[libvirt] [PATCHv2] build: don't require avahi during install

Eric Blake eblake at redhat.com
Tue Feb 7 19:15:56 UTC 2012


On 02/07/2012 12:05 PM, Laine Stump wrote:
> See: https://bugzilla.redhat.com/show_bug.cgi?id=785269
> 
> The specfile requires avahi during install if libvirt was built with
> avahi support, but there are many situations where it is undesirable
> to install avahi due to security concerns. This patch requires only
> the avahi-libs package, which is needed by libvirt to call the
> function that tries to attach to the avahi daemon, but will instead
> silently fail because the avahi-daemon is in the main avahi package,
> and that package isn't installed.
> ---
> 
> v1 removed the requires completely, but that caused libvirtd to fail
> to load due to missing libraries.
> 
>  libvirt.spec.in |    2 +-
>  1 files changed, 1 insertions(+), 1 deletions(-)
> 
> diff --git a/libvirt.spec.in b/libvirt.spec.in
> index f279d6d..62b0ed4 100644
> --- a/libvirt.spec.in
> +++ b/libvirt.spec.in
> @@ -273,7 +273,7 @@ Requires: module-init-tools
>  # for /sbin/ip & /sbin/tc
>  Requires: iproute
>  %if %{with_avahi}
> -Requires: avahi
> +Requires: avahi-libs

ACK.  This is definitely a nicer solution - we compile against the
library, so we only need the library present, without also firing up the
main daemon.  The library itself is safe whether or not 'avahi' is also
installed.  And based on IRC chats we had in the meantime, I feel more
comfortable that you actually got something tested with 'avahi' uninstalled.

-- 
Eric Blake   eblake at redhat.com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 620 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20120207/262e3715/attachment-0001.sig>


More information about the libvir-list mailing list