From 00a801aee140c91ae968ffad271fc85702ff80ff Mon Sep 17 00:00:00 2001 From: Mark Asselstine Date: Fri, 22 Dec 2017 15:57:44 -0500 Subject: dnsmasq: add dnsmasq.d entries for lxc and libvirt A while ago changes were merged to meta-openembedded to make /etc/dnsmasq.d (and specifically the files it contains) referenced when the main instance of dnsmasq is run (see dnsmasq.service and commit ba665493a0dd [dnsmasq: allow for dnsmasq instances to reuse default dnsmasq.conf]). We, however, continued to modify the global configuration (/etc/dnsmasq.conf) to keep the main instance of dnsmasq from attaching to virbr0 and lxcbr0, by using 'bind-dynamic'. This approach is problematic, since it is common that other instances of dnsmasq will make use of the global configuration file and may have incompatible options. We see this for example when attempting to start lxc-net which will attempt to use 'bind-interface' which is incompatible with 'bind-dynamic' that we were adding to the global configuration. Here we remove our change to the global configuration (leaving it mostly empty as it should be) and instead have lxc and libvirt packages instruct the global instance not to bind to virbr0 and lxcbr0 by adding configuration files to /etc/dnsmasq.d (setting except-interface). The added benefit to this approach is that if lxc or libvirt are not part of an image the global configuration will not be modified in such a way as to expect that they are present. Signed-off-by: Mark Asselstine Signed-off-by: Bruce Ashfield --- recipes-extended/libvirt/libvirt/dnsmasq.conf | 2 ++ recipes-extended/libvirt/libvirt_1.3.5.bb | 6 ++++++ 2 files changed, 8 insertions(+) create mode 100644 recipes-extended/libvirt/libvirt/dnsmasq.conf (limited to 'recipes-extended/libvirt') diff --git a/recipes-extended/libvirt/libvirt/dnsmasq.conf b/recipes-extended/libvirt/libvirt/dnsmasq.conf new file mode 100644 index 00000000..a7c30598 --- /dev/null +++ b/recipes-extended/libvirt/libvirt/dnsmasq.conf @@ -0,0 +1,2 @@ +bind-interfaces +except-interface=virbr0 diff --git a/recipes-extended/libvirt/libvirt_1.3.5.bb b/recipes-extended/libvirt/libvirt_1.3.5.bb index 8ed2505e..e7a2b235 100644 --- a/recipes-extended/libvirt/libvirt_1.3.5.bb +++ b/recipes-extended/libvirt/libvirt_1.3.5.bb @@ -27,6 +27,7 @@ SRC_URI = "http://libvirt.org/sources/libvirt-${PV}.tar.gz;name=libvirt \ file://tools-add-libvirt-net-rpc-to-virt-host-validate-when.patch \ file://libvirtd.sh \ file://libvirtd.conf \ + file://dnsmasq.conf \ file://runptest.patch \ file://run-ptest \ file://tests-allow-separated-src-and-build-dirs.patch \ @@ -219,6 +220,7 @@ require libvirt-python.inc do_install_append() { install -d ${D}/etc/init.d install -d ${D}/etc/libvirt + install -d ${D}/etc/dnsmasq.d install -m 0755 ${WORKDIR}/libvirtd.sh ${D}/etc/init.d/libvirtd install -m 0644 ${WORKDIR}/libvirtd.conf ${D}/etc/libvirt/libvirtd.conf @@ -266,6 +268,10 @@ do_install_append() { # Add hook support for libvirt mkdir -p ${D}/etc/libvirt/hooks + # Force the main dnsmasq instance to bind only to specified interfaces and + # to not bind to virbr0. Libvirt will run its own instance on this interface. + install -m 644 ${WORKDIR}/dnsmasq.conf ${D}/${sysconfdir}/dnsmasq.d/libvirt-daemon + # remove .la references to our working diretory for i in `find ${D}${libdir} -type f -name *.la`; do sed -i -e 's#-L${B}/src/.libs##g' $i -- cgit v1.2.3-54-g00ecf