Guest Tools on FreeBSD



  • The documentation for Guest Tools says "The install.sh script doesn't support those systems, but there are ways to install the management agent anyway."

    I'd be happy to contribute 2 things:

    1. docs that cover how to install on FreeBSD (it's like one command)
    2. a bit of shell script that detects FreeBSD and does the right FreeBSD-specific command to install the tools via the internet

    Also, if you wanted to, you could probably pull in the binaries for FreeBSD's xe-guest-utilities and put them on the ISO. They're not big and they don't have dependencies.

    Anyways, I can't find the source for install.sh so that I could write that bit of code. Which repo has the install.sh that goes into the guest tools ISO?


  • XCP-ng Team

    for 1., please do. There's a "Help us to improve this page!" link at the bottom of the doc that will allow you to contribute it easily.

    About 2., rather than automatically downloading from the internet, which can fail for various reasons, I'd simply have ./install.sh output instructions to the user. The code is available there: https://github.com/xcp-ng/xe-guest-utilities/tree/master/mk


  • XCP-ng Team

    For us adding binaries, I'd need to be sure that they work for any version of FreeBSD and to have them built by ourselves. I'm not against it but since they are already in their repositories, I think installation instructions will be enough for now.



  • @stormi I had already forked, branched, and edited by the time I saw the shortcut. So it's here.

    I'm not sure I understand why the code has to be compiled by the xcp-ng team, since that makes a pretty insurmountable hurdle. I can certainly walk someone through the process of doing that, and it can even be automated, but that's a lot of effort.

    At the end of the day, when somone executes pkg install xe-guest-utilities they reach out to the official FreeBSD server and pull down a binary from there. So the security threat/impact of xcp-ng doing that is identical to the threat/impact of them doing that themselves.

    There are ways to check the authenticity of the binary package rather than building it from source. That would let a Linux host fetch the file and verify it, rather than running enough FreeBSD hosts and automation to build two packages from source.


  • XCP-ng Team

    Well, I'm not sure that I want to build the packages myself, but adding blobs from elsewhere to the ISO isn't very appealing to me either, and doesn't bring much to the users. I think relying on the online repositories is better here.



  • @stormi I understand. The change to the install.sh that I want to make is basically to detect FreeBSD and run the pkg install commands.


  • XCP-ng Team

    @paco I'm ok with that if the script displays precisely what it is about to do before the user accepts.



  • @stormi It does. I put the screen shots of what it looks like when you run it in the pull request.


Log in to reply
 

XCP-ng Pro Support

XCP-ng Pro Support