mirrors/libguestfs
1
0
Fork 0
mirror of https://github.com/libguestfs/libguestfs.git synced 2026-03-21 22:53:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
rhel-9.1
libguestfs/lib
History
Laszlo Ersek 51ea2e3af9 introduce the "clevis_luks_unlock" API 
Introduce a new guestfs API called "clevis_luks_unlock". At the libguestfs
level, it is quite simple; it wraps the "clevis luks unlock" guest command
(implemented by the "clevis-luks-unlock" executable, which is in fact a
shell script).

The complexity is instead in the network-based disk encryption
(Clevis/Tang) scheme. Useful documentation:

- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html-single/security_hardening/index#configuring-automated-unlocking-of-encrypted-volumes-using-policy-based-decryption_security-hardening
- https://github.com/latchset/clevis#clevis
- https://github.com/latchset/tang#tang

The package providing "clevis-luks-unlock" is usually called
"clevis-luks", occasionally "clevis". Some distros don't package clevis at
all. Add the new API under a new option group (which may not be available)
called "clevisluks".

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1809453
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20220630122048.19335-3-lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 9a3e9a6c03)
2022-07-06 17:17:56 +01:00
..
local
build: fix includedir in uninstalled libguestfs.pc
2020-09-22 18:12:05 +02:00
actions-support.c
Update copyright dates to 2020.
2020-03-06 19:32:32 +00:00
alloc.c
Update copyright dates to 2020.
2020-03-06 19:32:32 +00:00
appliance-cpu.c
appliance: Use -cpu max.
2021-01-28 14:04:29 +00:00
appliance-kcmdline.c
appliance: don't read extfs signature from QCOW2 image directly
2022-05-12 14:46:44 +01:00
appliance-uefi.c
Fix minor typos
2020-08-24 16:24:38 +01:00
appliance.c
lib: Remove User-Mode Linux
2022-03-09 09:28:02 +00:00
available.c
canonical-name.c
lib/canonical-name.c: Hide errors from underlying API call.
2020-10-12 10:46:10 +01:00
command.c
lib: command: If command fails, exit with 126 or 127 as defined by POSIX.
2017-11-16 12:55:19 +00:00
conn-socket.c
Update copyright dates to 2020.
2020-03-06 19:32:32 +00:00
copy-in-out.c
Use Unicode single quotes ‘’ in place of short single quoted strings throughout.
2017-04-04 18:47:37 +01:00
create.c
lib: Autodetect backing format for qemu-img create -b
2021-08-31 08:35:52 +01:00
drives.c
RHEL: Disable unsupported remote drive protocols (RHBZ#962113).
2022-07-06 17:17:56 +01:00
errors.c
lib, lua: Fix usage of strerror_r
2021-12-09 13:46:28 +00:00
events.c
Remove use of gnulib glthread.
2021-04-08 11:12:17 +01:00
file.c
lib: Allow an extension to be specified in guestfs_int_make_temp_path.
2017-09-21 18:05:07 +01:00
fuse.c
Remove use of gnulib glthread.
2021-04-08 11:12:17 +01:00
guestfs-internal-all.h
Port libguestfs to use pcre2 instead of pcre.
2021-03-16 11:24:37 +00:00
guestfs-internal.h
lib: drive_create_data, drive: remove field "iface"
2022-07-06 17:17:56 +01:00
guestfs.pod
introduce the "clevis_luks_unlock" API
2022-07-06 17:17:56 +01:00
guid.c
handle.c
lib/guestfs-internal.h: Remove need to include gnulib "hash.h" here.
2021-04-08 11:12:17 +01:00
info.c
lib: Use qemu-img info -U option to avoid locking error.
2018-11-02 13:19:51 +00:00
inspect-apps.c
inspection: Fix inspection of recent RPM guests using non-BDB.
2021-03-26 16:26:00 +00:00
inspect-icon.c
Add detection support for Rocky Linux (CentOS/RHEL-like)
2021-12-10 09:09:47 +00:00
inspect-osinfo.c
Add detection support for Rocky Linux (CentOS/RHEL-like)
2021-12-10 09:09:47 +00:00
journal.c
lib: Allow an extension to be specified in guestfs_int_make_temp_path.
2017-09-21 18:05:07 +01:00
launch-direct.c
lib: launch-direct: ignore drive "iface" parameter
2022-07-06 17:17:56 +01:00
launch-libvirt.c
lib: drive_create_data, drive: remove field "iface"
2022-07-06 17:17:56 +01:00
launch.c
lib: Remove User-Mode Linux
2022-03-09 09:28:02 +00:00
libguestfs.pc.in
lib: remove extra @LIBS@ from pkg-config file
2020-03-12 11:45:30 +01:00
libvirt-auth.c
Use Unicode single quotes ‘’ in place of short single quoted strings throughout.
2017-04-04 18:47:37 +01:00
libvirt-domain.c
lib: drive_create_data, drive: remove field "iface"
2022-07-06 17:17:56 +01:00
libvirt-is-version.c
lpj.c
Remove use of gnulib glthread.
2021-04-08 11:12:17 +01:00
Makefile.am
guestfs_readdir(): rewrite with FileOut transfer, to lift protocol limit
2022-07-06 17:17:56 +01:00
match.c
Port libguestfs to use pcre2 instead of pcre.
2021-03-16 11:24:37 +00:00
MAX_PROC_NR
introduce the "clevis_luks_unlock" API
2022-07-06 17:17:56 +01:00
mountable.c
utils: Split out structs cleanups and printing into common/structs.
2017-07-10 17:01:59 +01:00
private-data.c
Remove use of gnulib glthread.
2021-04-08 11:12:17 +01:00
proto.c
lib/proto: suppress "may be used uninitialized" in send_file_complete()
2021-10-12 16:48:01 +02:00
qemu.c
lib/qemu.c: Suppress another bogus -fanalyser warning.
2021-01-28 12:27:41 +00:00
readdir.c
guestfs_readdir(): rewrite with FileOut transfer, to lift protocol limit
2022-07-06 17:17:56 +01:00
rescue.c
New API: internal-get-console-socket to support virt-rescue.
2017-03-07 12:47:51 +00:00
stringsbuf.c
tmpdirs.c
tmpdirs: Make the ‘su broken’ error message actionable.
2018-02-07 17:26:58 +00:00
tsk.c
lib: Ignore a bunch of bogus GCC 11 warnings.
2021-01-05 10:09:21 +00:00
umask.c
unit-tests.c
lib: rename VALID_FORMAT_IFACE to VALID_FORMAT
2022-07-06 17:17:56 +01:00
version.c
Port libguestfs to use pcre2 instead of pcre.
2021-03-16 11:24:37 +00:00
wait.c
whole-file.c
Update copyright dates to 2020.
2020-03-06 19:32:32 +00:00
yara.c
lib: Ignore a bunch of bogus GCC 11 warnings.
2021-01-05 10:09:21 +00:00