New Rust Xen guest tools

yann

@olivierlambert yes, and that's a known issue. The protocol used to communicate with XAPI only allows to report info for VIFs (and SR/IOV, with support coming with in a PR). We can likely implement something by querying the status of bridge devices and listening to their changes like we do for the VIFs, and report those for the VIFs that are part of bridges - but it's a bit more than just "parsing br0" .

Opened https://gitlab.com/xen-project/xen-guest-agent/-/issues/24

flakpyro

With the release of Debian 13 apt now complains that the repo is not signed. Also Debain has changed to using .sources files for repos.

For example,, the new format would be:

Types: deb
URIs: https://gitlab.com/api/v4/projects/xen-project%2Fxen-guest-agent/packages/generic/deb-amd64/
Suites: release/
Components: 
Signed-By: https://path/to/release.gpg
Trusted: yes

Maybe worth addding a release.gpg to the repo and updating documentation when configuring the repo on newer Debian / Ubuntu releases?

Example of the error when no key is present:

Ign:8 https://gitlab.com/api/v4/projects/xen-project%2Fxen-guest-agent/packages/generic/deb-amd64 release/ InRelease
Hit:9 https://gitlab.com/api/v4/projects/xen-project%2Fxen-guest-agent/packages/generic/deb-amd64 release/ Release
Ign:10 https://gitlab.com/api/v4/projects/xen-project%2Fxen-guest-agent/packages/generic/deb-amd64 release/ Release.gpg
Fetched 176 kB in 1s (154 kB/s)
All packages are up to date.    
Notice: Missing Signed-By in the sources.list(5) entry for 'https://gitlab.com/api/v4/projects/xen-project%2Fxen-guest-agent/packages/generic/deb-amd64'

olivierlambert

@yann can you update the README accordingly?

yann

@olivierlambert updating the README will be quick enough... but if the sig is indeed mandatory we need to setup something for this first... and autosigning from a CI rather requires doing that on a trusted runner rather than on gitlab-provided ones, so that requires some provisioning and IT work first.

yann

@flakpyro the old format is still supported, and actually the [trusted=yes] in the old-style configuration shown in the release notes does work in my quick test with our own Debian 13 hub template.

David_5.1

One-line format should work fine with Trixie, but as the “new” deb822 format has been supported since Debian Jessie, it should be usable on most installs.

Jessie manpage for reference : https://manpages.debian.org/jessie/apt/sources.list.5.en.html#:~:text=rfc822

john.c

@yann Though the deb822 format allows for that file in sources format, to have the signing key tied to that file’s specified repositories. Very important as it ensures that the key is only used by that repository, unless otherwise specified. The old format typically tends to apply that key to all repositories. So even repositories which shouldn’t use it could, worse the key was trusted for all repositories by the client.

In the new format the repositories can have the specific key tied to them, on the client side as well as the server side.

yann

@john.c OK, that will be useful when the repo is signed, but for now I don't see what adverse effect it can have. Do I miss something?

Also we try to avoid breaking support for older OS versions, so we'll likely continue to advertise the old format for older versions of Debian.

john.c

@yann said in New Rust Xen guest tools:

@john.c OK, that will be useful when the repo is signed, but for now I don't see what adverse effect it can have. Do I miss something?

Also we try to avoid breaking support for older OS versions, so we'll likely continue to advertise the old format for older versions of Debian.

@yann From Debian 13.0.0 (code name Trixie) having repository signing is mandatory. Without it apt will straight refuse to install, update or upgrade its packages.

Also doing with deb822 format will help to protect the GPG Key, used by Vates from abuse by another repository. Especially if that repository is hosting malware laden deb packages. As only the Vates repository can then use that signing key, as defined in the sources file.

Refusing to install, update or upgrade is an adverse effect wouldn’t you say?

DustyArmstrong

Testing the agent out on Arch Linux (mainly due to the spotty 'support' in the AUR/generally) and it is working fine - better than what I had before (which did not report VM info properly). I've set it up as a systemd service to replace the previous one I had, also working as expected.

This would be fun to contribute towards.