ping. Martin you had suggested removing the socket file in one of the bugs, are you cool with this? Thanks, Cole On 04/11/2016 07:08 PM, Cole Robinson wrote: > This reverts commit 1e9808d3a1e00a7121bae8b163d9c42d441d2ca8. > > We shouldn't advertise libvirtd.socket activation, since currently > it means VM/network/... autostart won't work as expected. > > We tried to find a middle ground by installing the config file without > an [Install] section, since systemd won't allow .socket to be enabled > without one... or at least it did do that; presently on f24 it allows > activating the socket quite happily. This also caused user confusion[1] > > Just remove the socket file. I've filed a new RFE to track coming up > with a solution to the autostart problem[2], we can point users at that > if there's more confusion: > > [1]: https://bugzilla.redhat.com/show_bug.cgi?id=1279348 > [2]: https://bugzilla.redhat.com/show_bug.cgi?id=1326136 > --- > .gitignore | 1 - > daemon/Makefile.am | 14 ++------------ > daemon/libvirtd.conf | 5 ----- > daemon/libvirtd.service.in | 5 +++++ > daemon/libvirtd.socket.in | 11 ----------- > libvirt.spec.in | 7 ++----- > 6 files changed, 9 insertions(+), 34 deletions(-) > delete mode 100644 daemon/libvirtd.socket.in > > diff --git a/.gitignore b/.gitignore > index 0d12c5c..381db69 100644 > --- a/.gitignore > +++ b/.gitignore > @@ -63,7 +63,6 @@ > /daemon/libvirtd.pod > /daemon/libvirtd.policy > /daemon/libvirtd.service > -/daemon/libvirtd.socket > /daemon/test_libvirtd.aug > /docs/aclperms.htmlinc > /docs/apibuild.py.stamp > diff --git a/daemon/Makefile.am b/daemon/Makefile.am > index 2dbe81b..fc6fd95 100644 > --- a/daemon/Makefile.am > +++ b/daemon/Makefile.am > @@ -59,7 +59,6 @@ EXTRA_DIST = \ > libvirt.rules \ > libvirtd.sasl \ > libvirtd.service.in \ > - libvirtd.socket.in \ > libvirtd.sysconf \ > libvirtd.sysctl \ > libvirtd.aug \ > @@ -446,18 +445,15 @@ endif ! LIBVIRT_INIT_SCRIPT_UPSTART > if LIBVIRT_INIT_SCRIPT_SYSTEMD > > SYSTEMD_UNIT_DIR = $(prefix)/lib/systemd/system > -BUILT_SOURCES += libvirtd.service libvirtd.socket > +BUILT_SOURCES += libvirtd.service > > -install-init-systemd: install-sysconfig libvirtd.service libvirtd.socket > +install-init-systemd: install-sysconfig libvirtd.service > $(MKDIR_P) $(DESTDIR)$(SYSTEMD_UNIT_DIR) > $(INSTALL_DATA) libvirtd.service \ > $(DESTDIR)$(SYSTEMD_UNIT_DIR)/libvirtd.service > - $(INSTALL_DATA) libvirtd.socket \ > - $(DESTDIR)$(SYSTEMD_UNIT_DIR)/libvirtd.socket > > uninstall-init-systemd: uninstall-sysconfig > rm -f $(DESTDIR)$(SYSTEMD_UNIT_DIR)/libvirtd.service > - rm -f $(DESTDIR)$(SYSTEMD_UNIT_DIR)/libvirtd.socket > rmdir $(DESTDIR)$(SYSTEMD_UNIT_DIR) || : > else ! LIBVIRT_INIT_SCRIPT_SYSTEMD > install-init-systemd: > @@ -481,12 +477,6 @@ libvirtd.service: libvirtd.service.in $(top_builddir)/config.status > < $< > $@-t && \ > mv $@-t $@ > > -libvirtd.socket: libvirtd.socket.in $(top_builddir)/config.status > - $(AM_V_GEN)sed \ > - -e 's|[@]runstatedir[@]|$(runstatedir)|g' \ > - < $< > $@-t && \ > - mv $@-t $@ > - > > check-local: check-augeas > > diff --git a/daemon/libvirtd.conf b/daemon/libvirtd.conf > index 5485f98..d2c439c 100644 > --- a/daemon/libvirtd.conf > +++ b/daemon/libvirtd.conf > @@ -77,11 +77,6 @@ > # UNIX socket access controls > # > > -# Beware that if you are changing *any* of these options, and you use > -# socket activation with systemd, you need to adjust the settings in > -# the libvirtd.socket file as well since it could impose a security > -# risk if you rely on file permission checking only. > - > # Set the UNIX domain socket group ownership. This can be used to > # allow a 'trusted' set of users access to management capabilities > # without becoming root. > diff --git a/daemon/libvirtd.service.in b/daemon/libvirtd.service.in > index 608221c..1616e7a 100644 > --- a/daemon/libvirtd.service.in > +++ b/daemon/libvirtd.service.in > @@ -1,3 +1,8 @@ > +# NB we don't use socket activation. When libvirtd starts it will > +# spawn any virtual machines registered for autostart. We want this > +# to occur on every boot, regardless of whether any client connects > +# to a socket. Thus socket activation doesn't have any benefit > + > [Unit] > Description=Virtualization daemon > Before=libvirt-guests.service > diff --git a/daemon/libvirtd.socket.in b/daemon/libvirtd.socket.in > deleted file mode 100644 > index 0915bb3..0000000 > --- a/daemon/libvirtd.socket.in > +++ /dev/null > @@ -1,11 +0,0 @@ > -[Socket] > -ListenStream=@runstatedir@/libvirt/libvirt-sock > -ListenStream=@runstatedir@/libvirt/libvirt-sock-ro > - > -; The following settings must match libvirtd.conf file in order to > -; work as expected because libvirtd can't change them later. > -; SocketMode=0777 is safe only if authentication on the socket is set > -; up. For further information, please see the libvirtd.conf file. > -SocketMode=0777 > -SocketUser=root > -SocketGroup=root > diff --git a/libvirt.spec.in b/libvirt.spec.in > index 8036fa3..c3bfea3 100644 > --- a/libvirt.spec.in > +++ b/libvirt.spec.in > @@ -1710,7 +1710,7 @@ exit 0 > > %if %{with_systemd} > %if %{with_systemd_macros} > - %systemd_post virtlockd.socket virtlogd.socket libvirtd.service libvirtd.socket > + %systemd_post virtlockd.socket virtlogd.socket libvirtd.service > %else > if [ $1 -eq 1 ] ; then > # Initial installation > @@ -1739,19 +1739,17 @@ fi > %preun daemon > %if %{with_systemd} > %if %{with_systemd_macros} > - %systemd_preun libvirtd.socket libvirtd.service virtlogd.socket virtlogd.service virtlockd.socket virtlockd.service > + %systemd_preun libvirtd.service virtlogd.socket virtlogd.service virtlockd.socket virtlockd.service > %else > if [ $1 -eq 0 ] ; then > # Package removal, not upgrade > /bin/systemctl --no-reload disable \ > - libvirtd.socket \ > libvirtd.service \ > virtlogd.socket \ > virtlogd.service \ > virtlockd.socket \ > virtlockd.service > /dev/null 2>&1 || : > /bin/systemctl stop \ > - libvirtd.socket \ > libvirtd.service \ > virtlogd.socket \ > virtlogd.service \ > @@ -1966,7 +1964,6 @@ exit 0 > > %if %{with_systemd} > %{_unitdir}/libvirtd.service > -%{_unitdir}/libvirtd.socket > %{_unitdir}/virtlogd.service > %{_unitdir}/virtlogd.socket > %{_unitdir}/virtlockd.service > -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list