[node-patches] Change in ovirt-node[master]: Mechanism to detect changed runtime images at boot

danken at redhat.com danken at redhat.com
Fri Jun 20 18:43:33 UTC 2014


Dan Kenigsberg has posted comments on this change.

Change subject: Mechanism to detect changed runtime images at boot
......................................................................


Patch Set 1:

(3 comments)

http://gerrit.ovirt.org/#/c/29005/1/src/ovirt/node/utils/hooks.py
File src/ovirt/node/utils/hooks.py:

Line 38:     known = ["pre-upgrade", "post-upgrade", "rollback", "on-boot",
Line 39:              "on-changed-boot-image"]
Line 40: 
Line 41:     legacy_hooks_directory = "/etc/ovirt-config-boot.d/"
Line 42:     hooks_path_tpl = "/usr/libexec/hooks/{name}"
A more "polite" directory name would be

  /usr/libexec/ovirt-node/hooks/{name}

("hooks" is not specific enough)
Line 43: 
Line 44:     @staticmethod
Line 45:     def post_auto_install():
Line 46:         Hooks.__run(Hooks.legacy_hooks_directory)


http://gerrit.ovirt.org/#/c/29005/1/src/ovirt/node/utils/image.py
File src/ovirt/node/utils/image.py:

Line 62:         """The "fingerprint" of an image can be used to distinguish two images
Line 63:         Or to identify an image.
Line 64:         """
Line 65:         imagefile = os.path.join(self.mountpoint(), "LiveOS", "squashfs.img")
Line 66:         squashinfo = process.check_output(["unsquashfs", "-s", imagefile])
Isn't this method terribly slow? I do not think we need cryptographically-safe fingerprint; a version number would do.

BTW, even if sha256 is required - why is unsquashfs?


http://gerrit.ovirt.org/#/c/29005/1/src/ovirt/node/utils/security.py
File src/ovirt/node/utils/security.py:

Line 261:         'fcde2b2edba56bf408601fb721fe9b5c338d10ee429ea04fae5511b68fbf8fb9'
Line 262:         """
Line 263:         hasher = {"sha256": hashlib.sha256,
Line 264:                   "sha512": hashlib.sha512}[self._algorithm]()
Line 265:         hasher.update(data)
I personally do not see the benefit of this wrapper class over a direct call to the hash function.


-- 
To view, visit http://gerrit.ovirt.org/29005
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I120326e25de0a0de3e117204777891591b91c604
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-node
Gerrit-Branch: master
Gerrit-Owner: Fabian Deutsch <fabiand at fedoraproject.org>
Gerrit-Reviewer: Dan Kenigsberg <danken at redhat.com>
Gerrit-Reviewer: automation at ovirt.org
Gerrit-Reviewer: oVirt Jenkins CI Server
Gerrit-HasComments: Yes



More information about the node-patches mailing list