From 49899b221892829523555063f848a97759472b27 Mon Sep 17 00:00:00 2001
From: Laine Stump <laine@laine.org>
Date: Apr 04 2011 16:13:46 +0000
Subject: Fix permissions of /var/lib/libvirt


---

diff --git a/libvirt-0.8.2-fix-var-lib-libvirt-permissions.patch b/libvirt-0.8.2-fix-var-lib-libvirt-permissions.patch
new file mode 100644
index 0000000..2a31031
--- /dev/null
+++ b/libvirt-0.8.2-fix-var-lib-libvirt-permissions.patch
@@ -0,0 +1,44 @@
+From f970d802ab805f1a37af384f148f34e108714034 Mon Sep 17 00:00:00 2001
+From: Eric Blake <eblake@redhat.com>
+Date: Wed, 3 Nov 2010 15:20:24 -0600
+Subject: [PATCH] rpm: fix /var/lib/libvirt permissions
+
+https://bugzilla.redhat.com/show_bug.cgi?id=649511
+
+Regression of forcing 0700 permissions (which breaks guest startup
+because the qemu user can't see /var/lib/libvirt/*.monitor) was
+introduced in commit 66823690e, as part of libvirt 0.8.2.
+
+* libvirt.spec.in (%files): Drop %{_localstatedir}/lib/libvirt,
+since libvirt depends on libvirt-client.
+(%files client): Guarantee 755 permissions on
+%(_localstatedir}/lib/libvirt, since the qemu user must be able to
+do pathname resolution to a subdirectory.
+---
+ libvirt.spec.in |    3 +--
+ 1 files changed, 1 insertions(+), 2 deletions(-)
+
+diff --git a/libvirt.spec.in b/libvirt.spec.in
+index 813e0c0..f77626e 100644
+--- a/libvirt.spec.in
++++ b/libvirt.spec.in
+@@ -770,7 +770,6 @@ fi
+ 
+ %dir %{_localstatedir}/run/libvirt/
+ 
+-%dir %{_localstatedir}/lib/libvirt/
+ %dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/images/
+ %dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/boot/
+ %dir %attr(0700, root, root) %{_localstatedir}/cache/libvirt/
+@@ -862,7 +861,7 @@ fi
+ 
+ %{_sysconfdir}/rc.d/init.d/libvirt-guests
+ %config(noreplace) %{_sysconfdir}/sysconfig/libvirt-guests
+-%dir %attr(0700, root, root) %{_localstatedir}/lib/libvirt
++%dir %attr(0755, root, root) %{_localstatedir}/lib/libvirt/
+ 
+ %if %{with_sasl}
+ %config(noreplace) %{_sysconfdir}/sasl2/libvirt.conf
+-- 
+1.7.3.4
+
diff --git a/libvirt.spec b/libvirt.spec
index a9fade6..e0e4158 100644
--- a/libvirt.spec
+++ b/libvirt.spec
@@ -185,7 +185,7 @@
 Summary: Library providing a simple API virtualization
 Name: libvirt
 Version: 0.8.2
-Release: 3%{?dist}%{?extra_release}
+Release: 4%{?dist}%{?extra_release}
 License: LGPLv2+
 Group: Development/Libraries
 Source: http://libvirt.org/sources/libvirt-%{version}.tar.gz
@@ -205,6 +205,7 @@ Patch11: libvirt-0.8.2-11-storage-vol-backing.patch
 Patch12: libvirt-0.8.2-apply-iptables-sport-mapping.patch
 # CVE-2011-1146
 Patch13: libvirt-0.8.2-read-only-checks.patch
+Patch14: libvirt-0.8.2-fix-var-lib-libvirt-permissions.patch
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
 URL: http://libvirt.org/
 BuildRequires: python-devel
@@ -453,6 +454,7 @@ of recent versions of Linux (and other OSes).
 %patch11 -p1
 %patch12 -p1
 %patch13 -p0
+%patch14 -p1
 
 %build
 %if ! %{with_xen}
@@ -940,6 +942,9 @@ fi
 %endif
 
 %changelog
+* Mon Apr  4 2011 Laine Stump <laine@redhat.com> 0.8.2-4
+- fix permissions on /var/lib/libvirt
+
 * Wed Mar 16 2011 Daniel Veillard <veillard@redhat.com> - 0.8.2-3
 - fix one crash in the the error handling for previous patch