I had exactly the same problem several months ago, attached is one of
the emails in that discussion. I never had the time to track this down,
but I suspect it is probably a bug in the dot.conf library that ganglia
uses to read its config files:
http://www.azzit.de/dotconf/
Maybe the latest version doesn't suffer from this problem.
~Jason
On Wed, 2004-07-07 at 09:37, Matt Ford wrote:
> Martin Knoblauch wrote:
>
> >--- Matt Ford <[EMAIL PROTECTED]> wrote:
> >
> >
> >>Hi,
> >>
> >>The following patch fixes a bug in gmond. It's all or nothing as far
> >>as
> >>authorisation is concerned with the current source download - either
> >>
> >>one allows all hosts to access the gmond data or only localhost. The
> >>
> >>trusted_hosts option in the conf file was ignored.
> >>
> >>Hope this helps,
> >>
> >>Matt Ford
> >>
> >>--- server.c.old 2004-07-02 10:51:50.954185864 +0100
> >>+++ server.c 2004-07-02 10:53:54.380422224 +0100
> >>@@ -194,11 +194,11 @@
> >> datum_free(hash_rval);
> >> }
> >> /* If not a member of multicast group, is it a trusted
> >>
> >>host? */
> >>- if(! client.valid )
> >>- {
> >>- if( llist_search(&(gmond_config.trusted_hosts),
> >>
> >>(void *)host_ip.data, strcmp, &le) == 0)
> >>+ else if( llist_search(&(gmond_config.trusted_hosts),
> >>(void *)host_ip.data, strcmp, &le) == 0)
> >>+ {
> >> client.valid = TRUE;
> >>- }
> >>+ }
> >>+ }
> >>
> >> if (! client.valid )
> >>
> >>
> >>
> >>
> >Hi Matt,
> >
> > are you sure that there is a problem? Looking at the CVS code, to me
> >the logic looks like:
> >
> >is client localhost?
> >else are all hosts trusted?
> >else
> > is client part of multicast group?
> > if client is not validated by now, check trusted_hosts
> >endif
> >
> > So, the trusted_hosts only needs to be checked if the client is not
> >localhost, all_trusted is not set and the client is not part of the
> >multicast group. Otherwise it is "valid" already.
> >
> > Or am I missing something here?
> >
> >Cheers
> >Martin
> >
> >=====
> >------------------------------------------------------
> >Martin Knoblauch
> >email: k n o b i AT knobisoft DOT de
> >www: http://www.knobisoft.de
> >
> >
> >-------------------------------------------------------
> >This SF.Net email sponsored by Black Hat Briefings & Training.
> >Attend Black Hat Briefings & Training, Las Vegas July 24-29 -
> >digital self defense, top technical experts, no vendor pitches,
> >unmatched networking opportunities. Visit www.blackhat.com
> >_______________________________________________
> >Ganglia-developers mailing list
> >Ganglia-developers@lists.sourceforge.net
> >https://lists.sourceforge.net/lists/listinfo/ganglia-developers
> >
> >
> Yep, my patch is not worth anyone's time or effort. After ages
> scratching my head and scouring the code I could find nothing that
> suggested why I was getting all or nothing authentication. The trusted
> hosts where just no being picked up. I've just spotted it however.....
>
> # Hosts ASIDE from "127.0.0.1"/localhost and those multicasting
> # on the same multicast channel which you will share your XML
> # data with. Multiple hosts are allowed on multiple lines.
> # Can be specified with either hostnames or IP addresses.
> # default: none
> # trusted_hosts 1.1.1.1 1.1.1.2 1.1.1.3 \
> # 2.3.2.3 3.4.3.4 5.6.5.6
>
> Which I changed to....
>
> # default: none
> # trusted_hosts 1.1.1.1 1.1.1.2 1.1.1.3 \
> trusted_hosts 192.168.0.56
>
> The trailing backslash of the comment line is the evil cause of all my woes.
> ;-(
>
> Maybe a warning for the idiotic should go here! ;-O
>
> Thanks anyway,
>
> Matt.
>
>
>
>
>
>
> -------------------------------------------------------
> This SF.Net email sponsored by Black Hat Briefings & Training.
> Attend Black Hat Briefings & Training, Las Vegas July 24-29 -
> digital self defense, top technical experts, no vendor pitches,
> unmatched networking opportunities. Visit www.blackhat.com
> _______________________________________________
> Ganglia-developers mailing list
> Ganglia-developers@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/ganglia-developers
--
/------------------------------------------------------------------\
| Jason A. Smith Email: [EMAIL PROTECTED] |
| Atlas Computing Facility, Bldg. 510M Phone: (631)344-4226 |
| Brookhaven National Lab, P.O. Box 5000 Fax: (631)344-7616 |
| Upton, NY 11973-5000 |
\------------------------------------------------------------------/
--- Begin Message ---
I think it is more a matter of precedence, which rule is more
important. Everything I know of that reads files like this, the comment
starts with the # and goes to the end of the line, no continuation
unless there is another # on the next line. The backslash continuation
is only for lines that are read in, as soon as the parser sees the # it
should ignore the rest of the line. Multi-line comments are usually
enclosed in a block with definite beginning and ending sequences.
But this is probably all moot for g3. Will there be any more ganglia
2.5.x releases for maintenance purposes in case people want to take
their time to switch over to g3 since it will be a major change?
~Jason
On Tue, 2003-09-09 at 19:42, Robert Walsh wrote:
> > I noticed one minor bug in the way gmond parses its config file when I
> > inadvertently put the following in my gmond.conf file:
> >
> > # trusted_hosts 1.1.1.1 1.1.1.2 1.1.1.3 \
> > trusted_hosts my.gmetad.host
> >
> > It does not read in the trusted_hosts line. My guess is that it is
> > incorrectly assuming that the comment is being continued on the next
> > line. This might not be a big deal to fix since Matt mentioned once
> > that g3 will probably use an xml based config system, but I thought I
> > would bring it up anyway.
>
> This strikes me as a religious issue - one group of people will say it's
> doing the right thing and another group will say it's completely wrong.
>
> I'm probably on the former group's side, but I don't care if it's
> changed, really.
>
> Regards,
> Robert.
--
/------------------------------------------------------------------\
| Jason A. Smith Email: [EMAIL PROTECTED] |
| Atlas Computing Facility, Bldg. 510M Phone: (631)344-4226 |
| Brookhaven National Lab, P.O. Box 5000 Fax: (631)344-7616 |
| Upton, NY 11973-5000 |
\------------------------------------------------------------------/
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Ganglia-developers mailing list
Ganglia-developers@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ganglia-developers
--- End Message ---
