i'll implement the --force|-f approach tomorrow.

On Dec 4, 2007, at 6:24 PM, Joachim Banzhaf wrote:

Hi Hu,

Am Dienstag 04 Dezember 2007 14:29:35 schrieb Xinwei Hu:
2007/12/4, Lars Marowsky-Bree <[EMAIL PROTECTED]>:
On 2007-12-04T00:20:15, Xinwei Hu <[EMAIL PROTECTED]> wrote:
Hi all,

We have a instance about cibadmin recently. A typo of 'cibadmin -r
blahblah' forces the HA into RO mode without any warning, and the
field engineer almost panic. ;)

I like the direction.

Me too.

The more dangerous commands usually require a --force option on other
tools. (fsck, mkfs, rpm, drbdadm, ...)

The reason that I don't go this way is concerning the portability.
getopt_long is not a POSIX standard AFAIK.

Most, if not all heartbeat commands already take long options. I cannot see
your problem here.

Reading y/n from stdin is not a good approach; the commands might
require the XML to be on stdin.

You are right.
So how about let the process give verbose warning message on dangerous
options and sleep N seconds before proceeding ?

Noo! Please just add a second option (even a short one like in rm - rf). Without the second option, if stdin is a tty, then ask for confirmation else fail (more safe) or go on (more backward compatible). That way, there is no
more SPOF - and that is all I want heartbeat to do for me :-)

Just my 2ct

Joachim

_______________________________________________________
Linux-HA-Dev: [email protected]
http://lists.linux-ha.org/mailman/listinfo/linux-ha-dev
Home Page: http://linux-ha.org/

_______________________________________________________
Linux-HA-Dev: [email protected]
http://lists.linux-ha.org/mailman/listinfo/linux-ha-dev
Home Page: http://linux-ha.org/

Reply via email to