NAME

guestfs-release-notes - libguestfs Release Notes

RELEASE NOTES FOR LIBGUESTFS 1.26

These release notes only cover the differences from the previous stable/dev branch split (1.24.0). For detailed changelogs, please see the git repository, or the ChangeLog file distributed in the tarball.

New features

Tools

virt-customize(1) is a new tool for customizing virtual machine disk images. It lets you install packages, edit configuration files, run scripts, set passwords and so on. virt-builder(1) and virt-sysprep(1) use virt-customize, and command line options across all these tools are now identical.

virt-diff(1) is a new tool for showing the differences between the filesystems of two virtual machines. It is mainly useful when showing what files have been changed between snapshots.

virt-builder(1) has been greatly enhanced. There are many more ways to customize the virtual machine. It can pull templates from multiple repositories. A parallelized internal xzcat implementation speeds up template decompression. Virt-builder uses an optimizing planner to choose the fastest way to build the VM. It is now easier to use virt-builder from other programs. Internationalization support has been added to metadata. More efficient SELinux relabelling of files. Can build guests for multiple architectures. Error messages have been improved. (Pino Toscano)

virt-sparsify(1) has a new --in-place option. This sparsifies an image in place (without copying it) and is also much faster. (Lots of help provided by Paolo Bonzini)

virt-sysprep(1) can delete and scrub files under user control. You can lock user accounts or set random passwords on accounts. Can remove more log files. Can unsubscribe a guest from Red Hat Subscription Manager. New flexible way to enable and disable operations. (Wanlong Gao, Pino Toscano)

virt-win-reg(1) allows you to use URIs to specify remote disk images.

virt-format(1) can now pass the extra space that it recovers back to the host.

guestfish(1) has additional environment variables to give fine control over the ><fs> prompt. Guestfish reads its (rarely used) configuration file in a different order now so that local settings override global settings. (Pino Toscano)

virt-make-fs(1) was rewritten in C, but is unchanged in terms of functionality and command line usage.

Language bindings

The OCaml bindings have a new Guestfs.Errno module, used to check the error number returned by Guestfs.last_errno.

PHP tests now work. (Pino Toscano)

Inspection

Inspection can recognize Debian live images.

Architectures

ARMv7 (32 bit) now supports KVM acceleration.

Aarch64 (ARM 64 bit) is supported, but the appliance part does not work yet.

PPC64 support has been fixed and enhanced.

Security

Denial of service when inspecting disk images with corrupt btrfs volumes

It was possible to crash libguestfs (and programs that use libguestfs as a library) by presenting a disk image containing a corrupt btrfs volume.

This was caused by a NULL pointer dereference causing a denial of service, and is not thought to be exploitable any further.

See commit d70ceb4cbea165c960710576efac5a5716055486 for the fix. This fix is included in libguestfs stable branches ≥ 1.26.0, ≥ 1.24.6 and ≥ 1.22.8, and also in RHEL ≥ 7.0. Earlier versions of libguestfs are not vulnerable.

Better generation of random root passwords and random seeds

When generating random root passwords and random seeds, two bugs were fixed which are possibly security related. Firstly we no longer read excessive bytes from /dev/urandom (most of which were just thrown away). Secondly we changed the code to avoid modulo bias. These issues were not thought to be exploitable. (Both changes suggested by Edwin Török)

API

GUID parameters are now validated when they are passed to API calls, whereas previously you could have passed any string. (Pino Toscano)

New APIs

guestfs_add_drive_opts: new discard parameter

The new discard parameter allows fine-grained control over discard/trim support for a particular disk. This allows the host file to become more sparse (or thin-provisioned) when you delete files or issue the guestfs_fstrim API call.

guestfs_add_domain: new parameters: cachemode, discard

These parameters are passed through when adding the domain's disks.

guestfs_blkdiscard

Discard all blocks on a guestfs device. Combined with the discard parameter above, this makes the host file sparse.

guestfs_blkdiscardzeroes

Test if discarded blocks read back as zeroes.

guestfs_compare_*
guestfs_copy_*

For each struct returned through the API, libguestfs now generates guestfs_compare_* and guestfs_copy_* functions to allow you to compare and copy structs.

guestfs_copy_attributes

Copy attributes (like permissions, xattrs, ownership) from one file to another. (Pino Toscano)

guestfs_disk_create

A flexible API for creating empty disk images from scratch. This avoids the need to call out to external programs like qemu-img(1).

guestfs_get_backend_settings
guestfs_set_backend_settings

Per-backend settings (can also be set via the environment variable LIBGUESTFS_BACKEND_SETTINGS). The main use for this is forcing TCG mode in the qemu-based backends, for example:

 export LIBGUESTFS_BACKEND=direct
 export LIBGUESTFS_BACKEND_SETTINGS=force_tcg
guestfs_part_get_name

Get the label or name of a partition (for GPT disk images).

Build changes

The following extra packages are required to build libguestfs 1.26:

supermin ≥ 5

Supermin version 5 is required to build this version of libguestfs.

flex, bison

Virt-builder now uses a real parser to parse its metadata file, so these tools are required.

xz

This is now a required build dependency, where previously it was (in theory) optional.

Internals

PO message extraction rewritten to be more robust. (Pino Toscano)

podwrapper gives an error if the --insert or --verbatim argument pattern is not found.

Libguestfs now passes the qemu -enable-fips option to enable FIPS, if qemu supports it.

./configure --without-qemu can be used if you don't want to specify a default hypervisor.

Copy-on-write [COW] overlays, used for example for read-only drives, are now created through an internal backend API (.create_cow_overlay).

Libvirt backend uses some funky C macros to generate XML. These are simpler and safer.

The ChangeLog file format has changed. It is now just the same as git log, instead of using a custom format.

Appliance start-up has changed:

Libguestfs can now be built on arches that have ocamlc(1) but not ocamlopt(1). (Hilko Bengen, Olaf Hering)

You cannot use ./configure --disable-daemon --enable-appliance. It made no sense anyway. Now it is expressly forbidden by the configure script.

The packagelist file uses m4 for macro expansion instead of cpp.

Bugs fixed

https://bugzilla.redhat.com/1073906

java bindings inspect_list_applications2 throws java.lang.ArrayIndexOutOfBoundsException:

https://bugzilla.redhat.com/1063374

[RFE] enable subscription manager clean or unregister operation to sysprep

https://bugzilla.redhat.com/1060404

virt-resize does not preserve GPT partition names

https://bugzilla.redhat.com/1057504

mount-local should give a clearer error if root is not mounted

https://bugzilla.redhat.com/1056290

virt-sparsify overwrites block devices if used as output files

https://bugzilla.redhat.com/1055452

libguestfs: error: invalid backend: appliance

https://bugzilla.redhat.com/1054761

guestfs_pvs prints "unknown device" if a physical volume is missing

https://bugzilla.redhat.com/1053847

Recommended default clock/timer settings

https://bugzilla.redhat.com/1046509

ruby-libguestfs throws "expecting 0 or 1 arguments" on Guestfs::Guestfs.new

https://bugzilla.redhat.com/1045450

Cannot inspect cirros 0.3.1 disk image fully

https://bugzilla.redhat.com/1045033

LIBVIRT_DEFAULT_URI=qemu:///system breaks libguestfs

https://bugzilla.redhat.com/1044585

virt-builder network (eg. --install) doesn't work if resolv.conf sets nameserver 127.0.0.1

https://bugzilla.redhat.com/1044014

When SSSD is installed, libvirt configuration requires authentication, but not clear to user

https://bugzilla.redhat.com/1039995

virt-make-fs fails making fat/vfat whole disk: Device partition expected, not making filesystem on entire device '/dev/sda' (use -I to override)

https://bugzilla.redhat.com/1039540

virt-sysprep to delete more logfiles

https://bugzilla.redhat.com/1033207

RFE: libguestfs inspection does not recognize Free4NAS live CD

https://bugzilla.redhat.com/1028660

RFE: virt-sysprep/virt-builder should have an option to lock a user account

https://bugzilla.redhat.com/1026688

libguestfs fails examining libvirt guest with ceph drives: rbd: image name must begin with a '/'

https://bugzilla.redhat.com/1022431

virt-builder fails if $HOME/.cache doesn't exist

https://bugzilla.redhat.com/1022184

libguestfs: do not use versioned jar file

https://bugzilla.redhat.com/1020806

All libguestfs LVM operations fail on Debian/Ubuntu

https://bugzilla.redhat.com/1008417

Need update helpout of part-set-gpt-type

https://bugzilla.redhat.com/953907

virt-sysprep does not correctly set the hostname on Debian/Ubuntu

https://bugzilla.redhat.com/923355

guestfish prints literal "\n" in error messages

https://bugzilla.redhat.com/660687

guestmount: "touch" command fails: touch: setting times of `timestamp': Invalid argument

https://bugzilla.redhat.com/593511

[RFE] function to get partition name

https://bugzilla.redhat.com/563450

list-devices returns devices of different types out of order

SEE ALSO

guestfs-examples(1), guestfs-faq(1), guestfs-performance(1), guestfs-recipes(1), guestfs-testing(1), guestfs(3), guestfish(1), http://libguestfs.org/

AUTHOR

Richard W.M. Jones

COPYRIGHT

Copyright (C) 2009-2023 Red Hat Inc.

LICENSE

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

BUGS

To get a list of bugs against libguestfs, use this link: https://bugzilla.redhat.com/buglist.cgi?component=libguestfs&product=Virtualization+Tools

To report a new bug against libguestfs, use this link: https://bugzilla.redhat.com/enter_bug.cgi?component=libguestfs&product=Virtualization+Tools

When reporting a bug, please supply: