-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Josselin Mouette wrote: > No one sane uses rsh on production environments nowadays. Please make > ssh the default module.
I disagree with your point here. I know of at least of couple organizations who make use of pdsh using rsh. Clearly, using rsh carries security implications. However, that doesn't mean that there is no sane way to use it. I have seen pdsh used via rsh on clusters that are only available to a small group of users. The security is handled by only allowing certain users to issue remote commands. In this case, it makes more sense to use rsh, because the overhead for sending an rsh command is much lower than sending a command via ssh. I also am uncomfortable with making ssh the default module out of the box, because upgrading would break any users who are currently using pdsh via the rsh rcmd module. > I thought it was only an important bug, but I'm making it RC, as policy > 9.9 says a program MUST NOT depend on environment variables to get > reasonable defaults. (I'm sure Steve will downgrade it if the release > team thinks it's not critical enough :) For the reasons I mentioned above, I believe the rsh is a reasonable default. So, this policy does not apply. I believe that this bug is not RC, and I think that important is probably too strong, because I don't think this has a strong impact on pdsh's usability. It is merely inconvenient. I would classify this bug as either normal or wishlist. > At the very least, there should be a > configuration file to set this without using an environment variable. I agree with you. I'm willing to look into adding a configuration to specify the default rcmd module. I should note that the latest version of pdsh (2.10) has some additional methods of choosing the rcmd module, and I plan on uploading the new version soon. One of the methods allows you to specify target host defaults in the genders database. However, it still does not provide a way to alter the default for unspecified hosts. > On a side note, /usr/lib/pdsh contains .a and .la files, which should be > removed because they aren't used at all. I'll file this under a separate bug. - -Brian -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEmHFwdeHB6XEPaOIRAqKBAJ4tMKtnpSPzxLy2W+ikIQ/3WhK/UgCeJNwc uvRxesGf9ApSn2l4zFZiY/4= =KqVJ -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
