Changeset 1952


Ignore:
Timestamp:
Mar 5, 2015, 3:37:57 AM (5 years ago)
Author:
bruno
Message:
  • Adds a pb_ssh_setup function used for both VM and RM to setup the ssh environment with the right keyfile
  • Move that ssh setup at the right place in launchv instead of setupv (was done too early now that VM launch has been re-adapted)
Location:
devel
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • devel/pb-modules/etc/pb.conf

    r1938 r1952  
    459459#rbsmirrorsrv debian = http://ftp.us.debian.org/debian/
    460460#rbsmirrorsrv ubuntu = http://us.releases.ubuntu.com/releases/
     461# For VE use this
     462#rbsmirrorsrv ubuntu = http://archive.ubuntu.com/ubuntu
    461463#
    462464
  • devel/pb/bin/pb

    r1943 r1952  
    28702870        next;
    28712871    }
     2872
    28722873   
    28732874    $pm->finish if (defined $pbparallel);
     
    30473048    }
    30483049    pb_log(2,"DEBUG: pb_launchv returns ($vexist,$vpid)\n");
     3050
     3051    # After the VM is launched, then setup the SSH access
     3052    pb_ssh_setup($vtype,$nport);
    30493053   
    3050     # Skip that VM/RM if something went wrong
     3054    # Skip that VM if something went wrong
    30513055    return($vexist,$vpid) if (($vpid == 0) && ($vexist == 0));
    30523056   
     
    30643068} else {
    30653069    # Get RM context
    3066     my ($ptr,$rmpath) = pb_conf_get("rmtype","rmpath");
     3070    my ($ptr,$rmpath,$rmport) = pb_conf_get("rmtype","rmpath","rmport");
    30673071
    30683072    # Nothing more to do for RM. No real launch
     
    30713075    $vexist = 0;
    30723076    $vpid = 0;
     3077   
     3078    # After the RM is launched, then setup the SSH access
     3079    my $nport = pb_get_port($rmport,$pbos,$vtype);
     3080    pb_ssh_setup($vtype,$nport);
    30733081}
    30743082
     
    34913499    # Do not use the one passed potentially with -a
    34923500    my ($pbac) = pb_conf_get($vtype."login");
    3493     my ($key,$zero0,$zero1,$zero2);
     3501    my $key = "";
    34943502
    34953503    # Prepare the script to be executed on the VM/VE/RM
     
    35303538EOF
    35313539
    3532     my $keyfile;
    3533     my $nport;
    3534     my $vmhost;
    3535 
    3536     # Prepare the key to be used and transfered remotely
    3537     $keyfile = pb_ssh_get(1);
    3538        
    3539     if ($vtype =~ /(v|r)m/) {
    3540         my ($vmport);
    3541         ($vmhost,$vmport) = pb_conf_get($vtype."host",$vtype."port");
    3542         $nport = pb_get_port($vmport,$pbos,$vtype);
    3543    
    3544         # Store the pub key part in a variable
    3545         open(FILE,"$keyfile.pub") || die "Unable to open $keyfile.pub";
    3546         ($zero0,$zero1,$zero2) = split(/ /,<FILE>);
    3547         close(FILE);
    3548 
    3549         $key = "\Q$zero1";
    3550 
    3551         # We call true to avoid problems if SELinux is not activated, but chcon is present and returns in that case 1
    3552         pb_system("cat $keyfile.pub | ssh -q -o UserKnownHostsFile=/dev/null -p $nport -i $keyfile root\@$vmhost->{$ENV{'PBPROJ'}} \"mkdir -p .ssh ; chmod 700 .ssh ; cat >> .ssh/authorized_keys ; chmod 600 .ssh/authorized_keys ; if [ -x /usr/bin/chcon ]; then /usr/bin/chcon -Rt home_ssh_t .ssh 2> /dev/null; /bin/true; fi\"","Copying local keys to $vtype. This may require the root password");
    3553         # once this is done, we can do what we need on the VM/RM remotely
    3554     } elsif ($vtype eq "ve") {
     3540    if ($vtype eq "ve") {
    35553541        $vetype = pb_ve_get_type($vetype);
    35563542        if ($vetype ne "docker") {
     
    35653551EOF
    35663552        print SCRIPT "pb_system('rm -f /dev/null; mknod /dev/null c 1 3; chmod 777 /dev/null');\n" unless (($pbos->{'name'} =~ /^redhat/) && ($pbos->{'version'} =~ /^6/));
     3553    } elsif ($vtype =~ /(v|r)m/) {
     3554        my $keyfile;
     3555        my ($zero0,$zero1,$zero2);
     3556   
     3557        # Prepare the key to be used and transfered remotely
     3558        $keyfile = pb_ssh_get(1);
     3559   
     3560        # Store the pub key part in a variable
     3561        open(FILE,"$keyfile.pub") || die "Unable to open $keyfile.pub";
     3562        ($zero0,$zero1,$zero2) = split(/ /,<FILE>);
     3563        close(FILE);
     3564   
     3565        $key = "\Q$zero1";
    35673566    } else {
    35683567        die "Unknown virtual type $vtype";
     
    37283727    print SCRIPT << "EOF";
    37293728# Some distro force requiretty at compile time, so disable here
    3730 print PBOUT "Defaults:$pbac->{$ENV{'PBPROJ'}} !requiretty\n";
    3731 print PBOUT "Defaults:root !requiretty\n";
     3729print PBOUT "Defaults:$pbac->{$ENV{'PBPROJ'}} !requiretty\\n";
     3730print PBOUT "Defaults:root !requiretty\\n";
    37323731EOF
    37333732    # RH 6.2 sudo doesn't support env_keep
     
    37353734        print SCRIPT << "EOF";
    37363735# Keep proxy configuration while using sudo
    3737 print PBOUT "Defaults:$pbac->{$ENV{'PBPROJ'}}    env_keep += \\\"http_proxy ftp_proxy\\\"\n";
    3738 print PBOUT "Defaults:root    env_keep += \\\"http_proxy ftp_proxy\\\"\n";
     3736print PBOUT "Defaults:$pbac->{$ENV{'PBPROJ'}}    env_keep += \\\"http_proxy ftp_proxy\\\"\\n";
     3737print PBOUT "Defaults:root    env_keep += \\\"http_proxy ftp_proxy\\\"\\n";
    37393738EOF
    37403739    }
     
    39303929pb_log(2,"DEBUG: before parallel launch, pbscript hash is:".Dumper(%pbscript)."\n");
    39313930pb_parallel_launchv(\%pbscript,$vtype,uc($vtype)."Script".$sbx,$pbstep,$pbforce);
     3931
    39323932return;
    39333933}
     
    48914891}
    48924892
     4893sub pb_ssh_setup {
     4894   
     4895my $vtype = shift;
     4896my $nport = shift;
     4897
     4898my $keyfile;
     4899my $vmhost;
     4900
     4901($vmhost) = pb_conf_get($vtype."host");
     4902# Prepare the key to be used and transfered remotely
     4903$keyfile = pb_ssh_get(1);
     4904
     4905# We call true to avoid problems if SELinux is not activated, but chcon is present and returns in that case 1
     4906pb_system("cat $keyfile.pub | ssh -q -o UserKnownHostsFile=/dev/null -p $nport -i $keyfile root\@$vmhost->{$ENV{'PBPROJ'}} \"mkdir -p .ssh ; chmod 700 .ssh ; cat >> .ssh/authorized_keys ; chmod 600 .ssh/authorized_keys ; if [ -x /usr/bin/chcon ]; then /usr/bin/chcon -Rt home_ssh_t .ssh 2> /dev/null; /bin/true; fi\"","Copying local keys to $vtype. This may require the root password");
     4907# once this is done, we can do what we need on the VM/RM remotely
     4908return;
     4909}
    48934910
    489449111;
Note: See TracChangeset for help on using the changeset viewer.