Rebase to new stable branch version 1.48.3

resolves: rhbz#2059285

Check return values from librpm calls (2089623)
Document limitations of encrypted RBD disks
resolves: rhbz#2033247

0001-New-API-guestfs_device_name-returning-the-drive-name.patch

@@ -1,4 +1,4 @@
-From 135a1767a9cfee6501b39821e4cfbf8310096b70 Mon Sep 17 00:00:00 2001
+From 18472273bb58eff008a0c1aacfe7c21dec6705a1 Mon Sep 17 00:00:00 2001
 From: "Richard W.M. Jones" <rjones@redhat.com>
 Date: Thu, 28 Apr 2022 13:16:54 +0100
 Subject: [PATCH] New API: guestfs_device_name returning the drive name

0002-guestfs_readdir-rewrite-with-FileOut-transfer-to-lif.patch

@@ -1,4 +1,4 @@
-From 21cf5aadf26305ccbd4de25462648344602643e9 Mon Sep 17 00:00:00 2001
+From e77853fd91466181e9963392fbc97d0bf97b8492 Mon Sep 17 00:00:00 2001
 From: Laszlo Ersek <lersek@redhat.com>
 Date: Mon, 2 May 2022 10:56:00 +0200
 Subject: [PATCH] guestfs_readdir(): rewrite with FileOut transfer, to lift

0003-guestfs_readdir-minimize-the-number-of-send_file_wri.patch

@@ -1,4 +1,4 @@
-From e5d1521137dd824b53531299118197eced338673 Mon Sep 17 00:00:00 2001
+From ba6c7a9a609d650c07d26ee4777f18a6730f4028 Mon Sep 17 00:00:00 2001
 From: Laszlo Ersek <lersek@redhat.com>
 Date: Mon, 2 May 2022 10:56:01 +0200
 Subject: [PATCH] guestfs_readdir(): minimize the number of send_file_write()

0004-lib-launch-direct-ignore-drive-iface-parameter.patch

@@ -1,4 +1,4 @@
-From fd9a584f39b6fdab3588715597bdd2d7677f70e9 Mon Sep 17 00:00:00 2001
+From 0279a052dcb859f0c421d2efb92cf3b3d549dcd7 Mon Sep 17 00:00:00 2001
 From: Laszlo Ersek <lersek@redhat.com>
 Date: Wed, 4 May 2022 15:41:52 +0200
 Subject: [PATCH] lib: launch-direct: ignore drive "iface" parameter
@@ -49,7 +49,7 @@ index 00dde3d2a..f1040a0e9 100644
    { defaults with
      name = "lstatlist"; added = (1, 0, 77);
 diff --git a/lib/launch-direct.c b/lib/launch-direct.c
-index 5c91822fb..c07a8d78f 100644
+index b292b9c26..ff0eaeb62 100644
 --- a/lib/launch-direct.c
 +++ b/lib/launch-direct.c
 @@ -296,52 +296,19 @@ static int

0005-lib-drive_create_data-drive-remove-field-iface.patch

@@ -1,4 +1,4 @@
-From cb6b7ce718cb33567a06746208dc4d4e7cab8be6 Mon Sep 17 00:00:00 2001
+From 3db215d52abd929364fe65da74e2f393ee196818 Mon Sep 17 00:00:00 2001
 From: Laszlo Ersek <lersek@redhat.com>
 Date: Wed, 4 May 2022 15:41:53 +0200
 Subject: [PATCH] lib: drive_create_data, drive: remove field "iface"
@@ -163,10 +163,10 @@ index 5bb00bc10..16755cfb3 100644
    char *disk_label;
    char *cachemode;
 diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c
-index 44764f3cc..87da2f40e 100644
+index de342b425..03d69e027 100644
 --- a/lib/launch-libvirt.c
 +++ b/lib/launch-libvirt.c
-@@ -1465,12 +1465,6 @@ construct_libvirt_xml_disk (guestfs_h *g,
+@@ -1472,12 +1472,6 @@ construct_libvirt_xml_disk (guestfs_h *g,
    const char *type, *uuid;
    int r;
  

0006-lib-rename-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch

@@ -1,4 +1,4 @@
-From 1eba1113850c4e5b6b6f89d26bd11d8685b25a26 Mon Sep 17 00:00:00 2001
+From 2fba4170207b5fef8887ef7003725f7f2deea85b Mon Sep 17 00:00:00 2001
 From: Laszlo Ersek <lersek@redhat.com>
 Date: Wed, 4 May 2022 15:41:54 +0200
 Subject: [PATCH] lib: rename VALID_FORMAT_IFACE to VALID_FORMAT

0007-tests-regressions-remove-iface-based-restrictions.patch

@@ -1,4 +1,4 @@
-From b436e306ecf93450651e023763bda3fd954e428e Mon Sep 17 00:00:00 2001
+From 052163a725b8eb430b1f56ee86825cf35c5012d7 Mon Sep 17 00:00:00 2001
 From: Laszlo Ersek <lersek@redhat.com>
 Date: Wed, 4 May 2022 15:41:55 +0200
 Subject: [PATCH] tests/regressions: remove "iface"-based restrictions

0008-generator-customize-invert-SELinux-relabeling-defaul.patch

@@ -1,4 +1,4 @@
-From 16043bb219a5fb4e121550513779af074f2ce0ca Mon Sep 17 00:00:00 2001
+From decf2b497b47e8a49b2384144b198979df2be8eb Mon Sep 17 00:00:00 2001
 From: Laszlo Ersek <lersek@redhat.com>
 Date: Tue, 10 May 2022 12:27:57 +0200
 Subject: [PATCH] generator/customize: invert SELinux relabeling default

0009-update-common-submodule.patch

@@ -1,4 +1,4 @@
-From 6a2a4adfefd9c80884c6a5a565d2d781ba7227fb Mon Sep 17 00:00:00 2001
+From ec3fcb5bf880ce25dc98047903e9d0a090c151f0 Mon Sep 17 00:00:00 2001
 From: Laszlo Ersek <lersek@redhat.com>
 Date: Wed, 11 May 2022 05:26:48 +0200
 Subject: [PATCH] update common submodule

0010-generator-customize-reintroduce-selinux-relabel-as-a.patch

@@ -0,0 +1,42 @@
+From d09099b1da8da93c11aaf51c94e7e456256d6fe9 Mon Sep 17 00:00:00 2001
+From: Laszlo Ersek <lersek@redhat.com>
+Date: Wed, 25 May 2022 09:19:58 +0200
+Subject: [PATCH] generator/customize: reintroduce "--selinux-relabel" as a
+ compat option
+
+Removing "--selinux-relabel" in commit 2f6a27f1077d ("generator/customize:
+invert SELinux relabeling default", 2022-05-11) breaks existing scripts
+that invoke virt-customize and/or virt-sysprep with that option. Restore
+the option, with no functionality tied to it.
+
+Fixes: 2f6a27f1077d32d1ab526427052fc88e188356f7
+Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2089748
+Signed-off-by: Laszlo Ersek <lersek@redhat.com>
+Message-Id: <20220525071958.9612-1-lersek@redhat.com>
+Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
+(cherry picked from commit 4b9ee1052a4396621485fdd56d6826714e7481b1)
+---
+ generator/customize.ml | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/generator/customize.ml b/generator/customize.ml
+index 9634dad85..5abaf206f 100644
+--- a/generator/customize.ml
++++ b/generator/customize.ml
+@@ -581,6 +581,13 @@ option disables the automatic relabeling.
+ The option is a no-op for guests that do not support SELinux.";
+   };
+ 
++  { flag_name = "selinux-relabel";
++    flag_type = FlagBool false;
++    flag_ml_var = "selinux_relabel_ignored";
++    flag_shortdesc = "Compatibility option doing nothing";
++    flag_pod_longdesc = "This is a compatibility option that does nothing.";
++  };
++
+   { flag_name = "sm-credentials";
+     flag_type = FlagSMCredentials "SELECTOR";
+     flag_ml_var = "sm_credentials";
+-- 
+2.31.1
+

0012-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch

@@ -1,4 +1,4 @@
-From fc738cbe77b4f058c3d3367512cb64aeb0248a98 Mon Sep 17 00:00:00 2001
+From 0bba553b311f448c50ba6b3dd934b88387302d01 Mon Sep 17 00:00:00 2001
 From: "Richard W.M. Jones" <rjones@redhat.com>
 Date: Mon, 29 Jul 2013 14:47:56 +0100
 Subject: [PATCH] RHEL: Disable unsupported remote drive protocols
@@ -373,12 +373,12 @@ index c5a208468..efb289254 100644
      error (g, _("unknown protocol ‘%s’"), protocol);
      drv = NULL; /*FALLTHROUGH*/
 diff --git a/lib/guestfs.pod b/lib/guestfs.pod
-index b04c28d62..a334a4b65 100644
+index 1ad44e7c2..946ce2d36 100644
 --- a/lib/guestfs.pod
 +++ b/lib/guestfs.pod
-@@ -679,70 +679,6 @@ servers.  The server string is documented in
- L</guestfs_add_drive_opts>. The C<username> and C<secret> parameters are
- also optional, and if not given, then no authentication will be used.
+@@ -712,70 +712,6 @@ a qcow2 backing file specification, libvirt does not construct an
+ ephemeral secret object from those, for Ceph authentication.  Refer to
+ L<https://bugzilla.redhat.com/2033247>.
  
 -=head3 FTP, HTTP AND TFTP
 -
@@ -447,7 +447,7 @@ index b04c28d62..a334a4b65 100644
  =head3 NETWORK BLOCK DEVICE
  
  Libguestfs can access Network Block Device (NBD) disks remotely.
-@@ -805,42 +741,6 @@ L<https://bugs.launchpad.net/qemu/+bug/1155677>
+@@ -838,42 +774,6 @@ L<https://bugs.launchpad.net/qemu/+bug/1155677>
  
  =back
  

0013-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch

@@ -1,4 +1,4 @@
-From a026536353871472bddfb6e39c13149e09243b8c Mon Sep 17 00:00:00 2001
+From 046e64463e958fb0d2abb6ef6330a6757803a759 Mon Sep 17 00:00:00 2001
 From: "Richard W.M. Jones" <rjones@redhat.com>
 Date: Tue, 7 Jul 2015 09:28:03 -0400
 Subject: [PATCH] RHEL: Reject use of libguestfs-winsupport features except for

0013-lib-Disable-5-level-page-tables-when-using-cpu-max.patch

@@ -1,88 +0,0 @@
-From 6005efab3539eee16c131afe57f1b15237a4db77 Mon Sep 17 00:00:00 2001
-From: "Richard W.M. Jones" <rjones@redhat.com>
-Date: Thu, 12 May 2022 08:36:37 +0100
-Subject: [PATCH] lib: Disable 5-level page tables when using -cpu max
-
-In https://bugzilla.redhat.com/show_bug.cgi?id=2082806 we've been
-tracking an insidious qemu bug which intermittently prevents the
-libguestfs appliance from starting.  The symptoms are that SeaBIOS
-starts and displays its messages, but the kernel isn't reached.  We
-found that the kernel does in fact start, but when it tries to set up
-page tables and jump to protected mode it gets a triple fault which
-causes the emulated CPU in qemu to reset (qemu exits).
-
-This seems to only affect TCG (not KVM).
-
-Yesterday I found that this is caused by using -cpu max which enables
-the "la57" feature (5-level page tables[0]), and that we can make the
-problem go away using -cpu max,la57=off.  Note that I still don't
-fully understand the qemu bug, so this is only a workaround.
-
-I chose to disable 5-level page tables for both TCG and KVM, partly to
-make the patch simpler, and partly because I guess it's not a feature
-(ie. 57 bit linear addresses) that is useful for the libguestfs
-appliance case, where we have limited physical memory and no need to
-run any programs with huge address spaces.
-
-I tested this by running both the direct & libvirt paths overnight.  I
-expect that this patch will fail with old qemu/libvirt which doesn't
-understand the "la57" feature, but this is only intended as a
-temporary workaround.
-
-[0] Article about 5-level page tables as background:
-https://lwn.net/Articles/717293/
-
-Thanks: Laszlo Ersek
-Fixes: https://answers.launchpad.net/ubuntu/+source/libguestfs/+question/701625
----
- lib/launch-direct.c  | 15 +++++++++++++--
- lib/launch-libvirt.c |  7 +++++++
- 2 files changed, 20 insertions(+), 2 deletions(-)
-
-diff --git a/lib/launch-direct.c b/lib/launch-direct.c
-index c07a8d78f..ff0eaeb62 100644
---- a/lib/launch-direct.c
-+++ b/lib/launch-direct.c
-@@ -518,8 +518,19 @@ launch_direct (guestfs_h *g, void *datav, const char *arg)
-   } end_list ();
- 
-   cpu_model = guestfs_int_get_cpu_model (has_kvm && !force_tcg);
--  if (cpu_model)
--    arg ("-cpu", cpu_model);
-+  if (cpu_model) {
-+#if defined(__x86_64__)
-+    /* Temporary workaround for RHBZ#2082806 */
-+    if (STREQ (cpu_model, "max")) {
-+      start_list ("-cpu") {
-+        append_list (cpu_model);
-+        append_list ("la57=off");
-+      } end_list ();
-+    }
-+    else
-+#endif
-+      arg ("-cpu", cpu_model);
-+  }
- 
-   if (g->smp > 1)
-     arg_format ("-smp", "%d", g->smp);
-diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c
-index 87da2f40e..03d69e027 100644
---- a/lib/launch-libvirt.c
-+++ b/lib/launch-libvirt.c
-@@ -1185,6 +1185,13 @@ construct_libvirt_xml_cpu (guestfs_h *g,
-       else if (STREQ (cpu_model, "max")) {
-         /* https://bugzilla.redhat.com/show_bug.cgi?id=1935572#c11 */
-         attribute ("mode", "maximum");
-+#if defined(__x86_64__)
-+        /* Temporary workaround for RHBZ#2082806 */
-+        start_element ("feature") {
-+          attribute ("policy", "disable");
-+          attribute ("name", "la57");
-+        } end_element ();
-+#endif
-       }
-       else
-         single_element ("model", cpu_model);
--- 
-2.31.1
-

0014-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch

@@ -1,4 +1,4 @@
-From 4ce969732bb8424237e26c5dd3b56507025aae82 Mon Sep 17 00:00:00 2001
+From 0598660ad71cce8c55e6af3b6f0c9afda6d70bcb Mon Sep 17 00:00:00 2001
 From: "Richard W.M. Jones" <rjones@redhat.com>
 Date: Tue, 29 Jun 2021 15:29:11 +0100
 Subject: [PATCH] RHEL: Create /etc/crypto-policies/back-ends/opensslcnf.config

0015-build-Pick-first-field-in-ID_LIKE.patch

@@ -0,0 +1,42 @@
+From ad24b9f4d6950dd681e65ea9d1de334119ec9ec7 Mon Sep 17 00:00:00 2001
+From: "Richard W.M. Jones" <rjones@redhat.com>
+Date: Thu, 26 May 2022 14:02:58 +0100
+Subject: [PATCH] build: Pick first field in ID_LIKE
+
+CentOS Stream has:
+
+ID_LIKE="rhel fedora"
+
+which confused the existing script.  If there are multiple "likes"
+arbitrarily pick the first one in the list.
+
+Fixes: commit 63b722b6c094f3a35a5e72f0ae3236a58ddda110
+(cherry picked from commit 7afbf5ee4415f6fa2553898d3af238e794062096)
+---
+ m4/guestfs-appliance.m4 | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/m4/guestfs-appliance.m4 b/m4/guestfs-appliance.m4
+index 4e63ef435..19db4fc7e 100644
+--- a/m4/guestfs-appliance.m4
++++ b/m4/guestfs-appliance.m4
+@@ -106,11 +106,11 @@ AC_ARG_WITH([distro],
+             cat /etc/os-release >&AS_MESSAGE_LOG_FD
+             DISTRO="$(
+                 . /etc/os-release
+-                if test -n "$ID_LIKE"; then
+-                    echo $ID_LIKE | tr '@<:@:lower:@:>@' '@<:@:upper:@:>@'
+-                else
+-                    echo $ID      | tr '@<:@:lower:@:>@' '@<:@:upper:@:>@'
+-                fi
++                ( if test -n "$ID_LIKE"; then
++                      echo $ID_LIKE | $AWK '{print $1}'
++                  else
++                      echo $ID
++                  fi ) | tr '@<:@:lower:@:>@' '@<:@:upper:@:>@'
+             )"
+             AS_CASE([$DISTRO],
+                     [FEDORA | RHEL | CENTOS | ALMALINUX | CLOUDLINUX | ROCKY],
+-- 
+2.31.1
+

libguestfs.spec

@@ -47,8 +47,8 @@
 Summary:       Access and modify virtual machine disk images
 Name:          libguestfs
 Epoch:         1
-Version:       1.48.2
-Release:       2%{?dist}
+Version:       1.48.3
+Release:       1%{?dist}
 License:       LGPLv2+
 
 # Build only for architectures that have a kernel
@@ -98,10 +98,13 @@ Patch0008:     0008-generator-customize-invert-SELinux-relabeling-defaul.patch
   # files in common/mlcustomize.  This directory is not included
   # in the libguestfs tarball.
 Patch0009:     0009-update-common-submodule.patch
-Patch0010:     0010-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch
-Patch0011:     0011-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch
-Patch0012:     0012-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch
-Patch0013:     0013-lib-Disable-5-level-page-tables-when-using-cpu-max.patch
+Patch0010:     0010-generator-customize-reintroduce-selinux-relabel-as-a.patch
+  # *NB* This patch only references common/mlcustomize, so it is removed.
+#Patch0011:     0011-update-common-submodule.patch
+Patch0012:     0012-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch
+Patch0013:     0013-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch
+Patch0014:     0014-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch
+Patch0015:     0015-build-Pick-first-field-in-ID_LIKE.patch
 
 %if 0%{patches_touch_autotools}
 BuildRequires: autoconf, automake, libtool, gettext-devel
@@ -1144,8 +1147,8 @@ rm ocaml/html/.gitignore
 
 
 %changelog
-* Thu May 12 2022 Richard W.M. Jones <rjones@redhat.com> - 1:1.48.2-2
-- Rebase to new stable branch version 1.48.2
+* Thu May 26 2022 Richard W.M. Jones <rjones@redhat.com> - 1:1.48.3-1
+- Rebase to new stable branch version 1.48.3
   resolves: rhbz#2059285
 - Disable 5-level page tables when using -cpu max
   resolves: rhbz#2084568
@@ -1155,6 +1158,9 @@ rm ocaml/html/.gitignore
   resolves: rhbz#1844341
 - Lift protocol limit on guestfs_readdir()
   resolves: rhbz#1674392
+- Check return values from librpm calls (2089623)
+- Document limitations of encrypted RBD disks
+  resolves: rhbz#2033247
 
 * Thu Mar 17 2022 Richard W.M. Jones <rjones@redhat.com> - 1:1.48.0-2
 - Disable signature checking in librpm

sources

@@ -1,2 +1,2 @@
-SHA512 (libguestfs-1.48.2.tar.gz) = 3cbec961fbed3bfdb2ba6ab240756ffd61fed76be1e754b0286a87e298ba95dae6d7435aa5f5cff84dd2f42aa7576a2f197df83f987f0e44ed4d268f76be5e19
-SHA512 (libguestfs-1.48.2.tar.gz.sig) = 1554d1a911c06fb59cea2e56b845272d1e33056e36b74f9e6507d5cff433340ba3e90b8957dbd706f0f2ea32e45d1dc11f394212a314c5b954677faa66c4c8de
+SHA512 (libguestfs-1.48.3.tar.gz) = d88b7869e6098af1f7748dc2e8163b245ea251fcdf962a71e3735f5a1748c9e87a17be259802da3e0bb13569d7f7233b2c5a554b20a2a7758e1974a30a70b786
+SHA512 (libguestfs-1.48.3.tar.gz.sig) = f372cddfb661727c7e33505b9f038828e8341a229098c089b0b9f2167fc6308045e402cbfea653dfc0bd5343e2c9f9e2757af7923515615ac38430c132620de7