[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH] rpm spec cleanup and split off client only requirements



On Mon, Jul 20, 2009 at 06:34:26PM +0200, Daniel Veillard wrote:
> So I moved in the client:
>   - the shared library, I guess it's uncontroversial
>   - the virsh/virt-xml-validate binaries, I guess it it doesn't block
>     i386/x86_64 to be parallel installable that's fine
>   - the man pages, obvious based on previous
>   - the proxy when built, more controversial, it assumes that there
>     is a service running locally so could be left on the main package

Yeah, I think this is best left in the main package. Even in proxy
mode, you still really need libvirtd for the networking/storage
APIs, so its minimal use to have it in the client. 

>   - sasl and policykit data, more controversial, I guess it's better
>     to associate them with the client

The SASL config file is needed by both the client & server, so it
has to go in the -client RPM as you've done.

PolicyKit is only used by libvirtd, so its best left in the main
package

>   - the schemas to allow checking on the client

Makes sense.

> Some of this is still open, including the name of the subpackage which I
> initially expected to be libvirt-libs but in retrospect maybe -client
> will be more in line with the content,

> +%package client
> +Summary: client side library and utilities of the libvirt library
> +Group: Development/Libraries
> +Requires: libxml2
> +Requires: readline
> +Requires: ncurses
> +# So remote clients can access libvirt over SSH tunnel
> +# (client invokes 'nc' against the UNIX socket on the server)
> +Requires: nc
> +%if %{with_polkit}
> +Requires: PolicyKit >= 0.6
> +%endif
> +%if %{with_sasl}
> +Requires: cyrus-sasl
> +# Not technically required, but makes 'out-of-box' config
> +# work correctly & doesn't have onerous dependencies
> +Requires: cyrus-sasl-md5
> +%endif

Latest IETF guidlines are moving to deprecate SASL md5 as insufficiently
secure, so we should probably just drop this 'cyrus-sasl-md5' altogether,
and update  our docs & default config to be kerberos.


Daniel
-- 
|: Red Hat, Engineering, London   -o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org  -o-  http://virt-manager.org  -o-  http://ovirt.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-  F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]