[Thincrust-devel] [Fwd: [Ovirt-devel] [PATCH] Add additional blacklisting and rpm removal to managed node]

Wed Jul 2 14:24:08 UTC 2008

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Perry N. Myers wrote:
| Bryan Kearney wrote:
|>
|>
|> Perry N. Myers wrote:
|>> Alan Pevec wrote:
|>>> Bryan Kearney wrote:
|>>>> It appears that the interpreter needs to handle the entire post
|>>>> section. Is that correct?
|>>>
|>>> yes, but you can have multiple %post sections, normal w/ shell and
|>>> this one with a special interpreter
|>>> see ImageCreator.__run_post_scripts()
|>>>
|>>>> Did the fact that the file command was on the same line matter in
|>>>> your example? Or.. could I have written this and gotten the same
|>>>> results:
|>>>>
|>>>> file /usr/bin/hal-get-property
|>>>> drop /etc/pango
|>>>> drop /usr/bin/hal-*
|>>>
|>>> Yes, that's how I wanted it, one action per line but Thunderbird
|>>> messed up my copy/paste, sorry.
|>>> The only thing you put differently is the precedence: I think it
|>>> would be intuitive to have white/blacklist actions on the same level
|>>> and that order matters, so it would be:
|>>>
|>>> drop /etc/pango
|>>> drop /usr/bin/hal-*
|>>> file /usr/bin/hal-get-property
|>>
|>> Wouldn't this make more sense:
|>> file /usr/bin/hal-get-property
|>> drop /usr/bin/hal-*
|>> drop /etc/pango
|>>
|>> Since in this case hal-get-property is marked as persistent before
|>> you go and delete everything hal-*?
|>>
|>> In the other ordering you would delete hal-* first and then when you
|>> get to whitelisting hal-get-property it's already gone.  Unless of
|>> course the ordering of the list is irrelevant and you set a
|>> precedence that whitelisted files always trump blacklisted files.
|>>
|> I think I like the model that WL is always the trump. That way you
|> omit subtle errors from ordering. If you list it, it stays.
|>
|> Question.. can you whitelist a directory?
|
| I think you want to allow whitelisting of directories.
|
| But, if you allow whitelisting of directories, is the WL recursive?
| Maybe there needs to be a different parameter to indicate that sort of
| stuff...  Recursiveness also will come into play with the blacklisting
| directives as well.
|
| Perry
|
| _______________________________________________
| Thincrust-devel mailing list
| Thincrust-devel at redhat.com
| https://www.redhat.com/mailman/listinfo/thincrust-devel

Cool I'll look into adding this to the appliance creator tools.  What
else form the ovirt perspective would help to get the managed node
appliance built with the appliance creator tools.  Alan had mentioned
qcow compression which is on my list is there any others?

- -D

- --
David Huff
Red Hat, Raleigh, NC
Mobile: 919-796-3553
Office: 919-754-4129

GPG Key ID: 6A20BBF7
GPG Fingerprint: FE13 8AF6 0E58 D92E A4E1 2D0A 71C1 CADF 6A20 BBF7
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFIa4+IccHK32ogu/cRAqpQAJ0WkXsAsvgjS37mDdPBXxDpmbRxMgCfYT+s
fkbzUD3ctQPHQ+j2GuLGN1U=
=CBC2
-----END PGP SIGNATURE-----