[libvirt PATCH 00/17] Bump minimum dnsmasq version
Laine Stump
laine at redhat.com
Tue Dec 14 20:06:03 UTC 2021
On 12/14/21 2:09 PM, Ján Tomko wrote:
> This bumps the minimum dnsmasq version to the point where we do not need
> capability probing, reducing it to a version check (which I will be
> happy to remove on request).
>
> Unless I missed something, this also means we no longer need to spawn
> radvd manually.
The code doesn't lie! If removing the bits that were only true for older
dnsmasq removed the lines that ran radvd, then it's true. (I recall that
support for RA was added to dnsmasq fairly soon after the original ipv6
support was added, and radvd was left in libvirt only because there were
so many downstreams that still had an older dnsmasq).
>
> Note that DNSMASQ_CAPS_BINDTODEVICE was the indication of a downstream
> mitigation of a CVE that should no longer be needed if we have
> --bind-dynamic
>
>[...]
> 17 files changed, 83 insertions(+), 569 deletions(-)
Nice!!!
After the minor fixes I noted in 03/17 and 08/17
Reviewed-by: Laine Stump <laine at redhat.com>
/me ponders what I should idly suggest be removed next...
More information about the libvir-list
mailing list