This creates an ExecStartPre on the anaconda-sshd.service that will
check for a kickstart entry for sshpw. It will add/modify users
accordingly prior to launching the sshd service. Since now sshpw and
sshd bring up happens outside of and before anaconda starts, we can
remove sshd.py and any reference to it.
---
anaconda.spec.in | 1 +
data/systemd/anaconda-sshd.service | 1 +
pyanaconda/dispatch.py | 2 -
pyanaconda/flags.py | 3 +-
pyanaconda/installclass.py | 1 -
pyanaconda/sshd.py | 90 ------------------------------------
utils/Makefile.am | 2 +-
utils/handle-sshpw | 57 +++++++++++++++++++++++
8 files changed, 61 insertions(+), 96 deletions(-)
delete mode 100644 pyanaconda/sshd.py
create mode 100755 utils/handle-sshpw
diff --git a/anaconda.spec.in b/anaconda.spec.in
index a1cd14f..a9c4cf5 100644
--- a/anaconda.spec.in
+++ b/anaconda.spec.in
@@ -223,6 +223,7 @@ update-desktop-database &> /dev/null || :
/lib/udev/rules.d/70-anaconda.rules
%{_bindir}/instperf
%{_sbindir}/anaconda
+%{_sbindir}/handle-sshpw
%{_sbindir}/logpicker
%ifarch i386 i486 i586 i686 x86_64
%{_sbindir}/gptsync
diff --git a/data/systemd/anaconda-sshd.service b/data/systemd/anaconda-sshd.service
index ca1f87c..2588a53 100644
--- a/data/systemd/anaconda-sshd.service
+++ b/data/systemd/anaconda-sshd.service
@@ -6,5 +6,6 @@ After=syslog.target network.target
[Service]
EnvironmentFile=/etc/sysconfig/sshd
ExecStartPre=/usr/sbin/sshd-keygen
+ExecStartPre=/usr/sbin/handle-sshpw
ExecStart=/usr/sbin/sshd -D $OPTIONS -f /etc/ssh/sshd_config.anaconda
ExecReload=/bin/kill -HUP $MAINPID
diff --git a/pyanaconda/dispatch.py b/pyanaconda/dispatch.py
index 36ca40a..4cfd1c9 100644
--- a/pyanaconda/dispatch.py
+++ b/pyanaconda/dispatch.py
@@ -43,7 +43,6 @@ from upgrade import upgradeMigrateFind
from upgrade import findRootParts, queryUpgradeContinue, upgradeUsr
from installmethod import doMethodComplete
from kickstart import doKickstart, runPostScripts
-from sshd import doSshd
from rescue import doRescue
from backend import doPostSelection, doBackendSetup, doBasePackageSelect
@@ -250,7 +249,6 @@ class Dispatcher(object):
# Note that not only a subset of the steps is executed for a particular
# run, depending on the kind of installation, user selection, kickstart
# commands, used installclass and used user interface.
- self.add_step("sshd", doSshd)
self.add_step("rescue", doRescue)
self.add_step("kickstart", doKickstart)
self.add_step("language")
diff --git a/pyanaconda/flags.py b/pyanaconda/flags.py
index f7dd431..954400c 100644
--- a/pyanaconda/flags.py
+++ b/pyanaconda/flags.py
@@ -58,7 +58,6 @@ class Flags(object):
self.targetarch = None
self.useIPv4 = True
self.useIPv6 = True
- self.sshd = 0
self.preexisting_x11 = False
self.noverifyssl = False
self.imageInstall = False
@@ -76,7 +75,7 @@ class Flags(object):
self.read_cmdline()
def read_cmdline(self):
- for f in ("selinux", "sshd", "debug"):
+ for f in ("selinux", "debug"):
self.set_cmdline_bool(f)
if "rpmarch" in self.cmdline:
diff --git a/pyanaconda/installclass.py b/pyanaconda/installclass.py
index 8aea1bb..c6c50d4 100644
--- a/pyanaconda/installclass.py
+++ b/pyanaconda/installclass.py
@@ -84,7 +84,6 @@ class BaseInstallClass(object):
def setSteps(self, anaconda):
dispatch = anaconda.dispatch
dispatch.schedule_steps(
- "sshd",
"language",
"keyboard",
"filtertype",
diff --git a/pyanaconda/sshd.py b/pyanaconda/sshd.py
deleted file mode 100644
index b6c9372..0000000
--- a/pyanaconda/sshd.py
+++ /dev/null
@@ -1,90 +0,0 @@
-# sshd.py
-# Configuring the sshd daemon from Anaconda.
-#
-# Copyright (C) 2009 Red Hat, Inc.
-#
-# This copyrighted material is made available to anyone wishing to use,
-# modify, copy, or redistribute it subject to the terms and conditions of
-# the GNU General Public License v.2, or (at your option) any later version.
-# This program is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY expressed or implied, including the implied warranties of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
-# Public License for more details. You should have received a copy of the
-# GNU General Public License along with this program; if not, write to the
-# Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-# 02110-1301, USA. Any Red Hat trademarks that are incorporated in the
-# source code or documentation are not subject to the GNU General Public
-# License and may only be used or replicated with the express permission of
-# Red Hat, Inc.
-#
-
-
-import logging
-import os, sys
-log = logging.getLogger("anaconda")
-
-import iutil
-import users
-from flags import flags
-from constants import ROOT_PATH
-
-def createSshKey(algorithm, keyfile):
- path = '/etc/ssh/%s' % (keyfile,)
- argv = ['-q','-t',algorithm,'-f',path,'-C','','-N','']
- if os.access(path, os.R_OK):
- return
- log.debug("running \"%s\"" % (" ".join(['ssh-keygen']+argv),))
-
- so = "/tmp/ssh-keygen-%s-stdout.log" % (algorithm,)
- se = "/tmp/ssh-keygen-%s-stderr.log" % (algorithm,)
- iutil.execWithRedirect('ssh-keygen', argv, stdout=so, stderr=se)
-
-def doSshd(anaconda):
- if flags.sshd:
- # we need to have a libuser.conf that points to the installer root for
- # sshpw, but after that we start sshd, we need one that points to the
- # install target.
- luserConf = users.createLuserConf(instPath="")
- handleSshPw(anaconda)
- startSsh()
- del(os.environ["LIBUSER_CONF"])
- else:
- log.info("sshd: not enabled, skipping.")
-
- users.createLuserConf(ROOT_PATH)
-
-def handleSshPw(anaconda):
- if not anaconda.ksdata:
- return
-
- u = users.Users(anaconda)
-
- userdata = anaconda.ksdata.sshpw.dataList()
- for ud in userdata:
- if u.checkUserExists(ud.username, root="/"):
- u.setUserPassword(username=ud.username, password=ud.password,
- isCrypted=ud.isCrypted, lock=ud.lock)
- else:
- kwargs = ud.__dict__
- kwargs.update({"root": "/", "mkmailspool": False})
- u.createUser(ud.username, **kwargs)
-
- del u
-
-def startSsh():
- if iutil.isS390():
- return
-
- if not iutil.fork_orphan():
- os.open("/var/log/lastlog", os.O_RDWR | os.O_CREAT, 0644)
- ssh_keys = {
- 'rsa1':'ssh_host_key',
- 'rsa':'ssh_host_rsa_key',
- 'dsa':'ssh_host_dsa_key',
- }
- for (algorithm, keyfile) in ssh_keys.items():
- createSshKey(algorithm, keyfile)
- sshd = iutil.find_program_in_path("sshd")
- args = [sshd, "-f", "/etc/ssh/sshd_config.anaconda"]
- os.execv(sshd, args)
- sys.exit(1)
diff --git a/utils/Makefile.am b/utils/Makefile.am
index 2635e8c..0a3a953 100644
--- a/utils/Makefile.am
+++ b/utils/Makefile.am
@@ -21,7 +21,7 @@ SUBDIRS = log_picker
utilsdir = $(libexecdir)/$(PACKAGE_NAME)
-dist_sbin_SCRIPTS = logpicker
+dist_sbin_SCRIPTS = logpicker handle-sshpw
utils_PROGRAMS = mapshdr readmap
MAINTAINERCLEANFILES = Makefile.in
diff --git a/utils/handle-sshpw b/utils/handle-sshpw
new file mode 100755
index 0000000..a7acb5d
--- /dev/null
+++ b/utils/handle-sshpw
@@ -0,0 +1,57 @@
+#!/bin/python
+#
+# handle-sshpw: Code processing sshpw lines in kickstart files for the
+# install environment.
+#
+# Copyright (C) 2012 Red Hat, Inc. All rights reserved.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+# Author(s): Jesse Keating <jkeating@xxxxxxxxxx>
+#
+# Some of this code comes from the old pyanaconda/sshd.py
+#
+import os
+import sys
+from pykickstart.parser import *
+from pykickstart.version import makeVersion
+import pyanaconda.users as users
+
+ksfile = '/ks.cfg.done'
+
+# see if we have a file to work with
+if not os.path.exists(ksfile):
+ sys.exit()
+
+ksparser = KickstartParser(makeVersion())
+ksparser.readKickstart(ksfile)
+
+# we need to have a libuser.conf that points to the installer root for
+# sshpw, but after that we start sshd, we need one that points to the
+# install target.
+luserConf = users.createLuserConf(instPath="")
+# Pass a fake anaconda object in because it won't be needed
+u = users.Users(None)
+
+userdata = ksparser.handler.sshpw.dataList()
+for ud in userdata:
+ if u.checkUserExists(ud.username, root="/"):
+ u.setUserPassword(username=ud.username, password=ud.password,
+ isCrypted=ud.isCrypted, lock=ud.lock)
+ else:
+ kwargs = ud.__dict__
+ kwargs.update({"root": "/", "mkmailspool": False})
+ u.createUser(ud.username, **kwargs)
+
+del(os.environ["LIBUSER_CONF"])
--
1.7.10.2
_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
