From c2917c9a7f0c23b94d30af2a5a14e67c46e38242 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Tue, 28 Jun 2022 13:57:02 +0200 Subject: [PATCH] sysprep: set networking for "--key ID:clevis" Similarly to virt-customize, virt-sysprep has prior "--network" and "--no-network" options. Unlike virt-customize though, virt-sysprep defaults to disabling the appliance network. Therefore we can't tell whether the network is disabled "by default" or because the user requested it. That's a problem: "--key ID:clevis" is supposed to override the former, but not the latter. Add a separate option for tracking "--no-network", and only if "--no-network" is absent, permit "--network" or "--key ID:clevis" to turn on the network. Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1809453 Signed-off-by: Laszlo Ersek Message-Id: <20220628115702.5584-5-lersek@redhat.com> Reviewed-by: Richard W.M. Jones (cherry picked from commit 1cce13223e9321d1ef333d6ae356c24203990a4a) --- sysprep/main.ml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/sysprep/main.ml b/sysprep/main.ml index b760618ad..1f722dfb0 100644 --- a/sysprep/main.ml +++ b/sysprep/main.ml @@ -44,6 +44,7 @@ let main () = let libvirturi = ref "" in let mount_opts = ref "" in let network = ref false in + let no_network = ref false in let operations = ref None in let format = ref "auto" in @@ -131,7 +132,7 @@ let main () = [ L"list-operations" ], Getopt.Unit list_operations, s_"List supported operations"; [ L"mount-options" ], Getopt.Set_string (s_"opts", mount_opts), s_"Set mount options (eg /:noatime;/var:rw,noatime)"; [ L"network" ], Getopt.Set network, s_"Enable appliance network"; - [ L"no-network" ], Getopt.Clear network, s_"Disable appliance network (default)"; + [ L"no-network" ], Getopt.Set no_network, s_"Disable appliance network (default)"; [ L"operation"; L"operations" ], Getopt.String (s_"operations", set_operations), s_"Enable/disable specific operations"; ] in let args = basic_args @ Sysprep_operation.extra_args () in @@ -188,6 +189,7 @@ read the man page virt-sysprep(1). (* Dereference the rest of the args. *) let dryrun = !dryrun in let network = !network in + let no_network = !no_network in let operations = !operations in (* At this point we know which operations are enabled. So call the @@ -208,7 +210,8 @@ read the man page virt-sysprep(1). (* Connect to libguestfs. *) let g = open_guestfs () in - g#set_network network; + g#set_network (not no_network && + (network || key_store_requires_network opthandle.ks)); add g dryrun; g#launch (); -- 2.31.1