Changeset 354


Ignore:
Timestamp:
Apr 5, 2008, 12:14:28 PM (12 years ago)
Author:
bruno
Message:

Avoid the duplication of the ssh key in root's authorized_keys file so setupvm is not idempotent

File:
1 edited

Legend:

Unmodified
Added
Removed
  • devel/pb/bin/pb

    r353 r354  
    12291229    # Do not use the one passed potentially with -a
    12301230    my ($pbac) = pb_conf_get($vtype."login");
     1231    my ($key,$zero0,$zero1,$zero2);
    12311232
    12321233    if ($vtype eq "vm") {
     
    12441245        return if (($vmpid == 0) && ($vmexist == 0));
    12451246   
     1247        # Store the pub key part in a variable
     1248        open(FILE,"$keyfile.pub") || die "Unable to open $keyfile.pub";
     1249        ($zero0,$zero1,$zero2) = split(/ /,<FILE>);
     1250        close(FILE);
     1251
     1252        $key = "\Q$zero1";
     1253
    12461254        pb_system("cat $keyfile.pub | ssh -q -p $nport -i $keyfile root\@$vmhost->{$ENV{'PBPROJ'}} \"mkdir -p .ssh ; chmod 700 .ssh ; cat >> .ssh/authorized_keys ; chmod 600 .ssh/authorized_keys\"","Copying local keys to $vtype. This will require the root password");
    12471255        # once this is done, we can do what we want on the VM remotely
     
    12581266use File::Copy;
    12591267
     1268EOF
     1269    if ($vtype eq "vm") {
     1270        print SCRIPT << 'EOF';
     1271# Removes duplicate in .ssh/authorized_keys of our key if needed
     1272#
     1273my $file1="$ENV{'HOME'}/.ssh/authorized_keys";
     1274open(PBFILE,$file1) || die "Unable to open $file1";
     1275open(PBOUT,"> $file1.new") || die "Unable to open $file1.new";
     1276my $count = 0;
     1277while (<PBFILE>) {
     1278EOF
     1279        print SCRIPT << "EOF";
     1280    if (/ $key /) {
     1281        \$count++;
     1282    }
     1283print PBOUT \$_ if ((\$count <= 1) || (\$_ !~ / $key /));
     1284}
     1285close(PBFILE);
     1286close(PBOUT);
     1287rename("\$file1.new",\$file1);
     1288chmod 0600,\$file1;
     1289EOF
     1290    }
     1291    print SCRIPT << 'EOF';
     1292
     1293# Adds $pbac->{$ENV{'PBPROJ'}} as an account if needed
     1294#
    12601295my $file="/etc/passwd";
    12611296open(PBFILE,$file) || die "Unable to open $file";
     
    12791314system "useradd $pbac->{$ENV{'PBPROJ'}} -g $pbac->{$ENV{'PBPROJ'}} -m -d /home/$pbac->{$ENV{'PBPROJ'}}";
    12801315
    1281 # For pb
     1316# allow ssh entry to build
     1317#
    12821318chdir "/home/$pbac->{$ENV{'PBPROJ'}}";
    12831319mkdir ".ssh",0700;
Note: See TracChangeset for help on using the changeset viewer.