On Tue, 2012-02-14 at 11:07 -0500, Simo Sorce wrote: > On Tue, 2012-02-14 at 10:45 -0500, Stephen Gallagher wrote: > > On Mon, 2012-02-13 at 15:42 +0100, Jan Cholasta wrote: > > > Additionally, don't drop the connection when the sss_ssh_knownhostsproxy > > > process receives a signal. > > > > > > https://fedorahosted.org/sssd/ticket/1179 > > > https://fedorahosted.org/sssd/ticket/1184 > > > > Nack. > > > > Writing to the known_hosts file directly is unsafe. Please use mkstemp() > > (with umask set appropriately) to create a new temporary file. Then you > > can rename() the file once it's complete, which is effectively an atomic > > action on the filesystem (existing applications will keep their pointer > > to the old file safely until they close it and reopen the new one). > > make sure you create the temp file in the same directory not in /tmp, > that means mkstemp() is probably not necessary as there is no race in > ~/.ssh
Ok, Jan, Simo and I all had a discussion on IRC and we're going to change this feature quite a bit. Right now, the sss_ssh_knownhostsproxy client pieces will update the users' ~/.ssh/sss_known_hosts file. But it makes more sense that we should have the SSH Responder update the /etc/ssh/sss_known_hosts file globally for the system instead. This will accomplish several things: 1) It eliminates the risk of concurrent clients editing the hosts file because the Responder is serialized 2) It will reduce LDAP lookups in general, since multiple users will not need to look up the same hosts 3) It will reduce the scope of the client libraries to be more consistent with our other sss_client features. I've opened https://fedorahosted.org/sssd/ticket/1193 to track this.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ sssd-devel mailing list [email protected] https://fedorahosted.org/mailman/listinfo/sssd-devel
