nuageinint: implement ssh_pwauth
ssh_pwauth sets the value in sshd_config for the password authentication This implementation tries to avoid touching the file if cloudinit request for what is already the default value. MFC After: 3 days Sponsored by: OVHCloud Reviewed by: kevans, jlduran Differential Revision: https://reviews.freebsd.org/D49875
This commit is contained in:
@@ -228,6 +228,39 @@ local function addsshkey(homedir, key)
|
||||
end
|
||||
end
|
||||
|
||||
local function update_sshd_config(key, value)
|
||||
local sshd_config = "/etc/ssh/sshd_config"
|
||||
local root = os.getenv("NUAGE_FAKE_ROOTDIR")
|
||||
if root then
|
||||
sshd_config = root .. sshd_config
|
||||
end
|
||||
local f = assert(io.open(sshd_config, "r+"))
|
||||
local tgt = assert(io.open(sshd_config .. ".nuageinit", "w"))
|
||||
local found = false
|
||||
local pattern = "^%s*"..key:lower().."%s+(%w+)%s*#?.*$"
|
||||
while true do
|
||||
local line = f:read()
|
||||
if line == nil then break end
|
||||
local _, _, val = line:lower():find(pattern)
|
||||
if val then
|
||||
found = true
|
||||
if val == value then
|
||||
assert(tgt:write(line .. "\n"))
|
||||
else
|
||||
assert(tgt:write(key .. " " .. value .. "\n"))
|
||||
end
|
||||
else
|
||||
assert(tgt:write(line .. "\n"))
|
||||
end
|
||||
end
|
||||
if not found then
|
||||
assert(tgt:write(key .. " " .. value .. "\n"))
|
||||
end
|
||||
assert(f:close())
|
||||
assert(tgt:close())
|
||||
os.rename(sshd_config .. ".nuageinit", sshd_config)
|
||||
end
|
||||
|
||||
local n = {
|
||||
warn = warnmsg,
|
||||
err = errmsg,
|
||||
@@ -236,7 +269,8 @@ local n = {
|
||||
sethostname = sethostname,
|
||||
adduser = adduser,
|
||||
addgroup = addgroup,
|
||||
addsshkey = addsshkey
|
||||
addsshkey = addsshkey,
|
||||
update_sshd_config = update_sshd_config
|
||||
}
|
||||
|
||||
return n
|
||||
|
||||
Reference in New Issue
Block a user