Main inclusion report for rhcluster

Author: Martin Pitt


1. Availability:; one of its debs generates libdlm-dev which is already in main, transition has already been done. Other packages are in universe now.

2. Rationale: In the server world there is a great demand for integrated and out of the box clustering solutions. It is less interesting for Desktop users. Some parts of these tools are already packaged in standalone source packages, now Fabio packaged all tools in a common source package.

3. Security:

  • No CANs.
  • No Secunia record.
  • Supported by Red Hat.
  • Client binaries are run by root with root privileges, thus no privilege escalation potential in them.
  • Daemon runs in kernel space, and is not shipped in this package; however, it cannot actually be used without these tools, so if this package is in main, we automatically support the daemon, too.
  • Quick examplary code review for gnbd.c: Checked array accesses, but lots of unchecked sprintf() calls (I did not check whether they can actually overflow).

  • Since it is necessary to have open ports for the daemon, any bug can potentially lead to remote root privilege escalation.

4. QA:

  • Installation: Command line tools for admins; documentation is provided, cluster needs to be configured (there is no sane default configuration). There is also a GUI now.
  • Bugs:
    • No relevant bugs in Debian BTS for the packages already present in Debian.
    • No bugs in Malone.
    • Some high severity bugs in upstream BTS: GFS, most are dealt with fast.

    • Responsive and good upstream.
  • Hardware interaction: needs a couple of connected hosts, nothing special in that area.

5. Standards compliance:

  • Standard debhelper packaging.

  • FHS met.
  • Debian package and library policy met.
  • libccs-dev and libiddev-dev ship only a static library, which becomes a problem if many packages build-depend on them. So far none do, though.


MartinPitt: approved

MainInclusionReportRhCluster (last edited 2008-08-06 16:33:55 by localhost)