Hi,
On Thu, Aug 24, 2017 at 5:02 PM, Xunlei Pang <xpang(a)redhat.com> wrote:
On 08/24/2017 at 02:00 PM, Ziyue Yang wrote:
> ssh target of link local ipv6 might have network interface
> name prefixed by 'kdump-', which is not in known_hosts while
> dumping, leading to failure in dump_ssh.
>
> This commit makes dump_ssh cancel 'StrictHostKeyChecking'
> for link local ipv6 address cases in order to bypass the
> known_hosts, for it's not possible to add 'kdump-' variants
> in hashed known_hosts if there is any need.
>
> Signed-off-by: Ziyue Yang <ziyang(a)redhat.com>
> ---
> dracut-kdump.sh | 10 +++++++++-
> 1 file changed, 9 insertions(+), 1 deletion(-)
>
> diff --git a/dracut-kdump.sh b/dracut-kdump.sh
> index b75c2a5..bbb8a45 100755
> --- a/dracut-kdump.sh
> +++ b/dracut-kdump.sh
> @@ -71,10 +71,18 @@ dump_raw()
>
> dump_ssh()
> {
> - local _opt="-i $1 -o BatchMode=yes -o StrictHostKeyChecking=yes"
> + local _opt="-i $1 -o BatchMode=yes"
> local _dir="$KDUMP_PATH/$HOST_IP-$DATEDIR"
> local _host=$2
>
> + # cancel HostKeyChecking for link-local ipv6 address
> + # with "kdump-" prefixed interface name
> + if is_ipv6_link_local $(get_remote_host $_host); then
To be precise, is_ipv6_link_local() is insufficient, I guess we can
compare it with "%kdump-eth*" directly.
Dave suggested that we should keep 'kump-' related code in the same place.
Maybe we can wrap 'kdump-' as a global variable, like
KDUMP_NETWORK_INTERFACE_PREFIX?
> + _opt+=" -o StrictHostKeyChecking=no"
> + else
> + _opt+=" -o StrictHostKeyChecking=yes"
> + fi
> +
> echo "kdump: saving to $_host:$_dir"
>
> cat /var/lib/random-seed > /dev/urandom