Ubuntu
libvirt package

Merge libvirt from Debian unstable for l-series

Bug #1993412 reported by Bryce Harrington
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
libvirt (Ubuntu)
Fix Released
Undecided
Christian Ehrhardt 

Bug Description

Scheduled-For: ubuntu-23.01
Upstream: tbd
Debian: 8.5.0-1 8.5.0-2
Ubuntu: 8.6.0-0ubuntu3

Debian new has 8.5.0-2

### Old Ubuntu Delta ###

libvirt (8.6.0-0ubuntu3) kinetic; urgency=medium

  * d/p/u/lp-1990499-virt-aa-helper-allow-common-riscv64-loader-paths.patch:
    easen the use of riscv64 through libvirt (LP: #1990499)
  * d/p/u/lp-1990949-virpcivpd-reduce-errors-in-log-due-to-invalid-VPD.patch:
    reduce log noise by invalid VPD data (LP: #1990949)

 -- Christian Ehrhardt <email address hidden> Tue, 04 Oct 2022 08:29:46 +0200

libvirt (8.6.0-0ubuntu2) kinetic; urgency=medium

  * d/p/libvirt-daemon-system.postinst: default network autostart
    handling needs to happen before services start (LP: #1990853)

 -- Christian Ehrhardt <email address hidden> Wed, 28 Sep 2022 08:36:15 +0200

libvirt (8.6.0-0ubuntu1) kinetic; urgency=medium

  * Merge 8.0.0 from Debian unstable (LP: #1971289)
    Among many other fixes and improvements this fixes:
    - support for minor NFS versions (LP: #1980134)
    - launching VMs with SGX enabled (LP: #1982896)
    Remaining changes:
    - libvirt-uri.sh, d/rules: Automatically switch default libvirt URI
      for users via user profile (xen URI on dom0, qemu:///system otherwise)
    - Disable libssh2 support (universe dependency)
    - d/control: add libzfslinux-dev to build-deps
    - d/control: drop libvirt-lxc, vbox and xen drivers to suggest
    - debian/patches/ubuntu/ovmf_paths.patch: adjust paths to secboot.fd UEFI
      Secure Boot enabled variants of the OVMF firmware and variable store for
      the paths where we ship these files in Ubuntu.
    - Set qemu-group to kvm (for compat with older ubuntu)
    - Additional apport package-hook
    - Autostart default bridged network (As upstream does, but not Debian).
      In addition to just enabling it our solution provides:
      + do not autostart if subnet is already taken (e.g. in guests).
      + iterate some alternative subnets before giving up
    - d/p/ubuntu/Allow-libvirt-group-to-access-the-socket.patch: This is
      the group based access to libvirt functions as it was used in Ubuntu
      for quite a long time.
      + d/p/ubuntu/daemon-augeas-fix-expected.patch fix some related tests
        due to the group access change.
      + d/libvirt-daemon-system.postinst: add users in sudo to the libvirt
        group.
    - Update README.Debian with Ubuntu changes
    - d/p/ubuntu/ubuntu_machine_type.patch: accept ubuntu types as pci440fx
    - fix autopkgtests (LP 1899180)
      + d/t/control, d/t/smoke-qemu-session: fixup smoke-qemu-session by making
        vmlinuz available and accessible (Debian bug 848314)
      + d/t/control: fix smoke-qemu-session by ensuring the service will run
        installing libvirt-daemon-system
      + d/t/smoke-lxc: fix smoke-lxc by ignoring potential issues on destroy as
        long as the following undefine succeeds
      + d/t/smoke-lxc: use systemd instead of sysV to restart the service
      + d/t/control, d/t/smoke-lxc: retry service restart and skip test if
        failing; This was flaky on some release/architectures
      + d/t/smoke-lxc: retry check_domain being flaky on arm64
    - dnsmasq related enhancements
      + run dnsmasq as libvirt-dnsmasq (LP: 1743718)
      + d/libvirt-daemon-system.postinst: add libvirt-dnsmasq user and group
      + d/libvirt-daemon-system.postrm: remove libvirt-dnsmasq user and group
        on purge
      + d/p/ubuntu/dnsmasq-as-priv-user: write dnsmasq config with user
        libvirt-dnsmasq and adapt the self tests to expect that config
      + d/libvirt-daemon-system.postinst: fix old libvirt-dnsmasq users group
      + Add dnsmasq configuration to work with system wide dnsmasq-base
    - d/p/ubuntu/set-default-machine-to-ubuntu.patch: to select default
      machine type correctly with newer qemu/libvirt
    - d/p/ubuntu/lp-1861125-ubuntu-models: recognize Ubuntu models for
      (LP 1861125) fixups
    - d/p/ubuntu/wait-for-qemu-kvm.patch - avoid hangs on startup (LP 1887592)
    - Apparmor Delta that is Ubuntu specific or yet to be upstreamed
      split into logical pieces. File names in debian/patches/ubuntu-aa/:
      + 0020-virt-aa-helper-ubuntu-storage-paths.patch:
        apparmor, virt-aa-helper: Allow various storage pools and image
        locations
      + 0029-appmor-libvirt-qemu-Add-9p-support.patch: appmor,
        libvirt-qemu: Add 9p support
      + 0031-virt-aa-helper-Ask-for-no-deny-rule-for-readonly-dis.patch:
        virt-aa-helper: Ask for no deny rule for readonly disk
      + 0032-apparmor-libvirt-qemu-Allow-reading-charm-specific-c.patch:
        apparmor, libvirt-qemu: Allow reading charm-specific ceph config
      + 0033-UBUNTU-only-apparmor-for-kvm.powerpc-LP-1680384.patch: allow
        commands executed by ubuntu only kvm wrapper on ppc64el
        (LP 1686621 LP 1680384 LP 1784023)
      + 0034-apparmor-virt-aa-helper-access-for-snapped-nova.patch:
        apparmor, virt-aa-helper: access for snapped nova
      + lp-1815910-allow-vhost-net.patch: avoid apparmor issues
        with vhost-net/vhost-vsock/vhost-scsi hotplug (LP: 1815910)
    - libvirt should not use user/group tss for swtpm (LP 1948880)
      + d/libvirt-daemon-system.postinst: own swtpm logdir by user swtpm
      + d/p/u/swtpm-by-swtpm-user.patch: change default spawned swtpm processes
        to user swtpm and adapt expected self test result changes triggered by
        this
      + d/control: suggest swtpm-tools
      + d/libvirt-daemon-system.postinst: create user/group swtpm if not present
        due to swtpm-tools (LP 1951975)
  * Dropped changes [upstream now]:
    - d/p/backport/qemuDomainSetupDisk-Initialize-targetPaths.patch to work
      in containers like LXD (without guest start would hang).
      [8.1.0]
    - d/p/backport/util-fix-syslog-facility-value.patch to ensure logs
      get passed to syslog/journal correctly.
      [8.1.0]
    - apparmor: Fix QEMU access for UEFI variable files. Backported from
      upstream master commit 7aec69b7fb9d0c. (Closes 1006324, LP 1962035)
      Refresh apparmor_profiles_local_include.patch to resolve the conflict.
      [8.2.0]
    - d/p/ubuntu-aa/0035-apparmor-separate-swtpm-rules.patch: Patch the libvirtd
      and libvirt-qemu apparmor profiles to allow swtpm to use its own profile
      (LP 1968187)
      [8.3.0]
    - d/p/u/lp-1972075-Allow-VM-to-read-sysfs-PCI-config-revision-files.patch:
      apparmor allow new paths used for GL accelerated video (LP 1972075)
      [8.4.0]
  * Dropped changes [no more needed]:
    - d/control: breaks replaces for augeas lenses move in 6.0.0-1
  * Added changes:
    - parallel-shutdown: upstream no more ships libvirt-guests defaults, so
      the Ubuntu customization of it moved to the file replacing it added
      in 8.1.0-1 now in d/libvirt-daemon-system.libvirt-guests.default
      replacing the former 'd/p/u/parallel-shutdown.patch: set parallel
      shutdown by default.'
    - update patches to match 8.6.0
      + d/p/u-aa/0032-apparmor-libvirt-qemu-Allow-reading-charm-specific-c.patch
      + d/p/u/Allow-libvirt-group-to-access-the-socket.patch
      + d/p/u-aa/lp-1815910-allow-vhost-hotplug.patch
      + d/p/u/ovmf_paths.patch
      + d/p/u/swtpm-by-swtpm-user.patch
      + d/p/u/dnsmasq-as-priv-user

 -- Christian Ehrhardt <email address hidden> Fri, 12 Aug 2022 10:34:29 +0200

See original description
Christian Ehrhardt  (paelzer)
Changed in libvirt (Ubuntu):
assignee: nobody → Christian Ehrhardt  (paelzer)
Christian Ehrhardt  (paelzer)
description: updated
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

v9.0.0 was released upstream yesterday.
I hope that Andrea has time to combine all our recent work in Debian with this soon.
I'll then start to merge and test it from Ubuntu's POV which also will be in time to feed back any findings before the Debian release.

Note: There were plenty of change to service/socket handling again. We need to have some extra checks in regard to that on install/upgrade as it was broken in the past.

Christian Ehrhardt  (paelzer)
Changed in libvirt (Ubuntu):
status: New → In Progress
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

FYI: This was stuck in proposed migration due to polkit for too long, given up on waiting on it for now and uploaded again with a change to mitigate that.

Changed in libvirt (Ubuntu):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (9.7 KiB)

This bug was fixed in the package libvirt - 9.0.0-2ubuntu1

---------------
libvirt (9.0.0-2ubuntu1) lunar; urgency=medium

  * Merge 9.0.0-2 from Debian unstable (LP: #1993412)
    Also resolved the ask for a rebuild against recent libxen (LP: #2004163)
    Remaining changes:
    - libvirt-uri.sh, d/rules: Automatically switch default libvirt URI
      for users via user profile (xen URI on dom0, qemu:///system otherwise)
    - Disable libssh2 support (universe dependency)
    - d/control: add libzfslinux-dev to build-deps
    - d/control: drop libvirt-lxc, vbox and xen drivers to suggest
    - debian/patches/ubuntu/ovmf_paths.patch: adjust paths to secboot.fd UEFI
      Secure Boot enabled variants of the OVMF firmware and variable store for
      the paths where we ship these files in Ubuntu.
    - Set qemu-group to kvm (for compat with older ubuntu)
    - Additional apport package-hook
    - Autostart default bridged network (As upstream does, but not Debian).
      In addition to just enabling it our solution provides:
      + do not autostart if subnet is already taken (e.g. in guests).
      + iterate some alternative subnets before giving up
    - d/p/ubuntu/Allow-libvirt-group-to-access-the-socket.patch: This is
      the group based access to libvirt functions as it was used in Ubuntu
      for quite a long time.
      + d/p/ubuntu/daemon-augeas-fix-expected.patch fix some related tests
        due to the group access change.
      + d/libvirt-daemon-system.postinst: add users in sudo to the libvirt
        group.
    - Update README.Debian with Ubuntu changes
    - d/p/ubuntu/ubuntu_machine_type.patch: accept ubuntu types as pci440fx
    - fix autopkgtests (LP 1899180)
      + d/t/control, d/t/smoke-qemu-session: fixup smoke-qemu-session by making
        vmlinuz available and accessible (Debian bug 848314)
      + d/t/control: fix smoke-qemu-session by ensuring the service will run
        installing libvirt-daemon-system
      + d/t/smoke-lxc: fix smoke-lxc by ignoring potential issues on destroy as
        long as the following undefine succeeds
      + d/t/smoke-lxc: use systemd instead of sysV to restart the service
      + d/t/control, d/t/smoke-lxc: retry service restart and skip test if
        failing; This was flaky on some release/architectures
      + d/t/smoke-lxc: retry check_domain being flaky on arm64
    - dnsmasq related enhancements
      + run dnsmasq as libvirt-dnsmasq (LP: 1743718)
      + d/libvirt-daemon-system.postinst: add libvirt-dnsmasq user and group
      + d/libvirt-daemon-system.postrm: remove libvirt-dnsmasq user and group
        on purge
      + d/p/ubuntu/dnsmasq-as-priv-user: write dnsmasq config with user
        libvirt-dnsmasq and adapt the self tests to expect that config
      + d/libvirt-daemon-system.postinst: fix old libvirt-dnsmasq users group
      + Add dnsmasq configuration to work with system wide dnsmasq-base
    - d/p/ubuntu/set-default-machine-to-ubuntu.patch: to select default
      machine type correctly with newer qemu/libvirt
    - d/p/ubuntu/lp-1861125-ubuntu-models: recognize Ubuntu models for
      (LP 1861125) fixups
    - d/p/ubuntu/wait-for-qemu-kvm.patch - avoid hangs ...

Read more...

Changed in libvirt (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.