Hi Feri, just to this one...
On 03/03/20 15:22 +0100, wf...@niif.hu wrote: > Is there a way to find out what attributes were passed to the OCF > agent in that fateful invocation? AFAIK, not possible after-the-fact, unless you add TRACE_RA=1 as another (real) parameter to the agent and it happens to respond to it (very likely with standard agents from resource-agents project). And even then, logs generated like that will likely get lost when the node is fenced (depends on path/mount particulars). I think that not exposing such details about invocation directly at pacemaker logging level is by design ... safer than to leave the cat out of the bag. Consider that any incidents reported are promptly followed with soliciting the logs, and making the authentication tokens, password and other secrets leaked this way would be bad for general reputation, wouldn't it? (this was also part of the reasoning behind CVE-2019-3885) -- Poki
pgpBT4ivPPPXM.pgp
Description: PGP signature
_______________________________________________ Manage your subscription: https://lists.clusterlabs.org/mailman/listinfo/users ClusterLabs home: https://www.clusterlabs.org/
