From 6fb45ce3c66334c1fc071b41bfc04af445ef30ba Mon Sep 17 00:00:00 2001 From: "Manuel Amador (Rudd-O)" Date: Fri, 3 Sep 2010 17:03:47 -0700 Subject: [PATCH] Move SSH key pair generation into the management server, make it on-demand rather than upon package installation. --- cloud.spec | 1 - debian/cloud-client.postinst | 2 -- .../cloud/server/ConfigurationServerImpl.java | 18 +++++++++++------- 3 files changed, 11 insertions(+), 10 deletions(-) diff --git a/cloud.spec b/cloud.spec index ae49260915f..fb147f8b5e6 100644 --- a/cloud.spec +++ b/cloud.spec @@ -373,7 +373,6 @@ if [ "$1" == "1" ] ; then /sbin/chkconfig --add %{name}-management > /dev/null 2>&1 || true /sbin/chkconfig --level 345 %{name}-management on > /dev/null 2>&1 || true fi -test -f %{_sharedstatedir}/%{name}/management/.ssh/id_rsa || su - %{name} -c 'yes "" 2>/dev/null | ssh-keygen -t rsa -q -N ""' < /dev/null diff --git a/debian/cloud-client.postinst b/debian/cloud-client.postinst index ce3ebc3da6d..af731f19be7 100644 --- a/debian/cloud-client.postinst +++ b/debian/cloud-client.postinst @@ -17,8 +17,6 @@ case "$1" in chgrp cloud $i done - test -f /var/lib/cloud/management/.ssh/id_rsa || su - cloud -c 'yes "" | ssh-keygen -t rsa -q -N ""' < /dev/null - for i in /etc/cloud/management/db.properties do chmod 0640 $i diff --git a/server/src/com/cloud/server/ConfigurationServerImpl.java b/server/src/com/cloud/server/ConfigurationServerImpl.java index 8a16cc25108..63ff6a811df 100644 --- a/server/src/com/cloud/server/ConfigurationServerImpl.java +++ b/server/src/com/cloud/server/ConfigurationServerImpl.java @@ -420,10 +420,12 @@ public class ConfigurationServerImpl implements ConfigurationServer { String homeDir = Script.runSimpleBashScript("echo ~"); if (homeDir == "~") { - s_logger.warn("No home directory was detected. Trouble with SSH keys ahead."); - return; + s_logger.error("No home directory was detected. Set the HOME environment variable to point to your user profile or home directory."); + throw new RuntimeException("No home directory was detected. Set the HOME environment variable to point to your user profile or home directory."); } + String keygenOutput = Script.runSimpleBashScript("if [ -f ~/.ssh/id_rsa ] ; then true ; else yes '' | ssh-keygen -t rsa -q -O no-pty ; fi"); + File privkeyfile = new File(homeDir + "/.ssh/id_rsa"); File pubkeyfile = new File(homeDir + "/.ssh/id_rsa.pub"); byte[] arr1 = new byte[4094]; // configuration table column value size @@ -431,8 +433,8 @@ public class ConfigurationServerImpl implements ConfigurationServer { new DataInputStream(new FileInputStream(privkeyfile)).readFully(arr1); } catch (EOFException e) { } catch (Exception e) { - s_logger.warn("Cannot read the private key file",e); - return; + s_logger.error("Cannot read the private key file",e); + throw new RuntimeException("Cannot read the private key file"); } String privateKey = new String(arr1).trim(); byte[] arr2 = new byte[4094]; // configuration table column value size @@ -441,7 +443,7 @@ public class ConfigurationServerImpl implements ConfigurationServer { } catch (EOFException e) { } catch (Exception e) { s_logger.warn("Cannot read the public key file",e); - return; + throw new RuntimeException("Cannot read the public key file"); } String publicKey = new String(arr2).trim(); @@ -458,7 +460,8 @@ public class ConfigurationServerImpl implements ConfigurationServer { s_logger.debug("Private key inserted into database"); } } catch (SQLException ex) { - s_logger.warn("SQL of the private key failed",ex); + s_logger.error("SQL of the private key failed",ex); + throw new RuntimeException("SQL of the private key failed"); } try { @@ -468,7 +471,8 @@ public class ConfigurationServerImpl implements ConfigurationServer { s_logger.debug("Public key inserted into database"); } } catch (SQLException ex) { - s_logger.warn("SQL of the public key failed",ex); + s_logger.error("SQL of the public key failed",ex); + throw new RuntimeException("SQL of the public key failed"); } } }