From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-10625.protonmail.ch (mail-10625.protonmail.ch [79.135.106.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CB41A33F6 for ; Thu, 10 Apr 2025 04:59:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=79.135.106.25 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744261157; cv=none; b=b5o0j97Lv4N0ujvyFgsN5pa4VN+naPC/RtuvCqBXHELXR4kc4gDfVJPb36fGy0c4nrBHxHJO8k0zyiOt/jyELmVrHvhR70BgHV+F9vClBnZTiEBY+fkVDB8N4iI+A/RSLg0Fz4AqGlt6BG2lbCVC/DTBbXAOl5nfgWTTg1ib0YQ= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1744261157; c=relaxed/simple; bh=E+peucUe/SaOEYdMsaAaXkxXpHEMGh88xUa4Xz+SxE4=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=sC5e9NIaYo+r4FErxxyPKCOegc7z5NoKZJoBQrTozRYQZx2GsdQsEBEw+bo8ZzE5Rs84fgDstyhwWhIwY4g7djPf14w7KFYIgFlkFzYIw+7oebMI7B35Oz0jXNIr9Tb400waa31XaBXpJ32keV9vRJPqtBwrSZEVvxEc7RaIqMk= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=metaspace.dk; spf=pass smtp.mailfrom=metaspace.dk; dkim=pass (2048-bit key) header.d=metaspace.dk header.i=@metaspace.dk header.b=M54hPOla; arc=none smtp.client-ip=79.135.106.25 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=metaspace.dk Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=metaspace.dk Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=metaspace.dk header.i=@metaspace.dk header.b="M54hPOla" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=metaspace.dk; s=protonmail2; t=1744261145; x=1744520345; bh=E+peucUe/SaOEYdMsaAaXkxXpHEMGh88xUa4Xz+SxE4=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector:List-Unsubscribe:List-Unsubscribe-Post; b=M54hPOlavV0EgPWNKuhMzmczPcgViCRtJfNT9mjR88V/V00LzMpKyAbHy/+PjM6wW CJuks58mTZmOyi5SA53IB6UJcSCTKeVRRpbRKu1eh0tDlHfTyzVC4wHunAZEB8WaQ+ ag2cIoF4KkbUHAfz/bA2vvwvtXlmp/146YUDp5Suz0fpwcMEwD118YWA9nFWo/5fYP ME+tkN02oIr6/wbI3hS5i54qnkoJRFLUXA1eZi3F8MsfgyAD1QcODb56hHP83WgAMC OX49lAJhBfkbUMArkMHmj/ThJxxOkVyNhGNoibrC/bxTyS8kxULbMKUN9+3bMAx1/9 Gur1BcoqajiLQ== Date: Thu, 10 Apr 2025 04:58:59 +0000 To: Luis Chamberlain From: Andreas Hindborg Cc: Chuck Lever , kdevops@lists.linux.dev Subject: Re: guestfs storage paths are confusing Message-ID: <87h62wboj8.fsf@metaspace.dk> In-Reply-To: References: <7adea286-8981-46cd-9751-a7add11d9e85@oracle.com> Feedback-ID: 113830118:user:proton X-Pm-Message-ID: 7a7bd1c79badd8c101070daf7fed83c68e0214b5 Precedence: bulk X-Mailing-List: kdevops@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable "Luis Chamberlain" writes: > On Wed, Apr 09, 2025 at 10:55:58AM -0400, Chuck Lever wrote: >> One complaint about kdevops I sometimes hear is the requirement for >> frequent root access on the control host. kdevops is better off reducing >> its privilege footprint, IMHO. > > I agree, I think at this point it its clear that although kdevops has > ways to help with a first bringup, that just scares a larger crowd. And > we can simplify our code if we completley move all those requirements > to an *optional* installation phase, done only once. The real question is, why does kdevops even need root? If you can rely on user space networking with slirp, nothing in the process of spinning up a VM should require root privileges. If the user has access to kvm, which is common these days. Best regards, Andreas Hindborg