[libvirt] libguestfs integration: rich disk access for libvirt applications

Richard W.M. Jones rjones at redhat.com
Wed Sep 28 12:19:02 UTC 2011


On Wed, Sep 28, 2011 at 11:14:57AM +0100, Stefan Hajnoczi wrote:
> Does febootstrap-supermin-helper need to be dynamic or could
> libguestfs create a /var/lib/guestfs/appliance-initramfs.gz on
> install?  Then libguestfs on the client can create the appliance
> domain and point at that static initramfs file path.

This is how the Debian package of libguestfs works (Hilko's official
package, not my one).

However this is troublesome because it means any security problem in a
dependent program is baked into the appliance.  Applying a security
update to the host wouldn't update this libguestfs appliance.  Compare
this to the way febootstrap-supermin-helper normally works (eg
upstream, Fedora and RHEL): the appliance is rebuilt whenever any
change is noticed in a dependent program.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-top is 'top' for virtual machines.  Tiny program with many
powerful monitoring features, net stats, disk stats, logging, etc.
http://et.redhat.com/~rjones/virt-top




More information about the libvir-list mailing list