Juan Quintela noticed that when he restarted libvirt he was getting
extra iptables rules added by libvirt even though he didn't have any
libvirt networks that used iptables rules. It turns out this also
happens if the firewalld service is restarted. The extra rules are
just the private chains, and they're sometimes being added
unnecessarily because they are added separately in a global
networkPreReloadFirewallRules() that does the init if there are any
active networks, regardless of whether or not any of those networks
will actually add rules to the host firewall.

The fix is to change the check for "any active networks" to instead
check for "any active networks that add firewall rules".

(NB: although the timing seems suspicious, this isn't a new regression
caused by the recently pushed f5418b42 (which forces recreation of
private chains when firewalld is restarted); it was an existing bug
since iptables rules were first put into private chains, even after
commit c6cbe187 delayed creation of the private chains. The
implication is that any downstream based on v5.1.0 or later that cares
about these extraneous (but harmless) private chains would want to
backport this patch (along with the other two if they aren't already
there))
Signed-off-by: NLaine Stump <laine@redhat.com>
Reviewed-by: NDaniel Henrique Barboza <danielhb413@gmail.com>

Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

Now that we're storing libvirt.pot in git, it will be in srcdir instead
of builddir. Weblate is responsible for running msgmerge when the .pot
file changes, so add a warning that this target is not for general usage.
Reviewed-by: NPavel Hrdina <phrdina@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

Reviewed-by: NPavel Hrdina <phrdina@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

We're no longer using Zanata, so remove the old push/pull rules.
Reviewed-by: NPavel Hrdina <phrdina@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

The old information about managing PO files was outdated, as we're
managing files in a different way with Weblate. This also introduces a
badge showing the translation progress across languages.
Reviewed-by: NPavel Hrdina <phrdina@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

Until libvirt 2.5.0 we didn't have a real process for release
notes in place, and we just published the list of commits that
had made it into each release, dividing them into categories that
mostly matched the sections we use today. Those documents haven't
been relevant for years, but they're still in the git repository
and collectively take up almost 2 MiB of disk space.

Let's import the only valuable piece of information they contain,
the release date for each libvirt versions, into the current
document and then drop them for good.
Signed-off-by: NAndrea Bolognani <abologna@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

Instead of storing release notes as XML and then converting them
to HTML and ASCII at build time using XSLT and a custom script,
we can use reStructuredText as both the source and ASCII
representation and generate HTML from it using the same tooling
we already use for the rest of the documentation.
Signed-off-by: NAndrea Bolognani <abologna@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

The ASCII output our scripts produce is already very close to
reStructuredText, and with just a few extra tweaks we can get
almost all of the way there.
Signed-off-by: NAndrea Bolognani <abologna@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

The example was missing the 'create' command.
Signed-off-by: NJán Tomko <jtomko@redhat.com>
Reported-by: NRoland Clobus <rclobus@rclobus.nl>

Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

If virDomainUpdateDeviceFlags() was used to update an <interface>, and
the interface type changed from type='network' where the network was
an unmanaged bridge (so actualType == bridge) to type='bridge'
(i.e. actualType *also* == bridge), the update would fail due to the
perceived change in type.

In practice it is okay to switch between any interface types that end
up using a tap device, since libvirt just needs to attach the device
to a new bridge. But in this case we were erroneously rejecting it due
to a conditional that was too restrictive. This is what the code was doing:

  if (old->type != new->type)
     [allow update]
  else
     if ((oldActual == bridge and newActual == network)
         || (oldActual == network and newActual == bridge)) {
         [allow update]
     else
         [error]

In the case described above though, old->type and new->type don't match,
but oldActual and newActual are both 'bridge', so we get an error.

This patch changes the inner conditional so that any combination of
'network' and 'bridge' for oldActual and newActual, since they both
use a tap device connected to a bridge.
Signed-off-by: NLaine Stump <laine@redhat.com>
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>

Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/Signed-off-by: NFedora Weblate Translation <i18n@lists.fedoraproject.org>

Currently translated at 100.0% (9803 of 9803 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/uk/Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

Weblate gets confused if the same email address is mentioned multiple
times in the translation headers. Dedupe authors so that each author
is mentioned only once, with a range of years listed.
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

Since we're storing the libvirt.pot file in git now, we should pull from
the source dir, not the build dir.
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

To integrate with weblate the only practical option currently is to
store the .pot file in git. This is required so that it can add new
languages by cloning the .pot file. It also enables weblate to run
msgmerge on the languages whenever pulling in new changes from git.

The pot file will have to be the full content including the source
locations, so this is going to result in unpleasant diffs when it
is updated periodically.
Reviewed-by: NPavel Hrdina <phrdina@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

We previously adopted a minimization technique for po files which
stripped source locations and non-translated msgids in order to save
space in the git repos and have saner commit diffs.

At this time it is not possible to integrate with weblate while having
non-translated msgids stripped, as it will immediately add them back
again.

By keeping all non-translated msgids, our .po files are about x2 the
size at 37 MB vs the original 18 MB. This is still way better than the
original po/ directory which was 109 MB. We're saving 38 MB by still
omitting source file locations, and another 34 MB are saved by the
dropping of all languages which are 100% untranslated.
Reviewed-by: NPavel Hrdina <phrdina@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

The .po files are stored with strings in alphabetical order instead of
source file location order, because this minimizes the diffs created
when code moves around within or between files.

By default msgmerge will honour the order of strings in the .pot file
when creating a .po file, so it is useful if we also create the .pot
file with desired ordering.
Reviewed-by: NPavel Hrdina <phrdina@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

A .mini.po file is exactly the same format as a .po file. We just used
the alternative extension as we wanted to be able to store both full and
minimized forms in the same directory.

This complicates integration with some translation tools, however, which
only really expect to see $LANG.po as a filename.

With this change we drop the rules for creating non-minimized po files,
and thus the po/*.po are always minimized. A useful side effect is that
we no longer run msgmerge during creation of the gmo files, and thus
don't need to have a date override to get reproducible builds.
Reviewed-by: NPavel Hrdina <phrdina@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

Reviewed-by: NPavel Hrdina <phrdina@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

There is no need to keep .po files which are 100% untranslated in
git. New languages can be added on demand.
Reviewed-by: NPavel Hrdina <phrdina@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

To enable translation management systems to add new languages they need
to be able to modify the supported language list. The LINGUAS file is a
simple standard format that can be used for the language list, as this
is easier than modifying make variables.
Reviewed-by: NPavel Hrdina <phrdina@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

The previous fix accidentally picked up a debug change that put
alignment back at 4, not 8, bytes as it claimed:

  commit 37ae0426
  Author: Daniel P. Berrangé <berrange@redhat.com>
  Date:   Wed Jun 3 11:18:23 2020 +0100

    conf: force 8 byte alignment for virObjectEvent
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

A few new individuals have contributed to libvirt since the last
time the gitdm configuration was updated.
Signed-off-by: NAndrea Bolognani <abologna@redhat.com>
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>

We need to be able to cast from virObjectEventPtr to one of
its many subclasses. Some of these subclasses have 8 byte
alignment on 32-bit platforms, but virObjectEventPtr only
has 4 byte alignment.

Previously the virObject base class had 8 byte alignment
but this dropped to 4 byte when converted to inherit from
GObject. This introduces cast alignment warnings on 32-bit:

../../src/conf/domain_event.c: In function 'virDomainEventDispatchDefaultFunc':
../../src/conf/domain_event.c:1656:30: error: cast increases required alignment of target type [-Werror=cast-align]
 1656 |             rtcChangeEvent = (virDomainEventRTCChangePtr)event;
      |                              ^
../../src/conf/domain_event.c:1785:34: error: cast increases required alignment of target type [-Werror=cast-align]
 1785 |             balloonChangeEvent = (virDomainEventBalloonChangePtr)event;
      |                                  ^
../../src/conf/domain_event.c:1896:35: error: cast increases required alignment of target type [-Werror=cast-align]
 1896 |             blockThresholdEvent = (virDomainEventBlockThresholdPtr)event;
      |                                   ^
../../src/conf/domain_event.c: In function 'virDomainQemuMonitorEventDispatchFunc':
../../src/conf/domain_event.c:1974:24: error: cast increases required alignment of target type [-Werror=cast-align]
 1974 |     qemuMonitorEvent = (virDomainQemuMonitorEventPtr)event;
      |                        ^
../../src/conf/domain_event.c: In function 'virDomainQemuMonitorEventFilter':
../../src/conf/domain_event.c:2179:20: error: cast increases required alignment of target type [-Werror=cast-align]
 2179 |     monitorEvent = (virDomainQemuMonitorEventPtr) event;
      |                    ^

Forcing 8-byte alignment on virObjectEventPtr removes the
alignment increase during casts to subclasses.
Reviewed-by: NPavel Hrdina <phrdina@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

QEMU added the machine types for the 5.1 release so let's update them.

Other notable changes are 'cpu-throttle-tailslow' migration property,
'zlib' compression for qcow2 images and absrtact socket support.
Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>

This is convenience macro, use it more. This commit was generated
using the following spatch:

  @@
  symbol node;
  identifier old;
  identifier ctxt;
  type xmlNodePtr;
  @@
  - xmlNodePtr old;
  + VIR_XPATH_NODE_AUTORESTORE(ctxt);
    ...
  - old = ctxt->node;
    ... when != old
  - ctxt->node = old;

  @@
  symbol node;
  identifier old;
  identifier ctxt;
  type xmlNodePtr;
  @@
  - xmlNodePtr old = ctxt->node;
  + VIR_XPATH_NODE_AUTORESTORE(ctxt);
    ... when != old
  - ctxt->node = old;
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

This reverts b897973f

Even though it may have been the case in the past, relative
XPaths don't overwrite the ctxt->node. Thus, there's no need to
save it.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

Similar to commits 55ce6564 and 6c17606b in the qemu driver, make
separate copies of persistent and live device config and normalize the MAC
address between the two. This avoids having different MAC address for the
persistent and live config, ensuring the device has the same address when
the persistent config takes affect after a VM restart.
Signed-off-by: NJim Fehlig <jfehlig@suse.com>
Reviewed-by: NLaine Stump <laine@redhat.com>

Prior to 2621d48f "gnulib: delete all gnulib integration",
one could pass ./autogen.sh --no-git to prevent the libvirt build
system from running git submodule update.

This feature is needed by systems like the Xen Project CI which want
to explicitly control the revisions of every tree.  These will
typically arrange to initialise the submodules check out the right
version of everything, and then expect the build system not to mess
with it any more.

Despite to the old documentation comments referring only to gnulib,
the --no-git feature is required not only because of gnulib but also
because of the other submodule, src/keycodemapdb.

(And in any case, even if it were no longer required because all the
submodules were removed, it ought ideally to have been retained as a
no-op for compaibility reasons.)

So restore the --no-git feature.

Because of the way the argument parsing of autogen.sh works, it is
easiest to recognise this option only if it comes first.  This works
for the Xen Project CI, which has always passed this option first.

If something else is using this option (and hasn't introduced a
different workaround in the meantime), not in the first position,
then perhaps a more sophisticated approach will be needed.  But I
think this will do for now.
Signed-off-by: NIan Jackson <ian.jackson@eu.citrix.com>
Reviewed-by: NPavel Hrdina <phrdina@redhat.com>

The primary git repository is the one on GitLab these days.
Signed-off-by: NAndrea Bolognani <abologna@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

As the name clearly implies, it's supposed to list the .html.in
files that are generated from .rst files, but it mistakenly lists
the corresponding .html files instead.
Signed-off-by: NAndrea Bolognani <abologna@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

The variable cleanup introduced a typo.
Signed-off-by: NJán Tomko <jtomko@redhat.com>
Fixes: 08071ec0
Reported-by: Bronek Kozicki
Closes: https://gitlab.com/libvirt/libvirt/-/issues/27

We still point to git repositories hosted on libvirt.org in various
places. Replace the links to their gitlab.com equivalents.

Note that GitLab is trying to be smart here and
  https://gitlab.com/libvirt/libvirt
redirects to
  https://gitlab.com/libvirt/libvirt.git
when doing a 'git clone' and vice-versa when visiting from the
browser, so I only kept the .git suffix in places that explicitly
mentioned 'git clone'.
Signed-off-by: NJán Tomko <jtomko@redhat.com>
Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>

Also note that it's archived, because it's definitely
not maintained anymore.
Signed-off-by: NJán Tomko <jtomko@redhat.com>
Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>

We've had no tarballs for almost 10 years.

Give up and delete the commented out links to them.
Signed-off-by: NJán Tomko <jtomko@redhat.com>
Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>

To avoid bugs with mixing of g_object_(ref|unref) vs
virObject(Ref|Unref), we want every virObject to be
a GObject.
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

Memory allocated using g_object_new must never be released using
VIR_FREE/g_free because g_object_new uses a special allocation
strategy internally.
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

The ref count will be private to the GObject base class
and we must not peek at it, even for debugging messages.
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>