proxmox-mirrors/pve-manager
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-manager synced 2025-08-15 11:17:59 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

pvestatd: rotate auth keys if necessary

Browse Source 
as a fallback to ensure rotation even if no logins happen on a given
cluster.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
This commit is contained in:
Fabian Grünbichler 2019-03-13 15:01:34 +01:00 committed by Thomas Lamprecht
parent 0cfc685654
commit 5ea29d1398
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
PVE/Service/pvestatd.pm
View File

@ -21,6 +21,7 @@ use PVE::LXC::Config;
use PVE::RPCEnvironment; use PVE::RPCEnvironment;
use PVE::API2::Subscription; use PVE::API2::Subscription;
use PVE::AutoBalloon; use PVE::AutoBalloon;
use PVE::AccessControl;
use PVE::Status::Plugin; use PVE::Status::Plugin;
use PVE::Status::Graphite; use PVE::Status::Graphite;
@ -440,6 +441,10 @@ sub update_storage_status {
} }
} }
sub rotate_authkeys {
PVE::AccessControl::rotate_authkey() if !PVE::AccessControl::check_authkey(1);
}
sub update_status { sub update_status {
# update worker list. This is not really required and # update worker list. This is not really required and
@ -491,6 +496,13 @@ sub update_status {
}; };
$err = $@; $err = $@;
syslog('err', "lxc console cleanup error: $err") if $err; syslog('err', "lxc console cleanup error: $err") if $err;
eval {
rotate_authkeys();
};
$err = $@;
syslog('err', "authkey rotation error: $err") if $err;
} }
my $next_update = 0; my $next_update = 0;