[virt-tools-list] ANNOUNCE: libguestfs 1.26 released

Richard W.M. Jones rjones at redhat.com
Thu Mar 27 22:26:42 UTC 2014

I'm pleased to announce libguestfs 1.26, a library and set of tools
for accessing and modifying virtual machine disk images.  This release
took more than 6 months of work by a considerable number of people,
and has many new features (see release notes below).

You can get libguestfs 1.26 here:

Main website:     http://libguestfs.org/

      Source:     http://libguestfs.org/download/1.26-stable/
                  You will also need latest supermin from here:

Fedora 20/21:     http://koji.fedoraproject.org/koji/packageinfo?packageID=8391
                  It will appear as an update for F20 in about a week.

Debian/experimental coming soon, see:

The Fedora and Debian packages have split dependencies so you can
download just the features you need.

>From http://libguestfs.org/guestfs-release-notes.1.html :


 New features


    virt-customize(1) is a new tool for customizing virtual machine disk
    images. It lets you install packages, edit configuration files, run
    scripts, set passwords and so on. virt-builder(1) and virt-sysprep(1)
    use virt-customize, and command line options across all these tools are
    now identical.

    virt-diff(1) is a new tool for showing the differences between the
    filesystems of two virtual machines. It is mainly useful when showing
    what files have been changed between snapshots.

    virt-builder(1) has been greatly enhanced. There are many more ways to
    customize the virtual machine. It can pull templates from multiple
    repositories. A parallelized internal xzcat implementation speeds up
    template decompression. Virt-builder uses an optimizing planner to
    choose the fastest way to build the VM. It is now easier to use
    virt-builder from other programs. Internationalization support has been
    added to metadata. More efficient SELinux relabelling of files. Can
    build guests for multiple architectures. Error messages have been
    improved. (Pino Toscano)

    virt-sparsify(1) has a new --in-place option. This sparsifies an image
    in place (without copying it) and is also much faster. (Lots of help
    provided by Paolo Bonzini)

    virt-sysprep(1) can delete and scrub files under user control. You can
    lock user accounts or set random passwords on accounts. Can remove more
    log files. Can unsubscribe a guest from Red Hat Subscription Manager.
    New flexible way to enable and disable operations. (Wanlong Gao, Pino

    virt-win-reg(1) allows you to use URIs to specify remote disk images.

    virt-format(1) can now pass the extra space that it recovers back to
    the host.

    guestfish(1) has additional environment variables to give fine control
    over the ><fs> prompt. Guestfish reads its (rarely used) configuration
    file in a different order now so that local settings override global
    settings. (Pino Toscano)

    virt-make-fs(1) was rewritten in C, but is unchanged in terms of
    functionality and command line usage.

  Language bindings

    The OCaml bindings have a new Guestfs.Errno module, used to check the
    error number returned by Guestfs.last_errno.

    PHP tests now work. (Pino Toscano)


    Inspection can recognize Debian live images.


    ARMv7 (32 bit) now supports KVM acceleration.

    Aarch64 (ARM 64 bit) is supported, but the appliance part does not work

    PPC64 support has been fixed and enhanced.


    Denial of service when inspecting disk images with corrupt btrfs

      It was possible to crash libguestfs (and programs that use libguestfs
      as a library) by presenting a disk image containing a corrupt btrfs

      This was caused by a NULL pointer dereference causing a denial of
      service, and is not thought to be exploitable any further.

      See commit d70ceb4cbea165c960710576efac5a5716055486 for the fix. This
      fix is included in libguestfs stable branches ≥ 1.26.0, ≥ 1.24.6 and
      ≥ 1.22.8, and also in RHEL ≥ 7.0. Earlier versions of libguestfs are
      not vulnerable.

    Better generation of random root passwords and random seeds

      When generating random root passwords and random seeds, two bugs were
      fixed which are possibly security related. Firstly we no longer read
      excessive bytes from /dev/urandom (most of which were just thrown
      away). Secondly we changed the code to avoid modulo bias. These
      issues were not thought to be exploitable. (Both changes suggested by
      Edwin Török)


    GUID parameters are now validated when they are passed to API calls,
    whereas previously you could have passed any string. (Pino Toscano)

  New APIs

    guestfs_add_drive_opts: new discard parameter

      The new discard parameter allows fine-grained control over
      discard/trim support for a particular disk. This allows the host file
      to become more sparse (or thin-provisioned) when you delete files or
      issue the guestfs_fstrim API call.

    guestfs_add_domain: new parameters: cachemode, discard

      These parameters are passed through when adding the domain's disks.


      Discard all blocks on a guestfs device. Combined with the discard
      parameter above, this makes the host file sparse.


      Test if discarded blocks read back as zeroes.



      For each struct returned through the API, libguestfs now generates
      guestfs_compare_* and guestfs_copy_* functions to allow you to
      compare and copy structs.


      Copy attributes (like permissions, xattrs, ownership) from one file
      to another. (Pino Toscano)


      A flexible API for creating empty disk images from scratch. This
      avoids the need to call out to external programs like qemu-img(1).



      Per-backend settings (can also be set via the environment variable
      LIBGUESTFS_BACKEND_SETTINGS). The main use for this is forcing TCG
      mode in the qemu-based backends, for example:

       export LIBGUESTFS_BACKEND=direct
       export LIBGUESTFS_BACKEND_SETTINGS=force_tcg


      Get the label or name of a partition (for GPT disk images).

 Build changes

    The following extra packages are required to build libguestfs 1.26:

    supermin ≥ 5

      Supermin version 5 is required to build this version of libguestfs.

    flex, bison

      Virt-builder now uses a real parser to parse its metadata file, so
      these tools are required.


      This is now a required build dependency, where previously it was (in
      theory) optional.


    PO message extraction rewritten to be more robust. (Pino Toscano)

    podwrapper gives an error if the --insert or --verbatim argument
    pattern is not found.

    Libguestfs now passes the qemu -enable-fips option to enable FIPS, if
    qemu supports it.

    ./configure --without-qemu can be used if you don't want to specify a
    default hypervisor.

    Copy-on-write [COW] overlays, used for example for read-only drives,
    are now created through an internal backend API (.create_cow_overlay).

    Libvirt backend uses some funky C macros to generate XML. These are
    simpler and safer.

    The ChangeLog file format has changed. It is now just the same as git
    log, instead of using a custom format.

    Appliance start-up has changed:

      * The libguestfs appliance now initializes LVM the same way as it is
      done on physical machines.

      * The libguestfs appliance does not write an empty string to
      /proc/sys/kernel/hotplug when starting up.

      Note that you must configure your kernel to have
      CONFIG_UEVENT_HELPER_PATH="" otherwise you will get strange LVM
      errors (this applies as much to any Linux machine, not just
      libguestfs). (Peter Rajnoha)

    Libguestfs can now be built on arches that have ocamlc(1) but not
    ocamlopt(1). (Hilko Bengen, Olaf Hering)

    You cannot use ./configure --disable-daemon --enable-appliance. It made
    no sense anyway. Now it is expressly forbidden by the configure script.

    The packagelist file uses m4 for macro expansion instead of cpp.

 Bugs fixed


      java bindings inspect_list_applications2 throws


      [RFE] enable subscription manager clean or unregister operation to


      virt-resize does not preserve GPT partition names


      mount-local should give a clearer error if root is not mounted


      virt-sparsify overwrites block devices if used as output files


      libguestfs: error: invalid backend: appliance


      guestfs_pvs prints "unknown device" if a physical volume is missing


      Recommended default clock/timer settings


      ruby-libguestfs throws "expecting 0 or 1 arguments" on


      Cannot inspect cirros 0.3.1 disk image fully


      LIBVIRT_DEFAULT_URI=qemu:///system breaks libguestfs


      virt-builder network (eg. --install) doesn't work if resolv.conf sets


      When SSSD is installed, libvirt configuration requires
      authentication, but not clear to user


      virt-make-fs fails making fat/vfat whole disk: Device partition
      expected, not making filesystem on entire device '/dev/sda' (use -I
      to override)


      virt-sysprep to delete more logfiles


      RFE: libguestfs inspection does not recognize Free4NAS live CD


      RFE: virt-sysprep/virt-builder should have an option to lock a user


      libguestfs fails examining libvirt guest with ceph drives: rbd: image
      name must begin with a '/'


      virt-builder fails if $HOME/.cache doesn't exist


      libguestfs: do not use versioned jar file


      All libguestfs LVM operations fail on Debian/Ubuntu


      Need update helpout of part-set-gpt-type


      virt-sysprep does not correctly set the hostname on Debian/Ubuntu


      guestfish prints literal "\n" in error messages


      guestmount: "touch" command fails: touch: setting times of
      `timestamp': Invalid argument


      [RFE] function to get partition name


      list-devices returns devices of different types out of order



Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-p2v converts physical machines to virtual machines.  Boot with a
live CD or over the network (PXE) and turn machines into KVM guests.

More information about the virt-tools-list mailing list