Revision bd028152 SECURITY

b/SECURITY
5 5
security model is all-or-nothing.
6 6

  
7 7
All the Ganeti code runs as root, because all the operations that Ganeti
8
is doing require privileges: creating logical volumes, md arrays,
8
is doing require privileges: creating logical volumes, drbd devices,
9 9
starting instances, etc. Running as root does not mean setuid, but that
10 10
you need to be root to run the cluster commands.
11 11

  
......
39 39
Note that only the ssh key will allow other machines to run random
40 40
commands on this node; the RPC method will run only:
41 41
  - well defined commands to create, remove, activate logical volumes,
42
    DRBD disks, md arrays, start/stop instances, etc;
42
    drbd devices, start/stop instances, etc;
43 43
  - run ssh commands on other nodes in the cluster, again well-defined
44 44
  - scripts under the /etc/ganeti/hooks directory
45 45

  

Also available in: Unified diff