mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2024-11-30 02:00:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
f1d61070cf
ceph-csi/pkg/rbd
History
ShyamsundarR bd204d7d45 Use --keyfile option to pass keys to all Ceph CLIs 
Every Ceph CLI that is invoked at present passes the key via the
--key option, and hence is exposed to key being displayed on
the host using a ps command or such means.

This commit addresses this issue by stashing the key in a tmp
file, which is again created on a tmpfs (or empty dir backed by
memory). Further using such tmp files as arguments to the --keyfile
option for every CLI that is invoked.

This prevents the key from being visible as part of the argument list
of the invoked program on the system.

Fixes: #318

Signed-off-by: ShyamsundarR <srangana@redhat.com>
2019-07-25 12:46:15 +00:00
..
controllerserver.go Use --keyfile option to pass keys to all Ceph CLIs 2019-07-25 12:46:15 +00:00
errors.go Support mounting and deleting version 1.0.0 RBD volumes 2019-07-08 15:40:17 +00:00
identityserver.go Replaces the references to the Kubernete Authors with the Ceph-CSI authors 2019-04-03 11:14:08 +02:00
nodeserver.go Use --keyfile option to pass keys to all Ceph CLIs 2019-07-25 12:46:15 +00:00
rbd_attach.go Use --keyfile option to pass keys to all Ceph CLIs 2019-07-25 12:46:15 +00:00
rbd_journal.go Modify RBD plugin to use a single ID and move the id and key into the secret 2019-06-24 13:46:14 +00:00
rbd_util.go Use --keyfile option to pass keys to all Ceph CLIs 2019-07-25 12:46:15 +00:00
rbd.go Update driver version during build time 2019-07-12 15:54:52 +05:30