On 24/07/13 21:39, Nathan Scott wrote:
...
For remote fetching though (which this test does), SASL authentication
is the only way now. This is much harder to test (there are so many
different auth mechanisms) - I've started automated SASL testing but
its not generalised yet. Will get back to you when I have an example,
for now I'd _notrun it. There is no pmdaproc backdoor, credentials
must be presented ... should we consider adding one for back-compat?
I'd prefer not to, but guess we could go either way - it'd just take
a non-default command line option to disable the checks.
Having gone to the effort of addressing the authentication issues, I'd
prefer we leave it as is and do NOT provide a backdoor, and rework the
QA ... if as a policy, we don't want to allow remote access to these
metrics w/out authentication, then QA does not need to test it.
I'll move onto other things and await your developments ... I'm seeing
20+ failures per host on the first few I've tried this time round, so
there are lots of other gophers to smack.
|