>>>>> Samuel Thibault <samuel.thiba...@gnu.org> writes:
>>>> * The time and qualification necessary to deploy one or more
>>>> GNU/Linux systems on a single host using User-Mode Linux is (to my
>>>> experience) significantly lower than for the other solutions (KVM,
>>>> Xen)
>>> For Xen I agree. For KVM, I don't. Building a UML image is not
>>> particularly easier than building a KVM image.
>> I've implied using rootstrap to build an image.
> And you can use debootstrap to build a debian image. There is no
> fundamental difference here.
There is: debootstrap only runs privileged.
Essentially, rootstrap is a wrapper that starts debootstrap(8)
under UML, thus providing it with all the necessary privileges.
Also, it does mke2fs(8), prepares interfaces(5) and does a few
more minor tasks along the way. And it's extensible, too.
>>>> * Running User-Mode Linux doesn't imply any privileged user
>>>> intervention (contrary to both KVM and Xen)
>>> KVM doesn't either.
>> Nevertheless, it depends on access to /dev/kvm, which is a
>> privilege.
> Oh, I thought it was given to any user.
There's the `kvm' group in Debian GNU/Linux.
> So they still fear security breaches...
A completely bug-free version of Linux is yet to be released.
[...]
>> However, what bothers me the most, is the use of hardware emulation,
>> leading to:
> That, however, is a valid point yes. That's also one of the reason
> why I prefer running Mach in Xen than in KVM.
Thus, I could conclude that user-mode Mach is ought to bear both
of the advantages:
* runs unprivileged (like KVM);
* doesn't emulate hardware (like Xen.)
With the latter being said, I wonder, wouldn't the changes
necessary to run GNU Mach in user-mode be similar to those
already done to make it suitable for Xen?
