Rebase to stable branch version 2.0.7
resolves: rhbz#2059287
This commit is contained in:
parent
b6cf325d1f
commit
0ab0657041
@ -1,4 +1,4 @@
|
|||||||
From fd68a9dc94c54ecc1e7853bfc90220424bd5c4ca Mon Sep 17 00:00:00 2001
|
From d7c0992dfb11982d96cac8e279c454d82787918a Mon Sep 17 00:00:00 2001
|
||||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
From: "Richard W.M. Jones" <rjones@redhat.com>
|
||||||
Date: Sun, 28 Sep 2014 19:14:43 +0100
|
Date: Sun, 28 Sep 2014 19:14:43 +0100
|
||||||
Subject: [PATCH] RHEL: v2v: Select correct qemu binary for -o qemu mode
|
Subject: [PATCH] RHEL: v2v: Select correct qemu binary for -o qemu mode
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
From 21fecd276d0a6aaa4ea8a75fc8b77a3593001492 Mon Sep 17 00:00:00 2001
|
From 610f53a67a0804ee76e9213c503b7bb00dd722b8 Mon Sep 17 00:00:00 2001
|
||||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
From: "Richard W.M. Jones" <rjones@redhat.com>
|
||||||
Date: Tue, 30 Sep 2014 10:50:27 +0100
|
Date: Tue, 30 Sep 2014 10:50:27 +0100
|
||||||
Subject: [PATCH] RHEL: v2v: Disable the --qemu-boot / -oo qemu-boot option
|
Subject: [PATCH] RHEL: v2v: Disable the --qemu-boot / -oo qemu-boot option
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
From 41b609f89872d44ae9fdaf30a141132759efae22 Mon Sep 17 00:00:00 2001
|
From b61fc893f429eb4bec34816d667cc930e50ccd0f Mon Sep 17 00:00:00 2001
|
||||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
From: "Richard W.M. Jones" <rjones@redhat.com>
|
||||||
Date: Fri, 24 Apr 2015 09:45:41 -0400
|
Date: Fri, 24 Apr 2015 09:45:41 -0400
|
||||||
Subject: [PATCH] RHEL: Fix list of supported sound cards to match RHEL qemu
|
Subject: [PATCH] RHEL: Fix list of supported sound cards to match RHEL qemu
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
From def0df3659baaf52a68d23a9d8f86f9bd4c7f68e Mon Sep 17 00:00:00 2001
|
From 5d70bf1302ea3f1006d87672676f86eb5d40eb85 Mon Sep 17 00:00:00 2001
|
||||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
From: "Richard W.M. Jones" <rjones@redhat.com>
|
||||||
Date: Sun, 30 Aug 2015 03:21:57 -0400
|
Date: Sun, 30 Aug 2015 03:21:57 -0400
|
||||||
Subject: [PATCH] RHEL: Fixes for libguestfs-winsupport.
|
Subject: [PATCH] RHEL: Fixes for libguestfs-winsupport.
|
||||||
@ -26,10 +26,10 @@ index 87fca725..5e0e6c2b 100644
|
|||||||
(* Setting the number of vCPUs allows parallel mkinitrd, but make
|
(* Setting the number of vCPUs allows parallel mkinitrd, but make
|
||||||
* sure this is not too large because each vCPU consumes guest RAM.
|
* sure this is not too large because each vCPU consumes guest RAM.
|
||||||
diff --git a/convert/windows_virtio.ml b/convert/windows_virtio.ml
|
diff --git a/convert/windows_virtio.ml b/convert/windows_virtio.ml
|
||||||
index 5254322c..301f7544 100644
|
index a27cd6a5..183166b7 100644
|
||||||
--- a/convert/windows_virtio.ml
|
--- a/convert/windows_virtio.ml
|
||||||
+++ b/convert/windows_virtio.ml
|
+++ b/convert/windows_virtio.ml
|
||||||
@@ -283,6 +283,7 @@ and copy_from_virtio_win g inspect srcdir destdir filter missing =
|
@@ -241,6 +241,7 @@ and copy_from_virtio_win g inspect srcdir destdir filter missing =
|
||||||
let g2 =
|
let g2 =
|
||||||
try
|
try
|
||||||
let g2 = open_guestfs ~identifier:"virtio_win" () in
|
let g2 = open_guestfs ~identifier:"virtio_win" () in
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
From 869d6333dc9f27f4398df6f8d98ddc13191e4be9 Mon Sep 17 00:00:00 2001
|
From 37e241d6d4f22331b34c2ed0af233c73be2b0869 Mon Sep 17 00:00:00 2001
|
||||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
From: "Richard W.M. Jones" <rjones@redhat.com>
|
||||||
Date: Thu, 2 Mar 2017 14:21:37 +0100
|
Date: Thu, 2 Mar 2017 14:21:37 +0100
|
||||||
Subject: [PATCH] RHEL: v2v: -i disk: force VNC as display (RHBZ#1372671)
|
Subject: [PATCH] RHEL: v2v: -i disk: force VNC as display (RHBZ#1372671)
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
From 0695b6734db3e57954ec7b97b63bcc91d4f72b37 Mon Sep 17 00:00:00 2001
|
From 8ee8aec8739c6c0a4024ad187be56f525e8089c0 Mon Sep 17 00:00:00 2001
|
||||||
From: Pino Toscano <ptoscano@redhat.com>
|
From: Pino Toscano <ptoscano@redhat.com>
|
||||||
Date: Wed, 8 Mar 2017 11:03:40 +0100
|
Date: Wed, 8 Mar 2017 11:03:40 +0100
|
||||||
Subject: [PATCH] RHEL: v2v: do not mention SUSE Xen hosts (RHBZ#1430203)
|
Subject: [PATCH] RHEL: v2v: do not mention SUSE Xen hosts (RHBZ#1430203)
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
From ef2fd3cbbf3261c6bf43ec35425f3552f6eb918d Mon Sep 17 00:00:00 2001
|
From fd0c34d843bb5ba9e1b33e0dfd1250943c760a70 Mon Sep 17 00:00:00 2001
|
||||||
From: Pino Toscano <ptoscano@redhat.com>
|
From: Pino Toscano <ptoscano@redhat.com>
|
||||||
Date: Tue, 26 Mar 2019 09:42:25 +0100
|
Date: Tue, 26 Mar 2019 09:42:25 +0100
|
||||||
Subject: [PATCH] RHEL: point to KB for supported v2v hypervisors/guests
|
Subject: [PATCH] RHEL: point to KB for supported v2v hypervisors/guests
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
From e9890240ed9e0a0b967987f516c4bc9d2406ea7f Mon Sep 17 00:00:00 2001
|
From 14507902a675fd2e0356c0faf67524eb04e974d2 Mon Sep 17 00:00:00 2001
|
||||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
From: "Richard W.M. Jones" <rjones@redhat.com>
|
||||||
Date: Wed, 30 Jun 2021 11:15:52 +0100
|
Date: Wed, 30 Jun 2021 11:15:52 +0100
|
||||||
Subject: [PATCH] RHEL: Disable -o glance
|
Subject: [PATCH] RHEL: Disable -o glance
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
From 16f78a6852d4d6c00b2d987dac40d8ea18b7f192 Mon Sep 17 00:00:00 2001
|
From 1176553cf7a9a7f7961887372757234ffdfae2bd Mon Sep 17 00:00:00 2001
|
||||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
From: "Richard W.M. Jones" <rjones@redhat.com>
|
||||||
Date: Thu, 2 Dec 2021 11:56:05 +0000
|
Date: Thu, 2 Dec 2021 11:56:05 +0000
|
||||||
Subject: [PATCH] RHEL: Remove the --in-place option
|
Subject: [PATCH] RHEL: Remove the --in-place option
|
||||||
@ -45,7 +45,7 @@ index 84e049cc..7ad22f00 100644
|
|||||||
L<virt-df(1)>,
|
L<virt-df(1)>,
|
||||||
L<virt-filesystems(1)>,
|
L<virt-filesystems(1)>,
|
||||||
diff --git a/tests/Makefile.am b/tests/Makefile.am
|
diff --git a/tests/Makefile.am b/tests/Makefile.am
|
||||||
index 03d0be29..e44adaef 100644
|
index d36e230b..db32e42b 100644
|
||||||
--- a/tests/Makefile.am
|
--- a/tests/Makefile.am
|
||||||
+++ b/tests/Makefile.am
|
+++ b/tests/Makefile.am
|
||||||
@@ -77,7 +77,6 @@ TESTS = \
|
@@ -77,7 +77,6 @@ TESTS = \
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
From 13e570e2c19319e4164bba7de479980ebff74fdb Mon Sep 17 00:00:00 2001
|
From a1f1129dc148639ed0b05b737157268d9b824a63 Mon Sep 17 00:00:00 2001
|
||||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
From: "Richard W.M. Jones" <rjones@redhat.com>
|
||||||
Date: Mon, 11 Apr 2022 11:01:46 +0100
|
Date: Mon, 11 Apr 2022 11:01:46 +0100
|
||||||
Subject: [PATCH] output: Remove -o json mode
|
Subject: [PATCH] output: Remove -o json mode
|
||||||
@ -991,7 +991,7 @@ index 35b62836..00000000
|
|||||||
- ignore (run_test_tt_main suite);
|
- ignore (run_test_tt_main suite);
|
||||||
- Printf.fprintf stderr "\n"
|
- Printf.fprintf stderr "\n"
|
||||||
diff --git a/tests/Makefile.am b/tests/Makefile.am
|
diff --git a/tests/Makefile.am b/tests/Makefile.am
|
||||||
index e44adaef..549d39e1 100644
|
index db32e42b..e787a86c 100644
|
||||||
--- a/tests/Makefile.am
|
--- a/tests/Makefile.am
|
||||||
+++ b/tests/Makefile.am
|
+++ b/tests/Makefile.am
|
||||||
@@ -81,7 +81,6 @@ TESTS = \
|
@@ -81,7 +81,6 @@ TESTS = \
|
||||||
@ -1002,7 +1002,7 @@ index e44adaef..549d39e1 100644
|
|||||||
test-v2v-o-libvirt.sh \
|
test-v2v-o-libvirt.sh \
|
||||||
test-v2v-o-null.sh \
|
test-v2v-o-null.sh \
|
||||||
test-v2v-o-openstack.sh \
|
test-v2v-o-openstack.sh \
|
||||||
@@ -231,7 +230,6 @@ EXTRA_DIST += \
|
@@ -241,7 +240,6 @@ EXTRA_DIST += \
|
||||||
test-v2v-networks-and-bridges.sh \
|
test-v2v-networks-and-bridges.sh \
|
||||||
test-v2v-networks-and-bridges-expected.xml \
|
test-v2v-networks-and-bridges-expected.xml \
|
||||||
test-v2v-o-glance.sh \
|
test-v2v-o-glance.sh \
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
From 0c52088cbcfe4f00794f070866e806179abc7596 Mon Sep 17 00:00:00 2001
|
From 42da4736c2078801c0a5ebbe3825086f9b8d25ea Mon Sep 17 00:00:00 2001
|
||||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
From: "Richard W.M. Jones" <rjones@redhat.com>
|
||||||
Date: Tue, 12 Apr 2022 11:53:45 +0100
|
Date: Tue, 12 Apr 2022 11:53:45 +0100
|
||||||
Subject: [PATCH] output: Remove unused dummy.c
|
Subject: [PATCH] output: Remove unused dummy.c
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
From b3398f6e90056ac0e38bd0a9751e7aca4316555e Mon Sep 17 00:00:00 2001
|
From 7b22bc65e5df2bbe9f5ccf8ab05e67afb5a4cb8f Mon Sep 17 00:00:00 2001
|
||||||
From: Laszlo Ersek <lersek@redhat.com>
|
From: Laszlo Ersek <lersek@redhat.com>
|
||||||
Date: Tue, 10 May 2022 12:53:07 +0200
|
Date: Tue, 10 May 2022 12:53:07 +0200
|
||||||
Subject: [PATCH] adopt inversion of SELinux relabeling in virt-customize
|
Subject: [PATCH] adopt inversion of SELinux relabeling in virt-customize
|
||||||
@ -21,178 +21,44 @@ Acked-by: Richard W.M. Jones <rjones@redhat.com>
|
|||||||
tests/test-v2v-conversion-of.sh | 7 -------
|
tests/test-v2v-conversion-of.sh | 7 -------
|
||||||
2 files changed, 1 insertion(+), 8 deletions(-)
|
2 files changed, 1 insertion(+), 8 deletions(-)
|
||||||
|
|
||||||
Submodule common 0a231b3e..48527b87:
|
Submodule common 201632e4..af6cb55b (rewind):
|
||||||
diff --git a/common/mlcustomize/customize-options.pod b/common/mlcustomize/customize-options.pod
|
diff --git a/common/mlcustomize/guest_packages.ml b/common/mlcustomize/guest_packages.ml
|
||||||
index 71b545da..a83c80a5 100644
|
index 7c29a2ab..4c3c34ed 100644
|
||||||
--- a/common/mlcustomize/customize-options.pod
|
--- a/common/mlcustomize/guest_packages.ml
|
||||||
+++ b/common/mlcustomize/customize-options.pod
|
+++ b/common/mlcustomize/guest_packages.ml
|
||||||
@@ -206,6 +206,19 @@ the image was built, use this option.
|
@@ -73,9 +73,9 @@ let install_command packages package_management =
|
||||||
|
| "zypper" -> sprintf "zypper -n in -l %s" quoted_args
|
||||||
|
|
||||||
See also: L</LOG FILE>.
|
| "unknown" ->
|
||||||
|
- error_unknown_package_manager "--install"
|
||||||
|
+ error_unknown_package_manager (s_"--install")
|
||||||
|
| pm ->
|
||||||
|
- error_unimplemented_package_manager "--install" pm
|
||||||
|
+ error_unimplemented_package_manager (s_"--install") pm
|
||||||
|
|
||||||
+=item B<--no-selinux-relabel>
|
let update_command package_management =
|
||||||
+
|
match package_management with
|
||||||
+Do not attempt to correct the SELinux labels of files in the guest.
|
@@ -103,9 +103,9 @@ let update_command package_management =
|
||||||
+
|
| "zypper" -> "zypper -n update -l"
|
||||||
+In such guests that support SELinux, customization automatically
|
|
||||||
+relabels files so that they have the correct SELinux label. (The
|
|
||||||
+relabeling is performed immediately, but if the operation fails,
|
|
||||||
+customization will instead touch F</.autorelabel> on the image to
|
|
||||||
+schedule a relabel operation for the next time the image boots.) This
|
|
||||||
+option disables the automatic relabeling.
|
|
||||||
+
|
|
||||||
+The option is a no-op for guests that do not support SELinux.
|
|
||||||
+
|
|
||||||
=item B<--password> USER:SELECTOR
|
|
||||||
|
|
||||||
Set the password for C<USER>. (Note this option does I<not>
|
| "unknown" ->
|
||||||
@@ -297,16 +310,6 @@ It cannot delete directories, only regular files.
|
- error_unknown_package_manager "--update"
|
||||||
|
+ error_unknown_package_manager (s_"--update")
|
||||||
|
| pm ->
|
||||||
|
- error_unimplemented_package_manager "--update" pm
|
||||||
|
+ error_unimplemented_package_manager (s_"--update") pm
|
||||||
|
|
||||||
=back
|
let uninstall_command packages package_management =
|
||||||
|
let quoted_args = String.concat " " (List.map quote packages) in
|
||||||
|
@@ -127,6 +127,6 @@ let uninstall_command packages package_management =
|
||||||
|
| "zypper" -> sprintf "zypper -n rm %s" quoted_args
|
||||||
|
|
||||||
-=item B<--selinux-relabel>
|
| "unknown" ->
|
||||||
-
|
- error_unknown_package_manager "--uninstall"
|
||||||
-Relabel files in the guest so that they have the correct SELinux label.
|
+ error_unknown_package_manager (s_"--uninstall")
|
||||||
-
|
| pm ->
|
||||||
-This will attempt to relabel files immediately, but if the operation fails
|
- error_unimplemented_package_manager "--uninstall" pm
|
||||||
-this will instead touch F</.autorelabel> on the image to schedule a
|
+ error_unimplemented_package_manager (s_"--uninstall") pm
|
||||||
-relabel operation for the next time the image boots.
|
|
||||||
-
|
|
||||||
-You should only use this option for guests which support SELinux.
|
|
||||||
-
|
|
||||||
=item B<--sm-attach> SELECTOR
|
|
||||||
|
|
||||||
Attach to a pool using C<subscription-manager>.
|
|
||||||
diff --git a/common/mlcustomize/customize-synopsis.pod b/common/mlcustomize/customize-synopsis.pod
|
|
||||||
index 5f185408..25208538 100644
|
|
||||||
--- a/common/mlcustomize/customize-synopsis.pod
|
|
||||||
+++ b/common/mlcustomize/customize-synopsis.pod
|
|
||||||
@@ -12,5 +12,5 @@
|
|
||||||
[--truncate-recursive PATH] [--timezone TIMEZONE] [--touch FILE]
|
|
||||||
[--uninstall PKG,PKG..] [--update] [--upload FILE:DEST]
|
|
||||||
[--write FILE:CONTENT] [--no-logfile]
|
|
||||||
- [--password-crypto md5|sha256|sha512] [--selinux-relabel]
|
|
||||||
+ [--password-crypto md5|sha256|sha512] [--no-selinux-relabel]
|
|
||||||
[--sm-credentials SELECTOR]
|
|
||||||
diff --git a/common/mlcustomize/customize_cmdline.ml b/common/mlcustomize/customize_cmdline.ml
|
|
||||||
index 9326baa0..5d404e84 100644
|
|
||||||
--- a/common/mlcustomize/customize_cmdline.ml
|
|
||||||
+++ b/common/mlcustomize/customize_cmdline.ml
|
|
||||||
@@ -109,8 +109,8 @@ and flags = {
|
|
||||||
(* --no-logfile *)
|
|
||||||
password_crypto : Password.password_crypto option;
|
|
||||||
(* --password-crypto md5|sha256|sha512 *)
|
|
||||||
- selinux_relabel : bool;
|
|
||||||
- (* --selinux-relabel *)
|
|
||||||
+ no_selinux_relabel : bool;
|
|
||||||
+ (* --no-selinux-relabel *)
|
|
||||||
sm_credentials : Subscription_manager.sm_credentials option;
|
|
||||||
(* --sm-credentials SELECTOR *)
|
|
||||||
}
|
|
||||||
@@ -121,7 +121,7 @@ let rec argspec () =
|
|
||||||
let ops = ref [] in
|
|
||||||
let scrub_logfile = ref false in
|
|
||||||
let password_crypto = ref None in
|
|
||||||
- let selinux_relabel = ref false in
|
|
||||||
+ let no_selinux_relabel = ref false in
|
|
||||||
let sm_credentials = ref None in
|
|
||||||
|
|
||||||
let rec get_ops () = {
|
|
||||||
@@ -131,7 +131,7 @@ let rec argspec () =
|
|
||||||
and get_flags () = {
|
|
||||||
scrub_logfile = !scrub_logfile;
|
|
||||||
password_crypto = !password_crypto;
|
|
||||||
- selinux_relabel = !selinux_relabel;
|
|
||||||
+ no_selinux_relabel = !no_selinux_relabel;
|
|
||||||
sm_credentials = !sm_credentials;
|
|
||||||
}
|
|
||||||
in
|
|
||||||
@@ -459,11 +459,11 @@ let rec argspec () =
|
|
||||||
),
|
|
||||||
Some "md5|sha256|sha512", "When the virt tools change or set a password in the guest, this\noption sets the password encryption of that password to\nC<md5>, C<sha256> or C<sha512>.\n\nC<sha256> and C<sha512> require glibc E<ge> 2.7 (check crypt(3) inside\nthe guest).\n\nC<md5> will work with relatively old Linux guests (eg. RHEL 3), but\nis not secure against modern attacks.\n\nThe default is C<sha512> unless libguestfs detects an old guest that\ndidn't have support for SHA-512, in which case it will use C<md5>.\nYou can override libguestfs by specifying this option.\n\nNote this does not change the default password encryption used\nby the guest when you create new user accounts inside the guest.\nIf you want to do that, then you should use the I<--edit> option\nto modify C</etc/sysconfig/authconfig> (Fedora, RHEL) or\nC</etc/pam.d/common-password> (Debian, Ubuntu).";
|
|
||||||
(
|
|
||||||
- [ L"selinux-relabel" ],
|
|
||||||
- Getopt.Set selinux_relabel,
|
|
||||||
- s_"Relabel files with correct SELinux labels"
|
|
||||||
+ [ L"no-selinux-relabel" ],
|
|
||||||
+ Getopt.Set no_selinux_relabel,
|
|
||||||
+ s_"Do not relabel files with correct SELinux labels"
|
|
||||||
),
|
|
||||||
- None, "Relabel files in the guest so that they have the correct SELinux label.\n\nThis will attempt to relabel files immediately, but if the operation fails\nthis will instead touch F</.autorelabel> on the image to schedule a\nrelabel operation for the next time the image boots.\n\nYou should only use this option for guests which support SELinux.";
|
|
||||||
+ None, "Do not attempt to correct the SELinux labels of files in the guest.\n\nIn such guests that support SELinux, customization automatically\nrelabels files so that they have the correct SELinux label. (The\nrelabeling is performed immediately, but if the operation fails,\ncustomization will instead touch F</.autorelabel> on the image to\nschedule a relabel operation for the next time the image boots.) This\noption disables the automatic relabeling.\n\nThe option is a no-op for guests that do not support SELinux.";
|
|
||||||
(
|
|
||||||
[ L"sm-credentials" ],
|
|
||||||
Getopt.String (
|
|
||||||
diff --git a/common/mlcustomize/customize_cmdline.mli b/common/mlcustomize/customize_cmdline.mli
|
|
||||||
index 14eda49e..7ee882a6 100644
|
|
||||||
--- a/common/mlcustomize/customize_cmdline.mli
|
|
||||||
+++ b/common/mlcustomize/customize_cmdline.mli
|
|
||||||
@@ -101,8 +101,8 @@ and flags = {
|
|
||||||
(* --no-logfile *)
|
|
||||||
password_crypto : Password.password_crypto option;
|
|
||||||
(* --password-crypto md5|sha256|sha512 *)
|
|
||||||
- selinux_relabel : bool;
|
|
||||||
- (* --selinux-relabel *)
|
|
||||||
+ no_selinux_relabel : bool;
|
|
||||||
+ (* --no-selinux-relabel *)
|
|
||||||
sm_credentials : Subscription_manager.sm_credentials option;
|
|
||||||
(* --sm-credentials SELECTOR *)
|
|
||||||
}
|
|
||||||
diff --git a/common/mlcustomize/test-firstboot.sh b/common/mlcustomize/test-firstboot.sh
|
|
||||||
index b9069975..24c67f3e 100755
|
|
||||||
--- a/common/mlcustomize/test-firstboot.sh
|
|
||||||
+++ b/common/mlcustomize/test-firstboot.sh
|
|
||||||
@@ -61,9 +61,6 @@ case "$guestname" in
|
|
||||||
extra[${#extra[*]}]='/etc/inittab:
|
|
||||||
s,^#([1-9].*respawn.*/sbin/getty.*),$1,'
|
|
||||||
;;
|
|
||||||
- fedora*|rhel*|centos*)
|
|
||||||
- extra[${#extra[*]}]='--selinux-relabel'
|
|
||||||
- ;;
|
|
||||||
*)
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
diff --git a/common/mlcustomize/test-selinuxrelabel.sh b/common/mlcustomize/test-selinuxrelabel.sh
|
|
||||||
index 86278c63..caf75211 100755
|
|
||||||
--- a/common/mlcustomize/test-selinuxrelabel.sh
|
|
||||||
+++ b/common/mlcustomize/test-selinuxrelabel.sh
|
|
||||||
@@ -41,13 +41,12 @@ virt-builder "$guestname" --quiet -o "$disk"
|
|
||||||
# Test #1: relabel with the default configuration works.
|
|
||||||
rm -f "$disk_overlay"
|
|
||||||
guestfish -- disk-create "$disk_overlay" qcow2 -1 backingfile:"$disk"
|
|
||||||
-virt-customize -a "$disk" --selinux-relabel
|
|
||||||
+virt-customize -a "$disk"
|
|
||||||
|
|
||||||
# Test #2: relabel with no SELINUXTYPE in the configuration.
|
|
||||||
rm -f "$disk_overlay"
|
|
||||||
guestfish -- disk-create "$disk_overlay" qcow2 -1 backingfile:"$disk"
|
|
||||||
virt-customize -a "$disk" \
|
|
||||||
- --edit /etc/selinux/config:"s,^SELINUXTYPE=,#&,g" \
|
|
||||||
- --selinux-relabel
|
|
||||||
+ --edit /etc/selinux/config:"s,^SELINUXTYPE=,#&,g"
|
|
||||||
|
|
||||||
rm "$disk" "$disk_overlay"
|
|
||||||
diff --git a/common/options/uri.c b/common/options/uri.c
|
|
||||||
index 6b696fc2..84d393c1 100644
|
|
||||||
--- a/common/options/uri.c
|
|
||||||
+++ b/common/options/uri.c
|
|
||||||
@@ -135,7 +135,7 @@ parse (const char *arg, char **path_ret, char **protocol_ret,
|
|
||||||
socket = query_get (uri, "socket");
|
|
||||||
|
|
||||||
if (uri->server && STRNEQ (uri->server, "") && socket) {
|
|
||||||
- fprintf (stderr, _("%s: %s: cannot both a server name and a socket query parameter\n"),
|
|
||||||
+ fprintf (stderr, _("%s: %s: cannot have both a server name and a socket query parameter\n"),
|
|
||||||
getprogname (), arg);
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
@@ -347,6 +347,7 @@ make_server (xmlURIPtr uri, const char *socket, char ***ret)
|
|
||||||
*ret = malloc (sizeof (char *) * 2);
|
|
||||||
if (*ret == NULL) {
|
|
||||||
perror ("malloc");
|
|
||||||
+ free (server);
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
(*ret)[0] = server;
|
|
||||||
diff --git a/tests/test-v2v-conversion-of.sh b/tests/test-v2v-conversion-of.sh
|
diff --git a/tests/test-v2v-conversion-of.sh b/tests/test-v2v-conversion-of.sh
|
||||||
index 5a974d1b..5c5cae7c 100755
|
index 5a974d1b..5c5cae7c 100755
|
||||||
--- a/tests/test-v2v-conversion-of.sh
|
--- a/tests/test-v2v-conversion-of.sh
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
From 6e5b4da53504a4b62d225fe103e5821ccbfd3c3a Mon Sep 17 00:00:00 2001
|
From 0699afed37343d73c6803cabec466e1c3ca229b0 Mon Sep 17 00:00:00 2001
|
||||||
From: Laszlo Ersek <lersek@redhat.com>
|
From: Laszlo Ersek <lersek@redhat.com>
|
||||||
Date: Mon, 13 Jun 2022 19:01:32 +0200
|
Date: Mon, 13 Jun 2022 19:01:32 +0200
|
||||||
Subject: [PATCH] output/create_libvirt_xml: wire up the QEMU guest agent
|
Subject: [PATCH] output/create_libvirt_xml: wire up the QEMU guest agent
|
File diff suppressed because it is too large
Load Diff
@ -1,4 +1,4 @@
|
|||||||
From bd1122439b4138952e6c14b834eac79405410a94 Mon Sep 17 00:00:00 2001
|
From 82c7526e052d2aa64a6754ff0e1082937e3ee4bc Mon Sep 17 00:00:00 2001
|
||||||
From: Laszlo Ersek <lersek@redhat.com>
|
From: Laszlo Ersek <lersek@redhat.com>
|
||||||
Date: Mon, 13 Jun 2022 19:01:34 +0200
|
Date: Mon, 13 Jun 2022 19:01:34 +0200
|
||||||
Subject: [PATCH] convert_linux: extract qemu-guest-agent package name
|
Subject: [PATCH] convert_linux: extract qemu-guest-agent package name
|
@ -1,44 +0,0 @@
|
|||||||
From ef6e9a2fbe5c294837a019533a38a42ffb5770d7 Mon Sep 17 00:00:00 2001
|
|
||||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
|
||||||
Date: Wed, 8 Jun 2022 16:10:56 +0100
|
|
||||||
Subject: [PATCH] test-data/phony-guests: Increase size of root filesystem
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
|
|
||||||
Avoid this error in virt-v2v when trying to convert the phony Fedora
|
|
||||||
guest image:
|
|
||||||
|
|
||||||
[ 8.1] Checking for sufficient free disk space in the guest
|
|
||||||
virt-v2v: error: not enough free space for conversion on filesystem
|
|
||||||
‘/’. 21.6 MB free < 100 MB needed
|
|
||||||
|
|
||||||
(cherry picked from commit fd7cd0c0fd2259506f6ec1c248c11c1158656665)
|
|
||||||
---
|
|
||||||
test-data/phony-guests/make-fedora-img.pl | 4 ++--
|
|
||||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/test-data/phony-guests/make-fedora-img.pl b/test-data/phony-guests/make-fedora-img.pl
|
|
||||||
index 90492b81..f340f4d7 100755
|
|
||||||
--- a/test-data/phony-guests/make-fedora-img.pl
|
|
||||||
+++ b/test-data/phony-guests/make-fedora-img.pl
|
|
||||||
@@ -1,6 +1,6 @@
|
|
||||||
#!/usr/bin/env perl
|
|
||||||
# libguestfs
|
|
||||||
-# Copyright (C) 2010-2020 Red Hat Inc.
|
|
||||||
+# Copyright (C) 2010-2022 Red Hat Inc.
|
|
||||||
#
|
|
||||||
# This program is free software; you can redistribute it and/or modify
|
|
||||||
# it under the terms of the GNU General Public License as published by
|
|
||||||
@@ -210,7 +210,7 @@ sub init_lvm_root {
|
|
||||||
|
|
||||||
$g->pvcreate ($rootdev);
|
|
||||||
$g->vgcreate ('VG', [$rootdev]);
|
|
||||||
- $g->lvcreate ('Root', 'VG', 32);
|
|
||||||
+ $g->lvcreate ('Root', 'VG', 256);
|
|
||||||
$g->lvcreate ('LV1', 'VG', 32);
|
|
||||||
$g->lvcreate ('LV2', 'VG', 32);
|
|
||||||
$g->lvcreate ('LV3', 'VG', 64);
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
122
0015-convert_linux-install-the-QEMU-guest-agent-with-a-fi.patch
Normal file
122
0015-convert_linux-install-the-QEMU-guest-agent-with-a-fi.patch
Normal file
@ -0,0 +1,122 @@
|
|||||||
|
From e32a5ee7deb9a381ab285aba92c4de23e3c6ee2e Mon Sep 17 00:00:00 2001
|
||||||
|
From: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Date: Mon, 13 Jun 2022 19:01:35 +0200
|
||||||
|
Subject: [PATCH] convert_linux: install the QEMU guest agent with a firstboot
|
||||||
|
script
|
||||||
|
|
||||||
|
Register a firstboot script, for installing the guest agent with the
|
||||||
|
guest's own package manager -- that is, "Guest_packages.install_command".
|
||||||
|
|
||||||
|
For installing the package, network connectivity is required. Check it
|
||||||
|
first with "nmcli" (also checking whether NetworkManager is running), then
|
||||||
|
with "systemd-networkd-wait-online" (dependent on systemd-networkd). Note
|
||||||
|
that NetworkManager and systemd-networkd are never supposed to be enabled
|
||||||
|
at the same time.
|
||||||
|
|
||||||
|
The source domain's SELinux policy may not allow our firstboot service to
|
||||||
|
execute the package's installation scripts (if any). For that reason,
|
||||||
|
temporarily disable SELinux around package installation.
|
||||||
|
|
||||||
|
After installation, register another script for launching the agent.
|
||||||
|
|
||||||
|
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2028764
|
||||||
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Message-Id: <20220613170135.12557-5-lersek@redhat.com>
|
||||||
|
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
|
||||||
|
(cherry picked from commit e64356896377af1ac75a03d6a4c6a4208910bbf4)
|
||||||
|
---
|
||||||
|
convert/convert_linux.ml | 78 ++++++++++++++++++++++++++++++++++++++--
|
||||||
|
1 file changed, 76 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/convert/convert_linux.ml b/convert/convert_linux.ml
|
||||||
|
index 2ddbc07a..59d143bd 100644
|
||||||
|
--- a/convert/convert_linux.ml
|
||||||
|
+++ b/convert/convert_linux.ml
|
||||||
|
@@ -562,8 +562,82 @@ let convert (g : G.guestfs) source inspect keep_serial_console _ =
|
||||||
|
name = qga_pkg
|
||||||
|
) inspect.i_apps in
|
||||||
|
if not has_qemu_guest_agent then
|
||||||
|
- (* FIXME -- install qemu-guest-agent here *)
|
||||||
|
- ()
|
||||||
|
+ try
|
||||||
|
+ let inst_cmd = Guest_packages.install_command [qga_pkg]
|
||||||
|
+ inspect.i_package_management in
|
||||||
|
+
|
||||||
|
+ (* Use only the portable filename character set in this. *)
|
||||||
|
+ let selinux_enforcing = "/root/virt-v2v-fb-selinux-enforcing"
|
||||||
|
+ and timeout = 30 in
|
||||||
|
+ let fbs =
|
||||||
|
+ Firstboot.add_firstboot_script g inspect.i_root
|
||||||
|
+ in
|
||||||
|
+ info (f_"The QEMU Guest Agent will be installed for this guest at \
|
||||||
|
+ first boot.");
|
||||||
|
+
|
||||||
|
+ (* Wait for the network to come online in the guest (best effort).
|
||||||
|
+ *)
|
||||||
|
+ fbs "wait online"
|
||||||
|
+ (sprintf "#!/bin/sh\n\
|
||||||
|
+ if conn=$(nmcli networking connectivity); then\n\
|
||||||
|
+ \ \ tries=0\n\
|
||||||
|
+ \ \ while\n\
|
||||||
|
+ \ \ \ \ test $tries -lt %d &&\n\
|
||||||
|
+ \ \ \ \ test full != \"$conn\"\n\
|
||||||
|
+ \ \ do\n\
|
||||||
|
+ \ \ \ \ sleep 1\n\
|
||||||
|
+ \ \ \ \ tries=$((tries + 1))\n\
|
||||||
|
+ \ \ \ \ conn=$(nmcli networking connectivity)\n\
|
||||||
|
+ \ \ done\n\
|
||||||
|
+ elif systemctl -q is-active systemd-networkd; then\n\
|
||||||
|
+ \ \ /usr/lib/systemd/systemd-networkd-wait-online \\\n\
|
||||||
|
+ \ \ \ \ -q --timeout=%d\n\
|
||||||
|
+ fi\n" timeout timeout);
|
||||||
|
+
|
||||||
|
+ (* Disable SELinux temporarily around package installation. Refer to
|
||||||
|
+ * <https://bugzilla.redhat.com/show_bug.cgi?id=2028764#c7> and
|
||||||
|
+ * <https://bugzilla.redhat.com/show_bug.cgi?id=2028764#c8>.
|
||||||
|
+ *)
|
||||||
|
+ fbs "setenforce 0"
|
||||||
|
+ (sprintf "#!/bin/sh\n\
|
||||||
|
+ rm -f %s\n\
|
||||||
|
+ if command -v getenforce >/dev/null &&\n\
|
||||||
|
+ \ \ test Enforcing = \"$(getenforce)\"\n\
|
||||||
|
+ then\n\
|
||||||
|
+ \ \ touch %s\n\
|
||||||
|
+ \ \ setenforce 0\n\
|
||||||
|
+ fi\n" selinux_enforcing selinux_enforcing);
|
||||||
|
+ fbs "install qga" inst_cmd;
|
||||||
|
+ fbs "setenforce restore"
|
||||||
|
+ (sprintf "#!/bin/sh\n\
|
||||||
|
+ if test -f %s; then\n\
|
||||||
|
+ \ \ setenforce 1\n\
|
||||||
|
+ \ \ rm -f %s\n\
|
||||||
|
+ fi\n" selinux_enforcing selinux_enforcing);
|
||||||
|
+
|
||||||
|
+ (* Start the agent now and at subsequent boots. The following
|
||||||
|
+ * commands should work on both sysvinit distros / distro versions
|
||||||
|
+ * (regardless of "/etc/rc.d/" vs. "/etc/init.d/" being the scheme
|
||||||
|
+ * in use) and systemd distros (via redirection to systemctl).
|
||||||
|
+ *
|
||||||
|
+ * On distros where the chkconfig command is redirected to
|
||||||
|
+ * systemctl, the chkconfig command is likely superfluous. That's
|
||||||
|
+ * because on systemd distros, the QGA package comes with such
|
||||||
|
+ * runtime dependencies / triggers that the presence of the
|
||||||
|
+ * virtio-serial port named "org.qemu.guest_agent.0" automatically
|
||||||
|
+ * starts the agent during (second and later) boots. However, even
|
||||||
|
+ * on such distros, the chkconfig command should do no harm.
|
||||||
|
+ *)
|
||||||
|
+ fbs "start qga"
|
||||||
|
+ (sprintf "#!/bin/sh\n\
|
||||||
|
+ service %s start\n\
|
||||||
|
+ chkconfig %s on\n" qga_pkg qga_pkg)
|
||||||
|
+ with
|
||||||
|
+ | Guest_packages.Unknown_package_manager msg
|
||||||
|
+ | Guest_packages.Unimplemented_package_manager msg ->
|
||||||
|
+ warning (f_"The QEMU Guest Agent will not be installed. The \
|
||||||
|
+ install command for package ‘%s’ could not be created: \
|
||||||
|
+ %s.") qga_pkg msg
|
||||||
|
|
||||||
|
and configure_kernel () =
|
||||||
|
(* Previously this function would try to install kernels, but we
|
||||||
|
--
|
||||||
|
2.31.1
|
||||||
|
|
@ -1,220 +0,0 @@
|
|||||||
From 3c8d2e517491edd9241542f21f1203f098e29677 Mon Sep 17 00:00:00 2001
|
|
||||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
|
||||||
Date: Wed, 8 Jun 2022 16:24:18 +0100
|
|
||||||
Subject: [PATCH] test-data/phony-guests: Allow virt-v2v to work against phony
|
|
||||||
Fedora
|
|
||||||
|
|
||||||
We didn't use the phony Fedora guest before with virt-v2v (only the
|
|
||||||
phony Windows image). This commit makes miscellaneous changes so that
|
|
||||||
it can be used for testing:
|
|
||||||
|
|
||||||
- Add dummy rpm and dracut commands.
|
|
||||||
|
|
||||||
- Add dummy kernel, initramfs and modules directory.
|
|
||||||
|
|
||||||
- Add dummy grub configuration pointing to the kernel.
|
|
||||||
|
|
||||||
(cherry picked from commit 1e75569aa074a50e96867d1021651ca2f75bcc16)
|
|
||||||
---
|
|
||||||
.gitignore | 1 +
|
|
||||||
test-data/phony-guests/Makefile.am | 19 +++++--
|
|
||||||
test-data/phony-guests/fedora.c | 66 +++++++++++++++++++++++
|
|
||||||
test-data/phony-guests/make-fedora-img.pl | 26 ++++++++-
|
|
||||||
4 files changed, 107 insertions(+), 5 deletions(-)
|
|
||||||
create mode 100644 test-data/phony-guests/fedora.c
|
|
||||||
|
|
||||||
diff --git a/.gitignore b/.gitignore
|
|
||||||
index 5a48ee58..dcafa39c 100644
|
|
||||||
--- a/.gitignore
|
|
||||||
+++ b/.gitignore
|
|
||||||
@@ -119,6 +119,7 @@ Makefile.in
|
|
||||||
/test-data/phony-guests/fedora-luks.img
|
|
||||||
/test-data/phony-guests/fedora-md1.img
|
|
||||||
/test-data/phony-guests/fedora-md2.img
|
|
||||||
+/test-data/phony-guests/fedora-static-bin
|
|
||||||
/test-data/phony-guests/fedora.db
|
|
||||||
/test-data/phony-guests/guests.xml
|
|
||||||
/test-data/phony-guests/guests-all-good.xml
|
|
||||||
diff --git a/test-data/phony-guests/Makefile.am b/test-data/phony-guests/Makefile.am
|
|
||||||
index 60313548..c45ddc11 100644
|
|
||||||
--- a/test-data/phony-guests/Makefile.am
|
|
||||||
+++ b/test-data/phony-guests/Makefile.am
|
|
||||||
@@ -76,7 +76,8 @@ blank-%.img:
|
|
||||||
# Make a (dummy) Fedora image.
|
|
||||||
fedora.img: make-fedora-img.pl \
|
|
||||||
fedora-journal.tar.xz \
|
|
||||||
- fedora.db
|
|
||||||
+ fedora.db \
|
|
||||||
+ fedora-static-bin
|
|
||||||
SRCDIR=$(srcdir) LAYOUT=partitions $(top_builddir)/run --test ./$<
|
|
||||||
|
|
||||||
# Make a (dummy) Fedora image using md devices
|
|
||||||
@@ -84,7 +85,8 @@ fedora-md1.img fedora-md2.img: stamp-fedora-md.img
|
|
||||||
|
|
||||||
stamp-fedora-md.img: make-fedora-img.pl \
|
|
||||||
fedora-journal.tar.xz \
|
|
||||||
- fedora.db
|
|
||||||
+ fedora.db \
|
|
||||||
+ fedora-static-bin
|
|
||||||
rm -f $@
|
|
||||||
SRCDIR=$(srcdir) LAYOUT=partitions-md $(top_builddir)/run --test ./$<
|
|
||||||
touch $@
|
|
||||||
@@ -93,13 +95,15 @@ stamp-fedora-md.img: make-fedora-img.pl \
|
|
||||||
# for root and home.
|
|
||||||
fedora-btrfs.img: make-fedora-img.pl \
|
|
||||||
fedora-journal.tar.xz \
|
|
||||||
- fedora.db
|
|
||||||
+ fedora.db \
|
|
||||||
+ fedora-static-bin
|
|
||||||
SRCDIR=$(srcdir) LAYOUT=btrfs $(top_builddir)/run --test ./$<
|
|
||||||
|
|
||||||
# Make a (dummy) Fedora image with LVM encrypted with LUKS.
|
|
||||||
fedora-luks.img: make-fedora-img.pl \
|
|
||||||
fedora-journal.tar.xz \
|
|
||||||
- fedora.db
|
|
||||||
+ fedora.db \
|
|
||||||
+ fedora-static-bin
|
|
||||||
SRCDIR=$(srcdir) LAYOUT=lvm-luks $(top_builddir)/run --test ./$<
|
|
||||||
|
|
||||||
# Make a (dummy) Debian image.
|
|
||||||
@@ -137,6 +141,13 @@ fedora.db: fedora-db.sql.xz
|
|
||||||
xzcat $< | $(SQLITE3) $@-t
|
|
||||||
mv $@-t $@
|
|
||||||
|
|
||||||
+# This is included in the phony Fedora image to act as a phony "rpm"
|
|
||||||
+# and "dracut" command. For the use of -all-static here, see
|
|
||||||
+# libguestfs/tests/Makefile.am
|
|
||||||
+check_PROGRAMS = fedora-static-bin
|
|
||||||
+fedora_static_bin_SOURCES = fedora.c
|
|
||||||
+fedora_static_bin_LDFLAGS = -all-static
|
|
||||||
+
|
|
||||||
windows-software: windows-software.reg
|
|
||||||
rm -f $@ $@-t
|
|
||||||
cp $(srcdir)/minimal-hive $@-t
|
|
||||||
diff --git a/test-data/phony-guests/fedora.c b/test-data/phony-guests/fedora.c
|
|
||||||
new file mode 100644
|
|
||||||
index 00000000..c74976d6
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/test-data/phony-guests/fedora.c
|
|
||||||
@@ -0,0 +1,66 @@
|
|
||||||
+/* libguestfs test images
|
|
||||||
+ * Copyright (C) 2009-2020 Red Hat Inc.
|
|
||||||
+ *
|
|
||||||
+ * This program is free software; you can redistribute it and/or modify
|
|
||||||
+ * it under the terms of the GNU General Public License as published by
|
|
||||||
+ * the Free Software Foundation; either version 2 of the License, or
|
|
||||||
+ * (at your option) any later version.
|
|
||||||
+ *
|
|
||||||
+ * This program is distributed in the hope that it will be useful,
|
|
||||||
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
+ * GNU General Public License for more details.
|
|
||||||
+ *
|
|
||||||
+ * You should have received a copy of the GNU General Public License
|
|
||||||
+ * along with this program; if not, write to the Free Software
|
|
||||||
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
||||||
+ */
|
|
||||||
+
|
|
||||||
+/* This is "just enough" of a binary to look like RPM and dracut, as
|
|
||||||
+ * far as virt-v2v is concerned.
|
|
||||||
+ */
|
|
||||||
+
|
|
||||||
+#include <stdio.h>
|
|
||||||
+#include <stdlib.h>
|
|
||||||
+#include <string.h>
|
|
||||||
+
|
|
||||||
+/* NB: This is also defined in make-fedora-img.pl */
|
|
||||||
+#define KVER "5.19.0-0.rc1.14.fc37.x86_64"
|
|
||||||
+
|
|
||||||
+static const char *
|
|
||||||
+get_basename (const char *str)
|
|
||||||
+{
|
|
||||||
+ const char *ret = strrchr (str, '/');
|
|
||||||
+ return ret == NULL ? str : ret + 1;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+int
|
|
||||||
+main (int argc, char *argv[])
|
|
||||||
+{
|
|
||||||
+ if (argc == 3 &&
|
|
||||||
+ strcmp (get_basename (argv[0]), "rpm") == 0 &&
|
|
||||||
+ strcmp (argv[1], "-ql") == 0 &&
|
|
||||||
+ strncmp (argv[2], "kernel-", 7) == 0) {
|
|
||||||
+ /* XXX These files and directories actually exist. It would be
|
|
||||||
+ * better to list files in /boot and /lib/modules matching a
|
|
||||||
+ * pattern rather than hard-coding the list here, which duplicates
|
|
||||||
+ * information in make-fedora-img.pl.
|
|
||||||
+ */
|
|
||||||
+ printf ("/boot/vmlinuz-" KVER "\n");
|
|
||||||
+ printf ("/lib/modules/" KVER "\n");
|
|
||||||
+ printf ("/lib/modules/" KVER "/kernel\n");
|
|
||||||
+ printf ("/lib/modules/" KVER "/kernel/drivers\n");
|
|
||||||
+ printf ("/lib/modules/" KVER "/kernel/drivers/block\n");
|
|
||||||
+ printf ("/lib/modules/" KVER "/kernel/drivers/block/virtio_blk.ko\n");
|
|
||||||
+ }
|
|
||||||
+ else if (argc >= 1 &&
|
|
||||||
+ strcmp (get_basename (argv[0]), "dracut") == 0) {
|
|
||||||
+ // do nothing, pretend to rebuild the initramfs
|
|
||||||
+ }
|
|
||||||
+ else {
|
|
||||||
+ fprintf (stderr, "phony Fedora: unknown command\n");
|
|
||||||
+ exit (1);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ exit (0);
|
|
||||||
+}
|
|
||||||
diff --git a/test-data/phony-guests/make-fedora-img.pl b/test-data/phony-guests/make-fedora-img.pl
|
|
||||||
index f340f4d7..ad30960f 100755
|
|
||||||
--- a/test-data/phony-guests/make-fedora-img.pl
|
|
||||||
+++ b/test-data/phony-guests/make-fedora-img.pl
|
|
||||||
@@ -240,6 +240,7 @@ $g->mount ($bootdev, '/boot');
|
|
||||||
$g->mkdir ('/bin');
|
|
||||||
$g->mkdir ('/etc');
|
|
||||||
$g->mkdir ('/etc/sysconfig');
|
|
||||||
+$g->mkdir ('/sbin');
|
|
||||||
$g->mkdir ('/usr');
|
|
||||||
$g->mkdir ('/usr/share');
|
|
||||||
$g->mkdir ('/usr/share/zoneinfo');
|
|
||||||
@@ -276,8 +277,17 @@ $g->upload ($ENV{SRCDIR}.'/../binaries/bin-x86_64-dynamic', '/bin/ls');
|
|
||||||
|
|
||||||
$g->tar_in ($ENV{SRCDIR}.'/fedora-journal.tar.xz', '/var/log/journal', compress => "xz");
|
|
||||||
|
|
||||||
+# NB: This is also defined in fedora.c
|
|
||||||
+my $kver = "5.19.0-0.rc1.14.fc37.x86_64";
|
|
||||||
$g->mkdir ('/boot/grub');
|
|
||||||
-$g->touch ('/boot/grub/grub.conf');
|
|
||||||
+$g->write ('/boot/grub/grub.conf', <<EOF);
|
|
||||||
+title Fedora
|
|
||||||
+ root (hd0,0)
|
|
||||||
+ kernel /vmlinuz-$kver
|
|
||||||
+ initrd /initramfs-$kver.img
|
|
||||||
+EOF
|
|
||||||
+
|
|
||||||
+$g->touch ('/etc/modprobe.conf');
|
|
||||||
|
|
||||||
# Test files.
|
|
||||||
$g->write ('/etc/test1', 'abcdefg');
|
|
||||||
@@ -300,6 +310,20 @@ $g->ln_s ('/bin/test1', '/bin/test5');
|
|
||||||
$g->mkfifo (0777, '/bin/test6');
|
|
||||||
$g->mknod (0777, 10, 10, '/bin/test7');
|
|
||||||
|
|
||||||
+# Virt-v2v needs an RPM command, or at least something which acts
|
|
||||||
+# similarly, and also a dracut command.
|
|
||||||
+$g->upload ('fedora-static-bin', '/bin/rpm');
|
|
||||||
+$g->chmod (0777, '/bin/rpm');
|
|
||||||
+$g->upload ('fedora-static-bin', '/sbin/dracut');
|
|
||||||
+$g->chmod (0777, '/sbin/dracut');
|
|
||||||
+
|
|
||||||
+# Virt-v2v also needs a kernel, initrd and modules path.
|
|
||||||
+$g->touch ("/boot/vmlinuz-$kver");
|
|
||||||
+$g->touch ("/boot/initramfs-$kver.img");
|
|
||||||
+$g->mkdir_p ("/lib/modules/$kver/kernel/drivers/block");
|
|
||||||
+$g->upload ($ENV{SRCDIR}.'/../binaries/bin-x86_64-dynamic',
|
|
||||||
+ "/lib/modules/$kver/kernel/drivers/block/virtio_blk.ko");
|
|
||||||
+
|
|
||||||
# Cleanup
|
|
||||||
$g->shutdown ();
|
|
||||||
$g->close ();
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
@ -1,4 +1,4 @@
|
|||||||
From 1477040f818e86723b1f1f0c424e70380c33b892 Mon Sep 17 00:00:00 2001
|
From 50a74177b3577952159d87335cf40c0ad3e51b4d Mon Sep 17 00:00:00 2001
|
||||||
From: Laszlo Ersek <lersek@redhat.com>
|
From: Laszlo Ersek <lersek@redhat.com>
|
||||||
Date: Fri, 17 Jun 2022 11:53:37 +0200
|
Date: Fri, 17 Jun 2022 11:53:37 +0200
|
||||||
Subject: [PATCH] RHV outputs: limit copied disk count to 23
|
Subject: [PATCH] RHV outputs: limit copied disk count to 23
|
@ -1,202 +0,0 @@
|
|||||||
From 34e04554158afb85ee6b5baebe2a9b18e0b34c86 Mon Sep 17 00:00:00 2001
|
|
||||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
|
||||||
Date: Wed, 8 Jun 2022 17:31:24 +0100
|
|
||||||
Subject: [PATCH] tests: Add test cases for converting the phony Fedora images
|
|
||||||
|
|
||||||
As well as testing a full Fedora conversion which was not really
|
|
||||||
tested properly before, this also adds tests of conversions of Btrfs,
|
|
||||||
RAID and LUKS guests.
|
|
||||||
|
|
||||||
(cherry picked from commit 3600f81ec5b584cbdc3f1d33a7a42bbc014e2412)
|
|
||||||
---
|
|
||||||
tests/Makefile.am | 8 ++++++
|
|
||||||
tests/test-v2v-fedora-btrfs-conversion.sh | 31 +++++++++++++++++++++
|
|
||||||
tests/test-v2v-fedora-conversion.sh | 31 +++++++++++++++++++++
|
|
||||||
tests/test-v2v-fedora-luks-conversion.sh | 32 ++++++++++++++++++++++
|
|
||||||
tests/test-v2v-fedora-md-conversion.sh | 33 +++++++++++++++++++++++
|
|
||||||
5 files changed, 135 insertions(+)
|
|
||||||
create mode 100755 tests/test-v2v-fedora-btrfs-conversion.sh
|
|
||||||
create mode 100755 tests/test-v2v-fedora-conversion.sh
|
|
||||||
create mode 100755 tests/test-v2v-fedora-luks-conversion.sh
|
|
||||||
create mode 100755 tests/test-v2v-fedora-md-conversion.sh
|
|
||||||
|
|
||||||
diff --git a/tests/Makefile.am b/tests/Makefile.am
|
|
||||||
index 549d39e1..eb2931c5 100644
|
|
||||||
--- a/tests/Makefile.am
|
|
||||||
+++ b/tests/Makefile.am
|
|
||||||
@@ -95,6 +95,10 @@ TESTS = \
|
|
||||||
test-v2v-print-source.sh \
|
|
||||||
test-v2v-sound.sh \
|
|
||||||
test-v2v-virtio-win-iso.sh \
|
|
||||||
+ test-v2v-fedora-conversion.sh \
|
|
||||||
+ test-v2v-fedora-btrfs-conversion.sh \
|
|
||||||
+ test-v2v-fedora-luks-conversion.sh \
|
|
||||||
+ test-v2v-fedora-md-conversion.sh \
|
|
||||||
test-v2v-windows-conversion.sh \
|
|
||||||
rhbz1232192.sh \
|
|
||||||
$(SLOW_TESTS) \
|
|
||||||
@@ -170,6 +174,10 @@ EXTRA_DIST += \
|
|
||||||
test-v2v-bad-networks-and-bridges.sh \
|
|
||||||
test-v2v-cdrom.expected \
|
|
||||||
test-v2v-cdrom.sh \
|
|
||||||
+ test-v2v-fedora-conversion.sh \
|
|
||||||
+ test-v2v-fedora-btrfs-conversion.sh \
|
|
||||||
+ test-v2v-fedora-luks-conversion.sh \
|
|
||||||
+ test-v2v-fedora-md-conversion.sh \
|
|
||||||
test-v2v-floppy.expected \
|
|
||||||
test-v2v-floppy.sh \
|
|
||||||
test-v2v-i-disk.sh \
|
|
||||||
diff --git a/tests/test-v2v-fedora-btrfs-conversion.sh b/tests/test-v2v-fedora-btrfs-conversion.sh
|
|
||||||
new file mode 100755
|
|
||||||
index 00000000..c78f8ae2
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/tests/test-v2v-fedora-btrfs-conversion.sh
|
|
||||||
@@ -0,0 +1,31 @@
|
|
||||||
+#!/bin/bash -
|
|
||||||
+# libguestfs virt-v2v test script
|
|
||||||
+# Copyright (C) 2014-2022 Red Hat Inc.
|
|
||||||
+#
|
|
||||||
+# This program is free software; you can redistribute it and/or modify
|
|
||||||
+# it under the terms of the GNU General Public License as published by
|
|
||||||
+# the Free Software Foundation; either version 2 of the License, or
|
|
||||||
+# (at your option) any later version.
|
|
||||||
+#
|
|
||||||
+# This program is distributed in the hope that it will be useful,
|
|
||||||
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
+# GNU General Public License for more details.
|
|
||||||
+#
|
|
||||||
+# You should have received a copy of the GNU General Public License
|
|
||||||
+# along with this program; if not, write to the Free Software
|
|
||||||
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
||||||
+
|
|
||||||
+# Test virt-v2v (Phony) Fedora conversion.
|
|
||||||
+
|
|
||||||
+set -e
|
|
||||||
+
|
|
||||||
+source ./functions.sh
|
|
||||||
+set -e
|
|
||||||
+set -x
|
|
||||||
+
|
|
||||||
+skip_if_skipped
|
|
||||||
+f=../test-data/phony-guests/fedora-btrfs.img
|
|
||||||
+requires test -f $f
|
|
||||||
+
|
|
||||||
+$VG virt-v2v --debug-gc -i disk $f -o null
|
|
||||||
diff --git a/tests/test-v2v-fedora-conversion.sh b/tests/test-v2v-fedora-conversion.sh
|
|
||||||
new file mode 100755
|
|
||||||
index 00000000..92f4bbe8
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/tests/test-v2v-fedora-conversion.sh
|
|
||||||
@@ -0,0 +1,31 @@
|
|
||||||
+#!/bin/bash -
|
|
||||||
+# libguestfs virt-v2v test script
|
|
||||||
+# Copyright (C) 2014-2022 Red Hat Inc.
|
|
||||||
+#
|
|
||||||
+# This program is free software; you can redistribute it and/or modify
|
|
||||||
+# it under the terms of the GNU General Public License as published by
|
|
||||||
+# the Free Software Foundation; either version 2 of the License, or
|
|
||||||
+# (at your option) any later version.
|
|
||||||
+#
|
|
||||||
+# This program is distributed in the hope that it will be useful,
|
|
||||||
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
+# GNU General Public License for more details.
|
|
||||||
+#
|
|
||||||
+# You should have received a copy of the GNU General Public License
|
|
||||||
+# along with this program; if not, write to the Free Software
|
|
||||||
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
||||||
+
|
|
||||||
+# Test virt-v2v (Phony) Fedora conversion.
|
|
||||||
+
|
|
||||||
+set -e
|
|
||||||
+
|
|
||||||
+source ./functions.sh
|
|
||||||
+set -e
|
|
||||||
+set -x
|
|
||||||
+
|
|
||||||
+skip_if_skipped
|
|
||||||
+f=../test-data/phony-guests/fedora.img
|
|
||||||
+requires test -f $f
|
|
||||||
+
|
|
||||||
+$VG virt-v2v --debug-gc -i disk $f -o null
|
|
||||||
diff --git a/tests/test-v2v-fedora-luks-conversion.sh b/tests/test-v2v-fedora-luks-conversion.sh
|
|
||||||
new file mode 100755
|
|
||||||
index 00000000..2922c31d
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/tests/test-v2v-fedora-luks-conversion.sh
|
|
||||||
@@ -0,0 +1,32 @@
|
|
||||||
+#!/bin/bash -
|
|
||||||
+# libguestfs virt-v2v test script
|
|
||||||
+# Copyright (C) 2014-2022 Red Hat Inc.
|
|
||||||
+#
|
|
||||||
+# This program is free software; you can redistribute it and/or modify
|
|
||||||
+# it under the terms of the GNU General Public License as published by
|
|
||||||
+# the Free Software Foundation; either version 2 of the License, or
|
|
||||||
+# (at your option) any later version.
|
|
||||||
+#
|
|
||||||
+# This program is distributed in the hope that it will be useful,
|
|
||||||
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
+# GNU General Public License for more details.
|
|
||||||
+#
|
|
||||||
+# You should have received a copy of the GNU General Public License
|
|
||||||
+# along with this program; if not, write to the Free Software
|
|
||||||
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
||||||
+
|
|
||||||
+# Test virt-v2v (Phony) Fedora conversion.
|
|
||||||
+
|
|
||||||
+set -e
|
|
||||||
+
|
|
||||||
+source ./functions.sh
|
|
||||||
+set -e
|
|
||||||
+set -x
|
|
||||||
+
|
|
||||||
+skip_if_skipped
|
|
||||||
+f=../test-data/phony-guests/fedora-luks.img
|
|
||||||
+requires test -f $f
|
|
||||||
+
|
|
||||||
+# The disk is encrypted with password "FEDORA".
|
|
||||||
+$VG virt-v2v --debug-gc -i disk $f -o null --key /dev/sda2:key:FEDORA
|
|
||||||
diff --git a/tests/test-v2v-fedora-md-conversion.sh b/tests/test-v2v-fedora-md-conversion.sh
|
|
||||||
new file mode 100755
|
|
||||||
index 00000000..669f2c01
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/tests/test-v2v-fedora-md-conversion.sh
|
|
||||||
@@ -0,0 +1,33 @@
|
|
||||||
+#!/bin/bash -
|
|
||||||
+# libguestfs virt-v2v test script
|
|
||||||
+# Copyright (C) 2014-2022 Red Hat Inc.
|
|
||||||
+#
|
|
||||||
+# This program is free software; you can redistribute it and/or modify
|
|
||||||
+# it under the terms of the GNU General Public License as published by
|
|
||||||
+# the Free Software Foundation; either version 2 of the License, or
|
|
||||||
+# (at your option) any later version.
|
|
||||||
+#
|
|
||||||
+# This program is distributed in the hope that it will be useful,
|
|
||||||
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
+# GNU General Public License for more details.
|
|
||||||
+#
|
|
||||||
+# You should have received a copy of the GNU General Public License
|
|
||||||
+# along with this program; if not, write to the Free Software
|
|
||||||
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
||||||
+
|
|
||||||
+# Test virt-v2v (Phony) Fedora conversion.
|
|
||||||
+
|
|
||||||
+set -e
|
|
||||||
+
|
|
||||||
+source ./functions.sh
|
|
||||||
+set -e
|
|
||||||
+set -x
|
|
||||||
+
|
|
||||||
+skip_if_skipped
|
|
||||||
+f1=../test-data/phony-guests/fedora-md1.img
|
|
||||||
+requires test -f $f1
|
|
||||||
+f2=../test-data/phony-guests/fedora-md2.img
|
|
||||||
+requires test -f $f2
|
|
||||||
+
|
|
||||||
+$VG virt-v2v --debug-gc -i disk $f1 $f2 -o null
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
@ -0,0 +1,52 @@
|
|||||||
|
From 81a201269e5451cd76348e0da6d0ef4c0fb4c0dd Mon Sep 17 00:00:00 2001
|
||||||
|
From: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Date: Fri, 1 Jul 2022 15:30:42 +0200
|
||||||
|
Subject: [PATCH] convert: document networking dependency of "--key ID:clevis"
|
||||||
|
|
||||||
|
Virt-v2v enables appliance networking already, for the sake of
|
||||||
|
"unconfigure_vmware". We now have a second use case for networking: "--key
|
||||||
|
ID:clevis". Update the comment in the code.
|
||||||
|
|
||||||
|
(Short log for libguestfs-common commit range 35467027f657..af6cb55bc58a:
|
||||||
|
|
||||||
|
Laszlo Ersek (12):
|
||||||
|
options: fix UUID comparison logic bug in get_keys()
|
||||||
|
mltools/tools_utils: remove unused function "key_store_to_cli"
|
||||||
|
mltools/tools_utils: allow multiple "--key" options for OCaml tools too
|
||||||
|
options: replace NULL-termination with number-of-elements in get_keys()
|
||||||
|
options: wrap each passphrase from get_keys() into a struct
|
||||||
|
options: add back-end for LUKS decryption with Clevis+Tang
|
||||||
|
options: introduce selector type "key_clevis"
|
||||||
|
options: generalize "--key" selector parsing for C-language utilities
|
||||||
|
mltools/tools_utils-c: handle internal type error with abort()
|
||||||
|
mltools/tools_utils: generalize "--key" selector parsing for OCaml utils
|
||||||
|
options, mltools/tools_utils: parse "--key ID:clevis" options
|
||||||
|
options, mltools/tools_utils: add helper for network dependency
|
||||||
|
).
|
||||||
|
|
||||||
|
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1809453
|
||||||
|
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
||||||
|
Message-Id: <20220628115856.5820-1-lersek@redhat.com>
|
||||||
|
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
|
||||||
|
(cherry picked from commit 98fa5ab2685371c681282ce5de704877af27be74)
|
||||||
|
---
|
||||||
|
convert/convert.ml | 3 ++-
|
||||||
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/convert/convert.ml b/convert/convert.ml
|
||||||
|
index 5e0e6c2b..b678dc92 100644
|
||||||
|
--- a/convert/convert.ml
|
||||||
|
+++ b/convert/convert.ml
|
||||||
|
@@ -57,7 +57,8 @@ let rec convert dir options source =
|
||||||
|
* sure this is not too large because each vCPU consumes guest RAM.
|
||||||
|
*)
|
||||||
|
g#set_smp (min 8 (Sysconf.nr_processors_online ()));
|
||||||
|
- (* The network is only used by the unconfigure_vmware () function. *)
|
||||||
|
+ (* The network is used by the unconfigure_vmware () function, and the "--key
|
||||||
|
+ * ID:clevis" command line options (if any). *)
|
||||||
|
g#set_network true;
|
||||||
|
List.iter (
|
||||||
|
fun { s_disk_id = i } ->
|
||||||
|
--
|
||||||
|
2.31.1
|
||||||
|
|
@ -1,4 +1,4 @@
|
|||||||
From a2d58a7f879c2fd3ac6ff1ddd92db0e455b906f3 Mon Sep 17 00:00:00 2001
|
From 80831868395d161af8c47edf2f54234c63581d8d Mon Sep 17 00:00:00 2001
|
||||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
From: "Richard W.M. Jones" <rjones@redhat.com>
|
||||||
Date: Fri, 28 Jan 2022 09:30:29 +0000
|
Date: Fri, 28 Jan 2022 09:30:29 +0000
|
||||||
Subject: [PATCH] qemu-nbd: Implement output compression for qcow2 files
|
Subject: [PATCH] qemu-nbd: Implement output compression for qcow2 files
|
@ -1,203 +0,0 @@
|
|||||||
From 2aa40ec1db2af2310a649bf6142f8de1ef0cd8e2 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Date: Mon, 13 Jun 2022 19:01:33 +0200
|
|
||||||
Subject: [PATCH] windows_virtio: remove "install_linux_tools"
|
|
||||||
|
|
||||||
"Windows_virtio.install_linux_tools" has never really worked in practice;
|
|
||||||
we've never managed to get the right content into the right location on
|
|
||||||
the virtio-win ISO.
|
|
||||||
|
|
||||||
Later patches in this series will install the qemu guest agent in a
|
|
||||||
firstboot script, using the guest's own package manager. For now, for ease
|
|
||||||
of review, only remove "Windows_virtio.install_linux_tools", and its
|
|
||||||
dependencies that now become unused:
|
|
||||||
|
|
||||||
- Linux.architecture_string
|
|
||||||
- Linux.binary_package_extension
|
|
||||||
- Linux.install_local
|
|
||||||
|
|
||||||
Salvage the comment (at the outermost call site) that failure to install
|
|
||||||
QGA is not fatal. This will be relevant for exception handling in the
|
|
||||||
subsequent patches.
|
|
||||||
|
|
||||||
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2028764
|
|
||||||
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Acked-by: Richard W.M. Jones <rjones@redhat.com>
|
|
||||||
Message-Id: <20220613170135.12557-3-lersek@redhat.com>
|
|
||||||
(cherry picked from commit 52e9cd77a8ef7c1b7975d4f72056f8f6b45fb10b)
|
|
||||||
---
|
|
||||||
convert/convert_linux.ml | 4 +++-
|
|
||||||
convert/linux.ml | 35 -------------------------------
|
|
||||||
convert/linux.mli | 11 ----------
|
|
||||||
convert/windows_virtio.ml | 42 --------------------------------------
|
|
||||||
convert/windows_virtio.mli | 4 ----
|
|
||||||
5 files changed, 3 insertions(+), 93 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/convert/convert_linux.ml b/convert/convert_linux.ml
|
|
||||||
index 56604949..79462aa1 100644
|
|
||||||
--- a/convert/convert_linux.ml
|
|
||||||
+++ b/convert/convert_linux.ml
|
|
||||||
@@ -538,13 +538,15 @@ let convert (g : G.guestfs) source inspect keep_serial_console _ =
|
|
||||||
)
|
|
||||||
|
|
||||||
and install_linux_tools () =
|
|
||||||
+ (* It is not fatal if we fail to install the QEMU guest agent. *)
|
|
||||||
let has_qemu_guest_agent =
|
|
||||||
List.exists (
|
|
||||||
fun { G.app2_name = name } ->
|
|
||||||
name = "qemu-guest-agent"
|
|
||||||
) inspect.i_apps in
|
|
||||||
if not has_qemu_guest_agent then
|
|
||||||
- Windows_virtio.install_linux_tools g inspect
|
|
||||||
+ (* FIXME -- install qemu-guest-agent here *)
|
|
||||||
+ ()
|
|
||||||
|
|
||||||
and configure_kernel () =
|
|
||||||
(* Previously this function would try to install kernels, but we
|
|
||||||
diff --git a/convert/linux.ml b/convert/linux.ml
|
|
||||||
index e2908d02..f9acd63f 100644
|
|
||||||
--- a/convert/linux.ml
|
|
||||||
+++ b/convert/linux.ml
|
|
||||||
@@ -33,20 +33,6 @@ let augeas_reload g =
|
|
||||||
g#aug_load ();
|
|
||||||
debug_augeas_errors g
|
|
||||||
|
|
||||||
-let rec install_local g { i_package_format = package_format } packages =
|
|
||||||
- if packages <> [] then (
|
|
||||||
- match package_format with
|
|
||||||
- | "rpm" ->
|
|
||||||
- let cmd = [ "rpm"; "--upgrade"; "-v" ] @ packages in
|
|
||||||
- let cmd = Array.of_list cmd in
|
|
||||||
- ignore (g#command cmd)
|
|
||||||
- | format ->
|
|
||||||
- error (f_"don’t know how to install packages using %s: packages: %s")
|
|
||||||
- format (String.concat " " packages)
|
|
||||||
- (* Reload Augeas in case anything changed. *)
|
|
||||||
- augeas_reload g
|
|
||||||
- )
|
|
||||||
-
|
|
||||||
let rec remove g inspect packages =
|
|
||||||
if packages <> [] then (
|
|
||||||
do_remove g inspect packages;
|
|
||||||
@@ -187,24 +173,3 @@ let is_package_manager_save_file filename =
|
|
||||||
(* Recognized suffixes of package managers. *)
|
|
||||||
let suffixes = [ ".dpkg-old"; ".dpkg-new"; ".rpmsave"; ".rpmnew"; ] in
|
|
||||||
List.exists (Filename.check_suffix filename) suffixes
|
|
||||||
-
|
|
||||||
-let binary_package_extension { i_package_format = package_format } =
|
|
||||||
- match package_format with
|
|
||||||
- | "deb" -> "deb"
|
|
||||||
- | "rpm" -> "rpm"
|
|
||||||
- | format ->
|
|
||||||
- error (f_"don’t know what is the extension of binary packages using %s")
|
|
||||||
- format
|
|
||||||
-
|
|
||||||
-let architecture_string { i_package_format = package_format; i_arch = arch;
|
|
||||||
- i_distro = distro } =
|
|
||||||
- match package_format, distro, arch with
|
|
||||||
- | "deb", _, "x86_64" -> "amd64"
|
|
||||||
- | "deb", _, a -> a
|
|
||||||
- | "rpm", ("sles"|"suse-based"|"opensuse"), "i386" -> "i586"
|
|
||||||
- | "rpm", ("sles"|"suse-based"|"opensuse"), a -> a
|
|
||||||
- | "rpm", _, "i386" -> "i686"
|
|
||||||
- | "rpm", _, a -> a
|
|
||||||
- | format, distro, arch ->
|
|
||||||
- error (f_"don’t know what is the architecture string of %s using %s on %s")
|
|
||||||
- arch format distro
|
|
||||||
diff --git a/convert/linux.mli b/convert/linux.mli
|
|
||||||
index 856ffe3c..57898310 100644
|
|
||||||
--- a/convert/linux.mli
|
|
||||||
+++ b/convert/linux.mli
|
|
||||||
@@ -23,9 +23,6 @@ val augeas_reload : Guestfs.guestfs -> unit
|
|
||||||
additional debugging information about parsing problems
|
|
||||||
that augeas found. *)
|
|
||||||
|
|
||||||
-val install_local: Guestfs.guestfs -> Types.inspect -> string list -> unit
|
|
||||||
-(** Install package(s). *)
|
|
||||||
-
|
|
||||||
val remove : Guestfs.guestfs -> Types.inspect -> string list -> unit
|
|
||||||
(** Uninstall package(s). *)
|
|
||||||
|
|
||||||
@@ -38,11 +35,3 @@ val is_file_owned : Guestfs.guestfs -> Types.inspect -> string -> bool
|
|
||||||
val is_package_manager_save_file : string -> bool
|
|
||||||
(** Return true if the filename is something like [*.rpmsave], ie.
|
|
||||||
a package manager save-file. *)
|
|
||||||
-
|
|
||||||
-val binary_package_extension : Types.inspect -> string
|
|
||||||
-(** Return the extension typically used for binary packages in the
|
|
||||||
- specified package format. *)
|
|
||||||
-
|
|
||||||
-val architecture_string : Types.inspect -> string
|
|
||||||
-(** Return the architecture string typically used for binary packages
|
|
||||||
- in the specified package format, and for the specified distro. *)
|
|
||||||
diff --git a/convert/windows_virtio.ml b/convert/windows_virtio.ml
|
|
||||||
index 301f7544..183166b7 100644
|
|
||||||
--- a/convert/windows_virtio.ml
|
|
||||||
+++ b/convert/windows_virtio.ml
|
|
||||||
@@ -113,48 +113,6 @@ let rec install_drivers ((g, _) as reg) inspect =
|
|
||||||
virtio_rng_supported, virtio_ballon_supported, isa_pvpanic_supported, virtio_socket_supported)
|
|
||||||
)
|
|
||||||
|
|
||||||
-and install_linux_tools g inspect =
|
|
||||||
- let os =
|
|
||||||
- match inspect.i_distro with
|
|
||||||
- | "fedora" -> Some "fc28"
|
|
||||||
- | "rhel" | "centos" | "scientificlinux" | "redhat-based"
|
|
||||||
- | "oraclelinux" ->
|
|
||||||
- (* map 6 -> "el6" etc. *)
|
|
||||||
- if inspect.i_major_version >= 6 then
|
|
||||||
- Some (sprintf "el%d" inspect.i_major_version)
|
|
||||||
- else
|
|
||||||
- None
|
|
||||||
- | "sles" | "suse-based" | "opensuse" -> Some "lp151"
|
|
||||||
- | _ -> None in
|
|
||||||
-
|
|
||||||
- match os with
|
|
||||||
- | None -> ()
|
|
||||||
- | Some os ->
|
|
||||||
- let src_path = "linux" // os in
|
|
||||||
- let dst_path = "/var/tmp" in
|
|
||||||
- let pkg_arch = Linux.architecture_string inspect in
|
|
||||||
- let pkg_ext = Linux.binary_package_extension inspect in
|
|
||||||
- let package_suffixes = [
|
|
||||||
- sprintf ".%s.%s" pkg_arch pkg_ext;
|
|
||||||
- sprintf "_%s.%s" pkg_arch pkg_ext;
|
|
||||||
- ] in
|
|
||||||
- let package_filter path _ =
|
|
||||||
- List.exists (String.is_suffix path) package_suffixes
|
|
||||||
- in
|
|
||||||
- debug "locating packages in %s" src_path;
|
|
||||||
- let packages =
|
|
||||||
- copy_from_virtio_win g inspect src_path dst_path
|
|
||||||
- package_filter
|
|
||||||
- (fun () -> ()) in
|
|
||||||
- debug "done copying %d files" (List.length packages);
|
|
||||||
- let packages = List.map ((//) dst_path) packages in
|
|
||||||
- try
|
|
||||||
- Linux.install_local g inspect packages;
|
|
||||||
- if packages <> [] then
|
|
||||||
- info (f_"QEMU Guest Agent installed for this guest.");
|
|
||||||
- with G.Error msg ->
|
|
||||||
- warning (f_"failed to install QEMU Guest Agent: %s") msg
|
|
||||||
-
|
|
||||||
and add_guestor_to_registry ((g, root) as reg) inspect drv_name drv_pciid =
|
|
||||||
let ddb_node = g#hivex_node_get_child root "DriverDatabase" in
|
|
||||||
|
|
||||||
diff --git a/convert/windows_virtio.mli b/convert/windows_virtio.mli
|
|
||||||
index a92cc01d..73ec95c7 100644
|
|
||||||
--- a/convert/windows_virtio.mli
|
|
||||||
+++ b/convert/windows_virtio.mli
|
|
||||||
@@ -38,10 +38,6 @@ val install_drivers
|
|
||||||
reflecting what devices are now required by the guest, either virtio
|
|
||||||
devices if we managed to install those, or legacy devices if we didn't. *)
|
|
||||||
|
|
||||||
-val install_linux_tools : Guestfs.guestfs -> Types.inspect -> unit
|
|
||||||
-(** installs QEMU Guest Agent on Linux guest OS from the driver directory or
|
|
||||||
- driver ISO. It is not fatal if we fail to install the agent. *)
|
|
||||||
-
|
|
||||||
val copy_qemu_ga : Guestfs.guestfs -> Types.inspect -> string list
|
|
||||||
(** copy MSIs (idealy just one) with QEMU Guest Agent to Windows guest. The
|
|
||||||
MSIs are not installed by this function. *)
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
@ -1,4 +1,4 @@
|
|||||||
From b4b48b88c3fadbceedaf8ba03e788bff27b0ad4d Mon Sep 17 00:00:00 2001
|
From ca3643d06eed2de22cb81ad2eb13ba7f75c0487e Mon Sep 17 00:00:00 2001
|
||||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
From: "Richard W.M. Jones" <rjones@redhat.com>
|
||||||
Date: Fri, 28 Jan 2022 09:30:58 +0000
|
Date: Fri, 28 Jan 2022 09:30:58 +0000
|
||||||
Subject: [PATCH] -o disk, -o libvirt, -o qemu: Implement -of qcow2 -oo
|
Subject: [PATCH] -o disk, -o libvirt, -o qemu: Implement -of qcow2 -oo
|
@ -1,409 +0,0 @@
|
|||||||
From 21309da26e0647c00c16cfb374fa418991b432aa Mon Sep 17 00:00:00 2001
|
|
||||||
From: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Date: Mon, 13 Jun 2022 19:01:35 +0200
|
|
||||||
Subject: [PATCH] convert_linux: install the QEMU guest agent with a firstboot
|
|
||||||
script
|
|
||||||
|
|
||||||
Register a firstboot script, for installing the guest agent with the
|
|
||||||
guest's own package manager -- that is, "Guest_packages.install_command".
|
|
||||||
|
|
||||||
For installing the package, network connectivity is required. Check it
|
|
||||||
first with "nmcli" (also checking whether NetworkManager is running), then
|
|
||||||
with "systemd-networkd-wait-online" (dependent on systemd-networkd). Note
|
|
||||||
that NetworkManager and systemd-networkd are never supposed to be enabled
|
|
||||||
at the same time.
|
|
||||||
|
|
||||||
The source domain's SELinux policy may not allow our firstboot service to
|
|
||||||
execute the package's installation scripts (if any). For that reason,
|
|
||||||
temporarily disable SELinux around package installation.
|
|
||||||
|
|
||||||
After installation, register another script for launching the agent.
|
|
||||||
|
|
||||||
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2028764
|
|
||||||
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Message-Id: <20220613170135.12557-5-lersek@redhat.com>
|
|
||||||
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
|
|
||||||
(cherry picked from commit e64356896377af1ac75a03d6a4c6a4208910bbf4)
|
|
||||||
---
|
|
||||||
common | 2 +-
|
|
||||||
convert/convert_linux.ml | 78 ++++++++++++++++++++++++++++++++++++++--
|
|
||||||
2 files changed, 77 insertions(+), 3 deletions(-)
|
|
||||||
|
|
||||||
Submodule common 48527b87..9e990f3e:
|
|
||||||
diff --git a/common/mlcustomize/Makefile.am b/common/mlcustomize/Makefile.am
|
|
||||||
index cd7d8971..4e260647 100644
|
|
||||||
--- a/common/mlcustomize/Makefile.am
|
|
||||||
+++ b/common/mlcustomize/Makefile.am
|
|
||||||
@@ -38,10 +38,12 @@ generator_built = \
|
|
||||||
|
|
||||||
SOURCES_MLI = \
|
|
||||||
firstboot.mli \
|
|
||||||
+ guest_packages.mli \
|
|
||||||
SELinux_relabel.mli
|
|
||||||
|
|
||||||
SOURCES_ML = \
|
|
||||||
firstboot.ml \
|
|
||||||
+ guest_packages.ml \
|
|
||||||
SELinux_relabel.ml
|
|
||||||
|
|
||||||
if HAVE_OCAML
|
|
||||||
diff --git a/common/mlcustomize/customize-options.pod b/common/mlcustomize/customize-options.pod
|
|
||||||
index a83c80a5..8aafacde 100644
|
|
||||||
--- a/common/mlcustomize/customize-options.pod
|
|
||||||
+++ b/common/mlcustomize/customize-options.pod
|
|
||||||
@@ -310,6 +310,10 @@ It cannot delete directories, only regular files.
|
|
||||||
|
|
||||||
=back
|
|
||||||
|
|
||||||
+=item B<--selinux-relabel>
|
|
||||||
+
|
|
||||||
+This is a compatibility option that does nothing.
|
|
||||||
+
|
|
||||||
=item B<--sm-attach> SELECTOR
|
|
||||||
|
|
||||||
Attach to a pool using C<subscription-manager>.
|
|
||||||
diff --git a/common/mlcustomize/customize-synopsis.pod b/common/mlcustomize/customize-synopsis.pod
|
|
||||||
index 25208538..9e2c4b2b 100644
|
|
||||||
--- a/common/mlcustomize/customize-synopsis.pod
|
|
||||||
+++ b/common/mlcustomize/customize-synopsis.pod
|
|
||||||
@@ -13,4 +13,4 @@
|
|
||||||
[--uninstall PKG,PKG..] [--update] [--upload FILE:DEST]
|
|
||||||
[--write FILE:CONTENT] [--no-logfile]
|
|
||||||
[--password-crypto md5|sha256|sha512] [--no-selinux-relabel]
|
|
||||||
- [--sm-credentials SELECTOR]
|
|
||||||
+ [--selinux-relabel] [--sm-credentials SELECTOR]
|
|
||||||
diff --git a/common/mlcustomize/customize_cmdline.ml b/common/mlcustomize/customize_cmdline.ml
|
|
||||||
index 5d404e84..a17bed40 100644
|
|
||||||
--- a/common/mlcustomize/customize_cmdline.ml
|
|
||||||
+++ b/common/mlcustomize/customize_cmdline.ml
|
|
||||||
@@ -111,6 +111,8 @@ and flags = {
|
|
||||||
(* --password-crypto md5|sha256|sha512 *)
|
|
||||||
no_selinux_relabel : bool;
|
|
||||||
(* --no-selinux-relabel *)
|
|
||||||
+ selinux_relabel_ignored : bool;
|
|
||||||
+ (* --selinux-relabel *)
|
|
||||||
sm_credentials : Subscription_manager.sm_credentials option;
|
|
||||||
(* --sm-credentials SELECTOR *)
|
|
||||||
}
|
|
||||||
@@ -122,6 +124,7 @@ let rec argspec () =
|
|
||||||
let scrub_logfile = ref false in
|
|
||||||
let password_crypto = ref None in
|
|
||||||
let no_selinux_relabel = ref false in
|
|
||||||
+ let selinux_relabel_ignored = ref false in
|
|
||||||
let sm_credentials = ref None in
|
|
||||||
|
|
||||||
let rec get_ops () = {
|
|
||||||
@@ -132,6 +135,7 @@ let rec argspec () =
|
|
||||||
scrub_logfile = !scrub_logfile;
|
|
||||||
password_crypto = !password_crypto;
|
|
||||||
no_selinux_relabel = !no_selinux_relabel;
|
|
||||||
+ selinux_relabel_ignored = !selinux_relabel_ignored;
|
|
||||||
sm_credentials = !sm_credentials;
|
|
||||||
}
|
|
||||||
in
|
|
||||||
@@ -464,6 +468,12 @@ let rec argspec () =
|
|
||||||
s_"Do not relabel files with correct SELinux labels"
|
|
||||||
),
|
|
||||||
None, "Do not attempt to correct the SELinux labels of files in the guest.\n\nIn such guests that support SELinux, customization automatically\nrelabels files so that they have the correct SELinux label. (The\nrelabeling is performed immediately, but if the operation fails,\ncustomization will instead touch F</.autorelabel> on the image to\nschedule a relabel operation for the next time the image boots.) This\noption disables the automatic relabeling.\n\nThe option is a no-op for guests that do not support SELinux.";
|
|
||||||
+ (
|
|
||||||
+ [ L"selinux-relabel" ],
|
|
||||||
+ Getopt.Set selinux_relabel_ignored,
|
|
||||||
+ s_"Compatibility option doing nothing"
|
|
||||||
+ ),
|
|
||||||
+ None, "This is a compatibility option that does nothing.";
|
|
||||||
(
|
|
||||||
[ L"sm-credentials" ],
|
|
||||||
Getopt.String (
|
|
||||||
diff --git a/common/mlcustomize/customize_cmdline.mli b/common/mlcustomize/customize_cmdline.mli
|
|
||||||
index 7ee882a6..7d14e782 100644
|
|
||||||
--- a/common/mlcustomize/customize_cmdline.mli
|
|
||||||
+++ b/common/mlcustomize/customize_cmdline.mli
|
|
||||||
@@ -103,6 +103,8 @@ and flags = {
|
|
||||||
(* --password-crypto md5|sha256|sha512 *)
|
|
||||||
no_selinux_relabel : bool;
|
|
||||||
(* --no-selinux-relabel *)
|
|
||||||
+ selinux_relabel_ignored : bool;
|
|
||||||
+ (* --selinux-relabel *)
|
|
||||||
sm_credentials : Subscription_manager.sm_credentials option;
|
|
||||||
(* --sm-credentials SELECTOR *)
|
|
||||||
}
|
|
||||||
diff --git a/common/mlcustomize/guest_packages.ml b/common/mlcustomize/guest_packages.ml
|
|
||||||
new file mode 100644
|
|
||||||
index 00000000..4c3c34ed
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/common/mlcustomize/guest_packages.ml
|
|
||||||
@@ -0,0 +1,132 @@
|
|
||||||
+(* virt-customize
|
|
||||||
+ * Copyright (C) 2012-2021 Red Hat Inc.
|
|
||||||
+ *
|
|
||||||
+ * This program is free software; you can redistribute it and/or modify
|
|
||||||
+ * it under the terms of the GNU General Public License as published by
|
|
||||||
+ * the Free Software Foundation; either version 2 of the License, or
|
|
||||||
+ * (at your option) any later version.
|
|
||||||
+ *
|
|
||||||
+ * This program is distributed in the hope that it will be useful,
|
|
||||||
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
+ * GNU General Public License for more details.
|
|
||||||
+ *
|
|
||||||
+ * You should have received a copy of the GNU General Public License along
|
|
||||||
+ * with this program; if not, write to the Free Software Foundation, Inc.,
|
|
||||||
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
||||||
+ *)
|
|
||||||
+
|
|
||||||
+open Printf
|
|
||||||
+
|
|
||||||
+open Common_gettext.Gettext
|
|
||||||
+open Std_utils
|
|
||||||
+
|
|
||||||
+exception Unknown_package_manager of string
|
|
||||||
+exception Unimplemented_package_manager of string
|
|
||||||
+
|
|
||||||
+(* Windows has package_management == "unknown". *)
|
|
||||||
+let error_unknown_package_manager flag =
|
|
||||||
+ let msg = sprintf (f_"cannot use ‘%s’ because no package manager has been \
|
|
||||||
+ detected for this guest OS.\n\nIf this guest OS is a \
|
|
||||||
+ common one with ordinary package management then this \
|
|
||||||
+ may have been caused by a failure of libguestfs \
|
|
||||||
+ inspection.\n\nFor OSes such as Windows that lack \
|
|
||||||
+ package management, this is not possible. Try using \
|
|
||||||
+ one of the ‘--firstboot*’ flags instead (described in \
|
|
||||||
+ the virt-customize(1) manual).") flag in
|
|
||||||
+ raise (Unknown_package_manager msg)
|
|
||||||
+
|
|
||||||
+let error_unimplemented_package_manager flag pm =
|
|
||||||
+ let msg = sprintf (f_"sorry, ‘%s’ with the ‘%s’ package manager has not \
|
|
||||||
+ been implemented yet.\n\nYou can work around this by \
|
|
||||||
+ using one of the ‘--run*’ or ‘--firstboot*’ options \
|
|
||||||
+ instead (described in the virt-customize(1) manual).")
|
|
||||||
+ flag pm in
|
|
||||||
+ raise (Unimplemented_package_manager msg)
|
|
||||||
+
|
|
||||||
+(* http://distrowatch.com/dwres.php?resource=package-management *)
|
|
||||||
+let install_command packages package_management =
|
|
||||||
+ let quoted_args = String.concat " " (List.map quote packages) in
|
|
||||||
+ match package_management with
|
|
||||||
+ | "apk" ->
|
|
||||||
+ sprintf "
|
|
||||||
+ apk update
|
|
||||||
+ apk add %s
|
|
||||||
+ " quoted_args
|
|
||||||
+ | "apt" ->
|
|
||||||
+ (* http://unix.stackexchange.com/questions/22820 *)
|
|
||||||
+ sprintf "
|
|
||||||
+ export DEBIAN_FRONTEND=noninteractive
|
|
||||||
+ apt_opts='-q -y -o Dpkg::Options::=--force-confnew'
|
|
||||||
+ apt-get $apt_opts update
|
|
||||||
+ apt-get $apt_opts install %s
|
|
||||||
+ " quoted_args
|
|
||||||
+ | "dnf" ->
|
|
||||||
+ sprintf "dnf%s -y install %s"
|
|
||||||
+ (if verbose () then " --verbose" else "")
|
|
||||||
+ quoted_args
|
|
||||||
+ | "pisi" -> sprintf "pisi it %s" quoted_args
|
|
||||||
+ | "pacman" -> sprintf "pacman -S --noconfirm %s" quoted_args
|
|
||||||
+ | "urpmi" -> sprintf "urpmi %s" quoted_args
|
|
||||||
+ | "xbps" -> sprintf "xbps-install -Sy %s" quoted_args
|
|
||||||
+ | "yum" -> sprintf "yum -y install %s" quoted_args
|
|
||||||
+ | "zypper" -> sprintf "zypper -n in -l %s" quoted_args
|
|
||||||
+
|
|
||||||
+ | "unknown" ->
|
|
||||||
+ error_unknown_package_manager (s_"--install")
|
|
||||||
+ | pm ->
|
|
||||||
+ error_unimplemented_package_manager (s_"--install") pm
|
|
||||||
+
|
|
||||||
+let update_command package_management =
|
|
||||||
+ match package_management with
|
|
||||||
+ | "apk" ->
|
|
||||||
+ "
|
|
||||||
+ apk update
|
|
||||||
+ apk upgrade
|
|
||||||
+ "
|
|
||||||
+ | "apt" ->
|
|
||||||
+ (* http://unix.stackexchange.com/questions/22820 *)
|
|
||||||
+ "
|
|
||||||
+ export DEBIAN_FRONTEND=noninteractive
|
|
||||||
+ apt_opts='-q -y -o Dpkg::Options::=--force-confnew'
|
|
||||||
+ apt-get $apt_opts update
|
|
||||||
+ apt-get $apt_opts upgrade
|
|
||||||
+ "
|
|
||||||
+ | "dnf" ->
|
|
||||||
+ sprintf "dnf%s -y --best upgrade"
|
|
||||||
+ (if verbose () then " --verbose" else "")
|
|
||||||
+ | "pisi" -> "pisi upgrade"
|
|
||||||
+ | "pacman" -> "pacman -Su"
|
|
||||||
+ | "urpmi" -> "urpmi --auto-select"
|
|
||||||
+ | "xbps" -> "xbps-install -Suy"
|
|
||||||
+ | "yum" -> "yum -y update"
|
|
||||||
+ | "zypper" -> "zypper -n update -l"
|
|
||||||
+
|
|
||||||
+ | "unknown" ->
|
|
||||||
+ error_unknown_package_manager (s_"--update")
|
|
||||||
+ | pm ->
|
|
||||||
+ error_unimplemented_package_manager (s_"--update") pm
|
|
||||||
+
|
|
||||||
+let uninstall_command packages package_management =
|
|
||||||
+ let quoted_args = String.concat " " (List.map quote packages) in
|
|
||||||
+ match package_management with
|
|
||||||
+ | "apk" -> sprintf "apk del %s" quoted_args
|
|
||||||
+ | "apt" ->
|
|
||||||
+ (* http://unix.stackexchange.com/questions/22820 *)
|
|
||||||
+ sprintf "
|
|
||||||
+ export DEBIAN_FRONTEND=noninteractive
|
|
||||||
+ apt_opts='-q -y -o Dpkg::Options::=--force-confnew'
|
|
||||||
+ apt-get $apt_opts remove %s
|
|
||||||
+ " quoted_args
|
|
||||||
+ | "dnf" -> sprintf "dnf -y remove %s" quoted_args
|
|
||||||
+ | "pisi" -> sprintf "pisi rm %s" quoted_args
|
|
||||||
+ | "pacman" -> sprintf "pacman -R %s" quoted_args
|
|
||||||
+ | "urpmi" -> sprintf "urpme %s" quoted_args
|
|
||||||
+ | "xbps" -> sprintf "xbps-remove -Sy %s" quoted_args
|
|
||||||
+ | "yum" -> sprintf "yum -y remove %s" quoted_args
|
|
||||||
+ | "zypper" -> sprintf "zypper -n rm %s" quoted_args
|
|
||||||
+
|
|
||||||
+ | "unknown" ->
|
|
||||||
+ error_unknown_package_manager (s_"--uninstall")
|
|
||||||
+ | pm ->
|
|
||||||
+ error_unimplemented_package_manager (s_"--uninstall") pm
|
|
||||||
diff --git a/common/mlcustomize/guest_packages.mli b/common/mlcustomize/guest_packages.mli
|
|
||||||
new file mode 100644
|
|
||||||
index 00000000..7504a6ab
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/common/mlcustomize/guest_packages.mli
|
|
||||||
@@ -0,0 +1,44 @@
|
|
||||||
+(* virt-customize
|
|
||||||
+ * Copyright (C) 2012-2021 Red Hat Inc.
|
|
||||||
+ *
|
|
||||||
+ * This program is free software; you can redistribute it and/or modify
|
|
||||||
+ * it under the terms of the GNU General Public License as published by
|
|
||||||
+ * the Free Software Foundation; either version 2 of the License, or
|
|
||||||
+ * (at your option) any later version.
|
|
||||||
+ *
|
|
||||||
+ * This program is distributed in the hope that it will be useful,
|
|
||||||
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
+ * GNU General Public License for more details.
|
|
||||||
+ *
|
|
||||||
+ * You should have received a copy of the GNU General Public License along
|
|
||||||
+ * with this program; if not, write to the Free Software Foundation, Inc.,
|
|
||||||
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
||||||
+ *)
|
|
||||||
+
|
|
||||||
+exception Unknown_package_manager of string
|
|
||||||
+exception Unimplemented_package_manager of string
|
|
||||||
+(** For all three functions below, [package_management] determines the package
|
|
||||||
+ management system in use by the guest; commonly it should be filled in from
|
|
||||||
+ [Guestfs.inspect_get_package_management], or the equivalent guestfs object
|
|
||||||
+ method.
|
|
||||||
+
|
|
||||||
+ If [package_management] is unknown or unimplemented, the functions raise
|
|
||||||
+ [Unknown_package_manager "error message"] or [Unimplemented_package_manager
|
|
||||||
+ "error message"], correspondingly. *)
|
|
||||||
+
|
|
||||||
+val install_command : string list -> string -> string
|
|
||||||
+(** [install_command packages package_management] produces a properly quoted
|
|
||||||
+ shell command string suitable for execution in the guest (directly or via a
|
|
||||||
+ Firstboot script) for installing the OS packages listed in [packages]. *)
|
|
||||||
+
|
|
||||||
+val update_command : string -> string
|
|
||||||
+(** [update_command package_management] produces a properly quoted shell command
|
|
||||||
+ string suitable for execution in the guest (directly or via a Firstboot
|
|
||||||
+ script) for updating the OS packages that are currently installed in the
|
|
||||||
+ guest. *)
|
|
||||||
+
|
|
||||||
+val uninstall_command : string list -> string -> string
|
|
||||||
+(** [uninstall_command packages package_management] produces a properly quoted
|
|
||||||
+ shell command string suitable for execution in the guest (directly or via a
|
|
||||||
+ Firstboot script) for uninstalling the OS packages listed in [packages]. *)
|
|
||||||
diff --git a/convert/convert_linux.ml b/convert/convert_linux.ml
|
|
||||||
index 2ddbc07a..59d143bd 100644
|
|
||||||
--- a/convert/convert_linux.ml
|
|
||||||
+++ b/convert/convert_linux.ml
|
|
||||||
@@ -562,8 +562,82 @@ let convert (g : G.guestfs) source inspect keep_serial_console _ =
|
|
||||||
name = qga_pkg
|
|
||||||
) inspect.i_apps in
|
|
||||||
if not has_qemu_guest_agent then
|
|
||||||
- (* FIXME -- install qemu-guest-agent here *)
|
|
||||||
- ()
|
|
||||||
+ try
|
|
||||||
+ let inst_cmd = Guest_packages.install_command [qga_pkg]
|
|
||||||
+ inspect.i_package_management in
|
|
||||||
+
|
|
||||||
+ (* Use only the portable filename character set in this. *)
|
|
||||||
+ let selinux_enforcing = "/root/virt-v2v-fb-selinux-enforcing"
|
|
||||||
+ and timeout = 30 in
|
|
||||||
+ let fbs =
|
|
||||||
+ Firstboot.add_firstboot_script g inspect.i_root
|
|
||||||
+ in
|
|
||||||
+ info (f_"The QEMU Guest Agent will be installed for this guest at \
|
|
||||||
+ first boot.");
|
|
||||||
+
|
|
||||||
+ (* Wait for the network to come online in the guest (best effort).
|
|
||||||
+ *)
|
|
||||||
+ fbs "wait online"
|
|
||||||
+ (sprintf "#!/bin/sh\n\
|
|
||||||
+ if conn=$(nmcli networking connectivity); then\n\
|
|
||||||
+ \ \ tries=0\n\
|
|
||||||
+ \ \ while\n\
|
|
||||||
+ \ \ \ \ test $tries -lt %d &&\n\
|
|
||||||
+ \ \ \ \ test full != \"$conn\"\n\
|
|
||||||
+ \ \ do\n\
|
|
||||||
+ \ \ \ \ sleep 1\n\
|
|
||||||
+ \ \ \ \ tries=$((tries + 1))\n\
|
|
||||||
+ \ \ \ \ conn=$(nmcli networking connectivity)\n\
|
|
||||||
+ \ \ done\n\
|
|
||||||
+ elif systemctl -q is-active systemd-networkd; then\n\
|
|
||||||
+ \ \ /usr/lib/systemd/systemd-networkd-wait-online \\\n\
|
|
||||||
+ \ \ \ \ -q --timeout=%d\n\
|
|
||||||
+ fi\n" timeout timeout);
|
|
||||||
+
|
|
||||||
+ (* Disable SELinux temporarily around package installation. Refer to
|
|
||||||
+ * <https://bugzilla.redhat.com/show_bug.cgi?id=2028764#c7> and
|
|
||||||
+ * <https://bugzilla.redhat.com/show_bug.cgi?id=2028764#c8>.
|
|
||||||
+ *)
|
|
||||||
+ fbs "setenforce 0"
|
|
||||||
+ (sprintf "#!/bin/sh\n\
|
|
||||||
+ rm -f %s\n\
|
|
||||||
+ if command -v getenforce >/dev/null &&\n\
|
|
||||||
+ \ \ test Enforcing = \"$(getenforce)\"\n\
|
|
||||||
+ then\n\
|
|
||||||
+ \ \ touch %s\n\
|
|
||||||
+ \ \ setenforce 0\n\
|
|
||||||
+ fi\n" selinux_enforcing selinux_enforcing);
|
|
||||||
+ fbs "install qga" inst_cmd;
|
|
||||||
+ fbs "setenforce restore"
|
|
||||||
+ (sprintf "#!/bin/sh\n\
|
|
||||||
+ if test -f %s; then\n\
|
|
||||||
+ \ \ setenforce 1\n\
|
|
||||||
+ \ \ rm -f %s\n\
|
|
||||||
+ fi\n" selinux_enforcing selinux_enforcing);
|
|
||||||
+
|
|
||||||
+ (* Start the agent now and at subsequent boots. The following
|
|
||||||
+ * commands should work on both sysvinit distros / distro versions
|
|
||||||
+ * (regardless of "/etc/rc.d/" vs. "/etc/init.d/" being the scheme
|
|
||||||
+ * in use) and systemd distros (via redirection to systemctl).
|
|
||||||
+ *
|
|
||||||
+ * On distros where the chkconfig command is redirected to
|
|
||||||
+ * systemctl, the chkconfig command is likely superfluous. That's
|
|
||||||
+ * because on systemd distros, the QGA package comes with such
|
|
||||||
+ * runtime dependencies / triggers that the presence of the
|
|
||||||
+ * virtio-serial port named "org.qemu.guest_agent.0" automatically
|
|
||||||
+ * starts the agent during (second and later) boots. However, even
|
|
||||||
+ * on such distros, the chkconfig command should do no harm.
|
|
||||||
+ *)
|
|
||||||
+ fbs "start qga"
|
|
||||||
+ (sprintf "#!/bin/sh\n\
|
|
||||||
+ service %s start\n\
|
|
||||||
+ chkconfig %s on\n" qga_pkg qga_pkg)
|
|
||||||
+ with
|
|
||||||
+ | Guest_packages.Unknown_package_manager msg
|
|
||||||
+ | Guest_packages.Unimplemented_package_manager msg ->
|
|
||||||
+ warning (f_"The QEMU Guest Agent will not be installed. The \
|
|
||||||
+ install command for package ‘%s’ could not be created: \
|
|
||||||
+ %s.") qga_pkg msg
|
|
||||||
|
|
||||||
and configure_kernel () =
|
|
||||||
(* Previously this function would try to install kernels, but we
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
@ -1,4 +1,4 @@
|
|||||||
From f87296160b1c1e213d86a077ab2e764c2977bc1e Mon Sep 17 00:00:00 2001
|
From 672b9795e85b48f337b3da2d6fa393e7788d79a1 Mon Sep 17 00:00:00 2001
|
||||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
From: "Richard W.M. Jones" <rjones@redhat.com>
|
||||||
Date: Fri, 1 Jul 2022 11:18:53 +0100
|
Date: Fri, 1 Jul 2022 11:18:53 +0100
|
||||||
Subject: [PATCH] tests: Add a simple test of -o local -of qcow2 -oo compressed
|
Subject: [PATCH] tests: Add a simple test of -o local -of qcow2 -oo compressed
|
@ -1,4 +1,4 @@
|
|||||||
From 8bc838bd9b12c658bd7c6f1d5d22dfc0375ca57b Mon Sep 17 00:00:00 2001
|
From b61a03ad272bb08ff5ca757ade6a23bfef34fdc9 Mon Sep 17 00:00:00 2001
|
||||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
From: "Richard W.M. Jones" <rjones@redhat.com>
|
||||||
Date: Tue, 5 Jul 2022 11:56:54 +0100
|
Date: Tue, 5 Jul 2022 11:56:54 +0100
|
||||||
Subject: [PATCH] RHEL 9: -oo compressed: Remove nbdcopy version check and test
|
Subject: [PATCH] RHEL 9: -oo compressed: Remove nbdcopy version check and test
|
@ -1,35 +0,0 @@
|
|||||||
From 55ae823b5a98667483ef6c9bf1f70011f2f60268 Mon Sep 17 00:00:00 2001
|
|
||||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
|
||||||
Date: Tue, 14 Jun 2022 13:27:07 +0200
|
|
||||||
Subject: [PATCH] test-data: Replace deprecated luks_open with cryptsetup_open.
|
|
||||||
|
|
||||||
The two calls are identical, so this simply avoids a deprecation
|
|
||||||
warning.
|
|
||||||
|
|
||||||
(Picked from guestfs-tools commit 9a27f19269f5 ("test-data: Replace
|
|
||||||
deprecated luks_open with cryptsetup_open.", 2022-02-28).)
|
|
||||||
|
|
||||||
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Message-Id: <20220614112709.12210-2-lersek@redhat.com>
|
|
||||||
Acked-by: Richard W.M. Jones <rjones@redhat.com>
|
|
||||||
(cherry picked from commit 88e237da4c4d065e445659e2fdf34892cb99bdb9)
|
|
||||||
---
|
|
||||||
test-data/phony-guests/make-fedora-img.pl | 2 +-
|
|
||||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/test-data/phony-guests/make-fedora-img.pl b/test-data/phony-guests/make-fedora-img.pl
|
|
||||||
index ad30960f..488a7d89 100755
|
|
||||||
--- a/test-data/phony-guests/make-fedora-img.pl
|
|
||||||
+++ b/test-data/phony-guests/make-fedora-img.pl
|
|
||||||
@@ -195,7 +195,7 @@ EOF
|
|
||||||
|
|
||||||
# Put LUKS on the second partition.
|
|
||||||
$g->luks_format ('/dev/sda2', 'FEDORA', 0);
|
|
||||||
- $g->luks_open ('/dev/sda2', 'FEDORA', 'luks');
|
|
||||||
+ $g->cryptsetup_open ('/dev/sda2', 'FEDORA', 'luks');
|
|
||||||
|
|
||||||
init_lvm_root ('/dev/mapper/luks');
|
|
||||||
}
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
@ -1,4 +1,4 @@
|
|||||||
From 2408250d7cbf6c32a0a9a9de072fdb93d583519d Mon Sep 17 00:00:00 2001
|
From 8a8ff53b7d438e82085d52199d21c980a54c733d Mon Sep 17 00:00:00 2001
|
||||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
From: "Richard W.M. Jones" <rjones@redhat.com>
|
||||||
Date: Tue, 5 Jul 2022 11:58:09 +0100
|
Date: Tue, 5 Jul 2022 11:58:09 +0100
|
||||||
Subject: [PATCH] RHEL 9: tests: Remove btrfs test
|
Subject: [PATCH] RHEL 9: tests: Remove btrfs test
|
@ -1,158 +0,0 @@
|
|||||||
From b01ebfd510a841341c653d709ed94ad4ff4b7637 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Date: Tue, 14 Jun 2022 13:27:08 +0200
|
|
||||||
Subject: [PATCH] tests: rename "luks" to "lvm-on-luks"
|
|
||||||
|
|
||||||
Clarify that our current usage of "luks" stands for "lvm-on-luks" (IOW,
|
|
||||||
that the decrypted LUKS devices are Physical Volumes for LVM).
|
|
||||||
|
|
||||||
(This is a port of libguestfs patch 'tests: rename "luks" to
|
|
||||||
"lvm-on-luks"' -- commit 39a5bb6fda4d. See also guestfs-tools commit
|
|
||||||
8f2bbc3d50d8 -- 'inspector: rename "luks" to "lvm-on-luks"', 2022-02-28.)
|
|
||||||
|
|
||||||
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Message-Id: <20220614112709.12210-3-lersek@redhat.com>
|
|
||||||
Acked-by: Richard W.M. Jones <rjones@redhat.com>
|
|
||||||
(cherry picked from commit a2ff864d9332686cb7c27ccffe82783622c5d73d)
|
|
||||||
---
|
|
||||||
.gitignore | 2 +-
|
|
||||||
test-data/phony-guests/Makefile.am | 8 ++++----
|
|
||||||
test-data/phony-guests/guests.xml.in | 4 ++--
|
|
||||||
test-data/phony-guests/make-fedora-img.pl | 8 ++++----
|
|
||||||
tests/Makefile.am | 4 ++--
|
|
||||||
...rsion.sh => test-v2v-fedora-lvm-on-luks-conversion.sh} | 2 +-
|
|
||||||
6 files changed, 14 insertions(+), 14 deletions(-)
|
|
||||||
rename tests/{test-v2v-fedora-luks-conversion.sh => test-v2v-fedora-lvm-on-luks-conversion.sh} (95%)
|
|
||||||
|
|
||||||
diff --git a/.gitignore b/.gitignore
|
|
||||||
index dcafa39c..0256b89d 100644
|
|
||||||
--- a/.gitignore
|
|
||||||
+++ b/.gitignore
|
|
||||||
@@ -116,7 +116,7 @@ Makefile.in
|
|
||||||
/test-data/phony-guests/debian.img
|
|
||||||
/test-data/phony-guests/fedora.img
|
|
||||||
/test-data/phony-guests/fedora-btrfs.img
|
|
||||||
-/test-data/phony-guests/fedora-luks.img
|
|
||||||
+/test-data/phony-guests/fedora-lvm-on-luks.img
|
|
||||||
/test-data/phony-guests/fedora-md1.img
|
|
||||||
/test-data/phony-guests/fedora-md2.img
|
|
||||||
/test-data/phony-guests/fedora-static-bin
|
|
||||||
diff --git a/test-data/phony-guests/Makefile.am b/test-data/phony-guests/Makefile.am
|
|
||||||
index c45ddc11..6d7db3da 100644
|
|
||||||
--- a/test-data/phony-guests/Makefile.am
|
|
||||||
+++ b/test-data/phony-guests/Makefile.am
|
|
||||||
@@ -49,7 +49,7 @@ disk_images = \
|
|
||||||
fedora-md1.img \
|
|
||||||
fedora-md2.img \
|
|
||||||
fedora-btrfs.img \
|
|
||||||
- fedora-luks.img \
|
|
||||||
+ fedora-lvm-on-luks.img \
|
|
||||||
ubuntu.img \
|
|
||||||
archlinux.img \
|
|
||||||
coreos.img \
|
|
||||||
@@ -99,12 +99,12 @@ fedora-btrfs.img: make-fedora-img.pl \
|
|
||||||
fedora-static-bin
|
|
||||||
SRCDIR=$(srcdir) LAYOUT=btrfs $(top_builddir)/run --test ./$<
|
|
||||||
|
|
||||||
-# Make a (dummy) Fedora image with LVM encrypted with LUKS.
|
|
||||||
-fedora-luks.img: make-fedora-img.pl \
|
|
||||||
+# Make a (dummy) Fedora image with LVM-on-LUKS.
|
|
||||||
+fedora-lvm-on-luks.img: make-fedora-img.pl \
|
|
||||||
fedora-journal.tar.xz \
|
|
||||||
fedora.db \
|
|
||||||
fedora-static-bin
|
|
||||||
- SRCDIR=$(srcdir) LAYOUT=lvm-luks $(top_builddir)/run --test ./$<
|
|
||||||
+ SRCDIR=$(srcdir) LAYOUT=lvm-on-luks $(top_builddir)/run --test ./$<
|
|
||||||
|
|
||||||
# Make a (dummy) Debian image.
|
|
||||||
debian.img: make-debian-img.sh
|
|
||||||
diff --git a/test-data/phony-guests/guests.xml.in b/test-data/phony-guests/guests.xml.in
|
|
||||||
index 9f64c35c..339a6f7d 100644
|
|
||||||
--- a/test-data/phony-guests/guests.xml.in
|
|
||||||
+++ b/test-data/phony-guests/guests.xml.in
|
|
||||||
@@ -185,7 +185,7 @@
|
|
||||||
|
|
||||||
<!-- LUKS password is 'FEDORA' -->
|
|
||||||
<domain type='test'>
|
|
||||||
- <name>fedora-luks</name>
|
|
||||||
+ <name>fedora-lvm-on-luks</name>
|
|
||||||
<memory>1048576</memory>
|
|
||||||
<os>
|
|
||||||
<type>hvm</type>
|
|
||||||
@@ -194,7 +194,7 @@
|
|
||||||
<devices>
|
|
||||||
<disk type='file' device='disk'>
|
|
||||||
<driver name='qemu' type='raw'/>
|
|
||||||
- <source file='@abs_builddir@/fedora-luks.img'/>
|
|
||||||
+ <source file='@abs_builddir@/fedora-lvm-on-luks.img'/>
|
|
||||||
<target dev='vda' bus='virtio'/>
|
|
||||||
</disk>
|
|
||||||
</devices>
|
|
||||||
diff --git a/test-data/phony-guests/make-fedora-img.pl b/test-data/phony-guests/make-fedora-img.pl
|
|
||||||
index 488a7d89..0d886bdf 100755
|
|
||||||
--- a/test-data/phony-guests/make-fedora-img.pl
|
|
||||||
+++ b/test-data/phony-guests/make-fedora-img.pl
|
|
||||||
@@ -171,8 +171,8 @@ EOF
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
-elsif ($ENV{LAYOUT} eq 'lvm-luks') {
|
|
||||||
- push (@images, "fedora-luks.img-t");
|
|
||||||
+elsif ($ENV{LAYOUT} eq 'lvm-on-luks') {
|
|
||||||
+ push (@images, "fedora-lvm-on-luks.img-t");
|
|
||||||
|
|
||||||
open (my $fstab, '>', "fedora.fstab") or die;
|
|
||||||
print $fstab <<EOF;
|
|
||||||
@@ -183,9 +183,9 @@ EOF
|
|
||||||
|
|
||||||
$bootdev = '/dev/sda1';
|
|
||||||
|
|
||||||
- $g->disk_create ("fedora-luks.img-t", "raw", $IMAGE_SIZE);
|
|
||||||
+ $g->disk_create ("fedora-lvm-on-luks.img-t", "raw", $IMAGE_SIZE);
|
|
||||||
|
|
||||||
- $g->add_drive ("fedora-luks.img-t", format => "raw");
|
|
||||||
+ $g->add_drive ("fedora-lvm-on-luks.img-t", format => "raw");
|
|
||||||
$g->launch ();
|
|
||||||
|
|
||||||
$g->part_init ('/dev/sda', 'mbr');
|
|
||||||
diff --git a/tests/Makefile.am b/tests/Makefile.am
|
|
||||||
index eb2931c5..46e53a58 100644
|
|
||||||
--- a/tests/Makefile.am
|
|
||||||
+++ b/tests/Makefile.am
|
|
||||||
@@ -97,7 +97,7 @@ TESTS = \
|
|
||||||
test-v2v-virtio-win-iso.sh \
|
|
||||||
test-v2v-fedora-conversion.sh \
|
|
||||||
test-v2v-fedora-btrfs-conversion.sh \
|
|
||||||
- test-v2v-fedora-luks-conversion.sh \
|
|
||||||
+ test-v2v-fedora-lvm-on-luks-conversion.sh \
|
|
||||||
test-v2v-fedora-md-conversion.sh \
|
|
||||||
test-v2v-windows-conversion.sh \
|
|
||||||
rhbz1232192.sh \
|
|
||||||
@@ -176,7 +176,7 @@ EXTRA_DIST += \
|
|
||||||
test-v2v-cdrom.sh \
|
|
||||||
test-v2v-fedora-conversion.sh \
|
|
||||||
test-v2v-fedora-btrfs-conversion.sh \
|
|
||||||
- test-v2v-fedora-luks-conversion.sh \
|
|
||||||
+ test-v2v-fedora-lvm-on-luks-conversion.sh \
|
|
||||||
test-v2v-fedora-md-conversion.sh \
|
|
||||||
test-v2v-floppy.expected \
|
|
||||||
test-v2v-floppy.sh \
|
|
||||||
diff --git a/tests/test-v2v-fedora-luks-conversion.sh b/tests/test-v2v-fedora-lvm-on-luks-conversion.sh
|
|
||||||
similarity index 95%
|
|
||||||
rename from tests/test-v2v-fedora-luks-conversion.sh
|
|
||||||
rename to tests/test-v2v-fedora-lvm-on-luks-conversion.sh
|
|
||||||
index 2922c31d..e3e70e8c 100755
|
|
||||||
--- a/tests/test-v2v-fedora-luks-conversion.sh
|
|
||||||
+++ b/tests/test-v2v-fedora-lvm-on-luks-conversion.sh
|
|
||||||
@@ -25,7 +25,7 @@ set -e
|
|
||||||
set -x
|
|
||||||
|
|
||||||
skip_if_skipped
|
|
||||||
-f=../test-data/phony-guests/fedora-luks.img
|
|
||||||
+f=../test-data/phony-guests/fedora-lvm-on-luks.img
|
|
||||||
requires test -f $f
|
|
||||||
|
|
||||||
# The disk is encrypted with password "FEDORA".
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
@ -1,220 +0,0 @@
|
|||||||
From 308f585fa1e98fc07aad7a4e9299af47416d604f Mon Sep 17 00:00:00 2001
|
|
||||||
From: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Date: Tue, 14 Jun 2022 13:27:09 +0200
|
|
||||||
Subject: [PATCH] tests: add LUKS-on-LVM test
|
|
||||||
|
|
||||||
Port guestfs-tools commit 27da4b0c4991 ("inspector: add LUKS-on-LVM test",
|
|
||||||
2022-02-28) to virt-v2v. While at it, account for virt-v2v commit
|
|
||||||
fd7cd0c0fd22 ("test-data/phony-guests: Increase size of root filesystem",
|
|
||||||
2022-06-08).
|
|
||||||
|
|
||||||
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Message-Id: <20220614112709.12210-4-lersek@redhat.com>
|
|
||||||
Acked-by: Richard W.M. Jones <rjones@redhat.com>
|
|
||||||
(cherry picked from commit e4efe4b7d240b66b1d53fbe5a127f4f5966f6903)
|
|
||||||
---
|
|
||||||
.gitignore | 1 +
|
|
||||||
test-data/phony-guests/Makefile.am | 7 +++
|
|
||||||
test-data/phony-guests/guests.xml.in | 18 +++++++
|
|
||||||
test-data/phony-guests/make-fedora-img.pl | 54 +++++++++++++++++++
|
|
||||||
tests/Makefile.am | 2 +
|
|
||||||
.../test-v2v-fedora-luks-on-lvm-conversion.sh | 36 +++++++++++++
|
|
||||||
6 files changed, 118 insertions(+)
|
|
||||||
create mode 100755 tests/test-v2v-fedora-luks-on-lvm-conversion.sh
|
|
||||||
|
|
||||||
diff --git a/.gitignore b/.gitignore
|
|
||||||
index 0256b89d..46345e3b 100644
|
|
||||||
--- a/.gitignore
|
|
||||||
+++ b/.gitignore
|
|
||||||
@@ -116,6 +116,7 @@ Makefile.in
|
|
||||||
/test-data/phony-guests/debian.img
|
|
||||||
/test-data/phony-guests/fedora.img
|
|
||||||
/test-data/phony-guests/fedora-btrfs.img
|
|
||||||
+/test-data/phony-guests/fedora-luks-on-lvm.img
|
|
||||||
/test-data/phony-guests/fedora-lvm-on-luks.img
|
|
||||||
/test-data/phony-guests/fedora-md1.img
|
|
||||||
/test-data/phony-guests/fedora-md2.img
|
|
||||||
diff --git a/test-data/phony-guests/Makefile.am b/test-data/phony-guests/Makefile.am
|
|
||||||
index 6d7db3da..29dbd4d0 100644
|
|
||||||
--- a/test-data/phony-guests/Makefile.am
|
|
||||||
+++ b/test-data/phony-guests/Makefile.am
|
|
||||||
@@ -49,6 +49,7 @@ disk_images = \
|
|
||||||
fedora-md1.img \
|
|
||||||
fedora-md2.img \
|
|
||||||
fedora-btrfs.img \
|
|
||||||
+ fedora-luks-on-lvm.img \
|
|
||||||
fedora-lvm-on-luks.img \
|
|
||||||
ubuntu.img \
|
|
||||||
archlinux.img \
|
|
||||||
@@ -99,6 +100,12 @@ fedora-btrfs.img: make-fedora-img.pl \
|
|
||||||
fedora-static-bin
|
|
||||||
SRCDIR=$(srcdir) LAYOUT=btrfs $(top_builddir)/run --test ./$<
|
|
||||||
|
|
||||||
+# Make a (dummy) Fedora image with LUKS-on-LVM.
|
|
||||||
+fedora-luks-on-lvm.img: make-fedora-img.pl \
|
|
||||||
+ fedora-journal.tar.xz \
|
|
||||||
+ fedora.db
|
|
||||||
+ SRCDIR=$(srcdir) LAYOUT=luks-on-lvm $(top_builddir)/run --test ./$<
|
|
||||||
+
|
|
||||||
# Make a (dummy) Fedora image with LVM-on-LUKS.
|
|
||||||
fedora-lvm-on-luks.img: make-fedora-img.pl \
|
|
||||||
fedora-journal.tar.xz \
|
|
||||||
diff --git a/test-data/phony-guests/guests.xml.in b/test-data/phony-guests/guests.xml.in
|
|
||||||
index 339a6f7d..4391c9b4 100644
|
|
||||||
--- a/test-data/phony-guests/guests.xml.in
|
|
||||||
+++ b/test-data/phony-guests/guests.xml.in
|
|
||||||
@@ -183,6 +183,24 @@
|
|
||||||
</devices>
|
|
||||||
</domain>
|
|
||||||
|
|
||||||
+ <!-- LUKS passwords are 'FEDORA-Root', 'FEDORA-LV1', 'FEDORA-LV2',
|
|
||||||
+ 'FEDORA-LV3' -->
|
|
||||||
+ <domain type='test'>
|
|
||||||
+ <name>fedora-luks-on-lvm</name>
|
|
||||||
+ <memory>1048576</memory>
|
|
||||||
+ <os>
|
|
||||||
+ <type>hvm</type>
|
|
||||||
+ <boot dev='hd'/>
|
|
||||||
+ </os>
|
|
||||||
+ <devices>
|
|
||||||
+ <disk type='file' device='disk'>
|
|
||||||
+ <driver name='qemu' type='raw'/>
|
|
||||||
+ <source file='@abs_builddir@/fedora-luks-on-lvm.img'/>
|
|
||||||
+ <target dev='vda' bus='virtio'/>
|
|
||||||
+ </disk>
|
|
||||||
+ </devices>
|
|
||||||
+ </domain>
|
|
||||||
+
|
|
||||||
<!-- LUKS password is 'FEDORA' -->
|
|
||||||
<domain type='test'>
|
|
||||||
<name>fedora-lvm-on-luks</name>
|
|
||||||
diff --git a/test-data/phony-guests/make-fedora-img.pl b/test-data/phony-guests/make-fedora-img.pl
|
|
||||||
index 0d886bdf..c30c0b53 100755
|
|
||||||
--- a/test-data/phony-guests/make-fedora-img.pl
|
|
||||||
+++ b/test-data/phony-guests/make-fedora-img.pl
|
|
||||||
@@ -200,6 +200,60 @@ EOF
|
|
||||||
init_lvm_root ('/dev/mapper/luks');
|
|
||||||
}
|
|
||||||
|
|
||||||
+elsif ($ENV{LAYOUT} eq 'luks-on-lvm') {
|
|
||||||
+ push (@images, "fedora-luks-on-lvm.img-t");
|
|
||||||
+
|
|
||||||
+ open (my $fstab, '>', "fedora.fstab") or die;
|
|
||||||
+ print $fstab <<EOF;
|
|
||||||
+LABEL=BOOT /boot ext2 default 0 0
|
|
||||||
+LABEL=ROOT / ext2 default 0 0
|
|
||||||
+EOF
|
|
||||||
+ close ($fstab) or die;
|
|
||||||
+
|
|
||||||
+ $bootdev = '/dev/sda1';
|
|
||||||
+
|
|
||||||
+ $g->disk_create ("fedora-luks-on-lvm.img-t", "raw", $IMAGE_SIZE);
|
|
||||||
+
|
|
||||||
+ $g->add_drive ("fedora-luks-on-lvm.img-t", format => "raw");
|
|
||||||
+ $g->launch ();
|
|
||||||
+
|
|
||||||
+ $g->part_init ('/dev/sda', 'mbr');
|
|
||||||
+ foreach my $p (@PARTITIONS) {
|
|
||||||
+ $g->part_add('/dev/sda', @$p);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ # Create the Volume Group on /dev/sda2.
|
|
||||||
+ $g->pvcreate ('/dev/sda2');
|
|
||||||
+ $g->vgcreate ('VG', ['/dev/sda2']);
|
|
||||||
+ $g->lvcreate ('Root', 'VG', 256);
|
|
||||||
+ $g->lvcreate ('LV1', 'VG', 32);
|
|
||||||
+ $g->lvcreate ('LV2', 'VG', 32);
|
|
||||||
+ $g->lvcreate ('LV3', 'VG', 64);
|
|
||||||
+
|
|
||||||
+ # Format each Logical Group as a LUKS device, with a different password.
|
|
||||||
+ $g->luks_format ('/dev/VG/Root', 'FEDORA-Root', 0);
|
|
||||||
+ $g->luks_format ('/dev/VG/LV1', 'FEDORA-LV1', 0);
|
|
||||||
+ $g->luks_format ('/dev/VG/LV2', 'FEDORA-LV2', 0);
|
|
||||||
+ $g->luks_format ('/dev/VG/LV3', 'FEDORA-LV3', 0);
|
|
||||||
+
|
|
||||||
+ # Open the LUKS devices. This creates nodes like /dev/mapper/*-luks.
|
|
||||||
+ $g->cryptsetup_open ('/dev/VG/Root', 'FEDORA-Root', 'Root-luks');
|
|
||||||
+ $g->cryptsetup_open ('/dev/VG/LV1', 'FEDORA-LV1', 'LV1-luks');
|
|
||||||
+ $g->cryptsetup_open ('/dev/VG/LV2', 'FEDORA-LV2', 'LV2-luks');
|
|
||||||
+ $g->cryptsetup_open ('/dev/VG/LV3', 'FEDORA-LV3', 'LV3-luks');
|
|
||||||
+
|
|
||||||
+ # Phony root filesystem.
|
|
||||||
+ $g->mkfs ('ext2', '/dev/mapper/Root-luks', blocksize => 4096, label => 'ROOT');
|
|
||||||
+ $g->set_uuid ('/dev/mapper/Root-luks', '01234567-0123-0123-0123-012345678902');
|
|
||||||
+
|
|
||||||
+ # Other filesystems, just for testing findfs-label.
|
|
||||||
+ $g->mkfs ('ext2', '/dev/mapper/LV1-luks', blocksize => 4096, label => 'LV1');
|
|
||||||
+ $g->mkfs ('ext2', '/dev/mapper/LV2-luks', blocksize => 1024, label => 'LV2');
|
|
||||||
+ $g->mkfs ('ext2', '/dev/mapper/LV3-luks', blocksize => 2048, label => 'LV3');
|
|
||||||
+
|
|
||||||
+ $g->mount ('/dev/mapper/Root-luks', '/');
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
else {
|
|
||||||
print STDERR "$0: Unknown LAYOUT: ",$ENV{LAYOUT},"\n";
|
|
||||||
exit 1;
|
|
||||||
diff --git a/tests/Makefile.am b/tests/Makefile.am
|
|
||||||
index 46e53a58..e787a86c 100644
|
|
||||||
--- a/tests/Makefile.am
|
|
||||||
+++ b/tests/Makefile.am
|
|
||||||
@@ -97,6 +97,7 @@ TESTS = \
|
|
||||||
test-v2v-virtio-win-iso.sh \
|
|
||||||
test-v2v-fedora-conversion.sh \
|
|
||||||
test-v2v-fedora-btrfs-conversion.sh \
|
|
||||||
+ test-v2v-fedora-luks-on-lvm-conversion.sh \
|
|
||||||
test-v2v-fedora-lvm-on-luks-conversion.sh \
|
|
||||||
test-v2v-fedora-md-conversion.sh \
|
|
||||||
test-v2v-windows-conversion.sh \
|
|
||||||
@@ -176,6 +177,7 @@ EXTRA_DIST += \
|
|
||||||
test-v2v-cdrom.sh \
|
|
||||||
test-v2v-fedora-conversion.sh \
|
|
||||||
test-v2v-fedora-btrfs-conversion.sh \
|
|
||||||
+ test-v2v-fedora-luks-on-lvm-conversion.sh \
|
|
||||||
test-v2v-fedora-lvm-on-luks-conversion.sh \
|
|
||||||
test-v2v-fedora-md-conversion.sh \
|
|
||||||
test-v2v-floppy.expected \
|
|
||||||
diff --git a/tests/test-v2v-fedora-luks-on-lvm-conversion.sh b/tests/test-v2v-fedora-luks-on-lvm-conversion.sh
|
|
||||||
new file mode 100755
|
|
||||||
index 00000000..1a4068cf
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/tests/test-v2v-fedora-luks-on-lvm-conversion.sh
|
|
||||||
@@ -0,0 +1,36 @@
|
|
||||||
+#!/bin/bash -
|
|
||||||
+# libguestfs virt-v2v test script
|
|
||||||
+# Copyright (C) 2014-2022 Red Hat Inc.
|
|
||||||
+#
|
|
||||||
+# This program is free software; you can redistribute it and/or modify
|
|
||||||
+# it under the terms of the GNU General Public License as published by
|
|
||||||
+# the Free Software Foundation; either version 2 of the License, or
|
|
||||||
+# (at your option) any later version.
|
|
||||||
+#
|
|
||||||
+# This program is distributed in the hope that it will be useful,
|
|
||||||
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
+# GNU General Public License for more details.
|
|
||||||
+#
|
|
||||||
+# You should have received a copy of the GNU General Public License
|
|
||||||
+# along with this program; if not, write to the Free Software
|
|
||||||
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
||||||
+
|
|
||||||
+# Test virt-v2v (Phony) Fedora conversion.
|
|
||||||
+
|
|
||||||
+set -e
|
|
||||||
+
|
|
||||||
+source ./functions.sh
|
|
||||||
+set -e
|
|
||||||
+set -x
|
|
||||||
+
|
|
||||||
+skip_if_skipped
|
|
||||||
+f=../test-data/phony-guests/fedora-luks-on-lvm.img
|
|
||||||
+requires test -f $f
|
|
||||||
+
|
|
||||||
+keys=(--key /dev/VG/Root:key:FEDORA-Root
|
|
||||||
+ --key /dev/VG/LV1:key:FEDORA-LV1
|
|
||||||
+ --key /dev/VG/LV2:key:FEDORA-LV2
|
|
||||||
+ --key /dev/VG/LV3:key:FEDORA-LV3)
|
|
||||||
+
|
|
||||||
+$VG virt-v2v --debug-gc -i disk $f -o null "${keys[@]}"
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
@ -1,53 +0,0 @@
|
|||||||
From 5fa419748ef35851efadd1a249d55f42c5d0112b Mon Sep 17 00:00:00 2001
|
|
||||||
From: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Date: Wed, 29 Jun 2022 15:44:27 +0200
|
|
||||||
Subject: [PATCH] update common submodule for CVE-2022-2211 fix
|
|
||||||
|
|
||||||
$ git shortlog 9e990f3e4530..35467027f657
|
|
||||||
|
|
||||||
Laszlo Ersek (1):
|
|
||||||
options: fix buffer overflow in get_keys() [CVE-2022-2211]
|
|
||||||
|
|
||||||
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
(cherry picked from commit 795d5dfcef77fc54fec4d237bda28571454a6d4e)
|
|
||||||
---
|
|
||||||
common | 2 +-
|
|
||||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
||||||
|
|
||||||
Submodule common 9e990f3e..35467027:
|
|
||||||
diff --git a/common/options/keys.c b/common/options/keys.c
|
|
||||||
index 798315c2..d27a7123 100644
|
|
||||||
--- a/common/options/keys.c
|
|
||||||
+++ b/common/options/keys.c
|
|
||||||
@@ -128,17 +128,23 @@ read_first_line_from_file (const char *filename)
|
|
||||||
char **
|
|
||||||
get_keys (struct key_store *ks, const char *device, const char *uuid)
|
|
||||||
{
|
|
||||||
- size_t i, j, len;
|
|
||||||
+ size_t i, j, nmemb;
|
|
||||||
char **r;
|
|
||||||
char *s;
|
|
||||||
|
|
||||||
/* We know the returned list must have at least one element and not
|
|
||||||
* more than ks->nr_keys.
|
|
||||||
*/
|
|
||||||
- len = 1;
|
|
||||||
- if (ks)
|
|
||||||
- len = MIN (1, ks->nr_keys);
|
|
||||||
- r = calloc (len+1, sizeof (char *));
|
|
||||||
+ nmemb = 1;
|
|
||||||
+ if (ks && ks->nr_keys > nmemb)
|
|
||||||
+ nmemb = ks->nr_keys;
|
|
||||||
+
|
|
||||||
+ /* make room for the terminating NULL */
|
|
||||||
+ if (nmemb == (size_t)-1)
|
|
||||||
+ error (EXIT_FAILURE, 0, _("size_t overflow"));
|
|
||||||
+ nmemb++;
|
|
||||||
+
|
|
||||||
+ r = calloc (nmemb, sizeof (char *));
|
|
||||||
if (r == NULL)
|
|
||||||
error (EXIT_FAILURE, errno, "calloc");
|
|
||||||
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
@ -1,586 +0,0 @@
|
|||||||
From 94b57f647d67d4713284af1f0580d1afedd6ebaa Mon Sep 17 00:00:00 2001
|
|
||||||
From: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Date: Fri, 1 Jul 2022 15:30:42 +0200
|
|
||||||
Subject: [PATCH] convert: document networking dependency of "--key ID:clevis"
|
|
||||||
|
|
||||||
Virt-v2v enables appliance networking already, for the sake of
|
|
||||||
"unconfigure_vmware". We now have a second use case for networking: "--key
|
|
||||||
ID:clevis". Update the comment in the code.
|
|
||||||
|
|
||||||
(Short log for libguestfs-common commit range 35467027f657..af6cb55bc58a:
|
|
||||||
|
|
||||||
Laszlo Ersek (12):
|
|
||||||
options: fix UUID comparison logic bug in get_keys()
|
|
||||||
mltools/tools_utils: remove unused function "key_store_to_cli"
|
|
||||||
mltools/tools_utils: allow multiple "--key" options for OCaml tools too
|
|
||||||
options: replace NULL-termination with number-of-elements in get_keys()
|
|
||||||
options: wrap each passphrase from get_keys() into a struct
|
|
||||||
options: add back-end for LUKS decryption with Clevis+Tang
|
|
||||||
options: introduce selector type "key_clevis"
|
|
||||||
options: generalize "--key" selector parsing for C-language utilities
|
|
||||||
mltools/tools_utils-c: handle internal type error with abort()
|
|
||||||
mltools/tools_utils: generalize "--key" selector parsing for OCaml utils
|
|
||||||
options, mltools/tools_utils: parse "--key ID:clevis" options
|
|
||||||
options, mltools/tools_utils: add helper for network dependency
|
|
||||||
).
|
|
||||||
|
|
||||||
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1809453
|
|
||||||
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
|
||||||
Message-Id: <20220628115856.5820-1-lersek@redhat.com>
|
|
||||||
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
|
|
||||||
(cherry picked from commit 98fa5ab2685371c681282ce5de704877af27be74)
|
|
||||||
---
|
|
||||||
common | 2 +-
|
|
||||||
convert/convert.ml | 3 ++-
|
|
||||||
2 files changed, 3 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
Submodule common 35467027..af6cb55b:
|
|
||||||
diff --git a/common/mltools/tools_utils-c.c b/common/mltools/tools_utils-c.c
|
|
||||||
index 08146677..4ff42e5d 100644
|
|
||||||
--- a/common/mltools/tools_utils-c.c
|
|
||||||
+++ b/common/mltools/tools_utils-c.c
|
|
||||||
@@ -62,24 +62,31 @@ guestfs_int_mllib_inspect_decrypt (value gv, value gpv, value keysv)
|
|
||||||
caml_raise_out_of_memory ();
|
|
||||||
|
|
||||||
v = Field (elemv, 1);
|
|
||||||
- switch (Tag_val (v)) {
|
|
||||||
- case 0: /* KeyString of string */
|
|
||||||
- key.type = key_string;
|
|
||||||
- key.string.s = strdup (String_val (Field (v, 0)));
|
|
||||||
- if (!key.string.s)
|
|
||||||
- caml_raise_out_of_memory ();
|
|
||||||
- break;
|
|
||||||
- case 1: /* KeyFileName of string */
|
|
||||||
- key.type = key_file;
|
|
||||||
- key.file.name = strdup (String_val (Field (v, 0)));
|
|
||||||
- if (!key.file.name)
|
|
||||||
- caml_raise_out_of_memory ();
|
|
||||||
- break;
|
|
||||||
- default:
|
|
||||||
- error (EXIT_FAILURE, 0,
|
|
||||||
- "internal error: unhandled Tag_val (v) = %d",
|
|
||||||
- Tag_val (v));
|
|
||||||
- }
|
|
||||||
+ if (Is_block (v))
|
|
||||||
+ switch (Tag_val (v)) {
|
|
||||||
+ case 0: /* KeyString of string */
|
|
||||||
+ key.type = key_string;
|
|
||||||
+ key.string.s = strdup (String_val (Field (v, 0)));
|
|
||||||
+ if (!key.string.s)
|
|
||||||
+ caml_raise_out_of_memory ();
|
|
||||||
+ break;
|
|
||||||
+ case 1: /* KeyFileName of string */
|
|
||||||
+ key.type = key_file;
|
|
||||||
+ key.file.name = strdup (String_val (Field (v, 0)));
|
|
||||||
+ if (!key.file.name)
|
|
||||||
+ caml_raise_out_of_memory ();
|
|
||||||
+ break;
|
|
||||||
+ default:
|
|
||||||
+ abort ();
|
|
||||||
+ }
|
|
||||||
+ else
|
|
||||||
+ switch (Int_val (v)) {
|
|
||||||
+ case 0: /* KeyClevis */
|
|
||||||
+ key.type = key_clevis;
|
|
||||||
+ break;
|
|
||||||
+ default:
|
|
||||||
+ abort ();
|
|
||||||
+ }
|
|
||||||
|
|
||||||
ks = key_store_import_key (ks, &key);
|
|
||||||
|
|
||||||
diff --git a/common/mltools/tools_utils.ml b/common/mltools/tools_utils.ml
|
|
||||||
index 695fda7e..562bfadc 100644
|
|
||||||
--- a/common/mltools/tools_utils.ml
|
|
||||||
+++ b/common/mltools/tools_utils.ml
|
|
||||||
@@ -29,11 +29,12 @@ open Getopt.OptionName
|
|
||||||
let prog = ref prog
|
|
||||||
|
|
||||||
type key_store = {
|
|
||||||
- keys : (string, key_store_key) Hashtbl.t;
|
|
||||||
+ keys : (string * key_store_key) list ref;
|
|
||||||
}
|
|
||||||
and key_store_key =
|
|
||||||
| KeyString of string
|
|
||||||
| KeyFileName of string
|
|
||||||
+ | KeyClevis
|
|
||||||
|
|
||||||
external c_inspect_decrypt : Guestfs.t -> int64 -> (string * key_store_key) list -> unit = "guestfs_int_mllib_inspect_decrypt"
|
|
||||||
external c_set_echo_keys : unit -> unit = "guestfs_int_mllib_set_echo_keys" [@@noalloc]
|
|
||||||
@@ -376,7 +377,7 @@ let create_standard_options argspec ?anon_fun ?(key_opts = false)
|
|
||||||
)
|
|
||||||
in
|
|
||||||
let ks = {
|
|
||||||
- keys = Hashtbl.create 13;
|
|
||||||
+ keys = ref [];
|
|
||||||
} in
|
|
||||||
let argspec = ref argspec in
|
|
||||||
let add_argspec = List.push_back argspec in
|
|
||||||
@@ -392,14 +393,28 @@ let create_standard_options argspec ?anon_fun ?(key_opts = false)
|
|
||||||
|
|
||||||
if key_opts then (
|
|
||||||
let parse_key_selector arg =
|
|
||||||
- let parts = String.nsplit ~max:3 ":" arg in
|
|
||||||
+ let parts = String.nsplit ":" arg in
|
|
||||||
match parts with
|
|
||||||
+ | [] ->
|
|
||||||
+ error (f_"selector '%s': missing ID") arg
|
|
||||||
+ | [ _ ] ->
|
|
||||||
+ error (f_"selector '%s': missing TYPE") arg
|
|
||||||
+ | [ _; "key" ]
|
|
||||||
+ | _ :: "key" :: _ :: _ :: _ ->
|
|
||||||
+ error (f_"selector '%s': missing KEY_STRING, or too many fields") arg
|
|
||||||
| [ device; "key"; key ] ->
|
|
||||||
- Hashtbl.replace ks.keys device (KeyString key)
|
|
||||||
+ List.push_back ks.keys (device, KeyString key)
|
|
||||||
+ | [ _; "file" ]
|
|
||||||
+ | _ :: "file" :: _ :: _ :: _ ->
|
|
||||||
+ error (f_"selector '%s': missing FILENAME, or too many fields") arg
|
|
||||||
| [ device; "file"; file ] ->
|
|
||||||
- Hashtbl.replace ks.keys device (KeyFileName file)
|
|
||||||
+ List.push_back ks.keys (device, KeyFileName file)
|
|
||||||
+ | _ :: "clevis" :: _ :: _ ->
|
|
||||||
+ error (f_"selector '%s': too many fields") arg
|
|
||||||
+ | [ device; "clevis" ] ->
|
|
||||||
+ List.push_back ks.keys (device, KeyClevis)
|
|
||||||
| _ ->
|
|
||||||
- error (f_"invalid selector string for --key: %s") arg
|
|
||||||
+ error (f_"selector '%s': invalid TYPE") arg
|
|
||||||
in
|
|
||||||
|
|
||||||
add_argspec ([ L"echo-keys" ], Getopt.Unit c_set_echo_keys, s_"Don’t turn off echo for passphrases");
|
|
||||||
@@ -420,16 +435,6 @@ let create_standard_options argspec ?anon_fun ?(key_opts = false)
|
|
||||||
let getopt = Getopt.create argspec ?anon_fun usage_msg in
|
|
||||||
{ getopt; ks; debug_gc }
|
|
||||||
|
|
||||||
-let key_store_to_cli { keys } =
|
|
||||||
- Hashtbl.fold (
|
|
||||||
- fun k v acc ->
|
|
||||||
- let arg =
|
|
||||||
- match v with
|
|
||||||
- | KeyString s -> sprintf "%s:key:%s" k s
|
|
||||||
- | KeyFileName f -> sprintf "%s:file:%s" k f in
|
|
||||||
- "--key" :: arg :: acc
|
|
||||||
- ) keys []
|
|
||||||
-
|
|
||||||
(* Run an external command, slurp up the output as a list of lines. *)
|
|
||||||
let external_command ?(echo_cmd = true) cmd =
|
|
||||||
if echo_cmd then
|
|
||||||
@@ -691,21 +696,19 @@ let is_btrfs_subvolume g fs =
|
|
||||||
if g#last_errno () = Guestfs.Errno.errno_EINVAL then false
|
|
||||||
else raise exn
|
|
||||||
|
|
||||||
+let key_store_requires_network ks =
|
|
||||||
+ List.exists (function
|
|
||||||
+ | _, KeyClevis -> true
|
|
||||||
+ | _ -> false) !(ks.keys)
|
|
||||||
+
|
|
||||||
let inspect_decrypt g ks =
|
|
||||||
- (* Turn the keys in the key_store into a simpler struct, so it is possible
|
|
||||||
- * to read it using the C API.
|
|
||||||
- *)
|
|
||||||
- let keys_as_list = Hashtbl.fold (
|
|
||||||
- fun k v acc ->
|
|
||||||
- (k, v) :: acc
|
|
||||||
- ) ks.keys [] in
|
|
||||||
(* Note we pass original 'g' even though it is not used by the
|
|
||||||
* callee. This is so that 'g' is kept as a root on the stack, and
|
|
||||||
* so cannot be garbage collected while we are in the c_inspect_decrypt
|
|
||||||
* function.
|
|
||||||
*)
|
|
||||||
c_inspect_decrypt g#ocaml_handle (Guestfs.c_pointer g#ocaml_handle)
|
|
||||||
- keys_as_list
|
|
||||||
+ !(ks.keys)
|
|
||||||
|
|
||||||
let with_timeout op timeout ?(sleep = 2) fn =
|
|
||||||
let start_t = Unix.gettimeofday () in
|
|
||||||
diff --git a/common/mltools/tools_utils.mli b/common/mltools/tools_utils.mli
|
|
||||||
index 50183006..ec900e63 100644
|
|
||||||
--- a/common/mltools/tools_utils.mli
|
|
||||||
+++ b/common/mltools/tools_utils.mli
|
|
||||||
@@ -103,14 +103,6 @@ val create_standard_options : Getopt.speclist -> ?anon_fun:Getopt.anon_fun -> ?k
|
|
||||||
|
|
||||||
Returns a new {!cmdline_options} structure. *)
|
|
||||||
|
|
||||||
-val key_store_to_cli : key_store -> string list
|
|
||||||
-(** Convert a {!key_store} object back to a list of command line
|
|
||||||
- options, essentially undoing the effect of Getopt parsing.
|
|
||||||
- This is used in virt-v2v to pass the keystore to helpers.
|
|
||||||
- It is not particularly secure, especially if you use the
|
|
||||||
- [:key:] selector, although not any less secure than passing
|
|
||||||
- them via the command line in the first place. *)
|
|
||||||
-
|
|
||||||
val external_command : ?echo_cmd:bool -> string -> string list
|
|
||||||
(** Run an external command, slurp up the output as a list of lines.
|
|
||||||
|
|
||||||
@@ -204,6 +196,10 @@ val inspect_mount_root_ro : Guestfs.guestfs -> string -> unit
|
|
||||||
val is_btrfs_subvolume : Guestfs.guestfs -> string -> bool
|
|
||||||
(** Checks if a filesystem is a btrfs subvolume. *)
|
|
||||||
|
|
||||||
+val key_store_requires_network : key_store -> bool
|
|
||||||
+(** [key_store_requires_network ks] returns [true] iff [ks] contains at least
|
|
||||||
+ one "ID:clevis" selector. *)
|
|
||||||
+
|
|
||||||
val inspect_decrypt : Guestfs.guestfs -> key_store -> unit
|
|
||||||
(** Simple implementation of decryption: look for any encrypted
|
|
||||||
partitions and decrypt them, then rescan for VGs. *)
|
|
||||||
diff --git a/common/options/decrypt.c b/common/options/decrypt.c
|
|
||||||
index 1cd7b627..97c8b88d 100644
|
|
||||||
--- a/common/options/decrypt.c
|
|
||||||
+++ b/common/options/decrypt.c
|
|
||||||
@@ -124,10 +124,10 @@ decrypt_mountables (guestfs_h *g, const char * const *mountables,
|
|
||||||
while ((mountable = *mnt_scan++) != NULL) {
|
|
||||||
CLEANUP_FREE char *type = NULL;
|
|
||||||
CLEANUP_FREE char *uuid = NULL;
|
|
||||||
- CLEANUP_FREE_STRING_LIST char **keys = NULL;
|
|
||||||
+ struct matching_key *keys;
|
|
||||||
+ size_t nr_matches;
|
|
||||||
CLEANUP_FREE char *mapname = NULL;
|
|
||||||
- const char * const *key_scan;
|
|
||||||
- const char *key;
|
|
||||||
+ size_t scan;
|
|
||||||
|
|
||||||
type = guestfs_vfs_type (g, mountable);
|
|
||||||
if (type == NULL)
|
|
||||||
@@ -144,33 +144,45 @@ decrypt_mountables (guestfs_h *g, const char * const *mountables,
|
|
||||||
/* Grab the keys that we should try with this device, based on device name,
|
|
||||||
* or UUID (if any).
|
|
||||||
*/
|
|
||||||
- keys = get_keys (ks, mountable, uuid);
|
|
||||||
- assert (keys[0] != NULL);
|
|
||||||
+ keys = get_keys (ks, mountable, uuid, &nr_matches);
|
|
||||||
+ assert (nr_matches > 0);
|
|
||||||
|
|
||||||
/* Generate a node name for the plaintext (decrypted) device node. */
|
|
||||||
if (uuid == NULL || asprintf (&mapname, "luks-%s", uuid) == -1)
|
|
||||||
mapname = make_mapname (mountable);
|
|
||||||
|
|
||||||
/* Try each key in turn. */
|
|
||||||
- key_scan = (const char * const *)keys;
|
|
||||||
- while ((key = *key_scan++) != NULL) {
|
|
||||||
+ for (scan = 0; scan < nr_matches; ++scan) {
|
|
||||||
+ struct matching_key *key = keys + scan;
|
|
||||||
int r;
|
|
||||||
|
|
||||||
guestfs_push_error_handler (g, NULL, NULL);
|
|
||||||
- r = guestfs_cryptsetup_open (g, mountable, key, mapname, -1);
|
|
||||||
+ assert (key->clevis == (key->passphrase == NULL));
|
|
||||||
+ if (key->clevis)
|
|
||||||
+#ifdef GUESTFS_HAVE_CLEVIS_LUKS_UNLOCK
|
|
||||||
+ r = guestfs_clevis_luks_unlock (g, mountable, mapname);
|
|
||||||
+#else
|
|
||||||
+ error (EXIT_FAILURE, 0,
|
|
||||||
+ _("'clevis_luks_unlock', needed for decrypting %s, is "
|
|
||||||
+ "unavailable in this libguestfs version"), mountable);
|
|
||||||
+#endif
|
|
||||||
+ else
|
|
||||||
+ r = guestfs_cryptsetup_open (g, mountable, key->passphrase, mapname,
|
|
||||||
+ -1);
|
|
||||||
guestfs_pop_error_handler (g);
|
|
||||||
|
|
||||||
if (r == 0)
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (key == NULL)
|
|
||||||
+ if (scan == nr_matches)
|
|
||||||
error (EXIT_FAILURE, 0,
|
|
||||||
_("could not find key to open LUKS encrypted %s.\n\n"
|
|
||||||
"Try using --key on the command line.\n\n"
|
|
||||||
"Original error: %s (%d)"),
|
|
||||||
mountable, guestfs_last_error (g), guestfs_last_errno (g));
|
|
||||||
|
|
||||||
+ free_keys (keys, nr_matches);
|
|
||||||
decrypted_some = true;
|
|
||||||
}
|
|
||||||
|
|
||||||
diff --git a/common/options/key-option.pod b/common/options/key-option.pod
|
|
||||||
index 90a3b15c..6bc04df1 100644
|
|
||||||
--- a/common/options/key-option.pod
|
|
||||||
+++ b/common/options/key-option.pod
|
|
||||||
@@ -14,4 +14,13 @@ Use the specified C<KEY_STRING> as passphrase.
|
|
||||||
|
|
||||||
Read the passphrase from F<FILENAME>.
|
|
||||||
|
|
||||||
+=item B<--key> C<ID>:clevis
|
|
||||||
+
|
|
||||||
+Attempt passphrase-less unlocking for C<ID> with Clevis, over the
|
|
||||||
+network. Please refer to L<guestfs(3)/ENCRYPTED DISKS> for more
|
|
||||||
+information on network-bound disk encryption (NBDE).
|
|
||||||
+
|
|
||||||
+Note that if any such option is present on the command line, QEMU user
|
|
||||||
+networking will be automatically enabled for the libguestfs appliance.
|
|
||||||
+
|
|
||||||
=back
|
|
||||||
diff --git a/common/options/keys.c b/common/options/keys.c
|
|
||||||
index d27a7123..d987ae56 100644
|
|
||||||
--- a/common/options/keys.c
|
|
||||||
+++ b/common/options/keys.c
|
|
||||||
@@ -125,11 +125,12 @@ read_first_line_from_file (const char *filename)
|
|
||||||
* keystore. There may be multiple. If none are read from the
|
|
||||||
* keystore, ask the user.
|
|
||||||
*/
|
|
||||||
-char **
|
|
||||||
-get_keys (struct key_store *ks, const char *device, const char *uuid)
|
|
||||||
+struct matching_key *
|
|
||||||
+get_keys (struct key_store *ks, const char *device, const char *uuid,
|
|
||||||
+ size_t *nr_matches)
|
|
||||||
{
|
|
||||||
- size_t i, j, nmemb;
|
|
||||||
- char **r;
|
|
||||||
+ size_t i, nmemb;
|
|
||||||
+ struct matching_key *r, *match;
|
|
||||||
char *s;
|
|
||||||
|
|
||||||
/* We know the returned list must have at least one element and not
|
|
||||||
@@ -139,22 +140,20 @@ get_keys (struct key_store *ks, const char *device, const char *uuid)
|
|
||||||
if (ks && ks->nr_keys > nmemb)
|
|
||||||
nmemb = ks->nr_keys;
|
|
||||||
|
|
||||||
- /* make room for the terminating NULL */
|
|
||||||
- if (nmemb == (size_t)-1)
|
|
||||||
+ if (nmemb > (size_t)-1 / sizeof *r)
|
|
||||||
error (EXIT_FAILURE, 0, _("size_t overflow"));
|
|
||||||
- nmemb++;
|
|
||||||
|
|
||||||
- r = calloc (nmemb, sizeof (char *));
|
|
||||||
+ r = malloc (nmemb * sizeof *r);
|
|
||||||
if (r == NULL)
|
|
||||||
- error (EXIT_FAILURE, errno, "calloc");
|
|
||||||
+ error (EXIT_FAILURE, errno, "malloc");
|
|
||||||
|
|
||||||
- j = 0;
|
|
||||||
+ match = r;
|
|
||||||
|
|
||||||
if (ks) {
|
|
||||||
for (i = 0; i < ks->nr_keys; ++i) {
|
|
||||||
struct key_store_key *key = &ks->keys[i];
|
|
||||||
|
|
||||||
- if (STRNEQ (key->id, device) && (uuid && STRNEQ (key->id, uuid)))
|
|
||||||
+ if (STRNEQ (key->id, device) && (!uuid || STRNEQ (key->id, uuid)))
|
|
||||||
continue;
|
|
||||||
|
|
||||||
switch (key->type) {
|
|
||||||
@@ -162,68 +161,101 @@ get_keys (struct key_store *ks, const char *device, const char *uuid)
|
|
||||||
s = strdup (key->string.s);
|
|
||||||
if (!s)
|
|
||||||
error (EXIT_FAILURE, errno, "strdup");
|
|
||||||
- r[j++] = s;
|
|
||||||
+ match->clevis = false;
|
|
||||||
+ match->passphrase = s;
|
|
||||||
+ ++match;
|
|
||||||
break;
|
|
||||||
case key_file:
|
|
||||||
s = read_first_line_from_file (key->file.name);
|
|
||||||
- r[j++] = s;
|
|
||||||
+ match->clevis = false;
|
|
||||||
+ match->passphrase = s;
|
|
||||||
+ ++match;
|
|
||||||
+ break;
|
|
||||||
+ case key_clevis:
|
|
||||||
+ match->clevis = true;
|
|
||||||
+ match->passphrase = NULL;
|
|
||||||
+ ++match;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (j == 0) {
|
|
||||||
+ if (match == r) {
|
|
||||||
/* Key not found in the key store, ask the user for it. */
|
|
||||||
s = read_key (device);
|
|
||||||
if (!s)
|
|
||||||
error (EXIT_FAILURE, 0, _("could not read key from user"));
|
|
||||||
- r[0] = s;
|
|
||||||
+ match->clevis = false;
|
|
||||||
+ match->passphrase = s;
|
|
||||||
+ ++match;
|
|
||||||
}
|
|
||||||
|
|
||||||
+ *nr_matches = (size_t)(match - r);
|
|
||||||
return r;
|
|
||||||
}
|
|
||||||
|
|
||||||
+void
|
|
||||||
+free_keys (struct matching_key *keys, size_t nr_matches)
|
|
||||||
+{
|
|
||||||
+ size_t i;
|
|
||||||
+
|
|
||||||
+ for (i = 0; i < nr_matches; ++i) {
|
|
||||||
+ struct matching_key *key = keys + i;
|
|
||||||
+
|
|
||||||
+ assert (key->clevis == (key->passphrase == NULL));
|
|
||||||
+ if (!key->clevis)
|
|
||||||
+ free (key->passphrase);
|
|
||||||
+ }
|
|
||||||
+ free (keys);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
struct key_store *
|
|
||||||
key_store_add_from_selector (struct key_store *ks, const char *selector)
|
|
||||||
{
|
|
||||||
- CLEANUP_FREE_STRING_LIST char **fields =
|
|
||||||
- guestfs_int_split_string (':', selector);
|
|
||||||
+ CLEANUP_FREE_STRING_LIST char **fields = NULL;
|
|
||||||
+ size_t field_count;
|
|
||||||
struct key_store_key key;
|
|
||||||
|
|
||||||
+ fields = guestfs_int_split_string (':', selector);
|
|
||||||
if (!fields)
|
|
||||||
error (EXIT_FAILURE, errno, "guestfs_int_split_string");
|
|
||||||
+ field_count = guestfs_int_count_strings (fields);
|
|
||||||
|
|
||||||
- if (guestfs_int_count_strings (fields) != 3) {
|
|
||||||
- invalid_selector:
|
|
||||||
- error (EXIT_FAILURE, 0, "invalid selector for --key: %s", selector);
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
- /* 1: device */
|
|
||||||
+ /* field#0: ID */
|
|
||||||
+ if (field_count < 1)
|
|
||||||
+ error (EXIT_FAILURE, 0, _("selector '%s': missing ID"), selector);
|
|
||||||
key.id = strdup (fields[0]);
|
|
||||||
if (!key.id)
|
|
||||||
error (EXIT_FAILURE, errno, "strdup");
|
|
||||||
|
|
||||||
- /* 2: key type */
|
|
||||||
- if (STREQ (fields[1], "key"))
|
|
||||||
+ /* field#1...: TYPE, and TYPE-specific properties */
|
|
||||||
+ if (field_count < 2)
|
|
||||||
+ error (EXIT_FAILURE, 0, _("selector '%s': missing TYPE"), selector);
|
|
||||||
+
|
|
||||||
+ if (STREQ (fields[1], "key")) {
|
|
||||||
key.type = key_string;
|
|
||||||
- else if (STREQ (fields[1], "file"))
|
|
||||||
- key.type = key_file;
|
|
||||||
- else
|
|
||||||
- goto invalid_selector;
|
|
||||||
-
|
|
||||||
- /* 3: actual key */
|
|
||||||
- switch (key.type) {
|
|
||||||
- case key_string:
|
|
||||||
+ if (field_count != 3)
|
|
||||||
+ error (EXIT_FAILURE, 0,
|
|
||||||
+ _("selector '%s': missing KEY_STRING, or too many fields"),
|
|
||||||
+ selector);
|
|
||||||
key.string.s = strdup (fields[2]);
|
|
||||||
if (!key.string.s)
|
|
||||||
error (EXIT_FAILURE, errno, "strdup");
|
|
||||||
- break;
|
|
||||||
- case key_file:
|
|
||||||
+ } else if (STREQ (fields[1], "file")) {
|
|
||||||
+ key.type = key_file;
|
|
||||||
+ if (field_count != 3)
|
|
||||||
+ error (EXIT_FAILURE, 0,
|
|
||||||
+ _("selector '%s': missing FILENAME, or too many fields"),
|
|
||||||
+ selector);
|
|
||||||
key.file.name = strdup (fields[2]);
|
|
||||||
if (!key.file.name)
|
|
||||||
error (EXIT_FAILURE, errno, "strdup");
|
|
||||||
- break;
|
|
||||||
- }
|
|
||||||
+ } else if (STREQ (fields[1], "clevis")) {
|
|
||||||
+ key.type = key_clevis;
|
|
||||||
+ if (field_count != 2)
|
|
||||||
+ error (EXIT_FAILURE, 0, _("selector '%s': too many fields"), selector);
|
|
||||||
+ } else
|
|
||||||
+ error (EXIT_FAILURE, 0, _("selector '%s': invalid TYPE"), selector);
|
|
||||||
|
|
||||||
return key_store_import_key (ks, &key);
|
|
||||||
}
|
|
||||||
@@ -252,6 +284,21 @@ key_store_import_key (struct key_store *ks, const struct key_store_key *key)
|
|
||||||
return ks;
|
|
||||||
}
|
|
||||||
|
|
||||||
+bool
|
|
||||||
+key_store_requires_network (const struct key_store *ks)
|
|
||||||
+{
|
|
||||||
+ size_t i;
|
|
||||||
+
|
|
||||||
+ if (ks == NULL)
|
|
||||||
+ return false;
|
|
||||||
+
|
|
||||||
+ for (i = 0; i < ks->nr_keys; ++i)
|
|
||||||
+ if (ks->keys[i].type == key_clevis)
|
|
||||||
+ return true;
|
|
||||||
+
|
|
||||||
+ return false;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
void
|
|
||||||
free_key_store (struct key_store *ks)
|
|
||||||
{
|
|
||||||
@@ -270,6 +317,9 @@ free_key_store (struct key_store *ks)
|
|
||||||
case key_file:
|
|
||||||
free (key->file.name);
|
|
||||||
break;
|
|
||||||
+ case key_clevis:
|
|
||||||
+ /* nothing */
|
|
||||||
+ break;
|
|
||||||
}
|
|
||||||
free (key->id);
|
|
||||||
}
|
|
||||||
diff --git a/common/options/options.h b/common/options/options.h
|
|
||||||
index 80df91a8..60d5d806 100644
|
|
||||||
--- a/common/options/options.h
|
|
||||||
+++ b/common/options/options.h
|
|
||||||
@@ -115,6 +115,7 @@ struct key_store_key {
|
|
||||||
enum {
|
|
||||||
key_string, /* key specified as string */
|
|
||||||
key_file, /* key stored in a file */
|
|
||||||
+ key_clevis, /* key reconstructed with Clevis+Tang */
|
|
||||||
} type;
|
|
||||||
union {
|
|
||||||
struct {
|
|
||||||
@@ -134,6 +135,19 @@ struct key_store {
|
|
||||||
size_t nr_keys;
|
|
||||||
};
|
|
||||||
|
|
||||||
+/* A key matching a particular ID (pathname of the libguestfs device node that
|
|
||||||
+ * stands for the encrypted block device, or LUKS UUID).
|
|
||||||
+ */
|
|
||||||
+struct matching_key {
|
|
||||||
+ /* True iff the passphrase should be reconstructed using Clevis, talking to
|
|
||||||
+ * Tang servers over the network.
|
|
||||||
+ */
|
|
||||||
+ bool clevis;
|
|
||||||
+
|
|
||||||
+ /* Explicit passphrase, otherwise. */
|
|
||||||
+ char *passphrase;
|
|
||||||
+};
|
|
||||||
+
|
|
||||||
/* in config.c */
|
|
||||||
extern void parse_config (void);
|
|
||||||
|
|
||||||
@@ -151,9 +165,12 @@ extern void print_inspect_prompt (void);
|
|
||||||
|
|
||||||
/* in key.c */
|
|
||||||
extern char *read_key (const char *param);
|
|
||||||
-extern char **get_keys (struct key_store *ks, const char *device, const char *uuid);
|
|
||||||
+extern struct matching_key *get_keys (struct key_store *ks, const char *device,
|
|
||||||
+ const char *uuid, size_t *nr_matches);
|
|
||||||
+extern void free_keys (struct matching_key *keys, size_t nr_matches);
|
|
||||||
extern struct key_store *key_store_add_from_selector (struct key_store *ks, const char *selector);
|
|
||||||
extern struct key_store *key_store_import_key (struct key_store *ks, const struct key_store_key *key);
|
|
||||||
+extern bool key_store_requires_network (const struct key_store *ks);
|
|
||||||
extern void free_key_store (struct key_store *ks);
|
|
||||||
|
|
||||||
/* in options.c */
|
|
||||||
diff --git a/convert/convert.ml b/convert/convert.ml
|
|
||||||
index 5e0e6c2b..b678dc92 100644
|
|
||||||
--- a/convert/convert.ml
|
|
||||||
+++ b/convert/convert.ml
|
|
||||||
@@ -57,7 +57,8 @@ let rec convert dir options source =
|
|
||||||
* sure this is not too large because each vCPU consumes guest RAM.
|
|
||||||
*)
|
|
||||||
g#set_smp (min 8 (Sysconf.nr_processors_online ()));
|
|
||||||
- (* The network is only used by the unconfigure_vmware () function. *)
|
|
||||||
+ (* The network is used by the unconfigure_vmware () function, and the "--key
|
|
||||||
+ * ID:clevis" command line options (if any). *)
|
|
||||||
g#set_network true;
|
|
||||||
List.iter (
|
|
||||||
fun { s_disk_id = i } ->
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
4
sources
4
sources
@ -1,2 +1,2 @@
|
|||||||
SHA512 (virt-v2v-2.0.6.tar.gz) = 8be0b74344331ccb8f777ba0c13f19b5070ab8106e70dbe3c1963c880b5bfe980e5333b1a6369bc2f4d27a47d0a18b99d91845e8d8c68da775ac3d009c494fc0
|
SHA512 (virt-v2v-2.0.7.tar.gz) = 0e2a7b55fdea7fac854747317d613a5f3e9bea17102424a8682783374f1dd273146c88a9e214f968f67a687545145c4a44d7e1bae16735e454822e636aab008c
|
||||||
SHA512 (virt-v2v-2.0.6.tar.gz.sig) = 01e96bae7bc11763756b4ebfce2f1876593cdd6aa2e438ea73880b76f4ba1bf3c47482b45b44147bf180620bc1f288ca05cfaa7bf09165b3f766f06483dd658e
|
SHA512 (virt-v2v-2.0.7.tar.gz.sig) = 4af524ebc70ecc670ff9c63bf485b969ed13c63e34d25e8e002423a59e4d84cd4f51683ec32c674bcb97ad24e214483eb9e12aa295adaeec507ece671ad93539
|
||||||
|
@ -15,8 +15,8 @@
|
|||||||
|
|
||||||
Name: virt-v2v
|
Name: virt-v2v
|
||||||
Epoch: 1
|
Epoch: 1
|
||||||
Version: 2.0.6
|
Version: 2.0.7
|
||||||
Release: 3%{?dist}
|
Release: 1%{?dist}
|
||||||
Summary: Convert a virtual machine to run on KVM
|
Summary: Convert a virtual machine to run on KVM
|
||||||
|
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
@ -45,25 +45,16 @@ Patch0009: 0009-RHEL-Remove-the-in-place-option.patch
|
|||||||
Patch0010: 0010-output-Remove-o-json-mode.patch
|
Patch0010: 0010-output-Remove-o-json-mode.patch
|
||||||
Patch0011: 0011-output-Remove-unused-dummy.c.patch
|
Patch0011: 0011-output-Remove-unused-dummy.c.patch
|
||||||
Patch0012: 0012-adopt-inversion-of-SELinux-relabeling-in-virt-custom.patch
|
Patch0012: 0012-adopt-inversion-of-SELinux-relabeling-in-virt-custom.patch
|
||||||
Patch0013: 0013-test-data-phony-guests-Upgrade-Fedora-RPM-database-a.patch
|
Patch0013: 0013-output-create_libvirt_xml-wire-up-the-QEMU-guest-age.patch
|
||||||
Patch0014: 0014-test-data-phony-guests-Increase-size-of-root-filesys.patch
|
Patch0014: 0014-convert_linux-extract-qemu-guest-agent-package-name.patch
|
||||||
Patch0015: 0015-test-data-phony-guests-Allow-virt-v2v-to-work-agains.patch
|
Patch0015: 0015-convert_linux-install-the-QEMU-guest-agent-with-a-fi.patch
|
||||||
Patch0016: 0016-tests-Add-test-cases-for-converting-the-phony-Fedora.patch
|
Patch0016: 0016-RHV-outputs-limit-copied-disk-count-to-23.patch
|
||||||
Patch0017: 0017-output-create_libvirt_xml-wire-up-the-QEMU-guest-age.patch
|
Patch0017: 0017-convert-document-networking-dependency-of-key-ID-cle.patch
|
||||||
Patch0018: 0018-windows_virtio-remove-install_linux_tools.patch
|
Patch0018: 0018-qemu-nbd-Implement-output-compression-for-qcow2-file.patch
|
||||||
Patch0019: 0019-convert_linux-extract-qemu-guest-agent-package-name.patch
|
Patch0019: 0019-o-disk-o-libvirt-o-qemu-Implement-of-qcow2-oo-compre.patch
|
||||||
Patch0020: 0020-convert_linux-install-the-QEMU-guest-agent-with-a-fi.patch
|
Patch0020: 0020-tests-Add-a-simple-test-of-o-local-of-qcow2-oo-compr.patch
|
||||||
Patch0021: 0021-test-data-Replace-deprecated-luks_open-with-cryptset.patch
|
Patch0021: 0021-RHEL-9-oo-compressed-Remove-nbdcopy-version-check-an.patch
|
||||||
Patch0022: 0022-tests-rename-luks-to-lvm-on-luks.patch
|
Patch0022: 0022-RHEL-9-tests-Remove-btrfs-test.patch
|
||||||
Patch0023: 0023-tests-add-LUKS-on-LVM-test.patch
|
|
||||||
Patch0024: 0024-RHV-outputs-limit-copied-disk-count-to-23.patch
|
|
||||||
Patch0025: 0025-update-common-submodule-for-CVE-2022-2211-fix.patch
|
|
||||||
Patch0026: 0026-convert-document-networking-dependency-of-key-ID-cle.patch
|
|
||||||
Patch0027: 0027-qemu-nbd-Implement-output-compression-for-qcow2-file.patch
|
|
||||||
Patch0028: 0028-o-disk-o-libvirt-o-qemu-Implement-of-qcow2-oo-compre.patch
|
|
||||||
Patch0029: 0029-tests-Add-a-simple-test-of-o-local-of-qcow2-oo-compr.patch
|
|
||||||
Patch0030: 0030-RHEL-9-oo-compressed-Remove-nbdcopy-version-check-an.patch
|
|
||||||
Patch0031: 0031-RHEL-9-tests-Remove-btrfs-test.patch
|
|
||||||
|
|
||||||
%if !0%{?rhel}
|
%if !0%{?rhel}
|
||||||
# libguestfs hasn't been built on i686 for a while since there is no
|
# libguestfs hasn't been built on i686 for a while since there is no
|
||||||
@ -342,8 +333,8 @@ rm $RPM_BUILD_ROOT%{_mandir}/man1/virt-v2v-in-place.1*
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Tue Jul 05 2022 Richard W.M. Jones <rjones@redhat.com> - 1:2.0.6-3
|
* Wed Jul 06 2022 Richard W.M. Jones <rjones@redhat.com> - 1:2.0.7-1
|
||||||
- Rebase to stable branch version 2.0.6
|
- Rebase to stable branch version 2.0.7
|
||||||
resolves: rhbz#2059287, rhbz#1658126, rhbz#1788823, rhbz#1854275
|
resolves: rhbz#2059287, rhbz#1658126, rhbz#1788823, rhbz#1854275
|
||||||
- Fix openssh-clients dependency
|
- Fix openssh-clients dependency
|
||||||
resolves: rhbz#2064178
|
resolves: rhbz#2064178
|
||||||
|
Loading…
Reference in New Issue
Block a user