[p2v PATCH] tests: fix run-virt-p2v-in-a-vm helper target
by Pino Toscano
It relied on the qemu libguestfs was configured with, which is no more
available now. Since we already require libguestfs tools for some
functional tests, make run-virt-p2v-in-a-vm depend on libguestfs too,
and use the qemu configured in libguestfs.
---
Makefile.am | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/Makefile.am b/Makefile.am
index d27219d..d1b4bee 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -266,8 +266,9 @@ endif HAVE_LIBGUESTFS
run-virt-p2v-directly: $(PHYSICAL_MACHINE)
$(top_builddir)/run virt-p2v --test-disk=$(PHYSICAL_MACHINE)
+if HAVE_LIBGUESTFS
run-virt-p2v-in-a-vm: virt-p2v.img $(PHYSICAL_MACHINE)
- $(QEMU) \
+ $(shell guestfish get-hv) \
-M pc,accel=kvm:tcg \
-cpu host \
-m 1024 \
@@ -284,6 +285,7 @@ run-virt-p2v-in-a-vm: virt-p2v.img $(PHYSICAL_MACHINE)
-device e1000,netdev=net2 \
$(QEMU_OPTIONS) \
&
+endif HAVE_LIBGUESTFS
run-virt-p2v-non-gui-conversion: stamp-test-virt-p2v-pxe-data-files
SLOW=1 $(top_builddir)/run ./test-virt-p2v-pxe.sh
--
2.21.0
4 years, 7 months
[PATCH] v2v: -o rhv-upload: make -oo rhv-cafile optional
by Pino Toscano
It makes little sense to require the oVirt certificate, especially when
the verification of the connection (-oo rhv-verifypeer) is disabled by
default. The only work done with the certificate in that case is
checking that it is a valid certificate file.
Hence, make -oo rhv-cafile optional, requiring it only when
-oo rhv-verifypeer is enabled.
---
v2v/output_rhv_upload.ml | 16 +++++++++-------
v2v/virt-v2v-output-rhv.pod | 2 ++
2 files changed, 11 insertions(+), 7 deletions(-)
diff --git a/v2v/output_rhv_upload.ml b/v2v/output_rhv_upload.ml
index 24a289169..d08502826 100644
--- a/v2v/output_rhv_upload.ml
+++ b/v2v/output_rhv_upload.ml
@@ -28,7 +28,7 @@ open Types
open Utils
type rhv_options = {
- rhv_cafile : string;
+ rhv_cafile : string option;
rhv_cluster : string option;
rhv_direct : bool;
rhv_verifypeer : bool;
@@ -76,15 +76,13 @@ let parse_output_options options =
error (f_"-o rhv-upload: unknown output option ‘-oo %s’") k
) options;
- let rhv_cafile =
- match !rhv_cafile with
- | Some s -> s
- | None ->
- error (f_"-o rhv-upload: must use ‘-oo rhv-cafile’ to supply the path to the oVirt or RHV user’s ‘ca.pem’ file") in
+ let rhv_cafile = !rhv_cafile in
let rhv_cluster = !rhv_cluster in
let rhv_direct = !rhv_direct in
let rhv_verifypeer = !rhv_verifypeer in
let rhv_disk_uuids = Option.map List.rev !rhv_disk_uuids in
+ if rhv_verifypeer && rhv_cafile = None then
+ error (f_"-o rhv-upload: must use ‘-oo rhv-cafile’ to supply the path to the oVirt or RHV user’s ‘ca.pem’ file");
{ rhv_cafile; rhv_cluster; rhv_direct; rhv_verifypeer; rhv_disk_uuids }
@@ -92,6 +90,10 @@ let nbdkit_python_plugin = Config.virt_v2v_nbdkit_python_plugin
let pidfile_timeout = 30
let finalization_timeout = 5*60
+let json_optstring = function
+ | Some s -> JSON.String s
+ | None -> JSON.Null
+
class output_rhv_upload output_alloc output_conn
output_password output_storage
rhv_options =
@@ -195,7 +197,7 @@ See also the virt-v2v-output-rhv(1) manual.")
"output_sparse", JSON.Bool (match output_alloc with
| Sparse -> true
| Preallocated -> false);
- "rhv_cafile", JSON.String rhv_options.rhv_cafile;
+ "rhv_cafile", json_optstring rhv_options.rhv_cafile;
"rhv_cluster",
JSON.String (Option.default "Default" rhv_options.rhv_cluster);
"rhv_direct", JSON.Bool rhv_options.rhv_direct;
diff --git a/v2v/virt-v2v-output-rhv.pod b/v2v/virt-v2v-output-rhv.pod
index e840ca78d..04a894268 100644
--- a/v2v/virt-v2v-output-rhv.pod
+++ b/v2v/virt-v2v-output-rhv.pod
@@ -101,6 +101,8 @@ The storage domain.
The F<ca.pem> file (Certificate Authority), copied from
F</etc/pki/ovirt-engine/ca.pem> on the oVirt engine.
+This option must be specified if I<-oo rhv-verifypeer> is enabled.
+
=item I<-oo rhv-cluster=>C<CLUSTERNAME>
Set the RHV Cluster Name. If not given it uses C<Default>.
--
2.21.0
4 years, 7 months
[PATCH nbdkit 0/4] Reflection plugin, peer name.
by Richard W.M. Jones
This series is based on my blog posting here:
https://rwmj.wordpress.com/2019/09/13/nbdkit-supports-exportnames/
It depends on the fix for realloc:
https://www.redhat.com/archives/libguestfs/2019-September/thread.html#00103
This series adds a fun plugin, and also an semi-related feature I've
long thought to be desirable. You can consider patches 1 & 4, and
patches 2 & 3 as forming standalone patch series (but they do depend
on each other).
The fun plugin is a reflection plugin which "reflects" client
information back to the client. We have a few fun plugins like this
(hello there, nbdkit-full-plugin) and normally I would push these
without review, but in this particular case there's a specific danger
that sending back data under control of the client might lead to a
security problem. I _believe_ I have avoided that pitfall, but my
belief isn't as good as having experts review it :-)
The new feature is nbdkit_peer_name() which returns the sockaddr of
the peer. It's essentially a wrapper around getpeername(2). This
would allow several features to be implemented in future:
- Plugins could accept or reject connections based on IP address.
- Plugins could change content based on client. (The fourth patch in
the series is a PoC of this implemented in the new reflection
plugin.) Be cautious about combining this feature with multi-conn
as it's not obviously always safe to do.
- Some filters could usefully modify their behaviour based on client
address: The TODO file currently notes that the rate filter could
be changed to limit traffic based on client IP.
Rich.
4 years, 7 months
[PATCH libnbd 1/2] lib: Avoid killing subprocess twice.
by Richard W.M. Jones
If the user calls nbd_kill_subprocess, we shouldn't kill the process
again when we close the handle (since the process has likely gone and
we might be killing a different process).
---
lib/handle.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/lib/handle.c b/lib/handle.c
index 2af25fe..5ad818e 100644
--- a/lib/handle.c
+++ b/lib/handle.c
@@ -315,6 +315,8 @@ nbd_unlocked_kill_subprocess (struct nbd_handle *h, int signum)
return -1;
}
+ h->pid = -1;
+
return 0;
}
--
2.23.0
4 years, 7 months
virt-sparsify --inline with Parallels/Virtuozzo Ploop Images
by Jonathan Wright
virt-sparsify: error: libguestfs error: discard cannot be enabled on this
drive: qemu does not support discard for '*parallels*' format files
Since Virtuozzo 7.0.11 discard is officially supported for ploop images
and I've mounted them with discard and confirmed this functionality
works as expected. Would it be possible to update libguestfs to be
aware of this support so the --inplace flag will work?
https://virtuozzosupport.force.com/s/article/VZA-2019-059
"Native discard support in ploop enabling automatic discard requests on
all ext4 filesystems over ploop block devices, except containers running
on Virtuozzo Storage."
--
Jonathan Wright
KnownHost, LLC
https://www.knownhost.com
4 years, 7 months
[PATCH] builder: templates: set "unassigned" hostname
by Pino Toscano
By default the installer will set the hostname to what the DHCP returns,
exposing details of the machine where make-template.ml runs.
Instead, force "unassigned-hostname.unassigned-domain" as hostname, so
plays nicely with the hostname setting code in virt-customize.
---
builder/templates/debian.preseed | 2 +-
builder/templates/ubuntu.preseed | 5 +++++
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/builder/templates/debian.preseed b/builder/templates/debian.preseed
index 1f13eadbd..8c51fa7f9 100644
--- a/builder/templates/debian.preseed
+++ b/builder/templates/debian.preseed
@@ -71,7 +71,7 @@ d-i netcfg/get_domain string unassigned-domain
# If you want to force a hostname, regardless of what either the DHCP
# server returns or what the reverse DNS entry for the IP is, uncomment
# and adjust the following line.
-#d-i netcfg/hostname string somehost
+d-i netcfg/hostname string unassigned-hostname.unassigned-domain
# Disable that annoying WEP key dialog.
d-i netcfg/wireless_wep string
diff --git a/builder/templates/ubuntu.preseed b/builder/templates/ubuntu.preseed
index 236e17497..595d897a6 100644
--- a/builder/templates/ubuntu.preseed
+++ b/builder/templates/ubuntu.preseed
@@ -47,6 +47,11 @@ d-i netcfg/choose_interface select auto
d-i netcfg/get_hostname string unassigned-hostname
d-i netcfg/get_domain string unassigned-domain
+# If you want to force a hostname, regardless of what either the DHCP
+# server returns or what the reverse DNS entry for the IP is, uncomment
+# and adjust the following line.
+d-i netcfg/hostname string unassigned-hostname.unassigned-domain
+
# Disable that annoying WEP key dialog.
d-i netcfg/wireless_wep string
# The wacky dhcp hostname that some ISPs use as a password of sorts.
--
2.21.0
4 years, 7 months
[p2v PATCH] Document the root password for the disk images.
by Pino Toscano
Mention what is the password of the root user on the disk images created
by virt-p2v-make-disk, virt-p2v-make-kickstart, and virt-p2v-make-kiwi,
so users know how to login in the live p2v system.
---
virt-p2v-make-disk.pod | 2 ++
virt-p2v-make-kickstart.pod | 2 ++
virt-p2v-make-kiwi.pod | 2 ++
3 files changed, 6 insertions(+)
diff --git a/virt-p2v-make-disk.pod b/virt-p2v-make-disk.pod
index a15aaad..dec92c4 100644
--- a/virt-p2v-make-disk.pod
+++ b/virt-p2v-make-disk.pod
@@ -21,6 +21,8 @@ The required I<-o> parameter specifies where the output should go, for
example to a USB key (eg. C<-o /dev/sdX>) or to a file. If you pass a
device name, then B<the existing contents of the device will be erased>.
+The password of the root user on the disk image is C<p2v>.
+
=head2 C<os-version> parameter
The optional C<os-version> parameter is the base Linux distro to use
diff --git a/virt-p2v-make-kickstart.pod b/virt-p2v-make-kickstart.pod
index f4abdf8..a5facf6 100644
--- a/virt-p2v-make-kickstart.pod
+++ b/virt-p2v-make-kickstart.pod
@@ -23,6 +23,8 @@ build a bootable P2V ISO, live CD, USB key, or PXE image. This tool
only builds the kickstart file, but this manual page describes some of
the ways you can use the kickstart file.
+The password of the root user on the disk image is C<p2v>.
+
=head1 BUILDING THE KICKSTART FILE
Using virt-p2v-make-kickstart is very simple:
diff --git a/virt-p2v-make-kiwi.pod b/virt-p2v-make-kiwi.pod
index d879d97..463edf6 100644
--- a/virt-p2v-make-kiwi.pod
+++ b/virt-p2v-make-kiwi.pod
@@ -22,6 +22,8 @@ kiwi to build a bootable P2V live CD ISO, USB key, or PXE image. This tool
only builds the kiwi configuration, but this manual page describes some of
the ways you can use the kiwi configuration.
+The password of the root user on the disk image is C<p2v>.
+
=head1 BUILDING THE KIWI CONFIGURATION
Using virt-p2v-make-kiwi is very simple:
--
2.21.0
4 years, 7 months
[nbdkit PATCH 0/2] more protocol.h tweaks
by Eric Blake
More nbd-protocol.h improvements
Eric Blake (2):
common/protocol: Switch nbdmagic to uint64_t
common/protocol: Declare additional constants
common/protocol/nbd-protocol.h | 16 ++++++++++------
server/protocol-handshake-newstyle.c | 2 +-
server/protocol-handshake-oldstyle.c | 2 +-
plugins/nbd/nbd-standalone.c | 2 +-
tests/test-layers.c | 2 +-
5 files changed, 14 insertions(+), 10 deletions(-)
--
2.21.0
4 years, 7 months
[libnbd PATCH] lib: Synchronize nbd-protocol.h with nbdkit, again
by Eric Blake
Updated in
https://github.com/libguestfs/nbdkit/commit/XXX
Requires tweaks to our handling of nbd magic.
---
Will update with a real URL, if we like it.
lib/nbd-protocol.h | 35 ++++++++++++++++-------------------
generator/states-magic.c | 2 +-
2 files changed, 17 insertions(+), 20 deletions(-)
diff --git a/lib/nbd-protocol.h b/lib/nbd-protocol.h
index fe4d451..bdd1ef2 100644
--- a/lib/nbd-protocol.h
+++ b/lib/nbd-protocol.h
@@ -50,7 +50,7 @@
/* Old-style handshake. */
struct nbd_old_handshake {
- char nbdmagic[8]; /* "NBDMAGIC" */
+ uint64_t nbdmagic; /* NBD_MAGIC */
uint64_t version; /* NBD_OLD_VERSION */
uint64_t exportsize;
uint16_t gflags; /* global flags */
@@ -58,30 +58,33 @@ struct nbd_old_handshake {
char zeroes[124]; /* must be sent as zero bytes */
} NBD_ATTRIBUTE_PACKED;
+#define NBD_MAGIC UINT64_C(0x4e42444d41474943) /* ASCII "NBDMAGIC" */
#define NBD_OLD_VERSION UINT64_C(0x420281861253)
/* New-style handshake. */
struct nbd_new_handshake {
- char nbdmagic[8]; /* "NBDMAGIC" */
+ uint64_t nbdmagic; /* NBD_MAGIC */
uint64_t version; /* NBD_NEW_VERSION */
uint16_t gflags; /* global flags */
} NBD_ATTRIBUTE_PACKED;
-#define NBD_NEW_VERSION UINT64_C(0x49484156454F5054)
+#define NBD_NEW_VERSION UINT64_C(0x49484156454F5054) /* ASCII "IHAVEOPT" */
/* New-style handshake option (sent by the client to us). */
struct nbd_new_option {
- uint64_t version; /* NEW_VERSION */
+ uint64_t version; /* NBD_NEW_VERSION */
uint32_t option; /* NBD_OPT_* */
uint32_t optlen; /* option data length */
/* option data follows */
} NBD_ATTRIBUTE_PACKED;
-/* Newstyle handshake OPT_EXPORT_NAME reply message. */
+/* Newstyle handshake OPT_EXPORT_NAME reply message.
+ * Modern clients use NBD_OPT_GO instead of this.
+ */
struct nbd_export_name_option_reply {
- uint64_t exportsize; /* size of export */
- uint16_t eflags; /* per-export flags */
- char zeroes[124]; /* optional zeroes */
+ uint64_t exportsize; /* size of export */
+ uint16_t eflags; /* per-export flags */
+ char zeroes[124]; /* optional zeroes, unless NBD_FLAG_NO_ZEROES */
} NBD_ATTRIBUTE_PACKED;
/* Fixed newstyle handshake reply message. */
@@ -95,8 +98,8 @@ struct nbd_fixed_new_option_reply {
#define NBD_REP_MAGIC UINT64_C(0x3e889045565a9)
/* Global flags. */
-#define NBD_FLAG_FIXED_NEWSTYLE 1
-#define NBD_FLAG_NO_ZEROES 2
+#define NBD_FLAG_FIXED_NEWSTYLE (1 << 0)
+#define NBD_FLAG_NO_ZEROES (1 << 1)
/* Per-export flags. */
#define NBD_FLAG_HAS_FLAGS (1 << 0)
@@ -140,6 +143,9 @@ struct nbd_fixed_new_option_reply {
#define NBD_REP_ERR_TOO_BIG NBD_REP_ERR (9)
#define NBD_INFO_EXPORT 0
+#define NBD_INFO_NAME 1
+#define NBD_INFO_DESCRIPTION 2
+#define NBD_INFO_BLOCK_SIZE 3
/* NBD_INFO_EXPORT reply (follows fixed_new_option_reply). */
struct nbd_fixed_new_option_reply_info_export {
@@ -160,15 +166,6 @@ struct nbd_block_descriptor {
uint32_t status_flags; /* block type (hole etc) */
} NBD_ATTRIBUTE_PACKED;
-/* New-style handshake server reply when using NBD_OPT_EXPORT_NAME.
- * Modern clients use NBD_OPT_GO instead of this.
- */
-struct nbd_new_handshake_finish {
- uint64_t exportsize;
- uint16_t eflags; /* per-export flags */
- char zeroes[124]; /* must be sent as zero bytes */
-} NBD_ATTRIBUTE_PACKED;
-
/* Request (client -> server). */
struct nbd_request {
uint32_t magic; /* NBD_REQUEST_MAGIC. */
diff --git a/generator/states-magic.c b/generator/states-magic.c
index de8d235..597620d 100644
--- a/generator/states-magic.c
+++ b/generator/states-magic.c
@@ -35,7 +35,7 @@
MAGIC.CHECK_MAGIC:
uint64_t version;
- if (strncmp (h->sbuf.new_handshake.nbdmagic, "NBDMAGIC", 8) != 0) {
+ if (be64toh (h->sbuf.new_handshake.nbdmagic) != NBD_MAGIC) {
SET_NEXT_STATE (%.DEAD);
set_error (0, "handshake: server did not send expected NBD magic");
return 0;
--
2.21.0
4 years, 7 months
