From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:47142) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aB11J-0005iI-Sj for qemu-devel@nongnu.org; Mon, 21 Dec 2015 09:01:07 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1aB11E-0005qL-Op for qemu-devel@nongnu.org; Mon, 21 Dec 2015 09:01:01 -0500 Received: from mx1.redhat.com ([209.132.183.28]:53670) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aB11E-0005pp-Gz for qemu-devel@nongnu.org; Mon, 21 Dec 2015 09:00:56 -0500 References: <1450680006-21959-1-git-send-email-den@openvz.org> From: Eric Blake Message-ID: <56780611.6050201@redhat.com> Date: Mon, 21 Dec 2015 07:00:49 -0700 MIME-Version: 1.0 In-Reply-To: <1450680006-21959-1-git-send-email-den@openvz.org> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="v0M12f4A11vn9JBaSccmvEHEKksHNeh3W" Subject: Re: [Qemu-devel] [PATCH 1/1] qga: guest-set-user-password - added ability to create new user List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Denis V. Lunev" Cc: Yuri Pudgorodskiy , qemu-devel@nongnu.org, Michael Roth This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --v0M12f4A11vn9JBaSccmvEHEKksHNeh3W Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 12/20/2015 11:40 PM, Denis V. Lunev wrote: > From: Yuri Pudgorodskiy >=20 > Added optional 'create' flag to guest-set-user-password command. > When it is specified, a new user will be created if it is not > exists yet. s/is not exists/does not exist/ >=20 > The option to the existing command is added as password for newly creat= ed > user should be set as specified. >=20 > Signed-off-by: Yuri Pudgorodskiy > Signed-off-by: Denis V. Lunev > CC: Michael Roth > --- > qga/commands-posix.c | 36 ++++++++++++++++++++++++++++++++++++ > qga/commands-win32.c | 25 ++++++++++++++++++++++++- > qga/qapi-schema.json | 3 ++- > 3 files changed, 62 insertions(+), 2 deletions(-) >=20 > diff --git a/qga/commands-posix.c b/qga/commands-posix.c > @@ -1993,6 +1995,40 @@ void qmp_guest_set_user_password(const char *use= rname, > goto out; > } > =20 > + /* create new user if requested */ > + if (has_create && create) { > + pid =3D fork(); > + if (pid =3D=3D 0) { > + char *str =3D g_shell_quote(username); > + char *cmd =3D g_strdup_printf("id %s || useradd -m %s", st= r, str); useradd is Linux-specific; should we be trying harder to make this command portable to all POSIX-y guests? > + setsid(); > + reopen_fd_to_null(0); > + reopen_fd_to_null(1); > + reopen_fd_to_null(2); > + execle("/bin/sh", "sh", "-c", cmd, NULL, environ); By redirecting stderr to /dev/null, you've lost any error messages that useradd tries to report... > + _exit(EXIT_FAILURE); > + } else if (pid < 0) { > + error_setg_errno(errp, errno, "failed to create child proc= ess"); > + goto out; > + } > + > + ga_wait_child(pid, &status, &local_err); > + if (local_err) { > + error_propagate(errp, local_err); > + goto out; > + } > + > + if (!WIFEXITED(status)) { > + error_setg(errp, "child process has terminated abnormally"= ); > + goto out; > + } > + > + if (WEXITSTATUS(status)) { > + error_setg(errp, "child process has failed to add new user= "); =2E..and replaced it with a less-helpful message. Should you try harder t= o pass through the real reason for failure? > +++ b/qga/qapi-schema.json > @@ -787,6 +787,7 @@ > # @username: the user account whose password to change > # @password: the new password entry string, base64 encoded > # @crypted: true if password is already crypt()d, false if raw > +# @create: #optional user will be created if not exists (since 2.6) s/if not exists/if it does not exist/ may want to mention that it defaults to false > # > # If the @crypted flag is true, it is the caller's responsibility > # to ensure the correct crypt() encryption scheme is used. This > @@ -806,7 +807,7 @@ > # Since 2.3 > ## > { 'command': 'guest-set-user-password', > - 'data': { 'username': 'str', 'password': 'str', 'crypted': 'bool' } = } > + 'data': { 'username': 'str', 'password': 'str', 'crypted': 'bool', '= *create': 'bool' } } Long line; please wrap to keep things under 80 columns. --=20 Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org --v0M12f4A11vn9JBaSccmvEHEKksHNeh3W Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Public key at http://people.redhat.com/eblake/eblake.gpg Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJWeAYVAAoJEKeha0olJ0Nq1dYH+gMEdpBJp+BbhFysF+fB2s14 1bhbYHTQsZ/OFV0VbRWrLYt+5m98QJRDVXsgAKrYMP9FopBaQG7KiC2TFiaz8z1o 9NfGY3z/WeryQL+lUBia1w6rTMvokO5wkCF9+isWroI/M1SBHQZMYte+MP8QglMa 2cW/FLiym8xktqBGe2Ne2ORjl1ZYotiga3P+IYFDG3Cykf0YFhB5JZKSjRca7OOX CEOZw0zPl62j0ML/YIxwVfaZM/ENDSCVi4qaUWzD3t9pDujGwadtpAp4kuGlb8eE dJiNrYpyLBgZSCYTP5GM/2CU4Vec4tFLHjoL+33IwZ/D8qsA7Vwjvy5PX1U13/o= =j+N9 -----END PGP SIGNATURE----- --v0M12f4A11vn9JBaSccmvEHEKksHNeh3W--