From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 921F515808B for ; Sun, 27 Mar 2022 23:37:22 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 73DE2E0963; Sun, 27 Mar 2022 23:37:21 +0000 (UTC) Received: from mail-pl1-f179.google.com (mail-pl1-f179.google.com [209.85.214.179]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id A5EB9E0963 for ; Sun, 27 Mar 2022 23:37:20 +0000 (UTC) Received: by mail-pl1-f179.google.com with SMTP id m18so8473220plx.3 for ; Sun, 27 Mar 2022 16:37:20 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=wLiLPQY8AJigD31u43f4s7Co/ZP/SkpvG4g07VEB7B0=; b=1O7E8UpWZiPttj/BCLP7SxXXLzfzr8WXnbX3STdkPoL6CHU+OFG3w/QWurNPNeYd2c SNQTK7odkOZK9PU/ERD/OmvUeZd6KCjOsF9HI5ddrz/31bfbY9IMyT1ZuAqPbw8eGes4 R7hGAScPUVzsoMKAgaCZyRFUJGAM14zYJsbo+UE0g/rCMLEvJtZYnBgdq2Qww7zP6WpO qBQ4HR27HzXRjUQQXeefa9oQeDCzZMYlmNhPr4E3L53SON1zPwox4vSuDQduzRSwkZUi nqs3FBQUrRzqR0zH2frDbdSxJFPJmKy7UErdSDG7sJeqnN2yzdbUapIGho3Xr/gz8KTr xfkw== X-Gm-Message-State: AOAM533wzo9nshYZEDeqHjbL/X5jblbqV2/kTsY/xOmD0f5Gl+oEyL6g DqtC9EBn/WWffAUHnVXIqcFYqmBpMZc= X-Google-Smtp-Source: ABdhPJyt43QDHXqy+W5BABNm+Xp2qSPIfD3TuptvPX9hMb6UxftPp/TuHkhh+Im7yKvyvZ2pqkJjMg== X-Received: by 2002:a17:90b:4a83:b0:1c6:f037:bc73 with SMTP id lp3-20020a17090b4a8300b001c6f037bc73mr37958714pjb.44.1648424238965; Sun, 27 Mar 2022 16:37:18 -0700 (PDT) Received: from localhost ([199.247.115.17]) by smtp.gmail.com with ESMTPSA id i187-20020a62c1c4000000b004faafada2ffsm13986317pfg.204.2022.03.27.16.37.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 27 Mar 2022 16:37:18 -0700 (PDT) From: Matt Turner To: gentoo-catalyst@lists.gentoo.org Cc: Patrice Clement Subject: [gentoo-catalyst] [PATCH 1/3] catalyst: support 3 new options Date: Sun, 27 Mar 2022 16:37:10 -0700 Message-Id: <20220327233712.1282001-1-mattst88@gentoo.org> X-Mailer: git-send-email 2.34.1 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-catalyst@lists.gentoo.org Reply-to: gentoo-catalyst@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Archives-Salt: c6fab9e0-139d-4a93-9fb4-5f37a0372362 X-Archives-Hash: c996c8668bdf9909c9ad3602dfc33626 From: Patrice Clement * stage4/groups: create a a list of groups. * stage4/users: create a list of users. users can also be added to groups using the "foo.bar=wheel,audio,baz" format. * stage4/ssh_public_keys: copy an SSH public key into the stage4 user's home (.ssh/authorized_keys) and set the file permission to 0644. Bug: https://bugs.gentoo.org/236905 Signed-off-by: Patrice Clement --- catalyst/base/stagebase.py | 70 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) diff --git a/catalyst/base/stagebase.py b/catalyst/base/stagebase.py index de1e30ef..76feb5f0 100644 --- a/catalyst/base/stagebase.py +++ b/catalyst/base/stagebase.py @@ -201,6 +201,9 @@ class StageBase(TargetBase, ClearBase, GenBase): self.set_packages() self.set_rm() self.set_linuxrc() + self.set_groups() + self.set_users() + self.set_ssh_public_keys() self.set_busybox_config() self.set_overlay() self.set_repos() @@ -583,6 +586,39 @@ class StageBase(TargetBase, ClearBase, GenBase): self.settings[self.settings["spec_prefix"] + "/linuxrc"] del self.settings[self.settings["spec_prefix"] + "/linuxrc"] + def set_groups(self): + groups = self.settings["spec_prefix"] + "/groups" + if groups in self.settings: + if isinstance(self.settings[groups], str): + self.settings["groups"] = self.settings[groups].split(",") + self.settings["groups"] = self.settings[groups] + del self.settings[groups] + else: + self.settings["groups"] = [] + log.info('groups to create: %s' % self.settings["groups"]) + + def set_users(self): + users = self.settings["spec_prefix"] + "/users" + if users in self.settings: + if isinstance(self.settings[users], str): + self.settings["users"] = self.settings[users].split(",") + self.settings["users"] = self.settings[users] + del self.settings[users] + else: + self.settings["users"] = [] + log.info('users to create: %s' % self.settings["users"]) + + def set_ssh_public_keys(self): + ssh_public_keys = self.settings["spec_prefix"] + "/ssh_public_keys" + if ssh_public_keys in self.settings: + if isinstance(self.settings[ssh_public_keys], str): + self.settings["ssh_public_keys"] = self.settings[ssh_public_keys].split(",") + self.settings["ssh_public_keys"] = self.settings[ssh_public_keys] + del self.settings[ssh_public_keys] + else: + self.settings["ssh_public_keys"] = [] + log.info('ssh public keys to copy: %s' % self.settings["ssh_public_keys"]) + def set_busybox_config(self): if self.settings["spec_prefix"] + "/busybox_config" in self.settings: if isinstance(self.settings[self.settings['spec_prefix'] + '/busybox_config'], str): @@ -894,6 +930,40 @@ class StageBase(TargetBase, ClearBase, GenBase): cmd(['rsync', '-a', x + '/', self.settings['stage_path']], env=self.env) + def groups(self): + for x in self.settings["groups"].split(): + log.notice("Creating group: '%s'", x) + cmd(["groupadd", "-R", self.settings['chroot_path'], x], env=self.env) + + def users(self): + for x in self.settings["users"]: + usr, grp = '', '' + try: + usr, grp = x.split("=") + except ValueError: + usr = x + log.debug("users: '=' separator not found on line " + x) + log.debug("users: missing separator means no groups found") + uacmd = ["useradd", "-R", self.settings['chroot_path'], "-m", x] + if grp != '': + uacmd = ["useradd", "-R", self.settings['chroot_path'], "-m", "-G", grp, usr] + log.notice("Creating user: '%s'", f"{usr}={grp}") + cmd(uacmd, env=self.env) + + def ssh_public_keys(self): + for x in self.settings["ssh_public_keys"]: + usr, pub_key_src = '', '' + try: + usr, pub_key_src = x.split("=") + except ValueError: + raise CatalystError(f"ssh_public_keys: '=' separator not found on line {x}") + log.notice("Copying SSH public key for user: '%s'", usr) + pub_key_dest = self.settings['chroot_path'] + f"/home/{usr}/.ssh/authorized_keys" + cpcmd = ["cp", "-av", pub_key_src, pub_key_dest] + cmd(cpcmd, env=self.env) + chcmd = ["chmod", "0644", pub_key_dest] + cmd(chcmd, env=self.env) + def bind(self): for x in [x for x in self.mount if self.mount[x]['enable']]: if str(self.mount[x]['source']) == 'config': -- 2.34.1