From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:39537) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aLrFl-000084-Hm for qemu-devel@nongnu.org; Wed, 20 Jan 2016 06:48:46 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1aLrFg-0001xn-JD for qemu-devel@nongnu.org; Wed, 20 Jan 2016 06:48:45 -0500 Received: from relay.parallels.com ([195.214.232.42]:44536) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aLrFg-0001uB-9j for qemu-devel@nongnu.org; Wed, 20 Jan 2016 06:48:40 -0500 References: <1452081699-11894-1-git-send-email-den@openvz.org> <5697AF2F.80404@openvz.org> <20160114144653.GW910@redhat.com> From: Yuriy Pudgorodskiy Message-ID: <569F6FC9.2050401@virtuozzo.com> Date: Wed, 20 Jan 2016 14:30:17 +0300 MIME-Version: 1.0 In-Reply-To: <20160114144653.GW910@redhat.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Subject: Re: [Qemu-devel] [PATCH v2 0/2] qga: guest-set-user-password - added ability to create new user List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Daniel P. Berrange" , "Denis V. Lunev" Cc: =?UTF-8?Q?Marc-Andr=c3=a9_Lureau?= , QEMU , Michael Roth On 1/14/2016 5:46 PM, Daniel P. Berrange wrote: > On Thu, Jan 14, 2016 at 05:22:39PM +0300, Denis V. Lunev wrote: >> On 01/14/2016 05:18 PM, Marc-André Lureau wrote: >>> Hi >>> >>> On Wed, Jan 6, 2016 at 1:01 PM, Denis V. Lunev wrote: >>>> These patches add optional 'create' flag to guest-set-user-password command. >>>> When it is specified, a new user will be created if it does not >>>> exist yet. >>>> >>> What's the motivation to re-use set-password instead of a new command? >> because we will have to change the password later on after addition >> of such user. Also this looks better for a case "create if not exists" and >> force new password. > I don't think that's very compelling honestly. In addition when creating > user accounts there's a whole bunch more parameters you potentially want > to set besides just the username - see how many options exist with the > 'useradd' command. Also with some users you might not want to set any > password. So if we want to create users via QGA, I think that having a > separate command makes more sense. > > Regards, > Daniel There is a problem with a whole bunch of create user parameters - they are platform specific. Windows and Unix 'create user' API are rather different - developing support for all parameters will probably lead to two commands - 'create_user_posix' and 'create_user_windows'. If so, callers that want full control over user creation may call platform specific commands over generic guest-exec - e.g. 'useradd' with many options and 'net user', 'net localgroup', respectively. We, in contradiction to such callers, want to add simpler platform-independent functionality much like the os installers provides during initial setup - e.g. just username and password with other parameters be a reasonable default. If that sounds logical to you - we may talk about reasons for defaults and extends to a minimal parameter set (user plus password). But creating a full separate 'user add' command when it is platform specific and user has ability to call 'useradd' via exec - sounds like an overkill to me.