diff options
| author | Kai Kang <kai.kang@windriver.com> | 2025-11-26 15:29:14 +0800 |
|---|---|---|
| committer | Bruce Ashfield <bruce.ashfield@gmail.com> | 2025-12-01 23:44:16 -0500 |
| commit | 4499b1b3f190c87d8f4ede1d64a67fdf3bf21d27 (patch) | |
| tree | 082f987d6b93a1938826002ef34ffa59d02130c4 | |
| parent | 18c8c609913aac602df58f53763ff915e18c7a03 (diff) | |
| download | meta-virtualization-4499b1b3f190c87d8f4ede1d64a67fdf3bf21d27.tar.gz | |
libvirt: set firewall backend priority
If firewall_backend isn't configured in the config file, libvirt will
choose the first available backend from the following list by default:
[nftables, iptables]
so when nftables is installed in image, firewall backend nftables rather
than iptables is adopted.
Add a PACKAGECONFIG to set the firewall backend priority. And update
runtime dependencies for backend nftables.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
| -rw-r--r-- | recipes-extended/libvirt/libvirt_git.bb | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/recipes-extended/libvirt/libvirt_git.bb b/recipes-extended/libvirt/libvirt_git.bb index 681ceade..e9359e1e 100644 --- a/recipes-extended/libvirt/libvirt_git.bb +++ b/recipes-extended/libvirt/libvirt_git.bb | |||
| @@ -15,7 +15,9 @@ DEPENDS = "bridge-utils gnutls libxml2 lvm2 avahi parted curl libpcap util-linux | |||
| 15 | # | 15 | # |
| 16 | RDEPENDS:${PN} = "gettext-runtime" | 16 | RDEPENDS:${PN} = "gettext-runtime" |
| 17 | 17 | ||
| 18 | RDEPENDS:libvirt-libvirtd += "bridge-utils iptables pm-utils dnsmasq netcat-openbsd ebtables" | 18 | RDEPENDS:libvirt-libvirtd += "bridge-utils pm-utils dnsmasq netcat-openbsd ebtables \ |
| 19 | ${@bb.utils.contains('PACKAGECONFIG', 'nftables', 'nftables iproute2-tc', 'iptables', d)} \ | ||
| 20 | " | ||
| 19 | RDEPENDS:libvirt-libvirtd:append:x86-64 = " dmidecode" | 21 | RDEPENDS:libvirt-libvirtd:append:x86-64 = " dmidecode" |
| 20 | RDEPENDS:libvirt-libvirtd:append:x86 = " dmidecode" | 22 | RDEPENDS:libvirt-libvirtd:append:x86 = " dmidecode" |
| 21 | RDEPENDS:libvirt-libvirtd:append:arm = " dmidecode" | 23 | RDEPENDS:libvirt-libvirtd:append:arm = " dmidecode" |
| @@ -175,6 +177,7 @@ PACKAGECONFIG[apparmor_profiles] = "-Dapparmor_profiles=enabled, -Dapparmor_prof | |||
| 175 | PACKAGECONFIG[firewalld] = "-Dfirewalld=enabled, -Dfirewalld=disabled," | 177 | PACKAGECONFIG[firewalld] = "-Dfirewalld=enabled, -Dfirewalld=disabled," |
| 176 | PACKAGECONFIG[libpcap] = "-Dlibpcap=enabled, -Dlibpcap=disabled,libpcap,libpcap" | 178 | PACKAGECONFIG[libpcap] = "-Dlibpcap=enabled, -Dlibpcap=disabled,libpcap,libpcap" |
| 177 | PACKAGECONFIG[numad] = "-Dnumad=enabled, -Dnumad=disabled," | 179 | PACKAGECONFIG[numad] = "-Dnumad=enabled, -Dnumad=disabled," |
| 180 | PACKAGECONFIG[nftables] = "" | ||
| 178 | 181 | ||
| 179 | # Enable the Python tool support | 182 | # Enable the Python tool support |
| 180 | require libvirt-python.inc | 183 | require libvirt-python.inc |
| @@ -313,6 +316,7 @@ do_install:append() { | |||
| 313 | 316 | ||
| 314 | EXTRA_OEMESON += " \ | 317 | EXTRA_OEMESON += " \ |
| 315 | -Dinit_script=${@bb.utils.contains('DISTRO_FEATURES','systemd','systemd','none', d)} \ | 318 | -Dinit_script=${@bb.utils.contains('DISTRO_FEATURES','systemd','systemd','none', d)} \ |
| 319 | -Dfirewall_backend_priority=${@bb.utils.contains('PACKAGECONFIG','nftables','nftables,iptables','iptables,nftables', d)} \ | ||
| 316 | -Drunstatedir=/run \ | 320 | -Drunstatedir=/run \ |
| 317 | -Dtests=enabled \ | 321 | -Dtests=enabled \ |
| 318 | " | 322 | " |