[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Ovirt-devel] [PATCH node] The node now passes in the mac address and iface names during identify.



Daniel P. Berrange wrote:
On Tue, Sep 23, 2008 at 12:10:22PM -0400, Perry N. Myers wrote:
Daniel P. Berrange wrote:
On Tue, Sep 23, 2008 at 01:18:30PM +0100, Daniel P. Berrange wrote:
On Fri, Sep 19, 2008 at 04:35:37PM -0400, Darryl L. Pierce wrote:
@@ -31,12 +36,19 @@ configure_from_network() {
                if [ -n "$SRV_HOST" -a -n "$SRV_PORT" ]; then
                    printf .
                    cfgdb=$(mktemp)
+                    get_mac_addresses
                    wget -q -O $cfgdb \
- "http://$SRV_HOST:$SRV_PORT/ovirt/cfgdb/$(hostname)" + "http://$SRV_HOST:$SRV_PORT/ovirt/managed_node/config?host=$(hostname)&macs=$macs"
                    if [ $? -eq 0 ]; then
                        printf .
-                        echo "save" >> $cfgdb
-                        augtool < $cfgdb > /dev/null 2>&1
+                        bash $cfgdb
NACK. We cannot download & execute arbitrary shell scripts. It blows a hole in the security of the node host OS. If there are shell scripts needed they must be built into the node image, and merely the configuration
data to be fed to them should be downloaded.

That said, even the original code was kinda suspect - downloading an entire augtool control file basically allows any change whatsoever to be made.
Really we should download data such as the interface name, and config
options, and then use a local pre-existing script to make the changes
and/or call augtool - ie the augtool rules should already be on the
managed node, with placeholders where you fit in the validated config
parameters.
Agreed. Furthermore, we really should be using messaging for all of this. The only thing that -can't- use messaging will be the retrieval of the keytab if that is allowed in your environment. (Since the keytab will be necessary for enabling secure messaging whenever that becomes available)

But once messaging is in, we should have a call that the Node can send the Server to ask for its configuration information and the response should be something that a Node based program/script can parse to create an augtool file that we then execute augtool on.

Since this doesn't make it any worse (i.e. we've always downloaded augtool files via wget up until now) I say we let this in as it will enable us to develop the UI for multiple NICs. Once messaging is integrated we switch to using that as the transport for these queries as well as switching to not sending a whole augtool file over the messaging protocol.

That sound reasonable?

Messaging isn't going to help us in standalone mode. We need to have any
augtool scripts or bash scripts in the node image, not fetched over
messaging or wget. So we have to fix this to only fetch config settings
regardless of whether we currently use messaging or not.

Agreed. As I said above, lets just get this patch in now since we're no worse off than before and since we're trying to get a release out. But we do need to fix this so that only config parameters are retrieved and not augtool scripts themselves.

That fix can come separately from the messaging integration depending on how timing works out for that.

Perry

--
|=-        Red Hat, Engineering, Emerging Technologies, Boston        -=|
|=-                     Email: pmyers redhat com                      -=|
|=-         Office: +1 412 474 3552   Mobile: +1 703 362 9622         -=|
|=- GnuPG: E65E4F3D 88F9 F1C9 C2F3 1303 01FE 817C C5D2 8B91 E65E 4F3D -=|


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]