[pve-devel] nexenta plugin problems

Dietmar Maurer dietmar at proxmox.com
Mon Aug 27 08:53:07 CEST 2012


Should we introduce some kind of generic storage for
such things (a store for secrets?)

/etc/pve/priv/secrets


> -----Original Message-----
> From: Alexandre DERUMIER [mailto:aderumier at odiso.com]
> Sent: Montag, 27. August 2012 08:49
> To: Stefan Priebe - Profihost AG
> Cc: pve-devel at pve.proxmox.com; Dietmar Maurer
> Subject: Re: [pve-devel] nexenta plugin problems
> 
> Hi, why not simply make a
> 
> /etc/pve/priv/nexenta/mynexentastorageid.cfg
> 
> with chmod 600.
> 
> (like ceph private key)
> 
> ----- Mail original -----
> 
> De: "Stefan Priebe - Profihost AG" <s.priebe at profihost.ag>
> À: "Dietmar Maurer" <dietmar at proxmox.com>
> Cc: "Alexandre DERUMIER" <aderumier at odiso.com>, pve-
> devel at pve.proxmox.com
> Envoyé: Lundi 27 Août 2012 08:20:03
> Objet: Re: [pve-devel] nexenta plugin problems
> 
> Am 27.08.2012 06:51, schrieb Dietmar Maurer:
> >> But all files under /etc/pve are readable by www-data group.
> >
> > Sorry, that is simply not true. Try
> >
> > # ls -l /etc/pve/priv/
> 
> Yes the group has no read privilege. But you can't change the group owner.
> 
> So what about:
> /etc/pve/storagepw.cfg with chmod 600 so that the pvedaemon is the only
> one who can read it.
> 
> greets,
> Stefan
> 
> 
> 
> --
> 
> --
> 
> 
> 
> 
> 
> Alexandre D e rumier
> 
> Ingénieur Systèmes et Réseaux
> 
> 
> Fixe : 03 20 68 88 85
> 
> Fax : 03 20 68 90 88
> 
> 
> 45 Bvd du Général Leclerc 59100 Roubaix
> 12 rue Marivaux 75002 Paris
> 



More information about the pve-devel mailing list