Skip to content

Commit b26a1d6

Browse files
k8s-ci-robotk8s-ci-robot
authored
Merge pull request #315 from vitaliy-leschenko/require-privacy-option
Add require-privacy option for New-SmbGlobalMapping (default: true)
2 parents e14706a + 660dd8b commit b26a1d6

File tree

2 files changed

+24
-17
lines changed

2 files changed

+24
-17
lines changed

cmd/csi-proxy/main.go

Lines changed: 8 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -34,10 +34,11 @@ func (i *workingDirFlags) Set(value string) error {
3434
}
3535

3636
var (
37-
kubeletPath = flag.String("kubelet-path", `C:\var\lib\kubelet`, "Prefix path of the kubelet directory in the host file system")
38-
windowsSvc = flag.Bool("windows-service", false, "Configure as a Windows Service")
39-
service *handler
40-
workingDirs workingDirFlags
37+
kubeletPath = flag.String("kubelet-path", `C:\var\lib\kubelet`, "Prefix path of the kubelet directory in the host file system")
38+
windowsSvc = flag.Bool("windows-service", false, "Configure as a Windows Service")
39+
requirePrivacy = flag.Bool("require-privacy", true, "If true, New-SmbGlobalMapping will be called with -RequirePrivacy $true")
40+
service *handler
41+
workingDirs workingDirFlags
4142
)
4243

4344
type handler struct {
@@ -81,7 +82,8 @@ func apiGroups() ([]srvtypes.APIGroup, error) {
8182
if err != nil {
8283
return []srvtypes.APIGroup{}, err
8384
}
84-
klog.Info("Working directories: %v", fssrv.GetWorkingDirs())
85+
klog.Infof("Working directories: %v", fssrv.GetWorkingDirs())
86+
klog.Infof("Require privacy: %t", *requirePrivacy)
8587

8688
volumesrv, err := volumesrv.NewServer(volumeapi.New())
8789
if err != nil {
@@ -93,7 +95,7 @@ func apiGroups() ([]srvtypes.APIGroup, error) {
9395
return []srvtypes.APIGroup{}, err
9496
}
9597

96-
smbsrv, err := smbsrv.NewServer(smbapi.New(), fssrv)
98+
smbsrv, err := smbsrv.NewServer(smbapi.New(*requirePrivacy), fssrv)
9799
if err != nil {
98100
return []srvtypes.APIGroup{}, err
99101
}

pkg/os/smb/api.go

Lines changed: 16 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -14,15 +14,19 @@ type API interface {
1414
RemoveSmbGlobalMapping(remotePath string) error
1515
}
1616

17-
type SmbAPI struct{}
17+
type SmbAPI struct {
18+
RequirePrivacy bool
19+
}
1820

1921
var _ API = &SmbAPI{}
2022

21-
func New() SmbAPI {
22-
return SmbAPI{}
23+
func New(requirePrivacy bool) *SmbAPI {
24+
return &SmbAPI{
25+
RequirePrivacy: requirePrivacy,
26+
}
2327
}
2428

25-
func (SmbAPI) IsSmbMapped(remotePath string) (bool, error) {
29+
func (*SmbAPI) IsSmbMapped(remotePath string) (bool, error) {
2630
cmdLine := `$(Get-SmbGlobalMapping -RemotePath $Env:smbremotepath -ErrorAction Stop).Status `
2731
cmdEnv := fmt.Sprintf("smbremotepath=%s", remotePath)
2832
out, err := utils.RunPowershellCmd(cmdLine, cmdEnv)
@@ -43,7 +47,7 @@ func (SmbAPI) IsSmbMapped(remotePath string) (bool, error) {
4347
// Since os.Symlink is currently being used in working code paths, no attempt is made in
4448
// alpha to merge the paths.
4549
// TODO (for beta release): Merge the link paths - os.Symlink and Powershell link path.
46-
func (SmbAPI) NewSmbLink(remotePath, localPath string) error {
50+
func (*SmbAPI) NewSmbLink(remotePath, localPath string) error {
4751

4852
if !strings.HasSuffix(remotePath, "\\") {
4953
// Golang has issues resolving paths mapped to file shares if they do not end in a trailing \
@@ -60,22 +64,23 @@ func (SmbAPI) NewSmbLink(remotePath, localPath string) error {
6064
return nil
6165
}
6266

63-
func (SmbAPI) NewSmbGlobalMapping(remotePath, username, password string) error {
67+
func (api *SmbAPI) NewSmbGlobalMapping(remotePath, username, password string) error {
6468
// use PowerShell Environment Variables to store user input string to prevent command line injection
6569
// https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_environment_variables?view=powershell-5.1
66-
cmdLine := fmt.Sprintf(`$PWord = ConvertTo-SecureString -String $Env:smbpassword -AsPlainText -Force` +
67-
`;$Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $Env:smbuser, $PWord` +
68-
`;New-SmbGlobalMapping -RemotePath $Env:smbremotepath -Credential $Credential -RequirePrivacy $true`)
70+
cmdLine := fmt.Sprintf(`$PWord = ConvertTo-SecureString -String $Env:smbpassword -AsPlainText -Force`+
71+
`;$Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $Env:smbuser, $PWord`+
72+
`;New-SmbGlobalMapping -RemotePath $Env:smbremotepath -Credential $Credential -RequirePrivacy $%t`, api.RequirePrivacy)
6973

70-
if output, err := utils.RunPowershellCmd(cmdLine, fmt.Sprintf("smbuser=%s", username),
74+
if output, err := utils.RunPowershellCmd(cmdLine,
75+
fmt.Sprintf("smbuser=%s", username),
7176
fmt.Sprintf("smbpassword=%s", password),
7277
fmt.Sprintf("smbremotepath=%s", remotePath)); err != nil {
7378
return fmt.Errorf("NewSmbGlobalMapping failed. output: %q, err: %v", string(output), err)
7479
}
7580
return nil
7681
}
7782

78-
func (SmbAPI) RemoveSmbGlobalMapping(remotePath string) error {
83+
func (*SmbAPI) RemoveSmbGlobalMapping(remotePath string) error {
7984
cmd := `Remove-SmbGlobalMapping -RemotePath $Env:smbremotepath -Force`
8085
if output, err := utils.RunPowershellCmd(cmd, fmt.Sprintf("smbremotepath=%s", remotePath)); err != nil {
8186
return fmt.Errorf("UnmountSmbShare failed. output: %q, err: %v", string(output), err)

0 commit comments

Comments
 (0)