mrc0mmand / rpms / libguestfs

Forked from rpms/libguestfs 3 years ago
Clone

Blame SOURCES/0057-RHEL-7-Disable-unsupported-remote-drive-protocols-RH.patch

cd6068
From 64c53898702fa6ae8bfbd1f0f2ec9fc09d96c66b Mon Sep 17 00:00:00 2001
022f11
From: "Richard W.M. Jones" <rjones@redhat.com>
022f11
Date: Mon, 29 Jul 2013 14:47:56 +0100
022f11
Subject: [PATCH] RHEL 7: Disable unsupported remote drive protocols
022f11
 (RHBZ#962113).
022f11
022f11
This disables support for unsupported remote drive protocols:
022f11
022f11
 * ftp
022f11
 * ftps
022f11
 * http
022f11
 * https
022f11
 * tftp
022f11
 * gluster
022f11
 * iscsi
022f11
 * rbd
022f11
 * sheepdog
022f11
 * ssh
022f11
022f11
Note 'nbd' is not disabled, and of course 'file' works.
022f11
022f11
We hope to gradually add some of these back over the lifetime of RHEL 7.
022f11
---
022f11
 fish/guestfish.pod   |  67 ----------------------------
022f11
 fish/test-add-uri.sh |  29 ------------
022f11
 generator/actions.ml |  72 ------------------------------
022f11
 src/drives.c         |   8 ++++
022f11
 src/guestfs.pod      | 121 ---------------------------------------------------
022f11
 5 files changed, 8 insertions(+), 289 deletions(-)
022f11
022f11
diff --git a/fish/guestfish.pod b/fish/guestfish.pod
022f11
index c19fe6c..a240280 100644
022f11
--- a/fish/guestfish.pod
022f11
+++ b/fish/guestfish.pod
022f11
@@ -1138,40 +1138,6 @@ The possible I<-a URI> formats are described below.
022f11
 
022f11
 Add the local disk image (or device) called C<disk.img>.
022f11
 
022f11
-=head2 B<-a ftp://[user@]example.com[:port]/disk.img>
022f11
-
022f11
-=head2 B<-a ftps://[user@]example.com[:port]/disk.img>
022f11
-
022f11
-=head2 B<-a http://[user@]example.com[:port]/disk.img>
022f11
-
022f11
-=head2 B<-a https://[user@]example.com[:port]/disk.img>
022f11
-
022f11
-=head2 B<-a tftp://[user@]example.com[:port]/disk.img>
022f11
-
022f11
-Add a disk located on a remote FTP, HTTP or TFTP server.
022f11
-
022f11
-The equivalent API command would be:
022f11
-
022f11
- ><fs> add /disk.img protocol:(ftp|...) server:tcp:example.com
022f11
-
022f11
-=head2 B<-a gluster://example.com[:port]/disk>
022f11
-
022f11
-Add a disk image located on GlusterFS storage.
022f11
-
022f11
-The server is the one running C<glusterd>, and may be C<localhost>.
022f11
-
022f11
-The equivalent API command would be:
022f11
-
022f11
- ><fs> add /disk protocol:gluster server:tcp:example.com
022f11
-
022f11
-=head2 B<-a iscsi://example.com[:port]/target-iqn-name[/lun]>
022f11
-
022f11
-Add a disk located on an iSCSI server.
022f11
-
022f11
-The equivalent API command would be:
022f11
-
022f11
- ><fs> add /target-iqn-name/lun protocol:iscsi server:tcp:example.com
022f11
-
022f11
 =head2 B<-a nbd://example.com[:port]>
022f11
 
022f11
 =head2 B<-a nbd://example.com[:port]/exportname>
022f11
@@ -1193,39 +1159,6 @@ The equivalent API command would be (no export name):
022f11
 
022f11
  ><fs> add "" protocol:nbd server:[tcp:example.com|unix:/socket]
022f11
 
022f11
-=head2 B<-a rbd://example.com[:port]/disk>
022f11
-
022f11
-Add a disk image located on a Ceph (RBD/librbd) storage volume.
022f11
-
022f11
-Although libguestfs and Ceph supports multiple servers, only a single
022f11
-server can be specified when using this URI syntax.
022f11
-
022f11
-The equivalent API command would be:
022f11
-
022f11
- ><fs> add /disk protocol:rbd server:tcp:example.com
022f11
-
022f11
-=head2 B<-a sheepdog://[example.com[:port]]/volume/image>
022f11
-
022f11
-Add a disk image located on a Sheepdog volume.
022f11
-
022f11
-The server name is optional.  Although libguestfs and Sheepdog
022f11
-supports multiple servers, only at most one server can be specified
022f11
-when using this URI syntax.
022f11
-
022f11
-The equivalent API command would be:
022f11
-
022f11
- ><fs> add /disk protocol:sheepdog [server:tcp:example.com]
022f11
-
022f11
-=head2 B<-a ssh://[user@]example.com[:port]/disk.img>
022f11
-
022f11
-Add a disk image located on a remote server, accessed using the Secure
022f11
-Shell (ssh) SFTP protocol.  SFTP is supported out of the box by all
022f11
-major SSH servers.
022f11
-
022f11
-The equivalent API command would be:
022f11
-
022f11
- ><fs> add /disk protocol:ssh server:tcp:example.com [username:user]
022f11
-
022f11
 =head1 PROGRESS BARS
022f11
 
022f11
 Some (not all) long-running commands send progress notification
022f11
diff --git a/fish/test-add-uri.sh b/fish/test-add-uri.sh
022f11
index dfeccf7..c481e88 100755
022f11
--- a/fish/test-add-uri.sh
022f11
+++ b/fish/test-add-uri.sh
022f11
@@ -37,14 +37,6 @@ function fail ()
022f11
 $VG ./guestfish -x -a file://$(pwd)/test-add-uri.img </dev/null >test-add-uri.out 2>&1
022f11
 grep -sq 'add_drive ".*/test-add-uri.img"' test-add-uri.out || fail
022f11
 
022f11
-# curl
022f11
-$VG ./guestfish -x -a ftp://user@example.com/disk.img </dev/null >test-add-uri.out 2>&1
022f11
-grep -sq 'add_drive "/disk.img" "protocol:ftp" "server:tcp:example.com" "username:user"' test-add-uri.out || fail
022f11
-
022f11
-# gluster
022f11
-$VG ./guestfish -x -a gluster://example.com/disk </dev/null >test-add-uri.out 2>&1
022f11
-grep -sq 'add_drive "/disk" "protocol:gluster" "server:tcp:example.com"' test-add-uri.out || fail
022f11
-
022f11
 # NBD
022f11
 $VG ./guestfish -x -a nbd://example.com </dev/null >test-add-uri.out 2>&1
022f11
 grep -sq 'add_drive "" "protocol:nbd" "server:tcp:example.com"' test-add-uri.out || fail
022f11
@@ -58,26 +50,5 @@ grep -sq 'add_drive "" "protocol:nbd" "server:unix:/sk"' test-add-uri.out || fai
022f11
 $VG ./guestfish -x -a 'nbd:///export?socket=/sk' </dev/null >test-add-uri.out 2>&1
022f11
 grep -sq 'add_drive "/export" "protocol:nbd" "server:unix:/sk"' test-add-uri.out || fail
022f11
 
022f11
-# rbd
022f11
-$VG ./guestfish -x -a rbd://example.com:3000/disk </dev/null >test-add-uri.out 2>&1
022f11
-grep -sq 'add_drive "/disk" "protocol:rbd" "server:tcp:example.com:3000"' test-add-uri.out || fail
022f11
-
022f11
-# sheepdog
022f11
-$VG ./guestfish -x -a sheepdog:///volume/image </dev/null >test-add-uri.out 2>&1
022f11
-grep -sq 'add_drive "/volume/image" "protocol:sheepdog"' test-add-uri.out || fail
022f11
-
022f11
-$VG ./guestfish -x -a sheepdog://example.com:3000/volume/image </dev/null >test-add-uri.out 2>&1
022f11
-grep -sq 'add_drive "/volume/image" "protocol:sheepdog" "server:tcp:example.com:3000"' test-add-uri.out || fail
022f11
-
022f11
-# ssh
022f11
-$VG ./guestfish -x -a ssh://example.com/disk.img </dev/null >test-add-uri.out 2>&1
022f11
-grep -sq 'add_drive "/disk.img" "protocol:ssh" "server:tcp:example.com"' test-add-uri.out || fail
022f11
-
022f11
-$VG ./guestfish -x -a ssh://user@example.com/disk.img </dev/null >test-add-uri.out 2>&1
022f11
-grep -sq 'add_drive "/disk.img" "protocol:ssh" "server:tcp:example.com" "username:user"' test-add-uri.out || fail
022f11
-
022f11
-$VG ./guestfish -x -a ssh://user@example.com:2000/disk.img </dev/null >test-add-uri.out 2>&1
022f11
-grep -sq 'add_drive "/disk.img" "protocol:ssh" "server:tcp:example.com:2000" "username:user"' test-add-uri.out || fail
022f11
-
022f11
 rm test-add-uri.out
022f11
 rm test-add-uri.img
022f11
diff --git a/generator/actions.ml b/generator/actions.ml
cd6068
index e3b57ff..879080f 100644
022f11
--- a/generator/actions.ml
022f11
+++ b/generator/actions.ml
022f11
@@ -1333,27 +1333,6 @@ C<filename> is interpreted as a local file or device.
022f11
 This is the default if the optional protocol parameter
022f11
 is omitted.
022f11
 
022f11
-=item C<protocol = \"ftp\"|\"ftps\"|\"http\"|\"https\"|\"tftp\">
022f11
-
022f11
-Connect to a remote FTP, HTTP or TFTP server.
022f11
-The C<server> parameter must also be supplied - see below.
022f11
-
022f11
-See also: L<guestfs(3)/FTP, HTTP AND TFTP>
022f11
-
022f11
-=item C<protocol = \"gluster\">
022f11
-
022f11
-Connect to the GlusterFS server.
022f11
-The C<server> parameter must also be supplied - see below.
022f11
-
022f11
-See also: L<guestfs(3)/GLUSTER>
022f11
-
022f11
-=item C<protocol = \"iscsi\">
022f11
-
022f11
-Connect to the iSCSI server.
022f11
-The C<server> parameter must also be supplied - see below.
022f11
-
022f11
-See also: L<guestfs(3)/ISCSI>.
022f11
-
022f11
 =item C<protocol = \"nbd\">
022f11
 
022f11
 Connect to the Network Block Device server.
022f11
@@ -1361,31 +1340,6 @@ The C<server> parameter must also be supplied - see below.
022f11
 
022f11
 See also: L<guestfs(3)/NETWORK BLOCK DEVICE>.
022f11
 
022f11
-=item C<protocol = \"rbd\">
022f11
-
022f11
-Connect to the Ceph (librbd/RBD) server.
022f11
-The C<server> parameter must also be supplied - see below.
022f11
-The C<username> parameter may be supplied.  See below.
022f11
-The C<secret> parameter may be supplied.  See below.
022f11
-
022f11
-See also: L<guestfs(3)/CEPH>.
022f11
-
022f11
-=item C<protocol = \"sheepdog\">
022f11
-
022f11
-Connect to the Sheepdog server.
022f11
-The C<server> parameter may also be supplied - see below.
022f11
-
022f11
-See also: L<guestfs(3)/SHEEPDOG>.
022f11
-
022f11
-=item C<protocol = \"ssh\">
022f11
-
022f11
-Connect to the Secure Shell (ssh) server.
022f11
-
022f11
-The C<server> parameter must be supplied.
022f11
-The C<username> parameter may be supplied.  See below.
022f11
-
022f11
-See also: L<guestfs(3)/SSH>.
022f11
-
022f11
 =back
022f11
 
022f11
 =item C<server>
022f11
@@ -1396,13 +1350,7 @@ is a list of server(s).
022f11
  Protocol       Number of servers required
022f11
  --------       --------------------------
022f11
  file           List must be empty or param not used at all
022f11
- ftp|ftps|http|https|tftp  Exactly one
022f11
- gluster        Exactly one
022f11
- iscsi          Exactly one
022f11
  nbd            Exactly one
022f11
- rbd            One or more
022f11
- sheepdog       Zero or more
022f11
- ssh            Exactly one
022f11
 
022f11
 Each list element is a string specifying a server.  The string must be
022f11
 in one of the following formats:
022f11
@@ -1416,26 +1364,6 @@ in one of the following formats:
022f11
 If the port number is omitted, then the standard port number
022f11
 for the protocol is used (see C</etc/services>).
022f11
 
022f11
-=item C<username>
022f11
-
022f11
-For the C<ftp>, C<ftps>, C<http>, C<https>, C<iscsi>, C<rbd>, C<ssh>
022f11
-and C<tftp> protocols, this specifies the remote username.
022f11
-
022f11
-If not given, then the local username is used for C<ssh>, and no authentication
022f11
-is attempted for ceph.  But note this sometimes may give unexpected results, for
022f11
-example if using the libvirt backend and if the libvirt backend is configured to
022f11
-start the qemu appliance as a special user such as C<qemu.qemu>.  If in doubt,
022f11
-specify the remote username you want.
022f11
-
022f11
-=item C<secret>
022f11
-
022f11
-For the C<rbd> protocol only, this specifies the 'secret' to use when
022f11
-connecting to the remote device.
022f11
-
022f11
-If not given, then a secret matching the given username will be looked up in the
022f11
-default keychain locations, or if no username is given, then no authentication
022f11
-will be used.
022f11
-
022f11
 =item C<cachemode>
022f11
 
022f11
 Choose whether or not libguestfs will obey sync operations (safe but slow)
022f11
diff --git a/src/drives.c b/src/drives.c
022f11
index f310b06..7abd952 100644
022f11
--- a/src/drives.c
022f11
+++ b/src/drives.c
022f11
@@ -136,6 +136,7 @@ create_drive_non_file (guestfs_h *g,
022f11
   return drv;
022f11
 }
022f11
 
022f11
+#if 0 /* DISABLED IN RHEL 7 */
022f11
 static struct drive *
022f11
 create_drive_curl (guestfs_h *g,
022f11
                    enum drive_protocol protocol,
022f11
@@ -218,6 +219,7 @@ create_drive_gluster (guestfs_h *g,
022f11
                                 readonly, format, iface, name, disk_label,
022f11
                                 cachemode);
022f11
 }
022f11
+#endif /* DISABLED IN RHEL 7 */
022f11
 
022f11
 static int
022f11
 nbd_port (void)
022f11
@@ -264,6 +266,7 @@ create_drive_nbd (guestfs_h *g,
022f11
                                 cachemode);
022f11
 }
022f11
 
022f11
+#if 0 /* DISABLED IN RHEL 7 */
022f11
 static struct drive *
022f11
 create_drive_rbd (guestfs_h *g,
022f11
                   struct drive_server *servers, size_t nr_servers,
022f11
@@ -451,6 +454,7 @@ create_drive_iscsi (guestfs_h *g,
022f11
                                 readonly, format, iface, name, disk_label,
022f11
                                 cachemode);
022f11
 }
022f11
+#endif /* DISABLED IN RHEL 7 */
022f11
 
022f11
 /* Traditionally you have been able to use /dev/null as a filename, as
022f11
  * many times as you like.  Ancient KVM (RHEL 5) cannot handle adding
022f11
@@ -865,6 +869,7 @@ guestfs__add_drive_opts (guestfs_h *g, const char *filename,
022f11
                                disk_label, cachemode);
022f11
     }
022f11
   }
022f11
+#if 0 /* DISABLED IN RHEL 7 */
022f11
   else if (STREQ (protocol, "ftp")) {
022f11
     drv = create_drive_curl (g, drive_protocol_ftp,
022f11
                              servers, nr_servers, filename,
022f11
@@ -905,12 +910,14 @@ guestfs__add_drive_opts (guestfs_h *g, const char *filename,
022f11
                               readonly, format, iface, name,
022f11
                               disk_label, cachemode);
022f11
   }
022f11
+#endif /* DISABLED IN RHEL 7 */
022f11
   else if (STREQ (protocol, "nbd")) {
022f11
     drv = create_drive_nbd (g, servers, nr_servers, filename,
022f11
                             username, secret,
022f11
                             readonly, format, iface, name,
022f11
                             disk_label, cachemode);
022f11
   }
022f11
+#if 0 /* DISABLED IN RHEL 7 */
022f11
   else if (STREQ (protocol, "rbd")) {
022f11
     drv = create_drive_rbd (g, servers, nr_servers, filename,
022f11
                             username, secret,
022f11
@@ -936,6 +943,7 @@ guestfs__add_drive_opts (guestfs_h *g, const char *filename,
022f11
                              readonly, format, iface, name,
022f11
                              disk_label, cachemode);
022f11
   }
022f11
+#endif /* DISABLED IN RHEL 7 */
022f11
   else {
022f11
     error (g, _("unknown protocol '%s'"), protocol);
022f11
     drv = NULL; /*FALLTHROUGH*/
022f11
diff --git a/src/guestfs.pod b/src/guestfs.pod
022f11
index eedea94..87e8882 100644
022f11
--- a/src/guestfs.pod
022f11
+++ b/src/guestfs.pod
022f11
@@ -668,91 +668,6 @@ you don't need to add any disks.
022f11
 
022f11
 =head2 REMOTE STORAGE
022f11
 
022f11
-=head3 CEPH
022f11
-
022f11
-Libguestfs can access Ceph (librbd/RBD) disks.
022f11
-
022f11
-To do this, set the optional C<protocol> and C<server> parameters of
022f11
-L</guestfs_add_drive_opts> like this:
022f11
-
022f11
- char **servers = { "ceph1.example.org:3000", /* ... */, NULL };
022f11
- guestfs_add_drive_opts (g, "/pool/image",
022f11
-                         GUESTFS_ADD_DRIVE_OPTS_FORMAT, "raw",
022f11
-                         GUESTFS_ADD_DRIVE_OPTS_PROTOCOL, "rbd",
022f11
-                         GUESTFS_ADD_DRIVE_OPTS_SERVER, servers,
022f11
-                         GUESTFS_ADD_DRIVE_OPTS_USERNAME, "rbduser",
022f11
-                         GUESTFS_ADD_DRIVE_OPTS_SECRET, "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==",
022f11
-                         -1);
022f11
-
022f11
-C<servers> (the C<server> parameter) is a list of one or more Ceph
022f11
-servers.  The server string is documented in
022f11
-L</guestfs_add_drive_opts>. The C<username> and C<secret> parameters are
022f11
-also optional, and if not given, then no authentication will be used.
022f11
-
022f11
-=head3 FTP, HTTP AND TFTP
022f11
-
022f11
-Libguestfs can access remote disks over FTP, FTPS, HTTP, HTTPS
022f11
-or TFTP protocols.
022f11
-
022f11
-To do this, set the optional C<protocol> and C<server> parameters of
022f11
-L</guestfs_add_drive_opts> like this:
022f11
-
022f11
- char **servers = { "www.example.org", NULL };
022f11
- guestfs_add_drive_opts (g, "/disk.img",
022f11
-                         GUESTFS_ADD_DRIVE_OPTS_FORMAT, "raw",
022f11
-                         GUESTFS_ADD_DRIVE_OPTS_PROTOCOL, "http",
022f11
-                         GUESTFS_ADD_DRIVE_OPTS_SERVER, servers,
022f11
-                         -1);
022f11
-
022f11
-The C<protocol> can be one of C<"ftp">, C<"ftps">, C<"http">,
022f11
-C<"https"> or C<"tftp">.
022f11
-
022f11
-C<servers> (the C<server> parameter) is a list which must have a
022f11
-single element.  The single element is a string defining the web,
022f11
-FTP or TFTP server.  The format of this string is documented in
022f11
-L</guestfs_add_drive_opts>.
022f11
-
022f11
-=head3 GLUSTER
022f11
-
022f11
-Libguestfs can access Gluster disks.
022f11
-
022f11
-To do this, set the optional C<protocol> and C<server> parameters of
022f11
-L</guestfs_add_drive_opts> like this:
022f11
-
022f11
- char **servers = { "gluster.example.org:24007", NULL };
022f11
- guestfs_add_drive_opts (g, "/volname/image",
022f11
-                         GUESTFS_ADD_DRIVE_OPTS_FORMAT, "raw",
022f11
-                         GUESTFS_ADD_DRIVE_OPTS_PROTOCOL, "gluster",
022f11
-                         GUESTFS_ADD_DRIVE_OPTS_SERVER, servers,
022f11
-                         -1);
022f11
-
022f11
-C<servers> (the C<server> parameter) is a list which must have a
022f11
-single element.  The single element is a string defining the Gluster
022f11
-server.  The format of this string is documented in
022f11
-L</guestfs_add_drive_opts>.
022f11
-
022f11
-Note that gluster usually requires the client process (ie. libguestfs)
022f11
-to run as B<root> and will give unfathomable errors if it is not
022f11
-(eg. "No data available").
022f11
-
022f11
-=head3 ISCSI
022f11
-
022f11
-Libguestfs can access iSCSI disks remotely.
022f11
-
022f11
-To do this, set the optional C<protocol> and C<server> parameters like
022f11
-this:
022f11
-
022f11
- char **server = { "iscsi.example.org:3000", NULL };
022f11
- guestfs_add_drive_opts (g, "/target-iqn-name/lun",
022f11
-                         GUESTFS_ADD_DRIVE_OPTS_FORMAT, "raw",
022f11
-                         GUESTFS_ADD_DRIVE_OPTS_PROTOCOL, "iscsi",
022f11
-                         GUESTFS_ADD_DRIVE_OPTS_SERVER, server,
022f11
-                         -1);
022f11
-
022f11
-The C<server> parameter is a list which must have a single element.
022f11
-The single element is a string defining the iSCSI server.  The format
022f11
-of this string is documented in L</guestfs_add_drive_opts>.
022f11
-
022f11
 =head3 NETWORK BLOCK DEVICE
022f11
 
022f11
 Libguestfs can access Network Block Device (NBD) disks remotely.
022f11
@@ -815,42 +730,6 @@ L<https://bugs.launchpad.net/qemu/+bug/1155677>
022f11
 
022f11
 =back
022f11
 
022f11
-=head3 SHEEPDOG
022f11
-
022f11
-Libguestfs can access Sheepdog disks.
022f11
-
022f11
-To do this, set the optional C<protocol> and C<server> parameters of
022f11
-L</guestfs_add_drive_opts> like this:
022f11
-
022f11
- char **servers = { /* optional servers ... */ NULL };
022f11
- guestfs_add_drive_opts (g, "/volume",
022f11
-                         GUESTFS_ADD_DRIVE_OPTS_FORMAT, "raw",
022f11
-                         GUESTFS_ADD_DRIVE_OPTS_PROTOCOL, "sheepdog",
022f11
-                         GUESTFS_ADD_DRIVE_OPTS_SERVER, servers,
022f11
-                         -1);
022f11
-
022f11
-The optional list of C<servers> may be zero or more server addresses
022f11
-(C<"hostname:port">).  The format of the server strings is documented
022f11
-in L</guestfs_add_drive_opts>.
022f11
-
022f11
-=head3 SSH
022f11
-
022f11
-Libguestfs can access disks over a Secure Shell (SSH) connection.
022f11
-
022f11
-To do this, set the C<protocol> and C<server> and (optionally)
022f11
-C<username> parameters of L</guestfs_add_drive_opts> like this:
022f11
-
022f11
- char **server = { "remote.example.com", NULL };
022f11
- guestfs_add_drive_opts (g, "/path/to/disk.img",
022f11
-                         GUESTFS_ADD_DRIVE_OPTS_FORMAT, "raw",
022f11
-                         GUESTFS_ADD_DRIVE_OPTS_PROTOCOL, "ssh",
022f11
-                         GUESTFS_ADD_DRIVE_OPTS_SERVER, server,
022f11
-                         GUESTFS_ADD_DRIVE_OPTS_USERNAME, "remoteuser",
022f11
-                         -1);
022f11
-
022f11
-The format of the server string is documented in
022f11
-L</guestfs_add_drive_opts>.
022f11
-
022f11
 =head2 INSPECTION
022f11
 
022f11
 Libguestfs has APIs for inspecting an unknown disk image to find out
022f11
-- 
022f11
1.8.3.1
022f11