Lars Marowsky-Bree wrote:
> On 2007-02-22T20:30:10, Alan Robertson <[EMAIL PROTECTED]> wrote:
>
>>> Of course, that'd effectively mean needing to lock everything into
>>> memory, which is clearly infeasible and there's more work here to fix
>>> the theoretical deadlock issue.
>>>
>>> But, with the same argument, stonithd, which is not more timing critical
>>> than the LRM, probably shouldn't be using this then.
>> Stonithd is clearly in the execution path for rebooting. The operation
>> for rebooting a node does NOT go through the LRM.
>
> Uhm. Everybody who _tells_ stonithd to perform a reboot is not in the
> protected part of the stack, so it's not really useful to have stonithd
> in there.
Not in the current architecture, no.
Stonithd already has to run as root for other reasons. So, it's not a
new security hole to make it run as root and perform this.
--
Alan Robertson <[EMAIL PROTECTED]>
"Openness is the foundation and preservative of friendship... Let me
claim from you at all times your undisguised opinions." - William
Wilberforce
_______________________________________________________
Linux-HA-Dev: [email protected]
http://lists.linux-ha.org/mailman/listinfo/linux-ha-dev
Home Page: http://linux-ha.org/
