Switch from xmlParse* to xmlRead* so we can explicitly specify parsing
flags, including no network usage and no entity resolution.
The two behaviours mentioned above were not done before either, so this
should not introduce behaviour changes in libguestfs.
(cherry picked from commit 845daded5f)
The old parser had several problems: firstly it called the error path
sometimes without calling reply_with_error causing a protocol hang.
More seriously it had hard-coded line numbers, and since Fedora 21 the
output of xfs_info has changed, moving lines around.
Change the parser to be more robust against added fields by using the
first name on the line as the section name, thus 'bsize=' is
interpreted differently depending on whether it appears in the "data"
section or the "naming" section.
Ensure also that we don't call the error path without calling
reply_with_error, which is a side-effect of the above change.
(cherry picked from commit 8abd0a83b3)
(cherry picked from commit adcdc44004)
When using the guestfish --remote or guestfish --listen options,
guestfish would create a socket in a known location
(/tmp/.guestfish-$UID/socket-$PID).
The location has to be a known one in order for both ends to
communicate. However no checking was done that the containing
directory (/tmp/.guestfish-$UID) is owned by the user. Thus another
user could create this directory and potentially modify sockets owned
by another user's guestfish client or server.
This commit fixes the issue by creating the directory unconditionally,
and then checking that the directory has the correct owner and
permissions, thus preventing another user from creating the directory
first.
If guestfish sees a suspicious socket directory it will print an error
like this and exit with an error status:
guestfish: '/tmp/.guestfish-1000' is not a directory or has insecure owner or permissions
Thanks: Michael Scherer for discovering this issue.
Version 2:
- Add assigned CVE number.
- Update documentation.
Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 54fb09e052)
(cherry picked from commit b23fca294e)
This change avoids the hard requirement for qemu-tools during package
build.
Signed-off-by: Olaf Hering <olaf@aepfle.de>
(cherry picked from commit cb7b1c56b7)
(cherry picked from commit 9b62b700ba)
When using guestfish --remote, libguestfs is not the parent of qemu,
so waitpid is expected to return -ECHILD. And indeed guestfish --remote
would print a bogus error message in this case:
libguestfs: error: waitpid (qemu): No child processes
If the parent process forked into the background, then it should have
called 'set_recovery_proc 0' so we can use this to determine if we
need to wait for qemu.
Thanks: Kazuya Saito for reporting and identifying the issue.
(cherry picked from commit a843b5e5e3)
(cherry picked from commit 8b354dbbfd)
This was accidentally moved by this commit:
commit b8b5ed65c2
Author: Richard W.M. Jones <rjones@redhat.com>
Date: Wed May 23 11:46:23 2012 +0100
FAQ: Add section about using libguestfs in closed source programs.
(cherry picked from commit 0a484e868f)
(cherry picked from commit e02bbeabb1)
The link was broken, and we don't support Ubuntu 10.04 (maybe the
'oldlinux' branch does).
(cherry picked from commit 937a9a3532)
(cherry picked from commit 023dc6f23c)
This is modelled on similar code in the daemon that we have used
successfully for a long time.
(cherry picked from commit 35278e4c18)
(cherry picked from commit 7fd3b1cc8a)
list-filesystems was returning NULL (but not setting an error) if no
filesystems were found. Instead return an empty list.
(cherry picked from commit f1d2934216)
(cherry picked from commit 1930966100)
For some historical reason, it was stuck in src/launch-direct.c and
the comment referred to launch-appliance.c!
(cherry picked from commit 00cbb5c185)
(cherry picked from commit 750841e389)
Added in 2009, unlikely it still works since I doubt it has been
compiled since then.
(cherry picked from commit 36d29700dc)
(cherry picked from commit 18995c0857)
The homebrew function didn't recognize /dev/ubd* device names, and in
any case using the API function is shorter and clearer.
(cherry picked from commit 4275404626)
(cherry picked from commit b312c245d3)
Useful for debugging kernel / architecture issues. Note this
has no effect if debugging is disabled.
(cherry picked from commit 6c2fad11ac)
(cherry picked from commit 9fc75d4133)
This is also called implicitly from internal_autosync, ensuring that
exit won't fail because of an open handle.
libguestfs: error: internal_autosync: umount: /sysroot: umount: /sysroot: target is busy.
(In some cases useful info about processes that use
the device is found by lsof(8) or fuser(1))
Cherry picked from commit ce6e5738fc
and modified to remove references to the journal.
(cherry picked from commit 4d5da455cc)
The code in do_part_get_bootable() assumes that if a partition has the
bootable flag set, then that is the only flag. It compares the entire
flags field with the string "boot". However, the boot flag isn't
always the only flag. For instance, POWER systems typically have a
bootable partition of type 0x41 (PPC PReP boot), which parted -m
displays as:
# parted -m -- f18.img unit b print
BYT;
/root/f18.img:16106127360B:file:512:512:msdos::;
1:1048576B:5242879B:4194304B:::boot, prep;
That is, the flags field contains "boot, prep", and thus libguestfs
fails to see that this partition is bootable. Ultimately this causes
virt-resize to fail to set the bootable flag on the boot partition of
the destination image, resulting in an image that won't boot.
This patch fixes the problem by searching for the string "boot" within
the flags field, instead of comparing the whole flags field.
(cherry picked from commit 7c535c501b)
(cherry picked from commit 6d80000dd6)
This is just code motion. It should affect the semantics of the code,
nor how the appliance VM is created.
(cherry picked from commit 568368cdf5)
(cherry picked from commit 0fdc3f478d)
Return an empty string (instead of an error) if no capabilities are
set on a file, and document that in the API.
(cherry picked from commit c663ab3bb9)
(cherry picked from commit 01df523fff)
