1048354 – Gear movement should not require direct root login

Bug 1048354 - Gear movement should not require direct root login

Summary: Gear movement should not require direct root login

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	OKD
Classification:	Red Hat
Component:	Pod
Sub Component:
Version:	1.x
Hardware:	All
OS:	Linux
Priority:	unspecified
Severity:	medium
Target Milestone:	---
Target Release:	---
Assignee:	Abhishek Gupta
QA Contact:	libra bugs
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2014-01-03 19:50 UTC by Trevor Vaughan
Modified:	2017-05-31 18:22 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2017-05-31 18:22:11 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Trevor Vaughan 2014-01-03 19:50:20 UTC

Description of problem:

The ability to move gears via rsync requires direct root access to systems. Per most published security guides, this is to be disabled and sudo to be used instead.

Request that rsync movement be able to be used via an account other than root.

Version-Release number of selected component (if applicable):

All

How reproducible:

Disable direct root login, attempt to move a gear.

Actual results:

Gear movement fails.

Expected results:

Gear movement succeeds.

Comment 1 Kurt Seifried 2014-01-06 18:24:17 UTC

This issue appears to be a security feature RFE and not a security flaw or vulnerability.

Comment 2 Eric Paris 2017-05-31 18:22:11 UTC

We apologize, however, we do not plan to address this report at this time. The majority of our active development is for the v3 version of OpenShift. If you would like for Red Hat to reconsider this decision, please reach out to your support representative. We are very sorry for any inconvenience this may cause.

Note You need to log in before you can comment on or make changes to this bug.