[Ovirt-devel] [PATCH node] Provides a means to toggle SSH password auth from the firstboot menu. rhbz#509842
Mike Burns
mburns at redhat.com
Thu Jul 9 21:22:06 UTC 2009
A couple small comments below, but otherwise
ACK
On Tue, Jul 07, 2009 at 12:13:13PM -0400, Darryl L. Pierce wrote:
> The password option now goes to a submenu. This submenu lets the user
> chose to either set the administrator password or else toggle SSH
> password authentication on or off.
>
> The submenu also reports whether password authentication is current
> enabled.
>
> Signed-off-by: Darryl L. Pierce <dpierce at redhat.com>
> ---
> scripts/ovirt-config-password | 77 +++++++++++++++++++++++++++++++++++------
> 1 files changed, 66 insertions(+), 11 deletions(-)
>
> diff --git a/scripts/ovirt-config-password b/scripts/ovirt-config-password
> index 03b41e1..4c7d001 100755
> --- a/scripts/ovirt-config-password
> +++ b/scripts/ovirt-config-password
> @@ -37,14 +37,69 @@ function prompt_sasl_user {
> done
> }
>
> -printf "\n\n Password Configuration\n\n"
> -
> -# prompt user
> -# Set the password for the root user first
> -printf "\nSystem Administrator (root):\n"
> -unmount_config /etc/shadow
> -passwd root
> -ovirt_store_config /etc/shadow
> -printf "\nAdding users for libvirt remote access"
> -# TODO list existing users in /etc/libvirt/passwd.db
> -while prompt_sasl_user; do :; done
> +set_password () {
> + printf "\n\n Password Configuration\n\n"
> +
> + # prompt user
> + # Set the password for the root user first
> + printf "\nSystem Administrator (root):\n"
> + unmount_config /etc/shadow
> + passwd root
> + ovirt_store_config /etc/shadow
> + printf "\nAdding users for libvirt remote access"
> + # TODO list existing users in /etc/libvirt/passwd.db
> + while prompt_sasl_user; do :; done
> +}
> +
> +toggle_ssh_access ()
> +{
> + local allowed=$1
> + local config=$WORKDIR/augeas-ssh
> +
> + if $allowed; then permit="yes"; else permit="no"; fi
> + printf "set /files/etc/ssh/sshd_config/PasswordAuthentication ${permit}\n" > $config
> + cat $config | augtool
> +
> + service sshd restart
> +}
> +
> +toggle_ssh () {
> + local prompt=$1
> +
> + printf "\nToggle SSH\n\n"
> +
> + while true; do
> + read -ep "${prompt} (y/n)? "
> + case $REPLY in
> + Y|y) toggle_ssh_access true; return;;
> + N|n) toggle_ssh_access false; return;;
> + esac
> + done
> +}
Shouldn't we be using the ask_yes_or_no function here?
> +
> +PASSWORD="Set administrator password"
> +SSH="Enable SSH password authentication"
Should we be consistent and say Toggle SSH password auth since you can both enable or disable?
> +QUIT="Quit and Return To Menu"
> +
> +while true; do
> + state="disabled"
> + prompt="Enable SSH access"
> + grep "^PasswordAuthentication\ *yes" /etc/ssh/sshd_config > /dev/null
> + if [ $? == 0 ]; then
> + state="enabled"
> + prompt="Leave SSH access enabled"
> + fi
> + printf "\nSSH password authentication is currently ${state}.\n\n"
> +
> + PS3="Please select an option: "
> + select option in "$PASSWORD" "$SSH" "$QUIT"
> + do
> + case $option in
> + $PASSWORD) set_password; break;;
> + $SSH) toggle_ssh "$prompt"; break;;
> + $QUIT) exit;;
> + esac
> + done
> +
> + printf "\n"
> +done
> --
> 1.6.2.5
>
> _______________________________________________
> Ovirt-devel mailing list
> Ovirt-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/ovirt-devel
>
More information about the ovirt-devel
mailing list