-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Josselin Mouette wrote:
No one sane uses rsh on production environments nowadays. Please make
ssh the default module.
I disagree with your point here. I know of at least of couple
organizations who make use of pdsh using rsh. Clearly, using rsh
carries security implications. However, that doesn't mean that there is
no sane way to use it. I have seen pdsh used via rsh on clusters that
are only available to a small group of users. The security is handled
by only allowing certain users to issue remote commands. In this case,
it makes more sense to use rsh, because the overhead for sending an rsh
command is much lower than sending a command via ssh.
I also am uncomfortable with making ssh the default module out of the
box, because upgrading would break any users who are currently using
pdsh via the rsh rcmd module.
I thought it was only an important bug, but I'm making it RC, as policy
9.9 says a program MUST NOT depend on environment variables to get
reasonable defaults. (I'm sure Steve will downgrade it if the release
team thinks it's not critical enough :)
For the reasons I mentioned above, I believe the rsh is a reasonable
default. So, this policy does not apply. I believe that this bug is
not RC, and I think that important is probably too strong, because I
don't think this has a strong impact on pdsh's usability. It is merely
inconvenient. I would classify this bug as either normal or wishlist.
At the very least, there should be a
configuration file to set this without using an environment variable.
I agree with you. I'm willing to look into adding a configuration to
specify the default rcmd module. I should note that the latest version
of pdsh (2.10) has some additional methods of choosing the rcmd module,
and I plan on uploading the new version soon. One of the methods allows
you to specify target host defaults in the genders database. However,
it still does not provide a way to alter the default for unspecified hosts.
On a side note, /usr/lib/pdsh contains .a and .la files, which should be
removed because they aren't used at all.
I'll file this under a separate bug.
- -Brian
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEmHFwdeHB6XEPaOIRAqKBAJ4tMKtnpSPzxLy2W+ikIQ/3WhK/UgCeJNwc
uvRxesGf9ApSn2l4zFZiY/4=
=KqVJ
-END PGP SIGNATURE-
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
