Re: [PATCH 0/7 v3] tools/hotplug: systemd changes for 4.5

[Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>]

On Wed, Dec 31, 2014 at 10:31:06AM -0500, Konrad Rzeszutek Wilk wrote:
> On Mon, Dec 22, 2014 at 09:06:40AM +0100, Olaf Hering wrote:
> > On Fri, Dec 19, Konrad Rzeszutek Wilk wrote:
> > 
> > > On Fri, Dec 19, 2014 at 12:25:26PM +0100, Olaf Hering wrote:
> > > > This is a resend of these two series:
> > > > http://lists.xenproject.org/archives/html/xen-devel/2014-12/msg00858.html
> > > > http://lists.xenproject.org/archives/html/xen-devel/2014-12/msg00669.html
> > > > 
> > > > New in v3 is a wrapper to run xenstored. See its patch description
> > > > for details.
> > > > 
> > > > Patch 2-6 should be applied for 4.5.0.

IanJ, Wei, IanC, please read below.

Patch #2-#6:

Release-Acked-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Tested-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>

#2,#3 has an Ack

#4 ("tools/hotplug: use xencommons as EnvironmentFile in xenconsoled.service")
#5 ("tools/hotplug: use XENCONSOLED_TRACE in xenconsoled.service")
#6 ("tools/hotplug: remove EnvironmentFile from xen-qemu-dom0-disk-backend.service")

need Acks. 

> > > > 
> > > > The first and the last one still has issues with xenstored and
> > > > SELinux. See below.  Up to now no solution is known to me.
> > > > 
> > > > 
> > > > The first patch fixes Arch Linux and does not break anything.  As such
> > > > it should be safe to be applied for 4.5.0.  SELinux users (who build
> > > > from source) should put their special mount options into fstab. Distro

For patch #1 ("tools/hotplug: remove SELinux options from var-lib-xenstored.mount")

Release-Acked-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Tested-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>

with the below change to README file. It also needs an Ack.

For patch #7 (" tools/hotplug: add wrapper to start xenstored")

Tested-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
However there is a question in there for Ian:

"The place of the wrapper is currently LIBEXEC_BIN, it has to be
decided what the final location is supposed to be. IanJ wants it in
"/etc".
"

IanJ - any specific reasons for having it in /etc instead of
LIBEXEC_BIN? This is in regards to the introduction of this file:

	diff --git a/tools/hotplug/Linux/xenstored.sh.in b/tools/hotplug/Linux/xenstored.sh.in
	new file mode 100644
	index 0000000..dc806ee
	--- /dev/null
	+++ b/tools/hotplug/Linux/xenstored.sh.in
	@@ -0,0 +1,6 @@
	+#!/bin/sh
	+if test -n "$XENSTORED_TRACE"
	+then
	+       XENSTORED_ARGS=" -T /var/log/xen/xenstored-trace.log"
	+fi
	+exec $XENSTORED $@ $XENSTORED_ARGS


> > > 
> > > Could you elaborate what that is? As in what is that 'special mount options'?
> > 
> > The context= mount option, about which we argue since a few weeks?
> 
> You said 'special mount options into fstab' ? Is that the same as 'context='??
> (checks the manpage) AHA, it is!
> 
> 
> In which case would it just to say that this needs to be added as
> a workaround:
> 
> xenstored /var/lib/xenstored xenstored context="system_u:object_r:xenstored_var_lib_t:s0" 1 1

To be exact:

tmpfs                   /var/lib/xenstored      tmpfs   mode=755,context="system_u:object_r:xenstored_var_lib_t:s0" 0 0

> 
> > See patch #1.
> > 
> > > > packages will most likely include a proper .service file.
> > > > 
> > > > 
> > > > The last patch addresses the XENSTORED_TRACE issue. But SELinux will
> > > > most likely still not work.
> > > > 
> > > > Possible ways to handle launching xenstored and SELinux:
> > > > 
> > > > - do nothing
> > > >   pro: - no Xen source changes required
> > > >   con: - possible unhappy users who build from source and still have
> > > >          SELinux enabled
> > > 
> > > At this stage I prefer this and just have in the release notes the
> > > work-around documented.
> > 
> > Which workaround is that? No SELinux on Fedora?
> 
> That is not an option.
> 
> The workaround is to document what the 'context' is .. or whatever
> else is needed to make this work.

Such as this might be good (Or perhaps move it to the INSTALL file)

diff --git a/README b/README
index 412607a..7d74214 100644
--- a/README
+++ b/README
@@ -33,6 +33,26 @@ This file contains some quick-start instructions to install Xen on
 your system. For more information see http:/www.xen.org/ and
 http://wiki.xen.org/
 
+Release Issues
+==============
+
+While we did the utmost to get a release out, there are certain
+fixes which were not complete on time. As such please reference this
+section if you are running into trouble.
+
+    * systemd not working with Fedora Core 20, 21 or later (systemctl
+      reports xenstore failing to start).
+
+      Systemd support is now part of Xen source code. While utmost work has
+      been done to make the systemd files compatible across all the
+      distributions, there might issues when using systemd files from
+      Xen sources. The work-around is to define an mount entry in
+      /etc/fstab as follow:
+
+      tmpfs                   /var/lib/xenstored      tmpfs
+      mode=755,context="system_u:object_r:xenstored_var_lib_t:s0" 0 0
+
+
 Quick-Start Guide
 =================
 
> 
> > 
> > Olaf
> 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xen.org
> http://lists.xen.org/xen-devel