Vladislav,
> Hi Jan, > > 16.07.2014 17:18, Jan Friesse wrote: >> Vladislav, >> again, nice idea, but. I would rather see use of CLI option + comments >> inside. > > I thought about that, but decided to go the same way > corosync_overview(8) describes. Otherwise I'd need to patch main.c for Honestly, I don't see any relation between corosync-keygen and corosync_overview. In corosync_overview, it's clear: The *corosync executive process* uses four environment variables *during startup*. corosync-keygen is just totally different tool. You can generate key on your own (dd) or (and this is usually the case) you just copy from other node. > consistency and thus possibly change functionality someone already uses. I believe this is acceptable inconsistency. Actually, using key generator with given keyfile is just ... weird. It's like dd taking parameter from env. Regards, Honza > >> >> >> Vladislav Bogdanov napsal(a): >>> Signed-off-by: Vladislav Bogdanov <[email protected]> >>> --- >>> man/corosync-keygen.8 | 27 +++++++++++++++++++-------- >>> tools/corosync-keygen.c | 38 ++++++++++++++++++++++---------------- >>> 2 files changed, 41 insertions(+), 24 deletions(-) >>> >>> diff --git a/man/corosync-keygen.8 b/man/corosync-keygen.8 >>> index 5dc3f45..71ca40e 100644 >>> --- a/man/corosync-keygen.8 >>> +++ b/man/corosync-keygen.8 >>> @@ -39,26 +39,22 @@ corosync-keygen \- Generate an authentication key for >>> Corosync. >>> .SH DESCRIPTION >>> >>> If you want to configure corosync to use cryptographic techniques to >>> ensure authenticity >>> -.br >>> and privacy of the messages, you will need to generate a private key. >>> .PP >>> .B corosync-keygen >>> -creates this key and writes it to /etc/corosync/authkey. >>> +creates this key and writes it to /etc/corosync/authkey or to file >>> specified by >>> +COROSYNC_TOTEM_AUTHKEY_FILE environment variable. >>> .PP >>> This private key must be copied to every processor in the cluster. If the >>> -.br >>> private key isn't the same for every node, those nodes with nonmatching >>> private >>> -.br >>> keys will not be able to join the same configuration. >>> .PP >>> Copy the key to some security transportable storage or use ssh to transmit >>> the >>> -.br >>> key from node to node. Then install the key with the command: >>> .PP >>> unix#: install -D --group=0 --owner=0 --mode=0400 /path_to_authkey/authkey >>> /etc/corosync/authkey >>> .PP >>> If a message "Invalid digest" appears from the corosync executive, the keys >>> -.br >>> are not consistent between processors. >>> .PP >>> .B Note: corosync-keygen >>> @@ -67,13 +63,21 @@ will ask for user input to assist in generating entropy >>> unless the -l option is >>> .TP >>> .B -l >>> Use a less secure random data source that will not require user input to >>> help generate >>> +entropy. This may be useful when this utility is used from a script or >>> hardware random number >>> +generator is not available (f.e. in virtual machine). >>> +.SH ENVIRONMENT VARIABLES >>> +.TP >>> +COROSYNC_TOTEM_AUTHKEY_FILE >>> +This specifies the fully qualified path to the shared key to create. >>> .br >>> -entropy. This may be useful when this utility is used from a script. >>> + >>> +The default is /etc/corosync/authkey. >>> + >>> .SH EXAMPLES >>> .TP >>> Generate the key. >>> .PP >>> -$ corosync-keygen >>> +# corosync-keygen >>> .br >>> Corosync Cluster Engine Authentication key generator. >>> .br >>> @@ -81,6 +85,13 @@ Gathering 1024 bits for key from /dev/random. >>> .br >>> Press keys on your keyboard to generate entropy. >>> .br >>> +.PP >>> +$ COROSYNC_TOTEM_AUTHKEY_FILE=/tmp/authkey corosync-keygen -l >>> +.br >>> +Corosync Cluster Engine Authentication key generator. >>> +.br >>> +Writing corosync key to /tmp/authkey. >>> +.br >>> .SH SEE ALSO >>> .BR corosync_overview (8), >>> .BR corosync.conf (5), >>> diff --git a/tools/corosync-keygen.c b/tools/corosync-keygen.c >>> index 71ea9d8..519e8d9 100644 >>> --- a/tools/corosync-keygen.c >>> +++ b/tools/corosync-keygen.c >>> @@ -40,14 +40,13 @@ >>> #include <unistd.h> >>> #include <fcntl.h> >>> #include <errno.h> >>> +#include <string.h> >>> #include <getopt.h> >>> #include <sys/types.h> >>> #include <sys/stat.h> >>> >>> #include <netinet/in.h> >>> >>> -#define KEYFILE COROSYSCONFDIR "/authkey" >>> - >>> static const char usage[] = >>> "Usage: corosync-keygen [-l]\n" >>> " -l / --less-secure - Use a less secure random number source\n" >>> @@ -60,6 +59,7 @@ int main (int argc, char *argv[]) >>> { >>> int authkey_fd; >>> int random_fd; >>> + const char *keyfile = getenv("COROSYNC_TOTEM_AUTHKEY_FILE"); >>> unsigned char key[128]; >>> ssize_t res; >>> ssize_t bytes_read; >>> @@ -89,14 +89,18 @@ int main (int argc, char *argv[]) >>> } >>> >>> printf ("Corosync Cluster Engine Authentication key generator.\n"); >>> - if (geteuid() != 0) { >>> + if (geteuid() != 0 && !keyfile) { >>> printf ("Error: Authorization key must be generated as root >>> user.\n"); >>> exit (errno); >>> } >>> - if (mkdir (COROSYSCONFDIR, 0700)) { >>> - if (errno != EEXIST) { >>> - perror ("Failed to create directory: " COROSYSCONFDIR); >>> - exit (errno); >>> + >>> + if (!keyfile) { >>> + keyfile = COROSYSCONFDIR "/authkey"; >>> + if (mkdir (COROSYSCONFDIR, 0700)) { >>> + if (errno != EEXIST) { >>> + perror ("Failed to create directory: " >>> COROSYSCONFDIR); >>> + exit (errno); >>> + } >>> } >>> } >>> >>> @@ -134,37 +138,39 @@ retry_read: >>> /* >>> * Open key >>> */ >>> - authkey_fd = open (KEYFILE, O_CREAT|O_WRONLY, 600); >>> + authkey_fd = open (keyfile, O_CREAT|O_WRONLY, 0600); >>> if (authkey_fd == -1) { >>> - perror ("Could not create " KEYFILE); >>> + fprintf (stderr, "Could not create %s: %s", keyfile, >>> strerror(errno)); >>> exit (errno); >>> } >>> /* >>> * Set security of authorization key to uid = 0 gid = 0 mode = 0400 >>> */ >>> - res = fchown (authkey_fd, 0, 0); >>> - if (res == -1) { >>> - perror ("Could not fchown key to uid 0 and gid 0\n"); >>> - exit (errno); >>> + if (geteuid() == 0) { >>> + res = fchown (authkey_fd, 0, 0); >>> + if (res == -1) { >>> + perror ("Could not fchown key to uid 0 and gid 0\n"); >>> + exit (errno); >>> + } >>> } >>> if (fchmod (authkey_fd, 0400)) { >>> perror ("Failed to set key file permissions to 0400\n"); >>> exit (errno); >>> } >>> >>> - printf ("Writing corosync key to " KEYFILE ".\n"); >>> + printf ("Writing corosync key to %s.\n", keyfile); >>> >>> /* >>> * Write key >>> */ >>> res = write (authkey_fd, key, sizeof (key)); >>> if (res != sizeof (key)) { >>> - perror ("Could not write " KEYFILE); >>> + fprintf (stderr, "Could not write %s: %s", keyfile, >>> strerror(errno)); >>> exit (errno); >> >> Please use err/errx (see errx(3)) instead of fprintf and exit (err does >> this in one function, and it's standard). >> >> Please DO not use errno as return code. Errno (potentially) can be > >> 127. Error code > 127 is used when signal arrived (this is not the case >> here). >> >> Regards, >> Honza >> >> >>> } >>> >>> if (close (authkey_fd)) { >>> - perror ("Could not write " KEYFILE); >>> + fprintf (stderr, "Could not write %s: %s", keyfile, >>> strerror(errno)); >>> exit (errno); >>> } >>> >>> >> > _______________________________________________ discuss mailing list [email protected] http://lists.corosync.org/mailman/listinfo/discuss
