Bug 1378774

Waive this failure.

*** Bug 1436911 has been marked as a duplicate of this bug. ***

Reopening to have a downstream tracker.

Fixed upstream by

commit 1d3963dba5b8fbaa1d465d642d516be530618d25
Refs: v3.2.0-181-g1d3963dba
Author:     Jiri Denemark <jdenemar>
AuthorDate: Wed Apr 12 21:36:01 2017 +0200
Commit:     Jiri Denemark <jdenemar>
CommitDate: Wed Apr 19 11:36:06 2017 +0200

    spec: Avoid RPM verification errors on nwfilter XMLs

    /etc/libvirt/nwfilter/*.xml files are installed with no UUID, which
    means libvirtd will automatically alter all of them once it starts. Thus
    RPM verification will always fail on them. Let's use a trick similar to
    the default network XML and store nwfilter XMLs in /usr/share. They will
    be copied into /etc in %post. Additionally the /etc files are marked as
    %ghost so that they are uninstalled if the RPM package is removed.

    Note that the %post script overwrites existing files with new ones on
    upgrade, which is what has always been happening.

    https://bugzilla.redhat.com/show_bug.cgi?id=1431581
    https://bugzilla.redhat.com/show_bug.cgi?id=1378774

    Signed-off-by: Jiri Denemark <jdenemar>

test on libvirt-3.2.0-4.el7.x86_64, the result is as expected. set this bug to be verified.

reproduce on libvirt-3.2.0-2.el7.x86_64
# rpm -V libvirt-daemon-config-nwfilter
SM5....T.    /etc/libvirt/nwfilter/allow-arp.xml
SM5....T.    /etc/libvirt/nwfilter/allow-dhcp-server.xml
SM5....T.    /etc/libvirt/nwfilter/allow-dhcp.xml
SM5....T.    /etc/libvirt/nwfilter/allow-incoming-ipv4.xml
SM5....T.    /etc/libvirt/nwfilter/allow-ipv4.xml
SM5....T.    /etc/libvirt/nwfilter/clean-traffic.xml
SM5....T.    /etc/libvirt/nwfilter/no-arp-ip-spoofing.xml
SM5....T.    /etc/libvirt/nwfilter/no-arp-mac-spoofing.xml
SM5....T.    /etc/libvirt/nwfilter/no-arp-spoofing.xml
SM5....T.    /etc/libvirt/nwfilter/no-ip-multicast.xml
SM5....T.    /etc/libvirt/nwfilter/no-ip-spoofing.xml
SM5....T.    /etc/libvirt/nwfilter/no-mac-broadcast.xml
SM5....T.    /etc/libvirt/nwfilter/no-mac-spoofing.xml
SM5....T.    /etc/libvirt/nwfilter/no-other-l2-traffic.xml
SM5....T.    /etc/libvirt/nwfilter/no-other-rarp-traffic.xml
SM5....T.    /etc/libvirt/nwfilter/qemu-announce-self-rarp.xml
SM5....T.    /etc/libvirt/nwfilter/qemu-announce-self.xml

stop the libvirtd service, update libvirt to libvirt-3.2.0-4.el7.x86_64
# rpm -ql libvirt-daemon-config-nwfilter
/etc/libvirt/nwfilter/allow-arp.xml
/etc/libvirt/nwfilter/allow-dhcp-server.xml
/etc/libvirt/nwfilter/allow-dhcp.xml
/etc/libvirt/nwfilter/allow-incoming-ipv4.xml
/etc/libvirt/nwfilter/allow-ipv4.xml
/etc/libvirt/nwfilter/clean-traffic.xml
/etc/libvirt/nwfilter/no-arp-ip-spoofing.xml
/etc/libvirt/nwfilter/no-arp-mac-spoofing.xml
/etc/libvirt/nwfilter/no-arp-spoofing.xml
/etc/libvirt/nwfilter/no-ip-multicast.xml
/etc/libvirt/nwfilter/no-ip-spoofing.xml
/etc/libvirt/nwfilter/no-mac-broadcast.xml
/etc/libvirt/nwfilter/no-mac-spoofing.xml
/etc/libvirt/nwfilter/no-other-l2-traffic.xml
/etc/libvirt/nwfilter/no-other-rarp-traffic.xml
/etc/libvirt/nwfilter/qemu-announce-self-rarp.xml
/etc/libvirt/nwfilter/qemu-announce-self.xml
/usr/share/libvirt/nwfilter
/usr/share/libvirt/nwfilter/allow-arp.xml
/usr/share/libvirt/nwfilter/allow-dhcp-server.xml
/usr/share/libvirt/nwfilter/allow-dhcp.xml
/usr/share/libvirt/nwfilter/allow-incoming-ipv4.xml
/usr/share/libvirt/nwfilter/allow-ipv4.xml
/usr/share/libvirt/nwfilter/clean-traffic.xml
/usr/share/libvirt/nwfilter/no-arp-ip-spoofing.xml
/usr/share/libvirt/nwfilter/no-arp-mac-spoofing.xml
/usr/share/libvirt/nwfilter/no-arp-spoofing.xml
/usr/share/libvirt/nwfilter/no-ip-multicast.xml
/usr/share/libvirt/nwfilter/no-ip-spoofing.xml
/usr/share/libvirt/nwfilter/no-mac-broadcast.xml
/usr/share/libvirt/nwfilter/no-mac-spoofing.xml
/usr/share/libvirt/nwfilter/no-other-l2-traffic.xml
/usr/share/libvirt/nwfilter/no-other-rarp-traffic.xml
/usr/share/libvirt/nwfilter/qemu-announce-self-rarp.xml
/usr/share/libvirt/nwfilter/qemu-announce-self.xml

# diff  /usr/share/libvirt/nwfilter/allow-arp.xml /etc/libvirt/nwfilter/allow-arp.xml
#
# service libvirtd start

# diff /usr/share/libvirt/nwfilter/allow-arp.xml /etc/libvirt/nwfilter/allow-arp.xml
< <filter name='allow-arp' chain='arp'>
<   <rule direction='inout' action='accept'/>
---
> <!--
> WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
> OVERWRITTEN AND LOST. Changes to this xml configuration should be made using:
>   virsh nwfilter-edit allow-arp
> or other application using the libvirt API.
> -->
> 
> <filter name='allow-arp' chain='arp' priority='-500'>
>   <uuid>1993f0d9-a295-46ed-bf41-842886bdaecd</uuid>
>   <rule action='accept' direction='inout' priority='500'/>

# rpm -V libvirt-daemon-config-nwfilter
#

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:1846

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:1846