On Mon, Mar 22, 2010 at 01:23:26PM +0000, Richard W.M. Jones wrote:
> On Mon, Mar 22, 2010 at 01:05:13PM +0000, Daniel P. Berrange wrote:
> > This is close to the way libguestfs already works. It boots QEMU/KVM
> > pointing
> > to a minimal stripped down appliance linux OS image, containing a small
> > agent
> > it talks to over some form of vmchannel/serial/virtio-serial device. Thus
> > the
> > kernel in the appliance it runs is the only thing that needs to know about
> > the
> > filesystem/lvm/dm on-disk formats - libguestfs definitely does not want to
> > be
> > duplicating this detailed knowledge of on disk format itself. It is doing
> > full read-write access to the guest filesystem in offline mode - one of the
> > major use cases is disaster recovery from a unbootable guest OS image.
>
> As Dan said, the 'daemon' part is separate and could be run as a
> standard part of a guest install, talking over vmchannel to the host.
> The only real issue I can see is adding access control to the daemon
> (currently it doesn't need it and doesn't do any). Doing it this way
> you'd be leveraging the ~250,000 lines of existing libguestfs code,
> bindings in multiple languages, tools etc.
I think we don't need per-guest-file access control. Probably we could
apply the image-file permissions to all guestfs files. This would cover
the usecases:
* perf for reading symbol information (needs ro-access only
anyway)
* Desktop like host<->guest file copy
I have not looked into libguestfs yet but I guess this approach is
easier to achieve.
Joerg
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
