Compare commits

...

No commits in common. 'c8-stream-rhel' and 'c9-beta' have entirely different histories.

2
.gitignore vendored

@ -1,2 +1,2 @@
SOURCES/libguestfs-1.44.0.tar.gz
SOURCES/libguestfs-1.50.1.tar.gz
SOURCES/libguestfs.keyring

@ -1,2 +1,2 @@
99d241dc4a5ba0dc6111954ed7a872e0b0bb6944 SOURCES/libguestfs-1.44.0.tar.gz
b2ccc62a61d43917d982bb380709cd283fda465a SOURCES/libguestfs-1.50.1.tar.gz
1bbc40f501a7fef9eef2a39b701a71aee2fea7c4 SOURCES/libguestfs.keyring

@ -1,56 +0,0 @@
From 5b6d2b05fe0c4035b9791a751e3133d26c7baa2d Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Fri, 21 Dec 2012 15:50:11 +0000
Subject: [PATCH] RHEL 8: Remove libguestfs live (RHBZ#798980).
This isn't supported in RHEL 8.
Disable daemon tests that require the 'unix' backend.
---
lib/launch-unix.c | 7 +++++++
tests/daemon/Makefile.am | 4 +---
2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/lib/launch-unix.c b/lib/launch-unix.c
index 0d344f9df..74dd1bb4a 100644
--- a/lib/launch-unix.c
+++ b/lib/launch-unix.c
@@ -37,6 +37,12 @@
static int
launch_unix (guestfs_h *g, void *datav, const char *sockpath)
{
+ error (g,
+ "launch: In RHEL, only the 'libvirt' or 'direct' method is supported.\n"
+ "In particular, \"libguestfs live\" is not supported.");
+ return -1;
+
+#if 0
int r, daemon_sock = -1;
struct sockaddr_un addr;
uint32_t size;
@@ -106,6 +112,7 @@ launch_unix (guestfs_h *g, void *datav, const char *sockpath)
g->conn = NULL;
}
return -1;
+#endif
}
static int
diff --git a/tests/daemon/Makefile.am b/tests/daemon/Makefile.am
index 921e6d1df..8b2887247 100644
--- a/tests/daemon/Makefile.am
+++ b/tests/daemon/Makefile.am
@@ -23,9 +23,7 @@ include $(top_srcdir)/subdir-rules.mk
check_DATA = captive-daemon.pm
-TESTS = \
- test-daemon-start.pl \
- test-btrfs.pl
+TESTS =
TESTS_ENVIRONMENT = $(top_builddir)/run --test
--
2.31.1

@ -1,330 +0,0 @@
From 91b2a6e50211c58ea31a36351ec63c358f708bf9 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Thu, 18 Jul 2013 18:31:53 +0100
Subject: [PATCH] RHEL 8: Remove 9p APIs from RHEL (RHBZ#921710).
---
Makefile.am | 2 +-
daemon/9p.c | 182 --------------------------------------
daemon/Makefile.am | 1 -
docs/C_SOURCE_FILES | 1 -
generator/actions_core.ml | 21 -----
generator/proc_nr.ml | 2 -
gobject/Makefile.inc | 2 -
po/POTFILES | 2 -
8 files changed, 1 insertion(+), 212 deletions(-)
delete mode 100644 daemon/9p.c
diff --git a/Makefile.am b/Makefile.am
index 3df1b6a7a..36e44dfd5 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -78,7 +78,7 @@ SUBDIRS += tests/xfs
SUBDIRS += tests/charsets
SUBDIRS += tests/xml
SUBDIRS += tests/mount-local
-SUBDIRS += tests/9p
+#SUBDIRS += tests/9p
SUBDIRS += tests/rsync
SUBDIRS += tests/bigdirs
SUBDIRS += tests/disk-labels
diff --git a/daemon/9p.c b/daemon/9p.c
deleted file mode 100644
index 743a96abd..000000000
--- a/daemon/9p.c
+++ /dev/null
@@ -1,182 +0,0 @@
-/* libguestfs - the guestfsd daemon
- * Copyright (C) 2011 Red Hat Inc.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- */
-
-#include <config.h>
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <limits.h>
-#include <errno.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <dirent.h>
-#include <fcntl.h>
-
-#include "ignore-value.h"
-
-#include "daemon.h"
-#include "actions.h"
-
-#define BUS_PATH "/sys/bus/virtio/drivers/9pnet_virtio"
-
-static void
-modprobe_9pnet_virtio (void)
-{
- /* Required with Linux 5.6 and maybe earlier kernels. For unclear
- * reasons the module is not an automatic dependency of the 9p
- * module so doesn't get loaded automatically.
- */
- ignore_value (command (NULL, NULL, "modprobe", "9pnet_virtio", NULL));
-}
-
-/* https://bugzilla.redhat.com/show_bug.cgi?id=714981#c1 */
-char **
-do_list_9p (void)
-{
- CLEANUP_FREE_STRINGSBUF DECLARE_STRINGSBUF (r);
- DIR *dir;
-
- modprobe_9pnet_virtio ();
-
- dir = opendir (BUS_PATH);
- if (!dir) {
- perror ("opendir: " BUS_PATH);
- if (errno != ENOENT) {
- reply_with_perror ("opendir: " BUS_PATH);
- return NULL;
- }
-
- /* If this directory doesn't exist, it probably means that
- * the virtio driver isn't loaded. Don't return an error
- * in this case, but return an empty list.
- */
- if (end_stringsbuf (&r) == -1)
- return NULL;
-
- return take_stringsbuf (&r);
- }
-
- while (1) {
- struct dirent *d;
-
- errno = 0;
- d = readdir (dir);
- if (d == NULL) break;
-
- if (STRPREFIX (d->d_name, "virtio")) {
- CLEANUP_FREE char *mount_tag_path = NULL;
- if (asprintf (&mount_tag_path, BUS_PATH "/%s/mount_tag",
- d->d_name) == -1) {
- reply_with_perror ("asprintf");
- closedir (dir);
- return NULL;
- }
-
- /* A bit unclear, but it looks like the virtio transport allows
- * the mount tag length to be unlimited (or up to 65536 bytes).
- * See: linux/include/linux/virtio_9p.h
- */
- CLEANUP_FREE char *mount_tag = read_whole_file (mount_tag_path, NULL);
- if (mount_tag == 0)
- continue;
-
- if (add_string (&r, mount_tag) == -1) {
- closedir (dir);
- return NULL;
- }
- }
- }
-
- /* Check readdir didn't fail */
- if (errno != 0) {
- reply_with_perror ("readdir: /sys/block");
- closedir (dir);
- return NULL;
- }
-
- /* Close the directory handle */
- if (closedir (dir) == -1) {
- reply_with_perror ("closedir: /sys/block");
- return NULL;
- }
-
- /* Sort the tags. */
- if (r.size > 0)
- sort_strings (r.argv, r.size);
-
- /* NULL terminate the list */
- if (end_stringsbuf (&r) == -1)
- return NULL;
-
- return take_stringsbuf (&r);
-}
-
-/* Takes optional arguments, consult optargs_bitmask. */
-int
-do_mount_9p (const char *mount_tag, const char *mountpoint, const char *options)
-{
- CLEANUP_FREE char *mp = NULL, *opts = NULL, *err = NULL;
- struct stat statbuf;
- int r;
-
- ABS_PATH (mountpoint, 0, return -1);
-
- mp = sysroot_path (mountpoint);
- if (!mp) {
- reply_with_perror ("malloc");
- return -1;
- }
-
- /* Check the mountpoint exists and is a directory. */
- if (stat (mp, &statbuf) == -1) {
- reply_with_perror ("%s", mountpoint);
- return -1;
- }
- if (!S_ISDIR (statbuf.st_mode)) {
- reply_with_perror ("%s: mount point is not a directory", mountpoint);
- return -1;
- }
-
- /* Add trans=virtio to the options. */
- if ((optargs_bitmask & GUESTFS_MOUNT_9P_OPTIONS_BITMASK) &&
- STRNEQ (options, "")) {
- if (asprintf (&opts, "trans=virtio,%s", options) == -1) {
- reply_with_perror ("asprintf");
- return -1;
- }
- }
- else {
- opts = strdup ("trans=virtio");
- if (opts == NULL) {
- reply_with_perror ("strdup");
- return -1;
- }
- }
-
- modprobe_9pnet_virtio ();
- r = command (NULL, &err,
- "mount", "-o", opts, "-t", "9p", mount_tag, mp, NULL);
- if (r == -1) {
- reply_with_error ("%s on %s: %s", mount_tag, mountpoint, err);
- return -1;
- }
-
- return 0;
-}
diff --git a/daemon/Makefile.am b/daemon/Makefile.am
index 038be592c..df9dcc4ee 100644
--- a/daemon/Makefile.am
+++ b/daemon/Makefile.am
@@ -82,7 +82,6 @@ guestfsd_SOURCES = \
../common/protocol/guestfs_protocol.h \
../common/utils/cleanups.h \
../common/utils/guestfs-utils.h \
- 9p.c \
acl.c \
actions.h \
available.c \
diff --git a/docs/C_SOURCE_FILES b/docs/C_SOURCE_FILES
index cd5bd2924..831b7e25a 100644
--- a/docs/C_SOURCE_FILES
+++ b/docs/C_SOURCE_FILES
@@ -63,7 +63,6 @@ common/windows/windows.c
common/windows/windows.h
customize/crypt-c.c
customize/perl_edit-c.c
-daemon/9p.c
daemon/acl.c
daemon/actions.h
daemon/augeas.c
diff --git a/generator/actions_core.ml b/generator/actions_core.ml
index 806565b19..37476c93e 100644
--- a/generator/actions_core.ml
+++ b/generator/actions_core.ml
@@ -6157,27 +6157,6 @@ This returns true iff the device exists and contains all zero bytes.
Note that for large devices this can take a long time to run." };
- { defaults with
- name = "list_9p"; added = (1, 11, 12);
- style = RStringList (RPlainString, "mounttags"), [], [];
- shortdesc = "list 9p filesystems";
- longdesc = "\
-List all 9p filesystems attached to the guest. A list of
-mount tags is returned." };
-
- { defaults with
- name = "mount_9p"; added = (1, 11, 12);
- style = RErr, [String (PlainString, "mounttag"); String (PlainString, "mountpoint")], [OString "options"];
- camel_name = "Mount9P";
- shortdesc = "mount 9p filesystem";
- longdesc = "\
-Mount the virtio-9p filesystem with the tag C<mounttag> on the
-directory C<mountpoint>.
-
-If required, C<trans=virtio> will be automatically added to the options.
-Any other options required can be passed in the optional C<options>
-parameter." };
-
{ defaults with
name = "list_dm_devices"; added = (1, 11, 15);
style = RStringList (RDevice, "devices"), [], [];
diff --git a/generator/proc_nr.ml b/generator/proc_nr.ml
index 30e42864f..57976be36 100644
--- a/generator/proc_nr.ml
+++ b/generator/proc_nr.ml
@@ -295,8 +295,6 @@ let proc_nr = [
282, "internal_autosync";
283, "is_zero";
284, "is_zero_device";
-285, "list_9p";
-286, "mount_9p";
287, "list_dm_devices";
288, "ntfsresize";
289, "btrfs_filesystem_resize";
diff --git a/gobject/Makefile.inc b/gobject/Makefile.inc
index 650f8ddac..c4e735967 100644
--- a/gobject/Makefile.inc
+++ b/gobject/Makefile.inc
@@ -94,7 +94,6 @@ guestfs_gobject_headers= \
include/guestfs-gobject/optargs-mksquashfs.h \
include/guestfs-gobject/optargs-mkswap.h \
include/guestfs-gobject/optargs-mktemp.h \
- include/guestfs-gobject/optargs-mount_9p.h \
include/guestfs-gobject/optargs-mount_local.h \
include/guestfs-gobject/optargs-ntfsclone_out.h \
include/guestfs-gobject/optargs-ntfsfix.h \
@@ -188,7 +187,6 @@ guestfs_gobject_sources= \
src/optargs-mksquashfs.c \
src/optargs-mkswap.c \
src/optargs-mktemp.c \
- src/optargs-mount_9p.c \
src/optargs-mount_local.c \
src/optargs-ntfsclone_out.c \
src/optargs-ntfsfix.c \
diff --git a/po/POTFILES b/po/POTFILES
index 69ea7134a..0782e8ceb 100644
--- a/po/POTFILES
+++ b/po/POTFILES
@@ -47,7 +47,6 @@ common/visit/visit.c
common/windows/windows.c
customize/crypt-c.c
customize/perl_edit-c.c
-daemon/9p.c
daemon/acl.c
daemon/augeas.c
daemon/available.c
@@ -277,7 +276,6 @@ gobject/src/optargs-mkfs_btrfs.c
gobject/src/optargs-mksquashfs.c
gobject/src/optargs-mkswap.c
gobject/src/optargs-mktemp.c
-gobject/src/optargs-mount_9p.c
gobject/src/optargs-mount_local.c
gobject/src/optargs-ntfsclone_out.c
gobject/src/optargs-ntfsfix.c
--
2.31.1

@ -0,0 +1,37 @@
From 89b6c8b458dcb00de83b543c47a6acb049f63f18 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Tue, 21 Mar 2023 16:55:15 +0100
Subject: [PATCH] update common submodule
HATAYAMA Daisuke (1):
progress: fix segmentation fault when TERM variable is "dumb"
Laszlo Ersek (2):
detect_kernels: tighten "try" scope
detect_kernels: deal with RHEL's kernel-core / kernel-modules-core split
rwmjones (1):
Merge pull request #5 from d-hatayama/fix_segfault_progress_bar
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2175703
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit be11d25b3e2770d86699e94c5087e6625477d5ec)
---
common | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Submodule common 360e037d..70c10a07:
diff --git a/common/progress/progress.c b/common/progress/progress.c
index 4d52b97e..e4b30663 100644
--- a/common/progress/progress.c
+++ b/common/progress/progress.c
@@ -318,7 +318,8 @@ progress_bar_set (struct progress_bar *bar,
* (b) it's just not possible to use tputs in a sane way here.
*/
/*tputs (UP, 2, putchar);*/
- fprintf (fp, "%s", UP);
+ if (UP)
+ fprintf (fp, "%s", UP);
}
bar->count++;

@ -0,0 +1,63 @@
From e58cd8df467e342463d08e3d761c2e322287b13e Mon Sep 17 00:00:00 2001
From: Andrey Drobyshev <andrey.drobyshev@virtuozzo.com>
Date: Wed, 26 Apr 2023 15:59:44 +0300
Subject: [PATCH] daemon/selinux-relabel: don't exclude "/selinux" if it's
non-existent
Since RHBZ#726528, filesystem.rpm doesn't include /selinux. setfiles
then gives us the warning: "Can't stat exclude path "/sysroot/selinux",
No such file or directory - ignoring."
Though the warning is harmless, let's get rid of it by checking the
existence of /selinux directory.
Signed-off-by: Andrey Drobyshev <andrey.drobyshev@virtuozzo.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 9ced5fac8c1f0f8ff7ed2b5671c1c7f5f0bfa875)
---
daemon/selinux-relabel.c | 16 +++++++++++++++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/daemon/selinux-relabel.c b/daemon/selinux-relabel.c
index 976cffe3..454486c1 100644
--- a/daemon/selinux-relabel.c
+++ b/daemon/selinux-relabel.c
@@ -21,6 +21,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <sys/stat.h>
#include "guestfs_protocol.h"
#include "daemon.h"
@@ -37,6 +38,17 @@ optgroup_selinuxrelabel_available (void)
return prog_exists ("setfiles");
}
+static int
+dir_exists (const char *dir)
+{
+ struct stat statbuf;
+
+ if (stat (dir, &statbuf) == 0 && S_ISDIR (statbuf.st_mode))
+ return 1;
+ else
+ return 0;
+}
+
static int
setfiles_has_option (int *flag, char opt_char)
{
@@ -99,8 +111,10 @@ do_selinux_relabel (const char *specfile, const char *path,
*/
ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_dev);
ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_proc);
- ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_selinux);
ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_sys);
+ if (dir_exists (s_selinux)) {
+ ADD_ARG (argv, i, "-e"); ADD_ARG (argv, i, s_selinux);
+ }
/* You have to use the -m option (where available) otherwise
* setfiles puts all the mountpoints on the excludes list for no

@ -1,72 +0,0 @@
From 34f8c6a5eb0eabfba4ab1831b45e2baa73a4b501 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Fri, 19 Sep 2014 13:38:20 +0100
Subject: [PATCH] RHEL 8: Remove User-Mode Linux (RHBZ#1144197).
This isn't supported in RHEL 8.
---
lib/launch-uml.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/lib/launch-uml.c b/lib/launch-uml.c
index 5aec50a57..8b9fcd770 100644
--- a/lib/launch-uml.c
+++ b/lib/launch-uml.c
@@ -44,7 +44,9 @@ struct backend_uml_data {
char umid[UML_UMID_LEN+1]; /* umid=<...> unique ID. */
};
+#if 0
static void print_vmlinux_command_line (guestfs_h *g, char **argv);
+#endif
/* Run uml_mkcow to create a COW overlay. */
static char *
@@ -81,6 +83,7 @@ create_cow_overlay_uml (guestfs_h *g, void *datav, struct drive *drv)
return make_cow_overlay (g, drv->src.u.path);
}
+#if 0
/* Test for features which are not supported by the UML backend.
* Possibly some of these should just be warnings, not errors.
*/
@@ -133,10 +136,17 @@ uml_supported (guestfs_h *g)
return true;
}
+#endif
static int
launch_uml (guestfs_h *g, void *datav, const char *arg)
{
+ error (g,
+ "launch: In RHEL, only the 'libvirt' or 'direct' method is supported.\n"
+ "In particular, User-Mode Linux (UML) is not supported.");
+ return -1;
+
+#if 0
struct backend_uml_data *data = datav;
CLEANUP_FREE_STRINGSBUF DECLARE_STRINGSBUF (cmdline);
int console_sock = -1, daemon_sock = -1;
@@ -496,8 +506,10 @@ launch_uml (guestfs_h *g, void *datav, const char *arg)
}
g->state = CONFIG;
return -1;
+#endif
}
+#if 0
/* This is called from the forked subprocess just before vmlinux runs,
* so it can just print the message straight to stderr, where it will
* be picked up and funnelled through the usual appliance event API.
@@ -527,6 +539,7 @@ print_vmlinux_command_line (guestfs_h *g, char **argv)
fputc ('\n', stderr);
}
+#endif
static int
shutdown_uml (guestfs_h *g, void *datav, int check_for_errors)
--
2.31.1

@ -0,0 +1,33 @@
From c1829048c598e11950c9d355fdd5c177a99e046f Mon Sep 17 00:00:00 2001
From: Andrey Drobyshev <andrey.drobyshev@virtuozzo.com>
Date: Wed, 26 Apr 2023 15:59:45 +0300
Subject: [PATCH] daemon/selinux-relabel: search for "invalid option" in
setfiles output
'X' in the setiles' stderr doesn't necessarily mean that option 'X'
doesn't exist. For instance, when passing '-T' we get: "setfiles:
option requires an argument -- 'T'".
Signed-off-by: Andrey Drobyshev <andrey.drobyshev@virtuozzo.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 152d6e4bdf2dac88856a4ff83cf73451f897d4d4)
---
daemon/selinux-relabel.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/daemon/selinux-relabel.c b/daemon/selinux-relabel.c
index 454486c1..60a6f48a 100644
--- a/daemon/selinux-relabel.c
+++ b/daemon/selinux-relabel.c
@@ -56,8 +56,9 @@ setfiles_has_option (int *flag, char opt_char)
if (*flag == -1) {
char option[] = { '-', opt_char, '\0' }; /* "-X" */
- char err_opt[] = { '\'', opt_char, '\'', '\0'}; /* "'X'" */
+ char err_opt[32]; /* "invalid option -- 'X'" */
+ snprintf(err_opt, sizeof(err_opt), "invalid option -- '%c'", opt_char);
ignore_value (command (NULL, &err, "setfiles", option, NULL));
*flag = err && strstr (err, /* "invalid option -- " */ err_opt) == NULL;
}

@ -0,0 +1,78 @@
From 3046af080baad9935627ebb671950448cfd0fa7b Mon Sep 17 00:00:00 2001
From: Andrey Drobyshev <andrey.drobyshev@virtuozzo.com>
Date: Wed, 26 Apr 2023 15:59:46 +0300
Subject: [PATCH] daemon/selinux-relabel: run setfiles with "-T 0", if
supported
Since SELinux userspace v3.4 [1], setfiles command supports "-T nthreads"
option, which allows parallel execution. "-T 0" allows using as many
threads as there're available CPU cores. This might speed up the process
of filesystem relabeling in case the appliance is being run with multiple
vCPUs. The latter is true for at least v2v starting from d2b64ecc67
("v2v: Set the number of vCPUs to same as host number of pCPUs.").
For instance, when running virt-v2v-in-place on my 12-core Xeon host
with SSD, with appliance being run with 8 vCPUs (the upper limit specified
in d2b64ecc67), and on the ~150GiB disk VM (physical size on the host),
I get the following results:
./in-place/virt-v2v-in-place -i libvirt fedora37-vm -v -x
Without this patch:
...
commandrvf: setfiles -F -e /sysroot/dev -e /sysroot/proc -e /sysroot/sys -m -C -r /sysroot -v /sysroot/etc/selinux/targeted/contexts/files/file_contexts /sysroot/^M
libguestfs: trace: v2v: selinux_relabel = 0
libguestfs: trace: v2v: rm_f "/.autorelabel"
guestfsd: => selinux_relabel (0x1d3) took 17.94 secs
...
With this patch:
...
commandrvf: setfiles -F -e /sysroot/dev -e /sysroot/proc -e /sysroot/sys -m -C -T 0 -r /sysroot -v /sysroot/etc/selinux/targeted/contexts/files/file_contexts /sysroot/^M
libguestfs: trace: v2v: selinux_relabel = 0
libguestfs: trace: v2v: rm_f "/.autorelabel"
guestfsd: => selinux_relabel (0x1d3) took 5.88 secs
...
So in my scenario it's getting 3 times faster.
[1] https://github.com/SELinuxProject/selinux/releases/tag/3.4
Signed-off-by: Andrey Drobyshev <andrey.drobyshev@virtuozzo.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit d0d8e6738477148a7b752348f9364a3b8faed67f)
---
daemon/selinux-relabel.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/daemon/selinux-relabel.c b/daemon/selinux-relabel.c
index 60a6f48a..cfc5a31d 100644
--- a/daemon/selinux-relabel.c
+++ b/daemon/selinux-relabel.c
@@ -73,6 +73,7 @@ do_selinux_relabel (const char *specfile, const char *path,
{
static int flag_m = -1;
static int flag_C = -1;
+ static int flag_T = -1;
const char *argv[MAX_ARGS];
CLEANUP_FREE char *s_dev = NULL, *s_proc = NULL, *s_selinux = NULL,
*s_sys = NULL, *s_specfile = NULL, *s_path = NULL;
@@ -131,6 +132,17 @@ do_selinux_relabel (const char *specfile, const char *path,
if (setfiles_has_option (&flag_C, 'C'))
ADD_ARG (argv, i, "-C");
+ /* If the appliance is being run with multiple vCPUs, running setfiles
+ * in multithreading mode might speeds up the process. Option "-T" was
+ * introduced in SELinux userspace v3.4, and we need to check whether it's
+ * supported. Passing "-T 0" creates as many threads as there're available
+ * vCPU cores.
+ * https://github.com/SELinuxProject/selinux/releases/tag/3.4
+ */
+ if (setfiles_has_option (&flag_T, 'T')) {
+ ADD_ARG (argv, i, "-T"); ADD_ARG (argv, i, "0");
+ }
+
/* Relabelling in a chroot. */
if (STRNEQ (sysroot, "/")) {
ADD_ARG (argv, i, "-r");

@ -1,7 +1,7 @@
From 4dd2f3f56a39411a255ad0a8f38081d46620dbd8 Mon Sep 17 00:00:00 2001
From ab7e68dbeefe464734bd63a862a36f612f76d396 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Mon, 29 Jul 2013 14:47:56 +0100
Subject: [PATCH] RHEL 8: Disable unsupported remote drive protocols
Subject: [PATCH] RHEL: Disable unsupported remote drive protocols
(RHBZ#962113).
This disables support for unsupported remote drive protocols:
@ -18,7 +18,7 @@ This disables support for unsupported remote drive protocols:
Note 'nbd' is not disabled, and of course 'file' works.
We hope to gradually add some of these back over the lifetime of RHEL 8.
We hope to gradually add some of these back over the lifetime of RHEL.
---
docs/guestfs-testing.pod | 20 -----
fish/guestfish.pod | 66 ++--------------
@ -31,7 +31,7 @@ We hope to gradually add some of these back over the lifetime of RHEL 8.
8 files changed, 16 insertions(+), 348 deletions(-)
diff --git a/docs/guestfs-testing.pod b/docs/guestfs-testing.pod
index f558964bf..8f264ed17 100644
index 47f381a7..c7b44928 100644
--- a/docs/guestfs-testing.pod
+++ b/docs/guestfs-testing.pod
@@ -109,26 +109,6 @@ image. To exit, type C<exit>.
@ -62,7 +62,7 @@ index f558964bf..8f264ed17 100644
Run L<virt-alignment-scan(1)> on guests or disk images:
diff --git a/fish/guestfish.pod b/fish/guestfish.pod
index 9f086f110..bb4167b06 100644
index ccc0825b..d36cac9d 100644
--- a/fish/guestfish.pod
+++ b/fish/guestfish.pod
@@ -131,9 +131,9 @@ To list what is available do:
@ -77,7 +77,7 @@ index 9f086f110..bb4167b06 100644
=head2 Remote control
@@ -1134,12 +1134,12 @@ L<guestfs(3)/REMOTE STORAGE>>.
@@ -1129,12 +1129,12 @@ L<guestfs(3)/REMOTE STORAGE>>.
On the command line, you can use the I<-a> option to add network
block devices using a URI-style format, for example:
@ -92,7 +92,7 @@ index 9f086f110..bb4167b06 100644
The possible I<-a URI> formats are described below.
@@ -1149,40 +1149,6 @@ The possible I<-a URI> formats are described below.
@@ -1144,40 +1144,6 @@ The possible I<-a URI> formats are described below.
Add the local disk image (or device) called F<disk.img>.
@ -133,7 +133,7 @@ index 9f086f110..bb4167b06 100644
=head2 B<-a nbd://example.com[:port]>
=head2 B<-a nbd://example.com[:port]/exportname>
@@ -1217,35 +1183,13 @@ The equivalent API command would be:
@@ -1212,35 +1178,13 @@ The equivalent API command would be:
><fs> add pool/disk protocol:rbd server:tcp:example.com:port
@ -171,7 +171,7 @@ index 9f086f110..bb4167b06 100644
In this case, the password is C<pass@word>.
diff --git a/fish/test-add-uri.sh b/fish/test-add-uri.sh
index 21d424984..ddabeb639 100755
index 21d42498..ddabeb63 100755
--- a/fish/test-add-uri.sh
+++ b/fish/test-add-uri.sh
@@ -40,14 +40,6 @@ function fail ()
@ -220,10 +220,10 @@ index 21d424984..ddabeb639 100755
rm test-add-uri.out
rm test-add-uri.img
diff --git a/generator/actions_core.ml b/generator/actions_core.ml
index 37476c93e..9f0402510 100644
index c8d9949b..26c576c7 100644
--- a/generator/actions_core.ml
+++ b/generator/actions_core.ml
@@ -297,29 +297,6 @@ F<filename> is interpreted as a local file or device.
@@ -350,29 +350,6 @@ F<filename> is interpreted as a local file or device.
This is the default if the optional protocol parameter
is omitted.
@ -253,7 +253,7 @@ index 37476c93e..9f0402510 100644
=item C<protocol = \"nbd\">
Connect to the Network Block Device server.
@@ -336,22 +313,6 @@ The C<secret> parameter may be supplied. See below.
@@ -389,22 +366,6 @@ The C<secret> parameter may be supplied. See below.
See also: L<guestfs(3)/CEPH>.
@ -276,7 +276,7 @@ index 37476c93e..9f0402510 100644
=back
=item C<server>
@@ -362,13 +323,8 @@ is a list of server(s).
@@ -415,13 +376,8 @@ is a list of server(s).
Protocol Number of servers required
-------- --------------------------
file List must be empty or param not used at all
@ -290,7 +290,7 @@ index 37476c93e..9f0402510 100644
Each list element is a string specifying a server. The string must be
in one of the following formats:
@@ -384,10 +340,10 @@ for the protocol is used (see F</etc/services>).
@@ -437,10 +393,10 @@ for the protocol is used (see F</etc/services>).
=item C<username>
@ -305,10 +305,10 @@ index 37476c93e..9f0402510 100644
example if using the libvirt backend and if the libvirt backend is configured to
start the qemu appliance as a special user such as C<qemu.qemu>. If in doubt,
diff --git a/lib/drives.c b/lib/drives.c
index 46af66db4..c81ded5d7 100644
index c5a20846..efb28925 100644
--- a/lib/drives.c
+++ b/lib/drives.c
@@ -168,6 +168,7 @@ create_drive_non_file (guestfs_h *g,
@@ -166,6 +166,7 @@ create_drive_non_file (guestfs_h *g,
return drv;
}
@ -316,7 +316,7 @@ index 46af66db4..c81ded5d7 100644
static struct drive *
create_drive_curl (guestfs_h *g,
const struct drive_create_data *data)
@@ -226,6 +227,7 @@ create_drive_gluster (guestfs_h *g,
@@ -224,6 +225,7 @@ create_drive_gluster (guestfs_h *g,
return create_drive_non_file (g, data);
}
@ -324,7 +324,7 @@ index 46af66db4..c81ded5d7 100644
static int
nbd_port (void)
@@ -294,6 +296,7 @@ create_drive_rbd (guestfs_h *g,
@@ -292,6 +294,7 @@ create_drive_rbd (guestfs_h *g,
return create_drive_non_file (g, data);
}
@ -332,7 +332,7 @@ index 46af66db4..c81ded5d7 100644
static struct drive *
create_drive_sheepdog (guestfs_h *g,
const struct drive_create_data *data)
@@ -394,6 +397,7 @@ create_drive_iscsi (guestfs_h *g,
@@ -392,6 +395,7 @@ create_drive_iscsi (guestfs_h *g,
return create_drive_non_file (g, data);
}
@ -340,7 +340,7 @@ index 46af66db4..c81ded5d7 100644
/**
* Create the special F</dev/null> drive.
@@ -856,6 +860,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
@@ -842,6 +846,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
drv = create_drive_file (g, &data);
}
}
@ -348,7 +348,7 @@ index 46af66db4..c81ded5d7 100644
else if (STREQ (protocol, "ftp")) {
data.protocol = drive_protocol_ftp;
drv = create_drive_curl (g, &data);
@@ -880,6 +885,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
@@ -866,6 +871,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
data.protocol = drive_protocol_iscsi;
drv = create_drive_iscsi (g, &data);
}
@ -356,7 +356,7 @@ index 46af66db4..c81ded5d7 100644
else if (STREQ (protocol, "nbd")) {
data.protocol = drive_protocol_nbd;
drv = create_drive_nbd (g, &data);
@@ -888,6 +894,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
@@ -874,6 +880,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
data.protocol = drive_protocol_rbd;
drv = create_drive_rbd (g, &data);
}
@ -364,7 +364,7 @@ index 46af66db4..c81ded5d7 100644
else if (STREQ (protocol, "sheepdog")) {
data.protocol = drive_protocol_sheepdog;
drv = create_drive_sheepdog (g, &data);
@@ -900,6 +907,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
@@ -886,6 +893,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
data.protocol = drive_protocol_tftp;
drv = create_drive_curl (g, &data);
}
@ -373,12 +373,12 @@ index 46af66db4..c81ded5d7 100644
error (g, _("unknown protocol %s"), protocol);
drv = NULL; /*FALLTHROUGH*/
diff --git a/lib/guestfs.pod b/lib/guestfs.pod
index bce9eb79f..2bb13b875 100644
index c6c8cb16..866a4638 100644
--- a/lib/guestfs.pod
+++ b/lib/guestfs.pod
@@ -715,70 +715,6 @@ servers. The server string is documented in
L</guestfs_add_drive_opts>. The C<username> and C<secret> parameters are
also optional, and if not given, then no authentication will be used.
@@ -723,70 +723,6 @@ a qcow2 backing file specification, libvirt does not construct an
ephemeral secret object from those, for Ceph authentication. Refer to
L<https://bugzilla.redhat.com/2033247>.
-=head3 FTP, HTTP AND TFTP
-
@ -447,7 +447,7 @@ index bce9eb79f..2bb13b875 100644
=head3 NETWORK BLOCK DEVICE
Libguestfs can access Network Block Device (NBD) disks remotely.
@@ -841,42 +777,6 @@ L<https://bugs.launchpad.net/qemu/+bug/1155677>
@@ -849,42 +785,6 @@ L<https://bugs.launchpad.net/qemu/+bug/1155677>
=back
@ -491,10 +491,10 @@ index bce9eb79f..2bb13b875 100644
Libguestfs has APIs for inspecting an unknown disk image to find out
diff --git a/tests/disks/test-qemu-drive-libvirt.sh b/tests/disks/test-qemu-drive-libvirt.sh
index 3c5aa592e..f73827bd6 100755
index d86a1ecd..cf7d2a0c 100755
--- a/tests/disks/test-qemu-drive-libvirt.sh
+++ b/tests/disks/test-qemu-drive-libvirt.sh
@@ -64,34 +64,6 @@ check_output
@@ -65,34 +65,6 @@ check_output
grep -sq -- '-drive file=rbd:abc-def/ghi-jkl:auth_supported=none,' "$DEBUG_QEMU_FILE" || fail ceph2
rm "$DEBUG_QEMU_FILE"
@ -530,7 +530,7 @@ index 3c5aa592e..f73827bd6 100755
$guestfish -d pool1 run ||:
diff --git a/tests/disks/test-qemu-drive.sh b/tests/disks/test-qemu-drive.sh
index 19dd60a2f..583e031bd 100755
index 12937fb3..b3e4f990 100755
--- a/tests/disks/test-qemu-drive.sh
+++ b/tests/disks/test-qemu-drive.sh
@@ -62,45 +62,6 @@ check_output
@ -604,6 +604,3 @@ index 19dd60a2f..583e031bd 100755
-check_output
-grep -sq -- '-drive file=ssh://rich@example.com/disk.img,' "$DEBUG_QEMU_FILE" || fail
-rm "$DEBUG_QEMU_FILE"
--
2.31.1

@ -1,37 +0,0 @@
From dbd1eaab6a478cf0c3ea093a56b3d04c29278615 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 12 Jan 2021 10:23:11 +0000
Subject: [PATCH] build: Avoid warnings about unknown pragmas.
In commit 4bbbf03b8bc266ed2b63c461cd0945250bb134fe we started to
ignore bogus GCC 11 warnings. Unfortunately earlier versions of GCC
don't know about those pragmas so give warnings [hence errors in
developer builds] like:
tsk.c:75:32: error: unknown option after '#pragma GCC diagnostic' kind [-Werror=pragmas]
Turn off these warnings.
Updates: commit 4bbbf03b8bc266ed2b63c461cd0945250bb134fe
(cherry picked from commit 812f837c97f48ce0c26a0e02286fb9180c282923)
---
m4/guestfs-c.m4 | 3 +++
1 file changed, 3 insertions(+)
diff --git a/m4/guestfs-c.m4 b/m4/guestfs-c.m4
index 25ffea0d9..bbb4db464 100644
--- a/m4/guestfs-c.m4
+++ b/m4/guestfs-c.m4
@@ -108,6 +108,9 @@ gl_WARN_ADD([-Wformat-truncation=1])
dnl GCC 9 at level 2 gives apparently bogus errors when %.*s is used.
gl_WARN_ADD([-Wformat-overflow=1])
+dnl GCC < 11 gives warnings when disabling GCC 11 warnings.
+gl_WARN_ADD([-Wno-pragmas])
+
AC_SUBST([WARN_CFLAGS])
NO_SNV_CFLAGS=
--
2.31.1

@ -1,8 +1,8 @@
From cb2ac63562447e2780bd7103ed060fd6013b9054 Mon Sep 17 00:00:00 2001
From b74c6c8520773c2ef4a4d69b08b70e5ceeb06964 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 7 Jul 2015 09:28:03 -0400
Subject: [PATCH] RHEL 8: Reject use of libguestfs-winsupport features except
for virt-* tools (RHBZ#1240276).
Subject: [PATCH] RHEL: Reject use of libguestfs-winsupport features except for
virt-* tools (RHBZ#1240276).
Fix the tests: it doesn't let us use guestfish for arbitrary Windows
edits.
@ -13,7 +13,7 @@ edits.
3 files changed, 19 insertions(+)
diff --git a/generator/c.ml b/generator/c.ml
index 86d3b26f8..a625361a9 100644
index 447059b8..0391dd3d 100644
--- a/generator/c.ml
+++ b/generator/c.ml
@@ -1846,6 +1846,22 @@ and generate_client_actions actions () =
@ -40,7 +40,7 @@ index 86d3b26f8..a625361a9 100644
* as a progress bar hint.
*)
diff --git a/test-data/phony-guests/make-windows-img.sh b/test-data/phony-guests/make-windows-img.sh
index 30908a918..73cf5144e 100755
index 16debd12..1c13ddac 100755
--- a/test-data/phony-guests/make-windows-img.sh
+++ b/test-data/phony-guests/make-windows-img.sh
@@ -37,6 +37,7 @@ fi
@ -52,10 +52,10 @@ index 30908a918..73cf5144e 100755
run
diff --git a/tests/charsets/test-charset-fidelity.c b/tests/charsets/test-charset-fidelity.c
index 39ccc2068..2b2e2d8a9 100644
index 105291dc..5ca4f3b6 100644
--- a/tests/charsets/test-charset-fidelity.c
+++ b/tests/charsets/test-charset-fidelity.c
@@ -94,6 +94,8 @@ main (int argc, char *argv[])
@@ -96,6 +96,8 @@ main (int argc, char *argv[])
if (g == NULL)
error (EXIT_FAILURE, 0, "failed to create handle");
@ -64,6 +64,3 @@ index 39ccc2068..2b2e2d8a9 100644
if (guestfs_add_drive_scratch (g, 1024*1024*1024, -1) == -1)
exit (EXIT_FAILURE);
--
2.31.1

@ -1,94 +0,0 @@
From 22416a2329ec531b9608c21b11ff3d53275fe7a0 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Mon, 22 Feb 2021 10:18:45 +0000
Subject: [PATCH] daemon: lvm: Use lvcreate --yes to avoid interactive prompts.
See https://bugzilla.redhat.com/show_bug.cgi?id=1930996#c1
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1930996
(cherry picked from commit 21cd97732c4973db835b8b6540c8ad582ebd2bda)
---
daemon/lvm.c | 2 +-
tests/regressions/Makefile.am | 2 ++
tests/regressions/rhbz1930996.sh | 36 ++++++++++++++++++++++++++++++++
3 files changed, 39 insertions(+), 1 deletion(-)
create mode 100755 tests/regressions/rhbz1930996.sh
diff --git a/daemon/lvm.c b/daemon/lvm.c
index 841dc4b6b..72c59c3a1 100644
--- a/daemon/lvm.c
+++ b/daemon/lvm.c
@@ -219,7 +219,7 @@ do_lvcreate (const char *logvol, const char *volgroup, int mbytes)
snprintf (size, sizeof size, "%d", mbytes);
r = command (NULL, &err,
- "lvm", "lvcreate",
+ "lvm", "lvcreate", "--yes",
"-L", size, "-n", logvol, volgroup, NULL);
if (r == -1) {
reply_with_error ("%s", err);
diff --git a/tests/regressions/Makefile.am b/tests/regressions/Makefile.am
index ecb0d68a7..c1e0ee8a9 100644
--- a/tests/regressions/Makefile.am
+++ b/tests/regressions/Makefile.am
@@ -49,6 +49,7 @@ EXTRA_DIST = \
rhbz1370424.sh \
rhbz1370424.xml \
rhbz1477623.sh \
+ rhbz1930996.sh \
test-noexec-stack.pl
TESTS = \
@@ -79,6 +80,7 @@ TESTS = \
rhbz1285847.sh \
rhbz1370424.sh \
rhbz1477623.sh \
+ rhbz1930996.sh \
test-big-heap \
test-noexec-stack.pl \
$(SLOW_TESTS)
diff --git a/tests/regressions/rhbz1930996.sh b/tests/regressions/rhbz1930996.sh
new file mode 100755
index 000000000..27089beaa
--- /dev/null
+++ b/tests/regressions/rhbz1930996.sh
@@ -0,0 +1,36 @@
+#!/bin/bash -
+# libguestfs
+# Copyright (C) 2017-2021 Red Hat Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+# Regression test for:
+# https://bugzilla.redhat.com/show_bug.cgi?id=1930996#c1
+#
+# Actually a bug/change in LVM, previously we failed to create an LV
+# if the underlying disk contained a filesystem signature.
+
+set -e
+
+$TEST_FUNCTIONS
+skip_if_skipped
+skip_unless_phony_guest fedora.img
+
+f=rhbz1930996.img
+rm -f $f
+
+guestfish -N $f=lvfs vgremove VG : vgcreate VG /dev/sda1 : lvcreate LV2 VG 100
+
+rm $f
--
2.31.1

@ -0,0 +1,63 @@
From e916ad54c31a725cbf08fb186756d9e968ff20b2 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 7 Feb 2023 13:20:36 +0000
Subject: [PATCH] Remove virt-dib
The tool only supports an older version of the diskimage-builder
metadata, and we do not have the time or inclination to update it to a
newer version.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1910039
(cherry picked from commit 7503eeebede688409b2adf616d71a94e04b7f0d2)
---
appliance/packagelist.in | 30 ------------------------------
1 file changed, 30 deletions(-)
diff --git a/appliance/packagelist.in b/appliance/packagelist.in
index 585d52ad..20b08c47 100644
--- a/appliance/packagelist.in
+++ b/appliance/packagelist.in
@@ -110,7 +110,6 @@ ifelse(ARCHLINUX,1,
dnl syslinux has mtools as optional dependency, but in reality it's
dnl a hard one:
mtools
- multipath-tools dnl for kpartx
nilfs-utils
ntfs-3g
ntfs-3g-system-compression
@@ -266,35 +265,6 @@ util-linux-ng
xfsprogs
zerofree
-dnl tools needed by virt-dib
-ifelse(REDHAT,1,
- qemu-img
- which
-)
-ifelse(DEBIAN,1,
- qemu-utils
-)
-ifelse(ARCHLINUX,1,
- qemu
- which
-)
-ifelse(SUSE,1,
- qemu-tools
- which
-)
-ifelse(FRUGALWARE,1,
- qemu
- which
-)
-ifelse(MAGEIA,1,
- qemu-img
- which
-)
-curl
-kpartx
-dnl (virt-dib) tools optionally used for elements
-debootstrap
-
dnl exFAT is not usually available in free software repos
exfat-fuse
exfat-utils

@ -1,113 +0,0 @@
From e1b339688e5f8f2a14fe0c7e9d02ad68004e4655 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Thu, 15 Apr 2021 09:18:22 +0100
Subject: [PATCH] inspection: More reliable detection of Linux split /usr
configurations
In RHEL 8+, /usr/etc no longer exists. Since we were looking for this
directory in order to detect a separate /usr partition, those were no
longer detected, so the merging of /usr data into the root was not
being done. The result was incomplete inspection data and failure of
virt-v2v.
All Linux systems since forever have had /usr/src but not /src, so
detect this instead.
Furthermore the merging code didn't work, because we expected that the
root filesystem had a distro assigned, but in this configuration we
may need to look for that information in /usr/lib/os-release (not on
the root filesystem). This change makes the merging work even if we
have incomplete information about the root filesystem, so long as we
have an /etc/fstab entry pointing to the /usr mountpoint.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1949683
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1930133
Fixes: commit 394d11be49121884295e61964ed47f5a8488c252
(cherry picked from commit 26427b9ecc64e7e5e53a1d577cef9dc080d08877)
---
daemon/inspect.ml | 33 +++++++++++++++------------------
daemon/inspect_fs.ml | 6 +++---
2 files changed, 18 insertions(+), 21 deletions(-)
diff --git a/daemon/inspect.ml b/daemon/inspect.ml
index 945a476f6..fb75b4a6c 100644
--- a/daemon/inspect.ml
+++ b/daemon/inspect.ml
@@ -182,11 +182,9 @@ and check_for_duplicated_bsd_root fses =
and collect_linux_inspection_info fses =
List.map (
function
- | { role = RoleRoot { distro = Some d } } as root ->
- if d <> DISTRO_COREOS then
- collect_linux_inspection_info_for fses root
- else
- root
+ | { role = RoleRoot { distro = Some DISTRO_COREOS } } as root -> root
+ | { role = RoleRoot _ } as root ->
+ collect_linux_inspection_info_for fses root
| fs -> fs
) fses
@@ -196,29 +194,28 @@ and collect_linux_inspection_info fses =
* or other ways to identify the OS).
*)
and collect_linux_inspection_info_for fses root =
- let root_distro, root_fstab =
+ let root_fstab =
match root with
- | { role = RoleRoot { distro = Some d; fstab = f } } -> d, f
+ | { role = RoleRoot { fstab = f } } -> f
| _ -> assert false in
try
let usr =
List.find (
function
- | { role = RoleUsr { distro = d } }
- when d = Some root_distro || d = None -> true
+ | { role = RoleUsr _; fs_location = usr_mp } ->
+ (* This checks that this usr is found in the fstab of
+ * the root filesystem.
+ *)
+ List.exists (
+ fun (mountable, _) ->
+ usr_mp.mountable = mountable
+ ) root_fstab
| _ -> false
) fses in
- let usr_mountable = usr.fs_location.mountable in
-
- (* This checks that [usr] is found in the fstab of the root
- * filesystem. If not, [Not_found] is thrown.
- *)
- ignore (
- List.find (fun (mountable, _) -> usr_mountable = mountable) root_fstab
- );
-
+ eprintf "collect_linux_inspection_info_for: merging:\n%sinto:\n%s"
+ (string_of_fs usr) (string_of_fs root);
merge usr root;
root
with
diff --git a/daemon/inspect_fs.ml b/daemon/inspect_fs.ml
index 6e00c7083..02b5a0470 100644
--- a/daemon/inspect_fs.ml
+++ b/daemon/inspect_fs.ml
@@ -164,10 +164,10 @@ and check_filesystem mountable =
()
)
(* Linux /usr? *)
- else if Is.is_dir "/etc" &&
- Is.is_dir "/bin" &&
- Is.is_dir "/share" &&
+ else if Is.is_dir "/bin" &&
Is.is_dir "/local" &&
+ Is.is_dir "/share" &&
+ Is.is_dir "/src" &&
not (Is.is_file "/etc/fstab") then (
debug_matching "Linux /usr";
role := `Usr;
--
2.31.1

@ -1,49 +0,0 @@
From 791a16b049ea1ce2c450acd367fce774d9aab5b1 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 31 Aug 2021 08:27:15 +0100
Subject: [PATCH] lib: Autodetect backing format for qemu-img create -b
qemu 6.1 has decided to change qemu-img create so that a backing
format (-F) is required if a backing file (-b) is specified. Since we
don't want to change the libguestfs API to force callers to specify
this because that would be an API break, autodetect it.
This is similar to commit c8c181e8d9 ("launch: libvirt: Autodetect
backing format for readonly drive overlays").
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1998820
(cherry picked from commit 45de287447bb18d59749fbfc1ec5072413090109)
---
lib/create.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/lib/create.c b/lib/create.c
index 44a7df25f..75a4d3a28 100644
--- a/lib/create.c
+++ b/lib/create.c
@@ -255,6 +255,7 @@ disk_create_qcow2 (guestfs_h *g, const char *filename, int64_t size,
const struct guestfs_disk_create_argv *optargs)
{
const char *backingformat = NULL;
+ CLEANUP_FREE char *backingformat_free = NULL;
const char *preallocation = NULL;
const char *compat = NULL;
int clustersize = -1;
@@ -270,6 +271,14 @@ disk_create_qcow2 (guestfs_h *g, const char *filename, int64_t size,
return -1;
}
}
+ else if (backingfile) {
+ /* Since qemu 6.1, qemu-img create has requires a backing format (-F)
+ * parameter if backing file (-b) is used (RHBZ#1998820).
+ */
+ backingformat = backingformat_free = guestfs_disk_format (g, backingfile);
+ if (!backingformat)
+ return -1;
+ }
if (optargs->bitmask & GUESTFS_DISK_CREATE_PREALLOCATION_BITMASK) {
if (STREQ (optargs->preallocation, "off") ||
STREQ (optargs->preallocation, "sparse"))
--
2.31.1

@ -0,0 +1,32 @@
From e712c4b81cbd2cf0e990d01cb4d1f54734e62de6 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Thu, 9 Feb 2023 13:38:50 +0000
Subject: [PATCH] lib: Choose q35 machine type for x86-64
This machine type is more modern than the older 'pc' type and as most
qemu development is now focused there we expect it will perform and
behave better. In almost all respects this change should make no
difference.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2168578
Acked-by: Laszlo Ersek <lersek@redhat.com>
See-also: https://listman.redhat.com/archives/libguestfs/2023-February/030645.html
(cherry picked from commit f0f8e6c5fe0c3f6d5d90534d263bded3a4dc7e8d)
---
lib/guestfs-internal.h | 3 +++
1 file changed, 3 insertions(+)
diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h
index 306f2a2e..fb55e026 100644
--- a/lib/guestfs-internal.h
+++ b/lib/guestfs-internal.h
@@ -113,6 +113,9 @@ cleanup_mutex_unlock (pthread_mutex_t **ptr)
#define MAX_WINDOWS_EXPLORER_SIZE (4 * 1000 * 1000)
/* Machine types. */
+#if defined(__x86_64__)
+#define MACHINE_TYPE "q35"
+#endif
#ifdef __arm__
#define MACHINE_TYPE "virt"
#endif

@ -1,44 +0,0 @@
From 3435938f43ca3737ec1d73da4d8cad756b5c9508 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Fri, 26 Mar 2021 16:04:43 +0000
Subject: [PATCH] daemon: chroot: Fix long-standing possible deadlock.
The child (chrooted) process wrote its answer on the pipe and then
exited. Meanwhile the parent waiting for the child to exit before
reading from the pipe. Thus if the output was larger than a Linux
pipebuffer then the whole thing would deadlock.
(cherry picked from commit 94e64b28bee3b8dc7ed354a366d6a8f7ba5f245c)
---
daemon/chroot.ml | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/daemon/chroot.ml b/daemon/chroot.ml
index 5e856c91f..7da8ae29e 100644
--- a/daemon/chroot.ml
+++ b/daemon/chroot.ml
@@ -62,6 +62,10 @@ let f t func arg =
(* Parent. *)
close wfd;
+ let chan = in_channel_of_descr rfd in
+ let ret = input_value chan in
+ close_in chan;
+
let _, status = waitpid [] pid in
(match status with
| WEXITED 0 -> ()
@@ -76,10 +80,6 @@ let f t func arg =
failwithf "chroot %s stopped by signal %d" t.name i
);
- let chan = in_channel_of_descr rfd in
- let ret = input_value chan in
- close_in chan;
-
match ret with
| Either ret -> ret
| Or exn -> raise exn
--
2.31.1

@ -0,0 +1,160 @@
From 194a48aef32367c45c555a4d93fb1a3375b0dead Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Fri, 19 May 2023 16:08:47 +0200
Subject: [PATCH] update common submodule
Laszlo Ersek (2):
options/keys: key_store_import_key(): un-constify "key" parameter
options/keys: introduce unescape_device_mapper_lvm()
Richard W.M. Jones (1):
mlcustomize/SELinux_relabel.ml: Use Array.mem
Roman Kagan (1):
mlcustomize: skip SELinux relabeling if it's disabled
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2168506
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20230519140849.310774-2-lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 83afd6d3d2c82ee3a8f22079ba12ef7eac38ac34)
---
common | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Submodule common 70c10a07..b636c3f2:
diff --git a/common/options/options.h b/common/options/options.h
index 94573ee0..94e8b9ee 100644
--- a/common/options/options.h
+++ b/common/options/options.h
@@ -169,7 +169,8 @@ extern struct matching_key *get_keys (struct key_store *ks, const char *device,
const char *uuid, size_t *nr_matches);
extern void free_keys (struct matching_key *keys, size_t nr_matches);
extern struct key_store *key_store_add_from_selector (struct key_store *ks, const char *selector);
-extern struct key_store *key_store_import_key (struct key_store *ks, const struct key_store_key *key);
+extern struct key_store *key_store_import_key (struct key_store *ks,
+ struct key_store_key *key);
extern bool key_store_requires_network (const struct key_store *ks);
extern void free_key_store (struct key_store *ks);
diff --git a/common/options/keys.c b/common/options/keys.c
index 48f1bc7c..52b27369 100644
--- a/common/options/keys.c
+++ b/common/options/keys.c
@@ -260,8 +260,107 @@ key_store_add_from_selector (struct key_store *ks, const char *selector)
return key_store_import_key (ks, &key);
}
+/* Turn /dev/mapper/VG-LV into /dev/VG/LV, in-place. */
+static void
+unescape_device_mapper_lvm (char *id)
+{
+ static const char dev[] = "/dev/", dev_mapper[] = "/dev/mapper/";
+ const char *input_start;
+ char *output;
+ enum { M_SCAN, M_FILL, M_DONE } mode;
+
+ if (!STRPREFIX (id, dev_mapper))
+ return;
+
+ /* Start parsing "VG-LV" from "id" after "/dev/mapper/". */
+ input_start = id + (sizeof dev_mapper - 1);
+
+ /* Start writing the unescaped "VG/LV" output after "/dev/". */
+ output = id + (sizeof dev - 1);
+
+ for (mode = M_SCAN; mode < M_DONE; ++mode) {
+ char c;
+ const char *input = input_start;
+ const char *hyphen_buffered = NULL;
+ bool single_hyphen_seen = false;
+
+ do {
+ c = *input;
+
+ switch (c) {
+ case '-':
+ if (hyphen_buffered == NULL)
+ /* This hyphen may start an escaped hyphen, or it could be the
+ * separator in VG-LV.
+ */
+ hyphen_buffered = input;
+ else {
+ /* This hyphen completes an escaped hyphen; unescape it. */
+ if (mode == M_FILL)
+ *output++ = '-';
+ hyphen_buffered = NULL;
+ }
+ break;
+
+ case '/':
+ /* Slash characters are forbidden in VG-LV anywhere. If there's any,
+ * we'll find it in the first (i.e., scanning) phase, before we output
+ * anything back to "id".
+ */
+ assert (mode == M_SCAN);
+ return;
+
+ default:
+ /* Encountered a non-slash, non-hyphen character -- which also may be
+ * the terminating NUL.
+ */
+ if (hyphen_buffered != NULL) {
+ /* The non-hyphen character comes after a buffered hyphen, so the
+ * buffered hyphen is supposed to be the single hyphen that separates
+ * VG from LV in VG-LV. There are three requirements for this
+ * separator: (a) it must be unique (we must not have seen another
+ * such separator earlier), (b) it must not be at the start of VG-LV
+ * (because VG would be empty that way), (c) it must not be at the end
+ * of VG-LV (because LV would be empty that way). Should any of these
+ * be violated, we'll catch that during the first (i.e., scanning)
+ * phase, before modifying "id".
+ */
+ if (single_hyphen_seen || hyphen_buffered == input_start ||
+ c == '\0') {
+ assert (mode == M_SCAN);
+ return;
+ }
+
+ /* Translate the separator hyphen to a slash character. */
+ if (mode == M_FILL)
+ *output++ = '/';
+ hyphen_buffered = NULL;
+ single_hyphen_seen = true;
+ }
+
+ /* Output the non-hyphen character (including the terminating NUL)
+ * regardless of whether there was a buffered hyphen separator (which,
+ * by now, we'll have attempted to translate and flush).
+ */
+ if (mode == M_FILL)
+ *output++ = c;
+ }
+
+ ++input;
+ } while (c != '\0');
+
+ /* We must have seen the VG-LV separator. If that's not the case, we'll
+ * catch it before modifying "id".
+ */
+ if (!single_hyphen_seen) {
+ assert (mode == M_SCAN);
+ return;
+ }
+ }
+}
+
struct key_store *
-key_store_import_key (struct key_store *ks, const struct key_store_key *key)
+key_store_import_key (struct key_store *ks, struct key_store_key *key)
{
struct key_store_key *new_keys;
@@ -278,6 +377,7 @@ key_store_import_key (struct key_store *ks, const struct key_store_key *key)
error (EXIT_FAILURE, errno, "realloc");
ks->keys = new_keys;
+ unescape_device_mapper_lvm (key->id);
ks->keys[ks->nr_keys] = *key;
++ks->nr_keys;

@ -0,0 +1,97 @@
From c95b3086bdbdf840de8d3b24c3ae5e9b847bf588 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Fri, 19 May 2023 16:08:48 +0200
Subject: [PATCH] LUKS-on-LVM inspection test: rename VGs and LVs
In preparation for a subsequent patch, rename "VG" to "Volume-Group", and
"LV<n>" to "Logical-Volume-<n>", in the LUKS-on-LVM inspection test.
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2168506
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20230519140849.310774-3-lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
<