Enahnce pacemaker.c

[jfriesse]

pacemaker.c is full of popen/system calls. This are not very safe (escape of arguments, need to run shell, ...) and it would be better to use exec and proper redirection (so stderr are split and could be logged). Another possibility might be to use some library instead of calling crm_ticket (if such library exists).

[clumens]

We have a long-standing project in pacemaker to move functionality from command line tools into libraries. Then the tools just wrap the library calls. I could start working on converting crm_ticket next if it would help here.

[jfriesse]

Perfect. I think it would be much safer and reliable to call function(s) instead of system/popen.