BIND 10 #2641: Disable default account, require authentication setup during initialization

BIND 10 Development do-not-reply at isc.org
Thu Feb 28 16:43:01 UTC 2013 

#2641: Disable default account, require authentication setup during initialization
-------------------------------------+-------------------------------------
            Reporter:  shane         |                        Owner:
                Type:  enhancement   |  jinmei
            Priority:  very high     |                       Status:
           Component:  bind-ctl      |  reviewing
            Keywords:                |                    Milestone:
           Sensitive:  0             |  Sprint-20130305
         Sub-Project:  Core          |                   Resolution:
Estimated Difficulty:  4             |                 CVSS Scoring:
         Total Hours:  0             |              Defect Severity:  N/A
                                     |  Feature Depending on Ticket:
                                     |          Add Hours to Ticket:  0
                                     |                    Internal?:  0
-------------------------------------+-------------------------------------
Changes (by muks):

 * owner:  muks => jinmei


Comment:

 Hi Jinmei

 Replying to [comment:21 jinmei]:
 > Related, I wonder whether we still need these messages:
 >
 > {{{#!python
 >         except ssl.SSLError as err:
 >             self._print("SSL error while sending login information: ",
 err)
 >             if err.errno == ssl.SSL_ERROR_EOF:
 >                 self.__print_check_ssl_msg()
 >         except socket.error as err:
 >             self._print("Socket error while sending login information:
 ", err)
 >             # An SSL setup error can also bubble up as a plain
 CONNRESET...
 >             # (on some systems it usually does)
 >             if err.errno == errno.ECONNRESET:
 >                 self.__print_check_ssl_msg()
 >             pass
 > }}}

 If such exceptions are raised (due to any environmental reasons),
 they'll go unhandled. So maybe there's no harm in leaving them there.

 > I'd also note that this message isn't shown once the local password
 > cache (~/.bind10) is created.  I'm not sure that was your intent, but
 > in any case I think the behavior makes sense.

 A different message is shown on purpose when `default_user.csv` exists
 (which indicates the user has logged in successfully at some point in
 the past).

 > There's one remaining open points: in cmdctl.py.in, I'd still like to
 > avoid hardconding 'tests/testdata':
 > {{{#!python
 >             sysconf_path = os.environ["B10_FROM_SOURCE"] +
 "/src/bin/cmdctl/"
 >             accountsfile  = sysconf_path + "tests/testdata/cmdctl-
 accounts.csv"
 > }}}
 > one way is to keep it under
 > `os.environ["B10_FROM_SOURCE"] + "/src/bin/cmdctl/"` as before,
 > although you may not like it as this file is now also used in unit
 > tests.  In that case, an alternative would be to copy
 > tests/testdata/cmdctl-accounts.csv to {top_builddir}/src/bin/cmdctl
 > (or even directly on top_builddir) and refer to it from cmdctl.py.in
 > when B10_FROM_BUILD is defined.

 I've moved it back to `os.environ["B10_FROM_SOURCE"] + "/src/bin/cmdctl/"`
 as before.

-- 
Ticket URL: <http://bind10.isc.org/ticket/2641#comment:23>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development

More information about the bind10-tickets mailing list