arif/xcat-core
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Have slpdiscover ultimately relax password expiry, login failure behavior, password reuse restrictions, minimal change interval to help automation work and

Browse Source 
avoid DoS attacks

git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/trunk@14176 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd
This commit is contained in:
jbjohnso 2012-10-31 15:21:45 +00:00
parent 545281c97f
commit 5604a61f53
2 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
xCAT-server/lib/xcat/plugins/blade.pm
View File

@ -4286,6 +4286,10 @@ sub clicmds {
push @cfgtext,"The current account password has expired, please modify it first";
return ([1,\@unhandled,"Management module refuses requested password as insufficiently secure, try another password"]);
}
$t->waitfor(match=>"/system> /");
$t->cmd("accseccfg -rc 0 -pe 0 -pi 0 -ct 0 -lp 0 -lf 0 -T system:mm[1]");
$t->waitfor(match=>"/system> /");
$t->cmd("accseccfg -rc 0 -pe 0 -pi 0 -ct 0 -lp 0 -lf 0 -T system:mm[2]");
}
$t->waitfor(match=>"/system> /");
} elsif (not $t) {#ssh failed.. fallback to a telnet attempt for older AMMs with telnet disabled by default

1
xCAT-server/lib/xcat/plugins/slpdiscover.pm
View File

@ -238,6 +238,7 @@ sub setupIMM {
Errmode=>'return',
Prompt=>'/> $/');
if ($ssh and $ssh->atprompt) { #we are in and good to issue commands
$ssh->cmd("accseccfg -pe 0 -rc 0 -ci 0 -lf 0 -lp 0"); #disable the more insane password rules, this isn't by and large a human used interface
$ssh->cmd("users -1 -n ".$args{username}." -p ".$args{password}." -a super"); #this gets ipmi going
foreach my $ip (@ips) {
if ($ip =~ /:/) {