X-Git-Url: http://git.annexia.org/?a=blobdiff_plain;f=tools%2Fvirt-tools-get-key.pl;h=96914697503dab17c6fd1eafe8f910ab75f45f89;hb=f3691aa4f1c48682da967b2f53a32f55e732746e;hp=0b478b8dc1efb6fd48108339e991a7d8eddf5e86;hpb=782458a90679f6b3cf04c7a2090d45bff6adfc3b;p=virt-tools.git diff --git a/tools/virt-tools-get-key.pl b/tools/virt-tools-get-key.pl index 0b478b8..9691469 100755 --- a/tools/virt-tools-get-key.pl +++ b/tools/virt-tools-get-key.pl @@ -16,5 +16,204 @@ # along with this program; if not, write to the Free Software # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -use Net::SNMP; +use Sys::Virt; +use Sys::Guestfs; +use Sys::Guestfs::Lib qw(open_guest get_partitions); +use Pod::Usage; +use Getopt::Long; +use Locale::TextDomain 'virt-tools'; +=encoding utf8 + +=head1 NAME + +virt-tools-get-key - virt-tools helper to get the guest's key + +=head1 SYNOPSIS + + virt-tools-get-key [--options] domname + +=head1 DESCRIPTION + +This helper program is used by L to get the guest's +secret key. If you don't know anything about this, you probably want +to start by reading L. Otherwise read on. + +The single command line argument should be a libvirt domain name (see +C). + +=head2 KEY CACHE + +The cache is described in detail in L. In brief, if +C<@localstatedir@/lib/virt-tools/keys/EUUIDE> exists (where +EUUIDE is the guest's UUID), then the contents of that file +are returned directly. Otherwise we will try to create this file +after reading the key so that we don't have to read the key out of the +guest's filesystem each time. + +=head1 OPTIONS + +=over 4 + +=cut + +my $help; + +=item B<--help> + +Display brief help. + +=cut + +my $version; + +=item B<--version> + +Display version number and exit. + +=cut + +my $uri; + +=item B<--connect URI> | B<-c URI> + +If using libvirt, connect to the given I. If omitted, then we +connect to the default libvirt hypervisor. + +=cut + +my $verbose; + +=item B<--verbose> | B<-v> + +Enable verbose messages, useful for debugging. + +=back + +=cut + +GetOptions ("help|?" => \$help, + "version" => \$version, + "connect|c=s" => \$uri, + "verbose|v" => \$verbose, + ) or pod2usage (2); +pod2usage (1) if $help; +if ($version) { + print "@PACKAGE_STRING@\n"; + exit +} + +die __"no domain name listed on the command line\n" unless @ARGV == 1; + +my ($g, $conn, $dom); + +if ($uri) { + ($g, $conn, $dom) = open_guest (\@ARGV, address => $uri); +} else { + ($g, $conn, $dom) = open_guest (\@ARGV); +} + +my $uuid = $dom->get_uuid_string (); + +undef $dom; +undef $conn; + +# See if the UUID exists in the cache already. +print STDERR "checking for UUID $uuid in the cache directory\n" if $verbose; + +my $cachedir = "@localstatedir@/lib/virt-tools/keys"; +if (-r "$cachedir/$uuid") { + print STDERR "$cachedir/$uuid exists, returning contents\n" if $verbose; + open FILE, "$cachedir/$uuid" or die "$cachedir/$uuid: $!"; + my $key = ; + chomp $key; + close FILE; + print $key, "\n"; + exit 0; +} + +print STDERR "$cachedir/$uuid not found, looking inside guest\n" if $verbose; + +$g->launch (); + +# Don't care about mountpoints. Instead, just look for a +# directory with one of a selection of names on one of the +# partitions that we found. +my @partitions = get_partitions ($g); + +my $key; + +foreach my $partition (@partitions) { + eval { + $g->mount_ro ($partition, "/"); + my $dir; + my @dirs = ("/var/lib/virt-tools", "/lib/virt-tools"); + foreach $dir (@dirs) { + if ($g->is_dir ($dir) && $g->is_file ("$dir/key")) { + $key = $g->cat ("$dir/key"); + last; + } + } + }; + $g->umount_all (); + last if $key; +} + +undef $g; + +die __x("{n}: no key found in guest.\nDoes it have the virt-tool-guest package installed?\n", + n => $ARGV[0]) + unless $key; + +print STDERR "try to write key to $cachedir/$uuid\n" if $verbose; + +if (open FILE, ">$cachedir/$uuid") { + print FILE $key; + close FILE +} + +print $key; + +exit 0; + +=head1 SEE ALSO + +L, +L, +L, +L, +L, +L, +L. + +=head1 AUTHORS + +=over 4 + +=item * + +Richard W.M. Jones (C) + +=item * + +Matthew Booth (C) + +=back + +=head1 COPYRIGHT + +Copyright (C) 2009 Red Hat Inc. + +This program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program; if not, write to the Free Software +Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.