guestfs-release-notes-1.30 - Man Page

libguestfs Release Notes

Release Notes for Libguestfs 1.30

These release notes only cover the differences from the previous stable/dev branch split (1.28.0).  For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.

New features

New tools

virt-dib(1) is a secure and safe alternative to the OpenStack "diskimage-builder" tool.  It is compatible with diskimage-builder elements.  (Pino Toscano)

virt-get-kernel(1) extracts the kernel and ramdisk from a disk image.  Previously this functionality was part of virt-builder(1), but the new tool is more featureful.  (Pino Toscano)

New features in existing tools

virt-v2v(1) -i ova mode can now read a wider range of OVA files, and also unpacked files (directories).

virt-v2v now securely passes options to curl, so passwords, cookies and so on cannot be seen by users with shell access on the same machine.

virt-v2v has a new --password-file option to allow you to securely pass in a password, and to avoid an interactive prompt.

virt-v2v disables Windows autoreboot, making debugging conversion failures on Windows easier.

virt-v2v now comes with an extensive external test suite. See virt-v2v-test-harness(1).

virt-v2v allows virtio drivers to come from any location (Roman Kagan), and drivers can be read directly from the virtio ISO.

virt-v2v supports conversion of Windows ≥ 8.  Note this is experimental, and possibly broken.  Use with caution.

virt-v2v can now convert UEFI guests.

virt-p2v(1) adds a network configuration dialog.

virt-p2v now has p2v.pre, and triggers, allowing arbitrary scripts for preparing the host for conversion and tidying up post-conversion.

virt-p2v now uses the more advanced metacity window manager (instead of matchbox).

virt-sysprep(1) will remove /var/spool/mail/username for non-root accounts (Hu Tao).

virt-customize(1), virt-builder(1) and virt-sysprep have the following new options:


allow long lists of commands to be read from a file instead of from the command line (Pino Toscano)


copy files inside the guest (Maros Zatko)


copy host files recursively into the guest (Pino Toscano)


move files inside the guest (Maros Zatko)


inject SSH keys into a guest (Pino Toscano)


register and unregister a guest from subscription-manager (Pino Toscano)


touch a file in the guest (Pino Toscano)


truncate files (Maros Zatko)

Improvements to virt-customize firstboot support.  In particular, Windows firstboot should work as well as Linux (Roman Kagan).

virt-df(1) can now use PolicyKit, SASL and other authentication methods when getting the list of domains from libvirt.

Improvements to guestfish bash completion (Pino Toscano).

Bash completion now completes short options as well as long options (Pino Toscano).

guestfish(1) now displays a command synopsis if the number of parameters given to a command is wrong (Hu Tao).

virt-builder now supports Red Hat Enterprise Linux versions back to RHEL 3.

virt-builder supports SUSE guests using zypper (Cédric Bosdonnat).

Language bindings

The Java bindings now include validated Javadoc, and other improvements (Pino Toscano).

Multiple fixes and improvements to the PHP bindings (Pino Toscano).


Inspection can now get icons from RHEL 7 and CentOS 7.

/etc/favicon.png is now allowed to be a symbolic link.

For RPM-based guests, inspection now returns RPM Epoch fields.

Debian packages now have separate Epoch and Version fields (Nikos Skalkotos).

OpenBSD detection added, FreeBSD and NetBSD added as separate "distros", and other BSD inspection improvements and bug fixes (Nikos Skalkotos).

CoreOS detection added (Nikos Skalkotos).

The package manager in Fedora ≥ 22 is dnf.

ReactOS guests can be inspected (Maros Zatko).

Add support for UEFI guests.

Inspection now works when kernel modules are gzip or xz compressed (Pino Toscano).

Inspection now recognizes ppc64 and ppc64le guests (Maros Zatko).

Inspection lists the installed applications on Archlinux guests (Nikos Skalkotos).

Architectures and platforms

PPC64 (POWER7) and PPC64LE (POWER8) architectures are now much better supported, and should work out of the box.

For aarch64, we use AAVMF (an open source UEFI implementation based on OVMF) if available to run the appliance.

For armv7, we now use the -M virt machine type by default.

There is better support for compiling on non-Linux platforms (Pino Toscano, Margaret Lewicka).

Libguestfs should now work on MIPS 32 bit little endian ("mipsel").  I have not been able to try 64 bit or big endian.



Libguestfs previously ran the strings(1) utility on untrusted files.  Strings could parse BFD headers in an unsafe way, leading to possible arbitrary code execution.  Libguestfs now runs strings with a flag to ensure it does not try to parse BFD headers.  This could have led to exploitation of the libguestfs appliance, but since libguestfs further constrains the appliance through virtualization, SELinux and other techniques, it was unlikely to have caused any privilege escalation on the host.

XPath injection in virt-v2v

One possible XPath injection vulnerability was fixed in virt-v2v. This might have allowed a malicious guest which was being converted by virt-v2v to construct an arbitrary XPath expression which would have been evaluated on the host (by the libxml2 library linked to the virt-v2v binary).  It is not clear what the effects of this might be.

For further information, see upstream commit

Denial of service problems when using qemu-img info

When using the American Fuzzy Lop fuzzer (afl-fuzz) on the qemu-img info command, Richard W.M. Jones found that certain files can cause the qemu-img program to use lots of memory and time (for example 6GB of heap and 14 seconds of CPU time on a fast Intel processor), and in some cases to crash.  Since libguestfs may run qemu-img info on disk images to find out what they contain, this transitively could cause libguestfs to hang or consume lots of memory.

Libguestfs was modified so that it uses resource limits to limit the space and time used by qemu-img info, to avoid this problem.  If a malicious user tries to pass one of these disk images to libguestfs, qemu-img will crash and the crash is reported back to libguestfs callers as an error message.


New APIs


This exposes a previously private API that allows you to pass a virDomainPtr object directly from libvirt to libguestfs.


Adjust readahead parameter for devices. See blockdev --setra command.


Balance support for Btrfs filesystems (Hu Tao).


Filesystem defragmentation support for Btrfs filesystems (Hu Tao).


Create an image of a Btrfs filesystem (Chen Hanxiao)


Quote support for Btrfs filesystems (Hu Tao).


Scan and recover the chunk tree in Btrfs filesystems (Hu Tao).


Restore superblocks in Btrfs filesystems (Hu Tao).


Replace a device in a Btrfs filesystem (Cao Jin).


Scrub a Btrfs filesystem (Hu Tao).


Get the default subvolume of a Btrfs filesystem (Hu Tao).


List detailed information about the subvolume of a Btrfs filesystem (Hu Tao).


Various tuning parameters for Btrfs filesystems (Chen Hanxiao).


Return the C pointer to the underlying guestfs_h *.  This allows interworking of libguestfs bindings with bindings from other libraries.  For further information see


Flexible APIs for recursively copying directories of files between the host and guest filesystem.  Previously these were available only as guestfish commands, but now any API users can call them (Pino Toscano).


Get and set the GPT per-partition GUID.


Get MBR partition type (Chen Hanxiao).


Set the UUID of a filesystem to a randomly generated value; supported filesystems currently are ext2/3/4, XFS, Btrfs, and swap partitions. (Chen Hanxiao).

Other API changes

guestfs_disk_create can now use VMDK files as backing files.

guestfs_btrfs_subvolume_snapshot takes extra optional parameters (all added by Hu Tao):


for creating a read-only Btrfs snapshot


for adding the snapshot to a qgroup

guestfs_btrfs_subvolume_create can also take the optional qgroupid parameter (Hu Tao).

guestfs_set_uuid can set UUID of swap partitions, Btrfs (Hu Tao, Chen Hanxiao).

guestfs_copy_device_to_file and guestfs_copy_file_to_file have a new optional append parameter, allowing you to append to the output file instead of truncating it.

guestfs_mkfs has a new optional label parameter to set the initial label of the new filesystem (Pino Toscano).

guestfs_set_label and guestfs_set_uuid now set ENOTSUP as errno when there is no implemented support for the filesystem of the specified mountable (Chen Hanxiao).

Environment variables now let you write LIBGUESTFS_DEBUG=true, LIBGUESTFS_DEBUG=0 and so on.

All guestfs_sfdisk* APIs have been deprecated.  Because sfdisk(8) was rewritten, incompatibly, upstream, we don't recommend using these APIs in future code.  Use the guestfs_part* APIs as replacements.

APIs such as guestfs_download do not truncate /dev/stdout or /dev/stderr when writing to them, meaning that if you redirect stdout or stderr to a file, the file is no longer truncated.

Build changes

The daemon no longer uses its own separate copy of gnulib.  Instead it shares a single copy with the library.

OCaml .annot files are now created, so IDEs and editors like emacs and vi can browse OCaml types in the source code.

Various fixes to allow different host/appliance architecture builds (Pino Toscano).

Automake is now used directly to build all the OCaml programs, instead of ad hoc Makefile rules.  One side effect of this is to enable warnings in all the C code used by OCaml programs.

-fno-strict-overflow is used throughout the build to avoid dubious GCC optimizations.

Multiple cleanups to support GCC 5.

OCaml OUnit2 is needed to run some OCaml tests.

Creating a statically linked libguestfs.a should work again.

The src/api-support subdirectory and its scripts are no longer used.  Instead we store in the generator/ when the API was added to libguestfs.


The translation service has changed from Transifex to Zanata.

Many more translations are available now, for both library and tools messages and documentation.


In all OCaml tools, there are now common error, warning, info functions, and common way to set and get the --quiet, -x (trace) and -v (verbose) flags, and colour highlighting used consistently.

COMPILE_REGEXP macros are used to simplify PCRE constructors and destructors.

In the generator, Pointer arguments have finally been implemented.

Internal identifiers no longer use double and triple underscores (eg. guestfs___program_name).  These identifiers are invalid for C99 and C++ programs, although compilers would accept them.

The daemon no longer parses guestfs_* options from /proc/cmdline.  Instead it only takes ordinary command line options.  The appliance init script turns /proc/cmdline into daemon command line options.

The tests can now run the daemon as a "captive process", allowing it to be run directly on the host.  The main advantage of this is we can run valgrind directly on the daemon during testing.

Bugs fixed

virt-v2v error reporting when grub.conf cannot be parsed by Augeas

v2v:Duplicate disk target set when convert guest with cdrom attached

Virtio drivers are not installed for windows 2008 guests by virt-v2v

virt-v2v Support for Fedora virtio-win drivers

Virt-v2v gives an error on a blank disk: part_get_parttype: unknown signature, of the output: BYT;

virt-p2v in kernel command line mode should power off the machine after conversion

virt-p2v no GUI mode appends \n to the final command line parameter

virt-sysprep at cleanup deletes /var/spool/at/.SEQ which results in failing at

"Doing conversion……" still shows after cancel the conversion from virt-p2v client

Memory leak in virNetSocketNewConnectUNIX

virt-v2v: warning: unknown guest operating system: windows windows 6.3 when converting win8,win8.1,win2012,win2012R2 to rhev

virt tools should print the same format of version string

RFE: virt-builder --touch

virt-builder --selinux-relabel flag fails on cross-architecture builds

RFE: virt-inspector xpath query should output a neat format of the query element

virt-builder firstboot-command fails: File name too long

virt-inspector gives incorrect arch (ppc64) for ppc64le guest

RFE: virt-customize --move and --copy

index-parser can't parse systemd mount files properly

virt-builder --upload option doesn't work to a FAT partition

virt-builder -x option on its own does not enable tracing

`virt-builder` should create $HOME/.cache directory if it already doesn't exist

Virt-builder fingerprint is required even when no check desired

virt-resize should preserve GPT partition UUIDs, else EFI guests become unbootable

Performance regression in virt-builder when uncompressing image

virt-v2v should support gzip format ova as input

virt-sparsify should ignore read-only LVs

"mknod-b", "mknod-c", and "mkfifo" do not strip non-permissions bits from "mode"

virt-v2v ignores sound device when convert xen guest to local kvm

Typo error in 'help ping-daemon'

"parse-environment" and "parse-environment-list" fail to parse "LIBGUESTFS_TRACE = 0"

"is-blockdev"/"is-blockdev-opts" fail to detect "/dev/sda"

RFE: Allow v2v conversion of Oracle Linux 5.8 VMware VM

New virt-v2v failure: CURL: Error opening file: NSS: client certificate not found (nickname not specified): Invalid argument

Graphics password disappear after conversion of virt-v2v

The listen address for vnc is changed after conversion by virt-v2v

inspection thinks EFI partition is a separate operating system

virt-v2v conversion of RHEL 3 guest fails with: All of your loopback devices are in use

Conversion of RHEL 4 guest fails: rpm -ql 1:kernel-utils-2.4-23.el4: virt-v2v: error: libguestfs error: command_lines:

virt-v2v picks debug kernels over non-debug kernels when versions are equal

virt-sparsify: libguestfs error: qemu-img info: 'virtual-size' is not representable as a 64 bit integer

virt-resize --expand fails on ubuntu-14.04.img image (regression)

warning: fstrim: fstrim: /sysroot/: FITRIM ioctl failed: Operation not supported (ignored) when convert win2003 guest from xen server

p2v: No Network Connection dialog

virt-p2v fails with error:"nbd.c:nbd_receive_negotiate():L501: read failed"

Remove "If reporting bugs, run virt-v2v with debugging enabled .." message when running virt-p2v

"Conversion was successful" pop out even virt-p2v fails

virt-v2v: warning: ova hard disk has no parent controller when convert from a ova file

virt-resize should give out the detail warning info to let customers know what's going wrong

File "/boot/grub2/" showing is not right after converting a rhel7 guest from esx server

mount-loop command fails: mount failed: Unknown error -1

Disable "cancel conversion" button after virt-p2v conversion finished

Provide Reboot/Shutdown button after virt-p2v

Booting in qemu found no volume groups and failed checking the filesystems

The description of 'help append' is not accurately, it add the kernel options to libguestfs appliance not the guest kernel

typo errors in man pages

Inspect-get-icon failed on RHEL7 guest

xfs should also give a warning out to let customer know the limitation

Failed to import guest with "rtl8139" nic  to openstack server after converted by v2v

virt-sysprep firstboot script is not deleted if it reboot a RHEL 7 guest

esx win2008 32 bit guest fail to load after conversion because the firmware isn't ACPI compatible

libvirt backend does not set RBD password

Use password file instead of process interaction

virt-p2v-make-disk should add firmwares

libguestfs FTBFS on f21 ppc64le

virt-inspector support adding a remote disk, but in its man page -a URI / --add URI is missing

Virt-v2v will fail when using relative path for -i ova

Redundancy whitespace at the end of directory name when use <TAB> to complete the directory name in guestfish with a xfs filesystem in guest

virt-v2v will hang when converting esx guest before disk copy phase

virt-v2v / qemu-img fails on ova image

virt-ls should remove '/' in the output when specify the directory name as /etc/

Should also add a field for directory files when run virt-ls with --csv option

virt-v2v conversions from VMware vCenter server run slowly

virt-v2v fail to convert guest with disk type volume

Input/output error during conversion of esx guest.

[RFE] virt-builder should support copying in a directory/list of files

[abrt] livecd-tools: [Errno 2] No such file or directory: '/run/media/jones/2tp001data/createlive/temp/imgcreate-_dX8Us/install_root/etc/rpm/macros.imgcreate'

virt-sparsify fails if a btrfs filesystem contains readonly snapshots

RFE: allow passing in a pre-opened libvirt connection from python

Security context on image file gets reset

[RFE] virt-v2v should check whether guest with same name exist on target first then transfer the disk

RFE: virt-p2v: display more information about network devices such as topology, bonding, etc.

p2v client should have largest number restrictions for CPU and Memory settings

hivex cannot read registry hives from ReactOS

virt-inspector cannot detect ReactOS

installation via NFS doesn't seem to work

See Also

guestfs-examples(1), guestfs-faq(1), guestfs-performance(1), guestfs-recipes(1), guestfs-testing(1), guestfs(3), guestfish(1),


Richard W.M. Jones


This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.


To get a list of bugs against libguestfs, use this link:

To report a new bug against libguestfs, use this link:

When reporting a bug, please supply:

Referenced By


2024-01-05 libguestfs-1.52.0 Virtualization Support