diff options
| author | Jean-Marie Verdun <jean-marie.verdun@hpe.com> | 2020-10-26 21:17:06 +0300 |
|---|---|---|
| committer | Andrew Geissler <geissonator@yahoo.com> | 2020-11-12 00:39:43 +0300 |
| commit | f2f4f12c26001beff472cf8f5b81d1bb853bc081 (patch) | |
| tree | 181dd591125cf78b60b6f35867b24b17d57e0a62 /meta-phosphor | |
| parent | c16a1e103756afa4ab438dcd5dd7fb6742293898 (diff) | |
| download | openbmc-f2f4f12c26001beff472cf8f5b81d1bb853bc081.tar.xz | |
meta-phosphor: bbclass to deploy test SSH keys
(From meta-phosphor rev: 75c8dc6f5fc565a92da9129291ea09319e8593a6)
Change-Id: I375e188abbf3115e00d3ace1ad201d9fc11214d9
Signed-off-by: Jean-Marie Verdun <jean-marie.verdun@hpe.com>
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Diffstat (limited to 'meta-phosphor')
| -rw-r--r-- | meta-phosphor/classes/obmc-phosphor-image.bbclass | 2 | ||||
| -rw-r--r-- | meta-phosphor/classes/phosphor-deploy-ssh-keys.bbclass | 62 |
2 files changed, 64 insertions, 0 deletions
diff --git a/meta-phosphor/classes/obmc-phosphor-image.bbclass b/meta-phosphor/classes/obmc-phosphor-image.bbclass index d68fa37e3..b2d3b5ef3 100644 --- a/meta-phosphor/classes/obmc-phosphor-image.bbclass +++ b/meta-phosphor/classes/obmc-phosphor-image.bbclass @@ -32,6 +32,8 @@ # - obmc-debug-collector - OpenBMC debug collector inherit core-image +inherit obmc-phosphor-utils +inherit phosphor-deploy-ssh-keys FEATURE_PACKAGES_obmc-bmc-state-mgmt ?= "packagegroup-obmc-apps-bmc-state-mgmt" FEATURE_PACKAGES_obmc-bmcweb ?= "packagegroup-obmc-apps-bmcweb" diff --git a/meta-phosphor/classes/phosphor-deploy-ssh-keys.bbclass b/meta-phosphor/classes/phosphor-deploy-ssh-keys.bbclass new file mode 100644 index 000000000..a85d2ac2d --- /dev/null +++ b/meta-phosphor/classes/phosphor-deploy-ssh-keys.bbclass @@ -0,0 +1,62 @@ +#### +# Copyright 2020 Hewlett Packard Enterprise Development LP. +# +# +# Add a basic class to add a privileged user from an ssh +# standpoint and a public key passed as an input parameter +# from the local.conf file +# Example: +# INHERIT += "phosphor-deploy-ssh-keys" +# SSH_KEYS = "vejmarie:/home/openbmc/openbmc/meta-hpe/keys/test.pub;" +#### + +inherit useradd_base + +IMAGE_PREPROCESS_COMMAND += "deploy_local_user;" + +deploy_local_user () { + if [ "${SSH_KEYS}" != "" ]; then + group_settings="${SSH_KEYS}" + current_setting=`echo $group_settings | cut -d ';' -f1` + remaining=`echo $group_settings | cut -d ';' -f2-` + while test "x$current_setting" != "x"; do + + username=`echo ${SSH_KEYS} | awk -F":" '{ print $1}'` + key_path=`echo ${SSH_KEYS} | awk -F":" '{ print $2}'` + + if [ ! -d ${IMAGE_ROOTFS}/home/${username} ]; then + perform_useradd "${IMAGE_ROOTFS}" "-R ${IMAGE_ROOTFS} -p '' ${username}" + fi + + if [ ! -d ${IMAGE_ROOTFS}/home/${username}.ssh/ ]; then + install -d ${IMAGE_ROOTFS}/home/${username}/.ssh/ + fi + + if [ ! -f ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys ]; then + install -m 0600 ${key_path} ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys + else + cat ${key_path} >> ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys + fi + + uid=`cat ${IMAGE_ROOTFS}/etc/passwd | grep "${username}:" | awk -F ":" '{print $3}'` + guid=`cat ${IMAGE_ROOTFS}/etc/passwd | grep "${username}:" | awk -F ":" '{print $4}'` + + chown -R ${uid}:${guid} ${IMAGE_ROOTFS}/home/${username}/.ssh + chmod 600 ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys + chmod 700 ${IMAGE_ROOTFS}/home/${username}/.ssh + + is_group=`grep "priv-admin" ${IMAGE_ROOTFS}/etc/group || true` + + if [ -z "${is_group}" ]; then + perform_groupadd "${IMAGE_ROOTFS}" "-R ${IMAGE_ROOTFS} priv-admin" + fi + + perform_usermod "${IMAGE_ROOTFS}" "-R ${IMAGE_ROOTFS} -a -G priv-admin ${username}" + + current_setting=`echo $remaining | cut -d ";" -f1` + remaining=`echo $remaining | cut -d ';' -f2-` + done + else + bbwarn "Trying to deploy SSH keys but input variable is empty (SSH_KEYS)" + fi +} |