Hi Mahmoud Yes by all means set the root password in mysql. The scripts use the apache and no user accounts. Apache for write access, and no user for select only.
You should only have dhcp on the provisioned networks. The script that generates the dhcpd.conf is in /opt/kusu/lib/plugins/genconfig/dhcpd.py The query it uses should exclude those where network.type is not 'provisioned'. Try running: # sqlrunner -q 'select netid,network,type from networks' One (or more) should be public, and on these there should be no DHCP. Is this an install from a yum repository? Mark -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Mahmoud Hanafi Sent: Thursday, February 28, 2008 2:03 PM To: Users of Kusu Subject: [Kusu-users] Security Question 1. I notice that user "root" does not have a password set in mysql. I assume if I set this it will break most of the scripts? Is this supported? 2. Not wanting dhcpd on the public network. By default kusu sets up a dhpc for both cluster and public networks. Is there config option to not allow dhpcd on the public network? (this would include having multiple public interfaces) (I could block bootp with iptables but it would be cleaner not to have dhpc on the public interface) Thanks, Mahmoud Hanafi Sr. System Administrator CSC HPC COE Bld. 676 2435 Fifth Street WPAFB, Ohio 45433 (937) 255-1536 Computer Sciences Corporation Registered Office: 2100 East Grand Avenue, El Segundo California 90245, USA Registered in USA No: C-489-59 ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- This is a PRIVATE message. If you are not the intended recipient, please delete without copying and kindly advise us by e-mail of the mistake in delivery. NOTE: Regardless of content, this e-mail shall not operate to bind CSC to any order or other contract unless pursuant to explicit written agreement or government initiative expressly permitting the use of e-mail for such purpose. ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- _______________________________________________ Kusu-users mailing list [email protected] http://mail.osgdc.org/mailman/listinfo/kusu-users _______________________________________________ Kusu-users mailing list [email protected] http://mail.osgdc.org/mailman/listinfo/kusu-users
