Pino Toscano
2017-May-22 09:42 UTC
[Libguestfs] [PATCH] v2v: add crypto support (RHBZ#1451665)
Make use of the additional command line arguments, and API needed to decrypt LUKS partitions. This extends to v2v the work done in other OCaml tools with commit 6b26a0cce4f1d6264bee88902b8931e39288c901, since it seems to be working fine after a basic testing. Related to: RHBZ#1362649 --- v2v/cmdline.ml | 2 +- v2v/v2v.ml | 3 +++ v2v/virt-v2v.pod | 20 ++++++++++++++++++++ 3 files changed, 24 insertions(+), 1 deletion(-) diff --git a/v2v/cmdline.ml b/v2v/cmdline.ml index a1338eb..70301ab 100644 --- a/v2v/cmdline.ml +++ b/v2v/cmdline.ml @@ -236,7 +236,7 @@ A short summary of the options is given below. For detailed help please read the man page virt-v2v(1). ") prog in - let opthandle = create_standard_options argspec ~anon_fun usage_msg in + let opthandle = create_standard_options argspec ~anon_fun ~key_opts:true usage_msg in Getopt.parse opthandle; (* Dereference the arguments. *) diff --git a/v2v/v2v.ml b/v2v/v2v.ml index 8cf1fad..59f5ef1 100644 --- a/v2v/v2v.ml +++ b/v2v/v2v.ml @@ -86,6 +86,9 @@ let rec main () g#launch (); + (* Decrypt the disks. *) + inspect_decrypt g; + (* Inspection - this also mounts up the filesystems. *) (match conversion_mode with | Copying _ -> message (f_"Inspecting the overlay") diff --git a/v2v/virt-v2v.pod b/v2v/virt-v2v.pod index f6d196f..c255c0d 100644 --- a/v2v/virt-v2v.pod +++ b/v2v/virt-v2v.pod @@ -302,6 +302,17 @@ Save the overlay file(s) created during conversion. This option is only used for debugging virt-v2v and may be removed in a future version. +=item B<--echo-keys> + +When prompting for keys and passphrases, virt-v2v normally turns +echoing off so you cannot see what you are typing. If you are not +worried about Tempest attacks and there is no one else in the room you +can specify this flag to see what you are typing. + +Note this options only applies to keys and passphrases for encrypted +devices and partitions, not for passwords used to connect to remote +servers. + =item B<-i> B<disk> Set the input method to I<disk>. @@ -382,6 +393,15 @@ See L</IN PLACE CONVERSION> below. Conflicts with all I<-o *> options. +=item B<--keys-from-stdin> + +Read key or passphrase parameters from stdin. The default is +to try to read passphrases from the user by opening F</dev/tty>. + +Note this options only applies to keys and passphrases for encrypted +devices and partitions, not for passwords used to connect to remote +servers. + =item B<--machine-readable> This option is used to make the output more machine friendly -- 2.9.4
Richard W.M. Jones
2017-May-22 10:01 UTC
Re: [Libguestfs] [PATCH] v2v: add crypto support (RHBZ#1451665)
On Mon, May 22, 2017 at 11:42:52AM +0200, Pino Toscano wrote:> Make use of the additional command line arguments, and API needed to > decrypt LUKS partitions. This extends to v2v the work done in other > OCaml tools with commit 6b26a0cce4f1d6264bee88902b8931e39288c901, > since it seems to be working fine after a basic testing. > > Related to: RHBZ#1362649Seems reasonable, ACK. Rich.> v2v/cmdline.ml | 2 +- > v2v/v2v.ml | 3 +++ > v2v/virt-v2v.pod | 20 ++++++++++++++++++++ > 3 files changed, 24 insertions(+), 1 deletion(-) > > diff --git a/v2v/cmdline.ml b/v2v/cmdline.ml > index a1338eb..70301ab 100644 > --- a/v2v/cmdline.ml > +++ b/v2v/cmdline.ml > @@ -236,7 +236,7 @@ A short summary of the options is given below. For detailed help please > read the man page virt-v2v(1). > ") > prog in > - let opthandle = create_standard_options argspec ~anon_fun usage_msg in > + let opthandle = create_standard_options argspec ~anon_fun ~key_opts:true usage_msg in > Getopt.parse opthandle; > > (* Dereference the arguments. *) > diff --git a/v2v/v2v.ml b/v2v/v2v.ml > index 8cf1fad..59f5ef1 100644 > --- a/v2v/v2v.ml > +++ b/v2v/v2v.ml > @@ -86,6 +86,9 @@ let rec main () > > g#launch (); > > + (* Decrypt the disks. *) > + inspect_decrypt g; > + > (* Inspection - this also mounts up the filesystems. *) > (match conversion_mode with > | Copying _ -> message (f_"Inspecting the overlay") > diff --git a/v2v/virt-v2v.pod b/v2v/virt-v2v.pod > index f6d196f..c255c0d 100644 > --- a/v2v/virt-v2v.pod > +++ b/v2v/virt-v2v.pod > @@ -302,6 +302,17 @@ Save the overlay file(s) created during conversion. This option is > only used for debugging virt-v2v and may be removed in a future > version. > > +=item B<--echo-keys> > + > +When prompting for keys and passphrases, virt-v2v normally turns > +echoing off so you cannot see what you are typing. If you are not > +worried about Tempest attacks and there is no one else in the room you > +can specify this flag to see what you are typing. > + > +Note this options only applies to keys and passphrases for encrypted > +devices and partitions, not for passwords used to connect to remote > +servers. > + > =item B<-i> B<disk> > > Set the input method to I<disk>. > @@ -382,6 +393,15 @@ See L</IN PLACE CONVERSION> below. > > Conflicts with all I<-o *> options. > > +=item B<--keys-from-stdin> > + > +Read key or passphrase parameters from stdin. The default is > +to try to read passphrases from the user by opening F</dev/tty>. > + > +Note this options only applies to keys and passphrases for encrypted > +devices and partitions, not for passwords used to connect to remote > +servers. > + > =item B<--machine-readable> > > This option is used to make the output more machine friendly > -- > 2.9.4 > > _______________________________________________ > Libguestfs mailing list > Libguestfs@redhat.com > https://www.redhat.com/mailman/listinfo/libguestfs-- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com virt-p2v converts physical machines to virtual machines. Boot with a live CD or over the network (PXE) and turn machines into KVM guests. http://libguestfs.org/virt-v2v
Possibly Parallel Threads
- [PATCH 3/3] OCaml tools: add crypto support (RHBZ#1362649)
- [PATCH 0/3] add crypto/LUKS support in some OCaml-based tools
- [PATCH 1/2] mlstdutils/mltools: factorize the machine-readable option
- [PATCH 1/2] mltools: create a cmdline_options struct
- [PATCH 0/2] RFC: --key option for tools