From 18fa9c60ef80d74c3ec626f90d64bb1bdfb909b7 Mon Sep 17 00:00:00 2001 From: "Yann E. MORIN" Date: Tue, 23 Jan 2024 20:09:02 +0100 Subject: [PATCH] package/libvirt: do not use 'qemu' user if not defined Commit ed12e2fbed3d (package/libvirt: add lxc and qemu options) introduced the definition of the 'qemu' user when the libvirt daemon is enabled, but unconditionally uses that user in its permissions table. When enabling libvirt without its qemu support, for example with the commands: cat <.config BR2_aarch64=y BR2_PACKAGE_LIBVIRT=y BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV=y BR2_TARGET_ROOTFS_EXT2=y BR2_TOOLCHAIN_EXTERNAL=y EOF make olddefconfig make The build fails with output: >>> Generating filesystem image rootfs.ext2 ... makedevs: unknown user name: qemu Move the permissions needing the 'qemu' user under the same condition the 'qemu' user is defined under. It means that a few permissions needing root must also be moved, as they belong under a directory needing the 'qemu' user. It also moves a few qemu-related permissions introduced in that same commit. The list of qemu permissions is reordered alphabetically (the others are left unchanged). Of course, it also requires that the qemu-related directory and symlink be moved under the same condition as well. Reported-by: Alessandro Signed-off-by: Yann E. MORIN Cc: Jared Bents [Julien: add the commands to reproduce the issue] Signed-off-by: Julien Olivain (cherry picked from commit da9adec1491eefc618aab610615fe293899845fd) Signed-off-by: Peter Korsgaard --- package/libvirt/libvirt.mk | 54 ++++++++++++++++++++++---------------- 1 file changed, 32 insertions(+), 22 deletions(-) diff --git a/package/libvirt/libvirt.mk b/package/libvirt/libvirt.mk index 1dc61a7549..7f2a33e926 100644 --- a/package/libvirt/libvirt.mk +++ b/package/libvirt/libvirt.mk @@ -250,6 +250,36 @@ define LIBVIRT_INSTALL_UDEV_RULES endef LIBVIRT_POST_INSTALL_TARGET_HOOKS += LIBVIRT_INSTALL_UDEV_RULES +ifeq ($(BR2_PACKAGE_LIBVIRT_QEMU),y) +define LIBVIRT_USERS_QEMU + qemu -1 kvm -1 * - - - Libvirt qemu/kvm daemon +endef +define LIBVIRT_PERMISSIONS_QEMU + /var/cache/libvirt/qemu d 750 qemu kvm - - - - - + /var/cache/libvirt/qemu/capabilities d 755 root root - - - - - + /var/lib/libvirt/qemu d 751 qemu kvm - - - - - + /var/lib/libvirt/qemu/autostart d 700 root root - - - - - + /var/lib/libvirt/qemu/channel d 755 qemu kvm - - - - - + /var/lib/libvirt/qemu/channel/target d 755 qemu kvm - - - - - + /var/lib/libvirt/qemu/dump d 755 qemu kvm - - - - - + /var/lib/libvirt/qemu/networks d 700 root root - - - - - + /var/lib/libvirt/qemu/networks/autostart d 700 root root - - - - - + /var/lib/libvirt/qemu/nvram d 755 qemu kvm - - - - - + /var/lib/libvirt/qemu/save d 755 qemu kvm - - - - - + /var/lib/libvirt/qemu/snapshot d 755 qemu kvm - - - - - + /var/log/libvirt/qemu d 750 root root - - - - - + /var/log/swtpm/libvirt/qemu d 711 root root - - - - - +endef +define LIBVIRT_CREATE_SYMLINKS_QEMU + $(INSTALL) -m 751 -d $(TARGET_DIR)/var/lib/libvirt/qemu + ln -s -f ../../var/lib/libvirt/qemu $(TARGET_DIR)/etc/libvirt/ +endef +endif + +define LIBVIRT_USERS + $(LIBVIRT_USERS_QEMU) +endef + # Adjust directory ownerships and permissions. Notice /var/log is a symlink to # /tmp in the default sysvinit skeleton, so some directories may disappear at # run-time. Set the permissions anyway, since they are valid for the default @@ -263,29 +293,16 @@ define LIBVIRT_PERMISSIONS /var/lib/libvirt/filesystems d 711 root root - - - - - /var/lib/libvirt/images d 711 root root - - - - - /var/lib/libvirt/network d 700 root root - - - - - - /var/lib/libvirt/qemu d 751 qemu kvm - - - - - - /var/lib/libvirt/qemu/autostart d 700 root root - - - - - - /var/lib/libvirt/qemu/networks d 700 root root - - - - - - /var/lib/libvirt/qemu/networks/autostart d 700 root root - - - - - - /var/lib/libvirt/qemu/channel d 755 qemu kvm - - - - - - /var/lib/libvirt/qemu/channel/target d 755 qemu kvm - - - - - - /var/lib/libvirt/qemu/dump d 755 qemu kvm - - - - - - /var/lib/libvirt/qemu/nvram d 755 qemu kvm - - - - - - /var/lib/libvirt/qemu/save d 755 qemu kvm - - - - - - /var/lib/libvirt/qemu/snapshot d 755 qemu kvm - - - - - /var/lib/libvirt/secrets d 700 root root - - - - - /var/lib/libvirt/storage d 755 root root - - - - - /var/lib/libvirt/storage/autostart d 755 root root - - - - - /var/cache/libvirt d 711 root root - - - - - /var/cache/libvirt/lxc d 750 root root - - - - - - /var/cache/libvirt/qemu d 750 qemu kvm - - - - - - /var/cache/libvirt/qemu/capabilities d 755 root root - - - - - /var/log/libvirt d 700 root root - - - - - /var/log/libvirt/lxc d 750 root root - - - - - - /var/log/libvirt/qemu d 750 root root - - - - - /var/log/swtpm d 755 root root - - - - - /var/log/swtpm/libvirt d 755 root root - - - - - - /var/log/swtpm/libvirt/qemu d 711 root root - - - - - + $(LIBVIRT_PERMISSIONS_QEMU) endef # libvirt may need to create persistent files (e.g. VM definitions) in these @@ -296,22 +313,15 @@ endef define LIBVIRT_CREATE_SYMLINKS $(INSTALL) -m 700 -d $(TARGET_DIR)/etc/libvirt $(INSTALL) -m 755 -d $(TARGET_DIR)/var/lib/libvirt - $(INSTALL) -m 751 -d $(TARGET_DIR)/var/lib/libvirt/qemu $(INSTALL) -m 700 -d $(TARGET_DIR)/var/lib/libvirt/secrets $(INSTALL) -m 755 -d $(TARGET_DIR)/var/lib/libvirt/storage - ln -s -f ../../var/lib/libvirt/qemu $(TARGET_DIR)/etc/libvirt/ ln -s -f ../../var/lib/libvirt/secrets $(TARGET_DIR)/etc/libvirt/ ln -s -f ../../var/lib/libvirt/storage $(TARGET_DIR)/etc/libvirt/ + $(LIBVIRT_CREATE_SYMLINKS_QEMU) endef LIBVIRT_PRE_INSTALL_TARGET_HOOKS += LIBVIRT_CREATE_SYMLINKS -ifeq ($(BR2_PACKAGE_LIBVIRT_QEMU),y) -define LIBVIRT_USERS - qemu -1 kvm -1 * - - - Libvirt qemu/kvm daemon -endef -endif - ifeq ($(BR2_PACKAGE_LIBVIRT_DAEMON),y) define LIBVIRT_INSTALL_INIT_SYSV $(INSTALL) -D -m 0755 package/libvirt/S91virtlogd $(TARGET_DIR)/etc/init.d/S91virtlogd