Hi Jan, 16.07.2014 17:18, Jan Friesse wrote: > Vladislav, > again, nice idea, but. I would rather see use of CLI option + comments > inside.
I thought about that, but decided to go the same way corosync_overview(8) describes. Otherwise I'd need to patch main.c for consistency and thus possibly change functionality someone already uses. > > > Vladislav Bogdanov napsal(a): >> Signed-off-by: Vladislav Bogdanov <[email protected]> >> --- >> man/corosync-keygen.8 | 27 +++++++++++++++++++-------- >> tools/corosync-keygen.c | 38 ++++++++++++++++++++++---------------- >> 2 files changed, 41 insertions(+), 24 deletions(-) >> >> diff --git a/man/corosync-keygen.8 b/man/corosync-keygen.8 >> index 5dc3f45..71ca40e 100644 >> --- a/man/corosync-keygen.8 >> +++ b/man/corosync-keygen.8 >> @@ -39,26 +39,22 @@ corosync-keygen \- Generate an authentication key for >> Corosync. >> .SH DESCRIPTION >> >> If you want to configure corosync to use cryptographic techniques to ensure >> authenticity >> -.br >> and privacy of the messages, you will need to generate a private key. >> .PP >> .B corosync-keygen >> -creates this key and writes it to /etc/corosync/authkey. >> +creates this key and writes it to /etc/corosync/authkey or to file >> specified by >> +COROSYNC_TOTEM_AUTHKEY_FILE environment variable. >> .PP >> This private key must be copied to every processor in the cluster. If the >> -.br >> private key isn't the same for every node, those nodes with nonmatching >> private >> -.br >> keys will not be able to join the same configuration. >> .PP >> Copy the key to some security transportable storage or use ssh to transmit >> the >> -.br >> key from node to node. Then install the key with the command: >> .PP >> unix#: install -D --group=0 --owner=0 --mode=0400 /path_to_authkey/authkey >> /etc/corosync/authkey >> .PP >> If a message "Invalid digest" appears from the corosync executive, the keys >> -.br >> are not consistent between processors. >> .PP >> .B Note: corosync-keygen >> @@ -67,13 +63,21 @@ will ask for user input to assist in generating entropy >> unless the -l option is >> .TP >> .B -l >> Use a less secure random data source that will not require user input to >> help generate >> +entropy. This may be useful when this utility is used from a script or >> hardware random number >> +generator is not available (f.e. in virtual machine). >> +.SH ENVIRONMENT VARIABLES >> +.TP >> +COROSYNC_TOTEM_AUTHKEY_FILE >> +This specifies the fully qualified path to the shared key to create. >> .br >> -entropy. This may be useful when this utility is used from a script. >> + >> +The default is /etc/corosync/authkey. >> + >> .SH EXAMPLES >> .TP >> Generate the key. >> .PP >> -$ corosync-keygen >> +# corosync-keygen >> .br >> Corosync Cluster Engine Authentication key generator. >> .br >> @@ -81,6 +85,13 @@ Gathering 1024 bits for key from /dev/random. >> .br >> Press keys on your keyboard to generate entropy. >> .br >> +.PP >> +$ COROSYNC_TOTEM_AUTHKEY_FILE=/tmp/authkey corosync-keygen -l >> +.br >> +Corosync Cluster Engine Authentication key generator. >> +.br >> +Writing corosync key to /tmp/authkey. >> +.br >> .SH SEE ALSO >> .BR corosync_overview (8), >> .BR corosync.conf (5), >> diff --git a/tools/corosync-keygen.c b/tools/corosync-keygen.c >> index 71ea9d8..519e8d9 100644 >> --- a/tools/corosync-keygen.c >> +++ b/tools/corosync-keygen.c >> @@ -40,14 +40,13 @@ >> #include <unistd.h> >> #include <fcntl.h> >> #include <errno.h> >> +#include <string.h> >> #include <getopt.h> >> #include <sys/types.h> >> #include <sys/stat.h> >> >> #include <netinet/in.h> >> >> -#define KEYFILE COROSYSCONFDIR "/authkey" >> - >> static const char usage[] = >> "Usage: corosync-keygen [-l]\n" >> " -l / --less-secure - Use a less secure random number source\n" >> @@ -60,6 +59,7 @@ int main (int argc, char *argv[]) >> { >> int authkey_fd; >> int random_fd; >> + const char *keyfile = getenv("COROSYNC_TOTEM_AUTHKEY_FILE"); >> unsigned char key[128]; >> ssize_t res; >> ssize_t bytes_read; >> @@ -89,14 +89,18 @@ int main (int argc, char *argv[]) >> } >> >> printf ("Corosync Cluster Engine Authentication key generator.\n"); >> - if (geteuid() != 0) { >> + if (geteuid() != 0 && !keyfile) { >> printf ("Error: Authorization key must be generated as root >> user.\n"); >> exit (errno); >> } >> - if (mkdir (COROSYSCONFDIR, 0700)) { >> - if (errno != EEXIST) { >> - perror ("Failed to create directory: " COROSYSCONFDIR); >> - exit (errno); >> + >> + if (!keyfile) { >> + keyfile = COROSYSCONFDIR "/authkey"; >> + if (mkdir (COROSYSCONFDIR, 0700)) { >> + if (errno != EEXIST) { >> + perror ("Failed to create directory: " >> COROSYSCONFDIR); >> + exit (errno); >> + } >> } >> } >> >> @@ -134,37 +138,39 @@ retry_read: >> /* >> * Open key >> */ >> - authkey_fd = open (KEYFILE, O_CREAT|O_WRONLY, 600); >> + authkey_fd = open (keyfile, O_CREAT|O_WRONLY, 0600); >> if (authkey_fd == -1) { >> - perror ("Could not create " KEYFILE); >> + fprintf (stderr, "Could not create %s: %s", keyfile, >> strerror(errno)); >> exit (errno); >> } >> /* >> * Set security of authorization key to uid = 0 gid = 0 mode = 0400 >> */ >> - res = fchown (authkey_fd, 0, 0); >> - if (res == -1) { >> - perror ("Could not fchown key to uid 0 and gid 0\n"); >> - exit (errno); >> + if (geteuid() == 0) { >> + res = fchown (authkey_fd, 0, 0); >> + if (res == -1) { >> + perror ("Could not fchown key to uid 0 and gid 0\n"); >> + exit (errno); >> + } >> } >> if (fchmod (authkey_fd, 0400)) { >> perror ("Failed to set key file permissions to 0400\n"); >> exit (errno); >> } >> >> - printf ("Writing corosync key to " KEYFILE ".\n"); >> + printf ("Writing corosync key to %s.\n", keyfile); >> >> /* >> * Write key >> */ >> res = write (authkey_fd, key, sizeof (key)); >> if (res != sizeof (key)) { >> - perror ("Could not write " KEYFILE); >> + fprintf (stderr, "Could not write %s: %s", keyfile, >> strerror(errno)); >> exit (errno); > > Please use err/errx (see errx(3)) instead of fprintf and exit (err does > this in one function, and it's standard). > > Please DO not use errno as return code. Errno (potentially) can be > > 127. Error code > 127 is used when signal arrived (this is not the case > here). > > Regards, > Honza > > >> } >> >> if (close (authkey_fd)) { >> - perror ("Could not write " KEYFILE); >> + fprintf (stderr, "Could not write %s: %s", keyfile, >> strerror(errno)); >> exit (errno); >> } >> >> > _______________________________________________ discuss mailing list [email protected] http://lists.corosync.org/mailman/listinfo/discuss
