Let's not expose the user/root password in the CLI and, instead, let's
rely on a file passed by the admin and read the password from there.
'CVE-2019-10183' has been assigned to the virt-install --unattended
admin-password=xxx disclosure issue.
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
* Renaming HACKING.md to CONTRIBUTING.md, special github naming
* Point to modern virt-manager.org bug link
* Mention option to use github issue tracker
* Point to the github wiki for more contribution docs
* Many minor updates
The <domain> XML it alters is called <seclabel>, and security is
really generic sounding. Add the alias and switch the documentation
over to prefer --seclabel
There is a new security feature 'md-clear' that mitigates recent CPU
Microarchitectural Store Buffer Data vulnerability.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
To match the XML schema, rename these subarguments and add aliases
to preserve compatibility:
* backend_connect_host -> backend.source.connect_host
* backend_connect_service -> backend.source.connect_service
* backend_host -> backend.source.host
* backend_mode -> backend.source.mode
* backend_service -> backend.source.service
* backend_type -> backend.type
* rate_bytes -> rate.bytes
* rate_period -> rate.period
'type', and 'device' are kept as advertised options,
due to them being commonly specified and documented
To match the XML schema, rename these subarguments and add aliases
to preserve compatibility:
* protocol -> protocol.type
* target_address -> target.address
* name -> target.name
* target_type -> target.type
'host', 'path', 'mode', and 'bind_host' are kept as advertised options,
due to them being commonly specified and documented
To match the XML schema, rename these subarguments and add aliases
to preserve compatibility:
* cid -> cid.address
* auto_cid -> cid.auto
Add man docs for --vsock while we are at it, since they are missing
To match the XML schema, rename these subarguments and add aliases
to preserve compatibility:
* driver_queues -> driver.queues
* master -> master.startport
To match the XML schema, rename these subarguments and add aliases
to preserve compatibility:
* suspend_to_disk -> suspend_to_disk.enabled
* suspend_to_mem -> suspend_to_mem.enabled
To match the XML schema, rename these subarguments and add aliases
to preserve compatibility:
* cell[0-9]*.cpus -> numa.cell[0-9]*.cpus
* cell[0-9]*.distances.sibling[0-9]*.id -> numa.cell[0-9]*.distances.sibling[0-9]*.id
* cell[0-9]*.distances.sibling[0-9]*.value -> numa.cell[0-9]*.distances.sibling[0-9]*.value
* cell[0-9]*.id -> numa.cell[0-9]*.id
* cell[0-9]*.memory -> numa.cell[0-9]*.memory
To match the XML schema, rename these subarguments and add aliases
to preserve compatibility:
- device_path -> device.path
- device_weight -> device.weight
We shouldn't be duplicating libvirt documentation here. If someone
needs <virtualport> config, they are likely working backwards from
working XML and trying to figure out the command line. Drop most
of the details
Sort out the memory property naming ambiguity on the command line.
* memory -> currentMemory
* maxmemory -> memory
* hotplugmemorymax -> maxMemory
* hotplugmemoryslots -> maxMemory.slots
To maintain back compat, we need to do some funky handling with
memory and maxmemory values. Basically if currentMemory is specfied,
we interpret them as new style, otherwise preserve the old behavior.
This will allow users to override the default behavior of virt-install
which copies CPU security features available on the host to the guest
XML if specific CPU model is configured.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Add kernel= and initrd= --location suboptions. These can be
used to override the default kernel/initrd and specify new
paths, relative to LOCATION.
For example, if you have an ISO that libosinfo doesn't know
about called my-unknown.iso, with a kernel at 'kernel/fookernel'
and initrd at +'kernel/fooinitrd', you can make this work with:
--location my-unknown.iso,kernel=kernel/fookernel,initrd=kernel/fooinitrd
We're not doing anything with it yet, but having the
parser accept it means we can write tests and see how
their output changes once we wire it up in earnest.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
The --os-variant option doesn't quite fit perfectly into
its current "Installation method" group, plus we want to
add the same option to virt-xml which can't have that
group for obvious reasons.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Cole Robinson