Page MenuHomePhabricator

[wmcs-cookbooks] SAL messages are shown differently when logging via wm-bot
Open, LowPublic


When running WMCS cookbooks from a laptop (or from any host that is not allowed to send TCP messages to tcpircbot on, we send SAL messages through wm-bot instead.

These messages have the same format {user}@{host} {message}, but user and host could be easily spoofed so we are currently not displaying those in the second column of and instead we display <wm-bot2> in that column, and user@host at the start of the message.

It would be nice to have a more consistent output, and to prevent users from spoofing the username/hostname.

Screenshot 2023-09-18 at 14.47.41.png (208×2 px, 100 KB)

Event Timeline

fnegri moved this task from Backlog to wmcs-cookbooks on the Cloud-VPS board.

Change 958439 had a related patch set uploaded (by FNegri; author: FNegri):

[labs/tools/stashbot@master] Parse user@host in wm-bot2 messages

One option could be to connect to wm-bot through a proxy host (e.g., and display the username on that host (e.g. fnegri@tools-sgebastion-10). In this way we could also increase the security of wm-bot that is currently openly accessible on the internet.

fnegri added a subscriber: taavi.

@dcaro suggested we could in the meantime add a prefix like wmbot. to the user@host string, so that we know it was received from wm-bot and it could be spoofed. I have updated my patch to do this. Restricting access to wm-bot and enforcing a proper authentication could be handled in a separate task.