summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Enable running the daemon under valgrind.Richard W.M. Jones2012-01-242-0/+18
| | | | | | | | | | | | | | | | | | This commit allows you to run the daemon under valgrind. You have to enable it at configure time: ./configure --enable-valgrind-daemon This should *not* be done for production builds. When this feature is enabled, valgrind is added to the appliance and the daemon is run under valgrind. Log messages from valgrind are passed back over a virtio-serial channel into a file called 'valgrind.log.$PID' in the top build directory. Running 'make check', 'make extra-tests' etc causes many valgrind.log.* files to be created which must be examined by hand. (cherry picked from commit d08806adfc5d111b4b6c761540ff508d3f25b66e)
* API support: Fix src/api-support/added file.Richard W.M. Jones2012-01-231-470/+470
| | | | | This fixes commit 37e07db1598b433c12ee643302712d81b2c5415d. (cherry picked from commit 734b1f662f4e563cc8baad3aca8cf751314e0e49)
* Update API support.Richard W.M. Jones2012-01-2324-474/+11234
|
* gobject: Document these bindings in guestfs(3).Richard W.M. Jones2012-01-221-0/+7
|
* Tempus fugit.Richard W.M. Jones2012-01-1814-14/+14
| | | | Update all copyright dates to 2012.
* lib: Use -fvisibilty=hidden by default; only ABI symbols are now visible.Richard W.M. Jones2012-01-181-3/+5
| | | | http://gcc.gnu.org/wiki/Visibility
* New tool: virt-format: erase and make blank disks.Richard W.M. Jones2012-01-181-0/+5
| | | | | This tool allows you to easily reformat a disk, creating a blank disk with optional partition, LVM and empty filesystem.
* NEW API: add a new api e2fsckWanlong Gao2012-01-131-1/+1
| | | | | | | | | | | | | | m: Wanlong Gao <gaowanlong@cn.fujitsu.com> Add a new api e2fsck with two options: correct: same as '-p' option of e2fsck forceall: same as '-y' option of e2fsck Thanks for Rich's idea. v1->v2: use optargs_bitmask v2->v3: change the optargs_bitmask check Signed-off-by: Wanlong Gao <gaowanlong@cn.fujitsu.com>
* Allow /dev/null to be added multiple times.Richard W.M. Jones2012-01-101-1/+8
| | | | | | | | Change the test for duplicate drives so that you're allowed to add /dev/null multiple times. This corresponds to traditional usage. This amends commit be47b66c3033105a2b880dbc10bfc2b163b7eafe.
* launch: move the filename checking to a wrapperWanlong Gao2012-01-091-6/+12
| | | | | | Move the filename's comma character checking to a wrapper. Signed-off-by: Wanlong Gao <gaowanlong@cn.fujitsu.com>
* launch: don't add a drive twiceWanlong Gao2012-01-091-2/+12
| | | | | | | | | | | | | | 1. Change the g->path to restore a absolute path instead of the mixed. 2. Check that if the adding drive is duplicated with the added drive. Signed-off-by: Wanlong Gao <gaowanlong@cn.fujitsu.com> RWMJ: - Make sure abs_path is NULL before it is assigned, so freeing it will work along the error path. - Fix the test which added /dev/null multiple times.
* launch: add a goto label when add_drive errorWanlong Gao2012-01-091-18/+11
| | | | | | | Code cleanup. Add a goto label to simplify the code. Signed-off-by: Wanlong Gao <gaowanlong@cn.fujitsu.com>
* lib: Try harder to remove temporary directory along error paths (RHBZ#769680).Richard W.M. Jones2011-12-231-1/+11
|
* lib: Add guestfs___remove_tmpdir helper function.Richard W.M. Jones2011-12-235-46/+35
| | | | | | | This function does 'rm -rf <dir>' for temporary directories, safely working if '<dir>' contains shell meta-characters. Replace existing code for removing directories with this.
* Security: Mitigate possible privilege escalation via SG_IO ioctl ↵Richard W.M. Jones2011-12-221-0/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (CVE-2011-4127, RHBZ#757071) CVE-2011-4127 is a serious qemu & kernel privilege escalation bug found by Paolo Bonzini. http://seclists.org/oss-sec/2011/q4/536 An untrusted guest kernel is able to issue special SG_IO ioctls on virtio devices which qemu passes through to the host kernel without filtering or sanitizing. These ioctls allow raw sectors from the underlying host device to be read and written. Significantly, neither qemu nor the host kernel checks that the range of sectors is within the partition / LV assigned to the guest. For example, if the guest is assigned host partition /dev/sda3, it would be able to read or write any part of /dev/sda including other partitions and the boot sector. Exploits through LVs passed to the guest are also possible, with some limitations. File-backed virtual block devices are not vulnerable. Non-virtio block devices are not vulnerable. This patch mitigates the problem by disabling the SG_IO ioctl passthrough in qemu. Thus if libguestfs is examining an untrusted guest and the libguestfs appliance/daemon is compromised (eg. by executing guest commands, or through some other compromise), then the compromised appliance will not be able to issue the above SG_IO ioctls and exploit the host. Note that this is just mitigation for libguestfs. Users will still want to fully update their host kernel, qemu/KVM and libvirt, in order to prevent other (non-libguestfs) routes to compromise. The following versions of libguestfs (will/have) this patch applied. libguestfs >= 1.15.13 libguestfs >= 1.14.8 libguestfs >= 1.12.11 libguestfs >= 1.10.12 libguestfs >= 1.8.16 Earlier versions may be vulnerable unless a downstream packager has applied this patch. Cc: Hilko Bengen <bengen@hilluzination.de>
* tests: Split images -> tests/data + tests/guestsRichard W.M. Jones2011-12-221-6/+0
|
* tests: Rename extratests -> tests/extra.Richard W.M. Jones2011-12-221-5/+0
|
* tests: Split regressions -> various subdirectories of tests/Richard W.M. Jones2011-12-221-6/+3
|
* tests: Rename capitests -> tests/c-api.Richard W.M. Jones2011-12-221-5/+1
|
* tests: Rename caution -> tests/qemu.Richard W.M. Jones2011-12-221-5/+0
|
* tests: Document new tests/ subdirectory.Richard W.M. Jones2011-12-221-0/+4
|
* docs: Arrange directory names in alphabetical order.Richard W.M. Jones2011-12-221-4/+4
|
* Fix rpcgen post-processing for out-of-tree buildsHilko Bengen2011-12-061-1/+1
|
* NEW API: add blkid command to print the attributes of the deviceWanlong Gao2011-12-031-1/+1
| | | | | | | | | | | | A NEW API blkid. It can print the device attributes. Use it after list-devices, we can list ower devices and the attributes of each device. Use it like: blkid <device> It's should be a usefull function. Signed-off-by: Wanlong Gao <gaowanlong@cn.fujitsu.com>
* inspection: Handle MD devices in fstabMatthew Booth2011-12-021-7/+323
| | | | | | | | | This patch fixes inspection when fstab contains devices md devices specified as /dev/mdN. The appliance creates these devices without reference to the guest's mdadm.conf so, for e.g. /dev/md0 in the guest will often be created as /dev/md127 in the appliance. With this patch, we match the uuids of detected md devices against uuids specified in mdadm.conf, and map them appropriately when we encounter them in fstab.
* libguestfs: Added gnulib includes from builddir, as suggested by the Gnulib ↵Hilko Bengen2011-12-011-1/+1
| | | | | | | | documentation Since some modules (`getopt', for example) may copy files into the build directory, `top_builddir/lib' is needed as well as `top_srcdir/lib'. -- GNU Gnulib manual, section 2.2 Initial import
* protocol: Memory leak: Free temporary buffer along recv_discard path.Richard W.M. Jones2011-11-291-0/+1
|
* inspection: Cleanup iteration over fstab entries in inspect_fs_unix.cMatthew Booth2011-11-291-28/+24
| | | | | | | | | | | | | | Select non-comment labels using an augeas path to return the correct nodes in the first instance, rather than applying a regular expression to all results. There is no functional change to the code. RWMJ: - Rebased to current HEAD. - Move variable decls to top of function. - Some whitespace changes. - Remove check for errors from snprintf since it can never happen.
* inspection: Add outline support for GNU/Hurd.Richard W.M. Jones2011-11-286-0/+52
|
* Update API support.Richard W.M. Jones2011-11-2417-0/+7262
|
* Add 'make extra-tests' rule and run extra tests.Richard W.M. Jones2011-11-241-0/+5
| | | | | These tests are optional, and require a special environment and tools to run.
* lib: Fix memory leak when debugging enabled (found by valgrind).Richard W.M. Jones2011-11-241-0/+2
| | | | | If you enabled debugging (eg. LIBGUESTFS_DEBUG=1) then every debug message printed would be leaked.
* New API: md-stop for stopping MD devicesWanlong Gao2011-11-241-1/+1
| | | | | | | | This API is used to stop a md device. When we want to move a device to another md array, we should stop the md device which contained this device first. Signed-off-by: Wanlong Gao <gaowanlong@cn.fujitsu.com>
* NFC: Allow multiple config files in inspect_with_augeas in inspect_fs_unix.cMatthew Booth2011-11-241-19/+59
| | | | This change is in support of the addition of MD support to fstab inspection.
* NFC: Consolidate the error path in check_fstab in inspect_fs_unix.cMatthew Booth2011-11-241-14/+9
|
* md: Inspect MD devicesMatthew Booth2011-11-241-0/+16
|
* NFC: Declare and use variables on the same line in inspect.cMatthew Booth2011-11-241-4/+2
|
* Add guestfs-testing(1) man page.Richard W.M. Jones2011-11-201-0/+1
| | | | This contains suggested manual tests that users can run.
* New API: mdadm-detail.Matthew Booth2011-11-171-1/+1
|
* Update list-filesystems to check md devices.Matthew Booth2011-11-111-24/+27
|
* New API: list-md-devices.Matthew Booth2011-11-111-1/+1
| | | | | | | Return a list of Linux MD devices detected in the guest. This API complements list_devices, list_partitions, list_lvs and list_dm_devices.
* New API: mdadm-create for creating MD devices.Richard W.M. Jones2011-11-111-1/+1
|
* 32 bit: Use %td for ptrdiff_t (difference between two pointers).Richard W.M. Jones2011-11-111-1/+1
|
* New API: Bind the tune2fs command.Richard W.M. Jones2011-11-111-1/+1
| | | | | | | | | | | | | Previously we bound the 'tune2fs -l' command so that we could list out the tunables of an ext2/3/4 filesystem. Also commands like set_e2label and set_e2uuid used tune2fs. This commit binds many of the tunables that can be set using tune2fs. The coverage is not complete, but we can add more later because this uses optional parameters so the call is extensible without breaking ABI. The current change gives us enough for using libguestfs within OpenStack.
* Update FSF address.Matthew Booth2011-11-082-2/+2
|
* Update API support.Richard W.M. Jones2011-10-2612-0/+5009
|
* add-domain: Add readonlydisk optional argument (RHBZ#747290).Richard W.M. Jones2011-10-261-17/+91
| | | | | | | | | | | | | | | This optional argument controls how <readonly/> disks in the libvirt XML are handled. It can be set to one of: "write" (default) - add them R/W "read" - add them R/O "error" - throw an error if asked to add them R/W "ignore" - ignore these disks I have added limited regression tests for this feature. However libvirt's test:/// XML does not allow you to specify that a domain starts off shut down, so we cannot fully test this. Instead I tested it by hand.
* libvirt: Detect if a disk has the <readonly/> flag.Richard W.M. Jones2011-10-261-3/+17
| | | | | | This changes the private function guestfs___for_each_disk so that the <readonly/> flag on libvirt disks is detected and passed through to the callback function.
* New APIs: copy-{file,device}-to-{file,device}.Richard W.M. Jones2011-10-262-9/+24
| | | | | | | | | | | The four new APIs: guestfs_copy_device_to_device, guestfs_copy_device_to_file, guestfs_copy_file_to_device, and guestfs_copy_file_to_file let you copy from a source to a destination, between files and devices, optionally allowing source and destination offsets and size to be specified.
* New API: part-to-partnumRichard W.M. Jones2011-10-251-1/+1
| | | | | | This converts a partition device name (eg. /dev/sda1) to a partition number (eg. 1). This is useful in conjunction with the parted APIs that mostly take a disk device + partnum.
generated by cgit (git 2.34.1) at 2025-08-31 09:35:50 +0000