Merge branch 'master' of github.com:coreos/coreos-cloudinit
Signed-off-by: Vasiliy Tolstov <v.tolstov@selfip.ru>
This commit is contained in:
commit
20416969bd
@ -299,6 +299,7 @@ All but the `passwd` and `ssh-authorized-keys` fields will be ignored if the use
|
|||||||
- **coreos-ssh-import-url**: Authorize SSH keys imported from a url endpoint.
|
- **coreos-ssh-import-url**: Authorize SSH keys imported from a url endpoint.
|
||||||
- **system**: Create the user as a system user. No home directory will be created.
|
- **system**: Create the user as a system user. No home directory will be created.
|
||||||
- **no-log-init**: Boolean. Skip initialization of lastlog and faillog databases.
|
- **no-log-init**: Boolean. Skip initialization of lastlog and faillog databases.
|
||||||
|
- **shell**: User's login shell.
|
||||||
|
|
||||||
The following fields are not yet implemented:
|
The following fields are not yet implemented:
|
||||||
|
|
||||||
|
@ -28,6 +28,7 @@ import (
|
|||||||
"github.com/vtolstov/cloudinit/datasource/file"
|
"github.com/vtolstov/cloudinit/datasource/file"
|
||||||
"github.com/vtolstov/cloudinit/datasource/metadata/digitalocean"
|
"github.com/vtolstov/cloudinit/datasource/metadata/digitalocean"
|
||||||
"github.com/vtolstov/cloudinit/datasource/metadata/ec2"
|
"github.com/vtolstov/cloudinit/datasource/metadata/ec2"
|
||||||
|
"github.com/vtolstov/cloudinit/datasource/metadata/openstack"
|
||||||
"github.com/vtolstov/cloudinit/datasource/proc_cmdline"
|
"github.com/vtolstov/cloudinit/datasource/proc_cmdline"
|
||||||
"github.com/vtolstov/cloudinit/datasource/url"
|
"github.com/vtolstov/cloudinit/datasource/url"
|
||||||
"github.com/vtolstov/cloudinit/datasource/waagent"
|
"github.com/vtolstov/cloudinit/datasource/waagent"
|
||||||
@ -35,11 +36,10 @@ import (
|
|||||||
"github.com/vtolstov/cloudinit/network"
|
"github.com/vtolstov/cloudinit/network"
|
||||||
"github.com/vtolstov/cloudinit/pkg"
|
"github.com/vtolstov/cloudinit/pkg"
|
||||||
"github.com/vtolstov/cloudinit/system"
|
"github.com/vtolstov/cloudinit/system"
|
||||||
"github.com/vtolstov/cloudinit/datasource/metadata/openstack"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
version = "1.3.3+git"
|
version = "1.3.4+git"
|
||||||
datasourceInterval = 100 * time.Millisecond
|
datasourceInterval = 100 * time.Millisecond
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -375,6 +375,7 @@ users:
|
|||||||
no_user_group: true
|
no_user_group: true
|
||||||
system: y
|
system: y
|
||||||
no_log_init: True
|
no_log_init: True
|
||||||
|
shell: /bin/sh
|
||||||
`
|
`
|
||||||
cfg, err := NewCloudConfig(contents)
|
cfg, err := NewCloudConfig(contents)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -442,6 +443,10 @@ users:
|
|||||||
if !user.NoLogInit {
|
if !user.NoLogInit {
|
||||||
t.Errorf("Failed to parse no_log_init field")
|
t.Errorf("Failed to parse no_log_init field")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if user.Shell != "/bin/sh" {
|
||||||
|
t.Errorf("Failed to parse shell field, got %q", user.Shell)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestCloudConfigUsersGithubUser(t *testing.T) {
|
func TestCloudConfigUsersGithubUser(t *testing.T) {
|
||||||
|
@ -30,4 +30,5 @@ type User struct {
|
|||||||
System bool `yaml:"system"`
|
System bool `yaml:"system"`
|
||||||
NoLogInit bool `yaml:"no_log_init"`
|
NoLogInit bool `yaml:"no_log_init"`
|
||||||
LockPasswd bool `yaml:"lock_passwd"`
|
LockPasswd bool `yaml:"lock_passwd"`
|
||||||
|
Shell string `yaml:"shell"`
|
||||||
}
|
}
|
||||||
|
@ -18,6 +18,7 @@ import (
|
|||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"log"
|
"log"
|
||||||
|
"os"
|
||||||
"path"
|
"path"
|
||||||
|
|
||||||
"github.com/vtolstov/cloudinit/config"
|
"github.com/vtolstov/cloudinit/config"
|
||||||
@ -43,8 +44,27 @@ type CloudConfigUnit interface {
|
|||||||
// configuring the hostname, adding new users, writing various configuration
|
// configuring the hostname, adding new users, writing various configuration
|
||||||
// files to disk, and manipulating systemd services.
|
// files to disk, and manipulating systemd services.
|
||||||
func Apply(cfg config.CloudConfig, ifaces []network.InterfaceGenerator, env *Environment) error {
|
func Apply(cfg config.CloudConfig, ifaces []network.InterfaceGenerator, env *Environment) error {
|
||||||
|
var err error
|
||||||
|
|
||||||
|
if cfg.ResizeRootfs {
|
||||||
|
log.Printf("resize root filesystem")
|
||||||
|
if err = system.ResizeRootFS(); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
lockf := path.Join(env.Workspace(), ".lock")
|
||||||
|
|
||||||
|
if _, err = os.Stat(lockf); err == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
if err = os.MkdirAll(env.Workspace(), os.FileMode(0755)); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
if cfg.Hostname != "" {
|
if cfg.Hostname != "" {
|
||||||
if err := system.SetHostname(cfg.Hostname); err != nil {
|
if err = system.SetHostname(cfg.Hostname); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
log.Printf("Set hostname to %s", cfg.Hostname)
|
log.Printf("Set hostname to %s", cfg.Hostname)
|
||||||
@ -67,45 +87,45 @@ func Apply(cfg config.CloudConfig, ifaces []network.InterfaceGenerator, env *Env
|
|||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
log.Printf("Creating user '%s'", user.Name)
|
log.Printf("Creating user '%s'", user.Name)
|
||||||
if err := system.CreateUser(&user); err != nil {
|
if err = system.CreateUser(&user); err != nil {
|
||||||
log.Printf("Failed creating user '%s': %v", user.Name, err)
|
log.Printf("Failed creating user '%s': %v", user.Name, err)
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := system.LockUnlockUser(&user); err != nil {
|
if err = system.LockUnlockUser(&user); err != nil {
|
||||||
log.Printf("Failed lock/unlock user '%s': %v", user.Name, err)
|
log.Printf("Failed lock/unlock user '%s': %v", user.Name, err)
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
if len(user.SSHAuthorizedKeys) > 0 {
|
if len(user.SSHAuthorizedKeys) > 0 {
|
||||||
log.Printf("Authorizing %d SSH keys for user '%s'", len(user.SSHAuthorizedKeys), user.Name)
|
log.Printf("Authorizing %d SSH keys for user '%s'", len(user.SSHAuthorizedKeys), user.Name)
|
||||||
if err := system.AuthorizeSSHKeys(user.Name, env.SSHKeyName(), user.SSHAuthorizedKeys); err != nil {
|
if err = system.AuthorizeSSHKeys(user.Name, env.SSHKeyName(), user.SSHAuthorizedKeys); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if user.SSHImportGithubUser != "" {
|
if user.SSHImportGithubUser != "" {
|
||||||
log.Printf("Authorizing github user %s SSH keys for CoreOS user '%s'", user.SSHImportGithubUser, user.Name)
|
log.Printf("Authorizing github user %s SSH keys for CoreOS user '%s'", user.SSHImportGithubUser, user.Name)
|
||||||
if err := SSHImportGithubUser(user.Name, user.SSHImportGithubUser); err != nil {
|
if err = SSHImportGithubUser(user.Name, user.SSHImportGithubUser); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
for _, u := range user.SSHImportGithubUsers {
|
for _, u := range user.SSHImportGithubUsers {
|
||||||
log.Printf("Authorizing github user %s SSH keys for CoreOS user '%s'", u, user.Name)
|
log.Printf("Authorizing github user %s SSH keys for CoreOS user '%s'", u, user.Name)
|
||||||
if err := SSHImportGithubUser(user.Name, u); err != nil {
|
if err = SSHImportGithubUser(user.Name, u); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if user.SSHImportURL != "" {
|
if user.SSHImportURL != "" {
|
||||||
log.Printf("Authorizing SSH keys for CoreOS user '%s' from '%s'", user.Name, user.SSHImportURL)
|
log.Printf("Authorizing SSH keys for CoreOS user '%s' from '%s'", user.Name, user.SSHImportURL)
|
||||||
if err := SSHImportKeysFromURL(user.Name, user.SSHImportURL); err != nil {
|
if err = SSHImportKeysFromURL(user.Name, user.SSHImportURL); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if len(cfg.SSHAuthorizedKeys) > 0 {
|
if len(cfg.SSHAuthorizedKeys) > 0 {
|
||||||
err := system.AuthorizeSSHKeys(cfg.SystemInfo.DefaultUser.Name, env.SSHKeyName(), cfg.SSHAuthorizedKeys)
|
err = system.AuthorizeSSHKeys(cfg.SystemInfo.DefaultUser.Name, env.SSHKeyName(), cfg.SSHAuthorizedKeys)
|
||||||
if err == nil {
|
if err == nil {
|
||||||
log.Printf("Authorized SSH keys for %s user", cfg.SystemInfo.DefaultUser.Name)
|
log.Printf("Authorized SSH keys for %s user", cfg.SystemInfo.DefaultUser.Name)
|
||||||
} else {
|
} else {
|
||||||
@ -172,13 +192,23 @@ func Apply(cfg config.CloudConfig, ifaces []network.InterfaceGenerator, env *Env
|
|||||||
|
|
||||||
if len(ifaces) > 0 {
|
if len(ifaces) > 0 {
|
||||||
units = append(units, createNetworkingUnits(ifaces)...)
|
units = append(units, createNetworkingUnits(ifaces)...)
|
||||||
if err := system.RestartNetwork(ifaces); err != nil {
|
if err = system.RestartNetwork(ifaces); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
um := system.NewUnitManager(env.Root())
|
um := system.NewUnitManager(env.Root())
|
||||||
return processUnits(units, env.Root(), um)
|
if err = processUnits(units, env.Root(), um); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
fp, err := os.OpenFile(lockf, os.O_WRONLY|os.O_CREATE|os.O_EXCL|os.O_TRUNC, os.FileMode(0644))
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
fp.Close()
|
||||||
|
|
||||||
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func createNetworkingUnits(interfaces []network.InterfaceGenerator) (units []system.Unit) {
|
func createNetworkingUnits(interfaces []network.InterfaceGenerator) (units []system.Unit) {
|
||||||
|
19
system/filesystem_freebsd.go
Normal file
19
system/filesystem_freebsd.go
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
// Copyright 2015 CoreOS, Inc.
|
||||||
|
//
|
||||||
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
// you may not use this file except in compliance with the License.
|
||||||
|
// You may obtain a copy of the License at
|
||||||
|
//
|
||||||
|
// http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
//
|
||||||
|
// Unless required by applicable law or agreed to in writing, software
|
||||||
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
// See the License for the specific language governing permissions and
|
||||||
|
// limitations under the License.
|
||||||
|
|
||||||
|
package system
|
||||||
|
|
||||||
|
func ResizeRootFS() error {
|
||||||
|
return nil
|
||||||
|
}
|
100
system/filesystem_linux.go
Normal file
100
system/filesystem_linux.go
Normal file
@ -0,0 +1,100 @@
|
|||||||
|
// Copyright 2015 CoreOS, Inc.
|
||||||
|
//
|
||||||
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
// you may not use this file except in compliance with the License.
|
||||||
|
// You may obtain a copy of the License at
|
||||||
|
//
|
||||||
|
// http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
//
|
||||||
|
// Unless required by applicable law or agreed to in writing, software
|
||||||
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
// See the License for the specific language governing permissions and
|
||||||
|
// limitations under the License.
|
||||||
|
|
||||||
|
package system
|
||||||
|
|
||||||
|
import (
|
||||||
|
"bufio"
|
||||||
|
"bytes"
|
||||||
|
"fmt"
|
||||||
|
"io"
|
||||||
|
"log"
|
||||||
|
"os"
|
||||||
|
"os/exec"
|
||||||
|
"strings"
|
||||||
|
|
||||||
|
"github.com/vtolstov/go-ioctl"
|
||||||
|
)
|
||||||
|
|
||||||
|
func ResizeRootFS() error {
|
||||||
|
var err error
|
||||||
|
var stdout io.ReadCloser
|
||||||
|
var stdin bytes.Buffer
|
||||||
|
|
||||||
|
output, err := exec.Command("findmnt", "-n", "-o", "source", "/").CombinedOutput()
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
mountpoint := strings.TrimSpace(string(output))
|
||||||
|
partstart := "2048"
|
||||||
|
device := mountpoint[:len(mountpoint)-1]
|
||||||
|
partition := mountpoint[len(mountpoint)-1:]
|
||||||
|
|
||||||
|
cmd := exec.Command("fdisk", "-l", "-u", device)
|
||||||
|
stdout, err = cmd.StdoutPipe()
|
||||||
|
if err != nil {
|
||||||
|
log.Printf("failed to open %s via fdisk %s 2\n", device, err.Error())
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
r := bufio.NewReader(stdout)
|
||||||
|
|
||||||
|
if err = cmd.Start(); err != nil {
|
||||||
|
log.Printf("failed to open %s via fdisk %s 3\n", device, err.Error())
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
for {
|
||||||
|
line, err := r.ReadString('\n')
|
||||||
|
if err != nil {
|
||||||
|
break
|
||||||
|
}
|
||||||
|
|
||||||
|
if strings.HasPrefix(line, device+partition) {
|
||||||
|
ps := strings.Fields(line) // /dev/sda1 * 4096 251658239 125827072 83 Linux
|
||||||
|
if ps[1] == "*" {
|
||||||
|
partstart = ps[2]
|
||||||
|
} else {
|
||||||
|
partstart = ps[1]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if err = cmd.Wait(); err != nil || partstart == "" {
|
||||||
|
return fmt.Errorf("failed to open %s via fdisk 4\n", device)
|
||||||
|
}
|
||||||
|
|
||||||
|
stdin.Write([]byte("o\nn\np\n1\n" + partstart + "\n\na\n1\nw\n"))
|
||||||
|
cmd = exec.Command("fdisk", "-u", device)
|
||||||
|
cmd.Stdin = &stdin
|
||||||
|
cmd.Run()
|
||||||
|
stdin.Reset()
|
||||||
|
|
||||||
|
w, err := os.OpenFile(device, os.O_WRONLY, 0600)
|
||||||
|
if err == nil {
|
||||||
|
defer w.Close()
|
||||||
|
err = ioctl.BlkRRPart(w.Fd())
|
||||||
|
if err == nil {
|
||||||
|
return exec.Command("resize2fs", device+partition).Run()
|
||||||
|
}
|
||||||
|
}
|
||||||
|
for _, name := range []string{"partprobe", "kpartx"} {
|
||||||
|
if _, err = exec.LookPath(name); err == nil {
|
||||||
|
if err = exec.Command(name, device).Run(); err == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return exec.Command("resize2fs", device+partition).Run()
|
||||||
|
}
|
@ -79,6 +79,10 @@ func CreateUser(u *config.User) error {
|
|||||||
args = append(args, "--no-log-init")
|
args = append(args, "--no-log-init")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if u.Shell != "" {
|
||||||
|
args = append(args, "--shell", u.Shell)
|
||||||
|
}
|
||||||
|
|
||||||
args = append(args, u.Name)
|
args = append(args, u.Name)
|
||||||
|
|
||||||
output, err := exec.Command("useradd", args...).CombinedOutput()
|
output, err := exec.Command("useradd", args...).CombinedOutput()
|
||||||
|
Loading…
Reference in New Issue
Block a user