Hi,
On 08/25/17 at 11:13am, Ziyue Yang wrote:
On Fri, Aug 25, 2017 at 10:19 AM, Ziyue Yang
<ziyang(a)redhat.com> wrote:
> Hi,
>
> On Thu, Aug 24, 2017 at 5:02 PM, Xunlei Pang <xpang(a)redhat.com> wrote:
>
>> On 08/24/2017 at 02:00 PM, Ziyue Yang wrote:
>> > ssh target of link local ipv6 might have network interface
>> > name prefixed by 'kdump-', which is not in known_hosts while
>> > dumping, leading to failure in dump_ssh.
>> >
>> > This commit makes dump_ssh cancel 'StrictHostKeyChecking'
>> > for link local ipv6 address cases in order to bypass the
>> > known_hosts, for it's not possible to add 'kdump-' variants
>> > in hashed known_hosts if there is any need.
>> >
>> > Signed-off-by: Ziyue Yang <ziyang(a)redhat.com>
>> > ---
>> > dracut-kdump.sh | 10 +++++++++-
>> > 1 file changed, 9 insertions(+), 1 deletion(-)
>> >
>> > diff --git a/dracut-kdump.sh b/dracut-kdump.sh
>> > index b75c2a5..bbb8a45 100755
>> > --- a/dracut-kdump.sh
>> > +++ b/dracut-kdump.sh
>> > @@ -71,10 +71,18 @@ dump_raw()
>> >
>> > dump_ssh()
>> > {
>> > - local _opt="-i $1 -o BatchMode=yes -o
StrictHostKeyChecking=yes"
>> > + local _opt="-i $1 -o BatchMode=yes"
>> > local _dir="$KDUMP_PATH/$HOST_IP-$DATEDIR"
>> > local _host=$2
>> >
>> > + # cancel HostKeyChecking for link-local ipv6 address
>> > + # with "kdump-" prefixed interface name
>> > + if is_ipv6_link_local $(get_remote_host $_host); then
>>
>> To be precise, is_ipv6_link_local() is insufficient, I guess we can
>> compare it with "%kdump-eth*" directly.
>>
>
> Dave suggested that we should keep 'kump-' related code in the same place.
> Maybe we can wrap 'kdump-' as a global variable, like
> KDUMP_NETWORK_INTERFACE_PREFIX?
>
Another problem might be name clash with origin name. Suggest a customer
has their network interface name named with "kdump-eth*" pattern before
running kdump, we should not close the checking in this condition. Is there
a way to pass whether there was an activity of modifying ifname to dump_ssh
neatly?
No need to consider these *in therory* cases, it is nearly impossible.
Also do not use global var, it is even worse than checking multiple
times.
>
>> > + _opt+=" -o StrictHostKeyChecking=no"
>> > + else
>> > + _opt+=" -o StrictHostKeyChecking=yes"
>> > + fi
>> > +
>> > echo "kdump: saving to $_host:$_dir"
>> >
>> > cat /var/lib/random-seed > /dev/urandom
>>
>>
>
Thanks
Dave