-
Notifications
You must be signed in to change notification settings - Fork 231
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Flexible release cookie #809
Flexible release cookie #809
Conversation
…le as a top level cookie source.
Apparently the release script can already reuse any cookie set in the COOKIE environment variable, so I guess this pull request can be dropped! |
…already taken into account. Yet it was shadowed if any -setcookie was set on the command-line, which is not the case anymore.
New proposed fix: using COOKIE (instead of any new ERLX_OVERRIDE_COOKIE) and ensuring that, if defined, it prevails over any other setting (namely any -setcookie on the command-line). |
…and synchronicity (is_alive) even in the absence of relx hooks.
Reaaaady to ship then!!! |
Ah sorry should have been left open in order to be merged. |
So this is adding There are some whitespace changes that need to be fixed in the PR but besides that I can probably merge this. Note, not sure if this was part of your thinking with the PR or not but just in case it was, the cookie will still be set in the command and thus visible in |
Yes, typically there might be in vm.args a Indeed the start/stop scripts (ex: triggered by systemd) would run a command like: (works great)
With said sudo/authbind, I could check that the right cookie is used (the application one), and I do not think it can be found with a ps (tried to grep it with a some-srv 3558692 3558690 0 18:03 pts/17 00:00:01 /opt/foobar-server/foobar-0.0.10/bin/foobar -A 128 -- -root /opt/foobar-server/foobar-0.0.10 -progname opt/foobar-server/foobar-0.0.10/bin/foobar -- -home /home/some-srv -epmd_port 44000 -- -boot /opt/foobar-server/foobar-0.0.10/releases/0.0.10/start -mode embedded -boot_var SYSTEM_LIB_DIR /usr/local/lib/erlang/lib -config /opt/foobar-server/foobar-0.0.10/releases/0.0.10/sys.config -name foobar -setcookie foobar_initial_cookie -- -- console --relx-disable-hooks --
OK, thanks! I thought I had respected the original whitespaces, I must have made a mistake (I rely on the Emacs whitespace.el clean-up a lot); I just looked at the resulting priv/templates/extended_bin yet I cannot see how whitespaces differ? |
I don't understand how this works if |
The release will start with this default cookie (as set in vm.args) then will read its general, single, higher-level configuration file, in which (among many other settings) a cookie might be defined by the user, in which case erlang:set_cookie/2 is used by this application to change dynamically the cookie it relies on. So An example thereof is https://github.com/Olivier-Boudeville/us-web/blob/65e2eea2fe92c0bd41f59d2fceddacdc505f4136/priv/bin/start-us-web.sh#L98 The interest of this procedure is to reduce the "attack surface" of a server, by ensuring (beyond strict firewalling policies) that it runs as an unprivileged user (despite opening TCP ports 80/443) , on a non-standard EPMD port, and (here) with a cookie that can be better protected in an (access-restricted) configuration file rather than being exposed to any local user, which can determine it (with a mere ps) and basically do everything he wants then with that VM. |
I see what I was missing, I thought the run commands like Ok, I think this makes sense then. |
@Olivier-Boudeville there are still white space changes that need to be cleaned up. |
Also, I'm hoping the VM will support an environment variable for the cookie in the next major release. Not knowing what that variable will be named I think it best to "namespace" this variable by naming it |
@tsloughter Hello Tristan, sorry for the differences that remained, I had missed them in meld's window. Must be fixed now. In my setting I auto-patch my release script with this change and 'daemon' works like a charm. Thanks! |
@Olivier-Boudeville looks good now just need the change to using |
@tsloughter Hello Tristan, I applied this change (one should note thus that any COOKIE environment variable will be thus ignored), please tell me if it is OK for integration. |
Thanks. Merging now. I created #814 to track that we need a test. I didn't want to block on it since it may not be so simple to run them for you, if it was just a test that runs with |
More flexible specification of the cookie of a release, to avoid that rpc operations fail in case of runtime cookie change.