You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description
Libvirt utilizes the first 8 characters of the VNC password so having a longer string is pointless and also, the latest/future version to libvirt/qemu it could lead to denied domain migration and deployment.
Use case
OpenNebula compatibility with the latest qemu/libvirt Interface Changes
API check for the VNC password length. (I believe that the ONE API must be the true source of truth, not any edge interface/bindings)
Notification in FireEdge/Sunstone to propagate the API error
(optionally onedb fsck/update function to validate/fix the issue
Additional Context
Having a long "strong" password but only the first 8 characters used could lead to a false impression of security.
Progress Status
Code committed
Testing - QA
Documentation (Release notes - resolved issues, compatibility, known issues)
The text was updated successfully, but these errors were encountered:
Yes this checks are always done at API level not at interface. Note that OpenNebula supports multiple bindings and higher level modules. VM/Image/Network etc.. logic is always coded at oned level. Only some orchestration and higher level operations are implemented using a sequence of API calls.
Note that this is already enforced for SPICE (60 chars max)
OpenNebula 6.4 CE host Almalinux 8.4 libvirt 8.0.0
error deploy vm
Sun Aug 21 09:29:42 2022: DEPLOY: error: Failed to create domain from /var/lib/one//datastores/0/6/deployment.2 error: unsupported configuration: VNC password is 64 characters long, only 8 permitted Could
not create domain from /var/lib/one//datastores/0/6/deployment.2 ExitCode: 255
Description
Libvirt utilizes the first 8 characters of the VNC password so having a longer string is pointless and also, the latest/future version to libvirt/qemu it could lead to denied domain migration and deployment.
Use case
OpenNebula compatibility with the latest qemu/libvirt
Interface Changes
API check for the VNC password length. (I believe that the ONE API must be the true source of truth, not any edge interface/bindings)
Notification in FireEdge/Sunstone to propagate the API error
(optionally onedb fsck/update function to validate/fix the issue
Additional Context
Having a long "strong" password but only the first 8 characters used could lead to a false impression of security.
Progress Status
The text was updated successfully, but these errors were encountered: