Ofer Schreiber has uploaded a new change for review. Change subject: packaging: engine-setup - Add option to generate passwords ......................................................................
packaging: engine-setup - Add option to generate passwords Adds a new option to engine-setup: --generate-passwords. Using this option will allow administrators to run engine-setup in answer-file mode, so engine will ignore the passwords in the file, and will generates passwords of it's own, later can be changed via engine-config/postgres/configuration files. Change-Id: Ib1e8cfec87e908d8aa5f8d73db91b9c8b02480e1 Signed-off-by: Ofer Schreiber <[email protected]> --- M packaging/fedora/setup/basedefs.py M packaging/fedora/setup/common_utils.py M packaging/fedora/setup/engine-setup.py M packaging/fedora/setup/output_messages.py 4 files changed, 28 insertions(+), 2 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/81/10681/1 diff --git a/packaging/fedora/setup/basedefs.py b/packaging/fedora/setup/basedefs.py index d4fe310..62188c5 100644 --- a/packaging/fedora/setup/basedefs.py +++ b/packaging/fedora/setup/basedefs.py @@ -218,3 +218,6 @@ # Accepted JVMs should give an string matching this when executed with # the -version option: JAVA_VERSION = "1.7.0" + +# Random password default length +RANDOM_PASS_LENGTH = 12 diff --git a/packaging/fedora/setup/common_utils.py b/packaging/fedora/setup/common_utils.py index 581e4fe..b32d0e0 100755 --- a/packaging/fedora/setup/common_utils.py +++ b/packaging/fedora/setup/common_utils.py @@ -20,6 +20,8 @@ import tempfile import csv from miniyum import MiniYum +import string +import random """ ENUM implementation for python (from the vdsm team) @@ -1531,3 +1533,8 @@ logging.debug(msg) print msg raise Exception(msg) + +def generatePassword(length): + chars = string.ascii_letters + string.digits + '!@#$%^&()' + randomizer = random.SystemRandom() + return ''.join(randomizer.choice(chars) for char in xrange(length)) diff --git a/packaging/fedora/setup/engine-setup.py b/packaging/fedora/setup/engine-setup.py index f347e78..f3a8f1c 100755 --- a/packaging/fedora/setup/engine-setup.py +++ b/packaging/fedora/setup/engine-setup.py @@ -1967,6 +1967,11 @@ controller.CONF["DB_PASS"] = controller.CONF[passkey] break + # Override passwords with random if needed + controller.CONF["AUTH_PASS"] = utils.generatePassowrd(basedefs.RANDOM_PASS_LENGTH) + if controller.conf["DB_LOCAL_PASS"]: # Override db password only if db is local + controller.CONF["DB_PASS"] = utils.generatePassowrd(basedefs.RANDOM_PASS_LENGTH) + # Run main setup logic runSequences() @@ -2039,8 +2044,9 @@ parser = OptionParser(usage) parser.add_option("--gen-answer-file", help="Generate a template of an answer file, using this option excludes all other option") parser.add_option("--answer-file", help="Runs the configuration in non-interactive mode, extracting all information from the \ - configuration file. using this option excludes all other option") + configuration file. using this option excludes all other option except --random-passwords") parser.add_option("--no-mem-check", help="Disable minimum memory check", action="store_true", default=False) + parser.add_option("--random-passwords", help="Override passwords with random passwords", action="store_true", default=False) # For each group, create a group option for group in controller.getAllGroups(): @@ -2124,6 +2130,15 @@ #replace _ with - for printing's sake raise Exception(output_messages.ERR_ONLY_1_FLAG % "--%s" % flag.replace("_","-")) +def validateAnswerFileParam(options): + counter = countCmdLineFlags(options, "answer_file") + counter += countCmdLineFlags(options, "random_passwords") + if counter > 2: + optParser.print_help() + print + #replace _ with - for printing's sake + raise Exception(output_messages.ERR_ONLY_2_FLAGS % "--answer-file --random-passwors") + def initPluginsConfig(): for plugin in controller.getAllPlugins(): plugin.initConfig(controller) @@ -2169,7 +2184,7 @@ else: # Make sure only --answer-file was supplied if options.answer_file: - validateSingleFlag(options, "answer_file") + validateAnswerFileParam(options) confFile = options.answer_file if not os.path.exists(confFile): raise Exception(output_messages.ERR_NO_ANSWER_FILE % confFile) diff --git a/packaging/fedora/setup/output_messages.py b/packaging/fedora/setup/output_messages.py index 5997d81..83de5e2 100644 --- a/packaging/fedora/setup/output_messages.py +++ b/packaging/fedora/setup/output_messages.py @@ -404,6 +404,7 @@ # Command line parsing errors: ERR_ONLY_1_FLAG="Error: The %s flag is mutually exclusive to all other command line options" +ERR_ONLY_2_FLAGS="Error: The %s flag is mutually exclusive to all other command line options except %s" ERR_NO_ANSWER_FILE="Error: Could not find file %s" ERR_EXP_EDIT_PSQL_CONF="Error: failed editing %s" % basedefs.FILE_PSQL_CONF -- To view, visit http://gerrit.ovirt.org/10681 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Ib1e8cfec87e908d8aa5f8d73db91b9c8b02480e1 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Ofer Schreiber <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
