Python is broken and requires that we include <Python.h> before all
other headers so it can make inadvisable definitions of
_POSIX_C_SOURCE and other things. This wasn't a problem before, but a
recent change to glibc makes this necessary now.
See also a similar commit in nbdkit:
f924c3c34b
I also removed the -Wcast-align suppression as that is no longer
needed.
It tests a corner case that we don't experience in real life (although
it can happen). Moreover the test often hangs, so we're not proving
anything except that there's a very obscure bug that we haven't fixed
and probably won't ever fix.
Part of this test uses `qemu-nbd -k SOCKPATH`, and passes
that socket to libvirt. SOCKPATH will have label user_home_t,
which svirt_t can't access, so running with selinux enforcing this
test will always fail.
Manually change the socket label to svirt_image_t which makes
selinux happy.
Note: libvirt does not relabel most (all?) externally managed socket
paths. I think this is correct, since in theory this could be a
socket shared with other processes, so its up to the user to ensure
DAC/MAC permissions are acceptable for their usecase.
Signed-off-by: Cole Robinson <crobinso@redhat.com>
really what we need is sgdisk in the appliance, but for test suite
purposes this check is enough IMO
Signed-off-by: Cole Robinson <crobinso@redhat.com>
To match other non-libtool tests.
Before: PASS: /path/to/libguestfs.git/tests/c-api/.libs/test-config
After: PASS: c-api/.libs/test-config
Signed-off-by: Cole Robinson <crobinso@redhat.com>
When iterating on commit 3c1554e7f2 ("lib: Add new app2_class field
for classifying applications") in early versions I was accidentally
passing NULL to match(). Unexpectedly this returned 1 (ie. matching).
This happened because we did not correctly handle other errors apart
from PCRE2_ERROR_NOMATCH from pcre2_match.
Emit a debug message when this happens, and return no match.
To test this I ran these commands, and there was no output:
$ make && LIBGUESTFS_DEBUG=1 LIBGUESTFS_TRACE=1 make check
$ find -name '*.log' | xargs grep 'match.*unexpected error'
Windows group policy objects (GPOs) are restrictions that can be added
by an administrator to Windows to lock down various operations. From
our point of view the ones that matter involve restricting the ability
to inject device drivers.
Previously virt-v2v detected group policy here:
9bb2e7d470/convert/convert_windows.ml (L69)
We would like to report group policy through the libguestfs API and
tools such as virt-inspector, so move the code that is used to detect
group policy to libguestfs. A new API is introduced that returns
whether group policy was found (only for Windows guests) during
inspection of the software registry.
Fixes: https://issues.redhat.com/browse/RHEL-125846
For McAfee VirusScan, the name is bogus and the display name is the
actual name:
<application>
<name>{CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF}</name>
<display_name>McAfee VirusScan Enterprise</display_name>
<version>8.8.04001</version>
<install_path>C:Program Files (x86)McAfeeVirusScan Enterprise\</install_path>
<publisher>McAfee, Inc.</publisher>
<url>http://www.mcafeesecurity.com/</url>
</application>
Simplify the existing ad hoc code so we just match name, display name
and publisher (if present) against all the virus scanning strings.
Existing virt-v2v code uses some simple heuristics for detecting
Windows anti-virus software:
7520185504/convert/windows.ml
Replicate exactly this code as a new field in the struct returned by
guestfs_inspect_get_applications2. Because of limitations with the
API, we must use one of the existing spare fields in the struct, and
it must have the same type (a string), so we are limited in the design
of this new API. I chose to return a primary classification for the
application, with the only classification possible so far being
"antivirus" (or "" if not). This allows the possibility of future
expansion of use of this field if we need to in future.
Fixes: https://issues.redhat.com/browse/RHEL-125846
This is currently broken, and gobject bits are slated to be
removed entirely, so just disable this test.
Signed-off-by: Cole Robinson <crobinso@redhat.com>
Convert to TypedData_Get_Struct which has been in ruby since 2009
Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: Cole Robinson <crobinso@redhat.com>
It was added in d4a1c3a778 for gnulib, but since then gnulib
is no longer a submodule, and it does not seem to be required
for the build anylonger.
Signed-off-by: Cole Robinson <crobinso@redhat.com>
This reverts "m4: Add junk required to make 'AM_GNU_GETTEXT' work"
commit b9f75ca5b8
And replaces AM_GNU_GETTEXT call with a simpler LIBINTL check
(recommended by claude).
For linux builds on glibc it doesn't appear we need anything
from autotools here, since libintl.h is always available.
For some other cases like macos I think this new minimal check
covers us in the common case.
There are definitely more obscure corner cases that gettext
m4 magic covers but I suspect none of them really matter for
any platforms libguestfs already functions on.
Signed-off-by: Cole Robinson <crobinso@redhat.com>
This tests adding a running libvirt domain to libguestfs.
This was never really a safe real-world example AFAICT because it
creates qemu overlays on top of disks that are opened writeable
by the source guest.
Nowadays qemu uses write locks to reject this type of behavior,
and the test fails.
Adjust things so the source VM opens its storage readonly, but
we are still confirming that add_libvirt_dom doesn't mess up
selinux labels.
Signed-off-by: Cole Robinson <crobinso@redhat.com>
