[openstack-dev] Unified Guest Agent proposal

Kurt Griffiths kurt.griffiths at rackspace.com
Mon Dec 9 18:23:02 UTC 2013


This list of features makes me very nervous from a security standpoint. Are we talking about giving an agent an arbitrary shell command or file to install, and it goes and does that, or are we simply triggering a preconfigured action (at the time the agent itself was installed)?

From: Steven Dake <sdake at redhat.com<mailto:sdake at redhat.com>>
Reply-To: OpenStack Dev <openstack-dev at lists.openstack.org<mailto:openstack-dev at lists.openstack.org>>
Date: Monday, December 9, 2013 at 11:41 AM
To: OpenStack Dev <openstack-dev at lists.openstack.org<mailto:openstack-dev at lists.openstack.org>>
Subject: Re: [openstack-dev] Unified Guest Agent proposal

In terms of features:
* run shell commands
* install files (with selinux properties as well)
* create users and groups (with selinux properties as well)
* install packages via yum, apt-get, rpm, pypi
* start and enable system services for systemd or sysvinit
* Install and unpack source tarballs
* run scripts
* Allow grouping, selection, and ordering of all of the above operations
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20131209/20ae890a/attachment.html>


More information about the OpenStack-dev mailing list