summaryrefslogtreecommitdiff
path: root/meta-phosphor/classes/phosphor-deploy-ssh-keys.bbclass
diff options
context:
space:
mode:
Diffstat (limited to 'meta-phosphor/classes/phosphor-deploy-ssh-keys.bbclass')
-rw-r--r--meta-phosphor/classes/phosphor-deploy-ssh-keys.bbclass73
1 files changed, 37 insertions, 36 deletions
diff --git a/meta-phosphor/classes/phosphor-deploy-ssh-keys.bbclass b/meta-phosphor/classes/phosphor-deploy-ssh-keys.bbclass
index a85d2ac2d..277a55c08 100644
--- a/meta-phosphor/classes/phosphor-deploy-ssh-keys.bbclass
+++ b/meta-phosphor/classes/phosphor-deploy-ssh-keys.bbclass
@@ -1,13 +1,16 @@
####
# Copyright 2020 Hewlett Packard Enterprise Development LP.
-#
+# Copyright 2021 Intel Corporation
#
# Add a basic class to add a privileged user from an ssh
# standpoint and a public key passed as an input parameter
# from the local.conf file
# Example:
# INHERIT += "phosphor-deploy-ssh-keys"
-# SSH_KEYS = "vejmarie:/home/openbmc/openbmc/meta-hpe/keys/test.pub;"
+#
+# SSH_KEYS = "vejmarie:/home/openbmc/openbmc/meta-hpe/keys/test.pub"
+# or
+# SSH_KEYS = "vejmarie:/home/openbmc/openbmc/meta-hpe/keys/test.pub;root:/path/to/id_rsa.pub"
####
inherit useradd_base
@@ -15,48 +18,46 @@ inherit useradd_base
IMAGE_PREPROCESS_COMMAND += "deploy_local_user;"
deploy_local_user () {
- if [ "${SSH_KEYS}" != "" ]; then
- group_settings="${SSH_KEYS}"
- current_setting=`echo $group_settings | cut -d ';' -f1`
- remaining=`echo $group_settings | cut -d ';' -f2-`
- while test "x$current_setting" != "x"; do
+ if [ "${SSH_KEYS}" == "" ]; then
+ bbwarn "Trying to deploy SSH keys but input variable is empty (SSH_KEYS)"
+ return
+ fi
- username=`echo ${SSH_KEYS} | awk -F":" '{ print $1}'`
- key_path=`echo ${SSH_KEYS} | awk -F":" '{ print $2}'`
+ ssh_keys="${SSH_KEYS}"
+ while [ "${ssh_keys}" != "" ]; do
+ current_key=`echo "$ssh_keys" | cut -d ';' -f1`
+ ssh_keys=`echo "$ssh_keys" | cut -s -d ';' -f2-`
- if [ ! -d ${IMAGE_ROOTFS}/home/${username} ]; then
- perform_useradd "${IMAGE_ROOTFS}" "-R ${IMAGE_ROOTFS} -p '' ${username}"
- fi
+ username=`echo "$current_key" | awk -F":" '{ print $1}'`
+ key_path=`echo "$current_key" | awk -F":" '{ print $2}'`
- if [ ! -d ${IMAGE_ROOTFS}/home/${username}.ssh/ ]; then
- install -d ${IMAGE_ROOTFS}/home/${username}/.ssh/
- fi
+ if [ ! -d ${IMAGE_ROOTFS}/home/${username} ]; then
+ perform_useradd "${IMAGE_ROOTFS}" "-R ${IMAGE_ROOTFS} -p '' ${username}"
+ fi
- if [ ! -f ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys ]; then
- install -m 0600 ${key_path} ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys
- else
- cat ${key_path} >> ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys
- fi
+ if [ ! -d ${IMAGE_ROOTFS}/home/${username}.ssh/ ]; then
+ install -d ${IMAGE_ROOTFS}/home/${username}/.ssh/
+ fi
- uid=`cat ${IMAGE_ROOTFS}/etc/passwd | grep "${username}:" | awk -F ":" '{print $3}'`
- guid=`cat ${IMAGE_ROOTFS}/etc/passwd | grep "${username}:" | awk -F ":" '{print $4}'`
+ if [ ! -f ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys ]; then
+ install -m 0600 ${key_path} ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys
+ else
+ cat ${key_path} >> ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys
+ fi
- chown -R ${uid}:${guid} ${IMAGE_ROOTFS}/home/${username}/.ssh
- chmod 600 ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys
- chmod 700 ${IMAGE_ROOTFS}/home/${username}/.ssh
+ uid=`cat ${IMAGE_ROOTFS}/etc/passwd | grep "${username}:" | awk -F ":" '{print $3}'`
+ guid=`cat ${IMAGE_ROOTFS}/etc/passwd | grep "${username}:" | awk -F ":" '{print $4}'`
- is_group=`grep "priv-admin" ${IMAGE_ROOTFS}/etc/group || true`
+ chown -R ${uid}:${guid} ${IMAGE_ROOTFS}/home/${username}/.ssh
+ chmod 600 ${IMAGE_ROOTFS}/home/${username}/.ssh/authorized_keys
+ chmod 700 ${IMAGE_ROOTFS}/home/${username}/.ssh
- if [ -z "${is_group}" ]; then
- perform_groupadd "${IMAGE_ROOTFS}" "-R ${IMAGE_ROOTFS} priv-admin"
- fi
+ is_group=`grep "priv-admin" ${IMAGE_ROOTFS}/etc/group || true`
- perform_usermod "${IMAGE_ROOTFS}" "-R ${IMAGE_ROOTFS} -a -G priv-admin ${username}"
+ if [ -z "${is_group}" ]; then
+ perform_groupadd "${IMAGE_ROOTFS}" "-R ${IMAGE_ROOTFS} priv-admin"
+ fi
- current_setting=`echo $remaining | cut -d ";" -f1`
- remaining=`echo $remaining | cut -d ';' -f2-`
- done
- else
- bbwarn "Trying to deploy SSH keys but input variable is empty (SSH_KEYS)"
- fi
+ perform_usermod "${IMAGE_ROOTFS}" "-R ${IMAGE_ROOTFS} -a -G priv-admin ${username}"
+ done
}
generated by cgit v1.2.3 (git 2.39.0) at 2024-05-18 05:24:36 +0300