: libvirt-qemu-command-Enable-formatting-vfio-pci.display-option-onto-cmdline.patch
Patch50: libvirt-docs-Rephrase-the-mediated-devices-hostdev-section-a-bit.patch
Patch51: libvirt-conf-Introduce-new-video-type-none.patch
Patch52: libvirt-virt-xml-validate-Add-schema-for-nwfilterbinding.patch
Patch53: libvirt-tools-Fix-typo-generating-adapter_wwpn-field.patch
Patch54: libvirt-src-Fix-memory-leak-in-virNWFilterBindingDispose.patch
Patch55: libvirt-esx-storage-Fix-typo-lsilogic-lsiLogic.patch
Patch56: libvirt-networkGetDHCPLeases-Don-t-always-report-error-if-unable-to-read-leases-file.patch
Patch57: libvirt-nwfilter-Resolve-SEGV-for-NWFilter-Snoop-processing.patch
Patch58: libvirt-qemu-Remove-unused-bypassSecurityDriver-from-qemuOpenFileAs.patch
Patch59: libvirt-qemuDomainSaveMemory-Don-t-enforce-dynamicOwnership.patch
Patch60: libvirt-domain_nwfilter-Return-early-if-net-has-no-name-in-virDomainConfNWFilterTeardownImpl.patch
Patch61: libvirt-examples-Add-clean-traffic-gateway-into-nwfilters.patch
Patch62: libvirt-qemu-Exempt-video-model-none-from-getting-a-PCI-address-on-Q35.patch
Patch63: libvirt-conf-Fix-a-error-msg-typo-in-virDomainVideoDefValidate.patch
Patch64: libvirt-qemu_migration-Avoid-writing-to-freed-memory.patch
Patch65: libvirt-tests-Add-missing-thread_siblings_list-files.patch
Patch66: libvirt-util-Rewrite-virHostCPUCountThreadSiblings.patch
Patch67: libvirt-utils-Remove-arbitrary-limit-on-socket_id-core_id.patch
Patch68: libvirt-tests-Add-linux-high-ids-test.patch
Patch69: libvirt-qemu-hotplug-Fix-asynchronous-unplug-of-shmem.patch
Patch70: libvirt-tests-rename-hugepages-to-hugepages-default.patch
Patch71: libvirt-tests-extract-hugepages-numa-default-dimm-out-of-hugepages-numa.patch
Patch72: libvirt-tests-rename-hugepages-numa-into-hugepages-numa-default.patch
Patch73: libvirt-tests-remove-unnecessary-XML-elements-from-hugepages-numa-default.patch
Patch74: libvirt-tests-extract-pages-discard-out-of-hugepages-pages.patch
Patch75: libvirt-tests-rename-hugepages-pages-into-hugepages-numa-nodeset.patch
Patch76: libvirt-tests-rename-hugepages-pages2-into-hugepages-numa-default-2M.patch
Patch77: libvirt-tests-extract-pages-discard-hugepages-out-of-hugepages-pages3.patch
Patch78: libvirt-tests-rename-hugepages-pages3-into-hugepages-numa-nodeset-part.patch
Patch79: libvirt-tests-rename-hugepages-pages4-into-hugepages-numa-nodeset-nonexist.patch
Patch80: libvirt-tests-rename-hugepages-pages5-into-hugepages-default-2M.patch
Patch81: libvirt-tests-rename-hugepages-pages6-into-hugepages-default-system-size.patch
Patch82: libvirt-tests-rename-hugepages-pages7-into-pages-dimm-discard.patch
Patch83: libvirt-tests-rename-hugepages-pages8-into-hugepages-nodeset-nonexist.patch
Patch84: libvirt-tests-introduce-hugepages-default-1G-nodeset-2M.patch
Patch85: libvirt-tests-introduce-hugepages-nodeset.patch
Patch86: libvirt-conf-Move-hugepage-XML-validation-check-out-of-qemu_command.patch
Patch87: libvirt-conf-Move-hugepages-validation-out-of-XML-parser.patch
Patch88: libvirt-conf-Introduce-virDomainDefPostParseMemtune.patch
Patch89: libvirt-tests-sev-Test-launch-security-with-specific-QEMU-version.patch
Patch90: libvirt-qemu-Fix-probing-of-AMD-SEV-support.patch
Patch91: libvirt-qemu-caps-Format-SEV-platform-data-into-qemuCaps-cache.patch
Patch92: libvirt-conf-Parse-guestfwd-channel-device-info-again.patch
Patch93: libvirt-RHEL-Fix-virConnectGetMaxVcpus-output.patch
Patch94: libvirt-storage-Add-shrink-to-qemu-img-command-when-shrinking-vol.patch
Patch95: libvirt-access-Fix-nwfilter-binding-ACL-access-API-name-generation.patch
Patch96: libvirt-conf-Add-validation-of-input-devices.patch
Patch97: libvirt-tests-qemu-Remove-disk-from-graphics-vnc-tls.patch
Patch98: libvirt-tests-qemu-test-more-versions-for-graphics-vnc-tls.patch
Patch99: libvirt-qemu-vnc-switch-to-tls-creds-x509.patch
Patch100: libvirt-qemu-mdev-Use-vfio-pci-display-property-only-with-vfio-pci-mdevs.patch
Patch101: libvirt-virDomainDefCompatibleDevice-Relax-alias-change-check.patch
Patch102: libvirt-virDomainDetachDeviceFlags-Clarify-update-semantics.patch
Patch103: libvirt-virDomainNetDefCheckABIStability-Check-for-MTU-change-too.patch
Patch104: libvirt-qemu-monitor-Remove-qemuMonitorJSONExtractCPUArchInfo-wrapper.patch
Patch105: libvirt-qemu-monitor-Use-target-instead-of-arch-in-reply-of-query-cpus-fast.patch
Patch106: libvirt-conf-Fix-check-for-chardev-source-path.patch
Patch107: libvirt-tests-Reuse-qemucapabilities-data-for-qemucaps2xml.patch
Patch108: libvirt-tests-Add-more-tests-to-qemucaps2xml.patch
Patch109: libvirt-qemu-Drop-QEMU_CAPS_ENABLE_KVM.patch
Patch110: libvirt-qemu-Avoid-probing-non-native-binaries-all-the-time.patch
Patch111: libvirt-qemu-Clarify-QEMU_CAPS_KVM.patch
Patch112: libvirt-qemu-Don-t-check-for-dev-kvm-presence.patch
Patch113: libvirt-tests-Follow-up-on-qemucaps2xmldata-rename.patch
Patch114: libvirt-security-dac-also-label-listen-UNIX-sockets.patch
Patch115: libvirt-virsh-Require-explicit-domain-for-domxml-to-native.patch
Patch116: libvirt-virFileIsSharedFSType-Check-for-fuse.glusterfs-too.patch
Patch117: libvirt-qemu-fix-up-permissions-for-pre-created-UNIX-sockets.patch
Patch118: libvirt-cpu_map-Add-features-for-Icelake-CPUs.patch
Patch119: libvirt-cpu_map-Add-Icelake-CPU-models.patch
Patch120: libvirt-qemu-Properly-report-VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT.patch
Patch121: libvirt-qemu-Report-more-appropriate-running-reasons.patch
Patch122: libvirt-qemu-Pass-running-reason-to-RESUME-event-handler.patch
Patch123: libvirt-qemu-Map-running-reason-to-resume-event-detail.patch
Patch124: libvirt-qemu-Avoid-duplicate-resume-events-and-state-changes.patch
Patch125: libvirt-conf-qemu-add-support-for-Hyper-V-frequency-MSRs.patch
Patch126: libvirt-conf-qemu-add-support-for-Hyper-V-reenlightenment-notifications.patch
Patch127: libvirt-conf-qemu-add-support-for-Hyper-V-PV-TLB-flush.patch
Patch128: libvirt-virfile-fix-cast-align-error.patch
Patch129: libvirt-virfiletest-Fix-test-name-prefix-for-virFileInData-test.patch
Patch130: libvirt-virfiletst-Test-virFileIsSharedFS.patch
Patch131: libvirt-virFileIsSharedFSType-Detect-direct-mount-points.patch
Patch132: libvirt-virfile-Rework-virFileIsSharedFixFUSE.patch
Patch133: libvirt-RHEL-network-regain-guest-network-connectivity-after-firewalld-switch-to-nftables.patch
Patch134: libvirt-storage-Remove-secretPath-from-_virStorageBackendQemuImgInfo.patch
Patch135: libvirt-storage-Allow-for-inputvol-to-have-any-format-for-encryption.patch
Patch136: libvirt-storage-Allow-inputvol-to-be-encrypted.patch
Patch137: libvirt-access-Modify-the-VIR_ERR_ACCESS_DENIED-to-include-driverName.patch
Patch138: libvirt-docs-Enhance-polkit-documentation-to-describe-secondary-connection.patch
Patch139: libvirt-qemu-Don-t-ignore-resume-events.patch
Patch140: libvirt-virfile-Take-symlink-into-account-in-virFileIsSharedFixFUSE.patch
Patch141: libvirt-qemu-Ignore-nwfilter-binding-instantiation-issues-during-reconnect.patch
Patch142: libvirt-qemu-Set-identity-for-the-reconnect-all-thread.patch
Patch143: libvirt-Revert-access-Modify-the-VIR_ERR_ACCESS_DENIED-to-include-driverName.patch
Patch144: libvirt-access-Modify-the-VIR_ERR_ACCESS_DENIED-to-include-driverName_1.patch
Patch145: libvirt-qemu-add-vfio-ap-capability.patch
Patch146: libvirt-qemu-vfio-ap-device-support.patch
Patch147: libvirt-qemu-Extract-MDEV-VFIO-PCI-validation-code-into-a-separate-helper.patch
Patch148: libvirt-conf-Move-VFIO-AP-validation-from-post-parse-to-QEMU-validation-code.patch
Patch149: libvirt-qemu-Fix-post-copy-migration-on-the-source.patch
Patch150: libvirt-util-Don-t-overflow-in-virRandomBits.patch
Patch151: libvirt-virrandom-Avoid-undefined-behaviour-in-virRandomBits.patch
Patch152: libvirt-qemu-Drop-duplicated-code-from-qemuDomainDefValidateFeatures.patch
Patch153: libvirt-tests-Add-capabilities-data-for-QEMU-3.1.0-on-ppc64.patch
Patch154: libvirt-qemu-Introduce-QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV.patch
Patch155: libvirt-conf-Parse-and-format-nested-hv-feature.patch
Patch156: libvirt-qemu-Format-nested-hv-feature-on-the-command-line.patch
Patch157: libvirt-qemu-Add-check-for-whether-KVM-nesting-is-enabled.patch
Patch158: libvirt-secret-Add-check-validation-for-correct-usage-when-LookupByUUID.patch
Patch159: libvirt-cpu-Add-support-for-stibp-x86_64-feature.patch
Patch160: libvirt-virsh-Strip-XML-declaration-when-extracting-CPU-XMLs.patch
Patch161: libvirt-RHEL-qemu-Add-ability-to-set-sgio-values-for-hostdev.patch
Patch162: libvirt-RHEL-qemu-Add-check-for-unpriv-sgio-for-SCSI-generic-host-device.patch
Patch163: libvirt-qemu-Alter-val-usage-in-qemuSetUnprivSGIO.patch
Patch164: libvirt-qemu-Alter-qemuSetUnprivSGIO-hostdev-shareable-logic.patch
Patch165: libvirt-conf-correct-false-boot-order-error-during-domain-parse.patch
Patch166: libvirt-qemu-Remove-duplicated-qemuAgentCheckError.patch
Patch167: libvirt-qemu-require-reply-from-guest-agent-in-qemuAgentGetInterfaces.patch
Patch168: libvirt-qemu-Filter-non-SCSI-hostdevs-in-qemuHostdevPrepareSCSIDevices.patch
Patch169: libvirt-util-remove-const-specifier-from-nlmsghdr-arg-to-virNetlinkDumpCallback.patch
Patch170: libvirt-util-add-a-function-to-insert-new-interfaces-to-IPv6CheckForwarding-list.patch
Patch171: libvirt-util-use-nlmsg_find_attr-instead-of-an-open-coded-loop.patch
Patch172: libvirt-util-check-accept_ra-for-all-nexthop-interfaces-of-multipath-routes.patch
Patch173: libvirt-util-make-forgotten-changes-suggested-during-review-of-commit-d40b820c.patch
Patch174: libvirt-qemu-Fix-logic-error-in-qemuSetUnprivSGIO.patch
Patch175: libvirt-tests-qemuxml2argv-Add-test-case-for-empty-CDROM-with-cache-mode.patch
Patch176: libvirt-qemu-command-Don-t-format-image-properties-for-empty-drive.patch
Patch177: libvirt-RHEL-qemu-Fix-crash-trying-to-use-iSCSI-hostdev.patch
Patch178: libvirt-docs-Drop-dev-net-tun-from-the-list-of-shared-devices.patch
Patch179: libvirt-qemu-conf-Remove-dev-sev-from-the-default-cgroup-device-acl-list.patch
Patch180: libvirt-qemu-cgroup-Expose-dev-sev-only-to-domains-that-require-SEV.patch
Patch181: libvirt-qemu-domain-Add-dev-sev-into-the-domain-mount-namespace-selectively.patch
Patch182: libvirt-security-dac-Relabel-dev-sev-in-the-namespace.patch
Patch183: libvirt-qemu-caps-Use-CAP_DAC_OVERRIDE-for-probing-to-avoid-permission-issues.patch
Patch184: libvirt-qemu-caps-Don-t-try-to-ask-for-CAP_DAC_OVERRIDE-if-non-root.patch
Patch185: libvirt-Revert-RHEL-network-regain-guest-network-connectivity-after-firewalld-switch-to-nftables.patch
Patch186: libvirt-configure-change-HAVE_FIREWALLD-to-WITH_FIREWALLD.patch
Patch187: libvirt-util-move-all-firewalld-specific-stuff-into-its-own-files.patch
Patch188: libvirt-util-new-virFirewallD-APIs-docs.patch
Patch189: libvirt-configure-selectively-install-a-firewalld-libvirt-zone.patch
Patch190: libvirt-network-set-firewalld-zone-of-bridges-to-libvirt-zone-when-appropriate.patch
Patch191: libvirt-network-allow-configuring-firewalld-zone-for-virtual-network-bridge-device.patch
Patch192: libvirt-util-remove-test-code-accidentally-committed-to-virFirewallDZoneExists.patch
Patch193: libvirt-qemu-command-Don-t-skip-readonly-and-throttling-info-for-empty-drive.patch
Patch194: libvirt-util-fix-memory-leak-in-virFirewallDInterfaceSetZone.patch
Patch195: libvirt-network-explicitly-allow-icmp-icmpv6-in-libvirt-zonefile.patch
Patch196: libvirt-cpu_x86-Do-not-cache-microcode-version.patch
Patch197: libvirt-qemu-Don-t-cache-microcode-version.patch
Patch198: libvirt-cputest-Add-data-for-Intel-R-Xeon-R-CPU-E3-1225-v5.patch
Patch199: libvirt-cpu_map-Define-md-clear-CPUID-bit.patch
Patch200: libvirt-admin-reject-clients-unless-their-UID-matches-the-current-UID.patch
Patch201: libvirt-locking-restrict-sockets-to-mode-0600.patch
Patch202: libvirt-logging-restrict-sockets-to-mode-0600.patch

Requires: libvirt-daemon = %{version}-%{release}
Requires: libvirt-daemon-config-network = %{version}-%{release}
Requires: libvirt-daemon-config-nwfilter = %{version}-%{release}
%if %{with_libxl}
Requires: libvirt-daemon-driver-libxl = %{version}-%{release}
%endif
%if %{with_lxc}
Requires: libvirt-daemon-driver-lxc = %{version}-%{release}
%endif
%if %{with_qemu}
Requires: libvirt-daemon-driver-qemu = %{version}-%{release}
%endif
%if %{with_uml}
Requires: libvirt-daemon-driver-uml = %{version}-%{release}
%endif
%if %{with_vbox}
Requires: libvirt-daemon-driver-vbox = %{version}-%{release}
%endif
Requires: libvirt-daemon-driver-nwfilter = %{version}-%{release}

Requires: libvirt-daemon-driver-interface = %{version}-%{release}
Requires: libvirt-daemon-driver-secret = %{version}-%{release}
Requires: libvirt-daemon-driver-storage = %{version}-%{release}
Requires: libvirt-daemon-driver-network = %{version}-%{release}
Requires: libvirt-daemon-driver-nodedev = %{version}-%{release}
Requires: libvirt-client = %{version}-%{release}
Requires: libvirt-libs = %{version}-%{release}

# All build-time requirements. Run-time requirements are
# listed against each sub-RPM
%if 0%{?enable_autotools}
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: gettext-devel
BuildRequires: libtool
BuildRequires: /usr/bin/pod2man
%endif
BuildRequires: gcc
BuildRequires: git
%if 0%{?fedora} >= 27 || 0%{?rhel} > 7
BuildRequires: perl-interpreter
%else
BuildRequires: perl
%endif
BuildRequires: %{python}
%if %{with_systemd}
BuildRequires: systemd-units
%endif
%if %{with_libxl}
BuildRequires: xen-devel
%endif
BuildRequires: libxml2-devel
BuildRequires: libxslt
BuildRequires: readline-devel
%if %{with_bash_completion}
BuildRequires: bash-completion >= 2.0
%endif
BuildRequires: ncurses-devel
BuildRequires: gettext
BuildRequires: libtasn1-devel
%if (0%{?rhel} && 0%{?rhel} < 7)
BuildRequires: libgcrypt-devel
%endif
BuildRequires: gnutls-devel
BuildRequires: libattr-devel
# For pool-build probing for existing pools
BuildRequires: libblkid-devel >= 2.17
# for augparse, optionally used in testing
BuildRequires: augeas
%if 0%{?fedora} || 0%{?rhel} >= 7
BuildRequires: systemd-devel >= 185
%else
BuildRequires: libudev-devel >= 145
%endif
BuildRequires: libpciaccess-devel >= 0.10.9
BuildRequires: yajl-devel
%if %{with_sanlock}
BuildRequires: sanlock-devel >= 2.4
%endif
BuildRequires: libpcap-devel
%if 0%{?rhel} && 0%{?rhel} < 7
BuildRequires: libnl-devel
%else
BuildRequires: libnl3-devel
%endif
BuildRequires: avahi-devel
BuildRequires: libselinux-devel
BuildRequires: dnsmasq >= 2.41
BuildRequires: iptables
%if 0%{?rhel} && 0%{?rhel} < 7
BuildRequires: iptables-ipv6
%endif
BuildRequires: radvd
BuildRequires: ebtables
BuildRequires: module-init-tools
BuildRequires: cyrus-sasl-devel
%if 0%{?fedora} || 0%{?rhel} >= 7
BuildRequires: polkit >= 0.112
%else
BuildRequires: polkit >= 0.93
%endif
# For mount/umount in FS driver
BuildRequires: util-linux
%if %{with_qemu}
# For managing ACLs
BuildRequires: libacl-devel
# From QEMU RPMs
BuildRequires: /usr/bin/qemu-img
%endif
# For LVM drivers
BuildRequires: lvm2
# For ISCSI driver
BuildRequires: iscsi-initiator-utils
# For disk driver
BuildRequires: parted-devel
# For Multipath support
BuildRequires: device-mapper-devel
%if %{with_storage_rbd}
    %if 0%{?fedora} || 0%{?rhel} >= 7
BuildRequires: librados2-devel
BuildRequires: librbd1-devel
    %else
BuildRequires: ceph-devel
    %endif
%endif
%if %{with_storage_gluster}
BuildRequires: glusterfs-api-devel >= 3.4.1
BuildRequires: glusterfs-devel >= 3.4.1
%endif
%if %{with_storage_sheepdog}
BuildRequires: sheepdog
%endif
%if %{with_storage_zfs}
# Support any conforming implementation of zfs. On stock Fedora
# this is zfs-fuse, but could be zfsonlinux upstream RPMs
BuildRequires: /sbin/zfs
BuildRequires: /sbin/zpool
%endif
%if %{with_numactl}
# For QEMU/LXC numa info
BuildRequires: numactl-devel
%endif
BuildRequires: libcap-ng-devel >= 0.5.0
%if %{with_fuse}
BuildRequires: fuse-devel >= 2.8.6
%endif
%if %{with_phyp} || %{with_libssh2}
BuildRequires: libssh2-devel >= 1.3.0
%endif

%if 0%{?fedora} || 0%{?rhel} >= 7
BuildRequires: netcf-devel >= 0.2.2
%else
BuildRequires: netcf-devel >= 0.1.8
%endif
%if %{with_esx}
BuildRequires: libcurl-devel
%endif
%if %{with_hyperv}
BuildRequires: libwsman-devel >= 2.2.3
%endif
BuildRequires: audit-libs-devel
# we need /usr/sbin/dtrace
BuildRequires: systemtap-sdt-devel

# For mount/umount in FS driver
BuildRequires: util-linux
# For showmount in FS driver (netfs discovery)
BuildRequires: nfs-utils

# Communication with the firewall and polkit daemons use DBus
BuildRequires: dbus-devel

# Fedora build root suckage
BuildRequires: gawk

# For storage wiping with different algorithms
BuildRequires: scrub

%if %{with_numad}
BuildRequires: numad
%endif

%if %{with_wireshark}
BuildRequires: wireshark-devel >= 2.1.0
%endif

%if %{with_libssh}
BuildRequires: libssh-devel >= 0.7.0
%endif

%if 0%{?fedora} > 27 || 0%{?rhel} > 7
BuildRequires: rpcgen
BuildRequires: libtirpc-devel
%endif

%if %{with_firewalld_zone}
BuildRequires: firewalld-filesystem
%endif

Provides: bundled(gnulib)

%description
Libvirt is a C toolkit to interact with the virtualization capabilities
of recent versions of Linux (and other OSes). The main package includes
the libvirtd server exporting the virtualization support.

%package docs
Summary: API reference and website documentation

%description docs
Includes the API reference for the libvirt C library, and a complete
copy of the libvirt.org website documentation.

%package daemon
Summary: Server side daemon and supporting files for libvirt library

# All runtime requirements for the libvirt package (runtime requrements
# for subpackages are listed later in those subpackages)

# The client side, i.e. shared libs are in a subpackage
Requires: %{name}-libs = %{version}-%{release}

# for modprobe of pci devices
Requires: module-init-tools

# for /sbin/ip & /sbin/tc
Requires: iproute
# tc is provided by iproute-tc since at least Fedora 26
%if 0%{?fedora} || 0%{?rhel} > 7
Requires: iproute-tc
%endif

Requires: avahi-libs
%if 0%{?fedora} || 0%{?rhel} >= 7
Requires: polkit >= 0.112
%else
Requires: polkit >= 0.93
%endif
%ifarch %{ix86} x86_64 ia64
# For virConnectGetSysinfo
Requires: dmidecode
%endif
# For service management
%if %{with_systemd}
Requires(post): systemd-units
Requires(post): systemd-sysv
Requires(preun): systemd-units
Requires(postun): systemd-units
%endif
%if %{with_numad}
Requires: numad
%endif
# libvirtd depends on 'messagebus' service
Requires: dbus
# For uid creation during pre
Requires(pre): shadow-utils

%description daemon
Server side daemon required to manage the virtualization capabilities
of recent versions of Linux. Requires a hypervisor specific sub-RPM
for specific drivers.

%package daemon-config-network
Summary: Default configuration files for the libvirtd daemon

Requires: libvirt-daemon = %{version}-%{release}
Requires: libvirt-daemon-driver-network = %{version}-%{release}

%description daemon-config-network
Default configuration files for setting up NAT based networking

%package daemon-config-nwfilter
Summary: Network filter configuration files for the libvirtd daemon

Requires: libvirt-daemon = %{version}-%{release}
Requires: libvirt-daemon-driver-nwfilter = %{version}-%{release}

%description daemon-config-nwfilter
Network filter configuration files for cleaning guest traffic

%package daemon-driver-network
Summary: Network driver plugin for the libvirtd daemon
Requires: libvirt-daemon = %{version}-%{release}
Requires: libvirt-libs = %{version}-%{release}
Requires: dnsmasq >= 2.41
Requires: radvd
Requires: iptables
%if 0%{?rhel} && 0%{?rhel} < 7
Requires: iptables-ipv6
%endif

%description daemon-driver-network
The network driver plugin for the libvirtd daemon, providing
an implementation of the virtual network APIs using the Linux
bridge capabilities.


%package daemon-driver-nwfilter
Summary: Nwfilter driver plugin for the libvirtd daemon
Requires: libvirt-daemon = %{version}-%{release}
Requires: libvirt-libs = %{version}-%{release}
Requires: iptables
%if 0%{?rhel} && 0%{?rhel} < 7
Requires: iptables-ipv6
%endif
Requires: ebtables

%description daemon-driver-nwfilter
The nwfilter driver plugin for the libvirtd daemon, providing
an implementation of the firewall APIs using the ebtables,
iptables and ip6tables capabilities


%package daemon-driver-nodedev
Summary: Nodedev driver plugin for the libvirtd daemon
Requires: libvirt-daemon = %{version}-%{release}
Requires: libvirt-libs = %{version}-%{release}
# needed for device enumeration
%if 0%{?fedora} || 0%{?rhel} >= 7
Requires: systemd >= 185
%else
Requires: udev >= 145
%endif

%description daemon-driver-nodedev
The nodedev driver plugin for the libvirtd daemon, providing
an implementation of the node device APIs using the udev
capabilities.


%package daemon-driver-interface
Summary: Interface driver plugin for the libvirtd daemon
Requires: libvirt-daemon = %{version}-%{release}
Requires: libvirt-libs = %{version}-%{release}
%if (0%{?fedora} || 0%{?rhel} >= 7)
Requires: netcf-libs >= 0.2.2
%endif

%description daemon-driver-interface
The interface driver plugin for the libvirtd daemon, providing
an implementation of the network interface APIs using the
netcf library


%package daemon-driver-secret
Summary: Secret driver plugin for the libvirtd daemon
Requires: libvirt-daemon = %{version}-%{release}
Requires: libvirt-libs = %{version}-%{release}

%description daemon-driver-secret
The secret driver plugin for the libvirtd daemon, providing
an implementation of the secret key APIs.

%package daemon-driver-storage-core
Summary: Storage driver plugin including base backends for the libvirtd daemon
Requires: libvirt-daemon = %{version}-%{release}
Requires: libvirt-libs = %{version}-%{release}
Requires: nfs-utils
# For mkfs
Requires: util-linux
%if %{with_qemu}
# From QEMU RPMs
Requires: /usr/bin/qemu-img
%endif

%description daemon-driver-storage-core
The storage driver plugin for the libvirtd daemon, providing
an implementation of the storage APIs using files, local disks, LVM, SCSI,
iSCSI, and multipath storage.

%package daemon-driver-storage-logical
Summary: Storage driver plugin for lvm volumes
Requires: libvirt-daemon-driver-storage-core = %{version}-%{release}
Requires: libvirt-libs = %{version}-%{release}
Requires: lvm2

%description daemon-driver-storage-logical
The storage driver backend adding implementation of the storage APIs for block
volumes using lvm.


%package daemon-driver-storage-disk
Summary: Storage driver plugin for disk
Requires: libvirt-daemon-driver-storage-core = %{version}-%{release}
Requires: libvirt-libs = %{version}-%{release}
Requires: parted
Requires: device-mapper

%description daemon-driver-storage-disk
The storage driver backend adding implementation of the storage APIs for block
volumes using the host disks.


%package daemon-driver-storage-scsi
Summary: Storage driver plugin for local scsi devices
Requires: libvirt-daemon-driver-storage-core = %{version}-%{release}
Requires: libvirt-libs = %{version}-%{release}

%description daemon-driver-storage-scsi
The storage driver backend adding implementation of the storage APIs for scsi
host devices.


%package daemon-driver-storage-iscsi
Summary: Storage driver plugin for iscsi
Requires: libvirt-daemon-driver-storage-core = %{version}-%{release}
Requires: libvirt-libs = %{version}-%{release}
Requires: iscsi-initiator-utils

%description daemon-driver-storage-iscsi
The storage driver backend adding implementation of the storage APIs for iscsi
volumes using the host iscsi stack.


%package daemon-driver-storage-mpath
Summary: Storage driver plugin for multipath volumes
Requires: libvirt-daemon-driver-storage-core = %{version}-%{release}
Requires: libvirt-libs = %{version}-%{release}
Requires: device-mapper

%description daemon-driver-storage-mpath
The storage driver backend adding implementation of the storage APIs for
multipath storage using device mapper.


%if %{with_storage_gluster}
%package daemon-driver-storage-gluster
Summary: Storage driver plugin for gluster
Requires: libvirt-daemon-driver-storage-core = %{version}-%{release}
Requires: libvirt-libs = %{version}-%{release}
    %if 0%{?fedora}
Requires: glusterfs-client >= 2.0.1
    %endif
    %if (0%{?fedora} || 0%{?with_storage_gluster})
Requires: /usr/sbin/gluster
    %endif

%description daemon-driver-storage-gluster
The storage driver backend adding implementation of the storage APIs for gluster
volumes using libgfapi.
%endif


%if %{with_storage_rbd}
%package daemon-driver-storage-rbd
Summary: Storage driver plugin for rbd
Requires: libvirt-daemon-driver-storage-core = %{version}-%{release}
Requires: libvirt-libs = %{version}-%{release}

%description daemon-driver-storage-rbd
The storage driver backend adding implementation of the storage APIs for rbd
volumes using the ceph protocol.
%endif


%if %{with_storage_sheepdog}
%package daemon-driver-storage-sheepdog
Summary: Storage driver plugin for sheepdog
Requires: libvirt-daemon-driver-storage-core = %{version}-%{release}
Requires: libvirt-libs = %{version}-%{release}
Requires: sheepdog

%description daemon-driver-storage-sheepdog
The storage driver backend adding implementation of the storage APIs for
sheepdog volumes using.
%endif


%if %{with_storage_zfs}
%package daemon-driver-storage-zfs
Summary: Storage driver plugin for ZFS
Requires: libvirt-daemon-driver-storage-core = %{version}-%{release}
Requires: libvirt-libs = %{version}-%{release}
# Support any conforming implementation of zfs
Requires: /sbin/zfs
Requires: /sbin/zpool

%description daemon-driver-storage-zfs
The storage driver backend adding implementation of the storage APIs for
ZFS volumes.
%endif


%package daemon-driver-storage
Summary: Storage driver plugin including all backends for the libvirtd daemon
Requires: libvirt-daemon-driver-storage-core = %{version}-%{release}
Requires: libvirt-daemon-driver-storage-disk = %{version}-%{release}
Requires: libvirt-daemon-driver-storage-logical = %{version}-%{release}
Requires: libvirt-daemon-driver-storage-scsi = %{version}-%{release}
Requires: libvirt-daemon-driver-storage-iscsi = %{version}-%{release}
Requires: libvirt-daemon-driver-storage-mpath = %{version}-%{release}
%if %{with_storage_gluster}
Requires: libvirt-daemon-driver-storage-gluster = %{version}-%{release}
%endif
%if %{with_storage_rbd}
Requires: libvirt-daemon-driver-storage-rbd = %{version}-%{release}
%endif
%if %{with_storage_sheepdog}
Requires: libvirt-daemon-driver-storage-sheepdog = %{version}-%{release}
%endif
%if %{with_storage_zfs}
Requires: libvirt-daemon-driver-storage-zfs = %{version}-%{release}
%endif

%description daemon-driver-storage
The storage driver plugin for the libvirtd daemon, providing
an implementation of the storage APIs using LVM, iSCSI,
parted and more.


%if %{with_qemu}
%package daemon-driver-qemu
Summary: QEMU driver plugin for the libvirtd daemon
Requires: libvirt-daemon = %{version}-%{release}
Requires: libvirt-libs = %{version}-%{release}
# There really is a hard cross-driver dependency here
Requires: libvirt-daemon-driver-network = %{version}-%{release}
Requires: libvirt-daemon-driver-storage-core = %{version}-%{release}
Requires: /usr/bin/qemu-img
# For image compression
Requires: gzip
Requires: bzip2
Requires: lzop
Requires: xz
    %if 0%{?fedora} || 0%{?rhel} > 7
Requires: systemd-container
    %endif

%description daemon-driver-qemu
The qemu driver plugin for the libvirtd daemon, providing
an implementation of the hypervisor driver APIs using
QEMU
%endif


%if %{with_lxc}
%package daemon-driver-lxc
Summary: LXC driver plugin for the libvirtd daemon
Requires: libvirt-daemon = %{version}-%{release}
Requires: libvirt-libs = %{version}-%{release}
# There really is a hard cross-driver dependency here
Requires: libvirt-daemon-driver-network = %{version}-%{release}
    %if 0%{?fedora} || 0%{?rhel} > 7
Requires: systemd-container
    %endif

%description daemon-driver-lxc
The LXC driver plugin for the libvirtd daemon, providing
an implementation of the hypervisor driver APIs using
the Linux kernel
%endif


%if %{with_uml}
%package daemon-driver-uml
Summary: Uml driver plugin for the libvirtd daemon
Requires: libvirt-daemon = %{version}-%{release}
Requires: libvirt-libs = %{version}-%{release}

%description daemon-driver-uml
The UML driver plugin for the libvirtd daemon, providing
an implementation of the hypervisor driver APIs using
User Mode Linux
%endif


%if %{with_vbox}
%package daemon-driver-vbox
Summary: VirtualBox driver plugin for the libvirtd daemon
Requires: libvirt-daemon = %{version}-%{release}
Requires: libvirt-libs = %{version}-%{release}

%description daemon-driver-vbox
The vbox driver plugin for the libvirtd daemon, providing
an implementation of the hypervisor driver APIs using
VirtualBox
%endif


%if %{with_libxl}
%package daemon-driver-libxl
Summary: Libxl driver plugin for the libvirtd daemon
Requires: libvirt-daemon = %{version}-%{release}
Requires: libvirt-libs = %{version}-%{release}
Obsoletes: libvirt-daemon-driver-xen < 4.3.0

%description daemon-driver-libxl
The Libxl driver plugin for the libvirtd daemon, providing
an implementation of the hypervisor driver APIs using
Libxl
%endif



%if %{with_qemu_tcg}
%package daemon-qemu
Summary: Server side daemon & driver required to run QEMU guests

Requires: libvirt-daemon = %{version}-%{release}
Requires: libvirt-daemon-driver-qemu = %{version}-%{release}
Requires: libvirt-daemon-driver-interface = %{version}-%{release}
Requires: libvirt-daemon-driver-network = %{version}-%{release}
Requires: libvirt-daemon-driver-nodedev = %{version}-%{release}
Requires: libvirt-daemon-driver-nwfilter = %{version}-%{release}
Requires: libvirt-daemon-driver-secret = %{version}-%{release}
Requires: libvirt-daemon-driver-storage = %{version}-%{release}
Requires: qemu

%description daemon-qemu
Server side daemon and driver required to manage the virtualization
capabilities of the QEMU TCG emulators
%endif


%if %{with_qemu_kvm}
%package daemon-kvm
Summary: Server side daemon & driver required to run KVM guests

Requires: libvirt-daemon = %{version}-%{release}
Requires: libvirt-daemon-driver-qemu = %{version}-%{release}
Requires: libvirt-daemon-driver-interface = %{version}-%{release}
Requires: libvirt-daemon-driver-network = %{version}-%{release}
Requires: libvirt-daemon-driver-nodedev = %{version}-%{release}
Requires: libvirt-daemon-driver-nwfilter = %{version}-%{release}
Requires: libvirt-daemon-driver-secret = %{version}-%{release}
Requires: libvirt-daemon-driver-storage = %{version}-%{release}
Requires: qemu-kvm

%description daemon-kvm
Server side daemon and driver required to manage the virtualization
capabilities of the KVM hypervisor
%endif


%if %{with_lxc}
%package daemon-lxc
Summary: Server side daemon & driver required to run LXC guests

Requires: libvirt-daemon = %{version}-%{release}
Requires: libvirt-daemon-driver-lxc = %{version}-%{release}
Requires: libvirt-daemon-driver-interface = %{version}-%{release}
Requires: libvirt-daemon-driver-network = %{version}-%{release}
Requires: libvirt-daemon-driver-nodedev = %{version}-%{release}
Requires: libvirt-daemon-driver-nwfilter = %{version}-%{release}
Requires: libvirt-daemon-driver-secret = %{version}-%{release}
Requires: libvirt-daemon-driver-storage = %{version}-%{release}

%description daemon-lxc
Server side daemon and driver required to manage the virtualization
capabilities of LXC
%endif


%if %{with_uml}
%package daemon-uml
Summary: Server side daemon & driver required to run UML guests

Requires: libvirt-daemon = %{version}-%{release}
Requires: libvirt-daemon-driver-uml = %{version}-%{release}
Requires: libvirt-daemon-driver-interface = %{version}-%{release}
Requires: libvirt-daemon-driver-network = %{version}-%{release}
Requires: libvirt-daemon-driver-nodedev = %{version}-%{release}
Requires: libvirt-daemon-driver-nwfilter = %{version}-%{release}
Requires: libvirt-daemon-driver-secret = %{version}-%{release}
Requires: libvirt-daemon-driver-storage = %{version}-%{release}
# There are no UML kernel RPMs in Fedora/RHEL to depend on.

%description daemon-uml
Server side daemon and driver required to manage the virtualization
capabilities of UML
%endif


%if %{with_libxl}
%package daemon-xen
Summary: Server side daemon & driver required to run XEN guests

Requires: libvirt-daemon = %{version}-%{release}
    %if %{with_libxl}
Requires: libvirt-daemon-driver-libxl = %{version}-%{release}
    %endif
Requires: libvirt-daemon-driver-interface = %{version}-%{release}
Requires: libvirt-daemon-driver-network = %{version}-%{release}
Requires: libvirt-daemon-driver-nodedev = %{version}-%{release}
Requires: libvirt-daemon-driver-nwfilter = %{version}-%{release}
Requires: libvirt-daemon-driver-secret = %{version}-%{release}
Requires: libvirt-daemon-driver-storage = %{version}-%{release}
Requires: xen

%description daemon-xen
Server side daemon and driver required to manage the virtualization
capabilities of XEN
%endif

%if %{with_vbox}
%package daemon-vbox
Summary: Server side daemon & driver required to run VirtualBox guests

Requires: libvirt-daemon = %{version}-%{release}
Requires: libvirt-daemon-driver-vbox = %{version}-%{release}
Requires: libvirt-daemon-driver-interface = %{version}-%{release}
Requires: libvirt-daemon-driver-network = %{version}-%{release}
Requires: libvirt-daemon-driver-nodedev = %{version}-%{release}
Requires: libvirt-daemon-driver-nwfilter = %{version}-%{release}
Requires: libvirt-daemon-driver-secret = %{version}-%{release}
Requires: libvirt-daemon-driver-storage = %{version}-%{release}

%description daemon-vbox
Server side daemon and driver required to manage the virtualization
capabilities of VirtualBox
%endif

%package client
Summary: Client side utilities of the libvirt library
Requires: %{name}-libs = %{version}-%{release}
Requires: readline
Requires: ncurses
# Needed by /usr/libexec/libvirt-guests.sh script.
Requires: gettext
# Needed by virt-pki-validate script.
Requires: gnutls-utils
%if %{with_pm_utils}
# Needed for probing the power management features of the host.
Requires: pm-utils
%endif
%if %{with_bash_completion}
Requires: %{name}-bash-completion = %{version}-%{release}
%endif

%description client
The client binaries needed to access the virtualization
capabilities of recent versions of Linux (and other OSes).

%package libs
Summary: Client side libraries
# So remote clients can access libvirt over SSH tunnel
# (client invokes 'nc' against the UNIX socket on the server)
Requires: nc
Requires: cyrus-sasl
# Needed by default sasl.conf - no onerous extra deps, since
# 100's of other things on a system already pull in krb5-libs
Requires: cyrus-sasl-gssapi

%description libs
Shared libraries for accessing the libvirt daemon.

%package admin
Summary: Set of tools to control libvirt daemon
Requires: %{name}-libs = %{version}-%{release}
Requires: readline
%if %{with_bash_completion}
Requires: %{name}-bash-completion = %{version}-%{release}
%endif

%description admin
The client side utilities to control the libvirt daemon.

%if %{with_bash_completion}
%package bash-completion
Summary: Bash completion script

%description bash-completion
Bash completion script stub.
%endif

%if %{with_wireshark}
%package wireshark
Summary: Wireshark dissector plugin for libvirt RPC transactions
Requires: wireshark >= 1.12.6-4
Requires: %{name}-libs = %{version}-%{release}

%description wireshark
Wireshark dissector plugin for better analysis of libvirt RPC traffic.
%endif

%if %{with_lxc}
%package login-shell
Summary: Login shell for connecting users to an LXC container
Requires: %{name}-libs = %{version}-%{release}

%description login-shell
Provides the set-uid virt-login-shell binary that is used to
connect a user to an LXC container when they login, by switching
namespaces.
%endif

%package devel
Summary: Libraries, includes, etc. to compile with the libvirt library
Requires: %{name}-libs = %{version}-%{release}
Requires: pkgconfig

%description devel
Include header files & development libraries for the libvirt C library.

%if %{with_sanlock}
%package lock-sanlock
Summary: Sanlock lock manager plugin for QEMU driver
Requires: sanlock >= 2.4
#for virt-sanlock-cleanup require augeas
Requires: augeas
Requires: %{name}-daemon = %{version}-%{release}
Requires: %{name}-libs = %{version}-%{release}

%description lock-sanlock
Includes the Sanlock lock manager plugin for the QEMU
driver
%endif

%package nss
Summary: Libvirt plugin for Name Service Switch
Requires: libvirt-daemon-driver-network = %{version}-%{release}

%description nss
Libvirt plugin for NSS for translating domain names into IP addresses.


%prep

%setup -q

# "make dist" replaces all symlinks with a copy of the linked files;
# we need to replace all of them with the original symlinks
echo "Restoring symlinks"
while read lnk target; do
    if [ -e $lnk ]; then
        rm -rf $lnk
        ln -s $target $lnk
    fi
done <%{_sourcedir}/symlinks || exit 1

# Patches have to be stored in a temporary file because RPM has
# a limit on the length of the result of any macro expansion;
# if the string is longer, it's silently cropped
%{lua:
    tmp = os.tmpname();
    f = io.open(tmp, "w+");
    count = 0;
    for i, p in ipairs(patches) do
        f:write(p.."\n");
        count = count + 1;
    end;
    f:close();
    print("PATCHCOUNT="..count.."\n")
    print("PATCHLIST="..tmp.."\n")
}

git init -q
git config user.name rpm-build
git config user.email rpm-build
git config gc.auto 0
git add .
git commit -q -a --author 'rpm-build <rpm-build>' \
           -m '%{name}-%{version} base'

COUNT=$(grep '\.patch$' $PATCHLIST | wc -l)
if [ $COUNT -ne $PATCHCOUNT ]; then
    echo "Found $COUNT patches in $PATCHLIST, expected $PATCHCOUNT"
    exit 1
fi
if [ $COUNT -gt 0 ]; then
    xargs git am <$PATCHLIST || exit 1
fi
echo "Applied $COUNT patches"
rm -f $PATCHLIST
rm -rf .git

%build
%if ! %{supported_platform}
echo "This RPM requires either Fedora >= %{min_fedora} or RHEL >= %{min_rhel}"
exit 1
%endif

%if %{with_qemu}
    %define arg_qemu --with-qemu
%else
    %define arg_qemu --without-qemu
%endif

%if %{with_openvz}
    %define arg_openvz --with-openvz
%else
    %define arg_openvz --without-openvz
%endif

%if %{with_lxc}
    %define arg_lxc --with-lxc
    %define arg_login_shell --with-login-shell
%else
    %define arg_lxc --without-lxc
    %define arg_login_shell --without-login-shell
%endif

%if %{with_vbox}
    %define arg_vbox --with-vbox
%else
    %define arg_vbox --without-vbox
%endif

%if %{with_libxl}
    %define arg_libxl --with-libxl
%else
    %define arg_libxl --without-libxl
%endif

%if %{with_phyp}
    %define arg_phyp --with-phyp
%else
    %define arg_phyp --without-phyp
%endif

%if %{with_esx}
    %define arg_esx --with-esx
%else
    %define arg_esx --without-esx
%endif

%if %{with_hyperv}
    %define arg_hyperv --with-hyperv
%else
    %define arg_hyperv --without-hyperv
%endif

%if %{with_vmware}
    %define arg_vmware --with-vmware
%else
    %define arg_vmware --without-vmware
%endif

%if %{with_uml}
    %define arg_uml --with-uml
%else
    %define arg_uml --without-uml
%endif

%if %{with_storage_rbd}
    %define arg_storage_rbd --with-storage-rbd
%else
    %define arg_storage_rbd --without-storage-rbd
%endif

%if %{with_storage_sheepdog}
    %define arg_storage_sheepdog --with-storage-sheepdog
%else
    %define arg_storage_sheepdog --without-storage-sheepdog
%endif

%if %{with_storage_gluster}
    %define arg_storage_gluster --with-storage-gluster
%else
    %define arg_storage_gluster --without-storage-gluster
%endif

%if %{with_storage_zfs}
    %define arg_storage_zfs --with-storage-zfs
%else
    %define arg_storage_zfs --without-storage-zfs
%endif

%if %{with_numactl}
    %define arg_numactl --with-numactl
%else
    %define arg_numactl --without-numactl
%endif

%if %{with_numad}
    %define arg_numad --with-numad
%else
    %define arg_numad --without-numad
%endif

%if %{with_fuse}
    %define arg_fuse --with-fuse
%else
    %define arg_fuse --without-fuse
%endif

%if %{with_sanlock}
    %define arg_sanlock --with-sanlock
%else
    %define arg_sanlock --without-sanlock
%endif

%if %{with_firewalld}
    %define arg_firewalld --with-firewalld
%else
    %define arg_firewalld --without-firewalld
%endif

%if %{with_firewalld_zone}
    %define arg_firewalld_zone --with-firewalld-zone
%else
    %define arg_firewalld_zone --without-firewalld-zone
%endif

%if %{with_wireshark}
    %define arg_wireshark --with-wireshark-dissector
%else
    %define arg_wireshark --without-wireshark-dissector
%endif

%if %{with_pm_utils}
    %define arg_pm_utils --with-pm-utils
%else
    %define arg_pm_utils --without-pm-utils
%endif

%define when  %(date +"%%F-%%T")
%define where %(hostname)
%define who   %{?packager}%{!?packager:Unknown}
%define arg_packager --with-packager="%{who}, %{when}, %{where}"
%define arg_packager_version --with-packager-version="%{release}"

%if %{with_systemd}
    %define arg_init_script --with-init-script=systemd
%else
    %define arg_init_script --with-init-script=redhat
%endif

%if 0%{?fedora} || 0%{?rhel} >= 7
    %define arg_selinux_mount --with-selinux-mount="/sys/fs/selinux"
%else
    %define arg_selinux_mount --with-selinux-mount="/selinux"
%endif

%if 0%{?fedora}
    # Nightly firmware repo x86/OVMF
    LOADERS="/usr/share/edk2.git/ovmf-x64/OVMF_CODE-pure-efi.fd:/usr/share/edk2.git/ovmf-x64/OVMF_VARS-pure-efi.fd"
    # Nightly firmware repo aarch64/AAVMF
    LOADERS="$LOADERS:/usr/share/edk2.git/aarch64/QEMU_EFI-pflash.raw:/usr/share/edk2.git/aarch64/vars-template-pflash.raw"
    # Fedora official x86/OVMF
    LOADERS="$LOADERS:/usr/share/edk2/ovmf/OVMF_CODE.fd:/usr/share/edk2/ovmf/OVMF_VARS.fd"
    # Fedora official aarch64/AAVMF
    LOADERS="$LOADERS:/usr/share/edk2/aarch64/QEMU_EFI-pflash.raw:/usr/share/edk2/aarch64/vars-template-pflash.raw"
    %define arg_loader_nvram --with-loader-nvram="$LOADERS"
%endif

# place macros above and build commands below this comment

export SOURCE_DATE_EPOCH=$(stat --printf='%Y' %{_specdir}/%{name}.spec)

%if 0%{?enable_autotools}
 autoreconf -if
%endif

rm -f po/stamp-po
%configure %{?arg_qemu} \
           %{?arg_openvz} \
           %{?arg_lxc} \
           %{?arg_vbox} \
           %{?arg_libxl} \
           --with-sasl \
           --with-avahi \
           --with-polkit \
           --with-libvirtd \
           %{?arg_uml} \
           %{?arg_phyp} \
           %{?arg_esx} \
           %{?arg_hyperv} \
           %{?arg_vmware} \
           --without-xenapi \
           --without-vz \
           --without-bhyve \
           --with-interface \
           --with-network \
           --with-storage-fs \
           --with-storage-lvm \
           --with-storage-iscsi \
           --with-storage-scsi \
           --with-storage-disk \
           --with-storage-mpath \
           %{?arg_storage_rbd} \
           %{?arg_storage_sheepdog} \
           %{?arg_storage_gluster} \
           %{?arg_storage_zfs} \
           --without-storage-vstorage \
           %{?arg_numactl} \
           %{?arg_numad} \
           --with-capng \
           %{?arg_fuse} \
           --with-netcf \
           --with-selinux \
           %{?arg_selinux_mount} \
           --without-apparmor \
           --without-hal \
           --with-udev \
           --with-yajl \
           %{?arg_sanlock} \
           --with-libpcap \
           --with-macvtap \
           --with-audit \
           --with-dtrace \
           --with-driver-modules \
           %{?arg_firewalld} \
           %{?arg_firewalld_zone} \
           %{?arg_wireshark} \
           %{?arg_pm_utils} \
           --with-nss-plugin \
           %{arg_packager} \
           %{arg_packager_version} \
           --with-qemu-user=%{qemu_user} \
           --with-qemu-group=%{qemu_group} \
           --with-tls-priority=%{tls_priority} \
           %{?arg_loader_nvram} \
           %{?enable_werror} \
           --enable-expensive-tests \
           %{arg_init_script} \
           %{?arg_login_shell}
make %{?_smp_mflags} V=1
gzip -9 ChangeLog

%install
rm -fr %{buildroot}

export SOURCE_DATE_EPOCH=$(stat --printf='%Y' %{_specdir}/%{name}.spec)

# Avoid using makeinstall macro as it changes prefixes rather than setting
# DESTDIR. Newer make_install macro would be better but it's not available
# on RHEL 5, thus we need to expand it here.
make %{?_smp_mflags} install DESTDIR=%{?buildroot} SYSTEMD_UNIT_DIR=%{_unitdir} V=1

make %{?_smp_mflags} -C examples distclean V=1

rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
rm -f $RPM_BUILD_ROOT%{_libdir}/*.a
rm -f $RPM_BUILD_ROOT%{_libdir}/libvirt/lock-driver/*.la
rm -f $RPM_BUILD_ROOT%{_libdir}/libvirt/lock-driver/*.a
rm -f $RPM_BUILD_ROOT%{_libdir}/libvirt/connection-driver/*.la
rm -f $RPM_BUILD_ROOT%{_libdir}/libvirt/connection-driver/*.a
rm -f $RPM_BUILD_ROOT%{_libdir}/libvirt/storage-backend/*.la
rm -f $RPM_BUILD_ROOT%{_libdir}/libvirt/storage-backend/*.a
rm -f $RPM_BUILD_ROOT%{_libdir}/libvirt/storage-file/*.la
rm -f $RPM_BUILD_ROOT%{_libdir}/libvirt/storage-file/*.a
%if %{with_wireshark}
rm -f $RPM_BUILD_ROOT%{wireshark_plugindir}/libvirt.la
%endif

install -d -m 0755 $RPM_BUILD_ROOT%{_datadir}/lib/libvirt/dnsmasq/
# We don't want to install /etc/libvirt/qemu/networks in the main %files list
# because if the admin wants to delete the default network completely, we don't
# want to end up re-incarnating it on every RPM upgrade.
install -d -m 0755 $RPM_BUILD_ROOT%{_datadir}/libvirt/networks/
cp $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/qemu/networks/default.xml \
   $RPM_BUILD_ROOT%{_datadir}/libvirt/networks/default.xml
rm -f $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/qemu/networks/default.xml
rm -f $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/qemu/networks/autostart/default.xml

# nwfilter files are installed in /usr/share/libvirt and copied to /etc in %post
# to avoid verification errors on changed files in /etc
install -d -m 0755 $RPM_BUILD_ROOT%{_datadir}/libvirt/nwfilter/
cp -a $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/nwfilter/*.xml \
    $RPM_BUILD_ROOT%{_datadir}/libvirt/nwfilter/
# libvirt saves these files with mode 600
chmod 600 $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/nwfilter/*.xml

# Strip auto-generated UUID - we need it generated per-install
sed -i -e "/<uuid>/d" $RPM_BUILD_ROOT%{_datadir}/libvirt/networks/default.xml
%if ! %{with_qemu}
rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/libvirtd_qemu.aug
rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/tests/test_libvirtd_qemu.aug
%endif
%find_lang %{name}

%if ! %{with_sanlock}
rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/libvirt_sanlock.aug
rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/tests/test_libvirt_sanlock.aug
%endif

%if ! %{with_lxc}
rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/libvirtd_lxc.aug
rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/tests/test_libvirtd_lxc.aug
%endif

%if ! %{with_qemu}
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/qemu.conf
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/libvirtd.qemu
%endif
%if ! %{with_lxc}
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/lxc.conf
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/libvirtd.lxc
%endif
%if ! %{with_libxl}
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/libvirt/libxl.conf
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/libvirtd.libxl
rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/libvirtd_libxl.aug
rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/tests/test_libvirtd_libxl.aug
%endif
%if ! %{with_uml}
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/libvirtd.uml
%endif

# Copied into libvirt-docs subpackage eventually
mv $RPM_BUILD_ROOT%{_datadir}/doc/libvirt-%{version} libvirt-docs

%ifarch %{power64} s390x x86_64 ia64 alpha sparc64
mv $RPM_BUILD_ROOT%{_datadir}/systemtap/tapset/libvirt_probes.stp \
   $RPM_BUILD_ROOT%{_datadir}/systemtap/tapset/libvirt_probes-64.stp

    %if %{with_qemu}
mv $RPM_BUILD_ROOT%{_datadir}/systemtap/tapset/libvirt_qemu_probes.stp \
   $RPM_BUILD_ROOT%{_datadir}/systemtap/tapset/libvirt_qemu_probes-64.stp
    %endif
%endif

%check
cd tests
# These tests don't current work in a mock build root
for i in nodeinfotest seclabeltest
do
  rm -f $i
  printf 'int main(void) { return 0; }' > $i.c
  printf '#!/bin/sh\nexit 0\n' > $i
  chmod +x $i
done
if ! make %{?_smp_mflags} check VIR_TEST_DEBUG=1
then
  cat test-suite.log || true
  exit 1
fi

%pre daemon
# 'libvirt' group is just to allow password-less polkit access to
# libvirtd. The uid number is irrelevant, so we use dynamic allocation
# described at the above link.
getent group libvirt >/dev/null || groupadd -r libvirt

exit 0

%post daemon

%if %{with_systemd}
    %if %{with_systemd_macros}
        %systemd_post virtlockd.socket virtlockd-admin.socket
        %systemd_post virtlogd.socket virtlogd-admin.socket
        %systemd_post libvirtd.service
    %else
if [ $1 -eq 1 ] ; then
    # Initial installation
    /bin/systemctl enable \
        virtlockd.socket \
        virtlockd-admin.socket \
        virtlogd.socket \
        virtlogd-admin.socket \
        libvirtd.service >/dev/null 2>&1 || :
fi
    %endif
%else
/sbin/chkconfig --add libvirtd
/sbin/chkconfig --add virtlogd
/sbin/chkconfig --add virtlockd
%endif

# request daemon restart in posttrans
mkdir -p %{_localstatedir}/lib/rpm-state/libvirt || :
touch %{_localstatedir}/lib/rpm-state/libvirt/restart || :

%preun daemon
%if %{with_systemd}
    %if %{with_systemd_macros}
        %systemd_preun libvirtd.service
        %systemd_preun virtlogd.socket virtlogd-admin.socket virtlogd.service
        %systemd_preun virtlockd.socket virtlockd-admin.socket virtlockd.service
    %else
if [ $1 -eq 0 ] ; then
    # Package removal, not upgrade
    /bin/systemctl --no-reload disable \
        libvirtd.service \
        virtlogd.socket \
        virtlogd-admin.socket \
        virtlogd.service \
        virtlockd.socket \
        virtlockd-admin.socket \
        virtlockd.service > /dev/null 2>&1 || :
    /bin/systemctl stop \
        libvirtd.service \
        virtlogd.socket \
        virtlogd-admin.socket \
        virtlogd.service \
        virtlockd.socket \
        virtlockd-admin.socket \
        virtlockd.service > /dev/null 2>&1 || :
fi
    %endif
%else
if [ $1 = 0 ]; then
    /sbin/service libvirtd stop 1>/dev/null 2>&1
    /sbin/chkconfig --del libvirtd
    /sbin/service virtlogd stop 1>/dev/null 2>&1
    /sbin/chkconfig --del virtlogd
    /sbin/service virtlockd stop 1>/dev/null 2>&1
    /sbin/chkconfig --del virtlockd
fi
%endif

%postun daemon
%if %{with_systemd}
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
if [ $1 -ge 1 ] ; then
    /bin/systemctl reload-or-try-restart virtlockd.service >/dev/null 2>&1 || :
    /bin/systemctl reload-or-try-restart virtlogd.service >/dev/null 2>&1 || :
fi
%else
if [ $1 -ge 1 ]; then
    /sbin/service virtlockd reload > /dev/null 2>&1 || :
    /sbin/service virtlogd reload > /dev/null 2>&1 || :
fi
%endif

# In upgrade scenario we must explicitly enable virtlockd/virtlogd
# sockets, if libvirtd is already enabled and start them if
# libvirtd is running, otherwise you'll get failures to start
# guests
%triggerpostun daemon -- libvirt-daemon < 1.3.0
if [ $1 -ge 1 ] ; then
%if %{with_systemd}
    /bin/systemctl is-enabled libvirtd.service 1>/dev/null 2>&1 &&
        /bin/systemctl enable virtlogd.socket virtlogd-admin.socket || :
    /bin/systemctl is-active libvirtd.service 1>/dev/null 2>&1 &&
        /bin/systemctl start virtlogd.socket virtlogd-admin.socket || :
%else
    /sbin/chkconfig libvirtd 1>/dev/null 2>&1 &&
        /sbin/chkconfig virtlogd on || :
    /sbin/service libvirtd status 1>/dev/null 2>&1 &&
        /sbin/service virtlogd start || :
    /sbin/service virtlockd reload > /dev/null 2>&1 || :
    /sbin/service virtlogd reload > /dev/null 2>&1 || :
%endif
fi

%posttrans daemon
if [ -f %{_localstatedir}/lib/rpm-state/libvirt/restart ]; then
%if %{with_systemd}
    /bin/systemctl try-restart libvirtd.service >/dev/null 2>&1 || :
%else
    /sbin/service libvirtd condrestart > /dev/null 2>&1 || :
%endif
fi
rm -rf %{_localstatedir}/lib/rpm-state/libvirt || :

%post daemon-driver-network
%if %{with_firewalld}
    %firewalld_reload
%endif

%postun daemon-driver-network
%if %{with_firewalld}
    %firewalld_reload
%endif

%post daemon-config-network
if test $1 -eq 1 && test ! -f %{_sysconfdir}/libvirt/qemu/networks/default.xml ; then
    # see if the network used by default network creates a conflict,
    # and try to resolve it
    # NB: 192.168.122.0/24 is used in the default.xml template file;
    # do not modify any of those values here without also modifying
    # them in the template.
    orig_sub=122
    sub=${orig_sub}
    nl='
'
    routes="${nl}$(ip route show | cut -d' ' -f1)${nl}"
    case ${routes} in
      *"${nl}192.168.${orig_sub}.0/24${nl}"*)
        # there was a match, so we need to look for an unused subnet
        for new_sub in $(seq 124 254); do
          case ${routes} in
          *"${nl}192.168.${new_sub}.0/24${nl}"*)
            ;;
          *)
            sub=$new_sub
            break;
            ;;
          esac
        done
        ;;
      *)
        ;;
    esac

    UUID=`/usr/bin/uuidgen`
    sed -e "s/${orig_sub}/${sub}/g" \
        -e "s,</name>,</name>\n  <uuid>$UUID</uuid>," \
         < %{_datadir}/libvirt/networks/default.xml \
         > %{_sysconfdir}/libvirt/qemu/networks/default.xml
    ln -s ../default.xml %{_sysconfdir}/libvirt/qemu/networks/autostart/default.xml

    # Make sure libvirt picks up the new network defininiton
    mkdir -p %{_localstatedir}/lib/rpm-state/libvirt || :
    touch %{_localstatedir}/lib/rpm-state/libvirt/restart || :
fi

%posttrans daemon-config-network
if [ -f %{_localstatedir}/lib/rpm-state/libvirt/restart ]; then
%if %{with_systemd}
    /bin/systemctl try-restart libvirtd.service >/dev/null 2>&1 || :
%else
    /sbin/service libvirtd condrestart > /dev/null 2>&1 || :
%endif
fi
rm -rf %{_localstatedir}/lib/rpm-state/libvirt || :

%post daemon-config-nwfilter
cp %{_datadir}/libvirt/nwfilter/*.xml %{_sysconfdir}/libvirt/nwfilter/
# Make sure libvirt picks up the new nwfilter defininitons
mkdir -p %{_localstatedir}/lib/rpm-state/libvirt || :
touch %{_localstatedir}/lib/rpm-state/libvirt/restart || :

%posttrans daemon-config-nwfilter
if [ -f %{_localstatedir}/lib/rpm-state/libvirt/restart ]; then
%if %{with_systemd}
    /bin/systemctl try-restart libvirtd.service >/dev/null 2>&1 || :
%else
    /sbin/service libvirtd condrestart > /dev/null 2>&1 || :
%endif
fi
rm -rf %{_localstatedir}/lib/rpm-state/libvirt || :


%if %{with_systemd}
%triggerun -- libvirt < 0.9.4
%{_bindir}/systemd-sysv-convert --save libvirtd >/dev/null 2>&1 ||:

# If the package is allowed to autostart:
/bin/systemctl --no-reload enable libvirtd.service >/dev/null 2>&1 ||:

# Run these because the SysV package being removed won't do them
/sbin/chkconfig --del libvirtd >/dev/null 2>&1 || :
/bin/systemctl try-restart libvirtd.service >/dev/null 2>&1 || :
%endif

%if %{with_qemu}
%pre daemon-driver-qemu
# We want soft static allocation of well-known ids, as disk images
# are commonly shared across NFS mounts by id rather than name; see
# https://fedoraproject.org/wiki/Packaging:UsersAndGroups
getent group kvm >/dev/null || groupadd -f -g 36 -r kvm
getent group qemu >/dev/null || groupadd -f -g 107 -r qemu
if ! getent passwd qemu >/dev/null; then
  if ! getent passwd 107 >/dev/null; then
    useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin -c "qemu user" qemu
  else
    useradd -r -g qemu -G kvm -d / -s /sbin/nologin -c "qemu user" qemu
  fi
fi
exit 0
%endif

%preun client

%if %{with_systemd}
    %if %{with_systemd_macros}
        %systemd_preun libvirt-guests.service
    %endif
%else
if [ $1 = 0 ]; then
    /sbin/chkconfig --del libvirt-guests
    rm -f /var/lib/libvirt/libvirt-guests
fi
%endif

%post client

/sbin/ldconfig
%if %{with_systemd}
    %if %{with_systemd_macros}
        %systemd_post libvirt-guests.service
    %endif
%else
/sbin/chkconfig --add libvirt-guests
%endif

%postun client

/sbin/ldconfig
%if %{with_systemd}
    %if %{with_systemd_macros}
        %systemd_postun libvirt-guests.service
    %endif
%triggerun client -- libvirt < 0.9.4
%{_bindir}/systemd-sysv-convert --save libvirt-guests >/dev/null 2>&1 ||:

# If the package is allowed to autostart:
/bin/systemctl --no-reload enable libvirt-guests.service >/dev/null 2>&1 ||:

# Run this because the SysV package being removed won't do them
/sbin/chkconfig --del libvirt-guests >/dev/null 2>&1 || :
%endif

%if %{with_sanlock}
%post lock-sanlock
if getent group sanlock > /dev/null ; then
    chmod 0770 %{_localstatedir}/lib/libvirt/sanlock
    chown root:sanlock %{_localstatedir}/lib/libvirt/sanlock
fi
%endif

%if %{with_lxc}
%pre login-shell
getent group virtlogin >/dev/null || groupadd -r virtlogin
exit 0
%endif

%files

%files docs
%doc AUTHORS ChangeLog.gz NEWS README README.md
%doc libvirt-docs/*

# API docs
%dir %{_datadir}/gtk-doc/html/libvirt/
%doc %{_datadir}/gtk-doc/html/libvirt/*.devhelp
%doc %{_datadir}/gtk-doc/html/libvirt/*.html
%doc %{_datadir}/gtk-doc/html/libvirt/*.png
%doc %{_datadir}/gtk-doc/html/libvirt/*.css
%doc examples/hellolibvirt
%doc examples/object-events
%doc examples/dominfo
%doc examples/domsuspend
%doc examples/dommigrate
%doc examples/openauth
%doc examples/xml
%doc examples/rename
%doc examples/systemtap
%doc examples/admin


%files daemon

%dir %attr(0700, root, root) %{_sysconfdir}/libvirt/

%if %{with_systemd}
%{_unitdir}/libvirtd.service
%{_unitdir}/virt-guest-shutdown.target
%{_unitdir}/virtlogd.service
%{_unitdir}/virtlogd.socket
%{_unitdir}/virtlogd-admin.socket
%{_unitdir}/virtlockd.service
%{_unitdir}/virtlockd.socket
%{_unitdir}/virtlockd-admin.socket
%else
%{_sysconfdir}/rc.d/init.d/libvirtd
%{_sysconfdir}/rc.d/init.d/virtlogd
%{_sysconfdir}/rc.d/init.d/virtlockd
%endif
%config(noreplace) %{_sysconfdir}/sysconfig/libvirtd
%config(noreplace) %{_sysconfdir}/sysconfig/virtlogd
%config(noreplace) %{_sysconfdir}/sysconfig/virtlockd
%config(noreplace) %{_sysconfdir}/libvirt/libvirtd.conf
%config(noreplace) %{_sysconfdir}/libvirt/virtlogd.conf
%config(noreplace) %{_sysconfdir}/libvirt/virtlockd.conf
%config(noreplace) %{_sysconfdir}/sasl2/libvirt.conf
%config(noreplace) %{_prefix}/lib/sysctl.d/60-libvirtd.conf

%config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd
%dir %{_datadir}/libvirt/

%ghost %dir %{_localstatedir}/run/libvirt/

%dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/images/
%dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/filesystems/
%dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/boot/
%dir %attr(0711, root, root) %{_localstatedir}/cache/libvirt/


%dir %attr(0755, root, root) %{_libdir}/libvirt/
%dir %attr(0755, root, root) %{_libdir}/libvirt/connection-driver/
%dir %attr(0755, root, root) %{_libdir}/libvirt/lock-driver
%attr(0755, root, root) %{_libdir}/libvirt/lock-driver/lockd.so

%{_datadir}/augeas/lenses/libvirtd.aug
%{_datadir}/augeas/lenses/tests/test_libvirtd.aug
%{_datadir}/augeas/lenses/virtlogd.aug
%{_datadir}/augeas/lenses/tests/test_virtlogd.aug
%{_datadir}/augeas/lenses/virtlockd.aug
%{_datadir}/augeas/lenses/tests/test_virtlockd.aug
%{_datadir}/augeas/lenses/libvirt_lockd.aug
%if %{with_qemu}
%{_datadir}/augeas/lenses/tests/test_libvirt_lockd.aug
%endif

%{_datadir}/polkit-1/actions/org.libvirt.unix.policy
%{_datadir}/polkit-1/actions/org.libvirt.api.policy
%{_datadir}/polkit-1/rules.d/50-libvirt.rules

%dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/

%attr(0755, root, root) %{_libexecdir}/libvirt_iohelper

%attr(0755, root, root) %{_sbindir}/libvirtd
%attr(0755, root, root) %{_sbindir}/virtlogd
%attr(0755, root, root) %{_sbindir}/virtlockd

%{_mandir}/man8/libvirtd.8*
%{_mandir}/man8/virtlogd.8*
%{_mandir}/man8/virtlockd.8*
%{_mandir}/man7/virkey*.7*

%doc examples/polkit/*.rules

%files daemon-config-network
%dir %{_datadir}/libvirt/networks/
%{_datadir}/libvirt/networks/default.xml

%files daemon-config-nwfilter
%dir %{_datadir}/libvirt/nwfilter/
%{_datadir}/libvirt/nwfilter/*.xml
%ghost %{_sysconfdir}/libvirt/nwfilter/*.xml

%files daemon-driver-interface
%{_libdir}/%{name}/connection-driver/libvirt_driver_interface.so

%files daemon-driver-network
%dir %attr(0700, root, root) %{_sysconfdir}/libvirt/qemu/
%dir %attr(0700, root, root) %{_sysconfdir}/libvirt/qemu/networks/
%dir %attr(0700, root, root) %{_sysconfdir}/libvirt/qemu/networks/autostart
%ghost %dir %{_localstatedir}/run/libvirt/network/
%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/network/
%dir %attr(0755, root, root) %{_localstatedir}/lib/libvirt/dnsmasq/
%attr(0755, root, root) %{_libexecdir}/libvirt_leaseshelper
%{_libdir}/%{name}/connection-driver/libvirt_driver_network.so

%if %{with_firewalld_zone}
%{_prefix}/lib/firewalld/zones/libvirt.xml
%endif

%files daemon-driver-nodedev
%{_libdir}/%{name}/connection-driver/libvirt_driver_nodedev.so

%files daemon-driver-nwfilter
%dir %attr(0700, root, root) %{_sysconfdir}/libvirt/nwfilter/
%ghost %dir %{_localstatedir}/run/libvirt/network/
%{_libdir}/%{name}/connection-driver/libvirt_driver_nwfilter.so

%files daemon-driver-secret
%{_libdir}/%{name}/connection-driver/libvirt_driver_secret.so

%files daemon-driver-storage

%files daemon-driver-storage-core
%attr(0755, root, root) %{_libexecdir}/libvirt_parthelper
%{_libdir}/%{name}/connection-driver/libvirt_driver_storage.so
%{_libdir}/%{name}/storage-backend/libvirt_storage_backend_fs.so
%{_libdir}/%{name}/storage-file/libvirt_storage_file_fs.so

%files daemon-driver-storage-disk
%{_libdir}/%{name}/storage-backend/libvirt_storage_backend_disk.so

%files daemon-driver-storage-logical
%{_libdir}/%{name}/storage-backend/libvirt_storage_backend_logical.so

%files daemon-driver-storage-scsi
%{_libdir}/%{name}/storage-backend/libvirt_storage_backend_scsi.so

%files daemon-driver-storage-iscsi
%{_libdir}/%{name}/storage-backend/libvirt_storage_backend_iscsi.so

%files daemon-driver-storage-mpath
%{_libdir}/%{name}/storage-backend/libvirt_storage_backend_mpath.so

%if %{with_storage_gluster}
%files daemon-driver-storage-gluster
%{_libdir}/%{name}/storage-backend/libvirt_storage_backend_gluster.so
%{_libdir}/%{name}/storage-file/libvirt_storage_file_gluster.so
%endif

%if %{with_storage_rbd}
%files daemon-driver-storage-rbd
%{_libdir}/%{name}/storage-backend/libvirt_storage_backend_rbd.so
%endif

%if %{with_storage_sheepdog}
%files daemon-driver-storage-sheepdog
%{_libdir}/%{name}/storage-backend/libvirt_storage_backend_sheepdog.so
%endif

%if %{with_storage_zfs}
%files daemon-driver-storage-zfs
%{_libdir}/%{name}/storage-backend/libvirt_storage_backend_zfs.so
%endif

%if %{with_qemu}
%files daemon-driver-qemu
%dir %attr(0700, root, root) %{_sysconfdir}/libvirt/qemu/
%dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/qemu/
%config(noreplace) %{_sysconfdir}/libvirt/qemu.conf
%config(noreplace) %{_sysconfdir}/libvirt/qemu-lockd.conf
%config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd.qemu
%ghost %dir %attr(0700, root, root) %{_localstatedir}/run/libvirt/qemu/
%dir %attr(0751, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/
%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/cache/libvirt/qemu/
%{_datadir}/augeas/lenses/libvirtd_qemu.aug
%{_datadir}/augeas/lenses/tests/test_libvirtd_qemu.aug
%{_libdir}/%{name}/connection-driver/libvirt_driver_qemu.so
%dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/swtpm/
%dir %attr(0711, root, root) %{_localstatedir}/log/swtpm/libvirt/qemu/
%endif

%if %{with_lxc}
%files daemon-driver-lxc
%dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/lxc/
%config(noreplace) %{_sysconfdir}/libvirt/lxc.conf
%config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd.lxc
%ghost %dir %{_localstatedir}/run/libvirt/lxc/
%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/lxc/
%{_datadir}/augeas/lenses/libvirtd_lxc.aug
%{_datadir}/augeas/lenses/tests/test_libvirtd_lxc.aug
%attr(0755, root, root) %{_libexecdir}/libvirt_lxc
%{_libdir}/%{name}/connection-driver/libvirt_driver_lxc.so
%endif

%if %{with_uml}
%files daemon-driver-uml
%dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/uml/
%config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd.uml
%ghost %dir %{_localstatedir}/run/libvirt/uml/
%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/uml/
%{_libdir}/%{name}/connection-driver/libvirt_driver_uml.so
%endif

%if %{with_libxl}
%files daemon-driver-libxl
%config(noreplace) %{_sysconfdir}/libvirt/libxl.conf
%config(noreplace) %{_sysconfdir}/logrotate.d/libvirtd.libxl
%config(noreplace) %{_sysconfdir}/libvirt/libxl-lockd.conf
%{_datadir}/augeas/lenses/libvirtd_libxl.aug
%{_datadir}/augeas/lenses/tests/test_libvirtd_libxl.aug
%dir %attr(0700, root, root) %{_localstatedir}/log/libvirt/libxl/
%ghost %dir %{_localstatedir}/run/libvirt/libxl/
%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/libxl/
%{_libdir}/%{name}/connection-driver/libvirt_driver_libxl.so
%endif

%if %{with_vbox}
%files daemon-driver-vbox
%{_libdir}/%{name}/connection-driver/libvirt_driver_vbox.so
%endif

%if %{with_qemu_tcg}
%files daemon-qemu
%endif

%if %{with_qemu_kvm}
%files daemon-kvm
%endif

%if %{with_lxc}
%files daemon-lxc
%endif

%if %{with_uml}
%files daemon-uml
%endif

%if %{with_libxl}
%files daemon-xen
%endif

%if %{with_vbox}
%files daemon-vbox
%endif

%if %{with_sanlock}
%files lock-sanlock
    %if %{with_qemu}
%config(noreplace) %{_sysconfdir}/libvirt/qemu-sanlock.conf
    %endif
    %if %{with_libxl}
%config(noreplace) %{_sysconfdir}/libvirt/libxl-sanlock.conf
    %endif
%attr(0755, root, root) %{_libdir}/libvirt/lock-driver/sanlock.so
%{_datadir}/augeas/lenses/libvirt_sanlock.aug
%{_datadir}/augeas/lenses/tests/test_libvirt_sanlock.aug
%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/sanlock
%{_sbindir}/virt-sanlock-cleanup
%{_mandir}/man8/virt-sanlock-cleanup.8*
%attr(0755, root, root) %{_libexecdir}/libvirt_sanlock_helper
%endif

%files client
%{_mandir}/man1/virsh.1*
%{_mandir}/man1/virt-xml-validate.1*
%{_mandir}/man1/virt-pki-validate.1*
%{_mandir}/man1/virt-host-validate.1*
%{_bindir}/virsh
%{_bindir}/virt-xml-validate
%{_bindir}/virt-pki-validate
%{_bindir}/virt-host-validate

%{_datadir}/systemtap/tapset/libvirt_probes*.stp
%{_datadir}/systemtap/tapset/libvirt_functions.stp
%if %{with_qemu}
%{_datadir}/systemtap/tapset/libvirt_qemu_probes*.stp
%endif

%if %{with_bash_completion}
%{_datadir}/bash-completion/completions/virsh
%endif


%if %{with_systemd}
%{_unitdir}/libvirt-guests.service
%else
%{_sysconfdir}/rc.d/init.d/libvirt-guests
%endif
%config(noreplace) %{_sysconfdir}/sysconfig/libvirt-guests
%attr(0755, root, root) %{_libexecdir}/libvirt-guests.sh

%files libs -f %{name}.lang
# RHEL6 doesn't have 'license' macro
%{!?_licensedir:%global license %%doc}
%license COPYING COPYING.LESSER
%config(noreplace) %{_sysconfdir}/libvirt/libvirt.conf
%config(noreplace) %{_sysconfdir}/libvirt/libvirt-admin.conf
%{_libdir}/libvirt.so.*
%{_libdir}/libvirt-qemu.so.*
%{_libdir}/libvirt-lxc.so.*
%{_libdir}/libvirt-admin.so.*
%dir %{_datadir}/libvirt/
%dir %{_datadir}/libvirt/schemas/
%dir %attr(0755, root, root) %{_localstatedir}/lib/libvirt/

%{_datadir}/libvirt/schemas/basictypes.rng
%{_datadir}/libvirt/schemas/capability.rng
%{_datadir}/libvirt/schemas/cputypes.rng
%{_datadir}/libvirt/schemas/domain.rng
%{_datadir}/libvirt/schemas/domaincaps.rng
%{_datadir}/libvirt/schemas/domaincommon.rng
%{_datadir}/libvirt/schemas/domainsnapshot.rng
%{_datadir}/libvirt/schemas/interface.rng
%{_datadir}/libvirt/schemas/network.rng
%{_datadir}/libvirt/schemas/networkcommon.rng
%{_datadir}/libvirt/schemas/nodedev.rng
%{_datadir}/libvirt/schemas/nwfilter.rng
%{_datadir}/libvirt/schemas/nwfilter_params.rng
%{_datadir}/libvirt/schemas/nwfilterbinding.rng
%{_datadir}/libvirt/schemas/secret.rng
%{_datadir}/libvirt/schemas/storagecommon.rng
%{_datadir}/libvirt/schemas/storagepool.rng
%{_datadir}/libvirt/schemas/storagevol.rng

%{_datadir}/libvirt/cpu_map.xml

%{_datadir}/libvirt/test-screenshot.png

%files admin
%{_mandir}/man1/virt-admin.1*
%{_bindir}/virt-admin
%if %{with_bash_completion}
%{_datadir}/bash-completion/completions/virt-admin
%endif

%if %{with_bash_completion}
%files bash-completion
%{_datadir}/bash-completion/completions/vsh
%endif

%if %{with_wireshark}
%files wireshark
%{wireshark_plugindir}/libvirt.so
%endif

%files nss
%{_libdir}/libnss_libvirt.so.2
%{_libdir}/libnss_libvirt_guest.so.2

%if %{with_lxc}
%files login-shell
%attr(4750, root, virtlogin) %{_bindir}/virt-login-shell
%config(noreplace) %{_sysconfdir}/libvirt/virt-login-shell.conf
%{_mandir}/man1/virt-login-shell.1*
%endif

%files devel
%{_libdir}/libvirt.so
%{_libdir}/libvirt-admin.so
%{_libdir}/libvirt-qemu.so
%{_libdir}/libvirt-lxc.so
%dir %{_includedir}/libvirt
%{_includedir}/libvirt/virterror.h
%{_includedir}/libvirt/libvirt.h
%{_includedir}/libvirt/libvirt-admin.h
%{_includedir}/libvirt/libvirt-common.h
%{_includedir}/libvirt/libvirt-domain.h
%{_includedir}/libvirt/libvirt-domain-snapshot.h
%{_includedir}/libvirt/libvirt-event.h
%{_includedir}/libvirt/libvirt-host.h
%{_includedir}/libvirt/libvirt-interface.h
%{_includedir}/libvirt/libvirt-network.h
%{_includedir}/libvirt/libvirt-nodedev.h
%{_includedir}/libvirt/libvirt-nwfilter.h
%{_includedir}/libvirt/libvirt-secret.h
%{_includedir}/libvirt/libvirt-storage.h
%{_includedir}/libvirt/libvirt-stream.h
%{_includedir}/libvirt/libvirt-qemu.h
%{_includedir}/libvirt/libvirt-lxc.h
%{_libdir}/pkgconfig/libvirt.pc
%{_libdir}/pkgconfig/libvirt-admin.pc
%{_libdir}/pkgconfig/libvirt-qemu.pc
%{_libdir}/pkgconfig/libvirt-lxc.pc

%dir %{_datadir}/libvirt/api/
%{_datadir}/libvirt/api/libvirt-api.xml
%{_datadir}/libvirt/api/libvirt-admin-api.xml
%{_datadir}/libvirt/api/libvirt-qemu-api.xml
%{_datadir}/libvirt/api/libvirt-lxc-api.xml
# Needed building python bindings
%doc docs/libvirt-api.xml


%changelog
* Thu May 16 2019 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-23.2.el8
- admin: reject clients unless their UID matches the current UID (CVE-2019-10132)
- locking: restrict sockets to mode 0600 (CVE-2019-10132)
- logging: restrict sockets to mode 0600 (CVE-2019-10132)

* Mon May  6 2019 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-23.1.el8
- cpu_x86: Do not cache microcode version (CVE-2018-12130, CVE-2018-12126, CVE-2018-11091, CVE-2018-12127)
- qemu: Don't cache microcode version (CVE-2018-12130, CVE-2018-12126, CVE-2018-11091, CVE-2018-12127)
- cputest: Add data for Intel(R) Xeon(R) CPU E3-1225 v5 (CVE-2018-12130, CVE-2018-12126, CVE-2018-11091, CVE-2018-12127)
- cpu_map: Define md-clear CPUID bit (CVE-2018-12130, CVE-2018-12126, CVE-2018-11091, CVE-2018-12127)

* Fri Feb 15 2019 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-23
- network: explicitly allow icmp/icmpv6 in libvirt zonefile (rhbz#1650320)

* Fri Feb 15 2019 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-22
- util: fix memory leak in virFirewallDInterfaceSetZone() (rhbz#1650320)

* Fri Feb  8 2019 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-21
- docs: Drop /dev/net/tun from the list of shared devices (rhbz#1665400)
- qemu: conf: Remove /dev/sev from the default cgroup device acl list (rhbz#1665400)
- qemu: cgroup: Expose /dev/sev/ only to domains that require SEV (rhbz#1665400)
- qemu: domain: Add /dev/sev into the domain mount namespace selectively (rhbz#1665400)
- security: dac: Relabel /dev/sev in the namespace (rhbz#1665400)
- qemu: caps: Use CAP_DAC_OVERRIDE for probing to avoid permission issues (rhbz#1665400)
- qemu: caps: Don't try to ask for CAP_DAC_OVERRIDE if non-root (rhbz#1665400)
- Revert "RHEL: Require firewalld-filesystem for firewalld rpm macros" (rhbz#1650320)
- Revert "RHEL: network: regain guest network connectivity after firewalld switch to nftables" (rhbz#1650320)
- configure: change HAVE_FIREWALLD to WITH_FIREWALLD (rhbz#1650320)
- util: move all firewalld-specific stuff into its own files (rhbz#1650320)
- util: new virFirewallD APIs + docs (rhbz#1650320)
- configure: selectively install a firewalld 'libvirt' zone (rhbz#1650320)
- network: set firewalld zone of bridges to "libvirt" zone when appropriate (rhbz#1650320)
- network: allow configuring firewalld zone for virtual network bridge device (rhbz#1650320)
- util: remove test code accidentally committed to virFirewallDZoneExists (rhbz#1650320)
- qemu: command: Don't skip 'readonly' and throttling info for empty drive (rhbz#1670337)

* Mon Jan 28 2019 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-20
- RHEL: qemu: Fix crash trying to use iSCSI hostdev (rhbz#1669424)

* Thu Jan 24 2019 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-19
- qemu: Fix logic error in qemuSetUnprivSGIO (rhbz#1666605)
- tests: qemuxml2argv: Add test case for empty CDROM with cache mode (rhbz#1553255)
- qemu: command: Don't format image properties for empty -drive (rhbz#1553255)

* Mon Jan 14 2019 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-18
- conf: correct false boot order error during domain parse (rhbz#1630393)
- qemu: Remove duplicated qemuAgentCheckError (rhbz#1665000)
- qemu: require reply from guest agent in qemuAgentGetInterfaces (rhbz#1665000)
- qemu: Filter non SCSI hostdevs in qemuHostdevPrepareSCSIDevices (rhbz#1665244)
- util: remove const specifier from nlmsghdr arg to virNetlinkDumpCallback() (rhbz#1583131)
- util: add a function to insert new interfaces to IPv6CheckForwarding list (rhbz#1583131)
- util: use nlmsg_find_attr() instead of an open-coded loop (rhbz#1583131)
- util: check accept_ra for all nexthop interfaces of multipath routes (rhbz#1583131)
- util: make forgotten changes suggested during review of commit d40b820c (rhbz#1583131)

* Mon Jan  7 2019 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-17
- virsh: Strip XML declaration when extracting CPU XMLs (rhbz#1659048)
- RHEL: qemu: Add ability to set sgio values for hostdev (rhbz#1582424)
- RHEL: qemu: Add check for unpriv sgio for SCSI generic host device (rhbz#1582424)
- qemu: Alter @val usage in qemuSetUnprivSGIO (rhbz#1656362)
- qemu: Alter qemuSetUnprivSGIO hostdev shareable logic (rhbz#1656362)

* Mon Dec 17 2018 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-16
- util: Don't overflow in virRandomBits (rhbz#1655586)
- virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1655586)
- spec: remove libcgroup and cgconfig (rhbz#1602407)
- qemu: Drop duplicated code from qemuDomainDefValidateFeatures() (rhbz#1647822)
- tests: Add capabilities data for QEMU 3.1.0 on ppc64 (rhbz#1647822)
- qemu: Introduce QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV (rhbz#1647822)
- conf: Parse and format nested-hv feature (rhbz#1647822)
- qemu: Format nested-hv feature on the command line (rhbz#1647822)
- qemu: Add check for whether KVM nesting is enabled (rhbz#1645139)
- secret: Add check/validation for correct usage when LookupByUUID (rhbz#1656255)
- cpu: Add support for "stibp" x86_64 feature (rhbz#1655032)

* Mon Dec  3 2018 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-15
- virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1634782)
- qemu: Ignore nwfilter binding instantiation issues during reconnect (rhbz#1648544)
- qemu: Set identity for the reconnect all thread (rhbz#1648546)
- Revert "access: Modify the VIR_ERR_ACCESS_DENIED to include driverName" (rhbz#1631608)
- access: Modify the VIR_ERR_ACCESS_DENIED to include driverName (rhbz#1631608)
- qemu: add vfio-ap capability (rhbz#1508146)
- qemu: vfio-ap device support (rhbz#1508146)
- qemu: Extract MDEV VFIO PCI validation code into a separate helper (rhbz#1508146)
- conf: Move VFIO AP validation from post parse to QEMU validation code (rhbz#1508146)
- qemu: Fix post-copy migration on the source (rhbz#1649169)

* Fri Nov  9 2018 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-14
- storage: Remove secretPath from _virStorageBackendQemuImgInfo (rhbz#1645459)
- storage: Allow for inputvol to have any format for encryption (rhbz#1645459)
- storage: Allow inputvol to be encrypted (rhbz#1645459)
- access: Modify the VIR_ERR_ACCESS_DENIED to include driverName (rhbz#1631608)
- docs: Enhance polkit documentation to describe secondary connection (rhbz#1631608)
- qemu: Don't ignore resume events (rhbz#1634758, rhbz#1643338)

* Thu Nov  1 2018 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-13
- Revert "spec: Temporarily drop gluster support" (rhbz#1599339)

* Wed Oct 17 2018 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-12
- RHEL: Require firewalld-filesystem for firewalld rpm macros (rhbz#1639932)

* Tue Oct 16 2018 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-11
- virfile: fix cast-align error (rhbz#1634782)
- virfiletest: Fix test name prefix for virFileInData test (rhbz#1634782)
- virfiletst: Test virFileIsSharedFS (rhbz#1634782)
- virFileIsSharedFSType: Detect direct mount points (rhbz#1634782)
- virfile: Rework virFileIsSharedFixFUSE (rhbz#1634782)
- RHEL: network: regain guest network connectivity after firewalld switch to nftables (rhbz#1638864)

* Mon Oct  8 2018 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-10
- conf: Fix check for chardev source path (rhbz#1609723)
- tests: Reuse qemucapabilities data for qemucaps2xml (rhbz#1629862)
- tests: Add more tests to qemucaps2xml (rhbz#1629862)
- qemu: Drop QEMU_CAPS_ENABLE_KVM (rhbz#1629862)
- qemu: Avoid probing non-native binaries all the time (rhbz#1629862)
- qemu: Clarify QEMU_CAPS_KVM (rhbz#1629862)
- qemu: Don't check for /dev/kvm presence (rhbz#1629862)
- tests: Follow up on qemucaps2xmldata rename (rhbz#1629862)
- security: dac: also label listen UNIX sockets (rhbz#1634775)
- spec: Set correct TLS priority (rhbz#1632269)
- spec: Build ceph and gluster support everywhere (rhbz#1599546)
- virsh: Require explicit --domain for domxml-to-native (rhbz#1634769)
- virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1634782)
- qemu: fix up permissions for pre-created UNIX sockets (rhbz#1634775)
- cpu_map: Add features for Icelake CPUs (rhbz#1527657, rhbz#1526625)
- cpu_map: Add Icelake CPU models (rhbz#1526625)
- qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634758)
- qemu: Report more appropriate running reasons (rhbz#1634758)
- qemu: Pass running reason to RESUME event handler (rhbz#1634758)
- qemu: Map running reason to resume event detail (rhbz#1634758)
- qemu: Avoid duplicate resume events and state changes (rhbz#1634758)
- conf: qemu: add support for Hyper-V frequency MSRs (rhbz#1589702)
- conf: qemu: add support for Hyper-V reenlightenment notifications (rhbz#1589702)
- conf: qemu: add support for Hyper-V PV TLB flush (rhbz#1589702)

* Wed Sep  5 2018 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-9
- RHEL: Fix virConnectGetMaxVcpus output (rhbz#1582222)
- storage: Add --shrink to qemu-img command when shrinking vol (rhbz#1622534)
- access: Fix nwfilter-binding ACL access API name generation (rhbz#1622540)
- conf: Add validation of input devices (rhbz#1591240)
- tests: qemu: Remove disk from graphics-vnc-tls (rhbz#1598167)
- tests: qemu: test more versions for graphics-vnc-tls (rhbz#1598167)
- qemu: vnc: switch to tls-creds-x509 (rhbz#1598167)
- qemu: mdev: Use vfio-pci 'display' property only with vfio-pci mdevs (rhbz#1624740)
- virDomainDefCompatibleDevice: Relax alias change check (rhbz#1603133)
- virDomainDetachDeviceFlags: Clarify update semantics (rhbz#1603133)
- virDomainNetDefCheckABIStability: Check for MTU change too (rhbz#1623158)
- RHEL: spec: Require python3-devel on RHEL-8 (rhbz#1518446)
- qemu: monitor: Remove qemuMonitorJSONExtractCPUArchInfo wrapper (rhbz#1598829)
- qemu: monitor: Use 'target' instead of 'arch' in reply of 'query-cpus-fast' (rhbz#1598829)

* Tue Aug 21 2018 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-8
- tests: Add missing thread_siblings_list files (rhbz#1608479)
- util: Rewrite virHostCPUCountThreadSiblings() (rhbz#1608479)
- utils: Remove arbitrary limit on socket_id/core_id (rhbz#1608479)
- tests: Add linux-high-ids test (rhbz#1608479)
- qemu: hotplug: Fix asynchronous unplug of 'shmem' (rhbz#1618680)
- tests: rename hugepages to hugepages-default (rhbz#1615461)
- tests: extract hugepages-numa-default-dimm out of hugepages-numa (rhbz#1615461)
- tests: rename hugepages-numa into hugepages-numa-default (rhbz#1615461)
- tests: remove unnecessary XML elements from hugepages-numa-default (rhbz#1615461)
- tests: extract pages-discard out of hugepages-pages (rhbz#1615461)
- tests: rename hugepages-pages into hugepages-numa-nodeset (rhbz#1615461)
- tests: rename hugepages-pages2 into hugepages-numa-default-2M (rhbz#1615461)
- tests: extract pages-discard-hugepages out of hugepages-pages3 (rhbz#1615461)
- tests: rename hugepages-pages3 into hugepages-numa-nodeset-part (rhbz#1615461)
- tests: rename hugepages-pages4 into hugepages-numa-nodeset-nonexist (rhbz#1615461)
- tests: rename hugepages-pages5 into hugepages-default-2M (rhbz#1615461)
- tests: rename hugepages-pages6 into hugepages-default-system-size (rhbz#1615461)
- tests: rename hugepages-pages7 into pages-dimm-discard (rhbz#1615461)
- tests: rename hugepages-pages8 into hugepages-nodeset-nonexist (rhbz#1615461)
- tests: introduce hugepages-default-1G-nodeset-2M (rhbz#1615461)
- tests: introduce hugepages-nodeset (rhbz#1615461)
- conf: Move hugepage XML validation check out of qemu_command (rhbz#1615461)
- conf: Move hugepages validation out of XML parser (rhbz#1615461)
- conf: Introduce virDomainDefPostParseMemtune (rhbz#1615461)
- tests: sev: Test launch-security with specific QEMU version (rhbz#1619150)
- qemu: Fix probing of AMD SEV support (rhbz#1619150)
- qemu: caps: Format SEV platform data into qemuCaps cache (rhbz#1619150)
- conf: Parse guestfwd channel device info again (rhbz#1610072)

* Thu Aug 16 2018 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-7
- qemu_migration: Avoid writing to freed memory (rhbz#1615854)

* Thu Aug  2 2018 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-6
- qemu: Exempt video model 'none' from getting a PCI address on Q35
- conf: Fix a error msg typo in virDomainVideoDefValidate

* Tue Jul 31 2018 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-5
- esx storage: Fix typo lsilogic -> lsiLogic
- networkGetDHCPLeases: Don't always report error if unable to read leases file
- nwfilter: Resolve SEGV for NWFilter Snoop processing
- qemu: Remove unused bypassSecurityDriver from qemuOpenFileAs
- qemuDomainSaveMemory: Don't enforce dynamicOwnership
- domain_nwfilter: Return early if net has no name in virDomainConfNWFilterTeardownImpl
- examples: Add clean-traffic-gateway into nwfilters

* Mon Jul 23 2018 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-4
- qemu: hotplug: don't overwrite error message in qemuDomainAttachNetDevice
- qemu: hotplug: report error when changing rom enabled attr for net iface
- qemu: Fix setting global_period cputune element
- tests: qemucaps: Add test data for upcoming qemu 3.0.0
- qemu: capabilities: Add capability for werror/rerror for 'usb-device' frontend
- qemu: command: Move graphics iteration to its own function
- qemu: address: Handle all the video devices within a single loop
- conf: Introduce virDomainVideoDefClear helper
- conf: Introduce virDomainDefPostParseVideo helper
- qemu: validate: Enforce compile time switch type checking for videos
- tests: Add capabilities data for QEMU 2.11 x86_64
- tests: Update capabilities data for QEMU 3.0.0 x86_64
- qemu: qemuBuildHostdevCommandLine: Use a helper variable mdevsrc
- qemu: caps: Introduce a capability for egl-headless
- qemu: Introduce a new graphics display type 'headless'
- qemu: caps: Add vfio-pci.display capability
- conf: Introduce virDomainGraphicsDefHasOpenGL helper
- conf: Replace 'error' with 'cleanup' in virDomainHostdevDefParseXMLSubsys
- conf: Introduce new <hostdev> attribute 'display'
- qemu: command: Enable formatting vfio-pci.display option onto cmdline
- docs: Rephrase the mediated devices hostdev section a bit
- conf: Introduce new video type 'none'
- virt-xml-validate: Add schema for nwfilterbinding
- tools: Fix typo generating adapter_wwpn field
- src: Fix memory leak in virNWFilterBindingDispose

* Mon Jul 23 2018 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-3
- qemu: hotplug: Do not try to add secret object for TLS if it does not exist
- qemu: monitor: Make qemuMonitorAddObject more robust against programming errors
- spec: Explicitly require matching libvirt-libs
- virDomainConfNWFilterInstantiate: initialize @xml to avoid random crash
- qemuProcessStartPRDaemonHook: Try to set NS iff domain was started with one
- qemuDomainValidateStorageSource: Relax PR validation
- virStoragePRDefFormat: Suppress path formatting for migratable XML
- qemu: Wire up PR_MANAGER_STATUS_CHANGED event
- qemu_monitor: Introduce qemuMonitorJSONGetPRManagerInfo
- qemu: Fetch pr-helper process info on reconnect
- qemu: Fix ATTRIBUTE_NONNULL for qemuMonitorAddObject
- virsh.pod: Fix a command name typo in nwfilter-binding-undefine
- docs: schema: Add missing <alias> to vsock device
- virnetdevtap: Don't crash on !ifname in virNetDevTapInterfaceStats
- tests: fix TLS handshake failure with TLS 1.3

* Mon Jul  9 2018 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-2
- qemu: Add capability for the HTM pSeries feature
- conf: Parse and format the HTM pSeries feature
- qemu: Format the HTM pSeries feature
- qemu: hotplug: Don't access srcPriv when it's not allocated
- qemuDomainNestedJobAllowed: Allow QEMU_JOB_NONE
- src: Mention DEVICE_REMOVAL_FAILED event in virDomainDetachDeviceAlias docs
- virsh.pod: Drop --persistent for detach-device-alias
- qemu: don't use chardev FD passing with standalone args
- qemu: remove chardevStdioLogd param from vhostuser code path
- qemu: consolidate parameters of qemuBuildChrChardevStr into flags
- qemu: don't use chardev FD passing for vhostuser backend
- qemu: fix UNIX socket chardevs operating in client mode
- qemuDomainDeviceDefValidateNetwork: Check for range only if IP prefix set
- spec: Temporarily drop gluster support

* Tue Jul  3 2018 Jiri Denemark <jdenemar@redhat.com> - 4.5.0-1
- Rebased to libvirt-4.5.0

* Fri May 25 2018 Jiri Denemark <jdenemar@redhat.com> - 4.3.0-1
- Rebased to libvirt-4.3.0

* Wed Mar 21 2018 Daniel P. Berrangé <berrange@redhat.com> - 4.1.0-2
- Fix systemd macro argument with line continuations (rhbz#1558648)

* Mon Mar  5 2018 Daniel Berrange <berrange@redhat.com> - 4.1.0-1
- Rebase to version 4.1.0

* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 4.0.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

* Fri Jan 19 2018 Daniel P. Berrange <berrange@redhat.com> - 4.0.0-1
- Rebase to version 4.0.0

* Wed Dec 20 2017 Cole Robinson <crobinso@redhat.com> - 3.10.0-2
- Rebuild for xen 4.10

* Tue Dec  5 2017 Daniel P. Berrange <berrange@redhat.com> - 3.10.0-1
- Rebase to version 3.10.0

* Fri Nov  3 2017 Daniel P. Berrange <berrange@redhat.com> - 3.9.0-1
- Rebase to version 3.9.0

* Wed Oct  4 2017 Daniel P. Berrange <berrange@redhat.com> - 3.8.0-1
- Rebase to version 3.8.0

* Mon Sep  4 2017 Daniel P. Berrange <berrange@redhat.com> - 3.7.0-1
- Rebase to version 3.7.0

* Wed Aug  2 2017 Daniel P. Berrange <berrange@redhat.com> - 3.6.0-1
- Rebase to version 3.6.0

* Sun Jul 30 2017 Florian Weimer <fweimer@redhat.com> - 3.5.0-4
- Rebuild with binutils fix for ppc64le (#1475636)

* Tue Jul 25 2017 Daniel P. Berrange <berrange@redhat.com> - 3.5.0-3
- Disabled RBD on i386, arm, ppc64 (rhbz #1474743)

* Mon Jul 17 2017 Cole Robinson <crobinso@redhat.com> - 3.5.0-2
- Rebuild for xen 4.9

* Thu Jul  6 2017 Daniel P. Berrange <berrange@redhat.com> - 3.5.0-1
- Rebase to version 3.5.0

* Fri Jun  2 2017 Daniel P. Berrange <berrange@redhat.com> - 3.4.0-1
- Rebase to version 3.4.0

* Mon May  8 2017 Daniel P. Berrange <berrange@redhat.com> - 3.3.0-1
- Rebase to version 3.3.0

* Mon Apr  3 2017 Daniel P. Berrange <berrange@redhat.com> - 3.2.0-1
- Rebase to version 3.2.0

* Fri Mar  3 2017 Daniel P. Berrange <berrange@redhat.com> - 3.1.0-1
- Rebase to version 3.1.0

* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild

* Thu Jan 19 2017 Daniel P. Berrange <berrange@redhat.com> - 3.0.0-1
- Rebase to version 3.0.0