Bug 740946 - RFE: Allow client-settable custom info
Summary: RFE: Allow client-settable custom info
Keywords:
Status: CLOSED CANTFIX
Alias: None
Product: Spacewalk
Classification: Community
Component: Clients
Version: 1.6
Hardware: All
OS: All
unspecified
low
Target Milestone: ---
Assignee: Milan Zázrivec
QA Contact: Red Hat Satellite QA List
URL:
Whiteboard:
Depends On:
Blocks: spacewalk-rfe
TreeView+ depends on / blocked
 
Reported: 2011-09-23 20:50 UTC by Brian
Modified: 2011-10-14 09:45 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-10-14 09:45:40 UTC


Attachments (Terms of Use)

Description Brian 2011-09-23 20:50:27 UTC
Description of problem:
I would like kickstart and cron scripts to submit Custom Info values, so I can search on those fields and feed them back into config files.  The current rhn-custom-info requires a user/password for all changes, making it insecure to embed in scripts.

Expected results:
Creating a Custom System Info key includes a toggle for "Allow changes from client."  The rhn-custom-info includes a '--quiet' or similar flag that will exit abnormally, rather than prompt for a password, if the client tries to change a value it isn't allowed to change.

Comment 1 Milan Zázrivec 2011-10-14 09:45:40 UTC
Allowing an arbitrary client to change or even create custom system values
would go against the security model used in Spacewalk: you need to have
appropriate permissions to manipulate the system data on the server
(organization admin for example).

I can see how one could benefit from being able to do the data changes
without authentication (or authorization), but the functionality could
also be abused in the same manner.

Spacewalk's API provides several routines to manipulate the system
custom info. May I suggest to export the data from client to a system
where it is safe to store the password and change the system info
from there.

Terribly sorry, I'm gonna have to close this RFE.


Note You need to log in before you can comment on or make changes to this bug.