On Thu, Aug 04, 2011 at 08:28:19PM +0100, Richard W.M. Jones wrote:
On Thu, Aug 04, 2011 at 09:01:02PM +0200, Hilko Bengen wrote:
> * Richard W.M. Jones:
>
> > I'm interested to know what the security/maintenance objections are.
> > We ship the *supermin* appliance in Fedora, precisely because it
> > improves security and maintenance.
>
> Ah well, it seems that I misunderstood what base.img is for. For some
> reason I believed that executables and libraries are extracted from the
> downloaded binary packages and copied into the image.
>
> What was I thinking? Sorry for the noise. :-)
>
> With the question about security out of the way (for which I'm glad), I
> still think that it would be best to build supermin.d/base.img and
> supermin.d/hostfiles at installation time -- and to provide a documented
> way for the user to rebuild them.
Hmmm maybe rerunning febootstrap? They will need a network connection
and it may be error prone, but it could work.
> > I guess we only have one version of Python at a time in Fedora.
> >
> > Could we do something like adding a ./configure --disable-library
> > option, allowing you to disable everything (except Python) and thus
> > just rebuild Python bindings?
>
> Is it even possible to build the Python bindings without the libguestfs
> library being available through libtool?
Yes, you may be right about that.
OTOH if you disable the appliance and the daemon and all the language
bindings except Python, libguestfs builds are a bit quicker:
time sh -c './configure --disable-appliance --disable-daemon --disable-ocaml
--disable-perl --disable-fuse --disable-ruby --disable-haskell --disable-php
--with-java-home=no && make clean && make'
4m33s
That's still building the tools though, so we should have a
--disable-tools option.
> Speaking of Python bindings... is it possible to convince libtool to
> build just a .so file, without .0.0 extension and symlinks? (As I
> reported a bug in dh_python2, it was pointed out to me that this was
> wrong.)
No idea .. We copied the code for building the Python bindings from
libvirt, so we probably inherited any bugs it has too.
IIRC, you can add '-avoid-version' to the LDFLAGS for the library
in question
Daniel
--
|:
http://berrange.com -o-
http://www.flickr.com/photos/dberrange/ :|
|:
http://libvirt.org -o-
http://virt-manager.org :|
|:
http://autobuild.org -o-
http://search.cpan.org/~danberr/ :|
|:
http://entangle-photo.org -o-
http://live.gnome.org/gtk-vnc :|