[one-users] Error starting the one service for version 1.3.8 and subversion
Shi Jin
jinzishuai at gmail.com
Fri Jul 31 17:54:30 PDT 2009
Thanks.
This sounds better but for the security centric people they may still
scream with a plain text password file.
Anyway, could you please explain a bit on why we need a plain text
password in the first place?
In the 1.2.x version, we didn't need it and everything is done via the
ssh without password (via authorized_keys file).
One might argue that it is in fact the same file level protection here
but at least one can not know the password itself even if it is
breached.
I don't think this will affect us in a very significant way but I am
curious about it.
Thank you very much.
Shi
On Fri, Jul 31, 2009 at 5:50 PM, Ruben S. Montero<rubensm at dacya.ucm.es> wrote:
> Hi,
>
> Yes you are totally right storing a password in an env variable
> presents serious security risks. This is an issue of the current beta,
> we plan to move ONE_AUTH to point to a file that contains the
> user:password token. This file must be protected with the standard
> file system mechanisms.
>
> Does it makes sense to you?
>
> Cheers!
>
> Ruben
>
> On Fri, Jul 31, 2009 at 9:50 PM, Shi Jin<jinzishuai at gmail.com> wrote:
>> Thank you very much Tino.
>> Indeed, I have to set ONE_AUTH=oneadmin:<password> to get one start
>> to work properly.
>> I only set it to oneadmin before and it didn't work.
>> However, isn't this a serious security hole?
>> Am I missing something here?
>>
>> Thanks.
>>
>> Shi
>>
>> On Fri, Jul 31, 2009 at 10:39 AM, Tino Vazquez<tinova at fdi.ucm.es> wrote:
>>> Hi Shi Jin,
>>>
>>> This looks like a DB issue. Please delete your
>>> $ONE_LOCATION/var/one.db and try running OpenNebula again.
>>>
>>> Also, make sure that $ONE_AUTH variable is set for oneadmin user.
>>>
>>> Hope it helps,
>>>
>>> -Tino
>>>
>>> --
>>> Constantino Vázquez, Grid Technology Engineer/Researcher:
>>> http://www.dsa-research.org/tinova
>>> DSA Research Group: http://dsa-research.org
>>> Globus GridWay Metascheduler: http://www.GridWay.org
>>> OpenNebula Virtual Infrastructure Engine: http://www.OpenNebula.org
>>>
>>>
>>>
>>> On Fri, Jul 31, 2009 at 5:22 AM, Shi Jin<jinzishuai at gmail.com> wrote:
>>>> Hi there,
>>>>
>>>> I wanted to try the version 1.3.8 and was able to build the source
>>>> code both from the tar ball and the subversion source tree.
>>>> However, when I tried to start the service, I got
>>>> oneadmin at xubuntu:~$ one start
>>>> terminate called without an active exception
>>>> Error executing /opt/ONE138/bin/oned.
>>>>
>>>> This is something I haven't seen in the 1.2.x versions. Please advice
>>>> on what could be wrong here.
>>>> Thank you very much.
>>>>
>>>>
>>>> --
>>>> Shi Jin, Ph.D.
>>>> VP Technology and CTO
>>>> VrSTORM Inc.
>>>> 108 Advanced Technology Centre
>>>> 9650-20 Ave, Edmonton, AB T6N 1G1
>>>> Office Phone: 780-497-8676
>>>> Cell Phone: 780-964-8778
>>>> Email: shiJ at vrstorm.com
>>>> http://www.vrstorm.com/
>>>> _______________________________________________
>>>> Users mailing list
>>>> Users at lists.opennebula.org
>>>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>>>>
>>> _______________________________________________
>>> Users mailing list
>>> Users at lists.opennebula.org
>>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opennebula.org
>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>>
>
>
>
> --
> +---------------------------------------------------------------+
> Dr. Ruben Santiago Montero
> Associate Professor
> Distributed System Architecture Group (http://dsa-research.org)
>
> URL: http://dsa-research.org/doku.php?id=people:ruben
> Weblog: http://blog.dsa-research.org/?author=7
>
> GridWay, http://www.gridway.org
> OpenNebula, http://www.opennebula.org
> +---------------------------------------------------------------+
>
--
Shi Jin, Ph.D.
More information about the Users
mailing list