RELEASE NOTES FOR LIBGUESTFS 1.32
These release notes only cover the differences from the previous stable/dev branch split (1.30.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.New features
New toolsThe new virt-v2v-copy-to-local(1) tool is an ancillary tool for virt-v2v(1) allowing you to convert source guests that virt-v2v is unable to access directly.
New features in existing tools
Virt-customize knows how to write a random seed to CirrOS (Pino Toscano).
On Fedora, virt-customize runs dnf(8) with the --best flag, ensuring it always updates to the latest available packages.
Virt-builder now provides 32 bit Fedora templates.
Virt-builder and virt-customize --install option now works on 32 bit Fedora guests. Previously it would try to install 64 bit packages (Jan Sedlák).
Virt-builder can now fetch cloud images using Simple Streams v1.0 metadata (Pino Toscano).
Virt-builder can now fetch openSUSE cloud images out of the box (Cédric Bosdonnat).
Virt-customize will now use stronger (SHA-512) encrypted passwords by default on openSUSE ≥ 11 (Pino Toscano).
Virt-builder will now correctly handle output filenames containing colon characters (":"), and will create temporary files in the libguestfs cache directory instead of defaulting to /tmp (Pino Toscano).
Virt-resize has a new --unknown-filesystems option to control what to do when asked to resize a filesystem that libguestfs doesn't know how to resize.
Virt-v2v now has an --in-place flag/mode, allowing in-place conversion of guests (Roman Kagan).
Virt-v2v has a --compressed option for creating compressed qcow2 output files.
Virt-v2v can now correctly get the VMware datacenter path (dcPath) from libvirt, instead of having to calculate it using an algorithm that occasionally got the wrong answer (Matthias Bolte, Tingting Zheng).
Virt-v2v now processes RAM sizes correctly for 64 bit guests when running on a 32 bit host.
Language bindings
In Perl and Python programs, the "get_program_name" API now returns the true program name, instead of the incorrect string "perl" or "python".
The Python bindings can now be compiled against a different version of libguestfs, allowing the pip module to be built against any version of libguestfs (instead of requiring the pip module and libguestfs to have exactly the same version).
The quality of the Ruby rdoc (documentation) has been improved (Pino Toscano).
Perl scripts no longer hard-code the location of perl in the shebang line, but use env(1) to locate it instead (Pino Toscano).
In OCaml programs, the guestfs handle was incorrectly made into a global root, meaning it could never be garbage collected. If you didn't call the "close" function explicitly, the handle would not be closed until the whole program exited. This has now been fixed so handles will be garbage collected in the usual way. This changes the API of the OCaml function "Guestfs.event_callback". Note that non-C language bindings are not covered by the libguestfs API/ABI guarantee, although we try hard not to change them, but in this case it was essential in order to fix this very serious bug.
Inspection
Alpine Linux and the APK package manager, ALT Linux, Frugalware, and PLD Linux are now recognized (Pino Toscano).
If it exists, /etc/os-release will be preferred for inspecting Linux guests (Pino Toscano).
The correct kernel version is returned for Windows guests ≥ 10.
Documentation
The large guestfs(3) man page has been split into several separate man pages: guestfs-hacking(1) guestfs-internals(1) guestfs-security(1). In the source tree, a new docs directory contains this documentation.
Architectures and platforms
Libguestfs now supports ARM 64 bit platforms with vGICv3.
Security
See also guestfs-security(1).- "CVE-2015-5745"
-
https://bugzilla.redhat.com/1251157
This is not a vulnerability in libguestfs, but because we always give a virtio-serial port to each guest (since that is how guest-host communication happens), an escalation from the appliance to the host qemu process is possible. This could affect you if:
-
- your libguestfs program runs untrusted programs out of the guest (using ``guestfs_sh'' etc), or
- another exploit was found in (for example) kernel filesystem code that allowed a malformed filesystem to take over the appliance.
-
If you use sVirt to confine qemu, that would thwart some attacks.
-
- Virt-customize permissions on .ssh, .ssh/authorized_keys
-
https://bugzilla.redhat.com/1260778.
Previously when asked to inject an SSH key into a guest, virt-customize (hence virt-builder too) would create the .ssh directory and .ssh/authorized_keys file with too broad permissions, allowing other users to read. They are now created as 0700 and 0600 respectively, which is the same as the ssh-copy-id(1) utility.
API
New APIs- "guestfs_get_identifier"
- "guestfs_set_identifier"
-
Get/set a per-handle identifier. The main effect of this is to change trace
output from:
libguestfs: trace: foo
to:
libguestfs: trace: ID: foo
making it easier to follow traces in multi-threaded programs, or where a program uses multiple handles (especially virt-v2v).
- "guestfs_vfs_minimum_size"
- Return the minimum size of a filesystem (when shrunk). This supports ext2/3/4, XFS and btrfs, and can support other filesystem types in future (Maxim Perevedentsev).
Other API changes
- "guestfs_disk_create": add "preallocation" = "off"/"metadata"/"full".
-
For raw, this allows "off" as a synonym for "sparse" (making it consistent
with qcow2). For qcow2, this allows "sparse" as a synonym for "off".
It also adds "full", which corresponds to fully allocated, but uses posix_fallocate(3) for efficiency.
- "guestfs_tar_in": new "xattrs", "selinux", "acl" parameters.
- "guestfs_tar_out": new "xattrs", "selinux", "acl" parameters.
- These extra parameters control whether extended attributes, SELinux contexts and/or POSIX ACLs are restored from / saved to tarballs.
- "guestfs_add_drive"
- The existing "username" and "secret" parameters can be used to supply authentication for iSCSI (Pino Toscano).
Build changes
The "./configure --enable-valgrind-daemon" option has been removed.You can no longer build libguestfs on RHEL 5-era (c.2007) machines. See the "oldlinux" branch if you need (limited) RHEL 5 support.
Virt-p2v can now be built on RHEL 6-era (c.2010) Linux distros.
OCaml ≥ 3.11 (released in 2008) is now required to build from git.
Building the Perl bindings now requires "Module::Build" (instead of "ExtUtils::MakeMaker").
Builds should be faster (especially when incrementally rebuilding), because work was done to reduce build times.
Both OCaml and the OCaml findlib module are required if you need to run the generator at build time. Previously the build would have failed if findlib was not installed.
"make check" tests now run in parallel (within each test directory).
"make install" no longer installs OCaml bindtests.* files incorrectly.
"make install" can now be run twice. Previously it would fail on the second run.
"make clean" should now remove nearly every file that "make" creates.
A new "make installcheck" rule has been added, allowing the installed copy of libguestfs to be tested.
内部
Some effort was put into minimizing the size of the appliance, which reduces temporary disk space and time needed by libguestfs handles.The appliance now passes the NIC name to dhcpd, fixing hangs when running the appliance on some distros (Cédric Bosdonnat).
OCaml "Guestfs.Errno" is now generated (Pino Toscano).
In OCaml tools, common code now handles --debug-gc, --verbose and other common options (Roman Kagan, Pino Toscano).
The virt-v2v test harness allows us to boot the test guests at fixed dates in the past, ensuring that Windows reactivation doesn't kick in.
There is a new internal API for reading/writing a subprocess via a pipe from library code.
Used "deheader" program to remove unused "#include" directives.
In OCaml tools, the "Char" and "String" modules now implicitly reference the "Common_utils.Char" and "Common_utils.String" modules (instead of the ones from stdlib). The "Common_utils" modules contain a number of extra char/string utility functions, and also hide some unsafe functions in stdlib.
Many more virt-v2v tests will now be run even if you don't have rhsrvany and virtio-win installed (Roman Kagan).
The huge configure.ac file has been split into several smaller files called m4/guestfs_*.m4.
The old tests/data and tests/guests directories have been moved to test-data/. This new top level directory carries all test data which is common, large and/or shared between multiple tests.
There is a new top level website/ directory containing the public http://libguestfs.org website (or most of it).
The fuzz testing of inspection (tests/fuzz) has been removed.
Virt-p2v now saves the source physical machine dmesg output into the conversion server debug directory, making it simpler to debug cases of missing drivers, firmware etc.
バグ修正
- https://bugzilla.redhat.com/1294956
- set-label returns wrong error message when set the ext3/ext4 filesystem label
- https://bugzilla.redhat.com/1288733
- Add a Fedora 23 32-bit base image for virt-builder
- https://bugzilla.redhat.com/1288201
- virt-builder writes temporary files to /tmp
- https://bugzilla.redhat.com/1285847
- virt-resize does not copy logical partitions
- https://bugzilla.redhat.com/1281578
- virt-inspector returns version 6.3 for win10 images (should return 10.0)
- https://bugzilla.redhat.com/1281577
- virt-inspector --xpath segfault on attribute get
- https://bugzilla.redhat.com/1280029
- libguestfs can run commands with stdin not open (or worse still, connected to arbitrary guest-chosen random devices)
- https://bugzilla.redhat.com/1279273
- About compression option for qcow2
- https://bugzilla.redhat.com/1278878
- guestfish should be able to handle LVM thin layouts
- https://bugzilla.redhat.com/1278382
- DNF python programming error when run from virt-builder
- https://bugzilla.redhat.com/1278371
- inspection returns arch=``unknown'' for Windows guest if file command is not installed
- https://bugzilla.redhat.com/1277274
- Document permissions needed for non-admin users to use virt-v2v
- https://bugzilla.redhat.com/1277122
- RFE: virt-sparsify: make '--in-place' sparsification safe to abort (gracefully or ungracefully)
- https://bugzilla.redhat.com/1277074
- Virt-p2v client shouldn't present the vdsm option because it's not usable
- https://bugzilla.redhat.com/1276540
- virt-v2v fails to convert Windows raw image: error ``device name is not a partition''
- https://bugzilla.redhat.com/1275806
- virt-builder: error: [file] is not a regular file in the guest
- https://bugzilla.redhat.com/1270011
- Simplestreams test fails: virt-builder: error: the value for the key 'size' is not an integer
- https://bugzilla.redhat.com/1267032
- guestfish copy-in command behaves oddly/unexpectedly with wildcards
- https://bugzilla.redhat.com/1262983
- python: Cannot compile pip module if installed libguestfs != pip guestfs version
- https://bugzilla.redhat.com/1262127
- Better diagnostic message when virbr0 doesn't exist
- https://bugzilla.redhat.com/1261436
- No warning shows when convert a win7 guest with AVG AntiVirus installed
- https://bugzilla.redhat.com/1260778
- virt-builder --ssh-inject doesn't set proper permissions on created files
- https://bugzilla.redhat.com/1260689
- RFE: V2V to check and warn user to disable group policy and anti virus on Windows guests
- https://bugzilla.redhat.com/1260590
- Wrong graphics protocal and video type set for guest after convert to rhev 3.6 by virt-v2v
- https://bugzilla.redhat.com/1258342
- extra slashes in vcenter URL confuses virt-v2v
- https://bugzilla.redhat.com/1257895
- [RHEV][V2V] virt-v2v ignores NIC if interface source/@network or source/@bridge is an empty string
- https://bugzilla.redhat.com/1256405
- virt-builder created Fedora 22 32bit disk image cannot be updated
- https://bugzilla.redhat.com/1256222
- virt-p2v no GUI mode:error opening control connection to $ip:22:unexpected …rompt
- https://bugzilla.redhat.com/1251909
- Option -oa preallocated -of qcow2 of virt-v2v didn't work efficiently
- https://bugzilla.redhat.com/1250715
- v2v: spaces need to be escaped as %20 in paths
- https://bugzilla.redhat.com/1248678
- Close all incoming ports on virt-p2v ISO
- https://bugzilla.redhat.com/1246882
- man virt-customize shows synopsis twice
- https://bugzilla.redhat.com/1242853
- mount-loop failed to setup loop device: No such file or directory
- https://bugzilla.redhat.com/1237136
- BUG: unable to handle kernel NULL pointer dereference at <addr> in function __blkg_lookup
- https://bugzilla.redhat.com/1230412
- virt-v2v should ignore bogus kernel entries in grub config
- https://bugzilla.redhat.com/1229119
- Unrelated info in fstab makes virt-v2v fail with unclear error info
- https://bugzilla.redhat.com/1227609
- virt-p2v: Using ``Back'' button causes output list to be repopulated multiple times
- https://bugzilla.redhat.com/1225789
- Wrong video driver is installed for rhel5.11 guest after conversion to libvirt
- https://bugzilla.redhat.com/1204131
- RFE: virt-builder creates qcow v3 images, add build option for qcow v2
- https://bugzilla.redhat.com/1176801
- File /etc/sysconfig/kernel isn't updated when convert XenPV guest with regular kernel installed
- https://bugzilla.redhat.com/1174551
- ``lstatnslist'' and ``lstatlist'' don't give an error if the API is used wrongly
- https://bugzilla.redhat.com/1168223
- koji spin-livecd cannot build a working live CD
- https://bugzilla.redhat.com/1165785
- mount-loop command fails: mount failed: Unknown error -1
- https://bugzilla.redhat.com/1164708
- set-label can only set <=127 bytes for btrfs and <=126 bytes for ntfs filesystem which not meet the help message. Also for ntfs it should give a warning message when the length >128 bytes
- https://bugzilla.redhat.com/1020216
- libvirt fails to shut down domain: could not destroy libvirt domain: Requested operation is not valid: domain is not running
- https://bugzilla.redhat.com/1011907
- mount-loop failed to setup loop device: No such file or directory
RELEASE NOTES FOR LIBGUESTFS 1.30
These release notes only cover the differences from the previous stable/dev branch split (1.28.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.New features
New toolsvirt-dib(1) is a secure and safe alternative to the OpenStack ``diskimage-builder'' tool. It is compatible with diskimage-builder elements. (Pino Toscano)
virt-get-kernel(1) extracts the kernel and ramdisk from a disk image. Previously this functionality was part of virt-builder(1), but the new tool is more featureful. (Pino Toscano)
New features in existing tools
virt-v2v(1) -i ova mode can now read a wider range of OVA files, and also unpacked files (directories).
virt-v2v now securely passes options to curl, so passwords, cookies and so on cannot be seen by users with shell access on the same machine.
virt-v2v has a new --password-file option to allow you to securely pass in a password, and to avoid an interactive prompt.
virt-v2v disables Windows autoreboot, making debugging conversion failures on Windows easier.
virt-v2v now comes with an extensive external test suite. See virt-v2v-test-harness(1).
virt-v2v allows virtio drivers to come from any location (Roman Kagan), and drivers can be read directly from the virtio ISO.
virt-v2v supports conversion of Windows ≥ 8. Note this is experimental, and possibly broken. Use with caution.
virt-v2v can now convert UEFI guests.
virt-p2v(1) adds a network configuration dialog.
virt-p2v now has "p2v.pre", "p2v.post" and "p2v.fail" triggers, allowing arbitrary scripts for preparing the host for conversion and tidying up post-conversion.
virt-p2v now uses the more advanced metacity window manager (instead of matchbox).
virt-sysprep(1) will remove "/var/spool/mail/username" for non-root accounts (Hu Tao).
virt-customize(1), virt-builder(1) and virt-sysprep have the following new options:
- --commands-from-file
- allow long lists of commands to be read from a file instead of from the command line (Pino Toscano)
- --copy
- copy files inside the guest (Maros Zatko)
- --copy-in
- copy host files recursively into the guest (Pino Toscano)
- --move
- move files inside the guest (Maros Zatko)
- --ssh-inject
- inject SSH keys into a guest (Pino Toscano)
- --sm-attach
- --sm-credentials
- --sm-register
- --sm-remove
- --sm-unregister
- register and unregister a guest from subscription-manager (Pino Toscano)
- --touch
- touch a file in the guest (Pino Toscano)
- --truncate
- --truncate-recursive
- truncate files (Maros Zatko)
Improvements to virt-customize firstboot support. In particular, Windows firstboot should work as well as Linux (Roman Kagan).
virt-df(1) can now use PolicyKit, SASL and other authentication methods when getting the list of domains from libvirt.
Improvements to guestfish bash completion (Pino Toscano).
Bash completion now completes short options as well as long options (Pino Toscano).
guestfish(1) now displays a command synopsis if the number of parameters given to a command is wrong (Hu Tao).
virt-builder now supports Red Hat Enterprise Linux versions back to RHEL 3.
virt-builder supports SUSE guests using zypper (Cédric Bosdonnat).
Language bindings
The Java bindings now include validated Javadoc, and other improvements (Pino Toscano).
Multiple fixes and improvements to the PHP bindings (Pino Toscano).
Inspection
Inspection can now get icons from RHEL 7 and CentOS 7.
/etc/favicon.png is now allowed to be a symbolic link.
For RPM-based guests, inspection now returns RPM Epoch fields.
Debian packages now have separate Epoch and Version fields (Nikos Skalkotos).
OpenBSD detection added, FreeBSD and NetBSD added as separate ``distros'', and other BSD inspection improvements and bug fixes (Nikos Skalkotos).
CoreOS detection added (Nikos Skalkotos).
The package manager in Fedora ≥ 22 is "dnf".
ReactOS guests can be inspected (Maros Zatko).
Add support for UEFI guests.
Inspection now works when kernel modules are gzip or xz compressed (Pino Toscano).
Inspection now recognizes ppc64 and ppc64le guests (Maros Zatko).
Inspection lists the installed applications on Archlinux guests (Nikos Skalkotos).
Architectures and platforms
PPC64 (POWER7) and PPC64LE (POWER8) architectures are now much better supported, and should work out of the box.
For aarch64, we use AAVMF (an open source UEFI implementation based on OVMF) if available to run the appliance.
For armv7, we now use the -M virt machine type by default.
There is better support for compiling on non-Linux platforms (Pino Toscano, Margaret Lewicka).
Libguestfs should now work on MIPS 32 bit little endian (``mipsel''). I have not been able to try 64 bit or big endian.
Security
- CVE-2014-8484
- CVE-2014-8485
- Libguestfs previously ran the strings(1) utility on untrusted files. Strings could parse BFD headers in an unsafe way, leading to possible arbitrary code execution. Libguestfs now runs strings with a flag to ensure it does not try to parse BFD headers. This could have led to exploitation of the libguestfs appliance, but since libguestfs further constrains the appliance through virtualization, SELinux and other techniques, it was unlikely to have caused any privilege escalation on the host.
- XPath injection in virt-v2v
-
One possible XPath injection vulnerability was fixed in virt-v2v. This
might have allowed a malicious guest which was being converted by virt-v2v
to construct an arbitrary XPath expression which would have been evaluated
on the host (by the libxml2 library linked to the virt-v2v binary). It is
not clear what the effects of this might be.
For further information, see upstream commit https://github.com/libguestfs/libguestfs/commit/6c6ce85f94c36803fe2db35a98db436bff0c14b0
- Denial of service problems when using "qemu-img info"
-
When using the American Fuzzy Lop fuzzer ("afl-fuzz") on the "qemu-img
info" command, Richard W.M. Jones found that certain files can cause the
"qemu-img" program to use lots of memory and time (for example 6GB of heap
and 14 seconds of CPU time on a fast Intel processor), and in some cases to
crash. Since libguestfs may run "qemu-img info" on disk images to find out
what they contain, this transitively could cause libguestfs to hang or
consume lots of memory.
Libguestfs was modified so that it uses resource limits to limit the space and time used by "qemu-img info", to avoid this problem. If a malicious user tries to pass one of these disk images to libguestfs, "qemu-img" will crash and the crash is reported back to libguestfs callers as an error message.
API
New APIs- "guestfs_add_libvirt_dom"
- This exposes a previously private API that allows you to pass a "virDomainPtr" object directly from libvirt to libguestfs.
- "guestfs_blockdev_setra"
- Adjust readahead parameter for devices. See "blockdev --setra" command.
- "guestfs_btrfs_balance"
- "guestfs_btrfs_balance_cancel"
- "guestfs_btrfs_balance_pause"
- "guestfs_btrfs_balance_resume"
- "guestfs_btrfs_balance_status"
- Balance support for Btrfs filesystems (Hu Tao).
- "guestfs_btrfs_filesystem_defragment"
- Filesystem defragmentation support for Btrfs filesystems (Hu Tao).
- "guestfs_btrfs_image"
- Create an image of a Btrfs filesystem (Chen Hanxiao)
- "guestfs_btrfs_qgroup_assign"
- "guestfs_btrfs_qgroup_create"
- "guestfs_btrfs_qgroup_destroy"
- "guestfs_btrfs_qgroup_limit"
- "guestfs_btrfs_qgroup_remove"
- "guestfs_btrfs_qgroup_show"
- "guestfs_btrfs_quota_enable"
- "guestfs_btrfs_quota_rescan"
- Quote support for Btrfs filesystems (Hu Tao).
- "guestfs_btrfs_rescue_chunk_recover"
- Scan and recover the chunk tree in Btrfs filesystems (Hu Tao).
- "guestfs_btrfs_rescue_super_recover"
- Restore superblocks in Btrfs filesystems (Hu Tao).
- "guestfs_btrfs_replace"
- Replace a device in a Btrfs filesystem (Cao Jin).
- "guestfs_btrfs_scrub"
- "guestfs_btrfs_scrub_cancel"
- "guestfs_btrfs_scrub_resume"
- "guestfs_btrfs_scrub_status"
- Scrub a Btrfs filesystem (Hu Tao).
- "guestfs_btrfs_subvolume_get_default"
- Get the default subvolume of a Btrfs filesystem (Hu Tao).
- "guestfs_btrfs_subvolume_show"
- List detailed information about the subvolume of a Btrfs filesystem (Hu Tao).
- "guestfs_btrfstune_enable_extended_inode_refs"
- "guestfs_btrfstune_enable_skinny_metadata_extent_refs"
- "guestfs_btrfstune_seeding"
- Various tuning parameters for Btrfs filesystems (Chen Hanxiao).
- "guestfs_c_pointer"
- Return the C pointer to the underlying "guestfs_h *". This allows interworking of libguestfs bindings with bindings from other libraries. For further information see https://bugzilla.redhat.com/1075164
- "guestfs_copy_in"
- "guestfs_copy_out"
- Flexible APIs for recursively copying directories of files between the host and guest filesystem. Previously these were available only as guestfish commands, but now any API users can call them (Pino Toscano).
- "guestfs_part_get_gpt_guid"
- "guestfs_part_set_gpt_guid"
- Get and set the GPT per-partition GUID.
- "guestfs_part_get_mbr_part_type"
- Get MBR partition type (Chen Hanxiao).
- "guestfs_set_uuid_random"
- Set the UUID of a filesystem to a randomly generated value; supported filesystems currently are ext2/3/4, XFS, Btrfs, and swap partitions. (Chen Hanxiao).
Other API changes
"guestfs_disk_create" can now use VMDK files as backing files.
"guestfs_btrfs_subvolume_snapshot" takes extra optional parameters (all added by Hu Tao):
- "ro"
- for creating a read-only Btrfs snapshot
- "qgroupid"
- for adding the snapshot to a qgroup
"guestfs_btrfs_subvolume_create" can also take the optional "qgroupid" parameter (Hu Tao).
"guestfs_set_uuid" can set UUID of swap partitions, Btrfs (Hu Tao, Chen Hanxiao).
"guestfs_copy_device_to_file" and "guestfs_copy_file_to_file" have a new optional "append" parameter, allowing you to append to the output file instead of truncating it.
"guestfs_mkfs" has a new optional "label" parameter to set the initial label of the new filesystem (Pino Toscano).
"guestfs_set_label" and "guestfs_set_uuid" now set "ENOTSUP" as errno when there is no implemented support for the filesystem of the specified mountable (Chen Hanxiao).
Environment variables now let you write "LIBGUESTFS_DEBUG=true", "LIBGUESTFS_DEBUG=0" and so on.
All "guestfs_sfdisk*" APIs have been deprecated. Because sfdisk(8) was rewritten, incompatibly, upstream, we don't recommend using these APIs in future code. Use the "guestfs_part*" APIs as replacements.
APIs such as "guestfs_download" do not truncate /dev/stdout or /dev/stderr when writing to them, meaning that if you redirect stdout or stderr to a file, the file is no longer truncated.
Build changes
The daemon no longer uses its own separate copy of gnulib. Instead it shares a single copy with the library.OCaml .annot files are now created, so IDEs and editors like emacs and vi can browse OCaml types in the source code.
Various fixes to allow different host/appliance architecture builds (Pino Toscano).
Automake is now used directly to build all the OCaml programs, instead of ad hoc Makefile rules. One side effect of this is to enable warnings in all the C code used by OCaml programs.
"-fno-strict-overflow" is used throughout the build to avoid dubious GCC optimizations.
Multiple cleanups to support GCC 5.
OCaml OUnit2 is needed to run some OCaml tests.
Creating a statically linked libguestfs.a should work again.
The src/api-support subdirectory and its scripts are no longer used. Instead we store in the generator/actions.ml when the API was added to libguestfs.
Internationalization
The translation service has changed from Transifex to Zanata.Many more translations are available now, for both library and tools messages and documentation.
内部
In all OCaml tools, there are now common "error", "warning", "info" functions, and common way to set and get the --quiet, -x (trace) and -v (verbose) flags, and colour highlighting used consistently."COMPILE_REGEXP" macros are used to simplify PCRE constructors and destructors.
In the generator, "Pointer" arguments have finally been implemented.
Internal identifiers no longer use double and triple underscores (eg. "guestfs___program_name"). These identifiers are invalid for C99 and C++ programs, although compilers would accept them.
The daemon no longer parses "guestfs_*" options from /proc/cmdline. Instead it only takes ordinary command line options. The appliance init script turns /proc/cmdline into daemon command line options.
The tests can now run the daemon as a ``captive process'', allowing it to be run directly on the host. The main advantage of this is we can run valgrind directly on the daemon during testing.
バグ修正
- https://bugzilla.redhat.com/1239053
- virt-v2v error reporting when grub.conf cannot be parsed by Augeas
- https://bugzilla.redhat.com/1238053
- v2v:Duplicate disk target set when convert guest with cdrom attached
- https://bugzilla.redhat.com/1237869
- Virtio drivers are not installed for windows 2008 guests by virt-v2v
- https://bugzilla.redhat.com/1234351
- virt-v2v Support for Fedora virtio-win drivers
- https://bugzilla.redhat.com/1232192
- Virt-v2v gives an error on a blank disk: part_get_parttype: unknown signature, of the output: BYT;
- https://bugzilla.redhat.com/1229385
- virt-p2v in kernel command line mode should power off the machine after conversion
- https://bugzilla.redhat.com/1229340
- virt-p2v no GUI mode appends \n to the final command line parameter
- https://bugzilla.redhat.com/1229305
- virt-sysprep at cleanup deletes /var/spool/at/.SEQ which results in failing at
- https://bugzilla.redhat.com/1226794
- ``Doing conversion……'' still shows after cancel the conversion from virt-p2v client
- https://bugzilla.redhat.com/1215042
- Memory leak in virNetSocketNewConnectUNIX
- https://bugzilla.redhat.com/1213324
- virt-v2v: warning: unknown guest operating system: windows windows 6.3 when converting win8,win8.1,win2012,win2012R2 to rhev
- https://bugzilla.redhat.com/1213247
- virt tools should print the same format of version string
- https://bugzilla.redhat.com/1212808
- RFE: virt-builder --touch
- https://bugzilla.redhat.com/1212807
- virt-builder --selinux-relabel flag fails on cross-architecture builds
- https://bugzilla.redhat.com/1212680
- RFE: virt-inspector xpath query should output a neat format of the query element
- https://bugzilla.redhat.com/1212152
- virt-builder firstboot-command fails: File name too long
- https://bugzilla.redhat.com/1211996
- virt-inspector gives incorrect arch (ppc64) for ppc64le guest
- https://bugzilla.redhat.com/1203817
- RFE: virt-customize --move and --copy
- https://bugzilla.redhat.com/1201526
- index-parser can't parse systemd mount files properly
- https://bugzilla.redhat.com/1196101
- virt-builder --upload option doesn't work to a FAT partition
- https://bugzilla.redhat.com/1196100
- virt-builder -x option on its own does not enable tracing
- https://bugzilla.redhat.com/1195204
- `virt-builder` should create $HOME/.cache directory if it already doesn't exist
- https://bugzilla.redhat.com/1193237
- Virt-builder fingerprint is required even when no check desired
- https://bugzilla.redhat.com/1189284
- virt-resize should preserve GPT partition UUIDs, else EFI guests become unbootable
- https://bugzilla.redhat.com/1188866
- Performance regression in virt-builder when uncompressing image
- https://bugzilla.redhat.com/1186800
- virt-v2v should support gzip format ova as input
- https://bugzilla.redhat.com/1185561
- virt-sparsify should ignore read-only LVs
- https://bugzilla.redhat.com/1182463
- ``mknod-b'', ``mknod-c'', and ``mkfifo'' do not strip non-permissions bits from ``mode''
- https://bugzilla.redhat.com/1176493
- virt-v2v ignores sound device when convert xen guest to local kvm
- https://bugzilla.redhat.com/1175676
- Typo error in 'help ping-daemon'
- https://bugzilla.redhat.com/1175196
- ``parse-environment'' and ``parse-environment-list'' fail to parse ``LIBGUESTFS_TRACE = 0''
- https://bugzilla.redhat.com/1175035
- ``is-blockdev''/``is-blockdev-opts'' fail to detect ``/dev/sda''
- https://bugzilla.redhat.com/1174280
- RFE: Allow v2v conversion of Oracle Linux 5.8 VMware VM
- https://bugzilla.redhat.com/1174200
- New virt-v2v failure: CURL: Error opening file: NSS: client certificate not found (nickname not specified): Invalid argument
- https://bugzilla.redhat.com/1174123
- Graphics password disappear after conversion of virt-v2v
- https://bugzilla.redhat.com/1174073
- The listen address for vnc is changed after conversion by virt-v2v
- https://bugzilla.redhat.com/1171666
- inspection thinks EFI partition is a separate operating system
- https://bugzilla.redhat.com/1171130
- virt-v2v conversion of RHEL 3 guest fails with: All of your loopback devices are in use
- https://bugzilla.redhat.com/1170685
- Conversion of RHEL 4 guest fails: rpm -ql 1:kernel-utils-2.4-23.el4: virt-v2v: error: libguestfs error: command_lines:
- https://bugzilla.redhat.com/1170073
- virt-v2v picks debug kernels over non-debug kernels when versions are equal
- https://bugzilla.redhat.com/1169045
- virt-sparsify: libguestfs error: qemu-img info: 'virtual-size' is not representable as a 64 bit integer
- https://bugzilla.redhat.com/1169015
- virt-resize --expand fails on ubuntu-14.04.img image (regression)
- https://bugzilla.redhat.com/1168144
- warning: fstrim: fstrim: /sysroot/: FITRIM ioctl failed: Operation not supported (ignored) when convert win2003 guest from xen server
- https://bugzilla.redhat.com/1167921
- p2v: No Network Connection dialog
- https://bugzilla.redhat.com/1167774
- virt-p2v fails with error:``nbd.c:nbd_receive_negotiate():L501: read failed''
- https://bugzilla.redhat.com/1167623
- Remove ``If reporting bugs, run virt-v2v with debugging enabled ..'' message when running virt-p2v
- https://bugzilla.redhat.com/1167601
- ``Conversion was successful'' pop out even virt-p2v fails
- https://bugzilla.redhat.com/1167302
- virt-v2v: warning: ova hard disk has no parent controller when convert from a ova file
- https://bugzilla.redhat.com/1166618
- virt-resize should give out the detail warning info to let customers know what's going wrong
- https://bugzilla.redhat.com/1165975
- File ``/boot/grub2/device.map'' showing is not right after converting a rhel7 guest from esx server
- https://bugzilla.redhat.com/1165785
- mount-loop command fails: mount failed: Unknown error -1
- https://bugzilla.redhat.com/1165569
- Disable ``cancel conversion'' button after virt-p2v conversion finished
- https://bugzilla.redhat.com/1165564
- Provide Reboot/Shutdown button after virt-p2v
- https://bugzilla.redhat.com/1164853
- Booting in qemu found no volume groups and failed checking the filesystems
- https://bugzilla.redhat.com/1164732
- The description of 'help append' is not accurately, it add the kernel options to libguestfs appliance not the guest kernel
- https://bugzilla.redhat.com/1164697
- typo errors in man pages
- https://bugzilla.redhat.com/1164619
- Inspect-get-icon failed on RHEL7 guest
- https://bugzilla.redhat.com/1162966
- xfs should also give a warning out to let customer know the limitation
- https://bugzilla.redhat.com/1161575
- Failed to import guest with ``rtl8139'' nic to openstack server after converted by v2v
- https://bugzilla.redhat.com/1159651
- virt-sysprep firstboot script is not deleted if it reboot a RHEL 7 guest
- https://bugzilla.redhat.com/1159258
- esx win2008 32 bit guest fail to load after conversion because the firmware isn't ACPI compatible
- https://bugzilla.redhat.com/1159016
- libvirt backend does not set RBD password
- https://bugzilla.redhat.com/1158526
- Use password file instead of process interaction
- https://bugzilla.redhat.com/1157679
- virt-p2v-make-disk should add firmwares
- https://bugzilla.redhat.com/1156449
- libguestfs FTBFS on f21 ppc64le
- https://bugzilla.redhat.com/1156301
- virt-inspector support adding a remote disk, but in its man page -a URI / --add URI is missing
- https://bugzilla.redhat.com/1155121
- Virt-v2v will fail when using relative path for -i ova
- https://bugzilla.redhat.com/1153844
- Redundancy whitespace at the end of directory name when use <TAB> to complete the directory name in guestfish with a xfs filesystem in guest
- https://bugzilla.redhat.com/1153589
- virt-v2v will hang when converting esx guest before disk copy phase
- https://bugzilla.redhat.com/1152998
- virt-v2v / qemu-img fails on ova image
- https://bugzilla.redhat.com/1151910
- virt-ls should remove '/' in the output when specify the directory name as /etc/
- https://bugzilla.redhat.com/1151900
- Should also add a field for directory files when run virt-ls with --csv option
- https://bugzilla.redhat.com/1151033
- virt-v2v conversions from VMware vCenter server run slowly
- https://bugzilla.redhat.com/1146832
- virt-v2v fail to convert guest with disk type volume
- https://bugzilla.redhat.com/1146007
- Input/output error during conversion of esx guest.
- https://bugzilla.redhat.com/1135585
- [RFE] virt-builder should support copying in a directory/list of files
- https://bugzilla.redhat.com/1089566
- [abrt] livecd-tools: kickstart.py:276:apply:IOError: [Errno 2] No such file or directory: '/run/media/jones/2tp001data/createlive/temp/imgcreate-_dX8Us/install_root/etc/rpm/macros.imgcreate'
- https://bugzilla.redhat.com/1079625
- virt-sparsify fails if a btrfs filesystem contains readonly snapshots
- https://bugzilla.redhat.com/1075164
- RFE: allow passing in a pre-opened libvirt connection from python
- https://bugzilla.redhat.com/912499
- Security context on image file gets reset
- https://bugzilla.redhat.com/889082
- [RFE] virt-v2v should check whether guest with same name exist on target first then transfer the disk
- https://bugzilla.redhat.com/855059
- RFE: virt-p2v: display more information about network devices such as topology, bonding, etc.
- https://bugzilla.redhat.com/823758
- p2v client should have largest number restrictions for CPU and Memory settings
- https://bugzilla.redhat.com/709327
- hivex cannot read registry hives from ReactOS
- https://bugzilla.redhat.com/709326
- virt-inspector cannot detect ReactOS
- https://bugzilla.redhat.com/119673
- installation via NFS doesn't seem to work
RELEASE NOTES FOR LIBGUESTFS 1.28
These release notes only cover the differences from the previous stable/dev branch split (1.26.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.New features
Toolsvirt-v2v(1) and virt-p2v(1) are tools for converting from foreign hypervisors (such as VMware or Xen) or physical machines, to KVM. These tools were previously a separate project. The code for both tools has been integrated into the libguestfs tree. As part of the refactoring, virt-p2v has been rewritten (from Ruby, now C), and virt-v2v now uses several modern features of qemu which make it run many times faster than before. virt-v2v(1) can import from: VMware vCenter, VMware OVA files, local disk files, libvirt, RHEL 5 Xen. It can output to: oVirt or Red Hat Enterprise Virtualization (RHEV-M), OpenStack Glance, libvirt, qemu, local disk files.
virt-log(1) is a new tool for listing log files from guests. It supports a variety of guests including Linux traditional, Linux using journal, and Windows event log.
virt-builder(1) has a new "--machine-readable" option to make it simpler to consume virt-builder from other programs.
New virt-builder(1) and virt-customize(1) --chmod option.
virt-sysprep(1) will now remove: systemd journals, anaconda logs, lightdm logs, debian-installer files, apt logs, exim logs, ConsoleKit logs, firewalld logs, grubby logs, proftpd logs, libvirt/libxml logs, and several other log files. The virt-sysprep "user-account" operation is now able to remove or keep particular user accounts. (Pino Toscano).
New guestmount(1) --fd option, allowing you to run guestmount captive under another process.
virt-sparsify(1) has a new --tmp option allowing you to precisely control where temporary files are stored.
virt-sparsify(1) can now write to a block device.
virt-customize(1) and virt-sysprep(1) now support adding firstboot scripts to Windows guests.
virt-cat(1), virt-edit(1), virt-ls(1) now support the -m option, allowing you to override automatic inspection of guests and instead specify where to mount partitions (Pino Toscano).
The virt tools now have coloured output: green for OK, red for errors, blue for warnings.
Language bindings
You can build a Python distribution using "make -C python sdist"
Ruby bindings have switched from "Test::Unit" to "MiniTest".
The Java bindings are now compatible with OpenJDK 8 (Pino Toscano).
Inspection
Oracle Linux is returned as "oraclelinux" (Nikos Skalkotos).
Linux guests which do not have /etc/fstab can now be handled (Pino Toscano).
Minix is returned as "minix" (Pino Toscano).
Architectures
Aarch64 (64 bit ARM) support has been added.
Inspection and the "guestfs_file_architecture" call can now recognize arm (32 bit) and aarch64 guests.
Security
- CVE-2014-0191 Network usage and entity resolution in XML parsing
-
Libguestfs previously used unsafe libxml2 APIs for parsing libvirt XML.
These APIs defaulted to allowing network connections to be made when certain
XML documents were presented. Using a malformed XML document it was also
possible to exhaust all CPU, memory or file descriptors on the machine.
Since the libvirt XML comes from a trusted source (the libvirt daemon) it is not thought that this could have been exploitable.
This was fixed in libguestfs ≥ 1.27.9 and the fix was backported to stable versions ≥ 1.26.2, ≥ 1.24.9, ≥ 1.22.10 and ≥ 1.20.13. (Thanks: Dan Berrange, Pino Toscano).
- Shellshock (bash CVE-2014-6271)
- This bash bug indirectly affects libguestfs. For more information see: https://www.redhat.com/archives/libguestfs/2014-September/msg00252.html
API
New APIs- "guestfs_clear_backend_setting"
- "guestfs_get_backend_setting"
- "guestfs_set_backend_setting"
- Use these APIs to set individual backend settings.
- "guestfs_cpio_out"
- Convert a directory within the disk image to cpio format.
- "guestfs_journal_get_realtime_usec"
- Fetch precise journal times, see sd_journal_get_realtime_usec(3).
- "guestfs_lstatns"
- "guestfs_lstatnslist"
- "guestfs_statns"
- Enhanced versions of "guestfs_lstat", "guestfs_lstatlist", "guestfs_stat" which return nanosecond timestamps.
Build changes
Libguestfs can now be built with qemu 2.x.Add support for packaging the appliance on Mageia (Joseph Wang, Thierry Vignaud).
Augeas is now a required dependency.
Flex and bison are now required dependencies.
内部
User-Mode Linux (UML) is no longer a supported backend (although still available). It will be supported again once someone steps in and fixes various regressions and brokenness in the UML (Linux) kernel.You can now connect gdb to qemu by specifying "LIBGUESTFS_BACKEND_SETTINGS=gdb"
Serial BIOS (sgabios) is now used by the libvirt backend (on x86 only) so that we see early BIOS messages.
For the OCaml virt tools, exceptions are now handled and printed by a common function.
A GCC warning about large stack frames is now enabled by default. Several places that used large arrays and structures on the stack have been fixed.
There is now a test for booting the appliance repeatedly. Useful for finding kernel leaks. See: tests/qemu/qemu-boot.c
There is a test for testing the speed of various qemu features such as virtio-serial uploads and block device writes. See: tests/qemu/qemu-speed-test.c
GCC warnings are now enabled for OCaml-C bindings in the OCaml virt tools.
The code for editing files used by virt-edit(1), guestfish(1) "edit" command, virt-customize(1) --edit option and more is now shared between all these utilities (thanks Pino Toscano).
The FUSE tests were rewritten in C to ensure finer control over how system calls are tested.
The update-bugs.sh script has been fixed so it should no longer create an empty "BUGS" file if the Bugzilla server is unavailable.
The virt-resize(1) tests now use a stochastic method to ensure much deeper and broader testing.
When the network is enabled, the appliance now uses DHCP to acquire an IP address.
If libvirt is being used then the appliance will connect to "virbr0" (can be overridden by setting "LIBGUESTFS_BACKEND_SETTINGS=network_bridge=<some_bridge>"). This enables full-featured network connections, with working ICMP, ping and so on.
バグ修正
- https://bugzilla.redhat.com/1153515
- empty (but set) LIBGUESTFS_BACKEND prints libguestfs: error: invalid backend:
- https://bugzilla.redhat.com/1151766
- libguestfs-bash-completion package contains file /usr/share/bash-completion/completions/virt-log, but no _virt_log() function in that file
- https://bugzilla.redhat.com/1151738
- typo error in man page of virt-edit
- https://bugzilla.redhat.com/1151033
- virt-v2v conversions from VMware vCenter server run slowly
- https://bugzilla.redhat.com/1150880
- virt-v2v: warning: display <graphics type='sdl'> was ignored when converting rhel5 guest with sdl graphics
- https://bugzilla.redhat.com/1150867
- 'copy-file-to-file /src /dest' create file /dest even if command 'copy-file-to-file /src /dest' failed
- https://bugzilla.redhat.com/1150815
- Can not find ``RECURSIVE LONG LISTING'' in 'man virt-diff'
- https://bugzilla.redhat.com/1150701
- virt-v2v does not fstrim data disks and non-mounted filesystems
- https://bugzilla.redhat.com/1150475
- Exporting 2+ disk guest to RHEV, only one disk shows after import
- https://bugzilla.redhat.com/1148355
- virt-filesystems: incorrect LVM vg name when listing Fedora 21 Alpha Atomic image filesystems
- https://bugzilla.redhat.com/1148072
- Option missing --no-selinux-relabel
- https://bugzilla.redhat.com/1148012
- RFE: Allow qemu-bridge-helper to be used to implement guestfs_set_network
- https://bugzilla.redhat.com/1146815
- virt-v2v prints warning: /files/etc/fstab/8/spec references unknown device ``cdrom''
- https://bugzilla.redhat.com/1146275
- regression setting root password with virt-builder/virt-customize
- https://bugzilla.redhat.com/1146017
- virt-v2v -v -x during windows guest conversion will hang at hivex: hivex_open: used block id ……
- https://bugzilla.redhat.com/1145995
- Improve the error info when converting windows guest with unclean file system
- https://bugzilla.redhat.com/1145916
- virt-v2v fails to convert win7 guest
- https://bugzilla.redhat.com/1144891
- RFE: stat calls do not return nanosecond timestamps
- https://bugzilla.redhat.com/1144766
- futimens() is a no-op via guestmount
- https://bugzilla.redhat.com/1144201
- guestfish can not restore terminal's output colour when exit guestfish, if the terminal's background colour is black then it will make a inconvenient
- https://bugzilla.redhat.com/1143949
- virt-customize option '--password-crypto' do not work
- https://bugzilla.redhat.com/1143887
- Warning shows when converting guests to rhev:chown: changing ownership of ‘/tmp/v2v.u48xag/*.ovf’: Invalid argument
- https://bugzilla.redhat.com/1143883
- warning shows when converting rhel7 guest:virt-v2v:could not update grub2 console: aug_get: no matching node (ignored)
- https://bugzilla.redhat.com/1143866
- virt-v2v fails with error: cannot open Packages index using db5
- https://bugzilla.redhat.com/1142416
- part-get-name give 'libguestfs: error: part_get_name: parted does not support the machine output (-m)' error message when run 'part-get-name /dev/sda 1'
- https://bugzilla.redhat.com/1142186
- virt-sysprep option '--mount-options' don't work well
- https://bugzilla.redhat.com/1142158
- Illegal command 'part-get-name /dev/sda1 1' cause libguestfs appliance crashed
- https://bugzilla.redhat.com/1142004
- virt-v2v prints warning:WARNING:/files/boot/grub/device.map references unknown device ``xvda''
- https://bugzilla.redhat.com/1141723
- virt-v2v: error: disk sda has no defined format shows when converting xen hvm guest
- https://bugzilla.redhat.com/1141680
- [RFE] virt-v2 should support convert a domain with using domain's UUID instead of domain name
- https://bugzilla.redhat.com/1141631
- [RFE] virt-v2 should support convert a guest to a dir-pool with using pool's uuid
- https://bugzilla.redhat.com/1141157
- virt-sysprep option '--user-accounts' don't work well
- https://bugzilla.redhat.com/1141145
- virt-v2v fails to convert xen pv guests.
- https://bugzilla.redhat.com/1141113
- virt-v2v fails to convert esx guests
- https://bugzilla.redhat.com/1140946
- qemu-img shows error message for backing file twice
- https://bugzilla.redhat.com/1140894
- No error messages output if append '--format qcow2' after '-a guest.img', guest.img is a raw format image file
- https://bugzilla.redhat.com/1140547
- virt-builder option '--format' don't work well
- https://bugzilla.redhat.com/1140156
- RFE: Export to RHEV data domain
- https://bugzilla.redhat.com/1140050
- No error shows when multiple conflicting options used with virt-v2v
- https://bugzilla.redhat.com/1139973
- Improve the error info when converting xen guest with no passwordless SSH access configured
- https://bugzilla.redhat.com/1139543
- Improve the error info when converting guest with no space left
- https://bugzilla.redhat.com/1138586
- No error shows when converting running guest with virt-v2v
- https://bugzilla.redhat.com/1138184
- virt-v2v will fail when converting guests with initramfs-*kdump.img under /boot
- https://bugzilla.redhat.com/1138182
- xen guest will be kernel panic after converted by virt-v2v
- https://bugzilla.redhat.com/1130189
- Annoying message about permissions of /dev/kvm
- https://bugzilla.redhat.com/1123007
- libguestfs 'direct' backend should close file descriptors before exec-ing qemu to avoid leaking !O_CLOEXEC fds
- https://bugzilla.redhat.com/1122557
- virt-sparsify overwrites block devices if used as output files
- https://bugzilla.redhat.com/1113156
- Empty fstab breaks libguestfs inspection
- https://bugzilla.redhat.com/1111662
- Guestfs.Error(``vgchange_uuid_all: Volume group has active logical volumes'')
- https://bugzilla.redhat.com/1109174
- virt-win-reg manual page is corrupted
- https://bugzilla.redhat.com/1106548
- root gets an error accessing to a non-root dir on a snapshot guestmount VMDK img
- https://bugzilla.redhat.com/1103877
- These APIs also need to add to `guestfish -h` command list
- https://bugzilla.redhat.com/1102448
- mageia package list is incorrect
- https://bugzilla.redhat.com/1102447
- libguestfs 1.27.13 does not build due to libxml library order
- https://bugzilla.redhat.com/1100498
- RFE: non-polling mechanism to detect guestmount --no-fork readiness
- https://bugzilla.redhat.com/1099490
- scrub-file can't handle link file
- https://bugzilla.redhat.com/1099284
- typo errors in man pages
- https://bugzilla.redhat.com/1098718
- RFE: virt-builder aliases
- https://bugzilla.redhat.com/1096465
- virt-builder ``proxy=off'' setting doesn't turn off the proxy for downloads
- https://bugzilla.redhat.com/1094746
- virt-sparsify man failes to mention what happens to snapshots within a qcow2 image (they are discarded)
- https://bugzilla.redhat.com/1092753
- virt-builder: If several repos contain the same os-version images, then they are duplicated in -l output
- https://bugzilla.redhat.com/1091803
- tar-in-opts execute failed that cause libguestfs appliance crashed
- https://bugzilla.redhat.com/1088424
- virt-resize: libguestfs error: part_set_name: parted: /dev/sdb: Error during translation: Invalid or incomplete multibyte or wide character
- https://bugzilla.redhat.com/1088262
- virt-builder cannot write to a block device
- https://bugzilla.redhat.com/1085029
- Ruby tests fail with latest Ruby
- https://bugzilla.redhat.com/1079210
- virt-sparsify --in-place cannot sparsify as much as it should
- https://bugzilla.redhat.com/1079182
- virt-df cannot report used disk space of windows guest when updated to 6.5
- https://bugzilla.redhat.com/1077817
- virt-builder error: ``syntax error at line 3: syntax error''
- https://bugzilla.redhat.com/1056290
- virt-sparsify overwrites block devices if used as output files
- https://bugzilla.redhat.com/812970
- virt-rescue cannot set ≥<rescue> prompt, on Ubuntu 12.04
RELEASE NOTES FOR LIBGUESTFS 1.26
These release notes only cover the differences from the previous stable/dev branch split (1.24.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.New features
Toolsvirt-customize(1) is a new tool for customizing virtual machine disk images. It lets you install packages, edit configuration files, run scripts, set passwords and so on. virt-builder(1) and virt-sysprep(1) use virt-customize, and command line options across all these tools are now identical.
virt-diff(1) is a new tool for showing the differences between the filesystems of two virtual machines. It is mainly useful when showing what files have been changed between snapshots.
virt-builder(1) has been greatly enhanced. There are many more ways to customize the virtual machine. It can pull templates from multiple repositories. A parallelized internal xzcat implementation speeds up template decompression. Virt-builder uses an optimizing planner to choose the fastest way to build the VM. It is now easier to use virt-builder from other programs. Internationalization support has been added to metadata. More efficient SELinux relabelling of files. Can build guests for multiple architectures. Error messages have been improved. (Pino Toscano)
virt-sparsify(1) has a new --in-place option. This sparsifies an image in place (without copying it) and is also much faster. (Lots of help provided by Paolo Bonzini)
virt-sysprep(1) can delete and scrub files under user control. You can lock user accounts or set random passwords on accounts. Can remove more log files. Can unsubscribe a guest from Red Hat Subscription Manager. New flexible way to enable and disable operations. (Wanlong Gao, Pino Toscano)
virt-win-reg(1) allows you to use URIs to specify remote disk images.
virt-format(1) can now pass the extra space that it recovers back to the host.
guestfish(1) has additional environment variables to give fine control over the "><fs>" prompt. Guestfish reads its (rarely used) configuration file in a different order now so that local settings override global settings. (Pino Toscano)
virt-make-fs(1) was rewritten in C, but is unchanged in terms of functionality and command line usage.
Language bindings
The OCaml bindings have a new "Guestfs.Errno" module, used to check the error number returned by "Guestfs.last_errno".
PHP tests now work. (Pino Toscano)
Inspection
Inspection can recognize Debian live images.
Architectures
ARMv7 (32 bit) now supports KVM acceleration.
Aarch64 (ARM 64 bit) is supported, but the appliance part does not work yet.
PPC64 support has been fixed and enhanced.
Security
- Denial of service when inspecting disk images with corrupt btrfs volumes
-
It was possible to crash libguestfs (and programs that use libguestfs as a
library) by presenting a disk image containing a corrupt btrfs volume.
This was caused by a NULL pointer dereference causing a denial of service, and is not thought to be exploitable any further.
See commit d70ceb4cbea165c960710576efac5a5716055486 for the fix. This fix is included in libguestfs stable branches ≥ 1.26.0, ≥ 1.24.6 and ≥ 1.22.8, and also in RHEL ≥ 7.0. Earlier versions of libguestfs are not vulnerable.
- Better generation of random root passwords and random seeds
- When generating random root passwords and random seeds, two bugs were fixed which are possibly security related. Firstly we no longer read excessive bytes from /dev/urandom (most of which were just thrown away). Secondly we changed the code to avoid modulo bias. These issues were not thought to be exploitable. (Both changes suggested by Edwin Török)
API
GUID parameters are now validated when they are passed to API calls, whereas previously you could have passed any string. (Pino Toscano)New APIs
- "guestfs_add_drive_opts": new "discard" parameter
- The new "discard" parameter allows fine-grained control over discard/trim support for a particular disk. This allows the host file to become more sparse (or thin-provisioned) when you delete files or issue the "guestfs_fstrim" API call.
- "guestfs_add_domain": new parameters: "cachemode", "discard"
- These parameters are passed through when adding the domain's disks.
- "guestfs_blkdiscard"
- Discard all blocks on a guestfs device. Combined with the "discard" parameter above, this makes the host file sparse.
- "guestfs_blkdiscardzeroes"
- Test if discarded blocks read back as zeroes.
- "guestfs_compare_*"
- "guestfs_copy_*"
- For each struct returned through the API, libguestfs now generates "guestfs_compare_*" and "guestfs_copy_*" functions to allow you to compare and copy structs.
- "guestfs_copy_attributes"
- Copy attributes (like permissions, xattrs, ownership) from one file to another. (Pino Toscano)
- "guestfs_disk_create"
- A flexible API for creating empty disk images from scratch. This avoids the need to call out to external programs like qemu-img(1).
- "guestfs_get_backend_settings"
- "guestfs_set_backend_settings"
-
Per-backend settings (can also be set via the environment variable
"LIBGUESTFS_BACKEND_SETTINGS"). The main use for this is forcing TCG mode
in the qemu-based backends, for example:
export LIBGUESTFS_BACKEND=direct export LIBGUESTFS_BACKEND_SETTINGS=force_tcg
- "guestfs_part_get_name"
- Get the label or name of a partition (for GPT disk images).
Build changes
The following extra packages are required to build libguestfs 1.26:- supermin ≥ 5
- Supermin version 5 is required to build this version of libguestfs.
- flex, bison
- Virt-builder now uses a real parser to parse its metadata file, so these tools are required.
- xz
- This is now a required build dependency, where previously it was (in theory) optional.
内部
PO message extraction rewritten to be more robust. (Pino Toscano)"podwrapper" gives an error if the --insert or --verbatim argument pattern is not found.
Libguestfs now passes the qemu -enable-fips option to enable FIPS, if qemu supports it.
"./configure --without-qemu" can be used if you don't want to specify a default hypervisor.
Copy-on-write [COW] overlays, used for example for read-only drives, are now created through an internal backend API (".create_cow_overlay").
Libvirt backend uses some funky C macros to generate XML. These are simpler and safer.
The ChangeLog file format has changed. It is now just the same as "git log", instead of using a custom format.
Appliance start-up has changed:
- The libguestfs appliance now initializes LVM the same way as it is done on physical machines.
-
The libguestfs appliance does not write an empty string to
/proc/sys/kernel/hotplug when starting up.
Note that you must configure your kernel to have "CONFIG_UEVENT_HELPER_PATH=""" otherwise you will get strange LVM errors (this applies as much to any Linux machine, not just libguestfs). (Peter Rajnoha)
Libguestfs can now be built on arches that have ocamlc(1) but not ocamlopt(1). (Hilko Bengen, Olaf Hering)
You cannot use "./configure --disable-daemon --enable-appliance". It made no sense anyway. Now it is expressly forbidden by the configure script.
The packagelist file uses "m4" for macro expansion instead of "cpp".
バグ修正
- https://bugzilla.redhat.com/1073906
- java bindings inspect_list_applications2 throws java.lang.ArrayIndexOutOfBoundsException:
- https://bugzilla.redhat.com/1063374
- [RFE] enable subscription manager clean or unregister operation to sysprep
- https://bugzilla.redhat.com/1060404
- virt-resize does not preserve GPT partition names
- https://bugzilla.redhat.com/1057504
- mount-local should give a clearer error if root is not mounted
- https://bugzilla.redhat.com/1056290
- virt-sparsify overwrites block devices if used as output files
- https://bugzilla.redhat.com/1055452
- libguestfs: error: invalid backend: appliance
- https://bugzilla.redhat.com/1054761
- guestfs_pvs prints ``unknown device'' if a physical volume is missing
- https://bugzilla.redhat.com/1053847
- Recommended default clock/timer settings
- https://bugzilla.redhat.com/1046509
- ruby-libguestfs throws ``expecting 0 or 1 arguments'' on Guestfs::Guestfs.new
- https://bugzilla.redhat.com/1045450
- Cannot inspect cirros 0.3.1 disk image fully
- https://bugzilla.redhat.com/1045033
- LIBVIRT_DEFAULT_URI=qemu:///system breaks libguestfs
- https://bugzilla.redhat.com/1044585
- virt-builder network (eg. --install) doesn't work if resolv.conf sets nameserver 127.0.0.1
- https://bugzilla.redhat.com/1044014
- When SSSD is installed, libvirt configuration requires authentication, but not clear to user
- https://bugzilla.redhat.com/1039995
- virt-make-fs fails making fat/vfat whole disk: Device partition expected, not making filesystem on entire device '/dev/sda' (use -I to override)
- https://bugzilla.redhat.com/1039540
- virt-sysprep to delete more logfiles
- https://bugzilla.redhat.com/1033207
- RFE: libguestfs inspection does not recognize Free4NAS live CD
- https://bugzilla.redhat.com/1028660
- RFE: virt-sysprep/virt-builder should have an option to lock a user account
- https://bugzilla.redhat.com/1026688
- libguestfs fails examining libvirt guest with ceph drives: rbd: image name must begin with a '/'
- https://bugzilla.redhat.com/1022431
- virt-builder fails if $HOME/.cache doesn't exist
- https://bugzilla.redhat.com/1022184
- libguestfs: do not use versioned jar file
- https://bugzilla.redhat.com/1020806
- All libguestfs LVM operations fail on Debian/Ubuntu
- https://bugzilla.redhat.com/1008417
- Need update helpout of part-set-gpt-type
- https://bugzilla.redhat.com/953907
- virt-sysprep does not correctly set the hostname on Debian/Ubuntu
- https://bugzilla.redhat.com/923355
- guestfish prints literal ``\n'' in error messages
- https://bugzilla.redhat.com/660687
- guestmount: ``touch'' command fails: touch: setting times of `timestamp': Invalid argument
- https://bugzilla.redhat.com/593511
- [RFE] function to get partition name
- https://bugzilla.redhat.com/563450
- list-devices returns devices of different types out of order
RELEASE NOTES FOR LIBGUESTFS 1.24
These release notes only cover the differences from the previous stable/dev branch split (1.22.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.New features
User-Mode Linux (UML) can be used as an alternative backend (ie. instead of KVM). This improves performance especially when using libguestfs inside a VM (eg. in the cloud). UML is supported as a first-class backend. See ``USER-MODE LINUX BACKEND'' in guestfs(3) for how to use this.ARM (32 bit) and PPC64 are now fully supported.
Tools
virt-builder(1) is a new tool for building virtual machine images. It lets you rapidly and securely create guests and customize them.
New virt-sysprep(1) operations: Remove files in /tmp and /var/tmp. Remove RPM database files. Change root and user passwords. More log files are removed. New operations which are not enabled by default: Create random UUIDs for filesystems. Reset firewall rules. (Wanlong Gao)
virt-resize(1) and virt-sysprep can now use URIs to specify a remote disk.
Use "guestfish -N filename=type" to create a named disk image (instead of the default test1.img etc).
virt-sparsify(1) now tests if there is enough disk space to complete the operation, instead of possibly running out of space half way through.
virt-format(1) and virt-make-fs(1): new --label option for setting filesystem label.
virt-resize --no-sparse flag can be used to resize on to partitions and other targets that are not zeroed.
Language bindings
New bindings for the Go programming language.
API
Support for the systemd journal.
"guestfs_add_drive_opts" can now control the qemu caching mode through a new "cachemode" parameter. You can select improved performance for temporary drives, or safety.
"guestfs_set_label" now works for XFS and btrfs.
New GUESTFS_EVENT_WARNING event for warning messages.
Inspection
Better inspection of SUSE guests (Olaf Hering).
Better support for non-standard Windows %systemroot% (Matthew Booth).
Enhanced error reporting for Augeas errors.
Security
- CVE-2013-2124
-
https://bugzilla.redhat.com/show_bug.cgi?id=968306
A denial of service was possible when inspecting certain guests. The fix has been backported to 1.20 and 1.22 branches.
- CVE-2013-4419
-
https://www.redhat.com/archives/libguestfs/2013-October/msg00031.html
Fix insecure temporary directory handling for remote guestfish. The fix has been backported to 1.20 and 1.22 branches.
New APIs
add-drive-scratch: Add a temporary scratch drive aug-label aug-setm journal-open: Systemd journal support journal-close journal-next journal-skip journal-get journal-get-data-threshold journal-set-data-threshold remount: Allow rw flag to be adjusted on mounted filesystems set-uuid: Set UUID of filesystem
"is-file", "is-dir", "is-blockdev", "is-chardev", "is-fifo", "is-socket" APIs now have an extra "followsymlinks" flag.
"add-drive" has a new "cachemode" parameter.
Build changes
The following packages are required to build libguestfs 1.24:- Augeas ≥ 1.0.0
The following optional packages may be added to enhance functionality but are not required:
- sd-journal
- To read journal files from guests which use that.
- url_mkcow
- For UML backend.
- curl
- gpg
- xz
- For virt-builder.
- golang ≥ 1.1.1
- For Go language bindings.
内部
New "make check-*" rules replace "make extra-tests". See "make help" and guestfs(3) for details.Perl code can now be valgrinded.
Inspection code is now fuzz-tested.
"make" no longer recurses into the generator directory in every other directory. This reduces the overhead of builds considerably.
Additional tests for Augeas, hivex.
Add a launch timeout of 20 minutes waiting for the appliance to start up.
Add a timeout (4 hours) to all tests so we can catch the case where qemu or other components hang.
Use kvmclock and "-cpu host". This improves clock stability and overall performance.
"./configure --enable-packet-dump" mode is fixed.
"./configure --enable-valgrind-daemon" mode has been rewritten. It is now feasible for developers to keep this flag enabled at all times.
Backends have been refactored to be modular (although they are not actually loadable modules).
When enabled, the network now uses resolver configuration (ie. /etc/resolv.conf) from the host.
バグ修正
- https://bugzilla.redhat.com/1019889
- libguestfs-tools.conf should have a man page
- https://bugzilla.redhat.com/1018149
- valgrind errors in btrfs_subvolume_list
- https://bugzilla.redhat.com/1002032
- mke2fs can't return the correct filesystem type when blockscount is less than 2048 for ext3
- https://bugzilla.redhat.com/1001876
- Update ``rsync-out'' helpout for using wildcard
- https://bugzilla.redhat.com/1001875
- Argument 'excludes' of tar-out does not work
- https://bugzilla.redhat.com/1000428
- virt-format uses wrong partition type for vfat filesystems
- https://bugzilla.redhat.com/1000121
- 'sh' command before mount causes daemon to segfault
- https://bugzilla.redhat.com/998513
- guestfish does not work when you mix --remote and --add options
- https://bugzilla.redhat.com/998482
- guestfish remote prints ``libguestfs: error: waitpid (qemu): No child processes''
- https://bugzilla.redhat.com/995711
- list-filesystems command fails if there are no block devices
- https://bugzilla.redhat.com/994517
- cache=none/O_DIRECT workaround doesn't work for images with backing files
- https://bugzilla.redhat.com/989356
- cap-get-file will return error if the file has not be set capabilities
- https://bugzilla.redhat.com/986877
- RFE: Implement set-uuid command
- https://bugzilla.redhat.com/986875
- RFE: Implement set-label for xfs
- https://bugzilla.redhat.com/985269
- Can't set acl value for a specified user with 'acl-set-file'
- https://bugzilla.redhat.com/983218
- libguestfs double free when kernel link fails during launch
- https://bugzilla.redhat.com/981715
- Make xfs filesystem failed with specified blocksize, gives ``unknown option -b'' error
- https://bugzilla.redhat.com/981683
- ``hivex-commit'' should fail with a relative path
- https://bugzilla.redhat.com/981663
- disk-format ``qemu-img info: JSON parse error'' when target file does not exist
- https://bugzilla.redhat.com/978302
- mke2fs-J should give a meaningful error when specified type is anything except 'ext{2,3,4}'
- https://bugzilla.redhat.com/975797
- Specifying virtio interface ('iface' parameter) breaks the direct backend - libguestfs hangs
- https://bugzilla.redhat.com/975753
- ``virt-resize --expand'' and ``virt-resize --resize'' outputs error message for Win2008 32bit OS
- https://bugzilla.redhat.com/975412
- inspection: Augeas expressions are broken with augeas >= 0.10
- https://bugzilla.redhat.com/974904
- virt-resize --expand fails on Ubuntu Cloud Image
- https://bugzilla.redhat.com/974489
- Regression: Fedora inspection broken by change from guestfs_exists to guestfs_is_file
- https://bugzilla.redhat.com/972775
- txz-out command produces a bzip2-compressed file (should be xz-compressed)
- https://bugzilla.redhat.com/969845
- upload to a directory occasionally hangs instead of failing
- https://bugzilla.redhat.com/968875
- virt-sysprep should support URL-type arguments
- https://bugzilla.redhat.com/624334
- blockdev-setbsz succeeds, but does not affect blockdev-getbsz
RELEASE NOTES FOR LIBGUESTFS 1.22
These release notes only cover the differences from the previous stable/dev branch split (1.20.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.New features
APIRemote access to disks:
- Network Block Device (nbd)
- Secure Shell (ssh)
- HTTP and HTTPS
- FTP and FTPS
- iSCSI
- Gluster
- Ceph/rbd (Mike Kelly)
- Sheepdog
- TFTP
The SYSLINUX and EXTLINUX bootloaders can now be installed in disk images using the API.
Inspection can now handle filesystems such as btrfs where subvolumes are separately mountable (Matthew Booth).
``Attach methods'' are now known as ``backends''. Compatibility with existing code is preserved.
Filenames can contain ':', as long as newer QEMU is being used.
Tools
Virt-alignment-scan and virt-df scan multiple guests in parallel.
Guestmount now passes errno accurately back to userspace in almost all cases.
Guestfish and other tools can now use a URI-like syntax to access remote disks, eg:
guestfish -a ssh://example.com/path/to/disk.img
Guestfish and guestmount now allow you to specify the filesystem type when mounting, which is more secure (Dave Vasilevsky).
Guestfish is now the ``guest filesystem shell''.
Guestfish allows only 1 "true" "t" "yes" "y" "on" 0 "false" "f" "no" "n" "off" for boolean values (case insensitive), and gives an error for all other strings.
New tool "guestunmount" for unmounting FUSE filesystems safely.
"guestmount --no-fork" flag prevents guestmount from daemonizing.
Virt-resize now uses sparse copies by default, saving considerable space for guests which are mostly empty.
Bash tab completion has been rewritten and can now handle most tools, and correctly tab-complete "--long" options. In addition, bash completion scripts are loaded on demand.
Language bindings
The Java API now supports events.
The Python object now inherits from the "object" base class.
Python methods which previously returned lists of tuples can now be made to return a Python dict. For backwards compatibility, you have to enable this by using the constructor option "guestfs.GuestFS (python_return_dict=True)".
The PHP bindings are now tested properly, and have had multiple fixes.
The long-deprecated Perl "Sys::Guestfs::Lib" library has been removed. https://www.redhat.com/archives/libguestfs/2013-April/msg00001.html
例
新しいプログラム例は、デバッグを有効化し、ログメッセージを採取する方法を示します。
Other
Distributors can add arbitrary extra packages to the appliance by doing:
./configure --with-extra-packages="list of package names"
Distributors can use:
./configure --with-supermin-extra-options="..."
to add arbitrary extra options to supermin.
Security
No security issues were found in this release.New APIs
cp-r extlinux feature-available get-program is-whole-device part-get-gpt-type part-set-gpt-type rename set-program syslinux
C のみ:
guestfs_event_to_string
内部
The febootstrap tool has now been renamed to ``supermin''. Libguestfs can use either, but now prefers ``supermin''. http://people.redhat.com/~rjones/supermin/libxml2 が libguestfs をビルドするために必要です。
(hivex の) hivexregedit プログラムが git からビルドするために必要です。
Internal functions can no longer be used unless the caller defines "-DGUESTFS_PRIVATE=1".
Enable C compiler warnings in Python, Ruby bindings.
Fail early and clearly if libvirt does not support qemu/KVM (eg. if default libvirt connection is to Xen).
"make print-subdirs" rule, useful for selectively running tests.
Multiple fixes to allow separated (sourcedir != builddir) builds.
Multiple fixes to Haskell bindings.
"ln" and "ln-f" APIs now capture "errno" correctly.
Language binding tests use (mostly) a standard numbering scheme and aim to test the same range of features in each language. Also the number of launches required has been reduced so these tests should run much more quickly.
Library code internally uses GCC "__attribute__((cleanup))" (if available) to simplify memory allocation.
Internal header files have been reorganized. See the comments in src/guestfs-internal*.h
Internal code shared between the library and certain tools is now located in a static "libutils" library.
Almost all subdirectories can now use parallel builds, although note that the top-level directories still build in series.
Use of "PATH_MAX" and "NAME_MAX" has been eliminated from the code.
The Java API now requires JVM ≥ 1.6.
Force use of "serial-tests" with automake ≥ 1.12.
Use of sockets in the library protocol layer is abstracted, allowing other non-POSIX layers to be added in future (see src/conn-socket.c).
"qemu-img info --output json" is used if available, for more secure parsing of the output of this command.
Distros can now use "make INSTALLDIRS=vendor install" to place Ruby bindings in vendordir. This eliminates a non-upstream patch carried by both Fedora and Debian.
Valgrind log files are now written to tmp/valgrind-DATE-PID.log
"make clean" cleans the local "tmp/" directory.
The C API tests have been rewritten using a more flexible generator language that allows arbitrary C code to be executing during tests.
バグ修正
- https://bugzilla.redhat.com/961812
- Segfault in inspect-fs.c in mountable code
- https://bugzilla.redhat.com/957772
- tar-out and base64-out quoting error
- https://bugzilla.redhat.com/957380
- libguestfs: error: btrfsvol:/dev/sda2/root: root device not found: only call this function with a root device previously returned by guestfs_inspect_os
- https://bugzilla.redhat.com/948324
- inspection fails if libosinfo is not installed
- https://bugzilla.redhat.com/928995
- file on zero-sized file now produces ``empty '' instead of ``empty''
- https://bugzilla.redhat.com/921292
- qemu: could not open disk image /tmp/.../snapshot1: Permission denied
- https://bugzilla.redhat.com/921040
- ``error: external command failed, see earlier error messages'' message needs to change
- https://bugzilla.redhat.com/920225
- libguestfs should use --output json (if supported) to safely parse the output of qemu-img command
- https://bugzilla.redhat.com/916780
- 機能リクエスト: guestmount --with-cleanup-pipefd
- https://bugzilla.redhat.com/914934
- oom-killer kills guestfsd when tar-in a lot of data
- https://bugzilla.redhat.com/914931
- FileIn commands cause segfault if appliance dies during the file copy in
- https://bugzilla.redhat.com/913145
- Misc leaks in virNetClientProgramCall in libvirt 1.0.2
- https://bugzilla.redhat.com/912499
- Security context on image file gets reset
- https://bugzilla.redhat.com/909836
- libguestfs-test-tool --qemu segfaults
- https://bugzilla.redhat.com/909624
- Unexpected non-tail recursion in recv_from_daemon results in stack overflow in very long-running API calls that send progress messages
- https://bugzilla.redhat.com/908322
- virt-tar fails on non-existent directory names ``error in chunked encoding at /home/rjones/d/libguestfs/tools/virt-tar line 272.''
- https://bugzilla.redhat.com/908321
- virt-cat fails on directory names ``/dev/stdout: error in chunked encoding''
- https://bugzilla.redhat.com/907554
- btrfs causes subsequent ntfs-3g filesystem to fail
- https://bugzilla.redhat.com/905341
- ``No such file or directory'' when execute ``hivex-commit''
- https://bugzilla.redhat.com/903620
- btrfs_subvolume_list broken due to change in subvolume list output
- https://bugzilla.redhat.com/895910
- guestmount: rename() incorrectly follows symbolic links
- https://bugzilla.redhat.com/895905
- guestmount: link() incorrectly returns ENOENT, when it should be EXDEV
- https://bugzilla.redhat.com/895904
- checksums-out fail to compute the checksums of all regular files in directory
- https://bugzilla.redhat.com/894545
- libguestfs FTBFS on Fedora 19 because of new ruby
- https://bugzilla.redhat.com/890027
- virt-sysprep: Setting hostname, domain name and pretty name on Fedora 18 correctly
- https://bugzilla.redhat.com/887971
- pvcreate fails if partition contains a swap signature
- https://bugzilla.redhat.com/887520
- zero_free_space: open: /sysroot//ujqqq135.rd3: Cannot allocate memory
- https://bugzilla.redhat.com/886915
- libguestfs with libvirt attach-method fails with odd error if default hypervisor is Xen
- https://bugzilla.redhat.com/847549
- Adding a zero-length virtio-scsi disk causes: qemu-kvm: hw/scsi-bus.c:1568: scsi_req_complete: Assertion `req->status == -1' failed.
- https://bugzilla.redhat.com/811649
- libguestfs cannot open disk images which are symlinks to files that contain ':' (colon) character
- https://bugzilla.redhat.com/664558
- RFE: Allow to set log callback in Ruby bindings
libguestfs 1.20 のリリースノート
These release notes only cover the differences from the previous stable/dev branch split (1.18.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.New features
libvirt and sVirt (SELinux confinement)You can optionally use libvirt to launch and manage the backend appliance by:
- setting "LIBGUESTFS_ATTACH_METHOD=libvirt[:URI]"
- using "./configure --with-default-attach-method=libvirt[:URI]"
- or calling the API method "guestfs_set_attach_method"
SVirt (SELinux confinement) is used to secure the libguestfs appliance, if the libvirt backend is selected.
virtio-scsi, larger number of drives, hotplugging
Virtio-scsi is now used by default, if it is available. This greatly increases the number of drives that can be added to a single libguestfs handle (up to 255).
You can now hotplug drives (add and remove drives after launch).
Libguestfs can now handle > 25 disks, in all APIs, tools and tests.
You can label drives when adding them, then refer to them by label (/dev/disk/guestfs/LABEL) instead of having to use device names (/dev/sda).
new library features
POSIX Access Control Lists (ACLs) and Linux filesystem capabilities can now be read and written through the API.
Windows Dynamic Disks are now supported. The metadata can only be read (volumes cannot be modified or created). However the data/filesystems in the volumes themselves can be mounted, read and written (Matthew Booth).
Hivex (Windows Registry editing) is now directly supported through the API, making reading or editing the Windows Registry much more efficient.
Several libguestfs APIs were reimplemented so they no longer have any limits on output. The reimplemented APIs are: "guestfs_cat", "guestfs_find", "guestfs_read_file", "guestfs_read_lines", "guestfs_write", "guestfs_write_append", "guestfs_lstatlist", "guestfs_lxattrlist", "guestfs_readlinklist", "guestfs_ls".
virt tools
"guestfish touch 'win:c:\new_file'" now works as expected.
"guestfish" has a new --network option, which enables the user network in libguestfs.
You can set "GUESTFISH_PS1" to use fancy prompts in "guestfish".
"rsync", "ssh", "less" and "lrzip" commands are now available in virt-rescue. In addition, "rsync" can be used through the API for doing incremental copies.
"virt-sparsify" uses qcow2 v3 for increased efficiency.
"virt-sysprep" enhancements:
- generate new UUIDs for PVs and VGs
- remove the local machine ID (Wanlong Gao)
- remove ABRT data (Wanlong Gao)
- remove puppet keys and log files (Wanlong Gao)
- remove process accounting files (Wanlong Gao)
- new --firstboot parameter allowing firstboot scripts for customizing guests
- remove HOSTNAME field from "ifcfg-eth*" files (Wanlong Gao)
- miscellaneous improvements for SuSE (Olaf Hering)
- remove man pages cache (Wanlong Gao)
- remove crash data generated by kexec-tools (Wanlong Gao)
"virt-make-fs" can now create virtual floppy disks (VFDs).
"guestmount" has a --pid-file option, which can be used to avoid a race condition between unmounting the filesystem and using the underlying disk image.
language bindings
Full-featured Lua bindings have been added in this release (thanks to Jerome Vuarand for many suggestions).
In Ruby, optional arguments hash is optional.
In Python, optional arguments now don't use special ``sentinel'' values, so any integer can be passed as an optional argument.
Erlang bindings now come with examples and tests.
Erlang bindings now handle 64 bit integer parameters correctly.
The automated 'bindtests' now test for 64 bit cleanliness in parameter passing. Several bugs in the bindings were found and fixed as a result.
Better handling of blocking and non-blocking functions should make libguestfs calls more efficient.
inspection
Windows guests with unlimited-sized Registries are now supported. By adding the hivex API to the libguestfs API, it is much more efficient and easier to inspect and modify the Windows Registry in guests.
Better support for SuSE guests (Olaf Hering).
Return the architecture of installed applications (John Eckersberg).
Windows 8 is now supported.
Fedora 18 is now supported.
Inspection of ISOs/CDs/DVDs can now use the libosinfo database.
ports
Libguestfs without the appliance can be compiled on Mac OS X (Masami HIRATA).
RHEL 5 is now explicitly supported through the 'oldlinux' branch in upstream git.
PowerPC 64 bit is now supported. Also libguestfs has been examined for endianness bugs and these have been fixed.
daemon
A man page for the daemon (guestfsd(8)) is included.
Security
guestfish history fileThe $HOME/.guestfish history file is now created with 0600 permissions (instead of 0644 before) so it is no longer world readable.
CVE-2012-2690
Old versions of both "virt-edit" and the "guestfish" "edit" command created a new file containing the changes but did not set the permissions, etc of the new file to match the old one. The result of this was that if you edited a security sensitive file such as /etc/shadow then it would be left world-readable after the edit.
この問題は CVE-2012-2690 に割り当てられおり、libguestfs ≥ 1.16 において修正されています。
詳細は https://bugzilla.redhat.com/show_bug.cgi?id=788642 を参照してください。
New APIs
acl-delete-def-file acl-get-file acl-set-file canonical-device-name cap-get-file cap-set-file create-flags device-index disk-has-backing-file disk-format disk-virtual-size filesystem-available fill-dir fstrim get-cachedir get-libvirt-requested-credentials get-libvirt-requested-credential-prompt get-libvirt-requested-credential-challenge get-libvirt-requested-credential-defresult get-tmpdir hivex-close hivex-commit hivex-node-add-child hivex-node-children hivex-node-delete-child hivex-node-get-child hivex-node-get-value hivex-node-name hivex-node-parent hivex-node-set-value hivex-node-values hivex-open hivex-root hivex-value-key hivex-value-type hivex-value-utf8 hivex-value-value inspect-list-applications2 (John Eckersberg) list-ldm-volumes list-ldm-partitions ldmtool-create-all ldmtool-diskgroup-disks ldmtool-diskgroup-name ldmtool-diskgroup-volumes ldmtool-remove-all ldmtool-scan ldmtool-scan-devices ldmtool-volume-hint ldmtool-volume-partitions ldmtool-volume-type ls0 max-disks mke2fs (Wanlong Gao) mklost-and-found mkswap [added label and uuid optional arguments] mktemp (Wanlong Gao) nr-devices parse-environment parse-environment-list rm-f rsync rsync-in rsync-out set-cachedir set-libvirt-supported-credentials set-libvirt-requested-credential set-tmpdir shutdown [backported to 1.16 and 1.18] tar-in [added compress flag] tar-out [added compress, numericowner, excludes flags] umount [added force and lazy optional arguments] utsname xfs-admin (Wanlong Gao) xfs-growfs (Wanlong Gao) xfs-info (Wanlong Gao) xfs-repair (Wanlong Gao)
In the C API only:
guestfs_push_error_handler guestfs_pop_error_handler
内部
qemu ≥ 1.1 is required (≥ 1.2 preferred).febootstrap ≥ 3.20 is required.
libvirt is optional, but if you want to use the new libvirt backend for launching the appliance then libvirt ≥ 0.10.2 would be required.
Coverity has been run over the complete codebase, and many issues fixed (thanks Ondrej Vasik, Kamil Dudka).
Functions which previously had no optargs can now be converted to ones with optargs, making extending the API much more flexible. Source and binary backwards compatibility is preserved for users of the API.
The way that libguestfs APIs and structures are represented in the generator has changed to use an OCaml struct instead of a tuple. This makes generator descriptions more flexible and easier to understand. For details see commits 39d1a7db and eb185eef.
Separation of the library code into more files:
- Launch backends are now located in separate files eg. src/launch-appliance.c, "src/launch-libvirt.c".
- Generated action code is now split over several src/action*.c files, for faster compilation.
- The huge src/guestfs.c file is now split into smaller logical units.
POD (documentation) is now generated using a rewritten Perl program instead of pod2* + shell scripts.
Man pages now contain stable dates (Hilko Bengen).
Skipped tests now exit with code 77, so they appear as "SKIP:" in "make check" output.
The parallel mount-local test has been rewritten in C (RHBZ#838081).
Ruby 1.8.5 is now supported (though Ruby ≥ 1.9 is preferred).
Perl bindings can be disabled via "./configure --disable-perl" (Wulf C. Krueger). Note that Perl is still required in order to build libguestfs.
Java bindings are now enabled/disabled using "./configure --with-java" or "./configure --without-java" (Wulf C. Krueger).
New configure options "./configure --enable-code-profiling" and "./configure --enable-code-coverage".
Multiple fixes to use of 64 bit integers in language bindings.
The appliance backend now uses sgabios instead of vgabios (Dan Berrange).
The "./run" script now sets enough environment variables that you can run OCaml, Python, Ruby, Java, GJS, Erlang, Lua programs.
"./run --test" flag for running tests with minimal output. It also prints the time taken to run each test.
The "./run" script now builds up paths cumulatively, meaning that you can use "./run" twice, or use the libguestfs and libvirt "./run" scripts together.
You can extract a list of external commands required by the daemon, making building the appliance on certain distros easier (Olaf Hering).
The "virt-rescue" command is now tested during "make check".
The generator now removes unused generated files. This helps when going back and forth with git rebase, git bisect, etc.
Tests now run in a separate toplevel "tmp/" directory in the source. This allows the directory to be labelled for SELinux (sVirt), and also makes it easier to clean up.
"make syntax-check" now works to a greater extent, and many problems in the main code that were found by syntax-check have been fixed (thanks Jim Meyering).
Emacs mode (-*- foo -*-) has been added to generated files.
Progress bar output is now sent to /dev/tty so it doesn't end up in the regular output of the program. virt-resize and virt-sparsify now suppress progress bars if stdout is not a tty.
There is now a "./configure --without-libvirt" option. This is useful for testing that the code still compiles without libvirt.
There is now an internal mini-library for running commands. This allows us to redirect errors from external commands into events.
Code for handling temporary directories and the appliance cache was completely overhauled.
Code for temporarily ignoring/disabling errors now looks like this:
guestfs_push_error_handler (g, NULL, NULL); guestfs_mkdir (g, "/foo"); /* We don't care if this fails. */ guestfs_pop_error_handler (g);
The "tests/extra" directory has gone. The ``extra tests'' are now split into separately runnable targets, such as "make check-valgrind". Use "make help" to get a summary of the targets.
The "lpj" option is passed to the appliance kernel when using TCG. This should improve clock stability (thanks Marcelo Tosatti, Olaf Hering).
バグ修正
- https://bugzilla.redhat.com/882417
- libguestfs tools fail with odd error messages if TMPDIR is not an absolute path
- https://bugzilla.redhat.com/882299
- Windows 8 guest disks can't be mounted: ``The NTFS partition is in an unsafe state. Please resume and shutdown Windows fully (no hibernation or fast restarting), or mount the volume read-only with the 'ro' mount option.''
- https://bugzilla.redhat.com/881953
- libguestfs: migration to /etc/hostname, /etc/vconsole.conf, /etc/locale.conf
- https://bugzilla.redhat.com/880801
- virt-df with two -a options displays incorrect disk image name
- https://bugzilla.redhat.com/879416
- libguestfs-test-tool pauses when you use --help option
- https://bugzilla.redhat.com/876579
- mke2fs API does not apply block device naming translation to journaldevice optarg
- https://bugzilla.redhat.com/860235
- SELinux policy ought to allow qemu to write to unconfined_u:object_r:user_tmp_t:s0
- https://bugzilla.redhat.com/859949
- RFE: inspect-list-applications does not return the architecture of RPM packages
- https://bugzilla.redhat.com/859885
- inspect-list-applications does not list all installed RPM packages with same name and different versions
- https://bugzilla.redhat.com/859876
- guestfish printed paths are not canonicalized
- https://bugzilla.redhat.com/859875
- Progress bar output should go to tty(?) stderr(?)
- https://bugzilla.redhat.com/858696
- virt-sysprep reports Guestfs.Error(``read_lines: fopen: /etc/sysconfig/network: No such file or directory'') on some Fedora guests
- https://bugzilla.redhat.com/858128
- libguestfs fail to list devices added by add-drive-ro-with-if twice
- https://bugzilla.redhat.com/858126
- virt-inspector fail to work with some windows guests
- https://bugzilla.redhat.com/853762
- virt-sparsify should use a more robust method to detect the input format
- https://bugzilla.redhat.com/853393
- libvirt doesn't label console, serial sockets
- https://bugzilla.redhat.com/853159
- virt-rescue in Fedora 18 is completely broken
- https://bugzilla.redhat.com/852394
- libguestfs inspection limits registries to 100 MiB
- https://bugzilla.redhat.com/852194
- virt-sparsify --compress fails if output is raw format
- https://bugzilla.redhat.com/847881
- RFE: allow extra arguments (like --exclude) to tar-out
- https://bugzilla.redhat.com/847880
- tar-out should allow (or force) --numeric-owner
- https://bugzilla.redhat.com/845522
- guestfish ``copy-out / localdir'' command fails with ``No such file or directory''
- https://bugzilla.redhat.com/845488
- Long filenames on NTFS cause tar-out, copy-out etc to fail with error ``Cannot open: File name too long''
- https://bugzilla.redhat.com/842307
- RFE: Need help designing and implementing selinux policy for libguestfs/sVirt
- https://bugzilla.redhat.com/840572
- virt-make-fs / tar-in should support vfat properly
- https://bugzilla.redhat.com/840115
- guestfish touch problem - case_sensitive_path API expects the file to exist
- https://bugzilla.redhat.com/836710
- Data loss when writing to qcow2-format disk files
- https://bugzilla.redhat.com/834712
- lvresize, lvresize-free fail unnecessarily if you don't change the size of the LV: ``New size (nn extents) matches existing size (nn extents)''
- https://bugzilla.redhat.com/824716
- compress-device-out didn't support bzip2
- https://bugzilla.redhat.com/824043
- guestfish unrecognized mount option gives confusing error message
- https://bugzilla.redhat.com/823887
- Filenames containing Chinese characters can't be created on vfat filesystems
- https://bugzilla.redhat.com/823885
- virt-make-fs cannot create vfat filesystem containing filesystems with Chinese characters
- https://bugzilla.redhat.com/823883
- virt-make-fs -t fat fails with an obscure error message
- https://bugzilla.redhat.com/823821
- Inspection fails when /etc/HOSTNAME is empty
- https://bugzilla.redhat.com/801117
- libguestfs cannot get icon for Windows 8
- https://bugzilla.redhat.com/798979
- Ubuntu install CDs from oneiric onwards are not recognized: ``multi-boot operating systems are not supported''
- https://bugzilla.redhat.com/782167
- libguestfs doesn't recognize Windows Dynamic disks in some configurations, eg. spanned
- https://bugzilla.redhat.com/713678
- Not all febootstrap messages are redirected to log callbacks
- https://bugzilla.redhat.com/627675
- libguestfs inspector code cannot handle /dev/disk/by-id/* paths
- https://bugzilla.redhat.com/602997
- part-get-bootable gives wrong result with an unordered part layout
RELEASE NOTES FOR LIBGUESTFS 1.18
These release notes only cover the differences from the previous stable/dev branch split (1.16.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.New features
virt tools
- virt-sysprep has been rewritten and expanded (thanks Wanlong Gao) http://libguestfs.org/virt-sysprep.1.html - virt-sparsify --zero is a new option that zeroes the named partition or filesystem - virt-sparsify can now safely sparsify Linux swap partitions - virt-sparsify fixed so it cleans up after ^C http://libguestfs.org/virt-sparsify.1.html - a new tool 'libguestfs-make-fixed-appliance' is provided to build fixed appliances that can be copied to other machines that don't have febootstrap support http://libguestfs.org/libguestfs-make-fixed-appliance.1.html - virt-filesystems now displays the parents (containers) of MD devices and volume groups - virt-alignment-scan, run with no args, displays alignment information for all libvirt domains - virt-df and virt-alignment-scan will display information from all guests even when a disk is inaccessible - virt-rescue new --scratch option to make scratch disks https://rwmj.wordpress.com/2012/04/26/virt-rescue-scratch/#content - virt-make-fs can now be used to create btrfs - virt-edit preserves permissions, UID, GID and SELinux context when editing files - guestfish passes the close event over stdout and remote correctly - guestfish new '--pipe-error' option lets you detect errors in pipe commands - guestfish globs now expand device names - comma and colon characters in filenames now handled correctly by all virt tools
inspection
- Fedora 17+ のサポートの追加 - FreeDOS のサポートの追加 - Buildroot および Cirros のサポートの追加 - inspection is now compatible with Windows guests that have been sysprepped (thanks Grant Williamson).
API
- broad support for btrfs added, including adding multiple devices, fsck, snapshots (thanks Wanlong Gao) - the new 'mount-local' API brings FUSE support directly into the core libguestfs API https://rwmj.wordpress.com/2012/05/14/tip-using-mount-local-api-from-c/#content - new man page: guestfs-performance(1), which contains performance tuning tips http://libguestfs.org/guestfs-performance.1.html - new man page: guestfs-faq(1), Frequently Asked Questions http://libguestfs.org/guestfs-faq.1.html - ENOTSUP (from guestfs_last_errno) is now returned for APIs that are not supported
例
- 'copy_over' example showing how to copy between two handles - 'display_icon' program displays the icon associated with a guest - 'mount_local.c' example shows how to use the mount-local API
Security
(no security problems were found or fixed in this release)
New APIs
btrfs-device-add: Add devices to a btrfs filesystem. btrfs-device-delete: Remove devices from a btrfs filesystem. btrfs-filesystem-sync: Sync a btrfs filesystem. btrfs-filesystem-balance: Balance a btrfs filesystem. btrfs-fsck: Check btrfs filesystem. btrfs-set-seeding: Enable or disable seeding. btrfs-subvolume-create: Create a btrfs snapshot. btrfs-subvolume-delete: Delete a btrfs snapshot. btrfs-subvolume-list: List btrfs snapshots and subvolumes. btrfs-subvolume-set-default: Set default btrfs subvolume. btrfs-subvolume-snapshot: Create a writable btrfs snapshot. get-e2attrs: List ext2 file attributes of a file. get-e2generation: Get ext2 file generation of a file. isoinfo, isoinfo-device: Get information from the header of ISO files. llz: List files with SELinux information. lvcreate-free: Create an LVM logical volume in % remaining free space. md-stat: Return underlying devices from an MD device. mkfs-brtfs: Make btrfs filesystem, with all tunables. mount-local, mount-local-run, umount-local: FUSE support in the API. ntfsclone-in, ntfsclone-out: Save, restore NTFS from backup. ntfsfix: Fix common errors and force Windows to check NTFS. set-e2attrs: Set or clear ext2 file attributes of a file. set-e2generation: Set ext2 file generation of a file. set-label: Unified interface for setting filesystem label. vgmeta: Get volume group metadata. wipefs: Wipe filesystem signatures from a device. zero-free-space: Zero free space in a filesystem.
内部
- The debian/ subdirectory has been removed. We recommend you use the official Debian packages made by Hilko Bengen. http://people.debian.org/~bengen/libguestfs/ http://packages.debian.org/search?keywords=libguestfs - O_CLOEXEC / SOCK_CLOEXEC is now used for almost all file descriptors that the library opens. - posix_fadvise is called when sequentially reading or writing large files. - close all file descriptors and remove all signal handlers in the recovery process - multiple gcc warnings and Coverity bugs have been fixed; many strict-overflow bugs have also been fixed - use ./configure --enable-valgrind-daemon to use valgrind on the daemon; many errors have been fixed - use ./configure --with-qemu-options to pass extra options to qemu - the daemon now has a growable strings buffer type (DECLARE_STRINGSBUF) - the <guestfs.h> header file works with C++ and we have a regression test for this - multiple APIs which should only be called in the CONFIG state now give an error if they are not - .gitignore fixed to use absolute paths - gobject bindings have been expanded, including mapping libguestfs events to gobject signals (thanks Matt Booth) - gobject documentation is generated properly (thanks Matt Booth) - gobject header files now live in a subdirectory - CompareWithString test in the generator now works - FUInt32, FUInt64 struct field types now use the correct XDR type - OCaml tests are now run on bytecode and native code. - java -Xlint:all is used, and all warnings have been fixed - bmptopng, wrestool (etc) missing or failure no longer prints warning messages - ruby: Use RbConfig instead of Config. - PYTHONPATH is set by the ./run script. - appliance building is now thread-safe. - appliance now uses 'ip' instead of 'ifconfig' and 'netstat' commands - several fixes to make parallel builds work properly - guestfish --listen now cleans up properly - the BUSY state has been removed - gettextize has been removed, replaced by a simple Makefile.am - gettext support now covers virt-resize, virt-sparsify and virt-sysprep - better support for the arm architecture
バグ修正
- 822490 virt-ls error: "libguestfs: error: checksum: path: parameter cannot be NULL" - 816839 data overflow error when debug progress -1 - 816098 virt-make-fs fails to make a btrfs filesystem because it doesn't allocate enough space - 811872 inspection fails on ubuntu 10.04 guest with encrypted swap - 811650 guestfs_last_error not set when qemu fails early during launch - 811649 libguestfs cannot open disk images which are symlinks to files that contain ':' (colon) character - 811117 [RFE][virt-sysprep] net-hwaddr not removed from "ifcfg-*" files on rhel - 811112 [RFE][virt-sysprep] hostname can not be changed on rhel system - 809361 inspection doesn't recognize Fedora 18 (grub2 + GPT) - 807905 mkfs blocksize option breaks when creating btrfs - 805070 virt-filesystems should show 'parents' of LV and RAID devices - 804464 libguestfs cannot be built when LINGUAS is different then ja or uk - 803664 libguestfs inspection fails on Windows XP: libguestfs: error: hivex: could not locate HKLM\SYSTEM\MountedDevices - 803533 guestfish: write error - 802389 event handlers for 'close' event doesn't work in remote mode - 802109 libguestfs uses putc on stderr, results in many individual 1 byte writes of debug messages - 801640 [RFE] the error reported by resize2fs-M need to be more clear - 801298 Possible null dereference and resource leaks - 801273 Document for set-pgroup need to be updated - 798196 virt-resize confuses format and output_format variables; using --output-format sets the input format - 797986 virt-resize on Windows XP in sysprep state causes "UNMOUNTABLE_BOOT_VOLUME" BSOD - 796520 [RFE] Prevent user from running some appliance configure commands after appliance boot up - 790721 multiprovider build error: RuntimeError: link: /tmp/.guestfs-0/kernel /tmp/.guestfs-0/kernel.10139: File exists - 789960 guestfsd crash when try to mount non-exist disk - 789504 virt-df (other tools?) should not give up if a guest disk is missing - 788641 virt-edit doesn't preserve file permissions - 786215 libguestfs inspection does not recognize FreeDOS operating system - 786188 libguestfs inspection does not recognize FreeDOS install CD - 785668 aug-defnode: daemon crash - 784647 Libguestfs uses deprecated net-tools - 769304 virt-resize on RHEL 6 kernel fails to re-read the partition table - 755729 Error message for resize2fs-M needs tweaking - 701814 virt-win-reg fails on a libvirt guest that has no defined disk format: "format parameter is empty or contains disallowed characters" - 679737 libguestfs: improve error message when zerofree is not available in the appliance - 635971 glob mkfs ext2 /dev/vd[b-t]1 does not expand
RELEASE NOTES FOR LIBGUESTFS 1.16
These release notes only cover the differences from the previous stable/dev branch split (1.14.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.New features
libguestfs
- allow XFS filesystems to be created over an existing filesystem (Wanlong Gao) - the (unspecified) default alignment for part-disk has been changed to 64K for better support of high-end network-attached storage - new guestfs-testing(1) man page - list-filesystems returns MD devices containing filesystems (Matthew Booth) - support for GCC >= 4.7 (Jim Meyering) - check user does not add the same drive twice (Wanlong Gao).
language bindings
- Experimental GObject bindings, with support for GObject Introspection. You can now use libguestfs from Javascript. Please note these are not stable and final in this release. (Matthew Booth). - support for Ruby >= 1.9 - Ruby bindings can be disabled individually (Hilko Bengen) - support for Python 2.6, 3.x (Richard Jones, Hilko Bengen) - support for PHP >= 5.4 - new %guestfs_introspection hash is available in Perl bindings so you can query which optional arguments are available
inspection
- guests with MD devices can be inspected (Matthew Booth) - support for GNU/Hurd guests
guestfish
- libguestfs events (such as progress bar events and log messages) can be trapped and processed by user-defined shell scripts. - MD devices are tab-completed (Matthew Booth)
virt tools
- New tool virt-format for erasing and making blank disks - virt-sparsify new --compress and -o options to allow for compressed and different format output - virt-sparsify can now detect and sparsify .vdi files - virt-sysprep no longer requires xmlstarlet; a new virt-inspector --xpath option has been added to replace this functionality - virt-rescue has a new --suggest option which suggests mount commands for the guest - virt-resize no longer requires OCaml pcre library
libguestfs live
- daemon will no longer try to edit your live /etc/lvm configuration - fix a potential security problem with predictable /tmp names (Steve Kemp)
Security
CVE-2011-4127, RHBZ#757071 Mitigate possible privilege escalation via SG_IO ioctl For more information, see: https://github.com/libguestfs/libguestfs/commit/9a5f784d511a8f00a8386f316eab41fe660430db
New APIs
blkid: print all attributes of a device known to blkid (Wanlong Gao) e2fsck: access to more features of e2fsck (Wanlong Gao) list-md-devices: list of Linux MD devices (Matthew Booth) md-create: create an MD device md-detail: returns metadata for an MD device (Matthew Booth) md-stop: stop an MD device (Wanlong Gao) tune2fs: allow ext2/3/4 filesystems to be tuned
内部
Git hosting has moved to http://github.com/libguestfs The various test directories have been rearranged logically, and now all appear under 'tests/'. There is a 'make extra-tests' rule which runs ordinary tests and additional tests, using valgrind to check for memory problems. Multiple memory leaks and other problems found by valgrind and fixed. Support for optional arguments in the generator has been rewritten to provide more features and safety (Matthew Booth). With gcc -fvisibility=hidden is used for internal symbols, avoiding call indirection via the PLT. RHashtable functions can be tested in the generator. ADD_ARG macro in daemon allows arg lists to be constructed without risk of stack smashing. Fix generation of OCaml functions that have more than 10 arguments. psmisc has been added to the appliance, allowing use of 'fuser', 'killall' and 'pstree' for debugging. bindtests now cover RBufferOut and optional arguments (Matthew Booth).
バグ修正
- 769680 temporary directories created during appliance builds are not cleaned up on error - 761460 guestfs_utimens hangs on named pipes - 761451 guestfs_utimens cannot set times on a directory - 760775 "guestfish: multi-boot operating systems are not supported by the -i option" should be more explanatory - 760669 guestfish copy-in and <! (inline execution) don't mix well: pclose: No child processes - 760000 libguestfs fails to compile with Ruby >= 1.9 - 755729 Error message for resize2fs-M needs tweaking - 750889 Python code incompatible with Python v3. - 596761 Ctrl-\ causes guestfish to abort
RELEASE NOTES FOR LIBGUESTFS 1.14
These release notes only cover the differences from the previous stable/dev branch split (1.12.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.New features
Erlang bindings. virt-alignment-scan is a new tool to check the alignment of partitions within virtual machines or disk images. virt-sparsify is a new tool to make virtual machine disk images sparse. virt-sysprep is a new tool to make cloning guests from a template simpler.
guestfish
- New commands setenv, unsetenv, to set environment variables. - The input file and line number is printed in error messages. - guestfish progress bars are now a "mini-library" used by other tools too.
guestmount
- the --live option (for access to live VMs) now works.
virt-cat
- virt-cat can now handle Windows paths and drive letters (RHBZ#693359).
virt-filesystems
- the MBR partition type byte is displayed in --long output.
virt-make-fs
- virt-make-fs now sets the MBR partition type byte correctly, improving compatibility with Windows (RHBZ#746295).
virt-resize
- virt-resize can now work with guests using extended and logical partitions, in particular Ubuntu guests. - virt-resize can now align the first partition of Windows guests, improving performance. The new virt-resize --align-first option controls this behaviour. - The virt-resize --machine-readable flag makes it possible to use virt-resize from other programs. - Partitions are now aligned to 128 sectors (usually 64K) by default. This improves efficiency on high-end storage. The new virt-resize --alignment option allows the alignment to be adjusted.
virt-win-reg
- The syntax for deleting registry keys and values is documented in the man page (RHBZ#737944).
library
- non-printing characters are escaped correctly in debug output. - GUESTFS_EVENT_ENTER is a new event type generated whenever a libguestfs function is called. - the library contains systemtap/DTrace probes. - the library can now be compiled without hivex (RHBZ#723474).
inspection
- Improve detection of Windows disks. - Adds support for: ttylinux - a minimal Linux Mageia (thanks Michael Scherer) OpenSUSE and zypper (thanks Michael Scherer, Vincent Untz) Ubuntu logos (thanks Michael Scherer) NetBSD and pkgsrc (thanks Michael Scherer) - Handle some guest types that use /dev/root in /etc/fstab. - Fix handling of guests with > 26 disks (thanks Matthew Booth) - Add support for guests with HP Smart Array disks (thanks Matthew Booth)
febootstrap
- FEBOOTSTRAP_KERNEL, FEBOOTSTRAP_MODULES environment variables can be set in order to choose which kernel to use for the appliance.
misc
- ArchLinux support now working with Linux 3.0 (thanks Erik Nolte) - libvirt disks marked <readonly/> are now added readonly when using the virt-tools '-d' option.
Security
(no security problems were found or fixed in this release)
New APIs
compress-out, compress-device-out, copy-device-to-device, copy-device-to-file, copy-file-to-device, copy-file-to-file, get-smp, part-to-partnum, set-smp. The mount API no longer implicitly adds -o sync,noatime options. add-domain has a new 'readonlydisk' optional parameter to control how <readonly/> disks are handled.
内部
- Coverity was run on the source and more bugs were identified and fixed. - PCRE library is now required to build libguestfs. - APIC is now the default for the appliance. You can also enable SMP support in the appliance. - OCaml bindings now correctly acquire GC lock during callbacks. - Out of tree builds should now work correctly (thanks Hilko Bengen). - ./configure --with-extra="..." can be used by packagers to set the extra version string. - zero, zero-device APIs: if the blocks already contain zeroes, don't write zeroes, so that we don't unnecessarily make the underlying storage non-sparse. - is-zero, is-zero-device APIs: optimize these so zero detection is faster.
バグ修正
- 748266 libguestfs should detect versions of qemu which require -machine pc option - 747290 libguestfs ignores <readonly/> in libvirt XML - 747287 Misleading error message when permission denied opening a disk image - 746295 virt-make-fs doesn't set partition ID - 744795 guestmount --live is not usable - 737944 virt-win-reg hyphen (delete key) syntax may be wrong, and is not documented - 733297 ruby event handlers fail with "exception in callback: wrong argument type Proc (expected Data)" - 731744 libguestfs should escape special/non-printing characters in debug output - 729887 appliance crashes running aug_init with flags=4 - 729075 libguestfs confuses Hp_recovery partition with Windows root filesystem - 727178 error: luks_open: cryptsetup: error while loading shared libraries: libfipscheck.so.1: cannot open shared object file: No such file or directory - 726739 libguestfs: error: aug_get: no matching node, trying to find hostname - 723474 If hivex and/or pcre not installed, libguestfs fails to compile - 693359 virt-cat and virt-edit don't handle case sensitive NTFS paths properly - 678231 virt-inspector reports unknown filesystem UUID - 671082 libguestfs does not work with kernel-rt - 666578 libguestfs: unknown filesystem label SWAP-sda2 - 642821 virt-resize falls over on a disk image with a logical swap partition
RELEASE NOTES FOR LIBGUESTFS 1.12
These release notes only cover the differences from the previous stable/dev branch split (1.10.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.New features
guestfish
- guestfish strings can use escapes, eg. ><fs> write /foo "line 1\nline 2\n" - guestfish write-append command can be used to append to files. - Long-running file uploads and downloads can be cancelled through the API or by hitting ^C in guestfish. - New guestfish "display" command for displaying graphical files inside guests. - In guestfish, tab completion now works on /dev/mapper devices.
virt-inspector
- Inspection API can get an icon or logo for certain guests. - virt-inspector includes the logo and hostname for certain guests. - virt-inspector can now get the version and release numbers for RPM packages. - CentOS and Scientific Linux are now treated as separate distros by the inspection API.
virt-resize
- virt-resize can now handle btrfs. - New virt-resize --ntfsresize-force option allows Windows VMs to be resized multiple times.
other virt tools
- guestfish, guestmount, virt-cat, virt-df, virt-edit, virt-filesystems, virt-inspector, virt-ls and virt-rescue now allow you to use "-d UUID" option to specify a guest by UUID. This makes them more robust to use from other programs. - virt-ls -lR option allows complex file iteration and guest analysis. - virt-win-reg supports HKEY_USERS\<SID> and HKEY_USERS\<username>. - virt-win-reg new option --unsafe-printable-strings allows printable strings to be displayed in the output (unsafely: read the documentation before using). - virt-edit has been rewritten in C.
API and language bindings
- Java is now completely supported. See http://libguestfs.org/guestfs-java.3.html - JRuby is supported via the Java bindings. - guestfs_close now appears in trace messages. - Python binding adds explicit g.close() method. - Python programs can now use the new event API. - Python GIL is released during libguestfs calls, allowing multithreaded Python programs to work properly. - 9pfs (Plan 9 filesystems exported from the host) are now supported. - Add -DGUESTFS_WARN_DEPRECATED=1 to warn about use of deprecated API functions in C programs. - New manual page guestfs-recipes(1) with recipes. - mkfs-opts can now set inode size and sector size on created filesystems (thanks Nikita Menkovich). - guestfs_last_errno is now accessible from OCaml (as g#last_errno ()).
Security
- optargs_bitmask is checked even for calls that have no optional arguments. This closes a possible exploit in the daemon from untrusted callers.
New APIs
btrfs-filesystem-resize, get-pgroup, inspect-get-icon, is-zero, is-zero-device, list-9p, list-dm-devices, mount-9p, ntfsresize-opts, set-pgroup, write-append
内部
- Coverity (a static analysis tool) was run across the codebase and many fixes were made. - Generator can handle functions that return RBufferOut and have optional arguments. - Compatible with Perl 5.14. - Compatible with gcc 4.6. - Perform safety checks on QEMU. - C API tests can now fully test calls that have optional arguments. - Use ./configure --enable-install-daemon to install /usr/sbin/guestfsd. - po-docs directory now covers all man pages. - stderr from qemu process is now captured by the event subsystem.
バグ修正
- 602997 part-get-bootable gives wrong result with an unordered part layout - 661280 virt-rescue: panic when shutting down: "/sbin/reboot: No such file or directory" - 700369 qemu-system-x86_64 says 'KVM not supported for this target' - 705200 guestmount attempt results in access denied - 714981 'list-filesystems' does not know about virtio 9p filesystems or detect existing mounts - 717786 libguestfs python bindings should have an explicit close call - 721275 virt-resize in F16 should support btrfs
Release notes for libguestfs 1.10.0
These release notes only cover the differences from the previous stable/dev branch split (1.8.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.New features
- libguestfs and tools can be used against live virtual machines. See the 'guestfish --live' and 'guestmount --live' options, and (for the low-level interface) the new APIs set-attach-method and get-attach-method. - New virt tools: virt-copy-in, virt-copy-out, virt-tar-in, virt-tar-out. - libguestfs can get the drive letter mappings for Windows guests. - virt-inspector displays drive letter mappings for Windows guests. - Drive letters can now be used in virt-edit and guestfish programs when operating on Windows guests. - virt-resize now works on 32 bit hosts. - You can now inspect the install disks and live CDs of many different operating systems. - guestfish <! cmd which executes a shell cmd and inlines the result. - guestfish, guestmount, virt-rescue now all support --ro and --rw options, and the default for this can be chosen via a configuration file (/etc/libguestfs-tools.conf). - New event API allows more than one callback to be registered for each event, makes it possible to call the API from other languages, and allows nearly all log, debug and trace messages to be rerouted from stderr. - Greater FHS compliance for temporary files, including using /var/tmp for large cached files that should survive reboot (instead of /tmp). - guestfish, guestmount -m option allows mount options to be passed through to the underlying filesystem. - mkfs-opts allows filesystem features to be specified. - More intelligent handling of mountpoints, allowing mkmountpoint, mount and umount-all commands to work together properly. - Trace messages are prefixed with a distinct string, allowing them to be easily 'grepped' out from debug output. - guestfs_launch (guestfish 'run' command) now produces progress messages (a guestfish progress bar) if it takes longer than 5 seconds to run. - Several long-running commands where we are unable to estimate time to completion generate "pulse mode" progress events. Progress bar in guestfish has been updated to display these. - Publish new example code in: C, Perl, Python, OCaml, Ruby. - New virt-dhcp-address example program. - The Java and Ruby bindings have been improved greatly. - Perl includes a way to get the errno of the last error. - Python bindings now compatible with rpyc (thanks Erez Shinan). - Transifex is now being used to manage translations. http://www.transifex.net/projects/p/libguestfs/ - Inspection now supports Red Hat Desktop, Slackware distributions. - Inspection no longer fails for Windows guests that have two or more disks. - Inspection can now tell the difference between Windows 2008 Server and Windows 7. - Inspection can detect 32 bit applications installed in 64 bit Windows, running on the WOW64 emulator. - A series of protocol fixes has fixed the old bug RHBZ#576879 which used to cause errors during the upload command to lose protocol synchronization. - New logo!
Security
[none]
New APIs
first-private, get-attach-method, inspect-get-drive-mappings, inspect-get-product-variant, inspect-get-windows-current-control-set, next-private, resize2fs-M, set-attach-method.
内部
- The 'HACKING' file is obsolete. The contents have been moved into a section of the guestfs(3) manual page. - libguestfs-test-tool simplified. It no longer needs the static binary or tries to construct an ISO. - rpcgen-generated files are compiled with -fno-strict-aliasing which should be safer (thanks Matt Booth). - virt-resize was rewritten in OCaml. - guestfish and other tools tested with valgrind; some memory leaks were fixed.
バグ修正
- 502533 Updated Polish translation of libguestfs - 576879 libguestfs protocol loses synchronization if you 'upload' before mounting disks - 599503 document that mkmountpoint and umount-all cannot be mixed - 617440 guestfish: fails to tilde expand '~' when the $HOME env is unset - 664558 RFE: Allow to set log callback in Ruby bindings - 665358 Punjabi Translation Completed (pa_IN) - 666577 libguestfs: unknown filesystem /dev/fd0 - 667610 Multiple bugs, memory leaks in libguestfs ruby bindings - 668112 virt-filesystems command fails on guest with corrupt filesystem label - 668574 guestfish -i is trying to mount all mounts from /etc/fstab and fails with an error when device doesn't exists - 673479 Add a grep-friendly string to LIBGUESTFS_TRACE output - 674130 Inspection code fails for Windows guest with two disks - 682756 libguestfs trace segfaults when list-filesystems returns error - 682979 libguestfs incorrectly detects Red Hat desktop as 'redhat-based' instead of 'redhat' - 690819 mkfs fails creating a filesystem on a disk device when using a disk with 'ide' interface - 691389 Extended attributes don't work over guestmount (FUSE) - 691724 virt-inspector reports unknown filesystem /dev/vda1 - 692545 inspect-list-applications fails to detect 32 bit apps installed under WOW64 emulator on 64 bit Windows - 693324 sfdisk's python interface only accepts lists of type 'list' for the lines parameter
libguestfs 1.8 のリリースノート
These release notes only cover the differences from the previous stable/dev branch split (1.6.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.New features
- Support and packages for Debian and Ubuntu. - Daily builds from git repository on Debian and Ubuntu to reduce risk of regressions. - Port to ArchLinux 'pacman' (thanks Thomas S Hatch). - The following tools have been rewritten in C (originally in Perl): . virt-cat . virt-df . virt-inspector . virt-ls . virt-rescue - Some C tools support encrypted guests automatically. This is supported in: guestfish, guestmount, virt-cat, virt-inspector, virt-ls. - New tool virt-filesystems (in C) which is a replacement for virt-list-filesystems and virt-list-partitions, and has a superset of the functionality of those tools. - guestfish, guestmount and the C tools use unified command line option parsing, so they support many common options such as '-a disk.img', '-d libvirt-domain', '-x', '-v'. The old command line option parsing is preserved for compatibility in scripts etc. - guestfish no longer has any dependencies on Perl - New man pages containing programming examples: guestfs-examples(3) (C/C++), guestfs-ocaml(3), guestfs-python(3), guestfs-ruby(3). - Trace mode prints return values from API functions. - virt-inspector can list applications installed in Windows guests, along with a great deal of information about those applications. - Add support for inspecting: Linux Mint, Mandriva, FreeBSD. - guestfish --rw option (with no effect currently) to make potentially dangerous write access explicit. - guestfish --listen --csh for compatibility with csh, tcsh (thanks Eric Blake). - The first upstream version that introduced each API function is now documented in guestfs(3). - guestfs_last_errno allows you to retrieve the errno from the daemon, correctly translated to the local operating system. - Functions can now have optional parameters. - Progress bars and progress notifications can now happen for upload commands. - Appliance builder more careful about not leaving temporary files around in /tmp. - getfattr/setfattr commands added to virt-rescue. - ROADMAP file covers roadmap and goals for future releases.
Security
- New SECURITY section in guestfs(3) API documentation. - virt-inspector no longer runs any guest commands. - Inspection code is more careful about avoiding very large files from guests which might previously have caused a denial of service. - FUSE calls into guestmount are now traced when using guestmount -x.
New APIs
- add-domain - add-drive-opts - getxattr - inspect-get-hostname - inspect-get-package-format - inspect-get-package-management - inspect-get-roots - inspect-list-applications - lgetxattr - mkfs-opts
内部
- C programs now only link precisely with the libraries that they use. - PCRE, libmagic, hivex and libvirt libraries are now completely optional for building. - Multiple memory leaks and file descriptor leaks fixed. - Add a POD wrapper to unify generation of man pages and HTML files across all programs. - Source includes phony images of Fedora, Debian, Ubuntu and Windows guests. - Ruby bindings have 'make install' rule. - <guestfs.h> is now a single file. - <guestfs.h> does not require XDR headers. - ocaml xml-light library is no longer required to build (thanks Maxim Koltsov). - ./configure --disable-[...] for each language binding (thanks Maxim Koltsov). - Old ocaml-viewer program removed (use guestfs-browser instead). - New C API test type 'InitScratchFS' makes the tests run a little more quickly. - Excluded packages in the appliance are now listed in a separate file appliance/excludelist.in, and can be customized per-distro.
バグ修正
- 663407 readlink and readlinklist returns /sysroot/ in some paths - 661280 virt-rescue: panic when shutting down: "/sbin/reboot: No such file or directory" - 657499 checksum: wrong check sum type causes umount to fail - 655554 Whole disk paths are not made canonical by virt-inspector - 654638 openssl updated to 1.0.0b libguestfs depends on exact file names - 652796 ruby bindings not installed by 'make install', hence omitted from the binary distribution
RELEASE NOTES FOR LIBGUESTFS 1.6
These release notes only cover the differences from the previous stable/dev branch split (1.4.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.New features
- Use a new method for creating and caching the appliance. This greatly improves the performance of libguestfs, often by a factor of x 4 to x 5. - Support for guest inspection (like virt-inspector) via the ordinary API and all language bindings. 'guestfish -i' option is as a side- effect much quicker. - virt-inspector and core inspection API can now detect guests running: Fedora, Debian, Ubuntu, Windows, Red Hat Enterprise Linux, CentOS, Scientific Linux, Gentoo, Pardus, Arch Linux, MeeGo. - Support for LUKS whole-disk encryption in guests. - PHP バインディング。 - Progress messages (and progress bars in guestfish and virt-resize) for certain long-running operations. - virt-df is now much more efficient. Use '--one-per-guest' to restore the old per-guest isolation behaviour. - guestfish 'copy-in' and 'copy-out' commands for copying files and directories recursively in and out of the guest. - guestfish 'hexedit' command for doing binary edits to devices and files. - Change guestfish -i syntax to allow commands to be specified on the command line (retaining backwards compatibility). - guestfish '-d <domain>' for adding disks from libvirt domains. - guestfish '-N' option supports several new prepared disk image types: lvfs : disk with LV formatted with filesystem lv : disk with LV bootroot : boot+root bootrootlv : boot and root on LV - guestfish 'more' and 'edit' commands now work with arbitrary files. - guestfish '--echo-keys' option allows you to echo keys/passphrases while typing them. - guestmount now supports -a / -d / -i options, like guestfish. - Use virtio-serial for communications with the appliance. This also has a major performance benefit. - virt-edit '-b' option to create a backup of edited files. - virt-edit '-e' option for non-interactive edits to files. - Ability to capture core dumps from the appliance (thanks Matthew Booth). - virt-rescue now shuts down cleanly (thanks Matthew Booth). - virt-rescue now has a --network option to enable network access. - virt-resize can now handle guests which use GPT partition table format. - virt-resize has better support for shrinking guests. - virt-resize supports qcow2-format guests. - $TMPDIR can be used to override almost all temporary directory usage. - OCaml users can use an alternate OO-style of coding, eg. g#launch () - The API supports calls which take optional parameters, eg. $g->add_drive_opts ("disk", readonly => 1); - Trace output now escapes and shortens large strings (thanks Matthew Booth). - Autosync is now on by default, resulting in more reliable behaviour when the handle is closed. - virt-df --uuid option allows you to follow a domain across migration and renaming. - Translations of manual pages.
Security
- CVE-2010-3851 libguestfs: missing disk format specifier when adding a disk https://www.redhat.com/archives/libguestfs/2010-October/msg00036.html This is comprehensively fixed in this release, and the fix will be backported to the other stable branches after more testing. - virt-inspector no longer relies on untrusted guest code to list applications in some guests.
New APIs
download-offset, file-architecture, findfs-label, findfs-uuid, inspect-os, inspect-get-arch, inspect-get-distro, inspect-get-filesystems, inspect-get-major-version, inspect-get-minor-version, inspect-get-mountpoints, inspect-get-product-name, inspect-get-type, is-blockdev, is-chardev, is-fifo, is-lv, is-socket, is-symlink, list-filesystems, luks-add-key, luks-close, luks-format, luks-format-cipher, luks-kill-slot, luks-open, luks-open-ro, lvm-clear-filter, lvm-canonical-lv-name, lvm-set-filter, part-to-dev, pread-device, pwrite-device, upload-offset
内部
- Use size_t for loop iterators. - Refactor the library code into separate files. - Refactor the generator code into separate files. - Generate guestfish commands. - guestfish & guestmount options processing is unified. - Protocol changes: error message size increased to 64K send errno to library - Add 'make bindist' to make a binary distribution. - Cleaner behaviour under valgrind. - More testing of the guestfish command line options and libvirt integration. - The Perl inspection code is no longer used by any of the tools.
バグ修正
- 646822 libguestfs trace mode should not print long binary strings - 646821 virt-df should have --uuid option - 646432 /dev/mapper paths should not be returned from guestfs_mountpoints - 643624 libguestfs tools documentation should describe how to quote guest domain names from shell - 642934 No way to specify disk format when adding a disk to libguestfs - 642933 guestfs_list_filesystems should be used in all possible places - 642932 guestmount options should match guestfish options - 642930 virt-inspector (Sys::Guestfs::Lib) should use C inspection APIs - 642929 C inspection code should ignore /dev/fd* in /etc/fstab - 642826 virt-resize converts any other image format to raw without notifying user, instructions do not account for this - 640961 Document that grub-install might be needed for old Linux guests after virt-resize - 639986 virt-df --csv does not properly quote " in libvirt domain names - 639405 Interrupted cached appliance creation leaves libguestfs unusable - 638901 Appliance filename should not contain repository name - 638899 /dev/mapper paths should not be returned from C inspection APIs - 636918 Updates to Spanish translation - 636061 [abrt] guestfish-1.2.11-1.fc12: malloc_consolidate: Process /usr/bin/guestfish was killed by signal 11 (SIGSEGV) - 635969 glob echo mkfs ext2 /dev/vd[b-t]1 prints garbage - 634246 guestfs_part_get_parttype returns "loop" when run against a partition, LV or filesystem - 633766 virt-resize --shrink fails - 633357 Updates to Spanish translation - 633096 virt-resize calculates block device size incorrectly, doesn't work with qcow2 target - 629593 Dutch translation added - 627556 Updates to Spanish translations of libguestfs - 626843 Updates to Spanish translations - 619793 [RFE] Need a way to determine if a particular block device is a logical volume - 618556 virt-rescue return none zero value when exit - 617200 mount operation failed and hung on some images which running in read-only mode - 610880 libguestfs should set broader read perms on tmpdir, so works in some situations when executed with umask 077 - 599503 document that mkmountpoint and umount-all cannot be mixed - 571714 Running virt-df on disk image relabels it, so qemu can no longer write to it. - 502533 Updated Polish translation of libguestfs
RELEASE NOTES FOR LIBGUESTFS 1.4
These release notes only cover the differences from the previous stable/dev branch split (1.2.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.New features
- guestfish lets you choose a prepared disk image, eg: guestfish -N fs:ext4 - Add write support to guestmount (FUSE) module. - virt-resize can now resize the content of partitions and logical volumes in the guest, and we have better support for shrinking guests. - Bash tab-completion script for guestfish. - Add ZFS support to virt-rescue. - New tool 'virt-make-fs' for creating filesystems with content. - Allow suffixes on any guestfish number parameter, eg. "1M". - guestfish 'man' command opens the manual page. - guestfish supports a "heredoc" syntax for uploading files: upload -<<_end_ /foo content _end_ - Some guestfish commands now print their output in octal or hex where appropriate (RHBZ#583242). - Allow dash prefix on guestfish command line. This ignores any error from the second command: (RHBZ#578407) guestfish -- cmd1 : -cmd2 : cmd3 - guestfish -h / help command now returns an error for non-existent commands (RHBZ#597145). - New 'supported' command in guestfish to list optional groups of commands which are supported by the daemon / configuration. - virt-inspector and guestfish -i now work for filenames which contain spaces (RHBZ#507810). - Change the protocol to use link-local addresses, to avoid conflicting with any address that the host might be using (RHBZ#588763). - libguestfs now sets the correct time and timezone on filesystem modifications. - Sort the domains into alphabetical order in virt-df. - Make mkfs-b command work for FAT and NTFS by mapping the blocksize parameter to the cluster size (RHBZ#599464). - Add version numbers to Perl modules (RHBZ#521674). - Localization now works for all the libguestfs tools (RHBZ#559963). - Tools now support filesystem-on-image VMs (RHBZ#590167). - virt-list-partitions has a '-t' option to show the total size of disks. - Include extra Augeas lenses in the supermin appliance (Matthew Booth). - Add error and close callbacks. - Add explicit close method in the Perl API. - Multiple fixes for RHEL 5 compatibility. - Multiple fixes for Debian/Ubuntu compatibility. - Multiple revisions to improve the documentation.
Security
- Fix a potential DoS in virt-inspector and virt-v2v if a specially crafted disk image contained a char device in place of one of the configuration files that we read under /etc (RHBZ#582484).
New APIs
- aug-clear - clear Augeas path - available-all-groups - return a list of all optional groups - base64-in - upload base64-encoded data to file - base64-out - download file and encode as base64 - checksum-device - compute checksums on the contents of a device - checksums-out - compute checksums of multiple files in a directory - debug-upload - upload a file to the appliance - fallocate64 - preallocate a file in the guest filesystem - fill-pattern - fill a file with a repeating pattern of bytes - get-umask - get the current umask - lvresize-free - expand an LV to fill free space - ntfsresize - resize an NTFS filesystem - ntfsresize-size - resize an NTFS filesystem (with size) - part-del - delete a partition - part-get-bootable - get the bootable flag of a partition - part-get-mbr-id - get the MBR type byte of a partition - part-set-mbr-id - set the MBR type byte of a partition - pvresize-size - resize a physical volume (with size) - pwrite - write to part of a file - resize2fs-size - resize an ext2/3/4 filesystem (with size) - txz-in - unpack compressed tarball to directory (RHBZ#580556) - txz-out - pack directory into compressed tarball (RHBZ#580556) - vfs-label - get the filesystem label - vfs-uuid - get the filesystem UUID - vgscan - rescan for LVM physical volumes, volume groups and logical volumes - write - create a new file - zero-device - write zeroes to an entire device
内部
- Extend the generator to support testing optional features. - Stricter checks on input parameters to many calls (RHBZ#501893 RHBZ#501894) - Extend the protocol to support sending arbitrary 8 bit data buffers. - Ship 'BUGS' file with releases. This is a summary of the bugs in the Red Hat Bugzilla database. - Ship 'RELEASE-NOTES' file with releases, containing release notes. - Unify supermin appliance building into one place, in febootstrap 2.7. - Fix the protocol code to handle the case where both ends send cancel messages at the same time.
バグ修正
- 612178 guestfish: using -m option in conjunction with --listen option causes appliance to die - 610880 libguestfs should set broader read perms on tmpdir, so works in some situations when executed with umask 077 - 604691 OCaml bindings are not thread safe - 603870 Updates to Spanish translation - 602592 [RFE] expose guestfs_close in perl bindings - 600977 virt-df -h --csv "Argument .. isn't numeric in printf" - 599464 mkfs-b does not support vfat/ntfs - 598807 add_cdrom does not work in RHEL 6 - 598309 part-list and several other cmd failed on libguestfs on RHEL5 - 597145 guestfish 'help' command should indicate error in exit status with an unknown command - 597135 guestfish write-file cmd does not check "size" parameter - 597118 A warning should be given in the help of mke2journal-L for the length of label - 597112 get-e2uuid should use blkid instead of "tune2fs -l" to get filesystem UUID - 596776 virt-inspector doesn't discover modprobe aliases on RHEL 3 guests - 596763 Updates to Spanish translation - 593292 Updates to Spanish translation - 592883 can not edit files on images mounted with guestmount cmd - 592360 Updates to Spanish translation - 591250 virt-tar prints "tar_in: tar subcommand failed on directory" if the archive is compressed or not in the right format - 591155 virt-tar prints "tar_in: tar subcommand failed on directory" if a disk image is not writable - 591142 virt-inspector should give an error for unrecognized disk images - 590167 virt-inspector and other virt tools should be able to handle filesystem-on-image VMs - 589039 guestfish read-file cmd will cause daemon hang when read large files - 588851 guestfs_launch() returns -1, but guestfs_last_error() == NULL - 588763 libguestfs should use non-public or link-local addresses for appliance network - 588733 Updates to Spanish translation - 588651 guestfish 'strings-e' cmd does not give proper error message or hint - 587484 lvresize can't reduce size of a volumn - 585961 Updates to Spanish translation - 585223 ntfsresize should support shrinking filesystems - 585222 pvresize should support shrinking PVs - 585221 resize2fs should support shrinking filesystems - 584038 Updates to Spanish translation - 583554 [FEAT] mknod-mode command is needed to set mode explicitly - 583242 [RFE] guestfish should print outputs in a suitable base (eg. octal for modes) - 582993 guestfish eats words when tab completing case (in)sensitive paths - 582953 Misleading help information about lvcreate command - 582948 mknod command doesn't make block, character or FIFO devices - 582929 mknod doesn't check for invalid mode - 582901 guestfish chmod/umask commands do not check invalid mode value - 582899 guestfish:sparse is missed from command autocomplete list - 582891 [Feature Request] behavior and return value of guestfish umask cmd should be changed - 582548 [mknod] umask shouldn't take effect when mode is set explicitly - 582484 some guestfish sub commands can not handle special files properly - 582252 Updates to Spanish translation - 581501 Updates to Spanish translation - 580650 virt-inspector warns "No grub default specified at /usr/lib/perl5/Sys/Guestfs/Lib.pm at [...]" - 580556 request for libguestfs to support .txz tarballs - 580246 tar-in command hangs if uploading more than available space - 580016 aug-ls in guestfish does not take augeas variable as argument - 579664 guestfish doesn't report error when there is not enough space for image allocation - 579608 multiple commands in guestfish can not work for symbol links - 579155 libguestfs hangs if qemu doesn't start (in null vmchannel mode) - 578407 the prefix '-' in sub-command isn't handled by guestfish in remote control mode - 576879 libguestfs protocol loses synchronization if you 'upload' before mounting disks - 559963 libguestfs Perl programs do set locale, but still localization doesn't work - 521674 Perl modules are unversioned, but should carry version numbers - 516096 Race condition in test_swapon_label_0: /sbin/blockdev: BLKRRPART: Device or resource busy - 507810 guestfish -i / virt-inspector cannot handle spaces in filenames - 502533 Updated Polish translation of libguestfs - 501894 Some String parameters should be OptString - 501893 String parameters should be checked for != NULL - 501889 write-file does not support strings containing ASCII NUL - 484986 grub-install fails on virtio disk
これまでのバージョンの libguestfs に関するリリースノート
2010 年より前は、公式なリリースノートまたは形式化されたバージョン管理システムがありませんでした。ただ、これらはこれまでの重要なバージョンへのリンクです。- 2009-11-10 (1.0.78)
- https://www.redhat.com/archives/libguestfs/2009-November/msg00095.html
- 2009-09-13 (1.0.67)
- https://www.redhat.com/archives/libguestfs/2009-August/msg00281.html
- 2009-07-23 (1.0.64)
- https://www.redhat.com/archives/libguestfs/2009-July/msg00059.html
- 2009-07-14 (1.0.59)
- https://www.redhat.com/archives/libguestfs/2009-July/msg00023.html
- 2009-04-01 (the initial announcement)
- http://rwmj.wordpress.com/2009/04/01/libguestfs-access-and-modify-virtual-machine-disk-images/
著者
Richard W.M. JonesCOPYRIGHT
Copyright (C) 2009-2016 Red Hat Inc.LICENSE
BUGS
To get a list of bugs against libguestfs, use this link: https://bugzilla.redhat.com/buglist.cgi?component=libguestfs&product=Virtualization+ToolsTo report a new bug against libguestfs, use this link: https://bugzilla.redhat.com/enter_bug.cgi?component=libguestfs&product=Virtualization+Tools
When reporting a bug, please supply:
- The version of libguestfs.
- Where you got libguestfs (eg. which Linux distro, compiled from source, etc)
- Describe the bug accurately and give a way to reproduce it.
-
Run libguestfs-test-tool(1) and paste the complete, unedited
output into the bug report.