[lvm-devel] [PATCH 0/3] Clvmd -E fixes
Zdenek Kabelac
zkabelac at redhat.com
Thu Sep 22 16:06:56 UTC 2011
Dne 22.9.2011 18:00, Milan Broz napsal(a):
>
> On 09/22/2011 11:52 AM, Zdenek Kabelac wrote:
>> Patchset fixed restart of clvmd with -E option.
>>
>> 1st. Adds support for easier restart of clvmd
>> (i.e. -Isinglenode is preserved).
>>
>> 2nd. Bug fixes support of -E arg.
>
> ack these two.
>
> (maybe cluster lock type is on of the attribute we can store
> in udev db? to read it later :-)
>
>
>> 3rd. Allows to build test suite script for checking clvmd restart.
>> (Any better idea here ?)
>
> We need something for testsuite but I would like to avoid any online
> reconfiguration of daemon paths, this is tricky and bug there is
> security problem (clvms -S must not start arbitrary program
> - it run with root privileges.)
Note - setting (LVM_CLVMD_BINARY as was suggest by agk) must be done before
executing the first clvmd.
You can't influence anything by any further clvmd -S call - since this
environment is not passed to the original restarting daemons.
Thus it should not introduce security risk here - as you are working only with
settings you've had with the first start.
(If someone could manipulate root's environment - he could surely replace disc
content as well)
Zdenek
More information about the lvm-devel
mailing list