November 18th Wednesday

  Distributed Erlang is useful in the situation where you own all the machines and want to control all the machines from a single machine.  But this model of computation is not suited to the situation where different people own the individual machines and want to control exactly which software can be executed on their machines.

 

  The communication between two distributed Erlang nodes can be free, if they both have the same magic cookie.  There are three ways to set the cookie:

 

  •   Method 1: Store the same cookie in the file $HOME/.erlang.cookie. This file contains a random string and is automatically created the first time Erlang is run on your machine.

 

  This file can be copied to all machines that we want to participate in a distributed Erlang session. Alternatively, we can explicitly set the value.

 

  For example, on a Linux system, we could give the following commands:


  $ cd
  $ cat > .erlang.cookie
  AFRTY12ESS3412735ASDF12378
  $ chmod 400 .erlang.cookie


  The chmod makes the .erlang.cookie file accessible only by the owner of the file.

 

  •   Method 2: When Erlang is started, we can use the command-line argument -setcookie C to set the magic cookie to C. For example:

 

  $ erl -setcookie AFRTY12ESS3412735ASDF12378 ...

 

  •   Method 3: The BIF erlang:set_cookie(node(), C) sets the cookie of the local node to the atom C.

  Note: If your environment is insecure, then method 1 or 3 is better than method 2 since on a Unix system anybody can discover your cookie using the ps command.

 

Security

 

  Authentication determines which nodes are allowed to communicate with each other. In a network of different Erlang nodes, it is built into the system at the lowest possible level. Each node has its own magic cookie, which is an Erlang atom.

 

  When a nodes tries to connect to another node, the magic cookies are compared. If they do not match, the connected node rejects the connection.

 

  At start-up, a node has a random atom assigned as its magic cookie and the cookie of other nodes is assumed to be nocookie. The first action of the Erlang network authentication server (auth) is then to read a file named $HOME/.erlang.cookie. If the file does not exist, it is created.

 

  The UNIX permissions mode of the file is set to octal 400 (read-only by user) and its contents are a random string. An atom Cookie is created from the contents of the file and the cookie of the local node is set to this using erlang:set_cookie(node(), Cookie). This also makes the local node assume that all other nodes have the same cookie Cookie.

 

  Thus, groups of users with identical cookie files get Erlang nodes which can communicate freely and without interference from the magic cookie system. Users who want run nodes on separate file systems must make certain that their cookie files are identical on the different file systems.

 

  For a node Node1 with magic cookie Cookie to be able to connect to, or accept a connection from, another node Node2 with a different cookie DiffCookie, the function erlang:set_cookie(Node2, DiffCookie) must first be called at Node1. Distributed systems with multiple user IDs can be handled in this way.

 

  The default when a connection is established between two nodes, is to immediately connect all other visible nodes as well. This way, there is always a fully connected network. If there are nodes with different cookies, this method might be inappropriate and the command line flag -connect_all false must be set.  The magic cookie of the local node is retrieved by calling erlang:get_cookie().

你可能感兴趣的:(erlang,authentication,random,permissions,file,cookies)