Low: lrmd: Warn on insecure and undocumented key handling behaviors.
32db6a6b4f56
Actions

Description

Low: lrmd: Warn on insecure and undocumented key handling behaviors.

If PCMK_authkey_location is given in /etc/sysconfig/pacemaker, but the
key doesn't exist or is unreadable, we will fall back to trying to read
the key from default locations.

If /etc/pacemaker/authkey doesn't exist, we will fall back to trying to
use /etc/corosync/authkey.

Both of these are undocumented behaviors that end up loading a key from
a location the administrator does not expect. Mark them as deprecated
so we can remove them in 3.0.0.

Ref T304

Details

Provenance

clumens

Authored on Apr 17 2024, 2:22 PM

Parents

rP92cd6f742c3a: Merge pull request #3426 from clumens/schema-autoconf

Branches

Unknown

Tags

Unknown

Tasks

Restricted Maniphest Task

Event Timeline

clumens committed rP32db6a6b4f56: Low: lrmd: Warn on insecure and undocumented key handling behaviors. (authored by clumens).Apr 19 2024, 12:23 PM

clumens added a task: Restricted Maniphest Task.Apr 23 2024, 5:01 PM

Changes (1)

Path

Size

lib/

lrmd/

lrmd_client.c

rP32db6a6b4f56

View Options