[Ovirt-devel] [PATCH node] Adds a new kernel cmdline argument to toggle SSH password auth.
Joey Boggs
jboggs at redhat.com
Wed Jul 22 16:55:53 UTC 2009
Darryl L. Pierce wrote:
> The new karg is "ssh" and can be set using either 0/1 or true/false to
> set whether SSH password auth will be enabled or not during an automated
> install.
>
> rhbz#513037
>
> Signed-off-by: Darryl L. Pierce <dpierce at redhat.com>
> ---
> scripts/ovirt-config-password | 44 +++++++++++++++++++++++-----------------
> scripts/ovirt-early | 10 ++++++++-
> scripts/ovirt-firstboot | 1 +
> 3 files changed, 35 insertions(+), 20 deletions(-)
>
> diff --git a/scripts/ovirt-config-password b/scripts/ovirt-config-password
> index b6b9f07..ab0325a 100755
> --- a/scripts/ovirt-config-password
> +++ b/scripts/ovirt-config-password
> @@ -76,23 +76,29 @@ PASSWORD="Set administrator password"
> SSH="Toggle SSH password authentication"
> QUIT="Quit and Return To Menu"
>
> -while true; do
> - state="disabled"
> - /usr/bin/augtool get /files/etc/ssh/sshd_config/PasswordAuthentication|grep -q yes$
> - if [ $? == 0 ]; then
> - state="enabled"
> - fi
> - printf "\nSSH password authentication is currently ${state}.\n\n"
> -
> - PS3="Please select an option: "
> - select option in "$PASSWORD" "$SSH" "$QUIT"
> - do
> - case $option in
> - $PASSWORD) set_password; break;;
> - $SSH) toggle_ssh; break;;
> - $QUIT) exit;;
> - esac
> +if [[ "$1" == "AUTO" ]]; then
> + if [ -n "${OVIRT_SSH_PWAUTH}" ]; then
> + toggle_ssh_access $OVIRT_SSH_PWAUTH
> + fi
> +else
> + while true; do
> + state="disabled"
> + /usr/bin/augtool get /files/etc/ssh/sshd_config/PasswordAuthentication|grep -q yes$
> + if [ $? == 0 ]; then
> + state="enabled"
> + fi
> + printf "\nSSH password authentication is currently ${state}.\n\n"
> +
> + PS3="Please select an option: "
> + select option in "$PASSWORD" "$SSH" "$QUIT"
> + do
> + case $option in
> + $PASSWORD) set_password; break;;
> + $SSH) toggle_ssh; break;;
> + $QUIT) exit;;
> + esac
> + done
> +
> + printf "\n"
> done
> -
> - printf "\n"
> -done
> +fi
> diff --git a/scripts/ovirt-early b/scripts/ovirt-early
> index 560fa14..8cf2cd0 100755
> --- a/scripts/ovirt-early
> +++ b/scripts/ovirt-early
> @@ -209,6 +209,7 @@ start() {
> # dns=server[,server]
> # ntp=server[,server]
> # vlan=id
> + # ssh_pwauth=[0|1]
> # static network configuration
> ip_address=
> ip_gateway=
> @@ -219,6 +220,7 @@ start() {
> ipv6=
> dns=
> ntp=
> + ssh_pwauth=
>
> # hostname=fqdn
> # hostname
> @@ -349,6 +351,12 @@ start() {
> vlan=*)
> vlan=${i#vlan=}
> ;;
> + ssh_pwauth=1 | ssh_pwauth=true)
> + ssh_pwauth=true
> + ;;
> + ssh_pwauth=0 | ssh_pwauth=false)
> + ssh_pwauth=false
> + ;;
> syslog=*)
> i=${i#syslog=}
> eval $(printf $i|awk -F: '{print "syslog_server="$1; print "syslog_port="$2;}')
> @@ -370,7 +378,7 @@ start() {
> ip_gateway=$gateway
> fi
> # save boot parameters as defaults for ovirt-config-*
> - params="bootif init vol_boot_size vol_swap_size vol_root_size vol_config_size vol_logging_size vol_data_size local_boot standalone overcommit ip_address ip_netmask ip_gateway ipv6 dns ntp vlan syslog_server syslog_port collectd_server collectd_port bootparams hostname firstboot"
> + params="bootif init vol_boot_size vol_swap_size vol_root_size vol_config_size vol_logging_size vol_data_size local_boot standalone overcommit ip_address ip_netmask ip_gateway ipv6 dns ntp vlan ssh_pwauth syslog_server syslog_port collectd_server collectd_port bootparams hostname firstboot"
> # mount /config unless firstboot is forced
> if [ "$firstboot" != "1" ]; then
> mount_config
> diff --git a/scripts/ovirt-firstboot b/scripts/ovirt-firstboot
> index 844f689..4969261 100755
> --- a/scripts/ovirt-firstboot
> +++ b/scripts/ovirt-firstboot
> @@ -46,6 +46,7 @@ start ()
> ovirt-config-networking AUTO
> ovirt-config-logging AUTO
> ovirt-config-collectd AUTO
> + ovirt-config-password AUTO
> if [ "$OVIRT_LOCAL_BOOT" = 1 ]; then
> mount_live
> ovirt-config-boot /live "$OVIRT_BOOTPARAMS" no
>
ack
More information about the ovirt-devel
mailing list