[PATCH 25/41] nwfilter: introduce virtnwfilterd daemon

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The virtnwfilterd daemon will be responsible for providing the nwfilter API
driver functionality. The nwfilter driver is still loaded by the main
libvirtd daemon at this stage, so virtnwfilterd must not be running at
the same time.

Signed-off-by: Daniel P. Berrangé <berrange@xxxxxxxxxx>
---
 .gitignore                            |  4 ++
 libvirt.spec.in                       |  8 ++++
 src/nwfilter/Makefile.inc.am          | 62 +++++++++++++++++++++++++++
 src/nwfilter/virtnwfilterd.service.in | 24 +++++++++++
 4 files changed, 98 insertions(+)
 create mode 100644 src/nwfilter/virtnwfilterd.service.in

diff --git a/.gitignore b/.gitignore
index ada72fd618..b93fd1b044 100644
--- a/.gitignore
+++ b/.gitignore
@@ -163,6 +163,9 @@
 /src/node_device/test_virtnodedevd.aug
 /src/node_device/virtnodedevd.aug
 /src/node_device/virtnodedevd.conf
+/src/nwfilter/test_virtnwfilterd.aug
+/src/nwfilter/virtnwfilterd.aug
+/src/nwfilter/virtnwfilterd.conf
 /src/qemu/test_libvirtd_qemu.aug
 /src/remote/*_client_bodies.h
 /src/remote/*_protocol.[ch]
@@ -189,6 +192,7 @@
 /src/virtlogd
 /src/virtnetworkd
 /src/virtnodedevd
+/src/virtnwfilterd
 /src/virtproxyd
 /src/virtsecretd
 /src/virtstoraged
diff --git a/libvirt.spec.in b/libvirt.spec.in
index c0b880d569..ae1a278152 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -1653,6 +1653,14 @@ exit 0
 %{_libdir}/%{name}/connection-driver/libvirt_driver_nodedev.so
 
 %files daemon-driver-nwfilter
+%config(noreplace) %{_sysconfdir}/libvirt/virtnwfilterd.conf
+%{_datadir}/augeas/lenses/virtnwfilterd.aug
+%{_datadir}/augeas/lenses/tests/test_virtnwfilterd.aug
+%{_unitdir}/virtnwfilterd.service
+%{_unitdir}/virtnwfilterd.socket
+%{_unitdir}/virtnwfilterd-ro.socket
+%{_unitdir}/virtnwfilterd-admin.socket
+%attr(0755, root, root) %{_sbindir}/virtnwfilterd
 %dir %attr(0700, root, root) %{_sysconfdir}/libvirt/nwfilter/
 %ghost %dir %{_localstatedir}/run/libvirt/network/
 %{_libdir}/%{name}/connection-driver/libvirt_driver_nwfilter.so
diff --git a/src/nwfilter/Makefile.inc.am b/src/nwfilter/Makefile.inc.am
index 810ca54bcc..3142c1298b 100644
--- a/src/nwfilter/Makefile.inc.am
+++ b/src/nwfilter/Makefile.inc.am
@@ -41,4 +41,66 @@ libvirt_driver_nwfilter_impl_la_LIBADD = \
 	../gnulib/lib/libgnu.la \
 	$(NULL)
 libvirt_driver_nwfilter_impl_la_SOURCES = $(NWFILTER_DRIVER_SOURCES)
+
+sbin_PROGRAMS += virtnwfilterd
+
+nodist_conf_DATA += nwfilter/virtnwfilterd.conf
+augeas_DATA += nwfilter/virtnwfilterd.aug
+augeastest_DATA += nwfilter/test_virtnwfilterd.aug
+CLEANFILES += nwfilter/virtnwfilterd.aug
+
+virtnwfilterd_SOURCES = $(REMOTE_DAEMON_SOURCES)
+virtnwfilterd_CFLAGS = \
+       $(REMOTE_DAEMON_CFLAGS) \
+       -DDAEMON_NAME="\"virtnwfilterd\"" \
+       -DMODULE_NAME="\"nwfilter\"" \
+       $(NULL)
+virtnwfilterd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS)
+virtnwfilterd_LDADD = $(REMOTE_DAEMON_LD_ADD)
+
+SYSTEMD_UNIT_FILES += \
+	virtnwfilterd.service \
+	virtnwfilterd.socket \
+	virtnwfilterd-ro.socket \
+	virtnwfilterd-admin.socket \
+	$(NULL)
+SYSTEMD_UNIT_FILES_IN += \
+	nwfilter/virtnwfilterd.service.in \
+	$(NULL)
+
+VIRTNWFILTERD_UNIT_VARS = \
+	$(VIRTD_UNIT_VARS) \
+	-e 's|[@]name[@]|Libvirt nwfilter|g' \
+	-e 's|[@]service[@]|virtnwfilterd|g' \
+	-e 's|[@]sockprefix[@]|virtnwfilterd|g' \
+	$(NULL)
+
+virtnwfilterd.service: nwfilter/virtnwfilterd.service.in $(top_builddir)/config.status
+	$(AM_V_GEN)sed $(VIRTNWFILTERD_UNIT_VARS) < $< > $@-t && mv $@-t $@
+
+virtnwfilter%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status
+	$(AM_V_GEN)sed $(VIRTNWFILTERD_UNIT_VARS) < $< > $@-t && mv $@-t $@
+
+nwfilter/virtnwfilterd.conf: remote/libvirtd.conf.in
+	$(AM_V_GEN)sed \
+		-e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \
+		-e 's/:: DAEMON_NAME ::/virtnwfilterd/' \
+		< $^ > $@
+
+nwfilter/virtnwfilterd.aug: remote/libvirtd.aug.in
+	$(AM_V_GEN)$(SED) \
+		-e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \
+		-e 's/:: DAEMON_NAME ::/virtnwfilterd/' \
+		-e 's/:: DAEMON_NAME_UC ::/Virtnwfilterd/' \
+		$< > $@
+
+nwfilter/test_virtnwfilterd.aug: remote/test_libvirtd.aug.in \
+		nwfilter/virtnwfilterd.conf $(AUG_GENTEST)
+	$(AM_V_GEN)$(AUG_GENTEST) nwfilter/virtnwfilterd.conf \
+		$(srcdir)/remote/test_libvirtd.aug.in | \
+		$(SED) -e '/:: CUT ENABLE_IP ::/,/:: END ::/d' \
+		-e 's/:: DAEMON_NAME ::/virtnwfilterd/' \
+		-e 's/:: DAEMON_NAME_UC ::/Virtnwfilterd/' \
+		> $@ || rm -f $@
+
 endif WITH_NWFILTER
diff --git a/src/nwfilter/virtnwfilterd.service.in b/src/nwfilter/virtnwfilterd.service.in
new file mode 100644
index 0000000000..57c2fafe43
--- /dev/null
+++ b/src/nwfilter/virtnwfilterd.service.in
@@ -0,0 +1,24 @@
+[Unit]
+Description=Virtualization nwfilter daemon
+Conflicts=libvirtd.service
+Requires=virtnwfilterd.socket
+Requires=virtnwfilterd-ro.socket
+Requires=virtnwfilterd-admin.socket
+After=network.target
+After=dbus.service
+After=apparmor.service
+After=local-fs.target
+Documentation=man:libvirtd(8)
+Documentation=https://libvirt.org
+
+[Service]
+Type=notify
+ExecStart=@sbindir@/virtnwfilterd --timeout 120
+ExecReload=/bin/kill -HUP $MAINPID
+Restart=on-failure
+
+[Install]
+WantedBy=multi-user.target
+Also=virtnwfilterd.socket
+Also=virtnwfilterd-ro.socket
+Also=virtnwfilterd-admin.socket
-- 
2.21.0

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux