diff options
author | Jason M. Bills <jason.m.bills@linux.intel.com> | 2020-12-08 00:38:17 +0300 |
---|---|---|
committer | Jason M. Bills <jason.m.bills@linux.intel.com> | 2020-12-08 00:38:17 +0300 |
commit | 8d6ae7f2a817751fad151168fa10ce28ee0869d8 (patch) | |
tree | 281032f7ec07c41589aa094bd165cc2a98f2d3a7 /meta-phosphor/classes/phosphor-deploy-ssh-keys.bbclass | |
parent | c16fb8893b19075db4bcf3b5bf33c1db8c3ca2bd (diff) | |
parent | 5da3c2284560a7e08ffafd03c5b5ba44a3242228 (diff) | |
download | openbmc-8d6ae7f2a817751fad151168fa10ce28ee0869d8.tar.xz |
Merge tag '0.26' of ssh://git-amr-1.devtools.intel.com:29418/openbmc-openbmc into update
Diffstat (limited to 'meta-phosphor/classes/phosphor-deploy-ssh-keys.bbclass')
-rw-r--r-- | meta-phosphor/classes/phosphor-deploy-ssh-keys.bbclass | 62 |
1 files changed, 62 insertions, 0 deletions
diff --git a/meta-phosphor/classes/phosphor-deploy-ssh-keys.bbclass b/meta-phosphor/classes/phosphor-deploy-ssh-keys.bbclass new file mode 100644 index 000000000..a85d2ac2d --- /dev/null +++ b/meta-phosphor/classes/phosphor-deploy-ssh-keys.bbclass @@ -0,0 +1,62 @@ +#### +# Copyright 2020 Hewlett Packard Enterprise Development LP. +# +# +# Add a basic class to add a privileged user from an ssh +# standpoint and a public key passed as an input parameter +# from the local.conf file +# Example: +# INHERIT += "phosphor-deploy-ssh-keys" +# SSH_KEYS = "vejmarie:/home/openbmc/openbmc/meta-hpe/keys/test.pub;" +#### + +inherit useradd_base + +IMAGE_PREPROCESS_COMMAND += "deploy_local_user;" + +deploy_local_user () { + if [ "${SSH_KEYS}" != "" ]; then + group_settings="${SSH_KEYS}" + current_setting=`echo $group_settings | cut -d ';' -f1` + remaining=`echo $group_settings | cut -d ';' -f2-` + while test "x$current_setting" != "x"; do + + username=`echo ${SSH_KEYS} | awk -F":" '{ print $1}'` + key_path=`echo ${SSH_KEYS} | awk -F":" '{ print $2}'` + + if [ ! -d ${IMAGE_ROOTFS}/home/${username} ]; then + perform_useradd "${IMAGE_ROOTFS}" "-R ${IMAGE_ROOTFS} -p '' ${username}" + fi + + if [ ! -d ${IMAGE_ROOTFS}/home/${username}.ssh/ ]; then + install -d ${IMAGE_ROOTFS}/home/${username}/.ssh/ + fi + + if [ ! -f ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys ]; then + install -m 0600 ${key_path} ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys + else + cat ${key_path} >> ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys + fi + + uid=`cat ${IMAGE_ROOTFS}/etc/passwd | grep "${username}:" | awk -F ":" '{print $3}'` + guid=`cat ${IMAGE_ROOTFS}/etc/passwd | grep "${username}:" | awk -F ":" '{print $4}'` + + chown -R ${uid}:${guid} ${IMAGE_ROOTFS}/home/${username}/.ssh + chmod 600 ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys + chmod 700 ${IMAGE_ROOTFS}/home/${username}/.ssh + + is_group=`grep "priv-admin" ${IMAGE_ROOTFS}/etc/group || true` + + if [ -z "${is_group}" ]; then + perform_groupadd "${IMAGE_ROOTFS}" "-R ${IMAGE_ROOTFS} priv-admin" + fi + + perform_usermod "${IMAGE_ROOTFS}" "-R ${IMAGE_ROOTFS} -a -G priv-admin ${username}" + + current_setting=`echo $remaining | cut -d ";" -f1` + remaining=`echo $remaining | cut -d ';' -f2-` + done + else + bbwarn "Trying to deploy SSH keys but input variable is empty (SSH_KEYS)" + fi +} |