sosthene-nitrokey
commented
7 months ago Maybe we can have an allowlist of config changes that don't have side effects, and only warn for the others ?
Closed robin-nitrokey closed 7 months ago
sosthene-nitrokey
commented
7 months ago Maybe we can have an allowlist of config changes that don't have side effects, and only warn for the others ?
robin-nitrokey
commented
7 months ago I’ve added a whitelist that skips the warning and confirmation for known config values without side effects, currently only fido.disable_skip_up_timeout.
daringer
commented
7 months ago lgtm, I think this is a perfectly sane behavior for a cli tool to just warn, but keep a generic interface - also nicer to test - and for end-users (less-techy-users) nitrokey-app2 should be used anyways...
With the upcoming firmware release for the Nitrokey 3, changing some configuration values can have side effects, namely a reset of the opcard application. We will add new commands with additional information and warnings in the future. For the time being, this patch adds a warning to the set-config command, indicating that it may cause data loss and should only be used for testing and development.
@sosthene-nitrokey We want to release pynitrokey today for some NetHSM fixes. I’d like to include something like this even if we don’t have the proper commands for changing specific config values yet. What do you think?