Libguestfs - May 2017 - [PATCH] v2v: add crypto support (RHBZ#1451665)

Make use of the additional command line arguments, and API needed to
decrypt LUKS partitions.  This extends to v2v the work done in other
OCaml tools with commit 6b26a0cce4f1d6264bee88902b8931e39288c901,
since it seems to be working fine after a basic testing.

Related to: RHBZ#1362649
---
 v2v/cmdline.ml   |  2 +-
 v2v/v2v.ml       |  3 +++
 v2v/virt-v2v.pod | 20 ++++++++++++++++++++
 3 files changed, 24 insertions(+), 1 deletion(-)

diff --git a/v2v/cmdline.ml b/v2v/cmdline.ml
index a1338eb..70301ab 100644
--- a/v2v/cmdline.ml
+++ b/v2v/cmdline.ml
@@ -236,7 +236,7 @@ A short summary of the options is given below.  For detailed
help please
 read the man page virt-v2v(1).
 ")
       prog in
-  let opthandle = create_standard_options argspec ~anon_fun usage_msg in
+  let opthandle = create_standard_options argspec ~anon_fun ~key_opts:true
usage_msg in
   Getopt.parse opthandle;
 
   (* Dereference the arguments. *)
diff --git a/v2v/v2v.ml b/v2v/v2v.ml
index 8cf1fad..59f5ef1 100644
--- a/v2v/v2v.ml
+++ b/v2v/v2v.ml
@@ -86,6 +86,9 @@ let rec main ()  
   g#launch ();
 
+  (* Decrypt the disks. *)
+  inspect_decrypt g;
+
   (* Inspection - this also mounts up the filesystems. *)
   (match conversion_mode with
    | Copying _ -> message (f_"Inspecting the overlay")
diff --git a/v2v/virt-v2v.pod b/v2v/virt-v2v.pod
index f6d196f..c255c0d 100644
--- a/v2v/virt-v2v.pod
+++ b/v2v/virt-v2v.pod
@@ -302,6 +302,17 @@ Save the overlay file(s) created during conversion.  This
option is
 only used for debugging virt-v2v and may be removed in a future
 version.
 
+=item B<--echo-keys>
+
+When prompting for keys and passphrases, virt-v2v normally turns
+echoing off so you cannot see what you are typing.  If you are not
+worried about Tempest attacks and there is no one else in the room you
+can specify this flag to see what you are typing.
+
+Note this options only applies to keys and passphrases for encrypted
+devices and partitions, not for passwords used to connect to remote
+servers.
+
 =item B<-i> B<disk>
 
 Set the input method to I<disk>.
@@ -382,6 +393,15 @@ See L</IN PLACE CONVERSION> below.
 
 Conflicts with all I<-o *> options.
 
+=item B<--keys-from-stdin>
+
+Read key or passphrase parameters from stdin.  The default is
+to try to read passphrases from the user by opening F</dev/tty>.
+
+Note this options only applies to keys and passphrases for encrypted
+devices and partitions, not for passwords used to connect to remote
+servers.
+
 =item B<--machine-readable>
 
 This option is used to make the output more machine friendly
-- 
2.9.4

On Mon, May 22, 2017 at 11:42:52AM +0200, Pino Toscano
wrote:
> Make use of the additional command line arguments, and API needed to
> decrypt LUKS partitions.  This extends to v2v the work done in other
> OCaml tools with commit 6b26a0cce4f1d6264bee88902b8931e39288c901,
> since it seems to be working fine after a basic testing.
> 
> Related to: RHBZ#1362649
Seems reasonable, ACK.

Rich.
>  v2v/cmdline.ml   |  2 +-
>  v2v/v2v.ml       |  3 +++
>  v2v/virt-v2v.pod | 20 ++++++++++++++++++++
>  3 files changed, 24 insertions(+), 1 deletion(-)
> 
> diff --git a/v2v/cmdline.ml b/v2v/cmdline.ml
> index a1338eb..70301ab 100644
> --- a/v2v/cmdline.ml
> +++ b/v2v/cmdline.ml
> @@ -236,7 +236,7 @@ A short summary of the options is given below.  For
detailed help please
>  read the man page virt-v2v(1).
>  ")
>        prog in
> -  let opthandle = create_standard_options argspec ~anon_fun usage_msg in
> +  let opthandle = create_standard_options argspec ~anon_fun ~key_opts:true
usage_msg in
>    Getopt.parse opthandle;
>  
>    (* Dereference the arguments. *)
> diff --git a/v2v/v2v.ml b/v2v/v2v.ml
> index 8cf1fad..59f5ef1 100644
> --- a/v2v/v2v.ml
> +++ b/v2v/v2v.ml
> @@ -86,6 +86,9 @@ let rec main () >  
>    g#launch ();
>  
> +  (* Decrypt the disks. *)
> +  inspect_decrypt g;
> +
>    (* Inspection - this also mounts up the filesystems. *)
>    (match conversion_mode with
>     | Copying _ -> message (f_"Inspecting the overlay")
> diff --git a/v2v/virt-v2v.pod b/v2v/virt-v2v.pod
> index f6d196f..c255c0d 100644
> --- a/v2v/virt-v2v.pod
> +++ b/v2v/virt-v2v.pod
> @@ -302,6 +302,17 @@ Save the overlay file(s) created during conversion. 
This option is
>  only used for debugging virt-v2v and may be removed in a future
>  version.
>  
> +=item B<--echo-keys>
> +
> +When prompting for keys and passphrases, virt-v2v normally turns
> +echoing off so you cannot see what you are typing.  If you are not
> +worried about Tempest attacks and there is no one else in the room you
> +can specify this flag to see what you are typing.
> +
> +Note this options only applies to keys and passphrases for encrypted
> +devices and partitions, not for passwords used to connect to remote
> +servers.
> +
>  =item B<-i> B<disk>
>  
>  Set the input method to I<disk>.
> @@ -382,6 +393,15 @@ See L</IN PLACE CONVERSION> below.
>  
>  Conflicts with all I<-o *> options.
>  
> +=item B<--keys-from-stdin>
> +
> +Read key or passphrase parameters from stdin.  The default is
> +to try to read passphrases from the user by opening F</dev/tty>.
> +
> +Note this options only applies to keys and passphrases for encrypted
> +devices and partitions, not for passwords used to connect to remote
> +servers.
> +
>  =item B<--machine-readable>
>  
>  This option is used to make the output more machine friendly
> -- 
> 2.9.4
> 
> _______________________________________________
> Libguestfs mailing list
> Libguestfs@redhat.com
> https://www.redhat.com/mailman/listinfo/libguestfs
-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-p2v converts physical machines to virtual machines.  Boot with a
live CD or over the network (PXE) and turn machines into KVM guests.
http://libguestfs.org/virt-v2v