Hi Brad!
Thanks for pointing out that for CentOS 6 the fix is included! Good to
know that!
But I think that the original package doesn't support RBD by default so
it has to be built again, am I right?
If that's correct then starting from there and building a new RPM with
RBD support is the proper way of updating. Correct?
Since I am very new at building RPMs is something else that I should be
aware of or take care? Any guidelines maybe....
Best regards,
George
On Thu, 21 May 2015 09:25:32 +1000, Brad Hubbard wrote:
On 05/21/2015 08:47 AM, Brad Hubbard wrote:
On 05/20/2015 11:02 AM, Robert LeBlanc wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
I've downloaded the new tarball, placed it in rpmbuild/SOURCES then
with the extracted spec file in rpmbuild/SPEC, I update it to the
new
version and then rpmbuild -ba program.spec. If you install the SRPM
then it will install the RH patches that have been applied to the
package and then you get to have the fun of figuring out which
patches
are still needed and which ones need to be modified. You can
probably
build the package without the patches, but some things may work a
little differently. That would get you the closest to the official
RPMs
As to where to find the SRPMs, I'm not really sure, I come from a
Debian background where access to source packages is really easy.
# yumdownloader --source qemu-kvm --source qemu-kvm-rhev
This assumes you have the correct source repos enabled. Something
like;
# subscription-manager repos
--enable=rhel-7-server-openstack-6.0-source-rpms
--enable=rhel-7-server-source-rpms
Taken from https://access.redhat.com/solutions/1381603
Of course the above is for RHEL only and is unnecessary as there are
errata
packages for rhel. I was just trying to explain how you can get
access to the
source packages for rhel.
As for Centos 6, although the version number may be "small" it has
the fix.
http://vault.centos.org/6.6/updates/Source/SPackages/qemu-kvm-0.12.1.2-2.448.el6_6.3.src.rpm
$ rpm -qp --changelog qemu-kvm-0.12.1.2-2.448.el6_6.3.src.rpm |head
-5
warning: qemu-kvm-0.12.1.2-2.448.el6_6.3.src.rpm: Header V3 RSA/SHA1
Signature, key ID c105b9de: NOKEY
* Fri May 08 2015 Miroslav Rezanina <mrezanin@xxxxxxxxxx> -
0.12.1.2-2.448.el6_6.3
- kvm-fdc-force-the-fifo-access-to-be-in-bounds-of-the-all.patch
[bz#1219267]
- Resolves: bz#1219267
(EMBARGOED CVE-2015-3456 qemu-kvm: qemu: floppy disk controller
flaw [rhel-6.6.z])
HTH.
Cheers,
Brad
HTH.
Cheers,
Brad
- ----------------
Robert LeBlanc
GPG Fingerprint 79A2 9CA4 6CC4 45DD A904 C70E E654 3BB2 FA62 B9F1
On Tue, May 19, 2015 at 3:47 PM, Georgios Dimitrakakis wrote:
Erik,
are you talking about the ones here :
http://ftp.redhat.com/redhat/linux/enterprise/6Server/en/RHEV/SRPMS/
???
From what I see the version is rather "small" 0.12.1.2-2.448
How one can verify that it has been patched against venom
vulnerability?
Additionally I only see the qemu-kvm package and not the qemu-img.
Is it
essential to update both in order to have a working CentOS system
or can I
just proceed with the qemu-kvm?
Robert, any ideas where can I find the latest and patched
SRPMs...I have
been building v.2.3.0 from source but I am very reluctant to use
it in my
system :-)
Best,
George
You can also just fetch the rhev SRPMs and build those. They
have
rbd enabled already.
On May 19, 2015 12:31 PM, "Robert LeBlanc" wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
You should be able to get the SRPM, extract the SPEC file and
use
that
to build a new package. You should be able to tweak all the
compile
options as well. Im still really new to building/rebuilding RPMs
but
Ive been able to do this for a couple of packages.
- ----------------
Robert LeBlanc
GPG Fingerprint 79A2 9CA4 6CC4 45DD A904 C70E E654 3BB2 FA62
B9F1
On Tue, May 19, 2015 at 12:33 PM, Georgios Dimitrakakis wrote:
I am trying to build the packages manually and I was wondering
is the flag --enable-rbd enough to have full Ceph
functionality?
Does anybody know what else flags should I include in order to
have the same
functionality as the original CentOS package plus the RBD
support?
Regards,
George
On Tue, 19 May 2015 13:45:50 +0300, Georgios Dimitrakakis
wrote:
Hi!
The QEMU Venom vulnerability (http://venom.crowdstrike.com/
[1])
got my
attention and I would
like to know what are you people doing in order to have the
latest
patched QEMU version
working with Ceph RBD?
In my case I am using the qemu-img and qemu-kvm packages
provided by
Ceph (http://ceph.com/packages/ceph-extras/rpm/centos6/x86_64/
[2]) in
order to have RBD working on CentOS6 since the default
repository
packages do not work!
If I want to update to the latest QEMU packages which ones are
known
to work with Ceph RBD?
I have seen some people mentioning that Fedora packages are
working
but I am not sure if they have the latest packages available
and
if
they are going to work eventually.
Is building manually the QEMU packages the only way???
Best regards,
George
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx [3]
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com [4]
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx [5]
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com [6]
-----BEGIN PGP SIGNATURE-----
Version: Mailvelope v0.13.1
Comment: https://www.mailvelope.com [7]
wsFcBAEBCAAQBQJVW4+RCRDmVDuy+mK58QAAg8AP/jqmQFYEwOeGRTJigk9M
pBhr34vyA3mky+BjjW9pt2tydECOH0p5PlYXBfhrQeg2B/yT0uVUKYbYkdBU
fY85UhS5NFdm7VyFyMPSGQwZlXIADF8YJw+Zbj1tpfRvbCi/sntbvGQk+9X8
usVSwBTbWKhYyMW8J5edppv72fMwoVjmoNXuE7wCUoqwxpQBUt0ouap6gDNd
Cu0ZMu+RKq+gfLGcIeSIhsDfV0/LHm2QBO/XjNZtMjyomOWNk9nYHp6HGJxH
MV/EoF4dYoCqHcODPjU2NvesQfYkmqfFoq/n9q/fMEV5JQ+mDfXqc2BcQUsx
40LDWDs+4BTw0KI+dNT0XUYTw+O0WnXFzgIn1wqXEs8pyOSJy1gCcnOGEavy
4PqYasm1g+5uzggaIddFPcWHJTw5FuFfjCnHX8Jo3EeQVDM6Vg8FPkkb5JQk
sqxVRQWsF89gGRUbHIQWdkgy3PZN0oTkBvUfflmE/cUq/r40sD4c25D+9Gti
Gj0IKG5uqMaHud3Hln++0ai5roOghoK0KxcDoBTmFLaQSNo9c4CIFCDf2kJ3
idH5tVozDSgvFpgBFLFatb7isctIYf4Luh/XpLXUzdjklGGzo9mhOjXsbm56
WCJZOkQ/OY1UFysMV5+tSSEn7TsF7Np9NagZB7AHhYuTKlOnbv3QJlhATOPp
u4wP
=SsM2
-----END PGP SIGNATURE-----
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx [8]
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com [9]
Links:
------
[1] http://venom.crowdstrike.com/
[2] http://ceph.com/packages/ceph-extras/rpm/centos6/x86_64/
[3] mailto:ceph-users@xxxxxxxxxxxxxx
[4] http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
[5] mailto:ceph-users@xxxxxxxxxxxxxx
[6] http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
[7] https://www.mailvelope.com
[8] mailto:ceph-users@xxxxxxxxxxxxxx
[9] http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
[10] mailto:robert@xxxxxxxxxxxxx
-----BEGIN PGP SIGNATURE-----
Version: Mailvelope v0.13.1
Comment: https://www.mailvelope.com
wsFcBAEBCAAQBQJVW90yCRDmVDuy+mK58QAAQlIP/0MOK1vIHg4tojDfyv2/
NBoYqHRM+9EaxgvwZJtCRvJVkOIB9b6Np6HxU0ynaVoi3DDTuYh7OLzcTkys
d6o7nuf1KFm6XMw4hWYqSr78XW144VIwVuW86Bt+O/65trdztlFs9zFILGGg
/E5R6FBew9NbKHjMNE9gL2WYoz9bnVJ++ZETeq2r3tDNezFrX4yXH7qzse1B
MDkeXg0N2ImpVa4AKWRdeHCxMU9/HdYSOtV0pmkwoSVwuGrR9LCvn6+atDRI
s2hdGl8Pfd43GPLBNQr31CgP8vW4iEy0PnDH05+5g7Rd9KaeR2vJ1lexpp8o
jmMOOxv0749GmV9a3Elk5K9OZNbfvHjTaKYOhBW3iMV/Zd11W9kffVPNPKrF
YBYpGaPuUG+pcsaXOIpNh/AoU8A8lROaQpCWaFg35y0YUjx+Xq6OIWgJTi+B
BdLFrsZn6ed8QxICFiltzX+M7fBESga0rt+AtsRFZtVA9g/I3XZX+rRh9cTx
MrK6R9UmbAx6+eJQ+0KuOs4/yhdWKvOMUSYsX9k4R9zsy6wS3sYt0eNdMXkW
VPmFcWGxFhFDcCfqSvu9T56+0aZabVNRlp4XR9m0ZEa0ngL3F+FwnlEMT9hF
VvCGWkzsde2BzgWQuTCVQJqK+D8urOzYFF/7kFtw6Ld0Ao62GczDmqn4HJAL
9cbM
=Mi5q
-----END PGP SIGNATURE-----
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
--
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
