From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50285) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bWqZf-0007AU-Br for qemu-devel@nongnu.org; Mon, 08 Aug 2016 15:51:02 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bWqZb-0006Eb-5V for qemu-devel@nongnu.org; Mon, 08 Aug 2016 15:50:58 -0400 Received: from mx1.redhat.com ([209.132.183.28]:38018) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bWqZa-0006EU-Oy for qemu-devel@nongnu.org; Mon, 08 Aug 2016 15:50:55 -0400 Received: from int-mx11.intmail.prod.int.phx2.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id A083261A07 for ; Mon, 8 Aug 2016 19:50:52 +0000 (UTC) Date: Mon, 8 Aug 2016 20:50:50 +0100 From: "Richard W.M. Jones" Message-ID: <20160808195050.GR4121@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Subject: [Qemu-devel] ANNOUNCE: libguestfs 1.34 released List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: libguestfs@redhat.com, virt-tools-list@redhat.com, libvir-list@redhat.com, qemu-devel@nongnu.org I'm pleased to announce libguestfs 1.34, a library and set of tools for accessing and modifying virtual machine disk images. This release took about 8 months of work by many contributors. Amongst the new features are large performance improvements, substantial enhancements to virt-p2v & virt-v2v, better SELinux support, and APIs for doing forensic analysis of disk images. See the release notes below for full details. You can get libguestfs 1.34 here: Main website: http://libguestfs.org/ Source: http://libguestfs.org/download/1.34-stable/ Fedora 24: http://koji.fedoraproject.org/koji/packageinfo?packageID=3D= 8391 It will appear as an update for F24 in about a week. Fedora 25: (blocked on RHBZ#1365270) Debian/experimental: https://packages.debian.org/libguestfs0 Rich. Release notes (also available online at http://libguestfs.org/guestfs-release-notes.1.html ): New features Multiple performance enhancements were made in libguestfs. The "h= ot cache" time to launch to appliance should be under 1 second assumi= ng recent qemu and kernel are installed. There are also new utilitie= s for precisely benchmarking libguestfs (utils/boot-benchmark and utils/boot-analysis in the source tree). The virt-p2v tool for converting physical machines to virtual mach= ines was substantially improved. This includes: clearer, coloured outp= ut during conversions, support for Gtk 3, more detailed information a= bout hardware, click to identify network interfaces, more debugging too= ls included with the ISO, and many bug fixes. f2fs (Flash Friendly File System) is now supported (Pino Toscano). New tools virt-p2v-make-kiwi(1) can be used to build the virt-p2v ISO based = on SLES and openSUSE, using the kiwi utility (C=C3=A9dric Bosdonnat). New features in existing tools virt-resize will now preserve the GPT GUID. This was required for Windows Server 2012 R2, where the bootloader would become confused= if the GUID changed (Maxim Perevedentsev). virt-resize will use sparse copying for (old MBR-style) extended partitions. This makes resizing of guests that use extended parti= tions much faster (Maxim Perevedentsev). virt-p2v kernel command line options can now be used to set defaul= ts for GUI configuration. The virt-p2v debugging options have been completely removed, simplifying the interface and documentation. Debugging informatio= n is now captured fully automatically. virt-p2v-make-disk lets you specify an --arch option, allowing you= to build a 32 bit virt-p2v, for compatibility with older systems. virt-p2v-make-disk no longer requires that you specify an "os-vers= ion" for the virt-p2v disk. If omitted it will try to choose a suitabl= e "os-version" depending on your host system. virt-p2v-make-disk and virt-p2v-make-kickstart both gain a new --install option that allows you to add arbitrary extra packages t= o the virt-p2v ISO, for customization, additional debugging tools and so= on. virt-v2v will now uninstall Parallels Tools (or the equivalent Virtuozzo Tools) from Linux guests. Also stop the Windows drivers= from loading at boot. (Roman Kagan and Pavel Butsykin) virt-v2v --in-place mode has been enhanced to allow the caller to choose whether or not to install certain virtio drivers in the gue= st (Roman Kagan). virt-v2v conversion of Windows guests was substantially rewritten = and simplified (Roman Kagan). virt-v2v --in-place mode now supports installing virtio-scsi drive= rs in guests (Roman Kagan). virt-v2v can now convert SUSE guests and SUSE guests using UEFI (C= =C3=A9dric Bosdonnat and Jim Fehlig). virt-v2v can now convert guests to Glance that have multiple disks= . Previously it would fail on such guests. The virt-v2v --no-trim and --vmtype options are now no-ops. They = will print a warning but are otherwise ignored. virt-v2v can now gener= ate the OVF vmtype correctly without user intervention. virt-v2v has now been tested against Citrix Xen as a source hyperv= isor (C=C3=A9dric Bosdonnat). virt-v2v adds support for SUSE VMDP drivers (C=C3=A9dric Bosdonnat= ). virt-v2v can convert OVA files containing subfolders, as produced = by SUSE Studio (C=C3=A9dric Bosdonnat). virt-v2v sets the OVF "" element correctly. oVirt has bee= n extended to support more source hypervisors (Shahar Havivi). virt-v2v now supports Windows Server 2016 (Tom=C3=A1=C5=A1 Golembi= ovsk=C3=BD). The virt-builder --list option can now be used to show all templat= es or a single template (Pino Toscano). All OCaml-based tools now use getopt_long(3) for option parsing, a= nd --help output has been improved (Pino Toscano). virt-builder and virt-customize --selinux-relabel option can now f= ully relabel the guest filesystem at build time, without requiring a le= ngthy autorelabel at first boot. virt-customize --delete now accepts globs. New virt-customize --uninstall option lets you uninstall packages. virt-customize can now use "pvvxsvc" as an alternative to "rhsrvan= y" for running firstboot scripts in Windows guests (C=C3=A9dric Bosdo= nnat). virt-customize now uses the strongest hashing scheme for passwords= on Arch and Void Linux (Pino Toscano). virt-customize --install now works correctly on Arch (Pino Toscano= ). virt-inspector has new options --no-applications and --no-icon to prevent the list of applications and icon from being included in t= he XML output (Pino Toscano). New virt-sysprep --network option has been added, allowing you to actually use the --install etc options which were present in virt- sysprep before but did not usually work. Note that the network is still disabled by default. virt-sysprep "fs-uuids" operation no longer fails on btrfs guests (Maxim Perevedentsev). virt-dib can output Docker images (Pino Toscano). virt-dib has a new --drive-format option to allow the user to spec= ify the format of the helper drive (Pino Toscano). All OCaml virt tools now have a --colors/--colours option which en= ables coloured output (using ANSI escape sequences) even if the output i= s not a tty. The default is to check if the output is a tty and disable coloured output if not. This allows coloured output to be consume= d by other tools. Language bindings PHP test coverage has been enhanced (Pino Toscano). PHP 7 is now supported (Pino Toscano). Python bindings are now compliant with PEP 8 (Pino Toscano). A Python pip package is available in http://libguestfs.org/download/python/ The Ruby bindings now print the full exception if one is thrown by= the event callback. Note this is still incorrect behaviour as event callbacks should not throw exceptions, but it aids debugging. All OCaml libraries and programs are now compiled with -safe-strin= g, if supported by the OCaml compiler. Inspection Alpine Linux using busybox can now be inspected. Also the APK pac= kage manager is supported in virt-customize (Pino Toscano). We now handle inspection of Mageia 4 (Pino Toscano). Void Linux and the Void Linux xbps package manager are fully suppo= rted (Pino Toscano). Parsing of CoreOS version information has been enhanced (Pino Tosc= ano). It is now possible to get an icon from ALT Linux (Pino Toscano). PLD Linux versions < 3 are now recognized (Pino Toscano). Windows drive letters are now returned for guests using GPT partit= ions (Dawid Zamirski). We can now correctly inspect Unix guests that do not have an /etc/= fstab file (Pino Toscano). Added another source for the Ubuntu icon which doesn't rely on GNO= ME having been installed in the guest. We can now get an icon for Windows 7 64 bit guests. Libosinfo integration was rewritten to deal with the new database format used by osinfo (Pino Toscano). Documentation New manual page guestfs-building(1) describes how to build libgues= tfs from source. The man pages, tools and tool --help output is now automatically checked to ensure that all tool options are properly documented, t= hat warning sections are included where necessary, and that every page= has a description section. The guestfs-testing(1) man page has been refreshed and based on a = newer libguestfs. Architectures and platforms virt-customize now works on POWER7 and POWER8 platforms, both big endian and little endian (Xianghua Chen and Hu Zhang). Security See also guestfs-security(1). CVE-2015-8869 https://bugzilla.redhat.com/CVE-2015-8869 This vulnerability in OCaml might affect virt tools written in the OCaml programming language. It affects only 64 bit platforms. Be= cause this bug affects code generation it is difficult to predict which precise software could be affected, and therefore our recommendati= on is that you recompile libguestfs using a version of the OCaml compile= r where this bug has been fixed (or ask your Linux distro to do the same). virt-customize ownership of .ssh, .ssh/authorized_keys https://bugzilla.redhat.com/1337561 Previously when virt-customize injected an SSH key into a guest, w= hen it created the ~/.ssh and ~/.ssh/authorized_keys directory and fil= e (in case they were missing) it created them with owner and group "root.root". This has been fixed so the correct user is used. Th= is is not thought to have been exploitable. Windows "%systemroot%" The inspection code has been made more robust against guests which might use very long "%systemroot%" (derived from the guest-control= led Windows Registry). This is not thought to have been exploitable. Virtio-rng is now available in the appliance virtio-rng (the virtual Random Number Generator device) is now pas= sed to the appliance, which should improve the quality random numbers generated for GUIDs and cryptographic key generation. API New APIs "btrfs_filesystem_show" List all devices where a btrfs filesystem is spanned (Pino Toscano). "download_blocks" "download_inode" "filesystem_walk" Download filesystem data blocks from a given partition. Downl= oad arbitrary files by inode number. Retrieve all files from a filesystem including deleted files. Note these require optional dependency The Sleuth Kit. (Matte= o Cafasso) "get_sockdir" Read the path where temporary sockets are stored (Pino Toscano= ). "mountable_device" "mountable_subvolume" Split a Mountable into device name and subvolume (C=C3=A9dric Bosdonnat). "ntfscat_i" Download NTFS file by inode number (Matteo Cafasso). "part_expand_gpt" Allow in-place expanding of GPT partitions by moving the secon= d (backup) partition table to the end of the disk (Maxim Perevedentsev). "part_get_disk_guid" "part_set_disk_guid" "part_set_disk_guid_random" Get and set the GPT disk GUID, or set it to a fresh random val= ue (Maxim Perevedentsev). "selinux_relabel" SELinux-relabel part or all of the guest filesystem. Other API changes "guestfs_set_selinux", "guestfs_get_selinux", "guestfs_setcon", "guestfs_getcon" and "guestfs_llz" have been deprecated. Use the = new API "guestfs_selinux_relabel" to relabel filesystems. Use "guestfs_lgetxattrs" to list the "security.selinux" extended attri= butes of existing files. "guestfs_vfs_minimum_size" can now be used on dirty filesystems (M= axim Perevedentsev). "guestfs_ll" now works on paths which contain absolute symlinks (P= ino Toscano). "guestfs_glob_expand" now has an optional "directoryslash" boolean parameter which controls whether trailing slashes are returned for directory names (Pino Toscano). "guestfs_lvs" will no longer return LVs which have the "activation= skip" flag set. The reason is that such LVs have no "/dev/VG/LV" device= node and so code which read the list of LVs and then probed the devices themselves would immediately fail. You can use "guestfs_lvs_full"= if you want to read all LVs. (Pino Toscano). "guestfs_list_disk_labels" now no longer fails if no disks with la= bels were added. Instead it now returns an empty list (Pino Toscano). "guestfs_is_lv" no longer fails if passed a btrfs subvolume, it re= turns false instead (Maxim Perevedentsev). Build changes qemu =E2=89=A5 1.3.0 is required. yajl (a JSON parsing library) is required to build libguestfs. You can now build with GCC 6. "make check-valgrind" now has substantially better coverage. "make check-slow" now works again. Use "make -C appliance clean-supermin-appliance" to clean the supe= rmin appliance (it will be rebuilt on next "make"). There are a variety of new rules for running virt-p2v from the sou= rce directory: "make -C p2v run-virt-p2v-directly" | "run-virt-p2v-in-= a-vm" | "run-virt-p2v-non-gui-conversion". These are documented further= in guestfs-hacking(1). virt-p2v may be built using either Gtk 2 or Gtk 3. To force a particular version of Gtk to be used, "./configure --with-gtk=3D2|= 3" The "./configure" options are now mostly documented in guestfs-building(1). Internals In git, versions are now tagged with "v1.XX.YY" (previously they w= ere tagged with "1.XX.YY"). Using the "v-" prefix is more common in g= it repositories. When using the libvirt backend, we now wait for qemu to exit grace= fully instead of killing it after 15 seconds. This helps when writing t= o slow devices (especially cheap USB keys). Error messages from libvirt now include the "err->int1" field whic= h usually contains the "errno". On ARM, all DTB (device tree) code has been removed. qemu creates= the right device tree on the fly, we do not need to specify one. The C API tests now use larger test disks, allowing BTRFS to be te= sted properly (Pino Toscano). The tests should now work on a pure Python 3 host (Pino Toscano). In C bindings, internal functions are now (mostly) consistently na= med "guestfs_int_*" whereas previously there was no consistent scheme. The old "safe_malloc" etc functions are now no longer exported by = the library, nor used in language bindings. Setting TMPDIR to a path longer than ~ 100 characters will no long= er cause libguestfs to fail silently and randomly when creating Unix domain sockets (Pino Toscano). The "COMPILE_REGEXP" macro can now be used in the daemon. When tracing, results containing structs are now printed in full (= Pino Toscano). The Perl "Sys::Guestfs" module now no longer embeds an incrementin= g API "version number". This module is now always at phony version "1.0= ". To find the real version of libguestfs from Perl you must call "$g->version". All code is compiled with "-Wstack-usage=3D10000" and multiple cha= nges have been made to remove stack allocation of large strings and buf= fers. The error(3) function is now used everywhere, replacing most previ= ous uses of perror(3) + exit(3), and fprintf(3) + exit. In C code, "/**" comments are turned into documentation which is automatically added to the guestfs-hacking(1) manual page. A safe "getumask" function has been added. For recent Linux kerne= ls this uses the newly added "Umask" field in /proc/self/status. For older Linux and other Unix, this uses a thread-safe technique invo= lving fork(2) (thanks: Josh Stone, Jiri Jaburek, Eric Blake). Safe posix_fadvise(2) wrappers have been added, and more hints hav= e been added to the code which may make a minor difference to performance. A safe wrapper around waitpid(2) has been added which handles "INT= R" properly. "podwrapper.pl" (used to generate the manual pages) now stops if a= ny POD error is found. A new script called "podcheck.pl" does cross- checking of --help output, tool options and manual pages. All version numbers in the library (eg. versions of qemu, versions= of libvirt, versions of guest operating systems) are unified in a sin= gle file src/version.c (Pino Toscano). On Windows guests, virt-customize will use the vendor-neutral path "C:\Program=C2=A0Files\Guestfs\Firstboot" to store firstboot scrip= ts. Previously it used "C:\Program=C2=A0Files\Red=C2=A0Hat\Firstboot".= This change should be invisible to the scripts themselves. (C=C3=A9dric Bosdo= nnat) On Linux guests, the firstboot services generated by virt-builder --firstboot etc have been renamed to "guestfs-firstboot" (Pino Toscano). There is now a common "debug" function used by all OCaml tools, replacing previous code which did "if=C2=A0verbose=C2=A0()=C2=A0th= en=C2=A0printf=C2=A0...". virt-p2v copies files it needs over to the virt-v2v conversion ser= ver using scp(1), instead of trying to send them via the shell session= . This should improve reliability and should be a completely transpa= rent to end users. All code in mllib is now built into a single "mllib.cma" or "mllib.cmxa" library. All code in customize is now built into a s= ingle "customize.cma" or "customize.cmxa" library. This simplifies the = build of the OCaml tools. lvmetad(8) is now used in the appliance when available (Pino Tosca= no). "Silent rules" are used for OCaml, Java, Erlang and POD. Use "mak= e V=3D1" to see the full command lines again (Pino Toscano). Bugs fixed https://bugzilla.redhat.com/1364347 virt-sparsify --in-place failed with UEFI system https://bugzilla.redhat.com/1362357 run_command runs exit handlers when execve fails (e.g. due to missing executable) https://bugzilla.redhat.com/1362354 virt-dib failed to create image using DIB_YUM_REPO_CONF https://bugzilla.redhat.com/1359652 Fail to inspect Windows ISO file https://bugzilla.redhat.com/1358142 Some info will show when convert guest to libvirt by virt-v2v = with parameter --quiet https://bugzilla.redhat.com/1354335 overlay of disk images does not specify the format of the back= ing file https://bugzilla.redhat.com/1352761 Virt-manager can't show OS icons of win7/win8/ubuntu guest. https://bugzilla.redhat.com/1350363 Improve error info "remote server timeout unexpectedly waiting= for password prompt" when connect to a bogus server at p2v client https://bugzilla.redhat.com/1348900 virt-p2v should update error prompt when 'Test connection' wit= h a non-existing user in conversion server https://bugzilla.redhat.com/1345813 virt-sysprep --install always failed to install the packages specified https://bugzilla.redhat.com/1345809 virt-customize --truncate-recursive should give an error messa= ge when specifying a no-existing path https://bugzilla.redhat.com/1343423 [RFE]Should give a better description about 'curl error 22' wh= en failed using ssh identity http url at p2v client https://bugzilla.redhat.com/1343414 Failed SSH to conversion server by ssh identity http url at p2= v client https://bugzilla.redhat.com/1343375 [RFE] uninstall packages inside the VM https://bugzilla.redhat.com/1342447 Ifconfig command is not supported on p2v client https://bugzilla.redhat.com/1342398 Convert a guest from RHEL by virt-v2v but its origin info show= s RHEV at rhevm https://bugzilla.redhat.com/1342337 Should remind a warning about disk image has a partition when = using virt-p2v-make-disk https://bugzilla.redhat.com/1341984 virt-get-kernel prompts an 'invalid value' error when using --format auto https://bugzilla.redhat.com/1341564 virt-p2v spinner should be hidden when it stops spinning https://bugzilla.redhat.com/1340809 Testing connection timeout when input regular user of conversi= on server with checked "use sudo......"button https://bugzilla.redhat.com/1340464 [RFE] Suggestion give user a reminder for "Cancel conversion" button https://bugzilla.redhat.com/1340407 Multiple network ports will not be aligned at p2v client https://bugzilla.redhat.com/1338083 Update UEFI whitelist for official fedora packages https://bugzilla.redhat.com/1337561 virt-customize --ssh-inject not applying correct file permissi= on https://bugzilla.redhat.com/1335671 extra quotes around UUID confuses findfs in RHEL (but not in Fedora) https://bugzilla.redhat.com/1332025 Inspection does not parse /etc/redhat-release containing "Deri= ved from Red Hat Enterprise Linux 7.1 (Source)" https://bugzilla.redhat.com/1327488 RFE: Allow p2v kernel options without p2v.server to set defaul= ts https://bugzilla.redhat.com/1325825 virt-v2v should prevent using multiple '-b' and '-n' option ap= pears on the command line https://bugzilla.redhat.com/1321620 libguestfs: error: could not parse integer in version number: = 7" https://bugzilla.redhat.com/1321338 [1.33.16] Compilation Error: Unbound value List.sort_uniq in v= 2v.ml line 988, characters 10-24: https://bugzilla.redhat.com/1317843 `virt-builder --update` fails with: "dnf -y --best upgrade: co= mmand exited with an error" https://bugzilla.redhat.com/1316479 v2v cmd cannot exit and "block I/O error in device 'appliance'= : No space left on device (28)" is printed when specified "-v -x" https://bugzilla.redhat.com/1316041 virt-rescue fails, but missing error message https://bugzilla.redhat.com/1314244 RFE: virt-p2v log window should process colour escapes and backspaces https://bugzilla.redhat.com/1312254 virt-v2v -o libvirt doesn't preserve or use correct https://bugzilla.redhat.com/1309706 error: internal error: Invalid floppy device name: hdb https://bugzilla.redhat.com/1309619 Wrong warning info "use standard VGA" shows when converting wi= ndows > 7 by virt-v2v https://bugzilla.redhat.com/1309580 OS name of win8.1 x64 guest shows incorrect in rhevm3.6 genera= l info https://bugzilla.redhat.com/1308769 virt-v2v does not copy additional disks to Glance https://bugzilla.redhat.com/1306666 Failure when disk contains an LV with activationskip=3Dy https://bugzilla.redhat.com/1296606 virt-v2v doesn't remove VirtualBox additions correctly because= of file quoting https://bugzilla.redhat.com/1293527 There should be a reminder to avoid user to edit a guest image= by multiple tools at the same time in guestfish man page https://bugzilla.redhat.com/1293276 guestfish can not ll a symbolic link dir or edit a file in it https://bugzilla.redhat.com/1278878 guestfish should be able to handle LVM thin layouts https://bugzilla.redhat.com/1264835 ppc64le: virt-customize --install fail to detect the guest arc= h https://bugzilla.redhat.com/1264332 Test that trimming in virt-v2v doesn't regress https://bugzilla.redhat.com/1232192 Virt-v2v gives an error on a blank disk: part_get_parttype: un= known signature, of the output: BYT; https://bugzilla.redhat.com/1229386 virt-p2v in non-GUI mode doesn't show any conversion progress = or status https://bugzilla.redhat.com/1227599 P2V invalid password prints unexpected end of file waiting for command prompt. https://bugzilla.redhat.com/1224795 On Ubuntu, virt-builder --install and --update cannot use the network https://bugzilla.redhat.com/1213324 virt-v2v: warning: unknown guest operating system: windows win= dows 6.3 when converting win8,win8.1,win2012,win2012R2,win10 to rhe= v https://bugzilla.redhat.com/1203898 Support inspecting docker images without /etc/fstab https://bugzilla.redhat.com/1186935 libguestfs cannot inspect recent Fedora / RHEL >=3D 7 when /us= r is a separate partition https://bugzilla.redhat.com/1167916 P2V: invalid conversion server prints unexpected end of file waiting for password prompt. https://bugzilla.redhat.com/1152825 virt-rescue --selinux can not work well, when enable selinux i= n the command line the value of 'getenforce' is still Disabled in vi= rt- rescue appliance https://bugzilla.redhat.com/1150298 ARM 32 bit on Ubuntu: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast] https://bugzilla.redhat.com/1089100 NetworkManager avc unlink denied for resolv.conf after using --selinux-relabel https://bugzilla.redhat.com/983969 RFE: virt-sysprep should be SELinux-aware https://bugzilla.redhat.com/855058 RFE: virt-p2v: display more information about storage devices https://bugzilla.redhat.com/554829 SELinux handling could be done better. --=20 Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rj= ones Read my programming and virtualization blog: http://rwmj.wordpress.com virt-p2v converts physical machines to virtual machines. Boot with a live CD or over the network (PXE) and turn machines into KVM guests. http://libguestfs.org/virt-v2v