rpms/libguestfs
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

merge into: rpms:c8-stream-rhel
Branches Tags
rpms:c8-stream-rhel
rpms:c9s
rpms:c10s
rpms:a10s
rpms:a9-beta
rpms:c9-beta
rpms:a9
rpms:a9-ppc64le
rpms:a8-stream-rhel
rpms:c9
rpms:stream-virt-rhel-rhel-8.10.0
rpms:stream-virt-rhel-rhel-8.9.0
rpms:a8-beta-stream-rhel
rpms:c8-beta-stream-rhel
rpms:c8s-stream-rhel
rpms:imports/c10s/libguestfs-1.54.0-3.el10
rpms:imports/c10s/libguestfs-1.54.0-2.el10
rpms:changed/a10s/libguestfs-1.54.0-1.el10.alma.1
rpms:imports/c10s/libguestfs-1.54.0-1.el10
rpms:changed/a9-beta/libguestfs-1.50.2-1.el9.alma.1
rpms:imports/c9-beta/libguestfs-1.50.2-1.el9
rpms:changed/a10s/libguestfs-1.52.2-4.el10.alma.1
rpms:changed/a9/libguestfs-1.50.1-8.el9_4.alma.1
rpms:imports/c10s/libguestfs-1.52.2-4.el10
rpms:imports/c10s/libguestfs-1.52.2-2.el10
rpms:imports/c10s/libguestfs-1.52.1-6.el10
rpms:imports/a9/libguestfs-1.50.1-7.el9.alma.1
rpms:changed/a9-beta/libguestfs-1.50.1-6.el9.alma
rpms:imports/c9-beta/libguestfs-1.50.1-6.el9
rpms:changed/a8-stream-rhel/libguestfs-1.44.0-9.module+el8.8.0+16781+9f4724c2.alma
rpms:imports/c8-stream-rhel/libguestfs-1.44.0-9.module+el8.8.0+16781+9f4724c2
rpms:changed/a9/libguestfs-1.48.4-4.el9.alma
rpms:imports/c9/libguestfs-1.48.4-4.el9
rpms:changed/a9-beta/libguestfs-1.48.4-4.el9.alma
rpms:changed/a8-beta-stream-rhel/libguestfs-1.44.0-9.module+el8.8.0+16781+9f4724c2.alma
rpms:imports/c9-beta/libguestfs-1.48.4-4.el9
rpms:imports/c8-beta-stream-rhel/libguestfs-1.44.0-9.module+el8.8.0+16781+9f4724c2
rpms:imports/c8s-stream-rhel/libguestfs-1.44.0-9.module+el8.8.0+16781+9f4724c2
rpms:changed/a9/libguestfs-1.48.4-2.el9.alma
rpms:imports/c9/libguestfs-1.48.4-2.el9
rpms:changed/a8-stream-rhel/libguestfs-1.44.0-9.module+el8.7.0+16689+53d59bc2.alma
rpms:imports/c8-stream-rhel/libguestfs-1.44.0-9.module+el8.7.0+16689+53d59bc2
rpms:changed/a8-beta-stream-rhel/libguestfs-1.44.0-9.module+el8.7.0+15868+7d816fcd.alma
rpms:changed/a9-beta/libguestfs-1.48.4-2.el9.alma
rpms:imports/c9-beta/libguestfs-1.48.4-2.el9
rpms:imports/c8-beta-stream-rhel/libguestfs-1.44.0-9.module+el8.7.0+15868+7d816fcd
rpms:imports/c8s-stream-rhel/libguestfs-1.44.0-9.module+el8.7.0+15868+7d816fcd
rpms:changed/a9/libguestfs-1.46.1-4.el9_0.alma
rpms:imports/c9/libguestfs-1.46.1-4.el9_0
rpms:imports/c9/libguestfs-1.46.1-3.el9_0
rpms:changed/a8-stream-rhel/libguestfs-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.alma
rpms:imports/c8-stream-rhel/libguestfs-1.44.0-5.module+el8.6.0+14480+c0a3aa0f
rpms:imports/c8s-stream-rhel/libguestfs-1.44.0-6.module+el8.7.0+14837+489a7fc8
rpms:changed/a9-beta/libguestfs-1.46.1-3.el9_0.alma
rpms:imports/c9-beta/libguestfs-1.46.1-3.el9_0
rpms:imports/c8-beta-stream-rhel/libguestfs-1.44.0-5.module+el8.6.0+13732+b2b9b31d
rpms:imports/c8s-stream-rhel/libguestfs-1.44.0-5.module+el8.6.0+13732+b2b9b31d
rpms:imports/c9-beta/libguestfs-1.46.1-2.el9
rpms:imports/c9-beta/libguestfs-1.46.0-5.el9
rpms:imports/c9-beta/libguestfs-1.45.6-12.el9
rpms:changed/a8-stream-rhel/libguestfs-1.40.2-28.module+el8.5.0+10717+67be7ac4.alma
rpms:imports/c8-stream-rhel/libguestfs-1.40.2-28.module+el8.5.0+10717+67be7ac4
rpms:imports/c8s-stream-rhel/libguestfs-1.44.0-4.module+el8.6.0+12969+f61072d9
rpms:imports/c8s-stream-rhel/libguestfs-1.44.0-3.module+el8.6.0+12861+13975d62
rpms:imports/c8-beta-stream-rhel/libguestfs-1.40.2-28.module+el8.5.0+10717+67be7ac4
rpms:imports/c8-beta-stream-rhel/libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052
rpms:imports/c8-beta-stream-rhel/libguestfs-1.40.2-24.module+el8.3.0+7176+57f10f42
rpms:imports/c8-beta-stream-rhel/libguestfs-1.38.4-15.module+el8.2.0+5297+222a20af
rpms:imports/c8-beta-stream-rhel/libguestfs-1.38.4-12.module+el8.1.0+3306+18be956d
rpms:changed/a8-stream-rhel/libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052.alma
rpms:imports/c8s-stream-rhel/libguestfs-1.40.2-28.module+el8.5.0+10717+67be7ac4
rpms:imports/c8s-stream-rhel/libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052
rpms:imports/c8s-stream-rhel/libguestfs-1.40.2-25.module+el8.3.0+7421+642fe24f
rpms:imports/c8s-stream-rhel/libguestfs-1.40.2-24.module+el8.3.0+7176+57f10f42
rpms:imports/c8s-stream-rhel/libguestfs-1.40.2-22.module+el8.3.0+6423+e4cb6418
rpms:imports/c8-stream-rhel/libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052
rpms:imports/c8-stream-rhel/libguestfs-1.40.2-25.module+el8.3.0+7421+642fe24f
rpms:imports/c8-stream-rhel/libguestfs-1.38.4-15.module+el8.2.0+5297+222a20af
rpms:imports/c8-stream-rhel/libguestfs-1.38.4-14.module+el8.1.0+4066+0f1aadab
rpms:imports/c8-stream-rhel/libguestfs-1.38.4-11.1.module+el8.0.0+4084+cceb9f44
...
pull from: rpms:a9-ppc64le
Branches Tags
rpms:c9s
rpms:c10s
rpms:a10s
rpms:a9-beta
rpms:c9-beta
rpms:a9
rpms:a9-ppc64le
rpms:a8-stream-rhel
rpms:c8-stream-rhel
rpms:c9
rpms:stream-virt-rhel-rhel-8.10.0
rpms:stream-virt-rhel-rhel-8.9.0
rpms:a8-beta-stream-rhel
rpms:c8-beta-stream-rhel
rpms:c8s-stream-rhel
rpms:imports/c10s/libguestfs-1.54.0-3.el10
rpms:imports/c10s/libguestfs-1.54.0-2.el10
rpms:changed/a10s/libguestfs-1.54.0-1.el10.alma.1
rpms:imports/c10s/libguestfs-1.54.0-1.el10
rpms:changed/a9-beta/libguestfs-1.50.2-1.el9.alma.1
rpms:imports/c9-beta/libguestfs-1.50.2-1.el9
rpms:changed/a10s/libguestfs-1.52.2-4.el10.alma.1
rpms:changed/a9/libguestfs-1.50.1-8.el9_4.alma.1
rpms:imports/c10s/libguestfs-1.52.2-4.el10
rpms:imports/c10s/libguestfs-1.52.2-2.el10
rpms:imports/c10s/libguestfs-1.52.1-6.el10
rpms:imports/a9/libguestfs-1.50.1-7.el9.alma.1
rpms:changed/a9-beta/libguestfs-1.50.1-6.el9.alma
rpms:imports/c9-beta/libguestfs-1.50.1-6.el9
rpms:changed/a8-stream-rhel/libguestfs-1.44.0-9.module+el8.8.0+16781+9f4724c2.alma
rpms:imports/c8-stream-rhel/libguestfs-1.44.0-9.module+el8.8.0+16781+9f4724c2
rpms:changed/a9/libguestfs-1.48.4-4.el9.alma
rpms:imports/c9/libguestfs-1.48.4-4.el9
rpms:changed/a9-beta/libguestfs-1.48.4-4.el9.alma
rpms:changed/a8-beta-stream-rhel/libguestfs-1.44.0-9.module+el8.8.0+16781+9f4724c2.alma
rpms:imports/c9-beta/libguestfs-1.48.4-4.el9
rpms:imports/c8-beta-stream-rhel/libguestfs-1.44.0-9.module+el8.8.0+16781+9f4724c2
rpms:imports/c8s-stream-rhel/libguestfs-1.44.0-9.module+el8.8.0+16781+9f4724c2
rpms:changed/a9/libguestfs-1.48.4-2.el9.alma
rpms:imports/c9/libguestfs-1.48.4-2.el9
rpms:changed/a8-stream-rhel/libguestfs-1.44.0-9.module+el8.7.0+16689+53d59bc2.alma
rpms:imports/c8-stream-rhel/libguestfs-1.44.0-9.module+el8.7.0+16689+53d59bc2
rpms:changed/a8-beta-stream-rhel/libguestfs-1.44.0-9.module+el8.7.0+15868+7d816fcd.alma
rpms:changed/a9-beta/libguestfs-1.48.4-2.el9.alma
rpms:imports/c9-beta/libguestfs-1.48.4-2.el9
rpms:imports/c8-beta-stream-rhel/libguestfs-1.44.0-9.module+el8.7.0+15868+7d816fcd
rpms:imports/c8s-stream-rhel/libguestfs-1.44.0-9.module+el8.7.0+15868+7d816fcd
rpms:changed/a9/libguestfs-1.46.1-4.el9_0.alma
rpms:imports/c9/libguestfs-1.46.1-4.el9_0
rpms:imports/c9/libguestfs-1.46.1-3.el9_0
rpms:changed/a8-stream-rhel/libguestfs-1.44.0-5.module+el8.6.0+14480+c0a3aa0f.alma
rpms:imports/c8-stream-rhel/libguestfs-1.44.0-5.module+el8.6.0+14480+c0a3aa0f
rpms:imports/c8s-stream-rhel/libguestfs-1.44.0-6.module+el8.7.0+14837+489a7fc8
rpms:changed/a9-beta/libguestfs-1.46.1-3.el9_0.alma
rpms:imports/c9-beta/libguestfs-1.46.1-3.el9_0
rpms:imports/c8-beta-stream-rhel/libguestfs-1.44.0-5.module+el8.6.0+13732+b2b9b31d
rpms:imports/c8s-stream-rhel/libguestfs-1.44.0-5.module+el8.6.0+13732+b2b9b31d
rpms:imports/c9-beta/libguestfs-1.46.1-2.el9
rpms:imports/c9-beta/libguestfs-1.46.0-5.el9
rpms:imports/c9-beta/libguestfs-1.45.6-12.el9
rpms:changed/a8-stream-rhel/libguestfs-1.40.2-28.module+el8.5.0+10717+67be7ac4.alma
rpms:imports/c8-stream-rhel/libguestfs-1.40.2-28.module+el8.5.0+10717+67be7ac4
rpms:imports/c8s-stream-rhel/libguestfs-1.44.0-4.module+el8.6.0+12969+f61072d9
rpms:imports/c8s-stream-rhel/libguestfs-1.44.0-3.module+el8.6.0+12861+13975d62
rpms:imports/c8-beta-stream-rhel/libguestfs-1.40.2-28.module+el8.5.0+10717+67be7ac4
rpms:imports/c8-beta-stream-rhel/libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052
rpms:imports/c8-beta-stream-rhel/libguestfs-1.40.2-24.module+el8.3.0+7176+57f10f42
rpms:imports/c8-beta-stream-rhel/libguestfs-1.38.4-15.module+el8.2.0+5297+222a20af
rpms:imports/c8-beta-stream-rhel/libguestfs-1.38.4-12.module+el8.1.0+3306+18be956d
rpms:changed/a8-stream-rhel/libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052.alma
rpms:imports/c8s-stream-rhel/libguestfs-1.40.2-28.module+el8.5.0+10717+67be7ac4
rpms:imports/c8s-stream-rhel/libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052
rpms:imports/c8s-stream-rhel/libguestfs-1.40.2-25.module+el8.3.0+7421+642fe24f
rpms:imports/c8s-stream-rhel/libguestfs-1.40.2-24.module+el8.3.0+7176+57f10f42
rpms:imports/c8s-stream-rhel/libguestfs-1.40.2-22.module+el8.3.0+6423+e4cb6418
rpms:imports/c8-stream-rhel/libguestfs-1.40.2-27.module+el8.4.0+9282+0bdec052
rpms:imports/c8-stream-rhel/libguestfs-1.40.2-25.module+el8.3.0+7421+642fe24f
rpms:imports/c8-stream-rhel/libguestfs-1.38.4-15.module+el8.2.0+5297+222a20af
rpms:imports/c8-stream-rhel/libguestfs-1.38.4-14.module+el8.1.0+4066+0f1aadab
rpms:imports/c8-stream-rhel/libguestfs-1.38.4-11.1.module+el8.0.0+4084+cceb9f44

No commits in common. "c8-stream-rhel" and "a9-ppc64le" have entirely different histories.
c8-stream- ... a9-ppc64le

59 changed files with 7579 additions and 9091 deletions
Show Stats Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1,2 +1,2 @@
SOURCES/libguestfs-1.44.0.tar.gz SOURCES/libguestfs-1.50.1.tar.gz
SOURCES/libguestfs.keyring SOURCES/libguestfs.keyring

2
.libguestfs.metadata
View File

@ -1,2 +1,2 @@
99d241dc4a5ba0dc6111954ed7a872e0b0bb6944 SOURCES/libguestfs-1.44.0.tar.gz b2ccc62a61d43917d982bb380709cd283fda465a SOURCES/libguestfs-1.50.1.tar.gz
1bbc40f501a7fef9eef2a39b701a71aee2fea7c4 SOURCES/libguestfs.keyring 1bbc40f501a7fef9eef2a39b701a71aee2fea7c4 SOURCES/libguestfs.keyring

96
SOURCES/0001-New-API-guestfs_device_name-returning-the-drive-name.patch Normal file
View File

@ -0,0 +1,96 @@
From e3ebd50abde3b05db86c8965868c866152cd3287 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Thu, 28 Apr 2022 13:16:54 +0100
Subject: [PATCH] New API: guestfs_device_name returning the drive name
For each drive added, return the name. For example calling this with
index 0 will return the string "/dev/sda". I called it
guestfs_device_name (not drive_name) for consistency with the existing
guestfs_device_index function.
You don't really need to call this function. You can follow the
advice here:
https://libguestfs.org/guestfs.3.html#block-device-naming
and assume that drives are added with predictable names like
"/dev/sda", "/dev/sdb", etc.
However it's useful to expose the internal guestfs_int_drive_name
function since especially handling names beyond index 26 is tricky
(https://rwmj.wordpress.com/2011/01/09/how-are-linux-drives-named-beyond-drive-26-devsdz/)
Fixes: https://github.com/libguestfs/libguestfs/issues/80
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit ac00e603f83802634f1d53b1629aee4670eaf31c)
---
generator/actions_core.ml | 24 +++++++++++++++++++++++-
lib/drives.c | 15 +++++++++++++++
2 files changed, 38 insertions(+), 1 deletion(-)
diff --git a/generator/actions_core.ml b/generator/actions_core.ml
index ce9ee39cc..dc12fdc33 100644
--- a/generator/actions_core.ml
+++ b/generator/actions_core.ml
@@ -737,7 +737,29 @@ returns the index of the device in the list of devices.
Index numbers start from 0. The named device must exist,
for example as a string returned from C<guestfs_list_devices>.
-See also C<guestfs_list_devices>, C<guestfs_part_to_dev>." };
+See also C<guestfs_list_devices>, C<guestfs_part_to_dev>,
+C<guestfs_device_name>." };
+
+ { defaults with
+ name = "device_name"; added = (1, 49, 1);
+ style = RString (RPlainString, "name"), [Int "index"], [];
+ tests = [
+ InitEmpty, Always, TestResult (
+ [["device_name"; "0"]], "STREQ (ret, \"/dev/sda\")"), [];
+ InitEmpty, Always, TestResult (
+ [["device_name"; "1"]], "STREQ (ret, \"/dev/sdb\")"), [];
+ InitEmpty, Always, TestLastFail (
+ [["device_name"; "99"]]), []
+ ];
+ shortdesc = "convert device index to name";
+ longdesc = "\
+This function takes a device index and returns the device
+name. For example index C<0> will return the string C</dev/sda>.
+
+The drive index must have been added to the handle.
+
+See also C<guestfs_list_devices>, C<guestfs_part_to_dev>,
+C<guestfs_device_index>." };
{ defaults with
name = "shutdown"; added = (1, 19, 16);
diff --git a/lib/drives.c b/lib/drives.c
index fd95308d2..a6179fc36 100644
--- a/lib/drives.c
+++ b/lib/drives.c
@@ -31,6 +31,7 @@
#include <netdb.h>
#include <arpa/inet.h>
#include <assert.h>
+#include <errno.h>
#include <libintl.h>
#include "c-ctype.h"
@@ -1084,3 +1085,17 @@ guestfs_impl_device_index (guestfs_h *g, const char *device)
error (g, _("%s: device not found"), device);
return r;
}
+
+char *
+guestfs_impl_device_name (guestfs_h *g, int index)
+{
+ char drive_name[64];
+
+ if (index < 0 || index >= g->nr_drives) {
+ guestfs_int_error_errno (g, EINVAL, _("drive index out of range"));
+ return NULL;
+ }
+
+ guestfs_int_drive_name (index, drive_name);
+ return safe_asprintf (g, "/dev/sd%s", drive_name);
+}
--
2.31.1

56
SOURCES/0001-RHEL-8-Remove-libguestfs-live-RHBZ-798980.patch
View File

@ -1,56 +0,0 @@
From 5b6d2b05fe0c4035b9791a751e3133d26c7baa2d Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Fri, 21 Dec 2012 15:50:11 +0000
Subject: [PATCH] RHEL 8: Remove libguestfs live (RHBZ#798980).
This isn't supported in RHEL 8.
Disable daemon tests that require the 'unix' backend.
---
lib/launch-unix.c | 7 +++++++
tests/daemon/Makefile.am | 4 +---
2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/lib/launch-unix.c b/lib/launch-unix.c
index 0d344f9df..74dd1bb4a 100644
--- a/lib/launch-unix.c
+++ b/lib/launch-unix.c
@@ -37,6 +37,12 @@
static int
launch_unix (guestfs_h *g, void *datav, const char *sockpath)
{
+ error (g,
+ "launch: In RHEL, only the 'libvirt' or 'direct' method is supported.\n"
+ "In particular, \"libguestfs live\" is not supported.");
+ return -1;
+
+#if 0
int r, daemon_sock = -1;
struct sockaddr_un addr;
uint32_t size;
@@ -106,6 +112,7 @@ launch_unix (guestfs_h *g, void *datav, const char *sockpath)
g->conn = NULL;
}
return -1;
+#endif
}
static int
diff --git a/tests/daemon/Makefile.am b/tests/daemon/Makefile.am
index 921e6d1df..8b2887247 100644
--- a/tests/daemon/Makefile.am
+++ b/tests/daemon/Makefile.am
@@ -23,9 +23,7 @@ include $(top_srcdir)/subdir-rules.mk
check_DATA = captive-daemon.pm
-TESTS = \
- test-daemon-start.pl \
- test-btrfs.pl
+TESTS =
TESTS_ENVIRONMENT = $(top_builddir)/run --test
--
2.31.1

330
SOURCES/0002-RHEL-8-Remove-9p-APIs-from-RHEL-RHBZ-921710.patch
View File

@ -1,330 +0,0 @@
From 91b2a6e50211c58ea31a36351ec63c358f708bf9 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Thu, 18 Jul 2013 18:31:53 +0100
Subject: [PATCH] RHEL 8: Remove 9p APIs from RHEL (RHBZ#921710).
---
Makefile.am | 2 +-
daemon/9p.c | 182 --------------------------------------
daemon/Makefile.am | 1 -
docs/C_SOURCE_FILES | 1 -
generator/actions_core.ml | 21 -----
generator/proc_nr.ml | 2 -
gobject/Makefile.inc | 2 -
po/POTFILES | 2 -
8 files changed, 1 insertion(+), 212 deletions(-)
delete mode 100644 daemon/9p.c
diff --git a/Makefile.am b/Makefile.am
index 3df1b6a7a..36e44dfd5 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -78,7 +78,7 @@ SUBDIRS += tests/xfs
SUBDIRS += tests/charsets
SUBDIRS += tests/xml
SUBDIRS += tests/mount-local
-SUBDIRS += tests/9p
+#SUBDIRS += tests/9p
SUBDIRS += tests/rsync
SUBDIRS += tests/bigdirs
SUBDIRS += tests/disk-labels
diff --git a/daemon/9p.c b/daemon/9p.c
deleted file mode 100644
index 743a96abd..000000000
--- a/daemon/9p.c
+++ /dev/null
@@ -1,182 +0,0 @@
-/* libguestfs - the guestfsd daemon
- * Copyright (C) 2011 Red Hat Inc.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- */
-
-#include <config.h>
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <limits.h>
-#include <errno.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <dirent.h>
-#include <fcntl.h>
-
-#include "ignore-value.h"
-
-#include "daemon.h"
-#include "actions.h"
-
-#define BUS_PATH "/sys/bus/virtio/drivers/9pnet_virtio"
-
-static void
-modprobe_9pnet_virtio (void)
-{
- /* Required with Linux 5.6 and maybe earlier kernels. For unclear
- * reasons the module is not an automatic dependency of the 9p
- * module so doesn't get loaded automatically.
- */
- ignore_value (command (NULL, NULL, "modprobe", "9pnet_virtio", NULL));
-}
-
-/* https://bugzilla.redhat.com/show_bug.cgi?id=714981#c1 */
-char **
-do_list_9p (void)
-{
- CLEANUP_FREE_STRINGSBUF DECLARE_STRINGSBUF (r);
- DIR *dir;
-
- modprobe_9pnet_virtio ();
-
- dir = opendir (BUS_PATH);
- if (!dir) {
- perror ("opendir: " BUS_PATH);
- if (errno != ENOENT) {
- reply_with_perror ("opendir: " BUS_PATH);
- return NULL;
- }
-
- /* If this directory doesn't exist, it probably means that
- * the virtio driver isn't loaded. Don't return an error
- * in this case, but return an empty list.
- */
- if (end_stringsbuf (&r) == -1)
- return NULL;
-
- return take_stringsbuf (&r);
- }
-
- while (1) {
- struct dirent *d;
-
- errno = 0;
- d = readdir (dir);
- if (d == NULL) break;
-
- if (STRPREFIX (d->d_name, "virtio")) {
- CLEANUP_FREE char *mount_tag_path = NULL;
- if (asprintf (&mount_tag_path, BUS_PATH "/%s/mount_tag",
- d->d_name) == -1) {
- reply_with_perror ("asprintf");
- closedir (dir);
- return NULL;
- }
-
- /* A bit unclear, but it looks like the virtio transport allows
- * the mount tag length to be unlimited (or up to 65536 bytes).
- * See: linux/include/linux/virtio_9p.h
- */
- CLEANUP_FREE char *mount_tag = read_whole_file (mount_tag_path, NULL);
- if (mount_tag == 0)
- continue;
-
- if (add_string (&r, mount_tag) == -1) {
- closedir (dir);
- return NULL;
- }
- }
- }
-
- /* Check readdir didn't fail */
- if (errno != 0) {
- reply_with_perror ("readdir: /sys/block");
- closedir (dir);
- return NULL;
- }
-
- /* Close the directory handle */
- if (closedir (dir) == -1) {
- reply_with_perror ("closedir: /sys/block");
- return NULL;
- }
-
- /* Sort the tags. */
- if (r.size > 0)
- sort_strings (r.argv, r.size);
-
- /* NULL terminate the list */
- if (end_stringsbuf (&r) == -1)
- return NULL;
-
- return take_stringsbuf (&r);
-}
-
-/* Takes optional arguments, consult optargs_bitmask. */
-int
-do_mount_9p (const char *mount_tag, const char *mountpoint, const char *options)
-{
- CLEANUP_FREE char *mp = NULL, *opts = NULL, *err = NULL;
- struct stat statbuf;
- int r;
-
- ABS_PATH (mountpoint, 0, return -1);
-
- mp = sysroot_path (mountpoint);
- if (!mp) {
- reply_with_perror ("malloc");
- return -1;
- }
-
- /* Check the mountpoint exists and is a directory. */
- if (stat (mp, &statbuf) == -1) {
- reply_with_perror ("%s", mountpoint);
- return -1;
- }
- if (!S_ISDIR (statbuf.st_mode)) {
- reply_with_perror ("%s: mount point is not a directory", mountpoint);
- return -1;
- }
-
- /* Add trans=virtio to the options. */
- if ((optargs_bitmask & GUESTFS_MOUNT_9P_OPTIONS_BITMASK) &&
- STRNEQ (options, "")) {
- if (asprintf (&opts, "trans=virtio,%s", options) == -1) {
- reply_with_perror ("asprintf");
- return -1;
- }
- }
- else {
- opts = strdup ("trans=virtio");
- if (opts == NULL) {
- reply_with_perror ("strdup");
- return -1;
- }
- }
-
- modprobe_9pnet_virtio ();
- r = command (NULL, &err,
- "mount", "-o", opts, "-t", "9p", mount_tag, mp, NULL);
- if (r == -1) {
- reply_with_error ("%s on %s: %s", mount_tag, mountpoint, err);
- return -1;
- }
-
- return 0;
-}
diff --git a/daemon/Makefile.am b/daemon/Makefile.am
index 038be592c..df9dcc4ee 100644
--- a/daemon/Makefile.am
+++ b/daemon/Makefile.am
@@ -82,7 +82,6 @@ guestfsd_SOURCES = \
../common/protocol/guestfs_protocol.h \
../common/utils/cleanups.h \
../common/utils/guestfs-utils.h \
- 9p.c \
acl.c \
actions.h \
available.c \
diff --git a/docs/C_SOURCE_FILES b/docs/C_SOURCE_FILES
index cd5bd2924..831b7e25a 100644
--- a/docs/C_SOURCE_FILES
+++ b/docs/C_SOURCE_FILES
@@ -63,7 +63,6 @@ common/windows/windows.c
common/windows/windows.h
customize/crypt-c.c
customize/perl_edit-c.c
-daemon/9p.c
daemon/acl.c
daemon/actions.h
daemon/augeas.c
diff --git a/generator/actions_core.ml b/generator/actions_core.ml
index 806565b19..37476c93e 100644
--- a/generator/actions_core.ml
+++ b/generator/actions_core.ml
@@ -6157,27 +6157,6 @@ This returns true iff the device exists and contains all zero bytes.
Note that for large devices this can take a long time to run." };
- { defaults with
- name = "list_9p"; added = (1, 11, 12);
- style = RStringList (RPlainString, "mounttags"), [], [];
- shortdesc = "list 9p filesystems";
- longdesc = "\
-List all 9p filesystems attached to the guest. A list of
-mount tags is returned." };
-
- { defaults with
- name = "mount_9p"; added = (1, 11, 12);
- style = RErr, [String (PlainString, "mounttag"); String (PlainString, "mountpoint")], [OString "options"];
- camel_name = "Mount9P";
- shortdesc = "mount 9p filesystem";
- longdesc = "\
-Mount the virtio-9p filesystem with the tag C<mounttag> on the
-directory C<mountpoint>.
-
-If required, C<trans=virtio> will be automatically added to the options.
-Any other options required can be passed in the optional C<options>
-parameter." };
-
{ defaults with
name = "list_dm_devices"; added = (1, 11, 15);
style = RStringList (RDevice, "devices"), [], [];
diff --git a/generator/proc_nr.ml b/generator/proc_nr.ml
index 30e42864f..57976be36 100644
--- a/generator/proc_nr.ml
+++ b/generator/proc_nr.ml
@@ -295,8 +295,6 @@ let proc_nr = [
282, "internal_autosync";
283, "is_zero";
284, "is_zero_device";
-285, "list_9p";
-286, "mount_9p";
287, "list_dm_devices";
288, "ntfsresize";
289, "btrfs_filesystem_resize";
diff --git a/gobject/Makefile.inc b/gobject/Makefile.inc
index 650f8ddac..c4e735967 100644
--- a/gobject/Makefile.inc
+++ b/gobject/Makefile.inc
@@ -94,7 +94,6 @@ guestfs_gobject_headers= \
include/guestfs-gobject/optargs-mksquashfs.h \
include/guestfs-gobject/optargs-mkswap.h \
include/guestfs-gobject/optargs-mktemp.h \
- include/guestfs-gobject/optargs-mount_9p.h \
include/guestfs-gobject/optargs-mount_local.h \
include/guestfs-gobject/optargs-ntfsclone_out.h \
include/guestfs-gobject/optargs-ntfsfix.h \
@@ -188,7 +187,6 @@ guestfs_gobject_sources= \
src/optargs-mksquashfs.c \
src/optargs-mkswap.c \
src/optargs-mktemp.c \
- src/optargs-mount_9p.c \
src/optargs-mount_local.c \
src/optargs-ntfsclone_out.c \
src/optargs-ntfsfix.c \
diff --git a/po/POTFILES b/po/POTFILES
index 69ea7134a..0782e8ceb 100644
--- a/po/POTFILES
+++ b/po/POTFILES
@@ -47,7 +47,6 @@ common/visit/visit.c
common/windows/windows.c
customize/crypt-c.c
customize/perl_edit-c.c
-daemon/9p.c
daemon/acl.c
daemon/augeas.c
daemon/available.c
@@ -277,7 +276,6 @@ gobject/src/optargs-mkfs_btrfs.c
gobject/src/optargs-mksquashfs.c
gobject/src/optargs-mkswap.c
gobject/src/optargs-mktemp.c
-gobject/src/optargs-mount_9p.c
gobject/src/optargs-mount_local.c
gobject/src/optargs-ntfsclone_out.c
gobject/src/optargs-ntfsfix.c
--
2.31.1

565
SOURCES/0002-guestfs_readdir-rewrite-with-FileOut-transfer-to-lif.patch Normal file
View File

@ -0,0 +1,565 @@
From b97b90779d5ea261d5e737f073bb4ec5dc546511 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Mon, 2 May 2022 10:56:00 +0200
Subject: [PATCH] guestfs_readdir(): rewrite with FileOut transfer, to lift
protocol limit
Currently the guestfs_readdir() API can not list long directories, due to
it sending back the whole directory listing in a single guestfs protocol
response, which is limited to GUESTFS_MESSAGE_MAX (approx. 4MB) in size.
Introduce the "internal_readdir" action, for transferring the directory
listing from the daemon to the library through a FileOut parameter.
Rewrite guestfs_readdir() on top of this new internal function:
- The new "internal_readdir" action is a daemon action. Do not repurpose
the "readdir" proc_nr (138) for "internal_readdir", as some distros ship
the binary appliance to their users, and reusing the proc_nr could
create a mismatch between library & appliance with obscure symptoms.
Replace the old proc_nr (138) with a new proc_nr (511) instead; a
mismatch would then produce a clear error message. Assume the new action
will first be released in libguestfs-1.48.2.
- Turn "readdir" from a daemon action into a non-daemon one. Call the
daemon action guestfs_internal_readdir() manually, receive the FileOut
parameter into a temp file, then deserialize the dirents array from the
temp file.
This patch sneakily fixes an independent bug, too. In the pre-patch
do_readdir() function [daemon/readdir.c], when readdir() returns NULL, we
don't distinguish "end of directory stream" from "readdir() failed". This
rewrite fixes this problem -- I didn't see much value separating out the
fix for the original do_readdir().
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1674392
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20220502085601.15012-2-lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 45b7f1736b64e9f0741e21e5a9d83a837bd863bf)
---
TODO | 8 ---
daemon/readdir.c | 132 +++++++++++++++++++-------------------
generator/actions_core.ml | 127 +++++++++++++++++++-----------------
generator/proc_nr.ml | 2 +-
lib/MAX_PROC_NR | 2 +-
lib/Makefile.am | 1 +
lib/readdir.c | 131 +++++++++++++++++++++++++++++++++++++
7 files changed, 267 insertions(+), 136 deletions(-)
create mode 100644 lib/readdir.c
diff --git a/TODO b/TODO
index a50f7d73c..513e55f92 100644
--- a/TODO
+++ b/TODO
@@ -484,14 +484,6 @@ this approach works, it doesn't solve the MBR problem, so likely we'd
have to write a library for that (or perhaps go back to sfdisk but
using a very abstracted interface over sfdisk).
-Reimplement some APIs to avoid protocol limits
-----------------------------------------------
-
-Mostly this item was done (eg. commits a69f44f56f and before). The
-most notable API with a protocol limit remaining is:
-
- - guestfs_readdir
-
hivex
-----
diff --git a/daemon/readdir.c b/daemon/readdir.c
index e488f93e7..9ab0b0aec 100644
--- a/daemon/readdir.c
+++ b/daemon/readdir.c
@@ -16,77 +16,67 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
-#include <config.h>
+#include <config.h> /* HAVE_STRUCT_DIRENT_D_TYPE */
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <dirent.h>
+#include <dirent.h> /* readdir() */
+#include <errno.h> /* errno */
+#include <rpc/xdr.h> /* xdrmem_create() */
+#include <stdio.h> /* perror() */
+#include <stdlib.h> /* malloc() */
+#include <sys/types.h> /* opendir() */
-#include "daemon.h"
-#include "actions.h"
+#include "daemon.h" /* reply_with_perror() */
-static void
-free_int_dirent_list (guestfs_int_dirent *p, size_t len)
+/* Has one FileOut parameter. */
+int
+do_internal_readdir (const char *dir)
{
- size_t i;
+ int ret;
+ DIR *dirstream;
+ void *xdr_buf;
+ XDR xdr;
- for (i = 0; i < len; ++i) {
- free (p[i].name);
- }
- free (p);
-}
-
-guestfs_int_dirent_list *
-do_readdir (const char *path)
-{
- guestfs_int_dirent_list *ret;
- guestfs_int_dirent v;
- DIR *dir;
- struct dirent *d;
- size_t i;
-
- ret = malloc (sizeof *ret);
- if (ret == NULL) {
- reply_with_perror ("malloc");
- return NULL;
- }
-
- ret->guestfs_int_dirent_list_len = 0;
- ret->guestfs_int_dirent_list_val = NULL;
+ /* Prepare to fail. */
+ ret = -1;
CHROOT_IN;
- dir = opendir (path);
+ dirstream = opendir (dir);
CHROOT_OUT;
- if (dir == NULL) {
- reply_with_perror ("opendir: %s", path);
- free (ret);
- return NULL;
+ if (dirstream == NULL) {
+ reply_with_perror ("opendir: %s", dir);
+ return ret;
}
- i = 0;
- while ((d = readdir (dir)) != NULL) {
- guestfs_int_dirent *p;
+ xdr_buf = malloc (GUESTFS_MAX_CHUNK_SIZE);
+ if (xdr_buf == NULL) {
+ reply_with_perror ("malloc");
+ goto close_dir;
+ }
+ xdrmem_create (&xdr, xdr_buf, GUESTFS_MAX_CHUNK_SIZE, XDR_ENCODE);
+
+ /* Send an "OK" reply, before starting the file transfer. */
+ reply (NULL, NULL);
+
+ /* From this point on, we can only report errors by canceling the file
+ * transfer.
+ */
+ for (;;) {
+ struct dirent *d;
+ guestfs_int_dirent v;
+
+ errno = 0;
+ d = readdir (dirstream);
+ if (d == NULL) {
+ if (errno == 0)
+ ret = 0;
+ else
+ perror ("readdir");
- p = realloc (ret->guestfs_int_dirent_list_val,
- sizeof (guestfs_int_dirent) * (i+1));
- v.name = strdup (d->d_name);
- if (!p || !v.name) {
- reply_with_perror ("allocate");
- if (p) {
- free_int_dirent_list (p, i);
- } else {
- free_int_dirent_list (ret->guestfs_int_dirent_list_val, i);
- }
- free (v.name);
- free (ret);
- closedir (dir);
- return NULL;
+ break;
}
- ret->guestfs_int_dirent_list_val = p;
+ v.name = d->d_name;
v.ino = d->d_ino;
#ifdef HAVE_STRUCT_DIRENT_D_TYPE
switch (d->d_type) {
@@ -104,19 +94,29 @@ do_readdir (const char *path)
v.ftyp = 'u';
#endif
- ret->guestfs_int_dirent_list_val[i] = v;
+ if (!xdr_guestfs_int_dirent (&xdr, &v)) {
+ fprintf (stderr, "xdr_guestfs_int_dirent failed\n");
+ break;
+ }
- i++;
+ if (send_file_write (xdr_buf, xdr_getpos (&xdr)) != 0)
+ break;
+
+ xdr_setpos (&xdr, 0);
}
- ret->guestfs_int_dirent_list_len = i;
+ /* Finish or cancel the transfer. Note that if (ret == -1) because the library
+ * canceled, we still need to cancel back!
+ */
+ send_file_end (ret == -1);
- if (closedir (dir) == -1) {
- reply_with_perror ("closedir");
- free (ret->guestfs_int_dirent_list_val);
- free (ret);
- return NULL;
- }
+ xdr_destroy (&xdr);
+ free (xdr_buf);
+
+close_dir:
+ if (closedir (dirstream) == -1)
+ /* Best we can do here is log an error. */
+ perror ("closedir");
return ret;
}
diff --git a/generator/actions_core.ml b/generator/actions_core.ml
index dc12fdc33..807150615 100644
--- a/generator/actions_core.ml
+++ b/generator/actions_core.ml
@@ -141,6 +141,66 @@ only useful for printing debug and internal error messages.
For more information on states, see L<guestfs(3)>." };
+ { defaults with
+ name = "readdir"; added = (1, 0, 55);
+ style = RStructList ("entries", "dirent"), [String (Pathname, "dir")], [];
+ progress = true; cancellable = true;
+ shortdesc = "read directories entries";
+ longdesc = "\
+This returns the list of directory entries in directory C<dir>.
+
+All entries in the directory are returned, including C<.> and
+C<..>. The entries are I<not> sorted, but returned in the same
+order as the underlying filesystem.
+
+Also this call returns basic file type information about each
+file. The C<ftyp> field will contain one of the following characters:
+
+=over 4
+
+=item 'b'
+
+Block special
+
+=item 'c'
+
+Char special
+
+=item 'd'
+
+Directory
+
+=item 'f'
+
+FIFO (named pipe)
+
+=item 'l'
+
+Symbolic link
+
+=item 'r'
+
+Regular file
+
+=item 's'
+
+Socket
+
+=item 'u'
+
+Unknown file type
+
+=item '?'
+
+The L<readdir(3)> call returned a C<d_type> field with an
+unexpected value
+
+=back
+
+This function is primarily intended for use by programs. To
+get a simple list of names, use C<guestfs_ls>. To get a printable
+directory for human consumption, use C<guestfs_ll>." };
+
{ defaults with
name = "version"; added = (1, 0, 58);
style = RStruct ("version", "version"), [], [];
@@ -3939,66 +3999,6 @@ L<umask(2)>, C<guestfs_mknod>, C<guestfs_mkdir>.
This call returns the previous umask." };
- { defaults with
- name = "readdir"; added = (1, 0, 55);
- style = RStructList ("entries", "dirent"), [String (Pathname, "dir")], [];
- protocol_limit_warning = true;
- shortdesc = "read directories entries";
- longdesc = "\
-This returns the list of directory entries in directory C<dir>.
-
-All entries in the directory are returned, including C<.> and
-C<..>. The entries are I<not> sorted, but returned in the same
-order as the underlying filesystem.
-
-Also this call returns basic file type information about each
-file. The C<ftyp> field will contain one of the following characters:
-
-=over 4
-
-=item 'b'
-
-Block special
-
-=item 'c'
-
-Char special
-
-=item 'd'
-
-Directory
-
-=item 'f'
-
-FIFO (named pipe)
-
-=item 'l'
-
-Symbolic link
-
-=item 'r'
-
-Regular file
-
-=item 's'
-
-Socket
-
-=item 'u'
-
-Unknown file type
-
-=item '?'
-
-The L<readdir(3)> call returned a C<d_type> field with an
-unexpected value
-
-=back
-
-This function is primarily intended for use by programs. To
-get a simple list of names, use C<guestfs_ls>. To get a printable
-directory for human consumption, use C<guestfs_ll>." };
-
{ defaults with
name = "getxattrs"; added = (1, 0, 59);
style = RStructList ("xattrs", "xattr"), [String (Pathname, "path")], [];
@@ -9713,4 +9713,11 @@ C<guestfs_cryptsetup_open>. The C<device> parameter must be
the name of the mapping device (ie. F</dev/mapper/mapname>)
and I<not> the name of the underlying block device." };
+ { defaults with
+ name = "internal_readdir"; added = (1, 48, 2);
+ style = RErr, [String (Pathname, "dir"); String (FileOut, "filename")], [];
+ visibility = VInternal;
+ shortdesc = "read directories entries";
+ longdesc = "Internal function for readdir." };
+
]
diff --git a/generator/proc_nr.ml b/generator/proc_nr.ml
index b20672ff0..bdced51c9 100644
--- a/generator/proc_nr.ml
+++ b/generator/proc_nr.ml
@@ -152,7 +152,6 @@ let proc_nr = [
135, "mknod_b";
136, "mknod_c";
137, "umask";
-138, "readdir";
139, "sfdiskM";
140, "zfile";
141, "getxattrs";
@@ -514,6 +513,7 @@ let proc_nr = [
508, "cryptsetup_open";
509, "cryptsetup_close";
510, "internal_list_rpm_applications";
+511, "internal_readdir";
]
(* End of list. If adding a new entry, add it at the end of the list
diff --git a/lib/MAX_PROC_NR b/lib/MAX_PROC_NR
index 2bc4cd64b..c0556fb20 100644
--- a/lib/MAX_PROC_NR
+++ b/lib/MAX_PROC_NR
@@ -1 +1 @@
-510
+511
diff --git a/lib/Makefile.am b/lib/Makefile.am
index 144c45588..212bcb94a 100644
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -105,6 +105,7 @@ libguestfs_la_SOURCES = \
private-data.c \
proto.c \
qemu.c \
+ readdir.c \
rescue.c \
stringsbuf.c \
structs-compare.c \
diff --git a/lib/readdir.c b/lib/readdir.c
new file mode 100644
index 000000000..9cb0d7cf6
--- /dev/null
+++ b/lib/readdir.c
@@ -0,0 +1,131 @@
+/* libguestfs
+ * Copyright (C) 2016-2022 Red Hat Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#include <config.h> /* UNIX_PATH_MAX, needed by "guestfs-internal.h" */
+
+#include <rpc/xdr.h> /* xdrstdio_create() */
+#include <stdint.h> /* UINT32_MAX */
+#include <stdio.h> /* fopen() */
+#include <string.h> /* memset() */
+
+#include "guestfs.h" /* guestfs_internal_readdir() */
+#include "guestfs_protocol.h" /* guestfs_int_dirent */
+#include "guestfs-internal.h" /* guestfs_int_make_temp_path() */
+#include "guestfs-internal-actions.h" /* guestfs_impl_readdir */
+
+struct guestfs_dirent_list *
+guestfs_impl_readdir (guestfs_h *g, const char *dir)
+{
+ struct guestfs_dirent_list *ret;
+ char *tmpfn;
+ FILE *f;
+ off_t fsize;
+ XDR xdr;
+ struct guestfs_dirent_list *dirents;
+ uint32_t alloc_entries;
+ size_t alloc_bytes;
+
+ /* Prepare to fail. */
+ ret = NULL;
+
+ tmpfn = guestfs_int_make_temp_path (g, "readdir", NULL);
+ if (tmpfn == NULL)
+ return ret;
+
+ if (guestfs_internal_readdir (g, dir, tmpfn) == -1)
+ goto drop_tmpfile;
+
+ f = fopen (tmpfn, "r");
+ if (f == NULL) {
+ perrorf (g, "fopen: %s", tmpfn);
+ goto drop_tmpfile;
+ }
+
+ if (fseeko (f, 0, SEEK_END) == -1) {
+ perrorf (g, "fseeko");
+ goto close_tmpfile;
+ }
+ fsize = ftello (f);
+ if (fsize == -1) {
+ perrorf (g, "ftello");
+ goto close_tmpfile;
+ }
+ if (fseeko (f, 0, SEEK_SET) == -1) {
+ perrorf (g, "fseeko");
+ goto close_tmpfile;
+ }
+
+ xdrstdio_create (&xdr, f, XDR_DECODE);
+
+ dirents = safe_malloc (g, sizeof *dirents);
+ dirents->len = 0;
+ alloc_entries = 8;
+ alloc_bytes = alloc_entries * sizeof *dirents->val;
+ dirents->val = safe_malloc (g, alloc_bytes);
+
+ while (xdr_getpos (&xdr) < fsize) {
+ guestfs_int_dirent v;
+ struct guestfs_dirent *d;
+
+ if (dirents->len == alloc_entries) {
+ if (alloc_entries > UINT32_MAX / 2 || alloc_bytes > (size_t)-1 / 2) {
+ error (g, "integer overflow");
+ goto free_dirents;
+ }
+ alloc_entries *= 2u;
+ alloc_bytes *= 2u;
+ dirents->val = safe_realloc (g, dirents->val, alloc_bytes);
+ }
+
+ /* Decoding does not work unless the target buffer is zero-initialized. */
+ memset (&v, 0, sizeof v);
+ if (!xdr_guestfs_int_dirent (&xdr, &v)) {
+ error (g, "xdr_guestfs_int_dirent failed");
+ goto free_dirents;
+ }
+
+ d = &dirents->val[dirents->len];
+ d->ino = v.ino;
+ d->ftyp = v.ftyp;
+ d->name = v.name; /* transfer malloc'd string to "d" */
+
+ dirents->len++;
+ }
+
+ /* Success; transfer "dirents" to "ret". */
+ ret = dirents;
+ dirents = NULL;
+
+ /* Clean up. */
+ xdr_destroy (&xdr);
+
+free_dirents:
+ guestfs_free_dirent_list (dirents);
+
+close_tmpfile:
+ fclose (f);
+
+drop_tmpfile:
+ /* In case guestfs_internal_readdir() failed, it may or may not have created
+ * the temporary file.
+ */
+ unlink (tmpfn);
+ free (tmpfn);
+
+ return ret;
+}
--
2.31.1

37
SOURCES/0002-update-common-submodule.patch Normal file
View File

@ -0,0 +1,37 @@
From 89b6c8b458dcb00de83b543c47a6acb049f63f18 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Tue, 21 Mar 2023 16:55:15 +0100
Subject: [PATCH] update common submodule
HATAYAMA Daisuke (1):
progress: fix segmentation fault when TERM variable is "dumb"
Laszlo Ersek (2):
detect_kernels: tighten "try" scope
detect_kernels: deal with RHEL's kernel-core / kernel-modules-core split
rwmjones (1):
Merge pull request #5 from d-hatayama/fix_segfault_progress_bar
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2175703
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit be11d25b3e2770d86699e94c5087e6625477d5ec)
---
common | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Submodule common 360e037d..70c10a07:
diff --git a/common/progress/progress.c b/common/progress/progress.c
index 4d52b97e..e4b30663 100644
--- a/common/progress/progress.c
+++ b/common/progress/progress.c
@@ -318,7 +318,8 @@ progress_bar_set (struct progress_bar *bar,
* (b) it's just not possible to use tputs in a sane way here.
*/
/*tputs (UP, 2, putchar);*/
- fprintf (fp, "%s", UP);
+ if (UP)
+ fprintf (fp, "%s", UP);
}
bar->count++;

63
SOURCES/0003-daemon-selinux-relabel-don-t-exclude-selinux-if-it-s.patch Normal file
View File

@ -0,0 +1,63 @@
From e58cd8df467e342463d08e3d761c2e322287b13e Mon Sep 17 00:00:00 2001
From: Andrey Drobyshev <andrey.drobyshev@virtuozzo.com>
Date: Wed, 26 Apr 2023 15:59:44 +0300
Subject: [PATCH] daemon/selinux-relabel: don't exclude "/selinux" if it's
non-existent
Since RHBZ#726528, filesystem.rpm doesn't include /selinux. setfiles
then gives us the warning: "Can't stat exclude path "/sysroot/selinux",
No such file or directory - ignoring."
Though the warning is harmless, let's get rid of it by checking the
existence of /selinux directory.
Signed-off-by: Andrey Drobyshev <andrey.drobyshev@virtuozzo.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 9ced5fac8c1f0f8ff7ed2b5671c1c7f5f0bfa875)
---
daemon/selinux-relabel.c | 16 +++++++++++++++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/daemon/selinux-relabel.c b/daemon/selinux-relabel.c
index 976cffe3..454486c1 100644
--- a/daemon/selinux-relabel.c
+++ b/daemon/selinux-relabel.c
@@ -21,6 +21,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <sys/stat.h>
#include "guestfs_protocol.h"
#include "daemon.h"
@@ -37,6 +38,17 @@ optgroup_selinuxrelabel_available (void)
return prog_exists ("setfiles");
}
+static int
+dir_exists (const char *dir)
+{
+ struct stat statbuf;
+
+ if (stat (dir, &statbuf) == 0 && S_ISDIR (statbuf.st_mode))
+ return 1;
+ else
+ return 0;
+}
+
static int
setfiles_has_option (int *flag, char opt_char)
{
@@ -99,8 +111,10 @@ do_selinux_relabel (const char *specfile, const char *path,
*/
ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_dev);
ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_proc);
- ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_selinux);
ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_sys);
+ if (dir_exists (s_selinux)) {
+ ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_selinux);
+ }
/* You have to use the -m option (where available) otherwise
* setfiles puts all the mountpoints on the excludes list for no

108
SOURCES/0003-guestfs_readdir-minimize-the-number-of-send_file_wri.patch Normal file
View File

@ -0,0 +1,108 @@
From 62cd6c9d2dd62dd24cc04b16437bfb816a6f4357 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Mon, 2 May 2022 10:56:01 +0200
Subject: [PATCH] guestfs_readdir(): minimize the number of send_file_write()
calls
In guestfs_readdir(), the daemon currently sends each XDR-encoded
"guestfs_int_dirent" to the library with a separate send_file_write()
call.
Determine the largest encoded size (from the longest filename that a
"guestfs_int_dirent" could carry, from readdir()'s "struct dirent"), and
batch up the XDR encodings until the next encoding might not fit in
GUESTFS_MAX_CHUNK_SIZE. Call send_file_write() only then.
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1674392
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20220502085601.15012-3-lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 4864d21cb8eb991f0fc98d03a068173837cba50e)
---
daemon/readdir.c | 38 ++++++++++++++++++++++++++++++++------
1 file changed, 32 insertions(+), 6 deletions(-)
diff --git a/daemon/readdir.c b/daemon/readdir.c
index 9ab0b0aec..3084ba939 100644
--- a/daemon/readdir.c
+++ b/daemon/readdir.c
@@ -35,6 +35,9 @@ do_internal_readdir (const char *dir)
DIR *dirstream;
void *xdr_buf;
XDR xdr;
+ struct dirent fill;
+ guestfs_int_dirent v;
+ unsigned max_encoded;
/* Prepare to fail. */
ret = -1;
@@ -55,6 +58,20 @@ do_internal_readdir (const char *dir)
}
xdrmem_create (&xdr, xdr_buf, GUESTFS_MAX_CHUNK_SIZE, XDR_ENCODE);
+ /* Calculate the max number of bytes a "guestfs_int_dirent" can be encoded to.
+ */
+ memset (fill.d_name, 'a', sizeof fill.d_name - 1);
+ fill.d_name[sizeof fill.d_name - 1] = '\0';
+ v.ino = INT64_MAX;
+ v.ftyp = '?';
+ v.name = fill.d_name;
+ if (!xdr_guestfs_int_dirent (&xdr, &v)) {
+ fprintf (stderr, "xdr_guestfs_int_dirent failed\n");
+ goto release_xdr;
+ }
+ max_encoded = xdr_getpos (&xdr);
+ xdr_setpos (&xdr, 0);
+
/* Send an "OK" reply, before starting the file transfer. */
reply (NULL, NULL);
@@ -63,7 +80,6 @@ do_internal_readdir (const char *dir)
*/
for (;;) {
struct dirent *d;
- guestfs_int_dirent v;
errno = 0;
d = readdir (dirstream);
@@ -94,22 +110,32 @@ do_internal_readdir (const char *dir)
v.ftyp = 'u';
#endif
+ /* Flush "xdr_buf" if we may not have enough room for encoding "v". */
+ if (GUESTFS_MAX_CHUNK_SIZE - xdr_getpos (&xdr) < max_encoded) {
+ if (send_file_write (xdr_buf, xdr_getpos (&xdr)) != 0)
+ break;
+
+ xdr_setpos (&xdr, 0);
+ }
+
if (!xdr_guestfs_int_dirent (&xdr, &v)) {
fprintf (stderr, "xdr_guestfs_int_dirent failed\n");
break;
}
-
- if (send_file_write (xdr_buf, xdr_getpos (&xdr)) != 0)
- break;
-
- xdr_setpos (&xdr, 0);
}
+ /* Flush "xdr_buf" if the loop completed successfully and "xdr_buf" is not
+ * empty. */
+ if (ret == 0 && xdr_getpos (&xdr) > 0 &&
+ send_file_write (xdr_buf, xdr_getpos (&xdr)) != 0)
+ ret = -1;
+
/* Finish or cancel the transfer. Note that if (ret == -1) because the library
* canceled, we still need to cancel back!
*/
send_file_end (ret == -1);
+release_xdr:
xdr_destroy (&xdr);
free (xdr_buf);
--
2.31.1

72
SOURCES/0004-RHEL-8-Remove-User-Mode-Linux-RHBZ-1144197.patch
View File

@ -1,72 +0,0 @@
From 34f8c6a5eb0eabfba4ab1831b45e2baa73a4b501 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Fri, 19 Sep 2014 13:38:20 +0100
Subject: [PATCH] RHEL 8: Remove User-Mode Linux (RHBZ#1144197).
This isn't supported in RHEL 8.
---
lib/launch-uml.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/lib/launch-uml.c b/lib/launch-uml.c
index 5aec50a57..8b9fcd770 100644
--- a/lib/launch-uml.c
+++ b/lib/launch-uml.c
@@ -44,7 +44,9 @@ struct backend_uml_data {
char umid[UML_UMID_LEN+1]; /* umid=<...> unique ID. */
};
+#if 0
static void print_vmlinux_command_line (guestfs_h *g, char **argv);
+#endif
/* Run uml_mkcow to create a COW overlay. */
static char *
@@ -81,6 +83,7 @@ create_cow_overlay_uml (guestfs_h *g, void *datav, struct drive *drv)
return make_cow_overlay (g, drv->src.u.path);
}
+#if 0
/* Test for features which are not supported by the UML backend.
* Possibly some of these should just be warnings, not errors.
*/
@@ -133,10 +136,17 @@ uml_supported (guestfs_h *g)
return true;
}
+#endif
static int
launch_uml (guestfs_h *g, void *datav, const char *arg)
{
+ error (g,
+ "launch: In RHEL, only the 'libvirt' or 'direct' method is supported.\n"
+ "In particular, User-Mode Linux (UML) is not supported.");
+ return -1;
+
+#if 0
struct backend_uml_data *data = datav;
CLEANUP_FREE_STRINGSBUF DECLARE_STRINGSBUF (cmdline);
int console_sock = -1, daemon_sock = -1;
@@ -496,8 +506,10 @@ launch_uml (guestfs_h *g, void *datav, const char *arg)
}
g->state = CONFIG;
return -1;
+#endif
}
+#if 0
/* This is called from the forked subprocess just before vmlinux runs,
* so it can just print the message straight to stderr, where it will
* be picked up and funnelled through the usual appliance event API.
@@ -527,6 +539,7 @@ print_vmlinux_command_line (guestfs_h *g, char **argv)
fputc ('\n', stderr);
}
+#endif
static int
shutdown_uml (guestfs_h *g, void *datav, int check_for_errors)
--
2.31.1

33
SOURCES/0004-daemon-selinux-relabel-search-for-invalid-option-in-.patch Normal file
View File

@ -0,0 +1,33 @@
From c1829048c598e11950c9d355fdd5c177a99e046f Mon Sep 17 00:00:00 2001
From: Andrey Drobyshev <andrey.drobyshev@virtuozzo.com>
Date: Wed, 26 Apr 2023 15:59:45 +0300
Subject: [PATCH] daemon/selinux-relabel: search for "invalid option" in
setfiles output
'X' in the setiles' stderr doesn't necessarily mean that option 'X'
doesn't exist. For instance, when passing '-T' we get: "setfiles:
option requires an argument -- 'T'".
Signed-off-by: Andrey Drobyshev <andrey.drobyshev@virtuozzo.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 152d6e4bdf2dac88856a4ff83cf73451f897d4d4)
---
daemon/selinux-relabel.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/daemon/selinux-relabel.c b/daemon/selinux-relabel.c
index 454486c1..60a6f48a 100644
--- a/daemon/selinux-relabel.c
+++ b/daemon/selinux-relabel.c
@@ -56,8 +56,9 @@ setfiles_has_option (int *flag, char opt_char)
if (*flag == -1) {
char option[] = { '-', opt_char, '\0' }; /* "-X" */
- char err_opt[] = { '\'', opt_char, '\'', '\0'}; /* "'X'" */
+ char err_opt[32]; /* "invalid option -- 'X'" */
+ snprintf(err_opt, sizeof(err_opt), "invalid option -- '%c'", opt_char);
ignore_value (command (NULL, &err, "setfiles", option, NULL));
*flag = err && strstr (err, /* "invalid option -- " */ err_opt) == NULL;
}

123
SOURCES/0004-lib-launch-direct-ignore-drive-iface-parameter.patch Normal file
View File

@ -0,0 +1,123 @@
From e4901a4e83f0ab59a525095d2fe1c7f1a38c0aac Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 4 May 2022 15:41:52 +0200
Subject: [PATCH] lib: launch-direct: ignore drive "iface" parameter
Rich said in <https://bugzilla.redhat.com/show_bug.cgi?id=1844341#c1>:
> The libvirt backend has never allowed the iface parameter. We should
> probably ignore it in the direct backend since it's never been possible
> to use this parameter correctly.
Remove the handling of "iface" in the direct (QEMU) backend. Refresh the
documentation regarding both backends.
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1844341
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20220504134155.11832-2-lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 3eb830dbaee12c8dc4566cab226ed2af0e0f2d8c)
---
generator/actions_core_deprecated.ml | 8 +++-
lib/launch-direct.c | 59 ++++++----------------------
2 files changed, 19 insertions(+), 48 deletions(-)
diff --git a/generator/actions_core_deprecated.ml b/generator/actions_core_deprecated.ml
index 00dde3d2a..f1040a0e9 100644
--- a/generator/actions_core_deprecated.ml
+++ b/generator/actions_core_deprecated.ml
@@ -73,7 +73,9 @@ of C<guestfs_add_drive_ro>." };
shortdesc = "add a drive specifying the QEMU block emulation to use";
longdesc = "\
This is the same as C<guestfs_add_drive> but it allows you
-to specify the QEMU interface emulation to use at run time." };
+to specify the QEMU interface emulation to use at run time.
+The libvirt backend rejects a non-empty C<iface> argument.
+The direct backend ignores C<iface>." };
{ defaults with
name = "add_drive_ro_with_if"; added = (1, 0, 84);
@@ -83,7 +85,9 @@ to specify the QEMU interface emulation to use at run time." };
shortdesc = "add a drive read-only specifying the QEMU block emulation to use";
longdesc = "\
This is the same as C<guestfs_add_drive_ro> but it allows you
-to specify the QEMU interface emulation to use at run time." };
+to specify the QEMU interface emulation to use at run time.
+The libvirt backend rejects a non-empty C<iface> argument.
+The direct backend ignores C<iface>." };
{ defaults with
name = "lstatlist"; added = (1, 0, 77);
diff --git a/lib/launch-direct.c b/lib/launch-direct.c
index b292b9c26..ff0eaeb62 100644
--- a/lib/launch-direct.c
+++ b/lib/launch-direct.c
@@ -296,52 +296,19 @@ static int
add_drive (guestfs_h *g, struct backend_direct_data *data,
struct qemuopts *qopts, size_t i, struct drive *drv)
{
- /* If there's an explicit 'iface', use it. Otherwise default to
- * virtio-scsi.
- */
- if (drv->iface && STREQ (drv->iface, "virtio")) { /* virtio-blk */
- start_list ("-drive") {
- if (add_drive_standard_params (g, data, qopts, i, drv) == -1)
- return -1;
- append_list ("if=none");
- } end_list ();
- start_list ("-device") {
- append_list (VIRTIO_DEVICE_NAME ("virtio-blk"));
- append_list_format ("drive=hd%zu", i);
- if (drv->disk_label)
- append_list_format ("serial=%s", drv->disk_label);
- if (add_device_blocksize_params (g, qopts, drv) == -1)
- return -1;
- } end_list ();
- }
-#if defined(__arm__) || defined(__aarch64__) || defined(__powerpc__)
- else if (drv->iface && STREQ (drv->iface, "ide")) {
- error (g, "'ide' interface does not work on ARM or PowerPC");
- return -1;
- }
-#endif
- else if (drv->iface) {
- start_list ("-drive") {
- if (add_drive_standard_params (g, data, qopts, i, drv) == -1)
- return -1;
- append_list_format ("if=%s", drv->iface);
- } end_list ();
- }
- else /* default case: virtio-scsi */ {
- start_list ("-drive") {
- if (add_drive_standard_params (g, data, qopts, i, drv) == -1)
- return -1;
- append_list ("if=none");
- } end_list ();
- start_list ("-device") {
- append_list ("scsi-hd");
- append_list_format ("drive=hd%zu", i);
- if (drv->disk_label)
- append_list_format ("serial=%s", drv->disk_label);
- if (add_device_blocksize_params (g, qopts, drv) == -1)
- return -1;
- } end_list ();
- }
+ start_list ("-drive") {
+ if (add_drive_standard_params (g, data, qopts, i, drv) == -1)
+ return -1;
+ append_list ("if=none");
+ } end_list ();
+ start_list ("-device") {
+ append_list ("scsi-hd");
+ append_list_format ("drive=hd%zu", i);
+ if (drv->disk_label)
+ append_list_format ("serial=%s", drv->disk_label);
+ if (add_device_blocksize_params (g, qopts, drv) == -1)
+ return -1;
+ } end_list ();
return 0;
--
2.31.1

78
SOURCES/0005-daemon-selinux-relabel-run-setfiles-with-T-0-if-supp.patch Normal file
View File

@ -0,0 +1,78 @@
From 3046af080baad9935627ebb671950448cfd0fa7b Mon Sep 17 00:00:00 2001
From: Andrey Drobyshev <andrey.drobyshev@virtuozzo.com>
Date: Wed, 26 Apr 2023 15:59:46 +0300
Subject: [PATCH] daemon/selinux-relabel: run setfiles with "-T 0", if
supported
Since SELinux userspace v3.4 [1], setfiles command supports "-T nthreads"
option, which allows parallel execution. "-T 0" allows using as many
threads as there're available CPU cores. This might speed up the process
of filesystem relabeling in case the appliance is being run with multiple
vCPUs. The latter is true for at least v2v starting from d2b64ecc67
("v2v: Set the number of vCPUs to same as host number of pCPUs.").
For instance, when running virt-v2v-in-place on my 12-core Xeon host
with SSD, with appliance being run with 8 vCPUs (the upper limit specified
in d2b64ecc67), and on the ~150GiB disk VM (physical size on the host),
I get the following results:
./in-place/virt-v2v-in-place -i libvirt fedora37-vm -v -x
Without this patch:
...
commandrvf: setfiles -F -e /sysroot/dev -e /sysroot/proc -e /sysroot/sys -m -C -r /sysroot -v /sysroot/etc/selinux/targeted/contexts/files/file_contexts /sysroot/^M
libguestfs: trace: v2v: selinux_relabel = 0
libguestfs: trace: v2v: rm_f "/.autorelabel"
guestfsd: => selinux_relabel (0x1d3) took 17.94 secs
...
With this patch:
...
commandrvf: setfiles -F -e /sysroot/dev -e /sysroot/proc -e /sysroot/sys -m -C -T 0 -r /sysroot -v /sysroot/etc/selinux/targeted/contexts/files/file_contexts /sysroot/^M
libguestfs: trace: v2v: selinux_relabel = 0
libguestfs: trace: v2v: rm_f "/.autorelabel"
guestfsd: => selinux_relabel (0x1d3) took 5.88 secs
...
So in my scenario it's getting 3 times faster.
[1] https://github.com/SELinuxProject/selinux/releases/tag/3.4
Signed-off-by: Andrey Drobyshev <andrey.drobyshev@virtuozzo.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit d0d8e6738477148a7b752348f9364a3b8faed67f)
---
daemon/selinux-relabel.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/daemon/selinux-relabel.c b/daemon/selinux-relabel.c
index 60a6f48a..cfc5a31d 100644
--- a/daemon/selinux-relabel.c
+++ b/daemon/selinux-relabel.c
@@ -73,6 +73,7 @@ do_selinux_relabel (const char *specfile, const char *path,
{
static int flag_m = -1;
static int flag_C = -1;
+ static int flag_T = -1;
const char *argv[MAX_ARGS];
CLEANUP_FREE char *s_dev = NULL, *s_proc = NULL, *s_selinux = NULL,
*s_sys = NULL, *s_specfile = NULL, *s_path = NULL;
@@ -131,6 +132,17 @@ do_selinux_relabel (const char *specfile, const char *path,
if (setfiles_has_option (&flag_C, 'C'))
ADD_ARG (argv, i, "-C");
+ /* If the appliance is being run with multiple vCPUs, running setfiles
+ * in multithreading mode might speeds up the process. Option "-T" was
+ * introduced in SELinux userspace v3.4, and we need to check whether it's
+ * supported. Passing "-T 0" creates as many threads as there're available
+ * vCPU cores.
+ * https://github.com/SELinuxProject/selinux/releases/tag/3.4
+ */
+ if (setfiles_has_option (&flag_T, 'T')) {
+ ADD_ARG (argv, i, "-T"); ADD_ARG (argv, i, "0");
+ }
+
/* Relabelling in a chroot. */
if (STRNEQ (sysroot, "/")) {
ADD_ARG (argv, i, "-r");

245
SOURCES/0005-lib-drive_create_data-drive-remove-field-iface.patch Normal file
View File

@ -0,0 +1,245 @@
From f13297315495144775f6249e9e24dc5f18f6f902 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 4 May 2022 15:41:53 +0200
Subject: [PATCH] lib: drive_create_data, drive: remove field "iface"
Representing "iface" in the "drive_create_data" and "drive" structures is
now useless; the direct backend ignores "iface", while the libvirt one
rejects it unless it is empty. Unify both backends -- make them both
ignore "iface". (Which only relaxes the libvirt backend, so it cannot
cause compatibility problems.) This lets us remove the fields. Update the
documentation as well.
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1844341
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20220504134155.11832-3-lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit f68eaee1d6c41f91e7dfd2aa9e7d238cca7b8a4c)
---
generator/actions_core_deprecated.ml | 6 ++----
lib/drives.c | 31 +++++-----------------------
lib/guestfs-internal.h | 1 -
lib/launch-libvirt.c | 6 ------
lib/libvirt-domain.c | 15 --------------
5 files changed, 7 insertions(+), 52 deletions(-)
diff --git a/generator/actions_core_deprecated.ml b/generator/actions_core_deprecated.ml
index f1040a0e9..c23f4a330 100644
--- a/generator/actions_core_deprecated.ml
+++ b/generator/actions_core_deprecated.ml
@@ -74,8 +74,7 @@ of C<guestfs_add_drive_ro>." };
longdesc = "\
This is the same as C<guestfs_add_drive> but it allows you
to specify the QEMU interface emulation to use at run time.
-The libvirt backend rejects a non-empty C<iface> argument.
-The direct backend ignores C<iface>." };
+Both the direct and the libvirt backends ignore C<iface>." };
{ defaults with
name = "add_drive_ro_with_if"; added = (1, 0, 84);
@@ -86,8 +85,7 @@ The direct backend ignores C<iface>." };
longdesc = "\
This is the same as C<guestfs_add_drive_ro> but it allows you
to specify the QEMU interface emulation to use at run time.
-The libvirt backend rejects a non-empty C<iface> argument.
-The direct backend ignores C<iface>." };
+Both the direct and the libvirt backends ignore C<iface>." };
{ defaults with
name = "lstatlist"; added = (1, 0, 77);
diff --git a/lib/drives.c b/lib/drives.c
index a6179fc36..8fe46a41c 100644
--- a/lib/drives.c
+++ b/lib/drives.c
@@ -53,7 +53,6 @@ struct drive_create_data {
const char *secret;
bool readonly;
const char *format;
- const char *iface;
const char *name;
const char *disk_label;
const char *cachemode;
@@ -110,7 +109,6 @@ create_drive_file (guestfs_h *g,
drv->src.format = data->format ? safe_strdup (g, data->format) : NULL;
drv->readonly = data->readonly;
- drv->iface = data->iface ? safe_strdup (g, data->iface) : NULL;
drv->name = data->name ? safe_strdup (g, data->name) : NULL;
drv->disk_label = data->disk_label ? safe_strdup (g, data->disk_label) : NULL;
drv->cachemode = data->cachemode ? safe_strdup (g, data->cachemode) : NULL;
@@ -147,7 +145,6 @@ create_drive_non_file (guestfs_h *g,
drv->src.format = data->format ? safe_strdup (g, data->format) : NULL;
drv->readonly = data->readonly;
- drv->iface = data->iface ? safe_strdup (g, data->iface) : NULL;
drv->name = data->name ? safe_strdup (g, data->name) : NULL;
drv->disk_label = data->disk_label ? safe_strdup (g, data->disk_label) : NULL;
drv->cachemode = data->cachemode ? safe_strdup (g, data->cachemode) : NULL;
@@ -470,7 +467,6 @@ free_drive_struct (struct drive *drv)
{
free_drive_source (&drv->src);
free (drv->overlay);
- free (drv->iface);
free (drv->name);
free (drv->disk_label);
free (drv->cachemode);
@@ -511,14 +507,12 @@ drive_to_string (guestfs_h *g, const struct drive *drv)
s_blocksize = safe_asprintf (g, "%d", drv->blocksize);
return safe_asprintf
- (g, "%s%s%s%s protocol=%s%s%s%s%s%s%s%s%s%s%s%s%s",
+ (g, "%s%s%s%s protocol=%s%s%s%s%s%s%s%s%s%s%s",
drv->src.u.path,
drv->readonly ? " readonly" : "",
drv->src.format ? " format=" : "",
drv->src.format ? : "",
guestfs_int_drive_protocol_to_string (drv->src.protocol),
- drv->iface ? " iface=" : "",
- drv->iface ? : "",
drv->name ? " name=" : "",
drv->name ? : "",
drv->disk_label ? " label=" : "",
@@ -747,8 +741,6 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
? optargs->readonly : false;
data.format = optargs->bitmask & GUESTFS_ADD_DRIVE_OPTS_FORMAT_BITMASK
? optargs->format : NULL;
- data.iface = optargs->bitmask & GUESTFS_ADD_DRIVE_OPTS_IFACE_BITMASK
- ? optargs->iface : NULL;
data.name = optargs->bitmask & GUESTFS_ADD_DRIVE_OPTS_NAME_BITMASK
? optargs->name : NULL;
data.disk_label = optargs->bitmask & GUESTFS_ADD_DRIVE_OPTS_LABEL_BITMASK
@@ -804,12 +796,6 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
free_drive_servers (data.servers, data.nr_servers);
return -1;
}
- if (data.iface && !VALID_FORMAT_IFACE (data.iface)) {
- error (g, _("%s parameter is empty or contains disallowed characters"),
- "iface");
- free_drive_servers (data.servers, data.nr_servers);
- return -1;
- }
if (data.disk_label && !VALID_DISK_LABEL (data.disk_label)) {
error (g, _("label parameter is empty, too long, or contains disallowed characters"));
free_drive_servers (data.servers, data.nr_servers);
@@ -935,24 +921,17 @@ guestfs_impl_add_drive_ro (guestfs_h *g, const char *filename)
int
guestfs_impl_add_drive_with_if (guestfs_h *g, const char *filename,
- const char *iface)
+ const char *iface ATTRIBUTE_UNUSED)
{
- const struct guestfs_add_drive_opts_argv optargs = {
- .bitmask = GUESTFS_ADD_DRIVE_OPTS_IFACE_BITMASK,
- .iface = iface,
- };
-
- return guestfs_add_drive_opts_argv (g, filename, &optargs);
+ return guestfs_add_drive_opts_argv (g, filename, NULL);
}
int
guestfs_impl_add_drive_ro_with_if (guestfs_h *g, const char *filename,
- const char *iface)
+ const char *iface ATTRIBUTE_UNUSED)
{
const struct guestfs_add_drive_opts_argv optargs = {
- .bitmask = GUESTFS_ADD_DRIVE_OPTS_IFACE_BITMASK
- | GUESTFS_ADD_DRIVE_OPTS_READONLY_BITMASK,
- .iface = iface,
+ .bitmask = GUESTFS_ADD_DRIVE_OPTS_READONLY_BITMASK,
.readonly = true,
};
diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h
index 5bb00bc10..16755cfb3 100644
--- a/lib/guestfs-internal.h
+++ b/lib/guestfs-internal.h
@@ -298,7 +298,6 @@ struct drive {
/* Various per-drive flags. */
bool readonly;
- char *iface;
char *name;
char *disk_label;
char *cachemode;
diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c
index de342b425..03d69e027 100644
--- a/lib/launch-libvirt.c
+++ b/lib/launch-libvirt.c
@@ -1472,12 +1472,6 @@ construct_libvirt_xml_disk (guestfs_h *g,
const char *type, *uuid;
int r;
- /* XXX We probably could support this if we thought about it some more. */
- if (drv->iface) {
- error (g, _("iface parameter is not supported by the libvirt backend"));
- return -1;
- }
-
start_element ("disk") {
attribute ("device", "disk");
diff --git a/lib/libvirt-domain.c b/lib/libvirt-domain.c
index 3050680fa..fafbf50ea 100644
--- a/lib/libvirt-domain.c
+++ b/lib/libvirt-domain.c
@@ -68,7 +68,6 @@ guestfs_impl_add_domain (guestfs_h *g, const char *domain_name,
int live;
int allowuuid;
const char *readonlydisk;
- const char *iface;
const char *cachemode;
const char *discard;
bool copyonread;
@@ -78,8 +77,6 @@ guestfs_impl_add_domain (guestfs_h *g, const char *domain_name,
? optargs->libvirturi : NULL;
readonly = optargs->bitmask & GUESTFS_ADD_DOMAIN_READONLY_BITMASK
? optargs->readonly : 0;
- iface = optargs->bitmask & GUESTFS_ADD_DOMAIN_IFACE_BITMASK
- ? optargs->iface : NULL;
live = optargs->bitmask & GUESTFS_ADD_DOMAIN_LIVE_BITMASK
? optargs->live : 0;
allowuuid = optargs->bitmask & GUESTFS_ADD_DOMAIN_ALLOWUUID_BITMASK
@@ -136,10 +133,6 @@ guestfs_impl_add_domain (guestfs_h *g, const char *domain_name,
optargs2.bitmask |= GUESTFS_ADD_LIBVIRT_DOM_READONLY_BITMASK;
optargs2.readonly = readonly;
}
- if (iface) {
- optargs2.bitmask |= GUESTFS_ADD_LIBVIRT_DOM_IFACE_BITMASK;
- optargs2.iface = iface;
- }
if (live) {
error (g, _("libguestfs live support was removed in libguestfs 1.48"));
goto cleanup;
@@ -193,7 +186,6 @@ guestfs_impl_add_libvirt_dom (guestfs_h *g, void *domvp,
virDomainPtr dom = domvp;
ssize_t r;
int readonly;
- const char *iface;
const char *cachemode;
const char *discard;
bool copyonread;
@@ -208,9 +200,6 @@ guestfs_impl_add_libvirt_dom (guestfs_h *g, void *domvp,
readonly =
optargs->bitmask & GUESTFS_ADD_LIBVIRT_DOM_READONLY_BITMASK
? optargs->readonly : 0;
- iface =
- optargs->bitmask & GUESTFS_ADD_LIBVIRT_DOM_IFACE_BITMASK
- ? optargs->iface : NULL;
live =
optargs->bitmask & GUESTFS_ADD_LIBVIRT_DOM_LIVE_BITMASK
? optargs->live : 0;
@@ -289,10 +278,6 @@ guestfs_impl_add_libvirt_dom (guestfs_h *g, void *domvp,
data.optargs.bitmask = 0;
data.readonly = readonly;
data.readonlydisk = readonlydisk;
- if (iface) {
- data.optargs.bitmask |= GUESTFS_ADD_DRIVE_OPTS_IFACE_BITMASK;
- data.optargs.iface = iface;
- }
if (cachemode) {
data.optargs.bitmask |= GUESTFS_ADD_DRIVE_OPTS_CACHEMODE_BITMASK;
data.optargs.cachemode = cachemode;
--
2.31.1

606
SOURCES/0006-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch Normal file
View File

@ -0,0 +1,606 @@
From ab7e68dbeefe464734bd63a862a36f612f76d396 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Mon, 29 Jul 2013 14:47:56 +0100
Subject: [PATCH] RHEL: Disable unsupported remote drive protocols
(RHBZ#962113).
This disables support for unsupported remote drive protocols:
* ftp
* ftps
* http
* https
* tftp
* gluster
* iscsi
* sheepdog
* ssh
Note 'nbd' is not disabled, and of course 'file' works.
We hope to gradually add some of these back over the lifetime of RHEL.
---
docs/guestfs-testing.pod | 20 -----
fish/guestfish.pod | 66 ++--------------
fish/test-add-uri.sh | 32 --------
generator/actions_core.ml | 50 +------------
lib/drives.c | 8 ++
lib/guestfs.pod | 100 -------------------------
tests/disks/test-qemu-drive-libvirt.sh | 28 -------
tests/disks/test-qemu-drive.sh | 60 ---------------
8 files changed, 16 insertions(+), 348 deletions(-)
diff --git a/docs/guestfs-testing.pod b/docs/guestfs-testing.pod
index 47f381a7..c7b44928 100644
--- a/docs/guestfs-testing.pod
+++ b/docs/guestfs-testing.pod
@@ -109,26 +109,6 @@ image. To exit, type C<exit>.
If you get an error, try enabling debugging (add C<-v> to the command
line). Also make sure that L<libguestfs-test-tool(1)> succeeds.
-=head2 Try to open a remote guest image with guestfish.
-
-You may also have to disable libvirt by setting this:
-
- export LIBGUESTFS_BACKEND=direct
-
-If you have a disk image available over HTTP/FTP, try to open it.
-
- guestfish --ro -i --format=raw -a http://www.example.com/disk.img
-
-For SSH you will need to make sure that ssh-agent is set up so you
-don't need a password to log in to the remote machine. Then a command
-similar to this should work:
-
- guestfish --ro -i --format=raw \
- -a ssh://remote.example.com/path/to/disk.img
-
-If you get an error, try enabling debugging (add C<-v> to the command
-line). Also make sure that L<libguestfs-test-tool(1)> succeeds.
-
=head2 Run virt-alignment-scan on all your guests.
Run L<virt-alignment-scan(1)> on guests or disk images:
diff --git a/fish/guestfish.pod b/fish/guestfish.pod
index ccc0825b..d36cac9d 100644
--- a/fish/guestfish.pod
+++ b/fish/guestfish.pod
@@ -131,9 +131,9 @@ To list what is available do:
=head2 Remote drives
-Access a remote disk using ssh:
+Access a remote disk using NBD:
- guestfish -a ssh://example.com/path/to/disk.img
+ guestfish -a nbd://example.com
=head2 Remote control
@@ -1129,12 +1129,12 @@ L<guestfs(3)/REMOTE STORAGE>>.
On the command line, you can use the I<-a> option to add network
block devices using a URI-style format, for example:
- guestfish -a ssh://root@example.com/disk.img
+ guestfish -a nbd://example.com
URIs I<cannot> be used with the L</add> command. The equivalent
command using the API directly is:
- ><fs> add /disk.img protocol:ssh server:tcp:example.com username:root
+ ><fs> add /disk.img protocol:nbd server:tcp:example.com
The possible I<-a URI> formats are described below.
@@ -1144,40 +1144,6 @@ The possible I<-a URI> formats are described below.
Add the local disk image (or device) called F<disk.img>.
-=head2 B<-a ftp://[user@]example.com[:port]/disk.img>
-
-=head2 B<-a ftps://[user@]example.com[:port]/disk.img>
-
-=head2 B<-a http://[user@]example.com[:port]/disk.img>
-
-=head2 B<-a https://[user@]example.com[:port]/disk.img>
-
-=head2 B<-a tftp://[user@]example.com[:port]/disk.img>
-
-Add a disk located on a remote FTP, HTTP or TFTP server.
-
-The equivalent API command would be:
-
- ><fs> add /disk.img protocol:(ftp|...) server:tcp:example.com
-
-=head2 B<-a gluster://example.com[:port]/volname/image>
-
-Add a disk image located on GlusterFS storage.
-
-The server is the one running C<glusterd>, and may be C<localhost>.
-
-The equivalent API command would be:
-
- ><fs> add volname/image protocol:gluster server:tcp:example.com
-
-=head2 B<-a iscsi://example.com[:port]/target-iqn-name[/lun]>
-
-Add a disk located on an iSCSI server.
-
-The equivalent API command would be:
-
- ><fs> add target-iqn-name/lun protocol:iscsi server:tcp:example.com
-
=head2 B<-a nbd://example.com[:port]>
=head2 B<-a nbd://example.com[:port]/exportname>
@@ -1212,35 +1178,13 @@ The equivalent API command would be:
><fs> add pool/disk protocol:rbd server:tcp:example.com:port
-=head2 B<-a sheepdog://[example.com[:port]]/volume/image>
-
-Add a disk image located on a Sheepdog volume.
-
-The server name is optional. Although libguestfs and Sheepdog
-supports multiple servers, only at most one server can be specified
-when using this URI syntax.
-
-The equivalent API command would be:
-
- ><fs> add volume protocol:sheepdog [server:tcp:example.com]
-
-=head2 B<-a ssh://[user@]example.com[:port]/disk.img>
-
-Add a disk image located on a remote server, accessed using the Secure
-Shell (ssh) SFTP protocol. SFTP is supported out of the box by all
-major SSH servers.
-
-The equivalent API command would be:
-
- ><fs> add /disk protocol:ssh server:tcp:example.com [username:user]
-
Note that the URIs follow the syntax of
L<RFC 3986|https://tools.ietf.org/html/rfc3986>: in particular, there
are restrictions on the allowed characters for the various components
of the URI. Characters such as C<:>, C<@>, and C</> B<must> be
percent-encoded:
- $ guestfish -a ssh://user:pass%40word@example.com/disk.img
+ $ guestfish -a rbd://user:pass%40word@example.com[:port]/pool/disk
In this case, the password is C<pass@word>.
diff --git a/fish/test-add-uri.sh b/fish/test-add-uri.sh
index 21d42498..ddabeb63 100755
--- a/fish/test-add-uri.sh
+++ b/fish/test-add-uri.sh
@@ -40,14 +40,6 @@ function fail ()
$VG guestfish -x -a file://$abs_builddir/test-add-uri.img </dev/null >test-add-uri.out 2>&1
grep -sq 'add_drive ".*/test-add-uri.img"' test-add-uri.out || fail
-# curl
-$VG guestfish -x -a ftp://user@example.com/disk.img </dev/null >test-add-uri.out 2>&1
-grep -sq 'add_drive "/disk.img" "protocol:ftp" "server:tcp:example.com" "username:user"' test-add-uri.out || fail
-
-# gluster
-$VG guestfish -x -a gluster://example.com/disk </dev/null >test-add-uri.out 2>&1
-grep -sq 'add_drive "disk" "protocol:gluster" "server:tcp:example.com"' test-add-uri.out || fail
-
# NBD
$VG guestfish -x -a nbd://example.com </dev/null >test-add-uri.out 2>&1
grep -sq 'add_drive "" "protocol:nbd" "server:tcp:example.com"' test-add-uri.out || fail
@@ -67,29 +59,5 @@ grep -sq 'add_drive "pool/disk" "protocol:rbd" "server:tcp:example.com:6789"' te
$VG guestfish -x -a rbd:///pool/disk </dev/null >test-add-uri.out 2>&1
grep -sq 'add_drive "pool/disk" "protocol:rbd"' test-add-uri.out || fail
-# sheepdog
-$VG guestfish -x -a sheepdog:///volume/image </dev/null >test-add-uri.out 2>&1
-grep -sq 'add_drive "volume/image" "protocol:sheepdog"' test-add-uri.out || fail
-
-$VG guestfish -x -a sheepdog://example.com:3000/volume/image </dev/null >test-add-uri.out 2>&1
-grep -sq 'add_drive "volume/image" "protocol:sheepdog" "server:tcp:example.com:3000"' test-add-uri.out || fail
-
-# ssh
-$VG guestfish -x -a ssh://example.com/disk.img </dev/null >test-add-uri.out 2>&1
-grep -sq 'add_drive "/disk.img" "protocol:ssh" "server:tcp:example.com"' test-add-uri.out || fail
-
-$VG guestfish -x -a ssh://user@example.com/disk.img </dev/null >test-add-uri.out 2>&1
-grep -sq 'add_drive "/disk.img" "protocol:ssh" "server:tcp:example.com" "username:user"' test-add-uri.out || fail
-
-$VG guestfish -x -a ssh://user@example.com:2000/disk.img </dev/null >test-add-uri.out 2>&1
-grep -sq 'add_drive "/disk.img" "protocol:ssh" "server:tcp:example.com:2000" "username:user"' test-add-uri.out || fail
-
-# iSCSI
-$VG guestfish -x -a iscsi://example.com/iqn.2015-12.com.libguestfs:test1/0 </dev/null >test-add-uri.out 2>&1
-grep -sq 'add_drive "iqn.2015-12.com.libguestfs:test1/0" "protocol:iscsi" "server:tcp:example.com"' test-add-uri.out || fail
-
-$VG guestfish -x -a iscsi://user:password@example.com/iqn.2015-12.com.libguestfs:test2/0 </dev/null >test-add-uri.out 2>&1
-grep -sq 'add_drive "iqn.2015-12.com.libguestfs:test2/0" "protocol:iscsi" "server:tcp:example.com" "username:user" "secret:password"' test-add-uri.out || fail
-
rm test-add-uri.out
rm test-add-uri.img
diff --git a/generator/actions_core.ml b/generator/actions_core.ml
index c8d9949b..26c576c7 100644
--- a/generator/actions_core.ml
+++ b/generator/actions_core.ml
@@ -350,29 +350,6 @@ F<filename> is interpreted as a local file or device.
This is the default if the optional protocol parameter
is omitted.
-=item C<protocol = \"ftp\"|\"ftps\"|\"http\"|\"https\"|\"tftp\">
-
-Connect to a remote FTP, HTTP or TFTP server.
-The C<server> parameter must also be supplied - see below.
-
-See also: L<guestfs(3)/FTP, HTTP AND TFTP>
-
-=item C<protocol = \"gluster\">
-
-Connect to the GlusterFS server.
-The C<server> parameter must also be supplied - see below.
-
-See also: L<guestfs(3)/GLUSTER>
-
-=item C<protocol = \"iscsi\">
-
-Connect to the iSCSI server.
-The C<server> parameter must also be supplied - see below.
-The C<username> parameter may be supplied. See below.
-The C<secret> parameter may be supplied. See below.
-
-See also: L<guestfs(3)/ISCSI>.
-
=item C<protocol = \"nbd\">
Connect to the Network Block Device server.
@@ -389,22 +366,6 @@ The C<secret> parameter may be supplied. See below.
See also: L<guestfs(3)/CEPH>.
-=item C<protocol = \"sheepdog\">
-
-Connect to the Sheepdog server.
-The C<server> parameter may also be supplied - see below.
-
-See also: L<guestfs(3)/SHEEPDOG>.
-
-=item C<protocol = \"ssh\">
-
-Connect to the Secure Shell (ssh) server.
-
-The C<server> parameter must be supplied.
-The C<username> parameter may be supplied. See below.
-
-See also: L<guestfs(3)/SSH>.
-
=back
=item C<server>
@@ -415,13 +376,8 @@ is a list of server(s).
Protocol Number of servers required
-------- --------------------------
file List must be empty or param not used at all
- ftp|ftps|http|https|tftp Exactly one
- gluster Exactly one
- iscsi Exactly one
nbd Exactly one
rbd Zero or more
- sheepdog Zero or more
- ssh Exactly one
Each list element is a string specifying a server. The string must be
in one of the following formats:
@@ -437,10 +393,10 @@ for the protocol is used (see F</etc/services>).
=item C<username>
-For the C<ftp>, C<ftps>, C<http>, C<https>, C<iscsi>, C<rbd>, C<ssh>
-and C<tftp> protocols, this specifies the remote username.
+For the C<rbd>
+protocol, this specifies the remote username.
-If not given, then the local username is used for C<ssh>, and no authentication
+If not given, then no authentication
is attempted for ceph. But note this sometimes may give unexpected results, for
example if using the libvirt backend and if the libvirt backend is configured to
start the qemu appliance as a special user such as C<qemu.qemu>. If in doubt,
diff --git a/lib/drives.c b/lib/drives.c
index c5a20846..efb28925 100644
--- a/lib/drives.c
+++ b/lib/drives.c
@@ -166,6 +166,7 @@ create_drive_non_file (guestfs_h *g,
return drv;
}
+#if 0 /* DISABLED IN RHEL 8 */
static struct drive *
create_drive_curl (guestfs_h *g,
const struct drive_create_data *data)
@@ -224,6 +225,7 @@ create_drive_gluster (guestfs_h *g,
return create_drive_non_file (g, data);
}
+#endif /* DISABLED IN RHEL 8 */
static int
nbd_port (void)
@@ -292,6 +294,7 @@ create_drive_rbd (guestfs_h *g,
return create_drive_non_file (g, data);
}
+#if 0 /* DISABLED IN RHEL 8 */
static struct drive *
create_drive_sheepdog (guestfs_h *g,
const struct drive_create_data *data)
@@ -392,6 +395,7 @@ create_drive_iscsi (guestfs_h *g,
return create_drive_non_file (g, data);
}
+#endif /* DISABLED IN RHEL 8 */
/**
* Create the special F</dev/null> drive.
@@ -842,6 +846,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
drv = create_drive_file (g, &data);
}
}
+#if 0 /* DISABLED IN RHEL 8 */
else if (STREQ (protocol, "ftp")) {
data.protocol = drive_protocol_ftp;
drv = create_drive_curl (g, &data);
@@ -866,6 +871,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
data.protocol = drive_protocol_iscsi;
drv = create_drive_iscsi (g, &data);
}
+#endif /* DISABLED IN RHEL 8 */
else if (STREQ (protocol, "nbd")) {
data.protocol = drive_protocol_nbd;
drv = create_drive_nbd (g, &data);
@@ -874,6 +880,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
data.protocol = drive_protocol_rbd;
drv = create_drive_rbd (g, &data);
}
+#if 0 /* DISABLED IN RHEL 8 */
else if (STREQ (protocol, "sheepdog")) {
data.protocol = drive_protocol_sheepdog;
drv = create_drive_sheepdog (g, &data);
@@ -886,6 +893,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
data.protocol = drive_protocol_tftp;
drv = create_drive_curl (g, &data);
}
+#endif /* DISABLED IN RHEL 8 */
else {
error (g, _("unknown protocol %s"), protocol);
drv = NULL; /*FALLTHROUGH*/
diff --git a/lib/guestfs.pod b/lib/guestfs.pod
index c6c8cb16..866a4638 100644
--- a/lib/guestfs.pod
+++ b/lib/guestfs.pod
@@ -723,70 +723,6 @@ a qcow2 backing file specification, libvirt does not construct an
ephemeral secret object from those, for Ceph authentication. Refer to
L<https://bugzilla.redhat.com/2033247>.
-=head3 FTP, HTTP AND TFTP
-
-Libguestfs can access remote disks over FTP, FTPS, HTTP, HTTPS
-or TFTP protocols.
-
-To do this, set the optional C<protocol> and C<server> parameters of
-L</guestfs_add_drive_opts> like this:
-
- char **servers = { "www.example.org", NULL };
- guestfs_add_drive_opts (g, "/disk.img",
- GUESTFS_ADD_DRIVE_OPTS_FORMAT, "raw",
- GUESTFS_ADD_DRIVE_OPTS_PROTOCOL, "http",
- GUESTFS_ADD_DRIVE_OPTS_SERVER, servers,
- -1);
-
-The C<protocol> can be one of C<"ftp">, C<"ftps">, C<"http">,
-C<"https"> or C<"tftp">.
-
-C<servers> (the C<server> parameter) is a list which must have a
-single element. The single element is a string defining the web,
-FTP or TFTP server. The format of this string is documented in
-L</guestfs_add_drive_opts>.
-
-=head3 GLUSTER
-
-Libguestfs can access Gluster disks.
-
-To do this, set the optional C<protocol> and C<server> parameters of
-L</guestfs_add_drive_opts> like this:
-
- char **servers = { "gluster.example.org:24007", NULL };
- guestfs_add_drive_opts (g, "volname/image",
- GUESTFS_ADD_DRIVE_OPTS_FORMAT, "raw",
- GUESTFS_ADD_DRIVE_OPTS_PROTOCOL, "gluster",
- GUESTFS_ADD_DRIVE_OPTS_SERVER, servers,
- -1);
-
-C<servers> (the C<server> parameter) is a list which must have a
-single element. The single element is a string defining the Gluster
-server. The format of this string is documented in
-L</guestfs_add_drive_opts>.
-
-Note that gluster usually requires the client process (ie. libguestfs)
-to run as B<root> and will give unfathomable errors if it is not
-(eg. "No data available").
-
-=head3 ISCSI
-
-Libguestfs can access iSCSI disks remotely.
-
-To do this, set the optional C<protocol> and C<server> parameters like
-this:
-
- char **server = { "iscsi.example.org:3000", NULL };
- guestfs_add_drive_opts (g, "target-iqn-name/lun",
- GUESTFS_ADD_DRIVE_OPTS_FORMAT, "raw",
- GUESTFS_ADD_DRIVE_OPTS_PROTOCOL, "iscsi",
- GUESTFS_ADD_DRIVE_OPTS_SERVER, server,
- -1);
-
-The C<server> parameter is a list which must have a single element.
-The single element is a string defining the iSCSI server. The format
-of this string is documented in L</guestfs_add_drive_opts>.
-
=head3 NETWORK BLOCK DEVICE
Libguestfs can access Network Block Device (NBD) disks remotely.
@@ -849,42 +785,6 @@ L<https://bugs.launchpad.net/qemu/+bug/1155677>
=back
-=head3 SHEEPDOG
-
-Libguestfs can access Sheepdog disks.
-
-To do this, set the optional C<protocol> and C<server> parameters of
-L</guestfs_add_drive_opts> like this:
-
- char **servers = { /* optional servers ... */ NULL };
- guestfs_add_drive_opts (g, "volume",
- GUESTFS_ADD_DRIVE_OPTS_FORMAT, "raw",
- GUESTFS_ADD_DRIVE_OPTS_PROTOCOL, "sheepdog",
- GUESTFS_ADD_DRIVE_OPTS_SERVER, servers,
- -1);
-
-The optional list of C<servers> may be zero or more server addresses
-(C<"hostname:port">). The format of the server strings is documented
-in L</guestfs_add_drive_opts>.
-
-=head3 SSH
-
-Libguestfs can access disks over a Secure Shell (SSH) connection.
-
-To do this, set the C<protocol> and C<server> and (optionally)
-C<username> parameters of L</guestfs_add_drive_opts> like this:
-
- char **server = { "remote.example.com", NULL };
- guestfs_add_drive_opts (g, "/path/to/disk.img",
- GUESTFS_ADD_DRIVE_OPTS_FORMAT, "raw",
- GUESTFS_ADD_DRIVE_OPTS_PROTOCOL, "ssh",
- GUESTFS_ADD_DRIVE_OPTS_SERVER, server,
- GUESTFS_ADD_DRIVE_OPTS_USERNAME, "remoteuser",
- -1);
-
-The format of the server string is documented in
-L</guestfs_add_drive_opts>.
-
=head2 INSPECTION
Libguestfs has APIs for inspecting an unknown disk image to find out
diff --git a/tests/disks/test-qemu-drive-libvirt.sh b/tests/disks/test-qemu-drive-libvirt.sh
index d86a1ecd..cf7d2a0c 100755
--- a/tests/disks/test-qemu-drive-libvirt.sh
+++ b/tests/disks/test-qemu-drive-libvirt.sh
@@ -65,34 +65,6 @@ check_output
grep -sq -- '-drive file=rbd:abc-def/ghi-jkl:auth_supported=none,' "$DEBUG_QEMU_FILE" || fail ceph2
rm "$DEBUG_QEMU_FILE"
-# Gluster.
-
-$guestfish -d gluster run ||:
-check_output
-grep -sq -- '-drive file=gluster://1.2.3.4:1234/volname/image,' "$DEBUG_QEMU_FILE" || fail gluster
-rm "$DEBUG_QEMU_FILE"
-
-# iSCSI.
-
-$guestfish -d iscsi run ||:
-check_output
-grep -sq -- '-drive file=iscsi://1.2.3.4:1234/iqn.2003-01.org.linux-iscsi.fedora' "$DEBUG_QEMU_FILE" || fail iscsi
-rm "$DEBUG_QEMU_FILE"
-
-# NBD.
-
-$guestfish -d nbd run ||:
-check_output
-grep -sq -- '-drive file=nbd:1.2.3.4:1234,' "$DEBUG_QEMU_FILE" || fail nbd
-rm "$DEBUG_QEMU_FILE"
-
-# Sheepdog.
-
-$guestfish -d sheepdog run ||:
-check_output
-grep -sq -- '-drive file=sheepdog:volume,' "$DEBUG_QEMU_FILE" || fail sheepdog
-rm "$DEBUG_QEMU_FILE"
-
# Local, stored in a pool.
$guestfish -d pool1 run ||:
diff --git a/tests/disks/test-qemu-drive.sh b/tests/disks/test-qemu-drive.sh
index 12937fb3..b3e4f990 100755
--- a/tests/disks/test-qemu-drive.sh
+++ b/tests/disks/test-qemu-drive.sh
@@ -62,45 +62,6 @@ check_output
grep -sq -- '-drive file=rbd:abc-def/ghi-jkl:auth_supported=none,' "$DEBUG_QEMU_FILE" || fail
rm "$DEBUG_QEMU_FILE"
-# HTTP.
-
-guestfish <<EOF ||:
- add "/disk.img" "format:raw" "protocol:http" "server:www.example.com"
- run
-EOF
-check_output
-grep -sq -- '-drive file=http://www.example.com/disk.img,' "$DEBUG_QEMU_FILE" || fail
-rm "$DEBUG_QEMU_FILE"
-
-# Gluster.
-
-guestfish <<EOF ||:
- add "volname/image" "format:raw" "protocol:gluster" "server:www.example.com:24007"
- run
-EOF
-check_output
-grep -sq -- '-drive file=gluster://www.example.com:24007/volname/image,' "$DEBUG_QEMU_FILE" || fail
-rm "$DEBUG_QEMU_FILE"
-
-# iSCSI.
-
-guestfish <<EOF ||:
- add "target-iqn-name/lun" "format:raw" "protocol:iscsi" "server:www.example.com:3000"
- run
-EOF
-check_output
-grep -sq -- '-drive file=iscsi://www.example.com:3000/target-iqn-name/lun,' "$DEBUG_QEMU_FILE" || fail
-rm "$DEBUG_QEMU_FILE"
-
-guestfish <<EOF ||:
- add "target-iqn-name/lun" "format:raw" "protocol:iscsi" "server:www.example.com:3000" \
- "username:user" "secret:pass"
- run
-EOF
-check_output
-grep -sq -- '-drive file=iscsi://user%pass@www.example.com:3000/target-iqn-name/lun,' "$DEBUG_QEMU_FILE" || fail
-rm "$DEBUG_QEMU_FILE"
-
# NBD.
guestfish <<EOF ||:
@@ -118,24 +79,3 @@ EOF
check_output
grep -sq -- '-drive file=nbd:unix:/socket,' "$DEBUG_QEMU_FILE" || fail
rm "$DEBUG_QEMU_FILE"
-
-# Sheepdog.
-
-guestfish <<EOF ||:
- add "volume" "format:raw" "protocol:sheepdog"
- run
-EOF
-check_output
-grep -sq -- '-drive file=sheepdog:volume,' "$DEBUG_QEMU_FILE" || fail
-rm "$DEBUG_QEMU_FILE"
-
-# SSH.
-
-guestfish <<EOF ||:
- add "/disk.img" "format:raw" "protocol:ssh" "server:example.com" \
- "username:rich"
- run
-EOF
-check_output
-grep -sq -- '-drive file=ssh://rich@example.com/disk.img,' "$DEBUG_QEMU_FILE" || fail
-rm "$DEBUG_QEMU_FILE"

37
SOURCES/0006-build-Avoid-warnings-about-unknown-pragmas.patch
View File

@ -1,37 +0,0 @@
From dbd1eaab6a478cf0c3ea093a56b3d04c29278615 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 12 Jan 2021 10:23:11 +0000
Subject: [PATCH] build: Avoid warnings about unknown pragmas.
In commit 4bbbf03b8bc266ed2b63c461cd0945250bb134fe we started to
ignore bogus GCC 11 warnings. Unfortunately earlier versions of GCC
don't know about those pragmas so give warnings [hence errors in
developer builds] like:
tsk.c:75:32: error: unknown option after '#pragma GCC diagnostic' kind [-Werror=pragmas]
Turn off these warnings.
Updates: commit 4bbbf03b8bc266ed2b63c461cd0945250bb134fe
(cherry picked from commit 812f837c97f48ce0c26a0e02286fb9180c282923)
---
m4/guestfs-c.m4 | 3 +++
1 file changed, 3 insertions(+)
diff --git a/m4/guestfs-c.m4 b/m4/guestfs-c.m4
index 25ffea0d9..bbb4db464 100644
--- a/m4/guestfs-c.m4
+++ b/m4/guestfs-c.m4
@@ -108,6 +108,9 @@ gl_WARN_ADD([-Wformat-truncation=1])
dnl GCC 9 at level 2 gives apparently bogus errors when %.*s is used.
gl_WARN_ADD([-Wformat-overflow=1])
+dnl GCC < 11 gives warnings when disabling GCC 11 warnings.
+gl_WARN_ADD([-Wno-pragmas])
+
AC_SUBST([WARN_CFLAGS])
NO_SNV_CFLAGS=
--
2.31.1

82
SOURCES/0006-lib-rename-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch Normal file
View File

@ -0,0 +1,82 @@
From f408b24d8d8f5b5f4e1a25c1046c3a18107c8d80 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 4 May 2022 15:41:54 +0200
Subject: [PATCH] lib: rename VALID_FORMAT_IFACE to VALID_FORMAT
We no longer use VALID_FORMAT_IFACE for validating "iface"; rename the
macro to reflect that we only check "format" with it.
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1844341
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20220504134155.11832-4-lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit c8e3caf9e6000ea2f5cfbe30ffe1240317bb4578)
---
lib/drives.c | 4 ++--
lib/unit-tests.c | 16 ++++++++--------
2 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/lib/drives.c b/lib/drives.c
index 8fe46a41c..c5a208468 100644
--- a/lib/drives.c
+++ b/lib/drives.c
@@ -593,7 +593,7 @@ guestfs_int_free_drives (guestfs_h *g)
* Check string parameter matches regular expression
* C<^[-_[:alnum:]]+$> (in C locale).
*/
-#define VALID_FORMAT_IFACE(str) \
+#define VALID_FORMAT(str) \
guestfs_int_string_is_valid ((str), 1, 0, \
VALID_FLAG_ALPHA|VALID_FLAG_DIGIT, "-_")
@@ -790,7 +790,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
return -1;
}
- if (data.format && !VALID_FORMAT_IFACE (data.format)) {
+ if (data.format && !VALID_FORMAT (data.format)) {
error (g, _("%s parameter is empty or contains disallowed characters"),
"format");
free_drive_servers (data.servers, data.nr_servers);
diff --git a/lib/unit-tests.c b/lib/unit-tests.c
index 62457ccba..0e550cb98 100644
--- a/lib/unit-tests.c
+++ b/lib/unit-tests.c
@@ -434,7 +434,7 @@ test_stringsbuf (void)
}
/* Use the same macros as in lib/drives.c */
-#define VALID_FORMAT_IFACE(str) \
+#define VALID_FORMAT(str) \
guestfs_int_string_is_valid ((str), 1, 0, \
VALID_FLAG_ALPHA|VALID_FLAG_DIGIT, "-_")
#define VALID_DISK_LABEL(str) \
@@ -446,18 +446,18 @@ test_stringsbuf (void)
static void
test_valid (void)
{
- assert (!VALID_FORMAT_IFACE (""));
+ assert (!VALID_FORMAT (""));
assert (!VALID_DISK_LABEL (""));
assert (!VALID_HOSTNAME (""));
assert (!VALID_DISK_LABEL ("012345678901234567890"));
- assert (VALID_FORMAT_IFACE ("abc"));
- assert (VALID_FORMAT_IFACE ("ABC"));
- assert (VALID_FORMAT_IFACE ("abc123"));
- assert (VALID_FORMAT_IFACE ("abc123-"));
- assert (VALID_FORMAT_IFACE ("abc123_"));
- assert (!VALID_FORMAT_IFACE ("abc123."));
+ assert (VALID_FORMAT ("abc"));
+ assert (VALID_FORMAT ("ABC"));
+ assert (VALID_FORMAT ("abc123"));
+ assert (VALID_FORMAT ("abc123-"));
+ assert (VALID_FORMAT ("abc123_"));
+ assert (!VALID_FORMAT ("abc123."));
assert (VALID_DISK_LABEL ("abc"));
assert (VALID_DISK_LABEL ("ABC"));
--
2.31.1

66
SOURCES/0007-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch Normal file
View File

@ -0,0 +1,66 @@
From b74c6c8520773c2ef4a4d69b08b70e5ceeb06964 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 7 Jul 2015 09:28:03 -0400
Subject: [PATCH] RHEL: Reject use of libguestfs-winsupport features except for
virt-* tools (RHBZ#1240276).
Fix the tests: it doesn't let us use guestfish for arbitrary Windows
edits.
---
generator/c.ml | 16 ++++++++++++++++
test-data/phony-guests/make-windows-img.sh | 1 +
tests/charsets/test-charset-fidelity.c | 2 ++
3 files changed, 19 insertions(+)
diff --git a/generator/c.ml b/generator/c.ml
index 447059b8..0391dd3d 100644
--- a/generator/c.ml
+++ b/generator/c.ml
@@ -1846,6 +1846,22 @@ and generate_client_actions actions () =
check_args_validity c_name style;
trace_call name c_name style;
+ (* RHEL 8 *)
+ if name = "mount" || name = "mount_ro" || name = "mount_options" ||
+ name = "mount_vfs" then (
+ pr " if (g->program && !STRPREFIX (g->program, \"virt-\")) {\n";
+ pr " CLEANUP_FREE char *vfs_type = guestfs_vfs_type (g, mountable);\n";
+ pr " if (vfs_type && STREQ (vfs_type, \"ntfs\")) {\n";
+ pr " error (g, \"mount: unsupported filesystem type\");\n";
+ pr " if (trace_flag)\n";
+ pr " guestfs_int_trace (g, \"%%s = %%s (error)\",\n";
+ pr " \"%s\", \"-1\");\n" name;
+ pr " return %s;\n" (string_of_errcode errcode);
+ pr " }\n";
+ pr " }\n";
+ pr "\n";
+ );
+
(* Calculate the total size of all FileIn arguments to pass
* as a progress bar hint.
*)
diff --git a/test-data/phony-guests/make-windows-img.sh b/test-data/phony-guests/make-windows-img.sh
index 16debd12..1c13ddac 100755
--- a/test-data/phony-guests/make-windows-img.sh
+++ b/test-data/phony-guests/make-windows-img.sh
@@ -37,6 +37,7 @@ fi
# Create a disk image.
guestfish <<EOF
+set-program virt-testing
sparse windows.img-t 512M
run
diff --git a/tests/charsets/test-charset-fidelity.c b/tests/charsets/test-charset-fidelity.c
index 105291dc..5ca4f3b6 100644
--- a/tests/charsets/test-charset-fidelity.c
+++ b/tests/charsets/test-charset-fidelity.c
@@ -96,6 +96,8 @@ main (int argc, char *argv[])
if (g == NULL)
error (EXIT_FAILURE, 0, "failed to create handle");
+ guestfs_set_program (g, "virt-testing");
+
if (guestfs_add_drive_scratch (g, 1024*1024*1024, -1) == -1)
exit (EXIT_FAILURE);

94
SOURCES/0007-daemon-lvm-Use-lvcreate-yes-to-avoid-interactive-pro.patch
View File

@ -1,94 +0,0 @@
From 22416a2329ec531b9608c21b11ff3d53275fe7a0 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Mon, 22 Feb 2021 10:18:45 +0000
Subject: [PATCH] daemon: lvm: Use lvcreate --yes to avoid interactive prompts.
See https://bugzilla.redhat.com/show_bug.cgi?id=1930996#c1
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1930996
(cherry picked from commit 21cd97732c4973db835b8b6540c8ad582ebd2bda)
---
daemon/lvm.c | 2 +-
tests/regressions/Makefile.am | 2 ++
tests/regressions/rhbz1930996.sh | 36 ++++++++++++++++++++++++++++++++
3 files changed, 39 insertions(+), 1 deletion(-)
create mode 100755 tests/regressions/rhbz1930996.sh
diff --git a/daemon/lvm.c b/daemon/lvm.c
index 841dc4b6b..72c59c3a1 100644
--- a/daemon/lvm.c
+++ b/daemon/lvm.c
@@ -219,7 +219,7 @@ do_lvcreate (const char *logvol, const char *volgroup, int mbytes)
snprintf (size, sizeof size, "%d", mbytes);
r = command (NULL, &err,
- "lvm", "lvcreate",
+ "lvm", "lvcreate", "--yes",
"-L", size, "-n", logvol, volgroup, NULL);
if (r == -1) {
reply_with_error ("%s", err);
diff --git a/tests/regressions/Makefile.am b/tests/regressions/Makefile.am
index ecb0d68a7..c1e0ee8a9 100644
--- a/tests/regressions/Makefile.am
+++ b/tests/regressions/Makefile.am
@@ -49,6 +49,7 @@ EXTRA_DIST = \
rhbz1370424.sh \
rhbz1370424.xml \
rhbz1477623.sh \
+ rhbz1930996.sh \
test-noexec-stack.pl
TESTS = \
@@ -79,6 +80,7 @@ TESTS = \
rhbz1285847.sh \
rhbz1370424.sh \
rhbz1477623.sh \
+ rhbz1930996.sh \
test-big-heap \
test-noexec-stack.pl \
$(SLOW_TESTS)
diff --git a/tests/regressions/rhbz1930996.sh b/tests/regressions/rhbz1930996.sh
new file mode 100755
index 000000000..27089beaa
--- /dev/null
+++ b/tests/regressions/rhbz1930996.sh
@@ -0,0 +1,36 @@
+#!/bin/bash -
+# libguestfs
+# Copyright (C) 2017-2021 Red Hat Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+# Regression test for:
+# https://bugzilla.redhat.com/show_bug.cgi?id=1930996#c1
+#
+# Actually a bug/change in LVM, previously we failed to create an LV
+# if the underlying disk contained a filesystem signature.
+
+set -e
+
+$TEST_FUNCTIONS
+skip_if_skipped
+skip_unless_phony_guest fedora.img
+
+f=rhbz1930996.img
+rm -f $f
+
+guestfish -N $f=lvfs vgremove VG : vgcreate VG /dev/sda1 : lvcreate LV2 VG 100
+
+rm $f
--
2.31.1

74
SOURCES/0007-tests-regressions-remove-iface-based-restrictions.patch Normal file
View File

@ -0,0 +1,74 @@
From 431ca828e9f7d7a6c7e315b410f381304986ba44 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 4 May 2022 15:41:55 +0200
Subject: [PATCH] tests/regressions: remove "iface"-based restrictions
Now that "iface" is ignored by both backends, the regression tests for
RHBZ 690819 and 975797 can be enabled on all arches (regardless of
backend).
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1844341
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20220504134155.11832-5-lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit ddf276884c04418a32902689cf8fc3506be3ca4b)
---
tests/regressions/rhbz690819.sh | 10 +++-------
tests/regressions/rhbz975797.sh | 10 +++-------
2 files changed, 6 insertions(+), 14 deletions(-)
diff --git a/tests/regressions/rhbz690819.sh b/tests/regressions/rhbz690819.sh
index e6f61d00d..9e1bcda84 100755
--- a/tests/regressions/rhbz690819.sh
+++ b/tests/regressions/rhbz690819.sh
@@ -19,18 +19,14 @@
# https://bugzilla.redhat.com/show_bug.cgi?id=690819
# mkfs fails creating a filesytem on a disk device when using a disk
# with 'ide' interface
+#
+# The 'iface' parameter is now ignored:
+# https://bugzilla.redhat.com/show_bug.cgi?id=1844341
set -e
$TEST_FUNCTIONS
skip_if_skipped
-# These architectures don't support the 'ide' interface.
-skip_if_arch arm
-skip_if_arch aarch64
-skip_if_arch ppc64
-skip_if_arch ppc64le
-skip_if_arch s390x
-skip_if_backend libvirt
rm -f rhbz690819.img
diff --git a/tests/regressions/rhbz975797.sh b/tests/regressions/rhbz975797.sh
index c676abfa3..feecf1f2b 100755
--- a/tests/regressions/rhbz975797.sh
+++ b/tests/regressions/rhbz975797.sh
@@ -19,18 +19,14 @@
# Regression test for:
# https://bugzilla.redhat.com/show_bug.cgi?id=975797
# Ensure the appliance doesn't hang when using the 'iface' parameter.
+#
+# The 'iface' parameter is now ignored:
+# https://bugzilla.redhat.com/show_bug.cgi?id=1844341
set -e
$TEST_FUNCTIONS
skip_if_skipped
-# These architectures don't support the 'ide' interface.
-skip_if_arch arm
-skip_if_arch aarch64
-skip_if_arch ppc64
-skip_if_arch ppc64le
-skip_if_arch s390x
-skip_if_backend libvirt
rm -f rhbz975797-*.img
--
2.31.1

63
SOURCES/0008-Remove-virt-dib.patch Normal file
View File

@ -0,0 +1,63 @@
From e916ad54c31a725cbf08fb186756d9e968ff20b2 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 7 Feb 2023 13:20:36 +0000
Subject: [PATCH] Remove virt-dib
The tool only supports an older version of the diskimage-builder
metadata, and we do not have the time or inclination to update it to a
newer version.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1910039
(cherry picked from commit 7503eeebede688409b2adf616d71a94e04b7f0d2)
---
appliance/packagelist.in | 30 ------------------------------
1 file changed, 30 deletions(-)
diff --git a/appliance/packagelist.in b/appliance/packagelist.in
index 585d52ad..20b08c47 100644
--- a/appliance/packagelist.in
+++ b/appliance/packagelist.in
@@ -110,7 +110,6 @@ ifelse(ARCHLINUX,1,
dnl syslinux has mtools as optional dependency, but in reality it's
dnl a hard one:
mtools
- multipath-tools dnl for kpartx
nilfs-utils
ntfs-3g
ntfs-3g-system-compression
@@ -266,35 +265,6 @@ util-linux-ng
xfsprogs
zerofree
-dnl tools needed by virt-dib
-ifelse(REDHAT,1,
- qemu-img
- which
-)
-ifelse(DEBIAN,1,
- qemu-utils
-)
-ifelse(ARCHLINUX,1,
- qemu
- which
-)
-ifelse(SUSE,1,
- qemu-tools
- which
-)
-ifelse(FRUGALWARE,1,
- qemu
- which
-)
-ifelse(MAGEIA,1,
- qemu-img
- which
-)
-curl
-kpartx
-dnl (virt-dib) tools optionally used for elements
-debootstrap
-
dnl exFAT is not usually available in free software repos
exfat-fuse
exfat-utils

56
SOURCES/0008-generator-customize-invert-SELinux-relabeling-defaul.patch Normal file
View File

@ -0,0 +1,56 @@
From 8f800b369ada05ea690cebb0bb5e0fed0ba1c548 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Tue, 10 May 2022 12:27:57 +0200
Subject: [PATCH] generator/customize: invert SELinux relabeling default
Replace the "--selinux-relabel" option with "--no-selinux-relabel",
inverting the default behavior (for guests with SELinux support, that is
-- relabeling is always skipped for guests that don't support SELinux.)
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1554735
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2075718
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20220510102757.14466-3-lersek@redhat.com>
Acked-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 2f6a27f1077d32d1ab526427052fc88e188356f7)
---
generator/customize.ml | 19 +++++++++++--------
1 file changed, 11 insertions(+), 8 deletions(-)
diff --git a/generator/customize.ml b/generator/customize.ml
index 3b3eec6d2..9634dad85 100644
--- a/generator/customize.ml
+++ b/generator/customize.ml
@@ -564,18 +564,21 @@ to modify C</etc/sysconfig/authconfig> (Fedora, RHEL) or
C</etc/pam.d/common-password> (Debian, Ubuntu).";
};
- { flag_name = "selinux-relabel";
+ { flag_name = "no-selinux-relabel";
flag_type = FlagBool false (* XXX - the default in virt-builder *);
- flag_ml_var = "selinux_relabel";
- flag_shortdesc = "Relabel files with correct SELinux labels";
+ flag_ml_var = "no_selinux_relabel";
+ flag_shortdesc = "Do not relabel files with correct SELinux labels";
flag_pod_longdesc = "\
-Relabel files in the guest so that they have the correct SELinux label.
+Do not attempt to correct the SELinux labels of files in the guest.
-This will attempt to relabel files immediately, but if the operation fails
-this will instead touch F</.autorelabel> on the image to schedule a
-relabel operation for the next time the image boots.
+In such guests that support SELinux, customization automatically
+relabels files so that they have the correct SELinux label. (The
+relabeling is performed immediately, but if the operation fails,
+customization will instead touch F</.autorelabel> on the image to
+schedule a relabel operation for the next time the image boots.) This
+option disables the automatic relabeling.
-This option is a no-op for guests that do not support SELinux.";
+The option is a no-op for guests that do not support SELinux.";
};
{ flag_name = "sm-credentials";
--
2.31.1

113
SOURCES/0008-inspection-More-reliable-detection-of-Linux-split-us.patch
View File

@ -1,113 +0,0 @@
From e1b339688e5f8f2a14fe0c7e9d02ad68004e4655 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Thu, 15 Apr 2021 09:18:22 +0100
Subject: [PATCH] inspection: More reliable detection of Linux split /usr
configurations
In RHEL 8+, /usr/etc no longer exists. Since we were looking for this
directory in order to detect a separate /usr partition, those were no
longer detected, so the merging of /usr data into the root was not
being done. The result was incomplete inspection data and failure of
virt-v2v.
All Linux systems since forever have had /usr/src but not /src, so
detect this instead.
Furthermore the merging code didn't work, because we expected that the
root filesystem had a distro assigned, but in this configuration we
may need to look for that information in /usr/lib/os-release (not on
the root filesystem). This change makes the merging work even if we
have incomplete information about the root filesystem, so long as we
have an /etc/fstab entry pointing to the /usr mountpoint.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1949683
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1930133
Fixes: commit 394d11be49121884295e61964ed47f5a8488c252
(cherry picked from commit 26427b9ecc64e7e5e53a1d577cef9dc080d08877)
---
daemon/inspect.ml | 33 +++++++++++++++------------------
daemon/inspect_fs.ml | 6 +++---
2 files changed, 18 insertions(+), 21 deletions(-)
diff --git a/daemon/inspect.ml b/daemon/inspect.ml
index 945a476f6..fb75b4a6c 100644
--- a/daemon/inspect.ml
+++ b/daemon/inspect.ml
@@ -182,11 +182,9 @@ and check_for_duplicated_bsd_root fses =
and collect_linux_inspection_info fses =
List.map (
function
- | { role = RoleRoot { distro = Some d } } as root ->
- if d <> DISTRO_COREOS then
- collect_linux_inspection_info_for fses root
- else
- root
+ | { role = RoleRoot { distro = Some DISTRO_COREOS } } as root -> root
+ | { role = RoleRoot _ } as root ->
+ collect_linux_inspection_info_for fses root
| fs -> fs
) fses
@@ -196,29 +194,28 @@ and collect_linux_inspection_info fses =
* or other ways to identify the OS).
*)
and collect_linux_inspection_info_for fses root =
- let root_distro, root_fstab =
+ let root_fstab =
match root with
- | { role = RoleRoot { distro = Some d; fstab = f } } -> d, f
+ | { role = RoleRoot { fstab = f } } -> f
| _ -> assert false in
try
let usr =
List.find (
function
- | { role = RoleUsr { distro = d } }
- when d = Some root_distro || d = None -> true
+ | { role = RoleUsr _; fs_location = usr_mp } ->
+ (* This checks that this usr is found in the fstab of
+ * the root filesystem.
+ *)
+ List.exists (
+ fun (mountable, _) ->
+ usr_mp.mountable = mountable
+ ) root_fstab
| _ -> false
) fses in
- let usr_mountable = usr.fs_location.mountable in
-
- (* This checks that [usr] is found in the fstab of the root
- * filesystem. If not, [Not_found] is thrown.
- *)
- ignore (
- List.find (fun (mountable, _) -> usr_mountable = mountable) root_fstab
- );
-
+ eprintf "collect_linux_inspection_info_for: merging:\n%sinto:\n%s"
+ (string_of_fs usr) (string_of_fs root);
merge usr root;
root
with
diff --git a/daemon/inspect_fs.ml b/daemon/inspect_fs.ml
index 6e00c7083..02b5a0470 100644
--- a/daemon/inspect_fs.ml
+++ b/daemon/inspect_fs.ml
@@ -164,10 +164,10 @@ and check_filesystem mountable =
()
)
(* Linux /usr? *)
- else if Is.is_dir "/etc" &&
- Is.is_dir "/bin" &&
- Is.is_dir "/share" &&
+ else if Is.is_dir "/bin" &&
Is.is_dir "/local" &&
+ Is.is_dir "/share" &&
+ Is.is_dir "/src" &&
not (Is.is_file "/etc/fstab") then (
debug_matching "Linux /usr";
role := `Usr;
--
2.31.1

42
SOURCES/0009-generator-customize-reintroduce-selinux-relabel-as-a.patch Normal file
View File

@ -0,0 +1,42 @@
From 4cfba19fa2b087c4b2c5a1b67aa70eb16e9d5a59 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 25 May 2022 09:19:58 +0200
Subject: [PATCH] generator/customize: reintroduce "--selinux-relabel" as a
compat option
Removing "--selinux-relabel" in commit 2f6a27f1077d ("generator/customize:
invert SELinux relabeling default", 2022-05-11) breaks existing scripts
that invoke virt-customize and/or virt-sysprep with that option. Restore
the option, with no functionality tied to it.
Fixes: 2f6a27f1077d32d1ab526427052fc88e188356f7
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2089748
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20220525071958.9612-1-lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 4b9ee1052a4396621485fdd56d6826714e7481b1)
---
generator/customize.ml | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/generator/customize.ml b/generator/customize.ml
index 9634dad85..5abaf206f 100644
--- a/generator/customize.ml
+++ b/generator/customize.ml
@@ -581,6 +581,13 @@ option disables the automatic relabeling.
The option is a no-op for guests that do not support SELinux.";
};
+ { flag_name = "selinux-relabel";
+ flag_type = FlagBool false;
+ flag_ml_var = "selinux_relabel_ignored";
+ flag_shortdesc = "Compatibility option doing nothing";
+ flag_pod_longdesc = "This is a compatibility option that does nothing.";
+ };
+
{ flag_name = "sm-credentials";
flag_type = FlagSMCredentials "SELECTOR";
flag_ml_var = "sm_credentials";
--
2.31.1

49
SOURCES/0009-lib-Autodetect-backing-format-for-qemu-img-create-b.patch
View File

@ -1,49 +0,0 @@
From 791a16b049ea1ce2c450acd367fce774d9aab5b1 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 31 Aug 2021 08:27:15 +0100
Subject: [PATCH] lib: Autodetect backing format for qemu-img create -b
qemu 6.1 has decided to change qemu-img create so that a backing
format (-F) is required if a backing file (-b) is specified. Since we
don't want to change the libguestfs API to force callers to specify
this because that would be an API break, autodetect it.
This is similar to commit c8c181e8d9 ("launch: libvirt: Autodetect
backing format for readonly drive overlays").
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1998820
(cherry picked from commit 45de287447bb18d59749fbfc1ec5072413090109)
---
lib/create.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/lib/create.c b/lib/create.c
index 44a7df25f..75a4d3a28 100644
--- a/lib/create.c
+++ b/lib/create.c
@@ -255,6 +255,7 @@ disk_create_qcow2 (guestfs_h *g, const char *filename, int64_t size,
const struct guestfs_disk_create_argv *optargs)
{
const char *backingformat = NULL;
+ CLEANUP_FREE char *backingformat_free = NULL;
const char *preallocation = NULL;
const char *compat = NULL;
int clustersize = -1;
@@ -270,6 +271,14 @@ disk_create_qcow2 (guestfs_h *g, const char *filename, int64_t size,
return -1;
}
}
+ else if (backingfile) {
+ /* Since qemu 6.1, qemu-img create has requires a backing format (-F)
+ * parameter if backing file (-b) is used (RHBZ#1998820).
+ */
+ backingformat = backingformat_free = guestfs_disk_format (g, backingfile);
+ if (!backingformat)
+ return -1;
+ }
if (optargs->bitmask & GUESTFS_DISK_CREATE_PREALLOCATION_BITMASK) {
if (STREQ (optargs->preallocation, "off") ||
STREQ (optargs->preallocation, "sparse"))
--
2.31.1

32
SOURCES/0009-lib-Choose-q35-machine-type-for-x86-64.patch Normal file
View File

@ -0,0 +1,32 @@
From e712c4b81cbd2cf0e990d01cb4d1f54734e62de6 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Thu, 9 Feb 2023 13:38:50 +0000
Subject: [PATCH] lib: Choose q35 machine type for x86-64
This machine type is more modern than the older 'pc' type and as most
qemu development is now focused there we expect it will perform and
behave better. In almost all respects this change should make no
difference.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2168578
Acked-by: Laszlo Ersek <lersek@redhat.com>
See-also: https://listman.redhat.com/archives/libguestfs/2023-February/030645.html
(cherry picked from commit f0f8e6c5fe0c3f6d5d90534d263bded3a4dc7e8d)
---
lib/guestfs-internal.h | 3 +++
1 file changed, 3 insertions(+)
diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h
index 306f2a2e..fb55e026 100644
--- a/lib/guestfs-internal.h
+++ b/lib/guestfs-internal.h
@@ -113,6 +113,9 @@ cleanup_mutex_unlock (pthread_mutex_t **ptr)
#define MAX_WINDOWS_EXPLORER_SIZE (4 * 1000 * 1000)
/* Machine types. */
+#if defined(__x86_64__)
+#define MACHINE_TYPE "q35"
+#endif
#ifdef __arm__
#define MACHINE_TYPE "virt"
#endif

58
SOURCES/0003-RHEL-8-Disable-unsupported-remote-drive-protocols-RH.patch → SOURCES/0010-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch
View File

@ -1,7 +1,7 @@
From 4dd2f3f56a39411a255ad0a8f38081d46620dbd8 Mon Sep 17 00:00:00 2001 From 010cd5ff441166c01125fc588398a1fb8367a852 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com> From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Mon, 29 Jul 2013 14:47:56 +0100 Date: Mon, 29 Jul 2013 14:47:56 +0100
Subject: [PATCH] RHEL 8: Disable unsupported remote drive protocols Subject: [PATCH] RHEL: Disable unsupported remote drive protocols
(RHBZ#962113). (RHBZ#962113).
This disables support for unsupported remote drive protocols: This disables support for unsupported remote drive protocols:
@ -18,7 +18,7 @@ This disables support for unsupported remote drive protocols:
Note 'nbd' is not disabled, and of course 'file' works. Note 'nbd' is not disabled, and of course 'file' works.
We hope to gradually add some of these back over the lifetime of RHEL 8. We hope to gradually add some of these back over the lifetime of RHEL.
--- ---
docs/guestfs-testing.pod | 20 ----- docs/guestfs-testing.pod | 20 -----
fish/guestfish.pod | 66 ++-------------- fish/guestfish.pod | 66 ++--------------
@ -62,7 +62,7 @@ index f558964bf..8f264ed17 100644
Run L<virt-alignment-scan(1)> on guests or disk images: Run L<virt-alignment-scan(1)> on guests or disk images:
diff --git a/fish/guestfish.pod b/fish/guestfish.pod diff --git a/fish/guestfish.pod b/fish/guestfish.pod
index 9f086f110..bb4167b06 100644 index ae2445571..46cba64ff 100644
--- a/fish/guestfish.pod --- a/fish/guestfish.pod
+++ b/fish/guestfish.pod +++ b/fish/guestfish.pod
@@ -131,9 +131,9 @@ To list what is available do: @@ -131,9 +131,9 @@ To list what is available do:
@ -77,7 +77,7 @@ index 9f086f110..bb4167b06 100644
=head2 Remote control =head2 Remote control
@@ -1134,12 +1134,12 @@ L<guestfs(3)/REMOTE STORAGE>>. @@ -1129,12 +1129,12 @@ L<guestfs(3)/REMOTE STORAGE>>.
On the command line, you can use the I<-a> option to add network On the command line, you can use the I<-a> option to add network
block devices using a URI-style format, for example: block devices using a URI-style format, for example:
@ -92,7 +92,7 @@ index 9f086f110..bb4167b06 100644
The possible I<-a URI> formats are described below. The possible I<-a URI> formats are described below.
@@ -1149,40 +1149,6 @@ The possible I<-a URI> formats are described below. @@ -1144,40 +1144,6 @@ The possible I<-a URI> formats are described below.
Add the local disk image (or device) called F<disk.img>. Add the local disk image (or device) called F<disk.img>.
@ -133,7 +133,7 @@ index 9f086f110..bb4167b06 100644
=head2 B<-a nbd://example.com[:port]> =head2 B<-a nbd://example.com[:port]>
=head2 B<-a nbd://example.com[:port]/exportname> =head2 B<-a nbd://example.com[:port]/exportname>
@@ -1217,35 +1183,13 @@ The equivalent API command would be: @@ -1212,35 +1178,13 @@ The equivalent API command would be:
><fs> add pool/disk protocol:rbd server:tcp:example.com:port ><fs> add pool/disk protocol:rbd server:tcp:example.com:port
@ -220,10 +220,10 @@ index 21d424984..ddabeb639 100755
rm test-add-uri.out rm test-add-uri.out
rm test-add-uri.img rm test-add-uri.img
diff --git a/generator/actions_core.ml b/generator/actions_core.ml diff --git a/generator/actions_core.ml b/generator/actions_core.ml
index 37476c93e..9f0402510 100644 index 807150615..6cd42a290 100644
--- a/generator/actions_core.ml --- a/generator/actions_core.ml
+++ b/generator/actions_core.ml +++ b/generator/actions_core.ml
@@ -297,29 +297,6 @@ F<filename> is interpreted as a local file or device. @@ -350,29 +350,6 @@ F<filename> is interpreted as a local file or device.
This is the default if the optional protocol parameter This is the default if the optional protocol parameter
is omitted. is omitted.
@ -253,7 +253,7 @@ index 37476c93e..9f0402510 100644
=item C<protocol = \"nbd\"> =item C<protocol = \"nbd\">
Connect to the Network Block Device server. Connect to the Network Block Device server.
@@ -336,22 +313,6 @@ The C<secret> parameter may be supplied. See below. @@ -389,22 +366,6 @@ The C<secret> parameter may be supplied. See below.
See also: L<guestfs(3)/CEPH>. See also: L<guestfs(3)/CEPH>.
@ -276,7 +276,7 @@ index 37476c93e..9f0402510 100644
=back =back
=item C<server> =item C<server>
@@ -362,13 +323,8 @@ is a list of server(s). @@ -415,13 +376,8 @@ is a list of server(s).
Protocol Number of servers required Protocol Number of servers required
-------- -------------------------- -------- --------------------------
file List must be empty or param not used at all file List must be empty or param not used at all
@ -290,7 +290,7 @@ index 37476c93e..9f0402510 100644
Each list element is a string specifying a server. The string must be Each list element is a string specifying a server. The string must be
in one of the following formats: in one of the following formats:
@@ -384,10 +340,10 @@ for the protocol is used (see F</etc/services>). @@ -437,10 +393,10 @@ for the protocol is used (see F</etc/services>).
=item C<username> =item C<username>
@ -305,10 +305,10 @@ index 37476c93e..9f0402510 100644
example if using the libvirt backend and if the libvirt backend is configured to example if using the libvirt backend and if the libvirt backend is configured to
start the qemu appliance as a special user such as C<qemu.qemu>. If in doubt, start the qemu appliance as a special user such as C<qemu.qemu>. If in doubt,
diff --git a/lib/drives.c b/lib/drives.c diff --git a/lib/drives.c b/lib/drives.c
index 46af66db4..c81ded5d7 100644 index c5a208468..efb289254 100644
--- a/lib/drives.c --- a/lib/drives.c
+++ b/lib/drives.c +++ b/lib/drives.c
@@ -168,6 +168,7 @@ create_drive_non_file (guestfs_h *g, @@ -166,6 +166,7 @@ create_drive_non_file (guestfs_h *g,
return drv; return drv;
} }
@ -316,7 +316,7 @@ index 46af66db4..c81ded5d7 100644
static struct drive * static struct drive *
create_drive_curl (guestfs_h *g, create_drive_curl (guestfs_h *g,
const struct drive_create_data *data) const struct drive_create_data *data)
@@ -226,6 +227,7 @@ create_drive_gluster (guestfs_h *g, @@ -224,6 +225,7 @@ create_drive_gluster (guestfs_h *g,
return create_drive_non_file (g, data); return create_drive_non_file (g, data);
} }
@ -324,7 +324,7 @@ index 46af66db4..c81ded5d7 100644
static int static int
nbd_port (void) nbd_port (void)
@@ -294,6 +296,7 @@ create_drive_rbd (guestfs_h *g, @@ -292,6 +294,7 @@ create_drive_rbd (guestfs_h *g,
return create_drive_non_file (g, data); return create_drive_non_file (g, data);
} }
@ -332,7 +332,7 @@ index 46af66db4..c81ded5d7 100644
static struct drive * static struct drive *
create_drive_sheepdog (guestfs_h *g, create_drive_sheepdog (guestfs_h *g,
const struct drive_create_data *data) const struct drive_create_data *data)
@@ -394,6 +397,7 @@ create_drive_iscsi (guestfs_h *g, @@ -392,6 +395,7 @@ create_drive_iscsi (guestfs_h *g,
return create_drive_non_file (g, data); return create_drive_non_file (g, data);
} }
@ -340,7 +340,7 @@ index 46af66db4..c81ded5d7 100644
/** /**
* Create the special F</dev/null> drive. * Create the special F</dev/null> drive.
@@ -856,6 +860,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, @@ -842,6 +846,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
drv = create_drive_file (g, &data); drv = create_drive_file (g, &data);
} }
} }
@ -348,7 +348,7 @@ index 46af66db4..c81ded5d7 100644
else if (STREQ (protocol, "ftp")) { else if (STREQ (protocol, "ftp")) {
data.protocol = drive_protocol_ftp; data.protocol = drive_protocol_ftp;
drv = create_drive_curl (g, &data); drv = create_drive_curl (g, &data);
@@ -880,6 +885,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, @@ -866,6 +871,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
data.protocol = drive_protocol_iscsi; data.protocol = drive_protocol_iscsi;
drv = create_drive_iscsi (g, &data); drv = create_drive_iscsi (g, &data);
} }
@ -356,7 +356,7 @@ index 46af66db4..c81ded5d7 100644
else if (STREQ (protocol, "nbd")) { else if (STREQ (protocol, "nbd")) {
data.protocol = drive_protocol_nbd; data.protocol = drive_protocol_nbd;
drv = create_drive_nbd (g, &data); drv = create_drive_nbd (g, &data);
@@ -888,6 +894,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, @@ -874,6 +880,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
data.protocol = drive_protocol_rbd; data.protocol = drive_protocol_rbd;
drv = create_drive_rbd (g, &data); drv = create_drive_rbd (g, &data);
} }
@ -364,7 +364,7 @@ index 46af66db4..c81ded5d7 100644
else if (STREQ (protocol, "sheepdog")) { else if (STREQ (protocol, "sheepdog")) {
data.protocol = drive_protocol_sheepdog; data.protocol = drive_protocol_sheepdog;
drv = create_drive_sheepdog (g, &data); drv = create_drive_sheepdog (g, &data);
@@ -900,6 +907,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, @@ -886,6 +893,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
data.protocol = drive_protocol_tftp; data.protocol = drive_protocol_tftp;
drv = create_drive_curl (g, &data); drv = create_drive_curl (g, &data);
} }
@ -373,12 +373,12 @@ index 46af66db4..c81ded5d7 100644
error (g, _("unknown protocol %s"), protocol); error (g, _("unknown protocol %s"), protocol);
drv = NULL; /*FALLTHROUGH*/ drv = NULL; /*FALLTHROUGH*/
diff --git a/lib/guestfs.pod b/lib/guestfs.pod diff --git a/lib/guestfs.pod b/lib/guestfs.pod
index bce9eb79f..2bb13b875 100644 index 1ad44e7c2..946ce2d36 100644
--- a/lib/guestfs.pod --- a/lib/guestfs.pod
+++ b/lib/guestfs.pod +++ b/lib/guestfs.pod
@@ -715,70 +715,6 @@ servers. The server string is documented in @@ -712,70 +712,6 @@ a qcow2 backing file specification, libvirt does not construct an
L</guestfs_add_drive_opts>. The C<username> and C<secret> parameters are ephemeral secret object from those, for Ceph authentication. Refer to
also optional, and if not given, then no authentication will be used. L<https://bugzilla.redhat.com/2033247>.
-=head3 FTP, HTTP AND TFTP -=head3 FTP, HTTP AND TFTP
- -
@ -447,7 +447,7 @@ index bce9eb79f..2bb13b875 100644
=head3 NETWORK BLOCK DEVICE =head3 NETWORK BLOCK DEVICE
Libguestfs can access Network Block Device (NBD) disks remotely. Libguestfs can access Network Block Device (NBD) disks remotely.
@@ -841,42 +777,6 @@ L<https://bugs.launchpad.net/qemu/+bug/1155677> @@ -838,42 +774,6 @@ L<https://bugs.launchpad.net/qemu/+bug/1155677>
=back =back
@ -491,10 +491,10 @@ index bce9eb79f..2bb13b875 100644
Libguestfs has APIs for inspecting an unknown disk image to find out Libguestfs has APIs for inspecting an unknown disk image to find out
diff --git a/tests/disks/test-qemu-drive-libvirt.sh b/tests/disks/test-qemu-drive-libvirt.sh diff --git a/tests/disks/test-qemu-drive-libvirt.sh b/tests/disks/test-qemu-drive-libvirt.sh
index 3c5aa592e..f73827bd6 100755 index 595a95a5e..b49534c94 100755
--- a/tests/disks/test-qemu-drive-libvirt.sh --- a/tests/disks/test-qemu-drive-libvirt.sh
+++ b/tests/disks/test-qemu-drive-libvirt.sh +++ b/tests/disks/test-qemu-drive-libvirt.sh
@@ -64,34 +64,6 @@ check_output @@ -65,34 +65,6 @@ check_output
grep -sq -- '-drive file=rbd:abc-def/ghi-jkl:auth_supported=none,' "$DEBUG_QEMU_FILE" || fail ceph2 grep -sq -- '-drive file=rbd:abc-def/ghi-jkl:auth_supported=none,' "$DEBUG_QEMU_FILE" || fail ceph2
rm "$DEBUG_QEMU_FILE" rm "$DEBUG_QEMU_FILE"
@ -530,7 +530,7 @@ index 3c5aa592e..f73827bd6 100755
$guestfish -d pool1 run ||: $guestfish -d pool1 run ||:
diff --git a/tests/disks/test-qemu-drive.sh b/tests/disks/test-qemu-drive.sh diff --git a/tests/disks/test-qemu-drive.sh b/tests/disks/test-qemu-drive.sh
index 19dd60a2f..583e031bd 100755 index 12937fb30..b3e4f9903 100755
--- a/tests/disks/test-qemu-drive.sh --- a/tests/disks/test-qemu-drive.sh
+++ b/tests/disks/test-qemu-drive.sh +++ b/tests/disks/test-qemu-drive.sh
@@ -62,45 +62,6 @@ check_output @@ -62,45 +62,6 @@ check_output

1686
SOURCES/0010-RHEL-Revert-build-Remove-bundled-copy-of-ocaml-augea.patch Normal file
View File

File diff suppressed because it is too large Load Diff

44
SOURCES/0010-daemon-chroot-Fix-long-standing-possible-deadlock.patch
View File

@ -1,44 +0,0 @@
From 3435938f43ca3737ec1d73da4d8cad756b5c9508 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Fri, 26 Mar 2021 16:04:43 +0000
Subject: [PATCH] daemon: chroot: Fix long-standing possible deadlock.
The child (chrooted) process wrote its answer on the pipe and then
exited. Meanwhile the parent waiting for the child to exit before
reading from the pipe. Thus if the output was larger than a Linux
pipebuffer then the whole thing would deadlock.
(cherry picked from commit 94e64b28bee3b8dc7ed354a366d6a8f7ba5f245c)
---
daemon/chroot.ml | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/daemon/chroot.ml b/daemon/chroot.ml
index 5e856c91f..7da8ae29e 100644
--- a/daemon/chroot.ml
+++ b/daemon/chroot.ml
@@ -62,6 +62,10 @@ let f t func arg =
(* Parent. *)
close wfd;
+ let chan = in_channel_of_descr rfd in
+ let ret = input_value chan in
+ close_in chan;
+
let _, status = waitpid [] pid in
(match status with
| WEXITED 0 -> ()
@@ -76,10 +80,6 @@ let f t func arg =
failwithf "chroot %s stopped by signal %d" t.name i
);
- let chan = in_channel_of_descr rfd in
- let ret = input_value chan in
- close_in chan;
-
match ret with
| Either ret -> ret
| Or exn -> raise exn
--
2.31.1

12
SOURCES/0005-RHEL-8-Reject-use-of-libguestfs-winsupport-features-.patch → SOURCES/0011-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch
View File

@ -1,8 +1,8 @@
From cb2ac63562447e2780bd7103ed060fd6013b9054 Mon Sep 17 00:00:00 2001 From d59942a7a3d1ca2248a94099d28f7555378d7993 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com> From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 7 Jul 2015 09:28:03 -0400 Date: Tue, 7 Jul 2015 09:28:03 -0400
Subject: [PATCH] RHEL 8: Reject use of libguestfs-winsupport features except Subject: [PATCH] RHEL: Reject use of libguestfs-winsupport features except for
for virt-* tools (RHBZ#1240276). virt-* tools (RHBZ#1240276).
Fix the tests: it doesn't let us use guestfish for arbitrary Windows Fix the tests: it doesn't let us use guestfish for arbitrary Windows
edits. edits.
@ -13,7 +13,7 @@ edits.
3 files changed, 19 insertions(+) 3 files changed, 19 insertions(+)
diff --git a/generator/c.ml b/generator/c.ml diff --git a/generator/c.ml b/generator/c.ml
index 86d3b26f8..a625361a9 100644 index ea69abf76..56ee38aa4 100644
--- a/generator/c.ml --- a/generator/c.ml
+++ b/generator/c.ml +++ b/generator/c.ml
@@ -1846,6 +1846,22 @@ and generate_client_actions actions () = @@ -1846,6 +1846,22 @@ and generate_client_actions actions () =
@ -52,10 +52,10 @@ index 30908a918..73cf5144e 100755
run run
diff --git a/tests/charsets/test-charset-fidelity.c b/tests/charsets/test-charset-fidelity.c diff --git a/tests/charsets/test-charset-fidelity.c b/tests/charsets/test-charset-fidelity.c
index 39ccc2068..2b2e2d8a9 100644 index 105291dc3..5ca4f3b6d 100644
--- a/tests/charsets/test-charset-fidelity.c --- a/tests/charsets/test-charset-fidelity.c
+++ b/tests/charsets/test-charset-fidelity.c +++ b/tests/charsets/test-charset-fidelity.c
@@ -94,6 +94,8 @@ main (int argc, char *argv[]) @@ -96,6 +96,8 @@ main (int argc, char *argv[])
if (g == NULL) if (g == NULL)
error (EXIT_FAILURE, 0, "failed to create handle"); error (EXIT_FAILURE, 0, "failed to create handle");

1064
SOURCES/0011-inspection-Fix-inspection-of-recent-RPM-guests-using.patch
View File

File diff suppressed because it is too large Load Diff

160
SOURCES/0011-update-common-submodule.patch Normal file
View File

@ -0,0 +1,160 @@
From 194a48aef32367c45c555a4d93fb1a3375b0dead Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Fri, 19 May 2023 16:08:47 +0200
Subject: [PATCH] update common submodule
Laszlo Ersek (2):
options/keys: key_store_import_key(): un-constify "key" parameter
options/keys: introduce unescape_device_mapper_lvm()
Richard W.M. Jones (1):
mlcustomize/SELinux_relabel.ml: Use Array.mem
Roman Kagan (1):
mlcustomize: skip SELinux relabeling if it's disabled
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2168506
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20230519140849.310774-2-lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 83afd6d3d2c82ee3a8f22079ba12ef7eac38ac34)
---
common | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Submodule common 70c10a07..b636c3f2:
diff --git a/common/options/options.h b/common/options/options.h
index 94573ee0..94e8b9ee 100644
--- a/common/options/options.h
+++ b/common/options/options.h
@@ -169,7 +169,8 @@ extern struct matching_key *get_keys (struct key_store *ks, const char *device,
const char *uuid, size_t *nr_matches);
extern void free_keys (struct matching_key *keys, size_t nr_matches);
extern struct key_store *key_store_add_from_selector (struct key_store *ks, const char *selector);
-extern struct key_store *key_store_import_key (struct key_store *ks, const struct key_store_key *key);
+extern struct key_store *key_store_import_key (struct key_store *ks,
+ struct key_store_key *key);
extern bool key_store_requires_network (const struct key_store *ks);
extern void free_key_store (struct key_store *ks);
diff --git a/common/options/keys.c b/common/options/keys.c
index 48f1bc7c..52b27369 100644
--- a/common/options/keys.c
+++ b/common/options/keys.c
@@ -260,8 +260,107 @@ key_store_add_from_selector (struct key_store *ks, const char *selector)
return key_store_import_key (ks, &key);
}
+/* Turn /dev/mapper/VG-LV into /dev/VG/LV, in-place. */
+static void
+unescape_device_mapper_lvm (char *id)
+{
+ static const char dev[] = "/dev/", dev_mapper[] = "/dev/mapper/";
+ const char *input_start;
+ char *output;
+ enum { M_SCAN, M_FILL, M_DONE } mode;
+
+ if (!STRPREFIX (id, dev_mapper))
+ return;
+
+ /* Start parsing "VG-LV" from "id" after "/dev/mapper/". */
+ input_start = id + (sizeof dev_mapper - 1);
+
+ /* Start writing the unescaped "VG/LV" output after "/dev/". */
+ output = id + (sizeof dev - 1);
+
+ for (mode = M_SCAN; mode < M_DONE; ++mode) {
+ char c;
+ const char *input = input_start;
+ const char *hyphen_buffered = NULL;
+ bool single_hyphen_seen = false;
+
+ do {
+ c = *input;
+
+ switch (c) {
+ case '-':
+ if (hyphen_buffered == NULL)
+ /* This hyphen may start an escaped hyphen, or it could be the
+ * separator in VG-LV.
+ */
+ hyphen_buffered = input;
+ else {
+ /* This hyphen completes an escaped hyphen; unescape it. */
+ if (mode == M_FILL)
+ *output++ = '-';
+ hyphen_buffered = NULL;
+ }
+ break;
+
+ case '/':
+ /* Slash characters are forbidden in VG-LV anywhere. If there's any,
+ * we'll find it in the first (i.e., scanning) phase, before we output
+ * anything back to "id".
+ */
+ assert (mode == M_SCAN);
+ return;
+
+ default:
+ /* Encountered a non-slash, non-hyphen character -- which also may be
+ * the terminating NUL.
+ */
+ if (hyphen_buffered != NULL) {
+ /* The non-hyphen character comes after a buffered hyphen, so the
+ * buffered hyphen is supposed to be the single hyphen that separates
+ * VG from LV in VG-LV. There are three requirements for this
+ * separator: (a) it must be unique (we must not have seen another
+ * such separator earlier), (b) it must not be at the start of VG-LV
+ * (because VG would be empty that way), (c) it must not be at the end
+ * of VG-LV (because LV would be empty that way). Should any of these
+ * be violated, we'll catch that during the first (i.e., scanning)
+ * phase, before modifying "id".
+ */
+ if (single_hyphen_seen || hyphen_buffered == input_start ||
+ c == '\0') {
+ assert (mode == M_SCAN);
+ return;
+ }
+
+ /* Translate the separator hyphen to a slash character. */
+ if (mode == M_FILL)
+ *output++ = '/';
+ hyphen_buffered = NULL;
+ single_hyphen_seen = true;
+ }
+
+ /* Output the non-hyphen character (including the terminating NUL)
+ * regardless of whether there was a buffered hyphen separator (which,
+ * by now, we'll have attempted to translate and flush).
+ */
+ if (mode == M_FILL)
+ *output++ = c;
+ }
+
+ ++input;
+ } while (c != '\0');
+
+ /* We must have seen the VG-LV separator. If that's not the case, we'll
+ * catch it before modifying "id".
+ */
+ if (!single_hyphen_seen) {
+ assert (mode == M_SCAN);
+ return;
+ }
+ }
+}
+
struct key_store *
-key_store_import_key (struct key_store *ks, const struct key_store_key *key)
+key_store_import_key (struct key_store *ks, struct key_store_key *key)
{
struct key_store_key *new_keys;
@@ -278,6 +377,7 @@ key_store_import_key (struct key_store *ks, const struct key_store_key *key)
error (EXIT_FAILURE, errno, "realloc");
ks->keys = new_keys;
+ unescape_device_mapper_lvm (key->id);
ks->keys[ks->nr_keys] = *key;
++ks->nr_keys;

97
SOURCES/0012-LUKS-on-LVM-inspection-test-rename-VGs-and-LVs.patch Normal file
View File

@ -0,0 +1,97 @@
From c95b3086bdbdf840de8d3b24c3ae5e9b847bf588 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Fri, 19 May 2023 16:08:48 +0200
Subject: [PATCH] LUKS-on-LVM inspection test: rename VGs and LVs
In preparation for a subsequent patch, rename "VG" to "Volume-Group", and
"LV<n>" to "Logical-Volume-<n>", in the LUKS-on-LVM inspection test.
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2168506
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20230519140849.310774-3-lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 58e26402334a4696fa08730eecc9098fc270ed1c)
---
test-data/phony-guests/make-fedora-img.pl | 30 +++++++++++--------
.../test-key-option-inspect-luks-on-lvm.sh | 16 +++++-----
2 files changed, 25 insertions(+), 21 deletions(-)
diff --git a/test-data/phony-guests/make-fedora-img.pl b/test-data/phony-guests/make-fedora-img.pl
index c0cb5d0b..6362e225 100755
--- a/test-data/phony-guests/make-fedora-img.pl
+++ b/test-data/phony-guests/make-fedora-img.pl
@@ -224,23 +224,27 @@ EOF
# Create the Volume Group on /dev/sda2.
$g->pvcreate ('/dev/sda2');
- $g->vgcreate ('VG', ['/dev/sda2']);
- $g->lvcreate ('Root', 'VG', 32);
- $g->lvcreate ('LV1', 'VG', 32);
- $g->lvcreate ('LV2', 'VG', 32);
- $g->lvcreate ('LV3', 'VG', 64);
+ $g->vgcreate ('Volume-Group', ['/dev/sda2']);
+ $g->lvcreate ('Root', 'Volume-Group', 32);
+ $g->lvcreate ('Logical-Volume-1', 'Volume-Group', 32);
+ $g->lvcreate ('Logical-Volume-2', 'Volume-Group', 32);
+ $g->lvcreate ('Logical-Volume-3', 'Volume-Group', 64);
# Format each Logical Group as a LUKS device, with a different password.
- $g->luks_format ('/dev/VG/Root', 'FEDORA-Root', 0);
- $g->luks_format ('/dev/VG/LV1', 'FEDORA-LV1', 0);
- $g->luks_format ('/dev/VG/LV2', 'FEDORA-LV2', 0);
- $g->luks_format ('/dev/VG/LV3', 'FEDORA-LV3', 0);
+ $g->luks_format ('/dev/Volume-Group/Root', 'FEDORA-Root', 0);
+ $g->luks_format ('/dev/Volume-Group/Logical-Volume-1', 'FEDORA-LV1', 0);
+ $g->luks_format ('/dev/Volume-Group/Logical-Volume-2', 'FEDORA-LV2', 0);
+ $g->luks_format ('/dev/Volume-Group/Logical-Volume-3', 'FEDORA-LV3', 0);
# Open the LUKS devices. This creates nodes like /dev/mapper/*-luks.
- $g->cryptsetup_open ('/dev/VG/Root', 'FEDORA-Root', 'Root-luks');
- $g->cryptsetup_open ('/dev/VG/LV1', 'FEDORA-LV1', 'LV1-luks');
- $g->cryptsetup_open ('/dev/VG/LV2', 'FEDORA-LV2', 'LV2-luks');
- $g->cryptsetup_open ('/dev/VG/LV3', 'FEDORA-LV3', 'LV3-luks');
+ $g->cryptsetup_open ('/dev/Volume-Group/Root',
+ 'FEDORA-Root', 'Root-luks');
+ $g->cryptsetup_open ('/dev/Volume-Group/Logical-Volume-1',
+ 'FEDORA-LV1', 'LV1-luks');
+ $g->cryptsetup_open ('/dev/Volume-Group/Logical-Volume-2',
+ 'FEDORA-LV2', 'LV2-luks');
+ $g->cryptsetup_open ('/dev/Volume-Group/Logical-Volume-3',
+ 'FEDORA-LV3', 'LV3-luks');
# Phony root filesystem.
$g->mkfs ('ext2', '/dev/mapper/Root-luks', blocksize => 4096, label => 'ROOT');
diff --git a/tests/luks/test-key-option-inspect-luks-on-lvm.sh b/tests/luks/test-key-option-inspect-luks-on-lvm.sh
index 52cd7e98..a8d72b9f 100755
--- a/tests/luks/test-key-option-inspect-luks-on-lvm.sh
+++ b/tests/luks/test-key-option-inspect-luks-on-lvm.sh
@@ -30,10 +30,10 @@ skip_unless_phony_guest fedora-luks-on-lvm.img
# Volume names.
guestfish=(guestfish --listen --ro --inspector
--add ../test-data/phony-guests/fedora-luks-on-lvm.img)
-keys_by_lvname=(--key /dev/VG/Root:key:FEDORA-Root
- --key /dev/VG/LV1:key:FEDORA-LV1
- --key /dev/VG/LV2:key:FEDORA-LV2
- --key /dev/VG/LV3:key:FEDORA-LV3)
+keys_by_lvname=(--key /dev/Volume-Group/Root:key:FEDORA-Root
+ --key /dev/Volume-Group/Logical-Volume-1:key:FEDORA-LV1
+ --key /dev/Volume-Group/Logical-Volume-2:key:FEDORA-LV2
+ --key /dev/Volume-Group/Logical-Volume-3:key:FEDORA-LV3)
# The variable assignment below will fail, and abort the script, if guestfish
# refuses to start up.
@@ -56,10 +56,10 @@ function cleanup_guestfish
trap cleanup_guestfish EXIT
# Get the UUIDs of the LUKS devices.
-uuid_root=$(guestfish --remote -- luks-uuid /dev/VG/Root)
-uuid_lv1=$( guestfish --remote -- luks-uuid /dev/VG/LV1)
-uuid_lv2=$( guestfish --remote -- luks-uuid /dev/VG/LV2)
-uuid_lv3=$( guestfish --remote -- luks-uuid /dev/VG/LV3)
+uuid_root=$(guestfish --remote -- luks-uuid /dev/Volume-Group/Root)
+uuid_lv1=$( guestfish --remote -- luks-uuid /dev/Volume-Group/Logical-Volume-1)
+uuid_lv2=$( guestfish --remote -- luks-uuid /dev/Volume-Group/Logical-Volume-2)
+uuid_lv3=$( guestfish --remote -- luks-uuid /dev/Volume-Group/Logical-Volume-3)
# The actual test.
function check_filesystems

32
SOURCES/0012-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch Normal file
View File

@ -0,0 +1,32 @@
From c1ff450bcee1465f0eaca00a4d6c8c731f175488 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 29 Jun 2021 15:29:11 +0100
Subject: [PATCH] RHEL: Create /etc/crypto-policies/back-ends/opensslcnf.config
https://bugzilla.redhat.com/show_bug.cgi?id=1977214#c13
---
appliance/init | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/appliance/init b/appliance/init
index 19aa151b7..e67d88280 100755
--- a/appliance/init
+++ b/appliance/init
@@ -76,6 +76,14 @@ if ! test -e /etc/mtab; then
ln -s /proc/mounts /etc/mtab
fi
+# openssl 3 requires /etc/crypto-policies/back-ends/opensslcnf.config
+# to exist, but it is created in a %post script in crypto-policies
+# https://bugzilla.redhat.com/show_bug.cgi?id=1977214#c13
+if ! test -r /etc/crypto-policies/back-ends/opensslcnf.config &&
+ test -f /usr/share/crypto-policies/DEFAULT/opensslcnf.txt; then
+ ln -s /usr/share/crypto-policies/DEFAULT/opensslcnf.txt /etc/crypto-policies/back-ends/opensslcnf.config
+fi
+
# Static nodes must happen before udev is started.
# Set up kmod static-nodes (RHBZ#1011907).
--
2.31.1

36
SOURCES/0012-inspection-Return-RPM-epoch.patch
View File

@ -1,36 +0,0 @@
From 3ce392c9870a589cc50d2270fcf07b4d129c3dc3 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Sat, 27 Mar 2021 09:31:00 +0000
Subject: [PATCH] inspection: Return RPM epoch.
Fixes: commit c9ee831affed55abe0f928134cbbd2ed83b2f510
(cherry picked from commit fef73bce7eec0ce0753a2e150e4e088020d38643)
---
daemon/rpm-c.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/daemon/rpm-c.c b/daemon/rpm-c.c
index 92a3abf58..be0e81e22 100644
--- a/daemon/rpm-c.c
+++ b/daemon/rpm-c.c
@@ -108,13 +108,16 @@ guestfs_int_daemon_rpm_next_application (value unitv)
h = headerLink (h);
app.app2_name = headerFormat (h, "%{NAME}", NULL);
- // XXXapp.app2_epoch = headerFormat (h, "%{NAME}", NULL);
app.app2_version = headerFormat (h, "%{VERSION}", NULL);
app.app2_release = headerFormat (h, "%{RELEASE}", NULL);
app.app2_arch = headerFormat (h, "%{ARCH}", NULL);
app.app2_url = headerFormat (h, "%{URL}", NULL);
app.app2_summary = headerFormat (h, "%{SUMMARY}", NULL);
app.app2_description = headerFormat (h, "%{DESCRIPTION}", NULL);
+
+ /* epoch is special as the only int field. */
+ app.app2_epoch = headerGetNumber (h, RPMTAG_EPOCH);
+
headerFree (h);
/* Convert this to an OCaml struct. Any NULL fields must be turned
--
2.31.1

46
SOURCES/0013-LUKS-on-LVM-inspection-test-test-dev-mapper-VG-LV-tr.patch Normal file
View File

@ -0,0 +1,46 @@
From 15cc20d1f5e0413c1af26c683437995886146eb6 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Fri, 19 May 2023 16:08:49 +0200
Subject: [PATCH] LUKS-on-LVM inspection test: test /dev/mapper/VG-LV
translation
In the LUKS-on-LVM inspection test, call the "check_filesystems" function
yet another time, now with such "--key" options that exercise the recent
"/dev/mapper/VG-LV" -> "/dev/VG/LV" translation (unescaping) from
libguestfs-common.
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2168506
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20230519140849.310774-4-lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 32408a9c36165af376f9f42e7d3e158d3da2c76e)
---
.../test-key-option-inspect-luks-on-lvm.sh | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/tests/luks/test-key-option-inspect-luks-on-lvm.sh b/tests/luks/test-key-option-inspect-luks-on-lvm.sh
index a8d72b9f..932862b1 100755
--- a/tests/luks/test-key-option-inspect-luks-on-lvm.sh
+++ b/tests/luks/test-key-option-inspect-luks-on-lvm.sh
@@ -101,3 +101,21 @@ eval "$fish_ref"
# Repeat the test.
check_filesystems
+
+# Exit the current guestfish background process.
+guestfish --remote -- exit
+GUESTFISH_PID=
+
+# Start up another guestfish background process, and specify the keys in
+# /dev/mapper/VG-LV format this time.
+keys_by_mapper_lvname=(
+ --key /dev/mapper/Volume--Group-Root:key:FEDORA-Root
+ --key /dev/mapper/Volume--Group-Logical--Volume--1:key:FEDORA-LV1
+ --key /dev/mapper/Volume--Group-Logical--Volume--2:key:FEDORA-LV2
+ --key /dev/mapper/Volume--Group-Logical--Volume--3:key:FEDORA-LV3
+)
+fish_ref=$("${guestfish[@]}" "${keys_by_mapper_lvname[@]}")
+eval "$fish_ref"
+
+# Repeat the test.
+check_filesystems

90
SOURCES/0013-php-add-arginfo-to-php-bindings.patch Normal file
View File

@ -0,0 +1,90 @@
From d451e0e42c75429279426e9eb5a7701cd4681d07 Mon Sep 17 00:00:00 2001
From: Geoff Amey <gamey@datto.com>
Date: Wed, 15 Jun 2022 17:06:56 -0400
Subject: [PATCH] php: add arginfo to php bindings
Starting with PHP8, arginfo is mandatory for PHP extensions. This patch
updates the generator for the PHP bindings to generate the arginfo
structures, using the Zend API macros. Only basic arginfo is added,
without full documentation of argument and return types, in order to
ensure compatibility with as many versions of PHP as possible.
(cherry picked from commit ec27979398b0871c1a3e0e244849f8435c9c9a8d)
---
.gitignore | 1 +
generator/php.ml | 37 ++++++++++++++++++++++++++++++++++---
2 files changed, 35 insertions(+), 3 deletions(-)
diff --git a/.gitignore b/.gitignore
index a36ccc86a..356c01fbd 100644
--- a/.gitignore
+++ b/.gitignore
@@ -325,6 +325,7 @@ Makefile.in
/php/extension/configure.in
/php/extension/env
/php/extension/guestfs_php.c
+/php/extension/guestfs_php.dep
/php/extension/install-sh
/php/extension/libtool
/php/extension/ltmain.sh
diff --git a/generator/php.ml b/generator/php.ml
index 5c7ef48e8..acdc7b877 100644
--- a/generator/php.ml
+++ b/generator/php.ml
@@ -130,6 +130,37 @@ typedef size_t guestfs_string_length;
typedef int guestfs_string_length;
#endif
+/* Declare argument info structures */
+ZEND_BEGIN_ARG_INFO_EX(arginfo_create, 0, 0, 0)
+ZEND_END_ARG_INFO()
+
+ZEND_BEGIN_ARG_INFO_EX(arginfo_last_error, 0, 0, 1)
+ ZEND_ARG_INFO(0, g)
+ZEND_END_ARG_INFO()
+
+";
+ List.iter (
+ fun { name = shortname; style = ret, args, optargs; } ->
+ let len = List.length args in
+ pr "ZEND_BEGIN_ARG_INFO_EX(arginfo_%s, 0, 0, %d)\n" shortname (len + 1);
+ pr " ZEND_ARG_INFO(0, g)\n";
+ List.iter (
+ function
+ | BufferIn n | Bool n | Int n | Int64 n | OptString n
+ | Pointer(_, n) | String (_, n) | StringList (_, n) ->
+ pr " ZEND_ARG_INFO(0, %s)\n" n
+ ) args;
+
+ List.iter (
+ function
+ | OBool n | OInt n | OInt64 n | OString n | OStringList n ->
+ pr " ZEND_ARG_INFO(0, %s)\n" n
+ ) optargs;
+ pr "ZEND_END_ARG_INFO()\n\n";
+ ) (actions |> external_functions |> sort);
+
+ pr "
+
/* Convert array to list of strings.
* http://marc.info/?l=pecl-dev&m=112205192100631&w=2
*/
@@ -204,12 +235,12 @@ PHP_MINIT_FUNCTION (guestfs_php)
}
static zend_function_entry guestfs_php_functions[] = {
- PHP_FE (guestfs_create, NULL)
- PHP_FE (guestfs_last_error, NULL)
+ PHP_FE (guestfs_create, arginfo_create)
+ PHP_FE (guestfs_last_error, arginfo_last_error)
";
List.iter (
- fun { name } -> pr " PHP_FE (guestfs_%s, NULL)\n" name
+ fun { name } -> pr " PHP_FE (guestfs_%s, arginfo_%s)\n" name name
) (actions |> external_functions |> sort);
pr " { NULL, NULL, NULL }
--
2.31.1

4664
SOURCES/0013-test-data-phony-guests-Fix-phony-RPM-database-fix-vi.patch
View File

File diff suppressed because it is too large Load Diff

252
SOURCES/0014-introduce-the-clevis_luks_unlock-API.patch Normal file
View File

@ -0,0 +1,252 @@
From 51ea2e3af9caa434e847ca74a86f5de5ade6058f Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Thu, 30 Jun 2022 14:20:47 +0200
Subject: [PATCH] introduce the "clevis_luks_unlock" API
Introduce a new guestfs API called "clevis_luks_unlock". At the libguestfs
level, it is quite simple; it wraps the "clevis luks unlock" guest command
(implemented by the "clevis-luks-unlock" executable, which is in fact a
shell script).
The complexity is instead in the network-based disk encryption
(Clevis/Tang) scheme. Useful documentation:
- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html-single/security_hardening/index#configuring-automated-unlocking-of-encrypted-volumes-using-policy-based-decryption_security-hardening
- https://github.com/latchset/clevis#clevis
- https://github.com/latchset/tang#tang
The package providing "clevis-luks-unlock" is usually called
"clevis-luks", occasionally "clevis". Some distros don't package clevis at
all. Add the new API under a new option group (which may not be available)
called "clevisluks".
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1809453
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20220630122048.19335-3-lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 9a3e9a6c03eaffe60196bc4c7ae4699beae01dc3)
---
appliance/packagelist.in | 4 +++
daemon/Makefile.am | 1 +
daemon/clevis-luks.c | 58 +++++++++++++++++++++++++++++++++++++++
generator/actions_core.ml | 40 +++++++++++++++++++++++++++
generator/proc_nr.ml | 1 +
lib/MAX_PROC_NR | 2 +-
lib/guestfs.pod | 19 ++++++++++---
7 files changed, 120 insertions(+), 5 deletions(-)
create mode 100644 daemon/clevis-luks.c
diff --git a/appliance/packagelist.in b/appliance/packagelist.in
index 77a07acc6..0b79edcdd 100644
--- a/appliance/packagelist.in
+++ b/appliance/packagelist.in
@@ -23,6 +23,7 @@ dnl Basically the same with a few minor tweaks.
ifelse(UBUNTU,1,`define(`DEBIAN',1)')
ifelse(REDHAT,1,
+ clevis-luks
cryptsetup
cryptsetup-luks dnl old name used before Fedora 17
dhclient
@@ -53,6 +54,7 @@ ifelse(DEBIAN,1,
bsdmainutils
dnl old name used in Jessie and earlier
btrfs-tools
+ clevis-luks
cryptsetup
dash
extlinux
@@ -92,6 +94,7 @@ dnl iproute has been renamed to iproute2
ifelse(ARCHLINUX,1,
cdrkit
cdrtools
+ clevis
cryptsetup
dhclient
dhcpcd
@@ -119,6 +122,7 @@ ifelse(SUSE,1,
augeas-lenses
btrfsprogs
cdrkit-cdrtools-compat
+ clevis
cryptsetup
dhcpcd
dhcp-client
diff --git a/daemon/Makefile.am b/daemon/Makefile.am
index bbd49f9ea..f50faecd6 100644
--- a/daemon/Makefile.am
+++ b/daemon/Makefile.am
@@ -98,6 +98,7 @@ guestfsd_SOURCES = \
cap.c \
checksum.c \
cleanups.c \
+ clevis-luks.c \
cmp.c \
command.c \
command.h \
diff --git a/daemon/clevis-luks.c b/daemon/clevis-luks.c
new file mode 100644
index 000000000..d3d970d78
--- /dev/null
+++ b/daemon/clevis-luks.c
@@ -0,0 +1,58 @@
+/* libguestfs - the guestfsd daemon
+ * Copyright (C) 2009-2022 Red Hat Inc.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#include <config.h>
+
+#include "daemon.h"
+#include "actions.h"
+#include "optgroups.h"
+
+#define MAX_ARGS 8
+
+int
+optgroup_clevisluks_available (void)
+{
+ return prog_exists ("clevis-luks-unlock");
+}
+
+int
+do_clevis_luks_unlock (const char *device, const char *mapname)
+{
+ const char *argv[MAX_ARGS];
+ size_t i = 0;
+ int r;
+ CLEANUP_FREE char *err = NULL;
+
+ ADD_ARG (argv, i, "clevis");
+ ADD_ARG (argv, i, "luks");
+ ADD_ARG (argv, i, "unlock");
+ ADD_ARG (argv, i, "-d");
+ ADD_ARG (argv, i, device);
+ ADD_ARG (argv, i, "-n");
+ ADD_ARG (argv, i, mapname);
+ ADD_ARG (argv, i, NULL);
+
+ r = commandv (NULL, &err, argv);
+ if (r == -1) {
+ reply_with_error ("%s: %s: %s", device, mapname, err);
+ return -1;
+ }
+
+ udev_settle ();
+ return 0;
+}
diff --git a/generator/actions_core.ml b/generator/actions_core.ml
index 6cd42a290..3c9b0a9b2 100644
--- a/generator/actions_core.ml
+++ b/generator/actions_core.ml
@@ -9676,4 +9676,44 @@ and I<not> the name of the underlying block device." };
shortdesc = "read directories entries";
longdesc = "Internal function for readdir." };
+ { defaults with
+ name = "clevis_luks_unlock"; added = (1, 49, 3);
+ style = RErr,
+ [String (Device, "device"); String (PlainString, "mapname")],
+ [];
+ optional = Some "clevisluks";
+ test_excuse = "needs networking and a configured Tang server";
+ shortdesc = "open an encrypted LUKS block device with Clevis and Tang";
+ longdesc = "\
+This command opens a block device that has been encrypted according to
+the Linux Unified Key Setup (LUKS) standard, using network-bound disk
+encryption (NBDE).
+
+C<device> is the encrypted block device.
+
+The appliance will connect to the Tang servers noted in the tree of
+Clevis pins that is bound to a keyslot of the LUKS header. The Clevis
+pin tree may comprise C<sss> (redudancy) pins as internal nodes
+(optionally), and C<tang> pins as leaves. C<tpm2> pins are not
+supported. The appliance unlocks the encrypted block device by
+combining responses from the Tang servers with metadata from the LUKS
+header; there is no C<key> parameter.
+
+This command will fail if networking has not been enabled for the
+appliance. Refer to C<guestfs_set_network>.
+
+The command creates a new block device called F</dev/mapper/mapname>.
+Reads and writes to this block device are decrypted from and encrypted
+to the underlying C<device> respectively. Close the decrypted block
+device with C<guestfs_cryptsetup_close>.
+
+C<mapname> cannot be C<\"control\"> because that name is reserved by
+device-mapper.
+
+If this block device contains LVM volume groups, then calling
+C<guestfs_lvm_scan> with the C<activate> parameter C<true> will make
+them visible.
+
+Use C<guestfs_list_dm_devices> to list all device mapper devices." };
+
]
diff --git a/generator/proc_nr.ml b/generator/proc_nr.ml
index bdced51c9..edd9bd99d 100644
--- a/generator/proc_nr.ml
+++ b/generator/proc_nr.ml
@@ -514,6 +514,7 @@ let proc_nr = [
509, "cryptsetup_close";
510, "internal_list_rpm_applications";
511, "internal_readdir";
+512, "clevis_luks_unlock"
]
(* End of list. If adding a new entry, add it at the end of the list
diff --git a/lib/MAX_PROC_NR b/lib/MAX_PROC_NR
index c0556fb20..4d0e90cbc 100644
--- a/lib/MAX_PROC_NR
+++ b/lib/MAX_PROC_NR
@@ -1 +1 @@
-511
+512
diff --git a/lib/guestfs.pod b/lib/guestfs.pod
index 946ce2d36..0fbe114a5 100644
--- a/lib/guestfs.pod
+++ b/lib/guestfs.pod
@@ -591,11 +591,22 @@ For Windows BitLocker it returns C<BitLocker>.
Then open these devices by calling L</guestfs_cryptsetup_open>.
Obviously you will require the passphrase!
+Passphrase-less unlocking is supported for LUKS (not BitLocker)
+block devices that have been encrypted with network-bound disk
+encryption (NBDE), using Clevis on the Linux guest side, and
+Tang on a separate Linux server. Open such devices with
+L</guestfs_clevis_luks_unlock>. The appliance will need
+networking enabled (refer to L</guestfs_set_network>) and actual
+connectivity to the Tang servers noted in the C<tang> Clevis
+pins that are bound to the LUKS header. (This includes the
+ability to resolve the names of the Tang servers.)
+
Opening an encrypted device creates a new device mapper device
-called F</dev/mapper/mapname> (where C<mapname> is the
-string you supply to L</guestfs_cryptsetup_open>).
-Reads and writes to this mapper device are decrypted from and
-encrypted to the underlying block device respectively.
+called F</dev/mapper/mapname> (where C<mapname> is the string
+you supply to L</guestfs_cryptsetup_open> or
+L</guestfs_clevis_luks_unlock>). Reads and writes to this mapper
+device are decrypted from and encrypted to the underlying block
+device respectively.
LVM volume groups on the device can be made visible by calling
L</guestfs_vgscan> followed by L</guestfs_vg_activate_all>.
--
2.31.1

34
SOURCES/0014-po-POTFILES-Fix-list-of-files-for-translation.patch
View File

@ -1,34 +0,0 @@
From 9664527c107d04aab416be87cc4fcd76dcbe5927 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Mon, 29 Mar 2021 18:25:13 +0100
Subject: [PATCH] po/POTFILES: Fix list of files for translation.
Fixes: commit c9ee831affed55abe0f928134cbbd2ed83b2f510
(cherry picked from commit df983200d76bac37c811fbd2fb67e7ebe830e759)
---
po/POTFILES | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/po/POTFILES b/po/POTFILES
index 0782e8ceb..fdc6e8062 100644
--- a/po/POTFILES
+++ b/po/POTFILES
@@ -128,6 +128,7 @@ daemon/pingdaemon.c
daemon/proto.c
daemon/readdir.c
daemon/rename.c
+daemon/rpm-c.c
daemon/rsync.c
daemon/scrub.c
daemon/selinux-relabel.c
@@ -353,7 +354,6 @@ lib/command.c
lib/conn-socket.c
lib/copy-in-out.c
lib/create.c
-lib/dbdump.c
lib/drives.c
lib/errors.c
lib/event-string.c
--
2.31.1

69
SOURCES/0015-guestfish-guestmount-enable-networking-for-key-ID-cl.patch Normal file
View File

@ -0,0 +1,69 @@
From 5ae97d7d83d8cdb6e8428774282167dd774aaf70 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Thu, 30 Jun 2022 14:20:48 +0200
Subject: [PATCH] guestfish, guestmount: enable networking for "--key
ID:clevis"
Call the C-language helper key_store_requires_network() in guestfish and
guestmount.
(Short log for the "common" submodule, commit range
35467027f657..af6cb55bc58a:
Laszlo Ersek (12):
options: fix UUID comparison logic bug in get_keys()
mltools/tools_utils: remove unused function "key_store_to_cli"
mltools/tools_utils: allow multiple "--key" options for OCaml tools too
options: replace NULL-termination with number-of-elements in get_keys()
options: wrap each passphrase from get_keys() into a struct
options: add back-end for LUKS decryption with Clevis+Tang
options: introduce selector type "key_clevis"
options: generalize "--key" selector parsing for C-language utilities
mltools/tools_utils-c: handle internal type error with abort()
mltools/tools_utils: generalize "--key" selector parsing for OCaml utils
options, mltools/tools_utils: parse "--key ID:clevis" options
options, mltools/tools_utils: add helper for network dependency
).
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1809453
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
Message-Id: <20220630122048.19335-4-lersek@redhat.com>
(cherry picked from commit 6a5b44f538065a9f661510234a4235bf38348213)
---
fish/fish.c | 3 +++
fuse/guestmount.c | 4 ++++
2 files changed, 7 insertions(+)
diff --git a/fish/fish.c b/fish/fish.c
index 23d9bb94f..19e3d2799 100644
--- a/fish/fish.c
+++ b/fish/fish.c
@@ -476,6 +476,9 @@ main (int argc, char *argv[])
/* If we've got drives to add, add them now. */
add_drives (drvs);
+ if (key_store_requires_network (ks) && guestfs_set_network (g, 1) == -1)
+ exit (EXIT_FAILURE);
+
/* If we've got mountpoints or prepared drives or -i option, we must
* launch the guest and mount them.
*/
diff --git a/fuse/guestmount.c b/fuse/guestmount.c
index 77c534828..3c6d57bde 100644
--- a/fuse/guestmount.c
+++ b/fuse/guestmount.c
@@ -348,6 +348,10 @@ main (int argc, char *argv[])
/* Do the guest drives and mountpoints. */
add_drives (drvs);
+
+ if (key_store_requires_network (ks) && guestfs_set_network (g, 1) == -1)
+ exit (EXIT_FAILURE);
+
if (guestfs_launch (g) == -1)
exit (EXIT_FAILURE);
if (inspector)
--
2.31.1

64
SOURCES/0015-m4-guestfs-find-db-tool.m4-Remove-unused-file.patch
View File

@ -1,64 +0,0 @@
From 083856d9f9c8fccc629bf0f3a5237d26434c8940 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Mon, 29 Mar 2021 18:35:48 +0100
Subject: [PATCH] m4/guestfs-find-db-tool.m4: Remove unused file.
Fixes: commit 42e5e7cfdbca01b2e9bd50c63a9fc65b6da9192f
(cherry picked from commit 8317279c3539562ebad9de13c7ac515dded74e4d)
---
m4/guestfs-find-db-tool.m4 | 43 --------------------------------------
1 file changed, 43 deletions(-)
delete mode 100644 m4/guestfs-find-db-tool.m4
diff --git a/m4/guestfs-find-db-tool.m4 b/m4/guestfs-find-db-tool.m4
deleted file mode 100644
index b404148c6..000000000
--- a/m4/guestfs-find-db-tool.m4
+++ /dev/null
@@ -1,43 +0,0 @@
-# libguestfs
-# Copyright (C) 2014 Red Hat Inc.
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-AC_DEFUN([GUESTFS_FIND_DB_TOOL],[
- pushdef([VARIABLE],$1)
- TOOL=$2
-
- db_tool_name="db_$TOOL"
- db_versions="53 5.3 5.2 5.1 4.8 4.7 4.6"
- db_tool_patterns="dbX_$TOOL dbX.Y_$TOOL"
- db_tool_patterns="dbX_$TOOL db_$TOOL-X dbX.Y_$TOOL db_$TOOL-X.Y"
-
- AC_ARG_VAR(VARIABLE, [Absolute path to $db_tool_name executable])
-
- AS_IF(test -z "$VARIABLE", [
- exe_list="db_$TOOL"
- for ver in $db_versions ; do
- ver_maj=`echo $ver | cut -d. -f1`
- ver_min=`echo $ver | cut -d. -f2`
- for pattern in $db_tool_patterns ; do
- exe=`echo "$pattern" | sed -e "s/X/$ver_maj/g;s/Y/$ver_min/g"`
- exe_list="$exe_list $exe"
- done
- done
- AC_PATH_PROGS([]VARIABLE[], [$exe_list], [no])
- ])
-
- popdef([VARIABLE])
-])
--
2.31.1

182
SOURCES/0016-daemon-Add-zstd-support-to-guestfs_file_architecture.patch Normal file
View File

@ -0,0 +1,182 @@
From 4807dacb577167b89cb5ffb1fa1a68ddf30b9319 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 9 Aug 2022 18:39:30 +0100
Subject: [PATCH] daemon: Add zstd support to guestfs_file_architecture
This is required so we can determine the file architecture of
zstd-compressed Linux kernel modules as used by OpenSUSE and maybe
other distros in future.
Note that zstd becomes a required package, but it is widely available
in current Linux distros.
The package names come from https://pkgs.org/download/zstd and my own
research.
(cherry picked from commit 0e784824e82a88e522873fec5db1a11943d637ed)
---
.gitignore | 1 +
appliance/packagelist.in | 6 ++++++
daemon/filearch.ml | 1 +
docs/guestfs-building.pod | 4 ++++
generator/actions_core.ml | 2 ++
m4/guestfs-progs.m4 | 4 ++++
test-data/Makefile.am | 1 +
test-data/files/Makefile.am | 6 ++++++
8 files changed, 25 insertions(+)
diff --git a/.gitignore b/.gitignore
index 356c01fbd..ee5ea74dd 100644
--- a/.gitignore
+++ b/.gitignore
@@ -448,6 +448,7 @@ Makefile.in
/test-data/files/initrd-x86_64.img
/test-data/files/initrd-x86_64.img.gz
/test-data/files/lib-i586.so.xz
+/test-data/files/lib-i586.so.zst
/test-data/files/test-grep.txt.gz
/test-data/phony-guests/archlinux.img
/test-data/phony-guests/blank-*.img
diff --git a/appliance/packagelist.in b/appliance/packagelist.in
index 0b79edcdd..0fc11f6ae 100644
--- a/appliance/packagelist.in
+++ b/appliance/packagelist.in
@@ -48,6 +48,7 @@ ifelse(REDHAT,1,
vim-minimal
xz
zfs-fuse
+ zstd
)
ifelse(DEBIAN,1,
@@ -88,6 +89,7 @@ dnl iproute has been renamed to iproute2
vim-tiny
xz-utils
zfs-fuse
+ zstd
uuid-runtime
)
@@ -115,6 +117,7 @@ ifelse(ARCHLINUX,1,
systemd
vim
xz
+ zstd
)
ifelse(SUSE,1,
@@ -140,6 +143,7 @@ ifelse(SUSE,1,
systemd-sysvinit
vim
xz
+ zstd
)
ifelse(FRUGALWARE,1,
@@ -185,6 +189,7 @@ ifelse(MAGEIA,1,
systemd /* for /sbin/reboot and udevd */
vim-minimal
xz
+ zstd
)
ifelse(OPENMANDRIVA,1,
@@ -203,6 +208,7 @@ ifelse(OPENMANDRIVA,1,
systemd /* for /sbin/reboot and udevd */
vim-minimal
xz
+ zstd
)
include(guestfsd.deps)
diff --git a/daemon/filearch.ml b/daemon/filearch.ml
index 67a7339e0..4d7e912c0 100644
--- a/daemon/filearch.ml
+++ b/daemon/filearch.ml
@@ -106,6 +106,7 @@ and cpio_arch magic orig_path path =
if String.find magic "gzip" >= 0 then "zcat"
else if String.find magic "bzip2" >= 0 then "bzcat"
else if String.find magic "XZ compressed" >= 0 then "xzcat"
+ else if String.find magic "Zstandard compressed" >= 0 then "zstdcat"
else "cat" in
let tmpdir = Mkdtemp.temp_dir "filearch" in
diff --git a/docs/guestfs-building.pod b/docs/guestfs-building.pod
index b93a611a6..7a7240f78 100644
--- a/docs/guestfs-building.pod
+++ b/docs/guestfs-building.pod
@@ -172,6 +172,10 @@ I<Required>.
I<Required>.
+=item zstd
+
+I<Required>.
+
=item Jansson E<ge> 2.7
I<Required>.
diff --git a/generator/actions_core.ml b/generator/actions_core.ml
index 3c9b0a9b2..553e4ec3b 100644
--- a/generator/actions_core.ml
+++ b/generator/actions_core.ml
@@ -9373,6 +9373,8 @@ with large files, such as the resulting squashfs will be over 3GB big." };
[["file_architecture"; "/bin-x86_64-dynamic.gz"]], "x86_64"), [];
InitISOFS, Always, TestResultString (
[["file_architecture"; "/lib-i586.so.xz"]], "i386"), [];
+ InitISOFS, Always, TestResultString (
+ [["file_architecture"; "/lib-i586.so.zst"]], "i386"), [];
];
shortdesc = "detect the architecture of a binary file";
longdesc = "\
diff --git a/m4/guestfs-progs.m4 b/m4/guestfs-progs.m4
index cd8662e86..22fc61367 100644
--- a/m4/guestfs-progs.m4
+++ b/m4/guestfs-progs.m4
@@ -95,6 +95,10 @@ AC_PATH_PROGS([XZCAT],[xzcat],[no])
test "x$XZCAT" = "xno" && AC_MSG_ERROR([xzcat must be installed])
AC_DEFINE_UNQUOTED([XZCAT],["$XZCAT"],[Name of xzcat program.])
+dnl Check for zstdcat (required).
+AC_PATH_PROGS([ZSTDCAT],[zstdcat],[no])
+test "x$ZSTDCAT" = "xno" && AC_MSG_ERROR([zstdcat must be installed])
+
dnl (f)lex and bison for virt-builder (required).
dnl XXX Could be optional with some work.
AC_PROG_LEX
diff --git a/test-data/Makefile.am b/test-data/Makefile.am
index b603311a1..dbecd74b9 100644
--- a/test-data/Makefile.am
+++ b/test-data/Makefile.am
@@ -85,6 +85,7 @@ image_files = \
files/initrd-x86_64.img \
files/initrd-x86_64.img.gz \
files/lib-i586.so.xz \
+ files/lib-i586.so.zst \
files/test-grep.txt.gz
noinst_DATA = test.iso
diff --git a/test-data/files/Makefile.am b/test-data/files/Makefile.am
index a3d7288f9..06b0c6585 100644
--- a/test-data/files/Makefile.am
+++ b/test-data/files/Makefile.am
@@ -40,6 +40,7 @@ noinst_DATA = \
initrd-x86_64.img \
initrd-x86_64.img.gz \
lib-i586.so.xz \
+ lib-i586.so.zst \
test-grep.txt.gz
CLEANFILES += $(noinst_DATA)
@@ -116,3 +117,8 @@ lib-i586.so.xz: $(top_srcdir)/test-data/binaries/lib-i586.so
rm -f $@ $@-t
xz -c $< > $@-t
mv $@-t $@
+
+lib-i586.so.zst: $(top_srcdir)/test-data/binaries/lib-i586.so
+ rm -f $@ $@-t
+ zstd -c $< > $@-t
+ mv $@-t $@
--
2.31.1

474
SOURCES/0016-test-data-phony-guests-Fix-phony-RPM-database-fix-vi.patch
View File

@ -1,474 +0,0 @@
From f8ccce2c7a0c1323e0721f503322df525dd5b139 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Mon, 29 Mar 2021 12:22:12 +0100
Subject: [PATCH] test-data/phony-guests: Fix phony RPM database, fix
virt-inspector test.
libguestfs 1.45.3 now reads the RPM database using librpm, which means
our old phony database created by db_dump can no longer work. Instead
provide a real (but very minimal) sqlite database.
This commit also fixes the virt-inspector test since the RPM database
contents are now different.
(cherry picked from commit 46bf6fb473889ed28bd7220476120edcda47ae07)
---
inspector/expected-fedora-luks.img.xml | 208 +++++++++++++++++++++++--
inspector/expected-fedora.img.xml | 208 +++++++++++++++++++++++--
2 files changed, 398 insertions(+), 18 deletions(-)
diff --git a/inspector/expected-fedora-luks.img.xml b/inspector/expected-fedora-luks.img.xml
index df6060a73..72cddaf88 100644
--- a/inspector/expected-fedora-luks.img.xml
+++ b/inspector/expected-fedora-luks.img.xml
@@ -30,22 +30,212 @@
</filesystems>
<applications>
<application>
- <name>test1</name>
- <version>1.0</version>
- <release>1.fc14</release>
+ <name>basesystem</name>
+ <version>11</version>
+ <release>10.fc33</release>
+ <arch>noarch</arch>
+ <url>(none)</url>
+ <summary>The skeleton package which defines a simple Fedora system</summary>
+ <description>Basesystem defines the components of a basic Fedora system
+(for example, the package installation order to use during bootstrapping).
+Basesystem should be in every installation of a system, and it
+should never be removed.</description>
+ </application>
+ <application>
+ <name>bash</name>
+ <version>5.0.17</version>
+ <release>2.fc33</release>
+ <arch>x86_64</arch>
+ <url>https://www.gnu.org/software/bash</url>
+ <summary>The GNU Bourne Again shell</summary>
+ <description>The GNU Bourne Again shell (Bash) is a shell or command language
+interpreter that is compatible with the Bourne shell (sh). Bash
+incorporates useful features from the Korn shell (ksh) and the C shell
+(csh). Most sh scripts can be run by bash without modification.</description>
+ </application>
+ <application>
+ <name>fedora-gpg-keys</name>
+ <version>33</version>
+ <release>3</release>
+ <arch>noarch</arch>
+ <url>https://fedoraproject.org/</url>
+ <summary>Fedora RPM keys</summary>
+ <description>This package provides the RPM signature keys.</description>
+ </application>
+ <application>
+ <name>fedora-release</name>
+ <version>33</version>
+ <release>3</release>
+ <arch>noarch</arch>
+ <url>https://fedoraproject.org/</url>
+ <summary>Fedora release files</summary>
+ <description>Fedora release files such as various /etc/ files that define the release
+and systemd preset files that determine which services are enabled by default.</description>
+ </application>
+ <application>
+ <name>fedora-release-common</name>
+ <version>33</version>
+ <release>3</release>
+ <arch>noarch</arch>
+ <url>https://fedoraproject.org/</url>
+ <summary>Fedora release files</summary>
+ <description>Release files common to all Editions and Spins of Fedora</description>
+ </application>
+ <application>
+ <name>fedora-release-identity-basic</name>
+ <version>33</version>
+ <release>3</release>
+ <arch>noarch</arch>
+ <url>https://fedoraproject.org/</url>
+ <summary>Package providing the basic Fedora identity</summary>
+ <description>Provides the necessary files for a Fedora installation that is not identifying
+itself as a particular Edition or Spin.</description>
+ </application>
+ <application>
+ <name>fedora-repos</name>
+ <version>33</version>
+ <release>3</release>
+ <arch>noarch</arch>
+ <url>https://fedoraproject.org/</url>
+ <summary>Fedora package repositories</summary>
+ <description>Fedora package repository files for yum and dnf along with gpg public keys.</description>
+ </application>
+ <application>
+ <name>filesystem</name>
+ <version>3.14</version>
+ <release>3.fc33</release>
+ <arch>x86_64</arch>
+ <url>https://pagure.io/filesystem</url>
+ <summary>The basic directory layout for a Linux system</summary>
+ <description>The filesystem package is one of the basic packages that is installed
+on a Linux system. Filesystem contains the basic directory layout
+for a Linux operating system, including the correct permissions for
+the directories.</description>
+ </application>
+ <application>
+ <name>glibc</name>
+ <version>2.32</version>
+ <release>4.fc33</release>
+ <arch>x86_64</arch>
+ <url>http://www.gnu.org/software/glibc/</url>
+ <summary>The GNU libc libraries</summary>
+ <description>The glibc package contains standard libraries which are used by
+multiple programs on the system. In order to save disk space and
+memory, as well as to make upgrading easier, common system code is
+kept in one place and shared between programs. This particular package
+contains the most important sets of shared libraries: the standard C
+library and the standard math library. Without these two libraries, a
+Linux system will not function.</description>
+ </application>
+ <application>
+ <name>glibc-all-langpacks</name>
+ <version>2.32</version>
+ <release>4.fc33</release>
+ <arch>x86_64</arch>
+ <url>http://www.gnu.org/software/glibc/</url>
+ <summary>All language packs for glibc.</summary>
+ </application>
+ <application>
+ <name>glibc-common</name>
+ <version>2.32</version>
+ <release>4.fc33</release>
<arch>x86_64</arch>
+ <url>http://www.gnu.org/software/glibc/</url>
+ <summary>Common binaries and locale data for glibc</summary>
+ <description>The glibc-common package includes common binaries for the GNU libc
+libraries, as well as national language (locale) support.</description>
</application>
<application>
- <name>test2</name>
- <version>2.0</version>
- <release>2.fc14</release>
+ <name>gpg-pubkey</name>
+ <version>9570ff31</version>
+ <release>5e3006fb</release>
+ <arch>(none)</arch>
+ <url>(none)</url>
+ <summary>Fedora (33) &lt;fedora-33-primary@fedoraproject.org&gt; public key</summary>
+ <description>-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: rpm-4.16.1.2 (NSS-3)
+
+mQINBF4wBvsBEADQmcGbVUbDRUoXADReRmOOEMeydHghtKC9uRs9YNpGYZIB+bie
+bGYZmflQayfh/wEpO2W/IZfGpHPL42V7SbyvqMjwNls/fnXsCtf4LRofNK8Qd9fN
+kYargc9R7BEz/mwXKMiRQVx+DzkmqGWy2gq4iD0/mCyf5FdJCE40fOWoIGJXaOI1
+Tz1vWqKwLS5T0dfmi9U4Tp/XsKOZGvN8oi5h0KmqFk7LEZr1MXarhi2Va86sgxsF
+QcZEKfu5tgD0r00vXzikoSjn3qA5JW5FW07F1pGP4bF5f9J3CZbQyOjTSWMmmfTm
+2d2BURWzaDiJN9twY2yjzkoOMuPdXXvovg7KxLcQerKT+FbKbq8DySJX2rnOA77k
+UG4c9BGf/L1uBkAT8dpHLk6Uf5BfmypxUkydSWT1xfTDnw1MqxO0MsLlAHOR3J7c
+oW9kLcOLuCQn1hBEwfZv7VSWBkGXSmKfp0LLIxAFgRtv+Dh+rcMMRdJgKr1V3FU+
+rZ1+ZAfYiBpQJFPjv70vx+rGEgS801D3PJxBZUEy4Ic4ZYaKNhK9x9PRQuWcIBuW
+6eTe/6lKWZeyxCumLLdiS75mF2oTcBaWeoc3QxrPRV15eDKeYJMbhnUai/7lSrhs
+EWCkKR1RivgF4slYmtNE5ZPGZ/d61zjwn2xi4xNJVs8q9WRPMpHp0vCyMwARAQAB
+tDFGZWRvcmEgKDMzKSA8ZmVkb3JhLTMzLXByaW1hcnlAZmVkb3JhcHJvamVjdC5v
+cmc+iQI4BBMBAgAiBQJeMAb7AhsPBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAK
+CRBJ/XdJlXD/MZm2D/9kriL43vd3+0DNMeA82n2v9mSR2PQqKny39xNlYPyy/1yZ
+P/KXoa4NYSCA971LSd7lv4n/h5bEKgGHxZfttfOzOnWMVSSTfjRyM/df/NNzTUEV
+7ORA5GW18g8PEtS7uRxVBf3cLvWu5q+8jmqES5HqTAdGVcuIFQeBXFN8Gy1Jinuz
+AH8rJSdkUeZ0cehWbERq80BWM9dhad5dW+/+Gv0foFBvP15viwhWqajr8V0B8es+
+2/tHI0k86FAujV5i0rrXl5UOoLilO57QQNDZH/qW9GsHwVI+2yecLstpUNLq+EZC
+GqTZCYoxYRpl0gAMbDLztSL/8Bc0tJrCRG3tavJotFYlgUK60XnXlQzRkh9rgsfT
+EXbQifWdQMMogzjCJr0hzJ+V1d0iozdUxB2ZEgTjukOvatkB77DY1FPZRkSFIQs+
+fdcjazDIBLIxwJu5QwvTNW8lOLnJ46g4sf1WJoUdNTbR0BaC7HHj1inVWi0p7IuN
+66EPGzJOSjLK+vW+J0ncPDEgLCV74RF/0nR5fVTdrmiopPrzFuguHf9S9gYI3Zun
+Yl8FJUu4kRO6JPPTicUXWX+8XZmE94aK14RCJL23nOSi8T1eW8JLW43dCBRO8QUE
+Aso1t2pypm/1zZexJdOV8yGME3g5l2W6PLgpz58DBECgqc/kda+VWgEAp7rO2A==
+=EPL3
+-----END PGP PUBLIC KEY BLOCK-----
+</description>
+ </application>
+ <application>
+ <name>libgcc</name>
+ <version>10.2.1</version>
+ <release>9.fc33</release>
<arch>x86_64</arch>
+ <url>http://gcc.gnu.org</url>
+ <summary>GCC version 10 shared support library</summary>
+ <description>This package contains GCC shared support library which is needed
+e.g. for exception handling support.</description>
+ </application>
+ <application>
+ <name>ncurses-base</name>
+ <version>6.2</version>
+ <release>3.20200222.fc33</release>
+ <arch>noarch</arch>
+ <url>https://invisible-island.net/ncurses/ncurses.html</url>
+ <summary>Descriptions of common terminals</summary>
+ <description>This package contains descriptions of common terminals. Other terminal
+descriptions are included in the ncurses-term package.</description>
</application>
<application>
- <name>test3</name>
- <version>3.0</version>
- <release>3.fc14</release>
+ <name>ncurses-libs</name>
+ <version>6.2</version>
+ <release>3.20200222.fc33</release>
<arch>x86_64</arch>
+ <url>https://invisible-island.net/ncurses/ncurses.html</url>
+ <summary>Ncurses libraries</summary>
+ <description>The curses library routines are a terminal-independent method of
+updating character screens with reasonable optimization. The ncurses
+(new curses) library is a freely distributable replacement for the
+discontinued 4.4 BSD classic curses library.
+
+This package contains the ncurses libraries.</description>
+ </application>
+ <application>
+ <name>setup</name>
+ <version>2.13.7</version>
+ <release>2.fc33</release>
+ <arch>noarch</arch>
+ <url>https://pagure.io/setup/</url>
+ <summary>A set of system configuration and setup files</summary>
+ <description>The setup package contains a set of important system configuration and
+setup files, such as passwd, group, and profile.</description>
+ </application>
+ <application>
+ <name>tzdata</name>
+ <version>2021a</version>
+ <release>1.fc33</release>
+ <arch>noarch</arch>
+ <url>https://www.iana.org/time-zones</url>
+ <summary>Timezone data</summary>
+ <description>This package contains data files with rules for various timezones around
+the world.</description>
</application>
</applications>
</operatingsystem>
diff --git a/inspector/expected-fedora.img.xml b/inspector/expected-fedora.img.xml
index df6060a73..72cddaf88 100644
--- a/inspector/expected-fedora.img.xml
+++ b/inspector/expected-fedora.img.xml
@@ -30,22 +30,212 @@
</filesystems>
<applications>
<application>
- <name>test1</name>
- <version>1.0</version>
- <release>1.fc14</release>
+ <name>basesystem</name>
+ <version>11</version>
+ <release>10.fc33</release>
+ <arch>noarch</arch>
+ <url>(none)</url>
+ <summary>The skeleton package which defines a simple Fedora system</summary>
+ <description>Basesystem defines the components of a basic Fedora system
+(for example, the package installation order to use during bootstrapping).
+Basesystem should be in every installation of a system, and it
+should never be removed.</description>
+ </application>
+ <application>
+ <name>bash</name>
+ <version>5.0.17</version>
+ <release>2.fc33</release>
+ <arch>x86_64</arch>
+ <url>https://www.gnu.org/software/bash</url>
+ <summary>The GNU Bourne Again shell</summary>
+ <description>The GNU Bourne Again shell (Bash) is a shell or command language
+interpreter that is compatible with the Bourne shell (sh). Bash
+incorporates useful features from the Korn shell (ksh) and the C shell
+(csh). Most sh scripts can be run by bash without modification.</description>
+ </application>
+ <application>
+ <name>fedora-gpg-keys</name>
+ <version>33</version>
+ <release>3</release>
+ <arch>noarch</arch>
+ <url>https://fedoraproject.org/</url>
+ <summary>Fedora RPM keys</summary>
+ <description>This package provides the RPM signature keys.</description>
+ </application>
+ <application>
+ <name>fedora-release</name>
+ <version>33</version>
+ <release>3</release>
+ <arch>noarch</arch>
+ <url>https://fedoraproject.org/</url>
+ <summary>Fedora release files</summary>
+ <description>Fedora release files such as various /etc/ files that define the release
+and systemd preset files that determine which services are enabled by default.</description>
+ </application>
+ <application>
+ <name>fedora-release-common</name>
+ <version>33</version>
+ <release>3</release>
+ <arch>noarch</arch>
+ <url>https://fedoraproject.org/</url>
+ <summary>Fedora release files</summary>
+ <description>Release files common to all Editions and Spins of Fedora</description>
+ </application>
+ <application>
+ <name>fedora-release-identity-basic</name>
+ <version>33</version>
+ <release>3</release>
+ <arch>noarch</arch>
+ <url>https://fedoraproject.org/</url>
+ <summary>Package providing the basic Fedora identity</summary>
+ <description>Provides the necessary files for a Fedora installation that is not identifying
+itself as a particular Edition or Spin.</description>
+ </application>
+ <application>
+ <name>fedora-repos</name>
+ <version>33</version>
+ <release>3</release>
+ <arch>noarch</arch>
+ <url>https://fedoraproject.org/</url>
+ <summary>Fedora package repositories</summary>
+ <description>Fedora package repository files for yum and dnf along with gpg public keys.</description>
+ </application>
+ <application>
+ <name>filesystem</name>
+ <version>3.14</version>
+ <release>3.fc33</release>
+ <arch>x86_64</arch>
+ <url>https://pagure.io/filesystem</url>
+ <summary>The basic directory layout for a Linux system</summary>
+ <description>The filesystem package is one of the basic packages that is installed
+on a Linux system. Filesystem contains the basic directory layout
+for a Linux operating system, including the correct permissions for
+the directories.</description>
+ </application>
+ <application>
+ <name>glibc</name>
+ <version>2.32</version>
+ <release>4.fc33</release>
+ <arch>x86_64</arch>
+ <url>http://www.gnu.org/software/glibc/</url>
+ <summary>The GNU libc libraries</summary>
+ <description>The glibc package contains standard libraries which are used by
+multiple programs on the system. In order to save disk space and
+memory, as well as to make upgrading easier, common system code is
+kept in one place and shared between programs. This particular package
+contains the most important sets of shared libraries: the standard C
+library and the standard math library. Without these two libraries, a
+Linux system will not function.</description>
+ </application>
+ <application>
+ <name>glibc-all-langpacks</name>
+ <version>2.32</version>
+ <release>4.fc33</release>
+ <arch>x86_64</arch>
+ <url>http://www.gnu.org/software/glibc/</url>
+ <summary>All language packs for glibc.</summary>
+ </application>
+ <application>
+ <name>glibc-common</name>
+ <version>2.32</version>
+ <release>4.fc33</release>
<arch>x86_64</arch>
+ <url>http://www.gnu.org/software/glibc/</url>
+ <summary>Common binaries and locale data for glibc</summary>
+ <description>The glibc-common package includes common binaries for the GNU libc
+libraries, as well as national language (locale) support.</description>
</application>
<application>
- <name>test2</name>
- <version>2.0</version>
- <release>2.fc14</release>
+ <name>gpg-pubkey</name>
+ <version>9570ff31</version>
+ <release>5e3006fb</release>
+ <arch>(none)</arch>
+ <url>(none)</url>
+ <summary>Fedora (33) &lt;fedora-33-primary@fedoraproject.org&gt; public key</summary>
+ <description>-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: rpm-4.16.1.2 (NSS-3)
+
+mQINBF4wBvsBEADQmcGbVUbDRUoXADReRmOOEMeydHghtKC9uRs9YNpGYZIB+bie
+bGYZmflQayfh/wEpO2W/IZfGpHPL42V7SbyvqMjwNls/fnXsCtf4LRofNK8Qd9fN
+kYargc9R7BEz/mwXKMiRQVx+DzkmqGWy2gq4iD0/mCyf5FdJCE40fOWoIGJXaOI1
+Tz1vWqKwLS5T0dfmi9U4Tp/XsKOZGvN8oi5h0KmqFk7LEZr1MXarhi2Va86sgxsF
+QcZEKfu5tgD0r00vXzikoSjn3qA5JW5FW07F1pGP4bF5f9J3CZbQyOjTSWMmmfTm
+2d2BURWzaDiJN9twY2yjzkoOMuPdXXvovg7KxLcQerKT+FbKbq8DySJX2rnOA77k
+UG4c9BGf/L1uBkAT8dpHLk6Uf5BfmypxUkydSWT1xfTDnw1MqxO0MsLlAHOR3J7c
+oW9kLcOLuCQn1hBEwfZv7VSWBkGXSmKfp0LLIxAFgRtv+Dh+rcMMRdJgKr1V3FU+
+rZ1+ZAfYiBpQJFPjv70vx+rGEgS801D3PJxBZUEy4Ic4ZYaKNhK9x9PRQuWcIBuW
+6eTe/6lKWZeyxCumLLdiS75mF2oTcBaWeoc3QxrPRV15eDKeYJMbhnUai/7lSrhs
+EWCkKR1RivgF4slYmtNE5ZPGZ/d61zjwn2xi4xNJVs8q9WRPMpHp0vCyMwARAQAB
+tDFGZWRvcmEgKDMzKSA8ZmVkb3JhLTMzLXByaW1hcnlAZmVkb3JhcHJvamVjdC5v
+cmc+iQI4BBMBAgAiBQJeMAb7AhsPBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAK
+CRBJ/XdJlXD/MZm2D/9kriL43vd3+0DNMeA82n2v9mSR2PQqKny39xNlYPyy/1yZ
+P/KXoa4NYSCA971LSd7lv4n/h5bEKgGHxZfttfOzOnWMVSSTfjRyM/df/NNzTUEV
+7ORA5GW18g8PEtS7uRxVBf3cLvWu5q+8jmqES5HqTAdGVcuIFQeBXFN8Gy1Jinuz
+AH8rJSdkUeZ0cehWbERq80BWM9dhad5dW+/+Gv0foFBvP15viwhWqajr8V0B8es+
+2/tHI0k86FAujV5i0rrXl5UOoLilO57QQNDZH/qW9GsHwVI+2yecLstpUNLq+EZC
+GqTZCYoxYRpl0gAMbDLztSL/8Bc0tJrCRG3tavJotFYlgUK60XnXlQzRkh9rgsfT
+EXbQifWdQMMogzjCJr0hzJ+V1d0iozdUxB2ZEgTjukOvatkB77DY1FPZRkSFIQs+
+fdcjazDIBLIxwJu5QwvTNW8lOLnJ46g4sf1WJoUdNTbR0BaC7HHj1inVWi0p7IuN
+66EPGzJOSjLK+vW+J0ncPDEgLCV74RF/0nR5fVTdrmiopPrzFuguHf9S9gYI3Zun
+Yl8FJUu4kRO6JPPTicUXWX+8XZmE94aK14RCJL23nOSi8T1eW8JLW43dCBRO8QUE
+Aso1t2pypm/1zZexJdOV8yGME3g5l2W6PLgpz58DBECgqc/kda+VWgEAp7rO2A==
+=EPL3
+-----END PGP PUBLIC KEY BLOCK-----
+</description>
+ </application>
+ <application>
+ <name>libgcc</name>
+ <version>10.2.1</version>
+ <release>9.fc33</release>
<arch>x86_64</arch>
+ <url>http://gcc.gnu.org</url>
+ <summary>GCC version 10 shared support library</summary>
+ <description>This package contains GCC shared support library which is needed
+e.g. for exception handling support.</description>
+ </application>
+ <application>
+ <name>ncurses-base</name>
+ <version>6.2</version>
+ <release>3.20200222.fc33</release>
+ <arch>noarch</arch>
+ <url>https://invisible-island.net/ncurses/ncurses.html</url>
+ <summary>Descriptions of common terminals</summary>
+ <description>This package contains descriptions of common terminals. Other terminal
+descriptions are included in the ncurses-term package.</description>
</application>
<application>
- <name>test3</name>
- <version>3.0</version>
- <release>3.fc14</release>
+ <name>ncurses-libs</name>
+ <version>6.2</version>
+ <release>3.20200222.fc33</release>
<arch>x86_64</arch>
+ <url>https://invisible-island.net/ncurses/ncurses.html</url>
+ <summary>Ncurses libraries</summary>
+ <description>The curses library routines are a terminal-independent method of
+updating character screens with reasonable optimization. The ncurses
+(new curses) library is a freely distributable replacement for the
+discontinued 4.4 BSD classic curses library.
+
+This package contains the ncurses libraries.</description>
+ </application>
+ <application>
+ <name>setup</name>
+ <version>2.13.7</version>
+ <release>2.fc33</release>
+ <arch>noarch</arch>
+ <url>https://pagure.io/setup/</url>
+ <summary>A set of system configuration and setup files</summary>
+ <description>The setup package contains a set of important system configuration and
+setup files, such as passwd, group, and profile.</description>
+ </application>
+ <application>
+ <name>tzdata</name>
+ <version>2021a</version>
+ <release>1.fc33</release>
+ <arch>noarch</arch>
+ <url>https://www.iana.org/time-zones</url>
+ <summary>Timezone data</summary>
+ <description>This package contains data files with rules for various timezones around
+the world.</description>
</application>
</applications>
</operatingsystem>
--
2.31.1

184
SOURCES/0017-New-API-inspect_get_build_id.patch Normal file
View File

@ -0,0 +1,184 @@
From 7dbcddd5bd5939493db74843593316f7101f8fde Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Thu, 1 Dec 2022 10:00:46 +0000
Subject: [PATCH] New API: inspect_get_build_id
Add an API to return the build ID of the guest. This to allow a
future change to be able to distinguish between Windows 10 and Windows 11
which can only be done using the build ID.
For Windows we can read the CurrentBuildNumber key from the registry.
For Linux there happens to be a BUILD_ID field in /etc/os-release.
I've never seen a Linux distro that actually uses this.
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit f3dd67affe3c657af64ee9f6d70a16e965309556)
---
daemon/inspect.ml | 6 ++++++
daemon/inspect_fs_unix.ml | 2 ++
daemon/inspect_fs_windows.ml | 14 ++++++++++++++
daemon/inspect_types.ml | 5 +++++
daemon/inspect_types.mli | 1 +
generator/actions_inspection.ml | 19 +++++++++++++++++++
generator/proc_nr.ml | 3 ++-
lib/MAX_PROC_NR | 2 +-
8 files changed, 50 insertions(+), 2 deletions(-)
diff --git a/daemon/inspect.ml b/daemon/inspect.ml
index fb75b4a6c..20217c025 100644
--- a/daemon/inspect.ml
+++ b/daemon/inspect.ml
@@ -335,6 +335,12 @@ and inspect_get_hostname root =
| Some v -> v
| None -> "unknown"
+and inspect_get_build_id root =
+ let root = search_for_root root in
+ match root.inspection_data.build_id with
+ | Some v -> v
+ | None -> "unknown"
+
and inspect_get_windows_systemroot root =
let root = search_for_root root in
match root.inspection_data.windows_systemroot with
diff --git a/daemon/inspect_fs_unix.ml b/daemon/inspect_fs_unix.ml
index 63cb279d0..009195f80 100644
--- a/daemon/inspect_fs_unix.ml
+++ b/daemon/inspect_fs_unix.ml
@@ -96,6 +96,8 @@ let rec parse_os_release release_file data =
data.product_name <- Some value
else if key = "VERSION_ID" then
parse_os_release_version_id value data
+ else if key = "BUILD_ID" then
+ data.build_id <- Some value
) values;
(* If we haven't got all the fields, exit right away. *)
diff --git a/daemon/inspect_fs_windows.ml b/daemon/inspect_fs_windows.ml
index c4a05bc38..7bc5de7f7 100644
--- a/daemon/inspect_fs_windows.ml
+++ b/daemon/inspect_fs_windows.ml
@@ -263,6 +263,20 @@ and check_windows_software_registry software_hive data =
with
Not_found -> ()
);
+
+ (* CurrentBuildNumber (build_id).
+ *
+ * In modern Windows, the "CurrentBuild" and "CurrentBuildNumber"
+ * keys are the same. But in Windows XP, "CurrentBuild"
+ * contained something quite different. So always use
+ * "CurrentBuildNumber".
+ *)
+ (try
+ let v = List.assoc "CurrentBuildNumber" values in
+ data.build_id <- Some (Hivex.value_string h v)
+ with
+ Not_found -> ()
+ );
with
| Not_found ->
if verbose () then
diff --git a/daemon/inspect_types.ml b/daemon/inspect_types.ml
index 9395c51f9..328a2146b 100644
--- a/daemon/inspect_types.ml
+++ b/daemon/inspect_types.ml
@@ -48,6 +48,7 @@ and inspection_data = {
mutable version : version option;
mutable arch : string option;
mutable hostname : string option;
+ mutable build_id : string option;
mutable fstab : fstab_entry list;
mutable windows_systemroot : string option;
mutable windows_software_hive : string option;
@@ -167,6 +168,8 @@ and string_of_inspection_data data =
data.arch;
Option.may (fun v -> bpf " hostname: %s\n" v)
data.hostname;
+ Option.may (fun v -> bpf " build ID: %s\n" v)
+ data.build_id;
if data.fstab <> [] then (
let v = List.map (
fun (a, b) -> sprintf "(%s, %s)" (Mountable.to_string a) b
@@ -272,6 +275,7 @@ let null_inspection_data = {
version = None;
arch = None;
hostname = None;
+ build_id = None;
fstab = [];
windows_systemroot = None;
windows_software_hive = None;
@@ -294,6 +298,7 @@ let merge_inspection_data child parent =
parent.version <- merge child.version parent.version;
parent.arch <- merge child.arch parent.arch;
parent.hostname <- merge child.hostname parent.hostname;
+ parent.build_id <- merge child.build_id parent.build_id;
parent.fstab <- child.fstab @ parent.fstab;
parent.windows_systemroot <-
merge child.windows_systemroot parent.windows_systemroot;
diff --git a/daemon/inspect_types.mli b/daemon/inspect_types.mli
index 29c76e8ab..05a3ffd4e 100644
--- a/daemon/inspect_types.mli
+++ b/daemon/inspect_types.mli
@@ -51,6 +51,7 @@ and inspection_data = {
mutable version : version option;
mutable arch : string option;
mutable hostname : string option;
+ mutable build_id : string option;
mutable fstab : fstab_entry list;
mutable windows_systemroot : string option;
mutable windows_software_hive : string option;
diff --git a/generator/actions_inspection.ml b/generator/actions_inspection.ml
index f8b744993..70de22ec0 100644
--- a/generator/actions_inspection.ml
+++ b/generator/actions_inspection.ml
@@ -529,6 +529,25 @@ hive is a valid Windows Registry hive.
You can use C<guestfs_hivex_open> to read or write to the hive.
+Please read L<guestfs(3)/INSPECTION> for more details." };
+
+ { defaults with
+ name = "inspect_get_build_id"; added = (1, 49, 8);
+ style = RString (RPlainString, "buildid"), [String (Mountable, "root")], [];
+ impl = OCaml "Inspect.inspect_get_build_id";
+ shortdesc = "get the system build ID";
+ longdesc = "\
+This returns the build ID of the system, or the string
+C<\"unknown\"> if the system does not have a build ID.
+
+For Windows, this gets the build number. Although it is
+returned as a string, it is (so far) always a number. See
+L<https://en.wikipedia.org/wiki/List_of_Microsoft_Windows_versions>
+for some possible values.
+
+For Linux, this returns the C<BUILD_ID> string from
+F</etc/os-release>, although this is not often used.
+
Please read L<guestfs(3)/INSPECTION> for more details." };
{ defaults with
diff --git a/generator/proc_nr.ml b/generator/proc_nr.ml
index edd9bd99d..0f17b1c06 100644
--- a/generator/proc_nr.ml
+++ b/generator/proc_nr.ml
@@ -514,7 +514,8 @@ let proc_nr = [
509, "cryptsetup_close";
510, "internal_list_rpm_applications";
511, "internal_readdir";
-512, "clevis_luks_unlock"
+512, "clevis_luks_unlock";
+513, "inspect_get_build_id";
]
(* End of list. If adding a new entry, add it at the end of the list
diff --git a/lib/MAX_PROC_NR b/lib/MAX_PROC_NR
index 4d0e90cbc..31cf34b8d 100644
--- a/lib/MAX_PROC_NR
+++ b/lib/MAX_PROC_NR
@@ -1 +1 @@
-512
+513
--
2.31.1

65
SOURCES/0017-launch-libvirt-place-our-virtio-net-pci-device-in-sl.patch
View File

@ -1,65 +0,0 @@
From 6657d0c1018ab44ae680376463ac3f0421548fb4 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Thu, 23 Dec 2021 11:36:59 +0100
Subject: [PATCH] launch-libvirt: place our virtio-net-pci device in slot 0x1e
The <qemu:commandline> trick we use for adding our virtio-net-pci device
in the libvirt backend can conflict with libvirtd's and QEMU's PCI address
assignment. Try to mitigate that by placing our device in slot 0x1e on the
root bus. In practice this could only conflict with a "dmi-to-pci-bridge"
device model, which libvirtd itself places in slot 0x1e. However, given
the XMLs we generate, and modern QEMU versions, libvirtd has no reason to
auto-add "dmi-to-pci-bridge". Refer to
<https://libvirt.org/formatdomain.html#controllers>.
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2034160
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20211223103701.12702-2-lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
Tested-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 5ce5ef6a97a58c5e906083ad4e944545712b3f3f)
---
lib/guestfs-internal.h | 11 +++++++++++
lib/launch-libvirt.c | 4 +++-
2 files changed, 14 insertions(+), 1 deletion(-)
diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h
index 4799ee0a1..0b46f0070 100644
--- a/lib/guestfs-internal.h
+++ b/lib/guestfs-internal.h
@@ -147,6 +147,17 @@
#define VIRTIO_DEVICE_NAME(type) type "-pci"
#endif
+/* Place the virtio-net controller in slot 0x1e on the root bus, on normal
+ * hardware with PCI. Refer to RHBZ#2034160.
+ */
+#ifdef HAVE_LIBVIRT_BACKEND
+#if defined(__arm__) || defined(__s390x__)
+#define VIRTIO_NET_PCI_ADDR ""
+#else
+#define VIRTIO_NET_PCI_ADDR ",addr=1e.0"
+#endif
+#endif
+
/* Guestfs handle and associated structures. */
/* State. */
diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c
index 026dc6b26..5842319df 100644
--- a/lib/launch-libvirt.c
+++ b/lib/launch-libvirt.c
@@ -1834,7 +1834,9 @@ construct_libvirt_xml_qemu_cmdline (guestfs_h *g,
} end_element ();
start_element ("qemu:arg") {
- attribute ("value", VIRTIO_DEVICE_NAME ("virtio-net") ",netdev=usernet");
+ attribute ("value", (VIRTIO_DEVICE_NAME ("virtio-net")
+ ",netdev=usernet"
+ VIRTIO_NET_PCI_ADDR));
} end_element ();
}
--
2.31.1

82
SOURCES/0018-lib-Return-correct-osinfo-field-for-Windows-11.patch Normal file
View File

@ -0,0 +1,82 @@
From 363bbb7e9bd39fc1683fb600c76266f67ad2063c Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Thu, 1 Dec 2022 10:14:43 +0000
Subject: [PATCH] lib: Return correct osinfo field for Windows 11
For Windows Client, we can only distinguish between Windows 10 and
Windows 11 using the build ID. The product name in both cases is
"Windows 10 <something>", apparently intentionally.
References:
https://learn.microsoft.com/en-us/answers/questions/586619/windows-11-build-ver-is-still-10022000194.html
https://github.com/cygwin/cygwin/blob/a263fe0b268580273c1adc4b1bad256147990222/winsup/cygwin/wincap.cc#L429
https://en.wikipedia.org/wiki/List_of_Microsoft_Windows_versions
After this fix, the output of virt-inspector changes to this, which is
a bit odd, but correct:
<name>windows</name>
<arch>x86_64</arch>
<distro>windows</distro>
<product_name>Windows 10 Pro</product_name>
<product_variant>Client</product_variant>
<major_version>10</major_version>
<minor_version>0</minor_version>
<windows_systemroot>/Windows</windows_systemroot>
<windows_current_control_set>ControlSet001</windows_current_control_set>
<osinfo>win11</osinfo>
Thanks: Yaakov Selkowitz
Reported-by: Yongkui Guo
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2012658
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit 824c7457489366494f0f10fd3369dc30f3a3c360)
---
lib/inspect-osinfo.c | 24 ++++++++++++++++++++++--
1 file changed, 22 insertions(+), 2 deletions(-)
diff --git a/lib/inspect-osinfo.c b/lib/inspect-osinfo.c
index 90e57e6df..1c10ff469 100644
--- a/lib/inspect-osinfo.c
+++ b/lib/inspect-osinfo.c
@@ -86,6 +86,8 @@ guestfs_impl_inspect_get_osinfo (guestfs_h *g, const char *root)
else if (STREQ (type, "windows")) {
CLEANUP_FREE char *product_name = NULL;
CLEANUP_FREE char *product_variant = NULL;
+ CLEANUP_FREE char *build_id_str = NULL;
+ int build_id;
product_name = guestfs_inspect_get_product_name (g, root);
if (!product_name)
@@ -142,8 +144,26 @@ guestfs_impl_inspect_get_osinfo (guestfs_h *g, const char *root)
return safe_strdup (g, "win2k19");
else
return safe_strdup (g, "win2k16");
- } else
- return safe_strdup (g, "win10");
+ }
+ else {
+ /* For Windows >= 10 Client we can only distinguish between
+ * versions by looking at the build ID. See:
+ * https://learn.microsoft.com/en-us/answers/questions/586619/windows-11-build-ver-is-still-10022000194.html
+ * https://github.com/cygwin/cygwin/blob/a263fe0b268580273c1adc4b1bad256147990222/winsup/cygwin/wincap.cc#L429
+ */
+ build_id_str = guestfs_inspect_get_build_id (g, root);
+ if (!build_id_str)
+ return NULL;
+
+ build_id = guestfs_int_parse_unsigned_int (g, build_id_str);
+ if (build_id == -1)
+ return NULL;
+
+ if (build_id >= 22000)
+ return safe_strdup (g, "win11");
+ else
+ return safe_strdup (g, "win10");
+ }
}
break;
}
--
2.31.1

70
SOURCES/0018-lib-extract-NETWORK_ADDRESS-and-NETWORK_PREFIX-as-ma.patch
View File

@ -1,70 +0,0 @@
From 4b9eac11db3e2cc9ace397ed4c804356a7d9adbf Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Thu, 23 Dec 2021 11:37:00 +0100
Subject: [PATCH] lib: extract NETWORK_ADDRESS and NETWORK_PREFIX as macros
The 169.254.0.0/16 network specification (for the appliance) is currently
duplicated between the direct backend and the libvirt backend. In a
subsequent patch, we're going to need the network specification in yet
another spot; extract it now to the NETWORK_ADDRESS and NETWORK_PREFIX
macros (simply as strings).
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2034160
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20211223103701.12702-3-lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
Tested-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 216de164e091a5c36403f24901698044a43ae0d9)
---
lib/guestfs-internal.h | 6 ++++++
lib/launch-direct.c | 2 +-
lib/launch-libvirt.c | 3 ++-
3 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h
index 0b46f0070..97a13ff2c 100644
--- a/lib/guestfs-internal.h
+++ b/lib/guestfs-internal.h
@@ -158,6 +158,12 @@
#endif
#endif
+/* Network address and network mask (expressed as address prefix) that the
+ * appliance will see (if networking is enabled).
+ */
+#define NETWORK_ADDRESS "169.254.0.0"
+#define NETWORK_PREFIX "16"
+
/* Guestfs handle and associated structures. */
/* State. */
diff --git a/lib/launch-direct.c b/lib/launch-direct.c
index b6ed9766f..de17d2167 100644
--- a/lib/launch-direct.c
+++ b/lib/launch-direct.c
@@ -681,7 +681,7 @@ launch_direct (guestfs_h *g, void *datav, const char *arg)
start_list ("-netdev") {
append_list ("user");
append_list ("id=usernet");
- append_list ("net=169.254.0.0/16");
+ append_list ("net=" NETWORK_ADDRESS "/" NETWORK_PREFIX);
} end_list ();
start_list ("-device") {
append_list (VIRTIO_DEVICE_NAME ("virtio-net"));
diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c
index 5842319df..0f38f0aec 100644
--- a/lib/launch-libvirt.c
+++ b/lib/launch-libvirt.c
@@ -1826,7 +1826,8 @@ construct_libvirt_xml_qemu_cmdline (guestfs_h *g,
} end_element ();
start_element ("qemu:arg") {
- attribute ("value", "user,id=usernet,net=169.254.0.0/16");
+ attribute ("value",
+ "user,id=usernet,net=" NETWORK_ADDRESS "/" NETWORK_PREFIX);
} end_element ();
start_element ("qemu:arg") {
--
2.31.1

91
SOURCES/0019-launch-libvirt-add-virtio-net-via-the-standard-inter.patch
View File

@ -1,91 +0,0 @@
From 8570de6e766297e4c9feab1c54ae05037f33edeb Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Thu, 23 Dec 2021 11:37:01 +0100
Subject: [PATCH] launch-libvirt: add virtio-net via the standard <interface>
element
Starting with version 3.8.0, libvirt allows us to specify the network
address and network mask (as prefix) for SLIRP directly via the
<interface> element in the domain XML:
<https://libvirt.org/formatdomain.html#userspace-slirp-stack>. This means
we don't need the <qemu:commandline> hack for virtio-net on such versions.
Restrict the hack in construct_libvirt_xml_qemu_cmdline() to
libvirt<3.8.0, and generate the proper <interface> element in
construct_libvirt_xml_devices() on libvirt>=3.8.0.
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2034160
Suggested-by: Richard W.M. Jones <rjones@redhat.com>
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20211223103701.12702-4-lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
Tested-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 5858c2cf6c24b3776e3867eafd9d86a1f4912d9c)
---
lib/guestfs-internal.h | 3 ++-
lib/launch-libvirt.c | 27 +++++++++++++++++++++++++--
2 files changed, 27 insertions(+), 3 deletions(-)
diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h
index 97a13ff2c..b11c945e9 100644
--- a/lib/guestfs-internal.h
+++ b/lib/guestfs-internal.h
@@ -148,7 +148,8 @@
#endif
/* Place the virtio-net controller in slot 0x1e on the root bus, on normal
- * hardware with PCI. Refer to RHBZ#2034160.
+ * hardware with PCI. Necessary only before libvirt 3.8.0. Refer to
+ * RHBZ#2034160.
*/
#ifdef HAVE_LIBVIRT_BACKEND
#if defined(__arm__) || defined(__s390x__)
diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c
index 0f38f0aec..f6bb39d99 100644
--- a/lib/launch-libvirt.c
+++ b/lib/launch-libvirt.c
@@ -1396,6 +1396,28 @@ construct_libvirt_xml_devices (guestfs_h *g,
} end_element ();
} end_element ();
+ /* Virtio-net NIC with SLIRP (= userspace) back-end, if networking is
+ * enabled. Starting with libvirt 3.8.0, we can specify the network address
+ * and prefix for SLIRP in the domain XML. Therefore, we can add the NIC
+ * via the standard <interface> element rather than <qemu:commandline>, and
+ * so libvirt can manage the PCI address of the virtio-net NIC like the PCI
+ * addresses of all other devices. Refer to RHBZ#2034160.
+ */
+ if (g->enable_network &&
+ guestfs_int_version_ge (&params->data->libvirt_version, 3, 8, 0)) {
+ start_element ("interface") {
+ attribute ("type", "user");
+ start_element ("model") {
+ attribute ("type", "virtio");
+ } end_element ();
+ start_element ("ip") {
+ attribute ("family", "ipv4");
+ attribute ("address", NETWORK_ADDRESS);
+ attribute ("prefix", NETWORK_PREFIX);
+ } end_element ();
+ } end_element ();
+ }
+
/* Libvirt adds some devices by default. Indicate to libvirt
* that we don't want them.
*/
@@ -1818,9 +1840,10 @@ construct_libvirt_xml_qemu_cmdline (guestfs_h *g,
} end_element ();
/* Workaround because libvirt user networking cannot specify "net="
- * parameter.
+ * parameter. Necessary only before libvirt 3.8.0; refer to RHBZ#2034160.
*/
- if (g->enable_network) {
+ if (g->enable_network &&
+ !guestfs_int_version_ge (&params->data->libvirt_version, 3, 8, 0)) {
start_element ("qemu:arg") {
attribute ("value", "-netdev");
} end_element ();
--
2.31.1

86
SOURCES/0020-appliance-Use-cpu-max.patch
View File

@ -1,86 +0,0 @@
From fbb053fc71c0c072acb3fbf6e5fbbfc3b0667fd2 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Thu, 28 Jan 2021 12:20:49 +0000
Subject: [PATCH] appliance: Use -cpu max.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
QEMU has a newish feature (from about 2017 / qemu 2.9) called -cpu max
which is supposed to select the best CPU, ideal for libguestfs.
After this change, on x86-64:
KVM TCG
Direct -cpu max -cpu max
(non-libvirt)
Libvirt <cpu mode="host-passthrough"> <cpu mode="host-model">
<model fallback="allow"/> <model fallback="allow"/>
</cpu> </cpu>
Thanks: Daniel Berrangé
(cherry picked from commit 30f74f38bd6e42e783ba80895f4d6826abddd417)
---
lib/appliance-cpu.c | 16 ++++++++--------
lib/launch-libvirt.c | 9 +++++++++
2 files changed, 17 insertions(+), 8 deletions(-)
diff --git a/lib/appliance-cpu.c b/lib/appliance-cpu.c
index 5ef9f5c72..54ac6e2e3 100644
--- a/lib/appliance-cpu.c
+++ b/lib/appliance-cpu.c
@@ -38,6 +38,11 @@
*
* The literal string C<"host"> means use C<-cpu host>.
*
+ * =item C<"max">
+ *
+ * The literal string C<"max"> means use C<-cpu max> (the best
+ * possible). This requires awkward translation for libvirt.
+ *
* =item some string
*
* Some string such as C<"cortex-a57"> means use C<-cpu cortex-a57>.
@@ -80,14 +85,9 @@ guestfs_int_get_cpu_model (int kvm)
/* See discussion in https://bugzilla.redhat.com/show_bug.cgi?id=1605071 */
return NULL;
#else
- /* On most architectures, it is faster to pass the CPU host model to
- * the appliance, allowing maximum speed for things like checksums
- * and encryption. Only do this with KVM. It is broken in subtle
- * ways on TCG, and fairly pointless when you're emulating anyway.
+ /* On most architectures we can use "max" to get the best possible CPU.
+ * For recent qemu this should work even on TCG.
*/
- if (kvm)
- return "host";
- else
- return NULL;
+ return "max";
#endif
}
diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c
index f6bb39d99..e3ff1ffe0 100644
--- a/lib/launch-libvirt.c
+++ b/lib/launch-libvirt.c
@@ -1169,6 +1169,15 @@ construct_libvirt_xml_cpu (guestfs_h *g,
attribute ("fallback", "allow");
} end_element ();
}
+ else if (STREQ (cpu_model, "max")) {
+ if (params->data->is_kvm)
+ attribute ("mode", "host-passthrough");
+ else
+ attribute ("mode", "host-model");
+ start_element ("model") {
+ attribute ("fallback", "allow");
+ } end_element ();
+ }
else
single_element ("model", cpu_model);
} end_element ();
--
2.31.1

48
SOURCES/0021-appliance-Use-cpu-mode-maximum-for-cpu-max-on-libvir.patch
View File

@ -1,48 +0,0 @@
From 7dde1007525ec235e769351be15ca5de34eeda4a Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Thu, 18 Mar 2021 12:32:26 +0000
Subject: [PATCH] appliance: Use <cpu mode="maximum"/> for -cpu max on libvirt.
Note this requires libvirt >= 7.1.0 which was only released in March 2021.
With an older libvirt you will see this error:
Original error from libvirt: unsupported configuration: Invalid mode attribute 'maximum' [code=67 int1=-1]
In theory we could check if this is supported by looking at the
libvirt capabilities and fall back, but this commit does not do that,
in the expectation that most people will be using the default backend
(direct) and on Fedora/RHEL we will add an explicit minimum version
dependency to the package.
qemu support has been around quite a bit longer (at least since 2017).
Fixes: commit 30f74f38bd6e42e783ba80895f4d6826abddd417
(cherry picked from commit 13ceb6a87b2869909a6a0e3c8caa962b72e4cb0e)
---
lib/launch-libvirt.c | 9 ++-------
1 file changed, 2 insertions(+), 7 deletions(-)
diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c
index e3ff1ffe0..db619910f 100644
--- a/lib/launch-libvirt.c
+++ b/lib/launch-libvirt.c
@@ -1170,13 +1170,8 @@ construct_libvirt_xml_cpu (guestfs_h *g,
} end_element ();
}
else if (STREQ (cpu_model, "max")) {
- if (params->data->is_kvm)
- attribute ("mode", "host-passthrough");
- else
- attribute ("mode", "host-model");
- start_element ("model") {
- attribute ("fallback", "allow");
- } end_element ();
+ /* https://bugzilla.redhat.com/show_bug.cgi?id=1935572#c11 */
+ attribute ("mode", "maximum");
}
else
single_element ("model", cpu_model);
--
2.31.1

92
SOURCES/0022-lib-Disable-5-level-page-tables-when-using-cpu-max.patch
View File

@ -1,92 +0,0 @@
From bb19cc0cdd43619ccf830e1e608f79e46f8ddf86 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Thu, 12 May 2022 08:36:37 +0100
Subject: [PATCH] lib: Disable 5-level page tables when using -cpu max
In https://bugzilla.redhat.com/show_bug.cgi?id=2082806 we've been
tracking an insidious qemu bug which intermittently prevents the
libguestfs appliance from starting. The symptoms are that SeaBIOS
starts and displays its messages, but the kernel isn't reached. We
found that the kernel does in fact start, but when it tries to set up
page tables and jump to protected mode it gets a triple fault which
causes the emulated CPU in qemu to reset (qemu exits).
This seems to only affect TCG (not KVM).
Yesterday I found that this is caused by using -cpu max which enables
the "la57" feature (5-level page tables[0]), and that we can make the
problem go away using -cpu max,la57=off. Note that I still don't
fully understand the qemu bug, so this is only a workaround.
I chose to disable 5-level page tables for both TCG and KVM, partly to
make the patch simpler, and partly because I guess it's not a feature
(ie. 57 bit linear addresses) that is useful for the libguestfs
appliance case, where we have limited physical memory and no need to
run any programs with huge address spaces.
I tested this by running both the direct & libvirt paths overnight. I
expect that this patch will fail with old qemu/libvirt which doesn't
understand the "la57" feature, but this is only intended as a
temporary workaround.
[0] Article about 5-level page tables as background:
https://lwn.net/Articles/717293/
Thanks: Laszlo Ersek
Fixes: https://answers.launchpad.net/ubuntu/+source/libguestfs/+question/701625
[RHEL 8.7: Patch is not upstream. This is the initial patch as posted
to the mailing list here:
https://listman.redhat.com/archives/libguestfs/2022-May/028853.html]
---
lib/launch-direct.c | 15 +++++++++++++--
lib/launch-libvirt.c | 7 +++++++
2 files changed, 20 insertions(+), 2 deletions(-)
diff --git a/lib/launch-direct.c b/lib/launch-direct.c
index de17d2167..6b28e4724 100644
--- a/lib/launch-direct.c
+++ b/lib/launch-direct.c
@@ -534,8 +534,19 @@ launch_direct (guestfs_h *g, void *datav, const char *arg)
} end_list ();
cpu_model = guestfs_int_get_cpu_model (has_kvm && !force_tcg);
- if (cpu_model)
- arg ("-cpu", cpu_model);
+ if (cpu_model) {
+#if defined(__x86_64__)
+ /* Temporary workaround for RHBZ#2082806 */
+ if (STREQ (cpu_model, "max")) {
+ start_list ("-cpu") {
+ append_list (cpu_model);
+ append_list ("la57=off");
+ } end_list ();
+ }
+ else
+#endif
+ arg ("-cpu", cpu_model);
+ }
if (g->smp > 1)
arg_format ("-smp", "%d", g->smp);
diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c
index db619910f..bad4a54ea 100644
--- a/lib/launch-libvirt.c
+++ b/lib/launch-libvirt.c
@@ -1172,6 +1172,13 @@ construct_libvirt_xml_cpu (guestfs_h *g,
else if (STREQ (cpu_model, "max")) {
/* https://bugzilla.redhat.com/show_bug.cgi?id=1935572#c11 */
attribute ("mode", "maximum");
+#if defined(__x86_64__)
+ /* Temporary workaround for RHBZ#2082806 */
+ start_element ("feature") {
+ attribute ("policy", "disable");
+ attribute ("name", "la57");
+ } end_element ();
+#endif
}
else
single_element ("model", cpu_model);
--
2.31.1

103
SOURCES/0023-docs-guestfs-security-document-CVE-2022-2211.patch
View File

@ -1,103 +0,0 @@
From 22d779d5982dc82d629710d41973ed6545707bd9 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Tue, 28 Jun 2022 13:54:16 +0200
Subject: [PATCH] docs/guestfs-security: document CVE-2022-2211
Short log for the common submodule, commit range
f8de5508fe75..35467027f657:
Laszlo Ersek (2):
mlcustomize: factor out pkg install/update/uninstall from guestfs-tools
options: fix buffer overflow in get_keys() [CVE-2022-2211]
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1809453
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2100862
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20220628115418.5376-2-lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
Cherry picked from commit 99844660b48ed809e37378262c65d63df6ce4a53.
For the cherry pick I only added one submodule commit:
options: fix buffer overflow in get_keys() [CVE-2022-2211]
---
common | 2 +-
docs/guestfs-security.pod | 28 ++++++++++++++++++++++++++++
2 files changed, 29 insertions(+), 1 deletion(-)
Submodule common be09523d6..1174b443a:
diff --git a/common/options/keys.c b/common/options/keys.c
index 798315c..d27a712 100644
--- a/common/options/keys.c
+++ b/common/options/keys.c
@@ -128,17 +128,23 @@ read_first_line_from_file (const char *filename)
char **
get_keys (struct key_store *ks, const char *device, const char *uuid)
{
- size_t i, j, len;
+ size_t i, j, nmemb;
char **r;
char *s;
/* We know the returned list must have at least one element and not
* more than ks->nr_keys.
*/
- len = 1;
- if (ks)
- len = MIN (1, ks->nr_keys);
- r = calloc (len+1, sizeof (char *));
+ nmemb = 1;
+ if (ks && ks->nr_keys > nmemb)
+ nmemb = ks->nr_keys;
+
+ /* make room for the terminating NULL */
+ if (nmemb == (size_t)-1)
+ error (EXIT_FAILURE, 0, _("size_t overflow"));
+ nmemb++;
+
+ r = calloc (nmemb, sizeof (char *));
if (r == NULL)
error (EXIT_FAILURE, errno, "calloc");
diff --git a/docs/guestfs-security.pod b/docs/guestfs-security.pod
index 9ceef5623..efa35b29d 100644
--- a/docs/guestfs-security.pod
+++ b/docs/guestfs-security.pod
@@ -406,6 +406,34 @@ The libvirt backend is not affected.
The solution is to update qemu to a version containing the fix (see
L<https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg01012.html>).
+=head2 CVE-2022-2211
+
+L<https://bugzilla.redhat.com/CVE-2022-2211>
+
+The C<get_keys> function in F<libguestfs-common/options/keys.c> collects
+those I<--key> options from the command line into a new array that match
+a particular block device that's being decrypted for inspection. The
+function intends to size the result array such that potentially all
+I<--key> options, plus a terminating C<NULL> element, fit into it. The
+code mistakenly uses the C<MIN> macro instead of C<MAX>, and therefore
+only one element is allocated before the C<NULL> terminator.
+
+Passing precisely two I<--key ID:...> options on the command line for
+the encrypted block device C<ID> causes C<get_keys> to overwrite the
+terminating C<NULL>, leading to an out-of-bounds read in
+C<decrypt_mountables>, file F<libguestfs-common/options/decrypt.c>.
+
+Passing more than two I<--key ID:...> options on the command line for
+the encrypted block device C<ID> causes C<get_keys> itself to perform
+out-of-bounds writes. The most common symptom is a crash with C<SIGSEGV>
+later on.
+
+This issue affects -- broadly speaking -- all libguestfs-based utilities
+that accept I<--key>, namely: C<guestfish>, C<guestmount>, C<virt-cat>,
+C<virt-customize>, C<virt-diff>, C<virt-edit>, C<virt-get-kernel>,
+C<virt-inspector>, C<virt-log>, C<virt-ls>, C<virt-sparsify>,
+C<virt-sysprep>, C<virt-tail>, C<virt-v2v>.
+
=head1 SEE ALSO
L<guestfs(3)>,
--
2.31.1

15
SOURCES/README-replacement.in
View File

@ -8,8 +8,7 @@ list:
http://www.redhat.com/mailman/listinfo/libguestfs http://www.redhat.com/mailman/listinfo/libguestfs
This Red Hat Enterprise Linux package comes with a lot of help and This package comes with a lot of help and examples to get you started.
examples to get you started.
The first place to start are the manual pages. Type: The first place to start are the manual pages. Type:
@ -20,19 +19,19 @@ The first place to start are the manual pages. Type:
man virt-cat # and other virt-* tools man virt-cat # and other virt-* tools
If you install the libguestfs-devel package, then in the If you install the libguestfs-devel package, then in the
/usr/share/doc/libguestfs-devel/ directory you will also /usr/share/doc/libguestfs-devel/ directory you will find other
find: documentation including:
- BUGS: list of open bugs in this version - BUGS: list of open bugs in this version
- ChangeLog: the detailed list of changes in this version - ChangeLog.gz: the detailed list of changes in this version
- ROADMAP: the roadmap for future versions - HACKING: how to extend libguestfs
- TODO: ideas for extending libguestfs - TODO: ideas for extending libguestfs
- *.c: example C programs using the API - *.c: example C programs using the API
- *.xml: example virt-inspector output - *.xml.gz: example virt-inspector output (compressed)
- *.rng: virt-inspector RelaxNG schema - virt-inspector.rng: virt-inspector RelaxNG schema

28
SOURCES/copy-patches.sh
View File

@ -6,24 +6,29 @@ set -e
# directory. Use it like this: # directory. Use it like this:
# ./copy-patches.sh # ./copy-patches.sh
rhel_version=8.7.0 project=libguestfs
rhel_version=9.3
# Check we're in the right directory. # Check we're in the right directory.
if [ ! -f libguestfs.spec ]; then if [ ! -f $project.spec ]; then
echo "$0: run this from the directory containing 'libguestfs.spec'" echo "$0: run this from the directory containing '$project.spec'"
exit 1 exit 1
fi fi
git_checkout=$HOME/d/libguestfs-rhel-$rhel_version case `id -un` in
rjones) git_checkout=$HOME/d/$project-rhel-$rhel_version ;;
lacos) git_checkout=$HOME/src/v2v/$project ;;
*) git_checkout=$HOME/d/$project-rhel-$rhel_version ;;
esac
if [ ! -d $git_checkout ]; then if [ ! -d $git_checkout ]; then
echo "$0: $git_checkout does not exist" echo "$0: $git_checkout does not exist"
echo "This script is only for use by the maintainer when preparing a" echo "This script is only for use by the maintainer when preparing a"
echo "libguestfs release on RHEL." echo "$project release on RHEL."
exit 1 exit 1
fi fi
# Get the base version of libguestfs. # Get the base version of the project.
version=`grep '^Version:' libguestfs.spec | awk '{print $2}'` version=`grep '^Version:' $project.spec | awk '{print $2}'`
tag="v$version" tag="v$version"
# Remove any existing patches. # Remove any existing patches.
@ -31,7 +36,12 @@ git rm -f [0-9]*.patch ||:
rm -f [0-9]*.patch rm -f [0-9]*.patch
# Get the patches. # Get the patches.
(cd $git_checkout; rm -f [0-9]*.patch; git format-patch -N --submodule=diff $tag) (
cd $git_checkout
rm -f [0-9]*.patch
git -c core.abbrev=8 format-patch -O/dev/null --subject-prefix=PATCH -N \
--submodule=diff --no-signature --patience $tag
)
mv $git_checkout/[0-9]*.patch . mv $git_checkout/[0-9]*.patch .
# Remove any not to be applied. # Remove any not to be applied.
@ -42,7 +52,7 @@ git add [0-9]*.patch
# Print out the patch lines. # Print out the patch lines.
echo echo
echo "--- Copy the following text into libguestfs.spec file" echo "--- Copy the following text into $project.spec file"
echo echo
echo "# Patches." echo "# Patches."

17
SOURCES/libguestfs-1.44.0.tar.gz.sig
View File

@ -1,17 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQJFBAABCAAvFiEE93dPsa0HSn6Mh2fqkXOPc+G3aKAFAl/1jrcRHHJpY2hAYW5u
ZXhpYS5vcmcACgkQkXOPc+G3aKCBcQ/+JwE8JTm3PdTPGoKxCqSgAOirbqE4ZvMY
p/3y5mexagcWXx6X2Y+u6dlybS06jFR8TkbjdE3VAhhJo0C8l1vfvUTWKVDZoBhG
3jZ6e+exff3VEUY4nFIVvYPNP+/J1BCiexMO0/2f1MDKwnJ73je9GlzwPEpdqPj/
jSxaAy1G/rA5qV5rWQd4n5S9m8zRnf1lnM7YI7I0PunC2Wt/U6BZidL/FVVWVBxV
DGKTIy7GgWnfGWdqJ+Wi9o9QCJH/9FGTP35xonyQEM/7GI+jLz+a9g2xgvv584Ni
FF0Gqywrp5QFd13Nj3MPM7MXjGjUY5vB964k3mgE4fH91CnVvisRWfUCCo+c/9wG
odS0YTrveWJpm0oYU2tL3AjahRclskAxXEIxx9kbnWMUTrpXG0r8G4+vE+estCjb
mbyK5FQh2KASqNgmeopjK9DAEwD7SfPyHmPQ07Q76Pgl8X+FfBX2uyXBjaR5IJJJ
qVVamdVtPilqwWqQ8hGkKE0qVKqZHGCOJ8+AkQjHjUtSVegT6zHmCG/bM4im1dGV
r9fv6oQ7kWViz8mBluoETWr5sd2AfLOdLS8A42JaOnU7ASJUX/9eN0Y9u4BYC9P3
l+QXikyq6T/4iC+tADOYGBr9uNitksLwSSUYScpnN+4AY+M+qjXTBq38MEHmwcgK
5mwscgQefcY=
=UrAA
-----END PGP SIGNATURE-----

17
SOURCES/libguestfs-1.48.4.tar.gz.sig Normal file
View File

@ -0,0 +1,17 @@
-----BEGIN PGP SIGNATURE-----
iQJFBAABCAAvFiEE93dPsa0HSn6Mh2fqkXOPc+G3aKAFAmLFql8RHHJpY2hAYW5u
ZXhpYS5vcmcACgkQkXOPc+G3aKAV2hAAzOcZseFTUFFoj4M5riqXqtBN3W+fr/O7
v0wzJ9sY31Ftk8KFKKgpwOn4UFXYMPXY7Hm94GRAYjYBAtx9Viyyt7B6PbV7mVZ0
WHLlZcg3ZsliF23s3EoHfgTGFfKLkjDwfPlmChC260Ffhq4KKvnwu/DobY/CDLHG
0cvrjb0OOYibBGbq58AHYR6QlVH/ScAuLSA1aRAd06bbpixufRR1oh1MtFA1iSvC
yjNH0joLFiu0uuD7KFH66YX2nFNrO24r0LxJkwT5G7GHlZJStJUpvs/QHa8Tw5Zt
Z1JMk9yB9EMPYimdVDm7m6eDBxTx8YbF7u6G8JdHRXgAPBt4O09XX7WGxxmh9Dc4
M+QkpiubEOG6qwBythJJ6sTSRLKIAPeVfHEOauXg8n45Tbk5jYwthMKbnD9ETb3t
QKdMr5g+DZUO0LfbOvP0GtD+b1jK4iu4BcWDquQBXpDTbx7LUfSuTDrWItehEnBp
/K6FRbakNZEroLR5VA9WAa6sE+2B3gg1OG+KHypHuw4hfpmutvVA8wnPgyw3j+WK
xdcRp65NUMUkKRE/FTwp1MkY1Y2S9M9iAPX+CopdHPVoq9O2YE+K6Rv1EdJjmKZK
EwLzX08Xcj9T/U9GEfV+QdIzitCuxf7x9ULEDcFozFnuHXww+JLdR0EmIDkUwl7C
Z0KKsy18Eq8=
=WB1H
-----END PGP SIGNATURE-----

17
SOURCES/libguestfs-1.50.1.tar.gz.sig Normal file
View File

@ -0,0 +1,17 @@
-----BEGIN PGP SIGNATURE-----
iQJFBAABCAAvFiEE93dPsa0HSn6Mh2fqkXOPc+G3aKAFAmP1QzoRHHJpY2hAYW5u
ZXhpYS5vcmcACgkQkXOPc+G3aKCAEBAAimQxT37HMWTHOqvj4s6ipOhDCNPlqo4L
z+syvIkgbp024IOPUbrlmSCtrCFiLXsRmmenynFv66N8GXoWmJruyJMyvBxsupZT
lTo7WdCEix/xPh/LAb8Q9RWA2SQYfkOKHRs/gr4b/LbtXBklMlcOdhegx3Mml4SW
gwK5n799YebUVgzYch5hWjHcRAphPaUdMyaJ6MUnFrfUPyGK2QO1yXdnGxkseAPz
srjlhFqu5kNojWzcaNcdHBdKvJVEZo7L6laADRS31sRH0BGVc6/DFJgOPdxROGJe
oeq3Oo1EF88P15NSTNZSXLa65n9kts2OnqRgX/c3njV9+1/JPHJWVM+VezuCcN8D
hHktHVOBjM209N5RmLtR92eROvo1aTrgjsLqOTvwbKBu7NrPc4ZICnX7dMjD6irj
vQz0P5MUmELMvdEN3FMGf45v77z+249e1z+5EGi2HUPKLfxd+I3+2mxUm2xjWOy/
zNzkG2rCgYRB8Tioj6Mw80RYKioRyu8p5lUZvvLk85CJbT4BFH8rXgJbrEBOSunE
lWEcv690GzyszAN8zKZaIqhNzIKdlkQZAd1DMXfNBEfAy23YHRApB1O2EFhNAjAf
yEsUjpiYc0pq64QiCPGzUp4iLfMt9hg4ey5Pquud/j6cfvJ3ak5gZECbFnbUjysZ
YYpwSgy/FVI=
=OPC/
-----END PGP SIGNATURE-----

3565
SPECS/libguestfs.spec
View File

File diff suppressed because it is too large Load Diff