Set emergency login for core user with random password

[praveenkumar]

This PR allow user to set the emergency login for core user with a random generated password. It is helpful when user lost the ssh access and use VMM to debug the issue which require password for core user.

Generated password is printed on stdout if user use cli to start the VM and also part of ~/.crc/crc.log in case want to access it later. In case of VM is started by api endpoint then password would be part of ~/.crc.crcd.log.

$ crc config set enable-emergency-login true
$ crc config view
- enable-emergency-login                : true
[...]
$ crc start
[...]
INFO CRC VM is running
INFO Emergency login password for core user is: Yf9OwP7y
INFO Updating authorized keys...
[...]

[praveenkumar]

This superseed #3689 and incorporate the suggestion in that PR.

[gbraad]

In case of VM is started by api endpoint then password would be part of ~/.crc.crcd.log.

Wouldn't this 'rotate' away ?
In case of desktop usage, you will never see this prompt. And the likelihood logs rotate this away before you need it is quite high

better leave it in a dedicated file or part of the instance crc.json

[gbraad]

This will disappear from the log file when it is gets 'cleaned'/rotated.

[praveenkumar]

@gbraad updated.

[gbraad]

remove on stop and when the setting has been disabled

[praveenkumar]

@gbraad On the stop we shouldnt' remove it otherwise we need to also remove core user password on stop, IMO we just need to delete it during crc delete not crc stop action.

[gbraad]

wouldn't it get a new password on restart?

[praveenkumar]

I reiterated and now when stop => start happen and user unset enable-emergency-login setting then core user password is locked and from shell not able to login.

[cfergeau]

We don't regenerate the ssh key on start/stop/start, I don't think the user password needs to behave differently, so as long as enable-emergency-login is set, we can keep the same password until the VM is deleted.

[gbraad]

I also don't think this should happen, but it is the behaviour that existed in the PR: "wouldn't it get a new password on restart?" was not something I implied being happy with, but rather an observation of the current suggestion.

[cfergeau]

I'd name this disableEmergencyLogin for symmetry with enableEmergencyLogin, and the RunPrivileged string could be disable core user password

[cfergeau]

I don't think this comment is needed.

[cfergeau]

Should this be moved to an else in if startConfig.EmergencyLogin { as both operations exclusive

[cfergeau]

Apart from da66c4e#r1277594992 this looks good to me.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please ask for approval from cfergeau. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

@praveenkumar: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/integration-crc	f4b61ec	link	true	/test integration-crc

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[praveenkumar]

/retest