On Mon, 2017-07-24 at 09:14 +0100, Radostin Stoyanov wrote:
> For containers bootstrapped in qcow2 format use the tool 'virt-edit'
> to insert the hashed root password in the shadow file of the last layer
> ---
> src/virtBootstrap/utils.py | 26 +++++++++++++++++++++++++-
> src/virtBootstrap/virt_bootstrap.py | 15 +++++++--------
> 2 files changed, 32 insertions(+), 9 deletions(-)
>
> diff --git a/src/virtBootstrap/utils.py b/src/virtBootstrap/utils.py
> index e1e681c..2c79d6b 100644
> --- a/src/virtBootstrap/utils.py
> +++ b/src/virtBootstrap/utils.py
> @@ -30,6 +30,7 @@ import os
> import sys
> import tempfile
> import logging
> +import re
>
> from subprocess import CalledProcessError, PIPE, Popen
> import passlib.hosts
> @@ -332,7 +333,7 @@ def str2float(element):
> return None
>
>
> -def set_root_password(rootfs, password):
> +def set_root_password_in_rootfs(rootfs, password):
> """
> Set password on the root user within root filesystem
> """
> @@ -364,6 +365,29 @@ def set_root_password(rootfs, password):
> os.chmod(shadow_file, shadow_file_permissions)
>
>
> +def set_root_password_in_image(image, password):
> + """
> + Set password on the root user within image
> + """
> + password_hash = passlib.hosts.linux_context.hash(password)
> + execute(['virt-edit',
> + '-a', image, '/etc/shadow',
> + '-e', 's,^root:.*?:,root:%s:,' % re.escape(password_hash)])
> +
> +
> +def set_root_password(fmt, dest, root_password):
> + """
> + Set root password
> + """
> + if fmt == "dir":
> + set_root_password_in_rootfs(dest, root_password)
> + elif fmt == "qcow2":
> + layers = [layer for layer in os.listdir(dest)
> + if layer.startswith('layer-')]
> + set_root_password_in_image(os.path.join(dest, max(layers)),
> + root_password)
> +
> +
> def write_progress(prog):
> """
> Write progress output to console
> diff --git a/src/virtBootstrap/virt_bootstrap.py b/src/virtBootstrap/virt_bootstrap.py
> index 5506445..c9bf1c8 100755
> --- a/src/virtBootstrap/virt_bootstrap.py
> +++ b/src/virtBootstrap/virt_bootstrap.py
> @@ -200,14 +200,13 @@ def bootstrap(uri, dest,
> no_cache=no_cache,
> progress=prog).unpack(dest)
>
> - if fmt == "dir":
> - if root_password is not None:
> - logger.info("Setting password of the root account")
> - utils.set_root_password(dest, root_password)
> -
> - if uid_map or gid_map:
> - logger.info("Mapping UID/GID")
> - mapping_uid_gid(dest, uid_map, gid_map)
> + if root_password is not None:
> + logger.info("Setting password of the root account")
> + utils.set_root_password(fmt, dest, root_password)
> +
> + if fmt == "dir" and uid_map or gid_map:
> + logger.info("Mapping UID/GID")
> + mapping_uid_gid(dest, uid_map, gid_map)
>
>
> def set_logging_conf(loglevel=None):
ACK, but I start to think we should have classes for the format grouping
those format-specific functions. It may even help with sharing a libguestfs
instance to accelerate the process for qcow2 format.
I think this could be done in a cleanup commit after this series.
--
Cedric
_______________________________________________
virt-tools-list mailing list
virt-tools-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/virt-tools-list
