[pve-devel] [PATCH v3 access-control/cluster/manager 0/5] auth key rotation
Thomas Lamprecht
t.lamprecht at proxmox.com
Thu Mar 14 11:30:46 CET 2019
On 3/13/19 3:01 PM, Fabian Grünbichler wrote:
> changes since v2:
> - clean up error handling for calls to cfs_lock_authkey
> - disable rotation until PVE 6.0
> - add posinst for smoother upgrading once rotation gets enabled
>
> changes since v1:
> - add rotation in pvestatd
> - accept tickets signed with current key if cluster is not quorate (no rotation possible)
> - rotate once every 24h
>
applied access-control stuff with fixups required, see patch replies for details.
delayed bumping and manager patch for now, I'd like that you re-check this also one
time to ensure it works, so that not additional work needs to be done.
More information about the pve-devel
mailing list