cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marcus Sorensen <shadow...@gmail.com>
Subject Re: whoa! our official upgrade procedures require 8096?
Date Mon, 23 Sep 2013 17:47:56 GMT
I don't think one example of abuse means we shouldn't have it
altogether. I do agree that we can't have any customer procedures
requiring it. I'm not really sure why this script even exists, it
looks up the system vms in the database, then fires off calls to
cloudstack to restart them, am I missing something? Why isn't there
just an admin level api call for this that can be a button in the UI?
It would probably be simpler than the bash script.

On Mon, Sep 23, 2013 at 11:19 AM, Darren Shepherd
<darren.s.shepherd@gmail.com> wrote:
> I complained once before that I didn't like the existence of 8096 but
> then plenty responded that its an optional thing.  I just noticed in
> another thread that cloud-sysvmadm requires 8096.  This is exactly why
> 8096 should not exist.  If we create an unauthenticated backdoor, its
> just too tempting to use it.  So now as part of our official upgrade
> procedures we tell people to turn on 8096 on a production cloud to
> reboot the system VMs.  I don't think that's acceptable.
>
> Darren

Mime
View raw message