[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Cluster-devel] [fence-virt PATCH] add map_check on 'status' action



Hi all,

I am using fence-virt.
I want to check permission also by 'status' fencing action.

[root x3650f ~]# cat /etc/fence_virt.conf
  ----
  (snip)
  groups {
      group {
          uuid = "srv-a1";
          uuid = "srv-a2";
          uuid = "621d8c61-1070-7aab-6158-3889d68470ab";
          uuid = "4f0ed127-c8a3-4085-a0d0-a93231924202";
      }
      group {
          uuid = "srv-b1";
          uuid = "srv-b2";
          uuid = "d55103a7-eea7-ad9e-3ee9-8aa660afbe8d";
          uuid = "7243da51-2bda-413e-f172-4ed8cfee4297";
      }
  ----

* 'off' operation :
  [root srv-a1 ~]# fence_virt -D/dev/ttyS1 -ooff -Hsrv-b1
  Permission denied
  [root srv-a1 ~]# echo $?
  3
  [root srv-a1 ~]#

  This is good. It is an expected result.

* 'status' operation :
  [root srv-a1 ~]# fence_virt -D/dev/ttyS1 -ostatus -Hsrv-b1
  [root srv-a1 ~]# echo $?
  0
  [root srv-a1 ~]#

  It is an unexpected result. I expect a return value 3.

If 'off' is permission denied, I think that the result of 'status'
should be the same.

I want to check permission beforehand by 'status' whether I become
permission denied in fencing action (off,on,[reboot]).

Regards,
Kazunori INOUE
diff -urN fence-virt-53a2b29/server/mcast.c mod/server/mcast.c
--- fence-virt-53a2b29/server/mcast.c	2011-08-11 09:53:47.000000000 +0900
+++ mod/server/mcast.c	2011-09-12 11:19:17.000000000 +0900
@@ -293,6 +293,11 @@
 					    req->seqno, info->priv);
 		break;
 	case FENCE_STATUS:
+		if (map_check(info->map, ip_addr_src,
+				     (const char *)req->domain) == 0) {
+			response = RESP_PERM;
+			break;
+		}
 		response = info->cb->status((char *)req->domain, info->priv);
 		break;
 	case FENCE_DEVSTATUS:
diff -urN fence-virt-53a2b29/server/serial.c mod/server/serial.c
--- fence-virt-53a2b29/server/serial.c	2011-08-11 09:53:47.000000000 +0900
+++ mod/server/serial.c	2011-09-12 11:19:09.000000000 +0900
@@ -211,6 +211,11 @@
 					    req->seqno, info->priv);
 		break;
 	case FENCE_STATUS:
+		if (map_check(info->maps, src,
+				     (const char *)req->domain) == 0) {
+			response = RESP_PERM;
+			break;
+		}
 		response = info->cb->status((char *)req->domain, info->priv);
 		break;
 	case FENCE_DEVSTATUS:

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]