Dan Kenigsberg has submitted this change and it was merged.
Change subject: vdsClient: alternative ways to provide password
......................................................................
vdsClient: alternative ways to provide password
Current method to provide password for vdsClient commands is typing it
in the command line. The BZ1032525 requests to provide safer way.
The patch implements new alternatives to provide command's password
value instead of a plain text.
This change introduces an new field, 'auth=', usage:
* auth=[alt:value] with following posibilities:
** auth=file:path - read password from the first line of the file
pointed by path
** auth=env:name - read password from the environment variable 'name'
** auth=pass:password - use plaintext password, provided in case would
want to depricate the old format altogether.
This change affects the following commands:
Group 1:
* connectStorageServer
* disconnectStorageServer
* validateStorageServerConnection
Commands in this group pass password as part of conList format, such as
id=...,user=...,password=...
These commands can drop password= altogether, and use only auth=, if
both are provided, auth= takes precedence.
Group 2:
* desktopLogin
* discoverST
Commands in this group receive password as a mandatory argument, at
a known index, for example: [address] [user] [pass], to avoid breaking
compatibility, password argument has to be specified, even when using
auth=, where auth= can come anywhere after all the mandatory arguments.
For example: vdsClient someCommand 127.0.0.1 user - auth=method:...
(note the '-')
Group 3:
* setVmTicket
auth=... can be passed only after '--' parameter, to avoid collision
with the fifth optional parameter
For example:
vdsClient setVmTicket 127.0.0.1 user - disconnect -- auth=method:...
Bug-Url: https://bugzilla.redhat.com/1032525
Change-Id: I363a16e6a7872ca05e19d5f520bdba90fb492374
Signed-off-by: pkliczewski <[email protected]>
Signed-off-by: Alon Bar-Lev <[email protected]>
Signed-off-by: Dima Kuznetsov <[email protected]>
Reviewed-on: http://gerrit.ovirt.org/24733
Reviewed-by: Saggi Mizrahi <[email protected]>
---
M client/vdsClient.py
M tests/vdsClientTests.py
2 files changed, 492 insertions(+), 38 deletions(-)
Approvals:
Alon Bar-Lev: Looks good to me, but someone else must approve
Saggi Mizrahi: Looks good to me, approved
Dima Kuznetsov: Verified
--
To view, visit http://gerrit.ovirt.org/24733
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I363a16e6a7872ca05e19d5f520bdba90fb492374
Gerrit-PatchSet: 22
Gerrit-Project: vdsm
Gerrit-Branch: master
Gerrit-Owner: Piotr Kliczewski <[email protected]>
Gerrit-Reviewer: Alon Bar-Lev <[email protected]>
Gerrit-Reviewer: Barak Azulay <[email protected]>
Gerrit-Reviewer: Dan Kenigsberg <[email protected]>
Gerrit-Reviewer: Dima Kuznetsov <[email protected]>
Gerrit-Reviewer: Piotr Kliczewski <[email protected]>
Gerrit-Reviewer: Saggi Mizrahi <[email protected]>
Gerrit-Reviewer: Yaniv Bronhaim <[email protected]>
Gerrit-Reviewer: Yedidyah Bar David <[email protected]>
Gerrit-Reviewer: [email protected]
Gerrit-Reviewer: oVirt Jenkins CI Server
_______________________________________________
vdsm-patches mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/vdsm-patches
