[jira] [Reopened] (VCL-670) user provided data loaded at request time

["Andy Kurth (JIRA)" <ji...@apache.org>]

     [ https://issues.apache.org/jira/browse/VCL-670?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Andy Kurth reopened VCL-670:
----------------------------

Reopening issue.  This was never discussed on the list.  There is no information in this issue related to how this was implemented in backend code an no backend subversion commit messages.  I looked through the backend code to see how this has been implemented.  There are some issues which still need to be resolved.

* This is only implemented in {{Linux.pm::post_reserve}}.  It has not been implemented for Windows images as far as I can tell, yet the Jira issue description references Windows.  Why was this issue closed if it is not complete?
* The Linux.pm implementation creates a _/root/.vclcontrol/post_reserve_userdata_ file.  This is not a the best name for the file.
** _userdata_ is vague.  At first glance I assumed the file would contain information about the reservation users.
** Although the file is created in the post_reserve subroutine, the information which would be contained in this file is not specific to the post_reserve stage.  Granted, a user could reference the file in a vcl_post_reserve script.  This is not the only situation where the file would be used so _post_reserve_ should not be included in the name.
* It is noted that this file could potentially contain sensitive information.  However, the file is not removed when the computer is sanitized if the user never acknowledges the reservation.
* Linux.pm::post_reserve is creating a file locally on the management node in /tmp and then copying it via SCP to the computer.
** Why not just use the _create_text_file_ subroutine?  It would be more efficient and would make the code more consistent.
** The file created in /tmp is not deleted after it is copied.  This is a problem if there is sensitive data in the file.

> user provided data loaded at request time
> -----------------------------------------
>
>                 Key: VCL-670
>                 URL: https://issues.apache.org/jira/browse/VCL-670
>             Project: VCL
>          Issue Type: Improvement
>          Components: database, vcld (backend), web gui (frontend)
>         Environment: Primarily for server and cluster loads.
>            Reporter: Aaron Peeler
>            Priority: Minor
>             Fix For: 2.4
>
>
> Provide a method for users to upload data / content, that would be transferred to the loaded machine at load time. 
> There are cases where a unique config or some xml data might need to be applied to a reservation or image at load or reservation time. 
> The image creator would upload this generic data to along with the image profile, and would make use of the vcl_post_load and vcl_post_reserve.
> Since this might be sensitive data, it should be stored in /root/.vclcontrol for linux and a similar location for windows.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Re: [jira] [Reopened] (VCL-670) user provided data loaded at request time

[Aaron Peeler <aa...@ncsu.edu>]

I went ahead and moved this one to the 2.5 release. Might be able to
address a couple of items before the 2.4 release such as removing data
if they don't log in. But in general may want to redo this feature and
design it out better.

Aaron


On Mon, Feb 9, 2015 at 1:29 PM, Aaron Peeler <aa...@ncsu.edu> wrote:
> Andy,
>
> Thanks. This was one of those quick things needed locally that made
> it's way into the code base. Also, this was done due to the
> configuration management components not being ready.  A couple reasons
> why it was probably not discussed.
>
> Good to re-open to address all OS's  and other things mentioned - but
> could also pull that out code for now and table it for the 2.5 release
> or wait for config management pieces.
>
> Aaron
>
>
>
> On Mon, Feb 9, 2015 at 12:54 PM, Andy Kurth (JIRA) <ji...@apache.org> wrote:
>>
>>      [ https://issues.apache.org/jira/browse/VCL-670?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
>>
>> Andy Kurth reopened VCL-670:
>> ----------------------------
>>
>> Reopening issue.  This was never discussed on the list.  There is no information in this issue related to how this was implemented in backend code an no backend subversion commit messages.  I looked through the backend code to see how this has been implemented.  There are some issues which still need to be resolved.
>>
>> * This is only implemented in {{Linux.pm::post_reserve}}.  It has not been implemented for Windows images as far as I can tell, yet the Jira issue description references Windows.  Why was this issue closed if it is not complete?
>> * The Linux.pm implementation creates a _/root/.vclcontrol/post_reserve_userdata_ file.  This is not a the best name for the file.
>> ** _userdata_ is vague.  At first glance I assumed the file would contain information about the reservation users.
>> ** Although the file is created in the post_reserve subroutine, the information which would be contained in this file is not specific to the post_reserve stage.  Granted, a user could reference the file in a vcl_post_reserve script.  This is not the only situation where the file would be used so _post_reserve_ should not be included in the name.
>> * It is noted that this file could potentially contain sensitive information.  However, the file is not removed when the computer is sanitized if the user never acknowledges the reservation.
>> * Linux.pm::post_reserve is creating a file locally on the management node in /tmp and then copying it via SCP to the computer.
>> ** Why not just use the _create_text_file_ subroutine?  It would be more efficient and would make the code more consistent.
>> ** The file created in /tmp is not deleted after it is copied.  This is a problem if there is sensitive data in the file.
>>
>>> user provided data loaded at request time
>>> -----------------------------------------
>>>
>>>                 Key: VCL-670
>>>                 URL: https://issues.apache.org/jira/browse/VCL-670
>>>             Project: VCL
>>>          Issue Type: Improvement
>>>          Components: database, vcld (backend), web gui (frontend)
>>>         Environment: Primarily for server and cluster loads.
>>>            Reporter: Aaron Peeler
>>>            Priority: Minor
>>>             Fix For: 2.4
>>>
>>>
>>> Provide a method for users to upload data / content, that would be transferred to the loaded machine at load time.
>>> There are cases where a unique config or some xml data might need to be applied to a reservation or image at load or reservation time.
>>> The image creator would upload this generic data to along with the image profile, and would make use of the vcl_post_load and vcl_post_reserve.
>>> Since this might be sensitive data, it should be stored in /root/.vclcontrol for linux and a similar location for windows.
>>
>>
>>
>> --
>> This message was sent by Atlassian JIRA
>> (v6.3.4#6332)
>
>
>
> --
> Aaron Peeler
> Program Manager
> Virtual Computing Lab
> NC State University
>
> All electronic mail messages in connection with State business which
> are sent to or received by this account are subject to the NC Public
> Records Law and may be disclosed to third parties.



-- 
Aaron Peeler
Program Manager
Virtual Computing Lab
NC State University

All electronic mail messages in connection with State business which
are sent to or received by this account are subject to the NC Public
Records Law and may be disclosed to third parties.

Re: [jira] [Reopened] (VCL-670) user provided data loaded at request time

[Aaron Peeler <aa...@ncsu.edu>]

Andy,

Thanks. This was one of those quick things needed locally that made
it's way into the code base. Also, this was done due to the
configuration management components not being ready.  A couple reasons
why it was probably not discussed.

Good to re-open to address all OS's  and other things mentioned - but
could also pull that out code for now and table it for the 2.5 release
or wait for config management pieces.

Aaron



On Mon, Feb 9, 2015 at 12:54 PM, Andy Kurth (JIRA) <ji...@apache.org> wrote:
>
>      [ https://issues.apache.org/jira/browse/VCL-670?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
>
> Andy Kurth reopened VCL-670:
> ----------------------------
>
> Reopening issue.  This was never discussed on the list.  There is no information in this issue related to how this was implemented in backend code an no backend subversion commit messages.  I looked through the backend code to see how this has been implemented.  There are some issues which still need to be resolved.
>
> * This is only implemented in {{Linux.pm::post_reserve}}.  It has not been implemented for Windows images as far as I can tell, yet the Jira issue description references Windows.  Why was this issue closed if it is not complete?
> * The Linux.pm implementation creates a _/root/.vclcontrol/post_reserve_userdata_ file.  This is not a the best name for the file.
> ** _userdata_ is vague.  At first glance I assumed the file would contain information about the reservation users.
> ** Although the file is created in the post_reserve subroutine, the information which would be contained in this file is not specific to the post_reserve stage.  Granted, a user could reference the file in a vcl_post_reserve script.  This is not the only situation where the file would be used so _post_reserve_ should not be included in the name.
> * It is noted that this file could potentially contain sensitive information.  However, the file is not removed when the computer is sanitized if the user never acknowledges the reservation.
> * Linux.pm::post_reserve is creating a file locally on the management node in /tmp and then copying it via SCP to the computer.
> ** Why not just use the _create_text_file_ subroutine?  It would be more efficient and would make the code more consistent.
> ** The file created in /tmp is not deleted after it is copied.  This is a problem if there is sensitive data in the file.
>
>> user provided data loaded at request time
>> -----------------------------------------
>>
>>                 Key: VCL-670
>>                 URL: https://issues.apache.org/jira/browse/VCL-670
>>             Project: VCL
>>          Issue Type: Improvement
>>          Components: database, vcld (backend), web gui (frontend)
>>         Environment: Primarily for server and cluster loads.
>>            Reporter: Aaron Peeler
>>            Priority: Minor
>>             Fix For: 2.4
>>
>>
>> Provide a method for users to upload data / content, that would be transferred to the loaded machine at load time.
>> There are cases where a unique config or some xml data might need to be applied to a reservation or image at load or reservation time.
>> The image creator would upload this generic data to along with the image profile, and would make use of the vcl_post_load and vcl_post_reserve.
>> Since this might be sensitive data, it should be stored in /root/.vclcontrol for linux and a similar location for windows.
>
>
>
> --
> This message was sent by Atlassian JIRA
> (v6.3.4#6332)



-- 
Aaron Peeler
Program Manager
Virtual Computing Lab
NC State University

All electronic mail messages in connection with State business which
are sent to or received by this account are subject to the NC Public
Records Law and may be disclosed to third parties.