From ef07c9e8af53aad674dfabe6231ae761f554d753 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Tue, 17 May 2022 04:57:32 -0400 Subject: [PATCH] import virt-v2v-1.45.99-2.el9_0 --- .gitignore | 2 + .virt-v2v.metadata | 2 + ...correct-qemu-binary-for-o-qemu-mode-.patch | 33 ++ ...-the-qemu-boot-oo-qemu-boot-option-R.patch | 112 ++++ ...-supported-sound-cards-to-match-RHEL.patch | 34 ++ ...RHEL-Fixes-for-libguestfs-winsupport.patch | 104 ++++ ...sk-force-VNC-as-display-RHBZ-1372671.patch | 26 + ...-mention-SUSE-Xen-hosts-RHBZ-1430203.patch | 26 + ...-for-supported-v2v-hypervisors-guest.patch | 127 +++++ SOURCES/0008-RHEL-Disable-o-glance.patch | 219 ++++++++ ...0009-RHEL-Remove-the-in-place-option.patch | 143 +++++ .../0010-lib-Remove-Utils.metaversion.patch | 55 ++ ...mon-code-for-creating-v2v-directory-.patch | 169 ++++++ ...n-of-v2v-directory-until-after-optio.patch | 44 ++ ...-Correct-copy-paste-error-in-comment.patch | 26 + ...rity-of-in-out-sockets-when-running-.patch | 151 ++++++ ...un_unix-formally-require-externally-.patch | 343 ++++++++++++ SOURCES/copy-patches.sh | 60 +++ SOURCES/virt-v2v-1.45.99.tar.gz.sig | 17 + SPECS/virt-v2v.spec | 506 ++++++++++++++++++ 20 files changed, 2199 insertions(+) create mode 100644 .gitignore create mode 100644 .virt-v2v.metadata create mode 100644 SOURCES/0001-RHEL-v2v-Select-correct-qemu-binary-for-o-qemu-mode-.patch create mode 100644 SOURCES/0002-RHEL-v2v-Disable-the-qemu-boot-oo-qemu-boot-option-R.patch create mode 100644 SOURCES/0003-RHEL-Fix-list-of-supported-sound-cards-to-match-RHEL.patch create mode 100644 SOURCES/0004-RHEL-Fixes-for-libguestfs-winsupport.patch create mode 100644 SOURCES/0005-RHEL-v2v-i-disk-force-VNC-as-display-RHBZ-1372671.patch create mode 100644 SOURCES/0006-RHEL-v2v-do-not-mention-SUSE-Xen-hosts-RHBZ-1430203.patch create mode 100644 SOURCES/0007-RHEL-point-to-KB-for-supported-v2v-hypervisors-guest.patch create mode 100644 SOURCES/0008-RHEL-Disable-o-glance.patch create mode 100644 SOURCES/0009-RHEL-Remove-the-in-place-option.patch create mode 100644 SOURCES/0010-lib-Remove-Utils.metaversion.patch create mode 100644 SOURCES/0011-lib-v2v-Move-common-code-for-creating-v2v-directory-.patch create mode 100644 SOURCES/0012-v2v-Move-creation-of-v2v-directory-until-after-optio.patch create mode 100644 SOURCES/0013-lib-nbdkit.ml-Correct-copy-paste-error-in-comment.patch create mode 100644 SOURCES/0014-lib-Improve-security-of-in-out-sockets-when-running-.patch create mode 100644 SOURCES/0015-nbdkit-qemuNBD-run_unix-formally-require-externally-.patch create mode 100755 SOURCES/copy-patches.sh create mode 100644 SOURCES/virt-v2v-1.45.99.tar.gz.sig create mode 100644 SPECS/virt-v2v.spec diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..03f099e --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +SOURCES/libguestfs.keyring +SOURCES/virt-v2v-1.45.99.tar.gz diff --git a/.virt-v2v.metadata b/.virt-v2v.metadata new file mode 100644 index 0000000..b23fd2f --- /dev/null +++ b/.virt-v2v.metadata @@ -0,0 +1,2 @@ +1bbc40f501a7fef9eef2a39b701a71aee2fea7c4 SOURCES/libguestfs.keyring +23d3b578404a991563d2af88d3118cdbce27a110 SOURCES/virt-v2v-1.45.99.tar.gz diff --git a/SOURCES/0001-RHEL-v2v-Select-correct-qemu-binary-for-o-qemu-mode-.patch b/SOURCES/0001-RHEL-v2v-Select-correct-qemu-binary-for-o-qemu-mode-.patch new file mode 100644 index 0000000..6ebb95a --- /dev/null +++ b/SOURCES/0001-RHEL-v2v-Select-correct-qemu-binary-for-o-qemu-mode-.patch @@ -0,0 +1,33 @@ +From 5b3653332be7b739755f53cca19ce10768585a61 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Sun, 28 Sep 2014 19:14:43 +0100 +Subject: [PATCH] RHEL: v2v: Select correct qemu binary for -o qemu mode + (RHBZ#1147313). + +RHEL does not have qemu-system-x86_64 (etc), and in addition the +qemu binary is located in /usr/libexec. Encode the path to this +binary directly in the script. + +Note that we don't support people running qemu directly like this. +It's just for quick testing of converted VMs, and to help us with +support cases. +--- + output/output_qemu.ml | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/output/output_qemu.ml b/output/output_qemu.ml +index f8d2e171..700de058 100644 +--- a/output/output_qemu.ml ++++ b/output/output_qemu.ml +@@ -137,7 +137,7 @@ module QEMU = struct + * module deals with shell and qemu comma quoting. + *) + let cmd = Qemuopts.create () in +- Qemuopts.set_binary_by_arch cmd (Some guestcaps.gcaps_arch); ++ Qemuopts.set_binary cmd "/usr/libexec/qemu-kvm"; + + let flag = Qemuopts.flag cmd + and arg = Qemuopts.arg cmd +-- +2.31.1 + diff --git a/SOURCES/0002-RHEL-v2v-Disable-the-qemu-boot-oo-qemu-boot-option-R.patch b/SOURCES/0002-RHEL-v2v-Disable-the-qemu-boot-oo-qemu-boot-option-R.patch new file mode 100644 index 0000000..3e92059 --- /dev/null +++ b/SOURCES/0002-RHEL-v2v-Disable-the-qemu-boot-oo-qemu-boot-option-R.patch @@ -0,0 +1,112 @@ +From b896dab3d8d4226b246e2e90d07235a38b6c8a79 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 30 Sep 2014 10:50:27 +0100 +Subject: [PATCH] RHEL: v2v: Disable the --qemu-boot / -oo qemu-boot option + (RHBZ#1147313). + +This cannot work because there is no Gtk or SDL output mode +in RHEL's qemu-kvm. + +In addition you will have to edit the -display option in the +qemu script. +--- + docs/virt-v2v-output-local.pod | 6 ++---- + docs/virt-v2v.pod | 12 ------------ + output/output_qemu.ml | 3 +++ + v2v/v2v.ml | 2 -- + 4 files changed, 5 insertions(+), 18 deletions(-) + +diff --git a/docs/virt-v2v-output-local.pod b/docs/virt-v2v-output-local.pod +index a5f155cb..3a2e6238 100644 +--- a/docs/virt-v2v-output-local.pod ++++ b/docs/virt-v2v-output-local.pod +@@ -9,7 +9,7 @@ or libvirt + + virt-v2v [-i* options] -o local -os DIRECTORY + +- virt-v2v [-i* options] -o qemu -os DIRECTORY [--qemu-boot] ++ virt-v2v [-i* options] -o qemu -os DIRECTORY + + virt-v2v [-i* options] -o json -os DIRECTORY + [-oo json-disks-pattern=PATTERN] +@@ -50,12 +50,10 @@ where C is the guest name. + + =item B<-o qemu -os> C + +-=item B<-o qemu -os> C B<--qemu-boot> +- + This converts the guest to files in C. Unlike I<-o local> + above, a shell script is created which contains the raw qemu command + you would need to boot the guest. However the shell script is not +-run, I you also add the I<--qemu-boot> option. ++run. + + =item B<-o json -os> C + +diff --git a/docs/virt-v2v.pod b/docs/virt-v2v.pod +index f50d27a0..9b1e44a1 100644 +--- a/docs/virt-v2v.pod ++++ b/docs/virt-v2v.pod +@@ -140,11 +140,6 @@ Since F contains the path(s) to the guest disk + image(s) you do not need to specify the name of the disk image on the + command line. + +-To convert a local disk image and immediately boot it in local +-qemu, do: +- +- virt-v2v -i disk disk.img -o qemu -os /var/tmp -oo qemu-boot +- + =head1 OPTIONS + + =over 4 +@@ -509,9 +504,6 @@ This is similar to I<-o local>, except that a shell script is written + which you can use to boot the guest in qemu. The converted disks and + shell script are written to the directory specified by I<-os>. + +-When using this output mode, you can also specify the I<-oo qemu-boot> +-option which boots the guest under qemu immediately. +- + =item B<-o> B + + This is the same as I<-o rhv>. +@@ -765,10 +757,6 @@ Print information about the source guest and stop. This option is + useful when you are setting up network and bridge maps. + See L. + +-=item B<--qemu-boot> +- +-This is the same as I<-oo qemu-boot>. +- + =item B<-q> + + =item B<--quiet> +diff --git a/output/output_qemu.ml b/output/output_qemu.ml +index 700de058..3ad98a58 100644 +--- a/output/output_qemu.ml ++++ b/output/output_qemu.ml +@@ -63,6 +63,9 @@ module QEMU = struct + ) options.output_options; + let qemu_boot = !qemu_boot in + ++ if qemu_boot then ++ error (f_"-o qemu: the -oo qemu-boot option cannot be used in RHEL"); ++ + (* -os must be set to a directory. *) + let output_storage = + match options.output_storage with +diff --git a/v2v/v2v.ml b/v2v/v2v.ml +index 7bd47c1e..a66fa285 100644 +--- a/v2v/v2v.ml ++++ b/v2v/v2v.ml +@@ -277,8 +277,6 @@ let rec main () = + s_"Same as ‘-ip filename’"; + [ L"print-source" ], Getopt.Set print_source, + s_"Print source and stop"; +- [ L"qemu-boot" ], Getopt.Unit (fun () -> set_output_option_compat "qemu-boot" ""), +- s_"Boot in qemu (-o qemu only)"; + [ L"root" ], Getopt.String ("ask|... ", set_root_choice), + s_"How to choose root filesystem"; + [ L"vddk-config" ], Getopt.String ("filename", set_input_option_compat "vddk-config"), +-- +2.31.1 + diff --git a/SOURCES/0003-RHEL-Fix-list-of-supported-sound-cards-to-match-RHEL.patch b/SOURCES/0003-RHEL-Fix-list-of-supported-sound-cards-to-match-RHEL.patch new file mode 100644 index 0000000..03d0f3b --- /dev/null +++ b/SOURCES/0003-RHEL-Fix-list-of-supported-sound-cards-to-match-RHEL.patch @@ -0,0 +1,34 @@ +From 3745743d97bc432854750afd6d04d6391f19bf2f Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Fri, 24 Apr 2015 09:45:41 -0400 +Subject: [PATCH] RHEL: Fix list of supported sound cards to match RHEL qemu + (RHBZ#1176493). + +--- + lib/utils.ml | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/lib/utils.ml b/lib/utils.ml +index 4c8998c2..7b16dd8b 100644 +--- a/lib/utils.ml ++++ b/lib/utils.ml +@@ -59,13 +59,14 @@ let kvm_arch = function + (* Does qemu support the given sound card? *) + let qemu_supports_sound_card = function + | Types.AC97 +- | Types.ES1370 + | Types.ICH6 + | Types.ICH9 + | Types.PCSpeaker ++ -> true ++ | Types.ES1370 + | Types.SB16 + | Types.USBAudio +- -> true ++ -> false + + (* Find the UEFI firmware. *) + let find_uefi_firmware guest_arch = +-- +2.31.1 + diff --git a/SOURCES/0004-RHEL-Fixes-for-libguestfs-winsupport.patch b/SOURCES/0004-RHEL-Fixes-for-libguestfs-winsupport.patch new file mode 100644 index 0000000..0294186 --- /dev/null +++ b/SOURCES/0004-RHEL-Fixes-for-libguestfs-winsupport.patch @@ -0,0 +1,104 @@ +From f7ed42f475271291d126084cb92157974ea274c6 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Sun, 30 Aug 2015 03:21:57 -0400 +Subject: [PATCH] RHEL: Fixes for libguestfs-winsupport. + +In tests we cannot use guestfish for arbitrary Windows edits. +In virt-v2v helpers we must set the program name to virt-v2v. +--- + convert/convert.ml | 1 + + convert/windows_virtio.ml | 1 + + test-data/phony-guests/make-windows-img.sh | 1 + + tests/test-v2v-virtio-win-iso.sh | 8 +++++++- + tests/test-v2v-windows-conversion.sh | 8 +++++++- + 5 files changed, 17 insertions(+), 2 deletions(-) + +diff --git a/convert/convert.ml b/convert/convert.ml +index 87fca725..5e0e6c2b 100644 +--- a/convert/convert.ml ++++ b/convert/convert.ml +@@ -51,6 +51,7 @@ let rec convert dir options source = + + message (f_"Opening the source"); + let g = open_guestfs ~identifier:"v2v" () in ++ g#set_program "virt-v2v"; + g#set_memsize (g#get_memsize () * 2); + (* Setting the number of vCPUs allows parallel mkinitrd, but make + * sure this is not too large because each vCPU consumes guest RAM. +diff --git a/convert/windows_virtio.ml b/convert/windows_virtio.ml +index 5254322c..301f7544 100644 +--- a/convert/windows_virtio.ml ++++ b/convert/windows_virtio.ml +@@ -283,6 +283,7 @@ and copy_from_virtio_win g inspect srcdir destdir filter missing = + let g2 = + try + let g2 = open_guestfs ~identifier:"virtio_win" () in ++ g#set_program "virt-v2v"; + g2#add_drive_opts virtio_win ~readonly:true; + g2#launch (); + g2 +diff --git a/test-data/phony-guests/make-windows-img.sh b/test-data/phony-guests/make-windows-img.sh +index 30908a91..73cf5144 100755 +--- a/test-data/phony-guests/make-windows-img.sh ++++ b/test-data/phony-guests/make-windows-img.sh +@@ -37,6 +37,7 @@ fi + + # Create a disk image. + guestfish < "$script" + :> "$expected" + ++cat >> "$script" < "$response" ++guestfish --ro -a "$d/windows-sda" < "$script" > "$response" + diff -u "$expected" "$response" +diff --git a/tests/test-v2v-windows-conversion.sh b/tests/test-v2v-windows-conversion.sh +index a4cf191d..1ff41f6a 100755 +--- a/tests/test-v2v-windows-conversion.sh ++++ b/tests/test-v2v-windows-conversion.sh +@@ -76,6 +76,12 @@ mktest () + :> "$script" + :> "$expected" + ++cat >> "$script" < "$response" ++guestfish --ro -a "$d/windows-sda" < "$script" > "$response" + diff -u "$expected" "$response" + + # We also update the Registry several times, for firstboot, and (ONLY +-- +2.31.1 + diff --git a/SOURCES/0005-RHEL-v2v-i-disk-force-VNC-as-display-RHBZ-1372671.patch b/SOURCES/0005-RHEL-v2v-i-disk-force-VNC-as-display-RHBZ-1372671.patch new file mode 100644 index 0000000..1d6a671 --- /dev/null +++ b/SOURCES/0005-RHEL-v2v-i-disk-force-VNC-as-display-RHBZ-1372671.patch @@ -0,0 +1,26 @@ +From 46c843f5d5f19aad7bbfe155d20d5d9f26f8a030 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 2 Mar 2017 14:21:37 +0100 +Subject: [PATCH] RHEL: v2v: -i disk: force VNC as display (RHBZ#1372671) + +The SDL output mode is not supported in RHEL's qemu-kvm. +--- + input/input_disk.ml | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/input/input_disk.ml b/input/input_disk.ml +index 9fd08639..dc3bed6f 100644 +--- a/input/input_disk.ml ++++ b/input/input_disk.ml +@@ -76,7 +76,7 @@ module Disk = struct + s_features = [ "acpi"; "apic"; "pae" ]; + s_firmware = UnknownFirmware; (* causes virt-v2v to autodetect *) + s_display = +- Some { s_display_type = Window; s_keymap = None; s_password = None; ++ Some { s_display_type = VNC; s_keymap = None; s_password = None; + s_listen = LNoListen; s_port = None }; + s_sound = None; + s_disks = s_disks; +-- +2.31.1 + diff --git a/SOURCES/0006-RHEL-v2v-do-not-mention-SUSE-Xen-hosts-RHBZ-1430203.patch b/SOURCES/0006-RHEL-v2v-do-not-mention-SUSE-Xen-hosts-RHBZ-1430203.patch new file mode 100644 index 0000000..09ed254 --- /dev/null +++ b/SOURCES/0006-RHEL-v2v-do-not-mention-SUSE-Xen-hosts-RHBZ-1430203.patch @@ -0,0 +1,26 @@ +From 70b8b26867ca0c4a142f3fb436e4dbb66a01f187 Mon Sep 17 00:00:00 2001 +From: Pino Toscano +Date: Wed, 8 Mar 2017 11:03:40 +0100 +Subject: [PATCH] RHEL: v2v: do not mention SUSE Xen hosts (RHBZ#1430203) + +They are not supported in RHEL. +--- + docs/virt-v2v-input-xen.pod | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/docs/virt-v2v-input-xen.pod b/docs/virt-v2v-input-xen.pod +index c4948e5e..97727b8f 100644 +--- a/docs/virt-v2v-input-xen.pod ++++ b/docs/virt-v2v-input-xen.pod +@@ -11,7 +11,7 @@ virt-v2v-input-xen - Using virt-v2v to convert guests from Xen + =head1 DESCRIPTION + + This page documents how to use L to convert guests from +-RHEL 5 Xen, or SLES and OpenSUSE Xen hosts. ++RHEL 5 Xen hosts. + + =head1 INPUT FROM XEN + +-- +2.31.1 + diff --git a/SOURCES/0007-RHEL-point-to-KB-for-supported-v2v-hypervisors-guest.patch b/SOURCES/0007-RHEL-point-to-KB-for-supported-v2v-hypervisors-guest.patch new file mode 100644 index 0000000..c03b69d --- /dev/null +++ b/SOURCES/0007-RHEL-point-to-KB-for-supported-v2v-hypervisors-guest.patch @@ -0,0 +1,127 @@ +From fa8028afa670c3575f31b838f1d15ed7ee16f26a Mon Sep 17 00:00:00 2001 +From: Pino Toscano +Date: Tue, 26 Mar 2019 09:42:25 +0100 +Subject: [PATCH] RHEL: point to KB for supported v2v hypervisors/guests + +--- + docs/virt-v2v-support.pod | 104 ++------------------------------------ + 1 file changed, 4 insertions(+), 100 deletions(-) + +diff --git a/docs/virt-v2v-support.pod b/docs/virt-v2v-support.pod +index 9815f51f..1ffc0f9d 100644 +--- a/docs/virt-v2v-support.pod ++++ b/docs/virt-v2v-support.pod +@@ -8,106 +8,10 @@ systems and guests in virt-v2v + This page documents which foreign hypervisors, virtualization + management systems and guest types that L can support. + +-Note this page applies to upstream virt-v2v from +-L and in downstream distributions of virt-v2v +-sometimes features are intentionally removed, or are present but not +-supported. +- +-=head2 Hypervisors (Input) +- +-=over 4 +- +-=item VMware ESXi +- +-Must be managed by VMware vCenter E 5.0 unless VDDK is available. +- +-=item OVA exported from VMware +- +-OVAs from other hypervisors will not work. +- +-=item VMX from VMware +- +-VMX files generated by other hypervisors will not work. +- +-=item RHEL 5 Xen +- +-=item SUSE Xen +- +-=item Citrix Xen +- +-Citrix Xen has not been recently tested. +- +-=item Hyper-V +- +-Not recently tested. Requires that you export the disk or use +-L on Hyper-V. +- +-=item Direct from disk images +- +-Only disk images exported from supported hypervisors, and using +-container formats supported by qemu. +- +-=item Physical machines +- +-Using the L tool. +- +-=back +- +-=head2 Hypervisors (Output) +- +-QEMU and KVM only. +- +-=head2 Virtualization management systems (Output) +- +-=over 4 +- +-=item OpenStack +- +-=item Red Hat Virtualization (RHV) 4.1 and up +- +-=item Local libvirt +- +-And hence L, L, and similar tools. +- +-=item Local disk +- +-=back +- +-=head2 Guests +- +-=over 4 +- +-=item Red Hat Enterprise Linux 3, 4, 5, 6, 7 +- +-=item CentOS 3, 4, 5, 6, 7 +- +-=item Scientific Linux 3, 4, 5, 6, 7 +- +-=item Oracle Linux +- +-=item Fedora +- +-=item SLES 10 and up +- +-=item OpenSUSE 10 and up +- +-=item ALT Linux 9 and up +- +-=item Debian 6 and up +- +-=item Ubuntu 10.04, 12.04, 14.04, 16.04, and up +- +-=item Windows XP to Windows 10 / Windows Server 2016 +- +-We use Windows internal version numbers, see +-L +- +-Currently NT 5.2 to NT 6.3 are supported. +- +-See L below for additional notes on converting Windows +-guests. +- +-=back ++For more information on supported hypervisors, and guest types in ++RHEL, please consult the following Knowledgebase article on these ++Red Hat Customer Portal: ++L. + + =head2 Guest firmware + +-- +2.31.1 + diff --git a/SOURCES/0008-RHEL-Disable-o-glance.patch b/SOURCES/0008-RHEL-Disable-o-glance.patch new file mode 100644 index 0000000..bb4d515 --- /dev/null +++ b/SOURCES/0008-RHEL-Disable-o-glance.patch @@ -0,0 +1,219 @@ +From 95640bac1c00014f94bec5539907fd92d7379ad2 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Wed, 30 Jun 2021 11:15:52 +0100 +Subject: [PATCH] RHEL: Disable -o glance + +Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1977539 +--- + docs/virt-v2v-output-openstack.pod | 56 ++---------------------------- + docs/virt-v2v.pod | 20 ----------- + output/output_glance.mli | 2 +- + tests/test-v2v-o-glance.sh | 3 ++ + v2v/v2v.ml | 7 +--- + 5 files changed, 7 insertions(+), 81 deletions(-) + +diff --git a/docs/virt-v2v-output-openstack.pod b/docs/virt-v2v-output-openstack.pod +index f5a3abad..1ab356e8 100644 +--- a/docs/virt-v2v-output-openstack.pod ++++ b/docs/virt-v2v-output-openstack.pod +@@ -10,13 +10,10 @@ virt-v2v-output-openstack - Using virt-v2v to convert guests to OpenStack + [-oo verify-server-certificate=false] + [-oo os-username=admin] [-oo os-*=*] + +- virt-v2v [-i* options] -o glance +- + =head1 DESCRIPTION + + This page documents how to use L to convert guests to run +-on OpenStack. There are two output modes you can select, but only +-I<-o openstack> should be used normally. ++on OpenStack. + + =over 4 + +@@ -27,15 +24,6 @@ Full description: L + This is the modern method for uploading to OpenStack via the REST API. + Guests can be directly converted into Cinder volumes. + +-=item B<-o glance> +- +-Full description: L +- +-This is the old method for uploading to Glance. Unfortunately Glance +-is not well suited to storing converted guests (since virt-v2v deals +-with "pets" not templated "cattle"), so this method is not recommended +-unless you really know what you are doing. +- + =back + + =head1 OUTPUT TO OPENSTACK +@@ -170,50 +158,10 @@ no Cinder volume type is used. + The following options are B supported with OpenStack: I<-oa>, + I<-of>. + +-=head1 OUTPUT TO GLANCE +- +-Note this is a legacy option. In most cases you should use +-L instead. +- +-To output to OpenStack Glance, use the I<-o glance> option. +- +-This runs the L CLI program which must be installed on the +-virt-v2v conversion host. For authentication to work, you will need +-to set C environment variables. +- +-Normally there is a file called C or C +-which you can simply C to set everything up. +- +-Virt-v2v adds metadata for the guest to Glance, describing such things +-as the guest operating system and what drivers it requires. The +-command C will display the metadata as "Property" +-fields such as C and C. +- +-=head2 Glance and sparseness +- +-Glance image upload doesn't appear to correctly handle sparseness. +-For this reason, using qcow2 will be faster and use less space on the +-Glance server. Use the virt-v2v S> option. +- +-=head2 Glance and multiple disks +- +-If the guest has a single disk, then the name of the disk in Glance +-will be the name of the guest. You can control this using the I<-on> +-option. +- +-Glance doesn't have a concept of associating multiple disks with a +-single guest, and Nova doesn't allow you to boot a guest from multiple +-Glance disks either. If the guest has multiple disks, then the first +-(assumed to be the system disk) will have the name of the guest, and +-the second and subsequent data disks will be called +-C-disk2>, C-disk3> etc. It may be best to +-leave the system disk in Glance, and import the data disks to Cinder. +- + =head1 SEE ALSO + + L, +-L, +-L. ++L. + + =head1 AUTHOR + +diff --git a/docs/virt-v2v.pod b/docs/virt-v2v.pod +index 9b1e44a1..a1e00db8 100644 +--- a/docs/virt-v2v.pod ++++ b/docs/virt-v2v.pod +@@ -431,14 +431,6 @@ See L below. + + This is the same as I<-o local>. + +-=item B<-o> B +- +-This is a legacy option. You should probably use I<-o openstack> +-instead. +- +-Set the output method to OpenStack Glance. In this mode the converted +-guest is uploaded to Glance. See L. +- + =item B<-o> B + + Set the output method to I. +@@ -1170,11 +1162,6 @@ and output methods may use disk space, as outlined in the table below. + This temporarily places a full copy of the uncompressed source disks + in C<$VIRT_V2V_TMPDIR> (or F). + +-=item I<-o glance> +- +-This temporarily places a full copy of the output disks in +-C<$VIRT_V2V_TMPDIR> (or F). +- + =item I<-o local> + + =item I<-o qemu> +@@ -1358,13 +1345,6 @@ instance. + Because of how Cinder volumes are presented as F block devices, + using I<-o openstack> normally requires that virt-v2v is run as root. + +-=item Writing to Glance +- +-This does I need root (in fact it probably won’t work), but may +-require either a special user and/or for you to source a script that +-sets authentication environment variables. Consult the Glance +-documentation. +- + =item Writing to block devices + + This normally requires root. See the next section. +diff --git a/output/output_glance.mli b/output/output_glance.mli +index 972320a2..9befc461 100644 +--- a/output/output_glance.mli ++++ b/output/output_glance.mli +@@ -18,4 +18,4 @@ + + (** [-o glance] output mode. *) + +-module Glance : Output.OUTPUT ++(*module Glance : Output.OUTPUT*) +diff --git a/tests/test-v2v-o-glance.sh b/tests/test-v2v-o-glance.sh +index c0db9115..074b5e16 100755 +--- a/tests/test-v2v-o-glance.sh ++++ b/tests/test-v2v-o-glance.sh +@@ -20,6 +20,9 @@ + + set -e + ++# Feature is disabled in RHEL 9. ++exit 77 ++ + source ./functions.sh + set -e + set -x +diff --git a/v2v/v2v.ml b/v2v/v2v.ml +index a66fa285..c9ddce36 100644 +--- a/v2v/v2v.ml ++++ b/v2v/v2v.ml +@@ -205,7 +205,6 @@ let rec main () = + if !output_mode <> `Not_set then + error (f_"%s option used more than once on the command line") "-o"; + match mode with +- | "glance" -> output_mode := `Glance + | "libvirt" -> output_mode := `Libvirt + | "disk" | "local" -> output_mode := `Disk + | "json" -> output_mode := `JSON +@@ -257,7 +256,7 @@ let rec main () = + s_"Map network ‘in’ to ‘out’"; + [ L"no-trim" ], Getopt.String ("-", no_trim_warning), + s_"Ignored for backwards compatibility"; +- [ S 'o' ], Getopt.String ("glance|json|libvirt|local|null|openstack|qemu|rhv|rhv-upload|vdsm", set_output_mode), ++ [ S 'o' ], Getopt.String ("json|libvirt|local|null|openstack|qemu|rhv|rhv-upload|vdsm", set_output_mode), + s_"Set output mode (default: libvirt)"; + [ M"oa" ], Getopt.String ("sparse|preallocated", set_output_alloc), + s_"Set output allocation mode"; +@@ -325,8 +324,6 @@ virt-v2v -i libvirtxml guest-domain.xml -o local -os /var/tmp + + virt-v2v -i disk disk.img -o local -os /var/tmp + +-virt-v2v -i disk disk.img -o glance +- + There is a companion front-end called \"virt-p2v\" which comes as an + ISO or CD image that can be booted on physical machines. + +@@ -396,7 +393,6 @@ read the man page virt-v2v(1). + pr "input:libvirtxml\n"; + pr "input:ova\n"; + pr "input:vmx\n"; +- pr "output:glance\n"; + pr "output:json\n"; + pr "output:libvirt\n"; + pr "output:local\n"; +@@ -486,7 +482,6 @@ read the man page virt-v2v(1). + | `Disk -> (module Output_disk.Disk) + | `Null -> (module Output_null.Null) + | `QEmu -> (module Output_qemu.QEMU) +- | `Glance -> (module Output_glance.Glance) + | `Openstack -> (module Output_openstack.Openstack) + | `RHV_Upload -> (module Output_rhv_upload.RHVUpload) + | `RHV -> (module Output_rhv.RHV) +-- +2.31.1 + diff --git a/SOURCES/0009-RHEL-Remove-the-in-place-option.patch b/SOURCES/0009-RHEL-Remove-the-in-place-option.patch new file mode 100644 index 0000000..9ac39b7 --- /dev/null +++ b/SOURCES/0009-RHEL-Remove-the-in-place-option.patch @@ -0,0 +1,143 @@ +From c7c14141d1c985dbba8749f9209b78d96200c2b3 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 2 Dec 2021 11:56:05 +0000 +Subject: [PATCH] RHEL: Remove the --in-place option + +This disables the virt-v2v --in-place option which we do not +wish to support in RHEL. +--- + docs/virt-v2v.pod | 49 ----------------------------------------------- + v2v/v2v.ml | 8 -------- + 2 files changed, 57 deletions(-) + +diff --git a/docs/virt-v2v.pod b/docs/virt-v2v.pod +index a1e00db8..a3fc3dc8 100644 +--- a/docs/virt-v2v.pod ++++ b/docs/virt-v2v.pod +@@ -8,10 +8,6 @@ virt-v2v - Convert a guest to use KVM + [-o mode] [other -o* options] + [guest|filename] + +- virt-v2v --in-place +- [-i mode] [other -i* options] +- [guest|filename] +- + =head1 DESCRIPTION + + Virt-v2v converts a single guest from a foreign hypervisor to run on +@@ -37,12 +33,6 @@ The input and output sides of virt-v2v are separate and unrelated. + Virt-v2v can read from any input and write to any output. Therefore + these sides of virt-v2v are documented separately in this manual. + +-Virt-v2v normally copies from the input to the output, called "copying +-mode". In this case the source guest is always left unchanged. +-In-place conversion (I<--in-place>) only uses the I<-i*> options and +-modifies the source guest in-place. (See L +-below.) +- + =head2 Other virt-v2v topics + + L — Supported hypervisors, virtualization +@@ -289,20 +279,6 @@ For I<-i disk> only, this specifies the format of the input disk + image. For other input methods you should specify the input + format in the metadata. + +-=item B<--in-place> +- +-Do not create an output virtual machine in the target hypervisor. +-Instead, adjust the guest OS in the source VM to run in the input +-hypervisor. +- +-This mode is meant for integration with other toolsets, which take the +-responsibility of converting the VM configuration, providing for +-rollback in case of errors, transforming the storage, etc. +- +-See L below. +- +-Conflicts with all I<-o *> options. +- + =item B<-io> OPTION=VALUE + + Set input option(s) related to the current input mode or transport. +@@ -1417,31 +1393,6 @@ that instead. + + + +-=head2 In-place conversion +- +-It is also possible to use virt-v2v in scenarios where a foreign VM +-has already been imported into a KVM-based hypervisor, but still needs +-adjustments in the guest to make it run in the new virtual hardware. +- +-In that case it is assumed that a third-party tool has created the +-target VM in the supported KVM-based hypervisor based on the source VM +-configuration and contents, but using virtual devices more appropriate +-for KVM (e.g. virtio storage and network, etc.). +- +-Then, to make the guest OS boot and run in the changed environment, +-one can use: +- +- virt-v2v -ic qemu:///system converted_vm --in-place +- +-Virt-v2v will analyze the configuration of C in the +-C libvirt instance, and apply various fixups to the +-guest OS configuration to make it match the VM configuration. This +-may include installing virtio drivers, configuring the bootloader, the +-mountpoints, the network interfaces, and so on. +- +-Should an error occur during the operation, virt-v2v exits with an +-error code leaving the VM in an undefined state. +- + =head2 Machine readable output + + The I<--machine-readable> option can be used to make the output more +diff --git a/v2v/v2v.ml b/v2v/v2v.ml +index c9ddce36..6859a02c 100644 +--- a/v2v/v2v.ml ++++ b/v2v/v2v.ml +@@ -183,7 +183,6 @@ let rec main () = + let output_storage = ref None in + + (* Other options that we handle here. *) +- let in_place = ref false in + let print_source = ref false in + + let input_mode = ref `Not_set in +@@ -248,8 +247,6 @@ let rec main () = + s_"Use password from file to connect to input hypervisor"; + [ M"it" ], Getopt.String ("transport", set_string_option_once "-it" input_transport), + s_"Input transport"; +- [ L"in-place" ], Getopt.Set in_place, +- s_"Only tune the guest in the input VM"; + [ L"mac" ], Getopt.String ("mac:network|bridge|ip:out", add_mac), + s_"Map NIC to network or bridge or assign static IP"; + [ S 'n'; L"network" ], Getopt.String ("in:out", add_network), +@@ -347,7 +344,6 @@ read the man page virt-v2v(1). + + (* Dereference the arguments. *) + let args = List.rev !args in +- let in_place = !in_place in + let input_conn = !input_conn in + let input_mode = !input_mode in + let input_transport = +@@ -367,9 +363,6 @@ read the man page virt-v2v(1). + let root_choice = !root_choice in + let static_ips = !static_ips in + +- (* --in-place isn't implemented yet - TODO *) +- if in_place then error "XXX --in-place option is not implemented yet"; +- + (* No arguments and machine-readable mode? Print out some facts + * about what this binary supports. + *) +@@ -383,7 +376,6 @@ read the man page virt-v2v(1). + pr "vddk\n"; + pr "colours-option\n"; + pr "vdsm-compat-option\n"; +- pr "in-place\n"; + pr "io/oo\n"; + pr "mac-option\n"; + pr "bandwidth-option\n"; +-- +2.31.1 + diff --git a/SOURCES/0010-lib-Remove-Utils.metaversion.patch b/SOURCES/0010-lib-Remove-Utils.metaversion.patch new file mode 100644 index 0000000..da97e31 --- /dev/null +++ b/SOURCES/0010-lib-Remove-Utils.metaversion.patch @@ -0,0 +1,55 @@ +From 67ebe6585e7db9cfc1f01de9777f780db42868f2 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 22 Mar 2022 13:39:57 +0000 +Subject: [PATCH] lib: Remove Utils.metaversion + +This was used before we turned the helpers into OCaml modules but is +now dead code, remove it. + +Fixes: commit 4de22686fe74e1711efd9bfed3f663b67e7ad69e +Fixes: commit 724ecb5e887e5b71db836143ec0c0d8a20b05903 +Fixes: commit 5609c73c615a8f12c5c6d50908bb4761bdc16173 +(cherry picked from commit c208bc97d863aa43857c72608a1fc57ab50047ed) +--- + lib/utils.ml | 2 -- + lib/utils.mli | 11 ----------- + 2 files changed, 13 deletions(-) + +diff --git a/lib/utils.ml b/lib/utils.ml +index 7b16dd8b..4f0ff67a 100644 +--- a/lib/utils.ml ++++ b/lib/utils.ml +@@ -164,8 +164,6 @@ let rec wait_for_file filename timeout = + wait_for_file filename (timeout-1) + ) + +-let metaversion = Digest.to_hex (Digest.string Config.package_version_full) +- + let with_nbd_connect_unix ?(meta_contexts = []) ~socket f = + let nbd = NBD.create () in + protect +diff --git a/lib/utils.mli b/lib/utils.mli +index 76a2ec8c..3f8e4b3c 100644 +--- a/lib/utils.mli ++++ b/lib/utils.mli +@@ -67,17 +67,6 @@ val wait_for_file : string -> int -> bool + (** [wait_for_file filename timeout] waits up to [timeout] seconds for + [filename] to appear. It returns [true] if the file appeared. *) + +-val metaversion : string +-(** When writing the metadata files between versions we serialize this +- string first to ensure the binary metadata blob is compatible. +- +- This prevents mixing and matching helpers between incompatible +- versions of virt-v2v (which could cause a crash) and discourages +- people from trying to write their own metadata. +- +- Eventually we may switch to using an "open metadata" format instead +- (eg. XML). *) +- + val with_nbd_connect_unix : ?meta_contexts:string list -> + socket:string -> + (NBD.t -> 'a) -> +-- +2.31.1 + diff --git a/SOURCES/0011-lib-v2v-Move-common-code-for-creating-v2v-directory-.patch b/SOURCES/0011-lib-v2v-Move-common-code-for-creating-v2v-directory-.patch new file mode 100644 index 0000000..e1776e1 --- /dev/null +++ b/SOURCES/0011-lib-v2v-Move-common-code-for-creating-v2v-directory-.patch @@ -0,0 +1,169 @@ +From d604830d0da31280c347346343dc880e14965cf8 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 22 Mar 2022 13:49:20 +0000 +Subject: [PATCH] lib, v2v: Move common code for creating v2v directory to + Utils + +I have also renamed the directory in the code from "tmpdir" to +"v2vdir" since tmpdir was a bit generic and didn't accurately describe +what this directory is for. + +This is simple refactoring. + +(cherry picked from commit 5a60e9a4f6e68d50c6b22eb0c8608aef563bf516) +--- + lib/utils.ml | 9 +++++++++ + lib/utils.mli | 3 +++ + v2v/v2v.ml | 37 ++++++++++++++----------------------- + v2v/v2v_unit_tests.ml | 1 + + 4 files changed, 27 insertions(+), 23 deletions(-) + +diff --git a/lib/utils.ml b/lib/utils.ml +index 4f0ff67a..876a44c6 100644 +--- a/lib/utils.ml ++++ b/lib/utils.ml +@@ -22,6 +22,7 @@ open Printf + + open Std_utils + open Tools_utils ++open Unix_utils + open Common_gettext.Gettext + + let large_tmpdir = +@@ -155,6 +156,14 @@ let error_if_no_ssh_agent () = + with Not_found -> + error (f_"ssh-agent authentication has not been set up ($SSH_AUTH_SOCK is not set). This is required by qemu to do passwordless ssh access. See the virt-v2v(1) man page for more information.") + ++(* Create the directory containing inX and outX sockets. *) ++let create_v2v_directory () = ++ let d = Mkdtemp.temp_dir "v2v." in ++ let running_as_root = Unix.geteuid () = 0 in ++ if running_as_root then Unix.chmod d 0o711; ++ On_exit.rmdir d; ++ d ++ + (* Wait for a file to appear until a timeout. *) + let rec wait_for_file filename timeout = + if Sys.file_exists filename then true +diff --git a/lib/utils.mli b/lib/utils.mli +index 3f8e4b3c..c571cca5 100644 +--- a/lib/utils.mli ++++ b/lib/utils.mli +@@ -63,6 +63,9 @@ val backend_is_libvirt : unit -> bool + + val error_if_no_ssh_agent : unit -> unit + ++val create_v2v_directory : unit -> string ++(** Create the directory containing inX and outX sockets. *) ++ + val wait_for_file : string -> int -> bool + (** [wait_for_file filename timeout] waits up to [timeout] seconds for + [filename] to appear. It returns [true] if the file appeared. *) +diff --git a/v2v/v2v.ml b/v2v/v2v.ml +index 6859a02c..71dd1c4d 100644 +--- a/v2v/v2v.ml ++++ b/v2v/v2v.ml +@@ -37,17 +37,8 @@ open Utils + let mac_re = PCRE.compile ~anchored:true "([[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}):(network|bridge|ip):(.*)" + let mac_ip_re = PCRE.compile ~anchored:true "([[:xdigit:]]|:|\\.)+" + +-(* Create the temporary directory to control conversion. +- * +- * Because it contains sockets, if we're running as root then +- * we must make it executable by world. +- *) +-let tmpdir = +- let tmpdir = Mkdtemp.temp_dir "v2v." in +- let running_as_root = geteuid () = 0 in +- if running_as_root then chmod tmpdir 0o711; +- On_exit.rmdir tmpdir; +- tmpdir ++(* Create the temporary directory to control conversion. *) ++let v2vdir = create_v2v_directory () + + let rec main () = + let set_string_option_once optname optref arg = +@@ -523,7 +514,7 @@ read the man page virt-v2v(1). + (* Start the input module (runs an NBD server in the background). *) + message (f_"Setting up the source: %s") + (Input_module.to_string input_options args); +- let source = Input_module.setup tmpdir input_options args in ++ let source = Input_module.setup v2vdir input_options args in + + (* If --print-source then print the source metadata and exit. *) + if print_source then ( +@@ -540,28 +531,28 @@ read the man page virt-v2v(1). + let output_poptions = Output_module.parse_options output_options source in + + (* Do the conversion. *) +- with_open_out (tmpdir // "convert") (fun _ -> ()); +- let inspect, target_meta = Convert.convert tmpdir conv_options source in +- unlink (tmpdir // "convert"); ++ with_open_out (v2vdir // "convert") (fun _ -> ()); ++ let inspect, target_meta = Convert.convert v2vdir conv_options source in ++ unlink (v2vdir // "convert"); + + (* Start the output module (runs an NBD server in the background). *) + message (f_"Setting up the destination: %s") + (Output_module.to_string output_options); +- let output_t = Output_module.setup tmpdir output_poptions source in ++ let output_t = Output_module.setup v2vdir output_poptions source in + + (* Debug the v2vdir. *) + if verbose () then ( +- let cmd = sprintf "ls -alZ %s 1>&2" (quote tmpdir) in ++ let cmd = sprintf "ls -alZ %s 1>&2" (quote v2vdir) in + ignore (Sys.command cmd) + ); + + (* Do the copy. *) +- with_open_out (tmpdir // "copy") (fun _ -> ()); ++ with_open_out (v2vdir // "copy") (fun _ -> ()); + + (* Get the list of disks and corresponding sockets. *) + let rec loop acc i = +- let input_socket = sprintf "%s/in%d" tmpdir i +- and output_socket = sprintf "%s/out%d" tmpdir i in ++ let input_socket = sprintf "%s/in%d" v2vdir i ++ and output_socket = sprintf "%s/out%d" v2vdir i in + if Sys.file_exists input_socket && Sys.file_exists output_socket then + loop ((i, input_socket, output_socket) :: acc) (i+1) + else +@@ -591,11 +582,11 @@ read the man page virt-v2v(1). + ) disks; + + (* End of copying phase. *) +- unlink (tmpdir // "copy"); ++ unlink (v2vdir // "copy"); + + (* Do the finalization step. *) + message (f_"Creating output metadata"); +- Output_module.finalize tmpdir output_poptions output_t ++ Output_module.finalize v2vdir output_poptions output_t + source inspect target_meta; + + message (f_"Finishing off"); +@@ -604,7 +595,7 @@ read the man page virt-v2v(1). + * use the presence or absence of the file to determine if + * on-success or on-fail cleanup is required. + *) +- with_open_out (tmpdir // "done") (fun _ -> ()) ++ with_open_out (v2vdir // "done") (fun _ -> ()) + + (* Conversion can fail or hang if there is insufficient free space in + * the large temporary directory. Some input modules use large_tmpdir +diff --git a/v2v/v2v_unit_tests.ml b/v2v/v2v_unit_tests.ml +index 889f7998..bf5306c4 100644 +--- a/v2v/v2v_unit_tests.ml ++++ b/v2v/v2v_unit_tests.ml +@@ -26,6 +26,7 @@ open Std_utils + open Tools_utils + + open Types ++open Utils + + let inspect_defaults = { + i_type = ""; i_distro = ""; i_osinfo = ""; i_arch = ""; +-- +2.31.1 + diff --git a/SOURCES/0012-v2v-Move-creation-of-v2v-directory-until-after-optio.patch b/SOURCES/0012-v2v-Move-creation-of-v2v-directory-until-after-optio.patch new file mode 100644 index 0000000..602b56c --- /dev/null +++ b/SOURCES/0012-v2v-Move-creation-of-v2v-directory-until-after-optio.patch @@ -0,0 +1,44 @@ +From e001191c79e3e890d433fa237deda2332773ab97 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 22 Mar 2022 15:36:00 +0000 +Subject: [PATCH] v2v: Move creation of v2v directory until after option + parsing + +Only after option parsing does the -v (verbose) option take effect, +and so any debug messages emitted before this point are not seen. In +particular, debug messages emitted when creating the v2v directory +were lost. In any case there's no point creating this directory until +nearer the point when we might actually need it. + +(cherry picked from commit 88aaf8263ae89a40e72197ba58f08bc777dc59c3) +--- + v2v/v2v.ml | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/v2v/v2v.ml b/v2v/v2v.ml +index 71dd1c4d..661f2dec 100644 +--- a/v2v/v2v.ml ++++ b/v2v/v2v.ml +@@ -37,9 +37,6 @@ open Utils + let mac_re = PCRE.compile ~anchored:true "([[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}):(network|bridge|ip):(.*)" + let mac_ip_re = PCRE.compile ~anchored:true "([[:xdigit:]]|:|\\.)+" + +-(* Create the temporary directory to control conversion. *) +-let v2vdir = create_v2v_directory () +- + let rec main () = + let set_string_option_once optname optref arg = + match !optref with +@@ -333,6 +330,9 @@ read the man page virt-v2v(1). + debug "libvirt version: %d.%d.%d" major minor release + ); + ++ (* Create the temporary directory to control conversion. *) ++ let v2vdir = create_v2v_directory () in ++ + (* Dereference the arguments. *) + let args = List.rev !args in + let input_conn = !input_conn in +-- +2.31.1 + diff --git a/SOURCES/0013-lib-nbdkit.ml-Correct-copy-paste-error-in-comment.patch b/SOURCES/0013-lib-nbdkit.ml-Correct-copy-paste-error-in-comment.patch new file mode 100644 index 0000000..38684fe --- /dev/null +++ b/SOURCES/0013-lib-nbdkit.ml-Correct-copy-paste-error-in-comment.patch @@ -0,0 +1,26 @@ +From 3d20ba06ab98388c3f08e2430eef53e1e912ef62 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Wed, 23 Mar 2022 10:37:24 +0000 +Subject: [PATCH] lib/nbdkit.ml: Correct copy/paste error in comment + +(cherry picked from commit f44c8d2e819a38ea670b0577fafc8f88265ceacf) +--- + lib/nbdkit.ml | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/nbdkit.ml b/lib/nbdkit.ml +index 6787fbb0..85621775 100644 +--- a/lib/nbdkit.ml ++++ b/lib/nbdkit.ml +@@ -202,7 +202,7 @@ If the messages above are not sufficient to diagnose the problem then add the + socket]); + ); + +- (* Set the regular Unix permissions, in case qemu is ++ (* Set the regular Unix permissions, in case nbdkit is + * running as another user. + *) + chmod socket 0o777; +-- +2.31.1 + diff --git a/SOURCES/0014-lib-Improve-security-of-in-out-sockets-when-running-.patch b/SOURCES/0014-lib-Improve-security-of-in-out-sockets-when-running-.patch new file mode 100644 index 0000000..0855b9b --- /dev/null +++ b/SOURCES/0014-lib-Improve-security-of-in-out-sockets-when-running-.patch @@ -0,0 +1,151 @@ +From 6ca02e37d72a81e7e32d4d3eef24d8a0abe3deb2 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 22 Mar 2022 13:53:41 +0000 +Subject: [PATCH] lib: Improve security of in/out sockets when running virt-v2v + as root +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +When using the libvirt backend and running as root, libvirt will run +qemu as a non-root user (eg. qemu:qemu). The v2v directory stores NBD +endpoints that qemu must be able to open and so we set the directory +to mode 0711. Unfortunately this permits any non-root user to open +the sockets (since, by design, they have predictable names within the +directory). + +Additionally we were setting the sockets themselves to 0777 mode. + +Instead of using directory permissions, change the owner of the +directory and sockets to precisely give access to the qemu user and no +one else. + +Reported-by: Xiaodai Wang +Thanks: Dr David Gilbert, Daniel Berrangé, Laszlo Ersek +Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2066773 +Reviewed-by: Laszlo Ersek +(cherry picked from commit 4e7f206843735ba24e2034f694a214ef057ee139) +--- + lib/nbdkit.ml | 3 ++- + lib/qemuNBD.ml | 3 ++- + lib/utils.ml | 47 +++++++++++++++++++++++++++++++++++++++++++++-- + lib/utils.mli | 11 +++++++++++ + 4 files changed, 60 insertions(+), 4 deletions(-) + +diff --git a/lib/nbdkit.ml b/lib/nbdkit.ml +index 85621775..9ee6f39c 100644 +--- a/lib/nbdkit.ml ++++ b/lib/nbdkit.ml +@@ -205,6 +205,7 @@ If the messages above are not sufficient to diagnose the problem then add the + (* Set the regular Unix permissions, in case nbdkit is + * running as another user. + *) +- chmod socket 0o777; ++ chown_for_libvirt_rhbz_1045069 socket; ++ chmod socket 0o700; + + socket, pid +diff --git a/lib/qemuNBD.ml b/lib/qemuNBD.ml +index 54139ce0..2c999b9f 100644 +--- a/lib/qemuNBD.ml ++++ b/lib/qemuNBD.ml +@@ -150,7 +150,8 @@ If the messages above are not sufficient to diagnose the problem then add the + (* Set the regular Unix permissions, in case qemu is + * running as another user. + *) +- chmod socket 0o777; ++ chown_for_libvirt_rhbz_1045069 socket; ++ chmod socket 0o700; + + (* We don't need the PID file any longer. *) + unlink pidfile; +diff --git a/lib/utils.ml b/lib/utils.ml +index 876a44c6..7116a4f9 100644 +--- a/lib/utils.ml ++++ b/lib/utils.ml +@@ -147,6 +147,50 @@ let backend_is_libvirt () = + let backend = fst (String.split ":" backend) in + backend = "libvirt" + ++let rec chown_for_libvirt_rhbz_1045069 file = ++ let running_as_root = Unix.geteuid () = 0 in ++ if running_as_root && backend_is_libvirt () then ( ++ try ++ let user = Option.default "qemu" (libvirt_qemu_user ()) in ++ let uid = ++ if String.is_prefix user "+" then ++ int_of_string (String.sub user 1 (String.length user - 1)) ++ else ++ (Unix.getpwnam user).pw_uid in ++ debug "setting owner of %s to %d:root" file uid; ++ Unix.chown file uid 0 ++ with ++ | exn -> (* Print exception, but continue. *) ++ debug "could not set owner of %s: %s" ++ file (Printexc.to_string exn) ++ ) ++ ++(* Get the local user that libvirt uses to run qemu when we are ++ * running as root. This is returned as an optional string ++ * containing the username. The username might be "+NNN" ++ * meaning a numeric UID. ++ * https://listman.redhat.com/archives/libguestfs/2022-March/028450.html ++ *) ++and libvirt_qemu_user = ++ let user = ++ lazy ( ++ let conn = Libvirt.Connect.connect_readonly () in ++ let xml = Libvirt.Connect.get_capabilities conn in ++ let doc = Xml.parse_memory xml in ++ let xpathctx = Xml.xpath_new_context doc in ++ let expr = ++ "//secmodel[./model=\"dac\"]/baselabel[@type=\"kvm\"]/text()" in ++ let uid_gid = Xpath_helpers.xpath_string xpathctx expr in ++ match uid_gid with ++ | None -> None ++ | Some uid_gid -> ++ (* The string will be something like "+107:+107", return the ++ * UID part. ++ *) ++ Some (fst (String.split ":" uid_gid)) ++ ) in ++ fun () -> Lazy.force user ++ + (* When using the SSH driver in qemu (currently) this requires + * ssh-agent authentication. Give a clear error if this hasn't been + * set up (RHBZ#1139973). This might improve if we switch to libssh1. +@@ -159,8 +203,7 @@ let error_if_no_ssh_agent () = + (* Create the directory containing inX and outX sockets. *) + let create_v2v_directory () = + let d = Mkdtemp.temp_dir "v2v." in +- let running_as_root = Unix.geteuid () = 0 in +- if running_as_root then Unix.chmod d 0o711; ++ chown_for_libvirt_rhbz_1045069 d; + On_exit.rmdir d; + d + +diff --git a/lib/utils.mli b/lib/utils.mli +index c571cca5..d431e21f 100644 +--- a/lib/utils.mli ++++ b/lib/utils.mli +@@ -61,6 +61,17 @@ val qemu_img_supports_offset_and_size : unit -> bool + val backend_is_libvirt : unit -> bool + (** Return true iff the current backend is libvirt. *) + ++val chown_for_libvirt_rhbz_1045069 : string -> unit ++(** If running and root, and if the backend is libvirt, libvirt ++ will run qemu as a non-root user. This prevents access ++ to root-owned files and directories. To fix this, provide ++ a function to chown things we might need to qemu:root so ++ qemu can access them. Note that root normally ignores ++ permissions so can still access the resource. ++ ++ This is best-effort. If something fails then we carry ++ on and hope for the best. *) ++ + val error_if_no_ssh_agent : unit -> unit + + val create_v2v_directory : unit -> string +-- +2.31.1 + diff --git a/SOURCES/0015-nbdkit-qemuNBD-run_unix-formally-require-externally-.patch b/SOURCES/0015-nbdkit-qemuNBD-run_unix-formally-require-externally-.patch new file mode 100644 index 0000000..adb59d0 --- /dev/null +++ b/SOURCES/0015-nbdkit-qemuNBD-run_unix-formally-require-externally-.patch @@ -0,0 +1,343 @@ +From 6d99469c696ea691a908ad8a65314475e43b7bd0 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Wed, 23 Mar 2022 11:43:30 +0100 +Subject: [PATCH] nbdkit, qemuNBD: run_unix: formally require externally + provided socket + +At this point, virt-v2v never relies on the Unix domain sockets created +inside the "run_unix" implementations. Simplify the code by removing this +option. + +Consequently, the internally created temporary directory only holds the +NBD server's PID file, and never its UNIX domain socket. Therefore: + +(1) we no longer need the libguestfs socket dir to be our temp dir, + +(2) we need not change the file mode bits on the temp dir, + +(3) we can rename "tmpdir" to the more specific "piddir". + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2066773 +Signed-off-by: Laszlo Ersek +Message-Id: <20220323104330.9667-1-lersek@redhat.com> +Acked-by: Richard W.M. Jones +(cherry picked from commit 9788b06765af335b054aba03f41d1b829ed13092) +--- + input/input_disk.ml | 4 ++-- + input/input_libvirt.ml | 8 ++++---- + input/input_ova.ml | 2 +- + input/input_vddk.ml | 2 +- + input/input_vmx.ml | 4 ++-- + input/input_xen_ssh.ml | 2 +- + input/vCenter.ml | 2 +- + lib/nbdkit.ml | 24 +++++------------------- + lib/nbdkit.mli | 6 +----- + lib/qemuNBD.ml | 25 +++++-------------------- + lib/qemuNBD.mli | 6 +----- + output/output.ml | 4 ++-- + output/output_null.ml | 2 +- + output/output_rhv_upload.ml | 2 +- + 14 files changed, 28 insertions(+), 65 deletions(-) + +diff --git a/input/input_disk.ml b/input/input_disk.ml +index dc3bed6f..c08548ee 100644 +--- a/input/input_disk.ml ++++ b/input/input_disk.ml +@@ -109,7 +109,7 @@ module Disk = struct + Nbdkit.add_arg cmd "file" disk; + if Nbdkit.version nbdkit_config >= (1, 22, 0) then + Nbdkit.add_arg cmd "cache" "none"; +- let _, pid = Nbdkit.run_unix ~socket cmd in ++ let _, pid = Nbdkit.run_unix socket cmd in + + (* --exit-with-parent should ensure nbdkit is cleaned + * up when we exit, but it's not supported everywhere. +@@ -120,7 +120,7 @@ module Disk = struct + let cmd = QemuNBD.create disk in + QemuNBD.set_snapshot cmd true; (* protective overlay *) + QemuNBD.set_format cmd (Some format); +- let _, pid = QemuNBD.run_unix ~socket cmd in ++ let _, pid = QemuNBD.run_unix socket cmd in + On_exit.kill pid + ) args; + +diff --git a/input/input_libvirt.ml b/input/input_libvirt.ml +index ee836aa0..ad7e20e8 100644 +--- a/input/input_libvirt.ml ++++ b/input/input_libvirt.ml +@@ -87,7 +87,7 @@ and setup_servers dir disks = + Nbdkit.add_arg cmd "hostname" hostname; + Nbdkit.add_arg cmd "port" (string_of_int port); + Nbdkit.add_arg cmd "shared" "true"; +- let _, pid = Nbdkit.run_unix ~socket cmd in ++ let _, pid = Nbdkit.run_unix socket cmd in + + (* --exit-with-parent should ensure nbdkit is cleaned + * up when we exit, but it's not supported everywhere. +@@ -98,7 +98,7 @@ and setup_servers dir disks = + | HTTP url -> + let cor = dir // "convert" in + let cmd = Nbdkit_curl.create_curl ~cor url in +- let _, pid = Nbdkit.run_unix ~socket cmd in ++ let _, pid = Nbdkit.run_unix socket cmd in + + (* --exit-with-parent should ensure nbdkit is cleaned + * up when we exit, but it's not supported everywhere. +@@ -113,7 +113,7 @@ and setup_servers dir disks = + Nbdkit.add_arg cmd "file" filename; + if Nbdkit.version nbdkit_config >= (1, 22, 0) then + Nbdkit.add_arg cmd "cache" "none"; +- let _, pid = Nbdkit.run_unix ~socket cmd in ++ let _, pid = Nbdkit.run_unix socket cmd in + + (* --exit-with-parent should ensure nbdkit is cleaned + * up when we exit, but it's not supported everywhere. +@@ -125,7 +125,7 @@ and setup_servers dir disks = + let cmd = QemuNBD.create filename in + QemuNBD.set_snapshot cmd true; (* protective overlay *) + QemuNBD.set_format cmd format; +- let _, pid = QemuNBD.run_unix ~socket cmd in ++ let _, pid = QemuNBD.run_unix socket cmd in + On_exit.kill pid + ) disks + +diff --git a/input/input_ova.ml b/input/input_ova.ml +index c94ddc79..796cc3bc 100644 +--- a/input/input_ova.ml ++++ b/input/input_ova.ml +@@ -192,7 +192,7 @@ module OVA = struct + let cmd = QemuNBD.create qemu_uri in + QemuNBD.set_snapshot cmd true; (* protective overlay *) + QemuNBD.set_format cmd None; (* auto-detect format *) +- let _, pid = QemuNBD.run_unix ~socket cmd in ++ let _, pid = QemuNBD.run_unix socket cmd in + On_exit.kill pid + ) qemu_uris; + +diff --git a/input/input_vddk.ml b/input/input_vddk.ml +index 29764095..f8bf3d28 100644 +--- a/input/input_vddk.ml ++++ b/input/input_vddk.ml +@@ -196,7 +196,7 @@ information on these settings. + ?nfchostport ?password_file:options.input_password ?port + ~server ?snapshot ~thumbprint ?transports ?user + path in +- let _, pid = Nbdkit.run_unix ~socket nbdkit in ++ let _, pid = Nbdkit.run_unix socket nbdkit in + On_exit.kill pid + ) disks; + +diff --git a/input/input_vmx.ml b/input/input_vmx.ml +index 3aa49fa6..34ae99a3 100644 +--- a/input/input_vmx.ml ++++ b/input/input_vmx.ml +@@ -66,7 +66,7 @@ module VMX = struct + (absolute_path_from_other_file vmx_filename filename) in + QemuNBD.set_snapshot cmd true; (* protective overlay *) + QemuNBD.set_format cmd (Some "vmdk"); +- let _, pid = QemuNBD.run_unix ~socket cmd in ++ let _, pid = QemuNBD.run_unix socket cmd in + On_exit.kill pid + ) filenames + +@@ -108,7 +108,7 @@ module VMX = struct + let bandwidth = options.bandwidth in + let nbdkit = Nbdkit_ssh.create_ssh ?bandwidth ~cor ~password + ~server ?port ?user abs_path in +- let _, pid = Nbdkit.run_unix ~socket nbdkit in ++ let _, pid = Nbdkit.run_unix socket nbdkit in + On_exit.kill pid + ) filenames + ); +diff --git a/input/input_xen_ssh.ml b/input/input_xen_ssh.ml +index 85e24bce..989a0cc7 100644 +--- a/input/input_xen_ssh.ml ++++ b/input/input_xen_ssh.ml +@@ -118,7 +118,7 @@ module XenSSH = struct + let bandwidth = options.bandwidth in + let nbdkit = Nbdkit_ssh.create_ssh ?bandwidth ~cor ~password + ?port ~server ?user path in +- let _, pid = Nbdkit.run_unix ~socket nbdkit in ++ let _, pid = Nbdkit.run_unix socket nbdkit in + On_exit.kill pid + ) disks; + +diff --git a/input/vCenter.ml b/input/vCenter.ml +index 40d594f0..8a1a5655 100644 +--- a/input/vCenter.ml ++++ b/input/vCenter.ml +@@ -117,7 +117,7 @@ let rec start_nbdkit_for_path ?bandwidth ?cor ?password_file + Nbdkit_curl.create_curl ?bandwidth ?cor + ~cookie_script ~cookie_script_renew + ~sslverify https_url in +- let _, pid = Nbdkit.run_unix ~socket nbdkit in ++ let _, pid = Nbdkit.run_unix socket nbdkit in + pid + + and get_https_url dcPath uri server path = +diff --git a/lib/nbdkit.ml b/lib/nbdkit.ml +index 9ee6f39c..07896684 100644 +--- a/lib/nbdkit.ml ++++ b/lib/nbdkit.ml +@@ -102,27 +102,13 @@ let add_env cmd name value = cmd.env <- (name, value) :: cmd.env + let add_filter_if_available cmd filter = + if probe_filter filter then add_filter cmd filter + +-let run_unix ?socket cmd = +- (* Create a temporary directory where we place the socket and PID file. +- * Use the libguestfs socket directory, so it is more likely the full path +- * of the UNIX sockets will fit in the (limited) socket pathname. +- *) +- let tmpdir = +- let base_dir = (open_guestfs ())#get_sockdir () in +- let t = Mkdtemp.temp_dir ~base_dir "v2vnbdkit." in +- (* tmpdir must be readable (but not writable) by "other" so that +- * qemu can open the sockets. +- *) +- chmod t 0o755; +- On_exit.rmdir t; +- t in ++let run_unix socket cmd = ++ (* Create a temporary directory where we place the PID file. *) ++ let piddir = Mkdtemp.temp_dir "v2vnbdkit." in ++ On_exit.rmdir piddir; + + let id = unique () in +- let pidfile = tmpdir // sprintf "nbdkit%d.pid" id in +- let socket = +- match socket with +- | None -> tmpdir // sprintf "nbdkit%d.sock" id +- | Some socket -> socket in ++ let pidfile = piddir // sprintf "nbdkit%d.pid" id in + + (* Construct the final command line. *) + let add_arg, add_args_reversed, get_args = +diff --git a/lib/nbdkit.mli b/lib/nbdkit.mli +index dc2fd04b..5ba83ab0 100644 +--- a/lib/nbdkit.mli ++++ b/lib/nbdkit.mli +@@ -92,14 +92,10 @@ val add_args : cmd -> (string * string) list -> unit + val add_env : cmd -> string -> string -> unit + (** Add name=value environment variable. *) + +-val run_unix : ?socket:string -> cmd -> string * int ++val run_unix : string -> cmd -> string * int + (** Start nbdkit command listening on a Unix domain socket, waiting + for the process to start up. + +- If optional [?socket] parameter is omitted, then a temporary +- Unix domain socket name is created. If [?socket] is present +- then this overrides the temporary name. +- + Returns the Unix domain socket name and the nbdkit process ID. + + The --exit-with-parent, --foreground, --pidfile, --newstyle and +diff --git a/lib/qemuNBD.ml b/lib/qemuNBD.ml +index 2c999b9f..ae21b17c 100644 +--- a/lib/qemuNBD.ml ++++ b/lib/qemuNBD.ml +@@ -62,30 +62,15 @@ let create disk = { disk; snapshot = false; format = None } + let set_snapshot cmd snap = cmd.snapshot <- snap + let set_format cmd format = cmd.format <- format + +-let run_unix ?socket { disk; snapshot; format } = ++let run_unix socket { disk; snapshot; format } = + assert (disk <> ""); + +- (* Create a temporary directory where we place the socket and PID file. +- * Use the libguestfs socket directory, so it is more likely the full path +- * of the UNIX sockets will fit in the (limited) socket pathname. +- *) +- let tmpdir = +- let base_dir = (open_guestfs ())#get_sockdir () in +- let t = Mkdtemp.temp_dir ~base_dir "v2vqemunbd." in +- (* tmpdir must be readable (but not writable) by "other" so that +- * qemu can open the sockets. +- *) +- chmod t 0o755; +- On_exit.rmdir t; +- t in ++ (* Create a temporary directory where we place the PID file. *) ++ let piddir = Mkdtemp.temp_dir "v2vqemunbd." in ++ On_exit.rmdir piddir; + + let id = unique () in +- let pidfile = tmpdir // sprintf "qemunbd%d.pid" id in +- +- let socket = +- match socket with +- | Some socket -> socket +- | None -> tmpdir // sprintf "qemunbd%d.sock" id in ++ let pidfile = piddir // sprintf "qemunbd%d.pid" id in + + (* Construct the qemu-nbd command line. *) + let args = ref [] in +diff --git a/lib/qemuNBD.mli b/lib/qemuNBD.mli +index 83871c5b..e10d3106 100644 +--- a/lib/qemuNBD.mli ++++ b/lib/qemuNBD.mli +@@ -43,12 +43,8 @@ val set_snapshot : cmd -> bool -> unit + val set_format : cmd -> string option -> unit + (** Set the format [--format] parameter. *) + +-val run_unix : ?socket:string -> cmd -> string * int ++val run_unix : string -> cmd -> string * int + (** Start qemu-nbd command listening on a Unix domain socket, + waiting for the process to start up. + +- If optional [?socket] parameter is omitted, then a temporary +- Unix domain socket name is created. If [?socket] is present +- then this overrides the temporary name. +- + Returns the Unix domain socket name and the qemu-nbd process ID. *) +diff --git a/output/output.ml b/output/output.ml +index 7256b547..10e685c4 100644 +--- a/output/output.ml ++++ b/output/output.ml +@@ -90,7 +90,7 @@ let output_to_local_file ?(changeuid = fun f -> f ()) + let cmd = Nbdkit.add_arg cmd "cache" "none" in + cmd + ); +- let _, pid = Nbdkit.run_unix ~socket cmd in ++ let _, pid = Nbdkit.run_unix socket cmd in + + (* --exit-with-parent should ensure nbdkit is cleaned + * up when we exit, but it's not supported everywhere. +@@ -101,7 +101,7 @@ let output_to_local_file ?(changeuid = fun f -> f ()) + let cmd = QemuNBD.create filename in + QemuNBD.set_snapshot cmd false; + QemuNBD.set_format cmd (Some "qcow2"); +- let _, pid = QemuNBD.run_unix ~socket cmd in ++ let _, pid = QemuNBD.run_unix socket cmd in + On_exit.kill pid + + | _ -> +diff --git a/output/output_null.ml b/output/output_null.ml +index 86d81eaa..c8e27c0b 100644 +--- a/output/output_null.ml ++++ b/output/output_null.ml +@@ -70,7 +70,7 @@ module Null = struct + let () = + let cmd = Nbdkit.create ~quiet:true "null" in + Nbdkit.add_arg cmd "size" "7E"; +- let _, pid = Nbdkit.run_unix ~socket cmd in ++ let _, pid = Nbdkit.run_unix socket cmd in + + (* --exit-with-parent should ensure nbdkit is cleaned + * up when we exit, but it's not supported everywhere. +diff --git a/output/output_rhv_upload.ml b/output/output_rhv_upload.ml +index 72463e57..828996b3 100644 +--- a/output/output_rhv_upload.ml ++++ b/output/output_rhv_upload.ml +@@ -398,7 +398,7 @@ e command line has to match the number of guest disk images (for this guest: %d) + Nbdkit.add_arg cmd "insecure" "true"; + if is_ovirt_host then + Nbdkit.add_arg cmd "is_ovirt_host" "true"; +- let _, pid = Nbdkit.run_unix ~socket cmd in ++ let _, pid = Nbdkit.run_unix socket cmd in + List.push_front pid nbdkit_pids + ) (List.combine disks disk_uuids); + +-- +2.31.1 + diff --git a/SOURCES/copy-patches.sh b/SOURCES/copy-patches.sh new file mode 100755 index 0000000..935c7d4 --- /dev/null +++ b/SOURCES/copy-patches.sh @@ -0,0 +1,60 @@ +#!/bin/bash - + +set -e + +# Maintainer script to copy patches from the git repo to the current +# directory. Use it like this: +# ./copy-patches.sh + +project=virt-v2v +rhel_version=9.0.0 + +# Check we're in the right directory. +if [ ! -f $project.spec ]; then + echo "$0: run this from the directory containing '$project.spec'" + exit 1 +fi + +case `id -un` in + rjones) git_checkout=$HOME/d/$project-rhel-$rhel_version ;; + lacos) git_checkout=$HOME/src/v2v/$project ;; + *) git_checkout=$HOME/d/$project-rhel-$rhel_version ;; +esac +if [ ! -d $git_checkout ]; then + echo "$0: $git_checkout does not exist" + echo "This script is only for use by the maintainer when preparing a" + echo "$project release on RHEL." + exit 1 +fi + +# Get the base version of the project. +version=`grep '^Version:' $project.spec | awk '{print $2}'` +tag="v$version" + +# Remove any existing patches. +git rm -f [0-9]*.patch ||: +rm -f [0-9]*.patch + +# Get the patches. +(cd $git_checkout; rm -f [0-9]*.patch; git -c core.abbrev=8 format-patch -O/dev/null --subject-prefix=PATCH -N --submodule=diff $tag) +mv $git_checkout/[0-9]*.patch . + +# Remove any not to be applied. +rm -f *NOT-FOR-RPM*.patch + +# Add the patches. +git add [0-9]*.patch + +# Print out the patch lines. +echo +echo "--- Copy the following text into $project.spec file" +echo + +echo "# Patches." +for f in [0-9]*.patch; do + n=`echo $f | awk -F- '{print $1}'` + echo "Patch$n: $f" +done + +echo +echo "--- End of text" diff --git a/SOURCES/virt-v2v-1.45.99.tar.gz.sig b/SOURCES/virt-v2v-1.45.99.tar.gz.sig new file mode 100644 index 0000000..d2fc384 --- /dev/null +++ b/SOURCES/virt-v2v-1.45.99.tar.gz.sig @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- + +iQJFBAABCAAvFiEE93dPsa0HSn6Mh2fqkXOPc+G3aKAFAmIL8EkRHHJpY2hAYW5u +ZXhpYS5vcmcACgkQkXOPc+G3aKCSExAAiEWAd+WvG8cf33xrDzAERh3Hg/E89iTv +P0Ue9HEWFb4yLEKckW7WjagDxrdBdf7VBkBY2wgkkUVq0o4bWhQVWEKPfgWXdiJC +5sE4wO4trCQDCyZLB/iSiH85oQVf839Jbk04qHWUU7DXsE6apL1LMi2xRUlMPRTf +6hZVe9WIjlKonzuteQslqVHKVhTZmqkr1NTkYq0OhCHFzMpb1xi0JQni9vKXIaSN +4vvaDXBzBZW+00iux1PE/Age9QC3AkSESF95Uqx6nYSF98aBEG+3ErcUkMXxL8+i +c6RYwqFC2oINEPHg46dZtZyAiJNVY4H7hAM1DDe47tFWvmLEIEgyS5XkPfdfReoX +vVheS+cn6uRbSGeG1iF2ru8ehb+uscatwFc9eWsvoQ10Mt477R7VoG6gTYfIAwP8 +hy5gCgyhlT9t1KKp/39UK4WIwSbIOl6vXH2Kpzam0wKb8xynHYU4cyvk4TGZk+ks ++a63+98ZYeL3hBHAIe2u1wDmgdbVSfvIcK7TEzFTPesAm2WqhkC08CPfinS9vCUI +VogUpze9+zHZaSBWHCPhfUBpUNF6tGvLRlH0B/ml/6E8csSQ+kT8CWl0ZGvJuNfB +es8QiAT5XXXTrNgAw782xZOP6aieNrnoNY0J7rFaAbL1OaIXC21lGWAPSZeCOOo/ +PRaJqt5iaDA= +=okD+ +-----END PGP SIGNATURE----- diff --git a/SPECS/virt-v2v.spec b/SPECS/virt-v2v.spec new file mode 100644 index 0000000..522224f --- /dev/null +++ b/SPECS/virt-v2v.spec @@ -0,0 +1,506 @@ +# If we should verify tarball signature with GPGv2. +%global verify_tarball_signature 1 + +# If there are patches which touch autotools files, set this to 1. +%if !0%{?rhel} +%global patches_touch_autotools %{nil} +%else +# On RHEL the downstream patches always touch autotools files. +%global patches_touch_autotools 1 +%endif + +# The source directory. +%global source_directory 1.45-development + +Name: virt-v2v +Epoch: 1 +Version: 1.45.99 +Release: 2%{?dist} +Summary: Convert a virtual machine to run on KVM + +License: GPLv2+ +URL: https://github.com/libguestfs/virt-v2v + +Source0: http://download.libguestfs.org/virt-v2v/%{source_directory}/%{name}-%{version}.tar.gz +%if 0%{verify_tarball_signature} +Source1: http://download.libguestfs.org/virt-v2v/%{source_directory}/%{name}-%{version}.tar.gz.sig +# Keyring used to verify tarball signature. +Source2: libguestfs.keyring +%endif + +# Maintainer script which helps with handling patches. +Source3: copy-patches.sh + +%if !0%{?rhel} +# libguestfs hasn't been built on i686 for a while since there is no +# kernel built for this architecture any longer and libguestfs rather +# fundamentally depends on the kernel. Therefore we must exclude this +# arch. Note there is no bug filed for this because we do not ever +# expect that libguestfs or virt-v2v will be available on i686 so +# there is nothing that needs fixing. +ExcludeArch: %{ix86} +%else +# Architectures where virt-v2v is shipped on RHEL: +# +# not on aarch64 because it is not useful there +# not on %%{power64} because of RHBZ#1287826 +# not on s390x because it is not useful there +ExclusiveArch: x86_64 +%endif + +# Downstream (RHEL-only) patches. +%if 0%{?rhel} +# Patches. +Patch0001: 0001-RHEL-v2v-Select-correct-qemu-binary-for-o-qemu-mode-.patch +Patch0002: 0002-RHEL-v2v-Disable-the-qemu-boot-oo-qemu-boot-option-R.patch +Patch0003: 0003-RHEL-Fix-list-of-supported-sound-cards-to-match-RHEL.patch +Patch0004: 0004-RHEL-Fixes-for-libguestfs-winsupport.patch +Patch0005: 0005-RHEL-v2v-i-disk-force-VNC-as-display-RHBZ-1372671.patch +Patch0006: 0006-RHEL-v2v-do-not-mention-SUSE-Xen-hosts-RHBZ-1430203.patch +Patch0007: 0007-RHEL-point-to-KB-for-supported-v2v-hypervisors-guest.patch +Patch0008: 0008-RHEL-Disable-o-glance.patch +Patch0009: 0009-RHEL-Remove-the-in-place-option.patch +Patch0010: 0010-lib-Remove-Utils.metaversion.patch +Patch0011: 0011-lib-v2v-Move-common-code-for-creating-v2v-directory-.patch +Patch0012: 0012-v2v-Move-creation-of-v2v-directory-until-after-optio.patch +Patch0013: 0013-lib-nbdkit.ml-Correct-copy-paste-error-in-comment.patch +Patch0014: 0014-lib-Improve-security-of-in-out-sockets-when-running-.patch +Patch0015: 0015-nbdkit-qemuNBD-run_unix-formally-require-externally-.patch +%endif + +%if 0%{patches_touch_autotools} +BuildRequires: autoconf, automake, libtool +%endif + +BuildRequires: make +BuildRequires: /usr/bin/pod2man +BuildRequires: gcc +BuildRequires: ocaml >= 4.01 + +BuildRequires: libguestfs-devel >= 1:1.42 +BuildRequires: augeas-devel +BuildRequires: bash-completion +BuildRequires: file-devel +BuildRequires: gettext-devel +BuildRequires: jansson-devel +BuildRequires: libnbd-devel >= 1.10.3 +BuildRequires: libosinfo-devel +BuildRequires: libvirt-daemon-kvm +BuildRequires: libvirt-devel +BuildRequires: libxml2-devel +BuildRequires: pcre-devel +BuildRequires: perl(Sys::Guestfs) +BuildRequires: po4a +BuildRequires: /usr/bin/virsh +BuildRequires: xorriso + +BuildRequires: ocaml-findlib-devel +BuildRequires: ocaml-libguestfs-devel +BuildRequires: ocaml-libnbd-devel +BuildRequires: ocaml-fileutils-devel +BuildRequires: ocaml-gettext-devel +%if !0%{?rhel} +BuildRequires: ocaml-ounit-devel +%endif + +BuildRequires: nbdkit-python-plugin + +%if 0%{verify_tarball_signature} +BuildRequires: gnupg2 +%endif + +Requires: libguestfs%{?_isa} >= 1:1.42 +Requires: guestfs-tools >= 1.42 + +# XFS is the default filesystem in Fedora and RHEL. +Requires: libguestfs-xfs + +%if 0%{?rhel} +# For Windows conversions on RHEL. +Requires: libguestfs-winsupport >= 7.2 +%endif + +Requires: gawk +Requires: gzip +Requires: unzip +Requires: curl +Requires: openssh-clients >= 8.7p1 +Requires: %{_bindir}/virsh + +# Ensure the UEFI firmware is available, to properly convert +# EFI guests (RHBZ#1429643). +%ifarch x86_64 +Requires: edk2-ovmf +%endif +%ifarch aarch64 +Requires: edk2-aarch64 +%endif + +Requires: platform-python +Requires: libnbd >= 1.8.2-2.el9 +Requires: %{_bindir}/qemu-nbd +Requires: %{_bindir}/nbdcopy +Requires: %{_bindir}/nbdinfo +Requires: nbdkit-server >= 1.28.3-2.el9 +Requires: nbdkit-curl-plugin +Requires: nbdkit-file-plugin +Requires: nbdkit-nbd-plugin +Requires: nbdkit-null-plugin +Requires: nbdkit-python-plugin +Requires: nbdkit-ssh-plugin +%ifarch x86_64 +Requires: nbdkit-vddk-plugin +%endif +Requires: nbdkit-blocksize-filter +Requires: nbdkit-cacheextents-filter +Requires: nbdkit-cow-filter >= 1.26.5-1.el9 +Requires: nbdkit-rate-filter +Requires: nbdkit-readahead-filter +Requires: nbdkit-retry-filter + +# For rhsrvany.exe, used to install firstboot scripts in Windows guests. +Requires: mingw32-srvany >= 1.0-13 + +# On RHEL, virtio-win should be used to install virtio drivers +# and qemu-ga in converted guests. (RHBZ#1972644) +%if 0%{?rhel} +Recommends: virtio-win +%endif + + +%description +Virt-v2v converts a single guest from a foreign hypervisor to run on +KVM. It can read Linux and Windows guests running on VMware, Xen, +Hyper-V and some other hypervisors, and convert them to KVM managed by +libvirt, OpenStack, oVirt, Red Hat Virtualisation (RHV) or several +other targets. It can modify the guest to make it bootable on KVM and +install virtio drivers so it will run quickly. + + +%package bash-completion +Summary: Bash tab-completion for %{name} +BuildArch: noarch +Requires: bash-completion >= 2.0 +Requires: %{name} = %{epoch}:%{version}-%{release} + + +%description bash-completion +Install this package if you want intelligent bash tab-completion +for %{name}. + + +%package man-pages-ja +Summary: Japanese (ja) man pages for %{name} +BuildArch: noarch +Requires: %{name} = %{epoch}:%{version}-%{release} + +%description man-pages-ja +%{name}-man-pages-ja contains Japanese (ja) man pages +for %{name}. + + +%package man-pages-uk +Summary: Ukrainian (uk) man pages for %{name} +BuildArch: noarch +Requires: %{name} = %{epoch}:%{version}-%{release} + +%description man-pages-uk +%{name}-man-pages-uk contains Ukrainian (uk) man pages +for %{name}. + + +%prep +%if 0%{verify_tarball_signature} +%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}' +%endif +%autosetup -p1 + +%if 0%{patches_touch_autotools} +autoreconf -i +%endif + + +%build +%configure \ +%if !0%{?rhel} + --with-extra="fedora=%{fedora},release=%{release}" \ +%else + --with-extra="rhel=%{rhel},release=%{release}" \ +%endif + +make V=1 %{?_smp_mflags} + + +%install +%make_install + +# Delete libtool crap. +find $RPM_BUILD_ROOT -name '*.la' -delete + +# Virt-tools data directory. This contains a symlink to rhsrvany.exe +# which is satisfied by the dependency on mingw32-srvany. +mkdir -p $RPM_BUILD_ROOT%{_datadir}/virt-tools +pushd $RPM_BUILD_ROOT%{_datadir}/virt-tools +ln -sf /usr/i686-w64-mingw32/sys-root/mingw/bin/rhsrvany.exe +popd + +# Find locale files. +%find_lang %{name} + + +%check +# All tests fail at the moment because of bugs in libvirt blockdev. +# # Tests fail on both armv7 and ppc64le in Fedora 31 because the kernel +# # cannot boot on qemu. +# %ifnarch %{arm} ppc64le + +# # On x86_64 this single test fails with: "virt-v2v: warning: the +# # target hypervisor does not support a x86_64 KVM guest". Missing +# # BuildRequires? +# %ifarch x86_64 +# truncate -s 0 tests/test-v2v-o-libvirt.sh +# %endif + +# # This test fails in mock. +# truncate -s 0 tests/test-v2v-oa-option.sh + +# # Make sure we can see the debug messages (RHBZ#1230160). +# export LIBGUESTFS_DEBUG=1 +# export LIBGUESTFS_TRACE=1 + +# make %{?_smp_mflags} check || { +# cat tests/test-suite.log +# exit 1 +# } + +# %endif + + +%files -f %{name}.lang +%license COPYING +%doc README +%{_bindir}/virt-v2v +%{_mandir}/man1/virt-v2v.1* +%{_mandir}/man1/virt-v2v-hacking.1* +%{_mandir}/man1/virt-v2v-input-vmware.1* +%{_mandir}/man1/virt-v2v-input-xen.1* +%{_mandir}/man1/virt-v2v-output-local.1* +%{_mandir}/man1/virt-v2v-output-openstack.1* +%{_mandir}/man1/virt-v2v-output-rhv.1* +%{_mandir}/man1/virt-v2v-release-notes-1.42.1* +%{_mandir}/man1/virt-v2v-support.1* +%{_datadir}/virt-tools + + +%files bash-completion +%license COPYING +%{_datadir}/bash-completion/completions/virt-v2v + + +%files man-pages-ja +%license COPYING +%lang(ja) %{_mandir}/ja/man1/*.1* + + +%files man-pages-uk +%license COPYING +%lang(uk) %{_mandir}/uk/man1/*.1* + + +%changelog +* Wed Mar 23 2022 Richard W.M. Jones - 1:1.45.99-2 +- Fix security issue when running virt-v2v as root + resolves: rhbz#2066775 + +* Tue Feb 15 2022 Richard W.M. Jones - 1:1.45.99-1 +- Rebase to upstream 1.45.99. +- Add check for sufficient free space in the host + resolves: rhbz#2051394 +- Update documentation of -ip for conversions from VMware over HTTPS + related: rhbz#1960087 +- -o rhv-upload: Keep connections alive + resolves: rhbz#2032324 +- -o rhv-upload: Improve conversion performance + resolves: rhbz#2039255 +- -o rhv-upload: Replace -oo rhv-direct with -oo rhv-proxy + resolves: rhbz#2033096 +- Fix log line wrapping making log parsing difficult (1820221) + +* Wed Feb 2 2022 Laszlo Ersek - 1:1.45.97-4 +- v2v import from vCenter fails when using interactive password because + cookie-script tries to be interactive + (pick commit 8abc07a8589a) + resolves: rhbz#1960087 +- model='virtio-transitional' is wrongly added when converting windows + guest to local by rhel9 v2v + (pick commit range commit range 8abc07a8589a..cacedec64072) + resolves: rhbz#2043333 + +* Wed Jan 26 2022 Richard W.M. Jones - 1:1.45.97-3 +- Rebase to upstream 1.45.97. + resolves: rhbz#2011713 +- Add virtio-transitional for older guests when converting to q35 + resolves: rhbz#1942325 +- Fix -o rhv mode + resolves: rhbz#2027598 +- input: xen: Fix assertion error when importing from remote block device + resolves: rhbz#2041852 +- output: -o json: Allow -oo (output options) to work + resolves: rhbz#2041850 +- Fix virt-v2v hang when given incorrect vpx:// URL + resolves: rhbz#2041886 +- Fix hang when converting with virt-p2v + resolves: rhbz#2044911 +- Send nbdinfo debugging information to stderr + resolves: rhbz#2044922 +- Explicitly require platform-python + resolves: rhbz#2046178 + +* Thu Dec 23 2021 Laszlo Ersek - 1:1.45.95-3 +- output_rhv: restrict block status collection to the old RHV output +- Rebase from upstream commit 702a511b7f33 to direct child commit 07b12fe99fb9 + resolves: rhbz#2034240 + +* Sat Dec 18 2021 Richard W.M. Jones - 1:1.45.95-2 +- Rebase to upstream 1.45.95. +- Change video type to VGA (instead of QXL). +- Remove --in-place support properly. +- Remove -o glance support properly. +- Fix quoting with openssh >= 8.7 (RHEL) / 8.8 +- Fix q35 error "IDE controllers are unsupported" +- Add virt-v2v and libvirt version in debug output +- Fix -o rhv output mode showing no guests listed + resolves: rhbz#2011713, rhbz#1961107, rhbz#2027673, + rhbz#1637857, rhbz#2032112, rhbz#2027598 + +* Wed Aug 18 2021 Richard W.M. Jones - 1:1.45.3-3 +- Fix conversion of Windows BitLocker guests + resolves: rhbz#1994984 + +* Tue Aug 10 2021 Mohan Boddu - 1:1.45.3-2 +- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags + Related: rhbz#1991688 + +* Fri Aug 06 2021 Richard W.M. Jones - 1:1.45.3-1 +- New upstream development version 1.45.3. +- Rebase RHEL patches. + resolves: rhbz#1950634 + +* Wed Jun 30 2021 Richard W.M. Jones - 1:1.45.2-1 +- New upstream development version 1.45.2. +- Remove --debug-overlays and --print-estimate options. +- Remove -o glance option on RHEL 9 (RHBZ#1977539). +- Remove support for RHEV-APT (RHBZ#1945549). + +* Wed Jun 16 2021 Richard W.M. Jones - 1:1.45.1-1.el9.1 +- New upstream development version 1.45.1. +- Require virtio-win on RHEL (RHBZ#1972644). +- v2v-test-harness, virt-v2v-copy-to-local have been removed upstream. + +* Thu Jun 10 2021 Richard W.M. Jones - 1:1.44.0-2 +- nbdkit-vddk-plugin dep only exists on x86-64. + +* Mon May 10 2021 Richard W.M. Jones - 1:1.44.0-1.el9.1 +- Rebuild in RHEL 9 against libguestfs 1.45.5 + resolves: rhbz#1959042 + +* Fri Apr 30 2021 Richard W.M. Jones - 1:1.44.0-1 +- New upstream stable branch version 1.44.0. + +* Wed Apr 14 2021 Richard W.M. Jones - 1:1.43.5-1 +- New upstream version 1.43.5. + +* Thu Apr 01 2021 Richard W.M. Jones - 1:1.43.4-5 +- Add upstream patch to depend on xorriso. +- Change libguestfs-tools-c -> guestfs-tools. + +* Tue Mar 30 2021 Richard W.M. Jones - 1:1.43.4-3 +- Add downstream (RHEL-only) patches (RHBZ#1931724). + +* Mon Mar 8 2021 Richard W.M. Jones - 1:1.43.4-2 +- Bump and rebuild for ocaml-gettext update. + +* Wed Mar 3 2021 Richard W.M. Jones - 1:1.43.4-1 +- New upstream version 1.43.4. + +* Tue Mar 2 2021 Richard W.M. Jones - 1:1.43.3-4 +- OCaml 4.12.0 build + +* Tue Mar 2 2021 Richard W.M. Jones - 1:1.43.3-3 +- Add fix for OCaml 4.12. + +* Wed Jan 27 2021 Fedora Release Engineering - 1:1.43.3-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Tue Jan 05 2021 Richard W.M. Jones - 1:1.43.3-1 +- New upstream version 1.43.3. + +* Thu Dec 03 2020 Richard W.M. Jones - 1:1.43.2-3 +- Drop obsolete virt-v2v-copy-to-local tool for Fedora 34 and RHEL 9. + +* Wed Dec 02 2020 Richard W.M. Jones - 1:1.43.2-2 +- Unify Fedora and RHEL spec files. + +* Tue Dec 01 2020 Richard W.M. Jones - 1:1.43.2-1 +- New upstream version 1.43.2. + +* Tue Sep 01 2020 Richard W.M. Jones - 1:1.43.1-5 +- OCaml 4.11.1 rebuild + +* Fri Aug 21 2020 Richard W.M. Jones - 1:1.43.1-4 +- OCaml 4.11.0 rebuild + +* Sat Aug 01 2020 Fedora Release Engineering - 1:1.43.1-3 +- Second attempt - Rebuilt for + https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Wed Jul 29 2020 Fedora Release Engineering - 1:1.43.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Mon Jul 06 2020 Richard W.M. Jones - 1.43.1-1 +- New development branch 1.43. + +* Wed May 06 2020 Richard W.M. Jones - 1.42.0-4 +- Re-add Epoch. Forgotten when we split this package from libguestfs. + +* Tue May 05 2020 Richard W.M. Jones - 1.42.0-2 +- OCaml 4.11.0+dev2-2020-04-22 rebuild + +* Thu Apr 16 2020 Richard W.M. Jones - 1.42.0-1 +- New upstream stable version 1.42.0. + +* Sat Apr 04 2020 Richard W.M. Jones - 1.41.8-11 +- Update all OCaml dependencies for RPM 4.16. + +* Thu Feb 27 2020 Richard W.M. Jones - 1.41.8-10 +- OCaml 4.10.0 final. + +* Fri Jan 31 2020 Fedora Release Engineering - 1.41.8-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Sun Jan 19 2020 Richard W.M. Jones - 1.41.8-8 +- Bump release and rebuild. + +* Sun Jan 19 2020 Richard W.M. Jones - 1.41.8-7 +- Bump release and rebuild. + +* Sun Jan 19 2020 Richard W.M. Jones - 1.41.8-6 +- Bump release and rebuild. + +* Sun Jan 19 2020 Richard W.M. Jones - 1.41.8-5 +- OCaml 4.10.0+beta1 rebuild. +- Use nbdkit-python-plugin (now all Python 3 in Rawhide). + +* Wed Nov 27 2019 Richard W.M. Jones - 1.41.8-4 +- Use license instead of doc for COPYING file. +- Include license in all subpackages. +- Use gpgverify macro. +- Don't own bash-completion directory because we Require the + bash-completion package which owns it already. + +* Tue Nov 26 2019 Richard W.M. Jones - 1.41.8-2 +- Fix permissions on .sig file. +- Disable -oa preallocated test since it fails in reviewers mock environment. + +* Fri Nov 15 2019 Richard W.M. Jones - 1.41.8-1 +- Initial release of separate virt-v2v program, was part of libguestfs.