mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-22 05:35:25 +00:00
rpc: always pass "-T -e none" args to ssh
Way back in the past, the "no_tty=1" option was added for the remote
driver to disable local password prompting by disabling use of the local
tty:
commit b32f429849
Author: Daniel P. Berrange <berrange@redhat.com>
Date: Fri Sep 21 20:17:09 2007 +0000
Added a no_tty param to remote URIs to stop SSH prompting for password
This was done by adding "-T -o BatchMode=yes -e none" args to ssh. This
achieved the desired results but is none the less semantically flawed
because it is mixing up config parameters for the local tty vs the
remote tty.
The "-T" arg stops allocation of a TTY on the remote host. This is good
for all libvirt SSH tunnels as we never require a TTY for our usage
model, so we should have just passed this unconditionally.
The "-e none" option disables the escape character for sessions with a
TTY. If we pass "-T" this is not required, but it also not harmful to
add it, so we should just pass it unconditionally too.
Only the "-o BatchMode=yes" option is related to disabling local
password prompts and thus needs control via the no_tty URI param.
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
parent
173a191cfe
commit
1939bcd539
@ -854,9 +854,9 @@ int virNetSocketNewConnectSSH(const char *nodename,
|
||||
virCommandAddArgList(cmd, "-l", username, NULL);
|
||||
if (keyfile)
|
||||
virCommandAddArgList(cmd, "-i", keyfile, NULL);
|
||||
virCommandAddArgList(cmd, "-T", "-e", "none", NULL);
|
||||
if (noTTY)
|
||||
virCommandAddArgList(cmd, "-T", "-o", "BatchMode=yes",
|
||||
"-e", "none", NULL);
|
||||
virCommandAddArgList(cmd, "-o", "BatchMode=yes", NULL);
|
||||
if (noVerify)
|
||||
virCommandAddArgList(cmd, "-o", "StrictHostKeyChecking=no", NULL);
|
||||
|
||||
|
@ -571,12 +571,13 @@ mymain(void)
|
||||
struct testSSHData sshData1 = {
|
||||
.nodename = "somehost",
|
||||
.path = "/tmp/socket",
|
||||
.expectOut = "-- somehost sh -c 'if 'nc' -q 2>&1 | grep \"requires an argument\" >/dev/null 2>&1; then "
|
||||
"ARG=-q0;"
|
||||
"else "
|
||||
"ARG=;"
|
||||
"fi;"
|
||||
"'nc' $ARG -U /tmp/socket'\n",
|
||||
.expectOut = "-T -e none -- somehost sh -c '"
|
||||
"if 'nc' -q 2>&1 | grep \"requires an argument\" >/dev/null 2>&1; then "
|
||||
"ARG=-q0;"
|
||||
"else "
|
||||
"ARG=;"
|
||||
"fi;"
|
||||
"'nc' $ARG -U /tmp/socket'\n",
|
||||
};
|
||||
if (virTestRun("SSH test 1", testSocketSSH, &sshData1) < 0)
|
||||
ret = -1;
|
||||
@ -589,7 +590,7 @@ mymain(void)
|
||||
.noTTY = true,
|
||||
.noVerify = false,
|
||||
.path = "/tmp/socket",
|
||||
.expectOut = "-p 9000 -l fred -T -o BatchMode=yes -e none -- somehost sh -c '"
|
||||
.expectOut = "-p 9000 -l fred -T -e none -o BatchMode=yes -- somehost sh -c '"
|
||||
"if 'netcat' -q 2>&1 | grep \"requires an argument\" >/dev/null 2>&1; then "
|
||||
"ARG=-q0;"
|
||||
"else "
|
||||
@ -608,7 +609,7 @@ mymain(void)
|
||||
.noTTY = false,
|
||||
.noVerify = true,
|
||||
.path = "/tmp/socket",
|
||||
.expectOut = "-p 9000 -l fred -o StrictHostKeyChecking=no -- somehost sh -c '"
|
||||
.expectOut = "-p 9000 -l fred -T -e none -o StrictHostKeyChecking=no -- somehost sh -c '"
|
||||
"if 'netcat' -q 2>&1 | grep \"requires an argument\" >/dev/null 2>&1; then "
|
||||
"ARG=-q0;"
|
||||
"else "
|
||||
@ -630,7 +631,7 @@ mymain(void)
|
||||
struct testSSHData sshData5 = {
|
||||
.nodename = "crashyhost",
|
||||
.path = "/tmp/socket",
|
||||
.expectOut = "-- crashyhost sh -c "
|
||||
.expectOut = "-T -e none -- crashyhost sh -c "
|
||||
"'if 'nc' -q 2>&1 | grep \"requires an argument\" >/dev/null 2>&1; then "
|
||||
"ARG=-q0;"
|
||||
"else "
|
||||
@ -647,7 +648,7 @@ mymain(void)
|
||||
.path = "/tmp/socket",
|
||||
.keyfile = "/root/.ssh/example_key",
|
||||
.noVerify = true,
|
||||
.expectOut = "-i /root/.ssh/example_key -o StrictHostKeyChecking=no -- example.com sh -c '"
|
||||
.expectOut = "-i /root/.ssh/example_key -T -e none -o StrictHostKeyChecking=no -- example.com sh -c '"
|
||||
"if 'nc' -q 2>&1 | grep \"requires an argument\" >/dev/null 2>&1; then "
|
||||
"ARG=-q0;"
|
||||
"else "
|
||||
@ -662,12 +663,13 @@ mymain(void)
|
||||
.nodename = "somehost",
|
||||
.netcat = "nc -4",
|
||||
.path = "/tmp/socket",
|
||||
.expectOut = "-- somehost sh -c 'if ''nc -4'' -q 2>&1 | grep \"requires an argument\" >/dev/null 2>&1; then "
|
||||
"ARG=-q0;"
|
||||
"else "
|
||||
"ARG=;"
|
||||
"fi;"
|
||||
"''nc -4'' $ARG -U /tmp/socket'\n",
|
||||
.expectOut = "-T -e none -- somehost sh -c '"
|
||||
"if ''nc -4'' -q 2>&1 | grep \"requires an argument\" >/dev/null 2>&1; then "
|
||||
"ARG=-q0;"
|
||||
"else "
|
||||
"ARG=;"
|
||||
"fi;"
|
||||
"''nc -4'' $ARG -U /tmp/socket'\n",
|
||||
};
|
||||
if (virTestRun("SSH test 7", testSocketSSH, &sshData7) < 0)
|
||||
ret = -1;
|
||||
|
Loading…
Reference in New Issue
Block a user