From 09145efc41b6bf2c86648a25757a481385de3ca8 Mon Sep 17 00:00:00 2001 From: Chiradeep Vittal Date: Thu, 27 Jan 2011 16:22:22 -0800 Subject: [PATCH] Bug 8199: inject ssh public key into systemvm iso file --- cloud.spec | 1 + scripts/vm/systemvm/injectkeys.sh | 51 +++++++++++ .../cloud/server/ConfigurationServerImpl.java | 87 ++++++------------- 3 files changed, 79 insertions(+), 60 deletions(-) create mode 100755 scripts/vm/systemvm/injectkeys.sh diff --git a/cloud.spec b/cloud.spec index b6c40555f88..c8091a5883e 100644 --- a/cloud.spec +++ b/cloud.spec @@ -156,6 +156,7 @@ Requires: sudo Requires: /sbin/service Requires: /sbin/chkconfig Requires: /usr/bin/ssh-keygen +Requires: /usr/bin/mkisofs Requires: MySQL-python Requires: python-paramiko Requires: augeas >= 0.7.1 diff --git a/scripts/vm/systemvm/injectkeys.sh b/scripts/vm/systemvm/injectkeys.sh new file mode 100755 index 00000000000..c18795d23a3 --- /dev/null +++ b/scripts/vm/systemvm/injectkeys.sh @@ -0,0 +1,51 @@ +#!/bin/bash + +# $1 = new key + +#set -x + +TMP=/tmp +SYSTEMVM_PATCH_DIR=../../../vms/ +MOUNTPATH=/mnt/cloud/systemvm +TMPDIR=${TMP}/cloud/systemvm + + +inject() { + local isofile=${SYSTEMVM_PATCH_DIR}/$1 + local newpubkey=$2 + local backup=${isofile}.bak + local tmpiso=${TMP}/$1 + rm -rf $TMPDIR + mkdir -p $TMPDIR + [ ! -d $TMPDIR ] && echo "$(basename $0): Could not find/create temporary dir $TMPDIR" && return 1 + [ ! -f $isofile ] && echo "$(basename $0): Could not find systemvm iso patch file $isofile" && return 1 + cp -b $isofile $backup + [ $? -ne 0 ] && echo "$(basename $0): Failed to backup original iso $isofile" && return 1 + mount -o loop $isofile $MOUNTPATH + [ $? -ne 0 ] && echo "$(basename $0): Failed to mount original iso $isofile" && return 1 + cp -fr $MOUNTPATH/* $TMPDIR/ + [ $? -ne 0 ] && echo "$(basename $0): Failed to copy from original iso $isofile" && return 1 + cp $newpubkey $TMPDIR/authorized_keys + [ $? -ne 0 ] && echo "$(basename $0): Failed to copy key $newpubkey from original iso to new iso " && return 1 + mkisofs -quiet -r -o $tmpiso $TMPDIR + [ $? -ne 0 ] && echo "$(basename $0): Failed to create new iso $tmpiso from $TMPDIR" && return 1 + umount $MOUNTPATH + [ $? -ne 0 ] && echo "$(basename $0): Failed to unmount old iso from $MOUNTPATH" && return 1 + cp -f $tmpiso $isofile + [ $? -ne 0 ] && echo "$(basename $0): Failed to overwrite old iso $isofile with $tmpiso" && return 1 + rm -rf $TMPDIR +} + +mkdir -p $MOUNTPATH + +[ $# -ne 1 ] && echo "Usage: $(basename $0) " && exit 3 +newpubkey=$1 +[ ! -f $newpubkey ] && echo "$(basename $0): Could not open $newpubkey" && exit 3 +[ $EUID -ne 0 ] && echo "$(basename $0): You have to be root to run this script" && exit 3 + +command -v mkisofs > /dev/null || (echo "$(basename $0): mkisofs not found, please install or ensure PATH is accurate" ; exit 4) + +inject systemvm.iso $newpubkey +#inject systemvm-premium.iso $newpubkey + +exit $? diff --git a/server/src/com/cloud/server/ConfigurationServerImpl.java b/server/src/com/cloud/server/ConfigurationServerImpl.java index ecceff336df..3a6243b6482 100644 --- a/server/src/com/cloud/server/ConfigurationServerImpl.java +++ b/server/src/com/cloud/server/ConfigurationServerImpl.java @@ -41,6 +41,7 @@ import javax.crypto.SecretKey; import org.apache.commons.codec.binary.Base64; import org.apache.log4j.Logger; +import com.cloud.agent.api.routing.NetworkElementCommand; import com.cloud.configuration.Config; import com.cloud.configuration.ConfigurationVO; import com.cloud.configuration.dao.ConfigurationDao; @@ -84,6 +85,7 @@ import com.cloud.utils.PropertiesUtil; import com.cloud.utils.component.ComponentLocator; import com.cloud.utils.db.DB; import com.cloud.utils.db.Transaction; +import com.cloud.utils.exception.CloudRuntimeException; import com.cloud.utils.net.NetUtils; import com.cloud.utils.script.Script; @@ -248,54 +250,8 @@ public class ConfigurationServerImpl implements ConfigurationServer { _configDao.update("init", "true"); } - /* - private String getManagementNetworkCIDR() { - String[] gatewayAndNetmask = getGatewayAndNetmask(); - - if (gatewayAndNetmask == null) { - return null; - } else { - String gateway = gatewayAndNetmask[0]; - String netmask = gatewayAndNetmask[1]; - - String subnet = NetUtils.getSubNet(gateway, netmask); - long cidrSize = NetUtils.getCidrSize(netmask); - - return subnet + "/" + cidrSize; - } - } - */ - private String[] getGatewayAndNetmask() { - String defaultRoute = Script.runSimpleBashScript("/sbin/ip route | grep default"); - - if (defaultRoute == null) { - return null; - } - - String[] defaultRouteList = defaultRoute.split("\\s+"); - - if (defaultRouteList.length < 5) { - return null; - } - - String gateway = defaultRouteList[2]; - String ethDevice = defaultRouteList[4]; - String netmask = null; - - if (ethDevice != null) { - netmask = Script.runSimpleBashScript("/sbin/ifconfig " + ethDevice + " | grep Mask | awk '{print $4}' | cut -d':' -f2"); - } - - if (gateway == null || netmask == null) { - return null; - } else if (!NetUtils.isValidIp(gateway) || !NetUtils.isValidNetmask(netmask)) { - return null; - } else { - return new String[] {gateway, netmask}; - } - } - + private String getEthDevice() { String defaultRoute = Script.runSimpleBashScript("/sbin/route | grep default"); @@ -334,19 +290,7 @@ public class ConfigurationServerImpl implements ConfigurationServer { } } - private String getDNS() { - String dnsLine = Script.runSimpleBashScript("grep nameserver /etc/resolv.conf"); - if (dnsLine == null) { - return null; - } else { - String[] dnsLineArray = dnsLine.split(" "); - if (dnsLineArray.length != 2) { - return null; - } else { - return dnsLineArray[1]; - } - } - } + @DB protected String getHost() { @@ -511,6 +455,29 @@ public class ConfigurationServerImpl implements ConfigurationServer { s_logger.error("SQL of the public key failed",ex); throw new RuntimeException("SQL of the public key failed"); } + injectSshKeyIntoSystemVmIsoPatch(pubkeyfile.getAbsolutePath()); + if (s_logger.isDebugEnabled()) { + s_logger.debug("Public key inserted into systemvm iso"); + } + } else { + s_logger.info("Keypairs already in database"); + } + } + + + protected void injectSshKeyIntoSystemVmIsoPatch(String publicKeyPath) { + String injectScript = "scripts/vm/systemvm/injectkeys.sh"; + String scriptPath = Script.findScript("" , injectScript); + if ( scriptPath == null ) { + throw new CloudRuntimeException("Unable to find key inject script " + injectScript); + } + final Script command = new Script(scriptPath, s_logger); + command.add(publicKeyPath); + + final String result = command.execute(); + if (result != null) { + s_logger.warn("Failed to inject generated public key into systemvm iso " + result); + throw new CloudRuntimeException("Failed to inject generated public key into systemvm iso " + result); } }