Richard W.M. Jones
2010-Mar-22 14:01 UTC
[Libguestfs] [RFC] Unify KVM kernel-space and user-space code into a single project
On Mon, Mar 22, 2010 at 02:56:47PM +0100, Ingo Molnar wrote:> Just curious: any plans to extend this to include live read/write access as > well? > > I.e. to have the 'agent' (guestfsd) running universally, so that > tools such as perf and by users could rely on the VFS integration as > well, not just disaster recovery tools?Totally. That's not to say there is a definite plan, but we're very open to doing this. We already wrote the daemon in such a way that it doesn't require the appliance part, but could run inside any existing guest (we've even ported bits of it to Windoze ...). The only remaining issue is how access control would be handled. You obviously wouldn't want anything in the host that can get access to the vmchannel socket to start sending destructive write commands into guests. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones virt-df lists disk usage of guests without needing to install any software inside the virtual machine. Supports Linux and Windows. http://et.redhat.com/~rjones/virt-df/
Ingo Molnar
2010-Mar-22 14:07 UTC
[Libguestfs] [RFC] Unify KVM kernel-space and user-space code into a single project
* Richard W.M. Jones <rjones at redhat.com> wrote:> On Mon, Mar 22, 2010 at 02:56:47PM +0100, Ingo Molnar wrote: > > Just curious: any plans to extend this to include live read/write access as > > well? > > > > I.e. to have the 'agent' (guestfsd) running universally, so that > > tools such as perf and by users could rely on the VFS integration as > > well, not just disaster recovery tools? > > Totally. That's not to say there is a definite plan, but we're very open to > doing this. We already wrote the daemon in such a way that it doesn't > require the appliance part, but could run inside any existing guest (we've > even ported bits of it to Windoze ...). > > The only remaining issue is how access control would be handled. You > obviously wouldn't want anything in the host that can get access to the > vmchannel socket to start sending destructive write commands into guests.By default i'd suggest to put it into a maximally restricted mount point. I.e. restrict access to only the security context running libguestfs or so. ( Which in practice will be the user starting the guest, so there will be proper protection from other users while still allowing easy access to the user that has access already. ) Ingo
Maybe Matching Threads
- [PATCH] Remove explicit guestfs=10.0.2.4:6666 kernel command line parameter.
- [PATCH] Rejig configure.ac tests for qemu vmchannel support.
- [PATCH] Enable new-style -chardev ... guestfwd command line
- [PATCH 1/3] tools: Unify export.h
- [PATCH 1/3] tools: Unify export.h