See [0]: "QEMU_OPTS is something that should be set by people running VM
tests interactively, to do port forwardings etc.
We really should not poke with it from the test script - that's what
virtualisation.qemu.options is for."
[0]: https://github.com/NixOS/nixpkgs/pull/119615#discussion_r624145020
Co-authored-by: Florian Klink <flokli@flokli.de>
Fixes these two deprecation warnings, by moving away from these options
towards a simple listener configuration.
> The 'bind_address' option is now deprecated and will be removed in a future version. The behaviour will default to true.
> The 'port' option is now deprecated and will be removed in a future version. Please use 'listener' instead.
Fixes: #120860
It can still network, it can only access the ssl related files if ssl is
enabled.
✗ PrivateNetwork= Service has access to the host's network 0.5
✗ RestrictAddressFamilies=~AF_(INET|INET6) Service may allocate Internet sockets 0.3
✗ DeviceAllow= Service has a device ACL with some special devices 0.1
✗ IPAddressDeny= Service does not define an IP address allow list 0.2
✗ RootDirectory=/RootImage= Service runs within the host's root directory 0.1
✗ RestrictAddressFamilies=~AF_UNIX Service may allocate local sockets 0.1
→ Overall exposure level for mosquitto.service: 1.1 OK 🙂
###### Motivation for this change
Update to latest upstream version
###### Things done
* [ ] Tested using sandboxing ([nix.useSandbox](http://nixos.org/nixos/manual/options.html#opt-nix.useSandbox) on NixOS, or option `sandbox` in [`nix.conf`](http://nixos.org/nix/manual/#sec-conf-file) on non-NixOS linux)
* Built on platform(s)
* [x] NixOS
* [ ] macOS
* [ ] other Linux distributions
* [ ] Tested via one or more NixOS test(s) if existing and applicable for the change (look inside [nixos/tests](https://github.com/NixOS/nixpkgs/blob/master/nixos/tests))
* [ ] Tested compilation of all pkgs that depend on this change using `nix-shell -p nix-review --run "nix-review wip"`
* [x] Tested execution of all binary files (usually in `./result/bin/`)
* [ ] Determined the impact on package closure size (by running `nix path-info -S` before and after)
* [ ] Ensured that relevant documentation is up to date
* [x] Fits [CONTRIBUTING.md](https://github.com/NixOS/nixpkgs/blob/master/.github/CONTRIBUTING.md).
Tested building qemu_kvm, qemu_full, and qemu_test on x86_64-linux.
Also tested booting a VM generated with nixos-rebuild build-vm.
I wasn't able to test building pkgsMusl.qemu_kvm, because of many
build failures in dependencies.
