Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package krunvm for openSUSE:Factory checked in at 2022-12-08 16:50:46 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/krunvm (Old) and /work/SRC/openSUSE:Factory/.krunvm.new.1835 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "krunvm" Thu Dec 8 16:50:46 2022 rev:7 rq:1041193 version:0.2.2+gite67d0ea Changes: -------- --- /work/SRC/openSUSE:Factory/krunvm/krunvm.changes 2022-05-10 15:12:50.447638896 +0200 +++ /work/SRC/openSUSE:Factory/.krunvm.new.1835/krunvm.changes 2022-12-08 16:51:10.451479516 +0100 @@ -1,0 +2,30 @@ +Fri Sep 30 13:15:57 UTC 2022 - Dario Faggioli <[email protected]> + +- Switch to the new libkrun1 library and devel package as dependencies +- Fix build on all distros by explicitly requiring zstd + +------------------------------------------------------------------- +Wed Sep 28 18:00:50 UTC 2022 - [email protected] + +- Update to version 0.2.2+gite67d0ea: + * Bump version to v0.2.2 + * Restrict the number of values of "-p" and "-v" + * Bump version to v0.2.1 + * macos: fix root ownership and mode + * Bump version to v0.2.0 + * Avoid overriding PATH + * Use krun_set_env to set env vars + * macos: Add missing BuildahCommand + * Export container config on microVM creation + * Remove command and workdir defaults + * Bump version to 0.1.6 + * Cargo: add description and repository + * ci: Add a step to install asciidoctor + * Fix some clippy warnings + * Replace "lightweight VM" with "microVM" + * Add manual pages + * README.md: Replace lightweight VMs with microVMs + * README.md: remove "Limitations" section + * Rename Security.md to SECURITY.md + +------------------------------------------------------------------- Old: ---- krunvm-0.1.4+git5add8c5.obscpio krunvm-0.1.5+giteedd405.obscpio New: ---- krunvm-0.2.2+gite67d0ea.obscpio ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ krunvm.spec ++++++ --- /var/tmp/diff_new_pack.Iavmcf/_old 2022-12-08 16:51:11.251483608 +0100 +++ /var/tmp/diff_new_pack.Iavmcf/_new 2022-12-08 16:51:11.255483629 +0100 @@ -17,7 +17,7 @@ Name: krunvm -Version: 0.1.5+giteedd405 +Version: 0.2.2+gite67d0ea Release: 0 Summary: Manage lightweight VMs created from OCI images License: Apache-2.0 @@ -27,9 +27,11 @@ Source2: cargo_config ExclusiveArch: x86_64 aarch64 BuildRequires: cargo-packaging -BuildRequires: libkrun >= 0.1.7 +BuildRequires: libkrun-devel +BuildRequires: zstd +BuildRequires: rubygem(asciidoctor) Requires: buildah -Conflicts: libkrun-devel +Requires: libkrun1 >= 1.4.4 Conflicts: libkrun0 %description ++++++ _service ++++++ --- /var/tmp/diff_new_pack.Iavmcf/_old 2022-12-08 16:51:11.299483854 +0100 +++ /var/tmp/diff_new_pack.Iavmcf/_new 2022-12-08 16:51:11.303483875 +0100 @@ -1,7 +1,7 @@ <services> <service name="obs_scm" mode="disabled"> <param name="scm">git</param> - <param name="revision">refs/tags/v0.1.5</param> + <param name="revision">refs/tags/v0.2.2</param> <param name="url">https://github.com/containers/krunvm.git</param> <param name="versionformat">@PARENT_TAG@+git%h</param> <param name="changesgenerate">enable</param> @@ -9,6 +9,7 @@ </service> <service name="cargo_vendor" mode="disabled"> <param name="srcdir">krunvm</param> + <param name="compression">zst</param> </service> <service name="cargo_audit" mode="disabled"> <param name="srcdir">krunvm</param> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.Iavmcf/_old 2022-12-08 16:51:11.323483977 +0100 +++ /var/tmp/diff_new_pack.Iavmcf/_new 2022-12-08 16:51:11.327483998 +0100 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/containers/krunvm.git</param> - <param name="changesrevision">eedd4054ed1a987b9927b228ebe57a16558c0e71</param></service></servicedata> + <param name="changesrevision">e67d0ea06536f0e5559811fe46d240101bd47350</param></service></servicedata> (No newline at EOF) ++++++ krunvm-0.1.4+git5add8c5.obscpio -> krunvm-0.2.2+gite67d0ea.obscpio ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/krunvm-0.1.4+git5add8c5/.github/workflows/code_quality.yml new/krunvm-0.2.2+gite67d0ea/.github/workflows/code_quality.yml --- old/krunvm-0.1.4+git5add8c5/.github/workflows/code_quality.yml 2021-03-22 17:39:36.000000000 +0100 +++ new/krunvm-0.2.2+gite67d0ea/.github/workflows/code_quality.yml 2022-08-16 18:03:53.000000000 +0200 @@ -23,6 +23,9 @@ override: true components: rustfmt, clippy + - name: Install asciidoctor + run: sudo apt-get install -y asciidoctor + - name: Formatting (rustfmt) run: cargo fmt -- --check diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/krunvm-0.1.4+git5add8c5/CODE-OF-CONDUCT.md new/krunvm-0.2.2+gite67d0ea/CODE-OF-CONDUCT.md --- old/krunvm-0.1.4+git5add8c5/CODE-OF-CONDUCT.md 1970-01-01 01:00:00.000000000 +0100 +++ new/krunvm-0.2.2+gite67d0ea/CODE-OF-CONDUCT.md 2022-08-16 18:03:53.000000000 +0200 @@ -0,0 +1,3 @@ +## The krunvm Project Community Code of Conduct + +The krunvm Project follows the [Containers Community Code of Conduct](https://github.com/containers/common/blob/master/CODE-OF-CONDUCT.md). diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/krunvm-0.1.4+git5add8c5/Cargo.lock new/krunvm-0.2.2+gite67d0ea/Cargo.lock --- old/krunvm-0.1.4+git5add8c5/Cargo.lock 2021-03-22 17:39:36.000000000 +0100 +++ new/krunvm-0.2.2+gite67d0ea/Cargo.lock 2022-08-16 18:03:53.000000000 +0200 @@ -1,5 +1,7 @@ # This file is automatically @generated by Cargo. # It is not intended for manual editing. +version = 3 + [[package]] name = "ansi_term" version = "0.11.0" @@ -159,7 +161,7 @@ [[package]] name = "krunvm" -version = "0.1.4" +version = "0.2.2" dependencies = [ "clap", "confy", diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/krunvm-0.1.4+git5add8c5/Cargo.toml new/krunvm-0.2.2+gite67d0ea/Cargo.toml --- old/krunvm-0.1.4+git5add8c5/Cargo.toml 2021-03-22 17:39:36.000000000 +0100 +++ new/krunvm-0.2.2+gite67d0ea/Cargo.toml 2022-08-16 18:03:53.000000000 +0200 @@ -1,7 +1,9 @@ [package] name = "krunvm" -version = "0.1.4" +version = "0.2.2" authors = ["Sergio Lopez <[email protected]>"] +description = "Create microVMs from OCI images" +repository = "https://github.com/containers/krunvm"; license = "Apache-2.0" edition = "2018" build = "build.rs" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/krunvm-0.1.4+git5add8c5/README.md new/krunvm-0.2.2+gite67d0ea/README.md --- old/krunvm-0.1.4+git5add8c5/README.md 2021-03-22 17:39:36.000000000 +0100 +++ new/krunvm-0.2.2+gite67d0ea/README.md 2022-08-16 18:03:53.000000000 +0200 @@ -1,6 +1,6 @@ # krunvm -```krunvm``` is a CLI-based utility for managing lightweight VMs created from OCI images, using [libkrun](https://github.com/containers/libkrun) and [buildah](https://github.com/containers/buildah). +```krunvm``` is a CLI-based utility for creating microVMs from OCI images, using [libkrun](https://github.com/containers/libkrun) and [buildah](https://github.com/containers/buildah). ## Features @@ -52,21 +52,3 @@ ``` cargo build --release ``` - -## Limitations - -### Networking - -#### Networking support is limited to TCP IPv4 - -The current implementation of TSI (Transparent Socket Impersonation) -in libkrun is limited to TCP and IPv4. This is expected to improve -soon. - -#### Domain name resolution is broken on musl-based distributions - -As a consequence of the previous point, libkrun-based VMs need to use -TCP for connecting to the DNS servers. **musl libc** does not support -domain name resolution using TCP, so on distributions based on this -library (such as Alpine), name resolution is broken. - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/krunvm-0.1.4+git5add8c5/SECURITY.md new/krunvm-0.2.2+gite67d0ea/SECURITY.md --- old/krunvm-0.1.4+git5add8c5/SECURITY.md 1970-01-01 01:00:00.000000000 +0100 +++ new/krunvm-0.2.2+gite67d0ea/SECURITY.md 2022-08-16 18:03:53.000000000 +0200 @@ -0,0 +1,4 @@ +## Security and Disclosure Information Policy for the krunvm Project + +The krunvm Project follows the [Security and Disclosure Information Policy](https://github.com/containers/common/blob/master/SECURITY.md) for the Containers Projects. + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/krunvm-0.1.4+git5add8c5/build.rs new/krunvm-0.2.2+gite67d0ea/build.rs --- old/krunvm-0.1.4+git5add8c5/build.rs 2021-03-22 17:39:36.000000000 +0100 +++ new/krunvm-0.2.2+gite67d0ea/build.rs 2022-08-16 18:03:53.000000000 +0200 @@ -1,4 +1,60 @@ +use std::path::Path; +use std::{env, fs, io, process}; + +const COMMANDS: [&str; 7] = [ + "krunvm", + "krunvm-changevm", + "krunvm-create", + "krunvm-config", + "krunvm-delete", + "krunvm-list", + "krunvm-start", +]; + fn main() { + let outdir = match env::var_os("OUT_DIR") { + Some(outdir) => outdir, + None => { + panic!("OUT_DIR environment variable not defined."); + } + }; + fs::create_dir_all(&outdir).unwrap(); + + for command in COMMANDS { + if let Err(err) = generate_man_page(&outdir, command) { + panic!("failed to generate man page: {}", err); + } + } + #[cfg(target_os = "macos")] println!("cargo:rustc-link-search=/opt/homebrew/lib"); } + +fn generate_man_page<P: AsRef<Path>>(outdir: P, command: &str) -> io::Result<()> { + // If asciidoctor isn't installed, fallback to asciidoc. + if let Err(err) = process::Command::new("asciidoctor").output() { + eprintln!("Error from running 'asciidoctor': {}", err); + return Err(err); + } + + let outdir = outdir.as_ref(); + let outfile = outdir.join(format!("{}.1", command)); + let cwd = env::current_dir()?; + let txt_path = cwd.join("docs").join(format!("{}.1.txt", command)); + + let result = process::Command::new("asciidoctor") + .arg("--doctype") + .arg("manpage") + .arg("--backend") + .arg("manpage") + .arg("--out-file") + .arg(&outfile) + .arg(&txt_path) + .spawn()? + .wait()?; + if !result.success() { + let msg = format!("'asciidoctor' failed with exit code {:?}", result.code()); + return Err(io::Error::new(io::ErrorKind::Other, msg)); + } + Ok(()) +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/krunvm-0.1.4+git5add8c5/docs/krunvm-changevm.1.txt new/krunvm-0.2.2+gite67d0ea/docs/krunvm-changevm.1.txt --- old/krunvm-0.1.4+git5add8c5/docs/krunvm-changevm.1.txt 1970-01-01 01:00:00.000000000 +0100 +++ new/krunvm-0.2.2+gite67d0ea/docs/krunvm-changevm.1.txt 2022-08-16 18:03:53.000000000 +0200 @@ -0,0 +1,67 @@ +krunvm-changevm(1) +================== + +NAME +---- +krunvm-changevm - Change the configuration of a microVM + + +SYNOPSIS +-------- +*krunvm changevm* [_OPTIONS_] _microVM_ + + +DESCRIPTION +----------- +*krunvm changevm* changes the configuration of an existing microVM. + +When run without any _OPTIONS_, it displays the current configuration +of the microVM. + + +OPTIONS +------- +*--remove-ports*:: + Removes all port mappings. + +*--remote-volumes*:: + Removes all volume mappings. + +*--cpus* _NUM_:: + Changes the number of vCPUs that will be created for this microVM. + +*--mem* _NUM_:: + Changes the amount of RAM, in MiB, that will be available to this + microVM. ++ +The memory configured for the microVM will not be reserved +immediately. Instead, it will be provided as the guest demands it, and +both the guest and libkrun (acting as the Virtual Machine Monitor) +will attempt to return as many pages as possible to the host. + +*--name* _NAME_:: + Assigns a new name to the microVM. + +*-p, --port* _HOST_PORT:GUEST_PORT_:: + Exposes a port in the guest running in the microVM through a port in the host. ++ +This option can be specified multiple times to expose as many guest +ports as desired. + +*-v, --volume* _HOST_PATH:GUEST_PATH_:: + Makes _HOST_PATH_ visible in the guest running in the microVM through _GUEST_PATH_. ++ +This option can be specified multiple times to make more paths in the +host visible in the guest. + +*-w, --workdir* _GUEST_PATH_:: + Configures _GUEST_PATH_ as the working directory for the first + binary executed in the microVM. ++ +An empty string ("") tells krunvm to not set a working directory +explicitly, letting libkrun decide which one should be set. + + +SEE ALSO +-------- +*krunvm(1)*, *krunvm-create(1)* diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/krunvm-0.1.4+git5add8c5/docs/krunvm-config.1.txt new/krunvm-0.2.2+gite67d0ea/docs/krunvm-config.1.txt --- old/krunvm-0.1.4+git5add8c5/docs/krunvm-config.1.txt 1970-01-01 01:00:00.000000000 +0100 +++ new/krunvm-0.2.2+gite67d0ea/docs/krunvm-config.1.txt 2022-08-16 18:03:53.000000000 +0200 @@ -0,0 +1,40 @@ +krunvm-config(1) +================ + +NAME +---- +krunvm-config - Configure default values + + +SYNOPSIS +-------- +*krunvm config* [_OPTIONS_] + + +DESCRIPTION +----------- +*krunvm config* configures the default values that will be used for +newly created microVMs when a explicit value has not been passed to +*krunvm-create(1)* + +When run without any _OPTIONS_ it displays the current default values. + + +OPTIONS +------- +*--cpus* _NUM_:: + Sets the default number of vCPUs that will be configured for newly + created microVMs. + +*--dns* _IP_:: + Sets the default IP that will be configured as DNS for newly created + microVMs. + +*--mem* _NUM_:: + Sets the default mount of RAM, in MiB, that will be configured for + newly created microVMs. + + +SEE ALSO +-------- +*krunvm(1)* diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/krunvm-0.1.4+git5add8c5/docs/krunvm-create.1.txt new/krunvm-0.2.2+gite67d0ea/docs/krunvm-create.1.txt --- old/krunvm-0.1.4+git5add8c5/docs/krunvm-create.1.txt 1970-01-01 01:00:00.000000000 +0100 +++ new/krunvm-0.2.2+gite67d0ea/docs/krunvm-create.1.txt 2022-08-16 18:03:53.000000000 +0200 @@ -0,0 +1,59 @@ +krunvm-create(1) +================ + +NAME +---- +krunvm-create - Create a new microVM from an OCI image + + +SYNOPSIS +-------- +*krunvm create* [_OPTIONS_] _IMAGE_ + + +DESCRIPTION +----------- +*krunvm create* creates a new microVM from the OCI image specified by +_IMAGE_. Please refer to buildah-from(1) for information about the +format supported by the _IMAGE_ argument. + + +OPTIONS +------- +*--cpus* _NUM_:: + The number of vCPUs that will be created for this microVM. + +*--mem* _NUM_:: + The amount of RAM, in MiB, that will be available to this microVM. ++ +The memory configured for the microVM will not be reserved +immediately. Instead, it will be provided as the guest demands it, and +both the guest and libkrun (acting as the Virtual Machine Monitor) +will attempt to return as many pages as possible to the host. + +*--name* _NAME_:: + The name to be assigned to this microVM. + +*-p, --port* _HOST_PORT:GUEST_PORT_:: + Exposes a port in the guest running in the microVM through a port in the host. ++ +This option can be specified multiple times to expose as many guest +ports as desired. + +*-v, --volume* _HOST_PATH:GUEST_PATH_:: + Makes _HOST_PATH_ visible in the guest running in the microVM through _GUEST_PATH_. ++ +This option can be specified multiple times to make more paths in the +host visible in the guest. + +*-w, --workdir* _GUEST_PATH_:: + Configures _GUEST_PATH_ as the working directory for the first + binary executed in the microVM. ++ +An empty string ("") tells krunvm to not set a working directory +explicitly, letting libkrun decide which one should be set. + + +SEE ALSO +-------- +*buildah(1)*, *buildah-from(1)*, *krunvm(1)*, *krunvm-changevm(1)* diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/krunvm-0.1.4+git5add8c5/docs/krunvm-delete.1.txt new/krunvm-0.2.2+gite67d0ea/docs/krunvm-delete.1.txt --- old/krunvm-0.1.4+git5add8c5/docs/krunvm-delete.1.txt 1970-01-01 01:00:00.000000000 +0100 +++ new/krunvm-0.2.2+gite67d0ea/docs/krunvm-delete.1.txt 2022-08-16 18:03:53.000000000 +0200 @@ -0,0 +1,22 @@ +krunvm-delete(1) +================ + +NAME +---- +krunvm-delete - Deletes an existing microVM + + +SYNOPSIS +-------- +*krunvm delete* _microVM_ + + +DESCRIPTION +----------- +*krunvm delete* deletes an existing microVM configuration and requests +to buildah(1) to unmount and remove the OCI image that was backing it. + + +SEE ALSO +-------- +*buildah(1)*, *krunvm(1)* diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/krunvm-0.1.4+git5add8c5/docs/krunvm-list.1.txt new/krunvm-0.2.2+gite67d0ea/docs/krunvm-list.1.txt --- old/krunvm-0.1.4+git5add8c5/docs/krunvm-list.1.txt 1970-01-01 01:00:00.000000000 +0100 +++ new/krunvm-0.2.2+gite67d0ea/docs/krunvm-list.1.txt 2022-08-16 18:03:53.000000000 +0200 @@ -0,0 +1,22 @@ +krunvm-list(1) +============== + +NAME +---- +krunvm-list - Lists the existing microVMs + + +SYNOPSIS +-------- +*krunvm list* + + +DESCRIPTION +----------- +*krunvm list* lists the microVMs created by *krunvm-create(1)* that +have not been removed by *krunvm-delete(1)*. + + +SEE ALSO +-------- +*krunvm(1)*, *krunvm-create(1)*, *krunvm-delete(1)* diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/krunvm-0.1.4+git5add8c5/docs/krunvm-start.1.txt new/krunvm-0.2.2+gite67d0ea/docs/krunvm-start.1.txt --- old/krunvm-0.1.4+git5add8c5/docs/krunvm-start.1.txt 1970-01-01 01:00:00.000000000 +0100 +++ new/krunvm-0.2.2+gite67d0ea/docs/krunvm-start.1.txt 2022-08-16 18:03:53.000000000 +0200 @@ -0,0 +1,39 @@ +krunvm-start(1) +=============== + +NAME +---- +krunvm-start - Starts an existing microVM + + +SYNOPSIS +-------- +*krunvm start* [_OPTIONS_] _microVM_ [_COMMAND_] [-- ARGS] + + +DESCRIPTION +----------- +*krunvm start* starts an existing microVM created by krunvm-create(1) +and attaches stdin/stdout to its virtio-console providing a seamless +experience for interacting with the guest running inside it. + +_COMMAND_ is the first binary to be executed in the microVM. If it's +not present in the command line, krunvm-start(1) lets libkrun decide +which binary will be executed. + +Additional arguments for _COMMAND_ can be specified in the command +line by appending _--_ followed by _ARGS_. + + +OPTIONS +------- +*--cpus* _NUM_:: + Override the number of vCPUs configured for this microVM. + +*--mem* _NUM_:: + Override amount of RAM, in MiB, configured for this microVM. + + +SEE ALSO +-------- +*krunvm(1)*, *krunvm-create(1)*, *krunvm-changevm(1)* diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/krunvm-0.1.4+git5add8c5/docs/krunvm.1.txt new/krunvm-0.2.2+gite67d0ea/docs/krunvm.1.txt --- old/krunvm-0.1.4+git5add8c5/docs/krunvm.1.txt 1970-01-01 01:00:00.000000000 +0100 +++ new/krunvm-0.2.2+gite67d0ea/docs/krunvm.1.txt 2022-08-16 18:03:53.000000000 +0200 @@ -0,0 +1,59 @@ +krunvm(1) +========= + +NAME +---- +krunvm - Create microVMs from OCI images + + +SYNOPSIS +-------- +*krunvm* [_GLOBAL_OPTIONS_] *command* + + +DESCRIPTION +----------- +krunvm is a CLI utility to create, manage and start microVMs which are +generated from OCI images, providing an interface that resembles +operating on conventional containers. + +krunvm uses buildah(1) to download the OCI image and mount it into a +local directory, and libkrun to launch the microVM. + +The local directory where the OCI image has been mounted is used as +the root filesystem for the microVM, serviced by a virtio-fs +device/server bundled into libkrun. + +krunvm supports mounting additional local directories into the +microVM and exposing ports from the guest to the host (and the +networks connected to it). + +Networking to the guest running in the microVM is provided by +libkrun's TSI (Transparent Socket Impersonation), enabling a seamless +experience that doesn't require network bridges nor other explicit +network configuration. + + +GLOBAL OPTIONS +-------------- +*-v* _NUM_:: + Sets the verbosity level, from the lowest (0) to the highest (5). + + +COMMANDS +-------- +|=== +|Command | Description + +|krunvm-changevm(1) | Change the configuration of a microVM +|krunvm-config(1) | Configure global values +|krunvm-create(1) | Create a new microVM +|krunvm-delete(1) | Delete an existing microVM +|krunvm-list(1) | List the existing microVMs +|krunvm-start(1) | Start an existing microVM +|=== + + +SEE ALSO +-------- +*buildah(1)* diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/krunvm-0.1.4+git5add8c5/src/bindings.rs new/krunvm-0.2.2+gite67d0ea/src/bindings.rs --- old/krunvm-0.1.4+git5add8c5/src/bindings.rs 2021-03-22 17:39:36.000000000 +0100 +++ new/krunvm-0.2.2+gite67d0ea/src/bindings.rs 2022-08-16 18:03:53.000000000 +0200 @@ -17,5 +17,6 @@ argv: *const *const i8, envp: *const *const i8, ) -> i32; + pub fn krun_set_env(ctx: u32, envp: *const *const i8) -> i32; pub fn krun_start_enter(ctx: u32) -> i32; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/krunvm-0.1.4+git5add8c5/src/create.rs new/krunvm-0.2.2+gite67d0ea/src/create.rs --- old/krunvm-0.1.4+git5add8c5/src/create.rs 2021-03-22 17:39:36.000000000 +0100 +++ new/krunvm-0.2.2+gite67d0ea/src/create.rs 2022-08-16 18:03:53.000000000 +0200 @@ -5,7 +5,10 @@ use std::io::Write; use std::process::Command; -use super::utils::{mount_container, parse_mapped_ports, parse_mapped_volumes, umount_container}; +use super::utils::{ + get_buildah_args, mount_container, parse_mapped_ports, parse_mapped_volumes, umount_container, + BuildahCommand, +}; use crate::{ArgMatches, KrunvmConfig, VmConfig, APP_NAME}; fn fix_resolv_conf(rootfs: &str, dns: &str) -> Result<(), std::io::Error> { @@ -19,6 +22,45 @@ Ok(()) } +fn export_container_config( + cfg: &KrunvmConfig, + rootfs: &str, + image: &str, +) -> Result<(), std::io::Error> { + let mut args = get_buildah_args(cfg, BuildahCommand::Inspect); + args.push(image.to_string()); + + let output = match Command::new("buildah") + .args(&args) + .stderr(std::process::Stdio::inherit()) + .output() + { + Ok(output) => output, + Err(err) => { + if err.kind() == std::io::ErrorKind::NotFound { + println!("{} requires buildah to manage the OCI images, and it wasn't found on this system.", APP_NAME); + } else { + println!("Error executing buildah: {}", err); + } + std::process::exit(-1); + } + }; + + let exit_code = output.status.code().unwrap_or(-1); + if exit_code != 0 { + println!( + "buildah returned an error: {}", + std::str::from_utf8(&output.stdout).unwrap() + ); + std::process::exit(-1); + } + + let mut file = fs::File::create(format!("{}/.krun_config.json", rootfs))?; + file.write_all(&output.stdout)?; + + Ok(()) +} + pub fn create(cfg: &mut KrunvmConfig, matches: &ArgMatches) { let cpus = match matches.value_of("cpus") { Some(c) => match c.parse::<u32>() { @@ -71,24 +113,8 @@ } } - #[cfg(target_os = "linux")] - let mut args = vec!["from"]; - #[cfg(target_os = "macos")] - let storage_root = format!("{}/root", cfg.storage_volume); - #[cfg(target_os = "macos")] - let storage_runroot = format!("{}/runroot", cfg.storage_volume); - #[cfg(target_os = "macos")] - let mut args = vec![ - "--root", - &storage_root, - "--runroot", - &storage_runroot, - "from", - "--os", - "linux", - ]; - - args.push(image); + let mut args = get_buildah_args(cfg, BuildahCommand::From); + args.push(image.to_string()); let output = match Command::new("buildah") .args(&args) @@ -100,7 +126,7 @@ if err.kind() == std::io::ErrorKind::NotFound { println!("{} requires buildah to manage the OCI images, and it wasn't found on this system.", APP_NAME); } else { - println!("Error executing buildah: {}", err.to_string()); + println!("Error executing buildah: {}", err); } std::process::exit(-1); } @@ -132,12 +158,13 @@ mapped_ports, }; - let rootfs = mount_container(&cfg, &vmcfg).unwrap(); - fix_resolv_conf(&rootfs, &dns).unwrap(); - umount_container(&cfg, &vmcfg).unwrap(); + let rootfs = mount_container(cfg, &vmcfg).unwrap(); + export_container_config(cfg, &rootfs, image).unwrap(); + fix_resolv_conf(&rootfs, dns).unwrap(); + umount_container(cfg, &vmcfg).unwrap(); cfg.vmconfig_map.insert(name.clone(), vmcfg); confy::store(APP_NAME, cfg).unwrap(); - println!("Lightweight VM created with name: {}", name); + println!("microVM created with name: {}", name); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/krunvm-0.1.4+git5add8c5/src/delete.rs new/krunvm-0.2.2+gite67d0ea/src/delete.rs --- old/krunvm-0.1.4+git5add8c5/src/delete.rs 2021-03-22 17:39:36.000000000 +0100 +++ new/krunvm-0.2.2+gite67d0ea/src/delete.rs 2022-08-16 18:03:53.000000000 +0200 @@ -16,8 +16,8 @@ Some(vmcfg) => vmcfg, }; - umount_container(&cfg, &vmcfg).unwrap(); - remove_container(&cfg, &vmcfg).unwrap(); + umount_container(cfg, &vmcfg).unwrap(); + remove_container(cfg, &vmcfg).unwrap(); confy::store(APP_NAME, &cfg).unwrap(); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/krunvm-0.1.4+git5add8c5/src/list.rs new/krunvm-0.2.2+gite67d0ea/src/list.rs --- old/krunvm-0.1.4+git5add8c5/src/list.rs 2021-03-22 17:39:36.000000000 +0100 +++ new/krunvm-0.2.2+gite67d0ea/src/list.rs 2022-08-16 18:03:53.000000000 +0200 @@ -16,7 +16,7 @@ pub fn list(cfg: &KrunvmConfig, _matches: &ArgMatches) { if cfg.vmconfig_map.is_empty() { - println!("No lightweight VMs found"); + println!("No microVMs found"); } else { for (_name, vm) in cfg.vmconfig_map.iter() { println!(); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/krunvm-0.1.4+git5add8c5/src/main.rs new/krunvm-0.2.2+gite67d0ea/src/main.rs --- old/krunvm-0.1.4+git5add8c5/src/main.rs 2021-03-22 17:39:36.000000000 +0100 +++ new/krunvm-0.2.2+gite67d0ea/src/main.rs 2022-08-16 18:03:53.000000000 +0200 @@ -143,11 +143,7 @@ #[cfg(target_os = "linux")] fn check_unshare() { let uid = unsafe { libc::getuid() }; - if uid != 0 - && std::env::vars() - .find(|(key, _)| key == "BUILDAH_ISOLATION") - .is_none() - { + if uid != 0 && !std::env::vars().any(|(key, _)| key == "BUILDAH_ISOLATION") { println!("Please re-run krunvm inside a \"buildah unshare\" session"); std::process::exit(-1); } @@ -159,7 +155,7 @@ let mut app = App::new("krunvm") .version(crate_version!()) .author("Sergio Lopez <[email protected]>") - .about("Manage lightweight VMs created from OCI images") + .about("Manage microVMs created from OCI images") .arg( Arg::with_name("v") .short("v") @@ -168,7 +164,7 @@ ) .subcommand( App::new("changevm") - .about("Change the configuration of a lightweight VM") + .about("Change the configuration of a microVM") .arg( Arg::with_name("cpus") .long("cpus") @@ -185,7 +181,7 @@ Arg::with_name("workdir") .long("workdir") .short("w") - .help("Working directory inside the lightweight VM") + .help("Working directory inside the microVM") .takes_value(true), ) .arg( @@ -199,7 +195,8 @@ .short("v") .help("Volume in form \"host_path:guest_path\" to be exposed to the guest") .takes_value(true) - .multiple(true), + .multiple(true) + .number_of_values(1), ) .arg( Arg::with_name("remove-ports") @@ -212,7 +209,8 @@ .short("p") .help("Port in format \"host_port:guest_port\" to be exposed to the host") .takes_value(true) - .multiple(true), + .multiple(true) + .number_of_values(1), ) .arg( Arg::with_name("new-name") @@ -244,13 +242,13 @@ .arg( Arg::with_name("dns") .long("dns") - .help("DNS server to use in the lightweight VM") + .help("DNS server to use in the microVM") .takes_value(true), ), ) .subcommand( App::new("create") - .about("Create a new lightweight VM") + .about("Create a new microVM") .arg( Arg::with_name("cpus") .long("cpus") @@ -266,16 +264,16 @@ .arg( Arg::with_name("dns") .long("dns") - .help("DNS server to use in the lightweight VM") + .help("DNS server to use in the microVM") .takes_value(true), ) .arg( Arg::with_name("workdir") .long("workdir") .short("w") - .help("Working directory inside the lightweight VM") + .help("Working directory inside the microVM") .takes_value(true) - .default_value("/root"), + .default_value(""), ) .arg( Arg::with_name("volume") @@ -283,7 +281,8 @@ .short("v") .help("Volume in form \"host_path:guest_path\" to be exposed to the guest") .takes_value(true) - .multiple(true), + .multiple(true) + .number_of_values(1), ) .arg( Arg::with_name("port") @@ -291,7 +290,8 @@ .short("p") .help("Port in format \"host_port:guest_port\" to be exposed to the host") .takes_value(true) - .multiple(true), + .multiple(true) + .number_of_values(1), ) .arg( Arg::with_name("name") @@ -306,17 +306,15 @@ ), ) .subcommand( - App::new("delete") - .about("Delete an existing lightweight VM") - .arg( - Arg::with_name("NAME") - .help("Name of the lightweight VM to be deleted") - .required(true) - .index(1), - ), + App::new("delete").about("Delete an existing microVM").arg( + Arg::with_name("NAME") + .help("Name of the microVM to be deleted") + .required(true) + .index(1), + ), ) .subcommand( - App::new("list").about("List lightweight VMs").arg( + App::new("list").about("List microVMs").arg( Arg::with_name("debug") .short("d") .help("print debug information verbosely"), @@ -324,7 +322,7 @@ ) .subcommand( App::new("start") - .about("Start an existing lightweight VM") + .about("Start an existing microVM") .arg(Arg::with_name("cpus").long("cpus").help("Number of vCPUs")) .arg( Arg::with_name("mem") @@ -333,15 +331,14 @@ ) .arg( Arg::with_name("NAME") - .help("Name of the lightweight VM") + .help("Name of the microVM") .required(true) .index(1), ) .arg( Arg::with_name("COMMAND") .help("Command to run inside the VM") - .index(2) - .default_value("/bin/sh"), + .index(2), ) .arg( Arg::with_name("ARGS") @@ -358,17 +355,17 @@ #[cfg(target_os = "linux")] check_unshare(); - if let Some(ref matches) = matches.subcommand_matches("changevm") { + if let Some(matches) = matches.subcommand_matches("changevm") { changevm::changevm(&mut cfg, matches); - } else if let Some(ref matches) = matches.subcommand_matches("config") { + } else if let Some(matches) = matches.subcommand_matches("config") { config::config(&mut cfg, matches); - } else if let Some(ref matches) = matches.subcommand_matches("create") { + } else if let Some(matches) = matches.subcommand_matches("create") { create::create(&mut cfg, matches); - } else if let Some(ref matches) = matches.subcommand_matches("delete") { + } else if let Some(matches) = matches.subcommand_matches("delete") { delete::delete(&mut cfg, matches); - } else if let Some(ref matches) = matches.subcommand_matches("list") { + } else if let Some(matches) = matches.subcommand_matches("list") { list::list(&cfg, matches); - } else if let Some(ref matches) = matches.subcommand_matches("start") { + } else if let Some(matches) = matches.subcommand_matches("start") { start::start(&cfg, matches); } else { app.print_long_help().unwrap(); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/krunvm-0.1.4+git5add8c5/src/start.rs new/krunvm-0.2.2+gite67d0ea/src/start.rs --- old/krunvm-0.1.4+git5add8c5/src/start.rs 2021-03-22 17:39:36.000000000 +0100 +++ new/krunvm-0.2.2+gite67d0ea/src/start.rs 2022-08-16 18:03:53.000000000 +0200 @@ -66,7 +66,7 @@ } } -unsafe fn exec_vm(vmcfg: &VmConfig, rootfs: &str, cmd: &str, args: Vec<CString>) { +unsafe fn exec_vm(vmcfg: &VmConfig, rootfs: &str, cmd: Option<&str>, args: Vec<CString>) { //bindings::krun_set_log_level(9); let ctx = bindings::krun_create_ctx() as u32; @@ -84,7 +84,7 @@ std::process::exit(-1); } - map_volumes(ctx, &vmcfg, rootfs); + map_volumes(ctx, vmcfg, rootfs); let mut ports = Vec::new(); for (host_port, guest_port) in vmcfg.mapped_ports.iter() { @@ -102,39 +102,47 @@ std::process::exit(-1); } - let c_workdir = CString::new(vmcfg.workdir.clone()).unwrap(); - let ret = bindings::krun_set_workdir(ctx, c_workdir.as_ptr() as *const i8); - if ret < 0 { - println!("Error setting VM workdir"); - std::process::exit(-1); - } - - let mut argv: Vec<*const i8> = Vec::new(); - for a in args.iter() { - argv.push(a.as_ptr() as *const i8); + if !vmcfg.workdir.is_empty() { + let c_workdir = CString::new(vmcfg.workdir.clone()).unwrap(); + let ret = bindings::krun_set_workdir(ctx, c_workdir.as_ptr() as *const i8); + if ret < 0 { + println!("Error setting VM workdir"); + std::process::exit(-1); + } } - argv.push(std::ptr::null()); let hostname = CString::new(format!("HOSTNAME={}", vmcfg.name)).unwrap(); let home = CString::new("HOME=/root").unwrap(); - let path = CString::new("PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin").unwrap(); - let env: [*const i8; 4] = [ + let env: [*const i8; 3] = [ hostname.as_ptr() as *const i8, home.as_ptr() as *const i8, - path.as_ptr() as *const i8, std::ptr::null(), ]; - let c_cmd = CString::new(cmd).unwrap(); - let ret = bindings::krun_set_exec( - ctx, - c_cmd.as_ptr() as *const i8, - argv.as_ptr() as *const *const i8, - env.as_ptr() as *const *const i8, - ); - if ret < 0 { - println!("Error setting VM config"); - std::process::exit(-1); + if let Some(cmd) = cmd { + let mut argv: Vec<*const i8> = Vec::new(); + for a in args.iter() { + argv.push(a.as_ptr() as *const i8); + } + argv.push(std::ptr::null()); + + let c_cmd = CString::new(cmd).unwrap(); + let ret = bindings::krun_set_exec( + ctx, + c_cmd.as_ptr() as *const i8, + argv.as_ptr() as *const *const i8, + env.as_ptr() as *const *const i8, + ); + if ret < 0 { + println!("Error setting VM config"); + std::process::exit(-1); + } + } else { + let ret = bindings::krun_set_env(ctx, env.as_ptr() as *const *const i8); + if ret < 0 { + println!("Error setting VM environment variables"); + std::process::exit(-1); + } } let ret = bindings::krun_start_enter(ctx); @@ -176,7 +184,7 @@ } pub fn start(cfg: &KrunvmConfig, matches: &ArgMatches) { - let cmd = matches.value_of("COMMAND").unwrap(); + let cmd = matches.value_of("COMMAND"); let name = matches.value_of("NAME").unwrap(); let vmcfg = match cfg.vmconfig_map.get(name) { @@ -187,12 +195,16 @@ Some(vmcfg) => vmcfg, }; - umount_container(&cfg, vmcfg).expect("Error unmounting container"); - let rootfs = mount_container(&cfg, vmcfg).expect("Error mounting container"); + umount_container(cfg, vmcfg).expect("Error unmounting container"); + let rootfs = mount_container(cfg, vmcfg).expect("Error mounting container"); - let args: Vec<CString> = match matches.values_of("ARGS") { - Some(a) => a.map(|val| CString::new(val).unwrap()).collect(), - None => Vec::new(), + let args: Vec<CString> = if cmd.is_some() { + match matches.values_of("ARGS") { + Some(a) => a.map(|val| CString::new(val).unwrap()).collect(), + None => Vec::new(), + } + } else { + Vec::new() }; set_rlimits(); @@ -201,5 +213,5 @@ unsafe { exec_vm(vmcfg, &rootfs, cmd, args) }; - umount_container(&cfg, vmcfg).expect("Error unmounting container"); + umount_container(cfg, vmcfg).expect("Error unmounting container"); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/krunvm-0.1.4+git5add8c5/src/utils.rs new/krunvm-0.2.2+gite67d0ea/src/utils.rs --- old/krunvm-0.1.4+git5add8c5/src/utils.rs 2021-03-22 17:39:36.000000000 +0100 +++ new/krunvm-0.2.2+gite67d0ea/src/utils.rs 2022-08-16 18:03:53.000000000 +0200 @@ -7,6 +7,70 @@ use crate::{KrunvmConfig, VmConfig, APP_NAME}; +pub enum BuildahCommand { + From, + Inspect, + Mount, + Unmount, + Remove, +} + +#[cfg(target_os = "linux")] +pub fn get_buildah_args(_cfg: &KrunvmConfig, cmd: BuildahCommand) -> Vec<String> { + match cmd { + BuildahCommand::From => vec!["from".to_string()], + BuildahCommand::Inspect => vec!["inspect".to_string()], + BuildahCommand::Mount => vec!["mount".to_string()], + BuildahCommand::Unmount => vec!["umount".to_string()], + BuildahCommand::Remove => vec!["rm".to_string()], + } +} + +#[cfg(target_os = "macos")] +pub fn get_buildah_args(cfg: &KrunvmConfig, cmd: BuildahCommand) -> Vec<String> { + let mut hbpath = std::env::current_exe().unwrap(); + hbpath.pop(); + hbpath.pop(); + let hbpath = hbpath.as_path().display(); + let policy_json = format!("{}/etc/containers/policy.json", hbpath); + let registries_json = format!("{}/etc/containers/registries.conf", hbpath); + let storage_root = format!("{}/root", cfg.storage_volume); + let storage_runroot = format!("{}/runroot", cfg.storage_volume); + + let mut args = vec![ + "--root".to_string(), + storage_root, + "--runroot".to_string(), + storage_runroot, + ]; + + match cmd { + BuildahCommand::From => { + args.push("--signature-policy".to_string()); + args.push(policy_json); + args.push("--registries-conf".to_string()); + args.push(registries_json); + + args.push("from".to_string()); + args.push("--os".to_string()); + args.push("linux".to_string()); + } + BuildahCommand::Inspect => { + args.push("inspect".to_string()); + } + BuildahCommand::Mount => { + args.push("mount".to_string()); + } + BuildahCommand::Unmount => { + args.push("umount".to_string()); + } + BuildahCommand::Remove => { + args.push("rm".to_string()); + } + } + args +} + pub fn parse_mapped_ports(port_matches: Vec<&str>) -> HashMap<String, String> { let mut mapped_ports = HashMap::new(); for port in port_matches.iter() { @@ -73,24 +137,38 @@ mapped_volumes } +#[cfg(target_os = "macos")] +fn fix_root_mode(rootfs: &str) { + let mut args = vec!["-w", "user.containers.override_stat", "0:0:0555"]; + args.push(rootfs); + + let output = match Command::new("xattr") + .args(&args) + .stderr(std::process::Stdio::inherit()) + .output() + { + Ok(output) => output, + Err(err) => { + if err.kind() == std::io::ErrorKind::NotFound { + println!("{} requires xattr to manage the OCI images, and it wasn't found on this system.", APP_NAME); + } else { + println!("Error executing xattr: {}", err); + } + std::process::exit(-1); + } + }; + + let exit_code = output.status.code().unwrap_or(-1); + if exit_code != 0 { + println!("xattr returned an error: {}", exit_code); + std::process::exit(-1); + } +} + #[allow(unused_variables)] pub fn mount_container(cfg: &KrunvmConfig, vmcfg: &VmConfig) -> Result<String, std::io::Error> { - #[cfg(target_os = "macos")] - let storage_root = format!("{}/root", cfg.storage_volume); - #[cfg(target_os = "macos")] - let storage_runroot = format!("{}/runroot", cfg.storage_volume); - #[cfg(target_os = "macos")] - let mut args = vec![ - "--root", - &storage_root, - "--runroot", - &storage_runroot, - "mount", - ]; - #[cfg(target_os = "linux")] - let mut args = vec!["mount"]; - - args.push(&vmcfg.container); + let mut args = get_buildah_args(cfg, BuildahCommand::Mount); + args.push(vmcfg.container.clone()); let output = match Command::new("buildah") .args(&args) @@ -102,7 +180,7 @@ if err.kind() == std::io::ErrorKind::NotFound { println!("{} requires buildah to manage the OCI images, and it wasn't found on this system.", APP_NAME); } else { - println!("Error executing buildah: {}", err.to_string()); + println!("Error executing buildah: {}", err); } std::process::exit(-1); } @@ -118,27 +196,17 @@ } let rootfs = std::str::from_utf8(&output.stdout).unwrap().trim(); + + #[cfg(target_os = "macos")] + fix_root_mode(&rootfs); + Ok(rootfs.to_string()) } #[allow(unused_variables)] pub fn umount_container(cfg: &KrunvmConfig, vmcfg: &VmConfig) -> Result<(), std::io::Error> { - #[cfg(target_os = "macos")] - let storage_root = format!("{}/root", cfg.storage_volume); - #[cfg(target_os = "macos")] - let storage_runroot = format!("{}/runroot", cfg.storage_volume); - #[cfg(target_os = "macos")] - let mut args = vec![ - "--root", - &storage_root, - "--runroot", - &storage_runroot, - "umount", - ]; - #[cfg(target_os = "linux")] - let mut args = vec!["umount"]; - - args.push(&vmcfg.container); + let mut args = get_buildah_args(cfg, BuildahCommand::Unmount); + args.push(vmcfg.container.clone()); let output = match Command::new("buildah") .args(&args) @@ -150,7 +218,7 @@ if err.kind() == std::io::ErrorKind::NotFound { println!("{} requires buildah to manage the OCI images, and it wasn't found on this system.", APP_NAME); } else { - println!("Error executing buildah: {}", err.to_string()); + println!("Error executing buildah: {}", err); } std::process::exit(-1); } @@ -170,16 +238,8 @@ #[allow(unused_variables)] pub fn remove_container(cfg: &KrunvmConfig, vmcfg: &VmConfig) -> Result<(), std::io::Error> { - #[cfg(target_os = "macos")] - let storage_root = format!("{}/root", cfg.storage_volume); - #[cfg(target_os = "macos")] - let storage_runroot = format!("{}/runroot", cfg.storage_volume); - #[cfg(target_os = "macos")] - let mut args = vec!["--root", &storage_root, "--runroot", &storage_runroot, "rm"]; - #[cfg(target_os = "linux")] - let mut args = vec!["rm"]; - - args.push(&vmcfg.container); + let mut args = get_buildah_args(cfg, BuildahCommand::Remove); + args.push(vmcfg.container.clone()); let output = match Command::new("buildah") .args(&args) @@ -191,7 +251,7 @@ if err.kind() == std::io::ErrorKind::NotFound { println!("{} requires buildah to manage the OCI images, and it wasn't found on this system.", APP_NAME); } else { - println!("Error executing buildah: {}", err.to_string()); + println!("Error executing buildah: {}", err); } std::process::exit(-1); } ++++++ krunvm.obsinfo ++++++ --- /var/tmp/diff_new_pack.Iavmcf/_old 2022-12-08 16:51:11.443484591 +0100 +++ /var/tmp/diff_new_pack.Iavmcf/_new 2022-12-08 16:51:11.447484611 +0100 @@ -1,5 +1,5 @@ name: krunvm -version: 0.1.5+giteedd405 -mtime: 1651258417 -commit: eedd4054ed1a987b9927b228ebe57a16558c0e71 +version: 0.2.2+gite67d0ea +mtime: 1660665833 +commit: e67d0ea06536f0e5559811fe46d240101bd47350 ++++++ vendor.tar.zst ++++++ Binary files /var/tmp/diff_new_pack.Iavmcf/_old and /var/tmp/diff_new_pack.Iavmcf/_new differ
