[libvirt] [PATCH 09/29] remote: conditionalize IP socket config in augeas definitions
Boris Fiuczynski
fiuczy at linux.ibm.com
Tue Jul 16 13:09:50 UTC 2019
On 7/11/19 6:04 PM, Daniel P. Berrangé wrote:
> Prepare for reusing libvirtd augeas defintions with other daemons by
> making the config parameters for IP sockets conditionally defined by
> the make rules.
>
> Signed-off-by: Daniel P. Berrangé <berrange at redhat.com>
> ---
> build-aux/augeas-gentest.pl | 2 +-
> src/remote/Makefile.inc.am | 27 +++++++++++++++-----
> src/remote/{libvirtd.aug => libvirtd.aug.in} | 24 ++++++++++++-----
> src/remote/test_libvirtd.aug.in | 14 +++++++---
> 4 files changed, 49 insertions(+), 18 deletions(-)
> rename src/remote/{libvirtd.aug => libvirtd.aug.in} (88%)
>
> diff --git a/build-aux/augeas-gentest.pl b/build-aux/augeas-gentest.pl
> index 567fc651f3..69d94e6a0f 100755
> --- a/build-aux/augeas-gentest.pl
> +++ b/build-aux/augeas-gentest.pl
> @@ -37,7 +37,7 @@ open TEMPLATE, "<", $template or die "cannot read $template: $!";
>
> my $group = 0;
> while (<TEMPLATE>) {
> - if (/::CONFIG::/) {
> + if (/::\s*CONFIG\s*::/) {
> my $group = 0;
> print AUGTEST " let conf = \"";
> while (<CONFIG>) {
> diff --git a/src/remote/Makefile.inc.am b/src/remote/Makefile.inc.am
> index 4bc71346f2..7732fa744c 100644
> --- a/src/remote/Makefile.inc.am
> +++ b/src/remote/Makefile.inc.am
> @@ -124,11 +124,11 @@ sbin_PROGRAMS += libvirtd
>
> augeas_DATA += remote/libvirtd.aug
>
> -augeastest_DATA += test_libvirtd.aug
> +augeastest_DATA += remote/test_libvirtd.aug
>
> conf_DATA += remote/libvirtd.conf
>
> -CLEANFILES += test_libvirtd.aug
> +CLEANFILES += remote/libvirtd.aug remote/test_libvirtd.aug
>
> man8_MANS += libvirtd.8
>
> @@ -198,13 +198,28 @@ uninstall-data-remote:
>
> AUGEAS_DIRS += remote
>
> -test_libvirtd.aug: remote/test_libvirtd.aug.in \
> +remote/libvirtd.aug: remote/libvirtd.aug.in
> + $(AM_V_GEN)$(SED) \
> + -e '/:: CUT ENABLE_IP ::/d' \
> + -e '/:: END ::/d' \
> + -e 's/:: DAEMON_NAME ::/libvirtd/' \
> + -e 's/:: DAEMON_NAME_UC ::/Libvirtd/' \
> + $< > $@
> +
> +remote/test_libvirtd.aug.tmp: remote/test_libvirtd.aug.in \
> remote/libvirtd.conf $(AUG_GENTEST)
> - $(AM_V_GEN)$(AUG_GENTEST) $(srcdir)/remote/libvirtd.conf $< $@
> + $(AM_V_GEN)$(AUG_GENTEST) remote/libvirtd.conf remote/test_libvirtd.aug.in $@
To support VPATH builds I had to change the line above to
$(AM_V_GEN)$(AUG_GENTEST) remote/libvirtd.conf
$(srcdir)/remote/test_libvirtd.aug.in $@
> +
> +remote/test_libvirtd.aug: remote/test_libvirtd.aug.tmp
> + $(AM_V_GEN)$(SED) -e '/:: CUT ENABLE_IP ::/d' \
> + -e '/:: END ::/d' \
> + -e 's/:: DAEMON_NAME ::/libvirtd/' \
> + -e 's/:: DAEMON_NAME_UC ::/Libvirtd/' \
> + < $^ > $@ || rm -f $@
>
> -check-augeas-remote: test_libvirtd.aug
> +check-augeas-remote: remote/test_libvirtd.aug
> $(AM_V_GEN)if test -x '$(AUGPARSE)'; then \
> - '$(AUGPARSE)' -I $(srcdir)/remote test_libvirtd.aug; \
> + '$(AUGPARSE)' -I $(srcdir)/remote remote/test_libvirtd.aug; \
and here
'$(AUGPARSE)' -I remote remote/test_libvirtd.aug; \
> fi
>
> if WITH_SYSCTL
> diff --git a/src/remote/libvirtd.aug b/src/remote/libvirtd.aug.in
> similarity index 88%
> rename from src/remote/libvirtd.aug
> rename to src/remote/libvirtd.aug.in
> index 0188c23dd7..54a45e438a 100644
> --- a/src/remote/libvirtd.aug
> +++ b/src/remote/libvirtd.aug.in
> @@ -1,6 +1,6 @@
> -(* /etc/libvirt/libvirtd.conf *)
> +(* /etc/libvirt/:: DAEMON_NAME ::.conf *)
>
> -module Libvirtd =
> +module :: DAEMON_NAME_UC :: =
> autoload xfm
>
> let eol = del /[ \t]*\n/ "\n"
> @@ -24,11 +24,13 @@ module Libvirtd =
>
>
> (* Config entry grouped by function - same order as example config *)
> +:: CUT ENABLE_IP ::
> let network_entry = bool_entry "listen_tls"
> | bool_entry "listen_tcp"
> | str_entry "tls_port"
> | str_entry "tcp_port"
> | str_entry "listen_addr"
> +:: END::
>
> let sock_acl_entry = str_entry "unix_sock_group"
> | str_entry "unix_sock_ro_perms"
> @@ -38,6 +40,7 @@ module Libvirtd =
>
> let authentication_entry = str_entry "auth_unix_ro"
> | str_entry "auth_unix_rw"
> +:: CUT ENABLE_IP ::
> | str_entry "auth_tcp"
> | str_entry "auth_tls"
>
> @@ -46,12 +49,16 @@ module Libvirtd =
> | str_entry "ca_file"
> | str_entry "crl_file"
>
> - let authorization_entry = bool_entry "tls_no_verify_certificate"
> + let tls_authorization_entry = bool_entry "tls_no_verify_certificate"
> | bool_entry "tls_no_sanity_certificate"
> | str_array_entry "tls_allowed_dn_list"
> | str_array_entry "sasl_allowed_username_list"
> | str_array_entry "access_drivers"
> | str_entry "tls_priority"
> +:: END ::
> +
> + let misc_authorization_entry = str_array_entry "sasl_allowed_username_list"
> + | str_array_entry "access_drivers"
>
> let processing_entry = int_entry "min_workers"
> | int_entry "max_workers"
> @@ -87,11 +94,14 @@ module Libvirtd =
> | int_entry "ovs_timeout"
>
> (* Each enty in the config is one of the following three ... *)
> - let entry = network_entry
> - | sock_acl_entry
> + let entry = sock_acl_entry
> | authentication_entry
> +:: CUT ENABLE_IP ::
> + | network_entry
> | certificate_entry
> - | authorization_entry
> + | tls_authorization_entry
> +:: END ::
> + | misc_authorization_entry
> | processing_entry
> | admin_processing_entry
> | logging_entry
> @@ -106,7 +116,7 @@ module Libvirtd =
>
> let lns = ( record | comment | empty ) *
>
> - let filter = incl "/etc/libvirt/libvirtd.conf"
> + let filter = incl "/etc/libvirt/:: DAEMON_NAME ::.conf"
> . Util.stdexcl
>
> let xfm = transform lns filter
> diff --git a/src/remote/test_libvirtd.aug.in b/src/remote/test_libvirtd.aug.in
> index a4c7b4afe8..ac3e0493b6 100644
> --- a/src/remote/test_libvirtd.aug.in
> +++ b/src/remote/test_libvirtd.aug.in
> @@ -1,12 +1,14 @@
> -module Test_libvirtd =
> - ::CONFIG::
> +module Test_:: DAEMON_NAME :: =
> + :: CONFIG ::
>
> - test Libvirtd.lns get conf =
> + test :: DAEMON_NAME_UC ::.lns get conf =
> +:: CUT ENABLE_IP ::
> { "listen_tls" = "0" }
> { "listen_tcp" = "1" }
> { "tls_port" = "16514" }
> { "tcp_port" = "16509" }
> { "listen_addr" = "192.168.0.1" }
> +:: END ::
> { "unix_sock_group" = "libvirt" }
> { "unix_sock_ro_perms" = "0777" }
> { "unix_sock_rw_perms" = "0770" }
> @@ -14,11 +16,14 @@ module Test_libvirtd =
> { "unix_sock_dir" = "/var/run/libvirt" }
> { "auth_unix_ro" = "none" }
> { "auth_unix_rw" = "none" }
> +:: CUT ENABLE_IP ::
> { "auth_tcp" = "sasl" }
> { "auth_tls" = "none" }
> +:: END ::
> { "access_drivers"
> { "1" = "polkit" }
> }
> +:: CUT ENABLE_IP ::
> { "key_file" = "/etc/pki/libvirt/private/serverkey.pem" }
> { "cert_file" = "/etc/pki/libvirt/servercert.pem" }
> { "ca_file" = "/etc/pki/CA/cacert.pem" }
> @@ -30,6 +35,7 @@ module Test_libvirtd =
> { "2" = "DN2"}
> }
> { "tls_priority" = "NORMAL" }
> +:: END ::
> { "sasl_allowed_username_list"
> { "1" = "joe at EXAMPLE.COM" }
> { "2" = "fred at EXAMPLE.COM" }
> @@ -48,7 +54,7 @@ module Test_libvirtd =
> { "admin_max_client_requests" = "5" }
> { "log_level" = "3" }
> { "log_filters" = "1:qemu 1:libvirt 4:object 4:json 4:event 1:util" }
> - { "log_outputs" = "3:syslog:libvirtd" }
> + { "log_outputs" = "3:syslog::: DAEMON_NAME ::" }
> { "audit_level" = "2" }
> { "audit_logging" = "1" }
> { "host_uuid" = "00000000-0000-0000-0000-000000000000" }
>
--
Mit freundlichen Grüßen/Kind regards
Boris Fiuczynski
IBM Deutschland Research & Development GmbH
Vorsitzender des Aufsichtsrats: Matthias Hartmann
Geschäftsführung: Dirk Wittkopp
Sitz der Gesellschaft: Böblingen
Registergericht: Amtsgericht Stuttgart, HRB 243294
More information about the libvir-list
mailing list