[Ovirt-devel] [PATCH node-image] Add logic for allowing SSH keys to be included during livecd iso creation time

Perry Myers pmyers at redhat.com
Mon Nov 17 13:06:41 UTC 2008 

This is to be used for development purposes only so that we can disable setting
a default root password.  If ovirt_dev is set to 1 (which happens if the
Release in the spec file is 0) then this functionality is turned on by default.

Signed-off-by: Perry Myers <pmyers at redhat.com>
---
 Makefile.am         |   12 +++++++++---
 ovirt-node-image.ks |    9 +++++++++
 2 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/Makefile.am b/Makefile.am
index d594c90..d46ed58 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -20,6 +20,7 @@ OVIRT_LOCAL_REPO ?= file://$(OVIRT_CACHE_DIR)/ovirt
 OVIRT_URL        ?= http://ovirt.org/repos/ovirt
 SUM              ?= sha1sum
 PKG_FMT           = iso
+AUTH_KEYS        ?= ~/.ssh/authorized_keys
 
 FEDORA_MIRROR     = http://mirrors.fedoraproject.org/mirrorlist
 CUR_RAWHIDE       = 10
@@ -50,7 +51,7 @@ DISTCLEANFILES = $(PACKAGE)-$(VERSION).tar.gz \
   $(PACKAGE).$(PKG_FMT) \
   $(NVR).$(PKG_FMT) \
   $(NVR).$(PKG_FMT).$(SUM) \
-  repos.ks
+  repos.ks ovirt-authorized_keys
 
 # For Release: 0..., set _ovirt_dev=1 so that we get extra_release.GIT-
 # annotated rpm version strings.
@@ -83,8 +84,13 @@ repos.ks:
 	    echo "repo --name=ovirt-local --baseurl=$(OVIRT_LOCAL_REPO)" >> $@ \
 	)
 
+keys:
+	if [ "$(_ovirt_dev)" = 1 -a -f $(AUTH_KEYS) ]; then \
+	    cp -va $(AUTH_KEYS) ovirt-authorized_keys ;\
+	fi
+
 SELINUX_ENFORCING=$(shell /usr/sbin/getenforce)
-$(NVR).$(PKG_FMT): repos.ks
+$(NVR).$(PKG_FMT): repos.ks keys
 	mkdir -p $(OVIRT_CACHE_DIR)/$(PACKAGE)-tmp
 	mkdir -p $(OVIRT_CACHE_DIR)/yum
 	( \
@@ -129,4 +135,4 @@ publish: rpms
 	createrepo $(OVIRT_CACHE_DIR)/ovirt
 
 .PHONY: rpms publish $(NVR).$(PKG_FMT).$(SUM) $(NVR).$(PKG_FMT) \
-  $(PACKAGE).$(PKG_FMT)
+  $(PACKAGE).$(PKG_FMT) keys
diff --git a/ovirt-node-image.ks b/ovirt-node-image.ks
index 20ec36c..3a6f399 100644
--- a/ovirt-node-image.ks
+++ b/ovirt-node-image.ks
@@ -19,6 +19,15 @@ touch /.autorelabel
 %include common-blacklist.ks
 
 %post --nochroot
+if [ -f "ovirt-authorized_keys" ]; then
+  echo "Adding authorized_keys to Image"
+  mkdir -p $INSTALL_ROOT/root/.ssh
+  cp -v ovirt-authorized_keys $INSTALL_ROOT/root/.ssh/authorized_keys
+  chown -R root:root $INSTALL_ROOT/root/.ssh
+  chmod 755 $INSTALL_ROOT/root/.ssh
+  chmod 644 $INSTALL_ROOT/root/.ssh/authorized_keys
+fi
+
 echo "Fixing boot menu"
 # remove quiet from Node bootparams, added by livecd-creator
 sed -i -e 's/ quiet//' $LIVE_ROOT/isolinux/isolinux.cfg
-- 
1.6.0.3

More information about the ovirt-devel mailing list