[PATCH v2 18/19] udev: Introduce rule

Michal Privoznik <mprivozn@xxxxxxxxxx> · Thu, 3 Nov 2016 20:19:08 +0800

Now that we have everything prepared we can install udev rule
that consults libvirt before trying to chown anything.
This commit also introduces new argument to configure script:

  --with-udev-rules

which accepts the following values:
no - no udev rule is installed, nor the libvirt_udevhelper binary
yes - udev pkg-config file is consulted what's the location for
      udev rules
check - system is checked whether sufficiently new udev is
        present and depending on the result of the check script
        continues with 'yes' or 'no'.
arbitrary path - any other value than the former ones is viewed
                 as path to install udev rule.

Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx>
---
 daemon/99-libvirt.rules | 12 ++++++++++++
 daemon/Makefile.am      | 22 +++++++++++++++++++---
 m4/virt-udev.m4         | 26 ++++++++++++++++++++++++++
 src/Makefile.am         |  4 ++++
 4 files changed, 61 insertions(+), 3 deletions(-)
 create mode 100644 daemon/99-libvirt.rules

diff --git a/daemon/99-libvirt.rules b/daemon/99-libvirt.rules
new file mode 100644
index 0000000..f4d4623
--- /dev/null
+++ b/daemon/99-libvirt.rules
@@ -0,0 +1,12 @@
+# Copyright (C) 2016 Red Hat, Inc. All rights reserved.
+#
+# This file is part of libvirt.
+
+#
+# The udevhelper binary reports:
+#   UID GID SELINUX
+#
+ACTION!="add|change", GOTO="libvirt_end"
+SUBSYSTEM!="block", GOTO="libvirt_end"
+PROGRAM="/usr/libexec/libvirt_udevhelper", OWNER="%c{1}",GROUP="%c{2}", SECLABEL{selinux}="%c{3}"
+LABEL="libvirt_end"
diff --git a/daemon/Makefile.am b/daemon/Makefile.am
index 927d16f..545a8d3 100644
--- a/daemon/Makefile.am
+++ b/daemon/Makefile.am
@@ -75,8 +75,9 @@ EXTRA_DIST =						\
 	libvirtd.lxc.logrotate.in                       \
 	libvirtd.libxl.logrotate.in                     \
 	libvirtd.uml.logrotate.in                       \
-	test_libvirtd.aug.in                             \
+	test_libvirtd.aug.in                            \
 	THREADS.txt					\
+	99-libvirt.rules				\
 	$(PODFILES)					\
 	$(MANINFILES)					\
 	$(DAEMON_SOURCES)				\
@@ -286,7 +287,8 @@ BUILT_SOURCES += libvirtd.policy
 install-data-local: install-init-redhat install-init-systemd \
 		install-init-upstart \
 		install-data-sasl install-data-polkit \
-		install-logrotate install-sysctl
+		install-logrotate install-sysctl \
+		install-data-udev
 	$(MKDIR_P) $(DESTDIR)$(localstatedir)/log/libvirt \
 		   $(DESTDIR)$(localstatedir)/run/libvirt \
 		   $(DESTDIR)$(localstatedir)/lib/libvirt
@@ -294,11 +296,25 @@ install-data-local: install-init-redhat install-init-systemd \
 uninstall-local:: uninstall-init-redhat uninstall-init-systemd \
 		uninstall-init-upstart \
 		uninstall-data-sasl uninstall-data-polkit \
-		uninstall-logrotate uninstall-sysctl
+		uninstall-logrotate uninstall-sysctl \
+		uninstall-data-udev
 	rmdir $(DESTDIR)$(localstatedir)/log/libvirt || :
 	rmdir $(DESTDIR)$(localstatedir)/run/libvirt || :
 	rmdir $(DESTDIR)$(localstatedir)/lib/libvirt || :
 
+if WITH_UDEV_RULES
+install-data-udev::
+	$(MKDIR_P) $(DESTDIR)$(udevdir)/rules.d
+	$(INSTALL_DATA) $(srcdir)/99-libvirt.rules $(DESTDIR)$(udevdir)/rules.d
+
+uninstall-data-udev::
+	rm -f $(DESTDIR)$(udevdir)/rules.d/99-libvirt.rules
+	rmdir $(DESTDIR)$(udevdir) || :
+else ! WITH_UDEV_RULES
+install-data-udev::
+uninstall-data-udev::
+endif ! WITH_UDEV_RULES
+
 if WITH_POLKIT
 install-data-polkit::
 	$(MKDIR_P) $(DESTDIR)$(policydir)
diff --git a/m4/virt-udev.m4 b/m4/virt-udev.m4
index 29ab30a..6d38287 100644
--- a/m4/virt-udev.m4
+++ b/m4/virt-udev.m4
@@ -21,6 +21,11 @@ AC_DEFUN([LIBVIRT_CHECK_UDEV],[
   AC_REQUIRE([LIBVIRT_CHECK_PCIACCESS])
   LIBVIRT_CHECK_PKG([UDEV], [libudev], [145])
 
+  AC_ARG_WITH([udev-rules],
+    [AS_HELP_STRING([--with-udev-rules],
+      [install udev rules to avoid udev undoing relabeling devices @<:@default=check@:>@])],
+      [], [with_udev_rules=check])
+
   if test "$with_udev" = "yes" && test "$with_pciaccess" != "yes" ; then
     AC_MSG_ERROR([You must install the pciaccess module to build with udev])
   fi
@@ -31,6 +36,27 @@ AC_DEFUN([LIBVIRT_CHECK_UDEV],[
         AC_DEFINE_UNQUOTED([HAVE_UDEV_LOGGING], 1, [whether libudev logging can be used])
      fi
   fi
+
+  if test "x$with_udev_rules" != "xno" ; then
+    PKG_CHECK_EXISTS([libudev >= 232], [udev_allows_helper=yes], [udev_allows_helper=no])
+    if test "x$with_udev_rules" = "xcheck" ; then
+      with_udev_rules=$udev_allows_helper
+    fi
+    if test "x$with_udev_rules" != "xno" ; then
+      if test "x$udev_allows_helper" = "xno" ; then
+        AC_MSG_ERROR([Udev does not support calling helper binary. Install udev >= 232])
+      fi
+      if test "x$with_udev_rules" = "xyes" ; then
+        udevdir="$($PKG_CONFIG --variable udevdir udev)"
+        udevdir='$(prefix)'"${udevdir#/usr}"
+      else
+        udevdir=$with_udev_rules
+      fi
+    fi
+  fi
+
+  AC_SUBST([udevdir])
+  AM_CONDITIONAL(WITH_UDEV_RULES, [test "x$with_udev_rules" != "xno"])
 ])
 
 AC_DEFUN([LIBVIRT_RESULT_UDEV],[
diff --git a/src/Makefile.am b/src/Makefile.am
index 0c97728..aed1936 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -2861,6 +2861,7 @@ libvirt_iohelper_CFLAGS = \
 		$(PIE_CFLAGS) \
 		$(NULL)
 
+if WITH_UDEV_RULES
 libexec_PROGRAMS += libvirt_udevhelper
 libvirt_udevhelper_SOURCES = $(UTIL_UDEV_HELPER_SOURCES)
 libvirt_udevhelper_CFLAGS = \
@@ -2877,6 +2878,9 @@ libvirt_udevhelper_LDADD =		\
 if WITH_DTRACE_PROBES
 libvirt_udevhelper_LDADD += libvirt_probes.lo
 endif WITH_DTRACE_PROBES
+else ! WITH_UDEV_RULES
+EXTRA_DIST += $(UTIL_UDEV_HELPER_SOURCES)
+endif ! WITH_UDEV_RULES
 
 if WITH_NETWORK
 libexec_PROGRAMS += libvirt_leaseshelper
-- 
2.8.4

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list






