diff options
| author | Kotresh HR <khiremat@redhat.com> | 2015-10-29 09:30:15 +0000 |
|---|---|---|
| committer | Venky Shankar <vshankar@redhat.com> | 2015-11-24 23:17:20 -0800 |
| commit | 1952143a3c9639a00fe5e52e4368ea9f380a0172 (patch) | |
| tree | c93e4bddc2f20f3bb130d12b93ab115c6571d65a /geo-replication | |
| parent | a694e86cd5340fff1143e2ac55ec908d3ef890b3 (diff) | |
geo-rep: Make restrictive ssh keys optional
In containerized environment where networking
configuration is "net=host", both host and
containers use the same IP. The validations
gsyncd shell and rsync to be the siblings
fails. Hence, for now, creating restrictive
ssh keys is made optional as follows.
If the argument 'container' is passed, it
will create non restrictive ssh keys else
restrictive ssh keys.
e.g.,
gluster system:: execute gsec_create container
Creates non restrictive ssh keys.
gluster system:: execute gsec_create
Creates restrictive ssh keys.
Change-Id: Ibed362f64b9b4c9931207f863a2da944c6bd1d66
BUG: 1283060
Signed-off-by: Kotresh HR <khiremat@redhat.com>
Reviewed-on: http://review.gluster.org/12459
Tested-by: NetBSD Build System <jenkins@build.gluster.org>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Aravinda VK <avishwan@redhat.com>
(cherry picked from commit 6e036c758add503a170cc3134e95fea3e78e89cb)
Reviewed-on: http://review.gluster.org/12606
Diffstat (limited to 'geo-replication')
| -rwxr-xr-x | geo-replication/src/peer_gsec_create.in | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/geo-replication/src/peer_gsec_create.in b/geo-replication/src/peer_gsec_create.in index 9cadce56453..97c4333d69c 100755 --- a/geo-replication/src/peer_gsec_create.in +++ b/geo-replication/src/peer_gsec_create.in @@ -13,6 +13,11 @@ if [ ! -f "$GLUSTERD_WORKDIR"/geo-replication/tar_ssh.pem.pub ]; then ssh-keygen -N '' -f "$GLUSTERD_WORKDIR"/geo-replication/tar_ssh.pem > /dev/null fi -output1=`echo command=\"${exec_prefix}/libexec/glusterfs/gsyncd\" " "``cat "$GLUSTERD_WORKDIR"/geo-replication/secret.pem.pub` -output2=`echo command=\"tar \$\{SSH_ORIGINAL_COMMAND#* \}\" " "``cat "$GLUSTERD_WORKDIR"/geo-replication/tar_ssh.pem.pub` +if [ "Xcontainer" = "X$1" ]; then + output1=`cat "$GLUSTERD_WORKDIR"/geo-replication/secret.pem.pub` + output2=`cat "$GLUSTERD_WORKDIR"/geo-replication/tar_ssh.pem.pub` +else + output1=`echo command=\"${exec_prefix}/libexec/glusterfs/gsyncd\" " "``cat "$GLUSTERD_WORKDIR"/geo-replication/secret.pem.pub` + output2=`echo command=\"tar \$\{SSH_ORIGINAL_COMMAND#* \}\" " "``cat "$GLUSTERD_WORKDIR"/geo-replication/tar_ssh.pem.pub` +fi echo -e "$output1\n$output2" |