Redfish OpenBMC OEM - password not accepted

Joseph Reynolds jrey at linux.ibm.com
Sat Nov 23 04:17:08 AEDT 2019


On 11/21/19 1:22 PM, Gunnar Mills wrote:
>
> On 11/21/2019 12:16 PM, James Feist wrote:
>> On 11/21/19 7:39 AM, Gunnar Mills wrote:
>>>
>>> On 11/20/2019 5:50 PM, James Feist wrote:
>>>> On 11/20/19 2:45 PM, Gunnar Mills wrote:
>>>>>>>>> On 11/19/19 10:23 AM, Gunnar Mills wrote:
>>>>>>>>>>
>>>>>>>>>> The process seems a little light for adding OpenBMC OEM 
>>>>>>>>>> Redfish properties and schemas. Can we establish a little 
>>>>>>>>>> more stringent process for adding these?
>>>>>>>>>>
>>>>>
>>>>> James, Joseph, and others would you support having a guideline, 
>>>>> stating before adding an OEM schema or property, please first 
>>>>> engage the Redfish Group? Things Redfish is not interested in 
>>>>> taking are an obvious exception. I am also fine with things that 
>>>>> are in the process of being up-streamed, being added as OEM 
>>>>> temporarily.
>>>>
>>>> What redfish group are you mentioning?
>>>>
>>>
>>> DMTF’s Redfish
>>>
>>> They have an open forum here,  to ask questions and request 
>>> features: https://redfishforum.com/
>>>
>>> To get access to the Redfish code repository and meetings
>>> 1) Your company must be a Redfish Supporter or Promoter, a lot of 
>>> companies working on OpenBMC are
>>> 2) Join the DMTF, www.dmtf.org/join
>>> 3) Join the "Redfish Forum" working group, 
>>> https://members.dmtf.org/apps/org/workgroup/portal/
>>> 4) Send an email asking for access to the Redfish code repository
>>>
>>> I was thinking either of these would establish "engaging Redfish".
>>
>> I'd be fine with adding this to the docs/readme, however as your 
>> company has to be a supporter, it should probably be a weak requirement.
>>
> Added to the DEVELOPING.md here 
> https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/27480/

There is a vehicle to move this effort forward.  I created a [patch][] 
which defines a new Oem.OpenBMC property for a needed function.  Support 
for this function is already being discussed in a Redfish forum [thread][].

[patch]: https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/27503
[thread]: 
https://redfishforum.com/thread/246/message-send-patch-password-failure

So, the patch is exactly correct.  Please help me out.  It seems like I 
should try to create a new Redfish message.  Here are ideas for a 
straw-man draft for a new Redfish standard message
- Id: PropertyValueError
- Message: The value XYZ for the property ABC was not accepted.
- Resolution: Correct the value for the property in the request body and 
resubmit the request if the operation failed.  Additional information 
about the cause may be provided in the ExtendedInfo.

Then represent each possible cause as an individual 
PropertyValueError at .MessageExtendedInfo message:
  - "The value XYZ  for the property ABC does not comply with the 
regular expression."
  - "The value for the Password property was not accepted.  The reason 
is: %1"  -- I've omitted the password value itself from the message.  
This was done to try to keep the value confidential.  Is that warranted, 
or can we have a generic message (as on the next item below)?  A use 
case for this is messages from PAM like "BAD PASSWORD: it is way too short".
- "The value %1 for the property %2 was not accepted.  The reason is: %3"

Each of the ExtendedInfo messages would also need a formal spec.

Does that sound right?

- Joseph

>
> The Redfish Specification Forum, https://redfishforum.com/  is public. 
> Anyone can request features there.
>
> Thanks,
> Gunnar
>
>



More information about the openbmc mailing list