Displaying 17 results from an estimated 17 matches for "nbd_set_uri_allow_local_file".
2019 Oct 20
0
[PATCH libnbd] api: Allow NBD URIs to be restricted.
...m
+
+Default: allowed
+
+To prevent this you must disable the C<+unix> transport
+using L<nbd_set_uri_allow_transports(3)>.
+
+=item Read from local files
+
+Default: denied
+
+To allow URIs to contain references to local files
+(eg. for parameters like C<tls-psk-file>) call
+L<nbd_set_uri_allow_local_file(3)>.
=back
@@ -2900,6 +3020,9 @@ let first_version = [
"aio_connect_socket", (1, 2);
"connect_vsock", (1, 2);
"aio_connect_vsock", (1, 2);
+ "set_uri_allow_transports", (1, 2);
+ "set_uri_allow_tls", (1, 2);
+ "set_uri_allow...
2020 Aug 14
0
[libnbd PATCH v2 09/13] info: Simplify by using nbd_opt_go
...n export name: %s\n",
+ nbd_get_error ());
+ exit (EXIT_FAILURE);
+ }
- /* Connect to the new URI. */
- nbd2 = nbd_create ();
- if (nbd2 == NULL) {
- fprintf (stderr, "%s\n", nbd_get_error ());
- exit (EXIT_FAILURE);
- }
- nbd_set_uri_allow_local_file (nbd2, true); /* Allow ?tls-psk-file. */
+ /* Connect to the original URI, but using opt mode to alter the export. */
+ nbd2 = nbd_create ();
+ if (nbd2 == NULL) {
+ fprintf (stderr, "%s\n", nbd_get_error ());
+ exit (EXIT_FAILURE);
+ }
+ nbd_set_uri_allow_local_f...
2020 Aug 19
0
[libnbd PATCH 2/2] info: Use nbd_opt_info for fewer handles during --list
...;
struct nbd_handle *nbd2;
- /* Connect to the original URI, but using opt mode to alter the export. */
- name = export_list.names[i];
- nbd2 = nbd_create ();
- if (nbd2 == NULL) {
- fprintf (stderr, "%s\n", nbd_get_error ());
- exit (EXIT_FAILURE);
- }
- nbd_set_uri_allow_local_file (nbd2, true); /* Allow ?tls-psk-file. */
- nbd_set_opt_mode (nbd2, true);
+ if (probe_content) {
+ /* Connect to the original URI, but using opt mode to alter the export. */
+ nbd2 = nbd_create ();
+ if (nbd2 == NULL) {
+ fprintf (stderr, "%s\n", nbd_get_error...
2019 Oct 20
2
[PATCH libnbd] api: Allow NBD URIs to be restricted.
Previous discussion:
https://www.redhat.com/archives/libguestfs/2019-August/msg00102.html
Last night I experimentally added support for URIs that contain the
query parameter tls-psk-file, as part of rewriting the tests to cover
more of the URI code. So you can now have a URI like:
nbds://alice@localhost/?tls-psk-file=keys.psk
However there's an obvious security problem here because now
2020 Oct 02
0
[libnbd PATCH v2 2/2] info: List available meta-contexts
...t;
+static int collect_context (void *opaque, const char *name);
static int collect_export (void *opaque, const char *name,
const char *desc);
static void list_one_export (struct nbd_handle *nbd, const char *desc,
@@ -207,10 +213,10 @@ main (int argc, char *argv[])
nbd_set_uri_allow_local_file (nbd, true); /* Allow ?tls-psk-file. */
/* Set optional modes in the handle. */
- if (list_all)
+ if (!map && !size_only) {
nbd_set_opt_mode (nbd, true);
- if (!map && !size_only)
nbd_set_full_info (nbd, true);
+ }
if (map)
nbd_add_meta_context (nbd, map);...
2020 Nov 05
1
[PATCH libnbd] copy: Allowing copying from NBD server to NBD server.
This patch is a straightforward refactoring of libnbd?s nbdcopy
program, and not very interesting.
However I have plans for nbdcopy (see full todo below). I would like
to use this utility for virt-v2v as a replacement for ?qemu-img convert?.
qemu-img has caused us a series of problems:
- change in zeroing behaviour caused a big performance regression
- qemu-img reads extents up-front which
2023 Jun 12
3
[PATCH libnbd 0/2] Two simple patches
These patches aren't related to each other, but both are quite simple.
The second one requires particular attention - it's my experience that
printing out the state transitions in debug mode has never helped me
to diagnose a bug, but it has made the debug logs huge and hard to
follow. However that might just be me! Has it helped anyone else?
Also I'm open to the concept of debug
2020 Sep 26
1
[PATCH nbdinfo proposal] info: Add a --map option for displaying allocation metadata
This is a rough-and-ready implementation of nbdinfo --map option, to
display the allocation and other metadata of NBD exports. I only
tested it lightly against nbdkit. It needs at least some tests.
Command like these should work:
nbdinfo --map nbd://localhost
nbdinfo --map=qemu:dirty-bitmap nbd://localhost
Rich.
2019 Nov 14
1
ANNOUNCE: libnbd 1.2 & nbdkit 1.16 - high performance NBD client and server
...ed(3)
Can be used when testing NBD servers to avoid various NBD features
(Eric Blake).
nbd_get_protocol(3)
Get the NBD protocol variant that the server supports.
nbd_get_tls_negotiated(3)
Did we actually negotiate a TLS connection?
nbd_set_uri_allow_local_file(3)
nbd_set_uri_allow_tls(3)
nbd_set_uri_allow_transports(3)
These can be used to filter NBD URIs before calling
nbd_connect_uri(3).
New features
New tool nbdfuse(1) lets you create a loop-mounted file backed by an
NBD server without needing root...
2020 Sep 26
0
[PATCH nbdinfo v2] info: Add a --map option for displaying allocation metadata.
..._content_flag) {
@@ -182,6 +195,8 @@ main (int argc, char *argv[])
probe_content = true;
if (no_content_flag)
probe_content = false;
+ if (map)
+ probe_content = false;
/* Open the NBD side. */
nbd = nbd_create ();
@@ -191,11 +206,13 @@ main (int argc, char *argv[])
}
nbd_set_uri_allow_local_file (nbd, true); /* Allow ?tls-psk-file. */
- /* If using --list then we need opt mode in the handle. */
+ /* Set optional modes in the handle. */
if (list_all)
nbd_set_opt_mode (nbd, true);
- if (!size_only)
+ if (!map && !size_only)
nbd_set_full_info (nbd, true);
+ if (map...
2020 Sep 26
2
[PATCH nbdinfo v2] info: Add a --map option for displaying allocation metadata.
Fixes bugs with JSON output in the previous patch, and adds some tests.
Rich.
2020 Oct 02
4
[libnbd PATCH v2 0/2] opt_list_meta_context
In v2: ack'ed preliminary patches have been pushed, and I've added a
lot of testsuite coverage as well as putting the new API to use in
nbdinfo.
Eric Blake (2):
api: Add nbd_opt_list_meta_context
info: List available meta-contexts
lib/internal.h | 1 +
generator/API.ml | 84 ++++++++-
2022 Nov 04
3
[libnbd PATCH v2 0/3] Improve nbdsh -u handling
v1 was here:
https://listman.redhat.com/archives/libguestfs/2022-October/030216.html
Since then, I've incorporated changes based on Rich's feedback:
swap order of patches 2 and 3
less change in patch 1 (including no unsafe eval(%s) for --uri)
in patch 2, include -c in list of snippets to store, and use dict of
lambdas to map back to the desired action
Eric Blake (3):
nbdsh:
2020 Aug 19
3
[libnbd PATCH 0/2] NBD_OPT_INFO support
This replaces 13/13 of my v2 series; and now that it has pretty good
testsuite coverage and demonstrable performance improvement to
nbdinfo, I'm going ahead and pushing this now. We may still want to
add further nbd_opt_* commands for other fine-grained tuning of
negotiation, but for now, I think things have stabilized on this end,
and I can return to polishing .list_exports on the nbdkit
2020 Aug 14
18
[libnbd PATCH v2 00/13] Adding nbd_set_opt_mode to improve nbdinfo
Well, I'm not quite done (I still want to get nbdinfo to work on a
single nbd connection for all cases when reading the heads of the
file is not required), but I'm happy with patches 1-11, and 12-13
show where I'm headed for getting NBD_OPT_INFO to work. Posting
now to see if some of the earlier patches are ready to commit while
I continue working on the latter half.
Eric Blake (13):
2020 Oct 27
6
[PATCH libnbd 0/5] info: --map: Coalesce adjacent extents of the same type.
This adds coalescing of adjacent extents of the same type, as
mentioned by Eric Blake in the commit message here:
https://github.com/libguestfs/libnbd/commit/46072f6611f80245846a445766da071e457b00cd
The patch series is rather long because it detours through adding the
<vector.h> library from nbdkit into libnbd and replacing ad hoc uses
of realloc, char ** etc in various places.
Rich.
2020 Aug 18
3
[libnbd PATCH v3 0/2] Implementing NBD_OPT_LIST
This is a subset of my v2 posting, but limited to just the
NBD_OPT_LIST handling. The biggest change since v2 is the addition of
added unit testing in all four language bindings (C, python, ocaml,
golang). The tests require nbdkit built from git on PATH, and may not
be entirely idiomatic, but I at least validated that they catch issues
(for example, adding an exit statement near the end of the