[virt-tools-list] [virt-bootstrap] [PATCH v5 05/11] Add support for setting root passowrd in qcow2

Cedric Bosdonnat cbosdonnat at suse.com
Mon Jul 24 12:20:09 UTC 2017


On Mon, 2017-07-24 at 09:14 +0100, Radostin Stoyanov wrote:
> For containers bootstrapped in qcow2 format use the tool 'virt-edit'
> to insert the hashed root password in the shadow file of the last layer
> ---
>  src/virtBootstrap/utils.py          | 26 +++++++++++++++++++++++++-
>  src/virtBootstrap/virt_bootstrap.py | 15 +++++++--------
>  2 files changed, 32 insertions(+), 9 deletions(-)
> 
> diff --git a/src/virtBootstrap/utils.py b/src/virtBootstrap/utils.py
> index e1e681c..2c79d6b 100644
> --- a/src/virtBootstrap/utils.py
> +++ b/src/virtBootstrap/utils.py
> @@ -30,6 +30,7 @@ import os
>  import sys
>  import tempfile
>  import logging
> +import re
>  
>  from subprocess import CalledProcessError, PIPE, Popen
>  import passlib.hosts
> @@ -332,7 +333,7 @@ def str2float(element):
>          return None
>  
>  
> -def set_root_password(rootfs, password):
> +def set_root_password_in_rootfs(rootfs, password):
>      """
>      Set password on the root user within root filesystem
>      """
> @@ -364,6 +365,29 @@ def set_root_password(rootfs, password):
>          os.chmod(shadow_file, shadow_file_permissions)
>  
>  
> +def set_root_password_in_image(image, password):
> +    """
> +    Set password on the root user within image
> +    """
> +    password_hash = passlib.hosts.linux_context.hash(password)
> +    execute(['virt-edit',
> +             '-a', image, '/etc/shadow',
> +             '-e', 's,^root:.*?:,root:%s:,' % re.escape(password_hash)])
> +
> +
> +def set_root_password(fmt, dest, root_password):
> +    """
> +    Set root password
> +    """
> +    if fmt == "dir":
> +        set_root_password_in_rootfs(dest, root_password)
> +    elif fmt == "qcow2":
> +        layers = [layer for layer in os.listdir(dest)
> +                  if layer.startswith('layer-')]
> +        set_root_password_in_image(os.path.join(dest, max(layers)),
> +                                   root_password)
> +
> +
>  def write_progress(prog):
>      """
>      Write progress output to console
> diff --git a/src/virtBootstrap/virt_bootstrap.py b/src/virtBootstrap/virt_bootstrap.py
> index 5506445..c9bf1c8 100755
> --- a/src/virtBootstrap/virt_bootstrap.py
> +++ b/src/virtBootstrap/virt_bootstrap.py
> @@ -200,14 +200,13 @@ def bootstrap(uri, dest,
>             no_cache=no_cache,
>             progress=prog).unpack(dest)
>  
> -    if fmt == "dir":
> -        if root_password is not None:
> -            logger.info("Setting password of the root account")
> -            utils.set_root_password(dest, root_password)
> -
> -        if uid_map or gid_map:
> -            logger.info("Mapping UID/GID")
> -            mapping_uid_gid(dest, uid_map, gid_map)
> +    if root_password is not None:
> +        logger.info("Setting password of the root account")
> +        utils.set_root_password(fmt, dest, root_password)
> +
> +    if fmt == "dir" and uid_map or gid_map:
> +        logger.info("Mapping UID/GID")
> +        mapping_uid_gid(dest, uid_map, gid_map)
>  
>  
>  def set_logging_conf(loglevel=None):

ACK, but I start to think we should have classes for the format grouping
those format-specific functions. It may even help with sharing a libguestfs
instance to accelerate the process for qcow2 format.

I think this could be done in a cleanup commit after this series.
--
Cedric




More information about the virt-tools-list mailing list