[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Ovirt-devel] [PATCH node] The node now passes in the mac address and iface names during identify.



Daniel P. Berrange wrote:
On Tue, Sep 23, 2008 at 01:18:30PM +0100, Daniel P. Berrange wrote:
On Fri, Sep 19, 2008 at 04:35:37PM -0400, Darryl L. Pierce wrote:
@@ -31,12 +36,19 @@ configure_from_network() {
                 if [ -n "$SRV_HOST" -a -n "$SRV_PORT" ]; then
                     printf .
                     cfgdb=$(mktemp)
+                    get_mac_addresses
                     wget -q -O $cfgdb \
-                      "http://$SRV_HOST:$SRV_PORT/ovirt/cfgdb/$(hostname)"
+                      "http://$SRV_HOST:$SRV_PORT/ovirt/managed_node/config?host=$(hostname)&macs=$macs"
                     if [ $? -eq 0 ]; then
                         printf .
-                        echo "save" >> $cfgdb
-                        augtool < $cfgdb > /dev/null 2>&1
+                        bash $cfgdb
NACK. We cannot download & execute arbitrary shell scripts. It blows a hole in the security of the node host OS. If there are shell scripts needed they must be built into the node image, and merely the configuration
data to be fed to them should be downloaded.

That said, even the original code was kinda suspect - downloading an entire augtool control file basically allows any change whatsoever to be made.
Really we should download data such as the interface name, and config
options, and then use a local pre-existing script to make the changes
and/or call augtool - ie the augtool rules should already be on the
managed node, with placeholders where you fit in the validated config
parameters.

Agreed. Furthermore, we really should be using messaging for all of this. The only thing that -can't- use messaging will be the retrieval of the keytab if that is allowed in your environment. (Since the keytab will be necessary for enabling secure messaging whenever that becomes available)

But once messaging is in, we should have a call that the Node can send the Server to ask for its configuration information and the response should be something that a Node based program/script can parse to create an augtool file that we then execute augtool on.

Since this doesn't make it any worse (i.e. we've always downloaded augtool files via wget up until now) I say we let this in as it will enable us to develop the UI for multiple NICs. Once messaging is integrated we switch to using that as the transport for these queries as well as switching to not sending a whole augtool file over the messaging protocol.

That sound reasonable?

Perry


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]