Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#33604 - [libvirt-1.0.1-2] pkgbuild issues / wrong binary path
Attached to Project:
Community Packages
Opened by Thomas Weißschuh (t-8ch) - Sunday, 27 January 2013, 22:07 GMT
Last edited by Sergej Pupykin (sergej) - Tuesday, 29 January 2013, 13:06 GMT
Opened by Thomas Weißschuh (t-8ch) - Sunday, 27 January 2013, 22:07 GMT
Last edited by Sergej Pupykin (sergej) - Tuesday, 29 January 2013, 13:06 GMT
|
Details1. This package will need a rebuild for lvm2 and device-mapper currently in
[testing] as those changed the location of binaries from /sbin to /usr/sbin 2. The PKGBUILD misses some quoting around $pkgdir 3. /usr/lib/sysctl.d/libvirtd misses the '.conf'-suffix and is therefore not applied. Maybe the location under /etc would reflect the requirement for manual adjustment better. (#30038 initially moved this) 4. There is a switch to ./configure to run system-wide qemu instances as non-root ("It is strongly recommended that vendors build with both of these arguments set to 'qemu'") Further information and caveats: http://libvirt.org/drvqemu.html#securitydac 5 . The paths in tmpfiles.d could be changed to /run instead of /var/run 6. Could you also link it against audit? (http://www.ibm.com/developerworks/library/l-kvm-libvirt-audit/) |
This task depends upon
6 - do you mean https://www.archlinux.org/packages/community/i686/audit/ ?
* http://anonscm.debian.org/gitweb/?p=pkg-libvirt/libvirt.git;a=blob;f=debian/libvirt-bin.postinst;h=c22dd21588977d7e5cd67444be024f8705c38267;hb=HEAD#l20
* Line 316 and 1444 in http://pkgs.fedoraproject.org/cgit/libvirt.git/tree/libvirt.spec?id=d1cd1b7ceb24d994742bc4d93a4665c8ee38877f
* Line 150 in http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/app-emulation/libvirt/libvirt-1.0.1.ebuild?view=markup
I think the qemu user needs write access to it's disk images.
Afaik 'nobody' shouldn't own any files. And the 'kvm' group can contian
arbitrary users. So a dedicated user might be best.
(I only have the mentioned page of the libvirt docs as source of
information, so please correct me if I misunderstood this)
If the VMs will be run as root in the future linking to libcap-ng would be a
workaround. (qemu already depends on libcap-ng, I don't know why it isn't already linked)
6 Yep