WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-api

[Xen-API] [PATCH] CA-43936: dont try to get auth-user-name under local-s

To: xen-api <xen-api@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-API] [PATCH] CA-43936: dont try to get auth-user-name under local-session/emergency-mode
From: Marcus Granado <marcus.granado@xxxxxxxxxx>
Date: Tue, 28 Sep 2010 18:29:23 +0100
Delivery-date: Tue, 28 Sep 2010 10:29:57 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-api-request@lists.xensource.com?subject=help>
List-id: Discussion of API issues surrounding Xen <xen-api.lists.xensource.com>
List-post: <mailto:xen-api@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-api>, <mailto:xen-api-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-api>, <mailto:xen-api-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-api-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mercurial-patchbomb/1.4.3
 ocaml/idl/ocaml_backend/rbac_audit.ml |  7 ++++++-
 1 files changed, 6 insertions(+), 1 deletions(-)


# HG changeset patch
# User Marcus Granado <marcus.granado@xxxxxxxxxx>
# Date 1285694241 -3600
# Node ID 46707d5b4cc2a911b824891111103829567f84be
# Parent  b83dff1189acc24f6dc3f2a013a45c49a6ba3c14
CA-43936: dont try to get auth-user-name under local-session/emergency-mode

Signed-off-by: Marcus Granado <marcus.granado@xxxxxxxxxxxxx>

diff -r b83dff1189ac -r 46707d5b4cc2 ocaml/idl/ocaml_backend/rbac_audit.ml
--- a/ocaml/idl/ocaml_backend/rbac_audit.ml
+++ b/ocaml/idl/ocaml_backend/rbac_audit.ml
@@ -82,7 +82,12 @@
        get_subject_common ~__context ~session_id
                ~fnname:"get_subject_name"
                ~fn_if_local_session:(fun()->
-                               DB_Action.Session.get_auth_user_name ~__context 
~self:session_id
+                       (* we are in emergency mode here, do not call DB_Action:
+                        - local sessions are not in the normal DB
+                        - local sessions do not have a username field
+                        - DB_Action will block forever trying to access an 
inaccessible master
+                       *)
+                       ""
                )
                ~fn_if_local_superuser:(fun()->
                                DB_Action.Session.get_auth_user_name ~__context 
~self:session_id

Attachment: xen-api.hg.patch
Description: Text Data

_______________________________________________
xen-api mailing list
xen-api@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/mailman/listinfo/xen-api
<Prev in Thread] Current Thread [Next in Thread>