Discussion on openbmc issue #430

Patrick Williams patrick at stwcx.xyz
Sat Aug 13 00:17:02 AEST 2016 

Tom,

Thanks for sending this out to the broader community.

Few comments below...

On Fri, Aug 12, 2016 at 07:26:24PM +0530, tomjose wrote:
> *Registering Callback Routines:-*
> -----------------------------------------------
> 1) Open the IPMI library path(/usr/lib/phosphor-host-ipmid)

I would prefer we have a new directory '/usr/lib/phosphor-net-ipmid' for
the RMCP libraries.  We can create symlinks between the two repos as
appropriate.

The reason for this is two-fold:
   1) I suspect there will be some of the OEM commands that we will want
      to expose in-band only.
   2) There are commands that may want similarly excluded from the
      in-band path due to security concerns (even though we have the
      white-list support).

We might want to have a '/usr/lib/ipmid-providers' as the default
install location for all providers and then symlink into both
phosphor-net and phosphor-host as appropriate.

> 2) Scan for libraries that end with .so

Keep in mind you'll need to deal with versioned .so's as well.  We had
to add that support to host-ipmid recently.

> 3) Do a dlopen that would register the handlers for the callback routines.
> The data that is currently registered for each command: Net Function, 
> Command and Functor.

There are a few providers that register for dbus callbacks so they can
monitor signals.  We'll need to discuss a little more I think on what
the expectation is here.  Maybe the way we are doing dbus callbacks
isn't appropriate to begin with, or maybe the callbacks are for host
alerts and not needed in the network path?

> *SessionLess Commands :-
> *-------------------------------------*
> *
> This would mention whether the command can be executed without a 
> session. For example
> Get Channel Capabilities can be executed without a session.

How do we identify session-less commands?  Should this be an enhancement
to the registration API?

> *Minimum Privilege Required to Execute the command :-
> *---------------------------------------------------------------------------------*
> 
> *This field would mention the minimum privilege of the session required 
> to execute the
> command. Before executing any command on a session, the command would be 
> executed
> only if the command privilege level is less than or equal to session 
> privilege level.
> The privilege levels are Administrator, Operator, User and Callback and OEM

Are these privilege levels something intrinsic in IPMI or something you
came up with?

We plan to integrate the ipmi server into the same BMC user list as the
REST interface.  I think we need to identify these roles and then allow
unix-group membership to determine which commands can be ran.

We have a feature to be implemented for the REST interface to define
group membership requirements for dbus / REST calls as well.

How should providers specify these?

-- 
Patrick Williams
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.ozlabs.org/pipermail/openbmc/attachments/20160812/a2bcb3e0/attachment.sig>

More information about the openbmc mailing list