On 01/12/2015 08:58 AM, Daniel P. Berrange wrote: > Add a new 'guest-set-admin-password' command for changing the > root/administrator password. This command is needed to allow > OpenStack to support its API for changing the admin password > on a running guest. > > Accepts either the raw password string: > > $ virsh -c qemu:///system qemu-agent-command f21x86_64 \ > '{ "execute": "guest-set-admin-password", "arguments": > { "crypted": false, "password": "12345678" } }' > {"return":{}} > > Or a pre-encrypted string (recommended) > > $ virsh -c qemu:///system qemu-agent-command f21x86_64 \ > '{ "execute": "guest-set-admin-password", "arguments": > { "crypted": true, "password": > "$6$T9O/j/aGPrE...snip....rQoRN4F0.GG0MPjNUNyml." } }' > > NB windows support is desirable, but not implemented in this > patch. > > Signed-off-by: Daniel P. Berrange <berra...@redhat.com> > --- > qga/commands-posix.c | 90 > ++++++++++++++++++++++++++++++++++++++++++++++++++++ > qga/commands-win32.c | 6 ++++ > qga/qapi-schema.json | 19 +++++++++++ > 3 files changed, 115 insertions(+) >
> +++ b/qga/qapi-schema.json > @@ -738,3 +738,22 @@ > ## > { 'command': 'guest-get-fsinfo', > 'returns': ['GuestFilesystemInfo'] } > + > +## > +# @guest-set-admin-password > +# > +# @crypted: true if password is already crypt()d, false if raw > +# @password: the new password entry > +# > +# If the @crypted flag is true, it is the callers responsibility s/callers/caller's/ > +# to ensure the correct crypt() encryption scheme is used. This > +# command does not attempt to interpret or report on the encryption > +# scheme. Refer to the documentation of the guest operating system > +# in question to determine what is supported. > +# > +# Returns: Nothing on success. > +# > +# Since 2.3 > +## > +{ 'command': 'guest-set-admin-password', > + 'data': { 'crypted': 'bool', 'password': 'str' } } > Normally, 'password':'str' means we are passing UTF8 JSON. But what if the desired password is NOT valid UTF8, but still valid to the end user (for example, a user that intentionally wants a Latin1 encoded password that uses 8-bit characters)? In other interfaces, we've allowed an enum that specifies whether a raw data string is 'utf8' or 'base64' encoded; should we have such a parameter here? -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature