Added label: master.
From: "Brian C. Lane" bcl@redhat.com
This allows users to setup installation users with ssh keys instead of passwords.
Resolves: rhbz#1274104 --- anaconda.spec.in | 2 +- utils/handle-sshpw | 12 +++++++++--- 2 files changed, 10 insertions(+), 4 deletions(-)
diff --git a/anaconda.spec.in b/anaconda.spec.in index c4eb4bf..82e22cb 100644 --- a/anaconda.spec.in +++ b/anaconda.spec.in @@ -21,7 +21,7 @@ Source0: %{name}-%{version}.tar.bz2 # Also update in AM_GNU_GETTEXT_VERSION in configure.ac %define gettextver 0.18.3 %define intltoolver 0.31.2-3 -%define pykickstartver 2.9 +%define pykickstartver 2.20 %define dnfver 0.6.4 %define partedver 1.8.1 %define pypartedver 2.5-2 diff --git a/utils/handle-sshpw b/utils/handle-sshpw index 5e15f08..1ce0a2f 100755 --- a/utils/handle-sshpw +++ b/utils/handle-sshpw @@ -3,7 +3,7 @@ # handle-sshpw: Code processing sshpw lines in kickstart files for the # install environment. # -# Copyright (C) 2012 Red Hat, Inc. All rights reserved. +# Copyright (C) 2012-2015 Red Hat, Inc. All rights reserved. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -46,9 +46,15 @@ u = users.Users() userdata = ksparser.handler.sshpw.dataList() for ud in userdata: if u.checkUserExists(ud.username, root="/"): - u.setUserPassword(username=ud.username, password=ud.password, - isCrypted=ud.isCrypted, lock=ud.lock) + if not ud.sshkey: + u.setUserPassword(username=ud.username, password=ud.password, + isCrypted=ud.isCrypted, lock=ud.lock) else: kwargs = ud.__dict__ kwargs.update({"root": "/"}) u.createUser(ud.username, **kwargs) + + if ud.sshkey: + # Setup the account so that only the sshkey can be used + u.setUserPassword(username=ud.username, password="*", isCrypted=True, lock=False) + u.setUserSshKey(username=ud.username, key=ud.password, root="/")
Added label: rhel7-branch.
From: "Brian C. Lane" bcl@redhat.com
Copy it into /usr/sbin/ of the updates.img --- scripts/makeupdates | 2 ++ 1 file changed, 2 insertions(+)
diff --git a/scripts/makeupdates b/scripts/makeupdates index b288bc0..d0c32f1 100755 --- a/scripts/makeupdates +++ b/scripts/makeupdates @@ -343,6 +343,8 @@ def copyUpdatedFiles(tag, updates, cwd, builddir): install_to_dir(gitfile, "usr/share/themes/Anaconda/metacity-1") elif gitfile.startswith("data/post-scripts/"): install_to_dir(gitfile, "usr/share/anaconda/post-scripts") + elif gitfile == "utils/handle-sshpw": + install_to_dir(gitfile, "usr/sbin") elif any(gitfile.endswith(libexec_script) for libexec_script in \ ("zramswapon", "zramswapoff", "zram-stats")): install_to_dir(gitfile, "usr/libexec/anaconda")
Added label: ACK.
Pushed to master.
@@ -46,9 +46,15 @@ u = users.Users() userdata = ksparser.handler.sshpw.dataList() for ud in userdata: if u.checkUserExists(ud.username, root="/"):
u.setUserPassword(username=ud.username, password=ud.password,
isCrypted=ud.isCrypted, lock=ud.lock)
if not ud.sshkey:
u.setUserPassword(username=ud.username, password=ud.password,
else: kwargs = ud.__dict__ kwargs.update({"root": "/"}) u.createUser(ud.username, **kwargs)isCrypted=ud.isCrypted, lock=ud.lock)
- if ud.sshkey:
# Setup the account so that only the sshkey can be used
u.setUserPassword(username=ud.username, password="*", isCrypted=True, lock=False)
u.setUserSshKey(username=ud.username, key=ud.password, root="/")
should the key here really be ``ud.password``? I'd expect it to be ``ud.sshkey``.
Yeah, in pykickstart the --sshkey is just a flag that says to interpret self.password as a key instead of a password. There's only one place the key/password is stored. Check out https://github.com/rhinstaller/pykickstart/commit/b1d1d1e80f94064b1124315f06....
Yeah, in pykickstart the --sshkey is just a flag that says to interpret self.password as a key instead of a password. There's only one place the key/password is stored. Check out rhinstaller/pykickstart@b1d1d1e.
Oh, I see it now. Thanks for the pointer!
Closed.
Pushed as part of bug 1240410 fix.
anaconda-patches@lists.fedorahosted.org