extra details about the guest itself in order to get to its
UID->username map (eg. /etc/passwd from the guest).
-febootstrap / debootstrap inside appliance
-------------------------------------------
-
-This was originally proposed as a way to install new operating systems
-in the appliance. However no one has come up with a workable
-solution.
-
Haskell bindings
----------------
findfs
logsave
mklost+found
- ext2undelete
SELinux:
chcat
which is equivalent to the following sequence of calls:
$h = Sys::Guestfs->new ();
- $h->set_autosync (1);
$h->add_drive_ro ($filename);
$h->launch ();
$h->mount_ro (\"/dev/sda1\", \"/\");
How would editing files work?
-ntfsclone
----------
-
-Useful imaging tool:
-http://man.linux-ntfs.org/ntfsclone.8.html
-
virt-rescue pty
---------------
Note that pty requires cooperation inside the C code too (there are
two sides to a pty, and one has to be handled after the fork).
+[I tried to implement this in the new C virt-rescue, but it doesn't
+work. qemu is implementing its own ptys, and they are broken. Need
+to fix qemu.]
+
Windows-based daemon/appliance
------------------------------
One would have to download those to the host and launch another
libguestfs instance.
-List, mount filesystems by UUID and label
------------------------------------------
-
-[See related:
-http://www.redhat.com/archives/libguestfs/2009-August/msg00031.html]
-
-List filesystems by UUID or label.
-
-Mount filesystems by UUID or label. (I'm not really sure if we can do
-this at the moment but we ought to be able to do it, and perhaps make
-it easier by having a direct command).
+[Not sure this is such a good idea. See also live CD inspection idea below.]
Map filesystems to disk blocks
------------------------------
Is it even possible?
+See also contribs/visualize-alignment/
+
Integration with host intrusion systems
---------------------------------------
http://osiris.shmoo.com/
http://sourceforge.net/projects/tripwire/
--N option should be generated
------------------------------
-
-'-N' option should generate documentation in guestfish(1) manpage.
-
Fix 'file'
----------
https://www.redhat.com/archives/libguestfs/2010-June/msg00053.html
https://www.redhat.com/archives/libguestfs/2010-June/msg00079.html
-Regression test on virt-inspector
----------------------------------
-
-Occasionally we break virt-inspector through some change. We should
-add a regression test for it. However this is hard because we'd need
-to avoid having to carry huge images.
-
-Update: I managed to fit a real-but-minimal Fedora 13 image into 6.2 MB.
-See: http://rwmj.wordpress.com/2010/09/07/tip-pack-files-into-a-new-disk-image/#content
-
Freeze/thaw filesystems
-----------------------
Tip: Use 'll /' to view the filesystem or ...
><fs> ll /
-New guestfish commands
-----------------------
-
-'list-filesystems' => list mountable filesystems
-
-We could implement this as a new API call, replacing a number of areas
-of the current code where this is done already (in virt-inspector and
-elsewhere). What we normally do to find out if a partition contains a
-mountable filesystem is to just blindly mount it, and see if that
-succeeds. However the kernel won't let us do this if the filesystem
-is already mounted somewhere, so a naive implementation of this in the
-daemon won't work. We would have to check if the partition was
-already mounted.
-
Could we make guestfish interactive if commands are used without params?
------------------------------------------------------------------------
How can we solve these common user problems?
-- http://lists.fedoraproject.org/pipermail/users/2010-June/374931.html
- In guestfish, specified -m non-existent filesystem. We could suggest
- a list of filesystems, or suggest they run the virt-list-filesystems
- command.
-
- Related to the above: There should be an API call to list all
- mountable / accessible devices. Or a guestfish command to replace
- list-devices, list-partitions, lvs, vfs-type.
+[space for common problems here]
Better support for encrypted devices
------------------------------------
groups. If it contains, eg., partitions, you cannot access them.
We would like to add:
- - An easier way to use this from guestfish.
- Direct access to the /dev/mapper device (eg. if it contains
anything apart from VGs).
There are some places where we call out to the 'blkid' program. This
might be replaced by direct use of the library (if this is easier).
+
+Visualization
+-------------
+
+Eric Sandeen pointed out the blktrace tool which is a better way of
+capturing traces than using patched qemu (see
+contrib/visualize-alignment). We would still use the same
+visualization tools in conjunction with blktrace traces.
+
+guestfish parsing
+-----------------
+
+At the moment guestfish uses an ad hoc parser which has many
+shortcomings. We should change to using a lex/yacc-based scanner and
+parser (there are better parsers out there, but yacc is sufficient and
+very widely available).
+
+The scanner must deal with the case of parsing a whole command string,
+eg. for a command that the user types in:
+
+ ><fs> add-drive-opts "/tmp/foo" readonly:true
+
+and also with parsing single words from the command line:
+
+ guestfish add-drive-opts /tmp/foo readonly:true
+
+Note the quotes are for scanning and don't indicate types.
+
+We should also allow variables and expressions as part of this new
+parsing code, eg:
+
+ set roots inspect-os
+ set product inspect-get-product-name %{roots[0]}
+
+% is better than $ because of shell escaping and confusion with shell
+variables.
+
+Can we combine this with ability to set and read environment
+variables? Currently guestfish uses many environment variables like
+$EDITOR without any corresponding ability to set them.
+
+ set EDITOR /usr/bin/emacs
+ echo $EDITOR # or %{EDITOR}
+ edit /etc/resolv.conf
+
+live CD inspection for Windows 7
+--------------------------------
+
+Windows 7 install CDs are quite different and pretty impenetrable.
+There are no obvious files to parse.
+
+More ntfs tools
+---------------
+
+ntfsprogs actually has a lot more useful tools than we currently
+use. Interesting ones are:
+
+ntfslabel: display or change filesystem label (we should unify all
+ set*label APIs into a single set_vfs_label which can deal with any
+ filesystem)
+
+ntfsclone: clone, image, restore, rescue NTFS
+
+ntfsinfo: print various information about NTFS volume and files
+
+ntfs streams: extract alternate streams from NTFS files
+
+ntfsck: checker for NTFS filesystems
+
+Undelete files
+--------------
+
+Two useful tools:
+
+ - ext2undelete
+ - ntfsundelete
+
+More mkfs_opts options
+----------------------
+
+Useful options to offer:
+ - Set label.
+ - Set UUID.
+
+Use /proc/self/mountinfo
+------------------------
+
+This file contains lots of interesting information about
+what is mounted and where. eg:
+
+ 16 21 0:3 / /proc rw,relatime - proc /proc rw
+ 17 21 0:16 / /sys rw,relatime - sysfs /sys rw,seclabel
+ 18 23 0:5 / /dev rw,relatime - devtmpfs udev rw,seclabel,size=1906740k,nr_inodes=476685,mode=755
+ 26 21 253:3 / /home rw,relatime - ext4 /dev/mapper/vg-lv_home rw,seclabel,barrier=1,data=ordered
+
+This could be used instead of current hairy code to parse the output
+of the 'mount' command. We could add new APIs to return kernel mount
+options, type of filesystem at a mountpoint etc.
+
+guestfish drive letters
+-----------------------
+
+There should be an option to mount all Windows drives as separate
+paths, like C: => /c/, D: => /d/ etc.
+
+More inspection features
+------------------------
+
+- last shutdown time
+- DHCP address
+- last time the software was updated
+- last user who logged in
+- lastlog, last, who
+
+Integrate virt-inspector with CMDBs
+-----------------------------------
+
+Either integrate virt-inspector with Configuration Management
+Databases (CMDBs) or at least check that virt-inspector produces the
+right range of data so that integration would be possible. The
+standards for CMDBs come from the DMTF, see eg:
+
+http://dmtf.org/news/pr/2009/7/dmtf-releases-cmdbf-standard-federating-configuration-management-data
+
+Efficient way to visit all files
+--------------------------------
+
+https://rwmj.wordpress.com/2010/12/15/tip-audit-virtual-machine-for-setuid-files/#content
+
+A naive method would look like:
+
+ g#visit ~return_stats:true "/" (
+ fun pathname stat ->
+ ...
+ )
+
+However this has two disadvantages:
+
+ - requires hand-written custom bindings in each language
+ - unclear about locking, thread-safety and re-entrancy of handle g
+
+A better way would be to have some sort of explicit "download all
+filenames and stat structures", which could then be iterated over:
+
+ let files = g#find_opts ~return_stats:true "/" in
+ List.iter (
+ fun pathname stat ->
+ ...
+ )
+
+The problem with this is that 'files' is going to be larger than a
+protocol buffer.
+
+This leads to thinking about changes to the protocol / generator to
+make this simpler. The proposal would be to add RBigStringList,
+RBigStructList [or RBig (Ranytype ...)]. These would work like
+FileOut, in that they would use file streaming to stream XDR
+structures (probably written to a file on the library side).
+Generated code would hide most of the implementation.
+
+We also need to think about security issues: is it possible for the
+daemon to keep sending back data forever, and if so what happens on
+the library side.
+
+[Users can now use virt-ls to solve some of these problems, but it is
+not a general solution at the API level]
+
+Interactive disk creator
+------------------------
+
+An interactive disk creator program.
+
+Attach method for disconnected operation
+----------------------------------------
+
+http://libguestfs.org/guestfs.3.html#guestfs_set_attach_method
+
+"Librarian" has an idea that he should be able to attach to a regular
+appliance, but disconnect from it and reconnect to it later. This
+would be some sort of modified attach method (see link above).
+
+The complexity here is that we would no longer have access to
+stdin/stdout (or we'd have to direct that somewhere else).
git.annexia.org / libguestfs.git / blobdiff