| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
This could be used to touch an arbitrary file (albeit one which
must already exist), and this could have been a security problem.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
This change resolves several issues with current appliance
building:
(1) Old appliances are cleaned up.
(2) Race conditions between appliance building is handled better.
(3) Several bugs fixed.
|
| |
|
|
|
|
|
|
|
| |
This removes all support for building the ordinary / old
style appliance using febootstrap 2.x, debootstrap, debirf,
fakeroot and fakechroot.
Instead this uses febootstrap 3.x to build the supermin appliance
in a simpler cross-distro manner.
|
| |
|
|
| |
This file is not used for building the supermin appliance.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If supermin is disabled at compile time and the user just wants to
use the ordinary appliance, there is no need to compile in all
the supermin code, and in particular there is no need to check
for the supermin appliance (which involves running
febootstrap-supermin-helper that probably doesn't exist).
This fixes a warning message observed under Debian w/o supermin:
sh: febootstrap-supermin-helper: command not found
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cached appliances are discovered by their predictable path. Previously we were
creating a cached appliance directly in this predictable path. This had at least
2 undesirable effects:
* Interrupting appliance creation would leave a corrupt appliance
* 2 processes could simultaneously attempt to create the same appliance, causing
corruption.
This patch causes the cached appliance to be created in a temporary directory,
and then renamed to the predictable path. As rename is an atomic operation, this
makes the whole creation atomic.
This patch also changes the predictable path to have a prefix of 'guestfs.'.
This will make it simpler for system administrators to clean up old cached
appliances.
This patch resolves RHBZ#639405
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use febootstrap-supermin-helper's new -u and -g command line options to setuid,
rather than doing it in libguestfs.
This resolves an issue with the generation of the cached appliance checksum. The
checksum was being generated by a call to febootstrap-supermin-helper through
popen(). Unfortunately, a bash misfeature meant that euid would be reset to uid,
and the checksum was generated for uid, not euid. When virt-v2v is writing to a
RHEV target, uid == 0 and euid == 36, which resulted in a cached appliance being
created for root with permissions for uid 36.
Note this requires febootstrap 2.10.
|
| |
|
|
|
|
| |
A side-effect of change 17e7cb9937a63ed8f9bb0fb6ac7302758be76846 was the the
febootstrap-supermin-helper was no longer logged. This change adds it back using
the new guestfs___print_timestamped_argv internal function.
|
| |
|
|
|
|
|
| |
There's no need to have the appliance filename contain the
repository name it was built from, and this change gives
downstream users more freedom to mix and match libraries
and appliances if they want to.
|
| |
|
|
|
|
|
|
|
| |
Since the ext2-based appliance is cached, and since it is not
all loaded into memory (as with the initrd), we might as well
put all the kernel modules in there.
Note the kmod.whitelist.in file is still used for building the
ordinary appliance.
|
| |
|
|
|
|
|
| |
Be more consistent in allowing the user to override use of the
temporary directory by specifying $TMPDIR. Also prefer P_tmpdir
macro (defined in <stdio.h>) if that is defined, rather than
hard-coding "/tmp" for the fallback location.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When writing to a RHEV target, virt-v2v launches the libguestfs
appliance with euid:egid = 36:36, which is required to write to
an NFS target using root_squash.
Since we changed to using a cached appliance, this causes an error on
start up, as the cached files are owned by root, but the cache directory
is owned by 36:36. The reason is that bash resets euid to uid and
egid to gid so when febootstrap-supermin-helper is executed, it runs as
root:root. The cache directory was created by libguestfs directly so
it has the correct ownership.
This patch fixes the issue by using explicit fork/exec instead of
system (ie. not going via a shell) and by setting the real UID and
GID to the effective UID and GID before execing.
|
|
|
This changes the method used to build the supermin appliance
to use the new ext2-based appliance supported by latest febootstrap.
The appliance can also be cached, so we avoid rebuilding it
each time it is used.
Mailing list discussion goes into the rationale and details:
https://www.redhat.com/archives/libguestfs/2010-August/msg00028.html
Requires febootstrap >= 2.8.
|
