An evolution of v1 here:
https://www.redhat.com/archives/libguestfs/2020-April/msg00035.html
I want to generalize the tmpdisk plugin, particularly so you can use
commands like ‘qemu-img create’ or even ‘virt-builder’.
(Actually virt-builder really works - I tested it - but of course it
causes a 30+ second delay when connecting to the server.)
You can now use commands such as:
nbdkit tmpdisk 16G command=' truncate -s $size "$disk" '
The way it works is it creates a temporary directory under $TMPDIR,
runs the external command with disk=$TMPDIR/<random>/disk, then when
the external command finishes the plugin opens the disk, finds out the
size and serves it. At the same time the plugin deletes the disk and
temporary subdirectory so it is all automatically cleaned up even if
nbdkit crashes.
It seems this is secure because mkdtemp(3) creates the subdirectory
with 0700 permissions, so no other user on the same machine should be
able to monkey around with the disk. Hopefully. But I suggest Eric
takes a closer look with his much wider experience :-)
Rich.