diff options
| author | Kotresh HR <khiremat@redhat.com> | 2015-10-29 09:30:15 +0000 |
|---|---|---|
| committer | Jeff Darcy <jdarcy@redhat.com> | 2015-11-09 05:26:39 -0800 |
| commit | 6e036c758add503a170cc3134e95fea3e78e89cb (patch) | |
| tree | a66fcd07f199d35008e5d34eca39a7f5fa487eb2 | |
| parent | 2794cb71b96c44033dcd01102039c038956cf7b5 (diff) | |
geo-rep: Make restrictive ssh keys optional
In containerized environment where networking
configuration is "net=host", both host and
containers use the same IP. The validations
gsyncd shell and rsync to be the siblings
fails. Hence, for now, creating restrictive
ssh keys is made optional as follows.
If the argument 'container' is passed, it
will create non restrictive ssh keys else
restrictive ssh keys.
e.g.,
gluster system:: execute gsec_create container
Creates non restrictive ssh keys.
gluster system:: execute gsec_create
Creates restrictive ssh keys.
Change-Id: Ibed362f64b9b4c9931207f863a2da944c6bd1d66
BUG: 1276028
Signed-off-by: Kotresh HR <khiremat@redhat.com>
Reviewed-on: http://review.gluster.org/12459
Tested-by: NetBSD Build System <jenkins@build.gluster.org>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Aravinda VK <avishwan@redhat.com>
| -rwxr-xr-x | geo-replication/src/peer_gsec_create.in | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/geo-replication/src/peer_gsec_create.in b/geo-replication/src/peer_gsec_create.in index 9cadce56453..97c4333d69c 100755 --- a/geo-replication/src/peer_gsec_create.in +++ b/geo-replication/src/peer_gsec_create.in @@ -13,6 +13,11 @@ if [ ! -f "$GLUSTERD_WORKDIR"/geo-replication/tar_ssh.pem.pub ]; then ssh-keygen -N '' -f "$GLUSTERD_WORKDIR"/geo-replication/tar_ssh.pem > /dev/null fi -output1=`echo command=\"${exec_prefix}/libexec/glusterfs/gsyncd\" " "``cat "$GLUSTERD_WORKDIR"/geo-replication/secret.pem.pub` -output2=`echo command=\"tar \$\{SSH_ORIGINAL_COMMAND#* \}\" " "``cat "$GLUSTERD_WORKDIR"/geo-replication/tar_ssh.pem.pub` +if [ "Xcontainer" = "X$1" ]; then + output1=`cat "$GLUSTERD_WORKDIR"/geo-replication/secret.pem.pub` + output2=`cat "$GLUSTERD_WORKDIR"/geo-replication/tar_ssh.pem.pub` +else + output1=`echo command=\"${exec_prefix}/libexec/glusterfs/gsyncd\" " "``cat "$GLUSTERD_WORKDIR"/geo-replication/secret.pem.pub` + output2=`echo command=\"tar \$\{SSH_ORIGINAL_COMMAND#* \}\" " "``cat "$GLUSTERD_WORKDIR"/geo-replication/tar_ssh.pem.pub` +fi echo -e "$output1\n$output2" |