mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-01-18 10:35:20 +00:00
Introduce virDomainSetUserPassword API
For setting passwords of users inside the domain. With the VIR_DOMAIN_PASSWORD_ENCRYPTED flag set, the password is assumed to be already encrypted by the method required by the guest OS. https://bugzilla.redhat.com/show_bug.cgi?id=1174177
This commit is contained in:
parent
6cc5c33eb5
commit
e8982c88bd
@ -3818,4 +3818,13 @@ int virDomainInterfaceAddresses(virDomainPtr dom,
|
||||
|
||||
void virDomainInterfaceFree(virDomainInterfacePtr iface);
|
||||
|
||||
typedef enum {
|
||||
VIR_DOMAIN_PASSWORD_ENCRYPTED = 1 << 0, /* the password is already encrypted */
|
||||
} virDomainSetUserPasswordFlags;
|
||||
|
||||
int virDomainSetUserPassword(virDomainPtr dom,
|
||||
const char *user,
|
||||
const char *password,
|
||||
unsigned int flags);
|
||||
|
||||
#endif /* __VIR_LIBVIRT_DOMAIN_H__ */
|
||||
|
@ -43,7 +43,7 @@ VIR_ENUM_IMPL(virAccessPermDomain,
|
||||
"fs_trim", "fs_freeze",
|
||||
"block_read", "block_write", "mem_read",
|
||||
"open_graphics", "open_device", "screenshot",
|
||||
"open_namespace", "set_time");
|
||||
"open_namespace", "set_time", "set_password");
|
||||
|
||||
VIR_ENUM_IMPL(virAccessPermInterface,
|
||||
VIR_ACCESS_PERM_INTERFACE_LAST,
|
||||
|
@ -300,6 +300,12 @@ typedef enum {
|
||||
*/
|
||||
VIR_ACCESS_PERM_DOMAIN_SET_TIME,
|
||||
|
||||
/**
|
||||
* @desc: Set password of the domain's account
|
||||
* @message: Setting the domain accounts' password requires authorization
|
||||
*/
|
||||
VIR_ACCESS_PERM_DOMAIN_SET_PASSWORD,
|
||||
|
||||
VIR_ACCESS_PERM_DOMAIN_LAST,
|
||||
} virAccessPermDomain;
|
||||
|
||||
|
@ -1201,6 +1201,12 @@ typedef int
|
||||
unsigned int source,
|
||||
unsigned int flags);
|
||||
|
||||
typedef int
|
||||
(*virDrvDomainSetUserPassword)(virDomainPtr dom,
|
||||
const char *user,
|
||||
const char *password,
|
||||
unsigned int flags);
|
||||
|
||||
typedef struct _virHypervisorDriver virHypervisorDriver;
|
||||
typedef virHypervisorDriver *virHypervisorDriverPtr;
|
||||
|
||||
@ -1430,6 +1436,7 @@ struct _virHypervisorDriver {
|
||||
virDrvNodeAllocPages nodeAllocPages;
|
||||
virDrvDomainGetFSInfo domainGetFSInfo;
|
||||
virDrvDomainInterfaceAddresses domainInterfaceAddresses;
|
||||
virDrvDomainSetUserPassword domainSetUserPassword;
|
||||
};
|
||||
|
||||
|
||||
|
@ -11001,6 +11001,53 @@ virDomainSetTime(virDomainPtr dom,
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* virDomainSetUserPassword:
|
||||
* @dom: a domain object
|
||||
* @user: the username that will get a new password
|
||||
* @password: the password to set
|
||||
* @flags: bitwise-OR of virDomainSetUserPasswordFlags
|
||||
*
|
||||
* Sets the @user password to the value specified by @password.
|
||||
* If @flags contain VIR_DOMAIN_PASSWORD_ENCRYPTED, the password
|
||||
* is assumed to be encrypted by the method required by the guest OS.
|
||||
*
|
||||
* Please note that some hypervisors may require guest agent to
|
||||
* be configured and running in order to be able to run this API.
|
||||
*
|
||||
* Returns 0 on success, -1 otherwise.
|
||||
*/
|
||||
int
|
||||
virDomainSetUserPassword(virDomainPtr dom,
|
||||
const char *user,
|
||||
const char *password,
|
||||
unsigned int flags)
|
||||
{
|
||||
VIR_DOMAIN_DEBUG(dom, "user=%s, password=%s, flags=%x",
|
||||
NULLSTR(user), NULLSTR(password), flags);
|
||||
|
||||
virResetLastError();
|
||||
|
||||
virCheckDomainReturn(dom, -1);
|
||||
virCheckReadOnlyGoto(dom->conn->flags, error);
|
||||
virCheckNonNullArgGoto(user, error);
|
||||
virCheckNonNullArgGoto(password, error);
|
||||
|
||||
if (dom->conn->driver->domainSetUserPassword) {
|
||||
int ret = dom->conn->driver->domainSetUserPassword(dom, user, password,
|
||||
flags);
|
||||
if (ret < 0)
|
||||
goto error;
|
||||
return ret;
|
||||
}
|
||||
|
||||
virReportUnsupportedError();
|
||||
|
||||
error:
|
||||
virDispatchError(dom->conn);
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* virConnectGetDomainCapabilities:
|
||||
|
@ -710,4 +710,9 @@ LIBVIRT_1.2.15 {
|
||||
virDomainDelIOThread;
|
||||
} LIBVIRT_1.2.14;
|
||||
|
||||
LIBVIRT_1.2.16 {
|
||||
global:
|
||||
virDomainSetUserPassword;
|
||||
} LIBVIRT_1.2.15;
|
||||
|
||||
# .... define new API here using predicted next version number ....
|
||||
|
@ -8389,6 +8389,7 @@ static virHypervisorDriver hypervisor_driver = {
|
||||
.nodeAllocPages = remoteNodeAllocPages, /* 1.2.9 */
|
||||
.domainGetFSInfo = remoteDomainGetFSInfo, /* 1.2.11 */
|
||||
.domainInterfaceAddresses = remoteDomainInterfaceAddresses, /* 1.2.14 */
|
||||
.domainSetUserPassword = remoteDomainSetUserPassword, /* 1.2.16 */
|
||||
};
|
||||
|
||||
static virNetworkDriver network_driver = {
|
||||
|
@ -3223,6 +3223,13 @@ struct remote_domain_interface_addresses_ret {
|
||||
remote_domain_interface ifaces<REMOTE_DOMAIN_INTERFACE_MAX>;
|
||||
};
|
||||
|
||||
struct remote_domain_set_user_password_args {
|
||||
remote_nonnull_domain dom;
|
||||
remote_string user;
|
||||
remote_string password;
|
||||
unsigned int flags;
|
||||
};
|
||||
|
||||
|
||||
/*----- Protocol. -----*/
|
||||
|
||||
@ -5683,5 +5690,11 @@ enum remote_procedure {
|
||||
* @acl: domain:save:!VIR_DOMAIN_AFFECT_CONFIG|VIR_DOMAIN_AFFECT_LIVE
|
||||
* @acl: domain:save:VIR_DOMAIN_AFFECT_CONFIG
|
||||
*/
|
||||
REMOTE_PROC_DOMAIN_DEL_IOTHREAD = 356
|
||||
REMOTE_PROC_DOMAIN_DEL_IOTHREAD = 356,
|
||||
|
||||
/**
|
||||
* @generate:both
|
||||
* @acl: domain:set_password
|
||||
*/
|
||||
REMOTE_PROC_DOMAIN_SET_USER_PASSWORD = 357
|
||||
};
|
||||
|
@ -2678,6 +2678,12 @@ struct remote_domain_interface_addresses_ret {
|
||||
remote_domain_interface * ifaces_val;
|
||||
} ifaces;
|
||||
};
|
||||
struct remote_domain_set_user_password_args {
|
||||
remote_nonnull_domain dom;
|
||||
remote_string user;
|
||||
remote_string password;
|
||||
u_int flags;
|
||||
};
|
||||
enum remote_procedure {
|
||||
REMOTE_PROC_CONNECT_OPEN = 1,
|
||||
REMOTE_PROC_CONNECT_CLOSE = 2,
|
||||
@ -3035,4 +3041,5 @@ enum remote_procedure {
|
||||
REMOTE_PROC_DOMAIN_EVENT_CALLBACK_DEVICE_ADDED = 354,
|
||||
REMOTE_PROC_DOMAIN_ADD_IOTHREAD = 355,
|
||||
REMOTE_PROC_DOMAIN_DEL_IOTHREAD = 356,
|
||||
REMOTE_PROC_DOMAIN_SET_USER_PASSWORD = 357,
|
||||
};
|
||||
|
Loading…
x
Reference in New Issue
Block a user