Vladislav,
> Hi Jan,
>
> 16.07.2014 17:18, Jan Friesse wrote:
>> Vladislav,
>> again, nice idea, but. I would rather see use of CLI option + comments
>> inside.
>
> I thought about that, but decided to go the same way
> corosync_overview(8) describes. Otherwise I'd need to patch main.c for
Honestly, I don't see any relation between corosync-keygen and
corosync_overview. In corosync_overview, it's clear:
The *corosync executive process* uses four environment variables *during
startup*.
corosync-keygen is just totally different tool. You can generate key on
your own (dd) or (and this is usually the case) you just copy from other
node.
> consistency and thus possibly change functionality someone already uses.
I believe this is acceptable inconsistency. Actually, using key
generator with given keyfile is just ... weird. It's like dd taking
parameter from env.
Regards,
Honza
>
>>
>>
>> Vladislav Bogdanov napsal(a):
>>> Signed-off-by: Vladislav Bogdanov <bubble@xxxxxxxxxxxxx>
>>> ---
>>> man/corosync-keygen.8 | 27 +++++++++++++++++++--------
>>> tools/corosync-keygen.c | 38 ++++++++++++++++++++++----------------
>>> 2 files changed, 41 insertions(+), 24 deletions(-)
>>>
>>> diff --git a/man/corosync-keygen.8 b/man/corosync-keygen.8
>>> index 5dc3f45..71ca40e 100644
>>> --- a/man/corosync-keygen.8
>>> +++ b/man/corosync-keygen.8
>>> @@ -39,26 +39,22 @@ corosync-keygen \- Generate an authentication key for Corosync.
>>> .SH DESCRIPTION
>>>
>>> If you want to configure corosync to use cryptographic techniques to ensure authenticity
>>> -.br
>>> and privacy of the messages, you will need to generate a private key.
>>> .PP
>>> .B corosync-keygen
>>> -creates this key and writes it to /etc/corosync/authkey.
>>> +creates this key and writes it to /etc/corosync/authkey or to file specified by
>>> +COROSYNC_TOTEM_AUTHKEY_FILE environment variable.
>>> .PP
>>> This private key must be copied to every processor in the cluster. If the
>>> -.br
>>> private key isn't the same for every node, those nodes with nonmatching private
>>> -.br
>>> keys will not be able to join the same configuration.
>>> .PP
>>> Copy the key to some security transportable storage or use ssh to transmit the
>>> -.br
>>> key from node to node. Then install the key with the command:
>>> .PP
>>> unix#: install -D --group=0 --owner=0 --mode=0400 /path_to_authkey/authkey /etc/corosync/authkey
>>> .PP
>>> If a message "Invalid digest" appears from the corosync executive, the keys
>>> -.br
>>> are not consistent between processors.
>>> .PP
>>> .B Note: corosync-keygen
>>> @@ -67,13 +63,21 @@ will ask for user input to assist in generating entropy unless the -l option is
>>> .TP
>>> .B -l
>>> Use a less secure random data source that will not require user input to help generate
>>> +entropy. This may be useful when this utility is used from a script or hardware random number
>>> +generator is not available (f.e. in virtual machine).
>>> +.SH ENVIRONMENT VARIABLES
>>> +.TP
>>> +COROSYNC_TOTEM_AUTHKEY_FILE
>>> +This specifies the fully qualified path to the shared key to create.
>>> .br
>>> -entropy. This may be useful when this utility is used from a script.
>>> +
>>> +The default is /etc/corosync/authkey.
>>> +
>>> .SH EXAMPLES
>>> .TP
>>> Generate the key.
>>> .PP
>>> -$ corosync-keygen
>>> +# corosync-keygen
>>> .br
>>> Corosync Cluster Engine Authentication key generator.
>>> .br
>>> @@ -81,6 +85,13 @@ Gathering 1024 bits for key from /dev/random.
>>> .br
>>> Press keys on your keyboard to generate entropy.
>>> .br
>>> +.PP
>>> +$ COROSYNC_TOTEM_AUTHKEY_FILE=/tmp/authkey corosync-keygen -l
>>> +.br
>>> +Corosync Cluster Engine Authentication key generator.
>>> +.br
>>> +Writing corosync key to /tmp/authkey.
>>> +.br
>>> .SH SEE ALSO
>>> .BR corosync_overview (8),
>>> .BR corosync.conf (5),
>>> diff --git a/tools/corosync-keygen.c b/tools/corosync-keygen.c
>>> index 71ea9d8..519e8d9 100644
>>> --- a/tools/corosync-keygen.c
>>> +++ b/tools/corosync-keygen.c
>>> @@ -40,14 +40,13 @@
>>> #include <unistd.h>
>>> #include <fcntl.h>
>>> #include <errno.h>
>>> +#include <string.h>
>>> #include <getopt.h>
>>> #include <sys/types.h>
>>> #include <sys/stat.h>
>>>
>>> #include <netinet/in.h>
>>>
>>> -#define KEYFILE COROSYSCONFDIR "/authkey"
>>> -
>>> static const char usage[] =
>>> "Usage: corosync-keygen [-l]\n"
>>> " -l / --less-secure - Use a less secure random number source\n"
>>> @@ -60,6 +59,7 @@ int main (int argc, char *argv[])
>>> {
>>> int authkey_fd;
>>> int random_fd;
>>> + const char *keyfile = getenv("COROSYNC_TOTEM_AUTHKEY_FILE");
>>> unsigned char key[128];
>>> ssize_t res;
>>> ssize_t bytes_read;
>>> @@ -89,14 +89,18 @@ int main (int argc, char *argv[])
>>> }
>>>
>>> printf ("Corosync Cluster Engine Authentication key generator.\n");
>>> - if (geteuid() != 0) {
>>> + if (geteuid() != 0 && !keyfile) {
>>> printf ("Error: Authorization key must be generated as root user.\n");
>>> exit (errno);
>>> }
>>> - if (mkdir (COROSYSCONFDIR, 0700)) {
>>> - if (errno != EEXIST) {
>>> - perror ("Failed to create directory: " COROSYSCONFDIR);
>>> - exit (errno);
>>> +
>>> + if (!keyfile) {
>>> + keyfile = COROSYSCONFDIR "/authkey";
>>> + if (mkdir (COROSYSCONFDIR, 0700)) {
>>> + if (errno != EEXIST) {
>>> + perror ("Failed to create directory: " COROSYSCONFDIR);
>>> + exit (errno);
>>> + }
>>> }
>>> }
>>>
>>> @@ -134,37 +138,39 @@ retry_read:
>>> /*
>>> * Open key
>>> */
>>> - authkey_fd = open (KEYFILE, O_CREAT|O_WRONLY, 600);
>>> + authkey_fd = open (keyfile, O_CREAT|O_WRONLY, 0600);
>>> if (authkey_fd == -1) {
>>> - perror ("Could not create " KEYFILE);
>>> + fprintf (stderr, "Could not create %s: %s", keyfile, strerror(errno));
>>> exit (errno);
>>> }
>>> /*
>>> * Set security of authorization key to uid = 0 gid = 0 mode = 0400
>>> */
>>> - res = fchown (authkey_fd, 0, 0);
>>> - if (res == -1) {
>>> - perror ("Could not fchown key to uid 0 and gid 0\n");
>>> - exit (errno);
>>> + if (geteuid() == 0) {
>>> + res = fchown (authkey_fd, 0, 0);
>>> + if (res == -1) {
>>> + perror ("Could not fchown key to uid 0 and gid 0\n");
>>> + exit (errno);
>>> + }
>>> }
>>> if (fchmod (authkey_fd, 0400)) {
>>> perror ("Failed to set key file permissions to 0400\n");
>>> exit (errno);
>>> }
>>>
>>> - printf ("Writing corosync key to " KEYFILE ".\n");
>>> + printf ("Writing corosync key to %s.\n", keyfile);
>>>
>>> /*
>>> * Write key
>>> */
>>> res = write (authkey_fd, key, sizeof (key));
>>> if (res != sizeof (key)) {
>>> - perror ("Could not write " KEYFILE);
>>> + fprintf (stderr, "Could not write %s: %s", keyfile, strerror(errno));
>>> exit (errno);
>>
>> Please use err/errx (see errx(3)) instead of fprintf and exit (err does
>> this in one function, and it's standard).
>>
>> Please DO not use errno as return code. Errno (potentially) can be >
>> 127. Error code > 127 is used when signal arrived (this is not the case
>> here).
>>
>> Regards,
>> Honza
>>
>>
>>> }
>>>
>>> if (close (authkey_fd)) {
>>> - perror ("Could not write " KEYFILE);
>>> + fprintf (stderr, "Could not write %s: %s", keyfile, strerror(errno));
>>> exit (errno);
>>> }
>>>
>>>
>>
>
_______________________________________________
discuss mailing list
discuss@xxxxxxxxxxxx
http://lists.corosync.org/mailman/listinfo/discuss
