[PATCH v3 26/48] nwfilter: introduce virtnwfilterd daemon

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The virtnwfilterd daemon will be responsible for providing the nwfilter API
driver functionality. The nwfilter driver is still loaded by the main
libvirtd daemon at this stage, so virtnwfilterd must not be running at
the same time.

Reviewed-by: Andrea Bolognani <abologna@xxxxxxxxxx>
Signed-off-by: Daniel P. Berrangé <berrange@xxxxxxxxxx>
---
 .gitignore                            |  4 ++
 libvirt.spec.in                       |  8 ++++
 src/nwfilter/Makefile.inc.am          | 62 +++++++++++++++++++++++++++
 src/nwfilter/virtnwfilterd.service.in | 24 +++++++++++
 4 files changed, 98 insertions(+)
 create mode 100644 src/nwfilter/virtnwfilterd.service.in

diff --git a/.gitignore b/.gitignore
index ada72fd618..b93fd1b044 100644
--- a/.gitignore
+++ b/.gitignore
@@ -163,6 +163,9 @@
 /src/node_device/test_virtnodedevd.aug
 /src/node_device/virtnodedevd.aug
 /src/node_device/virtnodedevd.conf
+/src/nwfilter/test_virtnwfilterd.aug
+/src/nwfilter/virtnwfilterd.aug
+/src/nwfilter/virtnwfilterd.conf
 /src/qemu/test_libvirtd_qemu.aug
 /src/remote/*_client_bodies.h
 /src/remote/*_protocol.[ch]
@@ -189,6 +192,7 @@
 /src/virtlogd
 /src/virtnetworkd
 /src/virtnodedevd
+/src/virtnwfilterd
 /src/virtproxyd
 /src/virtsecretd
 /src/virtstoraged
diff --git a/libvirt.spec.in b/libvirt.spec.in
index 7519ebebcf..3c0194df29 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -1653,6 +1653,14 @@ exit 0
 %{_libdir}/%{name}/connection-driver/libvirt_driver_nodedev.so
 
 %files daemon-driver-nwfilter
+%config(noreplace) %{_sysconfdir}/libvirt/virtnwfilterd.conf
+%{_datadir}/augeas/lenses/virtnwfilterd.aug
+%{_datadir}/augeas/lenses/tests/test_virtnwfilterd.aug
+%{_unitdir}/virtnwfilterd.service
+%{_unitdir}/virtnwfilterd.socket
+%{_unitdir}/virtnwfilterd-ro.socket
+%{_unitdir}/virtnwfilterd-admin.socket
+%attr(0755, root, root) %{_sbindir}/virtnwfilterd
 %dir %attr(0700, root, root) %{_sysconfdir}/libvirt/nwfilter/
 %ghost %dir %{_localstatedir}/run/libvirt/network/
 %{_libdir}/%{name}/connection-driver/libvirt_driver_nwfilter.so
diff --git a/src/nwfilter/Makefile.inc.am b/src/nwfilter/Makefile.inc.am
index 810ca54bcc..5c5e636ccc 100644
--- a/src/nwfilter/Makefile.inc.am
+++ b/src/nwfilter/Makefile.inc.am
@@ -41,4 +41,66 @@ libvirt_driver_nwfilter_impl_la_LIBADD = \
 	../gnulib/lib/libgnu.la \
 	$(NULL)
 libvirt_driver_nwfilter_impl_la_SOURCES = $(NWFILTER_DRIVER_SOURCES)
+
+sbin_PROGRAMS += virtnwfilterd
+
+nodist_conf_DATA += nwfilter/virtnwfilterd.conf
+augeas_DATA += nwfilter/virtnwfilterd.aug
+augeastest_DATA += nwfilter/test_virtnwfilterd.aug
+CLEANFILES += nwfilter/virtnwfilterd.aug
+
+virtnwfilterd_SOURCES = $(REMOTE_DAEMON_SOURCES)
+virtnwfilterd_CFLAGS = \
+       $(REMOTE_DAEMON_CFLAGS) \
+       -DDAEMON_NAME="\"virtnwfilterd\"" \
+       -DMODULE_NAME="\"nwfilter\"" \
+       $(NULL)
+virtnwfilterd_LDFLAGS = $(REMOTE_DAEMON_LD_FLAGS)
+virtnwfilterd_LDADD = $(REMOTE_DAEMON_LD_ADD)
+
+SYSTEMD_UNIT_FILES += \
+	virtnwfilterd.service \
+	virtnwfilterd.socket \
+	virtnwfilterd-ro.socket \
+	virtnwfilterd-admin.socket \
+	$(NULL)
+SYSTEMD_UNIT_FILES_IN += \
+	nwfilter/virtnwfilterd.service.in \
+	$(NULL)
+
+VIRTNWFILTERD_UNIT_VARS = \
+	$(VIRTD_UNIT_VARS) \
+	-e 's|[@]name[@]|Libvirt nwfilter|g' \
+	-e 's|[@]service[@]|virtnwfilterd|g' \
+	-e 's|[@]sockprefix[@]|virtnwfilterd|g' \
+	$(NULL)
+
+virtnwfilterd.service: nwfilter/virtnwfilterd.service.in $(top_builddir)/config.status
+	$(AM_V_GEN)sed $(VIRTNWFILTERD_UNIT_VARS) < $< > $@-t && mv $@-t $@
+
+virtnwfilter%.socket: remote/libvirt%.socket.in $(top_builddir)/config.status
+	$(AM_V_GEN)sed $(VIRTNWFILTERD_UNIT_VARS) < $< > $@-t && mv $@-t $@
+
+nwfilter/virtnwfilterd.conf: remote/libvirtd.conf.in
+	$(AM_V_GEN)sed \
+		-e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \
+		-e 's/[@]DAEMON_NAME[@]/virtnwfilterd/' \
+		< $^ > $@
+
+nwfilter/virtnwfilterd.aug: remote/libvirtd.aug.in
+	$(AM_V_GEN)$(SED) \
+		-e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \
+		-e 's/[@]DAEMON_NAME[@]/virtnwfilterd/' \
+		-e 's/[@]DAEMON_NAME_UC[@]/Virtnwfilterd/' \
+		$< > $@
+
+nwfilter/test_virtnwfilterd.aug: remote/test_libvirtd.aug.in \
+		nwfilter/virtnwfilterd.conf $(AUG_GENTEST)
+	$(AM_V_GEN)$(AUG_GENTEST) nwfilter/virtnwfilterd.conf \
+		$(srcdir)/remote/test_libvirtd.aug.in | \
+		$(SED) -e '/[@]CUT_ENABLE_IP[@]/,/[@]END[@]/d' \
+		-e 's/[@]DAEMON_NAME[@]/virtnwfilterd/' \
+		-e 's/[@]DAEMON_NAME_UC[@]/Virtnwfilterd/' \
+		> $@ || rm -f $@
+
 endif WITH_NWFILTER
diff --git a/src/nwfilter/virtnwfilterd.service.in b/src/nwfilter/virtnwfilterd.service.in
new file mode 100644
index 0000000000..57c2fafe43
--- /dev/null
+++ b/src/nwfilter/virtnwfilterd.service.in
@@ -0,0 +1,24 @@
+[Unit]
+Description=Virtualization nwfilter daemon
+Conflicts=libvirtd.service
+Requires=virtnwfilterd.socket
+Requires=virtnwfilterd-ro.socket
+Requires=virtnwfilterd-admin.socket
+After=network.target
+After=dbus.service
+After=apparmor.service
+After=local-fs.target
+Documentation=man:libvirtd(8)
+Documentation=https://libvirt.org
+
+[Service]
+Type=notify
+ExecStart=@sbindir@/virtnwfilterd --timeout 120
+ExecReload=/bin/kill -HUP $MAINPID
+Restart=on-failure
+
+[Install]
+WantedBy=multi-user.target
+Also=virtnwfilterd.socket
+Also=virtnwfilterd-ro.socket
+Also=virtnwfilterd-admin.socket
-- 
2.21.0

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux