Change in vdsm[master]: bootstrap: use yum API

Thu, 27 Sep 2012 12:01:55 -0700 

Dan Kenigsberg has posted comments on this change.

Change subject: bootstrap: use yum API
......................................................................


Patch Set 9: (1 inline comment)

....................................................
File vds_bootstrap/vds_bootstrap.py
Line 126:             hexkeyid
Line 127:         )
Line 128:         logging.warning("MiniYum: WARN:  %s", msg)
Line 129:         self._status('WARN', msg)
Line 130:         return True
I am not at all sure that this is a case were usability should win over 
security.

A virgin host would not necessarily have 'vdsm' in its yum repos - default EL6 
distributions do not contain it. We assume that something has enabled the right 
yum repo. That something should have imported the relevant gpg key.

I would not like that vdsm bootstrap become a vector to allow spoofing of yum 
repos.
Let us not decide this out-of-hand during a private dialog.
Line 131: 
Line 132: 
Line 133: rhel6based = deployUtil.versionCompare(deployUtil.getOSVersion(), 
"6.0") >= 0
Line 134: 


--
To view, visit http://gerrit.ovirt.org/8039
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I65796801bc2db7c5abf71c1e9e4ad8ca308138b9
Gerrit-PatchSet: 9
Gerrit-Project: vdsm
Gerrit-Branch: master
Gerrit-Owner: Alon Bar-Lev <[email protected]>
Gerrit-Reviewer: Alon Bar-Lev <[email protected]>
Gerrit-Reviewer: Barak Azulay <[email protected]>
Gerrit-Reviewer: Dan Kenigsberg <[email protected]>
Gerrit-Reviewer: Doron Fediuck <[email protected]>
Gerrit-Reviewer: Douglas Schilling Landgraf <[email protected]>
Gerrit-Reviewer: Igor Lvovsky <[email protected]>
Gerrit-Reviewer: Juan Hernandez <[email protected]>
Gerrit-Reviewer: Pradipta Banerjee <[email protected]>
Gerrit-Reviewer: Rodrigo Trujillo <[email protected]>
Gerrit-Reviewer: Saggi Mizrahi <[email protected]>
Gerrit-Reviewer: Shireesh Anjal <[email protected]>
Gerrit-Reviewer: Yaniv Bronhaim <[email protected]>
_______________________________________________
vdsm-patches mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/vdsm-patches

Reply via email to