From: Matthias Maier Date: Sun, 22 Jan 2017 16:14:10 +0000 (-0600) Subject: app-emulation/libvirt: add a libvirt group, bug #597772 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=dc2a7fec11cf5c934bd2a6fe656bd930a11c9abb;p=gentoo.git app-emulation/libvirt: add a libvirt group, bug #597772 Add a libvirt group for convenience and update readme Package-Manager: Portage-2.3.0, Repoman-2.3.1 --- diff --git a/app-emulation/libvirt/files/README.gentoo-r2 b/app-emulation/libvirt/files/README.gentoo-r2 new file mode 100644 index 000000000000..1c086c1eb5e9 --- /dev/null +++ b/app-emulation/libvirt/files/README.gentoo-r2 @@ -0,0 +1,58 @@ +Important: The openrc libvirtd init script is now broken up into two +separate services: libvirtd, that solely handles the daemon, and +libvirt-guests, that takes care of clients during shutdown/restart of the +host. In order to reenable client handling, edit /etc/conf.d/libvirt-guests +and enable the service and start it: + + $ rc-update add libvirt-guests + $ service libvirt-guests start + + +For the basic networking support (bridged and routed networks) you don't +need any extra software. For more complex network modes including but not +limited to NATed network, you can enable the 'virt-network' USE flag. It +will pull in required runtime dependencies + + +If you are using dnsmasq on your system, you will have to configure +/etc/dnsmasq.conf to enable the following settings: + + bind-interfaces + interface or except-interface + +Otherwise you might have issues with your existing DNS server. + + +For openrc users: + + Please use /etc/conf.d/libvirtd to control the '--listen' parameter for + libvirtd. + + Use /etc/init.d/libvirt-guests to manage clients on restart/shutdown of + the host. The default configuration will suspend and resume running kvm + guests with 'managedsave'. This behavior can be changed under + /etc/conf.d/libvirt-guests + + +For systemd users: + + Please use /etc/systemd/system/libvirtd.service.d/00gentoo.conf + to control the '--listen' parameter for libvirtd. + + The configuration for the 'libvirt-guests.service' is found under + /etc/libvirt/libvirt-guests.conf" + + +If you have built libvirt with policykit support, a new group "libvirt" has +been created. Simply add a user to the libvirt group in order to grant +administrative access to libvirtd. Alternatively, drop a custom policykit +rule into /etc/polkit-1/rules.d. + +If you have built libvirt without policykit support (USE=-policykit), you +must change the unix sock group and/or perms in /etc/libvirt/libvirtd.conf +in order to allow normal users to connect to libvirtd. + + +If libvirtd is built with USE=caps, libvirt will now start qemu/kvm VMs +with non-root privileges. Ensure any resources your VMs use are accessible +by qemu:qemu. diff --git a/app-emulation/libvirt/libvirt-2.5.0-r2.ebuild b/app-emulation/libvirt/libvirt-2.5.0-r2.ebuild index 9f9134680d19..a40c305d0927 100644 --- a/app-emulation/libvirt/libvirt-2.5.0-r2.ebuild +++ b/app-emulation/libvirt/libvirt-2.5.0-r2.ebuild @@ -135,6 +135,8 @@ pkg_setup() { enewuser qemu 77 -1 -1 "qemu,kvm" fi + use policykit && enewgroup libvirt + # Check kernel configuration: CONFIG_CHECK="" use fuse && CONFIG_CHECK+=" @@ -356,7 +358,7 @@ src_install() { newconfd "${FILESDIR}/libvirtd.confd-r5" libvirtd || die newconfd "${FILESDIR}/libvirt-guests.confd" libvirt-guests || die - DOC_CONTENTS=$(<"${FILESDIR}/README.gentoo-r1") + DOC_CONTENTS=$(<"${FILESDIR}/README.gentoo-r2") DISABLE_AUTOFORMATTING=true readme.gentoo_create_doc } @@ -376,7 +378,9 @@ pkg_postinst() { use libvirtd || return 0 # From here, only libvirtd-related instructions, be warned! - DOC_CONTENTS=$(<"${FILESDIR}/README.gentoo-r1") + + DOC_CONTENTS=$(<"${FILESDIR}/README.gentoo-r2") DISABLE_AUTOFORMATTING=true + FORCE_PRINT_ELOG=1 # remove for next version bump readme.gentoo_print_elog } diff --git a/app-emulation/libvirt/libvirt-9999.ebuild b/app-emulation/libvirt/libvirt-9999.ebuild index 81795e4a7f6b..1fcac6e2f214 100644 --- a/app-emulation/libvirt/libvirt-9999.ebuild +++ b/app-emulation/libvirt/libvirt-9999.ebuild @@ -135,6 +135,8 @@ pkg_setup() { enewuser qemu 77 -1 -1 "qemu,kvm" fi + use policykit && enewgroup libvirt + # Check kernel configuration: CONFIG_CHECK="" use fuse && CONFIG_CHECK+=" @@ -356,7 +358,7 @@ src_install() { newconfd "${FILESDIR}/libvirtd.confd-r5" libvirtd || die newconfd "${FILESDIR}/libvirt-guests.confd" libvirt-guests || die - DOC_CONTENTS=$(<"${FILESDIR}/README.gentoo-r1") + DOC_CONTENTS=$(<"${FILESDIR}/README.gentoo-r2") DISABLE_AUTOFORMATTING=true readme.gentoo_create_doc } @@ -376,7 +378,8 @@ pkg_postinst() { use libvirtd || return 0 # From here, only libvirtd-related instructions, be warned! - DOC_CONTENTS=$(<"${FILESDIR}/README.gentoo-r1") + DOC_CONTENTS=$(<"${FILESDIR}/README.gentoo-r2") DISABLE_AUTOFORMATTING=true + FORCE_PRINT_ELOG=1 # remove for next version bump readme.gentoo_print_elog }