Google Git
Sign in
gerrit/gerrit/efa38be397c174c444340371785fcf081515608d^!/./Documentation/cmd-set-account.txt
commit
efa38be397c174c444340371785fcf081515608d
[log]
author
Richard Christie <richard.christie@arm.com>
Thu Jun 28 12:33:51 2018 +0100
committer
Richard Christie <richard.christie@arm.com>
Mon Jul 02 11:25:05 2018 +0100
tree
ba6b99ba2da4bc51bf1edc36e5f7a31ae0fb68e1
parent
24d04f4a14584da48fb6e8436a56646830fd76f4 [diff] [blame]
Add --generate-http-password to ssh set-account

To bring the ssh command more in-line with the REST API for a user, it
is now possible to generate a new http-password which does not require
global admin (unlike direct set).

This allows ordinary users to set a new http password via ssh when they
cannot log in to the web ui (e.g. due to being a service account.)

The next commit will change the access restriction so that setting
your own account details does not require MODIFY_ACCOUNT. The REST API
does not need this, and granting it to someone allows them to set *any*
account details, e.g. even deactivating admin accounts.

Change-Id: Ic6102da9e483d07175cdc772930f25608dce12d4

diff --git a/Documentation/cmd-set-account.txt b/Documentation/cmd-set-account.txt
index 884c8cc..adbb6b1 100644
--- a/Documentation/cmd-set-account.txt
+++ b/Documentation/cmd-set-account.txt

@@ -12,6 +12,7 @@
   [--preferred-email <EMAIL>]
   [--add-ssh-key - | <KEY>]
   [--delete-ssh-key - | <KEY> | ALL]
+  [--generate-http-password]
   [--http-password <PASSWORD>]
   [--clear-http-password] <USER>
 --
@@ -93,6 +94,11 @@
     May be supplied more than once to delete multiple SSH
     keys in a single command execution.
 
+--generate-http-password::
+    Generate a new random HTTP password for the user account
+    similar to the web ui. The password will be output to the
+    user on success with a line: `New password: <PASSWORD>`.
+
 --http-password::
     Set the HTTP password for the user account.