From nobody Thu May 2 10:44:31 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) client-ip=63.128.21.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Received-SPF: pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) client-ip=63.128.21.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=quarantine dis=quarantine) header.from=virtuozzo.com ARC-Seal: i=1; a=rsa-sha256; t=1603705279; cv=none; d=zohomail.com; s=zohoarc; b=VCA1CokPaxrJO8i3rPDVaBfBJzq0anGeq1AFskRSuy8vo1Fuh8hzU4aO0XA5NA4U/YsQX9yPogPYoSTbys9KLxO/gULWbVZBPMmsaMsnSSYSsoz544bSHpIJV6LyLj5nuYaMlu7JweGDeeaPZuQAeLZslNa2pj+7Qa3rPlISd0Q= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1603705279; h=Content-Type:Date:From:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:Message-ID:Sender:Subject:To; bh=wc75GU/Y+0QRb5kZA90sWlKbERnxtPbGMitq304S3V0=; b=dxeD239N351XjSctw/2TgycOnju51Uk8CGmLtRcmZMyBuliIFMm1RkrRluioajQBzAPoSSqNm/rZCoM3aaqd3Mgy77x89SrbNob4FNaZRBAllW7bWuF6fR3JNiUu4N3UPggyxg/t+BBKqx/BRD4xIrIL2s1SO0erdzVE+Jz0F34= ARC-Authentication-Results: i=1; mx.zohomail.com; spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=quarantine dis=quarantine) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [63.128.21.124]) by mx.zohomail.com with SMTPS id 1603705279418116.24428151272878; Mon, 26 Oct 2020 02:41:19 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-414-OPmlg9aaMka_N--1__-UAg-1; Mon, 26 Oct 2020 05:41:16 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id AA325803F4C; Mon, 26 Oct 2020 09:41:10 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 0B81B1043270; Mon, 26 Oct 2020 09:41:09 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id E388292F25; Mon, 26 Oct 2020 09:41:07 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 09Q9MD9f001208 for ; Mon, 26 Oct 2020 05:22:14 -0400 Received: by smtp.corp.redhat.com (Postfix) id 9FEEE5D21A; Mon, 26 Oct 2020 09:22:13 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast01.extmail.prod.ext.rdu2.redhat.com [10.11.55.17]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 9ACCF5D20D for ; Mon, 26 Oct 2020 09:22:11 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [207.211.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 7382D858296 for ; Mon, 26 Oct 2020 09:22:11 +0000 (UTC) Received: from relay3.sw.ru (relay.sw.ru [185.231.240.75]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-317-2peIrs_hMnek8MaQUSsr3A-1; Mon, 26 Oct 2020 05:22:08 -0400 Received: from [10.28.15.159] (helo=vz7.sw.ru) by relay3.sw.ru with esmtp (Exim 4.94) (envelope-from ) id 1kWyhR-006C94-MQ for libvir-list@redhat.com; Mon, 26 Oct 2020 12:21:58 +0300 X-MC-Unique: OPmlg9aaMka_N--1__-UAg-1 X-MC-Unique: 2peIrs_hMnek8MaQUSsr3A-1 From: Nikolay Shirokovskiy To: libvir-list@redhat.com Subject: [PATCH] spec: keep existing nwfilters uuid on update Date: Mon, 26 Oct 2020 12:21:45 +0300 Message-Id: <1603704105-560923-1-git-send-email-nshirokovskiy@virtuozzo.com> X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 2 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Now on every nwfilter config package update we overwrite existing filters entirely. It is desired to bring new version of filters on update but we'd better keep their uuids I guess. Actually patch primarily address noise in logs on update. If both libvirtd = and firewalld are running and libvirt is using firewalld backend then on firewa= lld restart we reload all nwfilters. So if node is updated and we have update f= or both firewalld and libvirt then in the process of update first new nwfilter= s of libvirt package are copied to /etc/libvirt/nwfilters then firewalld is restarted and then libvirtd is restarted. In this process firewalld restart cause log messages like [1]. The issue is libvirt brings nwfilters without in definition and on handling firewalld restart libvirt generates missing uuid and then fail to update filter definition because it is already present in filters list with different uuid. [1] virNWFilterObjListAssignDef:337 : operation failed: filter 'no-ip-spoof= ing' already exists with uuid c302edf9-8a48-40d8-a652-f70b2c563ad1 Signed-off-by: Nikolay Shirokovskiy --- libvirt.spec.in | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/libvirt.spec.in b/libvirt.spec.in index 2a4324b..6a31440 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1438,7 +1438,18 @@ fi rm -rf %{_localstatedir}/lib/rpm-state/libvirt || : =20 %post daemon-config-nwfilter -cp %{_datadir}/libvirt/nwfilter/*.xml %{_sysconfdir}/libvirt/nwfilter/ +# keep existing filters uuid on update +for dfile in %{_datadir}/libvirt/nwfilter/*.xml; do + sfile=3D%{_sysconfdir}/libvirt/nwfilter/`basename $dfile` + if [ -f "$sfile" ]; then + uuidstr=3D`sed -n '/.*<\/uuid>/p' "$sfile"` + if [ ! -z "$uuidstr" ]; then + sed -e "s,,&\n$uuidstr," "$dfile" > "$sfile" + continue + fi + fi + cp "$dfile" "$sfile" +done # libvirt saves these files with mode 600 chmod 600 %{_sysconfdir}/libvirt/nwfilter/*.xml # Make sure libvirt picks up the new nwfilter defininitons --=20 1.8.3.1