Hi all,
I am using fence-virt.
I want to check permission also by 'status' fencing action.
[root@x3650f ~]# cat /etc/fence_virt.conf
----
(snip)
groups {
group {
uuid = "srv-a1";
uuid = "srv-a2";
uuid = "621d8c61-1070-7aab-6158-3889d68470ab";
uuid = "4f0ed127-c8a3-4085-a0d0-a93231924202";
}
group {
uuid = "srv-b1";
uuid = "srv-b2";
uuid = "d55103a7-eea7-ad9e-3ee9-8aa660afbe8d";
uuid = "7243da51-2bda-413e-f172-4ed8cfee4297";
}
----
* 'off' operation :
[root@srv-a1 ~]# fence_virt -D/dev/ttyS1 -ooff -Hsrv-b1
Permission denied
[root@srv-a1 ~]# echo $?
3
[root@srv-a1 ~]#
This is good. It is an expected result.
* 'status' operation :
[root@srv-a1 ~]# fence_virt -D/dev/ttyS1 -ostatus -Hsrv-b1
[root@srv-a1 ~]# echo $?
0
[root@srv-a1 ~]#
It is an unexpected result. I expect a return value 3.
If 'off' is permission denied, I think that the result of 'status'
should be the same.
I want to check permission beforehand by 'status' whether I become
permission denied in fencing action (off,on,[reboot]).
Regards,
Kazunori INOUE
diff -urN fence-virt-53a2b29/server/mcast.c mod/server/mcast.c
--- fence-virt-53a2b29/server/mcast.c 2011-08-11 09:53:47.000000000 +0900
+++ mod/server/mcast.c 2011-09-12 11:19:17.000000000 +0900
@@ -293,6 +293,11 @@
req->seqno, info->priv);
break;
case FENCE_STATUS:
+ if (map_check(info->map, ip_addr_src,
+ (const char *)req->domain) == 0) {
+ response = RESP_PERM;
+ break;
+ }
response = info->cb->status((char *)req->domain, info->priv);
break;
case FENCE_DEVSTATUS:
diff -urN fence-virt-53a2b29/server/serial.c mod/server/serial.c
--- fence-virt-53a2b29/server/serial.c 2011-08-11 09:53:47.000000000 +0900
+++ mod/server/serial.c 2011-09-12 11:19:09.000000000 +0900
@@ -211,6 +211,11 @@
req->seqno, info->priv);
break;
case FENCE_STATUS:
+ if (map_check(info->maps, src,
+ (const char *)req->domain) == 0) {
+ response = RESP_PERM;
+ break;
+ }
response = info->cb->status((char *)req->domain, info->priv);
break;
case FENCE_DEVSTATUS:
