Add method to inject root password and ssh key

For debug purposes we need to inject root password(in case we will have
access to console) or root ssh key or both of them.

Change-Id: I822df209a4100ac65d4628ca4e3d0954878815c9
This commit is contained in:
Dmitry Bogun 2017-02-27 15:27:54 +02:00
parent 097ac50f7a
commit e8c2c18f0a
5 changed files with 21 additions and 5 deletions

View File

@ -29,12 +29,18 @@ else
rpm -qi bareon >> $RELEASE_FILE
fi
# TODO(lobur): generate this key and publish together with image
install -D -g root -o root -m 0600 ${SCRIPTDIR}/files.ironic/root/.ssh/authorized_keys /root/.ssh/authorized_keys
chmod 0700 /root/.ssh/
install -D -g root -o root -m 0600 ${SCRIPTDIR}/files.ironic/etc/ssh/sshd_config /etc/ssh/sshd_config
install -D -g root -o root -m 0664 ${SCRIPTDIR}/files.ironic/etc/network /etc/sysconfig/network
install -D -g root -o root -m 0644 ${SCRIPTDIR}/files.ironic/usr/lib/systemd/system/ironic-callback.service /usr/lib/systemd/system/ironic-callback.service
install -D -g root -o root -m 0644 ${SCRIPTDIR}/files.ironic/etc/bareon/bareon.conf /etc/bareon/bareon.conf
install -d -g root -o root -m 0700 /root/.ssh
if [ -n "$DIB_BAREON_ROOT_PASSWORD" ]; then
echo "root:$DIB_BAREON_ROOT_PASSWORD" | chpasswd
fi
if [ -f /tmp/bareon-build/inject-ssh-key.pub ]; then
(umask 0077; touch /root/.ssh/authorized_keys)
cat "/tmp/bareon-build/inject-ssh-key.pub" > /root/.ssh/authorized_keys
fi
systemctl enable ironic-callback.service

View File

@ -1 +0,0 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDtrVTSM8tGd4E8khJn2gfN/2fymnX/0YKAGSVZTWDNIcYL5zXTlSwrccn/8EgmnNsJNxucJRT+oWqrDGaFaehuwlY/IBqm50KJVaUr5QYzOUpqVpFIpoX3UwETCxcSB1LiQYbCvrJcqOPQ4Zu9fMhMGKaAX1ohzOumn4czuLDYIvCnPnoU5RDWt7g1GaFFlzGU3JFooj7/aWFJMqJLinvay3vr2vFpBvO1y29nKu+zgpZkzzJCc0ndoVqvB+W9DY6QtgTSWfd3ZE/8vg4h8QV8H+xxqL/uWCxDkv2Y3rviAHivR/V+1YCSQH0NBJrNSkRjd+1roLhcEGT7/YEnbgVV nailgun@bootstrap

View File

@ -7,3 +7,4 @@ set -eu
set -o pipefail
rm -rf /tmp/bareon
rm -r /tmp/bareon-build

View File

@ -11,4 +11,3 @@ set -e
sudo mkdir -p $TARGET_ROOT/etc/yum.repos.d
sudo cp /etc/yum.repos.d/*.repo $TARGET_ROOT/etc/yum.repos.d/
sudo cp /etc/pki/rpm-gpg/* $TARGET_ROOT/etc/pki/rpm-gpg/

View File

@ -0,0 +1,11 @@
#!/bin/bash
if [ ${DIB_DEBUG_TRACE:-1} -gt 0 ]; then
set -x
fi
# inject files into future chroot
install -m 0700 -d "$TARGET_ROOT/tmp/bareon-build"
if [ -n "$DIB_BAREON_INJECT_SSH_KEY" ]; then
cp "$DIB_BAREON_INJECT_SSH_KEY" "$TARGET_ROOT/tmp/bareon-build/inject-ssh-key.pub"
fi