[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [RFC PATCH 2/2] qga: add --getenv option to get env. va
|
From: |
Daniel P. Berrange |
|
Subject: |
Re: [Qemu-devel] [RFC PATCH 2/2] qga: add --getenv option to get env. vars from fw_cfg |
|
Date: |
Wed, 25 Feb 2015 09:09:13 +0000 |
|
User-agent: |
Mutt/1.5.23 (2014-03-12) |
On Tue, Feb 24, 2015 at 02:43:07PM -0500, Gabriel L. Somlo wrote:
> The new "-g" (or "--getenv") command line option causes qemu-ga to extract
> and parse the "etc/guestenv" blob from fw_cfg, and return the value of
> the requested key (if available) on stdout.
>
> Warnings and error messages are printed to stderr, and only the actual
> value portion of a "key=value" string matching the "--getenv key" argument
> will be printed to stdout. Strings are searched in reverse order to
> implement a sort of "last dupe wins" policy -- but I expect to refine
> things quite a bit after receiving some feedback.
>
> I've added a flag to qemu-ga instead of creating a completely separate
> binary, but I don't feel strongly about keeping it that way. I just need
> something that would end up tightly integrated with the "qemu guest tools"
> package...
It should really be a separate binary. Overloading multiple functions in
one binary makes it very hard to write a security policy to confine what
the binary can do, as you can't get the kernel to apply different policies
based on what CLI flag was passed.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|