[Openstack] VFSLocalFS and password injection

Daniel P. Berrange berrange at redhat.com
Fri Sep 18 14:33:33 UTC 2015

On Fri, Sep 18, 2015 at 10:10:22AM -0400, J-P Methot wrote:
> Hi,
> I have a question regarding the VFSLocalFS mechanism for password
> injection. Basically, because of our infrastructure, we can't use
> libguestfs for password injection and we do not want to inject password
> through metadata. This leads us to use the openstack VFSLocalFS
> mechanism for password injection.

NB, using VFSLocalFS is only suitable if you trust your guest disk
images. Since it uses the host kernel to mount the guest filesystem,
a malicious guest filesystem can exploit the host kernel. This is
not just theoretical as there have been exploits in mainstream FS
like ext3/4 before, not to mention all the obscure filesystem
drivers linux has that few people probably audited.

> Now, the issue I got is that, on some images, password injection with
> VFSLocalFS will work, while on others, it won't. This is not even OS
> related, as on one image of debian 8 that I made myself it won't work,
> but on the official image it will work.

I'd compare the way the images are partitioned, as that's most likely
difference to cause some images to work and some fail.

> What is the requirement for VFSLocalFS to work? The compute logs do not
> show any error, so I'm thinking it can only be because of something
> inside the images I'm using.

It needs qemu-nbd to support qcow2 images, or loop devices to support
raw files. It needs kpartx to support images containing LVM parititions.
It is also sensitive to the 'inject_partition' nova.conf setting.

|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

More information about the Openstack mailing list