etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Bug 8199: inject ssh public key into systemvm iso file

This commit is contained in:
Chiradeep Vittal 2011-01-27 16:22:22 -08:00
parent 2db078abf6
commit 09145efc41
3 changed files with 79 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
cloud.spec
View File

@ -156,6 +156,7 @@ Requires: sudo
Requires: /sbin/service
Requires: /sbin/chkconfig
Requires: /usr/bin/ssh-keygen
Requires: /usr/bin/mkisofs
Requires: MySQL-python
Requires: python-paramiko
Requires: augeas >= 0.7.1

51
scripts/vm/systemvm/injectkeys.sh Executable file
View File

@ -0,0 +1,51 @@
#!/bin/bash
# $1 = new key
#set -x
TMP=/tmp
SYSTEMVM_PATCH_DIR=../../../vms/
MOUNTPATH=/mnt/cloud/systemvm
TMPDIR=${TMP}/cloud/systemvm
inject() {
local isofile=${SYSTEMVM_PATCH_DIR}/$1
local newpubkey=$2
local backup=${isofile}.bak
local tmpiso=${TMP}/$1
rm -rf $TMPDIR
mkdir -p $TMPDIR
[ ! -d $TMPDIR ] && echo "$(basename $0): Could not find/create temporary dir $TMPDIR" && return 1
[ ! -f $isofile ] && echo "$(basename $0): Could not find systemvm iso patch file $isofile" && return 1
cp -b $isofile $backup
[ $? -ne 0 ] && echo "$(basename $0): Failed to backup original iso $isofile" && return 1
mount -o loop $isofile $MOUNTPATH
[ $? -ne 0 ] && echo "$(basename $0): Failed to mount original iso $isofile" && return 1
cp -fr $MOUNTPATH/* $TMPDIR/
[ $? -ne 0 ] && echo "$(basename $0): Failed to copy from original iso $isofile" && return 1
cp $newpubkey $TMPDIR/authorized_keys
[ $? -ne 0 ] && echo "$(basename $0): Failed to copy key $newpubkey from original iso to new iso " && return 1
mkisofs -quiet -r -o $tmpiso $TMPDIR
[ $? -ne 0 ] && echo "$(basename $0): Failed to create new iso $tmpiso from $TMPDIR" && return 1
umount $MOUNTPATH
[ $? -ne 0 ] && echo "$(basename $0): Failed to unmount old iso from $MOUNTPATH" && return 1
cp -f $tmpiso $isofile
[ $? -ne 0 ] && echo "$(basename $0): Failed to overwrite old iso $isofile with $tmpiso" && return 1
rm -rf $TMPDIR
}
mkdir -p $MOUNTPATH
[ $# -ne 1 ] && echo "Usage: $(basename $0) <new keyfile>" && exit 3
newpubkey=$1
[ ! -f $newpubkey ] && echo "$(basename $0): Could not open $newpubkey" && exit 3
[ $EUID -ne 0 ] && echo "$(basename $0): You have to be root to run this script" && exit 3
command -v mkisofs > /dev/null || (echo "$(basename $0): mkisofs not found, please install or ensure PATH is accurate" ; exit 4)
inject systemvm.iso $newpubkey
#inject systemvm-premium.iso $newpubkey
exit $?

87
server/src/com/cloud/server/ConfigurationServerImpl.java
View File

@ -41,6 +41,7 @@ import javax.crypto.SecretKey;
import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;
import com.cloud.agent.api.routing.NetworkElementCommand;
import com.cloud.configuration.Config;
import com.cloud.configuration.ConfigurationVO;
import com.cloud.configuration.dao.ConfigurationDao;
@ -84,6 +85,7 @@ import com.cloud.utils.PropertiesUtil;
import com.cloud.utils.component.ComponentLocator;
import com.cloud.utils.db.DB;
import com.cloud.utils.db.Transaction;
import com.cloud.utils.exception.CloudRuntimeException;
import com.cloud.utils.net.NetUtils;
import com.cloud.utils.script.Script;
@ -248,54 +250,8 @@ public class ConfigurationServerImpl implements ConfigurationServer {
_configDao.update("init", "true");
}
/*
private String getManagementNetworkCIDR() {
String[] gatewayAndNetmask = getGatewayAndNetmask();
if (gatewayAndNetmask == null) {
return null;
} else {
String gateway = gatewayAndNetmask[0];
String netmask = gatewayAndNetmask[1];
String subnet = NetUtils.getSubNet(gateway, netmask);
long cidrSize = NetUtils.getCidrSize(netmask);
return subnet + "/" + cidrSize;
}
}
*/
private String[] getGatewayAndNetmask() {
String defaultRoute = Script.runSimpleBashScript("/sbin/ip route | grep default");
if (defaultRoute == null) {
return null;
}
String[] defaultRouteList = defaultRoute.split("\\s+");
if (defaultRouteList.length < 5) {
return null;
}
String gateway = defaultRouteList[2];
String ethDevice = defaultRouteList[4];
String netmask = null;
if (ethDevice != null) {
netmask = Script.runSimpleBashScript("/sbin/ifconfig " + ethDevice + " | grep Mask | awk '{print $4}' | cut -d':' -f2");
}
if (gateway == null || netmask == null) {
return null;
} else if (!NetUtils.isValidIp(gateway) || !NetUtils.isValidNetmask(netmask)) {
return null;
} else {
return new String[] {gateway, netmask};
}
}
private String getEthDevice() {
String defaultRoute = Script.runSimpleBashScript("/sbin/route | grep default");
@ -334,19 +290,7 @@ public class ConfigurationServerImpl implements ConfigurationServer {
}
}
private String getDNS() {
String dnsLine = Script.runSimpleBashScript("grep nameserver /etc/resolv.conf");
if (dnsLine == null) {
return null;
} else {
String[] dnsLineArray = dnsLine.split(" ");
if (dnsLineArray.length != 2) {
return null;
} else {
return dnsLineArray[1];
}
}
}
@DB
protected String getHost() {
@ -511,6 +455,29 @@ public class ConfigurationServerImpl implements ConfigurationServer {
s_logger.error("SQL of the public key failed",ex);
throw new RuntimeException("SQL of the public key failed");
}
injectSshKeyIntoSystemVmIsoPatch(pubkeyfile.getAbsolutePath());
if (s_logger.isDebugEnabled()) {
s_logger.debug("Public key inserted into systemvm iso");
}
} else {
s_logger.info("Keypairs already in database");
}
}
protected void injectSshKeyIntoSystemVmIsoPatch(String publicKeyPath) {
String injectScript = "scripts/vm/systemvm/injectkeys.sh";
String scriptPath = Script.findScript("" , injectScript);
if ( scriptPath == null ) {
throw new CloudRuntimeException("Unable to find key inject script " + injectScript);
}
final Script command = new Script(scriptPath, s_logger);
command.add(publicKeyPath);
final String result = command.execute();
if (result != null) {
s_logger.warn("Failed to inject generated public key into systemvm iso " + result);
throw new CloudRuntimeException("Failed to inject generated public key into systemvm iso " + result);
}
}