1904674 – remove flag of virsh set-user-sshkeys can not work

Bug 1904674 - remove flag of virsh set-user-sshkeys can not work

Summary: remove flag of virsh set-user-sshkeys can not work

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux Advanced Virtualization
Classification:	Red Hat
Component:	libvirt
Sub Component:
Version:	8.4
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	rc
Target Release:	8.4
Assignee:	Michal Privoznik
QA Contact:	Lili Zhu
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2020-12-05 14:07 UTC by Lili Zhu
Modified:	2021-05-25 06:45 UTC (History)
CC List:	6 users (show)
Fixed In Version:	libvirt-7.0.0-1.el8
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2021-05-25 06:45:17 UTC
Type:	Bug
Target Upstream Version:	7.0.0
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Lili Zhu 2020-12-05 14:07:59 UTC

Description of problem:
remove flag of set-user-sshkeys can not work

Version-Release number of selected component (if applicable):
libvirt-6.10.0-1.module+el8.4.0+8898+a84e86e1.x86_64

How reproducible:
100%

Steps to Reproduce:
1. prepare a guest with qemu-guest-agent service started
# virsh domtime avocado-vt-vm1 
Time: 1607177139

2. try to remove keys from the authorized keys file of user lizhu
# virsh set-user-sshkeys avocado-vt-vm1 lizhu --remove /root/.ssh/id_rsa.pub
error: Flags 'VIR_DOMAIN_AUTHORIZED_SSH_KEYS_SET_APPEND' and 'VIR_DOMAIN_AUTHORIZED_SSH_KEYS_SET_REMOVE' are mutually exclusive

# virsh set-user-sshkeys avocado-vt-vm1 lizhu --remove --file /root/.ssh/id_rsa.pub
error: Flags 'VIR_DOMAIN_AUTHORIZED_SSH_KEYS_SET_APPEND' and 'VIR_DOMAIN_AUTHORIZED_SSH_KEYS_SET_REMOVE' are mutually exclusive

# virsh set-user-sshkeys avocado-vt-vm1 lizhu --remove 
error: Option --file is required by option --remove

# virsh set-user-sshkeys avocado-vt-vm1 lizhu --remove --file
error: expected syntax: --file <string>


Actual results:
remove flag of set-user-sshkeys can not work

Additional info:

Comment 1 Michal Privoznik 2020-12-08 13:13:10 UTC

Oops, yes. Patch proposed upstream:

https://www.redhat.com/archives/libvir-list/2020-December/msg00486.html

Comment 2 Michal Privoznik 2020-12-08 13:46:53 UTC

Merged upstream as:

b9dcaede65 virsh: cmdSetUserSSHKeys: Error early if the file doesn't contain any keys
22e785b8ef virsh: Fix logical error in cmdSetUserSSHKeys()

v6.10.0-127-gb9dcaede65

Comment 3 Lili Zhu 2021-01-01 10:01:17 UTC

Test this bug with:
libvirt-6.10.0-1.fc34.x86_64
qemu-guest-agent-5.2.0-2.module+el8.4.0+9186+ec44380f.x86_64

1. prepare a guest with qemu-guest-agent service started
# virsh domtime pc 
Time: 1609494344

2. check the exsiting authorized ssh keys in guest
# virsh get-user-sshkeys pc lizhu                          
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPaNWKd3/Z6QNIGIgNOCh5yCxbvm1pog5IDGyzNPKz0h root@lizhu-fedorassh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCyZlk72jJqCMorQRlkqk54dPZlhqH1ziCIC5D6U6dnYD70F+syWzCiZnJetYBPrT65QR1kOoMxwd3mM1EtJhZhWD287j4MFPGho5huWlMOQXwOkLq0ZKcOh8sAW4Jlbp22zrKmQmdERFTC53N5AMxfep2DyrTCtRFX0fgSczfX5A3HCe4e0ooulVrF1pe9OwBHAUjlcVlC4ggzNTIP9J9v112ecZnaDxvGf1ZNFBWPfeh10Nf5H7fCGAwxP9iCWq1lHliGEzRnN8QDLJo3082uPEL/9sxWsj8qEK3tYnwYUNXhtmqyHUODip6IPE8PHm32h6gX/nt1115ndnZD4AQnxkncEYZ9CAZdtGdpz1TAAxsfD91tYLTGI/v3o+56lDVIYN6P2840aTy2eW4olg18fSKV08/gUZgRAwd0nAwD+3uaxGK1M2DZRVMNNK+mws5kowqUec4kbweYQIAUedF8fFkkr51/r3HnK65oT0XADLJ4ZQhm4fF+UMkYedGSc0c= tester@lizhu-fedora

3. remove 1 ssh key
# virsh set-user-sshkeys pc lizhu --remove /root/.ssh/id_ed25519.pub

# virsh get-user-sshkeys pc lizhu                                   
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCyZlk72jJqCMorQRlkqk54dPZlhqH1ziCIC5D6U6dnYD70F+syWzCiZnJetYBPrT65QR1kOoMxwd3mM1EtJhZhWD287j4MFPGho5huWlMOQXwOkLq0ZKcOh8sAW4Jlbp22zrKmQmdERFTC53N5AMxfep2DyrTCtRFX0fgSczfX5A3HCe4e0ooulVrF1pe9OwBHAUjlcVlC4ggzNTIP9J9v112ecZnaDxvGf1ZNFBWPfeh10Nf5H7fCGAwxP9iCWq1lHliGEzRnN8QDLJo3082uPEL/9sxWsj8qEK3tYnwYUNXhtmqyHUODip6IPE8PHm32h6gX/nt1115ndnZD4AQnxkncEYZ9CAZdtGdpz1TAAxsfD91tYLTGI/v3o+56lDVIYN6P2840aTy2eW4olg18fSKV08/gUZgRAwd0nAwD+3uaxGK1M2DZRVMNNK+mws5kowqUec4kbweYQIAUedF8fFkkr51/r3HnK65oT0XADLJ4ZQhm4fF+UMkYedGSc0c= tester@lizhu-fedora

removing ssh key successfully.

4. try to remove it again
# virsh set-user-sshkeys pc lizhu --remove /root/.ssh/id_ed25519.pub

# virsh get-user-sshkeys pc lizhu                                   
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCyZlk72jJqCMorQRlkqk54dPZlhqH1ziCIC5D6U6dnYD70F+syWzCiZnJetYBPrT65QR1kOoMxwd3mM1EtJhZhWD287j4MFPGho5huWlMOQXwOkLq0ZKcOh8sAW4Jlbp22zrKmQmdERFTC53N5AMxfep2DyrTCtRFX0fgSczfX5A3HCe4e0ooulVrF1pe9OwBHAUjlcVlC4ggzNTIP9J9v112ecZnaDxvGf1ZNFBWPfeh10Nf5H7fCGAwxP9iCWq1lHliGEzRnN8QDLJo3082uPEL/9sxWsj8qEK3tYnwYUNXhtmqyHUODip6IPE8PHm32h6gX/nt1115ndnZD4AQnxkncEYZ9CAZdtGdpz1TAAxsfD91tYLTGI/v3o+56lDVIYN6P2840aTy2eW4olg18fSKV08/gUZgRAwd0nAwD+3uaxGK1M2DZRVMNNK+mws5kowqUec4kbweYQIAUedF8fFkkr51/r3HnK65oT0XADLJ4ZQhm4fF+UMkYedGSc0c= tester@lizhu-fedora

no change.

5. try to use --remove flag with no files
# virsh set-user-sshkeys pc lizhu --remove 
error: Option --file is required by option --remove

Comment 6 Lili Zhu 2021-01-22 12:23:02 UTC

Verify this bug with:
libvirt-daemon-7.0.0-1.module+el8.4.0+9464+3e71831a.x86_64
qemu-guest-agent-5.2.0-3.module+el8.4.0+9499+42e58f08.x86_64

The testing results are the same with that in Comment #3, mark the bug as verified.

Comment 8 errata-xmlrpc 2021-05-25 06:45:17 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (virt:av bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:2098

Note You need to log in before you can comment on or make changes to this bug.