Re: [PATCH] test: fix 'make assets' failure as root

On Thu, Sep 25, 2025 at 11:40:25AM +0200, Stefano Brivio wrote:

On Thu, 25 Sep 2025 09:53:06 +0100 "Richard W.M. Jones" wrote:

...

On Thu, Sep 25, 2025 at 01:43:06PM +0800, Yumei Huang wrote:

...

Running `make assets` under `test` as root fails with a "Permission denied" error when `prepare-distro-img.sh` invokes `virt-edit` and `guestfish`. This is due to a known bug in libvirt.

Work around the issue by switching to the direct backend.

Signed-off-by: Yumei Huang --- test/prepare-distro-img.sh | 2 ++ 1 file changed, 2 insertions(+)

diff --git a/test/prepare-distro-img.sh b/test/prepare-distro-img.sh index 0d967c9..423eea7 100755 --- a/test/prepare-distro-img.sh +++ b/test/prepare-distro-img.sh @@ -3,6 +3,8 @@ IMG="$1" PASST_FILES="$(echo ../*.c ../*.h ../*.sh ../*.1 ../Makefile ../README.md)"

+export LIBGUESTFS_BACKEND=direct

Please add a comment that this is only added as a temporary hack until we can get a proper fix (in libguestfs possibly, see Dan's earlier email).

On the other hand, regardless of that fix, I would be happy to be run this on single-user Alpine L1 guests, eventually, where libguestfs doesn't depend on libvirt (see my caveat 2.), and I usually reserve very little disk space for those.

The upstream default is backend 'direct'. In Fedora & RHEL we override this with 'libvirt': https://src.fedoraproject.org/rpms/libguestfs/blob/rawhide/f/libguestfs.spec... I don't know what Alpine does, but likely it leaves it at the default. (You can try: `guestfish get-backend`)

If you don't have compelling reasons (like you're dropping LIBGUESTFS_BACKEND=direct in two weeks), I would simply keep this as long as it works. The day you drop that, we'll drop this too.

We're not dropping the environment variable / feature ever. The problem is that this was cargo-culted into a lot of code over the years, and it does reduce the security of libguestfs on RHEL. We're having an (ongoing) battle to remove this cargo-culting from CNV right now. I'm just not keen to add this line in new places, without at least a comment saying this is a temporary hack, and not generally recommended.

This part won't be executed as part of automated distribution tests either, so occasional breakages are really unproblematic.

Do you see any further issue with it?

-- Stefano

Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com libguestfs lets you edit virtual machines. Supports shell scripting, bindings from many languages. http://libguestfs.org