Bug 794644
| Summary: | [RFE] add some mechanism to pass credentials to remote-viewer | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Gerd Hoffmann <kraxel> | |
| Component: | virt-viewer | Assignee: | Daniel Berrangé <berrange> | |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Virtualization Bugs <virt-bugs> | |
| Severity: | medium | Docs Contact: | ||
| Priority: | medium | |||
| Version: | 6.2 | CC: | audgiri, cfergeau, cwei, dallan, djasa, kraxel, lcui, lyarwood, marcandre.lureau, mjenner, mzhan, tzheng, zpeng | |
| Target Milestone: | rc | Keywords: | FutureFeature | |
| Target Release: | --- | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | Doc Type: | Enhancement | ||
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 805243 (view as bug list) | Environment: | ||
| Last Closed: | 2013-08-08 14:06:00 UTC | Type: | --- | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | 805243 | |||
| Bug Blocks: | ||||
|
Description
Gerd Hoffmann
2012-02-17 07:49:04 UTC
Gerd, should the password be part of spice URI? or a seperate --password argument? Put it into the URI is insane IMHO. Needs to be a separate arg. Daniel mentioned he would put it into a file to (a) avoid the password being visible in the ps listing and (b) allow to easily support other auth schemes too. My intention is to create a config file for authentication credentials that we can use for any libvirt client app. Kind of like the traditional $HOME/.netrc, but with a more extensible format, so we can store arbitrary libvirt/vnc/spice credentials for any SASL auth scheme. The following patch series provides support for a $HOME/.libvirt/auth.conf for libvirt SASL credentials: https://www.redhat.com/archives/libvir-list/2012-March/msg00828.html The intent is that virt-viewer also read this file to extract VNC and/or SPICE credentials, so we have all credentials in one place. (In reply to comment #6) > The following patch series provides support for a $HOME/.libvirt/auth.conf for > libvirt SASL credentials: > > https://www.redhat.com/archives/libvir-list/2012-March/msg00828.html > > The intent is that virt-viewer also read this file to extract VNC and/or SPICE > credentials, so we have all credentials in one place. That sounds reasonable, although I would really appreciate if it uses a path under ~/.config (XDG_CONFIG_PATH) first. Re #6: I'd like to have some way to specify alternative (temporary) config file. Use case is connecting to rhev / ovirt, where you get a temporary password (called ticket) to connect. Writing that to a permanent config file is pretty pointless. Also I somehow think ~/.libvirt/... is a bit misplaced for remote-viewer, whereas it makes perfect sense for virt-viewer of course. This request was not resolved in time for the current release. Red Hat invites you to ask your support representative to propose this request, if still desired, for consideration in the next release of Red Hat Enterprise Linux. This request was erroneously removed from consideration in Red Hat Enterprise Linux 6.4, which is currently under development. This request will be evaluated for inclusion in Red Hat Enterprise Linux 6.4. (In reply to comment #8) > Re #6: I'd like to have some way to specify alternative (temporary) config > file. Use case is connecting to rhev / ovirt, where you get a temporary > password (called ticket) to connect. > Another way of achieving this usecase is https://www.redhat.com/archives/virt-tools-list/2012-June/msg00091.html , which I should get back to work on... *** Bug 911624 has been marked as a duplicate of this bug. *** Christophe sent a patch series: http://lists.freedesktop.org/archives/spice-devel/2013-June/013582.html Gerd remote-viewer can take a .vv file with a password inside, since 0.5.5 I think the bug should thus be closed, and re-open/re-created with a different goal, which would be something like "stored password / config". If I undetstand Daniel correctly, that would be something left to do. (the spice-gtk patches sent by Christophe was rejected, on the basis that we need a more general solution for virt-viewer) (In reply to Marc-Andre Lureau from comment #15) > Gerd > > remote-viewer can take a .vv file with a password inside, since 0.5.5 > > I think the bug should thus be closed, and re-open/re-created with a > different goal, which would be something like "stored password / config". If > I undetstand Daniel correctly, that would be something left to do. > > (the spice-gtk patches sent by Christophe was rejected, on the basis that we > need a more general solution for virt-viewer) Installed 0.5.6. Neither man-page nor --help output give a hint what a .vv file is and how it works, care to explain? (In reply to Gerd Hoffmann from comment #16) > Installed 0.5.6. Neither man-page nor --help output give a hint what a .vv > file is and how it works, care to explain? This is now covered by bug 970825. Should we close that bug? Yep, can be closed. |