Sandro Bonazzola has posted comments on this change. Change subject: packaging: engine-backup: Prevent password on command line ......................................................................
Patch Set 1: > please don't play with tty. > either get password as parameter or a file containing password. password as parameter will lead to having the password in history and that's something we want to avoid. using only a file containing the password is an extra step for the user. We can use "read -s -p Password: pwd" but it's not posix compliant and doesn't work with dash. We can save tty config and restore it: stty_orig=`stty -g` # save original terminal setting. stty -echo # turn-off echoing. read passwd # read the password stty $stty_orig # restore terminal setting as suggested in http://stackoverflow.com/questions/2654009/how-to-make-bash-script-ask-for-a-password same issue also affect hosted-engine, see https://bugzilla.redhat.com/1021902 -- To view, visit http://gerrit.ovirt.org/20423 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: Icbc497af2653417beab54a9be307332cdf69a48a Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Yedidyah Bar David <d...@redhat.com> Gerrit-Reviewer: Alex Lourie <alou...@redhat.com> Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Ofer Schreiber <oschr...@redhat.com> Gerrit-Reviewer: Sandro Bonazzola <sbona...@redhat.com> Gerrit-Reviewer: Yedidyah Bar David <d...@redhat.com> Gerrit-HasComments: No _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
