Module libvirt-secret from libvirt
Provides APIs for the management of secrets
Table of Contents
Types
typedef enum virConnectListAllSecretsFlags typedef struct _virSecret virSecret typedef virSecret * virSecretPtr typedef enum virSecretUsageType
Functions
int virConnectListAllSecrets (virConnectPtr conn,
virSecretPtr ** secrets,
unsigned int flags) int virConnectListSecrets (virConnectPtr conn,
char ** uuids,
int maxuuids) int virConnectNumOfSecrets (virConnectPtr conn) virSecretPtr virSecretDefineXML (virConnectPtr conn,
const char * xml,
unsigned int flags) int virSecretFree (virSecretPtr secret) virConnectPtr virSecretGetConnect (virSecretPtr secret) int virSecretGetUUID (virSecretPtr secret,
unsigned char * uuid) int virSecretGetUUIDString (virSecretPtr secret,
char * buf) const char * virSecretGetUsageID (virSecretPtr secret) int virSecretGetUsageType (virSecretPtr secret) unsigned char * virSecretGetValue (virSecretPtr secret,
size_t * value_size,
unsigned int flags) char * virSecretGetXMLDesc (virSecretPtr secret,
unsigned int flags) virSecretPtr virSecretLookupByUUID (virConnectPtr conn,
const unsigned char * uuid) virSecretPtr virSecretLookupByUUIDString (virConnectPtr conn,
const char * uuidstr) virSecretPtr virSecretLookupByUsage (virConnectPtr conn,
int usageType,
const char * usageID) int virSecretRef (virSecretPtr secret) int virSecretSetValue (virSecretPtr secret,
const unsigned char * value,
size_t value_size,
unsigned int flags) int virSecretUndefine (virSecretPtr secret)
Description
Types¶
virConnectListAllSecretsFlags¶
enum virConnectListAllSecretsFlags {
| VIR_CONNECT_LIST_SECRETS_EPHEMERAL | = | 1 | kept in memory, never stored persistently | 
| VIR_CONNECT_LIST_SECRETS_NO_EPHEMERAL | = | 2 | |
| VIR_CONNECT_LIST_SECRETS_PRIVATE | = | 4 | not revealed to any caller of libvirt, nor to any other node | 
| VIR_CONNECT_LIST_SECRETS_NO_PRIVATE | = | 8 | 
}
virSecret¶
struct virSecret {
}
virSecretUsageType¶
enum virSecretUsageType {
| VIR_SECRET_USAGE_TYPE_NONE | = | 0 | |
| VIR_SECRET_USAGE_TYPE_VOLUME | = | 1 | |
| VIR_SECRET_USAGE_TYPE_CEPH | = | 2 | |
| VIR_SECRET_USAGE_TYPE_ISCSI | = | 3 | |
| VIR_SECRET_USAGE_TYPE_LAST | = | 4 | NB: this enum value will increase over time as new events are added to the libvirt API. It reflects the last secret owner ID supported by this version of the libvirt API. | 
}
Functions¶
virConnectListAllSecrets¶
int virConnectListAllSecrets (virConnectPtr conn, virSecretPtr ** secrets, unsigned int flags)
Collect the list of secrets, and allocate an array to store those objects.
Normally, all secrets are returned; however, @flags can be used to filter the results for a smaller list of targeted secrets. The valid flags are divided into groups, where each group contains bits that describe mutually exclusive attributes of a secret, and where all bits within a group describe all possible secrets.
The first group of @flags is used to filter secrets by its storage location. Flag VIR_CONNECT_LIST_SECRETS_EPHEMERAL selects secrets that are kept only in memory. Flag VIR_CONNECT_LIST_SECRETS_NO_EPHEMERAL selects secrets that are kept in persistent storage.
The second group of @flags is used to filter secrets by privacy. Flag VIR_CONNECT_LIST_SECRETS_PRIVATE selects secrets that are never revealed to any caller of libvirt nor to any other node. Flag VIR_CONNECT_LIST_SECRETS_NO_PRIVATE selects non-private secrets.
- conn
- Pointer to the hypervisor connection.
- secrets
- Pointer to a variable to store the array containing the secret objects or NULL if the list is not required (just returns the number of secrets).
- flags
- extra flags; not used yet, so callers should always pass 0
- Returns
- the number of secrets found or -1 and sets @secrets to NULL in case of error. On success, the array stored into @secrets is guaranteed to have an extra allocated element set to NULL but not included in the return count, to make iteration easier. The caller is responsible for calling virSecretFree() on each array element, then calling free() on @secrets.
virConnectListSecrets¶
int virConnectListSecrets (virConnectPtr conn, char ** uuids, int maxuuids)
List UUIDs of defined secrets, store pointers to names in uuids.
- conn
- virConnect connection
- uuids
- Pointer to an array to store the UUIDs
- maxuuids
- size of the array.
- Returns
- the number of UUIDs provided in the array, or -1 on failure.
virConnectNumOfSecrets¶
int virConnectNumOfSecrets (virConnectPtr conn)
Fetch number of currently defined secrets.
- conn
- virConnect connection
- Returns
- the number currently defined secrets.
virSecretDefineXML¶
virSecretPtr virSecretDefineXML (virConnectPtr conn, const char * xml, unsigned int flags)
If XML specifies a UUID, locates the specified secret and replaces all attributes of the secret specified by UUID by attributes specified in xml (any attributes not specified in xml are discarded).
Otherwise, creates a new secret with an automatically chosen UUID, and initializes its attributes from xml.
virSecretFree should be used to free the resources after the secret object is no longer needed.
- conn
- virConnect connection
- xml
- XML describing the secret.
- flags
- extra flags; not used yet, so callers should always pass 0
- Returns
- a secret on success, NULL on failure.
virSecretFree¶
int virSecretFree (virSecretPtr secret)
Release the secret handle. The underlying secret continues to exist.
- secret
- pointer to a secret
- Returns
- 0 on success, or -1 on error
virSecretGetConnect¶
virConnectPtr virSecretGetConnect (virSecretPtr secret)
Provides the connection pointer associated with a secret. The reference counter on the connection is not increased by this call.
WARNING: When writing libvirt bindings in other languages, do not use this function. Instead, store the connection and the secret object together.
- secret
- A virSecret secret
- Returns
- the virConnectPtr or NULL in case of failure.
virSecretGetUUID¶
int virSecretGetUUID (virSecretPtr secret, unsigned char * uuid)
Fetches the UUID of the secret.
- secret
- A virSecret secret
- uuid
- buffer of VIR_UUID_BUFLEN bytes in size
- Returns
- 0 on success with the uuid buffer being filled, or -1 upon failure.
virSecretGetUUIDString¶
int virSecretGetUUIDString (virSecretPtr secret, char * buf)
Get the UUID for a secret as string. For more information about UUID see RFC4122.
- secret
- a secret object
- buf
- pointer to a VIR_UUID_STRING_BUFLEN bytes array
- Returns
- -1 in case of error, 0 in case of success
virSecretGetUsageID¶
const char * virSecretGetUsageID (virSecretPtr secret)
Get the unique identifier of the object with which this secret is to be used. The format of the identifier is dependent on the usage type of the secret. For a secret with a usage type of VIR_SECRET_USAGE_TYPE_VOLUME the identifier will be a fully qualified path name. The identifiers are intended to be unique within the set of all secrets sharing the same usage type. ie, there shall only ever be one secret for each volume path.
- secret
- a secret object
- Returns
- a string identifying the object using the secret, or NULL upon error
virSecretGetUsageType¶
int virSecretGetUsageType (virSecretPtr secret)
Get the type of object which uses this secret. The returned value is one of the constants defined in the virSecretUsageType enumeration. More values may be added to this enumeration in the future, so callers should expect to see usage types they do not explicitly know about.
- secret
- a secret object
- Returns
- a positive integer identifying the type of object, or -1 upon error.
virSecretGetValue¶
unsigned char * virSecretGetValue (virSecretPtr secret, size_t * value_size, unsigned int flags)
Fetches the value of a secret.
- secret
- A virSecret connection
- value_size
- Place for storing size of the secret value
- flags
- extra flags; not used yet, so callers should always pass 0
- Returns
- the secret value on success, NULL on failure. The caller must free() the secret value.
virSecretGetXMLDesc¶
char * virSecretGetXMLDesc (virSecretPtr secret, unsigned int flags)
Fetches an XML document describing attributes of the secret.
- secret
- A virSecret secret
- flags
- extra flags; not used yet, so callers should always pass 0
- Returns
- the XML document on success, NULL on failure. The caller must free() the XML.
virSecretLookupByUUID¶
virSecretPtr virSecretLookupByUUID (virConnectPtr conn, const unsigned char * uuid)
Try to lookup a secret on the given hypervisor based on its UUID. Uses the 16 bytes of raw data to describe the UUID
virSecretFree should be used to free the resources after the secret object is no longer needed.
- conn
- pointer to the hypervisor connection
- uuid
- the raw UUID for the secret
- Returns
- a new secret object or NULL in case of failure. If the secret cannot be found, then VIR_ERR_NO_SECRET error is raised.
virSecretLookupByUUIDString¶
virSecretPtr virSecretLookupByUUIDString (virConnectPtr conn, const char * uuidstr)
Try to lookup a secret on the given hypervisor based on its UUID. Uses the printable string value to describe the UUID
virSecretFree should be used to free the resources after the secret object is no longer needed.
- conn
- pointer to the hypervisor connection
- uuidstr
- the string UUID for the secret
- Returns
- a new secret object or NULL in case of failure. If the secret cannot be found, then VIR_ERR_NO_SECRET error is raised.
virSecretLookupByUsage¶
virSecretPtr virSecretLookupByUsage (virConnectPtr conn, int usageType, const char * usageID)
Try to lookup a secret on the given hypervisor based on its usage The usageID is unique within the set of secrets sharing the same usageType value.
virSecretFree should be used to free the resources after the secret object is no longer needed.
- conn
- pointer to the hypervisor connection
- usageType
- the type of secret usage
- usageID
- identifier of the object using the secret
- Returns
- a new secret object or NULL in case of failure. If the secret cannot be found, then VIR_ERR_NO_SECRET error is raised.
virSecretRef¶
int virSecretRef (virSecretPtr secret)
Increment the reference count on the secret. For each additional call to this method, there shall be a corresponding call to virSecretFree to release the reference count, once the caller no longer needs the reference to this object.
This method is typically useful for applications where multiple threads are using a connection, and it is required that the connection remain open until all threads have finished using it. ie, each new thread using a secret would increment the reference count.
- secret
- the secret to hold a reference on
- Returns
- 0 in case of success, -1 in case of failure.
virSecretSetValue¶
int virSecretSetValue (virSecretPtr secret, const unsigned char * value, size_t value_size, unsigned int flags)
Sets the value of a secret.
- secret
- A virSecret secret
- value
- Value of the secret
- value_size
- Size of the value
- flags
- extra flags; not used yet, so callers should always pass 0
- Returns
- 0 on success, -1 on failure.
virSecretUndefine¶
int virSecretUndefine (virSecretPtr secret)
Deletes the specified secret. This does not free the associated virSecretPtr object.
- secret
- A virSecret secret
- Returns
- 0 on success, -1 on failure.
