diff options
author | Fabiano FidĂȘncio <fidencio@redhat.com> | 2019-07-03 16:01:28 +0200 |
---|---|---|
committer | Cole Robinson <crobinso@redhat.com> | 2019-07-03 13:25:26 -0400 |
commit | 58c68764505acd3eedae6d72e6a15493a18029db (patch) | |
tree | 2186645d9018d8f05218881f7072bc5674aa602c /man/virt-install.pod | |
parent | 5312a9611b61801d4a62d1959e65cf8d50c38eb1 (diff) | |
download | virt-manager-58c68764505acd3eedae6d72e6a15493a18029db.tar.gz |
unattended: Read the passwords from a file
Let's not expose the user/root password in the CLI and, instead, let's
rely on a file passed by the admin and read the password from there.
'CVE-2019-10183' has been assigned to the virt-install --unattended
admin-password=xxx disclosure issue.
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Fabiano FidĂȘncio <fidencio@redhat.com>
Diffstat (limited to 'man/virt-install.pod')
-rw-r--r-- | man/virt-install.pod | 24 |
1 files changed, 17 insertions, 7 deletions
diff --git a/man/virt-install.pod b/man/virt-install.pod index d8bd4127..081f28c3 100644 --- a/man/virt-install.pod +++ b/man/virt-install.pod @@ -612,13 +612,23 @@ Choose which libosinfo unattended profile to use. Most distros have a 'desktop' and a 'jeos' profile. virt-install will default to 'desktop' if this is unspecified. -=item B<admin-password=> - -Set the VM OS admin/root password - -=item B<user-password=> - -Set the VM user password. The username is your current host username +=item B<admin-password-file=> + +A file used to set the VM OS admin/root password from. This option can +be used either as "admin-password-file=/path/to/password-file" or as +"admin-password-file=/dev/fd/n", being n the file descriptor of the +password-file. +Note that only the first line of the file will be considered, including +any whitespace characters and excluding new-line. + +=item B<user-password-file=> + +A file used to set the VM user password. This option can be used either as +"user-password-file=/path/to/password-file" or as +"user-password-file=/dev/fd/n", being n the file descriptor of the +password-file. The username is your current host username. +Note that only the first line of the file will be considered, including +any whitespace characters and excluding new-line. =item B<product-key=> |