[ovirt-users] I wrote an oVirt thing
Konstantin Shalygin
k0ste at k0ste.ru
Tue Nov 29 12:48:26 UTC 2016
Use case - Explain what is Virtual Machine to accountant or stockman -
beyond my powers. But they understand what is Remote Desktop, and how to
"Start menu->Programs->Remote Work->password->Enter".
In this talk I like the fact that I learned about deprecation this
packet and need to start wrote on another library instead call sub-process.
About security reasons: is acceptable for our company. For who don't
need this patch can easy disable it. This is not package[1], only
playbook for build this.
[1] https://wiki.archlinux.org/index.php/Arch_User_Repository
On 11/29/2016 07:06 PM, Yaniv Kaul wrote:
>
>
> On Tue, Nov 29, 2016 at 3:40 AM, Konstantin Shalygin <k0ste at k0ste.ru
> <mailto:k0ste at k0ste.ru>> wrote:
>
> ovirt-shell will be deprecated and not supported or some functions
> on ovirt-shell (or all package ovirt-engine-cli)?
>
> We use ovirt-shell on client desktops who connected to SPICE
> consoles and work (users provided by LDAP on ovirt-engine), like
> via RDP. For this I wrote very fast-hack patch for ovirt-shell and
> GUI for enter password (https://github.com/k0ste/ovirt-pygtk
> <https://github.com/k0ste/ovirt-pygtk>). Very simple, but via
> Internet people use SPICE without negative about packet loss and
> disconnects, instead RDP.
>
>
> Can you further explain the use case? I assume the user portal is not
> good enough for some reason?
>
>
>
> BTW, the ovirt-shell is something we deprecated. It is working
> on top of
> the v3 api, which we plan to remove in 4.2.
> So better not use it.
>
>
>
> You can start maintain. For example I maintain packes for Arch
> Linux: ovirt-engine-cli
> (https://aur.archlinux.org/packages/ovirt-engine-cli
> <https://aur.archlinux.org/packages/ovirt-engine-cli>) and
> ovirt-engine-sdk-python
> (https://aur.archlinux.org/packages/ovirt-engine-sdk-python
> <https://aur.archlinux.org/packages/ovirt-engine-sdk-python>).
>
>
> Hi,
>
> It somehow looks like a fork of the CLI (due to the added patch[1]).
> I'm not sure how happy I am about it, considering the patch is adding
> a feature with security issues (there is a reason we do not support
> password passed via the command line - it's somewhat less secure).
> Since you are already checking for the CLI rc file[2], just add the
> password to it and launch with it (in a temp file in the temp
> directory with the right permissions, etc...)
>
> BTW, note that the attempt to delete the password from memory[3] may
> or may not work. After all, it's a copy of what you got
> from entry.get_text() few lines before.
> And Python GC is not really to be relied upon to delete things ASAP
> anyway. There are some lovely discussions on the Internet about it.
> For example[4].
> Y.
>
> [1]
> https://github.com/k0ste/ovirt-pygtk/blob/master/add_password_option.patch
> [2] https://github.com/k0ste/ovirt-pygtk/blob/master/ovirt-pygtk.py#L81
> [3] https://github.com/k0ste/ovirt-pygtk/blob/master/ovirt-pygtk.py#L71
> [4]
> http://stackoverflow.com/questions/728164/securely-erasing-password-in-memory-python
>
>
>
> My workstation at work is running Ubuntu, and I do not
> believe that ovirt-shell is packaged for it.
>
>
> --
> Best regards,
> Konstantin Shalygin
>
>
>
> _______________________________________________
> Users mailing list
> Users at ovirt.org <mailto:Users at ovirt.org>
> http://lists.ovirt.org/mailman/listinfo/users
> <http://lists.ovirt.org/mailman/listinfo/users>
>
>
--
Best regards,
Konstantin Shalygin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20161129/59078a20/attachment-0001.html>
More information about the Users
mailing list