Bug 236090

Summary: ENHANCEMENT: Allow fence_egenera to specify ssh login name
Product: [Retired] Red Hat Cluster Suite Reporter: Neal Pitts <npitts>
Component: fenceAssignee: Jim Parsons <jparsons>
Status: CLOSED DUPLICATE QA Contact: Cluster QE <mspqa-list>
Severity: medium Docs Contact:
Priority: medium    
Version: 4CC: casmith, cluster-maint, dpoler, mstadtle
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-02-20 21:15:51 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Neal Pitts 2007-04-11 21:41:43 UTC 
Description of problem:
ENHANCEMENT: Allow fence_egenera to specify ssh login name.  Currently, it only
logs into the cBlade for a fencing operation as the user that ran the script,
and practically speaking, that is always the root user.

Version-Release number of selected component (if applicable):
4

How reproducible:
N/A

Steps to Reproduce:
1.N/A
2.N/A
3.N/A
  
Actual results:
N/A

Expected results:
N/A

Additional info:
The current fence_egenera script logs into the cBlade as root for a fencing
operation.  This is preventing a security-conscious client from deploying GFS
clusters in their DMZ environment.  Doing SCSI-3 PR in this environment is not
yet a viable option.
Comment 1 Neal Pitts 2007-04-11 21:45:30 UTC 
Preferably, the default user name for this enhancement would be 'fence', or
something similar.  This may or may not cause package update issues.  On the
BladeFrame, user 'fence' would have to have rights to the LPAN(s) containing the
servers (and corresponding blades) it needs to be able to fence.  This note
would have to be added to the documentation for fence_egenera.
Comment 2 Neal Pitts 2008-02-20 21:15:51 UTC 

*** This bug has been marked as a duplicate of 349381 ***