From 13a48f231849a4cc3b0362d0fb7d192e6cf530fb Mon Sep 17 00:00:00 2001 From: eabdullin Date: Thu, 21 Sep 2023 19:08:23 +0000 Subject: [PATCH] import CS libguestfs-1.50.1-6.el9 --- .gitignore | 2 +- .libguestfs.metadata | 2 +- ...device_name-returning-the-drive-name.patch | 96 - ...rewrite-with-FileOut-transfer-to-lif.patch | 565 ------ SOURCES/0002-update-common-submodule.patch | 37 + ...elabel-don-t-exclude-selinux-if-it-s.patch | 63 + ...minimize-the-number-of-send_file_wri.patch | 108 -- ...elabel-search-for-invalid-option-in-.patch | 33 + ...-direct-ignore-drive-iface-parameter.patch | 123 -- ...elabel-run-setfiles-with-T-0-if-supp.patch | 78 + ...create_data-drive-remove-field-iface.patch | 245 --- ...pported-remote-drive-protocols-RHBZ.patch} | 25 +- ...e-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch | 82 - ...f-libguestfs-winsupport-features-ex.patch} | 11 +- ...ions-remove-iface-based-restrictions.patch | 74 - SOURCES/0008-Remove-virt-dib.patch | 63 + ...ize-invert-SELinux-relabeling-defaul.patch | 56 - ...ize-reintroduce-selinux-relabel-as-a.patch | 42 - ...b-Choose-q35-machine-type-for-x86-64.patch | 32 + ...d-Remove-bundled-copy-of-ocaml-augea.patch | 1686 +++++++++++++++++ SOURCES/0011-update-common-submodule.patch | 160 ++ ...M-inspection-test-rename-VGs-and-LVs.patch | 97 + ...crypto-policies-back-ends-opensslcnf.patch | 32 - ...ection-test-test-dev-mapper-VG-LV-tr.patch | 46 + ...0013-php-add-arginfo-to-php-bindings.patch | 90 - ...introduce-the-clevis_luks_unlock-API.patch | 252 --- ...ount-enable-networking-for-key-ID-cl.patch | 69 - ...support-to-guestfs_file_architecture.patch | 182 -- .../0017-New-API-inspect_get_build_id.patch | 184 -- ...-correct-osinfo-field-for-Windows-11.patch | 82 - SOURCES/copy-patches.sh | 12 +- SOURCES/libguestfs-1.48.4.tar.gz.sig | 17 - SOURCES/libguestfs-1.50.1.tar.gz.sig | 17 + SPECS/libguestfs.spec | 119 +- 34 files changed, 2388 insertions(+), 2394 deletions(-) delete mode 100644 SOURCES/0001-New-API-guestfs_device_name-returning-the-drive-name.patch delete mode 100644 SOURCES/0002-guestfs_readdir-rewrite-with-FileOut-transfer-to-lif.patch create mode 100644 SOURCES/0002-update-common-submodule.patch create mode 100644 SOURCES/0003-daemon-selinux-relabel-don-t-exclude-selinux-if-it-s.patch delete mode 100644 SOURCES/0003-guestfs_readdir-minimize-the-number-of-send_file_wri.patch create mode 100644 SOURCES/0004-daemon-selinux-relabel-search-for-invalid-option-in-.patch delete mode 100644 SOURCES/0004-lib-launch-direct-ignore-drive-iface-parameter.patch create mode 100644 SOURCES/0005-daemon-selinux-relabel-run-setfiles-with-T-0-if-supp.patch delete mode 100644 SOURCES/0005-lib-drive_create_data-drive-remove-field-iface.patch rename SOURCES/{0010-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch => 0006-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch} (97%) delete mode 100644 SOURCES/0006-lib-rename-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch rename SOURCES/{0011-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch => 0007-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch} (92%) delete mode 100644 SOURCES/0007-tests-regressions-remove-iface-based-restrictions.patch create mode 100644 SOURCES/0008-Remove-virt-dib.patch delete mode 100644 SOURCES/0008-generator-customize-invert-SELinux-relabeling-defaul.patch delete mode 100644 SOURCES/0009-generator-customize-reintroduce-selinux-relabel-as-a.patch create mode 100644 SOURCES/0009-lib-Choose-q35-machine-type-for-x86-64.patch create mode 100644 SOURCES/0010-RHEL-Revert-build-Remove-bundled-copy-of-ocaml-augea.patch create mode 100644 SOURCES/0011-update-common-submodule.patch create mode 100644 SOURCES/0012-LUKS-on-LVM-inspection-test-rename-VGs-and-LVs.patch delete mode 100644 SOURCES/0012-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch create mode 100644 SOURCES/0013-LUKS-on-LVM-inspection-test-test-dev-mapper-VG-LV-tr.patch delete mode 100644 SOURCES/0013-php-add-arginfo-to-php-bindings.patch delete mode 100644 SOURCES/0014-introduce-the-clevis_luks_unlock-API.patch delete mode 100644 SOURCES/0015-guestfish-guestmount-enable-networking-for-key-ID-cl.patch delete mode 100644 SOURCES/0016-daemon-Add-zstd-support-to-guestfs_file_architecture.patch delete mode 100644 SOURCES/0017-New-API-inspect_get_build_id.patch delete mode 100644 SOURCES/0018-lib-Return-correct-osinfo-field-for-Windows-11.patch delete mode 100644 SOURCES/libguestfs-1.48.4.tar.gz.sig create mode 100644 SOURCES/libguestfs-1.50.1.tar.gz.sig diff --git a/.gitignore b/.gitignore index 6a0624f..0710dcd 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ -SOURCES/libguestfs-1.48.4.tar.gz +SOURCES/libguestfs-1.50.1.tar.gz SOURCES/libguestfs.keyring diff --git a/.libguestfs.metadata b/.libguestfs.metadata index e6fbe70..1cfd327 100644 --- a/.libguestfs.metadata +++ b/.libguestfs.metadata @@ -1,2 +1,2 @@ -a8754a62256ac488eec3e18bed20f570f785d069 SOURCES/libguestfs-1.48.4.tar.gz +b2ccc62a61d43917d982bb380709cd283fda465a SOURCES/libguestfs-1.50.1.tar.gz 1bbc40f501a7fef9eef2a39b701a71aee2fea7c4 SOURCES/libguestfs.keyring diff --git a/SOURCES/0001-New-API-guestfs_device_name-returning-the-drive-name.patch b/SOURCES/0001-New-API-guestfs_device_name-returning-the-drive-name.patch deleted file mode 100644 index fe4b696..0000000 --- a/SOURCES/0001-New-API-guestfs_device_name-returning-the-drive-name.patch +++ /dev/null @@ -1,96 +0,0 @@ -From e3ebd50abde3b05db86c8965868c866152cd3287 Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Thu, 28 Apr 2022 13:16:54 +0100 -Subject: [PATCH] New API: guestfs_device_name returning the drive name - -For each drive added, return the name. For example calling this with -index 0 will return the string "/dev/sda". I called it -guestfs_device_name (not drive_name) for consistency with the existing -guestfs_device_index function. - -You don't really need to call this function. You can follow the -advice here: -https://libguestfs.org/guestfs.3.html#block-device-naming -and assume that drives are added with predictable names like -"/dev/sda", "/dev/sdb", etc. - -However it's useful to expose the internal guestfs_int_drive_name -function since especially handling names beyond index 26 is tricky -(https://rwmj.wordpress.com/2011/01/09/how-are-linux-drives-named-beyond-drive-26-devsdz/) - -Fixes: https://github.com/libguestfs/libguestfs/issues/80 -Reviewed-by: Laszlo Ersek -(cherry picked from commit ac00e603f83802634f1d53b1629aee4670eaf31c) ---- - generator/actions_core.ml | 24 +++++++++++++++++++++++- - lib/drives.c | 15 +++++++++++++++ - 2 files changed, 38 insertions(+), 1 deletion(-) - -diff --git a/generator/actions_core.ml b/generator/actions_core.ml -index ce9ee39cc..dc12fdc33 100644 ---- a/generator/actions_core.ml -+++ b/generator/actions_core.ml -@@ -737,7 +737,29 @@ returns the index of the device in the list of devices. - Index numbers start from 0. The named device must exist, - for example as a string returned from C. - --See also C, C." }; -+See also C, C, -+C." }; -+ -+ { defaults with -+ name = "device_name"; added = (1, 49, 1); -+ style = RString (RPlainString, "name"), [Int "index"], []; -+ tests = [ -+ InitEmpty, Always, TestResult ( -+ [["device_name"; "0"]], "STREQ (ret, \"/dev/sda\")"), []; -+ InitEmpty, Always, TestResult ( -+ [["device_name"; "1"]], "STREQ (ret, \"/dev/sdb\")"), []; -+ InitEmpty, Always, TestLastFail ( -+ [["device_name"; "99"]]), [] -+ ]; -+ shortdesc = "convert device index to name"; -+ longdesc = "\ -+This function takes a device index and returns the device -+name. For example index C<0> will return the string C. -+ -+The drive index must have been added to the handle. -+ -+See also C, C, -+C." }; - - { defaults with - name = "shutdown"; added = (1, 19, 16); -diff --git a/lib/drives.c b/lib/drives.c -index fd95308d2..a6179fc36 100644 ---- a/lib/drives.c -+++ b/lib/drives.c -@@ -31,6 +31,7 @@ - #include - #include - #include -+#include - #include - - #include "c-ctype.h" -@@ -1084,3 +1085,17 @@ guestfs_impl_device_index (guestfs_h *g, const char *device) - error (g, _("%s: device not found"), device); - return r; - } -+ -+char * -+guestfs_impl_device_name (guestfs_h *g, int index) -+{ -+ char drive_name[64]; -+ -+ if (index < 0 || index >= g->nr_drives) { -+ guestfs_int_error_errno (g, EINVAL, _("drive index out of range")); -+ return NULL; -+ } -+ -+ guestfs_int_drive_name (index, drive_name); -+ return safe_asprintf (g, "/dev/sd%s", drive_name); -+} --- -2.31.1 - diff --git a/SOURCES/0002-guestfs_readdir-rewrite-with-FileOut-transfer-to-lif.patch b/SOURCES/0002-guestfs_readdir-rewrite-with-FileOut-transfer-to-lif.patch deleted file mode 100644 index 1c7e841..0000000 --- a/SOURCES/0002-guestfs_readdir-rewrite-with-FileOut-transfer-to-lif.patch +++ /dev/null @@ -1,565 +0,0 @@ -From b97b90779d5ea261d5e737f073bb4ec5dc546511 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Mon, 2 May 2022 10:56:00 +0200 -Subject: [PATCH] guestfs_readdir(): rewrite with FileOut transfer, to lift - protocol limit - -Currently the guestfs_readdir() API can not list long directories, due to -it sending back the whole directory listing in a single guestfs protocol -response, which is limited to GUESTFS_MESSAGE_MAX (approx. 4MB) in size. - -Introduce the "internal_readdir" action, for transferring the directory -listing from the daemon to the library through a FileOut parameter. -Rewrite guestfs_readdir() on top of this new internal function: - -- The new "internal_readdir" action is a daemon action. Do not repurpose - the "readdir" proc_nr (138) for "internal_readdir", as some distros ship - the binary appliance to their users, and reusing the proc_nr could - create a mismatch between library & appliance with obscure symptoms. - Replace the old proc_nr (138) with a new proc_nr (511) instead; a - mismatch would then produce a clear error message. Assume the new action - will first be released in libguestfs-1.48.2. - -- Turn "readdir" from a daemon action into a non-daemon one. Call the - daemon action guestfs_internal_readdir() manually, receive the FileOut - parameter into a temp file, then deserialize the dirents array from the - temp file. - -This patch sneakily fixes an independent bug, too. In the pre-patch -do_readdir() function [daemon/readdir.c], when readdir() returns NULL, we -don't distinguish "end of directory stream" from "readdir() failed". This -rewrite fixes this problem -- I didn't see much value separating out the -fix for the original do_readdir(). - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1674392 -Signed-off-by: Laszlo Ersek -Message-Id: <20220502085601.15012-2-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit 45b7f1736b64e9f0741e21e5a9d83a837bd863bf) ---- - TODO | 8 --- - daemon/readdir.c | 132 +++++++++++++++++++------------------- - generator/actions_core.ml | 127 +++++++++++++++++++----------------- - generator/proc_nr.ml | 2 +- - lib/MAX_PROC_NR | 2 +- - lib/Makefile.am | 1 + - lib/readdir.c | 131 +++++++++++++++++++++++++++++++++++++ - 7 files changed, 267 insertions(+), 136 deletions(-) - create mode 100644 lib/readdir.c - -diff --git a/TODO b/TODO -index a50f7d73c..513e55f92 100644 ---- a/TODO -+++ b/TODO -@@ -484,14 +484,6 @@ this approach works, it doesn't solve the MBR problem, so likely we'd - have to write a library for that (or perhaps go back to sfdisk but - using a very abstracted interface over sfdisk). - --Reimplement some APIs to avoid protocol limits ------------------------------------------------ -- --Mostly this item was done (eg. commits a69f44f56f and before). The --most notable API with a protocol limit remaining is: -- -- - guestfs_readdir -- - hivex - ----- - -diff --git a/daemon/readdir.c b/daemon/readdir.c -index e488f93e7..9ab0b0aec 100644 ---- a/daemon/readdir.c -+++ b/daemon/readdir.c -@@ -16,77 +16,67 @@ - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ - --#include -+#include /* HAVE_STRUCT_DIRENT_D_TYPE */ - --#include --#include --#include --#include --#include -+#include /* readdir() */ -+#include /* errno */ -+#include /* xdrmem_create() */ -+#include /* perror() */ -+#include /* malloc() */ -+#include /* opendir() */ - --#include "daemon.h" --#include "actions.h" -+#include "daemon.h" /* reply_with_perror() */ - --static void --free_int_dirent_list (guestfs_int_dirent *p, size_t len) -+/* Has one FileOut parameter. */ -+int -+do_internal_readdir (const char *dir) - { -- size_t i; -+ int ret; -+ DIR *dirstream; -+ void *xdr_buf; -+ XDR xdr; - -- for (i = 0; i < len; ++i) { -- free (p[i].name); -- } -- free (p); --} -- --guestfs_int_dirent_list * --do_readdir (const char *path) --{ -- guestfs_int_dirent_list *ret; -- guestfs_int_dirent v; -- DIR *dir; -- struct dirent *d; -- size_t i; -- -- ret = malloc (sizeof *ret); -- if (ret == NULL) { -- reply_with_perror ("malloc"); -- return NULL; -- } -- -- ret->guestfs_int_dirent_list_len = 0; -- ret->guestfs_int_dirent_list_val = NULL; -+ /* Prepare to fail. */ -+ ret = -1; - - CHROOT_IN; -- dir = opendir (path); -+ dirstream = opendir (dir); - CHROOT_OUT; - -- if (dir == NULL) { -- reply_with_perror ("opendir: %s", path); -- free (ret); -- return NULL; -+ if (dirstream == NULL) { -+ reply_with_perror ("opendir: %s", dir); -+ return ret; - } - -- i = 0; -- while ((d = readdir (dir)) != NULL) { -- guestfs_int_dirent *p; -+ xdr_buf = malloc (GUESTFS_MAX_CHUNK_SIZE); -+ if (xdr_buf == NULL) { -+ reply_with_perror ("malloc"); -+ goto close_dir; -+ } -+ xdrmem_create (&xdr, xdr_buf, GUESTFS_MAX_CHUNK_SIZE, XDR_ENCODE); -+ -+ /* Send an "OK" reply, before starting the file transfer. */ -+ reply (NULL, NULL); -+ -+ /* From this point on, we can only report errors by canceling the file -+ * transfer. -+ */ -+ for (;;) { -+ struct dirent *d; -+ guestfs_int_dirent v; -+ -+ errno = 0; -+ d = readdir (dirstream); -+ if (d == NULL) { -+ if (errno == 0) -+ ret = 0; -+ else -+ perror ("readdir"); - -- p = realloc (ret->guestfs_int_dirent_list_val, -- sizeof (guestfs_int_dirent) * (i+1)); -- v.name = strdup (d->d_name); -- if (!p || !v.name) { -- reply_with_perror ("allocate"); -- if (p) { -- free_int_dirent_list (p, i); -- } else { -- free_int_dirent_list (ret->guestfs_int_dirent_list_val, i); -- } -- free (v.name); -- free (ret); -- closedir (dir); -- return NULL; -+ break; - } -- ret->guestfs_int_dirent_list_val = p; - -+ v.name = d->d_name; - v.ino = d->d_ino; - #ifdef HAVE_STRUCT_DIRENT_D_TYPE - switch (d->d_type) { -@@ -104,19 +94,29 @@ do_readdir (const char *path) - v.ftyp = 'u'; - #endif - -- ret->guestfs_int_dirent_list_val[i] = v; -+ if (!xdr_guestfs_int_dirent (&xdr, &v)) { -+ fprintf (stderr, "xdr_guestfs_int_dirent failed\n"); -+ break; -+ } - -- i++; -+ if (send_file_write (xdr_buf, xdr_getpos (&xdr)) != 0) -+ break; -+ -+ xdr_setpos (&xdr, 0); - } - -- ret->guestfs_int_dirent_list_len = i; -+ /* Finish or cancel the transfer. Note that if (ret == -1) because the library -+ * canceled, we still need to cancel back! -+ */ -+ send_file_end (ret == -1); - -- if (closedir (dir) == -1) { -- reply_with_perror ("closedir"); -- free (ret->guestfs_int_dirent_list_val); -- free (ret); -- return NULL; -- } -+ xdr_destroy (&xdr); -+ free (xdr_buf); -+ -+close_dir: -+ if (closedir (dirstream) == -1) -+ /* Best we can do here is log an error. */ -+ perror ("closedir"); - - return ret; - } -diff --git a/generator/actions_core.ml b/generator/actions_core.ml -index dc12fdc33..807150615 100644 ---- a/generator/actions_core.ml -+++ b/generator/actions_core.ml -@@ -141,6 +141,66 @@ only useful for printing debug and internal error messages. - - For more information on states, see L." }; - -+ { defaults with -+ name = "readdir"; added = (1, 0, 55); -+ style = RStructList ("entries", "dirent"), [String (Pathname, "dir")], []; -+ progress = true; cancellable = true; -+ shortdesc = "read directories entries"; -+ longdesc = "\ -+This returns the list of directory entries in directory C. -+ -+All entries in the directory are returned, including C<.> and -+C<..>. The entries are I sorted, but returned in the same -+order as the underlying filesystem. -+ -+Also this call returns basic file type information about each -+file. The C field will contain one of the following characters: -+ -+=over 4 -+ -+=item 'b' -+ -+Block special -+ -+=item 'c' -+ -+Char special -+ -+=item 'd' -+ -+Directory -+ -+=item 'f' -+ -+FIFO (named pipe) -+ -+=item 'l' -+ -+Symbolic link -+ -+=item 'r' -+ -+Regular file -+ -+=item 's' -+ -+Socket -+ -+=item 'u' -+ -+Unknown file type -+ -+=item '?' -+ -+The L call returned a C field with an -+unexpected value -+ -+=back -+ -+This function is primarily intended for use by programs. To -+get a simple list of names, use C. To get a printable -+directory for human consumption, use C." }; -+ - { defaults with - name = "version"; added = (1, 0, 58); - style = RStruct ("version", "version"), [], []; -@@ -3939,66 +3999,6 @@ L, C, C. - - This call returns the previous umask." }; - -- { defaults with -- name = "readdir"; added = (1, 0, 55); -- style = RStructList ("entries", "dirent"), [String (Pathname, "dir")], []; -- protocol_limit_warning = true; -- shortdesc = "read directories entries"; -- longdesc = "\ --This returns the list of directory entries in directory C. -- --All entries in the directory are returned, including C<.> and --C<..>. The entries are I sorted, but returned in the same --order as the underlying filesystem. -- --Also this call returns basic file type information about each --file. The C field will contain one of the following characters: -- --=over 4 -- --=item 'b' -- --Block special -- --=item 'c' -- --Char special -- --=item 'd' -- --Directory -- --=item 'f' -- --FIFO (named pipe) -- --=item 'l' -- --Symbolic link -- --=item 'r' -- --Regular file -- --=item 's' -- --Socket -- --=item 'u' -- --Unknown file type -- --=item '?' -- --The L call returned a C field with an --unexpected value -- --=back -- --This function is primarily intended for use by programs. To --get a simple list of names, use C. To get a printable --directory for human consumption, use C." }; -- - { defaults with - name = "getxattrs"; added = (1, 0, 59); - style = RStructList ("xattrs", "xattr"), [String (Pathname, "path")], []; -@@ -9713,4 +9713,11 @@ C. The C parameter must be - the name of the mapping device (ie. F) - and I the name of the underlying block device." }; - -+ { defaults with -+ name = "internal_readdir"; added = (1, 48, 2); -+ style = RErr, [String (Pathname, "dir"); String (FileOut, "filename")], []; -+ visibility = VInternal; -+ shortdesc = "read directories entries"; -+ longdesc = "Internal function for readdir." }; -+ - ] -diff --git a/generator/proc_nr.ml b/generator/proc_nr.ml -index b20672ff0..bdced51c9 100644 ---- a/generator/proc_nr.ml -+++ b/generator/proc_nr.ml -@@ -152,7 +152,6 @@ let proc_nr = [ - 135, "mknod_b"; - 136, "mknod_c"; - 137, "umask"; --138, "readdir"; - 139, "sfdiskM"; - 140, "zfile"; - 141, "getxattrs"; -@@ -514,6 +513,7 @@ let proc_nr = [ - 508, "cryptsetup_open"; - 509, "cryptsetup_close"; - 510, "internal_list_rpm_applications"; -+511, "internal_readdir"; - ] - - (* End of list. If adding a new entry, add it at the end of the list -diff --git a/lib/MAX_PROC_NR b/lib/MAX_PROC_NR -index 2bc4cd64b..c0556fb20 100644 ---- a/lib/MAX_PROC_NR -+++ b/lib/MAX_PROC_NR -@@ -1 +1 @@ --510 -+511 -diff --git a/lib/Makefile.am b/lib/Makefile.am -index 144c45588..212bcb94a 100644 ---- a/lib/Makefile.am -+++ b/lib/Makefile.am -@@ -105,6 +105,7 @@ libguestfs_la_SOURCES = \ - private-data.c \ - proto.c \ - qemu.c \ -+ readdir.c \ - rescue.c \ - stringsbuf.c \ - structs-compare.c \ -diff --git a/lib/readdir.c b/lib/readdir.c -new file mode 100644 -index 000000000..9cb0d7cf6 ---- /dev/null -+++ b/lib/readdir.c -@@ -0,0 +1,131 @@ -+/* libguestfs -+ * Copyright (C) 2016-2022 Red Hat Inc. -+ * -+ * This library is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU Lesser General Public -+ * License as published by the Free Software Foundation; either -+ * version 2 of the License, or (at your option) any later version. -+ * -+ * This library is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ * Lesser General Public License for more details. -+ * -+ * You should have received a copy of the GNU Lesser General Public -+ * License along with this library; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -+ */ -+ -+#include /* UNIX_PATH_MAX, needed by "guestfs-internal.h" */ -+ -+#include /* xdrstdio_create() */ -+#include /* UINT32_MAX */ -+#include /* fopen() */ -+#include /* memset() */ -+ -+#include "guestfs.h" /* guestfs_internal_readdir() */ -+#include "guestfs_protocol.h" /* guestfs_int_dirent */ -+#include "guestfs-internal.h" /* guestfs_int_make_temp_path() */ -+#include "guestfs-internal-actions.h" /* guestfs_impl_readdir */ -+ -+struct guestfs_dirent_list * -+guestfs_impl_readdir (guestfs_h *g, const char *dir) -+{ -+ struct guestfs_dirent_list *ret; -+ char *tmpfn; -+ FILE *f; -+ off_t fsize; -+ XDR xdr; -+ struct guestfs_dirent_list *dirents; -+ uint32_t alloc_entries; -+ size_t alloc_bytes; -+ -+ /* Prepare to fail. */ -+ ret = NULL; -+ -+ tmpfn = guestfs_int_make_temp_path (g, "readdir", NULL); -+ if (tmpfn == NULL) -+ return ret; -+ -+ if (guestfs_internal_readdir (g, dir, tmpfn) == -1) -+ goto drop_tmpfile; -+ -+ f = fopen (tmpfn, "r"); -+ if (f == NULL) { -+ perrorf (g, "fopen: %s", tmpfn); -+ goto drop_tmpfile; -+ } -+ -+ if (fseeko (f, 0, SEEK_END) == -1) { -+ perrorf (g, "fseeko"); -+ goto close_tmpfile; -+ } -+ fsize = ftello (f); -+ if (fsize == -1) { -+ perrorf (g, "ftello"); -+ goto close_tmpfile; -+ } -+ if (fseeko (f, 0, SEEK_SET) == -1) { -+ perrorf (g, "fseeko"); -+ goto close_tmpfile; -+ } -+ -+ xdrstdio_create (&xdr, f, XDR_DECODE); -+ -+ dirents = safe_malloc (g, sizeof *dirents); -+ dirents->len = 0; -+ alloc_entries = 8; -+ alloc_bytes = alloc_entries * sizeof *dirents->val; -+ dirents->val = safe_malloc (g, alloc_bytes); -+ -+ while (xdr_getpos (&xdr) < fsize) { -+ guestfs_int_dirent v; -+ struct guestfs_dirent *d; -+ -+ if (dirents->len == alloc_entries) { -+ if (alloc_entries > UINT32_MAX / 2 || alloc_bytes > (size_t)-1 / 2) { -+ error (g, "integer overflow"); -+ goto free_dirents; -+ } -+ alloc_entries *= 2u; -+ alloc_bytes *= 2u; -+ dirents->val = safe_realloc (g, dirents->val, alloc_bytes); -+ } -+ -+ /* Decoding does not work unless the target buffer is zero-initialized. */ -+ memset (&v, 0, sizeof v); -+ if (!xdr_guestfs_int_dirent (&xdr, &v)) { -+ error (g, "xdr_guestfs_int_dirent failed"); -+ goto free_dirents; -+ } -+ -+ d = &dirents->val[dirents->len]; -+ d->ino = v.ino; -+ d->ftyp = v.ftyp; -+ d->name = v.name; /* transfer malloc'd string to "d" */ -+ -+ dirents->len++; -+ } -+ -+ /* Success; transfer "dirents" to "ret". */ -+ ret = dirents; -+ dirents = NULL; -+ -+ /* Clean up. */ -+ xdr_destroy (&xdr); -+ -+free_dirents: -+ guestfs_free_dirent_list (dirents); -+ -+close_tmpfile: -+ fclose (f); -+ -+drop_tmpfile: -+ /* In case guestfs_internal_readdir() failed, it may or may not have created -+ * the temporary file. -+ */ -+ unlink (tmpfn); -+ free (tmpfn); -+ -+ return ret; -+} --- -2.31.1 - diff --git a/SOURCES/0002-update-common-submodule.patch b/SOURCES/0002-update-common-submodule.patch new file mode 100644 index 0000000..6a0e8d1 --- /dev/null +++ b/SOURCES/0002-update-common-submodule.patch @@ -0,0 +1,37 @@ +From 89b6c8b458dcb00de83b543c47a6acb049f63f18 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Tue, 21 Mar 2023 16:55:15 +0100 +Subject: [PATCH] update common submodule + +HATAYAMA Daisuke (1): + progress: fix segmentation fault when TERM variable is "dumb" + +Laszlo Ersek (2): + detect_kernels: tighten "try" scope + detect_kernels: deal with RHEL's kernel-core / kernel-modules-core split + +rwmjones (1): + Merge pull request #5 from d-hatayama/fix_segfault_progress_bar + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2175703 +Signed-off-by: Laszlo Ersek +(cherry picked from commit be11d25b3e2770d86699e94c5087e6625477d5ec) +--- + common | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Submodule common 360e037d..70c10a07: +diff --git a/common/progress/progress.c b/common/progress/progress.c +index 4d52b97e..e4b30663 100644 +--- a/common/progress/progress.c ++++ b/common/progress/progress.c +@@ -318,7 +318,8 @@ progress_bar_set (struct progress_bar *bar, + * (b) it's just not possible to use tputs in a sane way here. + */ + /*tputs (UP, 2, putchar);*/ +- fprintf (fp, "%s", UP); ++ if (UP) ++ fprintf (fp, "%s", UP); + } + bar->count++; + diff --git a/SOURCES/0003-daemon-selinux-relabel-don-t-exclude-selinux-if-it-s.patch b/SOURCES/0003-daemon-selinux-relabel-don-t-exclude-selinux-if-it-s.patch new file mode 100644 index 0000000..dea3fa6 --- /dev/null +++ b/SOURCES/0003-daemon-selinux-relabel-don-t-exclude-selinux-if-it-s.patch @@ -0,0 +1,63 @@ +From e58cd8df467e342463d08e3d761c2e322287b13e Mon Sep 17 00:00:00 2001 +From: Andrey Drobyshev +Date: Wed, 26 Apr 2023 15:59:44 +0300 +Subject: [PATCH] daemon/selinux-relabel: don't exclude "/selinux" if it's + non-existent + +Since RHBZ#726528, filesystem.rpm doesn't include /selinux. setfiles +then gives us the warning: "Can't stat exclude path "/sysroot/selinux", +No such file or directory - ignoring." + +Though the warning is harmless, let's get rid of it by checking the +existence of /selinux directory. + +Signed-off-by: Andrey Drobyshev +Reviewed-by: Laszlo Ersek +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 9ced5fac8c1f0f8ff7ed2b5671c1c7f5f0bfa875) +--- + daemon/selinux-relabel.c | 16 +++++++++++++++- + 1 file changed, 15 insertions(+), 1 deletion(-) + +diff --git a/daemon/selinux-relabel.c b/daemon/selinux-relabel.c +index 976cffe3..454486c1 100644 +--- a/daemon/selinux-relabel.c ++++ b/daemon/selinux-relabel.c +@@ -21,6 +21,7 @@ + #include + #include + #include ++#include + + #include "guestfs_protocol.h" + #include "daemon.h" +@@ -37,6 +38,17 @@ optgroup_selinuxrelabel_available (void) + return prog_exists ("setfiles"); + } + ++static int ++dir_exists (const char *dir) ++{ ++ struct stat statbuf; ++ ++ if (stat (dir, &statbuf) == 0 && S_ISDIR (statbuf.st_mode)) ++ return 1; ++ else ++ return 0; ++} ++ + static int + setfiles_has_option (int *flag, char opt_char) + { +@@ -99,8 +111,10 @@ do_selinux_relabel (const char *specfile, const char *path, + */ + ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_dev); + ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_proc); +- ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_selinux); + ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_sys); ++ if (dir_exists (s_selinux)) { ++ ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_selinux); ++ } + + /* You have to use the -m option (where available) otherwise + * setfiles puts all the mountpoints on the excludes list for no diff --git a/SOURCES/0003-guestfs_readdir-minimize-the-number-of-send_file_wri.patch b/SOURCES/0003-guestfs_readdir-minimize-the-number-of-send_file_wri.patch deleted file mode 100644 index 6e060a5..0000000 --- a/SOURCES/0003-guestfs_readdir-minimize-the-number-of-send_file_wri.patch +++ /dev/null @@ -1,108 +0,0 @@ -From 62cd6c9d2dd62dd24cc04b16437bfb816a6f4357 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Mon, 2 May 2022 10:56:01 +0200 -Subject: [PATCH] guestfs_readdir(): minimize the number of send_file_write() - calls - -In guestfs_readdir(), the daemon currently sends each XDR-encoded -"guestfs_int_dirent" to the library with a separate send_file_write() -call. - -Determine the largest encoded size (from the longest filename that a -"guestfs_int_dirent" could carry, from readdir()'s "struct dirent"), and -batch up the XDR encodings until the next encoding might not fit in -GUESTFS_MAX_CHUNK_SIZE. Call send_file_write() only then. - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1674392 -Signed-off-by: Laszlo Ersek -Message-Id: <20220502085601.15012-3-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit 4864d21cb8eb991f0fc98d03a068173837cba50e) ---- - daemon/readdir.c | 38 ++++++++++++++++++++++++++++++++------ - 1 file changed, 32 insertions(+), 6 deletions(-) - -diff --git a/daemon/readdir.c b/daemon/readdir.c -index 9ab0b0aec..3084ba939 100644 ---- a/daemon/readdir.c -+++ b/daemon/readdir.c -@@ -35,6 +35,9 @@ do_internal_readdir (const char *dir) - DIR *dirstream; - void *xdr_buf; - XDR xdr; -+ struct dirent fill; -+ guestfs_int_dirent v; -+ unsigned max_encoded; - - /* Prepare to fail. */ - ret = -1; -@@ -55,6 +58,20 @@ do_internal_readdir (const char *dir) - } - xdrmem_create (&xdr, xdr_buf, GUESTFS_MAX_CHUNK_SIZE, XDR_ENCODE); - -+ /* Calculate the max number of bytes a "guestfs_int_dirent" can be encoded to. -+ */ -+ memset (fill.d_name, 'a', sizeof fill.d_name - 1); -+ fill.d_name[sizeof fill.d_name - 1] = '\0'; -+ v.ino = INT64_MAX; -+ v.ftyp = '?'; -+ v.name = fill.d_name; -+ if (!xdr_guestfs_int_dirent (&xdr, &v)) { -+ fprintf (stderr, "xdr_guestfs_int_dirent failed\n"); -+ goto release_xdr; -+ } -+ max_encoded = xdr_getpos (&xdr); -+ xdr_setpos (&xdr, 0); -+ - /* Send an "OK" reply, before starting the file transfer. */ - reply (NULL, NULL); - -@@ -63,7 +80,6 @@ do_internal_readdir (const char *dir) - */ - for (;;) { - struct dirent *d; -- guestfs_int_dirent v; - - errno = 0; - d = readdir (dirstream); -@@ -94,22 +110,32 @@ do_internal_readdir (const char *dir) - v.ftyp = 'u'; - #endif - -+ /* Flush "xdr_buf" if we may not have enough room for encoding "v". */ -+ if (GUESTFS_MAX_CHUNK_SIZE - xdr_getpos (&xdr) < max_encoded) { -+ if (send_file_write (xdr_buf, xdr_getpos (&xdr)) != 0) -+ break; -+ -+ xdr_setpos (&xdr, 0); -+ } -+ - if (!xdr_guestfs_int_dirent (&xdr, &v)) { - fprintf (stderr, "xdr_guestfs_int_dirent failed\n"); - break; - } -- -- if (send_file_write (xdr_buf, xdr_getpos (&xdr)) != 0) -- break; -- -- xdr_setpos (&xdr, 0); - } - -+ /* Flush "xdr_buf" if the loop completed successfully and "xdr_buf" is not -+ * empty. */ -+ if (ret == 0 && xdr_getpos (&xdr) > 0 && -+ send_file_write (xdr_buf, xdr_getpos (&xdr)) != 0) -+ ret = -1; -+ - /* Finish or cancel the transfer. Note that if (ret == -1) because the library - * canceled, we still need to cancel back! - */ - send_file_end (ret == -1); - -+release_xdr: - xdr_destroy (&xdr); - free (xdr_buf); - --- -2.31.1 - diff --git a/SOURCES/0004-daemon-selinux-relabel-search-for-invalid-option-in-.patch b/SOURCES/0004-daemon-selinux-relabel-search-for-invalid-option-in-.patch new file mode 100644 index 0000000..569cd02 --- /dev/null +++ b/SOURCES/0004-daemon-selinux-relabel-search-for-invalid-option-in-.patch @@ -0,0 +1,33 @@ +From c1829048c598e11950c9d355fdd5c177a99e046f Mon Sep 17 00:00:00 2001 +From: Andrey Drobyshev +Date: Wed, 26 Apr 2023 15:59:45 +0300 +Subject: [PATCH] daemon/selinux-relabel: search for "invalid option" in + setfiles output + +'X' in the setiles' stderr doesn't necessarily mean that option 'X' +doesn't exist. For instance, when passing '-T' we get: "setfiles: +option requires an argument -- 'T'". + +Signed-off-by: Andrey Drobyshev +Reviewed-by: Laszlo Ersek +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 152d6e4bdf2dac88856a4ff83cf73451f897d4d4) +--- + daemon/selinux-relabel.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/daemon/selinux-relabel.c b/daemon/selinux-relabel.c +index 454486c1..60a6f48a 100644 +--- a/daemon/selinux-relabel.c ++++ b/daemon/selinux-relabel.c +@@ -56,8 +56,9 @@ setfiles_has_option (int *flag, char opt_char) + + if (*flag == -1) { + char option[] = { '-', opt_char, '\0' }; /* "-X" */ +- char err_opt[] = { '\'', opt_char, '\'', '\0'}; /* "'X'" */ ++ char err_opt[32]; /* "invalid option -- 'X'" */ + ++ snprintf(err_opt, sizeof(err_opt), "invalid option -- '%c'", opt_char); + ignore_value (command (NULL, &err, "setfiles", option, NULL)); + *flag = err && strstr (err, /* "invalid option -- " */ err_opt) == NULL; + } diff --git a/SOURCES/0004-lib-launch-direct-ignore-drive-iface-parameter.patch b/SOURCES/0004-lib-launch-direct-ignore-drive-iface-parameter.patch deleted file mode 100644 index 958b99f..0000000 --- a/SOURCES/0004-lib-launch-direct-ignore-drive-iface-parameter.patch +++ /dev/null @@ -1,123 +0,0 @@ -From e4901a4e83f0ab59a525095d2fe1c7f1a38c0aac Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Wed, 4 May 2022 15:41:52 +0200 -Subject: [PATCH] lib: launch-direct: ignore drive "iface" parameter - -Rich said in : - -> The libvirt backend has never allowed the iface parameter. We should -> probably ignore it in the direct backend since it's never been possible -> to use this parameter correctly. - -Remove the handling of "iface" in the direct (QEMU) backend. Refresh the -documentation regarding both backends. - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1844341 -Signed-off-by: Laszlo Ersek -Message-Id: <20220504134155.11832-2-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit 3eb830dbaee12c8dc4566cab226ed2af0e0f2d8c) ---- - generator/actions_core_deprecated.ml | 8 +++- - lib/launch-direct.c | 59 ++++++---------------------- - 2 files changed, 19 insertions(+), 48 deletions(-) - -diff --git a/generator/actions_core_deprecated.ml b/generator/actions_core_deprecated.ml -index 00dde3d2a..f1040a0e9 100644 ---- a/generator/actions_core_deprecated.ml -+++ b/generator/actions_core_deprecated.ml -@@ -73,7 +73,9 @@ of C." }; - shortdesc = "add a drive specifying the QEMU block emulation to use"; - longdesc = "\ - This is the same as C but it allows you --to specify the QEMU interface emulation to use at run time." }; -+to specify the QEMU interface emulation to use at run time. -+The libvirt backend rejects a non-empty C argument. -+The direct backend ignores C." }; - - { defaults with - name = "add_drive_ro_with_if"; added = (1, 0, 84); -@@ -83,7 +85,9 @@ to specify the QEMU interface emulation to use at run time." }; - shortdesc = "add a drive read-only specifying the QEMU block emulation to use"; - longdesc = "\ - This is the same as C but it allows you --to specify the QEMU interface emulation to use at run time." }; -+to specify the QEMU interface emulation to use at run time. -+The libvirt backend rejects a non-empty C argument. -+The direct backend ignores C." }; - - { defaults with - name = "lstatlist"; added = (1, 0, 77); -diff --git a/lib/launch-direct.c b/lib/launch-direct.c -index b292b9c26..ff0eaeb62 100644 ---- a/lib/launch-direct.c -+++ b/lib/launch-direct.c -@@ -296,52 +296,19 @@ static int - add_drive (guestfs_h *g, struct backend_direct_data *data, - struct qemuopts *qopts, size_t i, struct drive *drv) - { -- /* If there's an explicit 'iface', use it. Otherwise default to -- * virtio-scsi. -- */ -- if (drv->iface && STREQ (drv->iface, "virtio")) { /* virtio-blk */ -- start_list ("-drive") { -- if (add_drive_standard_params (g, data, qopts, i, drv) == -1) -- return -1; -- append_list ("if=none"); -- } end_list (); -- start_list ("-device") { -- append_list (VIRTIO_DEVICE_NAME ("virtio-blk")); -- append_list_format ("drive=hd%zu", i); -- if (drv->disk_label) -- append_list_format ("serial=%s", drv->disk_label); -- if (add_device_blocksize_params (g, qopts, drv) == -1) -- return -1; -- } end_list (); -- } --#if defined(__arm__) || defined(__aarch64__) || defined(__powerpc__) -- else if (drv->iface && STREQ (drv->iface, "ide")) { -- error (g, "'ide' interface does not work on ARM or PowerPC"); -- return -1; -- } --#endif -- else if (drv->iface) { -- start_list ("-drive") { -- if (add_drive_standard_params (g, data, qopts, i, drv) == -1) -- return -1; -- append_list_format ("if=%s", drv->iface); -- } end_list (); -- } -- else /* default case: virtio-scsi */ { -- start_list ("-drive") { -- if (add_drive_standard_params (g, data, qopts, i, drv) == -1) -- return -1; -- append_list ("if=none"); -- } end_list (); -- start_list ("-device") { -- append_list ("scsi-hd"); -- append_list_format ("drive=hd%zu", i); -- if (drv->disk_label) -- append_list_format ("serial=%s", drv->disk_label); -- if (add_device_blocksize_params (g, qopts, drv) == -1) -- return -1; -- } end_list (); -- } -+ start_list ("-drive") { -+ if (add_drive_standard_params (g, data, qopts, i, drv) == -1) -+ return -1; -+ append_list ("if=none"); -+ } end_list (); -+ start_list ("-device") { -+ append_list ("scsi-hd"); -+ append_list_format ("drive=hd%zu", i); -+ if (drv->disk_label) -+ append_list_format ("serial=%s", drv->disk_label); -+ if (add_device_blocksize_params (g, qopts, drv) == -1) -+ return -1; -+ } end_list (); - - return 0; - --- -2.31.1 - diff --git a/SOURCES/0005-daemon-selinux-relabel-run-setfiles-with-T-0-if-supp.patch b/SOURCES/0005-daemon-selinux-relabel-run-setfiles-with-T-0-if-supp.patch new file mode 100644 index 0000000..b5bb385 --- /dev/null +++ b/SOURCES/0005-daemon-selinux-relabel-run-setfiles-with-T-0-if-supp.patch @@ -0,0 +1,78 @@ +From 3046af080baad9935627ebb671950448cfd0fa7b Mon Sep 17 00:00:00 2001 +From: Andrey Drobyshev +Date: Wed, 26 Apr 2023 15:59:46 +0300 +Subject: [PATCH] daemon/selinux-relabel: run setfiles with "-T 0", if + supported + +Since SELinux userspace v3.4 [1], setfiles command supports "-T nthreads" +option, which allows parallel execution. "-T 0" allows using as many +threads as there're available CPU cores. This might speed up the process +of filesystem relabeling in case the appliance is being run with multiple +vCPUs. The latter is true for at least v2v starting from d2b64ecc67 +("v2v: Set the number of vCPUs to same as host number of pCPUs."). + +For instance, when running virt-v2v-in-place on my 12-core Xeon host +with SSD, with appliance being run with 8 vCPUs (the upper limit specified +in d2b64ecc67), and on the ~150GiB disk VM (physical size on the host), +I get the following results: + +./in-place/virt-v2v-in-place -i libvirt fedora37-vm -v -x + +Without this patch: +... +commandrvf: setfiles -F -e /sysroot/dev -e /sysroot/proc -e /sysroot/sys -m -C -r /sysroot -v /sysroot/etc/selinux/targeted/contexts/files/file_contexts /sysroot/^M +libguestfs: trace: v2v: selinux_relabel = 0 +libguestfs: trace: v2v: rm_f "/.autorelabel" +guestfsd: => selinux_relabel (0x1d3) took 17.94 secs +... + +With this patch: +... +commandrvf: setfiles -F -e /sysroot/dev -e /sysroot/proc -e /sysroot/sys -m -C -T 0 -r /sysroot -v /sysroot/etc/selinux/targeted/contexts/files/file_contexts /sysroot/^M +libguestfs: trace: v2v: selinux_relabel = 0 +libguestfs: trace: v2v: rm_f "/.autorelabel" +guestfsd: => selinux_relabel (0x1d3) took 5.88 secs +... + +So in my scenario it's getting 3 times faster. + +[1] https://github.com/SELinuxProject/selinux/releases/tag/3.4 + +Signed-off-by: Andrey Drobyshev +Reviewed-by: Laszlo Ersek +Reviewed-by: Richard W.M. Jones +(cherry picked from commit d0d8e6738477148a7b752348f9364a3b8faed67f) +--- + daemon/selinux-relabel.c | 12 ++++++++++++ + 1 file changed, 12 insertions(+) + +diff --git a/daemon/selinux-relabel.c b/daemon/selinux-relabel.c +index 60a6f48a..cfc5a31d 100644 +--- a/daemon/selinux-relabel.c ++++ b/daemon/selinux-relabel.c +@@ -73,6 +73,7 @@ do_selinux_relabel (const char *specfile, const char *path, + { + static int flag_m = -1; + static int flag_C = -1; ++ static int flag_T = -1; + const char *argv[MAX_ARGS]; + CLEANUP_FREE char *s_dev = NULL, *s_proc = NULL, *s_selinux = NULL, + *s_sys = NULL, *s_specfile = NULL, *s_path = NULL; +@@ -131,6 +132,17 @@ do_selinux_relabel (const char *specfile, const char *path, + if (setfiles_has_option (&flag_C, 'C')) + ADD_ARG (argv, i, "-C"); + ++ /* If the appliance is being run with multiple vCPUs, running setfiles ++ * in multithreading mode might speeds up the process. Option "-T" was ++ * introduced in SELinux userspace v3.4, and we need to check whether it's ++ * supported. Passing "-T 0" creates as many threads as there're available ++ * vCPU cores. ++ * https://github.com/SELinuxProject/selinux/releases/tag/3.4 ++ */ ++ if (setfiles_has_option (&flag_T, 'T')) { ++ ADD_ARG (argv, i, "-T"); ADD_ARG (argv, i, "0"); ++ } ++ + /* Relabelling in a chroot. */ + if (STRNEQ (sysroot, "/")) { + ADD_ARG (argv, i, "-r"); diff --git a/SOURCES/0005-lib-drive_create_data-drive-remove-field-iface.patch b/SOURCES/0005-lib-drive_create_data-drive-remove-field-iface.patch deleted file mode 100644 index 3f01445..0000000 --- a/SOURCES/0005-lib-drive_create_data-drive-remove-field-iface.patch +++ /dev/null @@ -1,245 +0,0 @@ -From f13297315495144775f6249e9e24dc5f18f6f902 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Wed, 4 May 2022 15:41:53 +0200 -Subject: [PATCH] lib: drive_create_data, drive: remove field "iface" - -Representing "iface" in the "drive_create_data" and "drive" structures is -now useless; the direct backend ignores "iface", while the libvirt one -rejects it unless it is empty. Unify both backends -- make them both -ignore "iface". (Which only relaxes the libvirt backend, so it cannot -cause compatibility problems.) This lets us remove the fields. Update the -documentation as well. - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1844341 -Signed-off-by: Laszlo Ersek -Message-Id: <20220504134155.11832-3-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit f68eaee1d6c41f91e7dfd2aa9e7d238cca7b8a4c) ---- - generator/actions_core_deprecated.ml | 6 ++---- - lib/drives.c | 31 +++++----------------------- - lib/guestfs-internal.h | 1 - - lib/launch-libvirt.c | 6 ------ - lib/libvirt-domain.c | 15 -------------- - 5 files changed, 7 insertions(+), 52 deletions(-) - -diff --git a/generator/actions_core_deprecated.ml b/generator/actions_core_deprecated.ml -index f1040a0e9..c23f4a330 100644 ---- a/generator/actions_core_deprecated.ml -+++ b/generator/actions_core_deprecated.ml -@@ -74,8 +74,7 @@ of C." }; - longdesc = "\ - This is the same as C but it allows you - to specify the QEMU interface emulation to use at run time. --The libvirt backend rejects a non-empty C argument. --The direct backend ignores C." }; -+Both the direct and the libvirt backends ignore C." }; - - { defaults with - name = "add_drive_ro_with_if"; added = (1, 0, 84); -@@ -86,8 +85,7 @@ The direct backend ignores C." }; - longdesc = "\ - This is the same as C but it allows you - to specify the QEMU interface emulation to use at run time. --The libvirt backend rejects a non-empty C argument. --The direct backend ignores C." }; -+Both the direct and the libvirt backends ignore C." }; - - { defaults with - name = "lstatlist"; added = (1, 0, 77); -diff --git a/lib/drives.c b/lib/drives.c -index a6179fc36..8fe46a41c 100644 ---- a/lib/drives.c -+++ b/lib/drives.c -@@ -53,7 +53,6 @@ struct drive_create_data { - const char *secret; - bool readonly; - const char *format; -- const char *iface; - const char *name; - const char *disk_label; - const char *cachemode; -@@ -110,7 +109,6 @@ create_drive_file (guestfs_h *g, - drv->src.format = data->format ? safe_strdup (g, data->format) : NULL; - - drv->readonly = data->readonly; -- drv->iface = data->iface ? safe_strdup (g, data->iface) : NULL; - drv->name = data->name ? safe_strdup (g, data->name) : NULL; - drv->disk_label = data->disk_label ? safe_strdup (g, data->disk_label) : NULL; - drv->cachemode = data->cachemode ? safe_strdup (g, data->cachemode) : NULL; -@@ -147,7 +145,6 @@ create_drive_non_file (guestfs_h *g, - drv->src.format = data->format ? safe_strdup (g, data->format) : NULL; - - drv->readonly = data->readonly; -- drv->iface = data->iface ? safe_strdup (g, data->iface) : NULL; - drv->name = data->name ? safe_strdup (g, data->name) : NULL; - drv->disk_label = data->disk_label ? safe_strdup (g, data->disk_label) : NULL; - drv->cachemode = data->cachemode ? safe_strdup (g, data->cachemode) : NULL; -@@ -470,7 +467,6 @@ free_drive_struct (struct drive *drv) - { - free_drive_source (&drv->src); - free (drv->overlay); -- free (drv->iface); - free (drv->name); - free (drv->disk_label); - free (drv->cachemode); -@@ -511,14 +507,12 @@ drive_to_string (guestfs_h *g, const struct drive *drv) - s_blocksize = safe_asprintf (g, "%d", drv->blocksize); - - return safe_asprintf -- (g, "%s%s%s%s protocol=%s%s%s%s%s%s%s%s%s%s%s%s%s", -+ (g, "%s%s%s%s protocol=%s%s%s%s%s%s%s%s%s%s%s", - drv->src.u.path, - drv->readonly ? " readonly" : "", - drv->src.format ? " format=" : "", - drv->src.format ? : "", - guestfs_int_drive_protocol_to_string (drv->src.protocol), -- drv->iface ? " iface=" : "", -- drv->iface ? : "", - drv->name ? " name=" : "", - drv->name ? : "", - drv->disk_label ? " label=" : "", -@@ -747,8 +741,6 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, - ? optargs->readonly : false; - data.format = optargs->bitmask & GUESTFS_ADD_DRIVE_OPTS_FORMAT_BITMASK - ? optargs->format : NULL; -- data.iface = optargs->bitmask & GUESTFS_ADD_DRIVE_OPTS_IFACE_BITMASK -- ? optargs->iface : NULL; - data.name = optargs->bitmask & GUESTFS_ADD_DRIVE_OPTS_NAME_BITMASK - ? optargs->name : NULL; - data.disk_label = optargs->bitmask & GUESTFS_ADD_DRIVE_OPTS_LABEL_BITMASK -@@ -804,12 +796,6 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, - free_drive_servers (data.servers, data.nr_servers); - return -1; - } -- if (data.iface && !VALID_FORMAT_IFACE (data.iface)) { -- error (g, _("%s parameter is empty or contains disallowed characters"), -- "iface"); -- free_drive_servers (data.servers, data.nr_servers); -- return -1; -- } - if (data.disk_label && !VALID_DISK_LABEL (data.disk_label)) { - error (g, _("label parameter is empty, too long, or contains disallowed characters")); - free_drive_servers (data.servers, data.nr_servers); -@@ -935,24 +921,17 @@ guestfs_impl_add_drive_ro (guestfs_h *g, const char *filename) - - int - guestfs_impl_add_drive_with_if (guestfs_h *g, const char *filename, -- const char *iface) -+ const char *iface ATTRIBUTE_UNUSED) - { -- const struct guestfs_add_drive_opts_argv optargs = { -- .bitmask = GUESTFS_ADD_DRIVE_OPTS_IFACE_BITMASK, -- .iface = iface, -- }; -- -- return guestfs_add_drive_opts_argv (g, filename, &optargs); -+ return guestfs_add_drive_opts_argv (g, filename, NULL); - } - - int - guestfs_impl_add_drive_ro_with_if (guestfs_h *g, const char *filename, -- const char *iface) -+ const char *iface ATTRIBUTE_UNUSED) - { - const struct guestfs_add_drive_opts_argv optargs = { -- .bitmask = GUESTFS_ADD_DRIVE_OPTS_IFACE_BITMASK -- | GUESTFS_ADD_DRIVE_OPTS_READONLY_BITMASK, -- .iface = iface, -+ .bitmask = GUESTFS_ADD_DRIVE_OPTS_READONLY_BITMASK, - .readonly = true, - }; - -diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h -index 5bb00bc10..16755cfb3 100644 ---- a/lib/guestfs-internal.h -+++ b/lib/guestfs-internal.h -@@ -298,7 +298,6 @@ struct drive { - - /* Various per-drive flags. */ - bool readonly; -- char *iface; - char *name; - char *disk_label; - char *cachemode; -diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c -index de342b425..03d69e027 100644 ---- a/lib/launch-libvirt.c -+++ b/lib/launch-libvirt.c -@@ -1472,12 +1472,6 @@ construct_libvirt_xml_disk (guestfs_h *g, - const char *type, *uuid; - int r; - -- /* XXX We probably could support this if we thought about it some more. */ -- if (drv->iface) { -- error (g, _("‘iface’ parameter is not supported by the libvirt backend")); -- return -1; -- } -- - start_element ("disk") { - attribute ("device", "disk"); - -diff --git a/lib/libvirt-domain.c b/lib/libvirt-domain.c -index 3050680fa..fafbf50ea 100644 ---- a/lib/libvirt-domain.c -+++ b/lib/libvirt-domain.c -@@ -68,7 +68,6 @@ guestfs_impl_add_domain (guestfs_h *g, const char *domain_name, - int live; - int allowuuid; - const char *readonlydisk; -- const char *iface; - const char *cachemode; - const char *discard; - bool copyonread; -@@ -78,8 +77,6 @@ guestfs_impl_add_domain (guestfs_h *g, const char *domain_name, - ? optargs->libvirturi : NULL; - readonly = optargs->bitmask & GUESTFS_ADD_DOMAIN_READONLY_BITMASK - ? optargs->readonly : 0; -- iface = optargs->bitmask & GUESTFS_ADD_DOMAIN_IFACE_BITMASK -- ? optargs->iface : NULL; - live = optargs->bitmask & GUESTFS_ADD_DOMAIN_LIVE_BITMASK - ? optargs->live : 0; - allowuuid = optargs->bitmask & GUESTFS_ADD_DOMAIN_ALLOWUUID_BITMASK -@@ -136,10 +133,6 @@ guestfs_impl_add_domain (guestfs_h *g, const char *domain_name, - optargs2.bitmask |= GUESTFS_ADD_LIBVIRT_DOM_READONLY_BITMASK; - optargs2.readonly = readonly; - } -- if (iface) { -- optargs2.bitmask |= GUESTFS_ADD_LIBVIRT_DOM_IFACE_BITMASK; -- optargs2.iface = iface; -- } - if (live) { - error (g, _("libguestfs live support was removed in libguestfs 1.48")); - goto cleanup; -@@ -193,7 +186,6 @@ guestfs_impl_add_libvirt_dom (guestfs_h *g, void *domvp, - virDomainPtr dom = domvp; - ssize_t r; - int readonly; -- const char *iface; - const char *cachemode; - const char *discard; - bool copyonread; -@@ -208,9 +200,6 @@ guestfs_impl_add_libvirt_dom (guestfs_h *g, void *domvp, - readonly = - optargs->bitmask & GUESTFS_ADD_LIBVIRT_DOM_READONLY_BITMASK - ? optargs->readonly : 0; -- iface = -- optargs->bitmask & GUESTFS_ADD_LIBVIRT_DOM_IFACE_BITMASK -- ? optargs->iface : NULL; - live = - optargs->bitmask & GUESTFS_ADD_LIBVIRT_DOM_LIVE_BITMASK - ? optargs->live : 0; -@@ -289,10 +278,6 @@ guestfs_impl_add_libvirt_dom (guestfs_h *g, void *domvp, - data.optargs.bitmask = 0; - data.readonly = readonly; - data.readonlydisk = readonlydisk; -- if (iface) { -- data.optargs.bitmask |= GUESTFS_ADD_DRIVE_OPTS_IFACE_BITMASK; -- data.optargs.iface = iface; -- } - if (cachemode) { - data.optargs.bitmask |= GUESTFS_ADD_DRIVE_OPTS_CACHEMODE_BITMASK; - data.optargs.cachemode = cachemode; --- -2.31.1 - diff --git a/SOURCES/0010-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch b/SOURCES/0006-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch similarity index 97% rename from SOURCES/0010-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch rename to SOURCES/0006-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch index e558c88..d580b3c 100644 --- a/SOURCES/0010-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch +++ b/SOURCES/0006-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch @@ -1,4 +1,4 @@ -From 010cd5ff441166c01125fc588398a1fb8367a852 Mon Sep 17 00:00:00 2001 +From ab7e68dbeefe464734bd63a862a36f612f76d396 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Mon, 29 Jul 2013 14:47:56 +0100 Subject: [PATCH] RHEL: Disable unsupported remote drive protocols @@ -31,7 +31,7 @@ We hope to gradually add some of these back over the lifetime of RHEL. 8 files changed, 16 insertions(+), 348 deletions(-) diff --git a/docs/guestfs-testing.pod b/docs/guestfs-testing.pod -index f558964bf..8f264ed17 100644 +index 47f381a7..c7b44928 100644 --- a/docs/guestfs-testing.pod +++ b/docs/guestfs-testing.pod @@ -109,26 +109,6 @@ image. To exit, type C. @@ -62,7 +62,7 @@ index f558964bf..8f264ed17 100644 Run L on guests or disk images: diff --git a/fish/guestfish.pod b/fish/guestfish.pod -index ae2445571..46cba64ff 100644 +index ccc0825b..d36cac9d 100644 --- a/fish/guestfish.pod +++ b/fish/guestfish.pod @@ -131,9 +131,9 @@ To list what is available do: @@ -171,7 +171,7 @@ index ae2445571..46cba64ff 100644 In this case, the password is C. diff --git a/fish/test-add-uri.sh b/fish/test-add-uri.sh -index 21d424984..ddabeb639 100755 +index 21d42498..ddabeb63 100755 --- a/fish/test-add-uri.sh +++ b/fish/test-add-uri.sh @@ -40,14 +40,6 @@ function fail () @@ -220,7 +220,7 @@ index 21d424984..ddabeb639 100755 rm test-add-uri.out rm test-add-uri.img diff --git a/generator/actions_core.ml b/generator/actions_core.ml -index 807150615..6cd42a290 100644 +index c8d9949b..26c576c7 100644 --- a/generator/actions_core.ml +++ b/generator/actions_core.ml @@ -350,29 +350,6 @@ F is interpreted as a local file or device. @@ -305,7 +305,7 @@ index 807150615..6cd42a290 100644 example if using the libvirt backend and if the libvirt backend is configured to start the qemu appliance as a special user such as C. If in doubt, diff --git a/lib/drives.c b/lib/drives.c -index c5a208468..efb289254 100644 +index c5a20846..efb28925 100644 --- a/lib/drives.c +++ b/lib/drives.c @@ -166,6 +166,7 @@ create_drive_non_file (guestfs_h *g, @@ -373,10 +373,10 @@ index c5a208468..efb289254 100644 error (g, _("unknown protocol ‘%s’"), protocol); drv = NULL; /*FALLTHROUGH*/ diff --git a/lib/guestfs.pod b/lib/guestfs.pod -index 1ad44e7c2..946ce2d36 100644 +index c6c8cb16..866a4638 100644 --- a/lib/guestfs.pod +++ b/lib/guestfs.pod -@@ -712,70 +712,6 @@ a qcow2 backing file specification, libvirt does not construct an +@@ -723,70 +723,6 @@ a qcow2 backing file specification, libvirt does not construct an ephemeral secret object from those, for Ceph authentication. Refer to L. @@ -447,7 +447,7 @@ index 1ad44e7c2..946ce2d36 100644 =head3 NETWORK BLOCK DEVICE Libguestfs can access Network Block Device (NBD) disks remotely. -@@ -838,42 +774,6 @@ L +@@ -849,42 +785,6 @@ L =back @@ -491,7 +491,7 @@ index 1ad44e7c2..946ce2d36 100644 Libguestfs has APIs for inspecting an unknown disk image to find out diff --git a/tests/disks/test-qemu-drive-libvirt.sh b/tests/disks/test-qemu-drive-libvirt.sh -index 595a95a5e..b49534c94 100755 +index d86a1ecd..cf7d2a0c 100755 --- a/tests/disks/test-qemu-drive-libvirt.sh +++ b/tests/disks/test-qemu-drive-libvirt.sh @@ -65,34 +65,6 @@ check_output @@ -530,7 +530,7 @@ index 595a95a5e..b49534c94 100755 $guestfish -d pool1 run ||: diff --git a/tests/disks/test-qemu-drive.sh b/tests/disks/test-qemu-drive.sh -index 12937fb30..b3e4f9903 100755 +index 12937fb3..b3e4f990 100755 --- a/tests/disks/test-qemu-drive.sh +++ b/tests/disks/test-qemu-drive.sh @@ -62,45 +62,6 @@ check_output @@ -604,6 +604,3 @@ index 12937fb30..b3e4f9903 100755 -check_output -grep -sq -- '-drive file=ssh://rich@example.com/disk.img,' "$DEBUG_QEMU_FILE" || fail -rm "$DEBUG_QEMU_FILE" --- -2.31.1 - diff --git a/SOURCES/0006-lib-rename-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch b/SOURCES/0006-lib-rename-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch deleted file mode 100644 index 9386a58..0000000 --- a/SOURCES/0006-lib-rename-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch +++ /dev/null @@ -1,82 +0,0 @@ -From f408b24d8d8f5b5f4e1a25c1046c3a18107c8d80 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Wed, 4 May 2022 15:41:54 +0200 -Subject: [PATCH] lib: rename VALID_FORMAT_IFACE to VALID_FORMAT - -We no longer use VALID_FORMAT_IFACE for validating "iface"; rename the -macro to reflect that we only check "format" with it. - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1844341 -Signed-off-by: Laszlo Ersek -Message-Id: <20220504134155.11832-4-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit c8e3caf9e6000ea2f5cfbe30ffe1240317bb4578) ---- - lib/drives.c | 4 ++-- - lib/unit-tests.c | 16 ++++++++-------- - 2 files changed, 10 insertions(+), 10 deletions(-) - -diff --git a/lib/drives.c b/lib/drives.c -index 8fe46a41c..c5a208468 100644 ---- a/lib/drives.c -+++ b/lib/drives.c -@@ -593,7 +593,7 @@ guestfs_int_free_drives (guestfs_h *g) - * Check string parameter matches regular expression - * C<^[-_[:alnum:]]+$> (in C locale). - */ --#define VALID_FORMAT_IFACE(str) \ -+#define VALID_FORMAT(str) \ - guestfs_int_string_is_valid ((str), 1, 0, \ - VALID_FLAG_ALPHA|VALID_FLAG_DIGIT, "-_") - -@@ -790,7 +790,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, - return -1; - } - -- if (data.format && !VALID_FORMAT_IFACE (data.format)) { -+ if (data.format && !VALID_FORMAT (data.format)) { - error (g, _("%s parameter is empty or contains disallowed characters"), - "format"); - free_drive_servers (data.servers, data.nr_servers); -diff --git a/lib/unit-tests.c b/lib/unit-tests.c -index 62457ccba..0e550cb98 100644 ---- a/lib/unit-tests.c -+++ b/lib/unit-tests.c -@@ -434,7 +434,7 @@ test_stringsbuf (void) - } - - /* Use the same macros as in lib/drives.c */ --#define VALID_FORMAT_IFACE(str) \ -+#define VALID_FORMAT(str) \ - guestfs_int_string_is_valid ((str), 1, 0, \ - VALID_FLAG_ALPHA|VALID_FLAG_DIGIT, "-_") - #define VALID_DISK_LABEL(str) \ -@@ -446,18 +446,18 @@ test_stringsbuf (void) - static void - test_valid (void) - { -- assert (!VALID_FORMAT_IFACE ("")); -+ assert (!VALID_FORMAT ("")); - assert (!VALID_DISK_LABEL ("")); - assert (!VALID_HOSTNAME ("")); - - assert (!VALID_DISK_LABEL ("012345678901234567890")); - -- assert (VALID_FORMAT_IFACE ("abc")); -- assert (VALID_FORMAT_IFACE ("ABC")); -- assert (VALID_FORMAT_IFACE ("abc123")); -- assert (VALID_FORMAT_IFACE ("abc123-")); -- assert (VALID_FORMAT_IFACE ("abc123_")); -- assert (!VALID_FORMAT_IFACE ("abc123.")); -+ assert (VALID_FORMAT ("abc")); -+ assert (VALID_FORMAT ("ABC")); -+ assert (VALID_FORMAT ("abc123")); -+ assert (VALID_FORMAT ("abc123-")); -+ assert (VALID_FORMAT ("abc123_")); -+ assert (!VALID_FORMAT ("abc123.")); - - assert (VALID_DISK_LABEL ("abc")); - assert (VALID_DISK_LABEL ("ABC")); --- -2.31.1 - diff --git a/SOURCES/0011-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch b/SOURCES/0007-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch similarity index 92% rename from SOURCES/0011-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch rename to SOURCES/0007-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch index bae7529..e251a5a 100644 --- a/SOURCES/0011-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch +++ b/SOURCES/0007-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch @@ -1,4 +1,4 @@ -From d59942a7a3d1ca2248a94099d28f7555378d7993 Mon Sep 17 00:00:00 2001 +From b74c6c8520773c2ef4a4d69b08b70e5ceeb06964 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Tue, 7 Jul 2015 09:28:03 -0400 Subject: [PATCH] RHEL: Reject use of libguestfs-winsupport features except for @@ -13,7 +13,7 @@ edits. 3 files changed, 19 insertions(+) diff --git a/generator/c.ml b/generator/c.ml -index ea69abf76..56ee38aa4 100644 +index 447059b8..0391dd3d 100644 --- a/generator/c.ml +++ b/generator/c.ml @@ -1846,6 +1846,22 @@ and generate_client_actions actions () = @@ -40,7 +40,7 @@ index ea69abf76..56ee38aa4 100644 * as a progress bar hint. *) diff --git a/test-data/phony-guests/make-windows-img.sh b/test-data/phony-guests/make-windows-img.sh -index 30908a918..73cf5144e 100755 +index 16debd12..1c13ddac 100755 --- a/test-data/phony-guests/make-windows-img.sh +++ b/test-data/phony-guests/make-windows-img.sh @@ -37,6 +37,7 @@ fi @@ -52,7 +52,7 @@ index 30908a918..73cf5144e 100755 run diff --git a/tests/charsets/test-charset-fidelity.c b/tests/charsets/test-charset-fidelity.c -index 105291dc3..5ca4f3b6d 100644 +index 105291dc..5ca4f3b6 100644 --- a/tests/charsets/test-charset-fidelity.c +++ b/tests/charsets/test-charset-fidelity.c @@ -96,6 +96,8 @@ main (int argc, char *argv[]) @@ -64,6 +64,3 @@ index 105291dc3..5ca4f3b6d 100644 if (guestfs_add_drive_scratch (g, 1024*1024*1024, -1) == -1) exit (EXIT_FAILURE); --- -2.31.1 - diff --git a/SOURCES/0007-tests-regressions-remove-iface-based-restrictions.patch b/SOURCES/0007-tests-regressions-remove-iface-based-restrictions.patch deleted file mode 100644 index 5c8c1d0..0000000 --- a/SOURCES/0007-tests-regressions-remove-iface-based-restrictions.patch +++ /dev/null @@ -1,74 +0,0 @@ -From 431ca828e9f7d7a6c7e315b410f381304986ba44 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Wed, 4 May 2022 15:41:55 +0200 -Subject: [PATCH] tests/regressions: remove "iface"-based restrictions - -Now that "iface" is ignored by both backends, the regression tests for -RHBZ 690819 and 975797 can be enabled on all arches (regardless of -backend). - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1844341 -Signed-off-by: Laszlo Ersek -Message-Id: <20220504134155.11832-5-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit ddf276884c04418a32902689cf8fc3506be3ca4b) ---- - tests/regressions/rhbz690819.sh | 10 +++------- - tests/regressions/rhbz975797.sh | 10 +++------- - 2 files changed, 6 insertions(+), 14 deletions(-) - -diff --git a/tests/regressions/rhbz690819.sh b/tests/regressions/rhbz690819.sh -index e6f61d00d..9e1bcda84 100755 ---- a/tests/regressions/rhbz690819.sh -+++ b/tests/regressions/rhbz690819.sh -@@ -19,18 +19,14 @@ - # https://bugzilla.redhat.com/show_bug.cgi?id=690819 - # mkfs fails creating a filesytem on a disk device when using a disk - # with 'ide' interface -+# -+# The 'iface' parameter is now ignored: -+# https://bugzilla.redhat.com/show_bug.cgi?id=1844341 - - set -e - - $TEST_FUNCTIONS - skip_if_skipped --# These architectures don't support the 'ide' interface. --skip_if_arch arm --skip_if_arch aarch64 --skip_if_arch ppc64 --skip_if_arch ppc64le --skip_if_arch s390x --skip_if_backend libvirt - - rm -f rhbz690819.img - -diff --git a/tests/regressions/rhbz975797.sh b/tests/regressions/rhbz975797.sh -index c676abfa3..feecf1f2b 100755 ---- a/tests/regressions/rhbz975797.sh -+++ b/tests/regressions/rhbz975797.sh -@@ -19,18 +19,14 @@ - # Regression test for: - # https://bugzilla.redhat.com/show_bug.cgi?id=975797 - # Ensure the appliance doesn't hang when using the 'iface' parameter. -+# -+# The 'iface' parameter is now ignored: -+# https://bugzilla.redhat.com/show_bug.cgi?id=1844341 - - set -e - - $TEST_FUNCTIONS - skip_if_skipped --# These architectures don't support the 'ide' interface. --skip_if_arch arm --skip_if_arch aarch64 --skip_if_arch ppc64 --skip_if_arch ppc64le --skip_if_arch s390x --skip_if_backend libvirt - - rm -f rhbz975797-*.img - --- -2.31.1 - diff --git a/SOURCES/0008-Remove-virt-dib.patch b/SOURCES/0008-Remove-virt-dib.patch new file mode 100644 index 0000000..8137ddc --- /dev/null +++ b/SOURCES/0008-Remove-virt-dib.patch @@ -0,0 +1,63 @@ +From e916ad54c31a725cbf08fb186756d9e968ff20b2 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 7 Feb 2023 13:20:36 +0000 +Subject: [PATCH] Remove virt-dib + +The tool only supports an older version of the diskimage-builder +metadata, and we do not have the time or inclination to update it to a +newer version. + +Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1910039 +(cherry picked from commit 7503eeebede688409b2adf616d71a94e04b7f0d2) +--- + appliance/packagelist.in | 30 ------------------------------ + 1 file changed, 30 deletions(-) + +diff --git a/appliance/packagelist.in b/appliance/packagelist.in +index 585d52ad..20b08c47 100644 +--- a/appliance/packagelist.in ++++ b/appliance/packagelist.in +@@ -110,7 +110,6 @@ ifelse(ARCHLINUX,1, + dnl syslinux has mtools as optional dependency, but in reality it's + dnl a hard one: + mtools +- multipath-tools dnl for kpartx + nilfs-utils + ntfs-3g + ntfs-3g-system-compression +@@ -266,35 +265,6 @@ util-linux-ng + xfsprogs + zerofree + +-dnl tools needed by virt-dib +-ifelse(REDHAT,1, +- qemu-img +- which +-) +-ifelse(DEBIAN,1, +- qemu-utils +-) +-ifelse(ARCHLINUX,1, +- qemu +- which +-) +-ifelse(SUSE,1, +- qemu-tools +- which +-) +-ifelse(FRUGALWARE,1, +- qemu +- which +-) +-ifelse(MAGEIA,1, +- qemu-img +- which +-) +-curl +-kpartx +-dnl (virt-dib) tools optionally used for elements +-debootstrap +- + dnl exFAT is not usually available in free software repos + exfat-fuse + exfat-utils diff --git a/SOURCES/0008-generator-customize-invert-SELinux-relabeling-defaul.patch b/SOURCES/0008-generator-customize-invert-SELinux-relabeling-defaul.patch deleted file mode 100644 index b3aba8f..0000000 --- a/SOURCES/0008-generator-customize-invert-SELinux-relabeling-defaul.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 8f800b369ada05ea690cebb0bb5e0fed0ba1c548 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Tue, 10 May 2022 12:27:57 +0200 -Subject: [PATCH] generator/customize: invert SELinux relabeling default - -Replace the "--selinux-relabel" option with "--no-selinux-relabel", -inverting the default behavior (for guests with SELinux support, that is --- relabeling is always skipped for guests that don't support SELinux.) - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1554735 -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2075718 -Signed-off-by: Laszlo Ersek -Message-Id: <20220510102757.14466-3-lersek@redhat.com> -Acked-by: Richard W.M. Jones -(cherry picked from commit 2f6a27f1077d32d1ab526427052fc88e188356f7) ---- - generator/customize.ml | 19 +++++++++++-------- - 1 file changed, 11 insertions(+), 8 deletions(-) - -diff --git a/generator/customize.ml b/generator/customize.ml -index 3b3eec6d2..9634dad85 100644 ---- a/generator/customize.ml -+++ b/generator/customize.ml -@@ -564,18 +564,21 @@ to modify C (Fedora, RHEL) or - C (Debian, Ubuntu)."; - }; - -- { flag_name = "selinux-relabel"; -+ { flag_name = "no-selinux-relabel"; - flag_type = FlagBool false (* XXX - the default in virt-builder *); -- flag_ml_var = "selinux_relabel"; -- flag_shortdesc = "Relabel files with correct SELinux labels"; -+ flag_ml_var = "no_selinux_relabel"; -+ flag_shortdesc = "Do not relabel files with correct SELinux labels"; - flag_pod_longdesc = "\ --Relabel files in the guest so that they have the correct SELinux label. -+Do not attempt to correct the SELinux labels of files in the guest. - --This will attempt to relabel files immediately, but if the operation fails --this will instead touch F on the image to schedule a --relabel operation for the next time the image boots. -+In such guests that support SELinux, customization automatically -+relabels files so that they have the correct SELinux label. (The -+relabeling is performed immediately, but if the operation fails, -+customization will instead touch F on the image to -+schedule a relabel operation for the next time the image boots.) This -+option disables the automatic relabeling. - --This option is a no-op for guests that do not support SELinux."; -+The option is a no-op for guests that do not support SELinux."; - }; - - { flag_name = "sm-credentials"; --- -2.31.1 - diff --git a/SOURCES/0009-generator-customize-reintroduce-selinux-relabel-as-a.patch b/SOURCES/0009-generator-customize-reintroduce-selinux-relabel-as-a.patch deleted file mode 100644 index 4c8b115..0000000 --- a/SOURCES/0009-generator-customize-reintroduce-selinux-relabel-as-a.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 4cfba19fa2b087c4b2c5a1b67aa70eb16e9d5a59 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Wed, 25 May 2022 09:19:58 +0200 -Subject: [PATCH] generator/customize: reintroduce "--selinux-relabel" as a - compat option - -Removing "--selinux-relabel" in commit 2f6a27f1077d ("generator/customize: -invert SELinux relabeling default", 2022-05-11) breaks existing scripts -that invoke virt-customize and/or virt-sysprep with that option. Restore -the option, with no functionality tied to it. - -Fixes: 2f6a27f1077d32d1ab526427052fc88e188356f7 -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2089748 -Signed-off-by: Laszlo Ersek -Message-Id: <20220525071958.9612-1-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit 4b9ee1052a4396621485fdd56d6826714e7481b1) ---- - generator/customize.ml | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/generator/customize.ml b/generator/customize.ml -index 9634dad85..5abaf206f 100644 ---- a/generator/customize.ml -+++ b/generator/customize.ml -@@ -581,6 +581,13 @@ option disables the automatic relabeling. - The option is a no-op for guests that do not support SELinux."; - }; - -+ { flag_name = "selinux-relabel"; -+ flag_type = FlagBool false; -+ flag_ml_var = "selinux_relabel_ignored"; -+ flag_shortdesc = "Compatibility option doing nothing"; -+ flag_pod_longdesc = "This is a compatibility option that does nothing."; -+ }; -+ - { flag_name = "sm-credentials"; - flag_type = FlagSMCredentials "SELECTOR"; - flag_ml_var = "sm_credentials"; --- -2.31.1 - diff --git a/SOURCES/0009-lib-Choose-q35-machine-type-for-x86-64.patch b/SOURCES/0009-lib-Choose-q35-machine-type-for-x86-64.patch new file mode 100644 index 0000000..7c56357 --- /dev/null +++ b/SOURCES/0009-lib-Choose-q35-machine-type-for-x86-64.patch @@ -0,0 +1,32 @@ +From e712c4b81cbd2cf0e990d01cb4d1f54734e62de6 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 9 Feb 2023 13:38:50 +0000 +Subject: [PATCH] lib: Choose q35 machine type for x86-64 + +This machine type is more modern than the older 'pc' type and as most +qemu development is now focused there we expect it will perform and +behave better. In almost all respects this change should make no +difference. + +Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2168578 +Acked-by: Laszlo Ersek +See-also: https://listman.redhat.com/archives/libguestfs/2023-February/030645.html +(cherry picked from commit f0f8e6c5fe0c3f6d5d90534d263bded3a4dc7e8d) +--- + lib/guestfs-internal.h | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h +index 306f2a2e..fb55e026 100644 +--- a/lib/guestfs-internal.h ++++ b/lib/guestfs-internal.h +@@ -113,6 +113,9 @@ cleanup_mutex_unlock (pthread_mutex_t **ptr) + #define MAX_WINDOWS_EXPLORER_SIZE (4 * 1000 * 1000) + + /* Machine types. */ ++#if defined(__x86_64__) ++#define MACHINE_TYPE "q35" ++#endif + #ifdef __arm__ + #define MACHINE_TYPE "virt" + #endif diff --git a/SOURCES/0010-RHEL-Revert-build-Remove-bundled-copy-of-ocaml-augea.patch b/SOURCES/0010-RHEL-Revert-build-Remove-bundled-copy-of-ocaml-augea.patch new file mode 100644 index 0000000..c21130e --- /dev/null +++ b/SOURCES/0010-RHEL-Revert-build-Remove-bundled-copy-of-ocaml-augea.patch @@ -0,0 +1,1686 @@ +From 73061a7feafcc0a527d00f6e1e2dee3dc84bc044 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 2 Mar 2023 10:12:19 +0000 +Subject: [PATCH] RHEL: Revert "build: Remove bundled copy of ocaml-augeas" + +This is temporarily reverted in RHEL 9.3 only until this bug can be +actioned: + + https://bugzilla.redhat.com/show_bug.cgi?id=2168634 + "Request for new RHEL 9.3 package: ocaml-augeas" + +This reverts commit fbf7fe87933ac24dd78362a16117c42e40da4c0f. +--- + .gitignore | 1 + + Makefile.am | 5 +- + bundled/ocaml-augeas/COPYING.LIB | 515 +++++++++++++++++++++++++ + bundled/ocaml-augeas/Makefile.am | 82 ++++ + bundled/ocaml-augeas/augeas-c.c | 579 +++++++++++++++++++++++++++++ + bundled/ocaml-augeas/augeas.README | 8 + + bundled/ocaml-augeas/augeas.ml | 99 +++++ + bundled/ocaml-augeas/augeas.mli | 164 ++++++++ + configure.ac | 1 + + daemon/Makefile.am | 7 +- + docs/guestfs-building.pod | 5 - + docs/guestfs-hacking.pod | 14 + + m4/guestfs-ocaml.m4 | 8 - + ocaml-dep.sh.in | 1 + + 14 files changed, 1472 insertions(+), 17 deletions(-) + create mode 100644 bundled/ocaml-augeas/COPYING.LIB + create mode 100644 bundled/ocaml-augeas/Makefile.am + create mode 100644 bundled/ocaml-augeas/augeas-c.c + create mode 100644 bundled/ocaml-augeas/augeas.README + create mode 100644 bundled/ocaml-augeas/augeas.ml + create mode 100644 bundled/ocaml-augeas/augeas.mli + +diff --git a/.gitignore b/.gitignore +index 00e59fb3..ee5ea74d 100644 +--- a/.gitignore ++++ b/.gitignore +@@ -61,6 +61,7 @@ Makefile.in + /build-aux/snippet/ + /build-aux/test-driver + /build-aux/ylwrap ++/bundled/ocaml-augeas/.depend + /compile + /config.cache + /config.guess +diff --git a/Makefile.am b/Makefile.am +index 59370440..e0a7f084 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -35,6 +35,7 @@ SUBDIRS += include lib docs examples + + # The daemon and the appliance. + SUBDIRS += common/mlutils ++SUBDIRS += bundled/ocaml-augeas + SUBDIRS += common/mlpcre + if ENABLE_DAEMON + SUBDIRS += daemon +@@ -214,7 +215,7 @@ dist-hook: docs/C_SOURCE_FILES po/POTFILES + docs/C_SOURCE_FILES: configure.ac + rm -f $@ $@-t + find $(DIST_SUBDIRS) -name '*.[ch]' | \ +- grep -v -E '^(builder/index-parse\.|builder/index-scan\.|examples/|gobject/|java/com_redhat_et_libguestfs|perl/|php/extension/config\.h|ruby/ext/guestfs/extconf\.h|tests/|test-data/)' | \ ++ grep -v -E '^(builder/index-parse\.|builder/index-scan\.|examples/|gobject/|java/com_redhat_et_libguestfs|perl/|php/extension/config\.h|ruby/ext/guestfs/extconf\.h|tests/|test-data/|bundled/)' | \ + grep -v -E '/(guestfs|rc)_protocol\.' | \ + grep -v -E '.*/errnostring\.' | \ + grep -v -E '.*-gperf\.' | \ +@@ -227,7 +228,7 @@ po/POTFILES: configure.ac + rm -f $@ $@-t + cd $(srcdir); \ + find $(DIST_SUBDIRS) -name '*.c' | \ +- grep -v -E '^(examples|perl/(blib|examples)|po-docs|tests|test-data)/' | \ ++ grep -v -E '^(examples|perl/(blib|examples)|po-docs|tests|test-data|bundled)/' | \ + grep -v -E '/((guestfs|rc)_protocol\.c|dummy\.c)$$' | \ + grep -v -E '^python/utils\.c$$' | \ + grep -v -E '^perl/lib/Sys/Guestfs\.c$$' | \ +diff --git a/bundled/ocaml-augeas/COPYING.LIB b/bundled/ocaml-augeas/COPYING.LIB +new file mode 100644 +index 00000000..ba2be481 +--- /dev/null ++++ b/bundled/ocaml-augeas/COPYING.LIB +@@ -0,0 +1,515 @@ ++ ++ GNU LESSER GENERAL PUBLIC LICENSE ++ Version 2.1, February 1999 ++ ++ Copyright (C) 1991, 1999 Free Software Foundation, Inc. ++ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ++ Everyone is permitted to copy and distribute verbatim copies ++ of this license document, but changing it is not allowed. ++ ++[This is the first released version of the Lesser GPL. It also counts ++ as the successor of the GNU Library Public License, version 2, hence ++ the version number 2.1.] ++ ++ Preamble ++ ++ The licenses for most software are designed to take away your ++freedom to share and change it. By contrast, the GNU General Public ++Licenses are intended to guarantee your freedom to share and change ++free software--to make sure the software is free for all its users. ++ ++ This license, the Lesser General Public License, applies to some ++specially designated software packages--typically libraries--of the ++Free Software Foundation and other authors who decide to use it. You ++can use it too, but we suggest you first think carefully about whether ++this license or the ordinary General Public License is the better ++strategy to use in any particular case, based on the explanations ++below. ++ ++ When we speak of free software, we are referring to freedom of use, ++not price. Our General Public Licenses are designed to make sure that ++you have the freedom to distribute copies of free software (and charge ++for this service if you wish); that you receive source code or can get ++it if you want it; that you can change the software and use pieces of ++it in new free programs; and that you are informed that you can do ++these things. ++ ++ To protect your rights, we need to make restrictions that forbid ++distributors to deny you these rights or to ask you to surrender these ++rights. These restrictions translate to certain responsibilities for ++you if you distribute copies of the library or if you modify it. ++ ++ For example, if you distribute copies of the library, whether gratis ++or for a fee, you must give the recipients all the rights that we gave ++you. You must make sure that they, too, receive or can get the source ++code. If you link other code with the library, you must provide ++complete object files to the recipients, so that they can relink them ++with the library after making changes to the library and recompiling ++it. And you must show them these terms so they know their rights. ++ ++ We protect your rights with a two-step method: (1) we copyright the ++library, and (2) we offer you this license, which gives you legal ++permission to copy, distribute and/or modify the library. ++ ++ To protect each distributor, we want to make it very clear that ++there is no warranty for the free library. Also, if the library is ++modified by someone else and passed on, the recipients should know ++that what they have is not the original version, so that the original ++author's reputation will not be affected by problems that might be ++introduced by others. ++^L ++ Finally, software patents pose a constant threat to the existence of ++any free program. We wish to make sure that a company cannot ++effectively restrict the users of a free program by obtaining a ++restrictive license from a patent holder. Therefore, we insist that ++any patent license obtained for a version of the library must be ++consistent with the full freedom of use specified in this license. ++ ++ Most GNU software, including some libraries, is covered by the ++ordinary GNU General Public License. This license, the GNU Lesser ++General Public License, applies to certain designated libraries, and ++is quite different from the ordinary General Public License. We use ++this license for certain libraries in order to permit linking those ++libraries into non-free programs. ++ ++ When a program is linked with a library, whether statically or using ++a shared library, the combination of the two is legally speaking a ++combined work, a derivative of the original library. The ordinary ++General Public License therefore permits such linking only if the ++entire combination fits its criteria of freedom. The Lesser General ++Public License permits more lax criteria for linking other code with ++the library. ++ ++ We call this license the "Lesser" General Public License because it ++does Less to protect the user's freedom than the ordinary General ++Public License. It also provides other free software developers Less ++of an advantage over competing non-free programs. These disadvantages ++are the reason we use the ordinary General Public License for many ++libraries. However, the Lesser license provides advantages in certain ++special circumstances. ++ ++ For example, on rare occasions, there may be a special need to ++encourage the widest possible use of a certain library, so that it ++becomes ++a de-facto standard. To achieve this, non-free programs must be ++allowed to use the library. A more frequent case is that a free ++library does the same job as widely used non-free libraries. In this ++case, there is little to gain by limiting the free library to free ++software only, so we use the Lesser General Public License. ++ ++ In other cases, permission to use a particular library in non-free ++programs enables a greater number of people to use a large body of ++free software. For example, permission to use the GNU C Library in ++non-free programs enables many more people to use the whole GNU ++operating system, as well as its variant, the GNU/Linux operating ++system. ++ ++ Although the Lesser General Public License is Less protective of the ++users' freedom, it does ensure that the user of a program that is ++linked with the Library has the freedom and the wherewithal to run ++that program using a modified version of the Library. ++ ++ The precise terms and conditions for copying, distribution and ++modification follow. Pay close attention to the difference between a ++"work based on the library" and a "work that uses the library". The ++former contains code derived from the library, whereas the latter must ++be combined with the library in order to run. ++^L ++ GNU LESSER GENERAL PUBLIC LICENSE ++ TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION ++ ++ 0. This License Agreement applies to any software library or other ++program which contains a notice placed by the copyright holder or ++other authorized party saying it may be distributed under the terms of ++this Lesser General Public License (also called "this License"). ++Each licensee is addressed as "you". ++ ++ A "library" means a collection of software functions and/or data ++prepared so as to be conveniently linked with application programs ++(which use some of those functions and data) to form executables. ++ ++ The "Library", below, refers to any such software library or work ++which has been distributed under these terms. A "work based on the ++Library" means either the Library or any derivative work under ++copyright law: that is to say, a work containing the Library or a ++portion of it, either verbatim or with modifications and/or translated ++straightforwardly into another language. (Hereinafter, translation is ++included without limitation in the term "modification".) ++ ++ "Source code" for a work means the preferred form of the work for ++making modifications to it. For a library, complete source code means ++all the source code for all modules it contains, plus any associated ++interface definition files, plus the scripts used to control ++compilation ++and installation of the library. ++ ++ Activities other than copying, distribution and modification are not ++covered by this License; they are outside its scope. The act of ++running a program using the Library is not restricted, and output from ++such a program is covered only if its contents constitute a work based ++on the Library (independent of the use of the Library in a tool for ++writing it). Whether that is true depends on what the Library does ++and what the program that uses the Library does. ++ ++ 1. You may copy and distribute verbatim copies of the Library's ++complete source code as you receive it, in any medium, provided that ++you conspicuously and appropriately publish on each copy an ++appropriate copyright notice and disclaimer of warranty; keep intact ++all the notices that refer to this License and to the absence of any ++warranty; and distribute a copy of this License along with the ++Library. ++ ++ You may charge a fee for the physical act of transferring a copy, ++and you may at your option offer warranty protection in exchange for a ++fee. ++ ++ 2. You may modify your copy or copies of the Library or any portion ++of it, thus forming a work based on the Library, and copy and ++distribute such modifications or work under the terms of Section 1 ++above, provided that you also meet all of these conditions: ++ ++ a) The modified work must itself be a software library. ++ ++ b) You must cause the files modified to carry prominent notices ++ stating that you changed the files and the date of any change. ++ ++ c) You must cause the whole of the work to be licensed at no ++ charge to all third parties under the terms of this License. ++ ++ d) If a facility in the modified Library refers to a function or a ++ table of data to be supplied by an application program that uses ++ the facility, other than as an argument passed when the facility ++ is invoked, then you must make a good faith effort to ensure that, ++ in the event an application does not supply such function or ++ table, the facility still operates, and performs whatever part of ++ its purpose remains meaningful. ++ ++ (For example, a function in a library to compute square roots has ++ a purpose that is entirely well-defined independent of the ++ application. Therefore, Subsection 2d requires that any ++ application-supplied function or table used by this function must ++ be optional: if the application does not supply it, the square ++ root function must still compute square roots.) ++ ++These requirements apply to the modified work as a whole. If ++identifiable sections of that work are not derived from the Library, ++and can be reasonably considered independent and separate works in ++themselves, then this License, and its terms, do not apply to those ++sections when you distribute them as separate works. But when you ++distribute the same sections as part of a whole which is a work based ++on the Library, the distribution of the whole must be on the terms of ++this License, whose permissions for other licensees extend to the ++entire whole, and thus to each and every part regardless of who wrote ++it. ++ ++Thus, it is not the intent of this section to claim rights or contest ++your rights to work written entirely by you; rather, the intent is to ++exercise the right to control the distribution of derivative or ++collective works based on the Library. ++ ++In addition, mere aggregation of another work not based on the Library ++with the Library (or with a work based on the Library) on a volume of ++a storage or distribution medium does not bring the other work under ++the scope of this License. ++ ++ 3. You may opt to apply the terms of the ordinary GNU General Public ++License instead of this License to a given copy of the Library. To do ++this, you must alter all the notices that refer to this License, so ++that they refer to the ordinary GNU General Public License, version 2, ++instead of to this License. (If a newer version than version 2 of the ++ordinary GNU General Public License has appeared, then you can specify ++that version instead if you wish.) Do not make any other change in ++these notices. ++^L ++ Once this change is made in a given copy, it is irreversible for ++that copy, so the ordinary GNU General Public License applies to all ++subsequent copies and derivative works made from that copy. ++ ++ This option is useful when you wish to copy part of the code of ++the Library into a program that is not a library. ++ ++ 4. You may copy and distribute the Library (or a portion or ++derivative of it, under Section 2) in object code or executable form ++under the terms of Sections 1 and 2 above provided that you accompany ++it with the complete corresponding machine-readable source code, which ++must be distributed under the terms of Sections 1 and 2 above on a ++medium customarily used for software interchange. ++ ++ If distribution of object code is made by offering access to copy ++from a designated place, then offering equivalent access to copy the ++source code from the same place satisfies the requirement to ++distribute the source code, even though third parties are not ++compelled to copy the source along with the object code. ++ ++ 5. A program that contains no derivative of any portion of the ++Library, but is designed to work with the Library by being compiled or ++linked with it, is called a "work that uses the Library". Such a ++work, in isolation, is not a derivative work of the Library, and ++therefore falls outside the scope of this License. ++ ++ However, linking a "work that uses the Library" with the Library ++creates an executable that is a derivative of the Library (because it ++contains portions of the Library), rather than a "work that uses the ++library". The executable is therefore covered by this License. ++Section 6 states terms for distribution of such executables. ++ ++ When a "work that uses the Library" uses material from a header file ++that is part of the Library, the object code for the work may be a ++derivative work of the Library even though the source code is not. ++Whether this is true is especially significant if the work can be ++linked without the Library, or if the work is itself a library. The ++threshold for this to be true is not precisely defined by law. ++ ++ If such an object file uses only numerical parameters, data ++structure layouts and accessors, and small macros and small inline ++functions (ten lines or less in length), then the use of the object ++file is unrestricted, regardless of whether it is legally a derivative ++work. (Executables containing this object code plus portions of the ++Library will still fall under Section 6.) ++ ++ Otherwise, if the work is a derivative of the Library, you may ++distribute the object code for the work under the terms of Section 6. ++Any executables containing that work also fall under Section 6, ++whether or not they are linked directly with the Library itself. ++^L ++ 6. As an exception to the Sections above, you may also combine or ++link a "work that uses the Library" with the Library to produce a ++work containing portions of the Library, and distribute that work ++under terms of your choice, provided that the terms permit ++modification of the work for the customer's own use and reverse ++engineering for debugging such modifications. ++ ++ You must give prominent notice with each copy of the work that the ++Library is used in it and that the Library and its use are covered by ++this License. You must supply a copy of this License. If the work ++during execution displays copyright notices, you must include the ++copyright notice for the Library among them, as well as a reference ++directing the user to the copy of this License. Also, you must do one ++of these things: ++ ++ a) Accompany the work with the complete corresponding ++ machine-readable source code for the Library including whatever ++ changes were used in the work (which must be distributed under ++ Sections 1 and 2 above); and, if the work is an executable linked ++ with the Library, with the complete machine-readable "work that ++ uses the Library", as object code and/or source code, so that the ++ user can modify the Library and then relink to produce a modified ++ executable containing the modified Library. (It is understood ++ that the user who changes the contents of definitions files in the ++ Library will not necessarily be able to recompile the application ++ to use the modified definitions.) ++ ++ b) Use a suitable shared library mechanism for linking with the ++ Library. A suitable mechanism is one that (1) uses at run time a ++ copy of the library already present on the user's computer system, ++ rather than copying library functions into the executable, and (2) ++ will operate properly with a modified version of the library, if ++ the user installs one, as long as the modified version is ++ interface-compatible with the version that the work was made with. ++ ++ c) Accompany the work with a written offer, valid for at ++ least three years, to give the same user the materials ++ specified in Subsection 6a, above, for a charge no more ++ than the cost of performing this distribution. ++ ++ d) If distribution of the work is made by offering access to copy ++ from a designated place, offer equivalent access to copy the above ++ specified materials from the same place. ++ ++ e) Verify that the user has already received a copy of these ++ materials or that you have already sent this user a copy. ++ ++ For an executable, the required form of the "work that uses the ++Library" must include any data and utility programs needed for ++reproducing the executable from it. However, as a special exception, ++the materials to be distributed need not include anything that is ++normally distributed (in either source or binary form) with the major ++components (compiler, kernel, and so on) of the operating system on ++which the executable runs, unless that component itself accompanies ++the executable. ++ ++ It may happen that this requirement contradicts the license ++restrictions of other proprietary libraries that do not normally ++accompany the operating system. Such a contradiction means you cannot ++use both them and the Library together in an executable that you ++distribute. ++^L ++ 7. You may place library facilities that are a work based on the ++Library side-by-side in a single library together with other library ++facilities not covered by this License, and distribute such a combined ++library, provided that the separate distribution of the work based on ++the Library and of the other library facilities is otherwise ++permitted, and provided that you do these two things: ++ ++ a) Accompany the combined library with a copy of the same work ++ based on the Library, uncombined with any other library ++ facilities. This must be distributed under the terms of the ++ Sections above. ++ ++ b) Give prominent notice with the combined library of the fact ++ that part of it is a work based on the Library, and explaining ++ where to find the accompanying uncombined form of the same work. ++ ++ 8. You may not copy, modify, sublicense, link with, or distribute ++the Library except as expressly provided under this License. Any ++attempt otherwise to copy, modify, sublicense, link with, or ++distribute the Library is void, and will automatically terminate your ++rights under this License. However, parties who have received copies, ++or rights, from you under this License will not have their licenses ++terminated so long as such parties remain in full compliance. ++ ++ 9. You are not required to accept this License, since you have not ++signed it. However, nothing else grants you permission to modify or ++distribute the Library or its derivative works. These actions are ++prohibited by law if you do not accept this License. Therefore, by ++modifying or distributing the Library (or any work based on the ++Library), you indicate your acceptance of this License to do so, and ++all its terms and conditions for copying, distributing or modifying ++the Library or works based on it. ++ ++ 10. Each time you redistribute the Library (or any work based on the ++Library), the recipient automatically receives a license from the ++original licensor to copy, distribute, link with or modify the Library ++subject to these terms and conditions. You may not impose any further ++restrictions on the recipients' exercise of the rights granted herein. ++You are not responsible for enforcing compliance by third parties with ++this License. ++^L ++ 11. If, as a consequence of a court judgment or allegation of patent ++infringement or for any other reason (not limited to patent issues), ++conditions are imposed on you (whether by court order, agreement or ++otherwise) that contradict the conditions of this License, they do not ++excuse you from the conditions of this License. If you cannot ++distribute so as to satisfy simultaneously your obligations under this ++License and any other pertinent obligations, then as a consequence you ++may not distribute the Library at all. For example, if a patent ++license would not permit royalty-free redistribution of the Library by ++all those who receive copies directly or indirectly through you, then ++the only way you could satisfy both it and this License would be to ++refrain entirely from distribution of the Library. ++ ++If any portion of this section is held invalid or unenforceable under ++any particular circumstance, the balance of the section is intended to ++apply, and the section as a whole is intended to apply in other ++circumstances. ++ ++It is not the purpose of this section to induce you to infringe any ++patents or other property right claims or to contest validity of any ++such claims; this section has the sole purpose of protecting the ++integrity of the free software distribution system which is ++implemented by public license practices. Many people have made ++generous contributions to the wide range of software distributed ++through that system in reliance on consistent application of that ++system; it is up to the author/donor to decide if he or she is willing ++to distribute software through any other system and a licensee cannot ++impose that choice. ++ ++This section is intended to make thoroughly clear what is believed to ++be a consequence of the rest of this License. ++ ++ 12. If the distribution and/or use of the Library is restricted in ++certain countries either by patents or by copyrighted interfaces, the ++original copyright holder who places the Library under this License ++may add an explicit geographical distribution limitation excluding those ++countries, so that distribution is permitted only in or among ++countries not thus excluded. In such case, this License incorporates ++the limitation as if written in the body of this License. ++ ++ 13. The Free Software Foundation may publish revised and/or new ++versions of the Lesser General Public License from time to time. ++Such new versions will be similar in spirit to the present version, ++but may differ in detail to address new problems or concerns. ++ ++Each version is given a distinguishing version number. If the Library ++specifies a version number of this License which applies to it and ++"any later version", you have the option of following the terms and ++conditions either of that version or of any later version published by ++the Free Software Foundation. If the Library does not specify a ++license version number, you may choose any version ever published by ++the Free Software Foundation. ++^L ++ 14. If you wish to incorporate parts of the Library into other free ++programs whose distribution conditions are incompatible with these, ++write to the author to ask for permission. For software which is ++copyrighted by the Free Software Foundation, write to the Free ++Software Foundation; we sometimes make exceptions for this. Our ++decision will be guided by the two goals of preserving the free status ++of all derivatives of our free software and of promoting the sharing ++and reuse of software generally. ++ ++ NO WARRANTY ++ ++ 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO ++WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. ++EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR ++OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY ++KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE ++IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE ++LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME ++THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. ++ ++ 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN ++WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY ++AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU ++FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR ++CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE ++LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING ++RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A ++FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF ++SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH ++DAMAGES. ++ ++ END OF TERMS AND CONDITIONS ++^L ++ How to Apply These Terms to Your New Libraries ++ ++ If you develop a new library, and you want it to be of the greatest ++possible use to the public, we recommend making it free software that ++everyone can redistribute and change. You can do so by permitting ++redistribution under these terms (or, alternatively, under the terms ++of the ordinary General Public License). ++ ++ To apply these terms, attach the following notices to the library. ++It is safest to attach them to the start of each source file to most ++effectively convey the exclusion of warranty; and each file should ++have at least the "copyright" line and a pointer to where the full ++notice is found. ++ ++ ++ ++ Copyright (C) ++ ++ This library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2 of the License, or (at your option) any later version. ++ ++ This library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with this library; if not, write to the Free Software ++ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ++ ++Also add information on how to contact you by electronic and paper ++mail. ++ ++You should also get your employer (if you work as a programmer) or ++your ++school, if any, to sign a "copyright disclaimer" for the library, if ++necessary. Here is a sample; alter the names: ++ ++ Yoyodyne, Inc., hereby disclaims all copyright interest in the ++ library `Frob' (a library for tweaking knobs) written by James ++Random Hacker. ++ ++ , 1 April 1990 ++ Ty Coon, President of Vice ++ ++That's all there is to it! ++ ++ +diff --git a/bundled/ocaml-augeas/Makefile.am b/bundled/ocaml-augeas/Makefile.am +new file mode 100644 +index 00000000..b6122eab +--- /dev/null ++++ b/bundled/ocaml-augeas/Makefile.am +@@ -0,0 +1,82 @@ ++# libguestfs OCaml tools common code ++# Copyright (C) 2011-2020 Red Hat Inc. ++# ++# This program is free software; you can redistribute it and/or modify ++# it under the terms of the GNU General Public License as published by ++# the Free Software Foundation; either version 2 of the License, or ++# (at your option) any later version. ++# ++# This program is distributed in the hope that it will be useful, ++# but WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++# GNU General Public License for more details. ++# ++# You should have received a copy of the GNU General Public License ++# along with this program; if not, write to the Free Software ++# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. ++ ++include $(top_srcdir)/subdir-rules.mk ++ ++EXTRA_DIST = \ ++ $(SOURCES_MLI) \ ++ $(SOURCES_ML) \ ++ $(SOURCES_C) \ ++ augeas.README ++ ++SOURCES_MLI = \ ++ augeas.mli ++ ++SOURCES_ML = \ ++ augeas.ml ++ ++SOURCES_C = \ ++ augeas-c.c ++ ++# We pretend that we're building a C library. automake handles the ++# compilation of the C sources for us. At the end we take the C ++# objects and OCaml objects and link them into the OCaml library. ++# This C library is never used. ++ ++noinst_LIBRARIES = libmlaugeas.a ++ ++if !HAVE_OCAMLOPT ++MLAUGEAS_CMA = mlaugeas.cma ++else ++MLAUGEAS_CMA = mlaugeas.cmxa ++endif ++ ++noinst_DATA = $(MLAUGEAS_CMA) ++ ++libmlaugeas_a_SOURCES = $(SOURCES_C) ++libmlaugeas_a_CPPFLAGS = \ ++ -DCAML_NAME_SPACE \ ++ -I. \ ++ -I$(top_builddir) \ ++ -I$(shell $(OCAMLC) -where) ++libmlaugeas_a_CFLAGS = \ ++ $(WARN_CFLAGS) $(NO_SNV_CFLAGS) $(NO_UM_CFLAGS) $(WERROR_CFLAGS) \ ++ $(AUGEAS_CFLAGS) $(LIBXML2_CFLAGS) \ ++ -fPIC ++ ++BOBJECTS = $(SOURCES_ML:.ml=.cmo) ++XOBJECTS = $(BOBJECTS:.cmo=.cmx) ++ ++OCAMLPACKAGES = ++OCAMLFLAGS = $(OCAML_FLAGS) $(OCAML_WARN_ERROR) -ccopt '$(CFLAGS)' ++ ++if !HAVE_OCAMLOPT ++OBJECTS = $(BOBJECTS) ++else ++OBJECTS = $(XOBJECTS) ++endif ++ ++libmlaugeas_a_DEPENDENCIES = $(OBJECTS) ++ ++$(MLAUGEAS_CMA): $(OBJECTS) libmlaugeas.a ++ $(OCAMLFIND) mklib $(OCAMLPACKAGES) \ ++ $(OBJECTS) $(libmlaugeas_a_OBJECTS) -cclib -laugeas -o mlaugeas ++ ++# Dependencies. ++.depend: $(srcdir)/*.mli $(srcdir)/*.ml ++ $(top_builddir)/ocaml-dep.sh $^ ++-include .depend +diff --git a/bundled/ocaml-augeas/augeas-c.c b/bundled/ocaml-augeas/augeas-c.c +new file mode 100644 +index 00000000..679bcb50 +--- /dev/null ++++ b/bundled/ocaml-augeas/augeas-c.c +@@ -0,0 +1,579 @@ ++/* Augeas OCaml bindings ++ * Copyright (C) 2008-2017 Red Hat Inc., Richard W.M. Jones ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public ++ * License along with this library; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ++ * ++ * $Id: augeas_c.c,v 1.1 2008/05/06 10:48:20 rjones Exp $ ++ */ ++ ++#include "config.h" ++ ++#include ++ ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include ++ ++#ifdef __GNUC__ ++ #define NORETURN __attribute__ ((noreturn)) ++#else ++ #define NORETURN ++#endif ++ ++extern CAMLprim value ocaml_augeas_create (value rootv, value loadpathv, value flagsv); ++extern CAMLprim value ocaml_augeas_close (value tv); ++extern CAMLprim value ocaml_augeas_defnode (value tv, value namev, value exprv, value valv); ++extern CAMLprim value ocaml_augeas_defvar (value tv, value namev, value exprv); ++extern CAMLprim value ocaml_augeas_get (value tv, value pathv); ++extern CAMLprim value ocaml_augeas_exists (value tv, value pathv); ++extern CAMLprim value ocaml_augeas_insert (value tv, value beforev, value pathv, value labelv); ++extern CAMLprim value ocaml_augeas_label (value tv, value pathv); ++extern CAMLprim value ocaml_augeas_mv (value tv, value srcv, value destv); ++extern CAMLprim value ocaml_augeas_rm (value tv, value pathv); ++extern CAMLprim value ocaml_augeas_match (value tv, value pathv); ++extern CAMLprim value ocaml_augeas_count_matches (value tv, value pathv); ++extern CAMLprim value ocaml_augeas_save (value tv); ++extern CAMLprim value ocaml_augeas_load (value tv); ++extern CAMLprim value ocaml_augeas_set (value tv, value pathv, value valuev); ++extern CAMLprim value ocaml_augeas_setm (value tv, value basev, value subv, value valv); ++extern CAMLprim value ocaml_augeas_transform (value tv, value lensv, value filev, value modev); ++extern CAMLprim value ocaml_augeas_source (value tv, value pathv) ++#ifndef HAVE_AUG_SOURCE ++ NORETURN ++#endif ++; ++ ++typedef augeas *augeas_t; ++ ++/* Map C aug_errcode_t to OCaml error_code. */ ++static const int error_map[] = { ++ /* AugErrInternal */ AUG_EINTERNAL, ++ /* AugErrPathX */ AUG_EPATHX, ++ /* AugErrNoMatch */ AUG_ENOMATCH, ++ /* AugErrMMatch */ AUG_EMMATCH, ++ /* AugErrSyntax */ AUG_ESYNTAX, ++ /* AugErrNoLens */ AUG_ENOLENS, ++ /* AugErrMXfm */ AUG_EMXFM, ++ /* AugErrNoSpan */ AUG_ENOSPAN, ++ /* AugErrMvDesc */ AUG_EMVDESC, ++ /* AugErrCmdRun */ AUG_ECMDRUN, ++ /* AugErrBadArg */ AUG_EBADARG, ++ /* AugErrLabel */ AUG_ELABEL, ++ /* AugErrCpDesc */ AUG_ECPDESC, ++}; ++static const int error_map_len = sizeof error_map / sizeof error_map[0]; ++ ++/* Raise an Augeas.Error exception, and optionally close the ++ * specified handle. ++ */ ++static void ++raise_error_and_maybe_close (augeas_t t, const char *msg, bool close_handle) ++{ ++ const value *exn = caml_named_value ("Augeas.Error"); ++ value args[5]; ++ const int code = aug_error (t); ++ const char *aug_err_msg; ++ const char *aug_err_minor; ++ const char *aug_err_details; ++ int ocaml_code = -1; ++ int i; ++ ++ if (code == AUG_ENOMEM) { ++ if (close_handle) ++ aug_close (t); ++ caml_raise_out_of_memory (); ++ } ++ ++ aug_err_msg = aug_error_message (t); ++ aug_err_minor = aug_error_minor_message (t); ++ aug_err_details = aug_error_details (t); ++ ++ for (i = 0; i < error_map_len; ++i) ++ if (error_map[i] == code) { ++ ocaml_code = i; ++ break; ++ } ++ ++ if (ocaml_code != -1) ++ args[0] = Val_int (ocaml_code); ++ else { ++ args[0] = caml_alloc (1, 0); ++ Store_field (args[0], 0, Val_int (code)); ++ } ++ args[1] = caml_copy_string (msg); ++ args[2] = caml_copy_string (aug_err_msg); ++ args[3] = caml_copy_string (aug_err_minor ? : ""); ++ args[4] = caml_copy_string (aug_err_details ? : ""); ++ ++ if (close_handle) ++ aug_close (t); ++ ++ caml_raise_with_args (*exn, 5, args); ++} ++#define raise_error(t, msg) raise_error_and_maybe_close(t, msg, false) ++ ++static void ++raise_init_error (const char *msg) ++{ ++ const value *exn = caml_named_value ("Augeas.Error"); ++ value args[5]; ++ ++ args[0] = caml_alloc (1, 0); ++ Store_field (args[0], 0, Val_int (-1)); ++ args[1] = caml_copy_string (msg); ++ args[2] = caml_copy_string ("aug_init failed"); ++ args[3] = caml_copy_string ("augeas initialization failed"); ++ args[4] = caml_copy_string (""); ++ ++ caml_raise_with_args (*exn, 5, args); ++} ++ ++static const char * ++Optstring_val (value strv) ++{ ++ if (strv == Val_int (0)) /* None */ ++ return NULL; ++ else /* Some string */ ++ return String_val (Field (strv, 0)); ++} ++ ++/* Map OCaml flags to C flags. */ ++static const int flag_map[] = { ++ /* AugSaveBackup */ AUG_SAVE_BACKUP, ++ /* AugSaveNewFile */ AUG_SAVE_NEWFILE, ++ /* AugTypeCheck */ AUG_TYPE_CHECK, ++ /* AugNoStdinc */ AUG_NO_STDINC, ++ /* AugSaveNoop */ AUG_SAVE_NOOP, ++ /* AugNoLoad */ AUG_NO_LOAD, ++ /* AugNoModlAutoload */ AUG_NO_MODL_AUTOLOAD, ++ /* AugEnableSpan */ AUG_ENABLE_SPAN, ++ /* AugNoErrClose */ AUG_NO_ERR_CLOSE, ++ /* AugTraceModuleLoading */ AUG_TRACE_MODULE_LOADING, ++}; ++ ++/* Wrap and unwrap augeas_t handles, with a finalizer. */ ++#define Augeas_t_val(rv) (*(augeas_t *)Data_custom_val(rv)) ++ ++static void ++augeas_t_finalize (value tv) ++{ ++ augeas_t t = Augeas_t_val (tv); ++ if (t) aug_close (t); ++} ++ ++static struct custom_operations custom_operations = { ++ (char *) "augeas_t_custom_operations", ++ augeas_t_finalize, ++ custom_compare_default, ++ custom_hash_default, ++ custom_serialize_default, ++ custom_deserialize_default, ++ custom_compare_ext_default, ++}; ++ ++static value Val_augeas_t (augeas_t t) ++{ ++ CAMLparam0 (); ++ CAMLlocal1 (rv); ++ /* We could choose these so that the GC can make better decisions. ++ * See 18.9.2 of the OCaml manual. ++ */ ++ const int used = 0; ++ const int max = 1; ++ ++ rv = caml_alloc_custom (&custom_operations, ++ sizeof (augeas_t), used, max); ++ Augeas_t_val(rv) = t; ++ ++ CAMLreturn (rv); ++} ++ ++#pragma GCC diagnostic ignored "-Wmissing-prototypes" ++ ++/* val create : string -> string option -> flag list -> t */ ++CAMLprim value ++ocaml_augeas_create (value rootv, value loadpathv, value flagsv) ++{ ++ CAMLparam1 (rootv); ++ const char *root = String_val (rootv); ++ const char *loadpath = Optstring_val (loadpathv); ++ int flags = 0, i; ++ augeas_t t; ++ ++ /* Convert list of flags to C. */ ++ for (; flagsv != Val_int (0); flagsv = Field (flagsv, 1)) { ++ i = Int_val (Field (flagsv, 0)); ++ flags |= flag_map[i]; ++ } ++ ++ /* Pass AUG_NO_ERR_CLOSE so we raise a detailed Augeas.Error. */ ++ t = aug_init (root, loadpath, flags | AUG_NO_ERR_CLOSE); ++ ++ if (t == NULL) ++ raise_init_error ("Augeas.create"); ++ ++ if (aug_error (t) != AUG_NOERROR) { ++ raise_error_and_maybe_close (t, "Augeas.init", true); ++ } ++ ++ CAMLreturn (Val_augeas_t (t)); ++} ++ ++/* val close : t -> unit */ ++CAMLprim value ++ocaml_augeas_close (value tv) ++{ ++ CAMLparam1 (tv); ++ augeas_t t = Augeas_t_val (tv); ++ ++ if (t) { ++ aug_close (t); ++ Augeas_t_val(tv) = NULL; /* So the finalizer doesn't double-free. */ ++ } ++ ++ CAMLreturn (Val_unit); ++} ++ ++/* val defnode : t -> string -> string -> string option -> int * bool */ ++CAMLprim value ++ocaml_augeas_defnode (value tv, value namev, value exprv, value valv) ++{ ++ CAMLparam4 (tv, namev, exprv, valv); ++ CAMLlocal2 (optv, v); ++ augeas_t t = Augeas_t_val (tv); ++ const char *name = String_val (namev); ++ const char *expr = String_val (exprv); ++ const char *val = Optstring_val (valv); ++ int r, created; ++ ++ r = aug_defnode (t, name, expr, val, &created); ++ if (r == -1) { ++ raise_error (t, "Augeas.defnode"); ++ } ++ ++ v = caml_alloc (2, 0); ++ Store_field (v, 0, Val_int (r)); ++ Store_field (v, 1, Val_bool (created)); ++ ++ CAMLreturn (v); ++} ++ ++/* val defvar : t -> string -> string option -> int option */ ++CAMLprim value ++ocaml_augeas_defvar (value tv, value namev, value exprv) ++{ ++ CAMLparam3 (tv, namev, exprv); ++ CAMLlocal2 (optv, v); ++ augeas_t t = Augeas_t_val (tv); ++ const char *name = String_val (namev); ++ const char *expr = Optstring_val (exprv); ++ int r; ++ ++ r = aug_defvar (t, name, expr); ++ if (r > 0) { /* Return Some val */ ++ v = Val_int (r); ++ optv = caml_alloc (1, 0); ++ Field (optv, 0) = v; ++ } else if (r == 0) /* Return None */ ++ optv = Val_int (0); ++ else if (r == -1) /* Error or multiple matches */ ++ raise_error (t, "Augeas.defvar"); ++ else ++ caml_failwith ("Augeas.defvar: bad return value"); ++ ++ CAMLreturn (optv); ++} ++ ++/* val get : t -> path -> value option */ ++CAMLprim value ++ocaml_augeas_get (value tv, value pathv) ++{ ++ CAMLparam2 (tv, pathv); ++ CAMLlocal2 (optv, v); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ const char *val; ++ int r; ++ ++ r = aug_get (t, path, &val); ++ if (r == 1 && val) { /* Return Some val */ ++ v = caml_copy_string (val); ++ optv = caml_alloc (1, 0); ++ Field (optv, 0) = v; ++ } else if (r == 0 || !val) /* Return None */ ++ optv = Val_int (0); ++ else if (r == -1) /* Error or multiple matches */ ++ raise_error (t, "Augeas.get"); ++ else ++ caml_failwith ("Augeas.get: bad return value"); ++ ++ CAMLreturn (optv); ++} ++ ++/* val exists : t -> path -> bool */ ++CAMLprim value ++ocaml_augeas_exists (value tv, value pathv) ++{ ++ CAMLparam2 (tv, pathv); ++ CAMLlocal1 (v); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ int r; ++ ++ r = aug_get (t, path, NULL); ++ if (r == 1) /* Return true. */ ++ v = Val_int (1); ++ else if (r == 0) /* Return false */ ++ v = Val_int (0); ++ else if (r == -1) /* Error or multiple matches */ ++ raise_error (t, "Augeas.exists"); ++ else ++ caml_failwith ("Augeas.exists: bad return value"); ++ ++ CAMLreturn (v); ++} ++ ++/* val insert : t -> ?before:bool -> path -> string -> unit */ ++CAMLprim value ++ocaml_augeas_insert (value tv, value beforev, value pathv, value labelv) ++{ ++ CAMLparam4 (tv, beforev, pathv, labelv); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ const char *label = String_val (labelv); ++ int before; ++ ++ before = beforev == Val_int (0) ? 0 : Int_val (Field (beforev, 0)); ++ ++ if (aug_insert (t, path, label, before) == -1) ++ raise_error (t, "Augeas.insert"); ++ ++ CAMLreturn (Val_unit); ++} ++ ++/* val label : t -> path -> string option */ ++CAMLprim value ++ocaml_augeas_label (value tv, value pathv) ++{ ++ CAMLparam2 (tv, pathv); ++ CAMLlocal2 (optv, v); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ const char *val; ++ int r; ++ ++ r = aug_label (t, path, &val); ++ if (r == 1 && val) { /* Return Some val */ ++ v = caml_copy_string (val); ++ optv = caml_alloc (1, 0); ++ Field (optv, 0) = v; ++ } else if (r == 0 || !val) /* Return None */ ++ optv = Val_int (0); ++ else if (r == -1) /* Error or multiple matches */ ++ raise_error (t, "Augeas.label"); ++ else ++ caml_failwith ("Augeas.label: bad return value"); ++ ++ CAMLreturn (optv); ++} ++ ++/* val mv : t -> path -> path -> unit */ ++CAMLprim value ++ocaml_augeas_mv (value tv, value srcv, value destv) ++{ ++ CAMLparam3 (tv, srcv, destv); ++ augeas_t t = Augeas_t_val (tv); ++ const char *src = String_val (srcv); ++ const char *dest = String_val (destv); ++ ++ if (aug_mv (t, src, dest) == -1) ++ raise_error (t, "Augeas.mv"); ++ ++ CAMLreturn (Val_unit); ++} ++ ++/* val rm : t -> path -> int */ ++CAMLprim value ++ocaml_augeas_rm (value tv, value pathv) ++{ ++ CAMLparam2 (tv, pathv); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ int r; ++ ++ r = aug_rm (t, path); ++ if (r == -1) ++ raise_error (t, "Augeas.rm"); ++ ++ CAMLreturn (Val_int (r)); ++} ++ ++/* val matches : t -> path -> path list */ ++CAMLprim value ++ocaml_augeas_match (value tv, value pathv) ++{ ++ CAMLparam2 (tv, pathv); ++ CAMLlocal3 (rv, v, cons); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ char **matches; ++ int r, i; ++ ++ r = aug_match (t, path, &matches); ++ if (r == -1) ++ raise_error (t, "Augeas.matches"); ++ ++ /* Copy the paths to a list. */ ++ rv = Val_int (0); ++ for (i = 0; i < r; ++i) { ++ v = caml_copy_string (matches[i]); ++ free (matches[i]); ++ cons = caml_alloc (2, 0); ++ Field (cons, 1) = rv; ++ Field (cons, 0) = v; ++ rv = cons; ++ } ++ ++ free (matches); ++ ++ CAMLreturn (rv); ++} ++ ++/* val count_matches : t -> path -> int */ ++CAMLprim value ++ocaml_augeas_count_matches (value tv, value pathv) ++{ ++ CAMLparam2 (tv, pathv); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ int r; ++ ++ r = aug_match (t, path, NULL); ++ if (r == -1) ++ raise_error (t, "Augeas.count_matches"); ++ ++ CAMLreturn (Val_int (r)); ++} ++ ++/* val save : t -> unit */ ++CAMLprim value ++ocaml_augeas_save (value tv) ++{ ++ CAMLparam1 (tv); ++ augeas_t t = Augeas_t_val (tv); ++ ++ if (aug_save (t) == -1) ++ raise_error (t, "Augeas.save"); ++ ++ CAMLreturn (Val_unit); ++} ++ ++/* val load : t -> unit */ ++CAMLprim value ++ocaml_augeas_load (value tv) ++{ ++ CAMLparam1 (tv); ++ augeas_t t = Augeas_t_val (tv); ++ ++ if (aug_load (t) == -1) ++ raise_error (t, "Augeas.load"); ++ ++ CAMLreturn (Val_unit); ++} ++ ++/* val set : t -> -> path -> value option -> unit */ ++CAMLprim value ++ocaml_augeas_set (value tv, value pathv, value valuev) ++{ ++ CAMLparam3 (tv, pathv, valuev); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ const char *val = Optstring_val (valuev); ++ ++ if (aug_set (t, path, val) == -1) ++ raise_error (t, "Augeas.set"); ++ ++ CAMLreturn (Val_unit); ++} ++ ++/* val setm : t -> path -> string option -> value option -> int */ ++CAMLprim value ++ocaml_augeas_setm (value tv, value basev, value subv, value valv) ++{ ++ CAMLparam4 (tv, basev, subv, valv); ++ augeas_t t = Augeas_t_val (tv); ++ const char *base = String_val (basev); ++ const char *sub = Optstring_val (subv); ++ const char *val = Optstring_val (valv); ++ int r; ++ ++ r = aug_setm (t, base, sub, val); ++ if (r == -1) ++ raise_error (t, "Augeas.setm"); ++ ++ CAMLreturn (Val_int (r)); ++} ++ ++/* val transform : t -> string -> string -> transform_mode -> unit */ ++CAMLprim value ++ocaml_augeas_transform (value tv, value lensv, value filev, value modev) ++{ ++ CAMLparam4 (tv, lensv, filev, modev); ++ augeas_t t = Augeas_t_val (tv); ++ const char *lens = String_val (lensv); ++ const char *file = String_val (filev); ++ const int excl = Int_val (modev) == 1 ? 1 : 0; ++ ++ if (aug_transform (t, lens, file, excl) == -1) ++ raise_error (t, "Augeas.transform"); ++ ++ CAMLreturn (Val_unit); ++} ++ ++/* val source : t -> path -> path option */ ++CAMLprim value ++ocaml_augeas_source (value tv, value pathv) ++{ ++#ifdef HAVE_AUG_SOURCE ++ CAMLparam2 (tv, pathv); ++ CAMLlocal2 (optv, v); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ char *file_path; ++ int r; ++ ++ r = aug_source (t, path, &file_path); ++ if (r == 0) { ++ if (file_path) { /* Return Some file_path */ ++ v = caml_copy_string (file_path); ++ optv = caml_alloc (1, 0); ++ Field (optv, 0) = v; ++ free (file_path); ++ } else /* Return None */ ++ optv = Val_int (0); ++ } ++ else /* Error */ ++ raise_error (t, "Augeas.source"); ++ ++ CAMLreturn (optv); ++#else ++ caml_failwith ("Augeas.source: function not implemented"); ++#endif ++} +diff --git a/bundled/ocaml-augeas/augeas.README b/bundled/ocaml-augeas/augeas.README +new file mode 100644 +index 00000000..938dfd25 +--- /dev/null ++++ b/bundled/ocaml-augeas/augeas.README +@@ -0,0 +1,8 @@ ++The files augeas-c.c, augeas.ml and augeas.mli come from the ++ocaml-augeas library: ++ ++ http://git.annexia.org/?p=ocaml-augeas.git ++ ++which is released under a compatible license. We try to keep them ++identical, so if you make changes to these files then you must also ++submit the changes to ocaml-augeas, and vice versa. +\ No newline at end of file +diff --git a/bundled/ocaml-augeas/augeas.ml b/bundled/ocaml-augeas/augeas.ml +new file mode 100644 +index 00000000..aa5a1822 +--- /dev/null ++++ b/bundled/ocaml-augeas/augeas.ml +@@ -0,0 +1,99 @@ ++(* Augeas OCaml bindings ++ * Copyright (C) 2008 Red Hat Inc., Richard W.M. Jones ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public ++ * License along with this library; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ++ * ++ * $Id: augeas.ml,v 1.2 2008/05/06 10:48:20 rjones Exp $ ++ *) ++ ++type t ++ ++type flag = ++ | AugSaveBackup ++ | AugSaveNewFile ++ | AugTypeCheck ++ | AugNoStdinc ++ | AugSaveNoop ++ | AugNoLoad ++ | AugNoModlAutoload ++ | AugEnableSpan ++ | AugNoErrClose ++ | AugTraceModuleLoading ++ ++type error_code = ++ | AugErrInternal ++ | AugErrPathX ++ | AugErrNoMatch ++ | AugErrMMatch ++ | AugErrSyntax ++ | AugErrNoLens ++ | AugErrMXfm ++ | AugErrNoSpan ++ | AugErrMvDesc ++ | AugErrCmdRun ++ | AugErrBadArg ++ | AugErrLabel ++ | AugErrCpDesc ++ | AugErrUnknown of int ++ ++type transform_mode = ++ | Include ++ | Exclude ++ ++exception Error of error_code * string * string * string * string ++ ++type path = string ++ ++type value = string ++ ++external create : string -> string option -> flag list -> t ++ = "ocaml_augeas_create" ++external close : t -> unit ++ = "ocaml_augeas_close" ++external defnode : t -> string -> string -> string option -> int * bool ++ = "ocaml_augeas_defnode" ++external defvar : t -> string -> string option -> int option ++ = "ocaml_augeas_defvar" ++external get : t -> path -> value option ++ = "ocaml_augeas_get" ++external exists : t -> path -> bool ++ = "ocaml_augeas_exists" ++external insert : t -> ?before:bool -> path -> string -> unit ++ = "ocaml_augeas_insert" ++external label : t -> path -> string option ++ = "ocaml_augeas_label" ++external rm : t -> path -> int ++ = "ocaml_augeas_rm" ++external matches : t -> path -> path list ++ = "ocaml_augeas_match" ++external count_matches : t -> path -> int ++ = "ocaml_augeas_count_matches" ++external save : t -> unit ++ = "ocaml_augeas_save" ++external load : t -> unit ++ = "ocaml_augeas_load" ++external mv : t -> path -> path -> unit ++ = "ocaml_augeas_mv" ++external set : t -> path -> value option -> unit ++ = "ocaml_augeas_set" ++external setm : t -> path -> string option -> value option -> int ++ = "ocaml_augeas_setm" ++external transform : t -> string -> string -> transform_mode -> unit ++ = "ocaml_augeas_transform" ++external source : t -> path -> path option ++ = "ocaml_augeas_source" ++ ++let () = ++ Callback.register_exception "Augeas.Error" (Error (AugErrInternal, "", "", "", "")) +diff --git a/bundled/ocaml-augeas/augeas.mli b/bundled/ocaml-augeas/augeas.mli +new file mode 100644 +index 00000000..8cbeae18 +--- /dev/null ++++ b/bundled/ocaml-augeas/augeas.mli +@@ -0,0 +1,164 @@ ++(** Augeas OCaml bindings *) ++(* Copyright (C) 2008 Red Hat Inc., Richard W.M. Jones ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public ++ * License along with this library; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ++ * ++ * $Id: augeas.mli,v 1.2 2008/05/06 10:48:20 rjones Exp $ ++ *) ++ ++type t ++ (** Augeas library handle. *) ++ ++type flag = ++ | AugSaveBackup (** Rename original with .augsave *) ++ | AugSaveNewFile (** Save changes to .augnew *) ++ | AugTypeCheck (** Type-check lenses *) ++ | AugNoStdinc ++ | AugSaveNoop ++ | AugNoLoad ++ | AugNoModlAutoload ++ | AugEnableSpan ++ | AugNoErrClose ++ | AugTraceModuleLoading ++ (** Flags passed to the {!create} function. *) ++ ++type error_code = ++ | AugErrInternal (** Internal error (bug) *) ++ | AugErrPathX (** Invalid path expression *) ++ | AugErrNoMatch (** No match for path expression *) ++ | AugErrMMatch (** Too many matches for path expression *) ++ | AugErrSyntax (** Syntax error in lens file *) ++ | AugErrNoLens (** Lens lookup failed *) ++ | AugErrMXfm (** Multiple transforms *) ++ | AugErrNoSpan (** No span for this node *) ++ | AugErrMvDesc (** Cannot move node into its descendant *) ++ | AugErrCmdRun (** Failed to execute command *) ++ | AugErrBadArg (** Invalid argument in funcion call *) ++ | AugErrLabel (** Invalid label *) ++ | AugErrCpDesc (** Cannot copy node into its descendant *) ++ | AugErrUnknown of int ++ (** Possible error codes. *) ++ ++type transform_mode = ++ | Include ++ | Exclude ++ (** The operation mode for the {!transform} function. *) ++ ++exception Error of error_code * string * string * string * string ++ (** This exception is thrown when the underlying Augeas library ++ returns an error. The tuple represents: ++ - the Augeas error code ++ - the ocaml-augeas error string ++ - the Augeas error message ++ - the human-readable explanation of the Augeas error, if available ++ - a string with details of the Augeas error ++ *) ++ ++type path = string ++ (** A path expression. ++ ++ Note in future we may replace this with a type-safe path constructor. *) ++ ++type value = string ++ (** A value. *) ++ ++val create : string -> string option -> flag list -> t ++ (** [create root loadpath flags] creates an Augeas handle. ++ ++ [root] is a file system path describing the location ++ of the configuration files. ++ ++ [loadpath] is an optional colon-separated list of directories ++ which are searched for schema definitions. ++ ++ [flags] is a list of flags. *) ++ ++val close : t -> unit ++ (** [close handle] closes the handle. ++ ++ You don't need to close handles explicitly with this function: ++ they will be finalized eventually by the garbage collector. ++ However calling this function frees up any resources used by the ++ underlying Augeas library immediately. ++ ++ Do not use the handle after closing it. *) ++ ++val defnode : t -> string -> string -> string option -> int * bool ++ (** [defnode t name expr value] defines [name] whose value is the ++ result of evaluating [expr], which is a nodeset. *) ++ ++val defvar : t -> string -> string option -> int option ++ (** [defvar t name expr] defines [name] whose value is the result ++ of evaluating [expr], replacing the old value if existing. ++ [None] as [expr] removes the variable [name]. *) ++ ++val get : t -> path -> value option ++ (** [get t path] returns the value at [path], or [None] if there ++ is no value. *) ++ ++val exists : t -> path -> bool ++ (** [exists t path] returns true iff there is a value at [path]. *) ++ ++val insert : t -> ?before:bool -> path -> string -> unit ++ (** [insert t ?before path label] inserts [label] as a sibling ++ of [path]. By default it is inserted after [path], unless ++ [~before:true] is specified. *) ++ ++val label : t -> path -> string option ++ (** [label t path] gets the label of [path]. ++ ++ Returns [Some value] when [path] matches only one node, and ++ that has an associated label. *) ++ ++val rm : t -> path -> int ++ (** [rm t path] removes all nodes matching [path]. ++ ++ Returns the number of nodes removed (which may be 0). *) ++ ++val matches : t -> path -> path list ++ (** [matches t path] returns a list of path expressions ++ of all nodes matching [path]. *) ++ ++val mv : t -> path -> path -> unit ++ (** [mv t src dest] moves a node. *) ++ ++val count_matches : t -> path -> int ++ (** [count_matches t path] counts the number of nodes matching ++ [path] but does not return them (see {!matches}). *) ++ ++val save : t -> unit ++ (** [save t] saves all pending changes to disk. *) ++ ++val load : t -> unit ++ (** [load t] loads files into the tree. *) ++ ++val set : t -> path -> value option -> unit ++ (** [set t path] sets [value] as new value at [path]. *) ++ ++val setm : t -> path -> string option -> value option -> int ++ (** [setm t base sub value] sets [value] as new value for all the ++ nodes under [base] that match [sub] (or all, if [sub] is ++ [None]). ++ ++ Returns the number of nodes modified. *) ++ ++val transform : t -> string -> string -> transform_mode -> unit ++ (** [transform t lens file mode] adds or removes (depending on ++ [mode]) the transformation of the specified [lens] for [file]. *) ++ ++val source : t -> path -> path option ++ (** [source t path] returns the path to the node representing the ++ file to which [path] belongs, or [None] if [path] does not ++ represent any file. *) +diff --git a/configure.ac b/configure.ac +index 0db21297..d1397f63 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -195,6 +195,7 @@ AC_CONFIG_FILES([run], + AC_CONFIG_FILES([Makefile + appliance/Makefile + bash/Makefile ++ bundled/ocaml-augeas/Makefile + common/errnostring/Makefile + common/edit/Makefile + common/mlpcre/Makefile +diff --git a/daemon/Makefile.am b/daemon/Makefile.am +index bb2e58d0..bd1920c6 100644 +--- a/daemon/Makefile.am ++++ b/daemon/Makefile.am +@@ -215,9 +215,9 @@ guestfsd_SOURCES = \ + guestfsd_LDFLAGS = \ + -L$(shell $(OCAMLC) -where) \ + -L$(shell $(OCAMLFIND) query hivex) \ +- -L$(shell $(OCAMLFIND) query augeas) \ + -L../common/mlutils \ + -L../common/mlstdutils \ ++ -L../bundled/ocaml-augeas \ + -L../common/mlpcre + guestfsd_LDADD = \ + camldaemon.o \ +@@ -353,7 +353,8 @@ BOBJECTS = $(SOURCES_ML:.ml=.cmo) + XOBJECTS = $(BOBJECTS:.cmo=.cmx) + + OCAMLPACKAGES = \ +- -package str,unix,augeas,hivex \ ++ -package str,unix,hivex \ ++ -I $(top_builddir)/bundled/ocaml-augeas \ + -I $(top_builddir)/common/mlstdutils \ + -I $(top_builddir)/common/mlutils \ + -I $(top_builddir)/common/utils/.libs \ +@@ -384,6 +385,7 @@ camldaemon.o: $(OBJECTS) + $(OCAMLFIND) $(BEST) -output-obj -o $@ \ + $(OCAMLFLAGS) $(OCAMLPACKAGES) \ + -linkpkg \ ++ mlaugeas.$(MLARCHIVE) \ + mlpcre.$(MLARCHIVE) \ + mlstdutils.$(MLARCHIVE) \ + mlcutils.$(MLARCHIVE) \ +@@ -442,6 +444,7 @@ OCAMLLINKFLAGS = \ + mlpcre.$(MLARCHIVE) \ + mlstdutils.$(MLARCHIVE) \ + mlcutils.$(MLARCHIVE) \ ++ mlaugeas.$(MLARCHIVE) \ + $(LINK_CUSTOM_OCAMLC_ONLY) + + daemon_utils_tests_DEPENDENCIES = \ +diff --git a/docs/guestfs-building.pod b/docs/guestfs-building.pod +index 5a7fa40f..b9bc885a 100644 +--- a/docs/guestfs-building.pod ++++ b/docs/guestfs-building.pod +@@ -172,11 +172,6 @@ I. + + I. + +-=item ocaml-augeas +- +-I. These are the OCaml bindings for Augeas, found at: +-L +- + =item xz + + I. +diff --git a/docs/guestfs-hacking.pod b/docs/guestfs-hacking.pod +index e1b47ec1..68cf8292 100644 +--- a/docs/guestfs-hacking.pod ++++ b/docs/guestfs-hacking.pod +@@ -71,6 +71,20 @@ Various build scripts used by autotools. + + L command and documentation. + ++=item F ++ ++Embedded copies of other libraries, mostly for convenience (and the embedded ++library is not widespread enough). ++ ++=over 4 ++ ++=item F ++ ++Bindings for the Augeas library. These come from the ocaml-augeas ++library L ++ ++=back ++ + =item F + + The L, L, L, +diff --git a/m4/guestfs-ocaml.m4 b/m4/guestfs-ocaml.m4 +index 85020717..51072c1a 100644 +--- a/m4/guestfs-ocaml.m4 ++++ b/m4/guestfs-ocaml.m4 +@@ -132,14 +132,6 @@ AS_IF([test "x$have_Hivex_OPEN_UNSAFE" = "xno"],[ + ]) + AC_SUBST([HIVEX_OPEN_UNSAFE_FLAG]) + +-if test "x$enable_daemon" = "xyes"; then +- OCAML_PKG_augeas=no +- AC_CHECK_OCAML_PKG(augeas) +- if test "x$OCAML_PKG_augeas" = "xno"; then +- AC_MSG_ERROR([the OCaml module 'augeas' is required]) +- fi +-fi +- + # oUnit is optional, used by some tests in common/mlstdutils (that we + # should replace with regular tests one day). If used, oUnit >= 2 is + # required. +diff --git a/ocaml-dep.sh.in b/ocaml-dep.sh.in +index 385a1e6e..c9e9e3e6 100755 +--- a/ocaml-dep.sh.in ++++ b/ocaml-dep.sh.in +@@ -33,6 +33,7 @@ set -e + # directories must have unique names (eg. not ‘Utils’) else + # dependencies don't get built right. + include_dirs=" ++bundled/ocaml-augeas + common/mlgettext + common/mlpcre + common/mlstdutils diff --git a/SOURCES/0011-update-common-submodule.patch b/SOURCES/0011-update-common-submodule.patch new file mode 100644 index 0000000..3822446 --- /dev/null +++ b/SOURCES/0011-update-common-submodule.patch @@ -0,0 +1,160 @@ +From 194a48aef32367c45c555a4d93fb1a3375b0dead Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Fri, 19 May 2023 16:08:47 +0200 +Subject: [PATCH] update common submodule + +Laszlo Ersek (2): + options/keys: key_store_import_key(): un-constify "key" parameter + options/keys: introduce unescape_device_mapper_lvm() + +Richard W.M. Jones (1): + mlcustomize/SELinux_relabel.ml: Use Array.mem + +Roman Kagan (1): + mlcustomize: skip SELinux relabeling if it's disabled + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2168506 +Signed-off-by: Laszlo Ersek +Message-Id: <20230519140849.310774-2-lersek@redhat.com> +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 83afd6d3d2c82ee3a8f22079ba12ef7eac38ac34) +--- + common | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Submodule common 70c10a07..b636c3f2: +diff --git a/common/options/options.h b/common/options/options.h +index 94573ee0..94e8b9ee 100644 +--- a/common/options/options.h ++++ b/common/options/options.h +@@ -169,7 +169,8 @@ extern struct matching_key *get_keys (struct key_store *ks, const char *device, + const char *uuid, size_t *nr_matches); + extern void free_keys (struct matching_key *keys, size_t nr_matches); + extern struct key_store *key_store_add_from_selector (struct key_store *ks, const char *selector); +-extern struct key_store *key_store_import_key (struct key_store *ks, const struct key_store_key *key); ++extern struct key_store *key_store_import_key (struct key_store *ks, ++ struct key_store_key *key); + extern bool key_store_requires_network (const struct key_store *ks); + extern void free_key_store (struct key_store *ks); + +diff --git a/common/options/keys.c b/common/options/keys.c +index 48f1bc7c..52b27369 100644 +--- a/common/options/keys.c ++++ b/common/options/keys.c +@@ -260,8 +260,107 @@ key_store_add_from_selector (struct key_store *ks, const char *selector) + return key_store_import_key (ks, &key); + } + ++/* Turn /dev/mapper/VG-LV into /dev/VG/LV, in-place. */ ++static void ++unescape_device_mapper_lvm (char *id) ++{ ++ static const char dev[] = "/dev/", dev_mapper[] = "/dev/mapper/"; ++ const char *input_start; ++ char *output; ++ enum { M_SCAN, M_FILL, M_DONE } mode; ++ ++ if (!STRPREFIX (id, dev_mapper)) ++ return; ++ ++ /* Start parsing "VG-LV" from "id" after "/dev/mapper/". */ ++ input_start = id + (sizeof dev_mapper - 1); ++ ++ /* Start writing the unescaped "VG/LV" output after "/dev/". */ ++ output = id + (sizeof dev - 1); ++ ++ for (mode = M_SCAN; mode < M_DONE; ++mode) { ++ char c; ++ const char *input = input_start; ++ const char *hyphen_buffered = NULL; ++ bool single_hyphen_seen = false; ++ ++ do { ++ c = *input; ++ ++ switch (c) { ++ case '-': ++ if (hyphen_buffered == NULL) ++ /* This hyphen may start an escaped hyphen, or it could be the ++ * separator in VG-LV. ++ */ ++ hyphen_buffered = input; ++ else { ++ /* This hyphen completes an escaped hyphen; unescape it. */ ++ if (mode == M_FILL) ++ *output++ = '-'; ++ hyphen_buffered = NULL; ++ } ++ break; ++ ++ case '/': ++ /* Slash characters are forbidden in VG-LV anywhere. If there's any, ++ * we'll find it in the first (i.e., scanning) phase, before we output ++ * anything back to "id". ++ */ ++ assert (mode == M_SCAN); ++ return; ++ ++ default: ++ /* Encountered a non-slash, non-hyphen character -- which also may be ++ * the terminating NUL. ++ */ ++ if (hyphen_buffered != NULL) { ++ /* The non-hyphen character comes after a buffered hyphen, so the ++ * buffered hyphen is supposed to be the single hyphen that separates ++ * VG from LV in VG-LV. There are three requirements for this ++ * separator: (a) it must be unique (we must not have seen another ++ * such separator earlier), (b) it must not be at the start of VG-LV ++ * (because VG would be empty that way), (c) it must not be at the end ++ * of VG-LV (because LV would be empty that way). Should any of these ++ * be violated, we'll catch that during the first (i.e., scanning) ++ * phase, before modifying "id". ++ */ ++ if (single_hyphen_seen || hyphen_buffered == input_start || ++ c == '\0') { ++ assert (mode == M_SCAN); ++ return; ++ } ++ ++ /* Translate the separator hyphen to a slash character. */ ++ if (mode == M_FILL) ++ *output++ = '/'; ++ hyphen_buffered = NULL; ++ single_hyphen_seen = true; ++ } ++ ++ /* Output the non-hyphen character (including the terminating NUL) ++ * regardless of whether there was a buffered hyphen separator (which, ++ * by now, we'll have attempted to translate and flush). ++ */ ++ if (mode == M_FILL) ++ *output++ = c; ++ } ++ ++ ++input; ++ } while (c != '\0'); ++ ++ /* We must have seen the VG-LV separator. If that's not the case, we'll ++ * catch it before modifying "id". ++ */ ++ if (!single_hyphen_seen) { ++ assert (mode == M_SCAN); ++ return; ++ } ++ } ++} ++ + struct key_store * +-key_store_import_key (struct key_store *ks, const struct key_store_key *key) ++key_store_import_key (struct key_store *ks, struct key_store_key *key) + { + struct key_store_key *new_keys; + +@@ -278,6 +377,7 @@ key_store_import_key (struct key_store *ks, const struct key_store_key *key) + error (EXIT_FAILURE, errno, "realloc"); + + ks->keys = new_keys; ++ unescape_device_mapper_lvm (key->id); + ks->keys[ks->nr_keys] = *key; + ++ks->nr_keys; + diff --git a/SOURCES/0012-LUKS-on-LVM-inspection-test-rename-VGs-and-LVs.patch b/SOURCES/0012-LUKS-on-LVM-inspection-test-rename-VGs-and-LVs.patch new file mode 100644 index 0000000..b35742b --- /dev/null +++ b/SOURCES/0012-LUKS-on-LVM-inspection-test-rename-VGs-and-LVs.patch @@ -0,0 +1,97 @@ +From c95b3086bdbdf840de8d3b24c3ae5e9b847bf588 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Fri, 19 May 2023 16:08:48 +0200 +Subject: [PATCH] LUKS-on-LVM inspection test: rename VGs and LVs + +In preparation for a subsequent patch, rename "VG" to "Volume-Group", and +"LV" to "Logical-Volume-", in the LUKS-on-LVM inspection test. + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2168506 +Signed-off-by: Laszlo Ersek +Message-Id: <20230519140849.310774-3-lersek@redhat.com> +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 58e26402334a4696fa08730eecc9098fc270ed1c) +--- + test-data/phony-guests/make-fedora-img.pl | 30 +++++++++++-------- + .../test-key-option-inspect-luks-on-lvm.sh | 16 +++++----- + 2 files changed, 25 insertions(+), 21 deletions(-) + +diff --git a/test-data/phony-guests/make-fedora-img.pl b/test-data/phony-guests/make-fedora-img.pl +index c0cb5d0b..6362e225 100755 +--- a/test-data/phony-guests/make-fedora-img.pl ++++ b/test-data/phony-guests/make-fedora-img.pl +@@ -224,23 +224,27 @@ EOF + + # Create the Volume Group on /dev/sda2. + $g->pvcreate ('/dev/sda2'); +- $g->vgcreate ('VG', ['/dev/sda2']); +- $g->lvcreate ('Root', 'VG', 32); +- $g->lvcreate ('LV1', 'VG', 32); +- $g->lvcreate ('LV2', 'VG', 32); +- $g->lvcreate ('LV3', 'VG', 64); ++ $g->vgcreate ('Volume-Group', ['/dev/sda2']); ++ $g->lvcreate ('Root', 'Volume-Group', 32); ++ $g->lvcreate ('Logical-Volume-1', 'Volume-Group', 32); ++ $g->lvcreate ('Logical-Volume-2', 'Volume-Group', 32); ++ $g->lvcreate ('Logical-Volume-3', 'Volume-Group', 64); + + # Format each Logical Group as a LUKS device, with a different password. +- $g->luks_format ('/dev/VG/Root', 'FEDORA-Root', 0); +- $g->luks_format ('/dev/VG/LV1', 'FEDORA-LV1', 0); +- $g->luks_format ('/dev/VG/LV2', 'FEDORA-LV2', 0); +- $g->luks_format ('/dev/VG/LV3', 'FEDORA-LV3', 0); ++ $g->luks_format ('/dev/Volume-Group/Root', 'FEDORA-Root', 0); ++ $g->luks_format ('/dev/Volume-Group/Logical-Volume-1', 'FEDORA-LV1', 0); ++ $g->luks_format ('/dev/Volume-Group/Logical-Volume-2', 'FEDORA-LV2', 0); ++ $g->luks_format ('/dev/Volume-Group/Logical-Volume-3', 'FEDORA-LV3', 0); + + # Open the LUKS devices. This creates nodes like /dev/mapper/*-luks. +- $g->cryptsetup_open ('/dev/VG/Root', 'FEDORA-Root', 'Root-luks'); +- $g->cryptsetup_open ('/dev/VG/LV1', 'FEDORA-LV1', 'LV1-luks'); +- $g->cryptsetup_open ('/dev/VG/LV2', 'FEDORA-LV2', 'LV2-luks'); +- $g->cryptsetup_open ('/dev/VG/LV3', 'FEDORA-LV3', 'LV3-luks'); ++ $g->cryptsetup_open ('/dev/Volume-Group/Root', ++ 'FEDORA-Root', 'Root-luks'); ++ $g->cryptsetup_open ('/dev/Volume-Group/Logical-Volume-1', ++ 'FEDORA-LV1', 'LV1-luks'); ++ $g->cryptsetup_open ('/dev/Volume-Group/Logical-Volume-2', ++ 'FEDORA-LV2', 'LV2-luks'); ++ $g->cryptsetup_open ('/dev/Volume-Group/Logical-Volume-3', ++ 'FEDORA-LV3', 'LV3-luks'); + + # Phony root filesystem. + $g->mkfs ('ext2', '/dev/mapper/Root-luks', blocksize => 4096, label => 'ROOT'); +diff --git a/tests/luks/test-key-option-inspect-luks-on-lvm.sh b/tests/luks/test-key-option-inspect-luks-on-lvm.sh +index 52cd7e98..a8d72b9f 100755 +--- a/tests/luks/test-key-option-inspect-luks-on-lvm.sh ++++ b/tests/luks/test-key-option-inspect-luks-on-lvm.sh +@@ -30,10 +30,10 @@ skip_unless_phony_guest fedora-luks-on-lvm.img + # Volume names. + guestfish=(guestfish --listen --ro --inspector + --add ../test-data/phony-guests/fedora-luks-on-lvm.img) +-keys_by_lvname=(--key /dev/VG/Root:key:FEDORA-Root +- --key /dev/VG/LV1:key:FEDORA-LV1 +- --key /dev/VG/LV2:key:FEDORA-LV2 +- --key /dev/VG/LV3:key:FEDORA-LV3) ++keys_by_lvname=(--key /dev/Volume-Group/Root:key:FEDORA-Root ++ --key /dev/Volume-Group/Logical-Volume-1:key:FEDORA-LV1 ++ --key /dev/Volume-Group/Logical-Volume-2:key:FEDORA-LV2 ++ --key /dev/Volume-Group/Logical-Volume-3:key:FEDORA-LV3) + + # The variable assignment below will fail, and abort the script, if guestfish + # refuses to start up. +@@ -56,10 +56,10 @@ function cleanup_guestfish + trap cleanup_guestfish EXIT + + # Get the UUIDs of the LUKS devices. +-uuid_root=$(guestfish --remote -- luks-uuid /dev/VG/Root) +-uuid_lv1=$( guestfish --remote -- luks-uuid /dev/VG/LV1) +-uuid_lv2=$( guestfish --remote -- luks-uuid /dev/VG/LV2) +-uuid_lv3=$( guestfish --remote -- luks-uuid /dev/VG/LV3) ++uuid_root=$(guestfish --remote -- luks-uuid /dev/Volume-Group/Root) ++uuid_lv1=$( guestfish --remote -- luks-uuid /dev/Volume-Group/Logical-Volume-1) ++uuid_lv2=$( guestfish --remote -- luks-uuid /dev/Volume-Group/Logical-Volume-2) ++uuid_lv3=$( guestfish --remote -- luks-uuid /dev/Volume-Group/Logical-Volume-3) + + # The actual test. + function check_filesystems diff --git a/SOURCES/0012-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch b/SOURCES/0012-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch deleted file mode 100644 index 5683472..0000000 --- a/SOURCES/0012-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch +++ /dev/null @@ -1,32 +0,0 @@ -From c1ff450bcee1465f0eaca00a4d6c8c731f175488 Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Tue, 29 Jun 2021 15:29:11 +0100 -Subject: [PATCH] RHEL: Create /etc/crypto-policies/back-ends/opensslcnf.config - -https://bugzilla.redhat.com/show_bug.cgi?id=1977214#c13 ---- - appliance/init | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/appliance/init b/appliance/init -index 19aa151b7..e67d88280 100755 ---- a/appliance/init -+++ b/appliance/init -@@ -76,6 +76,14 @@ if ! test -e /etc/mtab; then - ln -s /proc/mounts /etc/mtab - fi - -+# openssl 3 requires /etc/crypto-policies/back-ends/opensslcnf.config -+# to exist, but it is created in a %post script in crypto-policies -+# https://bugzilla.redhat.com/show_bug.cgi?id=1977214#c13 -+if ! test -r /etc/crypto-policies/back-ends/opensslcnf.config && -+ test -f /usr/share/crypto-policies/DEFAULT/opensslcnf.txt; then -+ ln -s /usr/share/crypto-policies/DEFAULT/opensslcnf.txt /etc/crypto-policies/back-ends/opensslcnf.config -+fi -+ - # Static nodes must happen before udev is started. - - # Set up kmod static-nodes (RHBZ#1011907). --- -2.31.1 - diff --git a/SOURCES/0013-LUKS-on-LVM-inspection-test-test-dev-mapper-VG-LV-tr.patch b/SOURCES/0013-LUKS-on-LVM-inspection-test-test-dev-mapper-VG-LV-tr.patch new file mode 100644 index 0000000..715e658 --- /dev/null +++ b/SOURCES/0013-LUKS-on-LVM-inspection-test-test-dev-mapper-VG-LV-tr.patch @@ -0,0 +1,46 @@ +From 15cc20d1f5e0413c1af26c683437995886146eb6 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Fri, 19 May 2023 16:08:49 +0200 +Subject: [PATCH] LUKS-on-LVM inspection test: test /dev/mapper/VG-LV + translation + +In the LUKS-on-LVM inspection test, call the "check_filesystems" function +yet another time, now with such "--key" options that exercise the recent +"/dev/mapper/VG-LV" -> "/dev/VG/LV" translation (unescaping) from +libguestfs-common. + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2168506 +Signed-off-by: Laszlo Ersek +Message-Id: <20230519140849.310774-4-lersek@redhat.com> +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 32408a9c36165af376f9f42e7d3e158d3da2c76e) +--- + .../test-key-option-inspect-luks-on-lvm.sh | 18 ++++++++++++++++++ + 1 file changed, 18 insertions(+) + +diff --git a/tests/luks/test-key-option-inspect-luks-on-lvm.sh b/tests/luks/test-key-option-inspect-luks-on-lvm.sh +index a8d72b9f..932862b1 100755 +--- a/tests/luks/test-key-option-inspect-luks-on-lvm.sh ++++ b/tests/luks/test-key-option-inspect-luks-on-lvm.sh +@@ -101,3 +101,21 @@ eval "$fish_ref" + + # Repeat the test. + check_filesystems ++ ++# Exit the current guestfish background process. ++guestfish --remote -- exit ++GUESTFISH_PID= ++ ++# Start up another guestfish background process, and specify the keys in ++# /dev/mapper/VG-LV format this time. ++keys_by_mapper_lvname=( ++ --key /dev/mapper/Volume--Group-Root:key:FEDORA-Root ++ --key /dev/mapper/Volume--Group-Logical--Volume--1:key:FEDORA-LV1 ++ --key /dev/mapper/Volume--Group-Logical--Volume--2:key:FEDORA-LV2 ++ --key /dev/mapper/Volume--Group-Logical--Volume--3:key:FEDORA-LV3 ++) ++fish_ref=$("${guestfish[@]}" "${keys_by_mapper_lvname[@]}") ++eval "$fish_ref" ++ ++# Repeat the test. ++check_filesystems diff --git a/SOURCES/0013-php-add-arginfo-to-php-bindings.patch b/SOURCES/0013-php-add-arginfo-to-php-bindings.patch deleted file mode 100644 index 7122e7c..0000000 --- a/SOURCES/0013-php-add-arginfo-to-php-bindings.patch +++ /dev/null @@ -1,90 +0,0 @@ -From d451e0e42c75429279426e9eb5a7701cd4681d07 Mon Sep 17 00:00:00 2001 -From: Geoff Amey -Date: Wed, 15 Jun 2022 17:06:56 -0400 -Subject: [PATCH] php: add arginfo to php bindings - -Starting with PHP8, arginfo is mandatory for PHP extensions. This patch -updates the generator for the PHP bindings to generate the arginfo -structures, using the Zend API macros. Only basic arginfo is added, -without full documentation of argument and return types, in order to -ensure compatibility with as many versions of PHP as possible. - -(cherry picked from commit ec27979398b0871c1a3e0e244849f8435c9c9a8d) ---- - .gitignore | 1 + - generator/php.ml | 37 ++++++++++++++++++++++++++++++++++--- - 2 files changed, 35 insertions(+), 3 deletions(-) - -diff --git a/.gitignore b/.gitignore -index a36ccc86a..356c01fbd 100644 ---- a/.gitignore -+++ b/.gitignore -@@ -325,6 +325,7 @@ Makefile.in - /php/extension/configure.in - /php/extension/env - /php/extension/guestfs_php.c -+/php/extension/guestfs_php.dep - /php/extension/install-sh - /php/extension/libtool - /php/extension/ltmain.sh -diff --git a/generator/php.ml b/generator/php.ml -index 5c7ef48e8..acdc7b877 100644 ---- a/generator/php.ml -+++ b/generator/php.ml -@@ -130,6 +130,37 @@ typedef size_t guestfs_string_length; - typedef int guestfs_string_length; - #endif - -+/* Declare argument info structures */ -+ZEND_BEGIN_ARG_INFO_EX(arginfo_create, 0, 0, 0) -+ZEND_END_ARG_INFO() -+ -+ZEND_BEGIN_ARG_INFO_EX(arginfo_last_error, 0, 0, 1) -+ ZEND_ARG_INFO(0, g) -+ZEND_END_ARG_INFO() -+ -+"; -+ List.iter ( -+ fun { name = shortname; style = ret, args, optargs; } -> -+ let len = List.length args in -+ pr "ZEND_BEGIN_ARG_INFO_EX(arginfo_%s, 0, 0, %d)\n" shortname (len + 1); -+ pr " ZEND_ARG_INFO(0, g)\n"; -+ List.iter ( -+ function -+ | BufferIn n | Bool n | Int n | Int64 n | OptString n -+ | Pointer(_, n) | String (_, n) | StringList (_, n) -> -+ pr " ZEND_ARG_INFO(0, %s)\n" n -+ ) args; -+ -+ List.iter ( -+ function -+ | OBool n | OInt n | OInt64 n | OString n | OStringList n -> -+ pr " ZEND_ARG_INFO(0, %s)\n" n -+ ) optargs; -+ pr "ZEND_END_ARG_INFO()\n\n"; -+ ) (actions |> external_functions |> sort); -+ -+ pr " -+ - /* Convert array to list of strings. - * http://marc.info/?l=pecl-dev&m=112205192100631&w=2 - */ -@@ -204,12 +235,12 @@ PHP_MINIT_FUNCTION (guestfs_php) - } - - static zend_function_entry guestfs_php_functions[] = { -- PHP_FE (guestfs_create, NULL) -- PHP_FE (guestfs_last_error, NULL) -+ PHP_FE (guestfs_create, arginfo_create) -+ PHP_FE (guestfs_last_error, arginfo_last_error) - "; - - List.iter ( -- fun { name } -> pr " PHP_FE (guestfs_%s, NULL)\n" name -+ fun { name } -> pr " PHP_FE (guestfs_%s, arginfo_%s)\n" name name - ) (actions |> external_functions |> sort); - - pr " { NULL, NULL, NULL } --- -2.31.1 - diff --git a/SOURCES/0014-introduce-the-clevis_luks_unlock-API.patch b/SOURCES/0014-introduce-the-clevis_luks_unlock-API.patch deleted file mode 100644 index 10db265..0000000 --- a/SOURCES/0014-introduce-the-clevis_luks_unlock-API.patch +++ /dev/null @@ -1,252 +0,0 @@ -From 51ea2e3af9caa434e847ca74a86f5de5ade6058f Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Thu, 30 Jun 2022 14:20:47 +0200 -Subject: [PATCH] introduce the "clevis_luks_unlock" API - -Introduce a new guestfs API called "clevis_luks_unlock". At the libguestfs -level, it is quite simple; it wraps the "clevis luks unlock" guest command -(implemented by the "clevis-luks-unlock" executable, which is in fact a -shell script). - -The complexity is instead in the network-based disk encryption -(Clevis/Tang) scheme. Useful documentation: - -- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html-single/security_hardening/index#configuring-automated-unlocking-of-encrypted-volumes-using-policy-based-decryption_security-hardening -- https://github.com/latchset/clevis#clevis -- https://github.com/latchset/tang#tang - -The package providing "clevis-luks-unlock" is usually called -"clevis-luks", occasionally "clevis". Some distros don't package clevis at -all. Add the new API under a new option group (which may not be available) -called "clevisluks". - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1809453 -Signed-off-by: Laszlo Ersek -Message-Id: <20220630122048.19335-3-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit 9a3e9a6c03eaffe60196bc4c7ae4699beae01dc3) ---- - appliance/packagelist.in | 4 +++ - daemon/Makefile.am | 1 + - daemon/clevis-luks.c | 58 +++++++++++++++++++++++++++++++++++++++ - generator/actions_core.ml | 40 +++++++++++++++++++++++++++ - generator/proc_nr.ml | 1 + - lib/MAX_PROC_NR | 2 +- - lib/guestfs.pod | 19 ++++++++++--- - 7 files changed, 120 insertions(+), 5 deletions(-) - create mode 100644 daemon/clevis-luks.c - -diff --git a/appliance/packagelist.in b/appliance/packagelist.in -index 77a07acc6..0b79edcdd 100644 ---- a/appliance/packagelist.in -+++ b/appliance/packagelist.in -@@ -23,6 +23,7 @@ dnl Basically the same with a few minor tweaks. - ifelse(UBUNTU,1,`define(`DEBIAN',1)') - - ifelse(REDHAT,1, -+ clevis-luks - cryptsetup - cryptsetup-luks dnl old name used before Fedora 17 - dhclient -@@ -53,6 +54,7 @@ ifelse(DEBIAN,1, - bsdmainutils - dnl old name used in Jessie and earlier - btrfs-tools -+ clevis-luks - cryptsetup - dash - extlinux -@@ -92,6 +94,7 @@ dnl iproute has been renamed to iproute2 - ifelse(ARCHLINUX,1, - cdrkit - cdrtools -+ clevis - cryptsetup - dhclient - dhcpcd -@@ -119,6 +122,7 @@ ifelse(SUSE,1, - augeas-lenses - btrfsprogs - cdrkit-cdrtools-compat -+ clevis - cryptsetup - dhcpcd - dhcp-client -diff --git a/daemon/Makefile.am b/daemon/Makefile.am -index bbd49f9ea..f50faecd6 100644 ---- a/daemon/Makefile.am -+++ b/daemon/Makefile.am -@@ -98,6 +98,7 @@ guestfsd_SOURCES = \ - cap.c \ - checksum.c \ - cleanups.c \ -+ clevis-luks.c \ - cmp.c \ - command.c \ - command.h \ -diff --git a/daemon/clevis-luks.c b/daemon/clevis-luks.c -new file mode 100644 -index 000000000..d3d970d78 ---- /dev/null -+++ b/daemon/clevis-luks.c -@@ -0,0 +1,58 @@ -+/* libguestfs - the guestfsd daemon -+ * Copyright (C) 2009-2022 Red Hat Inc. -+ * -+ * This program is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 2 of the License, or -+ * (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -+ */ -+ -+#include -+ -+#include "daemon.h" -+#include "actions.h" -+#include "optgroups.h" -+ -+#define MAX_ARGS 8 -+ -+int -+optgroup_clevisluks_available (void) -+{ -+ return prog_exists ("clevis-luks-unlock"); -+} -+ -+int -+do_clevis_luks_unlock (const char *device, const char *mapname) -+{ -+ const char *argv[MAX_ARGS]; -+ size_t i = 0; -+ int r; -+ CLEANUP_FREE char *err = NULL; -+ -+ ADD_ARG (argv, i, "clevis"); -+ ADD_ARG (argv, i, "luks"); -+ ADD_ARG (argv, i, "unlock"); -+ ADD_ARG (argv, i, "-d"); -+ ADD_ARG (argv, i, device); -+ ADD_ARG (argv, i, "-n"); -+ ADD_ARG (argv, i, mapname); -+ ADD_ARG (argv, i, NULL); -+ -+ r = commandv (NULL, &err, argv); -+ if (r == -1) { -+ reply_with_error ("%s: %s: %s", device, mapname, err); -+ return -1; -+ } -+ -+ udev_settle (); -+ return 0; -+} -diff --git a/generator/actions_core.ml b/generator/actions_core.ml -index 6cd42a290..3c9b0a9b2 100644 ---- a/generator/actions_core.ml -+++ b/generator/actions_core.ml -@@ -9676,4 +9676,44 @@ and I the name of the underlying block device." }; - shortdesc = "read directories entries"; - longdesc = "Internal function for readdir." }; - -+ { defaults with -+ name = "clevis_luks_unlock"; added = (1, 49, 3); -+ style = RErr, -+ [String (Device, "device"); String (PlainString, "mapname")], -+ []; -+ optional = Some "clevisluks"; -+ test_excuse = "needs networking and a configured Tang server"; -+ shortdesc = "open an encrypted LUKS block device with Clevis and Tang"; -+ longdesc = "\ -+This command opens a block device that has been encrypted according to -+the Linux Unified Key Setup (LUKS) standard, using network-bound disk -+encryption (NBDE). -+ -+C is the encrypted block device. -+ -+The appliance will connect to the Tang servers noted in the tree of -+Clevis pins that is bound to a keyslot of the LUKS header. The Clevis -+pin tree may comprise C (redudancy) pins as internal nodes -+(optionally), and C pins as leaves. C pins are not -+supported. The appliance unlocks the encrypted block device by -+combining responses from the Tang servers with metadata from the LUKS -+header; there is no C parameter. -+ -+This command will fail if networking has not been enabled for the -+appliance. Refer to C. -+ -+The command creates a new block device called F. -+Reads and writes to this block device are decrypted from and encrypted -+to the underlying C respectively. Close the decrypted block -+device with C. -+ -+C cannot be C<\"control\"> because that name is reserved by -+device-mapper. -+ -+If this block device contains LVM volume groups, then calling -+C with the C parameter C will make -+them visible. -+ -+Use C to list all device mapper devices." }; -+ - ] -diff --git a/generator/proc_nr.ml b/generator/proc_nr.ml -index bdced51c9..edd9bd99d 100644 ---- a/generator/proc_nr.ml -+++ b/generator/proc_nr.ml -@@ -514,6 +514,7 @@ let proc_nr = [ - 509, "cryptsetup_close"; - 510, "internal_list_rpm_applications"; - 511, "internal_readdir"; -+512, "clevis_luks_unlock" - ] - - (* End of list. If adding a new entry, add it at the end of the list -diff --git a/lib/MAX_PROC_NR b/lib/MAX_PROC_NR -index c0556fb20..4d0e90cbc 100644 ---- a/lib/MAX_PROC_NR -+++ b/lib/MAX_PROC_NR -@@ -1 +1 @@ --511 -+512 -diff --git a/lib/guestfs.pod b/lib/guestfs.pod -index 946ce2d36..0fbe114a5 100644 ---- a/lib/guestfs.pod -+++ b/lib/guestfs.pod -@@ -591,11 +591,22 @@ For Windows BitLocker it returns C. - Then open these devices by calling L. - Obviously you will require the passphrase! - -+Passphrase-less unlocking is supported for LUKS (not BitLocker) -+block devices that have been encrypted with network-bound disk -+encryption (NBDE), using Clevis on the Linux guest side, and -+Tang on a separate Linux server. Open such devices with -+L. The appliance will need -+networking enabled (refer to L) and actual -+connectivity to the Tang servers noted in the C Clevis -+pins that are bound to the LUKS header. (This includes the -+ability to resolve the names of the Tang servers.) -+ - Opening an encrypted device creates a new device mapper device --called F (where C is the --string you supply to L). --Reads and writes to this mapper device are decrypted from and --encrypted to the underlying block device respectively. -+called F (where C is the string -+you supply to L or -+L). Reads and writes to this mapper -+device are decrypted from and encrypted to the underlying block -+device respectively. - - LVM volume groups on the device can be made visible by calling - L followed by L. --- -2.31.1 - diff --git a/SOURCES/0015-guestfish-guestmount-enable-networking-for-key-ID-cl.patch b/SOURCES/0015-guestfish-guestmount-enable-networking-for-key-ID-cl.patch deleted file mode 100644 index c4a406e..0000000 --- a/SOURCES/0015-guestfish-guestmount-enable-networking-for-key-ID-cl.patch +++ /dev/null @@ -1,69 +0,0 @@ -From 5ae97d7d83d8cdb6e8428774282167dd774aaf70 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Thu, 30 Jun 2022 14:20:48 +0200 -Subject: [PATCH] guestfish, guestmount: enable networking for "--key - ID:clevis" - -Call the C-language helper key_store_requires_network() in guestfish and -guestmount. - -(Short log for the "common" submodule, commit range -35467027f657..af6cb55bc58a: - -Laszlo Ersek (12): - options: fix UUID comparison logic bug in get_keys() - mltools/tools_utils: remove unused function "key_store_to_cli" - mltools/tools_utils: allow multiple "--key" options for OCaml tools too - options: replace NULL-termination with number-of-elements in get_keys() - options: wrap each passphrase from get_keys() into a struct - options: add back-end for LUKS decryption with Clevis+Tang - options: introduce selector type "key_clevis" - options: generalize "--key" selector parsing for C-language utilities - mltools/tools_utils-c: handle internal type error with abort() - mltools/tools_utils: generalize "--key" selector parsing for OCaml utils - options, mltools/tools_utils: parse "--key ID:clevis" options - options, mltools/tools_utils: add helper for network dependency -). - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1809453 -Signed-off-by: Laszlo Ersek -Reviewed-by: Richard W.M. Jones -Message-Id: <20220630122048.19335-4-lersek@redhat.com> -(cherry picked from commit 6a5b44f538065a9f661510234a4235bf38348213) ---- - fish/fish.c | 3 +++ - fuse/guestmount.c | 4 ++++ - 2 files changed, 7 insertions(+) - -diff --git a/fish/fish.c b/fish/fish.c -index 23d9bb94f..19e3d2799 100644 ---- a/fish/fish.c -+++ b/fish/fish.c -@@ -476,6 +476,9 @@ main (int argc, char *argv[]) - /* If we've got drives to add, add them now. */ - add_drives (drvs); - -+ if (key_store_requires_network (ks) && guestfs_set_network (g, 1) == -1) -+ exit (EXIT_FAILURE); -+ - /* If we've got mountpoints or prepared drives or -i option, we must - * launch the guest and mount them. - */ -diff --git a/fuse/guestmount.c b/fuse/guestmount.c -index 77c534828..3c6d57bde 100644 ---- a/fuse/guestmount.c -+++ b/fuse/guestmount.c -@@ -348,6 +348,10 @@ main (int argc, char *argv[]) - - /* Do the guest drives and mountpoints. */ - add_drives (drvs); -+ -+ if (key_store_requires_network (ks) && guestfs_set_network (g, 1) == -1) -+ exit (EXIT_FAILURE); -+ - if (guestfs_launch (g) == -1) - exit (EXIT_FAILURE); - if (inspector) --- -2.31.1 - diff --git a/SOURCES/0016-daemon-Add-zstd-support-to-guestfs_file_architecture.patch b/SOURCES/0016-daemon-Add-zstd-support-to-guestfs_file_architecture.patch deleted file mode 100644 index 922609e..0000000 --- a/SOURCES/0016-daemon-Add-zstd-support-to-guestfs_file_architecture.patch +++ /dev/null @@ -1,182 +0,0 @@ -From 4807dacb577167b89cb5ffb1fa1a68ddf30b9319 Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Tue, 9 Aug 2022 18:39:30 +0100 -Subject: [PATCH] daemon: Add zstd support to guestfs_file_architecture - -This is required so we can determine the file architecture of -zstd-compressed Linux kernel modules as used by OpenSUSE and maybe -other distros in future. - -Note that zstd becomes a required package, but it is widely available -in current Linux distros. - -The package names come from https://pkgs.org/download/zstd and my own -research. - -(cherry picked from commit 0e784824e82a88e522873fec5db1a11943d637ed) ---- - .gitignore | 1 + - appliance/packagelist.in | 6 ++++++ - daemon/filearch.ml | 1 + - docs/guestfs-building.pod | 4 ++++ - generator/actions_core.ml | 2 ++ - m4/guestfs-progs.m4 | 4 ++++ - test-data/Makefile.am | 1 + - test-data/files/Makefile.am | 6 ++++++ - 8 files changed, 25 insertions(+) - -diff --git a/.gitignore b/.gitignore -index 356c01fbd..ee5ea74dd 100644 ---- a/.gitignore -+++ b/.gitignore -@@ -448,6 +448,7 @@ Makefile.in - /test-data/files/initrd-x86_64.img - /test-data/files/initrd-x86_64.img.gz - /test-data/files/lib-i586.so.xz -+/test-data/files/lib-i586.so.zst - /test-data/files/test-grep.txt.gz - /test-data/phony-guests/archlinux.img - /test-data/phony-guests/blank-*.img -diff --git a/appliance/packagelist.in b/appliance/packagelist.in -index 0b79edcdd..0fc11f6ae 100644 ---- a/appliance/packagelist.in -+++ b/appliance/packagelist.in -@@ -48,6 +48,7 @@ ifelse(REDHAT,1, - vim-minimal - xz - zfs-fuse -+ zstd - ) - - ifelse(DEBIAN,1, -@@ -88,6 +89,7 @@ dnl iproute has been renamed to iproute2 - vim-tiny - xz-utils - zfs-fuse -+ zstd - uuid-runtime - ) - -@@ -115,6 +117,7 @@ ifelse(ARCHLINUX,1, - systemd - vim - xz -+ zstd - ) - - ifelse(SUSE,1, -@@ -140,6 +143,7 @@ ifelse(SUSE,1, - systemd-sysvinit - vim - xz -+ zstd - ) - - ifelse(FRUGALWARE,1, -@@ -185,6 +189,7 @@ ifelse(MAGEIA,1, - systemd /* for /sbin/reboot and udevd */ - vim-minimal - xz -+ zstd - ) - - ifelse(OPENMANDRIVA,1, -@@ -203,6 +208,7 @@ ifelse(OPENMANDRIVA,1, - systemd /* for /sbin/reboot and udevd */ - vim-minimal - xz -+ zstd - ) - - include(guestfsd.deps) -diff --git a/daemon/filearch.ml b/daemon/filearch.ml -index 67a7339e0..4d7e912c0 100644 ---- a/daemon/filearch.ml -+++ b/daemon/filearch.ml -@@ -106,6 +106,7 @@ and cpio_arch magic orig_path path = - if String.find magic "gzip" >= 0 then "zcat" - else if String.find magic "bzip2" >= 0 then "bzcat" - else if String.find magic "XZ compressed" >= 0 then "xzcat" -+ else if String.find magic "Zstandard compressed" >= 0 then "zstdcat" - else "cat" in - - let tmpdir = Mkdtemp.temp_dir "filearch" in -diff --git a/docs/guestfs-building.pod b/docs/guestfs-building.pod -index b93a611a6..7a7240f78 100644 ---- a/docs/guestfs-building.pod -+++ b/docs/guestfs-building.pod -@@ -172,6 +172,10 @@ I. - - I. - -+=item zstd -+ -+I. -+ - =item Jansson E 2.7 - - I. -diff --git a/generator/actions_core.ml b/generator/actions_core.ml -index 3c9b0a9b2..553e4ec3b 100644 ---- a/generator/actions_core.ml -+++ b/generator/actions_core.ml -@@ -9373,6 +9373,8 @@ with large files, such as the resulting squashfs will be over 3GB big." }; - [["file_architecture"; "/bin-x86_64-dynamic.gz"]], "x86_64"), []; - InitISOFS, Always, TestResultString ( - [["file_architecture"; "/lib-i586.so.xz"]], "i386"), []; -+ InitISOFS, Always, TestResultString ( -+ [["file_architecture"; "/lib-i586.so.zst"]], "i386"), []; - ]; - shortdesc = "detect the architecture of a binary file"; - longdesc = "\ -diff --git a/m4/guestfs-progs.m4 b/m4/guestfs-progs.m4 -index cd8662e86..22fc61367 100644 ---- a/m4/guestfs-progs.m4 -+++ b/m4/guestfs-progs.m4 -@@ -95,6 +95,10 @@ AC_PATH_PROGS([XZCAT],[xzcat],[no]) - test "x$XZCAT" = "xno" && AC_MSG_ERROR([xzcat must be installed]) - AC_DEFINE_UNQUOTED([XZCAT],["$XZCAT"],[Name of xzcat program.]) - -+dnl Check for zstdcat (required). -+AC_PATH_PROGS([ZSTDCAT],[zstdcat],[no]) -+test "x$ZSTDCAT" = "xno" && AC_MSG_ERROR([zstdcat must be installed]) -+ - dnl (f)lex and bison for virt-builder (required). - dnl XXX Could be optional with some work. - AC_PROG_LEX -diff --git a/test-data/Makefile.am b/test-data/Makefile.am -index b603311a1..dbecd74b9 100644 ---- a/test-data/Makefile.am -+++ b/test-data/Makefile.am -@@ -85,6 +85,7 @@ image_files = \ - files/initrd-x86_64.img \ - files/initrd-x86_64.img.gz \ - files/lib-i586.so.xz \ -+ files/lib-i586.so.zst \ - files/test-grep.txt.gz - - noinst_DATA = test.iso -diff --git a/test-data/files/Makefile.am b/test-data/files/Makefile.am -index a3d7288f9..06b0c6585 100644 ---- a/test-data/files/Makefile.am -+++ b/test-data/files/Makefile.am -@@ -40,6 +40,7 @@ noinst_DATA = \ - initrd-x86_64.img \ - initrd-x86_64.img.gz \ - lib-i586.so.xz \ -+ lib-i586.so.zst \ - test-grep.txt.gz - - CLEANFILES += $(noinst_DATA) -@@ -116,3 +117,8 @@ lib-i586.so.xz: $(top_srcdir)/test-data/binaries/lib-i586.so - rm -f $@ $@-t - xz -c $< > $@-t - mv $@-t $@ -+ -+lib-i586.so.zst: $(top_srcdir)/test-data/binaries/lib-i586.so -+ rm -f $@ $@-t -+ zstd -c $< > $@-t -+ mv $@-t $@ --- -2.31.1 - diff --git a/SOURCES/0017-New-API-inspect_get_build_id.patch b/SOURCES/0017-New-API-inspect_get_build_id.patch deleted file mode 100644 index 479c0cc..0000000 --- a/SOURCES/0017-New-API-inspect_get_build_id.patch +++ /dev/null @@ -1,184 +0,0 @@ -From 7dbcddd5bd5939493db74843593316f7101f8fde Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Thu, 1 Dec 2022 10:00:46 +0000 -Subject: [PATCH] New API: inspect_get_build_id - -Add an API to return the build ID of the guest. This to allow a -future change to be able to distinguish between Windows 10 and Windows 11 -which can only be done using the build ID. - -For Windows we can read the CurrentBuildNumber key from the registry. -For Linux there happens to be a BUILD_ID field in /etc/os-release. -I've never seen a Linux distro that actually uses this. - -Reviewed-by: Laszlo Ersek -(cherry picked from commit f3dd67affe3c657af64ee9f6d70a16e965309556) ---- - daemon/inspect.ml | 6 ++++++ - daemon/inspect_fs_unix.ml | 2 ++ - daemon/inspect_fs_windows.ml | 14 ++++++++++++++ - daemon/inspect_types.ml | 5 +++++ - daemon/inspect_types.mli | 1 + - generator/actions_inspection.ml | 19 +++++++++++++++++++ - generator/proc_nr.ml | 3 ++- - lib/MAX_PROC_NR | 2 +- - 8 files changed, 50 insertions(+), 2 deletions(-) - -diff --git a/daemon/inspect.ml b/daemon/inspect.ml -index fb75b4a6c..20217c025 100644 ---- a/daemon/inspect.ml -+++ b/daemon/inspect.ml -@@ -335,6 +335,12 @@ and inspect_get_hostname root = - | Some v -> v - | None -> "unknown" - -+and inspect_get_build_id root = -+ let root = search_for_root root in -+ match root.inspection_data.build_id with -+ | Some v -> v -+ | None -> "unknown" -+ - and inspect_get_windows_systemroot root = - let root = search_for_root root in - match root.inspection_data.windows_systemroot with -diff --git a/daemon/inspect_fs_unix.ml b/daemon/inspect_fs_unix.ml -index 63cb279d0..009195f80 100644 ---- a/daemon/inspect_fs_unix.ml -+++ b/daemon/inspect_fs_unix.ml -@@ -96,6 +96,8 @@ let rec parse_os_release release_file data = - data.product_name <- Some value - else if key = "VERSION_ID" then - parse_os_release_version_id value data -+ else if key = "BUILD_ID" then -+ data.build_id <- Some value - ) values; - - (* If we haven't got all the fields, exit right away. *) -diff --git a/daemon/inspect_fs_windows.ml b/daemon/inspect_fs_windows.ml -index c4a05bc38..7bc5de7f7 100644 ---- a/daemon/inspect_fs_windows.ml -+++ b/daemon/inspect_fs_windows.ml -@@ -263,6 +263,20 @@ and check_windows_software_registry software_hive data = - with - Not_found -> () - ); -+ -+ (* CurrentBuildNumber (build_id). -+ * -+ * In modern Windows, the "CurrentBuild" and "CurrentBuildNumber" -+ * keys are the same. But in Windows XP, "CurrentBuild" -+ * contained something quite different. So always use -+ * "CurrentBuildNumber". -+ *) -+ (try -+ let v = List.assoc "CurrentBuildNumber" values in -+ data.build_id <- Some (Hivex.value_string h v) -+ with -+ Not_found -> () -+ ); - with - | Not_found -> - if verbose () then -diff --git a/daemon/inspect_types.ml b/daemon/inspect_types.ml -index 9395c51f9..328a2146b 100644 ---- a/daemon/inspect_types.ml -+++ b/daemon/inspect_types.ml -@@ -48,6 +48,7 @@ and inspection_data = { - mutable version : version option; - mutable arch : string option; - mutable hostname : string option; -+ mutable build_id : string option; - mutable fstab : fstab_entry list; - mutable windows_systemroot : string option; - mutable windows_software_hive : string option; -@@ -167,6 +168,8 @@ and string_of_inspection_data data = - data.arch; - Option.may (fun v -> bpf " hostname: %s\n" v) - data.hostname; -+ Option.may (fun v -> bpf " build ID: %s\n" v) -+ data.build_id; - if data.fstab <> [] then ( - let v = List.map ( - fun (a, b) -> sprintf "(%s, %s)" (Mountable.to_string a) b -@@ -272,6 +275,7 @@ let null_inspection_data = { - version = None; - arch = None; - hostname = None; -+ build_id = None; - fstab = []; - windows_systemroot = None; - windows_software_hive = None; -@@ -294,6 +298,7 @@ let merge_inspection_data child parent = - parent.version <- merge child.version parent.version; - parent.arch <- merge child.arch parent.arch; - parent.hostname <- merge child.hostname parent.hostname; -+ parent.build_id <- merge child.build_id parent.build_id; - parent.fstab <- child.fstab @ parent.fstab; - parent.windows_systemroot <- - merge child.windows_systemroot parent.windows_systemroot; -diff --git a/daemon/inspect_types.mli b/daemon/inspect_types.mli -index 29c76e8ab..05a3ffd4e 100644 ---- a/daemon/inspect_types.mli -+++ b/daemon/inspect_types.mli -@@ -51,6 +51,7 @@ and inspection_data = { - mutable version : version option; - mutable arch : string option; - mutable hostname : string option; -+ mutable build_id : string option; - mutable fstab : fstab_entry list; - mutable windows_systemroot : string option; - mutable windows_software_hive : string option; -diff --git a/generator/actions_inspection.ml b/generator/actions_inspection.ml -index f8b744993..70de22ec0 100644 ---- a/generator/actions_inspection.ml -+++ b/generator/actions_inspection.ml -@@ -529,6 +529,25 @@ hive is a valid Windows Registry hive. - - You can use C to read or write to the hive. - -+Please read L for more details." }; -+ -+ { defaults with -+ name = "inspect_get_build_id"; added = (1, 49, 8); -+ style = RString (RPlainString, "buildid"), [String (Mountable, "root")], []; -+ impl = OCaml "Inspect.inspect_get_build_id"; -+ shortdesc = "get the system build ID"; -+ longdesc = "\ -+This returns the build ID of the system, or the string -+C<\"unknown\"> if the system does not have a build ID. -+ -+For Windows, this gets the build number. Although it is -+returned as a string, it is (so far) always a number. See -+L -+for some possible values. -+ -+For Linux, this returns the C string from -+F, although this is not often used. -+ - Please read L for more details." }; - - { defaults with -diff --git a/generator/proc_nr.ml b/generator/proc_nr.ml -index edd9bd99d..0f17b1c06 100644 ---- a/generator/proc_nr.ml -+++ b/generator/proc_nr.ml -@@ -514,7 +514,8 @@ let proc_nr = [ - 509, "cryptsetup_close"; - 510, "internal_list_rpm_applications"; - 511, "internal_readdir"; --512, "clevis_luks_unlock" -+512, "clevis_luks_unlock"; -+513, "inspect_get_build_id"; - ] - - (* End of list. If adding a new entry, add it at the end of the list -diff --git a/lib/MAX_PROC_NR b/lib/MAX_PROC_NR -index 4d0e90cbc..31cf34b8d 100644 ---- a/lib/MAX_PROC_NR -+++ b/lib/MAX_PROC_NR -@@ -1 +1 @@ --512 -+513 --- -2.31.1 - diff --git a/SOURCES/0018-lib-Return-correct-osinfo-field-for-Windows-11.patch b/SOURCES/0018-lib-Return-correct-osinfo-field-for-Windows-11.patch deleted file mode 100644 index a4f7d30..0000000 --- a/SOURCES/0018-lib-Return-correct-osinfo-field-for-Windows-11.patch +++ /dev/null @@ -1,82 +0,0 @@ -From 363bbb7e9bd39fc1683fb600c76266f67ad2063c Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Thu, 1 Dec 2022 10:14:43 +0000 -Subject: [PATCH] lib: Return correct osinfo field for Windows 11 - -For Windows Client, we can only distinguish between Windows 10 and -Windows 11 using the build ID. The product name in both cases is -"Windows 10 ", apparently intentionally. - -References: -https://learn.microsoft.com/en-us/answers/questions/586619/windows-11-build-ver-is-still-10022000194.html -https://github.com/cygwin/cygwin/blob/a263fe0b268580273c1adc4b1bad256147990222/winsup/cygwin/wincap.cc#L429 -https://en.wikipedia.org/wiki/List_of_Microsoft_Windows_versions - -After this fix, the output of virt-inspector changes to this, which is -a bit odd, but correct: - - windows - x86_64 - windows - Windows 10 Pro - Client - 10 - 0 - /Windows - ControlSet001 - win11 - -Thanks: Yaakov Selkowitz -Reported-by: Yongkui Guo -Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2012658 -Reviewed-by: Laszlo Ersek -(cherry picked from commit 824c7457489366494f0f10fd3369dc30f3a3c360) ---- - lib/inspect-osinfo.c | 24 ++++++++++++++++++++++-- - 1 file changed, 22 insertions(+), 2 deletions(-) - -diff --git a/lib/inspect-osinfo.c b/lib/inspect-osinfo.c -index 90e57e6df..1c10ff469 100644 ---- a/lib/inspect-osinfo.c -+++ b/lib/inspect-osinfo.c -@@ -86,6 +86,8 @@ guestfs_impl_inspect_get_osinfo (guestfs_h *g, const char *root) - else if (STREQ (type, "windows")) { - CLEANUP_FREE char *product_name = NULL; - CLEANUP_FREE char *product_variant = NULL; -+ CLEANUP_FREE char *build_id_str = NULL; -+ int build_id; - - product_name = guestfs_inspect_get_product_name (g, root); - if (!product_name) -@@ -142,8 +144,26 @@ guestfs_impl_inspect_get_osinfo (guestfs_h *g, const char *root) - return safe_strdup (g, "win2k19"); - else - return safe_strdup (g, "win2k16"); -- } else -- return safe_strdup (g, "win10"); -+ } -+ else { -+ /* For Windows >= 10 Client we can only distinguish between -+ * versions by looking at the build ID. See: -+ * https://learn.microsoft.com/en-us/answers/questions/586619/windows-11-build-ver-is-still-10022000194.html -+ * https://github.com/cygwin/cygwin/blob/a263fe0b268580273c1adc4b1bad256147990222/winsup/cygwin/wincap.cc#L429 -+ */ -+ build_id_str = guestfs_inspect_get_build_id (g, root); -+ if (!build_id_str) -+ return NULL; -+ -+ build_id = guestfs_int_parse_unsigned_int (g, build_id_str); -+ if (build_id == -1) -+ return NULL; -+ -+ if (build_id >= 22000) -+ return safe_strdup (g, "win11"); -+ else -+ return safe_strdup (g, "win10"); -+ } - } - break; - } --- -2.31.1 - diff --git a/SOURCES/copy-patches.sh b/SOURCES/copy-patches.sh index 34989cc..647eacf 100755 --- a/SOURCES/copy-patches.sh +++ b/SOURCES/copy-patches.sh @@ -3,12 +3,11 @@ set -e # Maintainer script to copy patches from the git repo to the current -# directory. It's normally only used downstream (ie. in RHEL). Use -# it like this: +# directory. Use it like this: # ./copy-patches.sh project=libguestfs -rhel_version=9.2 +rhel_version=9.3 # Check we're in the right directory. if [ ! -f $project.spec ]; then @@ -37,7 +36,12 @@ git rm -f [0-9]*.patch ||: rm -f [0-9]*.patch # Get the patches. -(cd $git_checkout; rm -f [0-9]*.patch; git -c core.abbrev=9 format-patch -O/dev/null -N --submodule=diff $tag) +( + cd $git_checkout + rm -f [0-9]*.patch + git -c core.abbrev=8 format-patch -O/dev/null --subject-prefix=PATCH -N \ + --submodule=diff --no-signature --patience $tag +) mv $git_checkout/[0-9]*.patch . # Remove any not to be applied. diff --git a/SOURCES/libguestfs-1.48.4.tar.gz.sig b/SOURCES/libguestfs-1.48.4.tar.gz.sig deleted file mode 100644 index 1490f9f..0000000 --- a/SOURCES/libguestfs-1.48.4.tar.gz.sig +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQJFBAABCAAvFiEE93dPsa0HSn6Mh2fqkXOPc+G3aKAFAmLFql8RHHJpY2hAYW5u -ZXhpYS5vcmcACgkQkXOPc+G3aKAV2hAAzOcZseFTUFFoj4M5riqXqtBN3W+fr/O7 -v0wzJ9sY31Ftk8KFKKgpwOn4UFXYMPXY7Hm94GRAYjYBAtx9Viyyt7B6PbV7mVZ0 -WHLlZcg3ZsliF23s3EoHfgTGFfKLkjDwfPlmChC260Ffhq4KKvnwu/DobY/CDLHG -0cvrjb0OOYibBGbq58AHYR6QlVH/ScAuLSA1aRAd06bbpixufRR1oh1MtFA1iSvC -yjNH0joLFiu0uuD7KFH66YX2nFNrO24r0LxJkwT5G7GHlZJStJUpvs/QHa8Tw5Zt -Z1JMk9yB9EMPYimdVDm7m6eDBxTx8YbF7u6G8JdHRXgAPBt4O09XX7WGxxmh9Dc4 -M+QkpiubEOG6qwBythJJ6sTSRLKIAPeVfHEOauXg8n45Tbk5jYwthMKbnD9ETb3t -QKdMr5g+DZUO0LfbOvP0GtD+b1jK4iu4BcWDquQBXpDTbx7LUfSuTDrWItehEnBp -/K6FRbakNZEroLR5VA9WAa6sE+2B3gg1OG+KHypHuw4hfpmutvVA8wnPgyw3j+WK -xdcRp65NUMUkKRE/FTwp1MkY1Y2S9M9iAPX+CopdHPVoq9O2YE+K6Rv1EdJjmKZK -EwLzX08Xcj9T/U9GEfV+QdIzitCuxf7x9ULEDcFozFnuHXww+JLdR0EmIDkUwl7C -Z0KKsy18Eq8= -=WB1H ------END PGP SIGNATURE----- diff --git a/SOURCES/libguestfs-1.50.1.tar.gz.sig b/SOURCES/libguestfs-1.50.1.tar.gz.sig new file mode 100644 index 0000000..cec47f6 --- /dev/null +++ b/SOURCES/libguestfs-1.50.1.tar.gz.sig @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- + +iQJFBAABCAAvFiEE93dPsa0HSn6Mh2fqkXOPc+G3aKAFAmP1QzoRHHJpY2hAYW5u +ZXhpYS5vcmcACgkQkXOPc+G3aKCAEBAAimQxT37HMWTHOqvj4s6ipOhDCNPlqo4L +z+syvIkgbp024IOPUbrlmSCtrCFiLXsRmmenynFv66N8GXoWmJruyJMyvBxsupZT +lTo7WdCEix/xPh/LAb8Q9RWA2SQYfkOKHRs/gr4b/LbtXBklMlcOdhegx3Mml4SW +gwK5n799YebUVgzYch5hWjHcRAphPaUdMyaJ6MUnFrfUPyGK2QO1yXdnGxkseAPz +srjlhFqu5kNojWzcaNcdHBdKvJVEZo7L6laADRS31sRH0BGVc6/DFJgOPdxROGJe +oeq3Oo1EF88P15NSTNZSXLa65n9kts2OnqRgX/c3njV9+1/JPHJWVM+VezuCcN8D +hHktHVOBjM209N5RmLtR92eROvo1aTrgjsLqOTvwbKBu7NrPc4ZICnX7dMjD6irj +vQz0P5MUmELMvdEN3FMGf45v77z+249e1z+5EGi2HUPKLfxd+I3+2mxUm2xjWOy/ +zNzkG2rCgYRB8Tioj6Mw80RYKioRyu8p5lUZvvLk85CJbT4BFH8rXgJbrEBOSunE +lWEcv690GzyszAN8zKZaIqhNzIKdlkQZAd1DMXfNBEfAy23YHRApB1O2EFhNAjAf +yEsUjpiYc0pq64QiCPGzUp4iLfMt9hg4ey5Pquud/j6cfvJ3ak5gZECbFnbUjysZ +YYpwSgy/FVI= +=OPC/ +-----END PGP SIGNATURE----- diff --git a/SPECS/libguestfs.spec b/SPECS/libguestfs.spec index 31ea5e1..1e944ec 100644 --- a/SPECS/libguestfs.spec +++ b/SPECS/libguestfs.spec @@ -14,10 +14,7 @@ %if !0%{?rhel} %global test_arches aarch64 %{power64} s390x x86_64 %else -# RHEL 9 only: -# x86-64: "/lib64/libc.so.6: CPU ISA level is lower than required" -# (RHBZ#1919389) -%global test_arches NONE +%global test_arches x86_64 %endif # Trim older changelog entries. @@ -36,7 +33,7 @@ %endif # The source directory. -%global source_directory 1.48-stable +%global source_directory 1.50-stable # Filter perl provides. %{?perl_default_filter} @@ -47,8 +44,8 @@ Summary: Access and modify virtual machine disk images Name: libguestfs Epoch: 1 -Version: 1.48.4 -Release: 4%{?dist} +Version: 1.50.1 +Release: 6%{?dist} License: LGPLv2+ # Build only for architectures that have a kernel @@ -83,27 +80,22 @@ Source7: libguestfs.keyring Source8: copy-patches.sh # Patches are maintained in the following repository: -# https://github.com/libguestfs/libguestfs/commits/rhel-9.2 +# https://github.com/libguestfs/libguestfs/commits/rhel-9.3 # Patches. -Patch0001: 0001-New-API-guestfs_device_name-returning-the-drive-name.patch -Patch0002: 0002-guestfs_readdir-rewrite-with-FileOut-transfer-to-lif.patch -Patch0003: 0003-guestfs_readdir-minimize-the-number-of-send_file_wri.patch -Patch0004: 0004-lib-launch-direct-ignore-drive-iface-parameter.patch -Patch0005: 0005-lib-drive_create_data-drive-remove-field-iface.patch -Patch0006: 0006-lib-rename-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch -Patch0007: 0007-tests-regressions-remove-iface-based-restrictions.patch -Patch0008: 0008-generator-customize-invert-SELinux-relabeling-defaul.patch -Patch0009: 0009-generator-customize-reintroduce-selinux-relabel-as-a.patch -Patch0010: 0010-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch -Patch0011: 0011-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch -Patch0012: 0012-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch -Patch0013: 0013-php-add-arginfo-to-php-bindings.patch -Patch0014: 0014-introduce-the-clevis_luks_unlock-API.patch -Patch0015: 0015-guestfish-guestmount-enable-networking-for-key-ID-cl.patch -Patch0016: 0016-daemon-Add-zstd-support-to-guestfs_file_architecture.patch -Patch0017: 0017-New-API-inspect_get_build_id.patch -Patch0018: 0018-lib-Return-correct-osinfo-field-for-Windows-11.patch +#Patch0001: 0001-update-common-submodule.patch +Patch0002: 0002-update-common-submodule.patch +Patch0003: 0003-daemon-selinux-relabel-don-t-exclude-selinux-if-it-s.patch +Patch0004: 0004-daemon-selinux-relabel-search-for-invalid-option-in-.patch +Patch0005: 0005-daemon-selinux-relabel-run-setfiles-with-T-0-if-supp.patch +Patch0006: 0006-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch +Patch0007: 0007-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch +Patch0008: 0008-Remove-virt-dib.patch +Patch0009: 0009-lib-Choose-q35-machine-type-for-x86-64.patch +Patch0010: 0010-RHEL-Revert-build-Remove-bundled-copy-of-ocaml-augea.patch +Patch0011: 0011-update-common-submodule.patch +Patch0012: 0012-LUKS-on-LVM-inspection-test-rename-VGs-and-LVs.patch +Patch0013: 0013-LUKS-on-LVM-inspection-test-test-dev-mapper-VG-LV-tr.patch %if 0%{patches_touch_autotools} BuildRequires: autoconf, automake, libtool, gettext-devel @@ -122,6 +114,8 @@ BuildRequires: perl(Pod::Man) BuildRequires: /usr/bin/pod2text BuildRequires: po4a BuildRequires: augeas-devel >= 1.7.0 +# Waiting for https://bugzilla.redhat.com/show_bug.cgi?id=2168634 +#BuildRequires: ocaml-augeas-devel >= 0.6 BuildRequires: readline-devel BuildRequires: xorriso BuildRequires: libxml2-devel @@ -173,7 +167,6 @@ BuildRequires: gnupg2 BuildRequires: ocaml BuildRequires: ocaml-ocamldoc BuildRequires: ocaml-findlib-devel -BuildRequires: ocaml-gettext-devel %if !0%{?rhel} BuildRequires: ocaml-ounit-devel %endif @@ -227,10 +220,6 @@ BuildRequires: clevis-luks BuildRequires: coreutils BuildRequires: cpio BuildRequires: cryptsetup -%if !0%{?rhel} -BuildRequires: curl -BuildRequires: debootstrap -%endif BuildRequires: dhclient BuildRequires: diffutils BuildRequires: dosfstools @@ -254,9 +243,6 @@ BuildRequires: iproute BuildRequires: iputils BuildRequires: kernel BuildRequires: kmod -%if !0%{?rhel} -BuildRequires: kpartx -%endif BuildRequires: less BuildRequires: libcap %if !0%{?rhel} @@ -279,7 +265,6 @@ BuildRequires: pcre2 BuildRequires: policycoreutils BuildRequires: procps BuildRequires: psmisc -BuildRequires: qemu-img BuildRequires: rpm-libs BuildRequires: rsync BuildRequires: scrub @@ -297,9 +282,6 @@ BuildRequires: tar BuildRequires: udev BuildRequires: util-linux BuildRequires: vim-minimal -%if !0%{?rhel} -BuildRequires: which -%endif BuildRequires: xfsprogs BuildRequires: xz BuildRequires: yajl @@ -451,17 +433,6 @@ Requires: pkgconfig for %{name}. -%if !0%{?rhel} -%package dib -Summary: Additional tools for virt-dib -License: LGPLv2+ - -%description dib -This adds extra packages needed by virt-dib to %{name}. You should -normally install the virt-dib package which depends on this one. -%endif - - %if !0%{?rhel} %package forensics Summary: Filesystem forensics support for %{name} @@ -798,8 +769,14 @@ make V=1 INSTALLDIRS=vendor %{?_smp_mflags} %check - %ifarch %{test_arches} +# Only run the tests with non-debug (ie. non-Rawhide) kernels. +# XXX This tests for any debug kernel installed. +if grep CONFIG_DEBUG_MUTEXES=y /lib/modules/*/config ; then + echo "Skipping tests because debug kernel is installed" + exit 0 +fi + export LIBGUESTFS_DEBUG=1 export LIBGUESTFS_TRACE=1 export LIBVIRT_DEBUG=1 @@ -828,6 +805,13 @@ find $RPM_BUILD_ROOT -name .packlist -delete find $RPM_BUILD_ROOT -name '*.bs' -delete find $RPM_BUILD_ROOT -name 'bindtests.pl' -delete +# Perl's ExtUtils::Install installs "Guestfs.so" read-only; that +# prevents objcopy from adding the ".gdb_index" section for the sake of +# the debuginfo file. See +# . Restore write +# permission for the file owner. +find $RPM_BUILD_ROOT -name Guestfs.so -exec chmod u+w '{}' + + # golang: Ignore what libguestfs upstream installs, and just copy the # source files to %%{_datadir}/gocode/src. %ifarch %{golang_arches} @@ -856,19 +840,6 @@ function move_to echo "$1" >> "$2" } -%if !0%{?rhel} -move_to curl zz-packages-dib -move_to debootstrap zz-packages-dib -move_to kpartx zz-packages-dib -move_to qemu-img zz-packages-dib -move_to which zz-packages-dib -%else -remove curl -remove debootstrap -remove kpartx -remove qemu-img -remove which -%endif %if !0%{?rhel} move_to sleuthkit zz-packages-forensics move_to gfs2-utils zz-packages-gfs2 @@ -977,11 +948,6 @@ rm ocaml/html/.gitignore %{_libdir}/pkgconfig/libguestfs.pc -%if !0%{?rhel} -%files dib -%{_libdir}/guestfs/supermin.d/zz-packages-dib -%endif - %if !0%{?rhel} %files forensics %{_libdir}/guestfs/supermin.d/zz-packages-forensics @@ -1140,6 +1106,23 @@ rm ocaml/html/.gitignore %changelog +* Wed Jun 07 2023 Laszlo Ersek - 1:1.50.1-6 +- enable the ".gdb_index" section in the Perl bindings debug info + resolves: rhbz#2209279 + +* Tue May 23 2023 Laszlo Ersek - 1:1.50.1-5 +- let "guestfish -i" recognize "--key /dev/mapper/VG-LV:key:password" +- reenable quickcheck; we now use "-cpu max" (upstream 30f74f38bd6e) + resolves: rhbz#2209279 + +* Thu May 04 2023 Richard W.M. Jones - 1:1.50.1-4 +- Rebase libguestfs to 1.50.1 + resolves: rhbz#2168625 +- Use q35 machine type for libguestfs appliance + resolves: rhbz#2168578 +- Run SELinux relabelling in parallel [for virt-v2v] + resolves: rhbz#2190276 + * Fri Dec 02 2022 Richard W.M. Jones - 1:1.48.4-4 - New API: guestfs_inspect_get_build_id - Add support for detecting Windows >= 10, returned through osinfo