From 743adffffe0c697beb75f88e237136df44ac0be8 Mon Sep 17 00:00:00 2001
From: Mark McLoughlin <markmc@fedoraproject.org>
Date: Aug 06 2009 15:01:49 +0000
Subject: * Thu Aug  6 2009 Mark McLoughlin <markmc@redhat.com> - 0.7.0-2

- Make sure qemu can access kernel/initrd (bug #516034)
- Set perms on /var/lib/libvirt/boot to 0711 (bug #516034)

---

diff --git a/libvirt-0.7.0-chown-kernel-initrd-before-spawning-qemu.patch b/libvirt-0.7.0-chown-kernel-initrd-before-spawning-qemu.patch
new file mode 100644
index 0000000..203f201
--- /dev/null
+++ b/libvirt-0.7.0-chown-kernel-initrd-before-spawning-qemu.patch
@@ -0,0 +1,73 @@
+From: Mark McLoughlin <markmc@redhat.com>
+Subject: [PATCH] chown kernel/initrd before spawning qemu
+
+If we're running qemu unprivileged, we need to chown any supplied kernel
+or initrd before spawning it.
+
+* src/qemu_driver.c: rename qemuDomainSetDiskOwnership() to
+  qemuDomainSetFileOwnership(), pass it a path string instead of a disk
+  definition and use it for chowning the kernel/initrd in
+  qemuDomainSetAllDeviceOwnership()
+---
+ src/qemu_driver.c |   20 ++++++++++++--------
+ 1 files changed, 12 insertions(+), 8 deletions(-)
+
+diff --git a/src/qemu_driver.c b/src/qemu_driver.c
+index 412b68d..bd58435 100644
+--- a/src/qemu_driver.c
++++ b/src/qemu_driver.c
+@@ -1684,18 +1684,18 @@ static int qemuDomainSetHostdevOwnership(virConnectPtr conn,
+ 
+ }
+ 
+-static int qemuDomainSetDiskOwnership(virConnectPtr conn,
+-                                      virDomainDiskDefPtr def,
++static int qemuDomainSetFileOwnership(virConnectPtr conn,
++                                      const char *path,
+                                       uid_t uid, gid_t gid)
+ {
+ 
+-    if (!def->src)
++    if (!path)
+         return 0;
+ 
+-    VIR_DEBUG("Setting ownership on %s to %d:%d", def->src, uid, gid);
+-    if (chown(def->src, uid, gid) < 0) {
++    VIR_DEBUG("Setting ownership on %s to %d:%d", path, uid, gid);
++    if (chown(path, uid, gid) < 0) {
+         virReportSystemError(conn, errno, _("cannot set ownership on %s"),
+-                             def->src);
++                             path);
+         return -1;
+     }
+     return 0;
+@@ -1725,7 +1725,7 @@ static int qemuDomainSetDeviceOwnership(virConnectPtr conn,
+             (def->data.disk->readonly || def->data.disk->shared))
+             return 0;
+ 
+-        return qemuDomainSetDiskOwnership(conn, def->data.disk, uid, gid);
++        return qemuDomainSetFileOwnership(conn, def->data.disk->src, uid, gid);
+ 
+     case VIR_DOMAIN_DEVICE_HOSTDEV:
+         return qemuDomainSetHostdevOwnership(conn, def->data.hostdev, uid, gid);
+@@ -1753,12 +1753,16 @@ static int qemuDomainSetAllDeviceOwnership(virConnectPtr conn,
+     uid = restore ? 0 : driver->user;
+     gid = restore ? 0 : driver->group;
+ 
++    if (qemuDomainSetFileOwnership(conn, def->os.kernel, uid, gid) < 0 ||
++        qemuDomainSetFileOwnership(conn, def->os.initrd, uid, gid) < 0)
++        return -1;
++
+     for (i = 0 ; i < def->ndisks ; i++) {
+         if (restore &&
+             (def->disks[i]->readonly || def->disks[i]->shared))
+             continue;
+ 
+-        if (qemuDomainSetDiskOwnership(conn, def->disks[i], uid, gid) < 0)
++        if (qemuDomainSetFileOwnership(conn, def->disks[i]->src, uid, gid) < 0)
+             return -1;
+     }
+ 
+-- 
+1.6.2.5
+
diff --git a/libvirt.spec b/libvirt.spec
index c93cd32..7a8da9b 100644
--- a/libvirt.spec
+++ b/libvirt.spec
@@ -78,11 +78,14 @@
 Summary: Library providing a simple API virtualization
 Name: libvirt
 Version: 0.7.0
-Release: 1%{?dist}%{?extra_release}
+Release: 2%{?dist}%{?extra_release}
 License: LGPLv2+
 Group: Development/Libraries
 Source: libvirt-%{version}.tar.gz
 
+# Make sure qemu can access kernel/initrd (bug #516034)
+Patch01: libvirt-0.7.0-chown-kernel-initrd-before-spawning-qemu.patch
+
 # Temporary hack till PulseAudio autostart problems are sorted
 # out when SELinux enforcing (bz 486112)
 Patch200: libvirt-0.6.4-svirt-sound.patch
@@ -252,6 +255,8 @@ of recent versions of Linux (and other OSes).
 %prep
 %setup -q
 
+%patch01 -p1
+
 %patch200 -p0
 
 %build
@@ -497,7 +502,7 @@ fi
 
 %dir %{_localstatedir}/lib/libvirt/
 %dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/images/
-%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt/boot/
+%dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/boot/
 %dir %attr(0700, root, root) %{_localstatedir}/cache/libvirt/
 
 %if %{with_qemu}
@@ -612,7 +617,11 @@ fi
 %endif
 
 %changelog
-* Wed Aug  5 2009 Daniel Veillard <veillard@redhat.com> - 0.7.0-1.fc12
+* Thu Aug  6 2009 Mark McLoughlin <markmc@redhat.com> - 0.7.0-2
+- Make sure qemu can access kernel/initrd (bug #516034)
+- Set perms on /var/lib/libvirt/boot to 0711 (bug #516034)
+
+* Wed Aug  5 2009 Daniel Veillard <veillard@redhat.com> - 0.7.0-1
 - Upstream release of 0.7.0
 - ESX, VBox3, Power Hypervisor drivers
 - new net filesystem glusterfs