[Kimchi-devel] [RFC] New API to create a random guest console password

Aline Manera alinefm at linux.vnet.ibm.com
Mon Oct 13 20:53:11 UTC 2014


On 10/13/2014 04:01 PM, Aline Manera wrote:
> Today user may set/change the guest console password and also its 
> expiration time through Kimchi API.
> When passing an empty password, a random password is automatically 
> generated.
>
> curl -u <user:password> -H "Content-Type: application/json" -H 
> "Accept: application/json"
>     http://localhost:8010/vms/blah -X PUT -d'{"graphics": {"passwd": 
> ""}}'
>
> That way is difficult to handle when user wants to reset the guest 
> password.
>
> We have a similar issue when we automatically change the passwdValidTo 
> when it is expired - increasing it in 30 seconds.
>
> My proposal is simple: only change "passwd" and "passwdValidTo" when 
> user wants to do it.
>
> curl -u <user:password> -H "Content-Type: application/json" -H 
> "Accept: application/json"
>     http://localhost:8010/vms/blah -X PUT -d'{"graphics": {"passwd": 
> "123456", "passwdValidTo": "<some datetime format>"}}'
>
> curl -u <user:password> -H "Content-Type: application/json" -H 
> "Accept: application/json"
>     http://localhost:8010/vms/blah -X PUT -d'{"graphics": 
> {"passwdValidTo": "<some datetime format>"}}'
>
> And make sure the passwdValidTo is only acceptable when there is a 
> passwd set.
>
> And to reset those values, we only need to send an empty string:
>
> curl -u <user:password> -H "Content-Type: application/json" -H 
> "Accept: application/json"
>     http://localhost:8010/vms/blah -X PUT -d'{"graphics": {"password": 
> "", "passwdValidTo": ""}}'
>

> And create a new API: POST /vms/blah/ticket to automatically generate 
> a random password valid only for 30 seconds.
>
> curl -u <user:password> -H "Content-Type: application/json" -H 
> "Accept: application/json"
>     http://localhost:8010/vms/blah/ticket -X POST -d'{}'

Or even simpler, let UI create a random password and its expiration time 
and use the PUT request to do that changes.

>
> What do you think about it?
>
> Regards,
> Aline Manera
>
> _______________________________________________
> Kimchi-devel mailing list
> Kimchi-devel at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/kimchi-devel
>




More information about the Kimchi-devel mailing list