diff --git a/.gitignore b/.gitignore index 6a0624f..d092931 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ -SOURCES/libguestfs-1.48.4.tar.gz +SOURCES/libguestfs-1.50.2.tar.gz SOURCES/libguestfs.keyring +SOURCES/libguestfs-common-1.50.2.tar.gz diff --git a/.libguestfs.metadata b/.libguestfs.metadata index e6fbe70..0c44ab3 100644 --- a/.libguestfs.metadata +++ b/.libguestfs.metadata @@ -1,2 +1,3 @@ -a8754a62256ac488eec3e18bed20f570f785d069 SOURCES/libguestfs-1.48.4.tar.gz +9a4fcb78ca452e1cf04f0b541d938ab1b07019a6 SOURCES/libguestfs-1.50.2.tar.gz 1bbc40f501a7fef9eef2a39b701a71aee2fea7c4 SOURCES/libguestfs.keyring +f801826d11e360a906bae5980495ac5425d709ae SOURCES/libguestfs-common-1.50.2.tar.gz diff --git a/SOURCES/0001-New-API-guestfs_device_name-returning-the-drive-name.patch b/SOURCES/0001-New-API-guestfs_device_name-returning-the-drive-name.patch deleted file mode 100644 index fe4b696..0000000 --- a/SOURCES/0001-New-API-guestfs_device_name-returning-the-drive-name.patch +++ /dev/null @@ -1,96 +0,0 @@ -From e3ebd50abde3b05db86c8965868c866152cd3287 Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Thu, 28 Apr 2022 13:16:54 +0100 -Subject: [PATCH] New API: guestfs_device_name returning the drive name - -For each drive added, return the name. For example calling this with -index 0 will return the string "/dev/sda". I called it -guestfs_device_name (not drive_name) for consistency with the existing -guestfs_device_index function. - -You don't really need to call this function. You can follow the -advice here: -https://libguestfs.org/guestfs.3.html#block-device-naming -and assume that drives are added with predictable names like -"/dev/sda", "/dev/sdb", etc. - -However it's useful to expose the internal guestfs_int_drive_name -function since especially handling names beyond index 26 is tricky -(https://rwmj.wordpress.com/2011/01/09/how-are-linux-drives-named-beyond-drive-26-devsdz/) - -Fixes: https://github.com/libguestfs/libguestfs/issues/80 -Reviewed-by: Laszlo Ersek -(cherry picked from commit ac00e603f83802634f1d53b1629aee4670eaf31c) ---- - generator/actions_core.ml | 24 +++++++++++++++++++++++- - lib/drives.c | 15 +++++++++++++++ - 2 files changed, 38 insertions(+), 1 deletion(-) - -diff --git a/generator/actions_core.ml b/generator/actions_core.ml -index ce9ee39cc..dc12fdc33 100644 ---- a/generator/actions_core.ml -+++ b/generator/actions_core.ml -@@ -737,7 +737,29 @@ returns the index of the device in the list of devices. - Index numbers start from 0. The named device must exist, - for example as a string returned from C. - --See also C, C." }; -+See also C, C, -+C." }; -+ -+ { defaults with -+ name = "device_name"; added = (1, 49, 1); -+ style = RString (RPlainString, "name"), [Int "index"], []; -+ tests = [ -+ InitEmpty, Always, TestResult ( -+ [["device_name"; "0"]], "STREQ (ret, \"/dev/sda\")"), []; -+ InitEmpty, Always, TestResult ( -+ [["device_name"; "1"]], "STREQ (ret, \"/dev/sdb\")"), []; -+ InitEmpty, Always, TestLastFail ( -+ [["device_name"; "99"]]), [] -+ ]; -+ shortdesc = "convert device index to name"; -+ longdesc = "\ -+This function takes a device index and returns the device -+name. For example index C<0> will return the string C. -+ -+The drive index must have been added to the handle. -+ -+See also C, C, -+C." }; - - { defaults with - name = "shutdown"; added = (1, 19, 16); -diff --git a/lib/drives.c b/lib/drives.c -index fd95308d2..a6179fc36 100644 ---- a/lib/drives.c -+++ b/lib/drives.c -@@ -31,6 +31,7 @@ - #include - #include - #include -+#include - #include - - #include "c-ctype.h" -@@ -1084,3 +1085,17 @@ guestfs_impl_device_index (guestfs_h *g, const char *device) - error (g, _("%s: device not found"), device); - return r; - } -+ -+char * -+guestfs_impl_device_name (guestfs_h *g, int index) -+{ -+ char drive_name[64]; -+ -+ if (index < 0 || index >= g->nr_drives) { -+ guestfs_int_error_errno (g, EINVAL, _("drive index out of range")); -+ return NULL; -+ } -+ -+ guestfs_int_drive_name (index, drive_name); -+ return safe_asprintf (g, "/dev/sd%s", drive_name); -+} --- -2.31.1 - diff --git a/SOURCES/0001-daemon-selinux-relabel-don-t-exclude-selinux-if-it-s.patch b/SOURCES/0001-daemon-selinux-relabel-don-t-exclude-selinux-if-it-s.patch new file mode 100644 index 0000000..bfb04bf --- /dev/null +++ b/SOURCES/0001-daemon-selinux-relabel-don-t-exclude-selinux-if-it-s.patch @@ -0,0 +1,63 @@ +From d2e6dce96a9f197b688758f90481407e75ae11d2 Mon Sep 17 00:00:00 2001 +From: Andrey Drobyshev +Date: Wed, 26 Apr 2023 15:59:44 +0300 +Subject: [PATCH] daemon/selinux-relabel: don't exclude "/selinux" if it's + non-existent + +Since RHBZ#726528, filesystem.rpm doesn't include /selinux. setfiles +then gives us the warning: "Can't stat exclude path "/sysroot/selinux", +No such file or directory - ignoring." + +Though the warning is harmless, let's get rid of it by checking the +existence of /selinux directory. + +Signed-off-by: Andrey Drobyshev +Reviewed-by: Laszlo Ersek +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 9ced5fac8c1f0f8ff7ed2b5671c1c7f5f0bfa875) +--- + daemon/selinux-relabel.c | 16 +++++++++++++++- + 1 file changed, 15 insertions(+), 1 deletion(-) + +diff --git a/daemon/selinux-relabel.c b/daemon/selinux-relabel.c +index 976cffe3..454486c1 100644 +--- a/daemon/selinux-relabel.c ++++ b/daemon/selinux-relabel.c +@@ -21,6 +21,7 @@ + #include + #include + #include ++#include + + #include "guestfs_protocol.h" + #include "daemon.h" +@@ -37,6 +38,17 @@ optgroup_selinuxrelabel_available (void) + return prog_exists ("setfiles"); + } + ++static int ++dir_exists (const char *dir) ++{ ++ struct stat statbuf; ++ ++ if (stat (dir, &statbuf) == 0 && S_ISDIR (statbuf.st_mode)) ++ return 1; ++ else ++ return 0; ++} ++ + static int + setfiles_has_option (int *flag, char opt_char) + { +@@ -99,8 +111,10 @@ do_selinux_relabel (const char *specfile, const char *path, + */ + ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_dev); + ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_proc); +- ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_selinux); + ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_sys); ++ if (dir_exists (s_selinux)) { ++ ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_selinux); ++ } + + /* You have to use the -m option (where available) otherwise + * setfiles puts all the mountpoints on the excludes list for no diff --git a/SOURCES/0002-daemon-selinux-relabel-search-for-invalid-option-in-.patch b/SOURCES/0002-daemon-selinux-relabel-search-for-invalid-option-in-.patch new file mode 100644 index 0000000..5cfab2d --- /dev/null +++ b/SOURCES/0002-daemon-selinux-relabel-search-for-invalid-option-in-.patch @@ -0,0 +1,33 @@ +From 917455b15894c6c82bd657e918ceb09cd825c9c4 Mon Sep 17 00:00:00 2001 +From: Andrey Drobyshev +Date: Wed, 26 Apr 2023 15:59:45 +0300 +Subject: [PATCH] daemon/selinux-relabel: search for "invalid option" in + setfiles output + +'X' in the setiles' stderr doesn't necessarily mean that option 'X' +doesn't exist. For instance, when passing '-T' we get: "setfiles: +option requires an argument -- 'T'". + +Signed-off-by: Andrey Drobyshev +Reviewed-by: Laszlo Ersek +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 152d6e4bdf2dac88856a4ff83cf73451f897d4d4) +--- + daemon/selinux-relabel.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/daemon/selinux-relabel.c b/daemon/selinux-relabel.c +index 454486c1..60a6f48a 100644 +--- a/daemon/selinux-relabel.c ++++ b/daemon/selinux-relabel.c +@@ -56,8 +56,9 @@ setfiles_has_option (int *flag, char opt_char) + + if (*flag == -1) { + char option[] = { '-', opt_char, '\0' }; /* "-X" */ +- char err_opt[] = { '\'', opt_char, '\'', '\0'}; /* "'X'" */ ++ char err_opt[32]; /* "invalid option -- 'X'" */ + ++ snprintf(err_opt, sizeof(err_opt), "invalid option -- '%c'", opt_char); + ignore_value (command (NULL, &err, "setfiles", option, NULL)); + *flag = err && strstr (err, /* "invalid option -- " */ err_opt) == NULL; + } diff --git a/SOURCES/0002-guestfs_readdir-rewrite-with-FileOut-transfer-to-lif.patch b/SOURCES/0002-guestfs_readdir-rewrite-with-FileOut-transfer-to-lif.patch deleted file mode 100644 index 1c7e841..0000000 --- a/SOURCES/0002-guestfs_readdir-rewrite-with-FileOut-transfer-to-lif.patch +++ /dev/null @@ -1,565 +0,0 @@ -From b97b90779d5ea261d5e737f073bb4ec5dc546511 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Mon, 2 May 2022 10:56:00 +0200 -Subject: [PATCH] guestfs_readdir(): rewrite with FileOut transfer, to lift - protocol limit - -Currently the guestfs_readdir() API can not list long directories, due to -it sending back the whole directory listing in a single guestfs protocol -response, which is limited to GUESTFS_MESSAGE_MAX (approx. 4MB) in size. - -Introduce the "internal_readdir" action, for transferring the directory -listing from the daemon to the library through a FileOut parameter. -Rewrite guestfs_readdir() on top of this new internal function: - -- The new "internal_readdir" action is a daemon action. Do not repurpose - the "readdir" proc_nr (138) for "internal_readdir", as some distros ship - the binary appliance to their users, and reusing the proc_nr could - create a mismatch between library & appliance with obscure symptoms. - Replace the old proc_nr (138) with a new proc_nr (511) instead; a - mismatch would then produce a clear error message. Assume the new action - will first be released in libguestfs-1.48.2. - -- Turn "readdir" from a daemon action into a non-daemon one. Call the - daemon action guestfs_internal_readdir() manually, receive the FileOut - parameter into a temp file, then deserialize the dirents array from the - temp file. - -This patch sneakily fixes an independent bug, too. In the pre-patch -do_readdir() function [daemon/readdir.c], when readdir() returns NULL, we -don't distinguish "end of directory stream" from "readdir() failed". This -rewrite fixes this problem -- I didn't see much value separating out the -fix for the original do_readdir(). - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1674392 -Signed-off-by: Laszlo Ersek -Message-Id: <20220502085601.15012-2-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit 45b7f1736b64e9f0741e21e5a9d83a837bd863bf) ---- - TODO | 8 --- - daemon/readdir.c | 132 +++++++++++++++++++------------------- - generator/actions_core.ml | 127 +++++++++++++++++++----------------- - generator/proc_nr.ml | 2 +- - lib/MAX_PROC_NR | 2 +- - lib/Makefile.am | 1 + - lib/readdir.c | 131 +++++++++++++++++++++++++++++++++++++ - 7 files changed, 267 insertions(+), 136 deletions(-) - create mode 100644 lib/readdir.c - -diff --git a/TODO b/TODO -index a50f7d73c..513e55f92 100644 ---- a/TODO -+++ b/TODO -@@ -484,14 +484,6 @@ this approach works, it doesn't solve the MBR problem, so likely we'd - have to write a library for that (or perhaps go back to sfdisk but - using a very abstracted interface over sfdisk). - --Reimplement some APIs to avoid protocol limits ------------------------------------------------ -- --Mostly this item was done (eg. commits a69f44f56f and before). The --most notable API with a protocol limit remaining is: -- -- - guestfs_readdir -- - hivex - ----- - -diff --git a/daemon/readdir.c b/daemon/readdir.c -index e488f93e7..9ab0b0aec 100644 ---- a/daemon/readdir.c -+++ b/daemon/readdir.c -@@ -16,77 +16,67 @@ - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ - --#include -+#include /* HAVE_STRUCT_DIRENT_D_TYPE */ - --#include --#include --#include --#include --#include -+#include /* readdir() */ -+#include /* errno */ -+#include /* xdrmem_create() */ -+#include /* perror() */ -+#include /* malloc() */ -+#include /* opendir() */ - --#include "daemon.h" --#include "actions.h" -+#include "daemon.h" /* reply_with_perror() */ - --static void --free_int_dirent_list (guestfs_int_dirent *p, size_t len) -+/* Has one FileOut parameter. */ -+int -+do_internal_readdir (const char *dir) - { -- size_t i; -+ int ret; -+ DIR *dirstream; -+ void *xdr_buf; -+ XDR xdr; - -- for (i = 0; i < len; ++i) { -- free (p[i].name); -- } -- free (p); --} -- --guestfs_int_dirent_list * --do_readdir (const char *path) --{ -- guestfs_int_dirent_list *ret; -- guestfs_int_dirent v; -- DIR *dir; -- struct dirent *d; -- size_t i; -- -- ret = malloc (sizeof *ret); -- if (ret == NULL) { -- reply_with_perror ("malloc"); -- return NULL; -- } -- -- ret->guestfs_int_dirent_list_len = 0; -- ret->guestfs_int_dirent_list_val = NULL; -+ /* Prepare to fail. */ -+ ret = -1; - - CHROOT_IN; -- dir = opendir (path); -+ dirstream = opendir (dir); - CHROOT_OUT; - -- if (dir == NULL) { -- reply_with_perror ("opendir: %s", path); -- free (ret); -- return NULL; -+ if (dirstream == NULL) { -+ reply_with_perror ("opendir: %s", dir); -+ return ret; - } - -- i = 0; -- while ((d = readdir (dir)) != NULL) { -- guestfs_int_dirent *p; -+ xdr_buf = malloc (GUESTFS_MAX_CHUNK_SIZE); -+ if (xdr_buf == NULL) { -+ reply_with_perror ("malloc"); -+ goto close_dir; -+ } -+ xdrmem_create (&xdr, xdr_buf, GUESTFS_MAX_CHUNK_SIZE, XDR_ENCODE); -+ -+ /* Send an "OK" reply, before starting the file transfer. */ -+ reply (NULL, NULL); -+ -+ /* From this point on, we can only report errors by canceling the file -+ * transfer. -+ */ -+ for (;;) { -+ struct dirent *d; -+ guestfs_int_dirent v; -+ -+ errno = 0; -+ d = readdir (dirstream); -+ if (d == NULL) { -+ if (errno == 0) -+ ret = 0; -+ else -+ perror ("readdir"); - -- p = realloc (ret->guestfs_int_dirent_list_val, -- sizeof (guestfs_int_dirent) * (i+1)); -- v.name = strdup (d->d_name); -- if (!p || !v.name) { -- reply_with_perror ("allocate"); -- if (p) { -- free_int_dirent_list (p, i); -- } else { -- free_int_dirent_list (ret->guestfs_int_dirent_list_val, i); -- } -- free (v.name); -- free (ret); -- closedir (dir); -- return NULL; -+ break; - } -- ret->guestfs_int_dirent_list_val = p; - -+ v.name = d->d_name; - v.ino = d->d_ino; - #ifdef HAVE_STRUCT_DIRENT_D_TYPE - switch (d->d_type) { -@@ -104,19 +94,29 @@ do_readdir (const char *path) - v.ftyp = 'u'; - #endif - -- ret->guestfs_int_dirent_list_val[i] = v; -+ if (!xdr_guestfs_int_dirent (&xdr, &v)) { -+ fprintf (stderr, "xdr_guestfs_int_dirent failed\n"); -+ break; -+ } - -- i++; -+ if (send_file_write (xdr_buf, xdr_getpos (&xdr)) != 0) -+ break; -+ -+ xdr_setpos (&xdr, 0); - } - -- ret->guestfs_int_dirent_list_len = i; -+ /* Finish or cancel the transfer. Note that if (ret == -1) because the library -+ * canceled, we still need to cancel back! -+ */ -+ send_file_end (ret == -1); - -- if (closedir (dir) == -1) { -- reply_with_perror ("closedir"); -- free (ret->guestfs_int_dirent_list_val); -- free (ret); -- return NULL; -- } -+ xdr_destroy (&xdr); -+ free (xdr_buf); -+ -+close_dir: -+ if (closedir (dirstream) == -1) -+ /* Best we can do here is log an error. */ -+ perror ("closedir"); - - return ret; - } -diff --git a/generator/actions_core.ml b/generator/actions_core.ml -index dc12fdc33..807150615 100644 ---- a/generator/actions_core.ml -+++ b/generator/actions_core.ml -@@ -141,6 +141,66 @@ only useful for printing debug and internal error messages. - - For more information on states, see L." }; - -+ { defaults with -+ name = "readdir"; added = (1, 0, 55); -+ style = RStructList ("entries", "dirent"), [String (Pathname, "dir")], []; -+ progress = true; cancellable = true; -+ shortdesc = "read directories entries"; -+ longdesc = "\ -+This returns the list of directory entries in directory C. -+ -+All entries in the directory are returned, including C<.> and -+C<..>. The entries are I sorted, but returned in the same -+order as the underlying filesystem. -+ -+Also this call returns basic file type information about each -+file. The C field will contain one of the following characters: -+ -+=over 4 -+ -+=item 'b' -+ -+Block special -+ -+=item 'c' -+ -+Char special -+ -+=item 'd' -+ -+Directory -+ -+=item 'f' -+ -+FIFO (named pipe) -+ -+=item 'l' -+ -+Symbolic link -+ -+=item 'r' -+ -+Regular file -+ -+=item 's' -+ -+Socket -+ -+=item 'u' -+ -+Unknown file type -+ -+=item '?' -+ -+The L call returned a C field with an -+unexpected value -+ -+=back -+ -+This function is primarily intended for use by programs. To -+get a simple list of names, use C. To get a printable -+directory for human consumption, use C." }; -+ - { defaults with - name = "version"; added = (1, 0, 58); - style = RStruct ("version", "version"), [], []; -@@ -3939,66 +3999,6 @@ L, C, C. - - This call returns the previous umask." }; - -- { defaults with -- name = "readdir"; added = (1, 0, 55); -- style = RStructList ("entries", "dirent"), [String (Pathname, "dir")], []; -- protocol_limit_warning = true; -- shortdesc = "read directories entries"; -- longdesc = "\ --This returns the list of directory entries in directory C. -- --All entries in the directory are returned, including C<.> and --C<..>. The entries are I sorted, but returned in the same --order as the underlying filesystem. -- --Also this call returns basic file type information about each --file. The C field will contain one of the following characters: -- --=over 4 -- --=item 'b' -- --Block special -- --=item 'c' -- --Char special -- --=item 'd' -- --Directory -- --=item 'f' -- --FIFO (named pipe) -- --=item 'l' -- --Symbolic link -- --=item 'r' -- --Regular file -- --=item 's' -- --Socket -- --=item 'u' -- --Unknown file type -- --=item '?' -- --The L call returned a C field with an --unexpected value -- --=back -- --This function is primarily intended for use by programs. To --get a simple list of names, use C. To get a printable --directory for human consumption, use C." }; -- - { defaults with - name = "getxattrs"; added = (1, 0, 59); - style = RStructList ("xattrs", "xattr"), [String (Pathname, "path")], []; -@@ -9713,4 +9713,11 @@ C. The C parameter must be - the name of the mapping device (ie. F) - and I the name of the underlying block device." }; - -+ { defaults with -+ name = "internal_readdir"; added = (1, 48, 2); -+ style = RErr, [String (Pathname, "dir"); String (FileOut, "filename")], []; -+ visibility = VInternal; -+ shortdesc = "read directories entries"; -+ longdesc = "Internal function for readdir." }; -+ - ] -diff --git a/generator/proc_nr.ml b/generator/proc_nr.ml -index b20672ff0..bdced51c9 100644 ---- a/generator/proc_nr.ml -+++ b/generator/proc_nr.ml -@@ -152,7 +152,6 @@ let proc_nr = [ - 135, "mknod_b"; - 136, "mknod_c"; - 137, "umask"; --138, "readdir"; - 139, "sfdiskM"; - 140, "zfile"; - 141, "getxattrs"; -@@ -514,6 +513,7 @@ let proc_nr = [ - 508, "cryptsetup_open"; - 509, "cryptsetup_close"; - 510, "internal_list_rpm_applications"; -+511, "internal_readdir"; - ] - - (* End of list. If adding a new entry, add it at the end of the list -diff --git a/lib/MAX_PROC_NR b/lib/MAX_PROC_NR -index 2bc4cd64b..c0556fb20 100644 ---- a/lib/MAX_PROC_NR -+++ b/lib/MAX_PROC_NR -@@ -1 +1 @@ --510 -+511 -diff --git a/lib/Makefile.am b/lib/Makefile.am -index 144c45588..212bcb94a 100644 ---- a/lib/Makefile.am -+++ b/lib/Makefile.am -@@ -105,6 +105,7 @@ libguestfs_la_SOURCES = \ - private-data.c \ - proto.c \ - qemu.c \ -+ readdir.c \ - rescue.c \ - stringsbuf.c \ - structs-compare.c \ -diff --git a/lib/readdir.c b/lib/readdir.c -new file mode 100644 -index 000000000..9cb0d7cf6 ---- /dev/null -+++ b/lib/readdir.c -@@ -0,0 +1,131 @@ -+/* libguestfs -+ * Copyright (C) 2016-2022 Red Hat Inc. -+ * -+ * This library is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU Lesser General Public -+ * License as published by the Free Software Foundation; either -+ * version 2 of the License, or (at your option) any later version. -+ * -+ * This library is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ * Lesser General Public License for more details. -+ * -+ * You should have received a copy of the GNU Lesser General Public -+ * License along with this library; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -+ */ -+ -+#include /* UNIX_PATH_MAX, needed by "guestfs-internal.h" */ -+ -+#include /* xdrstdio_create() */ -+#include /* UINT32_MAX */ -+#include /* fopen() */ -+#include /* memset() */ -+ -+#include "guestfs.h" /* guestfs_internal_readdir() */ -+#include "guestfs_protocol.h" /* guestfs_int_dirent */ -+#include "guestfs-internal.h" /* guestfs_int_make_temp_path() */ -+#include "guestfs-internal-actions.h" /* guestfs_impl_readdir */ -+ -+struct guestfs_dirent_list * -+guestfs_impl_readdir (guestfs_h *g, const char *dir) -+{ -+ struct guestfs_dirent_list *ret; -+ char *tmpfn; -+ FILE *f; -+ off_t fsize; -+ XDR xdr; -+ struct guestfs_dirent_list *dirents; -+ uint32_t alloc_entries; -+ size_t alloc_bytes; -+ -+ /* Prepare to fail. */ -+ ret = NULL; -+ -+ tmpfn = guestfs_int_make_temp_path (g, "readdir", NULL); -+ if (tmpfn == NULL) -+ return ret; -+ -+ if (guestfs_internal_readdir (g, dir, tmpfn) == -1) -+ goto drop_tmpfile; -+ -+ f = fopen (tmpfn, "r"); -+ if (f == NULL) { -+ perrorf (g, "fopen: %s", tmpfn); -+ goto drop_tmpfile; -+ } -+ -+ if (fseeko (f, 0, SEEK_END) == -1) { -+ perrorf (g, "fseeko"); -+ goto close_tmpfile; -+ } -+ fsize = ftello (f); -+ if (fsize == -1) { -+ perrorf (g, "ftello"); -+ goto close_tmpfile; -+ } -+ if (fseeko (f, 0, SEEK_SET) == -1) { -+ perrorf (g, "fseeko"); -+ goto close_tmpfile; -+ } -+ -+ xdrstdio_create (&xdr, f, XDR_DECODE); -+ -+ dirents = safe_malloc (g, sizeof *dirents); -+ dirents->len = 0; -+ alloc_entries = 8; -+ alloc_bytes = alloc_entries * sizeof *dirents->val; -+ dirents->val = safe_malloc (g, alloc_bytes); -+ -+ while (xdr_getpos (&xdr) < fsize) { -+ guestfs_int_dirent v; -+ struct guestfs_dirent *d; -+ -+ if (dirents->len == alloc_entries) { -+ if (alloc_entries > UINT32_MAX / 2 || alloc_bytes > (size_t)-1 / 2) { -+ error (g, "integer overflow"); -+ goto free_dirents; -+ } -+ alloc_entries *= 2u; -+ alloc_bytes *= 2u; -+ dirents->val = safe_realloc (g, dirents->val, alloc_bytes); -+ } -+ -+ /* Decoding does not work unless the target buffer is zero-initialized. */ -+ memset (&v, 0, sizeof v); -+ if (!xdr_guestfs_int_dirent (&xdr, &v)) { -+ error (g, "xdr_guestfs_int_dirent failed"); -+ goto free_dirents; -+ } -+ -+ d = &dirents->val[dirents->len]; -+ d->ino = v.ino; -+ d->ftyp = v.ftyp; -+ d->name = v.name; /* transfer malloc'd string to "d" */ -+ -+ dirents->len++; -+ } -+ -+ /* Success; transfer "dirents" to "ret". */ -+ ret = dirents; -+ dirents = NULL; -+ -+ /* Clean up. */ -+ xdr_destroy (&xdr); -+ -+free_dirents: -+ guestfs_free_dirent_list (dirents); -+ -+close_tmpfile: -+ fclose (f); -+ -+drop_tmpfile: -+ /* In case guestfs_internal_readdir() failed, it may or may not have created -+ * the temporary file. -+ */ -+ unlink (tmpfn); -+ free (tmpfn); -+ -+ return ret; -+} --- -2.31.1 - diff --git a/SOURCES/0003-daemon-selinux-relabel-run-setfiles-with-T-0-if-supp.patch b/SOURCES/0003-daemon-selinux-relabel-run-setfiles-with-T-0-if-supp.patch new file mode 100644 index 0000000..fc1f29d --- /dev/null +++ b/SOURCES/0003-daemon-selinux-relabel-run-setfiles-with-T-0-if-supp.patch @@ -0,0 +1,78 @@ +From d2f8308813da27f422607e5aa21fc95d113a17f0 Mon Sep 17 00:00:00 2001 +From: Andrey Drobyshev +Date: Wed, 26 Apr 2023 15:59:46 +0300 +Subject: [PATCH] daemon/selinux-relabel: run setfiles with "-T 0", if + supported + +Since SELinux userspace v3.4 [1], setfiles command supports "-T nthreads" +option, which allows parallel execution. "-T 0" allows using as many +threads as there're available CPU cores. This might speed up the process +of filesystem relabeling in case the appliance is being run with multiple +vCPUs. The latter is true for at least v2v starting from d2b64ecc67 +("v2v: Set the number of vCPUs to same as host number of pCPUs."). + +For instance, when running virt-v2v-in-place on my 12-core Xeon host +with SSD, with appliance being run with 8 vCPUs (the upper limit specified +in d2b64ecc67), and on the ~150GiB disk VM (physical size on the host), +I get the following results: + +./in-place/virt-v2v-in-place -i libvirt fedora37-vm -v -x + +Without this patch: +... +commandrvf: setfiles -F -e /sysroot/dev -e /sysroot/proc -e /sysroot/sys -m -C -r /sysroot -v /sysroot/etc/selinux/targeted/contexts/files/file_contexts /sysroot/^M +libguestfs: trace: v2v: selinux_relabel = 0 +libguestfs: trace: v2v: rm_f "/.autorelabel" +guestfsd: => selinux_relabel (0x1d3) took 17.94 secs +... + +With this patch: +... +commandrvf: setfiles -F -e /sysroot/dev -e /sysroot/proc -e /sysroot/sys -m -C -T 0 -r /sysroot -v /sysroot/etc/selinux/targeted/contexts/files/file_contexts /sysroot/^M +libguestfs: trace: v2v: selinux_relabel = 0 +libguestfs: trace: v2v: rm_f "/.autorelabel" +guestfsd: => selinux_relabel (0x1d3) took 5.88 secs +... + +So in my scenario it's getting 3 times faster. + +[1] https://github.com/SELinuxProject/selinux/releases/tag/3.4 + +Signed-off-by: Andrey Drobyshev +Reviewed-by: Laszlo Ersek +Reviewed-by: Richard W.M. Jones +(cherry picked from commit d0d8e6738477148a7b752348f9364a3b8faed67f) +--- + daemon/selinux-relabel.c | 12 ++++++++++++ + 1 file changed, 12 insertions(+) + +diff --git a/daemon/selinux-relabel.c b/daemon/selinux-relabel.c +index 60a6f48a..cfc5a31d 100644 +--- a/daemon/selinux-relabel.c ++++ b/daemon/selinux-relabel.c +@@ -73,6 +73,7 @@ do_selinux_relabel (const char *specfile, const char *path, + { + static int flag_m = -1; + static int flag_C = -1; ++ static int flag_T = -1; + const char *argv[MAX_ARGS]; + CLEANUP_FREE char *s_dev = NULL, *s_proc = NULL, *s_selinux = NULL, + *s_sys = NULL, *s_specfile = NULL, *s_path = NULL; +@@ -131,6 +132,17 @@ do_selinux_relabel (const char *specfile, const char *path, + if (setfiles_has_option (&flag_C, 'C')) + ADD_ARG (argv, i, "-C"); + ++ /* If the appliance is being run with multiple vCPUs, running setfiles ++ * in multithreading mode might speeds up the process. Option "-T" was ++ * introduced in SELinux userspace v3.4, and we need to check whether it's ++ * supported. Passing "-T 0" creates as many threads as there're available ++ * vCPU cores. ++ * https://github.com/SELinuxProject/selinux/releases/tag/3.4 ++ */ ++ if (setfiles_has_option (&flag_T, 'T')) { ++ ADD_ARG (argv, i, "-T"); ADD_ARG (argv, i, "0"); ++ } ++ + /* Relabelling in a chroot. */ + if (STRNEQ (sysroot, "/")) { + ADD_ARG (argv, i, "-r"); diff --git a/SOURCES/0003-guestfs_readdir-minimize-the-number-of-send_file_wri.patch b/SOURCES/0003-guestfs_readdir-minimize-the-number-of-send_file_wri.patch deleted file mode 100644 index 6e060a5..0000000 --- a/SOURCES/0003-guestfs_readdir-minimize-the-number-of-send_file_wri.patch +++ /dev/null @@ -1,108 +0,0 @@ -From 62cd6c9d2dd62dd24cc04b16437bfb816a6f4357 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Mon, 2 May 2022 10:56:01 +0200 -Subject: [PATCH] guestfs_readdir(): minimize the number of send_file_write() - calls - -In guestfs_readdir(), the daemon currently sends each XDR-encoded -"guestfs_int_dirent" to the library with a separate send_file_write() -call. - -Determine the largest encoded size (from the longest filename that a -"guestfs_int_dirent" could carry, from readdir()'s "struct dirent"), and -batch up the XDR encodings until the next encoding might not fit in -GUESTFS_MAX_CHUNK_SIZE. Call send_file_write() only then. - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1674392 -Signed-off-by: Laszlo Ersek -Message-Id: <20220502085601.15012-3-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit 4864d21cb8eb991f0fc98d03a068173837cba50e) ---- - daemon/readdir.c | 38 ++++++++++++++++++++++++++++++++------ - 1 file changed, 32 insertions(+), 6 deletions(-) - -diff --git a/daemon/readdir.c b/daemon/readdir.c -index 9ab0b0aec..3084ba939 100644 ---- a/daemon/readdir.c -+++ b/daemon/readdir.c -@@ -35,6 +35,9 @@ do_internal_readdir (const char *dir) - DIR *dirstream; - void *xdr_buf; - XDR xdr; -+ struct dirent fill; -+ guestfs_int_dirent v; -+ unsigned max_encoded; - - /* Prepare to fail. */ - ret = -1; -@@ -55,6 +58,20 @@ do_internal_readdir (const char *dir) - } - xdrmem_create (&xdr, xdr_buf, GUESTFS_MAX_CHUNK_SIZE, XDR_ENCODE); - -+ /* Calculate the max number of bytes a "guestfs_int_dirent" can be encoded to. -+ */ -+ memset (fill.d_name, 'a', sizeof fill.d_name - 1); -+ fill.d_name[sizeof fill.d_name - 1] = '\0'; -+ v.ino = INT64_MAX; -+ v.ftyp = '?'; -+ v.name = fill.d_name; -+ if (!xdr_guestfs_int_dirent (&xdr, &v)) { -+ fprintf (stderr, "xdr_guestfs_int_dirent failed\n"); -+ goto release_xdr; -+ } -+ max_encoded = xdr_getpos (&xdr); -+ xdr_setpos (&xdr, 0); -+ - /* Send an "OK" reply, before starting the file transfer. */ - reply (NULL, NULL); - -@@ -63,7 +80,6 @@ do_internal_readdir (const char *dir) - */ - for (;;) { - struct dirent *d; -- guestfs_int_dirent v; - - errno = 0; - d = readdir (dirstream); -@@ -94,22 +110,32 @@ do_internal_readdir (const char *dir) - v.ftyp = 'u'; - #endif - -+ /* Flush "xdr_buf" if we may not have enough room for encoding "v". */ -+ if (GUESTFS_MAX_CHUNK_SIZE - xdr_getpos (&xdr) < max_encoded) { -+ if (send_file_write (xdr_buf, xdr_getpos (&xdr)) != 0) -+ break; -+ -+ xdr_setpos (&xdr, 0); -+ } -+ - if (!xdr_guestfs_int_dirent (&xdr, &v)) { - fprintf (stderr, "xdr_guestfs_int_dirent failed\n"); - break; - } -- -- if (send_file_write (xdr_buf, xdr_getpos (&xdr)) != 0) -- break; -- -- xdr_setpos (&xdr, 0); - } - -+ /* Flush "xdr_buf" if the loop completed successfully and "xdr_buf" is not -+ * empty. */ -+ if (ret == 0 && xdr_getpos (&xdr) > 0 && -+ send_file_write (xdr_buf, xdr_getpos (&xdr)) != 0) -+ ret = -1; -+ - /* Finish or cancel the transfer. Note that if (ret == -1) because the library - * canceled, we still need to cancel back! - */ - send_file_end (ret == -1); - -+release_xdr: - xdr_destroy (&xdr); - free (xdr_buf); - --- -2.31.1 - diff --git a/SOURCES/0010-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch b/SOURCES/0004-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch similarity index 97% rename from SOURCES/0010-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch rename to SOURCES/0004-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch index e558c88..5e17270 100644 --- a/SOURCES/0010-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch +++ b/SOURCES/0004-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch @@ -1,4 +1,4 @@ -From 010cd5ff441166c01125fc588398a1fb8367a852 Mon Sep 17 00:00:00 2001 +From 66b9338e3d786db28fbd853d397741c3ceb19352 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Mon, 29 Jul 2013 14:47:56 +0100 Subject: [PATCH] RHEL: Disable unsupported remote drive protocols @@ -31,7 +31,7 @@ We hope to gradually add some of these back over the lifetime of RHEL. 8 files changed, 16 insertions(+), 348 deletions(-) diff --git a/docs/guestfs-testing.pod b/docs/guestfs-testing.pod -index f558964bf..8f264ed17 100644 +index 47f381a7..c7b44928 100644 --- a/docs/guestfs-testing.pod +++ b/docs/guestfs-testing.pod @@ -109,26 +109,6 @@ image. To exit, type C. @@ -62,7 +62,7 @@ index f558964bf..8f264ed17 100644 Run L on guests or disk images: diff --git a/fish/guestfish.pod b/fish/guestfish.pod -index ae2445571..46cba64ff 100644 +index ccc0825b..d36cac9d 100644 --- a/fish/guestfish.pod +++ b/fish/guestfish.pod @@ -131,9 +131,9 @@ To list what is available do: @@ -171,7 +171,7 @@ index ae2445571..46cba64ff 100644 In this case, the password is C. diff --git a/fish/test-add-uri.sh b/fish/test-add-uri.sh -index 21d424984..ddabeb639 100755 +index 21d42498..ddabeb63 100755 --- a/fish/test-add-uri.sh +++ b/fish/test-add-uri.sh @@ -40,14 +40,6 @@ function fail () @@ -220,7 +220,7 @@ index 21d424984..ddabeb639 100755 rm test-add-uri.out rm test-add-uri.img diff --git a/generator/actions_core.ml b/generator/actions_core.ml -index 807150615..6cd42a290 100644 +index bfb43a19..314bb0ae 100644 --- a/generator/actions_core.ml +++ b/generator/actions_core.ml @@ -350,29 +350,6 @@ F is interpreted as a local file or device. @@ -305,7 +305,7 @@ index 807150615..6cd42a290 100644 example if using the libvirt backend and if the libvirt backend is configured to start the qemu appliance as a special user such as C. If in doubt, diff --git a/lib/drives.c b/lib/drives.c -index c5a208468..efb289254 100644 +index c5a20846..efb28925 100644 --- a/lib/drives.c +++ b/lib/drives.c @@ -166,6 +166,7 @@ create_drive_non_file (guestfs_h *g, @@ -373,10 +373,10 @@ index c5a208468..efb289254 100644 error (g, _("unknown protocol ‘%s’"), protocol); drv = NULL; /*FALLTHROUGH*/ diff --git a/lib/guestfs.pod b/lib/guestfs.pod -index 1ad44e7c2..946ce2d36 100644 +index c6c8cb16..866a4638 100644 --- a/lib/guestfs.pod +++ b/lib/guestfs.pod -@@ -712,70 +712,6 @@ a qcow2 backing file specification, libvirt does not construct an +@@ -723,70 +723,6 @@ a qcow2 backing file specification, libvirt does not construct an ephemeral secret object from those, for Ceph authentication. Refer to L. @@ -447,7 +447,7 @@ index 1ad44e7c2..946ce2d36 100644 =head3 NETWORK BLOCK DEVICE Libguestfs can access Network Block Device (NBD) disks remotely. -@@ -838,42 +774,6 @@ L +@@ -849,42 +785,6 @@ L =back @@ -491,7 +491,7 @@ index 1ad44e7c2..946ce2d36 100644 Libguestfs has APIs for inspecting an unknown disk image to find out diff --git a/tests/disks/test-qemu-drive-libvirt.sh b/tests/disks/test-qemu-drive-libvirt.sh -index 595a95a5e..b49534c94 100755 +index d86a1ecd..cf7d2a0c 100755 --- a/tests/disks/test-qemu-drive-libvirt.sh +++ b/tests/disks/test-qemu-drive-libvirt.sh @@ -65,34 +65,6 @@ check_output @@ -530,7 +530,7 @@ index 595a95a5e..b49534c94 100755 $guestfish -d pool1 run ||: diff --git a/tests/disks/test-qemu-drive.sh b/tests/disks/test-qemu-drive.sh -index 12937fb30..b3e4f9903 100755 +index 12937fb3..b3e4f990 100755 --- a/tests/disks/test-qemu-drive.sh +++ b/tests/disks/test-qemu-drive.sh @@ -62,45 +62,6 @@ check_output @@ -604,6 +604,3 @@ index 12937fb30..b3e4f9903 100755 -check_output -grep -sq -- '-drive file=ssh://rich@example.com/disk.img,' "$DEBUG_QEMU_FILE" || fail -rm "$DEBUG_QEMU_FILE" --- -2.31.1 - diff --git a/SOURCES/0004-lib-launch-direct-ignore-drive-iface-parameter.patch b/SOURCES/0004-lib-launch-direct-ignore-drive-iface-parameter.patch deleted file mode 100644 index 958b99f..0000000 --- a/SOURCES/0004-lib-launch-direct-ignore-drive-iface-parameter.patch +++ /dev/null @@ -1,123 +0,0 @@ -From e4901a4e83f0ab59a525095d2fe1c7f1a38c0aac Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Wed, 4 May 2022 15:41:52 +0200 -Subject: [PATCH] lib: launch-direct: ignore drive "iface" parameter - -Rich said in : - -> The libvirt backend has never allowed the iface parameter. We should -> probably ignore it in the direct backend since it's never been possible -> to use this parameter correctly. - -Remove the handling of "iface" in the direct (QEMU) backend. Refresh the -documentation regarding both backends. - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1844341 -Signed-off-by: Laszlo Ersek -Message-Id: <20220504134155.11832-2-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit 3eb830dbaee12c8dc4566cab226ed2af0e0f2d8c) ---- - generator/actions_core_deprecated.ml | 8 +++- - lib/launch-direct.c | 59 ++++++---------------------- - 2 files changed, 19 insertions(+), 48 deletions(-) - -diff --git a/generator/actions_core_deprecated.ml b/generator/actions_core_deprecated.ml -index 00dde3d2a..f1040a0e9 100644 ---- a/generator/actions_core_deprecated.ml -+++ b/generator/actions_core_deprecated.ml -@@ -73,7 +73,9 @@ of C." }; - shortdesc = "add a drive specifying the QEMU block emulation to use"; - longdesc = "\ - This is the same as C but it allows you --to specify the QEMU interface emulation to use at run time." }; -+to specify the QEMU interface emulation to use at run time. -+The libvirt backend rejects a non-empty C argument. -+The direct backend ignores C." }; - - { defaults with - name = "add_drive_ro_with_if"; added = (1, 0, 84); -@@ -83,7 +85,9 @@ to specify the QEMU interface emulation to use at run time." }; - shortdesc = "add a drive read-only specifying the QEMU block emulation to use"; - longdesc = "\ - This is the same as C but it allows you --to specify the QEMU interface emulation to use at run time." }; -+to specify the QEMU interface emulation to use at run time. -+The libvirt backend rejects a non-empty C argument. -+The direct backend ignores C." }; - - { defaults with - name = "lstatlist"; added = (1, 0, 77); -diff --git a/lib/launch-direct.c b/lib/launch-direct.c -index b292b9c26..ff0eaeb62 100644 ---- a/lib/launch-direct.c -+++ b/lib/launch-direct.c -@@ -296,52 +296,19 @@ static int - add_drive (guestfs_h *g, struct backend_direct_data *data, - struct qemuopts *qopts, size_t i, struct drive *drv) - { -- /* If there's an explicit 'iface', use it. Otherwise default to -- * virtio-scsi. -- */ -- if (drv->iface && STREQ (drv->iface, "virtio")) { /* virtio-blk */ -- start_list ("-drive") { -- if (add_drive_standard_params (g, data, qopts, i, drv) == -1) -- return -1; -- append_list ("if=none"); -- } end_list (); -- start_list ("-device") { -- append_list (VIRTIO_DEVICE_NAME ("virtio-blk")); -- append_list_format ("drive=hd%zu", i); -- if (drv->disk_label) -- append_list_format ("serial=%s", drv->disk_label); -- if (add_device_blocksize_params (g, qopts, drv) == -1) -- return -1; -- } end_list (); -- } --#if defined(__arm__) || defined(__aarch64__) || defined(__powerpc__) -- else if (drv->iface && STREQ (drv->iface, "ide")) { -- error (g, "'ide' interface does not work on ARM or PowerPC"); -- return -1; -- } --#endif -- else if (drv->iface) { -- start_list ("-drive") { -- if (add_drive_standard_params (g, data, qopts, i, drv) == -1) -- return -1; -- append_list_format ("if=%s", drv->iface); -- } end_list (); -- } -- else /* default case: virtio-scsi */ { -- start_list ("-drive") { -- if (add_drive_standard_params (g, data, qopts, i, drv) == -1) -- return -1; -- append_list ("if=none"); -- } end_list (); -- start_list ("-device") { -- append_list ("scsi-hd"); -- append_list_format ("drive=hd%zu", i); -- if (drv->disk_label) -- append_list_format ("serial=%s", drv->disk_label); -- if (add_device_blocksize_params (g, qopts, drv) == -1) -- return -1; -- } end_list (); -- } -+ start_list ("-drive") { -+ if (add_drive_standard_params (g, data, qopts, i, drv) == -1) -+ return -1; -+ append_list ("if=none"); -+ } end_list (); -+ start_list ("-device") { -+ append_list ("scsi-hd"); -+ append_list_format ("drive=hd%zu", i); -+ if (drv->disk_label) -+ append_list_format ("serial=%s", drv->disk_label); -+ if (add_device_blocksize_params (g, qopts, drv) == -1) -+ return -1; -+ } end_list (); - - return 0; - --- -2.31.1 - diff --git a/SOURCES/0011-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch b/SOURCES/0005-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch similarity index 92% rename from SOURCES/0011-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch rename to SOURCES/0005-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch index bae7529..8e30e60 100644 --- a/SOURCES/0011-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch +++ b/SOURCES/0005-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch @@ -1,4 +1,4 @@ -From d59942a7a3d1ca2248a94099d28f7555378d7993 Mon Sep 17 00:00:00 2001 +From b875668bfa9f596aba2e84999c7c9921f8dcb55e Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Tue, 7 Jul 2015 09:28:03 -0400 Subject: [PATCH] RHEL: Reject use of libguestfs-winsupport features except for @@ -13,7 +13,7 @@ edits. 3 files changed, 19 insertions(+) diff --git a/generator/c.ml b/generator/c.ml -index ea69abf76..56ee38aa4 100644 +index 447059b8..0391dd3d 100644 --- a/generator/c.ml +++ b/generator/c.ml @@ -1846,6 +1846,22 @@ and generate_client_actions actions () = @@ -40,7 +40,7 @@ index ea69abf76..56ee38aa4 100644 * as a progress bar hint. *) diff --git a/test-data/phony-guests/make-windows-img.sh b/test-data/phony-guests/make-windows-img.sh -index 30908a918..73cf5144e 100755 +index 16debd12..1c13ddac 100755 --- a/test-data/phony-guests/make-windows-img.sh +++ b/test-data/phony-guests/make-windows-img.sh @@ -37,6 +37,7 @@ fi @@ -52,7 +52,7 @@ index 30908a918..73cf5144e 100755 run diff --git a/tests/charsets/test-charset-fidelity.c b/tests/charsets/test-charset-fidelity.c -index 105291dc3..5ca4f3b6d 100644 +index 105291dc..5ca4f3b6 100644 --- a/tests/charsets/test-charset-fidelity.c +++ b/tests/charsets/test-charset-fidelity.c @@ -96,6 +96,8 @@ main (int argc, char *argv[]) @@ -64,6 +64,3 @@ index 105291dc3..5ca4f3b6d 100644 if (guestfs_add_drive_scratch (g, 1024*1024*1024, -1) == -1) exit (EXIT_FAILURE); --- -2.31.1 - diff --git a/SOURCES/0005-lib-drive_create_data-drive-remove-field-iface.patch b/SOURCES/0005-lib-drive_create_data-drive-remove-field-iface.patch deleted file mode 100644 index 3f01445..0000000 --- a/SOURCES/0005-lib-drive_create_data-drive-remove-field-iface.patch +++ /dev/null @@ -1,245 +0,0 @@ -From f13297315495144775f6249e9e24dc5f18f6f902 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Wed, 4 May 2022 15:41:53 +0200 -Subject: [PATCH] lib: drive_create_data, drive: remove field "iface" - -Representing "iface" in the "drive_create_data" and "drive" structures is -now useless; the direct backend ignores "iface", while the libvirt one -rejects it unless it is empty. Unify both backends -- make them both -ignore "iface". (Which only relaxes the libvirt backend, so it cannot -cause compatibility problems.) This lets us remove the fields. Update the -documentation as well. - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1844341 -Signed-off-by: Laszlo Ersek -Message-Id: <20220504134155.11832-3-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit f68eaee1d6c41f91e7dfd2aa9e7d238cca7b8a4c) ---- - generator/actions_core_deprecated.ml | 6 ++---- - lib/drives.c | 31 +++++----------------------- - lib/guestfs-internal.h | 1 - - lib/launch-libvirt.c | 6 ------ - lib/libvirt-domain.c | 15 -------------- - 5 files changed, 7 insertions(+), 52 deletions(-) - -diff --git a/generator/actions_core_deprecated.ml b/generator/actions_core_deprecated.ml -index f1040a0e9..c23f4a330 100644 ---- a/generator/actions_core_deprecated.ml -+++ b/generator/actions_core_deprecated.ml -@@ -74,8 +74,7 @@ of C." }; - longdesc = "\ - This is the same as C but it allows you - to specify the QEMU interface emulation to use at run time. --The libvirt backend rejects a non-empty C argument. --The direct backend ignores C." }; -+Both the direct and the libvirt backends ignore C." }; - - { defaults with - name = "add_drive_ro_with_if"; added = (1, 0, 84); -@@ -86,8 +85,7 @@ The direct backend ignores C." }; - longdesc = "\ - This is the same as C but it allows you - to specify the QEMU interface emulation to use at run time. --The libvirt backend rejects a non-empty C argument. --The direct backend ignores C." }; -+Both the direct and the libvirt backends ignore C." }; - - { defaults with - name = "lstatlist"; added = (1, 0, 77); -diff --git a/lib/drives.c b/lib/drives.c -index a6179fc36..8fe46a41c 100644 ---- a/lib/drives.c -+++ b/lib/drives.c -@@ -53,7 +53,6 @@ struct drive_create_data { - const char *secret; - bool readonly; - const char *format; -- const char *iface; - const char *name; - const char *disk_label; - const char *cachemode; -@@ -110,7 +109,6 @@ create_drive_file (guestfs_h *g, - drv->src.format = data->format ? safe_strdup (g, data->format) : NULL; - - drv->readonly = data->readonly; -- drv->iface = data->iface ? safe_strdup (g, data->iface) : NULL; - drv->name = data->name ? safe_strdup (g, data->name) : NULL; - drv->disk_label = data->disk_label ? safe_strdup (g, data->disk_label) : NULL; - drv->cachemode = data->cachemode ? safe_strdup (g, data->cachemode) : NULL; -@@ -147,7 +145,6 @@ create_drive_non_file (guestfs_h *g, - drv->src.format = data->format ? safe_strdup (g, data->format) : NULL; - - drv->readonly = data->readonly; -- drv->iface = data->iface ? safe_strdup (g, data->iface) : NULL; - drv->name = data->name ? safe_strdup (g, data->name) : NULL; - drv->disk_label = data->disk_label ? safe_strdup (g, data->disk_label) : NULL; - drv->cachemode = data->cachemode ? safe_strdup (g, data->cachemode) : NULL; -@@ -470,7 +467,6 @@ free_drive_struct (struct drive *drv) - { - free_drive_source (&drv->src); - free (drv->overlay); -- free (drv->iface); - free (drv->name); - free (drv->disk_label); - free (drv->cachemode); -@@ -511,14 +507,12 @@ drive_to_string (guestfs_h *g, const struct drive *drv) - s_blocksize = safe_asprintf (g, "%d", drv->blocksize); - - return safe_asprintf -- (g, "%s%s%s%s protocol=%s%s%s%s%s%s%s%s%s%s%s%s%s", -+ (g, "%s%s%s%s protocol=%s%s%s%s%s%s%s%s%s%s%s", - drv->src.u.path, - drv->readonly ? " readonly" : "", - drv->src.format ? " format=" : "", - drv->src.format ? : "", - guestfs_int_drive_protocol_to_string (drv->src.protocol), -- drv->iface ? " iface=" : "", -- drv->iface ? : "", - drv->name ? " name=" : "", - drv->name ? : "", - drv->disk_label ? " label=" : "", -@@ -747,8 +741,6 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, - ? optargs->readonly : false; - data.format = optargs->bitmask & GUESTFS_ADD_DRIVE_OPTS_FORMAT_BITMASK - ? optargs->format : NULL; -- data.iface = optargs->bitmask & GUESTFS_ADD_DRIVE_OPTS_IFACE_BITMASK -- ? optargs->iface : NULL; - data.name = optargs->bitmask & GUESTFS_ADD_DRIVE_OPTS_NAME_BITMASK - ? optargs->name : NULL; - data.disk_label = optargs->bitmask & GUESTFS_ADD_DRIVE_OPTS_LABEL_BITMASK -@@ -804,12 +796,6 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, - free_drive_servers (data.servers, data.nr_servers); - return -1; - } -- if (data.iface && !VALID_FORMAT_IFACE (data.iface)) { -- error (g, _("%s parameter is empty or contains disallowed characters"), -- "iface"); -- free_drive_servers (data.servers, data.nr_servers); -- return -1; -- } - if (data.disk_label && !VALID_DISK_LABEL (data.disk_label)) { - error (g, _("label parameter is empty, too long, or contains disallowed characters")); - free_drive_servers (data.servers, data.nr_servers); -@@ -935,24 +921,17 @@ guestfs_impl_add_drive_ro (guestfs_h *g, const char *filename) - - int - guestfs_impl_add_drive_with_if (guestfs_h *g, const char *filename, -- const char *iface) -+ const char *iface ATTRIBUTE_UNUSED) - { -- const struct guestfs_add_drive_opts_argv optargs = { -- .bitmask = GUESTFS_ADD_DRIVE_OPTS_IFACE_BITMASK, -- .iface = iface, -- }; -- -- return guestfs_add_drive_opts_argv (g, filename, &optargs); -+ return guestfs_add_drive_opts_argv (g, filename, NULL); - } - - int - guestfs_impl_add_drive_ro_with_if (guestfs_h *g, const char *filename, -- const char *iface) -+ const char *iface ATTRIBUTE_UNUSED) - { - const struct guestfs_add_drive_opts_argv optargs = { -- .bitmask = GUESTFS_ADD_DRIVE_OPTS_IFACE_BITMASK -- | GUESTFS_ADD_DRIVE_OPTS_READONLY_BITMASK, -- .iface = iface, -+ .bitmask = GUESTFS_ADD_DRIVE_OPTS_READONLY_BITMASK, - .readonly = true, - }; - -diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h -index 5bb00bc10..16755cfb3 100644 ---- a/lib/guestfs-internal.h -+++ b/lib/guestfs-internal.h -@@ -298,7 +298,6 @@ struct drive { - - /* Various per-drive flags. */ - bool readonly; -- char *iface; - char *name; - char *disk_label; - char *cachemode; -diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c -index de342b425..03d69e027 100644 ---- a/lib/launch-libvirt.c -+++ b/lib/launch-libvirt.c -@@ -1472,12 +1472,6 @@ construct_libvirt_xml_disk (guestfs_h *g, - const char *type, *uuid; - int r; - -- /* XXX We probably could support this if we thought about it some more. */ -- if (drv->iface) { -- error (g, _("‘iface’ parameter is not supported by the libvirt backend")); -- return -1; -- } -- - start_element ("disk") { - attribute ("device", "disk"); - -diff --git a/lib/libvirt-domain.c b/lib/libvirt-domain.c -index 3050680fa..fafbf50ea 100644 ---- a/lib/libvirt-domain.c -+++ b/lib/libvirt-domain.c -@@ -68,7 +68,6 @@ guestfs_impl_add_domain (guestfs_h *g, const char *domain_name, - int live; - int allowuuid; - const char *readonlydisk; -- const char *iface; - const char *cachemode; - const char *discard; - bool copyonread; -@@ -78,8 +77,6 @@ guestfs_impl_add_domain (guestfs_h *g, const char *domain_name, - ? optargs->libvirturi : NULL; - readonly = optargs->bitmask & GUESTFS_ADD_DOMAIN_READONLY_BITMASK - ? optargs->readonly : 0; -- iface = optargs->bitmask & GUESTFS_ADD_DOMAIN_IFACE_BITMASK -- ? optargs->iface : NULL; - live = optargs->bitmask & GUESTFS_ADD_DOMAIN_LIVE_BITMASK - ? optargs->live : 0; - allowuuid = optargs->bitmask & GUESTFS_ADD_DOMAIN_ALLOWUUID_BITMASK -@@ -136,10 +133,6 @@ guestfs_impl_add_domain (guestfs_h *g, const char *domain_name, - optargs2.bitmask |= GUESTFS_ADD_LIBVIRT_DOM_READONLY_BITMASK; - optargs2.readonly = readonly; - } -- if (iface) { -- optargs2.bitmask |= GUESTFS_ADD_LIBVIRT_DOM_IFACE_BITMASK; -- optargs2.iface = iface; -- } - if (live) { - error (g, _("libguestfs live support was removed in libguestfs 1.48")); - goto cleanup; -@@ -193,7 +186,6 @@ guestfs_impl_add_libvirt_dom (guestfs_h *g, void *domvp, - virDomainPtr dom = domvp; - ssize_t r; - int readonly; -- const char *iface; - const char *cachemode; - const char *discard; - bool copyonread; -@@ -208,9 +200,6 @@ guestfs_impl_add_libvirt_dom (guestfs_h *g, void *domvp, - readonly = - optargs->bitmask & GUESTFS_ADD_LIBVIRT_DOM_READONLY_BITMASK - ? optargs->readonly : 0; -- iface = -- optargs->bitmask & GUESTFS_ADD_LIBVIRT_DOM_IFACE_BITMASK -- ? optargs->iface : NULL; - live = - optargs->bitmask & GUESTFS_ADD_LIBVIRT_DOM_LIVE_BITMASK - ? optargs->live : 0; -@@ -289,10 +278,6 @@ guestfs_impl_add_libvirt_dom (guestfs_h *g, void *domvp, - data.optargs.bitmask = 0; - data.readonly = readonly; - data.readonlydisk = readonlydisk; -- if (iface) { -- data.optargs.bitmask |= GUESTFS_ADD_DRIVE_OPTS_IFACE_BITMASK; -- data.optargs.iface = iface; -- } - if (cachemode) { - data.optargs.bitmask |= GUESTFS_ADD_DRIVE_OPTS_CACHEMODE_BITMASK; - data.optargs.cachemode = cachemode; --- -2.31.1 - diff --git a/SOURCES/0006-Remove-virt-dib.patch b/SOURCES/0006-Remove-virt-dib.patch new file mode 100644 index 0000000..ddb1c73 --- /dev/null +++ b/SOURCES/0006-Remove-virt-dib.patch @@ -0,0 +1,63 @@ +From d4be44928a40e7ca1ef6255fb04d28f2fa7fc6b6 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 7 Feb 2023 13:20:36 +0000 +Subject: [PATCH] Remove virt-dib + +The tool only supports an older version of the diskimage-builder +metadata, and we do not have the time or inclination to update it to a +newer version. + +Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1910039 +(cherry picked from commit 7503eeebede688409b2adf616d71a94e04b7f0d2) +--- + appliance/packagelist.in | 30 ------------------------------ + 1 file changed, 30 deletions(-) + +diff --git a/appliance/packagelist.in b/appliance/packagelist.in +index 585d52ad..20b08c47 100644 +--- a/appliance/packagelist.in ++++ b/appliance/packagelist.in +@@ -110,7 +110,6 @@ ifelse(ARCHLINUX,1, + dnl syslinux has mtools as optional dependency, but in reality it's + dnl a hard one: + mtools +- multipath-tools dnl for kpartx + nilfs-utils + ntfs-3g + ntfs-3g-system-compression +@@ -266,35 +265,6 @@ util-linux-ng + xfsprogs + zerofree + +-dnl tools needed by virt-dib +-ifelse(REDHAT,1, +- qemu-img +- which +-) +-ifelse(DEBIAN,1, +- qemu-utils +-) +-ifelse(ARCHLINUX,1, +- qemu +- which +-) +-ifelse(SUSE,1, +- qemu-tools +- which +-) +-ifelse(FRUGALWARE,1, +- qemu +- which +-) +-ifelse(MAGEIA,1, +- qemu-img +- which +-) +-curl +-kpartx +-dnl (virt-dib) tools optionally used for elements +-debootstrap +- + dnl exFAT is not usually available in free software repos + exfat-fuse + exfat-utils diff --git a/SOURCES/0006-lib-rename-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch b/SOURCES/0006-lib-rename-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch deleted file mode 100644 index 9386a58..0000000 --- a/SOURCES/0006-lib-rename-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch +++ /dev/null @@ -1,82 +0,0 @@ -From f408b24d8d8f5b5f4e1a25c1046c3a18107c8d80 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Wed, 4 May 2022 15:41:54 +0200 -Subject: [PATCH] lib: rename VALID_FORMAT_IFACE to VALID_FORMAT - -We no longer use VALID_FORMAT_IFACE for validating "iface"; rename the -macro to reflect that we only check "format" with it. - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1844341 -Signed-off-by: Laszlo Ersek -Message-Id: <20220504134155.11832-4-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit c8e3caf9e6000ea2f5cfbe30ffe1240317bb4578) ---- - lib/drives.c | 4 ++-- - lib/unit-tests.c | 16 ++++++++-------- - 2 files changed, 10 insertions(+), 10 deletions(-) - -diff --git a/lib/drives.c b/lib/drives.c -index 8fe46a41c..c5a208468 100644 ---- a/lib/drives.c -+++ b/lib/drives.c -@@ -593,7 +593,7 @@ guestfs_int_free_drives (guestfs_h *g) - * Check string parameter matches regular expression - * C<^[-_[:alnum:]]+$> (in C locale). - */ --#define VALID_FORMAT_IFACE(str) \ -+#define VALID_FORMAT(str) \ - guestfs_int_string_is_valid ((str), 1, 0, \ - VALID_FLAG_ALPHA|VALID_FLAG_DIGIT, "-_") - -@@ -790,7 +790,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, - return -1; - } - -- if (data.format && !VALID_FORMAT_IFACE (data.format)) { -+ if (data.format && !VALID_FORMAT (data.format)) { - error (g, _("%s parameter is empty or contains disallowed characters"), - "format"); - free_drive_servers (data.servers, data.nr_servers); -diff --git a/lib/unit-tests.c b/lib/unit-tests.c -index 62457ccba..0e550cb98 100644 ---- a/lib/unit-tests.c -+++ b/lib/unit-tests.c -@@ -434,7 +434,7 @@ test_stringsbuf (void) - } - - /* Use the same macros as in lib/drives.c */ --#define VALID_FORMAT_IFACE(str) \ -+#define VALID_FORMAT(str) \ - guestfs_int_string_is_valid ((str), 1, 0, \ - VALID_FLAG_ALPHA|VALID_FLAG_DIGIT, "-_") - #define VALID_DISK_LABEL(str) \ -@@ -446,18 +446,18 @@ test_stringsbuf (void) - static void - test_valid (void) - { -- assert (!VALID_FORMAT_IFACE ("")); -+ assert (!VALID_FORMAT ("")); - assert (!VALID_DISK_LABEL ("")); - assert (!VALID_HOSTNAME ("")); - - assert (!VALID_DISK_LABEL ("012345678901234567890")); - -- assert (VALID_FORMAT_IFACE ("abc")); -- assert (VALID_FORMAT_IFACE ("ABC")); -- assert (VALID_FORMAT_IFACE ("abc123")); -- assert (VALID_FORMAT_IFACE ("abc123-")); -- assert (VALID_FORMAT_IFACE ("abc123_")); -- assert (!VALID_FORMAT_IFACE ("abc123.")); -+ assert (VALID_FORMAT ("abc")); -+ assert (VALID_FORMAT ("ABC")); -+ assert (VALID_FORMAT ("abc123")); -+ assert (VALID_FORMAT ("abc123-")); -+ assert (VALID_FORMAT ("abc123_")); -+ assert (!VALID_FORMAT ("abc123.")); - - assert (VALID_DISK_LABEL ("abc")); - assert (VALID_DISK_LABEL ("ABC")); --- -2.31.1 - diff --git a/SOURCES/0007-lib-Choose-q35-machine-type-for-x86-64.patch b/SOURCES/0007-lib-Choose-q35-machine-type-for-x86-64.patch new file mode 100644 index 0000000..2e83fa5 --- /dev/null +++ b/SOURCES/0007-lib-Choose-q35-machine-type-for-x86-64.patch @@ -0,0 +1,32 @@ +From d9ba056079f797483ea99394b265c9bf39769687 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 9 Feb 2023 13:38:50 +0000 +Subject: [PATCH] lib: Choose q35 machine type for x86-64 + +This machine type is more modern than the older 'pc' type and as most +qemu development is now focused there we expect it will perform and +behave better. In almost all respects this change should make no +difference. + +Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2168578 +Acked-by: Laszlo Ersek +See-also: https://listman.redhat.com/archives/libguestfs/2023-February/030645.html +(cherry picked from commit f0f8e6c5fe0c3f6d5d90534d263bded3a4dc7e8d) +--- + lib/guestfs-internal.h | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h +index 306f2a2e..fb55e026 100644 +--- a/lib/guestfs-internal.h ++++ b/lib/guestfs-internal.h +@@ -113,6 +113,9 @@ cleanup_mutex_unlock (pthread_mutex_t **ptr) + #define MAX_WINDOWS_EXPLORER_SIZE (4 * 1000 * 1000) + + /* Machine types. */ ++#if defined(__x86_64__) ++#define MACHINE_TYPE "q35" ++#endif + #ifdef __arm__ + #define MACHINE_TYPE "virt" + #endif diff --git a/SOURCES/0007-tests-regressions-remove-iface-based-restrictions.patch b/SOURCES/0007-tests-regressions-remove-iface-based-restrictions.patch deleted file mode 100644 index 5c8c1d0..0000000 --- a/SOURCES/0007-tests-regressions-remove-iface-based-restrictions.patch +++ /dev/null @@ -1,74 +0,0 @@ -From 431ca828e9f7d7a6c7e315b410f381304986ba44 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Wed, 4 May 2022 15:41:55 +0200 -Subject: [PATCH] tests/regressions: remove "iface"-based restrictions - -Now that "iface" is ignored by both backends, the regression tests for -RHBZ 690819 and 975797 can be enabled on all arches (regardless of -backend). - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1844341 -Signed-off-by: Laszlo Ersek -Message-Id: <20220504134155.11832-5-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit ddf276884c04418a32902689cf8fc3506be3ca4b) ---- - tests/regressions/rhbz690819.sh | 10 +++------- - tests/regressions/rhbz975797.sh | 10 +++------- - 2 files changed, 6 insertions(+), 14 deletions(-) - -diff --git a/tests/regressions/rhbz690819.sh b/tests/regressions/rhbz690819.sh -index e6f61d00d..9e1bcda84 100755 ---- a/tests/regressions/rhbz690819.sh -+++ b/tests/regressions/rhbz690819.sh -@@ -19,18 +19,14 @@ - # https://bugzilla.redhat.com/show_bug.cgi?id=690819 - # mkfs fails creating a filesytem on a disk device when using a disk - # with 'ide' interface -+# -+# The 'iface' parameter is now ignored: -+# https://bugzilla.redhat.com/show_bug.cgi?id=1844341 - - set -e - - $TEST_FUNCTIONS - skip_if_skipped --# These architectures don't support the 'ide' interface. --skip_if_arch arm --skip_if_arch aarch64 --skip_if_arch ppc64 --skip_if_arch ppc64le --skip_if_arch s390x --skip_if_backend libvirt - - rm -f rhbz690819.img - -diff --git a/tests/regressions/rhbz975797.sh b/tests/regressions/rhbz975797.sh -index c676abfa3..feecf1f2b 100755 ---- a/tests/regressions/rhbz975797.sh -+++ b/tests/regressions/rhbz975797.sh -@@ -19,18 +19,14 @@ - # Regression test for: - # https://bugzilla.redhat.com/show_bug.cgi?id=975797 - # Ensure the appliance doesn't hang when using the 'iface' parameter. -+# -+# The 'iface' parameter is now ignored: -+# https://bugzilla.redhat.com/show_bug.cgi?id=1844341 - - set -e - - $TEST_FUNCTIONS - skip_if_skipped --# These architectures don't support the 'ide' interface. --skip_if_arch arm --skip_if_arch aarch64 --skip_if_arch ppc64 --skip_if_arch ppc64le --skip_if_arch s390x --skip_if_backend libvirt - - rm -f rhbz975797-*.img - --- -2.31.1 - diff --git a/SOURCES/0008-LUKS-on-LVM-inspection-test-rename-VGs-and-LVs.patch b/SOURCES/0008-LUKS-on-LVM-inspection-test-rename-VGs-and-LVs.patch new file mode 100644 index 0000000..5516195 --- /dev/null +++ b/SOURCES/0008-LUKS-on-LVM-inspection-test-rename-VGs-and-LVs.patch @@ -0,0 +1,97 @@ +From 826cf6d68e4369de3d160e91b7dad6a894469797 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Fri, 19 May 2023 16:08:48 +0200 +Subject: [PATCH] LUKS-on-LVM inspection test: rename VGs and LVs + +In preparation for a subsequent patch, rename "VG" to "Volume-Group", and +"LV" to "Logical-Volume-", in the LUKS-on-LVM inspection test. + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2168506 +Signed-off-by: Laszlo Ersek +Message-Id: <20230519140849.310774-3-lersek@redhat.com> +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 58e26402334a4696fa08730eecc9098fc270ed1c) +--- + test-data/phony-guests/make-fedora-img.pl | 30 +++++++++++-------- + .../test-key-option-inspect-luks-on-lvm.sh | 16 +++++----- + 2 files changed, 25 insertions(+), 21 deletions(-) + +diff --git a/test-data/phony-guests/make-fedora-img.pl b/test-data/phony-guests/make-fedora-img.pl +index 4c8e1499..b7dc902e 100755 +--- a/test-data/phony-guests/make-fedora-img.pl ++++ b/test-data/phony-guests/make-fedora-img.pl +@@ -224,23 +224,27 @@ EOF + + # Create the Volume Group on /dev/sda2. + $g->pvcreate ('/dev/sda2'); +- $g->vgcreate ('VG', ['/dev/sda2']); +- $g->lvcreate ('Root', 'VG', 32); +- $g->lvcreate ('LV1', 'VG', 32); +- $g->lvcreate ('LV2', 'VG', 32); +- $g->lvcreate ('LV3', 'VG', 64); ++ $g->vgcreate ('Volume-Group', ['/dev/sda2']); ++ $g->lvcreate ('Root', 'Volume-Group', 32); ++ $g->lvcreate ('Logical-Volume-1', 'Volume-Group', 32); ++ $g->lvcreate ('Logical-Volume-2', 'Volume-Group', 32); ++ $g->lvcreate ('Logical-Volume-3', 'Volume-Group', 64); + + # Format each Logical Group as a LUKS device, with a different password. +- $g->luks_format ('/dev/VG/Root', 'FEDORA-Root', 0); +- $g->luks_format ('/dev/VG/LV1', 'FEDORA-LV1', 0); +- $g->luks_format ('/dev/VG/LV2', 'FEDORA-LV2', 0); +- $g->luks_format ('/dev/VG/LV3', 'FEDORA-LV3', 0); ++ $g->luks_format ('/dev/Volume-Group/Root', 'FEDORA-Root', 0); ++ $g->luks_format ('/dev/Volume-Group/Logical-Volume-1', 'FEDORA-LV1', 0); ++ $g->luks_format ('/dev/Volume-Group/Logical-Volume-2', 'FEDORA-LV2', 0); ++ $g->luks_format ('/dev/Volume-Group/Logical-Volume-3', 'FEDORA-LV3', 0); + + # Open the LUKS devices. This creates nodes like /dev/mapper/*-luks. +- $g->cryptsetup_open ('/dev/VG/Root', 'FEDORA-Root', 'Root-luks'); +- $g->cryptsetup_open ('/dev/VG/LV1', 'FEDORA-LV1', 'LV1-luks'); +- $g->cryptsetup_open ('/dev/VG/LV2', 'FEDORA-LV2', 'LV2-luks'); +- $g->cryptsetup_open ('/dev/VG/LV3', 'FEDORA-LV3', 'LV3-luks'); ++ $g->cryptsetup_open ('/dev/Volume-Group/Root', ++ 'FEDORA-Root', 'Root-luks'); ++ $g->cryptsetup_open ('/dev/Volume-Group/Logical-Volume-1', ++ 'FEDORA-LV1', 'LV1-luks'); ++ $g->cryptsetup_open ('/dev/Volume-Group/Logical-Volume-2', ++ 'FEDORA-LV2', 'LV2-luks'); ++ $g->cryptsetup_open ('/dev/Volume-Group/Logical-Volume-3', ++ 'FEDORA-LV3', 'LV3-luks'); + + # Phony root filesystem. + $g->mkfs ('ext2', '/dev/mapper/Root-luks', blocksize => 4096, label => 'ROOT'); +diff --git a/tests/luks/test-key-option-inspect-luks-on-lvm.sh b/tests/luks/test-key-option-inspect-luks-on-lvm.sh +index 52cd7e98..a8d72b9f 100755 +--- a/tests/luks/test-key-option-inspect-luks-on-lvm.sh ++++ b/tests/luks/test-key-option-inspect-luks-on-lvm.sh +@@ -30,10 +30,10 @@ skip_unless_phony_guest fedora-luks-on-lvm.img + # Volume names. + guestfish=(guestfish --listen --ro --inspector + --add ../test-data/phony-guests/fedora-luks-on-lvm.img) +-keys_by_lvname=(--key /dev/VG/Root:key:FEDORA-Root +- --key /dev/VG/LV1:key:FEDORA-LV1 +- --key /dev/VG/LV2:key:FEDORA-LV2 +- --key /dev/VG/LV3:key:FEDORA-LV3) ++keys_by_lvname=(--key /dev/Volume-Group/Root:key:FEDORA-Root ++ --key /dev/Volume-Group/Logical-Volume-1:key:FEDORA-LV1 ++ --key /dev/Volume-Group/Logical-Volume-2:key:FEDORA-LV2 ++ --key /dev/Volume-Group/Logical-Volume-3:key:FEDORA-LV3) + + # The variable assignment below will fail, and abort the script, if guestfish + # refuses to start up. +@@ -56,10 +56,10 @@ function cleanup_guestfish + trap cleanup_guestfish EXIT + + # Get the UUIDs of the LUKS devices. +-uuid_root=$(guestfish --remote -- luks-uuid /dev/VG/Root) +-uuid_lv1=$( guestfish --remote -- luks-uuid /dev/VG/LV1) +-uuid_lv2=$( guestfish --remote -- luks-uuid /dev/VG/LV2) +-uuid_lv3=$( guestfish --remote -- luks-uuid /dev/VG/LV3) ++uuid_root=$(guestfish --remote -- luks-uuid /dev/Volume-Group/Root) ++uuid_lv1=$( guestfish --remote -- luks-uuid /dev/Volume-Group/Logical-Volume-1) ++uuid_lv2=$( guestfish --remote -- luks-uuid /dev/Volume-Group/Logical-Volume-2) ++uuid_lv3=$( guestfish --remote -- luks-uuid /dev/Volume-Group/Logical-Volume-3) + + # The actual test. + function check_filesystems diff --git a/SOURCES/0008-generator-customize-invert-SELinux-relabeling-defaul.patch b/SOURCES/0008-generator-customize-invert-SELinux-relabeling-defaul.patch deleted file mode 100644 index b3aba8f..0000000 --- a/SOURCES/0008-generator-customize-invert-SELinux-relabeling-defaul.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 8f800b369ada05ea690cebb0bb5e0fed0ba1c548 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Tue, 10 May 2022 12:27:57 +0200 -Subject: [PATCH] generator/customize: invert SELinux relabeling default - -Replace the "--selinux-relabel" option with "--no-selinux-relabel", -inverting the default behavior (for guests with SELinux support, that is --- relabeling is always skipped for guests that don't support SELinux.) - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1554735 -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2075718 -Signed-off-by: Laszlo Ersek -Message-Id: <20220510102757.14466-3-lersek@redhat.com> -Acked-by: Richard W.M. Jones -(cherry picked from commit 2f6a27f1077d32d1ab526427052fc88e188356f7) ---- - generator/customize.ml | 19 +++++++++++-------- - 1 file changed, 11 insertions(+), 8 deletions(-) - -diff --git a/generator/customize.ml b/generator/customize.ml -index 3b3eec6d2..9634dad85 100644 ---- a/generator/customize.ml -+++ b/generator/customize.ml -@@ -564,18 +564,21 @@ to modify C (Fedora, RHEL) or - C (Debian, Ubuntu)."; - }; - -- { flag_name = "selinux-relabel"; -+ { flag_name = "no-selinux-relabel"; - flag_type = FlagBool false (* XXX - the default in virt-builder *); -- flag_ml_var = "selinux_relabel"; -- flag_shortdesc = "Relabel files with correct SELinux labels"; -+ flag_ml_var = "no_selinux_relabel"; -+ flag_shortdesc = "Do not relabel files with correct SELinux labels"; - flag_pod_longdesc = "\ --Relabel files in the guest so that they have the correct SELinux label. -+Do not attempt to correct the SELinux labels of files in the guest. - --This will attempt to relabel files immediately, but if the operation fails --this will instead touch F on the image to schedule a --relabel operation for the next time the image boots. -+In such guests that support SELinux, customization automatically -+relabels files so that they have the correct SELinux label. (The -+relabeling is performed immediately, but if the operation fails, -+customization will instead touch F on the image to -+schedule a relabel operation for the next time the image boots.) This -+option disables the automatic relabeling. - --This option is a no-op for guests that do not support SELinux."; -+The option is a no-op for guests that do not support SELinux."; - }; - - { flag_name = "sm-credentials"; --- -2.31.1 - diff --git a/SOURCES/0009-LUKS-on-LVM-inspection-test-test-dev-mapper-VG-LV-tr.patch b/SOURCES/0009-LUKS-on-LVM-inspection-test-test-dev-mapper-VG-LV-tr.patch new file mode 100644 index 0000000..4cdab8f --- /dev/null +++ b/SOURCES/0009-LUKS-on-LVM-inspection-test-test-dev-mapper-VG-LV-tr.patch @@ -0,0 +1,46 @@ +From 56d7564eaa308ef7de44c8b2b5dfc7997140142e Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Fri, 19 May 2023 16:08:49 +0200 +Subject: [PATCH] LUKS-on-LVM inspection test: test /dev/mapper/VG-LV + translation + +In the LUKS-on-LVM inspection test, call the "check_filesystems" function +yet another time, now with such "--key" options that exercise the recent +"/dev/mapper/VG-LV" -> "/dev/VG/LV" translation (unescaping) from +libguestfs-common. + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2168506 +Signed-off-by: Laszlo Ersek +Message-Id: <20230519140849.310774-4-lersek@redhat.com> +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 32408a9c36165af376f9f42e7d3e158d3da2c76e) +--- + .../test-key-option-inspect-luks-on-lvm.sh | 18 ++++++++++++++++++ + 1 file changed, 18 insertions(+) + +diff --git a/tests/luks/test-key-option-inspect-luks-on-lvm.sh b/tests/luks/test-key-option-inspect-luks-on-lvm.sh +index a8d72b9f..932862b1 100755 +--- a/tests/luks/test-key-option-inspect-luks-on-lvm.sh ++++ b/tests/luks/test-key-option-inspect-luks-on-lvm.sh +@@ -101,3 +101,21 @@ eval "$fish_ref" + + # Repeat the test. + check_filesystems ++ ++# Exit the current guestfish background process. ++guestfish --remote -- exit ++GUESTFISH_PID= ++ ++# Start up another guestfish background process, and specify the keys in ++# /dev/mapper/VG-LV format this time. ++keys_by_mapper_lvname=( ++ --key /dev/mapper/Volume--Group-Root:key:FEDORA-Root ++ --key /dev/mapper/Volume--Group-Logical--Volume--1:key:FEDORA-LV1 ++ --key /dev/mapper/Volume--Group-Logical--Volume--2:key:FEDORA-LV2 ++ --key /dev/mapper/Volume--Group-Logical--Volume--3:key:FEDORA-LV3 ++) ++fish_ref=$("${guestfish[@]}" "${keys_by_mapper_lvname[@]}") ++eval "$fish_ref" ++ ++# Repeat the test. ++check_filesystems diff --git a/SOURCES/0009-generator-customize-reintroduce-selinux-relabel-as-a.patch b/SOURCES/0009-generator-customize-reintroduce-selinux-relabel-as-a.patch deleted file mode 100644 index 4c8b115..0000000 --- a/SOURCES/0009-generator-customize-reintroduce-selinux-relabel-as-a.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 4cfba19fa2b087c4b2c5a1b67aa70eb16e9d5a59 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Wed, 25 May 2022 09:19:58 +0200 -Subject: [PATCH] generator/customize: reintroduce "--selinux-relabel" as a - compat option - -Removing "--selinux-relabel" in commit 2f6a27f1077d ("generator/customize: -invert SELinux relabeling default", 2022-05-11) breaks existing scripts -that invoke virt-customize and/or virt-sysprep with that option. Restore -the option, with no functionality tied to it. - -Fixes: 2f6a27f1077d32d1ab526427052fc88e188356f7 -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2089748 -Signed-off-by: Laszlo Ersek -Message-Id: <20220525071958.9612-1-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit 4b9ee1052a4396621485fdd56d6826714e7481b1) ---- - generator/customize.ml | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/generator/customize.ml b/generator/customize.ml -index 9634dad85..5abaf206f 100644 ---- a/generator/customize.ml -+++ b/generator/customize.ml -@@ -581,6 +581,13 @@ option disables the automatic relabeling. - The option is a no-op for guests that do not support SELinux."; - }; - -+ { flag_name = "selinux-relabel"; -+ flag_type = FlagBool false; -+ flag_ml_var = "selinux_relabel_ignored"; -+ flag_shortdesc = "Compatibility option doing nothing"; -+ flag_pod_longdesc = "This is a compatibility option that does nothing."; -+ }; -+ - { flag_name = "sm-credentials"; - flag_type = FlagSMCredentials "SELECTOR"; - flag_ml_var = "sm_credentials"; --- -2.31.1 - diff --git a/SOURCES/0010-fuse-Don-t-call-fclose-NULL-on-error-paths.patch b/SOURCES/0010-fuse-Don-t-call-fclose-NULL-on-error-paths.patch new file mode 100644 index 0000000..5c5ceb9 --- /dev/null +++ b/SOURCES/0010-fuse-Don-t-call-fclose-NULL-on-error-paths.patch @@ -0,0 +1,62 @@ +From 744a257083ccc30e6b7bae40acc04eb45a59a971 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Mon, 22 May 2023 17:15:39 +0100 +Subject: [PATCH] fuse: Don't call fclose(NULL) on error paths +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Various errors like this: + +In function ‘test_fuse’, + inlined from ‘main’ at test-fuse.c:133:11: +test-fuse.c:274:5: error: argument 1 null where non-null expected [-Werror=nonnull] + 274 | fclose (fp); + | ^~~~~~~~~~~ +In file included from test-fuse.c:26: +/usr/include/stdio.h: In function ‘main’: +/usr/include/stdio.h:183:12: note: in a call to function ‘fclose’ declared ‘nonnull’ + 183 | extern int fclose (FILE *__stream) __nonnull ((1)); + | ^~~~~~ + +(cherry picked from commit ca20f27cb0898c347e49b543a8acdfb0a8a8fa7e) +--- + fuse/test-fuse.c | 4 ---- + 1 file changed, 4 deletions(-) + +diff --git a/fuse/test-fuse.c b/fuse/test-fuse.c +index 9c0db594..90a78dc7 100644 +--- a/fuse/test-fuse.c ++++ b/fuse/test-fuse.c +@@ -271,7 +271,6 @@ test_fuse (void) + fp = fopen ("hello.txt", "r"); + if (fp == NULL) { + perror ("open: hello.txt"); +- fclose (fp); + return -1; + } + if (getline (&line, &len, fp) == -1) { +@@ -289,7 +288,6 @@ test_fuse (void) + fp = fopen ("world.txt", "r"); + if (fp == NULL) { + perror ("open: world.txt"); +- fclose (fp); + return -1; + } + if (getline (&line, &len, fp) == -1) { +@@ -352,7 +350,6 @@ test_fuse (void) + fp = fopen ("new", "w"); + if (fp == NULL) { + perror ("open: new"); +- fclose (fp); + return -1; + } + fclose (fp); +@@ -615,7 +612,6 @@ test_fuse (void) + fp = fopen ("new.txt", "w"); + if (fp == NULL) { + perror ("open: new.txt"); +- fclose (fp); + return -1; + } + for (u = 0; u < 1000; ++u) { diff --git a/SOURCES/0011-ocaml-implicit_close-test-collect-all-currently-unre.patch b/SOURCES/0011-ocaml-implicit_close-test-collect-all-currently-unre.patch new file mode 100644 index 0000000..b988d39 --- /dev/null +++ b/SOURCES/0011-ocaml-implicit_close-test-collect-all-currently-unre.patch @@ -0,0 +1,38 @@ +From 8aafa0631b55ec92ba1fae34d94500dd1e027083 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?J=C3=BCrgen=20H=C3=B6tzel?= +Date: Sat, 27 May 2023 15:32:36 +0200 +Subject: [PATCH] ocaml/implicit_close test: collect all currently unreachable + blocks + +Fixes failing implice_close test on OCaml 5. + +RWMJ: + +I adjusted this patch so that we continue to call Gc.compact on +exiting the test, to move all of the heap (hopefully revealing flaws +in the bindings). This only works on OCaml <= 4, but Gc.compact may +be fixed/reimplemented later in the 5.x series. + +Please see also the lengthy discussion of this patch upstream: +https://listman.redhat.com/archives/libguestfs/2023-May/thread.html#31639 +https://listman.redhat.com/archives/libguestfs/2023-June/thread.html#31709 +https://discuss.ocaml.org/t/ocaml-heap-fsck-and-forcing-collection-of-unreachable-objects/12281/1 + +(cherry picked from commit 1274452d225da71f115e0cb8ad435e02670dc4fb) +--- + ocaml/t/guestfs_065_implicit_close.ml | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ocaml/t/guestfs_065_implicit_close.ml b/ocaml/t/guestfs_065_implicit_close.ml +index 567e550b..f2dfecbd 100644 +--- a/ocaml/t/guestfs_065_implicit_close.ml ++++ b/ocaml/t/guestfs_065_implicit_close.ml +@@ -30,7 +30,7 @@ let () = + *) + + (* This should cause the GC to close the handle. *) +-let () = Gc.compact () ++let () = Gc.full_major () + + let () = assert (!close_invoked = 1) + diff --git a/SOURCES/0012-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch b/SOURCES/0012-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch deleted file mode 100644 index 5683472..0000000 --- a/SOURCES/0012-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch +++ /dev/null @@ -1,32 +0,0 @@ -From c1ff450bcee1465f0eaca00a4d6c8c731f175488 Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Tue, 29 Jun 2021 15:29:11 +0100 -Subject: [PATCH] RHEL: Create /etc/crypto-policies/back-ends/opensslcnf.config - -https://bugzilla.redhat.com/show_bug.cgi?id=1977214#c13 ---- - appliance/init | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/appliance/init b/appliance/init -index 19aa151b7..e67d88280 100755 ---- a/appliance/init -+++ b/appliance/init -@@ -76,6 +76,14 @@ if ! test -e /etc/mtab; then - ln -s /proc/mounts /etc/mtab - fi - -+# openssl 3 requires /etc/crypto-policies/back-ends/opensslcnf.config -+# to exist, but it is created in a %post script in crypto-policies -+# https://bugzilla.redhat.com/show_bug.cgi?id=1977214#c13 -+if ! test -r /etc/crypto-policies/back-ends/opensslcnf.config && -+ test -f /usr/share/crypto-policies/DEFAULT/opensslcnf.txt; then -+ ln -s /usr/share/crypto-policies/DEFAULT/opensslcnf.txt /etc/crypto-policies/back-ends/opensslcnf.config -+fi -+ - # Static nodes must happen before udev is started. - - # Set up kmod static-nodes (RHBZ#1011907). --- -2.31.1 - diff --git a/SOURCES/0012-ocaml-Replace-old-enter-leave_blocking_section-calls.patch b/SOURCES/0012-ocaml-Replace-old-enter-leave_blocking_section-calls.patch new file mode 100644 index 0000000..3de7cb3 --- /dev/null +++ b/SOURCES/0012-ocaml-Replace-old-enter-leave_blocking_section-calls.patch @@ -0,0 +1,70 @@ +From 25108090a1566bc49caab833fe1591a0c6f941be Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 27 Jun 2023 10:17:58 +0100 +Subject: [PATCH] ocaml: Replace old enter/leave_blocking_section calls + +Since OCaml 4 the old and confusing caml_enter_blocking_section and +caml_leave_blocking_section calls have been replaced with +caml_release_runtime_system and caml_acquire_runtime_system (in that +order). Use the new names. + +(cherry picked from commit 7e1d7c1330185a1f3da2ce2100f59637518c3302) +--- + generator/OCaml.ml | 5 +++-- + ocaml/guestfs-c.c | 5 +++-- + 2 files changed, 6 insertions(+), 4 deletions(-) + +diff --git a/generator/OCaml.ml b/generator/OCaml.ml +index 02d9ee2e..07ccd269 100644 +--- a/generator/OCaml.ml ++++ b/generator/OCaml.ml +@@ -429,6 +429,7 @@ and generate_ocaml_c () = + #include + #include + #include ++#include + + #include + #include \"guestfs-utils.h\" +@@ -689,12 +690,12 @@ copy_table (char * const * argv) + pr "\n"; + + if blocking then +- pr " caml_enter_blocking_section ();\n"; ++ pr " caml_release_runtime_system ();\n"; + pr " r = %s " c_function; + generate_c_call_args ~handle:"g" style; + pr ";\n"; + if blocking then +- pr " caml_leave_blocking_section ();\n"; ++ pr " caml_acquire_runtime_system ();\n"; + + (* Free strings if we copied them above. *) + List.iter ( +diff --git a/ocaml/guestfs-c.c b/ocaml/guestfs-c.c +index 3888c945..8c8aa460 100644 +--- a/ocaml/guestfs-c.c ++++ b/ocaml/guestfs-c.c +@@ -34,6 +34,7 @@ + #include + #include + #include ++#include + #include + + #include "guestfs-c.h" +@@ -395,12 +396,12 @@ event_callback_wrapper (guestfs_h *g, + /* Ensure we are holding the GC lock before any GC operations are + * possible. (RHBZ#725824) + */ +- caml_leave_blocking_section (); ++ caml_acquire_runtime_system (); + + event_callback_wrapper_locked (g, data, event, event_handle, flags, + buf, buf_len, array, array_len); + +- caml_enter_blocking_section (); ++ caml_release_runtime_system (); + } + + value diff --git a/SOURCES/0013-ocaml-Release-runtime-lock-around-guestfs_close.patch b/SOURCES/0013-ocaml-Release-runtime-lock-around-guestfs_close.patch new file mode 100644 index 0000000..e75313a --- /dev/null +++ b/SOURCES/0013-ocaml-Release-runtime-lock-around-guestfs_close.patch @@ -0,0 +1,28 @@ +From 166e4e90eef0d4c81a92940e5d61450d70f00662 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 27 Jun 2023 11:36:55 +0100 +Subject: [PATCH] ocaml: Release runtime lock around guestfs_close + +When finalizing the handle we call guestfs_close. This function could +be long-running (eg. it may have to shut down the qemu subprocess), so +release the runtime lock. + +(cherry picked from commit 4a79c023e57e07844c2ac3259aaf9b885e402fdf) +--- + ocaml/guestfs-c.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/ocaml/guestfs-c.c b/ocaml/guestfs-c.c +index 8c8aa460..a1865a72 100644 +--- a/ocaml/guestfs-c.c ++++ b/ocaml/guestfs-c.c +@@ -77,7 +77,9 @@ guestfs_finalize (value gv) + * above, which is why we don't want to delete them before + * closing the handle. + */ ++ caml_release_runtime_system (); + guestfs_close (g); ++ caml_acquire_runtime_system (); + + /* Now unregister the global roots. */ + if (roots && len > 0) { diff --git a/SOURCES/0013-php-add-arginfo-to-php-bindings.patch b/SOURCES/0013-php-add-arginfo-to-php-bindings.patch deleted file mode 100644 index 7122e7c..0000000 --- a/SOURCES/0013-php-add-arginfo-to-php-bindings.patch +++ /dev/null @@ -1,90 +0,0 @@ -From d451e0e42c75429279426e9eb5a7701cd4681d07 Mon Sep 17 00:00:00 2001 -From: Geoff Amey -Date: Wed, 15 Jun 2022 17:06:56 -0400 -Subject: [PATCH] php: add arginfo to php bindings - -Starting with PHP8, arginfo is mandatory for PHP extensions. This patch -updates the generator for the PHP bindings to generate the arginfo -structures, using the Zend API macros. Only basic arginfo is added, -without full documentation of argument and return types, in order to -ensure compatibility with as many versions of PHP as possible. - -(cherry picked from commit ec27979398b0871c1a3e0e244849f8435c9c9a8d) ---- - .gitignore | 1 + - generator/php.ml | 37 ++++++++++++++++++++++++++++++++++--- - 2 files changed, 35 insertions(+), 3 deletions(-) - -diff --git a/.gitignore b/.gitignore -index a36ccc86a..356c01fbd 100644 ---- a/.gitignore -+++ b/.gitignore -@@ -325,6 +325,7 @@ Makefile.in - /php/extension/configure.in - /php/extension/env - /php/extension/guestfs_php.c -+/php/extension/guestfs_php.dep - /php/extension/install-sh - /php/extension/libtool - /php/extension/ltmain.sh -diff --git a/generator/php.ml b/generator/php.ml -index 5c7ef48e8..acdc7b877 100644 ---- a/generator/php.ml -+++ b/generator/php.ml -@@ -130,6 +130,37 @@ typedef size_t guestfs_string_length; - typedef int guestfs_string_length; - #endif - -+/* Declare argument info structures */ -+ZEND_BEGIN_ARG_INFO_EX(arginfo_create, 0, 0, 0) -+ZEND_END_ARG_INFO() -+ -+ZEND_BEGIN_ARG_INFO_EX(arginfo_last_error, 0, 0, 1) -+ ZEND_ARG_INFO(0, g) -+ZEND_END_ARG_INFO() -+ -+"; -+ List.iter ( -+ fun { name = shortname; style = ret, args, optargs; } -> -+ let len = List.length args in -+ pr "ZEND_BEGIN_ARG_INFO_EX(arginfo_%s, 0, 0, %d)\n" shortname (len + 1); -+ pr " ZEND_ARG_INFO(0, g)\n"; -+ List.iter ( -+ function -+ | BufferIn n | Bool n | Int n | Int64 n | OptString n -+ | Pointer(_, n) | String (_, n) | StringList (_, n) -> -+ pr " ZEND_ARG_INFO(0, %s)\n" n -+ ) args; -+ -+ List.iter ( -+ function -+ | OBool n | OInt n | OInt64 n | OString n | OStringList n -> -+ pr " ZEND_ARG_INFO(0, %s)\n" n -+ ) optargs; -+ pr "ZEND_END_ARG_INFO()\n\n"; -+ ) (actions |> external_functions |> sort); -+ -+ pr " -+ - /* Convert array to list of strings. - * http://marc.info/?l=pecl-dev&m=112205192100631&w=2 - */ -@@ -204,12 +235,12 @@ PHP_MINIT_FUNCTION (guestfs_php) - } - - static zend_function_entry guestfs_php_functions[] = { -- PHP_FE (guestfs_create, NULL) -- PHP_FE (guestfs_last_error, NULL) -+ PHP_FE (guestfs_create, arginfo_create) -+ PHP_FE (guestfs_last_error, arginfo_last_error) - "; - - List.iter ( -- fun { name } -> pr " PHP_FE (guestfs_%s, NULL)\n" name -+ fun { name } -> pr " PHP_FE (guestfs_%s, arginfo_%s)\n" name name - ) (actions |> external_functions |> sort); - - pr " { NULL, NULL, NULL } --- -2.31.1 - diff --git a/SOURCES/0014-introduce-the-clevis_luks_unlock-API.patch b/SOURCES/0014-introduce-the-clevis_luks_unlock-API.patch deleted file mode 100644 index 10db265..0000000 --- a/SOURCES/0014-introduce-the-clevis_luks_unlock-API.patch +++ /dev/null @@ -1,252 +0,0 @@ -From 51ea2e3af9caa434e847ca74a86f5de5ade6058f Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Thu, 30 Jun 2022 14:20:47 +0200 -Subject: [PATCH] introduce the "clevis_luks_unlock" API - -Introduce a new guestfs API called "clevis_luks_unlock". At the libguestfs -level, it is quite simple; it wraps the "clevis luks unlock" guest command -(implemented by the "clevis-luks-unlock" executable, which is in fact a -shell script). - -The complexity is instead in the network-based disk encryption -(Clevis/Tang) scheme. Useful documentation: - -- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html-single/security_hardening/index#configuring-automated-unlocking-of-encrypted-volumes-using-policy-based-decryption_security-hardening -- https://github.com/latchset/clevis#clevis -- https://github.com/latchset/tang#tang - -The package providing "clevis-luks-unlock" is usually called -"clevis-luks", occasionally "clevis". Some distros don't package clevis at -all. Add the new API under a new option group (which may not be available) -called "clevisluks". - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1809453 -Signed-off-by: Laszlo Ersek -Message-Id: <20220630122048.19335-3-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit 9a3e9a6c03eaffe60196bc4c7ae4699beae01dc3) ---- - appliance/packagelist.in | 4 +++ - daemon/Makefile.am | 1 + - daemon/clevis-luks.c | 58 +++++++++++++++++++++++++++++++++++++++ - generator/actions_core.ml | 40 +++++++++++++++++++++++++++ - generator/proc_nr.ml | 1 + - lib/MAX_PROC_NR | 2 +- - lib/guestfs.pod | 19 ++++++++++--- - 7 files changed, 120 insertions(+), 5 deletions(-) - create mode 100644 daemon/clevis-luks.c - -diff --git a/appliance/packagelist.in b/appliance/packagelist.in -index 77a07acc6..0b79edcdd 100644 ---- a/appliance/packagelist.in -+++ b/appliance/packagelist.in -@@ -23,6 +23,7 @@ dnl Basically the same with a few minor tweaks. - ifelse(UBUNTU,1,`define(`DEBIAN',1)') - - ifelse(REDHAT,1, -+ clevis-luks - cryptsetup - cryptsetup-luks dnl old name used before Fedora 17 - dhclient -@@ -53,6 +54,7 @@ ifelse(DEBIAN,1, - bsdmainutils - dnl old name used in Jessie and earlier - btrfs-tools -+ clevis-luks - cryptsetup - dash - extlinux -@@ -92,6 +94,7 @@ dnl iproute has been renamed to iproute2 - ifelse(ARCHLINUX,1, - cdrkit - cdrtools -+ clevis - cryptsetup - dhclient - dhcpcd -@@ -119,6 +122,7 @@ ifelse(SUSE,1, - augeas-lenses - btrfsprogs - cdrkit-cdrtools-compat -+ clevis - cryptsetup - dhcpcd - dhcp-client -diff --git a/daemon/Makefile.am b/daemon/Makefile.am -index bbd49f9ea..f50faecd6 100644 ---- a/daemon/Makefile.am -+++ b/daemon/Makefile.am -@@ -98,6 +98,7 @@ guestfsd_SOURCES = \ - cap.c \ - checksum.c \ - cleanups.c \ -+ clevis-luks.c \ - cmp.c \ - command.c \ - command.h \ -diff --git a/daemon/clevis-luks.c b/daemon/clevis-luks.c -new file mode 100644 -index 000000000..d3d970d78 ---- /dev/null -+++ b/daemon/clevis-luks.c -@@ -0,0 +1,58 @@ -+/* libguestfs - the guestfsd daemon -+ * Copyright (C) 2009-2022 Red Hat Inc. -+ * -+ * This program is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 2 of the License, or -+ * (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -+ */ -+ -+#include -+ -+#include "daemon.h" -+#include "actions.h" -+#include "optgroups.h" -+ -+#define MAX_ARGS 8 -+ -+int -+optgroup_clevisluks_available (void) -+{ -+ return prog_exists ("clevis-luks-unlock"); -+} -+ -+int -+do_clevis_luks_unlock (const char *device, const char *mapname) -+{ -+ const char *argv[MAX_ARGS]; -+ size_t i = 0; -+ int r; -+ CLEANUP_FREE char *err = NULL; -+ -+ ADD_ARG (argv, i, "clevis"); -+ ADD_ARG (argv, i, "luks"); -+ ADD_ARG (argv, i, "unlock"); -+ ADD_ARG (argv, i, "-d"); -+ ADD_ARG (argv, i, device); -+ ADD_ARG (argv, i, "-n"); -+ ADD_ARG (argv, i, mapname); -+ ADD_ARG (argv, i, NULL); -+ -+ r = commandv (NULL, &err, argv); -+ if (r == -1) { -+ reply_with_error ("%s: %s: %s", device, mapname, err); -+ return -1; -+ } -+ -+ udev_settle (); -+ return 0; -+} -diff --git a/generator/actions_core.ml b/generator/actions_core.ml -index 6cd42a290..3c9b0a9b2 100644 ---- a/generator/actions_core.ml -+++ b/generator/actions_core.ml -@@ -9676,4 +9676,44 @@ and I the name of the underlying block device." }; - shortdesc = "read directories entries"; - longdesc = "Internal function for readdir." }; - -+ { defaults with -+ name = "clevis_luks_unlock"; added = (1, 49, 3); -+ style = RErr, -+ [String (Device, "device"); String (PlainString, "mapname")], -+ []; -+ optional = Some "clevisluks"; -+ test_excuse = "needs networking and a configured Tang server"; -+ shortdesc = "open an encrypted LUKS block device with Clevis and Tang"; -+ longdesc = "\ -+This command opens a block device that has been encrypted according to -+the Linux Unified Key Setup (LUKS) standard, using network-bound disk -+encryption (NBDE). -+ -+C is the encrypted block device. -+ -+The appliance will connect to the Tang servers noted in the tree of -+Clevis pins that is bound to a keyslot of the LUKS header. The Clevis -+pin tree may comprise C (redudancy) pins as internal nodes -+(optionally), and C pins as leaves. C pins are not -+supported. The appliance unlocks the encrypted block device by -+combining responses from the Tang servers with metadata from the LUKS -+header; there is no C parameter. -+ -+This command will fail if networking has not been enabled for the -+appliance. Refer to C. -+ -+The command creates a new block device called F. -+Reads and writes to this block device are decrypted from and encrypted -+to the underlying C respectively. Close the decrypted block -+device with C. -+ -+C cannot be C<\"control\"> because that name is reserved by -+device-mapper. -+ -+If this block device contains LVM volume groups, then calling -+C with the C parameter C will make -+them visible. -+ -+Use C to list all device mapper devices." }; -+ - ] -diff --git a/generator/proc_nr.ml b/generator/proc_nr.ml -index bdced51c9..edd9bd99d 100644 ---- a/generator/proc_nr.ml -+++ b/generator/proc_nr.ml -@@ -514,6 +514,7 @@ let proc_nr = [ - 509, "cryptsetup_close"; - 510, "internal_list_rpm_applications"; - 511, "internal_readdir"; -+512, "clevis_luks_unlock" - ] - - (* End of list. If adding a new entry, add it at the end of the list -diff --git a/lib/MAX_PROC_NR b/lib/MAX_PROC_NR -index c0556fb20..4d0e90cbc 100644 ---- a/lib/MAX_PROC_NR -+++ b/lib/MAX_PROC_NR -@@ -1 +1 @@ --511 -+512 -diff --git a/lib/guestfs.pod b/lib/guestfs.pod -index 946ce2d36..0fbe114a5 100644 ---- a/lib/guestfs.pod -+++ b/lib/guestfs.pod -@@ -591,11 +591,22 @@ For Windows BitLocker it returns C. - Then open these devices by calling L. - Obviously you will require the passphrase! - -+Passphrase-less unlocking is supported for LUKS (not BitLocker) -+block devices that have been encrypted with network-bound disk -+encryption (NBDE), using Clevis on the Linux guest side, and -+Tang on a separate Linux server. Open such devices with -+L. The appliance will need -+networking enabled (refer to L) and actual -+connectivity to the Tang servers noted in the C Clevis -+pins that are bound to the LUKS header. (This includes the -+ability to resolve the names of the Tang servers.) -+ - Opening an encrypted device creates a new device mapper device --called F (where C is the --string you supply to L). --Reads and writes to this mapper device are decrypted from and --encrypted to the underlying block device respectively. -+called F (where C is the string -+you supply to L or -+L). Reads and writes to this mapper -+device are decrypted from and encrypted to the underlying block -+device respectively. - - LVM volume groups on the device can be made visible by calling - L followed by L. --- -2.31.1 - diff --git a/SOURCES/0014-ocaml-Conditionally-acquire-the-lock-in-callbacks.patch b/SOURCES/0014-ocaml-Conditionally-acquire-the-lock-in-callbacks.patch new file mode 100644 index 0000000..5741670 --- /dev/null +++ b/SOURCES/0014-ocaml-Conditionally-acquire-the-lock-in-callbacks.patch @@ -0,0 +1,73 @@ +From c13dd5b6d4ca94eebe32bc32993f5be0b5b373ad Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 27 Jun 2023 12:09:12 +0100 +Subject: [PATCH] ocaml: Conditionally acquire the lock in callbacks +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This fix was originally suggested by Jürgen Hötzel (link below) which +I have lightly modified so it works with OCaml <= 4 too. + +Link: https://listman.redhat.com/archives/libguestfs/2023-May/031640.html +Link: https://discuss.ocaml.org/t/test-caml-state-and-conditionally-caml-acquire-runtime-system-good-or-bad/12489 +(cherry picked from commit 16464878cf980ffab1c1aeada2e438b0281ad1bc) +--- + ocaml/guestfs-c.c | 25 +++++++++++++++++++++++-- + 1 file changed, 23 insertions(+), 2 deletions(-) + +diff --git a/ocaml/guestfs-c.c b/ocaml/guestfs-c.c +index a1865a72..67dc3547 100644 +--- a/ocaml/guestfs-c.c ++++ b/ocaml/guestfs-c.c +@@ -19,6 +19,7 @@ + #include + #include + #include ++#include + #include + #include + +@@ -36,6 +37,7 @@ + #include + #include + #include ++#include + + #include "guestfs-c.h" + +@@ -397,13 +399,32 @@ event_callback_wrapper (guestfs_h *g, + { + /* Ensure we are holding the GC lock before any GC operations are + * possible. (RHBZ#725824) ++ * ++ * There are many paths where we already hold the OCaml lock before ++ * this function, for example "non-blocking" calls, and the ++ * libguestfs global atexit path (which calls guestfs_close). To ++ * avoid double acquisition we need to check if we already hold the ++ * lock. OCaml 5 is strict about this. In earlier OCaml versions ++ * there is no way to check, but they did not implement the lock as ++ * a mutex and so it didn't cause problems. ++ * ++ * See also: ++ * https://discuss.ocaml.org/t/test-caml-state-and-conditionally-caml-acquire-runtime-system-good-or-bad/12489 + */ +- caml_acquire_runtime_system (); ++#if OCAML_VERSION_MAJOR >= 5 ++ bool acquired = caml_state != NULL; ++#else ++ const bool acquired = false; ++#endif ++ ++ if (!acquired) ++ caml_acquire_runtime_system (); + + event_callback_wrapper_locked (g, data, event, event_handle, flags, + buf, buf_len, array, array_len); + +- caml_release_runtime_system (); ++ if (!acquired) ++ caml_release_runtime_system (); + } + + value diff --git a/SOURCES/0015-guestfish-guestmount-enable-networking-for-key-ID-cl.patch b/SOURCES/0015-guestfish-guestmount-enable-networking-for-key-ID-cl.patch deleted file mode 100644 index c4a406e..0000000 --- a/SOURCES/0015-guestfish-guestmount-enable-networking-for-key-ID-cl.patch +++ /dev/null @@ -1,69 +0,0 @@ -From 5ae97d7d83d8cdb6e8428774282167dd774aaf70 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Thu, 30 Jun 2022 14:20:48 +0200 -Subject: [PATCH] guestfish, guestmount: enable networking for "--key - ID:clevis" - -Call the C-language helper key_store_requires_network() in guestfish and -guestmount. - -(Short log for the "common" submodule, commit range -35467027f657..af6cb55bc58a: - -Laszlo Ersek (12): - options: fix UUID comparison logic bug in get_keys() - mltools/tools_utils: remove unused function "key_store_to_cli" - mltools/tools_utils: allow multiple "--key" options for OCaml tools too - options: replace NULL-termination with number-of-elements in get_keys() - options: wrap each passphrase from get_keys() into a struct - options: add back-end for LUKS decryption with Clevis+Tang - options: introduce selector type "key_clevis" - options: generalize "--key" selector parsing for C-language utilities - mltools/tools_utils-c: handle internal type error with abort() - mltools/tools_utils: generalize "--key" selector parsing for OCaml utils - options, mltools/tools_utils: parse "--key ID:clevis" options - options, mltools/tools_utils: add helper for network dependency -). - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1809453 -Signed-off-by: Laszlo Ersek -Reviewed-by: Richard W.M. Jones -Message-Id: <20220630122048.19335-4-lersek@redhat.com> -(cherry picked from commit 6a5b44f538065a9f661510234a4235bf38348213) ---- - fish/fish.c | 3 +++ - fuse/guestmount.c | 4 ++++ - 2 files changed, 7 insertions(+) - -diff --git a/fish/fish.c b/fish/fish.c -index 23d9bb94f..19e3d2799 100644 ---- a/fish/fish.c -+++ b/fish/fish.c -@@ -476,6 +476,9 @@ main (int argc, char *argv[]) - /* If we've got drives to add, add them now. */ - add_drives (drvs); - -+ if (key_store_requires_network (ks) && guestfs_set_network (g, 1) == -1) -+ exit (EXIT_FAILURE); -+ - /* If we've got mountpoints or prepared drives or -i option, we must - * launch the guest and mount them. - */ -diff --git a/fuse/guestmount.c b/fuse/guestmount.c -index 77c534828..3c6d57bde 100644 ---- a/fuse/guestmount.c -+++ b/fuse/guestmount.c -@@ -348,6 +348,10 @@ main (int argc, char *argv[]) - - /* Do the guest drives and mountpoints. */ - add_drives (drvs); -+ -+ if (key_store_requires_network (ks) && guestfs_set_network (g, 1) == -1) -+ exit (EXIT_FAILURE); -+ - if (guestfs_launch (g) == -1) - exit (EXIT_FAILURE); - if (inspector) --- -2.31.1 - diff --git a/SOURCES/0015-ocaml-Fix-guestfs_065_implicit_close.ml-for-OCaml-5.patch b/SOURCES/0015-ocaml-Fix-guestfs_065_implicit_close.ml-for-OCaml-5.patch new file mode 100644 index 0000000..d1d38e0 --- /dev/null +++ b/SOURCES/0015-ocaml-Fix-guestfs_065_implicit_close.ml-for-OCaml-5.patch @@ -0,0 +1,59 @@ +From b6c9d4624899f4d81cc8d64d47ecef60aad8dd94 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 27 Jun 2023 16:20:49 +0100 +Subject: [PATCH] ocaml: Fix guestfs_065_implicit_close.ml for OCaml 5 + +Link: https://discuss.ocaml.org/t/ocaml-5-forcing-objects-to-be-collected-and-finalized/12492/3 +Thanks: Josh Berdine +Thanks: Vincent Laviron +(cherry picked from commit 7d4e9c927e8478662ece204b98ee3b5b147ab4b9) +--- + ocaml/t/guestfs_065_implicit_close.ml | 33 +++++++++++++++------------ + 1 file changed, 19 insertions(+), 14 deletions(-) + +diff --git a/ocaml/t/guestfs_065_implicit_close.ml b/ocaml/t/guestfs_065_implicit_close.ml +index f2dfecbd..9e68bc4c 100644 +--- a/ocaml/t/guestfs_065_implicit_close.ml ++++ b/ocaml/t/guestfs_065_implicit_close.ml +@@ -16,22 +16,27 @@ + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + *) + +-let close_invoked = ref 0 ++let [@inline never][@local never] run () = ++ let close_invoked = ref 0 in + +-let close _ _ _ _ = +- incr close_invoked ++ let close _ _ _ _ = ++ incr close_invoked ++ in + +-let () = +- let g = new Guestfs.guestfs () in +- ignore (g#set_event_callback close [Guestfs.EVENT_CLOSE]); +- assert (!close_invoked = 0) +-(* Allow the 'g' handle to go out of scope here, to ensure there is no +- * reference held on the stack. +- *) ++ let () = ++ let g = new Guestfs.guestfs () in ++ ignore (g#set_event_callback close [Guestfs.EVENT_CLOSE]); ++ assert (!close_invoked = 0) ++ (* Allow the 'g' handle to go out of scope here, to ensure there is no ++ * reference held on the stack. ++ *) ++ in + +-(* This should cause the GC to close the handle. *) +-let () = Gc.full_major () ++ (* This should cause the GC to close the handle. *) ++ Gc.full_major (); + +-let () = assert (!close_invoked = 1) ++ assert (!close_invoked = 1); + +-let () = Gc.compact () ++ Gc.compact () ++ ++let () = run () diff --git a/SOURCES/0016-daemon-Add-zstd-support-to-guestfs_file_architecture.patch b/SOURCES/0016-daemon-Add-zstd-support-to-guestfs_file_architecture.patch deleted file mode 100644 index 922609e..0000000 --- a/SOURCES/0016-daemon-Add-zstd-support-to-guestfs_file_architecture.patch +++ /dev/null @@ -1,182 +0,0 @@ -From 4807dacb577167b89cb5ffb1fa1a68ddf30b9319 Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Tue, 9 Aug 2022 18:39:30 +0100 -Subject: [PATCH] daemon: Add zstd support to guestfs_file_architecture - -This is required so we can determine the file architecture of -zstd-compressed Linux kernel modules as used by OpenSUSE and maybe -other distros in future. - -Note that zstd becomes a required package, but it is widely available -in current Linux distros. - -The package names come from https://pkgs.org/download/zstd and my own -research. - -(cherry picked from commit 0e784824e82a88e522873fec5db1a11943d637ed) ---- - .gitignore | 1 + - appliance/packagelist.in | 6 ++++++ - daemon/filearch.ml | 1 + - docs/guestfs-building.pod | 4 ++++ - generator/actions_core.ml | 2 ++ - m4/guestfs-progs.m4 | 4 ++++ - test-data/Makefile.am | 1 + - test-data/files/Makefile.am | 6 ++++++ - 8 files changed, 25 insertions(+) - -diff --git a/.gitignore b/.gitignore -index 356c01fbd..ee5ea74dd 100644 ---- a/.gitignore -+++ b/.gitignore -@@ -448,6 +448,7 @@ Makefile.in - /test-data/files/initrd-x86_64.img - /test-data/files/initrd-x86_64.img.gz - /test-data/files/lib-i586.so.xz -+/test-data/files/lib-i586.so.zst - /test-data/files/test-grep.txt.gz - /test-data/phony-guests/archlinux.img - /test-data/phony-guests/blank-*.img -diff --git a/appliance/packagelist.in b/appliance/packagelist.in -index 0b79edcdd..0fc11f6ae 100644 ---- a/appliance/packagelist.in -+++ b/appliance/packagelist.in -@@ -48,6 +48,7 @@ ifelse(REDHAT,1, - vim-minimal - xz - zfs-fuse -+ zstd - ) - - ifelse(DEBIAN,1, -@@ -88,6 +89,7 @@ dnl iproute has been renamed to iproute2 - vim-tiny - xz-utils - zfs-fuse -+ zstd - uuid-runtime - ) - -@@ -115,6 +117,7 @@ ifelse(ARCHLINUX,1, - systemd - vim - xz -+ zstd - ) - - ifelse(SUSE,1, -@@ -140,6 +143,7 @@ ifelse(SUSE,1, - systemd-sysvinit - vim - xz -+ zstd - ) - - ifelse(FRUGALWARE,1, -@@ -185,6 +189,7 @@ ifelse(MAGEIA,1, - systemd /* for /sbin/reboot and udevd */ - vim-minimal - xz -+ zstd - ) - - ifelse(OPENMANDRIVA,1, -@@ -203,6 +208,7 @@ ifelse(OPENMANDRIVA,1, - systemd /* for /sbin/reboot and udevd */ - vim-minimal - xz -+ zstd - ) - - include(guestfsd.deps) -diff --git a/daemon/filearch.ml b/daemon/filearch.ml -index 67a7339e0..4d7e912c0 100644 ---- a/daemon/filearch.ml -+++ b/daemon/filearch.ml -@@ -106,6 +106,7 @@ and cpio_arch magic orig_path path = - if String.find magic "gzip" >= 0 then "zcat" - else if String.find magic "bzip2" >= 0 then "bzcat" - else if String.find magic "XZ compressed" >= 0 then "xzcat" -+ else if String.find magic "Zstandard compressed" >= 0 then "zstdcat" - else "cat" in - - let tmpdir = Mkdtemp.temp_dir "filearch" in -diff --git a/docs/guestfs-building.pod b/docs/guestfs-building.pod -index b93a611a6..7a7240f78 100644 ---- a/docs/guestfs-building.pod -+++ b/docs/guestfs-building.pod -@@ -172,6 +172,10 @@ I. - - I. - -+=item zstd -+ -+I. -+ - =item Jansson E 2.7 - - I. -diff --git a/generator/actions_core.ml b/generator/actions_core.ml -index 3c9b0a9b2..553e4ec3b 100644 ---- a/generator/actions_core.ml -+++ b/generator/actions_core.ml -@@ -9373,6 +9373,8 @@ with large files, such as the resulting squashfs will be over 3GB big." }; - [["file_architecture"; "/bin-x86_64-dynamic.gz"]], "x86_64"), []; - InitISOFS, Always, TestResultString ( - [["file_architecture"; "/lib-i586.so.xz"]], "i386"), []; -+ InitISOFS, Always, TestResultString ( -+ [["file_architecture"; "/lib-i586.so.zst"]], "i386"), []; - ]; - shortdesc = "detect the architecture of a binary file"; - longdesc = "\ -diff --git a/m4/guestfs-progs.m4 b/m4/guestfs-progs.m4 -index cd8662e86..22fc61367 100644 ---- a/m4/guestfs-progs.m4 -+++ b/m4/guestfs-progs.m4 -@@ -95,6 +95,10 @@ AC_PATH_PROGS([XZCAT],[xzcat],[no]) - test "x$XZCAT" = "xno" && AC_MSG_ERROR([xzcat must be installed]) - AC_DEFINE_UNQUOTED([XZCAT],["$XZCAT"],[Name of xzcat program.]) - -+dnl Check for zstdcat (required). -+AC_PATH_PROGS([ZSTDCAT],[zstdcat],[no]) -+test "x$ZSTDCAT" = "xno" && AC_MSG_ERROR([zstdcat must be installed]) -+ - dnl (f)lex and bison for virt-builder (required). - dnl XXX Could be optional with some work. - AC_PROG_LEX -diff --git a/test-data/Makefile.am b/test-data/Makefile.am -index b603311a1..dbecd74b9 100644 ---- a/test-data/Makefile.am -+++ b/test-data/Makefile.am -@@ -85,6 +85,7 @@ image_files = \ - files/initrd-x86_64.img \ - files/initrd-x86_64.img.gz \ - files/lib-i586.so.xz \ -+ files/lib-i586.so.zst \ - files/test-grep.txt.gz - - noinst_DATA = test.iso -diff --git a/test-data/files/Makefile.am b/test-data/files/Makefile.am -index a3d7288f9..06b0c6585 100644 ---- a/test-data/files/Makefile.am -+++ b/test-data/files/Makefile.am -@@ -40,6 +40,7 @@ noinst_DATA = \ - initrd-x86_64.img \ - initrd-x86_64.img.gz \ - lib-i586.so.xz \ -+ lib-i586.so.zst \ - test-grep.txt.gz - - CLEANFILES += $(noinst_DATA) -@@ -116,3 +117,8 @@ lib-i586.so.xz: $(top_srcdir)/test-data/binaries/lib-i586.so - rm -f $@ $@-t - xz -c $< > $@-t - mv $@-t $@ -+ -+lib-i586.so.zst: $(top_srcdir)/test-data/binaries/lib-i586.so -+ rm -f $@ $@-t -+ zstd -c $< > $@-t -+ mv $@-t $@ --- -2.31.1 - diff --git a/SOURCES/0016-ocaml-Use-Caml_state_opt-in-preference-to-caml_state.patch b/SOURCES/0016-ocaml-Use-Caml_state_opt-in-preference-to-caml_state.patch new file mode 100644 index 0000000..9a22d9f --- /dev/null +++ b/SOURCES/0016-ocaml-Use-Caml_state_opt-in-preference-to-caml_state.patch @@ -0,0 +1,25 @@ +From ff62b8f758e16aab82960474c79a7fc10a0af3ed Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 27 Jun 2023 16:31:55 +0100 +Subject: [PATCH] ocaml: Use Caml_state_opt in preference to caml_state + +Link: https://discuss.ocaml.org/t/test-caml-state-and-conditionally-caml-acquire-runtime-system-good-or-bad/12489/7 +Thanks: Guillaume Munch-Maccagnoni +(cherry picked from commit cade0b1aeb828d294a7c4e323f8131322d30fb73) +--- + ocaml/guestfs-c.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ocaml/guestfs-c.c b/ocaml/guestfs-c.c +index 67dc3547..8a8761e8 100644 +--- a/ocaml/guestfs-c.c ++++ b/ocaml/guestfs-c.c +@@ -412,7 +412,7 @@ event_callback_wrapper (guestfs_h *g, + * https://discuss.ocaml.org/t/test-caml-state-and-conditionally-caml-acquire-runtime-system-good-or-bad/12489 + */ + #if OCAML_VERSION_MAJOR >= 5 +- bool acquired = caml_state != NULL; ++ bool acquired = Caml_state_opt != NULL; + #else + const bool acquired = false; + #endif diff --git a/SOURCES/0017-New-API-inspect_get_build_id.patch b/SOURCES/0017-New-API-inspect_get_build_id.patch deleted file mode 100644 index 479c0cc..0000000 --- a/SOURCES/0017-New-API-inspect_get_build_id.patch +++ /dev/null @@ -1,184 +0,0 @@ -From 7dbcddd5bd5939493db74843593316f7101f8fde Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Thu, 1 Dec 2022 10:00:46 +0000 -Subject: [PATCH] New API: inspect_get_build_id - -Add an API to return the build ID of the guest. This to allow a -future change to be able to distinguish between Windows 10 and Windows 11 -which can only be done using the build ID. - -For Windows we can read the CurrentBuildNumber key from the registry. -For Linux there happens to be a BUILD_ID field in /etc/os-release. -I've never seen a Linux distro that actually uses this. - -Reviewed-by: Laszlo Ersek -(cherry picked from commit f3dd67affe3c657af64ee9f6d70a16e965309556) ---- - daemon/inspect.ml | 6 ++++++ - daemon/inspect_fs_unix.ml | 2 ++ - daemon/inspect_fs_windows.ml | 14 ++++++++++++++ - daemon/inspect_types.ml | 5 +++++ - daemon/inspect_types.mli | 1 + - generator/actions_inspection.ml | 19 +++++++++++++++++++ - generator/proc_nr.ml | 3 ++- - lib/MAX_PROC_NR | 2 +- - 8 files changed, 50 insertions(+), 2 deletions(-) - -diff --git a/daemon/inspect.ml b/daemon/inspect.ml -index fb75b4a6c..20217c025 100644 ---- a/daemon/inspect.ml -+++ b/daemon/inspect.ml -@@ -335,6 +335,12 @@ and inspect_get_hostname root = - | Some v -> v - | None -> "unknown" - -+and inspect_get_build_id root = -+ let root = search_for_root root in -+ match root.inspection_data.build_id with -+ | Some v -> v -+ | None -> "unknown" -+ - and inspect_get_windows_systemroot root = - let root = search_for_root root in - match root.inspection_data.windows_systemroot with -diff --git a/daemon/inspect_fs_unix.ml b/daemon/inspect_fs_unix.ml -index 63cb279d0..009195f80 100644 ---- a/daemon/inspect_fs_unix.ml -+++ b/daemon/inspect_fs_unix.ml -@@ -96,6 +96,8 @@ let rec parse_os_release release_file data = - data.product_name <- Some value - else if key = "VERSION_ID" then - parse_os_release_version_id value data -+ else if key = "BUILD_ID" then -+ data.build_id <- Some value - ) values; - - (* If we haven't got all the fields, exit right away. *) -diff --git a/daemon/inspect_fs_windows.ml b/daemon/inspect_fs_windows.ml -index c4a05bc38..7bc5de7f7 100644 ---- a/daemon/inspect_fs_windows.ml -+++ b/daemon/inspect_fs_windows.ml -@@ -263,6 +263,20 @@ and check_windows_software_registry software_hive data = - with - Not_found -> () - ); -+ -+ (* CurrentBuildNumber (build_id). -+ * -+ * In modern Windows, the "CurrentBuild" and "CurrentBuildNumber" -+ * keys are the same. But in Windows XP, "CurrentBuild" -+ * contained something quite different. So always use -+ * "CurrentBuildNumber". -+ *) -+ (try -+ let v = List.assoc "CurrentBuildNumber" values in -+ data.build_id <- Some (Hivex.value_string h v) -+ with -+ Not_found -> () -+ ); - with - | Not_found -> - if verbose () then -diff --git a/daemon/inspect_types.ml b/daemon/inspect_types.ml -index 9395c51f9..328a2146b 100644 ---- a/daemon/inspect_types.ml -+++ b/daemon/inspect_types.ml -@@ -48,6 +48,7 @@ and inspection_data = { - mutable version : version option; - mutable arch : string option; - mutable hostname : string option; -+ mutable build_id : string option; - mutable fstab : fstab_entry list; - mutable windows_systemroot : string option; - mutable windows_software_hive : string option; -@@ -167,6 +168,8 @@ and string_of_inspection_data data = - data.arch; - Option.may (fun v -> bpf " hostname: %s\n" v) - data.hostname; -+ Option.may (fun v -> bpf " build ID: %s\n" v) -+ data.build_id; - if data.fstab <> [] then ( - let v = List.map ( - fun (a, b) -> sprintf "(%s, %s)" (Mountable.to_string a) b -@@ -272,6 +275,7 @@ let null_inspection_data = { - version = None; - arch = None; - hostname = None; -+ build_id = None; - fstab = []; - windows_systemroot = None; - windows_software_hive = None; -@@ -294,6 +298,7 @@ let merge_inspection_data child parent = - parent.version <- merge child.version parent.version; - parent.arch <- merge child.arch parent.arch; - parent.hostname <- merge child.hostname parent.hostname; -+ parent.build_id <- merge child.build_id parent.build_id; - parent.fstab <- child.fstab @ parent.fstab; - parent.windows_systemroot <- - merge child.windows_systemroot parent.windows_systemroot; -diff --git a/daemon/inspect_types.mli b/daemon/inspect_types.mli -index 29c76e8ab..05a3ffd4e 100644 ---- a/daemon/inspect_types.mli -+++ b/daemon/inspect_types.mli -@@ -51,6 +51,7 @@ and inspection_data = { - mutable version : version option; - mutable arch : string option; - mutable hostname : string option; -+ mutable build_id : string option; - mutable fstab : fstab_entry list; - mutable windows_systemroot : string option; - mutable windows_software_hive : string option; -diff --git a/generator/actions_inspection.ml b/generator/actions_inspection.ml -index f8b744993..70de22ec0 100644 ---- a/generator/actions_inspection.ml -+++ b/generator/actions_inspection.ml -@@ -529,6 +529,25 @@ hive is a valid Windows Registry hive. - - You can use C to read or write to the hive. - -+Please read L for more details." }; -+ -+ { defaults with -+ name = "inspect_get_build_id"; added = (1, 49, 8); -+ style = RString (RPlainString, "buildid"), [String (Mountable, "root")], []; -+ impl = OCaml "Inspect.inspect_get_build_id"; -+ shortdesc = "get the system build ID"; -+ longdesc = "\ -+This returns the build ID of the system, or the string -+C<\"unknown\"> if the system does not have a build ID. -+ -+For Windows, this gets the build number. Although it is -+returned as a string, it is (so far) always a number. See -+L -+for some possible values. -+ -+For Linux, this returns the C string from -+F, although this is not often used. -+ - Please read L for more details." }; - - { defaults with -diff --git a/generator/proc_nr.ml b/generator/proc_nr.ml -index edd9bd99d..0f17b1c06 100644 ---- a/generator/proc_nr.ml -+++ b/generator/proc_nr.ml -@@ -514,7 +514,8 @@ let proc_nr = [ - 509, "cryptsetup_close"; - 510, "internal_list_rpm_applications"; - 511, "internal_readdir"; --512, "clevis_luks_unlock" -+512, "clevis_luks_unlock"; -+513, "inspect_get_build_id"; - ] - - (* End of list. If adding a new entry, add it at the end of the list -diff --git a/lib/MAX_PROC_NR b/lib/MAX_PROC_NR -index 4d0e90cbc..31cf34b8d 100644 ---- a/lib/MAX_PROC_NR -+++ b/lib/MAX_PROC_NR -@@ -1 +1 @@ --512 -+513 --- -2.31.1 - diff --git a/SOURCES/0017-generator-Add-chown-option-for-virt-customize.patch b/SOURCES/0017-generator-Add-chown-option-for-virt-customize.patch new file mode 100644 index 0000000..bc6640a --- /dev/null +++ b/SOURCES/0017-generator-Add-chown-option-for-virt-customize.patch @@ -0,0 +1,398 @@ +From 0be1035c710d95aeca68a10fe9a7b4b740ae7aff Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 29 Jun 2023 13:33:04 +0100 +Subject: [PATCH] generator: Add --chown option for virt-customize + +Also this updates the common submodule to include the changes. + +Fixes: https://github.com/rwmjones/guestfs-tools/issues/12 +Acked-by: Laszlo Ersek +(cherry picked from commit d8e48bff212f9b0558480ffedf8158157360d0d5) +--- + common | 2 +- + generator/customize.ml | 28 ++++++++++++++++++++++++++++ + 2 files changed, 29 insertions(+), 1 deletion(-) + +Submodule common d61cd820..bbb54714: +diff --git a/common/mlcustomize/customize-options.pod b/common/mlcustomize/customize-options.pod +index 22a96e04..22724600 100644 +--- a/common/mlcustomize/customize-options.pod ++++ b/common/mlcustomize/customize-options.pod +@@ -63,6 +63,30 @@ Change the permissions of C to C. + I: C by default would be decimal, unless you prefix + it with C<0> to get octal, ie. use C<0700> not C<700>. + ++=item B<--chown> UID.GID:PATH ++ ++Change the owner user and group ID of a file or directory in the guest. ++Note: ++ ++=over 4 ++ ++=item * ++ ++Only numeric UIDs and GIDs will work, and these may not be the same ++inside the guest as on the host. ++ ++=item * ++ ++This will not work with Windows guests. ++ ++=back ++ ++For example: ++ ++ virt-customize --chown '0.0:/var/log/audit.log' ++ ++See also: I<--upload>. ++ + =item B<--commands-from-file> FILENAME + + Read the customize commands from a file, one (and its arguments) +diff --git a/common/mlcustomize/customize-synopsis.pod b/common/mlcustomize/customize-synopsis.pod +index d04f421e..e20b12d4 100644 +--- a/common/mlcustomize/customize-synopsis.pod ++++ b/common/mlcustomize/customize-synopsis.pod +@@ -1,15 +1,15 @@ + [--append-line FILE:LINE] [--chmod PERMISSIONS:FILE] +- [--commands-from-file FILENAME] [--copy SOURCE:DEST] +- [--copy-in LOCALPATH:REMOTEDIR] [--delete PATH] [--edit FILE:EXPR] +- [--firstboot SCRIPT] [--firstboot-command 'CMD+ARGS'] +- [--firstboot-install PKG,PKG..] [--hostname HOSTNAME] +- [--inject-qemu-ga METHOD] [--inject-virtio-win METHOD] +- [--install PKG,PKG..] [--link TARGET:LINK[:LINK..]] [--mkdir DIR] +- [--move SOURCE:DEST] [--password USER:SELECTOR] +- [--root-password SELECTOR] [--run SCRIPT] +- [--run-command 'CMD+ARGS'] [--scrub FILE] [--sm-attach SELECTOR] +- [--sm-register] [--sm-remove] [--sm-unregister] +- [--ssh-inject USER[:SELECTOR]] [--truncate FILE] ++ [--chown UID.GID:PATH] [--commands-from-file FILENAME] ++ [--copy SOURCE:DEST] [--copy-in LOCALPATH:REMOTEDIR] ++ [--delete PATH] [--edit FILE:EXPR] [--firstboot SCRIPT] ++ [--firstboot-command 'CMD+ARGS'] [--firstboot-install PKG,PKG..] ++ [--hostname HOSTNAME] [--inject-qemu-ga METHOD] ++ [--inject-virtio-win METHOD] [--install PKG,PKG..] ++ [--link TARGET:LINK[:LINK..]] [--mkdir DIR] [--move SOURCE:DEST] ++ [--password USER:SELECTOR] [--root-password SELECTOR] ++ [--run SCRIPT] [--run-command 'CMD+ARGS'] [--scrub FILE] ++ [--sm-attach SELECTOR] [--sm-register] [--sm-remove] ++ [--sm-unregister] [--ssh-inject USER[:SELECTOR]] [--truncate FILE] + [--truncate-recursive PATH] [--timezone TIMEZONE] [--touch FILE] + [--uninstall PKG,PKG..] [--update] [--upload FILE:DEST] + [--write FILE:CONTENT] [--no-logfile] +diff --git a/common/mlcustomize/customize_cmdline.ml b/common/mlcustomize/customize_cmdline.ml +index 3c24315d..fd3074ad 100644 +--- a/common/mlcustomize/customize_cmdline.ml ++++ b/common/mlcustomize/customize_cmdline.ml +@@ -41,6 +41,8 @@ and op = [ + (* --append-line FILE:LINE *) + | `Chmod of string * string + (* --chmod PERMISSIONS:FILE *) ++ | `Chown of string * string ++ (* --chown UID.GID:PATH *) + | `CommandsFromFile of string + (* --commands-from-file FILENAME *) + | `Copy of string * string +@@ -187,6 +189,17 @@ let rec argspec () = + s_"Change the permissions of a file" + ), + Some "PERMISSIONS:FILE", "Change the permissions of C to C.\n\nI: C by default would be decimal, unless you prefix\nit with C<0> to get octal, ie. use C<0700> not C<700>."; ++ ( ++ [ L"chown" ], ++ Getopt.String ( ++ s_"UID.GID:PATH", ++ fun s -> ++ let p = split_string_pair "chown" s in ++ List.push_front (`Chown p) ops ++ ), ++ s_"Change the owner user and group ID of a file or directory" ++ ), ++ Some "UID.GID:PATH", "Change the owner user and group ID of a file or directory in the guest.\nNote:\n\n=over 4\n\n=item *\n\nOnly numeric UIDs and GIDs will work, and these may not be the same\ninside the guest as on the host.\n\n=item *\n\nThis will not work with Windows guests.\n\n=back\n\nFor example:\n\n virt-customize --chown '0.0:/var/log/audit.log'\n\nSee also: I<--upload>."; + ( + [ L"commands-from-file" ], + Getopt.String ( +diff --git a/common/mlcustomize/customize_cmdline.mli b/common/mlcustomize/customize_cmdline.mli +index 0cc166e6..5883bbe0 100644 +--- a/common/mlcustomize/customize_cmdline.mli ++++ b/common/mlcustomize/customize_cmdline.mli +@@ -33,6 +33,8 @@ and op = [ + (* --append-line FILE:LINE *) + | `Chmod of string * string + (* --chmod PERMISSIONS:FILE *) ++ | `Chown of string * string ++ (* --chown UID.GID:PATH *) + | `CommandsFromFile of string + (* --commands-from-file FILENAME *) + | `Copy of string * string +diff --git a/common/mltools/curl.ml b/common/mltools/curl.ml +index 6dba9753..73eed903 100644 +--- a/common/mltools/curl.ml ++++ b/common/mltools/curl.ml +@@ -20,11 +20,13 @@ open Printf + + open Std_utils + open Tools_utils ++open Common_gettext.Gettext + + type t = { + curl : string; + args : args; + tmpdir : string option; ++ url : string; + } + and args = (string * string option) list + +@@ -40,11 +42,17 @@ let args_of_proxy = function + | SystemProxy -> [] + | ForcedProxy url -> [ "proxy", Some url; "noproxy", Some "" ] + +-let create ?(curl = "curl") ?(proxy = SystemProxy) ?tmpdir args = ++let create ?(curl = "curl") ?(proxy = SystemProxy) ?tmpdir args url = ++ (* The ["url"] key must not appear in [args]. This was how the ++ * previous version of this module worked, so lets check there ++ * are no callers still doing this. ++ *) ++ List.iter (function "url", _ -> assert false | _ -> ()) args; ++ + let args = safe_args @ args_of_proxy proxy @ args in +- { curl = curl; args = args; tmpdir = tmpdir } ++ { curl; args; tmpdir; url } + +-let run { curl; args; tmpdir } = ++let run { curl; args; tmpdir; url } = + let config_file, chan = Filename.open_temp_file ?temp_dir:tmpdir + "guestfscurl" ".conf" in + List.iter ( +@@ -67,15 +75,16 @@ let run { curl; args; tmpdir } = + | c -> output_char chan c + done; + fprintf chan "\"\n" +- ) args; ++ ) (("url", Some url) :: args); + close_out chan; + + let cmd = sprintf "%s -q --config %s" (quote curl) (quote config_file) in +- let lines = external_command ~echo_cmd:false cmd in ++ let help = sprintf (f_"downloading %s") url in ++ let lines = external_command ~echo_cmd:false ~help cmd in + Unix.unlink config_file; + lines + +-let to_string { curl; args } = ++let to_string { curl; args; url } = + let b = Buffer.create 128 in + bprintf b "%s -q" (quote curl); + List.iter ( +@@ -85,7 +94,7 @@ let to_string { curl; args } = + | "user", Some _ -> bprintf b " --user " + | name, Some value -> bprintf b " --%s %s" name (quote value) + ) args; +- bprintf b "\n"; ++ bprintf b " %s\n" (quote url); + Buffer.contents b + + let print chan t = output_string chan (to_string t) +diff --git a/common/mltools/curl.mli b/common/mltools/curl.mli +index a3e98dc6..1606a79a 100644 +--- a/common/mltools/curl.mli ++++ b/common/mltools/curl.mli +@@ -27,13 +27,16 @@ type proxy = + | SystemProxy (** Use the system settings. *) + | ForcedProxy of string (** The proxy is forced to the specified URL. *) + +-val create : ?curl:string -> ?proxy:proxy -> ?tmpdir:string -> args -> t ++val create : ?curl:string -> ?proxy:proxy -> ?tmpdir:string -> args -> string ++ -> t + (** Create a curl command handle. + + The curl arguments are a list of key, value pairs corresponding + to curl command line parameters, without leading dashes, + eg. [("user", Some "user:password")]. + ++ The string parameter is the URL (which is required). ++ + The optional [?curl] parameter controls the name of the curl + binary (default ["curl"]). + +diff --git a/common/mltools/tools_utils.ml b/common/mltools/tools_utils.ml +index 8b611e77..23f16c51 100644 +--- a/common/mltools/tools_utils.ml ++++ b/common/mltools/tools_utils.ml +@@ -435,8 +435,12 @@ let create_standard_options argspec ?anon_fun ?(key_opts = false) + let getopt = Getopt.create argspec ?anon_fun usage_msg in + { getopt; ks; debug_gc } + ++let external_command_failed help cmd reason = ++ let help_prefix = match help with None -> "" | Some str -> str ^ ": " in ++ error "%s%s ‘%s’: %s" help_prefix (s_"external command") cmd reason ++ + (* Run an external command, slurp up the output as a list of lines. *) +-let external_command ?(echo_cmd = true) cmd = ++let external_command ?(echo_cmd = true) ?help cmd = + if echo_cmd then + debug "%s" cmd; + let chan = Unix.open_process_in cmd in +@@ -448,15 +452,18 @@ let external_command ?(echo_cmd = true) cmd = + (match stat with + | Unix.WEXITED 0 -> () + | Unix.WEXITED i -> +- error (f_"external command ‘%s’ exited with error %d") cmd i ++ let reason = sprintf (f_"exited with error %d") i in ++ external_command_failed help cmd reason + | Unix.WSIGNALED i -> +- error (f_"external command ‘%s’ killed by signal %d") cmd i ++ let reason = sprintf (f_"killed by signal %d") i in ++ external_command_failed help cmd reason + | Unix.WSTOPPED i -> +- error (f_"external command ‘%s’ stopped by signal %d") cmd i ++ let reason = sprintf (f_"stopped by signal %d") i in ++ external_command_failed help cmd reason + ); + lines + +-let rec run_commands ?(echo_cmd = true) cmds = ++let rec run_commands ?(echo_cmd = true) ?help cmds = + let res = Array.make (List.length cmds) 0 in + let pids = + List.mapi ( +@@ -482,21 +489,21 @@ let rec run_commands ?(echo_cmd = true) cmds = + let matching_pair = List.hd matching_pair in + let idx, _, app, outfd, errfd = matching_pair in + pids := new_pids; +- res.(idx) <- do_teardown app outfd errfd stat ++ res.(idx) <- do_teardown help app outfd errfd stat + ); + done; + Array.to_list res + +-and run_command ?(echo_cmd = true) ?stdout_fd ?stderr_fd args = ++and run_command ?(echo_cmd = true) ?help ?stdout_fd ?stderr_fd args = + let run_res = do_run args ~echo_cmd ?stdout_fd ?stderr_fd in + match run_res with + | Either (pid, app, outfd, errfd) -> + let _, stat = Unix.waitpid [] pid in +- do_teardown app outfd errfd stat ++ do_teardown help app outfd errfd stat + | Or code -> + code + +-and do_run ?(echo_cmd = true) ?stdout_fd ?stderr_fd args = ++and do_run ?(echo_cmd = true) ?help ?stdout_fd ?stderr_fd args = + let app = List.hd args in + let get_fd default = function + | None -> +@@ -522,16 +529,18 @@ and do_run ?(echo_cmd = true) ?stdout_fd ?stderr_fd args = + debug "%s: %s: executable not found" app fn; + Or 127 + +-and do_teardown app outfd errfd exitstat = ++and do_teardown help app outfd errfd exitstat = + Option.iter Unix.close outfd; + Option.iter Unix.close errfd; + match exitstat with + | Unix.WEXITED i -> +- i ++ i + | Unix.WSIGNALED i -> +- error (f_"external command ‘%s’ killed by signal %d") app i ++ let reason = sprintf (f_"killed by signal %d") i in ++ external_command_failed help app reason + | Unix.WSTOPPED i -> +- error (f_"external command ‘%s’ stopped by signal %d") app i ++ let reason = sprintf (f_"stopped by signal %d") i in ++ external_command_failed help app reason + + let shell_command ?(echo_cmd = true) cmd = + if echo_cmd then +diff --git a/common/mltools/tools_utils.mli b/common/mltools/tools_utils.mli +index ec900e63..193ba7b6 100644 +--- a/common/mltools/tools_utils.mli ++++ b/common/mltools/tools_utils.mli +@@ -103,13 +103,17 @@ val create_standard_options : Getopt.speclist -> ?anon_fun:Getopt.anon_fun -> ?k + + Returns a new {!cmdline_options} structure. *) + +-val external_command : ?echo_cmd:bool -> string -> string list ++val external_command : ?echo_cmd:bool -> ?help:string -> string -> string list + (** Run an external command, slurp up the output as a list of lines. + + [echo_cmd] specifies whether to output the full command on verbose +- mode, and it's on by default. *) ++ mode, and it's on by default. + +-val run_commands : ?echo_cmd:bool -> (string list * Unix.file_descr option * Unix.file_descr option) list -> int list ++ [help] is an optional string which is printed as a prefix in ++ case the external command fails, eg as a hint to the user about ++ what we were trying to do. *) ++ ++val run_commands : ?echo_cmd:bool -> ?help:string -> (string list * Unix.file_descr option * Unix.file_descr option) list -> int list + (** Run external commands in parallel without using a shell, + and return a list with their exit codes. + +@@ -126,16 +130,24 @@ val run_commands : ?echo_cmd:bool -> (string list * Unix.file_descr option * Uni + end of the execution of the command for which it was specified. + + [echo_cmd] specifies whether output the full command on verbose +- mode, and it's on by default. *) ++ mode, and it's on by default. + +-val run_command : ?echo_cmd:bool -> ?stdout_fd:Unix.file_descr -> ?stderr_fd:Unix.file_descr -> string list -> int ++ [help] is an optional string which is printed as a prefix in ++ case the external command fails, eg as a hint to the user about ++ what we were trying to do. *) ++ ++val run_command : ?echo_cmd:bool -> ?help:string -> ?stdout_fd:Unix.file_descr -> ?stderr_fd:Unix.file_descr -> string list -> int + (** Run an external command without using a shell, and return its exit code. + + If [stdout_fd] or [stderr_fd] is specified, the file descriptor + is automatically closed after executing the command. + + [echo_cmd] specifies whether output the full command on verbose +- mode, and it's on by default. *) ++ mode, and it's on by default. ++ ++ [help] is an optional string which is printed as a prefix in ++ case the external command fails, eg as a hint to the user about ++ what we were trying to do. *) + + val shell_command : ?echo_cmd:bool -> string -> int + (** Run an external shell command, and return its exit code. +diff --git a/generator/customize.ml b/generator/customize.ml +index aa7ac8e8..8d3dec3e 100644 +--- a/generator/customize.ml ++++ b/generator/customize.ml +@@ -95,6 +95,34 @@ I: C by default would be decimal, unless you prefix + it with C<0> to get octal, ie. use C<0700> not C<700>."; + }; + ++ { op_name = "chown"; ++ op_type = StringPair "UID.GID:PATH"; ++ op_discrim = "`Chown"; ++ op_shortdesc = "Change the owner user and group ID of a file or directory"; ++ op_pod_longdesc = "\ ++Change the owner user and group ID of a file or directory in the guest. ++Note: ++ ++=over 4 ++ ++=item * ++ ++Only numeric UIDs and GIDs will work, and these may not be the same ++inside the guest as on the host. ++ ++=item * ++ ++This will not work with Windows guests. ++ ++=back ++ ++For example: ++ ++ virt-customize --chown '0.0:/var/log/audit.log' ++ ++See also: I<--upload>."; ++ }; ++ + { op_name = "commands-from-file"; + op_type = StringFn ("FILENAME", "customize_read_from_file"); + op_discrim = "`CommandsFromFile"; diff --git a/SOURCES/0018-lib-Return-correct-osinfo-field-for-Windows-11.patch b/SOURCES/0018-lib-Return-correct-osinfo-field-for-Windows-11.patch deleted file mode 100644 index a4f7d30..0000000 --- a/SOURCES/0018-lib-Return-correct-osinfo-field-for-Windows-11.patch +++ /dev/null @@ -1,82 +0,0 @@ -From 363bbb7e9bd39fc1683fb600c76266f67ad2063c Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Thu, 1 Dec 2022 10:14:43 +0000 -Subject: [PATCH] lib: Return correct osinfo field for Windows 11 - -For Windows Client, we can only distinguish between Windows 10 and -Windows 11 using the build ID. The product name in both cases is -"Windows 10 ", apparently intentionally. - -References: -https://learn.microsoft.com/en-us/answers/questions/586619/windows-11-build-ver-is-still-10022000194.html -https://github.com/cygwin/cygwin/blob/a263fe0b268580273c1adc4b1bad256147990222/winsup/cygwin/wincap.cc#L429 -https://en.wikipedia.org/wiki/List_of_Microsoft_Windows_versions - -After this fix, the output of virt-inspector changes to this, which is -a bit odd, but correct: - - windows - x86_64 - windows - Windows 10 Pro - Client - 10 - 0 - /Windows - ControlSet001 - win11 - -Thanks: Yaakov Selkowitz -Reported-by: Yongkui Guo -Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2012658 -Reviewed-by: Laszlo Ersek -(cherry picked from commit 824c7457489366494f0f10fd3369dc30f3a3c360) ---- - lib/inspect-osinfo.c | 24 ++++++++++++++++++++++-- - 1 file changed, 22 insertions(+), 2 deletions(-) - -diff --git a/lib/inspect-osinfo.c b/lib/inspect-osinfo.c -index 90e57e6df..1c10ff469 100644 ---- a/lib/inspect-osinfo.c -+++ b/lib/inspect-osinfo.c -@@ -86,6 +86,8 @@ guestfs_impl_inspect_get_osinfo (guestfs_h *g, const char *root) - else if (STREQ (type, "windows")) { - CLEANUP_FREE char *product_name = NULL; - CLEANUP_FREE char *product_variant = NULL; -+ CLEANUP_FREE char *build_id_str = NULL; -+ int build_id; - - product_name = guestfs_inspect_get_product_name (g, root); - if (!product_name) -@@ -142,8 +144,26 @@ guestfs_impl_inspect_get_osinfo (guestfs_h *g, const char *root) - return safe_strdup (g, "win2k19"); - else - return safe_strdup (g, "win2k16"); -- } else -- return safe_strdup (g, "win10"); -+ } -+ else { -+ /* For Windows >= 10 Client we can only distinguish between -+ * versions by looking at the build ID. See: -+ * https://learn.microsoft.com/en-us/answers/questions/586619/windows-11-build-ver-is-still-10022000194.html -+ * https://github.com/cygwin/cygwin/blob/a263fe0b268580273c1adc4b1bad256147990222/winsup/cygwin/wincap.cc#L429 -+ */ -+ build_id_str = guestfs_inspect_get_build_id (g, root); -+ if (!build_id_str) -+ return NULL; -+ -+ build_id = guestfs_int_parse_unsigned_int (g, build_id_str); -+ if (build_id == -1) -+ return NULL; -+ -+ if (build_id >= 22000) -+ return safe_strdup (g, "win11"); -+ else -+ return safe_strdup (g, "win10"); -+ } - } - break; - } --- -2.31.1 - diff --git a/SOURCES/0018-lib-remove-guestfs_int_cmd_clear_close_files.patch b/SOURCES/0018-lib-remove-guestfs_int_cmd_clear_close_files.patch new file mode 100644 index 0000000..d1aca2a --- /dev/null +++ b/SOURCES/0018-lib-remove-guestfs_int_cmd_clear_close_files.patch @@ -0,0 +1,101 @@ +From cda24a0207fda8659790376a79fdac3d1775da83 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Tue, 11 Jul 2023 13:39:06 +0200 +Subject: [PATCH] lib: remove guestfs_int_cmd_clear_close_files() + +The last (only?) caller of guestfs_int_cmd_clear_close_files() disappeared +in commit e4c396888056 ("lib/info: Remove /dev/fd hacking and pass a true +filename to qemu-img info.", 2018-01-23), part of v1.37.36. + +Simplify the code by removing guestfs_int_cmd_clear_close_files(). + +Signed-off-by: Laszlo Ersek +Message-Id: <20230711113906.107340-1-lersek@redhat.com> +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 13c7052ff96d5ee99ec1b1252f1a3b4d7aed44d2) +--- + lib/command.c | 37 ++++++++++--------------------------- + lib/guestfs-internal.h | 1 - + 2 files changed, 10 insertions(+), 28 deletions(-) + +diff --git a/lib/command.c b/lib/command.c +index 515ef624..82a47baf 100644 +--- a/lib/command.c ++++ b/lib/command.c +@@ -152,9 +152,6 @@ struct command + /* When using the pipe_* APIs, stderr is pointed to a temporary file. */ + char *error_file; + +- /* Close file descriptors (defaults to true). */ +- bool close_files; +- + /* Supply a callback to receive stdout. */ + cmd_stdout_callback stdout_callback; + void *stdout_data; +@@ -186,7 +183,6 @@ guestfs_int_new_command (guestfs_h *g) + cmd = safe_calloc (g, 1, sizeof *cmd); + cmd->g = g; + cmd->capture_errors = true; +- cmd->close_files = true; + cmd->errorfd = -1; + cmd->outfd = -1; + return cmd; +@@ -358,17 +354,6 @@ guestfs_int_cmd_clear_capture_errors (struct command *cmd) + cmd->capture_errors = false; + } + +-/** +- * Don't close file descriptors after the fork. +- * +- * XXX Should allow single fds to be sent to child process. +- */ +-void +-guestfs_int_cmd_clear_close_files (struct command *cmd) +-{ +- cmd->close_files = false; +-} +- + /** + * Set a function to be executed in the child, right before the + * execution. Can be used to setup the child, for example changing +@@ -564,18 +549,16 @@ run_child (struct command *cmd, char **env) + for (i = 1; i < NSIG; ++i) + sigaction (i, &sa, NULL); + +- if (cmd->close_files) { +- /* Close all other file descriptors. This ensures that we don't +- * hold open (eg) pipes from the parent process. +- */ +- max_fd = sysconf (_SC_OPEN_MAX); +- if (max_fd == -1) +- max_fd = 1024; +- if (max_fd > 65536) +- max_fd = 65536; /* bound the amount of work we do here */ +- for (fd = 3; fd < max_fd; ++fd) +- close (fd); +- } ++ /* Close all other file descriptors. This ensures that we don't ++ * hold open (eg) pipes from the parent process. ++ */ ++ max_fd = sysconf (_SC_OPEN_MAX); ++ if (max_fd == -1) ++ max_fd = 1024; ++ if (max_fd > 65536) ++ max_fd = 65536; /* bound the amount of work we do here */ ++ for (fd = 3; fd < max_fd; ++fd) ++ close (fd); + + /* Set the umask for all subcommands to something sensible (RHBZ#610880). */ + umask (022); +diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h +index fb55e026..c7ef3227 100644 +--- a/lib/guestfs-internal.h ++++ b/lib/guestfs-internal.h +@@ -751,7 +751,6 @@ extern void guestfs_int_cmd_set_stdout_callback (struct command *, cmd_stdout_ca + extern void guestfs_int_cmd_set_stderr_to_stdout (struct command *); + extern void guestfs_int_cmd_set_child_rlimit (struct command *, int resource, long limit); + extern void guestfs_int_cmd_clear_capture_errors (struct command *); +-extern void guestfs_int_cmd_clear_close_files (struct command *); + extern void guestfs_int_cmd_set_child_callback (struct command *, cmd_child_callback child_callback, void *data); + extern int guestfs_int_cmd_run (struct command *); + extern void guestfs_int_cmd_close (struct command *); diff --git a/SOURCES/0019-docs-fix-broken-link-in-the-guestfs-manual.patch b/SOURCES/0019-docs-fix-broken-link-in-the-guestfs-manual.patch new file mode 100644 index 0000000..30195b9 --- /dev/null +++ b/SOURCES/0019-docs-fix-broken-link-in-the-guestfs-manual.patch @@ -0,0 +1,34 @@ +From 1eaf876ff2a3bfeaa8756b92e5fa74a91b74f45c Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Fri, 14 Jul 2023 15:22:09 +0200 +Subject: [PATCH] docs: fix broken link in the guestfs manual + +Commit 55202a4d49a1 ("New API: get-sockdir", 2016-02-03) added identical +language to "fish/guestfish.pod" and "src/guestfs.pod", including an +internal link L. That's appropriate for +"fish/guestfish.pod", but the same API description is generated with a +different anchor for "src/guestfs.pod". Adapt the reference. + +Fixes: 55202a4d49a101392148d79cb2e1591428db2681 +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2184967 +Signed-off-by: Laszlo Ersek +Reviewed-by: Richard W.M. Jones +Message-Id: <20230714132213.96616-4-lersek@redhat.com> +(cherry picked from commit b4a4b754c6161b95ddee05e398e0200e6b73b840) +--- + lib/guestfs.pod | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/guestfs.pod b/lib/guestfs.pod +index 866a4638..5db6dd91 100644 +--- a/lib/guestfs.pod ++++ b/lib/guestfs.pod +@@ -3123,7 +3123,7 @@ non-essential runtime files. + If it is set, then is used to store temporary sockets. Otherwise, + F is used. + +-See also L, ++See also L, + L. + + =back diff --git a/SOURCES/0020-docs-clarify-sockdir-s-separation.patch b/SOURCES/0020-docs-clarify-sockdir-s-separation.patch new file mode 100644 index 0000000..785c37b --- /dev/null +++ b/SOURCES/0020-docs-clarify-sockdir-s-separation.patch @@ -0,0 +1,75 @@ +From bb3b9ac1ec7021ac04bca03748f15761c6c97487 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Fri, 14 Jul 2023 15:22:10 +0200 +Subject: [PATCH] docs: clarify sockdir's separation + +There's another reason for separating sockdir from tmpdir, beyond "shorter +pathnames needed": permissions. For example, passt drops privileges such +that it cannot access "/tmp", and that restricts both the unix domain +socket and the PID file of passt. + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2184967 +Signed-off-by: Laszlo Ersek +Reviewed-by: Richard W.M. Jones +Message-Id: <20230714132213.96616-5-lersek@redhat.com> +(cherry picked from commit 21ccddecf7dd51b24bb2b71dbc8beb1a8dd01923) +--- + fish/guestfish.pod | 4 ++-- + generator/actions_properties.ml | 8 ++++++-- + lib/guestfs.pod | 4 ++-- + 3 files changed, 10 insertions(+), 6 deletions(-) + +diff --git a/fish/guestfish.pod b/fish/guestfish.pod +index d36cac9d..33fc8b2c 100644 +--- a/fish/guestfish.pod ++++ b/fish/guestfish.pod +@@ -1492,8 +1492,8 @@ See L, L. + This directory represents a user-specific directory for storing + non-essential runtime files. + +-If it is set, then is used to store temporary sockets. Otherwise, +-F is used. ++If it is set, then is used to store temporary sockets and PID files. ++Otherwise, F is used. + + See also L, + L. +diff --git a/generator/actions_properties.ml b/generator/actions_properties.ml +index f84afb10..42eaaa4d 100644 +--- a/generator/actions_properties.ml ++++ b/generator/actions_properties.ml +@@ -595,13 +595,17 @@ Get the handle identifier. See C." }; + name = "get_sockdir"; added = (1, 33, 8); + style = RString (RPlainString, "sockdir"), [], []; + blocking = false; +- shortdesc = "get the temporary directory for sockets"; ++ shortdesc = "get the temporary directory for sockets and PID files"; + longdesc = "\ +-Get the directory used by the handle to store temporary socket files. ++Get the directory used by the handle to store temporary socket and PID ++files. + + This is different from C, as we need shorter + paths for sockets (due to the limited buffers of filenames for UNIX + sockets), and C may be too long for them. ++Furthermore, sockets and PID files must be accessible to such background ++services started by libguestfs that may not have permission to access ++the temporary directory returned by C. + + The environment variable C controls the default + value: If C is set, then that is the default. +diff --git a/lib/guestfs.pod b/lib/guestfs.pod +index 5db6dd91..dff32cc9 100644 +--- a/lib/guestfs.pod ++++ b/lib/guestfs.pod +@@ -3120,8 +3120,8 @@ See L, L. + This directory represents a user-specific directory for storing + non-essential runtime files. + +-If it is set, then is used to store temporary sockets. Otherwise, +-F is used. ++If it is set, then is used to store temporary sockets and PID files. ++Otherwise, F is used. + + See also L, + L. diff --git a/SOURCES/0021-lib-move-guestfs_int_create_socketname-from-launch.c.patch b/SOURCES/0021-lib-move-guestfs_int_create_socketname-from-launch.c.patch new file mode 100644 index 0000000..6946928 --- /dev/null +++ b/SOURCES/0021-lib-move-guestfs_int_create_socketname-from-launch.c.patch @@ -0,0 +1,144 @@ +From 8ba3628594c354dafcc715a842199c75a5676b57 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Fri, 14 Jul 2023 15:22:11 +0200 +Subject: [PATCH] lib: move guestfs_int_create_socketname() from "launch.c" to + "tmpdirs.c" + +Consider the following inverted call tree (effectively a dependency tree +-- callees are at the top and near the left margin): + + lazy_make_tmpdir() [lib/tmpdirs.c] + guestfs_int_lazy_make_tmpdir() [lib/tmpdirs.c] + guestfs_int_make_temp_path() [lib/tmpdirs.c] + guestfs_int_lazy_make_sockdir() [lib/tmpdirs.c] + guestfs_int_create_socketname() [lib/launch.c] + +lazy_make_tmpdir() is our common workhorse / helper function that +centralizes the mkdtemp() function call. + +guestfs_int_lazy_make_tmpdir() and guestfs_int_lazy_make_sockdir() are the +next level functions, both calling lazy_make_tmpdir(), just feeding it +different dirname generator functions, and different "is_runtime_dir" +qualifications. These functions create temp dirs for various, more +specific, purposes (see the manual and "lib/guestfs-internal.h" for more +details). + +On a yet higher level are guestfs_int_make_temp_path() and +guestfs_int_create_socketname() -- they serve for creating *entries* in +those specific temp directories. + +The discrepancy here is that, although all the other functions live in +"lib/tmpdirs.c", guestfs_int_create_socketname() is defined in +"lib/launch.c". That makes for a confusing code reading; move the function +to "lib/tmpdirs.c", just below its sibling function +guestfs_int_make_temp_path(). + +While at it, correct the leading comment on +guestfs_int_create_socketname() -- the socket pathname is created in the +socket directory, not in the temporary directory. + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2184967 +Signed-off-by: Laszlo Ersek +Reviewed-by: Richard W.M. Jones +Message-Id: <20230714132213.96616-6-lersek@redhat.com> +(cherry picked from commit 0b2ad40a098cbaf91d0d0a2df6e31bf8e3e08ace) +--- + lib/guestfs-internal.h | 2 +- + lib/launch.c | 26 -------------------------- + lib/tmpdirs.c | 26 ++++++++++++++++++++++++++ + 3 files changed, 27 insertions(+), 27 deletions(-) + +diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h +index c7ef3227..ebd68380 100644 +--- a/lib/guestfs-internal.h ++++ b/lib/guestfs-internal.h +@@ -668,6 +668,7 @@ extern int guestfs_int_set_env_runtimedir (guestfs_h *g, const char *envname, co + extern int guestfs_int_lazy_make_tmpdir (guestfs_h *g); + extern int guestfs_int_lazy_make_sockdir (guestfs_h *g); + extern char *guestfs_int_make_temp_path (guestfs_h *g, const char *name, const char *extension); ++extern int guestfs_int_create_socketname (guestfs_h *g, const char *filename, char (*sockname)[UNIX_PATH_MAX]); + extern char *guestfs_int_lazy_make_supermin_appliance_dir (guestfs_h *g); + extern void guestfs_int_remove_tmpdir (guestfs_h *g); + extern void guestfs_int_remove_sockdir (guestfs_h *g); +@@ -700,7 +701,6 @@ extern int guestfs_int_get_uefi (guestfs_h *g, char *const *firmwares, const cha + extern int64_t guestfs_int_timeval_diff (const struct timeval *x, const struct timeval *y); + extern void guestfs_int_launch_send_progress (guestfs_h *g, int perdozen); + extern void guestfs_int_unblock_sigterm (void); +-extern int guestfs_int_create_socketname (guestfs_h *g, const char *filename, char (*sockname)[UNIX_PATH_MAX]); + extern void guestfs_int_register_backend (const char *name, const struct backend_ops *); + extern int guestfs_int_set_backend (guestfs_h *g, const char *method); + +diff --git a/lib/launch.c b/lib/launch.c +index 6e08b120..bd0526c9 100644 +--- a/lib/launch.c ++++ b/lib/launch.c +@@ -309,32 +309,6 @@ guestfs_impl_config (guestfs_h *g, + return 0; + } + +-/** +- * Create the path for a socket with the selected filename in the +- * tmpdir. +- */ +-int +-guestfs_int_create_socketname (guestfs_h *g, const char *filename, +- char (*sockpath)[UNIX_PATH_MAX]) +-{ +- int r; +- +- if (guestfs_int_lazy_make_sockdir (g) == -1) +- return -1; +- +- r = snprintf (*sockpath, UNIX_PATH_MAX, "%s/%s", g->sockdir, filename); +- if (r >= UNIX_PATH_MAX) { +- error (g, _("socket path too long: %s/%s"), g->sockdir, filename); +- return -1; +- } +- if (r < 0) { +- perrorf (g, _("%s"), g->sockdir); +- return -1; +- } +- +- return 0; +-} +- + /** + * When the library is loaded, each backend calls this function to + * register itself in a global list. +diff --git a/lib/tmpdirs.c b/lib/tmpdirs.c +index b8e19de2..24adf98d 100644 +--- a/lib/tmpdirs.c ++++ b/lib/tmpdirs.c +@@ -253,6 +253,32 @@ guestfs_int_make_temp_path (guestfs_h *g, + extension ? extension : ""); + } + ++/** ++ * Create the path for a socket with the selected filename in the ++ * sockdir. ++ */ ++int ++guestfs_int_create_socketname (guestfs_h *g, const char *filename, ++ char (*sockpath)[UNIX_PATH_MAX]) ++{ ++ int r; ++ ++ if (guestfs_int_lazy_make_sockdir (g) == -1) ++ return -1; ++ ++ r = snprintf (*sockpath, UNIX_PATH_MAX, "%s/%s", g->sockdir, filename); ++ if (r >= UNIX_PATH_MAX) { ++ error (g, _("socket path too long: %s/%s"), g->sockdir, filename); ++ return -1; ++ } ++ if (r < 0) { ++ perrorf (g, _("%s"), g->sockdir); ++ return -1; ++ } ++ ++ return 0; ++} ++ + /** + * Create the supermin appliance directory under cachedir, if it does + * not exist. diff --git a/SOURCES/0022-generator-customize-Add-new-StringTriplet-for-use-by.patch b/SOURCES/0022-generator-customize-Add-new-StringTriplet-for-use-by.patch new file mode 100644 index 0000000..b34f2c3 --- /dev/null +++ b/SOURCES/0022-generator-customize-Add-new-StringTriplet-for-use-by.patch @@ -0,0 +1,241 @@ +From e7501a32cb096c1957aae0de934c0b563ff18a5f Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Sat, 15 Jul 2023 16:33:18 +0100 +Subject: [PATCH] generator: customize: Add new StringTriplet for use by + --chown +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The just added --chown option previously used StringPair, splitting +the argument as ‘UID.GID:FILENAME’. However this will not work if we +ever extend this with the ability to use user or group names, since +they may contain dot (but not colon). Add a new StringTriplet type +and split the argument string three ways. The new option becomes: + + virt-customize ... --chown UID:GID:FILENAME + +Include the following commit from the common submodule: + + commit e70d89a58dae068be2e19c7c21558707261af96a + Author: Richard W.M. Jones + Date: Sat Jul 15 16:42:06 2023 +0100 + + customize: Update generated files for --chown with StringTriplet + +Updates: commit d8e48bff212f9b0558480ffedf8158157360d0d5 +(cherry picked from commit c08032ebe2763f5e9ce5b14e003721475219d390) +--- + common | 2 +- + generator/customize.ml | 44 ++++++++++++++++++++++++++++++++---------- + 2 files changed, 35 insertions(+), 11 deletions(-) + +Submodule common bbb54714..e70d89a5: +diff --git a/common/mlcustomize/customize-options.pod b/common/mlcustomize/customize-options.pod +index 22724600..e658a447 100644 +--- a/common/mlcustomize/customize-options.pod ++++ b/common/mlcustomize/customize-options.pod +@@ -63,7 +63,7 @@ Change the permissions of C to C. + I: C by default would be decimal, unless you prefix + it with C<0> to get octal, ie. use C<0700> not C<700>. + +-=item B<--chown> UID.GID:PATH ++=item B<--chown> UID:GID:PATH + + Change the owner user and group ID of a file or directory in the guest. + Note: +@@ -83,7 +83,7 @@ This will not work with Windows guests. + + For example: + +- virt-customize --chown '0.0:/var/log/audit.log' ++ virt-customize --chown '0:0:/var/log/audit.log' + + See also: I<--upload>. + +diff --git a/common/mlcustomize/customize-synopsis.pod b/common/mlcustomize/customize-synopsis.pod +index e20b12d4..5031b015 100644 +--- a/common/mlcustomize/customize-synopsis.pod ++++ b/common/mlcustomize/customize-synopsis.pod +@@ -1,5 +1,5 @@ + [--append-line FILE:LINE] [--chmod PERMISSIONS:FILE] +- [--chown UID.GID:PATH] [--commands-from-file FILENAME] ++ [--chown UID:GID:PATH] [--commands-from-file FILENAME] + [--copy SOURCE:DEST] [--copy-in LOCALPATH:REMOTEDIR] + [--delete PATH] [--edit FILE:EXPR] [--firstboot SCRIPT] + [--firstboot-command 'CMD+ARGS'] [--firstboot-install PKG,PKG..] +diff --git a/common/mlcustomize/customize_cmdline.ml b/common/mlcustomize/customize_cmdline.ml +index fd3074ad..3ce901db 100644 +--- a/common/mlcustomize/customize_cmdline.ml ++++ b/common/mlcustomize/customize_cmdline.ml +@@ -41,8 +41,8 @@ and op = [ + (* --append-line FILE:LINE *) + | `Chmod of string * string + (* --chmod PERMISSIONS:FILE *) +- | `Chown of string * string +- (* --chown UID.GID:PATH *) ++ | `Chown of string * string * string ++ (* --chown UID:GID:PATH *) + | `CommandsFromFile of string + (* --commands-from-file FILENAME *) + | `Copy of string * string +@@ -154,8 +154,13 @@ let rec argspec () = + option_name in + let len = String.length arg in + String.sub arg 0 i, String.sub arg (i+1) (len-(i+1)) +- in +- let split_string_list arg = ++ and split_string_triplet option_name arg = ++ match String.nsplit ~max:3 "," arg with ++ | [a; b; c] -> a, b, c ++ | _ -> ++ error (f_"invalid format for '--%s' parameter, see the man page") ++ option_name ++ and split_string_list arg = + String.nsplit "," arg + in + let split_links_list option_name arg = +@@ -192,14 +197,14 @@ let rec argspec () = + ( + [ L"chown" ], + Getopt.String ( +- s_"UID.GID:PATH", ++ s_"UID:GID:PATH", + fun s -> +- let p = split_string_pair "chown" s in ++ let p = split_string_triplet "chown" s in + List.push_front (`Chown p) ops + ), + s_"Change the owner user and group ID of a file or directory" + ), +- Some "UID.GID:PATH", "Change the owner user and group ID of a file or directory in the guest.\nNote:\n\n=over 4\n\n=item *\n\nOnly numeric UIDs and GIDs will work, and these may not be the same\ninside the guest as on the host.\n\n=item *\n\nThis will not work with Windows guests.\n\n=back\n\nFor example:\n\n virt-customize --chown '0.0:/var/log/audit.log'\n\nSee also: I<--upload>."; ++ Some "UID:GID:PATH", "Change the owner user and group ID of a file or directory in the guest.\nNote:\n\n=over 4\n\n=item *\n\nOnly numeric UIDs and GIDs will work, and these may not be the same\ninside the guest as on the host.\n\n=item *\n\nThis will not work with Windows guests.\n\n=back\n\nFor example:\n\n virt-customize --chown '0:0:/var/log/audit.log'\n\nSee also: I<--upload>."; + ( + [ L"commands-from-file" ], + Getopt.String ( +diff --git a/common/mlcustomize/customize_cmdline.mli b/common/mlcustomize/customize_cmdline.mli +index 5883bbe0..112b74dc 100644 +--- a/common/mlcustomize/customize_cmdline.mli ++++ b/common/mlcustomize/customize_cmdline.mli +@@ -33,8 +33,8 @@ and op = [ + (* --append-line FILE:LINE *) + | `Chmod of string * string + (* --chmod PERMISSIONS:FILE *) +- | `Chown of string * string +- (* --chown UID.GID:PATH *) ++ | `Chown of string * string * string ++ (* --chown UID:GID:PATH *) + | `CommandsFromFile of string + (* --commands-from-file FILENAME *) + | `Copy of string * string +diff --git a/generator/customize.ml b/generator/customize.ml +index 8d3dec3e..fe87ef5e 100644 +--- a/generator/customize.ml ++++ b/generator/customize.ml +@@ -41,6 +41,7 @@ and op_type = + | Unit (* no argument *) + | String of string (* string *) + | StringPair of string (* string:string *) ++| StringTriplet of string (* string:string:string *) + | StringList of string (* string,string,... *) + | TargetLinks of string (* target:link[:link...] *) + | PasswordSelector of string (* password selector *) +@@ -96,7 +97,7 @@ it with C<0> to get octal, ie. use C<0700> not C<700>."; + }; + + { op_name = "chown"; +- op_type = StringPair "UID.GID:PATH"; ++ op_type = StringTriplet "UID:GID:PATH"; + op_discrim = "`Chown"; + op_shortdesc = "Change the owner user and group ID of a file or directory"; + op_pod_longdesc = "\ +@@ -118,7 +119,7 @@ This will not work with Windows guests. + + For example: + +- virt-customize --chown '0.0:/var/log/audit.log' ++ virt-customize --chown '0:0:/var/log/audit.log' + + See also: I<--upload>."; + }; +@@ -761,8 +762,13 @@ let rec argspec () = + option_name in + let len = String.length arg in + String.sub arg 0 i, String.sub arg (i+1) (len-(i+1)) +- in +- let split_string_list arg = ++ and split_string_triplet option_name arg = ++ match String.nsplit ~max:3 \",\" arg with ++ | [a; b; c] -> a, b, c ++ | _ -> ++ error (f_\"invalid format for '--%%s' parameter, see the man page\") ++ option_name ++ and split_string_list arg = + String.nsplit \",\" arg + in + let split_links_list option_name arg = +@@ -807,6 +813,19 @@ let rec argspec () = + pr " s_\"%s\"\n" shortdesc; + pr " ),\n"; + pr " Some %S, %S;\n" v longdesc ++ | { op_type = StringTriplet v; op_name = name; op_discrim = discrim; ++ op_shortdesc = shortdesc; op_pod_longdesc = longdesc } -> ++ pr " (\n"; ++ pr " [ L\"%s\" ],\n" name; ++ pr " Getopt.String (\n"; ++ pr " s_\"%s\",\n" v; ++ pr " fun s ->\n"; ++ pr " let p = split_string_triplet \"%s\" s in\n" name; ++ pr " List.push_front (%s p) ops\n" discrim; ++ pr " ),\n"; ++ pr " s_\"%s\"\n" shortdesc; ++ pr " ),\n"; ++ pr " Some %S, %S;\n" v longdesc + | { op_type = StringList v; op_name = name; op_discrim = discrim; + op_shortdesc = shortdesc; op_pod_longdesc = longdesc } -> + pr " (\n"; +@@ -956,6 +975,7 @@ let rec argspec () = + | { op_type = Unit; } + | { op_type = String _; } + | { op_type = StringPair _; } ++ | { op_type = StringTriplet _; } + | { op_type = StringList _; } + | { op_type = TargetLinks _; } + | { op_type = PasswordSelector _; } +@@ -1021,6 +1041,10 @@ type ops = { + | { op_type = StringPair v; op_discrim = discrim; + op_name = name } -> + pr " | %s of string * string\n (* --%s %s *)\n" discrim name v ++ | { op_type = StringTriplet v; op_discrim = discrim; ++ op_name = name } -> ++ pr " | %s of string * string * string\n (* --%s %s *)\n" ++ discrim name v + | { op_type = StringList v; op_discrim = discrim; + op_name = name } -> + pr " | %s of string list\n (* --%s %s *)\n" discrim name v +@@ -1073,9 +1097,9 @@ let generate_customize_synopsis_pod () = + function + | { op_type = Unit; op_name = n } -> + n, sprintf "[--%s]" n +- | { op_type = String v | StringPair v | StringList v | TargetLinks v +- | PasswordSelector v | UserPasswordSelector v | SSHKeySelector v +- | StringFn (v, _) | SMPoolSelector v; ++ | { op_type = String v | StringPair v | StringTriplet v | StringList v ++ | TargetLinks v | PasswordSelector v | UserPasswordSelector v ++ | SSHKeySelector v | StringFn (v, _) | SMPoolSelector v; + op_name = n } -> + n, sprintf "[--%s %s]" n v + ) ops @ +@@ -1116,9 +1140,9 @@ let generate_customize_options_pod () = + function + | { op_type = Unit; op_name = n; op_pod_longdesc = ld } -> + n, sprintf "B<--%s>" n, ld +- | { op_type = String v | StringPair v | StringList v | TargetLinks v +- | PasswordSelector v | UserPasswordSelector v | SSHKeySelector v +- | StringFn (v, _) | SMPoolSelector v; ++ | { op_type = String v | StringPair v | StringTriplet v | StringList v ++ | TargetLinks v | PasswordSelector v | UserPasswordSelector v ++ | SSHKeySelector v | StringFn (v, _) | SMPoolSelector v; + op_name = n; op_pod_longdesc = ld } -> + n, sprintf "B<--%s> %s" n v, ld + ) ops @ diff --git a/SOURCES/0023-daemon-lvm-Do-reverse-device-name-translation-on-pvs.patch b/SOURCES/0023-daemon-lvm-Do-reverse-device-name-translation-on-pvs.patch new file mode 100644 index 0000000..87b9b0c --- /dev/null +++ b/SOURCES/0023-daemon-lvm-Do-reverse-device-name-translation-on-pvs.patch @@ -0,0 +1,57 @@ +From 981b48085a2d0e422578bc12d6c3b68e312bad44 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 20 Jul 2023 11:15:26 +0100 +Subject: [PATCH] daemon: lvm: Do reverse device name translation on pvs_full + device fields + +Intermittent test failures in virt-filesystems showed that when using +the pvs_full API, the pv_name field in the returned list of structures +was not being reverse translated. As a result internal partition +names could appear in the output of virt-filesystems. + +See: https://listman.redhat.com/archives/libguestfs/2023-July/032058.html +(cherry picked from commit 32cb5b45cfbe5edbc7643fc533da70db2d3c6cda) +--- + daemon/lvm.c | 29 ++++++++++++++++++++++++++++- + 1 file changed, 28 insertions(+), 1 deletion(-) + +diff --git a/daemon/lvm.c b/daemon/lvm.c +index 7e76e17c..b8c01f71 100644 +--- a/daemon/lvm.c ++++ b/daemon/lvm.c +@@ -146,7 +146,34 @@ do_vgs (void) + guestfs_int_lvm_pv_list * + do_pvs_full (void) + { +- return parse_command_line_pvs (); ++ guestfs_int_lvm_pv_list *r; ++ size_t i; ++ char *din, *dout; ++ ++ r = parse_command_line_pvs (); ++ if (r == NULL) ++ /* parse_command_line_pvs has already called reply_with_error */ ++ return NULL; ++ ++ /* The pv_name fields contain device names which must be reverse ++ * translated. The problem here is that the generator does not have ++ * a "FMountable" field type in types.mli. ++ */ ++ for (i = 0; i < r->guestfs_int_lvm_pv_list_len; ++i) { ++ din = r->guestfs_int_lvm_pv_list_val[i].pv_name; ++ if (din) { ++ dout = reverse_device_name_translation (din); ++ if (!dout) { ++ /* reverse_device_name_translation has already called reply_with_error*/ ++ /* XXX memory leak here */ ++ return NULL; ++ } ++ r->guestfs_int_lvm_pv_list_val[i].pv_name = dout; ++ free (din); ++ } ++ } ++ ++ return r; + } + + guestfs_int_lvm_vg_list * diff --git a/SOURCES/0024-ruby-Replace-MiniTest-with-Minitest.patch b/SOURCES/0024-ruby-Replace-MiniTest-with-Minitest.patch new file mode 100644 index 0000000..237998c --- /dev/null +++ b/SOURCES/0024-ruby-Replace-MiniTest-with-Minitest.patch @@ -0,0 +1,208 @@ +From 12873e21070ba3d0aca45b626f4df00adb14aad5 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 21 Sep 2023 15:16:51 +0100 +Subject: [PATCH] ruby: Replace MiniTest with Minitest + +See this commit in hivex: +https://github.com/libguestfs/hivex/commit/fbcff7fbd8f96214c7f13f36bd7669a9142824ab + +(cherry picked from commit d25a48e2dd2c2a2063b8d03a33b5e3cbe773c47d) +--- + ruby/t/tc_010_load.rb | 2 +- + ruby/t/tc_020_create.rb | 2 +- + ruby/t/tc_030_create_flags.rb | 2 +- + ruby/t/tc_040_create_multiple.rb | 2 +- + ruby/t/tc_050_handle_properties.rb | 2 +- + ruby/t/tc_060_explicit_close.rb | 2 +- + ruby/t/tc_070_optargs.rb | 2 +- + ruby/t/tc_090_retvalues.rb | 2 +- + ruby/t/tc_100_launch.rb | 2 +- + ruby/t/tc_410_close_event.rb | 2 +- + ruby/t/tc_420_log_messages.rb | 2 +- + ruby/t/tc_800_rhbz507346.rb | 2 +- + ruby/t/tc_810_rhbz664558c6.rb | 2 +- + ruby/t/tc_820_rhbz1046509.rb | 2 +- + 14 files changed, 14 insertions(+), 14 deletions(-) + +diff --git a/ruby/t/tc_010_load.rb b/ruby/t/tc_010_load.rb +index 9dc2db67..40ddccd8 100644 +--- a/ruby/t/tc_010_load.rb ++++ b/ruby/t/tc_010_load.rb +@@ -17,7 +17,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test010Load < MiniTest::Unit::TestCase ++class Test010Load < Minitest::Test + def test_010_load + end + end +diff --git a/ruby/t/tc_020_create.rb b/ruby/t/tc_020_create.rb +index 840dd858..c3f5307e 100644 +--- a/ruby/t/tc_020_create.rb ++++ b/ruby/t/tc_020_create.rb +@@ -17,7 +17,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test020Create < MiniTest::Unit::TestCase ++class Test020Create < Minitest::Test + def test_020_create + g = Guestfs::Guestfs.new() + refute_nil (g) +diff --git a/ruby/t/tc_030_create_flags.rb b/ruby/t/tc_030_create_flags.rb +index ac6d1f46..4949d2a8 100644 +--- a/ruby/t/tc_030_create_flags.rb ++++ b/ruby/t/tc_030_create_flags.rb +@@ -17,7 +17,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test030CreateFlags < MiniTest::Unit::TestCase ++class Test030CreateFlags < Minitest::Test + def test_030_create_flags + g = Guestfs::Guestfs.new(:environment => false, :close_on_exit => true) + refute_nil (g) +diff --git a/ruby/t/tc_040_create_multiple.rb b/ruby/t/tc_040_create_multiple.rb +index 36e8edc7..623ccc6e 100644 +--- a/ruby/t/tc_040_create_multiple.rb ++++ b/ruby/t/tc_040_create_multiple.rb +@@ -17,7 +17,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test040CreateMultiple < MiniTest::Unit::TestCase ++class Test040CreateMultiple < Minitest::Test + def test_040_create_multiple + g1 = Guestfs::Guestfs.new() + g2 = Guestfs::Guestfs.new() +diff --git a/ruby/t/tc_050_handle_properties.rb b/ruby/t/tc_050_handle_properties.rb +index 5928532e..b22c51fd 100644 +--- a/ruby/t/tc_050_handle_properties.rb ++++ b/ruby/t/tc_050_handle_properties.rb +@@ -17,7 +17,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test050HandleProperties < MiniTest::Unit::TestCase ++class Test050HandleProperties < Minitest::Test + def test_050_handle_properties + g = Guestfs::Guestfs.new() + refute_nil (g) +diff --git a/ruby/t/tc_060_explicit_close.rb b/ruby/t/tc_060_explicit_close.rb +index 0c9118aa..20afd0de 100644 +--- a/ruby/t/tc_060_explicit_close.rb ++++ b/ruby/t/tc_060_explicit_close.rb +@@ -17,7 +17,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test060ExplicitClose < MiniTest::Unit::TestCase ++class Test060ExplicitClose < Minitest::Test + def test_060_explicit_close + g = Guestfs::Guestfs.new() + refute_nil (g) +diff --git a/ruby/t/tc_070_optargs.rb b/ruby/t/tc_070_optargs.rb +index fff5fbf7..a2360b2f 100644 +--- a/ruby/t/tc_070_optargs.rb ++++ b/ruby/t/tc_070_optargs.rb +@@ -17,7 +17,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test070Optargs < MiniTest::Unit::TestCase ++class Test070Optargs < Minitest::Test + def test_070_optargs + g = Guestfs::Guestfs.new() + +diff --git a/ruby/t/tc_090_retvalues.rb b/ruby/t/tc_090_retvalues.rb +index 4bcc8b54..c9a84276 100644 +--- a/ruby/t/tc_090_retvalues.rb ++++ b/ruby/t/tc_090_retvalues.rb +@@ -17,7 +17,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test090RetValues < MiniTest::Unit::TestCase ++class Test090RetValues < Minitest::Test + def test_090_retvalues + g = Guestfs::Guestfs.new() + +diff --git a/ruby/t/tc_100_launch.rb b/ruby/t/tc_100_launch.rb +index 43db4b67..096cbd62 100644 +--- a/ruby/t/tc_100_launch.rb ++++ b/ruby/t/tc_100_launch.rb +@@ -17,7 +17,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test100Launch < MiniTest::Unit::TestCase ++class Test100Launch < Minitest::Test + def test_100_launch + g = Guestfs::Guestfs.new() + +diff --git a/ruby/t/tc_410_close_event.rb b/ruby/t/tc_410_close_event.rb +index 1b98957e..9a4e0558 100644 +--- a/ruby/t/tc_410_close_event.rb ++++ b/ruby/t/tc_410_close_event.rb +@@ -17,7 +17,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test410CloseEvent < MiniTest::Unit::TestCase ++class Test410CloseEvent < Minitest::Test + def test_410_close_event + g = Guestfs::Guestfs.new() + +diff --git a/ruby/t/tc_420_log_messages.rb b/ruby/t/tc_420_log_messages.rb +index 936e0fd4..a113c62e 100644 +--- a/ruby/t/tc_420_log_messages.rb ++++ b/ruby/t/tc_420_log_messages.rb +@@ -17,7 +17,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test420LogMessages < MiniTest::Unit::TestCase ++class Test420LogMessages < Minitest::Test + def test_420_log_messages + g = Guestfs::Guestfs.new() + +diff --git a/ruby/t/tc_800_rhbz507346.rb b/ruby/t/tc_800_rhbz507346.rb +index 4b7cc010..06767352 100644 +--- a/ruby/t/tc_800_rhbz507346.rb ++++ b/ruby/t/tc_800_rhbz507346.rb +@@ -17,7 +17,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test800RHBZ507346 < MiniTest::Unit::TestCase ++class Test800RHBZ507346 < Minitest::Test + def test_800_rhbz507346 + g = Guestfs::Guestfs.new() + exception = assert_raises TypeError do +diff --git a/ruby/t/tc_810_rhbz664558c6.rb b/ruby/t/tc_810_rhbz664558c6.rb +index f5e9adee..1504c070 100644 +--- a/ruby/t/tc_810_rhbz664558c6.rb ++++ b/ruby/t/tc_810_rhbz664558c6.rb +@@ -21,7 +21,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test810RHBZ664558C6 < MiniTest::Unit::TestCase ++class Test810RHBZ664558C6 < Minitest::Test + def test_810_rhbz_664558c6 + g = Guestfs::Guestfs.new() + +diff --git a/ruby/t/tc_820_rhbz1046509.rb b/ruby/t/tc_820_rhbz1046509.rb +index 882ddb55..0595293d 100644 +--- a/ruby/t/tc_820_rhbz1046509.rb ++++ b/ruby/t/tc_820_rhbz1046509.rb +@@ -20,7 +20,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test820RHBZ1046509 < MiniTest::Unit::TestCase ++class Test820RHBZ1046509 < Minitest::Test + def _handleok(g) + g.add_drive("/dev/null") + g.close() diff --git a/SOURCES/0025-ruby-Get-rid-of-old-Test-Unit-compatibility.patch b/SOURCES/0025-ruby-Get-rid-of-old-Test-Unit-compatibility.patch new file mode 100644 index 0000000..a01e908 --- /dev/null +++ b/SOURCES/0025-ruby-Get-rid-of-old-Test-Unit-compatibility.patch @@ -0,0 +1,278 @@ +From fbe7e96cee460e26a0ff6a9c293c155a78bfdfde Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 21 Sep 2023 15:20:55 +0100 +Subject: [PATCH] ruby: Get rid of old Test::Unit compatibility + +See this commit in hivex: +https://github.com/libguestfs/hivex/commit/6dbbc474d3df5cdfd21ed5e692b3a58136fffc42 + +(cherry picked from commit ecf361d7237d38b2418ddecb1b70e3b722509c12) +--- + ruby/Makefile.am | 3 +-- + ruby/t/tc_010_load.rb | 3 ++- + ruby/t/tc_020_create.rb | 3 ++- + ruby/t/tc_030_create_flags.rb | 3 ++- + ruby/t/tc_040_create_multiple.rb | 3 ++- + ruby/t/tc_050_handle_properties.rb | 3 ++- + ruby/t/tc_060_explicit_close.rb | 3 ++- + ruby/t/tc_070_optargs.rb | 3 ++- + ruby/t/tc_090_retvalues.rb | 3 ++- + ruby/t/tc_100_launch.rb | 3 ++- + ruby/t/tc_410_close_event.rb | 3 ++- + ruby/t/tc_420_log_messages.rb | 3 ++- + ruby/t/tc_800_rhbz507346.rb | 3 ++- + ruby/t/tc_810_rhbz664558c6.rb | 3 ++- + ruby/t/tc_820_rhbz1046509.rb | 3 ++- + ruby/t/test_helper.rb | 33 ------------------------------ + 16 files changed, 29 insertions(+), 49 deletions(-) + delete mode 100644 ruby/t/test_helper.rb + +diff --git a/ruby/Makefile.am b/ruby/Makefile.am +index c26513a7..867b05b1 100644 +--- a/ruby/Makefile.am ++++ b/ruby/Makefile.am +@@ -40,8 +40,7 @@ EXTRA_DIST = \ + lib/guestfs.rb \ + run-bindtests \ + run-ruby-tests \ +- t/tc_*.rb \ +- t/test_helper.rb ++ t/tc_*.rb + + CLEANFILES += \ + lib/*~ \ +diff --git a/ruby/t/tc_010_load.rb b/ruby/t/tc_010_load.rb +index 40ddccd8..e7ec482e 100644 +--- a/ruby/t/tc_010_load.rb ++++ b/ruby/t/tc_010_load.rb +@@ -15,7 +15,8 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test010Load < Minitest::Test + def test_010_load +diff --git a/ruby/t/tc_020_create.rb b/ruby/t/tc_020_create.rb +index c3f5307e..26bb2ecf 100644 +--- a/ruby/t/tc_020_create.rb ++++ b/ruby/t/tc_020_create.rb +@@ -15,7 +15,8 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test020Create < Minitest::Test + def test_020_create +diff --git a/ruby/t/tc_030_create_flags.rb b/ruby/t/tc_030_create_flags.rb +index 4949d2a8..8006d962 100644 +--- a/ruby/t/tc_030_create_flags.rb ++++ b/ruby/t/tc_030_create_flags.rb +@@ -15,7 +15,8 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test030CreateFlags < Minitest::Test + def test_030_create_flags +diff --git a/ruby/t/tc_040_create_multiple.rb b/ruby/t/tc_040_create_multiple.rb +index 623ccc6e..32b2b094 100644 +--- a/ruby/t/tc_040_create_multiple.rb ++++ b/ruby/t/tc_040_create_multiple.rb +@@ -15,7 +15,8 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test040CreateMultiple < Minitest::Test + def test_040_create_multiple +diff --git a/ruby/t/tc_050_handle_properties.rb b/ruby/t/tc_050_handle_properties.rb +index b22c51fd..d37b1d03 100644 +--- a/ruby/t/tc_050_handle_properties.rb ++++ b/ruby/t/tc_050_handle_properties.rb +@@ -15,7 +15,8 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test050HandleProperties < Minitest::Test + def test_050_handle_properties +diff --git a/ruby/t/tc_060_explicit_close.rb b/ruby/t/tc_060_explicit_close.rb +index 20afd0de..8d103616 100644 +--- a/ruby/t/tc_060_explicit_close.rb ++++ b/ruby/t/tc_060_explicit_close.rb +@@ -15,7 +15,8 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test060ExplicitClose < Minitest::Test + def test_060_explicit_close +diff --git a/ruby/t/tc_070_optargs.rb b/ruby/t/tc_070_optargs.rb +index a2360b2f..c2298131 100644 +--- a/ruby/t/tc_070_optargs.rb ++++ b/ruby/t/tc_070_optargs.rb +@@ -15,7 +15,8 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test070Optargs < Minitest::Test + def test_070_optargs +diff --git a/ruby/t/tc_090_retvalues.rb b/ruby/t/tc_090_retvalues.rb +index c9a84276..d7927465 100644 +--- a/ruby/t/tc_090_retvalues.rb ++++ b/ruby/t/tc_090_retvalues.rb +@@ -15,7 +15,8 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test090RetValues < Minitest::Test + def test_090_retvalues +diff --git a/ruby/t/tc_100_launch.rb b/ruby/t/tc_100_launch.rb +index 096cbd62..c4da234e 100644 +--- a/ruby/t/tc_100_launch.rb ++++ b/ruby/t/tc_100_launch.rb +@@ -15,7 +15,8 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test100Launch < Minitest::Test + def test_100_launch +diff --git a/ruby/t/tc_410_close_event.rb b/ruby/t/tc_410_close_event.rb +index 9a4e0558..84cc11ab 100644 +--- a/ruby/t/tc_410_close_event.rb ++++ b/ruby/t/tc_410_close_event.rb +@@ -15,7 +15,8 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test410CloseEvent < Minitest::Test + def test_410_close_event +diff --git a/ruby/t/tc_420_log_messages.rb b/ruby/t/tc_420_log_messages.rb +index a113c62e..fd3049a0 100644 +--- a/ruby/t/tc_420_log_messages.rb ++++ b/ruby/t/tc_420_log_messages.rb +@@ -15,7 +15,8 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test420LogMessages < Minitest::Test + def test_420_log_messages +diff --git a/ruby/t/tc_800_rhbz507346.rb b/ruby/t/tc_800_rhbz507346.rb +index 06767352..54f7734f 100644 +--- a/ruby/t/tc_800_rhbz507346.rb ++++ b/ruby/t/tc_800_rhbz507346.rb +@@ -15,7 +15,8 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test800RHBZ507346 < Minitest::Test + def test_800_rhbz507346 +diff --git a/ruby/t/tc_810_rhbz664558c6.rb b/ruby/t/tc_810_rhbz664558c6.rb +index 1504c070..5ffa2265 100644 +--- a/ruby/t/tc_810_rhbz664558c6.rb ++++ b/ruby/t/tc_810_rhbz664558c6.rb +@@ -19,7 +19,8 @@ + # the interpreter to segfault. See: + # https://bugzilla.redhat.com/show_bug.cgi?id=664558#c6 + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test810RHBZ664558C6 < Minitest::Test + def test_810_rhbz_664558c6 +diff --git a/ruby/t/tc_820_rhbz1046509.rb b/ruby/t/tc_820_rhbz1046509.rb +index 0595293d..b2a6d80b 100644 +--- a/ruby/t/tc_820_rhbz1046509.rb ++++ b/ruby/t/tc_820_rhbz1046509.rb +@@ -18,7 +18,8 @@ + # Test that we don't break the old ::create module function while + # fixing https://bugzilla.redhat.com/show_bug.cgi?id=1046509 + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test820RHBZ1046509 < Minitest::Test + def _handleok(g) +diff --git a/ruby/t/test_helper.rb b/ruby/t/test_helper.rb +deleted file mode 100644 +index 54f857ce..00000000 +--- a/ruby/t/test_helper.rb ++++ /dev/null +@@ -1,33 +0,0 @@ +-# libguestfs Ruby bindings -*- ruby -*- +-# Copyright (C) 2009-2023 Red Hat Inc. +-# +-# This program is free software; you can redistribute it and/or modify +-# it under the terms of the GNU General Public License as published by +-# the Free Software Foundation; either version 2 of the License, or +-# (at your option) any later version. +-# +-# This program is distributed in the hope that it will be useful, +-# but WITHOUT ANY WARRANTY; without even the implied warranty of +-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +-# GNU General Public License for more details. +-# +-# You should have received a copy of the GNU General Public License +-# along with this program; if not, write to the Free Software +-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +- +-begin +- require 'minitest/autorun' +-rescue LoadError +- require 'test/unit' +- MiniTest = Test +- module Test +- Assertions = Unit::Assertions +- module Assertions +- alias refute_nil assert_not_nil +- end +- end +-end +- +-$:.unshift(File::join(File::dirname(__FILE__), "..", "lib")) +-$:.unshift(File::join(File::dirname(__FILE__), "..", "ext", "guestfs")) +-require 'guestfs' diff --git a/SOURCES/0026-generator-Sort-virt-customize-options-into-alphabeti.patch b/SOURCES/0026-generator-Sort-virt-customize-options-into-alphabeti.patch new file mode 100644 index 0000000..53fa5ed --- /dev/null +++ b/SOURCES/0026-generator-Sort-virt-customize-options-into-alphabeti.patch @@ -0,0 +1,63 @@ +From 7408a59c6b43253cc7323269258851fb6be287c4 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 26 Oct 2023 21:06:21 +0100 +Subject: [PATCH] generator: Sort virt-customize options into alphabetical + order + +(cherry picked from commit 297db5cccc1eb6e838f35d38e60fac894b372676) +--- + generator/customize.ml | 34 +++++++++++++++++----------------- + 1 file changed, 17 insertions(+), 17 deletions(-) + +diff --git a/generator/customize.ml b/generator/customize.ml +index fe87ef5e..c3dd259e 100644 +--- a/generator/customize.ml ++++ b/generator/customize.ml +@@ -510,23 +510,6 @@ You can have multiple I<--ssh-inject> options, for different users + and also for more keys for each user." + }; + +- { op_name = "truncate"; +- op_type = String "FILE"; +- op_discrim = "`Truncate"; +- op_shortdesc = "Truncate a file to zero size"; +- op_pod_longdesc = "\ +-This command truncates C to a zero-length file. The file must exist +-already."; +- }; +- +- { op_name = "truncate-recursive"; +- op_type = String "PATH"; +- op_discrim = "`TruncateRecursive"; +- op_shortdesc = "Recursively truncate all files in directory"; +- op_pod_longdesc = "\ +-This command recursively truncates all files under C to zero-length."; +- }; +- + { op_name = "timezone"; + op_type = String "TIMEZONE"; + op_discrim = "`Timezone"; +@@ -544,6 +527,23 @@ string like C"; + This command performs a L-like operation on C."; + }; + ++ { op_name = "truncate"; ++ op_type = String "FILE"; ++ op_discrim = "`Truncate"; ++ op_shortdesc = "Truncate a file to zero size"; ++ op_pod_longdesc = "\ ++This command truncates C to a zero-length file. The file must exist ++already."; ++ }; ++ ++ { op_name = "truncate-recursive"; ++ op_type = String "PATH"; ++ op_discrim = "`TruncateRecursive"; ++ op_shortdesc = "Recursively truncate all files in directory"; ++ op_pod_longdesc = "\ ++This command recursively truncates all files under C to zero-length."; ++ }; ++ + { op_name = "uninstall"; + op_type = StringList "PKG,PKG.."; + op_discrim = "`UninstallPackages"; diff --git a/SOURCES/0027-generator-Add-new-virt-customize-tar-in-operation.patch b/SOURCES/0027-generator-Add-new-virt-customize-tar-in-operation.patch new file mode 100644 index 0000000..81be387 --- /dev/null +++ b/SOURCES/0027-generator-Add-new-virt-customize-tar-in-operation.patch @@ -0,0 +1,173 @@ +From 3cf513cab7bc93a80c8d9f1dea221cba471cafb9 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 26 Oct 2023 19:44:03 +0100 +Subject: [PATCH] generator: Add new virt-customize --tar-in operation + +Using 'virt-customize --tar-in some.tar:/dir -a disk.img' will unpack +'some.tar' into '/dir' in the guest. Note that this will not work for +compressed tar files as written since the underlying guestfs_tar_in +function requires the compression type to be set explicitly and +defaults to no compression (it does not auto-detect or default to +compression). + +(cherry picked from commit b5f7b0ec18e30d25342bc322e571edf17a72974f) +--- + common | 2 +- + generator/customize.ml | 12 ++++++++++++ + 2 files changed, 13 insertions(+), 1 deletion(-) + +Submodule common e70d89a5..9a8ba593: +diff --git a/common/mlcustomize/customize-options.pod b/common/mlcustomize/customize-options.pod +index e658a447..ff93630d 100644 +--- a/common/mlcustomize/customize-options.pod ++++ b/common/mlcustomize/customize-options.pod +@@ -427,6 +427,14 @@ the C field. + You can have multiple I<--ssh-inject> options, for different users + and also for more keys for each user. + ++=item B<--tar-in> TARFILE:REMOTEDIR ++ ++Copy local files or directories from a local tar file ++called C into the disk image, placing them in the ++directory C (which must exist). Note that ++the tar file must be uncompressed (F<.tar.gz> files will not work ++here) ++ + =item B<--timezone> TIMEZONE + + Set the default timezone of the guest to C. Use a location +diff --git a/common/mlcustomize/customize-synopsis.pod b/common/mlcustomize/customize-synopsis.pod +index 5031b015..bb0ce125 100644 +--- a/common/mlcustomize/customize-synopsis.pod ++++ b/common/mlcustomize/customize-synopsis.pod +@@ -9,8 +9,9 @@ + [--password USER:SELECTOR] [--root-password SELECTOR] + [--run SCRIPT] [--run-command 'CMD+ARGS'] [--scrub FILE] + [--sm-attach SELECTOR] [--sm-register] [--sm-remove] +- [--sm-unregister] [--ssh-inject USER[:SELECTOR]] [--truncate FILE] +- [--truncate-recursive PATH] [--timezone TIMEZONE] [--touch FILE] ++ [--sm-unregister] [--ssh-inject USER[:SELECTOR]] ++ [--tar-in TARFILE:REMOTEDIR] [--timezone TIMEZONE] [--touch FILE] ++ [--truncate FILE] [--truncate-recursive PATH] + [--uninstall PKG,PKG..] [--update] [--upload FILE:DEST] + [--write FILE:CONTENT] [--no-logfile] + [--password-crypto md5|sha256|sha512] [--no-selinux-relabel] +diff --git a/common/mlcustomize/customize_cmdline.ml b/common/mlcustomize/customize_cmdline.ml +index 3ce901db..245d9960 100644 +--- a/common/mlcustomize/customize_cmdline.ml ++++ b/common/mlcustomize/customize_cmdline.ml +@@ -93,14 +93,16 @@ and op = [ + (* --sm-unregister *) + | `SSHInject of string * Ssh_key.ssh_key_selector + (* --ssh-inject USER[:SELECTOR] *) +- | `Truncate of string +- (* --truncate FILE *) +- | `TruncateRecursive of string +- (* --truncate-recursive PATH *) ++ | `TarIn of string * string ++ (* --tar-in TARFILE:REMOTEDIR *) + | `Timezone of string + (* --timezone TIMEZONE *) + | `Touch of string + (* --touch FILE *) ++ | `Truncate of string ++ (* --truncate FILE *) ++ | `TruncateRecursive of string ++ (* --truncate-recursive PATH *) + | `UninstallPackages of string list + (* --uninstall PKG,PKG.. *) + | `Update +@@ -418,17 +420,16 @@ let rec argspec () = + ), + Some "USER[:SELECTOR]", "Inject an ssh key so the given C will be able to log in over\nssh without supplying a password. The C must exist already\nin the guest.\n\nSee L for the format of\nthe C field.\n\nYou can have multiple I<--ssh-inject> options, for different users\nand also for more keys for each user."; + ( +- [ L"truncate" ], +- Getopt.String (s_"FILE", fun s -> List.push_front (`Truncate s) ops), +- s_"Truncate a file to zero size" ++ [ L"tar-in" ], ++ Getopt.String ( ++ s_"TARFILE:REMOTEDIR", ++ fun s -> ++ let p = split_string_pair "tar-in" s in ++ List.push_front (`TarIn p) ops ++ ), ++ s_"Copy local files or directories from a tarball into image" + ), +- Some "FILE", "This command truncates C to a zero-length file. The file must exist\nalready."; +- ( +- [ L"truncate-recursive" ], +- Getopt.String (s_"PATH", fun s -> List.push_front (`TruncateRecursive s) ops), +- s_"Recursively truncate all files in directory" +- ), +- Some "PATH", "This command recursively truncates all files under C to zero-length."; ++ Some "TARFILE:REMOTEDIR", "Copy local files or directories from a local tar file\ncalled C into the disk image, placing them in the\ndirectory C (which must exist). Note that\nthe tar file must be uncompressed (F<.tar.gz> files will not work\nhere)"; + ( + [ L"timezone" ], + Getopt.String (s_"TIMEZONE", fun s -> List.push_front (`Timezone s) ops), +@@ -441,6 +442,18 @@ let rec argspec () = + s_"Run touch on a file" + ), + Some "FILE", "This command performs a L-like operation on C."; ++ ( ++ [ L"truncate" ], ++ Getopt.String (s_"FILE", fun s -> List.push_front (`Truncate s) ops), ++ s_"Truncate a file to zero size" ++ ), ++ Some "FILE", "This command truncates C to a zero-length file. The file must exist\nalready."; ++ ( ++ [ L"truncate-recursive" ], ++ Getopt.String (s_"PATH", fun s -> List.push_front (`TruncateRecursive s) ops), ++ s_"Recursively truncate all files in directory" ++ ), ++ Some "PATH", "This command recursively truncates all files under C to zero-length."; + ( + [ L"uninstall" ], + Getopt.String ( +diff --git a/common/mlcustomize/customize_cmdline.mli b/common/mlcustomize/customize_cmdline.mli +index 112b74dc..51a156ea 100644 +--- a/common/mlcustomize/customize_cmdline.mli ++++ b/common/mlcustomize/customize_cmdline.mli +@@ -85,14 +85,16 @@ and op = [ + (* --sm-unregister *) + | `SSHInject of string * Ssh_key.ssh_key_selector + (* --ssh-inject USER[:SELECTOR] *) +- | `Truncate of string +- (* --truncate FILE *) +- | `TruncateRecursive of string +- (* --truncate-recursive PATH *) ++ | `TarIn of string * string ++ (* --tar-in TARFILE:REMOTEDIR *) + | `Timezone of string + (* --timezone TIMEZONE *) + | `Touch of string + (* --touch FILE *) ++ | `Truncate of string ++ (* --truncate FILE *) ++ | `TruncateRecursive of string ++ (* --truncate-recursive PATH *) + | `UninstallPackages of string list + (* --uninstall PKG,PKG.. *) + | `Update +diff --git a/generator/customize.ml b/generator/customize.ml +index c3dd259e..e64b45c0 100644 +--- a/generator/customize.ml ++++ b/generator/customize.ml +@@ -510,6 +510,18 @@ You can have multiple I<--ssh-inject> options, for different users + and also for more keys for each user." + }; + ++ { op_name = "tar-in"; ++ op_type = StringPair "TARFILE:REMOTEDIR"; ++ op_discrim = "`TarIn"; ++ op_shortdesc = "Copy local files or directories from a tarball into image"; ++ op_pod_longdesc = "\ ++Copy local files or directories from a local tar file ++called C into the disk image, placing them in the ++directory C (which must exist). Note that ++the tar file must be uncompressed (F<.tar.gz> files will not work ++here)"; ++ }; ++ + { op_name = "timezone"; + op_type = String "TIMEZONE"; + op_discrim = "`Timezone"; diff --git a/SOURCES/0028-New-mailing-list-email-address.patch b/SOURCES/0028-New-mailing-list-email-address.patch new file mode 100644 index 0000000..0d64d60 --- /dev/null +++ b/SOURCES/0028-New-mailing-list-email-address.patch @@ -0,0 +1,271 @@ +From 8dc3b9fb23e4af1b6a5271a7d40d6c2706cf1f78 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 16 Nov 2023 10:38:59 +0000 +Subject: [PATCH] New mailing list email address + +(cherry picked from commit 0b8b1e4b2d70cf4ed59775c3c2d1aa42d3c29ca2) +--- + .gitpublish | 2 +- + appliance/Makefile.am | 2 +- + po-docs/Makefile.am | 2 +- + po-docs/cs.po | 2 +- + po-docs/de.po | 2 +- + po-docs/en_GB.po | 2 +- + po-docs/es.po | 2 +- + po-docs/eu.po | 2 +- + po-docs/fi.po | 2 +- + po-docs/fr.po | 2 +- + po-docs/ja.po | 2 +- + po-docs/libguestfs-docs.pot | 2 +- + po-docs/nl.po | 2 +- + po-docs/pt_BR.po | 2 +- + po-docs/si.po | 2 +- + po-docs/tg.po | 2 +- + po-docs/uk.po | 2 +- + po-docs/zh_CN.po | 2 +- + python/setup.py.in | 2 +- + 19 files changed, 19 insertions(+), 19 deletions(-) + +diff --git a/.gitpublish b/.gitpublish +index 9775dd23..2aae0c09 100644 +--- a/.gitpublish ++++ b/.gitpublish +@@ -1,3 +1,3 @@ + [gitpublishprofile "default"] + base = master +-to = libguestfs@redhat.com ++to = guestfs@lists.libguestfs.org +diff --git a/appliance/Makefile.am b/appliance/Makefile.am +index 063c19f6..8cb9bd1f 100644 +--- a/appliance/Makefile.am ++++ b/appliance/Makefile.am +@@ -88,7 +88,7 @@ else + if HAVE_PACMAN + QUERY_FILES_CMD := xargs pacman -Qo | sed -r 's/.* is owned by ([^ ]+) .*/\1/' + else +-$(error Error: Unknown Linux distribution "$(DISTRO)". Please add support to m4/guestfs-appliance.m4 and appliance/Makefile.am and send a patch upstream to libguestfs@redhat.com) ++$(error Error: Unknown Linux distribution "$(DISTRO)". Please add support to m4/guestfs-appliance.m4 and appliance/Makefile.am and send a patch upstream to guestfs@lists.libguestfs.org) + endif !HAVE_PACMAN + endif !HAVE_DPKG + endif !HAVE_RPM +diff --git a/po-docs/Makefile.am b/po-docs/Makefile.am +index 61c1b1c9..330b673f 100644 +--- a/po-docs/Makefile.am ++++ b/po-docs/Makefile.am +@@ -46,7 +46,7 @@ libguestfs-docs.pot: + -M utf-8 -L utf-8 \ + --package-name $(PACKAGE_NAME) \ + --package-version $(PACKAGE_VERSION) \ +- --msgid-bugs-address libguestfs@redhat.com \ ++ --msgid-bugs-address guestfs@lists.libguestfs.org \ + --copyright-holder "Red Hat Inc." \ + -p $(abs_srcdir)/$@ \ + $(patsubst %,-m %,$(shell cat $(srcdir)/podfiles)) +diff --git a/po-docs/cs.po b/po-docs/cs.po +index 5618cb0f..d50e53bf 100644 +--- a/po-docs/cs.po ++++ b/po-docs/cs.po +@@ -3,7 +3,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.39.12\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-07-06 15:46+0100\n" + "PO-Revision-Date: 2017-09-11 04:54+0000\n" + "Last-Translator: Zdenek \n" +diff --git a/po-docs/de.po b/po-docs/de.po +index da449e9f..76abc8d3 100644 +--- a/po-docs/de.po ++++ b/po-docs/de.po +@@ -7,7 +7,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.39.12\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-07-06 15:46+0100\n" + "PO-Revision-Date: 2021-11-18 23:16+0000\n" + "Last-Translator: Ettore Atalan \n" +diff --git a/po-docs/en_GB.po b/po-docs/en_GB.po +index 283402a6..75610b9e 100644 +--- a/po-docs/en_GB.po ++++ b/po-docs/en_GB.po +@@ -6,7 +6,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.39.12\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-07-06 15:46+0100\n" + "PO-Revision-Date: 2015-02-21 10:15+0000\n" + "Last-Translator: Copied by Zanata \n" +diff --git a/po-docs/es.po b/po-docs/es.po +index a163e26d..defbd61d 100644 +--- a/po-docs/es.po ++++ b/po-docs/es.po +@@ -9,7 +9,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.39.12\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-07-06 15:46+0100\n" + "PO-Revision-Date: 2023-02-05 15:20+0000\n" + "Last-Translator: Emilio Herrera \n" +diff --git a/po-docs/eu.po b/po-docs/eu.po +index 7f1f634b..63653271 100644 +--- a/po-docs/eu.po ++++ b/po-docs/eu.po +@@ -7,7 +7,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.39.12\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-07-06 15:46+0100\n" + "PO-Revision-Date: 2015-02-21 10:17+0000\n" + "Last-Translator: Copied by Zanata \n" +diff --git a/po-docs/fi.po b/po-docs/fi.po +index d96bfd38..361de115 100644 +--- a/po-docs/fi.po ++++ b/po-docs/fi.po +@@ -6,7 +6,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.43.1\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-08-12 15:34+0200\n" + "PO-Revision-Date: 2022-12-23 18:20+0000\n" + "Last-Translator: Jan Kuparinen \n" +diff --git a/po-docs/fr.po b/po-docs/fr.po +index f411d189..cd903c0e 100644 +--- a/po-docs/fr.po ++++ b/po-docs/fr.po +@@ -8,7 +8,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.39.12\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-07-06 15:46+0100\n" + "PO-Revision-Date: 2015-02-21 10:19+0000\n" + "Last-Translator: Copied by Zanata \n" +diff --git a/po-docs/ja.po b/po-docs/ja.po +index 4120b2de..d90437dc 100644 +--- a/po-docs/ja.po ++++ b/po-docs/ja.po +@@ -12,7 +12,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.39.12\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-07-06 15:46+0100\n" + "PO-Revision-Date: 2017-02-24 07:33+0000\n" + "Last-Translator: Copied by Zanata \n" +diff --git a/po-docs/libguestfs-docs.pot b/po-docs/libguestfs-docs.pot +index 8e33712f..3954a51e 100644 +--- a/po-docs/libguestfs-docs.pot ++++ b/po-docs/libguestfs-docs.pot +@@ -7,7 +7,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.43.1\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-08-12 15:34+0200\n" + "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" + "Last-Translator: FULL NAME \n" +diff --git a/po-docs/nl.po b/po-docs/nl.po +index 571f3523..0cf147ee 100644 +--- a/po-docs/nl.po ++++ b/po-docs/nl.po +@@ -7,7 +7,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.39.12\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-07-06 15:46+0100\n" + "PO-Revision-Date: 2015-02-21 10:33+0000\n" + "Last-Translator: Copied by Zanata \n" +diff --git a/po-docs/pt_BR.po b/po-docs/pt_BR.po +index 87c0059f..229f49c3 100644 +--- a/po-docs/pt_BR.po ++++ b/po-docs/pt_BR.po +@@ -3,7 +3,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.39.12\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-07-06 15:46+0100\n" + "PO-Revision-Date: 2017-01-29 09:50+0000\n" + "Last-Translator: Rodrigo de Araujo Sousa Fonseca " +diff --git a/po-docs/si.po b/po-docs/si.po +index e7327945..aa7f5f97 100644 +--- a/po-docs/si.po ++++ b/po-docs/si.po +@@ -6,7 +6,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.43.1\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-08-12 15:34+0200\n" + "PO-Revision-Date: 2021-08-19 07:04+0000\n" + "Last-Translator: Hela Basa \n" +diff --git a/po-docs/tg.po b/po-docs/tg.po +index 446653ab..9e6fa072 100644 +--- a/po-docs/tg.po ++++ b/po-docs/tg.po +@@ -6,7 +6,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.39.12\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-07-06 15:46+0100\n" + "PO-Revision-Date: 2015-02-21 10:34+0000\n" + "Last-Translator: Copied by Zanata \n" +diff --git a/po-docs/uk.po b/po-docs/uk.po +index 52b5ce56..960ea8f8 100644 +--- a/po-docs/uk.po ++++ b/po-docs/uk.po +@@ -15,7 +15,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.39.12\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-07-06 15:46+0100\n" + "PO-Revision-Date: 2020-08-16 15:29+0000\n" + "Last-Translator: Yuri Chornoivan \n" +diff --git a/po-docs/zh_CN.po b/po-docs/zh_CN.po +index 7c546775..0c15c1c1 100644 +--- a/po-docs/zh_CN.po ++++ b/po-docs/zh_CN.po +@@ -8,7 +8,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.39.12\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-07-06 15:46+0100\n" + "PO-Revision-Date: 2017-07-24 08:04+0000\n" + "Last-Translator: cheng ye <18969068329@163.com>\n" +diff --git a/python/setup.py.in b/python/setup.py.in +index aa9fb7ad..17571944 100644 +--- a/python/setup.py.in ++++ b/python/setup.py.in +@@ -30,7 +30,7 @@ This package contains the Python bindings for libguestfs. + """, + + author='The @PACKAGE_NAME@ team', +- author_email='libguestfs@redhat.com', ++ author_email='guestfs@lists.libguestfs.org', + url='http://libguestfs.org', + + license='LGPLv2+', diff --git a/SOURCES/0029-New-mailing-list-archives.patch b/SOURCES/0029-New-mailing-list-archives.patch new file mode 100644 index 0000000..954f515 --- /dev/null +++ b/SOURCES/0029-New-mailing-list-archives.patch @@ -0,0 +1,590 @@ +From 86408417cfe9d742b70104187e52b775e89e497e Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 16 Nov 2023 10:52:11 +0000 +Subject: [PATCH] New mailing list archives + +(cherry picked from commit b2f3994de26c25d61ed94d2ee3b2ea9600755ee1) +--- + README | 2 +- + configure.ac | 2 +- + docs/guestfs-faq.pod | 6 +++--- + docs/guestfs-hacking.pod | 2 +- + docs/guestfs-security.pod | 2 +- + docs/guestfs-testing.pod | 2 +- + po-docs/cs.po | 4 ++-- + po-docs/de.po | 4 ++-- + po-docs/en_GB.po | 8 ++++---- + po-docs/es.po | 4 ++-- + po-docs/eu.po | 4 ++-- + po-docs/fi.po | 12 ++++++------ + po-docs/fr.po | 4 ++-- + po-docs/ja.po | 6 +++--- + po-docs/libguestfs-docs.pot | 12 ++++++------ + po-docs/nl.po | 4 ++-- + po-docs/pt_BR.po | 4 ++-- + po-docs/si.po | 12 ++++++------ + po-docs/tg.po | 4 ++-- + po-docs/uk.po | 6 +++--- + po-docs/zh_CN.po | 4 ++-- + website/index.html.in | 2 +- + 22 files changed, 55 insertions(+), 55 deletions(-) + +diff --git a/README b/README +index 40a7267e..b350edb5 100644 +--- a/README ++++ b/README +@@ -6,7 +6,7 @@ disk images. For more information see the home page: + For discussion, development, patches, etc. please use the mailing + list: + +- http://www.redhat.com/mailman/listinfo/libguestfs ++ https://lists.libguestfs.org + + To find out how to build libguestfs from source, read: + +diff --git a/configure.ac b/configure.ac +index b72e99cf..92479e20 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -321,7 +321,7 @@ echo "If any optional component is configured 'no' when you expected 'yes'" + echo "then you should check the preceding messages." + echo + echo "Please report bugs back to the mailing list:" +-echo "http://www.redhat.com/mailman/listinfo/libguestfs" ++echo "https://lists.libguestfs.org" + echo + echo "Next you should type 'make' to build the package," + echo "then 'make check' to run the tests." +diff --git a/docs/guestfs-faq.pod b/docs/guestfs-faq.pod +index 1e83a9c5..3a03282f 100644 +--- a/docs/guestfs-faq.pod ++++ b/docs/guestfs-faq.pod +@@ -106,7 +106,7 @@ contact S: L + + There is a mailing list, mainly for development, but users are also + welcome to ask questions about libguestfs and the virt tools: +-L ++L + + You can also talk to us on IRC channel C<#guestfs> on Libera Chat. + We're not always around, so please stay in the channel after asking +@@ -1289,7 +1289,7 @@ documented stable API. + =head2 Where do I send patches? + + Please send patches to the libguestfs mailing list +-L. You don't have ++L. You don't have + to be subscribed, but there will be a delay until your posting is + manually approved. + +@@ -1302,7 +1302,7 @@ prefer to have a linear history. + + Large new features that you intend to contribute should be discussed + on the mailing list first +-(L). This avoids ++(L). This avoids + disappointment and wasted work if we don't think the feature would fit + into the libguestfs project. + +diff --git a/docs/guestfs-hacking.pod b/docs/guestfs-hacking.pod +index e1b47ec1..987697b2 100644 +--- a/docs/guestfs-hacking.pod ++++ b/docs/guestfs-hacking.pod +@@ -804,7 +804,7 @@ examining the F log files carefully. + =head2 SUBMITTING PATCHES + + Submit patches to the mailing list: +-L ++L + and CC to L. + + You do not need to subscribe to the mailing list if you don’t want to. +diff --git a/docs/guestfs-security.pod b/docs/guestfs-security.pod +index afacb091..60d22952 100644 +--- a/docs/guestfs-security.pod ++++ b/docs/guestfs-security.pod +@@ -15,7 +15,7 @@ L + + If the security problem is not so serious, you can simply file a bug + (see L below), or send an email to our mailing list +-(L). You do not ++(L). You do not + need to subscribe to the mailing list to send email, but there will be + a delay while the message is moderated. + +diff --git a/docs/guestfs-testing.pod b/docs/guestfs-testing.pod +index c7b44928..ee4b26d6 100644 +--- a/docs/guestfs-testing.pod ++++ b/docs/guestfs-testing.pod +@@ -21,7 +21,7 @@ or post on the mailing list (registration is B required, but if + you're not registered then you'll have to wait for a moderator to + manually approve your message): + +-L ++L + + =head1 TESTS + +diff --git a/po-docs/cs.po b/po-docs/cs.po +index d50e53bf..60c29165 100644 +--- a/po-docs/cs.po ++++ b/po-docs/cs.po +@@ -16000,7 +16000,7 @@ msgstr "" + #: ../docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -38700,7 +38700,7 @@ msgstr "" + + #. type: textblock + #: ../docs/guestfs-testing.pod:24 +-msgid "L" ++msgid "L" + msgstr "" + + #. type: =head1 +diff --git a/po-docs/de.po b/po-docs/de.po +index 76abc8d3..565cd66f 100644 +--- a/po-docs/de.po ++++ b/po-docs/de.po +@@ -16118,7 +16118,7 @@ msgstr "" + #: ../docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -38822,7 +38822,7 @@ msgstr "" + + #. type: textblock + #: ../docs/guestfs-testing.pod:24 +-msgid "L" ++msgid "L" + msgstr "" + + #. type: =head1 +diff --git a/po-docs/en_GB.po b/po-docs/en_GB.po +index 75610b9e..31edb8bf 100644 +--- a/po-docs/en_GB.po ++++ b/po-docs/en_GB.po +@@ -17054,12 +17054,12 @@ msgstr "How do I propose a feature?" + #: ../docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + +@@ -42254,8 +42254,8 @@ msgstr "" + + #. type: textblock + #: ../docs/guestfs-testing.pod:24 +-msgid "L" +-msgstr "L" ++msgid "L" ++msgstr "L" + + #. type: =head1 + #: ../docs/guestfs-testing.pod:26 +diff --git a/po-docs/es.po b/po-docs/es.po +index defbd61d..c84192f4 100644 +--- a/po-docs/es.po ++++ b/po-docs/es.po +@@ -16057,7 +16057,7 @@ msgstr "" + #: ../docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -38908,7 +38908,7 @@ msgstr "" + + #. type: textblock + #: ../docs/guestfs-testing.pod:24 +-msgid "L" ++msgid "L" + msgstr "" + + #. type: =head1 +diff --git a/po-docs/eu.po b/po-docs/eu.po +index 63653271..44bc885d 100644 +--- a/po-docs/eu.po ++++ b/po-docs/eu.po +@@ -15951,7 +15951,7 @@ msgstr "" + #: ../docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -38651,7 +38651,7 @@ msgstr "" + + #. type: textblock + #: ../docs/guestfs-testing.pod:24 +-msgid "L" ++msgid "L" + msgstr "" + + #. type: =head1 +diff --git a/po-docs/fi.po b/po-docs/fi.po +index 361de115..3ff70b33 100644 +--- a/po-docs/fi.po ++++ b/po-docs/fi.po +@@ -13507,7 +13507,7 @@ msgstr "" + msgid "" + "There is a mailing list, mainly for development, but users are also welcome " + "to ask questions about libguestfs and the virt tools: " +-"L" ++"L" + msgstr "" + + #. type: textblock +@@ -15849,7 +15849,7 @@ msgstr "" + #: docs/guestfs-faq.pod:1285 + msgid "" + "Please send patches to the libguestfs mailing list " +-"L. You don't have to be " ++"L. You don't have to be " + "subscribed, but there will be a delay until your posting is manually " + "approved." + msgstr "" +@@ -15872,7 +15872,7 @@ msgstr "" + #: docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -17816,7 +17816,7 @@ msgstr "" + #: docs/guestfs-hacking.pod:840 + msgid "" + "Submit patches to the mailing list: " +-"L and CC to " ++"L and CC to " + "L." + msgstr "" + +@@ -37995,7 +37995,7 @@ msgstr "" + msgid "" + "If the security problem is not so serious, you can simply file a bug (see " + "L below), or send an email to our mailing list " +-"(L). You do not need to " ++"(L). You do not need to " + "subscribe to the mailing list to send email, but there will be a delay while " + "the message is moderated." + msgstr "" +@@ -38598,7 +38598,7 @@ msgstr "" + + #. type: textblock + #: docs/guestfs-testing.pod:24 +-msgid "L" ++msgid "L" + msgstr "" + + #. type: =head1 +diff --git a/po-docs/fr.po b/po-docs/fr.po +index cd903c0e..34b6149e 100644 +--- a/po-docs/fr.po ++++ b/po-docs/fr.po +@@ -16363,7 +16363,7 @@ msgstr "" + #: ../docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -40728,7 +40728,7 @@ msgstr "" + + #. type: textblock + #: ../docs/guestfs-testing.pod:24 +-msgid "L" ++msgid "L" + msgstr "" + + #. type: =head1 +diff --git a/po-docs/ja.po b/po-docs/ja.po +index d90437dc..d00d73d2 100644 +--- a/po-docs/ja.po ++++ b/po-docs/ja.po +@@ -16574,7 +16574,7 @@ msgstr "" + #: ../docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -39859,8 +39859,8 @@ msgstr "" + + #. type: textblock + #: ../docs/guestfs-testing.pod:24 +-msgid "L" +-msgstr "L" ++msgid "L" ++msgstr "L" + + #. type: =head1 + #: ../docs/guestfs-testing.pod:26 +diff --git a/po-docs/libguestfs-docs.pot b/po-docs/libguestfs-docs.pot +index 3954a51e..56d0777b 100644 +--- a/po-docs/libguestfs-docs.pot ++++ b/po-docs/libguestfs-docs.pot +@@ -13453,7 +13453,7 @@ msgstr "" + msgid "" + "There is a mailing list, mainly for development, but users are also welcome " + "to ask questions about libguestfs and the virt tools: " +-"L" ++"L" + msgstr "" + + #. type: textblock +@@ -15795,7 +15795,7 @@ msgstr "" + #: docs/guestfs-faq.pod:1285 + msgid "" + "Please send patches to the libguestfs mailing list " +-"L. You don't have to be " ++"L. You don't have to be " + "subscribed, but there will be a delay until your posting is manually " + "approved." + msgstr "" +@@ -15818,7 +15818,7 @@ msgstr "" + #: docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -17762,7 +17762,7 @@ msgstr "" + #: docs/guestfs-hacking.pod:840 + msgid "" + "Submit patches to the mailing list: " +-"L and CC to " ++"L and CC to " + "L." + msgstr "" + +@@ -37939,7 +37939,7 @@ msgstr "" + msgid "" + "If the security problem is not so serious, you can simply file a bug (see " + "L below), or send an email to our mailing list " +-"(L). You do not need to " ++"(L). You do not need to " + "subscribe to the mailing list to send email, but there will be a delay while " + "the message is moderated." + msgstr "" +@@ -38542,7 +38542,7 @@ msgstr "" + + #. type: textblock + #: docs/guestfs-testing.pod:24 +-msgid "L" ++msgid "L" + msgstr "" + + #. type: =head1 +diff --git a/po-docs/nl.po b/po-docs/nl.po +index 0cf147ee..1f8ac7d0 100644 +--- a/po-docs/nl.po ++++ b/po-docs/nl.po +@@ -15951,7 +15951,7 @@ msgstr "" + #: ../docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -38651,7 +38651,7 @@ msgstr "" + + #. type: textblock + #: ../docs/guestfs-testing.pod:24 +-msgid "L" ++msgid "L" + msgstr "" + + #. type: =head1 +diff --git a/po-docs/pt_BR.po b/po-docs/pt_BR.po +index 229f49c3..d69895cf 100644 +--- a/po-docs/pt_BR.po ++++ b/po-docs/pt_BR.po +@@ -15947,7 +15947,7 @@ msgstr "" + #: ../docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -38647,7 +38647,7 @@ msgstr "" + + #. type: textblock + #: ../docs/guestfs-testing.pod:24 +-msgid "L" ++msgid "L" + msgstr "" + + #. type: =head1 +diff --git a/po-docs/si.po b/po-docs/si.po +index aa7f5f97..de16c4ac 100644 +--- a/po-docs/si.po ++++ b/po-docs/si.po +@@ -13455,7 +13455,7 @@ msgstr "" + msgid "" + "There is a mailing list, mainly for development, but users are also welcome " + "to ask questions about libguestfs and the virt tools: " +-"L" ++"L" + msgstr "" + + #. type: textblock +@@ -15797,7 +15797,7 @@ msgstr "" + #: docs/guestfs-faq.pod:1285 + msgid "" + "Please send patches to the libguestfs mailing list " +-"L. You don't have to be " ++"L. You don't have to be " + "subscribed, but there will be a delay until your posting is manually " + "approved." + msgstr "" +@@ -15820,7 +15820,7 @@ msgstr "" + #: docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -17764,7 +17764,7 @@ msgstr "" + #: docs/guestfs-hacking.pod:840 + msgid "" + "Submit patches to the mailing list: " +-"L and CC to " ++"L and CC to " + "L." + msgstr "" + +@@ -37941,7 +37941,7 @@ msgstr "" + msgid "" + "If the security problem is not so serious, you can simply file a bug (see " + "L below), or send an email to our mailing list " +-"(L). You do not need to " ++"(L). You do not need to " + "subscribe to the mailing list to send email, but there will be a delay while " + "the message is moderated." + msgstr "" +@@ -38544,7 +38544,7 @@ msgstr "" + + #. type: textblock + #: docs/guestfs-testing.pod:24 +-msgid "L" ++msgid "L" + msgstr "" + + #. type: =head1 +diff --git a/po-docs/tg.po b/po-docs/tg.po +index 9e6fa072..80db7183 100644 +--- a/po-docs/tg.po ++++ b/po-docs/tg.po +@@ -15952,7 +15952,7 @@ msgstr "" + #: ../docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -38652,7 +38652,7 @@ msgstr "" + + #. type: textblock + #: ../docs/guestfs-testing.pod:24 +-msgid "L" ++msgid "L" + msgstr "" + + #. type: =head1 +diff --git a/po-docs/uk.po b/po-docs/uk.po +index 960ea8f8..40c96852 100644 +--- a/po-docs/uk.po ++++ b/po-docs/uk.po +@@ -19726,7 +19726,7 @@ msgstr "Як запропонувати нову можливість?" + #: ../docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -47713,8 +47713,8 @@ msgstr "" + + #. type: textblock + #: ../docs/guestfs-testing.pod:24 +-msgid "L" +-msgstr "L" ++msgid "L" ++msgstr "L" + + #. type: =head1 + #: ../docs/guestfs-testing.pod:26 +diff --git a/po-docs/zh_CN.po b/po-docs/zh_CN.po +index 0c15c1c1..1ad0e1cd 100644 +--- a/po-docs/zh_CN.po ++++ b/po-docs/zh_CN.po +@@ -15954,7 +15954,7 @@ msgstr "" + #: ../docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -38654,7 +38654,7 @@ msgstr "" + + #. type: textblock + #: ../docs/guestfs-testing.pod:24 +-msgid "L" ++msgid "L" + msgstr "" + + #. type: =head1 +diff --git a/website/index.html.in b/website/index.html.in +index 91088b59..e7a03d6d 100644 +--- a/website/index.html.in ++++ b/website/index.html.in +@@ -54,7 +54,7 @@ guestfish --ro -i -a disk.img + +

+ Join us on +-the libguestfs ++the libguestfs + mailing list, or on IRC channel #guestfs + on Libera Chat. +

diff --git a/SOURCES/0030-lib-Include-libxml-parser.h-for-xmlReadMemory.patch b/SOURCES/0030-lib-Include-libxml-parser.h-for-xmlReadMemory.patch new file mode 100644 index 0000000..e61d61b --- /dev/null +++ b/SOURCES/0030-lib-Include-libxml-parser.h-for-xmlReadMemory.patch @@ -0,0 +1,25 @@ +From f6f2f56535a54a90a5c02974eba09bb7a8f0709c Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Mon, 27 Nov 2023 14:04:33 +0000 +Subject: [PATCH] lib: Include for xmlReadMemory + +Since libxml2 2.12.1 including this header is required to have this +function declared. + +(cherry picked from commit 02c39dc5e8109ddb911d90759883a504008ba509) +--- + lib/launch-libvirt.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c +index d4bf1a8f..79465dd4 100644 +--- a/lib/launch-libvirt.c ++++ b/lib/launch-libvirt.c +@@ -38,6 +38,7 @@ + #include + #endif + ++#include + #include + #include + diff --git a/SOURCES/0031-ocaml-Use-Gc.finalise-instead-of-a-C-finalizer.patch b/SOURCES/0031-ocaml-Use-Gc.finalise-instead-of-a-C-finalizer.patch new file mode 100644 index 0000000..efc2322 --- /dev/null +++ b/SOURCES/0031-ocaml-Use-Gc.finalise-instead-of-a-C-finalizer.patch @@ -0,0 +1,132 @@ +From 836b63ce6d6a47f0d8179ccd3c96ce152396ba77 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Wed, 13 Dec 2023 22:50:56 +0000 +Subject: [PATCH] ocaml: Use Gc.finalise instead of a C finalizer + +Since OCaml 5.1.1, changes to custom blocks caused C finalizers that +call caml_enter_blocking_section to stop working (if they ever did +before). They are relatively inflexible compared to registering an +OCaml finalizer (Gc.finalise) to call Guestfs.close, so use that +instead. + +Suggested-by: Guillaume Munch-Maccagnoni +See: https://github.com/ocaml/ocaml/issues/12820 +See: https://gitlab.com/nbdkit/libnbd/-/commit/db48794fa89547a4799b832331e82b4b8b98f03d +(cherry picked from commit 61418535ad63b5a2a91f1caf4703d7134834e4dd) +--- + generator/OCaml.ml | 7 ++++- + ocaml/guestfs-c.c | 69 +++++++++++++++++++++------------------------- + 2 files changed, 37 insertions(+), 39 deletions(-) + +diff --git a/generator/OCaml.ml b/generator/OCaml.ml +index 07ccd269..1e6f603a 100644 +--- a/generator/OCaml.ml ++++ b/generator/OCaml.ml +@@ -312,10 +312,15 @@ type t + exception Error of string + exception Handle_closed of string + +-external create : ?environment:bool -> ?close_on_exit:bool -> unit -> t = ++external _create : ?environment:bool -> ?close_on_exit:bool -> unit -> t = + \"guestfs_int_ocaml_create\" + external close : t -> unit = \"guestfs_int_ocaml_close\" + ++let create ?environment ?close_on_exit () = ++ let g = _create ?environment ?close_on_exit () in ++ Gc.finalise close g; ++ g ++ + type event = + "; + List.iter ( +diff --git a/ocaml/guestfs-c.c b/ocaml/guestfs-c.c +index 8a8761e8..700c33ab 100644 +--- a/ocaml/guestfs-c.c ++++ b/ocaml/guestfs-c.c +@@ -61,43 +61,10 @@ value guestfs_int_ocaml_delete_event_callback (value gv, value eh); + value guestfs_int_ocaml_event_to_string (value events); + value guestfs_int_ocaml_last_errno (value gv); + +-/* Allocate handles and deal with finalization. */ +-static void +-guestfs_finalize (value gv) +-{ +- guestfs_h *g = Guestfs_val (gv); +- +- if (g) { +- /* There is a nasty, difficult to solve case here where the +- * user deletes events in one of the callbacks that we are +- * about to invoke, resulting in a double-free. XXX +- */ +- size_t len; +- value **roots = get_all_event_callbacks (g, &len); +- +- /* Close the handle: this could invoke callbacks from the list +- * above, which is why we don't want to delete them before +- * closing the handle. +- */ +- caml_release_runtime_system (); +- guestfs_close (g); +- caml_acquire_runtime_system (); +- +- /* Now unregister the global roots. */ +- if (roots && len > 0) { +- size_t i; +- for (i = 0; i < len; ++i) { +- caml_remove_generational_global_root (roots[i]); +- free (roots[i]); +- } +- free (roots); +- } +- } +-} +- ++/* Allocate handles. */ + static struct custom_operations guestfs_custom_operations = { + (char *) "guestfs_custom_operations", +- guestfs_finalize, ++ custom_finalize_default, + custom_compare_default, + custom_hash_default, + custom_serialize_default, +@@ -179,11 +146,37 @@ value + guestfs_int_ocaml_close (value gv) + { + CAMLparam1 (gv); ++ guestfs_h *g = Guestfs_val (gv); + +- guestfs_finalize (gv); ++ if (g) { ++ /* There is a nasty, difficult to solve case here where the ++ * user deletes events in one of the callbacks that we are ++ * about to invoke, resulting in a double-free. XXX ++ */ ++ size_t len; ++ value **roots = get_all_event_callbacks (g, &len); + +- /* So we don't double-free in the finalizer. */ +- Guestfs_val (gv) = NULL; ++ /* Close the handle: this could invoke callbacks from the list ++ * above, which is why we don't want to delete them before ++ * closing the handle. ++ */ ++ caml_release_runtime_system (); ++ guestfs_close (g); ++ caml_acquire_runtime_system (); ++ ++ /* Now unregister the global roots. */ ++ if (roots && len > 0) { ++ size_t i; ++ for (i = 0; i < len; ++i) { ++ caml_remove_generational_global_root (roots[i]); ++ free (roots[i]); ++ } ++ free (roots); ++ } ++ ++ /* So we don't double-free. */ ++ Guestfs_val (gv) = NULL; ++ } + + CAMLreturn (Val_unit); + } diff --git a/SOURCES/0032-ocaml-Nullify-custom-block-before-releasing-runtime-.patch b/SOURCES/0032-ocaml-Nullify-custom-block-before-releasing-runtime-.patch new file mode 100644 index 0000000..8d41e40 --- /dev/null +++ b/SOURCES/0032-ocaml-Nullify-custom-block-before-releasing-runtime-.patch @@ -0,0 +1,39 @@ +From a534de4f269ea3c2671b99172063e872204fb978 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 14 Dec 2023 08:33:10 +0000 +Subject: [PATCH] ocaml: Nullify custom block before releasing runtime lock + +Avoids a potential, though if possible then very rare, double free +path. + +Suggested-by: Guillaume Munch-Maccagnoni +See: https://github.com/ocaml/ocaml/issues/12820 +(cherry picked from commit e93fd7e8acf34192c0d1b70611e3474dde346941) +--- + ocaml/guestfs-c.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/ocaml/guestfs-c.c b/ocaml/guestfs-c.c +index 700c33ab..ea9a0598 100644 +--- a/ocaml/guestfs-c.c ++++ b/ocaml/guestfs-c.c +@@ -156,6 +156,9 @@ guestfs_int_ocaml_close (value gv) + size_t len; + value **roots = get_all_event_callbacks (g, &len); + ++ /* So we don't double-free. */ ++ Guestfs_val (gv) = NULL; ++ + /* Close the handle: this could invoke callbacks from the list + * above, which is why we don't want to delete them before + * closing the handle. +@@ -173,9 +176,6 @@ guestfs_int_ocaml_close (value gv) + } + free (roots); + } +- +- /* So we don't double-free. */ +- Guestfs_val (gv) = NULL; + } + + CAMLreturn (Val_unit); diff --git a/SOURCES/0033-Update-common-submodule.patch b/SOURCES/0033-Update-common-submodule.patch new file mode 100644 index 0000000..e589389 --- /dev/null +++ b/SOURCES/0033-Update-common-submodule.patch @@ -0,0 +1,162 @@ +From 7073e06b2e45ad1544e715d308662a00a6aa20ae Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 14 Dec 2023 09:03:49 +0000 +Subject: [PATCH] Update common submodule + +The list of patches is below. The one which matters for guestfish is +addition of --key all:... selector. + +Andrey Drobyshev (1): + mldrivers: look for bootloader config in /boot/grub/grub.cfg in case of UEFI + +Richard W.M. Jones (5): + mlxml: Include for xmlReadMemory + options/keys.c: Rewrite confusing match statement + options: Rewrite --key documentation fragment + options: Allow --key all:SELECTOR to be used to match any device + mltools/libosinfo-c.c: Fix off-by-one error + +Fixes: https://issues.redhat.com/browse/RHEL-19367 +(cherry picked from commit 7fd41b5a02b7a9d217150fa49940115a98aae329) +--- + common | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Submodule common 9a8ba593..0dba002c: +diff --git a/common/mldrivers/linux_bootloaders.ml b/common/mldrivers/linux_bootloaders.ml +index 6f8857ef..91c5ab9e 100644 +--- a/common/mldrivers/linux_bootloaders.ml ++++ b/common/mldrivers/linux_bootloaders.ml +@@ -375,6 +375,18 @@ let detect_bootloader (g : G.guestfs) root i_firmware = + with G.Error msg -> + error (f_"could not find bootloader mount point (%s): %s") mp msg in + ++ (* ++ * Workaround for older UEFI-based Debian which may not have ++ * /boot/efi/EFI/debian/grub.cfg. ++ *) ++ let paths = ++ if g#exists "/boot/grub/grub.cfg" then ++ match i_firmware with ++ | Firmware.I_BIOS -> paths ++ | I_UEFI _ -> paths @ ["/boot/grub/grub.cfg"] ++ else paths ++ in ++ + (* We can determine if the bootloader config file is grub 1 or + * grub 2 just by looking at the filename. + *) +diff --git a/common/mltools/libosinfo-c.c b/common/mltools/libosinfo-c.c +index 93357fd9..a48c8989 100644 +--- a/common/mltools/libosinfo-c.c ++++ b/common/mltools/libosinfo-c.c +@@ -296,7 +296,7 @@ v2v_osinfo_os_get_device_drivers (value osv) + + driver = OSINFO_DEVICE_DRIVER(osinfo_list_get_nth (OSINFO_LIST(list), i)); + +- vi = caml_alloc (6, 0); ++ vi = caml_alloc (7, 0); + str = osinfo_device_driver_get_architecture (driver); + copyv = caml_copy_string (str); + Store_field (vi, 0, copyv); +diff --git a/common/mlxml/xml-c.c b/common/mlxml/xml-c.c +index 715c3bb2..e024bd8a 100644 +--- a/common/mlxml/xml-c.c ++++ b/common/mlxml/xml-c.c +@@ -34,6 +34,7 @@ + #include + #include + ++#include + #include + #include + #include +diff --git a/common/options/key-option.pod b/common/options/key-option.pod +index 6bc04df1..1470d863 100644 +--- a/common/options/key-option.pod ++++ b/common/options/key-option.pod +@@ -1,22 +1,37 @@ + =item B<--key> SELECTOR + + Specify a key for LUKS, to automatically open a LUKS device when using +-the inspection. C can be either the libguestfs device name, or +-the UUID of the LUKS device. ++the inspection. + + =over 4 + +-=item B<--key> C:key:KEY_STRING ++=item B<--key> NAMEB<:key:>KEY_STRING ++ ++=item B<--key> UUIDB<:key:>KEY_STRING ++ ++=item B<--key> BKEY_STRING ++ ++C is the libguestfs device name (eg. C). C is ++the device UUID. C means try the key against any encrypted ++device. + + Use the specified C as passphrase. + +-=item B<--key> C:file:FILENAME ++=item B<--key> NAMEB<:file:>FILENAME ++ ++=item B<--key> UUIDB<:file:>FILENAME ++ ++=item B<--key> BFILENAME + + Read the passphrase from F. + +-=item B<--key> C:clevis ++=item B<--key> NAMEB<:clevis> + +-Attempt passphrase-less unlocking for C with Clevis, over the ++=item B<--key> UUIDB<:clevis> ++ ++=item B<--key> B ++ ++Attempt passphrase-less unlocking for the device with Clevis, over the + network. Please refer to L for more + information on network-bound disk encryption (NBDE). + +diff --git a/common/options/keys.c b/common/options/keys.c +index 52b27369..87acba51 100644 +--- a/common/options/keys.c ++++ b/common/options/keys.c +@@ -20,6 +20,7 @@ + + #include + #include ++#include + #include + #include + #include +@@ -152,9 +153,13 @@ get_keys (struct key_store *ks, const char *device, const char *uuid, + if (ks) { + for (i = 0; i < ks->nr_keys; ++i) { + struct key_store_key *key = &ks->keys[i]; ++ bool key_id_matches_this_device; + +- if (STRNEQ (key->id, device) && (!uuid || STRNEQ (key->id, uuid))) +- continue; ++ key_id_matches_this_device = ++ STREQ (key->id, "all") || /* special string "all" matches any device */ ++ STREQ (key->id, device) || ++ (uuid && STREQ (key->id, uuid)); ++ if (!key_id_matches_this_device) continue; + + switch (key->type) { + case key_string: +diff --git a/common/options/options.h b/common/options/options.h +index 94e8b9ee..dcb15c28 100644 +--- a/common/options/options.h ++++ b/common/options/options.h +@@ -109,6 +109,8 @@ struct key_store_key { + * device name, or the UUID. + * + * There may be multiple matching devices in the list. ++ * ++ * This may be the special string "all" which matches any device. + */ + char *id; + diff --git a/SOURCES/0034-tests-Test-guestfish-key-all-.-selector.patch b/SOURCES/0034-tests-Test-guestfish-key-all-.-selector.patch new file mode 100644 index 0000000..fd67834 --- /dev/null +++ b/SOURCES/0034-tests-Test-guestfish-key-all-.-selector.patch @@ -0,0 +1,35 @@ +From 5de9915acd31ffe430adc0df497173032560311c Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 14 Dec 2023 09:15:08 +0000 +Subject: [PATCH] tests: Test guestfish --key all:... selector + +(cherry picked from commit 40f43cc8ea6bd556749ee7ba280971aa8b043d27) +--- + .../luks/test-key-option-inspect-luks-on-lvm.sh | 17 +++++++++++++++++ + 1 file changed, 17 insertions(+) + +diff --git a/tests/luks/test-key-option-inspect-luks-on-lvm.sh b/tests/luks/test-key-option-inspect-luks-on-lvm.sh +index 932862b1..2b60c797 100755 +--- a/tests/luks/test-key-option-inspect-luks-on-lvm.sh ++++ b/tests/luks/test-key-option-inspect-luks-on-lvm.sh +@@ -119,3 +119,20 @@ eval "$fish_ref" + + # Repeat the test. + check_filesystems ++ ++# Exit the current guestfish background process. ++guestfish --remote -- exit ++GUESTFISH_PID= ++ ++# Test the --key all:... selector. ++keys_by_mapper_lvname=( ++ --key all:key:FEDORA-Root ++ --key all:key:FEDORA-LV1 ++ --key all:key:FEDORA-LV2 ++ --key all:key:FEDORA-LV3 ++) ++fish_ref=$("${guestfish[@]}" "${keys_by_mapper_lvname[@]}") ++eval "$fish_ref" ++ ++# Repeat the test. ++check_filesystems diff --git a/SOURCES/0035-generator-customize.ml-Split-chown-parameter-on-char.patch b/SOURCES/0035-generator-customize.ml-Split-chown-parameter-on-char.patch new file mode 100644 index 0000000..4e28ff9 --- /dev/null +++ b/SOURCES/0035-generator-customize.ml-Split-chown-parameter-on-char.patch @@ -0,0 +1,44 @@ +From 118b93a189be2d39d2dc20ef059c9b38c60fe8be Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Fri, 19 Jan 2024 13:18:00 +0000 +Subject: [PATCH] generator/customize.ml: Split --chown parameter on ':' + character + +The previous code split it on ',' which was completely wrong. +(It reveals the lack of testing however). + +Fixes: commit c08032ebe2763f5e9ce5b14e003721475219d390 +Reported-by: Yongkui Guo +(cherry picked from commit e9a728bb22dfa1de5328fbbe7d6d7acad2dbed64) +--- + common | 2 +- + generator/customize.ml | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +Submodule common 0dba002c..54869c98: +diff --git a/common/mlcustomize/customize_cmdline.ml b/common/mlcustomize/customize_cmdline.ml +index 245d9960..48ee3344 100644 +--- a/common/mlcustomize/customize_cmdline.ml ++++ b/common/mlcustomize/customize_cmdline.ml +@@ -157,7 +157,7 @@ let rec argspec () = + let len = String.length arg in + String.sub arg 0 i, String.sub arg (i+1) (len-(i+1)) + and split_string_triplet option_name arg = +- match String.nsplit ~max:3 "," arg with ++ match String.nsplit ~max:3 ":" arg with + | [a; b; c] -> a, b, c + | _ -> + error (f_"invalid format for '--%s' parameter, see the man page") +diff --git a/generator/customize.ml b/generator/customize.ml +index e64b45c0..e2c4b605 100644 +--- a/generator/customize.ml ++++ b/generator/customize.ml +@@ -775,7 +775,7 @@ let rec argspec () = + let len = String.length arg in + String.sub arg 0 i, String.sub arg (i+1) (len-(i+1)) + and split_string_triplet option_name arg = +- match String.nsplit ~max:3 \",\" arg with ++ match String.nsplit ~max:3 \":\" arg with + | [a; b; c] -> a, b, c + | _ -> + error (f_\"invalid format for '--%%s' parameter, see the man page\") diff --git a/SOURCES/0036-Update-common-submodule.patch b/SOURCES/0036-Update-common-submodule.patch new file mode 100644 index 0000000..38afbd0 --- /dev/null +++ b/SOURCES/0036-Update-common-submodule.patch @@ -0,0 +1,65 @@ +From f1ced749d4b714e98c82a971ac60148f95312812 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Wed, 24 Apr 2024 12:23:34 +0100 +Subject: [PATCH] Update common submodule + +In particular pick this: + + commit 93a7f3af5c23ece6a8e092827ed5928a8973fd3c + Author: Richard W.M. Jones + Date: Wed Apr 24 12:08:01 2024 +0100 + + options: Allow nbd+unix:// URIs + +(cherry picked from commit 7968de46f17eed7f18c200c6528ebdfec5c3f279) +--- + common | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Submodule common 54869c98..93a7f3af: +diff --git a/common/options/uri.c b/common/options/uri.c +index 84d393c1..9180d6a2 100644 +--- a/common/options/uri.c ++++ b/common/options/uri.c +@@ -99,7 +99,7 @@ is_uri (const char *arg) + return 0; + + for (p--; p >= arg; p--) { +- if (!c_islower (*p)) ++ if (! (c_islower (*p) || *p == '+')) + return 0; + } + +@@ -148,7 +148,10 @@ parse (const char *arg, char **path_ret, char **protocol_ret, + } + */ + +- *protocol_ret = strdup (uri->scheme); ++ if (STREQ (uri->scheme, "nbd+unix")) ++ *protocol_ret = strdup ("nbd"); ++ else ++ *protocol_ret = strdup (uri->scheme); + if (*protocol_ret == NULL) { + perror ("strdup: protocol"); + return -1; +@@ -194,7 +197,7 @@ parse (const char *arg, char **path_ret, char **protocol_ret, + if (path && path[0] == '/' && + (STREQ (uri->scheme, "gluster") || + STREQ (uri->scheme, "iscsi") || +- STREQ (uri->scheme, "nbd") || ++ STRPREFIX (uri->scheme, "nbd") || + STREQ (uri->scheme, "rbd") || + STREQ (uri->scheme, "sheepdog"))) + path++; +diff --git a/common/progress/progress.c b/common/progress/progress.c +index e4b30663..5848abd7 100644 +--- a/common/progress/progress.c ++++ b/common/progress/progress.c +@@ -123,6 +123,7 @@ progress_bar_init (unsigned flags) + bar->machine_readable = 1; + bar->utf8_mode = 0; + bar->have_terminfo = 0; ++ bar->fp = NULL; + } else { + bar->machine_readable = 0; + diff --git a/SOURCES/0037-New-APIs-findfs_partuuid-and-findfs_partlabel.patch b/SOURCES/0037-New-APIs-findfs_partuuid-and-findfs_partlabel.patch new file mode 100644 index 0000000..2aaf34d --- /dev/null +++ b/SOURCES/0037-New-APIs-findfs_partuuid-and-findfs_partlabel.patch @@ -0,0 +1,86 @@ +From 04a45af93d21880e54a386386313100a04b91ca7 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Mon, 8 Jul 2024 14:37:22 +0100 +Subject: [PATCH] New APIs: findfs_partuuid and findfs_partlabel + +These search for partitions by UUID or label (name). They only work +for GPT. + +(cherry picked from commit 1816651f3c138600ad2e5ba0d6437b4753333818) +--- + daemon/findfs.ml | 4 ++++ + generator/actions_core.ml | 24 ++++++++++++++++++++++++ + generator/proc_nr.ml | 2 ++ + lib/MAX_PROC_NR | 2 +- + 4 files changed, 31 insertions(+), 1 deletion(-) + +diff --git a/daemon/findfs.ml b/daemon/findfs.ml +index cf2ba4a8..a94e0ce7 100644 +--- a/daemon/findfs.ml ++++ b/daemon/findfs.ml +@@ -27,6 +27,10 @@ let rec findfs_uuid uuid = + findfs "UUID" uuid + and findfs_label label = + findfs "LABEL" label ++and findfs_partuuid uuid = ++ findfs "PARTUUID" uuid ++and findfs_partlabel label = ++ findfs "PARTLABEL" label + + and findfs tag str = + (* Kill the cache file, forcing blkid to reread values from the +diff --git a/generator/actions_core.ml b/generator/actions_core.ml +index 314bb0ae..c3afe810 100644 +--- a/generator/actions_core.ml ++++ b/generator/actions_core.ml +@@ -5688,6 +5688,30 @@ filesystem can be found. + + To find the label of a filesystem, use C." }; + ++ { defaults with ++ name = "findfs_partuuid"; added = (1, 5, 3); ++ style = RString (RDevice, "device"), [String (PlainString, "uuid")], []; ++ impl = OCaml "Findfs.findfs_partuuid"; ++ shortdesc = "find a partition by UUID"; ++ longdesc = "\ ++This command searches the partitions and returns the one ++which has the given partition UUID. An error is returned if no such ++partition can be found. ++ ++To find the UUID of a partition, use C (C)." }; ++ ++ { defaults with ++ name = "findfs_partlabel"; added = (1, 5, 3); ++ style = RString (RDevice, "device"), [String (PlainString, "label")], []; ++ impl = OCaml "Findfs.findfs_partlabel"; ++ shortdesc = "find a partition by label"; ++ longdesc = "\ ++This command searches the partitions and returns the one ++which has the given label. An error is returned if no such ++partition can be found. ++ ++To find the label of a partition, use C (C)." }; ++ + { defaults with + name = "is_chardev"; added = (1, 5, 10); + style = RBool "flag", [String (Pathname, "path")], [OBool "followsymlinks"]; +diff --git a/generator/proc_nr.ml b/generator/proc_nr.ml +index f71a849c..56cd97a9 100644 +--- a/generator/proc_nr.ml ++++ b/generator/proc_nr.ml +@@ -516,6 +516,8 @@ let proc_nr = [ + 511, "internal_readdir"; + 512, "clevis_luks_unlock"; + 513, "inspect_get_build_id"; ++514, "findfs_partuuid"; ++515, "findfs_partlabel"; + ] + + (* End of list. If adding a new entry, add it at the end of the list +diff --git a/lib/MAX_PROC_NR b/lib/MAX_PROC_NR +index 31cf34b8..3cda32fc 100644 +--- a/lib/MAX_PROC_NR ++++ b/lib/MAX_PROC_NR +@@ -1 +1 @@ +-513 ++515 diff --git a/SOURCES/0038-inspection-Resolve-PARTUUID-and-PARTLABEL-in-etc-fst.patch b/SOURCES/0038-inspection-Resolve-PARTUUID-and-PARTLABEL-in-etc-fst.patch new file mode 100644 index 0000000..cdc2053 --- /dev/null +++ b/SOURCES/0038-inspection-Resolve-PARTUUID-and-PARTLABEL-in-etc-fst.patch @@ -0,0 +1,41 @@ +From ebce03824a3ce75823037003ca2311d7b8d61565 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Mon, 8 Jul 2024 14:39:16 +0100 +Subject: [PATCH] inspection: Resolve PARTUUID= and PARTLABEL= in /etc/fstab + +Fixes: https://issues.redhat.com/browse/RHEL-46596 +(cherry picked from commit e616c8f286ddacf401d7c356724ae874ed883262) +--- + daemon/inspect_fs_unix_fstab.ml | 19 +++++++++++++++++++ + 1 file changed, 19 insertions(+) + +diff --git a/daemon/inspect_fs_unix_fstab.ml b/daemon/inspect_fs_unix_fstab.ml +index 837c8c62..f5817a31 100644 +--- a/daemon/inspect_fs_unix_fstab.ml ++++ b/daemon/inspect_fs_unix_fstab.ml +@@ -131,6 +131,25 @@ and check_fstab_entry md_map root_mountable os_type aug entry = + with + Failure _ -> return None + ) ++ (* EFI partition UUIDs and labels. *) ++ else if String.is_prefix spec "PARTUUID=" then ( ++ let uuid = String.sub spec 9 (String.length spec - 9) in ++ let uuid = shell_unquote uuid in ++ (* Just ignore the device if the UUID cannot be resolved. *) ++ try ++ Mountable.of_device (Findfs.findfs_partuuid uuid) ++ with ++ Failure _ -> return None ++ ) ++ else if String.is_prefix spec "PARTLABEL=" then ( ++ let label = String.sub spec 10 (String.length spec - 10) in ++ let label = shell_unquote label in ++ (* Just ignore the device if the label cannot be resolved. *) ++ try ++ Mountable.of_device (Findfs.findfs_partlabel label) ++ with ++ Failure _ -> return None ++ ) + (* Resolve /dev/root to the current device. + * Do the same for the / partition of the *BSD + * systems, since the BSD -> Linux device diff --git a/SOURCES/0039-daemon-New-command_out-and-sh_out-APIs.patch b/SOURCES/0039-daemon-New-command_out-and-sh_out-APIs.patch new file mode 100644 index 0000000..7187e12 --- /dev/null +++ b/SOURCES/0039-daemon-New-command_out-and-sh_out-APIs.patch @@ -0,0 +1,309 @@ +From d8142f0dc4c422b7ea372d1291807bf7492c1662 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Wed, 19 Feb 2025 11:11:24 +0000 +Subject: [PATCH] daemon: New command_out and sh_out APIs + +These APIs allow you to capture output from guest commands that +generate more output than the protocol limit allows. + +Thanks: Nijin Ashok +Fixes: https://issues.redhat.com/browse/RHEL-80159 +(cherry picked from commit 47ac4871b2c1dcde317d116c52b13916ab368ea4) +(cherry picked from commit 42ae34115f1e6bff2b501d8ff3ab9ac26c892a22) +--- + .gitignore | 1 + + daemon/sh.c | 42 +++++++++++++ + generator/actions_core.ml | 25 ++++++++ + generator/proc_nr.ml | 2 + + lib/MAX_PROC_NR | 2 +- + tests/Makefile.am | 10 ++++ + tests/large-command/test-large-command.c | 46 ++++++++++++++ + tests/large-command/test-large-command.sh | 73 +++++++++++++++++++++++ + 8 files changed, 200 insertions(+), 1 deletion(-) + create mode 100644 tests/large-command/test-large-command.c + create mode 100755 tests/large-command/test-large-command.sh + +diff --git a/.gitignore b/.gitignore +index 00e59fb3..73a561c2 100644 +--- a/.gitignore ++++ b/.gitignore +@@ -422,6 +422,7 @@ Makefile.in + /tests/disks/test-add-disks + /tests/disks/test-qemu-drive-libvirt.xml + /tests/events/test-libvirt-auth-callbacks ++/tests/large-command/test-large-command + /tests/mount-local/test-parallel-mount-local + /tests/mountable/test-internal-parse-mountable + /tests/parallel/test-parallel +diff --git a/daemon/sh.c b/daemon/sh.c +index 92ce08be..c8fdf0bf 100644 +--- a/daemon/sh.c ++++ b/daemon/sh.c +@@ -299,6 +299,40 @@ do_command_lines (char *const *argv) + return lines; /* Caller frees. */ + } + ++/* Has one FileOut parameter. */ ++int ++do_command_out (char *const *argv) ++{ ++ /* We could in theory spool the command to output as it is running, ++ * but error handling mid-command, and progress bars would not work ++ * if we did that. If we encounter a case where this is a problem, ++ * another approach would be to save the output in a temporary file. ++ */ ++ CLEANUP_FREE char *out = NULL; ++ size_t i, n; ++ ++ out = do_command (argv); ++ if (out == NULL) ++ return -1; ++ ++ /* Send the reply message. We know that we're not going to fail now ++ * (except for client cancellation). ++ */ ++ reply (NULL, NULL); ++ ++ n = strlen (out); ++ for (i = 0; i < n; i += GUESTFS_MAX_CHUNK_SIZE) { ++ if (send_file_write (out+i, MIN (GUESTFS_MAX_CHUNK_SIZE, n-i)) < 0) ++ return -1; ++ notify_progress (i, n); ++ } ++ ++ if (send_file_end (0)) ++ return -1; ++ ++ return 0; ++} ++ + char * + do_sh (const char *cmd) + { +@@ -314,3 +348,11 @@ do_sh_lines (const char *cmd) + + return do_command_lines ((char **) argv); + } ++ ++int ++do_sh_out (const char *cmd) ++{ ++ const char *argv[] = { "/bin/sh", "-c", cmd, NULL }; ++ ++ return do_command_out ((char **) argv); ++} +diff --git a/generator/actions_core.ml b/generator/actions_core.ml +index c3afe810..60c4b577 100644 +--- a/generator/actions_core.ml ++++ b/generator/actions_core.ml +@@ -2352,6 +2352,19 @@ result into a list of lines. + + See also: C" }; + ++ { defaults with ++ name = "command_out"; added = (1, 55, 6); ++ style = RErr, [StringList (PlainString, "arguments"); String (FileOut, "output")], []; ++ progress = true; cancellable = true; ++ test_excuse = "there is a separate test in the tests directory"; ++ shortdesc = "run a command from the guest filesystem"; ++ longdesc = "\ ++This is the same as C, but streams the output ++back, handling the case where the output from the command is ++larger than the protocol limit. ++ ++See also: C" }; ++ + { defaults with + name = "statvfs"; added = (1, 9, 2); + style = RStruct ("statbuf", "statvfs"), [String (Pathname, "path")], []; +@@ -3454,6 +3467,18 @@ into a list of lines. + + See also: C" }; + ++ { defaults with ++ name = "sh_out"; added = (1, 55, 6); ++ style = RErr, [String (PlainString, "command"); String (FileOut, "output")], []; ++ test_excuse = "there is a separate test in the tests directory"; ++ shortdesc = "run a command via the shell"; ++ longdesc = "\ ++This is the same as C, but streams the output ++back, handling the case where the output from the command is ++larger than the protocol limit. ++ ++See also: C" }; ++ + { defaults with + name = "glob_expand"; added = (1, 0, 50); + (* Use Pathname here, and hence ABS_PATH (pattern,...) in +diff --git a/generator/proc_nr.ml b/generator/proc_nr.ml +index 56cd97a9..0ce12e66 100644 +--- a/generator/proc_nr.ml ++++ b/generator/proc_nr.ml +@@ -518,6 +518,8 @@ let proc_nr = [ + 513, "inspect_get_build_id"; + 514, "findfs_partuuid"; + 515, "findfs_partlabel"; ++516, "command_out"; ++517, "sh_out"; + ] + + (* End of list. If adding a new entry, add it at the end of the list +diff --git a/lib/MAX_PROC_NR b/lib/MAX_PROC_NR +index 3cda32fc..ac953cd0 100644 +--- a/lib/MAX_PROC_NR ++++ b/lib/MAX_PROC_NR +@@ -1 +1 @@ +-515 ++517 +diff --git a/tests/Makefile.am b/tests/Makefile.am +index b87d4ce2..9ad3cd1d 100644 +--- a/tests/Makefile.am ++++ b/tests/Makefile.am +@@ -440,6 +440,16 @@ EXTRA_DIST += http/test-http.py + TESTS += journal/test-journal.pl + EXTRA_DIST += journal/test-journal.pl + ++# This binary must be statically linked. It is used for testing ++# the "guestfs_command_out" function. ++ ++large_command_test_large_command_SOURCES = large-command/test-large-command.c ++large_command_test_large_command_LDFLAGS = -all-static ++ ++check_PROGRAMS += large-command/test-large-command ++TESTS += large-command/test-large-command.sh ++EXTRA_DIST += large-command/test-large-command.sh ++ + TESTS += \ + luks/test-luks.sh \ + luks/test-luks-list.sh \ +diff --git a/tests/large-command/test-large-command.c b/tests/large-command/test-large-command.c +new file mode 100644 +index 00000000..0abf435e +--- /dev/null ++++ b/tests/large-command/test-large-command.c +@@ -0,0 +1,46 @@ ++/* libguestfs ++ * Copyright (C) 2009-2025 Red Hat Inc. ++ * ++ * This program is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 2 of the License, or ++ * (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License along ++ * with this program; if not, write to the Free Software Foundation, Inc., ++ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. ++ */ ++ ++/* This program, which must be statically linked, is used to test the ++ * guestfs_command_out and guestfs_sh_out functions. ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#define STREQ(a,b) (strcmp((a),(b)) == 0) ++ ++int ++main (int argc, char *argv[]) ++{ ++ size_t n, i; ++ ++ if (argc > 1) { ++ if (sscanf (argv[1], "%zu", &n) != 1) ++ error (EXIT_FAILURE, 0, "could not parse parameter: %s", argv[1]); ++ for (i = 0; i < n; ++i) ++ putchar ('x'); ++ } else ++ error (EXIT_FAILURE, 0, "missing parameter"); ++ ++ exit (EXIT_SUCCESS); ++} +diff --git a/tests/large-command/test-large-command.sh b/tests/large-command/test-large-command.sh +new file mode 100755 +index 00000000..abcfa868 +--- /dev/null ++++ b/tests/large-command/test-large-command.sh +@@ -0,0 +1,73 @@ ++#!/bin/bash - ++# libguestfs ++# Copyright (C) 2025 Red Hat Inc. ++# ++# This program is free software; you can redistribute it and/or modify ++# it under the terms of the GNU General Public License as published by ++# the Free Software Foundation; either version 2 of the License, or ++# (at your option) any later version. ++# ++# This program is distributed in the hope that it will be useful, ++# but WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++# GNU General Public License for more details. ++# ++# You should have received a copy of the GNU General Public License ++# along with this program; if not, write to the Free Software ++# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. ++ ++# Test command-out. We can't easily test sh-out without having a ++# shell (which requires a full guest), however the code path for both ++# is essentially identical. ++ ++set -e ++ ++$TEST_FUNCTIONS ++ ++skip_if_skipped ++ ++skip_unless stat --version ++ ++# Binary must exist and must be linked statically. ++bin=large-command/test-large-command ++skip_unless test -x $bin ++skip_unless bash -c " ldd $bin |& grep -sq 'not a dynamic executable' " ++ ++disk=large-command/test.img ++rm -f $disk ++ ++out1=large-command/test.out1 ++out2=large-command/test.out2 ++out3=large-command/test.out3 ++out4=large-command/test.out4 ++ ++# Must be larger than protocol size, currently 4MB. ++size=$((10 * 1024 * 1024)) ++ ++guestfish -x -N $disk=fs -m /dev/sda1 < +Date: Mon, 3 Oct 2022 09:55:14 -0700 +Subject: [PATCH] Add Oracle Linux identifier + +Signed-off-by: Darren Archibald +--- + daemon/inspect_fs_unix.ml | 1 + + m4/guestfs-appliance.m4 | 2 +- + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/daemon/inspect_fs_unix.ml b/daemon/inspect_fs_unix.ml +index d8dce60..ee89ff0 100644 +--- a/daemon/inspect_fs_unix.ml ++++ b/daemon/inspect_fs_unix.ml +@@ -159,6 +159,7 @@ and distro_of_os_release_id = function + | "pardus" -> Some DISTRO_PARDUS + | "pld" -> Some DISTRO_PLD_LINUX + | "rhel" -> Some DISTRO_RHEL ++ | "ol" -> Some DISTRO_ORACLE_LINUX + | "rocky" -> Some DISTRO_ROCKY + | "sles" | "sled" -> Some DISTRO_SLES + | "ubuntu" -> Some DISTRO_UBUNTU +diff --git a/m4/guestfs-appliance.m4 b/m4/guestfs-appliance.m4 +index 4e671d2..dc06d1a 100644 +--- a/m4/guestfs-appliance.m4 ++++ b/m4/guestfs-appliance.m4 +@@ -114,7 +114,7 @@ if test "x$ENABLE_APPLIANCE" = "xyes"; then + fi ) | tr '@<:@:lower:@:>@' '@<:@:upper:@:>@' + )" + AS_CASE([$DISTRO], +- [FEDORA | RHEL | CENTOS | ALMALINUX | CLOUDLINUX \ ++ [FEDORA | RHEL | OL | CENTOS | ALMALINUX | CLOUDLINUX \ + | ROCKY | VIRTUOZZO], + [DISTRO=REDHAT], + [OPENSUSE* | SLED | SLES],[DISTRO=SUSE], +-- +2.39.3 + diff --git a/SOURCES/copy-patches.sh b/SOURCES/copy-patches.sh old mode 100755 new mode 100644 index 34989cc..a557e26 --- a/SOURCES/copy-patches.sh +++ b/SOURCES/copy-patches.sh @@ -3,12 +3,11 @@ set -e # Maintainer script to copy patches from the git repo to the current -# directory. It's normally only used downstream (ie. in RHEL). Use -# it like this: +# directory. Use it like this: # ./copy-patches.sh project=libguestfs -rhel_version=9.2 +rhel_version=9.5 # Check we're in the right directory. if [ ! -f $project.spec ]; then @@ -37,7 +36,12 @@ git rm -f [0-9]*.patch ||: rm -f [0-9]*.patch # Get the patches. -(cd $git_checkout; rm -f [0-9]*.patch; git -c core.abbrev=9 format-patch -O/dev/null -N --submodule=diff $tag) +( + cd $git_checkout + rm -f [0-9]*.patch + git -c core.abbrev=8 format-patch -O/dev/null --subject-prefix=PATCH -N \ + --submodule=diff --no-signature --patience $tag +) mv $git_checkout/[0-9]*.patch . # Remove any not to be applied. diff --git a/SOURCES/libguestfs-1.48.4.tar.gz.sig b/SOURCES/libguestfs-1.48.4.tar.gz.sig deleted file mode 100644 index 1490f9f..0000000 --- a/SOURCES/libguestfs-1.48.4.tar.gz.sig +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQJFBAABCAAvFiEE93dPsa0HSn6Mh2fqkXOPc+G3aKAFAmLFql8RHHJpY2hAYW5u -ZXhpYS5vcmcACgkQkXOPc+G3aKAV2hAAzOcZseFTUFFoj4M5riqXqtBN3W+fr/O7 -v0wzJ9sY31Ftk8KFKKgpwOn4UFXYMPXY7Hm94GRAYjYBAtx9Viyyt7B6PbV7mVZ0 -WHLlZcg3ZsliF23s3EoHfgTGFfKLkjDwfPlmChC260Ffhq4KKvnwu/DobY/CDLHG -0cvrjb0OOYibBGbq58AHYR6QlVH/ScAuLSA1aRAd06bbpixufRR1oh1MtFA1iSvC -yjNH0joLFiu0uuD7KFH66YX2nFNrO24r0LxJkwT5G7GHlZJStJUpvs/QHa8Tw5Zt -Z1JMk9yB9EMPYimdVDm7m6eDBxTx8YbF7u6G8JdHRXgAPBt4O09XX7WGxxmh9Dc4 -M+QkpiubEOG6qwBythJJ6sTSRLKIAPeVfHEOauXg8n45Tbk5jYwthMKbnD9ETb3t -QKdMr5g+DZUO0LfbOvP0GtD+b1jK4iu4BcWDquQBXpDTbx7LUfSuTDrWItehEnBp -/K6FRbakNZEroLR5VA9WAa6sE+2B3gg1OG+KHypHuw4hfpmutvVA8wnPgyw3j+WK -xdcRp65NUMUkKRE/FTwp1MkY1Y2S9M9iAPX+CopdHPVoq9O2YE+K6Rv1EdJjmKZK -EwLzX08Xcj9T/U9GEfV+QdIzitCuxf7x9ULEDcFozFnuHXww+JLdR0EmIDkUwl7C -Z0KKsy18Eq8= -=WB1H ------END PGP SIGNATURE----- diff --git a/SOURCES/libguestfs-1.50.2.tar.gz.sig b/SOURCES/libguestfs-1.50.2.tar.gz.sig new file mode 100644 index 0000000..b55429c --- /dev/null +++ b/SOURCES/libguestfs-1.50.2.tar.gz.sig @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- + +iQJFBAABCAAvFiEE93dPsa0HSn6Mh2fqkXOPc+G3aKAFAmaNN5wRHHJpY2hAYW5u +ZXhpYS5vcmcACgkQkXOPc+G3aKDZwQ/9ExtAdQIYiR1HtRiHlNDoQw5ADVeHaucD +Gy8KLJHyzCZaPVsim50/Rx9Thipn/jvVCNRoww02D8l5xm7elcqO7//N5OWNeyzO +/SUq/DEspWdfpDJVEQvID3Rtg8ZPJ/7VW9dtMe2nuUNpEyBSeqqQvXoJXzDkhcao +IT604JY7zZqeFzXaZGYyXeZUtnxpv7M/yIDGVjQ2m0WxAkpk3OYIW57bjRRTAI3d +zSnCW1qIITpMb3VtTRKw9FIhr/eZsyeLqA1QlKGKh0HEyrVDwYD+ENH4McKyOUH1 +M3pPMxOL5/WpBMpVhQsmospK25+AQRWuzm0w/h6YgP6gPbQLCe7BTkNeWz3n3f8r +W1P+eS0bj1NVs3vZYM0WC8pMx6UaqP6u5T1vH9v+VQ3/ZEqBnU60Jhso5wdQRSgG +GsarBFf2BETZkuMFiUaaKAbDgYYMVW3nsxgurW0pk5kIfeXX1+6xcqoULG/cV879 +xhUD11XBrJdCvWnpZ+xTZD3SPP4hlfAlCkHPhFw0+WdTHUEASVRnX+dZzYcAE49d +2S7XsrAphY+l2BCISdJB4OdGSnpWO8M76Y0FbPFO6bx9YJRmIAQPLWbq4RrjtAZ4 +CUObvLe54y4OHY7f22qZVg+hWusaTexphfOAMi/rInLgWbzERFlQ0iL8mVd3dQqA +oCoiARM5lzI= +=UhhX +-----END PGP SIGNATURE----- diff --git a/SPECS/libguestfs.spec b/SPECS/libguestfs.spec index 31ea5e1..2845ee9 100644 --- a/SPECS/libguestfs.spec +++ b/SPECS/libguestfs.spec @@ -14,10 +14,7 @@ %if !0%{?rhel} %global test_arches aarch64 %{power64} s390x x86_64 %else -# RHEL 9 only: -# x86-64: "/lib64/libc.so.6: CPU ISA level is lower than required" -# (RHBZ#1919389) -%global test_arches NONE +%global test_arches x86_64 %endif # Trim older changelog entries. @@ -36,7 +33,7 @@ %endif # The source directory. -%global source_directory 1.48-stable +%global source_directory 1.50-stable # Filter perl provides. %{?perl_default_filter} @@ -47,8 +44,8 @@ Summary: Access and modify virtual machine disk images Name: libguestfs Epoch: 1 -Version: 1.48.4 -Release: 4%{?dist} +Version: 1.50.2 +Release: 2.0.1%{?dist} License: LGPLv2+ # Build only for architectures that have a kernel @@ -82,28 +79,59 @@ Source7: libguestfs.keyring # Maintainer script which helps with handling patches. Source8: copy-patches.sh +# This is a copy of the common/ submodule from libguestfs @v1.50.2. +# We need it because the libguestfs tarball does not include common/ +# directories that are not used by libguestfs (eg. common/mlcustomize). +# However the patches (below) patch files in those directories and so +# do not apply properly to the libguestfs tarball. Therefore before +# applying the patches we unpack this in the common/ subdirectory. +Source9: libguestfs-common-1.50.2.tar.gz + # Patches are maintained in the following repository: -# https://github.com/libguestfs/libguestfs/commits/rhel-9.2 +# https://github.com/libguestfs/libguestfs/commits/rhel-9.5 # Patches. -Patch0001: 0001-New-API-guestfs_device_name-returning-the-drive-name.patch -Patch0002: 0002-guestfs_readdir-rewrite-with-FileOut-transfer-to-lif.patch -Patch0003: 0003-guestfs_readdir-minimize-the-number-of-send_file_wri.patch -Patch0004: 0004-lib-launch-direct-ignore-drive-iface-parameter.patch -Patch0005: 0005-lib-drive_create_data-drive-remove-field-iface.patch -Patch0006: 0006-lib-rename-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch -Patch0007: 0007-tests-regressions-remove-iface-based-restrictions.patch -Patch0008: 0008-generator-customize-invert-SELinux-relabeling-defaul.patch -Patch0009: 0009-generator-customize-reintroduce-selinux-relabel-as-a.patch -Patch0010: 0010-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch -Patch0011: 0011-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch -Patch0012: 0012-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch -Patch0013: 0013-php-add-arginfo-to-php-bindings.patch -Patch0014: 0014-introduce-the-clevis_luks_unlock-API.patch -Patch0015: 0015-guestfish-guestmount-enable-networking-for-key-ID-cl.patch -Patch0016: 0016-daemon-Add-zstd-support-to-guestfs_file_architecture.patch -Patch0017: 0017-New-API-inspect_get_build_id.patch -Patch0018: 0018-lib-Return-correct-osinfo-field-for-Windows-11.patch +Patch0001: 0001-daemon-selinux-relabel-don-t-exclude-selinux-if-it-s.patch +Patch0002: 0002-daemon-selinux-relabel-search-for-invalid-option-in-.patch +Patch0003: 0003-daemon-selinux-relabel-run-setfiles-with-T-0-if-supp.patch +Patch0004: 0004-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch +Patch0005: 0005-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch +Patch0006: 0006-Remove-virt-dib.patch +Patch0007: 0007-lib-Choose-q35-machine-type-for-x86-64.patch +Patch0008: 0008-LUKS-on-LVM-inspection-test-rename-VGs-and-LVs.patch +Patch0009: 0009-LUKS-on-LVM-inspection-test-test-dev-mapper-VG-LV-tr.patch +Patch0010: 0010-fuse-Don-t-call-fclose-NULL-on-error-paths.patch +Patch0011: 0011-ocaml-implicit_close-test-collect-all-currently-unre.patch +Patch0012: 0012-ocaml-Replace-old-enter-leave_blocking_section-calls.patch +Patch0013: 0013-ocaml-Release-runtime-lock-around-guestfs_close.patch +Patch0014: 0014-ocaml-Conditionally-acquire-the-lock-in-callbacks.patch +Patch0015: 0015-ocaml-Fix-guestfs_065_implicit_close.ml-for-OCaml-5.patch +Patch0016: 0016-ocaml-Use-Caml_state_opt-in-preference-to-caml_state.patch +Patch0017: 0017-generator-Add-chown-option-for-virt-customize.patch +Patch0018: 0018-lib-remove-guestfs_int_cmd_clear_close_files.patch +Patch0019: 0019-docs-fix-broken-link-in-the-guestfs-manual.patch +Patch0020: 0020-docs-clarify-sockdir-s-separation.patch +Patch0021: 0021-lib-move-guestfs_int_create_socketname-from-launch.c.patch +Patch0022: 0022-generator-customize-Add-new-StringTriplet-for-use-by.patch +Patch0023: 0023-daemon-lvm-Do-reverse-device-name-translation-on-pvs.patch +Patch0024: 0024-ruby-Replace-MiniTest-with-Minitest.patch +Patch0025: 0025-ruby-Get-rid-of-old-Test-Unit-compatibility.patch +Patch0026: 0026-generator-Sort-virt-customize-options-into-alphabeti.patch +Patch0027: 0027-generator-Add-new-virt-customize-tar-in-operation.patch +Patch0028: 0028-New-mailing-list-email-address.patch +Patch0029: 0029-New-mailing-list-archives.patch +Patch0030: 0030-lib-Include-libxml-parser.h-for-xmlReadMemory.patch +Patch0031: 0031-ocaml-Use-Gc.finalise-instead-of-a-C-finalizer.patch +Patch0032: 0032-ocaml-Nullify-custom-block-before-releasing-runtime-.patch +Patch0033: 0033-Update-common-submodule.patch +Patch0034: 0034-tests-Test-guestfish-key-all-.-selector.patch +Patch0035: 0035-generator-customize.ml-Split-chown-parameter-on-char.patch +Patch0036: 0036-Update-common-submodule.patch +Patch0037: 0037-New-APIs-findfs_partuuid-and-findfs_partlabel.patch +Patch0038: 0038-inspection-Resolve-PARTUUID-and-PARTLABEL-in-etc-fst.patch +Patch0039: 0039-daemon-New-command_out-and-sh_out-APIs.patch + +Patch1000: 1000-Add-Oracle-Linux-identifier.patch %if 0%{patches_touch_autotools} BuildRequires: autoconf, automake, libtool, gettext-devel @@ -122,6 +150,7 @@ BuildRequires: perl(Pod::Man) BuildRequires: /usr/bin/pod2text BuildRequires: po4a BuildRequires: augeas-devel >= 1.7.0 +BuildRequires: ocaml-augeas-devel >= 0.6 BuildRequires: readline-devel BuildRequires: xorriso BuildRequires: libxml2-devel @@ -173,7 +202,6 @@ BuildRequires: gnupg2 BuildRequires: ocaml BuildRequires: ocaml-ocamldoc BuildRequires: ocaml-findlib-devel -BuildRequires: ocaml-gettext-devel %if !0%{?rhel} BuildRequires: ocaml-ounit-devel %endif @@ -219,18 +247,12 @@ BuildRequires: attr BuildRequires: augeas-libs BuildRequires: bash BuildRequires: binutils -%if !0%{?rhel} BuildRequires: btrfs-progs -%endif BuildRequires: bzip2 BuildRequires: clevis-luks BuildRequires: coreutils BuildRequires: cpio BuildRequires: cryptsetup -%if !0%{?rhel} -BuildRequires: curl -BuildRequires: debootstrap -%endif BuildRequires: dhclient BuildRequires: diffutils BuildRequires: dosfstools @@ -254,9 +276,6 @@ BuildRequires: iproute BuildRequires: iputils BuildRequires: kernel BuildRequires: kmod -%if !0%{?rhel} -BuildRequires: kpartx -%endif BuildRequires: less BuildRequires: libcap %if !0%{?rhel} @@ -279,7 +298,6 @@ BuildRequires: pcre2 BuildRequires: policycoreutils BuildRequires: procps BuildRequires: psmisc -BuildRequires: qemu-img BuildRequires: rpm-libs BuildRequires: rsync BuildRequires: scrub @@ -297,9 +315,6 @@ BuildRequires: tar BuildRequires: udev BuildRequires: util-linux BuildRequires: vim-minimal -%if !0%{?rhel} -BuildRequires: which -%endif BuildRequires: xfsprogs BuildRequires: xz BuildRequires: yajl @@ -451,17 +466,6 @@ Requires: pkgconfig for %{name}. -%if !0%{?rhel} -%package dib -Summary: Additional tools for virt-dib -License: LGPLv2+ - -%description dib -This adds extra packages needed by virt-dib to %{name}. You should -normally install the virt-dib package which depends on this one. -%endif - - %if !0%{?rhel} %package forensics Summary: Filesystem forensics support for %{name} @@ -574,7 +578,7 @@ guests. Install this package if you want libguestfs to be able to inspect non-Linux guests and display icons from them. The only reason this is a separate package is to avoid core libguestfs -having to depend on Perl. See https://bugzilla.redhat.com/1194158 +having to depend on Perl. %package bash-completion @@ -733,6 +737,9 @@ for %{name}. %{gpgverify} --keyring='%{SOURCE7}' --signature='%{SOURCE1}' --data='%{SOURCE0}' %endif %setup -q +%if 0%{?rhel} +tar zxf %{SOURCE9} +%endif %autopatch -p1 %if 0%{patches_touch_autotools} @@ -790,16 +797,27 @@ fi %endif --without-java \ --disable-erlang \ + --with-extra-packages="btrfs-progs" \ $extra # 'INSTALLDIRS' ensures that Perl and Ruby libs are installed in the # vendor dir not the site dir. -make V=1 INSTALLDIRS=vendor %{?_smp_mflags} +# +# In RHEL 9.5-z, %%{?_smp_mflags} causes a race condition in the +# build. I believe this file is generated in parallel: +# podwrapper.pl: blocksize-option.pod: cannot find input file on path at /builddir/build/BUILD/libguestfs-1.50.2/podwrapper.pl line 672. +make V=1 INSTALLDIRS=vendor %check - %ifarch %{test_arches} +# Only run the tests with non-debug (ie. non-Rawhide) kernels. +# XXX This tests for any debug kernel installed. +if grep CONFIG_DEBUG_MUTEXES=y /lib/modules/*/config ; then + echo "Skipping tests because debug kernel is installed" + exit 0 +fi + export LIBGUESTFS_DEBUG=1 export LIBGUESTFS_TRACE=1 export LIBVIRT_DEBUG=1 @@ -828,6 +846,13 @@ find $RPM_BUILD_ROOT -name .packlist -delete find $RPM_BUILD_ROOT -name '*.bs' -delete find $RPM_BUILD_ROOT -name 'bindtests.pl' -delete +# Perl's ExtUtils::Install installs "Guestfs.so" read-only; that +# prevents objcopy from adding the ".gdb_index" section for the sake of +# the debuginfo file. See +# . Restore write +# permission for the file owner. +find $RPM_BUILD_ROOT -name Guestfs.so -exec chmod u+w '{}' + + # golang: Ignore what libguestfs upstream installs, and just copy the # source files to %%{_datadir}/gocode/src. %ifarch %{golang_arches} @@ -856,19 +881,6 @@ function move_to echo "$1" >> "$2" } -%if !0%{?rhel} -move_to curl zz-packages-dib -move_to debootstrap zz-packages-dib -move_to kpartx zz-packages-dib -move_to qemu-img zz-packages-dib -move_to which zz-packages-dib -%else -remove curl -remove debootstrap -remove kpartx -remove qemu-img -remove which -%endif %if !0%{?rhel} move_to sleuthkit zz-packages-forensics move_to gfs2-utils zz-packages-gfs2 @@ -977,11 +989,6 @@ rm ocaml/html/.gitignore %{_libdir}/pkgconfig/libguestfs.pc -%if !0%{?rhel} -%files dib -%{_libdir}/guestfs/supermin.d/zz-packages-dib -%endif - %if !0%{?rhel} %files forensics %{_libdir}/guestfs/supermin.d/zz-packages-forensics @@ -1140,6 +1147,58 @@ rm ocaml/html/.gitignore %changelog +* Mon Mar 17 2025 EL Errata - 1.50.2-2.0.1 +- Add btrfs-progs to the packages installed in the appliance [Orabug: 34137448] +- Replace upstream references from a description tag +- Fix build on Oracle Linux [Orabug: 29319324] +- Set DISTRO_ORACLE_LINUX correspeonding to ol + +* Thu Feb 27 2025 Richard W.M. Jones - 1:1.50.2-2 +- Add new APIs to allow command output > 4MB + resolves: RHEL-81095 + +* Tue Jul 09 2024 Richard W.M. Jones - 1:1.50.2-1 +- Update to libguestfs 1.50.2 + resolves: RHEL-46775 + +* Mon Jul 08 2024 Richard W.M. Jones - 1:1.50.1-12 +- inspection: Resolve PARTUUID= and PARTLABEL= in /etc/fstab + resolves: RHEL-40142, RHEL-46596 + +* Fri Jun 28 2024 Richard W.M. Jones - 1:1.50.1-11 +- Fix (rare) undetected truncation of 64 bit int results to 32 bits + resolves: RHEL-45466 + +* Thu Jun 20 2024 Richard W.M. Jones - 1:1.50.1-10 +- Remove bundled ocaml-augeas + resolves: RHEL-32142 + +* Wed Apr 24 2024 Richard W.M. Jones - 1:1.50.1-9 +- Add support for nbd+unix:// URIs + resolves: RHEL-33851 + +* Thu Dec 14 2023 Richard W.M. Jones - 1:1.50.1-7 +- Add --key all:... selector + resolves: RHEL-19367 +- Add miscellaneous other upstream fixes since 1.50.1 + +* Wed Jun 07 2023 Laszlo Ersek - 1:1.50.1-6 +- enable the ".gdb_index" section in the Perl bindings debug info + resolves: rhbz#2209279 + +* Tue May 23 2023 Laszlo Ersek - 1:1.50.1-5 +- let "guestfish -i" recognize "--key /dev/mapper/VG-LV:key:password" +- reenable quickcheck; we now use "-cpu max" (upstream 30f74f38bd6e) + resolves: rhbz#2209279 + +* Thu May 04 2023 Richard W.M. Jones - 1:1.50.1-4 +- Rebase libguestfs to 1.50.1 + resolves: rhbz#2168625 +- Use q35 machine type for libguestfs appliance + resolves: rhbz#2168578 +- Run SELinux relabelling in parallel [for virt-v2v] + resolves: rhbz#2190276 + * Fri Dec 02 2022 Richard W.M. Jones - 1:1.48.4-4 - New API: guestfs_inspect_get_build_id - Add support for detecting Windows >= 10, returned through osinfo diff --git a/SPECS/libreswan.spec b/SPECS/libreswan.spec new file mode 100644 index 0000000..4a2937b --- /dev/null +++ b/SPECS/libreswan.spec @@ -0,0 +1,557 @@ +%global _hardened_build 1 +# These are rpm macros and are 0 or 1 +%global with_efence 0 +%global with_development 0 +%global with_cavstests 1 +%global nss_version 3.52 +%global unbound_version 1.6.6 +# Libreswan config options +%global libreswan_config \\\ + FINALLIBEXECDIR=%{_libexecdir}/ipsec \\\ + FINALMANDIR=%{_mandir} \\\ + PREFIX=%{_prefix} \\\ + INITSYSTEM=systemd \\\ + PYTHON_BINARY=%{__python3} \\\ + SHELL_BINARY=%{_bindir}/sh \\\ + USE_DNSSEC=true \\\ + USE_LABELED_IPSEC=true \\\ + USE_LDAP=true \\\ + USE_LIBCAP_NG=true \\\ + USE_LIBCURL=true \\\ + USE_LINUX_AUDIT=true \\\ + USE_NM=true \\\ + USE_NSS_IPSEC_PROFILE=true \\\ + USE_SECCOMP=true \\\ + USE_AUTHPAM=true \\\ +%{nil} + +#global prever dr1 + +Name: libreswan +Summary: Internet Key Exchange (IKEv1 and IKEv2) implementation for IPsec +# version is generated in the release script +Version: 4.15 +Release: %{?prever:0.}3%{?prever:.%{prever}}.0.1%{?dist}.3 +License: GPLv2 +Url: https://libreswan.org/ +Source0: https://download.libreswan.org/%{?prever:development/}%{name}-%{version}%{?prever}.tar.gz +%if 0%{with_cavstests} +Source1: https://download.libreswan.org/cavs/ikev1_dsa.fax.bz2 +Source2: https://download.libreswan.org/cavs/ikev1_psk.fax.bz2 +Source3: https://download.libreswan.org/cavs/ikev2.fax.bz2 +%endif +Patch: libreswan-4.6-ikev1-policy-defaults-to-drop.patch +Patch: libreswan-4.15-ondemand-tcp.patch +Patch: libreswan-4.15-netlink-extack.patch +Patch: libreswan-4.15-create-child-sa-race-condition.patch +Patch: libreswan-4.15-rereadsecrets.patch + +Patch100: libreswan-oracle.patch + +BuildRequires: audit-libs-devel +BuildRequires: bison +BuildRequires: curl-devel +BuildRequires: flex +BuildRequires: gcc make +BuildRequires: hostname +BuildRequires: ldns-devel +BuildRequires: libcap-ng-devel +BuildRequires: libevent-devel +BuildRequires: libseccomp-devel +BuildRequires: libselinux-devel +BuildRequires: nspr-devel +BuildRequires: nss-devel >= %{nss_version} +BuildRequires: nss-tools >= %{nss_version} +BuildRequires: openldap-devel +BuildRequires: pam-devel +BuildRequires: pkgconfig +BuildRequires: systemd-devel +BuildRequires: unbound-devel >= %{unbound_version} +BuildRequires: xmlto +%if 0%{with_efence} +BuildRequires: ElectricFence +%endif +Requires: iproute >= 2.6.8 +Requires: nss >= %{nss_version} +Requires: nss-softokn +Requires: nss-tools +Requires: unbound-libs >= %{unbound_version} +Requires(post): bash +Requires(post): coreutils +Requires(post): systemd +Requires(preun): systemd +Requires(postun): systemd + +%description +Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is +the Internet Protocol Security and uses strong cryptography to provide +both authentication and encryption services. These services allow you +to build secure tunnels through untrusted networks. Everything passing +through the untrusted net is encrypted by the ipsec gateway machine and +decrypted by the gateway at the other end of the tunnel. The resulting +tunnel is a virtual private network or VPN. + +This package contains the daemons and userland tools for setting up +Libreswan. + +Libreswan also supports IKEv2 (RFC7296) and Secure Labeling + +Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2.04 + +%prep +%setup -q -n libreswan-%{version}%{?prever} +# enable crypto-policies support +sed -i "s:#[ ]*include \(.*\)\(/crypto-policies/back-ends/libreswan.config\)$:include \1\2:" configs/ipsec.conf.in +%autopatch -p1 + +%build +make %{?_smp_mflags} \ +%if 0%{with_development} + OPTIMIZE_CFLAGS="%{?_hardened_cflags}" \ +%else + OPTIMIZE_CFLAGS="%{optflags}" \ +%endif + WERROR_CFLAGS="-Werror -Wno-missing-field-initializers -Wno-lto-type-mismatch -Wno-maybe-uninitialized" \ +%if 0%{with_efence} + USE_EFENCE=true \ +%endif + USERLINK="%{?__global_ldflags} -Wl,-z,relro -Wl,--as-needed -Wl,-z,now -flto --no-lto" \ + %{libreswan_config} \ + programs +FS=$(pwd) + + +%install +make \ + DESTDIR=%{buildroot} \ + %{libreswan_config} \ + install +FS=$(pwd) +rm -rf %{buildroot}/usr/share/doc/libreswan +rm -rf %{buildroot}%{_libexecdir}/ipsec/*check + +install -d -m 0755 %{buildroot}%{_rundir}/pluto +install -d %{buildroot}%{_sbindir} + +install -d %{buildroot}%{_sysconfdir}/sysctl.d +install -m 0644 packaging/fedora/libreswan-sysctl.conf \ + %{buildroot}%{_sysconfdir}/sysctl.d/50-libreswan.conf + +echo "include %{_sysconfdir}/ipsec.d/*.secrets" \ + > %{buildroot}%{_sysconfdir}/ipsec.secrets +rm -fr %{buildroot}%{_sysconfdir}/rc.d/rc* + +%if 0%{with_cavstests} +%check +# There is an elaborate upstream testing infrastructure which we do not +# run here - it takes hours and uses kvm +# We only run the CAVS tests. +cp %{SOURCE1} %{SOURCE2} %{SOURCE3} . +bunzip2 *.fax.bz2 + +: starting CAVS test for IKEv2 +%{buildroot}%{_libexecdir}/ipsec/cavp -v2 ikev2.fax | \ + diff -u ikev2.fax - > /dev/null +: starting CAVS test for IKEv1 RSASIG +%{buildroot}%{_libexecdir}/ipsec/cavp -v1dsa ikev1_dsa.fax | \ + diff -u ikev1_dsa.fax - > /dev/null +: starting CAVS test for IKEv1 PSK +%{buildroot}%{_libexecdir}/ipsec/cavp -v1psk ikev1_psk.fax | \ + diff -u ikev1_psk.fax - > /dev/null +: CAVS tests passed +%endif + +# Some of these tests will show ERROR for negative testing - it will exit on real errors +%{buildroot}%{_libexecdir}/ipsec/algparse -tp || { echo prooposal test failed; exit 1; } +%{buildroot}%{_libexecdir}/ipsec/algparse -ta || { echo algorithm test failed; exit 1; } +: Algorithm parser tests passed + +# self test for pluto daemon - this also shows which algorithms it allows in FIPS mode +tmpdir=$(mktemp -d /tmp/libreswan-XXXXX) +certutil -N -d sql:$tmpdir --empty-password +%{buildroot}%{_libexecdir}/ipsec/pluto --selftest --nssdir $tmpdir --rundir $tmpdir +: pluto self-test passed - verify FIPS algorithms allowed is still compliant with NIST + +%post +%systemd_post ipsec.service + +%preun +%systemd_preun ipsec.service + +%postun +%systemd_postun_with_restart ipsec.service + +%files +%doc CHANGES COPYING CREDITS README* LICENSE +%doc docs/*.* docs/examples +%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ipsec.conf +%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ipsec.secrets +%attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d +%attr(0700,root,root) %dir %{_sysconfdir}/ipsec.d/policies +%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ipsec.d/policies/* +%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/sysctl.d/50-libreswan.conf +%attr(0755,root,root) %dir %{_rundir}/pluto +%attr(0700,root,root) %dir %{_sharedstatedir}/ipsec +%attr(0700,root,root) %dir %{_sharedstatedir}/ipsec/nss +%attr(0644,root,root) %{_tmpfilesdir}/libreswan.conf +%attr(0644,root,root) %{_unitdir}/ipsec.service +%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/pam.d/pluto +%config(noreplace) %{_sysconfdir}/logrotate.d/libreswan +%{_sbindir}/ipsec +%{_libexecdir}/ipsec +%doc %{_mandir}/*/* + +%changelog +* Tue Mar 18 2025 Craig Guiller - 4.15-3.0.1.3 +- Add libreswan-oracle.patch to detect Oracle Linux distro + +* Fri Jan 24 2025 Daiki Ueno - 4.15-3.3 +- showhostkey: fix regression after RHEL-68755 (RHEL-75967) + +* Fri Nov 22 2024 Daiki Ueno - 4.15-3.2 +- crypto: refcnt struct secret_pubkey_stuff when passing to helper thread (RHEL-68755) + +* Tue Nov 12 2024 Daiki Ueno - 4.15-3.1 +- pluto: ignore CREATE_CHILD_SA request if crypto is in progress (RHEL-71496) + +* Tue Aug 6 2024 Daiki Ueno - 4.15-3 +- Fix release number + +* Tue Aug 6 2024 Daiki Ueno - 4.15-2 +- Fix auto=ondemand connection initialization with TCP (RHEL-51879) +- Make use of Netlink extack for additional error reporting (RHEL-51881) + +* Tue Jul 30 2024 Daiki Ueno - 4.15-1 +- Update to 4.15 (RHEL-50006) + +* Thu Jul 11 2024 Daiki Ueno - 4.12-4 +- Bump release to synchronize with el9_5 package + +* Wed Jun 5 2024 Daiki Ueno - 4.12-3 +- Fix CVE-2024-3652 (RHEL-32483) + +* Thu Apr 11 2024 Daiki Ueno - 4.12-2 +- Fix CVE-2024-2357 (RHEL-28743) +- x509: unpack IPv6 general names based on length (RHEL-32720) + +* Wed Aug 9 2023 Daiki Ueno - 4.12-1 +- Update to 4.12 to fix CVE-2023-38710, CVE-2023-38711, CVE-2023-38712 +- Resolves: rhbz#2215956 + +* Fri May 05 2023 Sahana Prasad - 4.9-5 +- Just bumping up the version to include bugs for CVE-2023-2295. There is no + code fix for it. Fix for it is including the code fix for CVE-2023-30570. +- Fix CVE-2023-2295 Regression of CVE-2023-30570 fixes in the + Red Hat Enterprise Linux +- Resolves: rhbz#2189777, rhbz#2190148 + +* Thu May 04 2023 Sahana Prasad - 4.9-4 +- Just bumping up the version as an incorrect 9.3 build was created. +- Related: rhbz#2187171 + +* Thu May 04 2023 Sahana Prasad - 4.9-3 +- Fix CVE-2023-30570:Malicious IKEv1 Aggressive Mode packets can crash + libreswan +- Resolves: rhbz#2187171 + +* Tue Apr 4 2023 Daiki Ueno - 4.9-2 +- Fix CVE-2023-23009: remote DoS via crafted TS payload with an + incorrect selector length (rhbz#2173674) + +* Wed Jan 4 2023 Daiki Ueno - 4.9-1 +- Update to 4.9. Resolves: rhbz#2128669 +- Switch to using %%autopatch as in Fedora + +* Wed Feb 2 2022 Daiki Ueno - 4.6-3 +- Drop IKEv1 packets by default, based on the Debian patch + by Daniel Kahn Gillmor (rhbz#2039877) + +* Mon Jan 17 2022 Daiki Ueno - 4.6-2 +- Related: rhbz#2017355 rebuild to reflect gating.yaml change + +* Mon Jan 17 2022 Daiki Ueno - 4.6-1 +- Update to 4.6. Resolves: rhbz#2017355 + +* Mon Jan 10 2022 Daiki Ueno - 4.5-1 +- Update to 4.5. Resolves: rhbz#2017355 + +* Mon Aug 09 2021 Mohan Boddu - 4.4-3.1 +- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags + Related: rhbz#1991688 + +* Wed Jul 21 2021 Daiki Ueno - 4.4-3 +- Backport removal gethostbyname2 uses from the upstream +- Fix issues spotted by covscan (rhbz#1938784) + +* Tue Jul 13 2021 Daiki Ueno - 4.4-2 +- Rebuild with newer GCC to fix annocheck failures + +* Thu Jul 1 2021 Daiki Ueno - 4.4-1 +- Update to 4.4. Resolves: rhbz#1975812 +- Port compiler warning suppression by Paul Wouters: + https://src.fedoraproject.org/rpms/libreswan/c/8d7f98d41444ac77c562f735b4b93038f5346ce2?branch=rawhide + +* Thu Jun 24 2021 Daiki Ueno - 4.2-1.3 +- Fix FTBFS with OpenSSL 3.0 (rhbz#1975439) + +* Tue Jun 22 2021 Mohan Boddu - 4.2-1.2 +- Rebuilt for RHEL 9 BETA for openssl 3.0 + Related: rhbz#1971065 + +* Fri Apr 16 2021 Mohan Boddu - 4.2-1.1 +- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 + +* Wed Feb 03 2021 Paul Wouters - 4.2-1 +- Update to 4.2 + +* Tue Jan 26 2021 Fedora Release Engineering - 4.2-0.1.rc1.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Sat Dec 19 19:59:55 EST 2020 Paul Wouters - 4.2-0.1.rc1 +- Resolves: rhbz#1867580 pluto process frequently dumps core + (disable USE_NSS_KDF until nss fixes have propagated) + +* Sat Dec 19 2020 Adam Williamson - 4.1-4 +- Rebuild for ldns soname bump + +* Mon Nov 23 11:50:41 EST 2020 Paul Wouters - 4.1-3 +- Resolves: rhbz#1894381 Libreswan 4.1-2 breaks l2tp connection to Windows VPN server + +* Mon Oct 26 10:21:57 EDT 2020 Paul Wouters - 4.1-2 +- Resolves: rhbz#1889538 libreswan's /var/lib/ipsec/nss missing + +* Sun Oct 18 21:49:39 EDT 2020 Paul Wouters - 4.1-1 +- Updated to 4.1 - interop fix for Cisco + +* Thu Oct 15 10:27:14 EDT 2020 Paul Wouters - 4.0-1 +- Resolves: rhbz#1888448 libreswan-4.0 is available + +* Wed Sep 30 14:05:58 EDT 2020 Paul Wouters - 4.0-0.2.rc1 +- Rebuild for libevent 2.1.12 with a soname bump + +* Sun Sep 27 22:49:40 EDT 2020 Paul Wouters - 4.0-0.1.rc1 +- Updated to 4.0rc1 + +* Thu Aug 27 2020 Paul Wouters - 3.32-4 +- Resolves: rhbz#1864043 libreswan: FTBFS in Fedora rawhide/f33 + +* Sat Aug 01 2020 Fedora Release Engineering - 3.32-3.2 +- Second attempt - Rebuilt for + https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue Jul 28 2020 Fedora Release Engineering - 3.32-3.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue Jun 30 2020 Jeff Law - 3.32-3 +- Initialize ppk_id_p in ikev2_parent_inR1outI2_tail to avoid uninitialized + object + +* Tue May 26 2020 Paul Wouters - 3.32-2 +- Backport NSS guarding fix for unannounced changed api in NSS causing segfault + +* Mon May 11 2020 Paul Wouters - 3.32-1 +- Resolves: rhbz#1809770 libreswan-3.32 is available + +* Tue Apr 14 2020 Paul Wouters - 3.31-2 +- Resolves: rhbz#1823823 Please drop the dependency on fipscheck + +* Tue Mar 03 2020 Paul Wouters - 3.31-1 +- Resolves: rhbz#1809770 libreswan-3.31 is available (fixes rekey regression) + +* Fri Feb 14 2020 Paul Wouters - 3.30-1 +- Resolves: rhbz#1802896 libreswan-3.30 is available +- Resolves: rhbz#1799598 libreswan: FTBFS in Fedora rawhide/f32 +- Resolves: rhbz#1760571 [abrt] libreswan: configsetupcheck(): verify:366:configsetupcheck:TypeError: + +* Wed Jan 29 2020 Fedora Release Engineering - 3.29-2.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Thu Jan 09 2020 Paul Wouters - 3.29-2 +- _updown.netkey: fix syntax error in checking routes + +* Thu Jul 25 2019 Fedora Release Engineering - 3.29-1.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Mon Jun 10 2019 Paul Wouters - 3.29-1 +- Resolves: rhbz#1718986 Updated to 3.29 for CVE-2019-10155 + +* Tue May 21 2019 Paul Wouters - 3.28-1 +- Updated to 3.28 (many imported bugfixes, including CVE-2019-12312) + +* Fri Feb 01 2019 Fedora Release Engineering - 3.27-1.2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Mon Jan 14 2019 Björn Esser - 3.27-1.1 +- Rebuilt for libcrypt.so.2 (#1666033) + +* Mon Oct 08 2018 Paul Wouters - 3.27-1 +- Updated to 3.27 (various bugfixes) + +* Thu Sep 27 2018 Paul Wouters - 3.26-3 +- Add fedora python fixup for _unbound-hook + +* Mon Sep 17 2018 Paul Wouters - 3.26-2 +- linking against freebl is no longer needed (and wasn't done in 3.25) + +* Mon Sep 17 2018 Paul Wouters - 3.26-1 +- Updated to 3.26 (CHACHA20POLY1305, ECDSA and RSA-PSS support) + +* Fri Jul 13 2018 Fedora Release Engineering - 3.25-3.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Mon Jul 09 2018 Paul Wouters - 3.25-3 +- Fix Opportunistic IPsec _unbound-hook argument parsing +- Make rundir readable for all (so we can hand out permissions later) + +* Mon Jul 02 2018 Paul Wouters - 3.25-2 +- Relax deleting IKE SA's and IPsec SA's to avoid interop issues with third party VPN vendors + +* Wed Jun 27 2018 Paul Wouters - 3.25-1 +- Updated to 3.25 + +* Mon Feb 19 2018 Paul Wouters - 3.23-2 +- Support crypto-policies package +- Pull in some patches from upstream and IANA registry updates +- gcc7 format-truncate fixes and workarounds + +* Wed Feb 07 2018 Fedora Release Engineering - 3.23-1.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Thu Jan 25 2018 Paul Wouters - 3.23-1 +- Updated to 3.23 - support for MOBIKE, PPK, CMAC, nic offload and performance improvements + +* Sat Jan 20 2018 Björn Esser - 3.22-1.1 +- Rebuilt for switch to libxcrypt + +* Mon Oct 23 2017 Paul Wouters - 3.22-1 +- Updated to 3.22 - many bugfixes, and unbound ipsecmod support + +* Wed Aug 9 2017 Paul Wouters - 3.21-1 +- Updated to 3.21 + +* Thu Aug 03 2017 Fedora Release Engineering - 3.20-1.2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Wed Jul 26 2017 Fedora Release Engineering - 3.20-1.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Tue Mar 14 2017 Paul Wouters - 3.20-1 +- Updated to 3.20 + +* Fri Mar 03 2017 Paul Wouters - 3.20-0.1.dr4 +- Update to 3.20dr4 to test mozbz#1336487 export CERT_CompareAVA + +* Fri Feb 10 2017 Fedora Release Engineering - 3.19-1.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Fri Feb 03 2017 Paul Wouters - 3.19-2 +- Resolves: rhbz#1392191 libreswan: crash when OSX client connects +- Improved uniqueid and session replacing support +- Test Buffer warning fix on size_t +- Re-introduce --configdir for backwards compatibility + +* Sun Jan 15 2017 Paul Wouters - 3.19-1 +- Updated to 3.19 (see download.libreswan.org/CHANGES) + +* Mon Dec 19 2016 Miro Hrončok - 3.18-1.1 +- Rebuild for Python 3.6 + +* Fri Jul 29 2016 Paul Wouters - 3.18-1 +- Updated to 3.18 for CVE-2016-5391 rhbz#1361164 and VTI support +- Remove support for /etc/sysconfig/pluto (use native systemd instead) + +* Thu May 05 2016 Paul Wouters - 3.17-2 +- Resolves: rhbz#1324956 prelink is gone, /etc/prelink.conf.d/* is no longer used + +* Thu Apr 07 2016 Paul Wouters - 3.17-1 +- Updated to 3.17 for CVE-2016-3071 +- Disable LIBCAP_NG as it prevents unbound-control from working properly +- Temporarilly disable WERROR due to a few minor known issues + +* Thu Feb 04 2016 Fedora Release Engineering - 3.16-1.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Fri Dec 18 2015 Paul Wouters - 3.16-1 +- Updated to 3.16 (see https://download.libreswan.org/CHANGES) + +* Tue Aug 11 2015 Paul Wouters - 3.15-1 +- Updated to 3.15 (see http://download.libreswan.org/CHANGES) +- Resolves: rhbz#CVE-2015-3240 IKE daemon restart when receiving a bad DH gx +- NSS database creation moved from spec file to service file +- Run CAVS tests on package build +- Added BuildRequire systemd-units and xmlto +- Bumped minimum required nss to 3.16.1 +- Install tmpfiles +- Install sysctl file +- Update doc files to include + +* Mon Jul 13 2015 Paul Wouters - 3.13-2 +- Resolves: rhbz#1238967 Switch libreswan to use python3 + +* Wed Jun 17 2015 Fedora Release Engineering - 3.13-1.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Mon Jun 01 2015 Paul Wouters - 3.13-1 +- Updated to 3.13 for CVE-2015-3204 + +* Fri Nov 07 2014 Paul Wouters - 3.12-1 +- Updated to 3.12 Various IKEv2 fixes + +* Wed Oct 22 2014 Paul Wouters - 3.11-1 +- Updated to 3.11 (many fixes, including startup fixes) +- Resolves: rhbz#1144941 libreswan 3.10 upgrade breaks old ipsec.secrets configs +- Resolves: rhbz#1147072 ikev1 aggr mode connection fails after libreswan upgrade +- Resolves: rhbz#1144831 Libreswan appears to start with systemd before all the NICs are up and running + +* Tue Sep 09 2014 Paul Wouters - 3.10-3 +- Fix some coverity issues, auto=route on bootup and snprintf on 32bit machines + +* Mon Sep 01 2014 Paul Wouters - 3.10-1 +- Updated to 3.10, major bugfix release, new xauth status options + +* Sun Aug 17 2014 Fedora Release Engineering - 3.9-1.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Thu Jul 10 2014 Paul Wouters - 3.9-1 +- Updated to 3.9. IKEv2 enhancements, ESP/IKE algo enhancements +- Mark libreswan-fips.conf as config file +- attr modifier for man pages no longer needed +- BUGS file no longer exists upstream + +* Sat Jun 07 2014 Fedora Release Engineering - 3.8-1.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Sat Jan 18 2014 Paul Wouters - 3.8-1 +- Updated to 3.8, fixes rhbz#CVE-2013-6467 (rhbz#1054102) + +* Wed Dec 11 2013 Paul Wouters - 3.7-1 +- Updated to 3.7, fixes CVE-2013-4564 +- Fixes creating a bogus NSS db on startup (rhbz#1005410) + +* Thu Oct 31 2013 Paul Wouters - 3.6-1 +- Updated to 3.6 (IKEv2, MODECFG, Cisco interop fixes) +- Generate empty NSS db if none exists + +* Mon Aug 19 2013 Paul Wouters - 3.5-3 +- Add a Provides: for openswan-doc + +* Sat Aug 03 2013 Fedora Release Engineering - 3.5-1.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Mon Jul 15 2013 Paul Wouters - 3.5-2 +- Added interop patch for (some?) Cisco VPN clients sending 16 zero + bytes of extraneous IKE data +- Removed fipscheck_version + +* Sat Jul 13 2013 Paul Wouters - 3.5-1 +- Updated to 3.5 + +* Thu Jun 06 2013 Paul Wouters - 3.4-1 +- Updated to 3.4, which only contains style changes to kernel coding style +- IN MEMORIAM: June 3rd, 2013 Hugh Daniel + +* Mon May 13 2013 Paul Wouters - 3.3-1 +- Updated to 3.3, which resolves CVE-2013-2052 + +* Sat Apr 13 2013 Paul Wouters - 3.2-1 +- Initial package for Fedora