Bug#1050464: marked as done (libvirt: Libvirtd conffiles should document tcp/tls usage)

Fri, 13 Oct 2023 06:09:19 -0700 

Your message dated Fri, 13 Oct 2023 13:05:07 +0000
with message-id <e1qrhql-0091tt...@fasolo.debian.org>
and subject line Bug#1050464: fixed in libvirt 9.8.0-2
has caused the Debian Bug report #1050464,
regarding libvirt: Libvirtd conffiles should document tcp/tls usage
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1050464: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050464
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Source: libvirt
Severity: minor
Tags: patch

Dear Maintainer,

I suggest documenting tcp/tls usage to stop libvirtd conffiles from
being misleading. It will prevent from following situations:

E.g. User uses virsh:

$ virsh -c qemu+tcp://host/system
error: unable to connect to server at 'host:16509': Connection refused
error: failed to connect to the hypervisor

Then wants to start the libvirt systemd service that starts the libvirt
process with $libvirt_opts as a parameter to the executable.

There are some options passed to libvirtd - add "-l" to listen on tcp
libvirtd_opts="-l -d" - but adding any option in libvirtd_opts causes
the service to fail on restart without the listener running on port
16509.

>From the user's perspective it might look like the libvirtd.service
file needs to be changed to enable the tcp listener instead of using the
/etc/default/libvirtd config file.

To prevent that, I propose the patch that is added as an attachment.

-- System Information:
Debian Release: bullseye/sid
  APT prefers focal-updates
  APT policy: (500, 'focal-updates'), (500, 'focal-security'), (500, 
'focal-proposed'), (500, 'focal'), (100, 'focal-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.15.0-79-generic (SMP w/8 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

>From e5628015f5a5005145f1d74dae89205be7255fb3 Mon Sep 17 00:00:00 2001
From: Michal Maloszewski <michal.maloszew...@canonical.com>
Date: Thu, 24 Aug 2023 22:00:39 +0200
Subject: [PATCH] * d/libvirt-daemon-system.libvirtd.default: Document tcp/tls
 usage to stop libvirtd conffiles from being misleading.

---
 debian/libvirt-daemon-system.libvirtd.default | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/debian/libvirt-daemon-system.libvirtd.default 
b/debian/libvirt-daemon-system.libvirtd.default
index 7db970d16..838f3d9a3 100644
--- a/debian/libvirt-daemon-system.libvirtd.default
+++ b/debian/libvirt-daemon-system.libvirtd.default
@@ -7,7 +7,21 @@
 # connects.
 #LIBVIRTD_ARGS="--timeout 120"
 
-# If systemd socket activation is disabled, then the following
+# If systemd socket activation is enabled (this is the default), then the
+# following can be used to listen on TCP/TLS sockets:
+# $ systemctl start libvirtd-<socket_type>.socket
+# where <socket_type> = tls or tcp.
+#
+# Note: In case the service is already running, this command might fail, but
+# that does not matter as it has already started. If not using the daemon
+# at the moment you might stop it so the socket(s) can be enabled:
+# $ sudo systemctl stop libvirtd
+#
+# To configure the socket to be started and available on system startup use:
+# $ sudo systemctl enable libvirtd-<socket_type>.socket
+# where socket_type = tls or tcp.
+
+# If systemd socket activation has been disabled, then the following
 # can be used to listen on TCP/TLS sockets
 #LIBVIRTD_ARGS="--listen"
 
-- 
2.25.1

--- End Message ---
--- Begin Message --- 
Source: libvirt
Source-Version: 9.8.0-2
Done: Andrea Bolognani <e...@kiyuko.org>

We believe that the bug you reported is fixed in the latest version of
libvirt, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1050...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andrea Bolognani <e...@kiyuko.org> (supplier of updated libvirt package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 13 Oct 2023 13:55:07 +0200
Source: libvirt
Architecture: source
Version: 9.8.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Libvirt Maintainers 
<pkg-libvirt-maintain...@lists.alioth.debian.org>
Changed-By: Andrea Bolognani <e...@kiyuko.org>
Closes: 1050464
Changes:
 libvirt (9.8.0-2) unstable; urgency=medium
 .
   [ Michal Maloszewski ]
   * [03d707d] libvirtd.default: Document TCP/TLS usage
     - Closes: #1050464
     - LP: #1960937
 .
   [ Andrea Bolognani ]
   * [53f248b] control: Make more packages Linux-only
     - Among the packages that are currently arch:any only libvirt0,
       libvirt-dev and libvirt-clients make sense on non-Linux
   * [f1f8713] patches: Add forward/meson-Fix-XDR-check-for-GNU-Hurd.patch
     - Make it possible to build on hurd-i386
Checksums-Sha1:
 0614ef47198b2ae40948231fc942844b5ba70a65 5986 libvirt_9.8.0-2.dsc
 21ef9c8e7f27d5d3f87dbdecb3bddcc30420ba8b 87644 libvirt_9.8.0-2.debian.tar.xz
 d2f999f6811b6a5c837c16efbae126465f48078b 12283 libvirt_9.8.0-2_source.buildinfo
Checksums-Sha256:
 a54a33174e9a8a990031db5bafe43fa7979efb9060689ae2eefa33d530648ad0 5986 
libvirt_9.8.0-2.dsc
 d6775afe59e495c8ada5cadd19d0bde09e42895e0792001a2ddf753544861fea 87644 
libvirt_9.8.0-2.debian.tar.xz
 7232ae5bc6422f6c75e910e0a671eb60820efbab814c5fccf43ab587ea5904e7 12283 
libvirt_9.8.0-2_source.buildinfo
Files:
 40af9c5fc518b8d782945a80657af5ed 5986 libs optional libvirt_9.8.0-2.dsc
 022e15eefa0b8e779a6ec511089cb234 87644 libs optional 
libvirt_9.8.0-2.debian.tar.xz
 96e19e012839053b44c17fd82e5e78e5 12283 libs optional 
libvirt_9.8.0-2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEO48t9niVypx3EjLf954fxUKFg6wFAmUpO40ACgkQ954fxUKF
g6wcRA/+MCBKvqRqcXGj+aLeEKjLRa32pCGM6gn8odCw2EPCGiy4vkJRwLyR8lPP
GL46QDuYlt2M6Uy+ZbtjhOpRn07DptYFnrCDycMNPPlZ0iovkw5jlKa6AfNMDhtO
2DlURIdpG15J66JJ3zs5NrxpJ2Om55MKFvabRhV8VSH6QgPQUCBcriKyjtbm20/k
aELLueW8y78g9WHJH0g8zaJVFzQPlvycF1DnN3vfQWN4M8n+2MfMmr0qIU1Iwxuf
Jyg2bFkZpZhXHtHJZd5PbTM9cQNv6FiDfMqUAxfi9HacRmfEJwKuw2UdUBzXQb6W
X/QTC5P2SrPsNDLNcjbV/b4C413czVTHUD+hvMlsxnjbXPXN8HQaEeskgqlEARng
4uIl08DtiTwVNWJ5ojpNEZBSWXBF5Ajal82DSN/5D2A/7F7rhHldJpvwDEUA9xv4
c+ooNewl+6xI1jkYbrWzy86BuesOUzKCIzUsGOTQLhL4B5Rx/t9BiC07bmul1rHB
lLVyoVqb8QWT0qttIQuQAN8PIXHD383u/zyOoXdKorWnitNNF1KQ1MlYRtgqv4Ep
1gpFez7LjwDDzaN6rnfX2biSlkMrVNZX7by60hHLo04+opdvqwqS31c+Hp079mJc
pXGy86/Sd1QM9EzbaiYzqI8Awq59FrqjRMfAQEQbXlEwTxr9Kc0=
=SBan
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to