[Ovirt-devel] [PATCH node] The node now passes in the mac address and iface names during identify.
Perry N. Myers
pmyers at redhat.com
Tue Sep 23 16:34:32 UTC 2008
Daniel P. Berrange wrote:
> On Tue, Sep 23, 2008 at 12:10:22PM -0400, Perry N. Myers wrote:
>> Daniel P. Berrange wrote:
>>> On Tue, Sep 23, 2008 at 01:18:30PM +0100, Daniel P. Berrange wrote:
>>>> On Fri, Sep 19, 2008 at 04:35:37PM -0400, Darryl L. Pierce wrote:
>>>>> @@ -31,12 +36,19 @@ configure_from_network() {
>>>>> if [ -n "$SRV_HOST" -a -n "$SRV_PORT" ]; then
>>>>> printf .
>>>>> cfgdb=$(mktemp)
>>>>> + get_mac_addresses
>>>>> wget -q -O $cfgdb \
>>>>> -
>>>>> "http://$SRV_HOST:$SRV_PORT/ovirt/cfgdb/$(hostname)"
>>>>> +
>>>>> "http://$SRV_HOST:$SRV_PORT/ovirt/managed_node/config?host=$(hostname)&macs=$macs"
>>>>> if [ $? -eq 0 ]; then
>>>>> printf .
>>>>> - echo "save" >> $cfgdb
>>>>> - augtool < $cfgdb > /dev/null 2>&1
>>>>> + bash $cfgdb
>>>> NACK. We cannot download & execute arbitrary shell scripts. It blows a
>>>> hole in the security of the node host OS. If there are shell scripts
>>>> needed they must be built into the node image, and merely the
>>>> configuration
>>>> data to be fed to them should be downloaded.
>>>>
>>>> That said, even the original code was kinda suspect - downloading an
>>>> entire augtool control file basically allows any change whatsoever
>>>> to be made.
>>>>
>>>> Really we should download data such as the interface name, and config
>>>> options, and then use a local pre-existing script to make the changes
>>>> and/or call augtool - ie the augtool rules should already be on the
>>>> managed node, with placeholders where you fit in the validated config
>>>> parameters.
>> Agreed. Furthermore, we really should be using messaging for all of this.
>> The only thing that -can't- use messaging will be the retrieval of the
>> keytab if that is allowed in your environment. (Since the keytab will be
>> necessary for enabling secure messaging whenever that becomes available)
>>
>> But once messaging is in, we should have a call that the Node can send the
>> Server to ask for its configuration information and the response should be
>> something that a Node based program/script can parse to create an augtool
>> file that we then execute augtool on.
>>
>> Since this doesn't make it any worse (i.e. we've always downloaded augtool
>> files via wget up until now) I say we let this in as it will enable us to
>> develop the UI for multiple NICs. Once messaging is integrated we switch
>> to using that as the transport for these queries as well as switching to
>> not sending a whole augtool file over the messaging protocol.
>>
>> That sound reasonable?
>
> Messaging isn't going to help us in standalone mode. We need to have any
> augtool scripts or bash scripts in the node image, not fetched over
> messaging or wget. So we have to fix this to only fetch config settings
> regardless of whether we currently use messaging or not.
Agreed. As I said above, lets just get this patch in now since we're no
worse off than before and since we're trying to get a release out. But we
do need to fix this so that only config parameters are retrieved and not
augtool scripts themselves.
That fix can come separately from the messaging integration depending on
how timing works out for that.
Perry
--
|=- Red Hat, Engineering, Emerging Technologies, Boston -=|
|=- Email: pmyers at redhat.com -=|
|=- Office: +1 412 474 3552 Mobile: +1 703 362 9622 -=|
|=- GnuPG: E65E4F3D 88F9 F1C9 C2F3 1303 01FE 817C C5D2 8B91 E65E 4F3D -=|
More information about the ovirt-devel
mailing list