Release Notes for Libguestfs 1.30
These release notes only cover the differences from the previous stable/dev branch split (1.28.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.
virt-dib(1) is a secure and safe alternative to the OpenStack “diskimage-builder” tool. It is compatible with diskimage-builder elements. (Pino Toscano)
virt-get-kernel(1) extracts the kernel and ramdisk from a disk image. Previously this functionality was part of virt-builder(1), but the new tool is more featureful. (Pino Toscano)
New features in existing tools
virt-v2v(1) -i ova mode can now read a wider range of OVA files, and also unpacked files (directories).
virt-v2v now securely passes options to curl, so passwords, cookies and so on cannot be seen by users with shell access on the same machine.
virt-v2v has a new --password-file option to allow you to securely pass in a password, and to avoid an interactive prompt.
virt-v2v disables Windows autoreboot, making debugging conversion failures on Windows easier.
virt-v2v now comes with an extensive external test suite. See virt-v2v-test-harness(1).
virt-v2v allows virtio drivers to come from any location (Roman Kagan), and drivers can be read directly from the virtio ISO.
virt-v2v supports conversion of Windows ≥ 8. Note this is experimental, and possibly broken. Use with caution.
virt-v2v can now convert UEFI guests.
virt-p2v(1) adds a network configuration dialog.
virt-p2v now has
p2v.fail triggers, allowing arbitrary scripts for preparing the host for conversion and tidying up post-conversion.
virt-p2v now uses the more advanced metacity window manager (instead of matchbox).
virt-sysprep(1) will remove
/var/spool/mail/username for non-root accounts (Hu Tao).
virt-customize(1), virt-builder(1) and virt-sysprep have the following new options:
allow long lists of commands to be read from a file instead of from the command line (Pino Toscano)
copy files inside the guest (Maros Zatko)
copy host files recursively into the guest (Pino Toscano)
move files inside the guest (Maros Zatko)
inject SSH keys into a guest (Pino Toscano)
register and unregister a guest from subscription-manager (Pino Toscano)
touch a file in the guest (Pino Toscano)
truncate files (Maros Zatko)
Improvements to virt-customize firstboot support. In particular, Windows firstboot should work as well as Linux (Roman Kagan).
virt-df(1) can now use PolicyKit, SASL and other authentication methods when getting the list of domains from libvirt.
Improvements to guestfish bash completion (Pino Toscano).
Bash completion now completes short options as well as long options (Pino Toscano).
guestfish(1) now displays a command synopsis if the number of parameters given to a command is wrong (Hu Tao).
virt-builder now supports Red Hat Enterprise Linux versions back to RHEL 3.
virt-builder supports SUSE guests using zypper (Cédric Bosdonnat).
The Java bindings now include validated Javadoc, and other improvements (Pino Toscano).
Multiple fixes and improvements to the PHP bindings (Pino Toscano).
Inspection can now get icons from RHEL 7 and CentOS 7.
/etc/favicon.png is now allowed to be a symbolic link.
For RPM-based guests, inspection now returns RPM Epoch fields.
Debian packages now have separate Epoch and Version fields (Nikos Skalkotos).
OpenBSD detection added, FreeBSD and NetBSD added as separate “distros”, and other BSD inspection improvements and bug fixes (Nikos Skalkotos).
CoreOS detection added (Nikos Skalkotos).
The package manager in Fedora ≥ 22 is
ReactOS guests can be inspected (Maros Zatko).
Add support for UEFI guests.
Inspection now works when kernel modules are gzip or xz compressed (Pino Toscano).
Inspection now recognizes ppc64 and ppc64le guests (Maros Zatko).
Inspection lists the installed applications on Archlinux guests (Nikos Skalkotos).
Architectures and platforms
PPC64 (POWER7) and PPC64LE (POWER8) architectures are now much better supported, and should work out of the box.
For aarch64, we use AAVMF (an open source UEFI implementation based on OVMF) if available to run the appliance.
For armv7, we now use the -M virt machine type by default.
There is better support for compiling on non-Linux platforms (Pino Toscano, Margaret Lewicka).
Libguestfs should now work on MIPS 32 bit little endian (“mipsel”). I have not been able to try 64 bit or big endian.
Libguestfs previously ran the strings(1) utility on untrusted files. Strings could parse BFD headers in an unsafe way, leading to possible arbitrary code execution. Libguestfs now runs strings with a flag to ensure it does not try to parse BFD headers. This could have led to exploitation of the libguestfs appliance, but since libguestfs further constrains the appliance through virtualization, SELinux and other techniques, it was unlikely to have caused any privilege escalation on the host.
- XPath injection in virt-v2v
One possible XPath injection vulnerability was fixed in virt-v2v. This might have allowed a malicious guest which was being converted by virt-v2v to construct an arbitrary XPath expression which would have been evaluated on the host (by the libxml2 library linked to the virt-v2v binary). It is not clear what the effects of this might be.
For further information, see upstream commit https://github.com/libguestfs/libguestfs/commit/6c6ce85f94c36803fe2db35a98db436bff0c14b0
- Denial of service problems when using qemu-img info
When using the American Fuzzy Lop fuzzer (
afl-fuzz) on the
qemu-img infocommand, Richard W.M. Jones found that certain files can cause the
qemu-imgprogram to use lots of memory and time (for example 6GB of heap and 14 seconds of CPU time on a fast Intel processor), and in some cases to crash. Since libguestfs may run
qemu-img infoon disk images to find out what they contain, this transitively could cause libguestfs to hang or consume lots of memory.
Libguestfs was modified so that it uses resource limits to limit the space and time used by
qemu-img info, to avoid this problem. If a malicious user tries to pass one of these disk images to libguestfs,
qemu-imgwill crash and the crash is reported back to libguestfs callers as an error message.
This exposes a previously private API that allows you to pass a
virDomainPtrobject directly from libvirt to libguestfs.
Adjust readahead parameter for devices. See
Balance support for Btrfs filesystems (Hu Tao).
Filesystem defragmentation support for Btrfs filesystems (Hu Tao).
Create an image of a Btrfs filesystem (Chen Hanxiao)
Quote support for Btrfs filesystems (Hu Tao).
Scan and recover the chunk tree in Btrfs filesystems (Hu Tao).
Restore superblocks in Btrfs filesystems (Hu Tao).
Replace a device in a Btrfs filesystem (Cao Jin).
Scrub a Btrfs filesystem (Hu Tao).
Get the default subvolume of a Btrfs filesystem (Hu Tao).
List detailed information about the subvolume of a Btrfs filesystem (Hu Tao).
Various tuning parameters for Btrfs filesystems (Chen Hanxiao).
Return the C pointer to the underlying
guestfs_h *. This allows interworking of libguestfs bindings with bindings from other libraries. For further information see https://bugzilla.redhat.com/1075164
Flexible APIs for recursively copying directories of files between the host and guest filesystem. Previously these were available only as guestfish commands, but now any API users can call them (Pino Toscano).
Get and set the GPT per-partition GUID.
Get MBR partition type (Chen Hanxiao).
Set the UUID of a filesystem to a randomly generated value; supported filesystems currently are ext2/3/4, XFS, Btrfs, and swap partitions. (Chen Hanxiao).
Other API changes
guestfs_disk_create can now use VMDK files as backing files.
guestfs_btrfs_subvolume_snapshot takes extra optional parameters (all added by Hu Tao):
for creating a read-only Btrfs snapshot
for adding the snapshot to a qgroup
guestfs_btrfs_subvolume_create can also take the optional
qgroupid parameter (Hu Tao).
guestfs_set_uuid can set UUID of swap partitions, Btrfs (Hu Tao, Chen Hanxiao).
guestfs_copy_file_to_file have a new optional
append parameter, allowing you to append to the output file instead of truncating it.
guestfs_mkfs has a new optional
label parameter to set the initial label of the new filesystem (Pino Toscano).
guestfs_set_uuid now set
ENOTSUP as errno when there is no implemented support for the filesystem of the specified mountable (Chen Hanxiao).
Environment variables now let you write
LIBGUESTFS_DEBUG=0 and so on.
guestfs_sfdisk* APIs have been deprecated. Because sfdisk(8) was rewritten, incompatibly, upstream, we don't recommend using these APIs in future code. Use the
guestfs_part* APIs as replacements.
APIs such as
guestfs_download do not truncate /dev/stdout or /dev/stderr when writing to them, meaning that if you redirect stdout or stderr to a file, the file is no longer truncated.
The daemon no longer uses its own separate copy of gnulib. Instead it shares a single copy with the library.
OCaml .annot files are now created, so IDEs and editors like emacs and vi can browse OCaml types in the source code.
Various fixes to allow different host/appliance architecture builds (Pino Toscano).
Automake is now used directly to build all the OCaml programs, instead of ad hoc Makefile rules. One side effect of this is to enable warnings in all the C code used by OCaml programs.
-fno-strict-overflow is used throughout the build to avoid dubious GCC optimizations.
Multiple cleanups to support GCC 5.
OCaml OUnit2 is needed to run some OCaml tests.
Creating a statically linked libguestfs.a should work again.
The src/api-support subdirectory and its scripts are no longer used. Instead we store in the generator/actions.ml when the API was added to libguestfs.
The translation service has changed from Transifex to Zanata.
Many more translations are available now, for both library and tools messages and documentation.
In all OCaml tools, there are now common
info functions, and common way to set and get the --quiet, -x (trace) and -v (verbose) flags, and colour highlighting used consistently.
COMPILE_REGEXP macros are used to simplify PCRE constructors and destructors.
In the generator,
Pointer arguments have finally been implemented.
Internal identifiers no longer use double and triple underscores (eg.
guestfs___program_name). These identifiers are invalid for C99 and C++ programs, although compilers would accept them.
The daemon no longer parses
guestfs_* options from /proc/cmdline. Instead it only takes ordinary command line options. The appliance init script turns /proc/cmdline into daemon command line options.
The tests can now run the daemon as a “captive process”, allowing it to be run directly on the host. The main advantage of this is we can run valgrind directly on the daemon during testing.
virt-v2v error reporting when grub.conf cannot be parsed by Augeas
v2v:Duplicate disk target set when convert guest with cdrom attached
Virtio drivers are not installed for windows 2008 guests by virt-v2v
virt-v2v Support for Fedora virtio-win drivers
Virt-v2v gives an error on a blank disk: part_get_parttype: unknown signature, of the output: BYT;
virt-p2v in kernel command line mode should power off the machine after conversion
virt-p2v no GUI mode appends \n to the final command line parameter
virt-sysprep at cleanup deletes /var/spool/at/.SEQ which results in failing at
“Doing conversion……” still shows after cancel the conversion from virt-p2v client
Memory leak in virNetSocketNewConnectUNIX
virt-v2v: warning: unknown guest operating system: windows windows 6.3 when converting win8,win8.1,win2012,win2012R2 to rhev
virt tools should print the same format of version string
RFE: virt-builder --touch
virt-builder --selinux-relabel flag fails on cross-architecture builds
RFE: virt-inspector xpath query should output a neat format of the query element
virt-builder firstboot-command fails: File name too long
virt-inspector gives incorrect arch (ppc64) for ppc64le guest
RFE: virt-customize --move and --copy
index-parser can't parse systemd mount files properly
virt-builder --upload option doesn't work to a FAT partition
virt-builder -x option on its own does not enable tracing
`virt-builder` should create
$HOME/.cache directory if it already doesn't exist
Virt-builder fingerprint is required even when no check desired
virt-resize should preserve GPT partition UUIDs, else EFI guests become unbootable
Performance regression in virt-builder when uncompressing image
virt-v2v should support gzip format ova as input
virt-sparsify should ignore read-only LVs
“mknod-b”, “mknod-c”, and “mkfifo” do not strip non-permissions bits from “mode”
virt-v2v ignores sound device when convert xen guest to local kvm
Typo error in 'help ping-daemon'
“parse-environment” and “parse-environment-list” fail to parse “LIBGUESTFS_TRACE = 0”
“is-blockdev”/“is-blockdev-opts” fail to detect “/dev/sda”
RFE: Allow v2v conversion of Oracle Linux 5.8 VMware VM
New virt-v2v failure: CURL: Error opening file: NSS: client certificate not found (nickname not specified): Invalid argument
Graphics password disappear after conversion of virt-v2v
The listen address for vnc is changed after conversion by virt-v2v
inspection thinks EFI partition is a separate operating system
virt-v2v conversion of RHEL 3 guest fails with: All of your loopback devices are in use
Conversion of RHEL 4 guest fails: rpm -ql 1:kernel-utils-2.4-23.el4: virt-v2v: error: libguestfs error: command_lines:
virt-v2v picks debug kernels over non-debug kernels when versions are equal
virt-sparsify: libguestfs error: qemu-img info: 'virtual-size' is not representable as a 64 bit integer
virt-resize --expand fails on ubuntu-14.04.img image (regression)
warning: fstrim: fstrim: /sysroot/: FITRIM ioctl failed: Operation not supported (ignored) when convert win2003 guest from xen server
p2v: No Network Connection dialog
virt-p2v fails with error:“nbd.c:nbd_receive_negotiate():L501: read failed”
Remove “If reporting bugs, run virt-v2v with debugging enabled ..” message when running virt-p2v
“Conversion was successful” pop out even virt-p2v fails
virt-v2v: warning: ova hard disk has no parent controller when convert from a ova file
virt-resize should give out the detail warning info to let customers know what's going wrong
File “/boot/grub2/device.map” showing is not right after converting a rhel7 guest from esx server
mount-loop command fails: mount failed: Unknown error -1
Disable “cancel conversion” button after virt-p2v conversion finished
Provide Reboot/Shutdown button after virt-p2v
Booting in qemu found no volume groups and failed checking the filesystems
The description of 'help append' is not accurately, it add the kernel options to libguestfs appliance not the guest kernel
typo errors in man pages
Inspect-get-icon failed on RHEL7 guest
xfs should also give a warning out to let customer know the limitation
Failed to import guest with “rtl8139” nic to openstack server after converted by v2v
virt-sysprep firstboot script is not deleted if it reboot a RHEL 7 guest
esx win2008 32 bit guest fail to load after conversion because the firmware isn't ACPI compatible
libvirt backend does not set RBD password
Use password file instead of process interaction
virt-p2v-make-disk should add firmwares
libguestfs FTBFS on f21 ppc64le
virt-inspector support adding a remote disk, but in its man page -a URI / --add URI is missing
Virt-v2v will fail when using relative path for -i ova
Redundancy whitespace at the end of directory name when use <TAB> to complete the directory name in guestfish with a xfs filesystem in guest
virt-v2v will hang when converting esx guest before disk copy phase
virt-v2v / qemu-img fails on ova image
virt-ls should remove '/' in the output when specify the directory name as /etc/
Should also add a field for directory files when run virt-ls with --csv option
virt-v2v conversions from VMware vCenter server run slowly
virt-v2v fail to convert guest with disk type volume
Input/output error during conversion of esx guest.
[RFE] virt-builder should support copying in a directory/list of files
[abrt] livecd-tools: kickstart.py:276:apply:IOError: [Errno 2] No such file or directory: '/run/media/jones/2tp001data/createlive/temp/imgcreate-_dX8Us/install_root/etc/rpm/macros.imgcreate'
virt-sparsify fails if a btrfs filesystem contains readonly snapshots
RFE: allow passing in a pre-opened libvirt connection from python
Security context on image file gets reset
[RFE] virt-v2v should check whether guest with same name exist on target first then transfer the disk
RFE: virt-p2v: display more information about network devices such as topology, bonding, etc.
p2v client should have largest number restrictions for CPU and Memory settings
hivex cannot read registry hives from ReactOS
virt-inspector cannot detect ReactOS
installation via NFS doesn't seem to work
guestfs-examples(1), guestfs-faq(1), guestfs-performance(1), guestfs-recipes(1), guestfs-testing(1), guestfs(3), guestfish(1), http://libguestfs.org/
Richard W.M. Jones
Copyright (C) 2009-2020 Red Hat Inc.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
To get a list of bugs against libguestfs, use this link: https://bugzilla.redhat.com/buglist.cgi?component=libguestfs&product=Virtualization+Tools
To report a new bug against libguestfs, use this link: https://bugzilla.redhat.com/enter_bug.cgi?component=libguestfs&product=Virtualization+Tools
When reporting a bug, please supply:
- The version of libguestfs.
- Where you got libguestfs (eg. which Linux distro, compiled from source, etc)
- Describe the bug accurately and give a way to reproduce it.
- Run libguestfs-test-tool(1) and paste the complete, unedited output into the bug report.