From 20ea20bb4ecbdffe897cd0397b31be5444ee7a88 Mon Sep 17 00:00:00 2001
From: Sean Mooney <work@seanmooney.info>
Date: Tue, 5 Nov 2019 22:49:47 +0000
Subject: [PATCH] initial updated for ubuntu 18.04

added apparmor utils
fixed libvirtd.conf and qemu.conf to disable use of polkit
changed to groupadd instead of addgroup

Change-Id: Ia274cb0e7d8536e6d805605f5185906d7a22eb33
---
 README.rst            |  9 +++++++++
 devstack/libs/libvirt | 28 +++++++++++++++++++++++-----
 2 files changed, 32 insertions(+), 5 deletions(-)

diff --git a/README.rst b/README.rst
index f2d3b0d..1902089 100644
--- a/README.rst
+++ b/README.rst
@@ -17,6 +17,15 @@ For more information, refer to the `DevStack Documentation`__, and the
 * Source: http://git.openstack.org/cgit/devstack-plugin-libvirt-qemu/devstack-plugin-libvirt-qemu
 * Bugs: http://bugs.launchpad.net/devstack-plugin-libvirt-qemu
 
+
+Known Issues:
+to disable apparmor before stacking run
+sudo ln -s /etc/apparmor.d/usr.sbin.libvirtd /etc/apparmor.d/disable/usr.sbin.libvirtd
+then reboot for it to take effect.
+
+TODO: fix apparmor support automatically.
+TODO: update support for ubuntu 18.04
+
 __ https://docs.openstack.org/devstack/latest/plugins.html
 __ https://libvirt.org/
 __ http://www.qemu.org/
diff --git a/devstack/libs/libvirt b/devstack/libs/libvirt
index 83c3533..2753f73 100644
--- a/devstack/libs/libvirt
+++ b/devstack/libs/libvirt
@@ -90,6 +90,7 @@ function install_libvirt_src {
         return
     fi
     pushd ${LIBVIRT_DIR}
+        # TODO: use --with-apparmor_profiles
         ./autogen.sh --system
         make -j $(nproc) EXTRA_CFLAGS='-fPIC'
         sudo make install
@@ -98,6 +99,7 @@ function install_libvirt_src {
 }
 
 function install_qemu_src {
+    uninstall_package qemu*
     if [ -e "${QEMU_DIR}/BUILD_COMPLETE" ]; then
         echo "Qemu already built."
         pushd ${QEMU_DIR}
@@ -120,13 +122,16 @@ function add_repositories {
         if ! [[ $(dpkg --get-selections | grep software-properties-common) ]]; then
             sudo_with_proxies apt-get install -y software-properties-common
         fi
+        # TODO: make this use lsb_release or remove as this is likely not needed anymore.
         sudo_with_proxies add-apt-repository -s 'deb http://archive.ubuntu.com/ubuntu/ xenial main'
         sudo_with_proxies apt-get update || /bin/true
     else
+        # NOTE: this may not be needed anymore.
         if ! [[ $(yum repolist | grep ftp.pbone.net_mirror_ftp.centos.org_7_os_x86_64_) ]]; then
             sudo_with_proxies yum-config-manager --add-repo ftp://ftp.pbone.net/mirror/ftp.centos.org/7/os/x86_64/
             sudo_with_proxies yum-config-manager --enable ftp.pbone.net_mirror_ftp.centos.org_7_os_x86_64_
         fi
+        # TODO: remove centos 6 support
         if ! [[ $(yum repolist | grep ftp.pbone.net_mirror_ftp5.gwdg.de_pub_opensuse_repositories_utilities_CentOS_6_) ]]; then
             sudo_with_proxies yum-config-manager --add-repo ftp://ftp.pbone.net/mirror/ftp5.gwdg.de/pub/opensuse/repositories/utilities/CentOS_6/
             sudo_with_proxies yum-config-manager --enable ftp.pbone.net_mirror_ftp5.gwdg.de_pub_opensuse_repositories_utilities_CentOS_6_
@@ -150,11 +155,18 @@ unix_sock_group = "$LIBVIRT_GROUP"
 unix_sock_ro_perms = "0660"
 unix_sock_rw_perms = "0660"
 unix_sock_admin_perms = "0660"
+auth_unix_ro = "none"
+auth_unix_rw = "none"
+auth_tcp = "none"
+auth_tls = "none"
+EOF
+    cat << EOF | sudo tee -a /etc/libvirt/qemu.conf
+security_driver="none"
 EOF
 }
 
 function configure_groups_users {
-    getent group libvirt > /dev/null || sudo addgroup -f -r libvirt
+    getent group libvirt > /dev/null || sudo groupadd -f -r libvirt
     sudo usermod -G libvirt -a root
     getent group kvm > /dev/null || sudo groupadd -f -r kvm
     getent group qemu > /dev/null || sudo groupadd -f -r qemu
@@ -169,17 +181,19 @@ function install_libvirt_qemu_src {
             stop_service libvirt-bin
         fi
         if [ dpkg -s libvirt0 | grep installed > /dev/null ]; then
-            apt-get remove --purge libvirt0
+            # TODO: use uninstall_package
+            sudo apt purge -y libvirt0
         fi
         add_repositories
         install_build_deps libvirt-bin
         install_build_deps qemu-kvm
-        install_package libnuma-dev gcc make build-essential autopoint
+        install_package libnuma-dev gcc make build-essential autopoint apparmor-utils
     else
         if [ rpm -qa | grep libvirtd > /dev/null ]; then
             stop_service libvirtd
         fi
         if [ rpm -qa | grep libvirt0 > /dev/null ]; then
+            # TODO: use uninstall_package
             yum remove libvirt0
         fi
         install_build_deps libvirt
@@ -200,12 +214,16 @@ function install_libvirt_qemu_src {
     configure_groups_users
 
     if is_ubuntu; then
+        stop_service libvirt-bin
         sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.libvirtd || /bin/true
         start_service libvirt-bin
     else
-        start_service libvirtd
+        restart_service libvirtd
     fi
-    start_service virtlogd
+    restart_service virtlogd
+
+    # TODO: support optionally installing form git and check that libvirt python
+    # version is >= libvirt version.
     sudo_with_proxies pip install -U libvirt-python
 }