mirror of
https://gitlab.com/qemu-project/qemu
synced 2024-07-08 20:17:27 +00:00
qga: add *reset argument to ssh-add-authorized-keys
I prefer 'reset' over 'clear', since 'clear' and keys may have some other relations or meaning. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> *fix disallowed g_assert* usage reported by checkpatch Signed-off-by: Michael Roth <michael.roth@amd.com>
This commit is contained in:
parent
8d769ec777
commit
0e3c94758e
|
@ -168,6 +168,7 @@ read_authkeys(const char *path, Error **errp)
|
||||||
|
|
||||||
void
|
void
|
||||||
qmp_guest_ssh_add_authorized_keys(const char *username, strList *keys,
|
qmp_guest_ssh_add_authorized_keys(const char *username, strList *keys,
|
||||||
|
bool has_reset, bool reset,
|
||||||
Error **errp)
|
Error **errp)
|
||||||
{
|
{
|
||||||
g_autofree struct passwd *p = NULL;
|
g_autofree struct passwd *p = NULL;
|
||||||
|
@ -178,6 +179,7 @@ qmp_guest_ssh_add_authorized_keys(const char *username, strList *keys,
|
||||||
size_t nkeys, nauthkeys;
|
size_t nkeys, nauthkeys;
|
||||||
|
|
||||||
ERRP_GUARD();
|
ERRP_GUARD();
|
||||||
|
reset = has_reset && reset;
|
||||||
|
|
||||||
if (!check_openssh_pub_keys(keys, &nkeys, errp)) {
|
if (!check_openssh_pub_keys(keys, &nkeys, errp)) {
|
||||||
return;
|
return;
|
||||||
|
@ -191,7 +193,9 @@ qmp_guest_ssh_add_authorized_keys(const char *username, strList *keys,
|
||||||
ssh_path = g_build_filename(p->pw_dir, ".ssh", NULL);
|
ssh_path = g_build_filename(p->pw_dir, ".ssh", NULL);
|
||||||
authkeys_path = g_build_filename(ssh_path, "authorized_keys", NULL);
|
authkeys_path = g_build_filename(ssh_path, "authorized_keys", NULL);
|
||||||
|
|
||||||
authkeys = read_authkeys(authkeys_path, NULL);
|
if (!reset) {
|
||||||
|
authkeys = read_authkeys(authkeys_path, NULL);
|
||||||
|
}
|
||||||
if (authkeys == NULL) {
|
if (authkeys == NULL) {
|
||||||
if (!g_file_test(ssh_path, G_FILE_TEST_IS_DIR) &&
|
if (!g_file_test(ssh_path, G_FILE_TEST_IS_DIR) &&
|
||||||
!mkdir_for_user(ssh_path, p, 0700, errp)) {
|
!mkdir_for_user(ssh_path, p, 0700, errp)) {
|
||||||
|
@ -318,7 +322,7 @@ test_invalid_user(void)
|
||||||
{
|
{
|
||||||
Error *err = NULL;
|
Error *err = NULL;
|
||||||
|
|
||||||
qmp_guest_ssh_add_authorized_keys("", NULL, &err);
|
qmp_guest_ssh_add_authorized_keys("", NULL, FALSE, FALSE, &err);
|
||||||
error_free_or_abort(&err);
|
error_free_or_abort(&err);
|
||||||
|
|
||||||
qmp_guest_ssh_remove_authorized_keys("", NULL, &err);
|
qmp_guest_ssh_remove_authorized_keys("", NULL, &err);
|
||||||
|
@ -333,7 +337,8 @@ test_invalid_key(void)
|
||||||
};
|
};
|
||||||
Error *err = NULL;
|
Error *err = NULL;
|
||||||
|
|
||||||
qmp_guest_ssh_add_authorized_keys(g_get_user_name(), &key, &err);
|
qmp_guest_ssh_add_authorized_keys(g_get_user_name(), &key,
|
||||||
|
FALSE, FALSE, &err);
|
||||||
error_free_or_abort(&err);
|
error_free_or_abort(&err);
|
||||||
|
|
||||||
qmp_guest_ssh_remove_authorized_keys(g_get_user_name(), &key, &err);
|
qmp_guest_ssh_remove_authorized_keys(g_get_user_name(), &key, &err);
|
||||||
|
@ -346,13 +351,17 @@ test_add_keys(void)
|
||||||
Error *err = NULL;
|
Error *err = NULL;
|
||||||
|
|
||||||
qmp_guest_ssh_add_authorized_keys(g_get_user_name(),
|
qmp_guest_ssh_add_authorized_keys(g_get_user_name(),
|
||||||
(strList *)&test_key2, &err);
|
(strList *)&test_key2,
|
||||||
|
FALSE, FALSE,
|
||||||
|
&err);
|
||||||
g_assert(err == NULL);
|
g_assert(err == NULL);
|
||||||
|
|
||||||
test_authorized_keys_equal("algo key2 comments");
|
test_authorized_keys_equal("algo key2 comments");
|
||||||
|
|
||||||
qmp_guest_ssh_add_authorized_keys(g_get_user_name(),
|
qmp_guest_ssh_add_authorized_keys(g_get_user_name(),
|
||||||
(strList *)&test_key1_2, &err);
|
(strList *)&test_key1_2,
|
||||||
|
FALSE, FALSE,
|
||||||
|
&err);
|
||||||
g_assert(err == NULL);
|
g_assert(err == NULL);
|
||||||
|
|
||||||
/* key2 came first, and should'nt be duplicated */
|
/* key2 came first, and should'nt be duplicated */
|
||||||
|
@ -360,6 +369,39 @@ test_add_keys(void)
|
||||||
"algo key1 comments");
|
"algo key1 comments");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
test_add_reset_keys(void)
|
||||||
|
{
|
||||||
|
Error *err = NULL;
|
||||||
|
|
||||||
|
qmp_guest_ssh_add_authorized_keys(g_get_user_name(),
|
||||||
|
(strList *)&test_key1_2,
|
||||||
|
FALSE, FALSE,
|
||||||
|
&err);
|
||||||
|
g_assert(err == NULL);
|
||||||
|
|
||||||
|
/* reset with key2 only */
|
||||||
|
test_authorized_keys_equal("algo key1 comments\n"
|
||||||
|
"algo key2 comments");
|
||||||
|
|
||||||
|
qmp_guest_ssh_add_authorized_keys(g_get_user_name(),
|
||||||
|
(strList *)&test_key2,
|
||||||
|
TRUE, TRUE,
|
||||||
|
&err);
|
||||||
|
g_assert(err == NULL);
|
||||||
|
|
||||||
|
test_authorized_keys_equal("algo key2 comments");
|
||||||
|
|
||||||
|
/* empty should clear file */
|
||||||
|
qmp_guest_ssh_add_authorized_keys(g_get_user_name(),
|
||||||
|
(strList *)NULL,
|
||||||
|
TRUE, TRUE,
|
||||||
|
&err);
|
||||||
|
g_assert(err == NULL);
|
||||||
|
|
||||||
|
test_authorized_keys_equal("");
|
||||||
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
test_remove_keys(void)
|
test_remove_keys(void)
|
||||||
{
|
{
|
||||||
|
@ -393,6 +435,7 @@ int main(int argc, char *argv[])
|
||||||
g_test_add_func("/qga/ssh/invalid_user", test_invalid_user);
|
g_test_add_func("/qga/ssh/invalid_user", test_invalid_user);
|
||||||
g_test_add_func("/qga/ssh/invalid_key", test_invalid_key);
|
g_test_add_func("/qga/ssh/invalid_key", test_invalid_key);
|
||||||
g_test_add_func("/qga/ssh/add_keys", test_add_keys);
|
g_test_add_func("/qga/ssh/add_keys", test_add_keys);
|
||||||
|
g_test_add_func("/qga/ssh/add_reset_keys", test_add_reset_keys);
|
||||||
g_test_add_func("/qga/ssh/remove_keys", test_remove_keys);
|
g_test_add_func("/qga/ssh/remove_keys", test_remove_keys);
|
||||||
|
|
||||||
return g_test_run();
|
return g_test_run();
|
||||||
|
|
|
@ -1352,6 +1352,7 @@
|
||||||
#
|
#
|
||||||
# @username: the user account to add the authorized keys
|
# @username: the user account to add the authorized keys
|
||||||
# @keys: the public keys to add (in OpenSSH/sshd(8) authorized_keys format)
|
# @keys: the public keys to add (in OpenSSH/sshd(8) authorized_keys format)
|
||||||
|
# @reset: ignore the existing content, set it with the given keys only
|
||||||
#
|
#
|
||||||
# Append public keys to user .ssh/authorized_keys on Unix systems (not
|
# Append public keys to user .ssh/authorized_keys on Unix systems (not
|
||||||
# implemented for other systems).
|
# implemented for other systems).
|
||||||
|
@ -1361,7 +1362,7 @@
|
||||||
# Since: 5.2
|
# Since: 5.2
|
||||||
##
|
##
|
||||||
{ 'command': 'guest-ssh-add-authorized-keys',
|
{ 'command': 'guest-ssh-add-authorized-keys',
|
||||||
'data': { 'username': 'str', 'keys': ['str'] },
|
'data': { 'username': 'str', 'keys': ['str'], '*reset': 'bool' },
|
||||||
'if': 'defined(CONFIG_POSIX)' }
|
'if': 'defined(CONFIG_POSIX)' }
|
||||||
|
|
||||||
##
|
##
|
||||||
|
|
Loading…
Reference in New Issue
Block a user