| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds four APIs for creating new LUKS devices
and key management. These are:
luks_format Format a LUKS device with the default cipher.
luks_format_cipher Format with a chosen cipher.
luks_add_key Add another key to an existing device.
luks_kill_slot Delete a key from an existing device.
This enables all the significant functionality of the
cryptsetup luks* commands.
Note that you can obtain the UUID of a LUKS device already
by using vfs-uuid.
This also includes a regression test covering all the LUKS
functions.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds support for opening LUKS-encrypted disks, via
three new APIs:
luks_open: Create a mapping for an encrypted disk.
luks_open_ro: Same, but read-only mapping.
luks_close: Close a mapping.
A typical guestfish session using this functionality looks
like this:
$ guestfish --ro -a encrypted.img
><fs> run
><fs> list-devices
/dev/vda
><fs> list-partitions
/dev/vda1
/dev/vda2
><fs> vfs-type /dev/vda2
crypto_LUKS
><fs> luks-open /dev/vda2 luksdev
Enter key or passphrase ("key"):
><fs> vgscan
><fs> vg-activate-all true
><fs> pvs
/dev/dm-0
><fs> vgs
vg_f13x64encrypted
><fs> lvs
/dev/vg_f13x64encrypted/lv_root
/dev/vg_f13x64encrypted/lv_swap
><fs> mount /dev/vg_f13x64encrypted/lv_root /
><fs> ll /
total 132
dr-xr-xr-x. 24 root root 4096 Jul 21 12:01 .
dr-xr-xr-x 20 root root 0 Jul 21 20:06 ..
drwx------. 3 root root 4096 Jul 21 11:59 .dbus
drwx------. 2 root root 4096 Jul 21 12:00 .pulse
-rw-------. 1 root root 256 Jul 21 12:00 .pulse-cookie
dr-xr-xr-x. 2 root root 4096 May 13 03:03 bin
NOT included in this patch:
- An easier way to use this from guestfish.
- Ability to create LUKS devices.
- Ability to change LUKS keys on existing devices.
- Direct access to the /dev/mapper device (eg. if it contains
anything apart from VGs).
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The BufferIn argument turns into various things:
in C const char *, size_t parameter pair
in XDR an opaque<> type (instead of string) which allows \0 chars
in other bindings
mostly just a string, since most languages except for C
permit strings to contain any 8 bit data
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously you might have typed:
$ guestfish
><fs> alloc test1.img 100M
><fs> run
><fs> part-disk /dev/sda mbr
><fs> mkfs ext4 /dev/sda1
now you can do the same with:
$ guestfish -N fs:ext4
Some tests have also been updated to use this new
functionality.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
todo list
|
| |
|
|
|
| |
No one cares for PPC, and if they do they should file these
as bugs in the bug tracker.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This implements FUSE filesystem support so that any libguestfs-
accessible disk image can be mounted as a local filesystem.
Note: file writes (ie. write(2) system call) is not yet implemented.
The API needs more test coverage, particularly lesser-used system
calls.
The big unresolved issue is UID/GID mapping between guest filesystem
IDs and the host. It's not easy to automate this because you need
extra details about the guest itself in order to get to its
UID->username map (eg. /etc/passwd from the guest).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
truncate, truncate_size: Used to truncate files to a particular
size, or to zero bytes.
mkdir_mode: Like mkdir but allows you to also specify the
initial permissions for the new directory.
utimens: Set timestamp on a file with nanosecond accuracy.
lchown: Corresponding to lchown(2) syscall (we already have chown).
The implementation is complicated by the fact that we had to
add an Int64 parameter type to the generator.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This command runs a "rescue appliance" against a virtual machine
or disk image. This is useful for making ad-hoc interactive
changes to virtual machines.
$ virt-rescue --ro /dev/vg_trick/F11x64
Welcome to virt-rescue, the libguestfs rescue shell.
Note: The contents of / are the rescue appliance.
You have to mount the guest's partitions under /sysroot
before you will be able to examine them.
bash: cannot set terminal process group (-1): Inappropriate ioctl for device
bash: no job control in this shell
><rescue> mount /dev/vg_f11x64/lv_root /sysroot
EXT4-fs (dm-0): barriers enabled
kjournald2 starting: pid 269, dev dm-0:8, commit interval 5 seconds
EXT4-fs (dm-0): internal journal on dm-0:8
EXT4-fs (dm-0): delayed allocation enabled
EXT4-fs: file extents enabled
EXT4-fs: mballoc enabled
EXT4-fs (dm-0): mounted filesystem with ordered data mode
><rescue> ls /sysroot/
bin dev home lib64 media opt root selinux sys usr
boot etc lib lost+found mnt proc sbin srv tmp var
><rescue> exit
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit changes guestfs_launch so that it both launches
the appliance and waits until it is ready (ie. the daemon communicates
back to us).
Since we removed the pretence that we could implement a low-level
asynchronous API, the need to call launch() followed by wait_ready()
has looked a bit silly.
Now guestfs_wait_ready() is basically a no-op. It is left in the
API for backwards compatibility. Any calls to guestfs_wait_ready()
can be removed from client code.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
swapon-device
swapoff-device
swapon-file
swapoff-file
swapon-label
swapoff-label
swapon-uuid
swapoff-uuid
mkswap-file
|
| | |
|
| |
|
|
|
| |
These commands can be used to make hard and symbolic links. The
readlink command is used to read existing symbolic links.
|
