From nobody Tue May  7 22:14:13 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 170.10.129.124 as permitted sender) client-ip=170.10.129.124;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1639498987; cv=none;
	d=zohomail.com; s=zohoarc;
	b=hCTMQ3YzZrEoU9D4oVPh/55FZwCfQpq2se44TGVNz4Ie9oFA6VOvh/1MWr41Z7J9s1S9698jbUqKHu7nLAqqOmnzgSoy9QZqghiOS/ZNOr6tenx//jDz1nml7DDDHYHGlbDOS6k6qF60shIFOt7oHxwU/+QrbcDhaa2jNX9Loro=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1639498987;
 h=Content-Type:Content-Transfer-Encoding:Date:From:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To;
	bh=K9ax9YpGMsRxexotqfq1+ocTdjBbm1Eov3mZoPeYVUY=;
	b=BE2v3C2mrvfd+TewCpbM3uHtixpmIhTU3nhURZYgp4W3Ans0OejuZIfbnF66YVKiajkVAxhNycO/OiGzTka+ixggv7WXHfUpWHlCwFPn+3Fu0H8+PtQVS9Zuv9BQKzEf5HJZafQ2q/3Bnqmkr776qWIXv455mx+uEzEQ0hvWsyc=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<berrange@redhat.com> (p=none dis=none)
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com
	with SMTPS id 1639498987740379.4851056149554;
 Tue, 14 Dec 2021 08:23:07 -0800 (PST)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-475-iM834FO4MmCGFljLxOiqsQ-1; Tue, 14 Dec 2021 11:23:04 -0500
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com
 [10.5.11.14])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 900FF18C89CF;
	Tue, 14 Dec 2021 16:22:58 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 74D5D78A8D;
	Tue, 14 Dec 2021 16:22:58 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 480DB1809CBA;
	Tue, 14 Dec 2021 16:22:58 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com
	[10.5.11.11])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id 1BEGMvbT019121 for <libvir-list@listman.util.phx.redhat.com>;
	Tue, 14 Dec 2021 11:22:57 -0500
Received: by smtp.corp.redhat.com (Postfix)
	id 72D5C6E1F4; Tue, 14 Dec 2021 16:22:57 +0000 (UTC)
Received: from localhost.localdomain.com (unknown [10.39.194.122])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 18C856E1ED;
	Tue, 14 Dec 2021 16:22:47 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1639498986;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post;
	bh=K9ax9YpGMsRxexotqfq1+ocTdjBbm1Eov3mZoPeYVUY=;
	b=KBHCmC/VRPaxb/njIvjieZt+2MOjySTIUlVAeRLH3onQ4dFyJL2S3dn6ItcI6vWahNCGvj
	fbU6lQ9LHzuhY54S2HZhE4nMtOCCQA7S3RmRMVjKCNEWud6/c7vHvOHfcn6K40s+qnR9xD
	wMlcVhkA/3nACEngiyjDS77iorS8VI4=
X-MC-Unique: iM834FO4MmCGFljLxOiqsQ-1
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
To: libvir-list@redhat.com
Subject: [PATCH] rpm: don't start/stop -ro.socket units for virtlockd/virtlogd
Date: Tue, 14 Dec 2021 16:22:46 +0000
Message-Id: <20211214162246.3393824-1-berrange@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-loop: libvir-list@redhat.com
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://listman.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://listman.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://listman.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1639498988194100003

These daemons do not have any support for unprivileged readonly
access, so we must not reference -ro.socket units in scripts.

Signed-off-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
Reviewed-by: J=C3=A1n Tomko <jtomko@redhat.com>
---
 libvirt.spec.in | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/libvirt.spec.in b/libvirt.spec.in
index 97030be407..e672fcc3a5 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -1279,14 +1279,18 @@ then \
 fi \
 %libvirt_daemon_finish_restart %1
=20
+# For daemons with only UNIX sockets
 %define libvirt_daemon_systemd_post() %systemd_post %1.socket %1-ro.socket=
 %1-admin.socket %1.service
-
-%define libvirt_daemon_systemd_post_inet() %systemd_post %1.socket %1-ro.s=
ocket %1-admin.socket %1-tls.socket %1-tcp.socket %1.service
-
 %define libvirt_daemon_systemd_preun() %systemd_preun %1.service %1-ro.soc=
ket %1-admin.socket %1.socket
=20
+# For daemons with UNIX and INET sockets
+%define libvirt_daemon_systemd_post_inet() %systemd_post %1.socket %1-ro.s=
ocket %1-admin.socket %1-tls.socket %1-tcp.socket %1.service
 %define libvirt_daemon_systemd_preun_inet() %systemd_preun %1.service %1-r=
o.socket %1-admin.socket %1-tls.socket %1-tcp.socket %1.socket
=20
+# For daemons with only UNIX sockets and no unprivileged read-only access
+%define libvirt_daemon_systemd_post_priv() %systemd_post %1.socket %1-admi=
n.socket %1.service
+%define libvirt_daemon_systemd_preun_priv() %systemd_preun %1.service %1-a=
dmin.socket %1.socket
+
 %pre daemon
 # 'libvirt' group is just to allow password-less polkit access to
 # libvirtd. The uid number is irrelevant, so we use dynamic allocation
@@ -1296,8 +1300,8 @@ getent group libvirt >/dev/null || groupadd -r libvirt
 exit 0
=20
 %post daemon
-%libvirt_daemon_systemd_post virtlogd
-%libvirt_daemon_systemd_post virtlockd
+%libvirt_daemon_systemd_post_priv virtlogd
+%libvirt_daemon_systemd_post_priv virtlockd
 %if %{with_modular_daemons}
 %libvirt_daemon_systemd_post_inet virtproxyd
 %else
@@ -1313,8 +1317,8 @@ exit 0
=20
 %libvirt_daemon_systemd_preun_inet libvirtd
 %libvirt_daemon_systemd_preun_inet virtproxyd
-%libvirt_daemon_systemd_preun virtlogd
-%libvirt_daemon_systemd_preun virtlockd
+%libvirt_daemon_systemd_preun_priv virtlogd
+%libvirt_daemon_systemd_preun_priv virtlockd
=20
 %postun daemon
 /bin/systemctl daemon-reload >/dev/null 2>&1 || :
--=20
2.33.1