| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
| |
Netpbm and icoutils (wrestool) have always been dependencies. Since
they are not always present, make these into optional dependencies
(which they were, sort of, before).
Also document these dependencies in the README file.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
This is just the 'kernel', 'initrd' and 'root' files, copied from one
machine to another, along with a 'README.fixed' file which is also
used for identification.
This allows the appliance to be copied from one machine to another,
making it easier for us to distribute a starter appliance for people
who cannot get febootstrap or appliance-building working.
|
| |
|
|
| |
This is just code motion.
|
| |
|
|
|
|
| |
Currently only ext2/3/4 and (newly) NTFS are supported.
This change also deprecates set-e2label.
|
| | |
|
| |
|
|
| |
Note this is not a "chkdsk" equivalent tool.
|
| |
|
|
|
|
| |
Limit the number of cpus below 255, since qemu can't support.
Signed-off-by: Wanlong Gao <gaowanlong@cn.fujitsu.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Appliance building can be called from multiple processes, but this is
only safe if each process holds a lock on the 'checksum' file.
However threads within a process are not excluded by a file lock, and
so this strategy completely failed for a multithreaded program calling
guestfs_launch in parallel.
Since it makes no sense for threads in a single program to race each
other to try to create the appliance, add a lock around appliance
building.
This serialises building the appliance, but the rest of guestfs_launch
(eg. starting up qemu) can run in parallel.
|
| |
|
|
|
|
|
| |
Add the new api wipefs to erase the filesystem signatures
on a device but now erase any data.
Signed-off-by: Wanlong Gao <gaowanlong@cn.fujitsu.com>
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit allows you to run the daemon under valgrind. You have to
enable it at configure time:
./configure --enable-valgrind-daemon
This should *not* be done for production builds.
When this feature is enabled, valgrind is added to the appliance and
the daemon is run under valgrind. Log messages from valgrind are
passed back over a virtio-serial channel into a file called
'valgrind.log.$PID' in the top build directory.
Running 'make check', 'make extra-tests' etc causes many
valgrind.log.* files to be created which must be examined by hand.
|
| |
|
|
| |
This fixes commit 37e07db1598b433c12ee643302712d81b2c5415d.
|
| | |
|
| | |
|
| |
|
|
| |
Update all copyright dates to 2012.
|
| |
|
|
| |
http://gcc.gnu.org/wiki/Visibility
|
| |
|
|
|
| |
This tool allows you to easily reformat a disk, creating a blank disk
with optional partition, LVM and empty filesystem.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
m: Wanlong Gao <gaowanlong@cn.fujitsu.com>
Add a new api e2fsck with two options:
correct: same as '-p' option of e2fsck
forceall: same as '-y' option of e2fsck
Thanks for Rich's idea.
v1->v2: use optargs_bitmask
v2->v3: change the optargs_bitmask check
Signed-off-by: Wanlong Gao <gaowanlong@cn.fujitsu.com>
|
| |
|
|
|
|
|
|
| |
Change the test for duplicate drives so that you're allowed to
add /dev/null multiple times. This corresponds to traditional
usage.
This amends commit be47b66c3033105a2b880dbc10bfc2b163b7eafe.
|
| |
|
|
|
|
| |
Move the filename's comma character checking to a wrapper.
Signed-off-by: Wanlong Gao <gaowanlong@cn.fujitsu.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Change the g->path to restore a absolute path instead of the mixed.
2. Check that if the adding drive is duplicated with the added drive.
Signed-off-by: Wanlong Gao <gaowanlong@cn.fujitsu.com>
RWMJ:
- Make sure abs_path is NULL before it is assigned, so freeing it
will work along the error path.
- Fix the test which added /dev/null multiple times.
|
| |
|
|
|
|
|
| |
Code cleanup.
Add a goto label to simplify the code.
Signed-off-by: Wanlong Gao <gaowanlong@cn.fujitsu.com>
|
| | |
|
| |
|
|
|
|
|
| |
This function does 'rm -rf <dir>' for temporary directories, safely
working if '<dir>' contains shell meta-characters.
Replace existing code for removing directories with this.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(CVE-2011-4127, RHBZ#757071)
CVE-2011-4127 is a serious qemu & kernel privilege escalation bug
found by Paolo Bonzini.
http://seclists.org/oss-sec/2011/q4/536
An untrusted guest kernel is able to issue special SG_IO ioctls on
virtio devices which qemu passes through to the host kernel without
filtering or sanitizing. These ioctls allow raw sectors from the
underlying host device to be read and written. Significantly, neither
qemu nor the host kernel checks that the range of sectors is within
the partition / LV assigned to the guest. For example, if the guest
is assigned host partition /dev/sda3, it would be able to read or
write any part of /dev/sda including other partitions and the boot
sector. Exploits through LVs passed to the guest are also possible,
with some limitations. File-backed virtual block devices are not
vulnerable. Non-virtio block devices are not vulnerable.
This patch mitigates the problem by disabling the SG_IO ioctl
passthrough in qemu. Thus if libguestfs is examining an untrusted
guest and the libguestfs appliance/daemon is compromised (eg. by
executing guest commands, or through some other compromise), then the
compromised appliance will not be able to issue the above SG_IO ioctls
and exploit the host.
Note that this is just mitigation for libguestfs. Users will still
want to fully update their host kernel, qemu/KVM and libvirt, in order
to prevent other (non-libguestfs) routes to compromise.
The following versions of libguestfs (will/have) this patch applied.
libguestfs >= 1.15.13
libguestfs >= 1.14.8
libguestfs >= 1.12.11
libguestfs >= 1.10.12
libguestfs >= 1.8.16
Earlier versions may be vulnerable unless a downstream packager has
applied this patch.
Cc: Hilko Bengen <bengen@hilluzination.de>
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
A NEW API blkid.
It can print the device attributes.
Use it after list-devices, we can list ower devices and the attributes
of each device.
Use it like:
blkid <device>
It's should be a usefull function.
Signed-off-by: Wanlong Gao <gaowanlong@cn.fujitsu.com>
|
| |
|
|
|
|
|
|
|
| |
This patch fixes inspection when fstab contains devices md devices
specified as /dev/mdN. The appliance creates these devices without reference to
the guest's mdadm.conf so, for e.g. /dev/md0 in the guest will often be created
as /dev/md127 in the appliance. With this patch, we match the uuids of detected
md devices against uuids specified in mdadm.conf, and map them appropriately
when we encounter them in fstab.
|
| |
|
|
|
|
|
|
| |
documentation
Since some modules (`getopt', for example) may copy files
into the build directory, `top_builddir/lib' is needed as well as
`top_srcdir/lib'. -- GNU Gnulib manual, section 2.2 Initial import
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Select non-comment labels using an augeas path to return the correct
nodes in the first instance, rather than applying a regular expression
to all results.
There is no functional change to the code.
RWMJ:
- Rebased to current HEAD.
- Move variable decls to top of function.
- Some whitespace changes.
- Remove check for errors from snprintf since it can never happen.
|
| | |
|
| | |
|
| |
|
|
|
| |
These tests are optional, and require a special environment and
tools to run.
|
| |
|
|
|
| |
If you enabled debugging (eg. LIBGUESTFS_DEBUG=1) then every
debug message printed would be leaked.
|
| |
|
|
|
|
|
|
| |
This API is used to stop a md device.
When we want to move a device to another md array, we should
stop the md device which contained this device first.
Signed-off-by: Wanlong Gao <gaowanlong@cn.fujitsu.com>
|
| |
|
|
| |
This change is in support of the addition of MD support to fstab inspection.
|
| | |
|
| | |
|
| | |
|
