fix #3853: tape cli: add force flag to key change-passphrase
Adds the '--force' flag to the proxmox-tape command allowing users with root privileges to overwrite the passphrase of a given key. Signed-off-by: Stefan Sterz <s.sterz@proxmox.com>
This commit is contained in:
parent
77d6d7a22c
commit
41adda1c64
@ -146,11 +146,18 @@ fn show_key(
|
||||
hint: {
|
||||
schema: PASSWORD_HINT_SCHEMA,
|
||||
},
|
||||
force: {
|
||||
optional: true,
|
||||
type: bool,
|
||||
description: "Reset the passphrase for a tape key, without asking for the old one.",
|
||||
default: false,
|
||||
},
|
||||
},
|
||||
},
|
||||
)]
|
||||
/// Change the encryption key's password.
|
||||
fn change_passphrase(
|
||||
force: bool,
|
||||
mut param: Value,
|
||||
rpcenv: &mut dyn RpcEnvironment,
|
||||
) -> Result<(), Error> {
|
||||
@ -159,11 +166,15 @@ fn change_passphrase(
|
||||
bail!("unable to change passphrase - no tty");
|
||||
}
|
||||
|
||||
let password = tty::read_password("Current Tape Encryption Key Password: ")?;
|
||||
if force {
|
||||
param["force"] = serde_json::Value::Bool(true);
|
||||
} else {
|
||||
let password = tty::read_password("Current Tape Encryption Key Password: ")?;
|
||||
param["password"] = String::from_utf8(password)?.into();
|
||||
}
|
||||
|
||||
let new_password = tty::read_and_verify_password("New Tape Encryption Key Password: ")?;
|
||||
|
||||
param["password"] = String::from_utf8(password)?.into();
|
||||
param["new-password"] = String::from_utf8(new_password)?.into();
|
||||
|
||||
let info = &api2::config::tape_encryption_keys::API_METHOD_CHANGE_PASSPHRASE;
|
||||
|
Loading…
Reference in New Issue
Block a user