From 355f2766e623e1edf282cbbd2dd9b6a22a776500 Mon Sep 17 00:00:00 2001 From: eabdullin Date: Thu, 7 Dec 2023 16:44:37 +0300 Subject: [PATCH] Update to stable version --- .gitignore | 2 +- .libguestfs.metadata | 2 +- SOURCES/0002-update-common-submodule.patch | 37 + ...elabel-don-t-exclude-selinux-if-it-s.patch | 63 + ...elabel-search-for-invalid-option-in-.patch | 33 + ...elabel-run-setfiles-with-T-0-if-supp.patch | 78 + ...upported-remote-drive-protocols-RHBZ.patch | 606 ++++++ ...of-libguestfs-winsupport-features-ex.patch | 66 + SOURCES/0008-Remove-virt-dib.patch | 63 + ...b-Choose-q35-machine-type-for-x86-64.patch | 32 + ...d-Remove-bundled-copy-of-ocaml-augea.patch | 1686 +++++++++++++++++ SOURCES/0011-update-common-submodule.patch | 160 ++ ...M-inspection-test-rename-VGs-and-LVs.patch | 97 + ...ection-test-test-dev-mapper-VG-LV-tr.patch | 46 + SOURCES/copy-patches.sh | 12 +- SOURCES/libguestfs-1.50.1.tar.gz.sig | 17 + SPECS/libguestfs.spec | 125 +- 17 files changed, 3048 insertions(+), 77 deletions(-) create mode 100644 SOURCES/0002-update-common-submodule.patch create mode 100644 SOURCES/0003-daemon-selinux-relabel-don-t-exclude-selinux-if-it-s.patch create mode 100644 SOURCES/0004-daemon-selinux-relabel-search-for-invalid-option-in-.patch create mode 100644 SOURCES/0005-daemon-selinux-relabel-run-setfiles-with-T-0-if-supp.patch create mode 100644 SOURCES/0006-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch create mode 100644 SOURCES/0007-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch create mode 100644 SOURCES/0008-Remove-virt-dib.patch create mode 100644 SOURCES/0009-lib-Choose-q35-machine-type-for-x86-64.patch create mode 100644 SOURCES/0010-RHEL-Revert-build-Remove-bundled-copy-of-ocaml-augea.patch create mode 100644 SOURCES/0011-update-common-submodule.patch create mode 100644 SOURCES/0012-LUKS-on-LVM-inspection-test-rename-VGs-and-LVs.patch create mode 100644 SOURCES/0013-LUKS-on-LVM-inspection-test-test-dev-mapper-VG-LV-tr.patch create mode 100644 SOURCES/libguestfs-1.50.1.tar.gz.sig diff --git a/.gitignore b/.gitignore index 6a0624f..0710dcd 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ -SOURCES/libguestfs-1.48.4.tar.gz +SOURCES/libguestfs-1.50.1.tar.gz SOURCES/libguestfs.keyring diff --git a/.libguestfs.metadata b/.libguestfs.metadata index e6fbe70..1cfd327 100644 --- a/.libguestfs.metadata +++ b/.libguestfs.metadata @@ -1,2 +1,2 @@ -a8754a62256ac488eec3e18bed20f570f785d069 SOURCES/libguestfs-1.48.4.tar.gz +b2ccc62a61d43917d982bb380709cd283fda465a SOURCES/libguestfs-1.50.1.tar.gz 1bbc40f501a7fef9eef2a39b701a71aee2fea7c4 SOURCES/libguestfs.keyring diff --git a/SOURCES/0002-update-common-submodule.patch b/SOURCES/0002-update-common-submodule.patch new file mode 100644 index 0000000..6a0e8d1 --- /dev/null +++ b/SOURCES/0002-update-common-submodule.patch @@ -0,0 +1,37 @@ +From 89b6c8b458dcb00de83b543c47a6acb049f63f18 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Tue, 21 Mar 2023 16:55:15 +0100 +Subject: [PATCH] update common submodule + +HATAYAMA Daisuke (1): + progress: fix segmentation fault when TERM variable is "dumb" + +Laszlo Ersek (2): + detect_kernels: tighten "try" scope + detect_kernels: deal with RHEL's kernel-core / kernel-modules-core split + +rwmjones (1): + Merge pull request #5 from d-hatayama/fix_segfault_progress_bar + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2175703 +Signed-off-by: Laszlo Ersek +(cherry picked from commit be11d25b3e2770d86699e94c5087e6625477d5ec) +--- + common | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Submodule common 360e037d..70c10a07: +diff --git a/common/progress/progress.c b/common/progress/progress.c +index 4d52b97e..e4b30663 100644 +--- a/common/progress/progress.c ++++ b/common/progress/progress.c +@@ -318,7 +318,8 @@ progress_bar_set (struct progress_bar *bar, + * (b) it's just not possible to use tputs in a sane way here. + */ + /*tputs (UP, 2, putchar);*/ +- fprintf (fp, "%s", UP); ++ if (UP) ++ fprintf (fp, "%s", UP); + } + bar->count++; + diff --git a/SOURCES/0003-daemon-selinux-relabel-don-t-exclude-selinux-if-it-s.patch b/SOURCES/0003-daemon-selinux-relabel-don-t-exclude-selinux-if-it-s.patch new file mode 100644 index 0000000..dea3fa6 --- /dev/null +++ b/SOURCES/0003-daemon-selinux-relabel-don-t-exclude-selinux-if-it-s.patch @@ -0,0 +1,63 @@ +From e58cd8df467e342463d08e3d761c2e322287b13e Mon Sep 17 00:00:00 2001 +From: Andrey Drobyshev +Date: Wed, 26 Apr 2023 15:59:44 +0300 +Subject: [PATCH] daemon/selinux-relabel: don't exclude "/selinux" if it's + non-existent + +Since RHBZ#726528, filesystem.rpm doesn't include /selinux. setfiles +then gives us the warning: "Can't stat exclude path "/sysroot/selinux", +No such file or directory - ignoring." + +Though the warning is harmless, let's get rid of it by checking the +existence of /selinux directory. + +Signed-off-by: Andrey Drobyshev +Reviewed-by: Laszlo Ersek +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 9ced5fac8c1f0f8ff7ed2b5671c1c7f5f0bfa875) +--- + daemon/selinux-relabel.c | 16 +++++++++++++++- + 1 file changed, 15 insertions(+), 1 deletion(-) + +diff --git a/daemon/selinux-relabel.c b/daemon/selinux-relabel.c +index 976cffe3..454486c1 100644 +--- a/daemon/selinux-relabel.c ++++ b/daemon/selinux-relabel.c +@@ -21,6 +21,7 @@ + #include + #include + #include ++#include + + #include "guestfs_protocol.h" + #include "daemon.h" +@@ -37,6 +38,17 @@ optgroup_selinuxrelabel_available (void) + return prog_exists ("setfiles"); + } + ++static int ++dir_exists (const char *dir) ++{ ++ struct stat statbuf; ++ ++ if (stat (dir, &statbuf) == 0 && S_ISDIR (statbuf.st_mode)) ++ return 1; ++ else ++ return 0; ++} ++ + static int + setfiles_has_option (int *flag, char opt_char) + { +@@ -99,8 +111,10 @@ do_selinux_relabel (const char *specfile, const char *path, + */ + ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_dev); + ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_proc); +- ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_selinux); + ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_sys); ++ if (dir_exists (s_selinux)) { ++ ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_selinux); ++ } + + /* You have to use the -m option (where available) otherwise + * setfiles puts all the mountpoints on the excludes list for no diff --git a/SOURCES/0004-daemon-selinux-relabel-search-for-invalid-option-in-.patch b/SOURCES/0004-daemon-selinux-relabel-search-for-invalid-option-in-.patch new file mode 100644 index 0000000..569cd02 --- /dev/null +++ b/SOURCES/0004-daemon-selinux-relabel-search-for-invalid-option-in-.patch @@ -0,0 +1,33 @@ +From c1829048c598e11950c9d355fdd5c177a99e046f Mon Sep 17 00:00:00 2001 +From: Andrey Drobyshev +Date: Wed, 26 Apr 2023 15:59:45 +0300 +Subject: [PATCH] daemon/selinux-relabel: search for "invalid option" in + setfiles output + +'X' in the setiles' stderr doesn't necessarily mean that option 'X' +doesn't exist. For instance, when passing '-T' we get: "setfiles: +option requires an argument -- 'T'". + +Signed-off-by: Andrey Drobyshev +Reviewed-by: Laszlo Ersek +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 152d6e4bdf2dac88856a4ff83cf73451f897d4d4) +--- + daemon/selinux-relabel.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/daemon/selinux-relabel.c b/daemon/selinux-relabel.c +index 454486c1..60a6f48a 100644 +--- a/daemon/selinux-relabel.c ++++ b/daemon/selinux-relabel.c +@@ -56,8 +56,9 @@ setfiles_has_option (int *flag, char opt_char) + + if (*flag == -1) { + char option[] = { '-', opt_char, '\0' }; /* "-X" */ +- char err_opt[] = { '\'', opt_char, '\'', '\0'}; /* "'X'" */ ++ char err_opt[32]; /* "invalid option -- 'X'" */ + ++ snprintf(err_opt, sizeof(err_opt), "invalid option -- '%c'", opt_char); + ignore_value (command (NULL, &err, "setfiles", option, NULL)); + *flag = err && strstr (err, /* "invalid option -- " */ err_opt) == NULL; + } diff --git a/SOURCES/0005-daemon-selinux-relabel-run-setfiles-with-T-0-if-supp.patch b/SOURCES/0005-daemon-selinux-relabel-run-setfiles-with-T-0-if-supp.patch new file mode 100644 index 0000000..b5bb385 --- /dev/null +++ b/SOURCES/0005-daemon-selinux-relabel-run-setfiles-with-T-0-if-supp.patch @@ -0,0 +1,78 @@ +From 3046af080baad9935627ebb671950448cfd0fa7b Mon Sep 17 00:00:00 2001 +From: Andrey Drobyshev +Date: Wed, 26 Apr 2023 15:59:46 +0300 +Subject: [PATCH] daemon/selinux-relabel: run setfiles with "-T 0", if + supported + +Since SELinux userspace v3.4 [1], setfiles command supports "-T nthreads" +option, which allows parallel execution. "-T 0" allows using as many +threads as there're available CPU cores. This might speed up the process +of filesystem relabeling in case the appliance is being run with multiple +vCPUs. The latter is true for at least v2v starting from d2b64ecc67 +("v2v: Set the number of vCPUs to same as host number of pCPUs."). + +For instance, when running virt-v2v-in-place on my 12-core Xeon host +with SSD, with appliance being run with 8 vCPUs (the upper limit specified +in d2b64ecc67), and on the ~150GiB disk VM (physical size on the host), +I get the following results: + +./in-place/virt-v2v-in-place -i libvirt fedora37-vm -v -x + +Without this patch: +... +commandrvf: setfiles -F -e /sysroot/dev -e /sysroot/proc -e /sysroot/sys -m -C -r /sysroot -v /sysroot/etc/selinux/targeted/contexts/files/file_contexts /sysroot/^M +libguestfs: trace: v2v: selinux_relabel = 0 +libguestfs: trace: v2v: rm_f "/.autorelabel" +guestfsd: => selinux_relabel (0x1d3) took 17.94 secs +... + +With this patch: +... +commandrvf: setfiles -F -e /sysroot/dev -e /sysroot/proc -e /sysroot/sys -m -C -T 0 -r /sysroot -v /sysroot/etc/selinux/targeted/contexts/files/file_contexts /sysroot/^M +libguestfs: trace: v2v: selinux_relabel = 0 +libguestfs: trace: v2v: rm_f "/.autorelabel" +guestfsd: => selinux_relabel (0x1d3) took 5.88 secs +... + +So in my scenario it's getting 3 times faster. + +[1] https://github.com/SELinuxProject/selinux/releases/tag/3.4 + +Signed-off-by: Andrey Drobyshev +Reviewed-by: Laszlo Ersek +Reviewed-by: Richard W.M. Jones +(cherry picked from commit d0d8e6738477148a7b752348f9364a3b8faed67f) +--- + daemon/selinux-relabel.c | 12 ++++++++++++ + 1 file changed, 12 insertions(+) + +diff --git a/daemon/selinux-relabel.c b/daemon/selinux-relabel.c +index 60a6f48a..cfc5a31d 100644 +--- a/daemon/selinux-relabel.c ++++ b/daemon/selinux-relabel.c +@@ -73,6 +73,7 @@ do_selinux_relabel (const char *specfile, const char *path, + { + static int flag_m = -1; + static int flag_C = -1; ++ static int flag_T = -1; + const char *argv[MAX_ARGS]; + CLEANUP_FREE char *s_dev = NULL, *s_proc = NULL, *s_selinux = NULL, + *s_sys = NULL, *s_specfile = NULL, *s_path = NULL; +@@ -131,6 +132,17 @@ do_selinux_relabel (const char *specfile, const char *path, + if (setfiles_has_option (&flag_C, 'C')) + ADD_ARG (argv, i, "-C"); + ++ /* If the appliance is being run with multiple vCPUs, running setfiles ++ * in multithreading mode might speeds up the process. Option "-T" was ++ * introduced in SELinux userspace v3.4, and we need to check whether it's ++ * supported. Passing "-T 0" creates as many threads as there're available ++ * vCPU cores. ++ * https://github.com/SELinuxProject/selinux/releases/tag/3.4 ++ */ ++ if (setfiles_has_option (&flag_T, 'T')) { ++ ADD_ARG (argv, i, "-T"); ADD_ARG (argv, i, "0"); ++ } ++ + /* Relabelling in a chroot. */ + if (STRNEQ (sysroot, "/")) { + ADD_ARG (argv, i, "-r"); diff --git a/SOURCES/0006-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch b/SOURCES/0006-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch new file mode 100644 index 0000000..d580b3c --- /dev/null +++ b/SOURCES/0006-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch @@ -0,0 +1,606 @@ +From ab7e68dbeefe464734bd63a862a36f612f76d396 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Mon, 29 Jul 2013 14:47:56 +0100 +Subject: [PATCH] RHEL: Disable unsupported remote drive protocols + (RHBZ#962113). + +This disables support for unsupported remote drive protocols: + + * ftp + * ftps + * http + * https + * tftp + * gluster + * iscsi + * sheepdog + * ssh + +Note 'nbd' is not disabled, and of course 'file' works. + +We hope to gradually add some of these back over the lifetime of RHEL. +--- + docs/guestfs-testing.pod | 20 ----- + fish/guestfish.pod | 66 ++-------------- + fish/test-add-uri.sh | 32 -------- + generator/actions_core.ml | 50 +------------ + lib/drives.c | 8 ++ + lib/guestfs.pod | 100 ------------------------- + tests/disks/test-qemu-drive-libvirt.sh | 28 ------- + tests/disks/test-qemu-drive.sh | 60 --------------- + 8 files changed, 16 insertions(+), 348 deletions(-) + +diff --git a/docs/guestfs-testing.pod b/docs/guestfs-testing.pod +index 47f381a7..c7b44928 100644 +--- a/docs/guestfs-testing.pod ++++ b/docs/guestfs-testing.pod +@@ -109,26 +109,6 @@ image. To exit, type C. + If you get an error, try enabling debugging (add C<-v> to the command + line). Also make sure that L succeeds. + +-=head2 Try to open a remote guest image with guestfish. +- +-You may also have to disable libvirt by setting this: +- +- export LIBGUESTFS_BACKEND=direct +- +-If you have a disk image available over HTTP/FTP, try to open it. +- +- guestfish --ro -i --format=raw -a http://www.example.com/disk.img +- +-For SSH you will need to make sure that ssh-agent is set up so you +-don't need a password to log in to the remote machine. Then a command +-similar to this should work: +- +- guestfish --ro -i --format=raw \ +- -a ssh://remote.example.com/path/to/disk.img +- +-If you get an error, try enabling debugging (add C<-v> to the command +-line). Also make sure that L succeeds. +- + =head2 Run virt-alignment-scan on all your guests. + + Run L on guests or disk images: +diff --git a/fish/guestfish.pod b/fish/guestfish.pod +index ccc0825b..d36cac9d 100644 +--- a/fish/guestfish.pod ++++ b/fish/guestfish.pod +@@ -131,9 +131,9 @@ To list what is available do: + + =head2 Remote drives + +-Access a remote disk using ssh: ++Access a remote disk using NBD: + +- guestfish -a ssh://example.com/path/to/disk.img ++ guestfish -a nbd://example.com + + =head2 Remote control + +@@ -1129,12 +1129,12 @@ L>. + On the command line, you can use the I<-a> option to add network + block devices using a URI-style format, for example: + +- guestfish -a ssh://root@example.com/disk.img ++ guestfish -a nbd://example.com + + URIs I be used with the L command. The equivalent + command using the API directly is: + +- > add /disk.img protocol:ssh server:tcp:example.com username:root ++ > add /disk.img protocol:nbd server:tcp:example.com + + The possible I<-a URI> formats are described below. + +@@ -1144,40 +1144,6 @@ The possible I<-a URI> formats are described below. + + Add the local disk image (or device) called F. + +-=head2 B<-a ftp://[user@]example.com[:port]/disk.img> +- +-=head2 B<-a ftps://[user@]example.com[:port]/disk.img> +- +-=head2 B<-a http://[user@]example.com[:port]/disk.img> +- +-=head2 B<-a https://[user@]example.com[:port]/disk.img> +- +-=head2 B<-a tftp://[user@]example.com[:port]/disk.img> +- +-Add a disk located on a remote FTP, HTTP or TFTP server. +- +-The equivalent API command would be: +- +- > add /disk.img protocol:(ftp|...) server:tcp:example.com +- +-=head2 B<-a gluster://example.com[:port]/volname/image> +- +-Add a disk image located on GlusterFS storage. +- +-The server is the one running C, and may be C. +- +-The equivalent API command would be: +- +- > add volname/image protocol:gluster server:tcp:example.com +- +-=head2 B<-a iscsi://example.com[:port]/target-iqn-name[/lun]> +- +-Add a disk located on an iSCSI server. +- +-The equivalent API command would be: +- +- > add target-iqn-name/lun protocol:iscsi server:tcp:example.com +- + =head2 B<-a nbd://example.com[:port]> + + =head2 B<-a nbd://example.com[:port]/exportname> +@@ -1212,35 +1178,13 @@ The equivalent API command would be: + + > add pool/disk protocol:rbd server:tcp:example.com:port + +-=head2 B<-a sheepdog://[example.com[:port]]/volume/image> +- +-Add a disk image located on a Sheepdog volume. +- +-The server name is optional. Although libguestfs and Sheepdog +-supports multiple servers, only at most one server can be specified +-when using this URI syntax. +- +-The equivalent API command would be: +- +- > add volume protocol:sheepdog [server:tcp:example.com] +- +-=head2 B<-a ssh://[user@]example.com[:port]/disk.img> +- +-Add a disk image located on a remote server, accessed using the Secure +-Shell (ssh) SFTP protocol. SFTP is supported out of the box by all +-major SSH servers. +- +-The equivalent API command would be: +- +- > add /disk protocol:ssh server:tcp:example.com [username:user] +- + Note that the URIs follow the syntax of + L: in particular, there + are restrictions on the allowed characters for the various components + of the URI. Characters such as C<:>, C<@>, and C B be + percent-encoded: + +- $ guestfish -a ssh://user:pass%40word@example.com/disk.img ++ $ guestfish -a rbd://user:pass%40word@example.com[:port]/pool/disk + + In this case, the password is C. + +diff --git a/fish/test-add-uri.sh b/fish/test-add-uri.sh +index 21d42498..ddabeb63 100755 +--- a/fish/test-add-uri.sh ++++ b/fish/test-add-uri.sh +@@ -40,14 +40,6 @@ function fail () + $VG guestfish -x -a file://$abs_builddir/test-add-uri.img test-add-uri.out 2>&1 + grep -sq 'add_drive ".*/test-add-uri.img"' test-add-uri.out || fail + +-# curl +-$VG guestfish -x -a ftp://user@example.com/disk.img test-add-uri.out 2>&1 +-grep -sq 'add_drive "/disk.img" "protocol:ftp" "server:tcp:example.com" "username:user"' test-add-uri.out || fail +- +-# gluster +-$VG guestfish -x -a gluster://example.com/disk test-add-uri.out 2>&1 +-grep -sq 'add_drive "disk" "protocol:gluster" "server:tcp:example.com"' test-add-uri.out || fail +- + # NBD + $VG guestfish -x -a nbd://example.com test-add-uri.out 2>&1 + grep -sq 'add_drive "" "protocol:nbd" "server:tcp:example.com"' test-add-uri.out || fail +@@ -67,29 +59,5 @@ grep -sq 'add_drive "pool/disk" "protocol:rbd" "server:tcp:example.com:6789"' te + $VG guestfish -x -a rbd:///pool/disk test-add-uri.out 2>&1 + grep -sq 'add_drive "pool/disk" "protocol:rbd"' test-add-uri.out || fail + +-# sheepdog +-$VG guestfish -x -a sheepdog:///volume/image test-add-uri.out 2>&1 +-grep -sq 'add_drive "volume/image" "protocol:sheepdog"' test-add-uri.out || fail +- +-$VG guestfish -x -a sheepdog://example.com:3000/volume/image test-add-uri.out 2>&1 +-grep -sq 'add_drive "volume/image" "protocol:sheepdog" "server:tcp:example.com:3000"' test-add-uri.out || fail +- +-# ssh +-$VG guestfish -x -a ssh://example.com/disk.img test-add-uri.out 2>&1 +-grep -sq 'add_drive "/disk.img" "protocol:ssh" "server:tcp:example.com"' test-add-uri.out || fail +- +-$VG guestfish -x -a ssh://user@example.com/disk.img test-add-uri.out 2>&1 +-grep -sq 'add_drive "/disk.img" "protocol:ssh" "server:tcp:example.com" "username:user"' test-add-uri.out || fail +- +-$VG guestfish -x -a ssh://user@example.com:2000/disk.img test-add-uri.out 2>&1 +-grep -sq 'add_drive "/disk.img" "protocol:ssh" "server:tcp:example.com:2000" "username:user"' test-add-uri.out || fail +- +-# iSCSI +-$VG guestfish -x -a iscsi://example.com/iqn.2015-12.com.libguestfs:test1/0 test-add-uri.out 2>&1 +-grep -sq 'add_drive "iqn.2015-12.com.libguestfs:test1/0" "protocol:iscsi" "server:tcp:example.com"' test-add-uri.out || fail +- +-$VG guestfish -x -a iscsi://user:password@example.com/iqn.2015-12.com.libguestfs:test2/0 test-add-uri.out 2>&1 +-grep -sq 'add_drive "iqn.2015-12.com.libguestfs:test2/0" "protocol:iscsi" "server:tcp:example.com" "username:user" "secret:password"' test-add-uri.out || fail +- + rm test-add-uri.out + rm test-add-uri.img +diff --git a/generator/actions_core.ml b/generator/actions_core.ml +index c8d9949b..26c576c7 100644 +--- a/generator/actions_core.ml ++++ b/generator/actions_core.ml +@@ -350,29 +350,6 @@ F is interpreted as a local file or device. + This is the default if the optional protocol parameter + is omitted. + +-=item C +- +-Connect to a remote FTP, HTTP or TFTP server. +-The C parameter must also be supplied - see below. +- +-See also: L +- +-=item C +- +-Connect to the GlusterFS server. +-The C parameter must also be supplied - see below. +- +-See also: L +- +-=item C +- +-Connect to the iSCSI server. +-The C parameter must also be supplied - see below. +-The C parameter may be supplied. See below. +-The C parameter may be supplied. See below. +- +-See also: L. +- + =item C + + Connect to the Network Block Device server. +@@ -389,22 +366,6 @@ The C parameter may be supplied. See below. + + See also: L. + +-=item C +- +-Connect to the Sheepdog server. +-The C parameter may also be supplied - see below. +- +-See also: L. +- +-=item C +- +-Connect to the Secure Shell (ssh) server. +- +-The C parameter must be supplied. +-The C parameter may be supplied. See below. +- +-See also: L. +- + =back + + =item C +@@ -415,13 +376,8 @@ is a list of server(s). + Protocol Number of servers required + -------- -------------------------- + file List must be empty or param not used at all +- ftp|ftps|http|https|tftp Exactly one +- gluster Exactly one +- iscsi Exactly one + nbd Exactly one + rbd Zero or more +- sheepdog Zero or more +- ssh Exactly one + + Each list element is a string specifying a server. The string must be + in one of the following formats: +@@ -437,10 +393,10 @@ for the protocol is used (see F). + + =item C + +-For the C, C, C, C, C, C, C +-and C protocols, this specifies the remote username. ++For the C ++protocol, this specifies the remote username. + +-If not given, then the local username is used for C, and no authentication ++If not given, then no authentication + is attempted for ceph. But note this sometimes may give unexpected results, for + example if using the libvirt backend and if the libvirt backend is configured to + start the qemu appliance as a special user such as C. If in doubt, +diff --git a/lib/drives.c b/lib/drives.c +index c5a20846..efb28925 100644 +--- a/lib/drives.c ++++ b/lib/drives.c +@@ -166,6 +166,7 @@ create_drive_non_file (guestfs_h *g, + return drv; + } + ++#if 0 /* DISABLED IN RHEL 8 */ + static struct drive * + create_drive_curl (guestfs_h *g, + const struct drive_create_data *data) +@@ -224,6 +225,7 @@ create_drive_gluster (guestfs_h *g, + + return create_drive_non_file (g, data); + } ++#endif /* DISABLED IN RHEL 8 */ + + static int + nbd_port (void) +@@ -292,6 +294,7 @@ create_drive_rbd (guestfs_h *g, + return create_drive_non_file (g, data); + } + ++#if 0 /* DISABLED IN RHEL 8 */ + static struct drive * + create_drive_sheepdog (guestfs_h *g, + const struct drive_create_data *data) +@@ -392,6 +395,7 @@ create_drive_iscsi (guestfs_h *g, + + return create_drive_non_file (g, data); + } ++#endif /* DISABLED IN RHEL 8 */ + + /** + * Create the special F drive. +@@ -842,6 +846,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, + drv = create_drive_file (g, &data); + } + } ++#if 0 /* DISABLED IN RHEL 8 */ + else if (STREQ (protocol, "ftp")) { + data.protocol = drive_protocol_ftp; + drv = create_drive_curl (g, &data); +@@ -866,6 +871,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, + data.protocol = drive_protocol_iscsi; + drv = create_drive_iscsi (g, &data); + } ++#endif /* DISABLED IN RHEL 8 */ + else if (STREQ (protocol, "nbd")) { + data.protocol = drive_protocol_nbd; + drv = create_drive_nbd (g, &data); +@@ -874,6 +880,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, + data.protocol = drive_protocol_rbd; + drv = create_drive_rbd (g, &data); + } ++#if 0 /* DISABLED IN RHEL 8 */ + else if (STREQ (protocol, "sheepdog")) { + data.protocol = drive_protocol_sheepdog; + drv = create_drive_sheepdog (g, &data); +@@ -886,6 +893,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, + data.protocol = drive_protocol_tftp; + drv = create_drive_curl (g, &data); + } ++#endif /* DISABLED IN RHEL 8 */ + else { + error (g, _("unknown protocol ‘%s’"), protocol); + drv = NULL; /*FALLTHROUGH*/ +diff --git a/lib/guestfs.pod b/lib/guestfs.pod +index c6c8cb16..866a4638 100644 +--- a/lib/guestfs.pod ++++ b/lib/guestfs.pod +@@ -723,70 +723,6 @@ a qcow2 backing file specification, libvirt does not construct an + ephemeral secret object from those, for Ceph authentication. Refer to + L. + +-=head3 FTP, HTTP AND TFTP +- +-Libguestfs can access remote disks over FTP, FTPS, HTTP, HTTPS +-or TFTP protocols. +- +-To do this, set the optional C and C parameters of +-L like this: +- +- char **servers = { "www.example.org", NULL }; +- guestfs_add_drive_opts (g, "/disk.img", +- GUESTFS_ADD_DRIVE_OPTS_FORMAT, "raw", +- GUESTFS_ADD_DRIVE_OPTS_PROTOCOL, "http", +- GUESTFS_ADD_DRIVE_OPTS_SERVER, servers, +- -1); +- +-The C can be one of C<"ftp">, C<"ftps">, C<"http">, +-C<"https"> or C<"tftp">. +- +-C (the C parameter) is a list which must have a +-single element. The single element is a string defining the web, +-FTP or TFTP server. The format of this string is documented in +-L. +- +-=head3 GLUSTER +- +-Libguestfs can access Gluster disks. +- +-To do this, set the optional C and C parameters of +-L like this: +- +- char **servers = { "gluster.example.org:24007", NULL }; +- guestfs_add_drive_opts (g, "volname/image", +- GUESTFS_ADD_DRIVE_OPTS_FORMAT, "raw", +- GUESTFS_ADD_DRIVE_OPTS_PROTOCOL, "gluster", +- GUESTFS_ADD_DRIVE_OPTS_SERVER, servers, +- -1); +- +-C (the C parameter) is a list which must have a +-single element. The single element is a string defining the Gluster +-server. The format of this string is documented in +-L. +- +-Note that gluster usually requires the client process (ie. libguestfs) +-to run as B and will give unfathomable errors if it is not +-(eg. "No data available"). +- +-=head3 ISCSI +- +-Libguestfs can access iSCSI disks remotely. +- +-To do this, set the optional C and C parameters like +-this: +- +- char **server = { "iscsi.example.org:3000", NULL }; +- guestfs_add_drive_opts (g, "target-iqn-name/lun", +- GUESTFS_ADD_DRIVE_OPTS_FORMAT, "raw", +- GUESTFS_ADD_DRIVE_OPTS_PROTOCOL, "iscsi", +- GUESTFS_ADD_DRIVE_OPTS_SERVER, server, +- -1); +- +-The C parameter is a list which must have a single element. +-The single element is a string defining the iSCSI server. The format +-of this string is documented in L. +- + =head3 NETWORK BLOCK DEVICE + + Libguestfs can access Network Block Device (NBD) disks remotely. +@@ -849,42 +785,6 @@ L + + =back + +-=head3 SHEEPDOG +- +-Libguestfs can access Sheepdog disks. +- +-To do this, set the optional C and C parameters of +-L like this: +- +- char **servers = { /* optional servers ... */ NULL }; +- guestfs_add_drive_opts (g, "volume", +- GUESTFS_ADD_DRIVE_OPTS_FORMAT, "raw", +- GUESTFS_ADD_DRIVE_OPTS_PROTOCOL, "sheepdog", +- GUESTFS_ADD_DRIVE_OPTS_SERVER, servers, +- -1); +- +-The optional list of C may be zero or more server addresses +-(C<"hostname:port">). The format of the server strings is documented +-in L. +- +-=head3 SSH +- +-Libguestfs can access disks over a Secure Shell (SSH) connection. +- +-To do this, set the C and C and (optionally) +-C parameters of L like this: +- +- char **server = { "remote.example.com", NULL }; +- guestfs_add_drive_opts (g, "/path/to/disk.img", +- GUESTFS_ADD_DRIVE_OPTS_FORMAT, "raw", +- GUESTFS_ADD_DRIVE_OPTS_PROTOCOL, "ssh", +- GUESTFS_ADD_DRIVE_OPTS_SERVER, server, +- GUESTFS_ADD_DRIVE_OPTS_USERNAME, "remoteuser", +- -1); +- +-The format of the server string is documented in +-L. +- + =head2 INSPECTION + + Libguestfs has APIs for inspecting an unknown disk image to find out +diff --git a/tests/disks/test-qemu-drive-libvirt.sh b/tests/disks/test-qemu-drive-libvirt.sh +index d86a1ecd..cf7d2a0c 100755 +--- a/tests/disks/test-qemu-drive-libvirt.sh ++++ b/tests/disks/test-qemu-drive-libvirt.sh +@@ -65,34 +65,6 @@ check_output + grep -sq -- '-drive file=rbd:abc-def/ghi-jkl:auth_supported=none,' "$DEBUG_QEMU_FILE" || fail ceph2 + rm "$DEBUG_QEMU_FILE" + +-# Gluster. +- +-$guestfish -d gluster run ||: +-check_output +-grep -sq -- '-drive file=gluster://1.2.3.4:1234/volname/image,' "$DEBUG_QEMU_FILE" || fail gluster +-rm "$DEBUG_QEMU_FILE" +- +-# iSCSI. +- +-$guestfish -d iscsi run ||: +-check_output +-grep -sq -- '-drive file=iscsi://1.2.3.4:1234/iqn.2003-01.org.linux-iscsi.fedora' "$DEBUG_QEMU_FILE" || fail iscsi +-rm "$DEBUG_QEMU_FILE" +- +-# NBD. +- +-$guestfish -d nbd run ||: +-check_output +-grep -sq -- '-drive file=nbd:1.2.3.4:1234,' "$DEBUG_QEMU_FILE" || fail nbd +-rm "$DEBUG_QEMU_FILE" +- +-# Sheepdog. +- +-$guestfish -d sheepdog run ||: +-check_output +-grep -sq -- '-drive file=sheepdog:volume,' "$DEBUG_QEMU_FILE" || fail sheepdog +-rm "$DEBUG_QEMU_FILE" +- + # Local, stored in a pool. + + $guestfish -d pool1 run ||: +diff --git a/tests/disks/test-qemu-drive.sh b/tests/disks/test-qemu-drive.sh +index 12937fb3..b3e4f990 100755 +--- a/tests/disks/test-qemu-drive.sh ++++ b/tests/disks/test-qemu-drive.sh +@@ -62,45 +62,6 @@ check_output + grep -sq -- '-drive file=rbd:abc-def/ghi-jkl:auth_supported=none,' "$DEBUG_QEMU_FILE" || fail + rm "$DEBUG_QEMU_FILE" + +-# HTTP. +- +-guestfish < +Date: Tue, 7 Jul 2015 09:28:03 -0400 +Subject: [PATCH] RHEL: Reject use of libguestfs-winsupport features except for + virt-* tools (RHBZ#1240276). + +Fix the tests: it doesn't let us use guestfish for arbitrary Windows +edits. +--- + generator/c.ml | 16 ++++++++++++++++ + test-data/phony-guests/make-windows-img.sh | 1 + + tests/charsets/test-charset-fidelity.c | 2 ++ + 3 files changed, 19 insertions(+) + +diff --git a/generator/c.ml b/generator/c.ml +index 447059b8..0391dd3d 100644 +--- a/generator/c.ml ++++ b/generator/c.ml +@@ -1846,6 +1846,22 @@ and generate_client_actions actions () = + check_args_validity c_name style; + trace_call name c_name style; + ++ (* RHEL 8 *) ++ if name = "mount" || name = "mount_ro" || name = "mount_options" || ++ name = "mount_vfs" then ( ++ pr " if (g->program && !STRPREFIX (g->program, \"virt-\")) {\n"; ++ pr " CLEANUP_FREE char *vfs_type = guestfs_vfs_type (g, mountable);\n"; ++ pr " if (vfs_type && STREQ (vfs_type, \"ntfs\")) {\n"; ++ pr " error (g, \"mount: unsupported filesystem type\");\n"; ++ pr " if (trace_flag)\n"; ++ pr " guestfs_int_trace (g, \"%%s = %%s (error)\",\n"; ++ pr " \"%s\", \"-1\");\n" name; ++ pr " return %s;\n" (string_of_errcode errcode); ++ pr " }\n"; ++ pr " }\n"; ++ pr "\n"; ++ ); ++ + (* Calculate the total size of all FileIn arguments to pass + * as a progress bar hint. + *) +diff --git a/test-data/phony-guests/make-windows-img.sh b/test-data/phony-guests/make-windows-img.sh +index 16debd12..1c13ddac 100755 +--- a/test-data/phony-guests/make-windows-img.sh ++++ b/test-data/phony-guests/make-windows-img.sh +@@ -37,6 +37,7 @@ fi + + # Create a disk image. + guestfish < +Date: Tue, 7 Feb 2023 13:20:36 +0000 +Subject: [PATCH] Remove virt-dib + +The tool only supports an older version of the diskimage-builder +metadata, and we do not have the time or inclination to update it to a +newer version. + +Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1910039 +(cherry picked from commit 7503eeebede688409b2adf616d71a94e04b7f0d2) +--- + appliance/packagelist.in | 30 ------------------------------ + 1 file changed, 30 deletions(-) + +diff --git a/appliance/packagelist.in b/appliance/packagelist.in +index 585d52ad..20b08c47 100644 +--- a/appliance/packagelist.in ++++ b/appliance/packagelist.in +@@ -110,7 +110,6 @@ ifelse(ARCHLINUX,1, + dnl syslinux has mtools as optional dependency, but in reality it's + dnl a hard one: + mtools +- multipath-tools dnl for kpartx + nilfs-utils + ntfs-3g + ntfs-3g-system-compression +@@ -266,35 +265,6 @@ util-linux-ng + xfsprogs + zerofree + +-dnl tools needed by virt-dib +-ifelse(REDHAT,1, +- qemu-img +- which +-) +-ifelse(DEBIAN,1, +- qemu-utils +-) +-ifelse(ARCHLINUX,1, +- qemu +- which +-) +-ifelse(SUSE,1, +- qemu-tools +- which +-) +-ifelse(FRUGALWARE,1, +- qemu +- which +-) +-ifelse(MAGEIA,1, +- qemu-img +- which +-) +-curl +-kpartx +-dnl (virt-dib) tools optionally used for elements +-debootstrap +- + dnl exFAT is not usually available in free software repos + exfat-fuse + exfat-utils diff --git a/SOURCES/0009-lib-Choose-q35-machine-type-for-x86-64.patch b/SOURCES/0009-lib-Choose-q35-machine-type-for-x86-64.patch new file mode 100644 index 0000000..7c56357 --- /dev/null +++ b/SOURCES/0009-lib-Choose-q35-machine-type-for-x86-64.patch @@ -0,0 +1,32 @@ +From e712c4b81cbd2cf0e990d01cb4d1f54734e62de6 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 9 Feb 2023 13:38:50 +0000 +Subject: [PATCH] lib: Choose q35 machine type for x86-64 + +This machine type is more modern than the older 'pc' type and as most +qemu development is now focused there we expect it will perform and +behave better. In almost all respects this change should make no +difference. + +Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2168578 +Acked-by: Laszlo Ersek +See-also: https://listman.redhat.com/archives/libguestfs/2023-February/030645.html +(cherry picked from commit f0f8e6c5fe0c3f6d5d90534d263bded3a4dc7e8d) +--- + lib/guestfs-internal.h | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h +index 306f2a2e..fb55e026 100644 +--- a/lib/guestfs-internal.h ++++ b/lib/guestfs-internal.h +@@ -113,6 +113,9 @@ cleanup_mutex_unlock (pthread_mutex_t **ptr) + #define MAX_WINDOWS_EXPLORER_SIZE (4 * 1000 * 1000) + + /* Machine types. */ ++#if defined(__x86_64__) ++#define MACHINE_TYPE "q35" ++#endif + #ifdef __arm__ + #define MACHINE_TYPE "virt" + #endif diff --git a/SOURCES/0010-RHEL-Revert-build-Remove-bundled-copy-of-ocaml-augea.patch b/SOURCES/0010-RHEL-Revert-build-Remove-bundled-copy-of-ocaml-augea.patch new file mode 100644 index 0000000..c21130e --- /dev/null +++ b/SOURCES/0010-RHEL-Revert-build-Remove-bundled-copy-of-ocaml-augea.patch @@ -0,0 +1,1686 @@ +From 73061a7feafcc0a527d00f6e1e2dee3dc84bc044 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 2 Mar 2023 10:12:19 +0000 +Subject: [PATCH] RHEL: Revert "build: Remove bundled copy of ocaml-augeas" + +This is temporarily reverted in RHEL 9.3 only until this bug can be +actioned: + + https://bugzilla.redhat.com/show_bug.cgi?id=2168634 + "Request for new RHEL 9.3 package: ocaml-augeas" + +This reverts commit fbf7fe87933ac24dd78362a16117c42e40da4c0f. +--- + .gitignore | 1 + + Makefile.am | 5 +- + bundled/ocaml-augeas/COPYING.LIB | 515 +++++++++++++++++++++++++ + bundled/ocaml-augeas/Makefile.am | 82 ++++ + bundled/ocaml-augeas/augeas-c.c | 579 +++++++++++++++++++++++++++++ + bundled/ocaml-augeas/augeas.README | 8 + + bundled/ocaml-augeas/augeas.ml | 99 +++++ + bundled/ocaml-augeas/augeas.mli | 164 ++++++++ + configure.ac | 1 + + daemon/Makefile.am | 7 +- + docs/guestfs-building.pod | 5 - + docs/guestfs-hacking.pod | 14 + + m4/guestfs-ocaml.m4 | 8 - + ocaml-dep.sh.in | 1 + + 14 files changed, 1472 insertions(+), 17 deletions(-) + create mode 100644 bundled/ocaml-augeas/COPYING.LIB + create mode 100644 bundled/ocaml-augeas/Makefile.am + create mode 100644 bundled/ocaml-augeas/augeas-c.c + create mode 100644 bundled/ocaml-augeas/augeas.README + create mode 100644 bundled/ocaml-augeas/augeas.ml + create mode 100644 bundled/ocaml-augeas/augeas.mli + +diff --git a/.gitignore b/.gitignore +index 00e59fb3..ee5ea74d 100644 +--- a/.gitignore ++++ b/.gitignore +@@ -61,6 +61,7 @@ Makefile.in + /build-aux/snippet/ + /build-aux/test-driver + /build-aux/ylwrap ++/bundled/ocaml-augeas/.depend + /compile + /config.cache + /config.guess +diff --git a/Makefile.am b/Makefile.am +index 59370440..e0a7f084 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -35,6 +35,7 @@ SUBDIRS += include lib docs examples + + # The daemon and the appliance. + SUBDIRS += common/mlutils ++SUBDIRS += bundled/ocaml-augeas + SUBDIRS += common/mlpcre + if ENABLE_DAEMON + SUBDIRS += daemon +@@ -214,7 +215,7 @@ dist-hook: docs/C_SOURCE_FILES po/POTFILES + docs/C_SOURCE_FILES: configure.ac + rm -f $@ $@-t + find $(DIST_SUBDIRS) -name '*.[ch]' | \ +- grep -v -E '^(builder/index-parse\.|builder/index-scan\.|examples/|gobject/|java/com_redhat_et_libguestfs|perl/|php/extension/config\.h|ruby/ext/guestfs/extconf\.h|tests/|test-data/)' | \ ++ grep -v -E '^(builder/index-parse\.|builder/index-scan\.|examples/|gobject/|java/com_redhat_et_libguestfs|perl/|php/extension/config\.h|ruby/ext/guestfs/extconf\.h|tests/|test-data/|bundled/)' | \ + grep -v -E '/(guestfs|rc)_protocol\.' | \ + grep -v -E '.*/errnostring\.' | \ + grep -v -E '.*-gperf\.' | \ +@@ -227,7 +228,7 @@ po/POTFILES: configure.ac + rm -f $@ $@-t + cd $(srcdir); \ + find $(DIST_SUBDIRS) -name '*.c' | \ +- grep -v -E '^(examples|perl/(blib|examples)|po-docs|tests|test-data)/' | \ ++ grep -v -E '^(examples|perl/(blib|examples)|po-docs|tests|test-data|bundled)/' | \ + grep -v -E '/((guestfs|rc)_protocol\.c|dummy\.c)$$' | \ + grep -v -E '^python/utils\.c$$' | \ + grep -v -E '^perl/lib/Sys/Guestfs\.c$$' | \ +diff --git a/bundled/ocaml-augeas/COPYING.LIB b/bundled/ocaml-augeas/COPYING.LIB +new file mode 100644 +index 00000000..ba2be481 +--- /dev/null ++++ b/bundled/ocaml-augeas/COPYING.LIB +@@ -0,0 +1,515 @@ ++ ++ GNU LESSER GENERAL PUBLIC LICENSE ++ Version 2.1, February 1999 ++ ++ Copyright (C) 1991, 1999 Free Software Foundation, Inc. ++ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ++ Everyone is permitted to copy and distribute verbatim copies ++ of this license document, but changing it is not allowed. ++ ++[This is the first released version of the Lesser GPL. It also counts ++ as the successor of the GNU Library Public License, version 2, hence ++ the version number 2.1.] ++ ++ Preamble ++ ++ The licenses for most software are designed to take away your ++freedom to share and change it. By contrast, the GNU General Public ++Licenses are intended to guarantee your freedom to share and change ++free software--to make sure the software is free for all its users. ++ ++ This license, the Lesser General Public License, applies to some ++specially designated software packages--typically libraries--of the ++Free Software Foundation and other authors who decide to use it. You ++can use it too, but we suggest you first think carefully about whether ++this license or the ordinary General Public License is the better ++strategy to use in any particular case, based on the explanations ++below. ++ ++ When we speak of free software, we are referring to freedom of use, ++not price. Our General Public Licenses are designed to make sure that ++you have the freedom to distribute copies of free software (and charge ++for this service if you wish); that you receive source code or can get ++it if you want it; that you can change the software and use pieces of ++it in new free programs; and that you are informed that you can do ++these things. ++ ++ To protect your rights, we need to make restrictions that forbid ++distributors to deny you these rights or to ask you to surrender these ++rights. These restrictions translate to certain responsibilities for ++you if you distribute copies of the library or if you modify it. ++ ++ For example, if you distribute copies of the library, whether gratis ++or for a fee, you must give the recipients all the rights that we gave ++you. You must make sure that they, too, receive or can get the source ++code. If you link other code with the library, you must provide ++complete object files to the recipients, so that they can relink them ++with the library after making changes to the library and recompiling ++it. And you must show them these terms so they know their rights. ++ ++ We protect your rights with a two-step method: (1) we copyright the ++library, and (2) we offer you this license, which gives you legal ++permission to copy, distribute and/or modify the library. ++ ++ To protect each distributor, we want to make it very clear that ++there is no warranty for the free library. Also, if the library is ++modified by someone else and passed on, the recipients should know ++that what they have is not the original version, so that the original ++author's reputation will not be affected by problems that might be ++introduced by others. ++^L ++ Finally, software patents pose a constant threat to the existence of ++any free program. We wish to make sure that a company cannot ++effectively restrict the users of a free program by obtaining a ++restrictive license from a patent holder. Therefore, we insist that ++any patent license obtained for a version of the library must be ++consistent with the full freedom of use specified in this license. ++ ++ Most GNU software, including some libraries, is covered by the ++ordinary GNU General Public License. This license, the GNU Lesser ++General Public License, applies to certain designated libraries, and ++is quite different from the ordinary General Public License. We use ++this license for certain libraries in order to permit linking those ++libraries into non-free programs. ++ ++ When a program is linked with a library, whether statically or using ++a shared library, the combination of the two is legally speaking a ++combined work, a derivative of the original library. The ordinary ++General Public License therefore permits such linking only if the ++entire combination fits its criteria of freedom. The Lesser General ++Public License permits more lax criteria for linking other code with ++the library. ++ ++ We call this license the "Lesser" General Public License because it ++does Less to protect the user's freedom than the ordinary General ++Public License. It also provides other free software developers Less ++of an advantage over competing non-free programs. These disadvantages ++are the reason we use the ordinary General Public License for many ++libraries. However, the Lesser license provides advantages in certain ++special circumstances. ++ ++ For example, on rare occasions, there may be a special need to ++encourage the widest possible use of a certain library, so that it ++becomes ++a de-facto standard. To achieve this, non-free programs must be ++allowed to use the library. A more frequent case is that a free ++library does the same job as widely used non-free libraries. In this ++case, there is little to gain by limiting the free library to free ++software only, so we use the Lesser General Public License. ++ ++ In other cases, permission to use a particular library in non-free ++programs enables a greater number of people to use a large body of ++free software. For example, permission to use the GNU C Library in ++non-free programs enables many more people to use the whole GNU ++operating system, as well as its variant, the GNU/Linux operating ++system. ++ ++ Although the Lesser General Public License is Less protective of the ++users' freedom, it does ensure that the user of a program that is ++linked with the Library has the freedom and the wherewithal to run ++that program using a modified version of the Library. ++ ++ The precise terms and conditions for copying, distribution and ++modification follow. Pay close attention to the difference between a ++"work based on the library" and a "work that uses the library". The ++former contains code derived from the library, whereas the latter must ++be combined with the library in order to run. ++^L ++ GNU LESSER GENERAL PUBLIC LICENSE ++ TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION ++ ++ 0. This License Agreement applies to any software library or other ++program which contains a notice placed by the copyright holder or ++other authorized party saying it may be distributed under the terms of ++this Lesser General Public License (also called "this License"). ++Each licensee is addressed as "you". ++ ++ A "library" means a collection of software functions and/or data ++prepared so as to be conveniently linked with application programs ++(which use some of those functions and data) to form executables. ++ ++ The "Library", below, refers to any such software library or work ++which has been distributed under these terms. A "work based on the ++Library" means either the Library or any derivative work under ++copyright law: that is to say, a work containing the Library or a ++portion of it, either verbatim or with modifications and/or translated ++straightforwardly into another language. (Hereinafter, translation is ++included without limitation in the term "modification".) ++ ++ "Source code" for a work means the preferred form of the work for ++making modifications to it. For a library, complete source code means ++all the source code for all modules it contains, plus any associated ++interface definition files, plus the scripts used to control ++compilation ++and installation of the library. ++ ++ Activities other than copying, distribution and modification are not ++covered by this License; they are outside its scope. The act of ++running a program using the Library is not restricted, and output from ++such a program is covered only if its contents constitute a work based ++on the Library (independent of the use of the Library in a tool for ++writing it). Whether that is true depends on what the Library does ++and what the program that uses the Library does. ++ ++ 1. You may copy and distribute verbatim copies of the Library's ++complete source code as you receive it, in any medium, provided that ++you conspicuously and appropriately publish on each copy an ++appropriate copyright notice and disclaimer of warranty; keep intact ++all the notices that refer to this License and to the absence of any ++warranty; and distribute a copy of this License along with the ++Library. ++ ++ You may charge a fee for the physical act of transferring a copy, ++and you may at your option offer warranty protection in exchange for a ++fee. ++ ++ 2. You may modify your copy or copies of the Library or any portion ++of it, thus forming a work based on the Library, and copy and ++distribute such modifications or work under the terms of Section 1 ++above, provided that you also meet all of these conditions: ++ ++ a) The modified work must itself be a software library. ++ ++ b) You must cause the files modified to carry prominent notices ++ stating that you changed the files and the date of any change. ++ ++ c) You must cause the whole of the work to be licensed at no ++ charge to all third parties under the terms of this License. ++ ++ d) If a facility in the modified Library refers to a function or a ++ table of data to be supplied by an application program that uses ++ the facility, other than as an argument passed when the facility ++ is invoked, then you must make a good faith effort to ensure that, ++ in the event an application does not supply such function or ++ table, the facility still operates, and performs whatever part of ++ its purpose remains meaningful. ++ ++ (For example, a function in a library to compute square roots has ++ a purpose that is entirely well-defined independent of the ++ application. Therefore, Subsection 2d requires that any ++ application-supplied function or table used by this function must ++ be optional: if the application does not supply it, the square ++ root function must still compute square roots.) ++ ++These requirements apply to the modified work as a whole. If ++identifiable sections of that work are not derived from the Library, ++and can be reasonably considered independent and separate works in ++themselves, then this License, and its terms, do not apply to those ++sections when you distribute them as separate works. But when you ++distribute the same sections as part of a whole which is a work based ++on the Library, the distribution of the whole must be on the terms of ++this License, whose permissions for other licensees extend to the ++entire whole, and thus to each and every part regardless of who wrote ++it. ++ ++Thus, it is not the intent of this section to claim rights or contest ++your rights to work written entirely by you; rather, the intent is to ++exercise the right to control the distribution of derivative or ++collective works based on the Library. ++ ++In addition, mere aggregation of another work not based on the Library ++with the Library (or with a work based on the Library) on a volume of ++a storage or distribution medium does not bring the other work under ++the scope of this License. ++ ++ 3. You may opt to apply the terms of the ordinary GNU General Public ++License instead of this License to a given copy of the Library. To do ++this, you must alter all the notices that refer to this License, so ++that they refer to the ordinary GNU General Public License, version 2, ++instead of to this License. (If a newer version than version 2 of the ++ordinary GNU General Public License has appeared, then you can specify ++that version instead if you wish.) Do not make any other change in ++these notices. ++^L ++ Once this change is made in a given copy, it is irreversible for ++that copy, so the ordinary GNU General Public License applies to all ++subsequent copies and derivative works made from that copy. ++ ++ This option is useful when you wish to copy part of the code of ++the Library into a program that is not a library. ++ ++ 4. You may copy and distribute the Library (or a portion or ++derivative of it, under Section 2) in object code or executable form ++under the terms of Sections 1 and 2 above provided that you accompany ++it with the complete corresponding machine-readable source code, which ++must be distributed under the terms of Sections 1 and 2 above on a ++medium customarily used for software interchange. ++ ++ If distribution of object code is made by offering access to copy ++from a designated place, then offering equivalent access to copy the ++source code from the same place satisfies the requirement to ++distribute the source code, even though third parties are not ++compelled to copy the source along with the object code. ++ ++ 5. A program that contains no derivative of any portion of the ++Library, but is designed to work with the Library by being compiled or ++linked with it, is called a "work that uses the Library". Such a ++work, in isolation, is not a derivative work of the Library, and ++therefore falls outside the scope of this License. ++ ++ However, linking a "work that uses the Library" with the Library ++creates an executable that is a derivative of the Library (because it ++contains portions of the Library), rather than a "work that uses the ++library". The executable is therefore covered by this License. ++Section 6 states terms for distribution of such executables. ++ ++ When a "work that uses the Library" uses material from a header file ++that is part of the Library, the object code for the work may be a ++derivative work of the Library even though the source code is not. ++Whether this is true is especially significant if the work can be ++linked without the Library, or if the work is itself a library. The ++threshold for this to be true is not precisely defined by law. ++ ++ If such an object file uses only numerical parameters, data ++structure layouts and accessors, and small macros and small inline ++functions (ten lines or less in length), then the use of the object ++file is unrestricted, regardless of whether it is legally a derivative ++work. (Executables containing this object code plus portions of the ++Library will still fall under Section 6.) ++ ++ Otherwise, if the work is a derivative of the Library, you may ++distribute the object code for the work under the terms of Section 6. ++Any executables containing that work also fall under Section 6, ++whether or not they are linked directly with the Library itself. ++^L ++ 6. As an exception to the Sections above, you may also combine or ++link a "work that uses the Library" with the Library to produce a ++work containing portions of the Library, and distribute that work ++under terms of your choice, provided that the terms permit ++modification of the work for the customer's own use and reverse ++engineering for debugging such modifications. ++ ++ You must give prominent notice with each copy of the work that the ++Library is used in it and that the Library and its use are covered by ++this License. You must supply a copy of this License. If the work ++during execution displays copyright notices, you must include the ++copyright notice for the Library among them, as well as a reference ++directing the user to the copy of this License. Also, you must do one ++of these things: ++ ++ a) Accompany the work with the complete corresponding ++ machine-readable source code for the Library including whatever ++ changes were used in the work (which must be distributed under ++ Sections 1 and 2 above); and, if the work is an executable linked ++ with the Library, with the complete machine-readable "work that ++ uses the Library", as object code and/or source code, so that the ++ user can modify the Library and then relink to produce a modified ++ executable containing the modified Library. (It is understood ++ that the user who changes the contents of definitions files in the ++ Library will not necessarily be able to recompile the application ++ to use the modified definitions.) ++ ++ b) Use a suitable shared library mechanism for linking with the ++ Library. A suitable mechanism is one that (1) uses at run time a ++ copy of the library already present on the user's computer system, ++ rather than copying library functions into the executable, and (2) ++ will operate properly with a modified version of the library, if ++ the user installs one, as long as the modified version is ++ interface-compatible with the version that the work was made with. ++ ++ c) Accompany the work with a written offer, valid for at ++ least three years, to give the same user the materials ++ specified in Subsection 6a, above, for a charge no more ++ than the cost of performing this distribution. ++ ++ d) If distribution of the work is made by offering access to copy ++ from a designated place, offer equivalent access to copy the above ++ specified materials from the same place. ++ ++ e) Verify that the user has already received a copy of these ++ materials or that you have already sent this user a copy. ++ ++ For an executable, the required form of the "work that uses the ++Library" must include any data and utility programs needed for ++reproducing the executable from it. However, as a special exception, ++the materials to be distributed need not include anything that is ++normally distributed (in either source or binary form) with the major ++components (compiler, kernel, and so on) of the operating system on ++which the executable runs, unless that component itself accompanies ++the executable. ++ ++ It may happen that this requirement contradicts the license ++restrictions of other proprietary libraries that do not normally ++accompany the operating system. Such a contradiction means you cannot ++use both them and the Library together in an executable that you ++distribute. ++^L ++ 7. You may place library facilities that are a work based on the ++Library side-by-side in a single library together with other library ++facilities not covered by this License, and distribute such a combined ++library, provided that the separate distribution of the work based on ++the Library and of the other library facilities is otherwise ++permitted, and provided that you do these two things: ++ ++ a) Accompany the combined library with a copy of the same work ++ based on the Library, uncombined with any other library ++ facilities. This must be distributed under the terms of the ++ Sections above. ++ ++ b) Give prominent notice with the combined library of the fact ++ that part of it is a work based on the Library, and explaining ++ where to find the accompanying uncombined form of the same work. ++ ++ 8. You may not copy, modify, sublicense, link with, or distribute ++the Library except as expressly provided under this License. Any ++attempt otherwise to copy, modify, sublicense, link with, or ++distribute the Library is void, and will automatically terminate your ++rights under this License. However, parties who have received copies, ++or rights, from you under this License will not have their licenses ++terminated so long as such parties remain in full compliance. ++ ++ 9. You are not required to accept this License, since you have not ++signed it. However, nothing else grants you permission to modify or ++distribute the Library or its derivative works. These actions are ++prohibited by law if you do not accept this License. Therefore, by ++modifying or distributing the Library (or any work based on the ++Library), you indicate your acceptance of this License to do so, and ++all its terms and conditions for copying, distributing or modifying ++the Library or works based on it. ++ ++ 10. Each time you redistribute the Library (or any work based on the ++Library), the recipient automatically receives a license from the ++original licensor to copy, distribute, link with or modify the Library ++subject to these terms and conditions. You may not impose any further ++restrictions on the recipients' exercise of the rights granted herein. ++You are not responsible for enforcing compliance by third parties with ++this License. ++^L ++ 11. If, as a consequence of a court judgment or allegation of patent ++infringement or for any other reason (not limited to patent issues), ++conditions are imposed on you (whether by court order, agreement or ++otherwise) that contradict the conditions of this License, they do not ++excuse you from the conditions of this License. If you cannot ++distribute so as to satisfy simultaneously your obligations under this ++License and any other pertinent obligations, then as a consequence you ++may not distribute the Library at all. For example, if a patent ++license would not permit royalty-free redistribution of the Library by ++all those who receive copies directly or indirectly through you, then ++the only way you could satisfy both it and this License would be to ++refrain entirely from distribution of the Library. ++ ++If any portion of this section is held invalid or unenforceable under ++any particular circumstance, the balance of the section is intended to ++apply, and the section as a whole is intended to apply in other ++circumstances. ++ ++It is not the purpose of this section to induce you to infringe any ++patents or other property right claims or to contest validity of any ++such claims; this section has the sole purpose of protecting the ++integrity of the free software distribution system which is ++implemented by public license practices. Many people have made ++generous contributions to the wide range of software distributed ++through that system in reliance on consistent application of that ++system; it is up to the author/donor to decide if he or she is willing ++to distribute software through any other system and a licensee cannot ++impose that choice. ++ ++This section is intended to make thoroughly clear what is believed to ++be a consequence of the rest of this License. ++ ++ 12. If the distribution and/or use of the Library is restricted in ++certain countries either by patents or by copyrighted interfaces, the ++original copyright holder who places the Library under this License ++may add an explicit geographical distribution limitation excluding those ++countries, so that distribution is permitted only in or among ++countries not thus excluded. In such case, this License incorporates ++the limitation as if written in the body of this License. ++ ++ 13. The Free Software Foundation may publish revised and/or new ++versions of the Lesser General Public License from time to time. ++Such new versions will be similar in spirit to the present version, ++but may differ in detail to address new problems or concerns. ++ ++Each version is given a distinguishing version number. If the Library ++specifies a version number of this License which applies to it and ++"any later version", you have the option of following the terms and ++conditions either of that version or of any later version published by ++the Free Software Foundation. If the Library does not specify a ++license version number, you may choose any version ever published by ++the Free Software Foundation. ++^L ++ 14. If you wish to incorporate parts of the Library into other free ++programs whose distribution conditions are incompatible with these, ++write to the author to ask for permission. For software which is ++copyrighted by the Free Software Foundation, write to the Free ++Software Foundation; we sometimes make exceptions for this. Our ++decision will be guided by the two goals of preserving the free status ++of all derivatives of our free software and of promoting the sharing ++and reuse of software generally. ++ ++ NO WARRANTY ++ ++ 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO ++WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. ++EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR ++OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY ++KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE ++IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE ++LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME ++THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. ++ ++ 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN ++WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY ++AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU ++FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR ++CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE ++LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING ++RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A ++FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF ++SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH ++DAMAGES. ++ ++ END OF TERMS AND CONDITIONS ++^L ++ How to Apply These Terms to Your New Libraries ++ ++ If you develop a new library, and you want it to be of the greatest ++possible use to the public, we recommend making it free software that ++everyone can redistribute and change. You can do so by permitting ++redistribution under these terms (or, alternatively, under the terms ++of the ordinary General Public License). ++ ++ To apply these terms, attach the following notices to the library. ++It is safest to attach them to the start of each source file to most ++effectively convey the exclusion of warranty; and each file should ++have at least the "copyright" line and a pointer to where the full ++notice is found. ++ ++ ++ ++ Copyright (C) ++ ++ This library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2 of the License, or (at your option) any later version. ++ ++ This library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with this library; if not, write to the Free Software ++ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ++ ++Also add information on how to contact you by electronic and paper ++mail. ++ ++You should also get your employer (if you work as a programmer) or ++your ++school, if any, to sign a "copyright disclaimer" for the library, if ++necessary. Here is a sample; alter the names: ++ ++ Yoyodyne, Inc., hereby disclaims all copyright interest in the ++ library `Frob' (a library for tweaking knobs) written by James ++Random Hacker. ++ ++ , 1 April 1990 ++ Ty Coon, President of Vice ++ ++That's all there is to it! ++ ++ +diff --git a/bundled/ocaml-augeas/Makefile.am b/bundled/ocaml-augeas/Makefile.am +new file mode 100644 +index 00000000..b6122eab +--- /dev/null ++++ b/bundled/ocaml-augeas/Makefile.am +@@ -0,0 +1,82 @@ ++# libguestfs OCaml tools common code ++# Copyright (C) 2011-2020 Red Hat Inc. ++# ++# This program is free software; you can redistribute it and/or modify ++# it under the terms of the GNU General Public License as published by ++# the Free Software Foundation; either version 2 of the License, or ++# (at your option) any later version. ++# ++# This program is distributed in the hope that it will be useful, ++# but WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++# GNU General Public License for more details. ++# ++# You should have received a copy of the GNU General Public License ++# along with this program; if not, write to the Free Software ++# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. ++ ++include $(top_srcdir)/subdir-rules.mk ++ ++EXTRA_DIST = \ ++ $(SOURCES_MLI) \ ++ $(SOURCES_ML) \ ++ $(SOURCES_C) \ ++ augeas.README ++ ++SOURCES_MLI = \ ++ augeas.mli ++ ++SOURCES_ML = \ ++ augeas.ml ++ ++SOURCES_C = \ ++ augeas-c.c ++ ++# We pretend that we're building a C library. automake handles the ++# compilation of the C sources for us. At the end we take the C ++# objects and OCaml objects and link them into the OCaml library. ++# This C library is never used. ++ ++noinst_LIBRARIES = libmlaugeas.a ++ ++if !HAVE_OCAMLOPT ++MLAUGEAS_CMA = mlaugeas.cma ++else ++MLAUGEAS_CMA = mlaugeas.cmxa ++endif ++ ++noinst_DATA = $(MLAUGEAS_CMA) ++ ++libmlaugeas_a_SOURCES = $(SOURCES_C) ++libmlaugeas_a_CPPFLAGS = \ ++ -DCAML_NAME_SPACE \ ++ -I. \ ++ -I$(top_builddir) \ ++ -I$(shell $(OCAMLC) -where) ++libmlaugeas_a_CFLAGS = \ ++ $(WARN_CFLAGS) $(NO_SNV_CFLAGS) $(NO_UM_CFLAGS) $(WERROR_CFLAGS) \ ++ $(AUGEAS_CFLAGS) $(LIBXML2_CFLAGS) \ ++ -fPIC ++ ++BOBJECTS = $(SOURCES_ML:.ml=.cmo) ++XOBJECTS = $(BOBJECTS:.cmo=.cmx) ++ ++OCAMLPACKAGES = ++OCAMLFLAGS = $(OCAML_FLAGS) $(OCAML_WARN_ERROR) -ccopt '$(CFLAGS)' ++ ++if !HAVE_OCAMLOPT ++OBJECTS = $(BOBJECTS) ++else ++OBJECTS = $(XOBJECTS) ++endif ++ ++libmlaugeas_a_DEPENDENCIES = $(OBJECTS) ++ ++$(MLAUGEAS_CMA): $(OBJECTS) libmlaugeas.a ++ $(OCAMLFIND) mklib $(OCAMLPACKAGES) \ ++ $(OBJECTS) $(libmlaugeas_a_OBJECTS) -cclib -laugeas -o mlaugeas ++ ++# Dependencies. ++.depend: $(srcdir)/*.mli $(srcdir)/*.ml ++ $(top_builddir)/ocaml-dep.sh $^ ++-include .depend +diff --git a/bundled/ocaml-augeas/augeas-c.c b/bundled/ocaml-augeas/augeas-c.c +new file mode 100644 +index 00000000..679bcb50 +--- /dev/null ++++ b/bundled/ocaml-augeas/augeas-c.c +@@ -0,0 +1,579 @@ ++/* Augeas OCaml bindings ++ * Copyright (C) 2008-2017 Red Hat Inc., Richard W.M. Jones ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public ++ * License along with this library; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ++ * ++ * $Id: augeas_c.c,v 1.1 2008/05/06 10:48:20 rjones Exp $ ++ */ ++ ++#include "config.h" ++ ++#include ++ ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include ++ ++#ifdef __GNUC__ ++ #define NORETURN __attribute__ ((noreturn)) ++#else ++ #define NORETURN ++#endif ++ ++extern CAMLprim value ocaml_augeas_create (value rootv, value loadpathv, value flagsv); ++extern CAMLprim value ocaml_augeas_close (value tv); ++extern CAMLprim value ocaml_augeas_defnode (value tv, value namev, value exprv, value valv); ++extern CAMLprim value ocaml_augeas_defvar (value tv, value namev, value exprv); ++extern CAMLprim value ocaml_augeas_get (value tv, value pathv); ++extern CAMLprim value ocaml_augeas_exists (value tv, value pathv); ++extern CAMLprim value ocaml_augeas_insert (value tv, value beforev, value pathv, value labelv); ++extern CAMLprim value ocaml_augeas_label (value tv, value pathv); ++extern CAMLprim value ocaml_augeas_mv (value tv, value srcv, value destv); ++extern CAMLprim value ocaml_augeas_rm (value tv, value pathv); ++extern CAMLprim value ocaml_augeas_match (value tv, value pathv); ++extern CAMLprim value ocaml_augeas_count_matches (value tv, value pathv); ++extern CAMLprim value ocaml_augeas_save (value tv); ++extern CAMLprim value ocaml_augeas_load (value tv); ++extern CAMLprim value ocaml_augeas_set (value tv, value pathv, value valuev); ++extern CAMLprim value ocaml_augeas_setm (value tv, value basev, value subv, value valv); ++extern CAMLprim value ocaml_augeas_transform (value tv, value lensv, value filev, value modev); ++extern CAMLprim value ocaml_augeas_source (value tv, value pathv) ++#ifndef HAVE_AUG_SOURCE ++ NORETURN ++#endif ++; ++ ++typedef augeas *augeas_t; ++ ++/* Map C aug_errcode_t to OCaml error_code. */ ++static const int error_map[] = { ++ /* AugErrInternal */ AUG_EINTERNAL, ++ /* AugErrPathX */ AUG_EPATHX, ++ /* AugErrNoMatch */ AUG_ENOMATCH, ++ /* AugErrMMatch */ AUG_EMMATCH, ++ /* AugErrSyntax */ AUG_ESYNTAX, ++ /* AugErrNoLens */ AUG_ENOLENS, ++ /* AugErrMXfm */ AUG_EMXFM, ++ /* AugErrNoSpan */ AUG_ENOSPAN, ++ /* AugErrMvDesc */ AUG_EMVDESC, ++ /* AugErrCmdRun */ AUG_ECMDRUN, ++ /* AugErrBadArg */ AUG_EBADARG, ++ /* AugErrLabel */ AUG_ELABEL, ++ /* AugErrCpDesc */ AUG_ECPDESC, ++}; ++static const int error_map_len = sizeof error_map / sizeof error_map[0]; ++ ++/* Raise an Augeas.Error exception, and optionally close the ++ * specified handle. ++ */ ++static void ++raise_error_and_maybe_close (augeas_t t, const char *msg, bool close_handle) ++{ ++ const value *exn = caml_named_value ("Augeas.Error"); ++ value args[5]; ++ const int code = aug_error (t); ++ const char *aug_err_msg; ++ const char *aug_err_minor; ++ const char *aug_err_details; ++ int ocaml_code = -1; ++ int i; ++ ++ if (code == AUG_ENOMEM) { ++ if (close_handle) ++ aug_close (t); ++ caml_raise_out_of_memory (); ++ } ++ ++ aug_err_msg = aug_error_message (t); ++ aug_err_minor = aug_error_minor_message (t); ++ aug_err_details = aug_error_details (t); ++ ++ for (i = 0; i < error_map_len; ++i) ++ if (error_map[i] == code) { ++ ocaml_code = i; ++ break; ++ } ++ ++ if (ocaml_code != -1) ++ args[0] = Val_int (ocaml_code); ++ else { ++ args[0] = caml_alloc (1, 0); ++ Store_field (args[0], 0, Val_int (code)); ++ } ++ args[1] = caml_copy_string (msg); ++ args[2] = caml_copy_string (aug_err_msg); ++ args[3] = caml_copy_string (aug_err_minor ? : ""); ++ args[4] = caml_copy_string (aug_err_details ? : ""); ++ ++ if (close_handle) ++ aug_close (t); ++ ++ caml_raise_with_args (*exn, 5, args); ++} ++#define raise_error(t, msg) raise_error_and_maybe_close(t, msg, false) ++ ++static void ++raise_init_error (const char *msg) ++{ ++ const value *exn = caml_named_value ("Augeas.Error"); ++ value args[5]; ++ ++ args[0] = caml_alloc (1, 0); ++ Store_field (args[0], 0, Val_int (-1)); ++ args[1] = caml_copy_string (msg); ++ args[2] = caml_copy_string ("aug_init failed"); ++ args[3] = caml_copy_string ("augeas initialization failed"); ++ args[4] = caml_copy_string (""); ++ ++ caml_raise_with_args (*exn, 5, args); ++} ++ ++static const char * ++Optstring_val (value strv) ++{ ++ if (strv == Val_int (0)) /* None */ ++ return NULL; ++ else /* Some string */ ++ return String_val (Field (strv, 0)); ++} ++ ++/* Map OCaml flags to C flags. */ ++static const int flag_map[] = { ++ /* AugSaveBackup */ AUG_SAVE_BACKUP, ++ /* AugSaveNewFile */ AUG_SAVE_NEWFILE, ++ /* AugTypeCheck */ AUG_TYPE_CHECK, ++ /* AugNoStdinc */ AUG_NO_STDINC, ++ /* AugSaveNoop */ AUG_SAVE_NOOP, ++ /* AugNoLoad */ AUG_NO_LOAD, ++ /* AugNoModlAutoload */ AUG_NO_MODL_AUTOLOAD, ++ /* AugEnableSpan */ AUG_ENABLE_SPAN, ++ /* AugNoErrClose */ AUG_NO_ERR_CLOSE, ++ /* AugTraceModuleLoading */ AUG_TRACE_MODULE_LOADING, ++}; ++ ++/* Wrap and unwrap augeas_t handles, with a finalizer. */ ++#define Augeas_t_val(rv) (*(augeas_t *)Data_custom_val(rv)) ++ ++static void ++augeas_t_finalize (value tv) ++{ ++ augeas_t t = Augeas_t_val (tv); ++ if (t) aug_close (t); ++} ++ ++static struct custom_operations custom_operations = { ++ (char *) "augeas_t_custom_operations", ++ augeas_t_finalize, ++ custom_compare_default, ++ custom_hash_default, ++ custom_serialize_default, ++ custom_deserialize_default, ++ custom_compare_ext_default, ++}; ++ ++static value Val_augeas_t (augeas_t t) ++{ ++ CAMLparam0 (); ++ CAMLlocal1 (rv); ++ /* We could choose these so that the GC can make better decisions. ++ * See 18.9.2 of the OCaml manual. ++ */ ++ const int used = 0; ++ const int max = 1; ++ ++ rv = caml_alloc_custom (&custom_operations, ++ sizeof (augeas_t), used, max); ++ Augeas_t_val(rv) = t; ++ ++ CAMLreturn (rv); ++} ++ ++#pragma GCC diagnostic ignored "-Wmissing-prototypes" ++ ++/* val create : string -> string option -> flag list -> t */ ++CAMLprim value ++ocaml_augeas_create (value rootv, value loadpathv, value flagsv) ++{ ++ CAMLparam1 (rootv); ++ const char *root = String_val (rootv); ++ const char *loadpath = Optstring_val (loadpathv); ++ int flags = 0, i; ++ augeas_t t; ++ ++ /* Convert list of flags to C. */ ++ for (; flagsv != Val_int (0); flagsv = Field (flagsv, 1)) { ++ i = Int_val (Field (flagsv, 0)); ++ flags |= flag_map[i]; ++ } ++ ++ /* Pass AUG_NO_ERR_CLOSE so we raise a detailed Augeas.Error. */ ++ t = aug_init (root, loadpath, flags | AUG_NO_ERR_CLOSE); ++ ++ if (t == NULL) ++ raise_init_error ("Augeas.create"); ++ ++ if (aug_error (t) != AUG_NOERROR) { ++ raise_error_and_maybe_close (t, "Augeas.init", true); ++ } ++ ++ CAMLreturn (Val_augeas_t (t)); ++} ++ ++/* val close : t -> unit */ ++CAMLprim value ++ocaml_augeas_close (value tv) ++{ ++ CAMLparam1 (tv); ++ augeas_t t = Augeas_t_val (tv); ++ ++ if (t) { ++ aug_close (t); ++ Augeas_t_val(tv) = NULL; /* So the finalizer doesn't double-free. */ ++ } ++ ++ CAMLreturn (Val_unit); ++} ++ ++/* val defnode : t -> string -> string -> string option -> int * bool */ ++CAMLprim value ++ocaml_augeas_defnode (value tv, value namev, value exprv, value valv) ++{ ++ CAMLparam4 (tv, namev, exprv, valv); ++ CAMLlocal2 (optv, v); ++ augeas_t t = Augeas_t_val (tv); ++ const char *name = String_val (namev); ++ const char *expr = String_val (exprv); ++ const char *val = Optstring_val (valv); ++ int r, created; ++ ++ r = aug_defnode (t, name, expr, val, &created); ++ if (r == -1) { ++ raise_error (t, "Augeas.defnode"); ++ } ++ ++ v = caml_alloc (2, 0); ++ Store_field (v, 0, Val_int (r)); ++ Store_field (v, 1, Val_bool (created)); ++ ++ CAMLreturn (v); ++} ++ ++/* val defvar : t -> string -> string option -> int option */ ++CAMLprim value ++ocaml_augeas_defvar (value tv, value namev, value exprv) ++{ ++ CAMLparam3 (tv, namev, exprv); ++ CAMLlocal2 (optv, v); ++ augeas_t t = Augeas_t_val (tv); ++ const char *name = String_val (namev); ++ const char *expr = Optstring_val (exprv); ++ int r; ++ ++ r = aug_defvar (t, name, expr); ++ if (r > 0) { /* Return Some val */ ++ v = Val_int (r); ++ optv = caml_alloc (1, 0); ++ Field (optv, 0) = v; ++ } else if (r == 0) /* Return None */ ++ optv = Val_int (0); ++ else if (r == -1) /* Error or multiple matches */ ++ raise_error (t, "Augeas.defvar"); ++ else ++ caml_failwith ("Augeas.defvar: bad return value"); ++ ++ CAMLreturn (optv); ++} ++ ++/* val get : t -> path -> value option */ ++CAMLprim value ++ocaml_augeas_get (value tv, value pathv) ++{ ++ CAMLparam2 (tv, pathv); ++ CAMLlocal2 (optv, v); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ const char *val; ++ int r; ++ ++ r = aug_get (t, path, &val); ++ if (r == 1 && val) { /* Return Some val */ ++ v = caml_copy_string (val); ++ optv = caml_alloc (1, 0); ++ Field (optv, 0) = v; ++ } else if (r == 0 || !val) /* Return None */ ++ optv = Val_int (0); ++ else if (r == -1) /* Error or multiple matches */ ++ raise_error (t, "Augeas.get"); ++ else ++ caml_failwith ("Augeas.get: bad return value"); ++ ++ CAMLreturn (optv); ++} ++ ++/* val exists : t -> path -> bool */ ++CAMLprim value ++ocaml_augeas_exists (value tv, value pathv) ++{ ++ CAMLparam2 (tv, pathv); ++ CAMLlocal1 (v); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ int r; ++ ++ r = aug_get (t, path, NULL); ++ if (r == 1) /* Return true. */ ++ v = Val_int (1); ++ else if (r == 0) /* Return false */ ++ v = Val_int (0); ++ else if (r == -1) /* Error or multiple matches */ ++ raise_error (t, "Augeas.exists"); ++ else ++ caml_failwith ("Augeas.exists: bad return value"); ++ ++ CAMLreturn (v); ++} ++ ++/* val insert : t -> ?before:bool -> path -> string -> unit */ ++CAMLprim value ++ocaml_augeas_insert (value tv, value beforev, value pathv, value labelv) ++{ ++ CAMLparam4 (tv, beforev, pathv, labelv); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ const char *label = String_val (labelv); ++ int before; ++ ++ before = beforev == Val_int (0) ? 0 : Int_val (Field (beforev, 0)); ++ ++ if (aug_insert (t, path, label, before) == -1) ++ raise_error (t, "Augeas.insert"); ++ ++ CAMLreturn (Val_unit); ++} ++ ++/* val label : t -> path -> string option */ ++CAMLprim value ++ocaml_augeas_label (value tv, value pathv) ++{ ++ CAMLparam2 (tv, pathv); ++ CAMLlocal2 (optv, v); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ const char *val; ++ int r; ++ ++ r = aug_label (t, path, &val); ++ if (r == 1 && val) { /* Return Some val */ ++ v = caml_copy_string (val); ++ optv = caml_alloc (1, 0); ++ Field (optv, 0) = v; ++ } else if (r == 0 || !val) /* Return None */ ++ optv = Val_int (0); ++ else if (r == -1) /* Error or multiple matches */ ++ raise_error (t, "Augeas.label"); ++ else ++ caml_failwith ("Augeas.label: bad return value"); ++ ++ CAMLreturn (optv); ++} ++ ++/* val mv : t -> path -> path -> unit */ ++CAMLprim value ++ocaml_augeas_mv (value tv, value srcv, value destv) ++{ ++ CAMLparam3 (tv, srcv, destv); ++ augeas_t t = Augeas_t_val (tv); ++ const char *src = String_val (srcv); ++ const char *dest = String_val (destv); ++ ++ if (aug_mv (t, src, dest) == -1) ++ raise_error (t, "Augeas.mv"); ++ ++ CAMLreturn (Val_unit); ++} ++ ++/* val rm : t -> path -> int */ ++CAMLprim value ++ocaml_augeas_rm (value tv, value pathv) ++{ ++ CAMLparam2 (tv, pathv); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ int r; ++ ++ r = aug_rm (t, path); ++ if (r == -1) ++ raise_error (t, "Augeas.rm"); ++ ++ CAMLreturn (Val_int (r)); ++} ++ ++/* val matches : t -> path -> path list */ ++CAMLprim value ++ocaml_augeas_match (value tv, value pathv) ++{ ++ CAMLparam2 (tv, pathv); ++ CAMLlocal3 (rv, v, cons); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ char **matches; ++ int r, i; ++ ++ r = aug_match (t, path, &matches); ++ if (r == -1) ++ raise_error (t, "Augeas.matches"); ++ ++ /* Copy the paths to a list. */ ++ rv = Val_int (0); ++ for (i = 0; i < r; ++i) { ++ v = caml_copy_string (matches[i]); ++ free (matches[i]); ++ cons = caml_alloc (2, 0); ++ Field (cons, 1) = rv; ++ Field (cons, 0) = v; ++ rv = cons; ++ } ++ ++ free (matches); ++ ++ CAMLreturn (rv); ++} ++ ++/* val count_matches : t -> path -> int */ ++CAMLprim value ++ocaml_augeas_count_matches (value tv, value pathv) ++{ ++ CAMLparam2 (tv, pathv); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ int r; ++ ++ r = aug_match (t, path, NULL); ++ if (r == -1) ++ raise_error (t, "Augeas.count_matches"); ++ ++ CAMLreturn (Val_int (r)); ++} ++ ++/* val save : t -> unit */ ++CAMLprim value ++ocaml_augeas_save (value tv) ++{ ++ CAMLparam1 (tv); ++ augeas_t t = Augeas_t_val (tv); ++ ++ if (aug_save (t) == -1) ++ raise_error (t, "Augeas.save"); ++ ++ CAMLreturn (Val_unit); ++} ++ ++/* val load : t -> unit */ ++CAMLprim value ++ocaml_augeas_load (value tv) ++{ ++ CAMLparam1 (tv); ++ augeas_t t = Augeas_t_val (tv); ++ ++ if (aug_load (t) == -1) ++ raise_error (t, "Augeas.load"); ++ ++ CAMLreturn (Val_unit); ++} ++ ++/* val set : t -> -> path -> value option -> unit */ ++CAMLprim value ++ocaml_augeas_set (value tv, value pathv, value valuev) ++{ ++ CAMLparam3 (tv, pathv, valuev); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ const char *val = Optstring_val (valuev); ++ ++ if (aug_set (t, path, val) == -1) ++ raise_error (t, "Augeas.set"); ++ ++ CAMLreturn (Val_unit); ++} ++ ++/* val setm : t -> path -> string option -> value option -> int */ ++CAMLprim value ++ocaml_augeas_setm (value tv, value basev, value subv, value valv) ++{ ++ CAMLparam4 (tv, basev, subv, valv); ++ augeas_t t = Augeas_t_val (tv); ++ const char *base = String_val (basev); ++ const char *sub = Optstring_val (subv); ++ const char *val = Optstring_val (valv); ++ int r; ++ ++ r = aug_setm (t, base, sub, val); ++ if (r == -1) ++ raise_error (t, "Augeas.setm"); ++ ++ CAMLreturn (Val_int (r)); ++} ++ ++/* val transform : t -> string -> string -> transform_mode -> unit */ ++CAMLprim value ++ocaml_augeas_transform (value tv, value lensv, value filev, value modev) ++{ ++ CAMLparam4 (tv, lensv, filev, modev); ++ augeas_t t = Augeas_t_val (tv); ++ const char *lens = String_val (lensv); ++ const char *file = String_val (filev); ++ const int excl = Int_val (modev) == 1 ? 1 : 0; ++ ++ if (aug_transform (t, lens, file, excl) == -1) ++ raise_error (t, "Augeas.transform"); ++ ++ CAMLreturn (Val_unit); ++} ++ ++/* val source : t -> path -> path option */ ++CAMLprim value ++ocaml_augeas_source (value tv, value pathv) ++{ ++#ifdef HAVE_AUG_SOURCE ++ CAMLparam2 (tv, pathv); ++ CAMLlocal2 (optv, v); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ char *file_path; ++ int r; ++ ++ r = aug_source (t, path, &file_path); ++ if (r == 0) { ++ if (file_path) { /* Return Some file_path */ ++ v = caml_copy_string (file_path); ++ optv = caml_alloc (1, 0); ++ Field (optv, 0) = v; ++ free (file_path); ++ } else /* Return None */ ++ optv = Val_int (0); ++ } ++ else /* Error */ ++ raise_error (t, "Augeas.source"); ++ ++ CAMLreturn (optv); ++#else ++ caml_failwith ("Augeas.source: function not implemented"); ++#endif ++} +diff --git a/bundled/ocaml-augeas/augeas.README b/bundled/ocaml-augeas/augeas.README +new file mode 100644 +index 00000000..938dfd25 +--- /dev/null ++++ b/bundled/ocaml-augeas/augeas.README +@@ -0,0 +1,8 @@ ++The files augeas-c.c, augeas.ml and augeas.mli come from the ++ocaml-augeas library: ++ ++ http://git.annexia.org/?p=ocaml-augeas.git ++ ++which is released under a compatible license. We try to keep them ++identical, so if you make changes to these files then you must also ++submit the changes to ocaml-augeas, and vice versa. +\ No newline at end of file +diff --git a/bundled/ocaml-augeas/augeas.ml b/bundled/ocaml-augeas/augeas.ml +new file mode 100644 +index 00000000..aa5a1822 +--- /dev/null ++++ b/bundled/ocaml-augeas/augeas.ml +@@ -0,0 +1,99 @@ ++(* Augeas OCaml bindings ++ * Copyright (C) 2008 Red Hat Inc., Richard W.M. Jones ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public ++ * License along with this library; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ++ * ++ * $Id: augeas.ml,v 1.2 2008/05/06 10:48:20 rjones Exp $ ++ *) ++ ++type t ++ ++type flag = ++ | AugSaveBackup ++ | AugSaveNewFile ++ | AugTypeCheck ++ | AugNoStdinc ++ | AugSaveNoop ++ | AugNoLoad ++ | AugNoModlAutoload ++ | AugEnableSpan ++ | AugNoErrClose ++ | AugTraceModuleLoading ++ ++type error_code = ++ | AugErrInternal ++ | AugErrPathX ++ | AugErrNoMatch ++ | AugErrMMatch ++ | AugErrSyntax ++ | AugErrNoLens ++ | AugErrMXfm ++ | AugErrNoSpan ++ | AugErrMvDesc ++ | AugErrCmdRun ++ | AugErrBadArg ++ | AugErrLabel ++ | AugErrCpDesc ++ | AugErrUnknown of int ++ ++type transform_mode = ++ | Include ++ | Exclude ++ ++exception Error of error_code * string * string * string * string ++ ++type path = string ++ ++type value = string ++ ++external create : string -> string option -> flag list -> t ++ = "ocaml_augeas_create" ++external close : t -> unit ++ = "ocaml_augeas_close" ++external defnode : t -> string -> string -> string option -> int * bool ++ = "ocaml_augeas_defnode" ++external defvar : t -> string -> string option -> int option ++ = "ocaml_augeas_defvar" ++external get : t -> path -> value option ++ = "ocaml_augeas_get" ++external exists : t -> path -> bool ++ = "ocaml_augeas_exists" ++external insert : t -> ?before:bool -> path -> string -> unit ++ = "ocaml_augeas_insert" ++external label : t -> path -> string option ++ = "ocaml_augeas_label" ++external rm : t -> path -> int ++ = "ocaml_augeas_rm" ++external matches : t -> path -> path list ++ = "ocaml_augeas_match" ++external count_matches : t -> path -> int ++ = "ocaml_augeas_count_matches" ++external save : t -> unit ++ = "ocaml_augeas_save" ++external load : t -> unit ++ = "ocaml_augeas_load" ++external mv : t -> path -> path -> unit ++ = "ocaml_augeas_mv" ++external set : t -> path -> value option -> unit ++ = "ocaml_augeas_set" ++external setm : t -> path -> string option -> value option -> int ++ = "ocaml_augeas_setm" ++external transform : t -> string -> string -> transform_mode -> unit ++ = "ocaml_augeas_transform" ++external source : t -> path -> path option ++ = "ocaml_augeas_source" ++ ++let () = ++ Callback.register_exception "Augeas.Error" (Error (AugErrInternal, "", "", "", "")) +diff --git a/bundled/ocaml-augeas/augeas.mli b/bundled/ocaml-augeas/augeas.mli +new file mode 100644 +index 00000000..8cbeae18 +--- /dev/null ++++ b/bundled/ocaml-augeas/augeas.mli +@@ -0,0 +1,164 @@ ++(** Augeas OCaml bindings *) ++(* Copyright (C) 2008 Red Hat Inc., Richard W.M. Jones ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public ++ * License along with this library; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ++ * ++ * $Id: augeas.mli,v 1.2 2008/05/06 10:48:20 rjones Exp $ ++ *) ++ ++type t ++ (** Augeas library handle. *) ++ ++type flag = ++ | AugSaveBackup (** Rename original with .augsave *) ++ | AugSaveNewFile (** Save changes to .augnew *) ++ | AugTypeCheck (** Type-check lenses *) ++ | AugNoStdinc ++ | AugSaveNoop ++ | AugNoLoad ++ | AugNoModlAutoload ++ | AugEnableSpan ++ | AugNoErrClose ++ | AugTraceModuleLoading ++ (** Flags passed to the {!create} function. *) ++ ++type error_code = ++ | AugErrInternal (** Internal error (bug) *) ++ | AugErrPathX (** Invalid path expression *) ++ | AugErrNoMatch (** No match for path expression *) ++ | AugErrMMatch (** Too many matches for path expression *) ++ | AugErrSyntax (** Syntax error in lens file *) ++ | AugErrNoLens (** Lens lookup failed *) ++ | AugErrMXfm (** Multiple transforms *) ++ | AugErrNoSpan (** No span for this node *) ++ | AugErrMvDesc (** Cannot move node into its descendant *) ++ | AugErrCmdRun (** Failed to execute command *) ++ | AugErrBadArg (** Invalid argument in funcion call *) ++ | AugErrLabel (** Invalid label *) ++ | AugErrCpDesc (** Cannot copy node into its descendant *) ++ | AugErrUnknown of int ++ (** Possible error codes. *) ++ ++type transform_mode = ++ | Include ++ | Exclude ++ (** The operation mode for the {!transform} function. *) ++ ++exception Error of error_code * string * string * string * string ++ (** This exception is thrown when the underlying Augeas library ++ returns an error. The tuple represents: ++ - the Augeas error code ++ - the ocaml-augeas error string ++ - the Augeas error message ++ - the human-readable explanation of the Augeas error, if available ++ - a string with details of the Augeas error ++ *) ++ ++type path = string ++ (** A path expression. ++ ++ Note in future we may replace this with a type-safe path constructor. *) ++ ++type value = string ++ (** A value. *) ++ ++val create : string -> string option -> flag list -> t ++ (** [create root loadpath flags] creates an Augeas handle. ++ ++ [root] is a file system path describing the location ++ of the configuration files. ++ ++ [loadpath] is an optional colon-separated list of directories ++ which are searched for schema definitions. ++ ++ [flags] is a list of flags. *) ++ ++val close : t -> unit ++ (** [close handle] closes the handle. ++ ++ You don't need to close handles explicitly with this function: ++ they will be finalized eventually by the garbage collector. ++ However calling this function frees up any resources used by the ++ underlying Augeas library immediately. ++ ++ Do not use the handle after closing it. *) ++ ++val defnode : t -> string -> string -> string option -> int * bool ++ (** [defnode t name expr value] defines [name] whose value is the ++ result of evaluating [expr], which is a nodeset. *) ++ ++val defvar : t -> string -> string option -> int option ++ (** [defvar t name expr] defines [name] whose value is the result ++ of evaluating [expr], replacing the old value if existing. ++ [None] as [expr] removes the variable [name]. *) ++ ++val get : t -> path -> value option ++ (** [get t path] returns the value at [path], or [None] if there ++ is no value. *) ++ ++val exists : t -> path -> bool ++ (** [exists t path] returns true iff there is a value at [path]. *) ++ ++val insert : t -> ?before:bool -> path -> string -> unit ++ (** [insert t ?before path label] inserts [label] as a sibling ++ of [path]. By default it is inserted after [path], unless ++ [~before:true] is specified. *) ++ ++val label : t -> path -> string option ++ (** [label t path] gets the label of [path]. ++ ++ Returns [Some value] when [path] matches only one node, and ++ that has an associated label. *) ++ ++val rm : t -> path -> int ++ (** [rm t path] removes all nodes matching [path]. ++ ++ Returns the number of nodes removed (which may be 0). *) ++ ++val matches : t -> path -> path list ++ (** [matches t path] returns a list of path expressions ++ of all nodes matching [path]. *) ++ ++val mv : t -> path -> path -> unit ++ (** [mv t src dest] moves a node. *) ++ ++val count_matches : t -> path -> int ++ (** [count_matches t path] counts the number of nodes matching ++ [path] but does not return them (see {!matches}). *) ++ ++val save : t -> unit ++ (** [save t] saves all pending changes to disk. *) ++ ++val load : t -> unit ++ (** [load t] loads files into the tree. *) ++ ++val set : t -> path -> value option -> unit ++ (** [set t path] sets [value] as new value at [path]. *) ++ ++val setm : t -> path -> string option -> value option -> int ++ (** [setm t base sub value] sets [value] as new value for all the ++ nodes under [base] that match [sub] (or all, if [sub] is ++ [None]). ++ ++ Returns the number of nodes modified. *) ++ ++val transform : t -> string -> string -> transform_mode -> unit ++ (** [transform t lens file mode] adds or removes (depending on ++ [mode]) the transformation of the specified [lens] for [file]. *) ++ ++val source : t -> path -> path option ++ (** [source t path] returns the path to the node representing the ++ file to which [path] belongs, or [None] if [path] does not ++ represent any file. *) +diff --git a/configure.ac b/configure.ac +index 0db21297..d1397f63 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -195,6 +195,7 @@ AC_CONFIG_FILES([run], + AC_CONFIG_FILES([Makefile + appliance/Makefile + bash/Makefile ++ bundled/ocaml-augeas/Makefile + common/errnostring/Makefile + common/edit/Makefile + common/mlpcre/Makefile +diff --git a/daemon/Makefile.am b/daemon/Makefile.am +index bb2e58d0..bd1920c6 100644 +--- a/daemon/Makefile.am ++++ b/daemon/Makefile.am +@@ -215,9 +215,9 @@ guestfsd_SOURCES = \ + guestfsd_LDFLAGS = \ + -L$(shell $(OCAMLC) -where) \ + -L$(shell $(OCAMLFIND) query hivex) \ +- -L$(shell $(OCAMLFIND) query augeas) \ + -L../common/mlutils \ + -L../common/mlstdutils \ ++ -L../bundled/ocaml-augeas \ + -L../common/mlpcre + guestfsd_LDADD = \ + camldaemon.o \ +@@ -353,7 +353,8 @@ BOBJECTS = $(SOURCES_ML:.ml=.cmo) + XOBJECTS = $(BOBJECTS:.cmo=.cmx) + + OCAMLPACKAGES = \ +- -package str,unix,augeas,hivex \ ++ -package str,unix,hivex \ ++ -I $(top_builddir)/bundled/ocaml-augeas \ + -I $(top_builddir)/common/mlstdutils \ + -I $(top_builddir)/common/mlutils \ + -I $(top_builddir)/common/utils/.libs \ +@@ -384,6 +385,7 @@ camldaemon.o: $(OBJECTS) + $(OCAMLFIND) $(BEST) -output-obj -o $@ \ + $(OCAMLFLAGS) $(OCAMLPACKAGES) \ + -linkpkg \ ++ mlaugeas.$(MLARCHIVE) \ + mlpcre.$(MLARCHIVE) \ + mlstdutils.$(MLARCHIVE) \ + mlcutils.$(MLARCHIVE) \ +@@ -442,6 +444,7 @@ OCAMLLINKFLAGS = \ + mlpcre.$(MLARCHIVE) \ + mlstdutils.$(MLARCHIVE) \ + mlcutils.$(MLARCHIVE) \ ++ mlaugeas.$(MLARCHIVE) \ + $(LINK_CUSTOM_OCAMLC_ONLY) + + daemon_utils_tests_DEPENDENCIES = \ +diff --git a/docs/guestfs-building.pod b/docs/guestfs-building.pod +index 5a7fa40f..b9bc885a 100644 +--- a/docs/guestfs-building.pod ++++ b/docs/guestfs-building.pod +@@ -172,11 +172,6 @@ I. + + I. + +-=item ocaml-augeas +- +-I. These are the OCaml bindings for Augeas, found at: +-L +- + =item xz + + I. +diff --git a/docs/guestfs-hacking.pod b/docs/guestfs-hacking.pod +index e1b47ec1..68cf8292 100644 +--- a/docs/guestfs-hacking.pod ++++ b/docs/guestfs-hacking.pod +@@ -71,6 +71,20 @@ Various build scripts used by autotools. + + L command and documentation. + ++=item F ++ ++Embedded copies of other libraries, mostly for convenience (and the embedded ++library is not widespread enough). ++ ++=over 4 ++ ++=item F ++ ++Bindings for the Augeas library. These come from the ocaml-augeas ++library L ++ ++=back ++ + =item F + + The L, L, L, +diff --git a/m4/guestfs-ocaml.m4 b/m4/guestfs-ocaml.m4 +index 85020717..51072c1a 100644 +--- a/m4/guestfs-ocaml.m4 ++++ b/m4/guestfs-ocaml.m4 +@@ -132,14 +132,6 @@ AS_IF([test "x$have_Hivex_OPEN_UNSAFE" = "xno"],[ + ]) + AC_SUBST([HIVEX_OPEN_UNSAFE_FLAG]) + +-if test "x$enable_daemon" = "xyes"; then +- OCAML_PKG_augeas=no +- AC_CHECK_OCAML_PKG(augeas) +- if test "x$OCAML_PKG_augeas" = "xno"; then +- AC_MSG_ERROR([the OCaml module 'augeas' is required]) +- fi +-fi +- + # oUnit is optional, used by some tests in common/mlstdutils (that we + # should replace with regular tests one day). If used, oUnit >= 2 is + # required. +diff --git a/ocaml-dep.sh.in b/ocaml-dep.sh.in +index 385a1e6e..c9e9e3e6 100755 +--- a/ocaml-dep.sh.in ++++ b/ocaml-dep.sh.in +@@ -33,6 +33,7 @@ set -e + # directories must have unique names (eg. not ‘Utils’) else + # dependencies don't get built right. + include_dirs=" ++bundled/ocaml-augeas + common/mlgettext + common/mlpcre + common/mlstdutils diff --git a/SOURCES/0011-update-common-submodule.patch b/SOURCES/0011-update-common-submodule.patch new file mode 100644 index 0000000..3822446 --- /dev/null +++ b/SOURCES/0011-update-common-submodule.patch @@ -0,0 +1,160 @@ +From 194a48aef32367c45c555a4d93fb1a3375b0dead Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Fri, 19 May 2023 16:08:47 +0200 +Subject: [PATCH] update common submodule + +Laszlo Ersek (2): + options/keys: key_store_import_key(): un-constify "key" parameter + options/keys: introduce unescape_device_mapper_lvm() + +Richard W.M. Jones (1): + mlcustomize/SELinux_relabel.ml: Use Array.mem + +Roman Kagan (1): + mlcustomize: skip SELinux relabeling if it's disabled + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2168506 +Signed-off-by: Laszlo Ersek +Message-Id: <20230519140849.310774-2-lersek@redhat.com> +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 83afd6d3d2c82ee3a8f22079ba12ef7eac38ac34) +--- + common | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Submodule common 70c10a07..b636c3f2: +diff --git a/common/options/options.h b/common/options/options.h +index 94573ee0..94e8b9ee 100644 +--- a/common/options/options.h ++++ b/common/options/options.h +@@ -169,7 +169,8 @@ extern struct matching_key *get_keys (struct key_store *ks, const char *device, + const char *uuid, size_t *nr_matches); + extern void free_keys (struct matching_key *keys, size_t nr_matches); + extern struct key_store *key_store_add_from_selector (struct key_store *ks, const char *selector); +-extern struct key_store *key_store_import_key (struct key_store *ks, const struct key_store_key *key); ++extern struct key_store *key_store_import_key (struct key_store *ks, ++ struct key_store_key *key); + extern bool key_store_requires_network (const struct key_store *ks); + extern void free_key_store (struct key_store *ks); + +diff --git a/common/options/keys.c b/common/options/keys.c +index 48f1bc7c..52b27369 100644 +--- a/common/options/keys.c ++++ b/common/options/keys.c +@@ -260,8 +260,107 @@ key_store_add_from_selector (struct key_store *ks, const char *selector) + return key_store_import_key (ks, &key); + } + ++/* Turn /dev/mapper/VG-LV into /dev/VG/LV, in-place. */ ++static void ++unescape_device_mapper_lvm (char *id) ++{ ++ static const char dev[] = "/dev/", dev_mapper[] = "/dev/mapper/"; ++ const char *input_start; ++ char *output; ++ enum { M_SCAN, M_FILL, M_DONE } mode; ++ ++ if (!STRPREFIX (id, dev_mapper)) ++ return; ++ ++ /* Start parsing "VG-LV" from "id" after "/dev/mapper/". */ ++ input_start = id + (sizeof dev_mapper - 1); ++ ++ /* Start writing the unescaped "VG/LV" output after "/dev/". */ ++ output = id + (sizeof dev - 1); ++ ++ for (mode = M_SCAN; mode < M_DONE; ++mode) { ++ char c; ++ const char *input = input_start; ++ const char *hyphen_buffered = NULL; ++ bool single_hyphen_seen = false; ++ ++ do { ++ c = *input; ++ ++ switch (c) { ++ case '-': ++ if (hyphen_buffered == NULL) ++ /* This hyphen may start an escaped hyphen, or it could be the ++ * separator in VG-LV. ++ */ ++ hyphen_buffered = input; ++ else { ++ /* This hyphen completes an escaped hyphen; unescape it. */ ++ if (mode == M_FILL) ++ *output++ = '-'; ++ hyphen_buffered = NULL; ++ } ++ break; ++ ++ case '/': ++ /* Slash characters are forbidden in VG-LV anywhere. If there's any, ++ * we'll find it in the first (i.e., scanning) phase, before we output ++ * anything back to "id". ++ */ ++ assert (mode == M_SCAN); ++ return; ++ ++ default: ++ /* Encountered a non-slash, non-hyphen character -- which also may be ++ * the terminating NUL. ++ */ ++ if (hyphen_buffered != NULL) { ++ /* The non-hyphen character comes after a buffered hyphen, so the ++ * buffered hyphen is supposed to be the single hyphen that separates ++ * VG from LV in VG-LV. There are three requirements for this ++ * separator: (a) it must be unique (we must not have seen another ++ * such separator earlier), (b) it must not be at the start of VG-LV ++ * (because VG would be empty that way), (c) it must not be at the end ++ * of VG-LV (because LV would be empty that way). Should any of these ++ * be violated, we'll catch that during the first (i.e., scanning) ++ * phase, before modifying "id". ++ */ ++ if (single_hyphen_seen || hyphen_buffered == input_start || ++ c == '\0') { ++ assert (mode == M_SCAN); ++ return; ++ } ++ ++ /* Translate the separator hyphen to a slash character. */ ++ if (mode == M_FILL) ++ *output++ = '/'; ++ hyphen_buffered = NULL; ++ single_hyphen_seen = true; ++ } ++ ++ /* Output the non-hyphen character (including the terminating NUL) ++ * regardless of whether there was a buffered hyphen separator (which, ++ * by now, we'll have attempted to translate and flush). ++ */ ++ if (mode == M_FILL) ++ *output++ = c; ++ } ++ ++ ++input; ++ } while (c != '\0'); ++ ++ /* We must have seen the VG-LV separator. If that's not the case, we'll ++ * catch it before modifying "id". ++ */ ++ if (!single_hyphen_seen) { ++ assert (mode == M_SCAN); ++ return; ++ } ++ } ++} ++ + struct key_store * +-key_store_import_key (struct key_store *ks, const struct key_store_key *key) ++key_store_import_key (struct key_store *ks, struct key_store_key *key) + { + struct key_store_key *new_keys; + +@@ -278,6 +377,7 @@ key_store_import_key (struct key_store *ks, const struct key_store_key *key) + error (EXIT_FAILURE, errno, "realloc"); + + ks->keys = new_keys; ++ unescape_device_mapper_lvm (key->id); + ks->keys[ks->nr_keys] = *key; + ++ks->nr_keys; + diff --git a/SOURCES/0012-LUKS-on-LVM-inspection-test-rename-VGs-and-LVs.patch b/SOURCES/0012-LUKS-on-LVM-inspection-test-rename-VGs-and-LVs.patch new file mode 100644 index 0000000..b35742b --- /dev/null +++ b/SOURCES/0012-LUKS-on-LVM-inspection-test-rename-VGs-and-LVs.patch @@ -0,0 +1,97 @@ +From c95b3086bdbdf840de8d3b24c3ae5e9b847bf588 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Fri, 19 May 2023 16:08:48 +0200 +Subject: [PATCH] LUKS-on-LVM inspection test: rename VGs and LVs + +In preparation for a subsequent patch, rename "VG" to "Volume-Group", and +"LV" to "Logical-Volume-", in the LUKS-on-LVM inspection test. + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2168506 +Signed-off-by: Laszlo Ersek +Message-Id: <20230519140849.310774-3-lersek@redhat.com> +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 58e26402334a4696fa08730eecc9098fc270ed1c) +--- + test-data/phony-guests/make-fedora-img.pl | 30 +++++++++++-------- + .../test-key-option-inspect-luks-on-lvm.sh | 16 +++++----- + 2 files changed, 25 insertions(+), 21 deletions(-) + +diff --git a/test-data/phony-guests/make-fedora-img.pl b/test-data/phony-guests/make-fedora-img.pl +index c0cb5d0b..6362e225 100755 +--- a/test-data/phony-guests/make-fedora-img.pl ++++ b/test-data/phony-guests/make-fedora-img.pl +@@ -224,23 +224,27 @@ EOF + + # Create the Volume Group on /dev/sda2. + $g->pvcreate ('/dev/sda2'); +- $g->vgcreate ('VG', ['/dev/sda2']); +- $g->lvcreate ('Root', 'VG', 32); +- $g->lvcreate ('LV1', 'VG', 32); +- $g->lvcreate ('LV2', 'VG', 32); +- $g->lvcreate ('LV3', 'VG', 64); ++ $g->vgcreate ('Volume-Group', ['/dev/sda2']); ++ $g->lvcreate ('Root', 'Volume-Group', 32); ++ $g->lvcreate ('Logical-Volume-1', 'Volume-Group', 32); ++ $g->lvcreate ('Logical-Volume-2', 'Volume-Group', 32); ++ $g->lvcreate ('Logical-Volume-3', 'Volume-Group', 64); + + # Format each Logical Group as a LUKS device, with a different password. +- $g->luks_format ('/dev/VG/Root', 'FEDORA-Root', 0); +- $g->luks_format ('/dev/VG/LV1', 'FEDORA-LV1', 0); +- $g->luks_format ('/dev/VG/LV2', 'FEDORA-LV2', 0); +- $g->luks_format ('/dev/VG/LV3', 'FEDORA-LV3', 0); ++ $g->luks_format ('/dev/Volume-Group/Root', 'FEDORA-Root', 0); ++ $g->luks_format ('/dev/Volume-Group/Logical-Volume-1', 'FEDORA-LV1', 0); ++ $g->luks_format ('/dev/Volume-Group/Logical-Volume-2', 'FEDORA-LV2', 0); ++ $g->luks_format ('/dev/Volume-Group/Logical-Volume-3', 'FEDORA-LV3', 0); + + # Open the LUKS devices. This creates nodes like /dev/mapper/*-luks. +- $g->cryptsetup_open ('/dev/VG/Root', 'FEDORA-Root', 'Root-luks'); +- $g->cryptsetup_open ('/dev/VG/LV1', 'FEDORA-LV1', 'LV1-luks'); +- $g->cryptsetup_open ('/dev/VG/LV2', 'FEDORA-LV2', 'LV2-luks'); +- $g->cryptsetup_open ('/dev/VG/LV3', 'FEDORA-LV3', 'LV3-luks'); ++ $g->cryptsetup_open ('/dev/Volume-Group/Root', ++ 'FEDORA-Root', 'Root-luks'); ++ $g->cryptsetup_open ('/dev/Volume-Group/Logical-Volume-1', ++ 'FEDORA-LV1', 'LV1-luks'); ++ $g->cryptsetup_open ('/dev/Volume-Group/Logical-Volume-2', ++ 'FEDORA-LV2', 'LV2-luks'); ++ $g->cryptsetup_open ('/dev/Volume-Group/Logical-Volume-3', ++ 'FEDORA-LV3', 'LV3-luks'); + + # Phony root filesystem. + $g->mkfs ('ext2', '/dev/mapper/Root-luks', blocksize => 4096, label => 'ROOT'); +diff --git a/tests/luks/test-key-option-inspect-luks-on-lvm.sh b/tests/luks/test-key-option-inspect-luks-on-lvm.sh +index 52cd7e98..a8d72b9f 100755 +--- a/tests/luks/test-key-option-inspect-luks-on-lvm.sh ++++ b/tests/luks/test-key-option-inspect-luks-on-lvm.sh +@@ -30,10 +30,10 @@ skip_unless_phony_guest fedora-luks-on-lvm.img + # Volume names. + guestfish=(guestfish --listen --ro --inspector + --add ../test-data/phony-guests/fedora-luks-on-lvm.img) +-keys_by_lvname=(--key /dev/VG/Root:key:FEDORA-Root +- --key /dev/VG/LV1:key:FEDORA-LV1 +- --key /dev/VG/LV2:key:FEDORA-LV2 +- --key /dev/VG/LV3:key:FEDORA-LV3) ++keys_by_lvname=(--key /dev/Volume-Group/Root:key:FEDORA-Root ++ --key /dev/Volume-Group/Logical-Volume-1:key:FEDORA-LV1 ++ --key /dev/Volume-Group/Logical-Volume-2:key:FEDORA-LV2 ++ --key /dev/Volume-Group/Logical-Volume-3:key:FEDORA-LV3) + + # The variable assignment below will fail, and abort the script, if guestfish + # refuses to start up. +@@ -56,10 +56,10 @@ function cleanup_guestfish + trap cleanup_guestfish EXIT + + # Get the UUIDs of the LUKS devices. +-uuid_root=$(guestfish --remote -- luks-uuid /dev/VG/Root) +-uuid_lv1=$( guestfish --remote -- luks-uuid /dev/VG/LV1) +-uuid_lv2=$( guestfish --remote -- luks-uuid /dev/VG/LV2) +-uuid_lv3=$( guestfish --remote -- luks-uuid /dev/VG/LV3) ++uuid_root=$(guestfish --remote -- luks-uuid /dev/Volume-Group/Root) ++uuid_lv1=$( guestfish --remote -- luks-uuid /dev/Volume-Group/Logical-Volume-1) ++uuid_lv2=$( guestfish --remote -- luks-uuid /dev/Volume-Group/Logical-Volume-2) ++uuid_lv3=$( guestfish --remote -- luks-uuid /dev/Volume-Group/Logical-Volume-3) + + # The actual test. + function check_filesystems diff --git a/SOURCES/0013-LUKS-on-LVM-inspection-test-test-dev-mapper-VG-LV-tr.patch b/SOURCES/0013-LUKS-on-LVM-inspection-test-test-dev-mapper-VG-LV-tr.patch new file mode 100644 index 0000000..715e658 --- /dev/null +++ b/SOURCES/0013-LUKS-on-LVM-inspection-test-test-dev-mapper-VG-LV-tr.patch @@ -0,0 +1,46 @@ +From 15cc20d1f5e0413c1af26c683437995886146eb6 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Fri, 19 May 2023 16:08:49 +0200 +Subject: [PATCH] LUKS-on-LVM inspection test: test /dev/mapper/VG-LV + translation + +In the LUKS-on-LVM inspection test, call the "check_filesystems" function +yet another time, now with such "--key" options that exercise the recent +"/dev/mapper/VG-LV" -> "/dev/VG/LV" translation (unescaping) from +libguestfs-common. + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2168506 +Signed-off-by: Laszlo Ersek +Message-Id: <20230519140849.310774-4-lersek@redhat.com> +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 32408a9c36165af376f9f42e7d3e158d3da2c76e) +--- + .../test-key-option-inspect-luks-on-lvm.sh | 18 ++++++++++++++++++ + 1 file changed, 18 insertions(+) + +diff --git a/tests/luks/test-key-option-inspect-luks-on-lvm.sh b/tests/luks/test-key-option-inspect-luks-on-lvm.sh +index a8d72b9f..932862b1 100755 +--- a/tests/luks/test-key-option-inspect-luks-on-lvm.sh ++++ b/tests/luks/test-key-option-inspect-luks-on-lvm.sh +@@ -101,3 +101,21 @@ eval "$fish_ref" + + # Repeat the test. + check_filesystems ++ ++# Exit the current guestfish background process. ++guestfish --remote -- exit ++GUESTFISH_PID= ++ ++# Start up another guestfish background process, and specify the keys in ++# /dev/mapper/VG-LV format this time. ++keys_by_mapper_lvname=( ++ --key /dev/mapper/Volume--Group-Root:key:FEDORA-Root ++ --key /dev/mapper/Volume--Group-Logical--Volume--1:key:FEDORA-LV1 ++ --key /dev/mapper/Volume--Group-Logical--Volume--2:key:FEDORA-LV2 ++ --key /dev/mapper/Volume--Group-Logical--Volume--3:key:FEDORA-LV3 ++) ++fish_ref=$("${guestfish[@]}" "${keys_by_mapper_lvname[@]}") ++eval "$fish_ref" ++ ++# Repeat the test. ++check_filesystems diff --git a/SOURCES/copy-patches.sh b/SOURCES/copy-patches.sh index 34989cc..647eacf 100755 --- a/SOURCES/copy-patches.sh +++ b/SOURCES/copy-patches.sh @@ -3,12 +3,11 @@ set -e # Maintainer script to copy patches from the git repo to the current -# directory. It's normally only used downstream (ie. in RHEL). Use -# it like this: +# directory. Use it like this: # ./copy-patches.sh project=libguestfs -rhel_version=9.2 +rhel_version=9.3 # Check we're in the right directory. if [ ! -f $project.spec ]; then @@ -37,7 +36,12 @@ git rm -f [0-9]*.patch ||: rm -f [0-9]*.patch # Get the patches. -(cd $git_checkout; rm -f [0-9]*.patch; git -c core.abbrev=9 format-patch -O/dev/null -N --submodule=diff $tag) +( + cd $git_checkout + rm -f [0-9]*.patch + git -c core.abbrev=8 format-patch -O/dev/null --subject-prefix=PATCH -N \ + --submodule=diff --no-signature --patience $tag +) mv $git_checkout/[0-9]*.patch . # Remove any not to be applied. diff --git a/SOURCES/libguestfs-1.50.1.tar.gz.sig b/SOURCES/libguestfs-1.50.1.tar.gz.sig new file mode 100644 index 0000000..cec47f6 --- /dev/null +++ b/SOURCES/libguestfs-1.50.1.tar.gz.sig @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- + +iQJFBAABCAAvFiEE93dPsa0HSn6Mh2fqkXOPc+G3aKAFAmP1QzoRHHJpY2hAYW5u +ZXhpYS5vcmcACgkQkXOPc+G3aKCAEBAAimQxT37HMWTHOqvj4s6ipOhDCNPlqo4L +z+syvIkgbp024IOPUbrlmSCtrCFiLXsRmmenynFv66N8GXoWmJruyJMyvBxsupZT +lTo7WdCEix/xPh/LAb8Q9RWA2SQYfkOKHRs/gr4b/LbtXBklMlcOdhegx3Mml4SW +gwK5n799YebUVgzYch5hWjHcRAphPaUdMyaJ6MUnFrfUPyGK2QO1yXdnGxkseAPz +srjlhFqu5kNojWzcaNcdHBdKvJVEZo7L6laADRS31sRH0BGVc6/DFJgOPdxROGJe +oeq3Oo1EF88P15NSTNZSXLa65n9kts2OnqRgX/c3njV9+1/JPHJWVM+VezuCcN8D +hHktHVOBjM209N5RmLtR92eROvo1aTrgjsLqOTvwbKBu7NrPc4ZICnX7dMjD6irj +vQz0P5MUmELMvdEN3FMGf45v77z+249e1z+5EGi2HUPKLfxd+I3+2mxUm2xjWOy/ +zNzkG2rCgYRB8Tioj6Mw80RYKioRyu8p5lUZvvLk85CJbT4BFH8rXgJbrEBOSunE +lWEcv690GzyszAN8zKZaIqhNzIKdlkQZAd1DMXfNBEfAy23YHRApB1O2EFhNAjAf +yEsUjpiYc0pq64QiCPGzUp4iLfMt9hg4ey5Pquud/j6cfvJ3ak5gZECbFnbUjysZ +YYpwSgy/FVI= +=OPC/ +-----END PGP SIGNATURE----- diff --git a/SPECS/libguestfs.spec b/SPECS/libguestfs.spec index 3c46005..730fe7b 100644 --- a/SPECS/libguestfs.spec +++ b/SPECS/libguestfs.spec @@ -4,6 +4,7 @@ # In theory the above, in practice golang is so often broken that # I now disable it: %global golang_arches NONE +%global dist %{?dist}.alma # Architectures that we run the basic sanity-check test. # @@ -14,10 +15,7 @@ %if !0%{?rhel} %global test_arches aarch64 %{power64} s390x x86_64 %else -# RHEL 9 only: -# x86-64: "/lib64/libc.so.6: CPU ISA level is lower than required" -# (RHBZ#1919389) -%global test_arches NONE +%global test_arches x86_64 %endif # Trim older changelog entries. @@ -36,7 +34,7 @@ %endif # The source directory. -%global source_directory 1.48-stable +%global source_directory 1.50-stable # Filter perl provides. %{?perl_default_filter} @@ -47,8 +45,8 @@ Summary: Access and modify virtual machine disk images Name: libguestfs Epoch: 1 -Version: 1.48.4 -Release: 4%{?dist}.alma.1.1 +Version: 1.50.1 +Release: 6%{?dist}.alma.1.1 License: LGPLv2+ # Build only for architectures that have a kernel @@ -79,27 +77,22 @@ Source7: libguestfs.keyring Source8: copy-patches.sh # Patches are maintained in the following repository: -# https://github.com/libguestfs/libguestfs/commits/rhel-9.2 +# https://github.com/libguestfs/libguestfs/commits/rhel-9.3 # Patches. -Patch0001: 0001-New-API-guestfs_device_name-returning-the-drive-name.patch -Patch0002: 0002-guestfs_readdir-rewrite-with-FileOut-transfer-to-lif.patch -Patch0003: 0003-guestfs_readdir-minimize-the-number-of-send_file_wri.patch -Patch0004: 0004-lib-launch-direct-ignore-drive-iface-parameter.patch -Patch0005: 0005-lib-drive_create_data-drive-remove-field-iface.patch -Patch0006: 0006-lib-rename-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch -Patch0007: 0007-tests-regressions-remove-iface-based-restrictions.patch -Patch0008: 0008-generator-customize-invert-SELinux-relabeling-defaul.patch -Patch0009: 0009-generator-customize-reintroduce-selinux-relabel-as-a.patch -Patch0010: 0010-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch -Patch0011: 0011-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch -Patch0012: 0012-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch -Patch0013: 0013-php-add-arginfo-to-php-bindings.patch -Patch0014: 0014-introduce-the-clevis_luks_unlock-API.patch -Patch0015: 0015-guestfish-guestmount-enable-networking-for-key-ID-cl.patch -Patch0016: 0016-daemon-Add-zstd-support-to-guestfs_file_architecture.patch -Patch0017: 0017-New-API-inspect_get_build_id.patch -Patch0018: 0018-lib-Return-correct-osinfo-field-for-Windows-11.patch +#Patch0001: 0001-update-common-submodule.patch +Patch0002: 0002-update-common-submodule.patch +Patch0003: 0003-daemon-selinux-relabel-don-t-exclude-selinux-if-it-s.patch +Patch0004: 0004-daemon-selinux-relabel-search-for-invalid-option-in-.patch +Patch0005: 0005-daemon-selinux-relabel-run-setfiles-with-T-0-if-supp.patch +Patch0006: 0006-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch +Patch0007: 0007-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch +Patch0008: 0008-Remove-virt-dib.patch +Patch0009: 0009-lib-Choose-q35-machine-type-for-x86-64.patch +Patch0010: 0010-RHEL-Revert-build-Remove-bundled-copy-of-ocaml-augea.patch +Patch0011: 0011-update-common-submodule.patch +Patch0012: 0012-LUKS-on-LVM-inspection-test-rename-VGs-and-LVs.patch +Patch0013: 0013-LUKS-on-LVM-inspection-test-test-dev-mapper-VG-LV-tr.patch %if 0%{patches_touch_autotools} BuildRequires: autoconf, automake, libtool, gettext-devel @@ -118,6 +111,8 @@ BuildRequires: perl(Pod::Man) BuildRequires: /usr/bin/pod2text BuildRequires: po4a BuildRequires: augeas-devel >= 1.7.0 +# Waiting for https://bugzilla.redhat.com/show_bug.cgi?id=2168634 +#BuildRequires: ocaml-augeas-devel >= 0.6 BuildRequires: readline-devel BuildRequires: xorriso BuildRequires: libxml2-devel @@ -169,7 +164,6 @@ BuildRequires: gnupg2 BuildRequires: ocaml BuildRequires: ocaml-ocamldoc BuildRequires: ocaml-findlib-devel -BuildRequires: ocaml-gettext-devel %if !0%{?rhel} BuildRequires: ocaml-ounit-devel %endif @@ -223,10 +217,6 @@ BuildRequires: clevis-luks BuildRequires: coreutils BuildRequires: cpio BuildRequires: cryptsetup -%if !0%{?rhel} -BuildRequires: curl -BuildRequires: debootstrap -%endif BuildRequires: dhclient BuildRequires: diffutils BuildRequires: dosfstools @@ -250,9 +240,6 @@ BuildRequires: iproute BuildRequires: iputils BuildRequires: kernel BuildRequires: kmod -%if !0%{?rhel} -BuildRequires: kpartx -%endif BuildRequires: less BuildRequires: libcap %if !0%{?rhel} @@ -275,7 +262,6 @@ BuildRequires: pcre2 BuildRequires: policycoreutils BuildRequires: procps BuildRequires: psmisc -BuildRequires: qemu-img BuildRequires: rpm-libs BuildRequires: rsync BuildRequires: scrub @@ -293,9 +279,6 @@ BuildRequires: tar BuildRequires: udev BuildRequires: util-linux BuildRequires: vim-minimal -%if !0%{?rhel} -BuildRequires: which -%endif BuildRequires: xfsprogs BuildRequires: xz BuildRequires: yajl @@ -447,17 +430,6 @@ Requires: pkgconfig for %{name}. -%if !0%{?rhel} -%package dib -Summary: Additional tools for virt-dib -License: LGPLv2+ - -%description dib -This adds extra packages needed by virt-dib to %{name}. You should -normally install the virt-dib package which depends on this one. -%endif - - %if !0%{?rhel} %package forensics Summary: Filesystem forensics support for %{name} @@ -787,8 +759,14 @@ make V=1 INSTALLDIRS=vendor %{?_smp_mflags} %check - %ifarch %{test_arches} +# Only run the tests with non-debug (ie. non-Rawhide) kernels. +# XXX This tests for any debug kernel installed. +if grep CONFIG_DEBUG_MUTEXES=y /lib/modules/*/config ; then + echo "Skipping tests because debug kernel is installed" + exit 0 +fi + export LIBGUESTFS_DEBUG=1 export LIBGUESTFS_TRACE=1 export LIBVIRT_DEBUG=1 @@ -817,6 +795,13 @@ find $RPM_BUILD_ROOT -name .packlist -delete find $RPM_BUILD_ROOT -name '*.bs' -delete find $RPM_BUILD_ROOT -name 'bindtests.pl' -delete +# Perl's ExtUtils::Install installs "Guestfs.so" read-only; that +# prevents objcopy from adding the ".gdb_index" section for the sake of +# the debuginfo file. See +# . Restore write +# permission for the file owner. +find $RPM_BUILD_ROOT -name Guestfs.so -exec chmod u+w '{}' + + # golang: Ignore what libguestfs upstream installs, and just copy the # source files to %%{_datadir}/gocode/src. %ifarch %{golang_arches} @@ -845,19 +830,6 @@ function move_to echo "$1" >> "$2" } -%if !0%{?rhel} -move_to curl zz-packages-dib -move_to debootstrap zz-packages-dib -move_to kpartx zz-packages-dib -move_to qemu-img zz-packages-dib -move_to which zz-packages-dib -%else -remove curl -remove debootstrap -remove kpartx -remove qemu-img -remove which -%endif %if !0%{?rhel} move_to sleuthkit zz-packages-forensics move_to gfs2-utils zz-packages-gfs2 @@ -966,11 +938,6 @@ rm ocaml/html/.gitignore %{_libdir}/pkgconfig/libguestfs.pc -%if !0%{?rhel} -%files dib -%{_libdir}/guestfs/supermin.d/zz-packages-dib -%endif - %if !0%{?rhel} %files forensics %{_libdir}/guestfs/supermin.d/zz-packages-forensics @@ -1129,13 +1096,29 @@ rm ocaml/html/.gitignore %changelog -* Mon Dec 19 2022 Eduard Abdullin - 1:1.48.4-4.alma.1.1 -- Enable for ppc64le +* Thu Dec 07 2023 Edaurd Abdullin - 1:1.50.1-6.alma.1.1 +- Enable ppc64le build -* Tue May 09 2023 Edaurd Abdullin - 1:1.48.4-4.alma +* Thu Sep 21 2023 Edaurd Abdullin - 1:1.50.1-6.alma - Fix build for AlmaLinux - Avoid permission denied for yum/dnf cache +* Wed Jun 07 2023 Laszlo Ersek - 1:1.50.1-6 +- enable the ".gdb_index" section in the Perl bindings debug info + resolves: rhbz#2209279 +* Tue May 23 2023 Laszlo Ersek - 1:1.50.1-5 +- let "guestfish -i" recognize "--key /dev/mapper/VG-LV:key:password" +- reenable quickcheck; we now use "-cpu max" (upstream 30f74f38bd6e) + resolves: rhbz#2209279 + +* Thu May 04 2023 Richard W.M. Jones - 1:1.50.1-4 +- Rebase libguestfs to 1.50.1 + resolves: rhbz#2168625 +- Use q35 machine type for libguestfs appliance + resolves: rhbz#2168578 +- Run SELinux relabelling in parallel [for virt-v2v] + resolves: rhbz#2190276 + * Fri Dec 02 2022 Richard W.M. Jones - 1:1.48.4-4 - New API: guestfs_inspect_get_build_id - Add support for detecting Windows >= 10, returned through osinfo