Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Cluster Development (http://www.linux-archive.org/cluster-development/)
-   -   add map_check on 'status' action (http://www.linux-archive.org/cluster-development/574917-add-map_check-status-action.html)

Kazunori INOUE 09-13-2011 08:48 AM
add map_check on 'status' action
 
Hi all,

I am using fence-virt.
I want to check permission also by 'status' fencing action.

[root@x3650f ~]# cat /etc/fence_virt.conf
----
(snip)
groups {
group {
uuid = "srv-a1";
uuid = "srv-a2";
uuid = "621d8c61-1070-7aab-6158-3889d68470ab";
uuid = "4f0ed127-c8a3-4085-a0d0-a93231924202";
}
group {
uuid = "srv-b1";
uuid = "srv-b2";
uuid = "d55103a7-eea7-ad9e-3ee9-8aa660afbe8d";
uuid = "7243da51-2bda-413e-f172-4ed8cfee4297";
}
----

* 'off' operation :
[root@srv-a1 ~]# fence_virt -D/dev/ttyS1 -ooff -Hsrv-b1
Permission denied
[root@srv-a1 ~]# echo $?
3
[root@srv-a1 ~]#

This is good. It is an expected result.

* 'status' operation :
[root@srv-a1 ~]# fence_virt -D/dev/ttyS1 -ostatus -Hsrv-b1
[root@srv-a1 ~]# echo $?
0
[root@srv-a1 ~]#

It is an unexpected result. I expect a return value 3.

If 'off' is permission denied, I think that the result of 'status'
should be the same.

I want to check permission beforehand by 'status' whether I become
permission denied in fencing action (off,on,[reboot]).

Regards,
Kazunori INOUE
diff -urN fence-virt-53a2b29/server/mcast.c mod/server/mcast.c
--- fence-virt-53a2b29/server/mcast.c 2011-08-11 09:53:47.000000000 +0900
+++ mod/server/mcast.c 2011-09-12 11:19:17.000000000 +0900
@@ -293,6 +293,11 @@
req->seqno, info->priv);
break;
case FENCE_STATUS:
+ if (map_check(info->map, ip_addr_src,
+ (const char *)req->domain) == 0) {
+ response = RESP_PERM;
+ break;
+ }
response = info->cb->status((char *)req->domain, info->priv);
break;
case FENCE_DEVSTATUS:
diff -urN fence-virt-53a2b29/server/serial.c mod/server/serial.c
--- fence-virt-53a2b29/server/serial.c 2011-08-11 09:53:47.000000000 +0900
+++ mod/server/serial.c 2011-09-12 11:19:09.000000000 +0900
@@ -211,6 +211,11 @@
req->seqno, info->priv);
break;
case FENCE_STATUS:
+ if (map_check(info->maps, src,
+ (const char *)req->domain) == 0) {
+ response = RESP_PERM;
+ break;
+ }
response = info->cb->status((char *)req->domain, info->priv);
break;
case FENCE_DEVSTATUS:

Lon Hohberger 09-19-2011 08:24 PM
add map_check on 'status' action
 
On 09/13/2011 04:48 AM, Kazunori INOUE wrote:

> I want to check permission beforehand by 'status' whether I become
> permission denied in fencing action (off,on,[reboot]).

Merged.

http://fence-virt.git.sourceforge.net/git/gitweb.cgi?p=fence-virt/fence-virt;a=commit;h=b51aab4de90ffde2461367ccb0726a7dc0 dd6e14

-- Lon


All times are GMT. The time now is 06:41 PM.

VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.