Re: [ovirt-users] I wrote an oVirt thing

This is a multi-part message in MIME format. --------------458056678CBCA60D9CBDE91D Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Use case - Explain what is Virtual Machine to accountant or stockman - beyond my powers. But they understand what is Remote Desktop, and how to "Start menu->Programs->Remote Work->password->Enter". In this talk I like the fact that I learned about deprecation this packet and need to start wrote on another library instead call sub-process. About security reasons: is acceptable for our company. For who don't need this patch can easy disable it. This is not package[1], only playbook for build this. [1] https://wiki.archlinux.org/index.php/Arch_User_Repository On 11/29/2016 07:06 PM, Yaniv Kaul wrote: -- Best regards, Konstantin Shalygin --------------458056678CBCA60D9CBDE91D Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit <html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> </head> <body text="#000000" bgcolor="#FFFFFF"> <p><font face="Fira Sans">Use case - </font><span id="result_box" class="short_text" tabindex="-1" lang="en"><span>Explain</span> <span>what is Virtual Machine to accountant or stockman</span> <span>-</span> <span class="">beyond my powers</span><span class="">. But they understand what is Remote Desktop, and how to "Start menu-&gt;Programs-&gt;Remote Work-&gt;password-&gt;Enter".</span></span></p> <p><br> <span id="result_box" class="" tabindex="-1" lang="en"><span>In this</span> <span>talk</span> <span>I like the fact</span> <span>that</span> <span>I learned</span> <span class="">about deprecation this packet and need to start wrote on another library instead call sub-process.</span></span></p> <p>About security reasons: is acceptable for our company. For who don't need this patch can easy disable it. This is not package[1], only playbook for build this.<br> <span id="result_box" class="" tabindex="-1" lang="en"><span class=""></span><span></span></span></p> <br> [1] <a href="https://wiki.archlinux.org/index.php/Arch_User_Repository"... <br> <div class="moz-cite-prefix">On 11/29/2016 07:06 PM, Yaniv Kaul wrote:<br> </div> <blockquote cite="mid:CAJgorsY_SksEnP2jQxBgdJyKW=4_qZZGZ=DwHQ13MteEN5jG5w@mail.gmail.com" type="cite"> <div dir="ltr"><br> <div class="gmail_extra"><br> <div class="gmail_quote">On Tue, Nov 29, 2016 at 3:40 AM, Konstantin Shalygin <span dir="ltr">&lt;<a moz-do-not-send="true" href="mailto:k0ste@k0ste.ru" target=&quot;_blank&quot;&gt;k0ste(a)k0ste.ru&lt;/a&gt;&amp;gt;&lt;/span&gt; wrote:<br> <blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">ovirt-shell will be deprecated and not supported or some functions on ovirt-shell (or all package ovirt-engine-cli)?<br> <br> We use ovirt-shell on client desktops who connected to SPICE consoles and work (users provided by LDAP on ovirt-engine), like via RDP. For this I wrote very fast-hack patch for ovirt-shell and GUI for enter password (<a moz-do-not-send="true" href="https://github.com/k0ste/ovirt-pygtk" rel="noreferrer" target="_blank">https://github.com/k0ste/ovir<wbr>t-py...>). Very simple, but via Internet people use SPICE without negative about packet loss and disconnects, instead RDP.</blockquote> <div><br> </div> <div>Can you further explain the use case? I assume the user portal is not good enough for some reason?</div> <div> </div> <blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><span class="gmail-"><br> <br> <blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"> BTW, the ovirt-shell is something we deprecated. It is working on top of<br> the v3 api, which we plan to remove in 4.2.<br> So better not use it.<br> </blockquote> <br> <br> </span> You can start maintain. For example I maintain packes for Arch Linux: ovirt-engine-cli (<a moz-do-not-send="true" href="https://aur.archlinux.org/packages/ovirt-engine-cli" rel="noreferrer" target="_blank">https://aur.archlinux.org/pac<wbr>kage...>) and ovirt-engine-sdk-python (<a moz-do-not-send="true" href="https://aur.archlinux.org/packages/ovirt-engine-sdk-python" rel="noreferrer" target="_blank">https://aur.archlinux.org/pac<wbr>kage... <div><br> </div> <div>Hi,</div> <div><br> </div> <div>It somehow looks like a fork of the CLI (due to the added patch[1]). </div> <div>I'm not sure how happy I am about it, considering the patch is adding a feature with security issues (there is a reason we do not support password passed via the command line - it's somewhat less secure).</div> <div>Since you are already checking for the CLI rc file[2], just add the password to it and launch with it (in a temp file in the temp directory with the right permissions, etc...)</div> <div><br> </div> <div>BTW, note that the attempt to delete the password from memory[3] may or may not work. After all, it's a copy of what you got from entry.get_text() few lines before.</div> <div>And Python GC is not really to be relied upon to delete things ASAP anyway. There are some lovely discussions on the Internet about it. For example[4].</div> <div>Y.</div> <div><br> </div> <div>[1] <a moz-do-not-send="true" href="https://github.com/k0ste/ovirt-pygtk/blob/master/add_password_... <div>[2] <a moz-do-not-send="true" href="https://github.com/k0ste/ovirt-pygtk/blob/master/ovirt-pygtk.p... <div>[3] <a moz-do-not-send="true" href="https://github.com/k0ste/ovirt-pygtk/blob/master/ovirt-pygtk.p... <div>[4] <a moz-do-not-send="true" href="http://stackoverflow.com/questions/728164/securely-erasing-pas... <blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><span class="gmail-im gmail-HOEnZb"><br> <br> <blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">   My workstation at work is running Ubuntu, and I do not believe that ovirt-shell is packaged for it.<br> </blockquote> <br> </span><span class="gmail-HOEnZb"><font color="#888888"> -- <br> Best regards,<br> Konstantin Shalygin</font></span> <div class="gmail-HOEnZb"> <div class="gmail-h5"><br> <br> <br> ______________________________<wbr>_________________<br> Users mailing list<br> <a moz-do-not-send="true" href="mailto:Users@ovirt.org" target=&quot;_blank&quot;&gt;Users(a)ovirt.org&lt;/a&gt;&lt;br&gt; <a moz-do-not-send="true" href="http://lists.ovirt.org/mailman/listinfo/users" rel="noreferrer" target="_blank">http://lists.ovirt.org/mailman<wbr>/li... </div> </div> </blockquote> </div> <br> </div> </div> </blockquote> <br> <pre class="moz-signature" cols="72">-- Best regards, Konstantin Shalygin </pre> </body> </html> --------------458056678CBCA60D9CBDE91D--