Community mailing list archives

community@mail.odoo.com

RE: stop odoo using rpc api??

by
Van Hirtum Johan
- 08/01/2016 09:03:45

Robert,

 

I think you stop Odoo from in Odoo. You write an server action that activates a server script, located in the Odoo main directory. Then you bind this action to a button on a form with only admin access. Maybe extra protected by an extra password. When you push the button, the script is run ( when you want even as sudo ) and Odoo is shut down the normal way. You could even make a script that shut Odoo down and restart the server after 10 sec. Of course, the moment Odoo is down, you can, no longer use Odoo to do what so ever, so manually restart can not work.

 

With kind regards,

 

 

Van Hirtum Johan

 

Van: robert rottermann [mailto:robert@redcor.ch]
Verzonden: maandag 1 augustus 2016 14:28
Aan: Community
Onderwerp: Re: stop odoo using rpc api??

 

On 01.08.2016 14:12, Dominique Chabord wrote:

> 2016-08-01 13:09 GMT+02:00 robert rottermann <robert@redcor.ch>:> On 01.08.2016 12:37, Dominique Chabord wrote: >> 2016-08-01 12:22 GMT+02:00 

> robert rottermann <robert@redcor.ch>:> On >> 01.08.2016 12:02, Dominique 

> Chabord wrote: >> hi, >> >> I hope not ;-) >> >> regards > sorry, i might not 

> have been clear enough. > I would like to be >> able >> to do that. > > 

> otherwise I have to close the running server using some >> shell >> commands , 

> > which > would be far less elegant. >> >> ok, I hope noboby can stop Odoo's 

> saas with an appropriate request. >> There isn't anything elegant in bypassing 

> a server administration >> rules. Odoo daemon should not be allowed to stop 

> itself on a >> reasonably administrated server, nevertheless you may develop a 

> piece >> of code to make it crash (many succeed) , but just an opinion about 

> >> what elegance can be ;-) > agreed, and only being able to stop a server by 

> killing it, strikes me as > utterly inelegant.

>

 

> but it is the way it is designed since the beginning of multi-task

> operating systems.

> kill -x indicates to the process the level x of the interruption, then

> the process does what it has to do.

> kill is a system function that you can call in any code, no need to

> use the shell command which embeds it.

i know how to kill a process. that is not the issue here..

>

 

> > > however I would like to learn, why you think having a well define shut down 

> > procedure is bad?

>

 

> A daemon should be stopped with the same system privileges used to

> start it. For exemple, the --stop-after-init option is correct. A

> worker should not shutdown the main process which started it.

> On RPC call, you wouldn't need to get  system privileges to act on the

> server. Usually it is a definition of "security breach". A simple

> exploit would be to stop the service for all users on all databases.

as I said in my answer to Alexandre, I am sceptical that this is true ..

> On the other hand, there are already worse topics of concern.

but the daemon knows nothing about the daemonised process.

the user or some other service however might

 

I can live with the situation ..

robert

 

_______________________________________________
Mailing-List: https://www.odoo.com/groups/community-59
Post to: mailto:community@mail.odoo.com
Unsubscribe: https://www.odoo.com/groups?unsubscribe