Bug 81288
Summary: | up2date needs a config option to prevent remote reboots | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 4 | Reporter: | Phil D'Amore <damorep> |
Component: | up2date | Assignee: | Adrian Likins <alikins> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Red Hat Satellite QA List <satqe-list> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 4.0 | CC: | cturner, gafton, mihai.ibanescu, pjones, taw |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2003-04-03 18:47:47 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 77359 |
Description
Phil D'Amore
2003-01-07 16:30:18 UTC
All config options are overridable by rhn, so it doesn't make much sense to disable it client side. Not sure I understand the reasoning for the request. reboot actions are never scheduled without being explicitily scheduled by the administrator. Was there a case where you accidently rebooted a machine of something? It may make more sence to do that server side, if at all. I don't think we're on the same page here. We're talking about adding an option to /etc/sysconfig/rhn/up2date in the same sprirt as "removeSkipList", "noReplaceConfig", "noBootLoader", "pkgSkipList", "fileSkipList", etc that will not allow up2date to reboot a box remotely. Perhaps a "doNotRebootThisMachine" option. Your above statement is a little confusing, as it implies that all of the above options can be overridden by the web interface side of things. Is that true? The potential for damage to be done by a compromised RHN account is now non-trivial, as the web interface can now schedule machine reboots. The reason for needing the ability to disable this feature should be obvious. There are actions that allow all configuration options to be changed. At the moment, I don't think any of these are setup on the website. I can add a config option, but it can be reset by a config change option from the server side (if not from the website atm). in cvs head (3.0.43 or so...) backport for 8.0 landing soon backport landed in cvs as well, for the sake of process, I'm considering this a bug fix, so it should land in the 8.0 errata. Marking as modified so qa can verify the fix: verification plan: set "noReboot" to 1 in the config file, attempt to schedule a reboot action. action should fail with exit code 38, and message "Up2date is configured not to allow reboots" set "noReboot" to 0 in config file, and schedule a reboot action. system should reboot. Works in Red Hat 9, and will be errata'd in the future, closing. |