|
 |
ca2a74 |
From c2917c9a7f0c23b94d30af2a5a14e67c46e38242 Mon Sep 17 00:00:00 2001
|
|
|
ca2a74 |
From: Laszlo Ersek <lersek@redhat.com>
|
|
|
ca2a74 |
Date: Tue, 28 Jun 2022 13:57:02 +0200
|
|
|
ca2a74 |
Subject: [PATCH] sysprep: set networking for "--key ID:clevis"
|
|
|
ca2a74 |
|
|
|
ca2a74 |
Similarly to virt-customize, virt-sysprep has prior "--network" and
|
|
|
ca2a74 |
"--no-network" options. Unlike virt-customize though, virt-sysprep
|
|
|
ca2a74 |
defaults to disabling the appliance network. Therefore we can't tell
|
|
|
ca2a74 |
whether the network is disabled "by default" or because the user requested
|
|
|
ca2a74 |
it.
|
|
|
ca2a74 |
|
|
|
ca2a74 |
That's a problem: "--key ID:clevis" is supposed to override the former,
|
|
|
ca2a74 |
but not the latter. Add a separate option for tracking "--no-network", and
|
|
|
ca2a74 |
only if "--no-network" is absent, permit "--network" or "--key ID:clevis"
|
|
|
ca2a74 |
to turn on the network.
|
|
|
ca2a74 |
|
|
|
ca2a74 |
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1809453
|
|
|
ca2a74 |
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
|
|
ca2a74 |
Message-Id: <20220628115702.5584-5-lersek@redhat.com>
|
|
|
ca2a74 |
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
|
|
|
ca2a74 |
(cherry picked from commit 1cce13223e9321d1ef333d6ae356c24203990a4a)
|
|
|
ca2a74 |
---
|
|
|
ca2a74 |
sysprep/main.ml | 7 +++++--
|
|
|
ca2a74 |
1 file changed, 5 insertions(+), 2 deletions(-)
|
|
|
ca2a74 |
|
|
|
ca2a74 |
diff --git a/sysprep/main.ml b/sysprep/main.ml
|
|
|
ca2a74 |
index b760618ad..1f722dfb0 100644
|
|
|
ca2a74 |
--- a/sysprep/main.ml
|
|
|
ca2a74 |
+++ b/sysprep/main.ml
|
|
|
ca2a74 |
@@ -44,6 +44,7 @@ let main () =
|
|
|
ca2a74 |
let libvirturi = ref "" in
|
|
|
ca2a74 |
let mount_opts = ref "" in
|
|
|
ca2a74 |
let network = ref false in
|
|
|
ca2a74 |
+ let no_network = ref false in
|
|
|
ca2a74 |
let operations = ref None in
|
|
|
ca2a74 |
|
|
|
ca2a74 |
let format = ref "auto" in
|
|
|
ca2a74 |
@@ -131,7 +132,7 @@ let main () =
|
|
|
ca2a74 |
[ L"list-operations" ], Getopt.Unit list_operations, s_"List supported operations";
|
|
|
ca2a74 |
[ L"mount-options" ], Getopt.Set_string (s_"opts", mount_opts), s_"Set mount options (eg /:noatime;/var:rw,noatime)";
|
|
|
ca2a74 |
[ L"network" ], Getopt.Set network, s_"Enable appliance network";
|
|
|
ca2a74 |
- [ L"no-network" ], Getopt.Clear network, s_"Disable appliance network (default)";
|
|
|
ca2a74 |
+ [ L"no-network" ], Getopt.Set no_network, s_"Disable appliance network (default)";
|
|
|
ca2a74 |
[ L"operation"; L"operations" ], Getopt.String (s_"operations", set_operations), s_"Enable/disable specific operations";
|
|
|
ca2a74 |
] in
|
|
|
ca2a74 |
let args = basic_args @ Sysprep_operation.extra_args () in
|
|
|
ca2a74 |
@@ -188,6 +189,7 @@ read the man page virt-sysprep(1).
|
|
|
ca2a74 |
(* Dereference the rest of the args. *)
|
|
|
ca2a74 |
let dryrun = !dryrun in
|
|
|
ca2a74 |
let network = !network in
|
|
|
ca2a74 |
+ let no_network = !no_network in
|
|
|
ca2a74 |
let operations = !operations in
|
|
|
ca2a74 |
|
|
|
ca2a74 |
(* At this point we know which operations are enabled. So call the
|
|
|
ca2a74 |
@@ -208,7 +210,8 @@ read the man page virt-sysprep(1).
|
|
|
ca2a74 |
|
|
|
ca2a74 |
(* Connect to libguestfs. *)
|
|
|
ca2a74 |
let g = open_guestfs () in
|
|
|
ca2a74 |
- g#set_network network;
|
|
|
ca2a74 |
+ g#set_network (not no_network &&
|
|
|
ca2a74 |
+ (network || key_store_requires_network opthandle.ks));
|
|
|
ca2a74 |
add g dryrun;
|
|
|
ca2a74 |
g#launch ();
|
|
|
ca2a74 |
|
|
|
ca2a74 |
--
|
|
|
ca2a74 |
2.31.1
|
|
|
ca2a74 |
|