Modify

Ticket #1050 (closed defect: wontfix)

Opened 10 years ago

Last modified 10 years ago

`bcfg2-info showclient` makes changes to configuration

Reported by: https://www.google.com/accounts/o8/id?id=AItOawkPb0RtPyicSdU7pLcv1UrX-yCh-YjkOwU Owned by: desai
Priority: major Milestone: Bcfg2 1.2.0 Release
Component: bcfg2-server Version: 1.0
Keywords: Cc: 686f6c6d@…

Description

Seems like bcfg2-info commands are not safe for repository configuration.

$ sudo bcfg2-info showclient selenium
Loading experimental plugin(s): Packages
NOTE: Interfaces subject to change
Handled 20 events in 0.132s
Handled 3 events in 0.002s
Asserting client selenium profile to basic
Creating new client: selenium, profile basic
Hostname:	selenium
Profile:	basic
Groups:		debian
		basic
Bundles:	motd
Connector data
================================================================================
Packages:	{'sources': []}
================================================================================
$ sudo bcfg2-info showclient selenium
Loading experimental plugin(s): Packages
NOTE: Interfaces subject to change
Failed to find IP address for selenium
Handled 20 events in 0.298s
Handled 3 events in 0.005s
Hostname:	selenium
Profile:	basic
Groups:		debian
		basic
Bundles:	motd
Connector data
================================================================================
Packages:	{'sources': []}
================================================================================

Attachments

Change History

comment:1 Changed 10 years ago by https://www.google.com/accounts/o8/id?id=AItOawnSjgovXZr-_V3vGkvMSR0pc5LDykRc1Nc

  • Status changed from new to closed
  • Resolution set to invalid

bcfg2-info spawns its own instance of the Bcfg2 server, and has all of the power of a real server. This is intended (and necessary, in some cases).

If you want bcfg2-info to be unable to modify the repository, run it as a user that only has read-only access to the repository, or run it against a local copy of the repository with the -Q flag.

comment:2 Changed 10 years ago by https://www.google.com/accounts/o8/id?id=AItOawkPb0RtPyicSdU7pLcv1UrX-yCh-YjkOwU

  • Status changed from closed to reopened
  • Resolution invalid deleted

When it is necessary for bcfg2-info showclient to alter configuration?

comment:3 Changed 10 years ago by https://www.google.com/accounts/o8/id?id=AItOawnSjgovXZr-_V3vGkvMSR0pc5LDykRc1Nc

When you ask it to show you a new client that does not exist yet, it must first add that client to the specification.

comment:4 Changed 10 years ago by https://www.google.com/accounts/o8/id?id=AItOawkPb0RtPyicSdU7pLcv1UrX-yCh-YjkOwU

Don't you think that when I ask bcfg2-info showclient about a client that doesn't exists - it should report an error instead of doing stuff that should be done by bcfg2-admin?

It is a bad user experience when you have to clean out configuration every time you've misspelled some client name.

comment:5 Changed 10 years ago by https://www.google.com/accounts/o8/id?id=AItOawnSjgovXZr-_V3vGkvMSR0pc5LDykRc1Nc

  • Status changed from reopened to closed
  • Resolution set to wontfix

No, I expect bcfg2-info to act exactly the same way that bcfg2-server would act. This is very important if you're using bcfg2-info for any sort of testing or verification.

If you want bcfg2-info to be unable to modify the repository, run it as a user that only has read-only access to the repository, or run it against a local copy of the repository with the -Q flag. "svn revert" or "git checkout" or similar should suffice to clean up after a mistake.

comment:6 Changed 10 years ago by https://www.google.com/accounts/o8/id?id=AItOawkPb0RtPyicSdU7pLcv1UrX-yCh-YjkOwU

  • Status changed from closed to reopened
  • Resolution wontfix deleted

I understand that developers are a bit selfish, but did you ask your users - what do they expect?

If you so concerned that server does what it wants when bcfg2-info is run - why don't you move this command (info or 'show clients') to bcfg2-server itself? This will remove one level of indirection, and won't raise questions about info tools with heisenbug architecture.

comment:7 Changed 10 years ago by https://www.google.com/accounts/o8/id?id=AItOawkPb0RtPyicSdU7pLcv1UrX-yCh-YjkOwU

  • Component changed from bcfg2-client to bcfg2-server

comment:8 Changed 10 years ago by m4z <686f6c6d@…>

  • Cc 686f6c6d@… added

I don't see a problem related to bcfg2-info: I would rather like to have a config option to disable the automated adding of new clients to clients.xml (if it doesn't exist yet). Then, that could be used when running bcfg2-info, too. (See also #842, #929.)

comment:9 Changed 10 years ago by solj

  • Status changed from reopened to closed
  • Resolution set to wontfix

You can change this behavior by *not* using a default/public group in groups.xml. See http://docs.bcfg2.org/server/plugins/grouping/metadata.html#metadata-group-tag.

WARNING! You need to establish a session before you can create or edit tickets. Otherwise the ticket will get treated as spam.

View

Add a comment

Modify Ticket

Change Properties
<Author field>
Action
as closed
The resolution will be deleted. Next status will be 'reopened'
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.