Implement disabling of file-based storage
Rationale: the file-based storage backend can add/remove files under a certain directory. However, the master node is also controlling the setting of the file-based root directory, so basically it means we can't prevent arbitrary modifications by the master of the node's filesystem. In order to mitigate this for setups where the file-based storage is not used, we introduce a new setting at ./configure time, that controls the enable/disable of file-based storage. Since this is not modifiable by the master (over RPC), it is now possible in this case to prevent unintended modifications of the node's filesystem from the master. The new setting is used in bdev.py to not expose the file-based storage at all, and in cmdlib.py to prevent attempts at creation of such instances. Signed-off-by:Iustin Pop <iustin@google.com> Reviewed-by:
Michael Hanselmann <hansmi@google.com>
Showing
- Makefile.am 1 addition, 0 deletionsMakefile.am
- configure.ac 9 additions, 2 deletionsconfigure.ac
- lib/backend.py 2 additions, 0 deletionslib/backend.py
- lib/bdev.py 3 additions, 1 deletionlib/bdev.py
- lib/cmdlib.py 4 additions, 0 deletionslib/cmdlib.py
- lib/constants.py 1 addition, 0 deletionslib/constants.py
Loading
Please register or sign in to comment