Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Make sure /root/.ssh exists before copying authorized_keys

Administrators can revert to the old behavior by setting CREATE_SSH_DIR
to false.

Closes #96.
  • Loading branch information...
commit 9d3ac25e261eff05a733c0caed232588c4b2c427 1 parent 32d323d
Pierre Riteau priteau authored
Showing with 34 additions and 0 deletions.
  1. +34 −0 control/libexec/workspace-control/mount-alter.sh
34 control/libexec/workspace-control/mount-alter.sh
View
@@ -82,6 +82,8 @@ function strlen (){
MOUNT="/bin/mount"
UMOUNT="/bin/umount"
CP="/bin/cp"
+MKDIR="/bin/mkdir"
+CHMOD="/bin/chmod"
FLOCKFILE=/opt/nimbus/var/workspace-control/lock/loopback.lock
FLOCK=/usr/bin/flock
@@ -98,6 +100,14 @@ fi
DRYRUN="false" # or "true"
+# If CREATE_SSH_DIR is set to true (default), mount-alter will create the
+# /root/.ssh directory before copying the authorized_keys file. This allows to
+# make propagation succeed with VM images which do not have a /root/.ssh
+# directory (as it is often the case when no SSH key has ever been installed).
+#
+# If set to false, this script will not try to create the /root/.ssh directory.
+CREATE_SSH_DIR="true" # or "false"
+
# Only requests to mount files UNDER this directory are honored.
# You must use absolute path and include trailing slash.
IMAGE_DIR=/opt/nimbus/var/workspace-control/secureimages/
@@ -334,6 +344,30 @@ fi
problem="false"
+if [ "$CREATE_SSH_DIR" == "true" -a "$datatarget" == "/root/.ssh/authorized_keys" ]; then
+ cmd="$MKDIR -p $mountpoint/root/.ssh"
+ echo "command = $cmd"
+ if [ "$DRYRUN" != "true" ]; then
+ ( $cmd )
+ if [ $? -eq 0 ]; then
+ echo " - successful"
+ else
+ problem="true"
+ fi
+ fi
+
+ cmd="$CHMOD 700 $mountpoint/root/.ssh"
+ echo "command = $cmd"
+ if [ "$DRYRUN" != "true" ]; then
+ ( $cmd )
+ if [ $? -eq 0 ]; then
+ echo " - successful"
+ else
+ problem="true"
+ fi
+ fi
+fi
+
if [ "$subcommand" = "ONE" ]; then
cmd="$CP $datafile $mountpoint/$datatarget"
elif [ "$subcommand" = "HDONE" ]; then
Please sign in to comment.
Something went wrong with that request. Please try again.