meta-google: authorized-keys-comp: Add package

This adds a startup routine that compiles an authorized_keys file from
multiple locations in the filesystem, allowing for multiple providers
without clashing.

Change-Id: Ib26e04af42f29d42410154fdd809aa3a525fc9d5
Signed-off-by: William A. Kennington III <wak@google.com>

1 files changed, 34 insertions, 0 deletions

diff --git a/meta-google/recipes-google/ssh/authorized-keys-comp.bb b/meta-google/recipes-google/ssh/authorized-keys-comp.bb
new file mode 100644
index 000000000..81ee868a8
--- /dev/null
+++ b/meta-google/recipes-google/ssh/authorized-keys-comp.bb
@@ -0,0 +1,34 @@
+SUMMARY = "Compiles a set of authorized_keys files into a single file"
+PR = "r1"
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10"
+
+inherit systemd
+
+SRC_URI += " \
+  file://authorized-keys-comp.service \
+  file://authorized-keys-comp.sh \
+  "
+
+S = "${WORKDIR}"
+
+RDEPENDS_${PN} += "bash"
+
+SYSTEMD_SERVICE_${PN} += "authorized-keys-comp.service"
+
+FILES_${PN} += "/home"
+
+AUTHORIZED_KEYS_COMP_USERS ?= "root"
+
+do_install_append() {
+  install -d -m0755 ${D}${libexecdir}
+  install -m0755 authorized-keys-comp.sh ${D}${libexecdir}/
+
+  install -d -m0755 ${D}${systemd_system_unitdir}
+  install -m0644 authorized-keys-comp.service ${D}${systemd_system_unitdir}/
+
+  for user in ${AUTHORIZED_KEYS_COMP_USERS}; do
+    install -d -m0755 ${D}/home/$user/.ssh
+    ln -sv /run/authorized_keys/$user ${D}/home/$user/.ssh/authorized_keys
+  done
+}