Ayal Baron has posted comments on this change. Change subject: Added gluster tool support in supervdsm. ......................................................................
Patch Set 2: I would prefer that you didn't submit this (1 inline comment) .................................................... File vdsm/gluster_super.py Line 24: def execGluster(glusterArgList): But there isn't a minimal amount of limitation here. Running as root has to be limited to specific functionalities that we allow. The point of supervdsm is to expose a specific API which limits vdsm only to those things that it is allowed to perform, otherwise there is no point in it and vdsm can just run as root (which is bad form as you know). If the API would become really big then maybe some things in gLuster should not require root privileges? -- To view, visit http://gerrit.ovirt.org/2797 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I2faa261a3c44cf84af14102bdf6479287435793b Gerrit-PatchSet: 2 Gerrit-Project: vdsm Gerrit-Branch: master Gerrit-Owner: Bala.FA <[email protected]> Gerrit-Reviewer: Ayal Baron <[email protected]> Gerrit-Reviewer: Bala.FA <[email protected]> Gerrit-Reviewer: Dan Kenigsberg <[email protected]> Gerrit-Reviewer: Ewoud Kohl van Wijngaarden <[email protected]> Gerrit-Reviewer: Saggi Mizrahi <[email protected]> _______________________________________________ vdsm-patches mailing list [email protected] https://fedorahosted.org/mailman/listinfo/vdsm-patches
