| guestfs-release-notes(1) | Virtualization Support | guestfs-release-notes(1) |
guestfs-release-notes - libguestfs リリースノート
These release notes only cover the differences from the previous stable/dev branch split (1.38.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.
New features in existing tools
Virt-inspector now displays the libosinfo short ID for guests (Pino Toscano).
Guestfish -N will now generate 1G disks instead of 100M disks by default.
Virt-resize supports f2fs filesystems (Pino Toscano).
libguestfs-test-tool now supports bash tab completion (Pino Toscano).
The --machine-readable option now supports sending output to files or stdout/stderr. This works uniformly across most OCaml-based virt tools, specifically: virt-builder, virt-builder-repository, virt-dib, virt-get-kernel, virt-resize, virt-sparsify, and virt-v2v (Pino Toscano).
Virt-builder --uninstall option now works on SUSE (Sebastian Meyer).
Virt-builder now supports Windows. We are not able to ship Windows templates in the public respository for obvious licensing reasons, but if you are an MSDN subscriber you may build your own. See https://rwmj.wordpress.com/2018/09/13/creating-windows-templates-for-virt-builder/
Many tools now support a --key option allowing you to pass in decryption keys for filesystems stored in local files on the host rather than having to feed them in over stdin (Pino Toscano).
virt-v2v and virt-p2v
New -o rhv-upload mode for directly uploading images to RHV, bypassing the Export Storage Domain (Tomáš Golembiovský, Nir Soffer, Daniel Erez, Pino Toscano).
New -o openstack mode for directly uploading images to OpenStack and Cinder using OpenStack APIs.
Virt-v2v now has a general mechanism for input and output options: -io and -oo.
Virt-v2v can now install the RHV tools or QEMU GA in guests (Tomáš Golembiovský).
The huge manual has now been split into several smaller documents and is more focused on helping users to accomplish specific v2v tasks.
Multiple improvements to the OVF metadata when converting to RHV (Tomáš Golembiovský, Pino Toscano, Arik Hadas).
Virt-v2v can now convert Linux guests with split kernel packages, especially Ubuntu 18.04 (Pino Toscano).
Virt-v2v old --password-file option has been replaced by -ip (the old option remains for backwards compatibility).
Virt-v2v now preserves the VM Generation ID.
Virt-v2v has a new --mac option allowing specific NICs to be mapped precisely to networks or bridges on the target.
New virt-v2v --print-estimate option to estimate the size of data that virt-v2v will copy.
Virt-v2v is now usually able to remove open-vm-tools and VMware Tools from the Linux guest during conversion (Pino Toscano).
Virt-v2v can now support UEFI conversions to RHV (Tomáš Golembiovský).
Virt-p2v now prefers you to shut down instead of rebooting the machine after conversion has finished (Pino Toscano).
Virt-v2v now writes the libosinfo short ID to the libvirt metadata when using -o local and -o libvirt output modes (Martin Kletzander).
Language bindings
OpenJDK 10+ is supported (Pino Toscano).
Java bindings fixed for Gentoo host (Martin Kletzander).
Inspection
Support Kali Linux (Pino Toscano).
When inspecting mountpoints, look for /etc/mdadm/mdadm.conf as well as /etc/mdadm.conf (Nikolay Ivanets).
Improved support for OpenSUSE Tumbleweed (Pino Toscano).
Architectures and platforms
Miscellaneous macOS build fixes (Adam Robinson).
Other
Multiple documentation typos fixed (Yuri Chornoivan).
See also guestfs-security(1).
CVE-2018-11806
Qemu's slirp (userspace networking) had several buffer overflows which could be triggered from the guest or network side.
New APIs
Other API changes
"part_get_mbr_part_type" was reimplemented in OCaml (Nikolay Ivanets).
"list_filesystems" now filters out MBR extended partitions (Nikolay Ivanets).
"vgscan" has been deprecated. Use the new "lvm_scan" API in preference.
The JSON library switched from yajl to Jansson ≥ 2.7 (Pino Toscano).
Support for The Sleuth Kit 4.5 (Pino Toscano).
Multiple improvements in the "./configure" script (Lin Ma).
More out-of-tree build fixes (Hilko Bengen).
Some work on reproducible builds (Bernhard M. Wiedemann).
lvmetad is now used unconditionally, and is started much earlier in the appliance boot process. This fixes support for certain PV types.
On Debian, dash is installed inside the appliance and in virt-rescue (Pino Toscano).
The amount of RAM assigned to the appliance has been increased from 500M to 768M (on x86_64, other architectures have different limits). This enables use of up to 255 disks when using recent Linux kernels.
Virt-v2v now models the source machine type (eg. i440FX, Q35 or virt).
Virt-p2v now generates configuration code automatically, also code for parsing the kernel command line.
Use "LT_INIT" instead of "AC_PROG_LIBTOOL".
The OCaml "JSON" code for parsing and serializing has been unified into a single abstract data type.
Most OCaml tools are now built using the PIC runtime. This has a performance penalty on i686, but is relatively free on other architectures and has security benefits.
The direct backend now queries the qemu binary for availability of KVM, instead of using a heuristic based on /dev/kvm (Andrea Bolognani).
Our "clever" libxml2 writer macros are now used consistently across all parts of the code base.
Qemu dropped -nodefconfig without telling us. The equivalent -no-user-config option is now used instead. Qemu also moved the "serial" option from -drive to -device, again without any notice, and this is also fixed.
These release notes only cover the differences from the previous stable/dev branch split (1.36.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.
New tools
Virt-builder-repository is a new tool allowing end users to create and update virt-builder repositories (Cédric Bosdonnat).
Virt-rescue (while not a new tool) has been substantially rewritten, implementing job control, -m and -i options, escape keys, etc.
New features in existing tools
Virt-builder planner has been improved so that faster and more efficient build plans are chosen for complex cases, especially when either the tmpdir or output is on networked storage.
New virt-builder Fedora templates (starting with Fedora 26) will have plain partition layout and use GPT for partitions.
Virt-customize "firstboot" scripts in guests using systemd are now installed under the "multi-user.target" instead of "default.target" so they will only run when the system is booted normally.
Virt-customize now sets a random /etc/machine-id for Linux guests, if one is not already set.
Virt-df now works correctly on filesystems with block sizes smaller than 1K (Nikolay Ivanets).
Virt-dib has further compatibility enhancements with diskimage-builder (Pino Toscano).
Virt-sysprep removes "DHCP_HOSTNAME" from ifcfg-* files.
Virt-sysprep now works on Oracle Linux (Jamie Iles).
Virt-resize now correctly copies GPT partition attributes from the source to the destination (Cédric Bosdonnat).
Bash tab completion implemented or enhanced for: virt-win-reg, virt-v2v-copy-to-local.
virt-v2v and virt-p2v
Virt-v2v can now read VMware VMX files directly, either from local disk, NFS storage, or over SSH from an ESXi hypervisor.
Virt-v2v can now use VDDK as an input source.
Both virt-v2v and virt-p2v are now able to pass through the source CPU vendor, model and topology. However unfortunately not all source and target hypervisors are able to provide or consume this data at present (Tomáš Golembiovský).
Virt-v2v now supports encrypted guests (Pino Toscano).
Virt-v2v can now handle VMware snapshots. Note that the snapshots are collapsed — it does not convert the chain of snapshots into a chain of snapshots.
Virt-v2v now installs Windows 10 / Windows Server 2016 virtio block drivers correctly (Pavel Butsykin, Kun Wei).
Virt-v2v now installs virtio-rng, balloon and pvpanic drivers, and correctly sets this in the target hypervisor metadata for hypervisors which support that (Tomáš Golembiovský).
Virt-v2v now installs both legacy and modern virtio keys in the Windows registry (Ladi Prosek).
Virt-p2v can now preserve (in some cases) the offset of the Real Time Clock from UTC.
Virt-p2v now combines several scp commands to the conversion server into a single command, improving conversion times.
Virt-v2v now detects the special Linux Xen PV-only kernels correctly (Laszlo Ersek).
Virt-v2v -o glance now generates the right properties for UEFI guests (Pino Toscano).
Virt-v2v -o null now avoids spooling the guest to a temporary file, instead it writes to the qemu "null block device". This makes it faster and use almost no disk space.
Virt-v2v -o rhv now supports Windows 2016 Server guest type.
Virt-v2v -i libvirtxml can now open network disks over http or https.
Virt-v2v will now give a warning about host passthrough devices (Pino Toscano).
The virt-v2v --machine-readable output has been enhanced so it includes "vcenter-https", "xen-ssh" and "in-place" facts (Pino Toscano).
Language bindings
Fix multiple memory leaks and other data corruption problems in the Java bindings (Pino Toscano).
Perl %guestfs_introspection has been dropped.
Inspection
Inspection support was rewritten in OCaml and included inside the daemon. This makes inspection considerably faster, more robust and more easily extensible in future.
Better icon support for ALT Linux guests (Pino Toscano).
Better support for NeoKylin (Qingzheng Zhang).
Can handle OSes like Void Linux which do not include "VERSION_ID" in /etc/os-release (Pino Toscano).
Add support for Microsoft MS-DOS (Daniel Berrangé).
Architectures and platforms
Multiple fixes for S/390 architecture. Libguestfs and all the tools should now compile and run on this architecture.
Other
The libguestfs API is now thread-safe (although not parallel). You can call APIs on the same handle from multiple threads without needing to take a lock.
There were multiple vulnerabilities in the icoutils "wrestool" program which is run by libguestfs to create icons for Windows guests. Using the latest "wrestool" is recommended.
New APIs
Other API changes
APIs implemented in the daemon can now be written in either C or OCaml. Several APIs were rewritten in OCaml, although we are not planning to rewrite all of them.
You will now get a clear error message if you try to add too many disks to the appliance, instead of getting a peculiar failure from qemu.
Certain APIs accidentally allowed you to use "/dev/urandom" as an input "device", eg. "g.copy_device_to_device("/dev/urandom", "/dev/sda")". The code has been modified to forbid this usage.
All APIs for inspecting installer CDs have been deprecated. Use libosinfo for this task.
A working OCaml compiler ≥ 4.01 is now required for building libguestfs. The "./configure --disable-ocaml" option remains but is only used to disable the OCaml language bindings.
Add "RELEASES" file which lists release dates for each version of libguestfs. You must update this file when making a new release.
Documentation generated by "gtk-doc" has been removed. "./configure --enable-gtk-doc" now does nothing.
Libtirpc is now used for XDR functions and rpcgen. Note that glibc has deprecated and in most Linux distros dropped these, so for most people this will be an extra dependency (Martin Kletzander).
Libxcrypt is now used for crypt(3). This is required if using glibc ≥ 2.27.
"ocaml-hivex" is now required.
Libvirt ≥ 1.2.20 is now required.
There is now a "make check-root" target for tests which need to be run as root (analogous to "make check-slow").
"./configure"-time check for "__attribute__((cleanup))" now works in the cross-compilation case (Yann E. Morin).
The "AUTHORS" and "p2v/about-authors.c" files are now generated from a single place.
Either GnuPG v1 or v2 can be used.
"./configure --with-guestfs-path" may be used to set the default "LIBGUESTFS_PATH". In addition the way that the path is searched has changed slightly so that all types of appliances are searched in each path element separately (Pavel Butsykin).
"GUESTFSD_EXT_CMD" which was used to mark external commands in the daemon has been removed. It was originally used by SUSE builds, but they have not been using it for a while.
The output from "./configure" is now visually grouped under headings related to what it is doing, making it much easier to scan (Pino Toscano).
OCaml dependencies are now generated from a single script instead of multiple not-quite-the-same Makefile fragments.
"./configure --with-distro=ID" can be used to override automatic Linux distro detection at build time (Pino Toscano).
qemu ≥ 2.10 is supported (but not required). This adds mandatory locking to disks and libguestfs turns this off in certain circumstances when it is known to be safe (Lars Seipel, Peter Krempa, Daniel Berrangé, Pino Toscano, Fam Zheng, Yongkui Guo, Václav Kadlčík).
Most common code has been moved to the common/ subdirectory, with OCaml common code being in common/ml* directories (eg. common/visit and common/mlvisit contain the visitor library in C and OCaml respectively). The mllib directory has been deleted and replaced by common/mltools.
There is now a lightweight OCaml binding for PCRE, see common/mlpcre. Use of OCaml "Str" library has been mostly replaced with PCRE.
Add more calls to "udev_settle" to improve stability of partition code (Dawid Zamirski).
Run "udev_settle" with --exit-if-exists option, which improves the speed of this command (Pavel Butsykin).
Detect new locations of major(3), minor(3), makedev(3).
Actions can now be deprecated with no suggested replacement, for APIs such as "guestfs_wait_ready" that should simply be removed from client code.
Use gnulib "set_nonblocking_flag" wrapper instead of calling fcntl(2) with "O_NONBLOCK" (Eric Blake). Similarly "set_cloexec_flag".
Fix memory leak in XFS version of "guestfs_vfs_minimum_size" (Pino Toscano).
Valgrind checks now run on the virt-p2v binary.
Unicode single quotes ("‘’") and now used in place of '' or `' throughout the code and documentation. Similarly for "’s" instead of "'s".
The "is_zero" function has been reimplemented for greater speed (Eric Blake).
In the direct backend, virtio-blk support has been removed. Virtio-scsi is now the only supported way to add disks.
Generator string parameter and return types have been rationalised so there are only two types ("String", "StringList") with many subtypes eg. "FileIn" becomes "String (FileIn, ...)".
The appliance disk image can now be in formats other than raw (Pavel Butsykin).
Multiple improvements to how we automatically build Debian templates for virt-builder (Pino Toscano). Enable serial console for these templates (Florian Klink).
In the daemon, instead of making a private copy of lvm.conf and modifying it (eg for filters), start with an empty file since LVM understands that to mean "all defaults" (Alasdair Kergon, Zdenek Kabelac).
The "direct" backend can now run QMP queries against the QEMU binary, enhancing the kinds of information we can detect. In addition the code to query QEMU has been made more robust for handling multiple parallel queries of different versions of QEMU.
OCaml Augeas bindings are bundled under common/mlaugeas. The long term plan is to remove this and use system ocaml-augeas when it is more widely available in distros (Pino Toscano).
All OCaml modules ("*.ml" files) are now required to have an interface file ("*.mli"). If they don't export anything then the interface will be empty except for comments.
Certain OCaml features in OCaml ≥ 4.01 are used throughout the code, including replacing ‘{ field = field }’ with ‘{ field }’.
Virt-builder "make-template" utility now uses the "virt-install --transient" option so that we should never need to clean up left over domains after a crash. It also saves kickstarts and virt-install commands, which are committed to git for future reference.
/dev/shm is now created in the appliance (Nicolas Hicher).
In verbose mode on Fedora guests, virt-customize will now use "dnf --verbose" enabling better debugging output.
Virt-v2v input and output classes now contain a "#precheck" method which is used to perform environmental checks before conversion starts.
Virt-p2v enables miniexpect debugging. It is written to stderr (of virt-p2v).
Virt-v2v free space checks are more liberal especially for smaller guests (Pino Toscano).
These release notes only cover the differences from the previous stable/dev branch split (1.34.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.
New tools
Virt-tail is a new tool for following (tailing) log files within a guest, similar to the regular "tail -f" command.
New features in existing tools
Virt-customize, virt-get-kernel, virt-sparsify and virt-sysprep can now handle encrypted guests (Pino Toscano).
Virt-builder and virt-customize now support --append-line, which is useful for adding lines to the end of configuration files.
Virt-resize can now shrink and expand swap partitions (Pino Toscano).
Virt-resize can now output to non-local disks (Pino Toscano).
Virt-sysprep has a new operation called "backup-files" for removing editor backups, and "passwd-backups" for removing /etc/passwd- and similar.
Virt-dib can now create checksums using the new --checksum option (Pino Toscano).
Virt-dib can now create tgz files. In addition, extended attributes and SELinux labels are preserved in the output tar file (Pino Toscano).
Virt-dib can now create squashfs files (Pino Toscano).
Bash tab-completion is now available in every command line tool that is shipped.
virt-v2v and virt-p2v
Conversions of Debian (6+) and Ubuntu (10.04+) guests are now supported (Tomáš Golembiovský, Pino Toscano).
Conversions from SUSE Xen hypervisor have now been tested (Cédric Bosdonnat).
Windows conversions may now install a program "pnp_wait.exe" which prevents conflicts between the Windows Plug-and-Play Manager and our own scripts that install virtio device drivers. Enabling this requires the "pnp_wait.exe" program to be built separately (Roman Kagan).
OVA files exported from AWS can now be converted (Shahar Havivi).
When converting OVA files, in some circumstances virt-v2v can now read disk images directly from the OVA input file instead of needing to unpack the OVA file to a temporary directory. This can save large amounts of disk space, and is quicker (Tomáš Golembiovský).
Virt-p2v can now be built on RHEL 5 (2007-era) Linux and RHEL 6, which means that 32 bit and hardware with ancient fakeraid disks can be virtualized. Binaries of virt-p2v based on these old versions of RHEL can be found at http://oirase.annexia.org/virt-p2v/
Virt-p2v can now use nbdkit (an NBD server) as an alternative to qemu-nbd. In addition, virt-p2v can use "socket activation" which is a more robust method for opening the NBD listening socket. Socket activation works with qemu-nbd or nbdkit, but requires the most up to date versions.
To prevent timeouts during P2V conversions, virt-p2v inhibits power saving on the physical machine, and also sends ping packets over the ssh control and data connections.
Virt-v2v no longer removes the "Processor" and "Intelppm" nodes from the Windows Registry.
Xen and vCenter conversions can now be done using the libvirt backend, provided libvirt ≥ 2.1.0 is used.
/dev/srX (SCSI CD-ROM) devices are ignored (Tomáš Golembiovský).
When converting SUSE Linux guests, use /etc/modprobe.conf.local if it exists.
Removing VMware tools from Linux guests should now work reliably (Pino Toscano).
When converting OVA files, virt-v2v now checks the disk image hash contained in the manifest file, whereas previously it was ignored because of a mistake in the code. In addition, SHA256 hashes are now supported (Tomáš Golembiovský).
When converting OVA files that contain compressed disk images, we now trust the "ovf:compression" attribute from the metadata instead of using content sniffing on the disk image (Tomáš Golembiovský).
A new flag --vdsm-compat has been added to -o vdsm mode, allowing more efficient qcow2 images to be generated.
Since the RHEV product [commercially supported version of oVirt] has now been renamed to RHV, "RHEV" was changed to "RHV" throughout the tooling. In particular, -o rhev becomes -o rhv, although the old name can be used for backwards compatibility.
The "RHEV-APT" utility is only installed when the output hypervisor is oVirt or RHV.
A problem with virt-v2v running out of memory when doing an SELinux relabel of the guest filesystem should now be resolved.
Language bindings
Setting "EXTRA_JAVAC_FLAGS" before ./configure allows you to add arbitrary flags to "javac" when compiling the Java bindings.
Use of any libguestfs API which returned a single struct, from Perl or Java bindings, would have leaked memory. This has now been fixed (Pino Toscano).
Inspection
Inspection of Windows guests with mildly corrupted Windows Registry hives should now work instead of failing with an error. This feature requires hivex ≥ 1.3.14 (Dawid Zamirski).
For Debian guests, we can now read the URL, source name, summary and full description of installed packages. For RPM-based guests we can read the URL, summary and description (Pino Toscano).
Inspection of guest operating systems that use a separate /usr partition should now work more reliably (Pino Toscano).
When parsing guest /etc/fstab, paths are reduced to a canonical form (eg. "///usr//local//" → "/usr/local").
Inspection of btrfs subvolumes now works where the /etc/fstab options field contains commas.
/dev/cdN devices in guest /etc/fstab are ignored (Pino Toscano).
Architectures and platforms
Stable releases are now tested on aarch64, ppc64 and ppc64le architectures.
The RISC-V architecture is now handled as a guest, and libguestfs will now at least compile on RISC-V (but probably not work as there is no usable qemu at the time of writing).
Detection of S/390 and S/390x binaries and guests is now supported.
Other
ExFAT filesystems are now supported (Miles Wolbe).
See also guestfs-security(1).
There were no CVEs reported in this development cycle. However some security-related hardening was carried out as described below.
Temporary filenames are now always generated using randomness from /dev/urandom (previously the C function random(3) was used in one case).
The $TERM environment variable is now validated before passing it through to the appliance kernel command line.
New APIs
Other API changes
This API can now return the following new values: "riscv32", "riscv64", "riscv128", "s390", "s390x".
libmagic, the library part of the "file" command, is now required at build time (previously optional).
GCC 7 is now supported.
"Silent rules" are now used for OCaml programs, Java bindings. To show the full command line executed, add "V=1" on the make command line (Pino Toscano).
Slow testing ("make check-slow") now covers: firstboot scripts in Linux guests; v2v conversion of a selection of real Linux guests; the virt-customize --hostname and --timezone settings; the --root-password parameter; that the serial console works in virt-builder guests.
Large generated C source files, eg. the list of commands found in fish/cmds.c (and many more), have been split into smaller files to speed parallel compilation.
"make maintainer-check-extra-dist" now checks that all generated files are included in the tarball.
The tests no longer assume that "." is in Perl's @INC, as it is going to be removed soon (Pino Toscano).
Debian hosts using UsrMerge are now supported (Pino Toscano).
Header files and C structs can now have internal documentation using the special "/** ... */" comments.
"@VAR@" subtitutions in "./run" are now fully quoted. This is necessary so that (eg) "./configure PYTHON=/some/path" works robustly if "/some/path" contains characters that need to be quoted (Hilko Bengen).
gperf ≥ 3.1 is now supported.
Kraxel's old edk2 builds can no longer be used for UEFI support. UEFI code is now fully free software, so use the versions bundled with your Linux distro instead.
Virt-p2v can now be compiled on RHEL 5 (2007-era) Linux with Gtk 2.10.
The generator and mllib "Common_utils" modules are now shared from the same source file.
A considerable amount of common code has been moved into the common directory in the source and is now compiled only once. The mini-libraries located under here are: common/edit, common/errnostring, common/miniexpect, common/options, common/parallel, common/progress, common/protocol, common/utils, common/visit, common/windows.
The directory containing the main library code has moved from src → lib.
All tests written in shell script now use a common file of utility functions (tests/test-functions.sh). There are several new utility functions, mainly for skipping tests. Also these test scripts can now use autoconf-like path variables like $abs_top_srcdir.
UEFI paths are now stored in the generator (generator/uefi.ml).
The way the generator handles actions and procedure numbers was changed quite substantially. See generator/actions_*.ml and generator/proc_nr.ml.
The gnulib "getprogname" module is now used everywhere when needing/printing the program name (Pino Toscano).
perl/Guestfs.c is not translatable (Nikos Skalkotos).
Virt-builder templates moved from builder/website to builder/templates and there is now a single unified program which can build any template.
All Windows registry utilities used by virt-customize and virt-v2v have been moved to a common module called "Registry" under mllib.
All POSIX bindings have been moved to a new module called "Unix_utils" under mllib.
Inspection, virt-customize and virt-v2v no longer recompute the Windows "%systemroot%", "CurrentControlSet" or paths to the "HKLM\SYSTEM" and "HKLM\SOFTWARE" hives in multiple places. Instead these are all computed once (during inspection) and passed to the other tools through various "guestfs_inspect_get_windows_*" APIs.
"/dev/pts" is now available inside the appliance, so any tools we run which require a pty will now work (Pino Toscano).
Most OCaml warnings have been fixed.
There is now a single common function for creating temporary files ("guestfs_int_make_temp_path") (Matteo Cafasso).
The $TERM environment variable is now validated before passing it through to the appliance kernel command line.
Useless USB and memballoon devices are no longer created in the appliance (Laine Stump).
On aarch64 we now use virtio-pci for the appliance. This is somewhat faster than virtio-mmio.
Use of srandom(3) and random(3) has been minimized. In particular, temporary filenames are no longer created based on randomness returned by random(3), but /dev/urandom is used instead.
These release notes only cover the differences from the previous stable/dev branch split (1.32.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.
Multiple performance enhancements were made in libguestfs. The "hot cache" time to launch to appliance should be under 1 second assuming recent qemu and kernel are installed. There are also new utilities for precisely benchmarking libguestfs (utils/boot-benchmark and utils/boot-analysis in the source tree).
The virt-p2v tool for converting physical machines to virtual machines was substantially improved. This includes: clearer, coloured output during conversions, support for Gtk 3, more detailed information about hardware, click to identify network interfaces, more debugging tools included with the ISO, and many bug fixes.
f2fs (Flash Friendly File System) is now supported (Pino Toscano).
New tools
virt-p2v-make-kiwi(1) can be used to build the virt-p2v ISO based on SLES and openSUSE, using the kiwi utility (Cédric Bosdonnat).
New features in existing tools
virt-resize will now preserve the GPT GUID. This was required for Windows Server 2012 R2, where the bootloader would become confused if the GUID changed (Maxim Perevedentsev).
virt-resize will use sparse copying for (old MBR-style) extended partitions. This makes resizing of guests that use extended partitions much faster (Maxim Perevedentsev).
virt-p2v kernel command line options can now be used to set defaults for GUI configuration.
The virt-p2v debugging options have been completely removed, simplifying the interface and documentation. Debugging information is now captured fully automatically.
virt-p2v-make-disk lets you specify an --arch option, allowing you to build a 32 bit virt-p2v, for compatibility with older systems.
virt-p2v-make-disk no longer requires that you specify an "os-version" for the virt-p2v disk. If omitted it will try to choose a suitable "os-version" depending on your host system.
virt-p2v-make-disk and virt-p2v-make-kickstart both gain a new --install option that allows you to add arbitrary extra packages to the virt-p2v ISO, for customization, additional debugging tools and so on.
virt-v2v will now uninstall Parallels Tools (or the equivalent Virtuozzo Tools) from Linux guests. Also stop the Windows drivers from loading at boot. (Roman Kagan and Pavel Butsykin)
virt-v2v --in-place mode has been enhanced to allow the caller to choose whether or not to install certain virtio drivers in the guest (Roman Kagan).
virt-v2v conversion of Windows guests was substantially rewritten and simplified (Roman Kagan).
virt-v2v --in-place mode now supports installing virtio-scsi drivers in guests (Roman Kagan).
virt-v2v can now convert SUSE guests and SUSE guests using UEFI (Cédric Bosdonnat and Jim Fehlig).
virt-v2v can now convert guests to Glance that have multiple disks. Previously it would fail on such guests.
The virt-v2v --no-trim and --vmtype options are now no-ops. They will print a warning but are otherwise ignored. virt-v2v can now generate the OVF vmtype correctly without user intervention.
virt-v2v has now been tested against SUSE Xen as a source hypervisor (Cédric Bosdonnat).
virt-v2v adds support for SUSE VMDP drivers (Cédric Bosdonnat).
virt-v2v can convert OVA files containing subfolders, as produced by SUSE Studio (Cédric Bosdonnat).
virt-v2v sets the OVF "<Origin>" element correctly. oVirt has been extended to support more source hypervisors (Shahar Havivi).
virt-v2v now supports Windows Server 2016 (Tomáš Golembiovský).
The virt-builder --list option can now be used to show all templates or a single template (Pino Toscano).
All OCaml-based tools now use getopt_long(3) for option parsing, and --help output has been improved (Pino Toscano).
virt-builder and virt-customize --selinux-relabel option can now fully relabel the guest filesystem at build time, without requiring a lengthy autorelabel at first boot.
virt-customize --delete now accepts globs.
New virt-customize --uninstall option lets you uninstall packages.
virt-customize can now use "pvvxsvc" as an alternative to "rhsrvany" for running firstboot scripts in Windows guests (Cédric Bosdonnat).
virt-customize now uses the strongest hashing scheme for passwords on Arch and Void Linux (Pino Toscano).
virt-customize --install now works correctly on Arch (Pino Toscano).
virt-inspector has new options --no-applications and --no-icon to prevent the list of applications and icon from being included in the XML output (Pino Toscano).
New virt-sysprep --network option has been added, allowing you to actually use the --install etc options which were present in virt-sysprep before but did not usually work. Note that the network is still disabled by default.
virt-sysprep "fs-uuids" operation no longer fails on btrfs guests (Maxim Perevedentsev).
virt-dib can output Docker images (Pino Toscano).
virt-dib has a new --drive-format option to allow the user to specify the format of the helper drive (Pino Toscano).
All OCaml virt tools now have a --colors/--colours option which enables coloured output (using ANSI escape sequences) even if the output is not a tty. The default is to check if the output is a tty and disable coloured output if not. This allows coloured output to be consumed by other tools.
Language bindings
PHP test coverage has been enhanced (Pino Toscano).
PHP 7 is now supported (Pino Toscano).
Python bindings are now compliant with PEP 8 (Pino Toscano).
A Python pip package is available in http://libguestfs.org/download/python/
The Ruby bindings now print the full exception if one is thrown by the event callback. Note this is still incorrect behaviour as event callbacks should not throw exceptions, but it aids debugging.
All OCaml libraries and programs are now compiled with -safe-string, if supported by the OCaml compiler.
Inspection
Alpine Linux using busybox can now be inspected. Also the APK package manager is supported in virt-customize (Pino Toscano).
We now handle inspection of Mageia 4 (Pino Toscano).
Void Linux and the Void Linux xbps package manager are fully supported (Pino Toscano).
Parsing of CoreOS version information has been enhanced (Pino Toscano).
It is now possible to get an icon from ALT Linux (Pino Toscano).
PLD Linux versions < 3 are now recognized (Pino Toscano).
Windows drive letters are now returned for guests using GPT partitions (Dawid Zamirski).
We can now correctly inspect Unix guests that do not have an /etc/fstab file (Pino Toscano).
Added another source for the Ubuntu icon which doesn't rely on GNOME having been installed in the guest.
We can now get an icon for Windows 7 64 bit guests.
Libosinfo integration was rewritten to deal with the new database format used by osinfo (Pino Toscano).
Documentation
New manual page guestfs-building(1) describes how to build libguestfs from source.
The man pages, tools and tool --help output is now automatically checked to ensure that all tool options are properly documented, that warning sections are included where necessary, and that every page has a description section.
The guestfs-testing(1) man page has been refreshed and based on a newer libguestfs.
Architectures and platforms
virt-customize now works on POWER7 and POWER8 platforms, both big endian and little endian (Xianghua Chen and Hu Zhang).
See also guestfs-security(1).
CVE-2015-8869
https://bugzilla.redhat.com/CVE-2015-8869
This vulnerability in OCaml might affect virt tools written in the OCaml programming language. It affects only 64 bit platforms. Because this bug affects code generation it is difficult to predict which precise software could be affected, and therefore our recommendation is that you recompile libguestfs using a version of the OCaml compiler where this bug has been fixed (or ask your Linux distro to do the same).
virt-customize ownership of .ssh, .ssh/authorized_keys
https://bugzilla.redhat.com/1337561
Previously when virt-customize injected an SSH key into a guest, when it created the ~/.ssh and ~/.ssh/authorized_keys directory and file (in case they were missing) it created them with owner and group "root.root". This has been fixed so the correct user is used. This is not thought to have been exploitable.
Windows "%systemroot%"
The inspection code has been made more robust against guests which might use very long "%systemroot%" (derived from the guest-controlled Windows Registry). This is not thought to have been exploitable.
Virtio-rng is now available in the appliance
virtio-rng (the virtual Random Number Generator device) is now passed to the appliance, which should improve the quality random numbers generated for GUIDs and cryptographic key generation.
New APIs
Note these require optional dependency The Sleuth Kit. (Matteo Cafasso)
Other API changes
"guestfs_set_selinux", "guestfs_get_selinux", "guestfs_setcon", "guestfs_getcon" and "guestfs_llz" have been deprecated. Use the new API "guestfs_selinux_relabel" to relabel filesystems. Use "guestfs_lgetxattrs" to list the "security.selinux" extended attributes of existing files.
"guestfs_vfs_minimum_size" can now be used on dirty filesystems (Maxim Perevedentsev).
"guestfs_ll" now works on paths which contain absolute symlinks (Pino Toscano).
"guestfs_glob_expand" now has an optional "directoryslash" boolean parameter which controls whether trailing slashes are returned for directory names (Pino Toscano).
"guestfs_lvs" will no longer return LVs which have the "activationskip" flag set. The reason is that such LVs have no "/dev/VG/LV" device node and so code which read the list of LVs and then probed the devices themselves would immediately fail. You can use "guestfs_lvs_full" if you want to read all LVs. (Pino Toscano).
"guestfs_list_disk_labels" now no longer fails if no disks with labels were added. Instead it now returns an empty list (Pino Toscano).
"guestfs_is_lv" no longer fails if passed a btrfs subvolume, it returns false instead (Maxim Perevedentsev).
qemu ≥ 1.3.0 is required.
yajl (a JSON parsing library) is required to build libguestfs.
You can now build with GCC 6.
"make check-valgrind" now has substantially better coverage.
"make check-slow" now works again.
Use "make -C appliance clean-supermin-appliance" to clean the supermin appliance (it will be rebuilt on next "make").
There are a variety of new rules for running virt-p2v from the source directory: "make -C p2v run-virt-p2v-directly" | "run-virt-p2v-in-a-vm" | "run-virt-p2v-non-gui-conversion". These are documented further in guestfs-hacking(1).
virt-p2v may be built using either Gtk 2 or Gtk 3. To force a particular version of Gtk to be used, "./configure --with-gtk=2|3"
The "./configure" options are now mostly documented in guestfs-building(1).
In git, versions are now tagged with "v1.XX.YY" (previously they were tagged with "1.XX.YY"). Using the "v-" prefix is more common in git repositories.
When using the libvirt backend, we now wait for qemu to exit gracefully instead of killing it after 15 seconds. This helps when writing to slow devices (especially cheap USB keys).
Error messages from libvirt now include the "err->int1" field which usually contains the "errno".
On ARM, all DTB (device tree) code has been removed. qemu creates the right device tree on the fly, we do not need to specify one.
The C API tests now use larger test disks, allowing BTRFS to be tested properly (Pino Toscano).
The tests should now work on a pure Python 3 host (Pino Toscano).
In C bindings, internal functions are now (mostly) consistently named "guestfs_int_*" whereas previously there was no consistent scheme.
The old "safe_malloc" etc functions are now no longer exported by the library, nor used in language bindings.
Setting TMPDIR to a path longer than ~ 100 characters will no longer cause libguestfs to fail silently and randomly when creating Unix domain sockets (Pino Toscano).
The "COMPILE_REGEXP" macro can now be used in the daemon.
When tracing, results containing structs are now printed in full (Pino Toscano).
The Perl "Sys::Guestfs" module now no longer embeds an incrementing API "version number". This module is now always at phony version "1.0". To find the real version of libguestfs from Perl you must call "$g->version".
All code is compiled with "-Wstack-usage=10000" and multiple changes have been made to remove stack allocation of large strings and buffers.
The error(3) function is now used everywhere, replacing most previous uses of perror(3) + exit(3), and fprintf(3) + exit.
In C code, "/**" comments are turned into documentation which is automatically added to the guestfs-hacking(1) manual page.
A safe "getumask" function has been added. For recent Linux kernels this uses the newly added "Umask" field in /proc/self/status. For older Linux and other Unix, this uses a thread-safe technique involving fork(2) (thanks: Josh Stone, Jiri Jaburek, Eric Blake).
Safe posix_fadvise(2) wrappers have been added, and more hints have been added to the code which may make a minor difference to performance.
A safe wrapper around waitpid(2) has been added which handles "INTR" properly.
"podwrapper.pl" (used to generate the manual pages) now stops if any POD error is found. A new script called "podcheck.pl" does cross-checking of --help output, tool options and manual pages.
All version numbers in the library (eg. versions of qemu, versions of libvirt, versions of guest operating systems) are unified in a single file src/version.c (Pino Toscano).
On Windows guests, virt-customize will use the vendor-neutral path "C:\Program Files\Guestfs\Firstboot" to store firstboot scripts. Previously it used "C:\Program Files\Red Hat\Firstboot". This change should be invisible to the scripts themselves. (Cédric Bosdonnat)
On Linux guests, the firstboot services generated by virt-builder --firstboot etc have been renamed to "guestfs-firstboot" (Pino Toscano).
There is now a common "debug" function used by all OCaml tools, replacing previous code which did "if verbose () then printf ...".
virt-p2v copies files it needs over to the virt-v2v conversion server using scp(1), instead of trying to send them via the shell session. This should improve reliability and should be a completely transparent to end users.
All code in mllib is now built into a single "mllib.cma" or "mllib.cmxa" library. All code in customize is now built into a single "customize.cma" or "customize.cmxa" library. This simplifies the build of the OCaml tools.
lvmetad(8) is now used in the appliance when available (Pino Toscano).
"Silent rules" are used for OCaml, Java, Erlang and POD. Use "make V=1" to see the full command lines again (Pino Toscano).
These release notes only cover the differences from the previous stable/dev branch split (1.30.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.
New tools
The new virt-v2v-copy-to-local(1) tool is an ancillary tool for virt-v2v(1) allowing you to convert source guests that virt-v2v is unable to access directly.
New features in existing tools
Virt-customize knows how to write a random seed to CirrOS (Pino Toscano).
On Fedora, virt-customize runs dnf(8) with the --best flag, ensuring it always updates to the latest available packages.
Virt-builder now provides 32 bit Fedora templates.
Virt-builder and virt-customize --install option now works on 32 bit Fedora guests. Previously it would try to install 64 bit packages (Jan Sedlák).
Virt-builder can now fetch cloud images using Simple Streams v1.0 metadata (Pino Toscano).
Virt-builder can now fetch openSUSE cloud images out of the box (Cédric Bosdonnat).
Virt-customize will now use stronger (SHA-512) encrypted passwords by default on openSUSE ≥ 11 (Pino Toscano).
Virt-builder will now correctly handle output filenames containing colon characters (":"), and will create temporary files in the libguestfs cache directory instead of defaulting to /tmp (Pino Toscano).
Virt-resize has a new --unknown-filesystems option to control what to do when asked to resize a filesystem that libguestfs doesn't know how to resize.
Virt-v2v now has an --in-place flag/mode, allowing in-place conversion of guests (Roman Kagan).
Virt-v2v has a --compressed option for creating compressed qcow2 output files.
Virt-v2v can now correctly get the VMware datacenter path (dcPath) from libvirt, instead of having to calculate it using an algorithm that occasionally got the wrong answer (Matthias Bolte, Tingting Zheng).
Virt-v2v now processes RAM sizes correctly for 64 bit guests when running on a 32 bit host.
Language bindings
In Perl and Python programs, the "get_program_name" API now returns the true program name, instead of the incorrect string "perl" or "python".
The Python bindings can now be compiled against a different version of libguestfs, allowing the pip module to be built against any version of libguestfs (instead of requiring the pip module and libguestfs to have exactly the same version).
The quality of the Ruby rdoc (documentation) has been improved (Pino Toscano).
Perl scripts no longer hard-code the location of perl in the shebang line, but use env(1) to locate it instead (Pino Toscano).
In OCaml programs, the guestfs handle was incorrectly made into a global root, meaning it could never be garbage collected. If you didn't call the "close" function explicitly, the handle would not be closed until the whole program exited. This has now been fixed so handles will be garbage collected in the usual way. This changes the API of the OCaml function "Guestfs.event_callback". Note that non-C language bindings are not covered by the libguestfs API/ABI guarantee, although we try hard not to change them, but in this case it was essential in order to fix this very serious bug.
Inspection
Alpine Linux and the APK package manager, ALT Linux, Frugalware, and PLD Linux are now recognized (Pino Toscano).
If it exists, /etc/os-release will be preferred for inspecting Linux guests (Pino Toscano).
The correct kernel version is returned for Windows guests ≥ 10.
Documentation
The large guestfs(3) man page has been split into several separate man pages: guestfs-hacking(1) guestfs-internals(1) guestfs-security(1). In the source tree, a new docs directory contains this documentation.
Architectures and platforms
Libguestfs now supports ARM 64 bit platforms with vGICv3.
See also guestfs-security(1).
This is not a vulnerability in libguestfs, but because we always give a virtio-serial port to each guest (since that is how guest-host communication happens), an escalation from the appliance to the host qemu process is possible. This could affect you if:
If you use sVirt to confine qemu, that would thwart some attacks.
Previously when asked to inject an SSH key into a guest, virt-customize (hence virt-builder too) would create the .ssh directory and .ssh/authorized_keys file with too broad permissions, allowing other users to read. They are now created as 0700 and 0600 respectively, which is the same as the ssh-copy-id(1) utility.
New APIs
libguestfs: trace: foo
to:
libguestfs: trace: ID: foo
making it easier to follow traces in multi-threaded programs, or where a program uses multiple handles (especially virt-v2v).
Other API changes
It also adds "full", which corresponds to fully allocated, but uses posix_fallocate(3) for efficiency.
The "./configure --enable-valgrind-daemon" option has been removed.
You can no longer build libguestfs on RHEL 5-era (c.2007) machines. See the "oldlinux" branch if you need (limited) RHEL 5 support.
Virt-p2v can now be built on RHEL 6-era (c.2010) Linux distros.
OCaml ≥ 3.11 (released in 2008) is now required to build from git.
Building the Perl bindings now requires "Module::Build" (instead of "ExtUtils::MakeMaker").
Builds should be faster (especially when incrementally rebuilding), because work was done to reduce build times.
Both OCaml and the OCaml findlib module are required if you need to run the generator at build time. Previously the build would have failed if findlib was not installed.
"make check" tests now run in parallel (within each test directory).
"make install" no longer installs OCaml bindtests.* files incorrectly.
"make install" can now be run twice. Previously it would fail on the second run.
"make clean" should now remove nearly every file that "make" creates.
A new "make installcheck" rule has been added, allowing the installed copy of libguestfs to be tested.
Some effort was put into minimizing the size of the appliance, which reduces temporary disk space and time needed by libguestfs handles.
The appliance now passes the NIC name to dhcpd, fixing hangs when running the appliance on some distros (Cédric Bosdonnat).
OCaml "Guestfs.Errno" is now generated (Pino Toscano).
In OCaml tools, common code now handles --debug-gc, --verbose and other common options (Roman Kagan, Pino Toscano).
The virt-v2v test harness allows us to boot the test guests at fixed dates in the past, ensuring that Windows reactivation doesn't kick in.
There is a new internal API for reading/writing a subprocess via a pipe from library code.
Used "deheader" program to remove unused "#include" directives.
In OCaml tools, the "Char" and "String" modules now implicitly reference the "Common_utils.Char" and "Common_utils.String" modules (instead of the ones from stdlib). The "Common_utils" modules contain a number of extra char/string utility functions, and also hide some unsafe functions in stdlib.
Many more virt-v2v tests will now be run even if you don't have rhsrvany and virtio-win installed (Roman Kagan).
The huge configure.ac file has been split into several smaller files called m4/guestfs_*.m4.
The old tests/data and tests/guests directories have been moved to test-data/. This new top level directory carries all test data which is common, large and/or shared between multiple tests.
There is a new top level website/ directory containing the public http://libguestfs.org website (or most of it).
The fuzz testing of inspection (tests/fuzz) has been removed.
Virt-p2v now saves the source physical machine dmesg output into the conversion server debug directory, making it simpler to debug cases of missing drivers, firmware etc.
These release notes only cover the differences from the previous stable/dev branch split (1.28.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.
New tools
virt-dib(1) is a secure and safe alternative to the OpenStack "diskimage-builder" tool. It is compatible with diskimage-builder elements. (Pino Toscano)
virt-get-kernel(1) extracts the kernel and ramdisk from a disk image. Previously this functionality was part of virt-builder(1), but the new tool is more featureful. (Pino Toscano)
New features in existing tools
virt-v2v(1) -i ova mode can now read a wider range of OVA files, and also unpacked files (directories).
virt-v2v now securely passes options to curl, so passwords, cookies and so on cannot be seen by users with shell access on the same machine.
virt-v2v has a new --password-file option to allow you to securely pass in a password, and to avoid an interactive prompt.
virt-v2v disables Windows autoreboot, making debugging conversion failures on Windows easier.
virt-v2v now comes with an extensive external test suite. See virt-v2v-test-harness(1).
virt-v2v allows virtio drivers to come from any location (Roman Kagan), and drivers can be read directly from the virtio ISO.
virt-v2v supports conversion of Windows ≥ 8. Note this is experimental, and possibly broken. Use with caution.
virt-v2v can now convert UEFI guests.
virt-p2v(1) adds a network configuration dialog.
virt-p2v now has "p2v.pre", "p2v.post" and "p2v.fail" triggers, allowing arbitrary scripts for preparing the host for conversion and tidying up post-conversion.
virt-p2v now uses the more advanced metacity window manager (instead of matchbox).
virt-sysprep(1) will remove "/var/spool/mail/username" for non-root accounts (Hu Tao).
virt-customize(1), virt-builder(1) and virt-sysprep have the following new options:
Improvements to virt-customize firstboot support. In particular, Windows firstboot should work as well as Linux (Roman Kagan).
virt-df(1) can now use PolicyKit, SASL and other authentication methods when getting the list of domains from libvirt.
Improvements to guestfish bash completion (Pino Toscano).
Bash completion now completes short options as well as long options (Pino Toscano).
guestfish(1) now displays a command synopsis if the number of parameters given to a command is wrong (Hu Tao).
virt-builder now supports Red Hat Enterprise Linux versions back to RHEL 3.
virt-builder supports SUSE guests using zypper (Cédric Bosdonnat).
Language bindings
The Java bindings now include validated Javadoc, and other improvements (Pino Toscano).
Multiple fixes and improvements to the PHP bindings (Pino Toscano).
Inspection
Inspection can now get icons from RHEL 7 and CentOS 7.
/etc/favicon.png is now allowed to be a symbolic link.
For RPM-based guests, inspection now returns RPM Epoch fields.
Debian packages now have separate Epoch and Version fields (Nikos Skalkotos).
OpenBSD detection added, FreeBSD and NetBSD added as separate "distros", and other BSD inspection improvements and bug fixes (Nikos Skalkotos).
CoreOS detection added (Nikos Skalkotos).
The package manager in Fedora ≥ 22 is "dnf".
ReactOS guests can be inspected (Maros Zatko).
Add support for UEFI guests.
Inspection now works when kernel modules are gzip or xz compressed (Pino Toscano).
Inspection now recognizes ppc64 and ppc64le guests (Maros Zatko).
Inspection lists the installed applications on Archlinux guests (Nikos Skalkotos).
Architectures and platforms
PPC64 (POWER7) and PPC64LE (POWER8) architectures are now much better supported, and should work out of the box.
For aarch64, we use AAVMF (an open source UEFI implementation based on OVMF) if available to run the appliance.
For armv7, we now use the -M virt machine type by default.
There is better support for compiling on non-Linux platforms (Pino Toscano, Margaret Lewicka).
Libguestfs should now work on MIPS 32 bit little endian ("mipsel"). I have not been able to try 64 bit or big endian.
For further information, see upstream commit https://github.com/libguestfs/libguestfs/commit/6c6ce85f94c36803fe2db35a98db436bff0c14b0
Libguestfs was modified so that it uses resource limits to limit the space and time used by "qemu-img info", to avoid this problem. If a malicious user tries to pass one of these disk images to libguestfs, "qemu-img" will crash and the crash is reported back to libguestfs callers as an error message.
New APIs
Other API changes
"guestfs_disk_create" can now use VMDK files as backing files.
"guestfs_btrfs_subvolume_snapshot" takes extra optional parameters (all added by Hu Tao):
"guestfs_btrfs_subvolume_create" can also take the optional "qgroupid" parameter (Hu Tao).
"guestfs_set_uuid" can set UUID of swap partitions, Btrfs (Hu Tao, Chen Hanxiao).
"guestfs_copy_device_to_file" and "guestfs_copy_file_to_file" have a new optional "append" parameter, allowing you to append to the output file instead of truncating it.
"guestfs_mkfs" has a new optional "label" parameter to set the initial label of the new filesystem (Pino Toscano).
"guestfs_set_label" and "guestfs_set_uuid" now set "ENOTSUP" as errno when there is no implemented support for the filesystem of the specified mountable (Chen Hanxiao).
Environment variables now let you write "LIBGUESTFS_DEBUG=true", "LIBGUESTFS_DEBUG=0" and so on.
All "guestfs_sfdisk*" APIs have been deprecated. Because sfdisk(8) was rewritten, incompatibly, upstream, we don't recommend using these APIs in future code. Use the "guestfs_part*" APIs as replacements.
APIs such as "guestfs_download" do not truncate /dev/stdout or /dev/stderr when writing to them, meaning that if you redirect stdout or stderr to a file, the file is no longer truncated.
The daemon no longer uses its own separate copy of gnulib. Instead it shares a single copy with the library.
OCaml .annot files are now created, so IDEs and editors like emacs and vi can browse OCaml types in the source code.
Various fixes to allow different host/appliance architecture builds (Pino Toscano).
Automake is now used directly to build all the OCaml programs, instead of ad hoc Makefile rules. One side effect of this is to enable warnings in all the C code used by OCaml programs.
"-fno-strict-overflow" is used throughout the build to avoid dubious GCC optimizations.
Multiple cleanups to support GCC 5.
OCaml OUnit2 is needed to run some OCaml tests.
Creating a statically linked libguestfs.a should work again.
The src/api-support subdirectory and its scripts are no longer used. Instead we store in the generator/actions.ml when the API was added to libguestfs.
The translation service has changed from Transifex to Zanata.
Many more translations are available now, for both library and tools messages and documentation.
In all OCaml tools, there are now common "error", "warning", "info" functions, and common way to set and get the --quiet, -x (trace) and -v (verbose) flags, and colour highlighting used consistently.
"COMPILE_REGEXP" macros are used to simplify PCRE constructors and destructors.
In the generator, "Pointer" arguments have finally been implemented.
Internal identifiers no longer use double and triple underscores (eg. "guestfs___program_name"). These identifiers are invalid for C99 and C++ programs, although compilers would accept them.
The daemon no longer parses "guestfs_*" options from /proc/cmdline. Instead it only takes ordinary command line options. The appliance init script turns /proc/cmdline into daemon command line options.
The tests can now run the daemon as a "captive process", allowing it to be run directly on the host. The main advantage of this is we can run valgrind directly on the daemon during testing.
These release notes only cover the differences from the previous stable/dev branch split (1.26.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.
Tools
virt-v2v(1) and virt-p2v(1) are tools for converting from foreign hypervisors (such as VMware or Xen) or physical machines, to KVM. These tools were previously a separate project. The code for both tools has been integrated into the libguestfs tree. As part of the refactoring, virt-p2v has been rewritten (from Ruby, now C), and virt-v2v now uses several modern features of qemu which make it run many times faster than before. virt-v2v(1) can import from: VMware vCenter, VMware OVA files, local disk files, libvirt, RHEL 5 Xen. It can output to: oVirt or Red Hat Enterprise Virtualization (RHEV-M), OpenStack Glance, libvirt, qemu, local disk files.
virt-log(1) is a new tool for listing log files from guests. It supports a variety of guests including Linux traditional, Linux using journal, and Windows event log.
virt-builder(1) has a new "--machine-readable" option to make it simpler to consume virt-builder from other programs.
New virt-builder(1) and virt-customize(1) --chmod option.
virt-sysprep(1) will now remove: systemd journals, anaconda logs, lightdm logs, debian-installer files, apt logs, exim logs, ConsoleKit logs, firewalld logs, grubby logs, proftpd logs, libvirt/libxml logs, and several other log files. The virt-sysprep "user-account" operation is now able to remove or keep particular user accounts. (Pino Toscano).
New guestmount(1) --fd option, allowing you to run guestmount captive under another process.
virt-sparsify(1) has a new --tmp option allowing you to precisely control where temporary files are stored.
virt-sparsify(1) can now write to a block device.
virt-customize(1) and virt-sysprep(1) now support adding firstboot scripts to Windows guests.
virt-cat(1), virt-edit(1), virt-ls(1) now support the -m option, allowing you to override automatic inspection of guests and instead specify where to mount partitions (Pino Toscano).
The virt tools now have coloured output: green for OK, red for errors, blue for warnings.
Language bindings
You can build a Python distribution using "make -C python sdist"
Ruby bindings have switched from "Test::Unit" to "MiniTest".
The Java bindings are now compatible with OpenJDK 8 (Pino Toscano).
Inspection
Oracle Linux is returned as "oraclelinux" (Nikos Skalkotos).
Linux guests which do not have /etc/fstab can now be handled (Pino Toscano).
Minix is returned as "minix" (Pino Toscano).
Architectures
Aarch64 (64 bit ARM) support has been added.
Inspection and the "guestfs_file_architecture" call can now recognize arm (32 bit) and aarch64 guests.
Since the libvirt XML comes from a trusted source (the libvirt daemon) it is not thought that this could have been exploitable.
This was fixed in libguestfs ≥ 1.27.9 and the fix was backported to stable versions ≥ 1.26.2, ≥ 1.24.9, ≥ 1.22.10 and ≥ 1.20.13. (Thanks: Dan Berrange, Pino Toscano).
New APIs
Libguestfs can now be built with qemu 2.x.
Add support for packaging the appliance on Mageia (Joseph Wang, Thierry Vignaud).
Augeas is now a required dependency.
Flex and bison are now required dependencies.
User-Mode Linux (UML) is no longer a supported backend (although still available). It will be supported again once someone steps in and fixes various regressions and brokenness in the UML (Linux) kernel.
You can now connect gdb to qemu by specifying "LIBGUESTFS_BACKEND_SETTINGS=gdb"
Serial BIOS (sgabios) is now used by the libvirt backend (on x86 only) so that we see early BIOS messages.
For the OCaml virt tools, exceptions are now handled and printed by a common function.
A GCC warning about large stack frames is now enabled by default. Several places that used large arrays and structures on the stack have been fixed.
There is now a test for booting the appliance repeatedly. Useful for finding kernel leaks. See: tests/qemu/qemu-boot.c
There is a test for testing the speed of various qemu features such as virtio-serial uploads and block device writes. See: tests/qemu/qemu-speed-test.c
GCC warnings are now enabled for OCaml-C bindings in the OCaml virt tools.
The code for editing files used by virt-edit(1), guestfish(1) "edit" command, virt-customize(1) --edit option and more is now shared between all these utilities (thanks Pino Toscano).
The FUSE tests were rewritten in C to ensure finer control over how system calls are tested.
The update-bugs.sh script has been fixed so it should no longer create an empty "BUGS" file if the Bugzilla server is unavailable.
The virt-resize(1) tests now use a stochastic method to ensure much deeper and broader testing.
When the network is enabled, the appliance now uses DHCP to acquire an IP address.
If libvirt is being used then the appliance will connect to "virbr0" (can be overridden by setting "LIBGUESTFS_BACKEND_SETTINGS=network_bridge=<some_bridge>"). This enables full-featured network connections, with working ICMP, ping and so on.
These release notes only cover the differences from the previous stable/dev branch split (1.24.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.
Tools
virt-customize(1) is a new tool for customizing virtual machine disk images. It lets you install packages, edit configuration files, run scripts, set passwords and so on. virt-builder(1) and virt-sysprep(1) use virt-customize, and command line options across all these tools are now identical.
virt-diff(1) is a new tool for showing the differences between the filesystems of two virtual machines. It is mainly useful when showing what files have been changed between snapshots.
virt-builder(1) has been greatly enhanced. There are many more ways to customize the virtual machine. It can pull templates from multiple repositories. A parallelized internal xzcat implementation speeds up template decompression. Virt-builder uses an optimizing planner to choose the fastest way to build the VM. It is now easier to use virt-builder from other programs. Internationalization support has been added to metadata. More efficient SELinux relabelling of files. Can build guests for multiple architectures. Error messages have been improved. (Pino Toscano)
virt-sparsify(1) has a new --in-place option. This sparsifies an image in place (without copying it) and is also much faster. (Lots of help provided by Paolo Bonzini)
virt-sysprep(1) can delete and scrub files under user control. You can lock user accounts or set random passwords on accounts. Can remove more log files. Can unsubscribe a guest from Red Hat Subscription Manager. New flexible way to enable and disable operations. (Wanlong Gao, Pino Toscano)
virt-win-reg(1) allows you to use URIs to specify remote disk images.
virt-format(1) can now pass the extra space that it recovers back to the host.
guestfish(1) has additional environment variables to give fine control over the "><fs>" prompt. Guestfish reads its (rarely used) configuration file in a different order now so that local settings override global settings. (Pino Toscano)
virt-make-fs(1) was rewritten in C, but is unchanged in terms of functionality and command line usage.
Language bindings
The OCaml bindings have a new "Guestfs.Errno" module, used to check the error number returned by "Guestfs.last_errno".
PHP tests now work. (Pino Toscano)
Inspection
Inspection can recognize Debian live images.
Architectures
ARMv7 (32 bit) now supports KVM acceleration.
Aarch64 (ARM 64 bit) is supported, but the appliance part does not work yet.
PPC64 support has been fixed and enhanced.
This was caused by a NULL pointer dereference causing a denial of service, and is not thought to be exploitable any further.
See commit d70ceb4cbea165c960710576efac5a5716055486 for the fix. This fix is included in libguestfs stable branches ≥ 1.26.0, ≥ 1.24.6 and ≥ 1.22.8, and also in RHEL ≥ 7.0. Earlier versions of libguestfs are not vulnerable.
GUID parameters are now validated when they are passed to API calls, whereas previously you could have passed any string. (Pino Toscano)
New APIs
export LIBGUESTFS_BACKEND=direct
export LIBGUESTFS_BACKEND_SETTINGS=force_tcg
The following extra packages are required to build libguestfs 1.26:
PO message extraction rewritten to be more robust. (Pino Toscano)
"podwrapper" gives an error if the --insert or --verbatim argument pattern is not found.
Libguestfs now passes the qemu -enable-fips option to enable FIPS, if qemu supports it.
"./configure --without-qemu" can be used if you don't want to specify a default hypervisor.
Copy-on-write [COW] overlays, used for example for read-only drives, are now created through an internal backend API (".create_cow_overlay").
Libvirt backend uses some funky C macros to generate XML. These are simpler and safer.
The ChangeLog file format has changed. It is now just the same as "git log", instead of using a custom format.
Appliance start-up has changed:
Note that you must configure your kernel to have "CONFIG_UEVENT_HELPER_PATH=""" otherwise you will get strange LVM errors (this applies as much to any Linux machine, not just libguestfs). (Peter Rajnoha)
Libguestfs can now be built on arches that have ocamlc(1) but not ocamlopt(1). (Hilko Bengen, Olaf Hering)
You cannot use "./configure --disable-daemon --enable-appliance". It made no sense anyway. Now it is expressly forbidden by the configure script.
The packagelist file uses "m4" for macro expansion instead of "cpp".
These release notes only cover the differences from the previous stable/dev branch split (1.22.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.
User-Mode Linux (UML) can be used as an alternative backend (ie. instead of KVM). This improves performance especially when using libguestfs inside a VM (eg. in the cloud). UML is supported as a first-class backend. See "USER-MODE LINUX BACKEND" in guestfs(3) for how to use this.
ARM (32 bit) and PPC64 are now fully supported.
Tools
virt-builder(1) is a new tool for building virtual machine images. It lets you rapidly and securely create guests and customize them.
New virt-sysprep(1) operations: Remove files in /tmp and /var/tmp. Remove RPM database files. Change root and user passwords. More log files are removed. New operations which are not enabled by default: Create random UUIDs for filesystems. Reset firewall rules. (Wanlong Gao)
virt-resize(1) and virt-sysprep can now use URIs to specify a remote disk.
Use "guestfish -N filename=type" to create a named disk image (instead of the default test1.img etc).
virt-sparsify(1) now tests if there is enough disk space to complete the operation, instead of possibly running out of space half way through.
virt-format(1) and virt-make-fs(1): new --label option for setting filesystem label.
virt-resize --no-sparse flag can be used to resize on to partitions and other targets that are not zeroed.
Language bindings
New bindings for the Go programming language.
API
Support for the systemd journal.
"guestfs_add_drive_opts" can now control the qemu caching mode through a new "cachemode" parameter. You can select improved performance for temporary drives, or safety.
"guestfs_set_label" now works for XFS and btrfs.
New GUESTFS_EVENT_WARNING event for warning messages.
Inspection
Better inspection of SUSE guests (Olaf Hering).
Better support for non-standard Windows %systemroot% (Matthew Booth).
Enhanced error reporting for Augeas errors.
A denial of service was possible when inspecting certain guests. The fix has been backported to 1.20 and 1.22 branches.
Fix insecure temporary directory handling for remote guestfish. The fix has been backported to 1.20 and 1.22 branches.
add-drive-scratch: Add a temporary scratch drive aug-label aug-setm journal-open: Systemd journal support journal-close journal-next journal-skip journal-get journal-get-data-threshold journal-set-data-threshold remount: Allow rw flag to be adjusted on mounted filesystems set-uuid: Set UUID of filesystem
"is-file", "is-dir", "is-blockdev", "is-chardev", "is-fifo", "is-socket" APIs now have an extra "followsymlinks" flag.
"add-drive" has a new "cachemode" parameter.
The following packages are required to build libguestfs 1.24:
The following optional packages may be added to enhance functionality but are not required:
New "make check-*" rules replace "make extra-tests". See "make help" and guestfs(3) for details.
Perl code can now be valgrinded.
Inspection code is now fuzz-tested.
"make" no longer recurses into the generator directory in every other directory. This reduces the overhead of builds considerably.
Additional tests for Augeas, hivex.
Add a launch timeout of 20 minutes waiting for the appliance to start up.
Add a timeout (4 hours) to all tests so we can catch the case where qemu or other components hang.
Use kvmclock and "-cpu host". This improves clock stability and overall performance.
"./configure --enable-packet-dump" mode is fixed.
"./configure --enable-valgrind-daemon" mode has been rewritten. It is now feasible for developers to keep this flag enabled at all times.
Backends have been refactored to be modular (although they are not actually loadable modules).
When enabled, the network now uses resolver configuration (ie. /etc/resolv.conf) from the host.
These release notes only cover the differences from the previous stable/dev branch split (1.20.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.
API
Remote access to disks:
The SYSLINUX and EXTLINUX bootloaders can now be installed in disk images using the API.
Inspection can now handle filesystems such as btrfs where subvolumes are separately mountable (Matthew Booth).
"Attach methods" are now known as "backends". Compatibility with existing code is preserved.
Filenames can contain ':', as long as newer QEMU is being used.
Tools
Virt-alignment-scan and virt-df scan multiple guests in parallel.
Guestmount now passes errno accurately back to userspace in almost all cases.
Guestfish and other tools can now use a URI-like syntax to access remote disks, eg:
guestfish -a ssh://example.com/path/to/disk.img
Guestfish and guestmount now allow you to specify the filesystem type when mounting, which is more secure (Dave Vasilevsky).
Guestfish is now the "guest filesystem shell".
Guestfish allows only 1 "true" "t" "yes" "y" "on" 0 "false" "f" "no" "n" "off" for boolean values (case insensitive), and gives an error for all other strings.
New tool "guestunmount" for unmounting FUSE filesystems safely.
"guestmount --no-fork" flag prevents guestmount from daemonizing.
Virt-resize now uses sparse copies by default, saving considerable space for guests which are mostly empty.
Bash tab completion has been rewritten and can now handle most tools, and correctly tab-complete "--long" options. In addition, bash completion scripts are loaded on demand.
Language bindings
The Java API now supports events.
The Python object now inherits from the "object" base class.
Python methods which previously returned lists of tuples can now be made to return a Python dict. For backwards compatibility, you have to enable this by using the constructor option "guestfs.GuestFS (python_return_dict=True)".
The PHP bindings are now tested properly, and have had multiple fixes.
The long-deprecated Perl "Sys::Guestfs::Lib" library has been removed. https://www.redhat.com/archives/libguestfs/2013-April/msg00001.html
例
新しいプログラム例は、デバッグを有効化し、ログメッセージを採取する方法を示します。
Other
Distributors can add arbitrary extra packages to the appliance by doing:
./configure --with-extra-packages="list of package names"
Distributors can use:
./configure --with-supermin-extra-options="..."
to add arbitrary extra options to supermin.
No security issues were found in this release.
cp-r extlinux feature-available get-program is-whole-device part-get-gpt-type part-set-gpt-type rename set-program syslinux
C のみ:
guestfs_event_to_string
The febootstrap tool has now been renamed to "supermin". Libguestfs can use either, but now prefers "supermin". http://people.redhat.com/~rjones/supermin/
libxml2 が libguestfs をビルドするために必要です。
(hivex の) hivexregedit プログラムが git からビルドするために必要です。
Internal functions can no longer be used unless the caller defines "-DGUESTFS_PRIVATE=1".
Enable C compiler warnings in Python, Ruby bindings.
Fail early and clearly if libvirt does not support qemu/KVM (eg. if default libvirt connection is to Xen).
"make print-subdirs" rule, useful for selectively running tests.
Multiple fixes to allow separated (sourcedir != builddir) builds.
Multiple fixes to Haskell bindings.
"ln" and "ln-f" APIs now capture "errno" correctly.
Language binding tests use (mostly) a standard numbering scheme and aim to test the same range of features in each language. Also the number of launches required has been reduced so these tests should run much more quickly.
Library code internally uses GCC "__attribute__((cleanup))" (if available) to simplify memory allocation.
Internal header files have been reorganized. See the comments in src/guestfs-internal*.h
Internal code shared between the library and certain tools is now located in a static "libutils" library.
Almost all subdirectories can now use parallel builds, although note that the top-level directories still build in series.
Use of "PATH_MAX" and "NAME_MAX" has been eliminated from the code.
The Java API now requires JVM ≥ 1.6.
Force use of "serial-tests" with automake ≥ 1.12.
Use of sockets in the library protocol layer is abstracted, allowing other non-POSIX layers to be added in future (see src/conn-socket.c).
"qemu-img info --output json" is used if available, for more secure parsing of the output of this command.
Distros can now use "make INSTALLDIRS=vendor install" to place Ruby bindings in vendordir. This eliminates a non-upstream patch carried by both Fedora and Debian.
Valgrind log files are now written to tmp/valgrind-DATE-PID.log
"make clean" cleans the local "tmp/" directory.
The C API tests have been rewritten using a more flexible generator language that allows arbitrary C code to be executing during tests.
These release notes only cover the differences from the previous stable/dev branch split (1.18.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.
libvirt and sVirt (SELinux confinement)
You can optionally use libvirt to launch and manage the backend appliance by:
SVirt (SELinux confinement) is used to secure the libguestfs appliance, if the libvirt backend is selected.
virtio-scsi, larger number of drives, hotplugging
Virtio-scsi is now used by default, if it is available. This greatly increases the number of drives that can be added to a single libguestfs handle (up to 255).
You can now hotplug drives (add and remove drives after launch).
Libguestfs can now handle > 25 disks, in all APIs, tools and tests.
You can label drives when adding them, then refer to them by label (/dev/disk/guestfs/LABEL) instead of having to use device names (/dev/sda).
new library features
POSIX Access Control Lists (ACLs) and Linux filesystem capabilities can now be read and written through the API.
Windows Dynamic Disks are now supported. The metadata can only be read (volumes cannot be modified or created). However the data/filesystems in the volumes themselves can be mounted, read and written (Matthew Booth).
Hivex (Windows Registry editing) is now directly supported through the API, making reading or editing the Windows Registry much more efficient.
Several libguestfs APIs were reimplemented so they no longer have any limits on output. The reimplemented APIs are: "guestfs_cat", "guestfs_find", "guestfs_read_file", "guestfs_read_lines", "guestfs_write", "guestfs_write_append", "guestfs_lstatlist", "guestfs_lxattrlist", "guestfs_readlinklist", "guestfs_ls".
virt tools
"guestfish touch 'win:c:\new_file'" now works as expected.
"guestfish" has a new --network option, which enables the user network in libguestfs.
You can set "GUESTFISH_PS1" to use fancy prompts in "guestfish".
"rsync", "ssh", "less" and "lrzip" commands are now available in virt-rescue. In addition, "rsync" can be used through the API for doing incremental copies.
"virt-sparsify" uses qcow2 v3 for increased efficiency.
"virt-sysprep" enhancements:
"virt-make-fs" can now create virtual floppy disks (VFDs).
"guestmount" has a --pid-file option, which can be used to avoid a race condition between unmounting the filesystem and using the underlying disk image.
language bindings
Full-featured Lua bindings have been added in this release (thanks to Jerome Vuarand for many suggestions).
In Ruby, optional arguments hash is optional.
In Python, optional arguments now don't use special "sentinel" values, so any integer can be passed as an optional argument.
Erlang bindings now come with examples and tests.
Erlang bindings now handle 64 bit integer parameters correctly.
The automated 'bindtests' now test for 64 bit cleanliness in parameter passing. Several bugs in the bindings were found and fixed as a result.
Better handling of blocking and non-blocking functions should make libguestfs calls more efficient.
inspection
Windows guests with unlimited-sized Registries are now supported. By adding the hivex API to the libguestfs API, it is much more efficient and easier to inspect and modify the Windows Registry in guests.
Better support for SuSE guests (Olaf Hering).
Return the architecture of installed applications (John Eckersberg).
Windows 8 is now supported.
Fedora 18 is now supported.
Inspection of ISOs/CDs/DVDs can now use the libosinfo database.
ports
Libguestfs without the appliance can be compiled on Mac OS X (Masami HIRATA).
RHEL 5 is now explicitly supported through the 'oldlinux' branch in upstream git.
PowerPC 64 bit is now supported. Also libguestfs has been examined for endianness bugs and these have been fixed.
daemon
A man page for the daemon (guestfsd(8)) is included.
guestfish history file
The $HOME/.guestfish history file is now created with 0600 permissions (instead of 0644 before) so it is no longer world readable.
CVE-2012-2690
Old versions of both "virt-edit" and the "guestfish" "edit" command created a new file containing the changes but did not set the permissions, etc of the new file to match the old one. The result of this was that if you edited a security sensitive file such as /etc/shadow then it would be left world-readable after the edit.
この問題は CVE-2012-2690 に割り当てられおり、libguestfs ≥ 1.16 において修正されています。
詳細は https://bugzilla.redhat.com/show_bug.cgi?id=788642 を参照してください。
acl-delete-def-file acl-get-file acl-set-file canonical-device-name cap-get-file cap-set-file create-flags device-index disk-has-backing-file disk-format disk-virtual-size filesystem-available fill-dir fstrim get-cachedir get-libvirt-requested-credentials get-libvirt-requested-credential-prompt get-libvirt-requested-credential-challenge get-libvirt-requested-credential-defresult get-tmpdir hivex-close hivex-commit hivex-node-add-child hivex-node-children hivex-node-delete-child hivex-node-get-child hivex-node-get-value hivex-node-name hivex-node-parent hivex-node-set-value hivex-node-values hivex-open hivex-root hivex-value-key hivex-value-type hivex-value-utf8 hivex-value-value inspect-list-applications2 (John Eckersberg) list-ldm-volumes list-ldm-partitions ldmtool-create-all ldmtool-diskgroup-disks ldmtool-diskgroup-name ldmtool-diskgroup-volumes ldmtool-remove-all ldmtool-scan ldmtool-scan-devices ldmtool-volume-hint ldmtool-volume-partitions ldmtool-volume-type ls0 max-disks mke2fs (Wanlong Gao) mklost-and-found mkswap [added label and uuid optional arguments] mktemp (Wanlong Gao) nr-devices parse-environment parse-environment-list rm-f rsync rsync-in rsync-out set-cachedir set-libvirt-supported-credentials set-libvirt-requested-credential set-tmpdir shutdown [backported to 1.16 and 1.18] tar-in [added compress flag] tar-out [added compress, numericowner, excludes flags] umount [added force and lazy optional arguments] utsname xfs-admin (Wanlong Gao) xfs-growfs (Wanlong Gao) xfs-info (Wanlong Gao) xfs-repair (Wanlong Gao)
In the C API only:
guestfs_push_error_handler guestfs_pop_error_handler
qemu ≥ 1.1 is required (≥ 1.2 preferred).
febootstrap ≥ 3.20 is required.
libvirt is optional, but if you want to use the new libvirt backend for launching the appliance then libvirt ≥ 0.10.2 would be required.
Coverity has been run over the complete codebase, and many issues fixed (thanks Ondrej Vasik, Kamil Dudka).
Functions which previously had no optargs can now be converted to ones with optargs, making extending the API much more flexible. Source and binary backwards compatibility is preserved for users of the API.
The way that libguestfs APIs and structures are represented in the generator has changed to use an OCaml struct instead of a tuple. This makes generator descriptions more flexible and easier to understand. For details see commits 39d1a7db and eb185eef.
Separation of the library code into more files:
POD (documentation) is now generated using a rewritten Perl program instead of pod2* + shell scripts.
Man pages now contain stable dates (Hilko Bengen).
Skipped tests now exit with code 77, so they appear as "SKIP:" in "make check" output.
The parallel mount-local test has been rewritten in C (RHBZ#838081).
Ruby 1.8.5 is now supported (though Ruby ≥ 1.9 is preferred).
Perl bindings can be disabled via "./configure --disable-perl" (Wulf C. Krueger). Note that Perl is still required in order to build libguestfs.
Java bindings are now enabled/disabled using "./configure --with-java" or "./configure --without-java" (Wulf C. Krueger).
New configure options "./configure --enable-code-profiling" and "./configure --enable-code-coverage".
Multiple fixes to use of 64 bit integers in language bindings.
The appliance backend now uses sgabios instead of vgabios (Dan Berrange).
The "./run" script now sets enough environment variables that you can run OCaml, Python, Ruby, Java, GJS, Erlang, Lua programs.
"./run --test" flag for running tests with minimal output. It also prints the time taken to run each test.
The "./run" script now builds up paths cumulatively, meaning that you can use "./run" twice, or use the libguestfs and libvirt "./run" scripts together.
You can extract a list of external commands required by the daemon, making building the appliance on certain distros easier (Olaf Hering).
The "virt-rescue" command is now tested during "make check".
The generator now removes unused generated files. This helps when going back and forth with git rebase, git bisect, etc.
Tests now run in a separate toplevel "tmp/" directory in the source. This allows the directory to be labelled for SELinux (sVirt), and also makes it easier to clean up.
"make syntax-check" now works to a greater extent, and many problems in the main code that were found by syntax-check have been fixed (thanks Jim Meyering).
Emacs mode (-*- foo -*-) has been added to generated files.
Progress bar output is now sent to /dev/tty so it doesn't end up in the regular output of the program. virt-resize and virt-sparsify now suppress progress bars if stdout is not a tty.
There is now a "./configure --without-libvirt" option. This is useful for testing that the code still compiles without libvirt.
There is now an internal mini-library for running commands. This allows us to redirect errors from external commands into events.
Code for handling temporary directories and the appliance cache was completely overhauled.
Code for temporarily ignoring/disabling errors now looks like this:
guestfs_push_error_handler (g, NULL, NULL); guestfs_mkdir (g, "/foo"); /* We don't care if this fails. */ guestfs_pop_error_handler (g);
The "tests/extra" directory has gone. The "extra tests" are now split into separately runnable targets, such as "make check-valgrind". Use "make help" to get a summary of the targets.
The "lpj" option is passed to the appliance kernel when using TCG. This should improve clock stability (thanks Marcelo Tosatti, Olaf Hering).
These release notes only cover the differences from the previous stable/dev branch split (1.16.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.
virt tools
- virt-sysprep has been rewritten and expanded (thanks Wanlong Gao)
http://libguestfs.org/virt-sysprep.1.html
- virt-sparsify --zero is a new option that zeroes the named
partition or filesystem
- virt-sparsify can now safely sparsify Linux swap partitions
- virt-sparsify fixed so it cleans up after ^C
http://libguestfs.org/virt-sparsify.1.html
- a new tool 'libguestfs-make-fixed-appliance' is provided to build
fixed appliances that can be copied to other machines that don't
have febootstrap support
http://libguestfs.org/libguestfs-make-fixed-appliance.1.html
- virt-filesystems now displays the parents (containers) of MD
devices and volume groups
- virt-alignment-scan, run with no args, displays alignment information
for all libvirt domains
- virt-df and virt-alignment-scan will display information from all
guests even when a disk is inaccessible
- virt-rescue new --scratch option to make scratch disks
https://rwmj.wordpress.com/2012/04/26/virt-rescue-scratch/#content
- virt-make-fs can now be used to create btrfs
- virt-edit preserves permissions, UID, GID and SELinux context
when editing files
- guestfish passes the close event over stdout and remote correctly
- guestfish new '--pipe-error' option lets you detect errors in pipe
commands
- guestfish globs now expand device names
- comma and colon characters in filenames now handled correctly by
all virt tools
inspection
- Fedora 17+ のサポートの追加
- FreeDOS のサポートの追加
- Buildroot および Cirros のサポートの追加
- inspection is now compatible with Windows guests that have been
sysprepped (thanks Grant Williamson).
API
- broad support for btrfs added, including adding multiple devices,
fsck, snapshots (thanks Wanlong Gao)
- the new 'mount-local' API brings FUSE support directly into the
core libguestfs API
https://rwmj.wordpress.com/2012/05/14/tip-using-mount-local-api-from-c/#content
- new man page: guestfs-performance(1), which contains performance
tuning tips
http://libguestfs.org/guestfs-performance.1.html
- new man page: guestfs-faq(1), Frequently Asked Questions
http://libguestfs.org/guestfs-faq.1.html
- ENOTSUP (from guestfs_last_errno) is now returned for APIs that
are not supported
例
- 'copy_over' example showing how to copy between two handles - 'display_icon' program displays the icon associated with a guest - 'mount_local.c' example shows how to use the mount-local API
(no security problems were found or fixed in this release)
btrfs-device-add: Add devices to a btrfs filesystem. btrfs-device-delete: Remove devices from a btrfs filesystem. btrfs-filesystem-sync: Sync a btrfs filesystem. btrfs-filesystem-balance: Balance a btrfs filesystem. btrfs-fsck: Check btrfs filesystem. btrfs-set-seeding: Enable or disable seeding. btrfs-subvolume-create: Create a btrfs snapshot. btrfs-subvolume-delete: Delete a btrfs snapshot. btrfs-subvolume-list: List btrfs snapshots and subvolumes. btrfs-subvolume-set-default: Set default btrfs subvolume. btrfs-subvolume-snapshot: Create a writable btrfs snapshot. get-e2attrs: List ext2 file attributes of a file. get-e2generation: Get ext2 file generation of a file. isoinfo, isoinfo-device: Get information from the header of ISO files. llz: List files with SELinux information. lvcreate-free: Create an LVM logical volume in % remaining free space. md-stat: Return underlying devices from an MD device. mkfs-brtfs: Make btrfs filesystem, with all tunables. mount-local, mount-local-run, umount-local: FUSE support in the API. ntfsclone-in, ntfsclone-out: Save, restore NTFS from backup. ntfsfix: Fix common errors and force Windows to check NTFS. set-e2attrs: Set or clear ext2 file attributes of a file. set-e2generation: Set ext2 file generation of a file. set-label: Unified interface for setting filesystem label. vgmeta: Get volume group metadata. wipefs: Wipe filesystem signatures from a device. zero-free-space: Zero free space in a filesystem.
- The debian/ subdirectory has been removed. We recommend you use the official Debian packages made by Hilko Bengen. http://people.debian.org/~bengen/libguestfs/ http://packages.debian.org/search?keywords=libguestfs - O_CLOEXEC / SOCK_CLOEXEC is now used for almost all file descriptors that the library opens. - posix_fadvise is called when sequentially reading or writing large files. - close all file descriptors and remove all signal handlers in the recovery process - multiple gcc warnings and Coverity bugs have been fixed; many strict-overflow bugs have also been fixed - use ./configure --enable-valgrind-daemon to use valgrind on the daemon; many errors have been fixed - use ./configure --with-qemu-options to pass extra options to qemu - the daemon now has a growable strings buffer type (DECLARE_STRINGSBUF) - the <guestfs.h> header file works with C++ and we have a regression test for this - multiple APIs which should only be called in the CONFIG state now give an error if they are not - .gitignore fixed to use absolute paths - gobject bindings have been expanded, including mapping libguestfs events to gobject signals (thanks Matt Booth) - gobject documentation is generated properly (thanks Matt Booth) - gobject header files now live in a subdirectory - CompareWithString test in the generator now works - FUInt32, FUInt64 struct field types now use the correct XDR type - OCaml tests are now run on bytecode and native code. - java -Xlint:all is used, and all warnings have been fixed - bmptopng, wrestool (etc) missing or failure no longer prints warning messages - ruby: Use RbConfig instead of Config. - PYTHONPATH is set by the ./run script. - appliance building is now thread-safe. - appliance now uses 'ip' instead of 'ifconfig' and 'netstat' commands - several fixes to make parallel builds work properly - guestfish --listen now cleans up properly - the BUSY state has been removed - gettextize has been removed, replaced by a simple Makefile.am - gettext support now covers virt-resize, virt-sparsify and virt-sysprep - better support for the arm architecture
- 822490 virt-ls error: "libguestfs: error: checksum: path: parameter cannot be NULL" - 816839 data overflow error when debug progress -1 - 816098 virt-make-fs fails to make a btrfs filesystem because it doesn't allocate enough space - 811872 inspection fails on ubuntu 10.04 guest with encrypted swap - 811650 guestfs_last_error not set when qemu fails early during launch - 811649 libguestfs cannot open disk images which are symlinks to files that contain ':' (colon) character - 811117 [RFE][virt-sysprep] net-hwaddr not removed from "ifcfg-*" files on rhel - 811112 [RFE][virt-sysprep] hostname can not be changed on rhel system - 809361 inspection doesn't recognize Fedora 18 (grub2 + GPT) - 807905 mkfs blocksize option breaks when creating btrfs - 805070 virt-filesystems should show 'parents' of LV and RAID devices - 804464 libguestfs cannot be built when LINGUAS is different then ja or uk - 803664 libguestfs inspection fails on Windows XP: libguestfs: error: hivex: could not locate HKLM\SYSTEM\MountedDevices - 803533 guestfish: write error - 802389 event handlers for 'close' event doesn't work in remote mode - 802109 libguestfs uses putc on stderr, results in many individual 1 byte writes of debug messages - 801640 [RFE] the error reported by resize2fs-M need to be more clear - 801298 Possible null dereference and resource leaks - 801273 Document for set-pgroup need to be updated - 798196 virt-resize confuses format and output_format variables; using --output-format sets the input format - 797986 virt-resize on Windows XP in sysprep state causes "UNMOUNTABLE_BOOT_VOLUME" BSOD - 796520 [RFE] Prevent user from running some appliance configure commands after appliance boot up - 790721 multiprovider build error: RuntimeError: link: /tmp/.guestfs-0/kernel /tmp/.guestfs-0/kernel.10139: File exists - 789960 guestfsd crash when try to mount non-exist disk - 789504 virt-df (other tools?) should not give up if a guest disk is missing - 788641 virt-edit doesn't preserve file permissions - 786215 libguestfs inspection does not recognize FreeDOS operating system - 786188 libguestfs inspection does not recognize FreeDOS install CD - 785668 aug-defnode: daemon crash - 784647 Libguestfs uses deprecated net-tools - 769304 virt-resize on RHEL 6 kernel fails to re-read the partition table - 755729 Error message for resize2fs-M needs tweaking - 701814 virt-win-reg fails on a libvirt guest that has no defined disk format: "format parameter is empty or contains disallowed characters" - 679737 libguestfs: improve error message when zerofree is not available in the appliance - 635971 glob mkfs ext2 /dev/vd[b-t]1 does not expand
These release notes only cover the differences from the previous stable/dev branch split (1.14.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.
libguestfs
- allow XFS filesystems to be created over an existing filesystem
(Wanlong Gao)
- the (unspecified) default alignment for part-disk has been
changed to 64K for better support of high-end network-attached
storage
- new guestfs-testing(1) man page
- list-filesystems returns MD devices containing filesystems
(Matthew Booth)
- support for GCC >= 4.7 (Jim Meyering)
- check user does not add the same drive twice (Wanlong Gao).
language bindings
- Experimental GObject bindings, with support for GObject
Introspection. You can now use libguestfs from Javascript.
Please note these are not stable and final in this release.
(Matthew Booth).
- support for Ruby >= 1.9
- Ruby bindings can be disabled individually (Hilko Bengen)
- support for Python 2.6, 3.x (Richard Jones, Hilko Bengen)
- support for PHP >= 5.4
- new %guestfs_introspection hash is available in Perl bindings so
you can query which optional arguments are available
inspection
- guests with MD devices can be inspected (Matthew Booth) - support for GNU/Hurd guests
guestfish
- libguestfs events (such as progress bar events and log messages) can
be trapped and processed by user-defined shell scripts.
- MD devices are tab-completed (Matthew Booth)
virt tools
- New tool virt-format for erasing and making blank disks
- virt-sparsify new --compress and -o options to allow for compressed
and different format output
- virt-sparsify can now detect and sparsify .vdi files
- virt-sysprep no longer requires xmlstarlet; a new virt-inspector --xpath
option has been added to replace this functionality
- virt-rescue has a new --suggest option which suggests mount commands
for the guest
- virt-resize no longer requires OCaml pcre library
libguestfs live
- daemon will no longer try to edit your live /etc/lvm configuration - fix a potential security problem with predictable /tmp names (Steve Kemp)
CVE-2011-4127, RHBZ#757071 Mitigate possible privilege escalation via SG_IO ioctl For more information, see: https://github.com/libguestfs/libguestfs/commit/9a5f784d511a8f00a8386f316eab41fe660430db
blkid: print all attributes of a device known to blkid (Wanlong Gao) e2fsck: access to more features of e2fsck (Wanlong Gao) list-md-devices: list of Linux MD devices (Matthew Booth) md-create: create an MD device md-detail: returns metadata for an MD device (Matthew Booth) md-stop: stop an MD device (Wanlong Gao) tune2fs: allow ext2/3/4 filesystems to be tuned
Git hosting has moved to http://github.com/libguestfs The various test directories have been rearranged logically, and now all appear under 'tests/'. There is a 'make extra-tests' rule which runs ordinary tests and additional tests, using valgrind to check for memory problems. Multiple memory leaks and other problems found by valgrind and fixed. Support for optional arguments in the generator has been rewritten to provide more features and safety (Matthew Booth). With gcc -fvisibility=hidden is used for internal symbols, avoiding call indirection via the PLT. RHashtable functions can be tested in the generator. ADD_ARG macro in daemon allows arg lists to be constructed without risk of stack smashing. Fix generation of OCaml functions that have more than 10 arguments. psmisc has been added to the appliance, allowing use of 'fuser', 'killall' and 'pstree' for debugging. bindtests now cover RBufferOut and optional arguments (Matthew Booth).
- 769680 temporary directories created during appliance builds are not cleaned up on error - 761460 guestfs_utimens hangs on named pipes - 761451 guestfs_utimens cannot set times on a directory - 760775 "guestfish: multi-boot operating systems are not supported by the -i option" should be more explanatory - 760669 guestfish copy-in and <! (inline execution) don't mix well: pclose: No child processes - 760000 libguestfs fails to compile with Ruby >= 1.9 - 755729 Error message for resize2fs-M needs tweaking - 750889 Python code incompatible with Python v3. - 596761 Ctrl-\ causes guestfish to abort
These release notes only cover the differences from the previous stable/dev branch split (1.12.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.
Erlang bindings. virt-alignment-scan is a new tool to check the alignment of partitions within virtual machines or disk images. virt-sparsify is a new tool to make virtual machine disk images sparse. virt-sysprep is a new tool to make cloning guests from a template simpler.
guestfish
- New commands setenv, unsetenv, to set environment variables.
- The input file and line number is printed in error messages.
- guestfish progress bars are now a "mini-library" used by other
tools too.
guestmount
- the --live option (for access to live VMs) now works.
virt-cat
- virt-cat can now handle Windows paths and drive letters (RHBZ#693359).
virt-filesystems
- the MBR partition type byte is displayed in --long output.
virt-make-fs
- virt-make-fs now sets the MBR partition type byte correctly,
improving compatibility with Windows (RHBZ#746295).
virt-resize
- virt-resize can now work with guests using extended and logical
partitions, in particular Ubuntu guests.
- virt-resize can now align the first partition of Windows guests,
improving performance. The new virt-resize --align-first option
controls this behaviour.
- The virt-resize --machine-readable flag makes it possible to use
virt-resize from other programs.
- Partitions are now aligned to 128 sectors (usually 64K) by
default. This improves efficiency on high-end storage. The new
virt-resize --alignment option allows the alignment to be
adjusted.
virt-win-reg
- The syntax for deleting registry keys and values is documented
in the man page (RHBZ#737944).
library
- non-printing characters are escaped correctly in debug output.
- GUESTFS_EVENT_ENTER is a new event type generated whenever a
libguestfs function is called.
- the library contains systemtap/DTrace probes.
- the library can now be compiled without hivex (RHBZ#723474).
inspection
- Improve detection of Windows disks.
- Adds support for:
ttylinux - a minimal Linux
Mageia (thanks Michael Scherer)
OpenSUSE and zypper (thanks Michael Scherer, Vincent Untz)
Ubuntu logos (thanks Michael Scherer)
NetBSD and pkgsrc (thanks Michael Scherer)
- Handle some guest types that use /dev/root in /etc/fstab.
- Fix handling of guests with > 26 disks (thanks Matthew Booth)
- Add support for guests with HP Smart Array disks (thanks Matthew Booth)
febootstrap
- FEBOOTSTRAP_KERNEL, FEBOOTSTRAP_MODULES environment variables can
be set in order to choose which kernel to use for the appliance.
misc
- ArchLinux support now working with Linux 3.0 (thanks Erik Nolte)
- libvirt disks marked <readonly/> are now added readonly when
using the virt-tools '-d' option.
(no security problems were found or fixed in this release)
compress-out, compress-device-out, copy-device-to-device, copy-device-to-file, copy-file-to-device, copy-file-to-file, get-smp, part-to-partnum, set-smp. The mount API no longer implicitly adds -o sync,noatime options. add-domain has a new 'readonlydisk' optional parameter to control how <readonly/> disks are handled.
- Coverity was run on the source and more bugs were identified and fixed. - PCRE library is now required to build libguestfs. - APIC is now the default for the appliance. You can also enable SMP support in the appliance. - OCaml bindings now correctly acquire GC lock during callbacks. - Out of tree builds should now work correctly (thanks Hilko Bengen). - ./configure --with-extra="..." can be used by packagers to set the extra version string. - zero, zero-device APIs: if the blocks already contain zeroes, don't write zeroes, so that we don't unnecessarily make the underlying storage non-sparse. - is-zero, is-zero-device APIs: optimize these so zero detection is faster.
- 748266 libguestfs should detect versions of qemu which require -machine pc option - 747290 libguestfs ignores <readonly/> in libvirt XML - 747287 Misleading error message when permission denied opening a disk image - 746295 virt-make-fs doesn't set partition ID - 744795 guestmount --live is not usable - 737944 virt-win-reg hyphen (delete key) syntax may be wrong, and is not documented - 733297 ruby event handlers fail with "exception in callback: wrong argument type Proc (expected Data)" - 731744 libguestfs should escape special/non-printing characters in debug output - 729887 appliance crashes running aug_init with flags=4 - 729075 libguestfs confuses Hp_recovery partition with Windows root filesystem - 727178 error: luks_open: cryptsetup: error while loading shared libraries: libfipscheck.so.1: cannot open shared object file: No such file or directory - 726739 libguestfs: error: aug_get: no matching node, trying to find hostname - 723474 If hivex and/or pcre not installed, libguestfs fails to compile - 693359 virt-cat and virt-edit don't handle case sensitive NTFS paths properly - 678231 virt-inspector reports unknown filesystem UUID - 671082 libguestfs does not work with kernel-rt - 666578 libguestfs: unknown filesystem label SWAP-sda2 - 642821 virt-resize falls over on a disk image with a logical swap partition
These release notes only cover the differences from the previous stable/dev branch split (1.10.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.
guestfish
- guestfish strings can use escapes,
eg. ><fs> write /foo "line 1\nline 2\n"
- guestfish write-append command can be used to append to files.
- Long-running file uploads and downloads can be cancelled through the
API or by hitting ^C in guestfish.
- New guestfish "display" command for displaying graphical files
inside guests.
- In guestfish, tab completion now works on /dev/mapper devices.
virt-inspector
- Inspection API can get an icon or logo for certain guests.
- virt-inspector includes the logo and hostname for certain guests.
- virt-inspector can now get the version and release numbers for RPM
packages.
- CentOS and Scientific Linux are now treated as separate distros by
the inspection API.
virt-resize
- virt-resize can now handle btrfs.
- New virt-resize --ntfsresize-force option allows Windows VMs to be
resized multiple times.
other virt tools
- guestfish, guestmount, virt-cat, virt-df, virt-edit, virt-filesystems,
virt-inspector, virt-ls and virt-rescue now allow you to use
"-d UUID" option to specify a guest by UUID. This makes them more
robust to use from other programs.
- virt-ls -lR option allows complex file iteration and guest analysis.
- virt-win-reg supports HKEY_USERS\<SID> and HKEY_USERS\<username>.
- virt-win-reg new option --unsafe-printable-strings allows printable
strings to be displayed in the output (unsafely: read the documentation
before using).
- virt-edit has been rewritten in C.
API and language bindings
- Java is now completely supported.
See http://libguestfs.org/guestfs-java.3.html
- JRuby is supported via the Java bindings.
- guestfs_close now appears in trace messages.
- Python binding adds explicit g.close() method.
- Python programs can now use the new event API.
- Python GIL is released during libguestfs calls, allowing multithreaded
Python programs to work properly.
- 9pfs (Plan 9 filesystems exported from the host) are now supported.
- Add -DGUESTFS_WARN_DEPRECATED=1 to warn about use of deprecated API
functions in C programs.
- New manual page guestfs-recipes(1) with recipes.
- mkfs-opts can now set inode size and sector size on created filesystems
(thanks Nikita Menkovich).
- guestfs_last_errno is now accessible from OCaml (as g#last_errno ()).
- optargs_bitmask is checked even for calls that have no optional arguments. This closes a possible exploit in the daemon from untrusted callers.
btrfs-filesystem-resize, get-pgroup, inspect-get-icon, is-zero, is-zero-device, list-9p, list-dm-devices, mount-9p, ntfsresize-opts, set-pgroup, write-append
- Coverity (a static analysis tool) was run across the codebase and many fixes were made. - Generator can handle functions that return RBufferOut and have optional arguments. - Compatible with Perl 5.14. - Compatible with gcc 4.6. - Perform safety checks on QEMU. - C API tests can now fully test calls that have optional arguments. - Use ./configure --enable-install-daemon to install /usr/sbin/guestfsd. - po-docs directory now covers all man pages. - stderr from qemu process is now captured by the event subsystem.
- 602997 part-get-bootable gives wrong result with an unordered part layout - 661280 virt-rescue: panic when shutting down: "/sbin/reboot: No such file or directory" - 700369 qemu-system-x86_64 says 'KVM not supported for this target' - 705200 guestmount attempt results in access denied - 714981 'list-filesystems' does not know about virtio 9p filesystems or detect existing mounts - 717786 libguestfs python bindings should have an explicit close call - 721275 virt-resize in F16 should support btrfs
These release notes only cover the differences from the previous stable/dev branch split (1.8.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.
- libguestfs and tools can be used against live virtual machines. See the 'guestfish --live' and 'guestmount --live' options, and (for the low-level interface) the new APIs set-attach-method and get-attach-method. - New virt tools: virt-copy-in, virt-copy-out, virt-tar-in, virt-tar-out. - libguestfs can get the drive letter mappings for Windows guests. - virt-inspector displays drive letter mappings for Windows guests. - Drive letters can now be used in virt-edit and guestfish programs when operating on Windows guests. - virt-resize now works on 32 bit hosts. - You can now inspect the install disks and live CDs of many different operating systems. - guestfish <! cmd which executes a shell cmd and inlines the result. - guestfish, guestmount, virt-rescue now all support --ro and --rw options, and the default for this can be chosen via a configuration file (/etc/libguestfs-tools.conf). - New event API allows more than one callback to be registered for each event, makes it possible to call the API from other languages, and allows nearly all log, debug and trace messages to be rerouted from stderr. - Greater FHS compliance for temporary files, including using /var/tmp for large cached files that should survive reboot (instead of /tmp). - guestfish, guestmount -m option allows mount options to be passed through to the underlying filesystem. - mkfs-opts allows filesystem features to be specified. - More intelligent handling of mountpoints, allowing mkmountpoint, mount and umount-all commands to work together properly. - Trace messages are prefixed with a distinct string, allowing them to be easily 'grepped' out from debug output. - guestfs_launch (guestfish 'run' command) now produces progress messages (a guestfish progress bar) if it takes longer than 5 seconds to run. - Several long-running commands where we are unable to estimate time to completion generate "pulse mode" progress events. Progress bar in guestfish has been updated to display these. - Publish new example code in: C, Perl, Python, OCaml, Ruby. - New virt-dhcp-address example program. - The Java and Ruby bindings have been improved greatly. - Perl includes a way to get the errno of the last error. - Python bindings now compatible with rpyc (thanks Erez Shinan). - Transifex is now being used to manage translations. http://www.transifex.net/projects/p/libguestfs/ - Inspection now supports Red Hat Desktop, Slackware distributions. - Inspection no longer fails for Windows guests that have two or more disks. - Inspection can now tell the difference between Windows 2008 Server and Windows 7. - Inspection can detect 32 bit applications installed in 64 bit Windows, running on the WOW64 emulator. - A series of protocol fixes has fixed the old bug RHBZ#576879 which used to cause errors during the upload command to lose protocol synchronization. - New logo!
[none]
first-private, get-attach-method, inspect-get-drive-mappings, inspect-get-product-variant, inspect-get-windows-current-control-set, next-private, resize2fs-M, set-attach-method.
- The 'HACKING' file is obsolete. The contents have been moved into a section of the guestfs(3) manual page. - libguestfs-test-tool simplified. It no longer needs the static binary or tries to construct an ISO. - rpcgen-generated files are compiled with -fno-strict-aliasing which should be safer (thanks Matt Booth). - virt-resize was rewritten in OCaml. - guestfish and other tools tested with valgrind; some memory leaks were fixed.
- 502533 Updated Polish translation of libguestfs - 576879 libguestfs protocol loses synchronization if you 'upload' before mounting disks - 599503 document that mkmountpoint and umount-all cannot be mixed - 617440 guestfish: fails to tilde expand '~' when the $HOME env is unset - 664558 RFE: Allow to set log callback in Ruby bindings - 665358 Punjabi Translation Completed (pa_IN) - 666577 libguestfs: unknown filesystem /dev/fd0 - 667610 Multiple bugs, memory leaks in libguestfs ruby bindings - 668112 virt-filesystems command fails on guest with corrupt filesystem label - 668574 guestfish -i is trying to mount all mounts from /etc/fstab and fails with an error when device doesn't exists - 673479 Add a grep-friendly string to LIBGUESTFS_TRACE output - 674130 Inspection code fails for Windows guest with two disks - 682756 libguestfs trace segfaults when list-filesystems returns error - 682979 libguestfs incorrectly detects Red Hat desktop as 'redhat-based' instead of 'redhat' - 690819 mkfs fails creating a filesystem on a disk device when using a disk with 'ide' interface - 691389 Extended attributes don't work over guestmount (FUSE) - 691724 virt-inspector reports unknown filesystem /dev/vda1 - 692545 inspect-list-applications fails to detect 32 bit apps installed under WOW64 emulator on 64 bit Windows - 693324 sfdisk's python interface only accepts lists of type 'list' for the lines parameter
These release notes only cover the differences from the previous stable/dev branch split (1.6.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.
- Support and packages for Debian and Ubuntu.
- Daily builds from git repository on Debian and Ubuntu to reduce risk
of regressions.
- Port to ArchLinux 'pacman' (thanks Thomas S Hatch).
- The following tools have been rewritten in C (originally in Perl):
. virt-cat
. virt-df
. virt-inspector
. virt-ls
. virt-rescue
- Some C tools support encrypted guests automatically. This is
supported in: guestfish, guestmount, virt-cat, virt-inspector,
virt-ls.
- New tool virt-filesystems (in C) which is a replacement for
virt-list-filesystems and virt-list-partitions, and has a superset
of the functionality of those tools.
- guestfish, guestmount and the C tools use unified command line option
parsing, so they support many common options such as '-a disk.img',
'-d libvirt-domain', '-x', '-v'. The old command line option
parsing is preserved for compatibility in scripts etc.
- guestfish no longer has any dependencies on Perl
- New man pages containing programming examples: guestfs-examples(3) (C/C++),
guestfs-ocaml(3), guestfs-python(3), guestfs-ruby(3).
- Trace mode prints return values from API functions.
- virt-inspector can list applications installed in Windows guests, along
with a great deal of information about those applications.
- Add support for inspecting: Linux Mint, Mandriva, FreeBSD.
- guestfish --rw option (with no effect currently) to make potentially
dangerous write access explicit.
- guestfish --listen --csh for compatibility with csh, tcsh (thanks
Eric Blake).
- The first upstream version that introduced each API function is now
documented in guestfs(3).
- guestfs_last_errno allows you to retrieve the errno from the
daemon, correctly translated to the local operating system.
- Functions can now have optional parameters.
- Progress bars and progress notifications can now happen for upload
commands.
- Appliance builder more careful about not leaving temporary files
around in /tmp.
- getfattr/setfattr commands added to virt-rescue.
- ROADMAP file covers roadmap and goals for future releases.
- New SECURITY section in guestfs(3) API documentation. - virt-inspector no longer runs any guest commands. - Inspection code is more careful about avoiding very large files from guests which might previously have caused a denial of service. - FUSE calls into guestmount are now traced when using guestmount -x.
- add-domain - add-drive-opts - getxattr - inspect-get-hostname - inspect-get-package-format - inspect-get-package-management - inspect-get-roots - inspect-list-applications - lgetxattr - mkfs-opts
- C programs now only link precisely with the libraries that they use. - PCRE, libmagic, hivex and libvirt libraries are now completely optional for building. - Multiple memory leaks and file descriptor leaks fixed. - Add a POD wrapper to unify generation of man pages and HTML files across all programs. - Source includes phony images of Fedora, Debian, Ubuntu and Windows guests. - Ruby bindings have 'make install' rule. - <guestfs.h> is now a single file. - <guestfs.h> does not require XDR headers. - ocaml xml-light library is no longer required to build (thanks Maxim Koltsov). - ./configure --disable-[...] for each language binding (thanks Maxim Koltsov). - Old ocaml-viewer program removed (use guestfs-browser instead). - New C API test type 'InitScratchFS' makes the tests run a little more quickly. - Excluded packages in the appliance are now listed in a separate file appliance/excludelist.in, and can be customized per-distro.
- 663407 readlink and readlinklist returns /sysroot/ in some paths - 661280 virt-rescue: panic when shutting down: "/sbin/reboot: No such file or directory" - 657499 checksum: wrong check sum type causes umount to fail - 655554 Whole disk paths are not made canonical by virt-inspector - 654638 openssl updated to 1.0.0b libguestfs depends on exact file names - 652796 ruby bindings not installed by 'make install', hence omitted from the binary distribution
These release notes only cover the differences from the previous stable/dev branch split (1.4.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.
- Use a new method for creating and caching the appliance. This
greatly improves the performance of libguestfs, often by a factor
of x 4 to x 5.
- Support for guest inspection (like virt-inspector) via the ordinary
API and all language bindings. 'guestfish -i' option is as a side-
effect much quicker.
- virt-inspector and core inspection API can now detect guests running:
Fedora, Debian, Ubuntu, Windows, Red Hat Enterprise Linux, CentOS,
Scientific Linux, Gentoo, Pardus, Arch Linux, MeeGo.
- Support for LUKS whole-disk encryption in guests.
- PHP バインディング。
- Progress messages (and progress bars in guestfish and virt-resize)
for certain long-running operations.
- virt-df is now much more efficient. Use '--one-per-guest' to restore
the old per-guest isolation behaviour.
- guestfish 'copy-in' and 'copy-out' commands for copying files and
directories recursively in and out of the guest.
- guestfish 'hexedit' command for doing binary edits to devices and
files.
- Change guestfish -i syntax to allow commands to be specified on the
command line (retaining backwards compatibility).
- guestfish '-d <domain>' for adding disks from libvirt domains.
- guestfish '-N' option supports several new prepared disk image types:
lvfs : disk with LV formatted with filesystem
lv : disk with LV
bootroot : boot+root
bootrootlv : boot and root on LV
- guestfish 'more' and 'edit' commands now work with arbitrary files.
- guestfish '--echo-keys' option allows you to echo keys/passphrases
while typing them.
- guestmount now supports -a / -d / -i options, like guestfish.
- Use virtio-serial for communications with the appliance. This
also has a major performance benefit.
- virt-edit '-b' option to create a backup of edited files.
- virt-edit '-e' option for non-interactive edits to files.
- Ability to capture core dumps from the appliance (thanks Matthew Booth).
- virt-rescue now shuts down cleanly (thanks Matthew Booth).
- virt-rescue now has a --network option to enable network access.
- virt-resize can now handle guests which use GPT partition table format.
- virt-resize has better support for shrinking guests.
- virt-resize supports qcow2-format guests.
- $TMPDIR can be used to override almost all temporary directory usage.
- OCaml users can use an alternate OO-style of coding, eg. g#launch ()
- The API supports calls which take optional parameters, eg.
$g->add_drive_opts ("disk", readonly => 1);
- Trace output now escapes and shortens large strings (thanks
Matthew Booth).
- Autosync is now on by default, resulting in more reliable behaviour
when the handle is closed.
- virt-df --uuid option allows you to follow a domain across migration
and renaming.
- Translations of manual pages.
- CVE-2010-3851 libguestfs: missing disk format specifier when adding a disk https://www.redhat.com/archives/libguestfs/2010-October/msg00036.html This is comprehensively fixed in this release, and the fix will be backported to the other stable branches after more testing. - virt-inspector no longer relies on untrusted guest code to list applications in some guests.
download-offset, file-architecture, findfs-label, findfs-uuid, inspect-os, inspect-get-arch, inspect-get-distro, inspect-get-filesystems, inspect-get-major-version, inspect-get-minor-version, inspect-get-mountpoints, inspect-get-product-name, inspect-get-type, is-blockdev, is-chardev, is-fifo, is-lv, is-socket, is-symlink, list-filesystems, luks-add-key, luks-close, luks-format, luks-format-cipher, luks-kill-slot, luks-open, luks-open-ro, lvm-clear-filter, lvm-canonical-lv-name, lvm-set-filter, part-to-dev, pread-device, pwrite-device, upload-offset
- Use size_t for loop iterators.
- Refactor the library code into separate files.
- Refactor the generator code into separate files.
- Generate guestfish commands.
- guestfish & guestmount options processing is unified.
- Protocol changes:
error message size increased to 64K
send errno to library
- Add 'make bindist' to make a binary distribution.
- Cleaner behaviour under valgrind.
- More testing of the guestfish command line options and libvirt
integration.
- The Perl inspection code is no longer used by any of the tools.
- 646822 libguestfs trace mode should not print long binary strings - 646821 virt-df should have --uuid option - 646432 /dev/mapper paths should not be returned from guestfs_mountpoints - 643624 libguestfs tools documentation should describe how to quote guest domain names from shell - 642934 No way to specify disk format when adding a disk to libguestfs - 642933 guestfs_list_filesystems should be used in all possible places - 642932 guestmount options should match guestfish options - 642930 virt-inspector (Sys::Guestfs::Lib) should use C inspection APIs - 642929 C inspection code should ignore /dev/fd* in /etc/fstab - 642826 virt-resize converts any other image format to raw without notifying user, instructions do not account for this - 640961 Document that grub-install might be needed for old Linux guests after virt-resize - 639986 virt-df --csv does not properly quote " in libvirt domain names - 639405 Interrupted cached appliance creation leaves libguestfs unusable - 638901 Appliance filename should not contain repository name - 638899 /dev/mapper paths should not be returned from C inspection APIs - 636918 Updates to Spanish translation - 636061 [abrt] guestfish-1.2.11-1.fc12: malloc_consolidate: Process /usr/bin/guestfish was killed by signal 11 (SIGSEGV) - 635969 glob echo mkfs ext2 /dev/vd[b-t]1 prints garbage - 634246 guestfs_part_get_parttype returns "loop" when run against a partition, LV or filesystem - 633766 virt-resize --shrink fails - 633357 Updates to Spanish translation - 633096 virt-resize calculates block device size incorrectly, doesn't work with qcow2 target - 629593 Dutch translation added - 627556 Updates to Spanish translations of libguestfs - 626843 Updates to Spanish translations - 619793 [RFE] Need a way to determine if a particular block device is a logical volume - 618556 virt-rescue return none zero value when exit - 617200 mount operation failed and hung on some images which running in read-only mode - 610880 libguestfs should set broader read perms on tmpdir, so works in some situations when executed with umask 077 - 599503 document that mkmountpoint and umount-all cannot be mixed - 571714 Running virt-df on disk image relabels it, so qemu can no longer write to it. - 502533 Updated Polish translation of libguestfs
These release notes only cover the differences from the previous stable/dev branch split (1.2.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.
- guestfish lets you choose a prepared disk image, eg:
guestfish -N fs:ext4
- Add write support to guestmount (FUSE) module.
- virt-resize can now resize the content of partitions and logical
volumes in the guest, and we have better support for shrinking guests.
- Bash tab-completion script for guestfish.
- Add ZFS support to virt-rescue.
- New tool 'virt-make-fs' for creating filesystems with content.
- Allow suffixes on any guestfish number parameter, eg. "1M".
- guestfish 'man' command opens the manual page.
- guestfish supports a "heredoc" syntax for uploading files:
upload -<<_end_ /foo
content
_end_
- Some guestfish commands now print their output in octal or hex
where appropriate (RHBZ#583242).
- Allow dash prefix on guestfish command line. This ignores any
error from the second command: (RHBZ#578407)
guestfish -- cmd1 : -cmd2 : cmd3
- guestfish -h / help command now returns an error for non-existent
commands (RHBZ#597145).
- New 'supported' command in guestfish to list optional groups of
commands which are supported by the daemon / configuration.
- virt-inspector and guestfish -i now work for filenames which
contain spaces (RHBZ#507810).
- Change the protocol to use link-local addresses, to avoid
conflicting with any address that the host might be using
(RHBZ#588763).
- libguestfs now sets the correct time and timezone on filesystem
modifications.
- Sort the domains into alphabetical order in virt-df.
- Make mkfs-b command work for FAT and NTFS by mapping the blocksize
parameter to the cluster size (RHBZ#599464).
- Add version numbers to Perl modules (RHBZ#521674).
- Localization now works for all the libguestfs tools (RHBZ#559963).
- Tools now support filesystem-on-image VMs (RHBZ#590167).
- virt-list-partitions has a '-t' option to show the total size of disks.
- Include extra Augeas lenses in the supermin appliance (Matthew Booth).
- Add error and close callbacks.
- Add explicit close method in the Perl API.
- Multiple fixes for RHEL 5 compatibility.
- Multiple fixes for Debian/Ubuntu compatibility.
- Multiple revisions to improve the documentation.
- Fix a potential DoS in virt-inspector and virt-v2v if a specially crafted disk image contained a char device in place of one of the configuration files that we read under /etc (RHBZ#582484).
- aug-clear - clear Augeas path - available-all-groups - return a list of all optional groups - base64-in - upload base64-encoded data to file - base64-out - download file and encode as base64 - checksum-device - compute checksums on the contents of a device - checksums-out - compute checksums of multiple files in a directory - debug-upload - upload a file to the appliance - fallocate64 - preallocate a file in the guest filesystem - fill-pattern - fill a file with a repeating pattern of bytes - get-umask - get the current umask - lvresize-free - expand an LV to fill free space - ntfsresize - resize an NTFS filesystem - ntfsresize-size - resize an NTFS filesystem (with size) - part-del - delete a partition - part-get-bootable - get the bootable flag of a partition - part-get-mbr-id - get the MBR type byte of a partition - part-set-mbr-id - set the MBR type byte of a partition - pvresize-size - resize a physical volume (with size) - pwrite - write to part of a file - resize2fs-size - resize an ext2/3/4 filesystem (with size) - txz-in - unpack compressed tarball to directory (RHBZ#580556) - txz-out - pack directory into compressed tarball (RHBZ#580556) - vfs-label - get the filesystem label - vfs-uuid - get the filesystem UUID - vgscan - rescan for LVM physical volumes, volume groups and logical volumes - write - create a new file - zero-device - write zeroes to an entire device
- Extend the generator to support testing optional features. - Stricter checks on input parameters to many calls (RHBZ#501893 RHBZ#501894) - Extend the protocol to support sending arbitrary 8 bit data buffers. - Ship 'BUGS' file with releases. This is a summary of the bugs in the Red Hat Bugzilla database. - Ship 'RELEASE-NOTES' file with releases, containing release notes. - Unify supermin appliance building into one place, in febootstrap 2.7. - Fix the protocol code to handle the case where both ends send cancel messages at the same time.
- 612178 guestfish: using -m option in conjunction with --listen option causes appliance to die - 610880 libguestfs should set broader read perms on tmpdir, so works in some situations when executed with umask 077 - 604691 OCaml bindings are not thread safe - 603870 Updates to Spanish translation - 602592 [RFE] expose guestfs_close in perl bindings - 600977 virt-df -h --csv "Argument .. isn't numeric in printf" - 599464 mkfs-b does not support vfat/ntfs - 598807 add_cdrom does not work in RHEL 6 - 598309 part-list and several other cmd failed on libguestfs on RHEL5 - 597145 guestfish 'help' command should indicate error in exit status with an unknown command - 597135 guestfish write-file cmd does not check "size" parameter - 597118 A warning should be given in the help of mke2journal-L for the length of label - 597112 get-e2uuid should use blkid instead of "tune2fs -l" to get filesystem UUID - 596776 virt-inspector doesn't discover modprobe aliases on RHEL 3 guests - 596763 Updates to Spanish translation - 593292 Updates to Spanish translation - 592883 can not edit files on images mounted with guestmount cmd - 592360 Updates to Spanish translation - 591250 virt-tar prints "tar_in: tar subcommand failed on directory" if the archive is compressed or not in the right format - 591155 virt-tar prints "tar_in: tar subcommand failed on directory" if a disk image is not writable - 591142 virt-inspector should give an error for unrecognized disk images - 590167 virt-inspector and other virt tools should be able to handle filesystem-on-image VMs - 589039 guestfish read-file cmd will cause daemon hang when read large files - 588851 guestfs_launch() returns -1, but guestfs_last_error() == NULL - 588763 libguestfs should use non-public or link-local addresses for appliance network - 588733 Updates to Spanish translation - 588651 guestfish 'strings-e' cmd does not give proper error message or hint - 587484 lvresize can't reduce size of a volumn - 585961 Updates to Spanish translation - 585223 ntfsresize should support shrinking filesystems - 585222 pvresize should support shrinking PVs - 585221 resize2fs should support shrinking filesystems - 584038 Updates to Spanish translation - 583554 [FEAT] mknod-mode command is needed to set mode explicitly - 583242 [RFE] guestfish should print outputs in a suitable base (eg. octal for modes) - 582993 guestfish eats words when tab completing case (in)sensitive paths - 582953 Misleading help information about lvcreate command - 582948 mknod command doesn't make block, character or FIFO devices - 582929 mknod doesn't check for invalid mode - 582901 guestfish chmod/umask commands do not check invalid mode value - 582899 guestfish:sparse is missed from command autocomplete list - 582891 [Feature Request] behavior and return value of guestfish umask cmd should be changed - 582548 [mknod] umask shouldn't take effect when mode is set explicitly - 582484 some guestfish sub commands can not handle special files properly - 582252 Updates to Spanish translation - 581501 Updates to Spanish translation - 580650 virt-inspector warns "No grub default specified at /usr/lib/perl5/Sys/Guestfs/Lib.pm at [...]" - 580556 request for libguestfs to support .txz tarballs - 580246 tar-in command hangs if uploading more than available space - 580016 aug-ls in guestfish does not take augeas variable as argument - 579664 guestfish doesn't report error when there is not enough space for image allocation - 579608 multiple commands in guestfish can not work for symbol links - 579155 libguestfs hangs if qemu doesn't start (in null vmchannel mode) - 578407 the prefix '-' in sub-command isn't handled by guestfish in remote control mode - 576879 libguestfs protocol loses synchronization if you 'upload' before mounting disks - 559963 libguestfs Perl programs do set locale, but still localization doesn't work - 521674 Perl modules are unversioned, but should carry version numbers - 516096 Race condition in test_swapon_label_0: /sbin/blockdev: BLKRRPART: Device or resource busy - 507810 guestfish -i / virt-inspector cannot handle spaces in filenames - 502533 Updated Polish translation of libguestfs - 501894 Some String parameters should be OptString - 501893 String parameters should be checked for != NULL - 501889 write-file does not support strings containing ASCII NUL - 484986 grub-install fails on virtio disk
2010 年より前は、公式なリリースノートまたは形式化されたバージョン管理システムがありませんでした。ただ、これらはこれまでの重要なバージョンへのリンクです。
guestfs-examples(1), guestfs-faq(1), guestfs-performance(1), guestfs-recipes(1), guestfs-testing(1), guestfs(3), guestfish(1), http://libguestfs.org/
Richard W.M. Jones
Copyright (C) 2009-2019 Red Hat Inc.
To get a list of bugs against libguestfs, use this link: https://bugzilla.redhat.com/buglist.cgi?component=libguestfs&product=Virtualization+Tools
To report a new bug against libguestfs, use this link: https://bugzilla.redhat.com/enter_bug.cgi?component=libguestfs&product=Virtualization+Tools
When reporting a bug, please supply:
| 2019-02-07 | libguestfs-1.40.2 |