[pve-devel] [RFC PATCH] add kiosk option to vm
Fabian Grünbichler
f.gruenbichler at proxmox.com
Fri Feb 9 09:57:25 CET 2018
On Thu, Feb 08, 2018 at 03:39:36PM +0100, Dominik Csapak wrote:
> this adds a 'kiosk' option, which enables qemus snapshot
> mode, which redirects all writes to a temporary file, so
> that if you stop the qemu process, the disks are in their original state
>
> Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
> ---
> the only possible pitfall with this mode is that the temporary writes
> go on a file on (i think) /var/tmp which in our case means the
> root partition could get full, but since we can already enable this
> option per disk, i guess this is not an issue
IMHO this warrants some kind of permission checks, since it is an easy
DoS vector? or if it is possible to redirect this somehow, we could make
the feature more powerful and allocate a kiosk volume on a configured
storage with a configured size, and use that as "scratch space"?
>
> PVE/QemuServer.pm | 10 ++++++++++
> 1 file changed, 10 insertions(+)
>
> diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
> index 20d6682..28a0f19 100644
> --- a/PVE/QemuServer.pm
> +++ b/PVE/QemuServer.pm
> @@ -532,6 +532,12 @@ EODESCR
> description => "Select BIOS implementation.",
> default => 'seabios',
> },
> + kiosk => {
> + optional => 1,
> + type => 'boolean',
> + default => 0,
> + description => "If activated, writes to the disks of the VM will be temporary, and will be lost when stopping the VM."
> + }
> };
>
> # what about other qemu settings ?
> @@ -3401,6 +3407,10 @@ sub config_to_command {
> }
> }
>
> + if ($conf->{kiosk}) {
> + push @$cmd, '-snapshot';
> + }
> +
> # add custom args
> if ($conf->{args}) {
> my $aa = PVE::Tools::split_args($conf->{args});
> --
> 2.11.0
>
>
> _______________________________________________
> pve-devel mailing list
> pve-devel at pve.proxmox.com
> https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
More information about the pve-devel
mailing list