Re: [Qemu-devel] [PATCH v2] qga: add guest-set-admin-password command

["Daniel P. Berrange" <berrange@redhat.com>]

On Wed, Feb 04, 2015 at 01:48:40PM +0300, Roman Kagan wrote:
> On Mon, Jan 12, 2015 at 03:58:14PM +0000, Daniel P. Berrange wrote:
> > Add a new 'guest-set-admin-password' command for changing the
> > root/administrator password. This command is needed to allow
> > OpenStack to support its API for changing the admin password
> > on a running guest.
> > 
> > Accepts either the raw password string:
> > 
> > $ virsh -c qemu:///system  qemu-agent-command f21x86_64 \
> >    '{ "execute": "guest-set-admin-password", "arguments":
> >      { "crypted": false, "password": "12345678" } }'
> >   {"return":{}}
> > 
> > Or a pre-encrypted string (recommended)
> > 
> > $ virsh -c qemu:///system  qemu-agent-command f21x86_64 \
> >    '{ "execute": "guest-set-admin-password", "arguments":
> >      { "crypted": true, "password":
> >         "$6$T9O/j/aGPrE...snip....rQoRN4F0.GG0MPjNUNyml." } }'
> 
> Does it have to be a QMP command?  Wouldn't the recently (re-)submitted
> guest-exec allow to do the same, by running "chpasswd" in the guest and
> piping the username:password into its stdin?

guest-exec puts the burden on the calling application to figure out which
command to invoke and what syntax it has. This is really sucky for any
kind of cross-OS portability. ie windows is going to be completely different
from Linux, and even different UNIX variants are different to some extent.

I don't consider guest-exec to be something that managment applications
should *ever* use to build features around. It is just a useful mechanism
for human administrators to do ad-hoc interactions with guests.

> Besides I think it makes sense to (optionally) pass the username, to
> allow to change the password for arbitrary users.  This would make the
> functionality useful for systems where root password plays no role as
> root logins are disallowed, and the only access to root shell is via
> sudo from a user belonging to a particular group (IIRC Ubuntu is usually
> set up like that).

Yep, extending it to any username is a possibility if it is thought to
be useful

> 
> > NB windows support is desirable, but not implemented in this
> > patch.
> 
> Yes Windows may have an issue with username here too, because the admin
> user can be any user (and even "Administrator" can be localized).

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|