)]}'
{"labs/config/credentials":[{"author":{"_account_id":11109,"name":"Roger Luethi","email":"rl@patchworkscience.org","username":"rluethi"},"change_message_id":"88473635db40fe1edc5a3a0f5db910eace27e2d4","unresolved":false,"context_lines":[{"line_number":3,"context_line":""},{"line_number":4,"context_line":"# Note that the VM shell user and its password are not set here. By default,"},{"line_number":5,"context_line":"# those are hard-coded in the preseed/kickstart files. The scripts get the"},{"line_number":6,"context_line":"# shell user name from deploy.{osbash,osbash_ssh} and don\u0027t need a password"},{"line_number":7,"context_line":"# (they use password-less sudo and -- if configured -- ssh keys)."},{"line_number":8,"context_line":""},{"line_number":9,"context_line":"# Used for MySQL or whatever other DBMS is configured"}],"source_content_type":"application/octet-stream","patch_set":9,"id":"ba7be1f8_f05dad49","line":6,"updated":"2015-02-28 13:29:19.000000000","message":"When you do a global search and replace, you should always consider if each change makes sense. In this case, deploy.osbash_ssh doesn\u0027t. The file is still called deploy.osbash.","commit_id":"a7f0e72d85d6469b4c2d7c3539176943a254dbbb"},{"author":{"_account_id":9178,"name":"Sayali Lunkad","email":"sayali.lunkad@suse.com","username":"sayalilunkad"},"change_message_id":"3f6f50941d84e936a89eccd40e33d808e83d1c0b","unresolved":false,"context_lines":[{"line_number":3,"context_line":""},{"line_number":4,"context_line":"# Note that the VM shell user and its password are not set here. By default,"},{"line_number":5,"context_line":"# those are hard-coded in the preseed/kickstart files. The scripts get the"},{"line_number":6,"context_line":"# shell user name from deploy.{osbash,osbash_ssh} and don\u0027t need a password"},{"line_number":7,"context_line":"# (they use password-less sudo and -- if configured -- ssh keys)."},{"line_number":8,"context_line":""},{"line_number":9,"context_line":"# Used for MySQL or whatever other DBMS is configured"}],"source_content_type":"application/octet-stream","patch_set":9,"id":"ba7be1f8_1ca173a9","line":6,"in_reply_to":"ba7be1f8_f05dad49","updated":"2015-03-01 20:05:53.000000000","message":"Done. I will be careful next time :-)","commit_id":"a7f0e72d85d6469b4c2d7c3539176943a254dbbb"}],"labs/lib/osbash/functions.host":[{"author":{"_account_id":12487,"name":"vigneshvar","email":"vigneshvar.a.s@gmail.com","username":"vigneshvar"},"change_message_id":"fa5cdf53ae4b72d65f2b48c6aecbc48d0da16aca","unresolved":false,"context_lines":[{"line_number":50,"context_line":""},{"line_number":51,"context_line":"    if ! ls -l \"$osbash_key_path\"|grep -q \"^-r--------\"; then"},{"line_number":52,"context_line":"        echo \"Adjusting permissions for $osbash_key_path\""},{"line_number":53,"context_line":"        chmod 400 \"$osbash_key_path\""},{"line_number":54,"context_line":"    fi"},{"line_number":55,"context_line":"}"},{"line_number":56,"context_line":""}],"source_content_type":"application/octet-stream","patch_set":5,"id":"ba7be1f8_ca933859","line":53,"updated":"2015-02-25 11:18:06.000000000","message":"Do we really need to validate and then set the permission, why can\u0027t we directly set the permission without validation, even if it does have the right permission.\n\nIf this validation is required as per documentation, then i feel the kind of check looks little crude.\n\nWhat do you think ?","commit_id":"9f5b0b77e78e1ac4c156b3e7b64b4ce4bbb6abd4"},{"author":{"_account_id":9178,"name":"Sayali Lunkad","email":"sayali.lunkad@suse.com","username":"sayalilunkad"},"change_message_id":"315549330e4cd1ba664cc73fbe8ad0f08fd2ace6","unresolved":false,"context_lines":[{"line_number":50,"context_line":""},{"line_number":51,"context_line":"    if ! ls -l \"$osbash_key_path\"|grep -q \"^-r--------\"; then"},{"line_number":52,"context_line":"        echo \"Adjusting permissions for $osbash_key_path\""},{"line_number":53,"context_line":"        chmod 400 \"$osbash_key_path\""},{"line_number":54,"context_line":"    fi"},{"line_number":55,"context_line":"}"},{"line_number":56,"context_line":""}],"source_content_type":"application/octet-stream","patch_set":5,"id":"ba7be1f8_ff9887c1","line":53,"in_reply_to":"ba7be1f8_ca933859","updated":"2015-02-26 07:34:22.000000000","message":"Done","commit_id":"9f5b0b77e78e1ac4c156b3e7b64b4ce4bbb6abd4"},{"author":{"_account_id":9178,"name":"Sayali Lunkad","email":"sayali.lunkad@suse.com","username":"sayalilunkad"},"change_message_id":"d6d6308357b099d965d1b23712157391968710c6","unresolved":false,"context_lines":[{"line_number":50,"context_line":""},{"line_number":51,"context_line":"    if ! ls -l \"$osbash_key_path\"|grep -q \"^-r--------\"; then"},{"line_number":52,"context_line":"        echo \"Adjusting permissions for $osbash_key_path\""},{"line_number":53,"context_line":"        chmod 400 \"$osbash_key_path\""},{"line_number":54,"context_line":"    fi"},{"line_number":55,"context_line":"}"},{"line_number":56,"context_line":""}],"source_content_type":"application/octet-stream","patch_set":5,"id":"ba7be1f8_c6593736","line":53,"in_reply_to":"ba7be1f8_ca933859","updated":"2015-02-26 11:05:14.000000000","message":"Hey, I reverted the change I made. We need the check as this function is called in vm_scp_to_vm and  vm_ssh functions. If the check is not there it will repeatedly change the permission of the keys. So it is best to have it as a check.","commit_id":"9f5b0b77e78e1ac4c156b3e7b64b4ce4bbb6abd4"},{"author":{"_account_id":12487,"name":"vigneshvar","email":"vigneshvar.a.s@gmail.com","username":"vigneshvar"},"change_message_id":"eee0adb2d4c6480533374b2c1a07c56cad62858c","unresolved":false,"context_lines":[{"line_number":42,"context_line":"# ssh"},{"line_number":43,"context_line":"#-------------------------------------------------------------------------------"},{"line_number":44,"context_line":""},{"line_number":45,"context_line":"# Check permission for osbash insecure private key"},{"line_number":46,"context_line":"function check_osbash_private_key {"},{"line_number":47,"context_line":"    local key_name\u003d\"osbash_key\""},{"line_number":48,"context_line":"    local osbash_key_dir\u003d$LIB_DIR/osbash-ssh-keys"}],"source_content_type":"application/octet-stream","patch_set":9,"id":"ba7be1f8_e82fd386","line":45,"updated":"2015-02-26 19:43:16.000000000","message":"Just in context with previous discussions, the earlier implementation needed this method, in order to download the key and then validate the permission. I am guessing that permission may not be proper in that case as it is downloaded.\nBut in this new scenario there is no download involved.\nI understand that there is still a need for validation.\nWhat harm can it be if a file is repeatedly applied with a specific permission.?\nAnyways its not wrong to validate, but this was just my view on it.","commit_id":"a7f0e72d85d6469b4c2d7c3539176943a254dbbb"},{"author":{"_account_id":9178,"name":"Sayali Lunkad","email":"sayali.lunkad@suse.com","username":"sayalilunkad"},"change_message_id":"59e9fab1921e5f3a8191be74612085eac0a0cf8b","unresolved":false,"context_lines":[{"line_number":42,"context_line":"# ssh"},{"line_number":43,"context_line":"#-------------------------------------------------------------------------------"},{"line_number":44,"context_line":""},{"line_number":45,"context_line":"# Check permission for osbash insecure private key"},{"line_number":46,"context_line":"function check_osbash_private_key {"},{"line_number":47,"context_line":"    local key_name\u003d\"osbash_key\""},{"line_number":48,"context_line":"    local osbash_key_dir\u003d$LIB_DIR/osbash-ssh-keys"}],"source_content_type":"application/octet-stream","patch_set":9,"id":"ba7be1f8_3cd76925","line":45,"in_reply_to":"ba7be1f8_e82fd386","updated":"2015-02-26 20:52:15.000000000","message":"Firstly, even though there is no harm it is not advisable to keep changing the permission of a file as we will be wasting some resources in doing that. And secondly, we have an echo statement here which will repeat too and that is not something we would like. So I think its better to leave this as it is.","commit_id":"a7f0e72d85d6469b4c2d7c3539176943a254dbbb"},{"author":{"_account_id":11109,"name":"Roger Luethi","email":"rl@patchworkscience.org","username":"rluethi"},"change_message_id":"88473635db40fe1edc5a3a0f5db910eace27e2d4","unresolved":false,"context_lines":[{"line_number":42,"context_line":"# ssh"},{"line_number":43,"context_line":"#-------------------------------------------------------------------------------"},{"line_number":44,"context_line":""},{"line_number":45,"context_line":"# Check permission for osbash insecure private key"},{"line_number":46,"context_line":"function check_osbash_private_key {"},{"line_number":47,"context_line":"    local key_name\u003d\"osbash_key\""},{"line_number":48,"context_line":"    local osbash_key_dir\u003d$LIB_DIR/osbash-ssh-keys"}],"source_content_type":"application/octet-stream","patch_set":9,"id":"ba7be1f8_70bc5d6d","line":45,"in_reply_to":"ba7be1f8_e82fd386","updated":"2015-02-28 13:29:19.000000000","message":"Let me give you a bit of historical perspective (maybe this should have been explained in a comment in the script): when this code was written, some users reported behavior that suggested that the permissions got reset to world writable every time the script ran. So we wanted the log to indicate whether the permissions had been incorrect or not.","commit_id":"a7f0e72d85d6469b4c2d7c3539176943a254dbbb"}],"labs/lib/vagrant-ssh-keys/README.rst":[{"author":{"_account_id":12487,"name":"vigneshvar","email":"vigneshvar.a.s@gmail.com","username":"vigneshvar"},"change_message_id":"eee0adb2d4c6480533374b2c1a07c56cad62858c","unresolved":false,"context_lines":[{"line_number":1,"context_line":"This directory may contain cached copies of the insecure Vagrant keys from"},{"line_number":2,"context_line":"https://github.com/mitchellh/vagrant/tree/master/keys."},{"line_number":3,"context_line":""},{"line_number":4,"context_line":"They allow ssh access to Vagrant VMs or (if enabled) osbash VMs."}],"source_content_type":"text/x-rst","patch_set":9,"id":"ba7be1f8_4b57f9ca","side":"PARENT","line":3,"updated":"2015-02-26 19:43:16.000000000","message":"Do we need an equivalent readme for osbash-ssh-keys","commit_id":"c81c0758e1bbaa06b817fcffa89666b9b752ffde"},{"author":{"_account_id":11109,"name":"Roger Luethi","email":"rl@patchworkscience.org","username":"rluethi"},"change_message_id":"88473635db40fe1edc5a3a0f5db910eace27e2d4","unresolved":false,"context_lines":[{"line_number":1,"context_line":"This directory may contain cached copies of the insecure Vagrant keys from"},{"line_number":2,"context_line":"https://github.com/mitchellh/vagrant/tree/master/keys."},{"line_number":3,"context_line":""},{"line_number":4,"context_line":"They allow ssh access to Vagrant VMs or (if enabled) osbash VMs."}],"source_content_type":"text/x-rst","patch_set":9,"id":"ba7be1f8_b0b6d588","side":"PARENT","line":3,"in_reply_to":"ba7be1f8_4b57f9ca","updated":"2015-02-28 13:29:19.000000000","message":"As Sayali indicated, yes, we use READMEs to explain the content of directories, and this is no exception, but the file  (labs/lib/osbash-ssh-keys/README.rst) has already been added in an earlier patch.","commit_id":"c81c0758e1bbaa06b817fcffa89666b9b752ffde"},{"author":{"_account_id":9178,"name":"Sayali Lunkad","email":"sayali.lunkad@suse.com","username":"sayalilunkad"},"change_message_id":"59e9fab1921e5f3a8191be74612085eac0a0cf8b","unresolved":false,"context_lines":[{"line_number":1,"context_line":"This directory may contain cached copies of the insecure Vagrant keys from"},{"line_number":2,"context_line":"https://github.com/mitchellh/vagrant/tree/master/keys."},{"line_number":3,"context_line":""},{"line_number":4,"context_line":"They allow ssh access to Vagrant VMs or (if enabled) osbash VMs."}],"source_content_type":"text/x-rst","patch_set":9,"id":"ba7be1f8_dc8e4d79","side":"PARENT","line":3,"in_reply_to":"ba7be1f8_4b57f9ca","updated":"2015-02-26 20:52:15.000000000","message":"It has been added in a previous patch where the keys where added.","commit_id":"c81c0758e1bbaa06b817fcffa89666b9b752ffde"}],"labs/scripts/osbash/enable_osbash_ssh_keys.sh":[{"author":{"_account_id":11109,"name":"Roger Luethi","email":"rl@patchworkscience.org","username":"rluethi"},"change_message_id":"88473635db40fe1edc5a3a0f5db910eace27e2d4","unresolved":false,"context_lines":[{"line_number":16,"context_line":"chmod 700 \"$HOME/.ssh\""},{"line_number":17,"context_line":""},{"line_number":18,"context_line":"# Install the requested osbash insecure key to $HOME/.ssh. Keep a copy in"},{"line_number":19,"context_line":"# $LIB_DIR/osbash-ssh-keys (cache if the directory is shared with the host)."},{"line_number":20,"context_line":"function get_osbash_key {"},{"line_number":21,"context_line":"    local key_name\u003d$1"},{"line_number":22,"context_line":"    local osbash_key_dir\u003d$LIB_DIR/osbash-ssh-keys"}],"source_content_type":"text/x-sh","patch_set":9,"id":"ba7be1f8_102081af","line":19,"updated":"2015-02-28 13:29:19.000000000","message":"You can remove the sentence starting with \"Keep a copy...\". The key is now part of the repo and its being there is no longer caching, it\u0027s just there :-).","commit_id":"a7f0e72d85d6469b4c2d7c3539176943a254dbbb"},{"author":{"_account_id":9178,"name":"Sayali Lunkad","email":"sayali.lunkad@suse.com","username":"sayalilunkad"},"change_message_id":"3f6f50941d84e936a89eccd40e33d808e83d1c0b","unresolved":false,"context_lines":[{"line_number":16,"context_line":"chmod 700 \"$HOME/.ssh\""},{"line_number":17,"context_line":""},{"line_number":18,"context_line":"# Install the requested osbash insecure key to $HOME/.ssh. Keep a copy in"},{"line_number":19,"context_line":"# $LIB_DIR/osbash-ssh-keys (cache if the directory is shared with the host)."},{"line_number":20,"context_line":"function get_osbash_key {"},{"line_number":21,"context_line":"    local key_name\u003d$1"},{"line_number":22,"context_line":"    local osbash_key_dir\u003d$LIB_DIR/osbash-ssh-keys"}],"source_content_type":"text/x-sh","patch_set":9,"id":"ba7be1f8_9c948345","line":19,"in_reply_to":"ba7be1f8_102081af","updated":"2015-03-01 20:05:53.000000000","message":"Done","commit_id":"a7f0e72d85d6469b4c2d7c3539176943a254dbbb"}]}