This was broken with all nbdkit plugins, some in more ways than others.
Because we start nbdkit in the background and wait 30 seconds for it
to start running, the user had only 30 seconds to type in a password
before we timed out the process. In addition with the VDDK plugin
password=- had been broken ever since we changed the plugin to use a
reexec
(
https://www.redhat.com/archives/libguestfs/2020-June/msg00012.html).
The solution is to read the password ourselves and pass it to nbdkit
as a private file.
---
v2v/nbdkit_sources.ml | 21 ++++++++++++++++++++-
1 file changed, 20 insertions(+), 1 deletion(-)
diff --git a/v2v/nbdkit_sources.ml b/v2v/nbdkit_sources.ml
index 47832011d..f5e919116 100644
--- a/v2v/nbdkit_sources.ml
+++ b/v2v/nbdkit_sources.ml
@@ -142,7 +142,26 @@ let common_create ?bandwidth ?extra_debug ?extra_env password
match password with
| NoPassword -> cmd
| AskForPassword ->
- Nbdkit.add_arg cmd "password" "-"
+ (* Because we will start nbdkit in the background and then wait
+ * for 30 seconds for it to start up, we cannot use the
+ * password=- feature of nbdkit to read the password
+ * interactively (since in the words of the movie the user has
+ * only "30 seconds to comply"). In any case this feature broke
+ * in the VDDK plugin in nbdkit 1.18 and 1.20. So in the
+ * AskForPassword case we read the password here.
+ *)
+ printf "password: ";
+ let open Unix in
+ let orig = tcgetattr stdin in
+ let tios = { orig with c_echo = false } in
+ tcsetattr stdin TCSAFLUSH tios; (* Disable echo. *)
+ let password = read_line () in
+ tcsetattr stdin TCSAFLUSH orig; (* Restore echo. *)
+ printf "\n";
+ let password_file = Filename.temp_file "v2vnbdkit" ".txt" in
+ unlink_on_exit password_file;
+ with_open_out password_file (fun chan -> output_string chan password);
+ Nbdkit.add_arg cmd "password" ("+" ^ password_file)
| PasswordFile password_file ->
Nbdkit.add_arg cmd "password" ("+" ^ password_file) in
--
2.25.0