2009/3/25 Diane, Kevin and Ava
<dkmckeon@comcast.net>:> Lets say I have a bunch of identical CentOS 5 domain0 servers and want to
create a couple of domU guests on each of these systems using the same exact
file system image as domain0. The book "Running Xen" says my config
file should look something like this:
> disk = [''phy:hda1,xvda1,w'']
> root = "/dev/hda1 ro"
You made up that config yourself, didn''t you? I highly doubt that
exact config is on the book :)
> If I export hda1 with read-write permissions (w) wouldn''t this
give anyone with access to the guest domain the ability to destroy the root file
system on Domain0? (since hda1 is the root partition for domain0 AND my new domU
guest)
Yes. That''s why xen would prevent you from using such configuration :)
In general, you must never mount the same block device twice (like on
dom0 and domU) at the same time. So if you use hda1 as dom0''s root
partition, you can''t use it on domU. All domU should have it''s
own
disk (not shared with dom0 or other domUs).
There are exceptions when using cluster file system, but we won''t talk
about it here.
Since you''re using Centos I suggest you start reading RHEL/Centos docs
on xen
http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/Virtualization_Guide/index.html
http://wiki.centos.org/HowTos/Xen/InstallingCentOSDomU
> Would you also please explain the read-only (ro) rights associated with the
''root'' line. Why would you mount a root partition
''ro'', the kernel needs to write to the root partition for
various things such as ''var'' and /etc/mtab?
>From http://tldp.org/HOWTO/BootPrompt-HOWTO-3.html#ss3.1
"
The `ro'' Argument
When the kernel boots, it needs a root filesystem to read basic things
off of. This is the root filesystem that is mounted at boot. However,
if the root filesystem is mounted with write access, you can not
reliably check the filesystem integrity with half-written files in
progress. The `ro'' option tells the kernel to mount the root
filesystem as `readonly'' so that any filesystem consistency check
programs (fsck) can safely assume that there are no half-written files
in progress while performing the check. No programs or processes can
write to files on the filesystem in question until it is `remounted''
as read/write capable.
"
The startup scripts will remount the root filesystem "rw" later, after
fsck completed.
Regards,
Fajar
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users