rpms / fence-agents

Clone
Source Code
GIT

Files

  1.   d67cb5c3ce32d2041a9037a48859faf858155124
  2.   SOURCES
  3.   bz1022528-disable_cache_in_suds.patch
Blob Blame History Raw 
commit f78785f7d53e9d126ba51ee9e381f5ae9b3d0368
Author: Marek 'marx' Grac <mgrac@redhat.com>
Date:   Mon Oct 7 15:41:09 2013 +0200

    fence_vmware_soap, fence_ovh: Caching problem with SOAP library
    
    Both fence agents are built on top of SUDS library which creates a cache file. Unfortunately,
    it is not yet possible to completely move cache or remove it. Due to possible security issue (symlink
    vulnerability) we have decided to solve this problem as simply as possible. So '/tmp' was changed to an
    automatically generated temp directory which is removed at the exit of fence agent as we won't reuse it anyway.
    
    Resolves: rhbz#1014000

diff --git a/fence/agents/ovh/fence_ovh.py b/fence/agents/ovh/fence_ovh.py
index 881aa90..2ec3fa0 100644
--- a/fence/agents/ovh/fence_ovh.py
+++ b/fence/agents/ovh/fence_ovh.py
@@ -9,6 +9,7 @@
 # This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
 
 import sys, time
+import shutil, tempfile
 from datetime import datetime
 from suds.client import Client
 from suds.xsd.doctor import ImportDoctor, Import
@@ -61,6 +62,10 @@ def soap_login(options):
 	imp.filter.add('http://soapi.ovh.com/manager')
 	d = ImportDoctor(imp)
 
+	tmp_dir = tempfile.mkdtemp()
+	tempfile.tempdir = tmp_dir
+	atexit.register(remove_tmp_dir, tmp_dir)
+
 	try:
 		soap = Client(url, doctor=d)
 		session = soap.service.login(options["--username"], options["--password"], 'en', 0)
@@ -69,6 +74,9 @@ def soap_login(options):
 
 	options["session"] = session
 	return soap
+
+def remove_tmp_dir(tmp_dir):
+	shutil.rmtree(tmp_dir)
 	
 def main():
 	device_opt = [ "login", "passwd", "port", "email" ]
diff --git a/fence/agents/vmware_soap/fence_vmware_soap.py b/fence/agents/vmware_soap/fence_vmware_soap.py
index 365f8cc..ac7f0d9 100644
--- a/fence/agents/vmware_soap/fence_vmware_soap.py
+++ b/fence/agents/vmware_soap/fence_vmware_soap.py
@@ -1,6 +1,7 @@
 #!/usr/bin/python
 
 import sys, exceptions
+import shutil, tempfile
 sys.path.append("@FENCEAGENTSLIBDIR@")
 
 from suds.client import Client
@@ -20,6 +21,11 @@ def soap_login(options):
 		url = "http://"
 	
 	url += options["--ip"] + ":" + str(options["--ipport"]) + "/sdk"
+
+	tmp_dir = tempfile.mkdtemp()
+	tempfile.tempdir = tmp_dir
+	atexit.register(remove_tmp_dir, tmp_dir)
+	
 	try:
 		conn = Client(url + "/vimService.wsdl")
 		conn.set_options(location = url)
@@ -155,6 +161,9 @@ def set_power_status(conn, options):
 	else:
 		conn.service.PowerOffVM_Task(mo_machine)	
 
+def remove_tmp_dir(tmp_dir):
+	shutil.rmtree(tmp_dir)
+
 def main():
 	device_opt = [ "ipaddr", "login", "passwd", "web", "ssl", "port" ]

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation