[Pkg-libvirt-commits] [libguestfs] 21/61: sysprep: Use customize module for customizing the guest after sysprepping.
Hilko Bengen
bengen at moszumanska.debian.org
Sat Mar 29 14:36:23 UTC 2014
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to branch experimental
in repository libguestfs.
commit ae6f726ecc3bc1b67fd76e51a7b1e1a33d4dcfc0
Author: Richard W.M. Jones <rjones at redhat.com>
Date: Wed Mar 19 15:14:06 2014 +0000
sysprep: Use customize module for customizing the guest after sysprepping.
Note this removes the following modules (all replaced by 'customize'):
- delete [--delete, --scrub]
- firstboot [--firstboot]
- hostname [--hostname]
- password [--password, --password-crypto, --root-password]
- random-seed
- timezone [--timezone]
---
po/POTFILES-ml | 7 +-
sysprep/Makefile.am | 10 +-
...ndom_seed.ml => sysprep_operation_customize.ml} | 34 ++--
sysprep/sysprep_operation_delete.ml | 74 --------
sysprep/sysprep_operation_firstboot.ml | 79 --------
sysprep/sysprep_operation_hostname.ml | 60 ------
sysprep/sysprep_operation_password.ml | 201 ---------------------
sysprep/sysprep_operation_timezone.ml | 67 -------
sysprep/test-virt-sysprep-passwords.sh | 2 +-
sysprep/virt-sysprep.pod | 16 +-
10 files changed, 35 insertions(+), 515 deletions(-)
diff --git a/po/POTFILES-ml b/po/POTFILES-ml
index 3870f3d..4602e44 100644
--- a/po/POTFILES-ml
+++ b/po/POTFILES-ml
@@ -37,15 +37,13 @@ sysprep/sysprep_operation_blkid_tab.ml
sysprep/sysprep_operation_ca_certificates.ml
sysprep/sysprep_operation_crash_data.ml
sysprep/sysprep_operation_cron_spool.ml
-sysprep/sysprep_operation_delete.ml
+sysprep/sysprep_operation_customize.ml
sysprep/sysprep_operation_dhcp_client_state.ml
sysprep/sysprep_operation_dhcp_server_state.ml
sysprep/sysprep_operation_dovecot_data.ml
sysprep/sysprep_operation_firewall_rules.ml
-sysprep/sysprep_operation_firstboot.ml
sysprep/sysprep_operation_flag_reconfiguration.ml
sysprep/sysprep_operation_fs_uuids.ml
-sysprep/sysprep_operation_hostname.ml
sysprep/sysprep_operation_kerberos_data.ml
sysprep/sysprep_operation_logfiles.ml
sysprep/sysprep_operation_lvm_uuids.ml
@@ -56,9 +54,7 @@ sysprep/sysprep_operation_net_hwaddr.ml
sysprep/sysprep_operation_pacct_log.ml
sysprep/sysprep_operation_package_manager_cache.ml
sysprep/sysprep_operation_pam_data.ml
-sysprep/sysprep_operation_password.ml
sysprep/sysprep_operation_puppet_data_log.ml
-sysprep/sysprep_operation_random_seed.ml
sysprep/sysprep_operation_rh_subscription_manager.ml
sysprep/sysprep_operation_rhn_systemid.ml
sysprep/sysprep_operation_rpm_db.ml
@@ -68,7 +64,6 @@ sysprep/sysprep_operation_smolt_uuid.ml
sysprep/sysprep_operation_ssh_hostkeys.ml
sysprep/sysprep_operation_ssh_userdir.ml
sysprep/sysprep_operation_sssd_db_log.ml
-sysprep/sysprep_operation_timezone.ml
sysprep/sysprep_operation_tmp_files.ml
sysprep/sysprep_operation_udev_persistent_net.ml
sysprep/sysprep_operation_user_account.ml
diff --git a/sysprep/Makefile.am b/sysprep/Makefile.am
index 1bff338..f555d6b 100644
--- a/sysprep/Makefile.am
+++ b/sysprep/Makefile.am
@@ -38,15 +38,13 @@ operations = \
ca_certificates \
crash_data \
cron_spool \
- delete \
+ customize \
dhcp_client_state \
dhcp_server_state \
dovecot_data \
flag_reconfiguration \
firewall_rules \
- firstboot \
fs_uuids \
- hostname \
kerberos_data \
lvm_uuids \
logfiles \
@@ -57,9 +55,7 @@ operations = \
pacct_log \
package_manager_cache \
pam_data \
- password \
puppet_data_log \
- random_seed \
rh_subscription_manager \
rhn_systemid \
rpm_db \
@@ -69,7 +65,6 @@ operations = \
ssh_hostkeys \
ssh_userdir \
sssd_db_log \
- timezone \
tmp_files \
udev_persistent_net \
user_account \
@@ -101,6 +96,9 @@ deps = \
$(top_builddir)/customize/hostname.cmx \
$(top_builddir)/customize/timezone.cmx \
$(top_builddir)/customize/firstboot.cmx \
+ $(top_builddir)/customize/perl_edit.cmx \
+ $(top_builddir)/customize/customize_cmdline.cmx \
+ $(top_builddir)/customize/customize_run.cmx \
$(top_builddir)/fish/guestfish-uri.o \
sysprep_operation.cmx \
$(patsubst %,sysprep_operation_%.cmx,$(operations)) \
diff --git a/sysprep/sysprep_operation_random_seed.ml b/sysprep/sysprep_operation_customize.ml
similarity index 53%
rename from sysprep/sysprep_operation_random_seed.ml
rename to sysprep/sysprep_operation_customize.ml
index 194ae6a..145c29f 100644
--- a/sysprep/sysprep_operation_random_seed.ml
+++ b/sysprep/sysprep_operation_customize.ml
@@ -1,5 +1,5 @@
(* virt-sysprep
- * Copyright (C) 2012 Red Hat Inc.
+ * Copyright (C) 2014 Red Hat Inc.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -19,25 +19,33 @@
open Sysprep_operation
open Common_gettext.Gettext
-open Random_seed
-
module G = Guestfs
-let random_seed_perform (g : Guestfs.guestfs) root side_effects =
- if set_random_seed g root then
- side_effects#created_file ()
+let customize_args, get_ops =
+ let args, get_ops = Customize_cmdline.argspec ~prog () in
+ let args = List.map (
+ fun (spec, v, longdesc) ->
+ { extra_argspec = spec;
+ extra_pod_argval = v; extra_pod_description = longdesc }
+ ) args in
+ args, get_ops
+
+let customize_perform ~debug ~quiet g root side_effects =
+ let ops = get_ops () in
+ Customize_run.run ~prog ~debug ~quiet g root ops;
+ side_effects#created_file () (* XXX Did we? *)
let op = {
defaults with
- name = "random-seed";
+ order = 99; (* Run it after everything. *)
+ name = "customize";
enabled_by_default = true;
- heading = s_"Generate random seed for guest";
+ heading = s_"Customize the guest";
pod_description = Some (s_"\
-Write some random bytes from the host into the random seed file of the
-guest.
-
-See L</RANDOM SEED> below.");
- perform_on_filesystems = Some random_seed_perform;
+Customize the guest by providing L<virt-customize(1)> options
+for installing packages, editing files and so on.");
+ extra_args = customize_args;
+ perform_on_filesystems = Some customize_perform;
}
let () = register_operation op
diff --git a/sysprep/sysprep_operation_delete.ml b/sysprep/sysprep_operation_delete.ml
deleted file mode 100644
index 047bd39..0000000
--- a/sysprep/sysprep_operation_delete.ml
+++ /dev/null
@@ -1,74 +0,0 @@
-(* virt-sysprep
- * Copyright (C) 2013 Fujitsu Ltd.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- *)
-
-open Common_utils
-open Sysprep_operation
-open Common_gettext.Gettext
-
-module G = Guestfs
-
-let paths = ref []
-let add_paths ?(scrub = false) path = paths := (scrub, path) :: !paths
-
-let path_perform g root side_effects =
- let paths = List.rev !paths in
- if paths <> [] then (
- List.iter (
- function
- | false, glob -> Array.iter g#rm_rf (g#glob_expand glob)
- | true, path -> g#scrub_file path
- ) paths
- )
-
-let op = {
- defaults with
- name = "delete";
- enabled_by_default = true;
- heading = s_"Delete or scrub specified files or directories";
- pod_description = Some (s_"\
-Use the I<--delete> option to specify a path to remove.
-
-You can use shell glob characters in the specified path; note that such
-metacharacters might require proper escape. For example:
-
- virt-sysprep --delete '/var/log/*.log'
-
-An alternative option, I<--scrub>, can be used to scrub files. This
-only works for files (not directories) and cannot use globs.
-
-You can use both options as many times as you want.");
- extra_args = [
- { extra_argspec = ("--delete", Arg.String add_paths, s_"path" ^ " " ^ s_"File or directory to be removed on guest");
- extra_pod_argval = Some "PATHNAME";
- extra_pod_description = s_"\
-Delete (recursively) the specified C<PATHNAME> in the guest.";
- };
-
- { extra_argspec = ("--scrub", Arg.String (add_paths ~scrub:true), s_"path" ^ " " ^ s_"File to be scrubbed");
- extra_pod_argval = Some "PATHNAME";
- extra_pod_description = s_"\
-Scrub (aggressively overwrite then remove) the specified
-file called C<PATHNAME> in the guest. Only single files can
-be specified using this argument.";
- }
- ];
-
- perform_on_filesystems = Some path_perform;
-}
-
-let () = register_operation op
diff --git a/sysprep/sysprep_operation_firstboot.ml b/sysprep/sysprep_operation_firstboot.ml
deleted file mode 100644
index 4c42353..0000000
--- a/sysprep/sysprep_operation_firstboot.ml
+++ /dev/null
@@ -1,79 +0,0 @@
-(* virt-sysprep
- * Copyright (C) 2012 Red Hat Inc.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- *)
-
-open Printf
-
-open Common_utils
-open Sysprep_operation
-open Common_gettext.Gettext
-
-module G = Guestfs
-
-let files = ref []
-
-let firstboot_perform g root side_effects =
- (* Read the files and add them using the {!Firstboot} module. *)
- let files = List.rev !files in
- let i = ref 0 in
- List.iter (
- fun filename ->
- incr i;
- let i = !i in
- let content = read_whole_file filename in
- Firstboot.add_firstboot_script g root i content;
- side_effects#created_file ()
- ) files
-
-let op = {
- defaults with
- name = "firstboot";
-
- (* enabled_by_default because we only do anything if the
- * --firstboot parameter is used.
- *)
- enabled_by_default = true;
-
- heading = s_"Add scripts to run once at next boot";
- pod_description = Some (s_"\
-Supply one of more shell scripts (using the I<--firstboot> option).
-
-These are run the first time the guest boots, and then are
-deleted. So these are useful for performing last minute
-configuration that must run in the context of the guest
-operating system, for example C<yum update>.
-
-Output or errors from the scripts are written to
-C<~root/virt-sysprep-firstboot.log> (in the guest).");
-
- pod_notes = Some (s_"\
-Currently this is only implemented for Linux guests using
-either SysVinit-style scripts, Upstart or systemd.");
-
- extra_args = [
- { extra_argspec = "--firstboot", Arg.String (fun s -> files := s :: !files), s_"script" ^ " " ^ s_"run script once next time guest boots";
- extra_pod_argval = Some "SCRIPT";
- extra_pod_description = s_"\
-Run script(s) once next time the guest boots. You can supply
-the I<--firstboot> option as many times as needed."
- }
- ];
-
- perform_on_filesystems = Some firstboot_perform;
-}
-
-let () = register_operation op
diff --git a/sysprep/sysprep_operation_hostname.ml b/sysprep/sysprep_operation_hostname.ml
deleted file mode 100644
index 05178a3..0000000
--- a/sysprep/sysprep_operation_hostname.ml
+++ /dev/null
@@ -1,60 +0,0 @@
-(* virt-sysprep
- * Copyright (C) 2012 Red Hat Inc.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- *)
-
-open Printf
-
-open Common_utils
-open Sysprep_operation
-open Common_gettext.Gettext
-
-module G = Guestfs
-
-let hostname = ref "localhost.localdomain"
-
-let hostname_perform (g : Guestfs.guestfs) root side_effects =
- if Hostname.set_hostname g root !hostname then
- side_effects#created_file ()
-
-let op = {
- defaults with
- name = "hostname";
- enabled_by_default = true;
- heading = s_"Change the hostname of the guest";
-
- pod_description = Some (s_"\
-This operation changes the hostname of the guest to the value
-given in the I<--hostname> parameter.
-
-If the I<--hostname> parameter is not given, then the hostname is changed
-to C<localhost.localdomain>.");
-
- pod_notes = Some (s_"\
-Currently this can only set the hostname on Linux guests.");
-
- extra_args = [
- { extra_argspec = "--hostname", Arg.Set_string hostname, s_"hostname" ^ " " ^ s_"New hostname";
- extra_pod_argval = Some "HOSTNAME";
- extra_pod_description = s_"\
-Change the hostname. If not given, defaults to C<localhost.localdomain>."
- }
- ];
-
- perform_on_filesystems = Some hostname_perform;
-}
-
-let () = register_operation op
diff --git a/sysprep/sysprep_operation_password.ml b/sysprep/sysprep_operation_password.ml
deleted file mode 100644
index ef6221c..0000000
--- a/sysprep/sysprep_operation_password.ml
+++ /dev/null
@@ -1,201 +0,0 @@
-(* virt-sysprep
- * Copyright (C) 2013 Red Hat Inc.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- *)
-
-open Printf
-
-open Sysprep_operation
-open Common_gettext.Gettext
-open Password
-
-module G = Guestfs
-
-let passwords = Hashtbl.create 13
-
-let rec set_root_password arg =
- set_password "root" arg
-
-and set_user_password arg =
- let i =
- try String.index arg ':'
- with Not_found ->
- eprintf (f_"virt-sysprep: password: invalid --password format; see the man page.\n");
- exit 1 in
- let len = String.length arg in
- set_password (String.sub arg 0 i) (String.sub arg (i+1) (len-(i+1)))
-
-and set_password user arg =
- let pw = parse_selector ~prog arg in
-
- if Hashtbl.mem passwords user then (
- eprintf (f_"virt-sysprep: password: multiple --root-password/--password options set the password for user '%s' twice.\n") user;
- exit 1
- );
-
- Hashtbl.replace passwords user pw
-
-let password_crypto : password_crypto option ref = ref None
-
-let set_password_crypto arg =
- password_crypto := Some (password_crypto_of_string ~prog arg)
-
-let password_perform g root side_effects =
- if Hashtbl.length passwords > 0 then (
- let typ = g#inspect_get_type root in
- match typ with
- | "linux" ->
- let password_crypto = !password_crypto in
- set_linux_passwords ~prog ?password_crypto g root passwords;
- side_effects#created_file ()
- | _ ->
- eprintf (f_"virt-sysprep: cannot set passwords for %s guests.\n") typ;
- exit 1
- )
-
-let op = {
- defaults with
- name = "password";
-
- (* enabled_by_default because we only do anything if the
- * --password or --root-password parameter is used.
- *)
- enabled_by_default = true;
-
- heading = s_"Set root or user password";
- pod_description = Some (s_"\
-Set root or another user's password.
-
-Use the I<--root-password> option to specify a replacement root
-password for the guest. You can only use this option once.
-
-Use the I<--password> option to specify replacement user password(s).
-You can use this option as many times as you want.
-
-Use I<--password-crypto> to change the password encryption used.
-
-See L</OPTIONS> above for details of these options.
-
-This operation is enabled by default, but it only does something
-if there is at least one I<--root-password> or I<--password>
-argument given.");
-
- pod_notes = Some (s_"\
-Currently this only works for glibc-based Linux guests that
-use shadow passwords.");
-
- extra_args = [
- { extra_argspec = "--root-password", Arg.String set_root_password, s_"..." ^ " " ^ s_"set root password (see man page)";
- extra_pod_argval = Some "SELECTOR";
- extra_pod_description = s_"\
-Set the root password. See I<--password> above for the format
-of C<SELECTOR>."
- };
-
- { extra_argspec = "--password", Arg.String set_user_password, s_"..." ^ " " ^ s_"set user password (see man page)";
- extra_pod_argval = Some "USERNAME:SELECTOR";
- extra_pod_description = s_"\
-Set a user password. The user must exist already (this option
-does I<not> create users).
-
-The I<--password> option takes C<USERNAME:SELECTOR>. The
-I<--root-password> option takes just the C<SELECTOR>. The
-format of the C<SELECTOR> is described below:
-
-=over 4
-
-=item B<--password USERNAME:file:FILENAME>
-
-=item B<--root-password file:FILENAME>
-
-Read the password from C<FILENAME>. The whole
-first line of this file is the replacement password.
-Any other lines are ignored. You should create the file
-with mode 0600 to ensure no one else can read it.
-
-=item B<--password USERNAME:password:PASSWORD>
-
-=item B<--root-password password:PASSWORD>
-
-Set the password to the literal string C<PASSWORD>.
-
-B<Note: this is not secure> since any user on the same machine
-can see the cleartext password using L<ps(1)>.
-
-=item B<--password USERNAME:random>
-
-=item B<--root-password random>
-
-Choose a random password, which is printed on stdout. The password
-has approximately 120 bits of randomness.
-
-=item B<--password> USERNAME:disabled
-
-=item B<--root-password> disabled
-
-The account password is disabled. This is like putting C<*>
-in the password field.
-
-=item B<--password> USERNAME:locked:file:FILENAME
-
-=item B<--password> USERNAME:locked:password:PASSWORD
-
-=item B<--password> USERNAME:locked:random
-
-=item B<--root-password> locked:file:FILENAME
-
-=item B<--root-password> locked:password:PASSWORD
-
-=item B<--root-password> locked:random
-
-The account is locked, but a password is placed on the
-account. If first unlocked (using C<passwd -u>) then logins will
-use the given password.
-
-=item B<--password> USERNAME:locked
-
-=item B<--password> USERNAME:locked:disabled
-
-=item B<--root-password> locked
-
-=item B<--root-password> locked:disabled
-
-The account is locked I<and> password is disabled.
-
-=back"
- };
-
- { extra_argspec = "--password-crypto", Arg.String set_password_crypto, s_"md5|sha256|sha512" ^ " " ^ s_"set password crypto";
- extra_pod_argval = Some "md5|sha256|sha512";
- extra_pod_description = s_"\
-Set the password encryption to C<md5>, C<sha256> or C<sha512>.
-
-C<sha256> and C<sha512> require glibc E<ge> 2.7
-(check L<crypt(3)> inside the guest).
-
-C<md5> will work with relatively old Linux guests (eg. RHEL 3), but
-is not secure against modern attacks.
-
-The default is C<sha512> unless libguestfs detects an old guest
-that didn't have support for SHA-512, in which case it will use C<md5>.
-You can override libguestfs by specifying this option."
- }
- ];
-
- perform_on_filesystems = Some password_perform;
-}
-
-let () = register_operation op
diff --git a/sysprep/sysprep_operation_timezone.ml b/sysprep/sysprep_operation_timezone.ml
deleted file mode 100644
index 47ec384..0000000
--- a/sysprep/sysprep_operation_timezone.ml
+++ /dev/null
@@ -1,67 +0,0 @@
-(* virt-sysprep
- * Copyright (C) 2014 Red Hat Inc.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- *)
-
-open Printf
-
-open Common_utils
-open Sysprep_operation
-open Common_gettext.Gettext
-
-module G = Guestfs
-
-let timezone = ref None
-
-let timezone_perform (g : Guestfs.guestfs) root side_effects =
- match !timezone with
- | None -> ()
- | Some tz ->
- if Timezone.set_timezone ~prog g root tz then
- side_effects#created_file ()
-
-let op = {
- defaults with
- name = "timezone";
- enabled_by_default = true;
- heading = s_"Change the default timezone of the guest";
-
- pod_description = Some (s_"\
-This operation changes the default timezone of the guest to the value
-given in the I<--timezone> parameter.
-
-If the I<--timezone> parameter is not given, then the timezone is not
-changed.
-
-This parameter affects the default timezone that users see when they log
-in, but they can still change their timezone per-user account.");
-
- pod_notes = Some (s_"\
-Currently this can only set the timezone on Linux guests.");
-
- extra_args = [
- let set_timezone str = timezone := Some str in
- { extra_argspec = "--timezone", Arg.String set_timezone, s_"timezone" ^ " " ^ s_"New timezone";
- extra_pod_argval = Some "TIMEZONE";
- extra_pod_description = s_"\
-Change the timezone. Use a location string such as C<Europe/London>"
- }
- ];
-
- perform_on_filesystems = Some timezone_perform;
-}
-
-let () = register_operation op
diff --git a/sysprep/test-virt-sysprep-passwords.sh b/sysprep/test-virt-sysprep-passwords.sh
index 488187c..d56758a 100755
--- a/sysprep/test-virt-sysprep-passwords.sh
+++ b/sysprep/test-virt-sysprep-passwords.sh
@@ -59,7 +59,7 @@ echo 123456 > password
./virt-sysprep \
-a passwords.qcow2 \
- --enable password \
+ --enable customize \
--password test01:password:123456 \
--password test02:password:123456:7890 \
--password test03:file:./password \
diff --git a/sysprep/virt-sysprep.pod b/sysprep/virt-sysprep.pod
index 1eaecef..f3c18a6 100644
--- a/sysprep/virt-sysprep.pod
+++ b/sysprep/virt-sysprep.pod
@@ -134,10 +134,10 @@ operations, while the meta-names C<defaults> and C<all> represent
respectively the operations enabled by default and all the available ones.
For example:
- --operations delete,defaults,-hostname
+ --operations firewall-rules,defaults,-tmp-files
-would enable the C<delete> operation (regardless whether it is enabled by
-default), all the default ones, and disable the C<hostname> operation.
+would enable the C<firewall-rules> operation (regardless whether it is enabled by
+default), all the default ones, and disable the C<tmp-files> operation.
I<--operations> can be specified multiple times; the first time the set
of enabled operations is empty, while any further I<--operations> affects
@@ -502,19 +502,19 @@ content in directory entries and inodes.
I<(This section applies to Linux guests only)>
-The virt-sysprep C<random-seed> operation writes a few bytes of
-randomness from the host into the guest's random seed file.
+For supported guests, virt-sysprep writes a few bytes of randomness
+from the host into the guest's random seed file.
If this is just done once and the guest is cloned from the same
template, then each guest will start with the same entropy, and things
like SSH host keys and TCP sequence numbers may be predictable.
Therefore you should arrange to add more randomness I<after> cloning
-from a template too, which can be done by just enabling the
-C<random-seed> operation:
+from a template too, which can be done by enabling just the customize
+module:
cp template.img newguest.img
- virt-sysprep --enable random-seed -a newguest.img
+ virt-sysprep --enable customize -a newguest.img
=head2 SELINUX RELABELLING
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-libvirt/libguestfs.git
More information about the Pkg-libvirt-commits
mailing list