Hi Hu, Am Dienstag 04 Dezember 2007 14:29:35 schrieb Xinwei Hu: > 2007/12/4, Lars Marowsky-Bree <[EMAIL PROTECTED]>: > > On 2007-12-04T00:20:15, Xinwei Hu <[EMAIL PROTECTED]> wrote: > > > Hi all, > > > > > > We have a instance about cibadmin recently. A typo of 'cibadmin -r > > > blahblah' forces the HA into RO mode without any warning, and the > > > field engineer almost panic. ;) > > > > I like the direction.
Me too. > > The more dangerous commands usually require a --force option on other > > tools. (fsck, mkfs, rpm, drbdadm, ...) > > The reason that I don't go this way is concerning the portability. > getopt_long is not a POSIX standard AFAIK. Most, if not all heartbeat commands already take long options. I cannot see your problem here. > > Reading y/n from stdin is not a good approach; the commands might > > require the XML to be on stdin. > > You are right. > So how about let the process give verbose warning message on dangerous > options and sleep N seconds before proceeding ? Noo! Please just add a second option (even a short one like in rm -rf). Without the second option, if stdin is a tty, then ask for confirmation else fail (more safe) or go on (more backward compatible). That way, there is no more SPOF - and that is all I want heartbeat to do for me :-) Just my 2ct Joachim _______________________________________________________ Linux-HA-Dev: [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha-dev Home Page: http://linux-ha.org/
