summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDmitry Bogun <dbogun@mirantis.com>2017-02-27 15:27:54 +0200
committerDmitry Bogun <dbogun@mirantis.com>2017-02-27 16:48:30 +0200
commite8c2c18f0abeebedb10ce85b0f799a69c983317b (patch)
tree50a8f9a1eebeafe7eff4316318329c12a337894a
parent097ac50f7ac4deae639eb1bab7aac1a378d4882b (diff)
Add method to inject root password and ssh key
For debug purposes we need to inject root password(in case we will have access to console) or root ssh key or both of them. Change-Id: I822df209a4100ac65d4628ca4e3d0954878815c9
Notes
Notes (review): Code-Review+2: Bogun Dmitriy <dbogun@mirantis.com> Workflow+1: Bogun Dmitriy <dbogun@mirantis.com> Verified+2: Jenkins Submitted-by: Jenkins Submitted-at: Wed, 01 Mar 2017 15:50:44 +0000 Reviewed-on: https://review.openstack.org/438529 Project: openstack/bareon-image-elements Branch: refs/heads/master
-rwxr-xr-xcentos-bareon/install.d/60-bareon-install12
-rw-r--r--centos-bareon/install.d/files.ironic/root/.ssh/authorized_keys1
-rwxr-xr-xcentos-bareon/post-install.d/80-bareon1
-rwxr-xr-xcentos-bareon/root.d/10-create-repo1
-rwxr-xr-xcentos-bareon/root.d/60-bareon-inject-data11
5 files changed, 21 insertions, 5 deletions
diff --git a/centos-bareon/install.d/60-bareon-install b/centos-bareon/install.d/60-bareon-install
index d046c08..7be60c9 100755
--- a/centos-bareon/install.d/60-bareon-install
+++ b/centos-bareon/install.d/60-bareon-install
@@ -29,12 +29,18 @@ else
29 rpm -qi bareon >> $RELEASE_FILE 29 rpm -qi bareon >> $RELEASE_FILE
30fi 30fi
31 31
32# TODO(lobur): generate this key and publish together with image
33install -D -g root -o root -m 0600 ${SCRIPTDIR}/files.ironic/root/.ssh/authorized_keys /root/.ssh/authorized_keys
34chmod 0700 /root/.ssh/
35install -D -g root -o root -m 0600 ${SCRIPTDIR}/files.ironic/etc/ssh/sshd_config /etc/ssh/sshd_config 32install -D -g root -o root -m 0600 ${SCRIPTDIR}/files.ironic/etc/ssh/sshd_config /etc/ssh/sshd_config
36install -D -g root -o root -m 0664 ${SCRIPTDIR}/files.ironic/etc/network /etc/sysconfig/network 33install -D -g root -o root -m 0664 ${SCRIPTDIR}/files.ironic/etc/network /etc/sysconfig/network
37install -D -g root -o root -m 0644 ${SCRIPTDIR}/files.ironic/usr/lib/systemd/system/ironic-callback.service /usr/lib/systemd/system/ironic-callback.service 34install -D -g root -o root -m 0644 ${SCRIPTDIR}/files.ironic/usr/lib/systemd/system/ironic-callback.service /usr/lib/systemd/system/ironic-callback.service
38install -D -g root -o root -m 0644 ${SCRIPTDIR}/files.ironic/etc/bareon/bareon.conf /etc/bareon/bareon.conf 35install -D -g root -o root -m 0644 ${SCRIPTDIR}/files.ironic/etc/bareon/bareon.conf /etc/bareon/bareon.conf
39 36
37install -d -g root -o root -m 0700 /root/.ssh
38if [ -n "$DIB_BAREON_ROOT_PASSWORD" ]; then
39 echo "root:$DIB_BAREON_ROOT_PASSWORD" | chpasswd
40fi
41if [ -f /tmp/bareon-build/inject-ssh-key.pub ]; then
42 (umask 0077; touch /root/.ssh/authorized_keys)
43 cat "/tmp/bareon-build/inject-ssh-key.pub" > /root/.ssh/authorized_keys
44fi
45
40systemctl enable ironic-callback.service 46systemctl enable ironic-callback.service
diff --git a/centos-bareon/install.d/files.ironic/root/.ssh/authorized_keys b/centos-bareon/install.d/files.ironic/root/.ssh/authorized_keys
deleted file mode 100644
index 4a91b0c..0000000
--- a/centos-bareon/install.d/files.ironic/root/.ssh/authorized_keys
+++ /dev/null
@@ -1 +0,0 @@
1ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDtrVTSM8tGd4E8khJn2gfN/2fymnX/0YKAGSVZTWDNIcYL5zXTlSwrccn/8EgmnNsJNxucJRT+oWqrDGaFaehuwlY/IBqm50KJVaUr5QYzOUpqVpFIpoX3UwETCxcSB1LiQYbCvrJcqOPQ4Zu9fMhMGKaAX1ohzOumn4czuLDYIvCnPnoU5RDWt7g1GaFFlzGU3JFooj7/aWFJMqJLinvay3vr2vFpBvO1y29nKu+zgpZkzzJCc0ndoVqvB+W9DY6QtgTSWfd3ZE/8vg4h8QV8H+xxqL/uWCxDkv2Y3rviAHivR/V+1YCSQH0NBJrNSkRjd+1roLhcEGT7/YEnbgVV nailgun@bootstrap
diff --git a/centos-bareon/post-install.d/80-bareon b/centos-bareon/post-install.d/80-bareon
index af16172..0e7494d 100755
--- a/centos-bareon/post-install.d/80-bareon
+++ b/centos-bareon/post-install.d/80-bareon
@@ -7,3 +7,4 @@ set -eu
7set -o pipefail 7set -o pipefail
8 8
9rm -rf /tmp/bareon 9rm -rf /tmp/bareon
10rm -r /tmp/bareon-build
diff --git a/centos-bareon/root.d/10-create-repo b/centos-bareon/root.d/10-create-repo
index bd97b81..76d2625 100755
--- a/centos-bareon/root.d/10-create-repo
+++ b/centos-bareon/root.d/10-create-repo
@@ -11,4 +11,3 @@ set -e
11sudo mkdir -p $TARGET_ROOT/etc/yum.repos.d 11sudo mkdir -p $TARGET_ROOT/etc/yum.repos.d
12sudo cp /etc/yum.repos.d/*.repo $TARGET_ROOT/etc/yum.repos.d/ 12sudo cp /etc/yum.repos.d/*.repo $TARGET_ROOT/etc/yum.repos.d/
13sudo cp /etc/pki/rpm-gpg/* $TARGET_ROOT/etc/pki/rpm-gpg/ 13sudo cp /etc/pki/rpm-gpg/* $TARGET_ROOT/etc/pki/rpm-gpg/
14
diff --git a/centos-bareon/root.d/60-bareon-inject-data b/centos-bareon/root.d/60-bareon-inject-data
new file mode 100755
index 0000000..fc2849f
--- /dev/null
+++ b/centos-bareon/root.d/60-bareon-inject-data
@@ -0,0 +1,11 @@
1#!/bin/bash
2
3if [ ${DIB_DEBUG_TRACE:-1} -gt 0 ]; then
4 set -x
5fi
6
7# inject files into future chroot
8install -m 0700 -d "$TARGET_ROOT/tmp/bareon-build"
9if [ -n "$DIB_BAREON_INJECT_SSH_KEY" ]; then
10 cp "$DIB_BAREON_INJECT_SSH_KEY" "$TARGET_ROOT/tmp/bareon-build/inject-ssh-key.pub"
11fi