[PATCH] launch: libvirt: Implement drive secrets (RHBZ#1159016).
by Richard W.M. Jones
Implement the GUESTFS_ADD_DRIVE_OPTS_SECRET argument of
guestfs_add_drive_opts. For libvirt we have to save the secret in
libvirtd first, get a UUID, and then pass the UUID back through the
domain XML.
---
src/launch-libvirt.c | 227 ++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 224 insertions(+), 3 deletions(-)
diff --git a/src/launch-libvirt.c b/src/launch-libvirt.c
index 7206b33..45e215c 100644
--- a/src/launch-libvirt.c
+++ b/src/launch-libvirt.c
@@ -97,6 +97,25 @@ xmlBufferDetach (xmlBufferPtr buf)
}
#endif
+#ifdef HAVE_ATTRIBUTE_CLEANUP
+#define CLEANUP_VIRSECRETFREE __attribute__((cleanup(cleanup_virSecretFree)))
+
+static void
+cleanup_virSecretFree (void *ptr)
+{
+ virSecretFree (* (virSecretPtr *) ptr);
+}
+
+#else /* !HAVE_ATTRIBUTE_CLEANUP */
+#define CLEANUP_VIRSECRETFREE
+#endif
+
+/* Use to store a mapping of secret to libvirt secret UUID. */
+struct secret {
+ char *secret;
+ char uuid[VIR_UUID_STRING_BUFLEN];
+};
+
#define DOMAIN_NAME_LEN (8+16+1) /* "guestfs-" + random + \0 */
/* Per-handle data. */
@@ -110,6 +129,8 @@ struct backend_libvirt_data {
char name[DOMAIN_NAME_LEN]; /* random name */
bool is_kvm; /* false = qemu, true = kvm (from capabilities)*/
unsigned long qemu_version; /* qemu version (from libvirt) */
+ struct secret *secrets; /* list of secrets */
+ size_t nr_secrets;
};
/* Parameters passed to construct_libvirt_xml and subfunctions. We
@@ -130,6 +151,9 @@ struct libvirt_xml_params {
};
static int parse_capabilities (guestfs_h *g, const char *capabilities_xml, struct backend_libvirt_data *data);
+static int add_secret (guestfs_h *g, struct backend_libvirt_data *data, const struct drive *drv);
+static int find_secret (guestfs_h *g, const struct backend_libvirt_data *data, const struct drive *drv, const char **type, const char **uuid);
+static int have_secret (guestfs_h *g, const struct backend_libvirt_data *data, const struct drive *drv);
static xmlChar *construct_libvirt_xml (guestfs_h *g, const struct libvirt_xml_params *params);
static void debug_appliance_permissions (guestfs_h *g);
static void debug_socket_permissions (guestfs_h *g);
@@ -224,6 +248,8 @@ launch_libvirt (guestfs_h *g, void *datav, const char *libvirt_uri)
CLEANUP_FREE xmlChar *xml = NULL;
CLEANUP_FREE char *appliance = NULL;
struct sockaddr_un addr;
+ struct drive *drv;
+ size_t i;
int r;
uint32_t size;
CLEANUP_FREE void *buf = NULL;
@@ -458,6 +484,14 @@ launch_libvirt (guestfs_h *g, void *datav, const char *libvirt_uri)
debug (g, "cannot find group 'qemu'");
}
+ /* Store any secrets in libvirtd, keeping a mapping from the secret
+ * to its UUID.
+ */
+ ITER_DRIVES (g, i, drv) {
+ if (add_secret (g, data, drv) == -1)
+ goto cleanup;
+ }
+
/* Construct the libvirt XML. */
if (g->verbose)
guestfs___print_timestamped_message (g, "create libvirt XML");
@@ -1272,6 +1306,8 @@ construct_libvirt_xml_disk (guestfs_h *g,
CLEANUP_FREE char *path = NULL;
int is_host_device;
CLEANUP_FREE char *format = NULL;
+ const char *type, *uuid;
+ int r;
/* XXX We probably could support this if we thought about it some more. */
if (drv->iface) {
@@ -1383,9 +1419,15 @@ construct_libvirt_xml_disk (guestfs_h *g,
if (drv->src.username != NULL) {
start_element ("auth") {
attribute ("username", drv->src.username);
- /* TODO: write the drive secret, after first storing it separately
- * in libvirt
- */
+ r = find_secret (g, data, drv, &type, &uuid);
+ if (r == -1)
+ return -1;
+ if (r == 1) {
+ start_element ("secret") {
+ attribute ("type", type);
+ attribute ("uuid", uuid);
+ } end_element ();
+ }
} end_element ();
}
break;
@@ -1657,6 +1699,174 @@ construct_libvirt_xml_qemu_cmdline (guestfs_h *g,
}
static int
+construct_libvirt_xml_secret (guestfs_h *g,
+ const struct backend_libvirt_data *data,
+ const struct drive *drv,
+ xmlTextWriterPtr xo)
+{
+ start_element ("secret") {
+ attribute ("ephemeral", "yes");
+ attribute ("private", "yes");
+ start_element ("description") {
+ string_format ("guestfs secret associated with %s %s",
+ data->name, drv->src.u.path);
+ } end_element ();
+ } end_element ();
+
+ return 0;
+}
+
+/* If drv->src.secret != NULL, store the secret in libvirt, and save
+ * the UUID so we can retrieve it later. Also there is some slight
+ * variation depending on the protocol. See
+ * http://libvirt.org/formatsecret.html
+ */
+static int
+add_secret (guestfs_h *g, struct backend_libvirt_data *data, const struct drive *drv)
+{
+ CLEANUP_XMLBUFFERFREE xmlBufferPtr xb = NULL;
+ xmlOutputBufferPtr ob;
+ CLEANUP_XMLFREETEXTWRITER xmlTextWriterPtr xo = NULL;
+ CLEANUP_FREE xmlChar *xml = NULL;
+ CLEANUP_VIRSECRETFREE virSecretPtr secret = NULL;
+ size_t i;
+
+ if (drv->src.secret == NULL)
+ return 0;
+
+ /* If it was already stored, don't create another secret. */
+ if (have_secret (g, data, drv))
+ return 0;
+
+ /* Create the XML for the secret. */
+ xb = xmlBufferCreate ();
+ if (xb == NULL) {
+ perrorf (g, "xmlBufferCreate");
+ return -1;
+ }
+ ob = xmlOutputBufferCreateBuffer (xb, NULL);
+ if (ob == NULL) {
+ perrorf (g, "xmlOutputBufferCreateBuffer");
+ return -1;
+ }
+ xo = xmlNewTextWriter (ob);
+ if (xo == NULL) {
+ perrorf (g, "xmlNewTextWriter");
+ return -1;
+ }
+
+ if (xmlTextWriterSetIndent (xo, 1) == -1 ||
+ xmlTextWriterSetIndentString (xo, BAD_CAST " ") == -1) {
+ perrorf (g, "could not set XML indent");
+ return -1;
+ }
+ if (xmlTextWriterStartDocument (xo, NULL, NULL, NULL) == -1) {
+ perrorf (g, "xmlTextWriterStartDocument");
+ return -1;
+ }
+
+ if (construct_libvirt_xml_secret (g, data, drv, xo) == -1)
+ return -1;
+
+ if (xmlTextWriterEndDocument (xo) == -1) {
+ perrorf (g, "xmlTextWriterEndDocument");
+ return -1;
+ }
+ xml = xmlBufferDetach (xb);
+ if (xml == NULL) {
+ perrorf (g, "xmlBufferDetach");
+ return -1;
+ }
+
+ debug (g, "libvirt secret XML:\n%s", xml);
+
+ /* Pass the XML to libvirt. */
+ secret = virSecretDefineXML (data->conn, (const char *) xml, 0);
+ if (secret == NULL) {
+ libvirt_error (g, _("could not define libvirt secret"));
+ return -1;
+ }
+
+ /* Set the secret. */
+ if (virSecretSetValue (secret,
+ (const unsigned char *) drv->src.secret,
+ strlen (drv->src.secret),
+ 0) == -1) {
+ libvirt_error (g, _("could not set libvirt secret value"));
+ return -1;
+ }
+
+ /* Get back the UUID and save it in the private data. */
+ i = data->nr_secrets;
+ data->nr_secrets++;
+ data->secrets =
+ safe_realloc (g, data->secrets, sizeof (struct secret) * data->nr_secrets);
+
+ data->secrets[i].secret = safe_strdup (g, drv->src.secret);
+
+ if (virSecretGetUUIDString (secret, data->secrets[i].uuid) == -1) {
+ libvirt_error (g, _("could not get UUID from libvirt secret"));
+ return -1;
+ }
+
+ return 0;
+}
+
+static int
+have_secret (guestfs_h *g,
+ const struct backend_libvirt_data *data, const struct drive *drv)
+{
+ size_t i;
+
+ if (drv->src.secret == NULL)
+ return 0;
+
+ for (i = 0; i < data->nr_secrets; ++i) {
+ if (STREQ (data->secrets[i].secret, drv->src.secret))
+ return 1;
+ }
+
+ return 0;
+}
+
+/* Find a secret previously stored in libvirt. Returns the
+ * <secret type=... uuid=...> attributes. This function returns -1
+ * if there was an error, 0 if there is no secret, and 1 if the
+ * secret was found and returned.
+ */
+static int
+find_secret (guestfs_h *g,
+ const struct backend_libvirt_data *data, const struct drive *drv,
+ const char **type, const char **uuid)
+{
+ size_t i;
+
+ if (drv->src.secret == NULL)
+ return 0;
+
+ for (i = 0; i < data->nr_secrets; ++i) {
+ if (STREQ (data->secrets[i].secret, drv->src.secret)) {
+ *uuid = data->secrets[i].uuid;
+
+ switch (drv->src.protocol) {
+ case drive_protocol_rbd:
+ *type = "ceph";
+ break;
+ case drive_protocol_iscsi:
+ *type = "iscsi";
+ break;
+ default:
+ *type = "volume"; /* ? */
+ }
+
+ return 1;
+ }
+ }
+
+ return 0;
+}
+
+static int
is_blk (const char *path)
{
struct stat statbuf;
@@ -1678,6 +1888,7 @@ shutdown_libvirt (guestfs_h *g, void *datav, int check_for_errors)
struct backend_libvirt_data *data = datav;
virConnectPtr conn = data->conn;
virDomainPtr dom = data->dom;
+ size_t i;
int ret = 0;
int flags;
@@ -1710,6 +1921,12 @@ shutdown_libvirt (guestfs_h *g, void *datav, int check_for_errors)
free (data->network_bridge);
data->network_bridge = NULL;
+ for (i = 0; i < data->nr_secrets; ++i)
+ free (data->secrets[i].secret);
+ free (data->secrets);
+ data->secrets = NULL;
+ data->nr_secrets = 0;
+
return ret;
}
@@ -1814,6 +2031,10 @@ hot_add_drive_libvirt (guestfs_h *g, void *datav,
return -1;
}
+ /* If the drive has an associated secret, store it in libvirt. */
+ if (add_secret (g, data, drv) == -1)
+ return -1;
+
/* Create the XML for the new disk. */
xml = construct_libvirt_xml_hot_add_disk (g, data, drv, drv_index);
if (xml == NULL)
--
2.0.4
10 years
[libhivex] Undefined behavior when accessing invalid (too small) registry hives
by Mahmoud Al-Qudsi
Hello all,
I know that one of the original design goals of libhivex was to be
resilient to corrupt, invalid, or malicious registry hives. I've
encountered some undefined behavior in libhivex when attempting to open
registry files that are too small. I'm not sure if this is a known issue
per-se or not, so I figured I'd ask here on the mailing list before I
jumped in and started adding out-of-bounds checks everywhere.
The simplest test case is when attempting to open a zero-byte registry
file, handle.c will mmap a zero-byte file and then go out of bounds while
comparing against the registry header ("regf"). I imagine even if you pass
in a 4-byte file, the header checksum calculation will loop over 0x7F
bytes, so you'd probably encounter another error there. I guess I'm just
not sure where the ideal location(s) to place range-checking would be; is
there anything smarter than plastering checks at every read/write to the
registry file?
Or is it expected that certain sanity checks would be performed prior to
passing along any files to libhivex? What would those checks be?
Thank you,
Mahmoud Al-Qudsi
NeoSmart Technologies
10 years
Re: [Libguestfs] Virt-v2v conversion issue
by Richard W.M. Jones
[Please keep replies on the list]
On Thu, Oct 16, 2014 at 04:23:52PM +0000, VONDRA Alain wrote:
> It would be great in my case to import the VM in ovirt without using
> a nfs connection because the share is on the same server... But at
> my knowledge, when you put the option -o rhev, you have to link with
> a nfs server, am I right ?
It's simply not possible to make it work without the NFS server.
That's just how it works. I suggest you need to ask whoever runs your
NFS server to fix it so it has more capacity.
BTW 1.27.64, uploading later today, will fix some Windows conversion bugs.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-p2v converts physical machines to virtual machines. Boot with a
live CD or over the network (PXE) and turn machines into KVM guests.
http://libguestfs.org/virt-v2v
10 years
Re: [Libguestfs] some compile errors
by Richard W.M. Jones
On Tue, Oct 28, 2014 at 11:22:47PM +0800, Zhi Yong Wu wrote:
> HI, Richard
>
> Can you know what is missing when the following issue took place?
>
> #gcc mount-local.c -o mount-local -lguestfs
> /usr/lib/gcc/x86_64-redhat-linux/4.1.2/../../../../lib64/libguestfs.so:
> undefined reference to `guestfs__internal_test_rconstoptstring'
> /usr/lib/gcc/x86_64-redhat-linux/4.1.2/../../../../lib64/libguestfs.so:
> undefined reference to `guestfs__internal_test_rstringlist'
[... and many more ...]
The command should work.
However what version of libguestfs? What distro? Did you compile it
yourself or get it from some package? GCC 4.1.2 dates from 2007, so
I'm guessing that you are trying this on something very old.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-p2v converts physical machines to virtual machines. Boot with a
live CD or over the network (PXE) and turn machines into KVM guests.
http://libguestfs.org/virt-v2v
10 years
[PATCH] sysprep: remove /var/spool/mail/username
by Hu Tao
remove /var/spool/mail/username if --enable user-account.
Signed-off-by: Hu Tao <hutao(a)cn.fujitsu.com>
---
sysprep/sysprep_operation_user_account.ml | 1 +
1 file changed, 1 insertion(+)
diff --git a/sysprep/sysprep_operation_user_account.ml b/sysprep/sysprep_operation_user_account.ml
index fda5547..bda6331 100644
--- a/sysprep/sysprep_operation_user_account.ml
+++ b/sysprep/sysprep_operation_user_account.ml
@@ -83,6 +83,7 @@ let user_account_perform ~verbose ~quiet g root side_effects =
g#aug_rm userpath;
g#aug_rm (sprintf "/files/etc/shadow/%s" username);
g#aug_rm (sprintf "/files/etc/group/%s" username);
+ g#rm_rf ("/var/spool/mail/" ^ username);
match home_dir with
| None -> ()
| Some dir -> g#rm_rf dir
--
1.9.3
10 years
[PATCH v2] daemon: Remove custom Augeas lenses.
by Richard W.M. Jones
v2 of previous patch, which fixes some missing bits.
For now I'm going to go with Pino's RHEL 7.1 patch, since it
is at least smaller than this. So I'm sending this to the list
just to have it archived for later.
Rich.
10 years
[PATCH] daemon: Remove custom Augeas lenses.
by Richard W.M. Jones
Don't carry around Augeas lenses. It is fragile, since if the lens is
added to upstream Augeas but the version number has not changed, then
Augeas won't parse the target file at all. This specifically causes
password adjustments to fail in RHEL 7.1.
In future, if we need an Augeas lens, it must be added to Augeas,
either upstream or as a downstream patch carried around by distros.
---
README | 2 +-
appliance/Makefile.am | 6 +---
appliance/guestfs_lvm_conf.aug | 74 ------------------------------------------
appliance/guestfs_shadow.aug | 72 ----------------------------------------
appliance/hostfiles.in | 1 -
configure.ac | 3 ++
daemon/augeas.c | 21 +-----------
daemon/daemon.h | 11 -------
daemon/lvm-filter.c | 14 +-------
9 files changed, 7 insertions(+), 197 deletions(-)
delete mode 100644 appliance/guestfs_lvm_conf.aug
delete mode 100644 appliance/guestfs_shadow.aug
diff --git a/README b/README
index 30e241a..2e7930b 100644
--- a/README
+++ b/README
@@ -104,7 +104,7 @@ The full requirements are described below.
+--------------+-------------+---+-----------------------------------------+
| libxml2 | | R | Popular XML library. |
+--------------+-------------+---+-----------------------------------------+
-| augeas | 1.0.0 | R | |
+| augeas | 1.2.0 | R | |
+--------------+-------------+---+-----------------------------------------+
| xz | | R | Used to compress disk images. |
| | | | Used by virt-builder for compression. |
diff --git a/appliance/Makefile.am b/appliance/Makefile.am
index 7b30bbe..ebc526e 100644
--- a/appliance/Makefile.am
+++ b/appliance/Makefile.am
@@ -21,8 +21,6 @@ EXTRA_DIST = \
99-guestfs-serial.rules \
excludefiles.in \
guestfsd.suppressions \
- guestfs_lvm_conf.aug \
- guestfs_shadow.aug \
hostfiles.in \
init \
libguestfs-make-fixed-appliance.in \
@@ -76,14 +74,12 @@ packagelist: packagelist.in Makefile
cmp -s $@ $@-t || mv $@-t $@
rm -f $@-t
-supermin.d/daemon.tar.gz: ../daemon/guestfsd guestfsd.suppressions guestfs_lvm_conf.aug guestfs_shadow.aug
+supermin.d/daemon.tar.gz: ../daemon/guestfsd guestfsd.suppressions
rm -f $@ $@-t
rm -rf tmp-d
mkdir -p tmp-d$(DAEMON_SUPERMIN_DIR) tmp-d/etc tmp-d/usr/share/guestfs
ln ../daemon/guestfsd tmp-d$(DAEMON_SUPERMIN_DIR)/guestfsd
ln $(srcdir)/guestfsd.suppressions tmp-d/etc/guestfsd.suppressions
- ln $(srcdir)/guestfs_lvm_conf.aug tmp-d/usr/share/guestfs/guestfs_lvm_conf.aug
- ln $(srcdir)/guestfs_shadow.aug tmp-d/usr/share/guestfs/guestfs_shadow.aug
( cd tmp-d && tar zcf - * ) > $@-t
rm -r tmp-d
mv $@-t $@
diff --git a/appliance/guestfs_lvm_conf.aug b/appliance/guestfs_lvm_conf.aug
deleted file mode 100644
index ffa5b01..0000000
--- a/appliance/guestfs_lvm_conf.aug
+++ /dev/null
@@ -1,74 +0,0 @@
-(*
-Module: LVM
- Parses LVM metadata.
-
-Author: Gabriel de Perthuis <g2p.code+augeas(a)gmail.com>
-
-About: License
- This file is licensed under the LGPL v2+.
-
-About: Configuration files
- This lens applies to files in /etc/lvm/backup and /etc/lvm/archive.
-
-About: Examples
- The <Test_LVM> file contains various examples and tests.
-*)
-
-module Guestfs_LVM_conf =
- autoload xfm
-
- (* See lvm2/libdm/libdm-config.c for tokenisation;
- * libdm uses a blacklist but I prefer the safer whitelist approach. *)
- (* View: identifier
- * The left hand side of a definition *)
- let identifier = /[a-zA-Z0-9_-]+/
-
- (* strings can contain backslash-escaped dquotes, but I don't know
- * how to get the message across to augeas *)
- let str = [label "str". Quote.do_dquote (store /([^\"]|\\\\.)*/)]
- let int = [label "int". store Rx.relinteger]
- (* View: flat_literal
- * A literal without structure *)
- let flat_literal = int|str
-
- (* allow multiline and mixed int/str, used for raids and stripes *)
- (* View: list
- * A list containing flat literals *)
- let list = [
- label "list" . counter "list"
- . del /\[[ \t\n]*/ "["
- .([seq "list". flat_literal . del /,[ \t\n]*/ ", "]*
- . [seq "list". flat_literal . del /[ \t\n]*/ ""])?
- . Util.del_str "]"]
-
- (* View: val
- * Any value that appears on the right hand side of an assignment *)
- let val = flat_literal | list
-
- (* View: nondef
- * A line that doesn't contain a statement *)
- let nondef =
- Util.empty
- | Util.comment
-
- (* Build.block couldn't be reused, because of recursion and
- * a different philosophy of whitespace handling. *)
- (* View: def
- * An assignment, or a block containing definitions *)
- let rec def = [
- Util.indent . key identifier . (
- del /[ \t]*\{\n/ " {\n"
- .[label "dict".(nondef | def)*]
- . Util.indent . Util.del_str "}\n"
- |Sep.space_equal . val . Util.comment_or_eol)]
-
- (* View: lns
- * The main lens *)
- let lns = (nondef | def)*
-
- let filter =
- incl "/etc/lvm/archive/*.vg"
- . incl "/etc/lvm/backup/*"
- . Util.stdexcl
-
- let xfm = transform lns filter
diff --git a/appliance/guestfs_shadow.aug b/appliance/guestfs_shadow.aug
deleted file mode 100644
index 2fbf455..0000000
--- a/appliance/guestfs_shadow.aug
+++ /dev/null
@@ -1,72 +0,0 @@
-(*
- Module: Shadow
- Parses /etc/shadow
-
- Author: Lorenzo M. Catucci <catucci(a)ccd.uniroma2.it>
-
- Original Author: Free Ekanayaka <free(a)64studio.com>
-
- About: Reference
-
- - man 5 shadow
- - man 3 getspnam
-
- About: License
- This file is licensed under the LGPL v2+, like the rest of Augeas.
-
- About:
-
- Each line in the shadow files represents the additional shadow-defined attributes
- for the corresponding user, as defined in the passwd file.
-
-*)
-
-module Guestfs_Shadow =
-
- autoload xfm
-
-(************************************************************************
- * USEFUL PRIMITIVES
- *************************************************************************)
-
-let eol = Util.eol
-let comment = Util.comment
-let empty = Util.empty
-let dels = Util.del_str
-
-let colon = Sep.colon
-
-let word = Rx.word
-let integer = Rx.integer
-
-let sto_to_col = Passwd.sto_to_col
-let sto_to_eol = Passwd.sto_to_eol
-
-(************************************************************************
- * Group: ENTRIES
- *************************************************************************)
-
-(* View: entry *)
-let entry = [ key word
- . colon
- . [ label "password" . sto_to_col? . colon ]
- . [ label "lastchange_date" . store integer? . colon ]
- . [ label "minage_days" . store integer? . colon ]
- . [ label "maxage_days" . store integer? . colon ]
- . [ label "warn_days" . store integer? . colon ]
- . [ label "inactive_days" . store integer? . colon ]
- . [ label "expire_date" . store integer? . colon ]
- . [ label "flag" . store integer? ]
- . eol ]
-
-(************************************************************************
- * LENS
- *************************************************************************)
-
-let lns = (comment|empty|entry) *
-
-let filter
- = incl "/shadow"
- . Util.stdexcl
-
-let xfm = transform lns filter
diff --git a/appliance/hostfiles.in b/appliance/hostfiles.in
index 8ff53b5..01a52ae 100644
--- a/appliance/hostfiles.in
+++ b/appliance/hostfiles.in
@@ -14,4 +14,3 @@ dnl FRUGALWARE=1 For Frugalware.
dnl MAGEIA=1 For Mageia.
/lib/lsb/*
-/usr/share/augeas/lenses/*.aug
diff --git a/configure.ac b/configure.ac
index e2ee946..2682358 100644
--- a/configure.ac
+++ b/configure.ac
@@ -899,6 +899,9 @@ dnl Check for PCRE (required)
PKG_CHECK_MODULES([PCRE], [libpcre])
dnl Check for Augeas >= 1.0.0 (required).
+dnl In reality, various things will fail unless you have Augeas 1.2.0
+dnl some upstream but not released patches. However don't fail to
+dnl compile just because this is not satisfied.
PKG_CHECK_MODULES([AUGEAS],[augeas >= 1.0.0])
dnl libmagic (highly recommended)
diff --git a/daemon/augeas.c b/daemon/augeas.c
index ce49726..9c8bbcc 100644
--- a/daemon/augeas.c
+++ b/daemon/augeas.c
@@ -134,7 +134,7 @@ do_aug_init (const char *root, int flags)
}
/* Pass AUG_NO_ERR_CLOSE so we can display detailed errors. */
- aug = aug_init (buf, "/usr/share/guestfs/", flags | AUG_NO_ERR_CLOSE);
+ aug = aug_init (buf, NULL, flags | AUG_NO_ERR_CLOSE);
if (!aug) {
reply_with_error ("augeas initialization failed");
@@ -148,25 +148,6 @@ do_aug_init (const char *root, int flags)
return -1;
}
- if (!augeas_is_version (1, 2, 1)) {
- int r = aug_transform (aug, "guestfs_shadow", "/etc/shadow",
- 0 /* = included */);
- if (r == -1) {
- AUGEAS_ERROR ("aug_transform");
- aug_close (aug);
- aug = NULL;
- return -1;
- }
-
- /* If aug_load was implicitly called, reload the handle. */
- if ((flags & AUG_NO_LOAD) == 0) {
- if (aug_load (aug) == -1) {
- AUGEAS_ERROR ("aug_load");
- return -1;
- }
- }
- }
-
return 0;
}
diff --git a/daemon/daemon.h b/daemon/daemon.h
index 0ccbc9e..95227d6 100644
--- a/daemon/daemon.h
+++ b/daemon/daemon.h
@@ -232,17 +232,6 @@ extern void wipe_device_before_mkfs (const char *device);
extern void aug_read_version (void);
extern void aug_finalize (void);
-/* The version of augeas, saved as:
- * (MAJOR << 16) | (MINOR << 8) | PATCH
- */
-extern int augeas_version;
-static inline int
-augeas_is_version (int major, int minor, int patch)
-{
- aug_read_version (); /* Lazy version reading. */
- return augeas_version >= ((major << 16) | (minor << 8) | patch);
-}
-
/*-- hivex.c, journal.c --*/
extern void hivex_finalize (void);
extern void journal_finalize (void);
diff --git a/daemon/lvm-filter.c b/daemon/lvm-filter.c
index 72fe6ac..d119f9e 100644
--- a/daemon/lvm-filter.c
+++ b/daemon/lvm-filter.c
@@ -122,7 +122,7 @@ set_filter (char *const *filters)
* but do that only after having applied the transformation.
*/
const int flags = AUG_NO_ERR_CLOSE | AUG_NO_LOAD;
- aug = aug_init (lvm_system_dir, "/usr/share/guestfs/", flags);
+ aug = aug_init (lvm_system_dir, NULL, flags);
if (!aug) {
reply_with_error ("augeas initialization failed");
return -1;
@@ -133,18 +133,6 @@ set_filter (char *const *filters)
return -1;
}
- r = aug_transform (aug, "guestfs_lvm_conf", "/lvm/lvm.conf",
- 0 /* = included */);
- if (r == -1) {
- AUGEAS_ERROR ("aug_transform");
- return -1;
- }
-
- if (aug_load (aug) == -1) {
- AUGEAS_ERROR ("aug_load");
- return -1;
- }
-
/* Remove all the old filters ... */
r = aug_rm (aug, "/files/lvm/lvm.conf/devices/dict/filter/list/*");
if (r == -1) {
--
2.0.4
10 years