local-config element adds authorized_key for root:
Currently, the local-config and stackuser elements are intertwined. local-config installs an authorized_key for stackuser, if the stackuser element is in use. This change does two things: - add authorized_key for root from local-config element, regardeless of whether stackuser element is in use. - install key for stack user from stackuser element, only if local-config element is in use. Change-Id: I0d07b61404119ea0650c5c0fb98d6786adcf3ca9
This commit is contained in:
parent
30e803aa56
commit
b880ef9017
2 changed files with 9 additions and 7 deletions
|
@ -5,8 +5,6 @@
|
|||
set -e
|
||||
|
||||
if [ -e "/tmp/in_target.d/ssh-authorized-keys" ]; then
|
||||
if [ -d ~stack ]; then
|
||||
sudo -u stack mkdir ~stack/.ssh
|
||||
sudo -Hiu stack dd of=~stack/.ssh/authorized_keys oflag=append conv=notrunc if=/tmp/in_target.d/ssh-authorized-keys
|
||||
fi
|
||||
mkdir -p /root/.ssh
|
||||
cat /tmp/in_target.d/ssh-authorized-keys >> /root/.ssh/authorized_keys
|
||||
fi
|
||||
|
|
|
@ -12,13 +12,17 @@ stack
|
|||
EOF
|
||||
|
||||
|
||||
sudo_file=/etc/sudoers.d/stack
|
||||
cat > /etc/sudoers.d/stack <<eof
|
||||
# the stack user sometimes requires passwordless
|
||||
# sudo for scripted operations.
|
||||
stack ALL=(ALL) NOPASSWD:ALL
|
||||
eof
|
||||
|
||||
chmod 0440 $sudo_file
|
||||
|
||||
chmod 0440 /etc/sudoers.d/stack
|
||||
visudo -c
|
||||
|
||||
if [ -e "/tmp/in_target.d/ssh-authorized-keys" ]; then
|
||||
mkdir -p /home/stack/.ssh
|
||||
cat /tmp/in_target.d/ssh-authorized-keys >> /home/stack/.ssh/authorized_keys
|
||||
chown -R stack:stack /home/stack/.ssh
|
||||
fi
|
||||
|
|
Loading…
Reference in a new issue