From e938253f661d05b5f96337be17ab050c0de06168 Mon Sep 17 00:00:00 2001 From: eabdullin Date: Wed, 15 May 2024 07:39:46 +0000 Subject: [PATCH] Import from AlmaLinux stable repository --- .gitignore | 3 +- .libguestfs.metadata | 3 +- ...device_name-returning-the-drive-name.patch | 96 - SOURCES/0001-update-common-submodule.patch | 138 ++ ...rewrite-with-FileOut-transfer-to-lif.patch | 565 ------ SOURCES/0002-update-common-submodule.patch | 88 + ...elabel-don-t-exclude-selinux-if-it-s.patch | 63 + ...minimize-the-number-of-send_file_wri.patch | 108 -- ...elabel-search-for-invalid-option-in-.patch | 33 + ...-direct-ignore-drive-iface-parameter.patch | 123 -- ...elabel-run-setfiles-with-T-0-if-supp.patch | 78 + ...create_data-drive-remove-field-iface.patch | 245 --- ...pported-remote-drive-protocols-RHBZ.patch} | 25 +- ...e-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch | 82 - ...f-libguestfs-winsupport-features-ex.patch} | 11 +- ...ions-remove-iface-based-restrictions.patch | 74 - SOURCES/0008-Remove-virt-dib.patch | 63 + ...ize-invert-SELinux-relabeling-defaul.patch | 56 - ...ize-reintroduce-selinux-relabel-as-a.patch | 42 - ...b-Choose-q35-machine-type-for-x86-64.patch | 32 + ...d-Remove-bundled-copy-of-ocaml-augea.patch | 1686 +++++++++++++++++ SOURCES/0011-update-common-submodule.patch | 203 ++ ...M-inspection-test-rename-VGs-and-LVs.patch | 97 + ...crypto-policies-back-ends-opensslcnf.patch | 32 - ...ection-test-test-dev-mapper-VG-LV-tr.patch | 46 + ...0013-php-add-arginfo-to-php-bindings.patch | 90 - ...0014-Replace-Pervasives.-with-Stdlib.patch | 119 ++ ...introduce-the-clevis_luks_unlock-API.patch | 252 --- ...on-t-call-fclose-NULL-on-error-paths.patch | 62 + ...ount-enable-networking-for-key-ID-cl.patch | 69 - ...support-to-guestfs_file_architecture.patch | 182 -- ...lose-test-collect-all-currently-unre.patch | 38 + .../0017-New-API-inspect_get_build_id.patch | 184 -- ...d-enter-leave_blocking_section-calls.patch | 70 + ...-correct-osinfo-field-for-Windows-11.patch | 82 - ...se-runtime-lock-around-guestfs_close.patch | 28 + ...onally-acquire-the-lock-in-callbacks.patch | 73 + ...fs_065_implicit_close.ml-for-OCaml-5.patch | 59 + ...tate_opt-in-preference-to-caml_state.patch | 25 + ...-Add-chown-option-for-virt-customize.patch | 398 ++++ ...ve-guestfs_int_cmd_clear_close_files.patch | 101 + ...ix-broken-link-in-the-guestfs-manual.patch | 34 + ...25-docs-clarify-sockdir-s-separation.patch | 75 + ..._int_create_socketname-from-launch.c.patch | 144 ++ ...ize-Add-new-StringTriplet-for-use-by.patch | 241 +++ ...verse-device-name-translation-on-pvs.patch | 57 + ...-ruby-Replace-MiniTest-with-Minitest.patch | 208 ++ ...t-rid-of-old-Test-Unit-compatibility.patch | 278 +++ ...irt-customize-options-into-alphabeti.patch | 63 + ...-new-virt-customize-tar-in-operation.patch | 173 ++ .../0033-New-mailing-list-email-address.patch | 271 +++ SOURCES/0034-New-mailing-list-archives.patch | 590 ++++++ ...de-libxml-parser.h-for-xmlReadMemory.patch | 25 + ...Gc.finalise-instead-of-a-C-finalizer.patch | 132 ++ ...stom-block-before-releasing-runtime-.patch | 39 + SOURCES/0038-Update-common-submodule.patch | 162 ++ ...ts-Test-guestfish-key-all-.-selector.patch | 35 + SOURCES/copy-patches.sh | 12 +- SOURCES/libguestfs-1.48.4.tar.gz.sig | 17 - SOURCES/libguestfs-1.50.1.tar.gz.sig | 17 + SPECS/libguestfs.spec | 164 +- 61 files changed, 6166 insertions(+), 2395 deletions(-) delete mode 100644 SOURCES/0001-New-API-guestfs_device_name-returning-the-drive-name.patch create mode 100644 SOURCES/0001-update-common-submodule.patch delete mode 100644 SOURCES/0002-guestfs_readdir-rewrite-with-FileOut-transfer-to-lif.patch create mode 100644 SOURCES/0002-update-common-submodule.patch create mode 100644 SOURCES/0003-daemon-selinux-relabel-don-t-exclude-selinux-if-it-s.patch delete mode 100644 SOURCES/0003-guestfs_readdir-minimize-the-number-of-send_file_wri.patch create mode 100644 SOURCES/0004-daemon-selinux-relabel-search-for-invalid-option-in-.patch delete mode 100644 SOURCES/0004-lib-launch-direct-ignore-drive-iface-parameter.patch create mode 100644 SOURCES/0005-daemon-selinux-relabel-run-setfiles-with-T-0-if-supp.patch delete mode 100644 SOURCES/0005-lib-drive_create_data-drive-remove-field-iface.patch rename SOURCES/{0010-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch => 0006-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch} (97%) delete mode 100644 SOURCES/0006-lib-rename-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch rename SOURCES/{0011-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch => 0007-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch} (92%) delete mode 100644 SOURCES/0007-tests-regressions-remove-iface-based-restrictions.patch create mode 100644 SOURCES/0008-Remove-virt-dib.patch delete mode 100644 SOURCES/0008-generator-customize-invert-SELinux-relabeling-defaul.patch delete mode 100644 SOURCES/0009-generator-customize-reintroduce-selinux-relabel-as-a.patch create mode 100644 SOURCES/0009-lib-Choose-q35-machine-type-for-x86-64.patch create mode 100644 SOURCES/0010-RHEL-Revert-build-Remove-bundled-copy-of-ocaml-augea.patch create mode 100644 SOURCES/0011-update-common-submodule.patch create mode 100644 SOURCES/0012-LUKS-on-LVM-inspection-test-rename-VGs-and-LVs.patch delete mode 100644 SOURCES/0012-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch create mode 100644 SOURCES/0013-LUKS-on-LVM-inspection-test-test-dev-mapper-VG-LV-tr.patch delete mode 100644 SOURCES/0013-php-add-arginfo-to-php-bindings.patch create mode 100644 SOURCES/0014-Replace-Pervasives.-with-Stdlib.patch delete mode 100644 SOURCES/0014-introduce-the-clevis_luks_unlock-API.patch create mode 100644 SOURCES/0015-fuse-Don-t-call-fclose-NULL-on-error-paths.patch delete mode 100644 SOURCES/0015-guestfish-guestmount-enable-networking-for-key-ID-cl.patch delete mode 100644 SOURCES/0016-daemon-Add-zstd-support-to-guestfs_file_architecture.patch create mode 100644 SOURCES/0016-ocaml-implicit_close-test-collect-all-currently-unre.patch delete mode 100644 SOURCES/0017-New-API-inspect_get_build_id.patch create mode 100644 SOURCES/0017-ocaml-Replace-old-enter-leave_blocking_section-calls.patch delete mode 100644 SOURCES/0018-lib-Return-correct-osinfo-field-for-Windows-11.patch create mode 100644 SOURCES/0018-ocaml-Release-runtime-lock-around-guestfs_close.patch create mode 100644 SOURCES/0019-ocaml-Conditionally-acquire-the-lock-in-callbacks.patch create mode 100644 SOURCES/0020-ocaml-Fix-guestfs_065_implicit_close.ml-for-OCaml-5.patch create mode 100644 SOURCES/0021-ocaml-Use-Caml_state_opt-in-preference-to-caml_state.patch create mode 100644 SOURCES/0022-generator-Add-chown-option-for-virt-customize.patch create mode 100644 SOURCES/0023-lib-remove-guestfs_int_cmd_clear_close_files.patch create mode 100644 SOURCES/0024-docs-fix-broken-link-in-the-guestfs-manual.patch create mode 100644 SOURCES/0025-docs-clarify-sockdir-s-separation.patch create mode 100644 SOURCES/0026-lib-move-guestfs_int_create_socketname-from-launch.c.patch create mode 100644 SOURCES/0027-generator-customize-Add-new-StringTriplet-for-use-by.patch create mode 100644 SOURCES/0028-daemon-lvm-Do-reverse-device-name-translation-on-pvs.patch create mode 100644 SOURCES/0029-ruby-Replace-MiniTest-with-Minitest.patch create mode 100644 SOURCES/0030-ruby-Get-rid-of-old-Test-Unit-compatibility.patch create mode 100644 SOURCES/0031-generator-Sort-virt-customize-options-into-alphabeti.patch create mode 100644 SOURCES/0032-generator-Add-new-virt-customize-tar-in-operation.patch create mode 100644 SOURCES/0033-New-mailing-list-email-address.patch create mode 100644 SOURCES/0034-New-mailing-list-archives.patch create mode 100644 SOURCES/0035-lib-Include-libxml-parser.h-for-xmlReadMemory.patch create mode 100644 SOURCES/0036-ocaml-Use-Gc.finalise-instead-of-a-C-finalizer.patch create mode 100644 SOURCES/0037-ocaml-Nullify-custom-block-before-releasing-runtime-.patch create mode 100644 SOURCES/0038-Update-common-submodule.patch create mode 100644 SOURCES/0039-tests-Test-guestfish-key-all-.-selector.patch delete mode 100644 SOURCES/libguestfs-1.48.4.tar.gz.sig create mode 100644 SOURCES/libguestfs-1.50.1.tar.gz.sig diff --git a/.gitignore b/.gitignore index 6a0624f..ff47434 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ -SOURCES/libguestfs-1.48.4.tar.gz +SOURCES/libguestfs-1.50.1.tar.gz +SOURCES/libguestfs-common-1.50.1.tar.gz SOURCES/libguestfs.keyring diff --git a/.libguestfs.metadata b/.libguestfs.metadata index e6fbe70..3000872 100644 --- a/.libguestfs.metadata +++ b/.libguestfs.metadata @@ -1,2 +1,3 @@ -a8754a62256ac488eec3e18bed20f570f785d069 SOURCES/libguestfs-1.48.4.tar.gz +b2ccc62a61d43917d982bb380709cd283fda465a SOURCES/libguestfs-1.50.1.tar.gz +c2f649ede7121e974884afb1b2dfacb966f9e21e SOURCES/libguestfs-common-1.50.1.tar.gz 1bbc40f501a7fef9eef2a39b701a71aee2fea7c4 SOURCES/libguestfs.keyring diff --git a/SOURCES/0001-New-API-guestfs_device_name-returning-the-drive-name.patch b/SOURCES/0001-New-API-guestfs_device_name-returning-the-drive-name.patch deleted file mode 100644 index fe4b696..0000000 --- a/SOURCES/0001-New-API-guestfs_device_name-returning-the-drive-name.patch +++ /dev/null @@ -1,96 +0,0 @@ -From e3ebd50abde3b05db86c8965868c866152cd3287 Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Thu, 28 Apr 2022 13:16:54 +0100 -Subject: [PATCH] New API: guestfs_device_name returning the drive name - -For each drive added, return the name. For example calling this with -index 0 will return the string "/dev/sda". I called it -guestfs_device_name (not drive_name) for consistency with the existing -guestfs_device_index function. - -You don't really need to call this function. You can follow the -advice here: -https://libguestfs.org/guestfs.3.html#block-device-naming -and assume that drives are added with predictable names like -"/dev/sda", "/dev/sdb", etc. - -However it's useful to expose the internal guestfs_int_drive_name -function since especially handling names beyond index 26 is tricky -(https://rwmj.wordpress.com/2011/01/09/how-are-linux-drives-named-beyond-drive-26-devsdz/) - -Fixes: https://github.com/libguestfs/libguestfs/issues/80 -Reviewed-by: Laszlo Ersek -(cherry picked from commit ac00e603f83802634f1d53b1629aee4670eaf31c) ---- - generator/actions_core.ml | 24 +++++++++++++++++++++++- - lib/drives.c | 15 +++++++++++++++ - 2 files changed, 38 insertions(+), 1 deletion(-) - -diff --git a/generator/actions_core.ml b/generator/actions_core.ml -index ce9ee39cc..dc12fdc33 100644 ---- a/generator/actions_core.ml -+++ b/generator/actions_core.ml -@@ -737,7 +737,29 @@ returns the index of the device in the list of devices. - Index numbers start from 0. The named device must exist, - for example as a string returned from C. - --See also C, C." }; -+See also C, C, -+C." }; -+ -+ { defaults with -+ name = "device_name"; added = (1, 49, 1); -+ style = RString (RPlainString, "name"), [Int "index"], []; -+ tests = [ -+ InitEmpty, Always, TestResult ( -+ [["device_name"; "0"]], "STREQ (ret, \"/dev/sda\")"), []; -+ InitEmpty, Always, TestResult ( -+ [["device_name"; "1"]], "STREQ (ret, \"/dev/sdb\")"), []; -+ InitEmpty, Always, TestLastFail ( -+ [["device_name"; "99"]]), [] -+ ]; -+ shortdesc = "convert device index to name"; -+ longdesc = "\ -+This function takes a device index and returns the device -+name. For example index C<0> will return the string C. -+ -+The drive index must have been added to the handle. -+ -+See also C, C, -+C." }; - - { defaults with - name = "shutdown"; added = (1, 19, 16); -diff --git a/lib/drives.c b/lib/drives.c -index fd95308d2..a6179fc36 100644 ---- a/lib/drives.c -+++ b/lib/drives.c -@@ -31,6 +31,7 @@ - #include - #include - #include -+#include - #include - - #include "c-ctype.h" -@@ -1084,3 +1085,17 @@ guestfs_impl_device_index (guestfs_h *g, const char *device) - error (g, _("%s: device not found"), device); - return r; - } -+ -+char * -+guestfs_impl_device_name (guestfs_h *g, int index) -+{ -+ char drive_name[64]; -+ -+ if (index < 0 || index >= g->nr_drives) { -+ guestfs_int_error_errno (g, EINVAL, _("drive index out of range")); -+ return NULL; -+ } -+ -+ guestfs_int_drive_name (index, drive_name); -+ return safe_asprintf (g, "/dev/sd%s", drive_name); -+} --- -2.31.1 - diff --git a/SOURCES/0001-update-common-submodule.patch b/SOURCES/0001-update-common-submodule.patch new file mode 100644 index 0000000..f15d70b --- /dev/null +++ b/SOURCES/0001-update-common-submodule.patch @@ -0,0 +1,138 @@ +From 5c672d1541e7d769e73e6858944d33f66be12f30 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Tue, 14 Mar 2023 14:15:05 +0100 +Subject: [PATCH] update common submodule + +Andrey Drobyshev (2): + inject_virtio_win: add Virtio_SCSI to block_type + inject_virtio_win: write the proper block controller PCI ID to Win registry + +Richard W.M. Jones (2): + mlcustomize: Fix overlong comment + mlcustomize: Add accessors for block driver priority list + +Roman Kagan (1): + inject_virtio_win: match only vendor/device/revision + +Signed-off-by: Laszlo Ersek +(cherry picked from commit 7414ac40c7df0a8938a05ba50907312b0093d107) +--- + common | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Submodule common 90e0077e..360e037d: +diff --git a/common/mlcustomize/inject_virtio_win.ml b/common/mlcustomize/inject_virtio_win.ml +index 5f4aab72..2a30b200 100644 +--- a/common/mlcustomize/inject_virtio_win.ml ++++ b/common/mlcustomize/inject_virtio_win.ml +@@ -49,9 +49,12 @@ type t = { + of libosinfo. Although this behaviour is documented, IMHO it has + always been a bad idea. We should change this in future to allow + the user to select where they want to get drivers from. XXX *) ++ ++ mutable block_driver_priority : string list ++ (** List of block drivers *) + } + +-type block_type = Virtio_blk | IDE ++type block_type = Virtio_blk | Virtio_SCSI | IDE + and net_type = Virtio_net | E1000 | RTL8139 + and machine_type = I440FX | Q35 | Virt + +@@ -107,13 +110,17 @@ and get_inspection g root = + { g; root; + i_arch; i_major_version; i_minor_version; i_osinfo; + i_product_variant; i_windows_current_control_set; i_windows_systemroot; +- virtio_win = ""; was_set = false } ++ virtio_win = ""; was_set = false; ++ block_driver_priority = ["virtio_blk"; "vrtioblk"; "viostor"] } ++ ++let get_block_driver_priority t = t.block_driver_priority ++let set_block_driver_priority t v = t.block_driver_priority <- v + + let scsi_class_guid = "{4D36E97B-E325-11CE-BFC1-08002BE10318}" +-let viostor_legacy_pciid = "VEN_1AF4&DEV_1001&SUBSYS_00021AF4&REV_00" +-let viostor_modern_pciid = "VEN_1AF4&DEV_1042&SUBSYS_11001AF4&REV_01" +-let vioscsi_legacy_pciid = "VEN_1AF4&DEV_1004&SUBSYS_00081AF4&REV_00" +-let vioscsi_modern_pciid = "VEN_1AF4&DEV_1048&SUBSYS_11001AF4&REV_01" ++let viostor_legacy_pciid = "VEN_1AF4&DEV_1001&REV_00" ++let viostor_modern_pciid = "VEN_1AF4&DEV_1042&REV_01" ++let vioscsi_legacy_pciid = "VEN_1AF4&DEV_1004&REV_00" ++let vioscsi_modern_pciid = "VEN_1AF4&DEV_1048&REV_01" + + let rec inject_virtio_win_drivers ({ g } as t) reg = + (* Copy the virtio drivers to the guest. *) +@@ -176,14 +183,13 @@ let rec inject_virtio_win_drivers ({ g } as t) reg = + else ( + (* Can we install the block driver? *) + let block : block_type = +- let filenames = ["virtio_blk"; "vrtioblk"; "viostor"] in + let viostor_driver = try ( + Some ( + List.find ( + fun driver_file -> + let source = driverdir // driver_file ^ ".sys" in + g#exists source +- ) filenames ++ ) t.block_driver_priority + ) + ) with Not_found -> None in + match viostor_driver with +@@ -194,16 +200,22 @@ let rec inject_virtio_win_drivers ({ g } as t) reg = + IDE + + | Some driver_name -> +- (* Block driver needs tweaks to allow booting; the rest is set up by PnP +- * manager *) ++ (* Block driver needs tweaks to allow booting; ++ * the rest is set up by PnP manager. ++ *) + let source = driverdir // (driver_name ^ ".sys") in + let target = sprintf "%s/system32/drivers/%s.sys" + t.i_windows_systemroot driver_name in + let target = g#case_sensitive_path target in ++ let installed_block_type, legacy_pciid, modern_pciid = ++ match driver_name with ++ | "vioscsi" -> Virtio_SCSI, vioscsi_legacy_pciid, vioscsi_modern_pciid ++ | _ -> Virtio_blk, viostor_legacy_pciid, viostor_modern_pciid ++ in + g#cp source target; +- add_guestor_to_registry t reg driver_name viostor_legacy_pciid; +- add_guestor_to_registry t reg driver_name viostor_modern_pciid; +- Virtio_blk in ++ add_guestor_to_registry t reg driver_name legacy_pciid; ++ add_guestor_to_registry t reg driver_name modern_pciid; ++ installed_block_type in + + (* Can we install the virtio-net driver? *) + let net : net_type = +diff --git a/common/mlcustomize/inject_virtio_win.mli b/common/mlcustomize/inject_virtio_win.mli +index 0ced02e8..d14f0497 100644 +--- a/common/mlcustomize/inject_virtio_win.mli ++++ b/common/mlcustomize/inject_virtio_win.mli +@@ -20,7 +20,7 @@ + + type t (** Handle *) + +-type block_type = Virtio_blk | IDE ++type block_type = Virtio_blk | Virtio_SCSI | IDE + and net_type = Virtio_net | E1000 | RTL8139 + and machine_type = I440FX | Q35 | Virt + +@@ -64,6 +64,16 @@ val from_environment : Guestfs.guestfs -> string -> string -> t + + This should only be used by [virt-v2v] and is considered a legacy method. *) + ++val get_block_driver_priority : t -> string list ++val set_block_driver_priority : t -> string list -> unit ++(** Get or set the current block driver priority list. This is ++ a list of virtio-win block driver names (eg. ["viostor"]) that ++ we search until we come to the first [name ^ ".sys"] that ++ we find, and that is the block driver which gets installed. ++ ++ This module contains a default priority list which should ++ be suitable for most use cases. *) ++ + val inject_virtio_win_drivers : t -> Registry.t -> virtio_win_installed + (** [inject_virtio_win_drivers t reg] + installs virtio drivers from the driver directory or driver diff --git a/SOURCES/0002-guestfs_readdir-rewrite-with-FileOut-transfer-to-lif.patch b/SOURCES/0002-guestfs_readdir-rewrite-with-FileOut-transfer-to-lif.patch deleted file mode 100644 index 1c7e841..0000000 --- a/SOURCES/0002-guestfs_readdir-rewrite-with-FileOut-transfer-to-lif.patch +++ /dev/null @@ -1,565 +0,0 @@ -From b97b90779d5ea261d5e737f073bb4ec5dc546511 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Mon, 2 May 2022 10:56:00 +0200 -Subject: [PATCH] guestfs_readdir(): rewrite with FileOut transfer, to lift - protocol limit - -Currently the guestfs_readdir() API can not list long directories, due to -it sending back the whole directory listing in a single guestfs protocol -response, which is limited to GUESTFS_MESSAGE_MAX (approx. 4MB) in size. - -Introduce the "internal_readdir" action, for transferring the directory -listing from the daemon to the library through a FileOut parameter. -Rewrite guestfs_readdir() on top of this new internal function: - -- The new "internal_readdir" action is a daemon action. Do not repurpose - the "readdir" proc_nr (138) for "internal_readdir", as some distros ship - the binary appliance to their users, and reusing the proc_nr could - create a mismatch between library & appliance with obscure symptoms. - Replace the old proc_nr (138) with a new proc_nr (511) instead; a - mismatch would then produce a clear error message. Assume the new action - will first be released in libguestfs-1.48.2. - -- Turn "readdir" from a daemon action into a non-daemon one. Call the - daemon action guestfs_internal_readdir() manually, receive the FileOut - parameter into a temp file, then deserialize the dirents array from the - temp file. - -This patch sneakily fixes an independent bug, too. In the pre-patch -do_readdir() function [daemon/readdir.c], when readdir() returns NULL, we -don't distinguish "end of directory stream" from "readdir() failed". This -rewrite fixes this problem -- I didn't see much value separating out the -fix for the original do_readdir(). - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1674392 -Signed-off-by: Laszlo Ersek -Message-Id: <20220502085601.15012-2-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit 45b7f1736b64e9f0741e21e5a9d83a837bd863bf) ---- - TODO | 8 --- - daemon/readdir.c | 132 +++++++++++++++++++------------------- - generator/actions_core.ml | 127 +++++++++++++++++++----------------- - generator/proc_nr.ml | 2 +- - lib/MAX_PROC_NR | 2 +- - lib/Makefile.am | 1 + - lib/readdir.c | 131 +++++++++++++++++++++++++++++++++++++ - 7 files changed, 267 insertions(+), 136 deletions(-) - create mode 100644 lib/readdir.c - -diff --git a/TODO b/TODO -index a50f7d73c..513e55f92 100644 ---- a/TODO -+++ b/TODO -@@ -484,14 +484,6 @@ this approach works, it doesn't solve the MBR problem, so likely we'd - have to write a library for that (or perhaps go back to sfdisk but - using a very abstracted interface over sfdisk). - --Reimplement some APIs to avoid protocol limits ------------------------------------------------ -- --Mostly this item was done (eg. commits a69f44f56f and before). The --most notable API with a protocol limit remaining is: -- -- - guestfs_readdir -- - hivex - ----- - -diff --git a/daemon/readdir.c b/daemon/readdir.c -index e488f93e7..9ab0b0aec 100644 ---- a/daemon/readdir.c -+++ b/daemon/readdir.c -@@ -16,77 +16,67 @@ - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ - --#include -+#include /* HAVE_STRUCT_DIRENT_D_TYPE */ - --#include --#include --#include --#include --#include -+#include /* readdir() */ -+#include /* errno */ -+#include /* xdrmem_create() */ -+#include /* perror() */ -+#include /* malloc() */ -+#include /* opendir() */ - --#include "daemon.h" --#include "actions.h" -+#include "daemon.h" /* reply_with_perror() */ - --static void --free_int_dirent_list (guestfs_int_dirent *p, size_t len) -+/* Has one FileOut parameter. */ -+int -+do_internal_readdir (const char *dir) - { -- size_t i; -+ int ret; -+ DIR *dirstream; -+ void *xdr_buf; -+ XDR xdr; - -- for (i = 0; i < len; ++i) { -- free (p[i].name); -- } -- free (p); --} -- --guestfs_int_dirent_list * --do_readdir (const char *path) --{ -- guestfs_int_dirent_list *ret; -- guestfs_int_dirent v; -- DIR *dir; -- struct dirent *d; -- size_t i; -- -- ret = malloc (sizeof *ret); -- if (ret == NULL) { -- reply_with_perror ("malloc"); -- return NULL; -- } -- -- ret->guestfs_int_dirent_list_len = 0; -- ret->guestfs_int_dirent_list_val = NULL; -+ /* Prepare to fail. */ -+ ret = -1; - - CHROOT_IN; -- dir = opendir (path); -+ dirstream = opendir (dir); - CHROOT_OUT; - -- if (dir == NULL) { -- reply_with_perror ("opendir: %s", path); -- free (ret); -- return NULL; -+ if (dirstream == NULL) { -+ reply_with_perror ("opendir: %s", dir); -+ return ret; - } - -- i = 0; -- while ((d = readdir (dir)) != NULL) { -- guestfs_int_dirent *p; -+ xdr_buf = malloc (GUESTFS_MAX_CHUNK_SIZE); -+ if (xdr_buf == NULL) { -+ reply_with_perror ("malloc"); -+ goto close_dir; -+ } -+ xdrmem_create (&xdr, xdr_buf, GUESTFS_MAX_CHUNK_SIZE, XDR_ENCODE); -+ -+ /* Send an "OK" reply, before starting the file transfer. */ -+ reply (NULL, NULL); -+ -+ /* From this point on, we can only report errors by canceling the file -+ * transfer. -+ */ -+ for (;;) { -+ struct dirent *d; -+ guestfs_int_dirent v; -+ -+ errno = 0; -+ d = readdir (dirstream); -+ if (d == NULL) { -+ if (errno == 0) -+ ret = 0; -+ else -+ perror ("readdir"); - -- p = realloc (ret->guestfs_int_dirent_list_val, -- sizeof (guestfs_int_dirent) * (i+1)); -- v.name = strdup (d->d_name); -- if (!p || !v.name) { -- reply_with_perror ("allocate"); -- if (p) { -- free_int_dirent_list (p, i); -- } else { -- free_int_dirent_list (ret->guestfs_int_dirent_list_val, i); -- } -- free (v.name); -- free (ret); -- closedir (dir); -- return NULL; -+ break; - } -- ret->guestfs_int_dirent_list_val = p; - -+ v.name = d->d_name; - v.ino = d->d_ino; - #ifdef HAVE_STRUCT_DIRENT_D_TYPE - switch (d->d_type) { -@@ -104,19 +94,29 @@ do_readdir (const char *path) - v.ftyp = 'u'; - #endif - -- ret->guestfs_int_dirent_list_val[i] = v; -+ if (!xdr_guestfs_int_dirent (&xdr, &v)) { -+ fprintf (stderr, "xdr_guestfs_int_dirent failed\n"); -+ break; -+ } - -- i++; -+ if (send_file_write (xdr_buf, xdr_getpos (&xdr)) != 0) -+ break; -+ -+ xdr_setpos (&xdr, 0); - } - -- ret->guestfs_int_dirent_list_len = i; -+ /* Finish or cancel the transfer. Note that if (ret == -1) because the library -+ * canceled, we still need to cancel back! -+ */ -+ send_file_end (ret == -1); - -- if (closedir (dir) == -1) { -- reply_with_perror ("closedir"); -- free (ret->guestfs_int_dirent_list_val); -- free (ret); -- return NULL; -- } -+ xdr_destroy (&xdr); -+ free (xdr_buf); -+ -+close_dir: -+ if (closedir (dirstream) == -1) -+ /* Best we can do here is log an error. */ -+ perror ("closedir"); - - return ret; - } -diff --git a/generator/actions_core.ml b/generator/actions_core.ml -index dc12fdc33..807150615 100644 ---- a/generator/actions_core.ml -+++ b/generator/actions_core.ml -@@ -141,6 +141,66 @@ only useful for printing debug and internal error messages. - - For more information on states, see L." }; - -+ { defaults with -+ name = "readdir"; added = (1, 0, 55); -+ style = RStructList ("entries", "dirent"), [String (Pathname, "dir")], []; -+ progress = true; cancellable = true; -+ shortdesc = "read directories entries"; -+ longdesc = "\ -+This returns the list of directory entries in directory C. -+ -+All entries in the directory are returned, including C<.> and -+C<..>. The entries are I sorted, but returned in the same -+order as the underlying filesystem. -+ -+Also this call returns basic file type information about each -+file. The C field will contain one of the following characters: -+ -+=over 4 -+ -+=item 'b' -+ -+Block special -+ -+=item 'c' -+ -+Char special -+ -+=item 'd' -+ -+Directory -+ -+=item 'f' -+ -+FIFO (named pipe) -+ -+=item 'l' -+ -+Symbolic link -+ -+=item 'r' -+ -+Regular file -+ -+=item 's' -+ -+Socket -+ -+=item 'u' -+ -+Unknown file type -+ -+=item '?' -+ -+The L call returned a C field with an -+unexpected value -+ -+=back -+ -+This function is primarily intended for use by programs. To -+get a simple list of names, use C. To get a printable -+directory for human consumption, use C." }; -+ - { defaults with - name = "version"; added = (1, 0, 58); - style = RStruct ("version", "version"), [], []; -@@ -3939,66 +3999,6 @@ L, C, C. - - This call returns the previous umask." }; - -- { defaults with -- name = "readdir"; added = (1, 0, 55); -- style = RStructList ("entries", "dirent"), [String (Pathname, "dir")], []; -- protocol_limit_warning = true; -- shortdesc = "read directories entries"; -- longdesc = "\ --This returns the list of directory entries in directory C. -- --All entries in the directory are returned, including C<.> and --C<..>. The entries are I sorted, but returned in the same --order as the underlying filesystem. -- --Also this call returns basic file type information about each --file. The C field will contain one of the following characters: -- --=over 4 -- --=item 'b' -- --Block special -- --=item 'c' -- --Char special -- --=item 'd' -- --Directory -- --=item 'f' -- --FIFO (named pipe) -- --=item 'l' -- --Symbolic link -- --=item 'r' -- --Regular file -- --=item 's' -- --Socket -- --=item 'u' -- --Unknown file type -- --=item '?' -- --The L call returned a C field with an --unexpected value -- --=back -- --This function is primarily intended for use by programs. To --get a simple list of names, use C. To get a printable --directory for human consumption, use C." }; -- - { defaults with - name = "getxattrs"; added = (1, 0, 59); - style = RStructList ("xattrs", "xattr"), [String (Pathname, "path")], []; -@@ -9713,4 +9713,11 @@ C. The C parameter must be - the name of the mapping device (ie. F) - and I the name of the underlying block device." }; - -+ { defaults with -+ name = "internal_readdir"; added = (1, 48, 2); -+ style = RErr, [String (Pathname, "dir"); String (FileOut, "filename")], []; -+ visibility = VInternal; -+ shortdesc = "read directories entries"; -+ longdesc = "Internal function for readdir." }; -+ - ] -diff --git a/generator/proc_nr.ml b/generator/proc_nr.ml -index b20672ff0..bdced51c9 100644 ---- a/generator/proc_nr.ml -+++ b/generator/proc_nr.ml -@@ -152,7 +152,6 @@ let proc_nr = [ - 135, "mknod_b"; - 136, "mknod_c"; - 137, "umask"; --138, "readdir"; - 139, "sfdiskM"; - 140, "zfile"; - 141, "getxattrs"; -@@ -514,6 +513,7 @@ let proc_nr = [ - 508, "cryptsetup_open"; - 509, "cryptsetup_close"; - 510, "internal_list_rpm_applications"; -+511, "internal_readdir"; - ] - - (* End of list. If adding a new entry, add it at the end of the list -diff --git a/lib/MAX_PROC_NR b/lib/MAX_PROC_NR -index 2bc4cd64b..c0556fb20 100644 ---- a/lib/MAX_PROC_NR -+++ b/lib/MAX_PROC_NR -@@ -1 +1 @@ --510 -+511 -diff --git a/lib/Makefile.am b/lib/Makefile.am -index 144c45588..212bcb94a 100644 ---- a/lib/Makefile.am -+++ b/lib/Makefile.am -@@ -105,6 +105,7 @@ libguestfs_la_SOURCES = \ - private-data.c \ - proto.c \ - qemu.c \ -+ readdir.c \ - rescue.c \ - stringsbuf.c \ - structs-compare.c \ -diff --git a/lib/readdir.c b/lib/readdir.c -new file mode 100644 -index 000000000..9cb0d7cf6 ---- /dev/null -+++ b/lib/readdir.c -@@ -0,0 +1,131 @@ -+/* libguestfs -+ * Copyright (C) 2016-2022 Red Hat Inc. -+ * -+ * This library is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU Lesser General Public -+ * License as published by the Free Software Foundation; either -+ * version 2 of the License, or (at your option) any later version. -+ * -+ * This library is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ * Lesser General Public License for more details. -+ * -+ * You should have received a copy of the GNU Lesser General Public -+ * License along with this library; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -+ */ -+ -+#include /* UNIX_PATH_MAX, needed by "guestfs-internal.h" */ -+ -+#include /* xdrstdio_create() */ -+#include /* UINT32_MAX */ -+#include /* fopen() */ -+#include /* memset() */ -+ -+#include "guestfs.h" /* guestfs_internal_readdir() */ -+#include "guestfs_protocol.h" /* guestfs_int_dirent */ -+#include "guestfs-internal.h" /* guestfs_int_make_temp_path() */ -+#include "guestfs-internal-actions.h" /* guestfs_impl_readdir */ -+ -+struct guestfs_dirent_list * -+guestfs_impl_readdir (guestfs_h *g, const char *dir) -+{ -+ struct guestfs_dirent_list *ret; -+ char *tmpfn; -+ FILE *f; -+ off_t fsize; -+ XDR xdr; -+ struct guestfs_dirent_list *dirents; -+ uint32_t alloc_entries; -+ size_t alloc_bytes; -+ -+ /* Prepare to fail. */ -+ ret = NULL; -+ -+ tmpfn = guestfs_int_make_temp_path (g, "readdir", NULL); -+ if (tmpfn == NULL) -+ return ret; -+ -+ if (guestfs_internal_readdir (g, dir, tmpfn) == -1) -+ goto drop_tmpfile; -+ -+ f = fopen (tmpfn, "r"); -+ if (f == NULL) { -+ perrorf (g, "fopen: %s", tmpfn); -+ goto drop_tmpfile; -+ } -+ -+ if (fseeko (f, 0, SEEK_END) == -1) { -+ perrorf (g, "fseeko"); -+ goto close_tmpfile; -+ } -+ fsize = ftello (f); -+ if (fsize == -1) { -+ perrorf (g, "ftello"); -+ goto close_tmpfile; -+ } -+ if (fseeko (f, 0, SEEK_SET) == -1) { -+ perrorf (g, "fseeko"); -+ goto close_tmpfile; -+ } -+ -+ xdrstdio_create (&xdr, f, XDR_DECODE); -+ -+ dirents = safe_malloc (g, sizeof *dirents); -+ dirents->len = 0; -+ alloc_entries = 8; -+ alloc_bytes = alloc_entries * sizeof *dirents->val; -+ dirents->val = safe_malloc (g, alloc_bytes); -+ -+ while (xdr_getpos (&xdr) < fsize) { -+ guestfs_int_dirent v; -+ struct guestfs_dirent *d; -+ -+ if (dirents->len == alloc_entries) { -+ if (alloc_entries > UINT32_MAX / 2 || alloc_bytes > (size_t)-1 / 2) { -+ error (g, "integer overflow"); -+ goto free_dirents; -+ } -+ alloc_entries *= 2u; -+ alloc_bytes *= 2u; -+ dirents->val = safe_realloc (g, dirents->val, alloc_bytes); -+ } -+ -+ /* Decoding does not work unless the target buffer is zero-initialized. */ -+ memset (&v, 0, sizeof v); -+ if (!xdr_guestfs_int_dirent (&xdr, &v)) { -+ error (g, "xdr_guestfs_int_dirent failed"); -+ goto free_dirents; -+ } -+ -+ d = &dirents->val[dirents->len]; -+ d->ino = v.ino; -+ d->ftyp = v.ftyp; -+ d->name = v.name; /* transfer malloc'd string to "d" */ -+ -+ dirents->len++; -+ } -+ -+ /* Success; transfer "dirents" to "ret". */ -+ ret = dirents; -+ dirents = NULL; -+ -+ /* Clean up. */ -+ xdr_destroy (&xdr); -+ -+free_dirents: -+ guestfs_free_dirent_list (dirents); -+ -+close_tmpfile: -+ fclose (f); -+ -+drop_tmpfile: -+ /* In case guestfs_internal_readdir() failed, it may or may not have created -+ * the temporary file. -+ */ -+ unlink (tmpfn); -+ free (tmpfn); -+ -+ return ret; -+} --- -2.31.1 - diff --git a/SOURCES/0002-update-common-submodule.patch b/SOURCES/0002-update-common-submodule.patch new file mode 100644 index 0000000..7c86882 --- /dev/null +++ b/SOURCES/0002-update-common-submodule.patch @@ -0,0 +1,88 @@ +From 89b6c8b458dcb00de83b543c47a6acb049f63f18 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Tue, 21 Mar 2023 16:55:15 +0100 +Subject: [PATCH] update common submodule + +HATAYAMA Daisuke (1): + progress: fix segmentation fault when TERM variable is "dumb" + +Laszlo Ersek (2): + detect_kernels: tighten "try" scope + detect_kernels: deal with RHEL's kernel-core / kernel-modules-core split + +rwmjones (1): + Merge pull request #5 from d-hatayama/fix_segfault_progress_bar + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2175703 +Signed-off-by: Laszlo Ersek +(cherry picked from commit be11d25b3e2770d86699e94c5087e6625477d5ec) +--- + common | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Submodule common 360e037d..70c10a07: +diff --git a/common/mldrivers/linux_kernels.ml b/common/mldrivers/linux_kernels.ml +index a46146a1..23ff76a5 100644 +--- a/common/mldrivers/linux_kernels.ml ++++ b/common/mldrivers/linux_kernels.ml +@@ -125,9 +125,9 @@ let detect_kernels (g : G.guestfs) root bootloader apps = + *) + let modpath, version = + let prefix = "/lib/modules/" in ++ let prefix_len = String.length prefix in + try +- let prefix_len = String.length prefix in +- List.find_map ( ++ let modpath, version = List.find_map ( + fun filename -> + let filename_len = String.length filename in + if filename_len > prefix_len && +@@ -137,17 +137,29 @@ let detect_kernels (g : G.guestfs) root bootloader apps = + Some (filename, version) + ) else + None +- ) files ++ ) files in ++ (* Fall back to the version in the vmlinuz file name not only if ++ * a candidate pathname couldn't be found under /lib/modules/, ++ * but also in case the candidate pathname doesn't reference a ++ * directory. See RHBZ#2175703. ++ * ++ * Note that this "is_dir" check is deliberately kept outside of ++ * the "find_map"'s mapper function above: we want the first ++ * candidate *to be* a directory, and not the first candidate ++ * *that is* a directory. ++ *) ++ if not (g#is_dir ~followsymlinks:true modpath) then ++ raise Not_found; ++ modpath, version + with Not_found -> + let version = + String.sub vmlinuz 14 (String.length vmlinuz - 14) in + let modpath = prefix ^ version in ++ (* Check that the modpath exists. *) ++ if not (g#is_dir ~followsymlinks:true modpath) then ++ raise Not_found; + modpath, version in + +- (* Check that the modpath exists. *) +- if not (g#is_dir ~followsymlinks:true modpath) then +- raise Not_found; +- + (* Find the initramfs which corresponds to the kernel. + * Since the initramfs is built at runtime, and doesn't have + * to be covered by the RPM file list, this is basically +diff --git a/common/progress/progress.c b/common/progress/progress.c +index 4d52b97e..e4b30663 100644 +--- a/common/progress/progress.c ++++ b/common/progress/progress.c +@@ -318,7 +318,8 @@ progress_bar_set (struct progress_bar *bar, + * (b) it's just not possible to use tputs in a sane way here. + */ + /*tputs (UP, 2, putchar);*/ +- fprintf (fp, "%s", UP); ++ if (UP) ++ fprintf (fp, "%s", UP); + } + bar->count++; + diff --git a/SOURCES/0003-daemon-selinux-relabel-don-t-exclude-selinux-if-it-s.patch b/SOURCES/0003-daemon-selinux-relabel-don-t-exclude-selinux-if-it-s.patch new file mode 100644 index 0000000..dea3fa6 --- /dev/null +++ b/SOURCES/0003-daemon-selinux-relabel-don-t-exclude-selinux-if-it-s.patch @@ -0,0 +1,63 @@ +From e58cd8df467e342463d08e3d761c2e322287b13e Mon Sep 17 00:00:00 2001 +From: Andrey Drobyshev +Date: Wed, 26 Apr 2023 15:59:44 +0300 +Subject: [PATCH] daemon/selinux-relabel: don't exclude "/selinux" if it's + non-existent + +Since RHBZ#726528, filesystem.rpm doesn't include /selinux. setfiles +then gives us the warning: "Can't stat exclude path "/sysroot/selinux", +No such file or directory - ignoring." + +Though the warning is harmless, let's get rid of it by checking the +existence of /selinux directory. + +Signed-off-by: Andrey Drobyshev +Reviewed-by: Laszlo Ersek +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 9ced5fac8c1f0f8ff7ed2b5671c1c7f5f0bfa875) +--- + daemon/selinux-relabel.c | 16 +++++++++++++++- + 1 file changed, 15 insertions(+), 1 deletion(-) + +diff --git a/daemon/selinux-relabel.c b/daemon/selinux-relabel.c +index 976cffe3..454486c1 100644 +--- a/daemon/selinux-relabel.c ++++ b/daemon/selinux-relabel.c +@@ -21,6 +21,7 @@ + #include + #include + #include ++#include + + #include "guestfs_protocol.h" + #include "daemon.h" +@@ -37,6 +38,17 @@ optgroup_selinuxrelabel_available (void) + return prog_exists ("setfiles"); + } + ++static int ++dir_exists (const char *dir) ++{ ++ struct stat statbuf; ++ ++ if (stat (dir, &statbuf) == 0 && S_ISDIR (statbuf.st_mode)) ++ return 1; ++ else ++ return 0; ++} ++ + static int + setfiles_has_option (int *flag, char opt_char) + { +@@ -99,8 +111,10 @@ do_selinux_relabel (const char *specfile, const char *path, + */ + ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_dev); + ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_proc); +- ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_selinux); + ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_sys); ++ if (dir_exists (s_selinux)) { ++ ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_selinux); ++ } + + /* You have to use the -m option (where available) otherwise + * setfiles puts all the mountpoints on the excludes list for no diff --git a/SOURCES/0003-guestfs_readdir-minimize-the-number-of-send_file_wri.patch b/SOURCES/0003-guestfs_readdir-minimize-the-number-of-send_file_wri.patch deleted file mode 100644 index 6e060a5..0000000 --- a/SOURCES/0003-guestfs_readdir-minimize-the-number-of-send_file_wri.patch +++ /dev/null @@ -1,108 +0,0 @@ -From 62cd6c9d2dd62dd24cc04b16437bfb816a6f4357 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Mon, 2 May 2022 10:56:01 +0200 -Subject: [PATCH] guestfs_readdir(): minimize the number of send_file_write() - calls - -In guestfs_readdir(), the daemon currently sends each XDR-encoded -"guestfs_int_dirent" to the library with a separate send_file_write() -call. - -Determine the largest encoded size (from the longest filename that a -"guestfs_int_dirent" could carry, from readdir()'s "struct dirent"), and -batch up the XDR encodings until the next encoding might not fit in -GUESTFS_MAX_CHUNK_SIZE. Call send_file_write() only then. - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1674392 -Signed-off-by: Laszlo Ersek -Message-Id: <20220502085601.15012-3-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit 4864d21cb8eb991f0fc98d03a068173837cba50e) ---- - daemon/readdir.c | 38 ++++++++++++++++++++++++++++++++------ - 1 file changed, 32 insertions(+), 6 deletions(-) - -diff --git a/daemon/readdir.c b/daemon/readdir.c -index 9ab0b0aec..3084ba939 100644 ---- a/daemon/readdir.c -+++ b/daemon/readdir.c -@@ -35,6 +35,9 @@ do_internal_readdir (const char *dir) - DIR *dirstream; - void *xdr_buf; - XDR xdr; -+ struct dirent fill; -+ guestfs_int_dirent v; -+ unsigned max_encoded; - - /* Prepare to fail. */ - ret = -1; -@@ -55,6 +58,20 @@ do_internal_readdir (const char *dir) - } - xdrmem_create (&xdr, xdr_buf, GUESTFS_MAX_CHUNK_SIZE, XDR_ENCODE); - -+ /* Calculate the max number of bytes a "guestfs_int_dirent" can be encoded to. -+ */ -+ memset (fill.d_name, 'a', sizeof fill.d_name - 1); -+ fill.d_name[sizeof fill.d_name - 1] = '\0'; -+ v.ino = INT64_MAX; -+ v.ftyp = '?'; -+ v.name = fill.d_name; -+ if (!xdr_guestfs_int_dirent (&xdr, &v)) { -+ fprintf (stderr, "xdr_guestfs_int_dirent failed\n"); -+ goto release_xdr; -+ } -+ max_encoded = xdr_getpos (&xdr); -+ xdr_setpos (&xdr, 0); -+ - /* Send an "OK" reply, before starting the file transfer. */ - reply (NULL, NULL); - -@@ -63,7 +80,6 @@ do_internal_readdir (const char *dir) - */ - for (;;) { - struct dirent *d; -- guestfs_int_dirent v; - - errno = 0; - d = readdir (dirstream); -@@ -94,22 +110,32 @@ do_internal_readdir (const char *dir) - v.ftyp = 'u'; - #endif - -+ /* Flush "xdr_buf" if we may not have enough room for encoding "v". */ -+ if (GUESTFS_MAX_CHUNK_SIZE - xdr_getpos (&xdr) < max_encoded) { -+ if (send_file_write (xdr_buf, xdr_getpos (&xdr)) != 0) -+ break; -+ -+ xdr_setpos (&xdr, 0); -+ } -+ - if (!xdr_guestfs_int_dirent (&xdr, &v)) { - fprintf (stderr, "xdr_guestfs_int_dirent failed\n"); - break; - } -- -- if (send_file_write (xdr_buf, xdr_getpos (&xdr)) != 0) -- break; -- -- xdr_setpos (&xdr, 0); - } - -+ /* Flush "xdr_buf" if the loop completed successfully and "xdr_buf" is not -+ * empty. */ -+ if (ret == 0 && xdr_getpos (&xdr) > 0 && -+ send_file_write (xdr_buf, xdr_getpos (&xdr)) != 0) -+ ret = -1; -+ - /* Finish or cancel the transfer. Note that if (ret == -1) because the library - * canceled, we still need to cancel back! - */ - send_file_end (ret == -1); - -+release_xdr: - xdr_destroy (&xdr); - free (xdr_buf); - --- -2.31.1 - diff --git a/SOURCES/0004-daemon-selinux-relabel-search-for-invalid-option-in-.patch b/SOURCES/0004-daemon-selinux-relabel-search-for-invalid-option-in-.patch new file mode 100644 index 0000000..569cd02 --- /dev/null +++ b/SOURCES/0004-daemon-selinux-relabel-search-for-invalid-option-in-.patch @@ -0,0 +1,33 @@ +From c1829048c598e11950c9d355fdd5c177a99e046f Mon Sep 17 00:00:00 2001 +From: Andrey Drobyshev +Date: Wed, 26 Apr 2023 15:59:45 +0300 +Subject: [PATCH] daemon/selinux-relabel: search for "invalid option" in + setfiles output + +'X' in the setiles' stderr doesn't necessarily mean that option 'X' +doesn't exist. For instance, when passing '-T' we get: "setfiles: +option requires an argument -- 'T'". + +Signed-off-by: Andrey Drobyshev +Reviewed-by: Laszlo Ersek +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 152d6e4bdf2dac88856a4ff83cf73451f897d4d4) +--- + daemon/selinux-relabel.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/daemon/selinux-relabel.c b/daemon/selinux-relabel.c +index 454486c1..60a6f48a 100644 +--- a/daemon/selinux-relabel.c ++++ b/daemon/selinux-relabel.c +@@ -56,8 +56,9 @@ setfiles_has_option (int *flag, char opt_char) + + if (*flag == -1) { + char option[] = { '-', opt_char, '\0' }; /* "-X" */ +- char err_opt[] = { '\'', opt_char, '\'', '\0'}; /* "'X'" */ ++ char err_opt[32]; /* "invalid option -- 'X'" */ + ++ snprintf(err_opt, sizeof(err_opt), "invalid option -- '%c'", opt_char); + ignore_value (command (NULL, &err, "setfiles", option, NULL)); + *flag = err && strstr (err, /* "invalid option -- " */ err_opt) == NULL; + } diff --git a/SOURCES/0004-lib-launch-direct-ignore-drive-iface-parameter.patch b/SOURCES/0004-lib-launch-direct-ignore-drive-iface-parameter.patch deleted file mode 100644 index 958b99f..0000000 --- a/SOURCES/0004-lib-launch-direct-ignore-drive-iface-parameter.patch +++ /dev/null @@ -1,123 +0,0 @@ -From e4901a4e83f0ab59a525095d2fe1c7f1a38c0aac Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Wed, 4 May 2022 15:41:52 +0200 -Subject: [PATCH] lib: launch-direct: ignore drive "iface" parameter - -Rich said in : - -> The libvirt backend has never allowed the iface parameter. We should -> probably ignore it in the direct backend since it's never been possible -> to use this parameter correctly. - -Remove the handling of "iface" in the direct (QEMU) backend. Refresh the -documentation regarding both backends. - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1844341 -Signed-off-by: Laszlo Ersek -Message-Id: <20220504134155.11832-2-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit 3eb830dbaee12c8dc4566cab226ed2af0e0f2d8c) ---- - generator/actions_core_deprecated.ml | 8 +++- - lib/launch-direct.c | 59 ++++++---------------------- - 2 files changed, 19 insertions(+), 48 deletions(-) - -diff --git a/generator/actions_core_deprecated.ml b/generator/actions_core_deprecated.ml -index 00dde3d2a..f1040a0e9 100644 ---- a/generator/actions_core_deprecated.ml -+++ b/generator/actions_core_deprecated.ml -@@ -73,7 +73,9 @@ of C." }; - shortdesc = "add a drive specifying the QEMU block emulation to use"; - longdesc = "\ - This is the same as C but it allows you --to specify the QEMU interface emulation to use at run time." }; -+to specify the QEMU interface emulation to use at run time. -+The libvirt backend rejects a non-empty C argument. -+The direct backend ignores C." }; - - { defaults with - name = "add_drive_ro_with_if"; added = (1, 0, 84); -@@ -83,7 +85,9 @@ to specify the QEMU interface emulation to use at run time." }; - shortdesc = "add a drive read-only specifying the QEMU block emulation to use"; - longdesc = "\ - This is the same as C but it allows you --to specify the QEMU interface emulation to use at run time." }; -+to specify the QEMU interface emulation to use at run time. -+The libvirt backend rejects a non-empty C argument. -+The direct backend ignores C." }; - - { defaults with - name = "lstatlist"; added = (1, 0, 77); -diff --git a/lib/launch-direct.c b/lib/launch-direct.c -index b292b9c26..ff0eaeb62 100644 ---- a/lib/launch-direct.c -+++ b/lib/launch-direct.c -@@ -296,52 +296,19 @@ static int - add_drive (guestfs_h *g, struct backend_direct_data *data, - struct qemuopts *qopts, size_t i, struct drive *drv) - { -- /* If there's an explicit 'iface', use it. Otherwise default to -- * virtio-scsi. -- */ -- if (drv->iface && STREQ (drv->iface, "virtio")) { /* virtio-blk */ -- start_list ("-drive") { -- if (add_drive_standard_params (g, data, qopts, i, drv) == -1) -- return -1; -- append_list ("if=none"); -- } end_list (); -- start_list ("-device") { -- append_list (VIRTIO_DEVICE_NAME ("virtio-blk")); -- append_list_format ("drive=hd%zu", i); -- if (drv->disk_label) -- append_list_format ("serial=%s", drv->disk_label); -- if (add_device_blocksize_params (g, qopts, drv) == -1) -- return -1; -- } end_list (); -- } --#if defined(__arm__) || defined(__aarch64__) || defined(__powerpc__) -- else if (drv->iface && STREQ (drv->iface, "ide")) { -- error (g, "'ide' interface does not work on ARM or PowerPC"); -- return -1; -- } --#endif -- else if (drv->iface) { -- start_list ("-drive") { -- if (add_drive_standard_params (g, data, qopts, i, drv) == -1) -- return -1; -- append_list_format ("if=%s", drv->iface); -- } end_list (); -- } -- else /* default case: virtio-scsi */ { -- start_list ("-drive") { -- if (add_drive_standard_params (g, data, qopts, i, drv) == -1) -- return -1; -- append_list ("if=none"); -- } end_list (); -- start_list ("-device") { -- append_list ("scsi-hd"); -- append_list_format ("drive=hd%zu", i); -- if (drv->disk_label) -- append_list_format ("serial=%s", drv->disk_label); -- if (add_device_blocksize_params (g, qopts, drv) == -1) -- return -1; -- } end_list (); -- } -+ start_list ("-drive") { -+ if (add_drive_standard_params (g, data, qopts, i, drv) == -1) -+ return -1; -+ append_list ("if=none"); -+ } end_list (); -+ start_list ("-device") { -+ append_list ("scsi-hd"); -+ append_list_format ("drive=hd%zu", i); -+ if (drv->disk_label) -+ append_list_format ("serial=%s", drv->disk_label); -+ if (add_device_blocksize_params (g, qopts, drv) == -1) -+ return -1; -+ } end_list (); - - return 0; - --- -2.31.1 - diff --git a/SOURCES/0005-daemon-selinux-relabel-run-setfiles-with-T-0-if-supp.patch b/SOURCES/0005-daemon-selinux-relabel-run-setfiles-with-T-0-if-supp.patch new file mode 100644 index 0000000..b5bb385 --- /dev/null +++ b/SOURCES/0005-daemon-selinux-relabel-run-setfiles-with-T-0-if-supp.patch @@ -0,0 +1,78 @@ +From 3046af080baad9935627ebb671950448cfd0fa7b Mon Sep 17 00:00:00 2001 +From: Andrey Drobyshev +Date: Wed, 26 Apr 2023 15:59:46 +0300 +Subject: [PATCH] daemon/selinux-relabel: run setfiles with "-T 0", if + supported + +Since SELinux userspace v3.4 [1], setfiles command supports "-T nthreads" +option, which allows parallel execution. "-T 0" allows using as many +threads as there're available CPU cores. This might speed up the process +of filesystem relabeling in case the appliance is being run with multiple +vCPUs. The latter is true for at least v2v starting from d2b64ecc67 +("v2v: Set the number of vCPUs to same as host number of pCPUs."). + +For instance, when running virt-v2v-in-place on my 12-core Xeon host +with SSD, with appliance being run with 8 vCPUs (the upper limit specified +in d2b64ecc67), and on the ~150GiB disk VM (physical size on the host), +I get the following results: + +./in-place/virt-v2v-in-place -i libvirt fedora37-vm -v -x + +Without this patch: +... +commandrvf: setfiles -F -e /sysroot/dev -e /sysroot/proc -e /sysroot/sys -m -C -r /sysroot -v /sysroot/etc/selinux/targeted/contexts/files/file_contexts /sysroot/^M +libguestfs: trace: v2v: selinux_relabel = 0 +libguestfs: trace: v2v: rm_f "/.autorelabel" +guestfsd: => selinux_relabel (0x1d3) took 17.94 secs +... + +With this patch: +... +commandrvf: setfiles -F -e /sysroot/dev -e /sysroot/proc -e /sysroot/sys -m -C -T 0 -r /sysroot -v /sysroot/etc/selinux/targeted/contexts/files/file_contexts /sysroot/^M +libguestfs: trace: v2v: selinux_relabel = 0 +libguestfs: trace: v2v: rm_f "/.autorelabel" +guestfsd: => selinux_relabel (0x1d3) took 5.88 secs +... + +So in my scenario it's getting 3 times faster. + +[1] https://github.com/SELinuxProject/selinux/releases/tag/3.4 + +Signed-off-by: Andrey Drobyshev +Reviewed-by: Laszlo Ersek +Reviewed-by: Richard W.M. Jones +(cherry picked from commit d0d8e6738477148a7b752348f9364a3b8faed67f) +--- + daemon/selinux-relabel.c | 12 ++++++++++++ + 1 file changed, 12 insertions(+) + +diff --git a/daemon/selinux-relabel.c b/daemon/selinux-relabel.c +index 60a6f48a..cfc5a31d 100644 +--- a/daemon/selinux-relabel.c ++++ b/daemon/selinux-relabel.c +@@ -73,6 +73,7 @@ do_selinux_relabel (const char *specfile, const char *path, + { + static int flag_m = -1; + static int flag_C = -1; ++ static int flag_T = -1; + const char *argv[MAX_ARGS]; + CLEANUP_FREE char *s_dev = NULL, *s_proc = NULL, *s_selinux = NULL, + *s_sys = NULL, *s_specfile = NULL, *s_path = NULL; +@@ -131,6 +132,17 @@ do_selinux_relabel (const char *specfile, const char *path, + if (setfiles_has_option (&flag_C, 'C')) + ADD_ARG (argv, i, "-C"); + ++ /* If the appliance is being run with multiple vCPUs, running setfiles ++ * in multithreading mode might speeds up the process. Option "-T" was ++ * introduced in SELinux userspace v3.4, and we need to check whether it's ++ * supported. Passing "-T 0" creates as many threads as there're available ++ * vCPU cores. ++ * https://github.com/SELinuxProject/selinux/releases/tag/3.4 ++ */ ++ if (setfiles_has_option (&flag_T, 'T')) { ++ ADD_ARG (argv, i, "-T"); ADD_ARG (argv, i, "0"); ++ } ++ + /* Relabelling in a chroot. */ + if (STRNEQ (sysroot, "/")) { + ADD_ARG (argv, i, "-r"); diff --git a/SOURCES/0005-lib-drive_create_data-drive-remove-field-iface.patch b/SOURCES/0005-lib-drive_create_data-drive-remove-field-iface.patch deleted file mode 100644 index 3f01445..0000000 --- a/SOURCES/0005-lib-drive_create_data-drive-remove-field-iface.patch +++ /dev/null @@ -1,245 +0,0 @@ -From f13297315495144775f6249e9e24dc5f18f6f902 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Wed, 4 May 2022 15:41:53 +0200 -Subject: [PATCH] lib: drive_create_data, drive: remove field "iface" - -Representing "iface" in the "drive_create_data" and "drive" structures is -now useless; the direct backend ignores "iface", while the libvirt one -rejects it unless it is empty. Unify both backends -- make them both -ignore "iface". (Which only relaxes the libvirt backend, so it cannot -cause compatibility problems.) This lets us remove the fields. Update the -documentation as well. - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1844341 -Signed-off-by: Laszlo Ersek -Message-Id: <20220504134155.11832-3-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit f68eaee1d6c41f91e7dfd2aa9e7d238cca7b8a4c) ---- - generator/actions_core_deprecated.ml | 6 ++---- - lib/drives.c | 31 +++++----------------------- - lib/guestfs-internal.h | 1 - - lib/launch-libvirt.c | 6 ------ - lib/libvirt-domain.c | 15 -------------- - 5 files changed, 7 insertions(+), 52 deletions(-) - -diff --git a/generator/actions_core_deprecated.ml b/generator/actions_core_deprecated.ml -index f1040a0e9..c23f4a330 100644 ---- a/generator/actions_core_deprecated.ml -+++ b/generator/actions_core_deprecated.ml -@@ -74,8 +74,7 @@ of C." }; - longdesc = "\ - This is the same as C but it allows you - to specify the QEMU interface emulation to use at run time. --The libvirt backend rejects a non-empty C argument. --The direct backend ignores C." }; -+Both the direct and the libvirt backends ignore C." }; - - { defaults with - name = "add_drive_ro_with_if"; added = (1, 0, 84); -@@ -86,8 +85,7 @@ The direct backend ignores C." }; - longdesc = "\ - This is the same as C but it allows you - to specify the QEMU interface emulation to use at run time. --The libvirt backend rejects a non-empty C argument. --The direct backend ignores C." }; -+Both the direct and the libvirt backends ignore C." }; - - { defaults with - name = "lstatlist"; added = (1, 0, 77); -diff --git a/lib/drives.c b/lib/drives.c -index a6179fc36..8fe46a41c 100644 ---- a/lib/drives.c -+++ b/lib/drives.c -@@ -53,7 +53,6 @@ struct drive_create_data { - const char *secret; - bool readonly; - const char *format; -- const char *iface; - const char *name; - const char *disk_label; - const char *cachemode; -@@ -110,7 +109,6 @@ create_drive_file (guestfs_h *g, - drv->src.format = data->format ? safe_strdup (g, data->format) : NULL; - - drv->readonly = data->readonly; -- drv->iface = data->iface ? safe_strdup (g, data->iface) : NULL; - drv->name = data->name ? safe_strdup (g, data->name) : NULL; - drv->disk_label = data->disk_label ? safe_strdup (g, data->disk_label) : NULL; - drv->cachemode = data->cachemode ? safe_strdup (g, data->cachemode) : NULL; -@@ -147,7 +145,6 @@ create_drive_non_file (guestfs_h *g, - drv->src.format = data->format ? safe_strdup (g, data->format) : NULL; - - drv->readonly = data->readonly; -- drv->iface = data->iface ? safe_strdup (g, data->iface) : NULL; - drv->name = data->name ? safe_strdup (g, data->name) : NULL; - drv->disk_label = data->disk_label ? safe_strdup (g, data->disk_label) : NULL; - drv->cachemode = data->cachemode ? safe_strdup (g, data->cachemode) : NULL; -@@ -470,7 +467,6 @@ free_drive_struct (struct drive *drv) - { - free_drive_source (&drv->src); - free (drv->overlay); -- free (drv->iface); - free (drv->name); - free (drv->disk_label); - free (drv->cachemode); -@@ -511,14 +507,12 @@ drive_to_string (guestfs_h *g, const struct drive *drv) - s_blocksize = safe_asprintf (g, "%d", drv->blocksize); - - return safe_asprintf -- (g, "%s%s%s%s protocol=%s%s%s%s%s%s%s%s%s%s%s%s%s", -+ (g, "%s%s%s%s protocol=%s%s%s%s%s%s%s%s%s%s%s", - drv->src.u.path, - drv->readonly ? " readonly" : "", - drv->src.format ? " format=" : "", - drv->src.format ? : "", - guestfs_int_drive_protocol_to_string (drv->src.protocol), -- drv->iface ? " iface=" : "", -- drv->iface ? : "", - drv->name ? " name=" : "", - drv->name ? : "", - drv->disk_label ? " label=" : "", -@@ -747,8 +741,6 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, - ? optargs->readonly : false; - data.format = optargs->bitmask & GUESTFS_ADD_DRIVE_OPTS_FORMAT_BITMASK - ? optargs->format : NULL; -- data.iface = optargs->bitmask & GUESTFS_ADD_DRIVE_OPTS_IFACE_BITMASK -- ? optargs->iface : NULL; - data.name = optargs->bitmask & GUESTFS_ADD_DRIVE_OPTS_NAME_BITMASK - ? optargs->name : NULL; - data.disk_label = optargs->bitmask & GUESTFS_ADD_DRIVE_OPTS_LABEL_BITMASK -@@ -804,12 +796,6 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, - free_drive_servers (data.servers, data.nr_servers); - return -1; - } -- if (data.iface && !VALID_FORMAT_IFACE (data.iface)) { -- error (g, _("%s parameter is empty or contains disallowed characters"), -- "iface"); -- free_drive_servers (data.servers, data.nr_servers); -- return -1; -- } - if (data.disk_label && !VALID_DISK_LABEL (data.disk_label)) { - error (g, _("label parameter is empty, too long, or contains disallowed characters")); - free_drive_servers (data.servers, data.nr_servers); -@@ -935,24 +921,17 @@ guestfs_impl_add_drive_ro (guestfs_h *g, const char *filename) - - int - guestfs_impl_add_drive_with_if (guestfs_h *g, const char *filename, -- const char *iface) -+ const char *iface ATTRIBUTE_UNUSED) - { -- const struct guestfs_add_drive_opts_argv optargs = { -- .bitmask = GUESTFS_ADD_DRIVE_OPTS_IFACE_BITMASK, -- .iface = iface, -- }; -- -- return guestfs_add_drive_opts_argv (g, filename, &optargs); -+ return guestfs_add_drive_opts_argv (g, filename, NULL); - } - - int - guestfs_impl_add_drive_ro_with_if (guestfs_h *g, const char *filename, -- const char *iface) -+ const char *iface ATTRIBUTE_UNUSED) - { - const struct guestfs_add_drive_opts_argv optargs = { -- .bitmask = GUESTFS_ADD_DRIVE_OPTS_IFACE_BITMASK -- | GUESTFS_ADD_DRIVE_OPTS_READONLY_BITMASK, -- .iface = iface, -+ .bitmask = GUESTFS_ADD_DRIVE_OPTS_READONLY_BITMASK, - .readonly = true, - }; - -diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h -index 5bb00bc10..16755cfb3 100644 ---- a/lib/guestfs-internal.h -+++ b/lib/guestfs-internal.h -@@ -298,7 +298,6 @@ struct drive { - - /* Various per-drive flags. */ - bool readonly; -- char *iface; - char *name; - char *disk_label; - char *cachemode; -diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c -index de342b425..03d69e027 100644 ---- a/lib/launch-libvirt.c -+++ b/lib/launch-libvirt.c -@@ -1472,12 +1472,6 @@ construct_libvirt_xml_disk (guestfs_h *g, - const char *type, *uuid; - int r; - -- /* XXX We probably could support this if we thought about it some more. */ -- if (drv->iface) { -- error (g, _("‘iface’ parameter is not supported by the libvirt backend")); -- return -1; -- } -- - start_element ("disk") { - attribute ("device", "disk"); - -diff --git a/lib/libvirt-domain.c b/lib/libvirt-domain.c -index 3050680fa..fafbf50ea 100644 ---- a/lib/libvirt-domain.c -+++ b/lib/libvirt-domain.c -@@ -68,7 +68,6 @@ guestfs_impl_add_domain (guestfs_h *g, const char *domain_name, - int live; - int allowuuid; - const char *readonlydisk; -- const char *iface; - const char *cachemode; - const char *discard; - bool copyonread; -@@ -78,8 +77,6 @@ guestfs_impl_add_domain (guestfs_h *g, const char *domain_name, - ? optargs->libvirturi : NULL; - readonly = optargs->bitmask & GUESTFS_ADD_DOMAIN_READONLY_BITMASK - ? optargs->readonly : 0; -- iface = optargs->bitmask & GUESTFS_ADD_DOMAIN_IFACE_BITMASK -- ? optargs->iface : NULL; - live = optargs->bitmask & GUESTFS_ADD_DOMAIN_LIVE_BITMASK - ? optargs->live : 0; - allowuuid = optargs->bitmask & GUESTFS_ADD_DOMAIN_ALLOWUUID_BITMASK -@@ -136,10 +133,6 @@ guestfs_impl_add_domain (guestfs_h *g, const char *domain_name, - optargs2.bitmask |= GUESTFS_ADD_LIBVIRT_DOM_READONLY_BITMASK; - optargs2.readonly = readonly; - } -- if (iface) { -- optargs2.bitmask |= GUESTFS_ADD_LIBVIRT_DOM_IFACE_BITMASK; -- optargs2.iface = iface; -- } - if (live) { - error (g, _("libguestfs live support was removed in libguestfs 1.48")); - goto cleanup; -@@ -193,7 +186,6 @@ guestfs_impl_add_libvirt_dom (guestfs_h *g, void *domvp, - virDomainPtr dom = domvp; - ssize_t r; - int readonly; -- const char *iface; - const char *cachemode; - const char *discard; - bool copyonread; -@@ -208,9 +200,6 @@ guestfs_impl_add_libvirt_dom (guestfs_h *g, void *domvp, - readonly = - optargs->bitmask & GUESTFS_ADD_LIBVIRT_DOM_READONLY_BITMASK - ? optargs->readonly : 0; -- iface = -- optargs->bitmask & GUESTFS_ADD_LIBVIRT_DOM_IFACE_BITMASK -- ? optargs->iface : NULL; - live = - optargs->bitmask & GUESTFS_ADD_LIBVIRT_DOM_LIVE_BITMASK - ? optargs->live : 0; -@@ -289,10 +278,6 @@ guestfs_impl_add_libvirt_dom (guestfs_h *g, void *domvp, - data.optargs.bitmask = 0; - data.readonly = readonly; - data.readonlydisk = readonlydisk; -- if (iface) { -- data.optargs.bitmask |= GUESTFS_ADD_DRIVE_OPTS_IFACE_BITMASK; -- data.optargs.iface = iface; -- } - if (cachemode) { - data.optargs.bitmask |= GUESTFS_ADD_DRIVE_OPTS_CACHEMODE_BITMASK; - data.optargs.cachemode = cachemode; --- -2.31.1 - diff --git a/SOURCES/0010-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch b/SOURCES/0006-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch similarity index 97% rename from SOURCES/0010-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch rename to SOURCES/0006-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch index e558c88..d580b3c 100644 --- a/SOURCES/0010-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch +++ b/SOURCES/0006-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch @@ -1,4 +1,4 @@ -From 010cd5ff441166c01125fc588398a1fb8367a852 Mon Sep 17 00:00:00 2001 +From ab7e68dbeefe464734bd63a862a36f612f76d396 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Mon, 29 Jul 2013 14:47:56 +0100 Subject: [PATCH] RHEL: Disable unsupported remote drive protocols @@ -31,7 +31,7 @@ We hope to gradually add some of these back over the lifetime of RHEL. 8 files changed, 16 insertions(+), 348 deletions(-) diff --git a/docs/guestfs-testing.pod b/docs/guestfs-testing.pod -index f558964bf..8f264ed17 100644 +index 47f381a7..c7b44928 100644 --- a/docs/guestfs-testing.pod +++ b/docs/guestfs-testing.pod @@ -109,26 +109,6 @@ image. To exit, type C. @@ -62,7 +62,7 @@ index f558964bf..8f264ed17 100644 Run L on guests or disk images: diff --git a/fish/guestfish.pod b/fish/guestfish.pod -index ae2445571..46cba64ff 100644 +index ccc0825b..d36cac9d 100644 --- a/fish/guestfish.pod +++ b/fish/guestfish.pod @@ -131,9 +131,9 @@ To list what is available do: @@ -171,7 +171,7 @@ index ae2445571..46cba64ff 100644 In this case, the password is C. diff --git a/fish/test-add-uri.sh b/fish/test-add-uri.sh -index 21d424984..ddabeb639 100755 +index 21d42498..ddabeb63 100755 --- a/fish/test-add-uri.sh +++ b/fish/test-add-uri.sh @@ -40,14 +40,6 @@ function fail () @@ -220,7 +220,7 @@ index 21d424984..ddabeb639 100755 rm test-add-uri.out rm test-add-uri.img diff --git a/generator/actions_core.ml b/generator/actions_core.ml -index 807150615..6cd42a290 100644 +index c8d9949b..26c576c7 100644 --- a/generator/actions_core.ml +++ b/generator/actions_core.ml @@ -350,29 +350,6 @@ F is interpreted as a local file or device. @@ -305,7 +305,7 @@ index 807150615..6cd42a290 100644 example if using the libvirt backend and if the libvirt backend is configured to start the qemu appliance as a special user such as C. If in doubt, diff --git a/lib/drives.c b/lib/drives.c -index c5a208468..efb289254 100644 +index c5a20846..efb28925 100644 --- a/lib/drives.c +++ b/lib/drives.c @@ -166,6 +166,7 @@ create_drive_non_file (guestfs_h *g, @@ -373,10 +373,10 @@ index c5a208468..efb289254 100644 error (g, _("unknown protocol ‘%s’"), protocol); drv = NULL; /*FALLTHROUGH*/ diff --git a/lib/guestfs.pod b/lib/guestfs.pod -index 1ad44e7c2..946ce2d36 100644 +index c6c8cb16..866a4638 100644 --- a/lib/guestfs.pod +++ b/lib/guestfs.pod -@@ -712,70 +712,6 @@ a qcow2 backing file specification, libvirt does not construct an +@@ -723,70 +723,6 @@ a qcow2 backing file specification, libvirt does not construct an ephemeral secret object from those, for Ceph authentication. Refer to L. @@ -447,7 +447,7 @@ index 1ad44e7c2..946ce2d36 100644 =head3 NETWORK BLOCK DEVICE Libguestfs can access Network Block Device (NBD) disks remotely. -@@ -838,42 +774,6 @@ L +@@ -849,42 +785,6 @@ L =back @@ -491,7 +491,7 @@ index 1ad44e7c2..946ce2d36 100644 Libguestfs has APIs for inspecting an unknown disk image to find out diff --git a/tests/disks/test-qemu-drive-libvirt.sh b/tests/disks/test-qemu-drive-libvirt.sh -index 595a95a5e..b49534c94 100755 +index d86a1ecd..cf7d2a0c 100755 --- a/tests/disks/test-qemu-drive-libvirt.sh +++ b/tests/disks/test-qemu-drive-libvirt.sh @@ -65,34 +65,6 @@ check_output @@ -530,7 +530,7 @@ index 595a95a5e..b49534c94 100755 $guestfish -d pool1 run ||: diff --git a/tests/disks/test-qemu-drive.sh b/tests/disks/test-qemu-drive.sh -index 12937fb30..b3e4f9903 100755 +index 12937fb3..b3e4f990 100755 --- a/tests/disks/test-qemu-drive.sh +++ b/tests/disks/test-qemu-drive.sh @@ -62,45 +62,6 @@ check_output @@ -604,6 +604,3 @@ index 12937fb30..b3e4f9903 100755 -check_output -grep -sq -- '-drive file=ssh://rich@example.com/disk.img,' "$DEBUG_QEMU_FILE" || fail -rm "$DEBUG_QEMU_FILE" --- -2.31.1 - diff --git a/SOURCES/0006-lib-rename-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch b/SOURCES/0006-lib-rename-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch deleted file mode 100644 index 9386a58..0000000 --- a/SOURCES/0006-lib-rename-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch +++ /dev/null @@ -1,82 +0,0 @@ -From f408b24d8d8f5b5f4e1a25c1046c3a18107c8d80 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Wed, 4 May 2022 15:41:54 +0200 -Subject: [PATCH] lib: rename VALID_FORMAT_IFACE to VALID_FORMAT - -We no longer use VALID_FORMAT_IFACE for validating "iface"; rename the -macro to reflect that we only check "format" with it. - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1844341 -Signed-off-by: Laszlo Ersek -Message-Id: <20220504134155.11832-4-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit c8e3caf9e6000ea2f5cfbe30ffe1240317bb4578) ---- - lib/drives.c | 4 ++-- - lib/unit-tests.c | 16 ++++++++-------- - 2 files changed, 10 insertions(+), 10 deletions(-) - -diff --git a/lib/drives.c b/lib/drives.c -index 8fe46a41c..c5a208468 100644 ---- a/lib/drives.c -+++ b/lib/drives.c -@@ -593,7 +593,7 @@ guestfs_int_free_drives (guestfs_h *g) - * Check string parameter matches regular expression - * C<^[-_[:alnum:]]+$> (in C locale). - */ --#define VALID_FORMAT_IFACE(str) \ -+#define VALID_FORMAT(str) \ - guestfs_int_string_is_valid ((str), 1, 0, \ - VALID_FLAG_ALPHA|VALID_FLAG_DIGIT, "-_") - -@@ -790,7 +790,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, - return -1; - } - -- if (data.format && !VALID_FORMAT_IFACE (data.format)) { -+ if (data.format && !VALID_FORMAT (data.format)) { - error (g, _("%s parameter is empty or contains disallowed characters"), - "format"); - free_drive_servers (data.servers, data.nr_servers); -diff --git a/lib/unit-tests.c b/lib/unit-tests.c -index 62457ccba..0e550cb98 100644 ---- a/lib/unit-tests.c -+++ b/lib/unit-tests.c -@@ -434,7 +434,7 @@ test_stringsbuf (void) - } - - /* Use the same macros as in lib/drives.c */ --#define VALID_FORMAT_IFACE(str) \ -+#define VALID_FORMAT(str) \ - guestfs_int_string_is_valid ((str), 1, 0, \ - VALID_FLAG_ALPHA|VALID_FLAG_DIGIT, "-_") - #define VALID_DISK_LABEL(str) \ -@@ -446,18 +446,18 @@ test_stringsbuf (void) - static void - test_valid (void) - { -- assert (!VALID_FORMAT_IFACE ("")); -+ assert (!VALID_FORMAT ("")); - assert (!VALID_DISK_LABEL ("")); - assert (!VALID_HOSTNAME ("")); - - assert (!VALID_DISK_LABEL ("012345678901234567890")); - -- assert (VALID_FORMAT_IFACE ("abc")); -- assert (VALID_FORMAT_IFACE ("ABC")); -- assert (VALID_FORMAT_IFACE ("abc123")); -- assert (VALID_FORMAT_IFACE ("abc123-")); -- assert (VALID_FORMAT_IFACE ("abc123_")); -- assert (!VALID_FORMAT_IFACE ("abc123.")); -+ assert (VALID_FORMAT ("abc")); -+ assert (VALID_FORMAT ("ABC")); -+ assert (VALID_FORMAT ("abc123")); -+ assert (VALID_FORMAT ("abc123-")); -+ assert (VALID_FORMAT ("abc123_")); -+ assert (!VALID_FORMAT ("abc123.")); - - assert (VALID_DISK_LABEL ("abc")); - assert (VALID_DISK_LABEL ("ABC")); --- -2.31.1 - diff --git a/SOURCES/0011-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch b/SOURCES/0007-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch similarity index 92% rename from SOURCES/0011-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch rename to SOURCES/0007-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch index bae7529..e251a5a 100644 --- a/SOURCES/0011-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch +++ b/SOURCES/0007-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch @@ -1,4 +1,4 @@ -From d59942a7a3d1ca2248a94099d28f7555378d7993 Mon Sep 17 00:00:00 2001 +From b74c6c8520773c2ef4a4d69b08b70e5ceeb06964 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Tue, 7 Jul 2015 09:28:03 -0400 Subject: [PATCH] RHEL: Reject use of libguestfs-winsupport features except for @@ -13,7 +13,7 @@ edits. 3 files changed, 19 insertions(+) diff --git a/generator/c.ml b/generator/c.ml -index ea69abf76..56ee38aa4 100644 +index 447059b8..0391dd3d 100644 --- a/generator/c.ml +++ b/generator/c.ml @@ -1846,6 +1846,22 @@ and generate_client_actions actions () = @@ -40,7 +40,7 @@ index ea69abf76..56ee38aa4 100644 * as a progress bar hint. *) diff --git a/test-data/phony-guests/make-windows-img.sh b/test-data/phony-guests/make-windows-img.sh -index 30908a918..73cf5144e 100755 +index 16debd12..1c13ddac 100755 --- a/test-data/phony-guests/make-windows-img.sh +++ b/test-data/phony-guests/make-windows-img.sh @@ -37,6 +37,7 @@ fi @@ -52,7 +52,7 @@ index 30908a918..73cf5144e 100755 run diff --git a/tests/charsets/test-charset-fidelity.c b/tests/charsets/test-charset-fidelity.c -index 105291dc3..5ca4f3b6d 100644 +index 105291dc..5ca4f3b6 100644 --- a/tests/charsets/test-charset-fidelity.c +++ b/tests/charsets/test-charset-fidelity.c @@ -96,6 +96,8 @@ main (int argc, char *argv[]) @@ -64,6 +64,3 @@ index 105291dc3..5ca4f3b6d 100644 if (guestfs_add_drive_scratch (g, 1024*1024*1024, -1) == -1) exit (EXIT_FAILURE); --- -2.31.1 - diff --git a/SOURCES/0007-tests-regressions-remove-iface-based-restrictions.patch b/SOURCES/0007-tests-regressions-remove-iface-based-restrictions.patch deleted file mode 100644 index 5c8c1d0..0000000 --- a/SOURCES/0007-tests-regressions-remove-iface-based-restrictions.patch +++ /dev/null @@ -1,74 +0,0 @@ -From 431ca828e9f7d7a6c7e315b410f381304986ba44 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Wed, 4 May 2022 15:41:55 +0200 -Subject: [PATCH] tests/regressions: remove "iface"-based restrictions - -Now that "iface" is ignored by both backends, the regression tests for -RHBZ 690819 and 975797 can be enabled on all arches (regardless of -backend). - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1844341 -Signed-off-by: Laszlo Ersek -Message-Id: <20220504134155.11832-5-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit ddf276884c04418a32902689cf8fc3506be3ca4b) ---- - tests/regressions/rhbz690819.sh | 10 +++------- - tests/regressions/rhbz975797.sh | 10 +++------- - 2 files changed, 6 insertions(+), 14 deletions(-) - -diff --git a/tests/regressions/rhbz690819.sh b/tests/regressions/rhbz690819.sh -index e6f61d00d..9e1bcda84 100755 ---- a/tests/regressions/rhbz690819.sh -+++ b/tests/regressions/rhbz690819.sh -@@ -19,18 +19,14 @@ - # https://bugzilla.redhat.com/show_bug.cgi?id=690819 - # mkfs fails creating a filesytem on a disk device when using a disk - # with 'ide' interface -+# -+# The 'iface' parameter is now ignored: -+# https://bugzilla.redhat.com/show_bug.cgi?id=1844341 - - set -e - - $TEST_FUNCTIONS - skip_if_skipped --# These architectures don't support the 'ide' interface. --skip_if_arch arm --skip_if_arch aarch64 --skip_if_arch ppc64 --skip_if_arch ppc64le --skip_if_arch s390x --skip_if_backend libvirt - - rm -f rhbz690819.img - -diff --git a/tests/regressions/rhbz975797.sh b/tests/regressions/rhbz975797.sh -index c676abfa3..feecf1f2b 100755 ---- a/tests/regressions/rhbz975797.sh -+++ b/tests/regressions/rhbz975797.sh -@@ -19,18 +19,14 @@ - # Regression test for: - # https://bugzilla.redhat.com/show_bug.cgi?id=975797 - # Ensure the appliance doesn't hang when using the 'iface' parameter. -+# -+# The 'iface' parameter is now ignored: -+# https://bugzilla.redhat.com/show_bug.cgi?id=1844341 - - set -e - - $TEST_FUNCTIONS - skip_if_skipped --# These architectures don't support the 'ide' interface. --skip_if_arch arm --skip_if_arch aarch64 --skip_if_arch ppc64 --skip_if_arch ppc64le --skip_if_arch s390x --skip_if_backend libvirt - - rm -f rhbz975797-*.img - --- -2.31.1 - diff --git a/SOURCES/0008-Remove-virt-dib.patch b/SOURCES/0008-Remove-virt-dib.patch new file mode 100644 index 0000000..8137ddc --- /dev/null +++ b/SOURCES/0008-Remove-virt-dib.patch @@ -0,0 +1,63 @@ +From e916ad54c31a725cbf08fb186756d9e968ff20b2 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 7 Feb 2023 13:20:36 +0000 +Subject: [PATCH] Remove virt-dib + +The tool only supports an older version of the diskimage-builder +metadata, and we do not have the time or inclination to update it to a +newer version. + +Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1910039 +(cherry picked from commit 7503eeebede688409b2adf616d71a94e04b7f0d2) +--- + appliance/packagelist.in | 30 ------------------------------ + 1 file changed, 30 deletions(-) + +diff --git a/appliance/packagelist.in b/appliance/packagelist.in +index 585d52ad..20b08c47 100644 +--- a/appliance/packagelist.in ++++ b/appliance/packagelist.in +@@ -110,7 +110,6 @@ ifelse(ARCHLINUX,1, + dnl syslinux has mtools as optional dependency, but in reality it's + dnl a hard one: + mtools +- multipath-tools dnl for kpartx + nilfs-utils + ntfs-3g + ntfs-3g-system-compression +@@ -266,35 +265,6 @@ util-linux-ng + xfsprogs + zerofree + +-dnl tools needed by virt-dib +-ifelse(REDHAT,1, +- qemu-img +- which +-) +-ifelse(DEBIAN,1, +- qemu-utils +-) +-ifelse(ARCHLINUX,1, +- qemu +- which +-) +-ifelse(SUSE,1, +- qemu-tools +- which +-) +-ifelse(FRUGALWARE,1, +- qemu +- which +-) +-ifelse(MAGEIA,1, +- qemu-img +- which +-) +-curl +-kpartx +-dnl (virt-dib) tools optionally used for elements +-debootstrap +- + dnl exFAT is not usually available in free software repos + exfat-fuse + exfat-utils diff --git a/SOURCES/0008-generator-customize-invert-SELinux-relabeling-defaul.patch b/SOURCES/0008-generator-customize-invert-SELinux-relabeling-defaul.patch deleted file mode 100644 index b3aba8f..0000000 --- a/SOURCES/0008-generator-customize-invert-SELinux-relabeling-defaul.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 8f800b369ada05ea690cebb0bb5e0fed0ba1c548 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Tue, 10 May 2022 12:27:57 +0200 -Subject: [PATCH] generator/customize: invert SELinux relabeling default - -Replace the "--selinux-relabel" option with "--no-selinux-relabel", -inverting the default behavior (for guests with SELinux support, that is --- relabeling is always skipped for guests that don't support SELinux.) - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1554735 -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2075718 -Signed-off-by: Laszlo Ersek -Message-Id: <20220510102757.14466-3-lersek@redhat.com> -Acked-by: Richard W.M. Jones -(cherry picked from commit 2f6a27f1077d32d1ab526427052fc88e188356f7) ---- - generator/customize.ml | 19 +++++++++++-------- - 1 file changed, 11 insertions(+), 8 deletions(-) - -diff --git a/generator/customize.ml b/generator/customize.ml -index 3b3eec6d2..9634dad85 100644 ---- a/generator/customize.ml -+++ b/generator/customize.ml -@@ -564,18 +564,21 @@ to modify C (Fedora, RHEL) or - C (Debian, Ubuntu)."; - }; - -- { flag_name = "selinux-relabel"; -+ { flag_name = "no-selinux-relabel"; - flag_type = FlagBool false (* XXX - the default in virt-builder *); -- flag_ml_var = "selinux_relabel"; -- flag_shortdesc = "Relabel files with correct SELinux labels"; -+ flag_ml_var = "no_selinux_relabel"; -+ flag_shortdesc = "Do not relabel files with correct SELinux labels"; - flag_pod_longdesc = "\ --Relabel files in the guest so that they have the correct SELinux label. -+Do not attempt to correct the SELinux labels of files in the guest. - --This will attempt to relabel files immediately, but if the operation fails --this will instead touch F on the image to schedule a --relabel operation for the next time the image boots. -+In such guests that support SELinux, customization automatically -+relabels files so that they have the correct SELinux label. (The -+relabeling is performed immediately, but if the operation fails, -+customization will instead touch F on the image to -+schedule a relabel operation for the next time the image boots.) This -+option disables the automatic relabeling. - --This option is a no-op for guests that do not support SELinux."; -+The option is a no-op for guests that do not support SELinux."; - }; - - { flag_name = "sm-credentials"; --- -2.31.1 - diff --git a/SOURCES/0009-generator-customize-reintroduce-selinux-relabel-as-a.patch b/SOURCES/0009-generator-customize-reintroduce-selinux-relabel-as-a.patch deleted file mode 100644 index 4c8b115..0000000 --- a/SOURCES/0009-generator-customize-reintroduce-selinux-relabel-as-a.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 4cfba19fa2b087c4b2c5a1b67aa70eb16e9d5a59 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Wed, 25 May 2022 09:19:58 +0200 -Subject: [PATCH] generator/customize: reintroduce "--selinux-relabel" as a - compat option - -Removing "--selinux-relabel" in commit 2f6a27f1077d ("generator/customize: -invert SELinux relabeling default", 2022-05-11) breaks existing scripts -that invoke virt-customize and/or virt-sysprep with that option. Restore -the option, with no functionality tied to it. - -Fixes: 2f6a27f1077d32d1ab526427052fc88e188356f7 -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2089748 -Signed-off-by: Laszlo Ersek -Message-Id: <20220525071958.9612-1-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit 4b9ee1052a4396621485fdd56d6826714e7481b1) ---- - generator/customize.ml | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/generator/customize.ml b/generator/customize.ml -index 9634dad85..5abaf206f 100644 ---- a/generator/customize.ml -+++ b/generator/customize.ml -@@ -581,6 +581,13 @@ option disables the automatic relabeling. - The option is a no-op for guests that do not support SELinux."; - }; - -+ { flag_name = "selinux-relabel"; -+ flag_type = FlagBool false; -+ flag_ml_var = "selinux_relabel_ignored"; -+ flag_shortdesc = "Compatibility option doing nothing"; -+ flag_pod_longdesc = "This is a compatibility option that does nothing."; -+ }; -+ - { flag_name = "sm-credentials"; - flag_type = FlagSMCredentials "SELECTOR"; - flag_ml_var = "sm_credentials"; --- -2.31.1 - diff --git a/SOURCES/0009-lib-Choose-q35-machine-type-for-x86-64.patch b/SOURCES/0009-lib-Choose-q35-machine-type-for-x86-64.patch new file mode 100644 index 0000000..7c56357 --- /dev/null +++ b/SOURCES/0009-lib-Choose-q35-machine-type-for-x86-64.patch @@ -0,0 +1,32 @@ +From e712c4b81cbd2cf0e990d01cb4d1f54734e62de6 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 9 Feb 2023 13:38:50 +0000 +Subject: [PATCH] lib: Choose q35 machine type for x86-64 + +This machine type is more modern than the older 'pc' type and as most +qemu development is now focused there we expect it will perform and +behave better. In almost all respects this change should make no +difference. + +Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2168578 +Acked-by: Laszlo Ersek +See-also: https://listman.redhat.com/archives/libguestfs/2023-February/030645.html +(cherry picked from commit f0f8e6c5fe0c3f6d5d90534d263bded3a4dc7e8d) +--- + lib/guestfs-internal.h | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h +index 306f2a2e..fb55e026 100644 +--- a/lib/guestfs-internal.h ++++ b/lib/guestfs-internal.h +@@ -113,6 +113,9 @@ cleanup_mutex_unlock (pthread_mutex_t **ptr) + #define MAX_WINDOWS_EXPLORER_SIZE (4 * 1000 * 1000) + + /* Machine types. */ ++#if defined(__x86_64__) ++#define MACHINE_TYPE "q35" ++#endif + #ifdef __arm__ + #define MACHINE_TYPE "virt" + #endif diff --git a/SOURCES/0010-RHEL-Revert-build-Remove-bundled-copy-of-ocaml-augea.patch b/SOURCES/0010-RHEL-Revert-build-Remove-bundled-copy-of-ocaml-augea.patch new file mode 100644 index 0000000..c21130e --- /dev/null +++ b/SOURCES/0010-RHEL-Revert-build-Remove-bundled-copy-of-ocaml-augea.patch @@ -0,0 +1,1686 @@ +From 73061a7feafcc0a527d00f6e1e2dee3dc84bc044 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 2 Mar 2023 10:12:19 +0000 +Subject: [PATCH] RHEL: Revert "build: Remove bundled copy of ocaml-augeas" + +This is temporarily reverted in RHEL 9.3 only until this bug can be +actioned: + + https://bugzilla.redhat.com/show_bug.cgi?id=2168634 + "Request for new RHEL 9.3 package: ocaml-augeas" + +This reverts commit fbf7fe87933ac24dd78362a16117c42e40da4c0f. +--- + .gitignore | 1 + + Makefile.am | 5 +- + bundled/ocaml-augeas/COPYING.LIB | 515 +++++++++++++++++++++++++ + bundled/ocaml-augeas/Makefile.am | 82 ++++ + bundled/ocaml-augeas/augeas-c.c | 579 +++++++++++++++++++++++++++++ + bundled/ocaml-augeas/augeas.README | 8 + + bundled/ocaml-augeas/augeas.ml | 99 +++++ + bundled/ocaml-augeas/augeas.mli | 164 ++++++++ + configure.ac | 1 + + daemon/Makefile.am | 7 +- + docs/guestfs-building.pod | 5 - + docs/guestfs-hacking.pod | 14 + + m4/guestfs-ocaml.m4 | 8 - + ocaml-dep.sh.in | 1 + + 14 files changed, 1472 insertions(+), 17 deletions(-) + create mode 100644 bundled/ocaml-augeas/COPYING.LIB + create mode 100644 bundled/ocaml-augeas/Makefile.am + create mode 100644 bundled/ocaml-augeas/augeas-c.c + create mode 100644 bundled/ocaml-augeas/augeas.README + create mode 100644 bundled/ocaml-augeas/augeas.ml + create mode 100644 bundled/ocaml-augeas/augeas.mli + +diff --git a/.gitignore b/.gitignore +index 00e59fb3..ee5ea74d 100644 +--- a/.gitignore ++++ b/.gitignore +@@ -61,6 +61,7 @@ Makefile.in + /build-aux/snippet/ + /build-aux/test-driver + /build-aux/ylwrap ++/bundled/ocaml-augeas/.depend + /compile + /config.cache + /config.guess +diff --git a/Makefile.am b/Makefile.am +index 59370440..e0a7f084 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -35,6 +35,7 @@ SUBDIRS += include lib docs examples + + # The daemon and the appliance. + SUBDIRS += common/mlutils ++SUBDIRS += bundled/ocaml-augeas + SUBDIRS += common/mlpcre + if ENABLE_DAEMON + SUBDIRS += daemon +@@ -214,7 +215,7 @@ dist-hook: docs/C_SOURCE_FILES po/POTFILES + docs/C_SOURCE_FILES: configure.ac + rm -f $@ $@-t + find $(DIST_SUBDIRS) -name '*.[ch]' | \ +- grep -v -E '^(builder/index-parse\.|builder/index-scan\.|examples/|gobject/|java/com_redhat_et_libguestfs|perl/|php/extension/config\.h|ruby/ext/guestfs/extconf\.h|tests/|test-data/)' | \ ++ grep -v -E '^(builder/index-parse\.|builder/index-scan\.|examples/|gobject/|java/com_redhat_et_libguestfs|perl/|php/extension/config\.h|ruby/ext/guestfs/extconf\.h|tests/|test-data/|bundled/)' | \ + grep -v -E '/(guestfs|rc)_protocol\.' | \ + grep -v -E '.*/errnostring\.' | \ + grep -v -E '.*-gperf\.' | \ +@@ -227,7 +228,7 @@ po/POTFILES: configure.ac + rm -f $@ $@-t + cd $(srcdir); \ + find $(DIST_SUBDIRS) -name '*.c' | \ +- grep -v -E '^(examples|perl/(blib|examples)|po-docs|tests|test-data)/' | \ ++ grep -v -E '^(examples|perl/(blib|examples)|po-docs|tests|test-data|bundled)/' | \ + grep -v -E '/((guestfs|rc)_protocol\.c|dummy\.c)$$' | \ + grep -v -E '^python/utils\.c$$' | \ + grep -v -E '^perl/lib/Sys/Guestfs\.c$$' | \ +diff --git a/bundled/ocaml-augeas/COPYING.LIB b/bundled/ocaml-augeas/COPYING.LIB +new file mode 100644 +index 00000000..ba2be481 +--- /dev/null ++++ b/bundled/ocaml-augeas/COPYING.LIB +@@ -0,0 +1,515 @@ ++ ++ GNU LESSER GENERAL PUBLIC LICENSE ++ Version 2.1, February 1999 ++ ++ Copyright (C) 1991, 1999 Free Software Foundation, Inc. ++ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ++ Everyone is permitted to copy and distribute verbatim copies ++ of this license document, but changing it is not allowed. ++ ++[This is the first released version of the Lesser GPL. It also counts ++ as the successor of the GNU Library Public License, version 2, hence ++ the version number 2.1.] ++ ++ Preamble ++ ++ The licenses for most software are designed to take away your ++freedom to share and change it. By contrast, the GNU General Public ++Licenses are intended to guarantee your freedom to share and change ++free software--to make sure the software is free for all its users. ++ ++ This license, the Lesser General Public License, applies to some ++specially designated software packages--typically libraries--of the ++Free Software Foundation and other authors who decide to use it. You ++can use it too, but we suggest you first think carefully about whether ++this license or the ordinary General Public License is the better ++strategy to use in any particular case, based on the explanations ++below. ++ ++ When we speak of free software, we are referring to freedom of use, ++not price. Our General Public Licenses are designed to make sure that ++you have the freedom to distribute copies of free software (and charge ++for this service if you wish); that you receive source code or can get ++it if you want it; that you can change the software and use pieces of ++it in new free programs; and that you are informed that you can do ++these things. ++ ++ To protect your rights, we need to make restrictions that forbid ++distributors to deny you these rights or to ask you to surrender these ++rights. These restrictions translate to certain responsibilities for ++you if you distribute copies of the library or if you modify it. ++ ++ For example, if you distribute copies of the library, whether gratis ++or for a fee, you must give the recipients all the rights that we gave ++you. You must make sure that they, too, receive or can get the source ++code. If you link other code with the library, you must provide ++complete object files to the recipients, so that they can relink them ++with the library after making changes to the library and recompiling ++it. And you must show them these terms so they know their rights. ++ ++ We protect your rights with a two-step method: (1) we copyright the ++library, and (2) we offer you this license, which gives you legal ++permission to copy, distribute and/or modify the library. ++ ++ To protect each distributor, we want to make it very clear that ++there is no warranty for the free library. Also, if the library is ++modified by someone else and passed on, the recipients should know ++that what they have is not the original version, so that the original ++author's reputation will not be affected by problems that might be ++introduced by others. ++^L ++ Finally, software patents pose a constant threat to the existence of ++any free program. We wish to make sure that a company cannot ++effectively restrict the users of a free program by obtaining a ++restrictive license from a patent holder. Therefore, we insist that ++any patent license obtained for a version of the library must be ++consistent with the full freedom of use specified in this license. ++ ++ Most GNU software, including some libraries, is covered by the ++ordinary GNU General Public License. This license, the GNU Lesser ++General Public License, applies to certain designated libraries, and ++is quite different from the ordinary General Public License. We use ++this license for certain libraries in order to permit linking those ++libraries into non-free programs. ++ ++ When a program is linked with a library, whether statically or using ++a shared library, the combination of the two is legally speaking a ++combined work, a derivative of the original library. The ordinary ++General Public License therefore permits such linking only if the ++entire combination fits its criteria of freedom. The Lesser General ++Public License permits more lax criteria for linking other code with ++the library. ++ ++ We call this license the "Lesser" General Public License because it ++does Less to protect the user's freedom than the ordinary General ++Public License. It also provides other free software developers Less ++of an advantage over competing non-free programs. These disadvantages ++are the reason we use the ordinary General Public License for many ++libraries. However, the Lesser license provides advantages in certain ++special circumstances. ++ ++ For example, on rare occasions, there may be a special need to ++encourage the widest possible use of a certain library, so that it ++becomes ++a de-facto standard. To achieve this, non-free programs must be ++allowed to use the library. A more frequent case is that a free ++library does the same job as widely used non-free libraries. In this ++case, there is little to gain by limiting the free library to free ++software only, so we use the Lesser General Public License. ++ ++ In other cases, permission to use a particular library in non-free ++programs enables a greater number of people to use a large body of ++free software. For example, permission to use the GNU C Library in ++non-free programs enables many more people to use the whole GNU ++operating system, as well as its variant, the GNU/Linux operating ++system. ++ ++ Although the Lesser General Public License is Less protective of the ++users' freedom, it does ensure that the user of a program that is ++linked with the Library has the freedom and the wherewithal to run ++that program using a modified version of the Library. ++ ++ The precise terms and conditions for copying, distribution and ++modification follow. Pay close attention to the difference between a ++"work based on the library" and a "work that uses the library". The ++former contains code derived from the library, whereas the latter must ++be combined with the library in order to run. ++^L ++ GNU LESSER GENERAL PUBLIC LICENSE ++ TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION ++ ++ 0. This License Agreement applies to any software library or other ++program which contains a notice placed by the copyright holder or ++other authorized party saying it may be distributed under the terms of ++this Lesser General Public License (also called "this License"). ++Each licensee is addressed as "you". ++ ++ A "library" means a collection of software functions and/or data ++prepared so as to be conveniently linked with application programs ++(which use some of those functions and data) to form executables. ++ ++ The "Library", below, refers to any such software library or work ++which has been distributed under these terms. A "work based on the ++Library" means either the Library or any derivative work under ++copyright law: that is to say, a work containing the Library or a ++portion of it, either verbatim or with modifications and/or translated ++straightforwardly into another language. (Hereinafter, translation is ++included without limitation in the term "modification".) ++ ++ "Source code" for a work means the preferred form of the work for ++making modifications to it. For a library, complete source code means ++all the source code for all modules it contains, plus any associated ++interface definition files, plus the scripts used to control ++compilation ++and installation of the library. ++ ++ Activities other than copying, distribution and modification are not ++covered by this License; they are outside its scope. The act of ++running a program using the Library is not restricted, and output from ++such a program is covered only if its contents constitute a work based ++on the Library (independent of the use of the Library in a tool for ++writing it). Whether that is true depends on what the Library does ++and what the program that uses the Library does. ++ ++ 1. You may copy and distribute verbatim copies of the Library's ++complete source code as you receive it, in any medium, provided that ++you conspicuously and appropriately publish on each copy an ++appropriate copyright notice and disclaimer of warranty; keep intact ++all the notices that refer to this License and to the absence of any ++warranty; and distribute a copy of this License along with the ++Library. ++ ++ You may charge a fee for the physical act of transferring a copy, ++and you may at your option offer warranty protection in exchange for a ++fee. ++ ++ 2. You may modify your copy or copies of the Library or any portion ++of it, thus forming a work based on the Library, and copy and ++distribute such modifications or work under the terms of Section 1 ++above, provided that you also meet all of these conditions: ++ ++ a) The modified work must itself be a software library. ++ ++ b) You must cause the files modified to carry prominent notices ++ stating that you changed the files and the date of any change. ++ ++ c) You must cause the whole of the work to be licensed at no ++ charge to all third parties under the terms of this License. ++ ++ d) If a facility in the modified Library refers to a function or a ++ table of data to be supplied by an application program that uses ++ the facility, other than as an argument passed when the facility ++ is invoked, then you must make a good faith effort to ensure that, ++ in the event an application does not supply such function or ++ table, the facility still operates, and performs whatever part of ++ its purpose remains meaningful. ++ ++ (For example, a function in a library to compute square roots has ++ a purpose that is entirely well-defined independent of the ++ application. Therefore, Subsection 2d requires that any ++ application-supplied function or table used by this function must ++ be optional: if the application does not supply it, the square ++ root function must still compute square roots.) ++ ++These requirements apply to the modified work as a whole. If ++identifiable sections of that work are not derived from the Library, ++and can be reasonably considered independent and separate works in ++themselves, then this License, and its terms, do not apply to those ++sections when you distribute them as separate works. But when you ++distribute the same sections as part of a whole which is a work based ++on the Library, the distribution of the whole must be on the terms of ++this License, whose permissions for other licensees extend to the ++entire whole, and thus to each and every part regardless of who wrote ++it. ++ ++Thus, it is not the intent of this section to claim rights or contest ++your rights to work written entirely by you; rather, the intent is to ++exercise the right to control the distribution of derivative or ++collective works based on the Library. ++ ++In addition, mere aggregation of another work not based on the Library ++with the Library (or with a work based on the Library) on a volume of ++a storage or distribution medium does not bring the other work under ++the scope of this License. ++ ++ 3. You may opt to apply the terms of the ordinary GNU General Public ++License instead of this License to a given copy of the Library. To do ++this, you must alter all the notices that refer to this License, so ++that they refer to the ordinary GNU General Public License, version 2, ++instead of to this License. (If a newer version than version 2 of the ++ordinary GNU General Public License has appeared, then you can specify ++that version instead if you wish.) Do not make any other change in ++these notices. ++^L ++ Once this change is made in a given copy, it is irreversible for ++that copy, so the ordinary GNU General Public License applies to all ++subsequent copies and derivative works made from that copy. ++ ++ This option is useful when you wish to copy part of the code of ++the Library into a program that is not a library. ++ ++ 4. You may copy and distribute the Library (or a portion or ++derivative of it, under Section 2) in object code or executable form ++under the terms of Sections 1 and 2 above provided that you accompany ++it with the complete corresponding machine-readable source code, which ++must be distributed under the terms of Sections 1 and 2 above on a ++medium customarily used for software interchange. ++ ++ If distribution of object code is made by offering access to copy ++from a designated place, then offering equivalent access to copy the ++source code from the same place satisfies the requirement to ++distribute the source code, even though third parties are not ++compelled to copy the source along with the object code. ++ ++ 5. A program that contains no derivative of any portion of the ++Library, but is designed to work with the Library by being compiled or ++linked with it, is called a "work that uses the Library". Such a ++work, in isolation, is not a derivative work of the Library, and ++therefore falls outside the scope of this License. ++ ++ However, linking a "work that uses the Library" with the Library ++creates an executable that is a derivative of the Library (because it ++contains portions of the Library), rather than a "work that uses the ++library". The executable is therefore covered by this License. ++Section 6 states terms for distribution of such executables. ++ ++ When a "work that uses the Library" uses material from a header file ++that is part of the Library, the object code for the work may be a ++derivative work of the Library even though the source code is not. ++Whether this is true is especially significant if the work can be ++linked without the Library, or if the work is itself a library. The ++threshold for this to be true is not precisely defined by law. ++ ++ If such an object file uses only numerical parameters, data ++structure layouts and accessors, and small macros and small inline ++functions (ten lines or less in length), then the use of the object ++file is unrestricted, regardless of whether it is legally a derivative ++work. (Executables containing this object code plus portions of the ++Library will still fall under Section 6.) ++ ++ Otherwise, if the work is a derivative of the Library, you may ++distribute the object code for the work under the terms of Section 6. ++Any executables containing that work also fall under Section 6, ++whether or not they are linked directly with the Library itself. ++^L ++ 6. As an exception to the Sections above, you may also combine or ++link a "work that uses the Library" with the Library to produce a ++work containing portions of the Library, and distribute that work ++under terms of your choice, provided that the terms permit ++modification of the work for the customer's own use and reverse ++engineering for debugging such modifications. ++ ++ You must give prominent notice with each copy of the work that the ++Library is used in it and that the Library and its use are covered by ++this License. You must supply a copy of this License. If the work ++during execution displays copyright notices, you must include the ++copyright notice for the Library among them, as well as a reference ++directing the user to the copy of this License. Also, you must do one ++of these things: ++ ++ a) Accompany the work with the complete corresponding ++ machine-readable source code for the Library including whatever ++ changes were used in the work (which must be distributed under ++ Sections 1 and 2 above); and, if the work is an executable linked ++ with the Library, with the complete machine-readable "work that ++ uses the Library", as object code and/or source code, so that the ++ user can modify the Library and then relink to produce a modified ++ executable containing the modified Library. (It is understood ++ that the user who changes the contents of definitions files in the ++ Library will not necessarily be able to recompile the application ++ to use the modified definitions.) ++ ++ b) Use a suitable shared library mechanism for linking with the ++ Library. A suitable mechanism is one that (1) uses at run time a ++ copy of the library already present on the user's computer system, ++ rather than copying library functions into the executable, and (2) ++ will operate properly with a modified version of the library, if ++ the user installs one, as long as the modified version is ++ interface-compatible with the version that the work was made with. ++ ++ c) Accompany the work with a written offer, valid for at ++ least three years, to give the same user the materials ++ specified in Subsection 6a, above, for a charge no more ++ than the cost of performing this distribution. ++ ++ d) If distribution of the work is made by offering access to copy ++ from a designated place, offer equivalent access to copy the above ++ specified materials from the same place. ++ ++ e) Verify that the user has already received a copy of these ++ materials or that you have already sent this user a copy. ++ ++ For an executable, the required form of the "work that uses the ++Library" must include any data and utility programs needed for ++reproducing the executable from it. However, as a special exception, ++the materials to be distributed need not include anything that is ++normally distributed (in either source or binary form) with the major ++components (compiler, kernel, and so on) of the operating system on ++which the executable runs, unless that component itself accompanies ++the executable. ++ ++ It may happen that this requirement contradicts the license ++restrictions of other proprietary libraries that do not normally ++accompany the operating system. Such a contradiction means you cannot ++use both them and the Library together in an executable that you ++distribute. ++^L ++ 7. You may place library facilities that are a work based on the ++Library side-by-side in a single library together with other library ++facilities not covered by this License, and distribute such a combined ++library, provided that the separate distribution of the work based on ++the Library and of the other library facilities is otherwise ++permitted, and provided that you do these two things: ++ ++ a) Accompany the combined library with a copy of the same work ++ based on the Library, uncombined with any other library ++ facilities. This must be distributed under the terms of the ++ Sections above. ++ ++ b) Give prominent notice with the combined library of the fact ++ that part of it is a work based on the Library, and explaining ++ where to find the accompanying uncombined form of the same work. ++ ++ 8. You may not copy, modify, sublicense, link with, or distribute ++the Library except as expressly provided under this License. Any ++attempt otherwise to copy, modify, sublicense, link with, or ++distribute the Library is void, and will automatically terminate your ++rights under this License. However, parties who have received copies, ++or rights, from you under this License will not have their licenses ++terminated so long as such parties remain in full compliance. ++ ++ 9. You are not required to accept this License, since you have not ++signed it. However, nothing else grants you permission to modify or ++distribute the Library or its derivative works. These actions are ++prohibited by law if you do not accept this License. Therefore, by ++modifying or distributing the Library (or any work based on the ++Library), you indicate your acceptance of this License to do so, and ++all its terms and conditions for copying, distributing or modifying ++the Library or works based on it. ++ ++ 10. Each time you redistribute the Library (or any work based on the ++Library), the recipient automatically receives a license from the ++original licensor to copy, distribute, link with or modify the Library ++subject to these terms and conditions. You may not impose any further ++restrictions on the recipients' exercise of the rights granted herein. ++You are not responsible for enforcing compliance by third parties with ++this License. ++^L ++ 11. If, as a consequence of a court judgment or allegation of patent ++infringement or for any other reason (not limited to patent issues), ++conditions are imposed on you (whether by court order, agreement or ++otherwise) that contradict the conditions of this License, they do not ++excuse you from the conditions of this License. If you cannot ++distribute so as to satisfy simultaneously your obligations under this ++License and any other pertinent obligations, then as a consequence you ++may not distribute the Library at all. For example, if a patent ++license would not permit royalty-free redistribution of the Library by ++all those who receive copies directly or indirectly through you, then ++the only way you could satisfy both it and this License would be to ++refrain entirely from distribution of the Library. ++ ++If any portion of this section is held invalid or unenforceable under ++any particular circumstance, the balance of the section is intended to ++apply, and the section as a whole is intended to apply in other ++circumstances. ++ ++It is not the purpose of this section to induce you to infringe any ++patents or other property right claims or to contest validity of any ++such claims; this section has the sole purpose of protecting the ++integrity of the free software distribution system which is ++implemented by public license practices. Many people have made ++generous contributions to the wide range of software distributed ++through that system in reliance on consistent application of that ++system; it is up to the author/donor to decide if he or she is willing ++to distribute software through any other system and a licensee cannot ++impose that choice. ++ ++This section is intended to make thoroughly clear what is believed to ++be a consequence of the rest of this License. ++ ++ 12. If the distribution and/or use of the Library is restricted in ++certain countries either by patents or by copyrighted interfaces, the ++original copyright holder who places the Library under this License ++may add an explicit geographical distribution limitation excluding those ++countries, so that distribution is permitted only in or among ++countries not thus excluded. In such case, this License incorporates ++the limitation as if written in the body of this License. ++ ++ 13. The Free Software Foundation may publish revised and/or new ++versions of the Lesser General Public License from time to time. ++Such new versions will be similar in spirit to the present version, ++but may differ in detail to address new problems or concerns. ++ ++Each version is given a distinguishing version number. If the Library ++specifies a version number of this License which applies to it and ++"any later version", you have the option of following the terms and ++conditions either of that version or of any later version published by ++the Free Software Foundation. If the Library does not specify a ++license version number, you may choose any version ever published by ++the Free Software Foundation. ++^L ++ 14. If you wish to incorporate parts of the Library into other free ++programs whose distribution conditions are incompatible with these, ++write to the author to ask for permission. For software which is ++copyrighted by the Free Software Foundation, write to the Free ++Software Foundation; we sometimes make exceptions for this. Our ++decision will be guided by the two goals of preserving the free status ++of all derivatives of our free software and of promoting the sharing ++and reuse of software generally. ++ ++ NO WARRANTY ++ ++ 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO ++WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. ++EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR ++OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY ++KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE ++IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE ++LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME ++THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. ++ ++ 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN ++WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY ++AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU ++FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR ++CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE ++LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING ++RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A ++FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF ++SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH ++DAMAGES. ++ ++ END OF TERMS AND CONDITIONS ++^L ++ How to Apply These Terms to Your New Libraries ++ ++ If you develop a new library, and you want it to be of the greatest ++possible use to the public, we recommend making it free software that ++everyone can redistribute and change. You can do so by permitting ++redistribution under these terms (or, alternatively, under the terms ++of the ordinary General Public License). ++ ++ To apply these terms, attach the following notices to the library. ++It is safest to attach them to the start of each source file to most ++effectively convey the exclusion of warranty; and each file should ++have at least the "copyright" line and a pointer to where the full ++notice is found. ++ ++ ++ ++ Copyright (C) ++ ++ This library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2 of the License, or (at your option) any later version. ++ ++ This library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with this library; if not, write to the Free Software ++ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ++ ++Also add information on how to contact you by electronic and paper ++mail. ++ ++You should also get your employer (if you work as a programmer) or ++your ++school, if any, to sign a "copyright disclaimer" for the library, if ++necessary. Here is a sample; alter the names: ++ ++ Yoyodyne, Inc., hereby disclaims all copyright interest in the ++ library `Frob' (a library for tweaking knobs) written by James ++Random Hacker. ++ ++ , 1 April 1990 ++ Ty Coon, President of Vice ++ ++That's all there is to it! ++ ++ +diff --git a/bundled/ocaml-augeas/Makefile.am b/bundled/ocaml-augeas/Makefile.am +new file mode 100644 +index 00000000..b6122eab +--- /dev/null ++++ b/bundled/ocaml-augeas/Makefile.am +@@ -0,0 +1,82 @@ ++# libguestfs OCaml tools common code ++# Copyright (C) 2011-2020 Red Hat Inc. ++# ++# This program is free software; you can redistribute it and/or modify ++# it under the terms of the GNU General Public License as published by ++# the Free Software Foundation; either version 2 of the License, or ++# (at your option) any later version. ++# ++# This program is distributed in the hope that it will be useful, ++# but WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++# GNU General Public License for more details. ++# ++# You should have received a copy of the GNU General Public License ++# along with this program; if not, write to the Free Software ++# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. ++ ++include $(top_srcdir)/subdir-rules.mk ++ ++EXTRA_DIST = \ ++ $(SOURCES_MLI) \ ++ $(SOURCES_ML) \ ++ $(SOURCES_C) \ ++ augeas.README ++ ++SOURCES_MLI = \ ++ augeas.mli ++ ++SOURCES_ML = \ ++ augeas.ml ++ ++SOURCES_C = \ ++ augeas-c.c ++ ++# We pretend that we're building a C library. automake handles the ++# compilation of the C sources for us. At the end we take the C ++# objects and OCaml objects and link them into the OCaml library. ++# This C library is never used. ++ ++noinst_LIBRARIES = libmlaugeas.a ++ ++if !HAVE_OCAMLOPT ++MLAUGEAS_CMA = mlaugeas.cma ++else ++MLAUGEAS_CMA = mlaugeas.cmxa ++endif ++ ++noinst_DATA = $(MLAUGEAS_CMA) ++ ++libmlaugeas_a_SOURCES = $(SOURCES_C) ++libmlaugeas_a_CPPFLAGS = \ ++ -DCAML_NAME_SPACE \ ++ -I. \ ++ -I$(top_builddir) \ ++ -I$(shell $(OCAMLC) -where) ++libmlaugeas_a_CFLAGS = \ ++ $(WARN_CFLAGS) $(NO_SNV_CFLAGS) $(NO_UM_CFLAGS) $(WERROR_CFLAGS) \ ++ $(AUGEAS_CFLAGS) $(LIBXML2_CFLAGS) \ ++ -fPIC ++ ++BOBJECTS = $(SOURCES_ML:.ml=.cmo) ++XOBJECTS = $(BOBJECTS:.cmo=.cmx) ++ ++OCAMLPACKAGES = ++OCAMLFLAGS = $(OCAML_FLAGS) $(OCAML_WARN_ERROR) -ccopt '$(CFLAGS)' ++ ++if !HAVE_OCAMLOPT ++OBJECTS = $(BOBJECTS) ++else ++OBJECTS = $(XOBJECTS) ++endif ++ ++libmlaugeas_a_DEPENDENCIES = $(OBJECTS) ++ ++$(MLAUGEAS_CMA): $(OBJECTS) libmlaugeas.a ++ $(OCAMLFIND) mklib $(OCAMLPACKAGES) \ ++ $(OBJECTS) $(libmlaugeas_a_OBJECTS) -cclib -laugeas -o mlaugeas ++ ++# Dependencies. ++.depend: $(srcdir)/*.mli $(srcdir)/*.ml ++ $(top_builddir)/ocaml-dep.sh $^ ++-include .depend +diff --git a/bundled/ocaml-augeas/augeas-c.c b/bundled/ocaml-augeas/augeas-c.c +new file mode 100644 +index 00000000..679bcb50 +--- /dev/null ++++ b/bundled/ocaml-augeas/augeas-c.c +@@ -0,0 +1,579 @@ ++/* Augeas OCaml bindings ++ * Copyright (C) 2008-2017 Red Hat Inc., Richard W.M. Jones ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public ++ * License along with this library; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ++ * ++ * $Id: augeas_c.c,v 1.1 2008/05/06 10:48:20 rjones Exp $ ++ */ ++ ++#include "config.h" ++ ++#include ++ ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include ++ ++#ifdef __GNUC__ ++ #define NORETURN __attribute__ ((noreturn)) ++#else ++ #define NORETURN ++#endif ++ ++extern CAMLprim value ocaml_augeas_create (value rootv, value loadpathv, value flagsv); ++extern CAMLprim value ocaml_augeas_close (value tv); ++extern CAMLprim value ocaml_augeas_defnode (value tv, value namev, value exprv, value valv); ++extern CAMLprim value ocaml_augeas_defvar (value tv, value namev, value exprv); ++extern CAMLprim value ocaml_augeas_get (value tv, value pathv); ++extern CAMLprim value ocaml_augeas_exists (value tv, value pathv); ++extern CAMLprim value ocaml_augeas_insert (value tv, value beforev, value pathv, value labelv); ++extern CAMLprim value ocaml_augeas_label (value tv, value pathv); ++extern CAMLprim value ocaml_augeas_mv (value tv, value srcv, value destv); ++extern CAMLprim value ocaml_augeas_rm (value tv, value pathv); ++extern CAMLprim value ocaml_augeas_match (value tv, value pathv); ++extern CAMLprim value ocaml_augeas_count_matches (value tv, value pathv); ++extern CAMLprim value ocaml_augeas_save (value tv); ++extern CAMLprim value ocaml_augeas_load (value tv); ++extern CAMLprim value ocaml_augeas_set (value tv, value pathv, value valuev); ++extern CAMLprim value ocaml_augeas_setm (value tv, value basev, value subv, value valv); ++extern CAMLprim value ocaml_augeas_transform (value tv, value lensv, value filev, value modev); ++extern CAMLprim value ocaml_augeas_source (value tv, value pathv) ++#ifndef HAVE_AUG_SOURCE ++ NORETURN ++#endif ++; ++ ++typedef augeas *augeas_t; ++ ++/* Map C aug_errcode_t to OCaml error_code. */ ++static const int error_map[] = { ++ /* AugErrInternal */ AUG_EINTERNAL, ++ /* AugErrPathX */ AUG_EPATHX, ++ /* AugErrNoMatch */ AUG_ENOMATCH, ++ /* AugErrMMatch */ AUG_EMMATCH, ++ /* AugErrSyntax */ AUG_ESYNTAX, ++ /* AugErrNoLens */ AUG_ENOLENS, ++ /* AugErrMXfm */ AUG_EMXFM, ++ /* AugErrNoSpan */ AUG_ENOSPAN, ++ /* AugErrMvDesc */ AUG_EMVDESC, ++ /* AugErrCmdRun */ AUG_ECMDRUN, ++ /* AugErrBadArg */ AUG_EBADARG, ++ /* AugErrLabel */ AUG_ELABEL, ++ /* AugErrCpDesc */ AUG_ECPDESC, ++}; ++static const int error_map_len = sizeof error_map / sizeof error_map[0]; ++ ++/* Raise an Augeas.Error exception, and optionally close the ++ * specified handle. ++ */ ++static void ++raise_error_and_maybe_close (augeas_t t, const char *msg, bool close_handle) ++{ ++ const value *exn = caml_named_value ("Augeas.Error"); ++ value args[5]; ++ const int code = aug_error (t); ++ const char *aug_err_msg; ++ const char *aug_err_minor; ++ const char *aug_err_details; ++ int ocaml_code = -1; ++ int i; ++ ++ if (code == AUG_ENOMEM) { ++ if (close_handle) ++ aug_close (t); ++ caml_raise_out_of_memory (); ++ } ++ ++ aug_err_msg = aug_error_message (t); ++ aug_err_minor = aug_error_minor_message (t); ++ aug_err_details = aug_error_details (t); ++ ++ for (i = 0; i < error_map_len; ++i) ++ if (error_map[i] == code) { ++ ocaml_code = i; ++ break; ++ } ++ ++ if (ocaml_code != -1) ++ args[0] = Val_int (ocaml_code); ++ else { ++ args[0] = caml_alloc (1, 0); ++ Store_field (args[0], 0, Val_int (code)); ++ } ++ args[1] = caml_copy_string (msg); ++ args[2] = caml_copy_string (aug_err_msg); ++ args[3] = caml_copy_string (aug_err_minor ? : ""); ++ args[4] = caml_copy_string (aug_err_details ? : ""); ++ ++ if (close_handle) ++ aug_close (t); ++ ++ caml_raise_with_args (*exn, 5, args); ++} ++#define raise_error(t, msg) raise_error_and_maybe_close(t, msg, false) ++ ++static void ++raise_init_error (const char *msg) ++{ ++ const value *exn = caml_named_value ("Augeas.Error"); ++ value args[5]; ++ ++ args[0] = caml_alloc (1, 0); ++ Store_field (args[0], 0, Val_int (-1)); ++ args[1] = caml_copy_string (msg); ++ args[2] = caml_copy_string ("aug_init failed"); ++ args[3] = caml_copy_string ("augeas initialization failed"); ++ args[4] = caml_copy_string (""); ++ ++ caml_raise_with_args (*exn, 5, args); ++} ++ ++static const char * ++Optstring_val (value strv) ++{ ++ if (strv == Val_int (0)) /* None */ ++ return NULL; ++ else /* Some string */ ++ return String_val (Field (strv, 0)); ++} ++ ++/* Map OCaml flags to C flags. */ ++static const int flag_map[] = { ++ /* AugSaveBackup */ AUG_SAVE_BACKUP, ++ /* AugSaveNewFile */ AUG_SAVE_NEWFILE, ++ /* AugTypeCheck */ AUG_TYPE_CHECK, ++ /* AugNoStdinc */ AUG_NO_STDINC, ++ /* AugSaveNoop */ AUG_SAVE_NOOP, ++ /* AugNoLoad */ AUG_NO_LOAD, ++ /* AugNoModlAutoload */ AUG_NO_MODL_AUTOLOAD, ++ /* AugEnableSpan */ AUG_ENABLE_SPAN, ++ /* AugNoErrClose */ AUG_NO_ERR_CLOSE, ++ /* AugTraceModuleLoading */ AUG_TRACE_MODULE_LOADING, ++}; ++ ++/* Wrap and unwrap augeas_t handles, with a finalizer. */ ++#define Augeas_t_val(rv) (*(augeas_t *)Data_custom_val(rv)) ++ ++static void ++augeas_t_finalize (value tv) ++{ ++ augeas_t t = Augeas_t_val (tv); ++ if (t) aug_close (t); ++} ++ ++static struct custom_operations custom_operations = { ++ (char *) "augeas_t_custom_operations", ++ augeas_t_finalize, ++ custom_compare_default, ++ custom_hash_default, ++ custom_serialize_default, ++ custom_deserialize_default, ++ custom_compare_ext_default, ++}; ++ ++static value Val_augeas_t (augeas_t t) ++{ ++ CAMLparam0 (); ++ CAMLlocal1 (rv); ++ /* We could choose these so that the GC can make better decisions. ++ * See 18.9.2 of the OCaml manual. ++ */ ++ const int used = 0; ++ const int max = 1; ++ ++ rv = caml_alloc_custom (&custom_operations, ++ sizeof (augeas_t), used, max); ++ Augeas_t_val(rv) = t; ++ ++ CAMLreturn (rv); ++} ++ ++#pragma GCC diagnostic ignored "-Wmissing-prototypes" ++ ++/* val create : string -> string option -> flag list -> t */ ++CAMLprim value ++ocaml_augeas_create (value rootv, value loadpathv, value flagsv) ++{ ++ CAMLparam1 (rootv); ++ const char *root = String_val (rootv); ++ const char *loadpath = Optstring_val (loadpathv); ++ int flags = 0, i; ++ augeas_t t; ++ ++ /* Convert list of flags to C. */ ++ for (; flagsv != Val_int (0); flagsv = Field (flagsv, 1)) { ++ i = Int_val (Field (flagsv, 0)); ++ flags |= flag_map[i]; ++ } ++ ++ /* Pass AUG_NO_ERR_CLOSE so we raise a detailed Augeas.Error. */ ++ t = aug_init (root, loadpath, flags | AUG_NO_ERR_CLOSE); ++ ++ if (t == NULL) ++ raise_init_error ("Augeas.create"); ++ ++ if (aug_error (t) != AUG_NOERROR) { ++ raise_error_and_maybe_close (t, "Augeas.init", true); ++ } ++ ++ CAMLreturn (Val_augeas_t (t)); ++} ++ ++/* val close : t -> unit */ ++CAMLprim value ++ocaml_augeas_close (value tv) ++{ ++ CAMLparam1 (tv); ++ augeas_t t = Augeas_t_val (tv); ++ ++ if (t) { ++ aug_close (t); ++ Augeas_t_val(tv) = NULL; /* So the finalizer doesn't double-free. */ ++ } ++ ++ CAMLreturn (Val_unit); ++} ++ ++/* val defnode : t -> string -> string -> string option -> int * bool */ ++CAMLprim value ++ocaml_augeas_defnode (value tv, value namev, value exprv, value valv) ++{ ++ CAMLparam4 (tv, namev, exprv, valv); ++ CAMLlocal2 (optv, v); ++ augeas_t t = Augeas_t_val (tv); ++ const char *name = String_val (namev); ++ const char *expr = String_val (exprv); ++ const char *val = Optstring_val (valv); ++ int r, created; ++ ++ r = aug_defnode (t, name, expr, val, &created); ++ if (r == -1) { ++ raise_error (t, "Augeas.defnode"); ++ } ++ ++ v = caml_alloc (2, 0); ++ Store_field (v, 0, Val_int (r)); ++ Store_field (v, 1, Val_bool (created)); ++ ++ CAMLreturn (v); ++} ++ ++/* val defvar : t -> string -> string option -> int option */ ++CAMLprim value ++ocaml_augeas_defvar (value tv, value namev, value exprv) ++{ ++ CAMLparam3 (tv, namev, exprv); ++ CAMLlocal2 (optv, v); ++ augeas_t t = Augeas_t_val (tv); ++ const char *name = String_val (namev); ++ const char *expr = Optstring_val (exprv); ++ int r; ++ ++ r = aug_defvar (t, name, expr); ++ if (r > 0) { /* Return Some val */ ++ v = Val_int (r); ++ optv = caml_alloc (1, 0); ++ Field (optv, 0) = v; ++ } else if (r == 0) /* Return None */ ++ optv = Val_int (0); ++ else if (r == -1) /* Error or multiple matches */ ++ raise_error (t, "Augeas.defvar"); ++ else ++ caml_failwith ("Augeas.defvar: bad return value"); ++ ++ CAMLreturn (optv); ++} ++ ++/* val get : t -> path -> value option */ ++CAMLprim value ++ocaml_augeas_get (value tv, value pathv) ++{ ++ CAMLparam2 (tv, pathv); ++ CAMLlocal2 (optv, v); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ const char *val; ++ int r; ++ ++ r = aug_get (t, path, &val); ++ if (r == 1 && val) { /* Return Some val */ ++ v = caml_copy_string (val); ++ optv = caml_alloc (1, 0); ++ Field (optv, 0) = v; ++ } else if (r == 0 || !val) /* Return None */ ++ optv = Val_int (0); ++ else if (r == -1) /* Error or multiple matches */ ++ raise_error (t, "Augeas.get"); ++ else ++ caml_failwith ("Augeas.get: bad return value"); ++ ++ CAMLreturn (optv); ++} ++ ++/* val exists : t -> path -> bool */ ++CAMLprim value ++ocaml_augeas_exists (value tv, value pathv) ++{ ++ CAMLparam2 (tv, pathv); ++ CAMLlocal1 (v); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ int r; ++ ++ r = aug_get (t, path, NULL); ++ if (r == 1) /* Return true. */ ++ v = Val_int (1); ++ else if (r == 0) /* Return false */ ++ v = Val_int (0); ++ else if (r == -1) /* Error or multiple matches */ ++ raise_error (t, "Augeas.exists"); ++ else ++ caml_failwith ("Augeas.exists: bad return value"); ++ ++ CAMLreturn (v); ++} ++ ++/* val insert : t -> ?before:bool -> path -> string -> unit */ ++CAMLprim value ++ocaml_augeas_insert (value tv, value beforev, value pathv, value labelv) ++{ ++ CAMLparam4 (tv, beforev, pathv, labelv); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ const char *label = String_val (labelv); ++ int before; ++ ++ before = beforev == Val_int (0) ? 0 : Int_val (Field (beforev, 0)); ++ ++ if (aug_insert (t, path, label, before) == -1) ++ raise_error (t, "Augeas.insert"); ++ ++ CAMLreturn (Val_unit); ++} ++ ++/* val label : t -> path -> string option */ ++CAMLprim value ++ocaml_augeas_label (value tv, value pathv) ++{ ++ CAMLparam2 (tv, pathv); ++ CAMLlocal2 (optv, v); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ const char *val; ++ int r; ++ ++ r = aug_label (t, path, &val); ++ if (r == 1 && val) { /* Return Some val */ ++ v = caml_copy_string (val); ++ optv = caml_alloc (1, 0); ++ Field (optv, 0) = v; ++ } else if (r == 0 || !val) /* Return None */ ++ optv = Val_int (0); ++ else if (r == -1) /* Error or multiple matches */ ++ raise_error (t, "Augeas.label"); ++ else ++ caml_failwith ("Augeas.label: bad return value"); ++ ++ CAMLreturn (optv); ++} ++ ++/* val mv : t -> path -> path -> unit */ ++CAMLprim value ++ocaml_augeas_mv (value tv, value srcv, value destv) ++{ ++ CAMLparam3 (tv, srcv, destv); ++ augeas_t t = Augeas_t_val (tv); ++ const char *src = String_val (srcv); ++ const char *dest = String_val (destv); ++ ++ if (aug_mv (t, src, dest) == -1) ++ raise_error (t, "Augeas.mv"); ++ ++ CAMLreturn (Val_unit); ++} ++ ++/* val rm : t -> path -> int */ ++CAMLprim value ++ocaml_augeas_rm (value tv, value pathv) ++{ ++ CAMLparam2 (tv, pathv); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ int r; ++ ++ r = aug_rm (t, path); ++ if (r == -1) ++ raise_error (t, "Augeas.rm"); ++ ++ CAMLreturn (Val_int (r)); ++} ++ ++/* val matches : t -> path -> path list */ ++CAMLprim value ++ocaml_augeas_match (value tv, value pathv) ++{ ++ CAMLparam2 (tv, pathv); ++ CAMLlocal3 (rv, v, cons); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ char **matches; ++ int r, i; ++ ++ r = aug_match (t, path, &matches); ++ if (r == -1) ++ raise_error (t, "Augeas.matches"); ++ ++ /* Copy the paths to a list. */ ++ rv = Val_int (0); ++ for (i = 0; i < r; ++i) { ++ v = caml_copy_string (matches[i]); ++ free (matches[i]); ++ cons = caml_alloc (2, 0); ++ Field (cons, 1) = rv; ++ Field (cons, 0) = v; ++ rv = cons; ++ } ++ ++ free (matches); ++ ++ CAMLreturn (rv); ++} ++ ++/* val count_matches : t -> path -> int */ ++CAMLprim value ++ocaml_augeas_count_matches (value tv, value pathv) ++{ ++ CAMLparam2 (tv, pathv); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ int r; ++ ++ r = aug_match (t, path, NULL); ++ if (r == -1) ++ raise_error (t, "Augeas.count_matches"); ++ ++ CAMLreturn (Val_int (r)); ++} ++ ++/* val save : t -> unit */ ++CAMLprim value ++ocaml_augeas_save (value tv) ++{ ++ CAMLparam1 (tv); ++ augeas_t t = Augeas_t_val (tv); ++ ++ if (aug_save (t) == -1) ++ raise_error (t, "Augeas.save"); ++ ++ CAMLreturn (Val_unit); ++} ++ ++/* val load : t -> unit */ ++CAMLprim value ++ocaml_augeas_load (value tv) ++{ ++ CAMLparam1 (tv); ++ augeas_t t = Augeas_t_val (tv); ++ ++ if (aug_load (t) == -1) ++ raise_error (t, "Augeas.load"); ++ ++ CAMLreturn (Val_unit); ++} ++ ++/* val set : t -> -> path -> value option -> unit */ ++CAMLprim value ++ocaml_augeas_set (value tv, value pathv, value valuev) ++{ ++ CAMLparam3 (tv, pathv, valuev); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ const char *val = Optstring_val (valuev); ++ ++ if (aug_set (t, path, val) == -1) ++ raise_error (t, "Augeas.set"); ++ ++ CAMLreturn (Val_unit); ++} ++ ++/* val setm : t -> path -> string option -> value option -> int */ ++CAMLprim value ++ocaml_augeas_setm (value tv, value basev, value subv, value valv) ++{ ++ CAMLparam4 (tv, basev, subv, valv); ++ augeas_t t = Augeas_t_val (tv); ++ const char *base = String_val (basev); ++ const char *sub = Optstring_val (subv); ++ const char *val = Optstring_val (valv); ++ int r; ++ ++ r = aug_setm (t, base, sub, val); ++ if (r == -1) ++ raise_error (t, "Augeas.setm"); ++ ++ CAMLreturn (Val_int (r)); ++} ++ ++/* val transform : t -> string -> string -> transform_mode -> unit */ ++CAMLprim value ++ocaml_augeas_transform (value tv, value lensv, value filev, value modev) ++{ ++ CAMLparam4 (tv, lensv, filev, modev); ++ augeas_t t = Augeas_t_val (tv); ++ const char *lens = String_val (lensv); ++ const char *file = String_val (filev); ++ const int excl = Int_val (modev) == 1 ? 1 : 0; ++ ++ if (aug_transform (t, lens, file, excl) == -1) ++ raise_error (t, "Augeas.transform"); ++ ++ CAMLreturn (Val_unit); ++} ++ ++/* val source : t -> path -> path option */ ++CAMLprim value ++ocaml_augeas_source (value tv, value pathv) ++{ ++#ifdef HAVE_AUG_SOURCE ++ CAMLparam2 (tv, pathv); ++ CAMLlocal2 (optv, v); ++ augeas_t t = Augeas_t_val (tv); ++ const char *path = String_val (pathv); ++ char *file_path; ++ int r; ++ ++ r = aug_source (t, path, &file_path); ++ if (r == 0) { ++ if (file_path) { /* Return Some file_path */ ++ v = caml_copy_string (file_path); ++ optv = caml_alloc (1, 0); ++ Field (optv, 0) = v; ++ free (file_path); ++ } else /* Return None */ ++ optv = Val_int (0); ++ } ++ else /* Error */ ++ raise_error (t, "Augeas.source"); ++ ++ CAMLreturn (optv); ++#else ++ caml_failwith ("Augeas.source: function not implemented"); ++#endif ++} +diff --git a/bundled/ocaml-augeas/augeas.README b/bundled/ocaml-augeas/augeas.README +new file mode 100644 +index 00000000..938dfd25 +--- /dev/null ++++ b/bundled/ocaml-augeas/augeas.README +@@ -0,0 +1,8 @@ ++The files augeas-c.c, augeas.ml and augeas.mli come from the ++ocaml-augeas library: ++ ++ http://git.annexia.org/?p=ocaml-augeas.git ++ ++which is released under a compatible license. We try to keep them ++identical, so if you make changes to these files then you must also ++submit the changes to ocaml-augeas, and vice versa. +\ No newline at end of file +diff --git a/bundled/ocaml-augeas/augeas.ml b/bundled/ocaml-augeas/augeas.ml +new file mode 100644 +index 00000000..aa5a1822 +--- /dev/null ++++ b/bundled/ocaml-augeas/augeas.ml +@@ -0,0 +1,99 @@ ++(* Augeas OCaml bindings ++ * Copyright (C) 2008 Red Hat Inc., Richard W.M. Jones ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public ++ * License along with this library; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ++ * ++ * $Id: augeas.ml,v 1.2 2008/05/06 10:48:20 rjones Exp $ ++ *) ++ ++type t ++ ++type flag = ++ | AugSaveBackup ++ | AugSaveNewFile ++ | AugTypeCheck ++ | AugNoStdinc ++ | AugSaveNoop ++ | AugNoLoad ++ | AugNoModlAutoload ++ | AugEnableSpan ++ | AugNoErrClose ++ | AugTraceModuleLoading ++ ++type error_code = ++ | AugErrInternal ++ | AugErrPathX ++ | AugErrNoMatch ++ | AugErrMMatch ++ | AugErrSyntax ++ | AugErrNoLens ++ | AugErrMXfm ++ | AugErrNoSpan ++ | AugErrMvDesc ++ | AugErrCmdRun ++ | AugErrBadArg ++ | AugErrLabel ++ | AugErrCpDesc ++ | AugErrUnknown of int ++ ++type transform_mode = ++ | Include ++ | Exclude ++ ++exception Error of error_code * string * string * string * string ++ ++type path = string ++ ++type value = string ++ ++external create : string -> string option -> flag list -> t ++ = "ocaml_augeas_create" ++external close : t -> unit ++ = "ocaml_augeas_close" ++external defnode : t -> string -> string -> string option -> int * bool ++ = "ocaml_augeas_defnode" ++external defvar : t -> string -> string option -> int option ++ = "ocaml_augeas_defvar" ++external get : t -> path -> value option ++ = "ocaml_augeas_get" ++external exists : t -> path -> bool ++ = "ocaml_augeas_exists" ++external insert : t -> ?before:bool -> path -> string -> unit ++ = "ocaml_augeas_insert" ++external label : t -> path -> string option ++ = "ocaml_augeas_label" ++external rm : t -> path -> int ++ = "ocaml_augeas_rm" ++external matches : t -> path -> path list ++ = "ocaml_augeas_match" ++external count_matches : t -> path -> int ++ = "ocaml_augeas_count_matches" ++external save : t -> unit ++ = "ocaml_augeas_save" ++external load : t -> unit ++ = "ocaml_augeas_load" ++external mv : t -> path -> path -> unit ++ = "ocaml_augeas_mv" ++external set : t -> path -> value option -> unit ++ = "ocaml_augeas_set" ++external setm : t -> path -> string option -> value option -> int ++ = "ocaml_augeas_setm" ++external transform : t -> string -> string -> transform_mode -> unit ++ = "ocaml_augeas_transform" ++external source : t -> path -> path option ++ = "ocaml_augeas_source" ++ ++let () = ++ Callback.register_exception "Augeas.Error" (Error (AugErrInternal, "", "", "", "")) +diff --git a/bundled/ocaml-augeas/augeas.mli b/bundled/ocaml-augeas/augeas.mli +new file mode 100644 +index 00000000..8cbeae18 +--- /dev/null ++++ b/bundled/ocaml-augeas/augeas.mli +@@ -0,0 +1,164 @@ ++(** Augeas OCaml bindings *) ++(* Copyright (C) 2008 Red Hat Inc., Richard W.M. Jones ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public ++ * License along with this library; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ++ * ++ * $Id: augeas.mli,v 1.2 2008/05/06 10:48:20 rjones Exp $ ++ *) ++ ++type t ++ (** Augeas library handle. *) ++ ++type flag = ++ | AugSaveBackup (** Rename original with .augsave *) ++ | AugSaveNewFile (** Save changes to .augnew *) ++ | AugTypeCheck (** Type-check lenses *) ++ | AugNoStdinc ++ | AugSaveNoop ++ | AugNoLoad ++ | AugNoModlAutoload ++ | AugEnableSpan ++ | AugNoErrClose ++ | AugTraceModuleLoading ++ (** Flags passed to the {!create} function. *) ++ ++type error_code = ++ | AugErrInternal (** Internal error (bug) *) ++ | AugErrPathX (** Invalid path expression *) ++ | AugErrNoMatch (** No match for path expression *) ++ | AugErrMMatch (** Too many matches for path expression *) ++ | AugErrSyntax (** Syntax error in lens file *) ++ | AugErrNoLens (** Lens lookup failed *) ++ | AugErrMXfm (** Multiple transforms *) ++ | AugErrNoSpan (** No span for this node *) ++ | AugErrMvDesc (** Cannot move node into its descendant *) ++ | AugErrCmdRun (** Failed to execute command *) ++ | AugErrBadArg (** Invalid argument in funcion call *) ++ | AugErrLabel (** Invalid label *) ++ | AugErrCpDesc (** Cannot copy node into its descendant *) ++ | AugErrUnknown of int ++ (** Possible error codes. *) ++ ++type transform_mode = ++ | Include ++ | Exclude ++ (** The operation mode for the {!transform} function. *) ++ ++exception Error of error_code * string * string * string * string ++ (** This exception is thrown when the underlying Augeas library ++ returns an error. The tuple represents: ++ - the Augeas error code ++ - the ocaml-augeas error string ++ - the Augeas error message ++ - the human-readable explanation of the Augeas error, if available ++ - a string with details of the Augeas error ++ *) ++ ++type path = string ++ (** A path expression. ++ ++ Note in future we may replace this with a type-safe path constructor. *) ++ ++type value = string ++ (** A value. *) ++ ++val create : string -> string option -> flag list -> t ++ (** [create root loadpath flags] creates an Augeas handle. ++ ++ [root] is a file system path describing the location ++ of the configuration files. ++ ++ [loadpath] is an optional colon-separated list of directories ++ which are searched for schema definitions. ++ ++ [flags] is a list of flags. *) ++ ++val close : t -> unit ++ (** [close handle] closes the handle. ++ ++ You don't need to close handles explicitly with this function: ++ they will be finalized eventually by the garbage collector. ++ However calling this function frees up any resources used by the ++ underlying Augeas library immediately. ++ ++ Do not use the handle after closing it. *) ++ ++val defnode : t -> string -> string -> string option -> int * bool ++ (** [defnode t name expr value] defines [name] whose value is the ++ result of evaluating [expr], which is a nodeset. *) ++ ++val defvar : t -> string -> string option -> int option ++ (** [defvar t name expr] defines [name] whose value is the result ++ of evaluating [expr], replacing the old value if existing. ++ [None] as [expr] removes the variable [name]. *) ++ ++val get : t -> path -> value option ++ (** [get t path] returns the value at [path], or [None] if there ++ is no value. *) ++ ++val exists : t -> path -> bool ++ (** [exists t path] returns true iff there is a value at [path]. *) ++ ++val insert : t -> ?before:bool -> path -> string -> unit ++ (** [insert t ?before path label] inserts [label] as a sibling ++ of [path]. By default it is inserted after [path], unless ++ [~before:true] is specified. *) ++ ++val label : t -> path -> string option ++ (** [label t path] gets the label of [path]. ++ ++ Returns [Some value] when [path] matches only one node, and ++ that has an associated label. *) ++ ++val rm : t -> path -> int ++ (** [rm t path] removes all nodes matching [path]. ++ ++ Returns the number of nodes removed (which may be 0). *) ++ ++val matches : t -> path -> path list ++ (** [matches t path] returns a list of path expressions ++ of all nodes matching [path]. *) ++ ++val mv : t -> path -> path -> unit ++ (** [mv t src dest] moves a node. *) ++ ++val count_matches : t -> path -> int ++ (** [count_matches t path] counts the number of nodes matching ++ [path] but does not return them (see {!matches}). *) ++ ++val save : t -> unit ++ (** [save t] saves all pending changes to disk. *) ++ ++val load : t -> unit ++ (** [load t] loads files into the tree. *) ++ ++val set : t -> path -> value option -> unit ++ (** [set t path] sets [value] as new value at [path]. *) ++ ++val setm : t -> path -> string option -> value option -> int ++ (** [setm t base sub value] sets [value] as new value for all the ++ nodes under [base] that match [sub] (or all, if [sub] is ++ [None]). ++ ++ Returns the number of nodes modified. *) ++ ++val transform : t -> string -> string -> transform_mode -> unit ++ (** [transform t lens file mode] adds or removes (depending on ++ [mode]) the transformation of the specified [lens] for [file]. *) ++ ++val source : t -> path -> path option ++ (** [source t path] returns the path to the node representing the ++ file to which [path] belongs, or [None] if [path] does not ++ represent any file. *) +diff --git a/configure.ac b/configure.ac +index 0db21297..d1397f63 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -195,6 +195,7 @@ AC_CONFIG_FILES([run], + AC_CONFIG_FILES([Makefile + appliance/Makefile + bash/Makefile ++ bundled/ocaml-augeas/Makefile + common/errnostring/Makefile + common/edit/Makefile + common/mlpcre/Makefile +diff --git a/daemon/Makefile.am b/daemon/Makefile.am +index bb2e58d0..bd1920c6 100644 +--- a/daemon/Makefile.am ++++ b/daemon/Makefile.am +@@ -215,9 +215,9 @@ guestfsd_SOURCES = \ + guestfsd_LDFLAGS = \ + -L$(shell $(OCAMLC) -where) \ + -L$(shell $(OCAMLFIND) query hivex) \ +- -L$(shell $(OCAMLFIND) query augeas) \ + -L../common/mlutils \ + -L../common/mlstdutils \ ++ -L../bundled/ocaml-augeas \ + -L../common/mlpcre + guestfsd_LDADD = \ + camldaemon.o \ +@@ -353,7 +353,8 @@ BOBJECTS = $(SOURCES_ML:.ml=.cmo) + XOBJECTS = $(BOBJECTS:.cmo=.cmx) + + OCAMLPACKAGES = \ +- -package str,unix,augeas,hivex \ ++ -package str,unix,hivex \ ++ -I $(top_builddir)/bundled/ocaml-augeas \ + -I $(top_builddir)/common/mlstdutils \ + -I $(top_builddir)/common/mlutils \ + -I $(top_builddir)/common/utils/.libs \ +@@ -384,6 +385,7 @@ camldaemon.o: $(OBJECTS) + $(OCAMLFIND) $(BEST) -output-obj -o $@ \ + $(OCAMLFLAGS) $(OCAMLPACKAGES) \ + -linkpkg \ ++ mlaugeas.$(MLARCHIVE) \ + mlpcre.$(MLARCHIVE) \ + mlstdutils.$(MLARCHIVE) \ + mlcutils.$(MLARCHIVE) \ +@@ -442,6 +444,7 @@ OCAMLLINKFLAGS = \ + mlpcre.$(MLARCHIVE) \ + mlstdutils.$(MLARCHIVE) \ + mlcutils.$(MLARCHIVE) \ ++ mlaugeas.$(MLARCHIVE) \ + $(LINK_CUSTOM_OCAMLC_ONLY) + + daemon_utils_tests_DEPENDENCIES = \ +diff --git a/docs/guestfs-building.pod b/docs/guestfs-building.pod +index 5a7fa40f..b9bc885a 100644 +--- a/docs/guestfs-building.pod ++++ b/docs/guestfs-building.pod +@@ -172,11 +172,6 @@ I. + + I. + +-=item ocaml-augeas +- +-I. These are the OCaml bindings for Augeas, found at: +-L +- + =item xz + + I. +diff --git a/docs/guestfs-hacking.pod b/docs/guestfs-hacking.pod +index e1b47ec1..68cf8292 100644 +--- a/docs/guestfs-hacking.pod ++++ b/docs/guestfs-hacking.pod +@@ -71,6 +71,20 @@ Various build scripts used by autotools. + + L command and documentation. + ++=item F ++ ++Embedded copies of other libraries, mostly for convenience (and the embedded ++library is not widespread enough). ++ ++=over 4 ++ ++=item F ++ ++Bindings for the Augeas library. These come from the ocaml-augeas ++library L ++ ++=back ++ + =item F + + The L, L, L, +diff --git a/m4/guestfs-ocaml.m4 b/m4/guestfs-ocaml.m4 +index 85020717..51072c1a 100644 +--- a/m4/guestfs-ocaml.m4 ++++ b/m4/guestfs-ocaml.m4 +@@ -132,14 +132,6 @@ AS_IF([test "x$have_Hivex_OPEN_UNSAFE" = "xno"],[ + ]) + AC_SUBST([HIVEX_OPEN_UNSAFE_FLAG]) + +-if test "x$enable_daemon" = "xyes"; then +- OCAML_PKG_augeas=no +- AC_CHECK_OCAML_PKG(augeas) +- if test "x$OCAML_PKG_augeas" = "xno"; then +- AC_MSG_ERROR([the OCaml module 'augeas' is required]) +- fi +-fi +- + # oUnit is optional, used by some tests in common/mlstdutils (that we + # should replace with regular tests one day). If used, oUnit >= 2 is + # required. +diff --git a/ocaml-dep.sh.in b/ocaml-dep.sh.in +index 385a1e6e..c9e9e3e6 100755 +--- a/ocaml-dep.sh.in ++++ b/ocaml-dep.sh.in +@@ -33,6 +33,7 @@ set -e + # directories must have unique names (eg. not ‘Utils’) else + # dependencies don't get built right. + include_dirs=" ++bundled/ocaml-augeas + common/mlgettext + common/mlpcre + common/mlstdutils diff --git a/SOURCES/0011-update-common-submodule.patch b/SOURCES/0011-update-common-submodule.patch new file mode 100644 index 0000000..01696ec --- /dev/null +++ b/SOURCES/0011-update-common-submodule.patch @@ -0,0 +1,203 @@ +From 194a48aef32367c45c555a4d93fb1a3375b0dead Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Fri, 19 May 2023 16:08:47 +0200 +Subject: [PATCH] update common submodule + +Laszlo Ersek (2): + options/keys: key_store_import_key(): un-constify "key" parameter + options/keys: introduce unescape_device_mapper_lvm() + +Richard W.M. Jones (1): + mlcustomize/SELinux_relabel.ml: Use Array.mem + +Roman Kagan (1): + mlcustomize: skip SELinux relabeling if it's disabled + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2168506 +Signed-off-by: Laszlo Ersek +Message-Id: <20230519140849.310774-2-lersek@redhat.com> +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 83afd6d3d2c82ee3a8f22079ba12ef7eac38ac34) +--- + common | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Submodule common 70c10a07..b636c3f2: +diff --git a/common/mlcustomize/SELinux_relabel.ml b/common/mlcustomize/SELinux_relabel.ml +index 5ecf7bd7..2f3a09bf 100644 +--- a/common/mlcustomize/SELinux_relabel.ml ++++ b/common/mlcustomize/SELinux_relabel.ml +@@ -24,10 +24,6 @@ open Printf + + module G = Guestfs + +-(* Simple reimplementation of Array.mem, available only with OCaml >= 4.03. *) +-let array_find a l = +- List.mem a (Array.to_list l) +- + let rec relabel (g : G.guestfs) = + (* Is the guest using SELinux? (Otherwise this is a no-op). *) + if is_selinux_guest g then ( +@@ -59,14 +55,24 @@ and use_setfiles g = + g#aug_load (); + debug_augeas_errors g; + ++ let config_path = "/files/etc/selinux/config" in ++ let config_keys = g#aug_ls config_path in ++ (* SELinux may be disabled via a setting in config file *) ++ let selinux_disabled = ++ let selinuxmode_path = config_path ^ "/SELINUX" in ++ if Array.mem selinuxmode_path config_keys then ++ g#aug_get selinuxmode_path = "disabled" ++ else ++ false in ++ if selinux_disabled then ++ failwith "selinux disabled"; ++ + (* Get the SELinux policy name, eg. "targeted", "minimum". + * Use "targeted" if not specified, just like libselinux does. + *) + let policy = +- let config_path = "/files/etc/selinux/config" in + let selinuxtype_path = config_path ^ "/SELINUXTYPE" in +- let keys = g#aug_ls config_path in +- if array_find selinuxtype_path keys then ++ if Array.mem selinuxtype_path config_keys then + g#aug_get selinuxtype_path + else + "targeted" in +diff --git a/common/options/keys.c b/common/options/keys.c +index 48f1bc7c..52b27369 100644 +--- a/common/options/keys.c ++++ b/common/options/keys.c +@@ -260,8 +260,107 @@ key_store_add_from_selector (struct key_store *ks, const char *selector) + return key_store_import_key (ks, &key); + } + ++/* Turn /dev/mapper/VG-LV into /dev/VG/LV, in-place. */ ++static void ++unescape_device_mapper_lvm (char *id) ++{ ++ static const char dev[] = "/dev/", dev_mapper[] = "/dev/mapper/"; ++ const char *input_start; ++ char *output; ++ enum { M_SCAN, M_FILL, M_DONE } mode; ++ ++ if (!STRPREFIX (id, dev_mapper)) ++ return; ++ ++ /* Start parsing "VG-LV" from "id" after "/dev/mapper/". */ ++ input_start = id + (sizeof dev_mapper - 1); ++ ++ /* Start writing the unescaped "VG/LV" output after "/dev/". */ ++ output = id + (sizeof dev - 1); ++ ++ for (mode = M_SCAN; mode < M_DONE; ++mode) { ++ char c; ++ const char *input = input_start; ++ const char *hyphen_buffered = NULL; ++ bool single_hyphen_seen = false; ++ ++ do { ++ c = *input; ++ ++ switch (c) { ++ case '-': ++ if (hyphen_buffered == NULL) ++ /* This hyphen may start an escaped hyphen, or it could be the ++ * separator in VG-LV. ++ */ ++ hyphen_buffered = input; ++ else { ++ /* This hyphen completes an escaped hyphen; unescape it. */ ++ if (mode == M_FILL) ++ *output++ = '-'; ++ hyphen_buffered = NULL; ++ } ++ break; ++ ++ case '/': ++ /* Slash characters are forbidden in VG-LV anywhere. If there's any, ++ * we'll find it in the first (i.e., scanning) phase, before we output ++ * anything back to "id". ++ */ ++ assert (mode == M_SCAN); ++ return; ++ ++ default: ++ /* Encountered a non-slash, non-hyphen character -- which also may be ++ * the terminating NUL. ++ */ ++ if (hyphen_buffered != NULL) { ++ /* The non-hyphen character comes after a buffered hyphen, so the ++ * buffered hyphen is supposed to be the single hyphen that separates ++ * VG from LV in VG-LV. There are three requirements for this ++ * separator: (a) it must be unique (we must not have seen another ++ * such separator earlier), (b) it must not be at the start of VG-LV ++ * (because VG would be empty that way), (c) it must not be at the end ++ * of VG-LV (because LV would be empty that way). Should any of these ++ * be violated, we'll catch that during the first (i.e., scanning) ++ * phase, before modifying "id". ++ */ ++ if (single_hyphen_seen || hyphen_buffered == input_start || ++ c == '\0') { ++ assert (mode == M_SCAN); ++ return; ++ } ++ ++ /* Translate the separator hyphen to a slash character. */ ++ if (mode == M_FILL) ++ *output++ = '/'; ++ hyphen_buffered = NULL; ++ single_hyphen_seen = true; ++ } ++ ++ /* Output the non-hyphen character (including the terminating NUL) ++ * regardless of whether there was a buffered hyphen separator (which, ++ * by now, we'll have attempted to translate and flush). ++ */ ++ if (mode == M_FILL) ++ *output++ = c; ++ } ++ ++ ++input; ++ } while (c != '\0'); ++ ++ /* We must have seen the VG-LV separator. If that's not the case, we'll ++ * catch it before modifying "id". ++ */ ++ if (!single_hyphen_seen) { ++ assert (mode == M_SCAN); ++ return; ++ } ++ } ++} ++ + struct key_store * +-key_store_import_key (struct key_store *ks, const struct key_store_key *key) ++key_store_import_key (struct key_store *ks, struct key_store_key *key) + { + struct key_store_key *new_keys; + +@@ -278,6 +377,7 @@ key_store_import_key (struct key_store *ks, const struct key_store_key *key) + error (EXIT_FAILURE, errno, "realloc"); + + ks->keys = new_keys; ++ unescape_device_mapper_lvm (key->id); + ks->keys[ks->nr_keys] = *key; + ++ks->nr_keys; + +diff --git a/common/options/options.h b/common/options/options.h +index 94573ee0..94e8b9ee 100644 +--- a/common/options/options.h ++++ b/common/options/options.h +@@ -169,7 +169,8 @@ extern struct matching_key *get_keys (struct key_store *ks, const char *device, + const char *uuid, size_t *nr_matches); + extern void free_keys (struct matching_key *keys, size_t nr_matches); + extern struct key_store *key_store_add_from_selector (struct key_store *ks, const char *selector); +-extern struct key_store *key_store_import_key (struct key_store *ks, const struct key_store_key *key); ++extern struct key_store *key_store_import_key (struct key_store *ks, ++ struct key_store_key *key); + extern bool key_store_requires_network (const struct key_store *ks); + extern void free_key_store (struct key_store *ks); + diff --git a/SOURCES/0012-LUKS-on-LVM-inspection-test-rename-VGs-and-LVs.patch b/SOURCES/0012-LUKS-on-LVM-inspection-test-rename-VGs-and-LVs.patch new file mode 100644 index 0000000..b35742b --- /dev/null +++ b/SOURCES/0012-LUKS-on-LVM-inspection-test-rename-VGs-and-LVs.patch @@ -0,0 +1,97 @@ +From c95b3086bdbdf840de8d3b24c3ae5e9b847bf588 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Fri, 19 May 2023 16:08:48 +0200 +Subject: [PATCH] LUKS-on-LVM inspection test: rename VGs and LVs + +In preparation for a subsequent patch, rename "VG" to "Volume-Group", and +"LV" to "Logical-Volume-", in the LUKS-on-LVM inspection test. + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2168506 +Signed-off-by: Laszlo Ersek +Message-Id: <20230519140849.310774-3-lersek@redhat.com> +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 58e26402334a4696fa08730eecc9098fc270ed1c) +--- + test-data/phony-guests/make-fedora-img.pl | 30 +++++++++++-------- + .../test-key-option-inspect-luks-on-lvm.sh | 16 +++++----- + 2 files changed, 25 insertions(+), 21 deletions(-) + +diff --git a/test-data/phony-guests/make-fedora-img.pl b/test-data/phony-guests/make-fedora-img.pl +index c0cb5d0b..6362e225 100755 +--- a/test-data/phony-guests/make-fedora-img.pl ++++ b/test-data/phony-guests/make-fedora-img.pl +@@ -224,23 +224,27 @@ EOF + + # Create the Volume Group on /dev/sda2. + $g->pvcreate ('/dev/sda2'); +- $g->vgcreate ('VG', ['/dev/sda2']); +- $g->lvcreate ('Root', 'VG', 32); +- $g->lvcreate ('LV1', 'VG', 32); +- $g->lvcreate ('LV2', 'VG', 32); +- $g->lvcreate ('LV3', 'VG', 64); ++ $g->vgcreate ('Volume-Group', ['/dev/sda2']); ++ $g->lvcreate ('Root', 'Volume-Group', 32); ++ $g->lvcreate ('Logical-Volume-1', 'Volume-Group', 32); ++ $g->lvcreate ('Logical-Volume-2', 'Volume-Group', 32); ++ $g->lvcreate ('Logical-Volume-3', 'Volume-Group', 64); + + # Format each Logical Group as a LUKS device, with a different password. +- $g->luks_format ('/dev/VG/Root', 'FEDORA-Root', 0); +- $g->luks_format ('/dev/VG/LV1', 'FEDORA-LV1', 0); +- $g->luks_format ('/dev/VG/LV2', 'FEDORA-LV2', 0); +- $g->luks_format ('/dev/VG/LV3', 'FEDORA-LV3', 0); ++ $g->luks_format ('/dev/Volume-Group/Root', 'FEDORA-Root', 0); ++ $g->luks_format ('/dev/Volume-Group/Logical-Volume-1', 'FEDORA-LV1', 0); ++ $g->luks_format ('/dev/Volume-Group/Logical-Volume-2', 'FEDORA-LV2', 0); ++ $g->luks_format ('/dev/Volume-Group/Logical-Volume-3', 'FEDORA-LV3', 0); + + # Open the LUKS devices. This creates nodes like /dev/mapper/*-luks. +- $g->cryptsetup_open ('/dev/VG/Root', 'FEDORA-Root', 'Root-luks'); +- $g->cryptsetup_open ('/dev/VG/LV1', 'FEDORA-LV1', 'LV1-luks'); +- $g->cryptsetup_open ('/dev/VG/LV2', 'FEDORA-LV2', 'LV2-luks'); +- $g->cryptsetup_open ('/dev/VG/LV3', 'FEDORA-LV3', 'LV3-luks'); ++ $g->cryptsetup_open ('/dev/Volume-Group/Root', ++ 'FEDORA-Root', 'Root-luks'); ++ $g->cryptsetup_open ('/dev/Volume-Group/Logical-Volume-1', ++ 'FEDORA-LV1', 'LV1-luks'); ++ $g->cryptsetup_open ('/dev/Volume-Group/Logical-Volume-2', ++ 'FEDORA-LV2', 'LV2-luks'); ++ $g->cryptsetup_open ('/dev/Volume-Group/Logical-Volume-3', ++ 'FEDORA-LV3', 'LV3-luks'); + + # Phony root filesystem. + $g->mkfs ('ext2', '/dev/mapper/Root-luks', blocksize => 4096, label => 'ROOT'); +diff --git a/tests/luks/test-key-option-inspect-luks-on-lvm.sh b/tests/luks/test-key-option-inspect-luks-on-lvm.sh +index 52cd7e98..a8d72b9f 100755 +--- a/tests/luks/test-key-option-inspect-luks-on-lvm.sh ++++ b/tests/luks/test-key-option-inspect-luks-on-lvm.sh +@@ -30,10 +30,10 @@ skip_unless_phony_guest fedora-luks-on-lvm.img + # Volume names. + guestfish=(guestfish --listen --ro --inspector + --add ../test-data/phony-guests/fedora-luks-on-lvm.img) +-keys_by_lvname=(--key /dev/VG/Root:key:FEDORA-Root +- --key /dev/VG/LV1:key:FEDORA-LV1 +- --key /dev/VG/LV2:key:FEDORA-LV2 +- --key /dev/VG/LV3:key:FEDORA-LV3) ++keys_by_lvname=(--key /dev/Volume-Group/Root:key:FEDORA-Root ++ --key /dev/Volume-Group/Logical-Volume-1:key:FEDORA-LV1 ++ --key /dev/Volume-Group/Logical-Volume-2:key:FEDORA-LV2 ++ --key /dev/Volume-Group/Logical-Volume-3:key:FEDORA-LV3) + + # The variable assignment below will fail, and abort the script, if guestfish + # refuses to start up. +@@ -56,10 +56,10 @@ function cleanup_guestfish + trap cleanup_guestfish EXIT + + # Get the UUIDs of the LUKS devices. +-uuid_root=$(guestfish --remote -- luks-uuid /dev/VG/Root) +-uuid_lv1=$( guestfish --remote -- luks-uuid /dev/VG/LV1) +-uuid_lv2=$( guestfish --remote -- luks-uuid /dev/VG/LV2) +-uuid_lv3=$( guestfish --remote -- luks-uuid /dev/VG/LV3) ++uuid_root=$(guestfish --remote -- luks-uuid /dev/Volume-Group/Root) ++uuid_lv1=$( guestfish --remote -- luks-uuid /dev/Volume-Group/Logical-Volume-1) ++uuid_lv2=$( guestfish --remote -- luks-uuid /dev/Volume-Group/Logical-Volume-2) ++uuid_lv3=$( guestfish --remote -- luks-uuid /dev/Volume-Group/Logical-Volume-3) + + # The actual test. + function check_filesystems diff --git a/SOURCES/0012-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch b/SOURCES/0012-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch deleted file mode 100644 index 5683472..0000000 --- a/SOURCES/0012-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch +++ /dev/null @@ -1,32 +0,0 @@ -From c1ff450bcee1465f0eaca00a4d6c8c731f175488 Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Tue, 29 Jun 2021 15:29:11 +0100 -Subject: [PATCH] RHEL: Create /etc/crypto-policies/back-ends/opensslcnf.config - -https://bugzilla.redhat.com/show_bug.cgi?id=1977214#c13 ---- - appliance/init | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/appliance/init b/appliance/init -index 19aa151b7..e67d88280 100755 ---- a/appliance/init -+++ b/appliance/init -@@ -76,6 +76,14 @@ if ! test -e /etc/mtab; then - ln -s /proc/mounts /etc/mtab - fi - -+# openssl 3 requires /etc/crypto-policies/back-ends/opensslcnf.config -+# to exist, but it is created in a %post script in crypto-policies -+# https://bugzilla.redhat.com/show_bug.cgi?id=1977214#c13 -+if ! test -r /etc/crypto-policies/back-ends/opensslcnf.config && -+ test -f /usr/share/crypto-policies/DEFAULT/opensslcnf.txt; then -+ ln -s /usr/share/crypto-policies/DEFAULT/opensslcnf.txt /etc/crypto-policies/back-ends/opensslcnf.config -+fi -+ - # Static nodes must happen before udev is started. - - # Set up kmod static-nodes (RHBZ#1011907). --- -2.31.1 - diff --git a/SOURCES/0013-LUKS-on-LVM-inspection-test-test-dev-mapper-VG-LV-tr.patch b/SOURCES/0013-LUKS-on-LVM-inspection-test-test-dev-mapper-VG-LV-tr.patch new file mode 100644 index 0000000..715e658 --- /dev/null +++ b/SOURCES/0013-LUKS-on-LVM-inspection-test-test-dev-mapper-VG-LV-tr.patch @@ -0,0 +1,46 @@ +From 15cc20d1f5e0413c1af26c683437995886146eb6 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Fri, 19 May 2023 16:08:49 +0200 +Subject: [PATCH] LUKS-on-LVM inspection test: test /dev/mapper/VG-LV + translation + +In the LUKS-on-LVM inspection test, call the "check_filesystems" function +yet another time, now with such "--key" options that exercise the recent +"/dev/mapper/VG-LV" -> "/dev/VG/LV" translation (unescaping) from +libguestfs-common. + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2168506 +Signed-off-by: Laszlo Ersek +Message-Id: <20230519140849.310774-4-lersek@redhat.com> +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 32408a9c36165af376f9f42e7d3e158d3da2c76e) +--- + .../test-key-option-inspect-luks-on-lvm.sh | 18 ++++++++++++++++++ + 1 file changed, 18 insertions(+) + +diff --git a/tests/luks/test-key-option-inspect-luks-on-lvm.sh b/tests/luks/test-key-option-inspect-luks-on-lvm.sh +index a8d72b9f..932862b1 100755 +--- a/tests/luks/test-key-option-inspect-luks-on-lvm.sh ++++ b/tests/luks/test-key-option-inspect-luks-on-lvm.sh +@@ -101,3 +101,21 @@ eval "$fish_ref" + + # Repeat the test. + check_filesystems ++ ++# Exit the current guestfish background process. ++guestfish --remote -- exit ++GUESTFISH_PID= ++ ++# Start up another guestfish background process, and specify the keys in ++# /dev/mapper/VG-LV format this time. ++keys_by_mapper_lvname=( ++ --key /dev/mapper/Volume--Group-Root:key:FEDORA-Root ++ --key /dev/mapper/Volume--Group-Logical--Volume--1:key:FEDORA-LV1 ++ --key /dev/mapper/Volume--Group-Logical--Volume--2:key:FEDORA-LV2 ++ --key /dev/mapper/Volume--Group-Logical--Volume--3:key:FEDORA-LV3 ++) ++fish_ref=$("${guestfish[@]}" "${keys_by_mapper_lvname[@]}") ++eval "$fish_ref" ++ ++# Repeat the test. ++check_filesystems diff --git a/SOURCES/0013-php-add-arginfo-to-php-bindings.patch b/SOURCES/0013-php-add-arginfo-to-php-bindings.patch deleted file mode 100644 index 7122e7c..0000000 --- a/SOURCES/0013-php-add-arginfo-to-php-bindings.patch +++ /dev/null @@ -1,90 +0,0 @@ -From d451e0e42c75429279426e9eb5a7701cd4681d07 Mon Sep 17 00:00:00 2001 -From: Geoff Amey -Date: Wed, 15 Jun 2022 17:06:56 -0400 -Subject: [PATCH] php: add arginfo to php bindings - -Starting with PHP8, arginfo is mandatory for PHP extensions. This patch -updates the generator for the PHP bindings to generate the arginfo -structures, using the Zend API macros. Only basic arginfo is added, -without full documentation of argument and return types, in order to -ensure compatibility with as many versions of PHP as possible. - -(cherry picked from commit ec27979398b0871c1a3e0e244849f8435c9c9a8d) ---- - .gitignore | 1 + - generator/php.ml | 37 ++++++++++++++++++++++++++++++++++--- - 2 files changed, 35 insertions(+), 3 deletions(-) - -diff --git a/.gitignore b/.gitignore -index a36ccc86a..356c01fbd 100644 ---- a/.gitignore -+++ b/.gitignore -@@ -325,6 +325,7 @@ Makefile.in - /php/extension/configure.in - /php/extension/env - /php/extension/guestfs_php.c -+/php/extension/guestfs_php.dep - /php/extension/install-sh - /php/extension/libtool - /php/extension/ltmain.sh -diff --git a/generator/php.ml b/generator/php.ml -index 5c7ef48e8..acdc7b877 100644 ---- a/generator/php.ml -+++ b/generator/php.ml -@@ -130,6 +130,37 @@ typedef size_t guestfs_string_length; - typedef int guestfs_string_length; - #endif - -+/* Declare argument info structures */ -+ZEND_BEGIN_ARG_INFO_EX(arginfo_create, 0, 0, 0) -+ZEND_END_ARG_INFO() -+ -+ZEND_BEGIN_ARG_INFO_EX(arginfo_last_error, 0, 0, 1) -+ ZEND_ARG_INFO(0, g) -+ZEND_END_ARG_INFO() -+ -+"; -+ List.iter ( -+ fun { name = shortname; style = ret, args, optargs; } -> -+ let len = List.length args in -+ pr "ZEND_BEGIN_ARG_INFO_EX(arginfo_%s, 0, 0, %d)\n" shortname (len + 1); -+ pr " ZEND_ARG_INFO(0, g)\n"; -+ List.iter ( -+ function -+ | BufferIn n | Bool n | Int n | Int64 n | OptString n -+ | Pointer(_, n) | String (_, n) | StringList (_, n) -> -+ pr " ZEND_ARG_INFO(0, %s)\n" n -+ ) args; -+ -+ List.iter ( -+ function -+ | OBool n | OInt n | OInt64 n | OString n | OStringList n -> -+ pr " ZEND_ARG_INFO(0, %s)\n" n -+ ) optargs; -+ pr "ZEND_END_ARG_INFO()\n\n"; -+ ) (actions |> external_functions |> sort); -+ -+ pr " -+ - /* Convert array to list of strings. - * http://marc.info/?l=pecl-dev&m=112205192100631&w=2 - */ -@@ -204,12 +235,12 @@ PHP_MINIT_FUNCTION (guestfs_php) - } - - static zend_function_entry guestfs_php_functions[] = { -- PHP_FE (guestfs_create, NULL) -- PHP_FE (guestfs_last_error, NULL) -+ PHP_FE (guestfs_create, arginfo_create) -+ PHP_FE (guestfs_last_error, arginfo_last_error) - "; - - List.iter ( -- fun { name } -> pr " PHP_FE (guestfs_%s, NULL)\n" name -+ fun { name } -> pr " PHP_FE (guestfs_%s, arginfo_%s)\n" name name - ) (actions |> external_functions |> sort); - - pr " { NULL, NULL, NULL } --- -2.31.1 - diff --git a/SOURCES/0014-Replace-Pervasives.-with-Stdlib.patch b/SOURCES/0014-Replace-Pervasives.-with-Stdlib.patch new file mode 100644 index 0000000..ae3711f --- /dev/null +++ b/SOURCES/0014-Replace-Pervasives.-with-Stdlib.patch @@ -0,0 +1,119 @@ +From 54a9e48e5e1088a1b781c30b49bce695007e12fc Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Mon, 22 May 2023 16:40:21 +0100 +Subject: [PATCH] Replace Pervasives.* with Stdlib.* +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Since OCaml 4.07 (released 2018-07-10) the always-loaded standard +library module has been called Stdlib. The old Pervasives module was +finally removed in OCaml 5. + +$ perl -pi.bak -e 's/Pervasives\./Stdlib./g' -- `git ls-files` + +OCaml >= 4.07 is now required. + +Also update the common submodule with: + + commit d61cd820b49e403848d15c5deaccbf8dd7045370 + Author: Jürgen Hötzel + Date: Sat May 20 18:16:40 2023 +0200 + + Add support for OCaml 5.0 + +(cherry picked from commit 3cb094083e61203a8751bcf31dcb56a47dec6840) +--- + common | 2 +- + daemon/chroot.ml | 2 +- + docs/guestfs-building.pod | 2 +- + generator/pr.ml | 4 ++-- + m4/guestfs-ocaml.m4 | 6 +++--- + 5 files changed, 8 insertions(+), 8 deletions(-) + +Submodule common b636c3f2..d61cd820: +diff --git a/common/mlstdutils/std_utils.ml b/common/mlstdutils/std_utils.ml +index 0d2fa22f..86b21a7c 100644 +--- a/common/mlstdutils/std_utils.ml ++++ b/common/mlstdutils/std_utils.ml +@@ -341,12 +341,12 @@ module List = struct + | x::xs, y::ys, z::zs -> (x, y, z) :: combine3 xs ys zs + | _ -> invalid_arg "combine3" + +- let rec assoc_lbl ?(cmp = Pervasives.compare) ~default x = function ++ let rec assoc_lbl ?(cmp = Stdlib.compare) ~default x = function + | [] -> default + | (y, y') :: _ when cmp x y = 0 -> y' + | _ :: ys -> assoc_lbl ~cmp ~default x ys + +- let uniq ?(cmp = Pervasives.compare) xs = ++ let uniq ?(cmp = Stdlib.compare) xs = + let rec loop acc = function + | [] -> acc + | [x] -> x :: acc +diff --git a/daemon/chroot.ml b/daemon/chroot.ml +index 62f387ee..087b5031 100644 +--- a/daemon/chroot.ml ++++ b/daemon/chroot.ml +@@ -51,7 +51,7 @@ let f t func arg = + try + let chan = out_channel_of_descr wfd in + output_value chan ret; +- Pervasives.flush chan; ++ Stdlib.flush chan; + Exit._exit 0 + with + exn -> +diff --git a/docs/guestfs-building.pod b/docs/guestfs-building.pod +index b9bc885a..33703a96 100644 +--- a/docs/guestfs-building.pod ++++ b/docs/guestfs-building.pod +@@ -119,7 +119,7 @@ virt tools which are still written in Perl. + + I. Part of Perl core. + +-=item OCaml E 4.04 ++=item OCaml E 4.07 + + =item OCaml findlib + +diff --git a/generator/pr.ml b/generator/pr.ml +index d7e6eba3..ed6e9372 100644 +--- a/generator/pr.ml ++++ b/generator/pr.ml +@@ -25,7 +25,7 @@ open Std_utils + open Utils + + (* Output channel, 'pr' prints to this. *) +-let chan = ref Pervasives.stdout ++let chan = ref Stdlib.stdout + + (* Number of lines generated. *) + let lines = ref 0 +@@ -53,7 +53,7 @@ let output_to ?(perm = 0o444) filename k = + chan := open_out filename_new; + k (); + close_out !chan; +- chan := Pervasives.stdout; ++ chan := Stdlib.stdout; + + (* Is the new file different from the current file? *) + if Sys.file_exists filename && files_equal filename filename_new then +diff --git a/m4/guestfs-ocaml.m4 b/m4/guestfs-ocaml.m4 +index 51072c1a..e850fb8c 100644 +--- a/m4/guestfs-ocaml.m4 ++++ b/m4/guestfs-ocaml.m4 +@@ -38,10 +38,10 @@ AC_ARG_ENABLE([ocaml], + [], + [enable_ocaml=yes]) + +-dnl OCaml >= 4.04 is required. +-ocaml_ver_str=4.04 ++dnl OCaml >= 4.07 is required. ++ocaml_ver_str=4.07 + ocaml_min_major=4 +-ocaml_min_minor=4 ++ocaml_min_minor=7 + AC_MSG_CHECKING([if OCaml version >= $ocaml_ver_str]) + ocaml_major="`echo $OCAMLVERSION | $AWK -F. '{print $1}'`" + ocaml_minor="`echo $OCAMLVERSION | $AWK -F. '{print $2}' | sed 's/^0//'`" diff --git a/SOURCES/0014-introduce-the-clevis_luks_unlock-API.patch b/SOURCES/0014-introduce-the-clevis_luks_unlock-API.patch deleted file mode 100644 index 10db265..0000000 --- a/SOURCES/0014-introduce-the-clevis_luks_unlock-API.patch +++ /dev/null @@ -1,252 +0,0 @@ -From 51ea2e3af9caa434e847ca74a86f5de5ade6058f Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Thu, 30 Jun 2022 14:20:47 +0200 -Subject: [PATCH] introduce the "clevis_luks_unlock" API - -Introduce a new guestfs API called "clevis_luks_unlock". At the libguestfs -level, it is quite simple; it wraps the "clevis luks unlock" guest command -(implemented by the "clevis-luks-unlock" executable, which is in fact a -shell script). - -The complexity is instead in the network-based disk encryption -(Clevis/Tang) scheme. Useful documentation: - -- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html-single/security_hardening/index#configuring-automated-unlocking-of-encrypted-volumes-using-policy-based-decryption_security-hardening -- https://github.com/latchset/clevis#clevis -- https://github.com/latchset/tang#tang - -The package providing "clevis-luks-unlock" is usually called -"clevis-luks", occasionally "clevis". Some distros don't package clevis at -all. Add the new API under a new option group (which may not be available) -called "clevisluks". - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1809453 -Signed-off-by: Laszlo Ersek -Message-Id: <20220630122048.19335-3-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -(cherry picked from commit 9a3e9a6c03eaffe60196bc4c7ae4699beae01dc3) ---- - appliance/packagelist.in | 4 +++ - daemon/Makefile.am | 1 + - daemon/clevis-luks.c | 58 +++++++++++++++++++++++++++++++++++++++ - generator/actions_core.ml | 40 +++++++++++++++++++++++++++ - generator/proc_nr.ml | 1 + - lib/MAX_PROC_NR | 2 +- - lib/guestfs.pod | 19 ++++++++++--- - 7 files changed, 120 insertions(+), 5 deletions(-) - create mode 100644 daemon/clevis-luks.c - -diff --git a/appliance/packagelist.in b/appliance/packagelist.in -index 77a07acc6..0b79edcdd 100644 ---- a/appliance/packagelist.in -+++ b/appliance/packagelist.in -@@ -23,6 +23,7 @@ dnl Basically the same with a few minor tweaks. - ifelse(UBUNTU,1,`define(`DEBIAN',1)') - - ifelse(REDHAT,1, -+ clevis-luks - cryptsetup - cryptsetup-luks dnl old name used before Fedora 17 - dhclient -@@ -53,6 +54,7 @@ ifelse(DEBIAN,1, - bsdmainutils - dnl old name used in Jessie and earlier - btrfs-tools -+ clevis-luks - cryptsetup - dash - extlinux -@@ -92,6 +94,7 @@ dnl iproute has been renamed to iproute2 - ifelse(ARCHLINUX,1, - cdrkit - cdrtools -+ clevis - cryptsetup - dhclient - dhcpcd -@@ -119,6 +122,7 @@ ifelse(SUSE,1, - augeas-lenses - btrfsprogs - cdrkit-cdrtools-compat -+ clevis - cryptsetup - dhcpcd - dhcp-client -diff --git a/daemon/Makefile.am b/daemon/Makefile.am -index bbd49f9ea..f50faecd6 100644 ---- a/daemon/Makefile.am -+++ b/daemon/Makefile.am -@@ -98,6 +98,7 @@ guestfsd_SOURCES = \ - cap.c \ - checksum.c \ - cleanups.c \ -+ clevis-luks.c \ - cmp.c \ - command.c \ - command.h \ -diff --git a/daemon/clevis-luks.c b/daemon/clevis-luks.c -new file mode 100644 -index 000000000..d3d970d78 ---- /dev/null -+++ b/daemon/clevis-luks.c -@@ -0,0 +1,58 @@ -+/* libguestfs - the guestfsd daemon -+ * Copyright (C) 2009-2022 Red Hat Inc. -+ * -+ * This program is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 2 of the License, or -+ * (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -+ */ -+ -+#include -+ -+#include "daemon.h" -+#include "actions.h" -+#include "optgroups.h" -+ -+#define MAX_ARGS 8 -+ -+int -+optgroup_clevisluks_available (void) -+{ -+ return prog_exists ("clevis-luks-unlock"); -+} -+ -+int -+do_clevis_luks_unlock (const char *device, const char *mapname) -+{ -+ const char *argv[MAX_ARGS]; -+ size_t i = 0; -+ int r; -+ CLEANUP_FREE char *err = NULL; -+ -+ ADD_ARG (argv, i, "clevis"); -+ ADD_ARG (argv, i, "luks"); -+ ADD_ARG (argv, i, "unlock"); -+ ADD_ARG (argv, i, "-d"); -+ ADD_ARG (argv, i, device); -+ ADD_ARG (argv, i, "-n"); -+ ADD_ARG (argv, i, mapname); -+ ADD_ARG (argv, i, NULL); -+ -+ r = commandv (NULL, &err, argv); -+ if (r == -1) { -+ reply_with_error ("%s: %s: %s", device, mapname, err); -+ return -1; -+ } -+ -+ udev_settle (); -+ return 0; -+} -diff --git a/generator/actions_core.ml b/generator/actions_core.ml -index 6cd42a290..3c9b0a9b2 100644 ---- a/generator/actions_core.ml -+++ b/generator/actions_core.ml -@@ -9676,4 +9676,44 @@ and I the name of the underlying block device." }; - shortdesc = "read directories entries"; - longdesc = "Internal function for readdir." }; - -+ { defaults with -+ name = "clevis_luks_unlock"; added = (1, 49, 3); -+ style = RErr, -+ [String (Device, "device"); String (PlainString, "mapname")], -+ []; -+ optional = Some "clevisluks"; -+ test_excuse = "needs networking and a configured Tang server"; -+ shortdesc = "open an encrypted LUKS block device with Clevis and Tang"; -+ longdesc = "\ -+This command opens a block device that has been encrypted according to -+the Linux Unified Key Setup (LUKS) standard, using network-bound disk -+encryption (NBDE). -+ -+C is the encrypted block device. -+ -+The appliance will connect to the Tang servers noted in the tree of -+Clevis pins that is bound to a keyslot of the LUKS header. The Clevis -+pin tree may comprise C (redudancy) pins as internal nodes -+(optionally), and C pins as leaves. C pins are not -+supported. The appliance unlocks the encrypted block device by -+combining responses from the Tang servers with metadata from the LUKS -+header; there is no C parameter. -+ -+This command will fail if networking has not been enabled for the -+appliance. Refer to C. -+ -+The command creates a new block device called F. -+Reads and writes to this block device are decrypted from and encrypted -+to the underlying C respectively. Close the decrypted block -+device with C. -+ -+C cannot be C<\"control\"> because that name is reserved by -+device-mapper. -+ -+If this block device contains LVM volume groups, then calling -+C with the C parameter C will make -+them visible. -+ -+Use C to list all device mapper devices." }; -+ - ] -diff --git a/generator/proc_nr.ml b/generator/proc_nr.ml -index bdced51c9..edd9bd99d 100644 ---- a/generator/proc_nr.ml -+++ b/generator/proc_nr.ml -@@ -514,6 +514,7 @@ let proc_nr = [ - 509, "cryptsetup_close"; - 510, "internal_list_rpm_applications"; - 511, "internal_readdir"; -+512, "clevis_luks_unlock" - ] - - (* End of list. If adding a new entry, add it at the end of the list -diff --git a/lib/MAX_PROC_NR b/lib/MAX_PROC_NR -index c0556fb20..4d0e90cbc 100644 ---- a/lib/MAX_PROC_NR -+++ b/lib/MAX_PROC_NR -@@ -1 +1 @@ --511 -+512 -diff --git a/lib/guestfs.pod b/lib/guestfs.pod -index 946ce2d36..0fbe114a5 100644 ---- a/lib/guestfs.pod -+++ b/lib/guestfs.pod -@@ -591,11 +591,22 @@ For Windows BitLocker it returns C. - Then open these devices by calling L. - Obviously you will require the passphrase! - -+Passphrase-less unlocking is supported for LUKS (not BitLocker) -+block devices that have been encrypted with network-bound disk -+encryption (NBDE), using Clevis on the Linux guest side, and -+Tang on a separate Linux server. Open such devices with -+L. The appliance will need -+networking enabled (refer to L) and actual -+connectivity to the Tang servers noted in the C Clevis -+pins that are bound to the LUKS header. (This includes the -+ability to resolve the names of the Tang servers.) -+ - Opening an encrypted device creates a new device mapper device --called F (where C is the --string you supply to L). --Reads and writes to this mapper device are decrypted from and --encrypted to the underlying block device respectively. -+called F (where C is the string -+you supply to L or -+L). Reads and writes to this mapper -+device are decrypted from and encrypted to the underlying block -+device respectively. - - LVM volume groups on the device can be made visible by calling - L followed by L. --- -2.31.1 - diff --git a/SOURCES/0015-fuse-Don-t-call-fclose-NULL-on-error-paths.patch b/SOURCES/0015-fuse-Don-t-call-fclose-NULL-on-error-paths.patch new file mode 100644 index 0000000..963b36e --- /dev/null +++ b/SOURCES/0015-fuse-Don-t-call-fclose-NULL-on-error-paths.patch @@ -0,0 +1,62 @@ +From 1cdc22fa656a44320e9c53401130e98f536c9759 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Mon, 22 May 2023 17:15:39 +0100 +Subject: [PATCH] fuse: Don't call fclose(NULL) on error paths +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Various errors like this: + +In function ‘test_fuse’, + inlined from ‘main’ at test-fuse.c:133:11: +test-fuse.c:274:5: error: argument 1 null where non-null expected [-Werror=nonnull] + 274 | fclose (fp); + | ^~~~~~~~~~~ +In file included from test-fuse.c:26: +/usr/include/stdio.h: In function ‘main’: +/usr/include/stdio.h:183:12: note: in a call to function ‘fclose’ declared ‘nonnull’ + 183 | extern int fclose (FILE *__stream) __nonnull ((1)); + | ^~~~~~ + +(cherry picked from commit ca20f27cb0898c347e49b543a8acdfb0a8a8fa7e) +--- + fuse/test-fuse.c | 4 ---- + 1 file changed, 4 deletions(-) + +diff --git a/fuse/test-fuse.c b/fuse/test-fuse.c +index 9c0db594..90a78dc7 100644 +--- a/fuse/test-fuse.c ++++ b/fuse/test-fuse.c +@@ -271,7 +271,6 @@ test_fuse (void) + fp = fopen ("hello.txt", "r"); + if (fp == NULL) { + perror ("open: hello.txt"); +- fclose (fp); + return -1; + } + if (getline (&line, &len, fp) == -1) { +@@ -289,7 +288,6 @@ test_fuse (void) + fp = fopen ("world.txt", "r"); + if (fp == NULL) { + perror ("open: world.txt"); +- fclose (fp); + return -1; + } + if (getline (&line, &len, fp) == -1) { +@@ -352,7 +350,6 @@ test_fuse (void) + fp = fopen ("new", "w"); + if (fp == NULL) { + perror ("open: new"); +- fclose (fp); + return -1; + } + fclose (fp); +@@ -615,7 +612,6 @@ test_fuse (void) + fp = fopen ("new.txt", "w"); + if (fp == NULL) { + perror ("open: new.txt"); +- fclose (fp); + return -1; + } + for (u = 0; u < 1000; ++u) { diff --git a/SOURCES/0015-guestfish-guestmount-enable-networking-for-key-ID-cl.patch b/SOURCES/0015-guestfish-guestmount-enable-networking-for-key-ID-cl.patch deleted file mode 100644 index c4a406e..0000000 --- a/SOURCES/0015-guestfish-guestmount-enable-networking-for-key-ID-cl.patch +++ /dev/null @@ -1,69 +0,0 @@ -From 5ae97d7d83d8cdb6e8428774282167dd774aaf70 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Thu, 30 Jun 2022 14:20:48 +0200 -Subject: [PATCH] guestfish, guestmount: enable networking for "--key - ID:clevis" - -Call the C-language helper key_store_requires_network() in guestfish and -guestmount. - -(Short log for the "common" submodule, commit range -35467027f657..af6cb55bc58a: - -Laszlo Ersek (12): - options: fix UUID comparison logic bug in get_keys() - mltools/tools_utils: remove unused function "key_store_to_cli" - mltools/tools_utils: allow multiple "--key" options for OCaml tools too - options: replace NULL-termination with number-of-elements in get_keys() - options: wrap each passphrase from get_keys() into a struct - options: add back-end for LUKS decryption with Clevis+Tang - options: introduce selector type "key_clevis" - options: generalize "--key" selector parsing for C-language utilities - mltools/tools_utils-c: handle internal type error with abort() - mltools/tools_utils: generalize "--key" selector parsing for OCaml utils - options, mltools/tools_utils: parse "--key ID:clevis" options - options, mltools/tools_utils: add helper for network dependency -). - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1809453 -Signed-off-by: Laszlo Ersek -Reviewed-by: Richard W.M. Jones -Message-Id: <20220630122048.19335-4-lersek@redhat.com> -(cherry picked from commit 6a5b44f538065a9f661510234a4235bf38348213) ---- - fish/fish.c | 3 +++ - fuse/guestmount.c | 4 ++++ - 2 files changed, 7 insertions(+) - -diff --git a/fish/fish.c b/fish/fish.c -index 23d9bb94f..19e3d2799 100644 ---- a/fish/fish.c -+++ b/fish/fish.c -@@ -476,6 +476,9 @@ main (int argc, char *argv[]) - /* If we've got drives to add, add them now. */ - add_drives (drvs); - -+ if (key_store_requires_network (ks) && guestfs_set_network (g, 1) == -1) -+ exit (EXIT_FAILURE); -+ - /* If we've got mountpoints or prepared drives or -i option, we must - * launch the guest and mount them. - */ -diff --git a/fuse/guestmount.c b/fuse/guestmount.c -index 77c534828..3c6d57bde 100644 ---- a/fuse/guestmount.c -+++ b/fuse/guestmount.c -@@ -348,6 +348,10 @@ main (int argc, char *argv[]) - - /* Do the guest drives and mountpoints. */ - add_drives (drvs); -+ -+ if (key_store_requires_network (ks) && guestfs_set_network (g, 1) == -1) -+ exit (EXIT_FAILURE); -+ - if (guestfs_launch (g) == -1) - exit (EXIT_FAILURE); - if (inspector) --- -2.31.1 - diff --git a/SOURCES/0016-daemon-Add-zstd-support-to-guestfs_file_architecture.patch b/SOURCES/0016-daemon-Add-zstd-support-to-guestfs_file_architecture.patch deleted file mode 100644 index 922609e..0000000 --- a/SOURCES/0016-daemon-Add-zstd-support-to-guestfs_file_architecture.patch +++ /dev/null @@ -1,182 +0,0 @@ -From 4807dacb577167b89cb5ffb1fa1a68ddf30b9319 Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Tue, 9 Aug 2022 18:39:30 +0100 -Subject: [PATCH] daemon: Add zstd support to guestfs_file_architecture - -This is required so we can determine the file architecture of -zstd-compressed Linux kernel modules as used by OpenSUSE and maybe -other distros in future. - -Note that zstd becomes a required package, but it is widely available -in current Linux distros. - -The package names come from https://pkgs.org/download/zstd and my own -research. - -(cherry picked from commit 0e784824e82a88e522873fec5db1a11943d637ed) ---- - .gitignore | 1 + - appliance/packagelist.in | 6 ++++++ - daemon/filearch.ml | 1 + - docs/guestfs-building.pod | 4 ++++ - generator/actions_core.ml | 2 ++ - m4/guestfs-progs.m4 | 4 ++++ - test-data/Makefile.am | 1 + - test-data/files/Makefile.am | 6 ++++++ - 8 files changed, 25 insertions(+) - -diff --git a/.gitignore b/.gitignore -index 356c01fbd..ee5ea74dd 100644 ---- a/.gitignore -+++ b/.gitignore -@@ -448,6 +448,7 @@ Makefile.in - /test-data/files/initrd-x86_64.img - /test-data/files/initrd-x86_64.img.gz - /test-data/files/lib-i586.so.xz -+/test-data/files/lib-i586.so.zst - /test-data/files/test-grep.txt.gz - /test-data/phony-guests/archlinux.img - /test-data/phony-guests/blank-*.img -diff --git a/appliance/packagelist.in b/appliance/packagelist.in -index 0b79edcdd..0fc11f6ae 100644 ---- a/appliance/packagelist.in -+++ b/appliance/packagelist.in -@@ -48,6 +48,7 @@ ifelse(REDHAT,1, - vim-minimal - xz - zfs-fuse -+ zstd - ) - - ifelse(DEBIAN,1, -@@ -88,6 +89,7 @@ dnl iproute has been renamed to iproute2 - vim-tiny - xz-utils - zfs-fuse -+ zstd - uuid-runtime - ) - -@@ -115,6 +117,7 @@ ifelse(ARCHLINUX,1, - systemd - vim - xz -+ zstd - ) - - ifelse(SUSE,1, -@@ -140,6 +143,7 @@ ifelse(SUSE,1, - systemd-sysvinit - vim - xz -+ zstd - ) - - ifelse(FRUGALWARE,1, -@@ -185,6 +189,7 @@ ifelse(MAGEIA,1, - systemd /* for /sbin/reboot and udevd */ - vim-minimal - xz -+ zstd - ) - - ifelse(OPENMANDRIVA,1, -@@ -203,6 +208,7 @@ ifelse(OPENMANDRIVA,1, - systemd /* for /sbin/reboot and udevd */ - vim-minimal - xz -+ zstd - ) - - include(guestfsd.deps) -diff --git a/daemon/filearch.ml b/daemon/filearch.ml -index 67a7339e0..4d7e912c0 100644 ---- a/daemon/filearch.ml -+++ b/daemon/filearch.ml -@@ -106,6 +106,7 @@ and cpio_arch magic orig_path path = - if String.find magic "gzip" >= 0 then "zcat" - else if String.find magic "bzip2" >= 0 then "bzcat" - else if String.find magic "XZ compressed" >= 0 then "xzcat" -+ else if String.find magic "Zstandard compressed" >= 0 then "zstdcat" - else "cat" in - - let tmpdir = Mkdtemp.temp_dir "filearch" in -diff --git a/docs/guestfs-building.pod b/docs/guestfs-building.pod -index b93a611a6..7a7240f78 100644 ---- a/docs/guestfs-building.pod -+++ b/docs/guestfs-building.pod -@@ -172,6 +172,10 @@ I. - - I. - -+=item zstd -+ -+I. -+ - =item Jansson E 2.7 - - I. -diff --git a/generator/actions_core.ml b/generator/actions_core.ml -index 3c9b0a9b2..553e4ec3b 100644 ---- a/generator/actions_core.ml -+++ b/generator/actions_core.ml -@@ -9373,6 +9373,8 @@ with large files, such as the resulting squashfs will be over 3GB big." }; - [["file_architecture"; "/bin-x86_64-dynamic.gz"]], "x86_64"), []; - InitISOFS, Always, TestResultString ( - [["file_architecture"; "/lib-i586.so.xz"]], "i386"), []; -+ InitISOFS, Always, TestResultString ( -+ [["file_architecture"; "/lib-i586.so.zst"]], "i386"), []; - ]; - shortdesc = "detect the architecture of a binary file"; - longdesc = "\ -diff --git a/m4/guestfs-progs.m4 b/m4/guestfs-progs.m4 -index cd8662e86..22fc61367 100644 ---- a/m4/guestfs-progs.m4 -+++ b/m4/guestfs-progs.m4 -@@ -95,6 +95,10 @@ AC_PATH_PROGS([XZCAT],[xzcat],[no]) - test "x$XZCAT" = "xno" && AC_MSG_ERROR([xzcat must be installed]) - AC_DEFINE_UNQUOTED([XZCAT],["$XZCAT"],[Name of xzcat program.]) - -+dnl Check for zstdcat (required). -+AC_PATH_PROGS([ZSTDCAT],[zstdcat],[no]) -+test "x$ZSTDCAT" = "xno" && AC_MSG_ERROR([zstdcat must be installed]) -+ - dnl (f)lex and bison for virt-builder (required). - dnl XXX Could be optional with some work. - AC_PROG_LEX -diff --git a/test-data/Makefile.am b/test-data/Makefile.am -index b603311a1..dbecd74b9 100644 ---- a/test-data/Makefile.am -+++ b/test-data/Makefile.am -@@ -85,6 +85,7 @@ image_files = \ - files/initrd-x86_64.img \ - files/initrd-x86_64.img.gz \ - files/lib-i586.so.xz \ -+ files/lib-i586.so.zst \ - files/test-grep.txt.gz - - noinst_DATA = test.iso -diff --git a/test-data/files/Makefile.am b/test-data/files/Makefile.am -index a3d7288f9..06b0c6585 100644 ---- a/test-data/files/Makefile.am -+++ b/test-data/files/Makefile.am -@@ -40,6 +40,7 @@ noinst_DATA = \ - initrd-x86_64.img \ - initrd-x86_64.img.gz \ - lib-i586.so.xz \ -+ lib-i586.so.zst \ - test-grep.txt.gz - - CLEANFILES += $(noinst_DATA) -@@ -116,3 +117,8 @@ lib-i586.so.xz: $(top_srcdir)/test-data/binaries/lib-i586.so - rm -f $@ $@-t - xz -c $< > $@-t - mv $@-t $@ -+ -+lib-i586.so.zst: $(top_srcdir)/test-data/binaries/lib-i586.so -+ rm -f $@ $@-t -+ zstd -c $< > $@-t -+ mv $@-t $@ --- -2.31.1 - diff --git a/SOURCES/0016-ocaml-implicit_close-test-collect-all-currently-unre.patch b/SOURCES/0016-ocaml-implicit_close-test-collect-all-currently-unre.patch new file mode 100644 index 0000000..8ad4455 --- /dev/null +++ b/SOURCES/0016-ocaml-implicit_close-test-collect-all-currently-unre.patch @@ -0,0 +1,38 @@ +From feb17e93b4e58131cf6875c4ae638a791a875a22 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?J=C3=BCrgen=20H=C3=B6tzel?= +Date: Sat, 27 May 2023 15:32:36 +0200 +Subject: [PATCH] ocaml/implicit_close test: collect all currently unreachable + blocks + +Fixes failing implice_close test on OCaml 5. + +RWMJ: + +I adjusted this patch so that we continue to call Gc.compact on +exiting the test, to move all of the heap (hopefully revealing flaws +in the bindings). This only works on OCaml <= 4, but Gc.compact may +be fixed/reimplemented later in the 5.x series. + +Please see also the lengthy discussion of this patch upstream: +https://listman.redhat.com/archives/libguestfs/2023-May/thread.html#31639 +https://listman.redhat.com/archives/libguestfs/2023-June/thread.html#31709 +https://discuss.ocaml.org/t/ocaml-heap-fsck-and-forcing-collection-of-unreachable-objects/12281/1 + +(cherry picked from commit 1274452d225da71f115e0cb8ad435e02670dc4fb) +--- + ocaml/t/guestfs_065_implicit_close.ml | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ocaml/t/guestfs_065_implicit_close.ml b/ocaml/t/guestfs_065_implicit_close.ml +index 567e550b..f2dfecbd 100644 +--- a/ocaml/t/guestfs_065_implicit_close.ml ++++ b/ocaml/t/guestfs_065_implicit_close.ml +@@ -30,7 +30,7 @@ let () = + *) + + (* This should cause the GC to close the handle. *) +-let () = Gc.compact () ++let () = Gc.full_major () + + let () = assert (!close_invoked = 1) + diff --git a/SOURCES/0017-New-API-inspect_get_build_id.patch b/SOURCES/0017-New-API-inspect_get_build_id.patch deleted file mode 100644 index 479c0cc..0000000 --- a/SOURCES/0017-New-API-inspect_get_build_id.patch +++ /dev/null @@ -1,184 +0,0 @@ -From 7dbcddd5bd5939493db74843593316f7101f8fde Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Thu, 1 Dec 2022 10:00:46 +0000 -Subject: [PATCH] New API: inspect_get_build_id - -Add an API to return the build ID of the guest. This to allow a -future change to be able to distinguish between Windows 10 and Windows 11 -which can only be done using the build ID. - -For Windows we can read the CurrentBuildNumber key from the registry. -For Linux there happens to be a BUILD_ID field in /etc/os-release. -I've never seen a Linux distro that actually uses this. - -Reviewed-by: Laszlo Ersek -(cherry picked from commit f3dd67affe3c657af64ee9f6d70a16e965309556) ---- - daemon/inspect.ml | 6 ++++++ - daemon/inspect_fs_unix.ml | 2 ++ - daemon/inspect_fs_windows.ml | 14 ++++++++++++++ - daemon/inspect_types.ml | 5 +++++ - daemon/inspect_types.mli | 1 + - generator/actions_inspection.ml | 19 +++++++++++++++++++ - generator/proc_nr.ml | 3 ++- - lib/MAX_PROC_NR | 2 +- - 8 files changed, 50 insertions(+), 2 deletions(-) - -diff --git a/daemon/inspect.ml b/daemon/inspect.ml -index fb75b4a6c..20217c025 100644 ---- a/daemon/inspect.ml -+++ b/daemon/inspect.ml -@@ -335,6 +335,12 @@ and inspect_get_hostname root = - | Some v -> v - | None -> "unknown" - -+and inspect_get_build_id root = -+ let root = search_for_root root in -+ match root.inspection_data.build_id with -+ | Some v -> v -+ | None -> "unknown" -+ - and inspect_get_windows_systemroot root = - let root = search_for_root root in - match root.inspection_data.windows_systemroot with -diff --git a/daemon/inspect_fs_unix.ml b/daemon/inspect_fs_unix.ml -index 63cb279d0..009195f80 100644 ---- a/daemon/inspect_fs_unix.ml -+++ b/daemon/inspect_fs_unix.ml -@@ -96,6 +96,8 @@ let rec parse_os_release release_file data = - data.product_name <- Some value - else if key = "VERSION_ID" then - parse_os_release_version_id value data -+ else if key = "BUILD_ID" then -+ data.build_id <- Some value - ) values; - - (* If we haven't got all the fields, exit right away. *) -diff --git a/daemon/inspect_fs_windows.ml b/daemon/inspect_fs_windows.ml -index c4a05bc38..7bc5de7f7 100644 ---- a/daemon/inspect_fs_windows.ml -+++ b/daemon/inspect_fs_windows.ml -@@ -263,6 +263,20 @@ and check_windows_software_registry software_hive data = - with - Not_found -> () - ); -+ -+ (* CurrentBuildNumber (build_id). -+ * -+ * In modern Windows, the "CurrentBuild" and "CurrentBuildNumber" -+ * keys are the same. But in Windows XP, "CurrentBuild" -+ * contained something quite different. So always use -+ * "CurrentBuildNumber". -+ *) -+ (try -+ let v = List.assoc "CurrentBuildNumber" values in -+ data.build_id <- Some (Hivex.value_string h v) -+ with -+ Not_found -> () -+ ); - with - | Not_found -> - if verbose () then -diff --git a/daemon/inspect_types.ml b/daemon/inspect_types.ml -index 9395c51f9..328a2146b 100644 ---- a/daemon/inspect_types.ml -+++ b/daemon/inspect_types.ml -@@ -48,6 +48,7 @@ and inspection_data = { - mutable version : version option; - mutable arch : string option; - mutable hostname : string option; -+ mutable build_id : string option; - mutable fstab : fstab_entry list; - mutable windows_systemroot : string option; - mutable windows_software_hive : string option; -@@ -167,6 +168,8 @@ and string_of_inspection_data data = - data.arch; - Option.may (fun v -> bpf " hostname: %s\n" v) - data.hostname; -+ Option.may (fun v -> bpf " build ID: %s\n" v) -+ data.build_id; - if data.fstab <> [] then ( - let v = List.map ( - fun (a, b) -> sprintf "(%s, %s)" (Mountable.to_string a) b -@@ -272,6 +275,7 @@ let null_inspection_data = { - version = None; - arch = None; - hostname = None; -+ build_id = None; - fstab = []; - windows_systemroot = None; - windows_software_hive = None; -@@ -294,6 +298,7 @@ let merge_inspection_data child parent = - parent.version <- merge child.version parent.version; - parent.arch <- merge child.arch parent.arch; - parent.hostname <- merge child.hostname parent.hostname; -+ parent.build_id <- merge child.build_id parent.build_id; - parent.fstab <- child.fstab @ parent.fstab; - parent.windows_systemroot <- - merge child.windows_systemroot parent.windows_systemroot; -diff --git a/daemon/inspect_types.mli b/daemon/inspect_types.mli -index 29c76e8ab..05a3ffd4e 100644 ---- a/daemon/inspect_types.mli -+++ b/daemon/inspect_types.mli -@@ -51,6 +51,7 @@ and inspection_data = { - mutable version : version option; - mutable arch : string option; - mutable hostname : string option; -+ mutable build_id : string option; - mutable fstab : fstab_entry list; - mutable windows_systemroot : string option; - mutable windows_software_hive : string option; -diff --git a/generator/actions_inspection.ml b/generator/actions_inspection.ml -index f8b744993..70de22ec0 100644 ---- a/generator/actions_inspection.ml -+++ b/generator/actions_inspection.ml -@@ -529,6 +529,25 @@ hive is a valid Windows Registry hive. - - You can use C to read or write to the hive. - -+Please read L for more details." }; -+ -+ { defaults with -+ name = "inspect_get_build_id"; added = (1, 49, 8); -+ style = RString (RPlainString, "buildid"), [String (Mountable, "root")], []; -+ impl = OCaml "Inspect.inspect_get_build_id"; -+ shortdesc = "get the system build ID"; -+ longdesc = "\ -+This returns the build ID of the system, or the string -+C<\"unknown\"> if the system does not have a build ID. -+ -+For Windows, this gets the build number. Although it is -+returned as a string, it is (so far) always a number. See -+L -+for some possible values. -+ -+For Linux, this returns the C string from -+F, although this is not often used. -+ - Please read L for more details." }; - - { defaults with -diff --git a/generator/proc_nr.ml b/generator/proc_nr.ml -index edd9bd99d..0f17b1c06 100644 ---- a/generator/proc_nr.ml -+++ b/generator/proc_nr.ml -@@ -514,7 +514,8 @@ let proc_nr = [ - 509, "cryptsetup_close"; - 510, "internal_list_rpm_applications"; - 511, "internal_readdir"; --512, "clevis_luks_unlock" -+512, "clevis_luks_unlock"; -+513, "inspect_get_build_id"; - ] - - (* End of list. If adding a new entry, add it at the end of the list -diff --git a/lib/MAX_PROC_NR b/lib/MAX_PROC_NR -index 4d0e90cbc..31cf34b8d 100644 ---- a/lib/MAX_PROC_NR -+++ b/lib/MAX_PROC_NR -@@ -1 +1 @@ --512 -+513 --- -2.31.1 - diff --git a/SOURCES/0017-ocaml-Replace-old-enter-leave_blocking_section-calls.patch b/SOURCES/0017-ocaml-Replace-old-enter-leave_blocking_section-calls.patch new file mode 100644 index 0000000..3eeb410 --- /dev/null +++ b/SOURCES/0017-ocaml-Replace-old-enter-leave_blocking_section-calls.patch @@ -0,0 +1,70 @@ +From dd58abc40175f735f6fe2669c34c67e6190e557d Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 27 Jun 2023 10:17:58 +0100 +Subject: [PATCH] ocaml: Replace old enter/leave_blocking_section calls + +Since OCaml 4 the old and confusing caml_enter_blocking_section and +caml_leave_blocking_section calls have been replaced with +caml_release_runtime_system and caml_acquire_runtime_system (in that +order). Use the new names. + +(cherry picked from commit 7e1d7c1330185a1f3da2ce2100f59637518c3302) +--- + generator/OCaml.ml | 5 +++-- + ocaml/guestfs-c.c | 5 +++-- + 2 files changed, 6 insertions(+), 4 deletions(-) + +diff --git a/generator/OCaml.ml b/generator/OCaml.ml +index 02d9ee2e..07ccd269 100644 +--- a/generator/OCaml.ml ++++ b/generator/OCaml.ml +@@ -429,6 +429,7 @@ and generate_ocaml_c () = + #include + #include + #include ++#include + + #include + #include \"guestfs-utils.h\" +@@ -689,12 +690,12 @@ copy_table (char * const * argv) + pr "\n"; + + if blocking then +- pr " caml_enter_blocking_section ();\n"; ++ pr " caml_release_runtime_system ();\n"; + pr " r = %s " c_function; + generate_c_call_args ~handle:"g" style; + pr ";\n"; + if blocking then +- pr " caml_leave_blocking_section ();\n"; ++ pr " caml_acquire_runtime_system ();\n"; + + (* Free strings if we copied them above. *) + List.iter ( +diff --git a/ocaml/guestfs-c.c b/ocaml/guestfs-c.c +index 3888c945..8c8aa460 100644 +--- a/ocaml/guestfs-c.c ++++ b/ocaml/guestfs-c.c +@@ -34,6 +34,7 @@ + #include + #include + #include ++#include + #include + + #include "guestfs-c.h" +@@ -395,12 +396,12 @@ event_callback_wrapper (guestfs_h *g, + /* Ensure we are holding the GC lock before any GC operations are + * possible. (RHBZ#725824) + */ +- caml_leave_blocking_section (); ++ caml_acquire_runtime_system (); + + event_callback_wrapper_locked (g, data, event, event_handle, flags, + buf, buf_len, array, array_len); + +- caml_enter_blocking_section (); ++ caml_release_runtime_system (); + } + + value diff --git a/SOURCES/0018-lib-Return-correct-osinfo-field-for-Windows-11.patch b/SOURCES/0018-lib-Return-correct-osinfo-field-for-Windows-11.patch deleted file mode 100644 index a4f7d30..0000000 --- a/SOURCES/0018-lib-Return-correct-osinfo-field-for-Windows-11.patch +++ /dev/null @@ -1,82 +0,0 @@ -From 363bbb7e9bd39fc1683fb600c76266f67ad2063c Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Thu, 1 Dec 2022 10:14:43 +0000 -Subject: [PATCH] lib: Return correct osinfo field for Windows 11 - -For Windows Client, we can only distinguish between Windows 10 and -Windows 11 using the build ID. The product name in both cases is -"Windows 10 ", apparently intentionally. - -References: -https://learn.microsoft.com/en-us/answers/questions/586619/windows-11-build-ver-is-still-10022000194.html -https://github.com/cygwin/cygwin/blob/a263fe0b268580273c1adc4b1bad256147990222/winsup/cygwin/wincap.cc#L429 -https://en.wikipedia.org/wiki/List_of_Microsoft_Windows_versions - -After this fix, the output of virt-inspector changes to this, which is -a bit odd, but correct: - - windows - x86_64 - windows - Windows 10 Pro - Client - 10 - 0 - /Windows - ControlSet001 - win11 - -Thanks: Yaakov Selkowitz -Reported-by: Yongkui Guo -Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2012658 -Reviewed-by: Laszlo Ersek -(cherry picked from commit 824c7457489366494f0f10fd3369dc30f3a3c360) ---- - lib/inspect-osinfo.c | 24 ++++++++++++++++++++++-- - 1 file changed, 22 insertions(+), 2 deletions(-) - -diff --git a/lib/inspect-osinfo.c b/lib/inspect-osinfo.c -index 90e57e6df..1c10ff469 100644 ---- a/lib/inspect-osinfo.c -+++ b/lib/inspect-osinfo.c -@@ -86,6 +86,8 @@ guestfs_impl_inspect_get_osinfo (guestfs_h *g, const char *root) - else if (STREQ (type, "windows")) { - CLEANUP_FREE char *product_name = NULL; - CLEANUP_FREE char *product_variant = NULL; -+ CLEANUP_FREE char *build_id_str = NULL; -+ int build_id; - - product_name = guestfs_inspect_get_product_name (g, root); - if (!product_name) -@@ -142,8 +144,26 @@ guestfs_impl_inspect_get_osinfo (guestfs_h *g, const char *root) - return safe_strdup (g, "win2k19"); - else - return safe_strdup (g, "win2k16"); -- } else -- return safe_strdup (g, "win10"); -+ } -+ else { -+ /* For Windows >= 10 Client we can only distinguish between -+ * versions by looking at the build ID. See: -+ * https://learn.microsoft.com/en-us/answers/questions/586619/windows-11-build-ver-is-still-10022000194.html -+ * https://github.com/cygwin/cygwin/blob/a263fe0b268580273c1adc4b1bad256147990222/winsup/cygwin/wincap.cc#L429 -+ */ -+ build_id_str = guestfs_inspect_get_build_id (g, root); -+ if (!build_id_str) -+ return NULL; -+ -+ build_id = guestfs_int_parse_unsigned_int (g, build_id_str); -+ if (build_id == -1) -+ return NULL; -+ -+ if (build_id >= 22000) -+ return safe_strdup (g, "win11"); -+ else -+ return safe_strdup (g, "win10"); -+ } - } - break; - } --- -2.31.1 - diff --git a/SOURCES/0018-ocaml-Release-runtime-lock-around-guestfs_close.patch b/SOURCES/0018-ocaml-Release-runtime-lock-around-guestfs_close.patch new file mode 100644 index 0000000..034dafd --- /dev/null +++ b/SOURCES/0018-ocaml-Release-runtime-lock-around-guestfs_close.patch @@ -0,0 +1,28 @@ +From e2110f72069f184c87df348247e8f3106c81d44a Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 27 Jun 2023 11:36:55 +0100 +Subject: [PATCH] ocaml: Release runtime lock around guestfs_close + +When finalizing the handle we call guestfs_close. This function could +be long-running (eg. it may have to shut down the qemu subprocess), so +release the runtime lock. + +(cherry picked from commit 4a79c023e57e07844c2ac3259aaf9b885e402fdf) +--- + ocaml/guestfs-c.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/ocaml/guestfs-c.c b/ocaml/guestfs-c.c +index 8c8aa460..a1865a72 100644 +--- a/ocaml/guestfs-c.c ++++ b/ocaml/guestfs-c.c +@@ -77,7 +77,9 @@ guestfs_finalize (value gv) + * above, which is why we don't want to delete them before + * closing the handle. + */ ++ caml_release_runtime_system (); + guestfs_close (g); ++ caml_acquire_runtime_system (); + + /* Now unregister the global roots. */ + if (roots && len > 0) { diff --git a/SOURCES/0019-ocaml-Conditionally-acquire-the-lock-in-callbacks.patch b/SOURCES/0019-ocaml-Conditionally-acquire-the-lock-in-callbacks.patch new file mode 100644 index 0000000..65d0723 --- /dev/null +++ b/SOURCES/0019-ocaml-Conditionally-acquire-the-lock-in-callbacks.patch @@ -0,0 +1,73 @@ +From e42cd859265c34d2013a45b742d4c36bb7617445 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 27 Jun 2023 12:09:12 +0100 +Subject: [PATCH] ocaml: Conditionally acquire the lock in callbacks +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This fix was originally suggested by Jürgen Hötzel (link below) which +I have lightly modified so it works with OCaml <= 4 too. + +Link: https://listman.redhat.com/archives/libguestfs/2023-May/031640.html +Link: https://discuss.ocaml.org/t/test-caml-state-and-conditionally-caml-acquire-runtime-system-good-or-bad/12489 +(cherry picked from commit 16464878cf980ffab1c1aeada2e438b0281ad1bc) +--- + ocaml/guestfs-c.c | 25 +++++++++++++++++++++++-- + 1 file changed, 23 insertions(+), 2 deletions(-) + +diff --git a/ocaml/guestfs-c.c b/ocaml/guestfs-c.c +index a1865a72..67dc3547 100644 +--- a/ocaml/guestfs-c.c ++++ b/ocaml/guestfs-c.c +@@ -19,6 +19,7 @@ + #include + #include + #include ++#include + #include + #include + +@@ -36,6 +37,7 @@ + #include + #include + #include ++#include + + #include "guestfs-c.h" + +@@ -397,13 +399,32 @@ event_callback_wrapper (guestfs_h *g, + { + /* Ensure we are holding the GC lock before any GC operations are + * possible. (RHBZ#725824) ++ * ++ * There are many paths where we already hold the OCaml lock before ++ * this function, for example "non-blocking" calls, and the ++ * libguestfs global atexit path (which calls guestfs_close). To ++ * avoid double acquisition we need to check if we already hold the ++ * lock. OCaml 5 is strict about this. In earlier OCaml versions ++ * there is no way to check, but they did not implement the lock as ++ * a mutex and so it didn't cause problems. ++ * ++ * See also: ++ * https://discuss.ocaml.org/t/test-caml-state-and-conditionally-caml-acquire-runtime-system-good-or-bad/12489 + */ +- caml_acquire_runtime_system (); ++#if OCAML_VERSION_MAJOR >= 5 ++ bool acquired = caml_state != NULL; ++#else ++ const bool acquired = false; ++#endif ++ ++ if (!acquired) ++ caml_acquire_runtime_system (); + + event_callback_wrapper_locked (g, data, event, event_handle, flags, + buf, buf_len, array, array_len); + +- caml_release_runtime_system (); ++ if (!acquired) ++ caml_release_runtime_system (); + } + + value diff --git a/SOURCES/0020-ocaml-Fix-guestfs_065_implicit_close.ml-for-OCaml-5.patch b/SOURCES/0020-ocaml-Fix-guestfs_065_implicit_close.ml-for-OCaml-5.patch new file mode 100644 index 0000000..2bd8857 --- /dev/null +++ b/SOURCES/0020-ocaml-Fix-guestfs_065_implicit_close.ml-for-OCaml-5.patch @@ -0,0 +1,59 @@ +From 7ceafac98d3eb28d25195622cb6dc1158e9c1c2f Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 27 Jun 2023 16:20:49 +0100 +Subject: [PATCH] ocaml: Fix guestfs_065_implicit_close.ml for OCaml 5 + +Link: https://discuss.ocaml.org/t/ocaml-5-forcing-objects-to-be-collected-and-finalized/12492/3 +Thanks: Josh Berdine +Thanks: Vincent Laviron +(cherry picked from commit 7d4e9c927e8478662ece204b98ee3b5b147ab4b9) +--- + ocaml/t/guestfs_065_implicit_close.ml | 33 +++++++++++++++------------ + 1 file changed, 19 insertions(+), 14 deletions(-) + +diff --git a/ocaml/t/guestfs_065_implicit_close.ml b/ocaml/t/guestfs_065_implicit_close.ml +index f2dfecbd..9e68bc4c 100644 +--- a/ocaml/t/guestfs_065_implicit_close.ml ++++ b/ocaml/t/guestfs_065_implicit_close.ml +@@ -16,22 +16,27 @@ + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + *) + +-let close_invoked = ref 0 ++let [@inline never][@local never] run () = ++ let close_invoked = ref 0 in + +-let close _ _ _ _ = +- incr close_invoked ++ let close _ _ _ _ = ++ incr close_invoked ++ in + +-let () = +- let g = new Guestfs.guestfs () in +- ignore (g#set_event_callback close [Guestfs.EVENT_CLOSE]); +- assert (!close_invoked = 0) +-(* Allow the 'g' handle to go out of scope here, to ensure there is no +- * reference held on the stack. +- *) ++ let () = ++ let g = new Guestfs.guestfs () in ++ ignore (g#set_event_callback close [Guestfs.EVENT_CLOSE]); ++ assert (!close_invoked = 0) ++ (* Allow the 'g' handle to go out of scope here, to ensure there is no ++ * reference held on the stack. ++ *) ++ in + +-(* This should cause the GC to close the handle. *) +-let () = Gc.full_major () ++ (* This should cause the GC to close the handle. *) ++ Gc.full_major (); + +-let () = assert (!close_invoked = 1) ++ assert (!close_invoked = 1); + +-let () = Gc.compact () ++ Gc.compact () ++ ++let () = run () diff --git a/SOURCES/0021-ocaml-Use-Caml_state_opt-in-preference-to-caml_state.patch b/SOURCES/0021-ocaml-Use-Caml_state_opt-in-preference-to-caml_state.patch new file mode 100644 index 0000000..c0c7648 --- /dev/null +++ b/SOURCES/0021-ocaml-Use-Caml_state_opt-in-preference-to-caml_state.patch @@ -0,0 +1,25 @@ +From d4fabae17001702894526084bf0ab516de3599d5 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 27 Jun 2023 16:31:55 +0100 +Subject: [PATCH] ocaml: Use Caml_state_opt in preference to caml_state + +Link: https://discuss.ocaml.org/t/test-caml-state-and-conditionally-caml-acquire-runtime-system-good-or-bad/12489/7 +Thanks: Guillaume Munch-Maccagnoni +(cherry picked from commit cade0b1aeb828d294a7c4e323f8131322d30fb73) +--- + ocaml/guestfs-c.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ocaml/guestfs-c.c b/ocaml/guestfs-c.c +index 67dc3547..8a8761e8 100644 +--- a/ocaml/guestfs-c.c ++++ b/ocaml/guestfs-c.c +@@ -412,7 +412,7 @@ event_callback_wrapper (guestfs_h *g, + * https://discuss.ocaml.org/t/test-caml-state-and-conditionally-caml-acquire-runtime-system-good-or-bad/12489 + */ + #if OCAML_VERSION_MAJOR >= 5 +- bool acquired = caml_state != NULL; ++ bool acquired = Caml_state_opt != NULL; + #else + const bool acquired = false; + #endif diff --git a/SOURCES/0022-generator-Add-chown-option-for-virt-customize.patch b/SOURCES/0022-generator-Add-chown-option-for-virt-customize.patch new file mode 100644 index 0000000..df841df --- /dev/null +++ b/SOURCES/0022-generator-Add-chown-option-for-virt-customize.patch @@ -0,0 +1,398 @@ +From 64c1716c4120e8dc69d0106b6ebcf6ccb9d4fc24 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 29 Jun 2023 13:33:04 +0100 +Subject: [PATCH] generator: Add --chown option for virt-customize + +Also this updates the common submodule to include the changes. + +Fixes: https://github.com/rwmjones/guestfs-tools/issues/12 +Acked-by: Laszlo Ersek +(cherry picked from commit d8e48bff212f9b0558480ffedf8158157360d0d5) +--- + common | 2 +- + generator/customize.ml | 28 ++++++++++++++++++++++++++++ + 2 files changed, 29 insertions(+), 1 deletion(-) + +Submodule common d61cd820..bbb54714: +diff --git a/common/mlcustomize/customize-options.pod b/common/mlcustomize/customize-options.pod +index 22a96e04..22724600 100644 +--- a/common/mlcustomize/customize-options.pod ++++ b/common/mlcustomize/customize-options.pod +@@ -63,6 +63,30 @@ Change the permissions of C to C. + I: C by default would be decimal, unless you prefix + it with C<0> to get octal, ie. use C<0700> not C<700>. + ++=item B<--chown> UID.GID:PATH ++ ++Change the owner user and group ID of a file or directory in the guest. ++Note: ++ ++=over 4 ++ ++=item * ++ ++Only numeric UIDs and GIDs will work, and these may not be the same ++inside the guest as on the host. ++ ++=item * ++ ++This will not work with Windows guests. ++ ++=back ++ ++For example: ++ ++ virt-customize --chown '0.0:/var/log/audit.log' ++ ++See also: I<--upload>. ++ + =item B<--commands-from-file> FILENAME + + Read the customize commands from a file, one (and its arguments) +diff --git a/common/mlcustomize/customize-synopsis.pod b/common/mlcustomize/customize-synopsis.pod +index d04f421e..e20b12d4 100644 +--- a/common/mlcustomize/customize-synopsis.pod ++++ b/common/mlcustomize/customize-synopsis.pod +@@ -1,15 +1,15 @@ + [--append-line FILE:LINE] [--chmod PERMISSIONS:FILE] +- [--commands-from-file FILENAME] [--copy SOURCE:DEST] +- [--copy-in LOCALPATH:REMOTEDIR] [--delete PATH] [--edit FILE:EXPR] +- [--firstboot SCRIPT] [--firstboot-command 'CMD+ARGS'] +- [--firstboot-install PKG,PKG..] [--hostname HOSTNAME] +- [--inject-qemu-ga METHOD] [--inject-virtio-win METHOD] +- [--install PKG,PKG..] [--link TARGET:LINK[:LINK..]] [--mkdir DIR] +- [--move SOURCE:DEST] [--password USER:SELECTOR] +- [--root-password SELECTOR] [--run SCRIPT] +- [--run-command 'CMD+ARGS'] [--scrub FILE] [--sm-attach SELECTOR] +- [--sm-register] [--sm-remove] [--sm-unregister] +- [--ssh-inject USER[:SELECTOR]] [--truncate FILE] ++ [--chown UID.GID:PATH] [--commands-from-file FILENAME] ++ [--copy SOURCE:DEST] [--copy-in LOCALPATH:REMOTEDIR] ++ [--delete PATH] [--edit FILE:EXPR] [--firstboot SCRIPT] ++ [--firstboot-command 'CMD+ARGS'] [--firstboot-install PKG,PKG..] ++ [--hostname HOSTNAME] [--inject-qemu-ga METHOD] ++ [--inject-virtio-win METHOD] [--install PKG,PKG..] ++ [--link TARGET:LINK[:LINK..]] [--mkdir DIR] [--move SOURCE:DEST] ++ [--password USER:SELECTOR] [--root-password SELECTOR] ++ [--run SCRIPT] [--run-command 'CMD+ARGS'] [--scrub FILE] ++ [--sm-attach SELECTOR] [--sm-register] [--sm-remove] ++ [--sm-unregister] [--ssh-inject USER[:SELECTOR]] [--truncate FILE] + [--truncate-recursive PATH] [--timezone TIMEZONE] [--touch FILE] + [--uninstall PKG,PKG..] [--update] [--upload FILE:DEST] + [--write FILE:CONTENT] [--no-logfile] +diff --git a/common/mlcustomize/customize_cmdline.ml b/common/mlcustomize/customize_cmdline.ml +index 3c24315d..fd3074ad 100644 +--- a/common/mlcustomize/customize_cmdline.ml ++++ b/common/mlcustomize/customize_cmdline.ml +@@ -41,6 +41,8 @@ and op = [ + (* --append-line FILE:LINE *) + | `Chmod of string * string + (* --chmod PERMISSIONS:FILE *) ++ | `Chown of string * string ++ (* --chown UID.GID:PATH *) + | `CommandsFromFile of string + (* --commands-from-file FILENAME *) + | `Copy of string * string +@@ -187,6 +189,17 @@ let rec argspec () = + s_"Change the permissions of a file" + ), + Some "PERMISSIONS:FILE", "Change the permissions of C to C.\n\nI: C by default would be decimal, unless you prefix\nit with C<0> to get octal, ie. use C<0700> not C<700>."; ++ ( ++ [ L"chown" ], ++ Getopt.String ( ++ s_"UID.GID:PATH", ++ fun s -> ++ let p = split_string_pair "chown" s in ++ List.push_front (`Chown p) ops ++ ), ++ s_"Change the owner user and group ID of a file or directory" ++ ), ++ Some "UID.GID:PATH", "Change the owner user and group ID of a file or directory in the guest.\nNote:\n\n=over 4\n\n=item *\n\nOnly numeric UIDs and GIDs will work, and these may not be the same\ninside the guest as on the host.\n\n=item *\n\nThis will not work with Windows guests.\n\n=back\n\nFor example:\n\n virt-customize --chown '0.0:/var/log/audit.log'\n\nSee also: I<--upload>."; + ( + [ L"commands-from-file" ], + Getopt.String ( +diff --git a/common/mlcustomize/customize_cmdline.mli b/common/mlcustomize/customize_cmdline.mli +index 0cc166e6..5883bbe0 100644 +--- a/common/mlcustomize/customize_cmdline.mli ++++ b/common/mlcustomize/customize_cmdline.mli +@@ -33,6 +33,8 @@ and op = [ + (* --append-line FILE:LINE *) + | `Chmod of string * string + (* --chmod PERMISSIONS:FILE *) ++ | `Chown of string * string ++ (* --chown UID.GID:PATH *) + | `CommandsFromFile of string + (* --commands-from-file FILENAME *) + | `Copy of string * string +diff --git a/common/mltools/curl.ml b/common/mltools/curl.ml +index 6dba9753..73eed903 100644 +--- a/common/mltools/curl.ml ++++ b/common/mltools/curl.ml +@@ -20,11 +20,13 @@ open Printf + + open Std_utils + open Tools_utils ++open Common_gettext.Gettext + + type t = { + curl : string; + args : args; + tmpdir : string option; ++ url : string; + } + and args = (string * string option) list + +@@ -40,11 +42,17 @@ let args_of_proxy = function + | SystemProxy -> [] + | ForcedProxy url -> [ "proxy", Some url; "noproxy", Some "" ] + +-let create ?(curl = "curl") ?(proxy = SystemProxy) ?tmpdir args = ++let create ?(curl = "curl") ?(proxy = SystemProxy) ?tmpdir args url = ++ (* The ["url"] key must not appear in [args]. This was how the ++ * previous version of this module worked, so lets check there ++ * are no callers still doing this. ++ *) ++ List.iter (function "url", _ -> assert false | _ -> ()) args; ++ + let args = safe_args @ args_of_proxy proxy @ args in +- { curl = curl; args = args; tmpdir = tmpdir } ++ { curl; args; tmpdir; url } + +-let run { curl; args; tmpdir } = ++let run { curl; args; tmpdir; url } = + let config_file, chan = Filename.open_temp_file ?temp_dir:tmpdir + "guestfscurl" ".conf" in + List.iter ( +@@ -67,15 +75,16 @@ let run { curl; args; tmpdir } = + | c -> output_char chan c + done; + fprintf chan "\"\n" +- ) args; ++ ) (("url", Some url) :: args); + close_out chan; + + let cmd = sprintf "%s -q --config %s" (quote curl) (quote config_file) in +- let lines = external_command ~echo_cmd:false cmd in ++ let help = sprintf (f_"downloading %s") url in ++ let lines = external_command ~echo_cmd:false ~help cmd in + Unix.unlink config_file; + lines + +-let to_string { curl; args } = ++let to_string { curl; args; url } = + let b = Buffer.create 128 in + bprintf b "%s -q" (quote curl); + List.iter ( +@@ -85,7 +94,7 @@ let to_string { curl; args } = + | "user", Some _ -> bprintf b " --user " + | name, Some value -> bprintf b " --%s %s" name (quote value) + ) args; +- bprintf b "\n"; ++ bprintf b " %s\n" (quote url); + Buffer.contents b + + let print chan t = output_string chan (to_string t) +diff --git a/common/mltools/curl.mli b/common/mltools/curl.mli +index a3e98dc6..1606a79a 100644 +--- a/common/mltools/curl.mli ++++ b/common/mltools/curl.mli +@@ -27,13 +27,16 @@ type proxy = + | SystemProxy (** Use the system settings. *) + | ForcedProxy of string (** The proxy is forced to the specified URL. *) + +-val create : ?curl:string -> ?proxy:proxy -> ?tmpdir:string -> args -> t ++val create : ?curl:string -> ?proxy:proxy -> ?tmpdir:string -> args -> string ++ -> t + (** Create a curl command handle. + + The curl arguments are a list of key, value pairs corresponding + to curl command line parameters, without leading dashes, + eg. [("user", Some "user:password")]. + ++ The string parameter is the URL (which is required). ++ + The optional [?curl] parameter controls the name of the curl + binary (default ["curl"]). + +diff --git a/common/mltools/tools_utils.ml b/common/mltools/tools_utils.ml +index 8b611e77..23f16c51 100644 +--- a/common/mltools/tools_utils.ml ++++ b/common/mltools/tools_utils.ml +@@ -435,8 +435,12 @@ let create_standard_options argspec ?anon_fun ?(key_opts = false) + let getopt = Getopt.create argspec ?anon_fun usage_msg in + { getopt; ks; debug_gc } + ++let external_command_failed help cmd reason = ++ let help_prefix = match help with None -> "" | Some str -> str ^ ": " in ++ error "%s%s ‘%s’: %s" help_prefix (s_"external command") cmd reason ++ + (* Run an external command, slurp up the output as a list of lines. *) +-let external_command ?(echo_cmd = true) cmd = ++let external_command ?(echo_cmd = true) ?help cmd = + if echo_cmd then + debug "%s" cmd; + let chan = Unix.open_process_in cmd in +@@ -448,15 +452,18 @@ let external_command ?(echo_cmd = true) cmd = + (match stat with + | Unix.WEXITED 0 -> () + | Unix.WEXITED i -> +- error (f_"external command ‘%s’ exited with error %d") cmd i ++ let reason = sprintf (f_"exited with error %d") i in ++ external_command_failed help cmd reason + | Unix.WSIGNALED i -> +- error (f_"external command ‘%s’ killed by signal %d") cmd i ++ let reason = sprintf (f_"killed by signal %d") i in ++ external_command_failed help cmd reason + | Unix.WSTOPPED i -> +- error (f_"external command ‘%s’ stopped by signal %d") cmd i ++ let reason = sprintf (f_"stopped by signal %d") i in ++ external_command_failed help cmd reason + ); + lines + +-let rec run_commands ?(echo_cmd = true) cmds = ++let rec run_commands ?(echo_cmd = true) ?help cmds = + let res = Array.make (List.length cmds) 0 in + let pids = + List.mapi ( +@@ -482,21 +489,21 @@ let rec run_commands ?(echo_cmd = true) cmds = + let matching_pair = List.hd matching_pair in + let idx, _, app, outfd, errfd = matching_pair in + pids := new_pids; +- res.(idx) <- do_teardown app outfd errfd stat ++ res.(idx) <- do_teardown help app outfd errfd stat + ); + done; + Array.to_list res + +-and run_command ?(echo_cmd = true) ?stdout_fd ?stderr_fd args = ++and run_command ?(echo_cmd = true) ?help ?stdout_fd ?stderr_fd args = + let run_res = do_run args ~echo_cmd ?stdout_fd ?stderr_fd in + match run_res with + | Either (pid, app, outfd, errfd) -> + let _, stat = Unix.waitpid [] pid in +- do_teardown app outfd errfd stat ++ do_teardown help app outfd errfd stat + | Or code -> + code + +-and do_run ?(echo_cmd = true) ?stdout_fd ?stderr_fd args = ++and do_run ?(echo_cmd = true) ?help ?stdout_fd ?stderr_fd args = + let app = List.hd args in + let get_fd default = function + | None -> +@@ -522,16 +529,18 @@ and do_run ?(echo_cmd = true) ?stdout_fd ?stderr_fd args = + debug "%s: %s: executable not found" app fn; + Or 127 + +-and do_teardown app outfd errfd exitstat = ++and do_teardown help app outfd errfd exitstat = + Option.iter Unix.close outfd; + Option.iter Unix.close errfd; + match exitstat with + | Unix.WEXITED i -> +- i ++ i + | Unix.WSIGNALED i -> +- error (f_"external command ‘%s’ killed by signal %d") app i ++ let reason = sprintf (f_"killed by signal %d") i in ++ external_command_failed help app reason + | Unix.WSTOPPED i -> +- error (f_"external command ‘%s’ stopped by signal %d") app i ++ let reason = sprintf (f_"stopped by signal %d") i in ++ external_command_failed help app reason + + let shell_command ?(echo_cmd = true) cmd = + if echo_cmd then +diff --git a/common/mltools/tools_utils.mli b/common/mltools/tools_utils.mli +index ec900e63..193ba7b6 100644 +--- a/common/mltools/tools_utils.mli ++++ b/common/mltools/tools_utils.mli +@@ -103,13 +103,17 @@ val create_standard_options : Getopt.speclist -> ?anon_fun:Getopt.anon_fun -> ?k + + Returns a new {!cmdline_options} structure. *) + +-val external_command : ?echo_cmd:bool -> string -> string list ++val external_command : ?echo_cmd:bool -> ?help:string -> string -> string list + (** Run an external command, slurp up the output as a list of lines. + + [echo_cmd] specifies whether to output the full command on verbose +- mode, and it's on by default. *) ++ mode, and it's on by default. + +-val run_commands : ?echo_cmd:bool -> (string list * Unix.file_descr option * Unix.file_descr option) list -> int list ++ [help] is an optional string which is printed as a prefix in ++ case the external command fails, eg as a hint to the user about ++ what we were trying to do. *) ++ ++val run_commands : ?echo_cmd:bool -> ?help:string -> (string list * Unix.file_descr option * Unix.file_descr option) list -> int list + (** Run external commands in parallel without using a shell, + and return a list with their exit codes. + +@@ -126,16 +130,24 @@ val run_commands : ?echo_cmd:bool -> (string list * Unix.file_descr option * Uni + end of the execution of the command for which it was specified. + + [echo_cmd] specifies whether output the full command on verbose +- mode, and it's on by default. *) ++ mode, and it's on by default. + +-val run_command : ?echo_cmd:bool -> ?stdout_fd:Unix.file_descr -> ?stderr_fd:Unix.file_descr -> string list -> int ++ [help] is an optional string which is printed as a prefix in ++ case the external command fails, eg as a hint to the user about ++ what we were trying to do. *) ++ ++val run_command : ?echo_cmd:bool -> ?help:string -> ?stdout_fd:Unix.file_descr -> ?stderr_fd:Unix.file_descr -> string list -> int + (** Run an external command without using a shell, and return its exit code. + + If [stdout_fd] or [stderr_fd] is specified, the file descriptor + is automatically closed after executing the command. + + [echo_cmd] specifies whether output the full command on verbose +- mode, and it's on by default. *) ++ mode, and it's on by default. ++ ++ [help] is an optional string which is printed as a prefix in ++ case the external command fails, eg as a hint to the user about ++ what we were trying to do. *) + + val shell_command : ?echo_cmd:bool -> string -> int + (** Run an external shell command, and return its exit code. +diff --git a/generator/customize.ml b/generator/customize.ml +index aa7ac8e8..8d3dec3e 100644 +--- a/generator/customize.ml ++++ b/generator/customize.ml +@@ -95,6 +95,34 @@ I: C by default would be decimal, unless you prefix + it with C<0> to get octal, ie. use C<0700> not C<700>."; + }; + ++ { op_name = "chown"; ++ op_type = StringPair "UID.GID:PATH"; ++ op_discrim = "`Chown"; ++ op_shortdesc = "Change the owner user and group ID of a file or directory"; ++ op_pod_longdesc = "\ ++Change the owner user and group ID of a file or directory in the guest. ++Note: ++ ++=over 4 ++ ++=item * ++ ++Only numeric UIDs and GIDs will work, and these may not be the same ++inside the guest as on the host. ++ ++=item * ++ ++This will not work with Windows guests. ++ ++=back ++ ++For example: ++ ++ virt-customize --chown '0.0:/var/log/audit.log' ++ ++See also: I<--upload>."; ++ }; ++ + { op_name = "commands-from-file"; + op_type = StringFn ("FILENAME", "customize_read_from_file"); + op_discrim = "`CommandsFromFile"; diff --git a/SOURCES/0023-lib-remove-guestfs_int_cmd_clear_close_files.patch b/SOURCES/0023-lib-remove-guestfs_int_cmd_clear_close_files.patch new file mode 100644 index 0000000..d7fe99e --- /dev/null +++ b/SOURCES/0023-lib-remove-guestfs_int_cmd_clear_close_files.patch @@ -0,0 +1,101 @@ +From 6c63f5cd8b43448f4847d550ad313d950d6b8520 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Tue, 11 Jul 2023 13:39:06 +0200 +Subject: [PATCH] lib: remove guestfs_int_cmd_clear_close_files() + +The last (only?) caller of guestfs_int_cmd_clear_close_files() disappeared +in commit e4c396888056 ("lib/info: Remove /dev/fd hacking and pass a true +filename to qemu-img info.", 2018-01-23), part of v1.37.36. + +Simplify the code by removing guestfs_int_cmd_clear_close_files(). + +Signed-off-by: Laszlo Ersek +Message-Id: <20230711113906.107340-1-lersek@redhat.com> +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 13c7052ff96d5ee99ec1b1252f1a3b4d7aed44d2) +--- + lib/command.c | 37 ++++++++++--------------------------- + lib/guestfs-internal.h | 1 - + 2 files changed, 10 insertions(+), 28 deletions(-) + +diff --git a/lib/command.c b/lib/command.c +index 515ef624..82a47baf 100644 +--- a/lib/command.c ++++ b/lib/command.c +@@ -152,9 +152,6 @@ struct command + /* When using the pipe_* APIs, stderr is pointed to a temporary file. */ + char *error_file; + +- /* Close file descriptors (defaults to true). */ +- bool close_files; +- + /* Supply a callback to receive stdout. */ + cmd_stdout_callback stdout_callback; + void *stdout_data; +@@ -186,7 +183,6 @@ guestfs_int_new_command (guestfs_h *g) + cmd = safe_calloc (g, 1, sizeof *cmd); + cmd->g = g; + cmd->capture_errors = true; +- cmd->close_files = true; + cmd->errorfd = -1; + cmd->outfd = -1; + return cmd; +@@ -358,17 +354,6 @@ guestfs_int_cmd_clear_capture_errors (struct command *cmd) + cmd->capture_errors = false; + } + +-/** +- * Don't close file descriptors after the fork. +- * +- * XXX Should allow single fds to be sent to child process. +- */ +-void +-guestfs_int_cmd_clear_close_files (struct command *cmd) +-{ +- cmd->close_files = false; +-} +- + /** + * Set a function to be executed in the child, right before the + * execution. Can be used to setup the child, for example changing +@@ -564,18 +549,16 @@ run_child (struct command *cmd, char **env) + for (i = 1; i < NSIG; ++i) + sigaction (i, &sa, NULL); + +- if (cmd->close_files) { +- /* Close all other file descriptors. This ensures that we don't +- * hold open (eg) pipes from the parent process. +- */ +- max_fd = sysconf (_SC_OPEN_MAX); +- if (max_fd == -1) +- max_fd = 1024; +- if (max_fd > 65536) +- max_fd = 65536; /* bound the amount of work we do here */ +- for (fd = 3; fd < max_fd; ++fd) +- close (fd); +- } ++ /* Close all other file descriptors. This ensures that we don't ++ * hold open (eg) pipes from the parent process. ++ */ ++ max_fd = sysconf (_SC_OPEN_MAX); ++ if (max_fd == -1) ++ max_fd = 1024; ++ if (max_fd > 65536) ++ max_fd = 65536; /* bound the amount of work we do here */ ++ for (fd = 3; fd < max_fd; ++fd) ++ close (fd); + + /* Set the umask for all subcommands to something sensible (RHBZ#610880). */ + umask (022); +diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h +index fb55e026..c7ef3227 100644 +--- a/lib/guestfs-internal.h ++++ b/lib/guestfs-internal.h +@@ -751,7 +751,6 @@ extern void guestfs_int_cmd_set_stdout_callback (struct command *, cmd_stdout_ca + extern void guestfs_int_cmd_set_stderr_to_stdout (struct command *); + extern void guestfs_int_cmd_set_child_rlimit (struct command *, int resource, long limit); + extern void guestfs_int_cmd_clear_capture_errors (struct command *); +-extern void guestfs_int_cmd_clear_close_files (struct command *); + extern void guestfs_int_cmd_set_child_callback (struct command *, cmd_child_callback child_callback, void *data); + extern int guestfs_int_cmd_run (struct command *); + extern void guestfs_int_cmd_close (struct command *); diff --git a/SOURCES/0024-docs-fix-broken-link-in-the-guestfs-manual.patch b/SOURCES/0024-docs-fix-broken-link-in-the-guestfs-manual.patch new file mode 100644 index 0000000..7ddefc8 --- /dev/null +++ b/SOURCES/0024-docs-fix-broken-link-in-the-guestfs-manual.patch @@ -0,0 +1,34 @@ +From f8e8aef7e9e8334db19529aa46bd28a209436b50 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Fri, 14 Jul 2023 15:22:09 +0200 +Subject: [PATCH] docs: fix broken link in the guestfs manual + +Commit 55202a4d49a1 ("New API: get-sockdir", 2016-02-03) added identical +language to "fish/guestfish.pod" and "src/guestfs.pod", including an +internal link L. That's appropriate for +"fish/guestfish.pod", but the same API description is generated with a +different anchor for "src/guestfs.pod". Adapt the reference. + +Fixes: 55202a4d49a101392148d79cb2e1591428db2681 +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2184967 +Signed-off-by: Laszlo Ersek +Reviewed-by: Richard W.M. Jones +Message-Id: <20230714132213.96616-4-lersek@redhat.com> +(cherry picked from commit b4a4b754c6161b95ddee05e398e0200e6b73b840) +--- + lib/guestfs.pod | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/guestfs.pod b/lib/guestfs.pod +index 866a4638..5db6dd91 100644 +--- a/lib/guestfs.pod ++++ b/lib/guestfs.pod +@@ -3123,7 +3123,7 @@ non-essential runtime files. + If it is set, then is used to store temporary sockets. Otherwise, + F is used. + +-See also L, ++See also L, + L. + + =back diff --git a/SOURCES/0025-docs-clarify-sockdir-s-separation.patch b/SOURCES/0025-docs-clarify-sockdir-s-separation.patch new file mode 100644 index 0000000..9fd3553 --- /dev/null +++ b/SOURCES/0025-docs-clarify-sockdir-s-separation.patch @@ -0,0 +1,75 @@ +From cde50cb9d71ffa418f45868aa0d4b874847b989a Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Fri, 14 Jul 2023 15:22:10 +0200 +Subject: [PATCH] docs: clarify sockdir's separation + +There's another reason for separating sockdir from tmpdir, beyond "shorter +pathnames needed": permissions. For example, passt drops privileges such +that it cannot access "/tmp", and that restricts both the unix domain +socket and the PID file of passt. + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2184967 +Signed-off-by: Laszlo Ersek +Reviewed-by: Richard W.M. Jones +Message-Id: <20230714132213.96616-5-lersek@redhat.com> +(cherry picked from commit 21ccddecf7dd51b24bb2b71dbc8beb1a8dd01923) +--- + fish/guestfish.pod | 4 ++-- + generator/actions_properties.ml | 8 ++++++-- + lib/guestfs.pod | 4 ++-- + 3 files changed, 10 insertions(+), 6 deletions(-) + +diff --git a/fish/guestfish.pod b/fish/guestfish.pod +index d36cac9d..33fc8b2c 100644 +--- a/fish/guestfish.pod ++++ b/fish/guestfish.pod +@@ -1492,8 +1492,8 @@ See L, L. + This directory represents a user-specific directory for storing + non-essential runtime files. + +-If it is set, then is used to store temporary sockets. Otherwise, +-F is used. ++If it is set, then is used to store temporary sockets and PID files. ++Otherwise, F is used. + + See also L, + L. +diff --git a/generator/actions_properties.ml b/generator/actions_properties.ml +index f84afb10..42eaaa4d 100644 +--- a/generator/actions_properties.ml ++++ b/generator/actions_properties.ml +@@ -595,13 +595,17 @@ Get the handle identifier. See C." }; + name = "get_sockdir"; added = (1, 33, 8); + style = RString (RPlainString, "sockdir"), [], []; + blocking = false; +- shortdesc = "get the temporary directory for sockets"; ++ shortdesc = "get the temporary directory for sockets and PID files"; + longdesc = "\ +-Get the directory used by the handle to store temporary socket files. ++Get the directory used by the handle to store temporary socket and PID ++files. + + This is different from C, as we need shorter + paths for sockets (due to the limited buffers of filenames for UNIX + sockets), and C may be too long for them. ++Furthermore, sockets and PID files must be accessible to such background ++services started by libguestfs that may not have permission to access ++the temporary directory returned by C. + + The environment variable C controls the default + value: If C is set, then that is the default. +diff --git a/lib/guestfs.pod b/lib/guestfs.pod +index 5db6dd91..dff32cc9 100644 +--- a/lib/guestfs.pod ++++ b/lib/guestfs.pod +@@ -3120,8 +3120,8 @@ See L, L. + This directory represents a user-specific directory for storing + non-essential runtime files. + +-If it is set, then is used to store temporary sockets. Otherwise, +-F is used. ++If it is set, then is used to store temporary sockets and PID files. ++Otherwise, F is used. + + See also L, + L. diff --git a/SOURCES/0026-lib-move-guestfs_int_create_socketname-from-launch.c.patch b/SOURCES/0026-lib-move-guestfs_int_create_socketname-from-launch.c.patch new file mode 100644 index 0000000..f5153f7 --- /dev/null +++ b/SOURCES/0026-lib-move-guestfs_int_create_socketname-from-launch.c.patch @@ -0,0 +1,144 @@ +From 986f5d8b1110b461d37d044c7a8052ed7ba27f87 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Fri, 14 Jul 2023 15:22:11 +0200 +Subject: [PATCH] lib: move guestfs_int_create_socketname() from "launch.c" to + "tmpdirs.c" + +Consider the following inverted call tree (effectively a dependency tree +-- callees are at the top and near the left margin): + + lazy_make_tmpdir() [lib/tmpdirs.c] + guestfs_int_lazy_make_tmpdir() [lib/tmpdirs.c] + guestfs_int_make_temp_path() [lib/tmpdirs.c] + guestfs_int_lazy_make_sockdir() [lib/tmpdirs.c] + guestfs_int_create_socketname() [lib/launch.c] + +lazy_make_tmpdir() is our common workhorse / helper function that +centralizes the mkdtemp() function call. + +guestfs_int_lazy_make_tmpdir() and guestfs_int_lazy_make_sockdir() are the +next level functions, both calling lazy_make_tmpdir(), just feeding it +different dirname generator functions, and different "is_runtime_dir" +qualifications. These functions create temp dirs for various, more +specific, purposes (see the manual and "lib/guestfs-internal.h" for more +details). + +On a yet higher level are guestfs_int_make_temp_path() and +guestfs_int_create_socketname() -- they serve for creating *entries* in +those specific temp directories. + +The discrepancy here is that, although all the other functions live in +"lib/tmpdirs.c", guestfs_int_create_socketname() is defined in +"lib/launch.c". That makes for a confusing code reading; move the function +to "lib/tmpdirs.c", just below its sibling function +guestfs_int_make_temp_path(). + +While at it, correct the leading comment on +guestfs_int_create_socketname() -- the socket pathname is created in the +socket directory, not in the temporary directory. + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2184967 +Signed-off-by: Laszlo Ersek +Reviewed-by: Richard W.M. Jones +Message-Id: <20230714132213.96616-6-lersek@redhat.com> +(cherry picked from commit 0b2ad40a098cbaf91d0d0a2df6e31bf8e3e08ace) +--- + lib/guestfs-internal.h | 2 +- + lib/launch.c | 26 -------------------------- + lib/tmpdirs.c | 26 ++++++++++++++++++++++++++ + 3 files changed, 27 insertions(+), 27 deletions(-) + +diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h +index c7ef3227..ebd68380 100644 +--- a/lib/guestfs-internal.h ++++ b/lib/guestfs-internal.h +@@ -668,6 +668,7 @@ extern int guestfs_int_set_env_runtimedir (guestfs_h *g, const char *envname, co + extern int guestfs_int_lazy_make_tmpdir (guestfs_h *g); + extern int guestfs_int_lazy_make_sockdir (guestfs_h *g); + extern char *guestfs_int_make_temp_path (guestfs_h *g, const char *name, const char *extension); ++extern int guestfs_int_create_socketname (guestfs_h *g, const char *filename, char (*sockname)[UNIX_PATH_MAX]); + extern char *guestfs_int_lazy_make_supermin_appliance_dir (guestfs_h *g); + extern void guestfs_int_remove_tmpdir (guestfs_h *g); + extern void guestfs_int_remove_sockdir (guestfs_h *g); +@@ -700,7 +701,6 @@ extern int guestfs_int_get_uefi (guestfs_h *g, char *const *firmwares, const cha + extern int64_t guestfs_int_timeval_diff (const struct timeval *x, const struct timeval *y); + extern void guestfs_int_launch_send_progress (guestfs_h *g, int perdozen); + extern void guestfs_int_unblock_sigterm (void); +-extern int guestfs_int_create_socketname (guestfs_h *g, const char *filename, char (*sockname)[UNIX_PATH_MAX]); + extern void guestfs_int_register_backend (const char *name, const struct backend_ops *); + extern int guestfs_int_set_backend (guestfs_h *g, const char *method); + +diff --git a/lib/launch.c b/lib/launch.c +index 6e08b120..bd0526c9 100644 +--- a/lib/launch.c ++++ b/lib/launch.c +@@ -309,32 +309,6 @@ guestfs_impl_config (guestfs_h *g, + return 0; + } + +-/** +- * Create the path for a socket with the selected filename in the +- * tmpdir. +- */ +-int +-guestfs_int_create_socketname (guestfs_h *g, const char *filename, +- char (*sockpath)[UNIX_PATH_MAX]) +-{ +- int r; +- +- if (guestfs_int_lazy_make_sockdir (g) == -1) +- return -1; +- +- r = snprintf (*sockpath, UNIX_PATH_MAX, "%s/%s", g->sockdir, filename); +- if (r >= UNIX_PATH_MAX) { +- error (g, _("socket path too long: %s/%s"), g->sockdir, filename); +- return -1; +- } +- if (r < 0) { +- perrorf (g, _("%s"), g->sockdir); +- return -1; +- } +- +- return 0; +-} +- + /** + * When the library is loaded, each backend calls this function to + * register itself in a global list. +diff --git a/lib/tmpdirs.c b/lib/tmpdirs.c +index b8e19de2..24adf98d 100644 +--- a/lib/tmpdirs.c ++++ b/lib/tmpdirs.c +@@ -253,6 +253,32 @@ guestfs_int_make_temp_path (guestfs_h *g, + extension ? extension : ""); + } + ++/** ++ * Create the path for a socket with the selected filename in the ++ * sockdir. ++ */ ++int ++guestfs_int_create_socketname (guestfs_h *g, const char *filename, ++ char (*sockpath)[UNIX_PATH_MAX]) ++{ ++ int r; ++ ++ if (guestfs_int_lazy_make_sockdir (g) == -1) ++ return -1; ++ ++ r = snprintf (*sockpath, UNIX_PATH_MAX, "%s/%s", g->sockdir, filename); ++ if (r >= UNIX_PATH_MAX) { ++ error (g, _("socket path too long: %s/%s"), g->sockdir, filename); ++ return -1; ++ } ++ if (r < 0) { ++ perrorf (g, _("%s"), g->sockdir); ++ return -1; ++ } ++ ++ return 0; ++} ++ + /** + * Create the supermin appliance directory under cachedir, if it does + * not exist. diff --git a/SOURCES/0027-generator-customize-Add-new-StringTriplet-for-use-by.patch b/SOURCES/0027-generator-customize-Add-new-StringTriplet-for-use-by.patch new file mode 100644 index 0000000..9389253 --- /dev/null +++ b/SOURCES/0027-generator-customize-Add-new-StringTriplet-for-use-by.patch @@ -0,0 +1,241 @@ +From 6e3d91681c7dffdfdf291a809d6773691a2a7bda Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Sat, 15 Jul 2023 16:33:18 +0100 +Subject: [PATCH] generator: customize: Add new StringTriplet for use by + --chown +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The just added --chown option previously used StringPair, splitting +the argument as ‘UID.GID:FILENAME’. However this will not work if we +ever extend this with the ability to use user or group names, since +they may contain dot (but not colon). Add a new StringTriplet type +and split the argument string three ways. The new option becomes: + + virt-customize ... --chown UID:GID:FILENAME + +Include the following commit from the common submodule: + + commit e70d89a58dae068be2e19c7c21558707261af96a + Author: Richard W.M. Jones + Date: Sat Jul 15 16:42:06 2023 +0100 + + customize: Update generated files for --chown with StringTriplet + +Updates: commit d8e48bff212f9b0558480ffedf8158157360d0d5 +(cherry picked from commit c08032ebe2763f5e9ce5b14e003721475219d390) +--- + common | 2 +- + generator/customize.ml | 44 ++++++++++++++++++++++++++++++++---------- + 2 files changed, 35 insertions(+), 11 deletions(-) + +Submodule common bbb54714..e70d89a5: +diff --git a/common/mlcustomize/customize-options.pod b/common/mlcustomize/customize-options.pod +index 22724600..e658a447 100644 +--- a/common/mlcustomize/customize-options.pod ++++ b/common/mlcustomize/customize-options.pod +@@ -63,7 +63,7 @@ Change the permissions of C to C. + I: C by default would be decimal, unless you prefix + it with C<0> to get octal, ie. use C<0700> not C<700>. + +-=item B<--chown> UID.GID:PATH ++=item B<--chown> UID:GID:PATH + + Change the owner user and group ID of a file or directory in the guest. + Note: +@@ -83,7 +83,7 @@ This will not work with Windows guests. + + For example: + +- virt-customize --chown '0.0:/var/log/audit.log' ++ virt-customize --chown '0:0:/var/log/audit.log' + + See also: I<--upload>. + +diff --git a/common/mlcustomize/customize-synopsis.pod b/common/mlcustomize/customize-synopsis.pod +index e20b12d4..5031b015 100644 +--- a/common/mlcustomize/customize-synopsis.pod ++++ b/common/mlcustomize/customize-synopsis.pod +@@ -1,5 +1,5 @@ + [--append-line FILE:LINE] [--chmod PERMISSIONS:FILE] +- [--chown UID.GID:PATH] [--commands-from-file FILENAME] ++ [--chown UID:GID:PATH] [--commands-from-file FILENAME] + [--copy SOURCE:DEST] [--copy-in LOCALPATH:REMOTEDIR] + [--delete PATH] [--edit FILE:EXPR] [--firstboot SCRIPT] + [--firstboot-command 'CMD+ARGS'] [--firstboot-install PKG,PKG..] +diff --git a/common/mlcustomize/customize_cmdline.ml b/common/mlcustomize/customize_cmdline.ml +index fd3074ad..3ce901db 100644 +--- a/common/mlcustomize/customize_cmdline.ml ++++ b/common/mlcustomize/customize_cmdline.ml +@@ -41,8 +41,8 @@ and op = [ + (* --append-line FILE:LINE *) + | `Chmod of string * string + (* --chmod PERMISSIONS:FILE *) +- | `Chown of string * string +- (* --chown UID.GID:PATH *) ++ | `Chown of string * string * string ++ (* --chown UID:GID:PATH *) + | `CommandsFromFile of string + (* --commands-from-file FILENAME *) + | `Copy of string * string +@@ -154,8 +154,13 @@ let rec argspec () = + option_name in + let len = String.length arg in + String.sub arg 0 i, String.sub arg (i+1) (len-(i+1)) +- in +- let split_string_list arg = ++ and split_string_triplet option_name arg = ++ match String.nsplit ~max:3 "," arg with ++ | [a; b; c] -> a, b, c ++ | _ -> ++ error (f_"invalid format for '--%s' parameter, see the man page") ++ option_name ++ and split_string_list arg = + String.nsplit "," arg + in + let split_links_list option_name arg = +@@ -192,14 +197,14 @@ let rec argspec () = + ( + [ L"chown" ], + Getopt.String ( +- s_"UID.GID:PATH", ++ s_"UID:GID:PATH", + fun s -> +- let p = split_string_pair "chown" s in ++ let p = split_string_triplet "chown" s in + List.push_front (`Chown p) ops + ), + s_"Change the owner user and group ID of a file or directory" + ), +- Some "UID.GID:PATH", "Change the owner user and group ID of a file or directory in the guest.\nNote:\n\n=over 4\n\n=item *\n\nOnly numeric UIDs and GIDs will work, and these may not be the same\ninside the guest as on the host.\n\n=item *\n\nThis will not work with Windows guests.\n\n=back\n\nFor example:\n\n virt-customize --chown '0.0:/var/log/audit.log'\n\nSee also: I<--upload>."; ++ Some "UID:GID:PATH", "Change the owner user and group ID of a file or directory in the guest.\nNote:\n\n=over 4\n\n=item *\n\nOnly numeric UIDs and GIDs will work, and these may not be the same\ninside the guest as on the host.\n\n=item *\n\nThis will not work with Windows guests.\n\n=back\n\nFor example:\n\n virt-customize --chown '0:0:/var/log/audit.log'\n\nSee also: I<--upload>."; + ( + [ L"commands-from-file" ], + Getopt.String ( +diff --git a/common/mlcustomize/customize_cmdline.mli b/common/mlcustomize/customize_cmdline.mli +index 5883bbe0..112b74dc 100644 +--- a/common/mlcustomize/customize_cmdline.mli ++++ b/common/mlcustomize/customize_cmdline.mli +@@ -33,8 +33,8 @@ and op = [ + (* --append-line FILE:LINE *) + | `Chmod of string * string + (* --chmod PERMISSIONS:FILE *) +- | `Chown of string * string +- (* --chown UID.GID:PATH *) ++ | `Chown of string * string * string ++ (* --chown UID:GID:PATH *) + | `CommandsFromFile of string + (* --commands-from-file FILENAME *) + | `Copy of string * string +diff --git a/generator/customize.ml b/generator/customize.ml +index 8d3dec3e..fe87ef5e 100644 +--- a/generator/customize.ml ++++ b/generator/customize.ml +@@ -41,6 +41,7 @@ and op_type = + | Unit (* no argument *) + | String of string (* string *) + | StringPair of string (* string:string *) ++| StringTriplet of string (* string:string:string *) + | StringList of string (* string,string,... *) + | TargetLinks of string (* target:link[:link...] *) + | PasswordSelector of string (* password selector *) +@@ -96,7 +97,7 @@ it with C<0> to get octal, ie. use C<0700> not C<700>."; + }; + + { op_name = "chown"; +- op_type = StringPair "UID.GID:PATH"; ++ op_type = StringTriplet "UID:GID:PATH"; + op_discrim = "`Chown"; + op_shortdesc = "Change the owner user and group ID of a file or directory"; + op_pod_longdesc = "\ +@@ -118,7 +119,7 @@ This will not work with Windows guests. + + For example: + +- virt-customize --chown '0.0:/var/log/audit.log' ++ virt-customize --chown '0:0:/var/log/audit.log' + + See also: I<--upload>."; + }; +@@ -761,8 +762,13 @@ let rec argspec () = + option_name in + let len = String.length arg in + String.sub arg 0 i, String.sub arg (i+1) (len-(i+1)) +- in +- let split_string_list arg = ++ and split_string_triplet option_name arg = ++ match String.nsplit ~max:3 \",\" arg with ++ | [a; b; c] -> a, b, c ++ | _ -> ++ error (f_\"invalid format for '--%%s' parameter, see the man page\") ++ option_name ++ and split_string_list arg = + String.nsplit \",\" arg + in + let split_links_list option_name arg = +@@ -807,6 +813,19 @@ let rec argspec () = + pr " s_\"%s\"\n" shortdesc; + pr " ),\n"; + pr " Some %S, %S;\n" v longdesc ++ | { op_type = StringTriplet v; op_name = name; op_discrim = discrim; ++ op_shortdesc = shortdesc; op_pod_longdesc = longdesc } -> ++ pr " (\n"; ++ pr " [ L\"%s\" ],\n" name; ++ pr " Getopt.String (\n"; ++ pr " s_\"%s\",\n" v; ++ pr " fun s ->\n"; ++ pr " let p = split_string_triplet \"%s\" s in\n" name; ++ pr " List.push_front (%s p) ops\n" discrim; ++ pr " ),\n"; ++ pr " s_\"%s\"\n" shortdesc; ++ pr " ),\n"; ++ pr " Some %S, %S;\n" v longdesc + | { op_type = StringList v; op_name = name; op_discrim = discrim; + op_shortdesc = shortdesc; op_pod_longdesc = longdesc } -> + pr " (\n"; +@@ -956,6 +975,7 @@ let rec argspec () = + | { op_type = Unit; } + | { op_type = String _; } + | { op_type = StringPair _; } ++ | { op_type = StringTriplet _; } + | { op_type = StringList _; } + | { op_type = TargetLinks _; } + | { op_type = PasswordSelector _; } +@@ -1021,6 +1041,10 @@ type ops = { + | { op_type = StringPair v; op_discrim = discrim; + op_name = name } -> + pr " | %s of string * string\n (* --%s %s *)\n" discrim name v ++ | { op_type = StringTriplet v; op_discrim = discrim; ++ op_name = name } -> ++ pr " | %s of string * string * string\n (* --%s %s *)\n" ++ discrim name v + | { op_type = StringList v; op_discrim = discrim; + op_name = name } -> + pr " | %s of string list\n (* --%s %s *)\n" discrim name v +@@ -1073,9 +1097,9 @@ let generate_customize_synopsis_pod () = + function + | { op_type = Unit; op_name = n } -> + n, sprintf "[--%s]" n +- | { op_type = String v | StringPair v | StringList v | TargetLinks v +- | PasswordSelector v | UserPasswordSelector v | SSHKeySelector v +- | StringFn (v, _) | SMPoolSelector v; ++ | { op_type = String v | StringPair v | StringTriplet v | StringList v ++ | TargetLinks v | PasswordSelector v | UserPasswordSelector v ++ | SSHKeySelector v | StringFn (v, _) | SMPoolSelector v; + op_name = n } -> + n, sprintf "[--%s %s]" n v + ) ops @ +@@ -1116,9 +1140,9 @@ let generate_customize_options_pod () = + function + | { op_type = Unit; op_name = n; op_pod_longdesc = ld } -> + n, sprintf "B<--%s>" n, ld +- | { op_type = String v | StringPair v | StringList v | TargetLinks v +- | PasswordSelector v | UserPasswordSelector v | SSHKeySelector v +- | StringFn (v, _) | SMPoolSelector v; ++ | { op_type = String v | StringPair v | StringTriplet v | StringList v ++ | TargetLinks v | PasswordSelector v | UserPasswordSelector v ++ | SSHKeySelector v | StringFn (v, _) | SMPoolSelector v; + op_name = n; op_pod_longdesc = ld } -> + n, sprintf "B<--%s> %s" n v, ld + ) ops @ diff --git a/SOURCES/0028-daemon-lvm-Do-reverse-device-name-translation-on-pvs.patch b/SOURCES/0028-daemon-lvm-Do-reverse-device-name-translation-on-pvs.patch new file mode 100644 index 0000000..634ee30 --- /dev/null +++ b/SOURCES/0028-daemon-lvm-Do-reverse-device-name-translation-on-pvs.patch @@ -0,0 +1,57 @@ +From ec56c62c90d2230e8edcfaaad4517be63f5e2183 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 20 Jul 2023 11:15:26 +0100 +Subject: [PATCH] daemon: lvm: Do reverse device name translation on pvs_full + device fields + +Intermittent test failures in virt-filesystems showed that when using +the pvs_full API, the pv_name field in the returned list of structures +was not being reverse translated. As a result internal partition +names could appear in the output of virt-filesystems. + +See: https://listman.redhat.com/archives/libguestfs/2023-July/032058.html +(cherry picked from commit 32cb5b45cfbe5edbc7643fc533da70db2d3c6cda) +--- + daemon/lvm.c | 29 ++++++++++++++++++++++++++++- + 1 file changed, 28 insertions(+), 1 deletion(-) + +diff --git a/daemon/lvm.c b/daemon/lvm.c +index 7e76e17c..b8c01f71 100644 +--- a/daemon/lvm.c ++++ b/daemon/lvm.c +@@ -146,7 +146,34 @@ do_vgs (void) + guestfs_int_lvm_pv_list * + do_pvs_full (void) + { +- return parse_command_line_pvs (); ++ guestfs_int_lvm_pv_list *r; ++ size_t i; ++ char *din, *dout; ++ ++ r = parse_command_line_pvs (); ++ if (r == NULL) ++ /* parse_command_line_pvs has already called reply_with_error */ ++ return NULL; ++ ++ /* The pv_name fields contain device names which must be reverse ++ * translated. The problem here is that the generator does not have ++ * a "FMountable" field type in types.mli. ++ */ ++ for (i = 0; i < r->guestfs_int_lvm_pv_list_len; ++i) { ++ din = r->guestfs_int_lvm_pv_list_val[i].pv_name; ++ if (din) { ++ dout = reverse_device_name_translation (din); ++ if (!dout) { ++ /* reverse_device_name_translation has already called reply_with_error*/ ++ /* XXX memory leak here */ ++ return NULL; ++ } ++ r->guestfs_int_lvm_pv_list_val[i].pv_name = dout; ++ free (din); ++ } ++ } ++ ++ return r; + } + + guestfs_int_lvm_vg_list * diff --git a/SOURCES/0029-ruby-Replace-MiniTest-with-Minitest.patch b/SOURCES/0029-ruby-Replace-MiniTest-with-Minitest.patch new file mode 100644 index 0000000..8e2b970 --- /dev/null +++ b/SOURCES/0029-ruby-Replace-MiniTest-with-Minitest.patch @@ -0,0 +1,208 @@ +From a55474caa5029c8356957afe36908ee45484ffde Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 21 Sep 2023 15:16:51 +0100 +Subject: [PATCH] ruby: Replace MiniTest with Minitest + +See this commit in hivex: +https://github.com/libguestfs/hivex/commit/fbcff7fbd8f96214c7f13f36bd7669a9142824ab + +(cherry picked from commit d25a48e2dd2c2a2063b8d03a33b5e3cbe773c47d) +--- + ruby/t/tc_010_load.rb | 2 +- + ruby/t/tc_020_create.rb | 2 +- + ruby/t/tc_030_create_flags.rb | 2 +- + ruby/t/tc_040_create_multiple.rb | 2 +- + ruby/t/tc_050_handle_properties.rb | 2 +- + ruby/t/tc_060_explicit_close.rb | 2 +- + ruby/t/tc_070_optargs.rb | 2 +- + ruby/t/tc_090_retvalues.rb | 2 +- + ruby/t/tc_100_launch.rb | 2 +- + ruby/t/tc_410_close_event.rb | 2 +- + ruby/t/tc_420_log_messages.rb | 2 +- + ruby/t/tc_800_rhbz507346.rb | 2 +- + ruby/t/tc_810_rhbz664558c6.rb | 2 +- + ruby/t/tc_820_rhbz1046509.rb | 2 +- + 14 files changed, 14 insertions(+), 14 deletions(-) + +diff --git a/ruby/t/tc_010_load.rb b/ruby/t/tc_010_load.rb +index 9dc2db67..40ddccd8 100644 +--- a/ruby/t/tc_010_load.rb ++++ b/ruby/t/tc_010_load.rb +@@ -17,7 +17,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test010Load < MiniTest::Unit::TestCase ++class Test010Load < Minitest::Test + def test_010_load + end + end +diff --git a/ruby/t/tc_020_create.rb b/ruby/t/tc_020_create.rb +index 840dd858..c3f5307e 100644 +--- a/ruby/t/tc_020_create.rb ++++ b/ruby/t/tc_020_create.rb +@@ -17,7 +17,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test020Create < MiniTest::Unit::TestCase ++class Test020Create < Minitest::Test + def test_020_create + g = Guestfs::Guestfs.new() + refute_nil (g) +diff --git a/ruby/t/tc_030_create_flags.rb b/ruby/t/tc_030_create_flags.rb +index ac6d1f46..4949d2a8 100644 +--- a/ruby/t/tc_030_create_flags.rb ++++ b/ruby/t/tc_030_create_flags.rb +@@ -17,7 +17,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test030CreateFlags < MiniTest::Unit::TestCase ++class Test030CreateFlags < Minitest::Test + def test_030_create_flags + g = Guestfs::Guestfs.new(:environment => false, :close_on_exit => true) + refute_nil (g) +diff --git a/ruby/t/tc_040_create_multiple.rb b/ruby/t/tc_040_create_multiple.rb +index 36e8edc7..623ccc6e 100644 +--- a/ruby/t/tc_040_create_multiple.rb ++++ b/ruby/t/tc_040_create_multiple.rb +@@ -17,7 +17,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test040CreateMultiple < MiniTest::Unit::TestCase ++class Test040CreateMultiple < Minitest::Test + def test_040_create_multiple + g1 = Guestfs::Guestfs.new() + g2 = Guestfs::Guestfs.new() +diff --git a/ruby/t/tc_050_handle_properties.rb b/ruby/t/tc_050_handle_properties.rb +index 5928532e..b22c51fd 100644 +--- a/ruby/t/tc_050_handle_properties.rb ++++ b/ruby/t/tc_050_handle_properties.rb +@@ -17,7 +17,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test050HandleProperties < MiniTest::Unit::TestCase ++class Test050HandleProperties < Minitest::Test + def test_050_handle_properties + g = Guestfs::Guestfs.new() + refute_nil (g) +diff --git a/ruby/t/tc_060_explicit_close.rb b/ruby/t/tc_060_explicit_close.rb +index 0c9118aa..20afd0de 100644 +--- a/ruby/t/tc_060_explicit_close.rb ++++ b/ruby/t/tc_060_explicit_close.rb +@@ -17,7 +17,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test060ExplicitClose < MiniTest::Unit::TestCase ++class Test060ExplicitClose < Minitest::Test + def test_060_explicit_close + g = Guestfs::Guestfs.new() + refute_nil (g) +diff --git a/ruby/t/tc_070_optargs.rb b/ruby/t/tc_070_optargs.rb +index fff5fbf7..a2360b2f 100644 +--- a/ruby/t/tc_070_optargs.rb ++++ b/ruby/t/tc_070_optargs.rb +@@ -17,7 +17,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test070Optargs < MiniTest::Unit::TestCase ++class Test070Optargs < Minitest::Test + def test_070_optargs + g = Guestfs::Guestfs.new() + +diff --git a/ruby/t/tc_090_retvalues.rb b/ruby/t/tc_090_retvalues.rb +index 4bcc8b54..c9a84276 100644 +--- a/ruby/t/tc_090_retvalues.rb ++++ b/ruby/t/tc_090_retvalues.rb +@@ -17,7 +17,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test090RetValues < MiniTest::Unit::TestCase ++class Test090RetValues < Minitest::Test + def test_090_retvalues + g = Guestfs::Guestfs.new() + +diff --git a/ruby/t/tc_100_launch.rb b/ruby/t/tc_100_launch.rb +index 43db4b67..096cbd62 100644 +--- a/ruby/t/tc_100_launch.rb ++++ b/ruby/t/tc_100_launch.rb +@@ -17,7 +17,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test100Launch < MiniTest::Unit::TestCase ++class Test100Launch < Minitest::Test + def test_100_launch + g = Guestfs::Guestfs.new() + +diff --git a/ruby/t/tc_410_close_event.rb b/ruby/t/tc_410_close_event.rb +index 1b98957e..9a4e0558 100644 +--- a/ruby/t/tc_410_close_event.rb ++++ b/ruby/t/tc_410_close_event.rb +@@ -17,7 +17,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test410CloseEvent < MiniTest::Unit::TestCase ++class Test410CloseEvent < Minitest::Test + def test_410_close_event + g = Guestfs::Guestfs.new() + +diff --git a/ruby/t/tc_420_log_messages.rb b/ruby/t/tc_420_log_messages.rb +index 936e0fd4..a113c62e 100644 +--- a/ruby/t/tc_420_log_messages.rb ++++ b/ruby/t/tc_420_log_messages.rb +@@ -17,7 +17,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test420LogMessages < MiniTest::Unit::TestCase ++class Test420LogMessages < Minitest::Test + def test_420_log_messages + g = Guestfs::Guestfs.new() + +diff --git a/ruby/t/tc_800_rhbz507346.rb b/ruby/t/tc_800_rhbz507346.rb +index 4b7cc010..06767352 100644 +--- a/ruby/t/tc_800_rhbz507346.rb ++++ b/ruby/t/tc_800_rhbz507346.rb +@@ -17,7 +17,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test800RHBZ507346 < MiniTest::Unit::TestCase ++class Test800RHBZ507346 < Minitest::Test + def test_800_rhbz507346 + g = Guestfs::Guestfs.new() + exception = assert_raises TypeError do +diff --git a/ruby/t/tc_810_rhbz664558c6.rb b/ruby/t/tc_810_rhbz664558c6.rb +index f5e9adee..1504c070 100644 +--- a/ruby/t/tc_810_rhbz664558c6.rb ++++ b/ruby/t/tc_810_rhbz664558c6.rb +@@ -21,7 +21,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test810RHBZ664558C6 < MiniTest::Unit::TestCase ++class Test810RHBZ664558C6 < Minitest::Test + def test_810_rhbz_664558c6 + g = Guestfs::Guestfs.new() + +diff --git a/ruby/t/tc_820_rhbz1046509.rb b/ruby/t/tc_820_rhbz1046509.rb +index 882ddb55..0595293d 100644 +--- a/ruby/t/tc_820_rhbz1046509.rb ++++ b/ruby/t/tc_820_rhbz1046509.rb +@@ -20,7 +20,7 @@ + + require File::join(File::dirname(__FILE__), 'test_helper') + +-class Test820RHBZ1046509 < MiniTest::Unit::TestCase ++class Test820RHBZ1046509 < Minitest::Test + def _handleok(g) + g.add_drive("/dev/null") + g.close() diff --git a/SOURCES/0030-ruby-Get-rid-of-old-Test-Unit-compatibility.patch b/SOURCES/0030-ruby-Get-rid-of-old-Test-Unit-compatibility.patch new file mode 100644 index 0000000..a592cc0 --- /dev/null +++ b/SOURCES/0030-ruby-Get-rid-of-old-Test-Unit-compatibility.patch @@ -0,0 +1,278 @@ +From e22e17704988b606e24e76160495626552d0845f Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 21 Sep 2023 15:20:55 +0100 +Subject: [PATCH] ruby: Get rid of old Test::Unit compatibility + +See this commit in hivex: +https://github.com/libguestfs/hivex/commit/6dbbc474d3df5cdfd21ed5e692b3a58136fffc42 + +(cherry picked from commit ecf361d7237d38b2418ddecb1b70e3b722509c12) +--- + ruby/Makefile.am | 3 +-- + ruby/t/tc_010_load.rb | 3 ++- + ruby/t/tc_020_create.rb | 3 ++- + ruby/t/tc_030_create_flags.rb | 3 ++- + ruby/t/tc_040_create_multiple.rb | 3 ++- + ruby/t/tc_050_handle_properties.rb | 3 ++- + ruby/t/tc_060_explicit_close.rb | 3 ++- + ruby/t/tc_070_optargs.rb | 3 ++- + ruby/t/tc_090_retvalues.rb | 3 ++- + ruby/t/tc_100_launch.rb | 3 ++- + ruby/t/tc_410_close_event.rb | 3 ++- + ruby/t/tc_420_log_messages.rb | 3 ++- + ruby/t/tc_800_rhbz507346.rb | 3 ++- + ruby/t/tc_810_rhbz664558c6.rb | 3 ++- + ruby/t/tc_820_rhbz1046509.rb | 3 ++- + ruby/t/test_helper.rb | 33 ------------------------------ + 16 files changed, 29 insertions(+), 49 deletions(-) + delete mode 100644 ruby/t/test_helper.rb + +diff --git a/ruby/Makefile.am b/ruby/Makefile.am +index c26513a7..867b05b1 100644 +--- a/ruby/Makefile.am ++++ b/ruby/Makefile.am +@@ -40,8 +40,7 @@ EXTRA_DIST = \ + lib/guestfs.rb \ + run-bindtests \ + run-ruby-tests \ +- t/tc_*.rb \ +- t/test_helper.rb ++ t/tc_*.rb + + CLEANFILES += \ + lib/*~ \ +diff --git a/ruby/t/tc_010_load.rb b/ruby/t/tc_010_load.rb +index 40ddccd8..e7ec482e 100644 +--- a/ruby/t/tc_010_load.rb ++++ b/ruby/t/tc_010_load.rb +@@ -15,7 +15,8 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test010Load < Minitest::Test + def test_010_load +diff --git a/ruby/t/tc_020_create.rb b/ruby/t/tc_020_create.rb +index c3f5307e..26bb2ecf 100644 +--- a/ruby/t/tc_020_create.rb ++++ b/ruby/t/tc_020_create.rb +@@ -15,7 +15,8 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test020Create < Minitest::Test + def test_020_create +diff --git a/ruby/t/tc_030_create_flags.rb b/ruby/t/tc_030_create_flags.rb +index 4949d2a8..8006d962 100644 +--- a/ruby/t/tc_030_create_flags.rb ++++ b/ruby/t/tc_030_create_flags.rb +@@ -15,7 +15,8 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test030CreateFlags < Minitest::Test + def test_030_create_flags +diff --git a/ruby/t/tc_040_create_multiple.rb b/ruby/t/tc_040_create_multiple.rb +index 623ccc6e..32b2b094 100644 +--- a/ruby/t/tc_040_create_multiple.rb ++++ b/ruby/t/tc_040_create_multiple.rb +@@ -15,7 +15,8 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test040CreateMultiple < Minitest::Test + def test_040_create_multiple +diff --git a/ruby/t/tc_050_handle_properties.rb b/ruby/t/tc_050_handle_properties.rb +index b22c51fd..d37b1d03 100644 +--- a/ruby/t/tc_050_handle_properties.rb ++++ b/ruby/t/tc_050_handle_properties.rb +@@ -15,7 +15,8 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test050HandleProperties < Minitest::Test + def test_050_handle_properties +diff --git a/ruby/t/tc_060_explicit_close.rb b/ruby/t/tc_060_explicit_close.rb +index 20afd0de..8d103616 100644 +--- a/ruby/t/tc_060_explicit_close.rb ++++ b/ruby/t/tc_060_explicit_close.rb +@@ -15,7 +15,8 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test060ExplicitClose < Minitest::Test + def test_060_explicit_close +diff --git a/ruby/t/tc_070_optargs.rb b/ruby/t/tc_070_optargs.rb +index a2360b2f..c2298131 100644 +--- a/ruby/t/tc_070_optargs.rb ++++ b/ruby/t/tc_070_optargs.rb +@@ -15,7 +15,8 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test070Optargs < Minitest::Test + def test_070_optargs +diff --git a/ruby/t/tc_090_retvalues.rb b/ruby/t/tc_090_retvalues.rb +index c9a84276..d7927465 100644 +--- a/ruby/t/tc_090_retvalues.rb ++++ b/ruby/t/tc_090_retvalues.rb +@@ -15,7 +15,8 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test090RetValues < Minitest::Test + def test_090_retvalues +diff --git a/ruby/t/tc_100_launch.rb b/ruby/t/tc_100_launch.rb +index 096cbd62..c4da234e 100644 +--- a/ruby/t/tc_100_launch.rb ++++ b/ruby/t/tc_100_launch.rb +@@ -15,7 +15,8 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test100Launch < Minitest::Test + def test_100_launch +diff --git a/ruby/t/tc_410_close_event.rb b/ruby/t/tc_410_close_event.rb +index 9a4e0558..84cc11ab 100644 +--- a/ruby/t/tc_410_close_event.rb ++++ b/ruby/t/tc_410_close_event.rb +@@ -15,7 +15,8 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test410CloseEvent < Minitest::Test + def test_410_close_event +diff --git a/ruby/t/tc_420_log_messages.rb b/ruby/t/tc_420_log_messages.rb +index a113c62e..fd3049a0 100644 +--- a/ruby/t/tc_420_log_messages.rb ++++ b/ruby/t/tc_420_log_messages.rb +@@ -15,7 +15,8 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test420LogMessages < Minitest::Test + def test_420_log_messages +diff --git a/ruby/t/tc_800_rhbz507346.rb b/ruby/t/tc_800_rhbz507346.rb +index 06767352..54f7734f 100644 +--- a/ruby/t/tc_800_rhbz507346.rb ++++ b/ruby/t/tc_800_rhbz507346.rb +@@ -15,7 +15,8 @@ + # along with this program; if not, write to the Free Software + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test800RHBZ507346 < Minitest::Test + def test_800_rhbz507346 +diff --git a/ruby/t/tc_810_rhbz664558c6.rb b/ruby/t/tc_810_rhbz664558c6.rb +index 1504c070..5ffa2265 100644 +--- a/ruby/t/tc_810_rhbz664558c6.rb ++++ b/ruby/t/tc_810_rhbz664558c6.rb +@@ -19,7 +19,8 @@ + # the interpreter to segfault. See: + # https://bugzilla.redhat.com/show_bug.cgi?id=664558#c6 + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test810RHBZ664558C6 < Minitest::Test + def test_810_rhbz_664558c6 +diff --git a/ruby/t/tc_820_rhbz1046509.rb b/ruby/t/tc_820_rhbz1046509.rb +index 0595293d..b2a6d80b 100644 +--- a/ruby/t/tc_820_rhbz1046509.rb ++++ b/ruby/t/tc_820_rhbz1046509.rb +@@ -18,7 +18,8 @@ + # Test that we don't break the old ::create module function while + # fixing https://bugzilla.redhat.com/show_bug.cgi?id=1046509 + +-require File::join(File::dirname(__FILE__), 'test_helper') ++require 'minitest/autorun' ++require 'guestfs' + + class Test820RHBZ1046509 < Minitest::Test + def _handleok(g) +diff --git a/ruby/t/test_helper.rb b/ruby/t/test_helper.rb +deleted file mode 100644 +index 54f857ce..00000000 +--- a/ruby/t/test_helper.rb ++++ /dev/null +@@ -1,33 +0,0 @@ +-# libguestfs Ruby bindings -*- ruby -*- +-# Copyright (C) 2009-2023 Red Hat Inc. +-# +-# This program is free software; you can redistribute it and/or modify +-# it under the terms of the GNU General Public License as published by +-# the Free Software Foundation; either version 2 of the License, or +-# (at your option) any later version. +-# +-# This program is distributed in the hope that it will be useful, +-# but WITHOUT ANY WARRANTY; without even the implied warranty of +-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +-# GNU General Public License for more details. +-# +-# You should have received a copy of the GNU General Public License +-# along with this program; if not, write to the Free Software +-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +- +-begin +- require 'minitest/autorun' +-rescue LoadError +- require 'test/unit' +- MiniTest = Test +- module Test +- Assertions = Unit::Assertions +- module Assertions +- alias refute_nil assert_not_nil +- end +- end +-end +- +-$:.unshift(File::join(File::dirname(__FILE__), "..", "lib")) +-$:.unshift(File::join(File::dirname(__FILE__), "..", "ext", "guestfs")) +-require 'guestfs' diff --git a/SOURCES/0031-generator-Sort-virt-customize-options-into-alphabeti.patch b/SOURCES/0031-generator-Sort-virt-customize-options-into-alphabeti.patch new file mode 100644 index 0000000..7c82ec3 --- /dev/null +++ b/SOURCES/0031-generator-Sort-virt-customize-options-into-alphabeti.patch @@ -0,0 +1,63 @@ +From 205e2219b977e70c97ea4b55153d94dc3df91c28 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 26 Oct 2023 21:06:21 +0100 +Subject: [PATCH] generator: Sort virt-customize options into alphabetical + order + +(cherry picked from commit 297db5cccc1eb6e838f35d38e60fac894b372676) +--- + generator/customize.ml | 34 +++++++++++++++++----------------- + 1 file changed, 17 insertions(+), 17 deletions(-) + +diff --git a/generator/customize.ml b/generator/customize.ml +index fe87ef5e..c3dd259e 100644 +--- a/generator/customize.ml ++++ b/generator/customize.ml +@@ -510,23 +510,6 @@ You can have multiple I<--ssh-inject> options, for different users + and also for more keys for each user." + }; + +- { op_name = "truncate"; +- op_type = String "FILE"; +- op_discrim = "`Truncate"; +- op_shortdesc = "Truncate a file to zero size"; +- op_pod_longdesc = "\ +-This command truncates C to a zero-length file. The file must exist +-already."; +- }; +- +- { op_name = "truncate-recursive"; +- op_type = String "PATH"; +- op_discrim = "`TruncateRecursive"; +- op_shortdesc = "Recursively truncate all files in directory"; +- op_pod_longdesc = "\ +-This command recursively truncates all files under C to zero-length."; +- }; +- + { op_name = "timezone"; + op_type = String "TIMEZONE"; + op_discrim = "`Timezone"; +@@ -544,6 +527,23 @@ string like C"; + This command performs a L-like operation on C."; + }; + ++ { op_name = "truncate"; ++ op_type = String "FILE"; ++ op_discrim = "`Truncate"; ++ op_shortdesc = "Truncate a file to zero size"; ++ op_pod_longdesc = "\ ++This command truncates C to a zero-length file. The file must exist ++already."; ++ }; ++ ++ { op_name = "truncate-recursive"; ++ op_type = String "PATH"; ++ op_discrim = "`TruncateRecursive"; ++ op_shortdesc = "Recursively truncate all files in directory"; ++ op_pod_longdesc = "\ ++This command recursively truncates all files under C to zero-length."; ++ }; ++ + { op_name = "uninstall"; + op_type = StringList "PKG,PKG.."; + op_discrim = "`UninstallPackages"; diff --git a/SOURCES/0032-generator-Add-new-virt-customize-tar-in-operation.patch b/SOURCES/0032-generator-Add-new-virt-customize-tar-in-operation.patch new file mode 100644 index 0000000..7091730 --- /dev/null +++ b/SOURCES/0032-generator-Add-new-virt-customize-tar-in-operation.patch @@ -0,0 +1,173 @@ +From 055c43fa60c7cefbe3baf32b21cfe8ffae09bf0f Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 26 Oct 2023 19:44:03 +0100 +Subject: [PATCH] generator: Add new virt-customize --tar-in operation + +Using 'virt-customize --tar-in some.tar:/dir -a disk.img' will unpack +'some.tar' into '/dir' in the guest. Note that this will not work for +compressed tar files as written since the underlying guestfs_tar_in +function requires the compression type to be set explicitly and +defaults to no compression (it does not auto-detect or default to +compression). + +(cherry picked from commit b5f7b0ec18e30d25342bc322e571edf17a72974f) +--- + common | 2 +- + generator/customize.ml | 12 ++++++++++++ + 2 files changed, 13 insertions(+), 1 deletion(-) + +Submodule common e70d89a5..9a8ba593: +diff --git a/common/mlcustomize/customize-options.pod b/common/mlcustomize/customize-options.pod +index e658a447..ff93630d 100644 +--- a/common/mlcustomize/customize-options.pod ++++ b/common/mlcustomize/customize-options.pod +@@ -427,6 +427,14 @@ the C field. + You can have multiple I<--ssh-inject> options, for different users + and also for more keys for each user. + ++=item B<--tar-in> TARFILE:REMOTEDIR ++ ++Copy local files or directories from a local tar file ++called C into the disk image, placing them in the ++directory C (which must exist). Note that ++the tar file must be uncompressed (F<.tar.gz> files will not work ++here) ++ + =item B<--timezone> TIMEZONE + + Set the default timezone of the guest to C. Use a location +diff --git a/common/mlcustomize/customize-synopsis.pod b/common/mlcustomize/customize-synopsis.pod +index 5031b015..bb0ce125 100644 +--- a/common/mlcustomize/customize-synopsis.pod ++++ b/common/mlcustomize/customize-synopsis.pod +@@ -9,8 +9,9 @@ + [--password USER:SELECTOR] [--root-password SELECTOR] + [--run SCRIPT] [--run-command 'CMD+ARGS'] [--scrub FILE] + [--sm-attach SELECTOR] [--sm-register] [--sm-remove] +- [--sm-unregister] [--ssh-inject USER[:SELECTOR]] [--truncate FILE] +- [--truncate-recursive PATH] [--timezone TIMEZONE] [--touch FILE] ++ [--sm-unregister] [--ssh-inject USER[:SELECTOR]] ++ [--tar-in TARFILE:REMOTEDIR] [--timezone TIMEZONE] [--touch FILE] ++ [--truncate FILE] [--truncate-recursive PATH] + [--uninstall PKG,PKG..] [--update] [--upload FILE:DEST] + [--write FILE:CONTENT] [--no-logfile] + [--password-crypto md5|sha256|sha512] [--no-selinux-relabel] +diff --git a/common/mlcustomize/customize_cmdline.ml b/common/mlcustomize/customize_cmdline.ml +index 3ce901db..245d9960 100644 +--- a/common/mlcustomize/customize_cmdline.ml ++++ b/common/mlcustomize/customize_cmdline.ml +@@ -93,14 +93,16 @@ and op = [ + (* --sm-unregister *) + | `SSHInject of string * Ssh_key.ssh_key_selector + (* --ssh-inject USER[:SELECTOR] *) +- | `Truncate of string +- (* --truncate FILE *) +- | `TruncateRecursive of string +- (* --truncate-recursive PATH *) ++ | `TarIn of string * string ++ (* --tar-in TARFILE:REMOTEDIR *) + | `Timezone of string + (* --timezone TIMEZONE *) + | `Touch of string + (* --touch FILE *) ++ | `Truncate of string ++ (* --truncate FILE *) ++ | `TruncateRecursive of string ++ (* --truncate-recursive PATH *) + | `UninstallPackages of string list + (* --uninstall PKG,PKG.. *) + | `Update +@@ -418,17 +420,16 @@ let rec argspec () = + ), + Some "USER[:SELECTOR]", "Inject an ssh key so the given C will be able to log in over\nssh without supplying a password. The C must exist already\nin the guest.\n\nSee L for the format of\nthe C field.\n\nYou can have multiple I<--ssh-inject> options, for different users\nand also for more keys for each user."; + ( +- [ L"truncate" ], +- Getopt.String (s_"FILE", fun s -> List.push_front (`Truncate s) ops), +- s_"Truncate a file to zero size" ++ [ L"tar-in" ], ++ Getopt.String ( ++ s_"TARFILE:REMOTEDIR", ++ fun s -> ++ let p = split_string_pair "tar-in" s in ++ List.push_front (`TarIn p) ops ++ ), ++ s_"Copy local files or directories from a tarball into image" + ), +- Some "FILE", "This command truncates C to a zero-length file. The file must exist\nalready."; +- ( +- [ L"truncate-recursive" ], +- Getopt.String (s_"PATH", fun s -> List.push_front (`TruncateRecursive s) ops), +- s_"Recursively truncate all files in directory" +- ), +- Some "PATH", "This command recursively truncates all files under C to zero-length."; ++ Some "TARFILE:REMOTEDIR", "Copy local files or directories from a local tar file\ncalled C into the disk image, placing them in the\ndirectory C (which must exist). Note that\nthe tar file must be uncompressed (F<.tar.gz> files will not work\nhere)"; + ( + [ L"timezone" ], + Getopt.String (s_"TIMEZONE", fun s -> List.push_front (`Timezone s) ops), +@@ -441,6 +442,18 @@ let rec argspec () = + s_"Run touch on a file" + ), + Some "FILE", "This command performs a L-like operation on C."; ++ ( ++ [ L"truncate" ], ++ Getopt.String (s_"FILE", fun s -> List.push_front (`Truncate s) ops), ++ s_"Truncate a file to zero size" ++ ), ++ Some "FILE", "This command truncates C to a zero-length file. The file must exist\nalready."; ++ ( ++ [ L"truncate-recursive" ], ++ Getopt.String (s_"PATH", fun s -> List.push_front (`TruncateRecursive s) ops), ++ s_"Recursively truncate all files in directory" ++ ), ++ Some "PATH", "This command recursively truncates all files under C to zero-length."; + ( + [ L"uninstall" ], + Getopt.String ( +diff --git a/common/mlcustomize/customize_cmdline.mli b/common/mlcustomize/customize_cmdline.mli +index 112b74dc..51a156ea 100644 +--- a/common/mlcustomize/customize_cmdline.mli ++++ b/common/mlcustomize/customize_cmdline.mli +@@ -85,14 +85,16 @@ and op = [ + (* --sm-unregister *) + | `SSHInject of string * Ssh_key.ssh_key_selector + (* --ssh-inject USER[:SELECTOR] *) +- | `Truncate of string +- (* --truncate FILE *) +- | `TruncateRecursive of string +- (* --truncate-recursive PATH *) ++ | `TarIn of string * string ++ (* --tar-in TARFILE:REMOTEDIR *) + | `Timezone of string + (* --timezone TIMEZONE *) + | `Touch of string + (* --touch FILE *) ++ | `Truncate of string ++ (* --truncate FILE *) ++ | `TruncateRecursive of string ++ (* --truncate-recursive PATH *) + | `UninstallPackages of string list + (* --uninstall PKG,PKG.. *) + | `Update +diff --git a/generator/customize.ml b/generator/customize.ml +index c3dd259e..e64b45c0 100644 +--- a/generator/customize.ml ++++ b/generator/customize.ml +@@ -510,6 +510,18 @@ You can have multiple I<--ssh-inject> options, for different users + and also for more keys for each user." + }; + ++ { op_name = "tar-in"; ++ op_type = StringPair "TARFILE:REMOTEDIR"; ++ op_discrim = "`TarIn"; ++ op_shortdesc = "Copy local files or directories from a tarball into image"; ++ op_pod_longdesc = "\ ++Copy local files or directories from a local tar file ++called C into the disk image, placing them in the ++directory C (which must exist). Note that ++the tar file must be uncompressed (F<.tar.gz> files will not work ++here)"; ++ }; ++ + { op_name = "timezone"; + op_type = String "TIMEZONE"; + op_discrim = "`Timezone"; diff --git a/SOURCES/0033-New-mailing-list-email-address.patch b/SOURCES/0033-New-mailing-list-email-address.patch new file mode 100644 index 0000000..5a1b812 --- /dev/null +++ b/SOURCES/0033-New-mailing-list-email-address.patch @@ -0,0 +1,271 @@ +From 0c1d7af8fdbf272f33ccd572ed34923ab094d695 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 16 Nov 2023 10:38:59 +0000 +Subject: [PATCH] New mailing list email address + +(cherry picked from commit 0b8b1e4b2d70cf4ed59775c3c2d1aa42d3c29ca2) +--- + .gitpublish | 2 +- + appliance/Makefile.am | 2 +- + po-docs/Makefile.am | 2 +- + po-docs/cs.po | 2 +- + po-docs/de.po | 2 +- + po-docs/en_GB.po | 2 +- + po-docs/es.po | 2 +- + po-docs/eu.po | 2 +- + po-docs/fi.po | 2 +- + po-docs/fr.po | 2 +- + po-docs/ja.po | 2 +- + po-docs/libguestfs-docs.pot | 2 +- + po-docs/nl.po | 2 +- + po-docs/pt_BR.po | 2 +- + po-docs/si.po | 2 +- + po-docs/tg.po | 2 +- + po-docs/uk.po | 2 +- + po-docs/zh_CN.po | 2 +- + python/setup.py.in | 2 +- + 19 files changed, 19 insertions(+), 19 deletions(-) + +diff --git a/.gitpublish b/.gitpublish +index 9775dd23..2aae0c09 100644 +--- a/.gitpublish ++++ b/.gitpublish +@@ -1,3 +1,3 @@ + [gitpublishprofile "default"] + base = master +-to = libguestfs@redhat.com ++to = guestfs@lists.libguestfs.org +diff --git a/appliance/Makefile.am b/appliance/Makefile.am +index 063c19f6..8cb9bd1f 100644 +--- a/appliance/Makefile.am ++++ b/appliance/Makefile.am +@@ -88,7 +88,7 @@ else + if HAVE_PACMAN + QUERY_FILES_CMD := xargs pacman -Qo | sed -r 's/.* is owned by ([^ ]+) .*/\1/' + else +-$(error Error: Unknown Linux distribution "$(DISTRO)". Please add support to m4/guestfs-appliance.m4 and appliance/Makefile.am and send a patch upstream to libguestfs@redhat.com) ++$(error Error: Unknown Linux distribution "$(DISTRO)". Please add support to m4/guestfs-appliance.m4 and appliance/Makefile.am and send a patch upstream to guestfs@lists.libguestfs.org) + endif !HAVE_PACMAN + endif !HAVE_DPKG + endif !HAVE_RPM +diff --git a/po-docs/Makefile.am b/po-docs/Makefile.am +index 61c1b1c9..330b673f 100644 +--- a/po-docs/Makefile.am ++++ b/po-docs/Makefile.am +@@ -46,7 +46,7 @@ libguestfs-docs.pot: + -M utf-8 -L utf-8 \ + --package-name $(PACKAGE_NAME) \ + --package-version $(PACKAGE_VERSION) \ +- --msgid-bugs-address libguestfs@redhat.com \ ++ --msgid-bugs-address guestfs@lists.libguestfs.org \ + --copyright-holder "Red Hat Inc." \ + -p $(abs_srcdir)/$@ \ + $(patsubst %,-m %,$(shell cat $(srcdir)/podfiles)) +diff --git a/po-docs/cs.po b/po-docs/cs.po +index 5618cb0f..d50e53bf 100644 +--- a/po-docs/cs.po ++++ b/po-docs/cs.po +@@ -3,7 +3,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.39.12\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-07-06 15:46+0100\n" + "PO-Revision-Date: 2017-09-11 04:54+0000\n" + "Last-Translator: Zdenek \n" +diff --git a/po-docs/de.po b/po-docs/de.po +index da449e9f..76abc8d3 100644 +--- a/po-docs/de.po ++++ b/po-docs/de.po +@@ -7,7 +7,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.39.12\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-07-06 15:46+0100\n" + "PO-Revision-Date: 2021-11-18 23:16+0000\n" + "Last-Translator: Ettore Atalan \n" +diff --git a/po-docs/en_GB.po b/po-docs/en_GB.po +index 283402a6..75610b9e 100644 +--- a/po-docs/en_GB.po ++++ b/po-docs/en_GB.po +@@ -6,7 +6,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.39.12\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-07-06 15:46+0100\n" + "PO-Revision-Date: 2015-02-21 10:15+0000\n" + "Last-Translator: Copied by Zanata \n" +diff --git a/po-docs/es.po b/po-docs/es.po +index a163e26d..defbd61d 100644 +--- a/po-docs/es.po ++++ b/po-docs/es.po +@@ -9,7 +9,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.39.12\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-07-06 15:46+0100\n" + "PO-Revision-Date: 2023-02-05 15:20+0000\n" + "Last-Translator: Emilio Herrera \n" +diff --git a/po-docs/eu.po b/po-docs/eu.po +index 7f1f634b..63653271 100644 +--- a/po-docs/eu.po ++++ b/po-docs/eu.po +@@ -7,7 +7,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.39.12\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-07-06 15:46+0100\n" + "PO-Revision-Date: 2015-02-21 10:17+0000\n" + "Last-Translator: Copied by Zanata \n" +diff --git a/po-docs/fi.po b/po-docs/fi.po +index d96bfd38..361de115 100644 +--- a/po-docs/fi.po ++++ b/po-docs/fi.po +@@ -6,7 +6,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.43.1\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-08-12 15:34+0200\n" + "PO-Revision-Date: 2022-12-23 18:20+0000\n" + "Last-Translator: Jan Kuparinen \n" +diff --git a/po-docs/fr.po b/po-docs/fr.po +index f411d189..cd903c0e 100644 +--- a/po-docs/fr.po ++++ b/po-docs/fr.po +@@ -8,7 +8,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.39.12\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-07-06 15:46+0100\n" + "PO-Revision-Date: 2015-02-21 10:19+0000\n" + "Last-Translator: Copied by Zanata \n" +diff --git a/po-docs/ja.po b/po-docs/ja.po +index 4120b2de..d90437dc 100644 +--- a/po-docs/ja.po ++++ b/po-docs/ja.po +@@ -12,7 +12,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.39.12\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-07-06 15:46+0100\n" + "PO-Revision-Date: 2017-02-24 07:33+0000\n" + "Last-Translator: Copied by Zanata \n" +diff --git a/po-docs/libguestfs-docs.pot b/po-docs/libguestfs-docs.pot +index 8e33712f..3954a51e 100644 +--- a/po-docs/libguestfs-docs.pot ++++ b/po-docs/libguestfs-docs.pot +@@ -7,7 +7,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.43.1\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-08-12 15:34+0200\n" + "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" + "Last-Translator: FULL NAME \n" +diff --git a/po-docs/nl.po b/po-docs/nl.po +index 571f3523..0cf147ee 100644 +--- a/po-docs/nl.po ++++ b/po-docs/nl.po +@@ -7,7 +7,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.39.12\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-07-06 15:46+0100\n" + "PO-Revision-Date: 2015-02-21 10:33+0000\n" + "Last-Translator: Copied by Zanata \n" +diff --git a/po-docs/pt_BR.po b/po-docs/pt_BR.po +index 87c0059f..229f49c3 100644 +--- a/po-docs/pt_BR.po ++++ b/po-docs/pt_BR.po +@@ -3,7 +3,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.39.12\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-07-06 15:46+0100\n" + "PO-Revision-Date: 2017-01-29 09:50+0000\n" + "Last-Translator: Rodrigo de Araujo Sousa Fonseca " +diff --git a/po-docs/si.po b/po-docs/si.po +index e7327945..aa7f5f97 100644 +--- a/po-docs/si.po ++++ b/po-docs/si.po +@@ -6,7 +6,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.43.1\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-08-12 15:34+0200\n" + "PO-Revision-Date: 2021-08-19 07:04+0000\n" + "Last-Translator: Hela Basa \n" +diff --git a/po-docs/tg.po b/po-docs/tg.po +index 446653ab..9e6fa072 100644 +--- a/po-docs/tg.po ++++ b/po-docs/tg.po +@@ -6,7 +6,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.39.12\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-07-06 15:46+0100\n" + "PO-Revision-Date: 2015-02-21 10:34+0000\n" + "Last-Translator: Copied by Zanata \n" +diff --git a/po-docs/uk.po b/po-docs/uk.po +index 52b5ce56..960ea8f8 100644 +--- a/po-docs/uk.po ++++ b/po-docs/uk.po +@@ -15,7 +15,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.39.12\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-07-06 15:46+0100\n" + "PO-Revision-Date: 2020-08-16 15:29+0000\n" + "Last-Translator: Yuri Chornoivan \n" +diff --git a/po-docs/zh_CN.po b/po-docs/zh_CN.po +index 7c546775..0c15c1c1 100644 +--- a/po-docs/zh_CN.po ++++ b/po-docs/zh_CN.po +@@ -8,7 +8,7 @@ + msgid "" + msgstr "" + "Project-Id-Version: libguestfs 1.39.12\n" +-"Report-Msgid-Bugs-To: libguestfs@redhat.com\n" ++"Report-Msgid-Bugs-To: guestfs@lists.libguestfs.org\n" + "POT-Creation-Date: 2020-07-06 15:46+0100\n" + "PO-Revision-Date: 2017-07-24 08:04+0000\n" + "Last-Translator: cheng ye <18969068329@163.com>\n" +diff --git a/python/setup.py.in b/python/setup.py.in +index aa9fb7ad..17571944 100644 +--- a/python/setup.py.in ++++ b/python/setup.py.in +@@ -30,7 +30,7 @@ This package contains the Python bindings for libguestfs. + """, + + author='The @PACKAGE_NAME@ team', +- author_email='libguestfs@redhat.com', ++ author_email='guestfs@lists.libguestfs.org', + url='http://libguestfs.org', + + license='LGPLv2+', diff --git a/SOURCES/0034-New-mailing-list-archives.patch b/SOURCES/0034-New-mailing-list-archives.patch new file mode 100644 index 0000000..5e8873c --- /dev/null +++ b/SOURCES/0034-New-mailing-list-archives.patch @@ -0,0 +1,590 @@ +From d5a52e1004b7b151a1df286a72e49e9766ade2c8 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 16 Nov 2023 10:52:11 +0000 +Subject: [PATCH] New mailing list archives + +(cherry picked from commit b2f3994de26c25d61ed94d2ee3b2ea9600755ee1) +--- + README | 2 +- + configure.ac | 2 +- + docs/guestfs-faq.pod | 6 +++--- + docs/guestfs-hacking.pod | 2 +- + docs/guestfs-security.pod | 2 +- + docs/guestfs-testing.pod | 2 +- + po-docs/cs.po | 4 ++-- + po-docs/de.po | 4 ++-- + po-docs/en_GB.po | 8 ++++---- + po-docs/es.po | 4 ++-- + po-docs/eu.po | 4 ++-- + po-docs/fi.po | 12 ++++++------ + po-docs/fr.po | 4 ++-- + po-docs/ja.po | 6 +++--- + po-docs/libguestfs-docs.pot | 12 ++++++------ + po-docs/nl.po | 4 ++-- + po-docs/pt_BR.po | 4 ++-- + po-docs/si.po | 12 ++++++------ + po-docs/tg.po | 4 ++-- + po-docs/uk.po | 6 +++--- + po-docs/zh_CN.po | 4 ++-- + website/index.html.in | 2 +- + 22 files changed, 55 insertions(+), 55 deletions(-) + +diff --git a/README b/README +index 40a7267e..b350edb5 100644 +--- a/README ++++ b/README +@@ -6,7 +6,7 @@ disk images. For more information see the home page: + For discussion, development, patches, etc. please use the mailing + list: + +- http://www.redhat.com/mailman/listinfo/libguestfs ++ https://lists.libguestfs.org + + To find out how to build libguestfs from source, read: + +diff --git a/configure.ac b/configure.ac +index d1397f63..f8e5e9bb 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -322,7 +322,7 @@ echo "If any optional component is configured 'no' when you expected 'yes'" + echo "then you should check the preceding messages." + echo + echo "Please report bugs back to the mailing list:" +-echo "http://www.redhat.com/mailman/listinfo/libguestfs" ++echo "https://lists.libguestfs.org" + echo + echo "Next you should type 'make' to build the package," + echo "then 'make check' to run the tests." +diff --git a/docs/guestfs-faq.pod b/docs/guestfs-faq.pod +index 1e83a9c5..3a03282f 100644 +--- a/docs/guestfs-faq.pod ++++ b/docs/guestfs-faq.pod +@@ -106,7 +106,7 @@ contact S: L + + There is a mailing list, mainly for development, but users are also + welcome to ask questions about libguestfs and the virt tools: +-L ++L + + You can also talk to us on IRC channel C<#guestfs> on Libera Chat. + We're not always around, so please stay in the channel after asking +@@ -1289,7 +1289,7 @@ documented stable API. + =head2 Where do I send patches? + + Please send patches to the libguestfs mailing list +-L. You don't have ++L. You don't have + to be subscribed, but there will be a delay until your posting is + manually approved. + +@@ -1302,7 +1302,7 @@ prefer to have a linear history. + + Large new features that you intend to contribute should be discussed + on the mailing list first +-(L). This avoids ++(L). This avoids + disappointment and wasted work if we don't think the feature would fit + into the libguestfs project. + +diff --git a/docs/guestfs-hacking.pod b/docs/guestfs-hacking.pod +index 68cf8292..f0bac9f2 100644 +--- a/docs/guestfs-hacking.pod ++++ b/docs/guestfs-hacking.pod +@@ -818,7 +818,7 @@ examining the F log files carefully. + =head2 SUBMITTING PATCHES + + Submit patches to the mailing list: +-L ++L + and CC to L. + + You do not need to subscribe to the mailing list if you don’t want to. +diff --git a/docs/guestfs-security.pod b/docs/guestfs-security.pod +index afacb091..60d22952 100644 +--- a/docs/guestfs-security.pod ++++ b/docs/guestfs-security.pod +@@ -15,7 +15,7 @@ L + + If the security problem is not so serious, you can simply file a bug + (see L below), or send an email to our mailing list +-(L). You do not ++(L). You do not + need to subscribe to the mailing list to send email, but there will be + a delay while the message is moderated. + +diff --git a/docs/guestfs-testing.pod b/docs/guestfs-testing.pod +index c7b44928..ee4b26d6 100644 +--- a/docs/guestfs-testing.pod ++++ b/docs/guestfs-testing.pod +@@ -21,7 +21,7 @@ or post on the mailing list (registration is B required, but if + you're not registered then you'll have to wait for a moderator to + manually approve your message): + +-L ++L + + =head1 TESTS + +diff --git a/po-docs/cs.po b/po-docs/cs.po +index d50e53bf..60c29165 100644 +--- a/po-docs/cs.po ++++ b/po-docs/cs.po +@@ -16000,7 +16000,7 @@ msgstr "" + #: ../docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -38700,7 +38700,7 @@ msgstr "" + + #. type: textblock + #: ../docs/guestfs-testing.pod:24 +-msgid "L" ++msgid "L" + msgstr "" + + #. type: =head1 +diff --git a/po-docs/de.po b/po-docs/de.po +index 76abc8d3..565cd66f 100644 +--- a/po-docs/de.po ++++ b/po-docs/de.po +@@ -16118,7 +16118,7 @@ msgstr "" + #: ../docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -38822,7 +38822,7 @@ msgstr "" + + #. type: textblock + #: ../docs/guestfs-testing.pod:24 +-msgid "L" ++msgid "L" + msgstr "" + + #. type: =head1 +diff --git a/po-docs/en_GB.po b/po-docs/en_GB.po +index 75610b9e..31edb8bf 100644 +--- a/po-docs/en_GB.po ++++ b/po-docs/en_GB.po +@@ -17054,12 +17054,12 @@ msgstr "How do I propose a feature?" + #: ../docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + +@@ -42254,8 +42254,8 @@ msgstr "" + + #. type: textblock + #: ../docs/guestfs-testing.pod:24 +-msgid "L" +-msgstr "L" ++msgid "L" ++msgstr "L" + + #. type: =head1 + #: ../docs/guestfs-testing.pod:26 +diff --git a/po-docs/es.po b/po-docs/es.po +index defbd61d..c84192f4 100644 +--- a/po-docs/es.po ++++ b/po-docs/es.po +@@ -16057,7 +16057,7 @@ msgstr "" + #: ../docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -38908,7 +38908,7 @@ msgstr "" + + #. type: textblock + #: ../docs/guestfs-testing.pod:24 +-msgid "L" ++msgid "L" + msgstr "" + + #. type: =head1 +diff --git a/po-docs/eu.po b/po-docs/eu.po +index 63653271..44bc885d 100644 +--- a/po-docs/eu.po ++++ b/po-docs/eu.po +@@ -15951,7 +15951,7 @@ msgstr "" + #: ../docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -38651,7 +38651,7 @@ msgstr "" + + #. type: textblock + #: ../docs/guestfs-testing.pod:24 +-msgid "L" ++msgid "L" + msgstr "" + + #. type: =head1 +diff --git a/po-docs/fi.po b/po-docs/fi.po +index 361de115..3ff70b33 100644 +--- a/po-docs/fi.po ++++ b/po-docs/fi.po +@@ -13507,7 +13507,7 @@ msgstr "" + msgid "" + "There is a mailing list, mainly for development, but users are also welcome " + "to ask questions about libguestfs and the virt tools: " +-"L" ++"L" + msgstr "" + + #. type: textblock +@@ -15849,7 +15849,7 @@ msgstr "" + #: docs/guestfs-faq.pod:1285 + msgid "" + "Please send patches to the libguestfs mailing list " +-"L. You don't have to be " ++"L. You don't have to be " + "subscribed, but there will be a delay until your posting is manually " + "approved." + msgstr "" +@@ -15872,7 +15872,7 @@ msgstr "" + #: docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -17816,7 +17816,7 @@ msgstr "" + #: docs/guestfs-hacking.pod:840 + msgid "" + "Submit patches to the mailing list: " +-"L and CC to " ++"L and CC to " + "L." + msgstr "" + +@@ -37995,7 +37995,7 @@ msgstr "" + msgid "" + "If the security problem is not so serious, you can simply file a bug (see " + "L below), or send an email to our mailing list " +-"(L). You do not need to " ++"(L). You do not need to " + "subscribe to the mailing list to send email, but there will be a delay while " + "the message is moderated." + msgstr "" +@@ -38598,7 +38598,7 @@ msgstr "" + + #. type: textblock + #: docs/guestfs-testing.pod:24 +-msgid "L" ++msgid "L" + msgstr "" + + #. type: =head1 +diff --git a/po-docs/fr.po b/po-docs/fr.po +index cd903c0e..34b6149e 100644 +--- a/po-docs/fr.po ++++ b/po-docs/fr.po +@@ -16363,7 +16363,7 @@ msgstr "" + #: ../docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -40728,7 +40728,7 @@ msgstr "" + + #. type: textblock + #: ../docs/guestfs-testing.pod:24 +-msgid "L" ++msgid "L" + msgstr "" + + #. type: =head1 +diff --git a/po-docs/ja.po b/po-docs/ja.po +index d90437dc..d00d73d2 100644 +--- a/po-docs/ja.po ++++ b/po-docs/ja.po +@@ -16574,7 +16574,7 @@ msgstr "" + #: ../docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -39859,8 +39859,8 @@ msgstr "" + + #. type: textblock + #: ../docs/guestfs-testing.pod:24 +-msgid "L" +-msgstr "L" ++msgid "L" ++msgstr "L" + + #. type: =head1 + #: ../docs/guestfs-testing.pod:26 +diff --git a/po-docs/libguestfs-docs.pot b/po-docs/libguestfs-docs.pot +index 3954a51e..56d0777b 100644 +--- a/po-docs/libguestfs-docs.pot ++++ b/po-docs/libguestfs-docs.pot +@@ -13453,7 +13453,7 @@ msgstr "" + msgid "" + "There is a mailing list, mainly for development, but users are also welcome " + "to ask questions about libguestfs and the virt tools: " +-"L" ++"L" + msgstr "" + + #. type: textblock +@@ -15795,7 +15795,7 @@ msgstr "" + #: docs/guestfs-faq.pod:1285 + msgid "" + "Please send patches to the libguestfs mailing list " +-"L. You don't have to be " ++"L. You don't have to be " + "subscribed, but there will be a delay until your posting is manually " + "approved." + msgstr "" +@@ -15818,7 +15818,7 @@ msgstr "" + #: docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -17762,7 +17762,7 @@ msgstr "" + #: docs/guestfs-hacking.pod:840 + msgid "" + "Submit patches to the mailing list: " +-"L and CC to " ++"L and CC to " + "L." + msgstr "" + +@@ -37939,7 +37939,7 @@ msgstr "" + msgid "" + "If the security problem is not so serious, you can simply file a bug (see " + "L below), or send an email to our mailing list " +-"(L). You do not need to " ++"(L). You do not need to " + "subscribe to the mailing list to send email, but there will be a delay while " + "the message is moderated." + msgstr "" +@@ -38542,7 +38542,7 @@ msgstr "" + + #. type: textblock + #: docs/guestfs-testing.pod:24 +-msgid "L" ++msgid "L" + msgstr "" + + #. type: =head1 +diff --git a/po-docs/nl.po b/po-docs/nl.po +index 0cf147ee..1f8ac7d0 100644 +--- a/po-docs/nl.po ++++ b/po-docs/nl.po +@@ -15951,7 +15951,7 @@ msgstr "" + #: ../docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -38651,7 +38651,7 @@ msgstr "" + + #. type: textblock + #: ../docs/guestfs-testing.pod:24 +-msgid "L" ++msgid "L" + msgstr "" + + #. type: =head1 +diff --git a/po-docs/pt_BR.po b/po-docs/pt_BR.po +index 229f49c3..d69895cf 100644 +--- a/po-docs/pt_BR.po ++++ b/po-docs/pt_BR.po +@@ -15947,7 +15947,7 @@ msgstr "" + #: ../docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -38647,7 +38647,7 @@ msgstr "" + + #. type: textblock + #: ../docs/guestfs-testing.pod:24 +-msgid "L" ++msgid "L" + msgstr "" + + #. type: =head1 +diff --git a/po-docs/si.po b/po-docs/si.po +index aa7f5f97..de16c4ac 100644 +--- a/po-docs/si.po ++++ b/po-docs/si.po +@@ -13455,7 +13455,7 @@ msgstr "" + msgid "" + "There is a mailing list, mainly for development, but users are also welcome " + "to ask questions about libguestfs and the virt tools: " +-"L" ++"L" + msgstr "" + + #. type: textblock +@@ -15797,7 +15797,7 @@ msgstr "" + #: docs/guestfs-faq.pod:1285 + msgid "" + "Please send patches to the libguestfs mailing list " +-"L. You don't have to be " ++"L. You don't have to be " + "subscribed, but there will be a delay until your posting is manually " + "approved." + msgstr "" +@@ -15820,7 +15820,7 @@ msgstr "" + #: docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -17764,7 +17764,7 @@ msgstr "" + #: docs/guestfs-hacking.pod:840 + msgid "" + "Submit patches to the mailing list: " +-"L and CC to " ++"L and CC to " + "L." + msgstr "" + +@@ -37941,7 +37941,7 @@ msgstr "" + msgid "" + "If the security problem is not so serious, you can simply file a bug (see " + "L below), or send an email to our mailing list " +-"(L). You do not need to " ++"(L). You do not need to " + "subscribe to the mailing list to send email, but there will be a delay while " + "the message is moderated." + msgstr "" +@@ -38544,7 +38544,7 @@ msgstr "" + + #. type: textblock + #: docs/guestfs-testing.pod:24 +-msgid "L" ++msgid "L" + msgstr "" + + #. type: =head1 +diff --git a/po-docs/tg.po b/po-docs/tg.po +index 9e6fa072..80db7183 100644 +--- a/po-docs/tg.po ++++ b/po-docs/tg.po +@@ -15952,7 +15952,7 @@ msgstr "" + #: ../docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -38652,7 +38652,7 @@ msgstr "" + + #. type: textblock + #: ../docs/guestfs-testing.pod:24 +-msgid "L" ++msgid "L" + msgstr "" + + #. type: =head1 +diff --git a/po-docs/uk.po b/po-docs/uk.po +index 960ea8f8..40c96852 100644 +--- a/po-docs/uk.po ++++ b/po-docs/uk.po +@@ -19726,7 +19726,7 @@ msgstr "Як запропонувати нову можливість?" + #: ../docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -47713,8 +47713,8 @@ msgstr "" + + #. type: textblock + #: ../docs/guestfs-testing.pod:24 +-msgid "L" +-msgstr "L" ++msgid "L" ++msgstr "L" + + #. type: =head1 + #: ../docs/guestfs-testing.pod:26 +diff --git a/po-docs/zh_CN.po b/po-docs/zh_CN.po +index 0c15c1c1..1ad0e1cd 100644 +--- a/po-docs/zh_CN.po ++++ b/po-docs/zh_CN.po +@@ -15954,7 +15954,7 @@ msgstr "" + #: ../docs/guestfs-faq.pod:1297 + msgid "" + "Large new features that you intend to contribute should be discussed on the " +-"mailing list first (L). " ++"mailing list first (L). " + "This avoids disappointment and wasted work if we don't think the feature " + "would fit into the libguestfs project." + msgstr "" +@@ -38654,7 +38654,7 @@ msgstr "" + + #. type: textblock + #: ../docs/guestfs-testing.pod:24 +-msgid "L" ++msgid "L" + msgstr "" + + #. type: =head1 +diff --git a/website/index.html.in b/website/index.html.in +index 91088b59..e7a03d6d 100644 +--- a/website/index.html.in ++++ b/website/index.html.in +@@ -54,7 +54,7 @@ guestfish --ro -i -a disk.img + +

+ Join us on +-the libguestfs ++the libguestfs + mailing list, or on IRC channel #guestfs + on Libera Chat. +

diff --git a/SOURCES/0035-lib-Include-libxml-parser.h-for-xmlReadMemory.patch b/SOURCES/0035-lib-Include-libxml-parser.h-for-xmlReadMemory.patch new file mode 100644 index 0000000..1b8ee36 --- /dev/null +++ b/SOURCES/0035-lib-Include-libxml-parser.h-for-xmlReadMemory.patch @@ -0,0 +1,25 @@ +From 64a928f631bc79d885d9822a3022c382cbd5fd55 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Mon, 27 Nov 2023 14:04:33 +0000 +Subject: [PATCH] lib: Include for xmlReadMemory + +Since libxml2 2.12.1 including this header is required to have this +function declared. + +(cherry picked from commit 02c39dc5e8109ddb911d90759883a504008ba509) +--- + lib/launch-libvirt.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c +index d4bf1a8f..79465dd4 100644 +--- a/lib/launch-libvirt.c ++++ b/lib/launch-libvirt.c +@@ -38,6 +38,7 @@ + #include + #endif + ++#include + #include + #include + diff --git a/SOURCES/0036-ocaml-Use-Gc.finalise-instead-of-a-C-finalizer.patch b/SOURCES/0036-ocaml-Use-Gc.finalise-instead-of-a-C-finalizer.patch new file mode 100644 index 0000000..909722c --- /dev/null +++ b/SOURCES/0036-ocaml-Use-Gc.finalise-instead-of-a-C-finalizer.patch @@ -0,0 +1,132 @@ +From 27aca404cfbfdf9b3d155fa0794f86936525f40c Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Wed, 13 Dec 2023 22:50:56 +0000 +Subject: [PATCH] ocaml: Use Gc.finalise instead of a C finalizer + +Since OCaml 5.1.1, changes to custom blocks caused C finalizers that +call caml_enter_blocking_section to stop working (if they ever did +before). They are relatively inflexible compared to registering an +OCaml finalizer (Gc.finalise) to call Guestfs.close, so use that +instead. + +Suggested-by: Guillaume Munch-Maccagnoni +See: https://github.com/ocaml/ocaml/issues/12820 +See: https://gitlab.com/nbdkit/libnbd/-/commit/db48794fa89547a4799b832331e82b4b8b98f03d +(cherry picked from commit 61418535ad63b5a2a91f1caf4703d7134834e4dd) +--- + generator/OCaml.ml | 7 ++++- + ocaml/guestfs-c.c | 69 +++++++++++++++++++++------------------------- + 2 files changed, 37 insertions(+), 39 deletions(-) + +diff --git a/generator/OCaml.ml b/generator/OCaml.ml +index 07ccd269..1e6f603a 100644 +--- a/generator/OCaml.ml ++++ b/generator/OCaml.ml +@@ -312,10 +312,15 @@ type t + exception Error of string + exception Handle_closed of string + +-external create : ?environment:bool -> ?close_on_exit:bool -> unit -> t = ++external _create : ?environment:bool -> ?close_on_exit:bool -> unit -> t = + \"guestfs_int_ocaml_create\" + external close : t -> unit = \"guestfs_int_ocaml_close\" + ++let create ?environment ?close_on_exit () = ++ let g = _create ?environment ?close_on_exit () in ++ Gc.finalise close g; ++ g ++ + type event = + "; + List.iter ( +diff --git a/ocaml/guestfs-c.c b/ocaml/guestfs-c.c +index 8a8761e8..700c33ab 100644 +--- a/ocaml/guestfs-c.c ++++ b/ocaml/guestfs-c.c +@@ -61,43 +61,10 @@ value guestfs_int_ocaml_delete_event_callback (value gv, value eh); + value guestfs_int_ocaml_event_to_string (value events); + value guestfs_int_ocaml_last_errno (value gv); + +-/* Allocate handles and deal with finalization. */ +-static void +-guestfs_finalize (value gv) +-{ +- guestfs_h *g = Guestfs_val (gv); +- +- if (g) { +- /* There is a nasty, difficult to solve case here where the +- * user deletes events in one of the callbacks that we are +- * about to invoke, resulting in a double-free. XXX +- */ +- size_t len; +- value **roots = get_all_event_callbacks (g, &len); +- +- /* Close the handle: this could invoke callbacks from the list +- * above, which is why we don't want to delete them before +- * closing the handle. +- */ +- caml_release_runtime_system (); +- guestfs_close (g); +- caml_acquire_runtime_system (); +- +- /* Now unregister the global roots. */ +- if (roots && len > 0) { +- size_t i; +- for (i = 0; i < len; ++i) { +- caml_remove_generational_global_root (roots[i]); +- free (roots[i]); +- } +- free (roots); +- } +- } +-} +- ++/* Allocate handles. */ + static struct custom_operations guestfs_custom_operations = { + (char *) "guestfs_custom_operations", +- guestfs_finalize, ++ custom_finalize_default, + custom_compare_default, + custom_hash_default, + custom_serialize_default, +@@ -179,11 +146,37 @@ value + guestfs_int_ocaml_close (value gv) + { + CAMLparam1 (gv); ++ guestfs_h *g = Guestfs_val (gv); + +- guestfs_finalize (gv); ++ if (g) { ++ /* There is a nasty, difficult to solve case here where the ++ * user deletes events in one of the callbacks that we are ++ * about to invoke, resulting in a double-free. XXX ++ */ ++ size_t len; ++ value **roots = get_all_event_callbacks (g, &len); + +- /* So we don't double-free in the finalizer. */ +- Guestfs_val (gv) = NULL; ++ /* Close the handle: this could invoke callbacks from the list ++ * above, which is why we don't want to delete them before ++ * closing the handle. ++ */ ++ caml_release_runtime_system (); ++ guestfs_close (g); ++ caml_acquire_runtime_system (); ++ ++ /* Now unregister the global roots. */ ++ if (roots && len > 0) { ++ size_t i; ++ for (i = 0; i < len; ++i) { ++ caml_remove_generational_global_root (roots[i]); ++ free (roots[i]); ++ } ++ free (roots); ++ } ++ ++ /* So we don't double-free. */ ++ Guestfs_val (gv) = NULL; ++ } + + CAMLreturn (Val_unit); + } diff --git a/SOURCES/0037-ocaml-Nullify-custom-block-before-releasing-runtime-.patch b/SOURCES/0037-ocaml-Nullify-custom-block-before-releasing-runtime-.patch new file mode 100644 index 0000000..20ee83c --- /dev/null +++ b/SOURCES/0037-ocaml-Nullify-custom-block-before-releasing-runtime-.patch @@ -0,0 +1,39 @@ +From 9f52ab7794bf54169139995c5296aa5f39e47706 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 14 Dec 2023 08:33:10 +0000 +Subject: [PATCH] ocaml: Nullify custom block before releasing runtime lock + +Avoids a potential, though if possible then very rare, double free +path. + +Suggested-by: Guillaume Munch-Maccagnoni +See: https://github.com/ocaml/ocaml/issues/12820 +(cherry picked from commit e93fd7e8acf34192c0d1b70611e3474dde346941) +--- + ocaml/guestfs-c.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/ocaml/guestfs-c.c b/ocaml/guestfs-c.c +index 700c33ab..ea9a0598 100644 +--- a/ocaml/guestfs-c.c ++++ b/ocaml/guestfs-c.c +@@ -156,6 +156,9 @@ guestfs_int_ocaml_close (value gv) + size_t len; + value **roots = get_all_event_callbacks (g, &len); + ++ /* So we don't double-free. */ ++ Guestfs_val (gv) = NULL; ++ + /* Close the handle: this could invoke callbacks from the list + * above, which is why we don't want to delete them before + * closing the handle. +@@ -173,9 +176,6 @@ guestfs_int_ocaml_close (value gv) + } + free (roots); + } +- +- /* So we don't double-free. */ +- Guestfs_val (gv) = NULL; + } + + CAMLreturn (Val_unit); diff --git a/SOURCES/0038-Update-common-submodule.patch b/SOURCES/0038-Update-common-submodule.patch new file mode 100644 index 0000000..4ec3781 --- /dev/null +++ b/SOURCES/0038-Update-common-submodule.patch @@ -0,0 +1,162 @@ +From d015c300eb0d6ac1d366cf02b15b7aade7e3063a Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 14 Dec 2023 09:03:49 +0000 +Subject: [PATCH] Update common submodule + +The list of patches is below. The one which matters for guestfish is +addition of --key all:... selector. + +Andrey Drobyshev (1): + mldrivers: look for bootloader config in /boot/grub/grub.cfg in case of UEFI + +Richard W.M. Jones (5): + mlxml: Include for xmlReadMemory + options/keys.c: Rewrite confusing match statement + options: Rewrite --key documentation fragment + options: Allow --key all:SELECTOR to be used to match any device + mltools/libosinfo-c.c: Fix off-by-one error + +Fixes: https://issues.redhat.com/browse/RHEL-19367 +(cherry picked from commit 7fd41b5a02b7a9d217150fa49940115a98aae329) +--- + common | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Submodule common 9a8ba593..0dba002c: +diff --git a/common/mldrivers/linux_bootloaders.ml b/common/mldrivers/linux_bootloaders.ml +index 6f8857ef..91c5ab9e 100644 +--- a/common/mldrivers/linux_bootloaders.ml ++++ b/common/mldrivers/linux_bootloaders.ml +@@ -375,6 +375,18 @@ let detect_bootloader (g : G.guestfs) root i_firmware = + with G.Error msg -> + error (f_"could not find bootloader mount point (%s): %s") mp msg in + ++ (* ++ * Workaround for older UEFI-based Debian which may not have ++ * /boot/efi/EFI/debian/grub.cfg. ++ *) ++ let paths = ++ if g#exists "/boot/grub/grub.cfg" then ++ match i_firmware with ++ | Firmware.I_BIOS -> paths ++ | I_UEFI _ -> paths @ ["/boot/grub/grub.cfg"] ++ else paths ++ in ++ + (* We can determine if the bootloader config file is grub 1 or + * grub 2 just by looking at the filename. + *) +diff --git a/common/mltools/libosinfo-c.c b/common/mltools/libosinfo-c.c +index 93357fd9..a48c8989 100644 +--- a/common/mltools/libosinfo-c.c ++++ b/common/mltools/libosinfo-c.c +@@ -296,7 +296,7 @@ v2v_osinfo_os_get_device_drivers (value osv) + + driver = OSINFO_DEVICE_DRIVER(osinfo_list_get_nth (OSINFO_LIST(list), i)); + +- vi = caml_alloc (6, 0); ++ vi = caml_alloc (7, 0); + str = osinfo_device_driver_get_architecture (driver); + copyv = caml_copy_string (str); + Store_field (vi, 0, copyv); +diff --git a/common/mlxml/xml-c.c b/common/mlxml/xml-c.c +index 715c3bb2..e024bd8a 100644 +--- a/common/mlxml/xml-c.c ++++ b/common/mlxml/xml-c.c +@@ -34,6 +34,7 @@ + #include + #include + ++#include + #include + #include + #include +diff --git a/common/options/key-option.pod b/common/options/key-option.pod +index 6bc04df1..1470d863 100644 +--- a/common/options/key-option.pod ++++ b/common/options/key-option.pod +@@ -1,22 +1,37 @@ + =item B<--key> SELECTOR + + Specify a key for LUKS, to automatically open a LUKS device when using +-the inspection. C can be either the libguestfs device name, or +-the UUID of the LUKS device. ++the inspection. + + =over 4 + +-=item B<--key> C:key:KEY_STRING ++=item B<--key> NAMEB<:key:>KEY_STRING ++ ++=item B<--key> UUIDB<:key:>KEY_STRING ++ ++=item B<--key> BKEY_STRING ++ ++C is the libguestfs device name (eg. C). C is ++the device UUID. C means try the key against any encrypted ++device. + + Use the specified C as passphrase. + +-=item B<--key> C:file:FILENAME ++=item B<--key> NAMEB<:file:>FILENAME ++ ++=item B<--key> UUIDB<:file:>FILENAME ++ ++=item B<--key> BFILENAME + + Read the passphrase from F. + +-=item B<--key> C:clevis ++=item B<--key> NAMEB<:clevis> + +-Attempt passphrase-less unlocking for C with Clevis, over the ++=item B<--key> UUIDB<:clevis> ++ ++=item B<--key> B ++ ++Attempt passphrase-less unlocking for the device with Clevis, over the + network. Please refer to L for more + information on network-bound disk encryption (NBDE). + +diff --git a/common/options/keys.c b/common/options/keys.c +index 52b27369..87acba51 100644 +--- a/common/options/keys.c ++++ b/common/options/keys.c +@@ -20,6 +20,7 @@ + + #include + #include ++#include + #include + #include + #include +@@ -152,9 +153,13 @@ get_keys (struct key_store *ks, const char *device, const char *uuid, + if (ks) { + for (i = 0; i < ks->nr_keys; ++i) { + struct key_store_key *key = &ks->keys[i]; ++ bool key_id_matches_this_device; + +- if (STRNEQ (key->id, device) && (!uuid || STRNEQ (key->id, uuid))) +- continue; ++ key_id_matches_this_device = ++ STREQ (key->id, "all") || /* special string "all" matches any device */ ++ STREQ (key->id, device) || ++ (uuid && STREQ (key->id, uuid)); ++ if (!key_id_matches_this_device) continue; + + switch (key->type) { + case key_string: +diff --git a/common/options/options.h b/common/options/options.h +index 94e8b9ee..dcb15c28 100644 +--- a/common/options/options.h ++++ b/common/options/options.h +@@ -109,6 +109,8 @@ struct key_store_key { + * device name, or the UUID. + * + * There may be multiple matching devices in the list. ++ * ++ * This may be the special string "all" which matches any device. + */ + char *id; + diff --git a/SOURCES/0039-tests-Test-guestfish-key-all-.-selector.patch b/SOURCES/0039-tests-Test-guestfish-key-all-.-selector.patch new file mode 100644 index 0000000..7cf5487 --- /dev/null +++ b/SOURCES/0039-tests-Test-guestfish-key-all-.-selector.patch @@ -0,0 +1,35 @@ +From 335642539772cfee442989f56f1b5d7803e4111c Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 14 Dec 2023 09:15:08 +0000 +Subject: [PATCH] tests: Test guestfish --key all:... selector + +(cherry picked from commit 40f43cc8ea6bd556749ee7ba280971aa8b043d27) +--- + .../luks/test-key-option-inspect-luks-on-lvm.sh | 17 +++++++++++++++++ + 1 file changed, 17 insertions(+) + +diff --git a/tests/luks/test-key-option-inspect-luks-on-lvm.sh b/tests/luks/test-key-option-inspect-luks-on-lvm.sh +index 932862b1..2b60c797 100755 +--- a/tests/luks/test-key-option-inspect-luks-on-lvm.sh ++++ b/tests/luks/test-key-option-inspect-luks-on-lvm.sh +@@ -119,3 +119,20 @@ eval "$fish_ref" + + # Repeat the test. + check_filesystems ++ ++# Exit the current guestfish background process. ++guestfish --remote -- exit ++GUESTFISH_PID= ++ ++# Test the --key all:... selector. ++keys_by_mapper_lvname=( ++ --key all:key:FEDORA-Root ++ --key all:key:FEDORA-LV1 ++ --key all:key:FEDORA-LV2 ++ --key all:key:FEDORA-LV3 ++) ++fish_ref=$("${guestfish[@]}" "${keys_by_mapper_lvname[@]}") ++eval "$fish_ref" ++ ++# Repeat the test. ++check_filesystems diff --git a/SOURCES/copy-patches.sh b/SOURCES/copy-patches.sh index 34989cc..ce1fbb0 100755 --- a/SOURCES/copy-patches.sh +++ b/SOURCES/copy-patches.sh @@ -3,12 +3,11 @@ set -e # Maintainer script to copy patches from the git repo to the current -# directory. It's normally only used downstream (ie. in RHEL). Use -# it like this: +# directory. Use it like this: # ./copy-patches.sh project=libguestfs -rhel_version=9.2 +rhel_version=9.4 # Check we're in the right directory. if [ ! -f $project.spec ]; then @@ -37,7 +36,12 @@ git rm -f [0-9]*.patch ||: rm -f [0-9]*.patch # Get the patches. -(cd $git_checkout; rm -f [0-9]*.patch; git -c core.abbrev=9 format-patch -O/dev/null -N --submodule=diff $tag) +( + cd $git_checkout + rm -f [0-9]*.patch + git -c core.abbrev=8 format-patch -O/dev/null --subject-prefix=PATCH -N \ + --submodule=diff --no-signature --patience $tag +) mv $git_checkout/[0-9]*.patch . # Remove any not to be applied. diff --git a/SOURCES/libguestfs-1.48.4.tar.gz.sig b/SOURCES/libguestfs-1.48.4.tar.gz.sig deleted file mode 100644 index 1490f9f..0000000 --- a/SOURCES/libguestfs-1.48.4.tar.gz.sig +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQJFBAABCAAvFiEE93dPsa0HSn6Mh2fqkXOPc+G3aKAFAmLFql8RHHJpY2hAYW5u -ZXhpYS5vcmcACgkQkXOPc+G3aKAV2hAAzOcZseFTUFFoj4M5riqXqtBN3W+fr/O7 -v0wzJ9sY31Ftk8KFKKgpwOn4UFXYMPXY7Hm94GRAYjYBAtx9Viyyt7B6PbV7mVZ0 -WHLlZcg3ZsliF23s3EoHfgTGFfKLkjDwfPlmChC260Ffhq4KKvnwu/DobY/CDLHG -0cvrjb0OOYibBGbq58AHYR6QlVH/ScAuLSA1aRAd06bbpixufRR1oh1MtFA1iSvC -yjNH0joLFiu0uuD7KFH66YX2nFNrO24r0LxJkwT5G7GHlZJStJUpvs/QHa8Tw5Zt -Z1JMk9yB9EMPYimdVDm7m6eDBxTx8YbF7u6G8JdHRXgAPBt4O09XX7WGxxmh9Dc4 -M+QkpiubEOG6qwBythJJ6sTSRLKIAPeVfHEOauXg8n45Tbk5jYwthMKbnD9ETb3t -QKdMr5g+DZUO0LfbOvP0GtD+b1jK4iu4BcWDquQBXpDTbx7LUfSuTDrWItehEnBp -/K6FRbakNZEroLR5VA9WAa6sE+2B3gg1OG+KHypHuw4hfpmutvVA8wnPgyw3j+WK -xdcRp65NUMUkKRE/FTwp1MkY1Y2S9M9iAPX+CopdHPVoq9O2YE+K6Rv1EdJjmKZK -EwLzX08Xcj9T/U9GEfV+QdIzitCuxf7x9ULEDcFozFnuHXww+JLdR0EmIDkUwl7C -Z0KKsy18Eq8= -=WB1H ------END PGP SIGNATURE----- diff --git a/SOURCES/libguestfs-1.50.1.tar.gz.sig b/SOURCES/libguestfs-1.50.1.tar.gz.sig new file mode 100644 index 0000000..cec47f6 --- /dev/null +++ b/SOURCES/libguestfs-1.50.1.tar.gz.sig @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- + +iQJFBAABCAAvFiEE93dPsa0HSn6Mh2fqkXOPc+G3aKAFAmP1QzoRHHJpY2hAYW5u +ZXhpYS5vcmcACgkQkXOPc+G3aKCAEBAAimQxT37HMWTHOqvj4s6ipOhDCNPlqo4L +z+syvIkgbp024IOPUbrlmSCtrCFiLXsRmmenynFv66N8GXoWmJruyJMyvBxsupZT +lTo7WdCEix/xPh/LAb8Q9RWA2SQYfkOKHRs/gr4b/LbtXBklMlcOdhegx3Mml4SW +gwK5n799YebUVgzYch5hWjHcRAphPaUdMyaJ6MUnFrfUPyGK2QO1yXdnGxkseAPz +srjlhFqu5kNojWzcaNcdHBdKvJVEZo7L6laADRS31sRH0BGVc6/DFJgOPdxROGJe +oeq3Oo1EF88P15NSTNZSXLa65n9kts2OnqRgX/c3njV9+1/JPHJWVM+VezuCcN8D +hHktHVOBjM209N5RmLtR92eROvo1aTrgjsLqOTvwbKBu7NrPc4ZICnX7dMjD6irj +vQz0P5MUmELMvdEN3FMGf45v77z+249e1z+5EGi2HUPKLfxd+I3+2mxUm2xjWOy/ +zNzkG2rCgYRB8Tioj6Mw80RYKioRyu8p5lUZvvLk85CJbT4BFH8rXgJbrEBOSunE +lWEcv690GzyszAN8zKZaIqhNzIKdlkQZAd1DMXfNBEfAy23YHRApB1O2EFhNAjAf +yEsUjpiYc0pq64QiCPGzUp4iLfMt9hg4ey5Pquud/j6cfvJ3ak5gZECbFnbUjysZ +YYpwSgy/FVI= +=OPC/ +-----END PGP SIGNATURE----- diff --git a/SPECS/libguestfs.spec b/SPECS/libguestfs.spec index 91d3cbc..d84308f 100644 --- a/SPECS/libguestfs.spec +++ b/SPECS/libguestfs.spec @@ -14,10 +14,7 @@ %if !0%{?rhel} %global test_arches aarch64 %{power64} s390x x86_64 %else -# RHEL 9 only: -# x86-64: "/lib64/libc.so.6: CPU ISA level is lower than required" -# (RHBZ#1919389) -%global test_arches NONE +%global test_arches x86_64 %endif # Trim older changelog entries. @@ -36,7 +33,7 @@ %endif # The source directory. -%global source_directory 1.48-stable +%global source_directory 1.50-stable # Filter perl provides. %{?perl_default_filter} @@ -47,8 +44,8 @@ Summary: Access and modify virtual machine disk images Name: libguestfs Epoch: 1 -Version: 1.48.4 -Release: 4%{?dist}.alma +Version: 1.50.1 +Release: 7%{?dist}.alma.1 License: LGPLv2+ # Build only for architectures that have a kernel @@ -82,28 +79,57 @@ Source7: libguestfs.keyring # Maintainer script which helps with handling patches. Source8: copy-patches.sh +# This is a copy of the common/ submodule from libguestfs @v1.50.1. +# We need it because the libguestfs tarball does not include common/ +# directories that are not used by libguestfs (eg. common/mlcustomize). +# However the patches (below) patch files in those directories and so +# do not apply properly to the libguestfs tarball. Therefore before +# applying the patches we unpack this in the common/ subdirectory. +Source9: libguestfs-common-1.50.1.tar.gz + # Patches are maintained in the following repository: -# https://github.com/libguestfs/libguestfs/commits/rhel-9.2 +# https://github.com/libguestfs/libguestfs/commits/rhel-9.4 # Patches. -Patch0001: 0001-New-API-guestfs_device_name-returning-the-drive-name.patch -Patch0002: 0002-guestfs_readdir-rewrite-with-FileOut-transfer-to-lif.patch -Patch0003: 0003-guestfs_readdir-minimize-the-number-of-send_file_wri.patch -Patch0004: 0004-lib-launch-direct-ignore-drive-iface-parameter.patch -Patch0005: 0005-lib-drive_create_data-drive-remove-field-iface.patch -Patch0006: 0006-lib-rename-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch -Patch0007: 0007-tests-regressions-remove-iface-based-restrictions.patch -Patch0008: 0008-generator-customize-invert-SELinux-relabeling-defaul.patch -Patch0009: 0009-generator-customize-reintroduce-selinux-relabel-as-a.patch -Patch0010: 0010-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch -Patch0011: 0011-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch -Patch0012: 0012-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch -Patch0013: 0013-php-add-arginfo-to-php-bindings.patch -Patch0014: 0014-introduce-the-clevis_luks_unlock-API.patch -Patch0015: 0015-guestfish-guestmount-enable-networking-for-key-ID-cl.patch -Patch0016: 0016-daemon-Add-zstd-support-to-guestfs_file_architecture.patch -Patch0017: 0017-New-API-inspect_get_build_id.patch -Patch0018: 0018-lib-Return-correct-osinfo-field-for-Windows-11.patch +Patch0001: 0001-update-common-submodule.patch +Patch0002: 0002-update-common-submodule.patch +Patch0003: 0003-daemon-selinux-relabel-don-t-exclude-selinux-if-it-s.patch +Patch0004: 0004-daemon-selinux-relabel-search-for-invalid-option-in-.patch +Patch0005: 0005-daemon-selinux-relabel-run-setfiles-with-T-0-if-supp.patch +Patch0006: 0006-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch +Patch0007: 0007-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch +Patch0008: 0008-Remove-virt-dib.patch +Patch0009: 0009-lib-Choose-q35-machine-type-for-x86-64.patch +Patch0010: 0010-RHEL-Revert-build-Remove-bundled-copy-of-ocaml-augea.patch +Patch0011: 0011-update-common-submodule.patch +Patch0012: 0012-LUKS-on-LVM-inspection-test-rename-VGs-and-LVs.patch +Patch0013: 0013-LUKS-on-LVM-inspection-test-test-dev-mapper-VG-LV-tr.patch +Patch0014: 0014-Replace-Pervasives.-with-Stdlib.patch +Patch0015: 0015-fuse-Don-t-call-fclose-NULL-on-error-paths.patch +Patch0016: 0016-ocaml-implicit_close-test-collect-all-currently-unre.patch +Patch0017: 0017-ocaml-Replace-old-enter-leave_blocking_section-calls.patch +Patch0018: 0018-ocaml-Release-runtime-lock-around-guestfs_close.patch +Patch0019: 0019-ocaml-Conditionally-acquire-the-lock-in-callbacks.patch +Patch0020: 0020-ocaml-Fix-guestfs_065_implicit_close.ml-for-OCaml-5.patch +Patch0021: 0021-ocaml-Use-Caml_state_opt-in-preference-to-caml_state.patch +Patch0022: 0022-generator-Add-chown-option-for-virt-customize.patch +Patch0023: 0023-lib-remove-guestfs_int_cmd_clear_close_files.patch +Patch0024: 0024-docs-fix-broken-link-in-the-guestfs-manual.patch +Patch0025: 0025-docs-clarify-sockdir-s-separation.patch +Patch0026: 0026-lib-move-guestfs_int_create_socketname-from-launch.c.patch +Patch0027: 0027-generator-customize-Add-new-StringTriplet-for-use-by.patch +Patch0028: 0028-daemon-lvm-Do-reverse-device-name-translation-on-pvs.patch +Patch0029: 0029-ruby-Replace-MiniTest-with-Minitest.patch +Patch0030: 0030-ruby-Get-rid-of-old-Test-Unit-compatibility.patch +Patch0031: 0031-generator-Sort-virt-customize-options-into-alphabeti.patch +Patch0032: 0032-generator-Add-new-virt-customize-tar-in-operation.patch +Patch0033: 0033-New-mailing-list-email-address.patch +Patch0034: 0034-New-mailing-list-archives.patch +Patch0035: 0035-lib-Include-libxml-parser.h-for-xmlReadMemory.patch +Patch0036: 0036-ocaml-Use-Gc.finalise-instead-of-a-C-finalizer.patch +Patch0037: 0037-ocaml-Nullify-custom-block-before-releasing-runtime-.patch +Patch0038: 0038-Update-common-submodule.patch +Patch0039: 0039-tests-Test-guestfish-key-all-.-selector.patch %if 0%{patches_touch_autotools} BuildRequires: autoconf, automake, libtool, gettext-devel @@ -122,6 +148,8 @@ BuildRequires: perl(Pod::Man) BuildRequires: /usr/bin/pod2text BuildRequires: po4a BuildRequires: augeas-devel >= 1.7.0 +# Waiting for https://bugzilla.redhat.com/show_bug.cgi?id=2168634 +#BuildRequires: ocaml-augeas-devel >= 0.6 BuildRequires: readline-devel BuildRequires: xorriso BuildRequires: libxml2-devel @@ -173,7 +201,6 @@ BuildRequires: gnupg2 BuildRequires: ocaml BuildRequires: ocaml-ocamldoc BuildRequires: ocaml-findlib-devel -BuildRequires: ocaml-gettext-devel %if !0%{?rhel} BuildRequires: ocaml-ounit-devel %endif @@ -227,10 +254,6 @@ BuildRequires: clevis-luks BuildRequires: coreutils BuildRequires: cpio BuildRequires: cryptsetup -%if !0%{?rhel} -BuildRequires: curl -BuildRequires: debootstrap -%endif BuildRequires: dhclient BuildRequires: diffutils BuildRequires: dosfstools @@ -254,9 +277,6 @@ BuildRequires: iproute BuildRequires: iputils BuildRequires: kernel BuildRequires: kmod -%if !0%{?rhel} -BuildRequires: kpartx -%endif BuildRequires: less BuildRequires: libcap %if !0%{?rhel} @@ -279,7 +299,6 @@ BuildRequires: pcre2 BuildRequires: policycoreutils BuildRequires: procps BuildRequires: psmisc -BuildRequires: qemu-img BuildRequires: rpm-libs BuildRequires: rsync BuildRequires: scrub @@ -297,9 +316,6 @@ BuildRequires: tar BuildRequires: udev BuildRequires: util-linux BuildRequires: vim-minimal -%if !0%{?rhel} -BuildRequires: which -%endif BuildRequires: xfsprogs BuildRequires: xz BuildRequires: yajl @@ -451,17 +467,6 @@ Requires: pkgconfig for %{name}. -%if !0%{?rhel} -%package dib -Summary: Additional tools for virt-dib -License: LGPLv2+ - -%description dib -This adds extra packages needed by virt-dib to %{name}. You should -normally install the virt-dib package which depends on this one. -%endif - - %if !0%{?rhel} %package forensics Summary: Filesystem forensics support for %{name} @@ -733,6 +738,9 @@ for %{name}. %{gpgverify} --keyring='%{SOURCE7}' --signature='%{SOURCE1}' --data='%{SOURCE0}' %endif %setup -q +%if 0%{?rhel} +tar zxf %{SOURCE9} +%endif %autopatch -p1 %if 0%{patches_touch_autotools} @@ -791,8 +799,14 @@ make V=1 INSTALLDIRS=vendor %{?_smp_mflags} %check - %ifarch %{test_arches} +# Only run the tests with non-debug (ie. non-Rawhide) kernels. +# XXX This tests for any debug kernel installed. +if grep CONFIG_DEBUG_MUTEXES=y /lib/modules/*/config ; then + echo "Skipping tests because debug kernel is installed" + exit 0 +fi + export LIBGUESTFS_DEBUG=1 export LIBGUESTFS_TRACE=1 export LIBVIRT_DEBUG=1 @@ -821,6 +835,13 @@ find $RPM_BUILD_ROOT -name .packlist -delete find $RPM_BUILD_ROOT -name '*.bs' -delete find $RPM_BUILD_ROOT -name 'bindtests.pl' -delete +# Perl's ExtUtils::Install installs "Guestfs.so" read-only; that +# prevents objcopy from adding the ".gdb_index" section for the sake of +# the debuginfo file. See +# . Restore write +# permission for the file owner. +find $RPM_BUILD_ROOT -name Guestfs.so -exec chmod u+w '{}' + + # golang: Ignore what libguestfs upstream installs, and just copy the # source files to %%{_datadir}/gocode/src. %ifarch %{golang_arches} @@ -849,19 +870,6 @@ function move_to echo "$1" >> "$2" } -%if !0%{?rhel} -move_to curl zz-packages-dib -move_to debootstrap zz-packages-dib -move_to kpartx zz-packages-dib -move_to qemu-img zz-packages-dib -move_to which zz-packages-dib -%else -remove curl -remove debootstrap -remove kpartx -remove qemu-img -remove which -%endif %if !0%{?rhel} move_to sleuthkit zz-packages-forensics move_to gfs2-utils zz-packages-gfs2 @@ -970,11 +978,6 @@ rm ocaml/html/.gitignore %{_libdir}/pkgconfig/libguestfs.pc -%if !0%{?rhel} -%files dib -%{_libdir}/guestfs/supermin.d/zz-packages-dib -%endif - %if !0%{?rhel} %files forensics %{_libdir}/guestfs/supermin.d/zz-packages-forensics @@ -1133,14 +1136,37 @@ rm ocaml/html/.gitignore %changelog -* Tue May 09 2023 Edaurd Abdullin - 1:1.48.4-4.alma +* Thu Mar 28 2024 Edaurd Abdullin - 1:1.50.1-7.alma.1 - Fix build for AlmaLinux - Avoid permission denied for yum/dnf cache +* Thu Dec 14 2023 Richard W.M. Jones - 1:1.50.1-7 +- Add --key all:... selector + resolves: RHEL-19367 +- Add miscellaneous other upstream fixes since 1.50.1 + +* Wed Jun 07 2023 Laszlo Ersek - 1:1.50.1-6 +- enable the ".gdb_index" section in the Perl bindings debug info + resolves: rhbz#2209279 + +* Tue May 23 2023 Laszlo Ersek - 1:1.50.1-5 +- let "guestfish -i" recognize "--key /dev/mapper/VG-LV:key:password" +- reenable quickcheck; we now use "-cpu max" (upstream 30f74f38bd6e) + resolves: rhbz#2209279 + +* Thu May 04 2023 Richard W.M. Jones - 1:1.50.1-4 +- Rebase libguestfs to 1.50.1 + resolves: rhbz#2168625 +- Use q35 machine type for libguestfs appliance + resolves: rhbz#2168578 +- Run SELinux relabelling in parallel [for virt-v2v] + resolves: rhbz#2190276 + * Fri Dec 02 2022 Richard W.M. Jones - 1:1.48.4-4 - New API: guestfs_inspect_get_build_id - Add support for detecting Windows >= 10, returned through osinfo resolves: rhbz#2012658 + * Tue Nov 08 2022 Richard W.M. Jones - 1:1.48.4-3 - Move libguestfs-make-fixed-appliance to main package resolves: rhbz#2140695