rpms/libguestfs
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Synchronize patches with RHEL 9.5

Browse Source 
resolves: RHEL-56325
This commit is contained in:
Richard W.M. Jones 2024-08-28 10:00:03 +01:00
parent ad3e67de10
commit 542623f737
5 changed files with 826 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

611
0003-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch Normal file
View File

@ -0,0 +1,611 @@
From 75cdb13260f79a34a8b65059feb098f32738c8a4 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Mon, 29 Jul 2013 14:47:56 +0100
Subject: [PATCH] RHEL: Disable unsupported remote drive protocols
(RHBZ#962113).
This disables support for unsupported remote drive protocols:
* ftp
* ftps
* http
* https
* tftp
* gluster
* iscsi
* sheepdog
* ssh
Note 'nbd' is not disabled, and of course 'file' works.
We hope to gradually add some of these back over the lifetime of RHEL.
(cherry picked from commit 66b9338e3d786db28fbd853d397741c3ceb19352)
---
docs/guestfs-testing.pod | 20 -----
fish/guestfish.pod | 66 ++--------------
fish/test-add-uri.sh | 32 --------
generator/actions_core.ml | 50 +------------
lib/drives.c | 8 ++
lib/guestfs.pod | 100 -------------------------
tests/disks/test-qemu-drive-libvirt.sh | 28 -------
tests/disks/test-qemu-drive.sh | 60 ---------------
8 files changed, 16 insertions(+), 348 deletions(-)
diff --git a/docs/guestfs-testing.pod b/docs/guestfs-testing.pod
index f5c09df6e..ee4b26d6b 100644
--- a/docs/guestfs-testing.pod
+++ b/docs/guestfs-testing.pod
@@ -109,26 +109,6 @@ image. To exit, type C<exit>.
If you get an error, try enabling debugging (add C<-v> to the command
line). Also make sure that L<libguestfs-test-tool(1)> succeeds.
-=head2 Try to open a remote guest image with guestfish.
-
-You may also have to disable libvirt by setting this:
-
- export LIBGUESTFS_BACKEND=direct
-
-If you have a disk image available over HTTP/FTP, try to open it.
-
- guestfish --ro -i --format=raw -a http://www.example.com/disk.img
-
-For SSH you will need to make sure that ssh-agent is set up so you
-don't need a password to log in to the remote machine. Then a command
-similar to this should work:
-
- guestfish --ro -i --format=raw \
- -a ssh://remote.example.com/path/to/disk.img
-
-If you get an error, try enabling debugging (add C<-v> to the command
-line). Also make sure that L<libguestfs-test-tool(1)> succeeds.
-
=head2 Run virt-alignment-scan on all your guests.
Run L<virt-alignment-scan(1)> on guests or disk images:
diff --git a/fish/guestfish.pod b/fish/guestfish.pod
index 492aa7163..33fc8b2c8 100644
--- a/fish/guestfish.pod
+++ b/fish/guestfish.pod
@@ -131,9 +131,9 @@ To list what is available do:
=head2 Remote drives
-Access a remote disk using ssh:
+Access a remote disk using NBD:
- guestfish -a ssh://example.com/path/to/disk.img
+ guestfish -a nbd://example.com
=head2 Remote control
@@ -1129,12 +1129,12 @@ L<guestfs(3)/REMOTE STORAGE>>.
On the command line, you can use the I<-a> option to add network
block devices using a URI-style format, for example:
- guestfish -a ssh://root@example.com/disk.img
+ guestfish -a nbd://example.com
URIs I<cannot> be used with the L</add> command. The equivalent
command using the API directly is:
- ><fs> add /disk.img protocol:ssh server:tcp:example.com username:root
+ ><fs> add /disk.img protocol:nbd server:tcp:example.com
The possible I<-a URI> formats are described below.
@@ -1144,40 +1144,6 @@ The possible I<-a URI> formats are described below.
Add the local disk image (or device) called F<disk.img>.
-=head2 B<-a ftp://[user@]example.com[:port]/disk.img>
-
-=head2 B<-a ftps://[user@]example.com[:port]/disk.img>
-
-=head2 B<-a http://[user@]example.com[:port]/disk.img>
-
-=head2 B<-a https://[user@]example.com[:port]/disk.img>
-
-=head2 B<-a tftp://[user@]example.com[:port]/disk.img>
-
-Add a disk located on a remote FTP, HTTP or TFTP server.
-
-The equivalent API command would be:
-
- ><fs> add /disk.img protocol:(ftp|...) server:tcp:example.com
-
-=head2 B<-a gluster://example.com[:port]/volname/image>
-
-Add a disk image located on GlusterFS storage.
-
-The server is the one running C<glusterd>, and may be C<localhost>.
-
-The equivalent API command would be:
-
- ><fs> add volname/image protocol:gluster server:tcp:example.com
-
-=head2 B<-a iscsi://example.com[:port]/target-iqn-name[/lun]>
-
-Add a disk located on an iSCSI server.
-
-The equivalent API command would be:
-
- ><fs> add target-iqn-name/lun protocol:iscsi server:tcp:example.com
-
=head2 B<-a nbd://example.com[:port]>
=head2 B<-a nbd://example.com[:port]/exportname>
@@ -1212,35 +1178,13 @@ The equivalent API command would be:
><fs> add pool/disk protocol:rbd server:tcp:example.com:port
-=head2 B<-a sheepdog://[example.com[:port]]/volume/image>
-
-Add a disk image located on a Sheepdog volume.
-
-The server name is optional. Although libguestfs and Sheepdog
-supports multiple servers, only at most one server can be specified
-when using this URI syntax.
-
-The equivalent API command would be:
-
- ><fs> add volume protocol:sheepdog [server:tcp:example.com]
-
-=head2 B<-a ssh://[user@]example.com[:port]/disk.img>
-
-Add a disk image located on a remote server, accessed using the Secure
-Shell (ssh) SFTP protocol. SFTP is supported out of the box by all
-major SSH servers.
-
-The equivalent API command would be:
-
- ><fs> add /disk protocol:ssh server:tcp:example.com [username:user]
-
Note that the URIs follow the syntax of
L<RFC 3986|https://tools.ietf.org/html/rfc3986>: in particular, there
are restrictions on the allowed characters for the various components
of the URI. Characters such as C<:>, C<@>, and C</> B<must> be
percent-encoded:
- $ guestfish -a ssh://user:pass%40word@example.com/disk.img
+ $ guestfish -a rbd://user:pass%40word@example.com[:port]/pool/disk
In this case, the password is C<pass@word>.
diff --git a/fish/test-add-uri.sh b/fish/test-add-uri.sh
index 21d424984..ddabeb639 100755
--- a/fish/test-add-uri.sh
+++ b/fish/test-add-uri.sh
@@ -40,14 +40,6 @@ function fail ()
$VG guestfish -x -a file://$abs_builddir/test-add-uri.img </dev/null >test-add-uri.out 2>&1
grep -sq 'add_drive ".*/test-add-uri.img"' test-add-uri.out || fail
-# curl
-$VG guestfish -x -a ftp://user@example.com/disk.img </dev/null >test-add-uri.out 2>&1
-grep -sq 'add_drive "/disk.img" "protocol:ftp" "server:tcp:example.com" "username:user"' test-add-uri.out || fail
-
-# gluster
-$VG guestfish -x -a gluster://example.com/disk </dev/null >test-add-uri.out 2>&1
-grep -sq 'add_drive "disk" "protocol:gluster" "server:tcp:example.com"' test-add-uri.out || fail
-
# NBD
$VG guestfish -x -a nbd://example.com </dev/null >test-add-uri.out 2>&1
grep -sq 'add_drive "" "protocol:nbd" "server:tcp:example.com"' test-add-uri.out || fail
@@ -67,29 +59,5 @@ grep -sq 'add_drive "pool/disk" "protocol:rbd" "server:tcp:example.com:6789"' te
$VG guestfish -x -a rbd:///pool/disk </dev/null >test-add-uri.out 2>&1
grep -sq 'add_drive "pool/disk" "protocol:rbd"' test-add-uri.out || fail
-# sheepdog
-$VG guestfish -x -a sheepdog:///volume/image </dev/null >test-add-uri.out 2>&1
-grep -sq 'add_drive "volume/image" "protocol:sheepdog"' test-add-uri.out || fail
-
-$VG guestfish -x -a sheepdog://example.com:3000/volume/image </dev/null >test-add-uri.out 2>&1
-grep -sq 'add_drive "volume/image" "protocol:sheepdog" "server:tcp:example.com:3000"' test-add-uri.out || fail
-
-# ssh
-$VG guestfish -x -a ssh://example.com/disk.img </dev/null >test-add-uri.out 2>&1
-grep -sq 'add_drive "/disk.img" "protocol:ssh" "server:tcp:example.com"' test-add-uri.out || fail
-
-$VG guestfish -x -a ssh://user@example.com/disk.img </dev/null >test-add-uri.out 2>&1
-grep -sq 'add_drive "/disk.img" "protocol:ssh" "server:tcp:example.com" "username:user"' test-add-uri.out || fail
-
-$VG guestfish -x -a ssh://user@example.com:2000/disk.img </dev/null >test-add-uri.out 2>&1
-grep -sq 'add_drive "/disk.img" "protocol:ssh" "server:tcp:example.com:2000" "username:user"' test-add-uri.out || fail
-
-# iSCSI
-$VG guestfish -x -a iscsi://example.com/iqn.2015-12.com.libguestfs:test1/0 </dev/null >test-add-uri.out 2>&1
-grep -sq 'add_drive "iqn.2015-12.com.libguestfs:test1/0" "protocol:iscsi" "server:tcp:example.com"' test-add-uri.out || fail
-
-$VG guestfish -x -a iscsi://user:password@example.com/iqn.2015-12.com.libguestfs:test2/0 </dev/null >test-add-uri.out 2>&1
-grep -sq 'add_drive "iqn.2015-12.com.libguestfs:test2/0" "protocol:iscsi" "server:tcp:example.com" "username:user" "secret:password"' test-add-uri.out || fail
-
rm test-add-uri.out
rm test-add-uri.img
diff --git a/generator/actions_core.ml b/generator/actions_core.ml
index ef9096772..4a4a8e4c9 100644
--- a/generator/actions_core.ml
+++ b/generator/actions_core.ml
@@ -350,29 +350,6 @@ F<filename> is interpreted as a local file or device.
This is the default if the optional protocol parameter
is omitted.
-=item C<protocol = \"ftp\"|\"ftps\"|\"http\"|\"https\"|\"tftp\">
-
-Connect to a remote FTP, HTTP or TFTP server.
-The C<server> parameter must also be supplied - see below.
-
-See also: L<guestfs(3)/FTP, HTTP AND TFTP>
-
-=item C<protocol = \"gluster\">
-
-Connect to the GlusterFS server.
-The C<server> parameter must also be supplied - see below.
-
-See also: L<guestfs(3)/GLUSTER>
-
-=item C<protocol = \"iscsi\">
-
-Connect to the iSCSI server.
-The C<server> parameter must also be supplied - see below.
-The C<username> parameter may be supplied. See below.
-The C<secret> parameter may be supplied. See below.
-
-See also: L<guestfs(3)/ISCSI>.
-
=item C<protocol = \"nbd\">
Connect to the Network Block Device server.
@@ -389,22 +366,6 @@ The C<secret> parameter may be supplied. See below.
See also: L<guestfs(3)/CEPH>.
-=item C<protocol = \"sheepdog\">
-
-Connect to the Sheepdog server.
-The C<server> parameter may also be supplied - see below.
-
-See also: L<guestfs(3)/SHEEPDOG>.
-
-=item C<protocol = \"ssh\">
-
-Connect to the Secure Shell (ssh) server.
-
-The C<server> parameter must be supplied.
-The C<username> parameter may be supplied. See below.
-
-See also: L<guestfs(3)/SSH>.
-
=back
=item C<server>
@@ -415,13 +376,8 @@ is a list of server(s).
Protocol Number of servers required
-------- --------------------------
file List must be empty or param not used at all
- ftp|ftps|http|https|tftp Exactly one
- gluster Exactly one
- iscsi Exactly one
nbd Exactly one
rbd Zero or more
- sheepdog Zero or more
- ssh Exactly one
Each list element is a string specifying a server. The string must be
in one of the following formats:
@@ -437,10 +393,10 @@ for the protocol is used (see F</etc/services>).
=item C<username>
-For the C<ftp>, C<ftps>, C<http>, C<https>, C<iscsi>, C<rbd>, C<ssh>
-and C<tftp> protocols, this specifies the remote username.
+For the C<rbd>
+protocol, this specifies the remote username.
-If not given, then the local username is used for C<ssh>, and no authentication
+If not given, then no authentication
is attempted for ceph. But note this sometimes may give unexpected results, for
example if using the libvirt backend and if the libvirt backend is configured to
start the qemu appliance as a special user such as C<qemu.qemu>. If in doubt,
diff --git a/lib/drives.c b/lib/drives.c
index c5a208468..efb289254 100644
--- a/lib/drives.c
+++ b/lib/drives.c
@@ -166,6 +166,7 @@ create_drive_non_file (guestfs_h *g,
return drv;
}
+#if 0 /* DISABLED IN RHEL 8 */
static struct drive *
create_drive_curl (guestfs_h *g,
const struct drive_create_data *data)
@@ -224,6 +225,7 @@ create_drive_gluster (guestfs_h *g,
return create_drive_non_file (g, data);
}
+#endif /* DISABLED IN RHEL 8 */
static int
nbd_port (void)
@@ -292,6 +294,7 @@ create_drive_rbd (guestfs_h *g,
return create_drive_non_file (g, data);
}
+#if 0 /* DISABLED IN RHEL 8 */
static struct drive *
create_drive_sheepdog (guestfs_h *g,
const struct drive_create_data *data)
@@ -392,6 +395,7 @@ create_drive_iscsi (guestfs_h *g,
return create_drive_non_file (g, data);
}
+#endif /* DISABLED IN RHEL 8 */
/**
* Create the special F</dev/null> drive.
@@ -842,6 +846,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
drv = create_drive_file (g, &data);
}
}
+#if 0 /* DISABLED IN RHEL 8 */
else if (STREQ (protocol, "ftp")) {
data.protocol = drive_protocol_ftp;
drv = create_drive_curl (g, &data);
@@ -866,6 +871,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
data.protocol = drive_protocol_iscsi;
drv = create_drive_iscsi (g, &data);
}
+#endif /* DISABLED IN RHEL 8 */
else if (STREQ (protocol, "nbd")) {
data.protocol = drive_protocol_nbd;
drv = create_drive_nbd (g, &data);
@@ -874,6 +880,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
data.protocol = drive_protocol_rbd;
drv = create_drive_rbd (g, &data);
}
+#if 0 /* DISABLED IN RHEL 8 */
else if (STREQ (protocol, "sheepdog")) {
data.protocol = drive_protocol_sheepdog;
drv = create_drive_sheepdog (g, &data);
@@ -886,6 +893,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
data.protocol = drive_protocol_tftp;
drv = create_drive_curl (g, &data);
}
+#endif /* DISABLED IN RHEL 8 */
else {
error (g, _("unknown protocol %s"), protocol);
drv = NULL; /*FALLTHROUGH*/
diff --git a/lib/guestfs.pod b/lib/guestfs.pod
index e46dd81f9..dff32cc9e 100644
--- a/lib/guestfs.pod
+++ b/lib/guestfs.pod
@@ -723,70 +723,6 @@ a qcow2 backing file specification, libvirt does not construct an
ephemeral secret object from those, for Ceph authentication. Refer to
L<https://bugzilla.redhat.com/2033247>.
-=head3 FTP, HTTP AND TFTP
-
-Libguestfs can access remote disks over FTP, FTPS, HTTP, HTTPS
-or TFTP protocols.
-
-To do this, set the optional C<protocol> and C<server> parameters of
-L</guestfs_add_drive_opts> like this:
-
- char **servers = { "www.example.org", NULL };
- guestfs_add_drive_opts (g, "/disk.img",
- GUESTFS_ADD_DRIVE_OPTS_FORMAT, "raw",
- GUESTFS_ADD_DRIVE_OPTS_PROTOCOL, "http",
- GUESTFS_ADD_DRIVE_OPTS_SERVER, servers,
- -1);
-
-The C<protocol> can be one of C<"ftp">, C<"ftps">, C<"http">,
-C<"https"> or C<"tftp">.
-
-C<servers> (the C<server> parameter) is a list which must have a
-single element. The single element is a string defining the web,
-FTP or TFTP server. The format of this string is documented in
-L</guestfs_add_drive_opts>.
-
-=head3 GLUSTER
-
-Libguestfs can access Gluster disks.
-
-To do this, set the optional C<protocol> and C<server> parameters of
-L</guestfs_add_drive_opts> like this:
-
- char **servers = { "gluster.example.org:24007", NULL };
- guestfs_add_drive_opts (g, "volname/image",
- GUESTFS_ADD_DRIVE_OPTS_FORMAT, "raw",
- GUESTFS_ADD_DRIVE_OPTS_PROTOCOL, "gluster",
- GUESTFS_ADD_DRIVE_OPTS_SERVER, servers,
- -1);
-
-C<servers> (the C<server> parameter) is a list which must have a
-single element. The single element is a string defining the Gluster
-server. The format of this string is documented in
-L</guestfs_add_drive_opts>.
-
-Note that gluster usually requires the client process (ie. libguestfs)
-to run as B<root> and will give unfathomable errors if it is not
-(eg. "No data available").
-
-=head3 ISCSI
-
-Libguestfs can access iSCSI disks remotely.
-
-To do this, set the optional C<protocol> and C<server> parameters like
-this:
-
- char **server = { "iscsi.example.org:3000", NULL };
- guestfs_add_drive_opts (g, "target-iqn-name/lun",
- GUESTFS_ADD_DRIVE_OPTS_FORMAT, "raw",
- GUESTFS_ADD_DRIVE_OPTS_PROTOCOL, "iscsi",
- GUESTFS_ADD_DRIVE_OPTS_SERVER, server,
- -1);
-
-The C<server> parameter is a list which must have a single element.
-The single element is a string defining the iSCSI server. The format
-of this string is documented in L</guestfs_add_drive_opts>.
-
=head3 NETWORK BLOCK DEVICE
Libguestfs can access Network Block Device (NBD) disks remotely.
@@ -849,42 +785,6 @@ L<https://bugs.launchpad.net/qemu/+bug/1155677>
=back
-=head3 SHEEPDOG
-
-Libguestfs can access Sheepdog disks.
-
-To do this, set the optional C<protocol> and C<server> parameters of
-L</guestfs_add_drive_opts> like this:
-
- char **servers = { /* optional servers ... */ NULL };
- guestfs_add_drive_opts (g, "volume",
- GUESTFS_ADD_DRIVE_OPTS_FORMAT, "raw",
- GUESTFS_ADD_DRIVE_OPTS_PROTOCOL, "sheepdog",
- GUESTFS_ADD_DRIVE_OPTS_SERVER, servers,
- -1);
-
-The optional list of C<servers> may be zero or more server addresses
-(C<"hostname:port">). The format of the server strings is documented
-in L</guestfs_add_drive_opts>.
-
-=head3 SSH
-
-Libguestfs can access disks over a Secure Shell (SSH) connection.
-
-To do this, set the C<protocol> and C<server> and (optionally)
-C<username> parameters of L</guestfs_add_drive_opts> like this:
-
- char **server = { "remote.example.com", NULL };
- guestfs_add_drive_opts (g, "/path/to/disk.img",
- GUESTFS_ADD_DRIVE_OPTS_FORMAT, "raw",
- GUESTFS_ADD_DRIVE_OPTS_PROTOCOL, "ssh",
- GUESTFS_ADD_DRIVE_OPTS_SERVER, server,
- GUESTFS_ADD_DRIVE_OPTS_USERNAME, "remoteuser",
- -1);
-
-The format of the server string is documented in
-L</guestfs_add_drive_opts>.
-
=head2 INSPECTION
Libguestfs has APIs for inspecting an unknown disk image to find out
diff --git a/tests/disks/test-qemu-drive-libvirt.sh b/tests/disks/test-qemu-drive-libvirt.sh
index d86a1ecd0..cf7d2a0c9 100755
--- a/tests/disks/test-qemu-drive-libvirt.sh
+++ b/tests/disks/test-qemu-drive-libvirt.sh
@@ -65,34 +65,6 @@ check_output
grep -sq -- '-drive file=rbd:abc-def/ghi-jkl:auth_supported=none,' "$DEBUG_QEMU_FILE" || fail ceph2
rm "$DEBUG_QEMU_FILE"
-# Gluster.
-
-$guestfish -d gluster run ||:
-check_output
-grep -sq -- '-drive file=gluster://1.2.3.4:1234/volname/image,' "$DEBUG_QEMU_FILE" || fail gluster
-rm "$DEBUG_QEMU_FILE"
-
-# iSCSI.
-
-$guestfish -d iscsi run ||:
-check_output
-grep -sq -- '-drive file=iscsi://1.2.3.4:1234/iqn.2003-01.org.linux-iscsi.fedora' "$DEBUG_QEMU_FILE" || fail iscsi
-rm "$DEBUG_QEMU_FILE"
-
-# NBD.
-
-$guestfish -d nbd run ||:
-check_output
-grep -sq -- '-drive file=nbd:1.2.3.4:1234,' "$DEBUG_QEMU_FILE" || fail nbd
-rm "$DEBUG_QEMU_FILE"
-
-# Sheepdog.
-
-$guestfish -d sheepdog run ||:
-check_output
-grep -sq -- '-drive file=sheepdog:volume,' "$DEBUG_QEMU_FILE" || fail sheepdog
-rm "$DEBUG_QEMU_FILE"
-
# Local, stored in a pool.
$guestfish -d pool1 run ||:
diff --git a/tests/disks/test-qemu-drive.sh b/tests/disks/test-qemu-drive.sh
index 12937fb30..b3e4f9903 100755
--- a/tests/disks/test-qemu-drive.sh
+++ b/tests/disks/test-qemu-drive.sh
@@ -62,45 +62,6 @@ check_output
grep -sq -- '-drive file=rbd:abc-def/ghi-jkl:auth_supported=none,' "$DEBUG_QEMU_FILE" || fail
rm "$DEBUG_QEMU_FILE"
-# HTTP.
-
-guestfish <<EOF ||:
- add "/disk.img" "format:raw" "protocol:http" "server:www.example.com"
- run
-EOF
-check_output
-grep -sq -- '-drive file=http://www.example.com/disk.img,' "$DEBUG_QEMU_FILE" || fail
-rm "$DEBUG_QEMU_FILE"
-
-# Gluster.
-
-guestfish <<EOF ||:
- add "volname/image" "format:raw" "protocol:gluster" "server:www.example.com:24007"
- run
-EOF
-check_output
-grep -sq -- '-drive file=gluster://www.example.com:24007/volname/image,' "$DEBUG_QEMU_FILE" || fail
-rm "$DEBUG_QEMU_FILE"
-
-# iSCSI.
-
-guestfish <<EOF ||:
- add "target-iqn-name/lun" "format:raw" "protocol:iscsi" "server:www.example.com:3000"
- run
-EOF
-check_output
-grep -sq -- '-drive file=iscsi://www.example.com:3000/target-iqn-name/lun,' "$DEBUG_QEMU_FILE" || fail
-rm "$DEBUG_QEMU_FILE"
-
-guestfish <<EOF ||:
- add "target-iqn-name/lun" "format:raw" "protocol:iscsi" "server:www.example.com:3000" \
- "username:user" "secret:pass"
- run
-EOF
-check_output
-grep -sq -- '-drive file=iscsi://user%pass@www.example.com:3000/target-iqn-name/lun,' "$DEBUG_QEMU_FILE" || fail
-rm "$DEBUG_QEMU_FILE"
-
# NBD.
guestfish <<EOF ||:
@@ -118,24 +79,3 @@ EOF
check_output
grep -sq -- '-drive file=nbd:unix:/socket,' "$DEBUG_QEMU_FILE" || fail
rm "$DEBUG_QEMU_FILE"
-
-# Sheepdog.
-
-guestfish <<EOF ||:
- add "volume" "format:raw" "protocol:sheepdog"
- run
-EOF
-check_output
-grep -sq -- '-drive file=sheepdog:volume,' "$DEBUG_QEMU_FILE" || fail
-rm "$DEBUG_QEMU_FILE"
-
-# SSH.
-
-guestfish <<EOF ||:
- add "/disk.img" "format:raw" "protocol:ssh" "server:example.com" \
- "username:rich"
- run
-EOF
-check_output
-grep -sq -- '-drive file=ssh://rich@example.com/disk.img,' "$DEBUG_QEMU_FILE" || fail
-rm "$DEBUG_QEMU_FILE"
--
2.43.0

71
0004-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch Normal file
View File

@ -0,0 +1,71 @@
From 25ff96e2c465766960cbc5ca3918026442dfcc32 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 7 Jul 2015 09:28:03 -0400
Subject: [PATCH] RHEL: Reject use of libguestfs-winsupport features except for
virt-* tools (RHBZ#1240276).
Fix the tests: it doesn't let us use guestfish for arbitrary Windows
edits.
(cherry picked from commit b875668bfa9f596aba2e84999c7c9921f8dcb55e)
---
generator/c.ml | 16 ++++++++++++++++
test-data/phony-guests/make-windows-img.sh | 1 +
tests/charsets/test-charset-fidelity.c | 2 ++
3 files changed, 19 insertions(+)
diff --git a/generator/c.ml b/generator/c.ml
index 447059b8a..0391dd3dd 100644
--- a/generator/c.ml
+++ b/generator/c.ml
@@ -1846,6 +1846,22 @@ and generate_client_actions actions () =
check_args_validity c_name style;
trace_call name c_name style;
+ (* RHEL 8 *)
+ if name = "mount" || name = "mount_ro" || name = "mount_options" ||
+ name = "mount_vfs" then (
+ pr " if (g->program && !STRPREFIX (g->program, \"virt-\")) {\n";
+ pr " CLEANUP_FREE char *vfs_type = guestfs_vfs_type (g, mountable);\n";
+ pr " if (vfs_type && STREQ (vfs_type, \"ntfs\")) {\n";
+ pr " error (g, \"mount: unsupported filesystem type\");\n";
+ pr " if (trace_flag)\n";
+ pr " guestfs_int_trace (g, \"%%s = %%s (error)\",\n";
+ pr " \"%s\", \"-1\");\n" name;
+ pr " return %s;\n" (string_of_errcode errcode);
+ pr " }\n";
+ pr " }\n";
+ pr "\n";
+ );
+
(* Calculate the total size of all FileIn arguments to pass
* as a progress bar hint.
*)
diff --git a/test-data/phony-guests/make-windows-img.sh b/test-data/phony-guests/make-windows-img.sh
index 16debd129..1c13ddac3 100755
--- a/test-data/phony-guests/make-windows-img.sh
+++ b/test-data/phony-guests/make-windows-img.sh
@@ -37,6 +37,7 @@ fi
# Create a disk image.
guestfish <<EOF
+set-program virt-testing
sparse windows.img-t 512M
run
diff --git a/tests/charsets/test-charset-fidelity.c b/tests/charsets/test-charset-fidelity.c
index 105291dc3..5ca4f3b6d 100644
--- a/tests/charsets/test-charset-fidelity.c
+++ b/tests/charsets/test-charset-fidelity.c
@@ -96,6 +96,8 @@ main (int argc, char *argv[])
if (g == NULL)
error (EXIT_FAILURE, 0, "failed to create handle");
+ guestfs_set_program (g, "virt-testing");
+
if (guestfs_add_drive_scratch (g, 1024*1024*1024, -1) == -1)
exit (EXIT_FAILURE);
--
2.43.0

90
0005-New-APIs-findfs_partuuid-and-findfs_partlabel.patch Normal file
View File

@ -0,0 +1,90 @@
From 8aa0958faabcf6d1755a8dcda3bcbb3bc63f6c1f Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Mon, 8 Jul 2024 14:37:22 +0100
Subject: [PATCH] New APIs: findfs_partuuid and findfs_partlabel
These search for partitions by UUID or label (name). They only work
for GPT.
(cherry picked from commit 1816651f3c138600ad2e5ba0d6437b4753333818)
(cherry picked from commit 04a45af93d21880e54a386386313100a04b91ca7)
---
daemon/findfs.ml | 4 ++++
generator/actions_core.ml | 24 ++++++++++++++++++++++++
generator/proc_nr.ml | 2 ++
lib/MAX_PROC_NR | 2 +-
4 files changed, 31 insertions(+), 1 deletion(-)
diff --git a/daemon/findfs.ml b/daemon/findfs.ml
index cf2ba4a84..a94e0ce7b 100644
--- a/daemon/findfs.ml
+++ b/daemon/findfs.ml
@@ -27,6 +27,10 @@ let rec findfs_uuid uuid =
findfs "UUID" uuid
and findfs_label label =
findfs "LABEL" label
+and findfs_partuuid uuid =
+ findfs "PARTUUID" uuid
+and findfs_partlabel label =
+ findfs "PARTLABEL" label
and findfs tag str =
(* Kill the cache file, forcing blkid to reread values from the
diff --git a/generator/actions_core.ml b/generator/actions_core.ml
index 4a4a8e4c9..15cdd09ff 100644
--- a/generator/actions_core.ml
+++ b/generator/actions_core.ml
@@ -5688,6 +5688,30 @@ filesystem can be found.
To find the label of a filesystem, use C<guestfs_vfs_label>." };
+ { defaults with
+ name = "findfs_partuuid"; added = (1, 5, 3);
+ style = RString (RDevice, "device"), [String (PlainString, "uuid")], [];
+ impl = OCaml "Findfs.findfs_partuuid";
+ shortdesc = "find a partition by UUID";
+ longdesc = "\
+This command searches the partitions and returns the one
+which has the given partition UUID. An error is returned if no such
+partition can be found.
+
+To find the UUID of a partition, use C<guestfs_blkid> (C<PART_ENTRY_UUID>)." };
+
+ { defaults with
+ name = "findfs_partlabel"; added = (1, 5, 3);
+ style = RString (RDevice, "device"), [String (PlainString, "label")], [];
+ impl = OCaml "Findfs.findfs_partlabel";
+ shortdesc = "find a partition by label";
+ longdesc = "\
+This command searches the partitions and returns the one
+which has the given label. An error is returned if no such
+partition can be found.
+
+To find the label of a partition, use C<guestfs_blkid> (C<PART_ENTRY_NAME>)." };
+
{ defaults with
name = "is_chardev"; added = (1, 5, 10);
style = RBool "flag", [String (Pathname, "path")], [OBool "followsymlinks"];
diff --git a/generator/proc_nr.ml b/generator/proc_nr.ml
index f71a849c9..56cd97a9f 100644
--- a/generator/proc_nr.ml
+++ b/generator/proc_nr.ml
@@ -516,6 +516,8 @@ let proc_nr = [
511, "internal_readdir";
512, "clevis_luks_unlock";
513, "inspect_get_build_id";
+514, "findfs_partuuid";
+515, "findfs_partlabel";
]
(* End of list. If adding a new entry, add it at the end of the list
diff --git a/lib/MAX_PROC_NR b/lib/MAX_PROC_NR
index 31cf34b8d..3cda32fc2 100644
--- a/lib/MAX_PROC_NR
+++ b/lib/MAX_PROC_NR
@@ -1 +1 @@
-513
+515
--
2.43.0

45
0006-inspection-Resolve-PARTUUID-and-PARTLABEL-in-etc-fst.patch Normal file
View File

@ -0,0 +1,45 @@
From 5733e5268fe0b7a99f20b23ea30ab13632cc9d95 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Mon, 8 Jul 2024 14:39:16 +0100
Subject: [PATCH] inspection: Resolve PARTUUID= and PARTLABEL= in /etc/fstab
Fixes: https://issues.redhat.com/browse/RHEL-46596
(cherry picked from commit e616c8f286ddacf401d7c356724ae874ed883262)
(cherry picked from commit ebce03824a3ce75823037003ca2311d7b8d61565)
---
daemon/inspect_fs_unix_fstab.ml | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/daemon/inspect_fs_unix_fstab.ml b/daemon/inspect_fs_unix_fstab.ml
index 837c8c620..f5817a318 100644
--- a/daemon/inspect_fs_unix_fstab.ml
+++ b/daemon/inspect_fs_unix_fstab.ml
@@ -131,6 +131,25 @@ and check_fstab_entry md_map root_mountable os_type aug entry =
with
Failure _ -> return None
)
+ (* EFI partition UUIDs and labels. *)
+ else if String.is_prefix spec "PARTUUID=" then (
+ let uuid = String.sub spec 9 (String.length spec - 9) in
+ let uuid = shell_unquote uuid in
+ (* Just ignore the device if the UUID cannot be resolved. *)
+ try
+ Mountable.of_device (Findfs.findfs_partuuid uuid)
+ with
+ Failure _ -> return None
+ )
+ else if String.is_prefix spec "PARTLABEL=" then (
+ let label = String.sub spec 10 (String.length spec - 10) in
+ let label = shell_unquote label in
+ (* Just ignore the device if the label cannot be resolved. *)
+ try
+ Mountable.of_device (Findfs.findfs_partlabel label)
+ with
+ Failure _ -> return None
+ )
(* Resolve /dev/root to the current device.
* Do the same for the / partition of the *BSD
* systems, since the BSD -> Linux device
--
2.43.0

10
libguestfs.spec
View File

@ -42,7 +42,7 @@ Summary: Access and modify virtual machine disk images
Name: libguestfs Name: libguestfs
Epoch: 1 Epoch: 1
Version: 1.52.2 Version: 1.52.2
Release: 2%{?dist} Release: 3%{?dist}
License: LGPL-2.1-or-later License: LGPL-2.1-or-later
# Build only for architectures that have a kernel # Build only for architectures that have a kernel
@ -82,6 +82,10 @@ Source8: copy-patches.sh
# Patches. # Patches.
Patch0001: 0001-daemon-Reimplement-partition-GPT-functions-using-sfd.patch Patch0001: 0001-daemon-Reimplement-partition-GPT-functions-using-sfd.patch
Patch0002: 0002-daemon-Fix-parsing-in-part_get_gpt_attributes.patch Patch0002: 0002-daemon-Fix-parsing-in-part_get_gpt_attributes.patch
Patch0003: 0003-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch
Patch0004: 0004-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch
Patch0005: 0005-New-APIs-findfs_partuuid-and-findfs_partlabel.patch
Patch0006: 0006-inspection-Resolve-PARTUUID-and-PARTLABEL-in-etc-fst.patch
BuildRequires: autoconf, automake, libtool, gettext-devel BuildRequires: autoconf, automake, libtool, gettext-devel
@ -1108,6 +1112,10 @@ rm ocaml/html/.gitignore
%changelog %changelog
* Wed Aug 28 2024 Richard W.M. Jones <rjones@redhat.com> - 1:1.52.2-3
- Synchronize patches with RHEL 9.5
resolves: RHEL-56325
* Thu Aug 08 2024 Troy Dawson <tdawson@redhat.com> - 1:1.52.2-2 * Thu Aug 08 2024 Troy Dawson <tdawson@redhat.com> - 1:1.52.2-2
- Bump release for Aug 2024 java mass rebuild - Bump release for Aug 2024 java mass rebuild