[fedora-virt] libguestfs best practices: Exposing files from the host for the duration of a session

Markus Armbruster armbru at redhat.com
Fri May 29 12:57:44 UTC 2009

"Daniel P. Berrange" <berrange at redhat.com> writes:

> On Fri, May 29, 2009 at 12:10:05PM +0100, Richard W.M. Jones wrote:
>> On Fri, May 29, 2009 at 03:13:10AM -0700, Ask Bjørn Hansen wrote:
>> > On May 29, 2009, at 2:44, Richard W.M. Jones wrote:
>> >> If we put an FTP server inside the appliance, things are better.  FTP
>> >> clients are widely available, either standalone or as libraries for
>> >> many programming languages.  They just need to be able to make a TCP
>> >> connection, so there is no requirement for special privileges.  On the
>> >> server side (inside the appliance) the FTP server is running as "root"
>> >> so it can make arbitrary changes to the filesystem.
>> >
>> > Please make FTP die already!  :-)
>> >
>> > How about HTTP (WebDAV) or - better - just use the ssh file transfer  
>> > protocol?
>> ssh isn't too widely supported (from programming language libraries).
>> Does libssh2 even support scp?
>> WebDAV is possible, but it comes down to how much crap it will depend
>> upon, all of which needs to go into the appliance.
>> FTP is widely supported and well understood, and the servers are old,
>> small, self-contained code.  I really think it's better for this, and
>> not just because I once wrote an FTP server ...
> I tend to agree with this - ssh is overkill here - the host <->guest
> channel is already secure by virtue of using vmchannel, so using ssh
> is not really required. FTP is a really easy to implement, low overhead
> protocol that'd fit nicely here. I can't really think of what WebDAV
> would do for this use case that FTP can't do in a simpler manner.
> Daniel

Sounds like even TFTP would do.

More information about the Fedora-virt mailing list