[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Really really small xen0
On Mon, Nov 08, 2004 at 09:51:12AM -0500, Barry Silverman wrote: > I was wondering if anyone has made a really minimal xen0 image. By this > I mean an image that doesn't have much more than the kernel (f/e and b/e > drivers linked in), and run from a crom or squashfs filesystem, and a > minimal set of tools running in a busybox-like init process. I've had good luck with similar projects using the uClibc buildroot kit, which is intended for making tiny root filesystems for embedded systems but also works with x86 PC systems. There's not much documentation for it but see the CVSweb at <http://www.uclibc.org/cgi-bin/cvsweb/buildroot/> to see what it comes with. It can make an initrd that will boot with exactly the software you want to run and a tmpfs for /tmp, /var and so on, but no changes to the filesystem can be saved. It comes with build scripts for Python and bridge-utils, but you'd have to add Twisted and the XEN tools. I secure my dom0 by only making it accessible over the console/serial port and not even giving it an IP address (except on the loopback IF). It acts as a layer-2 bridge only. This is still vulnerable to security bugs in the hypervisor and VBD/VIF data paths, of course, but it's much better than the typical config. -Nathan Attachment:
pgpAsEqJ9wlL5.pgp
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |