On 01/21/2018 04:28 PM, Fil Di Noto via FreeIPA-users wrote:
I've been using Vaults, I feel like I need some kind of version control,
or historical log of values to recover from mistakenly overwriting
vaults. What do most do?
I notice that some docs have vault-add commands with a --source-vault-id
option. My ipa version doesn't have these options. Are they upcoming or
were they removed?
Hi,
if you are referring to
https://www.freeipa.org/page/V4/Password_Vault_2.0 this page was
probably written before the actual implementation and the content not
updated (the overview clearly states "The content may still change due
to an active development").
The official documentation is available at
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/vault
vault-add does not provide this --source-vault-id.
Another option I don't have is --stdout, for vault-retrieve. I was
looking for ways to pipe or set variables without writing to disk.
You can user vault-retrieve without the --out option and the secret data
will be printed in the command output. Then you just need to use grep
and awk to extract the data, and base64 decode the result:
ipa vault-retrieve $VAULT_NAME --password=$VAULT_PASSWORD | grep Data |
awk -F': ' '{print $2}' | base64 -d
HTH,
Flo
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
