diff options
| author | WGH <wgh@torlan.ru> | 2021-03-21 20:44:04 +0300 |
|---|---|---|
| committer | Cole Robinson <crobinso@redhat.com> | 2021-04-06 18:30:08 -0400 |
| commit | fae3fecc1e01d973109f16a13afeb9f5c44359c8 (patch) | |
| tree | 9795cc181e13666602375500b0e15306587b7dd5 /virtManager/object/domain.py | |
| parent | d9b5090e061e9fad9738359a8b1f86f16eac45cf (diff) | |
| download | virt-manager-fae3fecc1e01d973109f16a13afeb9f5c44359c8.tar.gz | |
Improve Secret Service interoperability
The current implementation of Secret Service keyring client assumes that
the last component of an item path is integer, which is not true for some
Secret Service server implementations (e.g. KeePassXC). Besides,
the Secret Service API documents advises against recording object path
(not to mentioning parsing it in any way), recommending using lookup attributes
instead[1].
This commit fixes the code to behave in more interoperable way.
- The item path (called "keyid" in code) is no longer parsed and stored anywhere.
- The secret item is looked up in the Secret Service using hvuri and machine
uuid attributes.
- /console-password with (username, keyid) is removed from GSettings
storage. Instead, only username is stored in /console-username.
[1] https://specifications.freedesktop.org/secret-service/latest/ch03.html
Resolves: #237
Diffstat (limited to 'virtManager/object/domain.py')
| -rw-r--r-- | virtManager/object/domain.py | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/virtManager/object/domain.py b/virtManager/object/domain.py index cc2f506d..805e5576 100644 --- a/virtManager/object/domain.py +++ b/virtManager/object/domain.py @@ -1597,14 +1597,14 @@ class vmmDomain(vmmLibvirtObject): ret = self.config.get_pervm(self.get_uuid(), "/vm-window-size") return ret - def get_console_password(self): - return self.config.get_pervm(self.get_uuid(), "/console-password") - def set_console_password(self, username, keyid): - return self.config.set_pervm(self.get_uuid(), "/console-password", - (username, keyid)) - def del_console_password(self): - return self.config.set_pervm(self.get_uuid(), "/console-password", - ("", -1)) + def get_console_username(self): + return self.config.get_pervm(self.get_uuid(), "/console-username") + def set_console_username(self, username): + return self.config.set_pervm(self.get_uuid(), "/console-username", + username) + def del_console_username(self): + return self.config.set_pervm(self.get_uuid(), "/console-username", + "") def get_cache_dir(self): ret = os.path.join(self.conn.get_cache_dir(), self.get_uuid()) |