Menu
▾
▴
Re: [Linuxcoe-devel] [PATCH] patches for multiple-serial numbers SIM installs
|
From: Lee M. <lee...@hp...> - 2007-06-05 17:44:42
|
Daniel Miles wrote: > Hi, everybody. > > I've attached some patches that I think might be fun to get into the LinuxCOE > repository. > > coe_bootimage.in.patch changes the Serial Number field to accept a file, and > handles the upload. Each line in the updated file is read as a string and > interpreted as a serial number. > > nph-coe_image.in.patch changes the rpm-based image creation to behave > correctly given an uploaded file instead of a single serial number > > nph-debian_image.in.patch does the same thing for debian (patches for other > distros are in the works) > > LinuxCOE-SystemDesigner.conf.in.patch adds the AddType text/html .shtml and > AddOutputFilter INCLUDES .shtml directives because I think they should be in > there. I know it's a matter of preference, so I won't be overly disappointed > if this one doesn't make it in. :) > > tests.patch contains what I hope will be the first and the most crude > unit-test using the CGI::Test cpan module. > > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share your > opinions on IT & business topics through brief surveys-and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > ------------------------------------------------------------------------ > > _______________________________________________ > Linuxcoe-devel mailing list > Lin...@li... > https://lists.sourceforge.net/lists/listinfo/linuxcoe-devel > Hi Daniel, I have a couple of questions for you. I've incorporated your patches in my upstream here to start testing but have not checked anything in yet. A few questions/observations: When your code is in play, I noticed you can no longer enter a single serial number (but of course you could create a file with a single s/n in it). Is this the desired behavior or should I change things to allow either single serial number or a file of serial numbers? Looking at the changes in nph-coe_image (kickstart generator back-end), I see you load the file into an array (@serial), pop the first value off of it for the initial generation, then basically symlink the rest of the results based on data values from the file. I'm going to add some defensive code here, as someone nasty could for example use ../../../../../etc/passwd as a serial # in the file and the code would attempt to crush that file. Granted standard unix perms would prevent that one, but any file the apache user could write to is portentially vulnerable. I haven't looked at pressed or autoyast back-ends yet. There's also a new System Designer feature under development I'm calling 'replay' for lack of a better term. What this allows you to do is essentially toss a file at the back-end that answers all the front-end questions and have the back-ends do their thing. Today I leave that file on every install under /etc/opt/LinuxCOE/replay, I'm going to start working on the 'catcher' part of it soon. It'll be another way to create lots of distinct (or near-identical) images as well. Best Regards, Lee |
