| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Some tests in the regressions directory deliberately print
error messages. As long as they still PASS, this is OK.
However these tests also printed some misleading messages
about what error to expect. Since error messages were slightly
different across distros, these messages were not accurate.
Therefore remove these messages, and replace with a general
message before all tests telling users not to worry about
errors from the tests as long as the tests don't fail.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds four APIs for creating new LUKS devices
and key management. These are:
luks_format Format a LUKS device with the default cipher.
luks_format_cipher Format with a chosen cipher.
luks_add_key Add another key to an existing device.
luks_kill_slot Delete a key from an existing device.
This enables all the significant functionality of the
cryptsetup luks* commands.
Note that you can obtain the UUID of a LUKS device already
by using vfs-uuid.
This also includes a regression test covering all the LUKS
functions.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adding the readonly=on option is not so clever. This causes
qemu to present the disk as read-only to the guest. (The
expected behaviour of snapshots=on,readonly=on was that it
would open the disk O_RDONLY but present a writable disk to
the guest).
Since the guest sees a read-only disk, we are unable to do any
recovery if a filesystem on the disk is inconsistent. This basically
prevents most accesses to live disk images.
What we really want is a qemu option which presents a writable
disk to the guest, but only opens the disk on the host side with
O_RDONLY, to alleviate the udev bug RHBZ#571714.
This reverts commit 676462684e05dd8341dd695762dd99a87d8ec022.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds support for opening LUKS-encrypted disks, via
three new APIs:
luks_open: Create a mapping for an encrypted disk.
luks_open_ro: Same, but read-only mapping.
luks_close: Close a mapping.
A typical guestfish session using this functionality looks
like this:
$ guestfish --ro -a encrypted.img
><fs> run
><fs> list-devices
/dev/vda
><fs> list-partitions
/dev/vda1
/dev/vda2
><fs> vfs-type /dev/vda2
crypto_LUKS
><fs> luks-open /dev/vda2 luksdev
Enter key or passphrase ("key"):
><fs> vgscan
><fs> vg-activate-all true
><fs> pvs
/dev/dm-0
><fs> vgs
vg_f13x64encrypted
><fs> lvs
/dev/vg_f13x64encrypted/lv_root
/dev/vg_f13x64encrypted/lv_swap
><fs> mount /dev/vg_f13x64encrypted/lv_root /
><fs> ll /
total 132
dr-xr-xr-x. 24 root root 4096 Jul 21 12:01 .
dr-xr-xr-x 20 root root 0 Jul 21 20:06 ..
drwx------. 3 root root 4096 Jul 21 11:59 .dbus
drwx------. 2 root root 4096 Jul 21 12:00 .pulse
-rw-------. 1 root root 256 Jul 21 12:00 .pulse-cookie
dr-xr-xr-x. 2 root root 4096 May 13 03:03 bin
NOT included in this patch:
- An easier way to use this from guestfish.
- Ability to create LUKS devices.
- Ability to change LUKS keys on existing devices.
- Direct access to the /dev/mapper device (eg. if it contains
anything apart from VGs).
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Add a 'Key' parameter type, used for passing sensitive key material
into libguestfs.
Eventually the plan is to mlock() key material into memory. However
this is very difficult to achieve because the encoded XDR strings
end up in many places. Therefore users should note that key material
passed to libguestfs might end up in swap.
The only difference between 'Key' and 'String' currently is that
guestfish requests the key from /dev/tty with echoing turned off.
|
| |
|
|
|
| |
The 'name' parameter is not used on the right hand side of the
match, so it can be removed.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit greatly improves the performance of the 'virt-df'
command by batching as many disks as possible onto a single appliance.
In many situations this means the appliance is launched only once,
versus one launch per domain as before.
However doing it this way is a lot more complex:
(1) Because of limits in Linux and virtio-blk, we can only attach
26 disks maximum at a time to the appliance.
(2) We have to use LVM filters (lvm-set-filter) to confine LVM to
the disks of a single guest.
|
| |
|
|
|
|
|
| |
These APIs allow you to change the device filter, the list of
block devices that LVM "sees". Either you can set it to a fixed
list of devices / partitions, or you can clear it so that LVM sees
everything.
|
| |
|
|
|
|
|
|
|
| |
This resolves a warning from gcc 4.5:
assuming signed overflow does not occur when simplifying
conditional to constant
This page explains the issues in some detail:
http://www.airs.com/blog/archives/120
|
| |
|
|
|
| |
Only one function currently uses DeviceList. The generated code
unfortunately hard-coded the argument name from that function.
|
| |
|
|
|
| |
Various language bindings simply need this, so we have to allow
it even though it's a GCC extension.
|
| | |
|
| | |
|
| |
|
|
|
| |
Note to self: The 'tempfile' function does *not* default to
removing files with the program exits!
|
| | |
|
| |
|
|
| |
(Suggested by Justin Clift).
|
| |
|
|
|
|
| |
Add BUGS and RELEASE-NOTES to EXTRA_DIST.
Also update the RELEASE-NOTES file.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If you have a restrictive umask (0077 for example) then
files in the tmp directory would be created with 0600
permissions. Example:
drwx------. 2 rjones rjones 4096 Jul 2 17:52 .
drwxrwxrwt. 57 root root 102400 Jul 2 17:52 ..
-rw-------. 1 rjones rjones 86328832 Jul 2 17:52 initrd
lrwxrwxrwx. 1 rjones rjones 46 Jul 2 17:52 kernel -> /boot/vmlinuz-2.6.33-0.40.rc7.git0.fc13.x86_64
This in itself is not a problem. However in virt-v2v we also
change UID:GID and the result is that qemu is unable to read
the initrd file:
qemu: could not load initial ram disk '/tmp/libguestfs2ssynP/initrd'
With this patch we make the tmp directory and the files
world readable. After the patch:
$ ls -la /tmp/libguestfsJFVzPg/
total 116192
drwxr-xr-x. 2 rjones rjones 4096 Jul 2 18:03 .
drwxrwxrwt. 56 root root 102400 Jul 2 18:03 ..
-rw-r--r--. 1 rjones rjones 118869504 Jul 2 18:03 initrd
lrwxrwxrwx. 1 rjones rjones 46 Jul 2 18:03 kernel -> /boot/vmlinuz-2.6.33-0.40.rc7.git0.fc13.x86_64
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Testing this against a Fedora disk image:
$ ./fish/guestfish --ro -a F13.img -m /dev/sda1 --listen
export GUESTFISH_PID=6033
$ ./fish/guestfish --remote=6033 -- ping-daemon
$ ./fish/guestfish --remote=6033 -- ping-daemon
$ ./fish/guestfish --remote=6033 -- exit
Without this fix the first remote command would fail because
qemu would have already been killed.
|
| | |
|
| | |
|
| |
|
|
| |
See: http://lists.fedoraproject.org/pipermail/devel/2010-June/137953.html
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There's a thread safety issue with the current OCaml bindings which
is well explained in the bug report:
https://bugzilla.redhat.com/show_bug.cgi?id=604691
This commit fixes the safety issue by copying strings temporarily
before releasing the thread lock. Updated code looks like this:
char *filename = guestfs_safe_strdup (g, String_val (filenamev));
int r;
caml_enter_blocking_section ();
r = guestfs_add_drive_ro (g, filename);
caml_leave_blocking_section ();
free (filename);
if (r == -1)
ocaml_guestfs_raise_error (g, "add_drive_ro");
Also included is a regression test.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This add an optional explicit $g->close method which may be
used to force the handle to be closed immediately. Note the
provisos about this method in the manual page entry. Callers
should *not* normally use this method.
The implementation of the handle also changes. Before, the
handle was a blessed reference to an integer (the integer
being the pointer to the C guestfs_h handle). Now we change
this to a hashref containing currently the following field:
_g => pointer to C guestfs_h handle (as an integer)
If this field is not present, it means that the handle has been
explicitly closed. This avoids double-freeing the handle.
The user may add their own fields to this hash in order to store
per-handle data. However any fields whose names begin with
an underscore are reserved for use by the Perl bindings.
This commit also adds a regression test.
This commit also changes the existing warning when you call
a method without a Sys::Guestfs handle as the first parameter,
into an error. This is because such cases are always errors.
|
| |
|
|
| |
Read the note in the man page before using this feature.
|
| | |
|
| | |
|
| |
|
|
| |
This reverts commit f8ee7869f4836427109959cf20e299a31fa86eaf.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Before this commit, if you used the -h and --csv options together
you would get these warnings from virt-df:
$ virt-df -h --csv Guest
Virtual Machine,Filesystem,Size,Used,Available,Use%
Argument "13.5G" isn't numeric in printf at /home/rjones/d/libguestfs/tools/virt-df line 298.
Argument "4.7G" isn't numeric in printf at /home/rjones/d/libguestfs/tools/virt-df line 298.
Argument "8.1G" isn't numeric in printf at /home/rjones/d/libguestfs/tools/virt-df line 298.
"/dev/vg_trick/RHEL55x64","/dev/VolGroup00/LogVol00",13,4,8,34.8%
Argument "98.7M" isn't numeric in printf at /home/rjones/d/libguestfs/tools/virt-df line 298.
Argument "18.8M" isn't numeric in printf at /home/rjones/d/libguestfs/tools/virt-df line 298.
Argument "74.9M" isn't numeric in printf at /home/rjones/d/libguestfs/tools/virt-df line 298.
"/dev/vg_trick/RHEL55x64","/dev/vda1",98,18,74,19.0%
We could fix this so that the human-readable numbers get written
into the CSV file. However would probably be wrong for most uses
of the CSV format (databases and spreadsheets) since they would not
be able to interpret these human-readable numbers, or worse could
misinterpret, eg. thinking that "1M" and "1G" are both 1.
Therefore this commit disallows this combination of options.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Previous commit 4df593496e116dfb635731c058b7627e81fc179c broke the
"file" command on logical volume paths, since these are symbolic
links. We *should* follow these (only).
This inadvertantly broke virt-inspector too, which indicates that
we need more regression testing in this area. Since carrying whole
Fedora images around could make the distribution even larger than
now, I'm not sure at the moment how to do this.
Thanks to Matt Booth for diagnosing this bug.
|
| |
|
|
|
|
|
|
|
| |
In my limited tests, this seems to make a small but noticable
difference, improving the performance of some straightforward
read operations by a little over 10%.
For more information see:
http://kbase.redhat.com/faq/docs/DOC-5428
|
| |
|
|
|
|
|
| |
To generate the "Bugs fixed" list, run the bugs-in-changelog script
like this:
./bugs-in-changelog 1.0.89..
|
| |
|
|
| |
Update BUGS and PO files.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The file call can hang if called on char devices (because we are
using the file -s option).
This is hard to solve cleanly without adding another file API.
However this restricts file to regular files, unless called explicitly
with a /dev/ path. For non-regular files, it will now return a
string like "directory".
There is a small semantic change for symbolic links. Previously
it would not have worked at all on absolute links (or rather, the
results would have been undefined). It would have treated relative
symlinks to regular files as the regular file itself. Now it will
return the string "symbolic link" in both cases.
This commit also makes the API safe when called on untrusted
filesystems. Previously a filesystem might have been set up so
that (eg) /etc/redhat-release was a char device, which would have
caused virt-inspector and virt-v2v to hang. Now it will not hang.
|
| | |
|
| |
|
|
|
|
|
|
| |
path = path to access file (/sysroot/.. or /dev/..)
display_path = original path, saved so we can display it
buf = optional buffer which is freed along return codepaths
There should be no change to the semantics of the code.
|
| | |
|
