xen-users

[Top] [All Lists]

Re: [Xen-users] hostfs for xen?

from [Nils Toedtmann]

[Permanent Link][Original]

To:	Anthony Liguori <aliguori@xxxxxxxxxx>
Subject:	Re: [Xen-users] hostfs for xen?
From:	Nils Toedtmann <xen-users@xxxxxxxxxxxxxxxxxx>
Date:	Fri, 20 May 2005 01:59:16 +0200
Cc:	xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date:	Fri, 20 May 2005 00:00:28 +0000
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to:	<428D228F.4020803@xxxxxxxxxx>
List-help:	<mailto:xen-users-request@lists.xensource.com?subject=help>
List-id:	Xen user discussion <xen-users.lists.xensource.com>
List-post:	<mailto:xen-users@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References:	<1116495480.15693.18.camel@xxxxxxxxxxxxxxxxxxxxxxxx> <1116545357.17026.15.camel@xxxxxxxxxxxxxxxxxxxxxxx> <428D228F.4020803@xxxxxxxxxx>
Sender:	xen-users-bounces@xxxxxxxxxxxxxxxxxxx

Am Donnerstag, den 19.05.2005, 18:34 -0500 schrieb Anthony Liguori: 
> Nils Toedtmann wrote:
> >Am Donnerstag, den 19.05.2005, 05:37 -0400 schrieb John A. Sullivan
> >III: 
> >>I have a slightly unusual situation where I need to pass data from one
> >>domain to another but, for security reasons, one of the domains will not
> >>be on the network.  I would like to pass the data via a shared disk
> >>partition.  I would like to know if what I have done is safe.
> >
> >UML has a neat & simple solution for sharing filesystems between the
> >guests and the host (that's UML speak, read "between the domUs and
> >dom0"): hostfs. The host can assign a "hostfs-root-dir" to a guest; the
> >guest may then mount any subdir of that directly into its own filesystem
> >(like a bindmount). Read/write operations get mapped to a uid on the
> >host (that mapping comes naturally since a UML guest is nothing but a
> >process on the host owned by that uid). Hostfs is really cool in
> >situations where nfs would be overkill or considered a security risk (i
> >admit: i do not know if hostfs actually _is_ more secure than nfs, or -
> >if not - if it could be designed in a secure manner. It just appears to
> >be more secure due to its simplicity).
> >  
> I don't know how UML does this

It's a guest kernel compile time option. Hostfs does not need any
userland tools/daemons.

> but it seems like VMware embeds a version of Samba for this purpose.

Yes it does.

> You could certainly use it to achieve the same goal.

Not if my goal is to avoid network filesystems or - like John - to avoid
networking at all! Hostfs is _much_ simpler (and more secure??) than nfs
or smbfs/cifs. nfs needs a portmapper daemon, a nfs-server, a lock-
daemon, uses dynamic port allocations which are hard to firewall,
authentication need to be configured properly; cifs/smbfs needs - at
least - a nmbd & smbd deamon, sid<-->uid mapping and authentication need
to be configured properly ... And you do not want to export a unixish fs
to a unixish os via cifs ;)

btw: vmware has another functionality they call "shared folders". That
comes much closer to hostfs.

/nils.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-users] Is using w! safe to share data between domains?, John A. Sullivan III Re: [Xen-users] Is using w! safe to share data between domains?, Anthony Liguori Re: [Xen-users] Is using w! safe to share data between domains?, Mark Williamson Re: [Xen-users] Is using w! safe to share data between domains?, Mark Williamson Re: [Xen-users] Is using w! safe to share data between domains?, John A. Sullivan III [Xen-users] hostfs for xen? (was: Is using w! safe to share data between domains?), Nils Toedtmann Re: [Xen-users] hostfs for xen?, Anthony Liguori Re: [Xen-users] hostfs for xen?, Nils Toedtmann <= Re: [Xen-users] hostfs for xen?, Anthony Liguori Re: [Xen-users] hostfs for xen?, Nils Toedtmann Re: [Xen-users] hostfs for xen?, Mark Williamson Re: [Xen-users] hostfs for xen? (was: Is using w! safe to share data between domains?), Mark Williamson Re: [Xen-users] hostfs for xen? (was: Is using w! safe to share data between domains?), aq Re: [Xen-users] hostfs for xen? (was: Is using w! safe to share data between domains?), Nils Toedtmann RE: [Xen-users] Is using w! safe to share data between domains?, Ian Pratt RE: [Xen-users] Is using w! safe to share data between domains?, John A. Sullivan III RE: [Xen-users] Is using w! safe to share data between domains?, Ian Pratt [Xen-users] is there a way to have a read-only "skeleton"?, Jack Downes

Previous by Date:	RE: [Xen-users] Is using w! safe to share data between domains?, John A. Sullivan III
Next by Date:	Re: [Xen-users] Is using w! safe to share data between domains?, David H
Previous by Thread:	Re: [Xen-users] hostfs for xen?, Anthony Liguori
Next by Thread:	Re: [Xen-users] hostfs for xen?, Anthony Liguori
Indexes:	[Date] [Thread] [Top] [All Lists]