On Fri, Aug 25, 2017 at 10:19 AM, Ziyue Yang <ziyang(a)redhat.com> wrote:
Hi,
On Thu, Aug 24, 2017 at 5:02 PM, Xunlei Pang <xpang(a)redhat.com> wrote:
> On 08/24/2017 at 02:00 PM, Ziyue Yang wrote:
> > ssh target of link local ipv6 might have network interface
> > name prefixed by 'kdump-', which is not in known_hosts while
> > dumping, leading to failure in dump_ssh.
> >
> > This commit makes dump_ssh cancel 'StrictHostKeyChecking'
> > for link local ipv6 address cases in order to bypass the
> > known_hosts, for it's not possible to add 'kdump-' variants
> > in hashed known_hosts if there is any need.
> >
> > Signed-off-by: Ziyue Yang <ziyang(a)redhat.com>
> > ---
> > dracut-kdump.sh | 10 +++++++++-
> > 1 file changed, 9 insertions(+), 1 deletion(-)
> >
> > diff --git a/dracut-kdump.sh b/dracut-kdump.sh
> > index b75c2a5..bbb8a45 100755
> > --- a/dracut-kdump.sh
> > +++ b/dracut-kdump.sh
> > @@ -71,10 +71,18 @@ dump_raw()
> >
> > dump_ssh()
> > {
> > - local _opt="-i $1 -o BatchMode=yes -o StrictHostKeyChecking=yes"
> > + local _opt="-i $1 -o BatchMode=yes"
> > local _dir="$KDUMP_PATH/$HOST_IP-$DATEDIR"
> > local _host=$2
> >
> > + # cancel HostKeyChecking for link-local ipv6 address
> > + # with "kdump-" prefixed interface name
> > + if is_ipv6_link_local $(get_remote_host $_host); then
>
> To be precise, is_ipv6_link_local() is insufficient, I guess we can
> compare it with "%kdump-eth*" directly.
>
Dave suggested that we should keep 'kump-' related code in the same place.
Maybe we can wrap 'kdump-' as a global variable, like
KDUMP_NETWORK_INTERFACE_PREFIX?
Another problem might be name clash with origin name. Suggest a customer
has their network interface name named with "kdump-eth*" pattern before
running kdump, we should not close the checking in this condition. Is there
a way to pass whether there was an activity of modifying ifname to dump_ssh
neatly?
> > + _opt+=" -o StrictHostKeyChecking=no"
> > + else
> > + _opt+=" -o StrictHostKeyChecking=yes"
> > + fi
> > +
> > echo "kdump: saving to $_host:$_dir"
> >
> > cat /var/lib/random-seed > /dev/urandom
>
>