CirrOS 0.3.5
by Nadav Goldin
Hi,
The CirrOS image in the virt-builder default repository is quite
outdated - 0.3.1.
0.3.5 was released two months ago. Are there any plans to update it?
Thanks,
Nadav.
7 years, 5 months
[PATCH v2 00/12] Allow APIs to be implemented in OCaml.
by Richard W.M. Jones
Version 1 was here:
https://www.redhat.com/archives/libguestfs/2017-June/msg00003.html
This patch series reimplements a few more APIs in OCaml, including
some very important core APIs like ‘list_filesystems’ and ‘mount’.
All the tests pass after this.
The selection of APIs that I have moved may look a little random, but
in fact they are all APIs consumed by the inspection code (and some
more which I haven't submitted yet). This patch series makes it
easier to implement inspection in the daemon.
Code size is smaller, and code is simpler.
The major security benefits will come as we move more APIs, especially
inspection, into the daemon where they run in a sandbox. That is only
possible because we don't have to write everything in C.
The daemon grows in disk size slightly, from 3.1 MB to 4.6 MB. That
growth (1.5 MB) compared to the whole appliance (296 MB) is a third of
one percent, so not really noticable.
Rich.
7 years, 5 months
[PATCH 0/3]: daemon: Reimplement ‘file’ API in OCaml.
by Richard W.M. Jones
This patch series is just FYI at the moment. However it
does pass the tests.
The daemon is a self-contained program. We don't need to write it all
in C. Writing parts of it in OCaml would make it simpler and less
error-prone. In particular if the daemon was written in a more sane
programming language then we could move the inspection code to run
entirely inside the appliance, which would be more secure, much faster
and much saner for the people implementing it.
This patch series allows individual APIs to be rewritten in OCaml (I
am _not_ proposing that we would ever reimplement all APIs this way).
The third patch reimplements the ‘file’ API this way, showing that the
code ends up smaller, safer and (because we can now use a chroot
properly) more accurate.
Rich.
7 years, 5 months
[PATCH] v2v: tell v2v the real root device to mkinitrd
by Cédric Bosdonnat
From: Pino Toscano <ptoscano(a)redhat.com>
Complementary fix of commit 2d25872df3619a3077006ad0f91c029602db6780.
On SLES 11 SP4 with kdump enabled mkinitrd calls mkdumprd which calls
mkinitrd, but mkdumprd doesn't have any clue of the root device.
Call mkinitrd with rootdev environment variable to tell them all
what device to use as root.
Tested-By: Cédric Bosdonnat <cbosdonnat(a)suse.com>
---
v2v/convert_linux.ml | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/v2v/convert_linux.ml b/v2v/convert_linux.ml
index f8dfa00d7..42a19947b 100644
--- a/v2v/convert_linux.ml
+++ b/v2v/convert_linux.ml
@@ -514,7 +514,9 @@ let rec convert (g : G.guestfs) inspect source output rcaps =
else if family = `SUSE_family
&& g#is_file ~followsymlinks:true "/sbin/mkinitrd" then (
ignore (
- g#command [| "/sbin/mkinitrd";
+ g#command [| "/usr/bin/env";
+ "rootdev=" ^ inspect.i_root;
+ "/sbin/mkinitrd";
"-m"; String.concat " " modules;
"-i"; initrd;
"-k"; kernel.ki_vmlinuz;
--
2.12.2
7 years, 5 months
