[ovirt-users] I wrote an oVirt thing
Yaniv Kaul
ykaul at redhat.com
Tue Nov 29 12:06:22 UTC 2016
On Tue, Nov 29, 2016 at 3:40 AM, Konstantin Shalygin <k0ste at k0ste.ru> wrote:
> ovirt-shell will be deprecated and not supported or some functions on
> ovirt-shell (or all package ovirt-engine-cli)?
>
> We use ovirt-shell on client desktops who connected to SPICE consoles and
> work (users provided by LDAP on ovirt-engine), like via RDP. For this I
> wrote very fast-hack patch for ovirt-shell and GUI for enter password (
> https://github.com/k0ste/ovirt-pygtk). Very simple, but via Internet
> people use SPICE without negative about packet loss and disconnects,
> instead RDP.
Can you further explain the use case? I assume the user portal is not good
enough for some reason?
>
>
> BTW, the ovirt-shell is something we deprecated. It is working on top of
>> the v3 api, which we plan to remove in 4.2.
>> So better not use it.
>>
>
>
> You can start maintain. For example I maintain packes for Arch Linux:
> ovirt-engine-cli (https://aur.archlinux.org/packages/ovirt-engine-cli)
> and ovirt-engine-sdk-python (https://aur.archlinux.org/pac
> kages/ovirt-engine-sdk-python).
Hi,
It somehow looks like a fork of the CLI (due to the added patch[1]).
I'm not sure how happy I am about it, considering the patch is adding a
feature with security issues (there is a reason we do not support password
passed via the command line - it's somewhat less secure).
Since you are already checking for the CLI rc file[2], just add the
password to it and launch with it (in a temp file in the temp directory
with the right permissions, etc...)
BTW, note that the attempt to delete the password from memory[3] may or may
not work. After all, it's a copy of what you got from entry.get_text() few
lines before.
And Python GC is not really to be relied upon to delete things ASAP anyway.
There are some lovely discussions on the Internet about it. For example[4].
Y.
[1]
https://github.com/k0ste/ovirt-pygtk/blob/master/add_password_option.patch
[2] https://github.com/k0ste/ovirt-pygtk/blob/master/ovirt-pygtk.py#L81
[3] https://github.com/k0ste/ovirt-pygtk/blob/master/ovirt-pygtk.py#L71
[4]
http://stackoverflow.com/questions/728164/securely-erasing-password-in-memory-python
>
>
> My workstation at work is running Ubuntu, and I do not believe that
>> ovirt-shell is packaged for it.
>>
>
> --
> Best regards,
> Konstantin Shalygin
>
>
>
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20161129/4c62f1cf/attachment-0001.html>
More information about the Users
mailing list