| |
|
 |
|
 |
|
|
|
| |
|
|
xen-users
Re: [Xen-users] Is using w! safe to share data between domains?
On Thursday 19 May 2005 10:37, John A. Sullivan III wrote:
> I have a slightly unusual situation where I need to pass data from one
> domain to another but, for security reasons, one of the domains will not
> be on the network. I would like to pass the data via a shared disk
> partition. I would like to know if what I have done is safe.
Have you considered giving the networkless domain a vif but firewalling it off
from everything you don't trust? Having network available would make this
kind of sharing much easier, since you could use NFS (purely networked), GFS
or OCFS2 (both disk-based but require a network component to work).
Cheers,
Mark
> I created a disk partition named /dev/VG1/pkipass.
> Each domU disk definition contains: 'phy:VG1/pkipass,sda3,w!'
> None of the domUs automatically mounts this device.
>
> When one domU needs to deposit data for another domU to pick up (this
> exchange is always a manual effort to first deposit the shared data and
> then retrieve the shared data), we do the following:
>
> The depositing domU mounts sda3 read-only.
> It looks for a tag file -- this tag file is created when a domU has
> mounted the partition as read-write
> If the tag-file exists {
> it unmounts the partition
> it sleeps briefly
> it retries
> }
> else {
> it remounts the partition read-write
> it creates the tag file
> it deposits the data
> it deletes the tag fie
> it unmounts the partition
> }
>
> A similar process is used to retrieve the data.
>
> Is this safe?
>
> Thanks - John
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
|
|
| |
|
Home