From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 25784 invoked by alias); 21 May 2009 14:27:15 -0000 Received: (qmail 25775 invoked by alias); 21 May 2009 14:27:14 -0000 X-SWARE-Spam-Status: No, hits=-2.2 required=5.0 tests=AWL,BAYES_00,SPF_HELO_PASS X-Spam-Status: No, hits=-2.2 required=5.0 tests=AWL,BAYES_00,SPF_HELO_PASS X-Spam-Check-By: sourceware.org X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on bastion2.fedora.phx.redhat.com Subject: cluster: RHEL5 - fence_apc_snmp: #498952 - product is affected by symlink attack vulnerabilities To: cluster-cvs-relay@redhat.com X-Project: Cluster Project X-Git-Module: cluster.git X-Git-Refname: refs/heads/RHEL5 X-Git-Reftype: branch X-Git-Oldrev: 8f7ef65924e8a48178e72ef359dc5a92091bb9e0 X-Git-Newrev: a1cb7f4397f4c66f912e1b2871707777b87e35ef From: =?utf-8?q?Marek_Gr=C3=A1c?= Message-Id: <20090521142631.90E8A1201FA@lists.fedorahosted.org> Date: Thu, 21 May 2009 14:27:00 -0000 X-Scanned-By: MIMEDefang 2.58 on 172.16.52.254 Mailing-List: contact cluster-cvs-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: cluster-cvs-owner@sourceware.org X-SW-Source: 2009-q2/txt/msg00353.txt.bz2 Gitweb: http://git.fedorahosted.org/git/cluster.git?p=cluster.git;a=commitdiff;h=a1cb7f4397f4c66f912e1b2871707777b87e35ef Commit: a1cb7f4397f4c66f912e1b2871707777b87e35ef Parent: 8f7ef65924e8a48178e72ef359dc5a92091bb9e0 Author: Marek 'marx' Grac AuthorDate: Thu May 21 16:21:43 2009 +0200 Committer: Marek 'marx' Grac CommitterDate: Thu May 21 16:21:43 2009 +0200 fence_apc_snmp: #498952 - product is affected by symlink attack vulnerabilities --- fence/agents/apc/fence_apc_snmp.py | 14 ++++++++------ 1 files changed, 8 insertions(+), 6 deletions(-) diff --git a/fence/agents/apc/fence_apc_snmp.py b/fence/agents/apc/fence_apc_snmp.py index fd85495..6c99758 100755 --- a/fence/agents/apc/fence_apc_snmp.py +++ b/fence/agents/apc/fence_apc_snmp.py @@ -49,7 +49,7 @@ def usage(): print " -p Login password"; print " -q quiet mode"; print " -V version"; - print " -v Log to file /tmp/apclog"; + print " -v Log to output file"; sys.exit(0); @@ -66,6 +66,7 @@ def main(): action = "outletReboot" status_check = False verbose = False + verbose_filename = "" if not glob('/usr/share/snmp/mibs/powernet*.mib'): sys.stderr.write('This APC Fence script uses snmp to control the APC power switch. This script requires that net-snmp-utils be installed on all nodes in the cluster, and that the powernet369.mib file be located in /usr/share/snmp/mibs/\n') @@ -73,7 +74,7 @@ def main(): if len(sys.argv) > 1: try: - opts, args = getopt.getopt(sys.argv[1:], "a:hl:p:n:o:vV", ["help", "output="]) + opts, args = getopt.getopt(sys.argv[1:], "a:hl:p:n:o:v:V", ["help", "output="]) except getopt.GetoptError: #print help info and quit usage() @@ -82,6 +83,7 @@ def main(): for o, a in opts: if o == "-v": verbose = True + verbose_filename = a if o == "-V": print "%s\n" % FENCE_RELEASE_NAME print "%s\n" % REDHAT_COPYRIGHT @@ -212,7 +214,7 @@ def main(): if status_check: if verbose: - fd = open("/tmp/apclog", "w") + fd = open(verbose_filename, "w") fd.write("Attempting the following command: %s\n" % cmdstr_status) strr = os.system(cmdstr_status) print strr @@ -223,7 +225,7 @@ def main(): else: if action == POWER_OFF: if verbose: - fd = open("/tmp/apclog", "w") + fd = open(verbose_filename, "w") fd.write("Attempting the following command: %s\n" % cmdstr_off) strr = os.system(cmdstr_off) time.sleep(1) @@ -242,7 +244,7 @@ def main(): elif action == POWER_ON: if verbose: - fd = open("/tmp/apclog", "w") + fd = open(verbose_filename, "w") fd.write("Attempting the following command: %s\n" % cmdstr_on) strr = os.system(cmdstr_on) time.sleep(1) @@ -264,7 +266,7 @@ def main(): elif action == POWER_REBOOT: if verbose: - fd = open("/tmp/apclog", "w") + fd = open(verbose_filename, "w") fd.write("Attempting the following command: %s\n" % cmdstr_off) strr = os.system(cmdstr_off) time.sleep(1)