This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 1257483 - There is no need to set expire_password after set a new password in qemu when the old password expired
There is no need to set expire_password after set a new password in qemu when...
Status: CLOSED NOTABUG
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: qemu-kvm-rhev (Show other bugs)
7.2
Unspecified Unspecified
low Severity low
: rc
: ---
Assigned To: Gerd Hoffmann
Virtualization Bugs
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-08-27 03:54 EDT by jingzhao
Modified: 2016-03-28 05:22 EDT (History)
7 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-11-12 04:49:43 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description jingzhao 2015-08-27 03:54:03 EDT
Description of problem:
There is no need to set expire_password after set a new password in qemu when the old password expired

Version-Release number of selected component (if applicable):
qemu-img-rhev-2.3.0-19.el7.x86_64
Host kernel version:3.10.0-309.el7.x86_64
Guest kernel version:2.6.18-398.el5

How reproducible:
100%

Steps to Reproduce:
1.boot guest with cli:
/usr/libexec/qemu-kvm \
-M pc \
-cpu IvyBridge \
-nodefaults -rtc base=utc -no-hpet \
-m 2G \
-smp 4,sockets=2,cores=2,threads=1 \
-enable-kvm \
-name rhel7.2 \
-uuid 990ea161-6b67-47b2-b803-19fb01d30d12 \
-smbios type=1,manufacturer='Red Hat',product='RHEV Hypervisor',version=el6,serial=koTUXQrb,uuid=feebc8fd-f8b0-4e75-abc3-e63fcdb67170 \
-k en-us \
-monitor stdio \
-qmp tcp:0:6661,server,nowait \
-boot menu=on \
-bios /usr/share/seabios/bios.bin \
-serial unix:/tmp/serial0,server,nowait \
-vga cirrus \
-vnc :10,to=99,password \
-netdev tap,id=hostnet0,vhost=on \
-device virtio-net-pci,netdev=hostnet0,id=net0,mac=54:52:00:B6:40:21 \
-drive file=/usr/test/guest1.img,if=none,media=disk,id=drive-ide1,format=raw \
-device ide-drive,bus=ide.0,unit=1,drive=drive-ide1,id=ide1,bootindex=1 \
-chardev socket,id=seabios,path=/tmp/seabios,server,nowait \
-device isa-debugcon,chardev=seabios,iobase=0x402 \
-usb \
-device usb-tablet,id=tablet0 \

2. (qemu) set_password vnc 1
3. connected to guest through vnc and used password 
4. (qemu) expire_password vnc +10 and then closed vnc brower
5. Then connected to guest through vnc and used password 1, connected failed
6. (qemu) set_password vnc 2
7. connected to guest through vnc and used password 2

Actual results:
Guest connected failed

Expected results:
Guest connected successfully

Additional info:
Guest connected successfully after "expire_password vnc +10" again
Comment 2 Ademar Reis 2015-08-28 17:50:16 EDT
(In reply to jingzhao from comment #0)
> Description of problem:
> There is no need to set expire_password after set a new password in qemu
> when the old password expired

So if I understood correctly, what you mean is that expiration remains in effect even after changing the password to a new one.

Is that right?
Comment 3 jingzhao 2015-08-30 22:17:30 EDT
(In reply to Ademar Reis from comment #2)
> (In reply to jingzhao from comment #0)
> > Description of problem:
> > There is no need to set expire_password after set a new password in qemu
> > when the old password expired
> 
> So if I understood correctly, what you mean is that expiration remains in
> effect even after changing the password to a new one.
> 
> Is that right?

[Jing Zhao] Yes, I think there have two options
  1. The old password didn't expired but I want to change to a new password
    - expected result: I think the expiration remains in effect
  2. The old password expired and I changed to a new password
    - expected result: I think there is no need to do expiration if I didn't want after changed the password.
Comment 5 Gerd Hoffmann 2015-11-12 04:49:43 EST
Works as intended.  expire_password sets the expire time, and if you specify a relative time (like +10) this is relative to the time you issued the expire_password command.  set_password has no effect at all on the expire time.

So, if you want the new password be valid for a certain time you need to issue both set_password and expire_password commands.  If you want turn off expiration use "expire_password vnc never".

Note You need to log in before you can comment on or make changes to this bug.