------------------
- touch /.unconfigured ?
- - smolt ID
- - Spacewalk / RHN ID
+ - other Spacewalk / RHN IDs (?)
- Kerberos keys
- Puppet registration
- user accounts
. install a firstboot script virt-sysprep --script=/tmp/foo.sh
. run an external shell script
. run external guestfish script virt-sysprep --fish=/tmp/foo.fish
- - log files (thanks Steve Grubb)
- . as well as the obvious log files, also
- utmp/wtmp/btmp/tallylog and pam_faillock's data files
- - RNG seed (Steve Grubb)
+ . rm /var/cache/apt/archives/*
+ - /var/run/* and pam_faillock's data files
- homedirs/.ssh directory, especially /root/.ssh (Steve Grubb)
- if drives are encrypted, then dm-crypt key should be changed
and drives all re-encrypted
may have picked up some certificates or things. This is an area
that you would want to look into.
- secure erase of inodes etc using scrub (Steve Grubb)
- - touch /.autorelabel if we create any new files (thanks Dan Berrange)
+ - other directories that could require cleaning include:
+ /var/cache/gdm/*
+ /var/lib/fprint/*
+ /var/run/*
+ /var/lib/AccountService/users/*
+ /var/lib/sss/db/*
+ /var/lib/samba/*
+ /var/lib/samba/*/*
+ (thanks Marko Myllynen, James Antill)
+
+Launch remote sessions over ssh
+-------------------------------
+
+We had an idea you could add a launch method that uses ssh, ie. all
+febootstrap and qemu commands happen the same as now, but prefixed by
+ssh so it happens on a remote machine.
+
+Note that proper remote support and integration with libvirt is
+different from this, and people are working on that. ssh would just
+be "remote-lite".
+
+virt-make-fs and virt-win-reg need to not be in Perl
+----------------------------------------------------
+
+Probably they should be in C or OCaml.
+
+Integrate snap-type functionality in inspection tools
+-----------------------------------------------------
+
+Mo Morsi's "snap" program lets you describe a guest as the list of
+packages (eg. RPMs) installed + changes made to those RPMs + files
+added.
+
+http://projects.morsi.org/wiki/Snap
+
+This results in a compact description of the guest. He even managed
+to do a kind of migration of guests by simply recreating the guest
+from the description on the target machine.
+
+It would be ideal to integrate this and/or use inspection to do this.