Update patches

debian/patches/Autodetect-if-the-remote-nc-command-supports-the-q-o.patch

@@ -16,10 +16,10 @@ Bug: https://bugzilla.redhat.com/show_bug.cgi?id=614420
  1 files changed, 40 insertions(+), 7 deletions(-)
 
 diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
-index 4ca0d3b..27757ce 100644
+index 71dd68f..d2da193 100644
 --- a/src/remote/remote_driver.c
 +++ b/src/remote/remote_driver.c
-@@ -738,7 +738,8 @@ doRemoteOpen (virConnectPtr conn,
+@@ -744,7 +744,8 @@ doRemoteOpen (virConnectPtr conn,
      }
  
      case trans_ssh: {
@@ -29,7 +29,7 @@ index 4ca0d3b..27757ce 100644
  
          if (username) nr_args += 2; /* For -l username */
          if (no_tty) nr_args += 5;   /* For -T -o BatchMode=yes -e none */
-@@ -771,12 +772,44 @@ doRemoteOpen (virConnectPtr conn,
+@@ -777,12 +778,44 @@ doRemoteOpen (virConnectPtr conn,
              cmd_argv[j++] = strdup ("none");
          }
          cmd_argv[j++] = strdup (priv->hostname);

debian/patches/Debianize-libvirt-guests.patch

@@ -9,7 +9,7 @@ Origin: vendor
  2 files changed, 17 insertions(+), 32 deletions(-)
 
 diff --git a/tools/libvirt-guests.init.sh b/tools/libvirt-guests.init.sh
-index 8823d06..7480c32 100644
+index f247e5e..e69570c 100644
 --- a/tools/libvirt-guests.init.sh
 +++ b/tools/libvirt-guests.init.sh
 @@ -4,8 +4,8 @@
@@ -75,7 +75,7 @@ index 8823d06..7480c32 100644
  
  RETVAL=0
  
-@@ -296,8 +282,7 @@ gueststatus() {
+@@ -303,8 +289,7 @@ gueststatus() {
  
  # rh_status
  # Display current status: whether saved state exists, and whether start

debian/patches/Do-not-add-drive-boot-on-param-when-a-kernel-is-spec.patch

-From: Jim Fehlig <jfehlig@novell.com>
-Date: Thu, 17 Feb 2011 14:22:55 -0700
-Subject: Do not add drive 'boot=on' param when a kernel is specified
-
-libvirt-tck was failing several domain tests [1] with qemu 0.14, which
-is now less tolerable of specifying 2 bootroms with the same boot index [2].
-
-Drop the 'boot=on' param if kernel has been specfied.
-
-[1] https://www.redhat.com/archives/libvir-list/2011-February/msg00559.html
-[2] http://lists.nongnu.org/archive/html/qemu-devel/2011-02/msg01892.html
----
- src/qemu/qemu_command.c |    2 +-
- 1 files changed, 1 insertions(+), 1 deletions(-)
-
-diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
-index 05f427c..35e54b4 100644
---- a/src/qemu/qemu_command.c
-+++ b/src/qemu/qemu_command.c
-@@ -3116,7 +3116,7 @@ qemuBuildCommandLine(virConnectPtr conn,
-         int bootCD = 0, bootFloppy = 0, bootDisk = 0;
- 
-         /* If QEMU supports boot=on for -drive param... */
--        if (qemuCmdFlags & QEMUD_CMD_FLAG_DRIVE_BOOT) {
-+        if (qemuCmdFlags & QEMUD_CMD_FLAG_DRIVE_BOOT && !def->os.kernel) {
-             for (i = 0 ; i < def->os.nBootDevs ; i++) {
-                 switch (def->os.bootDevs[i]) {
-                 case VIR_DOMAIN_BOOT_CDROM:
--- 

debian/patches/Don-t-pass-empty-arguments-to-dnsmasq.patch

-From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx@sigxcpu.org>
-Date: Fri, 18 Feb 2011 15:47:48 +0100
-Subject: Don't pass empty arguments to dnsmasq
-
-unbreaks dnsmasq >= 2.56
----
- src/network/bridge_driver.c |    2 +-
- 1 files changed, 1 insertions(+), 1 deletions(-)
-
-diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
-index c4ee1e8..c8b1e12 100644
---- a/src/network/bridge_driver.c
-+++ b/src/network/bridge_driver.c
-@@ -468,7 +468,7 @@ networkBuildDnsmasqArgv(virNetworkObjPtr network,
-     virCommandAddArgPair(cmd, "--pid-file", pidfile);
- 
-     /* *no* conf file */
--    virCommandAddArgList(cmd, "--conf-file=", "", NULL);
-+    virCommandAddArgList(cmd, "--conf-file=", NULL);
- 
-     virCommandAddArgList(cmd,
-                          "--except-interface", "lo",
--- 

debian/patches/Make-sure-the-rundir-is-accessible-by-the-user.patch

-From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx@sigxcpu.org>
-Date: Wed, 9 Mar 2011 14:15:48 +0100
-Subject: Make sure the rundir is accessible by the user
-
-otherwise the user might not have enough permissions to access the
-socket if root's umask is 077.
-
-http://bugs.debian.org/614210
----
- daemon/libvirtd.c |    4 ++++
- 1 files changed, 4 insertions(+), 0 deletions(-)
-
-diff --git a/daemon/libvirtd.c b/daemon/libvirtd.c
-index f4b3327..7ce75f4 100644
---- a/daemon/libvirtd.c
-+++ b/daemon/libvirtd.c
-@@ -3225,16 +3225,20 @@ int main(int argc, char **argv) {
-     /* Ensure the rundir exists (on tmpfs on some systems) */
-     if (geteuid() == 0) {
-         const char *rundir = LOCALSTATEDIR "/run/libvirt";
-+        mode_t old_umask;
- 
-+        old_umask = umask(022);
-         if (mkdir (rundir, 0755)) {
-             if (errno != EEXIST) {
-                 char ebuf[1024];
-                 VIR_ERROR(_("unable to create rundir %s: %s"), rundir,
-                           virStrerror(errno, ebuf, sizeof(ebuf)));
-                 ret = VIR_DAEMON_ERR_RUNDIR;
-+                umask(old_umask);
-                 goto error;
-             }
-         }
-+        umask(old_umask);
-     }
- 
-     /* Beyond this point, nothing should rely on using
--- 

debian/patches/allow-libvirt-group-to-access-the-socket.patch

@@ -7,7 +7,7 @@ Subject: allow libvirt group to access the socket
  1 files changed, 4 insertions(+), 4 deletions(-)
 
 diff --git a/daemon/libvirtd.conf b/daemon/libvirtd.conf
-index 163a80f..93b010d 100644
+index 3a071b0..36dab4c 100644
 --- a/daemon/libvirtd.conf
 +++ b/daemon/libvirtd.conf
 @@ -78,7 +78,7 @@

debian/patches/fix-Debian-specific-path-to-hvm-loader.patch

@@ -12,10 +12,10 @@ Closes: #517059
  5 files changed, 6 insertions(+), 6 deletions(-)
 
 diff --git a/src/xen/xen_hypervisor.c b/src/xen/xen_hypervisor.c
-index 4a0924f..4d27d92 100644
+index 47355ce..049e2b8 100644
 --- a/src/xen/xen_hypervisor.c
 +++ b/src/xen/xen_hypervisor.c
-@@ -2269,7 +2269,7 @@ xenHypervisorBuildCapabilities(virConnectPtr conn,
+@@ -2330,7 +2330,7 @@ xenHypervisorBuildCapabilities(virConnectPtr conn,
                                                "/usr/lib64/xen/bin/qemu-dm" :
                                                "/usr/lib/xen/bin/qemu-dm"),
                                               (guest_archs[i].hvm ?

debian/patches/patch-qemuMonitorTextGetMigrationStatus-to-intercept.patch

@@ -41,10 +41,10 @@ to savely detect that the command 'info migrate' is not implemented.
  1 files changed, 9 insertions(+), 1 deletions(-)
 
 diff --git a/src/qemu/qemu_monitor_text.c b/src/qemu/qemu_monitor_text.c
-index 6d0ba4c..72455ac 100644
+index 75b2995..4a2e4ab 100644
 --- a/src/qemu/qemu_monitor_text.c
 +++ b/src/qemu/qemu_monitor_text.c
-@@ -1194,7 +1194,15 @@ int qemuMonitorTextGetMigrationStatus(qemuMonitorPtr mon,
+@@ -1190,7 +1190,15 @@ int qemuMonitorTextGetMigrationStatus(qemuMonitorPtr mon,
              *total *= 1024;
  
          }

debian/patches/qemu-disable-network.diff.patch

@@ -8,10 +8,10 @@ Subject: qemu-disable-network.diff
  2 files changed, 0 insertions(+), 6 deletions(-)
 
 diff --git a/src/Makefile.am b/src/Makefile.am
-index 2f94efd..8f85aab 100644
+index c3729a6..017ea32 100644
 --- a/src/Makefile.am
 +++ b/src/Makefile.am
-@@ -1244,9 +1244,6 @@ if WITH_NETWORK
+@@ -1305,9 +1305,6 @@ if WITH_NETWORK
  	    cp $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/default.xml.t \
  	      $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/default.xml && \
  	    rm $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/default.xml.t; }
@@ -22,10 +22,10 @@ index 2f94efd..8f85aab 100644
  
  uninstall-local::
 diff --git a/src/Makefile.in b/src/Makefile.in
-index bff8403..f146183 100644
+index 952f50f..bafbeb2 100644
 --- a/src/Makefile.in
 +++ b/src/Makefile.in
-@@ -5548,9 +5548,6 @@ install-data-local:
+@@ -5746,9 +5746,6 @@ install-data-local:
  @WITH_NETWORK_TRUE@	    cp $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/default.xml.t \
  @WITH_NETWORK_TRUE@	      $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/default.xml && \
  @WITH_NETWORK_TRUE@	    rm $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/default.xml.t; }

debian/patches/remove-RHism.diff.patch

@@ -7,7 +7,7 @@ Subject: remove-RHism.diff
  1 files changed, 1 insertions(+), 1 deletions(-)
 
 diff --git a/tools/virsh.pod b/tools/virsh.pod
-index a2ca384..2086adb 100644
+index d332676..ca43498 100644
 --- a/tools/virsh.pod
 +++ b/tools/virsh.pod
 @@ -97,7 +97,7 @@ Output elapsed time information for each command.

debian/patches/series

@@ -6,7 +6,3 @@ Autodetect-if-the-remote-nc-command-supports-the-q-o.patch
 patch-qemuMonitorTextGetMigrationStatus-to-intercept.patch
 Disable-CHECKSUM-rule.patch
 Debianize-libvirt-guests.patch
-Don-t-pass-empty-arguments-to-dnsmasq.patch
-Do-not-add-drive-boot-on-param-when-a-kernel-is-spec.patch
-Make-sure-the-rundir-is-accessible-by-the-user.patch
-upstream/Add-missing-checks-for-read-only-connections.patch

debian/patches/upstream/Add-missing-checks-for-read-only-connections.patch

-From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx@sigxcpu.org>
-Date: Mon, 14 Mar 2011 10:56:28 +0800
-Subject: Add missing checks for read only connections
-
-As pointed on CVE-2011-1146, some API forgot to check the read-only
-status of the connection for entry point which modify the state
-of the system or may lead to a remote execution using user data.
-The entry points concerned are:
-  - virConnectDomainXMLToNative
-  - virNodeDeviceDettach
-  - virNodeDeviceReAttach
-  - virNodeDeviceReset
-  - virDomainRevertToSnapshot
-  - virDomainSnapshotDelete
-
-* src/libvirt.c: fix the above set of entry points to error on read-only
-                 connections
-
-Closes: #617773
----
- src/libvirt.c |   27 +++++++++++++++++++++++++++
- 1 files changed, 27 insertions(+), 0 deletions(-)
-
-diff --git a/src/libvirt.c b/src/libvirt.c
-index f65cc24..8c70a1f 100644
---- a/src/libvirt.c
-+++ b/src/libvirt.c
-@@ -3152,6 +3152,10 @@ char *virConnectDomainXMLToNative(virConnectPtr conn,
-         virDispatchError(NULL);
-         return NULL;
-     }
-+    if (conn->flags & VIR_CONNECT_RO) {
-+        virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
-+        goto error;
-+    }
- 
-     if (nativeFormat == NULL || domainXml == NULL) {
-         virLibConnError(VIR_ERR_INVALID_ARG, __FUNCTION__);
-@@ -9579,6 +9583,11 @@ virNodeDeviceDettach(virNodeDevicePtr dev)
-         return -1;
-     }
- 
-+    if (dev->conn->flags & VIR_CONNECT_RO) {
-+        virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
-+        goto error;
-+    }
-+
-     if (dev->conn->driver->nodeDeviceDettach) {
-         int ret;
-         ret = dev->conn->driver->nodeDeviceDettach (dev);
-@@ -9622,6 +9631,11 @@ virNodeDeviceReAttach(virNodeDevicePtr dev)
-         return -1;
-     }
- 
-+    if (dev->conn->flags & VIR_CONNECT_RO) {
-+        virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
-+        goto error;
-+    }
-+
-     if (dev->conn->driver->nodeDeviceReAttach) {
-         int ret;
-         ret = dev->conn->driver->nodeDeviceReAttach (dev);
-@@ -9667,6 +9681,11 @@ virNodeDeviceReset(virNodeDevicePtr dev)
-         return -1;
-     }
- 
-+    if (dev->conn->flags & VIR_CONNECT_RO) {
-+        virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
-+        goto error;
-+    }
-+
-     if (dev->conn->driver->nodeDeviceReset) {
-         int ret;
-         ret = dev->conn->driver->nodeDeviceReset (dev);
-@@ -12962,6 +12981,10 @@ virDomainRevertToSnapshot(virDomainSnapshotPtr snapshot,
-     }
- 
-     conn = snapshot->domain->conn;
-+    if (conn->flags & VIR_CONNECT_RO) {
-+        virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
-+        goto error;
-+    }
- 
-     if (conn->driver->domainRevertToSnapshot) {
-         int ret = conn->driver->domainRevertToSnapshot(snapshot, flags);
-@@ -13008,6 +13031,10 @@ virDomainSnapshotDelete(virDomainSnapshotPtr snapshot,
-     }
- 
-     conn = snapshot->domain->conn;
-+    if (conn->flags & VIR_CONNECT_RO) {
-+        virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
-+        goto error;
-+    }
- 
-     if (conn->driver->domainSnapshotDelete) {
-         int ret = conn->driver->domainSnapshotDelete(snapshot, flags);
---