X-Git-Url: http://git.annexia.org/?p=libguestfs.git;a=blobdiff_plain;f=src%2Fguestfs.c;h=778eebc8b582688f1cca412164505848c9b8b3fc;hp=027e08c9237e222db458d5bbae2c71d2fce677cc;hb=a617f521a4f695a63ced1c734128dc6c05b7024f;hpb=55e9707f8591488542da48fc89738234b4d85016

diff --git a/src/guestfs.c b/src/guestfs.c
index 027e08c..778eebc 100644
--- a/src/guestfs.c
+++ b/src/guestfs.c
@@ -183,6 +183,8 @@ struct guestfs_h
   void *                     subprocess_quit_cb_data;
   guestfs_launch_done_cb     launch_done_cb;
   void *                     launch_done_cb_data;
+  guestfs_close_cb           close_cb;
+  void *                     close_cb_data;
 
   int msg_next_serial;
 };
@@ -294,6 +296,10 @@ guestfs_close (guestfs_h *g)
   if (g->verbose)
     fprintf (stderr, "closing guestfs handle %p (state %d)\n", g, g->state);
 
+  /* Run user close callback before anything else. */
+  if (g->close_cb)
+    g->close_cb (g, g->close_cb_data);
+
   /* Try to sync if autosync flag is set. */
   if (g->autosync && g->state == READY) {
     guestfs_umount_all (g);
@@ -840,24 +846,10 @@ guestfs__add_drive_ro_with_if (guestfs_h *g, const char *filename,
     return -1;
   }
 
-  if (qemu_supports (g, NULL) == -1)
-    return -1;
-
-  /* Only SCSI and virtio drivers support readonly mode.
-   * This is only supported as a QEMU feature since 2010/01.
-   */
-  int supports_ro = 0;
-  if ((STREQ (drive_if, "scsi") || STREQ (drive_if, "virtio")) &&
-      qemu_supports (g, "readonly=on"))
-    supports_ro = 1;
-
-  size_t len = strlen (filename) + 100;
+  size_t len = strlen (filename) + 64;
   char buf[len];
 
-  snprintf (buf, len, "file=%s,snapshot=on,%sif=%s",
-            filename,
-            supports_ro ? "readonly=on," : "",
-            drive_if);
+  snprintf (buf, len, "file=%s,snapshot=on,if=%s", filename, drive_if);
 
   return guestfs__config (g, "-drive", buf);
 }
@@ -928,10 +920,6 @@ static void print_cmdline (guestfs_h *g);
 
 static const char *kernel_name = "vmlinuz." REPO "." host_cpu;
 static const char *initrd_name = "initramfs." REPO "." host_cpu ".img";
-static const char *supermin_name =
-  "initramfs." REPO "." host_cpu ".supermin.img";
-static const char *supermin_hostfiles_name =
-  "initramfs." REPO "." host_cpu ".supermin.hostfiles";
 
 int
 guestfs__launch (guestfs_h *g)
@@ -980,6 +968,14 @@ guestfs__launch (guestfs_h *g)
     }
   }
 
+  /* Allow anyone to read the temporary directory.  There are no
+   * secrets in the kernel or initrd files.  The socket in this
+   * directory won't be readable but anyone can see it exists if they
+   * want. (RHBZ#610880).
+   */
+  if (chmod (g->tmpdir, 0755) == -1)
+    fprintf (stderr, "chmod: %s: %m (ignored)\n", g->tmpdir);
+
   /* First search g->path for the supermin appliance, and try to
    * synthesize a kernel and initrd from that.  If it fails, we
    * try the path search again looking for a backup ordinary
@@ -998,8 +994,7 @@ guestfs__launch (guestfs_h *g)
         fprintf (stderr,
                  "looking for supermin appliance in current directory\n");
       if (dir_contains_files (".",
-                              supermin_name, supermin_hostfiles_name,
-                              "kmod.whitelist", NULL)) {
+                              "supermin.d", "kmod.whitelist", NULL)) {
         if (build_supermin_appliance (g, ".", &kernel, &initrd) == -1)
           return -1;
         break;
@@ -1011,8 +1006,7 @@ guestfs__launch (guestfs_h *g)
         fprintf (stderr, "looking for supermin appliance in %s\n", pelem);
 
       if (dir_contains_files (pelem,
-                              supermin_name, supermin_hostfiles_name,
-                              "kmod.whitelist", NULL)) {
+                              "supermin.d", "kmod.whitelist", NULL)) {
         if (build_supermin_appliance (g, pelem, &kernel, &initrd) == -1)
           return -1;
         break;
@@ -1590,12 +1584,20 @@ build_supermin_appliance (guestfs_h *g, const char *path,
   *initrd = safe_malloc (g, len + 8);
   snprintf (*initrd, len+8, "%s/initrd", g->tmpdir);
 
+  /* Set a sensible umask in the subprocess, so kernel and initrd
+   * output files are world-readable (RHBZ#610880).
+   */
   snprintf (cmd, sizeof cmd,
-            "PATH='%s':$PATH "
-            "libguestfs-supermin-helper%s '%s' " host_cpu " " REPO " %s %s",
-            path,
+            "umask 0002; "
+            "febootstrap-supermin-helper%s "
+            "-k '%s/kmod.whitelist' "
+            "'%s/supermin.d' "
+            host_cpu " "
+            "%s %s",
             g->verbose ? " --verbose" : "",
-            path, *kernel, *initrd);
+            path,
+            path,
+            *kernel, *initrd);
   if (g->verbose)
     print_timestamped_message (g, "%s", cmd);
 
@@ -1929,11 +1931,19 @@ guestfs_set_launch_done_callback (guestfs_h *g,
   g->launch_done_cb_data = opaque;
 }
 
+void
+guestfs_set_close_callback (guestfs_h *g,
+                            guestfs_close_cb cb, void *opaque)
+{
+  g->close_cb = cb;
+  g->close_cb_data = opaque;
+}
+
 /*----------------------------------------------------------------------*/
 
 /* This is the code used to send and receive RPC messages and (for
  * certain types of message) to perform file transfers.  This code is
- * driven from the generated actions (src/guestfs-actions.c).  There
+ * driven from the generated actions (src/actions.c).  There
  * are five different cases to consider:
  *
  * (1) A non-daemon function.  There is no RPC involved at all, it's