[libvirt] [PATCH 3/4] virsh: secret: Allow setting secrets from file
Ján Tomko
jtomko at redhat.com
Tue Jan 21 13:52:38 UTC 2020
On Fri, Jan 10, 2020 at 04:42:43PM +0100, Peter Krempa wrote:
>The necessity to specify the secret value as command argument is
>insecure. Allow reading the secret from a file.
>
>Signed-off-by: Peter Krempa <pkrempa at redhat.com>
>---
> docs/manpages/virsh.rst | 5 +++--
> tools/virsh-secret.c | 30 +++++++++++++++++++++++++++---
> 2 files changed, 30 insertions(+), 5 deletions(-)
>
>diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst
>index fcc8ef6758..992b1daf90 100644
>--- a/docs/manpages/virsh.rst
>+++ b/docs/manpages/virsh.rst
>@@ -6558,10 +6558,11 @@ secret-set-value
>
> .. code-block::
>
>- secret-set-value secret base64
>+ secret-set-value secret (--file filename | base64)
>
> Set the value associated with *secret* (specified by its UUID) to the value
>-Base64-encoded value *base64*.
>+Base64-encoded value *base64* or from file named *filename*. Note that *--file*
>+and *base64* options are mutually exclusive.
>
>
> secret-passwd
Please include a way to read the secret from an EBCDIC-encoded file,
just for completeness.
Jano
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20200121/603435c3/attachment-0001.sig>
More information about the libvir-list
mailing list