ASF GitHub Bot commented on CLOUDSTACK-10283:

rhtyd opened a new pull request #2454: CLOUDSTACK-10283: Sudo to setup agent 
keystore, fail on host add failure
URL: https://github.com/apache/cloudstack/pull/2454
   This would make keystore utility scripts being executed as sudoer
   in case the process uid/owner is not root but still a sudoer user.
   Also fails addHost while securing a KVM host and if keystore fails to be
   setup for any reason.
   @blueorangutan package

This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:

> Use sudo to execute keystore setup/import for kvm agents, and fail on 
> keystore setup failures
> ---------------------------------------------------------------------------------------------
>                 Key: CLOUDSTACK-10283
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10283
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>            Reporter: Rohit Yadav
>            Assignee: Rohit Yadav
>            Priority: Major
>             Fix For:,
> Addition of a KVM host creates keystore on the KVM host's 
> /etc/cloudstack/agent path. The current scripts and codebase assumes that it 
> will be the root user which is why the script don't call keytool with 'sudo'. 
> To allow addition of host using a sudo-enabled/admin user, make suitable 
> changes to the script, and also fail the addHost execution if keystore 
> scripts fail (say due to permission issues etc).

This message was sent by Atlassian JIRA

Reply via email to