selinux breaks revisor
James Morris
jmorris at namei.org
Thu Jan 24 23:17:05 UTC 2008
On Thu, 24 Jan 2008, Daniel P. Berrange wrote:
> > Something to consider perhaps is the use of lguest, which is currently
> > i386 only, but does boot up nearly instantaneously, and can be scripted,
> > as its console is the launching shell.
> >
> > Is there an efficient technique for mounting a disk image so that changes
> > made to it are discarded?
>
> Sure, just create an LVM writable snapshot of your master image, and boot
> with that instead, and throw away the snapshot when you're done.
Cool. So if there was a RPM package which contained a barebones Fedora
image and some management scripts, I don't imagine it would be too
difficult to do things like build RPMs inside that with e.g. different
SELinux policies to the host. Any supporting RPMS required inside the
guest could be installed via a script either from host media or over the
net, then the final RPM (or whatever is being created) could be copied
back out to the host before discarding the guest instance.
It would not be as fast or simple as chroot, but I suspect it would work
pretty well, especially if the guest dispenses with all non-essential
startup.
- James
--
James Morris
<jmorris at namei.org>
More information about the devel
mailing list