Improve clusterd security #436
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
donald
force-pushed
the
improve-clusterd-security
branch
from
aa75eec
to
5eddb03
Compare
Implement new udp service 'exec.2' which accepts a list of predefined commands to run. Implement new command `clusterd exec CMD...` The new usage is supposed to make `clusterd --exec` and the 'exec' UDP service obsolete. Having all commands which might be issued after file updates available in the same %CMD infrastructure will make the following changes easier and the file shorter, once the obsolete command `clusterd --exec` and the UDP services udp_rx_flush_gidcache, udp_rx_make_automaps, udp_rx_reexport and udp_rx_exec are removed.
Change protocol for `clusterd push`:
- Multiple files can be offered with one command invocation and one
UDP broadcast
- The files are actually transferred by calling back with tcp to the
station which offered the files. This allows the receiving node to
restrict file distribution sources to specific nodes.
- The list of "trusted nodes" is set to `afk` and `wtf`.
- A list of predefined commands can be given in addition to the list of
offered files. The commands are executed after the files are
transferred. This is required, because from the point of view of the
caller of `cluster push`, the process is asynchronous, and so these
commands can not be given with additional `clusterd exec` or
`clusterd --exec` commands.
Expected usage is something like this:
clusterd push /etc/mxpolicy --post mkmotd
After the daemons have updated, callers should be switches to the new
commands and then the old commands should be removed.
Currently restart isn't working, because we removed 'kill' from the options and udp_rx_restart is using it. Just exit instead, the service manage should restart the service.
donald
force-pushed
the
improve-clusterd-security
branch
from
5eddb03
to
adc5996
Compare
Sign in
to join this conversation on GitHub.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add new protocol to allow to transfer files with TCP callbacks, thereby verifying the source hosts.