Bug 672485
| Summary: | [RFE] virt-edit/tar-in/tar-out/inspector do not support encrypted system | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Lei Wang <leiwang> |
| Component: | libguestfs | Assignee: | Richard W.M. Jones <rjones> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Virtualization Bugs <virt-bugs> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 7.0 | CC: | lkong, mshao, rjones |
| Target Milestone: | rc | Keywords: | FutureFeature |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | libguestfs-1.22.2-1.el7 | Doc Type: | Enhancement |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2014-06-13 11:35:06 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
I agree this is a shortcoming, but it's not something we can do for 6.1. Setting flags for 6.2. (Note it's an RFE, not a regression: in 6.0 we didn't support encrypted guests at all :-) Also "virt-df -a encrypted_image" does not show the encrypted partitions, only regular partitions were listed, but it won't report error messages. Upstream: - virt-edit now supports encrypted filesystems - virt-inspector (ie. "virt-inspector2" in RHEL) has supported it for quite a while - virt-tar is obsolete, replaced by virt-tar-in and virt-tar-out which are just wrappers around guestfish and therefore support encrypted filesystems -> RHEL 7 I believe this should Just Work in all recent versions of libguestfs, including RHEL >= 6.4 and RHEL >= 7. Note that 'virt-tar' is obsolete. Don't use it or test it. Use 'virt-tar-in' and/or 'virt-tar-out' instead. I try to reproduce it with libguestfs-1.21.33-1.1.el7, but virt-tar-out, virt-ls virt-df, virt-cat, virt-inspector works well with encrypted systems, as it is a new function for these tools to support encrypted systems, is it ok to just verify it? Yes, if it works, please move it to VERIFIED. Verify with libguestfs-1.22.6-15.el7 Steps to verify: 1. Install encrypted system to hvm-6.5-64-2.img 2. Run the following command: #virt-tar-out -a ./hvm-6.5-64-2.img /home home.tar #virt-tar-in -a ./hvm-6.5-64-2.img virsh-kvm.tar /home/ #virt-edit -a ./hvm-6.5-64-2.img /etc/issue #virt-inspector -a ./hvm-6.5-64-2.img #virt-cat -a ./hvm-6.5-64-2.img /etc/issue #virt-ls -a ./hvm-6.5-64-2.img /home/ #virt-df -a ./hvm-6.5-64-2.img These command works well with encrypted system. This request was resolved in Red Hat Enterprise Linux 7.0. Contact your manager or support representative in case you have further questions about the request. |
Description of problem: virt-edit/tar/inspector do not support encrypted system, while some other virt-* commands like virt-cat/ls work fine with encrypted system. Version-Release number of selected component (if applicable): libguestfs-tools-1.7.17-10.el6.x86_64 How reproducible: Always Steps to Reproduce: 1.Run virt-edit/tar/inspector with an encrypted VM: virt-edit /var/lib/libvirt/images/rhel55-64-encryptsystem.img /etc/issue virt-tar -x /var/lib/libvirt/images/rhel55-64-encryptsystem.img /home home.tar virt-inspector /var/lib/libvirt/images/rhel55-64-encryptsystem.img 2.Run virt-cat/ls with the encrypted VM: virt-cat -a /var/lib/libvirt/images/rhel55-64-encryptsystem.img /etc/issue virt-ls -a /var/lib/libvirt/images/rhel55-64-encryptsystem.img /etc Actual results: At step1, after running the commands there will return similar messages as below: "virt-edit: No operating system could be detected inside this disk image. This may be because the file is not a disk image, or is not a virtual machine image, or because the OS type is not understood by libguestfs. If you feel this is an error, please file a bug report including as much information about the disk image as possible." And at step2, there will be prompt like "Enter key or passphrase ("/dev/vda2"):" to ask users to enter the passphrase, and then the virt-* commands work as expected. Expected results: The three virt-* commands virt-edit/tar/inspector should also work well with encrypted system.