Gaurav Maheshbhai Patel
2007-Apr-11 02:51 UTC
[Xen-devel] Instant Xen guest (guest-magic tool)
Hello Everyone, Let me introduce myself. I am Gaurav Patel. I am student of Internet System Administrator Program at Seneca College , Canada. We built a GUI tool which creates Xen guest Domain in couple of seconds. Give new guest domain name and memory. You Are Done!!!!!!!!!!!!!!! We also successfully released it on sourceforge.net. Description: Tool Name : guest-magic Version - 0.1 Tested Environment: Fedora Core 6 Written in : Python download link: https://sourceforge.net/projects/guest-magic/ Detail description is also include in README.TXT file with this tool. This is our first release. And development is in progress. Comments and suggestion is HIGHLY appriciated. Gaurav _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
On Tue, Apr 10, 2007 at 09:51:46PM -0500, Gaurav Maheshbhai Patel wrote:> Give new guest domain name and memory. You Are Done!!!!!!!!!!!!!!! > We also successfully released it on sourceforge.net.> This is our first release. And development is in progress. > Comments and suggestion is HIGHLY appriciated.Just two quick comments. Firstly it doesn''t seem to do everything, just create an LVM volume and the configuration file. I was hoping it would install fresh copies of Fedora/Debian/Gentoo/etc. Secondly you shouldn''t really be using /tmp in the way that you are. This is very dangerous: commands.getoutput(''xm list > /tmp/guestmagic'') "xm" has to be run as root, so what you''re doing is writing the output of a command, as root, into a file in /tmp which anybody else upon the system might have created. Consider what happens if userA were to run: ln -s /tmp/guestmagic /etc/passwd The next time you run your application the password file would be trashed! I''d suggest you either use a pipe, or a secure *unpredictable* filename instead. Steve -- Debian GNU/Linux System Administration http://www.debian-administration.org/ _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Gaurav Maheshbhai Patel
2007-Apr-11 18:54 UTC
Re: [Xen-devel] Instant Xen guest (guest-magic tool)
Hi steve, First of all , Thank you very much for your comments. guest-magic doesn''t really install fresh versions of a guest but instead clones one that you already have running and just want a instant copy of it. Its basically take a snapshot of running guest and create another copy of it [cloning]. Also, We also appriciate the second comment. We haven''t thought about that /tmp/guestmagic suggestion. We will try to come up with a better way of doing things instead of using the temp file in the next release. Well piping is good suggestion. We kindly consider that there are some limitations in guest-magic tool. We released it so professionals can give their suggestion and comments. Also , if you think we should also add this functionality in guest-magic, we could try our best. Thank You. Gaurav. ----- Original Message ----- From: Steve Kemp <steve@steve.org.uk> Date: Wednesday, April 11, 2007 4:06 am Subject: Re: [Xen-devel] Instant Xen guest (guest-magic tool) To: Gaurav Maheshbhai Patel <gmpatel@learn.senecac.on.ca> Cc: xen-devel@lists.xensource.com> On Tue, Apr 10, 2007 at 09:51:46PM -0500, Gaurav Maheshbhai Patel > wrote: > > Give new guest domain name and memory. You Are > Done!!!!!!!!!!!!!!! > > We also successfully released it on sourceforge.net. > > > This is our first release. And development is in progress. > > Comments and suggestion is HIGHLY appriciated. > > Just two quick comments. > > Firstly it doesn''t seem to do everything, just create an LVM volume > and the configuration file. I was hoping it would install fresh > copies of Fedora/Debian/Gentoo/etc. > > Secondly you shouldn''t really be using /tmp in the way that you > are. This is very dangerous: > > commands.getoutput(''xm list > /tmp/guestmagic'') > > "xm" has to be run as root, so what you''re doing is writing the > output of a command, as root, into a file in /tmp which anybody > else upon the system might have created. > > Consider what happens if userA were to run: > > ln -s /tmp/guestmagic /etc/passwd > > The next time you run your application the password file would > be trashed! > > I''d suggest you either use a pipe, or a secure *unpredictable* > filename instead. > > Steve > -- > Debian GNU/Linux System Administration > http://www.debian-administration.org/ > >_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
On Wed, Apr 11, 2007 at 01:54:35PM -0500, Gaurav Maheshbhai Patel wrote:> First of all , Thank you very much for your comments.You''re welcome. I''ve been doing similar(ish) things for a while now so it is nice to check out the "competition".> Its basically take a snapshot of running guest and create another > copy of it [cloning].Sounds good, although the obvious comment is that there are going to be things that you will need to change to make the second system/copy fully functional. Networking details being one obvious issue, although if the source and the clone are both setup to use DHCP that might not be important. Still hostname, SMTP hostname, etc might need to vary on a per-instance basis.> Also, We also appriciate the second comment. We haven''t thought about > that /tmp/guestmagic suggestion.Just something that jumped out. Piping without the temporary file, or using mkstemp, or similar, function should be sufficient. Steve -- http://www.steve.org.uk/ _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Gaurav Maheshbhai Patel
2007-Apr-12 16:17 UTC
Re: [Xen-devel] Instant Xen guest (guest-magic tool)
Hi Steve, Well good to hear that you are working on same kind of project. I was wondering about your suggestion. If we make a copy/snapshot of it. Then Installing fresh copy of Some linux distro.... 1) How can we do that? 2) If we do that then, doesn''t it take the same time to installing new distro on guest? Also have you looked at the snap shot of guest-magic on sourceforge.net? Well IP assignment is still issue there because of short deadline of the project. But we are still going to do that. Also, can you please tell me about what are you working on? Might be it helps us some what Again thank you very much Gaurav. ----- Original Message ----- From: Steve Kemp <steve@steve.org.uk> Date: Wednesday, April 11, 2007 6:42 pm Subject: Re: [Xen-devel] Instant Xen guest (guest-magic tool) To: Gaurav Maheshbhai Patel <gmpatel@learn.senecac.on.ca> Cc: xen-devel@lists.xensource.com> On Wed, Apr 11, 2007 at 01:54:35PM -0500, Gaurav Maheshbhai Patel > wrote: > > First of all , Thank you very much for your comments. > > You''re welcome. I''ve been doing similar(ish) things for a while > now so it is nice to check out the "competition". > > > Its basically take a snapshot of running guest and create another > > copy of it [cloning]. > > Sounds good, although the obvious comment is that there are > going to be things that you will need to change to make the > second system/copy fully functional. > > Networking details being one obvious issue, although if the source > and the clone are both setup to use DHCP that might not be important. > Still hostname, SMTP hostname, etc might need to vary on a per- > instance basis. > > > Also, We also appriciate the second comment. We haven''t thought > about > > that /tmp/guestmagic suggestion. > > Just something that jumped out. Piping without the temporary file, > or using mkstemp, or similar, function should be sufficient. > > Steve > -- > http://www.steve.org.uk/ >_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
On Thu, Apr 12, 2007 at 12:17:47PM -0400, Gaurav Maheshbhai Patel wrote:> Well good to hear that you are working on same kind of project. > I was wondering about your suggestion. If we make a copy/snapshot of it. Then Installing fresh copy of Some linux distro.... > 1) How can we do that?Depends on the type of distribution you''ve got. For Debian dom0 you can use tools like debootstrap to automatically install fresh copies of Debian inside a directory/partition. Similarly you could use a tool like rpmstrap to install copies of CentOS. (Though rpmstrap is very fragile and prone to breakage).> 2) If we do that then, doesn''t it take the same time to installing new distro on guest?I don''t fully understand what you''re asking there. If you''re using a tool like rpmstrap, or debootstrap, then it''d take a few minutes to install (or more depending on your network link). If you had several Linux distribution images locally you could do a copy in a few seconds. (That''s what we do at work - we have a collection of configured Linux distributions mounted read-only, and we simply copy those into new guests automatically. The process of installing Gentoo, Debian, Ubuntu, or CentOS takes only a few minutes - but it does rely upon you creating the "source" installations manually first. There are a small collection of fixups applied after the copy to setup unique IPs, hostnames, etc, but otherwise the new copies are basically clones of the centralized master copy of each distribution.)> Also have you looked at the snap shot of guest-magic on sourceforge.net?Yes ..> Well IP assignment is still issue there because of short deadline of the project. But we are still going to do that.> Also, can you please tell me about what are you working on? > Might be it helps us some whatxen-tools : http://xen-tools.org/software/xen-tools/ Developed and used primarily upon Debian GNU/Linux, but apparently portable to things like CentOS and Fedora Core. Steve -- _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Gaurav Maheshbhai Patel
2007-Apr-14 14:51 UTC
Re: [Xen-devel] Instant Xen guest (guest-magic tool)
Hi steve, The comment on /tmp/guestmagic was really good. I was wondering what if we use /tmp/$$> commands.getoutput(''xm list > /tmp/$$'')Is it create the same problem as /tmp/guestmagic? Thanks in advance Gaurav ----- Original Message ----- From: Steve Kemp <steve@steve.org.uk> Date: Thursday, April 12, 2007 1:52 pm Subject: Re: [Xen-devel] Instant Xen guest (guest-magic tool) To: Gaurav Maheshbhai Patel <gmpatel@learn.senecac.on.ca> Cc: xen-devel@lists.xensource.com> On Thu, Apr 12, 2007 at 12:17:47PM -0400, Gaurav Maheshbhai Patel > wrote: > > Well good to hear that you are working on same kind of project. > > I was wondering about your suggestion. If we make a copy/snapshot > of it. Then Installing fresh copy of Some linux distro.... > > 1) How can we do that? > > Depends on the type of distribution you''ve got. For Debian dom0 you > can use tools like debootstrap to automatically install fresh copies > of Debian inside a directory/partition. Similarly you could use a > tool like rpmstrap to install copies of CentOS. (Though rpmstrap > is very > fragile and prone to breakage). > > > 2) If we do that then, doesn''t it take the same time to > installing new distro on guest? > > I don''t fully understand what you''re asking there. If you''re using > a tool like rpmstrap, or debootstrap, then it''d take a few minutes to > install (or more depending on your network link). > > If you had several Linux distribution images locally you could do > a copy in a few seconds. > > (That''s what we do at work - we have a collection of configured > Linux distributions mounted read-only, and we simply copy those > into new > guests automatically. The process of installing Gentoo, Debian, > Ubuntu, or CentOS takes only a few minutes - but it does rely upon > you creating the "source" installations manually first. There are > a small collection of fixups applied after the copy to setup unique > IPs, hostnames, etc, but otherwise the new copies are basically > clones of the centralized master copy of each distribution.) > > > Also have you looked at the snap shot of guest-magic on > sourceforge.net? > > Yes .. > > > Well IP assignment is still issue there because of short deadline > of the project. But we are still going to do that. > > > Also, can you please tell me about what are you working on? > > Might be it helps us some what > > xen-tools : > > http://xen-tools.org/software/xen-tools/ > > Developed and used primarily upon Debian GNU/Linux, but apparently > portable to things like CentOS and Fedora Core. > > Steve > -- >_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
On Sat, Apr 14, 2007 at 09:51:42AM -0500, Gaurav Maheshbhai Patel wrote:> The comment on /tmp/guestmagic was really good. > I was wondering what if we use /tmp/$$ > > > commands.getoutput(''xm list > /tmp/$$'') > > Is it create the same problem as /tmp/guestmagic?Pretty much. Process IDs are still *predictable* since they tend to be sequential under most systems. Still this is better than a static name. You should really use a pipe. If you can''t then use a secure filename which can''t be guessed by a local user. This is pretty off-topic for the xen list though, so I''ll just suggest you look at the Secure Programming Howto: http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/index.html Specifically the section on temporary files being used in races. Steve -- _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Gaurav Maheshbhai Patel
2007-Apr-15 10:59 UTC
Re: [Xen-devel] Instant Xen guest (guest-magic tool)
Thankyou very much steve, Its very helpful. Gaurav ----- Original Message ----- From: Steve Kemp <steve@steve.org.uk> Date: Saturday, April 14, 2007 7:19 pm Subject: Re: [Xen-devel] Instant Xen guest (guest-magic tool) To: Gaurav Maheshbhai Patel <gmpatel@learn.senecac.on.ca> Cc: xen-devel@lists.xensource.com> On Sat, Apr 14, 2007 at 09:51:42AM -0500, Gaurav Maheshbhai Patel > wrote: > > The comment on /tmp/guestmagic was really good. > > I was wondering what if we use /tmp/$$ > > > > > commands.getoutput(''xm list > /tmp/$$'') > > > > Is it create the same problem as /tmp/guestmagic? > > Pretty much. Process IDs are still *predictable* since they > tend to be sequential under most systems. > > Still this is better than a static name. You should really > use a pipe. If you can''t then use a secure filename which > can''t be guessed by a local user. > > This is pretty off-topic for the xen list though, so I''ll > just suggest you look at the Secure Programming Howto: > > http://www.dwheeler.com/secure-programs/Secure-Programs- > HOWTO/index.html > Specifically the section on temporary files being used in > races. > > Steve > -- >_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Thanks for the tip Steve. Using a pipe worked great.>I''d suggest you either use a pipe, or a secure *unpredictable* >filename instead._______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel