[libvirt] ANNOUNCE: libguestfs 1.26 released

Thu Mar 27 22:26:42 UTC 2014

I'm pleased to announce libguestfs 1.26, a library and set of tools
for accessing and modifying virtual machine disk images.  This release
took more than 6 months of work by a considerable number of people,
and has many new features (see release notes below).

You can get libguestfs 1.26 here:

Main website:     http://libguestfs.org/

      Source:     http://libguestfs.org/download/1.26-stable/
                  You will also need latest supermin from here:
                  http://libguestfs.org/download/supermin/

Fedora 20/21:     http://koji.fedoraproject.org/koji/packageinfo?packageID=8391
                  It will appear as an update for F20 in about a week.

Debian/experimental coming soon, see:
                  https://packages.debian.org/experimental/libguestfs0

The Fedora and Debian packages have split dependencies so you can
download just the features you need.

>From http://libguestfs.org/guestfs-release-notes.1.html :

RELEASE NOTES FOR LIBGUESTFS 1.26

 New features

  Tools

    virt-customize(1) is a new tool for customizing virtual machine disk
    images. It lets you install packages, edit configuration files, run
    scripts, set passwords and so on. virt-builder(1) and virt-sysprep(1)
    use virt-customize, and command line options across all these tools are
    now identical.

    virt-diff(1) is a new tool for showing the differences between the
    filesystems of two virtual machines. It is mainly useful when showing
    what files have been changed between snapshots.

    virt-builder(1) has been greatly enhanced. There are many more ways to
    customize the virtual machine. It can pull templates from multiple
    repositories. A parallelized internal xzcat implementation speeds up
    template decompression. Virt-builder uses an optimizing planner to
    choose the fastest way to build the VM. It is now easier to use
    virt-builder from other programs. Internationalization support has been
    added to metadata. More efficient SELinux relabelling of files. Can
    build guests for multiple architectures. Error messages have been
    improved. (Pino Toscano)

    virt-sparsify(1) has a new --in-place option. This sparsifies an image
    in place (without copying it) and is also much faster. (Lots of help
    provided by Paolo Bonzini)

    virt-sysprep(1) can delete and scrub files under user control. You can
    lock user accounts or set random passwords on accounts. Can remove more
    log files. Can unsubscribe a guest from Red Hat Subscription Manager.
    New flexible way to enable and disable operations. (Wanlong Gao, Pino
    Toscano)

    virt-win-reg(1) allows you to use URIs to specify remote disk images.

    virt-format(1) can now pass the extra space that it recovers back to
    the host.

    guestfish(1) has additional environment variables to give fine control
    over the ><fs> prompt. Guestfish reads its (rarely used) configuration
    file in a different order now so that local settings override global
    settings. (Pino Toscano)

    virt-make-fs(1) was rewritten in C, but is unchanged in terms of
    functionality and command line usage.

  Language bindings

    The OCaml bindings have a new Guestfs.Errno module, used to check the
    error number returned by Guestfs.last_errno.

    PHP tests now work. (Pino Toscano)

  Inspection

    Inspection can recognize Debian live images.

  Architectures

    ARMv7 (32 bit) now supports KVM acceleration.

    Aarch64 (ARM 64 bit) is supported, but the appliance part does not work
    yet.

    PPC64 support has been fixed and enhanced.

 Security

    Denial of service when inspecting disk images with corrupt btrfs
    volumes

      It was possible to crash libguestfs (and programs that use libguestfs
      as a library) by presenting a disk image containing a corrupt btrfs
      volume.

      This was caused by a NULL pointer dereference causing a denial of
      service, and is not thought to be exploitable any further.

      See commit d70ceb4cbea165c960710576efac5a5716055486 for the fix. This
      fix is included in libguestfs stable branches ≥ 1.26.0, ≥ 1.24.6 and
      ≥ 1.22.8, and also in RHEL ≥ 7.0. Earlier versions of libguestfs are
      not vulnerable.

    Better generation of random root passwords and random seeds

      When generating random root passwords and random seeds, two bugs were
      fixed which are possibly security related. Firstly we no longer read
      excessive bytes from /dev/urandom (most of which were just thrown
      away). Secondly we changed the code to avoid modulo bias. These
      issues were not thought to be exploitable. (Both changes suggested by
      Edwin Török)

 API

    GUID parameters are now validated when they are passed to API calls,
    whereas previously you could have passed any string. (Pino Toscano)

  New APIs

    guestfs_add_drive_opts: new discard parameter

      The new discard parameter allows fine-grained control over
      discard/trim support for a particular disk. This allows the host file
      to become more sparse (or thin-provisioned) when you delete files or
      issue the guestfs_fstrim API call.

    guestfs_add_domain: new parameters: cachemode, discard

      These parameters are passed through when adding the domain's disks.

    guestfs_blkdiscard

      Discard all blocks on a guestfs device. Combined with the discard
      parameter above, this makes the host file sparse.

    guestfs_blkdiscardzeroes

      Test if discarded blocks read back as zeroes.

    guestfs_compare_*

    guestfs_copy_*

      For each struct returned through the API, libguestfs now generates
      guestfs_compare_* and guestfs_copy_* functions to allow you to
      compare and copy structs.

    guestfs_copy_attributes

      Copy attributes (like permissions, xattrs, ownership) from one file
      to another. (Pino Toscano)

    guestfs_disk_create

      A flexible API for creating empty disk images from scratch. This
      avoids the need to call out to external programs like qemu-img(1).

    guestfs_get_backend_settings

    guestfs_set_backend_settings

      Per-backend settings (can also be set via the environment variable
      LIBGUESTFS_BACKEND_SETTINGS). The main use for this is forcing TCG
      mode in the qemu-based backends, for example:

       export LIBGUESTFS_BACKEND=direct
       export LIBGUESTFS_BACKEND_SETTINGS=force_tcg

    guestfs_part_get_name

      Get the label or name of a partition (for GPT disk images).

 Build changes

    The following extra packages are required to build libguestfs 1.26:

    supermin ≥ 5

      Supermin version 5 is required to build this version of libguestfs.

    flex, bison

      Virt-builder now uses a real parser to parse its metadata file, so
      these tools are required.

    xz

      This is now a required build dependency, where previously it was (in
      theory) optional.

 Internals

    PO message extraction rewritten to be more robust. (Pino Toscano)

    podwrapper gives an error if the --insert or --verbatim argument
    pattern is not found.

    Libguestfs now passes the qemu -enable-fips option to enable FIPS, if
    qemu supports it.

    ./configure --without-qemu can be used if you don't want to specify a
    default hypervisor.

    Copy-on-write [COW] overlays, used for example for read-only drives,
    are now created through an internal backend API (.create_cow_overlay).

    Libvirt backend uses some funky C macros to generate XML. These are
    simpler and safer.

    The ChangeLog file format has changed. It is now just the same as git
    log, instead of using a custom format.

    Appliance start-up has changed:

      * The libguestfs appliance now initializes LVM the same way as it is
      done on physical machines.

      * The libguestfs appliance does not write an empty string to
      /proc/sys/kernel/hotplug when starting up.

      Note that you must configure your kernel to have
      CONFIG_UEVENT_HELPER_PATH="" otherwise you will get strange LVM
      errors (this applies as much to any Linux machine, not just
      libguestfs). (Peter Rajnoha)

    Libguestfs can now be built on arches that have ocamlc(1) but not
    ocamlopt(1). (Hilko Bengen, Olaf Hering)

    You cannot use ./configure --disable-daemon --enable-appliance. It made
    no sense anyway. Now it is expressly forbidden by the configure script.

    The packagelist file uses m4 for macro expansion instead of cpp.

 Bugs fixed

    https://bugzilla.redhat.com/1073906

      java bindings inspect_list_applications2 throws
      java.lang.ArrayIndexOutOfBoundsException:

    https://bugzilla.redhat.com/1063374

      [RFE] enable subscription manager clean or unregister operation to
      sysprep

    https://bugzilla.redhat.com/1060404

      virt-resize does not preserve GPT partition names

    https://bugzilla.redhat.com/1057504

      mount-local should give a clearer error if root is not mounted

    https://bugzilla.redhat.com/1056290

      virt-sparsify overwrites block devices if used as output files

    https://bugzilla.redhat.com/1055452

      libguestfs: error: invalid backend: appliance

    https://bugzilla.redhat.com/1054761

      guestfs_pvs prints "unknown device" if a physical volume is missing

    https://bugzilla.redhat.com/1053847

      Recommended default clock/timer settings

    https://bugzilla.redhat.com/1046509

      ruby-libguestfs throws "expecting 0 or 1 arguments" on
      Guestfs::Guestfs.new

    https://bugzilla.redhat.com/1045450

      Cannot inspect cirros 0.3.1 disk image fully

    https://bugzilla.redhat.com/1045033

      LIBVIRT_DEFAULT_URI=qemu:///system breaks libguestfs

    https://bugzilla.redhat.com/1044585

      virt-builder network (eg. --install) doesn't work if resolv.conf sets
      nameserver 127.0.0.1

    https://bugzilla.redhat.com/1044014

      When SSSD is installed, libvirt configuration requires
      authentication, but not clear to user

    https://bugzilla.redhat.com/1039995

      virt-make-fs fails making fat/vfat whole disk: Device partition
      expected, not making filesystem on entire device '/dev/sda' (use -I
      to override)

    https://bugzilla.redhat.com/1039540

      virt-sysprep to delete more logfiles

    https://bugzilla.redhat.com/1033207

      RFE: libguestfs inspection does not recognize Free4NAS live CD

    https://bugzilla.redhat.com/1028660

      RFE: virt-sysprep/virt-builder should have an option to lock a user
      account

    https://bugzilla.redhat.com/1026688

      libguestfs fails examining libvirt guest with ceph drives: rbd: image
      name must begin with a '/'

    https://bugzilla.redhat.com/1022431

      virt-builder fails if $HOME/.cache doesn't exist

    https://bugzilla.redhat.com/1022184

      libguestfs: do not use versioned jar file

    https://bugzilla.redhat.com/1020806

      All libguestfs LVM operations fail on Debian/Ubuntu

    https://bugzilla.redhat.com/1008417

      Need update helpout of part-set-gpt-type

    https://bugzilla.redhat.com/953907

      virt-sysprep does not correctly set the hostname on Debian/Ubuntu

    https://bugzilla.redhat.com/923355

      guestfish prints literal "\n" in error messages

    https://bugzilla.redhat.com/660687

      guestmount: "touch" command fails: touch: setting times of
      `timestamp': Invalid argument

    https://bugzilla.redhat.com/593511

      [RFE] function to get partition name

    https://bugzilla.redhat.com/563450

      list-devices returns devices of different types out of order

---

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-p2v converts physical machines to virtual machines.  Boot with a
live CD or over the network (PXE) and turn machines into KVM guests.
http://libguestfs.org/virt-v2v