This cannot work because there is no Gtk or SDL output mode
in RHEL 8's qemu-kvm.
In addition you will have to edit the -display option in the
qemu script.
RHEL 8 does not have qemu-system-x86_64 (etc), and in addition the
qemu binary is located in /usr/libexec. Encode the path to this
binary directly in the script.
Note that we don't support people running qemu directly like this.
It's just for quick testing of converted VMs, and to help us with
support cases.
This disables support for unsupported remote drive protocols:
* ftp
* ftps
* http
* https
* tftp
* gluster
* iscsi
* sheepdog
* ssh
Note 'nbd' is not disabled, and of course 'file' works.
We hope to gradually add some of these back over the lifetime of RHEL 8.
While svirt_t can be used for sockets it does not always guarantee that it will
be accessible from a virtual machine. The VM might be running under svirt_tcg_t
context which will need a svirt_tcg_t label on the socket in order to access it.
There is, however, another label, svirt_socket_t, which is accessible from
virt_domain:
# sesearch -A -s svirt_t -c unix_stream_socket -p connectto
...
allow virt_domain svirt_socket_t:unix_stream_socket { ... connectto ... };
...
And virt_domain is a type attribute of both svirt_t and svirt_tcg_t:
# seinfo -x -a virt_domain
Type Attributes: 1
attribute virt_domain;
svirt_t
svirt_tcg_t
Resolves: https://bugzilla.redhat.com/1698437
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
(cherry picked from commit c2918b8b74)
nbdkit >= 1.6 ships a VDDK plugin always built, so recommend that
version instead of recommending to build nbdkit from sources.
(cherry picked from commit 0704d8eb0b)
When parsing "xdev"-kind devices, do not assume that the partition
number can be converted to integer: re_xdev accepts an empty part of the
partition number, so just handle as it is, as string.
This fixes a regression due to the conversion of the inspection code to
OCaml, as the old C version did not have this issue.
(cherry picked from commit cf6b527824)
Use a better icon for RHEL guests, still provided by redhat-logos (or
equivalent in downstream distributions), and which fits a better
definition of logo for the distribution.
Thanks to Ray Strode for the hints.
(cherry picked from commit c648052690)
We've been carrying this exact patch in RHEL 7 for several years. It
reverts the change made in 2014 where we switched to using the virbr0
bridge for libguestfs networking instead of SLIRP. We thought SLIRP
was going to become unsupported in qemu, but recently there have been
more encouraging signs since it looks like SLIRP will be spun off as a
separate project, running as a modular process and properly secured
and supported.
This reverts commit 224de20b9a.
(cherry picked from commit 492a945791)
So far RBufferOut return values, and FBuffer struct fields are 'str' on
all the versions of Python. Python 3 distinguishes between 'str'
(unicode strings), and 'bytes', with 'str' no more able to hold
arbitrary data.
For this reason, switch the return value of RBufferOut functions, and
FBuffer struct fields to bytes on Python 3: while this is a potentially
incompatibile change, this is the only way to handle safely sequences
of arbitrary bytes.
(cherry picked from commit 0ee02e0117)
Make sure to reference the arguments, to make sure they are kept alive
during the function call; this is visible when setting an event handler
for the CLOSE event, and testing it with Python 3.
This does not seem to create a memory leak e.g. with Python 2.
Also, switch away from the quasi-internal PyEval_CallObject to the
public PyObject_CallObject, which takes care of doing safety checks.
(cherry picked from commit 85235aec83)
Remove "Allow virtual machine download", added with
commit 37955f14aa, because it does not
seem to be actually needed.
Related: RHBZ#1530967
(cherry picked from commit 5e5896752e)
Do not assume that the Python plugin of nbdkit has the same name of the
Python interpreter.
Use the default upstream name of nbdkit to identify it; downstream
distributions must adjust this variable, in case they rename the Python
plugin of nbdkit.
(cherry picked from commit 6b80c5fb51)
Add few more characters for the devices of resume= entries in the
command line of grub: this way it is possible to match also /dev/mapper
devices.
This should require no further processing, since the names of the
/dev/mapper devices do not change after the conversion.
(cherry picked from commit 50b08fd84b)
The previous support documentation said that for UEFI guests, when
using RHEL ≥ 7.3 host, you must use qemu-kvm-rhev. For RHEL 8 this is
inaccurate since qemu-kvm-rhev no longer exists.
To fix this I've dropped the whole sentence. It only applies to the
downstream product (RHEL) and so RHEL can add the right documentation
if it needs to.
Thanks: Ming Xie, Pino Toscano.
(cherry picked from commit 0e6bbcee7e)
See:
https://bugzilla.redhat.com/show_bug.cgi?id=1584678#c15
Fixes commit bcdbe6405c. However this
bug was copied directly from old virt-v2v which did the same thing
(from lib/Sys/VirtConvert/Converter/Windows.pm):
echo installing rhev-apt >>log.txt
"rhev-apt.exe" /S /v /qn >>log.txt
Thanks: Lev Veyde
(cherry picked from commit e12c56176a)
QEMU for x86 supports two machine types, "pc" (emulating the ancient
Intel i440FX chipset originally used by the Pentium Pro), and "q35"
(https://wiki.qemu.org/Features/Q35).
Currently virt-v2v does not set any machine type, so libvirt or the
target hypervisor will choose some default, probably i440fx. The
latest advice from the QEMU and libvirt communities is not to rely on
the default machine type but to specify what we need explicitly, but
it may also be that the libvirt configuration file has been changed to
set the default machine type to Q35 (either by the distro or the end
user).
None of this matters for reasonably new guests since they can boot
with either chipset. However there are some very old guests (notably
Windows XP) which cannot handle Q35.
This commit changes virt-v2v so it always tries to specify the machine
type explicitly (assuming the target supports that, and not all of
them do). For x86_64 guests this patch always selects i440fx (pc).
In future we hope to get the correct machine type for the guest from
libosinfo but this is not available yet.
For non-x86 architectures we select the "virt" model which will
probably only work for AArch64. More work is needed for POWER.
For secure boot we still have to force the machine type to Q35. In a
future version this forcing can be removed since any guest which is
using secure boot will be new enough that it'll be using Q35 anyway
(on x86).
(cherry picked from commit 55879b2f2c)
Pass the LDFLAGS properly as arguments for the C linker when using
ocamlmklibs via the -ldopt option.
Followup of commit 34c23403c5.
(cherry picked from commit 4ff573c352)
After this commit, all annocheck errors are fixed except for:
Hardened: virt-get-kernel: MAYB: Gaps were detected in the annobin coverage. Run with -v to list.
After discussion with the annocheck maintainers this gap in coverage
(which corresponds to the OCaml runtime) seems to be caused either by
the runtime not being linked with the right flags, or might be a bug
in annocheck itself. In any case it's not something that can be
resolved within the scope of libguestfs.
(cherry picked from commit 34c23403c5)
OCaml has a small runtime which is statically linked into the virt
tools (providing things like GC and primitives). Since OCaml 4.03 it
has been possible to select variants of this runtime, one of which is
compiled with -fPIC, using ‘ocamlopt -runtime-variant _pic’.
This has performance implications on i686, but is relatively free on
other architectures. Since it (in theory) adds to the security of the
final binary this commit enables it whenever it is available.
(cherry picked from commit 09abb9c990)
The output method used the s_disk_id field assuming it was a unique,
monotonically increasing number counting from 0. However this is not
the case, the input method simply has to set s_disk_id to be unique
for each disk.
Fixes commit cc04573927.
Thanks: Xiaodai Wang
(cherry picked from commit 90c9c12258)
This device naming is mostly written by virt-p2v, so get the slot from
it directly without using the drive_index "decoding" function.
(cherry picked from commit c9abaa3e96)
Search for DC by 'storage.name=' to make it explicit.
I.e. "storage=" uses regex, so similar names can be
found in the search query. For example, searching for
a domain named FCSD, will find FCSD1 as well.
Due to a conflict with the IDs of the OVF standard, and the existing
implementation in ovirt-engine, the ID of QXL devices changed to a
different value.
As a consequence, change the ResourceType of QXL devices, but only in
OVirt flavour to avoid breaking vdsm mode.
See: https://bugzilla.redhat.com/show_bug.cgi?id=1598715#c5
(cherry picked from commit aa9e18f6d1)
