On Wed, Sep 28, 2011 at 11:14:57AM +0100, Stefan Hajnoczi wrote:
Does febootstrap-supermin-helper need to be dynamic or could
libguestfs create a /var/lib/guestfs/appliance-initramfs.gz on
install? Then libguestfs on the client can create the appliance
domain and point at that static initramfs file path.
This is how the Debian package of libguestfs works (Hilko's official
package, not my one).
However this is troublesome because it means any security problem in a
dependent program is baked into the appliance. Applying a security
update to the host wouldn't update this libguestfs appliance. Compare
this to the way febootstrap-supermin-helper normally works (eg
upstream, Fedora and RHEL): the appliance is rebuilt whenever any
change is noticed in a dependent program.
Rich.
--
Richard Jones, Virtualization Group, Red Hat
http://people.redhat.com/~rjones
virt-top is 'top' for virtual machines. Tiny program with many
powerful monitoring features, net stats, disk stats, logging, etc.
http://et.redhat.com/~rjones/virt-top