[Libguestfs] [PATCH nbdkit] vddk: Disallow password=-

[Eric Blake]

On 6/1/20 11:07 AM, Richard W.M. Jones wrote:
> This has been broken since we added the reexec code
> (commit 155af3107292c351d54ed42c732f4a67bb9aa910) because it
> tried to read the password twice (before and after the reexec) failing
> the second time because stdin had already been reopened on /dev/null.
> 
> Virt-v2v used this feature, but I will change virt-v2v instead.
> ---
>   plugins/vddk/nbdkit-vddk-plugin.pod | 7 +------
>   plugins/vddk/vddk.c                 | 4 ++++
>   2 files changed, 5 insertions(+), 6 deletions(-)

This is the simplest "fix", by avoiding the problem. It may still be 
possible to come up with something more robust, where (since we are 
already special-casing for "-" as the password value) we read the 
password prior to re-exec, and rewrite the command line of the re-exec 
to instead consume a temporary file.  But that's more complex, and 
doesn't stop us from pushing this now; if we ever do implement the more 
complex patch, we can roll back the documentation change.

And I already see that you have the counterpart v2v patch that hoists 
the reading of the password into v2v instead of worrying about vddk; the 
v2v hack of using a temporary file "works" in spite of our re-exec 
reading it twice, even if we want to eventually reach the point where a 
more complex patch in the vddk plugin would only read the password once 
before re-exec.

ACK.

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3226
Virtualization:  qemu.org | libvirt.org