diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst index 823f130f1ce98b42eec982565a7825e93d4939df..dbeac9232f80d0793b6d599845fa3b9655876bdf 100644 --- a/docs/manpages/virsh.rst +++ b/docs/manpages/virsh.rst @@ -6563,11 +6563,12 @@ secret-set-value .. code-block:: - secret-set-value secret (--file filename | base64) + secret-set-value secret (--file filename [--plain] | base64) Set the value associated with *secret* (specified by its UUID) to the value Base64-encoded value *base64* or Base-64-encoded contents of file named -*filename*. +*filename*. Using the *--plain* flag is together with *--file* allows to use +the file contents directly as the secret value. Note that *--file* and *base64* options are mutually exclusive. diff --git a/tools/virsh-secret.c b/tools/virsh-secret.c index 0ca08bc1331637669399f042c6babb5842ef183c..87f3cfff1661991e2d4c0b76979bcb6fe88047e2 100644 --- a/tools/virsh-secret.c +++ b/tools/virsh-secret.c @@ -182,6 +182,10 @@ static const vshCmdOptDef opts_secret_set_value[] = { .flags = VSH_OFLAG_REQ_OPT, .help = N_("read secret from file"), }, + {.name = "plain", + .type = VSH_OT_BOOL, + .help = N_("read the secret from file without converting from base64") + }, {.name = "base64", .type = VSH_OT_STRING, .help = N_("base64-encoded secret value") @@ -199,9 +203,11 @@ cmdSecretSetValue(vshControl *ctl, const vshCmd *cmd) size_t file_len = 0; unsigned char *value; size_t value_size; + bool plain = vshCommandOptBool(cmd, "plain"); int res; VSH_EXCLUSIVE_OPTIONS("file", "base64"); + VSH_EXCLUSIVE_OPTIONS("plain", "base64"); if (!(secret = virshCommandOptSecret(ctl, cmd, NULL))) return false; @@ -232,7 +238,13 @@ cmdSecretSetValue(vshControl *ctl, const vshCmd *cmd) base64 = file_buf; } - value = g_base64_decode(base64, &value_size); + if (plain) { + value = g_steal_pointer(&file_buf); + value_size = file_len; + file_len = 0; + } else { + value = g_base64_decode(base64, &value_size); + } res = virSecretSetValue(secret, value, value_size, 0); VIR_DISPOSE_N(value, value_size);