unionfs and readonly image

[L. Bernardi]

Hello,

I was wondering if there is a possibility to have two virtual machines running on the same virtual disk, with one having full access and the other one using the image readonly with a unionfs to get the changes without changing the actual image.

The problem I'm trying to address is to allow root access to a machine only to users that they can investigate what is going on without having real root access to the machine. Maybe my approach is wrong because the machine using the readonly disk will run with a different IP address and thus everything might break so if you have other suggestion they are welcome as well.

Sincerely

L.

 

[dcsapak]

why do you want to give them root access without them being able to write to the disk? what is the purpose of this?
if you just want to discard the changes, just clone a vm and delete it after use

afaik there is no possible (good) way to share a disk between two (powered on) vms, how should this even work?
you can share the disk via a network service (e.g. nfs, samba, ...) and mount it read only on another vm, but i don't know if this is what you want?

 

[L. Bernardi]

Thanks for the answer.

Some of my users want to be able to track problems on the computer on their own to see logs perfrom dumps and so on. I would like not to give them full access on the main server. But I agree that is more a human problem than a technical one.

I was also wondering if it is possible to mount twice the hard disk on the same machine. One being only readonly but this might be overkill and it would be probably better to use mount --bind.

L.

 

[tschanness]

Hi,
you could maybe mount the image in a extra folder as R/O and use "chroot".

Regards,
Jonas

 

[L. Bernardi]

Good idea I didn't think of chroot but it is far easier to use. It also seems I can use it with unionfs.

Thanks a lot.

L.