| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
guestfsd calls many different tools. Keeping track of all of them is
error prone. This patch introduces a new helper macro to put the command
string into its own ELF section:
GUESTFSD_EXT_CMD(C_variable, command_name);
This syntax makes it still possible to grep for used command names.
The actual usage of the collected list could be like this:
objcopy -j .guestfsd_ext_cmds -O binary daemon/guestfsd /dev/stdout |
tr '\0' '\n' | sort -u
The resulting output will be used to tell mkinitrd which programs to
copy into the initrd.
Signed-off-by: Olaf Hering <olaf@aepfle.de>
RWMJ:
- Move str_vgchange at request of author.
- Fix snprintf call in daemon/debug.c
|
| | |
|
| |
|
|
| |
This is equivalent to the tar option --numeric-owner.
|
| |
|
|
|
|
|
|
|
|
| |
The compress flag can be used to control compression, one of: (none),
"compress", "gzip", "bzip2", "xz", "lzop". Thus these calls can now
be used instead of tgz-in/tgz-out/txz-in/txz-out, and also support
more compression types.
Mark these APIs as once_had_no_optargs so that compatibility code is
generated.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
doesn't support chown (RHBZ#840572).
When using tar-in or tools built around it such as virt-make-fs, if
the target filesystem is vfat then unpacking the tarball would fail
because tar tries to chown(2) files and fails.
You would see errors such as:
tar: <file>: Cannot change ownership to uid 500, gid 500: Operation not permitted
This change detects whether the target filesystem supports chown(2).
If not, it adds the --no-same-owner flag to tar to stop it from trying
to change the ownership of newly created files.
|
| |
|
|
| |
Update all copyright dates to 2012.
|
| | |
|
| |
|
|
|
|
| |
Although this doesn't matter for the ordinary (appliance) case, it
matters for the libguestfs live case. In that case it could cause the
guest to be exploited by a tmp/symlink attack.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the case where both ends cancel at the same time (eg. both ends
realize there are errors before or during the transfer), previously we
skipped sending back an error from the daemon, on the spurious basis
that the library would not need it (the library is cancelling because
of its own error).
However this is wrong: we should always send back an error message
from the daemon in order to preserve synchronization of the protocol.
A simple test case is:
$ guestfish -N fs -m /dev/sda1 upload nosuchfile /
libguestfs: error: open: nosuchfile: No such file or directory
libguestfs: error: unexpected procedure number (66/282)
(Notice two things: there are errors at both ends, and the
loss of synchronization).
After applying this commit, the loss of synchronization does not occur
and we just see the library error:
$ guestfish -N fs -m /dev/sda1 upload nosuchfile /
libguestfs: error: open: nosuchfile: No such file or directory
The choice of displaying the library or the daemon error is fairly
arbitrary in this case -- it would be valid to display either or even
to combine them into one error. Displaying the library error only
makes the code considerably simpler.
This commit also (re-)enables a test for this case.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As a previous, incorrect attempt to fix RHBZ#576879 we tried to
prevent the daemon from sending an error reply if the daemon had
cancelled the transfer. This is wrong: the daemon should send an
error reply in these cases.
A simple test case is this:
guestfish -N fs -m /dev/sda1 upload big-file /
(This fails because the target "/" is a directory, not a file.)
Prior to this commit, libguestfs would hang instead of printing an
error. With this commit, libguestfs prints an error.
What is happening is:
(1) Library is uploading
a file (2) In the middle of the long
upload, daemon detects an error.
Daemon cancels.
(3) Library detects cancel,
sends cancel chunk, then waits
for the error reply from the
daemon. (4) Daemon is supposed to send
an error reply message.
Because step (4) wasn't happening, uploads that failed like this would
hang in the library (waiting for the error message, while the daemon
was waiting for the next request).
This also adds a regression test.
This temporarily breaks the "both ends cancel" case (RHBZ#576879c5).
Therefore the test for that is disabled, and this is fixed in the next
patch in the series.
This partially reverts commit dc706a639eec16084c0618baf7bfde00c6565f63.
|
| |
|
|
| |
This updates commit 0938509e0422363554023ab99381fd70a22a6e08.
|
| |
|
|
|
| |
This file is already hard-linked into the current directory, so
the relative path is not required.
|
| |
|
|
|
|
|
| |
On Ubuntu <= Karmic, xz-utils was not packaged, and therefore
any xz-related tests would fail. Thus make this an optional
group so that we can test for this and avoid running the tests
if xz utils are not present.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit improves the error messages from the tar-in, tgz-in (etc)
commands by capturing the stderr from the tar command in a file and
sending that back in the error message.
The method used for the error file is primitive, and there is a case
for a more generic error file mechanism, but this will do for now.
Sample error messages after this change:
$ virt-tar -u /tmp/test1.img /tmp/not.tar /
tar_in: tar subcommand failed on directory: /: tar: This does not look like a tar archive
tar: Skipping to next header
tar: Exiting with failure status due to previous errors at /home/rjones/d/libguestfs/tools/virt-tar line 247.
$ virt-tar -u /tmp/test1.img /tmp/test.tar /
tar_in: tar subcommand failed on directory: /: tar: access.log: Cannot open: Read-only file system
tar: Exiting with failure status due to previous errors at /home/rjones/d/libguestfs/tools/virt-tar line 247.
|
| |
|
|
|
| |
This commit shouldn't result in any change in the semantics
of the code.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
During a FileIn command (eg. upload, tar-in) if both sides
experience errors, then both sides could send cancel messages,
the result being lost synchronization.
The reason for the lost synch was because the daemon was ignoring
this case and sending an error message back which the library side
(which had cancelled) was not expecting.
Fix this by checking in the daemon for the case where the library
also cancels during daemon cancellation, and not sending an error
messages.
This also includes an enhanced regression test which checks for this
case.
This extends the original fix in
commit 5922d7084d6b43f0a1a15b664c7082dfeaf584d0.
More details can be found here:
https://bugzilla.redhat.com/show_bug.cgi?id=576879#c5
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Modify the generator so that it can correctly handle early
cancellation for Pathname|Device|.. parameters. This fixes
the upload command, but consequently we need to fix the
parameters for tar_in and t?z_in commands. This should also
mean that 'win:' can now be used as the second argument of
tar_in and t?z_in commands in guestfish, whereas previously
this wouldn't have worked.
Adds a regression test for the original problem.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This includes various code cleanups:
(a) A regression test for RHBZ#580246.
(b) Use write instead of fwrite to write out the tar file. This is
just because the error handling of write seems to be better
specified and easier to use.
(c) Use size_t instead of int for length.
(d) Clearer debug messages when in verbose mode.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The problem was this sequence of events:
(1) File transfer goes through OK.
(2) pclose returns failure (because 'tar' subprocess failed)
(3) We try to cancel the transfer by calling cancel_receive.
Step (3) fails because the transfer (as far as the library is
concerned) has succeeded, so causing a hang.
The more fundamental reason why we see steps (1) and (2) is that
'tar' does NOT fail immediately if there is a write error. Instead
it continues reading and discarding the input until the end of the
input before giving "Error exit delayed from previous errors".
IMHO this is a bug with tar, since an ENOSPC write error should
be fatal for tar.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The RPC stubs already prefix the command name to error messages.
The daemon doesn't have to do this. As a (small) benefit this also
makes the daemon slightly smaller.
Code in the daemon such as:
if (argv[0] == NULL) {
reply_with_error ("passed an empty list");
return NULL;
}
now results in error messages like this:
><fs> command ""
libguestfs: error: command: passed an empty list
(whereas previously you would have seen ..command: command:..)
|
| |
|
|
|
|
|
|
|
| |
* daemon/proto.c (send_chunk): Don't ignore socket-write error.
* daemon/proto.c (send_file_end): Return "int", not void,
so we can propagate send_chunk failure to caller.
* daemon/daemon.h (send_file_end): Update prototype.
* daemon/tar.c (do_tar_out, do_tgz_out): Update uses of send_file_end.
* daemon/upload.c (do_download): Likewise.
|
| |
|
|
|
|
|
|
|
|
| |
Nearly every file-related function in daemons/*.c is affected:
Remove this pair of statements from each affected do_* function:
- NEED_ROOT (return -1);
- ABS_PATH (dir, return -1);
and change the type of the corresponding parameter to "const char *".
* src/generator.ml: Emit NEED_ROOT just once, even when there are two or
more Pathname args.
|
| |
|
|
|
|
| |
run this command:
git grep -l -w NEED_ROOT|xargs perl -pi -e \
's/(NEED_ROOT) \((.*?)\)/$1 (return $2)/'
|
| |
|
|
|
|
| |
run this command:
git grep -l -w ABS_PATH|xargs perl -pi -e \
's/(?:ABS_PATH)( \(.*?,) (.*?)\)/ABS_PATH$1 return $2)/'
|
| |
|
|
|
|
|
| |
%Q => simple shell quoted string
%R => path will be prefixed by /sysroot
eg. snprintf (cmd, sizeof cmd, "cat %R", path); system (cmd);
|
| |
|
|
|
|
|
|
|
| |
Currently /sysroot is hard-coded throughout the daemon code.
This patch turns the path into a variable so that we can change
it in future, for example to allow standalone mode to be implemented.
This patch was tested by running all the C API tests successfully.
|
| | |
|
| |
|
|
|
|
| |
We are generally interested that the subcommand ran without
error, ie. had exit status of 0. 'pclose' returns the exit
status, so we now check that pclose (fp) != 0.
|
| | |
|
| | |
|
| | |
|
| |
|
