On 11/11/20 1:04 PM, Michal Privoznik wrote:
On 11/11/20 11:32 AM, Peter Krempa wrote:
On Tue, Nov 10, 2020 at 16:11:40 +0100, Michal Privoznik wrote:
Marc-André posted a patch that implements agent handling. I've written
the rest.
Marc-André Lureau (1):
qemu_agent: add qemuAgentSSH{Add,Remove,Get}AuthorizedKeys
Michal Prívozník (5):
Introduce OpenSSH authorized key file mgmt APIs
One more thing to think about:
Since we are getting random requests for setters of various bits which
we have to bend the rule "we don't care what's running in the VM" and
which don't really scale when adding new APIs. I propose we add a
generic guest agent setter which will be extensible using a typed
parameters and a type property.
It will basically become the counterpart to virDomainGetGuestInfo.
The extensions then become enum additions and code additions only and
will be more flexible for future use.
The same way the getter forthe ssh keys should become part of
virDomainGetGuestInfo, obviously auditing whether a read-write
connection is used.
example:
int
qemuDomainSetGuestInfo(virDomainPtr dom,
virDomainSetGuestInfoType type,
virTypedParamPtr params,
unsigned int nparams,
unsigned int flags);
Invocation for setting keys:
virTypedParamsAddString(..., "user", "root")
virTypedParamsAddString(..., "key", "ssh-rsa AA.... root@localhost")
virTypedParamsAddString(..., "key", "ssh-rsa AA.... user@localhost")
etc.
Yeah, this is much more extensible. Okay, let me send v2.
My enthusiasm might had been premature. virDomainGetGuestInfo() does not
send anything but virDomainPtr, unsigned int types and flags down the
wire. While we can make @params be both in and out type of arguments,
it's going to require change of RPC. I mean the way that qemu-ga APIs
are implemented is that for listing ssh keys the API expects an user on
the input so that it can construct $HOME/.ssh/authorized_keys path. How
to pass this through virDomainGetGuestInfo()? Okay, we could work around
it by just listing SSH keys for all users and let caller filter our the
interesting ones, but this is: a) scary from security POV, b)
suboptimal because we might hit message size limit pretty soon. Also,
there is no qemu-ga API to list all users, just those logged in
currently. And the whole point of these new APIs is to set up SSH keys
before user logs in.
Michal