Libguestfs - Feb 2023 - ANNOUNCE: libguestfs 1.50 & guestfs-tools 1.50

I'm pleased to announce the releases of libguestfs 1.50 and
guestfs-tools 1.50.  These are a library and a set of tools for for
accessing and modifying filesystems inside virtual machines and disk
images, securely and without needing root access.

You can download both projects here:

https://download.libguestfs.org/1.50-stable/
https://download.libguestfs.org/guestfs-tools/1.50-stable/

I've attached the release notes below, or you can read them online
here:

https://libguestfs.org/guestfs-release-notes-1.50.1.html
https://libguestfs.org/guestfs-tools-release-notes-1.50.1.html

Thanks to the many authors who have contributed to these releases.

Rich.

- - -

RELEASE NOTES FOR LIBGUESTFS 1.50
       These are the release notes for libguestfs stable release 1.50.  This
       describes the major changes since 1.48.

       Libguestfs 1.50.0 was released on 7 February 2023.

   Language bindings
       Fix the PHP bindings for PHP8 (Geoff Amey).

       Fix various deprecation warnings in the GObject bindings.

       We no longer use the deprecated Python distutils library (thanks Miro
       Hron?ok).

   Inspection
       When listing the packages in RPM-based guests, the inspection API no
       longer checks package signatures.  This is because the newer librpm
       used by libguestfs does not understand signatures stored in older
       guests, such as SHA1 used by RHEL 6 (thanks Panu Matilainen).

       "guestfs_inspect_get_hostname" in guestfs(3) can now handle
       /etc/hostname files containing comments (thanks Dawid Zamirski).

       "guestfs_file_architecture" in guestfs(3) can now parse files
using
       zstd compression.

       "guestfs_inspect_get_osinfo" in guestfs(3) now returns the
correct
       osinfo field for Windows 11.  However because of decisions made by
       Microsoft, these guests still return product name and other strings
       identifying as Windows 10 (thanks Yaakov Selkowitz, Yongkui Guo).

   API
       New APIs

       "guestfs_device_name" in guestfs(3) is a new API to read the
device
       name associated with a drive, for example calling this with 0 will
       return "/dev/sda".

       "guestfs_clevis_luks_unlock" in guestfs(3) is a new API for
unlocking
       disks using the Clevis/Tang network-based full disk encryption scheme.
       Furthermore implement this in guestfish and guestmount (Laszlo Ersek).

       "guestfs_inspect_get_build_id" in guestfs(3) is a new API for
reading
       the build ID from some Linux and Windows guests.  It is not widely used
       on Linux, but for Windows it is vital for identifying Windows 11.

       Other API changes

       In the "guestfs_add_drive" in guestfs(3) API, the
"name" and "iface"
       fields are not used.  "name" has not been used since around
2017, but
       the documentation has only just been updated to reflect this. 
"iface"
       was never allowed for the libvirt backend and didn't work reliably
with
       the direct backend (Laszlo Ersek).

       "guestfs_readdir" in guestfs(3) is no longer limited to the
maximum
       message size but can read a directory of any size (Laszlo Ersek).

   Build changes
       Note that the Augeas bindings for libguestfs are no longer bundled with
       libguestfs and must be built separately.  See:
       https://people.redhat.com/~rjones/augeas/  For RHEL 7+ rebuilding the
       Fedora Rawhide package will work.

       Note that libguestfs now requires minimum OCaml 4.04.  It will not
       compile on RHEL 6.

       Note that zstd is now a required dependency.

       OCaml gettext is no longer a dependency of libguestfs.  (Plain gettext
       is still optionally used to translate C source files.)

       Add support for OCaml 4.14.

       Fix build for missing stdlib functions in OCaml 4.04.

       Fix "./configure --disable-ocaml".  OCaml is still required to
build
       libguestfs, but this now correctly disables the OCaml bindings of the
       API.

       Add support for building on Artix, Rocky and Virtuozzo (Halil Tezcan
       KARABULUT, Neil Hanlon, Andrey Drobyshev).  In addition when working
       out the local distro we now look at $ID_LIKE in /etc/os-release before
       $ID which helps on Arch (thanks S D Rausty).

       Add preliminary support for compiling libguestfs on macOS.

       Fix website description of cloning the libguestfs repository (Kashyap
       Chamarthy).

       We no longer use glibc custom printf.

       We no longer use "LD_PRELOAD=libSegFault.so" in the appliance. 
This
       feature was removed in glibc 2.35.

       We no longer use dtrace / systemtap probes.

   Internals
       Fix regression tests to use correct paths (Nikolay Shirokovskiy).

       Various improvements to qcow2 appliance handling (Andrey Drobyshev).

       Disable 5-level page tables in qemu.  This avoids a bug in older
       versions of qemu.

       Disable the LVM2 devicesfile in the appliance since it interferes with
       cloned LVs that have the same UUID (Laszlo Ersek).

       Don't use "-cpu max" on RISC-V as it is not yet supported
by qemu's TCG
       emulation of that architecture.  This will be reenabled when qemu gets
       support.

       Avoid a rare hang that would happen when launching the appliance.  This
       turned out to be caused by using the unsafe call setenv(3) between fork
       and exec (thanks Siddhesh Poyarekar).

       When running the file command inside the appliance we now disable
       seccomp since it interferes with processing compressed files (thanks
       David Runge, Toolybird).

   Bugs fixed
       https://bugzilla.redhat.com/2108425
           compile of libguestfs-1.48.4 fails with Error: static declaration
           of ?caml_alloc_initialized_string? follows non-static declaration

       https://bugzilla.redhat.com/2064182
           SHA 1 signatures required to inspect packages in RHEL 6 guests

       https://bugzilla.redhat.com/2033247
           document encrypted RBD disk limitation

       https://bugzilla.redhat.com/2012658
           libguestfs fails to detect Windows 11 guest image

       https://bugzilla.redhat.com/1965941
           lvm-set-filter failed in guestfish with the latest lvm2 package

       https://bugzilla.redhat.com/1844341
           The duplicate block device is listed when iface is set to
'virtio'

       https://bugzilla.redhat.com/1809453
           [RFE] Add support for LUKS encrypted disks with Clevis & Tang

       https://bugzilla.redhat.com/1794518
           Rewrite libguestfs use of setfiles so that it doesn't stop on
ext4
           immutable bits

       https://bugzilla.redhat.com/1674392
           No return values from a directory listing when there are simply too
           many files in that directory (NULL value return)

       https://bugzilla.redhat.com/1554735
           RFE: customize --selinux-relabel should be the default, with
           --no-selinux-relabel used to opt out

SEE ALSO
       guestfs-examples(1), guestfs-faq(1), guestfs-performance(1),
       guestfs-recipes(1), guestfs-testing(1), guestfs(3), guestfish(1),
       http://libguestfs.org/

AUTHORS
       Adolfo Jayme Barrientos
       Andrey Drobyshev
       Emilio Herrera
       Ettore Atalan
       Geoff Amey
       Hela Basa
       Jan Kuparinen
       Kashyap Chamarthy
       Laszlo Ersek
       Marcin Stanclik
       Micha? Smyk
       Neil Hanlon
       Nikolay Shirokovskiy
       Pavel Borecki
       Piotr Dr?g
       Richard W.M. Jones
       Ricky Tigg
       Temuri Doghonadze
       Yuri Chornoivan

COPYRIGHT
       Copyright (C) 2009-2023 Red Hat Inc.

- - -

RELEASE NOTES FOR GUESTFS TOOLS 1.50
       These are the release notes for guestfs tools stable release 1.50.
       This describes the major changes since 1.48.

       Guestfs tools 1.50.0 was released on 7 February 2023.

   Security
       CVE-2022-2211
           https://bugzilla.redhat.com/show_bug.cgi?id=2100862

           A buffer overflow was found in the --key option of several guestfs
           tools.  For more information on this low severity bug see the bug
           report above (Laszlo Ersek).

   New virt-drivers tool
       This new tool can examine a disk image to determine:

       ?   Whether it uses BIOS or UEFI for booting

       ?   What bootloader it uses (Linux only)

       ?   What kernels may be chosen at boot time (Linux only)

       ?   What device drivers (kernel modules) are installed

       This is useful for determining how (or if) a guest can boot on a
       virtualization hypervisor.

   virt-customize
       --selinux-relabel is now the default for SELinux guests.  You no longer
       need to specify this flag.  In the rare case where you don't want to
       relabel a guest after customizing it, you can use --no-selinux-relabel.
       Note this is not needed for non-SELinux guests, it will do the right
       thing automatically (Laszlo Ersek).

       New --inject-qemu-ga and --inject-virtio-win operations which
       respectively inject QEMU Guest Agent and virtio-win drivers into
       Windows guests.

       Rocky Linux guests are now supported (thanks Harry Benson).

   virt-inspector
       Virt-inspector now outputs the new <build_id> element containing
the
       guest build ID, if using libguestfs ? 1.50.

   virt-sysprep
       New "lvm-system-devices" operation for removing LVM2's
system.devices
       file.  This avoids certain problems when cloning a VM (Laszlo Ersek).

       Virt-sysprep supports guests using LUKS logical volumes on top of LVM
       (Laszlo Ersek).

   Common changes
       All the tools supporting the --key option can now use Clevis/Tang to
       decrypt full disk encryption using this network-based scheme (Laszlo
       Ersek).

   Build changes
       Note that libguestfs now requires minimum OCaml 4.04.  It will not
       compile on RHEL 6.

       Note that libosinfo is a new required dependency.

       OCaml 4.14 is now supported.

       "./configure --disable-ocaml" and "./configure
--disable-perl" now
       disable the OCaml- and Perl-based tools respectively (thanks Simon
       Walter).

       Experimental support for compiling on macOS.

       When running "make check-valgrind", Valgrind logs are no longer
written
       to separate files under tmp/.  Instead the output is written to the
       normal test-name.log file.

   Bugs fixed
       https://bugzilla.redhat.com/2133443
           RFE: Support Rocky Linux in virt-customize

       https://bugzilla.redhat.com/2106286
           virt-sysprep: make an effort to support LUKS on LV

       https://bugzilla.redhat.com/2089748
           Removal of "--selinux-relabel" option breaks existing
scripts

       https://bugzilla.redhat.com/2075718
           Having to use "--selinux-relabel" is not intuitive given
Red Hat
           products default to selinux enabled.

       https://bugzilla.redhat.com/2072493
           [RFE] Request to add lvm system.devices cleanup operation to virt-
           sysprep

       https://bugzilla.redhat.com/2059545
           [RHEL 9.0][Nutanix] lvm partition "home" will lost with
SCSI disk
           either in the new cloned VM or restored from a snapshot

       https://bugzilla.redhat.com/2028764
           Install the qemu-guest-agent package during the conversion process

       https://bugzilla.redhat.com/1809453
           [RFE] Add support for LUKS encrypted disks with Clevis & Tang

       https://bugzilla.redhat.com/1554735
           RFE: customize --selinux-relabel should be the default, with
           --no-selinux-relabel used to opt out

SEE ALSO
       http://libguestfs.org/

AUTHORS
       Laszlo Ersek
       Richard W.M. Jones

COPYRIGHT
       Copyright (C) 2009-2023 Red Hat Inc.


-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
nbdkit - Flexible, fast NBD server with plugins
https://gitlab.com/nbdkit/nbdkit