You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
169 lines
5.6 KiB
169 lines
5.6 KiB
From 08fb8316b4ac42fe74c1fa5ca0ac593222cdf81a Mon Sep 17 00:00:00 2001 |
|
From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= <fidencio@redhat.com> |
|
Date: Wed, 3 Jul 2019 14:55:24 +0200 |
|
Subject: [PATCH] tools,install-script: Add --config-file (-f) option |
|
MIME-Version: 1.0 |
|
Content-Type: text/plain; charset=UTF-8 |
|
Content-Transfer-Encoding: 8bit |
|
|
|
Let's add a new option so users can set their config from a file, |
|
instead of directly passing the values via command-line. |
|
|
|
CVE-2019-13313 |
|
Libosinfo: osinfo-install-script option leaks password via command line |
|
argument. 'osinfo-install-script' is used to generate a script for |
|
automated guest installations. It accepts user and admin passwords via |
|
command line arguments, thus leaking them via process listing. |
|
|
|
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com> |
|
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> |
|
--- |
|
tools/osinfo-install-script.c | 102 +++++++++++++++++++++++++++++++++- |
|
1 file changed, 101 insertions(+), 1 deletion(-) |
|
|
|
diff --git a/tools/osinfo-install-script.c b/tools/osinfo-install-script.c |
|
index 15af48d..af58440 100644 |
|
--- a/tools/osinfo-install-script.c |
|
+++ b/tools/osinfo-install-script.c |
|
@@ -37,6 +37,33 @@ static gboolean list_profile = FALSE; |
|
static gboolean list_inj_method = FALSE; |
|
static gboolean quiet = FALSE; |
|
|
|
+static const gchar *configs[] = { |
|
+ OSINFO_INSTALL_CONFIG_PROP_HARDWARE_ARCH, |
|
+ OSINFO_INSTALL_CONFIG_PROP_L10N_TIMEZONE, |
|
+ OSINFO_INSTALL_CONFIG_PROP_L10N_LANGUAGE, |
|
+ OSINFO_INSTALL_CONFIG_PROP_L10N_KEYBOARD, |
|
+ OSINFO_INSTALL_CONFIG_PROP_ADMIN_PASSWORD, |
|
+ OSINFO_INSTALL_CONFIG_PROP_USER_PASSWORD, |
|
+ OSINFO_INSTALL_CONFIG_PROP_USER_LOGIN, |
|
+ OSINFO_INSTALL_CONFIG_PROP_USER_REALNAME, |
|
+ OSINFO_INSTALL_CONFIG_PROP_USER_AUTOLOGIN, |
|
+ OSINFO_INSTALL_CONFIG_PROP_USER_ADMIN, |
|
+ OSINFO_INSTALL_CONFIG_PROP_REG_LOGIN, |
|
+ OSINFO_INSTALL_CONFIG_PROP_REG_PASSWORD, |
|
+ OSINFO_INSTALL_CONFIG_PROP_REG_PRODUCTKEY, |
|
+ OSINFO_INSTALL_CONFIG_PROP_HOSTNAME, |
|
+ OSINFO_INSTALL_CONFIG_PROP_TARGET_DISK, |
|
+ OSINFO_INSTALL_CONFIG_PROP_SCRIPT_DISK, |
|
+ OSINFO_INSTALL_CONFIG_PROP_AVATAR_LOCATION, |
|
+ OSINFO_INSTALL_CONFIG_PROP_AVATAR_DISK, |
|
+ OSINFO_INSTALL_CONFIG_PROP_PRE_INSTALL_DRIVERS_DISK, |
|
+ OSINFO_INSTALL_CONFIG_PROP_PRE_INSTALL_DRIVERS_LOCATION, |
|
+ OSINFO_INSTALL_CONFIG_PROP_POST_INSTALL_DRIVERS_DISK, |
|
+ OSINFO_INSTALL_CONFIG_PROP_POST_INSTALL_DRIVERS_LOCATION, |
|
+ OSINFO_INSTALL_CONFIG_PROP_DRIVER_SIGNING, |
|
+ NULL |
|
+}; |
|
+ |
|
static OsinfoInstallConfig *config; |
|
|
|
static gboolean handle_config(const gchar *option_name G_GNUC_UNUSED, |
|
@@ -65,6 +93,47 @@ static gboolean handle_config(const gchar *option_name G_GNUC_UNUSED, |
|
} |
|
|
|
|
|
+static gboolean handle_config_file(const gchar *option_name G_GNUC_UNUSED, |
|
+ const gchar *value, |
|
+ gpointer data G_GNUC_UNUSED, |
|
+ GError **error) |
|
+{ |
|
+ GKeyFile *key_file = NULL; |
|
+ gchar *val = NULL; |
|
+ gsize i; |
|
+ gboolean ret = FALSE; |
|
+ |
|
+ key_file = g_key_file_new(); |
|
+ if (!g_key_file_load_from_file(key_file, value, G_KEY_FILE_NONE, error)) |
|
+ goto error; |
|
+ |
|
+ for (i = 0; configs[i] != NULL; i++) { |
|
+ val = g_key_file_get_string(key_file, "install-script", configs[i], error); |
|
+ if (val == NULL) { |
|
+ if (g_error_matches(*error, G_KEY_FILE_ERROR, |
|
+ G_KEY_FILE_ERROR_KEY_NOT_FOUND)) { |
|
+ g_clear_error(error); |
|
+ continue; |
|
+ } |
|
+ |
|
+ goto error; |
|
+ } |
|
+ |
|
+ osinfo_entity_set_param(OSINFO_ENTITY(config), |
|
+ configs[i], |
|
+ val); |
|
+ g_free(val); |
|
+ } |
|
+ |
|
+ ret = TRUE; |
|
+ |
|
+error: |
|
+ g_key_file_unref(key_file); |
|
+ |
|
+ return ret; |
|
+} |
|
+ |
|
+ |
|
static GOptionEntry entries[] = |
|
{ |
|
{ "profile", 'p', 0, G_OPTION_ARG_STRING, (void*)&profile, |
|
@@ -78,6 +147,9 @@ static GOptionEntry entries[] = |
|
{ "config", 'c', 0, G_OPTION_ARG_CALLBACK, |
|
handle_config, |
|
N_("Set configuration parameter"), "key=value" }, |
|
+ { "config-file", 'f', 0, G_OPTION_ARG_CALLBACK, |
|
+ handle_config_file, |
|
+ N_("Set configuration parameters"), "file:///path/to/config/file" }, |
|
{ "list-config", '\0', 0, G_OPTION_ARG_NONE, (void*)&list_config, |
|
N_("List configuration parameters"), NULL }, |
|
{ "list-profiles", '\0', 0, G_OPTION_ARG_NONE, (void*)&list_profile, |
|
@@ -448,6 +520,15 @@ script. Defaults to C<media>, but can also be C<network>. |
|
|
|
Set the configuration parameter C<key> to C<value>. |
|
|
|
+=item B<--config-file=config-file> |
|
+ |
|
+Set the configurations parameters according to the config-file passed. |
|
+ |
|
+Note that use of --config-file is strongly recommended if the user or |
|
+admin passwords need to be set. Providing passwords directly using |
|
+B<--config=> is insecure as the password is visible to all processes |
|
+and users on the same host. |
|
+ |
|
=back |
|
|
|
=head1 CONFIGURATION KEYS |
|
@@ -510,9 +591,29 @@ The software registration user password |
|
|
|
=back |
|
|
|
+=head1 CONFIGURATION FILE FORMAT |
|
+ |
|
+The configuration file must consist in a file which contains a |
|
+`install-script` group and, under this group, C<key>=C<value> |
|
+pairs, as shown below: |
|
+ |
|
+[install-script] |
|
+l10n-timezone=GMT |
|
+l10n-keyboard=uk |
|
+l10n-language=en_GB |
|
+admin-password=123456 |
|
+user-login=berrange |
|
+user-password=123456 |
|
+user-realname="Daniel P Berrange" |
|
+ |
|
=head1 EXAMPLE USAGE |
|
|
|
-The following usage generates a Fedora 16 kickstart script |
|
+The following usages generates a Fedora 16 kickstart script |
|
+ |
|
+ # osinfo-install-script \ |
|
+ --profile jeos \ |
|
+ --config-file /path/to/config/file \ |
|
+ fedora16 |
|
|
|
# osinfo-install-script \ |
|
--profile jeos \ |
|
-- |
|
2.21.0 |
|
|
|
|