Revision 0a689f79 doc/security.rst

b/doc/security.rst
7 7
security model is all-or-nothing.
8 8

  
9 9
Up to version 2.3 all Ganeti code ran as root. Since version 2.4 it is
10
possible to run all daemons except the node daemon as non-root users by
11
specifying user names and groups at build time. The node daemon
12
continues to require root privileges to create logical volumes, DRBD
13
devices, start instances, etc. Cluster commands can be run as root or by
14
users in a group specified at build time.
10
possible to run all daemons except the node daemon and the monitoring daemon
11
as non-root users by specifying user names and groups at build time.
12
The node daemon continues to require root privileges to create logical volumes,
13
DRBD devices, start instances, etc. Cluster commands can be run as root or by
14
users in a group specified at build time. The monitoring daemon requires root
15
privileges in order to be able to access and present information that are only
16
avilable to root (such as the output of the ``xm`` command of Xen).
15 17

  
16 18
Host issues
17 19
-----------
......
141 143
It is planned to split the two functionalities (local/remote querying)
142 144
of confd into two separate daemons in a future Ganeti version.
143 145

  
146
Monitoring daemon
147
-----------------
148

  
149
The monitoring daemon provides information about the status and the
150
performance of the cluster over HTTP.
151
It is currently unencrypted and non-authenticated, therefore it is strongly
152
advised to set proper firewalling rules to prevent unwanted access.
153

  
154
The monitoring daemon runs as root, because it needs to be able to access
155
privileged information (such as the state of the instances as provided by
156
the Xen hypervisor). Nevertheless, the security implications are mitigated
157
by the fact that the agent only provides reporting functionalities,
158
without the ability to actually modify the state of the cluster.
159

  
144 160
Remote API
145 161
----------
146 162

  

Also available in: Unified diff