libvirt Sandbox News
      ====================

0.6.0 - "Dashti Margo" - 2015-07-01
-----------------------------------

 - API/ABI in-compatible change, soname increased
 - Prevent use of virt-sandbox-service as non-root upfront
 - Fix misc memory leaks
 - Block SIGHUP from the dhclient binary to prevent
   accidental death if the controlling terminal is
   closed & reopened
 - Add support for re-creating libvirt XML from sandbox
   config to facilitate upgrades
 - Switch to standard gobject introspection autoconf macros
 - Add ability to set filters on network interfaces
 - Search /usr/lib instead of /lib for systemd unit
   files, as the former is the canonical location even
   when / and /usr are merged
 - Only set SELinux labels on hosts that support SELinux
 - Explicitly link to selinux, instead of relying on
   indirect linkage
 - Update compiler warning flags
 - Fix misc docs comments
 - Don't assume use of SELinux in virt-sandbox-service
 - Fix path checks for SUSUE in virt-sandbox-service
 - Add support for AppArmour profiles
 - Mount /var after other FS to ensure host image is
   available
 - Ensure state/config dirs can be accessed when QEMU
   is running non-root for qemu:///system
 - Fix mounting of host images in QEMU sandboxes
 - Mount images as ext4 instead of ext3
 - Allow use of non-raw disk images as filesystem
   mounts
 - Check if required static libs are available at configure
   time to prevent silent fallback to shared linking
 - Require libvirt-glib >= 0.2.1
 - Add support for loading lzma and gzip compressed kmods
 - Check for support libvirt URIs when starting guests
   to ensure clear error message upfront
 - Add LIBVIRT_SANDBOX_INIT_DEBUG env variable to allow
   debugging of kernel boot messages and sandbox init
   process setup
 - Add support for exposing block devices to sandboxes
   with a predictable name under /dev/disk/by-tag/TAGNAME
 - Use devtmpfs instead of tmpfs for auto-populating
   /dev in QEMU sandboxes
 - Allow setup of sandbox with custom root filesystem
   instead of inheriting from host's root.
 - Allow execution of apps from non-matched ld-linux.so
   / libc.so, eg executing F19 binaries on F22 host
 - Use passthrough mode for all QEMU filesystems

0.5.1 - "Cholistan" - 2013-11-18
--------------------------------

 - Fix path to systemd binary (prefers dir /lib/systemd not /bin)
 - Remove obsolete commands from virt-sandbox-service man page
 - Fix delete of running service container
 - Allow use of custom root dirs with 'virt-sandbox --root DIR'
 - Fix 'upgrade' command for virt-sandbox-service generic services
 - Fix logrotate script to use virsh for listing sandboxed services
 - Add 'inherit' option for virt-sandbox '-s' security context
   option, to auto-copy calling process' context
 - Remove non-existant '-S' option froom virt-sandbox-service man
   page
 - Fix line break formatting of man page
 - Mention LIBVIRT_DEFAULT_URI in virt-sandbox-service man page
 - Check some return values in libvirt-sandbox-init-qemu
 - Remove unused variables
 - Fix crash with partially specified mount option string
 - Add man page docs for 'ram' mount type
 - Avoid close of un-opened file descriptor
 - Fix leak of file handles in init helpers
 - Log a message if sandbox cleanup fails
 - Cope with domain being missing when deleting container
 - Improve stack trace diagnostics in virt-sandbox-service
 - Fix virt-sandbox-service content copying code when faced with
   non-regular files.
 - Improve error reporting if kernel does not exist
 - Allow kernel version/path/kmod to be set with virt-sandbox
 - Don't overmount '/root' in QEMU sandboxes by default
 - Fix nosuid / nodev mount options for tmpfs
 - Force 9p2000.u protocol version to avoid QEMU bugs
 - Fix cleanup when failing to start interactive sandbox
 - Create copy of kernel from /boot to allow relabelling
 - Bulk re-indent of code
 - Avoid crash when gateway is missing in network options
 - Fix symlink target created in multi-user.target.wants
 - Add '-p PATH' option for virt-sandbox-service clone/delete
   to match 'create' command option.
 - Only allow 'lxc:///' URIs with virt-sandbox-service
   until further notice
 - Rollback state if cloning a service sandbox fails
 - Add more kernel modules instead of assuming they are
   all builtins
 - Don't complain if some kmods are missing, as they may
   be builtins
 - Allow --mount to be repeated with virt-sandbox-service


0.5.0 - "Sahara Desert" - 2013-08-01
------------------------------------

 - Switch to use persistent libvirt configuration files for
   service sandboxes
 - Store service configs in /etc/libvirt-sandbox/services/$NAME/
   instead of /etc/libvirt-sandbox/services/$NAME.sandbox to
   allow storage of multiple files per sandbox
 - Add a new 'virt-sandbox-service upgrade NAME' command,
   to be run by admin for all existing service sandboxes to
   upgrade their configuration to be compatible with the new
   release
 - Remove start, stop, list commands from virt-sandbox-service,
   with recomendation to use start, destroy & list commands in
   virsh instead.
 - Remove duplicate -u option in man page
 - Update man page examples
 - Stop generating a UNIT_sandbox.target unit, instead letting
   the sandbox unit tie into multi-user.target as normal
 - Remove unimplemented APIs for graphical sandboxes, to be
   re-added at a later date when actually functional
 - Add padding to public structs, to facilitate preservation
   of public ABI compatibility in future
 - Add note about default libvirt URIs in man page
 - Fix cloning of sandboxes


0.2.1 - "Owami Desert" - 2013-07-09
-----------------------------------

 - Requires libvirt-glib >= 0.1.7
 - ABI change: Removed GVirSandboxCleaner class
 - Don't add link in /var/log/journal for image based containers
 - Don't hold open libvirt connection when displaying service
   sandbox consoles
 - Record container UUID in config for service sandboxes
 - Add missing RPMs deps
 - Allow custom mounts to be specified to virt-sandbox-service
 - Fix misc bugs in sandbox creation/deletion
 - Use 'guest bind' for configuring image based service sandboxes
 - Allow NIC MAC address to be chosen
 - Include systemd-initctl.socket in service sandboxes by default
   to allow libvirt initiated graceful shutdown


0.2.0 - "Nubian Desert" - 2013-05-07
------------------------------------

 - Requires systemd >= 198
 - Fix termination of interactive sandbox client to
   avoid loosing final I/O
 - Stop hardcoding default security label
 - Misc docs typos / fixes
 - Fix infinite loop handling security opts
 - Mandate enablement of introspection
 - Handle NULL broadcast address for NICs
 - Don't assume /var/log/journal exists
 - Improve rollback if creation of service sandbox fails
 - Block host NICs from sandbox
 - Sanity check requested network config
 - Fix sandbox journal location to be a dir not a file
 - Fix parsing of --security option
 - Change virt-sandbox-service to use --security opts
   instead of SELinux specific -l/-t/-d args
 - Replace use of YUM with RPM to improve performance
 - Send dhclient output to /dev/null
 - Avoid getting stuck in waitpid if non-primary process
   exits
 - Allow choice of host virtual networks
 - Support network config with virt-sandbox-service
 - Do not create any NIC in service sandbox by default
 - Cope with SELinux label lacking a category pair
 - Delay dropping credentials until after ttys are opened
 - Fix tty permissions in QEMU init helper to be 0700 instead
   of 0777
 - Add support for non-systemd service containers
 - Add support for i18n of all output strings
 - Remove hardcoding of lxc:/// in virt-sandbox-service
 - Correctly handle EOF from raw console
 - Improve I/O performance of virt-sandbox
 - Allow custom uid/gid for generic service sandboxes
 - Do not run debug shell in service sandboxes
 - Add --package option to virt-sandbox-service for cases
   where the unit file is not owned by an RPM
 - Use drop in systemd service override, instead of
   includes
 - Support templated systemd service units


0.1.2 - "Namib Desert" - 2013-03-05
-----------------------------------

 - Requires libvirt >= 1.0.2
 - Split virt-sandbox-service manpage into separate docs,
   one for each sub-command
 - Fix handling of GLib.GError exceptions
 - Containerize /var/lib/nfs/rpc_pipefs too
 - Add ability to execute arbitrary commands inside the
   container using namespace attach
 - Fix docs for virt-sandbox mount options
 - Better wording about escape sequence for consoles
 - Create journal file if it doesn't already exist
 - Create /etc/rc.d/init.d inside container to block
   legacy init scripts starting
 - Skip binding files/dirs which don't exist in host


0.1.1 - "Libyan Desert" - 2012-12-10
------------------------------------

 - Fix typos in POD docs for some classes
 - Only depend on libvirt-daemon-{kvm,qemu,lxc}, not
   full libvirt RPM.
 - Switch to YUM for extracting package file list
 - Bind mount whole of /var rather than only some subdirs
 - Validate unit files exist before creating sandbox
 - Fixes to population of files in /etc and /var
 - Finish 'clone' command for copying sandboxes
 - Populate /etc/machine-id file
 - Fix systemd dependancies for bulk start/stop of containers
 - Symlink container journal directory into host filesystem
 - Rename sandbox.target to multi-user.target
 - Fix attachment to running containers


0.1.0 - "Karoo" - 2012-08-10
----------------------------

 - ABI+API incompatible with previous library, so new soname
 - Some changes to CLI args for virt-sandbox command
 - Many fixes to virt-sandbox-service
 - Use /run/libvirt-sandbox instead of /root/.cache/libvirt
   when run as root
 - Fix typo setting RUNDIR
 - Re-add /kernel suffix to kmod search dir
 - Add APIs to select kernel version
 - Fix SEGV when attaching consoles to NULL stdin
 - Add logrotate script for virt-sandbox-service
 - Turn GVirSandboxConsole into an abstract class
 - Configurable keysequence for breaking out of console
   (defaults to Ctrl+])
 - Fix handling of strace debugging
 - Add APIs to select kmod directory prefix
 - Require glib >= 2.32
 - Refactor APIs for configuring sandbox mounts
 - Maintain a single sorted list of mounts
 - Add support for RAM filesystems
 - Setup tmpfs for /run and /tmp in sandbox services
 - Remove need to provide executable for sandbox services,
   just rely on systemd unit filename
 - Enable admin customization of systemd services in sandbox
   services
 - Rewrite part of virt-sandbox-service in C to reduce
   long term memory overhead
 - Create custom systemd startup sequence


0.0.3 - "Kalahari Desert" - 2012-04-13
--------------------------------------

 - Ensure root/config filesystems are readonly in KVM
 - Add support for mounting host disk images in guests
 - Add support for binding guest filesystems to new locations
 - Add support for an optional interactive shell for debugging
   or administrative purposes
 - Add a virt-sandbox-service script for preparing sandboxes
   for system services, integrating with systemd
 - Misc compiler warning fixes
 - Replace invocation of insmod with direct syscalls
 - Refactor API to separate interactive sandbox functionality
   from base class & service sandbox functionality
 - Rewrite host/guest I/O handling to separate stdout from
   stderr correctly, improve reliability of startup/shutdown
   handshakes and propagate exit status back to host
 - Exec away the first hypervisor specific init process,
   so generic init process get PID 1
 - Turn on reboot-on-panic in KVM to ensure guest exists on
   fatal problems


0.0.2 - "Blue Desert" - 2012-01-12
----------------------------------

 - Add ability to attach to an existing sandbox
 - Update to require libvirt-gobject 0.0.4
 - Add ability to run privileged apps
 - Add support for an admin debug shell
 - Switch to use /etc/libvirt-sandbox/scratch for config


0.0.1 - "Tatti Desert" - 2012-01-11
-----------------------------------

 - First release