|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [Xen-devel] Generic PV Guests on XCP?
On Mon, 2010-03-29 at 19:21 +0100, Phil Winterfield (winterfi) wrote: > Ian- > > I have taken your advice and created a generic template using > vm-create, but for some reason it doesnât like the kernel path, even > though it is clearly accessible - see below. Any ideas? Some security stuff got added to xapi recently which requires that the guest kernel and ramdisk be under "/boot/guest/". I'm not really sure why -- I think it's because with RBAC non root users with the VM admin role can set PV-kernel/PV-initrd/etc (imagine setting PV-initrd to /etc/shadow) but I'm not sure why restricting to just /boot wasn't sufficiently secure. If you move (or symlink) your stuff to /boot/guest and use /boot/guest/ios/i86bi_etcetc I think things should work. Ian. > > Phil > > > [root@xenserver-wvgdltag ~]# xe vm-create name-label=IOSonXen > name-description="Paravirtualized IOS on Xen" > 5c56afe3-a729-bcaa-a543-d87987167a3d > [root@xenserver-wvgdltag ~]# xe vm-param-set > uuid=5c56afe3-a729-bcaa-a543-d87987167a3d \ > > PV-kernel='/boot/ios/i86bi_xen-ipbase-ms' \ > > PV-args= \ > > PV-bootloader= \ > > PV-bootloader-args= \ > > memory-static-min=2048 \ > > VCPUs-at-startup=1 \ > > other-config:pause=1 \ > > other-config:disable_pv_vnc=1 > [root@xenserver-wvgdltag ~]# xe vm-start > uuid=5c56afe3-a729-bcaa-a543-d87987167a3d > Caller not allowed to perform this operation. > message: illegal kernel path /boot/ios/i86bi_xen-ipbase-ms > [root@xenserver-wvgdltag ~]# ls -l /boot/ios/i86bi_xen-ipbase-ms > -rwxr-xr-x 1 root root 61649099 Mar 23 13:37 /boot/ios/i86bi_xen-ipbase-ms > [root@xenserver-wvgdltag ~]# > _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |