Signed-off-by: Vasiliy Tolstov <v.tolstov@selfip.ru>
This commit is contained in:
Василий Толстов 2015-03-26 11:53:54 +03:00
parent b8521294cd
commit 5bbc02c647
7 changed files with 39 additions and 13 deletions

View File

@ -28,10 +28,12 @@ import (
// used for internal use) have the YAML tag '-' so that they aren't marshalled. // used for internal use) have the YAML tag '-' so that they aren't marshalled.
type CloudConfig struct { type CloudConfig struct {
SSHAuthorizedKeys []string `yaml:"ssh_authorized_keys"` SSHAuthorizedKeys []string `yaml:"ssh_authorized_keys"`
SSHFingerprints bool `yaml:"no_ssh_fingerprints"`
Debug bool `yaml:"debug"` Debug bool `yaml:"debug"`
RunCMD []string `yaml:"runcmd"` RunCMD []string `yaml:"runcmd"`
NetworkConfigPath string `yaml:"-"` NetworkConfigPath string `yaml:"-"`
NetworkConfig string `yaml:"-"` NetworkConfig string `yaml:"-"`
Bootstrap string `yaml:"-"`
SystemInfo SystemInfo `yaml:"system_info"` SystemInfo SystemInfo `yaml:"system_info"`
DisableRoot bool `yaml:"disable_root"` DisableRoot bool `yaml:"disable_root"`
SSHPasswdAuth bool `yaml:"ssh_pwauth"` SSHPasswdAuth bool `yaml:"ssh_pwauth"`

View File

@ -367,6 +367,7 @@ users:
gecos: arbitrary comment gecos: arbitrary comment
homedir: /home/place homedir: /home/place
no_create_home: yes no_create_home: yes
lock_passwd: false
primary_group: things primary_group: things
groups: groups:
- ping - ping

View File

@ -29,5 +29,5 @@ type User struct {
NoUserGroup bool `yaml:"no_user_group"` NoUserGroup bool `yaml:"no_user_group"`
System bool `yaml:"system"` System bool `yaml:"system"`
NoLogInit bool `yaml:"no_log_init"` NoLogInit bool `yaml:"no_log_init"`
LockPasswd bool `yaml:"lock-passwd"` LockPasswd bool `yaml:"lock_passwd"`
} }

View File

@ -18,6 +18,7 @@ package openstack
import ( import (
"encoding/json" "encoding/json"
"log"
"net" "net"
"strconv" "strconv"
@ -56,10 +57,10 @@ type DNS struct {
} }
type Metadata struct { type Metadata struct {
Hostname string `json:"hostname"` Hostname string `json:"hostname"`
Interfaces Interfaces `json:"interfaces"` Interfaces Interfaces `json:"interfaces"`
PublicKeys []string `json:"public_keys"` PublicKeys map[string]string `json:"public_keys"`
DNS DNS `json:"dns"` DNS DNS `json:"dns"`
} }
type metadataService struct { type metadataService struct {
@ -98,11 +99,10 @@ func (ms *metadataService) FetchMetadata() (metadata datasource.Metadata, err er
metadata.PrivateIPv6 = net.ParseIP(m.Interfaces.Private[0].IPv6.IPAddress) metadata.PrivateIPv6 = net.ParseIP(m.Interfaces.Private[0].IPv6.IPAddress)
} }
} }
log.Printf("aaa %+v\n", m)
metadata.Hostname = m.Hostname metadata.Hostname = m.Hostname
metadata.SSHPublicKeys = map[string]string{} metadata.SSHPublicKeys = map[string]string{}
for i, key := range m.PublicKeys { metadata.SSHPublicKeys[strconv.Itoa(0)] = m.PublicKeys["root"]
metadata.SSHPublicKeys[strconv.Itoa(i)] = key
}
metadata.NetworkConfig = data metadata.NetworkConfig = data
return return

View File

@ -73,6 +73,11 @@ func Apply(cfg config.CloudConfig, ifaces []network.InterfaceGenerator, env *Env
} }
} }
if err := system.LockUnlockUser(&user); err != nil {
log.Printf("Failed lock/unlock user '%s': %v", user.Name, err)
return err
}
if len(user.SSHAuthorizedKeys) > 0 { if len(user.SSHAuthorizedKeys) > 0 {
log.Printf("Authorizing %d SSH keys for user '%s'", len(user.SSHAuthorizedKeys), user.Name) log.Printf("Authorizing %d SSH keys for user '%s'", len(user.SSHAuthorizedKeys), user.Name)
if err := system.AuthorizeSSHKeys(user.Name, env.SSHKeyName(), user.SSHAuthorizedKeys); err != nil { if err := system.AuthorizeSSHKeys(user.Name, env.SSHKeyName(), user.SSHAuthorizedKeys); err != nil {

View File

@ -185,8 +185,22 @@ func ExecuteScript(scriptPath string) (string, error) {
return name, err return name, err
} }
func SetHostname(hostname string) error { func SetHostname(hostname string) (err error) {
return exec.Command("hostnamectl", "set-hostname", hostname).Run() for _, name := range []string{"hostnamectl", "hostname"} {
if _, err = exec.LookPath(name); err != nil {
continue
}
switch name {
case "hostname":
err = exec.Command(name, hostname).Run()
case "hostnamectl":
err = exec.Command(name, "set-hostname", hostname).Run()
}
}
if err != nil {
return
}
return ioutil.WriteFile("/etc/hostname", []byte(hostname+"\n"), 0644)
} }
func Hostname() (string, error) { func Hostname() (string, error) {

View File

@ -80,7 +80,11 @@ func CreateUser(u *config.User) error {
return err return err
} }
args = []string{} return nil
}
func LockUnlockUser(u *config.User) error {
args := []string{}
if u.LockPasswd { if u.LockPasswd {
args = append(args, "--lock") args = append(args, "--lock")
@ -90,7 +94,7 @@ func CreateUser(u *config.User) error {
args = append(args, u.Name) args = append(args, u.Name)
output, err = exec.Command("passwd", args...).CombinedOutput() output, err := exec.Command("passwd", args...).CombinedOutput()
if err != nil { if err != nil {
log.Printf("Command 'passwd %s' failed: %v\n%s", strings.Join(args, " "), err, output) log.Printf("Command 'passwd %s' failed: %v\n%s", strings.Join(args, " "), err, output)
} }
@ -98,7 +102,7 @@ func CreateUser(u *config.User) error {
} }
func SetUserPassword(user, hash string) error { func SetUserPassword(user, hash string) error {
cmd := exec.Command("/usr/sbin/chpasswd", "-e") cmd := exec.Command("chpasswd", "-e")
stdin, err := cmd.StdinPipe() stdin, err := cmd.StdinPipe()
if err != nil { if err != nil {