@@ -1251,10 +1251,15 @@
# transmission, even if already crypt()d, to ensure it is 8-bit safe
# when passed as JSON.
#
+# Features:
+#
+# @user-auth: not permitted if agent is limiting user auth
+#
# Since: 2.3
##
{ 'command': 'guest-set-user-password',
'data': { 'username': 'str', 'password': 'str', 'crypted': 'bool' },
+ 'features': [ 'user-auth' ],
'if': { 'any': [ 'CONFIG_WIN32', 'CONFIG_LINUX', 'CONFIG_FREEBSD'] } }
##
@@ -1810,11 +1815,16 @@
#
# Returns: @GuestAuthorizedKeys
#
+# Features:
+#
+# @user-auth: not permitted if agent is limiting user auth
+#
# Since: 5.2
##
{ 'command': 'guest-ssh-get-authorized-keys',
'data': { 'username': 'str' },
- 'returns': 'GuestAuthorizedKeys'
+ 'returns': 'GuestAuthorizedKeys',
+ 'features': [ 'user-auth' ]
}
##
@@ -1830,10 +1840,15 @@
#
# @reset: ignore the existing content, set it with the given keys only
#
+# Features:
+#
+# @user-auth: not permitted if agent is limiting user auth
+#
# Since: 5.2
##
{ 'command': 'guest-ssh-add-authorized-keys',
- 'data': { 'username': 'str', 'keys': ['str'], '*reset': 'bool' }
+ 'data': { 'username': 'str', 'keys': ['str'], '*reset': 'bool' },
+ 'features': [ 'user-auth' ]
}
##
@@ -1848,10 +1863,15 @@
# @keys: the public keys to remove (in OpenSSH/sshd(8) authorized_keys
# format)
#
+# Features:
+#
+# @user-auth: not permitted if agent is limiting user auth
+#
# Since: 5.2
##
{ 'command': 'guest-ssh-remove-authorized-keys',
- 'data': { 'username': 'str', 'keys': ['str'] }
+ 'data': { 'username': 'str', 'keys': ['str'] },
+ 'features': [ 'user-auth' ]
}
##
This blocks use of all the 'guest-ssh-*' / 'guest-password' commands unless the QGA is runwith the --unrestricted command line argument. These commands allow the host admin to takeover user accounts and so directly compromise the guest OS. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- qga/qapi-schema.json | 26 +++++++++++++++++++++++--- 1 file changed, 23 insertions(+), 3 deletions(-)