[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCHv2] build: don't require avahi during install

On 02/07/2012 02:15 PM, Eric Blake wrote:
On 02/07/2012 12:05 PM, Laine Stump wrote:
See: https://bugzilla.redhat.com/show_bug.cgi?id=785269

The specfile requires avahi during install if libvirt was built with
avahi support, but there are many situations where it is undesirable
to install avahi due to security concerns. This patch requires only
the avahi-libs package, which is needed by libvirt to call the
function that tries to attach to the avahi daemon, but will instead
silently fail because the avahi-daemon is in the main avahi package,
and that package isn't installed.

v1 removed the requires completely, but that caused libvirtd to fail
to load due to missing libraries.

  libvirt.spec.in |    2 +-
  1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/libvirt.spec.in b/libvirt.spec.in
index f279d6d..62b0ed4 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -273,7 +273,7 @@ Requires: module-init-tools
  # for /sbin/ip&  /sbin/tc
  Requires: iproute
  %if %{with_avahi}
-Requires: avahi
+Requires: avahi-libs

Okay, I pushed it. Thanks for the quick review.

This is definitely a nicer solution - we compile against the
library, so we only need the library present, without also firing up the
main daemon.  The library itself is safe whether or not 'avahi' is also
installed.  And based on IRC chats we had in the meantime, I feel more
comfortable that you actually got something tested with 'avahi' uninstalled.

Yes, forgot to mention that. I tested by doing this:

  rpm -qa | grep avahi >/tmp/packages
  cat packages | xargs rpm --erase --nodeps
  yum install avahi-libs  # (this only installed the one package)

then I tried installing an unmodified libvirt rpm, which gave an error due to the avahi package being absent. After that I installed the modified libvirt rpm, and successfully restarted libvirt.

(After that, I reinstalled all the packages in /tmp/packages, because there's a boatload of stuff that depends (directly or indirectly) on avahi :-O )

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]