rpms
/
virt-v2v
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Rebase to stable branch version 2.0.7 

resolves: rhbz#2059287
This commit is contained in:
Richard W.M. Jones 2022-07-06 17:29:41 +01:00
parent b6cf325d1f
commit 0ab0657041
35 changed files with 248 additions and 35436 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
0001-RHEL-v2v-Select-correct-qemu-binary-for-o-qemu-mode-.patch
View File

@ -1,4 +1,4 @@
From fd68a9dc94c54ecc1e7853bfc90220424bd5c4ca Mon Sep 17 00:00:00 2001
From d7c0992dfb11982d96cac8e279c454d82787918a Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Sun, 28 Sep 2014 19:14:43 +0100
Subject: [PATCH] RHEL: v2v: Select correct qemu binary for -o qemu mode

2
0002-RHEL-v2v-Disable-the-qemu-boot-oo-qemu-boot-option-R.patch
View File

@ -1,4 +1,4 @@
From 21fecd276d0a6aaa4ea8a75fc8b77a3593001492 Mon Sep 17 00:00:00 2001
From 610f53a67a0804ee76e9213c503b7bb00dd722b8 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 30 Sep 2014 10:50:27 +0100
Subject: [PATCH] RHEL: v2v: Disable the --qemu-boot / -oo qemu-boot option

2
0003-RHEL-Fix-list-of-supported-sound-cards-to-match-RHEL.patch
View File

@ -1,4 +1,4 @@
From 41b609f89872d44ae9fdaf30a141132759efae22 Mon Sep 17 00:00:00 2001
From b61fc893f429eb4bec34816d667cc930e50ccd0f Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Fri, 24 Apr 2015 09:45:41 -0400
Subject: [PATCH] RHEL: Fix list of supported sound cards to match RHEL qemu

6
0004-RHEL-Fixes-for-libguestfs-winsupport.patch
View File

@ -1,4 +1,4 @@
From def0df3659baaf52a68d23a9d8f86f9bd4c7f68e Mon Sep 17 00:00:00 2001
From 5d70bf1302ea3f1006d87672676f86eb5d40eb85 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Sun, 30 Aug 2015 03:21:57 -0400
Subject: [PATCH] RHEL: Fixes for libguestfs-winsupport.
@ -26,10 +26,10 @@ index 87fca725..5e0e6c2b 100644
(* Setting the number of vCPUs allows parallel mkinitrd, but make
* sure this is not too large because each vCPU consumes guest RAM.
diff --git a/convert/windows_virtio.ml b/convert/windows_virtio.ml
index 5254322c..301f7544 100644
index a27cd6a5..183166b7 100644
--- a/convert/windows_virtio.ml
+++ b/convert/windows_virtio.ml
@@ -283,6 +283,7 @@ and copy_from_virtio_win g inspect srcdir destdir filter missing =
@@ -241,6 +241,7 @@ and copy_from_virtio_win g inspect srcdir destdir filter missing =
let g2 =
try
let g2 = open_guestfs ~identifier:"virtio_win" () in

2
0005-RHEL-v2v-i-disk-force-VNC-as-display-RHBZ-1372671.patch
View File

@ -1,4 +1,4 @@
From 869d6333dc9f27f4398df6f8d98ddc13191e4be9 Mon Sep 17 00:00:00 2001
From 37e241d6d4f22331b34c2ed0af233c73be2b0869 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Thu, 2 Mar 2017 14:21:37 +0100
Subject: [PATCH] RHEL: v2v: -i disk: force VNC as display (RHBZ#1372671)

2
0006-RHEL-v2v-do-not-mention-SUSE-Xen-hosts-RHBZ-1430203.patch
View File

@ -1,4 +1,4 @@
From 0695b6734db3e57954ec7b97b63bcc91d4f72b37 Mon Sep 17 00:00:00 2001
From 8ee8aec8739c6c0a4024ad187be56f525e8089c0 Mon Sep 17 00:00:00 2001
From: Pino Toscano <ptoscano@redhat.com>
Date: Wed, 8 Mar 2017 11:03:40 +0100
Subject: [PATCH] RHEL: v2v: do not mention SUSE Xen hosts (RHBZ#1430203)

2
0007-RHEL-point-to-KB-for-supported-v2v-hypervisors-guest.patch
View File

@ -1,4 +1,4 @@
From ef2fd3cbbf3261c6bf43ec35425f3552f6eb918d Mon Sep 17 00:00:00 2001
From fd0c34d843bb5ba9e1b33e0dfd1250943c760a70 Mon Sep 17 00:00:00 2001
From: Pino Toscano <ptoscano@redhat.com>
Date: Tue, 26 Mar 2019 09:42:25 +0100
Subject: [PATCH] RHEL: point to KB for supported v2v hypervisors/guests

2
0008-RHEL-Disable-o-glance.patch
View File

@ -1,4 +1,4 @@
From e9890240ed9e0a0b967987f516c4bc9d2406ea7f Mon Sep 17 00:00:00 2001
From 14507902a675fd2e0356c0faf67524eb04e974d2 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Wed, 30 Jun 2021 11:15:52 +0100
Subject: [PATCH] RHEL: Disable -o glance

4
0009-RHEL-Remove-the-in-place-option.patch
View File

@ -1,4 +1,4 @@
From 16f78a6852d4d6c00b2d987dac40d8ea18b7f192 Mon Sep 17 00:00:00 2001
From 1176553cf7a9a7f7961887372757234ffdfae2bd Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Thu, 2 Dec 2021 11:56:05 +0000
Subject: [PATCH] RHEL: Remove the --in-place option
@ -45,7 +45,7 @@ index 84e049cc..7ad22f00 100644
L<virt-df(1)>,
L<virt-filesystems(1)>,
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 03d0be29..e44adaef 100644
index d36e230b..db32e42b 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -77,7 +77,6 @@ TESTS = \

6
0010-output-Remove-o-json-mode.patch
View File

@ -1,4 +1,4 @@
From 13e570e2c19319e4164bba7de479980ebff74fdb Mon Sep 17 00:00:00 2001
From a1f1129dc148639ed0b05b737157268d9b824a63 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Mon, 11 Apr 2022 11:01:46 +0100
Subject: [PATCH] output: Remove -o json mode
@ -991,7 +991,7 @@ index 35b62836..00000000
- ignore (run_test_tt_main suite);
- Printf.fprintf stderr "\n"
diff --git a/tests/Makefile.am b/tests/Makefile.am
index e44adaef..549d39e1 100644
index db32e42b..e787a86c 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -81,7 +81,6 @@ TESTS = \
@ -1002,7 +1002,7 @@ index e44adaef..549d39e1 100644
test-v2v-o-libvirt.sh \
test-v2v-o-null.sh \
test-v2v-o-openstack.sh \
@@ -231,7 +230,6 @@ EXTRA_DIST += \
@@ -241,7 +240,6 @@ EXTRA_DIST += \
test-v2v-networks-and-bridges.sh \
test-v2v-networks-and-bridges-expected.xml \
test-v2v-o-glance.sh \

2
0011-output-Remove-unused-dummy.c.patch
View File

@ -1,4 +1,4 @@
From 0c52088cbcfe4f00794f070866e806179abc7596 Mon Sep 17 00:00:00 2001
From 42da4736c2078801c0a5ebbe3825086f9b8d25ea Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 12 Apr 2022 11:53:45 +0100
Subject: [PATCH] output: Remove unused dummy.c

202
0012-adopt-inversion-of-SELinux-relabeling-in-virt-custom.patch
View File

@ -1,4 +1,4 @@
From b3398f6e90056ac0e38bd0a9751e7aca4316555e Mon Sep 17 00:00:00 2001
From 7b22bc65e5df2bbe9f5ccf8ab05e67afb5a4cb8f Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Tue, 10 May 2022 12:53:07 +0200
Subject: [PATCH] adopt inversion of SELinux relabeling in virt-customize
@ -21,178 +21,44 @@ Acked-by: Richard W.M. Jones <rjones@redhat.com>
tests/test-v2v-conversion-of.sh | 7 -------
2 files changed, 1 insertion(+), 8 deletions(-)
Submodule common 0a231b3e..48527b87:
diff --git a/common/mlcustomize/customize-options.pod b/common/mlcustomize/customize-options.pod
index 71b545da..a83c80a5 100644
--- a/common/mlcustomize/customize-options.pod
+++ b/common/mlcustomize/customize-options.pod
@@ -206,6 +206,19 @@ the image was built, use this option.
Submodule common 201632e4..af6cb55b (rewind):
diff --git a/common/mlcustomize/guest_packages.ml b/common/mlcustomize/guest_packages.ml
index 7c29a2ab..4c3c34ed 100644
--- a/common/mlcustomize/guest_packages.ml
+++ b/common/mlcustomize/guest_packages.ml
@@ -73,9 +73,9 @@ let install_command packages package_management =
| "zypper" -> sprintf "zypper -n in -l %s" quoted_args
See also: L</LOG FILE>.
| "unknown" ->
- error_unknown_package_manager "--install"
+ error_unknown_package_manager (s_"--install")
| pm ->
- error_unimplemented_package_manager "--install" pm
+ error_unimplemented_package_manager (s_"--install") pm
+=item B<--no-selinux-relabel>
+
+Do not attempt to correct the SELinux labels of files in the guest.
+
+In such guests that support SELinux, customization automatically
+relabels files so that they have the correct SELinux label. (The
+relabeling is performed immediately, but if the operation fails,
+customization will instead touch F</.autorelabel> on the image to
+schedule a relabel operation for the next time the image boots.) This
+option disables the automatic relabeling.
+
+The option is a no-op for guests that do not support SELinux.
+
=item B<--password> USER:SELECTOR
let update_command package_management =
match package_management with
@@ -103,9 +103,9 @@ let update_command package_management =
| "zypper" -> "zypper -n update -l"
Set the password for C<USER>. (Note this option does I<not>
@@ -297,16 +310,6 @@ It cannot delete directories, only regular files.
| "unknown" ->
- error_unknown_package_manager "--update"
+ error_unknown_package_manager (s_"--update")
| pm ->
- error_unimplemented_package_manager "--update" pm
+ error_unimplemented_package_manager (s_"--update") pm
=back
let uninstall_command packages package_management =
let quoted_args = String.concat " " (List.map quote packages) in
@@ -127,6 +127,6 @@ let uninstall_command packages package_management =
| "zypper" -> sprintf "zypper -n rm %s" quoted_args
-=item B<--selinux-relabel>
-
-Relabel files in the guest so that they have the correct SELinux label.
-
-This will attempt to relabel files immediately, but if the operation fails
-this will instead touch F</.autorelabel> on the image to schedule a
-relabel operation for the next time the image boots.
-
-You should only use this option for guests which support SELinux.
-
=item B<--sm-attach> SELECTOR
Attach to a pool using C<subscription-manager>.
diff --git a/common/mlcustomize/customize-synopsis.pod b/common/mlcustomize/customize-synopsis.pod
index 5f185408..25208538 100644
--- a/common/mlcustomize/customize-synopsis.pod
+++ b/common/mlcustomize/customize-synopsis.pod
@@ -12,5 +12,5 @@
[--truncate-recursive PATH] [--timezone TIMEZONE] [--touch FILE]
[--uninstall PKG,PKG..] [--update] [--upload FILE:DEST]
[--write FILE:CONTENT] [--no-logfile]
- [--password-crypto md5|sha256|sha512] [--selinux-relabel]
+ [--password-crypto md5|sha256|sha512] [--no-selinux-relabel]
[--sm-credentials SELECTOR]
diff --git a/common/mlcustomize/customize_cmdline.ml b/common/mlcustomize/customize_cmdline.ml
index 9326baa0..5d404e84 100644
--- a/common/mlcustomize/customize_cmdline.ml
+++ b/common/mlcustomize/customize_cmdline.ml
@@ -109,8 +109,8 @@ and flags = {
(* --no-logfile *)
password_crypto : Password.password_crypto option;
(* --password-crypto md5|sha256|sha512 *)
- selinux_relabel : bool;
- (* --selinux-relabel *)
+ no_selinux_relabel : bool;
+ (* --no-selinux-relabel *)
sm_credentials : Subscription_manager.sm_credentials option;
(* --sm-credentials SELECTOR *)
}
@@ -121,7 +121,7 @@ let rec argspec () =
let ops = ref [] in
let scrub_logfile = ref false in
let password_crypto = ref None in
- let selinux_relabel = ref false in
+ let no_selinux_relabel = ref false in
let sm_credentials = ref None in
let rec get_ops () = {
@@ -131,7 +131,7 @@ let rec argspec () =
and get_flags () = {
scrub_logfile = !scrub_logfile;
password_crypto = !password_crypto;
- selinux_relabel = !selinux_relabel;
+ no_selinux_relabel = !no_selinux_relabel;
sm_credentials = !sm_credentials;
}
in
@@ -459,11 +459,11 @@ let rec argspec () =
),
Some "md5|sha256|sha512", "When the virt tools change or set a password in the guest, this\noption sets the password encryption of that password to\nC<md5>, C<sha256> or C<sha512>.\n\nC<sha256> and C<sha512> require glibc E<ge> 2.7 (check crypt(3) inside\nthe guest).\n\nC<md5> will work with relatively old Linux guests (eg. RHEL 3), but\nis not secure against modern attacks.\n\nThe default is C<sha512> unless libguestfs detects an old guest that\ndidn't have support for SHA-512, in which case it will use C<md5>.\nYou can override libguestfs by specifying this option.\n\nNote this does not change the default password encryption used\nby the guest when you create new user accounts inside the guest.\nIf you want to do that, then you should use the I<--edit> option\nto modify C</etc/sysconfig/authconfig> (Fedora, RHEL) or\nC</etc/pam.d/common-password> (Debian, Ubuntu).";
(
- [ L"selinux-relabel" ],
- Getopt.Set selinux_relabel,
- s_"Relabel files with correct SELinux labels"
+ [ L"no-selinux-relabel" ],
+ Getopt.Set no_selinux_relabel,
+ s_"Do not relabel files with correct SELinux labels"
),
- None, "Relabel files in the guest so that they have the correct SELinux label.\n\nThis will attempt to relabel files immediately, but if the operation fails\nthis will instead touch F</.autorelabel> on the image to schedule a\nrelabel operation for the next time the image boots.\n\nYou should only use this option for guests which support SELinux.";
+ None, "Do not attempt to correct the SELinux labels of files in the guest.\n\nIn such guests that support SELinux, customization automatically\nrelabels files so that they have the correct SELinux label. (The\nrelabeling is performed immediately, but if the operation fails,\ncustomization will instead touch F</.autorelabel> on the image to\nschedule a relabel operation for the next time the image boots.) This\noption disables the automatic relabeling.\n\nThe option is a no-op for guests that do not support SELinux.";
(
[ L"sm-credentials" ],
Getopt.String (
diff --git a/common/mlcustomize/customize_cmdline.mli b/common/mlcustomize/customize_cmdline.mli
index 14eda49e..7ee882a6 100644
--- a/common/mlcustomize/customize_cmdline.mli
+++ b/common/mlcustomize/customize_cmdline.mli
@@ -101,8 +101,8 @@ and flags = {
(* --no-logfile *)
password_crypto : Password.password_crypto option;
(* --password-crypto md5|sha256|sha512 *)
- selinux_relabel : bool;
- (* --selinux-relabel *)
+ no_selinux_relabel : bool;
+ (* --no-selinux-relabel *)
sm_credentials : Subscription_manager.sm_credentials option;
(* --sm-credentials SELECTOR *)
}
diff --git a/common/mlcustomize/test-firstboot.sh b/common/mlcustomize/test-firstboot.sh
index b9069975..24c67f3e 100755
--- a/common/mlcustomize/test-firstboot.sh
+++ b/common/mlcustomize/test-firstboot.sh
@@ -61,9 +61,6 @@ case "$guestname" in
extra[${#extra[*]}]='/etc/inittab:
s,^#([1-9].*respawn.*/sbin/getty.*),$1,'
;;
- fedora*|rhel*|centos*)
- extra[${#extra[*]}]='--selinux-relabel'
- ;;
*)
;;
esac
diff --git a/common/mlcustomize/test-selinuxrelabel.sh b/common/mlcustomize/test-selinuxrelabel.sh
index 86278c63..caf75211 100755
--- a/common/mlcustomize/test-selinuxrelabel.sh
+++ b/common/mlcustomize/test-selinuxrelabel.sh
@@ -41,13 +41,12 @@ virt-builder "$guestname" --quiet -o "$disk"
# Test #1: relabel with the default configuration works.
rm -f "$disk_overlay"
guestfish -- disk-create "$disk_overlay" qcow2 -1 backingfile:"$disk"
-virt-customize -a "$disk" --selinux-relabel
+virt-customize -a "$disk"
# Test #2: relabel with no SELINUXTYPE in the configuration.
rm -f "$disk_overlay"
guestfish -- disk-create "$disk_overlay" qcow2 -1 backingfile:"$disk"
virt-customize -a "$disk" \
- --edit /etc/selinux/config:"s,^SELINUXTYPE=,#&,g" \
- --selinux-relabel
+ --edit /etc/selinux/config:"s,^SELINUXTYPE=,#&,g"
rm "$disk" "$disk_overlay"
diff --git a/common/options/uri.c b/common/options/uri.c
index 6b696fc2..84d393c1 100644
--- a/common/options/uri.c
+++ b/common/options/uri.c
@@ -135,7 +135,7 @@ parse (const char *arg, char **path_ret, char **protocol_ret,
socket = query_get (uri, "socket");
if (uri->server && STRNEQ (uri->server, "") && socket) {
- fprintf (stderr, _("%s: %s: cannot both a server name and a socket query parameter\n"),
+ fprintf (stderr, _("%s: %s: cannot have both a server name and a socket query parameter\n"),
getprogname (), arg);
return -1;
}
@@ -347,6 +347,7 @@ make_server (xmlURIPtr uri, const char *socket, char ***ret)
*ret = malloc (sizeof (char *) * 2);
if (*ret == NULL) {
perror ("malloc");
+ free (server);
return -1;
}
(*ret)[0] = server;
| "unknown" ->
- error_unknown_package_manager "--uninstall"
+ error_unknown_package_manager (s_"--uninstall")
| pm ->
- error_unimplemented_package_manager "--uninstall" pm
+ error_unimplemented_package_manager (s_"--uninstall") pm
diff --git a/tests/test-v2v-conversion-of.sh b/tests/test-v2v-conversion-of.sh
index 5a974d1b..5c5cae7c 100755
--- a/tests/test-v2v-conversion-of.sh

2
0017-output-create_libvirt_xml-wire-up-the-QEMU-guest-age.patch → 0013-output-create_libvirt_xml-wire-up-the-QEMU-guest-age.patch
View File

@ -1,4 +1,4 @@
From 6e5b4da53504a4b62d225fe103e5821ccbfd3c3a Mon Sep 17 00:00:00 2001
From 0699afed37343d73c6803cabec466e1c3ca229b0 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Mon, 13 Jun 2022 19:01:32 +0200
Subject: [PATCH] output/create_libvirt_xml: wire up the QEMU guest agent

33089
0013-test-data-phony-guests-Upgrade-Fedora-RPM-database-a.patch
View File

File diff suppressed because it is too large Load Diff

2
0019-convert_linux-extract-qemu-guest-agent-package-name.patch → 0014-convert_linux-extract-qemu-guest-agent-package-name.patch
View File

@ -1,4 +1,4 @@
From bd1122439b4138952e6c14b834eac79405410a94 Mon Sep 17 00:00:00 2001
From 82c7526e052d2aa64a6754ff0e1082937e3ee4bc Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Mon, 13 Jun 2022 19:01:34 +0200
Subject: [PATCH] convert_linux: extract qemu-guest-agent package name

44
0014-test-data-phony-guests-Increase-size-of-root-filesys.patch
View File

@ -1,44 +0,0 @@
From ef6e9a2fbe5c294837a019533a38a42ffb5770d7 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Wed, 8 Jun 2022 16:10:56 +0100
Subject: [PATCH] test-data/phony-guests: Increase size of root filesystem
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Avoid this error in virt-v2v when trying to convert the phony Fedora
guest image:
[ 8.1] Checking for sufficient free disk space in the guest
virt-v2v: error: not enough free space for conversion on filesystem
/. 21.6 MB free < 100 MB needed
(cherry picked from commit fd7cd0c0fd2259506f6ec1c248c11c1158656665)
---
test-data/phony-guests/make-fedora-img.pl | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/test-data/phony-guests/make-fedora-img.pl b/test-data/phony-guests/make-fedora-img.pl
index 90492b81..f340f4d7 100755
--- a/test-data/phony-guests/make-fedora-img.pl
+++ b/test-data/phony-guests/make-fedora-img.pl
@@ -1,6 +1,6 @@
#!/usr/bin/env perl
# libguestfs
-# Copyright (C) 2010-2020 Red Hat Inc.
+# Copyright (C) 2010-2022 Red Hat Inc.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -210,7 +210,7 @@ sub init_lvm_root {
$g->pvcreate ($rootdev);
$g->vgcreate ('VG', [$rootdev]);
- $g->lvcreate ('Root', 'VG', 32);
+ $g->lvcreate ('Root', 'VG', 256);
$g->lvcreate ('LV1', 'VG', 32);
$g->lvcreate ('LV2', 'VG', 32);
$g->lvcreate ('LV3', 'VG', 64);
--
2.31.1

122
0015-convert_linux-install-the-QEMU-guest-agent-with-a-fi.patch Normal file
View File

@ -0,0 +1,122 @@
From e32a5ee7deb9a381ab285aba92c4de23e3c6ee2e Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Mon, 13 Jun 2022 19:01:35 +0200
Subject: [PATCH] convert_linux: install the QEMU guest agent with a firstboot
script
Register a firstboot script, for installing the guest agent with the
guest's own package manager -- that is, "Guest_packages.install_command".
For installing the package, network connectivity is required. Check it
first with "nmcli" (also checking whether NetworkManager is running), then
with "systemd-networkd-wait-online" (dependent on systemd-networkd). Note
that NetworkManager and systemd-networkd are never supposed to be enabled
at the same time.
The source domain's SELinux policy may not allow our firstboot service to
execute the package's installation scripts (if any). For that reason,
temporarily disable SELinux around package installation.
After installation, register another script for launching the agent.
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2028764
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20220613170135.12557-5-lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit e64356896377af1ac75a03d6a4c6a4208910bbf4)
---
convert/convert_linux.ml | 78 ++++++++++++++++++++++++++++++++++++++--
1 file changed, 76 insertions(+), 2 deletions(-)
diff --git a/convert/convert_linux.ml b/convert/convert_linux.ml
index 2ddbc07a..59d143bd 100644
--- a/convert/convert_linux.ml
+++ b/convert/convert_linux.ml
@@ -562,8 +562,82 @@ let convert (g : G.guestfs) source inspect keep_serial_console _ =
name = qga_pkg
) inspect.i_apps in
if not has_qemu_guest_agent then
- (* FIXME -- install qemu-guest-agent here *)
- ()
+ try
+ let inst_cmd = Guest_packages.install_command [qga_pkg]
+ inspect.i_package_management in
+
+ (* Use only the portable filename character set in this. *)
+ let selinux_enforcing = "/root/virt-v2v-fb-selinux-enforcing"
+ and timeout = 30 in
+ let fbs =
+ Firstboot.add_firstboot_script g inspect.i_root
+ in
+ info (f_"The QEMU Guest Agent will be installed for this guest at \
+ first boot.");
+
+ (* Wait for the network to come online in the guest (best effort).
+ *)
+ fbs "wait online"
+ (sprintf "#!/bin/sh\n\
+ if conn=$(nmcli networking connectivity); then\n\
+ \ \ tries=0\n\
+ \ \ while\n\
+ \ \ \ \ test $tries -lt %d &&\n\
+ \ \ \ \ test full != \"$conn\"\n\
+ \ \ do\n\
+ \ \ \ \ sleep 1\n\
+ \ \ \ \ tries=$((tries + 1))\n\
+ \ \ \ \ conn=$(nmcli networking connectivity)\n\
+ \ \ done\n\
+ elif systemctl -q is-active systemd-networkd; then\n\
+ \ \ /usr/lib/systemd/systemd-networkd-wait-online \\\n\
+ \ \ \ \ -q --timeout=%d\n\
+ fi\n" timeout timeout);
+
+ (* Disable SELinux temporarily around package installation. Refer to
+ * <https://bugzilla.redhat.com/show_bug.cgi?id=2028764#c7> and
+ * <https://bugzilla.redhat.com/show_bug.cgi?id=2028764#c8>.
+ *)
+ fbs "setenforce 0"
+ (sprintf "#!/bin/sh\n\
+ rm -f %s\n\
+ if command -v getenforce >/dev/null &&\n\
+ \ \ test Enforcing = \"$(getenforce)\"\n\
+ then\n\
+ \ \ touch %s\n\
+ \ \ setenforce 0\n\
+ fi\n" selinux_enforcing selinux_enforcing);
+ fbs "install qga" inst_cmd;
+ fbs "setenforce restore"
+ (sprintf "#!/bin/sh\n\
+ if test -f %s; then\n\
+ \ \ setenforce 1\n\
+ \ \ rm -f %s\n\
+ fi\n" selinux_enforcing selinux_enforcing);
+
+ (* Start the agent now and at subsequent boots. The following
+ * commands should work on both sysvinit distros / distro versions
+ * (regardless of "/etc/rc.d/" vs. "/etc/init.d/" being the scheme
+ * in use) and systemd distros (via redirection to systemctl).
+ *
+ * On distros where the chkconfig command is redirected to
+ * systemctl, the chkconfig command is likely superfluous. That's
+ * because on systemd distros, the QGA package comes with such
+ * runtime dependencies / triggers that the presence of the
+ * virtio-serial port named "org.qemu.guest_agent.0" automatically
+ * starts the agent during (second and later) boots. However, even
+ * on such distros, the chkconfig command should do no harm.
+ *)
+ fbs "start qga"
+ (sprintf "#!/bin/sh\n\
+ service %s start\n\
+ chkconfig %s on\n" qga_pkg qga_pkg)
+ with
+ | Guest_packages.Unknown_package_manager msg
+ | Guest_packages.Unimplemented_package_manager msg ->
+ warning (f_"The QEMU Guest Agent will not be installed. The \
+ install command for package %s could not be created: \
+ %s.") qga_pkg msg
and configure_kernel () =
(* Previously this function would try to install kernels, but we
--
2.31.1

220
0015-test-data-phony-guests-Allow-virt-v2v-to-work-agains.patch
View File

@ -1,220 +0,0 @@
From 3c8d2e517491edd9241542f21f1203f098e29677 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Wed, 8 Jun 2022 16:24:18 +0100
Subject: [PATCH] test-data/phony-guests: Allow virt-v2v to work against phony
Fedora
We didn't use the phony Fedora guest before with virt-v2v (only the
phony Windows image). This commit makes miscellaneous changes so that
it can be used for testing:
- Add dummy rpm and dracut commands.
- Add dummy kernel, initramfs and modules directory.
- Add dummy grub configuration pointing to the kernel.
(cherry picked from commit 1e75569aa074a50e96867d1021651ca2f75bcc16)
---
.gitignore | 1 +
test-data/phony-guests/Makefile.am | 19 +++++--
test-data/phony-guests/fedora.c | 66 +++++++++++++++++++++++
test-data/phony-guests/make-fedora-img.pl | 26 ++++++++-
4 files changed, 107 insertions(+), 5 deletions(-)
create mode 100644 test-data/phony-guests/fedora.c
diff --git a/.gitignore b/.gitignore
index 5a48ee58..dcafa39c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -119,6 +119,7 @@ Makefile.in
/test-data/phony-guests/fedora-luks.img
/test-data/phony-guests/fedora-md1.img
/test-data/phony-guests/fedora-md2.img
+/test-data/phony-guests/fedora-static-bin
/test-data/phony-guests/fedora.db
/test-data/phony-guests/guests.xml
/test-data/phony-guests/guests-all-good.xml
diff --git a/test-data/phony-guests/Makefile.am b/test-data/phony-guests/Makefile.am
index 60313548..c45ddc11 100644
--- a/test-data/phony-guests/Makefile.am
+++ b/test-data/phony-guests/Makefile.am
@@ -76,7 +76,8 @@ blank-%.img:
# Make a (dummy) Fedora image.
fedora.img: make-fedora-img.pl \
fedora-journal.tar.xz \
- fedora.db
+ fedora.db \
+ fedora-static-bin
SRCDIR=$(srcdir) LAYOUT=partitions $(top_builddir)/run --test ./$<
# Make a (dummy) Fedora image using md devices
@@ -84,7 +85,8 @@ fedora-md1.img fedora-md2.img: stamp-fedora-md.img
stamp-fedora-md.img: make-fedora-img.pl \
fedora-journal.tar.xz \
- fedora.db
+ fedora.db \
+ fedora-static-bin
rm -f $@
SRCDIR=$(srcdir) LAYOUT=partitions-md $(top_builddir)/run --test ./$<
touch $@
@@ -93,13 +95,15 @@ stamp-fedora-md.img: make-fedora-img.pl \
# for root and home.
fedora-btrfs.img: make-fedora-img.pl \
fedora-journal.tar.xz \
- fedora.db
+ fedora.db \
+ fedora-static-bin
SRCDIR=$(srcdir) LAYOUT=btrfs $(top_builddir)/run --test ./$<
# Make a (dummy) Fedora image with LVM encrypted with LUKS.
fedora-luks.img: make-fedora-img.pl \
fedora-journal.tar.xz \
- fedora.db
+ fedora.db \
+ fedora-static-bin
SRCDIR=$(srcdir) LAYOUT=lvm-luks $(top_builddir)/run --test ./$<
# Make a (dummy) Debian image.
@@ -137,6 +141,13 @@ fedora.db: fedora-db.sql.xz
xzcat $< | $(SQLITE3) $@-t
mv $@-t $@
+# This is included in the phony Fedora image to act as a phony "rpm"
+# and "dracut" command. For the use of -all-static here, see
+# libguestfs/tests/Makefile.am
+check_PROGRAMS = fedora-static-bin
+fedora_static_bin_SOURCES = fedora.c
+fedora_static_bin_LDFLAGS = -all-static
+
windows-software: windows-software.reg
rm -f $@ $@-t
cp $(srcdir)/minimal-hive $@-t
diff --git a/test-data/phony-guests/fedora.c b/test-data/phony-guests/fedora.c
new file mode 100644
index 00000000..c74976d6
--- /dev/null
+++ b/test-data/phony-guests/fedora.c
@@ -0,0 +1,66 @@
+/* libguestfs test images
+ * Copyright (C) 2009-2020 Red Hat Inc.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+/* This is "just enough" of a binary to look like RPM and dracut, as
+ * far as virt-v2v is concerned.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+/* NB: This is also defined in make-fedora-img.pl */
+#define KVER "5.19.0-0.rc1.14.fc37.x86_64"
+
+static const char *
+get_basename (const char *str)
+{
+ const char *ret = strrchr (str, '/');
+ return ret == NULL ? str : ret + 1;
+}
+
+int
+main (int argc, char *argv[])
+{
+ if (argc == 3 &&
+ strcmp (get_basename (argv[0]), "rpm") == 0 &&
+ strcmp (argv[1], "-ql") == 0 &&
+ strncmp (argv[2], "kernel-", 7) == 0) {
+ /* XXX These files and directories actually exist. It would be
+ * better to list files in /boot and /lib/modules matching a
+ * pattern rather than hard-coding the list here, which duplicates
+ * information in make-fedora-img.pl.
+ */
+ printf ("/boot/vmlinuz-" KVER "\n");
+ printf ("/lib/modules/" KVER "\n");
+ printf ("/lib/modules/" KVER "/kernel\n");
+ printf ("/lib/modules/" KVER "/kernel/drivers\n");
+ printf ("/lib/modules/" KVER "/kernel/drivers/block\n");
+ printf ("/lib/modules/" KVER "/kernel/drivers/block/virtio_blk.ko\n");
+ }
+ else if (argc >= 1 &&
+ strcmp (get_basename (argv[0]), "dracut") == 0) {
+ // do nothing, pretend to rebuild the initramfs
+ }
+ else {
+ fprintf (stderr, "phony Fedora: unknown command\n");
+ exit (1);
+ }
+
+ exit (0);
+}
diff --git a/test-data/phony-guests/make-fedora-img.pl b/test-data/phony-guests/make-fedora-img.pl
index f340f4d7..ad30960f 100755
--- a/test-data/phony-guests/make-fedora-img.pl
+++ b/test-data/phony-guests/make-fedora-img.pl
@@ -240,6 +240,7 @@ $g->mount ($bootdev, '/boot');
$g->mkdir ('/bin');
$g->mkdir ('/etc');
$g->mkdir ('/etc/sysconfig');
+$g->mkdir ('/sbin');
$g->mkdir ('/usr');
$g->mkdir ('/usr/share');
$g->mkdir ('/usr/share/zoneinfo');
@@ -276,8 +277,17 @@ $g->upload ($ENV{SRCDIR}.'/../binaries/bin-x86_64-dynamic', '/bin/ls');
$g->tar_in ($ENV{SRCDIR}.'/fedora-journal.tar.xz', '/var/log/journal', compress => "xz");
+# NB: This is also defined in fedora.c
+my $kver = "5.19.0-0.rc1.14.fc37.x86_64";
$g->mkdir ('/boot/grub');
-$g->touch ('/boot/grub/grub.conf');
+$g->write ('/boot/grub/grub.conf', <<EOF);
+title Fedora
+ root (hd0,0)
+ kernel /vmlinuz-$kver
+ initrd /initramfs-$kver.img
+EOF
+
+$g->touch ('/etc/modprobe.conf');
# Test files.
$g->write ('/etc/test1', 'abcdefg');
@@ -300,6 +310,20 @@ $g->ln_s ('/bin/test1', '/bin/test5');
$g->mkfifo (0777, '/bin/test6');
$g->mknod (0777, 10, 10, '/bin/test7');
+# Virt-v2v needs an RPM command, or at least something which acts
+# similarly, and also a dracut command.
+$g->upload ('fedora-static-bin', '/bin/rpm');
+$g->chmod (0777, '/bin/rpm');
+$g->upload ('fedora-static-bin', '/sbin/dracut');
+$g->chmod (0777, '/sbin/dracut');
+
+# Virt-v2v also needs a kernel, initrd and modules path.
+$g->touch ("/boot/vmlinuz-$kver");
+$g->touch ("/boot/initramfs-$kver.img");
+$g->mkdir_p ("/lib/modules/$kver/kernel/drivers/block");
+$g->upload ($ENV{SRCDIR}.'/../binaries/bin-x86_64-dynamic',
+ "/lib/modules/$kver/kernel/drivers/block/virtio_blk.ko");
+
# Cleanup
$g->shutdown ();
$g->close ();
--
2.31.1

2
0024-RHV-outputs-limit-copied-disk-count-to-23.patch → 0016-RHV-outputs-limit-copied-disk-count-to-23.patch
View File

@ -1,4 +1,4 @@
From 1477040f818e86723b1f1f0c424e70380c33b892 Mon Sep 17 00:00:00 2001
From 50a74177b3577952159d87335cf40c0ad3e51b4d Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Fri, 17 Jun 2022 11:53:37 +0200
Subject: [PATCH] RHV outputs: limit copied disk count to 23

202
0016-tests-Add-test-cases-for-converting-the-phony-Fedora.patch
View File

@ -1,202 +0,0 @@
From 34e04554158afb85ee6b5baebe2a9b18e0b34c86 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Wed, 8 Jun 2022 17:31:24 +0100
Subject: [PATCH] tests: Add test cases for converting the phony Fedora images
As well as testing a full Fedora conversion which was not really
tested properly before, this also adds tests of conversions of Btrfs,
RAID and LUKS guests.
(cherry picked from commit 3600f81ec5b584cbdc3f1d33a7a42bbc014e2412)
---
tests/Makefile.am | 8 ++++++
tests/test-v2v-fedora-btrfs-conversion.sh | 31 +++++++++++++++++++++
tests/test-v2v-fedora-conversion.sh | 31 +++++++++++++++++++++
tests/test-v2v-fedora-luks-conversion.sh | 32 ++++++++++++++++++++++
tests/test-v2v-fedora-md-conversion.sh | 33 +++++++++++++++++++++++
5 files changed, 135 insertions(+)
create mode 100755 tests/test-v2v-fedora-btrfs-conversion.sh
create mode 100755 tests/test-v2v-fedora-conversion.sh
create mode 100755 tests/test-v2v-fedora-luks-conversion.sh
create mode 100755 tests/test-v2v-fedora-md-conversion.sh
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 549d39e1..eb2931c5 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -95,6 +95,10 @@ TESTS = \
test-v2v-print-source.sh \
test-v2v-sound.sh \
test-v2v-virtio-win-iso.sh \
+ test-v2v-fedora-conversion.sh \
+ test-v2v-fedora-btrfs-conversion.sh \
+ test-v2v-fedora-luks-conversion.sh \
+ test-v2v-fedora-md-conversion.sh \
test-v2v-windows-conversion.sh \
rhbz1232192.sh \
$(SLOW_TESTS) \
@@ -170,6 +174,10 @@ EXTRA_DIST += \
test-v2v-bad-networks-and-bridges.sh \
test-v2v-cdrom.expected \
test-v2v-cdrom.sh \
+ test-v2v-fedora-conversion.sh \
+ test-v2v-fedora-btrfs-conversion.sh \
+ test-v2v-fedora-luks-conversion.sh \
+ test-v2v-fedora-md-conversion.sh \
test-v2v-floppy.expected \
test-v2v-floppy.sh \
test-v2v-i-disk.sh \
diff --git a/tests/test-v2v-fedora-btrfs-conversion.sh b/tests/test-v2v-fedora-btrfs-conversion.sh
new file mode 100755
index 00000000..c78f8ae2
--- /dev/null
+++ b/tests/test-v2v-fedora-btrfs-conversion.sh
@@ -0,0 +1,31 @@
+#!/bin/bash -
+# libguestfs virt-v2v test script
+# Copyright (C) 2014-2022 Red Hat Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+# Test virt-v2v (Phony) Fedora conversion.
+
+set -e
+
+source ./functions.sh
+set -e
+set -x
+
+skip_if_skipped
+f=../test-data/phony-guests/fedora-btrfs.img
+requires test -f $f
+
+$VG virt-v2v --debug-gc -i disk $f -o null
diff --git a/tests/test-v2v-fedora-conversion.sh b/tests/test-v2v-fedora-conversion.sh
new file mode 100755
index 00000000..92f4bbe8
--- /dev/null
+++ b/tests/test-v2v-fedora-conversion.sh
@@ -0,0 +1,31 @@
+#!/bin/bash -
+# libguestfs virt-v2v test script
+# Copyright (C) 2014-2022 Red Hat Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+# Test virt-v2v (Phony) Fedora conversion.
+
+set -e
+
+source ./functions.sh
+set -e
+set -x
+
+skip_if_skipped
+f=../test-data/phony-guests/fedora.img
+requires test -f $f
+
+$VG virt-v2v --debug-gc -i disk $f -o null
diff --git a/tests/test-v2v-fedora-luks-conversion.sh b/tests/test-v2v-fedora-luks-conversion.sh
new file mode 100755
index 00000000..2922c31d
--- /dev/null
+++ b/tests/test-v2v-fedora-luks-conversion.sh
@@ -0,0 +1,32 @@
+#!/bin/bash -
+# libguestfs virt-v2v test script
+# Copyright (C) 2014-2022 Red Hat Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+# Test virt-v2v (Phony) Fedora conversion.
+
+set -e
+
+source ./functions.sh
+set -e
+set -x
+
+skip_if_skipped
+f=../test-data/phony-guests/fedora-luks.img
+requires test -f $f
+
+# The disk is encrypted with password "FEDORA".
+$VG virt-v2v --debug-gc -i disk $f -o null --key /dev/sda2:key:FEDORA
diff --git a/tests/test-v2v-fedora-md-conversion.sh b/tests/test-v2v-fedora-md-conversion.sh
new file mode 100755
index 00000000..669f2c01
--- /dev/null
+++ b/tests/test-v2v-fedora-md-conversion.sh
@@ -0,0 +1,33 @@
+#!/bin/bash -
+# libguestfs virt-v2v test script
+# Copyright (C) 2014-2022 Red Hat Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+# Test virt-v2v (Phony) Fedora conversion.
+
+set -e
+
+source ./functions.sh
+set -e
+set -x
+
+skip_if_skipped
+f1=../test-data/phony-guests/fedora-md1.img
+requires test -f $f1
+f2=../test-data/phony-guests/fedora-md2.img
+requires test -f $f2
+
+$VG virt-v2v --debug-gc -i disk $f1 $f2 -o null
--
2.31.1

52
0017-convert-document-networking-dependency-of-key-ID-cle.patch Normal file
View File

@ -0,0 +1,52 @@
From 81a201269e5451cd76348e0da6d0ef4c0fb4c0dd Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Fri, 1 Jul 2022 15:30:42 +0200
Subject: [PATCH] convert: document networking dependency of "--key ID:clevis"
Virt-v2v enables appliance networking already, for the sake of
"unconfigure_vmware". We now have a second use case for networking: "--key
ID:clevis". Update the comment in the code.
(Short log for libguestfs-common commit range 35467027f657..af6cb55bc58a:
Laszlo Ersek (12):
options: fix UUID comparison logic bug in get_keys()
mltools/tools_utils: remove unused function "key_store_to_cli"
mltools/tools_utils: allow multiple "--key" options for OCaml tools too
options: replace NULL-termination with number-of-elements in get_keys()
options: wrap each passphrase from get_keys() into a struct
options: add back-end for LUKS decryption with Clevis+Tang
options: introduce selector type "key_clevis"
options: generalize "--key" selector parsing for C-language utilities
mltools/tools_utils-c: handle internal type error with abort()
mltools/tools_utils: generalize "--key" selector parsing for OCaml utils
options, mltools/tools_utils: parse "--key ID:clevis" options
options, mltools/tools_utils: add helper for network dependency
).
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1809453
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20220628115856.5820-1-lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 98fa5ab2685371c681282ce5de704877af27be74)
---
convert/convert.ml | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/convert/convert.ml b/convert/convert.ml
index 5e0e6c2b..b678dc92 100644
--- a/convert/convert.ml
+++ b/convert/convert.ml
@@ -57,7 +57,8 @@ let rec convert dir options source =
* sure this is not too large because each vCPU consumes guest RAM.
*)
g#set_smp (min 8 (Sysconf.nr_processors_online ()));
- (* The network is only used by the unconfigure_vmware () function. *)
+ (* The network is used by the unconfigure_vmware () function, and the "--key
+ * ID:clevis" command line options (if any). *)
g#set_network true;
List.iter (
fun { s_disk_id = i } ->
--
2.31.1

2
0027-qemu-nbd-Implement-output-compression-for-qcow2-file.patch → 0018-qemu-nbd-Implement-output-compression-for-qcow2-file.patch
View File

@ -1,4 +1,4 @@
From a2d58a7f879c2fd3ac6ff1ddd92db0e455b906f3 Mon Sep 17 00:00:00 2001
From 80831868395d161af8c47edf2f54234c63581d8d Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Fri, 28 Jan 2022 09:30:29 +0000
Subject: [PATCH] qemu-nbd: Implement output compression for qcow2 files

203
0018-windows_virtio-remove-install_linux_tools.patch
View File

@ -1,203 +0,0 @@
From 2aa40ec1db2af2310a649bf6142f8de1ef0cd8e2 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Mon, 13 Jun 2022 19:01:33 +0200
Subject: [PATCH] windows_virtio: remove "install_linux_tools"
"Windows_virtio.install_linux_tools" has never really worked in practice;
we've never managed to get the right content into the right location on
the virtio-win ISO.
Later patches in this series will install the qemu guest agent in a
firstboot script, using the guest's own package manager. For now, for ease
of review, only remove "Windows_virtio.install_linux_tools", and its
dependencies that now become unused:
- Linux.architecture_string
- Linux.binary_package_extension
- Linux.install_local
Salvage the comment (at the outermost call site) that failure to install
QGA is not fatal. This will be relevant for exception handling in the
subsequent patches.
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2028764
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Acked-by: Richard W.M. Jones <rjones@redhat.com>
Message-Id: <20220613170135.12557-3-lersek@redhat.com>
(cherry picked from commit 52e9cd77a8ef7c1b7975d4f72056f8f6b45fb10b)
---
convert/convert_linux.ml | 4 +++-
convert/linux.ml | 35 -------------------------------
convert/linux.mli | 11 ----------
convert/windows_virtio.ml | 42 --------------------------------------
convert/windows_virtio.mli | 4 ----
5 files changed, 3 insertions(+), 93 deletions(-)
diff --git a/convert/convert_linux.ml b/convert/convert_linux.ml
index 56604949..79462aa1 100644
--- a/convert/convert_linux.ml
+++ b/convert/convert_linux.ml
@@ -538,13 +538,15 @@ let convert (g : G.guestfs) source inspect keep_serial_console _ =
)
and install_linux_tools () =
+ (* It is not fatal if we fail to install the QEMU guest agent. *)
let has_qemu_guest_agent =
List.exists (
fun { G.app2_name = name } ->
name = "qemu-guest-agent"
) inspect.i_apps in
if not has_qemu_guest_agent then
- Windows_virtio.install_linux_tools g inspect
+ (* FIXME -- install qemu-guest-agent here *)
+ ()
and configure_kernel () =
(* Previously this function would try to install kernels, but we
diff --git a/convert/linux.ml b/convert/linux.ml
index e2908d02..f9acd63f 100644
--- a/convert/linux.ml
+++ b/convert/linux.ml
@@ -33,20 +33,6 @@ let augeas_reload g =
g#aug_load ();
debug_augeas_errors g
-let rec install_local g { i_package_format = package_format } packages =
- if packages <> [] then (
- match package_format with
- | "rpm" ->
- let cmd = [ "rpm"; "--upgrade"; "-v" ] @ packages in
- let cmd = Array.of_list cmd in
- ignore (g#command cmd)
- | format ->
- error (f_"dont know how to install packages using %s: packages: %s")
- format (String.concat " " packages)
- (* Reload Augeas in case anything changed. *)
- augeas_reload g
- )
-
let rec remove g inspect packages =
if packages <> [] then (
do_remove g inspect packages;
@@ -187,24 +173,3 @@ let is_package_manager_save_file filename =
(* Recognized suffixes of package managers. *)
let suffixes = [ ".dpkg-old"; ".dpkg-new"; ".rpmsave"; ".rpmnew"; ] in
List.exists (Filename.check_suffix filename) suffixes
-
-let binary_package_extension { i_package_format = package_format } =
- match package_format with
- | "deb" -> "deb"
- | "rpm" -> "rpm"
- | format ->
- error (f_"dont know what is the extension of binary packages using %s")
- format
-
-let architecture_string { i_package_format = package_format; i_arch = arch;
- i_distro = distro } =
- match package_format, distro, arch with
- | "deb", _, "x86_64" -> "amd64"
- | "deb", _, a -> a
- | "rpm", ("sles"|"suse-based"|"opensuse"), "i386" -> "i586"
- | "rpm", ("sles"|"suse-based"|"opensuse"), a -> a
- | "rpm", _, "i386" -> "i686"
- | "rpm", _, a -> a
- | format, distro, arch ->
- error (f_"dont know what is the architecture string of %s using %s on %s")
- arch format distro
diff --git a/convert/linux.mli b/convert/linux.mli
index 856ffe3c..57898310 100644
--- a/convert/linux.mli
+++ b/convert/linux.mli
@@ -23,9 +23,6 @@ val augeas_reload : Guestfs.guestfs -> unit
additional debugging information about parsing problems
that augeas found. *)
-val install_local: Guestfs.guestfs -> Types.inspect -> string list -> unit
-(** Install package(s). *)
-
val remove : Guestfs.guestfs -> Types.inspect -> string list -> unit
(** Uninstall package(s). *)
@@ -38,11 +35,3 @@ val is_file_owned : Guestfs.guestfs -> Types.inspect -> string -> bool
val is_package_manager_save_file : string -> bool
(** Return true if the filename is something like [*.rpmsave], ie.
a package manager save-file. *)
-
-val binary_package_extension : Types.inspect -> string
-(** Return the extension typically used for binary packages in the
- specified package format. *)
-
-val architecture_string : Types.inspect -> string
-(** Return the architecture string typically used for binary packages
- in the specified package format, and for the specified distro. *)
diff --git a/convert/windows_virtio.ml b/convert/windows_virtio.ml
index 301f7544..183166b7 100644
--- a/convert/windows_virtio.ml
+++ b/convert/windows_virtio.ml
@@ -113,48 +113,6 @@ let rec install_drivers ((g, _) as reg) inspect =
virtio_rng_supported, virtio_ballon_supported, isa_pvpanic_supported, virtio_socket_supported)
)
-and install_linux_tools g inspect =
- let os =
- match inspect.i_distro with
- | "fedora" -> Some "fc28"
- | "rhel" | "centos" | "scientificlinux" | "redhat-based"
- | "oraclelinux" ->
- (* map 6 -> "el6" etc. *)
- if inspect.i_major_version >= 6 then
- Some (sprintf "el%d" inspect.i_major_version)
- else
- None
- | "sles" | "suse-based" | "opensuse" -> Some "lp151"
- | _ -> None in
-
- match os with
- | None -> ()
- | Some os ->
- let src_path = "linux" // os in
- let dst_path = "/var/tmp" in
- let pkg_arch = Linux.architecture_string inspect in
- let pkg_ext = Linux.binary_package_extension inspect in
- let package_suffixes = [
- sprintf ".%s.%s" pkg_arch pkg_ext;
- sprintf "_%s.%s" pkg_arch pkg_ext;
- ] in
- let package_filter path _ =
- List.exists (String.is_suffix path) package_suffixes
- in
- debug "locating packages in %s" src_path;
- let packages =
- copy_from_virtio_win g inspect src_path dst_path
- package_filter
- (fun () -> ()) in
- debug "done copying %d files" (List.length packages);
- let packages = List.map ((//) dst_path) packages in
- try
- Linux.install_local g inspect packages;
- if packages <> [] then
- info (f_"QEMU Guest Agent installed for this guest.");
- with G.Error msg ->
- warning (f_"failed to install QEMU Guest Agent: %s") msg
-
and add_guestor_to_registry ((g, root) as reg) inspect drv_name drv_pciid =
let ddb_node = g#hivex_node_get_child root "DriverDatabase" in
diff --git a/convert/windows_virtio.mli b/convert/windows_virtio.mli
index a92cc01d..73ec95c7 100644
--- a/convert/windows_virtio.mli
+++ b/convert/windows_virtio.mli
@@ -38,10 +38,6 @@ val install_drivers
reflecting what devices are now required by the guest, either virtio
devices if we managed to install those, or legacy devices if we didn't. *)
-val install_linux_tools : Guestfs.guestfs -> Types.inspect -> unit
-(** installs QEMU Guest Agent on Linux guest OS from the driver directory or
- driver ISO. It is not fatal if we fail to install the agent. *)
-
val copy_qemu_ga : Guestfs.guestfs -> Types.inspect -> string list
(** copy MSIs (idealy just one) with QEMU Guest Agent to Windows guest. The
MSIs are not installed by this function. *)
--
2.31.1

2
0028-o-disk-o-libvirt-o-qemu-Implement-of-qcow2-oo-compre.patch → 0019-o-disk-o-libvirt-o-qemu-Implement-of-qcow2-oo-compre.patch
View File

@ -1,4 +1,4 @@
From b4b48b88c3fadbceedaf8ba03e788bff27b0ad4d Mon Sep 17 00:00:00 2001
From ca3643d06eed2de22cb81ad2eb13ba7f75c0487e Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Fri, 28 Jan 2022 09:30:58 +0000
Subject: [PATCH] -o disk, -o libvirt, -o qemu: Implement -of qcow2 -oo

409
0020-convert_linux-install-the-QEMU-guest-agent-with-a-fi.patch
View File

@ -1,409 +0,0 @@
From 21309da26e0647c00c16cfb374fa418991b432aa Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Mon, 13 Jun 2022 19:01:35 +0200
Subject: [PATCH] convert_linux: install the QEMU guest agent with a firstboot
script
Register a firstboot script, for installing the guest agent with the
guest's own package manager -- that is, "Guest_packages.install_command".
For installing the package, network connectivity is required. Check it
first with "nmcli" (also checking whether NetworkManager is running), then
with "systemd-networkd-wait-online" (dependent on systemd-networkd). Note
that NetworkManager and systemd-networkd are never supposed to be enabled
at the same time.
The source domain's SELinux policy may not allow our firstboot service to
execute the package's installation scripts (if any). For that reason,
temporarily disable SELinux around package installation.
After installation, register another script for launching the agent.
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2028764
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20220613170135.12557-5-lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit e64356896377af1ac75a03d6a4c6a4208910bbf4)
---
common | 2 +-
convert/convert_linux.ml | 78 ++++++++++++++++++++++++++++++++++++++--
2 files changed, 77 insertions(+), 3 deletions(-)
Submodule common 48527b87..9e990f3e:
diff --git a/common/mlcustomize/Makefile.am b/common/mlcustomize/Makefile.am
index cd7d8971..4e260647 100644
--- a/common/mlcustomize/Makefile.am
+++ b/common/mlcustomize/Makefile.am
@@ -38,10 +38,12 @@ generator_built = \
SOURCES_MLI = \
firstboot.mli \
+ guest_packages.mli \
SELinux_relabel.mli
SOURCES_ML = \
firstboot.ml \
+ guest_packages.ml \
SELinux_relabel.ml
if HAVE_OCAML
diff --git a/common/mlcustomize/customize-options.pod b/common/mlcustomize/customize-options.pod
index a83c80a5..8aafacde 100644
--- a/common/mlcustomize/customize-options.pod
+++ b/common/mlcustomize/customize-options.pod
@@ -310,6 +310,10 @@ It cannot delete directories, only regular files.
=back
+=item B<--selinux-relabel>
+
+This is a compatibility option that does nothing.
+
=item B<--sm-attach> SELECTOR
Attach to a pool using C<subscription-manager>.
diff --git a/common/mlcustomize/customize-synopsis.pod b/common/mlcustomize/customize-synopsis.pod
index 25208538..9e2c4b2b 100644
--- a/common/mlcustomize/customize-synopsis.pod
+++ b/common/mlcustomize/customize-synopsis.pod
@@ -13,4 +13,4 @@
[--uninstall PKG,PKG..] [--update] [--upload FILE:DEST]
[--write FILE:CONTENT] [--no-logfile]
[--password-crypto md5|sha256|sha512] [--no-selinux-relabel]
- [--sm-credentials SELECTOR]
+ [--selinux-relabel] [--sm-credentials SELECTOR]
diff --git a/common/mlcustomize/customize_cmdline.ml b/common/mlcustomize/customize_cmdline.ml
index 5d404e84..a17bed40 100644
--- a/common/mlcustomize/customize_cmdline.ml
+++ b/common/mlcustomize/customize_cmdline.ml
@@ -111,6 +111,8 @@ and flags = {
(* --password-crypto md5|sha256|sha512 *)
no_selinux_relabel : bool;
(* --no-selinux-relabel *)
+ selinux_relabel_ignored : bool;
+ (* --selinux-relabel *)
sm_credentials : Subscription_manager.sm_credentials option;
(* --sm-credentials SELECTOR *)
}
@@ -122,6 +124,7 @@ let rec argspec () =
let scrub_logfile = ref false in
let password_crypto = ref None in
let no_selinux_relabel = ref false in
+ let selinux_relabel_ignored = ref false in
let sm_credentials = ref None in
let rec get_ops () = {
@@ -132,6 +135,7 @@ let rec argspec () =
scrub_logfile = !scrub_logfile;
password_crypto = !password_crypto;
no_selinux_relabel = !no_selinux_relabel;
+ selinux_relabel_ignored = !selinux_relabel_ignored;
sm_credentials = !sm_credentials;
}
in
@@ -464,6 +468,12 @@ let rec argspec () =
s_"Do not relabel files with correct SELinux labels"
),
None, "Do not attempt to correct the SELinux labels of files in the guest.\n\nIn such guests that support SELinux, customization automatically\nrelabels files so that they have the correct SELinux label. (The\nrelabeling is performed immediately, but if the operation fails,\ncustomization will instead touch F</.autorelabel> on the image to\nschedule a relabel operation for the next time the image boots.) This\noption disables the automatic relabeling.\n\nThe option is a no-op for guests that do not support SELinux.";
+ (
+ [ L"selinux-relabel" ],
+ Getopt.Set selinux_relabel_ignored,
+ s_"Compatibility option doing nothing"
+ ),
+ None, "This is a compatibility option that does nothing.";
(
[ L"sm-credentials" ],
Getopt.String (
diff --git a/common/mlcustomize/customize_cmdline.mli b/common/mlcustomize/customize_cmdline.mli
index 7ee882a6..7d14e782 100644
--- a/common/mlcustomize/customize_cmdline.mli
+++ b/common/mlcustomize/customize_cmdline.mli
@@ -103,6 +103,8 @@ and flags = {
(* --password-crypto md5|sha256|sha512 *)
no_selinux_relabel : bool;
(* --no-selinux-relabel *)
+ selinux_relabel_ignored : bool;
+ (* --selinux-relabel *)
sm_credentials : Subscription_manager.sm_credentials option;
(* --sm-credentials SELECTOR *)
}
diff --git a/common/mlcustomize/guest_packages.ml b/common/mlcustomize/guest_packages.ml
new file mode 100644
index 00000000..4c3c34ed
--- /dev/null
+++ b/common/mlcustomize/guest_packages.ml
@@ -0,0 +1,132 @@
+(* virt-customize
+ * Copyright (C) 2012-2021 Red Hat Inc.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *)
+
+open Printf
+
+open Common_gettext.Gettext
+open Std_utils
+
+exception Unknown_package_manager of string
+exception Unimplemented_package_manager of string
+
+(* Windows has package_management == "unknown". *)
+let error_unknown_package_manager flag =
+ let msg = sprintf (f_"cannot use %s because no package manager has been \
+ detected for this guest OS.\n\nIf this guest OS is a \
+ common one with ordinary package management then this \
+ may have been caused by a failure of libguestfs \
+ inspection.\n\nFor OSes such as Windows that lack \
+ package management, this is not possible. Try using \
+ one of the --firstboot* flags instead (described in \
+ the virt-customize(1) manual).") flag in
+ raise (Unknown_package_manager msg)
+
+let error_unimplemented_package_manager flag pm =
+ let msg = sprintf (f_"sorry, %s with the %s package manager has not \
+ been implemented yet.\n\nYou can work around this by \
+ using one of the --run* or --firstboot* options \
+ instead (described in the virt-customize(1) manual).")
+ flag pm in
+ raise (Unimplemented_package_manager msg)
+
+(* http://distrowatch.com/dwres.php?resource=package-management *)
+let install_command packages package_management =
+ let quoted_args = String.concat " " (List.map quote packages) in
+ match package_management with
+ | "apk" ->
+ sprintf "
+ apk update
+ apk add %s
+ " quoted_args
+ | "apt" ->
+ (* http://unix.stackexchange.com/questions/22820 *)
+ sprintf "
+ export DEBIAN_FRONTEND=noninteractive
+ apt_opts='-q -y -o Dpkg::Options::=--force-confnew'
+ apt-get $apt_opts update
+ apt-get $apt_opts install %s
+ " quoted_args
+ | "dnf" ->
+ sprintf "dnf%s -y install %s"
+ (if verbose () then " --verbose" else "")
+ quoted_args
+ | "pisi" -> sprintf "pisi it %s" quoted_args
+ | "pacman" -> sprintf "pacman -S --noconfirm %s" quoted_args
+ | "urpmi" -> sprintf "urpmi %s" quoted_args
+ | "xbps" -> sprintf "xbps-install -Sy %s" quoted_args
+ | "yum" -> sprintf "yum -y install %s" quoted_args
+ | "zypper" -> sprintf "zypper -n in -l %s" quoted_args
+
+ | "unknown" ->
+ error_unknown_package_manager (s_"--install")
+ | pm ->
+ error_unimplemented_package_manager (s_"--install") pm
+
+let update_command package_management =
+ match package_management with
+ | "apk" ->
+ "
+ apk update
+ apk upgrade
+ "
+ | "apt" ->
+ (* http://unix.stackexchange.com/questions/22820 *)
+ "
+ export DEBIAN_FRONTEND=noninteractive
+ apt_opts='-q -y -o Dpkg::Options::=--force-confnew'
+ apt-get $apt_opts update
+ apt-get $apt_opts upgrade
+ "
+ | "dnf" ->
+ sprintf "dnf%s -y --best upgrade"
+ (if verbose () then " --verbose" else "")
+ | "pisi" -> "pisi upgrade"
+ | "pacman" -> "pacman -Su"
+ | "urpmi" -> "urpmi --auto-select"
+ | "xbps" -> "xbps-install -Suy"
+ | "yum" -> "yum -y update"
+ | "zypper" -> "zypper -n update -l"
+
+ | "unknown" ->
+ error_unknown_package_manager (s_"--update")
+ | pm ->
+ error_unimplemented_package_manager (s_"--update") pm
+
+let uninstall_command packages package_management =
+ let quoted_args = String.concat " " (List.map quote packages) in
+ match package_management with
+ | "apk" -> sprintf "apk del %s" quoted_args
+ | "apt" ->
+ (* http://unix.stackexchange.com/questions/22820 *)
+ sprintf "
+ export DEBIAN_FRONTEND=noninteractive
+ apt_opts='-q -y -o Dpkg::Options::=--force-confnew'
+ apt-get $apt_opts remove %s
+ " quoted_args
+ | "dnf" -> sprintf "dnf -y remove %s" quoted_args
+ | "pisi" -> sprintf "pisi rm %s" quoted_args
+ | "pacman" -> sprintf "pacman -R %s" quoted_args
+ | "urpmi" -> sprintf "urpme %s" quoted_args
+ | "xbps" -> sprintf "xbps-remove -Sy %s" quoted_args
+ | "yum" -> sprintf "yum -y remove %s" quoted_args
+ | "zypper" -> sprintf "zypper -n rm %s" quoted_args
+
+ | "unknown" ->
+ error_unknown_package_manager (s_"--uninstall")
+ | pm ->
+ error_unimplemented_package_manager (s_"--uninstall") pm
diff --git a/common/mlcustomize/guest_packages.mli b/common/mlcustomize/guest_packages.mli
new file mode 100644
index 00000000..7504a6ab
--- /dev/null
+++ b/common/mlcustomize/guest_packages.mli
@@ -0,0 +1,44 @@
+(* virt-customize
+ * Copyright (C) 2012-2021 Red Hat Inc.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *)
+
+exception Unknown_package_manager of string
+exception Unimplemented_package_manager of string
+(** For all three functions below, [package_management] determines the package
+ management system in use by the guest; commonly it should be filled in from
+ [Guestfs.inspect_get_package_management], or the equivalent guestfs object
+ method.
+
+ If [package_management] is unknown or unimplemented, the functions raise
+ [Unknown_package_manager "error message"] or [Unimplemented_package_manager
+ "error message"], correspondingly. *)
+
+val install_command : string list -> string -> string
+(** [install_command packages package_management] produces a properly quoted
+ shell command string suitable for execution in the guest (directly or via a
+ Firstboot script) for installing the OS packages listed in [packages]. *)
+
+val update_command : string -> string
+(** [update_command package_management] produces a properly quoted shell command
+ string suitable for execution in the guest (directly or via a Firstboot
+ script) for updating the OS packages that are currently installed in the
+ guest. *)
+
+val uninstall_command : string list -> string -> string
+(** [uninstall_command packages package_management] produces a properly quoted
+ shell command string suitable for execution in the guest (directly or via a
+ Firstboot script) for uninstalling the OS packages listed in [packages]. *)
diff --git a/convert/convert_linux.ml b/convert/convert_linux.ml
index 2ddbc07a..59d143bd 100644
--- a/convert/convert_linux.ml
+++ b/convert/convert_linux.ml
@@ -562,8 +562,82 @@ let convert (g : G.guestfs) source inspect keep_serial_console _ =
name = qga_pkg
) inspect.i_apps in
if not has_qemu_guest_agent then
- (* FIXME -- install qemu-guest-agent here *)
- ()
+ try
+ let inst_cmd = Guest_packages.install_command [qga_pkg]
+ inspect.i_package_management in
+
+ (* Use only the portable filename character set in this. *)
+ let selinux_enforcing = "/root/virt-v2v-fb-selinux-enforcing"
+ and timeout = 30 in
+ let fbs =
+ Firstboot.add_firstboot_script g inspect.i_root
+ in
+ info (f_"The QEMU Guest Agent will be installed for this guest at \
+ first boot.");
+
+ (* Wait for the network to come online in the guest (best effort).
+ *)
+ fbs "wait online"
+ (sprintf "#!/bin/sh\n\
+ if conn=$(nmcli networking connectivity); then\n\
+ \ \ tries=0\n\
+ \ \ while\n\
+ \ \ \ \ test $tries -lt %d &&\n\
+ \ \ \ \ test full != \"$conn\"\n\
+ \ \ do\n\
+ \ \ \ \ sleep 1\n\
+ \ \ \ \ tries=$((tries + 1))\n\
+ \ \ \ \ conn=$(nmcli networking connectivity)\n\
+ \ \ done\n\
+ elif systemctl -q is-active systemd-networkd; then\n\
+ \ \ /usr/lib/systemd/systemd-networkd-wait-online \\\n\
+ \ \ \ \ -q --timeout=%d\n\
+ fi\n" timeout timeout);
+
+ (* Disable SELinux temporarily around package installation. Refer to
+ * <https://bugzilla.redhat.com/show_bug.cgi?id=2028764#c7> and
+ * <https://bugzilla.redhat.com/show_bug.cgi?id=2028764#c8>.
+ *)
+ fbs "setenforce 0"
+ (sprintf "#!/bin/sh\n\
+ rm -f %s\n\
+ if command -v getenforce >/dev/null &&\n\
+ \ \ test Enforcing = \"$(getenforce)\"\n\
+ then\n\
+ \ \ touch %s\n\
+ \ \ setenforce 0\n\
+ fi\n" selinux_enforcing selinux_enforcing);
+ fbs "install qga" inst_cmd;
+ fbs "setenforce restore"
+ (sprintf "#!/bin/sh\n\
+ if test -f %s; then\n\
+ \ \ setenforce 1\n\
+ \ \ rm -f %s\n\
+ fi\n" selinux_enforcing selinux_enforcing);
+
+ (* Start the agent now and at subsequent boots. The following
+ * commands should work on both sysvinit distros / distro versions
+ * (regardless of "/etc/rc.d/" vs. "/etc/init.d/" being the scheme
+ * in use) and systemd distros (via redirection to systemctl).
+ *
+ * On distros where the chkconfig command is redirected to
+ * systemctl, the chkconfig command is likely superfluous. That's
+ * because on systemd distros, the QGA package comes with such
+ * runtime dependencies / triggers that the presence of the
+ * virtio-serial port named "org.qemu.guest_agent.0" automatically
+ * starts the agent during (second and later) boots. However, even
+ * on such distros, the chkconfig command should do no harm.
+ *)
+ fbs "start qga"
+ (sprintf "#!/bin/sh\n\
+ service %s start\n\
+ chkconfig %s on\n" qga_pkg qga_pkg)
+ with
+ | Guest_packages.Unknown_package_manager msg
+ | Guest_packages.Unimplemented_package_manager msg ->
+ warning (f_"The QEMU Guest Agent will not be installed. The \
+ install command for package %s could not be created: \
+ %s.") qga_pkg msg
and configure_kernel () =
(* Previously this function would try to install kernels, but we
--
2.31.1

2
0029-tests-Add-a-simple-test-of-o-local-of-qcow2-oo-compr.patch → 0020-tests-Add-a-simple-test-of-o-local-of-qcow2-oo-compr.patch
View File

@ -1,4 +1,4 @@
From f87296160b1c1e213d86a077ab2e764c2977bc1e Mon Sep 17 00:00:00 2001
From 672b9795e85b48f337b3da2d6fa393e7788d79a1 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Fri, 1 Jul 2022 11:18:53 +0100
Subject: [PATCH] tests: Add a simple test of -o local -of qcow2 -oo compressed

2
0030-RHEL-9-oo-compressed-Remove-nbdcopy-version-check-an.patch → 0021-RHEL-9-oo-compressed-Remove-nbdcopy-version-check-an.patch
View File

@ -1,4 +1,4 @@
From 8bc838bd9b12c658bd7c6f1d5d22dfc0375ca57b Mon Sep 17 00:00:00 2001
From b61a03ad272bb08ff5ca757ade6a23bfef34fdc9 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 5 Jul 2022 11:56:54 +0100
Subject: [PATCH] RHEL 9: -oo compressed: Remove nbdcopy version check and test

35
0021-test-data-Replace-deprecated-luks_open-with-cryptset.patch
View File

@ -1,35 +0,0 @@
From 55ae823b5a98667483ef6c9bf1f70011f2f60268 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 14 Jun 2022 13:27:07 +0200
Subject: [PATCH] test-data: Replace deprecated luks_open with cryptsetup_open.
The two calls are identical, so this simply avoids a deprecation
warning.
(Picked from guestfs-tools commit 9a27f19269f5 ("test-data: Replace
deprecated luks_open with cryptsetup_open.", 2022-02-28).)
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20220614112709.12210-2-lersek@redhat.com>
Acked-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 88e237da4c4d065e445659e2fdf34892cb99bdb9)
---
test-data/phony-guests/make-fedora-img.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/test-data/phony-guests/make-fedora-img.pl b/test-data/phony-guests/make-fedora-img.pl
index ad30960f..488a7d89 100755
--- a/test-data/phony-guests/make-fedora-img.pl
+++ b/test-data/phony-guests/make-fedora-img.pl
@@ -195,7 +195,7 @@ EOF
# Put LUKS on the second partition.
$g->luks_format ('/dev/sda2', 'FEDORA', 0);
- $g->luks_open ('/dev/sda2', 'FEDORA', 'luks');
+ $g->cryptsetup_open ('/dev/sda2', 'FEDORA', 'luks');
init_lvm_root ('/dev/mapper/luks');
}
--
2.31.1

2
0031-RHEL-9-tests-Remove-btrfs-test.patch → 0022-RHEL-9-tests-Remove-btrfs-test.patch
View File

@ -1,4 +1,4 @@
From 2408250d7cbf6c32a0a9a9de072fdb93d583519d Mon Sep 17 00:00:00 2001
From 8a8ff53b7d438e82085d52199d21c980a54c733d Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 5 Jul 2022 11:58:09 +0100
Subject: [PATCH] RHEL 9: tests: Remove btrfs test

158
0022-tests-rename-luks-to-lvm-on-luks.patch
View File

@ -1,158 +0,0 @@
From b01ebfd510a841341c653d709ed94ad4ff4b7637 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Tue, 14 Jun 2022 13:27:08 +0200
Subject: [PATCH] tests: rename "luks" to "lvm-on-luks"
Clarify that our current usage of "luks" stands for "lvm-on-luks" (IOW,
that the decrypted LUKS devices are Physical Volumes for LVM).
(This is a port of libguestfs patch 'tests: rename "luks" to
"lvm-on-luks"' -- commit 39a5bb6fda4d. See also guestfs-tools commit
8f2bbc3d50d8 -- 'inspector: rename "luks" to "lvm-on-luks"', 2022-02-28.)
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20220614112709.12210-3-lersek@redhat.com>
Acked-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit a2ff864d9332686cb7c27ccffe82783622c5d73d)
---
.gitignore | 2 +-
test-data/phony-guests/Makefile.am | 8 ++++----
test-data/phony-guests/guests.xml.in | 4 ++--
test-data/phony-guests/make-fedora-img.pl | 8 ++++----
tests/Makefile.am | 4 ++--
...rsion.sh => test-v2v-fedora-lvm-on-luks-conversion.sh} | 2 +-
6 files changed, 14 insertions(+), 14 deletions(-)
rename tests/{test-v2v-fedora-luks-conversion.sh => test-v2v-fedora-lvm-on-luks-conversion.sh} (95%)
diff --git a/.gitignore b/.gitignore
index dcafa39c..0256b89d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -116,7 +116,7 @@ Makefile.in
/test-data/phony-guests/debian.img
/test-data/phony-guests/fedora.img
/test-data/phony-guests/fedora-btrfs.img
-/test-data/phony-guests/fedora-luks.img
+/test-data/phony-guests/fedora-lvm-on-luks.img
/test-data/phony-guests/fedora-md1.img
/test-data/phony-guests/fedora-md2.img
/test-data/phony-guests/fedora-static-bin
diff --git a/test-data/phony-guests/Makefile.am b/test-data/phony-guests/Makefile.am
index c45ddc11..6d7db3da 100644
--- a/test-data/phony-guests/Makefile.am
+++ b/test-data/phony-guests/Makefile.am
@@ -49,7 +49,7 @@ disk_images = \
fedora-md1.img \
fedora-md2.img \
fedora-btrfs.img \
- fedora-luks.img \
+ fedora-lvm-on-luks.img \
ubuntu.img \
archlinux.img \
coreos.img \
@@ -99,12 +99,12 @@ fedora-btrfs.img: make-fedora-img.pl \
fedora-static-bin
SRCDIR=$(srcdir) LAYOUT=btrfs $(top_builddir)/run --test ./$<
-# Make a (dummy) Fedora image with LVM encrypted with LUKS.
-fedora-luks.img: make-fedora-img.pl \
+# Make a (dummy) Fedora image with LVM-on-LUKS.
+fedora-lvm-on-luks.img: make-fedora-img.pl \
fedora-journal.tar.xz \
fedora.db \
fedora-static-bin
- SRCDIR=$(srcdir) LAYOUT=lvm-luks $(top_builddir)/run --test ./$<
+ SRCDIR=$(srcdir) LAYOUT=lvm-on-luks $(top_builddir)/run --test ./$<
# Make a (dummy) Debian image.
debian.img: make-debian-img.sh
diff --git a/test-data/phony-guests/guests.xml.in b/test-data/phony-guests/guests.xml.in
index 9f64c35c..339a6f7d 100644
--- a/test-data/phony-guests/guests.xml.in
+++ b/test-data/phony-guests/guests.xml.in
@@ -185,7 +185,7 @@
<!-- LUKS password is 'FEDORA' -->
<domain type='test'>
- <name>fedora-luks</name>
+ <name>fedora-lvm-on-luks</name>
<memory>1048576</memory>
<os>
<type>hvm</type>
@@ -194,7 +194,7 @@
<devices>
<disk type='file' device='disk'>
<driver name='qemu' type='raw'/>
- <source file='@abs_builddir@/fedora-luks.img'/>
+ <source file='@abs_builddir@/fedora-lvm-on-luks.img'/>
<target dev='vda' bus='virtio'/>
</disk>
</devices>
diff --git a/test-data/phony-guests/make-fedora-img.pl b/test-data/phony-guests/make-fedora-img.pl
index 488a7d89..0d886bdf 100755
--- a/test-data/phony-guests/make-fedora-img.pl
+++ b/test-data/phony-guests/make-fedora-img.pl
@@ -171,8 +171,8 @@ EOF
}
}
-elsif ($ENV{LAYOUT} eq 'lvm-luks') {
- push (@images, "fedora-luks.img-t");
+elsif ($ENV{LAYOUT} eq 'lvm-on-luks') {
+ push (@images, "fedora-lvm-on-luks.img-t");
open (my $fstab, '>', "fedora.fstab") or die;
print $fstab <<EOF;
@@ -183,9 +183,9 @@ EOF
$bootdev = '/dev/sda1';
- $g->disk_create ("fedora-luks.img-t", "raw", $IMAGE_SIZE);
+ $g->disk_create ("fedora-lvm-on-luks.img-t", "raw", $IMAGE_SIZE);
- $g->add_drive ("fedora-luks.img-t", format => "raw");
+ $g->add_drive ("fedora-lvm-on-luks.img-t", format => "raw");
$g->launch ();
$g->part_init ('/dev/sda', 'mbr');
diff --git a/tests/Makefile.am b/tests/Makefile.am
index eb2931c5..46e53a58 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -97,7 +97,7 @@ TESTS = \
test-v2v-virtio-win-iso.sh \
test-v2v-fedora-conversion.sh \
test-v2v-fedora-btrfs-conversion.sh \
- test-v2v-fedora-luks-conversion.sh \
+ test-v2v-fedora-lvm-on-luks-conversion.sh \
test-v2v-fedora-md-conversion.sh \
test-v2v-windows-conversion.sh \
rhbz1232192.sh \
@@ -176,7 +176,7 @@ EXTRA_DIST += \
test-v2v-cdrom.sh \
test-v2v-fedora-conversion.sh \
test-v2v-fedora-btrfs-conversion.sh \
- test-v2v-fedora-luks-conversion.sh \
+ test-v2v-fedora-lvm-on-luks-conversion.sh \
test-v2v-fedora-md-conversion.sh \
test-v2v-floppy.expected \
test-v2v-floppy.sh \
diff --git a/tests/test-v2v-fedora-luks-conversion.sh b/tests/test-v2v-fedora-lvm-on-luks-conversion.sh
similarity index 95%
rename from tests/test-v2v-fedora-luks-conversion.sh
rename to tests/test-v2v-fedora-lvm-on-luks-conversion.sh
index 2922c31d..e3e70e8c 100755
--- a/tests/test-v2v-fedora-luks-conversion.sh
+++ b/tests/test-v2v-fedora-lvm-on-luks-conversion.sh
@@ -25,7 +25,7 @@ set -e
set -x
skip_if_skipped
-f=../test-data/phony-guests/fedora-luks.img
+f=../test-data/phony-guests/fedora-lvm-on-luks.img
requires test -f $f
# The disk is encrypted with password "FEDORA".
--
2.31.1

220
0023-tests-add-LUKS-on-LVM-test.patch
View File

@ -1,220 +0,0 @@
From 308f585fa1e98fc07aad7a4e9299af47416d604f Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Tue, 14 Jun 2022 13:27:09 +0200
Subject: [PATCH] tests: add LUKS-on-LVM test
Port guestfs-tools commit 27da4b0c4991 ("inspector: add LUKS-on-LVM test",
2022-02-28) to virt-v2v. While at it, account for virt-v2v commit
fd7cd0c0fd22 ("test-data/phony-guests: Increase size of root filesystem",
2022-06-08).
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20220614112709.12210-4-lersek@redhat.com>
Acked-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit e4efe4b7d240b66b1d53fbe5a127f4f5966f6903)
---
.gitignore | 1 +
test-data/phony-guests/Makefile.am | 7 +++
test-data/phony-guests/guests.xml.in | 18 +++++++
test-data/phony-guests/make-fedora-img.pl | 54 +++++++++++++++++++
tests/Makefile.am | 2 +
.../test-v2v-fedora-luks-on-lvm-conversion.sh | 36 +++++++++++++
6 files changed, 118 insertions(+)
create mode 100755 tests/test-v2v-fedora-luks-on-lvm-conversion.sh
diff --git a/.gitignore b/.gitignore
index 0256b89d..46345e3b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -116,6 +116,7 @@ Makefile.in
/test-data/phony-guests/debian.img
/test-data/phony-guests/fedora.img
/test-data/phony-guests/fedora-btrfs.img
+/test-data/phony-guests/fedora-luks-on-lvm.img
/test-data/phony-guests/fedora-lvm-on-luks.img
/test-data/phony-guests/fedora-md1.img
/test-data/phony-guests/fedora-md2.img
diff --git a/test-data/phony-guests/Makefile.am b/test-data/phony-guests/Makefile.am
index 6d7db3da..29dbd4d0 100644
--- a/test-data/phony-guests/Makefile.am
+++ b/test-data/phony-guests/Makefile.am
@@ -49,6 +49,7 @@ disk_images = \
fedora-md1.img \
fedora-md2.img \
fedora-btrfs.img \
+ fedora-luks-on-lvm.img \
fedora-lvm-on-luks.img \
ubuntu.img \
archlinux.img \
@@ -99,6 +100,12 @@ fedora-btrfs.img: make-fedora-img.pl \
fedora-static-bin
SRCDIR=$(srcdir) LAYOUT=btrfs $(top_builddir)/run --test ./$<
+# Make a (dummy) Fedora image with LUKS-on-LVM.
+fedora-luks-on-lvm.img: make-fedora-img.pl \
+ fedora-journal.tar.xz \
+ fedora.db
+ SRCDIR=$(srcdir) LAYOUT=luks-on-lvm $(top_builddir)/run --test ./$<
+
# Make a (dummy) Fedora image with LVM-on-LUKS.
fedora-lvm-on-luks.img: make-fedora-img.pl \
fedora-journal.tar.xz \
diff --git a/test-data/phony-guests/guests.xml.in b/test-data/phony-guests/guests.xml.in
index 339a6f7d..4391c9b4 100644
--- a/test-data/phony-guests/guests.xml.in
+++ b/test-data/phony-guests/guests.xml.in
@@ -183,6 +183,24 @@
</devices>
</domain>
+ <!-- LUKS passwords are 'FEDORA-Root', 'FEDORA-LV1', 'FEDORA-LV2',
+ 'FEDORA-LV3' -->
+ <domain type='test'>
+ <name>fedora-luks-on-lvm</name>
+ <memory>1048576</memory>
+ <os>
+ <type>hvm</type>
+ <boot dev='hd'/>
+ </os>
+ <devices>
+ <disk type='file' device='disk'>
+ <driver name='qemu' type='raw'/>
+ <source file='@abs_builddir@/fedora-luks-on-lvm.img'/>
+ <target dev='vda' bus='virtio'/>
+ </disk>
+ </devices>
+ </domain>
+
<!-- LUKS password is 'FEDORA' -->
<domain type='test'>
<name>fedora-lvm-on-luks</name>
diff --git a/test-data/phony-guests/make-fedora-img.pl b/test-data/phony-guests/make-fedora-img.pl
index 0d886bdf..c30c0b53 100755
--- a/test-data/phony-guests/make-fedora-img.pl
+++ b/test-data/phony-guests/make-fedora-img.pl
@@ -200,6 +200,60 @@ EOF
init_lvm_root ('/dev/mapper/luks');
}
+elsif ($ENV{LAYOUT} eq 'luks-on-lvm') {
+ push (@images, "fedora-luks-on-lvm.img-t");
+
+ open (my $fstab, '>', "fedora.fstab") or die;
+ print $fstab <<EOF;
+LABEL=BOOT /boot ext2 default 0 0
+LABEL=ROOT / ext2 default 0 0
+EOF
+ close ($fstab) or die;
+
+ $bootdev = '/dev/sda1';
+
+ $g->disk_create ("fedora-luks-on-lvm.img-t", "raw", $IMAGE_SIZE);
+
+ $g->add_drive ("fedora-luks-on-lvm.img-t", format => "raw");
+ $g->launch ();
+
+ $g->part_init ('/dev/sda', 'mbr');
+ foreach my $p (@PARTITIONS) {
+ $g->part_add('/dev/sda', @$p);
+ }
+
+ # Create the Volume Group on /dev/sda2.
+ $g->pvcreate ('/dev/sda2');
+ $g->vgcreate ('VG', ['/dev/sda2']);
+ $g->lvcreate ('Root', 'VG', 256);
+ $g->lvcreate ('LV1', 'VG', 32);
+ $g->lvcreate ('LV2', 'VG', 32);
+ $g->lvcreate ('LV3', 'VG', 64);
+
+ # Format each Logical Group as a LUKS device, with a different password.
+ $g->luks_format ('/dev/VG/Root', 'FEDORA-Root', 0);
+ $g->luks_format ('/dev/VG/LV1', 'FEDORA-LV1', 0);
+ $g->luks_format ('/dev/VG/LV2', 'FEDORA-LV2', 0);
+ $g->luks_format ('/dev/VG/LV3', 'FEDORA-LV3', 0);
+
+ # Open the LUKS devices. This creates nodes like /dev/mapper/*-luks.
+ $g->cryptsetup_open ('/dev/VG/Root', 'FEDORA-Root', 'Root-luks');
+ $g->cryptsetup_open ('/dev/VG/LV1', 'FEDORA-LV1', 'LV1-luks');
+ $g->cryptsetup_open ('/dev/VG/LV2', 'FEDORA-LV2', 'LV2-luks');
+ $g->cryptsetup_open ('/dev/VG/LV3', 'FEDORA-LV3', 'LV3-luks');
+
+ # Phony root filesystem.
+ $g->mkfs ('ext2', '/dev/mapper/Root-luks', blocksize => 4096, label => 'ROOT');
+ $g->set_uuid ('/dev/mapper/Root-luks', '01234567-0123-0123-0123-012345678902');
+
+ # Other filesystems, just for testing findfs-label.
+ $g->mkfs ('ext2', '/dev/mapper/LV1-luks', blocksize => 4096, label => 'LV1');
+ $g->mkfs ('ext2', '/dev/mapper/LV2-luks', blocksize => 1024, label => 'LV2');
+ $g->mkfs ('ext2', '/dev/mapper/LV3-luks', blocksize => 2048, label => 'LV3');
+
+ $g->mount ('/dev/mapper/Root-luks', '/');
+}
+
else {
print STDERR "$0: Unknown LAYOUT: ",$ENV{LAYOUT},"\n";
exit 1;
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 46e53a58..e787a86c 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -97,6 +97,7 @@ TESTS = \
test-v2v-virtio-win-iso.sh \
test-v2v-fedora-conversion.sh \
test-v2v-fedora-btrfs-conversion.sh \
+ test-v2v-fedora-luks-on-lvm-conversion.sh \
test-v2v-fedora-lvm-on-luks-conversion.sh \
test-v2v-fedora-md-conversion.sh \
test-v2v-windows-conversion.sh \
@@ -176,6 +177,7 @@ EXTRA_DIST += \
test-v2v-cdrom.sh \
test-v2v-fedora-conversion.sh \
test-v2v-fedora-btrfs-conversion.sh \
+ test-v2v-fedora-luks-on-lvm-conversion.sh \
test-v2v-fedora-lvm-on-luks-conversion.sh \
test-v2v-fedora-md-conversion.sh \
test-v2v-floppy.expected \
diff --git a/tests/test-v2v-fedora-luks-on-lvm-conversion.sh b/tests/test-v2v-fedora-luks-on-lvm-conversion.sh
new file mode 100755
index 00000000..1a4068cf
--- /dev/null
+++ b/tests/test-v2v-fedora-luks-on-lvm-conversion.sh
@@ -0,0 +1,36 @@
+#!/bin/bash -
+# libguestfs virt-v2v test script
+# Copyright (C) 2014-2022 Red Hat Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+# Test virt-v2v (Phony) Fedora conversion.
+
+set -e
+
+source ./functions.sh
+set -e
+set -x
+
+skip_if_skipped
+f=../test-data/phony-guests/fedora-luks-on-lvm.img
+requires test -f $f
+
+keys=(--key /dev/VG/Root:key:FEDORA-Root
+ --key /dev/VG/LV1:key:FEDORA-LV1
+ --key /dev/VG/LV2:key:FEDORA-LV2
+ --key /dev/VG/LV3:key:FEDORA-LV3)
+
+$VG virt-v2v --debug-gc -i disk $f -o null "${keys[@]}"
--
2.31.1

53
0025-update-common-submodule-for-CVE-2022-2211-fix.patch
View File

@ -1,53 +0,0 @@
From 5fa419748ef35851efadd1a249d55f42c5d0112b Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 29 Jun 2022 15:44:27 +0200
Subject: [PATCH] update common submodule for CVE-2022-2211 fix
$ git shortlog 9e990f3e4530..35467027f657
Laszlo Ersek (1):
options: fix buffer overflow in get_keys() [CVE-2022-2211]
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit 795d5dfcef77fc54fec4d237bda28571454a6d4e)
---
common | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Submodule common 9e990f3e..35467027:
diff --git a/common/options/keys.c b/common/options/keys.c
index 798315c2..d27a7123 100644
--- a/common/options/keys.c
+++ b/common/options/keys.c
@@ -128,17 +128,23 @@ read_first_line_from_file (const char *filename)
char **
get_keys (struct key_store *ks, const char *device, const char *uuid)
{
- size_t i, j, len;
+ size_t i, j, nmemb;
char **r;
char *s;
/* We know the returned list must have at least one element and not
* more than ks->nr_keys.
*/
- len = 1;
- if (ks)
- len = MIN (1, ks->nr_keys);
- r = calloc (len+1, sizeof (char *));
+ nmemb = 1;
+ if (ks && ks->nr_keys > nmemb)
+ nmemb = ks->nr_keys;
+
+ /* make room for the terminating NULL */
+ if (nmemb == (size_t)-1)
+ error (EXIT_FAILURE, 0, _("size_t overflow"));
+ nmemb++;
+
+ r = calloc (nmemb, sizeof (char *));
if (r == NULL)
error (EXIT_FAILURE, errno, "calloc");
--
2.31.1

586
0026-convert-document-networking-dependency-of-key-ID-cle.patch
View File

@ -1,586 +0,0 @@
From 94b57f647d67d4713284af1f0580d1afedd6ebaa Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Fri, 1 Jul 2022 15:30:42 +0200
Subject: [PATCH] convert: document networking dependency of "--key ID:clevis"
Virt-v2v enables appliance networking already, for the sake of
"unconfigure_vmware". We now have a second use case for networking: "--key
ID:clevis". Update the comment in the code.
(Short log for libguestfs-common commit range 35467027f657..af6cb55bc58a:
Laszlo Ersek (12):
options: fix UUID comparison logic bug in get_keys()
mltools/tools_utils: remove unused function "key_store_to_cli"
mltools/tools_utils: allow multiple "--key" options for OCaml tools too
options: replace NULL-termination with number-of-elements in get_keys()
options: wrap each passphrase from get_keys() into a struct
options: add back-end for LUKS decryption with Clevis+Tang
options: introduce selector type "key_clevis"
options: generalize "--key" selector parsing for C-language utilities
mltools/tools_utils-c: handle internal type error with abort()
mltools/tools_utils: generalize "--key" selector parsing for OCaml utils
options, mltools/tools_utils: parse "--key ID:clevis" options
options, mltools/tools_utils: add helper for network dependency
).
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1809453
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20220628115856.5820-1-lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 98fa5ab2685371c681282ce5de704877af27be74)
---
common | 2 +-
convert/convert.ml | 3 ++-
2 files changed, 3 insertions(+), 2 deletions(-)
Submodule common 35467027..af6cb55b:
diff --git a/common/mltools/tools_utils-c.c b/common/mltools/tools_utils-c.c
index 08146677..4ff42e5d 100644
--- a/common/mltools/tools_utils-c.c
+++ b/common/mltools/tools_utils-c.c
@@ -62,24 +62,31 @@ guestfs_int_mllib_inspect_decrypt (value gv, value gpv, value keysv)
caml_raise_out_of_memory ();
v = Field (elemv, 1);
- switch (Tag_val (v)) {
- case 0: /* KeyString of string */
- key.type = key_string;
- key.string.s = strdup (String_val (Field (v, 0)));
- if (!key.string.s)
- caml_raise_out_of_memory ();
- break;
- case 1: /* KeyFileName of string */
- key.type = key_file;
- key.file.name = strdup (String_val (Field (v, 0)));
- if (!key.file.name)
- caml_raise_out_of_memory ();
- break;
- default:
- error (EXIT_FAILURE, 0,
- "internal error: unhandled Tag_val (v) = %d",
- Tag_val (v));
- }
+ if (Is_block (v))
+ switch (Tag_val (v)) {
+ case 0: /* KeyString of string */
+ key.type = key_string;
+ key.string.s = strdup (String_val (Field (v, 0)));
+ if (!key.string.s)
+ caml_raise_out_of_memory ();
+ break;
+ case 1: /* KeyFileName of string */
+ key.type = key_file;
+ key.file.name = strdup (String_val (Field (v, 0)));
+ if (!key.file.name)
+ caml_raise_out_of_memory ();
+ break;
+ default:
+ abort ();
+ }
+ else
+ switch (Int_val (v)) {
+ case 0: /* KeyClevis */
+ key.type = key_clevis;
+ break;
+ default:
+ abort ();
+ }
ks = key_store_import_key (ks, &key);
diff --git a/common/mltools/tools_utils.ml b/common/mltools/tools_utils.ml
index 695fda7e..562bfadc 100644
--- a/common/mltools/tools_utils.ml
+++ b/common/mltools/tools_utils.ml
@@ -29,11 +29,12 @@ open Getopt.OptionName
let prog = ref prog
type key_store = {
- keys : (string, key_store_key) Hashtbl.t;
+ keys : (string * key_store_key) list ref;
}
and key_store_key =
| KeyString of string
| KeyFileName of string
+ | KeyClevis
external c_inspect_decrypt : Guestfs.t -> int64 -> (string * key_store_key) list -> unit = "guestfs_int_mllib_inspect_decrypt"
external c_set_echo_keys : unit -> unit = "guestfs_int_mllib_set_echo_keys" [@@noalloc]
@@ -376,7 +377,7 @@ let create_standard_options argspec ?anon_fun ?(key_opts = false)
)
in
let ks = {
- keys = Hashtbl.create 13;
+ keys = ref [];
} in
let argspec = ref argspec in
let add_argspec = List.push_back argspec in
@@ -392,14 +393,28 @@ let create_standard_options argspec ?anon_fun ?(key_opts = false)
if key_opts then (
let parse_key_selector arg =
- let parts = String.nsplit ~max:3 ":" arg in
+ let parts = String.nsplit ":" arg in
match parts with
+ | [] ->
+ error (f_"selector '%s': missing ID") arg
+ | [ _ ] ->
+ error (f_"selector '%s': missing TYPE") arg
+ | [ _; "key" ]
+ | _ :: "key" :: _ :: _ :: _ ->
+ error (f_"selector '%s': missing KEY_STRING, or too many fields") arg
| [ device; "key"; key ] ->
- Hashtbl.replace ks.keys device (KeyString key)
+ List.push_back ks.keys (device, KeyString key)
+ | [ _; "file" ]
+ | _ :: "file" :: _ :: _ :: _ ->
+ error (f_"selector '%s': missing FILENAME, or too many fields") arg
| [ device; "file"; file ] ->
- Hashtbl.replace ks.keys device (KeyFileName file)
+ List.push_back ks.keys (device, KeyFileName file)
+ | _ :: "clevis" :: _ :: _ ->
+ error (f_"selector '%s': too many fields") arg
+ | [ device; "clevis" ] ->
+ List.push_back ks.keys (device, KeyClevis)
| _ ->
- error (f_"invalid selector string for --key: %s") arg
+ error (f_"selector '%s': invalid TYPE") arg
in
add_argspec ([ L"echo-keys" ], Getopt.Unit c_set_echo_keys, s_"Dont turn off echo for passphrases");
@@ -420,16 +435,6 @@ let create_standard_options argspec ?anon_fun ?(key_opts = false)
let getopt = Getopt.create argspec ?anon_fun usage_msg in
{ getopt; ks; debug_gc }
-let key_store_to_cli { keys } =
- Hashtbl.fold (
- fun k v acc ->
- let arg =
- match v with
- | KeyString s -> sprintf "%s:key:%s" k s
- | KeyFileName f -> sprintf "%s:file:%s" k f in
- "--key" :: arg :: acc
- ) keys []
-
(* Run an external command, slurp up the output as a list of lines. *)
let external_command ?(echo_cmd = true) cmd =
if echo_cmd then
@@ -691,21 +696,19 @@ let is_btrfs_subvolume g fs =
if g#last_errno () = Guestfs.Errno.errno_EINVAL then false
else raise exn
+let key_store_requires_network ks =
+ List.exists (function
+ | _, KeyClevis -> true
+ | _ -> false) !(ks.keys)
+
let inspect_decrypt g ks =
- (* Turn the keys in the key_store into a simpler struct, so it is possible
- * to read it using the C API.
- *)
- let keys_as_list = Hashtbl.fold (
- fun k v acc ->
- (k, v) :: acc
- ) ks.keys [] in
(* Note we pass original 'g' even though it is not used by the
* callee. This is so that 'g' is kept as a root on the stack, and
* so cannot be garbage collected while we are in the c_inspect_decrypt
* function.
*)
c_inspect_decrypt g#ocaml_handle (Guestfs.c_pointer g#ocaml_handle)
- keys_as_list
+ !(ks.keys)
let with_timeout op timeout ?(sleep = 2) fn =
let start_t = Unix.gettimeofday () in
diff --git a/common/mltools/tools_utils.mli b/common/mltools/tools_utils.mli
index 50183006..ec900e63 100644
--- a/common/mltools/tools_utils.mli
+++ b/common/mltools/tools_utils.mli
@@ -103,14 +103,6 @@ val create_standard_options : Getopt.speclist -> ?anon_fun:Getopt.anon_fun -> ?k
Returns a new {!cmdline_options} structure. *)
-val key_store_to_cli : key_store -> string list
-(** Convert a {!key_store} object back to a list of command line
- options, essentially undoing the effect of Getopt parsing.
- This is used in virt-v2v to pass the keystore to helpers.
- It is not particularly secure, especially if you use the
- [:key:] selector, although not any less secure than passing
- them via the command line in the first place. *)
-
val external_command : ?echo_cmd:bool -> string -> string list
(** Run an external command, slurp up the output as a list of lines.
@@ -204,6 +196,10 @@ val inspect_mount_root_ro : Guestfs.guestfs -> string -> unit
val is_btrfs_subvolume : Guestfs.guestfs -> string -> bool
(** Checks if a filesystem is a btrfs subvolume. *)
+val key_store_requires_network : key_store -> bool
+(** [key_store_requires_network ks] returns [true] iff [ks] contains at least
+ one "ID:clevis" selector. *)
+
val inspect_decrypt : Guestfs.guestfs -> key_store -> unit
(** Simple implementation of decryption: look for any encrypted
partitions and decrypt them, then rescan for VGs. *)
diff --git a/common/options/decrypt.c b/common/options/decrypt.c
index 1cd7b627..97c8b88d 100644
--- a/common/options/decrypt.c
+++ b/common/options/decrypt.c
@@ -124,10 +124,10 @@ decrypt_mountables (guestfs_h *g, const char * const *mountables,
while ((mountable = *mnt_scan++) != NULL) {
CLEANUP_FREE char *type = NULL;
CLEANUP_FREE char *uuid = NULL;
- CLEANUP_FREE_STRING_LIST char **keys = NULL;
+ struct matching_key *keys;
+ size_t nr_matches;
CLEANUP_FREE char *mapname = NULL;
- const char * const *key_scan;
- const char *key;
+ size_t scan;
type = guestfs_vfs_type (g, mountable);
if (type == NULL)
@@ -144,33 +144,45 @@ decrypt_mountables (guestfs_h *g, const char * const *mountables,
/* Grab the keys that we should try with this device, based on device name,
* or UUID (if any).
*/
- keys = get_keys (ks, mountable, uuid);
- assert (keys[0] != NULL);
+ keys = get_keys (ks, mountable, uuid, &nr_matches);
+ assert (nr_matches > 0);
/* Generate a node name for the plaintext (decrypted) device node. */
if (uuid == NULL || asprintf (&mapname, "luks-%s", uuid) == -1)
mapname = make_mapname (mountable);
/* Try each key in turn. */
- key_scan = (const char * const *)keys;
- while ((key = *key_scan++) != NULL) {
+ for (scan = 0; scan < nr_matches; ++scan) {
+ struct matching_key *key = keys + scan;
int r;
guestfs_push_error_handler (g, NULL, NULL);
- r = guestfs_cryptsetup_open (g, mountable, key, mapname, -1);
+ assert (key->clevis == (key->passphrase == NULL));
+ if (key->clevis)
+#ifdef GUESTFS_HAVE_CLEVIS_LUKS_UNLOCK
+ r = guestfs_clevis_luks_unlock (g, mountable, mapname);
+#else
+ error (EXIT_FAILURE, 0,
+ _("'clevis_luks_unlock', needed for decrypting %s, is "
+ "unavailable in this libguestfs version"), mountable);
+#endif
+ else
+ r = guestfs_cryptsetup_open (g, mountable, key->passphrase, mapname,
+ -1);
guestfs_pop_error_handler (g);
if (r == 0)
break;
}
- if (key == NULL)
+ if (scan == nr_matches)
error (EXIT_FAILURE, 0,
_("could not find key to open LUKS encrypted %s.\n\n"
"Try using --key on the command line.\n\n"
"Original error: %s (%d)"),
mountable, guestfs_last_error (g), guestfs_last_errno (g));
+ free_keys (keys, nr_matches);
decrypted_some = true;
}
diff --git a/common/options/key-option.pod b/common/options/key-option.pod
index 90a3b15c..6bc04df1 100644
--- a/common/options/key-option.pod
+++ b/common/options/key-option.pod
@@ -14,4 +14,13 @@ Use the specified C<KEY_STRING> as passphrase.
Read the passphrase from F<FILENAME>.
+=item B<--key> C<ID>:clevis
+
+Attempt passphrase-less unlocking for C<ID> with Clevis, over the
+network. Please refer to L<guestfs(3)/ENCRYPTED DISKS> for more
+information on network-bound disk encryption (NBDE).
+
+Note that if any such option is present on the command line, QEMU user
+networking will be automatically enabled for the libguestfs appliance.
+
=back
diff --git a/common/options/keys.c b/common/options/keys.c
index d27a7123..d987ae56 100644
--- a/common/options/keys.c
+++ b/common/options/keys.c
@@ -125,11 +125,12 @@ read_first_line_from_file (const char *filename)
* keystore. There may be multiple. If none are read from the
* keystore, ask the user.
*/
-char **
-get_keys (struct key_store *ks, const char *device, const char *uuid)
+struct matching_key *
+get_keys (struct key_store *ks, const char *device, const char *uuid,
+ size_t *nr_matches)
{
- size_t i, j, nmemb;
- char **r;
+ size_t i, nmemb;
+ struct matching_key *r, *match;
char *s;
/* We know the returned list must have at least one element and not
@@ -139,22 +140,20 @@ get_keys (struct key_store *ks, const char *device, const char *uuid)
if (ks && ks->nr_keys > nmemb)
nmemb = ks->nr_keys;
- /* make room for the terminating NULL */
- if (nmemb == (size_t)-1)
+ if (nmemb > (size_t)-1 / sizeof *r)
error (EXIT_FAILURE, 0, _("size_t overflow"));
- nmemb++;
- r = calloc (nmemb, sizeof (char *));
+ r = malloc (nmemb * sizeof *r);
if (r == NULL)
- error (EXIT_FAILURE, errno, "calloc");
+ error (EXIT_FAILURE, errno, "malloc");
- j = 0;
+ match = r;
if (ks) {
for (i = 0; i < ks->nr_keys; ++i) {
struct key_store_key *key = &ks->keys[i];
- if (STRNEQ (key->id, device) && (uuid && STRNEQ (key->id, uuid)))
+ if (STRNEQ (key->id, device) && (!uuid || STRNEQ (key->id, uuid)))
continue;
switch (key->type) {
@@ -162,68 +161,101 @@ get_keys (struct key_store *ks, const char *device, const char *uuid)
s = strdup (key->string.s);
if (!s)
error (EXIT_FAILURE, errno, "strdup");
- r[j++] = s;
+ match->clevis = false;
+ match->passphrase = s;
+ ++match;
break;
case key_file:
s = read_first_line_from_file (key->file.name);
- r[j++] = s;
+ match->clevis = false;
+ match->passphrase = s;
+ ++match;
+ break;
+ case key_clevis:
+ match->clevis = true;
+ match->passphrase = NULL;
+ ++match;
break;
}
}
}
- if (j == 0) {
+ if (match == r) {
/* Key not found in the key store, ask the user for it. */
s = read_key (device);
if (!s)
error (EXIT_FAILURE, 0, _("could not read key from user"));
- r[0] = s;
+ match->clevis = false;
+ match->passphrase = s;
+ ++match;
}
+ *nr_matches = (size_t)(match - r);
return r;
}
+void
+free_keys (struct matching_key *keys, size_t nr_matches)
+{
+ size_t i;
+
+ for (i = 0; i < nr_matches; ++i) {
+ struct matching_key *key = keys + i;
+
+ assert (key->clevis == (key->passphrase == NULL));
+ if (!key->clevis)
+ free (key->passphrase);
+ }
+ free (keys);
+}
+
struct key_store *
key_store_add_from_selector (struct key_store *ks, const char *selector)
{
- CLEANUP_FREE_STRING_LIST char **fields =
- guestfs_int_split_string (':', selector);
+ CLEANUP_FREE_STRING_LIST char **fields = NULL;
+ size_t field_count;
struct key_store_key key;
+ fields = guestfs_int_split_string (':', selector);
if (!fields)
error (EXIT_FAILURE, errno, "guestfs_int_split_string");
+ field_count = guestfs_int_count_strings (fields);
- if (guestfs_int_count_strings (fields) != 3) {
- invalid_selector:
- error (EXIT_FAILURE, 0, "invalid selector for --key: %s", selector);
- }
-
- /* 1: device */
+ /* field#0: ID */
+ if (field_count < 1)
+ error (EXIT_FAILURE, 0, _("selector '%s': missing ID"), selector);
key.id = strdup (fields[0]);
if (!key.id)
error (EXIT_FAILURE, errno, "strdup");
- /* 2: key type */
- if (STREQ (fields[1], "key"))
+ /* field#1...: TYPE, and TYPE-specific properties */
+ if (field_count < 2)
+ error (EXIT_FAILURE, 0, _("selector '%s': missing TYPE"), selector);
+
+ if (STREQ (fields[1], "key")) {
key.type = key_string;
- else if (STREQ (fields[1], "file"))
- key.type = key_file;
- else
- goto invalid_selector;
-
- /* 3: actual key */
- switch (key.type) {
- case key_string:
+ if (field_count != 3)
+ error (EXIT_FAILURE, 0,
+ _("selector '%s': missing KEY_STRING, or too many fields"),
+ selector);
key.string.s = strdup (fields[2]);
if (!key.string.s)
error (EXIT_FAILURE, errno, "strdup");
- break;
- case key_file:
+ } else if (STREQ (fields[1], "file")) {
+ key.type = key_file;
+ if (field_count != 3)
+ error (EXIT_FAILURE, 0,
+ _("selector '%s': missing FILENAME, or too many fields"),
+ selector);
key.file.name = strdup (fields[2]);
if (!key.file.name)
error (EXIT_FAILURE, errno, "strdup");
- break;
- }
+ } else if (STREQ (fields[1], "clevis")) {
+ key.type = key_clevis;
+ if (field_count != 2)
+ error (EXIT_FAILURE, 0, _("selector '%s': too many fields"), selector);
+ } else
+ error (EXIT_FAILURE, 0, _("selector '%s': invalid TYPE"), selector);
return key_store_import_key (ks, &key);
}
@@ -252,6 +284,21 @@ key_store_import_key (struct key_store *ks, const struct key_store_key *key)
return ks;
}
+bool
+key_store_requires_network (const struct key_store *ks)
+{
+ size_t i;
+
+ if (ks == NULL)
+ return false;
+
+ for (i = 0; i < ks->nr_keys; ++i)
+ if (ks->keys[i].type == key_clevis)
+ return true;
+
+ return false;
+}
+
void
free_key_store (struct key_store *ks)
{
@@ -270,6 +317,9 @@ free_key_store (struct key_store *ks)
case key_file:
free (key->file.name);
break;
+ case key_clevis:
+ /* nothing */
+ break;
}
free (key->id);
}
diff --git a/common/options/options.h b/common/options/options.h
index 80df91a8..60d5d806 100644
--- a/common/options/options.h
+++ b/common/options/options.h
@@ -115,6 +115,7 @@ struct key_store_key {
enum {
key_string, /* key specified as string */
key_file, /* key stored in a file */
+ key_clevis, /* key reconstructed with Clevis+Tang */
} type;
union {
struct {
@@ -134,6 +135,19 @@ struct key_store {
size_t nr_keys;
};
+/* A key matching a particular ID (pathname of the libguestfs device node that
+ * stands for the encrypted block device, or LUKS UUID).
+ */
+struct matching_key {
+ /* True iff the passphrase should be reconstructed using Clevis, talking to
+ * Tang servers over the network.
+ */
+ bool clevis;
+
+ /* Explicit passphrase, otherwise. */
+ char *passphrase;
+};
+
/* in config.c */
extern void parse_config (void);
@@ -151,9 +165,12 @@ extern void print_inspect_prompt (void);
/* in key.c */
extern char *read_key (const char *param);
-extern char **get_keys (struct key_store *ks, const char *device, const char *uuid);
+extern struct matching_key *get_keys (struct key_store *ks, const char *device,
+ const char *uuid, size_t *nr_matches);
+extern void free_keys (struct matching_key *keys, size_t nr_matches);
extern struct key_store *key_store_add_from_selector (struct key_store *ks, const char *selector);
extern struct key_store *key_store_import_key (struct key_store *ks, const struct key_store_key *key);
+extern bool key_store_requires_network (const struct key_store *ks);
extern void free_key_store (struct key_store *ks);
/* in options.c */
diff --git a/convert/convert.ml b/convert/convert.ml
index 5e0e6c2b..b678dc92 100644
--- a/convert/convert.ml
+++ b/convert/convert.ml
@@ -57,7 +57,8 @@ let rec convert dir options source =
* sure this is not too large because each vCPU consumes guest RAM.
*)
g#set_smp (min 8 (Sysconf.nr_processors_online ()));
- (* The network is only used by the unconfigure_vmware () function. *)
+ (* The network is used by the unconfigure_vmware () function, and the "--key
+ * ID:clevis" command line options (if any). *)
g#set_network true;
List.iter (
fun { s_disk_id = i } ->
--
2.31.1

4
sources
View File

@ -1,2 +1,2 @@
SHA512 (virt-v2v-2.0.6.tar.gz) = 8be0b74344331ccb8f777ba0c13f19b5070ab8106e70dbe3c1963c880b5bfe980e5333b1a6369bc2f4d27a47d0a18b99d91845e8d8c68da775ac3d009c494fc0
SHA512 (virt-v2v-2.0.6.tar.gz.sig) = 01e96bae7bc11763756b4ebfce2f1876593cdd6aa2e438ea73880b76f4ba1bf3c47482b45b44147bf180620bc1f288ca05cfaa7bf09165b3f766f06483dd658e
SHA512 (virt-v2v-2.0.7.tar.gz) = 0e2a7b55fdea7fac854747317d613a5f3e9bea17102424a8682783374f1dd273146c88a9e214f968f67a687545145c4a44d7e1bae16735e454822e636aab008c
SHA512 (virt-v2v-2.0.7.tar.gz.sig) = 4af524ebc70ecc670ff9c63bf485b969ed13c63e34d25e8e002423a59e4d84cd4f51683ec32c674bcb97ad24e214483eb9e12aa295adaeec507ece671ad93539

37
virt-v2v.spec
View File

@ -15,8 +15,8 @@
Name: virt-v2v
Epoch: 1
Version: 2.0.6
Release: 3%{?dist}
Version: 2.0.7
Release: 1%{?dist}
Summary: Convert a virtual machine to run on KVM
License: GPLv2+
@ -45,25 +45,16 @@ Patch0009: 0009-RHEL-Remove-the-in-place-option.patch
Patch0010: 0010-output-Remove-o-json-mode.patch
Patch0011: 0011-output-Remove-unused-dummy.c.patch
Patch0012: 0012-adopt-inversion-of-SELinux-relabeling-in-virt-custom.patch
Patch0013: 0013-test-data-phony-guests-Upgrade-Fedora-RPM-database-a.patch
Patch0014: 0014-test-data-phony-guests-Increase-size-of-root-filesys.patch
Patch0015: 0015-test-data-phony-guests-Allow-virt-v2v-to-work-agains.patch
Patch0016: 0016-tests-Add-test-cases-for-converting-the-phony-Fedora.patch
Patch0017: 0017-output-create_libvirt_xml-wire-up-the-QEMU-guest-age.patch
Patch0018: 0018-windows_virtio-remove-install_linux_tools.patch
Patch0019: 0019-convert_linux-extract-qemu-guest-agent-package-name.patch
Patch0020: 0020-convert_linux-install-the-QEMU-guest-agent-with-a-fi.patch
Patch0021: 0021-test-data-Replace-deprecated-luks_open-with-cryptset.patch
Patch0022: 0022-tests-rename-luks-to-lvm-on-luks.patch
Patch0023: 0023-tests-add-LUKS-on-LVM-test.patch
Patch0024: 0024-RHV-outputs-limit-copied-disk-count-to-23.patch
Patch0025: 0025-update-common-submodule-for-CVE-2022-2211-fix.patch
Patch0026: 0026-convert-document-networking-dependency-of-key-ID-cle.patch
Patch0027: 0027-qemu-nbd-Implement-output-compression-for-qcow2-file.patch
Patch0028: 0028-o-disk-o-libvirt-o-qemu-Implement-of-qcow2-oo-compre.patch
Patch0029: 0029-tests-Add-a-simple-test-of-o-local-of-qcow2-oo-compr.patch
Patch0030: 0030-RHEL-9-oo-compressed-Remove-nbdcopy-version-check-an.patch
Patch0031: 0031-RHEL-9-tests-Remove-btrfs-test.patch
Patch0013: 0013-output-create_libvirt_xml-wire-up-the-QEMU-guest-age.patch
Patch0014: 0014-convert_linux-extract-qemu-guest-agent-package-name.patch
Patch0015: 0015-convert_linux-install-the-QEMU-guest-agent-with-a-fi.patch
Patch0016: 0016-RHV-outputs-limit-copied-disk-count-to-23.patch
Patch0017: 0017-convert-document-networking-dependency-of-key-ID-cle.patch
Patch0018: 0018-qemu-nbd-Implement-output-compression-for-qcow2-file.patch
Patch0019: 0019-o-disk-o-libvirt-o-qemu-Implement-of-qcow2-oo-compre.patch
Patch0020: 0020-tests-Add-a-simple-test-of-o-local-of-qcow2-oo-compr.patch
Patch0021: 0021-RHEL-9-oo-compressed-Remove-nbdcopy-version-check-an.patch
Patch0022: 0022-RHEL-9-tests-Remove-btrfs-test.patch
%if !0%{?rhel}
# libguestfs hasn't been built on i686 for a while since there is no
@ -342,8 +333,8 @@ rm $RPM_BUILD_ROOT%{_mandir}/man1/virt-v2v-in-place.1*
%changelog
* Tue Jul 05 2022 Richard W.M. Jones <rjones@redhat.com> - 1:2.0.6-3
- Rebase to stable branch version 2.0.6
* Wed Jul 06 2022 Richard W.M. Jones <rjones@redhat.com> - 1:2.0.7-1
- Rebase to stable branch version 2.0.7
resolves: rhbz#2059287, rhbz#1658126, rhbz#1788823, rhbz#1854275
- Fix openssh-clients dependency
resolves: rhbz#2064178