Re: [PATCH 3/6] virsh: Expose OpenSSH authorized key file mgmt APIs

Peter Krempa <pkrempa@xxxxxxxxxx> · Wed, 11 Nov 2020 09:17:30 +0100

On Tue, Nov 10, 2020 at 16:11:43 +0100, Michal Privoznik wrote:
> The new virsh commands are:
> 
>   get-user-sshkeys
>   set-user-sshkeys
> 
> Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx>
> ---
>  docs/manpages/virsh.rst |  37 ++++++++++
>  tools/virsh-domain.c    | 152 ++++++++++++++++++++++++++++++++++++++++
>  2 files changed, 189 insertions(+)

[...]

> diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c
> index 1ae936c6b2..f51765cb42 100644
> --- a/tools/virsh-domain.c
> +++ b/tools/virsh-domain.c

[...]

> +static const vshCmdOptDef opts_set_user_sshkeys[] = {
> +    VIRSH_COMMON_OPT_DOMAIN_FULL(VIR_CONNECT_LIST_DOMAINS_ACTIVE),
> +    {.name = "user",
> +     .type = VSH_OT_DATA,
> +     .flags = VSH_OFLAG_REQ,
> +     .help = N_("user to list authorized keys for"),
> +    },
> +    {.name = "append",
> +     .type = VSH_OT_BOOL,
> +     .help = N_("append keys to the file"),
> +    },
> +    {.name = "remove",
> +     .type = VSH_OT_BOOL,
> +     .help = N_("remove keys from the file"),
> +    },
> +    {.name = "keys",
> +     .type = VSH_OT_ARGV,
> +     .help = N_("OpenSSH keys"),
> +    },
> +    {.name = NULL}
> +};

The --keys ARGV option is not very userfriendly, given that the ssh key
has spaces in it ("ssh-rsa AAA...... user@host") ...

> +static bool
> +cmdSetUserSSHKeys(vshControl *ctl, const vshCmd *cmd)
> +{
> +    virDomainPtr dom = NULL;
> +    const char *user;
> +    const vshCmdOpt *opt = NULL;
> +    g_autofree const char **keys = NULL;
> +    int nkeys = 0;
> +    unsigned int flags = 0;
> +    bool ret = false;
> +
> +    if (!(dom = virshCommandOptDomain(ctl, cmd, NULL)))
> +        return false;
> +
> +    if (vshCommandOptStringReq(ctl, cmd, "user", &user) < 0)
> +        goto cleanup;
> +
> +    if (vshCommandOptBool(cmd, "append"))
> +        flags |= VIR_DOMAIN_AUTHORIZED_SSH_KEYS_SET_APPEND;
> +    if (vshCommandOptBool(cmd, "remove"))
> +        flags |= VIR_DOMAIN_AUTHORIZED_SSH_KEYS_SET_REMOVE;
> +
> +    while ((opt = vshCommandOptArgv(ctl, cmd, opt))) {
> +        keys = g_renew(const char *, keys, nkeys + 1);
> +        keys[nkeys] = opt->data;
> +        nkeys++;

... especially the way it's implemented here, where without using quotes
it would treat the key as 3 keys.

IMO a way better way is to read the key from a file. If you really want
to take key from command line, make using file optional at least.

> +    }
> +
> +    if (virDomainAuthorizedSSHKeysSet(dom, user, keys, nkeys, flags) < 0)
> +        goto cleanup;